1<?php 2/** 3 * Mediante questo file si possono creare, modificare e cancellare nuove statistiche sul database. 4 * Le statistiche sono impostata come query e sono registrate nella tabella di registro "stats" 5 * 6 * @desc File di gestione delle statistiche impostate dall'utente. 7 * @package VFront 8 * @subpackage Stats 9 * @author Mario Marcello Verona <marcelloverona@gmail.com> 10 * @copyright 2007-2010 M.Marcello Verona 11 * @version 0.96 $Id: stat.personal.php 949 2011-04-23 23:22:10Z marciuz $ 12 * @license http://www.gnu.org/licenses/gpl.html GNU Public License 13 */ 14 15 16require_once("../inc/conn.php"); 17require_once("../inc/layouts.php"); 18require_once("../inc/func.comuni.php"); 19require_once("../inc/func.frontend.php"); 20require_once("../inc/func.stat.php"); 21//require_once("./stat.graph.php"); 22require_once("./stat.graph2.php"); 23 24proteggi(1); 25 26 27 28 29############################################ 30# 31# REGISTRA NUOVA 32# 33 34if(isset($_GET['crea']) && count($_POST)>0){ 35 36 proteggi(2); 37 38 $_dati = $vmreg->recursive_escape($_POST); 39 40 41 $sql=sprintf("INSERT INTO {$db1['frontend']}{$db1['sep']}stat 42 (nome_stat, desc_stat, def_stat, auth_stat , autore, tipo_graph, published, data_stat) 43 VALUES 44 ('%s','%s','%s',%d,%d,'%s',%d,'%s')", 45 $_dati['nome_stat'], 46 $_dati['desc_stat'], 47 $_dati['def_stat'], 48 $_dati['auth_stat'], 49 $_SESSION['user']['uid'], 50 trim($_dati['tipo_graph']), 51 $_dati['publish'], 52 date('Y-m-d H:i:s') 53 ); 54 55 $q=$vmreg->query($sql); 56 57 if($vmreg->affected_rows($q)==1){ 58 59 $id=$vmreg->insert_id($db1['frontend'].".stat",'id_stat'); 60 61 header("Location: ".$_SERVER['PHP_SELF']."?id_s=$id"); 62 63 } 64 else{ 65 66 header("Location: index.php?feed=konew"); 67 } 68 69 70 exit; 71 72} 73 74 75 76 77 78 79 80 81############################################ 82# 83# APPLICA MODIFICA 84# 85 86if(isset($_GET['applica_mod']) && count($_POST)>0){ 87 88 proteggi(2); 89 90 $_dati = $vmreg->recursive_escape($_POST); 91 92 93 $sql=sprintf("UPDATE {$db1['frontend']}{$db1['sep']}stat 94 SET nome_stat='%s', desc_stat='%s', def_stat='%s', 95 auth_stat=%d , tipo_graph='%s', published=%d, data_stat='%s' 96 WHERE id_stat=%d 97 ", 98 $_dati['nome_stat'], 99 $_dati['desc_stat'], 100 $_dati['def_stat'], 101 $_dati['auth_stat'], 102 trim($_dati['tipo_graph']), 103 $_dati['publish'], 104 date("Y-m-d H:i:s"), 105 $_dati['id_stat']); 106 107 $q=$vmreg->query($sql); 108 109 if($vmreg->affected_rows($q)==1){ 110 111 header("Location: index.php?feed=okmod"); 112 113 } 114 else{ 115 116 header("Location: index.php?feed=komod"); 117 } 118 119 120 exit; 121 122} 123 124 125 126 127 128 129 130 131 132############################################ 133# 134# APPLICA ELIMINA 135# 136 137if(isset($_POST['elimina_stat']) && intval($_POST['elimina_stat'])>0){ 138 139 proteggi(2); 140 141 $sql=sprintf("DELETE FROM {$db1['frontend']}{$db1['sep']}stat 142 WHERE id_stat=%d 143 LIMIT 1 144 ", 145 $_POST['elimina_stat']); 146 147 $q=$vmreg->query($sql); 148 149 if($vmreg->affected_rows($q)==1){ 150 151 header("Location: index.php?feed=okdel"); 152 153 } 154 else{ 155 156 header("Location: ".$_SERVER['PHP_SELF']."?feed=kodel"); 157 } 158 159 160 exit; 161 162} 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178#################################################### 179# 180# CREA UNA NUOVA STATISTICA 181# 182# 183 184if(isset($_GET['new']) || isset($_GET['modifica'])){ 185 186 proteggi(2); 187 188 // Caso modifica 189 if(isset($_GET['modifica'])){ 190 191 // prendi i dati 192 $q=$vmreg->query("SELECT nome_stat, desc_stat, def_stat, autore, auth_stat, tipo_graph , published 193 FROM {$db1['frontend']}{$db1['sep']}stat WHERE id_stat=".intval($_GET['modifica'])); 194 195 $RS=$vmreg->fetch_assoc($q); 196 197 198 // Verifica il diritto di modifica! 199 if($RS['autore']!=$_SESSION['user']['uid'] && $_SESSION['user']['livello']<3){ 200 201 header("Location: ".$_SERVER['PHP_SELF']."?errore=noauth"); 202 exit; 203 } 204 205 $azione='applica_mod'; 206 $titolo=_('Modify statistics'); 207 $titolo2=$titolo." <span class=\"var\">".$RS['nome_stat']."</span>"; 208 209 $txt_button=_("Modify statistics"); 210 211 } 212 else{ 213 214 // valori predefiniti 215 216 $RS=array('nome_stat'=>'', 217 'desc_stat'=>'', 218 'def_stat'=>'', 219 'auth_stat'=>1, 220 'autore'=>'', 221 'tipo_graph'=>'barre'); 222 223 224 $azione='crea'; 225 226 $titolo=$titolo2=_("Create new statistic"); 227 228 $txt_button=_("Register a new statistic"); 229 } 230 231 232 233 $chk_auth[1] = ($RS['auth_stat']==1) ? "checked=\"checked\"" : ""; 234 $chk_auth[2] = ($RS['auth_stat']==2) ? "checked=\"checked\"" : ""; 235 $chk_auth[3] = ($RS['auth_stat']==3) ? "checked=\"checked\"" : ""; 236 237 $chk_tipo_graph[1] = (trim($RS['tipo_graph'])=='barre') ? "checked=\"checked\"" : ""; 238 $chk_tipo_graph[2] = (trim($RS['tipo_graph'])=='torta') ? "checked=\"checked\"" : ""; 239 240 241 242 243 244 245 246 $files=array('js/test_query.js','js/yav/yav.js','js/yav/yav-config-it.js'); 247 248 echo openLayout1($titolo,$files); 249 250 echo breadcrumbs(array("HOME","ADMIN", 251 "index.php"=>_("statistics"), 252 strtolower($titolo))); 253 254 echo "<h1>$titolo2</h1>\n"; 255 256 echo "<script type=\"text/javascript\"> 257 258 var rules=new Array(); 259 260 rules[0]='nome_stat|required|"._("The name of the statistic is required")."'; 261 rules[1]='def_stat|required|"._("No SQL definition for the statistics")."'; 262 263 </script>\n"; 264 265 266 echo "<form name=\"f1\" action=\"".$_SERVER['PHP_SELF']."?$azione\" method=\"post\" onsubmit=\"return performCheck('f1', rules, 'classic');\" >\n"; 267 268 echo "<fieldset style=\"width:70%; padding:20px;\">\n"; 269 echo "<legend style=\"font-weigth:bold\">"._("Parameter for new statistic")."</legend>\n"; 270 271 272 $input_modifica = (isset($_GET['modifica'])) ? "<input type=\"hidden\" name=\"id_stat\" value=\"".intval($_GET['modifica'])."\" />\n" : ""; 273 274 $chk_publish = (isset($_GET['modifica']) && $RS['published']==1) ? 'checked="checked"' : ''; 275 276 echo " 277 278 <label for=\"nome_stat\">"._("Name of statistic:")."</label><br /> 279 <input type=\"text\" id=\"nome_stat\" name=\"nome_stat\" size=\"40\" maxlength=\"240\" value=\"".$RS['nome_stat']."\" /> 280 <div class=\"info-campo\" >"._("Name for custom statistic")."</div> 281 282 <label for=\"desc_stat\">"._("Description of statistic:")."</label><br /> 283 <textarea id=\"desc_stat\" name=\"desc_stat\" cols=\"50\" rows=\"4\" >".$RS['desc_stat']."</textarea> 284 <div class=\"info-campo\" >"._("Description of custom statistic")."</div> 285 286 <br /> 287 288 <p>"._("Access method for new statistics")."<br /> 289 <input type=\"radio\" id=\"auth_stat1\" name=\"auth_stat\" value=\"1\" ".$chk_auth[1]." /> <label for=\"auth_stat1\">"._("Public")."</label><br /> 290 <input type=\"radio\" id=\"auth_stat2\" name=\"auth_stat\" value=\"2\" ".$chk_auth[2]." /> <label for=\"auth_stat2\">"._("Accessible only to my group")."</label><br /> 291 <input type=\"radio\" id=\"auth_stat3\" name=\"auth_stat\" value=\"3\" ".$chk_auth[3]." /> <label for=\"auth_stat3\">"._("Allow only by me")."</label><br /> 292 </p> 293 294 295 <p> 296 <input type=\"hidden\" id=\"publish_0\" name=\"publish\" value=\"0\" /> 297 <input type=\"checkbox\" id=\"publish_1\" name=\"publish\" value=\"1\" ".$chk_publish." /> <label for=\"publish_1\">"._("Published in home page")."</label><br /> 298 </p> 299 300 301 <p>"._("Type of graph:")."<br /> 302 <input type=\"radio\" id=\"graph_type1\" name=\"tipo_graph\" value=\"barre\" ".$chk_tipo_graph[1]." /> <label for=\"graph_type1\">"._("Bar graph")."</label><br /> 303 <input type=\"radio\" id=\"graph_type2\" name=\"tipo_graph\" value=\"torta\" ".$chk_tipo_graph[2]." /> <label for=\"graph_type2\">"._("Pie graph")."</label><br /> 304 </p> 305 306 307 <label for=\"def_stat\">"._("Definition of statistic")."</label> 308 <input value=\""._("Test")."\" onclick=\"try_query(document.getElementById('def_stat').value,2)\" type=\"button\" /> 309 <span id=\"feed_altro_2\" class=\"feed_altro\"> </span> 310 <br /> 311 <textarea id=\"def_stat\" name=\"def_stat\" cols=\"60\" rows=\"7\" >".$RS['def_stat']."</textarea> 312 <div class=\"info-campo\" >"._("SQL Query to definie the statistic")."</div> 313 314 $input_modifica 315 316 <input type=\"submit\" name=\"invia\" value=\" $txt_button \" />\n"; 317 318 319 echo "</fieldset>\n"; 320 321 echo "</form>\n"; 322 323 echo closeLayout1(); 324 325 exit; 326 327} 328 329 330 331 332 333 334 335 336 337 338##################################################### 339# 340# MOSTRA UNA STATISTICA DA ID 341# 342##################################################### 343 344 345 346if(isset($_GET['id_s'])){ 347 348 $errore=false; 349 350 $ID_STAT= (int) $_GET['id_s']; 351 352 $sql="SELECT s.nome_stat, s.desc_stat, s.def_stat, s.auth_stat , s.autore, s.tipo_graph, s.data_stat, u.gid 353 FROM {$db1['frontend']}{$db1['sep']}stat s, {$db1['frontend']}{$db1['sep']}utente u 354 WHERE id_stat=$ID_STAT 355 AND u.id_utente=s.autore"; 356 357 $q=$vmreg->query($sql); 358 359 $RS=$vmreg->fetch_assoc($q); 360 361 362 if($vmreg->num_rows($q)==0){ 363 364 $errore='norecord'; 365 } 366 367 368 369 // Controllo di propriet� validi per i non admin 370 371 372 373 if($_SESSION['user']['livello']<3){ 374 375 if($RS['auth_stat']==2 && $RS['gid']!=$_SESSION['gid']){ 376 377 $errore='nogid'; 378 } 379 380 if($RS['auth_stat']==3 && $RS['autore']!=$_SESSION['user']['uid']) { 381 382 $errore='nouser'; 383 } 384 385 } 386 387 388 // testo la query 389 $test_q1=$vmsql->query_try($RS['def_stat']); 390 391 if($test_q1==0){ 392 393 $errore='noquery'; 394 } 395 else if($test_q1==-1){ 396 $errore='danger'; 397 } 398 else{ 399 400 401 // Non ci sono errori fino a qui, vai avanti 402 403 $q_stat=$vmsql->query($RS['def_stat']); 404 405 list($etichette, $frequenze)=$vmsql->fetch_row_all($q_stat,true); 406 407 408 // se non ci sono dati 409 if(count($etichette)==0 || count($frequenze)==0){ 410 411 $errore='nodata'; 412 } 413 } 414 415 416 417 // se non ci sono errori 418 if($errore===false){ 419 420 // prendo la frequenza più grande per la scala 421 $duplicato_freq=$frequenze; 422 rsort($duplicato_freq); 423 $scala=$duplicato_freq[0]*1.1; 424 425 $scala = ($scala<5) ? 5: $scala; 426 427 $stima_altezza = round(count($frequenze)*22.5,0); 428 429 $stima_altezza = ($stima_altezza<300) ? 300: $stima_altezza; 430 431 $nome_file_tmp = 'img_pers'; 432 433 // Grafico a barre 434 if(trim($RS['tipo_graph'])=='barre'){ 435 436 //$grafico=barre($frequenze,$etichette,$scala,$RS['nome_stat'],$nome_file_tmp,550,$stima_altezza); 437 $grafico=barre_pchart($frequenze,$etichette,$scala,$RS['nome_stat'],$nome_file_tmp,550,$stima_altezza); 438 } 439 440 // Grafico a torta 441 else if(trim($RS['tipo_graph'])=='torta'){ 442 443 //$grafico=torta($frequenze,$etichette,$RS['nome_stat'],$nome_file_tmp); 444 $grafico=torta_pchart($frequenze,$etichette,$RS['nome_stat'],$nome_file_tmp); 445 } 446 447 448 449 450 if($grafico){ 451 452 $OUT=''; 453 454 // SCRIVE UNA TABELLA: 455 456 $OUT.="<table summary=\"cont\" class=\"tab-cont\">\n<tr>"; 457 458 if($grafico){ 459 460 $OUT.= "<td><img src=\""._PATH_TMP_HTTP."/$nome_file_tmp.png?".time()."\" alt=\"test\" class=\"img-stat\" /></td>\n"; 461 } 462 463 if(trim($RS['tipo_graph'])=='torta'){ 464 $OUT.= "<td>".stat_tabella($etichette,$frequenze,array("valore","n"),true) . "</td>"; 465 } 466 else{ 467 $OUT.= "<td>".stat_tabella($etichette,$frequenze,array("valore","n")) . "</td>"; 468 } 469 470 $OUT.="</tr></table>\n"; 471 472 } 473 474 475 $nome_stat_html=htmlentities(stripslashes($RS['nome_stat']), ENT_QUOTES, FRONT_ENCODING); 476 477 $files=array("sty/stat.css"); 478 479 // prendi autore 480 $q_a=$vmreg->query("SELECT ".$vmreg->concat("nome, ' ' , cognome")." FROM {$db1['frontend']}{$db1['sep']}utente WHERE id_utente=".intval($RS['autore'])); 481 482 list($nome_autore) = $vmreg->fetch_row($q_a); 483 484 echo openLayout1("Statistica ".$RS['nome_stat'],$files); 485 486 487 if(isset($_GET['ref']) && $_GET['ref']=='home'){ 488 489 echo breadcrumbs(array("HOME",$nome_stat_html)); 490 491 } 492 else{ 493 494 echo breadcrumbs(array("HOME","ADMIN","index.php"=>_("statistics"),$nome_stat_html)); 495 } 496 497 498 499 echo "<h1>$nome_stat_html</h1>\n"; 500 501 echo "<div style=\"padding:10px; background-color:#FFF2CF;width:40em;margin:3px 3px 16px 3px;border:1px solid #444;\">\n"; 502 503 echo "<p><b>"._("Description")."</b>: ".htmlentities($RS['desc_stat'],ENT_QUOTES,FRONT_ENCODING)."</p>"; 504 echo "<p><b>"._("Author")."</b>: ".$nome_autore."</p>"; 505 echo "<p><b>"._("Definition date")."</b>: ".date_encode($RS['data_stat'])."</p>"; 506 507 echo "</div>\n"; 508 509 echo $OUT; 510 511 echo closeLayout1(); 512 } 513 514 else{ 515 516 $files=array("sty/stat.css"); 517 518 echo openLayout1(_("Statistic")." ".$RS['nome_stat'],$files); 519 520 if($_GET['ref']=='home'){ 521 522 echo breadcrumbs(array("HOME",$nome_stat_html)); 523 524 } 525 else{ 526 echo breadcrumbs(array("HOME","ADMIN","index.php"=>_("statistics"),$nome_stat_html)); 527 } 528 529 echo "<h1>"._("Cannot display the data")."</h1>\n"; 530 531 switch($errore){ 532 533 case 'nogid' : echo "<p><strong>"._("Warning!")."</strong> "._("You are trying to access a public statistic for a group of users of which you are not a member.")."</p>\n"; 534 break; 535 536 case 'nouser' : echo "<p><strong>"._("Warning!")."</strong> "._("You are trying to access a private statistic of which you are not the author.")."</p>\n"; 537 break; 538 539 case 'noquery' : echo "<p><strong>"._("Warning!")."</strong> "._("You are trying to access a statistic which seems to have a mistake in the SQL. Please check the query definition")."</p>\n"; 540 break; 541 542 case 'nodata' : echo "<p>"._("No data returned for this statistic")."</p>\n"; 543 break; 544 545 case 'danger' : echo "<p>"._("The SQL query contains unsafe words and was not performed.")."</p>\n"; 546 break; 547 548 case 'norecord' : echo "<p><strong>"._("Warning!")."</strong> "._("You are asking for a non-existent statistic")."</p>\n"; 549 break; 550 551 default : echo "<p><strong>"._("Warning!")."</strong> "._("There is a generic error in displaying statistics ")."</p>\n"; 552 553 } 554 555 556 557 echo closeLayout1(); 558 559 } 560 561 562 563} 564 565 566if(isset($_GET['elimina'])){ 567 568 proteggi(2); 569 570 $ID_STAT= (int) $_GET['elimina']; 571 572 $sql="SELECT s.nome_stat, s.desc_stat, s.def_stat, s.auth_stat , 573 s.autore, s.tipo_graph, s.data_stat, u.gid, " 574 .$vmreg->concat("u.nome, ' ' , u.cognome", 'nomecognome')." 575 FROM {$db1['frontend']}{$db1['sep']}stat s, {$db1['frontend']}{$db1['sep']}utente u 576 WHERE id_stat=$ID_STAT 577 AND u.id_utente=s.autore"; 578 579 $q=$vmreg->query($sql); 580 581 $RS=$vmreg->fetch_assoc($q); 582 583 echo openLayout1(_("Statistic")." ".$RS['nome_stat']); 584 585 echo breadcrumbs(array("HOME","ADMIN","index.php"=>_("statistics"),_("delete statistic"))); 586 587 echo "<h1>"._("Delete statistic")."</h1>\n"; 588 589 echo "<div style=\"padding:10px; background-color:#FFF2CF;width:40em;margin:3px 3px 16px 3px;border:1px solid #444;\">\n"; 590 591 echo "<p><b>ID</b>: $ID_STAT</p>"; 592 echo "<p><b>"._("Description")."</b>: ".htmlentities($RS['desc_stat'],ENT_QUOTES,FRONT_ENCODING)."</p>"; 593 echo "<p><b>"._("Author")."</b>: ".$RS['nomecognome']."</p>"; 594 echo "<p><b>"._("Graph type")."</b>: ".trim($RS['tipo_graph'])."</p>"; 595 echo "<p><b>"._("Definition date")."</b>: ".date_encode($RS['data_stat'])."</p>"; 596 597 echo "</div>\n"; 598 599 600 echo "<form action=\"".$_SERVER['PHP_SELF']."\" method=\"post\" >\n"; 601 602 // info statistica... 603 604 echo "<p><strong>"._("Warning!")."</strong> "._("Do you really want to remove this statistic? This operation cannot be undone")."</p>\n"; 605 606 echo "<input type=\"hidden\" name=\"elimina_stat\" value=\"".intval($_GET['elimina'])."\" />\n"; 607 echo "<input type=\"submit\" name=\"esegui_elimina_stat\" value=\""._("Delete statistic")."\" />\n"; 608 609 echo " "._("or")." <a href=\"index.php\">"._("go back")."</a>"; 610 611 echo "</form>\n"; 612 613 614 echo closeLayout1(); 615 616 617} 618 619 620?>