[ Index ]

Source Code Reference for V1.00

title

Body

[close]

/modules/admin/ -> index.php (source)

[Summary view] [Print] [Text view] 

   1  <?php /* $Id: index.php 137 2008-04-04 16:12:02Z pedroix $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/trunk/modules/admin/index.php $ */
   2  if (!defined('W2P_BASE_DIR')) {
   3      die('You should not access this file directly.');
   4  }
   5  
   6  $perms = &$AppUI->acl();
   7  if (!$perms->checkModule($m, 'view')) {
   8      $AppUI->redirect('m=public&a=access_denied');
   9  }
  10  if (!$perms->checkModule('users', 'view')) {
  11      $AppUI->redirect('m=public&a=access_denied');
  12  }
  13  
  14  $AppUI->savePlace();
  15  
  16  if (isset($_GET['tab'])) {
  17      $AppUI->setState('UserIdxTab', w2PgetParam($_GET, 'tab', null));
  18  }
  19  $tab = $AppUI->getState('UserIdxTab') !== null ? $AppUI->getState('UserIdxTab') : 0;
  20  
  21  if (isset($_GET['stub'])) {
  22      $AppUI->setState('UserIdxStub', w2PgetParam($_GET, 'stub', null));
  23      $AppUI->setState('UserIdxWhere', '');
  24  } elseif (isset($_POST['where'])) {
  25      $AppUI->setState('UserIdxWhere', $_POST['where']);
  26      $AppUI->setState('UserIdxStub', '');
  27  }
  28  $stub = $AppUI->getState('UserIdxStub');
  29  $where = $AppUI->getState('UserIdxWhere');
  30  
  31  if (isset($_GET['orderby'])) {
  32      $AppUI->setState('UserIdxOrderby', w2PgetParam($_GET, 'orderby', null));
  33  }
  34  $orderby = $AppUI->getState('UserIdxOrderby') ? $AppUI->getState('UserIdxOrderby') : 'user_username';
  35  $orderby = ($tab == 3 || ($orderby != 'date_time_in' && $orderby != 'user_ip')) ? $orderby : 'user_username';
  36  
  37  // Pull First Letters

  38  $let = ":";
  39  $q = new DBQuery;
  40  $q->addTable('users', 'u');
  41  $q->addQuery('DISTINCT UPPER(SUBSTRING(user_username, 1, 1)) AS L');
  42  $arr = $q->loadList();
  43  foreach ($arr as $L) {
  44      $let .= $L['L'];
  45  }
  46  
  47  $q = new DBQuery;
  48  $q->addTable('users', 'u');
  49  $q->addQuery('DISTINCT UPPER(SUBSTRING(contact_first_name, 1, 1)) AS L');
  50  $q->addJoin('contacts', 'con', 'contact_id = user_contact', 'inner');
  51  $arr = $q->loadList();
  52  foreach ($arr as $L) {
  53      if ($L['L']) {
  54          $let .= strpos($let, $L['L']) ? '' : $L['L'];
  55      }
  56  }
  57  
  58  $q = new DBQuery;
  59  $q->addTable('users', 'u');
  60  $q->addQuery('DISTINCT UPPER(SUBSTRING(contact_last_name, 1, 1)) AS L');
  61  $q->addJoin('contacts', 'con', 'contact_id = user_contact', 'inner');
  62  $arr = $q->loadList();
  63  foreach ($arr as $L) {
  64      if ($L['L']) {
  65          $let .= strpos($let, $L['L']) ? '' : $L['L'];
  66      }
  67  }
  68  
  69  $a2z = '<table cellpadding="2" cellspacing="1" border="0"><tr>';
  70  $a2z .= '<td width="100%" align="right">' . $AppUI->_('Show') . ': </td>';
  71  $a2z .= '<td><a href="./index.php?m=admin&stub=0">' . $AppUI->_('All') . '</a></td>';
  72  for ($c = 65; $c < 91; $c++) {
  73      $cu = chr($c);
  74      $cell = strpos($let, $cu) > 0 ? '<a href="?m=admin&stub=' . $cu . '">' . $cu . '</a>' : '<font color="#999999">' . $cu . '</font>';
  75      $a2z .= '<td>' . $cell . '</td>';
  76  }
  77  $a2z .= '</tr></table>';
  78  
  79  // setup the title block

  80  $titleBlock = new CTitleBlock('User Management', 'helix-setup-users.png', $m, "$m.$a");
  81  
  82  $where = w2PformSafe($where, true);
  83  
  84  $titleBlock->addCell('<input type="text" name="where" class="text" size="10" value="' . $where . '" />' . ' <input type="submit" value="' . $AppUI->_('search') . '" class="button" />', '', '<form action="index.php?m=admin" method="post">', '</form>');
  85  
  86  $titleBlock->addCell($a2z);
  87  $titleBlock->show();
  88  
  89  ?>
  90  <script language="javascript">
  91  <?php
  92  // security improvement:

  93  // some javascript functions may not appear on client side in case of user not having write permissions

  94  // else users would be able to arbitrarily run 'bad' functions

  95  if ($canDelete) {
  96  ?>
  97  function delMe( x, y ) {
  98      if (confirm( "<?php echo $AppUI->_('doDelete', UI_OUTPUT_JS) . ' ' . $AppUI->_('User', UI_OUTPUT_JS); ?> " + y + "?" )) {
  99          document.frmDelete.user_id.value = x;
 100          document.frmDelete.submit();
 101      }
 102  }
 103  <?php } ?>
 104  </script>
 105  
 106  <?php
 107  $extra = '<td align="right" width="100%"><input type="button" class=button value="' . $AppUI->_('add user') . '" onClick="javascript:window.location=\'./index.php?m=admin&a=addedituser\';" /></td>';
 108  
 109  // tabbed information boxes

 110  $tabBox = new CTabBox('?m=admin', W2P_BASE_DIR . '/modules/admin/', $tab);
 111  $tabBox->add('vw_active_usr', 'Active Users');
 112  $tabBox->add('vw_inactive_usr', 'Inactive Users');
 113  $tabBox->add('vw_usr_log', 'User Log');
 114  if ($canEdit && $canDelete) {
 115      $tabBox->add('vw_usr_sessions', 'Active Sessions');
 116  }
 117  $tabBox->show($extra);
 118  
 119  ?>
 120  
 121  <form name="frmDelete" action="./index.php?m=admin" method="post">
 122      <input type="hidden" name="dosql" value="do_user_aed" />
 123      <input type="hidden" name="del" value="1" />
 124      <input type="hidden" name="user_id" value="0" />
 125  </form>

Body

Body

Body

Body


Generated: Wed Jan 7 03:00:01 2009 Cross-referenced by PHPXref 0.7