Context Navigation

source: tags/release-1_5_1/admin/user_list.php @ 3870

Last change on this file since 3870 was 932, checked in by plg, 19 years ago
merge trunc r930:931 into branch 1.5 (bug 198 fixed)
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 20.9 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2005-11-12 21:38:43 +0000 (Sat, 12 Nov 2005) $
10	// \| last modifier : $Author: plg $
11	// \| revision : $Revision: 932 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	/**
29	* Add users and manage users list
30	*/
31
32	// +-----------------------------------------------------------------------+
33	// \| functions \|
34	// +-----------------------------------------------------------------------+
35
36	/**
37	* returns a list of users depending on page filters (in $_GET)
38	*
39	* Each user comes with his related informations : id, username, mail
40	* address, list of groups.
41	*
42	* @return array
43	*/
44	function get_filtered_user_list()
45	{
46	global $conf, $page;
47
48	$users = array();
49
50	// filter
51	$filter = array();
52
53	if (isset($_GET['username']) and !empty($_GET['username']))
54	{
55	$username = str_replace('*', '%', $_GET['username']);
56	if (function_exists('mysql_real_escape_string'))
57	{
58	$filter['username'] = mysql_real_escape_string($username);
59	}
60	else
61	{
62	$filter['username'] = mysql_escape_string($username);
63	}
64	}
65
66	if (isset($_GET['group'])
67	and -1 != $_GET['group']
68	and is_numeric($_GET['group']))
69	{
70	$filter['group'] = $_GET['group'];
71	}
72
73	if (isset($_GET['status'])
74	and in_array($_GET['status'], get_enums(USER_INFOS_TABLE, 'status')))
75	{
76	$filter['status'] = $_GET['status'];
77	}
78
79	// how to order the list?
80	$order_by = 'id';
81	if (isset($_GET['order_by'])
82	and in_array($_GET['order_by'], array_keys($page['order_by_items'])))
83	{
84	$order_by = $_GET['order_by'];
85	}
86
87	$direction = 'ASC';
88	if (isset($_GET['direction'])
89	and in_array($_GET['direction'], array_keys($page['direction_items'])))
90	{
91	$direction = strtoupper($_GET['direction']);
92	}
93
94	// search users depending on filters and order
95	$query = '
96	SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
97	u.'.$conf['user_fields']['username'].' AS username,
98	u.'.$conf['user_fields']['email'].' AS email,
99	ui.status
100	FROM '.USERS_TABLE.' AS u
101	INNER JOIN '.USER_INFOS_TABLE.' AS ui
102	ON u.'.$conf['user_fields']['id'].' = ui.user_id
103	LEFT JOIN '.USER_GROUP_TABLE.' AS ug
104	ON u.'.$conf['user_fields']['id'].' = ug.user_id
105	WHERE u.'.$conf['user_fields']['id'].' != '.$conf['guest_id'];
106	if (isset($filter['username']))
107	{
108	$query.= '
109	AND u.'.$conf['user_fields']['username'].' LIKE \''.$filter['username'].'\'';
110	}
111	if (isset($filter['group']))
112	{
113	$query.= '
114	AND ug.group_id = '.$filter['group'];
115	}
116	if (isset($filter['status']))
117	{
118	$query.= '
119	AND ui.status = \''.$filter['status']."'";
120	}
121	$query.= '
122	ORDER BY '.$order_by.' '.$direction.'
123	;';
124
125	$result = pwg_query($query);
126	while ($row = mysql_fetch_array($result))
127	{
128	$user = $row;
129	$user['groups'] = array();
130
131	array_push($users, $user);
132	}
133
134	// add group lists
135	$user_ids = array();
136	foreach ($users as $i => $user)
137	{
138	$user_ids[$i] = $user['id'];
139	}
140	$user_nums = array_flip($user_ids);
141
142	if (count($user_ids) > 0)
143	{
144	$query = '
145	SELECT user_id, group_id
146	FROM '.USER_GROUP_TABLE.'
147	WHERE user_id IN ('.implode(',', $user_ids).')
148	;';
149	$result = pwg_query($query);
150	while ($row = mysql_fetch_array($result))
151	{
152	array_push(
153	$users[$user_nums[$row['user_id']]]['groups'],
154	$row['group_id']
155	);
156	}
157	}
158
159	return $users;
160	}
161
162	// +-----------------------------------------------------------------------+
163	// \| initialization \|
164	// +-----------------------------------------------------------------------+
165
166	if (!defined('PHPWG_ROOT_PATH'))
167	{
168	die('Hacking attempt!');
169	}
170	include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php');
171
172	$page['order_by_items'] = array(
173	'id' => $lang['registration_date'],
174	'username' => $lang['Username']
175	);
176
177	$page['direction_items'] = array(
178	'asc' => $lang['ascending'],
179	'desc' => $lang['descending']
180	);
181
182	// +-----------------------------------------------------------------------+
183	// \| add a user \|
184	// +-----------------------------------------------------------------------+
185
186	if (isset($_POST['submit_add']))
187	{
188	$page['errors'] = register_user($_POST['login'], $_POST['password'], '');
189
190	if (count($page['errors']) == 0)
191	{
192	array_push(
193	$page['infos'],
194	sprintf(
195	l10n('user "%s" added'),
196	$_POST['login']
197	)
198	);
199	}
200	}
201
202	// +-----------------------------------------------------------------------+
203	// \| user list \|
204	// +-----------------------------------------------------------------------+
205
206	$page['filtered_users'] = get_filtered_user_list();
207
208	// +-----------------------------------------------------------------------+
209	// \| selected users \|
210	// +-----------------------------------------------------------------------+
211
212	if (isset($_POST['delete']) or isset($_POST['pref_submit']))
213	{
214	$collection = array();
215
216	switch ($_POST['target'])
217	{
218	case 'all' :
219	{
220	foreach($page['filtered_users'] as $local_user)
221	{
222	array_push($collection, $local_user['id']);
223	}
224	break;
225	}
226	case 'selection' :
227	{
228	if (isset($_POST['selection']))
229	{
230	$collection = $_POST['selection'];
231	}
232	break;
233	}
234	}
235
236	if (count($collection) == 0)
237	{
238	array_push($page['errors'], l10n('Select at least one user'));
239	}
240	}
241
242	// +-----------------------------------------------------------------------+
243	// \| delete users \|
244	// +-----------------------------------------------------------------------+
245
246	if (isset($_POST['delete']) and count($collection) > 0)
247	{
248	if (in_array($conf['webmaster_id'], $collection))
249	{
250	array_push($page['errors'], l10n('Webmaster cannot be deleted'));
251	}
252	else
253	{
254	if (isset($_POST['confirm_deletion']) and 1 == $_POST['confirm_deletion'])
255	{
256	foreach ($collection as $user_id)
257	{
258	delete_user($user_id);
259	}
260	array_push(
261	$page['infos'],
262	sprintf(
263	l10n('%d users deleted'),
264	count($collection)
265	)
266	);
267	}
268	else
269	{
270	array_push($page['errors'], l10n('You need to confirm deletion'));
271	}
272	}
273	}
274
275	// +-----------------------------------------------------------------------+
276	// \| preferences form submission \|
277	// +-----------------------------------------------------------------------+
278
279	if (isset($_POST['pref_submit']) and count($collection) > 0)
280	{
281	if (-1 != $_POST['associate'])
282	{
283	$datas = array();
284
285	$query = '
286	SELECT user_id
287	FROM '.USER_GROUP_TABLE.'
288	WHERE group_id = '.$_POST['associate'].'
289	;';
290	$associated = array_from_query($query, 'user_id');
291
292	$associable = array_diff($collection, $associated);
293
294	if (count($associable) > 0)
295	{
296	foreach ($associable as $item)
297	{
298	array_push($datas,
299	array('group_id'=>$_POST['associate'],
300	'user_id'=>$item));
301	}
302
303	mass_inserts(USER_GROUP_TABLE,
304	array('group_id', 'user_id'),
305	$datas);
306	}
307	}
308
309	if (-1 != $_POST['dissociate'])
310	{
311	$query = '
312	DELETE FROM '.USER_GROUP_TABLE.'
313	WHERE group_id = '.$_POST['dissociate'].'
314	AND user_id IN ('.implode(',', $collection).')
315	';
316	pwg_query($query);
317	}
318
319	// properties to set for the collection (a user list)
320	$datas = array();
321	$dbfields = array('primary' => array('user_id'), 'update' => array());
322
323	$formfields =
324	array('nb_image_line', 'nb_line_page', 'template', 'language',
325	'recent_period', 'maxwidth', 'expand', 'show_nb_comments',
326	'maxheight', 'status');
327
328	$true_false_fields = array('expand', 'show_nb_comments');
329
330	foreach ($formfields as $formfield)
331	{
332	// special for true/false fields
333	if (in_array($formfield, $true_false_fields))
334	{
335	$test = $formfield;
336	}
337	else
338	{
339	$test = $formfield.'_action';
340	}
341
342	if ($_POST[$test] != 'leave')
343	{
344	array_push($dbfields['update'], $formfield);
345	}
346	}
347
348	// updating elements is useful only if needed...
349	if (count($dbfields['update']) > 0)
350	{
351	$datas = array();
352
353	foreach ($collection as $user_id)
354	{
355	$data = array();
356	$data['user_id'] = $user_id;
357
358	// TODO : verify if submited values are semanticaly correct
359	foreach ($dbfields['update'] as $dbfield)
360	{
361	// if the action is 'unset', the key won't be in row and
362	// mass_updates function will set this field to NULL
363	if (in_array($dbfield, $true_false_fields)
364	or 'set' == $_POST[$dbfield.'_action'])
365	{
366	$data[$dbfield] = $_POST[$dbfield];
367	}
368	}
369
370	// Webmaster status must not be changed
371	if ($conf['webmaster_id'] == $user_id and isset($data['status']))
372	{
373	$data['status'] = 'admin';
374	}
375
376	array_push($datas, $data);
377	}
378
379	// echo '<pre>';
380	// print_r($datas);
381	// echo '</pre>';
382
383	mass_updates(USER_INFOS_TABLE, $dbfields, $datas);
384	}
385
386	redirect(
387	PHPWG_ROOT_PATH.
388	'admin.php'.
389	get_query_string_diff(
390	array(
391	'start'
392	)
393	)
394	);
395	}
396
397	// +-----------------------------------------------------------------------+
398	// \| groups list \|
399	// +-----------------------------------------------------------------------+
400
401	$groups = array();
402
403	$query = '
404	SELECT id, name
405	FROM '.GROUPS_TABLE.'
406	;';
407	$result = pwg_query($query);
408
409	while ($row = mysql_fetch_array($result))
410	{
411	$groups[$row['id']] = $row['name'];
412	}
413
414	// +-----------------------------------------------------------------------+
415	// \| template init \|
416	// +-----------------------------------------------------------------------+
417
418	$template->set_filenames(array('user_list'=>'admin/user_list.tpl'));
419
420	$base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list');
421
422	if (isset($_GET['start']) and is_numeric($_GET['start']))
423	{
424	$start = $_GET['start'];
425	}
426	else
427	{
428	$start = 0;
429	}
430
431	$template->assign_vars(
432	array(
433	'L_AUTH_USER'=>$lang['permuser_only_private'],
434	'L_GROUP_ADD_USER' => $lang['group_add_user'],
435	'L_SUBMIT'=>$lang['submit'],
436	'L_STATUS'=>$lang['user_status'],
437	'L_PASSWORD' => $lang['password'],
438	'L_EMAIL' => $lang['mail_address'],
439	'L_ORDER_BY' => $lang['order_by'],
440	'L_ACTIONS' => $lang['actions'],
441	'L_PERMISSIONS' => $lang['permissions'],
442	'L_USERS_LIST' => $lang['title_liste_users'],
443	'L_LANGUAGE' => $lang['language'],
444	'L_NB_IMAGE_LINE' => $lang['nb_image_per_row'],
445	'L_NB_LINE_PAGE' => $lang['nb_row_per_page'],
446	'L_TEMPLATE' => $lang['theme'],
447	'L_RECENT_PERIOD' => $lang['recent_period'],
448	'L_EXPAND' => $lang['auto_expand'],
449	'L_SHOW_NB_COMMENTS' => $lang['show_nb_comments'],
450	'L_MAXWIDTH' => $lang['maxwidth'],
451	'L_MAXHEIGHT' => $lang['maxheight'],
452	'L_YES' => $lang['yes'],
453	'L_NO' => $lang['no'],
454	'L_SUBMIT' => $lang['submit'],
455	'L_RESET' => $lang['reset'],
456	'L_DELETE' => $lang['user_delete'],
457	'L_DELETE_HINT' => $lang['user_delete_hint'],
458
459	'U_HELP' => PHPWG_ROOT_PATH.'/popuphelp.php?page=user_list',
460
461	'F_ADD_ACTION' => $base_url,
462	'F_USERNAME' => @$_GET['username'],
463	'F_FILTER_ACTION' => PHPWG_ROOT_PATH.'admin.php'
464	));
465
466	if (isset($_GET['id']))
467	{
468	$template->assign_block_vars('session', array('ID' => $_GET['id']));
469	}
470
471	foreach ($page['order_by_items'] as $item => $label)
472	{
473	$selected = (isset($_GET['order_by']) and $_GET['order_by'] == $item) ?
474	'selected="selected"' : '';
475	$template->assign_block_vars(
476	'order_by',
477	array(
478	'VALUE' => $item,
479	'CONTENT' => $label,
480	'SELECTED' => $selected
481	));
482	}
483
484	foreach ($page['direction_items'] as $item => $label)
485	{
486	$selected = (isset($_GET['direction']) and $_GET['direction'] == $item) ?
487	'selected="selected"' : '';
488	$template->assign_block_vars(
489	'direction',
490	array(
491	'VALUE' => $item,
492	'CONTENT' => $label,
493	'SELECTED' => $selected
494	));
495	}
496
497	$blockname = 'group_option';
498
499	$template->assign_block_vars(
500	$blockname,
501	array(
502	'VALUE'=> -1,
503	'CONTENT' => '------------',
504	'SELECTED' => ''
505	));
506
507	foreach ($groups as $group_id => $group_name)
508	{
509	$selected = (isset($_GET['group']) and $_GET['group'] == $group_id) ?
510	'selected="selected"' : '';
511	$template->assign_block_vars(
512	$blockname,
513	array(
514	'VALUE' => $group_id,
515	'CONTENT' => $group_name,
516	'SELECTED' => $selected
517	));
518	}
519
520	$blockname = 'status_option';
521
522	$template->assign_block_vars(
523	$blockname,
524	array(
525	'VALUE'=> -1,
526	'CONTENT' => '------------',
527	'SELECTED' => ''
528	));
529
530	foreach (get_enums(USER_INFOS_TABLE, 'status') as $status)
531	{
532	$selected = (isset($_GET['status']) and $_GET['status'] == $status) ?
533	'selected="selected"' : '';
534	$template->assign_block_vars(
535	$blockname,
536	array(
537	'VALUE' => $status,
538	'CONTENT' => $lang['user_status_'.$status],
539	'SELECTED' => $selected
540	));
541	}
542
543	// ---
544	// $user['template'] = $conf['default_template'];
545	// $user['nb_image_line'] = $conf['nb_image_line'];
546	// $user['nb_line_page'] = $conf['nb_line_page'];
547	// $user['language'] = $conf['default_language'];
548	// $user['maxwidth'] = $conf['default_maxwidth'];
549	// $user['maxheight'] = $conf['default_maxheight'];
550	// $user['recent_period'] = $conf['recent_period'];
551	// $user['expand'] = $conf['auto_expand'];
552	// $user['show_nb_comments'] = $conf['show_nb_comments'];
553	// ---
554
555	if (isset($_POST['pref_submit']))
556	{
557	// echo '<pre>'; print_r($_POST); echo '</pre>';
558	$template->assign_vars(
559	array(
560	'NB_IMAGE_LINE' => $_POST['nb_image_line'],
561	'NB_LINE_PAGE' => $_POST['nb_line_page'],
562	'MAXWIDTH' => $_POST['maxwidth'],
563	'MAXHEIGHT' => $_POST['maxheight'],
564	'RECENT_PERIOD' => $_POST['recent_period'],
565	'EXPAND_YES' => 'true' == $_POST['expand'] ? 'checked="checked"' : '',
566	'EXPAND_NO' => 'false' == $_POST['expand'] ? 'checked="checked"' : '',
567	'SHOW_NB_COMMENTS_YES' =>
568	'true' == $_POST['show_nb_comments'] ? 'checked="checked"' : '',
569	'SHOW_NB_COMMENTS_NO' =>
570	'false' == $_POST['show_nb_comments'] ? 'checked="checked"' : ''
571	));
572	}
573	else
574	{
575	$template->assign_vars(
576	array(
577	'NB_IMAGE_LINE' => $conf['nb_image_line'],
578	'NB_LINE_PAGE' => $conf['nb_line_page'],
579	'MAXWIDTH' => @$conf['default_maxwidth'],
580	'MAXHEIGHT' => @$conf['default_maxheight'],
581	'RECENT_PERIOD' => $conf['recent_period'],
582	));
583	}
584
585	$blockname = 'template_option';
586
587	foreach (get_templates() as $pwg_template)
588	{
589	if (isset($_POST['pref_submit']))
590	{
591	$selected = $_POST['template']==$pwg_template ? 'selected="selected"' : '';
592	}
593	else if ($conf['default_template'] == $pwg_template)
594	{
595	$selected = 'selected="selected"';
596	}
597	else
598	{
599	$selected = '';
600	}
601
602	$template->assign_block_vars(
603	$blockname,
604	array(
605	'VALUE'=> $pwg_template,
606	'CONTENT' => $pwg_template,
607	'SELECTED' => $selected
608	));
609	}
610
611	$blockname = 'language_option';
612
613	foreach (get_languages() as $language_code => $language_name)
614	{
615	if (isset($_POST['pref_submit']))
616	{
617	$selected = $_POST['language']==$language_code ? 'selected="selected"':'';
618	}
619	else if ($conf['default_language'] == $language_code)
620	{
621	$selected = 'selected="selected"';
622	}
623	else
624	{
625	$selected = '';
626	}
627
628	$template->assign_block_vars(
629	$blockname,
630	array(
631	'VALUE'=> $language_code,
632	'CONTENT' => $language_name,
633	'SELECTED' => $selected
634	));
635	}
636
637	$blockname = 'pref_status_option';
638
639	foreach (get_enums(USER_INFOS_TABLE, 'status') as $status)
640	{
641	if (isset($_POST['pref_submit']))
642	{
643	$selected = $_POST['status'] == $status ? 'selected="selected"' : '';
644	}
645	else if ('guest' == $status)
646	{
647	$selected = 'selected="selected"';
648	}
649	else
650	{
651	$selected = '';
652	}
653
654	$template->assign_block_vars(
655	$blockname,
656	array(
657	'VALUE' => $status,
658	'CONTENT' => $lang['user_status_'.$status],
659	'SELECTED' => $selected
660	));
661	}
662
663	// associate
664	$blockname = 'associate_option';
665
666	$template->assign_block_vars(
667	$blockname,
668	array(
669	'VALUE'=> -1,
670	'CONTENT' => '------------',
671	'SELECTED' => ''
672	));
673
674	foreach ($groups as $group_id => $group_name)
675	{
676	if (isset($_POST['pref_submit']))
677	{
678	$selected = $_POST['associate'] == $group_id ? 'selected="selected"' : '';
679	}
680	else
681	{
682	$selected = '';
683	}
684
685	$template->assign_block_vars(
686	$blockname,
687	array(
688	'VALUE' => $group_id,
689	'CONTENT' => $group_name,
690	'SELECTED' => $selected
691	));
692	}
693
694	// dissociate
695	$blockname = 'dissociate_option';
696
697	$template->assign_block_vars(
698	$blockname,
699	array(
700	'VALUE'=> -1,
701	'CONTENT' => '------------',
702	'SELECTED' => ''
703	));
704
705	foreach ($groups as $group_id => $group_name)
706	{
707	if (isset($_POST['pref_submit']))
708	{
709	$selected = $_POST['dissociate'] == $group_id ? 'selected="selected"' : '';
710	}
711	else
712	{
713	$selected = '';
714	}
715
716	$template->assign_block_vars(
717	$blockname,
718	array(
719	'VALUE' => $group_id,
720	'CONTENT' => $group_name,
721	'SELECTED' => $selected
722	));
723	}
724
725	// +-----------------------------------------------------------------------+
726	// \| navigation bar \|
727	// +-----------------------------------------------------------------------+
728
729	$url = PHPWG_ROOT_PATH.'admin.php'.get_query_string_diff(array('start'));
730
731	$navbar = create_navigation_bar(
732	$url,
733	count($page['filtered_users']),
734	$start,
735	$conf['users_page'],
736	''
737	);
738
739	$template->assign_vars(array('NAVBAR' => $navbar));
740
741	// +-----------------------------------------------------------------------+
742	// \| user list \|
743	// +-----------------------------------------------------------------------+
744
745	$profile_url = PHPWG_ROOT_PATH.'admin.php?page=profile&user_id=';
746	$perm_url = PHPWG_ROOT_PATH.'admin.php?page=user_perm&user_id=';
747
748	foreach ($page['filtered_users'] as $num => $local_user)
749	{
750	// simulate LIMIT $start, $conf['users_page']
751	if ($num < $start)
752	{
753	continue;
754	}
755	if ($num >= $start + $conf['users_page'])
756	{
757	break;
758	}
759
760	$groups_string = preg_replace(
761	'/(\d+)/e',
762	"\$groups['$1']",
763	implode(
764	', ',
765	$local_user['groups']
766	)
767	);
768
769	if (isset($_POST['pref_submit'])
770	and isset($_POST['selection'])
771	and in_array($local_user['id'], $_POST['selection']))
772	{
773	$checked = 'checked="checked"';
774	}
775	else
776	{
777	$checked = '';
778	}
779
780	$template->assign_block_vars(
781	'user',
782	array(
783	'CLASS' => ($num % 2 == 1) ? 'row2' : 'row1',
784	'ID' => $local_user['id'],
785	'CHECKED' => $checked,
786	'U_MOD' => add_session_id($profile_url.$local_user['id']),
787	'U_PERM' => add_session_id($perm_url.$local_user['id']),
788	'USERNAME' => $local_user['username'],
789	'STATUS' => $lang['user_status_'.$local_user['status']],
790	'EMAIL' => isset($local_user['email']) ? $local_user['email'] : '',
791	'GROUPS' => $groups_string
792	)
793	);
794	}
795
796	// +-----------------------------------------------------------------------+
797	// \| html code display \|
798	// +-----------------------------------------------------------------------+
799
800	$template->assign_var_from_handle('ADMIN_CONTENT', 'user_list');
801	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: