set_filenames( array('search'=>'admin/search_username.tpl') ); $template->assign_vars(array( 'USERNAME'=>( !empty($search_match) ) ? strip_tags($search_match) : '', 'L_SEARCH_USERNAME'=>$lang['Find_username'], 'L_SEARCH'=>$lang['search'], 'L_SEARCH_EXPLAIN'=>$lang['search_explain'], 'L_SELECT'=>$lang['Select'], 'L_UPDATE_USERNAME'=>$lang['Look_up_user'], 'L_CLOSE_WINDOW'=>$lang['Close'], 'F_SEARCH_ACTION' => add_session_id($PHP_SELF), )); //----------------------------------------------------------------- form action // // Define initial vars // if ( isset($_POST['mode']) || isset($_GET['mode']) ) { $mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { $mode = ''; } $search_match = ''; if ( isset($_POST['search_username']) ) { $search_match = $_POST['search_username']; } $username_list = ''; if ( !empty($search_match) ) { $username_search = preg_replace('/\*/', '%', trim(strip_tags($search_match))); $sql = "SELECT username FROM " . USERS_TABLE . " WHERE username LIKE '" . str_replace("\'", "''", $username_search) . "' AND id <> ".ANONYMOUS." ORDER BY username"; if ( !($result = pwg_query($sql)) ) { die('Could not obtain search results'); } if ( $row = mysql_fetch_array($result) ) { do { $username_list .= '' . $row['username'] . ''; } while ( $row = mysql_fetch_array($result) ); } else { $username_list .= '' . $lang['No_match']. ''; } mysql_free_result($result); } //------------------------------------------------------------------ users list if ( !empty($username_list)) { $template->assign_block_vars('switch_select_name', array( 'F_USERNAME_OPTIONS'=>$username_list )); } $template->pparse('search'); include(PHPWG_ROOT_PATH.'include/page_tail.php'); ?>