francesco/territory-assigner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
61a177475ac5c41e4629a58bba6527f4d6013906
territory-assigner/settings.php
fpicone 61a177475a fix log
2025-12-06 18:42:49 +01:00

279 lines
12 KiB
PHP
Raw Blame History

<?php
/**
* Impostazioni (Solo Admin)
* Territory Manager
*/
require_once 'config.php';
require_once 'functions.php';
require_once 'db.php';
requireAdmin();
$page_title = 'Impostazioni';
$db = getDB();
// Gestione salvataggio configurazioni
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case 'update_config':
$link_expiry_days = (int)$_POST['link_expiry_days'];
$warning_days_normal = (int)$_POST['warning_days_normal'];
$warning_days_priority = (int)$_POST['warning_days_priority'];
$warning_days_return = (int)$_POST['warning_days_return'];
$db->updateConfig('link_expiry_days', $link_expiry_days);
$db->updateConfig('warning_days_normal', $warning_days_normal);
$db->updateConfig('warning_days_priority', $warning_days_priority);
$db->updateConfig('warning_days_return', $warning_days_return);
logActivity('update', 'Aggiornate configurazioni di sistema', 'config', null);
setFlashMessage('Configurazioni salvate con successo', 'success');
header('Location: settings.php');
exit;
break;
case 'change_password':
$current_password = $_POST['current_password'];
$new_password = $_POST['new_password'];
$confirm_password = $_POST['confirm_password'];
$user = getCurrentUser();
$db_user = $db->fetchOne("SELECT password FROM users WHERE id = ?", [$user['id']]);
if (!password_verify($current_password, $db_user['password'])) {
setFlashMessage('Password corrente non corretta', 'error');
} elseif ($new_password !== $confirm_password) {
setFlashMessage('Le nuove password non coincidono', 'error');
} elseif (strlen($new_password) < 6) {
setFlashMessage('La password deve essere di almeno 6 caratteri', 'error');
} else {
$hashed = password_hash($new_password, PASSWORD_DEFAULT);
$db->query("UPDATE users SET password = ? WHERE id = ?", [$hashed, $user['id']]);
logActivity('update', 'Modificata la propria password', 'user', $user['id']);
setFlashMessage('Password modificata con successo', 'success');
}
header('Location: settings.php');
exit;
break;
case 'add_user':
$username = sanitize($_POST['username']);
$email = sanitize($_POST['email']);
$password = $_POST['password'];
$is_admin = isset($_POST['is_admin']) ? 1 : 0;
if (strlen($password) < 6) {
setFlashMessage('La password deve essere di almeno 6 caratteri', 'error');
} else {
$hashed = password_hash($password, PASSWORD_DEFAULT);
$result = $db->query(
"INSERT INTO users (username, email, password, is_admin) VALUES (?, ?, ?, ?)",
[$username, $email, $hashed, $is_admin]
);
if ($result) {
$new_user_id = $db->getConnection()->lastInsertId();
$role = $is_admin ? 'amministratore' : 'utente';
logActivity('create', "Creato nuovo utente '$username' con ruolo $role", 'user', $new_user_id);
setFlashMessage('Utente aggiunto con successo', 'success');
} else {
setFlashMessage('Errore: username già esistente', 'error');
}
}
header('Location: settings.php');
exit;
break;
case 'delete_user':
$user_id = (int)$_POST['user_id'];
// Non permettere di eliminare se stesso
if ($user_id == $_SESSION['user_id']) {
setFlashMessage('Non puoi eliminare il tuo account', 'error');
} else {
$user_to_delete = $db->fetchOne("SELECT username FROM users WHERE id = ?", [$user_id]);
$db->query("DELETE FROM users WHERE id = ?", [$user_id]);
if ($user_to_delete) {
logActivity('delete', "Eliminato utente '{$user_to_delete['username']}'", 'user', $user_id);
}
setFlashMessage('Utente eliminato con successo', 'success');
}
header('Location: settings.php');
exit;
break;
}
}
}
// Carica configurazioni
$config = [
'link_expiry_days' => $db->getConfig('link_expiry_days', 7),
'warning_days_normal' => $db->getConfig('warning_days_normal', 90),
'warning_days_priority' => $db->getConfig('warning_days_priority', 180),
'warning_days_return' => $db->getConfig('warning_days_return', 120)
];
// Carica utenti
$users = $db->fetchAll("SELECT id, username, email, is_admin, created_at FROM users ORDER BY username");
include 'header.php';
?>
<div class="page-header">
<h1>Impostazioni</h1>
</div>
<!-- Configurazioni Generali -->
<div class="card">
<div class="card-header">
<h2>Configurazioni Generali</h2>
</div>
<div class="card-body">
<form method="POST">
<input type="hidden" name="action" value="update_config">
<div class="form-group">
<label for="link_expiry_days">Giorni validità link temporanei</label>
<input type="number" id="link_expiry_days" name="link_expiry_days"
value="<?php echo $config['link_expiry_days']; ?>"
min="1" max="365" required class="form-control">
<small class="form-help">Numero di giorni per cui i link di condivisione territorio sono validi</small>
</div>
<div class="form-group">
<label for="warning_days_normal">Giorni per territori da assegnare</label>
<input type="number" id="warning_days_normal" name="warning_days_normal"
value="<?php echo $config['warning_days_normal']; ?>"
min="1" max="999" required class="form-control">
<small class="form-help">Giorni dopo i quali un territorio in reparto è considerato da assegnare</small>
</div>
<div class="form-group">
<label for="warning_days_priority">Giorni per territori prioritari</label>
<input type="number" id="warning_days_priority" name="warning_days_priority"
value="<?php echo $config['warning_days_priority']; ?>"
min="1" max="999" required class="form-control">
<small class="form-help">Giorni dopo i quali un territorio in reparto è considerato prioritario</small>
</div>
<div class="form-group">
<label for="warning_days_return">Giorni per territori da riconsegnare</label>
<input type="number" id="warning_days_return" name="warning_days_return"
value="<?php echo $config['warning_days_return']; ?>"
min="1" max="999" required class="form-control">
<small class="form-help">Giorni dopo i quali un territorio assegnato è da riconsegnare</small>
</div>
<button type="submit" class="btn btn-primary">Salva Configurazioni</button>
</form>
</div>
</div>
<!-- Cambio Password -->
<div class="card">
<div class="card-header">
<h2>Cambia Password</h2>
</div>
<div class="card-body">
<form method="POST">
<input type="hidden" name="action" value="change_password">
<div class="form-group">
<label for="current_password">Password Corrente</label>
<input type="password" id="current_password" name="current_password" required class="form-control">
</div>
<div class="form-group">
<label for="new_password">Nuova Password</label>
<input type="password" id="new_password" name="new_password" required class="form-control">
</div>
<div class="form-group">
<label for="confirm_password">Conferma Nuova Password</label>
<input type="password" id="confirm_password" name="confirm_password" required class="form-control">
</div>
<button type="submit" class="btn btn-primary">Cambia Password</button>
</form>
</div>
</div>
<!-- Gestione Utenti -->
<div class="card">
<div class="card-header">
<h2>Gestione Utenti</h2>
</div>
<div class="card-body">
<table class="table">
<thead>
<tr>
<th>Username</th>
<th>Email</th>
<th>Ruolo</th>
<th>Data Creazione</th>
<th>Azioni</th>
</tr>
</thead>
<tbody>
<?php foreach ($users as $user): ?>
<tr>
<td><strong><?php echo htmlspecialchars($user['username']); ?></strong></td>
<td><?php echo htmlspecialchars($user['email']); ?></td>
<td>
<?php if ($user['is_admin']): ?>
<span class="badge badge-danger">Admin</span>
<?php else: ?>
<span class="badge badge-info">Utente</span>
<?php endif; ?>
</td>
<td><?php echo formatDate($user['created_at']); ?></td>
<td>
<?php if ($user['id'] != $_SESSION['user_id']): ?>
<form method="POST" style="display:inline;"
onsubmit="return confirm('Sei sicuro di voler eliminare questo utente?');">
<input type="hidden" name="action" value="delete_user">
<input type="hidden" name="user_id" value="<?php echo $user['id']; ?>">
<button type="submit" class="btn btn-sm btn-danger">Elimina</button>
</form>
<?php else: ?>
<span class="badge badge-secondary">Tu</span>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<h3 style="margin-top: 30px;">Aggiungi Nuovo Utente</h3>
<form method="POST" style="margin-top: 20px;">
<input type="hidden" name="action" value="add_user">
<div class="form-row">
<div class="form-group">
<input type="text" name="username" placeholder="Username" required class="form-control">
</div>
<div class="form-group">
<input type="email" name="email" placeholder="Email" class="form-control">
</div>
<div class="form-group">
<input type="password" name="password" placeholder="Password" required class="form-control">
</div>
<div class="form-group">
<label class="checkbox-label">
<input type="checkbox" name="is_admin" value="1">
Amministratore
</label>
</div>
<button type="submit" class="btn btn-primary">Aggiungi Utente</button>
</div>
</form>
</div>
</div>
<?php include 'footer.php'; ?>
Reference in New Issue View Git Blame Copy Permalink