diff options
Diffstat (limited to '')
-rw-r--r-- | admin.php | 20 | ||||
-rw-r--r-- | admin/user_list.php | 246 |
2 files changed, 259 insertions, 7 deletions
@@ -50,12 +50,18 @@ else if (isset($_GET['user_id'])) if (isset( $_GET['page'] )) switch ( $_GET['page'] ) { - case 'user_list': - $title = $lang['title_liste_users']; $page_valide = true; break; - case 'profile': - $title = $lang['title_user_modify']; - $page_valide = true; - break; + case 'user_list' : + { + $title = $lang['title_liste_users']; + $page_valide = true; + break; + } + case 'profile' : + { + $title = $lang['title_user_modify']; + $page_valide = true; + break; + } case 'user_perm': $title = $lang['title_user_perm'].' '.$username; $page_valide = true; break; @@ -248,7 +254,7 @@ $template->assign_vars(array( 'U_COMMENTS'=>add_session_id($link_start.'comments' ), 'U_CADDIE'=>add_session_id($link_start.'element_set&cat=caddie'), 'U_THUMBNAILS'=>add_session_id($link_start.'thumbnail' ), - 'U_USERS'=>add_session_id($link_start.'profile' ), + 'U_USERS'=>add_session_id($link_start.'user_list' ), 'U_GROUPS'=>add_session_id($link_start.'group_list' ), 'U_USERS_AUTH'=>add_session_id($link_start.'user_perm' ), 'U_GROUPS_AUTH'=>add_session_id($link_start.'group_perm'), diff --git a/admin/user_list.php b/admin/user_list.php new file mode 100644 index 000000000..8e50f9c02 --- /dev/null +++ b/admin/user_list.php @@ -0,0 +1,246 @@ +<?php +// +-----------------------------------------------------------------------+ +// | PhpWebGallery - a PHP based picture gallery | +// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net | +// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | +// +-----------------------------------------------------------------------+ +// | branch : BSF (Best So Far) +// | file : $RCSfile$ +// | last update : $Date$ +// | last modifier : $Author$ +// | revision : $Revision$ +// +-----------------------------------------------------------------------+ +// | This program is free software; you can redistribute it and/or modify | +// | it under the terms of the GNU General Public License as published by | +// | the Free Software Foundation | +// | | +// | This program is distributed in the hope that it will be useful, but | +// | WITHOUT ANY WARRANTY; without even the implied warranty of | +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | +// | General Public License for more details. | +// | | +// | You should have received a copy of the GNU General Public License | +// | along with this program; if not, write to the Free Software | +// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | +// | USA. | +// +-----------------------------------------------------------------------+ + +/** + * Add users and manage users list + */ + +// +-----------------------------------------------------------------------+ +// | initialization | +// +-----------------------------------------------------------------------+ + +if (!defined('PHPWG_ROOT_PATH')) +{ + die('Hacking attempt!'); +} +include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php'); + +// +-----------------------------------------------------------------------+ +// | add a user | +// +-----------------------------------------------------------------------+ + +if (isset($_POST['submit_add'])) +{ + $errors = register_user($_POST['login'], + $_POST['password'], + $_POST['password'], + ''); +} + +// +-----------------------------------------------------------------------+ +// | template init | +// +-----------------------------------------------------------------------+ + +$template->set_filenames(array('user_list'=>'admin/user_list.tpl')); + +$base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list'); + +$conf['users_page'] = 20; + +if (isset($_GET['start']) and is_numeric($_GET['start'])) +{ + $start = $_GET['start']; +} +else +{ + $start = 0; +} + +$template->assign_vars( + array( + 'L_AUTH_USER'=>$lang['permuser_only_private'], + 'L_GROUP_ADD_USER' => $lang['group_add_user'], + 'L_SUBMIT'=>$lang['submit'], + 'L_STATUS'=>$lang['user_status'], + 'L_USERNAME' => $lang['login'], + 'L_PASSWORD' => $lang['password'], + 'L_EMAIL' => $lang['mail_address'], + 'L_ORDER_BY' => $lang['order_by'], + 'L_ACTIONS' => $lang['actions'], + 'L_PERMISSIONS' => $lang['permissions'], + 'L_USERS_LIST' => $lang['title_liste_users'], + + 'F_ADD_ACTION' => $base_url, + 'F_USERNAME' => @$_GET['username'], + 'F_FILTER_ACTION' => PHPWG_ROOT_PATH.'admin.php' + )); + +if (isset($_GET['id'])) +{ + $template->assign_block_vars('session', array('ID' => $_GET['id'])); +} + +$order_by_items = array('id' => $lang['registration_date'], + 'username' => $lang['login']); + +foreach ($order_by_items as $item => $label) +{ + $selected = (isset($_GET['order_by']) and $_GET['order_by'] == $item) ? + 'selected="selected"' : ''; + $template->assign_block_vars( + 'order_by', + array( + 'VALUE' => $item, + 'CONTENT' => $label, + 'SELECTED' => $selected + )); +} + +$direction_items = array('asc' => $lang['ascending'], + 'desc' => $lang['descending']); + +foreach ($direction_items as $item => $label) +{ + $selected = (isset($_GET['direction']) and $_GET['direction'] == $item) ? + 'selected="selected"' : ''; + $template->assign_block_vars( + 'direction', + array( + 'VALUE' => $item, + 'CONTENT' => $label, + 'SELECTED' => $selected + )); +} + +// +-----------------------------------------------------------------------+ +// | filter | +// +-----------------------------------------------------------------------+ + +$username = !empty($_GET['username']) ? $_GET['username'] : '%'; +$username = str_replace('*', '%', $username); +if (function_exists('mysql_real_escape_string')) +{ + $username = mysql_real_escape_string($username); +} +else +{ + $username = mysql_escape_string($username); +} +$username = !empty($username) ? $username : '%'; + +// +-----------------------------------------------------------------------+ +// | navigation bar | +// +-----------------------------------------------------------------------+ + +$query = ' +SELECT count(*) + FROM '.USERS_TABLE.' + WHERE id != 2 + AND username LIKE \''.$username.'\' +;'; +list($counter) = mysql_fetch_row(pwg_query($query)); + +$url = PHPWG_ROOT_PATH.'admin.php'.get_query_string_diff(array('start')); + +$navbar = create_navigation_bar($url, + $counter, + $start, + $conf['users_page'], + ''); + +$template->assign_vars(array('NAVBAR' => $navbar)); + +// +-----------------------------------------------------------------------+ +// | user list | +// +-----------------------------------------------------------------------+ + +$profile_url = PHPWG_ROOT_PATH.'admin.php?page=profile&user_id='; +$perm_url = PHPWG_ROOT_PATH.'admin.php?page=user_perm&user_id='; + +$users = array(); +$user_ids = array(); +$groups_content = array(); + +$order_by = 'id'; +if (isset($_GET['order_by']) + and in_array($_GET['order_by'], array_keys($order_by_items))) +{ + $order_by = $_GET['order_by']; +} + +$direction = 'ASC'; +if (isset($_GET['direction']) + and in_array($_GET['direction'], array_keys($direction_items))) +{ + $direction = strtoupper($_GET['direction']); +} + +$query = ' +SELECT id, username, mail_address, status + FROM '.USERS_TABLE.' + WHERE id != 2 + AND username LIKE \''.$username.'\' + ORDER BY '.$order_by.' '.$direction.' + LIMIT '.$start.', '.$conf['users_page'].' +;'; +$result = pwg_query($query); +while ($row = mysql_fetch_array($result)) +{ + array_push($users, $row); + array_push($user_ids, $row['id']); + $user_groups[$row['id']] = array(); +} + +if (count($user_ids) > 0) +{ + $query = ' +SELECT user_id, group_id, name + FROM '.USER_GROUP_TABLE.' INNER JOIN '.GROUPS_TABLE.' ON group_id = id + WHERE user_id IN ('.implode(',', $user_ids).') +;'; + $result = pwg_query($query); + while ($row = mysql_fetch_array($result)) + { + $groups_content[$row['group_id']] = $row['name']; + array_push($user_groups[$row['user_id']], $row['group_id']); + } + + foreach ($users as $item) + { + $groups = preg_replace('/(\d+)/e', + "\$groups_content['$1']", + implode(', ', $user_groups[$item['id']])); + + $template->assign_block_vars( + 'user', + array( + 'U_MOD'=>add_session_id($profile_url.$item['id']), + 'U_PERM'=>add_session_id($perm_url.$item['id']), + 'USERNAME'=>$item['username'], + 'STATUS'=>$lang['user_status_'.$item['status']], + 'EMAIL'=>isset($item['mail_address']) ? $item['mail_address'] : '', + 'GROUPS'=>$groups + )); + } +} + +// +-----------------------------------------------------------------------+ +// | html code display | +// +-----------------------------------------------------------------------+ + +$template->assign_var_from_handle('ADMIN_CONTENT', 'user_list'); +?> |