Dokeos PHP Cross Reference Learning Management Systems

Source: /main/admin/user_list.php - 1052 lines - 48161 bytes - Summary - Text - Print

   1  <?php
   2  /* For licensing terms, see /dokeos_license.txt */
   3  
   4  /**
   5  * @author Bart Mollet
   6  * @package dokeos.admin
   7  */
   8  
   9  // name of the language file that needs to be included
  10  $language_file = array ('registration', 'admin', 'tracking');
  11  
  12  // resetting the course id
  13  $cidReset = true;
  14  
  15  // setting the help
  16  $help_content = 'platformadministrationuserlist';
  17  
  18  // including the global Dokeos file
  19  require_once  '../inc/global.inc.php';
  20  
  21  // including additional libraries
  22  require_once api_get_path(LIBRARY_PATH).'sortabletable.class.php';
  23  require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
  24  require_once api_get_path(LIBRARY_PATH).'security.lib.php';
  25  require_once api_get_path(LIBRARY_PATH).'xajax/xajax.inc.php';
  26  require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
  27  require_once api_get_path(LIBRARY_PATH).'tracking.lib.php';
  28  
  29  // setting the section (for the tabs)
  30  $this_section = SECTION_PLATFORM_ADMIN;
  31  
  32  // set additional profile field if its a string
  33  if (isset($_GET['additional_profile_field']) && !is_array($_GET['additional_profile_field'])) {
  34      $_GET['additional_profile_field'] = explode(',', $_GET['additional_profile_field']);
  35  } else if (isset($_GET['additional_profile_field_search']) && !empty($_GET['additional_profile_field_search'])) { 
  36      $_GET['additional_profile_field'] = explode(',', $_GET['additional_profile_field_search']);
  37      unset($_GET['additional_profile_field_search']);
  38  }
  39  
  40  // Access restrictions
  41  api_protect_admin_script(true);
  42  
  43  // additional javascript
  44  //$htmlHeadXtra[] = '<script src="../inc/lib/javascript/jquery.js" type="text/javascript" language="javascript"></script>';
  45  $htmlHeadXtra[] = ' <script src="'.api_get_path(WEB_LIBRARY_PATH).'javascript/jquery.multiselect.js" type="text/javascript"></script>
  46                      <link rel="stylesheet" type="text/css" href="'.api_get_path(WEB_LIBRARY_PATH).'javascript/jquery.multiselect.css"/>';
  47  $htmlHeadXtra[] = '<script>
  48      $(document).ready(function(){
  49         $("#additional_profile_field").multiselect({checkAllText: "'.get_lang('SelectAll').'", uncheckAllText: "'.get_lang('UnSelectAll').'", noneSelectedText: "'.get_lang('SelectOption').'", selectedText: "'.'# '.get_lang('SelectedOption').'"});       
  50         $("#btn-search").click(function() {
  51              if ($("#search").css("display") == "none") {
  52                  $("#keyword").val("");
  53                  $("#search").show();
  54              } else {
  55                  $("#search").hide("slow")
  56              }            
  57         });
  58      });
  59  </script>';
  60  $htmlHeadXtra[] = '<script type="text/javascript">
  61  function load_course_list (div_course,my_user_id) {
  62       $.ajax({
  63          contentType: "application/x-www-form-urlencoded",
  64          beforeSend: function(objeto) {
  65          $("div#"+div_course).html("<img src=\'../inc/lib/javascript/indicator.gif\' />"); },
  66          type: "POST",
  67          url: "course_user_list.php",
  68          data: "user_id="+my_user_id,
  69          success: function(datos) {
  70              $("div#"+div_course).html(datos);
  71              $("div#div_"+my_user_id).attr("class","blackboard_show");
  72              $("div#div_"+my_user_id).attr("style","");
  73          }
  74      });
  75  }
  76  function clear_course_list (div_course) {
  77      $("div#"+div_course).html("&nbsp;");
  78      $("div#"+div_course).hide("");
  79  }
  80  </script>';
  81  $htmlHeadXtra[] = '<style type="text/css" media="screen, projection">
  82  .blackboard_show {
  83      float:left;
  84      position:absolute;
  85      border:1px solid black;
  86      width: 200px;
  87      background-color:white;
  88      z-index:99; padding: 3px;
  89      display: inline;
  90  }
  91  .blackboard_hide {
  92      display: none;
  93  }
  94  
  95  #additional_profile_field_form {
  96    margin: 10px 0px;
  97  }
  98  
  99  .secondary-actions {
 100      width:100%;
 101      overflow:hidden;
 102      height: 65px;
 103  }
 104  
 105  #secondary-actions-extra {
 106      height: 65px;
 107      overflow: hidden;
 108      width: 490px;
 109      float:left;
 110  }
 111  
 112  #search {
 113      height: 40px;
 114      margin-top: 10px;
 115      overflow: hidden;
 116      width: 442px;
 117      float:left;
 118      display:none;
 119  }
 120  
 121  #search input {
 122      margin-right: 12px;
 123      vertical-align: middle;
 124      
 125  }
 126  ';
 127  // xajax
 128  $xajax = new xajax();
 129  $xajax->registerFunction('courses_of_user');
 130  //$xajax->registerFunction('empty_courses_of_user');
 131  $xajax->processRequests();
 132  
 133  
 134  /**
 135   * Get a formatted list of courses for given user
 136   * @param   int     User ID
 137   * @return  resource    XAJAX response
 138   */
 139  function courses_of_user($arg)
 140  {
 141      // do some stuff based on $arg like query data from a database and
 142      // put it into a variable like $newContent
 143      //$newContent = 'werkt het? en met een beetje meer text, wordt dat goed opgelost? ';
 144      $personal_course_list = UserManager::get_personal_session_course_list($arg);
 145      $newContent = '';
 146      if(count($personal_course_list)>0)
 147      {
 148          foreach ($personal_course_list as $key=>$course)
 149          {
 150              $newContent .= $course['i'].'<br />';
 151          }
 152      }
 153      else
 154      {
 155          $newContent .= '- '.get_lang('None').' -<br />';
 156      }
 157      $newContent = api_convert_encoding($newContent,'utf-8',api_get_setting('platform_charset'));
 158  
 159      // Instantiate the xajaxResponse object
 160      $objResponse = new xajaxResponse();
 161  
 162      // add a command to the response to assign the innerHTML attribute of
 163      // the element with id="SomeElementId" to whatever the new content is
 164      $objResponse->addAssign("user".$arg,"innerHTML", $newContent);
 165      $objResponse->addReplace("coursesofuser".$arg,"alt", $newContent);
 166      $objResponse->addReplace("coursesofuser".$arg,"title", $newContent);
 167  
 168      $objResponse->addAssign("user".$arg,"style.display", "block");
 169  
 170      //return the  xajaxResponse object
 171      return $objResponse;
 172  }
 173  /**
 174   * Empties the XAJAX object representing the courses list
 175   * @param   int     User ID
 176   * @return  resource    XAJAX object
 177   */
 178  function empty_courses_of_user($arg)
 179  {
 180      // do some stuff based on $arg like query data from a database and
 181      // put it into a variable like $newContent
 182          $newContent = '';
 183      // Instantiate the xajaxResponse object
 184      $objResponse = new xajaxResponse();
 185      // add a command to the response to assign the innerHTML attribute of
 186      // the element with id="SomeElementId" to whatever the new content is
 187      $objResponse->addAssign("user".$arg,"innerHTML", $newContent);
 188  
 189  
 190      //return the  xajaxResponse object
 191      return $objResponse;
 192  }
 193  
 194  
 195  $htmlHeadXtra[] = $xajax->getJavascript('../inc/lib/xajax/');
 196  $htmlHeadXtra[] = '<style>
 197  .tooltipLinkInner {
 198      position:relative;
 199      float:left;
 200      color:blue;
 201      text-decoration:none;
 202  }
 203  </style>';
 204  
 205  /**
 206  *    Make sure this function is protected because it does NOT check password!
 207  *
 208  *    This function defines globals.
 209  *   @param  int     User ID
 210  *   @return bool    False on failure, redirection on success
 211  *    @author Evie Embrechts
 212  *   @author Yannick Warnier <yannick.warnier@dokeos.com>
 213  */
 214  function login_user($user_id) {
 215      //init ---------------------------------------------------------------------
 216      //Load $_user to be sure we clean it before logging in
 217      global $uidReset, $loginFailed, $_configuration, $_user;
 218  
 219      $main_user_table = Database :: get_main_table(TABLE_MAIN_USER);
 220      $main_admin_table = Database :: get_main_table(TABLE_MAIN_ADMIN);
 221      $track_e_login_table = Database :: get_statistic_table(TABLE_STATISTIC_TRACK_E_LOGIN);
 222  
 223      //logic --------------------------------------------------------------------
 224      unset($_user['user_id']); // uid not in session ? prevent any hacking
 225      if (!isset ($user_id)) {
 226          $uidReset = true;
 227          return;
 228      }
 229      if ($user_id != strval(intval($user_id))) {
 230          return false;
 231      }
 232  
 233      $sql_query = "SELECT * FROM $main_user_table WHERE user_id='$user_id'";
 234      $sql_result = Database::query($sql_query, __FILE__, __LINE__);
 235      $result = Database :: fetch_array($sql_result);
 236  
 237      // check if the user is allowed to 'login_as'
 238      $can_login_as = (api_is_platform_admin() OR (api_is_session_admin() && $result['status'] == 5 ));
 239      if (!$can_login_as) { return false; }
 240  
 241      $firstname = $result['firstname'];
 242      $lastname = $result['lastname'];
 243      $user_id = $result['user_id'];
 244  
 245      //$message = "Attempting to login as ".api_get_person_name($firstname, $lastname)." (id ".$user_id.")";
 246      if (api_is_western_name_order()) {
 247          $message = sprintf(get_lang('AttemptingToLoginAs'),$firstname,$lastname,$user_id);
 248      } else {
 249          $message = sprintf(get_lang('AttemptingToLoginAs'), $lastname, $firstname, $user_id);
 250      }
 251  
 252      $loginFailed = false;
 253      $uidReset = false;
 254  
 255      if ($user_id) { // a uid is given (log in succeeded)
 256          if ($_configuration['tracking_enabled']) {
 257              $sql_query = "SELECT user.*, a.user_id is_admin,
 258                  UNIX_TIMESTAMP(login.login_date) login_date
 259                  FROM $main_user_table
 260                  LEFT JOIN $main_admin_table a
 261                  ON user.user_id = a.user_id
 262                  LEFT JOIN $track_e_login_table login
 263                  ON user.user_id = login.login_user_id
 264                  WHERE user.user_id = '".$user_id."'
 265                  ORDER BY login.login_date DESC LIMIT 1";
 266          } else {
 267              $sql_query = "SELECT user.*, a.user_id is_admin
 268                  FROM $main_user_table
 269                  LEFT JOIN $main_admin_table a
 270                  ON user.user_id = a.user_id
 271                  WHERE user.user_id = '".$user_id."'";
 272          }
 273  
 274          $sql_result = Database::query($sql_query, __FILE__, __LINE__);
 275  
 276  
 277          if (Database::num_rows($sql_result) > 0) {
 278              // Extracting the user data
 279  
 280              $user_data = Database::fetch_array($sql_result);
 281  
 282              //Delog the current user
 283  
 284              LoginDelete($_SESSION["_user"]["user_id"]);
 285  
 286              // Cleaning session variables
 287              unset($_SESSION['_user']);
 288              unset($_SESSION['is_platformAdmin']);
 289              unset($_SESSION['is_allowedCreateCourse']);
 290              unset($_SESSION['_uid']);
 291  
 292  
 293              $_user['firstName']     = $user_data['firstname'];
 294              $_user['lastName']         = $user_data['lastname'];
 295              $_user['mail']             = $user_data['email'];
 296              $_user['lastLogin']     = $user_data['login_date'];
 297              $_user['official_code'] = $user_data['official_code'];
 298              $_user['picture_uri']     = $user_data['picture_uri'];
 299              $_user['user_id']        = $user_data['user_id'];
 300              $_user['status']        = $user_data['status'];
 301  
 302              $is_platformAdmin = (bool) (!is_null($user_data['is_admin']));
 303              $is_allowedCreateCourse = (bool) ($user_data['status'] == 1);
 304  
 305              // Filling session variables with new data
 306              $_SESSION['_uid'] = $user_id;
 307              $_SESSION['_user'] = $_user;
 308              $_SESSION['is_platformAdmin'] = $is_platformAdmin;
 309              $_SESSION['is_allowedCreateCourse'] = $is_allowedCreateCourse;
 310              $_SESSION['login_as'] = true; // will be usefull later to know if the user is actually an admin or not (example reporting)s
 311  
 312              $target_url = api_get_path(WEB_PATH)."user_portal.php";
 313              //$message .= "<br/>Login successful. Go to <a href=\"$target_url\">$target_url</a>";
 314              $message .= '<br />'.sprintf(get_lang('LoginSuccessfulGoToX'),'<a href="'.$target_url.'">'.$target_url.'</a>');
 315              Display :: display_header(get_lang('UserList'));
 316              echo '<div id="content">';// Start main content
 317              //Display :: display_normal_message($message,false);
 318              echo $message;
 319              echo '</div>'; // End main content
 320              Display :: display_footer();
 321              exit;
 322          } else {
 323              exit ("<br />WARNING UNDEFINED UID !! ");
 324          }
 325      }
 326  }
 327  /**
 328   * Get the total number of users on the platform
 329   * @see SortableTable#get_total_number_of_items()
 330   */
 331  function get_number_of_users()
 332  {
 333      $user_table = Database :: get_main_table(TABLE_MAIN_USER);
 334      $sql = "SELECT COUNT(u.user_id) AS total_number_of_items FROM $user_table u";
 335  
 336      // adding the filter to see the user's only of the current access_url
 337      global $_configuration;
 338      if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
 339          $access_url_rel_user_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
 340          $sql.= " INNER JOIN $access_url_rel_user_table url_rel_user ON (u.user_id=url_rel_user.user_id)";
 341      }
 342  
 343          if ( isset ($_GET['keyword'])) {
 344                  $keyword = Database::escape_string($_GET['keyword']);
 345                  $sql .= " WHERE (u.firstname LIKE '%".$keyword."%' OR u.lastname LIKE '%".$keyword."%'  OR u.username LIKE '%".$keyword."%' OR u.email LIKE '%".$keyword."%'  OR u.official_code LIKE '%".$keyword."%') ";
 346          } elseif (isset ($_GET['keyword_firstname'])) {
 347                  $admin_table = Database :: get_main_table(TABLE_MAIN_ADMIN);
 348                  $keyword_firstname = Database::escape_string($_GET['keyword_firstname']);
 349                  $keyword_lastname = Database::escape_string($_GET['keyword_lastname']);
 350                  $keyword_email = Database::escape_string($_GET['keyword_email']);
 351                  $keyword_officialcode = Database::escape_string($_GET['keyword_officialcode']);
 352                  $keyword_username = Database::escape_string($_GET['keyword_username']);
 353                  $keyword_status = Database::escape_string($_GET['keyword_status']);
 354                  $query_admin_table = '';
 355                  $keyword_admin = '';
 356                  if ($keyword_status == SESSIONADMIN) {
 357                          $keyword_status = '%';
 358                          $query_admin_table = " , $admin_table a ";
 359                          $keyword_admin = ' AND a.user_id = u.user_id ';
 360                  }
 361                  $keyword_active = isset($_GET['keyword_active']);
 362                  $keyword_inactive = isset($_GET['keyword_inactive']);
 363                  $sql .= $query_admin_table .
 364                                  " WHERE (u.firstname LIKE '%".$keyword_firstname."%' " .
 365                                  "AND u.lastname LIKE '%".$keyword_lastname."%' " .
 366                                  "AND u.username LIKE '%".$keyword_username."%'  " .
 367                                  "AND u.email LIKE '%".$keyword_email."%'   " .
 368                                  "AND u.official_code LIKE '%".$keyword_officialcode."%'    " .
 369                                  "AND u.status LIKE '".$keyword_status."'" .
 370                                  $keyword_admin;
 371                  if($keyword_active && !$keyword_inactive) {
 372                          $sql .= " AND u.active='1'";
 373                  } elseif($keyword_inactive && !$keyword_active) {
 374                          $sql .= " AND u.active='0'";
 375                  }
 376                  $sql .= " ) ";
 377          }
 378  
 379      // adding the filter to see the user's only of the current access_url
 380          if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
 381                  $sql.= " AND url_rel_user.access_url_id=".api_get_current_access_url_id();
 382      }
 383  
 384      $res = Database::query($sql, __FILE__, __LINE__);
 385      $obj = Database::fetch_object($res); 
 386      return $obj->total_number_of_items;
 387  }
 388  /**
 389   * Get the users to display on the current page (fill the sortable-table)
 390   * @param   int     offset of first user to recover
 391   * @param   int     Number of users to get
 392   * @param   int     Column to sort on
 393   * @param   string  Order (ASC,DESC)
 394   * @see SortableTable#get_table_data($from)
 395   */
 396  function get_user_data($from, $number_of_items, $column, $direction)
 397  {
 398      global $_configuration,$origin;
 399      $user_table = Database :: get_main_table(TABLE_MAIN_USER);
 400      $admin_table = Database :: get_main_table(TABLE_MAIN_ADMIN);
 401          $t_u_f_values = Database :: get_main_table(TABLE_MAIN_USER_FIELD_VALUES);
 402          $tbl_user_field = Database :: get_main_table(TABLE_MAIN_USER_FIELD);
 403  
 404          //number of column max = 8 
 405          if( $column < 9 ) {
 406                  $sql = "SELECT
 407                           u.user_id            AS col0,
 408                           u.user_id            AS col1,
 409                           u.official_code        AS col2,
 410                           ".(api_is_western_name_order()
 411                           ? "u.firstname         AS col3,
 412                           u.lastname             AS col4,"
 413                           : "u.lastname             AS col3,
 414                           u.firstname             AS col4,")."
 415                           u.username            AS col5,
 416                           u.email            AS col6,
 417                           u.status            AS col7,
 418                           u.active            AS col8,
 419                           u.user_id            AS col9 ".
 420                           ", u.expiration_date      AS exp ".
 421                      " FROM $user_table u   ";
 422  
 423              // adding the filter to see the user's only of the current access_url    
 424              if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
 425                  $access_url_rel_user_table= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
 426                  $sql.= " INNER JOIN $access_url_rel_user_table url_rel_user ON (u.user_id=url_rel_user.user_id)";
 427              }
 428  
 429              if (isset ($_GET['keyword'])) {
 430                      $keyword = Database::escape_string($_GET['keyword']);
 431                      $sql .= " WHERE (u.firstname LIKE '%".$keyword."%' OR u.lastname LIKE '%".$keyword."%'  OR u.username LIKE '%".$keyword."%'  OR u.official_code LIKE '%".$keyword."%' OR u.email LIKE '%".$keyword."%' )";
 432              } elseif (isset ($_GET['keyword_firstname'])) {
 433                      $keyword_firstname = Database::escape_string($_GET['keyword_firstname']);
 434                      $keyword_lastname = Database::escape_string($_GET['keyword_lastname']);
 435                      $keyword_email = Database::escape_string($_GET['keyword_email']);
 436                      $keyword_officialcode = Database::escape_string($_GET['keyword_officialcode']);
 437                      $keyword_username = Database::escape_string($_GET['keyword_username']);
 438                      $keyword_status = Database::escape_string($_GET['keyword_status']);
 439                      $query_admin_table = '';
 440                      $keyword_admin = '';
 441  
 442                      if ($keyword_status == SESSIONADMIN) {
 443                              $keyword_status = '%';
 444                              $query_admin_table = " , $admin_table a ";
 445                              $keyword_admin = ' AND a.user_id = u.user_id ';
 446                      }
 447                      $keyword_active = isset($_GET['keyword_active']);
 448                      $keyword_inactive = isset($_GET['keyword_inactive']);
 449                      $sql .= $query_admin_table." WHERE (u.firstname LIKE '%".$keyword_firstname."%' " .
 450                                      "AND u.lastname LIKE '%".$keyword_lastname."%' " .
 451                                      "AND u.username LIKE '%".$keyword_username."%'  " .
 452                                      "AND u.email LIKE '%".$keyword_email."%'   " .
 453                                      "AND u.official_code LIKE '%".$keyword_officialcode."%'    " .
 454                                      "AND u.status LIKE '".$keyword_status."'" .
 455                                      $keyword_admin;
 456  
 457                      if ($keyword_active && !$keyword_inactive) {
 458                              $sql .= " AND u.active='1'";
 459                      } elseif($keyword_inactive && !$keyword_active) {
 460                              $sql .= " AND u.active='0'";
 461                      }
 462                      $sql .= " ) ";
 463              }
 464  
 465              // adding the filter to see the user's only of the current access_url
 466              if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
 467                          $sql.= " AND url_rel_user.access_url_id=".api_get_current_access_url_id();
 468              }
 469  
 470              if (!in_array($direction, array('ASC','DESC'))) {
 471                  $direction = 'ASC';
 472              }
 473              $column = intval($column);
 474              $from = intval($from);
 475              $number_of_items = intval($number_of_items);
 476  
 477                  $sql .= " ORDER BY col$column $direction ";
 478                  $sql .= " LIMIT $from,$number_of_items";    
 479  
 480                  $res = Database::query($sql, __FILE__, __LINE__);
 481          
 482          // Columns Extra Field        
 483          } else {             
 484                      //if (isset(additional_profile_field))
 485                      //get column selected
 486                      $id_column = $column;
 487                      //default columns
 488                      $def_column = 8;
 489                      
 490                      //Position Selected
 491                      $position_id = $id_column - $def_column - 1;
 492  
 493                      //Array Field actived
 494                      $array_field_activate = array();        
 495  
 496                      if (isset($_GET['additional_profile_field']) && count($_GET['additional_profile_field']) > 0) {
 497                        $array_field_activate = UserManager::get_active_extra_fields($_GET['additional_profile_field']);
 498                        $field_sort = $array_field_activate[$position_id];
 499                      } 
 500                      
 501                      /*if ($field_sort < 9) {
 502                          $field_sort = 9;
 503                      }*/
 504  
 505                      //id field to sort                    
 506                      
 507                      //type ASC, DESC
 508                       if (!in_array($direction, array('ASC','DESC'))) {
 509                          $direction = 'ASC';
 510                      }
 511  
 512                      /*Start recicled code*/        
 513                      $sql_add = ""; 
 514                      if (isset ($_GET['keyword'])) {
 515                              $keyword = Database::escape_string($_GET['keyword']);
 516                              $sql_add .= " WHERE (u.firstname LIKE '%".$keyword."%' OR u.lastname LIKE '%".$keyword."%'  OR u.username LIKE '%".$keyword."%'  OR u.official_code LIKE '%".$keyword."%' OR u.email LIKE '%".$keyword."%' )";
 517                      } elseif (isset ($_GET['keyword_firstname'])) {
 518                              $keyword_firstname = Database::escape_string($_GET['keyword_firstname']);
 519                              $keyword_lastname = Database::escape_string($_GET['keyword_lastname']);
 520                              $keyword_email = Database::escape_string($_GET['keyword_email']);
 521                              $keyword_officialcode = Database::escape_string($_GET['keyword_officialcode']);
 522                              $keyword_username = Database::escape_string($_GET['keyword_username']);
 523                              $keyword_status = Database::escape_string($_GET['keyword_status']);
 524                              $query_admin_table = '';
 525                              $keyword_admin = '';
 526  
 527                              if ($keyword_status == SESSIONADMIN) {
 528                                      $keyword_status = '%';
 529                                      $query_admin_table = " , $admin_table a ";
 530                                      $keyword_admin = ' AND a.user_id = u.user_id ';
 531                              }
 532                              $keyword_active = isset($_GET['keyword_active']);
 533                              $keyword_inactive = isset($_GET['keyword_inactive']);
 534                              $sql_add .= $query_admin_table." WHERE (u.firstname LIKE '%".$keyword_firstname."%' " .
 535                                              "AND u.lastname LIKE '%".$keyword_lastname."%' " .
 536                                              "AND u.username LIKE '%".$keyword_username."%'  " .
 537                                              "AND u.email LIKE '%".$keyword_email."%'   " .
 538                                              "AND u.official_code LIKE '%".$keyword_officialcode."%'    " .
 539                                              "AND u.status LIKE '".$keyword_status."'" .
 540                                              $keyword_admin;
 541  
 542                              if ($keyword_active && !$keyword_inactive) {
 543                                      $sql_add .= " AND u.active='1'";
 544                              } elseif($keyword_inactive && !$keyword_active) {
 545                                      $sql_add .= " AND u.active='0'";
 546                              }
 547                              $sql_add .= " ) ";
 548                      } else {
 549                          if (!empty($array_field_activate) && !isset($_GET['users_page_nr'])) {                            
 550                              $sql_add = ' WHERE u_f.id IN('.implode(',', $array_field_activate).')';
 551                          }
 552                      }
 553                                                               
 554                      if ((api_is_platform_admin() || api_is_session_admin()) && $_configuration['multiple_access_urls']==true && api_get_current_access_url_id()!=-1) {
 555                          $sql_add .= " AND url_rel_user.access_url_id=".api_get_current_access_url_id();
 556                      }
 557  
 558                      /*End recicled code*/                    
 559                      $from = intval($from);
 560                      $number_of_items = intval($number_of_items);
 561              
 562                      $res = UserManager::get_active_sorted_extra_fields($field_sort, $direction,$from,$number_of_items,$keyword,$keyword_firstname,$keyword_lastname,$keyword_username,$keyword_email,$keyword_officialcode, $keyword_status,$keyword_admin, $keyword_active,$keyword_inactive,$sql_add,$from,$number_of_items);
 563                     
 564           }
 565          // $res = Return an array of SQL query
 566           
 567      $users = array ();
 568          $t = time();
 569     
 570          //Return an array active extra field 
 571          if (isset($_GET['additional_profile_field']) && count($_GET['additional_profile_field']) > 0) {
 572              $array_field_activate = UserManager::get_active_extra_fields($_GET['additional_profile_field']);
 573          }
 574          while ($user = Database::fetch_row($res)) {
 575          $image_path = UserManager::get_user_picture_path_by_id($user[0], 'web', false, true);
 576                  $image_info = explode('.', $image_path['file']);
 577                  if (strcmp($image_info['0'], 'unknown') === 0) {
 578                     $image_tag = Display::return_icon('pixel.gif', api_get_person_name($user[3], $user[4]), array('class'=>'actionplaceholdericon actionunknown'));
 579                  } else {
 580                              $user_profile = UserManager::get_picture_user($user[0], $image_path['file'], 22, 'small_', ' width="22" height="22" ');
 581                      $image_tag = '<img src="'.$user_profile['file'].'" '.$user_profile['style'].' alt="'.api_get_person_name($user[3], $user[4]).'" title="'.api_get_person_name($user[3], $user[4]).'" />';
 582                  }
 583  
 584                  if (!api_is_anonymous()) {
 585                                  $photo = '<center><a href="'.api_get_path(WEB_PATH).'whoisonline.php?origin=user_list&id='.$user[0].'" title="'.get_lang('Info').'"  >'.$image_tag.'</a></center>';
 586                          } else {
 587                                  $photo = '<center>'.$image_tag.'</center>';
 588                          }                
 589  
 590                  if ($user[8] == 1 && $user[10] != '0000-00-00 00:00:00') {
 591                      // check expiration date
 592                      $expiration_time = convert_mysql_date($user[10]);
 593                      // if expiration date is passed, store a special value for active field
 594                      if ($expiration_time < $t) {
 595                             $user[8] = '-1';
 596                      }
 597                  }
 598                           
 599          $users[$i] = array($user[0],$photo,$user[2],$user[3],$user[4],$user[5],$user[6],$user[7],$user[8]);        
 600                  
 601                  //Return an array active extra field user
 602                  if (isset($_GET['additional_profile_field']) && count($_GET['additional_profile_field']) > 0) {
 603                      $array_user_active = UserManager::get_active_user_extra_fields($user[0]);
 604                      for($k = 0 ; $k < count($array_field_activate) ; $k++) {        
 605                          if (in_array($array_field_activate[$k],$array_user_active )) {
 606                              $field_value = UserManager::get_user_name_field($user[0] , $array_field_activate[$k]);                    
 607                              array_push($users[$i], $field_value);                    
 608                          } else {
 609                              array_push($users[$i],'');
 610                          }   
 611                      }
 612                  }
 613                  
 614              array_push($users[$i],$user[9]);
 615             $i++;
 616          }
 617  
 618      return $users;
 619  }
 620  /**
 621  * Returns a mailto-link
 622  * @param string $email An email-address
 623  * @return string HTML-code with a mailto-link
 624  */
 625  function email_filter($email)
 626  {
 627      return Display :: encrypted_mailto_link($email, $email);
 628  }
 629  /**
 630   * Build the modify-column of the table
 631   * @param   int     The user id
 632   * @param   string  URL params to add to table links
 633   * @param   array   Row of elements to alter
 634   * @return string Some HTML-code with modify-buttons
 635   */
 636  function modify_filter($user_id,$url_params,$row)
 637  {
 638      global $charset;
 639      global $_user;
 640      global $_admins_list;
 641      $is_admin = in_array($user_id,$_admins_list);
 642      $statusname = api_get_status_langvars();
 643  
 644      if (api_is_anonymous($user_id, true)) {
 645          $user_is_anonymous =true;
 646      }
 647      if (!$user_is_anonymous) {
 648      /*    $result .= '<a  href="javascript:void(0)" onclick="load_course_list(\'div_'.$user_id.'\','.$user_id.')">
 649                      <img onclick="load_course_list(\'div_'.$user_id.'\','.$user_id.')" onmouseout="clear_course_list (\'div_'.$user_id.'\')" src="../img/course_22.png" title="'.get_lang('Courses').'" alt="'.get_lang('Courses').'"/>
 650                      <div class="blackboard_hide" id="div_'.$user_id.'">&nbsp;&nbsp;</div>
 651                      </a>&nbsp;&nbsp;';*/
 652          $result .= '<a  href="javascript:void(0)" onclick="load_course_list(\'div_'.$user_id.'\','.$user_id.')">'.Display::return_icon('pixel.gif', get_lang('Course'), array('class' => 'actionplaceholdericon actioncourse','onclick' => 'load_course_list(\'div_'.$user_id.'\','.$user_id.')','onmouseout' => 'clear_course_list (\'div_'.$user_id.'\')')).'<div class="blackboard_hide" id="div_'.$user_id.'">&nbsp;&nbsp;</div>
 653                      </a>&nbsp;&nbsp;';
 654      } else {
 655          $result .= Display::return_icon('pixel.gif', get_lang('Course'), array('class' => 'actionplaceholdericon actioncourse invisible')).'&nbsp;&nbsp;';
 656      }
 657  
 658      if (api_is_platform_admin()) {
 659          if (!$user_is_anonymous) {
 660              $result .= '<a href="user_information.php?user_id='.$user_id.'">'.Display::return_icon('pixel.gif', get_lang('Info'), array('class' => 'actionplaceholdericon actioninfo')).'</a>&nbsp;&nbsp;';
 661          } else {
 662              $result .= Display::return_icon('pixel.gif', get_lang('Info'), array('class' => 'actionplaceholdericon actioninfo invisible')).'&nbsp;&nbsp;';
 663          }
 664      }
 665  
 666      //only allow platform admins to login_as, or session admins only for students (not teachers nor other admins)
 667      if (api_is_platform_admin() || (api_is_session_admin() && $row['6'] == $statusname[STUDENT])) {
 668          if (!$user_is_anonymous) {
 669              $result .= '<a href="user_list.php?action=login_as&amp;user_id='.$user_id.'&amp;sec_token='.$_SESSION['sec_token'].'">'.Display::return_icon('pixel.gif', get_lang('LoginAs'), array('class' => 'actionplaceholdericon actionsloginas')).'</a>&nbsp;&nbsp;';
 670          } else {
 671              $result .= Display::return_icon('pixel.gif', get_lang('LoginAs'), array('class' => 'actionplaceholdericon actionsloginas invisible')).'&nbsp;&nbsp;';
 672          }
 673      } else {
 674          $result .= Display::return_icon('pixel.gif', get_lang('LoginAs'), array('class' => 'actionplaceholdericon actionsloginas invisible')).'&nbsp;&nbsp;';
 675      }
 676      if ($row['7'] != $statusname[STUDENT]) {
 677          $result .= Display::return_icon('pixel.gif', get_lang('Reporting'),array("class" => "actionplaceholdericon actionstatistics_na")).'&nbsp;&nbsp;';
 678      } else {
 679          $result .= '<a href="../mySpace/myStudents.php?student='.$user_id.'">'.Display::return_icon('pixel.gif', get_lang('Reporting'), array('class' => 'actionplaceholdericon actiontracking')).'</a>&nbsp;&nbsp;';
 680      }
 681  
 682      if (api_is_platform_admin()) {
 683          if (!$user_is_anonymous) {
 684              $result .= '<a href="user_edit.php?user_id='.$user_id.'">'.Display::return_icon('pixel.gif', get_lang('Edit'), array('class' => 'actionplaceholdericon actionedit')).'</a>&nbsp;&nbsp;';
 685          } else {
 686                  $result .= Display::return_icon('pixel.gif', get_lang('Edit'), array('class' => 'actionplaceholdericon actionedit invisible')).'</a>&nbsp;&nbsp;';
 687          }
 688  
 689          if ($row[0]<>$_user['user_id'] && $user_is_anonymous == false) {
 690              // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
 691              $result .= '<a href="user_list.php?action=delete_user&amp;user_id='.$user_id.'&amp;'.$url_params.'&amp;sec_token='.$_SESSION['sec_token'].'"  onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang("ConfirmYourChoice"),ENT_QUOTES,$charset))."'".')) return false;">'.Display::return_icon('pixel.gif', get_lang('Delete'), array('class' => 'actionplaceholdericon actiondelete')).'</a>'.'&nbsp;&nbsp;';
 692          } else {
 693              $result .= Display::return_icon('pixel.gif', get_lang('Delete'), array('class' => 'actionplaceholdericon actiondelete invisible')).'&nbsp;&nbsp;&nbsp;&nbsp;';
 694          }
 695      }
 696          if ($is_admin) {
 697              //$result .= Display::return_icon('admin_star.png', get_lang('IsAdministrator'),array('width'=> 22, 'heigth'=> 22)).'&nbsp;&nbsp;';
 698          
 699          } else {
 700              //$result .= Display::return_icon('admin_star_na.png', get_lang('IsNotAdministrator')).'&nbsp;&nbsp;';
 701          }
 702      return $result;
 703  }
 704  
 705  
 706  /**
 707   * Build the active-column of the table to lock or unlock a certain user
 708   * lock = the user can no longer use this account
 709   * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
 710   * @param int $active the current state of the account
 711   * @param int $user_id The user id
 712   * @param string $url_params
 713   * @return string Some HTML-code with the lock/unlock button
 714   */
 715  function active_filter($active, $url_params, $row) {
 716      global $_user;
 717      if ($active=='1') {
 718          $action='lock';
 719      //    $image='right.png';
 720          $class = 'actionplaceholdericon actionsvalidate';
 721      } elseif ($active=='-1') {
 722          $action='edit';
 723       // $image='expired.gif';
 724          $class = 'actionplaceholdericon actionsuserexpired';
 725      } elseif ($active=='0') {
 726          $action='unlock';
 727      //    $image='wrong.png';
 728          $class = 'actionplaceholdericon actionslook';
 729      }
 730  
 731      if ($action=='edit') {
 732          $result = Display::return_icon('pixel.gif',get_lang('AccountExpired'), array('class' => $class));
 733      }elseif ($row['0']<>$_user['user_id']) { // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
 734          $result = '<a href="user_list.php?action='.$action.'&amp;user_id='.$row['0'].'&amp;'.$url_params.'&amp;sec_token='.$_SESSION['sec_token'].'">'.Display::return_icon('pixel.gif',get_lang(ucfirst($action)), array('class' => $class)).'</a>';
 735      }
 736      return '<center>'.$result.'</center>';
 737  }
 738  
 739  /**
 740   * Lock or unlock a user
 741   * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
 742   * @param int $status, do we want to lock the user ($status=lock) or unlock it ($status=unlock)
 743   * @param int $user_id The user id
 744   * @return language variable
 745   */
 746  function lock_unlock_user($status,$user_id)
 747  {
 748      $user_table = Database :: get_main_table(TABLE_MAIN_USER);
 749      if ($status=='lock')
 750      {
 751                  $log = LOG_USER_LOCK;
 752          $status_db='0';
 753          $return_message=get_lang('UserLocked');
 754      }
 755      if ($status=='unlock')
 756      {
 757                  $log = LOG_USER_UNLOCK;
 758          $status_db='1';
 759          $return_message=get_lang('UserUnlocked');
 760      }
 761  
 762      if(($status_db=='1' OR $status_db=='0') AND is_numeric($user_id))
 763      {
 764          $sql="UPDATE $user_table SET active='".Database::escape_string($status_db)."' WHERE user_id='".Database::escape_string($user_id)."'";
 765          $result = Database::query($sql, __FILE__, __LINE__);
 766      }
 767  
 768          $time = time();
 769          $user_id_manager = api_get_user_id();
 770          event_system($log, LOG_USER_ID, $user_id, $time, $user_id_manager);
 771          
 772          
 773      if ($result)
 774      {
 775          return $return_message;
 776      }
 777  }
 778  
 779  /**
 780   * Instead of displaying the integer of the status, we give a translation for the status
 781   *
 782   * @param integer $status
 783   * @return string translation
 784   *
 785   * @version march 2008
 786   * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University, Belgium
 787   */
 788  function status_filter($status)
 789  {
 790      $statusname = api_get_status_langvars();
 791      return $statusname[$status];
 792  }
 793  
 794  
 795  /**
 796  ==============================================================================
 797          INIT SECTION
 798  ==============================================================================
 799  */
 800  $action = $_GET["action"];
 801  $login_as_user_id = Security::remove_XSS($_GET["user_id"]);
 802  
 803  
 804  // Login as ...
 805  if ($_GET['action'] == "login_as" && isset ($_GET["user_id"])) {
 806      login_user($login_as_user_id);
 807  }
 808  
 809  if (isset ($_GET['search']) && $_GET['search'] == 'advanced')
 810  {
 811      $interbreadcrumb[] = array ("url" => 'index.php', "name" => get_lang('PlatformAdmin'));
 812      $interbreadcrumb[] = array ("url" => 'user_list.php', "name" => get_lang('UserList'));
 813      $tool_name = get_lang('SearchAUser');
 814      Display :: display_header($tool_name);
 815  
 816      //Actions
 817      echo '<div class="actions">';
 818      echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/user_add.php">'.Display::return_icon('pixel.gif',get_lang('AddUsers'), array('class' => 'toolactionplaceholdericon toolactionaddusertocourse')).get_lang('AddUsers').'</a>';
 819      echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/user_export.php">'.Display::return_icon('pixel.gif',get_lang('Export'), array('class' => 'toolactionplaceholdericon toolactionexportcourse')).get_lang('Export').'</a>';
 820      echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/user_import.php">'.Display::return_icon('pixel.gif',get_lang('Import'), array('class' => 'toolactionplaceholdericon toolactionimportcourse')).get_lang('Import').'</a>';
 821      echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/user_fields.php">'.Display::return_icon('pixel.gif',get_lang('ManageUserFields'), array('class' => 'toolactionplaceholdericon toolactionsprofile')).get_lang('ManageUserFields').'</a>';
 822      echo '</div>';
 823  
 824      echo '<div id="content">';
 825      //api_display_tool_title($tool_name);
 826      $form = new FormValidator('advanced_search','get');
 827      $form->addElement('header', '', $tool_name);
 828      $form->add_textfield('keyword_firstname',get_lang('FirstName'),false,'class="focus"');
 829      $form->add_textfield('keyword_lastname',get_lang('LastName'),false);
 830      $form->add_textfield('keyword_username',get_lang('LoginName'),false);
 831      $form->add_textfield('keyword_email',get_lang('Email'),false);
 832      $form->add_textfield('keyword_officialcode',get_lang('OfficialCode'),false);
 833      $status_options = array();
 834      $status_options['%'] = get_lang('All');
 835      $status_options[STUDENT] = get_lang('Student');
 836      $status_options[COURSEMANAGER] = get_lang('Teacher');
 837      $status_options[SESSIONADMIN] = get_lang('Administrator');//
 838      $form->addElement('select','keyword_status',get_lang('Status'),$status_options);
 839      $active_group = array();
 840      $active_group[] = $form->createElement('checkbox','keyword_active','',get_lang('Active'));
 841      $active_group[] = $form->createElement('checkbox','keyword_inactive','',get_lang('Inactive'));
 842      $form->addGroup($active_group,'',get_lang('ActiveAccount'),'<br/>',false);
 843      $form->addElement('style_submit_button', 'submit',get_lang('SearchUsers'),'style="float:none; margin-right:10px;" class="search"');
 844      $defaults['keyword_active'] = 1;
 845      $defaults['keyword_inactive'] = 1;
 846      $form->setDefaults($defaults);
 847      $form->display();
 848      echo '</div>';
 849  }
 850  else
 851  {
 852      $interbreadcrumb[] = array ("url" => 'index.php', "name" => get_lang('PlatformAdmin'));
 853      $tool_name = get_lang('UserList');
 854      Display :: display_header($tool_name, "");
 855  
 856      //Actions
 857      echo '<div class="actions">';
 858      echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/user_add.php">'.Display::return_icon('pixel.gif',get_lang('AddUsers'), array('class' => 'toolactionplaceholdericon toolactionaddusertocourse')).get_lang('AddUsers').'</a>';
 859      echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/user_export.php">'.Display::return_icon('pixel.gif',get_lang('Export'), array('class' => 'toolactionplaceholdericon toolactionexportcourse')).get_lang('Export').'</a>';
 860      echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/user_import.php">'.Display::return_icon('pixel.gif',get_lang('Import'), array('class' => 'toolactionplaceholdericon toolactionimportcourse')).get_lang('Import').'</a>';
 861      echo '<a href="'.api_get_path(WEB_CODE_PATH).'admin/user_fields.php">'.Display::return_icon('pixel.gif',get_lang('ManageUserFields'), array('class' => 'toolactionplaceholdericon toolactionsprofile')).get_lang('ManageUserFields').'</a>';
 862          
 863          echo '<a href="javascript:void(0)" id="btn-search">'.Display::return_icon('pixel.gif',get_lang('Search'), array('class' => 'toolactionplaceholdericon toolactionsearch')).get_lang('Search').'</a>';
 864      echo '</div>';
 865  
 866      //api_display_tool_title($tool_name);
 867      if (isset ($_GET['action'])) {
 868          $check = Security::check_token('get');
 869          if($check) {
 870              switch ($_GET['action']) {
 871                  case 'show_message' :
 872                      if (!empty($_GET['warn'])) {
 873                          // to prevent too long messages
 874                          if ($_GET['warn'] == 'session_message'){
 875                              $_GET['warn'] = $_SESSION['session_message_import_users'];
 876                          } 
 877                          Display::display_warning_message(urldecode($_GET['warn']),false);
 878                      }
 879                      if (!empty($_GET['message'])) {
 880                          Display :: display_confirmation_message(stripslashes($_GET['message']));
 881                      }
 882                      break;
 883                  case 'delete_user' :
 884                      if (api_is_platform_admin()) {
 885                          if ($user_id != $_user['user_id'] && UserManager :: delete_user($_GET['user_id'])) {
 886                              Display :: display_confirmation_message(get_lang('UserDeleted'));
 887                          } else {
 888                              Display :: display_error_message(get_lang('CannotDeleteUserBecauseOwnsCourse'));
 889                          }
 890                      }
 891                      break;
 892                  case 'lock' :
 893                      $message=lock_unlock_user('lock',$_GET['user_id']);
 894                      Display :: display_normal_message($message);
 895                      break;
 896                  case 'unlock';
 897                      $message=lock_unlock_user('unlock',$_GET['user_id']);
 898                      Display :: display_normal_message($message);
 899                      break;
 900  
 901              }
 902              Security::clear_token();
 903          }
 904      }
 905      if (isset ($_POST['action']))
 906      {
 907          $check = Security::check_token('get');
 908          if($check)
 909          {
 910              switch ($_POST['action'])
 911              {
 912                  case 'delete' :
 913                      if (api_is_platform_admin()) {
 914                          $number_of_selected_users = count($_POST['id']);
 915                          $number_of_deleted_users = 0;
 916                          if (is_array($_POST['id'])) {
 917                              foreach ($_POST['id'] as $index => $user_id)
 918                              {
 919                                  if($user_id != $_user['user_id'])
 920                                  {
 921                                      if(UserManager :: delete_user($user_id))
 922                                      {
 923                                          $number_of_deleted_users++;
 924                                      }
 925                                  }
 926                              }
 927                          }
 928                          if($number_of_selected_users == $number_of_deleted_users)
 929                          {
 930                              Display :: display_confirmation_message(get_lang('SelectedUsersDeleted'));
 931                          }
 932                          else
 933                          {
 934                              Display :: display_error_message(get_lang('SomeUsersNotDeleted'));
 935                          }
 936                      }
 937                      break;
 938              }
 939              Security::clear_token();
 940          }
 941      }
 942      
 943      echo '<div id="content">';    
 944  
 945          echo '<div class="secondary-actions">';
 946              // extra field options
 947              echo '<div id="secondary-actions-extra">';
 948                  echo Tracking::display_additional_profile_fields(true, true, true);
 949              echo '</div>';
 950              // search form
 951              echo '<div id="search" style="'.(isset($_GET['keyword'])?'display:block;':'display:none').'" >';
 952                  // Create a search-box
 953                  $form = new FormValidator('search_simple','get','','',null,false);
 954  
 955                  if (isset($_GET['additional_profile_field']) && count($_GET['additional_profile_field']) > 0) {
 956                      $form->addElement('hidden', 'additional_profile_field_search');
 957                      $defaults['additional_profile_field_search'] = implode(',', $_GET['additional_profile_field']);  
 958                      $form->setDefaults($defaults);
 959                  }
 960  
 961                  $renderer =& $form->defaultRenderer();
 962                  $renderer->setElementTemplate('<span>{element}</span>');
 963  
 964                  $form->addElement('text','keyword',get_lang('keyword'), 'id="keyword"');
 965                  $form->addElement('style_submit_button', 'submit',get_lang('Search'),'class="search" style="float: none;margin-right:5px;"');
 966                  $form->addElement('static','search_advanced_link',null,'<a href="user_list.php?search=advanced">'.get_lang('AdvancedSearch').'</a>');            
 967                  $form->display();
 968              echo '</div>';
 969          echo '</div>';
 970                  
 971      if (isset ($_GET['keyword'])) {
 972          $parameters = array ('keyword' => Security::remove_XSS($_GET['keyword']));
 973      } elseif (isset ($_GET['keyword_firstname'])) {
 974          $parameters['keyword_firstname']     = Security::remove_XSS($_GET['keyword_firstname']);
 975          $parameters['keyword_lastname']         = Security::remove_XSS($_GET['keyword_lastname']);
 976          $parameters['keyword_email']          = Security::remove_XSS($_GET['keyword_email']);
 977          $parameters['keyword_officialcode'] = Security::remove_XSS($_GET['keyword_officialcode']);
 978          $parameters['keyword_status']         = Security::remove_XSS($_GET['keyword_status']);
 979          $parameters['keyword_active']         = Security::remove_XSS($_GET['keyword_active']);
 980          $parameters['keyword_inactive']     = Security::remove_XSS($_GET['keyword_inactive']);
 981      }
 982  
 983          if (isset($_GET['additional_profile_field']) && count($_GET['additional_profile_field']) > 0) {
 984              $parameters['additional_profile_field'] = implode(',', $_GET['additional_profile_field']);
 985          }
 986          
 987      // Create a sortable table with user-data
 988      $parameters['sec_token'] = Security::get_token();
 989  
 990      // get the list of all admins to mark them in the users list
 991      $admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);
 992      $sql_admin = "SELECT user_id FROM $admin_table";
 993      $res_admin = Database::query($sql_admin);
 994      $_admins_list = array();
 995      while ($row_admin = Database::fetch_row($res_admin)) {
 996          $_admins_list[] = $row_admin[0];
 997      }
 998  
 999          $image_path = UserManager::get_user_picture_path_by_id($user_id, 'web', false, true);
1000          $user_profile = UserManager::get_picture_user($user_id, $image_path['file'], 22, 'small_', ' width="22" height="22" ');
1001          if (!api_is_anonymous()) {
1002                  $photo = '<center><a href="userInfo.php?'.api_get_cidreq().'&origin='.$origin.'&amp;uInfo='.$user_id.'" title="'.get_lang('Info').'"  ><img src="'.$user_profile['file'].'" '.$user_profile['style'].' alt="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'"  title="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" /></a></center>';
1003          } else {
1004                  $photo = '<center><img src="'.$user_profile['file'].'" '.$user_profile['style'].' alt="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" title="'.api_get_person_name($o_course_user['firstname'], $o_course_user['lastname']).'" /></center>';
1005          }
1006  
1007          
1008          $count = get_number_of_users();
1009      $table = new SortableTable('users', 'get_number_of_users', 'get_user_data', (api_is_western_name_order() xor api_sort_by_first_name()) ? 4 : 3);
1010      $table->set_additional_parameters($parameters);
1011      $table->set_header(0, '', false);
1012      $table->set_header(1, get_lang('Photo'));    
1013      $table->set_header(2, get_lang('OfficialCode'));
1014      if (api_is_western_name_order()) {
1015          $table->set_header(3, get_lang('FirstName'));
1016          $table->set_header(4, get_lang('LastName'));
1017      } else {
1018          $table->set_header(3, get_lang('LastName'));
1019          $table->set_header(4, get_lang('FirstName'));
1020      }
1021      $table->set_header(5, get_lang('LoginName'));
1022      $table->set_header(6, get_lang('Email'));
1023      $table->set_header(7, get_lang('Status'));
1024      $table->set_header(8, get_lang('Active'));        
1025  
1026          $band = 9;
1027          if (isset($_GET['additional_profile_field']) && count($_GET['additional_profile_field']) > 0) {
1028             foreach ($_GET['additional_profile_field'] as $field_id) {
1029                 $field_info = UserManager::get_extra_field_information($field_id);               
1030                 $table->set_header($band, $field_info['field_display_text'], true);               
1031                 $band++;
1032             }
1033          }              
1034         
1035          $table->set_header($band, get_lang('Action'), false,'width="200px"');
1036          $table->set_column_filter(6, 'email_filter');
1037      $table->set_column_filter(7, 'status_filter');               
1038      $table->set_column_filter(8, 'active_filter');
1039      $table->set_column_filter($band, 'modify_filter');        
1040      if (api_is_platform_admin())
1041          $table->set_form_actions(array ('delete' => get_lang('DeleteFromPlatform')));
1042      $table->display();
1043      echo '</div>';
1044  }
1045        
1046  echo '<div class="actions">';
1047  echo '&nbsp;';
1048  echo '</div>';
1049  
1050  // displaying the footer
1051  Display :: display_footer();
1052  ?>

title

Description

title

Description

title

Description

title

title

Body