00001 <?php
00002 if(!defined('__PRAGYAN_CMS'))
00003 {
00004 header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
00005 echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
00006 echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
00007 exit(1);
00008 }
00017
00018 function userManagementForm()
00019 {
00020 global $ICONS;
00021 global $urlRequestRoot, $cmsFolder, $moduleFolder, $templateFolder,$sourceFolder;
00022 require_once("$sourceFolder/$moduleFolder/form/viewregistrants.php");
00023 $usermgmtform=<<<USERFORM
00024 <script type='text/javascript' language='javascript'>
00025 function checkAll(formobj)
00026 {
00027 for(i=0;i<formobj.elements.length;i++)
00028 {
00029
00030 if(formobj.elements[i].type=='checkbox') formobj.elements[i].checked=true;
00031 }
00032 }
00033 function unCheckAll(formobj)
00034 {
00035 for(i=0;i<formobj.elements.length;i++)
00036 {
00037
00038 if(formobj.elements[i].type=='checkbox') formobj.elements[i].checked=false;
00039 }
00040 }
00041 </script>
00042 <form name='user_mgmt_form' action='./+admin&subaction=useradmin' method='POST'>
00043 <fieldset>
00044 <legend>{$ICONS['User Management']['small']}User Management</legend>
00045
00046 Select Fields to Display : <input type='button' onclick='return checkAll(this.form);' value='Check All' /><input type='button' onclick='return unCheckAll(this.form);' value='Uncheck All' />
00047 <table><tr><td>Field Name</td><td>Display ?</td><td>Field Name</td><td>Display ?</td><td>Field Name</td><td>Display ?</td></tr>
00048 USERFORM;
00049
00050 $xcolumnNames=array_keys(getColumnList(0, false, false, false, false, false));
00051 $xcolumnPrettyNames=array_values(getColumnList(0, false, false, false, false, false));
00052 $usertablefields=array_merge(getTableFieldsName('users'),$xcolumnNames);
00053 $userfieldprettynames=array_merge(array("User ID","Username","Email","Full Name","Password","Registration","Last Login","Activated","Login Method"),array_map('ucfirst',$xcolumnPrettyNames));
00054 $cols=3;
00055 for($i=0;$i<count($usertablefields);$i=$i+$cols)
00056 {
00057 $usermgmtform.="<tr>";
00058 for($j=0;$j<$cols;$j++)
00059 {
00060 if($i+$j<count($usertablefields))
00061 {
00062 $checked="";
00063 if(isset($_POST['not_first_time']))
00064 $checked=isset($_POST[$usertablefields[$i+$j].'_sel'])?"checked":"";
00065 else if($usertablefields[$i+$j]=="user_fullname" || $usertablefields[$i+$j]=="user_email" || $usertablefields[$i+$j]=="user_activated")
00066 $checked="checked";
00067
00068 $usermgmtform.="<td>{$userfieldprettynames[$i+$j]}</td><td><input type='checkbox' name='{$usertablefields[$i+$j]}_sel' $checked /></td>";
00069 }
00070 }
00071 $usermgmtform.="</tr>";
00072 }
00073 global $ICONS_SRC;
00074 $usermgmtform.=<<<USERFORM
00075 <input type='hidden' name='not_first_time' />
00076 </table>
00077 <fieldset style="float:left;">
00078 <legend>All Registered</legend>
00079 <input type='submit' value='View' name='view_reg_users'/>
00080 <input type='submit' value='Edit' name='edit_reg_users'/>
00081 </fieldset>
00082 <fieldset style="float:left;">
00083 <legend>Activated Users</legend>
00084 <input type='submit' value='View' name='view_activated_users'/>
00085 <input type='submit' value='Edit' name='edit_activated_users'/>
00086
00087 </fieldset>
00088 <fieldset style="float:left;">
00089 <legend>Non-Activated Users</legend>
00090 <input type='submit' value='View' name='view_nonactivated_users'/>
00091 <input type='submit' value='Edit' name='edit_nonactivated_users'/>
00092
00093 </fieldset>
00094 <div style="clear:both"></div>
00095 <hr/>
00096 <table class='iconspanel'>
00097 <tr>
00098 <td>
00099 <input type="image" alt="Search User" src='{$ICONS_SRC['Search']['large']}' onclick="this.form.action+='&subsubaction=search'" value="Search User" /><br/>Search User
00100 </td>
00101 <td>
00102 <input type="image" alt="New User" src='{$ICONS_SRC['New User']['large']}' onclick="this.form.action+='&subsubaction=create'" value="New User" /><br/>New User
00103 </td>
00104 <td>
00105 <input type='image' alt="Deactivate All Users" src='{$ICONS_SRC['Deactivate']['large']}' value='Deactivate All' name='deactivate_all_users'/><br/>Deactivate All Users
00106 </td>
00107 <td>
00108 <input type='image' alt="Activate All Users" src='{$ICONS_SRC['Activate']['large']}' value='Activate All' name='activate_all_users'/><br/>Activate All Users
00109 </td>
00110 </tr>
00111 </table>
00112 </fieldset>
00113
00114
00115 </form>
00116 USERFORM;
00117 return $usermgmtform;
00118 }
00119 function handleUserMgmt()
00120 {
00121 global $urlRequestRoot, $cmsFolder, $moduleFolder, $templateFolder,$sourceFolder;
00122 require_once("$sourceFolder/$moduleFolder/form/viewregistrants.php");
00123 if(isset($_GET['userid']))
00124 $_GET['userid']=escape($_GET['userid']);
00125 if(isset($_POST['editusertype'])) $_POST['editusertype']=escape($_POST['editusertype']);
00126 if(isset($_POST['user_activate']))
00127 {
00128 $query="UPDATE ".MYSQL_DATABASE_PREFIX."users SET user_activated=1 WHERE user_id={$_GET['userid']}";
00129 if(mysql_query($query))
00130 displayInfo("User Successfully Activated!");
00131 else displayerror("User Not Activated!");
00132 return registeredUsersList($_POST['editusertype'],"edit",false);
00133 }
00134 else if(isset($_POST['activate_all_users']))
00135 {
00136
00137 $query="UPDATE ".MYSQL_DATABASE_PREFIX."users SET user_activated=1";
00138 if(mysql_query($query))
00139 displayInfo("All users activated successfully!");
00140 else displayerror("Users Not Deactivated!");
00141
00142 return;
00143 }
00144 else if(isset($_POST['user_deactivate']))
00145 {
00146 if($_GET['userid']==ADMIN_USERID)
00147 {
00148 displayError("You cannot deactivate administrator!");
00149 return registeredUsersList($_POST['editusertype'],"edit",false);
00150 }
00151 $query="UPDATE ".MYSQL_DATABASE_PREFIX."users SET user_activated=0 WHERE user_id={$_GET['userid']}";
00152 if(mysql_query($query))
00153 displayInfo("User Successfully Deactivated!");
00154 else displayerror("User Not Deactivated!");
00155
00156 return registeredUsersList($_POST['editusertype'],"edit",false);
00157 }
00158 else if(isset($_POST['deactivate_all_users']))
00159 {
00160
00161 $query="UPDATE ".MYSQL_DATABASE_PREFIX."users SET user_activated=0 WHERE user_id != ".ADMIN_USERID;
00162 if(mysql_query($query))
00163 displayInfo("All users deactivated successfully except Administrator!");
00164 else displayerror("Users Not Deactivated!");
00165
00166 return;
00167 }
00168 else if(isset($_POST['user_delete']))
00169 {
00170 $userId=$_GET['userid'];
00171 if($userId==ADMIN_USERID)
00172 {
00173 displayError("You cannot delete administrator!");
00174 return registeredUsersList($_POST['editusertype'],"edit",false);
00175 }
00176 $query="DELETE FROM `".MYSQL_DATABASE_PREFIX."users` WHERE `user_id` = $userId";
00177 if(mysql_query($query))
00178 {
00179 $query="DELETE FROM `".MYSQL_DATABASE_PREFIX."openid_users` WHERE `user_id` = $userId";
00180 if(mysql_query($query))
00181 {
00182 displayinfo("User Successfully Deleted!");
00183 }
00184 else displayerror("User not deleted from OpenID database!");
00185 }
00186 else displayerror("User Not Deleted!");
00187
00188
00189 return registeredUsersList($_POST['editusertype'],"edit",false);
00190
00191 }
00192 else if(isset($_POST['user_info']) || (isset($_POST['user_info_update'])))
00193 {
00194 if(isset($_POST['user_info_update']))
00195 {
00196 $updates = array();
00197 $userId=$_GET['userid'];
00198 $query="SELECT * FROM `".MYSQL_DATABASE_PREFIX."users` WHERE `user_id`={$userId}";
00199 $row=mysql_fetch_assoc(mysql_query($query));
00200 $errors = false;
00201
00202 if(isset($_POST['user_name']) && $row['user_name']!=$_POST['user_name'])
00203 {
00204 $chkquery="SELECT * FROM `".MYSQL_DATABASE_PREFIX."users` WHERE `user_name`='".escape($_POST['user_name'])."'";
00205 $result=mysql_query($chkquery) or die("failed : $chkquery");
00206 if(mysql_num_rows($result)>0)
00207 {
00208 displayerror("User Name already exists in database!");
00209 $errors=true;
00210 }
00211
00212 }
00213
00214
00215 if (isset($_POST['user_name']) && $_POST['user_name'] != '' && $_POST['user_name']!=$row['user_name']) {
00216 $updates[] = "`user_name` = '".escape($_POST['user_name'])."'";
00217
00218 }
00219 if (isset($_POST['user_email']) && $_POST['user_email'] != '' && $_POST['user_email']!=$row['user_email']) {
00220 $updates[] = "`user_email` = '".escape($_POST['user_email'])."'";
00221
00222 }
00223 if (isset($_POST['user_fullname']) && $_POST['user_fullname'] != '' && $_POST['user_fullname']!=$row['user_fullname']) {
00224 $updates[] = "`user_fullname` = '".escape($_POST['user_fullname'])."'";
00225
00226 }
00227
00228 if ($_POST['user_password'] != '') {
00229
00230 if ($_POST['user_password'] != $_POST['user_password2']) {
00231 displayerror('Error! The New Password you entered does not match the password you typed in the Confirmation Box.'); $errors=true;
00232 }
00233 else if(md5($_POST['user_password']) != $row['user_password']) {
00234 $updates[] = "`user_password` = MD5('{$_POST['user_password']}')";
00235
00236 }
00237 }
00238 if (isset($_POST['user_regdate']) && $_POST['user_regdate'] != '' && $_POST['user_regdate']!=$row['user_regdate']) {
00239 $updates[] = "`user_regdate` = '".escape($_POST['user_regdate'])."'";
00240
00241 }
00242 if (isset($_POST['user_lastlogin']) && $_POST['user_lastlogin'] != '' && $_POST['user_lastlogin']!=$row['user_lastlogin']) {
00243 $updates[] = "`user_lastlogin` = '".escape($_POST['user_lastlogin'])."'";
00244
00245 }
00246 if ($_GET['userid']!=ADMIN_USERID && (isset($_POST['user_activated'])?1:0)!=$row['user_activated']) {
00247 $checked=isset($_POST['user_activated'])?1:0;
00248 $updates[] = "`user_activated` = $checked";
00249
00250 }
00251 if (isset($_POST['user_loginmethod']) && $_POST['user_loginmethod'] != '' && $_POST['user_loginmethod']!=$row['user_loginmethod']) {
00252 $updates[] = "`user_loginmethod` = '".escape($_POST['user_loginmethod'])."'";
00253 if($_POST['user_loginmethod']!='db')
00254 displaywarning("Please make sure ".strtoupper(escape($_POST['user_loginmethod']))." is configured properly, otherwise the user will not be able to login to the website.");
00255 }
00256
00257 if(!$errors) {
00258 if(count($updates) > 0)
00259 {
00260 $profileQuery = 'UPDATE `' . MYSQL_DATABASE_PREFIX . 'users` SET ' . join($updates, ', ') . " WHERE `user_id` = {$_GET['userid']}";
00261 $profileResult = mysql_query($profileQuery);
00262 if(!$profileResult) {
00263 displayerror('An error was encountered while attempting to process your request.'.$profileQuery);
00264 $errors = true;
00265 }
00266 }
00267 global $sourceFolder,$moduleFolder;
00268 require_once("$sourceFolder/$moduleFolder/form/registrationformsubmit.php");
00269 require_once("$sourceFolder/$moduleFolder/form/registrationformgenerate.php");
00270 if(!$errors && !submitRegistrationForm(0, $userId, true, true)) {
00271 displayerror('An error was encountered while attempting to process your request.'.$profileQuery);
00272 $errors = true;
00273 }
00274 else displayinfo('All fields updated successfully!');
00275 }
00276
00277
00278
00279
00280 }
00281
00282 $userid=$_GET['userid'];
00283 $query="SELECT * FROM `".MYSQL_DATABASE_PREFIX."users` WHERE `user_id`=$userid";
00284 $columnList=getColumnList(0,false,false,false,false,false);
00285 $xcolumnIds=array_keys($columnList);
00286 $xcolumnNames=array_values($columnList);
00287
00288 $row=mysql_fetch_assoc(mysql_query($query));
00289
00290
00291 $userfieldprettynames=array("User ID","Username","Email","Full Name","Password","Registration","Last Login","Activated","Login Method");
00292
00293 $userinfo="<fieldset><legend>Edit User Information</legend><form name='user_info_edit' action='./+admin&subaction=useradmin&userid=$userid' method='post'>";
00294
00295
00296
00297
00298 $usertablefields=array_merge(getTableFieldsName('users'),$xcolumnNames);
00299
00300 for($i=0;$i<count($usertablefields);$i++)
00301 if(isset($_POST[$usertablefields[$i].'_sel']))
00302 $userinfo.="<input type='hidden' name='{$usertablefields[$i]}_sel' value='checked'/>";
00303 $userinfo.="<input type='hidden' name='not_first_time' />";
00304
00305
00306
00307 $userinfo.=userProfileForm($userfieldprettynames,$row,false,true);
00308 $userinfo.="<input type='submit' value='Update' name='user_info_update' />
00309 <input type='reset' value='Reset' /></form></fieldset>";
00310 return $userinfo;
00311
00312
00313 }
00314 else if(isset($_POST['view_reg_users']))
00315 {
00316 return registeredUsersList("all","view",false);
00317 }
00318 else if(isset($_POST['edit_reg_users']))
00319 {
00320 return registeredUsersList("all","edit",false);
00321 }
00322 else if(isset($_POST['view_activated_users']))
00323 {
00324 return registeredUsersList("activated","view",false);
00325 }
00326 else if(isset($_POST['edit_activated_users']))
00327 {
00328 return registeredUsersList("activated","edit",false);
00329 }
00330 else if(isset($_POST['view_nonactivated_users']))
00331 {
00332 return registeredUsersList("nonactivated","view",false);
00333 }
00334 else if(isset($_POST['edit_nonactivated_users']))
00335 {
00336 return registeredUsersList("nonactivated","edit",false);
00337 }
00338 else if(isset($_GET['subsubaction']) && $_GET['subsubaction']=='search')
00339 {
00340
00341 $results="";
00342
00343
00344 $userfieldprettynames=array("User ID","Username","Email","Full Name","Password","Registration","Last Login","Activated","Login Method");
00345
00346
00347 $usertablefields=getTableFieldsName('users');
00348
00349 $first=true;
00350
00351 $qstring="";
00352 foreach ($usertablefields as $field) {
00353 if(isset($_POST[$field]) && $_POST[$field]!='')
00354 {
00355 if ($first == false)
00356 $qstring .= ($_POST['user_search_op']=='and')?" AND ":" OR ";
00357 $val=escape($_POST[$field]);
00358 if($field=='user_activated') ${$field.'_lastval'}=$val=isset($_POST[$field])?1:0;
00359 else ${$field.'_lastval'}=$val;
00360 $qstring .= "`$field` LIKE CONVERT( _utf8 '%$val%'USING latin1 ) ";
00361 $first=false;
00362 }
00363 }
00364 if($qstring!="")
00365 {
00366 $query = "SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "users` WHERE $qstring ";
00367 $resultSearch = mysql_query($query);
00368 if (mysql_num_rows($resultSearch) > 0) {
00369 $num = mysql_num_rows($resultSearch);
00370
00371 $userInfo=array();
00372
00373
00374 while($row=mysql_fetch_assoc($resultSearch))
00375 {
00376 $userInfo['user_id'][]=$row['user_id'];
00377 $userInfo['user_name'][]=$row['user_name'];
00378 $userInfo['user_email'][]=$row['user_email'];
00379 $userInfo['user_fullname'][]=$row['user_fullname'];
00380 $userInfo['user_password'][]=$row['user_password'];
00381 $userInfo['user_lastlogin'][]=$row['user_lastlogin'];
00382 $userInfo['user_regdate'][]=$row['user_regdate'];
00383 $userInfo['user_activated'][]=$row['user_activated'];
00384 $userInfo['user_loginmethod'][]=$row['user_loginmethod'];
00385 }
00386 $results=registeredUsersList("all","edit",false,$userInfo);
00387 } else
00388 displayerror("No users matched your query!");
00389
00390 }
00391
00392 $searchForm="<form name='user_search_form' action='./+admin&subaction=useradmin&subsubaction=search' method='POST'><h3>Search User</h3>";
00393 $xcolumnNames=array_keys(getColumnList(0, false, false, false, false, false));
00394 $usertablefields2=array_merge($usertablefields,$xcolumnNames);
00395 for($i=0;$i<count($usertablefields2);$i++)
00396 if(isset($_POST[$usertablefields2[$i].'_sel']))
00397 $searchForm.="<input type='hidden' name='{$usertablefields2[$i]}_sel' value='checked'/>";
00398 $searchForm.="<input type='hidden' name='not_first_time' />";
00399
00400 $infoarray=array();
00401 foreach ($usertablefields as $field)
00402 if(isset(${$field.'_lastval'}))
00403 $infoarray[$field]=${$field.'_lastval'};
00404 else $infoarray[$field]="";
00405
00406 $searchForm.=userProfileForm($userfieldprettynames,$infoarray,true,false);
00407
00408 $searchForm.="Operation : <input type='radio' name='user_search_op' value='and' />AND <input type='radio' name='user_search_op' value='or' checked='true' />OR<br/><br/><input type='submit' onclick name='user_search_submit' value='Search' /><input type='reset' value='Clear' /></form>";
00409 return $results.$searchForm;
00410
00411
00412 }
00413
00414 else if(isset($_GET['subsubaction']) && $_GET['subsubaction']=='create')
00415 {
00416
00417
00418 $userfieldprettynamesarray=array("User ID","Username","Email","Full Name","Password","Registration","Last Login","Activated","Login Method");
00419
00420 $usertablefields=getTableFieldsName('users');
00421
00422 if(isset($_POST['create_user_submit']))
00423 {
00424 $incomplete=false;
00425 foreach($usertablefields as $field)
00426 {
00427 if(($field != 'user_regdate') && ($field != 'user_lastlogin') && ($field != 'user_activated') && (isset($_POST[$field]) && $_POST[$field]==""))
00428 {
00429 displayerror("New user could not be created. Some fields are missing!$field");
00430 $incomplete=true;
00431 break;
00432 }
00433 ${$field}=escape($_POST[$field]);
00434 }
00435 if(!$incomplete)
00436 {
00437 $user_id=$_GET['userid'];
00438 $chkquery="SELECT COUNT(user_id) FROM `".MYSQL_DATABASE_PREFIX."users` WHERE `user_id`=$user_id OR `user_name`='$user_name' OR `user_email`='$user_email'";
00439
00440 $result=mysql_query($chkquery);
00441 $row=mysql_fetch_row($result);
00442
00443 if($row[0]>0) displayerror("Another user with the same name or email already exists!");
00444 else if($user_password!=$_POST['user_password2']) displayerror("Passwords mismatch!");
00445 else
00446 {
00447 if(isset($_POST['user_activated'])) $user_activated=1;
00448 $query = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "users` (`user_id` ,`user_name` ,`user_email` ,`user_fullname` ,`user_password` ,`user_regdate` ,`user_lastlogin` ,`user_activated`,`user_loginmethod`)VALUES ('$user_id' ,'$user_name' ,'$user_email' ,'$user_fullname' , MD5('$user_password') ,CURRENT_TIMESTAMP , '', '$user_activated','$user_loginmethod')";
00449 $result = mysql_query($query) or die(mysql_error());
00450 global $sourceFolder,$moduleFolder;
00451 require_once("$sourceFolder/$moduleFolder/form/registrationformsubmit.php");
00452 require_once("$sourceFolder/$moduleFolder/form/registrationformgenerate.php");
00453 if (mysql_affected_rows() && submitRegistrationForm(0, $user_id, true, true)) displayinfo("User $user_fullname Successfully Created!");
00454 else displayerror("Failed to create user");
00455 }
00456 }
00457 }
00458
00459 $nextUserId=getNextUserId();
00460 $userForm="<form name='user_create_form' action='./+admin&subaction=useradmin&subsubaction=create&userid=$nextUserId' method='POST'><h3>Create New User</h3>";
00461 $xcolumnNames=array_values(getColumnList(0, false, false, false, false, false));
00462 $usertablefields2=array_merge($usertablefields,$xcolumnNames);
00463 for($i=0;$i<count($usertablefields2);$i++)
00464 if(isset($_POST[$usertablefields2[$i].'_sel']))
00465 $userForm.="<input type='hidden' name='{$usertablefields2[$i]}_sel' value='checked'/>";
00466 $userForm.="<input type='hidden' name='not_first_time' />";
00467 $infoarray=array();
00468 foreach ($usertablefields as $field)
00469 $infoarray[$field]="";
00470 $infoarray['user_id']=$nextUserId;
00471
00472 $userForm.=userProfileForm($userfieldprettynamesarray,$infoarray,false,true);
00473
00474 $userForm.="<input type='submit' onclick name='create_user_submit' value='Create' /><input type='reset' value='Clear' /></form>";
00475 return $userForm;
00476
00477
00478
00479
00480
00481 }
00482
00483 }
00484 function getAllUsersInfo(&$userId,&$userName,&$userEmail,&$userFullName,&$userPassword,&$userLastLogin,&$userRegDate,&$userActivated,&$userLoginMethod)
00485 {
00486 $query="SELECT * FROM `".MYSQL_DATABASE_PREFIX."users` ORDER BY `user_id` ASC";
00487 $result=mysql_query($query);
00488 $userId=array();
00489 $userEmail=array();
00490 $userName=array();
00491 $userFullName=array();
00492 $userPassword=array();
00493 $userLastLogin=array();
00494 $userRegDate=array();
00495 $userActivated=array();
00496 $userLoginMethod=array();
00497 $i=0;
00498 while($row=mysql_fetch_assoc($result))
00499 {
00500 $userId[$i]=$row['user_id'];
00501 $userName[$i]=$row['user_name'];
00502 $userEmail[$i]=$row['user_email'];
00503
00504 $userFullName[$i]=$row['user_fullname'];
00505 $userPassword[$i]=$row['user_password'];
00506 $userLastLogin[$i]=$row['user_lastlogin'];
00507 $userRegDate[$i]=$row['user_regdate'];
00508 $userActivated[$i]=$row['user_activated'];
00509 $userLoginMethod[$i]=$row['user_loginmethod'];
00510 $i++;
00511 }
00512
00513 }
00514 function registeredUsersList($type,$act,$allfields,$userInfo=NULL)
00515 {
00516 global $urlRequestRoot, $cmsFolder, $moduleFolder, $templateFolder,$sourceFolder;
00517 require_once("$sourceFolder/$moduleFolder/form/viewregistrants.php");
00518 $extraColumns=getColumnList(0, false, false, false, false, false);
00519 $xcolumnIds=array(); $xcolumnNames=array(); $xcolumnFieldVars=array();
00520 foreach($extraColumns as $columnid=>$colname)
00521 {
00522 $xcolumnIds[]=$columnid;
00523 $xcolumnNames[]=$colname;
00524 $xcolumnFieldVars[]='user'.ucfirst($colname);
00525 ${'user'.ucfirst($colname)}=array();
00526 }
00527
00528 if($userInfo==NULL)
00529 {
00530 getAllUsersInfo($userId,$userName,$userEmail,$userFullName,$userPassword,$userLastLogin,$userRegDate,$userActivated,$userLoginMethod);
00531 }
00532 else
00533 {
00534 $userId=$userInfo['user_id'];
00535 $userName=$userInfo['user_name'];
00536 $userEmail=$userInfo['user_email'];
00537
00538 $userFullName=$userInfo['user_fullname'];
00539 $userPassword=$userInfo['user_password'];
00540 $userLastLogin=$userInfo['user_lastlogin'];
00541 $userRegDate=$userInfo['user_regdate'];
00542 $userActivated=$userInfo['user_activated'];
00543 $userLoginMethod=$userInfo['user_loginmethod'];
00544
00545 }
00546 foreach($userId as $userid)
00547 {
00548 $xinfo=generateFormDataRow(0,$userid,$xcolumnIds);
00549 foreach($xinfo as $j=>$info)
00550 {
00551 ${$xcolumnFieldVars[$j]}[]=$info;
00552 }
00553 }
00554
00555
00556
00557 $userfieldprettynames=array_merge( array("User ID","Username","Email","Full Name","Password","Registration","Last Login","Activated","Login Method"), array_map('ucfirst',$xcolumnNames));
00558
00559 function replace10byYesNo(&$value,$key)
00560 { if($value=='1') $value="Yes"; else if ($value=='0') $value="No"; }
00561 array_walk($userActivated,'replace10byYesNo');
00562
00563
00564 $userlisttdids=array_merge(array("user_id","user_name","user_email","user_fullname","user_password","user_regdate","user_lastlogin","user_activated","user_loginmethod"), $xcolumnIds);
00565 $userfieldvars=array_merge(array("userId","userName","userEmail","userFullName","userPassword","userRegDate","userLastLogin","userActivated","userLoginMethod"), $xcolumnFieldVars);
00566
00567 $userlist="";
00568 $columns=count($userfieldvars);
00569 if($act=="edit")
00570 {
00571 $userlist.="<form name='user_edit_form' method='POST' action='./+admin&subaction=useradmin&userid=' >\n";
00572 $userlist.="<input type='hidden' name='editusertype' value='$type' />";
00573 $columns+=3;
00574 }
00575 $userlist .= smarttable::render(array('userstable'),null);
00576 global $STARTSCRIPTS;
00577 $STARTSCRIPTS.="initSmartTable();";
00578
00579 $userlist.=<<<USERLIST
00580
00581 <script language="javascript">
00582 function checkDelete(butt,userDel,userId)
00583 {
00584 if(confirm('Are you sure you want to delete '+userDel+' (User ID='+userId+')?'))
00585 {
00586 butt.form.action+=userId;
00587 }
00588 else return false;
00589 }
00590 </script>
00591 <a name='userlist'></a><table class="userlisttable display" border="1" id='userstable'>
00592 <thead>
00593 <tr><th colspan="$columns">Users Registered on the Website</th></tr>
00594 <tr>
00595 USERLIST;
00596
00597
00598
00599 $defCols=getTableFieldsName('users');
00600 $usertablefields=array_merge($defCols,$xcolumnIds);
00601 $displayfieldsindex=array();
00602 $c=0;
00603 for($i=0;$i<count($usertablefields);$i++)
00604 {
00605 if(isset($_POST[$usertablefields[$i].'_sel']) || $allfields)
00606 {
00607 $userlist.="<th>".$userfieldprettynames[$i];
00608 if($act=="edit") $userlist.="<input type='hidden' name='{$usertablefields[$i]}_sel' value='checked'/>";
00609 $userlist.="</th>";
00610 $displayfieldsindex[$c++]=$i;
00611 }
00612 }
00613
00614
00615 $userlist.="<input type='hidden' name='not_first_time' />";
00616
00617
00618 if($act=="edit")
00619 {
00620 $userlist.="<th>Actions</th>";
00621 }
00622 $userlist.="</tr></thead><tbody>";
00623 $rowclass="oddrow";
00624 $flag=false;
00625 $usercount=0;
00626 global $ICONS_SRC;
00627 for($i=0; $i<count($userId); $i++)
00628 {
00629 if($type=="activated" && $userActivated[$i]=="No")
00630 continue;
00631 if($type=="nonactivated" && $userActivated[$i]=="Yes")
00632 continue;
00633 $flag=true;
00634 $userlist.="<tr class='$rowclass'>";
00635
00636 for($j=0; $j<count($displayfieldsindex); $j++)
00637 {
00638 $userlist.="<td class='{$userlisttdids[$j]}'>".${$userfieldvars[$displayfieldsindex[$j]]}[$i]."</td>";
00639 }
00640
00641
00642 if($act=="edit")
00643 {
00644 $userlist.="<td id='user_editactions'>";
00645 if($userActivated[$i]=="No")
00646 $userlist.="<input title='Activate User' type='image' src='{$ICONS_SRC['Activate']['small']}' onclick=\"this.form.action+='{$userId[$i]}'\" name='user_activate' value='Activate'>\n";
00647 else $userlist.="<input title='Deactivate User' type='image' src='{$ICONS_SRC['Deactivate']['small']}' onclick=\"this.form.action+='{$userId[$i]}'\" name='user_deactivate' value='Deactivate'>\n";
00648 $userlist.="<input title='Edit User' type='image' src='{$ICONS_SRC['Edit']['small']}' onclick=\"this.form.action+='{$userId[$i]}'\" name='user_info' value='Edit'>\n";
00649 $userlist.="<input title='Delete User' type='image' src='{$ICONS_SRC['Delete']['small']}' onclick=\"return checkDelete(this,'".$userName[$i]."','".$userId[$i]."')\" name='user_delete' value='Delete'>\n";
00650 $userlist.="</td>";
00651
00652 }
00653 $userlist.="</tr>";
00654 $rowclass=$rowclass=="evenrow"?"oddrow":"evenrow";
00655 $usercount++;
00656 }
00657 $userlist.="</tbody></table>";
00658 if($act=="edit") $userlist.="</form>";
00659
00660
00661 return ($flag)?$userlist:"No Users Found!";
00662 }
00663 function userProfileForm($userfieldprettynames,$profileInfoRows,$editID=false,$showProfileInfo=true)
00664 {
00665 $i=0;
00666 $userinfo="<table>";
00667 foreach ($profileInfoRows as $field => $value)
00668 {
00669 if($field=='user_password')
00670 {
00671 $userinfo.="<tr><td>{$userfieldprettynames[$i]}</td><td><input type='password' name='$field'/></td></tr>";
00672 $field.='2';
00673 $userinfo.="<tr><td>{$userfieldprettynames[$i++]} (Verify)</td><td><input type='password' name='$field'/></td></tr>";
00674 }
00675 else if($field=='user_activated')
00676 {
00677 $value=($value==1)?"checked":"";
00678 $userinfo.="<tr><td>{$userfieldprettynames[$i++]}</td><td><input type='checkbox' name='$field' $value /></td></tr>";
00679 }
00680 else if($field=='user_loginmethod')
00681 {
00682 $ldapsel=$imapsel=$adssel=$dbsel="";
00683 ${$profileInfoRows[$field].'sel'}=" selected = 'selected' ";
00684 $userinfo.="<tr><td>{$userfieldprettynames[$i++]}</td><td><select id='$field' name='$field'>
00685 <option></option>
00686 <option $ldapsel>ldap</option>
00687 <option $imapsel>imap</option>
00688 <option $adssel>ads</option>
00689 <option $dbsel>db</option>
00690 </select>
00691 </td></tr>";
00692 }
00693 else if((!$editID && $field=='user_id') || (!$editID && $field=='user_regdate'))
00694 $userinfo.="<tr><td>{$userfieldprettynames[$i++]}</td><td>$value</td></tr>";
00695
00696 else $userinfo.="<tr><td>{$userfieldprettynames[$i++]}</td><td><input type='text' name='$field' value='$value'/></td></tr>";
00697
00698 }
00699
00700 if($showProfileInfo)
00701 {
00702 global $sourceFolder,$moduleFolder;
00703 require_once("$sourceFolder/$moduleFolder/form/registrationformsubmit.php");
00704 require_once("$sourceFolder/$moduleFolder/form/registrationformgenerate.php");
00705 $containsFileUploadFields = false;
00706 $userId=$profileInfoRows['user_id'];
00707 $dynamicFields = getFormElementsHtmlAsArray(0, $userId, $jsValidationFunctions, $containsFileUploadFields);
00708 $dynamicFields = join($dynamicFields, "</tr>\n<tr>");
00709 if($dynamicFields != '') {
00710 $dynamicFields = "<tr>$dynamicFields</tr>";
00711 }
00712 $userinfo.=$dynamicFields;
00713 }
00714
00715 return $userinfo."</table>";
00716 }
00717 ?>