<?php
// Keep file coded in UTF-8 without BOM: é

if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');

global $template, $conf, $page;

$conf_LCAS = unserialize($conf['LoginCaseAccentsSensitivity']);

/**
 * Add users and manage users list according to LCAS plugin
 * ( http://piwigo.org/ext/extension_view.php?eid=513 )
 */

// +-----------------------------------------------------------------------+
// |                              functions                                |
// +-----------------------------------------------------------------------+

/**
 * returns a list of users depending on page filters (in $_GET)
 *
 * Each user comes with his related informations : id, username, mail
 * address, list of groups.
 *
 * @return array
 */
function LCAS_get_filtered_user_list()
{
  global $conf, $page, $conf_LCAS;

  $conf_LCAS= unserialize($conf['LoginCaseAccentsSensitivity']);

  $users = array();
  $users_t1 = array();

  // filter
  $filter = array();

    // Build a PHP regex both complying to user's request,
    // and to LCAS current rule
    $username=  preg_replace(array('/^\*/', '/\*$/'), '%', $_GET['username']);
    if (preg_match('/%$/', $username))
     $username = preg_replace('/%$/', '/', $username);
    else
     $username.= '$/';
    if (preg_match('/^%/', $username))
     $username = preg_replace('/^%/', '/', $username);
    else
     $username = '/^'.$username;
    $filter['username'] =
     pwg_db_real_escape_string(LCAS_change_case($username, $conf_LCAS[0]));

  if (isset($_GET['group'])
      and -1 != $_GET['group']
      and is_numeric($_GET['group']))
  {
    $filter['group'] = $_GET['group'];
  }

  if (isset($_GET['status'])
      and in_array($_GET['status'], get_enums(USER_INFOS_TABLE, 'status')))
  {
    $filter['status'] = $_GET['status'];
  }

  // how to order the list?
  $order_by = 'id';
  if (isset($_GET['order_by'])
      and in_array($_GET['order_by'], array_keys($page['order_by_items'])))
  {
    $order_by = $_GET['order_by'];
  }

  $direction = 'ASC';
  if (isset($_GET['direction'])
      and in_array($_GET['direction'], array_keys($page['direction_items'])))
  {
    $direction = strtoupper($_GET['direction']);
  }

  // search users depending on filters and order
  $query = '
SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
                u.'.$conf['user_fields']['username'].' AS username,
                u.'.$conf['user_fields']['email'].' AS email,
                ui.status,
                ui.enabled_high,
                ui.level
  FROM '.USERS_TABLE.' AS u
    INNER JOIN '.USER_INFOS_TABLE.' AS ui
      ON u.'.$conf['user_fields']['id'].' = ui.user_id
    LEFT JOIN '.USER_GROUP_TABLE.' AS ug
      ON u.'.$conf['user_fields']['id'].' = ug.user_id
  WHERE u.'.$conf['user_fields']['id'].' > 0';

  if (isset($filter['group']))
  {
    $query.= '
    AND ug.group_id = '.$filter['group'];
  }
  if (isset($filter['status']))
  {
    $query.= '
    AND ui.status = \''.$filter['status']."'";
  }
  $query.= '
  ORDER BY '.$order_by.' '.$direction.'
;';

  $result = pwg_query($query);
  while ($row = pwg_db_fetch_assoc($result))
  {
    $user = $row;
    $user['groups'] = array();

    array_push($users, $user);
  }

  // add group lists
  $user_ids = array();
  foreach ($users as $i => $user)
  {
    $user_ids[$i] = $user['id'];
  }
  $user_nums = array_flip($user_ids);

  if (count($user_ids) > 0)
  {
    $query = '
SELECT user_id, group_id
  FROM '.USER_GROUP_TABLE.'
  WHERE user_id IN ('.implode(',', $user_ids).')
;';
    $result = pwg_query($query);
    while ($row = pwg_db_fetch_assoc($result))
    {
      array_push(
        $users[$user_nums[$row['user_id']]]['groups'],
        $row['group_id']
        );
    }
  }
  
  // $users is now all usernames matching all filters but the username
  // filter
  // Username filter applied now: convert all found usernames with current
  // LCAS rule, and compare to LCAS-converted filter on username
  foreach ($users as $user) if (preg_match(
   $filter['username'], LCAS_change_case($user['username'], $conf_LCAS[0])
   )) $users_t1[] = $user;
  
  return $users_t1;
}

// +-----------------------------------------------------------------------+
// |                           initialization                              |
// +-----------------------------------------------------------------------+

if (!defined('PHPWG_ROOT_PATH'))
{
  die('Hacking attempt!');
}

include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');

// +-----------------------------------------------------------------------+
// |                               user list                               |
// +-----------------------------------------------------------------------+

$page['filtered_users'] = LCAS_get_filtered_user_list();

// +-----------------------------------------------------------------------+
// |                              groups list                              |
// +-----------------------------------------------------------------------+

$groups[-1] = '------------';

$query = '
SELECT id, name
  FROM '.GROUPS_TABLE.'
  ORDER BY name ASC
;';
$result = pwg_query($query);

while ($row = pwg_db_fetch_assoc($result))
{
  $groups[$row['id']] = $row['name'];
}

// +-----------------------------------------------------------------------+
// |                             template init                             |
// +-----------------------------------------------------------------------+

$base_url = PHPWG_ROOT_PATH.'admin.php?page=user_list';

if (isset($_GET['start']) and is_numeric($_GET['start']))
{
  $start = $_GET['start'];
}
else
{
  $start = 0;
}

$template->assign(
  'F_USERNAME', @htmlentities($_GET['username'], ENT_COMPAT, 'UTF-8')
);

$profile_url = get_root_url().'admin.php?page=profile&amp;user_id=';
$perm_url = get_root_url().'admin.php?page=user_perm&amp;user_id=';

$visible_user_list = array();
foreach ($page['filtered_users'] as $num => $local_user)
{
  // simulate LIMIT $start, $conf['users_page']
  if ($num < $start)
  {
    continue;
  }
  if ($num >= $start + $conf['users_page'])
  {
    break;
  }

  $visible_user_list[] = $local_user;
}

// Reset TPL variables
$template->smarty->_tpl_vars['users'] = array();
$template->smarty->_tpl_vars['plugin_columns'] = array();
$template->smarty->_tpl_vars['plugin_actions'] = array();

// allow plugins to fill template var plugin_user_list_column_titles and
// plugin_columns/plugin_actions for each user in the list
$visible_user_list =
 trigger_event('loc_visible_user_list', $visible_user_list);

foreach ($visible_user_list as $local_user)
{
  $groups_string = preg_replace(
    '/(\d+)/e',
    "\$groups['$1']",
    implode(
      ', ',
      $local_user['groups']
      )
    );

  if (isset($_POST['pref_submit'])
      and isset($_POST['selection'])
      and in_array($local_user['id'], $_POST['selection']))
  {
    $checked = 'checked="checked"';
  }
  else
  {
    $checked = '';
  }

  $properties = array();
  if ( $local_user['level'] != 0 )
  {
    $properties[] = l10n( sprintf('Level %d', $local_user['level']) );
  }
  $properties[] = (
    isset($local_user['enabled_high']) and
    ($local_user['enabled_high'] == 'true')
  ) ? l10n('High definition') : l10n('');

  $template->append(
    'users',
    array(
      'ID' => $local_user['id'],
      'CHECKED' => $checked,
      'U_PROFILE' => $profile_url.$local_user['id'],
      'U_PERM' => $perm_url.$local_user['id'],
      'USERNAME' => stripslashes($local_user['username'])
        .($local_user['id'] == $conf['guest_id']
          ? '<br>['.l10n('guest').']' : '')
        .($local_user['id'] == $conf['default_user_id']
          ? '<br>['.l10n('default values').']' : ''),
      'STATUS' => l10n('user_status_'.$local_user['status']),
      'EMAIL' => get_email_address_as_display_text($local_user['email']),
      'GROUPS' => $groups_string,
      'PROPERTIES' => implode( ', ', $properties),
      'plugin_columns' => isset($local_user['plugin_columns']) ?
       $local_user['plugin_columns'] : array(),
      'plugin_actions' => isset($local_user['plugin_actions']) ?
       $local_user['plugin_actions'] : array(),
      )
    );
}

// +-----------------------------------------------------------------------+
// |                           html code display                           |
// +-----------------------------------------------------------------------+

$template->assign_var_from_handle('ADMIN_CONTENT', 'user_list');
?>