remove old readme

[atutor.git] / mods / _core / users / master_list.php

<?php\r
/************************************************************************/\r
/* ATutor                                                                                                                               */\r
/************************************************************************/\r
/* Copyright (c) 2002-2010                                              */\r
/* Inclusive Design Institute                                           */\r
/* http://atutor.ca                                                                                                             */\r
/*                                                                                                                                              */\r
/* This program is free software. You can redistribute it and/or        */\r
/* modify it under the terms of the GNU General Public License          */\r
/* as published by the Free Software Foundation.                        */\r
/************************************************************************/\r
// $Id$\r
\r
define('AT_INCLUDE_PATH', '../../../include/');\r
require(AT_INCLUDE_PATH.'vitals.inc.php');\r
admin_authenticate(AT_ADMIN_PRIV_USERS);\r
\r
if (!defined('AT_MASTER_LIST') || !AT_MASTER_LIST) {\r
        require(AT_INCLUDE_PATH.'header.inc.php');\r
        $msg->addInfo('MASTER_LIST_DISABLED');\r
        $msg->printInfos();\r
        require(AT_INCLUDE_PATH.'footer.inc.php');\r
        exit;\r
}\r
\r
\r
if (isset($_POST['submit'])) {\r
        if ($_FILES['file']['error'] == 1) { \r
                $errors = array('FILE_MAX_SIZE', ini_get('upload_max_filesize'));\r
                $msg->addError($errors);\r
                header('Location: '.$_SERVER['PHP_SELF']);\r
                exit;\r
        }\r
\r
        if (!$_FILES['file']['name'] || (!is_uploaded_file($_FILES['file']['tmp_name']))) {\r
                $msg->addError('FILE_NOT_SELECTED');\r
                header('Location: '.$_SERVER['PHP_SELF']);\r
                exit;\r
        }\r
\r
        $fp = fopen($_FILES['file']['tmp_name'], 'r');\r
        if ($fp) {\r
                $existing_accounts = array();\r
                $number_of_updates = 0;\r
\r
                if ($_POST['override'] > 0) {\r
                        /* Delete all the un-created accounts. (There is no member to delete or disable). */\r
                        $sql = "DELETE FROM ".TABLE_PREFIX."master_list WHERE member_id=0";\r
                        $result = mysql_query($sql, $db);\r
\r
                        /* Get all the created accounts. (They will be disabled or deleted if not in the new list). */\r
                        $sql = "SELECT public_field, member_id FROM ".TABLE_PREFIX."master_list";\r
                        $result = mysql_query($sql, $db);\r
                        $num_affected += mysql_affected_rows($db);\r
                        if ($num_affected > 0) {\r
                                $number_of_updated += $num_affected;\r
                        }\r
                        while ($row = mysql_fetch_assoc($result)) {\r
                                $existing_accounts[$row['public_field']] = $row['member_id'];\r
                        }\r
                }\r
                $sql = '';\r
                while (($row = fgetcsv($fp, 1000, ',')) !== FALSE) {\r
                        if (count($row) != 2) {\r
                                continue;\r
                        }\r
                        if (!$existing_accounts[$row[0]]) {\r
                                $row[0] = addslashes($row[0]);\r
                                $row[1] = md5($row[1]); // this may be hashed\r
\r
                                $sql = "INSERT INTO ".TABLE_PREFIX."master_list VALUES ('$row[0]', '$row[1]', 0)";\r
                                mysql_query($sql, $db);\r
\r
                                write_to_log(AT_ADMIN_LOG_INSERT, 'master_list', mysql_affected_rows($db), $sql);\r
                                $num_affected = mysql_affected_rows($db);\r
                                if ($num_affected > 0) {\r
                                        $number_of_updated += $num_affected;\r
                                }\r
                        }\r
                        unset($existing_accounts[$row[0]]);\r
                }\r
                fclose($fp);\r
\r
                if (($_POST['override'] == 1) && $existing_accounts) {\r
                        // disable missing accounts\r
                        $existing_accounts = implode(',', $existing_accounts);\r
\r
                        $sql    = "UPDATE ".TABLE_PREFIX."members SET status=".AT_STATUS_DISABLED.", creation_date=creation_date, last_login=last_login WHERE member_id IN ($existing_accounts)";\r
                        $result = mysql_query($sql, $db);\r
                        \r
                        write_to_log(AT_ADMIN_LOG_UPDATE, 'members', mysql_affected_rows($db), $sql);\r
\r
                        // un-enrol disabled accounts\r
                        $sql    = "DELETE FROM ".TABLE_PREFIX."course_enrollment WHERE member_id IN ($existing_accounts)";\r
                        $result = mysql_query($sql, $db);\r
\r
                        $num_affected = mysql_affected_rows($db);\r
                        if ($num_affected > 0) {\r
                                $number_of_updated += $num_affected;\r
                        }\r
                        write_to_log(AT_ADMIN_LOG_DELETE, 'course_enrollment', mysql_affected_rows($db), $sql);\r
                        \r
                } else if ($_POST['override'] == 2) {\r
                        // delete missing accounts\r
                }\r
\r
                if ($number_of_updated > 0) {\r
                        $msg->addFeedback('MASTER_LIST_UPLOADED');\r
                } else {\r
                        $msg->addFeedback('MASTER_LIST_NO_CHANGES');\r
                }\r
                        header('Location: '.$_SERVER['PHP_SELF']);\r
        }\r
\r
        exit;\r
} else if (isset($_GET['edit'], $_GET['id'])) {\r
        if (substr($_GET['id'], 0, 1) != '-') {\r
                header('Location: '.AT_BASE_HREF.'mods/_core/users/edit_user.php?id='.$_GET['id'] . SEP . 'ml=1');\r
        } else {\r
                header('Location: '.AT_BASE_HREF.'mods/_core/users/master_list_edit.php?id='.substr($_GET['id'], 1) . SEP . 'ml=1');\r
        }\r
        exit;\r
} else if (isset($_GET['delete'], $_GET['id'])) {\r
        if (substr($_GET['id'], 0, 1) != '-') {\r
                header('Location: '.AT_BASE_HREF.'mods/_core/users/admin_delete.php?id='.$_GET['id'] . SEP . 'ml=1');\r
        } else {\r
                header('Location: '.AT_BASE_HREF.'mods/_core/users/master_list_delete.php?id='.substr($_GET['id'], 1) . SEP . 'ml=1');\r
        }\r
        exit;\r
} else if (isset($_GET['delete']) || isset($_GET['edit'])) {\r
        $msg->addError('NO_ITEM_SELECTED');\r
}\r
\r
require(AT_INCLUDE_PATH.'header.inc.php');\r
\r
\r
if ($_GET['reset_filter']) {\r
        unset($_GET);\r
}\r
\r
if (isset($_GET['status']) && ($_GET['status'] != '')) {\r
        if ($_GET['status'] == 1) {\r
                $status = ' M.member_id=0 ';\r
        } else {\r
                $status = ' M.member_id>0 ';\r
        }\r
        $page_string .= SEP.'status='.$_GET['status'];\r
} else {\r
        $status = '1';\r
}\r
\r
if ($_GET['search']) {\r
        $_GET['search'] = trim($_GET['search']);\r
        $page_string .= SEP.'search='.urlencode($_GET['search']);\r
        $search = $addslashes($_GET['search']);\r
\r
        $search = explode(',', $search);\r
\r
        $sql = '';\r
        foreach ($search as $term) {\r
                $term = trim($term);\r
                $term = str_replace(array('%','_'), array('\%', '\_'), $term);\r
                if ($term) {\r
                        if (strpos($term, '-') === FALSE) {\r
                                $term = '%'.$term.'%';\r
                                $sql .= "(M.public_field LIKE '$term') OR ";\r
                        } else {\r
                                // range search\r
                                $range = explode('-', $term, 2);\r
                                $range[0] = trim($range[0]);\r
                                $range[1] = trim($range[1]);\r
                                if (is_numeric($range[0]) && is_numeric($range[1])) {\r
                                        $sql .= "(M.public_field >= $range[0] AND M.public_field <= $range[1]) OR ";\r
                                } else {\r
                                        $sql .= "(M.public_field >= '$range[0]' AND M.public_field <= '$range[1]') OR ";\r
                                }\r
                        }\r
                }\r
        }\r
        $sql = '('.substr($sql, 0, -3).')';\r
        $search = $sql;\r
} else {\r
        $search = '1';\r
}\r
\r
$sql    = "SELECT COUNT(member_id) AS cnt FROM ".TABLE_PREFIX."master_list M WHERE $status AND $search";\r
\r
$result = mysql_query($sql, $db);\r
$row = mysql_fetch_assoc($result);\r
\r
$num_results = $row['cnt'];\r
\r
$results_per_page = 100;\r
$num_pages = max(ceil($num_results / $results_per_page), 1);\r
$page = intval($_GET['p']);\r
if (!$page) {\r
        $page = 1;\r
}\r
$offset = ($page-1)*$results_per_page;\r
\r
$sql    = "SELECT M.*, B.login, B.first_name, B.second_name, B.last_name FROM ".TABLE_PREFIX."master_list M LEFT JOIN ".TABLE_PREFIX."members B USING (member_id) WHERE $status AND $search ORDER BY M.public_field LIMIT $offset, $results_per_page";\r
$result = mysql_query($sql, $db);\r
$savant->assign('num_results', $num_results);\r
$savant->assign('num_pages', $num_pages);\r
$savant->assign('result', $result);\r
$savant->display('admin/users/master_list.tmpl.php');\r
require(AT_INCLUDE_PATH.'footer.inc.php'); ?>