2 /****************************************************************/
4 /****************************************************************/
5 /* Copyright (c) 2002-2010 */
6 /* Inclusive Design Institute */
9 /* This program is free software. You can redistribute it and/or*/
10 /* modify it under the terms of the GNU General Public License */
11 /* as published by the Free Software Foundation. */
12 /****************************************************************/
14 define('AT_INCLUDE_PATH', '../../../include/');
15 require(AT_INCLUDE_PATH.'vitals.inc.php');
16 admin_authenticate(AT_ADMIN_PRIV_USERS);
18 if ( (isset($_GET['edit']) || isset($_GET['password']) || isset($_GET['enrollment'])) && (isset($_GET['id']) && count($_GET['id']) > 1) ) {
19 $msg->addError('SELECT_ONE_ITEM');
20 } else if (isset($_GET['edit'], $_GET['id'])) {
21 header('Location: edit_user.php?id='.$_GET['id'][0]);
23 } else if (isset($_GET['password'], $_GET['id'])) {
24 header('Location: password_user.php?id='.$_GET['id'][0]);
26 } else if (isset($_GET['enrollment'], $_GET['id'])) {
27 header('Location: user_enrollment.php?id='.$_GET['id'][0]);
29 } else if ( isset($_GET['apply']) && isset($_GET['id']) && $_GET['change_status'] >= -1) {
30 $ids = implode(',', $_GET['id']);
31 $status = intval($_GET['change_status']);
33 header('Location: admin_delete.php?id='.$ids);
36 header('Location: user_status.php?ids='.$ids.'&status='.$status);
39 } else if ( (isset($_GET['apply']) || isset($_GET['apply_all'])) && $_GET['change_status'] < -1) {
40 $msg->addError('NO_ACTION_SELECTED');
41 } else if (isset($_GET['apply']) || isset($_GET['edit']) || isset($_GET['delete']) || isset($_GET['password'])) {
42 $msg->addError('NO_ITEM_SELECTED');
45 if ($_GET['reset_filter']) {
50 $orders = array('asc' => 'desc', 'desc' => 'asc');
51 $cols = array('login' => 1, 'public_field' => 1, 'first_name' => 1, 'second_name' => 1, 'last_name' => 1, 'email' => 1, 'status' => 1, 'last_login' => 1, 'creation_date' => 1);
53 if (isset($_GET['asc'])) {
55 $col = isset($cols[$_GET['asc']]) ? $_GET['asc'] : 'login';
56 } else if (isset($_GET['desc'])) {
58 $col = isset($cols[$_GET['desc']]) ? $_GET['desc'] : 'login';
64 if (isset($_GET['status']) && ($_GET['status'] != '')) {
65 $_GET['status'] = intval($_GET['status']);
66 $status = '=' . intval($_GET['status']);
67 $page_string .= SEP.'status'.$status;
73 if (isset($_GET['last_login_days'], $_GET['last_login_have']) && ($_GET['last_login_have'] >= 0) && $_GET['last_login_days']) {
74 $have = intval($_GET['last_login_have']);
75 $days = intval($_GET['last_login_days']);
76 $page_string .= SEP.'last_login_have='.$have;
77 $page_string .= SEP.'last_login_days='.$days;
80 $ll = " >= TO_DAYS(NOW())-$days)";
82 $ll = " < TO_DAYS(NOW())-$days OR last_login+0=0)";
84 $last_login_days = '(TO_DAYS(last_login)'.$ll;
86 $last_login_days = '1';
89 if (isset($_GET['include']) && $_GET['include'] == 'one') {
90 $checked_include_one = ' checked="checked"';
91 $page_string .= SEP.'include=one';
93 $_GET['include'] = 'all';
94 $checked_include_all = ' checked="checked"';
95 $page_string .= SEP.'include=all';
98 if ($_GET['search']) {
99 $page_string .= SEP.'search='.urlencode($stripslashes($_GET['search']));
100 $search = $addslashes($_GET['search']);
101 $search = explode(' ', $search);
103 if ($_GET['include'] == 'all') {
110 foreach ($search as $term) {
112 $term = str_replace(array('%','_'), array('\%', '\_'), $term);
114 $term = '%'.$term.'%';
115 $sql .= "((M.first_name LIKE '$term') OR (M.second_name LIKE '$term') OR (M.last_name LIKE '$term') OR (M.email LIKE '$term') OR (M.login LIKE '$term')) $predicate";
118 $sql = '('.substr($sql, 0, -strlen($predicate)).')';
124 if ($_GET['searchid']) {
125 $_GET['searchid'] = trim($_GET['searchid']);
126 $page_string .= SEP.'searchid='.urlencode($_GET['searchid']);
127 $searchid = $addslashes($_GET['searchid']);
129 $searchid = explode(',', $searchid);
132 foreach ($searchid as $term) {
134 $term = str_replace(array('%','_'), array('\%', '\_'), $term);
136 if (strpos($term, '-') === FALSE) {
137 $term = '%'.$term.'%';
138 $sql .= "(L.public_field LIKE '$term') OR ";
141 $range = explode('-', $term, 2);
142 $range[0] = trim($range[0]);
143 $range[1] = trim($range[1]);
144 if (is_numeric($range[0]) && is_numeric($range[1])) {
145 $sql .= "(L.public_field >= $range[0] AND L.public_field <= $range[1]) OR ";
147 $sql .= "(L.public_field >= '$range[0]' AND L.public_field <= '$range[1]') OR ";
152 $sql = '('.substr($sql, 0, -3).')';
158 if (defined('AT_MASTER_LIST') && AT_MASTER_LIST) {
159 $sql = "SELECT COUNT(M.member_id) AS cnt FROM ".TABLE_PREFIX."members M LEFT JOIN (SELECT * FROM ".TABLE_PREFIX."master_list WHERE member_id <> 0) L USING (member_id) WHERE M.status $status AND $search AND $searchid AND $last_login_days";
161 $sql = "SELECT COUNT(member_id) AS cnt FROM ".TABLE_PREFIX."members M WHERE status $status AND $search AND $last_login_days";
164 $result = mysql_query($sql, $db);
166 $row = mysql_fetch_assoc($result);
167 $num_results = $row['cnt'];
172 $results_per_page = 50;
173 $num_pages = max(ceil($num_results / $results_per_page), 1);
174 $page = intval($_GET['p']);
178 $count = (($page-1) * $results_per_page) + 1;
179 $offset = ($page-1)*$results_per_page;
181 if ( isset($_GET['apply_all']) && $_GET['change_status'] >= -1) {
183 $results_per_page = 999999;
186 if (defined('AT_MASTER_LIST') && AT_MASTER_LIST) {
187 $sql = "SELECT M.member_id, M.login, M.first_name, M.second_name, M.last_name, M.email, M.status, M.last_login+0 AS last_login, M.creation_date, L.public_field FROM ".TABLE_PREFIX."members M LEFT JOIN (SELECT * FROM ".TABLE_PREFIX."master_list WHERE member_id <> 0) L USING (member_id) WHERE M.status $status AND $search AND $searchid AND $last_login_days ORDER BY $col $order LIMIT $offset, $results_per_page";
189 $sql = "SELECT M.member_id, M.login, M.first_name, M.second_name, M.last_name, M.email, M.status, M.last_login+0 AS last_login, M.creation_date FROM ".TABLE_PREFIX."members M WHERE M.status $status AND $search AND $last_login_days ORDER BY $col $order LIMIT $offset, $results_per_page";
192 $result = mysql_query($sql, $db);
194 if ( isset($_GET['apply_all']) && $_GET['change_status'] >= -1) {
196 while ($row = mysql_fetch_assoc($result)) {
197 $ids .= $row['member_id'].',';
199 $ids = substr($ids,0,-1);
200 $status = intval($_GET['change_status']);
203 header('Location: admin_delete.php?id='.$ids);
206 header('Location: user_status.php?ids='.$ids.'&status='.$status);
210 require(AT_INCLUDE_PATH.'header.inc.php');
214 <script language="JavaScript" type="text/javascript">
216 function CheckAll() {
217 for (var i=0;i<document.form.elements.length;i++) {
218 var e = document.form.elements[i];
219 if ((e.name == 'id[]') && (e.type=='checkbox')) {
220 e.checked = document.form.selectall.checked;
221 togglerowhighlight(document.getElementById("r" + e.id), e.id);
226 function togglerowhighlight(obj, boxid) {
227 if (document.getElementById(boxid).checked) {
228 obj.className = 'selected';
237 $savant->assign('result', $result);
238 $savant->assign('results_per_page', $results_per_page);
239 $savant->assign('page', $page);
240 $savant->assign('orders', $orders);
241 $savant->assign('order', $order);
242 $savant->assign('page_string', $page_string);
243 $savant->assign('num_results', $num_results);
244 $savant->display('admin/users/users.tmpl.php');
246 require(AT_INCLUDE_PATH.'footer.inc.php'); ?>