2 /************************************************************************/
\r
4 /************************************************************************/
\r
5 /* Copyright (c) 2002-2010 */
\r
6 /* Inclusive Design Institute */
\r
7 /* http://atutor.ca */
\r
9 /* This program is free software. You can redistribute it and/or */
\r
10 /* modify it under the terms of the GNU General Public License */
\r
11 /* as published by the Free Software Foundation. */
\r
12 /************************************************************************/
\r
15 define('AT_INCLUDE_PATH', '../../../include/');
\r
16 require(AT_INCLUDE_PATH.'vitals.inc.php');
\r
17 admin_authenticate(AT_ADMIN_PRIV_USERS);
\r
19 if (!defined('AT_MASTER_LIST') || !AT_MASTER_LIST) {
\r
20 require(AT_INCLUDE_PATH.'header.inc.php');
\r
21 $msg->addInfo('MASTER_LIST_DISABLED');
\r
23 require(AT_INCLUDE_PATH.'footer.inc.php');
\r
28 if (isset($_POST['submit'])) {
\r
29 if ($_FILES['file']['error'] == 1) {
\r
30 $errors = array('FILE_MAX_SIZE', ini_get('upload_max_filesize'));
\r
31 $msg->addError($errors);
\r
32 header('Location: '.$_SERVER['PHP_SELF']);
\r
36 if (!$_FILES['file']['name'] || (!is_uploaded_file($_FILES['file']['tmp_name']))) {
\r
37 $msg->addError('FILE_NOT_SELECTED');
\r
38 header('Location: '.$_SERVER['PHP_SELF']);
\r
42 $fp = fopen($_FILES['file']['tmp_name'], 'r');
\r
44 $existing_accounts = array();
\r
45 $number_of_updates = 0;
\r
47 if ($_POST['override'] > 0) {
\r
48 /* Delete all the un-created accounts. (There is no member to delete or disable). */
\r
49 $sql = "DELETE FROM ".TABLE_PREFIX."master_list WHERE member_id=0";
\r
50 $result = mysql_query($sql, $db);
\r
52 /* Get all the created accounts. (They will be disabled or deleted if not in the new list). */
\r
53 $sql = "SELECT public_field, member_id FROM ".TABLE_PREFIX."master_list";
\r
54 $result = mysql_query($sql, $db);
\r
55 $num_affected += mysql_affected_rows($db);
\r
56 if ($num_affected > 0) {
\r
57 $number_of_updated += $num_affected;
\r
59 while ($row = mysql_fetch_assoc($result)) {
\r
60 $existing_accounts[$row['public_field']] = $row['member_id'];
\r
64 while (($row = fgetcsv($fp, 1000, ',')) !== FALSE) {
\r
65 if (count($row) != 2) {
\r
68 if (!$existing_accounts[$row[0]]) {
\r
69 $row[0] = addslashes($row[0]);
\r
70 $row[1] = md5($row[1]); // this may be hashed
\r
72 $sql = "INSERT INTO ".TABLE_PREFIX."master_list VALUES ('$row[0]', '$row[1]', 0)";
\r
73 mysql_query($sql, $db);
\r
75 write_to_log(AT_ADMIN_LOG_INSERT, 'master_list', mysql_affected_rows($db), $sql);
\r
76 $num_affected = mysql_affected_rows($db);
\r
77 if ($num_affected > 0) {
\r
78 $number_of_updated += $num_affected;
\r
81 unset($existing_accounts[$row[0]]);
\r
85 if (($_POST['override'] == 1) && $existing_accounts) {
\r
86 // disable missing accounts
\r
87 $existing_accounts = implode(',', $existing_accounts);
\r
89 $sql = "UPDATE ".TABLE_PREFIX."members SET status=".AT_STATUS_DISABLED.", creation_date=creation_date, last_login=last_login WHERE member_id IN ($existing_accounts)";
\r
90 $result = mysql_query($sql, $db);
\r
92 write_to_log(AT_ADMIN_LOG_UPDATE, 'members', mysql_affected_rows($db), $sql);
\r
94 // un-enrol disabled accounts
\r
95 $sql = "DELETE FROM ".TABLE_PREFIX."course_enrollment WHERE member_id IN ($existing_accounts)";
\r
96 $result = mysql_query($sql, $db);
\r
98 $num_affected = mysql_affected_rows($db);
\r
99 if ($num_affected > 0) {
\r
100 $number_of_updated += $num_affected;
\r
102 write_to_log(AT_ADMIN_LOG_DELETE, 'course_enrollment', mysql_affected_rows($db), $sql);
\r
104 } else if ($_POST['override'] == 2) {
\r
105 // delete missing accounts
\r
108 if ($number_of_updated > 0) {
\r
109 $msg->addFeedback('MASTER_LIST_UPLOADED');
\r
111 $msg->addFeedback('MASTER_LIST_NO_CHANGES');
\r
113 header('Location: '.$_SERVER['PHP_SELF']);
\r
117 } else if (isset($_GET['edit'], $_GET['id'])) {
\r
118 if (substr($_GET['id'], 0, 1) != '-') {
\r
119 header('Location: '.AT_BASE_HREF.'mods/_core/users/edit_user.php?id='.$_GET['id'] . SEP . 'ml=1');
\r
121 header('Location: '.AT_BASE_HREF.'mods/_core/users/master_list_edit.php?id='.substr($_GET['id'], 1) . SEP . 'ml=1');
\r
124 } else if (isset($_GET['delete'], $_GET['id'])) {
\r
125 if (substr($_GET['id'], 0, 1) != '-') {
\r
126 header('Location: '.AT_BASE_HREF.'mods/_core/users/admin_delete.php?id='.$_GET['id'] . SEP . 'ml=1');
\r
128 header('Location: '.AT_BASE_HREF.'mods/_core/users/master_list_delete.php?id='.substr($_GET['id'], 1) . SEP . 'ml=1');
\r
131 } else if (isset($_GET['delete']) || isset($_GET['edit'])) {
\r
132 $msg->addError('NO_ITEM_SELECTED');
\r
135 require(AT_INCLUDE_PATH.'header.inc.php');
\r
138 if ($_GET['reset_filter']) {
\r
142 if (isset($_GET['status']) && ($_GET['status'] != '')) {
\r
143 if ($_GET['status'] == 1) {
\r
144 $status = ' M.member_id=0 ';
\r
146 $status = ' M.member_id>0 ';
\r
148 $page_string .= SEP.'status='.$_GET['status'];
\r
153 if ($_GET['search']) {
\r
154 $_GET['search'] = trim($_GET['search']);
\r
155 $page_string .= SEP.'search='.urlencode($_GET['search']);
\r
156 $search = $addslashes($_GET['search']);
\r
158 $search = explode(',', $search);
\r
161 foreach ($search as $term) {
\r
162 $term = trim($term);
\r
163 $term = str_replace(array('%','_'), array('\%', '\_'), $term);
\r
165 if (strpos($term, '-') === FALSE) {
\r
166 $term = '%'.$term.'%';
\r
167 $sql .= "(M.public_field LIKE '$term') OR ";
\r
170 $range = explode('-', $term, 2);
\r
171 $range[0] = trim($range[0]);
\r
172 $range[1] = trim($range[1]);
\r
173 if (is_numeric($range[0]) && is_numeric($range[1])) {
\r
174 $sql .= "(M.public_field >= $range[0] AND M.public_field <= $range[1]) OR ";
\r
176 $sql .= "(M.public_field >= '$range[0]' AND M.public_field <= '$range[1]') OR ";
\r
181 $sql = '('.substr($sql, 0, -3).')';
\r
187 $sql = "SELECT COUNT(member_id) AS cnt FROM ".TABLE_PREFIX."master_list M WHERE $status AND $search";
\r
189 $result = mysql_query($sql, $db);
\r
190 $row = mysql_fetch_assoc($result);
\r
192 $num_results = $row['cnt'];
\r
194 $results_per_page = 100;
\r
195 $num_pages = max(ceil($num_results / $results_per_page), 1);
\r
196 $page = intval($_GET['p']);
\r
200 $offset = ($page-1)*$results_per_page;
\r
202 $sql = "SELECT M.*, B.login, B.first_name, B.second_name, B.last_name FROM ".TABLE_PREFIX."master_list M LEFT JOIN ".TABLE_PREFIX."members B USING (member_id) WHERE $status AND $search ORDER BY M.public_field LIMIT $offset, $results_per_page";
\r
203 $result = mysql_query($sql, $db);
\r
204 $savant->assign('num_results', $num_results);
\r
205 $savant->assign('num_pages', $num_pages);
\r
206 $savant->assign('result', $result);
\r
207 $savant->display('admin/users/master_list.tmpl.php');
\r
208 require(AT_INCLUDE_PATH.'footer.inc.php'); ?>