Portions created by the Initial Developer are Copyright (C) 2008-2016 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ //includes include "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; require_once "resources/paging.php"; //check permissions if (permission_exists("user_view") || if_group("superadmin")) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //include the header require_once "resources/header.php"; $document['title'] = $text['title-user_manager']; //set the variables $order_by = check_str($_GET["order_by"]); $order = check_str($_GET["order"]); $search_value = check_str($_REQUEST["search_value"]); //get the list of superadmins $superadmins = superadmin_list($db); //get the users' group(s) from the database $sql = "select "; $sql .= " gu.*, g.domain_uuid as group_domain_uuid "; $sql .= "from "; $sql .= " v_group_users as gu, "; $sql .= " v_groups as g "; $sql .= "where "; $sql .= " gu.group_uuid = g.group_uuid "; if (!(permission_exists('user_all') && $_GET['show'] == 'all')) { $sql .= " and ("; $sql .= " g.domain_uuid = '".$domain_uuid."' "; $sql .= " or g.domain_uuid is null "; $sql .= " ) "; $sql .= " and gu.domain_uuid = '".$domain_uuid."' "; } $sql .= "order by "; $sql .= " g.domain_uuid desc, "; $sql .= " g.group_name asc "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); if (count($result) > 0) { foreach($result as $row) { $user_groups[$row['user_uuid']][] = $row['group_name'].(($row['group_domain_uuid'] != '') ? "@".$_SESSION['domains'][$row['group_domain_uuid']]['domain_name'] : null); } } unset ($sql, $prep_statement); //get total user count from the database $sql = "select count(*) as num_rows from v_users where 1 = 1 "; if (!(permission_exists('user_all') && $_GET['show'] == 'all')) { $sql .= "and domain_uuid = '".$_SESSION['domain_uuid']."' "; } $prep_statement = $db->prepare($sql); if ($prep_statement) { $prep_statement->execute(); $row = $prep_statement->fetch(PDO::FETCH_ASSOC); $total_users = $row['num_rows']; } unset($prep_statement, $row); //get the users from the database (reuse $sql from above) if (strlen($search_value) > 0) { $sql .= "and username = '".$search_value."' "; } if (strlen($order_by) > 0) { $sql .= "order by ".$order_by." ".$order." "; } $prep_statement = $db->prepare($sql); if ($prep_statement) { $prep_statement->execute(); $row = $prep_statement->fetch(PDO::FETCH_ASSOC); if ($row['num_rows'] > 0) { $num_rows = $row['num_rows']; } else { $num_rows = '0'; } } unset ($prep_statement, $result, $sql); $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; $param = "search=".$search_value; if (permission_exists('user_all') && $_GET['show'] == 'all') { $param .= "&show=all"; } $page = $_GET['page']; if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; } list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page); $offset = $rows_per_page * $page; $sql = "select * from v_users where 1 = 1 "; if (!(permission_exists('user_all') && $_GET['show'] == 'all')) { $sql .= "and domain_uuid = '".$_SESSION['domain_uuid']."' "; } if (strlen($search_value) > 0) { $sql .= "and username like '%".$search_value."%' "; } if (strlen($order_by)> 0) { $sql .= "order by ".$order_by." ".$order." "; } else { $sql .= "order by username asc "; } $sql .= " limit ".$rows_per_page." offset ".$offset." "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $users = $prep_statement->fetchAll(PDO::FETCH_NAMED); $user_count = count($users); unset ($prep_statement, $sql); //page title and description echo "\n"; echo ""; echo "\n"; echo "\n"; echo ""; echo "\n"; echo ""; echo "\n"; echo "\n"; echo "\n"; //alternate the row style $c = 0; $row_style["0"] = "row_style0"; $row_style["1"] = "row_style1"; //show the data echo "

".$text['header-user_manager']." (".$num_rows.")	"; if (permission_exists('user_all')) { if ($_GET['show'] == 'all') { echo "\n"; echo ""; } else { echo "\n"; } } if (permission_exists('user_import')) { echo "\n"; } echo ""; echo ""; echo "
\n"; echo $text['description-user_manager']."\n"; echo " \n"; echo " \n"; echo "

\n"; echo "\n"; if (permission_exists('user_all') && $_GET['show'] == 'all') { echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, '', '', $param); } echo th_order_by('username', $text['label-username'], $order_by, $order); echo "\n"; echo th_order_by('user_enabled', $text['label-enabled'], $order_by, $order, '', '', $param); echo "\n"; echo "\n"; if ($user_count > 0) { foreach($users as $row) { if (if_superadmin($superadmins, $row['user_uuid']) && !if_group("superadmin")) { //hide } else { $tr_link = (permission_exists('user_edit')) ? "href='user_edit.php?id=".$row['user_uuid']."'" : null; echo "\n"; if (permission_exists('user_all') && $_GET['show'] == 'all') { echo " \n"; } echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "\n"; if ($c==0) { $c=1; } else { $c=0; } } } //end foreach unset($sql, $users, $user_count); } //end if results echo "\n"; echo "

".$text['label-groups']."	"; if (permission_exists('user_add')) { if ($_SESSION['limit']['users']['numeric'] == '' || ($_SESSION['limit']['users']['numeric'] != '' && $total_users < $_SESSION['limit']['users']['numeric'])) { echo "".$v_link_label_add.""; } } echo "
".$_SESSION['domains'][$row['domain_uuid']]['domain_name']."	"; if (permission_exists('user_edit')) { echo "".$row['username'].""; } else { echo $row['username']; } echo "	"; if (sizeof($user_groups[$row['user_uuid']]) > 0) { echo implode(', ', $user_groups[$row['user_uuid']]); } echo "	"; if ($row['user_enabled'] == 'true') { echo $text['option-true']; } else { echo $text['option-false']; } echo "	"; if (permission_exists('user_edit')) { echo "$v_link_label_edit"; } if (permission_exists('user_delete')) { if ($_SESSION["user"]["user_uuid"] != $row['user_uuid']) { echo "".$v_link_label_delete.""; } else { echo "".str_replace("list_control_icon", "list_control_icon_disabled", $v_link_label_delete).""; } } echo "

\n"; echo "
\n"; echo $paging_controls."\n"; echo "

\n"; //include the footer include "resources/footer.php"; ?>