Commit c4bad22f authored by slopez's avatar slopez
Browse files

plus besoin d'avoir pour loguer une action

parent 0a3d0387
This diff is collapsed.
<?php
/* Copyright 2006
* - Julien Etelain < julien at pmad dot net >
*
* Ce fichier fait partie du site de l'Association des Étudiants de
* l'UTBM, http://ae.utbm.fr.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
* 02111-1307, USA.
*/
$topdir="../";
require_once("include/boutique.inc.php");
require_once($topdir."include/cts/sqltable.inc.php");
$site = new boutique();
if(!$site->user->is_in_group("root") && !$site->user->is_in_group("adminboutiqueutbm"))
$site->error_forbidden();
$site->start_page("boutique", "Suivi" );
if(isset($_REQUEST["id_facture"]))
{
$fact = new debitfacture($site->db,$site->dbrw);
if($fact->load_by_id($_REQUEST["id_facture"]))
{
$user=new utilisateur($site->db);
$user->load_by_id($fact->id_utilisateur);
if(isset($_REQUEST["gen_pdf"]))
{
require_once ("include/facture_pdf.inc.php");
$facturing_infos = array ('name' => "Service Communication",
'addr' => array(utf8_decode("UTBM"),
"90010 BELFORT Cedex"),
'logo' => "http://ae.utbm.fr/images/logo_boutique_ut.jpg");
$ht=false;
if($user->is_valid())
{
$factured_infos = array (
'name' => utf8_decode($user->nom)
. " " .
utf8_decode($user->prenom),
'addr' => array(
utf8_decode($user->addresse),
utf8_decode($ville->cpostal)
. " " .
utf8_decode($ville->nom)),
false);
if($user->type=='srv')
{
$factured_infos['srv_obj'] = $fact->objectif;
$factured_infos['srv_eotp'] = $fact->eopt;
$factured_infos['srv_contact'] = $fact->contact;
$factured_infos['srv_centre_financier'] = $fact->centre_financier;
$factured_infos['srv_centre_cout'] = $fact->centre_cout;
$ht=true;
}
else
{
if($fact->mode=='CH')
$factured_infos['mode_paiement'] = 'Chèque';
elseif($fact->mode=='LI')
$factured_infos['mode_paiement'] = 'Espèce';
else
$factured_infos['mode_paiement'] = 'À régler';
}
}
else
{
$adresse=explode("\n",$fact->adresse);
$factured_infos = array (
'name' => utf8_decode($fact->nom)
. " " .
utf8_decode($fact->prenom),
'addr' => $adresse,
false);
if($fact->mode=='CH')
$factured_infos['mode_paiement'] = 'Chèque';
elseif($fact->mode=='LI')
$factured_infos['mode_paiement'] = 'Espèce';
else
$factured_infos['mode_paiement'] = 'À régler';
}
$date_facturation = date("d/m/Y H:i", $fact->date);
$titre = "Facture boutique UTBM";
$ref=' '.sprintf('%06d',$fact->id);
$req = "SELECT * FROM `boutiqueut_vendu`
INNER JOIN `boutiqueut_produits` USING (`id_produit`)
WHERE `id_facture` = $fact->id";
$query = new requete ($site->db, $req);
$total = 0;
while ($line = $query->get_row ())
{
$lines[] = array('nom' => utf8_decode($line['nom_prod']),
'quantite' => intval($line['quantite']),
'prix' => $line['prix_unit'],
'sous_total' => sprintf('%.2f',$line['quantite'] * $line['prix_unit']));
$total += intval($line['quantite']) * $line['prix_unit'];
}
$fact_pdf = new facture_pdf ($facturing_infos,
$factured_infos,
$date_facturation,
$titre,
$ref,
$lines,
$ht);
/* on sort la facture */
$fact_pdf->renderize ();
exit();
}
else
{
$ccts = new contents("<a href=\"admin.php\">Administration</a> / <a href=\"gestion.php\">Gestion</a> / Détail facture");
if($_REQUEST["action"]=='prep')
$fact->set_retire($_REQUEST["id_produit"], $user);
elseif($_REQUEST["action"]=='preps')
foreach($_REQUEST["id_produits"] as $id_produit )
$fact->set_retire($id_produit, $user);
elseif($_REQUEST["action"]=='retirer')
$fact->set_etat(0);
if($fact->ready==1 && $fact->etat==1) // commande à retirer
{
$cts = new contents( "Commande à retirer" );
$cts->add_paragraph("<a href='?id_facture=".$fact->id."&action=retirer'>Marquer comme retirée</a>");
}
elseif($fact->ready==0) // commande en cours de préparation
$cts = new contents( "Commande en attente/cours de préparation" );
else // commande retirée
$cts = new contents("Commande retirée");
$cts->add_paragraph("Facture n° ".$fact->id." du ".date("d/m/Y H:i", $fact->date));
$cts->add_paragraph("facture au format PDF : <a href=\"?id_facture=".$fact->id."&gen_pdf=1\">ici</a>");
if($user->type=='srv')
{
$cts->add_paragraph('Motif : '.$fact->objectif);
$cts->add_paragraph('EOTP : '.(string)$fact->eotp);
$cts->add_paragraph('Contact : '.$fact->contact);
$cts->add_paragraph('Centre financier : '.$fact->centre_financier);
$cts->add_paragraph('Centre de coût : '.$fact->centre_cout);
}
$req = new requete($site->db,
"SELECT id_produit, ".
"`quantite`, " .
"FORMAT(`prix_unit`/100,2) AS `prix_unit`, ".
"FORMAT(`prix_unit`*`boutiqueut_vendu`.`quantite`/100,2) AS `total`, ".
"`nom_prod` " .
"FROM `boutiqueut_vendu` ".
"INNER JOIN boutiqueut_produits USING(id_produit) ".
"WHERE `id_facture` =".$fact->id);
if($fact->ready==1)
{
$cts->add(new sqltable('detailcmd',
'Détail de la commande',
$req,
'',
"id_produit",
array("nom_prod"=>"Produit","quantite"=>"Quantité","total"=>"Total"),
array(),
array()));
}
else
{
$req = new requete($site->db,
"SELECT id_produit, ".
"`quantite`, " .
"FORMAT(`prix_unit`/100,2) AS `prix_unit`, ".
"FORMAT(`prix_unit`*`boutiqueut_vendu`.`quantite`/100,2) AS `total`, ".
"`nom_prod` " .
"FROM `boutiqueut_vendu` ".
"INNER JOIN boutiqueut_produits USING(id_produit) ".
"WHERE a_retirer_vente IS NOT NULL AND `id_facture` =".$fact->id);
$cts->add(new sqltable('detailcmd',
'Produits en attente de préparation',
$req,
'admin_gen_fact.php?id_facture='.$_REQUEST["id_facture"],
"id_produit",
array("nom_prod"=>"Produit","quantite"=>"Quantité","total"=>"Total"),
array('prep'=>'Marquer pret'),
array('preps'=>'Marquer pret')));
}
$ccts->add($cts,true);
$site->add_contents($ccts);
$site->end_page();
exit();
}
}
}
$cts = new contents( "Suivi" );
$cts->add_title(2,"Factures");
$months = array();
$req = new requete($site->db, "SELECT FORMAT(SUM(`montant_facture`),2) as somme, " .
"EXTRACT(YEAR_MONTH FROM `date_facture`) as `month` " .
"FROM `boutiqueut_debitfacture` " .
"WHERE `id_utilisateur`='".$user->id."' " .
"GROUP BY `month` " .
"ORDER BY `month` DESC");
while ( list($sum,$month) = $req->get_row() )
{
$report[$month]["depense"] = $sum;
$months[$month]=$month;
}
if(!empty($report))
{
rsort($months);
$cts->add_title(3,"Bilan mensuel");
$tbl = new table(false,"sqltable");
$tbl->add_row(array("Mois","Depenses"),"head");
$t=0;
foreach( $months as $month )
{
$data = $report[$month];
$t = $t^1;
$mois = substr($month,4);
$annee = substr($month,0,4);
$tbl->add_row(array("$mois / $annee",
"<a href=\"?page=ALL&amp;month=$month\">".($data["depense"]/100)."</a>"),"ln$t");
}
$cts->add($tbl);
}
$req1 = new requete($site->db,
"SELECT " .
"`boutiqueut_debitfacture`.`id_facture`, " .
"`boutiqueut_debitfacture`.`date_facture`, " .
"FORMAT(`boutiqueut_vendu`.`prix_unit`*`boutiqueut_vendu`.`quantite`/100,2) AS `total` " .
"FROM `boutiqueut_vendu` " .
"INNER JOIN `boutiqueut_produits` ON ".
"`boutiqueut_produits`.`id_produit` =`boutiqueut_vendu`.`id_produit` " .
"INNER JOIN `boutiqueut_debitfacture` ON ".
"`boutiqueut_debitfacture`.`id_facture` =`boutiqueut_vendu`.`id_facture` " .
"WHERE " .
"`boutiqueut_debitfacture`.`id_utilisateur` = '".mysql_real_escape_string($user->id) ."' ".
"GROUP BY `boutiqueut_debitfacture`.`id_facture` ".
"ORDER BY `boutiqueut_debitfacture`.`date_facture` DESC");
if ( $req2->lines > 0 )
{
$cts->add_title(3, "Commandes sur facturation");
$cts->add(new sqltable("eblstae",
null,
$req2,
"suivi.php",
"id_facture",
array("id_facture"=>"Numéro de facture",
"total"=>"Montant",
"date_facture"=>"Date"),
array(),
array(),
array()));
}
$ccts = new contents("<a href=\"admin.php\">Administration</a> / <a href=\"gestion.php\">Gestion</a> / Détail facture");
$ccts->add($cts,true);
$site->add_contents($ccts);
$site->end_page();
?>
<?php
/**
* @brief Admin de la boutique utbm
*
*/
/* Copyright 2008
*
* - Simon Lopez <simon POINT lopez CHEZ ayolo POINT org>
*
* Ce fichier fait partie du site de l'Association des étudiants de
* l'UTBM, http://ae.utbm.fr.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
* 02111-1307, USA.
*/
$topdir="../";
require_once("include/boutique.inc.php");
function generate_subform_stock ( $nom,$form_n, $stock_n, $stock_value_n, $stock = -1, $enabled=true )
{
$subfrm=new form ($form_n,false,false,false,$nom);
$subfrm1=new form ($stock_n,false,false,false,"Non limité");
$subfrm->add($subfrm1,false,true,($stock==-1),"nlim",true);
$subfrm2=new form ($stock_n,false,false,false,"Limité à");
$subfrm2->add_text_field($stock_value_n,"",($stock==-1)?"":$stock,false,false,false,$enabled);
$subfrm->add($subfrm2,false,true,($stock!=-1),"lim",true);
return $subfrm;
}
$site = new boutique();
if(!$site->user->is_in_group("root") && !$site->user->is_in_group("adminboutiqueutbm"))
$site->error_forbidden();
$user = new utilisateur($site->db);
$user->load_by_id($_REQUEST['id_utilisateur']);
if(!$user->is_valid() || $user->type !='srv')
header("Location: http://boutique.utbm.fr/admin_utl.php");
$req = new requete($site->db,
"SELECT `boutiqueut_produits`.`nom_prod`, `boutiqueut_produits`.`id_produit`," .
"`boutiqueut_produits`.stock_global_prod, " .
"FORMAT(`boutiqueut_produits`.prix_vente_prod_service/100,2) AS prix_vente_prod " .
"FROM `boutiqueut_produits` " .
"INNER JOIN `boutiqueut_type_produit` ON `boutiqueut_type_produit`.`id_typeprod`=`boutiqueut_produits`.`id_typeprod` " .
"WHERE prod_archive != 1 " .
"AND `boutiqueut_produits`.`id_produit` NOT IN (SELECT id_produit_parent FROM boutiqueut_produits WHERE id_produit_parent IS NOT NULL) ".
"ORDER BY `boutiqueut_produits`.`nom_prod`, `boutiqueut_type_produit`.`nom_typeprod`");
if(isset($_REQUEST['action']))
{
if(($_REQUEST['action']=="newcmd")
|| ($_REQUEST['action']=="validercmd" && $_REQUEST['save']=='Modifier')
)
{
$site->start_page("services","Administration");
$cts = new contents("<a href=\"admin.php\">Administration</a> / Enregistrer une commande");
$cts->add_paragraph("Service concerné : ".$user->nom." ".$user->prenom);
$frm = new form ("genfact","admin_new_fact.php",false,"POST","Enregistrer une commande");
$frm->allow_only_one_usage();
$frm->add_hidden("page","newcmd");
$frm->add_hidden("checksum", gen_uid());
$frm->add_hidden("action","validercmd");
$frm->add_hidden("id_utilisateur",$user->id);
$sum=0;
while(list($nom_prod,$id_produit,$stock_global_prod,$prix)=$req->get_row())
{
$_prix=sprintf("%.2f Euros",$prix);
$frm->add_hidden("max_idprod".$id_produit,$stock_global_prod);
if(isset($_REQUEST['prod'][$id_produit]) && intval($_REQUEST['prod'][$id_produit])!=0)
{
$frm->add_text_field("prod[$id_produit]","<b>$nom_prod</b>",intval($_REQUEST['prod'][$id_produit]),false,false,true,true,$_prix);
$sum=$sum+($prix*intval($_REQUEST['prod'][$id_produit]));
}
else
$frm->add_text_field("prod[$id_produit]","<b>$nom_prod</b>",0,false,false,true,true,$_prix);
}
$frm->add_info('<b>Total : '.sprintf("%.2f Euros",$sum).'</b>');
$frm->add_text_field('eotp','EOTP');
$frm->add_text_field('objectif','Motif','',true);
$req = new requete($site->db,
'SELECT centre_cout FROM boutiqueut_centre_cout WHERE id_utilisateur='.$user->id);
if($req->lines==1)
{
list($cc)=$req->get_row();
$frm->add_hidden('centre_cout',$cc);
$frm->add_info('Centre de coût : '.$cc);
}
else
{
$ccs = array(''=>'--');
while(list($cc)=$req->get_row())
$ccs[$cc]=$cc;
$frm->add_select_field('centre_cout','Centre de coût',$ccs,false,'',true);
}
if($sum>0)
{
$frm->add_submit("save","Modifier");
$frm->add_submit("save","Valider");
}
$frm->add_submit("save","Annuler");
$cts->add($frm,true);
$site->add_contents($cts);
$site->end_page();
exit();
}
elseif($_REQUEST['action']=="validercmd"
&& $_REQUEST['save']=='Valider'
&& (!isset($_SESSION['boutiquechecksum'])
||!isset($_SESSION['boutiquechecksum'][$_REQUEST['checksum']])
)
)
{
if(!isset($_SESSION['boutiquechecksum']))
$_SESSION['boutiquechecksum']=array();
$debfact = new debitfacture ($site->db, $site->dbrw);
foreach ($_REQUEST['prod'] as $id=>$nb)
{
$vp = new venteproduit ($site->db, $site->dbrw);
if($nb>0)
if($vp->load_by_id ($id))
$cpt_cart[] = array($nb, $vp);
}
$debfact->debit ($user,$cpt_cart,0,1,'UT',null,null,null,$_REQUEST['objectif'],$_REQUEST['eotp'],$_REQUEST['centre_cout']);
if($debfact->is_valid())
{
$info='<script language="javascript" type="text/javascript">newwindow=window.open(\'admin_gen_fact.php?id_facture='.$debfact->id.'\',\'facture\',\'height=500,width=300\');</script>';
$_SESSION['boutiquechecksum'][$_REQUEST['checksum']]=$debfact->id;
}
}
else
{
$info='<script language="javascript" type="text/javascript">newwindow=window.open(\'admin_gen_fact.php?id_facture='.$_SESSION['boutiquechecksum'][$_REQUEST['checksum']].'\',\'facture\',\'height=500,width=300\');</script>';
}
}
$site->start_page("services","Administration");
$cts = new contents("<a href=\"admin.php\">Administration</a> / Enregistrer une commande");
$cts->add_paragraph("Service concerné : ".$user->nom." ".$user->prenom);
if(isset($info))
$cts->add_paragraph($info);
$frm = new form ("addtype","admin_new_fact.php",false,"POST","Enregistrer une commande");
$frm->allow_only_one_usage();
$frm->add_hidden("page","newcmd");
$frm->add_hidden("action","newcmd");
$frm->add_hidden("id_utilisateur",$user->id);
while(list($nom_prod,$id_produit,$stock_global_prod,$prix)=$req->get_row())
{
$prix=sprintf("%.2f Euros",$prix);
$frm->add_hidden("max_idprod".$id_produit,$stock_global_prod);
$frm->add_text_field("prod[$id_produit]","<b>$nom_prod</b>","",false,false,true,true,$prix);
}
$frm->add_submit("valid","Valider");
$cts->add($frm,true);
$site->add_contents($cts);
$site->end_page();
?>
<?php
/**
* @brief Admin de la boutique utbm
*
*/
/* Copyright 2008
*
* - Simon Lopez <simon POINT lopez CHEZ ayolo POINT org>
*
* Ce fichier fait partie du site de l'Association des étudiants de
* l'UTBM, http://ae.utbm.fr.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
* 02111-1307, USA.
*/
$topdir="../";
require_once("include/boutique.inc.php");
require_once($topdir . "include/cts/sqltable.inc.php");
$site = new boutique();
if(!$site->user->is_in_group("root") && !$site->user->is_in_group("adminboutiqueutbm"))
$site->error_forbidden();
$user = new utilisateur($site->db,$site->dbrw);
if ( isset($_REQUEST["id_utilisateur"]) )
$user->load_by_id($_REQUEST["id_utilisateur"]);
$site->start_page("services","Administration");
if( $user->is_valid() && $user->type=='srv')
{
$cts = new contents("<a href=\"admin.php\">Administration</a> / <a href=\"admin_utl.php\">Services</a> / Service");
$cts->add_title(2,$user->get_display_name());
if($_REQUEST['action']=='real_edit')
{
$_REQUEST['action']='centrecout';
if( isset($_REQUEST['contact'])
&& !empty($_REQUEST['contact'])
&& isset($_REQUEST['centre_cout'])
&& !empty($_REQUEST['centre_cout']))
{
new update($site->dbrw,
'boutiqueut_centre_cout',
array('contact'=>$_REQUEST['contact']),
array('id_utilisateur'=>$user->id,'centre_cout'=>$_REQUEST['centre_cout']));
}
}
if($_REQUEST['action']=='edit' && isset($_REQUEST['centre_cout']) && !empty($_REQUEST['centre_cout']))
{
$_REQUEST['action']='centrecout';
$req=new requete($site->db,
'SELECT contact, centre_cout '.
'FROM boutiqueut_centre_cout '.
'WHERE id_utilisateur=\''.$user->id.'\' '.
'AND centre_cout=\''.mysql_real_escape_string($_REQUEST['centre_cout']).'\'');
if($req->lines==1)
{
$_cts = new contents("Centre de coût");
list($contact,$centre)=$req->get_row();
$frm = new form('edit_centrecout',
'admin_utl.php',
false,
'POST',
'Modification du contact pour le centre de coût "'.$centre.'"');
$frm->add_hidden('id_utilisateur',$user->id);
$frm->add_hidden('action','real_edit');
$frm->add_hidden('centre_cout',$centre);
$frm->add_text_field('contact','Contact',$contact);
$frm->add_submit('submit','Modifier');
$_cts->add($frm,true);
}
}
if($_REQUEST['action']=='centrecout')
{
if(!isset($_cts))
$_cts = new contents("Centre de coût");
if(isset($_REQUEST['nom_centre_cout']) && !empty($_REQUEST['nom_centre_cout']))
$req = new insert($site->dbrw,'boutiqueut_centre_cout',array('id_utilisateur'=>$user->id,'centre_cout'=>$_REQUEST['nom_centre_cout'],'contact'=>$_REQUEST['contact']));
$frm = new form('centrecout',
'admin_utl.php',
false,
'POST',
'Ajouter un centre de coût');
$frm->add_hidden('id_utilisateur',$user->id);
$frm->add_hidden('action','centrecout');
$frm->add_text_field('nom_centre_cout','Centre de coût');
$frm->add_text_field('contact','Contact');
$frm->add_submit('submit','Ajouter');
$_cts->add($frm,true);
$req = new requete($site->db,'SELECT * FROM boutiqueut_centre_cout WHERE id_utilisateur='.$user->id);
$_cts->add(new sqltable("ctcouts",
'Centres de coût existants',
$req,
"?id_utilisateur=".$user->id,
"centre_cout",
array("centre_cout"=>"Centre de coût","contact"=>"Contact"),
array("edit"=>"Éditer"),
array(),
array(),
true,
false),true);
}
elseif($_REQUEST['action']=='changemdp')
{
$centre = "contactez boutique@utbm.fr pour mettre à jour cette information.";
$req = new requete($site->db,'SELECT centre_financier FROM boutiqueut_service_utl WHERE id_utilisateur='.$user->id);
if($req->lines==1)
list($centre)=$req->get_row();
if ( $user->email_utbm )
$email = $user->email_utbm;
else
$email = $user->email;
$pass = genere_pass(10);
$user->change_password($pass);
$body = "Bonjour,
Vous souhaitez proposer des produits UTBM à vos partenaires et invités ?
Vous organisez un congrès ou une conférence et vous avez besoin
d'objets publicitaires UTBM ?
Le service communication vient d'ouvrir une boutique en ligne et vous