Portions created by the Initial Developer are Copyright (C) 2008-2019 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ //includes include "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; require_once "resources/paging.php"; //check permissions if (permission_exists("user_view") || if_group("superadmin")) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //include the header require_once "resources/header.php"; $document['title'] = $text['title-user_manager']; //set the variables $order_by = check_str($_GET["order_by"]); $order = check_str($_GET["order"]); $search = check_str($_REQUEST["search"]); if (strlen($search) > 0) { $search = strtolower($search); } //get the list of superadmins $superadmins = superadmin_list($db); //get the user count from the database $sql = "select count(*) as num_rows from view_users where 1 = 1 "; if (!(permission_exists('user_all') && $_GET['show'] == 'all')) { $sql .= "and domain_uuid = '".$_SESSION['domain_uuid']."' "; } if (strlen($search) > 0) { $sql .= "and (lower(username) like '%".$search."%' \n"; $sql .= "or lower(groups) like '%".$search."%' \n"; $sql .= "or lower(contact_organization) like '%".$search."%' \n"; $sql .= "or lower(contact_name_given) like '%".$search."%' \n"; $sql .= "or lower(contact_name_family) like '%".$search."%') \n"; } $prep_statement = $db->prepare($sql); if ($prep_statement) { $prep_statement->execute(); $row = $prep_statement->fetch(PDO::FETCH_ASSOC); if ($row['num_rows'] > 0) { $num_rows = $row['num_rows']; } else { $num_rows = '0'; } } unset ($prep_statement, $result, $sql); //prepare for paging $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; $param = "search=".escape($search); if (permission_exists('user_all') && $_GET['show'] == 'all') { $param .= "&show=all"; } $page = $_GET['page']; if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; } list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page); $offset = $rows_per_page * $page; //get the users from the database $sql = "select u.domain_uuid, u.user_uuid, u.contact_uuid, u.domain_name, u.username, u.user_enabled, u.contact_organization, u.contact_name_given, u.contact_name_family, u.groups \n"; $sql .= "from view_users as u \n"; $sql .= "where 1 = 1 \n"; if (!(permission_exists('user_all') && $_GET['show'] == 'all')) { $sql .= "and u.domain_uuid = '".$_SESSION['domain_uuid']."' \n"; } if (strlen($search) > 0) { $sql .= "and (lower(username) like '%".$search."%' \n"; $sql .= "or lower(groups) like '%".$search."%' \n"; $sql .= "or lower(contact_organization) like '%".$search."%' \n"; $sql .= "or lower(contact_name_given) like '%".$search."%' \n"; $sql .= "or lower(contact_name_family) like '%".$search."%') \n"; } if (strlen($order_by)> 0) { $sql .= "order by ".$order_by." ".$order." \n"; } else { $sql .= "order by u.username asc \n"; } $sql .= "limit ".$rows_per_page." offset ".$offset." "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $users = $prep_statement->fetchAll(PDO::FETCH_NAMED); //if (!$users) { // echo "

\n";
	//	print_r($prep_statement->errorInfo());
	//	echo "

\n"; // exit; //} unset ($prep_statement, $sql); //page title and description echo "\n"; echo ""; echo "\n"; echo "\n"; echo ""; echo "\n"; echo ""; echo "\n"; echo "\n"; echo "\n"; //alternate the row style $c = 0; $row_style["0"] = "row_style0"; $row_style["1"] = "row_style1"; //show the users echo "

".$text['header-user_manager']." (".$num_rows.")	"; if (permission_exists('user_all')) { if ($_GET['show'] == 'all') { echo "\n"; echo ""; } else { echo "\n"; } } if (permission_exists('user_import')) { echo "\n"; } echo ""; echo ""; echo "
\n"; echo $text['description-user_manager']."\n"; echo " \n"; echo " \n"; echo "

\n"; echo "\n"; if (permission_exists('user_all') && $_GET['show'] == 'all') { echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, '', '', $param); } echo th_order_by('username', $text['label-username'], $order_by, $order); echo th_order_by('groups', $text['label-groups'], $order_by, $order, '', '', $param); echo th_order_by('contact_organization', $text['label-organization'], $order_by, $order, '', '', $param); echo th_order_by('contact_name_given', $text['label-name'], $order_by, $order, '', '', $param); if (permission_exists('ticket_edit')) { echo "\n"; } else { echo "\n"; } echo th_order_by('user_enabled', $text['label-enabled'], $order_by, $order, '', '', $param); echo "\n"; echo "\n"; if (is_array($users)) { foreach($users as $row) { if (if_superadmin($superadmins, $row['user_uuid']) && !if_group("superadmin")) { //hide } else { $tr_link = (permission_exists('user_edit')) ? "href='user_edit.php?id=".escape($row['user_uuid'])."'" : null; echo "\n"; if (permission_exists('user_all') && $_GET['show'] == 'all') { echo " \n"; } echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "\n"; if ($c==0) { $c=1; } else { $c=0; } } } //end foreach unset($sql, $users); } //end if results echo "\n"; echo "

".$text['label-tools']."		"; if (permission_exists('user_add')) { if ($_SESSION['limit']['users']['numeric'] == '' \|\| ($_SESSION['limit']['users']['numeric'] != '' && $total_users < $_SESSION['limit']['users']['numeric'])) { echo "".$v_link_label_add.""; } } echo "
".escape($row['domain_name'])."	"; if (permission_exists('user_edit')) { echo "".escape($row['username']).""; } else { echo escape($row['username']); } echo "	\n"; echo " ".$row['groups']." \n"; echo "	".$row['contact_organization']."	".$row['contact_name_given']." ".$row['contact_name_family']."	\n"; if (permission_exists('ticket_edit')) { echo " \n"; } echo "	"; if ($row['user_enabled'] == 'true') { echo $text['option-true']; } else { echo $text['option-false']; } echo "	"; if (permission_exists('user_edit')) { echo "$v_link_label_edit"; } if (permission_exists('user_delete')) { if ($_SESSION["user"]["user_uuid"] != $row['user_uuid']) { echo "".$v_link_label_delete.""; } else { echo "".str_replace("list_control_icon", "list_control_icon_disabled", $v_link_label_delete).""; } } echo "

\n"; echo "
\n"; echo $paging_controls."\n"; echo "

\n"; //include the footer include "resources/footer.php"; ?>