From a722bf7bab0a25dff210f0dea40fbd309ee93e1c Mon Sep 17 00:00:00 2001
From: Julio Montoya <gugli100@gmail.com>
Date: Mon, 24 Feb 2014 16:22:39 +0100
Subject: [PATCH] Minor - fixing PHP warnings.

---
 main/admin/dashboard_add_courses_to_user.php  | 108 ++++++------
 main/admin/dashboard_add_sessions_to_user.php |  57 +++---
 main/admin/dashboard_add_users_to_user.php    | 162 +++++++++---------
 3 files changed, 163 insertions(+), 164 deletions(-)

diff --git a/main/admin/dashboard_add_courses_to_user.php b/main/admin/dashboard_add_courses_to_user.php
index 9a49125627..3cbd27e898 100644
--- a/main/admin/dashboard_add_courses_to_user.php
+++ b/main/admin/dashboard_add_courses_to_user.php
@@ -7,9 +7,9 @@
 */
 
 // name of the language file that needs to be included
-$language_file='admin';
+$language_file = 'admin';
 // resetting the course id
-$cidReset=true;
+$cidReset = true;
 
 // including some necessary dokeos files
 require_once '../inc/global.inc.php';
@@ -17,10 +17,9 @@ require_once '../inc/lib/xajax/xajax.inc.php';
 
 global $_configuration;
 
-
 // create an ajax object
 $xajax = new xajax();
-$xajax -> registerFunction ('search_courses');
+$xajax->registerFunction('search_courses');
 
 // setting the section (for the tabs)
 $this_section = SECTION_PLATFORM_ADMIN;
@@ -33,12 +32,11 @@ $interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdm
 $interbreadcrumb[] = array('url' => 'user_list.php','name' => get_lang('UserList'));
 
 // Database Table Definitions
-$tbl_course 			= 	Database::get_main_table(TABLE_MAIN_COURSE);
-$tbl_course_rel_user 	= 	Database::get_main_table(TABLE_MAIN_COURSE_USER);
-$tbl_course_rel_access_url 	= 	Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
+$tbl_course = Database::get_main_table(TABLE_MAIN_COURSE);
+$tbl_course_rel_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
+$tbl_course_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
 
 // initializing variables
-$id_session=intval($_GET['id_session']);
 $user_id = intval($_GET['user']);
 $user_info = api_get_user_info($user_id);
 $user_anonymous  = api_get_anonymous_id();
@@ -54,7 +52,7 @@ if (UserManager::is_admin($user_id)) {
 }
 
 $add_type = 'multiple';
-if(isset($_GET['add_type']) && $_GET['add_type']!=''){
+if(isset($_GET['add_type']) && $_GET['add_type']!='') {
 	$add_type = Security::remove_XSS($_REQUEST['add_type']);
 }
 
@@ -62,34 +60,34 @@ if (!api_is_platform_admin()) {
 	api_not_allowed(true);
 }
 
-function search_courses($needle,$type) {
-	global $_configuration, $tbl_course, $tbl_course_rel_user, $tbl_course_rel_access_url,$user_id;
-
-	$xajax_response = new XajaxResponse();
-	$return = '';
-	if(!empty($needle) && !empty($type)) {
-		// xajax send utf8 datas... datas in db can be non-utf8 datas
-		$charset = api_get_system_encoding();
-		$needle = api_convert_encoding($needle, $charset, 'utf-8');
-
-		$assigned_courses_to_hrm = CourseManager::get_courses_followed_by_drh($user_id);
-		$assigned_courses_code = array_keys($assigned_courses_to_hrm);
-		foreach ($assigned_courses_code as &$value) {
-			$value = "'".$value."'";
-		}
-		$without_assigned_courses = '';
-		if (count($assigned_courses_code) > 0) {
-			$without_assigned_courses = " AND c.code NOT IN(".implode(',',$assigned_courses_code).")";
-		}
-
-		if ($_configuration['multiple_access_urls']) {
-			$sql = "SELECT c.code, c.title FROM $tbl_course c LEFT JOIN $tbl_course_rel_access_url a ON (a.course_code = c.code)
-				WHERE  c.code LIKE '$needle%' $without_assigned_courses AND access_url_id = ".api_get_current_access_url_id()."";
-		} else {
-			$sql = "SELECT c.code, c.title FROM $tbl_course c
-				WHERE  c.code LIKE '$needle%' $without_assigned_courses ";
-		}
-
+function search_courses($needle,$type)
+{
+    global $_configuration, $tbl_course, $tbl_course_rel_user, $tbl_course_rel_access_url,$user_id;
+
+    $xajax_response = new XajaxResponse();
+    $return = '';
+    if(!empty($needle) && !empty($type)) {
+        // xajax send utf8 datas... datas in db can be non-utf8 datas
+        $charset = api_get_system_encoding();
+        $needle = api_convert_encoding($needle, $charset, 'utf-8');
+
+        $assigned_courses_to_hrm = CourseManager::get_courses_followed_by_drh($user_id);
+        $assigned_courses_code = array_keys($assigned_courses_to_hrm);
+        foreach ($assigned_courses_code as &$value) {
+            $value = "'".$value."'";
+        }
+        $without_assigned_courses = '';
+        if (count($assigned_courses_code) > 0) {
+            $without_assigned_courses = " AND c.code NOT IN(".implode(',',$assigned_courses_code).")";
+        }
+
+        if ($_configuration['multiple_access_urls']) {
+            $sql = "SELECT c.code, c.title FROM $tbl_course c LEFT JOIN $tbl_course_rel_access_url a ON (a.course_code = c.code)
+                WHERE  c.code LIKE '$needle%' $without_assigned_courses AND access_url_id = ".api_get_current_access_url_id()."";
+        } else {
+            $sql = "SELECT c.code, c.title FROM $tbl_course c
+                WHERE  c.code LIKE '$needle%' $without_assigned_courses ";
+        }
 
 		$rs	= Database::query($sql);
 
@@ -103,11 +101,10 @@ function search_courses($needle,$type) {
 	return $xajax_response;
 }
 
-$xajax -> processRequests();
+$xajax->processRequests();
 $htmlHeadXtra[] = $xajax->getJavascript('../inc/lib/xajax/');
 $htmlHeadXtra[] = '
 <script type="text/javascript">
-<!--
 function moveItem(origin , destination) {
 	for(var i = 0 ; i<origin.options.length ; i++) {
 		if(origin.options[i].selected) {
@@ -155,7 +152,6 @@ function remove_item(origin) {
 		}
 	}
 }
--->
 </script>';
 
 $formSent=0;
@@ -163,12 +159,12 @@ $errorMsg = $firstLetterCourse = '';
 $UserList = array();
 
 $msg = '';
-if (intval($_POST['formSent']) == 1) {
-	$courses_list = $_POST['CoursesList'];
-	$affected_rows = CourseManager::suscribe_courses_to_hr_manager($user_id,$courses_list);
-	if ($affected_rows)	{
-		$msg = get_lang('AssignedCoursesHaveBeenUpdatedSuccessfully');
-	}
+if (isset($_POST['formSent']) && intval($_POST['formSent']) == 1) {
+    $courses_list = $_POST['CoursesList'];
+    $affected_rows = CourseManager::suscribe_courses_to_hr_manager($user_id,$courses_list);
+    if ($affected_rows)	{
+        $msg = get_lang('AssignedCoursesHaveBeenUpdatedSuccessfully');
+    }
 }
 
 // display header
@@ -200,15 +196,19 @@ if (isset($_POST['firstLetterCourse'])) {
 	$needle = "$needle%";
 }
 
-if ($_configuration['multiple_access_urls']) {
-	$sql 	= " SELECT c.code, c.title FROM $tbl_course c LEFT JOIN $tbl_course_rel_access_url a ON (a.course_code = c.code)
-                WHERE  c.code LIKE '$needle' $without_assigned_courses AND access_url_id = ".api_get_current_access_url_id()."
-                ORDER BY c.title";
+if (api_is_multiple_url_enabled()) {
+	$sql = " SELECT c.code, c.title
+            FROM $tbl_course c
+            LEFT JOIN $tbl_course_rel_access_url a ON (a.course_code = c.code)
+            WHERE
+                c.code LIKE '$needle' $without_assigned_courses AND
+                access_url_id = ".api_get_current_access_url_id()."
+            ORDER BY c.title";
 
 } else {
-	$sql 	= " SELECT c.code, c.title FROM $tbl_course c
-                WHERE  c.code LIKE '$needle' $without_assigned_courses 
-                ORDER BY c.title";
+	$sql= " SELECT c.code, c.title FROM $tbl_course c
+            WHERE  c.code LIKE '$needle' $without_assigned_courses
+            ORDER BY c.title";
 }
 
 
@@ -304,4 +304,4 @@ if(!empty($msg)) {
 
 </form>
 <?php
-Display::display_footer();
\ No newline at end of file
+Display::display_footer();
diff --git a/main/admin/dashboard_add_sessions_to_user.php b/main/admin/dashboard_add_sessions_to_user.php
index 7e1ada83a6..5f54e08396 100644
--- a/main/admin/dashboard_add_sessions_to_user.php
+++ b/main/admin/dashboard_add_sessions_to_user.php
@@ -7,7 +7,7 @@
 */
 
 // name of the language file that needs to be included
-$language_file='admin';
+$language_file = 'admin';
 // resetting the course id
 $cidReset = true;
 
@@ -34,37 +34,37 @@ $tbl_session 			= 	Database::get_main_table(TABLE_MAIN_SESSION);
 $tbl_session_rel_user 	= 	Database::get_main_table(TABLE_MAIN_SESSION_USER);
 $tbl_session_rel_access_url = 	Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
 
-// initializing variables
-$id_session = intval($_GET['id_session']);
-$user_id = intval($_GET['user']);
+// Initializing variables
+$user_id = isset($_GET['user']) ? intval($_GET['user']) : null;
 $user_info = api_get_user_info($user_id);
 $user_anonymous = api_get_anonymous_id();
 $current_user_id = api_get_user_id();
 
-// setting the name of the tool
+// Setting the name of the tool
 if (UserManager::is_admin($user_id)) {
-	$tool_name= get_lang('AssignSessionsToPlatformAdministrator');
+	$tool_name = get_lang('AssignSessionsToPlatformAdministrator');
 } else if ($user_info['status'] == SESSIONADMIN) {
-	$tool_name= get_lang('AssignSessionsToSessionsAdministrator');
+    $tool_name = get_lang('AssignSessionsToSessionsAdministrator');
 } else {
-	$tool_name= get_lang('AssignSessionsToHumanResourcesManager');
+    $tool_name = get_lang('AssignSessionsToHumanResourcesManager');
 }
 
 $add_type = 'multiple';
-if (isset($_GET['add_type']) && $_GET['add_type']!=''){
+if (isset($_GET['add_type']) && $_GET['add_type']!='') {
     $add_type = Security::remove_XSS($_REQUEST['add_type']);
 }
 
 if (!api_is_platform_admin() && !api_is_session_admin()) {
-	api_not_allowed(true);
+    api_not_allowed(true);
 }
 
-function search_sessions($needle,$type) {
+function search_sessions($needle,$type)
+{
     global $_configuration, $tbl_session_rel_access_url, $tbl_session, $user_id;
 
     $xajax_response = new XajaxResponse();
     $return = '';
-    if(!empty($needle) && !empty($type)) {
+    if (!empty($needle) && !empty($type)) {
         // xajax send utf8 datas... datas in db can be non-utf8 datas
         $charset = api_get_system_encoding();
         $needle = api_convert_encoding($needle, $charset, 'utf-8');
@@ -73,19 +73,18 @@ function search_sessions($needle,$type) {
 
         $without_assigned_sessions = '';
         if (count($assigned_sessions_id) > 0) {
-            $without_assigned_sessions = " AND s.id NOT IN(".implode(',',$assigned_sessions_id).")";
+            $without_assigned_sessions = " AND s.id NOT IN(".implode(',', $assigned_sessions_id).")";
         }
 
         if ($_configuration['multiple_access_urls']) {
-            $sql 	= " SELECT s.id, s.name FROM $tbl_session s LEFT JOIN $tbl_session_rel_access_url a ON (s.id = a.session_id)
+            $sql 	= " SELECT s.id, s.name FROM $tbl_session s
+                        LEFT JOIN $tbl_session_rel_access_url a ON (s.id = a.session_id)
                         WHERE  s.name LIKE '$needle%' $without_assigned_sessions AND access_url_id = ".api_get_current_access_url_id()."";
         } else {
             $sql = "SELECT s.id, s.name FROM $tbl_session s
                     WHERE  s.name LIKE '$needle%' $without_assigned_sessions ";
         }
-
         $rs	= Database::query($sql);
-
         $return .= '<select id="origin" name="NoAssignedSessionsList[]" multiple="multiple" size="20" style="width:340px;">';
         while($session = Database :: fetch_array($rs)) {
             $return .= '<option value="'.$session['id'].'" title="'.htmlspecialchars($session['name'],ENT_QUOTES).'">'.$session['name'].'</option>';
@@ -154,7 +153,7 @@ $errorMsg = $firstLetterSession = '';
 $UserList = array();
 
 $msg = '';
-if (intval($_POST['formSent']) == 1) {
+if (isset($_POST['formSent']) && intval($_POST['formSent']) == 1) {
     $sessions_list = $_POST['SessionsList'];
     $userInfo = api_get_user_info($user_id);
     $affected_rows = SessionManager::suscribe_sessions_to_hr_manager($userInfo, $sessions_list);
@@ -188,24 +187,26 @@ if (count($assigned_sessions_id) > 0) {
 
 $needle = '%';
 if (isset($_POST['firstLetterSession'])) {
-	$needle = Database::escape_string($_POST['firstLetterSession']);
-	$needle = "$needle%";
+    $needle = Database::escape_string($_POST['firstLetterSession']);
+    $needle = "$needle%";
 }
 
 if (api_is_multiple_url_enabled()) {
-	$sql 	= " SELECT s.id, s.name FROM $tbl_session s LEFT JOIN $tbl_session_rel_access_url a ON (s.id = a.session_id)
-				WHERE  s.name LIKE '$needle%' $without_assigned_sessions AND access_url_id = ".api_get_current_access_url_id()."
-                ORDER BY s.name";
+	$sql = "SELECT s.id, s.name
+	        FROM $tbl_session s
+            LEFT JOIN $tbl_session_rel_access_url a ON (s.id = a.session_id)
+            WHERE
+                s.name LIKE '$needle%' $without_assigned_sessions AND
+                access_url_id = ".api_get_current_access_url_id()."
+            ORDER BY s.name";
 } else {
-    $sql 	= " SELECT s.id, s.name FROM $tbl_session s
-				WHERE  s.name LIKE '$needle%' $without_assigned_sessions
-                ORDER BY s.name
-                ";
+    $sql = "SELECT s.id, s.name FROM $tbl_session s
+		    WHERE  s.name LIKE '$needle%' $without_assigned_sessions
+            ORDER BY s.name";
 }
-
 $result	= Database::query($sql);
 ?>
-<form name="formulaire" method="post" action="<?php echo api_get_self(); ?>?user=<?php echo $user_id ?>" style="margin:0px;" <?php if($ajax_search){echo ' onsubmit="valide();"';}?>>
+<form name="formulaire" method="post" action="<?php echo api_get_self(); ?>?user=<?php echo $user_id ?>" style="margin:0px;" <?php if($ajax_search){ echo ' onsubmit="valide();"';}?>>
 <input type="hidden" name="formSent" value="1" />
 <?php
 if(!empty($msg)) {
diff --git a/main/admin/dashboard_add_users_to_user.php b/main/admin/dashboard_add_users_to_user.php
index 684d43d5b0..087e3ab3cc 100644
--- a/main/admin/dashboard_add_users_to_user.php
+++ b/main/admin/dashboard_add_users_to_user.php
@@ -7,9 +7,9 @@
 */
 
 // name of the language file that needs to be included
-$language_file='admin';
+$language_file = 'admin';
 // resetting the course id
-$cidReset=true;
+$cidReset = true;
 
 // including some necessary dokeos files
 require_once '../inc/global.inc.php';
@@ -19,7 +19,7 @@ global $_configuration;
 
 // create an ajax object
 $xajax = new xajax();
-$xajax -> registerFunction ('search_users');
+$xajax->registerFunction('search_users');
 
 // setting the section (for the tabs)
 $this_section = SECTION_PLATFORM_ADMIN;
@@ -32,11 +32,10 @@ $interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdm
 $interbreadcrumb[] = array('url' => 'user_list.php','name' => get_lang('UserList'));
 
 // Database Table Definitions
-$tbl_user 			= 	Database::get_main_table(TABLE_MAIN_USER);
-$tbl_access_url_rel_user		= 	Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
+$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
+$tbl_access_url_rel_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
 
 // initializing variables
-$id_session=intval($_GET['id_session']);
 $user_id = intval($_GET['user']);
 $user_info = api_get_user_info($user_id);
 $user_anonymous  = api_get_anonymous_id();
@@ -44,95 +43,96 @@ $current_user_id = api_get_user_id();
 
 // setting the name of the tool
 if (UserManager::is_admin($user_id)) {
-	$tool_name= get_lang('AssignUsersToPlatformAdministrator');
+    $tool_name= get_lang('AssignUsersToPlatformAdministrator');
 } else if ($user_info['status'] == SESSIONADMIN) {
-	$tool_name= get_lang('AssignUsersToSessionsAdministrator');
+    $tool_name= get_lang('AssignUsersToSessionsAdministrator');
 } else {
-	$tool_name= get_lang('AssignUsersToHumanResourcesManager');
+    $tool_name= get_lang('AssignUsersToHumanResourcesManager');
 }
 
 $add_type = 'multiple';
-if(isset($_GET['add_type']) && $_GET['add_type']!=''){
+if(isset($_GET['add_type']) && $_GET['add_type']!='') {
 	$add_type = Security::remove_XSS($_REQUEST['add_type']);
 }
 
 if (!api_is_platform_admin()) {
-	api_not_allowed(true);
+    api_not_allowed(true);
 }
 
-function search_users($needle,$type) {
-	global $_configuration,$tbl_access_url_rel_user,  $tbl_user, $user_anonymous, $current_user_id, $user_id;
+function search_users($needle,$type)
+{
+    global $_configuration,$tbl_access_url_rel_user,  $tbl_user, $user_anonymous, $current_user_id, $user_id;
 
-	$xajax_response = new XajaxResponse();
-	$return = '';
-	if(!empty($needle) && !empty($type)) {
-		// xajax send utf8 datas... datas in db can be non-utf8 datas
-		$charset = api_get_system_encoding();
-		$needle = api_convert_encoding($needle, $charset, 'utf-8');
+    $xajax_response = new XajaxResponse();
+    $return = '';
+    if (!empty($needle) && !empty($type)) {
+        // xajax send utf8 datas... datas in db can be non-utf8 datas
+        $charset = api_get_system_encoding();
+        $needle = api_convert_encoding($needle, $charset, 'utf-8');
 
-		$assigned_users_to_hrm = UserManager::get_users_followed_by_drh($user_id);
-		$assigned_users_id = array_keys($assigned_users_to_hrm);
-		$without_assigned_users = '';
+        $assigned_users_to_hrm = UserManager::get_users_followed_by_drh($user_id);
+        $assigned_users_id = array_keys($assigned_users_to_hrm);
+        $without_assigned_users = '';
 
-		if (count($assigned_users_id) > 0) {
-			$without_assigned_users = " AND user.user_id NOT IN(".implode(',',$assigned_users_id).")";
-		}
+        if (count($assigned_users_id) > 0) {
+            $without_assigned_users = " AND user.user_id NOT IN(".implode(',',$assigned_users_id).")";
+        }
 
-		if ($_configuration['multiple_access_urls']) {
-			$sql = "SELECT user.user_id, username, lastname, firstname FROM $tbl_user user LEFT JOIN $tbl_access_url_rel_user au ON (au.user_id = user.user_id)
-			WHERE  ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND status NOT IN(".DRH.", ".SESSIONADMIN.") AND user.user_id NOT IN ($user_anonymous, $current_user_id, $user_id) $without_assigned_users AND access_url_id = ".api_get_current_access_url_id()."";
+        if (api_is_multiple_url_enabled()) {
+            $sql = "SELECT user.user_id, username, lastname, firstname
+                    FROM $tbl_user user LEFT JOIN $tbl_access_url_rel_user au ON (au.user_id = user.user_id)
+                    WHERE  ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND status NOT IN(".DRH.", ".SESSIONADMIN.") AND user.user_id NOT IN ($user_anonymous, $current_user_id, $user_id) $without_assigned_users AND access_url_id = ".api_get_current_access_url_id()."";
 
-		} else {
-			$sql = "SELECT user_id, username, lastname, firstname FROM $tbl_user user
-			WHERE  ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND status NOT IN(".DRH.", ".SESSIONADMIN.") AND user_id NOT IN ($user_anonymous, $current_user_id, $user_id) $without_assigned_users";
-		}
+        } else {
+            $sql = "SELECT user_id, username, lastname, firstname
+                    FROM $tbl_user user
+                    WHERE  ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND status NOT IN(".DRH.", ".SESSIONADMIN.") AND user_id NOT IN ($user_anonymous, $current_user_id, $user_id) $without_assigned_users";
+        }
 
 		$rs	= Database::query($sql);
-
-		$xajax_response -> addAssign('ajax_list_users_multiple','innerHTML',api_utf8_encode($return));
-        
-    if ($type == 'single') {
-        $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
-        $access_url_id = api_get_current_access_url_id();
-        
-        $sql = 'SELECT user.user_id, username, lastname, firstname FROM '.$tbl_user.' user
-                INNER JOIN '.$tbl_user_rel_access_url.' url_user ON (url_user.user_id=user.user_id)
-                WHERE access_url_id = '.$access_url_id.'  AND (username LIKE "'.$needle.'%"
-                OR firstname LIKE "'.$needle.'%"
-                OR lastname LIKE "'.$needle.'%") AND user.status<>6 AND user.status<>'.DRH.' '.
-                $order_clause.
-               ' LIMIT 11';
-        $rs = Database::query($sql);
-        $i = 0;
-        while ($user = Database :: fetch_array($rs)) {
-            $i++;
-            if ($i <= 10) {
+		$xajax_response->addAssign('ajax_list_users_multiple','innerHTML',api_utf8_encode($return));
+
+        if ($type == 'single') {
+            $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
+            $access_url_id = api_get_current_access_url_id();
+
+            $sql = 'SELECT user.user_id, username, lastname, firstname
+                    FROM '.$tbl_user.' user
+                    INNER JOIN '.$tbl_user_rel_access_url.' url_user ON (url_user.user_id=user.user_id)
+                    WHERE access_url_id = '.$access_url_id.'  AND (username LIKE "'.$needle.'%"
+                    OR firstname LIKE "'.$needle.'%"
+                    OR lastname LIKE "'.$needle.'%") AND user.status<>6 AND user.status<>'.DRH.' '.
+                    $order_clause.
+                   ' LIMIT 11';
+            $rs = Database::query($sql);
+            $i = 0;
+            while ($user = Database :: fetch_array($rs)) {
+                $i++;
+                if ($i <= 10) {
+                    $person_name = api_get_person_name($user['firstname'], $user['lastname']);
+                    $return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_user(\''.$user['user_id'].'\',\''.$person_name.' ('.$user['username'].')'.'\')">'.$person_name.' ('.$user['username'].')</a><br />';
+                } else {
+                    $return .= '...<br />';
+                }
+            }
+           $xajax_response->addAssign('ajax_list_users_single','innerHTML',api_utf8_encode($return));
+        } else {
+            $return .= '<select id="origin" name="NoAssignedUsersList[]" multiple="multiple" size="20" style="width:340px;">';
+            while($user = Database :: fetch_array($rs)) {
                 $person_name = api_get_person_name($user['firstname'], $user['lastname']);
-                $return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_user(\''.$user['user_id'].'\',\''.$person_name.' ('.$user['username'].')'.'\')">'.$person_name.' ('.$user['username'].')</a><br />';
-            } else {
-                $return .= '...<br />';
+                $return .= '<option value="'.$user['user_id'].'" title="'.htmlspecialchars($person_name,ENT_QUOTES).'">'.$person_name.' ('.$user['username'].')</option>';
             }
+            $return .= '</select>';
+            $xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
         }
-
-       $xajax_response -> addAssign('ajax_list_users_single','innerHTML',api_utf8_encode($return));
-    } else {
-        $return .= '<select id="origin" name="NoAssignedUsersList[]" multiple="multiple" size="20" style="width:340px;">';
-	      while($user = Database :: fetch_array($rs)) {
-		        $person_name = api_get_person_name($user['firstname'], $user['lastname']);
-		        $return .= '<option value="'.$user['user_id'].'" title="'.htmlspecialchars($person_name,ENT_QUOTES).'">'.$person_name.' ('.$user['username'].')</option>';
-	      }
-	      $return .= '</select>';
-	      $xajax_response -> addAssign('ajax_list_users_multiple','innerHTML',api_utf8_encode($return));
-    }
 	}
 	return $xajax_response;
 }
 
-$xajax -> processRequests();
+$xajax->processRequests();
 $htmlHeadXtra[] = $xajax->getJavascript('../inc/lib/xajax/');
 $htmlHeadXtra[] = '
 <script type="text/javascript">
-<!--
 function add_user_to_user (code, content) {
 	document.getElementById("user_to_add").value = "";
 	document.getElementById("ajax_list_users_single").innerHTML = "";
@@ -195,7 +195,6 @@ function remove_item(origin) {
 		}
 	}
 }
--->
 </script>';
 
 $formSent=0;
@@ -203,15 +202,15 @@ $errorMsg = $firstLetterUser = '';
 $UserList = array();
 
 $msg = '';
-if (intval($_POST['formSent']) == 1) {
+if (isset($_POST['formSent']) && intval($_POST['formSent']) == 1) {
 	$user_list = $_POST['UsersList'];
-	$affected_rows = UserManager::suscribe_users_to_hr_manager($user_id,$user_list);
-	if ($affected_rows)	{
-		$msg = get_lang('AssignedUsersHaveBeenUpdatedSuccessfully');
-	}
+    $affected_rows = UserManager::suscribe_users_to_hr_manager($user_id,$user_list);
+    if ($affected_rows)	{
+        $msg = get_lang('AssignedUsersHaveBeenUpdatedSuccessfully');
+    }
 }
 
-// display header
+// Display header
 Display::display_header($tool_name);
 
 // actions
@@ -236,19 +235,18 @@ if (isset($_POST['firstLetterUser'])) {
 	$search_user ="AND ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%'";
 }
 
-
-if ($_configuration['multiple_access_urls']) {
-	$sql = "SELECT user.user_id, username, lastname, firstname FROM $tbl_user user  LEFT JOIN $tbl_access_url_rel_user au ON (au.user_id = user.user_id)
+if (api_is_multiple_url_enabled()) {
+	$sql = "SELECT user.user_id, username, lastname, firstname
+	        FROM $tbl_user user  LEFT JOIN $tbl_access_url_rel_user au ON (au.user_id = user.user_id)
 			WHERE $without_assigned_users user.user_id NOT IN ($user_anonymous, $current_user_id, $user_id) AND status NOT IN(".DRH.", ".SESSIONADMIN.") $search_user AND access_url_id = ".api_get_current_access_url_id()."
             ORDER BY firstname";
 } else {
-	$sql = "SELECT user_id, username, lastname, firstname FROM $tbl_user user
-			WHERE $without_assigned_users user_id NOT IN ($user_anonymous, $current_user_id, $user_id) AND status NOT IN(".DRH.", ".SESSIONADMIN.") $search_user 
+	$sql = "SELECT user_id, username, lastname, firstname
+	        FROM $tbl_user user
+			WHERE $without_assigned_users user_id NOT IN ($user_anonymous, $current_user_id, $user_id) AND status NOT IN(".DRH.", ".SESSIONADMIN.") $search_user
             ORDER BY firstname ";
 }
-
 $result	= Database::query($sql);
-
 ?>
 <form name="formulaire" method="post" action="<?php echo api_get_self(); ?>?user=<?php echo $user_id ?>" style="margin:0px;" <?php if($ajax_search){echo ' onsubmit="valide();"';}?>>
 <input type="hidden" name="formSent" value="1" />
@@ -344,4 +342,4 @@ if(!empty($msg)) {
 </form>
 
 <?php
-Display::display_footer();
\ No newline at end of file
+Display::display_footer();