2012-06-04 16:58:40 +02:00
|
|
|
<?php
|
|
|
|
|
/*
|
|
|
|
|
FusionPBX
|
|
|
|
|
Version: MPL 1.1
|
|
|
|
|
|
|
|
|
|
The contents of this file are subject to the Mozilla Public License Version
|
|
|
|
|
1.1 (the "License"); you may not use this file except in compliance with
|
|
|
|
|
the License. You may obtain a copy of the License at
|
|
|
|
|
http://www.mozilla.org/MPL/
|
|
|
|
|
|
|
|
|
|
Software distributed under the License is distributed on an "AS IS" basis,
|
|
|
|
|
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
|
|
|
for the specific language governing rights and limitations under the
|
|
|
|
|
License.
|
|
|
|
|
|
|
|
|
|
The Original Code is FusionPBX
|
|
|
|
|
|
|
|
|
|
The Initial Developer of the Original Code is
|
|
|
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
2019-02-28 11:57:41 +01:00
|
|
|
Portions created by the Initial Developer are Copyright (C) 2008-2019
|
2012-06-04 16:58:40 +02:00
|
|
|
the Initial Developer. All Rights Reserved.
|
|
|
|
|
|
|
|
|
|
Contributor(s):
|
|
|
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
|
|
|
*/
|
2016-10-02 22:30:38 +02:00
|
|
|
|
|
|
|
|
//includes
|
2016-10-05 18:29:30 +02:00
|
|
|
include "root.php";
|
2016-10-02 22:30:38 +02:00
|
|
|
require_once "resources/require.php";
|
|
|
|
|
require_once "resources/check_auth.php";
|
2016-10-05 18:29:30 +02:00
|
|
|
require_once "resources/paging.php";
|
2016-10-02 22:30:38 +02:00
|
|
|
|
|
|
|
|
//check permissions
|
|
|
|
|
if (permission_exists("user_view") || if_group("superadmin")) {
|
|
|
|
|
//access granted
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
echo "access denied";
|
|
|
|
|
exit;
|
|
|
|
|
}
|
2013-06-09 06:32:24 +02:00
|
|
|
|
2016-10-05 18:29:30 +02:00
|
|
|
//add multi-lingual support
|
|
|
|
|
$language = new text;
|
|
|
|
|
$text = $language->get();
|
|
|
|
|
|
|
|
|
|
//include the header
|
|
|
|
|
require_once "resources/header.php";
|
|
|
|
|
$document['title'] = $text['title-user_manager'];
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2019-06-09 04:51:30 +02:00
|
|
|
//get variables used to control the order
|
2019-07-19 23:05:18 +02:00
|
|
|
$order_by = $_GET["order_by"] != '' ? $_GET["order_by"] : 'u.username';
|
2019-06-09 04:51:30 +02:00
|
|
|
$order = $_GET["order"];
|
|
|
|
|
|
2015-03-27 17:18:30 +01:00
|
|
|
//set the variables
|
2019-06-09 04:51:30 +02:00
|
|
|
$search = $_REQUEST["search"];
|
2019-03-02 02:10:59 +01:00
|
|
|
if (strlen($search) > 0) {
|
|
|
|
|
$search = strtolower($search);
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2019-07-19 23:05:18 +02:00
|
|
|
//common where clause
|
|
|
|
|
$sql_where = "where true ";
|
2019-09-25 19:48:21 +02:00
|
|
|
if (!(isset($_GET['show']) && permission_exists('user_all') && $_GET['show'] == 'all')) {
|
2019-07-19 23:05:18 +02:00
|
|
|
$sql_where .= "and u.domain_uuid = :domain_uuid ";
|
2019-06-09 04:51:30 +02:00
|
|
|
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
2015-03-31 08:05:08 +02:00
|
|
|
}
|
2018-12-05 07:25:38 +01:00
|
|
|
if (strlen($search) > 0) {
|
2019-07-19 23:05:18 +02:00
|
|
|
$sql_where .= "and ( ";
|
|
|
|
|
$sql_where .= "lower(username) like :search ";
|
|
|
|
|
$sql_where .= "or lower(groups) like :search ";
|
|
|
|
|
$sql_where .= "or lower(contact_organization) like :search ";
|
|
|
|
|
$sql_where .= "or lower(contact_name_given) like :search ";
|
|
|
|
|
$sql_where .= "or lower(contact_name_family) like :search ";
|
|
|
|
|
$sql_where .= ") ";
|
2019-06-09 04:51:30 +02:00
|
|
|
$parameters['search'] = '%'.$search.'%';
|
|
|
|
|
}
|
2019-08-18 12:59:07 +02:00
|
|
|
$sql_where .= "and ( ";
|
|
|
|
|
$sql_where .= " group_level <= :group_level ";
|
2019-08-18 13:44:06 +02:00
|
|
|
$sql_where .= " or group_level is null ";
|
2019-08-18 12:59:07 +02:00
|
|
|
$sql_where .= ") ";
|
2019-08-18 12:41:09 +02:00
|
|
|
$parameters['group_level'] = $_SESSION['user']['group_level'];
|
2019-07-19 23:05:18 +02:00
|
|
|
|
|
|
|
|
//get the user count from the database
|
|
|
|
|
$sql = "select count(*) from view_users as u ";
|
|
|
|
|
$sql .= $sql_where;
|
2019-06-09 04:51:30 +02:00
|
|
|
$database = new database;
|
|
|
|
|
$num_rows = $database->select($sql, $parameters, 'column');
|
2019-07-19 23:05:18 +02:00
|
|
|
unset($sql);
|
2019-03-02 02:10:59 +01:00
|
|
|
|
|
|
|
|
//prepare for paging
|
2019-07-19 23:05:18 +02:00
|
|
|
$rows_per_page = is_numeric($_SESSION['domain']['paging']['numeric']) ? $_SESSION['domain']['paging']['numeric'] : 50;
|
2018-12-05 07:25:38 +01:00
|
|
|
$param = "search=".escape($search);
|
2019-09-25 19:48:21 +02:00
|
|
|
if (isset($_GET['show']) && permission_exists('user_all') && $_GET['show'] == 'all') {
|
2017-12-09 20:10:56 +01:00
|
|
|
$param .= "&show=all";
|
2015-03-31 08:05:08 +02:00
|
|
|
}
|
2019-10-15 04:52:31 +02:00
|
|
|
if (isset($_GET['page'])) {
|
|
|
|
|
$page = $_GET['page'];
|
|
|
|
|
if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
|
|
|
|
|
list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page);
|
|
|
|
|
$offset = $rows_per_page * $page;
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2019-03-02 02:10:59 +01:00
|
|
|
//get the users from the database
|
2019-08-18 12:41:09 +02:00
|
|
|
$sql = "select u.domain_uuid, u.user_uuid, u.contact_uuid, u.domain_name, u.username, u.user_enabled, ";
|
|
|
|
|
$sql .= "u.contact_organization, u.contact_name_given, u.contact_name_family, u.groups, u.group_level ";
|
2019-07-19 23:05:18 +02:00
|
|
|
$sql .= "from view_users as u ";
|
|
|
|
|
$sql .= $sql_where;
|
|
|
|
|
$sql .= order_by($order_by, $order);
|
|
|
|
|
$sql .= limit_offset($rows_per_page, $offset);
|
2019-06-09 04:51:30 +02:00
|
|
|
$database = new database;
|
|
|
|
|
$users = $database->select($sql, $parameters, 'all');
|
2019-07-19 23:05:18 +02:00
|
|
|
unset($sql, $sql_where, $parameters);
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2015-09-05 05:51:51 +02:00
|
|
|
//page title and description
|
|
|
|
|
echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
|
|
|
|
|
echo "<form method='post' action=''>";
|
|
|
|
|
echo "<tr>\n";
|
2015-09-05 06:06:09 +02:00
|
|
|
echo "<td align='left' width='90%' nowrap='nowrap' valign='top'><b>".$text['header-user_manager']." (".$num_rows.")</b></td>\n";
|
2015-09-05 05:51:51 +02:00
|
|
|
echo "<td align='right' nowrap='nowrap'>";
|
|
|
|
|
if (permission_exists('user_all')) {
|
2019-09-25 19:48:21 +02:00
|
|
|
if (isset($_GET['show']) && $_GET['show'] == 'all') {
|
2016-10-05 18:29:30 +02:00
|
|
|
echo "<input type='button' class='btn' value='".$text['button-back']."' onclick=\"window.location='users.php';\">\n";
|
2017-12-09 20:10:56 +01:00
|
|
|
echo "<input type='hidden' name='show' value='all'>";
|
2015-09-05 05:51:51 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2017-12-09 20:10:56 +01:00
|
|
|
echo "<input type='button' class='btn' value='".$text['button-show_all']."' onclick=\"window.location='users.php?show=all';\">\n";
|
2015-09-05 05:51:51 +02:00
|
|
|
}
|
|
|
|
|
}
|
2018-02-22 17:49:28 +01:00
|
|
|
if (permission_exists('user_import')) {
|
2018-09-28 19:07:07 +02:00
|
|
|
echo "<input type='button' class='btn' alt='".$text['button-import']."' onclick=\"window.location='user_imports.php'\" value='".$text['button-import']."'>\n";
|
2018-02-22 17:49:28 +01:00
|
|
|
}
|
2018-12-05 07:25:38 +01:00
|
|
|
echo "<input type='text' class='txt' style='width: 150px; margin-left: 15px; margin-right: 3px;' name='search' value=\"".escape($search)."\">";
|
2015-09-05 05:51:51 +02:00
|
|
|
echo "<input type='submit' class='btn' name='submit' value='".$text['button-search']."'>";
|
|
|
|
|
echo "</td>";
|
|
|
|
|
echo "</tr>\n";
|
|
|
|
|
echo "</form>";
|
|
|
|
|
|
|
|
|
|
echo "<tr>\n";
|
|
|
|
|
echo "<td align='left' colspan='4'>\n";
|
|
|
|
|
echo $text['description-user_manager']."\n";
|
|
|
|
|
echo "<br />\n";
|
|
|
|
|
echo "<br />\n";
|
|
|
|
|
echo "</td>\n";
|
|
|
|
|
echo "</tr>\n";
|
|
|
|
|
|
2012-06-04 16:58:40 +02:00
|
|
|
//alternate the row style
|
|
|
|
|
$c = 0;
|
|
|
|
|
$row_style["0"] = "row_style0";
|
|
|
|
|
$row_style["1"] = "row_style1";
|
|
|
|
|
|
2018-12-18 06:07:13 +01:00
|
|
|
//show the users
|
2014-06-21 09:04:04 +02:00
|
|
|
echo "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
|
|
|
|
echo "<tr>\n";
|
2019-09-25 19:48:21 +02:00
|
|
|
if (isset($_GET['show']) && permission_exists('user_all') && $_GET['show'] == 'all') {
|
2015-03-31 08:05:08 +02:00
|
|
|
echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, '', '', $param);
|
|
|
|
|
}
|
2013-06-09 06:32:24 +02:00
|
|
|
echo th_order_by('username', $text['label-username'], $order_by, $order);
|
2019-03-02 07:27:34 +01:00
|
|
|
echo th_order_by('groups', $text['label-groups'], $order_by, $order, '', '', $param);
|
|
|
|
|
echo th_order_by('contact_organization', $text['label-organization'], $order_by, $order, '', '', $param);
|
|
|
|
|
echo th_order_by('contact_name_given', $text['label-name'], $order_by, $order, '', '', $param);
|
2019-03-16 10:17:59 +01:00
|
|
|
if (permission_exists('ticket_edit')) {
|
|
|
|
|
echo "<th>".$text['label-tools']."</th>\n";
|
|
|
|
|
}
|
2019-03-20 19:17:41 +01:00
|
|
|
else {
|
|
|
|
|
echo "<th> </th>\n";
|
|
|
|
|
}
|
2015-03-31 08:05:08 +02:00
|
|
|
echo th_order_by('user_enabled', $text['label-enabled'], $order_by, $order, '', '', $param);
|
2014-02-26 03:35:26 +01:00
|
|
|
echo "<td class='list_control_icons'>";
|
2019-10-15 19:40:45 +02:00
|
|
|
if (permission_exists('user_add')) {
|
2019-10-30 00:23:20 +01:00
|
|
|
if (!isset($_SESSION['limit']['users']['numeric']) || (isset($_SESSION['limit']['users']['numeric']) && $num_rows < $_SESSION['limit']['users']['numeric'])) {
|
2016-10-05 18:29:30 +02:00
|
|
|
echo "<a href='user_edit.php' alt='".$text['button-add']."'>".$v_link_label_add."</a>";
|
2015-03-22 09:17:04 +01:00
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
|
|
|
|
echo "</td>\n";
|
2014-06-22 03:16:49 +02:00
|
|
|
echo "</tr>\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2019-07-19 23:05:18 +02:00
|
|
|
if (is_array($users) && sizeof($users) != 0) {
|
2015-09-05 05:51:51 +02:00
|
|
|
foreach($users as $row) {
|
2019-08-18 12:44:17 +02:00
|
|
|
$tr_link = (permission_exists('user_edit')) ? "href='user_edit.php?id=".escape($row['user_uuid'])."'" : null;
|
|
|
|
|
echo "<tr ".$tr_link.">\n";
|
2019-09-25 19:48:21 +02:00
|
|
|
if (isset($_GET['show']) && permission_exists('user_all') && $_GET['show'] == 'all') {
|
2019-08-18 12:44:17 +02:00
|
|
|
echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['domain_name'])."</td>\n";
|
|
|
|
|
}
|
|
|
|
|
echo " <td valign='top' class='".$row_style[$c]."'>";
|
|
|
|
|
if (permission_exists('user_edit')) {
|
|
|
|
|
echo "<a href='user_edit.php?id=".escape($row['user_uuid'])."'>".escape($row['username'])."</a>";
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
echo escape($row['username']);
|
|
|
|
|
}
|
|
|
|
|
echo " </td>\n";
|
|
|
|
|
echo " <td valign='top' class='".$row_style[$c]."'>\n";
|
|
|
|
|
echo " ".$row['groups']." \n";
|
|
|
|
|
echo " </td>\n";
|
2018-12-18 06:07:13 +01:00
|
|
|
|
2019-08-24 05:25:38 +02:00
|
|
|
echo " <td class='".$row_style[$c]."'><a href='/app/contacts/contact_edit.php?id=".urlencode($row['contact_uuid'])."'>".escape($row['contact_organization'])."</a> </td>\n";
|
|
|
|
|
echo " <td class='".$row_style[$c]."'><a href='/app/contacts/contact_edit.php?id=".urlencode($row['contact_uuid'])."'>".escape($row['contact_name_given'])." ".escape($row['contact_name_family'])."</a> </td>\n";
|
2019-03-20 19:17:41 +01:00
|
|
|
|
2019-08-18 12:44:17 +02:00
|
|
|
echo " <td class='".$row_style[$c]."'>\n";
|
|
|
|
|
if (permission_exists('ticket_edit')) {
|
2019-08-24 05:25:38 +02:00
|
|
|
echo " <a href='/app/tickets/tickets.php?user_uuid=".urlencode($row['user_uuid'])."'><span class='fas fa-tags' title='".$text['label-tickets']."'></span></a>\n";
|
2019-08-18 12:44:17 +02:00
|
|
|
}
|
|
|
|
|
echo " </td>\n";
|
|
|
|
|
echo " <td valign='top' class='".$row_style[$c]."'>";
|
|
|
|
|
if ($row['user_enabled'] == 'true') {
|
|
|
|
|
echo $text['option-true'];
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
echo $text['option-false'];
|
|
|
|
|
}
|
|
|
|
|
echo " </td>\n";
|
|
|
|
|
echo " <td valign='top' align='right' class='tr_link_void'>";
|
|
|
|
|
if (permission_exists('user_edit')) {
|
2019-08-24 05:25:38 +02:00
|
|
|
echo "<a href='user_edit.php?id=".urlencode($row['user_uuid'])."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
|
2019-08-18 12:44:17 +02:00
|
|
|
}
|
|
|
|
|
if (permission_exists('user_delete')) {
|
|
|
|
|
if ($_SESSION["user"]["user_uuid"] != $row['user_uuid']) {
|
2019-08-24 05:25:38 +02:00
|
|
|
echo "<a href='user_delete.php?id=".urlencode($row['user_uuid'])."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">".$v_link_label_delete."</a>";
|
2013-08-16 08:27:06 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2019-08-18 12:44:17 +02:00
|
|
|
echo "<span onclick=\"alert('".$text['message-cannot_delete_own_account']."');\">".str_replace("list_control_icon", "list_control_icon_disabled", $v_link_label_delete)."</span>";
|
2013-08-16 08:27:06 +02:00
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
2019-08-18 12:44:17 +02:00
|
|
|
echo " </td>\n";
|
|
|
|
|
echo "</tr>\n";
|
|
|
|
|
$c = $c == 0 ? 1 : 0;
|
2019-07-19 23:05:18 +02:00
|
|
|
}
|
|
|
|
|
unset($users, $row);
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
|
|
|
|
|
echo "<tr>\n";
|
2016-05-21 21:04:31 +02:00
|
|
|
echo "</table>\n";
|
|
|
|
|
echo "<br />\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2016-05-21 21:04:31 +02:00
|
|
|
echo $paging_controls."\n";
|
|
|
|
|
echo "<br /><br />\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2016-10-05 18:29:30 +02:00
|
|
|
//include the footer
|
|
|
|
|
include "resources/footer.php";
|
|
|
|
|
|
2017-12-09 20:10:56 +01:00
|
|
|
?>
|
