1: <?php
2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17:
18:
19:
20: include_once dirname(__DIR__) . '/mainfile.php';
21:
22: xoops_header(false);
23:
24: $denied = true;
25: if (!empty($_REQUEST['token'])) {
26: if ($GLOBALS['xoopsSecurity']->validateToken($_REQUEST['token'], false)) {
27: $denied = false;
28: }
29: } elseif (is_object($xoopsUser) && $xoopsUser->isAdmin()) {
30: $denied = false;
31: }
32: if ($denied) {
33: xoops_error(_NOPERM);
34: exit();
35: }
36:
37: $token = isset($_REQUEST['token']) ? $_REQUEST['token'] : '';
38: $name_form = 'memberslist';
39: $name_userid = 'uid' . (!empty($_REQUEST['multiple']) ? '[]' : '');
40: $name_username = 'uname' . (!empty($_REQUEST['multiple']) ? '[]' : '');
41:
42: xoops_loadLanguage('findusers');
43:
44: 45: 46: 47:
48: class XoopsRank extends XoopsObject
49: {
50: 51: 52: 53:
54: public function __construct()
55: {
56: parent::__construct();
57: $this->initVar('rank_id', XOBJ_DTYPE_INT, null, false);
58: $this->initVar('rank_title', XOBJ_DTYPE_TXTBOX, null, false);
59: $this->initVar('rank_min', XOBJ_DTYPE_INT, 0);
60: $this->initVar('rank_max', XOBJ_DTYPE_INT, 0);
61: $this->initVar('rank_special', XOBJ_DTYPE_INT, 0);
62: $this->initVar('rank_image', XOBJ_DTYPE_TXTBOX, '');
63: }
64: }
65:
66: 67: 68: 69:
70: class XoopsRankHandler extends XoopsObjectHandler
71: {
72: 73: 74: 75: 76:
77: public function __construct(XoopsDatabase $db)
78: {
79: parent::__construct($db);
80: }
81:
82: 83: 84: 85: 86: 87:
88: public function create($isNew = true)
89: {
90: $obj = new XoopsRank();
91: if ($isNew === true) {
92: $obj->setNew();
93: }
94:
95: return $obj;
96: }
97:
98: 99: 100: 101: 102: 103:
104: public function get($id = 0)
105: {
106: $object = $this->create(false);
107: $sql = 'SELECT * FROM ' . $this->db->prefix('ranks') . ' WHERE rank_id = ' . $this->db->quoteString($id);
108: if (!$result = $this->db->query($sql)) {
109: $ret = null;
110:
111: return $ret;
112: }
113: while ($row = $this->db->fetchArray($result)) {
114: $object->assignVars($row);
115: }
116:
117: return $object;
118: }
119:
120: 121: 122: 123: 124: 125: 126: 127:
128: public function getList(CriteriaElement $criteria = null, $limit = 0, $start = 0)
129: {
130: $ret = array();
131: if ($criteria == null) {
132: $criteria = new CriteriaCompo();
133: }
134:
135: $sql = 'SELECT rank_id, rank_title FROM ' . $this->db->prefix('ranks');
136: if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) {
137: $sql .= ' ' . $criteria->renderWhere();
138: if ($criteria->getSort() != '') {
139: $sql .= ' ORDER BY ' . $criteria->getSort() . ' ' . $criteria->getOrder();
140: }
141: $limit = $criteria->getLimit();
142: $start = $criteria->getStart();
143: }
144: $result = $this->db->query($sql, $limit, $start);
145: if (!$result) {
146: return $ret;
147: }
148: $myts = MyTextSanitizer::getInstance();
149: while ($myrow = $this->db->fetchArray($result)) {
150: $ret[$myrow['rank_id']] = $myts->htmlSpecialChars($myrow['rank_title']);
151: }
152:
153: return $ret;
154: }
155: }
156:
157: 158: 159: 160:
161: class XoUser extends XoopsUser
162: {
163: 164: 165: 166:
167: public function __construct()
168: {
169: parent::__construct();
170: $unsets = array(
171: 'actkey',
172: 'pass',
173: 'theme',
174: 'umode',
175: 'uorder',
176: 'notify_mode');
177: foreach ($unsets as $var) {
178: unset($this->vars[$var]);
179: }
180: }
181: }
182:
183: 184: 185: 186:
187: class XoUserHandler extends XoopsObjectHandler
188: {
189: 190: 191: 192: 193:
194: public function __construct(XoopsDatabase $db)
195: {
196: parent::__construct($db);
197: }
198:
199: 200: 201: 202: 203: 204:
205: public function create($isNew = true)
206: {
207: $obj = new XoUser();
208: if ($isNew === true) {
209: $obj->setNew();
210: }
211:
212: return $obj;
213: }
214:
215: 216: 217: 218: 219: 220: 221:
222: public function getCount(CriteriaElement $criteria = null, $groups = array())
223: {
224: if (!is_array($groups)) {
225: $groups = array(
226: $groups);
227: }
228: $groups = array_filter($groups);
229: if (empty($groups)) {
230: $sql = ' SELECT COUNT(DISTINCT u.uid) FROM ' . $this->db->prefix('users') . ' AS u' . ' WHERE 1=1';
231: } else {
232: $sql = ' SELECT COUNT(DISTINCT u.uid) FROM ' . $this->db->prefix('users') . ' AS u' . ' LEFT JOIN ' . $this->db->prefix('groups_users_link') . ' AS g ON g.uid = u.uid' . ' WHERE g.groupid IN (' . implode(', ', array_map('intval', $groups)) . ')';
233: }
234: if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) {
235:
236: if ($render = $criteria->render()) {
237: $sql .= ' AND ' . $render;
238: }
239: }
240: $result = $this->db->query($sql);
241: list($count) = $this->db->fetchRow($result);
242:
243: return $count;
244: }
245:
246: 247: 248: 249: 250: 251: 252:
253: public function getAll(CriteriaElement $criteria = null, $groups = array())
254: {
255: if (!is_array($groups)) {
256: $groups = array(
257: $groups);
258: }
259: $groups = array_filter($groups);
260: $limit = null;
261: $start = null;
262: if (empty($groups)) {
263: $sql = ' SELECT u.* FROM ' . $this->db->prefix('users') . ' AS u' . ' WHERE 1=1';
264: } else {
265: $sql = ' SELECT u.* FROM ' . $this->db->prefix('users') . ' AS u' . ' LEFT JOIN ' . $this->db->prefix('groups_users_link') . ' AS g ON g.uid = u.uid' . ' WHERE g.groupid IN (' . implode(', ', array_map('intval', $groups)) . ')';
266: }
267: if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) {
268: if ($render = $criteria->render()) {
269: $sql .= ' AND ' . $render;
270: }
271: if ($sort = $criteria->getSort()) {
272: $sql .= ' ORDER BY ' . $sort . ' ' . $criteria->getOrder();
273: $orderSet = true;
274: }
275: $limit = $criteria->getLimit();
276: $start = $criteria->getStart();
277: }
278: if (empty($orderSet)) {
279: $sql .= ' ORDER BY u.uid ASC';
280: }
281: $result = $this->db->query($sql, $limit, $start);
282: $ret = array();
283: while ($myrow = $this->db->fetchArray($result)) {
284: $object = $this->create(false);
285: $object->assignVars($myrow);
286: $ret[$myrow['uid']] = $object;
287: unset($object);
288: }
289:
290: return $ret;
291: }
292: }
293:
294: $rank_handler = new XoopsRankHandler($xoopsDB);
295: $user_handler = new XoUserHandler($xoopsDB);
296:
297: $items_match = array(
298: 'uname' => _MA_USER_UNAME,
299: 'name' => _MA_USER_REALNAME,
300: 'email' => _MA_USER_EMAIL,
301: 'user_icq' => _MA_USER_ICQ,
302: 'user_aim' => _MA_USER_AIM,
303: 'user_yim' => _MA_USER_YIM,
304: 'user_msnm' => _MA_USER_MSNM);
305:
306: $items_range = array(
307: 'user_regdate' => _MA_USER_RANGE_USER_REGDATE,
308: 'last_login' => _MA_USER_RANGE_LAST_LOGIN,
309: 'posts' => _MA_USER_RANGE_POSTS);
310:
311: define('FINDUSERS_MODE_SIMPLE', 0);
312: define('FINDUSERS_MODE_ADVANCED', 1);
313: define('FINDUSERS_MODE_QUERY', 2);
314:
315: $modes = array(
316: FINDUSERS_MODE_SIMPLE => _MA_USER_MODE_SIMPLE,
317: FINDUSERS_MODE_ADVANCED => _MA_USER_MODE_ADVANCED,
318: FINDUSERS_MODE_QUERY => _MA_USER_MODE_QUERY);
319:
320: if (empty($_POST['user_submit'])) {
321: include_once $GLOBALS['xoops']->path('class/xoopsformloader.php');
322:
323: $form = new XoopsThemeForm(_MA_USER_FINDUS, 'user_findform', 'findusers.php', 'post', true);
324: $mode = (int)(@$_REQUEST['mode']);
325: if (FINDUSERS_MODE_QUERY == $mode) {
326: $form->addElement(new XoopsFormTextArea(_MA_USER_QUERY, 'query', @$_POST['query']));
327: } else {
328: if (FINDUSERS_MODE_ADVANCED == $mode) {
329: foreach ($items_match as $var => $title) {
330: $text = new XoopsFormText('', $var, 30, 100, @$_POST[$var]);
331: $match = new XoopsFormSelectMatchOption('', "{$var}_match", @$_POST["{$var}_match"]);
332: $match_tray = new XoopsFormElementTray($title, ' ');
333: $match_tray->addElement($match);
334: $match_tray->addElement($text);
335: $form->addElement($match_tray);
336: unset($text, $match, $match_tray);
337: }
338:
339: $url_text = new XoopsFormText(_MA_USER_URLC, 'url', 30, 100, @$_POST['url']);
340: $location_text = new XoopsFormText(_MA_USER_LOCATION, 'user_from', 30, 100, @$_POST['user_from']);
341: $occupation_text = new XoopsFormText(_MA_USER_OCCUPATION, 'user_occ', 30, 100, @$_POST['user_occ']);
342: $interest_text = new XoopsFormText(_MA_USER_INTEREST, 'user_intrest', 30, 100, @$_POST['user_intrest']);
343: foreach ($items_range as $var => $title) {
344: $more = new XoopsFormText('', "{$var}_more", 10, 5, @$_POST["{$var}_more"]);
345: $less = new XoopsFormText('', "{$var}_less", 10, 5, @$_POST["{$var}_less"]);
346: $range_tray = new XoopsFormElementTray($title, ' - ');
347: $range_tray->addElement($less);
348: $range_tray->addElement($more);
349: $form->addElement($range_tray);
350: unset($more, $less, $range_tray);
351: }
352:
353: $mailok_radio = new XoopsFormRadio(_MA_USER_SHOWMAILOK, 'user_mailok', empty($_POST['user_mailok']) ? 'both' : $_POST['user_mailok']);
354: $mailok_radio->addOptionArray(array(
355: 'mailok' => _MA_USER_MAILOK,
356: 'mailng' => _MA_USER_MAILNG,
357: 'both' => _MA_USER_BOTH));
358: $avatar_radio = new XoopsFormRadio(_MA_USER_HASAVATAR, 'user_avatar', empty($_POST['user_avatar']) ? 'both' : $_POST['user_avatar']);
359: $avatar_radio->addOptionArray(array(
360: 'y' => _YES,
361: 'n' => _NO,
362: 'both' => _MA_USER_BOTH));
363:
364: $level_radio = new XoopsFormRadio(_MA_USER_LEVEL, 'level', @$_POST['level']);
365: $levels = array(
366: 0 => _ALL,
367: 1 => _MA_USER_LEVEL_ACTIVE,
368: 2 => _MA_USER_LEVEL_INACTIVE,
369: 3 => _MA_USER_LEVEL_DISABLED);
370: $level_radio->addOptionArray($levels);
371:
372:
373: $member_handler = xoops_getHandler('member');
374: $groups = $member_handler->getGroupList();
375: $groups[0] = _ALL;
376: $group_select = new XoopsFormSelect(_MA_USER_GROUP, 'groups', @$_POST['groups'], 3, true);
377: $group_select->addOptionArray($groups);
378:
379: $ranks = $rank_handler->getList();
380: $ranks[0] = _ALL;
381: $rank_select = new XoopsFormSelect(_MA_USER_RANK, 'rank', (int)(@$_POST['rank']));
382: $rank_select->addOptionArray($ranks);
383: $form->addElement($url_text);
384: $form->addElement($location_text);
385: $form->addElement($occupation_text);
386: $form->addElement($interest_text);
387: $form->addElement($mailok_radio);
388: $form->addElement($avatar_radio);
389: $form->addElement($level_radio);
390: $form->addElement($group_select);
391: $form->addElement($rank_select);
392: } else {
393: foreach (array(
394: 'uname',
395: 'email') as $var) {
396: $title = $items_match[$var];
397: $text = new XoopsFormText('', $var, 30, 100, @$_POST[$var]);
398: $match = new XoopsFormSelectMatchOption('', "{$var}_match", @$_POST["{$var}_match"]);
399: $match_tray = new XoopsFormElementTray($title, ' ');
400: $match_tray->addElement($match);
401: $match_tray->addElement($text);
402: $form->addElement($match_tray);
403: unset($text, $match, $match_tray);
404: }
405: }
406:
407: $sort_select = new XoopsFormSelect(_MA_USER_SORT, 'user_sort', @$_POST['user_sort']);
408: $sort_select->addOptionArray(array(
409: 'uname' => _MA_USER_UNAME,
410: 'last_login' => _MA_USER_LASTLOGIN,
411: 'user_regdate' => _MA_USER_REGDATE,
412: 'posts' => _MA_USER_POSTS));
413: $order_select = new XoopsFormSelect(_MA_USER_ORDER, 'user_order', @$_POST['user_order']);
414: $order_select->addOptionArray(array(
415: 'ASC' => _MA_USER_ASC,
416: 'DESC' => _MA_USER_DESC));
417:
418: $form->addElement($sort_select);
419: $form->addElement($order_select);
420: }
421: $form->addElement(new XoopsFormText(_MA_USER_LIMIT, 'limit', 6, 6, empty($_REQUEST['limit']) ? 50 : (int)$_REQUEST['limit']));
422: $form->addElement(new XoopsFormHidden('mode', $mode));
423: $form->addElement(new XoopsFormHidden('target', @$_REQUEST['target']));
424: $form->addElement(new XoopsFormHidden('multiple', @$_REQUEST['multiple']));
425: $form->addElement(new XoopsFormHidden('token', $token));
426: $form->addElement(new XoopsFormButton('', 'user_submit', _SUBMIT, 'submit'));
427:
428: $acttotal = $user_handler->getCount(new Criteria('level', 0, '>'));
429: $inacttotal = $user_handler->getCount(new Criteria('level', 0, '<='));
430: echo '</html><body>';
431: echo "<h2 style='text-align:left;'>" . _MA_USER_FINDUS . ' - ' . $modes[$mode] . '</h2>';
432: $modes_switch = array();
433: foreach ($modes as $_mode => $title) {
434: if ($mode == $_mode) {
435: continue;
436: }
437: $modes_switch[] = "<a href='findusers.php?target=" . htmlspecialchars(@$_REQUEST['target'], ENT_QUOTES) . '&multiple=' . htmlspecialchars(@$_REQUEST['multiple'], ENT_QUOTES) . '&token=' . htmlspecialchars($token, ENT_QUOTES) . "&mode={$_mode}'>{$title}</a>";
438: }
439: echo '<h4>' . implode(' | ', $modes_switch) . '</h4>';
440: echo '(' . sprintf(_MA_USER_ACTUS, "<span style='color:#ff0000;'>$acttotal</span>") . ' ' . sprintf(_MA_USER_INACTUS, "<span style='color:#ff0000;'>$inacttotal</span>") . ')';
441: $form->display();
442: } else {
443: $myts = MyTextSanitizer::getInstance();
444: $limit = empty($_POST['limit']) ? 50 : (int)$_POST['limit'];
445: $start = (int)(@$_POST['start']);
446: if (!isset($_POST['query'])) {
447: $criteria = new CriteriaCompo();
448: foreach (array_keys($items_match) as $var) {
449: if (!empty($_POST[$var])) {
450: $match = (!empty($_POST["{$var}_match"])) ? (int)$_POST["{$var}_match"] : XOOPS_MATCH_START;
451: $value = str_replace('_', "\\\_", $myts->addSlashes(trim($_POST[$var])));
452: switch ($match) {
453: case XOOPS_MATCH_START:
454: $criteria->add(new Criteria($var, $value . '%', 'LIKE'));
455: break;
456: case XOOPS_MATCH_END:
457: $criteria->add(new Criteria($var, '%' . $value, 'LIKE'));
458: break;
459: case XOOPS_MATCH_EQUAL:
460: $criteria->add(new Criteria($var, $value));
461: break;
462: case XOOPS_MATCH_CONTAIN:
463: $criteria->add(new Criteria($var, '%' . $value . '%', 'LIKE'));
464: break;
465: }
466: }
467: }
468: if (!empty($_POST['url'])) {
469: $url = formatURL(trim($_POST['url']));
470: $criteria->add(new Criteria('url', $url . '%', 'LIKE'));
471: }
472: if (!empty($_POST['user_from'])) {
473: $criteria->add(new Criteria('user_from', '%' . $myts->addSlashes(trim($_POST['user_from'])) . '%', 'LIKE'));
474: }
475: if (!empty($_POST['user_intrest'])) {
476: $criteria->add(new Criteria('user_intrest', '%' . $myts->addSlashes(trim($_POST['user_intrest'])) . '%', 'LIKE'));
477: }
478: if (!empty($_POST['user_occ'])) {
479: $criteria->add(new Criteria('user_occ', '%' . $myts->addSlashes(trim($_POST['user_occ'])) . '%', 'LIKE'));
480: }
481: foreach (array(
482: 'last_login',
483: 'user_regdate') as $var) {
484: if (!empty($_POST["{$var}_more"]) && is_numeric($_POST["{$var}_more"])) {
485: $time = time() - (60 * 60 * 24 * (int)trim($_POST["{$var}_more"]));
486: if ($time > 0) {
487: $criteria->add(new Criteria($var, $time, '<='));
488: }
489: }
490: if (!empty($_POST["{$var}_less"]) && is_numeric($_POST["{$var}_less"])) {
491: $time = time() - (60 * 60 * 24 * (int)trim($_POST["{$var}_less"]));
492: if ($time > 0) {
493: $criteria->add(new Criteria($var, $time, '>='));
494: }
495: }
496: }
497: if (!empty($_POST['posts_more']) && is_numeric($_POST['posts_more'])) {
498: $criteria->add(new Criteria('posts', (int)$_POST['posts_more'], '<='));
499: }
500: if (!empty($_POST['posts_less']) && is_numeric($_POST['posts_less'])) {
501: $criteria->add(new Criteria('posts', (int)$_POST['posts_less'], '>='));
502: }
503: if (!empty($_POST['user_mailok'])) {
504: if ($_POST['user_mailok'] === 'mailng') {
505: $criteria->add(new Criteria('user_mailok', 0));
506: } elseif ($_POST['user_mailok'] === 'mailok') {
507: $criteria->add(new Criteria('user_mailok', 1));
508: }
509: }
510: if (!empty($_POST['user_avatar'])) {
511: if ($_POST['user_avatar'] === 'y') {
512: $criteria->add(new Criteria('user_avatar', "('', 'blank.gif')", 'NOT IN'));
513: } elseif ($_POST['user_avatar'] === 'n') {
514: $criteria->add(new Criteria('user_avatar', "('', 'blank.gif')", 'IN'));
515: }
516: }
517: if (!empty($_POST['level'])) {
518: $level_value = array(
519: 1 => 1,
520: 2 => 0,
521: 3 => -1);
522: $level = isset($level_value[(int)$_POST['level']]) ? $level_value[(int)$_POST['level']] : 1;
523: $criteria->add(new Criteria('level', $level));
524: }
525: if (!empty($_POST['rank'])) {
526: $rank_obj = $rank_handler->get($_POST['rank']);
527: if ($rank_obj->getVar('rank_special')) {
528: $criteria->add(new Criteria('rank', (int)$_POST['rank']));
529: } else {
530: if ($rank_obj->getVar('rank_min')) {
531: $criteria->add(new Criteria('posts', $rank_obj->getVar('rank_min'), '>='));
532: }
533: if ($rank_obj->getVar('rank_max')) {
534: $criteria->add(new Criteria('posts', $rank_obj->getVar('rank_max'), '<='));
535: }
536: }
537: }
538: $total = $user_handler->getCount($criteria, @$_POST['groups']);
539: $validsort = array(
540: 'uname',
541: 'email',
542: 'last_login',
543: 'user_regdate',
544: 'posts');
545: $sort = (!in_array($_POST['user_sort'], $validsort)) ? 'uname' : $_POST['user_sort'];
546: $order = 'ASC';
547: if (isset($_POST['user_order']) && $_POST['user_order'] === 'DESC') {
548: $order = 'DESC';
549: }
550: $criteria->setSort($sort);
551: $criteria->setOrder($order);
552: $criteria->setLimit($limit);
553: $criteria->setStart($start);
554: $foundusers = $user_handler->getAll($criteria, @$_POST['groups']);
555: } else {
556: $query = trim($_POST['query']);
557:
558: if (preg_match("/select[\s]+.*[\s]+from[\s]+(" . $xoopsDB->prefix('users') . "[\s]+as[\s]+(\S+).*)/i", $query, $matches)) {
559: $alias = $matches[2];
560: $subquery = $matches[1];
561:
562:
563: } elseif (preg_match("/select[\s]+.*[\s]+from[\s]+(" . $xoopsDB->prefix('users') . "\b.*)/i", $query, $matches)) {
564: $alias = '';
565: $subquery = $matches[1];
566:
567:
568: } else {
569: $query = 'SELECT * FROM ' . $xoopsDB->prefix('users');
570: $subquery = $xoopsDB->prefix('users');
571: }
572: $sql_count = 'SELECT COUNT(DISTINCT ' . (empty($alias) ? '' : $alias . '.') . 'uid) FROM ' . $subquery;
573: $result = $xoopsDB->query($sql_count);
574: list($total) = $xoopsDB->FetchRow($result);
575: $result = $xoopsDB->query($query, $limit, $start);
576: $foundusers = array();
577: while ($myrow = $xoopsDB->fetchArray($result)) {
578: $object = $user_handler->create(false);
579: $object->assignVars($myrow);
580: $foundusers[$myrow['uid']] = $object;
581: unset($object);
582: }
583: }
584:
585: echo $js_adduser = '
586: <script type="text/javascript">
587: var multiple=' . (int)$_REQUEST['multiple'] . ';
588: function addusers()
589: {
590: var sel_str = "";
591: var num = 0;
592: var mForm = document.forms["' . $name_form . '"];
593: for (var i=0;i!=mForm.elements.length;i++) {
594: var id=mForm.elements[i];
595: if ( ( (multiple > 0 && id.type == "checkbox") || (multiple == 0 && id.type == "radio") ) && (id.checked == true) && ( id.name == "' . $name_userid . '" ) ) {
596: var name = mForm.elements[++i];
597: var len = id.value.length + name.value.length;
598: sel_str += len + ":" + id.value + ":" + name.value;
599: num ++;
600: }
601: }
602: if (num == 0) {
603: alert("' . _MA_USER_NOUSERSELECTED . '");
604: return false;
605: }
606: sel_str = num + ":" + sel_str;
607: window.opener.addusers(sel_str);
608: alert("' . _MA_USER_USERADDED . '");
609: if (multiple == 0) {
610: window.close();
611: window.opener.focus();
612: }
613: return true;
614: }
615: </script>
616: ';
617:
618: echo '</html><body>';
619: echo "<a href='findusers.php?target=" . htmlspecialchars(@$_POST['target'], ENT_QUOTES) . '&multiple=' . (int)(@$_POST['multiple']) . '&token=' . htmlspecialchars($token, ENT_QUOTES) . "'>" . _MA_USER_FINDUS . "</a> <span style='font-weight:bold;'>»</span> " . _MA_USER_RESULTS . '<br><br>';
620: if (empty($start) && empty($foundusers)) {
621: echo '<h4>' . _MA_USER_NOFOUND, '</h4>';
622: $hiddenform = "<form name='findnext' action='findusers.php' method='post'>";
623: foreach ($_POST as $k => $v) {
624: if ($k === 'XOOPS_TOKEN_REQUEST') {
625:
626: $hiddenform .= $GLOBALS['xoopsSecurity']->getTokenHTML() . "\n";
627: } else {
628: $hiddenform .= "<input type='hidden' name='" . htmlspecialchars($k, ENT_QUOTES) . "' value='" . htmlspecialchars($myts->stripSlashesGPC($v), ENT_QUOTES) . "' />\n";
629: }
630: }
631: if (!isset($_POST['limit'])) {
632: $hiddenform .= "<input type='hidden' name='limit' value='{$limit}' />\n";
633: }
634: if (!isset($_POST['start'])) {
635: $hiddenform .= "<input type='hidden' name='start' value='{$start}' />\n";
636: }
637: $hiddenform .= "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n";
638: $hiddenform .= '</form>';
639:
640: echo '<div>' . $hiddenform;
641: echo "<a href='#' onclick='document.findnext.start.value=0;document.findnext.user_submit.value=0;document.findnext.submit();'>" . _MA_USER_SEARCHAGAIN . "</a>\n";
642: echo '</div>';
643: } elseif ($start < $total) {
644: if (!empty($total)) {
645: echo sprintf(_MA_USER_USERSFOUND, $total) . '<br>';
646: }
647: if (!empty($foundusers)) {
648: echo "<form action='findusers.php' method='post' name='{$name_form}' id='{$name_form}'>
649: <table width='100%' border='0' cellspacing='1' cellpadding='4' class='outer'>
650: <tr>
651: <th align='center' width='5px'>";
652: if (!empty($_POST['multiple'])) {
653: echo "<input type='checkbox' name='memberslist_checkall' id='memberslist_checkall' onclick='xoopsCheckAll(\"{$name_form}\", \"memberslist_checkall\");' />";
654: }
655: echo "</th>
656: <th align='center'>" . _MA_USER_UNAME . "</th>
657: <th align='center'>" . _MA_USER_REALNAME . "</th>
658: <th align='center'>" . _MA_USER_REGDATE . "</th>
659: <th align='center'>" . _MA_USER_LASTLOGIN . "</th>
660: <th align='center'>" . _MA_USER_POSTS . '</th>
661: </tr>';
662: $ucount = 0;
663: foreach (array_keys($foundusers) as $j) {
664: $class = 'odd';
665: if ($ucount % 2 == 0) {
666: $class = 'even';
667: }
668: ++$ucount;
669: $fuser_name = $foundusers[$j]->getVar('name') ?: ' ';
670: echo "<tr class='$class'>
671: <td align='center'>";
672: if (!empty($_POST['multiple'])) {
673: echo "<input type='checkbox' name='{$name_userid}' id='{$name_userid}' value='" . $foundusers[$j]->getVar('uid') . "' />";
674: echo "<input type='hidden' name='{$name_username}' id='{$name_username}' value='" . $foundusers[$j]->getVar('uname') . "' />";
675: } else {
676: echo "<input type='radio' name='{$name_userid}' id='{$name_userid}' value='" . $foundusers[$j]->getVar('uid') . "' />";
677: echo "<input type='hidden' name='{$name_username}' id='{$name_username}' value='" . $foundusers[$j]->getVar('uname') . "' />";
678: }
679: echo "</td>
680: <td><a href='" . XOOPS_URL . '/userinfo.php?uid=' . $foundusers[$j]->getVar('uid') . "' target='_blank'>" . $foundusers[$j]->getVar('uname') . '</a></td>
681: <td>' . $fuser_name . "</td>
682: <td align='center'>" . ($foundusers[$j]->getVar('user_regdate') ? date('Y-m-d', $foundusers[$j]->getVar('user_regdate')) : '') . "</td>
683: <td align='center'>" . ($foundusers[$j]->getVar('last_login') ? date('Y-m-d H:i', $foundusers[$j]->getVar('last_login')) : '') . "</td>
684: <td align='center'>" . $foundusers[$j]->getVar('posts') . '</td>';
685: echo "</tr>\n";
686: }
687: echo "<tr class='foot'><td colspan='6'>";
688:
689:
690: if (empty($_POST['target'])) {
691: echo "<select name='fct'><option value='users'>" . _DELETE . "</option><option value='mailusers'>" . _MA_USER_SENDMAIL . '</option>';
692: echo '</select> ';
693: echo $GLOBALS['xoopsSecurity']->getTokenHTML() . "<input type='submit' value='" . _SUBMIT . "' />";
694:
695:
696: } else {
697: echo "<input type='button' value='" . _MA_USER_ADD_SELECTED . "' onclick='addusers();' />";
698: }
699: echo "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n";
700: echo "</td></tr></table></form>\n";
701: }
702:
703: $hiddenform = "<form name='findnext' action='findusers.php' method='post'>";
704: foreach ($_POST as $k => $v) {
705: if ($k === 'XOOPS_TOKEN_REQUEST') {
706:
707: $hiddenform .= $GLOBALS['xoopsSecurity']->getTokenHTML() . "\n";
708: } else {
709: $hiddenform .= "<input type='hidden' name='" . htmlspecialchars($k, ENT_QUOTES) . "' value='" . htmlspecialchars($myts->stripSlashesGPC($v), ENT_QUOTES) . "' />\n";
710: }
711: }
712: if (!isset($_POST['limit'])) {
713: $hiddenform .= "<input type='hidden' name='limit' value='" . $limit . "' />\n";
714: }
715: if (!isset($_POST['start'])) {
716: $hiddenform .= "<input type='hidden' name='start' value='" . $start . "' />\n";
717: }
718: $hiddenform .= "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n";
719: if (!isset($total) || ($totalpages = ceil($total / $limit)) > 1) {
720: $prev = $start - $limit;
721: if ($start - $limit >= 0) {
722: $hiddenform .= "<a href='#0' onclick='document.findnext.start.value=" . $prev . ";document.findnext.submit();'>" . _MA_USER_PREVIOUS . "</a> \n";
723: }
724: $counter = 1;
725: $currentpage = ($start + $limit) / $limit;
726: if (!isset($total)) {
727: while ($counter <= $currentpage) {
728: if ($counter == $currentpage) {
729: $hiddenform .= '<strong>' . $counter . '</strong> ';
730: } elseif (($counter > $currentpage - 4 && $counter < $currentpage + 4) || $counter == 1) {
731: $hiddenform .= "<a href='#" . $counter . "' onclick='document.findnext.start.value=" . ($counter - 1) * $limit . ";document.findnext.submit();'>" . $counter . '</a> ';
732: if ($counter == 1 && $currentpage > 5) {
733: $hiddenform .= '... ';
734: }
735: }
736: ++$counter;
737: }
738: } else {
739: while ($counter <= $totalpages) {
740: if ($counter == $currentpage) {
741: $hiddenform .= '<strong>' . $counter . '</strong> ';
742: } elseif (($counter > $currentpage - 4 && $counter < $currentpage + 4) || $counter == 1 || $counter == $totalpages) {
743: if ($counter == $totalpages && $currentpage < $totalpages - 4) {
744: $hiddenform .= '... ';
745: }
746: $hiddenform .= "<a href='#" . $counter . "' onclick='document.findnext.start.value=" . ($counter - 1) * $limit . ";document.findnext.submit();'>" . $counter . '</a> ';
747: if ($counter == 1 && $currentpage > 5) {
748: $hiddenform .= '... ';
749: }
750: }
751: ++$counter;
752: }
753: }
754:
755: $next = $start + $limit;
756: if ((isset($total) && $total > $next) || (!isset($total) && count($foundusers) >= $limit)) {
757: $hiddenform .= " <a href='#" . $total . "' onclick='document.findnext.start.value=" . $next . ";document.findnext.submit();'>" . _MA_USER_NEXT . "</a>\n";
758: }
759: }
760: $hiddenform .= '</form>';
761:
762: echo '<div>' . $hiddenform;
763: if (isset($total)) {
764: echo '<br>' . sprintf(_MA_USER_USERSFOUND, $total) . ' ';
765: }
766: echo "<a href='#' onclick='document.findnext.start.value=0;document.findnext.user_submit.value=0;document.findnext.submit();'>" . _MA_USER_SEARCHAGAIN . "</a>\n";
767: echo '</div>';
768: }
769: }
770:
771: xoops_footer();
772: