Login successful. Go to $target_url"; $message .= '
'.sprintf(get_lang('LoginSuccessfulGoToX'),''.$target_url.''); Display :: display_header(get_lang('UserList')); Display :: display_normal_message($message,false); Display :: display_footer(); exit; } else { exit ("
WARNING UNDEFINED UID !! "); } } } /** * Get the total number of users on the platform * @see SortableTable#get_total_number_of_items() */ function get_number_of_users() { $user_table = Database :: get_main_table(TABLE_MAIN_USER); $sql = "SELECT COUNT(u.user_id) AS total_number_of_items FROM $user_table u"; // adding the filter to see the user's only of the current access_url if ((api_is_platform_admin() || api_is_session_admin()) && api_get_multiple_access_url()) { $access_url_rel_user_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); $sql.= " INNER JOIN $access_url_rel_user_table url_rel_user ON (u.user_id=url_rel_user.user_id)"; } if (isset($_GET['keyword_extra_data'])) { $keyword_extra_data = Database::escape_string($_GET['keyword_extra_data']); if (!empty($keyword_extra_data)) { $extra_info = UserManager::get_extra_field_information_by_name($keyword_extra_data); $field_id = $extra_info['id']; $sql.= " INNER JOIN user_field_values ufv ON u.user_id=ufv.user_id AND ufv.field_id=$field_id "; } } if ( isset ($_GET['keyword'])) { $keyword = Database::escape_string(trim($_GET['keyword'])); $sql .= " WHERE (u.firstname LIKE '%".$keyword."%' OR u.lastname LIKE '%".$keyword."%' OR concat(u.firstname,' ',u.lastname) LIKE '%".$keyword."%' OR concat(u.lastname,' ',u.firstname) LIKE '%".$keyword."%' OR u.username LIKE '%".$keyword."%' OR u.email LIKE '%".$keyword."%' OR u.official_code LIKE '%".$keyword."%') "; } elseif (isset ($_GET['keyword_firstname'])) { $admin_table = Database :: get_main_table(TABLE_MAIN_ADMIN); $keyword_firstname = Database::escape_string($_GET['keyword_firstname']); $keyword_lastname = Database::escape_string($_GET['keyword_lastname']); $keyword_email = Database::escape_string($_GET['keyword_email']); $keyword_officialcode = Database::escape_string($_GET['keyword_officialcode']); $keyword_username = Database::escape_string($_GET['keyword_username']); $keyword_status = Database::escape_string($_GET['keyword_status']); $query_admin_table = ''; $keyword_admin = ''; if ($keyword_status == SESSIONADMIN) { $keyword_status = '%'; $query_admin_table = " , $admin_table a "; $keyword_admin = ' AND a.user_id = u.user_id '; } $keyword_extra_value = ''; if (isset($_GET['keyword_extra_data'])) { if (!empty($_GET['keyword_extra_data']) && !empty($_GET['keyword_extra_data_text'])) { $keyword_extra_data_text = Database::escape_string($_GET['keyword_extra_data_text']); $keyword_extra_value = " AND ufv.field_value LIKE '%".trim($keyword_extra_data_text)."%' "; } } $keyword_active = isset($_GET['keyword_active']); $keyword_inactive = isset($_GET['keyword_inactive']); $sql .= $query_admin_table . " WHERE (u.firstname LIKE '%".$keyword_firstname."%' " . "AND u.lastname LIKE '%".$keyword_lastname."%' " . "AND u.username LIKE '%".$keyword_username."%' " . "AND u.email LIKE '%".$keyword_email."%' " . "AND u.official_code LIKE '%".$keyword_officialcode."%'" . "AND u.status LIKE '".$keyword_status."'" . $keyword_admin.$keyword_extra_value; if($keyword_active && !$keyword_inactive) { $sql .= " AND u.active='1'"; } elseif($keyword_inactive && !$keyword_active) { $sql .= " AND u.active='0'"; } $sql .= " ) "; } // adding the filter to see the user's only of the current access_url if ((api_is_platform_admin() || api_is_session_admin()) && api_get_multiple_access_url()) { $sql.= " AND url_rel_user.access_url_id=".api_get_current_access_url_id(); } $res = Database::query($sql); $obj = Database::fetch_object($res); return $obj->total_number_of_items; } /** * Get the users to display on the current page (fill the sortable-table) * @param int offset of first user to recover * @param int Number of users to get * @param int Column to sort on * @param string Order (ASC,DESC) * @see SortableTable#get_table_data($from) */ function get_user_data($from, $number_of_items, $column, $direction) { global $origin; $user_table = Database :: get_main_table(TABLE_MAIN_USER); $admin_table = Database :: get_main_table(TABLE_MAIN_ADMIN); $sql = "SELECT u.user_id AS col0, u.official_code AS col2, ".(api_is_western_name_order() ? "u.firstname AS col3, u.lastname AS col4," : "u.lastname AS col3, u.firstname AS col4,")." u.username AS col5, u.email AS col6, u.status AS col7, u.active AS col8, u.user_id AS col9 ". ", u.expiration_date AS exp ". " FROM $user_table u "; // adding the filter to see the user's only of the current access_url if ((api_is_platform_admin() || api_is_session_admin()) && api_get_multiple_access_url()) { $access_url_rel_user_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); $sql.= " INNER JOIN $access_url_rel_user_table url_rel_user ON (u.user_id=url_rel_user.user_id)"; } if (isset($_GET['keyword_extra_data'])) { $keyword_extra_data = Database::escape_string($_GET['keyword_extra_data']); if (!empty($keyword_extra_data)) { $extra_info = UserManager::get_extra_field_information_by_name($keyword_extra_data); $field_id = $extra_info['id']; $sql.= " INNER JOIN user_field_values ufv ON u.user_id=ufv.user_id AND ufv.field_id=$field_id "; } } if (isset ($_GET['keyword'])) { $keyword = Database::escape_string(trim($_GET['keyword'])); $sql .= " WHERE (u.firstname LIKE '%".$keyword."%' OR u.lastname LIKE '%".$keyword."%' OR concat(u.firstname,' ',u.lastname) LIKE '%".$keyword."%' OR concat(u.lastname,' ',u.firstname) LIKE '%".$keyword."%' OR u.username LIKE '%".$keyword."%' OR u.official_code LIKE '%".$keyword."%' OR u.email LIKE '%".$keyword."%' )"; } elseif (isset ($_GET['keyword_firstname'])) { $keyword_firstname = Database::escape_string($_GET['keyword_firstname']); $keyword_lastname = Database::escape_string($_GET['keyword_lastname']); $keyword_email = Database::escape_string($_GET['keyword_email']); $keyword_officialcode = Database::escape_string($_GET['keyword_officialcode']); $keyword_username = Database::escape_string($_GET['keyword_username']); $keyword_status = Database::escape_string($_GET['keyword_status']); $query_admin_table = ''; $keyword_admin = ''; if ($keyword_status == SESSIONADMIN) { $keyword_status = '%'; $query_admin_table = " , $admin_table a "; $keyword_admin = ' AND a.user_id = u.user_id '; } $keyword_extra_value = ''; if (isset($_GET['keyword_extra_data'])) { if (!empty($_GET['keyword_extra_data']) && !empty($_GET['keyword_extra_data_text'])) { $keyword_extra_data_text = Database::escape_string($_GET['keyword_extra_data_text']); $keyword_extra_value = " AND ufv.field_value LIKE '%".trim($keyword_extra_data_text)."%' "; } } $keyword_active = isset($_GET['keyword_active']); $keyword_inactive = isset($_GET['keyword_inactive']); $sql .= $query_admin_table." WHERE (u.firstname LIKE '%".$keyword_firstname."%' " . "AND u.lastname LIKE '%".$keyword_lastname."%' " . "AND u.username LIKE '%".$keyword_username."%' " . "AND u.email LIKE '%".$keyword_email."%' " . "AND u.official_code LIKE '%".$keyword_officialcode."%' " . "AND u.status LIKE '".$keyword_status."'" . $keyword_admin.$keyword_extra_value; if ($keyword_active && !$keyword_inactive) { $sql .= " AND u.active='1'"; } elseif($keyword_inactive && !$keyword_active) { $sql .= " AND u.active='0'"; } $sql .= " ) "; } // adding the filter to see the user's only of the current access_url if ((api_is_platform_admin() || api_is_session_admin()) && api_get_multiple_access_url()) { $sql.= " AND url_rel_user.access_url_id=".api_get_current_access_url_id(); } if (!in_array($direction, array('ASC','DESC'))) { $direction = 'ASC'; } $column = intval($column); $from = intval($from); $number_of_items = intval($number_of_items); $sql .= " ORDER BY col$column $direction "; $sql .= " LIMIT $from,$number_of_items"; $res = Database::query($sql); $users = array (); $t = time(); while ($user = Database::fetch_row($res)) { $image_path = UserManager::get_user_picture_path_by_id($user[0], 'web', false, true); $user_profile = UserManager::get_picture_user($user[0], $image_path['file'], 22, USER_IMAGE_SIZE_SMALL, ' width="22" height="22" '); if (!api_is_anonymous()) { $photo = '
';
if (api_is_platform_admin()) {
echo ''.
''.Display::return_icon('new_user.png',get_lang('AddUsers'),'','32').''.
'';
}
$form->display();
echo '
';
if (isset ($_GET['keyword'])) {
$parameters = array ('keyword' => Security::remove_XSS($_GET['keyword']));
} elseif (isset ($_GET['keyword_firstname'])) {
$parameters['keyword_firstname'] = Security::remove_XSS($_GET['keyword_firstname']);
$parameters['keyword_lastname'] = Security::remove_XSS($_GET['keyword_lastname']);
$parameters['keyword_email'] = Security::remove_XSS($_GET['keyword_email']);
$parameters['keyword_officialcode'] = Security::remove_XSS($_GET['keyword_officialcode']);
$parameters['keyword_status'] = Security::remove_XSS($_GET['keyword_status']);
$parameters['keyword_active'] = Security::remove_XSS($_GET['keyword_active']);
$parameters['keyword_inactive'] = Security::remove_XSS($_GET['keyword_inactive']);
}
// Create a sortable table with user-data
$parameters['sec_token'] = Security::get_token();
// get the list of all admins to mark them in the users list
$admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
$sql_admin = "SELECT user_id FROM $admin_table";
$res_admin = Database::query($sql_admin);
$_admins_list = array();
while ($row_admin = Database::fetch_row($res_admin)) {
$_admins_list[] = $row_admin[0];
}
// display advaced search form
$form = new FormValidator('advanced_search','get');
$form->addElement('html','');
$form->display();
$table = new SortableTable('users', 'get_number_of_users', 'get_user_data', (api_is_western_name_order() xor api_sort_by_first_name()) ? 3 : 2);
$table->set_additional_parameters($parameters);
$table->set_header(0, '', false, 'width="18px"');
$table->set_header(1, get_lang('Photo'), false);
$table->set_header(2, get_lang('OfficialCode'));
if (api_is_western_name_order()) {
$table->set_header(3, get_lang('FirstName'));
$table->set_header(4, get_lang('LastName'));
} else {
$table->set_header(3, get_lang('LastName'));
$table->set_header(4, get_lang('FirstName'));
}
$table->set_header(5, get_lang('LoginName'));
$table->set_header(6, get_lang('Email'));
$table->set_header(7, get_lang('Profile'));
$table->set_header(8, get_lang('Active'),true, 'width="15px"');
$table->set_header(9, get_lang('Action'), false,'width="220px"');
$table->set_column_filter(3, 'user_filter');
$table->set_column_filter(4, 'user_filter');
$table->set_column_filter(6, 'email_filter');
$table->set_column_filter(7, 'status_filter');
$table->set_column_filter(8, 'active_filter');
$table->set_column_filter(9, 'modify_filter');
if (api_is_platform_admin())
$table->set_form_actions(array ('delete' => get_lang('DeleteFromPlatform')));
$table->display();
Display :: display_footer();