Dokeos PHP Cross Reference Learning Management Systems

Source: /main/admin/group_list.php - 438 lines - 16493 bytes - Summary - Text - Print

   1  <?php
   2  /* For licensing terms, see /dokeos_license.txt */
   3  
   4  /**
   5  * @package dokeos.admin
   6  */
   7  
   8  // name of the language file that needs to be included
   9  $language_file = array ('registration','admin','userInfo');
  10  $cidReset = true;
  11  require  ('../inc/global.inc.php');
  12  require_once (api_get_path(LIBRARY_PATH).'sortabletable.class.php');
  13  require_once (api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php');
  14  require_once (api_get_path(LIBRARY_PATH).'security.lib.php');
  15  require_once(api_get_path(LIBRARY_PATH).'xajax/xajax.inc.php');
  16  require_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php');
  17  require_once api_get_path(LIBRARY_PATH).'group_portal_manager.lib.php';
  18  
  19  $this_section = SECTION_PLATFORM_ADMIN;
  20  api_protect_admin_script(true);
  21  
  22  
  23  /**
  24   * Get the total number of users on the platform
  25   * @see SortableTable#get_total_number_of_items()
  26   */
  27  function get_number_of_groups()
  28  {
  29      $group_table = Database :: get_main_table(TABLE_MAIN_GROUP);
  30      $sql = "SELECT COUNT(g.id) AS total_number_of_items FROM $group_table g";
  31  
  32      // adding the filter to see the user's only of the current access_url
  33      /*
  34      global $_configuration;
  35      if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
  36          $access_url_rel_user_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
  37          $sql.= " INNER JOIN $access_url_rel_user_table url_rel_user ON (u.user_id=url_rel_user.user_id)";
  38      }
  39  */
  40      if ( isset ($_GET['keyword'])) {
  41          $keyword = Database::escape_string($_GET['keyword']);
  42          $sql .= " WHERE (g.name LIKE '%".$keyword."%' OR g.description LIKE '%".$keyword."%'  OR  g.url LIKE '%".$keyword."%' )";    
  43      }
  44  
  45      // adding the filter to see the user's only of the current access_url
  46      /*
  47      if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
  48              $sql.= " AND url_rel_user.access_url_id=".api_get_current_access_url_id();
  49      }*/
  50  
  51      $res = Database::query($sql, __FILE__, __LINE__);
  52      $obj = Database::fetch_object($res);
  53      return $obj->total_number_of_items;
  54  }
  55  /**
  56   * Get the users to display on the current page (fill the sortable-table)
  57   * @param   int     offset of first user to recover
  58   * @param   int     Number of users to get
  59   * @param   int     Column to sort on
  60   * @param   string  Order (ASC,DESC)
  61   * @see SortableTable#get_table_data($from)
  62   */
  63  function get_group_data($from, $number_of_items, $column, $direction)
  64  {
  65      $group_table = Database :: get_main_table(TABLE_MAIN_GROUP);
  66      
  67      $sql = "SELECT
  68                   g.id            AS col0,
  69                   g.name            AS col1,                 
  70                   g.description     AS col2,
  71                   g.visibility     AS col3,
  72                   g.id            AS col4
  73               FROM $group_table g ";
  74  
  75      // adding the filter to see the user's only of the current access_url
  76      /*global $_configuration;
  77      if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
  78          $access_url_rel_user_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
  79          $sql.= " INNER JOIN $access_url_rel_user_table url_rel_user ON (u.user_id=url_rel_user.user_id)";
  80      }*/
  81  
  82      if (isset ($_GET['keyword'])) {
  83          $keyword = Database::escape_string($_GET['keyword']);
  84          $sql .= " WHERE (g.name LIKE '%".$keyword."%' OR g.description LIKE '%".$keyword."%'  OR  g.url LIKE '%".$keyword."%' )";
  85      } 
  86      /*
  87      // adding the filter to see the user's only of the current access_url
  88      if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
  89              $sql.= " AND url_rel_user.access_url_id=".api_get_current_access_url_id();
  90      }*/
  91  
  92      if (!in_array($direction, array('ASC','DESC'))) {
  93          $direction = 'ASC';
  94      }
  95      $column = intval($column);
  96      $from = intval($from);
  97      $number_of_items = intval($number_of_items);
  98  
  99      $sql .= " ORDER BY col$column $direction ";
 100      $sql .= " LIMIT $from,$number_of_items";
 101  
 102      $res = Database::query($sql, __FILE__, __LINE__);
 103  
 104      $users = array ();
 105      $t = time();
 106      while ($group = Database::fetch_row($res)) {        
 107          $group['1'] = '<a href="/main/social/groups.php?id='.$group['0'].'">'.$group['1'].'</a>';      
 108          $groups[] = $group;
 109      }
 110      return $groups;
 111  }
 112  
 113  
 114  function get_recent_group_data($from =0 , $number_of_items = 5, $column, $direction)
 115  {
 116      $group_table = Database :: get_main_table(TABLE_MAIN_GROUP);
 117      
 118      $sql = "SELECT
 119                   g.id            AS col0,
 120                   g.name            AS col1,                 
 121                   g.description     AS col2,
 122                   g.visibility     AS col3,
 123                   g.id            AS col4
 124               FROM $group_table g ";
 125  
 126      // adding the filter to see the user's only of the current access_url
 127      /*global $_configuration;
 128      if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
 129          $access_url_rel_user_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
 130          $sql.= " INNER JOIN $access_url_rel_user_table url_rel_user ON (u.user_id=url_rel_user.user_id)";
 131      }*/
 132  
 133      if (isset ($_GET['keyword'])) {
 134          $keyword = Database::escape_string($_GET['keyword']);
 135          $sql .= " WHERE (g.name LIKE '%".$keyword."%' OR g.description LIKE '%".$keyword."%'  OR  g.url LIKE '%".$keyword."%' )";
 136      } 
 137      /*
 138      // adding the filter to see the user's only of the current access_url
 139      if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
 140              $sql.= " AND url_rel_user.access_url_id=".api_get_current_access_url_id();
 141      }*/
 142  
 143      if (!in_array($direction, array('ASC','DESC'))) {
 144          $direction = 'ASC';
 145      }
 146      $column = intval($column);
 147      $from = intval($from);
 148      $number_of_items = intval($number_of_items);
 149  
 150      $sql .= " ORDER BY col$column $direction ";
 151      $sql .= " LIMIT $from,$number_of_items";
 152  
 153      $res = Database::query($sql, __FILE__, __LINE__);
 154  
 155      $users = array ();
 156      $t = time();
 157      while ($group = Database::fetch_row($res)) {
 158          // forget about the expiration date field              
 159          $groups[] = $group;
 160      }
 161      return $groups;
 162  }
 163  
 164  
 165  /**
 166   * Build the modify-column of the table
 167   * @param   int     The user id
 168   * @param   string  URL params to add to table links
 169   * @param   array   Row of elements to alter
 170   * @return string Some HTML-code with modify-buttons
 171   */
 172  function modify_filter($group_id,$url_params,$row)
 173  {
 174      global $charset;
 175      global $_user;
 176      global $_admins_list;
 177      if (api_is_platform_admin()) {
 178          $result .= '<a href="'.api_get_path(WEB_CODE_PATH).'admin/add_users_to_group.php?id='.$group_id.'">'.Display::return_icon('groupadd_22.png',get_lang('AddUsersToGroup')).'</a>';
 179          $result .= '<a href="group_edit.php?id='.$group_id.'">'.Display::return_icon('pixel.gif', get_lang('Edit'),array('class'=>'actionplaceholdericon actionedit')).'</a>&nbsp;&nbsp;';
 180          $result .= '<a href="group_list.php?action=delete_group&amp;group_id='.$group_id.'&amp;'.$url_params.'&amp;sec_token='.$_SESSION['sec_token'].'"  onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset))."'".')) return false;">'.Display::return_icon('pixel.gif', get_lang('Delete'),array('class'=>'actionplaceholdericon actiondelete')).'</a>';
 181      }
 182      return $result;
 183  }
 184  
 185  
 186  /**
 187   * Build the active-column of the table to lock or unlock a certain user
 188   * lock = the user can no longer use this account
 189   * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
 190   * @param int $active the current state of the account
 191   * @param int $user_id The user id
 192   * @param string $url_params
 193   * @return string Some HTML-code with the lock/unlock button
 194   */
 195  function active_filter($active, $url_params, $row) {
 196      global $_user;
 197  
 198      if ($active=='1') {
 199          $action='lock';
 200          $image='right';
 201      } elseif ($active=='-1') {
 202          $action='edit';
 203          $image='expired';
 204      } elseif ($active=='0') {
 205          $action='unlock';
 206          $image='wrong';
 207      }
 208  
 209      if ($action=='edit') {
 210          $result = Display::return_icon($image.'.gif', get_lang('AccountExpired'));
 211      }elseif ($row['0']<>$_user['user_id']) { // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
 212          $result = '<a href="user_list.php?action='.$action.'&amp;user_id='.$row['0'].'&amp;'.$url_params.'&amp;sec_token='.$_SESSION['sec_token'].'">'.Display::return_icon($image.'.gif', get_lang(ucfirst($action))).'</a>';
 213      }
 214      return $result;
 215  }
 216  
 217  /**
 218   * Lock or unlock a user
 219   * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
 220   * @param int $status, do we want to lock the user ($status=lock) or unlock it ($status=unlock)
 221   * @param int $user_id The user id
 222   * @return language variable
 223   */
 224  function lock_unlock_user($status,$user_id)
 225  {
 226      $user_table = Database :: get_main_table(TABLE_MAIN_USER);
 227      if ($status=='lock')
 228      {
 229          $status_db='0';
 230          $return_message=get_lang('UserLocked');
 231      }
 232      if ($status=='unlock')
 233      {
 234          $status_db='1';
 235          $return_message=get_lang('UserUnlocked');
 236      }
 237  
 238      if(($status_db=='1' OR $status_db=='0') AND is_numeric($user_id))
 239      {
 240          $sql="UPDATE $user_table SET active='".Database::escape_string($status_db)."' WHERE user_id='".Database::escape_string($user_id)."'";
 241          $result = Database::query($sql, __FILE__, __LINE__);
 242      }
 243  
 244      if ($result)
 245      {
 246          return $return_message;
 247      }
 248  }
 249  
 250  /**
 251   * Instead of displaying the integer of the status, we give a translation for the status
 252   *
 253   * @param integer $status
 254   * @return string translation
 255   *
 256   * @version march 2008
 257   * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University, Belgium
 258   */
 259  function status_filter($status)
 260  {
 261      $statusname = api_get_status_langvars();
 262      return $statusname[$status];
 263  }
 264  
 265  
 266  /**
 267  ==============================================================================
 268          INIT SECTION
 269  ==============================================================================
 270  */
 271  $action = $_GET["action"];
 272  
 273  if (isset ($_GET['search']) && $_GET['search'] == 'advanced') {
 274      $interbreadcrumb[] = array ("url" => 'index.php', "name" => get_lang('PlatformAdmin'));
 275      $interbreadcrumb[] = array ("url" => 'user_list.php', "name" => get_lang('UserList'));
 276      $tool_name = get_lang('SearchAUser');
 277      Display :: display_header($tool_name);
 278      echo '<div id="content">';
 279      //api_display_tool_title($tool_name);
 280      $form = new FormValidator('advanced_search','get');
 281      $form->addElement('header', '', $tool_name);
 282      $form->add_textfield('keyword_firstname',get_lang('FirstName'),false);
 283      $form->add_textfield('keyword_lastname',get_lang('LastName'),false);
 284      $form->add_textfield('keyword_username',get_lang('LoginName'),false);
 285      $form->add_textfield('keyword_email',get_lang('Email'),false);
 286      $form->add_textfield('keyword_officialcode',get_lang('OfficialCode'),false);
 287      $status_options = array();
 288      $status_options['%'] = get_lang('All');
 289      $status_options[STUDENT] = get_lang('Student');
 290      $status_options[COURSEMANAGER] = get_lang('Teacher');
 291      $status_options[SESSIONADMIN] = get_lang('Administrator');//
 292      $form->addElement('select','keyword_status',get_lang('Status'),$status_options);
 293      $active_group = array();
 294      $active_group[] = $form->createElement('checkbox','keyword_active','',get_lang('Active'));
 295      $active_group[] = $form->createElement('checkbox','keyword_inactive','',get_lang('Inactive'));
 296      $form->addGroup($active_group,'',get_lang('ActiveAccount'),'<br/>',false);
 297      $form->addElement('style_submit_button', 'submit',get_lang('SearchUsers'),'class="search"');
 298      $defaults['keyword_active'] = 1;
 299      $defaults['keyword_inactive'] = 1;
 300      $form->setDefaults($defaults);
 301      $form->display();
 302  }
 303  else
 304  {
 305      $interbreadcrumb[] = array ("url" => 'index.php', "name" => get_lang('PlatformAdmin'));
 306      $tool_name = get_lang('UserList');
 307      Display :: display_header($tool_name, "");
 308      //api_display_tool_title($tool_name);
 309      if (isset ($_GET['action'])) {
 310          $check = Security::check_token('get');
 311          if($check) {
 312              switch ($_GET['action']) {
 313                  case 'show_message' :
 314                      if (!empty($_GET['warn'])) {
 315                          // to prevent too long messages
 316                          if ($_GET['warn'] == 'session_message'){
 317                              $_GET['warn'] = $_SESSION['session_message_import_users'];
 318                          } 
 319                          Display::display_warning_message(urldecode($_GET['warn']),false);
 320                      }
 321                      if (!empty($_GET['message'])) {
 322                          Display :: display_confirmation_message(stripslashes($_GET['message']));
 323                      }
 324                      break;
 325                  case 'delete_group' :
 326                      if (api_is_platform_admin()) {
 327                          if (GroupPortalManager :: delete($_GET['group_id'])) {
 328                            echo get_lang('GroupDeleted');
 329                          } else {
 330                            echo get_lang('CannotDeleteGroup');
 331                          }
 332                      }
 333                      break;
 334                  case 'lock' :
 335                      $message=lock_unlock_user('lock',$_GET['user_id']);
 336                      Display :: display_normal_message($message);
 337                      break;
 338                  case 'unlock';
 339                      $message=lock_unlock_user('unlock',$_GET['user_id']);
 340                      Display :: display_normal_message($message);
 341                      break;
 342  
 343              }
 344              Security::clear_token();
 345          }
 346      }
 347      if (isset ($_POST['action']))
 348      {
 349          $check = Security::check_token('get');
 350          if($check)
 351          {
 352              switch ($_POST['action'])
 353              {
 354                  case 'delete' :
 355                      if (api_is_platform_admin()) {
 356                          $number_of_selected_users = count($_POST['id']);
 357                          $number_of_deleted_users = 0;
 358                          if (is_array($_POST['id'])) {
 359                              foreach ($_POST['id'] as $index => $user_id)
 360                              {
 361                                  if($user_id != $_user['user_id'])
 362                                  {
 363                                      if(UserManager :: delete_user($user_id))
 364                                      {
 365                                          $number_of_deleted_users++;
 366                                      }
 367                                  }
 368                              }
 369                          }
 370                          if($number_of_selected_users == $number_of_deleted_users)
 371                          {
 372                              Display :: display_confirmation_message(get_lang('SelectedUsersDeleted'));
 373                          }
 374                          else
 375                          {
 376                              Display :: display_error_message(get_lang('SomeUsersNotDeleted'));
 377                          }
 378                      }
 379                      break;
 380              }
 381              Security::clear_token();
 382          }
 383      }
 384      // Create a search-box
 385      $form = new FormValidator('search_simple','get','','',array('style'=> 'float:right'),false);
 386      $renderer =& $form->defaultRenderer();
 387      $renderer->setElementTemplate('<span>{element}</span> ');
 388  
 389      $form->addElement('text','keyword',get_lang('keyword'));
 390      $form->addElement('style_submit_button', 'submit',get_lang('Search'),'class="search"');
 391      //$form->addElement('static','search_advanced_link',null,'<a href="user_list.php?search=advanced">'.get_lang('AdvancedSearch').'</a>');
 392      echo '<div class="actions">';
 393      if (api_is_platform_admin()) {
 394          echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/group_add.php">'.Display::return_icon('groupadd_32.png',get_lang('AddUsers')).get_lang('AddGroups').'</a>';
 395      }
 396       $form->display();
 397       echo '<div style="clear: both;"></div>';
 398      echo '</div>';
 399      if (isset ($_GET['keyword'])) {
 400          $parameters = array ('keyword' => Security::remove_XSS($_GET['keyword']));
 401      }
 402      // Create a sortable table with user-data
 403      $parameters['sec_token'] = Security::get_token();
 404  
 405      // get the list of all admins to mark them in the users list
 406      $admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
 407      $sql_admin = "SELECT user_id FROM $admin_table";
 408      $res_admin = Database::query($sql_admin);
 409      $_admins_list = array();
 410      while ($row_admin = Database::fetch_row($res_admin)) {
 411          $_admins_list[] = $row_admin[0];
 412      }
 413  
 414      $table = new SortableTable('users', 'get_number_of_groups', 'get_group_data', 2);
 415      $table->set_additional_parameters($parameters);
 416      $table->set_header(0, '', false);
 417      $table->set_header(1, get_lang('Name'));
 418      $table->set_header(2, get_lang('Description'));
 419      $table->set_header(3, get_lang('Visibility'));
 420      $table->set_header(4, '', false);    
 421      $table->set_column_filter(4, 'modify_filter');
 422      //$table->set_column_filter(6, 'status_filter');
 423      //$table->set_column_filter(7, 'active_filter');
 424      //$table->set_column_filter(8, 'modify_filter');
 425      echo '<div id="content">';
 426      if (api_is_platform_admin())
 427          $table->set_form_actions(array ('delete' => get_lang('DeleteFromPlatform')));
 428      $table->display();
 429  }
 430  // Close main content
 431  echo '</div>';
 432  /*
 433  ==============================================================================
 434          FOOTER
 435  ==============================================================================
 436  */
 437  Display :: display_footer();
 438  ?>

title

Description

title

Description

title

Description

title

title

Body