Context Navigation

source: trunk/admin/user_list.php @ 865

Last change on this file since 865 was 865, checked in by plg, 19 years ago

improvement: add information about how to use an external table for users

bug fixed: uses user configuration fields for filtering in admin/user_list

bug fixed: don't try to create feeds automatically during sync_users (when line in user_infos is missing)

bug fixed: create_user_infos function gives status admin if user id matches $confwebmaster_id

Property svn:eol-style set to native
Property svn:keywords set to Author Date Id Revision

File size: 20.5 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2005-09-17 22:22:22 +0000 (Sat, 17 Sep 2005) $
10	// \| last modifier : $Author: plg $
11	// \| revision : $Revision: 865 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	/**
29	* Add users and manage users list
30	*/
31
32	// +-----------------------------------------------------------------------+
33	// \| initialization \|
34	// +-----------------------------------------------------------------------+
35
36	if (!defined('PHPWG_ROOT_PATH'))
37	{
38	die('Hacking attempt!');
39	}
40	include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php');
41
42	// +-----------------------------------------------------------------------+
43	// \| add a user \|
44	// +-----------------------------------------------------------------------+
45
46	if (isset($_POST['submit_add']))
47	{
48	$page['errors'] = register_user($_POST['login'], $_POST['password'], '');
49	}
50
51	// +-----------------------------------------------------------------------+
52	// \| selected users \|
53	// +-----------------------------------------------------------------------+
54
55	if (isset($_POST['delete']) or isset($_POST['pref_submit']))
56	{
57	$collection = array();
58
59	switch ($_POST['target'])
60	{
61	case 'all' :
62	{
63	$query = '
64	SELECT id
65	FROM '.USERS_TABLE.'
66	WHERE id != '.$conf['guest_id'].'
67	;';
68	$collection = array_from_query($query, 'id');
69	break;
70	}
71	case 'selection' :
72	{
73	if (isset($_POST['selection']))
74	{
75	$collection = $_POST['selection'];
76	}
77	break;
78	}
79	}
80
81	if (count($collection) == 0)
82	{
83	array_push($page['errors'], l10n('Select at least one user'));
84	}
85	}
86
87	// +-----------------------------------------------------------------------+
88	// \| delete users \|
89	// +-----------------------------------------------------------------------+
90
91	if (isset($_POST['delete']) and count($collection) > 0)
92	{
93	if (in_array($conf['webmaster_id'], $collection))
94	{
95	array_push($page['errors'], l10n('Webmaster cannot be deleted'));
96	}
97	else
98	{
99	if (isset($_POST['confirm_deletion']) and 1 == $_POST['confirm_deletion'])
100	{
101	foreach ($collection as $user_id)
102	{
103	delete_user($user_id);
104	}
105	array_push(
106	$page['infos'],
107	sprintf(
108	l10n('%d users deleted'),
109	count($collection)
110	)
111	);
112	}
113	else
114	{
115	array_push($page['errors'], l10n('You need to confirm deletion'));
116	}
117	}
118	}
119
120	// +-----------------------------------------------------------------------+
121	// \| preferences form submission \|
122	// +-----------------------------------------------------------------------+
123
124	if (isset($_POST['pref_submit']) and count($collection) > 0)
125	{
126	if (-1 != $_POST['associate'])
127	{
128	$datas = array();
129
130	$query = '
131	SELECT user_id
132	FROM '.USER_GROUP_TABLE.'
133	WHERE group_id = '.$_POST['associate'].'
134	;';
135	$associated = array_from_query($query, 'user_id');
136
137	$associable = array_diff($collection, $associated);
138
139	if (count($associable) > 0)
140	{
141	foreach ($associable as $item)
142	{
143	array_push($datas,
144	array('group_id'=>$_POST['associate'],
145	'user_id'=>$item));
146	}
147
148	mass_inserts(USER_GROUP_TABLE,
149	array('group_id', 'user_id'),
150	$datas);
151	}
152	}
153
154	if (-1 != $_POST['dissociate'])
155	{
156	$query = '
157	DELETE FROM '.USER_GROUP_TABLE.'
158	WHERE group_id = '.$_POST['dissociate'].'
159	AND user_id IN ('.implode(',', $collection).')
160	';
161	pwg_query($query);
162	}
163
164	// properties to set for the collection (a user list)
165	$datas = array();
166	$dbfields = array('primary' => array('user_id'), 'update' => array());
167
168	$formfields =
169	array('nb_image_line', 'nb_line_page', 'template', 'language',
170	'recent_period', 'maxwidth', 'expand', 'show_nb_comments',
171	'maxheight', 'status');
172
173	$true_false_fields = array('expand', 'show_nb_comments');
174
175	foreach ($formfields as $formfield)
176	{
177	// special for true/false fields
178	if (in_array($formfield, $true_false_fields))
179	{
180	$test = $formfield;
181	}
182	else
183	{
184	$test = $formfield.'_action';
185	}
186
187	if ($_POST[$test] != 'leave')
188	{
189	array_push($dbfields['update'], $formfield);
190	}
191	}
192
193	// updating elements is useful only if needed...
194	if (count($dbfields['update']) > 0)
195	{
196	$datas = array();
197
198	foreach ($collection as $user_id)
199	{
200	$data = array();
201	$data['user_id'] = $user_id;
202
203	// TODO : verify if submited values are semanticaly correct
204	foreach ($dbfields['update'] as $dbfield)
205	{
206	// if the action is 'unset', the key won't be in row and
207	// mass_updates function will set this field to NULL
208	if (in_array($dbfield, $true_false_fields)
209	or 'set' == $_POST[$dbfield.'_action'])
210	{
211	$data[$dbfield] = $_POST[$dbfield];
212	}
213	}
214
215	// Webmaster status must not be changed
216	if ($conf['webmaster_id'] == $user_id and isset($data['status']))
217	{
218	$data['status'] = 'admin';
219	}
220
221	array_push($datas, $data);
222	}
223
224	// echo '<pre>';
225	// print_r($datas);
226	// echo '</pre>';
227
228	mass_updates(USER_INFOS_TABLE, $dbfields, $datas);
229	}
230	}
231
232	// +-----------------------------------------------------------------------+
233	// \| groups list \|
234	// +-----------------------------------------------------------------------+
235
236	$groups = array();
237
238	$query = '
239	SELECT id, name
240	FROM '.GROUPS_TABLE.'
241	;';
242	$result = pwg_query($query);
243
244	while ($row = mysql_fetch_array($result))
245	{
246	$groups[$row['id']] = $row['name'];
247	}
248
249	// +-----------------------------------------------------------------------+
250	// \| template init \|
251	// +-----------------------------------------------------------------------+
252
253	$template->set_filenames(array('user_list'=>'admin/user_list.tpl'));
254
255	$base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list');
256
257	$conf['users_page'] = 20;
258
259	if (isset($_GET['start']) and is_numeric($_GET['start']))
260	{
261	$start = $_GET['start'];
262	}
263	else
264	{
265	$start = 0;
266	}
267
268	$template->assign_vars(
269	array(
270	'L_AUTH_USER'=>$lang['permuser_only_private'],
271	'L_GROUP_ADD_USER' => $lang['group_add_user'],
272	'L_SUBMIT'=>$lang['submit'],
273	'L_STATUS'=>$lang['user_status'],
274	'L_USERNAME' => $lang['login'],
275	'L_PASSWORD' => $lang['password'],
276	'L_EMAIL' => $lang['mail_address'],
277	'L_ORDER_BY' => $lang['order_by'],
278	'L_ACTIONS' => $lang['actions'],
279	'L_PERMISSIONS' => $lang['permissions'],
280	'L_USERS_LIST' => $lang['title_liste_users'],
281	'L_LANGUAGE' => $lang['language'],
282	'L_NB_IMAGE_LINE' => $lang['nb_image_per_row'],
283	'L_NB_LINE_PAGE' => $lang['nb_row_per_page'],
284	'L_TEMPLATE' => $lang['theme'],
285	'L_RECENT_PERIOD' => $lang['recent_period'],
286	'L_EXPAND' => $lang['auto_expand'],
287	'L_SHOW_NB_COMMENTS' => $lang['show_nb_comments'],
288	'L_MAXWIDTH' => $lang['maxwidth'],
289	'L_MAXHEIGHT' => $lang['maxheight'],
290	'L_YES' => $lang['yes'],
291	'L_NO' => $lang['no'],
292	'L_SUBMIT' => $lang['submit'],
293	'L_RESET' => $lang['reset'],
294	'L_DELETE' => $lang['user_delete'],
295	'L_DELETE_HINT' => $lang['user_delete_hint'],
296
297	'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=user_list',
298
299	'F_ADD_ACTION' => $base_url,
300	'F_USERNAME' => @$_GET['username'],
301	'F_FILTER_ACTION' => PHPWG_ROOT_PATH.'admin.php'
302	));
303
304	if (isset($_GET['id']))
305	{
306	$template->assign_block_vars('session', array('ID' => $_GET['id']));
307	}
308
309	$order_by_items = array('id' => $lang['registration_date'],
310	'username' => $lang['login']);
311
312	foreach ($order_by_items as $item => $label)
313	{
314	$selected = (isset($_GET['order_by']) and $_GET['order_by'] == $item) ?
315	'selected="selected"' : '';
316	$template->assign_block_vars(
317	'order_by',
318	array(
319	'VALUE' => $item,
320	'CONTENT' => $label,
321	'SELECTED' => $selected
322	));
323	}
324
325	$direction_items = array('asc' => $lang['ascending'],
326	'desc' => $lang['descending']);
327
328	foreach ($direction_items as $item => $label)
329	{
330	$selected = (isset($_GET['direction']) and $_GET['direction'] == $item) ?
331	'selected="selected"' : '';
332	$template->assign_block_vars(
333	'direction',
334	array(
335	'VALUE' => $item,
336	'CONTENT' => $label,
337	'SELECTED' => $selected
338	));
339	}
340
341	$blockname = 'group_option';
342
343	$template->assign_block_vars(
344	$blockname,
345	array(
346	'VALUE'=> -1,
347	'CONTENT' => '------------',
348	'SELECTED' => ''
349	));
350
351	foreach ($groups as $group_id => $group_name)
352	{
353	$selected = (isset($_GET['group']) and $_GET['group'] == $group_id) ?
354	'selected="selected"' : '';
355	$template->assign_block_vars(
356	$blockname,
357	array(
358	'VALUE' => $group_id,
359	'CONTENT' => $group_name,
360	'SELECTED' => $selected
361	));
362	}
363
364	$blockname = 'status_option';
365
366	$template->assign_block_vars(
367	$blockname,
368	array(
369	'VALUE'=> -1,
370	'CONTENT' => '------------',
371	'SELECTED' => ''
372	));
373
374	foreach (get_enums(USER_INFOS_TABLE, 'status') as $status)
375	{
376	$selected = (isset($_GET['status']) and $_GET['status'] == $status) ?
377	'selected="selected"' : '';
378	$template->assign_block_vars(
379	$blockname,
380	array(
381	'VALUE' => $status,
382	'CONTENT' => $lang['user_status_'.$status],
383	'SELECTED' => $selected
384	));
385	}
386
387	// ---
388	// $user['template'] = $conf['default_template'];
389	// $user['nb_image_line'] = $conf['nb_image_line'];
390	// $user['nb_line_page'] = $conf['nb_line_page'];
391	// $user['language'] = $conf['default_language'];
392	// $user['maxwidth'] = $conf['default_maxwidth'];
393	// $user['maxheight'] = $conf['default_maxheight'];
394	// $user['recent_period'] = $conf['recent_period'];
395	// $user['expand'] = $conf['auto_expand'];
396	// $user['show_nb_comments'] = $conf['show_nb_comments'];
397	// ---
398
399	if (isset($_POST['pref_submit']))
400	{
401	// echo '<pre>'; print_r($_POST); echo '</pre>';
402	$template->assign_vars(
403	array(
404	'NB_IMAGE_LINE' => $_POST['nb_image_line'],
405	'NB_LINE_PAGE' => $_POST['nb_line_page'],
406	'MAXWIDTH' => $_POST['maxwidth'],
407	'MAXHEIGHT' => $_POST['maxheight'],
408	'RECENT_PERIOD' => $_POST['recent_period'],
409	'EXPAND_YES' => 'true' == $_POST['expand'] ? 'checked="checked"' : '',
410	'EXPAND_NO' => 'false' == $_POST['expand'] ? 'checked="checked"' : '',
411	'SHOW_NB_COMMENTS_YES' =>
412	'true' == $_POST['show_nb_comments'] ? 'checked="checked"' : '',
413	'SHOW_NB_COMMENTS_NO' =>
414	'false' == $_POST['show_nb_comments'] ? 'checked="checked"' : ''
415	));
416	}
417	else
418	{
419	$template->assign_vars(
420	array(
421	'NB_IMAGE_LINE' => $conf['nb_image_line'],
422	'NB_LINE_PAGE' => $conf['nb_line_page'],
423	'MAXWIDTH' => @$conf['default_maxwidth'],
424	'MAXHEIGHT' => @$conf['default_maxheight'],
425	'RECENT_PERIOD' => $conf['recent_period'],
426	));
427	}
428
429	$blockname = 'template_option';
430
431	foreach (get_templates() as $pwg_template)
432	{
433	if (isset($_POST['pref_submit']))
434	{
435	$selected = $_POST['template']==$pwg_template ? 'selected="selected"' : '';
436	}
437	else if ($conf['default_template'] == $pwg_template)
438	{
439	$selected = 'selected="selected"';
440	}
441	else
442	{
443	$selected = '';
444	}
445
446	$template->assign_block_vars(
447	$blockname,
448	array(
449	'VALUE'=> $pwg_template,
450	'CONTENT' => $pwg_template,
451	'SELECTED' => $selected
452	));
453	}
454
455	$blockname = 'language_option';
456
457	foreach (get_languages() as $language_code => $language_name)
458	{
459	if (isset($_POST['pref_submit']))
460	{
461	$selected = $_POST['language']==$language_code ? 'selected="selected"':'';
462	}
463	else if ($conf['default_language'] == $language_code)
464	{
465	$selected = 'selected="selected"';
466	}
467	else
468	{
469	$selected = '';
470	}
471
472	$template->assign_block_vars(
473	$blockname,
474	array(
475	'VALUE'=> $language_code,
476	'CONTENT' => $language_name,
477	'SELECTED' => $selected
478	));
479	}
480
481	$blockname = 'pref_status_option';
482
483	foreach (get_enums(USER_INFOS_TABLE, 'status') as $status)
484	{
485	if (isset($_POST['pref_submit']))
486	{
487	$selected = $_POST['status'] == $status ? 'selected="selected"' : '';
488	}
489	else if ('guest' == $status)
490	{
491	$selected = 'selected="selected"';
492	}
493	else
494	{
495	$selected = '';
496	}
497
498	$template->assign_block_vars(
499	$blockname,
500	array(
501	'VALUE' => $status,
502	'CONTENT' => $lang['user_status_'.$status],
503	'SELECTED' => $selected
504	));
505	}
506
507	// associate
508	$blockname = 'associate_option';
509
510	$template->assign_block_vars(
511	$blockname,
512	array(
513	'VALUE'=> -1,
514	'CONTENT' => '------------',
515	'SELECTED' => ''
516	));
517
518	foreach ($groups as $group_id => $group_name)
519	{
520	if (isset($_POST['pref_submit']))
521	{
522	$selected = $_POST['associate'] == $group_id ? 'selected="selected"' : '';
523	}
524	else
525	{
526	$selected = '';
527	}
528
529	$template->assign_block_vars(
530	$blockname,
531	array(
532	'VALUE' => $group_id,
533	'CONTENT' => $group_name,
534	'SELECTED' => $selected
535	));
536	}
537
538	// dissociate
539	$blockname = 'dissociate_option';
540
541	$template->assign_block_vars(
542	$blockname,
543	array(
544	'VALUE'=> -1,
545	'CONTENT' => '------------',
546	'SELECTED' => ''
547	));
548
549	foreach ($groups as $group_id => $group_name)
550	{
551	if (isset($_POST['pref_submit']))
552	{
553	$selected = $_POST['dissociate'] == $group_id ? 'selected="selected"' : '';
554	}
555	else
556	{
557	$selected = '';
558	}
559
560	$template->assign_block_vars(
561	$blockname,
562	array(
563	'VALUE' => $group_id,
564	'CONTENT' => $group_name,
565	'SELECTED' => $selected
566	));
567	}
568
569	// +-----------------------------------------------------------------------+
570	// \| filter \|
571	// +-----------------------------------------------------------------------+
572
573	$filter = array();
574
575	if (isset($_GET['username']) and !empty($_GET['username']))
576	{
577	$username = str_replace('*', '%', $_GET['username']);
578	if (function_exists('mysql_real_escape_string'))
579	{
580	$username = mysql_real_escape_string($username);
581	}
582	else
583	{
584	$username = mysql_escape_string($username);
585	}
586
587	if (!empty($username))
588	{
589	$filter['username'] = $username;
590	}
591	}
592
593	if (isset($_GET['group'])
594	and -1 != $_GET['group']
595	and is_numeric($_GET['group']))
596	{
597	$filter['group'] = $_GET['group'];
598	}
599
600	if (isset($_GET['status'])
601	and in_array($_GET['status'], get_enums(USER_INFOS_TABLE, 'status')))
602	{
603	$filter['status'] = $_GET['status'];
604	}
605
606	// +-----------------------------------------------------------------------+
607	// \| navigation bar \|
608	// +-----------------------------------------------------------------------+
609
610	$query = '
611	SELECT COUNT(DISTINCT u.'.$conf['user_fields']['id'].')
612	FROM '.USERS_TABLE.' AS u
613	INNER JOIN '.USER_INFOS_TABLE.' AS ui
614	ON u.'.$conf['user_fields']['id'].' = ui.user_id
615	LEFT JOIN '.USER_GROUP_TABLE.' AS ug
616	ON u.'.$conf['user_fields']['id'].' = ug.user_id
617	WHERE u.'.$conf['user_fields']['id'].' != '.$conf['guest_id'];
618	if (isset($filter['username']))
619	{
620	$query.= '
621	AND u.'.$conf['user_fields']['username'].' LIKE \''.$filter['username'].'\'';
622	}
623	if (isset($filter['group']))
624	{
625	$query.= '
626	AND ug.group_id = '.$filter['group'];
627	}
628	if (isset($filter['status']))
629	{
630	$query.= '
631	AND ui.status = \''.$filter['status']."'";
632	}
633	$query.= '
634	;';
635	list($counter) = mysql_fetch_row(pwg_query($query));
636
637	$url = PHPWG_ROOT_PATH.'admin.php'.get_query_string_diff(array('start'));
638
639	$navbar = create_navigation_bar($url,
640	$counter,
641	$start,
642	$conf['users_page'],
643	'');
644
645	$template->assign_vars(array('NAVBAR' => $navbar));
646
647	// +-----------------------------------------------------------------------+
648	// \| user list \|
649	// +-----------------------------------------------------------------------+
650
651	$profile_url = PHPWG_ROOT_PATH.'admin.php?page=profile&user_id=';
652	$perm_url = PHPWG_ROOT_PATH.'admin.php?page=user_perm&user_id=';
653
654	$users = array();
655	$user_ids = array();
656
657	$order_by = 'id';
658	if (isset($_GET['order_by'])
659	and in_array($_GET['order_by'], array_keys($order_by_items)))
660	{
661	$order_by = $_GET['order_by'];
662	}
663
664	$direction = 'ASC';
665	if (isset($_GET['direction'])
666	and in_array($_GET['direction'], array_keys($direction_items)))
667	{
668	$direction = strtoupper($_GET['direction']);
669	}
670
671	$query = '
672	SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
673	u.'.$conf['user_fields']['username'].' AS username,
674	u.'.$conf['user_fields']['email'].' AS email,
675	ui.status
676	FROM '.USERS_TABLE.' AS u
677	INNER JOIN '.USER_INFOS_TABLE.' AS ui
678	ON u.'.$conf['user_fields']['id'].' = ui.user_id
679	LEFT JOIN '.USER_GROUP_TABLE.' AS ug
680	ON u.'.$conf['user_fields']['id'].' = ug.user_id
681	WHERE u.'.$conf['user_fields']['id'].' != '.$conf['guest_id'];
682	if (isset($filter['username']))
683	{
684	$query.= '
685	AND u.'.$conf['user_fields']['username'].' LIKE \''.$filter['username'].'\'';
686	}
687	if (isset($filter['group']))
688	{
689	$query.= '
690	AND ug.group_id = '.$filter['group'];
691	}
692	if (isset($filter['status']))
693	{
694	$query.= '
695	AND ui.status = \''.$filter['status']."'";
696	}
697	$query.= '
698	ORDER BY '.$order_by.' '.$direction.'
699	LIMIT '.$start.', '.$conf['users_page'].'
700	;';
701	$result = pwg_query($query);
702	while ($row = mysql_fetch_array($result))
703	{
704	array_push($users, $row);
705	array_push($user_ids, $row['id']);
706	$user_groups[$row['id']] = array();
707	}
708
709	if (count($user_ids) > 0)
710	{
711	$query = '
712	SELECT user_id, group_id
713	FROM '.USER_GROUP_TABLE.'
714	WHERE user_id IN ('.implode(',', $user_ids).')
715	;';
716	$result = pwg_query($query);
717	while ($row = mysql_fetch_array($result))
718	{
719	array_push($user_groups[$row['user_id']], $row['group_id']);
720	}
721
722	foreach ($users as $num => $item)
723	{
724	$groups_string = preg_replace('/(\d+)/e',
725	"\$groups['$1']",
726	implode(', ', $user_groups[$item['id']]));
727
728	if (isset($_POST['pref_submit'])
729	and isset($_POST['selection'])
730	and in_array($item['id'], $_POST['selection']))
731	{
732	$checked = 'checked="checked"';
733	}
734	else
735	{
736	$checked = '';
737	}
738
739	$template->assign_block_vars(
740	'user',
741	array(
742	'CLASS' => ($num % 2 == 1) ? 'row2' : 'row1',
743	'ID'=>$item['id'],
744	'CHECKED'=>$checked,
745	'U_MOD'=>add_session_id($profile_url.$item['id']),
746	'U_PERM'=>add_session_id($perm_url.$item['id']),
747	'USERNAME'=>$item['username'],
748	'STATUS'=>$lang['user_status_'.$item['status']],
749	'EMAIL'=>isset($item['email']) ? $item['email'] : '',
750	'GROUPS'=>$groups_string
751	));
752	}
753	}
754
755	// +-----------------------------------------------------------------------+
756	// \| html code display \|
757	// +-----------------------------------------------------------------------+
758
759	$template->assign_var_from_handle('ADMIN_CONTENT', 'user_list');
760	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: