Context Navigation

source: branches/branch-1_5/admin/user_list.php @ 1005

Last change on this file since 1005 was 1005, checked in by nikrou, 18 years ago
Revert to revision 1002
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 21.1 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2006-01-15 13:49:29 +0000 (Sun, 15 Jan 2006) $
10	// \| last modifier : $Author: nikrou $
11	// \| revision : $Revision: 1005 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	/**
29	* Add users and manage users list
30	*/
31
32	// +-----------------------------------------------------------------------+
33	// \| functions \|
34	// +-----------------------------------------------------------------------+
35
36	/**
37	* returns a list of users depending on page filters (in $_GET)
38	*
39	* Each user comes with his related informations : id, username, mail
40	* address, list of groups.
41	*
42	* @return array
43	*/
44	function get_filtered_user_list()
45	{
46	global $conf, $page;
47
48	$users = array();
49
50	// filter
51	$filter = array();
52
53	if (isset($_GET['username']) and !empty($_GET['username']))
54	{
55	$username = str_replace('*', '%', $_GET['username']);
56	if (function_exists('mysql_real_escape_string'))
57	{
58	$filter['username'] = mysql_real_escape_string($username);
59	}
60	else
61	{
62	$filter['username'] = mysql_escape_string($username);
63	}
64	}
65
66	if (isset($_GET['group'])
67	and -1 != $_GET['group']
68	and is_numeric($_GET['group']))
69	{
70	$filter['group'] = $_GET['group'];
71	}
72
73	if (isset($_GET['status'])
74	and in_array($_GET['status'], get_enums(USER_INFOS_TABLE, 'status')))
75	{
76	$filter['status'] = $_GET['status'];
77	}
78
79	// how to order the list?
80	$order_by = 'id';
81	if (isset($_GET['order_by'])
82	and in_array($_GET['order_by'], array_keys($page['order_by_items'])))
83	{
84	$order_by = $_GET['order_by'];
85	}
86
87	$direction = 'ASC';
88	if (isset($_GET['direction'])
89	and in_array($_GET['direction'], array_keys($page['direction_items'])))
90	{
91	$direction = strtoupper($_GET['direction']);
92	}
93
94	// search users depending on filters and order
95	$query = '
96	SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
97	u.'.$conf['user_fields']['username'].' AS username,
98	u.'.$conf['user_fields']['email'].' AS email,
99	ui.status
100	FROM '.USERS_TABLE.' AS u
101	INNER JOIN '.USER_INFOS_TABLE.' AS ui
102	ON u.'.$conf['user_fields']['id'].' = ui.user_id
103	LEFT JOIN '.USER_GROUP_TABLE.' AS ug
104	ON u.'.$conf['user_fields']['id'].' = ug.user_id
105	WHERE u.'.$conf['user_fields']['id'].' != '.$conf['guest_id'];
106	if (isset($filter['username']))
107	{
108	$query.= '
109	AND u.'.$conf['user_fields']['username'].' LIKE \''.$filter['username'].'\'';
110	}
111	if (isset($filter['group']))
112	{
113	$query.= '
114	AND ug.group_id = '.$filter['group'];
115	}
116	if (isset($filter['status']))
117	{
118	$query.= '
119	AND ui.status = \''.$filter['status']."'";
120	}
121	$query.= '
122	ORDER BY '.$order_by.' '.$direction.'
123	;';
124
125	$result = pwg_query($query);
126	while ($row = mysql_fetch_array($result))
127	{
128	$user = $row;
129	$user['groups'] = array();
130
131	array_push($users, $user);
132	}
133
134	// add group lists
135	$user_ids = array();
136	foreach ($users as $i => $user)
137	{
138	$user_ids[$i] = $user['id'];
139	}
140	$user_nums = array_flip($user_ids);
141
142	if (count($user_ids) > 0)
143	{
144	$query = '
145	SELECT user_id, group_id
146	FROM '.USER_GROUP_TABLE.'
147	WHERE user_id IN ('.implode(',', $user_ids).')
148	;';
149	$result = pwg_query($query);
150	while ($row = mysql_fetch_array($result))
151	{
152	array_push(
153	$users[$user_nums[$row['user_id']]]['groups'],
154	$row['group_id']
155	);
156	}
157	}
158
159	return $users;
160	}
161
162	// +-----------------------------------------------------------------------+
163	// \| initialization \|
164	// +-----------------------------------------------------------------------+
165
166	if (!defined('PHPWG_ROOT_PATH'))
167	{
168	die('Hacking attempt!');
169	}
170	include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php');
171
172	$page['order_by_items'] = array(
173	'id' => $lang['registration_date'],
174	'username' => $lang['Username']
175	);
176
177	$page['direction_items'] = array(
178	'asc' => $lang['ascending'],
179	'desc' => $lang['descending']
180	);
181
182	// +-----------------------------------------------------------------------+
183	// \| add a user \|
184	// +-----------------------------------------------------------------------+
185
186	if (isset($_POST['submit_add']))
187	{
188	$page['errors'] = register_user($_POST['login'], $_POST['password'], '');
189
190	if (count($page['errors']) == 0)
191	{
192	array_push(
193	$page['infos'],
194	sprintf(
195	l10n('user "%s" added'),
196	$_POST['login']
197	)
198	);
199	}
200	}
201
202	// +-----------------------------------------------------------------------+
203	// \| user list \|
204	// +-----------------------------------------------------------------------+
205
206	$page['filtered_users'] = get_filtered_user_list();
207
208	// +-----------------------------------------------------------------------+
209	// \| selected users \|
210	// +-----------------------------------------------------------------------+
211
212	if (isset($_POST['delete']) or isset($_POST['pref_submit']))
213	{
214	$collection = array();
215
216	switch ($_POST['target'])
217	{
218	case 'all' :
219	{
220	foreach($page['filtered_users'] as $local_user)
221	{
222	array_push($collection, $local_user['id']);
223	}
224	break;
225	}
226	case 'selection' :
227	{
228	if (isset($_POST['selection']))
229	{
230	$collection = $_POST['selection'];
231	}
232	break;
233	}
234	}
235
236	if (count($collection) == 0)
237	{
238	array_push($page['errors'], l10n('Select at least one user'));
239	}
240	}
241
242	// +-----------------------------------------------------------------------+
243	// \| delete users \|
244	// +-----------------------------------------------------------------------+
245
246	if (isset($_POST['delete']) and count($collection) > 0)
247	{
248	if (in_array($conf['webmaster_id'], $collection))
249	{
250	array_push($page['errors'], l10n('Webmaster cannot be deleted'));
251	}
252	else
253	{
254	if (isset($_POST['confirm_deletion']) and 1 == $_POST['confirm_deletion'])
255	{
256	foreach ($collection as $user_id)
257	{
258	delete_user($user_id);
259	}
260	array_push(
261	$page['infos'],
262	sprintf(
263	l10n('%d users deleted'),
264	count($collection)
265	)
266	);
267	foreach ($page['filtered_users'] as $filter_key => $filter_user)
268	{
269	if (in_array($filter_user['id'], $collection))
270	{
271	unset($page['filtered_users'][$filter_key]);
272	}
273	}
274	}
275	else
276	{
277	array_push($page['errors'], l10n('You need to confirm deletion'));
278	}
279	}
280	}
281
282	// +-----------------------------------------------------------------------+
283	// \| preferences form submission \|
284	// +-----------------------------------------------------------------------+
285
286	if (isset($_POST['pref_submit']) and count($collection) > 0)
287	{
288	if (-1 != $_POST['associate'])
289	{
290	$datas = array();
291
292	$query = '
293	SELECT user_id
294	FROM '.USER_GROUP_TABLE.'
295	WHERE group_id = '.$_POST['associate'].'
296	;';
297	$associated = array_from_query($query, 'user_id');
298
299	$associable = array_diff($collection, $associated);
300
301	if (count($associable) > 0)
302	{
303	foreach ($associable as $item)
304	{
305	array_push($datas,
306	array('group_id'=>$_POST['associate'],
307	'user_id'=>$item));
308	}
309
310	mass_inserts(USER_GROUP_TABLE,
311	array('group_id', 'user_id'),
312	$datas);
313	}
314	}
315
316	if (-1 != $_POST['dissociate'])
317	{
318	$query = '
319	DELETE FROM '.USER_GROUP_TABLE.'
320	WHERE group_id = '.$_POST['dissociate'].'
321	AND user_id IN ('.implode(',', $collection).')
322	';
323	pwg_query($query);
324	}
325
326	// properties to set for the collection (a user list)
327	$datas = array();
328	$dbfields = array('primary' => array('user_id'), 'update' => array());
329
330	$formfields =
331	array('nb_image_line', 'nb_line_page', 'template', 'language',
332	'recent_period', 'maxwidth', 'expand', 'show_nb_comments',
333	'maxheight', 'status');
334
335	$true_false_fields = array('expand', 'show_nb_comments');
336
337	foreach ($formfields as $formfield)
338	{
339	// special for true/false fields
340	if (in_array($formfield, $true_false_fields))
341	{
342	$test = $formfield;
343	}
344	else
345	{
346	$test = $formfield.'_action';
347	}
348
349	if ($_POST[$test] != 'leave')
350	{
351	array_push($dbfields['update'], $formfield);
352	}
353	}
354
355	// updating elements is useful only if needed...
356	if (count($dbfields['update']) > 0)
357	{
358	$datas = array();
359
360	foreach ($collection as $user_id)
361	{
362	$data = array();
363	$data['user_id'] = $user_id;
364
365	// TODO : verify if submited values are semanticaly correct
366	foreach ($dbfields['update'] as $dbfield)
367	{
368	// if the action is 'unset', the key won't be in row and
369	// mass_updates function will set this field to NULL
370	if (in_array($dbfield, $true_false_fields)
371	or 'set' == $_POST[$dbfield.'_action'])
372	{
373	$data[$dbfield] = $_POST[$dbfield];
374	}
375	}
376
377	// Webmaster status must not be changed
378	if ($conf['webmaster_id'] == $user_id and isset($data['status']))
379	{
380	$data['status'] = 'admin';
381	}
382
383	array_push($datas, $data);
384	}
385
386	// echo '<pre>';
387	// print_r($datas);
388	// echo '</pre>';
389
390	mass_updates(USER_INFOS_TABLE, $dbfields, $datas);
391	}
392
393	redirect(
394	PHPWG_ROOT_PATH.
395	'admin.php'.
396	get_query_string_diff(
397	array(
398	'start'
399	)
400	)
401	);
402	}
403
404	// +-----------------------------------------------------------------------+
405	// \| groups list \|
406	// +-----------------------------------------------------------------------+
407
408	$groups = array();
409
410	$query = '
411	SELECT id, name
412	FROM '.GROUPS_TABLE.'
413	;';
414	$result = pwg_query($query);
415
416	while ($row = mysql_fetch_array($result))
417	{
418	$groups[$row['id']] = $row['name'];
419	}
420
421	// +-----------------------------------------------------------------------+
422	// \| template init \|
423	// +-----------------------------------------------------------------------+
424
425	$template->set_filenames(array('user_list'=>'admin/user_list.tpl'));
426
427	$base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list');
428
429	if (isset($_GET['start']) and is_numeric($_GET['start']))
430	{
431	$start = $_GET['start'];
432	}
433	else
434	{
435	$start = 0;
436	}
437
438	$template->assign_vars(
439	array(
440	'L_AUTH_USER'=>$lang['permuser_only_private'],
441	'L_GROUP_ADD_USER' => $lang['group_add_user'],
442	'L_SUBMIT'=>$lang['submit'],
443	'L_STATUS'=>$lang['user_status'],
444	'L_PASSWORD' => $lang['password'],
445	'L_EMAIL' => $lang['mail_address'],
446	'L_ORDER_BY' => $lang['order_by'],
447	'L_ACTIONS' => $lang['actions'],
448	'L_PERMISSIONS' => $lang['permissions'],
449	'L_USERS_LIST' => $lang['title_liste_users'],
450	'L_LANGUAGE' => $lang['language'],
451	'L_NB_IMAGE_LINE' => $lang['nb_image_per_row'],
452	'L_NB_LINE_PAGE' => $lang['nb_row_per_page'],
453	'L_TEMPLATE' => $lang['theme'],
454	'L_RECENT_PERIOD' => $lang['recent_period'],
455	'L_EXPAND' => $lang['auto_expand'],
456	'L_SHOW_NB_COMMENTS' => $lang['show_nb_comments'],
457	'L_MAXWIDTH' => $lang['maxwidth'],
458	'L_MAXHEIGHT' => $lang['maxheight'],
459	'L_YES' => $lang['yes'],
460	'L_NO' => $lang['no'],
461	'L_SUBMIT' => $lang['submit'],
462	'L_RESET' => $lang['reset'],
463	'L_DELETE' => $lang['user_delete'],
464	'L_DELETE_HINT' => $lang['user_delete_hint'],
465
466	'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=user_list',
467
468	'F_ADD_ACTION' => $base_url,
469	'F_USERNAME' => @$_GET['username'],
470	'F_FILTER_ACTION' => PHPWG_ROOT_PATH.'admin.php'
471	));
472
473	if (isset($_GET['id']))
474	{
475	$template->assign_block_vars('session', array('ID' => $_GET['id']));
476	}
477
478	foreach ($page['order_by_items'] as $item => $label)
479	{
480	$selected = (isset($_GET['order_by']) and $_GET['order_by'] == $item) ?
481	'selected="selected"' : '';
482	$template->assign_block_vars(
483	'order_by',
484	array(
485	'VALUE' => $item,
486	'CONTENT' => $label,
487	'SELECTED' => $selected
488	));
489	}
490
491	foreach ($page['direction_items'] as $item => $label)
492	{
493	$selected = (isset($_GET['direction']) and $_GET['direction'] == $item) ?
494	'selected="selected"' : '';
495	$template->assign_block_vars(
496	'direction',
497	array(
498	'VALUE' => $item,
499	'CONTENT' => $label,
500	'SELECTED' => $selected
501	));
502	}
503
504	$blockname = 'group_option';
505
506	$template->assign_block_vars(
507	$blockname,
508	array(
509	'VALUE'=> -1,
510	'CONTENT' => '------------',
511	'SELECTED' => ''
512	));
513
514	foreach ($groups as $group_id => $group_name)
515	{
516	$selected = (isset($_GET['group']) and $_GET['group'] == $group_id) ?
517	'selected="selected"' : '';
518	$template->assign_block_vars(
519	$blockname,
520	array(
521	'VALUE' => $group_id,
522	'CONTENT' => $group_name,
523	'SELECTED' => $selected
524	));
525	}
526
527	$blockname = 'status_option';
528
529	$template->assign_block_vars(
530	$blockname,
531	array(
532	'VALUE'=> -1,
533	'CONTENT' => '------------',
534	'SELECTED' => ''
535	));
536
537	foreach (get_enums(USER_INFOS_TABLE, 'status') as $status)
538	{
539	$selected = (isset($_GET['status']) and $_GET['status'] == $status) ?
540	'selected="selected"' : '';
541	$template->assign_block_vars(
542	$blockname,
543	array(
544	'VALUE' => $status,
545	'CONTENT' => $lang['user_status_'.$status],
546	'SELECTED' => $selected
547	));
548	}
549
550	// ---
551	// $user['template'] = $conf['default_template'];
552	// $user['nb_image_line'] = $conf['nb_image_line'];
553	// $user['nb_line_page'] = $conf['nb_line_page'];
554	// $user['language'] = $conf['default_language'];
555	// $user['maxwidth'] = $conf['default_maxwidth'];
556	// $user['maxheight'] = $conf['default_maxheight'];
557	// $user['recent_period'] = $conf['recent_period'];
558	// $user['expand'] = $conf['auto_expand'];
559	// $user['show_nb_comments'] = $conf['show_nb_comments'];
560	// ---
561
562	if (isset($_POST['pref_submit']))
563	{
564	// echo '<pre>'; print_r($_POST); echo '</pre>';
565	$template->assign_vars(
566	array(
567	'NB_IMAGE_LINE' => $_POST['nb_image_line'],
568	'NB_LINE_PAGE' => $_POST['nb_line_page'],
569	'MAXWIDTH' => $_POST['maxwidth'],
570	'MAXHEIGHT' => $_POST['maxheight'],
571	'RECENT_PERIOD' => $_POST['recent_period'],
572	'EXPAND_YES' => 'true' == $_POST['expand'] ? 'checked="checked"' : '',
573	'EXPAND_NO' => 'false' == $_POST['expand'] ? 'checked="checked"' : '',
574	'SHOW_NB_COMMENTS_YES' =>
575	'true' == $_POST['show_nb_comments'] ? 'checked="checked"' : '',
576	'SHOW_NB_COMMENTS_NO' =>
577	'false' == $_POST['show_nb_comments'] ? 'checked="checked"' : ''
578	));
579	}
580	else
581	{
582	$template->assign_vars(
583	array(
584	'NB_IMAGE_LINE' => $conf['nb_image_line'],
585	'NB_LINE_PAGE' => $conf['nb_line_page'],
586	'MAXWIDTH' => @$conf['default_maxwidth'],
587	'MAXHEIGHT' => @$conf['default_maxheight'],
588	'RECENT_PERIOD' => $conf['recent_period'],
589	));
590	}
591
592	$blockname = 'template_option';
593
594	foreach (get_templates() as $pwg_template)
595	{
596	if (isset($_POST['pref_submit']))
597	{
598	$selected = $_POST['template']==$pwg_template ? 'selected="selected"' : '';
599	}
600	else if ($conf['default_template'] == $pwg_template)
601	{
602	$selected = 'selected="selected"';
603	}
604	else
605	{
606	$selected = '';
607	}
608
609	$template->assign_block_vars(
610	$blockname,
611	array(
612	'VALUE'=> $pwg_template,
613	'CONTENT' => $pwg_template,
614	'SELECTED' => $selected
615	));
616	}
617
618	$blockname = 'language_option';
619
620	foreach (get_languages() as $language_code => $language_name)
621	{
622	if (isset($_POST['pref_submit']))
623	{
624	$selected = $_POST['language']==$language_code ? 'selected="selected"':'';
625	}
626	else if ($conf['default_language'] == $language_code)
627	{
628	$selected = 'selected="selected"';
629	}
630	else
631	{
632	$selected = '';
633	}
634
635	$template->assign_block_vars(
636	$blockname,
637	array(
638	'VALUE'=> $language_code,
639	'CONTENT' => $language_name,
640	'SELECTED' => $selected
641	));
642	}
643
644	$blockname = 'pref_status_option';
645
646	foreach (get_enums(USER_INFOS_TABLE, 'status') as $status)
647	{
648	if (isset($_POST['pref_submit']))
649	{
650	$selected = $_POST['status'] == $status ? 'selected="selected"' : '';
651	}
652	else if ('guest' == $status)
653	{
654	$selected = 'selected="selected"';
655	}
656	else
657	{
658	$selected = '';
659	}
660
661	$template->assign_block_vars(
662	$blockname,
663	array(
664	'VALUE' => $status,
665	'CONTENT' => $lang['user_status_'.$status],
666	'SELECTED' => $selected
667	));
668	}
669
670	// associate
671	$blockname = 'associate_option';
672
673	$template->assign_block_vars(
674	$blockname,
675	array(
676	'VALUE'=> -1,
677	'CONTENT' => '------------',
678	'SELECTED' => ''
679	));
680
681	foreach ($groups as $group_id => $group_name)
682	{
683	if (isset($_POST['pref_submit']))
684	{
685	$selected = $_POST['associate'] == $group_id ? 'selected="selected"' : '';
686	}
687	else
688	{
689	$selected = '';
690	}
691
692	$template->assign_block_vars(
693	$blockname,
694	array(
695	'VALUE' => $group_id,
696	'CONTENT' => $group_name,
697	'SELECTED' => $selected
698	));
699	}
700
701	// dissociate
702	$blockname = 'dissociate_option';
703
704	$template->assign_block_vars(
705	$blockname,
706	array(
707	'VALUE'=> -1,
708	'CONTENT' => '------------',
709	'SELECTED' => ''
710	));
711
712	foreach ($groups as $group_id => $group_name)
713	{
714	if (isset($_POST['pref_submit']))
715	{
716	$selected = $_POST['dissociate'] == $group_id ? 'selected="selected"' : '';
717	}
718	else
719	{
720	$selected = '';
721	}
722
723	$template->assign_block_vars(
724	$blockname,
725	array(
726	'VALUE' => $group_id,
727	'CONTENT' => $group_name,
728	'SELECTED' => $selected
729	));
730	}
731
732	// +-----------------------------------------------------------------------+
733	// \| navigation bar \|
734	// +-----------------------------------------------------------------------+
735
736	$url = PHPWG_ROOT_PATH.'admin.php'.get_query_string_diff(array('start'));
737
738	$navbar = create_navigation_bar(
739	$url,
740	count($page['filtered_users']),
741	$start,
742	$conf['users_page'],
743	''
744	);
745
746	$template->assign_vars(array('NAVBAR' => $navbar));
747
748	// +-----------------------------------------------------------------------+
749	// \| user list \|
750	// +-----------------------------------------------------------------------+
751
752	$profile_url = PHPWG_ROOT_PATH.'admin.php?page=profile&user_id=';
753	$perm_url = PHPWG_ROOT_PATH.'admin.php?page=user_perm&user_id=';
754
755	foreach ($page['filtered_users'] as $num => $local_user)
756	{
757	// simulate LIMIT $start, $conf['users_page']
758	if ($num < $start)
759	{
760	continue;
761	}
762	if ($num >= $start + $conf['users_page'])
763	{
764	break;
765	}
766
767	$groups_string = preg_replace(
768	'/(\d+)/e',
769	"\$groups['$1']",
770	implode(
771	', ',
772	$local_user['groups']
773	)
774	);
775
776	if (isset($_POST['pref_submit'])
777	and isset($_POST['selection'])
778	and in_array($local_user['id'], $_POST['selection']))
779	{
780	$checked = 'checked="checked"';
781	}
782	else
783	{
784	$checked = '';
785	}
786
787	$template->assign_block_vars(
788	'user',
789	array(
790	'CLASS' => ($num % 2 == 1) ? 'row2' : 'row1',
791	'ID' => $local_user['id'],
792	'CHECKED' => $checked,
793	'U_MOD' => add_session_id($profile_url.$local_user['id']),
794	'U_PERM' => add_session_id($perm_url.$local_user['id']),
795	'USERNAME' => $local_user['username'],
796	'STATUS' => $lang['user_status_'.$local_user['status']],
797	'EMAIL' => isset($local_user['email']) ? $local_user['email'] : '',
798	'GROUPS' => $groups_string
799	)
800	);
801	}
802
803	// +-----------------------------------------------------------------------+
804	// \| html code display \|
805	// +-----------------------------------------------------------------------+
806
807	$template->assign_var_from_handle('ADMIN_CONTENT', 'user_list');
808	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: