set_filenames( array('search'=>'admin/search_username.tpl') );
$template->assign_vars(array(
'USERNAME'=>( !empty($search_match) ) ? strip_tags($search_match) : '',
'L_SEARCH_USERNAME'=>$lang['Find_username'],
'L_SEARCH'=>$lang['search'],
'L_SEARCH_EXPLAIN'=>$lang['search_explain'],
'L_SELECT'=>$lang['Select'],
'L_UPDATE_USERNAME'=>$lang['Look_up_user'],
'L_CLOSE_WINDOW'=>$lang['Close'],
'F_SEARCH_ACTION' => add_session_id($_SERVER['PHP_SELF']),
));
//----------------------------------------------------------------- form action
//
// Define initial vars
//
if ( isset($_POST['mode']) || isset($_GET['mode']) )
{
$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
}
$search_match = '';
if ( isset($_POST['search_username']) )
{
$search_match = $_POST['search_username'];
}
$username_list = '';
if ( !empty($search_match) )
{
$username_search = preg_replace('/\*/', '%', trim(strip_tags($search_match)));
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE username LIKE '" . str_replace("\'", "''", $username_search) . "'
AND id <> ".$conf['guest_id']."
ORDER BY username";
if ( !($result = pwg_query($sql)) )
{
die('Could not obtain search results');
}
if ( $row = mysql_fetch_array($result) )
{
do
{
$username_list .= '';
}
while ( $row = mysql_fetch_array($result) );
}
else
{
$username_list .= '';
}
mysql_free_result($result);
}
//------------------------------------------------------------------ users list
if ( !empty($username_list))
{
$template->assign_block_vars('switch_select_name', array(
'F_USERNAME_OPTIONS'=>$username_list
));
}
$template->parse('search');
include(PHPWG_ROOT_PATH.'include/page_tail.php');
?>