2 /************************************************************************/
\r
4 /************************************************************************/
\r
5 /* Copyright (c) 2010 */
\r
6 /* Inclusive Design Institute */
\r
8 /* This program is free software. You can redistribute it and/or */
\r
9 /* modify it under the terms of the GNU General Public License */
\r
10 /* as published by the Free Software Foundation. */
\r
11 /************************************************************************/
\r
13 define('TR_INCLUDE_PATH', '../include/');
\r
14 include(TR_INCLUDE_PATH.'vitals.inc.php');
\r
15 include(TR_INCLUDE_PATH.'classes/DAO/UserGroupsDAO.class.php');
\r
17 // initialize constants
\r
18 $results_per_page = 50;
\r
22 if ( (isset($_GET['edit']) || isset($_GET['password'])) && (isset($_GET['id']) && count($_GET['id']) > 1) ) {
\r
23 $msg->addError('SELECT_ONE_ITEM');
\r
24 } else if (isset($_GET['edit'], $_GET['id'])) {
\r
25 header('Location: user_create_edit.php?id='.$_GET['id'][0]);
\r
27 } else if (isset($_GET['password'], $_GET['id'])) {
\r
28 header('Location: user_password.php?id='.$_GET['id'][0]);
\r
30 } else if ( isset($_GET['delete'], $_GET['id'])) {
\r
31 $ids = implode(',', $_GET['id']);
\r
32 header('Location: user_delete.php?id='.$ids);
\r
34 } else if (isset($_GET['edit']) || isset($_GET['delete']) || isset($_GET['password'])) {
\r
35 $msg->addError('NO_ITEM_SELECTED');
\r
39 if ($_GET['reset_filter']) {
\r
44 $orders = array('asc' => 'desc', 'desc' => 'asc');
\r
45 $cols = array('login' => 1, 'public_field' => 1, 'first_name' => 1, 'last_name' => 1, 'user_group' => 1, 'email' => 1, 'status' => 1);
\r
47 if (isset($_GET['asc'])) {
\r
49 $col = isset($cols[$_GET['asc']]) ? $_GET['asc'] : 'login';
\r
50 } else if (isset($_GET['desc'])) {
\r
52 $col = isset($cols[$_GET['desc']]) ? $_GET['desc'] : 'login';
\r
58 if (isset($_GET['status']) && ($_GET['status'] != '')) {
\r
59 $_GET['status'] = intval($_GET['status']);
\r
60 $status = '=' . intval($_GET['status']);
\r
61 $page_string .= htmlspecialchars(SEP).'status'.$status;
\r
64 $_GET['status'] = '';
\r
67 if (isset($_GET['include']) && $_GET['include'] == 'one') {
\r
68 $checked_include_one = ' checked="checked"';
\r
69 $page_string .= htmlspecialchars(SEP).'include=one';
\r
71 $_GET['include'] = 'all';
\r
72 $checked_include_all = ' checked="checked"';
\r
73 $page_string .= htmlspecialchars(SEP).'include=all';
\r
76 if ($_GET['search']) {
\r
77 $page_string .= htmlspecialchars(SEP).'search='.urlencode($stripslashes($_GET['search']));
\r
78 $search = $addslashes($_GET['search']);
\r
79 $search = explode(' ', $search);
\r
81 if ($_GET['include'] == 'all') {
\r
82 $predicate = 'AND ';
\r
88 foreach ($search as $term) {
\r
89 $term = trim($term);
\r
90 $term = str_replace(array('%','_'), array('\%', '\_'), $term);
\r
92 $term = '%'.$term.'%';
\r
93 $sql .= "((U.first_name LIKE '$term') OR (U.last_name LIKE '$term') OR (U.email LIKE '$term') OR (U.login LIKE '$term')) $predicate";
\r
96 $sql = '('.substr($sql, 0, -strlen($predicate)).')';
\r
102 if ($_GET['user_group_id'] && $_GET['user_group_id'] <> -1) {
\r
103 $user_group_sql = "U.user_group_id = ".$_GET['user_group_id'];
\r
104 $page_string .= htmlspecialchars(SEP).'user_group_id='.urlencode($_GET['user_group_id']);
\r
108 $user_group_sql = '1';
\r
111 $sql = "SELECT COUNT(user_id) AS cnt FROM ".TABLE_PREFIX."users U WHERE status $status AND $search AND $user_group_sql";
\r
113 $rows = $dao->execute($sql);
\r
114 $num_results = $rows[0]['cnt'];
\r
116 $num_pages = max(ceil($num_results / $results_per_page), 1);
\r
117 $page = intval($_GET['p']);
\r
121 $count = (($page-1) * $results_per_page) + 1;
\r
122 $offset = ($page-1)*$results_per_page;
\r
124 if ( isset($_GET['apply_all']) && $_GET['change_status'] >= -1) {
\r
126 $results_per_page = 999999;
\r
129 $sql = "SELECT U.user_id, U.login, U.first_name, U.last_name, UG.title user_group, U.email, U.status, U.last_login AS last_login
\r
130 FROM ".TABLE_PREFIX."users U, ".TABLE_PREFIX."user_groups UG
\r
131 WHERE U.user_group_id = UG.user_group_id
\r
132 AND U.status $status AND $search AND $user_group_sql ORDER BY $col $order LIMIT $offset, $results_per_page";
\r
134 $user_rows = $dao->execute($sql);
\r
136 if ( isset($_GET['apply_all']) && $_GET['change_status'] >= -1) {
\r
138 while ($row = mysql_fetch_assoc($result)) {
\r
139 $ids .= $row['user_id'].',';
\r
141 $ids = substr($ids,0,-1);
\r
142 $status = intval($_GET['change_status']);
\r
145 header('Location: user_delete.php?id='.$ids);
\r
148 header('Location: user_status.php?ids='.$ids.'&status='.$status);
\r
153 $userGroupsDAO = new UserGroupsDAO();
\r
155 $savant->assign('user_rows', $user_rows);
\r
156 $savant->assign('all_user_groups', $userGroupsDAO->getAll());
\r
157 $savant->assign('results_per_page', $results_per_page);
\r
158 $savant->assign('num_results', $num_results);
\r
159 $savant->assign('checked_include_all', $checked_include_all);
\r
160 $savant->assign('col_counts', $col_counts);
\r
161 $savant->assign('page',$page);
\r
162 $savant->assign('page_string', $page_string);
\r
163 $savant->assign('orders', $orders);
\r
164 $savant->assign('order', $order);
\r
165 $savant->assign('col', $col);
\r
167 $savant->display('user/index.tmpl.php');
\r