2012-06-04 16:58:40 +02:00
|
|
|
<?php
|
|
|
|
|
/*
|
|
|
|
|
FusionPBX
|
|
|
|
|
Version: MPL 1.1
|
|
|
|
|
|
|
|
|
|
The contents of this file are subject to the Mozilla Public License Version
|
|
|
|
|
1.1 (the "License"); you may not use this file except in compliance with
|
|
|
|
|
the License. You may obtain a copy of the License at
|
|
|
|
|
http://www.mozilla.org/MPL/
|
|
|
|
|
|
|
|
|
|
Software distributed under the License is distributed on an "AS IS" basis,
|
|
|
|
|
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
|
|
|
for the specific language governing rights and limitations under the
|
|
|
|
|
License.
|
|
|
|
|
|
|
|
|
|
The Original Code is FusionPBX
|
|
|
|
|
|
|
|
|
|
The Initial Developer of the Original Code is
|
|
|
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
2019-12-04 07:14:19 +01:00
|
|
|
Portions created by the Initial Developer are Copyright (C) 2008 - 2019
|
2012-06-04 16:58:40 +02:00
|
|
|
the Initial Developer. All Rights Reserved.
|
|
|
|
|
|
|
|
|
|
Contributor(s):
|
|
|
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
|
|
|
*/
|
2016-10-02 22:30:38 +02:00
|
|
|
|
|
|
|
|
//includes
|
2019-12-04 07:14:19 +01:00
|
|
|
require_once "root.php";
|
2016-10-02 22:30:38 +02:00
|
|
|
require_once "resources/require.php";
|
|
|
|
|
require_once "resources/check_auth.php";
|
2016-10-05 18:29:30 +02:00
|
|
|
require_once "resources/paging.php";
|
2016-10-02 22:30:38 +02:00
|
|
|
|
|
|
|
|
//check permissions
|
2019-12-04 07:14:19 +01:00
|
|
|
if (permission_exists('user_view')) {
|
2016-10-02 22:30:38 +02:00
|
|
|
//access granted
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
echo "access denied";
|
|
|
|
|
exit;
|
|
|
|
|
}
|
2013-06-09 06:32:24 +02:00
|
|
|
|
2016-10-05 18:29:30 +02:00
|
|
|
//add multi-lingual support
|
|
|
|
|
$language = new text;
|
|
|
|
|
$text = $language->get();
|
|
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
//get the http post data
|
|
|
|
|
if (is_array($_POST['users'])) {
|
|
|
|
|
$action = $_POST['action'];
|
|
|
|
|
$search = $_POST['search'];
|
|
|
|
|
$users = $_POST['users'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//process the http post data by action
|
|
|
|
|
if ($action != '' && is_array($users) && @sizeof($users) != 0) {
|
|
|
|
|
switch ($action) {
|
|
|
|
|
case 'copy':
|
|
|
|
|
if (permission_exists('user_add')) {
|
|
|
|
|
$obj = new users;
|
|
|
|
|
$obj->copy($users);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'toggle':
|
|
|
|
|
if (permission_exists('user_edit')) {
|
|
|
|
|
$obj = new users;
|
|
|
|
|
$obj->toggle($users);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'delete':
|
|
|
|
|
if (permission_exists('user_delete')) {
|
|
|
|
|
$obj = new users;
|
|
|
|
|
$obj->delete($users);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
header('Location: users.php'.($search != '' ? '?search='.urlencode($search) : null));
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//get order and order by
|
|
|
|
|
$order_by = $_GET["order_by"];
|
2019-06-09 04:51:30 +02:00
|
|
|
$order = $_GET["order"];
|
|
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
//add the search string
|
|
|
|
|
if (isset($_GET["search"])) {
|
|
|
|
|
$search = strtolower($_GET["search"]);
|
|
|
|
|
$sql_search = " (";
|
|
|
|
|
$sql_search .= " lower(username) like :search ";
|
|
|
|
|
$sql_search .= " or lower(groups) like :search ";
|
|
|
|
|
$sql_search .= " or lower(contact_organization) like :search ";
|
|
|
|
|
$sql_search .= " or lower(contact_name) like :search ";
|
|
|
|
|
//$sql_search .= " or lower(user_status) like :search ";
|
|
|
|
|
$sql_search .= ") ";
|
2019-06-09 04:51:30 +02:00
|
|
|
$parameters['search'] = '%'.$search.'%';
|
|
|
|
|
}
|
2019-07-19 23:05:18 +02:00
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
//get the count
|
|
|
|
|
$sql = "select count(*) from view_users ";
|
|
|
|
|
if ($_GET['show'] == "all" && permission_exists('user_all')) {
|
|
|
|
|
if (isset($sql_search)) {
|
|
|
|
|
$sql .= "where ".$sql_search;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
|
|
|
|
|
if (isset($sql_search)) {
|
|
|
|
|
$sql .= "and ".$sql_search;
|
|
|
|
|
}
|
|
|
|
|
$parameters['domain_uuid'] = $domain_uuid;
|
|
|
|
|
}
|
2019-12-04 16:45:33 +01:00
|
|
|
$sql .= "and ( ";
|
|
|
|
|
$sql .= " group_level <= :group_level ";
|
|
|
|
|
$sql .= " or group_level is null ";
|
|
|
|
|
$sql .= ") ";
|
|
|
|
|
$parameters['group_level'] = $_SESSION['user']['group_level'];
|
2019-06-09 04:51:30 +02:00
|
|
|
$database = new database;
|
|
|
|
|
$num_rows = $database->select($sql, $parameters, 'column');
|
2019-03-02 02:10:59 +01:00
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
//prepare to page the results
|
|
|
|
|
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
|
|
|
|
|
$param = $search ? "&search=".$search : null;
|
|
|
|
|
$param = ($_GET['show'] == 'all' && permission_exists('user_all')) ? "&show=all" : null;
|
2019-11-26 22:11:20 +01:00
|
|
|
$page = is_numeric($_GET['page']) ? $_GET['page'] : 0;
|
|
|
|
|
list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page);
|
|
|
|
|
list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true);
|
|
|
|
|
$offset = $rows_per_page * $page;
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
//get the list
|
|
|
|
|
$sql = "select * from view_users ";
|
|
|
|
|
if ($_GET['show'] == "all" && permission_exists('user_all')) {
|
|
|
|
|
if (isset($sql_search)) {
|
|
|
|
|
$sql .= "where ".$sql_search;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
|
|
|
|
|
if (isset($sql_search)) {
|
|
|
|
|
$sql .= "and ".$sql_search;
|
|
|
|
|
}
|
|
|
|
|
$parameters['domain_uuid'] = $domain_uuid;
|
|
|
|
|
}
|
2019-12-04 16:45:33 +01:00
|
|
|
$sql .= "and ( ";
|
|
|
|
|
$sql .= " group_level <= :group_level ";
|
|
|
|
|
$sql .= " or group_level is null ";
|
|
|
|
|
$sql .= ") ";
|
|
|
|
|
$parameters['group_level'] = $_SESSION['user']['group_level'];
|
2019-12-04 07:14:19 +01:00
|
|
|
$sql .= order_by($order_by, $order, 'username', 'asc');
|
2019-07-19 23:05:18 +02:00
|
|
|
$sql .= limit_offset($rows_per_page, $offset);
|
2019-06-09 04:51:30 +02:00
|
|
|
$database = new database;
|
|
|
|
|
$users = $database->select($sql, $parameters, 'all');
|
2019-12-04 07:14:19 +01:00
|
|
|
unset($sql, $parameters);
|
|
|
|
|
|
|
|
|
|
//create token
|
|
|
|
|
$object = new token;
|
|
|
|
|
$token = $object->create($_SERVER['PHP_SELF']);
|
|
|
|
|
|
|
|
|
|
//include the header
|
|
|
|
|
require_once "resources/header.php";
|
|
|
|
|
|
|
|
|
|
//show the content
|
|
|
|
|
echo "<div class='action_bar' id='action_bar'>\n";
|
|
|
|
|
echo " <div class='heading'><b>".$text['title-users']." (".$num_rows.")</b></div>\n";
|
|
|
|
|
echo " <div class='actions'>\n";
|
|
|
|
|
if (permission_exists('user_add')) {
|
|
|
|
|
echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'link'=>'user_edit.php']);
|
|
|
|
|
}
|
|
|
|
|
if (permission_exists('user_add') && $users) {
|
|
|
|
|
echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'onclick'=>"if (confirm('".$text['confirm-copy']."')) { list_action_set('copy'); list_form_submit('form_list'); } else { this.blur(); return false; }"]);
|
|
|
|
|
}
|
|
|
|
|
if (permission_exists('user_edit') && $users) {
|
|
|
|
|
echo button::create(['type'=>'button','label'=>$text['button-toggle'],'icon'=>$_SESSION['theme']['button_icon_toggle'],'onclick'=>"if (confirm('".$text['confirm-toggle']."')) { list_action_set('toggle'); list_form_submit('form_list'); } else { this.blur(); return false; }"]);
|
|
|
|
|
}
|
|
|
|
|
if (permission_exists('user_delete') && $users) {
|
|
|
|
|
echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'onclick'=>"if (confirm('".$text['confirm-delete']."')) { list_action_set('delete'); list_form_submit('form_list'); } else { this.blur(); return false; }"]);
|
|
|
|
|
}
|
|
|
|
|
echo "<form id='form_search' class='inline' method='get'>\n";
|
2015-09-05 05:51:51 +02:00
|
|
|
if (permission_exists('user_all')) {
|
2019-12-04 07:14:19 +01:00
|
|
|
if ($_GET['show'] == 'all') {
|
|
|
|
|
echo " <input type='hidden' name='show' value='all'>\n";
|
2015-09-05 05:51:51 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2019-12-04 07:14:19 +01:00
|
|
|
echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$_SESSION['theme']['button_icon_all'],'link'=>'?show=all']);
|
2015-09-05 05:51:51 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
//add buttons
|
|
|
|
|
if (!isset($id)) {
|
|
|
|
|
echo " <input type='button' class='btn' name='' alt='".$text['button-import']."' onclick='window.location=\"user_imports.php\"' value='".$text['button-import']."'>";
|
|
|
|
|
}
|
|
|
|
|
echo "<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown='list_search_reset();'>";
|
|
|
|
|
echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search','style'=>($search != '' ? 'display: none;' : null)]);
|
|
|
|
|
echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','link'=>'users.php','style'=>($search == '' ? 'display: none;' : null)]);
|
|
|
|
|
if ($paging_controls_mini != '') {
|
|
|
|
|
echo "<span style='margin-left: 15px;'>".$paging_controls_mini."</span>\n";
|
|
|
|
|
}
|
|
|
|
|
echo " </form>\n";
|
|
|
|
|
echo " </div>\n";
|
|
|
|
|
echo " <div style='clear: both;'></div>\n";
|
|
|
|
|
echo "</div>\n";
|
2015-09-05 05:51:51 +02:00
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
echo $text['description-users']."\n";
|
|
|
|
|
echo "<br /><br />\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
echo "<form id='form_list' method='post'>\n";
|
|
|
|
|
echo "<input type='hidden' id='action' name='action' value=''>\n";
|
|
|
|
|
echo "<input type='hidden' name='search' value=\"".escape($search)."\">\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
echo "<table class='list'>\n";
|
|
|
|
|
echo "<tr class='list-header'>\n";
|
|
|
|
|
if (permission_exists('user_add') || permission_exists('user_edit') || permission_exists('user_delete')) {
|
|
|
|
|
echo " <th class='checkbox'>\n";
|
|
|
|
|
echo " <input type='checkbox' id='checkbox_all' name='checkbox_all' onclick='list_all_toggle();' ".($users ?: "style='visibility: hidden;'").">\n";
|
|
|
|
|
echo " </th>\n";
|
2019-03-16 10:17:59 +01:00
|
|
|
}
|
2019-12-04 07:14:19 +01:00
|
|
|
if ($_GET['show'] == 'all' && permission_exists('user_all')) {
|
|
|
|
|
echo th_order_by('domain_name', $text['label-domain'], $order_by, $order);
|
2019-03-20 19:17:41 +01:00
|
|
|
}
|
2019-12-04 07:14:19 +01:00
|
|
|
echo th_order_by('username', $text['label-username'], $order_by, $order);
|
|
|
|
|
echo th_order_by('groups', $text['label-groups'], $order_by, $order);
|
|
|
|
|
echo th_order_by('contact_organization', $text['label-organization'], $order_by, $order);
|
|
|
|
|
echo th_order_by('contact_name', $text['label-name'], $order_by, $order);
|
|
|
|
|
//echo th_order_by('contact_name_family', $text['label-contact_name_family'], $order_by, $order);
|
|
|
|
|
//echo th_order_by('user_status', $text['label-user_status'], $order_by, $order);
|
|
|
|
|
//echo th_order_by('add_date', $text['label-add_date'], $order_by, $order);
|
|
|
|
|
echo th_order_by('user_enabled', $text['label-user_enabled'], $order_by, $order, null, "class='center'");
|
|
|
|
|
if (permission_exists('user_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') {
|
|
|
|
|
echo " <td class='action-button'> </td>\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
2014-06-22 03:16:49 +02:00
|
|
|
echo "</tr>\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
if (is_array($users) && @sizeof($users) != 0) {
|
|
|
|
|
$x = 0;
|
|
|
|
|
foreach ($users as $row) {
|
2019-08-18 12:44:17 +02:00
|
|
|
if (permission_exists('user_edit')) {
|
2019-12-04 07:14:19 +01:00
|
|
|
$list_row_url = "user_edit.php?id=".urlencode($row['user_uuid']);
|
2019-08-18 12:44:17 +02:00
|
|
|
}
|
2019-12-04 07:14:19 +01:00
|
|
|
echo "<tr class='list-row' href='".$list_row_url."'>\n";
|
|
|
|
|
if (permission_exists('user_add') || permission_exists('user_edit') || permission_exists('user_delete')) {
|
|
|
|
|
echo " <td class='checkbox'>\n";
|
|
|
|
|
echo " <input type='checkbox' name='users[$x][checked]' id='checkbox_".$x."' value='true' onclick=\"if (!this.checked) { document.getElementById('checkbox_all').checked = false; }\">\n";
|
|
|
|
|
echo " <input type='hidden' name='users[$x][uuid]' value='".escape($row['user_uuid'])."' />\n";
|
|
|
|
|
echo " </td>\n";
|
2019-08-18 12:44:17 +02:00
|
|
|
}
|
2019-12-04 07:14:19 +01:00
|
|
|
if ($_GET['show'] == 'all' && permission_exists('user_all')) {
|
|
|
|
|
echo " <td>".escape($_SESSION['domains'][$row['domain_uuid']]['domain_name'])."</td>\n";
|
2019-08-18 12:44:17 +02:00
|
|
|
}
|
2019-12-04 07:14:19 +01:00
|
|
|
echo " <td>\n";
|
|
|
|
|
if (permission_exists('user_edit')) {
|
|
|
|
|
echo " <a href='".$list_row_url."' title=\"".$text['button-edit']."\">".escape($row['username'])."</a>\n";
|
2019-08-18 12:44:17 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2019-12-04 07:14:19 +01:00
|
|
|
echo " ".escape($row['username']);
|
2019-08-18 12:44:17 +02:00
|
|
|
}
|
2019-12-04 07:14:19 +01:00
|
|
|
echo " </td>\n";
|
|
|
|
|
echo " <td>".escape($row['groups'])."</td>\n";
|
|
|
|
|
echo " <td>".escape($row['contact_organization'])."</td>\n";
|
|
|
|
|
echo " <td>".escape($row['contact_name'])."</td>\n";
|
|
|
|
|
//echo " <td>".escape($row['contact_name_given'])."</td>\n";
|
|
|
|
|
//echo " <td>".escape($row['contact_name_family'])."</td>\n";
|
|
|
|
|
//echo " <td>".escape($row['user_status'])."</td>\n";
|
|
|
|
|
//echo " <td>".escape($row['add_date'])."</td>\n";
|
2019-08-18 12:44:17 +02:00
|
|
|
if (permission_exists('user_edit')) {
|
2019-12-04 07:14:19 +01:00
|
|
|
echo " <td class='no-link center'>\n";
|
|
|
|
|
echo button::create(['type'=>'submit','class'=>'link','label'=>$text['label-'.$row['user_enabled']],'title'=>$text['button-toggle'],'onclick'=>"list_self_check('checkbox_".$x."'); list_action_set('toggle'); list_form_submit('form_list')"]);
|
2019-08-18 12:44:17 +02:00
|
|
|
}
|
2019-12-04 07:14:19 +01:00
|
|
|
else {
|
|
|
|
|
echo " <td class='center'>\n";
|
|
|
|
|
echo $text['label-'.$row['user_enabled']];
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
2019-08-18 12:44:17 +02:00
|
|
|
echo " </td>\n";
|
2019-12-04 07:14:19 +01:00
|
|
|
if (permission_exists('user_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') {
|
|
|
|
|
echo " <td class='action-button'>\n";
|
|
|
|
|
echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]);
|
|
|
|
|
echo " </td>\n";
|
|
|
|
|
}
|
2019-08-18 12:44:17 +02:00
|
|
|
echo "</tr>\n";
|
2019-12-04 07:14:19 +01:00
|
|
|
$x++;
|
2019-07-19 23:05:18 +02:00
|
|
|
}
|
2019-12-04 07:14:19 +01:00
|
|
|
unset($users);
|
2019-07-19 23:05:18 +02:00
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2016-05-21 21:04:31 +02:00
|
|
|
echo "</table>\n";
|
|
|
|
|
echo "<br />\n";
|
2019-12-04 07:14:19 +01:00
|
|
|
echo "<div align='center'>".$paging_controls."</div>\n";
|
|
|
|
|
echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
|
|
|
|
|
echo "</form>\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2016-10-05 18:29:30 +02:00
|
|
|
//include the footer
|
2019-12-04 07:14:19 +01:00
|
|
|
require_once "resources/footer.php";
|
2016-10-05 18:29:30 +02:00
|
|
|
|
2019-12-04 07:14:19 +01:00
|
|
|
?>
|
