Codice PHP:
<?php session_start();
if ($_SESSION['login_staff'] != "ok") {
header("Location: login.php");
exit;
} else {
$_SESSION['setta'] = "utenti";
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
<meta name="generator" content="">
<?php
include("top_foot.inc.php");
?>
</head>
<body>
<div id="header">
<?php /* testata */
top();
?>
<?php /* menusuperiore */
barra();
?>
</div>
<div id="navigation">
<?php include "menu_sx_bk.php"; ?>
</div>
<div id="content">
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
<td width="610" valign="top">
<?php if (checkpermessi("inserimento","utenti",$_SESSION['login_staff_utente'])) { ?>
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="center" valign="top">
<form action="utenti_ins2.php" method="post" name="form" onSubmit="return validateForm(this);">
<table width="550" height="30" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align="center" valign="middle">[b]<font color="#000000">Inserimento
Nuovo Utente</font>[/b]</td>
</tr>
</table>
<table width="500" border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="top">
<div align="center">
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td> <div align="center">
<table border="0" cellpadding="5" cellspacing="0">
<tr>
<td align="right"> Username </td>
<td> <input name="username" type="text" id="username" size="15" maxlength="10">
</td>
</tr>
<tr>
<td align="right">Password </td>
<td> <input name="password" type="text" size="15" maxlength="10">
</td>
</tr>
<tr>
<td align="right">Tipo </td>
<td>
<?php $tipi = array("admin","redattore"); ?>
<select name="tipo" id="tipo">
<?php foreach ($tipi as $ti) {
print "<option value=".$ti.">".ucfirst($ti)."</option>";
}
?>
</select> </td>
</tr>
</table>
<input name="submit" type=submit value="continua">
</div></td>
</tr>
</table>
</div></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
<?php } else {
header("Location: index.php");
exit;
}
?>
</td>
</tr>
</table>
</div>
<div id="footer">
<?php /* footer */
foot();
?>
</div>
</body>
</html>
<?php } ?>
che mi manda al file utenti_ins2
<?php session_start();
if ($_SESSION['login_staff'] != "ok") {
header("Location: login.php");
exit;
} else {
$_SESSION['setta'] = "utenti";
include "connect.php";
?>
<?php $query = mysql_query("INSERT INTO utenti (username,password,tipo) VALUES ('".$username."','".$password."','".$tipo."')"); ?>
<?php if ($tipo == "admin") {
header("Location: utenti_lista.php");
exit;
} else {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
<meta name="generator" content="">
<?php
include("top_foot.inc.php");
?>
</head>
<body>
<div id="header">
<?php /* testata */
top();
?>
<?php /* menusuperiore */
barra();
?>
</div>
<div id="navigation">
<?php include "menu_sx_bk.php"; ?>
</div>
<div id="content">
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
<tr valign="top">
<td width="610" valign="top">
<?php if (checkpermessi("inserimento","utenti",$_SESSION['login_staff_utente'])) { ?>
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="center" valign="top">
<form action="utenti_ins3.php" method="post" name="form">
<table width="550" height="30" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align="center" valign="middle">[b]<font color="#000000">Inserimento
Nuovo Utente</font>[/b]</td>
</tr>
</table>
<table width="500" border="0" cellpadding="0" cellspacing="0">
<tr>
<td> <div align="center">
<table border="0" cellpadding="5" cellspacing="0">
<tr>
<td align="right"> Username </td>
<td> [b]
<input name="username" type="hidden" id="username" value="<?php print "$username"; ?>">
<?php print stripslashes("$username"); ?>[/b]</td>
</tr>
<tr>
<td align="right">Password </td>
<td>[b]
<input name="password" type="hidden" id="password" value="<?php print "$password"; ?>">
<?php print "$password"; ?> [/b]</td>
</tr>
<tr>
<td align="right">Tipo </td>
<td> [b]
<input name="tipo" type="hidden" id="tipo" value="<?php print "$tipo"; ?>">
<?php print "$tipo"; ?> [/b]</td>
</tr>
</table>
</div></td>
</tr>
</table>
<?php if ($tipo != "admin") { ?>
[b]Inserimento Permessi Utente[/b]
<?php $aree = array("utenti","news","appuntamenti","convegni","eventi","rassegna","bacheca","registrazione","circolari"); ?>
<table border="0" cellspacing="1" cellpadding="1">
<tr bgcolor="#ff0000">
<td width="150" height="20">[b]<font color="#FFFFFF"> Aree di gestione[/b]</td>
<td width="70" height="20" align="center">[b]<font color="#FFFFFF"> Inserisci[/b]</td>
<td width="70" height="20" align="center">[b]<font color="#FFFFFF"> Modifica[/b]</td>
<td width="70" height="20" align="center">[b]<font color="#FFFFFF"> Elimina[/b]</td>
<td width="70" height="20" align="center">[b]<font color="#FFFFFF"> Visualizza[/b]</td>
</tr>
<?php foreach ($aree as $area) { ?>
<tr bgcolor="#ffcc00">
<td width="150">[b]<?php print strtr(ucfirst($area),"_"," "); ?>[/b]</td>
<td width="70" align="center"><?php print "<input name=".$area."_inserisci " . " type=checkbox id=".$area."_inserisci " . "value=ok>"; ?></td>
<td width="70" align="center"><?php print "<input name=".$area."_modifica " . " type=checkbox id=".$area."_modifica " . "value=ok>"; ?></td>
<td width="70" align="center"><?php print "<input name=".$area."_elimina " . " type=checkbox id=".$area."_elimina " . "value=ok>"; ?></td>
<td width="70" align="center"><?php print "<input name=".$area."_visualizza " . " type=checkbox id=".$area."_visualizza " . "value=ok>"; ?></td>
</tr>
<?php } ?>
</table>
<?php } ?>
<input name="submit" type=submit value="continua">
</form>
</td>
</tr>
</table>
<?php } else {
header("Location: index.php");
exit;
}
?>
</td>
</tr>
</table>
</div>
<div id="footer">
<?php /* footer */
foot();
?>
</div>
</body>
</html>
<?php }} ?>
che passando al file utenti_ins3 mi salva i dati
<? session_start();
if ($_SESSION['login_staff'] != "ok") {
header("Location: login.php");
exit;
} else {
$_SESSION['setta'] = "utenti";
include "connect.php";
$query = mysql_query("SELECT idutente FROM utenti WHERE username = '".$username."'");
$row = mysql_fetch_array($query);
$id = $row['idutente'];
// inserisci permessi
$aree = $aree = array("utenti","news","appuntamenti","convegni","eventi","rassegna","bacheca","registrazione","circolari");
foreach ($aree as $area) {
$ck_ins = "$area"."_inserisci";
$ck_mod = "$area"."_modifica";
$ck_can = "$area"."_elimina";
$ck_vis = "$area"."_visualizza";
$$ck_ins = isset($$ck_ins);
$$ck_mod = isset($$ck_mod);
$$ck_can = isset($$ck_can);
$$ck_vis = isset($$ck_vis);
if ($$ck_ins == "ok") { mysql_query("INSERT INTO permessi (idutente,sezione,azione) VALUES (".$id.",'".$area."','inserimento')"); }
if ($$ck_mod == "ok") { mysql_query("INSERT INTO permessi (idutente,sezione,azione) VALUES (".$id.",'".$area."','modifica')"); }
if ($$ck_can == "ok") { mysql_query("INSERT INTO permessi (idutente,sezione,azione) VALUES (".$id.",'".$area."','elimina')"); }
if ($$ck_vis == "ok") { mysql_query("INSERT INTO permessi (idutente,sezione,azione) VALUES (".$id.",'".$area."','visualizza')"); }
}
header("Location: utenti_lista.php");
exit;
} ?>
Rispondi quotando