1
|
|
|
<?php |
2
|
|
|
/** |
3
|
|
|
* Find XOOPS users |
4
|
|
|
* |
5
|
|
|
* You may not change or alter any portion of this comment or credits |
6
|
|
|
* of supporting developers from this source code or any supporting source code |
7
|
|
|
* which is considered copyrighted (c) material of the original comment or credit authors. |
8
|
|
|
* This program is distributed in the hope that it will be useful, |
9
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
10
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
11
|
|
|
* |
12
|
|
|
* @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) |
13
|
|
|
* @license GNU GPL 2 (https://www.gnu.org/licenses/gpl-2.0.html) |
14
|
|
|
* @package kernel |
15
|
|
|
* @since 2.3.0 |
16
|
|
|
* @author Taiwen Jiang <[email protected]> |
17
|
|
|
*/ |
18
|
|
|
/** @var XoopsUser $xoopsUser */ |
19
|
|
|
|
20
|
|
|
use Xmf\Request; |
21
|
|
|
|
22
|
|
|
include_once dirname(__DIR__) . '/mainfile.php'; |
23
|
|
|
|
24
|
|
|
xoops_header(false); |
25
|
|
|
|
26
|
|
|
$denied = true; |
27
|
|
|
if (Request::hasVar('token') && is_object($xoopsUser)) { |
28
|
|
|
if ($GLOBALS['xoopsSecurity']->validateToken(Request::getString('token'), false)) { |
29
|
|
|
$denied = false; |
30
|
|
|
} |
31
|
|
|
} elseif (is_object($xoopsUser) && $xoopsUser->isAdmin()) { |
32
|
|
|
$denied = false; |
33
|
|
|
} |
34
|
|
|
|
35
|
|
|
if ($denied) { |
36
|
|
|
xoops_error(_NOPERM); |
37
|
|
|
exit(); |
38
|
|
|
} |
39
|
|
|
|
40
|
|
|
$token = Request::getString('token', ''); |
41
|
|
|
$name_form = 'memberslist'; |
42
|
|
|
$multiple = Request::getInt('multiple', 0); |
43
|
|
|
$name_userid = 'uid' . ((0 != $multiple) ? '[]' : ''); |
44
|
|
|
$name_username = 'uname' . ((0 != $multiple) ? '[]' : ''); |
45
|
|
|
|
46
|
|
|
xoops_loadLanguage('findusers'); |
47
|
|
|
|
48
|
|
|
/** |
49
|
|
|
* Enter description here... |
50
|
|
|
* |
51
|
|
|
*/ |
52
|
|
|
class XoopsRank extends XoopsObject |
53
|
|
|
{ |
54
|
|
|
//PHP 8.2 Dynamic properties deprecated |
55
|
|
|
public $rank_id; |
56
|
|
|
public $rank_title; |
57
|
|
|
public $rank_min; |
58
|
|
|
public $rank_max; |
59
|
|
|
public $rank_special; |
60
|
|
|
public $rank_image; |
61
|
|
|
|
62
|
|
|
/** |
63
|
|
|
* Construct |
64
|
|
|
* |
65
|
|
|
*/ |
66
|
|
|
public function __construct() |
67
|
|
|
{ |
68
|
|
|
parent::__construct(); |
69
|
|
|
$this->initVar('rank_id', XOBJ_DTYPE_INT, null, false); |
70
|
|
|
$this->initVar('rank_title', XOBJ_DTYPE_TXTBOX, null, false); |
71
|
|
|
$this->initVar('rank_min', XOBJ_DTYPE_INT, 0); |
72
|
|
|
$this->initVar('rank_max', XOBJ_DTYPE_INT, 0); |
73
|
|
|
$this->initVar('rank_special', XOBJ_DTYPE_INT, 0); |
74
|
|
|
$this->initVar('rank_image', XOBJ_DTYPE_TXTBOX, ''); |
75
|
|
|
} |
76
|
|
|
} |
77
|
|
|
|
78
|
|
|
/** |
79
|
|
|
* Xoops Rank Handler |
80
|
|
|
* |
81
|
|
|
*/ |
82
|
|
|
class XoopsRankHandler extends XoopsObjectHandler |
83
|
|
|
{ |
84
|
|
|
/** |
85
|
|
|
* Constructor |
86
|
|
|
* |
87
|
|
|
* @param XoopsDatabase $db |
88
|
|
|
*/ |
89
|
|
|
public function __construct(XoopsDatabase $db) |
90
|
|
|
{ |
91
|
|
|
parent::__construct($db); |
92
|
|
|
} |
93
|
|
|
|
94
|
|
|
/** |
95
|
|
|
* Create Object |
96
|
|
|
* |
97
|
|
|
* @param bool $isNew |
98
|
|
|
* @return XoopsRank |
99
|
|
|
*/ |
100
|
|
|
public function create($isNew = true) |
101
|
|
|
{ |
102
|
|
|
$obj = new XoopsRank(); |
103
|
|
|
if ($isNew === true) { |
104
|
|
|
$obj->setNew(); |
105
|
|
|
} |
106
|
|
|
|
107
|
|
|
return $obj; |
108
|
|
|
} |
109
|
|
|
|
110
|
|
|
/** |
111
|
|
|
* Get Object |
112
|
|
|
* |
113
|
|
|
* @param int $id |
114
|
|
|
* @return object |
115
|
|
|
*/ |
116
|
|
|
public function get($id = 0) |
117
|
|
|
{ |
118
|
|
|
$object = $this->create(false); |
119
|
|
|
$sql = 'SELECT * FROM ' . $this->db->prefix('ranks') . ' WHERE rank_id = ' . $this->db->quoteString($id); |
|
|
|
|
120
|
|
|
$result = $this->db->query($sql); |
|
|
|
|
121
|
|
|
if (!$this->db->isResultSet($result)) { |
122
|
|
|
$ret = null; |
123
|
|
|
|
124
|
|
|
return $ret; |
125
|
|
|
} |
126
|
|
|
|
127
|
|
|
while (false !== ($row = $this->db->fetchArray($result))) { |
|
|
|
|
128
|
|
|
$object->assignVars($row); |
129
|
|
|
} |
130
|
|
|
|
131
|
|
|
return $object; |
132
|
|
|
} |
133
|
|
|
|
134
|
|
|
/** |
135
|
|
|
* Get List |
136
|
|
|
* |
137
|
|
|
* @param CriteriaElement $criteria |
138
|
|
|
* @param int $limit |
139
|
|
|
* @param int $start |
140
|
|
|
* @return array |
141
|
|
|
*/ |
142
|
|
|
public function getList(CriteriaElement $criteria = null, $limit = 0, $start = 0) |
143
|
|
|
{ |
144
|
|
|
$ret = array(); |
145
|
|
|
if ($criteria == null) { |
146
|
|
|
$criteria = new CriteriaCompo(); |
147
|
|
|
} |
148
|
|
|
|
149
|
|
|
$sql = 'SELECT rank_id, rank_title FROM ' . $this->db->prefix('ranks'); |
150
|
|
|
if (isset($criteria) && \method_exists($criteria, 'renderWhere')) { |
151
|
|
|
$sql .= ' ' . $criteria->renderWhere(); |
152
|
|
|
if ($criteria->getSort() != '') { |
153
|
|
|
$sql .= ' ORDER BY ' . $criteria->getSort() . ' ' . $criteria->getOrder(); |
154
|
|
|
} |
155
|
|
|
$limit = $criteria->getLimit(); |
156
|
|
|
$start = $criteria->getStart(); |
157
|
|
|
} |
158
|
|
|
$result = $this->db->query($sql, $limit, $start); |
159
|
|
|
if (!$this->db->isResultSet($result)) { |
160
|
|
|
return $ret; |
161
|
|
|
} |
162
|
|
|
$myts = \MyTextSanitizer::getInstance(); |
163
|
|
|
/** @var array $myrow */ |
164
|
|
|
while (false !== ($myrow = $this->db->fetchArray($result))) { |
165
|
|
|
$ret[$myrow['rank_id']] = $myts->htmlSpecialChars($myrow['rank_title']); |
166
|
|
|
} |
167
|
|
|
|
168
|
|
|
return $ret; |
169
|
|
|
} |
170
|
|
|
} |
171
|
|
|
|
172
|
|
|
/** |
173
|
|
|
* Xoops Users Extend Class |
174
|
|
|
* |
175
|
|
|
*/ |
176
|
|
|
class XoUser extends XoopsUser |
177
|
|
|
{ |
178
|
|
|
/** |
179
|
|
|
* Enter Constructor |
180
|
|
|
* |
181
|
|
|
*/ |
182
|
|
|
public function __construct() |
183
|
|
|
{ |
184
|
|
|
parent::__construct(); |
185
|
|
|
$unsets = array( |
186
|
|
|
'actkey', |
187
|
|
|
'pass', |
188
|
|
|
'theme', |
189
|
|
|
'umode', |
190
|
|
|
'uorder', |
191
|
|
|
'notify_mode'); |
192
|
|
|
foreach ($unsets as $var) { |
193
|
|
|
unset($this->vars[$var]); |
194
|
|
|
} |
195
|
|
|
} |
196
|
|
|
} |
197
|
|
|
|
198
|
|
|
/** |
199
|
|
|
* XoUser Handler |
200
|
|
|
* |
201
|
|
|
*/ |
202
|
|
|
class XoUserHandler extends XoopsObjectHandler |
203
|
|
|
{ |
204
|
|
|
/** |
205
|
|
|
* Enter description here... |
206
|
|
|
* |
207
|
|
|
* @param XoopsDatabase $db |
208
|
|
|
*/ |
209
|
|
|
public function __construct(XoopsDatabase $db) |
210
|
|
|
{ |
211
|
|
|
parent::__construct($db); |
212
|
|
|
} |
213
|
|
|
|
214
|
|
|
/** |
215
|
|
|
* Create |
216
|
|
|
* |
217
|
|
|
* @param bool $isNew |
218
|
|
|
* @return XoUser |
219
|
|
|
*/ |
220
|
|
|
public function create($isNew = true) |
221
|
|
|
{ |
222
|
|
|
$obj = new XoUser(); |
223
|
|
|
if ($isNew === true) { |
224
|
|
|
$obj->setNew(); |
225
|
|
|
} |
226
|
|
|
|
227
|
|
|
return $obj; |
228
|
|
|
} |
229
|
|
|
|
230
|
|
|
/** |
231
|
|
|
* Get Count |
232
|
|
|
* |
233
|
|
|
* @param CriteriaElement $criteria |
234
|
|
|
* @param array $groups |
235
|
|
|
* @return int |
236
|
|
|
*/ |
237
|
|
|
public function getCount(CriteriaElement $criteria = null, $groups = array()) |
238
|
|
|
{ |
239
|
|
|
if (!is_array($groups)) { |
|
|
|
|
240
|
|
|
$groups = array( |
241
|
|
|
$groups); |
242
|
|
|
} |
243
|
|
|
$groups = array_filter($groups); |
244
|
|
|
if (empty($groups)) { |
245
|
|
|
$sql = ' SELECT COUNT(DISTINCT u.uid) FROM ' . $this->db->prefix('users') . ' AS u' . ' WHERE 1=1'; |
246
|
|
|
} else { |
247
|
|
|
$sql = ' SELECT COUNT(DISTINCT u.uid) FROM ' . $this->db->prefix('users') . ' AS u' . ' LEFT JOIN ' . $this->db->prefix('groups_users_link') . ' AS g ON g.uid = u.uid' . ' WHERE g.groupid IN (' . implode(', ', array_map('intval', $groups)) . ')'; |
248
|
|
|
} |
249
|
|
|
if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) { |
250
|
|
|
// Use the direct renderer, assuming no `uid` in criteria |
251
|
|
|
if ($render = $criteria->render()) { |
252
|
|
|
$sql .= ' AND ' . $render; |
253
|
|
|
} |
254
|
|
|
} |
255
|
|
|
$result = $this->db->query($sql); |
256
|
|
|
if (!$this->db->isResultSet($result)) { |
257
|
|
|
throw new \RuntimeException( |
258
|
|
|
\sprintf(_DB_QUERY_ERROR, $sql) . $this->db->error(), E_USER_ERROR |
|
|
|
|
259
|
|
|
); |
260
|
|
|
} |
261
|
|
|
list($count) = $this->db->fetchRow($result); |
|
|
|
|
262
|
|
|
|
263
|
|
|
return (int)$count; |
264
|
|
|
} |
265
|
|
|
|
266
|
|
|
/** |
267
|
|
|
* GetAll |
268
|
|
|
* |
269
|
|
|
* @param CriteriaElement $criteria |
270
|
|
|
* @param array $groups |
271
|
|
|
* @return array of matching objects |
272
|
|
|
*/ |
273
|
|
|
public function getAll(CriteriaElement $criteria = null, $groups = array()) |
274
|
|
|
{ |
275
|
|
|
if (!is_array($groups)) { |
|
|
|
|
276
|
|
|
$groups = array( |
277
|
|
|
$groups); |
278
|
|
|
} |
279
|
|
|
$groups = array_filter($groups); |
280
|
|
|
$limit = null; |
281
|
|
|
$start = null; |
282
|
|
|
if (empty($groups)) { |
283
|
|
|
$sql = ' SELECT u.* FROM ' . $this->db->prefix('users') . ' AS u' . ' WHERE 1=1'; |
284
|
|
|
} else { |
285
|
|
|
$sql = ' SELECT u.* FROM ' . $this->db->prefix('users') . ' AS u' . ' LEFT JOIN ' . $this->db->prefix('groups_users_link') . ' AS g ON g.uid = u.uid' . ' WHERE g.groupid IN (' . implode(', ', array_map('intval', $groups)) . ')'; |
286
|
|
|
} |
287
|
|
|
if (isset($criteria) && is_subclass_of($criteria, 'CriteriaElement')) { |
288
|
|
|
if ($render = $criteria->render()) { |
289
|
|
|
$sql .= ' AND ' . $render; |
290
|
|
|
} |
291
|
|
|
if ($sort = $criteria->getSort()) { |
292
|
|
|
$sql .= ' ORDER BY ' . $sort . ' ' . $criteria->getOrder(); |
293
|
|
|
$orderSet = true; |
294
|
|
|
} |
295
|
|
|
$limit = $criteria->getLimit(); |
296
|
|
|
$start = $criteria->getStart(); |
297
|
|
|
} |
298
|
|
|
if (empty($orderSet)) { |
299
|
|
|
$sql .= ' ORDER BY u.uid ASC'; |
300
|
|
|
} |
301
|
|
|
$result = $this->db->query($sql, $limit, $start); |
302
|
|
|
if (!$this->db->isResultSet($result)) { |
303
|
|
|
throw new \RuntimeException( |
304
|
|
|
\sprintf(_DB_QUERY_ERROR, $sql) . $this->db->error(), E_USER_ERROR |
305
|
|
|
); |
306
|
|
|
} |
307
|
|
|
$ret = array(); |
308
|
|
|
/** @var array $myrow */ |
309
|
|
|
while (false !== ($myrow = $this->db->fetchArray($result))) { |
310
|
|
|
$object = $this->create(false); |
311
|
|
|
$object->assignVars($myrow); |
312
|
|
|
$ret[$myrow['uid']] = $object; |
313
|
|
|
unset($object); |
314
|
|
|
} |
315
|
|
|
|
316
|
|
|
return $ret; |
317
|
|
|
} |
318
|
|
|
} |
319
|
|
|
|
320
|
|
|
$rank_handler = new XoopsRankHandler($xoopsDB); |
321
|
|
|
$user_handler = new XoUserHandler($xoopsDB); |
322
|
|
|
|
323
|
|
|
$items_match = array( |
324
|
|
|
'uname' => _MA_USER_UNAME, |
325
|
|
|
'name' => _MA_USER_REALNAME, |
326
|
|
|
'email' => _MA_USER_EMAIL, |
327
|
|
|
// 'user_icq' => _MA_USER_ICQ, |
328
|
|
|
// 'user_aim' => _MA_USER_AIM, |
329
|
|
|
// 'user_yim' => _MA_USER_YIM, |
330
|
|
|
// 'user_msnm' => _MA_USER_MSNM, |
331
|
|
|
); |
332
|
|
|
|
333
|
|
|
$items_range = array( |
334
|
|
|
'user_regdate' => _MA_USER_RANGE_USER_REGDATE, |
335
|
|
|
'last_login' => _MA_USER_RANGE_LAST_LOGIN, |
336
|
|
|
'posts' => _MA_USER_RANGE_POSTS); |
337
|
|
|
|
338
|
|
|
define('FINDUSERS_MODE_SIMPLE', 0); |
339
|
|
|
define('FINDUSERS_MODE_ADVANCED', 1); |
340
|
|
|
|
341
|
|
|
$modes = array( |
342
|
|
|
FINDUSERS_MODE_SIMPLE => _MA_USER_MODE_SIMPLE, |
343
|
|
|
FINDUSERS_MODE_ADVANCED => _MA_USER_MODE_ADVANCED, |
344
|
|
|
); |
345
|
|
|
|
346
|
|
|
if (!Request::hasVar('user_submit', 'POST')) { |
347
|
|
|
include_once $GLOBALS['xoops']->path('class/xoopsformloader.php'); |
348
|
|
|
|
349
|
|
|
$form = new XoopsThemeForm(_MA_USER_FINDUS, 'user_findform', 'findusers.php', 'post', true); |
350
|
|
|
$mode = Request::getInt('mode', 0); |
351
|
|
|
if (FINDUSERS_MODE_ADVANCED == $mode) { |
352
|
|
|
foreach ($items_match as $var => $title) { |
353
|
|
|
$text = new XoopsFormText('', $var, 30, 100, Request::getString($var, '', 'POST')); |
354
|
|
|
$match = new XoopsFormSelectMatchOption('', "{$var}_match", Request::getInt("{$var}_match", 0)); |
355
|
|
|
$match_tray = new XoopsFormElementTray($title, ' '); |
356
|
|
|
$match_tray->addElement($match); |
357
|
|
|
$match_tray->addElement($text); |
358
|
|
|
$form->addElement($match_tray); |
359
|
|
|
unset($text, $match, $match_tray); |
360
|
|
|
} |
361
|
|
|
|
362
|
|
|
$url_text = new XoopsFormText(_MA_USER_URLC, 'url', 30, 100, Request::getUrl('url', '', 'POST')); |
363
|
|
|
$location_text = new XoopsFormText(_MA_USER_LOCATION, 'user_from', 30, 100, Request::getString('user_from', '', 'POST')); |
364
|
|
|
$occupation_text = new XoopsFormText(_MA_USER_OCCUPATION, 'user_occ', 30, 100, Request::getString('user_occ', '', 'POST')); |
365
|
|
|
$interest_text = new XoopsFormText(_MA_USER_INTEREST, 'user_intrest', 30, 100, Request::getString('user_intrest', '', 'POST')); |
366
|
|
|
foreach ($items_range as $var => $title) { |
367
|
|
|
$more = new XoopsFormText('', "{$var}_more", 10, 5, Request::getString("{$var}_more", '', 'POST')); |
368
|
|
|
$less = new XoopsFormText('', "{$var}_less", 10, 5, Request::getString("{$var}_less", '', 'POST')); |
369
|
|
|
$range_tray = new XoopsFormElementTray($title, ' - '); |
370
|
|
|
$range_tray->addElement($less); |
371
|
|
|
$range_tray->addElement($more); |
372
|
|
|
$form->addElement($range_tray); |
373
|
|
|
unset($more, $less, $range_tray); |
374
|
|
|
} |
375
|
|
|
|
376
|
|
|
$mailok_radio = new XoopsFormRadio(_MA_USER_SHOWMAILOK, 'user_mailok', Request::getString('user_mailok', 'both', 'POST')); |
377
|
|
|
$mailok_radio->addOptionArray(array( |
378
|
|
|
'mailok' => _MA_USER_MAILOK, |
379
|
|
|
'mailng' => _MA_USER_MAILNG, |
380
|
|
|
'both' => _MA_USER_BOTH |
381
|
|
|
)); |
382
|
|
|
$avatar_radio = new XoopsFormRadio(_MA_USER_HASAVATAR, 'user_avatar', Request::getString('user_avatar', 'both', 'POST')); |
383
|
|
|
$avatar_radio->addOptionArray(array( |
384
|
|
|
'y' => _YES, |
385
|
|
|
'n' => _NO, |
386
|
|
|
'both' => _MA_USER_BOTH |
387
|
|
|
)); |
388
|
|
|
|
389
|
|
|
$level_radio = new XoopsFormRadio(_MA_USER_LEVEL, 'level', Request::getString('level', '', 'POST')); |
390
|
|
|
$levels = array( |
391
|
|
|
0 => _ALL, |
392
|
|
|
1 => _MA_USER_LEVEL_ACTIVE, |
393
|
|
|
2 => _MA_USER_LEVEL_INACTIVE, |
394
|
|
|
3 => _MA_USER_LEVEL_DISABLED |
395
|
|
|
); |
396
|
|
|
$level_radio->addOptionArray($levels); |
397
|
|
|
|
398
|
|
|
/** @var XoopsMemberHandler $member_handler */ |
399
|
|
|
$member_handler = xoops_getHandler('member'); |
400
|
|
|
$groups = $member_handler->getGroupList(); |
401
|
|
|
$groups[0] = _ALL; |
402
|
|
|
$group_select = new XoopsFormSelect(_MA_USER_GROUP, 'groups', Request::getInt('groups', 0), 3, true); |
403
|
|
|
$group_select->addOptionArray($groups); |
404
|
|
|
|
405
|
|
|
$ranks = $rank_handler->getList(); |
406
|
|
|
$ranks[0] = _ALL; |
407
|
|
|
$rank_select = new XoopsFormSelect(_MA_USER_RANK, 'rank', Request::getInt('rank', 0) ); |
408
|
|
|
$rank_select->addOptionArray($ranks); |
409
|
|
|
$form->addElement($url_text); |
410
|
|
|
$form->addElement($location_text); |
411
|
|
|
$form->addElement($occupation_text); |
412
|
|
|
$form->addElement($interest_text); |
413
|
|
|
$form->addElement($mailok_radio); |
414
|
|
|
$form->addElement($avatar_radio); |
415
|
|
|
$form->addElement($level_radio); |
416
|
|
|
$form->addElement($group_select); |
417
|
|
|
$form->addElement($rank_select); |
418
|
|
|
} else { |
419
|
|
|
foreach (array('uname', 'email') as $var) { |
420
|
|
|
$title = $items_match[$var]; |
421
|
|
|
$text = new XoopsFormText('', $var, 30, 100, Request::getString($var, '', 'POST')); |
422
|
|
|
$match = new XoopsFormSelectMatchOption('', "{$var}_match", Request::getInt("{$var}_match", 0)); |
423
|
|
|
$match_tray = new XoopsFormElementTray($title, ' '); |
424
|
|
|
$match_tray->addElement($match); |
425
|
|
|
$match_tray->addElement($text); |
426
|
|
|
$form->addElement($match_tray); |
427
|
|
|
unset($text, $match, $match_tray); |
428
|
|
|
} |
429
|
|
|
} |
430
|
|
|
|
431
|
|
|
$sort_select = new XoopsFormSelect(_MA_USER_SORT, 'user_sort', Request::getString('user_sort', '', 'POST')); |
432
|
|
|
$sort_select->addOptionArray(array( |
433
|
|
|
'uname' => _MA_USER_UNAME, |
434
|
|
|
'last_login' => _MA_USER_LASTLOGIN, |
435
|
|
|
'user_regdate' => _MA_USER_REGDATE, |
436
|
|
|
'posts' => _MA_USER_POSTS |
437
|
|
|
)); |
438
|
|
|
$order_select = new XoopsFormSelect(_MA_USER_ORDER, 'user_order', Request::getString('user_order', '', 'POST')); |
439
|
|
|
$order_select->addOptionArray(array( |
440
|
|
|
'ASC' => _MA_USER_ASC, |
441
|
|
|
'DESC' => _MA_USER_DESC |
442
|
|
|
)); |
443
|
|
|
|
444
|
|
|
$form->addElement($sort_select); |
445
|
|
|
$form->addElement($order_select); |
446
|
|
|
|
447
|
|
|
$form->addElement(new XoopsFormText(_MA_USER_LIMIT, 'limit', 6, 6, Request::getInt('limit', 50, 'POST'))); |
448
|
|
|
$form->addElement(new XoopsFormHidden('mode', $mode)); |
449
|
|
|
$form->addElement(new XoopsFormHidden('target', Request::getString('target', '', 'POST'))); |
450
|
|
|
$form->addElement(new XoopsFormHidden('multiple', $multiple)); |
451
|
|
|
$form->addElement(new XoopsFormHidden('token', $token)); |
452
|
|
|
$form->addElement(new XoopsFormButton('', 'user_submit', _SUBMIT, 'submit')); |
453
|
|
|
|
454
|
|
|
$acttotal = $user_handler->getCount(new Criteria('level', 0, '>')); |
455
|
|
|
$inacttotal = $user_handler->getCount(new Criteria('level', 0, '<=')); |
456
|
|
|
echo '</html><body>'; |
457
|
|
|
echo "<h2 style='text-align:left;'>" . _MA_USER_FINDUS . ' - ' . $modes[$mode] . '</h2>'; |
458
|
|
|
$modes_switch = array(); |
459
|
|
|
foreach ($modes as $_mode => $title) { |
460
|
|
|
if ($mode == $_mode) { |
461
|
|
|
continue; |
462
|
|
|
} |
463
|
|
|
$modes_switch[] = "<a href='findusers.php?target=" . htmlspecialchars(Request::getString('target', ''), ENT_QUOTES | ENT_HTML5) . '&multiple=' . (string)$multiple . '&token=' . htmlspecialchars($token, ENT_QUOTES | ENT_HTML5) . "&mode={$_mode}'>{$title}</a>"; |
464
|
|
|
} |
465
|
|
|
echo '<h4>' . implode(' | ', $modes_switch) . '</h4>'; |
466
|
|
|
echo '(' . sprintf(_MA_USER_ACTUS, "<span style='color:#ff0000;'>$acttotal</span>") . ' ' . sprintf(_MA_USER_INACTUS, "<span style='color:#ff0000;'>$inacttotal</span>") . ')'; |
467
|
|
|
$form->display(); |
468
|
|
|
} else { |
469
|
|
|
$myts = \MyTextSanitizer::getInstance(); |
470
|
|
|
$limit = Request::getInt('limit', 50, 'POST'); |
471
|
|
|
$start = Request::getInt('start', 0, 'POST'); |
472
|
|
|
if (Request::hasVar('query', 'POST')) { |
473
|
|
|
unset($_POST['query']); |
474
|
|
|
$query = ''; |
475
|
|
|
} |
476
|
|
|
|
477
|
|
|
$criteria = new CriteriaCompo(); |
478
|
|
|
foreach (array_keys($items_match) as $var) { |
479
|
|
|
if (Request::hasVar($var, 'POST')) { |
480
|
|
|
$match = Request::getInt("{$var}_match", XOOPS_MATCH_START, 'POST'); |
481
|
|
|
$value = $xoopsDB->escape(Request::getString($var, '', 'POST')); |
482
|
|
|
switch ($match) { |
483
|
|
|
case XOOPS_MATCH_START: |
484
|
|
|
$criteria->add(new Criteria($var, $value . '%', 'LIKE')); |
485
|
|
|
break; |
486
|
|
|
case XOOPS_MATCH_END: |
487
|
|
|
$criteria->add(new Criteria($var, '%' . $value, 'LIKE')); |
488
|
|
|
break; |
489
|
|
|
case XOOPS_MATCH_EQUAL: |
490
|
|
|
$criteria->add(new Criteria($var, $value)); |
491
|
|
|
break; |
492
|
|
|
case XOOPS_MATCH_CONTAIN: |
493
|
|
|
$criteria->add(new Criteria($var, '%' . $value . '%', 'LIKE')); |
494
|
|
|
break; |
495
|
|
|
} |
496
|
|
|
} |
497
|
|
|
} |
498
|
|
|
if (Request::hasVar('url', 'POST')) { |
499
|
|
|
$url = formatURL(trim(Request::getUrl('url', '', 'POST'))); |
500
|
|
|
$criteria->add(new Criteria('url', $url . '%', 'LIKE')); |
501
|
|
|
} |
502
|
|
|
if (Request::hasVar('user_from', 'POST')) { |
503
|
|
|
$criteria->add(new Criteria('user_from', '%' . $xoopsDB->escape(Request::getString('user_from', '', 'POST')) . '%', 'LIKE')); |
504
|
|
|
} |
505
|
|
|
if (Request::hasVar('user_intrest', 'POST')) { |
506
|
|
|
$criteria->add(new Criteria('user_intrest', '%' . $xoopsDB->escape(Request::getString('user_intrest', '', 'POST')) . '%', 'LIKE')); |
507
|
|
|
} |
508
|
|
|
if (Request::hasVar('user_occ', 'POST')) { |
509
|
|
|
$criteria->add(new Criteria('user_occ', '%' . $xoopsDB->escape(Request::getString('user_occ', '', 'POST')) . '%', 'LIKE')); |
510
|
|
|
} |
511
|
|
|
foreach (array('last_login', 'user_regdate') as $var) { |
512
|
|
|
if (Request::hasVar("{$var}_more", 'POST') && is_numeric($_POST["{$var}_more"])) { |
513
|
|
|
$time = time() - (60 * 60 * 24 * Request::getInt("{$var}_more", 0, 'POST')); |
514
|
|
|
if ($time > 0) { |
515
|
|
|
$criteria->add(new Criteria($var, $time, '<=')); |
516
|
|
|
} |
517
|
|
|
} |
518
|
|
|
if (Request::hasVar("{$var}_less", 'POST') && is_numeric($_POST["{$var}_less"])) { |
519
|
|
|
$time = time() - (60 * 60 * 24 * Request::getInt("{$var}_less", 0, 'POST')); |
520
|
|
|
if ($time > 0) { |
521
|
|
|
$criteria->add(new Criteria($var, $time, '>=')); |
522
|
|
|
} |
523
|
|
|
} |
524
|
|
|
} |
525
|
|
|
if (Request::hasVar('posts_more', 'POST') && is_numeric($_POST['posts_more'])) { |
526
|
|
|
$criteria->add(new Criteria('posts', Request::getInt('posts_more', 0, 'POST'), '<=')); |
527
|
|
|
} |
528
|
|
|
if (Request::hasVar('posts_less', 'POST') && is_numeric($_POST['posts_less'])) { |
529
|
|
|
$criteria->add(new Criteria('posts', Request::getInt('posts_less', 0, 'POST'), '>=')); |
530
|
|
|
} |
531
|
|
|
if (Request::hasVar('user_mailok', 'POST')) { |
532
|
|
|
if (Request::getString('user_mailok', '', 'POST') === 'mailng') { |
533
|
|
|
$criteria->add(new Criteria('user_mailok', 0)); |
534
|
|
|
} elseif (Request::getString('user_mailok', '', 'POST') === 'mailok') { |
535
|
|
|
$criteria->add(new Criteria('user_mailok', 1)); |
536
|
|
|
} |
537
|
|
|
} |
538
|
|
|
if (Request::hasVar('user_avatar', 'POST')) { |
539
|
|
|
if (Request::getString('user_avatar', '', 'POST') === 'y') { |
540
|
|
|
$criteria->add(new Criteria('user_avatar', "('', 'blank.gif')", 'NOT IN')); |
541
|
|
|
} elseif (Request::getString('user_avatar', '', 'POST') === 'n') { |
542
|
|
|
$criteria->add(new Criteria('user_avatar', "('', 'blank.gif')", 'IN')); |
543
|
|
|
} |
544
|
|
|
} |
545
|
|
|
if (Request::hasVar('level', 'POST')) { |
546
|
|
|
// $level_value = array( |
547
|
|
|
// 1 => 1, |
548
|
|
|
// 2 => 0, |
549
|
|
|
// 3 => -1 |
550
|
|
|
// ); |
551
|
|
|
$level = Request::getInt('level', 0, 'POST'); |
552
|
|
|
if ($level > 0) { |
553
|
|
|
$criteria->add(new Criteria('level', $level)); |
554
|
|
|
} |
555
|
|
|
} |
556
|
|
|
if (Request::hasVar('rank', 'POST')) { |
557
|
|
|
$rank_obj = $rank_handler->get(Request::getInt('rank', 0, 'POST')); |
558
|
|
|
if ($rank_obj->getVar('rank_special')) { |
559
|
|
|
$criteria->add(new Criteria('rank', Request::getInt('rank', 0, 'POST'))); |
560
|
|
|
} else { |
561
|
|
|
if ($rank_obj->getVar('rank_min')) { |
562
|
|
|
$criteria->add(new Criteria('posts', $rank_obj->getVar('rank_min'), '>=')); |
563
|
|
|
} |
564
|
|
|
if ($rank_obj->getVar('rank_max')) { |
565
|
|
|
$criteria->add(new Criteria('posts', $rank_obj->getVar('rank_max'), '<=')); |
566
|
|
|
} |
567
|
|
|
} |
568
|
|
|
} |
569
|
|
|
$total = $user_handler->getCount($criteria, Request::getArray('groups', [], 'POST')); |
570
|
|
|
$validsort = array( |
571
|
|
|
'uname', |
572
|
|
|
'email', |
573
|
|
|
'last_login', |
574
|
|
|
'user_regdate', |
575
|
|
|
'posts' |
576
|
|
|
); |
577
|
|
|
$sort = (!in_array(Request::getString('user_sort', '', 'POST'), $validsort)) ? 'uname' : Request::getString('user_sort', '', 'POST'); |
578
|
|
|
$order = 'ASC'; |
579
|
|
|
if (Request::hasVar('user_order', 'POST') && Request::getString('user_order', '', 'POST') === 'DESC') { |
580
|
|
|
$order = 'DESC'; |
581
|
|
|
} |
582
|
|
|
$criteria->setSort($sort); |
583
|
|
|
$criteria->setOrder($order); |
584
|
|
|
$criteria->setLimit($limit); |
585
|
|
|
$criteria->setStart($start); |
586
|
|
|
$foundusers = $user_handler->getAll($criteria, Request::getArray('groups', array(), 'POST')); |
587
|
|
|
|
588
|
|
|
echo $js_adduser = ' |
589
|
|
|
<script type="text/javascript"> |
590
|
|
|
var multiple=' . (string) $multiple . '; |
591
|
|
|
function addusers() |
592
|
|
|
{ |
593
|
|
|
var sel_str = ""; |
594
|
|
|
var num = 0; |
595
|
|
|
var mForm = document.forms["' . $name_form . '"]; |
596
|
|
|
for (var i=0;i!=mForm.elements.length;i++) { |
597
|
|
|
var id=mForm.elements[i]; |
598
|
|
|
if ( ( (multiple > 0 && id.type == "checkbox") || (multiple == 0 && id.type == "radio") ) && (id.checked == true) && ( id.name == "' . $name_userid . '" ) ) { |
599
|
|
|
var name = mForm.elements[++i]; |
600
|
|
|
var len = id.value.length + name.value.length; |
601
|
|
|
sel_str += len + ":" + id.value + ":" + name.value; |
602
|
|
|
num ++; |
603
|
|
|
} |
604
|
|
|
} |
605
|
|
|
if (num == 0) { |
606
|
|
|
alert("' . _MA_USER_NOUSERSELECTED . '"); |
607
|
|
|
return false; |
608
|
|
|
} |
609
|
|
|
sel_str = num + ":" + sel_str; |
610
|
|
|
window.opener.addusers(sel_str); |
611
|
|
|
alert("' . _MA_USER_USERADDED . '"); |
612
|
|
|
if (multiple == 0) { |
613
|
|
|
window.close(); |
614
|
|
|
window.opener.focus(); |
615
|
|
|
} |
616
|
|
|
return true; |
617
|
|
|
} |
618
|
|
|
</script> |
619
|
|
|
'; |
620
|
|
|
|
621
|
|
|
echo '</html><body>'; |
622
|
|
|
echo "<a href='findusers.php?target=" . htmlspecialchars(Request::getString('target', '', 'POST'), ENT_QUOTES | ENT_HTML5) . '&multiple=' . (string)$multiple . '&token=' . htmlspecialchars($token, ENT_QUOTES | ENT_HTML5) . "'>" . _MA_USER_FINDUS . "</a> <span style='font-weight:bold;'>»</span> " . _MA_USER_RESULTS . '<br><br>'; |
623
|
|
|
if (empty($start) && empty($foundusers)) { |
624
|
|
|
echo '<h4>' . _MA_USER_NOFOUND, '</h4>'; |
625
|
|
|
$hiddenform = "<form name='findnext' action='findusers.php' method='post'>"; |
626
|
|
|
foreach ($_POST as $k => $v) { |
627
|
|
|
if ($k === 'XOOPS_TOKEN_REQUEST') { |
628
|
|
|
// regenerate token value |
629
|
|
|
$hiddenform .= $GLOBALS['xoopsSecurity']->getTokenHTML() . "\n"; |
630
|
|
|
} elseif (is_array($v)) { |
631
|
|
|
foreach ($v as $temp) { |
632
|
|
|
$hiddenform .= "<input type='hidden' name='". htmlspecialchars($k, ENT_QUOTES | ENT_HTML5)."' value='" . htmlspecialchars($temp, ENT_QUOTES | ENT_HTML5) . "' />\n"; |
633
|
|
|
} |
634
|
|
|
} else { |
635
|
|
|
$hiddenform .= "<input type='hidden' name='" . htmlspecialchars($k, ENT_QUOTES | ENT_HTML5) . "' value='" . htmlspecialchars($v, ENT_QUOTES | ENT_HTML5) . "' />\n"; |
636
|
|
|
} |
637
|
|
|
} |
638
|
|
|
if (!Request::hasVar('limit', 'POST')) { |
639
|
|
|
$hiddenform .= "<input type='hidden' name='limit' value='{$limit}' />\n"; |
640
|
|
|
} |
641
|
|
|
if (!Request::hasVar('start', 'POST')) { |
642
|
|
|
$hiddenform .= "<input type='hidden' name='start' value='{$start}' />\n"; |
643
|
|
|
} |
644
|
|
|
$hiddenform .= "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES | ENT_HTML5) . "' />\n"; |
645
|
|
|
$hiddenform .= '</form>'; |
646
|
|
|
|
647
|
|
|
echo '<div>' . $hiddenform; |
648
|
|
|
echo "<a href='#' onclick='document.findnext.start.value=0;document.findnext.user_submit.value=0;document.findnext.submit();'>" . _MA_USER_SEARCHAGAIN . "</a>\n"; |
649
|
|
|
echo '</div>'; |
650
|
|
|
} elseif ($start < $total) { |
651
|
|
|
if (!empty($total)) { |
652
|
|
|
echo sprintf(_MA_USER_USERSFOUND, $total) . '<br>'; |
653
|
|
|
} |
654
|
|
|
if (!empty($foundusers)) { |
655
|
|
|
echo "<form action='findusers.php' method='post' name='{$name_form}' id='{$name_form}'> |
656
|
|
|
<table width='100%' border='0' cellspacing='1' cellpadding='4' class='outer'> |
657
|
|
|
<tr> |
658
|
|
|
<th align='center' width='5px'>"; |
659
|
|
|
if ($multiple > 0 ) { |
660
|
|
|
echo "<input type='checkbox' name='memberslist_checkall' id='memberslist_checkall' onclick='xoopsCheckAll(\"{$name_form}\", \"memberslist_checkall\");' />"; |
661
|
|
|
} |
662
|
|
|
echo "</th> |
663
|
|
|
<th align='center'>" . _MA_USER_UNAME . "</th> |
664
|
|
|
<th align='center'>" . _MA_USER_REALNAME . "</th> |
665
|
|
|
<th align='center'>" . _MA_USER_REGDATE . "</th> |
666
|
|
|
<th align='center'>" . _MA_USER_LASTLOGIN . "</th> |
667
|
|
|
<th align='center'>" . _MA_USER_POSTS . '</th> |
668
|
|
|
</tr>'; |
669
|
|
|
$ucount = 0; |
670
|
|
|
foreach (array_keys($foundusers) as $j) { |
671
|
|
|
$class = 'odd'; |
672
|
|
|
if ($ucount % 2 == 0) { |
673
|
|
|
$class = 'even'; |
674
|
|
|
} |
675
|
|
|
++$ucount; |
676
|
|
|
$fuser_name = $foundusers[$j]->getVar('name') ?: ' '; |
677
|
|
|
echo "<tr class='$class'> |
678
|
|
|
<td align='center'>"; |
679
|
|
|
if ($multiple > 0) { |
680
|
|
|
echo "<input type='checkbox' name='{$name_userid}' id='{$name_userid}' value='" . $foundusers[$j]->getVar('uid') . "' />"; |
681
|
|
|
echo "<input type='hidden' name='{$name_username}' id='{$name_username}' value='" . $foundusers[$j]->getVar('uname') . "' />"; |
682
|
|
|
} else { |
683
|
|
|
echo "<input type='radio' name='{$name_userid}' id='{$name_userid}' value='" . $foundusers[$j]->getVar('uid') . "' />"; |
684
|
|
|
echo "<input type='hidden' name='{$name_username}' id='{$name_username}' value='" . $foundusers[$j]->getVar('uname') . "' />"; |
685
|
|
|
} |
686
|
|
|
echo "</td> |
687
|
|
|
<td><a href='" . XOOPS_URL . '/userinfo.php?uid=' . $foundusers[$j]->getVar('uid') . "' target='_blank'>" . $foundusers[$j]->getVar('uname') . '</a></td> |
688
|
|
|
<td>' . $fuser_name . "</td> |
689
|
|
|
<td align='center'>" . ($foundusers[$j]->getVar('user_regdate') ? date('Y-m-d', $foundusers[$j]->getVar('user_regdate')) : '') . "</td> |
690
|
|
|
<td align='center'>" . ($foundusers[$j]->getVar('last_login') ? date('Y-m-d H:i', $foundusers[$j]->getVar('last_login')) : '') . "</td> |
691
|
|
|
<td align='center'>" . $foundusers[$j]->getVar('posts') . '</td>'; |
692
|
|
|
echo "</tr>\n"; |
693
|
|
|
} |
694
|
|
|
echo "<tr class='foot'><td colspan='6'>"; |
695
|
|
|
|
696
|
|
|
// placeholder for external applications |
697
|
|
|
if (!Request::hasVar('target', 'POST')) { |
698
|
|
|
echo "<select name='fct'><option value='users'>" . _DELETE . "</option><option value='mailusers'>" . _MA_USER_SENDMAIL . '</option>'; |
699
|
|
|
echo '</select> '; |
700
|
|
|
echo $GLOBALS['xoopsSecurity']->getTokenHTML() . "<input type='submit' value='" . _SUBMIT . "' />"; |
701
|
|
|
|
702
|
|
|
// Add selected users |
703
|
|
|
} else { |
704
|
|
|
echo "<input type='button' value='" . _MA_USER_ADD_SELECTED . "' onclick='addusers();' />"; |
705
|
|
|
} |
706
|
|
|
echo "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES | ENT_HTML5) . "' />\n"; |
707
|
|
|
echo "</td></tr></table></form>\n"; |
708
|
|
|
} |
709
|
|
|
|
710
|
|
|
$hiddenform = "<form name='findnext' action='findusers.php' method='post'>"; |
711
|
|
|
foreach ($_POST as $k => $v) { |
712
|
|
|
if ($k === 'XOOPS_TOKEN_REQUEST') { |
713
|
|
|
// regenerate token value |
714
|
|
|
$hiddenform .= $GLOBALS['xoopsSecurity']->getTokenHTML() . "\n"; |
715
|
|
|
} elseif (is_array($v)) { |
716
|
|
|
foreach ($v as $temp) { |
717
|
|
|
$hiddenform .= "<input type='hidden' name='". htmlspecialchars($k, ENT_QUOTES | ENT_HTML5)."' value='" . htmlspecialchars($temp, ENT_QUOTES | ENT_HTML5) . "' />\n"; |
718
|
|
|
} |
719
|
|
|
} else { |
720
|
|
|
|
721
|
|
|
$hiddenform .= "<input type='hidden' name='" . htmlspecialchars($k, ENT_QUOTES | ENT_HTML5) . "' value='" . htmlspecialchars($myts->stripSlashesGPC($v), ENT_QUOTES | ENT_HTML5) . "' />\n"; |
|
|
|
|
722
|
|
|
} |
723
|
|
|
} |
724
|
|
|
if (!Request::hasVar('limit', 'POST')) { |
725
|
|
|
$hiddenform .= "<input type='hidden' name='limit' value='" . $limit . "' />\n"; |
726
|
|
|
} |
727
|
|
|
if (!Request::hasVar('start', 'POST')) { |
728
|
|
|
$hiddenform .= "<input type='hidden' name='start' value='" . $start . "' />\n"; |
729
|
|
|
} |
730
|
|
|
$hiddenform .= "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES | ENT_HTML5) . "' />\n"; |
731
|
|
|
if (!isset($total) || ($totalpages = ceil($total / $limit)) > 1) { |
732
|
|
|
$prev = $start - $limit; |
733
|
|
|
if ($start - $limit >= 0) { |
734
|
|
|
$hiddenform .= "<a href='#0' onclick='document.findnext.start.value=" . $prev . ";document.findnext.submit();'>" . _MA_USER_PREVIOUS . "</a> \n"; |
735
|
|
|
} |
736
|
|
|
$counter = 1; |
737
|
|
|
$currentpage = ($start + $limit) / $limit; |
738
|
|
|
if (!isset($total)) { |
739
|
|
|
while ($counter <= $currentpage) { |
740
|
|
|
if ($counter == $currentpage) { |
741
|
|
|
$hiddenform .= '<strong>' . $counter . '</strong> '; |
742
|
|
|
} elseif (($counter > $currentpage - 4 && $counter < $currentpage + 4) || $counter == 1) { |
743
|
|
|
$hiddenform .= "<a href='#" . $counter . "' onclick='document.findnext.start.value=" . ($counter - 1) * $limit . ";document.findnext.submit();'>" . $counter . '</a> '; |
744
|
|
|
if ($counter == 1 && $currentpage > 5) { |
745
|
|
|
$hiddenform .= '... '; |
746
|
|
|
} |
747
|
|
|
} |
748
|
|
|
++$counter; |
749
|
|
|
} |
750
|
|
|
} else { |
751
|
|
|
while ($counter <= $totalpages) { |
752
|
|
|
if ($counter == $currentpage) { |
753
|
|
|
$hiddenform .= '<strong>' . $counter . '</strong> '; |
754
|
|
|
} elseif (($counter > $currentpage - 4 && $counter < $currentpage + 4) || $counter == 1 || $counter == $totalpages) { |
755
|
|
|
if ($counter == $totalpages && $currentpage < $totalpages - 4) { |
756
|
|
|
$hiddenform .= '... '; |
757
|
|
|
} |
758
|
|
|
$hiddenform .= "<a href='#" . $counter . "' onclick='document.findnext.start.value=" . ($counter - 1) * $limit . ";document.findnext.submit();'>" . $counter . '</a> '; |
759
|
|
|
if ($counter == 1 && $currentpage > 5) { |
760
|
|
|
$hiddenform .= '... '; |
761
|
|
|
} |
762
|
|
|
} |
763
|
|
|
++$counter; |
764
|
|
|
} |
765
|
|
|
} |
766
|
|
|
|
767
|
|
|
$next = $start + $limit; |
768
|
|
|
if ((isset($total) && $total > $next) || (!isset($total) && count($foundusers) >= $limit)) { |
769
|
|
|
$hiddenform .= " <a href='#" . $total . "' onclick='document.findnext.start.value=" . $next . ";document.findnext.submit();'>" . _MA_USER_NEXT . "</a>\n"; |
770
|
|
|
} |
771
|
|
|
} |
772
|
|
|
$hiddenform .= '</form>'; |
773
|
|
|
|
774
|
|
|
echo '<div>' . $hiddenform; |
775
|
|
|
if (isset($total)) { |
776
|
|
|
echo '<br>' . sprintf(_MA_USER_USERSFOUND, $total) . ' '; |
777
|
|
|
} |
778
|
|
|
echo "<a href='#' onclick='document.findnext.start.value=0;document.findnext.user_submit.value=0;document.findnext.submit();'>" . _MA_USER_SEARCHAGAIN . "</a>\n"; |
779
|
|
|
echo '</div>'; |
780
|
|
|
} |
781
|
|
|
} |
782
|
|
|
|
783
|
|
|
xoops_footer(); |
784
|
|
|
|