From 80ba36475fa11aad5590a2793ea74b61501ba00e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=80=9CVeLiTi=E2=80=9D?= <“info@veliti.nl”>
Date: Thu, 27 Jun 2024 16:35:05 +0200
Subject: [PATCH] Update blockuser handling

---
 api/v1/get/application.php                |  6 +++-
 settings/translations/translations_DE.php |  1 +
 settings/translations/translations_NL.php |  2 +-
 settings/translations/translations_US.php |  1 +
 usage_reporting.php                       | 26 +++++++-------
 user.php                                  | 44 ++++++++++++++++++-----
 6 files changed, 58 insertions(+), 22 deletions(-)

diff --git a/api/v1/get/application.php b/api/v1/get/application.php
index bec050f..562a157 100644
--- a/api/v1/get/application.php
+++ b/api/v1/get/application.php
@@ -176,7 +176,7 @@ switch ($action) {
     break;
     
     case 'report_usage_users':
-        $sql = 'SELECT YEAR(created) AS year, QUARTER(created) AS quarter, MONTH(created) as month, count(id) AS count FROM users WHERE NOT view = "3" GROUP BY YEAR(created), QUARTER(created), MONTH(created)';
+        $sql = 'SELECT count(id) AS count FROM users WHERE NOT view = "3"';
     break;
     
 }
@@ -207,6 +207,10 @@ switch ($action) {
         $messages =  $stmt->fetch();
     break;
 
+    case 'report_usage_users':
+        $messages =  $stmt->fetch();
+    break;
+
     case 'firmwareCommunication':
         $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
         if ($result) {
diff --git a/settings/translations/translations_DE.php b/settings/translations/translations_DE.php
index facf2c6..d704504 100644
--- a/settings/translations/translations_DE.php
+++ b/settings/translations/translations_DE.php
@@ -279,6 +279,7 @@ $User_language = 'Sprache';
 $User_pw_reset = 'Passwort zurücksetzen';
 $User_pw_login_count = 'Fehlgeschlagene Anmeldeversuche';
 $User_block = 'Gesperrt';
+$User_unblock = 'Entsperren';
 
 $reset_message = 'Passwort zurücksetzen gestartet => Weitere Anweisungen finden Sie in Ihrem E-Mail-Posteingang. Sie werden zur Anmeldeseite weitergeleitet.';
 $reset_message2 = 'Resettoken ungültig, Sie werden weitergeleitet';
diff --git a/settings/translations/translations_NL.php b/settings/translations/translations_NL.php
index 2defd5d..78132c7 100644
--- a/settings/translations/translations_NL.php
+++ b/settings/translations/translations_NL.php
@@ -279,7 +279,7 @@ $User_language = 'Taal';
 $User_pw_reset = 'Password reset';
 $User_pw_login_count = 'Mislukte inlog pogingen';
 $User_block = 'Geblokkeerd';
-
+$User_unblock = 'Deblokkeer';
 
 $reset_message = 'Password reset started => See your email inbox for further instructions, you will be redirected to the login page.';
 $reset_message2 = 'Resettoken not valid, you will be redirected';
diff --git a/settings/translations/translations_US.php b/settings/translations/translations_US.php
index 9493a38..ecc3e50 100644
--- a/settings/translations/translations_US.php
+++ b/settings/translations/translations_US.php
@@ -278,6 +278,7 @@ $User_language = 'Language';
 $User_pw_reset = 'Password reset';
 $User_pw_login_count = 'Failed login attempts';
 $User_block = 'Blocked';
+$User_unblock = 'Deblock';
 
 $reset_message = 'Password reset started => See your email inbox for further instructions, you will be redirected to the login page.';
 $reset_message2 = 'Resettoken not valid, you will be redirected';
diff --git a/usage_reporting.php b/usage_reporting.php
index 581ff7d..4121830 100644
--- a/usage_reporting.php
+++ b/usage_reporting.php
@@ -10,12 +10,11 @@ if (debug && debug_id == $_SESSION['id']){
 include_once './assets/functions.php';
 include_once './settings/settings.php';
 
-/*Check if allowed
-if (isAllowed('usage_reporting',$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+//Check if allowed
+if (debug_id != $_SESSION['id']){
     header('location: index.php');
     exit;
 }
-*/
 
 //Return report_usage_servicereports
 $api_url = '/v1/application/totals=/report_usage_servicereports';
@@ -108,9 +107,20 @@ $usage_warranty = usageReportingView(json_decode(json_encode($report_usage_warra
 $usage_other = usageReportingView(json_decode(json_encode($report_usage_other), true)) ?? '';
 $usage_equipment = usageReportingView(json_decode(json_encode($report_usage_equipment), true)) ?? '';
 $usage_changes = usageReportingView(json_decode(json_encode($report_usage_changes), true)) ?? '';
-$usage_users = usageReportingView(json_decode(json_encode($report_usage_users), true)) ?? '';
+$usage_users = json_decode(json_encode($report_usage_users), true) ?? '';
 
 $view .= '
+<div class="dashboard">
+    <div class="content-block stat">
+        <div class="data" onclick="location.href=\'index.php?page=equipments\'">
+            <h3>Users</h3>
+            <p>'.$usage_users['count'].'</p>
+        </div>
+        <i class="fas fa-box-open"></i>
+        <div class="footer">
+            <i class="fa-solid fa-rotate fa-xs"></i>Users in contract scope</div>
+    </div>
+</div>
 <div class="content-block-wrapper">
     <div class="content-block order-details">
         <div class="block-header">
@@ -149,14 +159,6 @@ $view .= '
         </div>'.$usage_changes.'
     </div>          
 </div>
-
-<div class="content-block-wrapper">
-    <div class="content-block order-details">
-        <div class="block-header">
-            <i class="fa-solid fa-bars fa-sm"></i>Users
-        </div>'.$usage_users.'
-    </div>          
-</div>
 ';
 
 //OUTPUT
diff --git a/user.php b/user.php
index 4499d09..353e629 100644
--- a/user.php
+++ b/user.php
@@ -81,6 +81,27 @@ if (isset($_GET['id'])) {
             }
         }
     }
+
+    if ($update_allowed === 1){
+        if (isset($_POST['unblock'])) {
+            //UNSET THE SUMBIT FROM POST
+            unset($_POST['unblock']);
+            //CHANGE LOGIN COUNT TO 0
+            $_POST['login_count'] = '0';
+            //GET ALL POST DATA
+            $data = json_encode($_POST, JSON_UNESCAPED_UNICODE);
+            //Secure data
+            $payload = generate_payload($data);
+            //API call
+            $responses = ioServer('/v1/users', $payload);
+            if ($responses === 'NOK'){
+
+            } else {
+            header('Location: index.php?page=users&success_msg=2');
+            exit;
+            }
+        }
+    }
     
     if ($delete_allowed === 1){
         if (isset($_POST['delete'])) {
@@ -146,7 +167,7 @@ if (isset($success_msg)){
 $view .='
 <form action="" method="post">
     <div class="content-title responsive-flex-wrap responsive-pad-bot-3">
-        <h2 class="responsive-width-100">'.$user_h2.'</h2>
+        <h2 class="responsive-width-100">'.$user_h2.': '.$user['username'].' '.(($user['login_count'] > 4)? '<span class="status disabled">'.$User_block:(($user['userkey'] &&  $user['userkey'] !='')? '<span class="status enabled">'.$enabled:'<span class="status">'.$disabled)).'</h2>
         <a href="index.php?page=users" class="btn alt mar-right-2">'.$button_cancel.'</a>
 ';
 
@@ -163,6 +184,7 @@ $view .= '<div class="tabs">
             <a href="#" class="active">'.$tab1 .'</a>
             <a href="#">'.$tab2.'</a>
             <a href="#">'.$tab3.'</a>
+            '.(($update_allowed === 1 && $user_ID !='')? '<a href="#">'.$general_actions.'</a>':"").' 
         </div>
     ';
 
@@ -232,11 +254,7 @@ $view .='       <label for="service">'.$User_service.'</label>
                 <input type="hidden" name="old_view" value="'.$user['view'].'">  
                 
         ';
-    if ($update_allowed === 1 && $user_ID !=''){
-        $view .= '<label for="service">'.$User_pw_reset .'</label>
-                 <input type="submit" name="reset" value="Reset" class="btn" style="width: 15%;" onclick="return confirm(\'Are you sure you want to reset this user password?\')"> 
-                ';
-        }
+
 $view .= '</div>
         </div>';
 
@@ -285,10 +303,20 @@ $view .= '<div class="content-block tab-content">
         </div>
     </div>';
 
-
+if ($update_allowed === 1 && $user_ID !=''){
+$view .= '<div class="content-block tab-content">
+    <div class="form responsive-width-100">
+        <label for="service">'.$User_pw_reset .'</label>
+        <input type="submit" name="reset" value="Reset" class="btn" style="width: 15%;" onclick="return confirm(\'Are you sure you want to reset this user password?\')"> 
+        <label for="service">'.$User_unblock .'</label>
+        <input type="submit" name="unblock" value="'.$User_unblock.'" class="btn" style="width: 15%;" onclick="return confirm(\'Are you sure you want to unblock this user?\')"> 
+    </div>
+</div>';
+}
 $view .= '</form>';
 
 
 //Output
 echo $view;
-template_footer()?>
\ No newline at end of file
+template_footer()
+?>
\ No newline at end of file