From: Kilian Saffran Date: Tue, 12 Jan 2021 15:12:22 +0000 (+0100) Subject: v202101121612 t1.0.27 X-Git-Tag: 1.0.27 X-Git-Url: http://cloud.dks.lu/git/?a=commitdiff_plain;h=5b323316ecb0385a2423b7db42c672a361247137;p=pot_lu.git v202101121612 t1.0.27 --- diff --git a/.vscode/snippets.code-snippets b/.vscode/snippets.code-snippets new file mode 100644 index 00000000..b576737a --- /dev/null +++ b/.vscode/snippets.code-snippets @@ -0,0 +1,148 @@ +{ + "input-hidden": { + "scope":"html", + "prefix":"input-hidden", + "body":[""] + }, + "input-date": { + "scope":"html", + "prefix":"input-date", + "body":["
", + "\t", + "\t", + "
"] + }, + "input-text": { + "scope":"html", + "prefix":"input-text", + "body":["
", + "\t", + "\t", + "
"] + }, + "input-number": { + "scope":"html", + "prefix":"input-number", + "body":["
", + "\t", + "\t", + "
"] +}, + "form":{ + "scope":"html", + "prefix":"form", + "body":"
$0
" + }, + "row": { + "scope":"html", + "prefix":"row", + "body":"
$0
" + }, + "cellrow": { + "scope":"html", + "prefix":"cellrow", + "body":"
$0
" + }, + "panel": { + "scope":"html", + "prefix":"panel", + "body":["
","$0","
"] + }, + "select": { + "scope":"html", + "prefix": "select", + "body":[ + "
", + "\t", + "\t", + "
"] + }, + "checkbox": { + "scope":"html", + "prefix": "checkbox", + "body": ["
","\t
", + "\t\t
", + "\t\t\t
", + "\t\t\t\t data-column=\"$3\" data-table=\"$2\" data-id=\"\" value=\"\" type=\"checkbox\" />", + "\t\t\t
", + "\t\t\t
${4: checkbox label text}
","\t\t
","\t
","
"] + }, + "textarea": { + "scope":"html", + "prefix":"textarea", + "body":[ + "
", + "\t", + "\t", + "
" + ] + }, + "topbarlistpage":{ + "scope":"html", + "prefix":"topbar-listpage", + "body":["
", + "Home", + "
${1:Page Title}
", + "
", + "\t", + "\t", + "\t", + "\t", + "
", + "
", + "\t", + "
", + "
", + "\t
", + "\t\t", + "\t\t", + "\t\t", + "\t\t ", + "\t
", + "
", + "
"] + }, + "topbarformpage":{ + "scope":"html", + "prefix":"topbar-formpage", + "body": [ + "
", + "\t", + "\t
${2: title}
", + "
"] + }, + "tablebar":{ + "scope":"html", + "prefix":"tablebar", + "body":["
", + "
${1:Page Title}
", + "\t", + "\t", + "\t", + "\t", + "
"] + }, + "display-container":{ + "scope":"html", + "prefix":"display-container", + "body": [ + "
", + "
"] + } + // Place your oldbell_lu workspace snippets here. Each snippet is defined under a snippet name and has a scope, prefix, body and + // description. Add comma separated ids of the languages where the snippet is applicable in the scope field. If scope + // is left empty or omitted, the snippet gets applied to all languages. The prefix is what is + // used to trigger the snippet and the body will be expanded and inserted. Possible variables are: + // $1, $2 for tab stops, $0 for the final cursor position, and ${1:label}, ${2:another} for placeholders. + // Placeholders with the same ids are connected. + // Example: + // "Print to console": { + // "scope": "javascript,typescript", + // "prefix": "log", + // "body": [ + // "console.log('$1');", + // "$2" + // ], + // "description": "Log output to console" + // } +} \ No newline at end of file diff --git a/app/index.cgi b/app/index.cgi index 472fa2a4..adc7b837 100644 --- a/app/index.cgi +++ b/app/index.cgi @@ -25,10 +25,10 @@ my $sess = (); my $se = session->new({db => $db}); $vars->{ua} = $ENV{HTTP_USER_AGENT}; -if (($vars->{ua} !~ /^POT/) || ($vars->{ua} !~ /iPad/)){ +if (($vars->{ua} !~ /^POT/) && ($vars->{ua} !~ /iPad/)){ print "Location: https://www.plandutravail.lu\n\n"; exit(0); - } +} $vars->{realpath} = $cgi->url({-absolute=>1}); $vars->{filepath} = substr($cgi->url({-absolute=>1}),length($vars->{basepath})+1); $vars->{baseurl} = $cgi->url({-base=>1}).'/'.$vars->{basepath}; @@ -144,8 +144,8 @@ $vars->{remote_addr} = $ENV{REMOTE_ADDR}; my $template = Template->new({INCLUDE_PATH => [$sitecfg->{tmplpath}]}); $template->process($skl,$vars) || die "Template process failed: ", $template->error(), "\n"; $db->disconnect(); -if ($vars->{page} =~ /\.tt/){ - print '
'.Dumper($vars)."
";
- } 
+# if ($vars->{page} =~ /\.tt/){
+#      print '
'.Dumper($vars)."
";
+#  } 
 
 
diff --git a/app/lib/session.pm b/app/lib/session.pm
index 74d63bb5..0cca33e9 100644
--- a/app/lib/session.pm
+++ b/app/lib/session.pm
@@ -61,31 +61,7 @@ sub savepassword(){
   return 1;
 }
 
-# sub admin_sendpassword(){
-#   my $self = shift;
-#   my $email = shift;
-#   my $ret->{messagetype} ='red';
-#   $ret->{message} = "email inconnue!";
-#   my $sql = "select id,userpassword,surname,prename from users where username='".$self->{db}->securetext($email)."';";
-#   my $ex = $self->{db}->querysorted($sql);
-#   if (keys(%{$ex}) > 0){
-#     my $newpwd = $self->randomstring(12);
-#     my $pwd = sha256_hex($newpwd);
-#     $self->{db}->exec("UPDATE users SET userpassword = '".$pwd."' WHERE id='".$ex->{0}->{id}."';");
-#     my $data->{newpassword} = $newpwd;
-#     $data->{name} = $ex->{0}->{prename}." ".$ex->{0}->{surname};
-#     my $eml = sendemail->new();
-#     my $mret = $eml->sendemail('user_forgotpasswd',$email,$data);
-#     if ($mret != 0){
-#       $ret->{messagetype} ='red';
-#       $ret->{message} = "Pour le moment il n'y est pas possible de recevoir un nouveau mot de passe, 
si besoin contacter le support!";
-#       return $ret;
-#     }
-#     $ret->{message} = "nous vous avons envoyés un nouveau mot de passe par email!";
-#     $ret->{messagetype} = "green";
-#   }
-#   return $ret;
-# }
+
 
 
 sub passwordforgotten(){
@@ -114,102 +90,15 @@ sub passwordforgotten(){
   return $ret;
 }
 
-# sub registeruser(){
-#   my $self = shift;
-#   my $data = shift;
-#   my $ret->{messagetype} ='red';
-#   $ret->{message} = "Une erreur c'est produite, essayer plus tard!";
-#   $ret->{page} = "message.tt";
-#   my @reqfields = ("companies_company","terms","users_email","members_phone","members_surname","members_prename","members_job");
-#   my $reqf = 1;
-#   foreach my $rf (@reqfields){
-#     if (!exists($data->{$rf})){
-#       $reqf = 0;
-#     }
-#   }
-#   if ($reqf == 0){
-#     $ret->{message} = "Rempissez tous les champs s.v.p.!";
-#     $ret->{page} =  "register.tt";
-#     return $ret;
-#   }
-#   foreach my $d (%{$data}){
-#     $data->{$d} = $self->{db}->securetext($data->{$d});
-#   }
-  
-#   my $user = $self->{db}->querysorted("select id from users where username='".$data->{users_email}."';");
-#   if (keys(%{$user}) > 0){
-#     $ret->{page} = "register.tt";
-#     $ret->{message} = "Il y existe déjà un utilisateur avec la mème adresse e-mail!";
-#     return $ret; 
-#   }
-  
-#   my $newcode = $self->randomstring(6);
-
-#   my $newuserid = $self->{db}->querysorted("INSERT INTO users (username,vcode) VALUES ('".$data->{users_email}."','".$newcode."') returning id;");
-#   #$self->{db}->exec("INSERT INTO useringroups (id_user,id_group) VALUES ('".$newuserid->{0}->{id}."',(select id from usergroups where isdefault=true));");
-#   my $company = $self->{db}->querysorted("select id from companies where link=unaccent_string('".$data->{companies_company}."');");
-#   if (keys(%{$company}) == 0 ){
-#     $company = $self->{db}->querysorted("INSERT INTO companies (company,link) VALUES ('".$data->{companies_company}."',unaccent_string('".$data->{companies_company}."')) returning id;");
-#     #$self->{db}->exec("INSERT INTO useringroups (id_user,id_group) VALUES ('".$newuserid->{0}->{id}."',(select id from usergroups where usergroup='company'));");
-#   }
-#   $self->{db}->exec("INSERT INTO members (surname, prename, phone, id_user, id_company, job) VALUES('".$data->{members_surname}."', '".$data->{members_prename}."', '".$data->{members_phone}."', ".$newuserid->{0}->{id}.", ".$company->{0}->{id}.", '".$data->{members_job}."');");
-#   my $maildata->{vcode} = $newcode;
-#   my $eml = sendemail->new();
-#   my $mret = $eml->sendemail('user_verification',$newuserid->{0}->{id},$data->{users_email},$maildata,undef);
-#   if ($mret == 0){
-#     $ret->{message} = "Merci,
nous vous avons envoyé un email,avec un code de vérification!
Entrez ce code ci dessous, pour valider votre compte!
en cas de problèmes envoyer un email à info\@solana-architecture.lu";
-#     $ret->{messagetype} = "green";
-#     $ret->{page} = "validationcode.tt";
-#   } else {
-#     $self->{db}->exec("UPDATE users set username='".$data->{users_email}."',vcode=null where id=".$newuserid->{0}->{id}." ;");
-#     $ret->{message} = "nous ne pouvons pas envoyer un email à  '".$data->{users_email}."' ! Si cette email n'existe pas, régisterez-vous avec un email existant!
en cas de problèemes envoyer un email à  info\@solana-architecture.lu";
-#     $ret->{messagetype} = "red";
-#     $ret->{page} = "register.tt";
-#   }
-# 	#$self->{db}->exec("insert into appaccess (id_user) values (".$newuserid->{0}->{id}.");");
-#   # $ret->{messagetype} =  "green";
-  
-#   return $ret;
-# }
 
 
-# sub validateaccount(){
-#   my $self = shift;
-#   my $data = shift;
-#   foreach my $d (%{$data}){
-#     $data->{$d} = $self->{db}->securetext($data->{$d});
-#   }
-  
-#   my $ret->{messagetype} ='red';
-#   my $vcodedata = $self->{db}->querysorted("select id,vcode,username from users where vcode='".$data->{vcode}."';");
-#   if (keys(%{$vcodedata}) == 0){
-#     $ret->{message} = "code inconnue!";
-#     $ret->{page} = "validationcode.tt";
-#   }
-#   my $newpwd = $self->randomstring(12);
-#   my $pwd = sha256_hex($newpwd);
-#   my $maildata->{password} = $newpwd;
-#   my $eml = sendemail->new();
-#   my $newuserid = $self->{db}->querysorted("UPDATE users set userpassword='".$pwd."',vcode=null,regcode=null where id=".$vcodedata->{0}->{id}." returning id,username;");
-#   my $mret = $eml->sendemail('user_registration',$vcodedata->{0}->{id},$vcodedata->{0}->{username},$maildata,undef);
-#   if ($mret == 0){
-#     $ret->{message} = "Merci,
Nous vous avons envoyé un email avec les données nécessaires pour se connecter!";
-#     $ret->{messagetype} = "green";
-#     $ret->{page} = "message.tt";
-#   } else {
-#     $ret->{message} = "NOus n'avons pas pu vous envoyé un email à '".$newuserid->{0}->{username}."'! Si l'addresse email n'existe pas, essayer avec un email existant!";
-#     $ret->{page} = "message.tt";
-#   }
-#   return $ret;
-# }
-
 sub getsession($){
   my $self = shift;
   my $sid = shift;
   my $sql = "select se.id as idsession,us.lang,us.id,us.username,ugrp.id as usergroup,us.id_staffgroups as staffgroups,se.sessiondata from sessions se 
 join users us on (us.id=se.id_user)
 left join usergroups ugrp on (ugrp.id=us.id_usergroup)
-where se.id= '".$self->{db}->securetext($sid)."' and se.remote_addr= '".$ENV{REMOTE_ADDR}."' and 
+where se.id= '".$self->{db}->securetext($sid)."' and se.remote_addr= '".$ENV{REMOTE_ADDR}."' and (se.user_agent LIKE '".'%POT%'."' OR se.user_agent LIKE ''".'%iPad%'."'') and 
 us.isblocked is null group by se.id,us.id,ugrp.id;";
  #and se.user_agent LIKE 'POT/%/%/%'
   my $res= $self->{db}->querysorted($sql);
@@ -304,4 +193,119 @@ sub randstr(){
 #   return 1;
 # }
 
+# sub registeruser(){
+#   my $self = shift;
+#   my $data = shift;
+#   my $ret->{messagetype} ='red';
+#   $ret->{message} = "Une erreur c'est produite, essayer plus tard!";
+#   $ret->{page} = "message.tt";
+#   my @reqfields = ("companies_company","terms","users_email","members_phone","members_surname","members_prename","members_job");
+#   my $reqf = 1;
+#   foreach my $rf (@reqfields){
+#     if (!exists($data->{$rf})){
+#       $reqf = 0;
+#     }
+#   }
+#   if ($reqf == 0){
+#     $ret->{message} = "Rempissez tous les champs s.v.p.!";
+#     $ret->{page} =  "register.tt";
+#     return $ret;
+#   }
+#   foreach my $d (%{$data}){
+#     $data->{$d} = $self->{db}->securetext($data->{$d});
+#   }
+  
+#   my $user = $self->{db}->querysorted("select id from users where username='".$data->{users_email}."';");
+#   if (keys(%{$user}) > 0){
+#     $ret->{page} = "register.tt";
+#     $ret->{message} = "Il y existe déjà un utilisateur avec la mème adresse e-mail!";
+#     return $ret; 
+#   }
+  
+#   my $newcode = $self->randomstring(6);
+
+#   my $newuserid = $self->{db}->querysorted("INSERT INTO users (username,vcode) VALUES ('".$data->{users_email}."','".$newcode."') returning id;");
+#   #$self->{db}->exec("INSERT INTO useringroups (id_user,id_group) VALUES ('".$newuserid->{0}->{id}."',(select id from usergroups where isdefault=true));");
+#   my $company = $self->{db}->querysorted("select id from companies where link=unaccent_string('".$data->{companies_company}."');");
+#   if (keys(%{$company}) == 0 ){
+#     $company = $self->{db}->querysorted("INSERT INTO companies (company,link) VALUES ('".$data->{companies_company}."',unaccent_string('".$data->{companies_company}."')) returning id;");
+#     #$self->{db}->exec("INSERT INTO useringroups (id_user,id_group) VALUES ('".$newuserid->{0}->{id}."',(select id from usergroups where usergroup='company'));");
+#   }
+#   $self->{db}->exec("INSERT INTO members (surname, prename, phone, id_user, id_company, job) VALUES('".$data->{members_surname}."', '".$data->{members_prename}."', '".$data->{members_phone}."', ".$newuserid->{0}->{id}.", ".$company->{0}->{id}.", '".$data->{members_job}."');");
+#   my $maildata->{vcode} = $newcode;
+#   my $eml = sendemail->new();
+#   my $mret = $eml->sendemail('user_verification',$newuserid->{0}->{id},$data->{users_email},$maildata,undef);
+#   if ($mret == 0){
+#     $ret->{message} = "Merci,
nous vous avons envoyé un email,avec un code de vérification!
Entrez ce code ci dessous, pour valider votre compte!
en cas de problèmes envoyer un email à info\@solana-architecture.lu";
+#     $ret->{messagetype} = "green";
+#     $ret->{page} = "validationcode.tt";
+#   } else {
+#     $self->{db}->exec("UPDATE users set username='".$data->{users_email}."',vcode=null where id=".$newuserid->{0}->{id}." ;");
+#     $ret->{message} = "nous ne pouvons pas envoyer un email à  '".$data->{users_email}."' ! Si cette email n'existe pas, régisterez-vous avec un email existant!
en cas de problèemes envoyer un email à  info\@solana-architecture.lu";
+#     $ret->{messagetype} = "red";
+#     $ret->{page} = "register.tt";
+#   }
+# 	#$self->{db}->exec("insert into appaccess (id_user) values (".$newuserid->{0}->{id}.");");
+#   # $ret->{messagetype} =  "green";
+  
+#   return $ret;
+# }
+
+
+# sub validateaccount(){
+#   my $self = shift;
+#   my $data = shift;
+#   foreach my $d (%{$data}){
+#     $data->{$d} = $self->{db}->securetext($data->{$d});
+#   }
+  
+#   my $ret->{messagetype} ='red';
+#   my $vcodedata = $self->{db}->querysorted("select id,vcode,username from users where vcode='".$data->{vcode}."';");
+#   if (keys(%{$vcodedata}) == 0){
+#     $ret->{message} = "code inconnue!";
+#     $ret->{page} = "validationcode.tt";
+#   }
+#   my $newpwd = $self->randomstring(12);
+#   my $pwd = sha256_hex($newpwd);
+#   my $maildata->{password} = $newpwd;
+#   my $eml = sendemail->new();
+#   my $newuserid = $self->{db}->querysorted("UPDATE users set userpassword='".$pwd."',vcode=null,regcode=null where id=".$vcodedata->{0}->{id}." returning id,username;");
+#   my $mret = $eml->sendemail('user_registration',$vcodedata->{0}->{id},$vcodedata->{0}->{username},$maildata,undef);
+#   if ($mret == 0){
+#     $ret->{message} = "Merci,
Nous vous avons envoyé un email avec les données nécessaires pour se connecter!";
+#     $ret->{messagetype} = "green";
+#     $ret->{page} = "message.tt";
+#   } else {
+#     $ret->{message} = "NOus n'avons pas pu vous envoyé un email à '".$newuserid->{0}->{username}."'! Si l'addresse email n'existe pas, essayer avec un email existant!";
+#     $ret->{page} = "message.tt";
+#   }
+#   return $ret;
+# }
+
+# sub admin_sendpassword(){
+#   my $self = shift;
+#   my $email = shift;
+#   my $ret->{messagetype} ='red';
+#   $ret->{message} = "email inconnue!";
+#   my $sql = "select id,userpassword,surname,prename from users where username='".$self->{db}->securetext($email)."';";
+#   my $ex = $self->{db}->querysorted($sql);
+#   if (keys(%{$ex}) > 0){
+#     my $newpwd = $self->randomstring(12);
+#     my $pwd = sha256_hex($newpwd);
+#     $self->{db}->exec("UPDATE users SET userpassword = '".$pwd."' WHERE id='".$ex->{0}->{id}."';");
+#     my $data->{newpassword} = $newpwd;
+#     $data->{name} = $ex->{0}->{prename}." ".$ex->{0}->{surname};
+#     my $eml = sendemail->new();
+#     my $mret = $eml->sendemail('user_forgotpasswd',$email,$data);
+#     if ($mret != 0){
+#       $ret->{messagetype} ='red';
+#       $ret->{message} = "Pour le moment il n'y est pas possible de recevoir un nouveau mot de passe, 
si besoin contacter le support!";
+#       return $ret;
+#     }
+#     $ret->{message} = "nous vous avons envoyés un nouveau mot de passe par email!";
+#     $ret->{messagetype} = "green";
+#   }
+#   return $ret;
+# }
+
 1;
\ No newline at end of file
diff --git a/app/tmpl/block/dlg_newpassword.tt b/app/tmpl/block/dlg_newpassword.tt
index 38bfc3a1..ace89203 100644
--- a/app/tmpl/block/dlg_newpassword.tt
+++ b/app/tmpl/block/dlg_newpassword.tt
@@ -1,37 +1,37 @@
-