Context Navigation

source: trunk/services/admins.php @ 762

Last change on this file since 762 was 762, checked in by anonymous, 2 years ago
Redirect if requesting login.php when already logged-in. Remove depreciated method usage.
File size: 22.5 KB

Rev	Line
[1]	1	<?php
	2	/**
[362]	3	* The Strangecode Codebase - a general application development framework for PHP
	4	* For details visit the project site: <http://trac.strangecode.com/codebase/>
[396]	5	* Copyright 2001-2012 Strangecode, LLC
[441]	6	*
[362]	7	* This file is part of The Strangecode Codebase.
	8	*
	9	* The Strangecode Codebase is free software: you can redistribute it and/or
	10	* modify it under the terms of the GNU General Public License as published by the
	11	* Free Software Foundation, either version 3 of the License, or (at your option)
	12	* any later version.
[441]	13	*
[362]	14	* The Strangecode Codebase is distributed in the hope that it will be useful, but
	15	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	16	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
	17	* details.
[441]	18	*
[362]	19	* You should have received a copy of the GNU General Public License along with
	20	* The Strangecode Codebase. If not, see <http://www.gnu.org/licenses/>.
	21	*/
	22
	23	/**
[42]	24	* admins.php
[1]	25	*/
	26
	27	// require_once dirname(__FILE__) . '/_config.inc.php';
	28
	29	$auth->requireLogin();
	30
	31	require_once 'codebase/lib/PageNumbers.inc.php';
[136]	32	require_once 'codebase/lib/Cache.inc.php';
[1]	33	require_once 'codebase/lib/FormValidator.inc.php';
	34	require_once 'codebase/lib/SortOrder.inc.php';
[497]	35	require_once 'codebase/lib/HTML.inc.php';
[1]	36	require_once 'codebase/lib/Prefs.inc.php';
[137]	37	require_once 'codebase/lib/Lock.inc.php';
	38	require_once 'codebase/lib/Version.inc.php';
[1]	39
	40
[143]	41	/********************************************************************
	42	* CONFIG
	43	********************************************************************/
[42]	44
[1]	45	// Titles and navigation header.
[202]	46	$nav->add(_("Administrators"), null);
[535]	47	$nav->set('id', 'admins');
[42]	48
[1]	49	// The object to validate form input.
	50	$fv = new FormValidator();
	51
[152]	52	// Configure the prefs object.
[153]	53	$tmp_prefs = new Prefs('admins');
	54	$tmp_prefs->setParam(array('persistent' => false));
[136]	55
[152]	56	// Configure the cache object.
[468]	57	$cache =& Cache::getInstance('admins');
[405]	58	$cache->setParam(array('enabled' => false)); // Better leave disabled; the list gets out of sync with the db otherwise, somehow.
[152]	59
[1]	60	// Instantiate a sorting object with the default sort and order. Add SQL for each column.
[295]	61	$so = new SortOrder('admin_id', 'DESC');
	62	$so->setColumn('admin_id', $auth->getParam('db_primary_key') . ' ASC', $auth->getParam('db_primary_key') . ' DESC');
	63	$so->setColumn('username', $auth->getParam('db_username_column') . ' ASC', $auth->getParam('db_username_column') . ' DESC');
	64	$so->setColumn('userpass', $auth->getParam('db_table') . '.userpass ASC', $auth->getParam('db_table') . '.userpass DESC');
	65	$so->setColumn('first_name', $auth->getParam('db_table') . '.first_name ASC', $auth->getParam('db_table') . '.first_name DESC');
	66	$so->setColumn('last_name', $auth->getParam('db_table') . '.last_name ASC', $auth->getParam('db_table') . '.last_name DESC');
	67	$so->setColumn('email', $auth->getParam('db_table') . '.email ASC', $auth->getParam('db_table') . '.email DESC');
	68	$so->setColumn('seconds_online', $auth->getParam('db_table') . '.seconds_online ASC', $auth->getParam('db_table') . '.seconds_online DESC');
	69	$so->setColumn('last_login_datetime', $auth->getParam('db_table') . '.last_login_datetime ASC', $auth->getParam('db_table') . '.last_login_datetime DESC');
	70	$so->setColumn('last_access_datetime', $auth->getParam('db_table') . '.last_access_datetime ASC', $auth->getParam('db_table') . '.last_access_datetime DESC');
	71	$so->setColumn('last_login_ip', $auth->getParam('db_table') . '.last_login_ip ASC', $auth->getParam('db_table') . '.last_login_ip DESC');
	72	$so->setColumn('added_by_user_id', $auth->getParam('db_table') . '.added_by_user_id ASC', $auth->getParam('db_table') . '.added_by_user_id DESC');
	73	$so->setColumn('modified_by_user_id', $auth->getParam('db_table') . '.modified_by_user_id ASC', $auth->getParam('db_table') . '.modified_by_user_id DESC');
	74	$so->setColumn('added_datetime', $auth->getParam('db_table') . '.added_datetime ASC', $auth->getParam('db_table') . '.added_datetime DESC');
	75	$so->setColumn('modified_datetime', $auth->getParam('db_table') . '.modified_datetime ASC', $auth->getParam('db_table') . '.modified_datetime DESC');
[1]	76
	77	// Instantiate page numbers. Total items are set and calculation is done in the getRecordList function.
	78	$page = new PageNumbers();
	79	$page->setPerPage(getFormData('per_page'), 50);
[676]	80	$page->setPageNumber(getFormData('page_number', (getFormData('sort') ? 1 : null)));
[1]	81
[408]	82	// Query parameters to retain only locally.
	83	$locally_carried_queries = array(
	84	'search_query',
[676]	85	'break_list_cache' => $app->validBoomerangURL('accounts'),
[408]	86	);
[1]	87
[143]	88	/********************************************************************
	89	* MAIN
	90	********************************************************************/
[42]	91
[1]	92	// We may want to use the add/edit interface from another script, so this
	93	// allows us to remember which page we came from so we can go back there.
[20]	94	if (getFormData('boomerang', false) && isset($_SERVER['HTTP_REFERER'])) {
[136]	95	$app->setBoomerangURL($_SERVER['HTTP_REFERER'], 'admins');
[1]	96	}
	97
	98	if (getFormData('break_list_cache', false)) {
[152]	99	// Remove any stale cached list data.
	100	$cache->delete('list');
[1]	101	}
	102
	103	// What action to take.
	104	switch (getFormData('op')) {
	105
	106	case 'add' :
	107	// Initialize variables for the form template.
	108	$frm =& addRecordForm();
[266]	109	$nav->add(_("Add Administrator"));
[1]	110	$main_template = 'admin_form.ihtml';
	111	break;
	112
	113	case 'edit' :
	114	// Initialize variables for the form template.
	115	$frm =& editRecordForm(getFormData('admin_id'));
[266]	116	$nav->add(_("Edit Administrator"));
[1]	117	$main_template = 'admin_form.ihtml';
	118	break;
	119
	120	case 'del' :
	121	deleteRecord(getFormData('admin_id'));
[136]	122	if ($app->validBoomerangURL('admins')) {
[1]	123	// Display boomerang page.
[408]	124	$app->dieBoomerangURL('admins', $locally_carried_queries);
[1]	125	}
	126	// Display default page.
[408]	127	$app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
[1]	128	break;
	129
	130	case 'insert' :
[676]	131	if (getFormdata('btn_cancel', false)) {
[136]	132	if ($app->validBoomerangURL('admins')) {
[22]	133	// Display boomerang page.
[408]	134	$app->dieBoomerangURL('admins', $locally_carried_queries);
[22]	135	}
	136	// Display default page.
[408]	137	$app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
[1]	138	}
	139	validateInput();
	140	if ($fv->anyErrors()) {
	141	$frm =& addRecordForm();
	142	$frm = array_merge($frm, getFormData());
[266]	143	$nav->add(_("Add Administrator"));
[1]	144	$main_template = 'admin_form.ihtml';
	145	} else {
	146	$admin_id = insertRecord(getFormData());
[676]	147	if (getFormdata('btn_repeat', false)) {
[1]	148	// Display function again.
[408]	149	$app->dieURL($_SERVER['PHP_SELF'] . '?op=add', $locally_carried_queries);
[136]	150	} else if ($app->validBoomerangURL('admins')) {
[1]	151	// Display boomerang page.
[408]	152	$app->dieBoomerangURL('admins', $locally_carried_queries);
[1]	153	}
	154	// Display default page.
[408]	155	$app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
[1]	156	}
	157	break;
	158
	159	case 'update' :
[676]	160	if (getFormdata('btn_reset', false)) {
[136]	161	$app->raiseMsg(_("Saved values have been reloaded."), MSG_NOTICE, __FILE__, __LINE__);
[408]	162	$app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&admin_id=' . getFormData('admin_id'), $locally_carried_queries);
[1]	163	}
[676]	164	if (getFormdata('btn_cancel', false)) {
[1]	165	// Remove lock
[295]	166	$lock->select($auth->getParam('db_table'), $auth->getParam('db_primary_key'), getFormData('admin_id'));
[1]	167	$lock->remove();
[136]	168	if ($app->validBoomerangURL('admins')) {
[1]	169	// Display boomerang page.
[408]	170	$app->dieBoomerangURL('admins', $locally_carried_queries);
[1]	171	}
	172	// Display default page.
[408]	173	$app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
[1]	174	}
	175	validateInput();
	176	if ($fv->anyErrors()) {
	177	$frm =& editRecordForm(getFormData('admin_id'));
	178	$frm = array_merge($frm, getFormData());
[266]	179	$nav->add(_("Edit Administrator"));
[1]	180	$main_template = 'admin_form.ihtml';
	181	} else {
	182	updateRecord(getFormData());
[676]	183	if (getFormdata('btn_repeat', false)) {
[1]	184	// Display edit function with next available ID.
[295]	185	$qid = $db->query("SELECT " . $auth->getParam('db_primary_key') . " FROM " . $auth->getParam('db_table') . " WHERE " . $auth->getParam('db_primary_key') . " > '" . $db->escapeString(getFormData('admin_id')) . "' ORDER BY " . $auth->getParam('db_primary_key') . " ASC LIMIT 1");
[1]	186	if (list($next_id) = mysql_fetch_row($qid)) {
[408]	187	$app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&admin_id=' . $next_id, $locally_carried_queries);
[1]	188	} else {
[136]	189	$app->raiseMsg(_("Cannot edit next, the end of the list was reached"), MSG_NOTICE, __FILE__, __LINE__);
[1]	190	}
[136]	191	} else if ($app->validBoomerangURL('admins')) {
[1]	192	// Display boomerang page.
[408]	193	$app->dieBoomerangURL('admins', $locally_carried_queries);
[1]	194	}
	195	// Display default page.
[408]	196	$app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries);
[1]	197	}
	198	break;
	199
	200	default :
	201	$list =& getRecordList();
	202	$main_template = 'admin_list.ihtml';
	203	break;
	204	}
	205
	206	/******************************************************************************
	207	* TEMPLATE INITIALIZATION
	208	*****************************************************************************/
	209
[676]	210	$nav->set('body_id', 'admins');
	211
[1]	212	include 'header.ihtml';
[408]	213	$app->carryQuery($locally_carried_queries);
[1]	214	include 'codebase/services/templates/' . $main_template;
	215	include 'footer.ihtml';
	216
[143]	217	/********************************************************************
	218	* FUNCTIONS
	219	********************************************************************/
[1]	220
	221
	222	function validateInput()
	223	{
	224	global $fv, $auth;
	225
	226	// If the username was changed during edit, verify.
	227	if (((getFormData('username') != getFormData('old_username')) && 'update' == getFormData('op'))
	228	\|\| 'insert' == getFormData('op')) {
	229	if ($auth->usernameExists(getFormData('username'))) {
[141]	230	$fv->addError('username', sprintf(_("The username %s already exists. Please choose another."), getFormData('username')));
[1]	231	}
	232	}
	233
[676]	234	$fv->numericRange('admin_id', 0, 32767, _("<strong>Admin ID</strong> must be a valid number between 0 and 32767."));
[1]	235
	236	$fv->isEmpty('username', _("<strong>Username</strong> cannot be blank."));
	237	$fv->stringLength('username', 0, 255, _("<strong>Username</strong> must contain less than 256 characters."));
[42]	238
[676]	239	if ('insert' == getFormData('op')) {
	240	$fv->isEmpty('userpass', _("<strong>Password</strong> cannot be blank."));
	241	}
[677]	242	if ('insert' == getFormData('op') \|\| ('update' == getFormData('op') && strlen(getFormData('userpass')) > 0)) {
[676]	243	$fv->stringLength('userpass', 8, 100, _("<strong>Password</strong> must be between 8 and 100 characters long."));
	244	}
[42]	245
[1]	246	$fv->stringLength('first_name', 0, 255, _("<strong>First name</strong> must contain less than 256 characters."));
[42]	247
[1]	248	$fv->stringLength('last_name', 0, 255, _("<strong>Last name</strong> must contain less than 256 characters."));
[19]	249
	250	$fv->isEmpty('email', _("<strong>Email</strong> cannot be blank."));
[1]	251	$fv->validateEmail('email');
	252	}
	253
	254	function &addRecordForm()
	255	{
[19]	256	// Set default values for the reset of the fields.
	257	$frm = array(
	258	'admin_id' => '',
[72]	259	'old_username' => '',
[19]	260	'username' => '',
	261	'userpass' => '',
	262	'first_name' => '',
	263	'last_name' => '',
	264	'email' => '',
	265	'seconds_online' => '0',
[601]	266	'last_login_datetime' => '',
	267	'last_access_datetime' => '',
[19]	268	'last_login_ip' => '0.0.0.0',
	269	'added_by_user_id' => '',
	270	'modified_by_user_id' => '',
[601]	271	'added_datetime' => '',
	272	'modified_datetime' => '',
[19]	273	'new_op' => 'insert',
[676]	274	'user_type' => '',
[19]	275	'submit_buttons' => array(
[676]	276	array('name' => 'btn_submit', 'value' => _("Add Administrator"), 'accesskey' => 's'),
	277	array('name' => 'btn_repeat', 'class' => 'secondary', 'value' => _("Add & repeat"), 'accesskey' => 'r'),
	278	array('name' => 'btn_cancel', 'class' => 'secondary', 'value' => _("Cancel"), 'accesskey' => 'c'),
[19]	279	),
	280	);
[1]	281
	282	return $frm;
	283	}
	284
	285	function &editRecordForm($id)
	286	{
[295]	287	global $auth;
[22]	288	global $lock;
[497]	289	global $locally_carried_queries;
[479]	290	$app =& App::getInstance();
	291	$db =& DB::getInstance();
[441]	292
[295]	293	$lock->select($auth->getParam('db_table'), $auth->getParam('db_primary_key'), $id);
[1]	294	if ($lock->isLocked() && !$lock->isMine()) {
	295	$lock->dieErrorPage();
[19]	296	}
	297
	298	// Get the information for the form.
[136]	299	$qid = $db->query("
[295]	300	SELECT *,
	301	" . $auth->getParam('db_primary_key') . " AS admin_id
	302	FROM " . $auth->getParam('db_table') . "
	303	WHERE " . $auth->getParam('db_primary_key') . " = '" . $db->escapeString($id) . "'
[19]	304	");
	305	if (!$frm = mysql_fetch_assoc($qid)) {
[136]	306	$app->logMsg('Could not find record with admin_id: ' . $id, LOG_WARNING, __FILE__, __LINE__);
[676]	307	$app->raiseMsg(sprintf(_("The requested user %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__);
[408]	308	$app->dieBoomerangURL('admins', $locally_carried_queries);
[19]	309	}
[42]	310
[19]	311	// Lock this record.
[295]	312	$lock->set($auth->getParam('db_table'), $auth->getParam('db_primary_key'), $id, $frm['username']);
[42]	313
[19]	314	// Set misc values for the form.
	315	$frm = array_merge(array(
	316	'admin_id' => '',
	317	'old_username' => $frm['username'],
	318	'username' => '',
[676]	319	'userpass' => '',
[19]	320	'first_name' => '',
	321	'last_name' => '',
	322	'email' => '',
	323	'seconds_online' => '0',
[601]	324	'last_login_datetime' => '',
	325	'last_access_datetime' => '',
[676]	326	'last_login_ip' => '',
[19]	327	'added_by_user_id' => '',
	328	'modified_by_user_id' => '',
[601]	329	'added_datetime' => '',
	330	'modified_datetime' => '',
[19]	331	'new_op' => 'update',
[25]	332	'old_username' => $frm['username'],
[19]	333	'submit_buttons' => array(
[676]	334	array('name' => 'btn_submit', 'value' => _("Save changes"), 'accesskey' => 's'),
	335	array('name' => 'btn_repeat', 'class' => 'secondary', 'value' => _("Save & edit next"), 'accesskey' => 'e'),
	336	array('name' => 'btn_reset', 'class' => 'secondary', 'value' => _("Reset"), 'accesskey' => 'r'),
	337	array('name' => 'btn_cancel', 'class' => 'secondary', 'value' => _("Cancel"), 'accesskey' => 'c'),
[19]	338	),
[676]	339	), $frm);
[19]	340
	341	return $frm;
[1]	342	}
	343
	344	function deleteRecord($id)
	345	{
[153]	346	global $auth;
	347	global $lock;
	348	global $cache;
[497]	349	global $locally_carried_queries;
[479]	350	$app =& App::getInstance();
	351	$db =& DB::getInstance();
[441]	352
[295]	353	$lock->select($auth->getParam('db_table'), $auth->getParam('db_primary_key'), $id);
[1]	354	if ($lock->isLocked() && !$lock->isMine()) {
	355	$lock->dieErrorPage();
[21]	356	}
	357
[152]	358	// Remove any stale cached list data.
	359	$cache->delete('list');
[42]	360
[21]	361	// Get the information for this object.
[136]	362	$qid = $db->query("
[432]	363	SELECT " . $auth->getParam('db_username_column') . "
[458]	364	FROM " . $auth->getParam('db_table') . "
[295]	365	WHERE " . $auth->getParam('db_primary_key') . " = '" . $db->escapeString($id) . "'
[21]	366	");
[432]	367	if (! list($name) = mysql_fetch_row($qid)) {
[136]	368	$app->logMsg('Could not find record with admin_id: ' . $id, LOG_WARNING, __FILE__, __LINE__);
[676]	369	$app->raiseMsg(sprintf(_("The requested user %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__);
[408]	370	$app->dieBoomerangURL('admins', $locally_carried_queries);
[21]	371	}
[42]	372
[21]	373	// Get the information for this object.
[295]	374	$qid = $db->query("SELECT COUNT(*) from " . $auth->getParam('db_table') . "");
[21]	375	list($num_admins) = mysql_fetch_row($qid);
[432]	376	if ($num_admins <= 1) {
[676]	377	// There must always be at least one administrator!
[497]	378	$app->raiseMsg(_("You cannot delete the only user in the database. There must be at least one to log in and create other users."), MSG_NOTICE, __FILE__, __LINE__);
[147]	379	} else if ($auth->get('user_id') == $id) {
[21]	380	// Do not delete yourself!
[136]	381	$app->raiseMsg(_("You cannot delete yourself."), MSG_NOTICE, __FILE__, __LINE__);
[1]	382	} else {
[21]	383	// Delete the record.
[295]	384	$db->query("DELETE FROM " . $auth->getParam('db_table') . " WHERE " . $auth->getParam('db_primary_key') . " = '" . $db->escapeString($id) . "'");
[141]	385	$app->raiseMsg(sprintf(_("The admin <em>%s</em> has been deleted."), $name), MSG_SUCCESS, __FILE__, __LINE__);
[21]	386	}
[1]	387
[21]	388	// Unlock record.
	389	$lock->remove();
[1]	390	}
	391
	392	function insertRecord($frm)
	393	{
	394	global $auth;
[153]	395	global $cache;
[479]	396	$app =& App::getInstance();
	397	$db =& DB::getInstance();
[441]	398
[152]	399	// Remove any stale cached list data.
	400	$cache->delete('list');
[42]	401
[1]	402	// Insert record data.
[136]	403	$db->query("
[295]	404	INSERT INTO " . $auth->getParam('db_table') . " (
	405	" . $auth->getParam('db_username_column') . ",
[1]	406	first_name,
	407	last_name,
	408	email,
[19]	409	added_by_user_id,
[1]	410	added_datetime
	411	) VALUES (
[136]	412	'" . $db->escapeString($frm['username']) . "',
	413	'" . $db->escapeString($frm['first_name']) . "',
	414	'" . $db->escapeString($frm['last_name']) . "',
	415	'" . $db->escapeString($frm['email']) . "',
[147]	416	'" . $db->escapeString($auth->get('user_id')) . "',
[1]	417	NOW()
	418	)
	419	");
[136]	420	$last_insert_id = mysql_insert_id($db->getDBH());
[42]	421
[1]	422	// Set admin password.
	423	$auth->setPassword($last_insert_id, $frm['userpass']);
[42]	424
[19]	425	// Create version.
[159]	426	$version = Version::getInstance($auth);
[295]	427	$version->create($auth->getParam('db_table'), $auth->getParam('db_primary_key'), $last_insert_id, $frm['username']);
[42]	428
[497]	429	$app->raiseMsg(sprintf(_("The user <em>%s</em> has been added."), $frm['username']), MSG_SUCCESS, __FILE__, __LINE__);
[42]	430
[1]	431	return $last_insert_id;
	432	}
	433
	434	function updateRecord($frm)
	435	{
[153]	436	global $auth;
	437	global $lock;
	438	global $cache;
[479]	439	$app =& App::getInstance();
	440	$db =& DB::getInstance();
[441]	441
[295]	442	$lock->select($auth->getParam('db_table'), $auth->getParam('db_primary_key'), $frm['admin_id']);
[1]	443	if ($lock->isLocked() && !$lock->isMine()) {
	444	$lock->dieErrorPage();
[21]	445	}
[1]	446
[152]	447	// Remove any stale cached list data.
	448	$cache->delete('list');
[42]	449
[21]	450	// If the userpass is left blank or with the filler **** characters, we don't want to update it.
	451	if (!empty($frm['userpass']) && !preg_match('/[\*]{4,}/', $frm['userpass'])) {
	452	// Set user password.
	453	$auth->setPassword($frm['admin_id'], $frm['userpass']);
	454	}
[42]	455
[21]	456	// Update record data.
[136]	457	$db->query("
[295]	458	UPDATE " . $auth->getParam('db_table') . " SET
	459	" . $auth->getParam('db_username_column') . " = '" . $db->escapeString($frm['username']) . "',
[136]	460	first_name = '" . $db->escapeString($frm['first_name']) . "',
	461	last_name = '" . $db->escapeString($frm['last_name']) . "',
	462	email = '" . $db->escapeString($frm['email']) . "',
[147]	463	modified_by_user_id = '" . $db->escapeString($auth->get('user_id')) . "',
[21]	464	modified_datetime = NOW()
[295]	465	WHERE " . $auth->getParam('db_primary_key') . " = '" . $db->escapeString($frm['admin_id']) . "'
[21]	466	");
[1]	467
[21]	468	// Create version.
[159]	469	$version = Version::getInstance($auth);
[295]	470	$version->create($auth->getParam('db_table'), $auth->getParam('db_primary_key'), $frm['admin_id'], $frm['username']);
[21]	471
[497]	472	$app->raiseMsg(sprintf(_("The user <em>%s</em> has been updated."), $frm['username']), MSG_SUCCESS, __FILE__, __LINE__);
[21]	473
	474	// Unlock record.
	475	$lock->remove();
[1]	476	}
	477
	478	function &getRecordList()
	479	{
	480	global $page;
	481	global $so;
[153]	482	global $tmp_prefs;
	483	global $cache;
[295]	484	global $auth;
[479]	485	$db =& DB::getInstance();
[441]	486
[19]	487	$where_clause = '';
[42]	488
[19]	489	// Build search query if available.
	490	if (getFormData('search_query', false)) {
	491	$qry_words = preg_split('/[^\w]/', getFormData('search_query'));
[1]	492	for ($i=0; $i<sizeof($qry_words); $i++) {
[19]	493	$where_clause .= (empty($where_clause) ? 'WHERE' : 'AND') . "
	494	(
[295]	495	" . $auth->getParam('db_table') . "." . $auth->getParam('db_username_column') . " LIKE '%" . $db->escapeString($qry_words[$i]) . "%'
	496	OR " . $auth->getParam('db_table') . ".first_name LIKE '%" . $db->escapeString($qry_words[$i]) . "%'
	497	OR " . $auth->getParam('db_table') . ".last_name LIKE '%" . $db->escapeString($qry_words[$i]) . "%'
	498	OR " . $auth->getParam('db_table') . ".email LIKE '%" . $db->escapeString($qry_words[$i]) . "%'
[1]	499	)
	500	";
	501	}
	502	}
[19]	503
[676]	504	if (getFormData('filter_user_type', false)) {
	505	// Limit by filter.
	506	$where_clause .= (empty($where_clause) ? 'WHERE' : 'AND') . " " . $auth->getParam('db_table') . ".user_type = '" . $db->escapeString(getFormData('filter_user_type')) . "'";
	507	}
	508
[1]	509	// Count the total number of records so we can do something about the page numbers.
[136]	510	$qid = $db->query("
[42]	511	SELECT COUNT(*)
[295]	512	FROM " . $auth->getParam('db_table') . "
[19]	513	$where_clause
	514	");
[1]	515	list($num_results) = mysql_fetch_row($qid);
[42]	516
[1]	517	// Set page numbers now we know (needed for next step).
	518	$page->setTotalItems($num_results);
	519	$page->calculate();
[42]	520
[1]	521	// Final SQL, with sort and page limiters.
	522	$sql = "
[42]	523	SELECT
[295]	524	" . $auth->getParam('db_table') . ".*,
[441]	525	" . $auth->getParam('db_table') . "." . $auth->getParam('db_primary_key') . " AS admin_id,
[295]	526	a1." . $auth->getParam('db_username_column') . " AS added_admin_username,
	527	a2." . $auth->getParam('db_username_column') . " AS modified_admin_username
	528	FROM " . $auth->getParam('db_table') . "
	529	LEFT JOIN " . $auth->getParam('db_table') . " a1 ON (" . $auth->getParam('db_table') . ".added_by_user_id = a1." . $auth->getParam('db_primary_key') . ")
	530	LEFT JOIN " . $auth->getParam('db_table') . " a2 ON (" . $auth->getParam('db_table') . ".modified_by_user_id = a2." . $auth->getParam('db_primary_key') . ")
[1]	531	$where_clause
	532	" . $so->getSortOrderSQL() . "
	533	" . $page->getLimitSQL() . "
	534	";
[42]	535
[676]	536	// Use a cache hash to determine if the result-set has changed.
[1]	537	// A unique key for this query, with the total_items in case db records
	538	// were added since the last cache. This identifies a unique set of
	539	// cached data, but we must refer to the list that is cached by a more
	540	// generic name. so that we can flush the cache (if records updated)
	541	// without knowing the hash.
	542	$cache_hash = md5($sql . '\|' . $page->total_items);
[153]	543	if ($tmp_prefs->get('cache_hash') != $cache_hash) {
[152]	544	$cache->delete('list');
[153]	545	$tmp_prefs->set('cache_hash', $cache_hash);
[1]	546	}
[42]	547
[152]	548	// First try to return from the cache.
	549	if ($cache->exists('list')) {
[676]	550	return $cache->get('list');
[152]	551	}
[441]	552
[152]	553	// The list was not cached, so issue the real query.
	554	$qid = $db->query($sql);
[676]	555	$list = array();
[152]	556	while ($row = mysql_fetch_assoc($qid)) {
	557	$list[] = $row;
	558	}
[42]	559
[152]	560	// Save this list into the cache.
	561	if (isset($list) && !empty($list)) {
	562	$cache->set('list', $list);
[1]	563	}
	564
	565	return $list;
	566	}
	567

Note: See TracBrowser for help on using the repository browser.

Download in other formats: