chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Format code + adding require in order to load constants.

Browse Source
1.9.x
Julio Montoya 12 years ago
parent daa4116bcc
commit 8fbb9f3790
1 changed files with 286 additions and 328 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 614
      main/admin/add_users_to_group.php

614
main/admin/add_users_to_group.php
Unescape View File

@ -5,14 +5,15 @@
*/
// name of the language file that needs to be included
$language_file=array('admin','registration','userInfo');
$language_file = array('admin','registration','userInfo');
// resetting the course id
$cidReset=true;
$cidReset = true;
// including some necessary files
require_once '../inc/global.inc.php';
require_once '../inc/lib/xajax/xajax.inc.php';
require_once '../inc/lib/group_portal_manager.lib.php';
// setting the section (for the tabs)
$this_section = SECTION_PLATFORM_ADMIN;
@ -22,163 +23,161 @@ global $_configuration;
api_protect_admin_script(true);
// setting breadcrumbs
$interbreadcrumb[]=array('url' => 'index.php','name' => get_lang('PlatformAdmin'));
$interbreadcrumb[]=array('url' => 'group_list.php','name' => get_lang('GroupList'));
$interbreadcrumb[] = array('url' => 'index.php','name' => get_lang('PlatformAdmin'));
$interbreadcrumb[] = array('url' => 'group_list.php','name' => get_lang('GroupList'));
// Database Table Definitions
$tbl_group = Database::get_main_table(TABLE_MAIN_GROUP);
$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
$tbl_group_rel_user = Database::get_main_table(TABLE_MAIN_USER_REL_GROUP);
$tbl_user_rel_access_url= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$needle = null;
$user_anonymous = api_get_anonymous_id();
// setting the name of the tool
$tool_name = get_lang('SubscribeUsersToGroup');
$group_id = intval($_GET['id']);
$add_type = 'multiple';
if(isset($_REQUEST['add_type']) && $_REQUEST['add_type']!=''){
if (isset($_REQUEST['add_type']) && $_REQUEST['add_type']!='') {
$add_type = Security::remove_XSS($_REQUEST['add_type']);
}
//checking for extra field with filter on
$xajax = new xajax();
$xajax->registerFunction('search_users');
function search_users($needle,$type,$relation_type) {
global $tbl_user,$tbl_user_rel_access_url, $tbl_group_rel_user,$group_id,$_configuration;
$xajax_response = new XajaxResponse();
$return = $return_origin = $return_destination = '';
$without_user_id = $without_user_id = $condition_relation = '';
if (!empty($group_id) && !empty($relation_type)) {
$group_id = intval($group_id);
$relation_type = intval($relation_type);
// get user_id from relation type and group id
$sql = "SELECT user_id FROM $tbl_group_rel_user
WHERE group_id = '$group_id'
AND relation_type IN (".GROUP_USER_PERMISSION_ADMIN.",".GROUP_USER_PERMISSION_READER.",".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_MODERATOR.", ".GROUP_USER_PERMISSION_HRM.") ";
$res = Database::query($sql);
$user_ids = array();
if (Database::num_rows($res) > 0) {
while ($row = Database::fetch_row($res)) {
$user_ids[] = $row[0];
}
$without_user_id = " AND user.user_id NOT IN(".implode(',',$user_ids).") ";
}
if ($relation_type == GROUP_USER_PERMISSION_PENDING_INVITATION) {
$condition_relation = " AND groups.relation_type IN (".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_READER.") ";
} else {
$condition_relation = " AND groups.relation_type = '$relation_type' ";
}
// data for destination user list
$sql = "SELECT user.user_id, user.username, user.lastname, user.firstname
FROM $tbl_group_rel_user groups
INNER JOIN $tbl_user user ON user.user_id = groups.user_id
WHERE groups.group_id = '$group_id' $condition_relation ";
$rs_destination = Database::query($sql);
if (Database::num_rows($rs_destination) > 0) {
$return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
while ($row = Database::fetch_array($rs_destination)) {
$person_name = api_get_person_name($row['firstname'], $row['lastname']);
$return_destination .= '<option value="'.$row['user_id'].'">'.$person_name.' ('.$row['username'].')</option>';
}
$return_destination .= '</select>';
} else {
$return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
}
$xajax_response -> addAssign('ajax_destination_list','innerHTML',api_utf8_encode($return_destination));
} else {
$return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
$xajax_response -> addAssign('ajax_destination_list','innerHTML',api_utf8_encode($return_destination));
if ($type == 'single') {
$return.= '';
$xajax_response -> addAssign('ajax_list_users_single','innerHTML',api_utf8_encode($return));
} else {
$return_origin .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
$xajax_response -> addAssign('ajax_origin_list_multiple','innerHTML',api_utf8_encode($return_origin));
}
}
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = Database::escape_string($needle);
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$user_anonymous=api_get_anonymous_id();
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
if ($type == 'single') {
if (!empty($group_id) && !empty($relation_type)) {
// search users where username or firstname or lastname begins likes $needle
$sql = "SELECT user_id, username, lastname, firstname FROM $tbl_user user
WHERE (username LIKE '$needle%' OR firstname LIKE '$needle%' OR lastname LIKE '$needle%')
AND user_id<>'$user_anonymous' $without_user_id $order_clause LIMIT 11";
if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = "SELECT user.user_id, username, lastname, firstname FROM $tbl_user user
INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = '$access_url_id' AND (username LIKE '$needle%' OR firstname LIKE '$needle%' OR lastname LIKE '$needle%')
AND user.user_id<>'$user_anonymous' $without_user_id $order_clause LIMIT 11 ";
}
}
$rs_single = Database::query($sql);
$i=0;
while ($user = Database :: fetch_array($rs_single)) {
$i++;
if ($i<=10) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user(\''.$user['user_id'].'\',\''.$person_name.' ('.$user['username'].')'.'\')">'.$person_name.' ('.$user['username'].')</a><br />';
} else {
$return .= '...<br />';
}
}
$xajax_response -> addAssign('ajax_list_users_single','innerHTML',api_utf8_encode($return));
} else {
$xajax_response ->addAlert(get_lang('YouMustChooseARelationType'));
$xajax_response->addClear('user_to_add', 'value');
}
} else {
// multiple
if (!empty($group_id) && !empty($relation_type)) {
$sql = "SELECT user_id, username, lastname, firstname FROM $tbl_user user
WHERE ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND user_id<>'$user_anonymous' $without_user_id $order_clause ";
if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = "SELECT user.user_id, username, lastname, firstname FROM $tbl_user user
INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = '$access_url_id'
AND ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%'
AND user.user_id<>'$user_anonymous' $without_user_id $order_clause ";
}
}
$rs_multiple = Database::query($sql);
$return_origin .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
while ($user = Database :: fetch_array($rs_multiple)) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return_origin .= '<option value="'.$user['user_id'].'">'.$person_name.' ('.$user['username'].')</option>';
}
$return_origin .= '</select>';
$xajax_response -> addAssign('ajax_origin_list_multiple','innerHTML',api_utf8_encode($return_origin));
}
}
}
return $xajax_response;
function search_users($needle, $type, $relation_type)
{
global $tbl_user, $tbl_user_rel_access_url, $tbl_group_rel_user, $group_id;
$xajax_response = new XajaxResponse();
$return = $return_origin = $return_destination = '';
$without_user_id = $without_user_id = $condition_relation = '';
if (!empty($group_id) && !empty($relation_type)) {
$group_id = intval($group_id);
$relation_type = intval($relation_type);
// get user_id from relation type and group id
$sql = "SELECT user_id FROM $tbl_group_rel_user
WHERE group_id = '$group_id'
AND relation_type IN (".GROUP_USER_PERMISSION_ADMIN.",".GROUP_USER_PERMISSION_READER.",".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_MODERATOR.", ".GROUP_USER_PERMISSION_HRM.") ";
$res = Database::query($sql);
$user_ids = array();
if (Database::num_rows($res) > 0) {
while ($row = Database::fetch_row($res)) {
$user_ids[] = $row[0];
}
$without_user_id = " AND user.user_id NOT IN(".implode(',', $user_ids).") ";
}
if ($relation_type == GROUP_USER_PERMISSION_PENDING_INVITATION) {
$condition_relation = " AND groups.relation_type IN (".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_READER.") ";
} else {
$condition_relation = " AND groups.relation_type = '$relation_type' ";
}
// data for destination user list
$sql = "SELECT user.user_id, user.username, user.lastname, user.firstname
FROM $tbl_group_rel_user groups
INNER JOIN $tbl_user user ON user.user_id = groups.user_id
WHERE groups.group_id = '$group_id' $condition_relation ";
$rs_destination = Database::query($sql);
if (Database::num_rows($rs_destination) > 0) {
$return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
while ($row = Database::fetch_array($rs_destination)) {
$person_name = api_get_person_name($row['firstname'], $row['lastname']);
$return_destination .= '<option value="'.$row['user_id'].'">'.$person_name.' ('.$row['username'].')</option>';
}
$return_destination .= '</select>';
} else {
$return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
}
$xajax_response->addAssign('ajax_destination_list','innerHTML',api_utf8_encode($return_destination));
} else {
$return_destination .= '<select id="destination_users" name="sessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
$xajax_response -> addAssign('ajax_destination_list','innerHTML',api_utf8_encode($return_destination));
if ($type == 'single') {
$return.= '';
$xajax_response -> addAssign('ajax_list_users_single','innerHTML',api_utf8_encode($return));
} else {
$return_origin .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;"></select>';
$xajax_response -> addAssign('ajax_origin_list_multiple','innerHTML',api_utf8_encode($return_origin));
}
}
if (!empty($needle) && !empty($type)) {
// xajax send utf8 datas... datas in db can be non-utf8 datas
$charset = api_get_system_encoding();
$needle = Database::escape_string($needle);
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$user_anonymous = api_get_anonymous_id();
$order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, username' : ' ORDER BY lastname, firstname, username';
if ($type == 'single') {
if (!empty($group_id) && !empty($relation_type)) {
// search users where username or firstname or lastname begins likes $needle
$sql = "SELECT user_id, username, lastname, firstname FROM $tbl_user user
WHERE (username LIKE '$needle%' OR firstname LIKE '$needle%' OR lastname LIKE '$needle%')
AND user_id<>'$user_anonymous' $without_user_id $order_clause LIMIT 11";
if (api_is_multiple_url_enabled()) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = "SELECT user.user_id, username, lastname, firstname FROM $tbl_user user
INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = '$access_url_id' AND (username LIKE '$needle%' OR firstname LIKE '$needle%' OR lastname LIKE '$needle%')
AND user.user_id<>'$user_anonymous' $without_user_id $order_clause LIMIT 11 ";
}
}
$rs_single = Database::query($sql);
$i=0;
while ($user = Database :: fetch_array($rs_single)) {
$i++;
if ($i<=10) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return .= '<a href="javascript: void(0);" onclick="javascript: add_user(\''.$user['user_id'].'\',\''.$person_name.' ('.$user['username'].')'.'\')">'.$person_name.' ('.$user['username'].')</a><br />';
} else {
$return .= '...<br />';
}
}
$xajax_response -> addAssign('ajax_list_users_single','innerHTML',api_utf8_encode($return));
} else {
$xajax_response ->addAlert(get_lang('YouMustChooseARelationType'));
$xajax_response->addClear('user_to_add', 'value');
}
} else {
// multiple
if (!empty($group_id) && !empty($relation_type)) {
$sql = "SELECT user_id, username, lastname, firstname FROM $tbl_user user
WHERE ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND user_id<>'$user_anonymous' $without_user_id $order_clause ";
if (api_is_multiple_url_enabled()) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = "SELECT user.user_id, username, lastname, firstname FROM $tbl_user user
INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = '$access_url_id'
AND ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%'
AND user.user_id<>'$user_anonymous' $without_user_id $order_clause ";
}
}
$rs_multiple = Database::query($sql);
$return_origin .= '<select id="origin_users" name="nosessionUsersList[]" multiple="multiple" size="15" style="width:360px;">';
while ($user = Database :: fetch_array($rs_multiple)) {
$person_name = api_get_person_name($user['firstname'], $user['lastname']);
$return_origin .= '<option value="'.$user['user_id'].'">'.$person_name.' ('.$user['username'].')</option>';
}
$return_origin .= '</select>';
$xajax_response->addAssign('ajax_origin_list_multiple','innerHTML',api_utf8_encode($return_origin));
}
}
}
return $xajax_response;
}
$xajax->processRequests();
$htmlHeadXtra[] = $xajax->getJavascript('../inc/lib/xajax/');
$htmlHeadXtra[] = '
<script>
function add_user (code, content) {
@ -187,18 +186,17 @@ function add_user (code, content) {
//document.getElementById("ajax_list_users_single").innerHTML = "";
destination = document.getElementById("destination_users");
for (i=0;i<destination.length;i++) {
if(destination.options[i].text == content) {
return false;
if (destination.options[i].text == content) {
return false;
}
}
destination.options[destination.length] = new Option(content,code);
destination.selectedIndex = -1;
sortOptions(destination.options);
}
function remove_item(origin)
{
for(var i = 0 ; i<origin.options.length ; i++) {
@ -210,49 +208,48 @@ function remove_item(origin)
}
function validate_filter() {
document.formulaire.add_type.value = \''.$add_type.'\';
document.formulaire.form_sent.value=0;
document.formulaire.submit();
document.formulaire.add_type.value = \''.$add_type.'\';
document.formulaire.form_sent.value=0;
document.formulaire.submit();
}
</script>';
$form_sent=0;
$errorMsg=$firstLetterUser=$firstLetterSession='';
$UserList=$SessionList=array();
$users=$sessions=array();
$noPHP_SELF=true;
$form_sent = 0;
$errorMsg = $firstLetterUser = $firstLetterSession='';
$UserList = $SessionList = array();
$users = $sessions = array();
$noPHP_SELF = true;
$group_info = GroupPortalManager::get_group_data($group_id);
$group_name = $group_info['name'];
Display::display_header($group_name);
if ($_POST['form_sent']) {
$form_sent = $_POST['form_sent'];
$firstLetterUser = $_POST['firstLetterUser'];
$UserList = $_POST['sessionUsersList'];
$group_id = intval($_POST['id']);
$relation_type = intval($_POST['relation']);
if(!is_array($UserList)) {
$UserList=array();
}
if ($form_sent == 1) {
if ($relation_type == GROUP_USER_PERMISSION_PENDING_INVITATION) {
$relations = array(GROUP_USER_PERMISSION_PENDING_INVITATION,GROUP_USER_PERMISSION_READER);
$users_by_group = GroupPortalManager::get_users_by_group($group_id,null,$relations);
$user_id_relation = array_keys($users_by_group);
$user_relation_diff = array_diff($user_id_relation,$UserList);
foreach ($user_relation_diff as $user_id) {
GroupPortalManager::delete_user_rel_group($user_id,$group_id);
}
} else {
GroupPortalManager::delete_users($group_id, $relation_type);
}
$result = GroupPortalManager::add_users_to_groups($UserList, array($group_id), $relation_type);
Display :: display_confirmation_message(get_lang('UsersEdited'));
}
if (isset($_POST['form_sent']) && $_POST['form_sent']) {
$form_sent = $_POST['form_sent'];
$firstLetterUser = $_POST['firstLetterUser'];
$UserList = $_POST['sessionUsersList'];
$group_id = intval($_POST['id']);
$relation_type = intval($_POST['relation']);
if (!is_array($UserList)) {
$UserList=array();
}
if ($form_sent == 1) {
if ($relation_type == GROUP_USER_PERMISSION_PENDING_INVITATION) {
$relations = array(GROUP_USER_PERMISSION_PENDING_INVITATION,GROUP_USER_PERMISSION_READER);
$users_by_group = GroupPortalManager::get_users_by_group($group_id, null, $relations);
$user_id_relation = array_keys($users_by_group);
$user_relation_diff = array_diff($user_id_relation, $UserList);
foreach ($user_relation_diff as $user_id) {
GroupPortalManager::delete_user_rel_group($user_id, $group_id);
}
} else {
GroupPortalManager::delete_users($group_id, $relation_type);
}
$result = GroupPortalManager::add_users_to_groups($UserList, array($group_id), $relation_type);
Display :: display_confirmation_message(get_lang('UsersEdited'));
}
}
$nosessionUsersList = $sessionUsersList = array();
@ -262,123 +259,122 @@ $order_clause = api_sort_by_first_name() ? ' ORDER BY firstname, lastname, usern
if ($ajax_search) {
// data for destination list
if (isset($_POST['id']) && isset($_POST['relation'])) {
// data for destination user list
$id = intval($_POST['id']);
$relation_type = intval($_POST['relation']);
$condition_relation = "";
if ($relation_type==GROUP_USER_PERMISSION_PENDING_INVITATION) {
$condition_relation = " AND groups.relation_type IN (".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_READER.") ";
} else {
$condition_relation = " AND groups.relation_type = '$relation_type' ";
}
$sql = "SELECT user.user_id, user.username, user.lastname, user.firstname
FROM $tbl_group_rel_user groups
INNER JOIN $tbl_user user ON user.user_id = groups.user_id
WHERE groups.group_id = '$id' $condition_relation ";
$rs_destination = Database::query($sql);
if (Database::num_rows($rs_destination) > 0) {
while ($row_destination_list = Database::fetch_array($rs_destination)) {
$sessionUsersList[$row_destination_list['user_id']] = $row_destination_list ;
}
}
}
// data for destination list
if (isset($_POST['id']) && isset($_POST['relation'])) {
// data for destination user list
$id = intval($_POST['id']);
$relation_type = intval($_POST['relation']);
$condition_relation = "";
if ($relation_type == GROUP_USER_PERMISSION_PENDING_INVITATION) {
$condition_relation = " AND groups.relation_type IN (".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_READER.") ";
} else {
$condition_relation = " AND groups.relation_type = '$relation_type' ";
}
$sql = "SELECT user.user_id, user.username, user.lastname, user.firstname
FROM $tbl_group_rel_user groups
INNER JOIN $tbl_user user ON user.user_id = groups.user_id
WHERE groups.group_id = '$id' $condition_relation ";
$rs_destination = Database::query($sql);
if (Database::num_rows($rs_destination) > 0) {
while ($row_destination_list = Database::fetch_array($rs_destination)) {
$sessionUsersList[$row_destination_list['user_id']] = $row_destination_list ;
}
}
}
} else {
$many_users = false;
$sql = "SELECT count(user_id) FROM $tbl_user user
WHERE ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND user_id<>'$user_anonymous' $without_user_id ";
if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = "SELECT count(user.user_id) FROM $tbl_user user
INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = '$access_url_id'
AND ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%'
AND user.user_id<>'$user_anonymous' $without_user_id ";
}
}
$rs_count = Database::query($sql);
$row_count = 0;
if (Database::num_rows($rs_count)) {
$row_count = Database::fetch_row($rs_count);
$row_count = $row_count[0];
}
if ($row_count > 2) $many_users = true;
// data for origin list
if (isset($_GET['id'])) {
$id = intval($_GET['id']);
$needle = Database::escape_string($_POST['firstLetterUser']);
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$user_anonymous=api_get_anonymous_id();
// get user_id from relation type and group id
$sql = "SELECT user_id FROM $tbl_group_rel_user
WHERE group_id = $id
AND relation_type IN (".GROUP_USER_PERMISSION_ADMIN.",".GROUP_USER_PERMISSION_READER.",".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_MODERATOR.", ".GROUP_USER_PERMISSION_HRM.") ";
$res = Database::query($sql);
$user_ids = array();
if (Database::num_rows($res) > 0) {
while ($row = Database::fetch_row($res)) {
$user_ids[] = $row[0];
}
$without_user_id = " AND user.user_id NOT IN(".implode(',',$user_ids).") ";
}
$sql = "SELECT user_id, username, lastname, firstname FROM $tbl_user user
WHERE ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND user_id<>'$user_anonymous' $without_user_id $order_clause ";
if ($_configuration['multiple_access_urls']) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = "SELECT user.user_id, username, lastname, firstname FROM $tbl_user user
INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = '$access_url_id'
AND ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%'
AND user.user_id<>'$user_anonymous' $without_user_id $order_clause ";
}
}
$rs_origin_list = Database::query($sql);
while ($row_origin_list = Database::fetch_array($rs_origin_list)) {
$nosessionUsersList[$row_origin_list['user_id']] = $row_origin_list;
}
}
// data for destination list
if (isset($_POST['id']) && isset($_POST['relation'])) {
// data for destination user list
$id = intval($_POST['id']);
$relation_type = intval($_POST['relation']);
if ($relation_type==GROUP_USER_PERMISSION_PENDING_INVITATION) {
$condition_relation = " AND groups.relation_type IN (".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_READER.") ";
} else {
$condition_relation = " AND groups.relation_type = '$relation_type' ";
}
$sql = "SELECT user.user_id, user.username, user.lastname, user.firstname
FROM $tbl_group_rel_user groups
INNER JOIN $tbl_user user ON user.user_id = groups.user_id
WHERE groups.group_id = '$id' $condition_relation ";
$rs_destination = Database::query($sql);
if (Database::num_rows($rs_destination) > 0) {
while ($row_destination_list = Database::fetch_array($rs_destination)) {
$sessionUsersList[$row_destination_list['user_id']] = $row_destination_list ;
}
}
}
$many_users = false;
$sql = "SELECT count(user_id) FROM $tbl_user user
WHERE ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND user_id<>'$user_anonymous' $without_user_id ";
if (api_is_multiple_url_enabled()) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = "SELECT count(user.user_id) FROM $tbl_user user
INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = '$access_url_id'
AND ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%'
AND user.user_id<>'$user_anonymous' $without_user_id ";
}
}
$rs_count = Database::query($sql);
$row_count = 0;
if (Database::num_rows($rs_count)) {
$row_count = Database::fetch_row($rs_count);
$row_count = $row_count[0];
}
if ($row_count > 2) $many_users = true;
// data for origin list
if (isset($_GET['id'])) {
$id = intval($_GET['id']);
$needle = isset($_POST['firstLetterUser']) ? Database::escape_string($_POST['firstLetterUser']) : null;
$needle = api_convert_encoding($needle, $charset, 'utf-8');
$user_anonymous=api_get_anonymous_id();
// get user_id from relation type and group id
$sql = "SELECT user_id FROM $tbl_group_rel_user
WHERE group_id = $id
AND relation_type IN (".GROUP_USER_PERMISSION_ADMIN.",".GROUP_USER_PERMISSION_READER.",".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_MODERATOR.", ".GROUP_USER_PERMISSION_HRM.") ";
$res = Database::query($sql);
$user_ids = array();
if (Database::num_rows($res) > 0) {
while ($row = Database::fetch_row($res)) {
$user_ids[] = $row[0];
}
$without_user_id = " AND user.user_id NOT IN(".implode(',',$user_ids).") ";
}
$sql = "SELECT user_id, username, lastname, firstname FROM $tbl_user user
WHERE ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND user_id<>'$user_anonymous' $without_user_id $order_clause ";
if (api_is_multiple_url_enabled()) {
$access_url_id = api_get_current_access_url_id();
if ($access_url_id != -1) {
$sql = "SELECT user.user_id, username, lastname, firstname FROM $tbl_user user
INNER JOIN $tbl_user_rel_access_url url_user ON (url_user.user_id=user.user_id)
WHERE access_url_id = '$access_url_id'
AND ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%'
AND user.user_id<>'$user_anonymous' $without_user_id $order_clause ";
}
}
$rs_origin_list = Database::query($sql);
while ($row_origin_list = Database::fetch_array($rs_origin_list)) {
$nosessionUsersList[$row_origin_list['user_id']] = $row_origin_list;
}
}
// data for destination list
if (isset($_POST['id']) && isset($_POST['relation'])) {
// data for destination user list
$id = intval($_POST['id']);
$relation_type = intval($_POST['relation']);
if ($relation_type == GROUP_USER_PERMISSION_PENDING_INVITATION) {
$condition_relation = " AND groups.relation_type IN (".GROUP_USER_PERMISSION_PENDING_INVITATION.",".GROUP_USER_PERMISSION_READER.") ";
} else {
$condition_relation = " AND groups.relation_type = '$relation_type' ";
}
$sql = "SELECT user.user_id, user.username, user.lastname, user.firstname
FROM $tbl_group_rel_user groups
INNER JOIN $tbl_user user ON user.user_id = groups.user_id
WHERE groups.group_id = '$id' $condition_relation ";
$rs_destination = Database::query($sql);
if (Database::num_rows($rs_destination) > 0) {
while ($row_destination_list = Database::fetch_array($rs_destination)) {
$sessionUsersList[$row_destination_list['user_id']] = $row_destination_list ;
}
}
}
}
if ($add_type == 'multiple') {
$link_add_type_unique = '<a href="'.api_get_self().'?id='.$group_id.'&add='.Security::remove_XSS($_GET['add']).'&add_type=unique">'.Display::return_icon('single.gif').get_lang('SessionAddTypeUnique').'</a>';
$link_add_type_multiple = Display::return_icon('multiple.gif').get_lang('SessionAddTypeMultiple');
$link_add_type_unique = '<a href="'.api_get_self().'?id='.$group_id.'&add='.Security::remove_XSS($_GET['add']).'&add_type=unique">'.Display::return_icon('single.gif').get_lang('SessionAddTypeUnique').'</a>';
$link_add_type_multiple = Display::return_icon('multiple.gif').get_lang('SessionAddTypeMultiple');
} else {
$link_add_type_unique = Display::return_icon('single.gif').get_lang('SessionAddTypeUnique');
$link_add_type_multiple = '<a href="'.api_get_self().'?id='.$group_id.'&add='.Security::remove_XSS($_GET['add']).'&add_type=multiple">'.Display::return_icon('multiple.gif').get_lang('SessionAddTypeMultiple').'</a>';
$link_add_type_unique = Display::return_icon('single.gif').get_lang('SessionAddTypeUnique');
$link_add_type_multiple = '<a href="'.api_get_self().'?id='.$group_id.'&add='.Security::remove_XSS($_GET['add']).'&add_type=multiple">'.Display::return_icon('multiple.gif').get_lang('SessionAddTypeMultiple').'</a>';
}
?>
@ -387,7 +383,7 @@ if ($add_type == 'multiple') {
</div>
<form name="formulaire" method="post" action="<?php echo api_get_self(); ?>?id=<?php echo $group_id; ?><?php if(!empty($_GET['add'])) echo '&add=true' ; ?>" style="margin:0px;" <?php if($ajax_search){echo ' onsubmit="valide();"';}?>>
<?php echo '<legend>'.$tool_name.' ('.$group_info['name'].')</legend>'; ?>
<?php echo '<legend>'.$tool_name.' ('.$group_info['name'].')</legend>'; ?>
<?php if ($add_type=='multiple') { ?>
<select name="relation" id="relation" onchange="xajax_search_users(document.getElementById('firstLetterUser').value,'multiple',this.value)">
<?php } else { ?>
@ -399,36 +395,6 @@ if ($add_type == 'multiple') {
<option value="<?php echo GROUP_USER_PERMISSION_MODERATOR ?>" <?php echo ((isset($_POST['relation']) && $_POST['relation']==GROUP_USER_PERMISSION_MODERATOR)?'selected=selected':'') ?> > <?php echo get_lang('Moderator') ?></option>
<option value="<?php echo GROUP_USER_PERMISSION_HRM ?>" <?php echo ((isset($_POST['relation']) && $_POST['relation']==GROUP_USER_PERMISSION_HRM)?'selected=selected':'') ?> > <?php echo get_lang('Drh') ?></option>
</select>
<?php
if ($add_type=='multiple') {
if (is_array($extra_field_list)) {
if (is_array($new_field_list) && count($new_field_list)>0 ) {
echo '<h3>'.get_lang('FilterUsers').'</h3>';
foreach ($new_field_list as $new_field) {
echo $new_field['name'];
$varname = 'field_'.$new_field['variable'];
echo '&nbsp;<select name="'.$varname.'">';
echo '<option value="0">--'.get_lang('Select').'--</option>';
foreach ($new_field['data'] as $option) {
$checked='';
if (isset($_POST[$varname])) {
if ($_POST[$varname]==$option[1]) {
$checked = 'selected="true"';
}
}
echo '<option value="'.$option[1].'" '.$checked.'>'.$option[1].'</option>';
}
echo '</select>';
echo '&nbsp;&nbsp;';
}
echo '<input type="button" value="'.get_lang('Filter').'" onclick="validate_filter()" />';
echo '<br /><br />';
}
}
}
?>
<input type="hidden" name="form_sent" value="1" />
<input type="hidden" name="id" value="<?php echo $group_id ?>" />
<input type="hidden" name="add_type" value="<?php echo $add_type ?>" />
@ -538,7 +504,6 @@ if(!empty($errorMsg)) {
</form>
<script>
<!--
function moveItem(origin , destination){
for(var i = 0 ; i<origin.options.length ; i++) {
@ -590,9 +555,7 @@ function valide() {
}
}
function loadUsersInSelect(select){
function loadUsersInSelect(select) {
var xhr_object = null;
if(window.XMLHttpRequest) // Firefox
@ -602,12 +565,9 @@ function loadUsersInSelect(select){
else // XMLHttpRequest non supporté par le navigateur
alert("Votre navigateur ne supporte pas les objets XMLHTTPRequest...");
//xhr_object.open("GET", "loadUsersInSelect.ajax.php?id_session=<?php echo $id_session ?>&letter="+select.options[select.selectedIndex].text, false);
xhr_object.open("POST", "loadUsersInSelect.ajax.php");
xhr_object.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
nosessionUsers = makepost(document.getElementById('origin_users'));
sessionUsers = makepost(document.getElementById('destination_users'));
nosessionClasses = makepost(document.getElementById('origin_classes'));
@ -632,9 +592,7 @@ function makepost(select){
return ret;
}
-->
</script>
<?php
/* FOOTER */
Display::display_footer();
Display::display_footer();

Write Preview
Loading…
Cancel
Save