summaryrefslogtreecommitdiffstats
path: root/admin/survey/classes/class.Dostop.php
diff options
context:
space:
mode:
Diffstat (limited to 'admin/survey/classes/class.Dostop.php')
-rw-r--r--admin/survey/classes/class.Dostop.php1783
1 files changed, 1783 insertions, 0 deletions
diff --git a/admin/survey/classes/class.Dostop.php b/admin/survey/classes/class.Dostop.php
new file mode 100644
index 0000000..883e7ce
--- /dev/null
+++ b/admin/survey/classes/class.Dostop.php
@@ -0,0 +1,1783 @@
+<?php
+
+/**
+ *
+ * Class, ki naj bi imel stvari glede dostopa uporabnikov do anket
+ * Ampak dejansko je se ogromno stvari, ki grejo mimo classa in direktno na bazo
+ *
+ */
+
+class Dostop {
+
+ var $anketa; // trenutna anketa
+
+ function __construct($anketa = NULL)
+ {
+
+ // polovimo anketa ID
+ if (isset ($_GET['anketa'])) {
+ $this->anketa = $_GET['anketa'];
+ } elseif (isset ($_POST['anketa'])) {
+ $this->anketa = $_POST['anketa'];
+ } elseif ($anketa != 0) {
+ $this->anketa = $anketa;
+ }
+ }
+
+ /**
+ * preveri dostop do ankete
+ *
+ * @param mixed $anketa
+ */
+ function checkDostop($anketa = 0)
+ {
+ global $admin_type;
+ global $global_user_id;
+
+ if ($anketa == 0) {
+ $anketa = $this->anketa;
+ }
+ $uid = $global_user_id;
+
+ SurveyInfo::getInstance()->SurveyInit($anketa);
+ $rowa = SurveyInfo::getInstance()->getSurveyRow();
+
+ // meta admin vidi kao spet vse
+ if (self::isMetaAdmin()) {
+ return TRUE;
+ }
+
+ // za demonstracijsko je posebno preverjanje
+ if ($rowa['invisible'] == 1) {
+ return TRUE;
+ }
+
+ // posebej dostop za vsazga userja posebej
+ $sql = sisplet_query("SELECT ank_id, uid FROM srv_dostop WHERE ank_id = '$anketa' AND uid='$uid'");
+ if (mysqli_num_rows($sql) > 0) {
+ return TRUE;
+ }
+
+ // dodatno imamo se ce je manager ali admin, potem vidi ankete podrejenih userjev
+ if ($admin_type == 1 || $admin_type == 0) {
+ $sql = sisplet_query("SELECT COUNT(*) FROM srv_dostop WHERE ank_id='$anketa' AND uid IN (SELECT user FROM srv_dostop_manage WHERE manager='$uid')");
+ $row = mysqli_fetch_array($sql);
+ if ($row[0] > 0) {
+ return TRUE;
+ }
+ }
+
+ // ce imajo administratorji poseben dostop do ankete za help
+ if ($admin_type == 0 && strtotime($rowa['dostop_admin']) >= strtotime(date("Y-m-d"))) {
+ return TRUE;
+ }
+
+ return FALSE;
+ }
+
+ /**
+ * Kao meta admin, ki vidi vse
+ */
+ static function isMetaAdmin()
+ {
+ global $global_user_id;
+ global $admin_type;
+ global $mysql_database_name;
+
+ // Samo na www in virtualkah
+ if(($mysql_database_name == 'www1kasi' || $mysql_database_name == 'real1kasi') && $admin_type == '0'){
+ // vvasja@gmail.com - id: 100, peter.h1203@gmail.com - id: 12611, 1ka.techsupport - id: 49089 (virtualke), 72253
+ if (in_array($global_user_id, [100, 12611, 49089, 72253])) {
+ return TRUE;
+ }
+ }
+
+ // Gorenje ima svoje metaadmine
+ if ($admin_type == '0' && Common::checkModule('gorenje')){
+ global $meta_admin_emails;
+
+ $sql = sisplet_query("SELECT email FROM users WHERE id = '$global_user_id'");
+ $row = mysqli_fetch_array($sql);
+
+ if(in_array($row['email'], $meta_admin_emails)){
+ return TRUE;
+ }
+ }
+
+ return FALSE;
+ }
+
+ /**
+ * preveri, ce ima uporabnik aktiven dostop do ankete
+ * zdaj ko nimamo vec aktivnih in pasivnih uporabnikov, gledamo ali ima edit
+ * dostop do ankete
+ *
+ * ta funkcija je v bistvu deprecated, naj se raje uporablja
+ * checkDostopSub('edit'...); ostaja za zdruzljivost za nazaj
+ *
+ * @param mixed $anketa
+ */
+ function checkDostopAktiven($anketa = 0)
+ {
+ global $admin_type;
+ global $global_user_id;
+
+ return $this->checkDostopSub('edit', $anketa);
+ }
+
+ /**
+ * preveri tocen dostop do podstoritev
+ *
+ * @param mixed $anketa
+ */
+ function checkDostopSub($type, $anketa = 0)
+ {
+ global $admin_type;
+ global $global_user_id;
+
+ if ($anketa == 0) {
+ $anketa = $this->anketa;
+ }
+ $uid = $global_user_id;
+
+ SurveyInfo::getInstance()->SurveyInit($anketa);
+ $rowa = SurveyInfo::getInstance()->getSurveyRow();
+
+ // meta admin vidi kao spet vse
+ if (self::isMetaAdmin()) {
+ return TRUE;
+ }
+
+ // za demonstracijsko je posebno preverjanje
+ if ($rowa['invisible'] == 1) {
+ return TRUE;
+ }
+
+ $sql = sisplet_query("SELECT dostop FROM srv_dostop WHERE ank_id = '$anketa' AND uid='$uid'");
+ if (mysqli_num_rows($sql) > 0) {
+ $row = mysqli_fetch_array($sql);
+
+ $dostop = explode(',', $row['dostop']);
+ if (in_array($type, $dostop)) {
+ return TRUE;
+ }
+
+ // managerji in admini majo vedno lepe linke in maile
+ if ($admin_type <= 1 && in_array($type, ['link', 'mail'])) {
+ return TRUE;
+ }
+ }
+
+ // administratorji in managerji imajo do max kar imajo njegovi podrejeni userji
+ if ($admin_type <= 1) {
+ $sql = sisplet_query("SELECT dostop FROM srv_dostop WHERE ank_id='$anketa' AND uid IN (SELECT user FROM srv_dostop_manage WHERE manager='$uid')");
+ while ($row = mysqli_fetch_array($sql)) {
+ $dostop = explode(',', $row['dostop']);
+
+ if (in_array($type, $dostop)) {
+ return TRUE;
+ }
+
+ // managerji in admini majo vedno lepe linke in maile
+ if ($admin_type <= 1 && in_array($type, ['link', 'mail'])) {
+ return TRUE;
+ }
+ }
+ }
+
+ // ce imajo administratorji poseben dostop do ankete za help
+ if ($admin_type == 0 && strtotime($rowa['dostop_admin']) >= strtotime(date("Y-m-d"))) {
+ return TRUE;
+ }
+
+ return FALSE;
+ }
+
+ function ajax(){
+
+ if ($_GET['a'] == 'manager_add_user') {
+ $this->ajax_manager_add_user();
+ }
+ elseif($_GET['a'] == 'add_new_user'){
+ $this->ajax_add_new_user();
+ }
+ elseif ($_GET['a'] == 'anketa_user_dostop') {
+ $this->ajax_anketa_user_dostop();
+ }
+ elseif ($_GET['a'] == 'anketa_user_dostop_save') {
+ $this->ajax_anketa_user_dostop_save();
+ }
+ elseif ($_GET['a'] == 'edit_user') {
+ $this->ajax_edit_user();
+ }
+ elseif ($_GET['a'] == 'edit_user_save') {
+ $this->ajax_edit_user_save();
+ }
+ elseif ($_GET['a'] == 'admin_add_user') {
+ $this->ajax_admin_add_user();
+ }
+ elseif ($_GET['a'] == 'admin_add_user_popup') {
+ $this->ajax_admin_add_user_popup();
+ }
+ elseif($_GET['a'] == 'find_user'){
+ $this->ajax_find_user();
+ }
+ elseif ($_GET['a'] == 'edit_remove_user') {
+ $this->ajax_edit_remove_user();
+ }
+ elseif ($_GET['a'] == 'edit_remove_user_manager') {
+ $this->ajax_edit_remove_user_manager();
+ }
+ elseif ($_GET['a'] == 'edit_remove_user_admin') {
+ $this->ajax_edit_remove_user_admin();
+ }
+ elseif ($_GET['a'] == 'all_users_list') {
+
+ if ($_GET['m'] == 'delete') {
+ $this->ajax_all_users_list_delete();
+ }
+
+ if ($_GET['m'] == 'ban') {
+ $this->ajax_all_users_list_ban();
+ }
+ else {
+ $this->ajax_all_users_list();
+ }
+ }
+ elseif($_GET['a'] == 'my_users_list'){
+ $this->ajax_all_users_list_my();
+ }
+ elseif ($_GET['a'] == 'delete_users_list') {
+ $this->ajax_delete_users_list();
+ }
+ elseif ($_GET['a'] == 'unsigned_users_list') {
+ $this->ajax_unsigned_users_list();
+ }
+ elseif ($_GET['a'] == 'unconfirmed_mail_user_list') {
+
+ if ($_GET['m'] == 'delete') {
+ $this->ajax_unconfirmed_mail_user_list_delet_user();
+ }
+ elseif ($_GET['m'] == 'accept') {
+ $this->ajax_confirm_user_email();
+ }
+ else {
+ $this->ajax_unconfirmed_mail_user_list();
+ }
+ }
+ elseif ($_GET['a'] == 'dodeljeni_uporabniki_display') {
+ $this->ajax_dodeljeni_uporabniki_display();
+ }
+ }
+
+ /**
+ * Dodamo novega uporabnika v 1KA sistem
+ */
+ public function ajax_add_new_user()
+ {
+ global $pass_salt, $site_url, $site_domain, $virtual_domain, $lang, $app_settings;
+
+ $email = $_POST['email'];
+ $name = $_POST['name'];
+ $surnname = $_POST['surname'];
+ $password = $_POST['password'];
+ $password2 = $_POST['password2'];
+ $jezik = $_POST['jezik'];
+
+ include root_dir('lang/'.$jezik.'.php');
+
+
+ if ($email != '') {
+
+ $sqlu = sisplet_query("SELECT id FROM users WHERE email='$email'");
+ if (mysqli_num_rows($sqlu) == 0) {
+
+ if ($password == '' || $password == $password2) {
+
+ $s = sisplet_query("INSERT INTO users (name, surname, email, pass, type, when_reg, came_from, lang) VALUES ('$name', '$surnname', '$email', '" . base64_encode((hash(SHA256, $password . $pass_salt))) . "', '3', DATE_FORMAT(NOW(), '%Y-%m-%d'), '1', $jezik)");
+ $id = mysqli_insert_id($GLOBALS['connect_db']);
+
+ } else {
+ $error = 'pass';
+ }
+
+ } else {
+ // ne more si dodati že obstoječega uporabnika, ker potem bi si lahko kar kogarkoli dodal in bi videl njegove ankete
+ $id = 0;
+ $error = 'email';
+ }
+
+ if ($id > 0) {
+
+ $UserContent = $lang['add_new_user_content'];
+
+ // Podpis
+ $signature = Common::getEmailSignature();
+ $UserContent .= $signature;
+
+ $UserContent .= $lang['register_add_user_content_edit'];
+
+ $PageName = $app_settings['app_name'];
+
+ $change = '<a href="'.$site_url.'admin/survey/index.php?a=nastavitve&m=global_user_myProfile">';
+ $out = '<a href="'.$this->page_urls['page_unregister'].'?email='.$email.'">';
+
+ // Ce gre slucajno za virtualko
+ $Subject = ($virtual_domain) ? $lang['register_user_subject_virtual'] : $lang['register_user_subject'];
+
+ $UserContent = str_replace("SFNAME", $name, $UserContent);
+ $UserContent = str_replace("SFMAIL", $email, $UserContent);
+ $UserContent = str_replace("SFWITH", $email, $UserContent);
+ $UserContent = str_replace("SFPAGENAME", $PageName, $UserContent);
+ $UserContent = str_replace("SFCHANGE", $change, $UserContent);
+ $UserContent = str_replace("SFOUT", $out, $UserContent);
+ $UserContent = str_replace("SFEND", '</a>', $UserContent);
+
+ $Subject = str_replace("SFPAGENAME", $PageName, $Subject);
+
+ // Ce gre slucajno za virtualko
+ if($virtual_domain)
+ $Subject = str_replace("SFVIRTUALNAME", $site_domain, $Subject);
+
+ if ($password2 == "") {
+ $UserContent = str_replace("SFPASS", "( ".$lang['without']." ) ", $UserContent);
+ }
+ else {
+ $UserContent = str_replace("SFPASS", $password2 ." (".$lang['register_add_user_password'].")", $UserContent);
+ }
+
+ if ($name == "") {
+ $UserContent = str_replace("SFNAME", $lang['mr_or_mrs'], $UserContent);
+ }
+ else {
+ $UserContent = str_replace("SFNAME", $name, $UserContent);
+ }
+
+ $ZaMail = '<!DOCTYPE HTML PUBLIC"-//W3C//DTD HTML 4.0 Transitional//EN">'.'<html><head><title>'.$Subject.'</title><meta content="text/html; charset=utf-8" http-equiv=Content-type></head><body>';
+
+ $ZaMail .= $UserContent;
+
+
+ if(isDebug()){
+ echo $ZaMail;
+ die();
+ }
+
+ // Posljemo mail vsakemu uporabniku posebej
+ try {
+ $MA = new MailAdapter(null, 'account');
+ $MA->addRecipients($email);
+ $resultX = $MA->sendMail(stripslashes($ZaMail), $Subject);
+ }
+ catch (Exception $e) {
+ }
+
+ if ($resultX) {
+ $status = 1; // poslalo ok
+ }
+ else {
+ $status = 2; // ni poslalo
+ }
+ }
+
+ } else {
+ $error = 'email';
+ }
+
+ header("Location: index.php?a=diagnostics&t=uporabniki&m=all&add=new&error=" . ($error !== FALSE ? $error : ''));
+ }
+
+ /**
+ * Manager: dodajanje svojih novih uporabnikov
+ *
+ */
+ function ajax_manager_add_user()
+ {
+ global $pass_salt;
+ global $lang;
+ global $global_user_id, $site_path, $site_domain;
+ global $admin_type;
+
+ $error = FALSE;
+
+ $sqlu = sisplet_query("SELECT email, type FROM users WHERE id = '" . $global_user_id . "'");
+ list($MailReply) = mysqli_fetch_row($sqlu);
+
+ $aktiven = $_POST['aktiven'];
+
+ $email = $_POST['email'];
+ $name = $_POST['name'];
+ $surnname = $_POST['surname'];
+ $password = $_POST['password'];
+ $password2 = $_POST['password2'];
+
+ if ($email != '') {
+
+ $sqlu = sisplet_query("SELECT id FROM users WHERE email='$email'");
+ if (mysqli_num_rows($sqlu) == 0) {
+
+ if ($password == '' || $password == $password2) {
+
+ $s = sisplet_query("INSERT INTO users (name, surname, email, pass, type, when_reg, came_from) VALUES ('$name', '$surnname', '$email', '" . base64_encode((hash(SHA256, $password . $pass_salt))) . "', '3', DATE_FORMAT(NOW(), '%Y-%m-%d'), '1')");
+ $id = mysqli_insert_id($GLOBALS['connect_db']);
+
+ } else {
+ $error = 'pass';
+ }
+
+ } else {
+ // ne more si dodati že obstoječega uporabnika, ker potem bi si lahko kar kogarkoli dodal in bi videl njegove ankete
+ $id = 0;
+ $error = 'email';
+ }
+
+ if ($id > 0) {
+
+ $s = sisplet_query("INSERT INTO srv_dostop_manage (manager, user) VALUES ('$global_user_id', '$id')");
+ if (!$s) {
+ echo mysqli_error($GLOBALS['connect_db']);
+ }
+
+ $subject = sprintf($lang['srv_dodanmail_1'], $site_domain);
+
+ $content = sprintf($lang['srv_dodanmail_2'], $MailReply, $site_domain).'<br /><br />';
+ $content .= $lang['srv_dodanmail_3'];
+ $content .= '<ul>';
+ $content .= '<li>'.$lang['srv_dodanmail_3_email'].' <b>'.$email.'</b></li>';
+ $content .= '<li>'.$lang['srv_dodanmail_3_pass_1'].' <b>'.$password.'</b> ('.$lang['srv_dodanmail_3_pass_2'].')</li>';
+ $content .= '</ul>';
+
+ // Podpis
+ $signature = Common::getEmailSignature();
+ $content .= $signature;
+
+
+ // Posljemo mail vsakemu uporabniku posebej
+ try {
+ $MA = new MailAdapter($this->anketa, $type='account');
+ $MA->addRecipients($email);
+ $MA->addRecipients($MailReply);
+ $resultX = $MA->sendMail(stripslashes($content), $subject);
+ } catch (Exception $e) {
+ }
+
+
+ if ($resultX) {
+ $status = 1; // poslalo ok
+ } else {
+ $status = 2; // ni poslalo
+ }
+ }
+
+ } else {
+ $error = 'email';
+ }
+
+ header("Location: index.php?a=diagnostics&t=uporabniki&m=my&error=" . ($error !== FALSE ? $error : ''));
+ }
+
+ /**
+ * Urejanje natančnega dostopa uporabnikov v nastavitvah ankete
+ *
+ */
+ function ajax_anketa_user_dostop()
+ {
+ global $admin_type;
+ global $lang;
+
+ $uid = $_POST['uid'];
+
+ $s = sisplet_query("SELECT name, surname, email, type FROM users WHERE id='$uid'");
+ $r = mysqli_fetch_array($s);
+
+ $sqla = sisplet_query("SELECT naslov FROM srv_anketa WHERE id = '$this->anketa'");
+ $rowa = mysqli_fetch_array($sqla);
+
+ echo '<h2>'.$lang['srv_anketa'].' '.$rowa['naslov'].'</h2>';
+
+ echo '<div class="popup_close"><a href="#" onClick="anketa_user_dostop_close(); return false;">✕</a></div>';
+
+ echo '<h3><span class="bold">';
+
+ if ($r['type'] == 2 || $r['type'] == 3) {
+ echo $lang['admin_narocnik'];
+ }
+ elseif ($r['type'] == 1) {
+ echo $lang['manager'];
+ }
+ elseif ($r['type'] == 0) {
+ echo $lang['administrator'];
+ }
+
+ $r['email'] = iconv("iso-8859-2", "utf-8", $r['email']);
+
+ echo ': ' . $r['name'] . ' ' . $r['surname'] . ' (' . $r['email'] . ')</span></h3>';
+
+ if ($r['type'] >= 2) {
+
+ $sql = sisplet_query("SELECT dostop FROM srv_dostop WHERE ank_id='$this->anketa' AND uid='$uid'");
+ $row = mysqli_fetch_array($sql);
+ $dostop = explode(',', $row['dostop']);
+ echo '<form id="dostop">';
+ echo '<input type="hidden" name="uid" value="' . $uid . '">';
+
+ echo '<input type="hidden" name="aktiven" value="1" id="aktiven_1">';
+
+ echo '<p><input type="checkbox" name="dostop[dashboard]" value="dashboard" id="dashboard" ' . (in_array('dashboard', $dostop) ? 'checked' : '') . ' ' . (in_array('phone', $dostop) ? ' disabled="disabled"' : '') . '> <label for="dashboard">' . $lang['srv_dostop_dashboard'] . '</label></p>';
+ echo '<p><input type="checkbox" name="dostop[edit]" value="edit" id="edit" ' . (in_array('edit', $dostop) ? 'checked' : '') . ' ' . (in_array('phone', $dostop) ? ' disabled="disabled"' : '') . ' onchange="dostop_language(this);"> <label for="edit">' . $lang['srv_dostop_edit'] . '</label></p>';
+ echo '<p><input type="checkbox" name="dostop[test]" value="test" id="test" ' . (in_array('test', $dostop) ? 'checked' : '') . ' ' . (in_array('phone', $dostop) ? ' disabled="disabled"' : '') . ' onchange="dostop_language(this);"> <label for="test">' . $lang['srv_dostop_test'] . '</label></p>';
+ echo '<p><input type="checkbox" name="dostop[publish]" value="publish" id="publish" ' . (in_array('publish', $dostop) ? 'checked' : '') . ' ' . (in_array('phone', $dostop) ? ' disabled="disabled"' : '') . ' onchange="dostop_language(this);"> <label for="publish">' . $lang['srv_dostop_publish'] . '</label></p>';
+ echo '<p><input type="checkbox" name="dostop[data]" value="data" id="data" ' . (in_array('data', $dostop) ? 'checked' : '') . ' ' . (in_array('phone', $dostop) ? ' disabled="disabled"' : '') . '> <label for="data">' . $lang['srv_dostop_data'] . '</label></p>';
+ echo '<p><input type="checkbox" name="dostop[analyse]" value="analyse" id="analyse" ' . (in_array('analyse', $dostop) ? 'checked' : '') . ' ' . (in_array('phone', $dostop) ? ' disabled="disabled"' : '') . '> <label for="analyse">' . $lang['srv_dostop_analyse'] . '</label></p>';
+
+ echo '<p><input type="checkbox" name="dostop[export]" value="export" id="export" ' . (in_array('export', $dostop) ? 'checked' : '') . ' ' . (in_array('phone', $dostop) ? ' disabled="disabled"' : '') . '> <label for="export">' . $lang['srv_dostop_export'] . '</label></p>';
+
+ // Nastavitev, da ne more odklenit ankete
+ echo '<p><input type="checkbox" name="dostop[lock]" value="lock" id="lock" ' . (in_array('lock', $dostop) ? 'checked' : '') . ' ' . (in_array('phone', $dostop) ? ' disabled="disabled"' : '') . '> <label for="lock">' . $lang['srv_dostop_lock'] . '</label></p>';
+
+ // Je anketar - ne more poceti nicesar razen izvajati telefonsko anketo (ob kliku se ostale avtomatsko ugasnejo in disablajo)
+ echo '<p><input type="checkbox" name="dostop[phone]" value="phone" id="phone" ' . (in_array('phone', $dostop) ? 'checked' : '') . ' onchange="dostop_anketar(this);"> <label for="phone">' . $lang['srv_dostop_phone'] . '</label></p>';
+
+ // Če gre za Hierarhijo
+ if (SurveyInfo::checkSurveyModule('hierarhija', $this->anketa)) {
+ $tip = sisplet_query("SELECT type FROM srv_hierarhija_users WHERE user_id='" . $uid . "' AND anketa_id='" . $this->anketa . "'", "obj");
+
+ if (!empty($tip) && !empty($tip->type)) {
+ echo '<p><label>Uporabnik hierarhije s pravicami: </label>';
+ echo '<select name="hierarchy_type" id="hierarchy-type-change" onchange="hierarhijaPravice()">
+ <option value="10" ' . ($tip->type == 10 ? 'selected' : NULL) . '> Učitelj </option>
+ <option value="2" ' . ($tip->type == 2 ? 'selected' : NULL) . '> Administrator </option>
+ </select ></p>';
+ }
+ }
+
+
+ echo '<div style="position: absolute; right: 10px; top: 50px; width: 200px;">';
+
+ // Ce je katerikoli od treh checkboxou ugasnjen imamo enablano editiranje samo posameznega jezik
+ $enable_lang = (!in_array('edit', $dostop) || !in_array('test', $dostop) || !in_array('publish', $dostop)) ? TRUE : FALSE;
+
+ $sqll = sisplet_query("SELECT * FROM srv_language WHERE ank_id = '$this->anketa'");
+ if (mysqli_num_rows($sqll) > 0) {
+ echo '<p><b>' . $lang['srv_passive_multilang'] . '</b></p>';
+
+ echo '<input type="hidden" name="dostop_language_edit" id="dostop_language_edit" value="' . ($enable_lang ? '1' : '0') . '">';
+ }
+ while ($rowl = mysqli_fetch_array($sqll)) {
+
+ $sqldl = sisplet_query("SELECT * FROM srv_dostop_language WHERE ank_id = '$this->anketa' AND uid = '$uid' AND lang_id='$rowl[lang_id]'");
+ if (!$sqldl) {
+ echo mysqli_error($GLOBALS['connect_db']);
+ }
+ if (mysqli_num_rows($sqldl) > 0) {
+ $checked = ' checked';
+ } else {
+ $checked = '';
+ }
+
+ echo '<label><input class="dostop_language" type="checkbox" name="dostop_language[]" value="' . $uid . '-' . $rowl['lang_id'] . '" ' . $checked . ' ' . ($enable_lang ? '' : ' disabled="disabled"') . ' > ' . $rowl['language'] . '</label> <br>';
+ }
+
+ echo '</div>';
+
+ echo '</form>';
+
+ echo '<div class="buttonwrapper floatLeft spaceRight"><a class="ovalbutton ovalbutton_orange" onclick="anketa_user_dostop_save(\'' . $this->anketa . '\'); return false;" href="#"><span>' . $lang['edit1337'] . '</span></a></div>';
+ }
+ // Manager - brez moznosti uporabe 1ka streznika
+ elseif ($r['type'] == 1) {
+
+ $sql = sisplet_query("SELECT dostop FROM srv_dostop WHERE ank_id='$this->anketa' AND uid='$uid'");
+ $row = mysqli_fetch_array($sql);
+ $dostop = explode(',', $row['dostop']);
+
+ // Admin lahko managerju spreminja samo posiljanje vabil preko 1ka streznika
+ if ($admin_type == 0) {
+
+ echo '<form id="dostop">';
+ echo '<input type="hidden" name="uid" value="' . $uid . '">';
+ echo '<input type="hidden" name="aktiven" value="1" id="aktiven_1">';
+
+ if (in_array('dashboard', $dostop)) {
+ echo '<input type="hidden" name="dostop[dashboard]" value="dashboard" id="dashboard">';
+ }
+ if (in_array('edit', $dostop)) {
+ echo '<input type="hidden" name="dostop[edit]" value="edit" id="edit">';
+ }
+ if (in_array('test', $dostop)) {
+ echo '<input type="hidden" name="dostop[test]" value="test" id="test">';
+ }
+ if (in_array('publish', $dostop)) {
+ echo '<input type="hidden" name="dostop[publish]" value="publish" id="publish">';
+ }
+ if (in_array('data', $dostop)) {
+ echo '<input type="hidden" name="dostop[data]" value="data" id="data">';
+ }
+ if (in_array('analyse', $dostop)) {
+ echo '<input type="hidden" name="dostop[analyse]" value="analyse" id="analyse">';
+ }
+ if (in_array('export', $dostop)) {
+ echo '<input type="hidden" name="dostop[export]" value="export" id="export">';
+ }
+ if (in_array('lock', $dostop)) {
+ echo '<input type="hidden" name="dostop[lock]" value="lock" id="lock">';
+ }
+ if (in_array('phone', $dostop)) {
+ echo '<input type="hidden" name="dostop[phone]" value="phone" id="phone">';
+ }
+
+ echo '</form>';
+
+ echo '<p>(' . $lang['srv_dostop_edit'] . ', ' . $lang['srv_dostop_data'] . ', ' . $lang['srv_dostop_export'] . ')</p>';
+
+ echo '<div class="buttonwrapper floatLeft spaceRight"><a class="ovalbutton ovalbutton_orange" onclick="anketa_user_dostop_save(\'' . $this->anketa . '\'); return false;" href="#"><span>' . $lang['edit1337'] . '</span></a></div>';
+ }
+ // Ostali ne morejo managerju nicesar spreminjati
+ else {
+ echo '<p>(' . $lang['srv_dostop_edit'] . ', ' . $lang['srv_dostop_data'] . ', ' . $lang['srv_dostop_export'] . ' )</p>';
+ }
+ }
+ // Admin
+ else {
+ echo '<p>(' . $lang['srv_dostop_edit'] . ', ' . $lang['srv_dostop_data'] . ', ' . $lang['srv_dostop_export'] . ')</p>';
+ }
+
+ echo '<div class="buttonwrapper floatRight"><a class="ovalbutton ovalbutton_gray" onclick="anketa_user_dostop_close(); return false;" href="#"><span>' . $lang['srv_zapri'] . '</span></a></div>';
+ }
+
+ function ajax_anketa_user_dostop_save() {
+
+ $uid = $_POST['uid'];
+ $aktiven = $_POST['aktiven'];
+
+ $dostop = implode(',', $_POST['dostop']);
+
+ $sql = sisplet_query("UPDATE srv_dostop SET aktiven='$aktiven', dostop='$dostop' WHERE uid = '$uid' AND ank_id='$this->anketa'");
+
+ if (isset($_POST['dostop_language_edit']) && $_POST['dostop_language_edit'] == '1') {
+ sisplet_query("DELETE FROM srv_dostop_language WHERE ank_id = '$this->anketa' AND uid='$uid'");
+ foreach ($_POST['dostop_language'] AS $val) {
+ $val = explode('-', $val);
+ $uid = $val[0];
+ $lang_id = $val[1];
+ sisplet_query("INSERT INTO srv_dostop_language (ank_id, uid, lang_id) VALUES ('$this->anketa', '$uid', '$lang_id')");
+ }
+ }
+
+ if (isset($_POST['hierarchy_type']) && SurveyInfo::checkSurveyModule('hierarhija', $this->anketa)) {
+ $tip = (!empty($_POST['hierarchy_type']) ? $_POST['hierarchy_type'] : NULL);
+
+ $result = sisplet_query("SELECT id FROM srv_hierarhija_users WHERE user_id='" . $uid . "' AND anketa_id='" . $this->anketa . "'", "obj");
+
+ if (!empty($result) && !empty($result->id) && !is_null($tip)) {
+ sisplet_query("UPDATE srv_hierarhija_users SET type='" . $tip . "' WHERE id='" . $result->id . "'");
+ }
+
+ }
+ }
+
+ function ajax_edit_user(){
+ global $lang;
+ global $global_user_id;
+ global $admin_type;
+ global $virtual_domain;
+
+ $uid = $_POST['uid'];
+
+ echo '<div class="edit_user_content">';
+
+ // NASTAVITVE UPORABNIKA
+ echo '<div class="user_settings">';
+
+ $sql = sisplet_query("SELECT name, surname, email, type, status, gdpr_agree FROM users WHERE id ='" . $uid . "'");
+ $row = mysqli_fetch_array($sql);
+
+ echo '<form class="manager_add_user" name="manager_edit_user" action="ajax.php?t=dostop&a=edit_user_save&uid=' . $uid . '" method="post">';
+
+ echo '<h2><strong>' . $lang['edit_user'] . '</strong></h2>';
+
+ // Segment tip uporabnika
+ echo '<div class="segment user_type">';
+
+ $row['email'] = iconv("iso-8859-2", "utf-8", $row['email']);
+
+ // Emaila ne more vec editirat, ker je prevec problemov (izgubi ankete...)
+ echo '<input type="hidden" id="email" name="email" value="' . $row['email'] . '" />';
+ echo '<p><label for="email">' . $lang['user2'] . ':</label>'.$row['name'].' '.$row['surname'].' ('.$row['email'].')</p>';
+
+ // Admin lahko spreminja tip vseh userjev
+ if ($admin_type == 0) {
+ echo '<p><label for="type">' . $lang['admin_type'] . '</label><select id="type" name="type">';
+ echo '<option value="0" ' . ($row['type'] == '0' ? 'selected' : '') . '>' . $lang['admin_admin'] . '</option>';
+ echo '<option value="1" ' . ($row['type'] == '1' ? 'selected' : '') . '>' . $lang['admin_manager'] . '</option>';
+ echo '<option value="3" ' . ($row['type'] == '3' ? 'selected' : '') . '>' . $lang['admin_narocnik'] . '</option>';
+ echo '</select></p>';
+ }
+ else {
+ echo '<input type="hidden" id="type" name="type" value="' . $row['type'] . '" />';
+ }
+
+ echo '<p><label for="status">' . $lang['status'] . '</label><select name="status" id="status"><option value="1" ' . ($row['status'] == 1 ? 'selected' : '') . '>' . $lang['srv_user_notbanned'] . '</option><option value="0" ' . ($row['status'] == 0 ? 'selected' : '') . '>' . $lang['srv_user_banned'] . '</option></select></p>';
+
+ echo '</div>';
+
+ // Segment osnovni podatki
+ echo '<div class="segment user_info">';
+
+ echo '<p><label for="name">' . $lang['name'] . ':</label><input type="text" id="name" name="name" value="' . (!empty($row['name']) ? $row['name'] : '') . '" autocomplete="off" size="50"></p>';
+ echo '<p><label for="surname">' . $lang['surname'] . ':</label><input type="text" id="surname" name="surname" value="' . (!empty($row['surname']) ? $row['surname'] : '') . '" size="50" readonly onfocus="this.removeAttribute(\'readonly\');"></p>';
+ echo '<p><label for="password">' . $lang['password'] . ':</label><input type="password" id="password" name="password" readonly onfocus="this.removeAttribute(\'readonly\');"></p>';
+ echo '<p><label for="password2">' . $lang['cms_register_user_repeat_password'] . ':</label><input type="password" id="password2" name="password2" readonly onfocus="this.removeAttribute(\'readonly\');"></p>';
+ echo '<p><label for="subscription">'.$lang['srv_subscribe'].':</label>
+ <input type="radio" id="subscriptionDa" name="gdpr_agree" value="1" '.($row['gdpr_agree'] == 1 ? 'checked="checked"' : '').'><label for="subscriptionDa" style="width: auto;">'.$lang['yes'].'</label>'.
+ ' <input type="radio" id="subscriptionNe" class="spaceLeft" name="gdpr_agree" value="0" '.($row['gdpr_agree'] == 0 ? 'checked="checked"' : '').'><label for="subscriptionNe" style="width: auto;">'.$lang['no'].'</label>'.
+ '</p>';
+
+ $user_2fa_validate = User::option($uid, 'google-2fa-validation');
+ if($admin_type == 0 && !empty($user_2fa_validate) && $user_2fa_validate != 'NOT') {
+ echo '<p><label for="google_2fa">'.$lang['google_2fa'].':</label>
+ <label for="google-2fa-da" style="width: auto;">
+ <input type="radio" id="google-2fa-da" name="google-2fa" value="1" disabled="disabled" '.((!empty($user_2fa_validate) && $user_2fa_validate != 'NOT') ? 'checked="checked"' : '').'>'.$lang['srv_mass_input_1'].'
+ </label>
+ <label for="google-2fa-ne" style="width: auto;">
+ <input type="radio" id="google-2fa-ne" name="google-2fa" value="izbrisi">'.$lang['srv_mass_input_0'].
+ '</label></p>';
+ }
+
+
+ // Admin lahko ureja katere uporabnike (mail domene) bo manager lahko dodajal pod svoj pregled
+ if ($admin_type == 0 && $row['type'] == '1') {
+ UserSetting:: getInstance()->Init($uid);
+ $emails = UserSetting:: getInstance()->getUserSetting('manage_domain');
+
+ echo '<p><label for="manage_domain" style="width:200px;">Manager domene (npr. 1ka.si):</label><input type="text" id="manage_domain" name="manage_domain" value="' . $emails . '" autocomplete="off" size="30"></p>';
+ }
+
+ // Na virtualkah manager ne sme odstraniti uporabnika iz pregleda (zaradi omejitve)
+ if($admin_type != '1' || !$virtual_domain){
+ $sqlu = sisplet_query("SELECT * FROM srv_dostop_manage WHERE manager='$global_user_id' AND user='$uid'");
+
+ if (mysqli_num_rows($sqlu) > 0) {
+ echo '<br /><p><a href="ajax.php?t=dostop&a=edit_remove_user&uid=' . $uid . '" onclick="if ( confirm(\'?\')) { } else {return false;}">' . $lang['srv_manager_rem_user2'] . '</a></p>';
+ }
+ }
+
+ echo '</div>';
+
+ // Segment paket
+ global $app_settings;
+ if($app_settings['commercial_packages'] == true){
+ echo '<div class="segment user_package">';
+
+ $userAccess = UserAccess::getInstance($uid);
+ $userAccess_data = $userAccess->getAccess();
+
+ $active_package = (isset($userAccess_data['package_id'])) ? $userAccess_data['package_id'] : '1';
+ $time_expire = (isset($userAccess_data['time_expire'])) ? date('d.m.Y', strtotime($userAccess_data['time_expire'])) : '';
+
+ // Paket
+ echo '<p>';
+ echo ' <label for="package">' . $lang['srv_access_package'] . ':</label>';
+ echo ' <select name="package" id="package">';
+ foreach($userAccess->getPackages() as $package_id => $package){
+ echo ' <option value="'.$package_id.'" '.($package_id == $active_package ? 'selected="selected"' : '').'>'.$package['name'].'</option>';
+ }
+ echo ' </select>';
+ echo '</p>';
+
+ // Trajanje paketa
+ echo '<p>';
+ echo ' <label for="package_expire">' . ucfirst($lang['srv_access_package_valid']) . ':</label>';
+ echo ' <input type="text" name="package_expire" id="package_expire" value="'.$time_expire.'" style="width:80px;">';
+ echo '</p>';
+
+ echo '
+ <script type="text/javascript">
+ $(document).ready(function () {
+ datepicker("#package_expire");
+ });
+ </script>';
+
+ echo '</div>';
+ }
+
+ echo '</form>';
+ echo '</div>';
+
+
+ // SEZNAM ANKET
+ echo '<div class="survey_list">';
+ echo ' <h3><strong>' . $lang['srv_ankete'] . '</strong></h3>';
+
+ echo ' <ul>';
+ $sql = sisplet_query("SELECT srv_anketa.id, srv_anketa.naslov FROM srv_dostop, srv_anketa WHERE srv_dostop.uid='". $uid ."' AND srv_dostop.ank_id=srv_anketa.id ORDER BY srv_anketa.edit_time DESC");
+ while ($row = mysqli_fetch_array($sql)) {
+ echo ' <li><a href="#" onclick="anketa_user_dostop(\'' . $uid . '\', \'' . $row['id'] . '\'); return false;">' . $row['naslov'] . '</a></li>';
+ }
+
+ echo ' </ul>';
+ echo '</div>';
+
+ echo '</div>';
+
+
+ // GUMBI NA DNU
+ echo '<p>';
+ echo ' <div class="buttonwrapper floatLeft"><a class="ovalbutton ovalbutton_gray" href="#" onclick="edit_user_close();"><span>'.$lang['srv_zapri'].'</span></a></div>';
+ echo ' <div class="buttonwrapper floatLeft spaceLeft"><a class="ovalbutton ovalbutton_orange btn_savesettings" href="#" onclick="document.manager_edit_user.submit();"><span>'.$lang['edit1337'].'</span></a></div>';
+ echo '</p>';
+ }
+
+ function ajax_edit_user_save(){
+ global $pass_salt;
+ global $admin_type;
+
+ $uid = $_GET['uid'];
+
+ $_POST['email'] = iconv("utf-8", "iso-8859-2", $_POST['email']);
+
+ if ($_POST['email'] != '') {
+
+ if ($_POST['password'] != '' && $_POST['password'] == $_POST['password2']) {
+ $password = ", pass = '" . base64_encode((hash('SHA256', $_POST['password'] . $pass_salt))) . "' ";
+ } else {
+ $password = "";
+ }
+
+ $s = sisplet_query("UPDATE users SET type='$_POST[type]', status='$_POST[status]', email='$_POST[email]', name='$_POST[name]', surname='$_POST[surname]' $password WHERE id = '$uid'");
+ if (!$s) {
+ echo mysqli_error($GLOBALS['connect_db']);
+ }
+ }
+
+ if(isset($_POST['gdpr_agree'])){
+ sisplet_query("UPDATE users SET gdpr_agree='".$_POST['gdpr_agree']."' WHERE id = '$uid'");
+ }
+
+ if(isset($_POST['google-2fa']) && $_POST['google-2fa'] == 'izbrisi'){
+ sisplet_query("DELETE FROM user_options WHERE user_id='".$uid."' AND option_name IN ('google-2fa-secret', 'google-2fa-validation')");
+ }
+
+ if (isset($_POST['manage_domain'])) {
+
+ UserSetting::getInstance()->Init($uid);
+ UserSetting::getInstance()
+ ->setUserSetting('manage_domain', $_POST['manage_domain']);
+ UserSetting::getInstance()->saveUserSetting();
+ }
+
+ // Update or insert user package
+ if (isset($_POST['package']) && isset($_POST['package_expire']) && $_POST['package_expire'] != '') {
+
+ $package_id = $_POST['package'];
+ $package_expire = $_POST['package_expire'];
+ $package_expire_sql = date('Y-m-d H:i:s', strtotime($package_expire));
+
+ $sqlPackageTime = sisplet_query("SELECT time_activate FROM user_access WHERE usr_id='".$uid."'");
+ if(mysqli_num_rows($sqlPackageTime) > 0){
+ $rowPackageTime = mysqli_fetch_array($sqlPackageTime);
+ $time_activate = date('Y-m-d H:i:s', strtotime($rowPackageTime['time_activate']));
+
+ $sqlPackageDelete = sisplet_query("DELETE FROM user_access WHERE usr_id='".$uid."'");
+
+ $sqlPackage = sisplet_query("INSERT INTO user_access
+ (usr_id, time_activate, time_expire, package_id)
+ VALUES
+ ('".$uid."', '".$time_activate."', '".$package_expire_sql."', '".$package_id."')
+ ");
+ }
+ else{
+ $sqlPackage = sisplet_query("INSERT INTO user_access
+ (usr_id, time_activate, time_expire, package_id)
+ VALUES
+ ('".$uid."', NOW(), '".$package_expire_sql."', '".$package_id."')
+ ");
+ }
+
+
+ if (!$sqlPackage)
+ echo mysqli_error($GLOBALS['connect_db']);
+ }
+
+ if($admin_type == 0) {
+
+ // Ce smo odprli okno v narocilih
+ if(strpos($_SERVER['HTTP_REFERER'], 'a=narocila') !== false)
+ header("Location: index.php?a=narocila");
+ else
+ header("Location: index.php?a=diagnostics&t=uporabniki&m=all");
+ }
+ else{
+ header("Location: index.php?a=diagnostics&t=uporabniki&m=my");
+ }
+ }
+
+ /**
+ * Admin: dodajanje obstojecih uporabnikov
+ *
+ */
+ function ajax_admin_add_user()
+ {
+ global $pass_salt;
+ global $lang;
+ global $global_user_id, $site_path;
+ global $admin_type;
+
+ if ($admin_type != 0 && $admin_type != 1) {
+ return;
+ }
+
+ $error = FALSE;
+
+ $sqlu = sisplet_query("SELECT email FROM users WHERE id = '" . $global_user_id . "'");
+ $rowu = mysqli_fetch_array($sqlu);
+
+ $mail_admin = $rowu['email'];
+
+ $uid = (!empty($_POST['uid']) ? $_POST['uid'] : null);
+ $uemail = (!empty($_POST['uemail']) ? $_POST['uemail'] : null);
+
+ $sqlu = sisplet_query("SELECT email, type FROM users WHERE id='$uid'");
+ if (mysqli_num_rows($sqlu) > 0) {
+ $rowu = mysqli_fetch_array($sqlu);
+ $mail_user = $rowu['email'];
+ $type_user = $rowu['type'];
+ $id = $uid;
+ }
+
+ // Za managerje pošljemo samo email
+ if(empty($id)) {
+ $sqlu = sisplet_query("SELECT id, email, type FROM users WHERE email='".$uemail."'");
+ if (mysqli_num_rows($sqlu) > 0) {
+ $rowu = mysqli_fetch_array($sqlu);
+ $mail_user = $rowu['email'];
+ $type_user = $rowu['type'];
+ $id = $rowu['id'];
+ }
+ }
+
+ if ($id > 0 && $type_user >= $admin_type) {
+
+ $s = sisplet_query("INSERT INTO srv_dostop_manage (manager, user) VALUES ('$global_user_id', '$id')");
+ if (!$s) {
+ echo mysqli_error($GLOBALS['connect_db']);
+ }
+
+ global $site_url;
+
+ $subject = $lang['srv_dodanmail_m_1'] . '';
+ $content = sprintf($lang['srv_dodanmail_m_2'], $mail_admin, $site_url, $mail_user) . '<br /><br />' . sprintf($lang['srv_dodanmail_m_3']);
+
+ // Podpis
+ $signature = Common::getEmailSignature();
+ $content .= $signature;
+
+ try {
+ $MA = new MailAdapter($this->anketa, $type='account');
+ $MA->addRecipients($mail_user);
+ $resultX = $MA->sendMail(stripslashes($content), $subject);
+ } catch (Exception $e) {
+ }
+
+ if ($resultX) {
+ $status = 1; // poslalo ok
+ } else {
+ $status = 2; // ni poslalo
+ }
+ }
+
+ header("Location: index.php?a=diagnostics&t=uporabniki".($error !== FALSE ? '&error='.$error : ''));
+ }
+
+ /**
+ * Admin: dodajanje obstojecih uporabnikov drugemu uporabniku v popupu
+ *
+ */
+ function ajax_admin_add_user_popup(){
+ global $lang;
+ global $admin_type;
+
+ if ($admin_type != 0)
+ return;
+
+ $manager = (isset($_POST['manager'])) ? $_POST['manager'] : '0';
+ $user = (isset($_POST['user'])) ? $_POST['user'] : '0';
+
+ if($manager == '' || $manager == '0' || $user == '' || $user == '0')
+ return;
+
+ $sql = sisplet_query("INSERT INTO srv_dostop_manage (manager, user) VALUES ('".$manager."', '".$user."')");
+ if (!$sql)
+ echo mysqli_error($GLOBALS['connect_db']);
+
+ $this->ajax_dodeljeni_uporabniki_display();
+ }
+
+ /**
+ * Poiščemo uporabnika, ki je v bazi
+ */
+ function ajax_find_user(){
+ global $admin_type, $global_user_id;
+
+ $json['results'] = [];
+
+ if($admin_type == 0){
+
+ $sqls = sisplet_query("SELECT id, name, surname, email FROM users WHERE id NOT IN (SELECT user FROM srv_dostop_manage WHERE manager='".$global_user_id."') AND email NOT LIKE ('D3LMD-%') AND email NOT LIKE ('UNSU8MD-%') AND email LIKE '%".$_GET['term']."%' ORDER BY email", "obj");
+
+ if(!empty($sqls->email)){
+ $json['results'][] = [
+ 'id' => $sqls->id,
+ 'text' => $sqls->email.' - '.$sqls->name.' '.$sqls->surname
+ ];
+ }
+ else{
+ foreach ($sqls as $user) {
+ $json['results'][] = [
+ 'id' => $user->id,
+ 'text' => $user->email.' - '.$user->name.' '.$user->surname
+ ];
+ }
+ }
+
+ echo json_encode($json);
+ }
+ elseif ($admin_type == 1){
+ $email = trim($_POST['uemail']);
+ $user = sisplet_query("SELECT id, name, surname, email FROM users WHERE id NOT IN (SELECT user FROM srv_dostop_manage WHERE manager='".$global_user_id."') AND email NOT LIKE ('D3LMD-%') AND email NOT LIKE ('UNSU8MD-%') AND email='".$email."'");
+
+ if(mysqli_num_rows($user) > 0) {
+ echo 'success';
+ }
+ else{
+ echo 'error';
+ }
+ }
+ }
+
+ // Če je administrator
+
+ /**
+ * odstrani uporabnika iz nadzora
+ *
+ */
+ function ajax_edit_remove_user(){
+ global $global_user_id;
+ global $site_url;
+
+ $uid = (int) $_GET['uid'];
+
+ $sql = sisplet_query("DELETE FROM srv_dostop_manage WHERE user='".$uid."' AND manager='".$global_user_id."'");
+
+ header("Location: " . $site_url . "admin/survey/index.php?a=diagnostics&t=uporabniki&m=my");
+ }
+
+ /**
+ * odstrani uporabnika iz managerjevega nadzora
+ *
+ */
+ function ajax_edit_remove_user_manager(){
+ global $global_user_id;
+ global $site_url;
+
+ $uid = (int) $_GET['uid'];
+
+ $sql = sisplet_query("DELETE FROM srv_dostop_manage WHERE user='$global_user_id' AND manager='$uid'");
+
+ header("Location: " . $site_url . "admin/survey/index.php?a=diagnostics&t=uporabniki");
+ }
+
+ /**
+ * admin odstrani uporabnika iz nadzora drugemu uporabniku (managerju ali adminu)
+ *
+ */
+ function ajax_edit_remove_user_admin(){
+ global $admin_type;
+
+ if($admin_type != '0')
+ return;
+
+ $manager = (isset($_POST['manager'])) ? $_POST['manager'] : '0';
+ $user = (isset($_POST['user'])) ? $_POST['user'] : '0';
+
+ if($manager == '' || $manager == '0' || $user == '' || $user == '0')
+ return;
+
+ $sql = sisplet_query("DELETE FROM srv_dostop_manage WHERE user='$user' AND manager='$manager'");
+
+ $this->ajax_dodeljeni_uporabniki_display();
+ }
+
+ /**
+ * Seznam vseh uporabnikov znotrja 1ke
+ */
+ function ajax_all_users_list(){
+ global $admin_languages;
+ global $global_user_id;
+ global $lang;
+ global $admin_type;
+
+ $seznam = [];
+
+ $iskanjeSql = "";
+ if(!empty($_POST['search']['value'])){
+ $iskaniNiz = $_POST['search']['value'];
+ $iskanjeSql = " AND (u.name LIKE '%".$iskaniNiz."%' OR u.surname LIKE '%".$iskaniNiz."%' OR u.email LIKE '%".$iskaniNiz."%' OR d1.dostop_survey_count LIKE '%".$iskaniNiz."%' OR d2.dostop_survey_archive LIKE '%".$iskaniNiz."%')";
+ }
+
+ // Pridobimo vse uporabnike
+ $sql = "SELECT u.id as id, u.type as type, u.status, u.email as email, u.name as name, u.surname as surname, u.lang as lang, u.eduroam as aai, date_format(u.when_reg, '%d.%m.%Y') as registriran, u.gdpr_agree as gdpr_agree, dm.st_dodeljenih_uporabnikov as st_dodeljenih_uporabnikov, dm2.st_managerjev as st_managerjev, d1.dostop_survey_count as st_anket, d2.dostop_survey_archive as st_arhivskih, date_format(u.last_login, '%d.%m.%Y') as last_login, ue.email as second_email FROM users AS u ".
+ " LEFT OUTER JOIN (SELECT srv_dostop.ank_id, srv_dostop.uid, count(*) AS dostop_survey_count FROM srv_dostop, srv_anketa WHERE srv_anketa.id=srv_dostop.ank_id AND srv_anketa.backup='0' GROUP BY srv_dostop.uid ) AS d1 ON d1.uid = u.id ".
+ " LEFT OUTER JOIN (SELECT srv_dostop.ank_id, srv_dostop.uid, count(*) AS dostop_survey_archive FROM srv_dostop, srv_anketa WHERE srv_anketa.id=srv_dostop.ank_id AND srv_anketa.backup>'0' GROUP BY srv_dostop.uid ) AS d2 ON d2.uid = u.id ".
+ " LEFT OUTER JOIN (SELECT srv_dostop_manage.manager, count(*) AS st_dodeljenih_uporabnikov FROM srv_dostop_manage GROUP BY srv_dostop_manage.manager) AS dm ON dm.manager = u.id ".
+ " LEFT OUTER JOIN (SELECT srv_dostop_manage.user, count(*) AS st_managerjev FROM srv_dostop_manage GROUP BY srv_dostop_manage.user) AS dm2 ON dm2.user = u.id ".
+ " LEFT OUTER JOIN (SELECT user_emails.email, user_emails.user_id FROM user_emails WHERE active=1) AS ue ON ue.user_id = u.id".
+ " WHERE u.email NOT LIKE ('D3LMD-%') AND u.email NOT LIKE ('UNSU8MD-%') ".$iskanjeSql;
+
+ // Filtri, ki jih datatables pošilja in po katerih filtriramo
+ if($_POST['order'][0]['column'] < 12) {
+ $orderPolje = [
+ "u.name ".$_POST['order'][0]['dir'].", u.surname",
+ "u.email",
+ "u.type",
+ "u.lang",
+ "u.eduroam", //AAI
+ "d1.dostop_survey_count", //st_anket
+ "d2.dostop_survey_archive", //st_arhivskih
+ "dm.st_dodeljenih_uporabnikov", //st_dodeljenih_uporabnikov
+ "dm2.st_managerjev", //st_managerjev
+ "u.gdpr_agree",
+ "u.when_reg",
+ "u.last_login"
+ ];
+
+ if($_POST['order'][0]['column'] == 9){
+
+ $vrednost='u.gdpr_agree desc';
+ if($_POST['order'][0]['dir'] == 'asc'){
+ $vrednost= ' FIELD (u.gdpr_agree, 0, \'-1\', 1)';
+ }
+
+ $sql .= " ORDER BY ".$vrednost;
+ }
+ else {
+ $sql .= " ORDER BY ".$orderPolje[$_POST['order'][0]['column']]." ".$_POST['order'][0]['dir'];
+ }
+ }
+
+ if($_POST['length'] != '-1') {
+ $sql .= " LIMIT ".$_POST['start'].", ".$_POST['length'];
+ }
+
+ $resultQuery = sisplet_query($sql);
+ $resultU = lazyLoadSqlObj($resultQuery);
+
+ // Seznam uporabnikov vrne za administratorje vse za ostale pa samo tiste, ki smo jih dodali k uporabniku.
+ if (!empty($resultU)) {
+
+ if (!empty($resultU->name)) {
+ $vsi[] = $resultU;
+ }
+ else {
+ $vsi = $resultU;
+ }
+
+ foreach ($vsi as $uporabnik) {
+ $seznam[] = [
+ iconv(mb_detect_encoding( $uporabnik->name, mb_detect_order(), true), "UTF-8", $uporabnik->name) .' '.iconv(mb_detect_encoding( $uporabnik->surname, mb_detect_order(), true), "UTF-8", $uporabnik->surname),
+ (!empty($uporabnik->second_email) ? iconv(mb_detect_encoding( $uporabnik->second_email, mb_detect_order(), true), "UTF-8", $uporabnik->second_email) : iconv(mb_detect_encoding( $uporabnik->email, mb_detect_order(), true), "UTF-8", $uporabnik->email)),
+ $this->userTypeToText($uporabnik->type),
+ $admin_languages[$uporabnik->lang],
+ (!empty($uporabnik->aai) ? $this->vrniDaNe($uporabnik->aai) : $lang['no1']),
+ (!empty($uporabnik->st_anket) ? $uporabnik->st_anket : 0),
+ (!empty($uporabnik->st_arhivskih) ? $uporabnik->st_arhivskih : 0),
+ '<a href="#" onclick="dodeljeni_uporabniki_display(\''.$uporabnik->id.'\'); return false;" title="'.$lang['srv_manager_manager'].'">'.(!empty($uporabnik->st_dodeljenih_uporabnikov) ? $uporabnik->st_dodeljenih_uporabnikov : 0).'</a>',
+ (!empty($uporabnik->st_managerjev) ? $uporabnik->st_managerjev : 0),
+ $lang["users_gdpr".$uporabnik->gdpr_agree],
+ $uporabnik->registriran,
+ $uporabnik->last_login,
+ '<a href="#" onclick="edit_user(\''.$uporabnik->id.'\'); return false;" title="'.$lang['srv_info_modify'].'"><i class="fa fa-pencil-alt link-sv-moder"></i></a>'.
+ ' | <a href="#" onclick="vsiUporabnikiAkcija(\''.$uporabnik->id.'\', \'ban\'); return false;" title="'.$lang[($uporabnik->status == 0 ? 'srv_user_banned' : 'srv_user_notbanned')].'"><i class="fa fa-ban '.($uporabnik->status == 0 ? 'link-rdec' : 'link-sv-moder').'"></i></a>'.
+ ' | <a href="#" onclick="vsiUporabnikiAkcija(\''.$uporabnik->id.'\', \'delete\'); return false;" title="'.$lang['srv_multicrosstabs_tables_delete_short'].'"><i class="fa fa-times link-sv-moder"></i></a>'
+ ];
+ }
+ }
+
+ $sql_recordsTotal = sisplet_query("SELECT count(id) as stVseh FROM users WHERE email NOT LIKE ('D3LMD-%') AND email NOT LIKE ('UNSU8MD-%')", "obj");
+
+ // Število vseh zadetkov, ki jih imamo v bazi
+ $recordsTotal = 0;
+ if(!empty($sql_recordsTotal)) {
+ $recordsTotal = $sql_recordsTotal->stVseh;
+ }
+
+ // Število filtriranih zadetkov
+ $recordFiltered = $recordsTotal;
+ if(!empty($_POST['search']['value']))
+ $recordFiltered = sizeof($vsi);
+
+ echo json_encode([
+ "draw" => (!empty($_POST['draw']) ? $_POST['draw'] : 1),
+ "recordsTotal" => $recordsTotal,
+ "recordsFiltered" => $recordFiltered,
+ "data" => $seznam // polje z vsebino
+ ]);
+ }
+
+ /**
+ * Seznam dodeljenih uporabnikov (manager in admin)
+ */
+ function ajax_all_users_list_my(){
+ global $admin_languages;
+ global $global_user_id;
+ global $lang;
+ global $admin_type;
+
+ $seznam = [];
+
+ $iskanjeSql = "";
+ if(!empty($_POST['search']['value'])){
+ $iskaniNiz = $_POST['search']['value'];
+ $iskanjeSql = " AND (u.name LIKE '%".$iskaniNiz."%' OR u.surname LIKE '%".$iskaniNiz."%' OR u.email LIKE '%".$iskaniNiz."%' OR d1.dostop_survey_count LIKE '%".$iskaniNiz."%' OR d2.dostop_survey_archive LIKE '%".$iskaniNiz."%')";
+ }
+
+ // Pridobimo vse uporabnike
+ $sql = "SELECT u.id as id, u.type as type, u.status, u.email as email, u.name as name, u.surname as surname, u.lang as lang, u.eduroam as aai, date_format(u.when_reg, '%d.%m.%Y') as registriran, u.gdpr_agree as gdpr_agree, d1.dostop_survey_count as st_anket, d2.dostop_survey_archive as st_arhivskih, date_format(u.last_login, '%d.%m.%Y') as last_login, ue.email as second_email FROM users AS u ".
+ " LEFT OUTER JOIN ( SELECT srv_dostop.ank_id, srv_dostop.uid, count(*) AS dostop_survey_count FROM srv_dostop, srv_anketa WHERE srv_anketa.id=srv_dostop.ank_id AND srv_anketa.backup='0' GROUP BY srv_dostop.uid ) AS d1 ON d1.uid = u.id ".
+ " LEFT OUTER JOIN ( SELECT srv_dostop.ank_id, srv_dostop.uid, count(*) AS dostop_survey_archive FROM srv_dostop, srv_anketa WHERE srv_anketa.id=srv_dostop.ank_id AND srv_anketa.backup>'0' GROUP BY srv_dostop.uid ) AS d2 ON d2.uid = u.id ".
+ " LEFT OUTER JOIN (SELECT user_emails.email, user_emails.user_id FROM user_emails WHERE active=1) AS ue ON ue.user_id = u.id".
+ " WHERE u.email NOT LIKE ('D3LMD-%') AND u.email NOT LIKE ('UNSU8MD-%') ".$iskanjeSql;
+
+ // Filter samo po lastnih uporabnikih
+ $isciPoDomeni = '';
+
+ // Med lastne uporabnike prikažemo tudi, tiste ki so bili registrirani z isto domeno
+ /*UserSetting :: getInstance()->Init($global_user_id);
+ $domena = UserSetting :: getInstance()->getUserSetting('manage_domain');
+ if(!empty($domena)){
+ $isciPoDomeni = " OR u.email LIKE '%".$domena."'";
+ }*/
+
+ $sql .= " AND (u.id IN (SELECT user FROM srv_dostop_manage WHERE manager='".$global_user_id."') ".$isciPoDomeni.")";
+
+
+ // Filtri, ki jih datatables pošilja in po katerih filtriramo
+ if($_POST['order'][0]['column'] < 10) {
+ $orderPolje = [
+ "u.name ".$_POST['order'][0]['dir'].", u.surname",
+ "u.email",
+ "u.type",
+ "u.lang",
+ "u.eduroam", //AAI
+ "d1.dostop_survey_count", //st_anket
+ "d2.dostop_survey_archive", //st_arhivskih
+ "u.gdpr_agree",
+ "u.when_reg",
+ "u.last_login"
+ ];
+
+ if($_POST['order'][0]['column'] == 7){
+
+ $vrednost='u.gdpr_agree desc';
+ if($_POST['order'][0]['dir'] == 'asc'){
+ $vrednost= ' FIELD (u.gdpr_agree, 0, \'-1\', 1)';
+ }
+
+ $sql .= " ORDER BY ".$vrednost;
+ }
+ else {
+ $sql .= " ORDER BY ".$orderPolje[$_POST['order'][0]['column']]." ".$_POST['order'][0]['dir'];
+ }
+ }
+
+ if($_POST['length'] != '-1') {
+ $sql .= " LIMIT ".$_POST['start'].", ".$_POST['length'];
+ }
+
+ $resultQuery = sisplet_query($sql);
+ $resultU = lazyLoadSqlObj($resultQuery);
+
+ // Seznam uporabnikov vrne za administratorje vse za ostale pa samo tiste, ki smo jih dodali k uporabniku.
+ if (!empty($resultU) && ($this->jeAdministrator() || !$this->jeAdministrator())) {
+
+ if (!empty($resultU->name)) {
+ $vsi[] = $resultU;
+ }
+ else {
+ $vsi = $resultU;
+ }
+
+ foreach ($vsi as $uporabnik) {
+ $seznam[] = [
+ iconv(mb_detect_encoding( $uporabnik->name, mb_detect_order(), true), "UTF-8", $uporabnik->name) .' '.iconv(mb_detect_encoding( $uporabnik->surname, mb_detect_order(), true), "UTF-8", $uporabnik->surname),
+ (!empty($uporabnik->second_email) ? iconv(mb_detect_encoding( $uporabnik->second_email, mb_detect_order(), true), "UTF-8", $uporabnik->second_email) : iconv(mb_detect_encoding( $uporabnik->email, mb_detect_order(), true), "UTF-8", $uporabnik->email)),
+ $this->userTypeToText($uporabnik->type),
+ $admin_languages[$uporabnik->lang],
+ (!empty($uporabnik->aai) ? $this->vrniDaNe($uporabnik->aai) : $lang['no1']),
+ (!empty($uporabnik->st_anket) ? $uporabnik->st_anket : 0),
+ (!empty($uporabnik->st_arhivskih) ? $uporabnik->st_arhivskih : 0),
+ $lang["users_gdpr".$uporabnik->gdpr_agree],
+ $uporabnik->registriran,
+ $uporabnik->last_login,
+ '<a href="#" onclick="edit_user(\''.$uporabnik->id.'\'); return false;" title="'.$lang['srv_info_modify'].'"><i class="fa fa-pencil-alt link-sv-moder"></i></a>'.
+ ' | <a href="#" onclick="vsiUporabnikiAkcija(\''.$uporabnik->id.'\', \'ban\'); return false;" title="'.$lang[($uporabnik->status == 0 ? 'srv_user_banned' : 'srv_user_notbanned')].'"><i class="fa fa-ban '.($uporabnik->status == 0 ? 'link-rdec' : 'link-sv-moder').'"></i></a>'.
+ ' | <a href="#" onclick="vsiUporabnikiAkcija(\''.$uporabnik->id.'\', \'delete\'); return false;" title="'.$lang['srv_multicrosstabs_tables_delete_short'].'"><i class="fa fa-times link-sv-moder"></i></a>'
+ ];
+
+ }
+ }
+
+ // Število vseh zadetkov, ki jih imamo v bazi
+ $recordsTotal = 0;
+ $recordsTotal = sizeof($vsi);
+
+ // Število filtriranih zadetkov
+ $recordFiltered = $recordsTotal;
+ if(!empty($_POST['search']['value']))
+ $recordFiltered = sizeof($vsi);
+
+ echo json_encode([
+ "draw" => (!empty($_POST['draw']) ? $_POST['draw'] : 1),
+ "recordsTotal" => $recordsTotal,
+ "recordsFiltered" => $recordFiltered,
+ "data" => $seznam // polje z vsebino
+ ]);
+ }
+
+ /**
+ * Izbrišemo uporabnika, še vendo pa hranimo njegove ankete
+ */
+ function ajax_all_users_list_delete(){
+ $uid = (!empty($_POST['uid']) ? $_POST['uid'] : null);
+
+ if($this->sebeNeMoreIzbrisati($uid)){
+ return false;
+ }
+
+ $result = sisplet_query ("UPDATE users SET status=0, email=CONCAT('D3LMD-', UNIX_TIMESTAMP(), email) WHERE id='".$uid."'");
+ }
+
+ function ajax_all_users_list_ban(){
+ $uid = (!empty($_POST['uid']) ? $_POST['uid'] : null);
+
+ if($this->sebeNeMoreIzbrisati($uid)){
+ return false;
+ }
+
+ $user = sisplet_query ("SELECT id, status FROM users WHERE id='".$uid."'", 'obj');
+
+ $status = 0;
+ if($user->status == 0)
+ $status = 1;
+
+ sisplet_query ("UPDATE users SET status='".$status."' WHERE id='".$uid."'");
+ }
+
+ private function sebeNeMoreIzbrisati($id){
+ global $global_user_id;
+
+ if($global_user_id == $id)
+ return TRUE;
+
+ return false;
+ }
+
+
+ private function jeAdministrator()
+ {
+ global $admin_type;
+
+ if ($admin_type == 0) {
+ return TRUE;
+ }
+
+ return FALSE;
+ }
+
+ /**
+ * Pridobimo vrste uporabnika v besedilni obliki
+ *
+ * @param $db_type
+ *
+ * @return mixed
+ */
+ function userTypeToText($db_type)
+ {
+ global $lang;
+
+ $type = $lang['admin_narocnik'];
+
+ switch ($db_type) {
+ case 0:
+ $type = $lang['admin_admin'];
+ break;
+ case 1:
+ $type = $lang['admin_manager'];
+ break;
+ case 2:
+ case 3:
+ $type = $lang['admin_narocnik'];
+ break;
+ }
+
+ return $type;
+ }
+
+ /**
+ * Seznam vseh izbrisanih uporabnikov, ki jih pridobi datatables
+ */
+ function ajax_delete_users_list()
+ {
+ global $admin_languages;
+ $seznam = [];
+
+ $resultQuery = sisplet_query("SELECT name, surname, SUBSTRING(REPLACE (email, 'D3LMD-', ''),11) as email, type, DATE_FORMAT(when_reg, '%d.%m.%Y') as registriran, lang FROM users WHERE email LIKE ('D3LMD-%')");
+ $resultU = lazyLoadSqlObj($resultQuery);
+
+ if (!empty($resultU) && $this->jeAdministrator()) {
+
+ if (!empty($resultU->name)) {
+ $izbrisani[] = $resultU;
+ } else {
+ $izbrisani = $resultU;
+ }
+
+ foreach ($izbrisani as $uporabnik) {
+ $seznam[] = [
+ iconv(mb_detect_encoding( $uporabnik->name, mb_detect_order(), true), "UTF-8", $uporabnik->name) .' '.iconv(mb_detect_encoding( $uporabnik->surname, mb_detect_order(), true), "UTF-8", $uporabnik->surname),
+ iconv(mb_detect_encoding( $uporabnik->email, mb_detect_order(), true), "UTF-8", $uporabnik->email),
+ $this->userTypeToText($uporabnik->type),
+ $admin_languages[$uporabnik->lang],
+ $uporabnik->registriran,
+ ];
+ }
+ }
+
+ echo json_encode([
+ "data" => $seznam // polje z vsebino
+ ]);
+
+ }
+
+ public function ajax_unsigned_users_list()
+ {
+ global $admin_languages;
+ $seznam = [];
+
+ $odjavljeniQuery = sisplet_query("SELECT name, surname, SUBSTRING(REPLACE (email, 'UNSU8MD-', ''),11) as email, type, DATE_FORMAT(when_reg, '%d.%m.%Y') as registriran, status, lang FROM users WHERE email LIKE ('UNSU8MD-%')");
+ $odjavljeni_db = lazyLoadSqlObj($odjavljeniQuery);
+
+ if (!empty($odjavljeni_db) && $this->jeAdministrator()) {
+
+ if (!empty($odjavljeni_db->name)) {
+ $odjavljeni[] = $odjavljeni_db;
+ } else {
+ $odjavljeni = $odjavljeni_db;
+ }
+
+ foreach ($odjavljeni as $uporabnik) {
+ $seznam[] = [
+ iconv(mb_detect_encoding( $uporabnik->name, mb_detect_order(), true), "UTF-8", $uporabnik->name) .' '.iconv(mb_detect_encoding( $uporabnik->surname, mb_detect_order(), true), "UTF-8", $uporabnik->surname),
+ iconv(mb_detect_encoding( $uporabnik->email, mb_detect_order(), true), "UTF-8", $uporabnik->email),
+ $this->userTypeToText($uporabnik->type),
+ $admin_languages[$uporabnik->lang],
+ $uporabnik->registriran,
+ ];
+ }
+ }
+
+ echo json_encode([
+ "data" => $seznam // polje z vsebino
+ ]);
+ }
+
+ public function ajax_unconfirmed_mail_user_list_delet_user()
+ {
+ $uid = (!empty($_POST['uid']) ? $_POST['uid'] : NULL);
+
+ if (empty($uid)) {
+ return NULL;
+ }
+
+ sisplet_query("DELETE FROM users_to_be WHERE id='" . $uid . "'");
+
+ echo 'ok';
+ }
+
+ public function ajax_confirm_user_email(){
+ global $pass_salt;
+ global $lang;
+ global $app_settings;
+
+ $uid = (!empty($_POST['uid']) ? $_POST['uid'] : NULL);
+
+ if (empty($uid)) {
+ return NULL;
+ }
+
+ // kopirano iz user_to_be v users
+ $result = sisplet_query("SELECT type, email, name, surname, pass, status, gdpr_agree, when_reg, came_from, lang FROM users_to_be WHERE id='" . $uid . "'");
+
+ if (mysqli_num_rows($result) > 0) {
+ $r = mysqli_fetch_assoc($result);
+ $g = base64_encode((hash('SHA256', base64_decode($r['pass']) . $pass_salt)));
+
+ sisplet_query("INSERT INTO users (type, email, name, surname, pass, status, gdpr_agree, when_reg, came_from, lang, manuallyApproved)
+ VALUES ('" . $r['type'] . "', '" . $r['email'] . "', '" . $r['name'] . "', '" . $r['surname'] . "', '" . $g . "','" . $r['status'] . "', '" . $r['gdpr_agree'] . "','" . $r['when_reg'] . "', '" . $r['came_from'] . "', '" . $r['lang'] . "', 'Y')");
+ sisplet_query("DELETE FROM users_to_be WHERE id='" . $uid . "' OR email='" . $r['email'] . "'");
+
+
+ // Uporabniku posljemo email da je bil njegov racun aktiviran
+ $Content = $lang['confirmed_user_mail'];
+
+ // Podpis
+ $signature = Common::getEmailSignature();
+ $Content .= $signature;
+
+ // Ce gre slucajno za virutalko
+ $Subject = $lang['confirmed_user_mail_subject'];
+
+ $PageName = $app_settings['app_name'];
+ $ZaMail = '<!DOCTYPE HTML PUBLIC"-//W3C//DTD HTML 4.0 Transitional//EN">'.'<html><head> <title>'.$Subject.'</title><meta content="text/html; charset=utf-8" http-equiv=Content-type></head><body>';
+
+ // Besedilo v lang dilu je potrebno popravit, ker nimamo vec cel kup parametrov
+ $Content = str_replace("SFNAME", $r['name'].' '.$r['surname'], $Content);
+ $Content = str_replace("SFPAGENAME", $PageName, $Content);
+
+ $Subject = str_replace("SFPAGENAME", $PageName, $Subject);
+
+ $ZaMail .= $Content;
+ $ZaMail .= "</body></html>";
+
+ // Za testiranje brez posiljanja maila
+ if(isDebug()) {
+ echo $ZaMail;
+ die();
+ }
+
+ // Posljemo mail, da je bil racun aktiviran
+ try{
+ $MA = new MailAdapter(null, 'account');
+ $MA->addRecipients($r['email']);
+ $result = $MA->sendMail($ZaMail, $Subject);
+ }
+ catch (Exception $e){
+ echo $e;
+ }
+
+ echo 'ok';
+ }
+ else {
+ echo 'non';
+ }
+ }
+
+ public function ajax_unconfirmed_mail_user_list()
+ {
+ global $admin_languages;
+ global $lang;
+ $seznam = [];
+
+ $resultQuery = sisplet_query("SELECT id, name, surname, email, type, DATE_FORMAT(when_reg, '%d.%m.%Y') as registriran, lang FROM users_to_be");
+ $resultU = lazyLoadSqlObj($resultQuery);
+
+ if (!empty($resultU)) {
+
+ // V kolikor imamo samo eno vrstico vpisano, potem objekt spremenimo v multiarray
+ if (!empty($resultU->name)) {
+ $nepotrjeni[] = $resultU;
+ } else {
+ $nepotrjeni = $resultU;
+ }
+
+ $seznam = [];
+ foreach ($nepotrjeni as $uporabnik) {
+ $seznam[] = [
+ iconv(mb_detect_encoding( $uporabnik->name, mb_detect_order(), true), "UTF-8", $uporabnik->name) .' '.iconv(mb_detect_encoding( $uporabnik->surname, mb_detect_order(), true), "UTF-8", $uporabnik->surname),
+ iconv(mb_detect_encoding( $uporabnik->email, mb_detect_order(), true), "UTF-8", $uporabnik->email),
+ $this->userTypeToText($uporabnik->type),
+ $admin_languages[$uporabnik->lang],
+ $uporabnik->registriran,
+ '<a href="#" onclick="potrdiNepotrjenegaUporabnika(' . $uporabnik->id . ')" title="' . $lang['confirm_user_in_db'] . '"><i class="fa fa-check link-sv-moder"></i> <span class="no-print"> | </span>' .
+ '<a href="#" onclick="izbrisiNepotrjenegaUporabnika(' . $uporabnik->id . ')" title="'.$lang['delete_user_in_db'].'"><i class="fa fa-times link-sv-moder"></a>',
+ ];
+ }
+ }
+
+ echo json_encode([
+ "data" => $seznam // polje z vsebino
+ ]);
+ }
+
+ // Popup z dodeljenimi uporabniki
+ private function ajax_dodeljeni_uporabniki_display(){
+ global $lang;
+
+ $manager = (isset($_POST['manager'])) ? $_POST['manager'] : '0';
+
+ if($manager == '' || $manager == '0'){
+ return;
+ }
+
+
+ echo '<div class="popup_close"><a href="#" onClick="dodeljeni_uporabniki_close(); return false;">✕</a></div>';
+
+ echo '<h2>'.$lang['srv_manager_count'].'</h2>';
+
+
+ echo '<div class="popup_content dodeljeni_uporabniki">';
+
+ // Seznam dodeljenih uporabnikov
+ $sqlUsers = sisplet_query("SELECT u.id, u.name, u.surname, u.email, u.status
+ FROM users u, srv_dostop_manage m
+ WHERE u.id=m.user AND m.manager='".$manager."'
+ ");
+ if(mysqli_num_rows($sqlUsers) > 0){
+
+ echo '<ul>';
+
+ while($rowUsers = mysqli_fetch_array($sqlUsers)){
+ echo '<li>';
+
+ echo ' <span>';
+ echo $rowUsers['name'].' '.$rowUsers['surname'].' ('.$rowUsers['email'].')';
+ if($rowUsers['status'] == '0')
+ echo ' - <span class="red italic">NEAKTIVEN</span>';
+ echo ' </span>';
+
+ echo ' <span><a onClick="dodeljeni_uporabniki_remove(\''.$manager.'\', \''.$rowUsers['id'].'\');">'.$lang['hour_remove'].'</a></span>';
+
+ echo '</li>';
+ }
+
+ echo '</ul>';
+ }
+
+ // Dodajanje novega uporabnika
+ echo '<h4>'.$lang['srv_manager_add_admin'].'</h4>';
+ echo '<div class="add_user">';
+
+ echo '<form class="manager_add_user" name="admin_add_dostop" action="ajax.php?t=dostop&a=admin_add_user" method="post">';
+
+ echo '<h3><b>'.$lang['srv_manager_add_user_popup'].'</b></h3>';
+ echo '<p><select name="add_user_id" id="add_user_id" class="js-obstojeci-uporabniki-admin-ajax" style="width: 300px;"></select></p>';
+
+ echo '<p><div class="buttonwrapper floatLeft">';
+ echo ' <a class="ovalbutton ovalbutton_orange" href="#" onClick="dodeljeni_uporabniki_add(\''.$manager.'\', \''.$rowUsers['id'].'\');">'.$lang['add'].'</a>';
+ echo '</div></p><br><br>';
+
+ echo '</form>';
+
+ echo '<script>$(\'.js-obstojeci-uporabniki-admin-ajax\').select2({
+ minimumInputLength: 3,
+ ajax: {
+ url: \'ajax.php?t=dostop&a=find_user\',
+ dataType: \'json\'
+ }
+ });</script>';
+
+ echo '</div>';
+
+ echo '</div>';
+
+
+ echo '<div class="buttons_holder">';
+ echo '<span class="buttonwrapper floatRight" title="'.$lang['srv_zapri'].'"><a class="ovalbutton ovalbutton_gray" href="#" onclick="dodeljeni_uporabniki_close(); return false;"><span>'.$lang['srv_zapri'].'</span></a></span>';
+ echo '</div>';
+ }
+
+ function isAnketar()
+ {
+ global $admin_type;
+ # preverimo ali je anketar
+ return ($this->checkDostopSub('phone') && $admin_type > 1);
+
+ }
+
+ /**
+ * vrne seznam vseh uporabnikov z dostopom do ankete
+ *
+ */
+ function getDostop()
+ {
+
+ $dostop = [];
+
+ $dostop[0] = $this->getAdminsDostop();
+ $dostop[1] = $this->getManagersDostop();
+ $dostop[2] = $this->getUsersDostop();
+
+ return $dostop;
+ }
+
+ /**
+ * preveri ali imajo do ankete dostop administratorji
+ * ta funkcija ni!!! primerna za preverjat, ce prikazemo anketo
+ * administratorju, ker se mora poleg tega preverjati se, ce je uporabnik
+ * admin pa to
+ *
+ */
+ function getAdminsDostop()
+ {
+
+ SurveyInfo::getInstance()->SurveyInit($this->anketa);
+ $rowa = SurveyInfo::getInstance()->getSurveyRow();
+
+ if (strtotime($rowa['dostop_admin']) >= strtotime(date("Y-m-d"))) {
+ return $rowa['dostop_admin'];
+ }
+
+ return FALSE;
+ }
+
+ /**
+ * kdo ima managerski dostop (od managerjev in administratorjev)
+ *
+ */
+ function getManagersDostop()
+ {
+
+ $sql = sisplet_query("SELECT u.* FROM users u, srv_dostop_manage m WHERE u.id=m.manager AND m.user IN (SELECT uid FROM srv_dostop WHERE ank_id='$this->anketa') ");
+ while ($row = mysqli_fetch_array($sql)) {
+ $dostop[] = $row;
+ }
+
+ return $dostop;
+ }
+
+ /**
+ * kdo od uporabnikov ima dostop
+ *
+ */
+ function getUsersDostop()
+ {
+
+ $sql = sisplet_query("SELECT u.* FROM srv_dostop d, users u WHERE u.id=d.uid AND d.ank_id = '$this->anketa'");
+ while ($row = mysqli_fetch_array($sql)) {
+ $dostop[] = $row;
+ }
+
+ return $dostop;
+ }
+
+ /**
+ * Vrenemo besedni izraz za 1/0 iz podatkovne baze
+ *
+ * @param int $val
+ *
+ * @return mixed
+ */
+ private function vrniDaNe($val = 0)
+ {
+ global $lang;
+
+ if ($val == 1) {
+ return $lang['yes'];
+ }
+
+ return $lang['no1'];
+ }
+
+}
+
+?> \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-23 20:58:40 +0200