Portions created by the Initial Developer are Copyright (C) 2008-2019 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ //includes include "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; require_once "resources/paging.php"; //check permissions if (permission_exists("user_view") || if_group("superadmin")) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //include the header require_once "resources/header.php"; $document['title'] = $text['title-user_manager']; //get variables used to control the order $order_by = $_GET["order_by"] != '' ? $_GET["order_by"] : 'u.username'; $order = $_GET["order"]; //set the variables $search = $_REQUEST["search"]; if (strlen($search) > 0) { $search = strtolower($search); } //get the list of superadmins $superadmins = superadmin_list($db); //common where clause $sql_where = "where true "; if (!(permission_exists('user_all') && $_GET['show'] == 'all')) { $sql_where .= "and u.domain_uuid = :domain_uuid "; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; } if (strlen($search) > 0) { $sql_where .= "and ( "; $sql_where .= "lower(username) like :search "; $sql_where .= "or lower(groups) like :search "; $sql_where .= "or lower(contact_organization) like :search "; $sql_where .= "or lower(contact_name_given) like :search "; $sql_where .= "or lower(contact_name_family) like :search "; $sql_where .= ") "; $parameters['search'] = '%'.$search.'%'; } //get the user count from the database $sql = "select count(*) from view_users as u "; $sql .= $sql_where; $database = new database; $num_rows = $database->select($sql, $parameters, 'column'); unset($sql); //prepare for paging $rows_per_page = is_numeric($_SESSION['domain']['paging']['numeric']) ? $_SESSION['domain']['paging']['numeric'] : 50; $param = "search=".escape($search); if (permission_exists('user_all') && $_GET['show'] == 'all') { $param .= "&show=all"; } $page = $_GET['page']; if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; } list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page); $offset = $rows_per_page * $page; //get the users from the database $sql = "select u.domain_uuid, u.user_uuid, u.contact_uuid, u.domain_name, u.username, u.user_enabled, u.contact_organization, u.contact_name_given, u.contact_name_family, u.groups "; $sql .= "from view_users as u "; $sql .= $sql_where; $sql .= order_by($order_by, $order); $sql .= limit_offset($rows_per_page, $offset); $database = new database; $users = $database->select($sql, $parameters, 'all'); unset($sql, $sql_where, $parameters); //page title and description echo "\n"; echo ""; echo "\n"; echo "\n"; echo ""; echo "\n"; echo ""; echo "\n"; echo "\n"; echo "\n"; //alternate the row style $c = 0; $row_style["0"] = "row_style0"; $row_style["1"] = "row_style1"; //show the users echo "

".$text['header-user_manager']." (".$num_rows.")	"; if (permission_exists('user_all')) { if ($_GET['show'] == 'all') { echo "\n"; echo ""; } else { echo "\n"; } } if (permission_exists('user_import')) { echo "\n"; } echo ""; echo ""; echo "
\n"; echo $text['description-user_manager']."\n"; echo " \n"; echo " \n"; echo "

\n"; echo "\n"; if (permission_exists('user_all') && $_GET['show'] == 'all') { echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, '', '', $param); } echo th_order_by('username', $text['label-username'], $order_by, $order); echo th_order_by('groups', $text['label-groups'], $order_by, $order, '', '', $param); echo th_order_by('contact_organization', $text['label-organization'], $order_by, $order, '', '', $param); echo th_order_by('contact_name_given', $text['label-name'], $order_by, $order, '', '', $param); if (permission_exists('ticket_edit')) { echo "\n"; } else { echo "\n"; } echo th_order_by('user_enabled', $text['label-enabled'], $order_by, $order, '', '', $param); echo "\n"; echo "\n"; if (is_array($users) && sizeof($users) != 0) { foreach($users as $row) { if (if_superadmin($superadmins, $row['user_uuid']) && !if_group("superadmin")) { //hide } else { $tr_link = (permission_exists('user_edit')) ? "href='user_edit.php?id=".escape($row['user_uuid'])."'" : null; echo "\n"; if (permission_exists('user_all') && $_GET['show'] == 'all') { echo " \n"; } echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "\n"; $c = $c == 0 ? 1 : 0; } } unset($users, $row); } echo "\n"; echo "

".$text['label-tools']."		"; if (permission_exists('user_add')) { if ($_SESSION['limit']['users']['numeric'] == '' || ($_SESSION['limit']['users']['numeric'] != '' && $total_users < $_SESSION['limit']['users']['numeric'])) { echo "".$v_link_label_add.""; } } echo "
".escape($row['domain_name'])."	"; if (permission_exists('user_edit')) { echo "".escape($row['username']).""; } else { echo escape($row['username']); } echo "	\n"; echo " ".$row['groups']." \n"; echo "	".$row['contact_organization']."	".$row['contact_name_given']." ".$row['contact_name_family']."	\n"; if (permission_exists('ticket_edit')) { echo " \n"; } echo "	"; if ($row['user_enabled'] == 'true') { echo $text['option-true']; } else { echo $text['option-false']; } echo "	"; if (permission_exists('user_edit')) { echo "$v_link_label_edit"; } if (permission_exists('user_delete')) { if ($_SESSION["user"]["user_uuid"] != $row['user_uuid']) { echo "".$v_link_label_delete.""; } else { echo "".str_replace("list_control_icon", "list_control_icon_disabled", $v_link_label_delete).""; } } echo "

\n"; echo "
\n"; echo $paging_controls."\n"; echo "

\n"; //include the footer include "resources/footer.php"; ?>