@ -1,4 +1,4 @@
<?php // $Id: user_list.php 18618 2009-02-20 15:11:58Z juliomontoya $
<?php // $Id: user_list.php 18639 2009-02-23 22:37:10Z yannoo $
/* /*
============================================================================== ==============================================================================
Dokeos - elearning and course management software Dokeos - elearning and course management software
@ -43,6 +43,13 @@ $xajax = new xajax();
$xajax->registerFunction('courses_of_user'); $xajax->registerFunction('courses_of_user');
//$xajax->registerFunction('empty_courses_of_user'); //$xajax->registerFunction('empty_courses_of_user');
$xajax->processRequests(); $xajax->processRequests();
/**
* Get a formatted list of courses for given user
* @param int User ID
* @return resource XAJAX response
*/
function courses_of_user($arg) function courses_of_user($arg)
{ {
// do some stuff based on $arg like query data from a database and // do some stuff based on $arg like query data from a database and
@ -77,6 +84,11 @@ function courses_of_user($arg)
//return the xajaxResponse object //return the xajaxResponse object
return $objResponse; return $objResponse;
} }
/**
* Empties the XAJAX object representing the courses list
* @param int User ID
* @return resource XAJAX object
*/
function empty_courses_of_user($arg) function empty_courses_of_user($arg)
{ {
// do some stuff based on $arg like query data from a database and // do some stuff based on $arg like query data from a database and
@ -130,10 +142,11 @@ api_protect_admin_script(true);
* because it does NOT check password! * because it does NOT check password!
* *
* This function defines globals. * This function defines globals.
* @param int User ID
* @return bool False on failure, redirection on success
* @author Roan Embrechts * @author Roan Embrechts
*/ */
function login_user($user_id) function login_user($user_id) {
{
//init --------------------------------------------------------------------- //init ---------------------------------------------------------------------
//Load $_user to be sure we clean it before logging in //Load $_user to be sure we clean it before logging in
global $uidReset, $loginFailed, $_configuration, $_user; global $uidReset, $loginFailed, $_configuration, $_user;
@ -149,6 +162,9 @@ function login_user($user_id)
$uidReset = true; $uidReset = true;
return; return;
} }
if ($user_id != strval(intval($user_id))) {
return false;
}
$sql_query = "SELECT * FROM $main_user_table WHERE user_id='$user_id'"; $sql_query = "SELECT * FROM $main_user_table WHERE user_id='$user_id'";
$sql_result = api_sql_query($sql_query, __FILE__, __LINE__); $sql_result = api_sql_query($sql_query, __FILE__, __LINE__);
@ -256,13 +272,10 @@ function get_number_of_users()
$sql.= " INNER JOIN $access_url_rel_user_table url_rel_user ON (u.user_id=url_rel_user.user_id)"; $sql.= " INNER JOIN $access_url_rel_user_table url_rel_user ON (u.user_id=url_rel_user.user_id)";
} }
if (isset ($_GET['keyword'])) if ( isset ($_GET['keyword'])) {
{
$keyword = Database::escape_string($_GET['keyword']); $keyword = Database::escape_string($_GET['keyword']);
$sql .= " WHERE u.firstname LIKE '%".$keyword."%' OR u.lastname LIKE '%".$keyword."%' OR u.email LIKE '%".$keyword."%' OR u.official_code LIKE '%".$keyword."%'"; $sql .= " WHERE u.firstname LIKE '%".$keyword."%' OR u.lastname LIKE '%".$keyword."%' OR u.email LIKE '%".$keyword."%' OR u.official_code LIKE '%".$keyword."%'";
} } elseif (isset ($_GET['keyword_firstname'])) {
elseif (isset ($_GET['keyword_firstname']))
{
$admin_table = Database :: get_main_table(TABLE_MAIN_ADMIN); $admin_table = Database :: get_main_table(TABLE_MAIN_ADMIN);
$keyword_firstname = Database::escape_string($_GET['keyword_firstname']); $keyword_firstname = Database::escape_string($_GET['keyword_firstname']);
$keyword_lastname = Database::escape_string($_GET['keyword_lastname']); $keyword_lastname = Database::escape_string($_GET['keyword_lastname']);
@ -271,8 +284,7 @@ function get_number_of_users()
$keyword_status = Database::escape_string($_GET['keyword_status']); $keyword_status = Database::escape_string($_GET['keyword_status']);
$query_admin_table = ''; $query_admin_table = '';
$keyword_admin = ''; $keyword_admin = '';
if($keyword_status == SESSIONADMIN) if ($keyword_status == SESSIONADMIN) {
{
$keyword_status = '%'; $keyword_status = '%';
$query_admin_table = " , $admin_table a "; $query_admin_table = " , $admin_table a ";
$keyword_admin = ' AND a.user_id = u.user_id '; $keyword_admin = ' AND a.user_id = u.user_id ';
@ -287,28 +299,28 @@ function get_number_of_users()
//"AND u.official_code LIKE '%".$keyword_officialcode."%' " . //"AND u.official_code LIKE '%".$keyword_officialcode."%' " .
"AND u.status LIKE '".$keyword_status."'" . "AND u.status LIKE '".$keyword_status."'" .
$keyword_admin; $keyword_admin;
if($keyword_active & & !$keyword_inactive) if($keyword_active & & !$keyword_inactive) {
{
$sql .= " AND u.active='1'"; $sql .= " AND u.active='1'";
} } elseif($keyword_inactive & & !$keyword_active) {
elseif($keyword_inactive & & !$keyword_active)
{
$sql .= " AND u.active='0'"; $sql .= " AND u.active='0'";
} }
} }
// adding the filter to see the user's only of the current access_url // adding the filter to see the user's only of the current access_url
if ((api_is_platform_admin() || api_is_session_admin()) & & $_configuration['multiple_access_urls']==true & & api_get_current_access_url_id()!=-1) { if ((api_is_platform_admin() || api_is_session_admin()) & & $_configuration['multiple_access_urls']==true & & api_get_current_access_url_id()!=-1) {
$sql.= " AND url_rel_user.access_url_id=".api_get_current_access_url_id(); $sql.= " AND url_rel_user.access_url_id=".api_get_current_access_url_id();
} }
$res = api_sql_query($sql, __FILE__, __LINE__); $res = api_sql_query($sql, __FILE__, __LINE__);
$obj = Database::fetch_object($res); $obj = Database::fetch_object($res);
return $obj->total_number_of_items; return $obj->total_number_of_items;
} }
/** /**
* Get the users to display on the current page. * Get the users to display on the current page (fill the sortable-table)
* @param int offset of first user to recover
* @param int Number of users to get
* @param int Column to sort on
* @param string Order (ASC,DESC)
* @see SortableTable#get_table_data($from) * @see SortableTable#get_table_data($from)
*/ */
function get_user_data($from, $number_of_items, $column, $direction) function get_user_data($from, $number_of_items, $column, $direction)
@ -394,8 +406,9 @@ function email_filter($email)
} }
/** /**
* Build the modify-column of the table * Build the modify-column of the table
* @param int $user_id The user id * @param int The user id
* @param string $url_params * @param string URL params to add to table links
* @param array Row of elements to alter
* @return string Some HTML-code with modify-buttons * @return string Some HTML-code with modify-buttons
*/ */
function modify_filter($user_id,$url_params,$row) function modify_filter($user_id,$url_params,$row)
@ -468,7 +481,7 @@ function active_filter($active, $url_params, $row)
} }
/** /**
* l ock or unlock a user * L ock or unlock a user
* @author Patrick Cool < patrick.cool @ UGent . be > , Ghent University * @author Patrick Cool < patrick.cool @ UGent . be > , Ghent University
* @param int $status, do we want to lock the user ($status=lock) or unlock it ($status=unlock) * @param int $status, do we want to lock the user ($status=lock) or unlock it ($status=unlock)
* @param int $user_id The user id * @param int $user_id The user id
@ -501,7 +514,7 @@ function lock_unlock_user($status,$user_id)
} }
/** /**
* i nstead of displaying the integer of the status, we give a translation for the status * I nstead of displaying the integer of the status, we give a translation for the status
* *
* @param integer $status * @param integer $status
* @return string translation * @return string translation
Yannick Warnier
17 years ago