Context Navigation

source: tags/release-1_5_0RC2/admin/user_list.php @ 25219

Last change on this file since 25219 was 906, checked in by plg, 19 years ago

bug 173 fixed: due to phpBB user identifiers management, the method to find the next user identifier has changer to MAX+1.

improvement: information message when new user added

bug fixed: language item "Username" used instead of "login".

Property svn:eol-style set to native
Property svn:keywords set to Author Date Id Revision

File size: 20.5 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2005-10-22 09:53:12 +0000 (Sat, 22 Oct 2005) $
10	// \| last modifier : $Author: plg $
11	// \| revision : $Revision: 906 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	/**
29	* Add users and manage users list
30	*/
31
32	// +-----------------------------------------------------------------------+
33	// \| functions \|
34	// +-----------------------------------------------------------------------+
35
36	/**
37	* returns a list of users depending on page filters (in $_GET)
38	*
39	* Each user comes with his related informations : id, username, mail
40	* address, list of groups.
41	*
42	* @return array
43	*/
44	function get_filtered_user_list()
45	{
46	global $conf, $page;
47
48	$users = array();
49
50	// filter
51	$filter = array();
52
53	if (isset($_GET['username']) and !empty($_GET['username']))
54	{
55	$username = str_replace('*', '%', $_GET['username']);
56	if (function_exists('mysql_real_escape_string'))
57	{
58	$filter['username'] = mysql_real_escape_string($username);
59	}
60	else
61	{
62	$filter['username'] = mysql_escape_string($username);
63	}
64	}
65
66	if (isset($_GET['group'])
67	and -1 != $_GET['group']
68	and is_numeric($_GET['group']))
69	{
70	$filter['group'] = $_GET['group'];
71	}
72
73	if (isset($_GET['status'])
74	and in_array($_GET['status'], get_enums(USER_INFOS_TABLE, 'status')))
75	{
76	$filter['status'] = $_GET['status'];
77	}
78
79	// how to order the list?
80	$order_by = 'id';
81	if (isset($_GET['order_by'])
82	and in_array($_GET['order_by'], array_keys($page['order_by_items'])))
83	{
84	$order_by = $_GET['order_by'];
85	}
86
87	$direction = 'ASC';
88	if (isset($_GET['direction'])
89	and in_array($_GET['direction'], array_keys($page['direction_items'])))
90	{
91	$direction = strtoupper($_GET['direction']);
92	}
93
94	// search users depending on filters and order
95	$query = '
96	SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
97	u.'.$conf['user_fields']['username'].' AS username,
98	u.'.$conf['user_fields']['email'].' AS email,
99	ui.status
100	FROM '.USERS_TABLE.' AS u
101	INNER JOIN '.USER_INFOS_TABLE.' AS ui
102	ON u.'.$conf['user_fields']['id'].' = ui.user_id
103	LEFT JOIN '.USER_GROUP_TABLE.' AS ug
104	ON u.'.$conf['user_fields']['id'].' = ug.user_id
105	WHERE u.'.$conf['user_fields']['id'].' != '.$conf['guest_id'];
106	if (isset($filter['username']))
107	{
108	$query.= '
109	AND u.'.$conf['user_fields']['username'].' LIKE \''.$filter['username'].'\'';
110	}
111	if (isset($filter['group']))
112	{
113	$query.= '
114	AND ug.group_id = '.$filter['group'];
115	}
116	if (isset($filter['status']))
117	{
118	$query.= '
119	AND ui.status = \''.$filter['status']."'";
120	}
121	$query.= '
122	ORDER BY '.$order_by.' '.$direction.'
123	;';
124
125	$result = pwg_query($query);
126	while ($row = mysql_fetch_array($result))
127	{
128	$user = $row;
129	$user['groups'] = array();
130
131	array_push($users, $user);
132	}
133
134	// add group lists
135	$user_ids = array();
136	foreach ($users as $i => $user)
137	{
138	$user_ids[$i] = $user['id'];
139	}
140	$user_nums = array_flip($user_ids);
141
142	if (count($user_ids) > 0)
143	{
144	$query = '
145	SELECT user_id, group_id
146	FROM '.USER_GROUP_TABLE.'
147	WHERE user_id IN ('.implode(',', $user_ids).')
148	;';
149	$result = pwg_query($query);
150	while ($row = mysql_fetch_array($result))
151	{
152	array_push(
153	$users[$user_nums[$row['user_id']]]['groups'],
154	$row['group_id']
155	);
156	}
157	}
158
159	return $users;
160	}
161
162	// +-----------------------------------------------------------------------+
163	// \| initialization \|
164	// +-----------------------------------------------------------------------+
165
166	if (!defined('PHPWG_ROOT_PATH'))
167	{
168	die('Hacking attempt!');
169	}
170	include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php');
171
172	$page['order_by_items'] = array(
173	'id' => $lang['registration_date'],
174	'username' => $lang['Username']
175	);
176
177	$page['direction_items'] = array(
178	'asc' => $lang['ascending'],
179	'desc' => $lang['descending']
180	);
181
182	$page['filtered_users'] = get_filtered_user_list();
183
184	// +-----------------------------------------------------------------------+
185	// \| add a user \|
186	// +-----------------------------------------------------------------------+
187
188	if (isset($_POST['submit_add']))
189	{
190	$page['errors'] = register_user($_POST['login'], $_POST['password'], '');
191
192	if (count($page['errors']) == 0)
193	{
194	array_push(
195	$page['infos'],
196	sprintf(
197	l10n('user "%s" added'),
198	$_POST['login']
199	)
200	);
201	}
202	}
203
204	// +-----------------------------------------------------------------------+
205	// \| selected users \|
206	// +-----------------------------------------------------------------------+
207
208	if (isset($_POST['delete']) or isset($_POST['pref_submit']))
209	{
210	$collection = array();
211
212	switch ($_POST['target'])
213	{
214	case 'all' :
215	{
216	foreach($page['filtered_users'] as $local_user)
217	{
218	array_push($collection, $local_user['id']);
219	}
220	break;
221	}
222	case 'selection' :
223	{
224	if (isset($_POST['selection']))
225	{
226	$collection = $_POST['selection'];
227	}
228	break;
229	}
230	}
231
232	if (count($collection) == 0)
233	{
234	array_push($page['errors'], l10n('Select at least one user'));
235	}
236	}
237
238	// +-----------------------------------------------------------------------+
239	// \| delete users \|
240	// +-----------------------------------------------------------------------+
241
242	if (isset($_POST['delete']) and count($collection) > 0)
243	{
244	if (in_array($conf['webmaster_id'], $collection))
245	{
246	array_push($page['errors'], l10n('Webmaster cannot be deleted'));
247	}
248	else
249	{
250	if (isset($_POST['confirm_deletion']) and 1 == $_POST['confirm_deletion'])
251	{
252	foreach ($collection as $user_id)
253	{
254	delete_user($user_id);
255	}
256	array_push(
257	$page['infos'],
258	sprintf(
259	l10n('%d users deleted'),
260	count($collection)
261	)
262	);
263	}
264	else
265	{
266	array_push($page['errors'], l10n('You need to confirm deletion'));
267	}
268	}
269	}
270
271	// +-----------------------------------------------------------------------+
272	// \| preferences form submission \|
273	// +-----------------------------------------------------------------------+
274
275	if (isset($_POST['pref_submit']) and count($collection) > 0)
276	{
277	if (-1 != $_POST['associate'])
278	{
279	$datas = array();
280
281	$query = '
282	SELECT user_id
283	FROM '.USER_GROUP_TABLE.'
284	WHERE group_id = '.$_POST['associate'].'
285	;';
286	$associated = array_from_query($query, 'user_id');
287
288	$associable = array_diff($collection, $associated);
289
290	if (count($associable) > 0)
291	{
292	foreach ($associable as $item)
293	{
294	array_push($datas,
295	array('group_id'=>$_POST['associate'],
296	'user_id'=>$item));
297	}
298
299	mass_inserts(USER_GROUP_TABLE,
300	array('group_id', 'user_id'),
301	$datas);
302	}
303	}
304
305	if (-1 != $_POST['dissociate'])
306	{
307	$query = '
308	DELETE FROM '.USER_GROUP_TABLE.'
309	WHERE group_id = '.$_POST['dissociate'].'
310	AND user_id IN ('.implode(',', $collection).')
311	';
312	pwg_query($query);
313	}
314
315	// properties to set for the collection (a user list)
316	$datas = array();
317	$dbfields = array('primary' => array('user_id'), 'update' => array());
318
319	$formfields =
320	array('nb_image_line', 'nb_line_page', 'template', 'language',
321	'recent_period', 'maxwidth', 'expand', 'show_nb_comments',
322	'maxheight', 'status');
323
324	$true_false_fields = array('expand', 'show_nb_comments');
325
326	foreach ($formfields as $formfield)
327	{
328	// special for true/false fields
329	if (in_array($formfield, $true_false_fields))
330	{
331	$test = $formfield;
332	}
333	else
334	{
335	$test = $formfield.'_action';
336	}
337
338	if ($_POST[$test] != 'leave')
339	{
340	array_push($dbfields['update'], $formfield);
341	}
342	}
343
344	// updating elements is useful only if needed...
345	if (count($dbfields['update']) > 0)
346	{
347	$datas = array();
348
349	foreach ($collection as $user_id)
350	{
351	$data = array();
352	$data['user_id'] = $user_id;
353
354	// TODO : verify if submited values are semanticaly correct
355	foreach ($dbfields['update'] as $dbfield)
356	{
357	// if the action is 'unset', the key won't be in row and
358	// mass_updates function will set this field to NULL
359	if (in_array($dbfield, $true_false_fields)
360	or 'set' == $_POST[$dbfield.'_action'])
361	{
362	$data[$dbfield] = $_POST[$dbfield];
363	}
364	}
365
366	// Webmaster status must not be changed
367	if ($conf['webmaster_id'] == $user_id and isset($data['status']))
368	{
369	$data['status'] = 'admin';
370	}
371
372	array_push($datas, $data);
373	}
374
375	// echo '<pre>';
376	// print_r($datas);
377	// echo '</pre>';
378
379	mass_updates(USER_INFOS_TABLE, $dbfields, $datas);
380	}
381	}
382
383	// +-----------------------------------------------------------------------+
384	// \| groups list \|
385	// +-----------------------------------------------------------------------+
386
387	$groups = array();
388
389	$query = '
390	SELECT id, name
391	FROM '.GROUPS_TABLE.'
392	;';
393	$result = pwg_query($query);
394
395	while ($row = mysql_fetch_array($result))
396	{
397	$groups[$row['id']] = $row['name'];
398	}
399
400	// +-----------------------------------------------------------------------+
401	// \| template init \|
402	// +-----------------------------------------------------------------------+
403
404	$template->set_filenames(array('user_list'=>'admin/user_list.tpl'));
405
406	$base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list');
407
408	if (isset($_GET['start']) and is_numeric($_GET['start']))
409	{
410	$start = $_GET['start'];
411	}
412	else
413	{
414	$start = 0;
415	}
416
417	$template->assign_vars(
418	array(
419	'L_AUTH_USER'=>$lang['permuser_only_private'],
420	'L_GROUP_ADD_USER' => $lang['group_add_user'],
421	'L_SUBMIT'=>$lang['submit'],
422	'L_STATUS'=>$lang['user_status'],
423	'L_PASSWORD' => $lang['password'],
424	'L_EMAIL' => $lang['mail_address'],
425	'L_ORDER_BY' => $lang['order_by'],
426	'L_ACTIONS' => $lang['actions'],
427	'L_PERMISSIONS' => $lang['permissions'],
428	'L_USERS_LIST' => $lang['title_liste_users'],
429	'L_LANGUAGE' => $lang['language'],
430	'L_NB_IMAGE_LINE' => $lang['nb_image_per_row'],
431	'L_NB_LINE_PAGE' => $lang['nb_row_per_page'],
432	'L_TEMPLATE' => $lang['theme'],
433	'L_RECENT_PERIOD' => $lang['recent_period'],
434	'L_EXPAND' => $lang['auto_expand'],
435	'L_SHOW_NB_COMMENTS' => $lang['show_nb_comments'],
436	'L_MAXWIDTH' => $lang['maxwidth'],
437	'L_MAXHEIGHT' => $lang['maxheight'],
438	'L_YES' => $lang['yes'],
439	'L_NO' => $lang['no'],
440	'L_SUBMIT' => $lang['submit'],
441	'L_RESET' => $lang['reset'],
442	'L_DELETE' => $lang['user_delete'],
443	'L_DELETE_HINT' => $lang['user_delete_hint'],
444
445	'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=user_list',
446
447	'F_ADD_ACTION' => $base_url,
448	'F_USERNAME' => @$_GET['username'],
449	'F_FILTER_ACTION' => PHPWG_ROOT_PATH.'admin.php'
450	));
451
452	if (isset($_GET['id']))
453	{
454	$template->assign_block_vars('session', array('ID' => $_GET['id']));
455	}
456
457	foreach ($page['order_by_items'] as $item => $label)
458	{
459	$selected = (isset($_GET['order_by']) and $_GET['order_by'] == $item) ?
460	'selected="selected"' : '';
461	$template->assign_block_vars(
462	'order_by',
463	array(
464	'VALUE' => $item,
465	'CONTENT' => $label,
466	'SELECTED' => $selected
467	));
468	}
469
470	foreach ($page['direction_items'] as $item => $label)
471	{
472	$selected = (isset($_GET['direction']) and $_GET['direction'] == $item) ?
473	'selected="selected"' : '';
474	$template->assign_block_vars(
475	'direction',
476	array(
477	'VALUE' => $item,
478	'CONTENT' => $label,
479	'SELECTED' => $selected
480	));
481	}
482
483	$blockname = 'group_option';
484
485	$template->assign_block_vars(
486	$blockname,
487	array(
488	'VALUE'=> -1,
489	'CONTENT' => '------------',
490	'SELECTED' => ''
491	));
492
493	foreach ($groups as $group_id => $group_name)
494	{
495	$selected = (isset($_GET['group']) and $_GET['group'] == $group_id) ?
496	'selected="selected"' : '';
497	$template->assign_block_vars(
498	$blockname,
499	array(
500	'VALUE' => $group_id,
501	'CONTENT' => $group_name,
502	'SELECTED' => $selected
503	));
504	}
505
506	$blockname = 'status_option';
507
508	$template->assign_block_vars(
509	$blockname,
510	array(
511	'VALUE'=> -1,
512	'CONTENT' => '------------',
513	'SELECTED' => ''
514	));
515
516	foreach (get_enums(USER_INFOS_TABLE, 'status') as $status)
517	{
518	$selected = (isset($_GET['status']) and $_GET['status'] == $status) ?
519	'selected="selected"' : '';
520	$template->assign_block_vars(
521	$blockname,
522	array(
523	'VALUE' => $status,
524	'CONTENT' => $lang['user_status_'.$status],
525	'SELECTED' => $selected
526	));
527	}
528
529	// ---
530	// $user['template'] = $conf['default_template'];
531	// $user['nb_image_line'] = $conf['nb_image_line'];
532	// $user['nb_line_page'] = $conf['nb_line_page'];
533	// $user['language'] = $conf['default_language'];
534	// $user['maxwidth'] = $conf['default_maxwidth'];
535	// $user['maxheight'] = $conf['default_maxheight'];
536	// $user['recent_period'] = $conf['recent_period'];
537	// $user['expand'] = $conf['auto_expand'];
538	// $user['show_nb_comments'] = $conf['show_nb_comments'];
539	// ---
540
541	if (isset($_POST['pref_submit']))
542	{
543	// echo '<pre>'; print_r($_POST); echo '</pre>';
544	$template->assign_vars(
545	array(
546	'NB_IMAGE_LINE' => $_POST['nb_image_line'],
547	'NB_LINE_PAGE' => $_POST['nb_line_page'],
548	'MAXWIDTH' => $_POST['maxwidth'],
549	'MAXHEIGHT' => $_POST['maxheight'],
550	'RECENT_PERIOD' => $_POST['recent_period'],
551	'EXPAND_YES' => 'true' == $_POST['expand'] ? 'checked="checked"' : '',
552	'EXPAND_NO' => 'false' == $_POST['expand'] ? 'checked="checked"' : '',
553	'SHOW_NB_COMMENTS_YES' =>
554	'true' == $_POST['show_nb_comments'] ? 'checked="checked"' : '',
555	'SHOW_NB_COMMENTS_NO' =>
556	'false' == $_POST['show_nb_comments'] ? 'checked="checked"' : ''
557	));
558	}
559	else
560	{
561	$template->assign_vars(
562	array(
563	'NB_IMAGE_LINE' => $conf['nb_image_line'],
564	'NB_LINE_PAGE' => $conf['nb_line_page'],
565	'MAXWIDTH' => @$conf['default_maxwidth'],
566	'MAXHEIGHT' => @$conf['default_maxheight'],
567	'RECENT_PERIOD' => $conf['recent_period'],
568	));
569	}
570
571	$blockname = 'template_option';
572
573	foreach (get_templates() as $pwg_template)
574	{
575	if (isset($_POST['pref_submit']))
576	{
577	$selected = $_POST['template']==$pwg_template ? 'selected="selected"' : '';
578	}
579	else if ($conf['default_template'] == $pwg_template)
580	{
581	$selected = 'selected="selected"';
582	}
583	else
584	{
585	$selected = '';
586	}
587
588	$template->assign_block_vars(
589	$blockname,
590	array(
591	'VALUE'=> $pwg_template,
592	'CONTENT' => $pwg_template,
593	'SELECTED' => $selected
594	));
595	}
596
597	$blockname = 'language_option';
598
599	foreach (get_languages() as $language_code => $language_name)
600	{
601	if (isset($_POST['pref_submit']))
602	{
603	$selected = $_POST['language']==$language_code ? 'selected="selected"':'';
604	}
605	else if ($conf['default_language'] == $language_code)
606	{
607	$selected = 'selected="selected"';
608	}
609	else
610	{
611	$selected = '';
612	}
613
614	$template->assign_block_vars(
615	$blockname,
616	array(
617	'VALUE'=> $language_code,
618	'CONTENT' => $language_name,
619	'SELECTED' => $selected
620	));
621	}
622
623	$blockname = 'pref_status_option';
624
625	foreach (get_enums(USER_INFOS_TABLE, 'status') as $status)
626	{
627	if (isset($_POST['pref_submit']))
628	{
629	$selected = $_POST['status'] == $status ? 'selected="selected"' : '';
630	}
631	else if ('guest' == $status)
632	{
633	$selected = 'selected="selected"';
634	}
635	else
636	{
637	$selected = '';
638	}
639
640	$template->assign_block_vars(
641	$blockname,
642	array(
643	'VALUE' => $status,
644	'CONTENT' => $lang['user_status_'.$status],
645	'SELECTED' => $selected
646	));
647	}
648
649	// associate
650	$blockname = 'associate_option';
651
652	$template->assign_block_vars(
653	$blockname,
654	array(
655	'VALUE'=> -1,
656	'CONTENT' => '------------',
657	'SELECTED' => ''
658	));
659
660	foreach ($groups as $group_id => $group_name)
661	{
662	if (isset($_POST['pref_submit']))
663	{
664	$selected = $_POST['associate'] == $group_id ? 'selected="selected"' : '';
665	}
666	else
667	{
668	$selected = '';
669	}
670
671	$template->assign_block_vars(
672	$blockname,
673	array(
674	'VALUE' => $group_id,
675	'CONTENT' => $group_name,
676	'SELECTED' => $selected
677	));
678	}
679
680	// dissociate
681	$blockname = 'dissociate_option';
682
683	$template->assign_block_vars(
684	$blockname,
685	array(
686	'VALUE'=> -1,
687	'CONTENT' => '------------',
688	'SELECTED' => ''
689	));
690
691	foreach ($groups as $group_id => $group_name)
692	{
693	if (isset($_POST['pref_submit']))
694	{
695	$selected = $_POST['dissociate'] == $group_id ? 'selected="selected"' : '';
696	}
697	else
698	{
699	$selected = '';
700	}
701
702	$template->assign_block_vars(
703	$blockname,
704	array(
705	'VALUE' => $group_id,
706	'CONTENT' => $group_name,
707	'SELECTED' => $selected
708	));
709	}
710
711	// +-----------------------------------------------------------------------+
712	// \| navigation bar \|
713	// +-----------------------------------------------------------------------+
714
715	$url = PHPWG_ROOT_PATH.'admin.php'.get_query_string_diff(array('start'));
716
717	$navbar = create_navigation_bar(
718	$url,
719	count($page['filtered_users']),
720	$start,
721	$conf['users_page'],
722	''
723	);
724
725	$template->assign_vars(array('NAVBAR' => $navbar));
726
727	// +-----------------------------------------------------------------------+
728	// \| user list \|
729	// +-----------------------------------------------------------------------+
730
731	$profile_url = PHPWG_ROOT_PATH.'admin.php?page=profile&user_id=';
732	$perm_url = PHPWG_ROOT_PATH.'admin.php?page=user_perm&user_id=';
733
734	foreach ($page['filtered_users'] as $num => $local_user)
735	{
736	// simulate LIMIT $start, $conf['users_page']
737	if ($num < $start)
738	{
739	continue;
740	}
741	if ($num >= $start + $conf['users_page'])
742	{
743	break;
744	}
745
746	$groups_string = preg_replace(
747	'/(\d+)/e',
748	"\$groups['$1']",
749	implode(
750	', ',
751	$local_user['groups']
752	)
753	);
754
755	if (isset($_POST['pref_submit'])
756	and isset($_POST['selection'])
757	and in_array($local_user['id'], $_POST['selection']))
758	{
759	$checked = 'checked="checked"';
760	}
761	else
762	{
763	$checked = '';
764	}
765
766	$template->assign_block_vars(
767	'user',
768	array(
769	'CLASS' => ($num % 2 == 1) ? 'row2' : 'row1',
770	'ID' => $local_user['id'],
771	'CHECKED' => $checked,
772	'U_MOD' => add_session_id($profile_url.$local_user['id']),
773	'U_PERM' => add_session_id($perm_url.$local_user['id']),
774	'USERNAME' => $local_user['username'],
775	'STATUS' => $lang['user_status_'.$local_user['status']],
776	'EMAIL' => isset($local_user['email']) ? $local_user['email'] : '',
777	'GROUPS' => $groups_string
778	)
779	);
780	}
781
782	// +-----------------------------------------------------------------------+
783	// \| html code display \|
784	// +-----------------------------------------------------------------------+
785
786	$template->assign_var_from_handle('ADMIN_CONTENT', 'user_list');
787	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: