$page = $total_pages;
}
$start = $limit * $page - $limit;
if ($start < 0) {
    $start = 0;
}
if (!$sidx) {
    $sidx = 1;
}
$users = User::get_by_sql("SELECT * FROM " . T_USERS . " ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}");
if (isset($_GET['searchString']) && isset($_GET['searchField'])) {
    $searchString = $_GET['searchString'];
    $searchField = $_GET['searchField'];
    $users = User::get_by_sql("SELECT * FROM " . T_USERS . " WHERE " . $searchField . " LIKE '%" . $searchString . "%' ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}");
} else {
    $users = User::get_by_sql("SELECT * FROM " . T_USERS . " ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}");
}
header("Content-type: text/xml;charset=utf-8");
$s = "<?xml version='1.0' encoding='utf-8'?>";
$s .= "<rows>";
$s .= "<page>" . $page . "</page>";
$s .= "<total>" . $total_pages . "</total>";
$s .= "<records>" . $count . "</records>";
foreach ($users as $user) {
    $userlevel = "";
    switch ($user->level) {
        case 0:
            $userlevel = "ADMIN";
            break;
        case 1:
            $userlevel = "EVALUATOR";
Example #2
0
<?php

require_once "../../includes/initialize.php";
$users = User::get_by_sql("SELECT * FROM " . T_USERS . " WHERE " . C_USER_GROUP_ID . "=" . $session->user_group_id);
$s = "<table>";
$s .= "<tr>";
// $s .= "<td>ID</td>";
$s .= "<td>GROUP</td>";
$s .= "<td>USERNAME</td>";
// $s .= "<td>LEVEL</td>";
// $s .= "<td>PASSWORD</td>";
$s .= "<td>NAME</td>";
$s .= "<td>PICTURE</td>";
// $s .= "<td>ACCESS TOKEN</td>";
$s .= "<td>EMAIL</td>";
// $s .= "<td>ACCESS</td>";
$s .= "</tr>";
foreach ($users as $user) {
    $s .= "<tr>";
    // $s .= "<td>". $user->id."</td>";
    $s .= "<td>" . Group::get_by_id($session->user_group_id)->name . "</td>";
    $s .= "<td>" . $user->username . "</td>";
    // $s .= "<td>". $user->level."</td>";
    // $s .= "<td>". $user->password."</td>";
    $s .= "<td>" . $user->name . "</td>";
    $image_source = "../groups/" . Group::get_by_id($session->user_group_id)->name . "/files/users/" . $user->picture;
    $s .= "<td><img src=" . $image_source . " height='30' /></td>";
    // $s .= "<td>". $user->access_token."</td>";
    $s .= "<td>" . $user->email . "</td>";
    // $s .= "<td>". $user->access."</td>";
    $s .= "</tr>";
$fb_user_id = $facebook->getUser();
$loginURLParams = array('scope' => 'email', 'redirect_uri' => HOSTNAME . 'public/functions/loginfb.php');
$loginURL = $facebook->getLoginUrl($loginURLParams);
$logoutURLParams = array('next' => HOSTNAME . 'public/functions/logout.php');
$logoutURL = $facebook->getLogoutUrl($logoutURLParams);
if ($session->is_logged_in()) {
    $user = User::get_by_id($session->user_id);
}
$message = "";
if (isset($_POST['btnsend'])) {
    if (isset($_POST['subject']) && isset($_POST['message'])) {
        $subject = $_POST['subject'];
        $body = $_POST['message'];
        $from_name = "Admin - Kelly Escape";
        $from_email = "*****@*****.**";
        $users = User::get_by_sql("SELECT * FROM " . T_USERS . " WHERE " . C_USER_EMAIL . " NOT LIKE '%_@__%.__%' OR " . C_USER_EMAIL . " IS NOT NULL");
        foreach ($users as $user) {
            send_email($user->email, $subject, $body, $from_name, $from_email);
        }
        $logs = new Logs();
        if ($session->is_logged_in()) {
            $logs->user_id = $session->user_id;
        } else {
            $logs->user_id = 0;
        }
        $logs->platform = "WEB PORTAL";
        $logs->type = "ANNOUNCED";
        $logs->create();
        $message = "Announcement sent.";
    } else {
        $message = "All the fields are required. Please fill them all in.";
<?php

require_once "../includes/initialize.php";
global $session;
if (!$session->is_logged_in()) {
    redirect_to("index.php");
}
$rows = User::get_by_sql("SELECT * FROM " . T_USERS . " WHERE " . C_USER_USERNAME . "='" . $_POST['username'] . "'");
if ($_POST['oper'] == 'add') {
    if (count($rows) > 0) {
        die("exists");
    }
    $user = new User();
    $user->name = $_POST['name'];
    $user->username = $_POST['username'];
    $user->password = $_POST['password'];
    $user->level = $_POST['level'];
    $user->create();
} else {
    if ($_POST['oper'] == 'edit') {
        $user = User::get_by_id($_POST['id']);
        $user->name = $_POST['name'];
        $user->username = $_POST['username'];
        $user->password = $_POST['password'];
        $user->level = $_POST['level'];
        $user->update();
    } else {
        if ($_POST['oper'] == 'del') {
            if ($_POST['id'] == $session->user_id) {
                die("cannot delete yourself");
            }