Changeset 778caf0

Timestamp:

Oct 12, 2025, 10:40:11 PM (8 weeks ago)

Author:

rgigli <roberto.gigli@…>

Branches:

main

Children:

0d5f1b3

Parents:

7c0bab9

Message:

corretto il login, la gestione degli orari di rilevazione e una query

Location:

admin

Files:

• includes/query.php (modified) (2 diffs)
• login.php (modified) (1 diff)
• modules/gestione_affluenza.php (modified) (1 diff)
• modules/salva_orario_affluenza.php (modified) (2 diffs)
• principale.php (modified) (3 diffs)

admin/includes/query.php

@@ -32 +32 @@
 global $dbi,$prefix,$id_cons_gen;
         if(!$id) $id=$id_cons_gen;
-        $sql="SELECT * FROM ".$prefix."_ele_consultazione where id_cons_gen=$id";
+        $sql="SELECT * FROM ".$prefix."_ele_consultazione where id_cons_gen='$id'";
         $sth = $dbi->prepare("$sql");
         $sth->execute();        
@@ -55 +55 @@
 {
         global $id_cons_gen,$id_comune,$prefix,$dbi;
-        $sql="select id_cons_gen from ".$prefix."_ele_cons_comune where id_comune=$id_comune order by preferita desc limit 0,1"; 
+        $sql="select id_cons_gen from ".$prefix."_ele_cons_comune where id_comune='$id_comune' order by preferita desc limit 0,1"; 
         $sth = $dbi->prepare("$sql");
-        $sth->execute();
+        $sth->execute(); 
         list($row) = $sth->fetch(PDO::FETCH_NUM);
         return($row);   

admin/login.php

@@ -69 +69 @@
         $mpwd=md5($pwd);
         if (isset($_POST['id_comune']) and intval($_POST['id_comune'])>0) $id_comune=intval($_POST['id_comune']); else $id_comune=$row['siteistat'];
-                $sth = $dbi->prepare("select pwd,adminop,adminsuper,counter,admlanguage from ".$prefix."_authors where binary aid='$aid' and (id_comune='$id_comune' or adminsuper='1')");
+                $sth = $dbi->prepare("select pwd,adminop,adminsuper,counter,admlanguage from ".$prefix."_authors where binary aid='$aid' and pwd='$mpwd' and (id_comune='$id_comune' or adminsuper='1')");
                 $sth->execute();        
                 $esiste=$sth->rowCount();

admin/modules/gestione_affluenza.php

@@ -1 +1 @@
 <?php
 require_once '../includes/check_access.php';
-global $id_cons_gen;
-$row=dati_consultazione($id_cons_gen);
+$id_cons_gen=$_SESSION['id_cons_gen'];
+$row=dati_consultazione(0);
 $dataInizio=$row[0]['data_inizio'];
 $dataFine=$row[0]['data_fine'];

admin/modules/salva_orario_affluenza.php

@@ -23 +23 @@
         $orario="$ora:00";
 global $prefix,$fileout,$aid,$id_cons_gen;
-        
+$id_cons=$_SESSION['id_cons'];
 $salvato=1;
 if($op=='cancella'){
@@ -55 +55 @@
         if($salvato){
                 $datal=date('Y-m-d');
+#               $datal=date('d-m-Y');
                 $orariol=date(' H:i:s');
                 $riga=addslashes($sql);
-                $sqlog="insert into ".$prefix."_ele_log values('','','$aid','$datal','$orariol','','$riga','".$prefix."_ele_rilaff - nuovo affluenza: $id_cons_gen - $data - $orario ')";
+                $sqlog="insert into ".$prefix."_ele_log values('$id_cons','0','$aid','$datal','$orariol','','$riga','".$prefix."_ele_rilaff')";
                 $res = $dbi->prepare("$sqlog");
                 $res->execute();

admin/principale.php

@@ -109 +109 @@
 $id_comune=$_SESSION['id_comune'];
 $perms=0;
-$sql="select adminsuper, admincomune, adminop  from ".$prefix."_authors where aid='$aid' and pwd='$pwd' and (id_comune='$id_comune' or id_comune=0)";
+$sql="select adminsuper, admincomune, adminop  from ".$prefix."_authors where aid='$aid' and pwd='$pwd' and (id_comune='$id_comune' or id_comune='0')";
 $sth = $dbi->prepare("$sql");
 $sth->execute();        
@@ -121 +121 @@
         $admincomune=0;
         $oper=1;
-}       
+}
         if ($adminsuper==1)
                 return 256;
@@ -136 +136 @@
                 $sql="select permessi from ".$prefix."_ele_operatori where id_cons='$id_cons' and aid='$aid'";
                 $sth = $dbi->prepare("$sql");
-                $sth->execute();                
+                $sth->execute();
                 list($perms) = $sth->fetch(PDO::FETCH_NUM);
                 return $perms;