File include\findusers.php

1:	<?php
2:	/**
3:	* Find XOOPS users
4:	*
5:	* You may not change or alter any portion of this comment or credits
6:	* of supporting developers from this source code or any supporting source code
7:	* which is considered copyrighted (c) material of the original comment or credit authors.
8:	* This program is distributed in the hope that it will be useful,
9:	* but WITHOUT ANY WARRANTY; without even the implied warranty of
10:	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
11:	*
12:	* @copyright (c) 2000-2016 XOOPS Project (www.xoops.org)
13:	* @license GNU GPL 2 (https://www.gnu.org/licenses/gpl-2.0.html)
14:	* @package kernel
15:	* @since 2.3.0
16:	* @author Taiwen Jiang <phppp@users.sourceforge.net>
17:	*/
18:	/** @var XoopsUser $xoopsUser */
19:
20:	use Xmf\Request;
21:
22:	include_once dirname(__DIR__) . '/mainfile.php';
23:
24:	xoops_header(false);
25:
26:	$denied = true;
27:	if (Request::hasVar('token') && is_object($xoopsUser)) {
28:	if ($GLOBALS['xoopsSecurity']->validateToken(Request::getString('token'), false)) {
29:	$denied = false;
30:	}
31:	} elseif (is_object($xoopsUser) && $xoopsUser->isAdmin()) {
32:	$denied = false;
33:	}
34:
35:	if ($denied) {
36:	xoops_error(_NOPERM);
37:	exit();
38:	}
39:
40:	$token = Request::getString('token', '');
41:	$name_form = 'memberslist';
42:	$multiple = Request::getInt('multiple', 0);
43:	$name_userid = 'uid' . ((0 != $multiple) ? '[]' : '');
44:	$name_username = 'uname' . ((0 != $multiple) ? '[]' : '');
45:
46:	xoops_loadLanguage('findusers');
47:
48:	/**
49:	* Enter description here...
50:	*
51:	*/
52:	class XoopsRank extends XoopsObject
53:	{
54:	//PHP 8.2 Dynamic properties deprecated
55:	public $rank_id;
56:	public $rank_title;
57:	public $rank_min;
58:	public $rank_max;
59:	public $rank_special;
60:	public $rank_image;
61:
62:	/**
63:	* Construct
64:	*
65:	*/
66:	public function __construct()
67:	{
68:	parent::__construct();
69:	$this->initVar('rank_id', XOBJ_DTYPE_INT, null, false);
70:	$this->initVar('rank_title', XOBJ_DTYPE_TXTBOX, null, false);
71:	$this->initVar('rank_min', XOBJ_DTYPE_INT, 0);
72:	$this->initVar('rank_max', XOBJ_DTYPE_INT, 0);
73:	$this->initVar('rank_special', XOBJ_DTYPE_INT, 0);
74:	$this->initVar('rank_image', XOBJ_DTYPE_TXTBOX, '');
75:	}
76:	}
77:
78:	/**
79:	* Xoops Rank Handler
80:	*
81:	*/
82:	class XoopsRankHandler extends XoopsObjectHandler
83:	{
84:	/**
85:	* Constructor
86:	*
87:	* @param XoopsDatabase $db
88:	*/
89:	public function __construct(XoopsDatabase $db)
90:	{
91:	parent::__construct($db);
92:	}
93:
94:	/**
95:	* Create Object
96:	*
97:	* @param bool $isNew
98:	* @return XoopsRank
99:	*/
100:	public function create($isNew = true)
101:	{
102:	$obj = new XoopsRank();
103:	if ($isNew === true) {
104:	$obj->setNew();
105:	}
106:
107:	return $obj;
108:	}
109:
110:	/**
111:	* Get Object
112:	*
113:	* @param int $id
114:	* @return object
115:	*/
116:	public function get($id = 0)
117:	{
118:	$object = $this->create(false);
119:	$sql = 'SELECT * FROM ' . $this->db->prefix('ranks') . ' WHERE rank_id = ' . $this->db->quoteString($id);
120:	$result = $this->db->query($sql);
121:	if (!$this->db->isResultSet($result)) {
122:	$ret = null;
123:
124:	return $ret;
125:	}
126:
127:	while (false !== ($row = $this->db->fetchArray($result))) {
128:	$object->assignVars($row);
129:	}
130:
131:	return $object;
132:	}
133:
134:	/**
135:	* Get List
136:	*
137:	* @param CriteriaElement $criteria
138:	* @param int $limit
139:	* @param int $start
140:	* @return array
141:	*/
142:	public function getList(CriteriaElement $criteria = null, $limit = 0, $start = 0)
143:	{
144:	$ret = array();
145:	if ($criteria == null) {
146:	$criteria = new CriteriaCompo();
147:	}
148:
149:	$sql = 'SELECT rank_id, rank_title FROM ' . $this->db->prefix('ranks');
150:	if (isset($criteria) && \method_exists($criteria, 'renderWhere')) {
151:	$sql .= ' ' . $criteria->renderWhere();
152:	if ($criteria->getSort() != '') {
153:	$sql .= ' ORDER BY ' . $criteria->getSort() . ' ' . $criteria->getOrder();
154:	}
155:	$limit = $criteria->getLimit();
156:	$start = $criteria->getStart();
157:	}
158:	$result = $this->db->query($sql, $limit, $start);
159:	if (!$this->db->isResultSet($result)) {
160:	return $ret;
161:	}
162:	$myts = \MyTextSanitizer::getInstance();
163:	/** @var array $myrow */
164:	while (false !== ($myrow = $this->db->fetchArray($result))) {
165:	$ret[$myrow['rank_id']] = $myts->htmlSpecialChars($myrow['rank_title']);
166:	}
167:
168:	return $ret;
169:	}
170:	}
171:
172:	/**
173:	* Xoops Users Extend Class
174:	*
175:	*/
176:	class XoUser extends XoopsUser
177:	{
178:	/**
179:	* Enter Constructor
180:	*
181:	*/
182:	public function __construct()
183:	{
184:	parent::__construct();
185:	$unsets = array(
186:	'actkey',
187:	'pass',
188:	'theme',
189:	'umode',
190:	'uorder',
191:	'notify_mode');
192:	foreach ($unsets as $var) {
193:	unset($this->vars[$var]);
194:	}
195:	}
196:	}
197:
198:	/**
199:	* XoUser Handler
200:	*
201:	*/
202:	class XoUserHandler extends XoopsObjectHandler
203:	{
204:	/**
205:	* Enter description here...
206:	*
207:	* @param XoopsDatabase $db
208:	*/
209:	public function __construct(XoopsDatabase $db)
210:	{
211:	parent::__construct($db);
212:	}
213:
214:	/**
215:	* Create
216:	*
217:	* @param bool $isNew
218:	* @return XoUser
219:	*/
220:	public function create($isNew = true)
221:	{
222:	$obj = new XoUser();
223:	if ($isNew === true) {
224:	$obj->setNew();
225:	}
226:
227:	return $obj;
228:	}
229:
230:	/**
231:	* Get Count
232:	*
233:	* @param CriteriaElement $criteria
234:	* @param array $groups
235:	* @return int
236:	*/
237:	public function getCount(CriteriaElement $criteria = null, $groups = array())
238:	{
239:	if (!is_array($groups)) {
240:	$groups = array(
241:	$groups);
242:	}
243:	$groups = array_filter($groups);
244:	if (empty($groups)) {
245:	$sql = ' SELECT COUNT(DISTINCT u.uid) FROM ' . $this->db->prefix('users') . ' AS u' . ' WHERE 1=1';
246:	} else {
247:	$sql = ' SELECT COUNT(DISTINCT u.uid) FROM ' . $this->db->prefix('users') . ' AS u' . ' LEFT JOIN ' . $this->db->prefix('groups_users_link') . ' AS g ON g.uid = u.uid' . ' WHERE g.groupid IN (' . implode(', ', array_map('intval', $groups)) . ')';
248:	}
249:	if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) {
250:	// Use the direct renderer, assuming no `uid` in criteria
251:	if ($render = $criteria->render()) {
252:	$sql .= ' AND ' . $render;
253:	}
254:	}
255:	$result = $this->db->query($sql);
256:	if (!$this->db->isResultSet($result)) {
257:	throw new \RuntimeException(
258:	\sprintf(_DB_QUERY_ERROR, $sql) . $this->db->error(), E_USER_ERROR
259:	);
260:	}
261:	list($count) = $this->db->fetchRow($result);
262:
263:	return (int)$count;
264:	}
265:
266:	/**
267:	* GetAll
268:	*
269:	* @param CriteriaElement $criteria
270:	* @param array $groups
271:	* @return array of matching objects
272:	*/
273:	public function getAll(CriteriaElement $criteria = null, $groups = array())
274:	{
275:	if (!is_array($groups)) {
276:	$groups = array(
277:	$groups);
278:	}
279:	$groups = array_filter($groups);
280:	$limit = null;
281:	$start = null;
282:	if (empty($groups)) {
283:	$sql = ' SELECT u.* FROM ' . $this->db->prefix('users') . ' AS u' . ' WHERE 1=1';
284:	} else {
285:	$sql = ' SELECT u.* FROM ' . $this->db->prefix('users') . ' AS u' . ' LEFT JOIN ' . $this->db->prefix('groups_users_link') . ' AS g ON g.uid = u.uid' . ' WHERE g.groupid IN (' . implode(', ', array_map('intval', $groups)) . ')';
286:	}
287:	if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) {
288:	if ($render = $criteria->render()) {
289:	$sql .= ' AND ' . $render;
290:	}
291:	if ($sort = $criteria->getSort()) {
292:	$sql .= ' ORDER BY ' . $sort . ' ' . $criteria->getOrder();
293:	$orderSet = true;
294:	}
295:	$limit = $criteria->getLimit();
296:	$start = $criteria->getStart();
297:	}
298:	if (empty($orderSet)) {
299:	$sql .= ' ORDER BY u.uid ASC';
300:	}
301:	$result = $this->db->query($sql, $limit, $start);
302:	if (!$this->db->isResultSet($result)) {
303:	throw new \RuntimeException(
304:	\sprintf(_DB_QUERY_ERROR, $sql) . $this->db->error(), E_USER_ERROR
305:	);
306:	}
307:	$ret = array();
308:	/** @var array $myrow */
309:	while (false !== ($myrow = $this->db->fetchArray($result))) {
310:	$object = $this->create(false);
311:	$object->assignVars($myrow);
312:	$ret[$myrow['uid']] = $object;
313:	unset($object);
314:	}
315:
316:	return $ret;
317:	}
318:	}
319:
320:	$rank_handler = new XoopsRankHandler($xoopsDB);
321:	$user_handler = new XoUserHandler($xoopsDB);
322:
323:	$items_match = array(
324:	'uname' => _MA_USER_UNAME,
325:	'name' => _MA_USER_REALNAME,
326:	'email' => _MA_USER_EMAIL,
327:	// 'user_icq' => _MA_USER_ICQ,
328:	// 'user_aim' => _MA_USER_AIM,
329:	// 'user_yim' => _MA_USER_YIM,
330:	// 'user_msnm' => _MA_USER_MSNM,
331:	);
332:
333:	$items_range = array(
334:	'user_regdate' => _MA_USER_RANGE_USER_REGDATE,
335:	'last_login' => _MA_USER_RANGE_LAST_LOGIN,
336:	'posts' => _MA_USER_RANGE_POSTS);
337:
338:	define('FINDUSERS_MODE_SIMPLE', 0);
339:	define('FINDUSERS_MODE_ADVANCED', 1);
340:
341:	$modes = array(
342:	FINDUSERS_MODE_SIMPLE => _MA_USER_MODE_SIMPLE,
343:	FINDUSERS_MODE_ADVANCED => _MA_USER_MODE_ADVANCED,
344:	);
345:
346:	if (!Request::hasVar('user_submit', 'POST')) {
347:	include_once $GLOBALS['xoops']->path('class/xoopsformloader.php');
348:
349:	$form = new XoopsThemeForm(_MA_USER_FINDUS, 'user_findform', 'findusers.php', 'post', true);
350:	$mode = Request::getInt('mode', 0);
351:	if (FINDUSERS_MODE_ADVANCED == $mode) {
352:	foreach ($items_match as $var => $title) {
353:	$text = new XoopsFormText('', $var, 30, 100, Request::getString($var, '', 'POST'));
354:	$match = new XoopsFormSelectMatchOption('', "{$var}_match", Request::getInt("{$var}_match", 0));
355:	$match_tray = new XoopsFormElementTray($title, ' ');
356:	$match_tray->addElement($match);
357:	$match_tray->addElement($text);
358:	$form->addElement($match_tray);
359:	unset($text, $match, $match_tray);
360:	}
361:
362:	$url_text = new XoopsFormText(_MA_USER_URLC, 'url', 30, 100, Request::getUrl('url', '', 'POST'));
363:	$location_text = new XoopsFormText(_MA_USER_LOCATION, 'user_from', 30, 100, Request::getString('user_from', '', 'POST'));
364:	$occupation_text = new XoopsFormText(_MA_USER_OCCUPATION, 'user_occ', 30, 100, Request::getString('user_occ', '', 'POST'));
365:	$interest_text = new XoopsFormText(_MA_USER_INTEREST, 'user_intrest', 30, 100, Request::getString('user_intrest', '', 'POST'));
366:	foreach ($items_range as $var => $title) {
367:	$more = new XoopsFormText('', "{$var}_more", 10, 5, Request::getString("{$var}_more", '', 'POST'));
368:	$less = new XoopsFormText('', "{$var}_less", 10, 5, Request::getString("{$var}_less", '', 'POST'));
369:	$range_tray = new XoopsFormElementTray($title, ' -  ');
370:	$range_tray->addElement($less);
371:	$range_tray->addElement($more);
372:	$form->addElement($range_tray);
373:	unset($more, $less, $range_tray);
374:	}
375:
376:	$mailok_radio = new XoopsFormRadio(_MA_USER_SHOWMAILOK, 'user_mailok', Request::getString('user_mailok', 'both', 'POST'));
377:	$mailok_radio->addOptionArray(array(
378:	'mailok' => _MA_USER_MAILOK,
379:	'mailng' => _MA_USER_MAILNG,
380:	'both' => _MA_USER_BOTH
381:	));
382:	$avatar_radio = new XoopsFormRadio(_MA_USER_HASAVATAR, 'user_avatar', Request::getString('user_avatar', 'both', 'POST'));
383:	$avatar_radio->addOptionArray(array(
384:	'y' => _YES,
385:	'n' => _NO,
386:	'both' => _MA_USER_BOTH
387:	));
388:
389:	$level_radio = new XoopsFormRadio(_MA_USER_LEVEL, 'level', Request::getString('level', '', 'POST'));
390:	$levels = array(
391:	0 => _ALL,
392:	1 => _MA_USER_LEVEL_ACTIVE,
393:	2 => _MA_USER_LEVEL_INACTIVE,
394:	3 => _MA_USER_LEVEL_DISABLED
395:	);
396:	$level_radio->addOptionArray($levels);
397:
398:	/** @var XoopsMemberHandler $member_handler */
399:	$member_handler = xoops_getHandler('member');
400:	$groups = $member_handler->getGroupList();
401:	$groups[0] = _ALL;
402:	$group_select = new XoopsFormSelect(_MA_USER_GROUP, 'groups', Request::getInt('groups', 0), 3, true);
403:	$group_select->addOptionArray($groups);
404:
405:	$ranks = $rank_handler->getList();
406:	$ranks[0] = _ALL;
407:	$rank_select = new XoopsFormSelect(_MA_USER_RANK, 'rank', Request::getInt('rank', 0) );
408:	$rank_select->addOptionArray($ranks);
409:	$form->addElement($url_text);
410:	$form->addElement($location_text);
411:	$form->addElement($occupation_text);
412:	$form->addElement($interest_text);
413:	$form->addElement($mailok_radio);
414:	$form->addElement($avatar_radio);
415:	$form->addElement($level_radio);
416:	$form->addElement($group_select);
417:	$form->addElement($rank_select);
418:	} else {
419:	foreach (array('uname', 'email') as $var) {
420:	$title = $items_match[$var];
421:	$text = new XoopsFormText('', $var, 30, 100, Request::getString($var, '', 'POST'));
422:	$match = new XoopsFormSelectMatchOption('', "{$var}_match", Request::getInt("{$var}_match", 0));
423:	$match_tray = new XoopsFormElementTray($title, ' ');
424:	$match_tray->addElement($match);
425:	$match_tray->addElement($text);
426:	$form->addElement($match_tray);
427:	unset($text, $match, $match_tray);
428:	}
429:	}
430:
431:	$sort_select = new XoopsFormSelect(_MA_USER_SORT, 'user_sort', Request::getString('user_sort', '', 'POST'));
432:	$sort_select->addOptionArray(array(
433:	'uname' => _MA_USER_UNAME,
434:	'last_login' => _MA_USER_LASTLOGIN,
435:	'user_regdate' => _MA_USER_REGDATE,
436:	'posts' => _MA_USER_POSTS
437:	));
438:	$order_select = new XoopsFormSelect(_MA_USER_ORDER, 'user_order', Request::getString('user_order', '', 'POST'));
439:	$order_select->addOptionArray(array(
440:	'ASC' => _MA_USER_ASC,
441:	'DESC' => _MA_USER_DESC
442:	));
443:
444:	$form->addElement($sort_select);
445:	$form->addElement($order_select);
446:
447:	$form->addElement(new XoopsFormText(_MA_USER_LIMIT, 'limit', 6, 6, Request::getInt('limit', 50, 'POST')));
448:	$form->addElement(new XoopsFormHidden('mode', $mode));
449:	$form->addElement(new XoopsFormHidden('target', Request::getString('target', '', 'POST')));
450:	$form->addElement(new XoopsFormHidden('multiple', $multiple));
451:	$form->addElement(new XoopsFormHidden('token', $token));
452:	$form->addElement(new XoopsFormButton('', 'user_submit', _SUBMIT, 'submit'));
453:
454:	$acttotal = $user_handler->getCount(new Criteria('level', 0, '>'));
455:	$inacttotal = $user_handler->getCount(new Criteria('level', 0, '<='));
456:	echo '</html><body>';
457:	echo "<h2 style='text-align:left;'>" . _MA_USER_FINDUS . ' - ' . $modes[$mode] . '</h2>';
458:	$modes_switch = array();
459:	foreach ($modes as $_mode => $title) {
460:	if ($mode == $_mode) {
461:	continue;
462:	}
463:	$modes_switch[] = "<a href='findusers.php?target=" . htmlspecialchars(Request::getString('target', ''), ENT_QUOTES) . '&multiple=' . (string)$multiple . '&token=' . htmlspecialchars($token, ENT_QUOTES) . "&mode={$_mode}'>{$title}</a>";
464:	}
465:	echo '<h4>' . implode(' \| ', $modes_switch) . '</h4>';
466:	echo '(' . sprintf(_MA_USER_ACTUS, "<span style='color:#ff0000;'>$acttotal</span>") . ' ' . sprintf(_MA_USER_INACTUS, "<span style='color:#ff0000;'>$inacttotal</span>") . ')';
467:	$form->display();
468:	} else {
469:	$myts = \MyTextSanitizer::getInstance();
470:	$limit = Request::getInt('limit', 50, 'POST');
471:	$start = Request::getInt('start', 0, 'POST');
472:	if (Request::hasVar('query', 'POST')) {
473:	unset($_POST['query']);
474:	$query = '';
475:	}
476:
477:	$criteria = new CriteriaCompo();
478:	foreach (array_keys($items_match) as $var) {
479:	if (Request::hasVar($var, 'POST')) {
480:	$match = Request::getInt("{$var}_match", XOOPS_MATCH_START, 'POST');
481:	$value = $xoopsDB->escape(Request::getString($var, '', 'POST'));
482:	switch ($match) {
483:	case XOOPS_MATCH_START:
484:	$criteria->add(new Criteria($var, $value . '%', 'LIKE'));
485:	break;
486:	case XOOPS_MATCH_END:
487:	$criteria->add(new Criteria($var, '%' . $value, 'LIKE'));
488:	break;
489:	case XOOPS_MATCH_EQUAL:
490:	$criteria->add(new Criteria($var, $value));
491:	break;
492:	case XOOPS_MATCH_CONTAIN:
493:	$criteria->add(new Criteria($var, '%' . $value . '%', 'LIKE'));
494:	break;
495:	}
496:	}
497:	}
498:	if (Request::hasVar('url', 'POST')) {
499:	$url = formatURL(trim(Request::getUrl('url', '', 'POST')));
500:	$criteria->add(new Criteria('url', $url . '%', 'LIKE'));
501:	}
502:	if (Request::hasVar('user_from', 'POST')) {
503:	$criteria->add(new Criteria('user_from', '%' . $xoopsDB->escape(Request::getString('user_from', '', 'POST')) . '%', 'LIKE'));
504:	}
505:	if (Request::hasVar('user_intrest', 'POST')) {
506:	$criteria->add(new Criteria('user_intrest', '%' . $xoopsDB->escape(Request::getString('user_intrest', '', 'POST')) . '%', 'LIKE'));
507:	}
508:	if (Request::hasVar('user_occ', 'POST')) {
509:	$criteria->add(new Criteria('user_occ', '%' . $xoopsDB->escape(Request::getString('user_occ', '', 'POST')) . '%', 'LIKE'));
510:	}
511:	foreach (array('last_login', 'user_regdate') as $var) {
512:	if (Request::hasVar("{$var}_more", 'POST') && is_numeric($_POST["{$var}_more"])) {
513:	$time = time() - (60 * 60 * 24 * Request::getInt("{$var}_more", 0, 'POST'));
514:	if ($time > 0) {
515:	$criteria->add(new Criteria($var, $time, '<='));
516:	}
517:	}
518:	if (Request::hasVar("{$var}_less", 'POST') && is_numeric($_POST["{$var}_less"])) {
519:	$time = time() - (60 * 60 * 24 * Request::getInt("{$var}_less", 0, 'POST'));
520:	if ($time > 0) {
521:	$criteria->add(new Criteria($var, $time, '>='));
522:	}
523:	}
524:	}
525:	if (Request::hasVar('posts_more', 'POST') && is_numeric($_POST['posts_more'])) {
526:	$criteria->add(new Criteria('posts', Request::getInt('posts_more', 0, 'POST'), '<='));
527:	}
528:	if (Request::hasVar('posts_less', 'POST') && is_numeric($_POST['posts_less'])) {
529:	$criteria->add(new Criteria('posts', Request::getInt('posts_less', 0, 'POST'), '>='));
530:	}
531:	if (Request::hasVar('user_mailok', 'POST')) {
532:	if (Request::getString('user_mailok', '', 'POST') === 'mailng') {
533:	$criteria->add(new Criteria('user_mailok', 0));
534:	} elseif (Request::getString('user_mailok', '', 'POST') === 'mailok') {
535:	$criteria->add(new Criteria('user_mailok', 1));
536:	}
537:	}
538:	if (Request::hasVar('user_avatar', 'POST')) {
539:	if (Request::getString('user_avatar', '', 'POST') === 'y') {
540:	$criteria->add(new Criteria('user_avatar', "('', 'blank.gif')", 'NOT IN'));
541:	} elseif (Request::getString('user_avatar', '', 'POST') === 'n') {
542:	$criteria->add(new Criteria('user_avatar', "('', 'blank.gif')", 'IN'));
543:	}
544:	}
545:	if (Request::hasVar('level', 'POST')) {
546:	// $level_value = array(
547:	// 1 => 1,
548:	// 2 => 0,
549:	// 3 => -1
550:	// );
551:	$level = Request::getInt('level', 0, 'POST');
552:	if ($level > 0) {
553:	$criteria->add(new Criteria('level', $level));
554:	}
555:	}
556:	if (Request::hasVar('rank', 'POST')) {
557:	$rank_obj = $rank_handler->get(Request::getInt('rank', 0, 'POST'));
558:	if ($rank_obj->getVar('rank_special')) {
559:	$criteria->add(new Criteria('rank', Request::getInt('rank', 0, 'POST')));
560:	} else {
561:	if ($rank_obj->getVar('rank_min')) {
562:	$criteria->add(new Criteria('posts', $rank_obj->getVar('rank_min'), '>='));
563:	}
564:	if ($rank_obj->getVar('rank_max')) {
565:	$criteria->add(new Criteria('posts', $rank_obj->getVar('rank_max'), '<='));
566:	}
567:	}
568:	}
569:	$total = $user_handler->getCount($criteria, Request::getArray('groups', [], 'POST'));
570:	$validsort = array(
571:	'uname',
572:	'email',
573:	'last_login',
574:	'user_regdate',
575:	'posts'
576:	);
577:	$sort = (!in_array(Request::getString('user_sort', '', 'POST'), $validsort)) ? 'uname' : Request::getString('user_sort', '', 'POST');
578:	$order = 'ASC';
579:	if (Request::hasVar('user_order', 'POST') && Request::getString('user_order', '', 'POST') === 'DESC') {
580:	$order = 'DESC';
581:	}
582:	$criteria->setSort($sort);
583:	$criteria->setOrder($order);
584:	$criteria->setLimit($limit);
585:	$criteria->setStart($start);
586:	$foundusers = $user_handler->getAll($criteria, Request::getArray('groups', array(), 'POST'));
587:
588:	echo $js_adduser = '
589:	<script type="text/javascript">
590:	var multiple=' . (string) $multiple . ';
591:	function addusers()
592:	{
593:	var sel_str = "";
594:	var num = 0;
595:	var mForm = document.forms["' . $name_form . '"];
596:	for (var i=0;i!=mForm.elements.length;i++) {
597:	var id=mForm.elements[i];
598:	if ( ( (multiple > 0 && id.type == "checkbox") \|\| (multiple == 0 && id.type == "radio") ) && (id.checked == true) && ( id.name == "' . $name_userid . '" ) ) {
599:	var name = mForm.elements[++i];
600:	var len = id.value.length + name.value.length;
601:	sel_str += len + ":" + id.value + ":" + name.value;
602:	num ++;
603:	}
604:	}
605:	if (num == 0) {
606:	alert("' . _MA_USER_NOUSERSELECTED . '");
607:	return false;
608:	}
609:	sel_str = num + ":" + sel_str;
610:	window.opener.addusers(sel_str);
611:	alert("' . _MA_USER_USERADDED . '");
612:	if (multiple == 0) {
613:	window.close();
614:	window.opener.focus();
615:	}
616:	return true;
617:	}
618:	</script>
619:	';
620:
621:	echo '</html><body>';
622:	echo "<a href='findusers.php?target=" . htmlspecialchars(Request::getString('target', '', 'POST'), ENT_QUOTES) . '&multiple=' . (string)$multiple . '&token=' . htmlspecialchars($token, ENT_QUOTES) . "'>" . _MA_USER_FINDUS . "</a> <span style='font-weight:bold;'>»</span> " . _MA_USER_RESULTS . '<br><br>';
623:	if (empty($start) && empty($foundusers)) {
624:	echo '<h4>' . _MA_USER_NOFOUND, '</h4>';
625:	$hiddenform = "<form name='findnext' action='findusers.php' method='post'>";
626:	foreach ($_POST as $k => $v) {
627:	if ($k === 'XOOPS_TOKEN_REQUEST') {
628:	// regenerate token value
629:	$hiddenform .= $GLOBALS['xoopsSecurity']->getTokenHTML() . "\n";
630:	} elseif (is_array($v)) {
631:	foreach ($v as $temp) {
632:	$hiddenform .= "<input type='hidden' name='". htmlspecialchars($k, ENT_QUOTES)."' value='" . htmlspecialchars($temp, ENT_QUOTES) . "' />\n";
633:	}
634:	} else {
635:	$hiddenform .= "<input type='hidden' name='" . htmlspecialchars($k, ENT_QUOTES) . "' value='" . htmlspecialchars($v, ENT_QUOTES) . "' />\n";
636:	}
637:	}
638:	if (!Request::hasVar('limit', 'POST')) {
639:	$hiddenform .= "<input type='hidden' name='limit' value='{$limit}' />\n";
640:	}
641:	if (!Request::hasVar('start', 'POST')) {
642:	$hiddenform .= "<input type='hidden' name='start' value='{$start}' />\n";
643:	}
644:	$hiddenform .= "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n";
645:	$hiddenform .= '</form>';
646:
647:	echo '<div>' . $hiddenform;
648:	echo "<a href='#' onclick='document.findnext.start.value=0;document.findnext.user_submit.value=0;document.findnext.submit();'>" . _MA_USER_SEARCHAGAIN . "</a>\n";
649:	echo '</div>';
650:	} elseif ($start < $total) {
651:	if (!empty($total)) {
652:	echo sprintf(_MA_USER_USERSFOUND, $total) . '<br>';
653:	}
654:	if (!empty($foundusers)) {
655:	echo "<form action='findusers.php' method='post' name='{$name_form}' id='{$name_form}'>
656:	<table width='100%' border='0' cellspacing='1' cellpadding='4' class='outer'>
657:	<tr>
658:	<th align='center' width='5px'>";
659:	if ($multiple > 0 ) {
660:	echo "<input type='checkbox' name='memberslist_checkall' id='memberslist_checkall' onclick='xoopsCheckAll(\"{$name_form}\", \"memberslist_checkall\");' />";
661:	}
662:	echo "</th>
663:	<th align='center'>" . _MA_USER_UNAME . "</th>
664:	<th align='center'>" . _MA_USER_REALNAME . "</th>
665:	<th align='center'>" . _MA_USER_REGDATE . "</th>
666:	<th align='center'>" . _MA_USER_LASTLOGIN . "</th>
667:	<th align='center'>" . _MA_USER_POSTS . '</th>
668:	</tr>';
669:	$ucount = 0;
670:	foreach (array_keys($foundusers) as $j) {
671:	$class = 'odd';
672:	if ($ucount % 2 == 0) {
673:	$class = 'even';
674:	}
675:	++$ucount;
676:	$fuser_name = $foundusers[$j]->getVar('name') ?: ' ';
677:	echo "<tr class='$class'>
678:	<td align='center'>";
679:	if ($multiple > 0) {
680:	echo "<input type='checkbox' name='{$name_userid}' id='{$name_userid}' value='" . $foundusers[$j]->getVar('uid') . "' />";
681:	echo "<input type='hidden' name='{$name_username}' id='{$name_username}' value='" . $foundusers[$j]->getVar('uname') . "' />";
682:	} else {
683:	echo "<input type='radio' name='{$name_userid}' id='{$name_userid}' value='" . $foundusers[$j]->getVar('uid') . "' />";
684:	echo "<input type='hidden' name='{$name_username}' id='{$name_username}' value='" . $foundusers[$j]->getVar('uname') . "' />";
685:	}
686:	echo "</td>
687:	<td><a href='" . XOOPS_URL . '/userinfo.php?uid=' . $foundusers[$j]->getVar('uid') . "' target='_blank'>" . $foundusers[$j]->getVar('uname') . '</a></td>
688:	<td>' . $fuser_name . "</td>
689:	<td align='center'>" . ($foundusers[$j]->getVar('user_regdate') ? date('Y-m-d', $foundusers[$j]->getVar('user_regdate')) : '') . "</td>
690:	<td align='center'>" . ($foundusers[$j]->getVar('last_login') ? date('Y-m-d H:i', $foundusers[$j]->getVar('last_login')) : '') . "</td>
691:	<td align='center'>" . $foundusers[$j]->getVar('posts') . '</td>';
692:	echo "</tr>\n";
693:	}
694:	echo "<tr class='foot'><td colspan='6'>";
695:
696:	// placeholder for external applications
697:	if (!Request::hasVar('target', 'POST')) {
698:	echo "<select name='fct'><option value='users'>" . _DELETE . "</option><option value='mailusers'>" . _MA_USER_SENDMAIL . '</option>';
699:	echo '</select> ';
700:	echo $GLOBALS['xoopsSecurity']->getTokenHTML() . "<input type='submit' value='" . _SUBMIT . "' />";
701:
702:	// Add selected users
703:	} else {
704:	echo "<input type='button' value='" . _MA_USER_ADD_SELECTED . "' onclick='addusers();' />";
705:	}
706:	echo "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n";
707:	echo "</td></tr></table></form>\n";
708:	}
709:
710:	$hiddenform = "<form name='findnext' action='findusers.php' method='post'>";
711:	foreach ($_POST as $k => $v) {
712:	if ($k === 'XOOPS_TOKEN_REQUEST') {
713:	// regenerate token value
714:	$hiddenform .= $GLOBALS['xoopsSecurity']->getTokenHTML() . "\n";
715:	} elseif (is_array($v)) {
716:	foreach ($v as $temp) {
717:	$hiddenform .= "<input type='hidden' name='". htmlspecialchars($k, ENT_QUOTES)."' value='" . htmlspecialchars($temp, ENT_QUOTES) . "' />\n";
718:	}
719:	} else {
720:
721:	$hiddenform .= "<input type='hidden' name='" . htmlspecialchars($k, ENT_QUOTES) . "' value='" . htmlspecialchars($myts->stripSlashesGPC($v), ENT_QUOTES) . "' />\n";
722:	}
723:	}
724:	if (!Request::hasVar('limit', 'POST')) {
725:	$hiddenform .= "<input type='hidden' name='limit' value='" . $limit . "' />\n";
726:	}
727:	if (!Request::hasVar('start', 'POST')) {
728:	$hiddenform .= "<input type='hidden' name='start' value='" . $start . "' />\n";
729:	}
730:	$hiddenform .= "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n";
731:	if (!isset($total) \|\| ($totalpages = ceil($total / $limit)) > 1) {
732:	$prev = $start - $limit;
733:	if ($start - $limit >= 0) {
734:	$hiddenform .= "<a href='#0' onclick='document.findnext.start.value=" . $prev . ";document.findnext.submit();'>" . _MA_USER_PREVIOUS . "</a> \n";
735:	}
736:	$counter = 1;
737:	$currentpage = ($start + $limit) / $limit;
738:	if (!isset($total)) {
739:	while ($counter <= $currentpage) {
740:	if ($counter == $currentpage) {
741:	$hiddenform .= '<strong>' . $counter . '</strong> ';
742:	} elseif (($counter > $currentpage - 4 && $counter < $currentpage + 4) \|\| $counter == 1) {
743:	$hiddenform .= "<a href='#" . $counter . "' onclick='document.findnext.start.value=" . ($counter - 1) * $limit . ";document.findnext.submit();'>" . $counter . '</a> ';
744:	if ($counter == 1 && $currentpage > 5) {
745:	$hiddenform .= '... ';
746:	}
747:	}
748:	++$counter;
749:	}
750:	} else {
751:	while ($counter <= $totalpages) {
752:	if ($counter == $currentpage) {
753:	$hiddenform .= '<strong>' . $counter . '</strong> ';
754:	} elseif (($counter > $currentpage - 4 && $counter < $currentpage + 4) \|\| $counter == 1 \|\| $counter == $totalpages) {
755:	if ($counter == $totalpages && $currentpage < $totalpages - 4) {
756:	$hiddenform .= '... ';
757:	}
758:	$hiddenform .= "<a href='#" . $counter . "' onclick='document.findnext.start.value=" . ($counter - 1) * $limit . ";document.findnext.submit();'>" . $counter . '</a> ';
759:	if ($counter == 1 && $currentpage > 5) {
760:	$hiddenform .= '... ';
761:	}
762:	}
763:	++$counter;
764:	}
765:	}
766:
767:	$next = $start + $limit;
768:	if ((isset($total) && $total > $next) \|\| (!isset($total) && count($foundusers) >= $limit)) {
769:	$hiddenform .= " <a href='#" . $total . "' onclick='document.findnext.start.value=" . $next . ";document.findnext.submit();'>" . _MA_USER_NEXT . "</a>\n";
770:	}
771:	}
772:	$hiddenform .= '</form>';
773:
774:	echo '<div>' . $hiddenform;
775:	if (isset($total)) {
776:	echo '<br>' . sprintf(_MA_USER_USERSFOUND, $total) . ' ';
777:	}
778:	echo "<a href='#' onclick='document.findnext.start.value=0;document.findnext.user_submit.value=0;document.findnext.submit();'>" . _MA_USER_SEARCHAGAIN . "</a>\n";
779:	echo '</div>';
780:	}
781:	}
782:
783:	xoops_footer();
784:

Namespaces

Classes

Interfaces

Exceptions

Functions