XOOPS 2.5.6  Final
 All Classes Namespaces Files Functions Variables Pages
findusers.php
Go to the documentation of this file.
1 <?php
19 include_once dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'mainfile.php';
20 
21 xoops_header(false);
22 
23 $denied = true;
24 if (!empty($_REQUEST['token'])) {
25  if ($GLOBALS['xoopsSecurity']->validateToken($_REQUEST['token'], false)) {
26  $denied = false;
27  }
28 } else if (is_object($xoopsUser) && $xoopsUser->isAdmin()) {
29  $denied = false;
30 }
31 if ($denied) {
32  xoops_error(_NOPERM);
33  exit();
34 }
35 
36 $token = isset($_REQUEST['token']) ? $_REQUEST['token'] : '';
37 $name_form = 'memberslist';
38 $name_userid = 'uid' . (!empty($_REQUEST['multiple']) ? '[]' : '');
39 $name_username = 'uname' . (!empty($_REQUEST['multiple']) ? '[]' : '');
40 
41 xoops_loadLanguage('findusers');
42 
47 class XoopsRank extends XoopsObject
48 {
53  function __construct()
54  {
55  $this->XoopsRank();
56  }
57 
63  function XoopsRank()
64  {
65  $this->XoopsObject();
66  $this->initVar('rank_id', XOBJ_DTYPE_INT, null, false);
67  $this->initVar('rank_title', XOBJ_DTYPE_TXTBOX, null, false);
68  $this->initVar('rank_min', XOBJ_DTYPE_INT, 0);
69  $this->initVar('rank_max', XOBJ_DTYPE_INT, 0);
70  $this->initVar('rank_special', XOBJ_DTYPE_INT, 0);
71  $this->initVar('rank_image', XOBJ_DTYPE_TXTBOX, "");
72  }
73 }
74 
79 class XoopsRankHandler extends XoopsObjectHandler
80 {
86  function __construct(&$db)
87  {
88  $this->XoopsRankHandler($db);
89  }
90 
97  function XoopsRankHandler(&$db)
98  {
99  $this->XoopsObjectHandler($db);
100  }
101 
108  function &create($isNew = true)
109  {
110  $obj = new XoopsRank();
111  if ($isNew === true) {
112  $obj->setNew();
113  }
114  return $obj;
115  }
116 
123  function &get($id = 0)
124  {
125  $object =& $this->create(false);
126  $sql = "SELECT * FROM " . $this->db->prefix('ranks') . " WHERE rank_id = " . $this->db->quoteString($id);
127  if (!$result = $this->db->query($sql)) {
128  $ret = null;
129  return $ret;
130  }
131  while ($row = $this->db->fetchArray($result)) {
132  $object->assignVars($row);
133  }
134 
135  return $object;
136  }
137 
146  function getList($criteria = null, $limit = 0, $start = 0)
147  {
148  $ret = array();
149  if ($criteria == null) {
150  $criteria = new CriteriaCompo();
151  }
152 
153  $sql = 'SELECT rank_id, rank_title FROM ' . $this->db->prefix('ranks');
154  if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) {
155  $sql .= ' ' . $criteria->renderWhere();
156  if ($criteria->getSort() != '') {
157  $sql .= ' ORDER BY ' . $criteria->getSort() . ' ' . $criteria->getOrder();
158  }
159  $limit = $criteria->getLimit();
160  $start = $criteria->getStart();
161  }
162  $result = $this->db->query($sql, $limit, $start);
163  if (!$result) {
164  return $ret;
165  }
166  $myts =& MyTextSanitizer::getInstance();
167  while ($myrow = $this->db->fetchArray($result)) {
168  $ret[$myrow['rank_id']] = $myts->htmlSpecialChars($myrow['rank_title']);
169  }
170  return $ret;
171  }
172 }
173 
178 class XoUser extends XoopsUser
179 {
184  function __construct()
185  {
186  $this->XoUser();
187  }
188 
194  function XoUser()
195  {
196  $this->XoopsUser();
197  $unsets = array(
198  "actkey" ,
199  "pass" ,
200  "theme" ,
201  "umode" ,
202  "uorder" ,
203  "notify_mode");
204  foreach ($unsets as $var) {
205  unset($this->vars[$var]);
206  }
207  }
208 }
209 
214 class XoUserHandler extends XoopsObjectHandler
215 {
221  function __construct(&$db)
222  {
223  $this->XoUserHandler($db);
224  }
225 
232  function XoUserHandler(&$db)
233  {
234  $this->XoopsObjectHandler($db);
235  }
236 
243  function &create($isNew = true)
244  {
245  $obj = new XoUser();
246  if ($isNew === true) {
247  $obj->setNew();
248  }
249  return $obj;
250  }
251 
259  function getCount($criteria = null, $groups = array())
260  {
261  if (!is_array($groups)) {
262  $groups = array(
263  $groups);
264  }
265  $groups = array_filter($groups);
266  if (empty($groups)) {
267  $sql = ' SELECT COUNT(DISTINCT u.uid) FROM ' . $this->db->prefix('users') . ' AS u' . ' WHERE 1=1';
268  } else {
269  $sql = ' SELECT COUNT(DISTINCT u.uid) FROM ' . $this->db->prefix('users') . ' AS u' . ' LEFT JOIN ' . $this->db->prefix('groups_users_link') . ' AS g ON g.uid = u.uid' . ' WHERE g.groupid IN (' . implode(', ', array_map('intval', $groups)) . ')';
270  }
271  if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) {
272  // Use the direct renderer, assuming no `uid` in criteria
273  if ($render = $criteria->render()) {
274  $sql .= ' AND ' . $render;
275  }
276  }
277  $result = $this->db->query($sql);
278  list ($count) = $this->db->fetchRow($result);
279  return $count;
280  }
281 
289  function getAll($criteria = null, $groups = array())
290  {
291  if (!is_array($groups)) {
292  $groups = array(
293  $groups);
294  }
295  $groups = array_filter($groups);
296  $limit = null;
297  $start = null;
298  if (empty($groups)) {
299  $sql = ' SELECT u.* FROM ' . $this->db->prefix('users') . ' AS u' . ' WHERE 1=1';
300  } else {
301 
302  $sql = ' SELECT u.* FROM ' . $this->db->prefix('users') . ' AS u' . ' LEFT JOIN ' . $this->db->prefix('groups_users_link') . ' AS g ON g.uid = u.uid' . ' WHERE g.groupid IN (' . implode(', ', array_map('intval', $groups)) . ')';
303  }
304  if (isset($criteria) && is_subclass_of($criteria, "criteriaelement")) {
305  if ($render = $criteria->render()) {
306  $sql .= ' AND ' . $render;
307  }
308  if ($sort = $criteria->getSort()) {
309  $sql .= " ORDER BY " . $sort . " " . $criteria->getOrder();
310  $orderSet = true;
311  }
312  $limit = $criteria->getLimit();
313  $start = $criteria->getStart();
314  }
315  if (empty($orderSet))
316  $sql .= " ORDER BY u.uid ASC";
317  $result = $this->db->query($sql, $limit, $start);
318  $ret = array();
319  while ($myrow = $this->db->fetchArray($result)) {
320  $object =& $this->create(false);
321  $object->assignVars($myrow);
322  $ret[$myrow["uid"]] = $object;
323  unset($object);
324  }
325 
326  return $ret;
327  }
328 }
329 
330 $rank_handler = new XoopsRankHandler($xoopsDB);
331 $user_handler = new XoUserHandler($xoopsDB);
332 
333 $items_match = array(
334  'uname' => _MA_USER_UNAME ,
335  'name' => _MA_USER_REALNAME ,
336  'email' => _MA_USER_EMAIL ,
337  'user_icq' => _MA_USER_ICQ ,
338  'user_aim' => _MA_USER_AIM ,
339  'user_yim' => _MA_USER_YIM ,
340  'user_msnm' => _MA_USER_MSNM);
341 
342 $items_range = array(
343  'user_regdate' => _MA_USER_RANGE_USER_REGDATE ,
344  'last_login' => _MA_USER_RANGE_LAST_LOGIN ,
345  'posts' => _MA_USER_RANGE_POSTS);
346 
347 define('FINDUSERS_MODE_SIMPLE', 0);
348 define('FINDUSERS_MODE_ADVANCED', 1);
349 define('FINDUSERS_MODE_QUERY', 2);
350 
351 $modes = array(
352  FINDUSERS_MODE_SIMPLE => _MA_USER_MODE_SIMPLE ,
353  FINDUSERS_MODE_ADVANCED => _MA_USER_MODE_ADVANCED ,
354  FINDUSERS_MODE_QUERY => _MA_USER_MODE_QUERY);
355 
356 if (empty($_POST["user_submit"])) {
357  include_once $GLOBALS['xoops']->path('class/xoopsformloader.php');
358 
359  $form = new XoopsThemeForm(_MA_USER_FINDUS, "uesr_findform", "findusers.php", 'post', true);
360  $mode = intval(@$_REQUEST["mode"]);
361  if (FINDUSERS_MODE_QUERY == $mode) {
362  $form->addElement(new XoopsFormTextArea(_MA_USER_QUERY, "query", @$_POST["query"]));
363  } else {
364  if (FINDUSERS_MODE_ADVANCED == $mode) {
365  foreach ($items_match as $var => $title) {
366  $text = new XoopsFormText("", $var, 30, 100, @$_POST[$var]);
367  $match = new XoopsFormSelectMatchOption("", "{$var}_match", @$_POST["{$var}_match"]);
368  $match_tray = new XoopsFormElementTray($title, "&nbsp;");
369  $match_tray->addElement($match);
370  $match_tray->addElement($text);
371  $form->addElement($match_tray);
372  unset($text, $match, $match_tray);
373  }
374 
375  $url_text = new XoopsFormText(_MA_USER_URLC, "url", 30, 100, @$_POST["url"]);
376  $location_text = new XoopsFormText(_MA_USER_LOCATION, "user_from", 30, 100, @$_POST["user_from"]);
377  $occupation_text = new XoopsFormText(_MA_USER_OCCUPATION, "user_occ", 30, 100, @$_POST["user_occ"]);
378  $interest_text = new XoopsFormText(_MA_USER_INTEREST, "user_intrest", 30, 100, @$_POST["user_intrest"]);
379  foreach ($items_range as $var => $title) {
380  $more = new XoopsFormText("", "{$var}_more", 10, 5, @$_POST["{$var}_more"]);
381  $less = new XoopsFormText("", "{$var}_less", 10, 5, @$_POST["{$var}_less"]);
382  $range_tray = new XoopsFormElementTray($title, "&nbsp;-&nbsp;&nbsp;");
383  $range_tray->addElement($less);
384  $range_tray->addElement($more);
385  $form->addElement($range_tray);
386  unset($more, $less, $range_tray);
387  }
388 
389  $mailok_radio = new XoopsFormRadio(_MA_USER_SHOWMAILOK, "user_mailok", empty($_POST["user_mailok"]) ? "both" : $_POST["user_mailok"]);
390  $mailok_radio->addOptionArray(array(
391  "mailok" => _MA_USER_MAILOK ,
392  "mailng" => _MA_USER_MAILNG ,
393  "both" => _MA_USER_BOTH));
394  $avatar_radio = new XoopsFormRadio(_MA_USER_HASAVATAR, "user_avatar", empty($_POST["user_avatar"]) ? "both" : $_POST["user_avatar"]);
395  $avatar_radio->addOptionArray(array(
396  "y" => _YES ,
397  "n" => _NO ,
398  "both" => _MA_USER_BOTH));
399 
400  $level_radio = new XoopsFormRadio(_MA_USER_LEVEL, "level", @$_POST["level"]);
401  $levels = array(
402  0 => _ALL ,
403  1 => _MA_USER_LEVEL_ACTIVE ,
404  2 => _MA_USER_LEVEL_INACTIVE ,
405  3 => _MA_USER_LEVEL_DISABLED);
406  $level_radio->addOptionArray($levels);
407 
408  $member_handler =& xoops_gethandler('member');
409  $groups = $member_handler->getGroupList();
410  $groups[0] = _ALL;
411  $group_select = new XoopsFormSelect(_MA_USER_GROUP, 'groups', @$_POST['groups'], 3, true);
412  $group_select->addOptionArray($groups);
413 
414  $ranks = $rank_handler->getList();
415  $ranks[0] = _ALL;
416  $rank_select = new XoopsFormSelect(_MA_USER_RANK, 'rank', intval(@$_POST['rank']));
417  $rank_select->addOptionArray($ranks);
418  $form->addElement($url_text);
419  $form->addElement($location_text);
420  $form->addElement($occupation_text);
421  $form->addElement($interest_text);
422  $form->addElement($mailok_radio);
423  $form->addElement($avatar_radio);
424  $form->addElement($level_radio);
425  $form->addElement($group_select);
426  $form->addElement($rank_select);
427  } else {
428  foreach (array(
429  "uname" ,
430  "email") as $var) {
431  $title = $items_match[$var];
432  $text = new XoopsFormText("", $var, 30, 100, @$_POST[$var]);
433  $match = new XoopsFormSelectMatchOption("", "{$var}_match", @$_POST["{$var}_match"]);
434  $match_tray = new XoopsFormElementTray($title, "&nbsp;");
435  $match_tray->addElement($match);
436  $match_tray->addElement($text);
437  $form->addElement($match_tray);
438  unset($text, $match, $match_tray);
439  }
440  }
441 
442  $sort_select = new XoopsFormSelect(_MA_USER_SORT, "user_sort", @$_POST["user_sort"]);
443  $sort_select->addOptionArray(array(
444  "uname" => _MA_USER_UNAME ,
445  "last_login" => _MA_USER_LASTLOGIN ,
446  "user_regdate" => _MA_USER_REGDATE ,
447  "posts" => _MA_USER_POSTS));
448  $order_select = new XoopsFormSelect(_MA_USER_ORDER, "user_order", @$_POST["user_order"]);
449  $order_select->addOptionArray(array(
450  "ASC" => _MA_USER_ASC ,
451  "DESC" => _MA_USER_DESC));
452 
453  $form->addElement($sort_select);
454  $form->addElement($order_select);
455  }
456  $form->addElement(new XoopsFormText(_MA_USER_LIMIT, "limit", 6, 6, empty($_REQUEST["limit"]) ? 50 : intval($_REQUEST["limit"])));
457  $form->addElement(new XoopsFormHidden("mode", $mode));
458  $form->addElement(new XoopsFormHidden("target", @$_REQUEST["target"]));
459  $form->addElement(new XoopsFormHidden("multiple", @$_REQUEST["multiple"]));
460  $form->addElement(new XoopsFormHidden("token", $token));
461  $form->addElement(new XoopsFormButton("", "user_submit", _SUBMIT, "submit"));
462 
463  $acttotal = $user_handler->getCount(new Criteria('level', 0, '>'));
464  $inacttotal = $user_handler->getCount(new Criteria('level', 0, '<='));
465  echo "</html><body>";
466  echo "<h2 style='text-align:left;'>" . _MA_USER_FINDUS . " - " . $modes[$mode] . "</h2>";
467  $modes_switch = array();
468  foreach ($modes as $_mode => $title) {
469  if ($mode == $_mode)
470  continue;
471  $modes_switch[] = "<a href='findusers.php?target=" . htmlspecialchars(@$_REQUEST["target"], ENT_QUOTES) . "&amp;multiple=" . htmlspecialchars(@$_REQUEST["multiple"], ENT_QUOTES) . "&amp;token=" . htmlspecialchars($token, ENT_QUOTES) . "&amp;mode={$_mode}'>{$title}</a>";
472  }
473  echo "<h4>" . implode(" | ", $modes_switch) . "</h4>";
474  echo "(" . sprintf(_MA_USER_ACTUS, "<span style='color:#ff0000;'>$acttotal</span>") . " " . sprintf(_MA_USER_INACTUS, "<span style='color:#ff0000;'>$inacttotal</span>") . ")";
475  $form->display();
476 
477 } else {
478  $myts =& MyTextSanitizer::getInstance();
479  $limit = empty($_POST['limit']) ? 50 : intval($_POST['limit']);
480  $start = intval(@$_POST['start']);
481  if (!isset($_POST["query"])) {
482  $criteria = new CriteriaCompo();
483  foreach (array_keys($items_match) as $var) {
484  if (!empty($_POST[$var])) {
485  $match = (! empty($_POST["{$var}_match"])) ? intval($_POST["{$var}_match"]) : XOOPS_MATCH_START;
486  $value = str_replace("_", "\\\_", $myts->addSlashes(trim($_POST[$var])));
487  switch ($match) {
488  case XOOPS_MATCH_START:
489  $criteria->add(new Criteria($var, $value . '%', 'LIKE'));
490  break;
491  case XOOPS_MATCH_END:
492  $criteria->add(new Criteria($var, '%' . $value, 'LIKE'));
493  break;
494  case XOOPS_MATCH_EQUAL:
495  $criteria->add(new Criteria($var, $value));
496  break;
497  case XOOPS_MATCH_CONTAIN:
498  $criteria->add(new Criteria($var, '%' . $value . '%', 'LIKE'));
499  break;
500  }
501  }
502  }
503  if (!empty($_POST['url'])) {
504  $url = formatURL(trim($_POST['url']));
505  $criteria->add(new Criteria('url', $url . '%', 'LIKE'));
506  }
507  if (!empty($_POST['user_from'])) {
508  $criteria->add(new Criteria('user_from', '%' . $myts->addSlashes(trim($_POST['user_from'])) . '%', 'LIKE'));
509  }
510  if (!empty($_POST['user_intrest'])) {
511  $criteria->add(new Criteria('user_intrest', '%' . $myts->addSlashes(trim($_POST['user_intrest'])) . '%', 'LIKE'));
512  }
513  if (!empty($_POST['user_occ'])) {
514  $criteria->add(new Criteria('user_occ', '%' . $myts->addSlashes(trim($_POST['user_occ'])) . '%', 'LIKE'));
515  }
516  foreach (array(
517  "last_login" ,
518  "user_regdate") as $var) {
519  if (!empty($_POST["{$var}_more"]) && is_numeric($_POST["{$var}_more"])) {
520  $time = time() - (60 * 60 * 24 * intval(trim($_POST["{$var}_more"])));
521  if ($time > 0) {
522  $criteria->add(new Criteria($var, $time, '<='));
523  }
524  }
525  if (!empty($_POST["{$var}_less"]) && is_numeric($_POST["{$var}_less"])) {
526  $time = time() - (60 * 60 * 24 * intval(trim($_POST["{$var}_less"])));
527  if ($time > 0) {
528  $criteria->add(new Criteria($var, $time, '>='));
529  }
530  }
531  }
532  if (!empty($_POST['posts_more']) && is_numeric($_POST['posts_more'])) {
533  $criteria->add(new Criteria('posts', intval($_POST['posts_more']), '<='));
534  }
535  if (!empty($_POST['posts_less']) && is_numeric($_POST['posts_less'])) {
536  $criteria->add(new Criteria('posts', intval($_POST['posts_less']), '>='));
537  }
538  if (!empty($_POST['user_mailok'])) {
539  if ($_POST['user_mailok'] == "mailng") {
540  $criteria->add(new Criteria('user_mailok', 0));
541  } else if ($_POST['user_mailok'] == "mailok") {
542  $criteria->add(new Criteria('user_mailok', 1));
543  }
544  }
545  if (!empty($_POST['user_avatar'])) {
546  if ($_POST['user_avatar'] == "y") {
547  $criteria->add(new Criteria('user_avatar', "('', 'blank.gif')", 'NOT IN'));
548  } else if ($_POST['user_avatar'] == "n") {
549  $criteria->add(new Criteria('user_avatar', "('', 'blank.gif')", 'IN'));
550  }
551  }
552  if (!empty($_POST['level'])) {
553  $level_value = array(
554  1 => 1 ,
555  2 => 0 ,
556  3 => - 1);
557  $level = isset($level_value[intval($_POST["level"])]) ? $level_value[intval($_POST["level"])] : 1;
558  $criteria->add(new Criteria("level", $level));
559  }
560  if (!empty($_POST['rank'])) {
561  $rank_obj = $rank_handler->get($_POST['rank']);
562  if ($rank_obj->getVar("rank_special")) {
563  $criteria->add(new Criteria("rank", intval($_POST['rank'])));
564  } else {
565  if ($rank_obj->getVar("rank_min")) {
566  $criteria->add(new Criteria('posts', $rank_obj->getVar("rank_min"), '>='));
567  }
568  if ($rank_obj->getVar("rank_max")) {
569  $criteria->add(new Criteria('posts', $rank_obj->getVar("rank_max"), '<='));
570  }
571  }
572  }
573  $total = $user_handler->getCount($criteria, @$_POST["groups"]);
574  $validsort = array(
575  "uname" ,
576  "email" ,
577  "last_login" ,
578  "user_regdate" ,
579  "posts");
580  $sort = (!in_array($_POST['user_sort'], $validsort)) ? "uname" : $_POST['user_sort'];
581  $order = "ASC";
582  if (isset($_POST['user_order']) && $_POST['user_order'] == "DESC") {
583  $order = "DESC";
584  }
585  $criteria->setSort($sort);
586  $criteria->setOrder($order);
587  $criteria->setLimit($limit);
588  $criteria->setStart($start);
589  $foundusers = $user_handler->getAll($criteria, @$_POST["groups"]);
590  } else {
591  $query = trim($_POST["query"]);
592  // Query with alias
593  if (preg_match("/select[\s]+.*[\s]+from[\s]+(" . $xoopsDB->prefix("users") . "[\s]+as[\s]+([^\s]+).*)/i", $query, $matches)) {
594  $alias = $matches[2];
595  $subquery = $matches[1];
596 
597  // Query without alias
598  } else if (preg_match("/select[\s]+.*[\s]+from[\s]+(" . $xoopsDB->prefix("users") . "\b.*)/i", $query, $matches)) {
599  $alias = "";
600  $subquery = $matches[1];
601 
602  // Invalid query
603  } else {
604  $query = "SELECT * FROM " . $xoopsDB->prefix("users");
605  $subquery = $xoopsDB->prefix("users");
606  }
607  $sql_count = "SELECT COUNT(DISTINCT " . (empty($alias) ? "" : $alias . ".") . "uid) FROM " . $subquery;
608  $result = $xoopsDB->query($sql_count);
609  list ($total) = $xoopsDB->FetchRow($result);
610  $result = $xoopsDB->query($query, $limit, $start);
611  $foundusers = array();
612  while ($myrow = $xoopsDB->fetchArray($result)) {
613  $object = & $user_handler->create(false);
614  $object->assignVars($myrow);
615  $foundusers[$myrow["uid"]] = $object;
616  unset($object);
617  }
618  }
619 
620  echo $js_adduser = '
621  <script type="text/javascript">
622  var multiple=' . intval($_REQUEST['multiple']) . ';
623  function addusers()
624  {
625  var sel_str = "";
626  var num = 0;
627  var mForm = document.forms["' . $name_form . '"];
628  for (var i=0;i!=mForm.elements.length;i++) {
629  var id=mForm.elements[i];
630  if ( ( (multiple > 0 && id.type == "checkbox") || (multiple == 0 && id.type == "radio") ) && (id.checked == true) && ( id.name == "' . $name_userid . '" ) ) {
631  var name = mForm.elements[++i];
632  var len = id.value.length + name.value.length;
633  sel_str += len + ":" + id.value + ":" + name.value;
634  num ++;
635  }
636  }
637  if (num == 0) {
638  alert("' . _MA_USER_NOUSERSELECTED . '");
639  return false;
640  }
641  sel_str = num + ":" + sel_str;
642  window.opener.addusers(sel_str);
643  alert("' . _MA_USER_USERADDED . '");
644  if (multiple == 0) {
645  window.close();
646  window.opener.focus();
647  }
648  return true;
649  }
650  </script>
651  ';
652 
653  echo "</html><body>";
654  echo "<a href='findusers.php?target=" . htmlspecialchars(@$_POST["target"], ENT_QUOTES) . "&amp;multiple=" . intval(@$_POST["multiple"]) . "&amp;token=" . htmlspecialchars($token, ENT_QUOTES) . "'>" . _MA_USER_FINDUS . "</a>&nbsp;<span style='font-weight:bold;'>&raquo;&raquo;</span>&nbsp;" . _MA_USER_RESULTS . "<br /><br />";
655  if (empty($start) && empty($foundusers)) {
656  echo "<h4>" . _MA_USER_NOFOUND, "</h4>";
657  $hiddenform = "<form name='findnext' action='findusers.php' method='post'>";
658  foreach ($_POST as $k => $v) {
659  if ($k == 'XOOPS_TOKEN_REQUEST') {
660  // regenerate token value
661  $hiddenform .= $GLOBALS['xoopsSecurity']->getTokenHTML() . "\n";
662  } else {
663  $hiddenform .= "<input type='hidden' name='" . htmlSpecialChars($k, ENT_QUOTES) . "' value='" . htmlSpecialChars($myts->stripSlashesGPC($v), ENT_QUOTES) . "' />\n";
664  }
665  }
666  if (!isset($_POST['limit'])) {
667  $hiddenform .= "<input type='hidden' name='limit' value='{$limit}' />\n";
668  }
669  if (!isset($_POST['start'])) {
670  $hiddenform .= "<input type='hidden' name='start' value='{$start}' />\n";
671  }
672  $hiddenform .= "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n";
673  $hiddenform .= "</form>";
674 
675  echo "<div>" . $hiddenform;
676  echo "<a href='#' onclick='javascript:document.findnext.start.value=0;document.findnext.user_submit.value=0;document.findnext.submit();'>" . _MA_USER_SEARCHAGAIN . "</a>\n";
677  echo "</div>";
678  } else if ($start < $total) {
679  if (!empty($total)) {
680  echo sprintf(_MA_USER_USERSFOUND, $total) . "<br />";
681  }
682  if (!empty($foundusers)) {
683  echo "<form action='findusers.php' method='post' name='{$name_form}' id='{$name_form}'>
684  <table width='100%' border='0' cellspacing='1' cellpadding='4' class='outer'>
685  <tr>
686  <th align='center' width='5px'>";
687  if (! empty($_POST["multiple"])) {
688  echo "<input type='checkbox' name='memberslist_checkall' id='memberslist_checkall' onclick='xoopsCheckAll(\"{$name_form}\", \"memberslist_checkall\");' />";
689  }
690  echo "</th>
691  <th align='center'>" . _MA_USER_UNAME . "</th>
692  <th align='center'>" . _MA_USER_REALNAME . "</th>
693  <th align='center'>" . _MA_USER_REGDATE . "</th>
694  <th align='center'>" . _MA_USER_LASTLOGIN . "</th>
695  <th align='center'>" . _MA_USER_POSTS . "</th>
696  </tr>";
697  $ucount = 0;
698  foreach (array_keys($foundusers) as $j) {
699  if ($ucount % 2 == 0) {
700  $class = 'even';
701  } else {
702  $class = 'odd';
703  }
704  $ucount++;
705  $fuser_name = $foundusers[$j]->getVar("name") ? $foundusers[$j]->getVar("name") : "&nbsp;";
706  echo "<tr class='$class'>
707  <td align='center'>";
708  if (!empty($_POST["multiple"])) {
709  echo "<input type='checkbox' name='{$name_userid}' id='{$name_userid}' value='" . $foundusers[$j]->getVar("uid") . "' />";
710  echo "<input type='hidden' name='{$name_username}' id='{$name_username}' value='" . $foundusers[$j]->getVar("uname") . "' />";
711  } else {
712  echo "<input type='radio' name='{$name_userid}' id='{$name_userid}' value='" . $foundusers[$j]->getVar("uid") . "' />";
713  echo "<input type='hidden' name='{$name_username}' id='{$name_username}' value='" . $foundusers[$j]->getVar("uname") . "' />";
714  }
715  echo "</td>
716  <td><a href='" . XOOPS_URL . "/userinfo.php?uid=" . $foundusers[$j]->getVar("uid") . "' target='_blank'>" . $foundusers[$j]->getVar("uname") . "</a></td>
717  <td>" . $fuser_name . "</td>
718  <td align='center'>" . ($foundusers[$j]->getVar("user_regdate") ? date("Y-m-d", $foundusers[$j]->getVar("user_regdate")) : "") . "</td>
719  <td align='center'>" . ($foundusers[$j]->getVar("last_login") ? date("Y-m-d H:i", $foundusers[$j]->getVar("last_login")) : "") . "</td>
720  <td align='center'>" . $foundusers[$j]->getVar("posts") . "</td>";
721  echo "</tr>\n";
722  }
723  echo "<tr class='foot'><td colspan='6'>";
724 
725  // placeholder for external applications
726  if (empty($_POST["target"])) {
727  echo "<select name='fct'><option value='users'>" . _DELETE . "</option><option value='mailusers'>" . _MA_USER_SENDMAIL . "</option>";
728  echo "</select>&nbsp;";
729  echo $GLOBALS['xoopsSecurity']->getTokenHTML() . "<input type='submit' value='" . _SUBMIT . "' />";
730 
731  // Add selected users
732  } else {
733  echo "<input type='button' value='" . _MA_USER_ADD_SELECTED . "' onclick='addusers();' />";
734  }
735  echo "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n";
736  echo "</td></tr></table></form>\n";
737  }
738 
739  $hiddenform = "<form name='findnext' action='findusers.php' method='post'>";
740  foreach ($_POST as $k => $v) {
741  if ($k == 'XOOPS_TOKEN_REQUEST') {
742  // regenerate token value
743  $hiddenform .= $GLOBALS['xoopsSecurity']->getTokenHTML() . "\n";
744  } else {
745  $hiddenform .= "<input type='hidden' name='" . htmlSpecialChars($k, ENT_QUOTES) . "' value='" . htmlSpecialChars($myts->stripSlashesGPC($v), ENT_QUOTES) . "' />\n";
746  }
747  }
748  if (!isset($_POST['limit'])) {
749  $hiddenform .= "<input type='hidden' name='limit' value='" . $limit . "' />\n";
750  }
751  if (!isset($_POST['start'])) {
752  $hiddenform .= "<input type='hidden' name='start' value='" . $start . "' />\n";
753  }
754  $hiddenform .= "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n";
755  if (!isset($total) || ($totalpages = ceil($total / $limit)) > 1) {
756  $prev = $start - $limit;
757  if ($start - $limit >= 0) {
758  $hiddenform .= "<a href='#0' onclick='javascript:document.findnext.start.value=" . $prev . ";document.findnext.submit();'>" . _MA_USER_PREVIOUS . "</a>&nbsp;\n";
759  }
760  $counter = 1;
761  $currentpage = ($start + $limit) / $limit;
762  if (!isset($total)) {
763  while ($counter <= $currentpage) {
764  if ($counter == $currentpage) {
765  $hiddenform .= "<strong>" . $counter . "</strong> ";
766  } else if (($counter > $currentpage - 4 && $counter < $currentpage + 4) || $counter == 1) {
767  $hiddenform .= "<a href='#" . $counter . "' onclick='javascript:document.findnext.start.value=" . ($counter - 1) * $limit . ";document.findnext.submit();'>" . $counter . "</a> ";
768  if ($counter == 1 && $currentpage > 5) {
769  $hiddenform .= "... ";
770  }
771  }
772  $counter++;
773  }
774  } else {
775  while ($counter <= $totalpages) {
776  if ($counter == $currentpage) {
777  $hiddenform .= "<strong>" . $counter . "</strong> ";
778  } else if (($counter > $currentpage - 4 && $counter < $currentpage + 4) || $counter == 1 || $counter == $totalpages) {
779  if ($counter == $totalpages && $currentpage < $totalpages - 4) {
780  $hiddenform .= "... ";
781  }
782  $hiddenform .= "<a href='#" . $counter . "' onclick='javascript:document.findnext.start.value=" . ($counter - 1) * $limit . ";document.findnext.submit();'>" . $counter . "</a> ";
783  if ($counter == 1 && $currentpage > 5) {
784  $hiddenform .= "... ";
785  }
786  }
787  $counter++;
788  }
789  }
790 
791  $next = $start + $limit;
792  if ((isset($total) && $total > $next) || (!isset($total) && count($foundusers) >= $limit)) {
793  $hiddenform .= "&nbsp;<a href='#" . $total . "' onclick='javascript:document.findnext.start.value=" . $next . ";document.findnext.submit();'>" . _MA_USER_NEXT . "</a>\n";
794  }
795  }
796  $hiddenform .= "</form>";
797 
798  echo "<div>" . $hiddenform;
799  if (isset($total)) {
800  echo "<br />" . sprintf(_MA_USER_USERSFOUND, $total) . "&nbsp;";
801  }
802  echo "<a href='#' onclick='javascript:document.findnext.start.value=0;document.findnext.user_submit.value=0;document.findnext.submit();'>" . _MA_USER_SEARCHAGAIN . "</a>\n";
803  echo "</div>";
804  }
805 }
806 
807 xoops_footer();
808 
809 ?>