<?php
// +-----------------------------------------------------------------------+
// | PhpWebGallery - a PHP based picture gallery                           |
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch        : BSF (Best So Far)
// | file          : $RCSfile$
// | last update   : $Date$
// | last modifier : $Author$
// | revision      : $Revision$
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify  |
// | it under the terms of the GNU General Public License as published by  |
// | the Free Software Foundation                                          |
// |                                                                       |
// | This program is distributed in the hope that it will be useful, but   |
// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
// | General Public License for more details.                              |
// |                                                                       |
// | You should have received a copy of the GNU General Public License     |
// | along with this program; if not, write to the Free Software           |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA.                                                                  |
// +-----------------------------------------------------------------------+

/**
 * Add users and manage users list
 */

// +-----------------------------------------------------------------------+
// |                           initialization                              |
// +-----------------------------------------------------------------------+

if (!defined('PHPWG_ROOT_PATH'))
{
  die('Hacking attempt!');
}
include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php');

// +-----------------------------------------------------------------------+
// |                              add a user                               |
// +-----------------------------------------------------------------------+

if (isset($_POST['submit_add']))
{
  $errors = register_user($_POST['login'],
                          $_POST['password'],
                          $_POST['password'],
                          '');
}

// +-----------------------------------------------------------------------+
// |                             template init                             |
// +-----------------------------------------------------------------------+

$template->set_filenames(array('user_list'=>'admin/user_list.tpl'));

$base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list');

$conf['users_page'] = 20;

if (isset($_GET['start']) and is_numeric($_GET['start']))
{
  $start = $_GET['start'];
}
else
{
  $start = 0;
}

$template->assign_vars(
  array(
    'L_AUTH_USER'=>$lang['permuser_only_private'],
    'L_GROUP_ADD_USER' => $lang['group_add_user'],
    'L_SUBMIT'=>$lang['submit'],
    'L_STATUS'=>$lang['user_status'],
    'L_USERNAME' => $lang['login'],
    'L_PASSWORD' => $lang['password'],
    'L_EMAIL' => $lang['mail_address'],
    'L_ORDER_BY' => $lang['order_by'],
    'L_ACTIONS' => $lang['actions'],
    'L_PERMISSIONS' => $lang['permissions'],
    'L_USERS_LIST' => $lang['title_liste_users'],
    
    'F_ADD_ACTION' => $base_url,
    'F_USERNAME' => @$_GET['username'],
    'F_FILTER_ACTION' => PHPWG_ROOT_PATH.'admin.php'
    ));

if (isset($_GET['id']))
{
  $template->assign_block_vars('session', array('ID' => $_GET['id']));
}

$order_by_items = array('id' => $lang['registration_date'],
                        'username' => $lang['login']);

foreach ($order_by_items as $item => $label)
{
  $selected = (isset($_GET['order_by']) and $_GET['order_by'] == $item) ?
    'selected="selected"' : '';
  $template->assign_block_vars(
    'order_by',
    array(
      'VALUE' => $item,
      'CONTENT' => $label,
      'SELECTED' => $selected
      ));
}

$direction_items = array('asc' => $lang['ascending'],
                         'desc' => $lang['descending']);

foreach ($direction_items as $item => $label)
{
  $selected = (isset($_GET['direction']) and $_GET['direction'] == $item) ?
    'selected="selected"' : '';
  $template->assign_block_vars(
    'direction',
    array(
      'VALUE' => $item,
      'CONTENT' => $label,
        'SELECTED' => $selected
      ));
}

// +-----------------------------------------------------------------------+
// |                                 filter                                |
// +-----------------------------------------------------------------------+

$username = !empty($_GET['username']) ? $_GET['username'] : '%';
$username = str_replace('*', '%', $username);
if (function_exists('mysql_real_escape_string'))
{
  $username = mysql_real_escape_string($username);
}
else
{
  $username = mysql_escape_string($username);
}
$username = !empty($username) ? $username : '%';

// +-----------------------------------------------------------------------+
// |                            navigation bar                             |
// +-----------------------------------------------------------------------+

$query = '
SELECT count(*)
  FROM '.USERS_TABLE.'
  WHERE id != 2
    AND username LIKE \''.$username.'\'
;';
list($counter) = mysql_fetch_row(pwg_query($query));

$url = PHPWG_ROOT_PATH.'admin.php'.get_query_string_diff(array('start'));

$navbar = create_navigation_bar($url,
                                $counter,
                                $start,
                                $conf['users_page'],
                                '');

$template->assign_vars(array('NAVBAR' => $navbar));

// +-----------------------------------------------------------------------+
// |                               user list                               |
// +-----------------------------------------------------------------------+

$profile_url = PHPWG_ROOT_PATH.'admin.php?page=profile&amp;user_id=';
$perm_url = PHPWG_ROOT_PATH.'admin.php?page=user_perm&amp;user_id=';

$users = array();
$user_ids = array();
$groups_content = array();

$order_by = 'id';
if (isset($_GET['order_by'])
    and in_array($_GET['order_by'], array_keys($order_by_items)))
{
  $order_by = $_GET['order_by'];
}

$direction = 'ASC';
if (isset($_GET['direction'])
    and in_array($_GET['direction'], array_keys($direction_items)))
{
  $direction = strtoupper($_GET['direction']);
}

$query = '
SELECT id, username, mail_address, status
  FROM '.USERS_TABLE.'
  WHERE id != 2
    AND username LIKE \''.$username.'\'
  ORDER BY '.$order_by.' '.$direction.'
  LIMIT '.$start.', '.$conf['users_page'].'
;';
$result = pwg_query($query);
while ($row = mysql_fetch_array($result))
{
  array_push($users, $row);
  array_push($user_ids, $row['id']);
  $user_groups[$row['id']] = array();
}

if (count($user_ids) > 0)
{
  $query = '
SELECT user_id, group_id, name
  FROM '.USER_GROUP_TABLE.' INNER JOIN '.GROUPS_TABLE.' ON group_id = id
  WHERE user_id IN ('.implode(',', $user_ids).')
;';
  $result = pwg_query($query);
  while ($row = mysql_fetch_array($result))
  {
    $groups_content[$row['group_id']] = $row['name'];
    array_push($user_groups[$row['user_id']], $row['group_id']);
  }

  foreach ($users as $item)
  {
    $groups = preg_replace('/(\d+)/e',
                           "\$groups_content['$1']",
                           implode(', ', $user_groups[$item['id']]));
    
    $template->assign_block_vars(
      'user',
      array(
        'U_MOD'=>add_session_id($profile_url.$item['id']),
        'U_PERM'=>add_session_id($perm_url.$item['id']),
        'USERNAME'=>$item['username'],
        'STATUS'=>$lang['user_status_'.$item['status']],
        'EMAIL'=>isset($item['mail_address']) ? $item['mail_address'] : '',
        'GROUPS'=>$groups
        ));
  }
}

// +-----------------------------------------------------------------------+
// |                           html code display                           |
// +-----------------------------------------------------------------------+

$template->assign_var_from_handle('ADMIN_CONTENT', 'user_list');
?>