function showUsers( $option, $task, $cid ) {
global $_CB_database, $_CB_framework, $_POST, $_PLUGINS, $_CB_TxtIntStore;
$this->_importNeeded();
$limit = (int) $_CB_framework->getCfg( 'list_limit' );
if ( $limit == 0 ) {
$limit = 10;
}
$filter_type = $_CB_framework->getUserStateFromRequest( "filter_type{$option}", 'filter_type', 0 );
$filter_status = $_CB_framework->getUserStateFromRequest( "filter_status{$option}", 'filter_status', 0 );
$filter_logged = intval( $_CB_framework->getUserStateFromRequest( "filter_logged{$option}", 'filter_logged', 0 ) );
$lastCBlist = $_CB_framework->getUserState( "view{$option}lastCBlist", null );
if( $lastCBlist == 'showusers' ) {
if ( $task == 'showusers' ) {
$limit = $_CB_framework->getUserStateFromRequest( "viewlistlimit", 'limit', $limit );
$limitstart = $_CB_framework->getUserStateFromRequest( "view{$option}limitstart", 'limitstart', 0 );
}
$lastSearch = $_CB_framework->getUserState( "search{$option}", null );
$search = $_CB_framework->getUserStateFromRequest( "search{$option}", 'search', '' );
if ( $lastSearch != $search ) {
$limitstart = 0;
$_CB_framework->setUserState( "view{$option}limitstart", $limitstart );
}
$search = stripslashes( trim( ( $_CB_TxtIntStore->_iso != 'UTF-8' ) ? strtolower( $search ) : ( is_callable( 'mb_convert_case' ) ? mb_convert_case( $search, MB_CASE_LOWER, "UTF-8") : utf8_encode(strtolower(utf8_decode( $search ) ) ) ) ) );
} else {
$filter_type = 0;
$filter_status = 0;
$filter_logged = 0;
clearSearchBox();
$search = '';
$limitstart = 0;
$_CB_framework->setUserState( "view{$option}limitstart", $limitstart );
$_CB_framework->setUserState( "view{$option}lastCBlist", "showusers" );
}
if ( $task !== 'showusers' ) {
if ( $task == 'ajaxemailusers' ) {
$limitstart = cbGetParam( $_POST, 'limitstart', 0 );
$limit = cbGetParam( $_POST, 'limit', 0 );
} else {
$limitstart = 0;
if ( $task == 'emailusers' ) {
$limit = 101; // so that first 100 users and more... is displayed.
} else {
$limit = cbGetParam( $_POST, 'limit', 0 );
}
}
}
$tablesSQL = array( 'u' => '#__users AS u' );
$joinsSQL = array( 'ue' => 'LEFT JOIN #__comprofiler AS ue ON u.id = ue.id' );
$tablesWhereSQL = array();
if ( isset( $search ) && ( $search != "") ) {
$tablesWhereSQL[] = "(u.username LIKE '%" . $_CB_database->getEscaped( $search, true ) . "%' OR u.email LIKE '%" . $_CB_database->getEscaped( $search, true ) . "%' OR u.name LIKE '%" . $_CB_database->getEscaped( $search, true ) . "%')";
}
if ( $filter_type ) {
if ( checkJversion() == 2 ) {
$tablesWhereSQL[] = "aro.group_id = " . (int) $filter_type;
} else {
if ( $filter_type == 'Public Frontend' ) {
$tablesWhereSQL[] = "(u.usertype = 'Registered' OR u.usertype = 'Author' OR u.usertype = 'Editor'OR u.usertype = 'Publisher')";
} else if ( $filter_type == 'Public Backend' ) {
$tablesWhereSQL[] = "( u.usertype = 'Manager' OR u.usertype = 'Administrator' OR u.usertype = 'Super Administrator' )";
} else {
$tablesWhereSQL[] = "u.usertype = " . $_CB_database->Quote( $filter_type );
}
}
}
$tBlocked = CBTxt::T('Blocked');
$tEnabled = CBTxt::T('Enabled');
$tUnconfirmed = CBTxt::T('Unconfirmed');
$tConfirmed = CBTxt::T('Confirmed');
$tUnapproved = CBTxt::T('Unapproved');
$tDisapproved = CBTxt::T('Disapproved');
$tApproved = CBTxt::T('Approved');
$tBanned = CBTxt::T('Banned');
$p = ' + ';
$userstates = array(
$tBlocked => 'u.block = 1',
$tEnabled => 'u.block = 0',
$tUnconfirmed => 'ue.confirmed = 0',
$tConfirmed => 'ue.confirmed = 1',
$tUnapproved => 'ue.approved = 0',
$tDisapproved => 'ue.approved = 2',
$tApproved => 'ue.approved = 1',
$tBanned => 'ue.banned <> 0',
$tBlocked . $p . $tUnconfirmed . $p . $tUnapproved => '(u.block = 1 AND ue.confirmed = 0 AND ue.approved = 0)',
$tEnabled . $p . $tUnconfirmed . $p . $tUnapproved => '(u.block = 0 AND ue.confirmed = 0 AND ue.approved = 0)',
$tBlocked . $p . $tConfirmed . $p . $tUnapproved => '(u.block = 1 AND ue.confirmed = 1 AND ue.approved = 0)',
$tEnabled . $p . $tConfirmed . $p . $tUnapproved => '(u.block = 0 AND ue.confirmed = 1 AND ue.approved = 0)',
$tBlocked . $p . $tUnconfirmed . $p . $tDisapproved => '(u.block = 1 AND ue.confirmed = 0 AND ue.approved = 2)',
$tEnabled . $p . $tUnconfirmed . $p . $tDisapproved => '(u.block = 0 AND ue.confirmed = 0 AND ue.approved = 2)',
$tBlocked . $p . $tConfirmed . $p . $tDisapproved => '(u.block = 1 AND ue.confirmed = 1 AND ue.approved = 2)',
$tEnabled . $p . $tConfirmed . $p . $tDisapproved => '(u.block = 0 AND ue.confirmed = 1 AND ue.approved = 2)',
$tBlocked . $p . $tUnconfirmed . $p . $tApproved => '(u.block = 1 AND ue.confirmed = 0 AND ue.approved = 1)',
$tEnabled . $p . $tUnconfirmed . $p . $tApproved => '(u.block = 0 AND ue.confirmed = 0 AND ue.approved = 1)',
$tBlocked . $p . $tConfirmed . $p . $tApproved => '(u.block = 1 AND ue.confirmed = 1 AND ue.approved = 1)',
$tEnabled . $p . $tConfirmed . $p . $tApproved => '(u.block = 0 AND ue.confirmed = 1 AND ue.approved = 1)',
CBTxt::T('Avatar not approved') => "(ue.avatar > '' AND ue.avatarapproved = 0)" );
if ( $filter_status ) {
$tablesWhereSQL[] = $userstates[$filter_status];
}
if ( $filter_logged == 1 ) {
$tablesWhereSQL[] = "s.userid = u.id";
} else if ($filter_logged == 2) {
$tablesWhereSQL[] = "s.userid IS NULL";
}
// exclude any child group id's for this user
//$_CB_framework->acl->_debug = true;
$pgids = $_CB_framework->acl->get_group_children( userGID( $_CB_framework->myId() ), 'ARO', 'RECURSE' );
if ( is_array( $pgids ) && (count( $pgids ) > 0 ) ) {
if ( checkJversion() == 2 ) {
$tablesWhereSQL[] = "( aro.group_id NOT IN ( " . implode( ',', $pgids ) . " ) )";
} else {
$tablesWhereSQL[] = "( u.gid NOT IN ( " . implode( ',', $pgids ) . " ) )";
}
}
// Filter the checkmarked users only:
if ( $task !== 'showusers' ) {
if ( is_array( $cid ) && ( count( $cid ) > 0 ) ) {
cbArrayToInts( $cid );
$tablesWhereSQL[] = "( u.id IN ( " . implode( ',', $cid ) . " ) )";
}
}
// Advanced searches:
$myCbUser =& CBuser::getInstance( $_CB_framework->myId() );
$myUser =& $myCbUser->getUserData();
$tabs = $myCbUser->_getCbTabs(); // new cbTabs( 0, 1 ); //TBD: later: this private method should not be called here, but the whole users-list should go into there and be called here.
$allFields = $tabs->_getTabFieldsDb( null, $myUser, 'adminfulllist' );
foreach ( $allFields as $k => $v ) {
if ( in_array( $v->type, array( 'pm', 'status', 'formatname', 'hidden', 'delimiter', 'userparams' ) ) ) {
unset( $allFields[$k] ); // delimiter, userparams do not have search for now!
}
}
$searchVals = new stdClass();
$list_compare_types = 1; // Advanced: all possibilities (WARNING: can be slow)
$tableReferences = array( '#__comprofiler' => 'ue', '#__users' => 'u' );
$searchesFromFields = $tabs->applySearchableContents( $allFields, $searchVals, $_POST, $list_compare_types );
$whereFields = $searchesFromFields->reduceSqlFormula( $tableReferences, $joinsSQL, TRUE );
if ( $whereFields ) {
$tablesWhereSQL[] = '(' . $whereFields . ')';
}
$searchTabContent = $tabs->getSearchablesContents( $allFields, $myUser, $searchVals, $list_compare_types );
if ($filter_logged == 1 || $filter_logged == 2) {
$joinsSQL[] .= "\n INNER JOIN #__session AS s ON s.userid = u.id";
// } else { done later, to avoid blocking site:
// $joinsSQL[] .= "\n LEFT JOIN #__session AS s ON s.userid = u.id";
}
if ( checkJversion() == 2 ) {
$joinsSQL[] = "INNER JOIN #__user_usergroup_map AS aro ON aro.user_id = u.id"; // map user to aro for selection (and display if no selection)
if ( $filter_type ) {
$joinsSQL[] = "LEFT JOIN #__user_usergroup_map AS arodisplay ON arodisplay.user_id = u.id"; // map user to aro for display of all groups
$joinsSQL[] = "INNER JOIN #__usergroups AS g ON g.id = arodisplay.group_id"; // map aro to group for display group name
} else {
$joinsSQL[] = "INNER JOIN #__usergroups AS g ON g.id = aro.group_id"; // map aro to group
}
}
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger( 'onBeforeBackendUsersListBuildQuery', array( &$tablesSQL, &$joinsSQL, &$tablesWhereSQL, $option ) );
$queryFrom = "\n FROM " . implode( ', ', $tablesSQL )
. ( count( $joinsSQL ) ? "\n " . implode( "\n ", $joinsSQL ) : '' )
. ( count( $tablesWhereSQL ) ? "\n WHERE " . implode( ' AND ', $tablesWhereSQL ) : '' )
;
// Counting query:
$query = "SELECT COUNT(DISTINCT u.id)"
. $queryFrom
;
$_CB_database->setQuery( $query );
$total = $_CB_database->loadResult();
if ( $total === null ) {
echo $_CB_database->getErrorMsg();
}
if ( $total <= $limitstart ) {
$limitstart = 0;
}
cbimport( 'cb.pagination' );
$pageNav = new cbPageNav( $total, $limitstart, $limit );
if ( checkJversion() == 2 ) {
$grp_name = 'title';
} elseif ( checkJversion() == 1 ) {
$grp_name = 'name';
$joinsSQL[] = "INNER JOIN #__core_acl_aro AS aro ON aro.value = u.id"; // map user to aro
$joinsSQL[] = "INNER JOIN #__core_acl_groups_aro_map AS gm ON gm.aro_id = aro.id"; // map aro to group
$joinsSQL[] = "INNER JOIN #__core_acl_aro_groups AS g ON g.id = gm.group_id";
$tablesWhereSQL[] = "aro.section_value = 'users'";
} else {
$grp_name = 'name';
$joinsSQL[] = "INNER JOIN #__core_acl_aro AS aro ON aro.value = u.id"; // map user to aro
$joinsSQL[] = "INNER JOIN #__core_acl_groups_aro_map AS gm ON gm.aro_id = aro.aro_id"; // map aro to group
$joinsSQL[] = "INNER JOIN #__core_acl_aro_groups AS g ON g.group_id = gm.group_id";
$tablesWhereSQL[] = "aro.section_value = 'users'";
}
$queryFrom = "\n FROM " . implode( ', ', $tablesSQL )
. ( count( $joinsSQL ) ? "\n " . implode( "\n ", $joinsSQL ) : '' )
. ( count( $tablesWhereSQL ) ? "\n WHERE " . implode( ' AND ', $tablesWhereSQL ) : '' )
;
// Main query:
if ( checkJversion() == 2 ) {
$query = "SELECT u.*, GROUP_CONCAT( DISTINCT g.$grp_name ORDER BY g.$grp_name SEPARATOR ', ') AS groupname, ue.approved, ue.confirmed"
. $queryFrom
. ' GROUP BY u.id'
;
} else {
$query = "SELECT DISTINCT u.*, g.$grp_name AS groupname, ue.approved, ue.confirmed"
. $queryFrom
;
}
$_CB_database->setQuery( $query, (int) $pageNav->limitstart, (int) $pageNav->limit );
$rows = $_CB_database->loadObjectList( null, 'moscomprofilerUser', array( &$_CB_database ) );
if ($_CB_database->getErrorNum()) {
echo $_CB_database->stderr();
return false;
}
// creates the CBUsers in cache corresponding to the $users:
foreach ( array_keys( $rows ) as $k) {
// do not do this otherwise substitutions do not work:
// CBuser::setUserGetCBUserInstance( $rows[$k] );
}
$template = 'SELECT COUNT(s.userid) FROM #__session AS s WHERE s.userid = ';
$n = count( $rows );
for ( $i = 0; $i < $n; $i++ ) {
$row = &$rows[$i];
$query = $template . (int) $row->id;
$_CB_database->setQuery( $query );
$row->loggedin = $_CB_database->loadResult();
}
$select_tag_attribs = 'class="inputbox" size="1" onchange="document.adminForm.submit( );"';
$inputTextExtras = '';
if ( $task != 'showusers' ) {
$inputTextExtras = ' disabled="disabled"';
$select_tag_attribs .= $inputTextExtras;
}
// get list of Log Status for dropdown filter
$logged[] = moscomprofilerHTML::makeOption( 0, CBTxt::T('- Select Login State -'));
$logged[] = moscomprofilerHTML::makeOption( 1, CBTxt::T('Logged In'));
$lists['logged'] = moscomprofilerHTML::selectList( $logged, 'filter_logged', $select_tag_attribs, 'value', 'text', "$filter_logged", 2 );
// get list of Groups for dropdown filter
if ( checkJversion() == 2 ) {
$query = "SELECT id AS value, title AS text"
. "\n FROM #__usergroups";
} else {
$query = "SELECT name AS value, name AS text"
. "\n FROM #__core_acl_aro_groups"
. "\n WHERE name != 'ROOT'"
. "\n AND name != 'USERS'";
}
$types[] = moscomprofilerHTML::makeOption( '0', CBTxt::T('- Select Group -') );
$_CB_database->setQuery( $query );
$types = array_merge( $types, $_CB_database->loadObjectList() );
$lists['type'] = moscomprofilerHTML::selectList( $types, 'filter_type', $select_tag_attribs, 'value', 'text', "$filter_type", 2 );
$status[] = moscomprofilerHTML::makeOption( 0, CBTxt::T('- Select User Status -'));
foreach ( array_keys( $userstates ) as $k ) {
$status[] = moscomprofilerHTML::makeOption( $k, $k );
}
$lists['status'] = moscomprofilerHTML::selectList( $status, 'filter_status', $select_tag_attribs, 'value', 'text', "$filter_status", 2 );
$pluginAdditions = $_PLUGINS->trigger( 'onAfterBackendUsersList', array( 1, &$rows, &$pageNav, &$search, &$lists, $option, $select_tag_attribs ) );
$pluginColumns = array();
foreach ( $pluginAdditions as $addition ) {
if ( is_array( $addition ) ) {
$pluginColumns = array_merge( $pluginColumns, $addition );
}
}
if ( $task == 'showusers' ) {
$usersView = _CBloadView( 'users' );
$usersView->showUsers( $rows, $pageNav, $search, $option, $lists, $pluginColumns, $inputTextExtras, $searchTabContent );
} else {
$emailSubject = stripslashes( cbGetParam( $_POST, 'emailsubject', '' ) );
$emailBody = stripslashes( cbGetParam( $_POST, 'emailbody', '', _CB_ALLOWRAW | _CB_NOTRIM ) );
$emailsPerBatch = stripslashes( cbGetParam( $_POST, 'emailsperbatch', 50 ) );
$emailPause = stripslashes( cbGetParam( $_POST, 'emailpause', 30 ) );
$simulationMode = stripslashes( cbGetParam( $_POST, 'simulationmode', '' ) );
if ( count( $cid ) > 0 && count( $cid ) < $total ) {
$total = count( $cid );
}
if ( $task == 'emailusers' ) {
$pluginRows = $_PLUGINS->trigger( 'onBeforeBackendUsersEmailForm', array( &$rows, &$pageNav, &$search, &$lists, &$cid, &$emailSubject, &$emailBody, &$inputTextExtras, &$select_tag_attribs, $simulationMode, $option ) );
$usersView = _CBloadView( 'users' );
$usersView->emailUsers( $rows, $total, $search, $option, $lists, $cid, $inputTextExtras, $searchTabContent, $emailSubject, $emailBody, $emailsPerBatch, $emailPause, $simulationMode, $pluginRows );
} elseif ( $task == 'startemailusers' ) {
$pluginRows = $_PLUGINS->trigger( 'onBeforeBackendUsersEmailStart', array( &$rows, $total, $search, $lists, $cid, &$emailSubject, &$emailBody, &$inputTextExtras, $simulationMode, $option ) );
$usersView = _CBloadView( 'users' );
$usersView->startEmailUsers( $rows, $search, $option, $lists, $cid, $inputTextExtras, $searchTabContent, $emailSubject, $emailBody, $emailsPerBatch, $emailPause, $total, $simulationMode, $pluginRows );
} elseif ( $task == 'ajaxemailusers' ) {
$this->_cbadmin_emailUsers( $rows, $emailSubject, $emailBody, $limitstart, $limit, $total, $simulationMode );
}
}
return true;
}
function viewPlugins($option)
{
global $_CB_database, $_CB_framework;
$limit = (int) $_CB_framework->getCfg('list_limit');
if ($limit == 0) {
$limit = 10;
}
$limit = $_CB_framework->getUserStateFromRequest("viewlistlimit", 'limit', $limit);
$lastCBlist = $_CB_framework->getUserState("view{$option}lastCBlist", null);
if ($lastCBlist == 'showplugins') {
$limitstart = $_CB_framework->getUserStateFromRequest("view{$option}limitstart", 'limitstart', 0);
$lastSearch = $_CB_framework->getUserState("search{$option}", null);
$search = $_CB_framework->getUserStateFromRequest("search{$option}", 'search', '');
if ($lastSearch != $search) {
$limitstart = 0;
$_CB_framework->setUserState("view{$option}limitstart", $limitstart);
}
$search = trim(strtolower($search));
$filter_type = $_CB_framework->getUserStateFromRequest("filter_type{$option}", 'filter_type', "0");
} else {
clearSearchBox();
$search = "";
$limitstart = 0;
$_CB_framework->setUserState("view{$option}limitstart", $limitstart);
$_CB_framework->setUserState("view{$option}lastCBlist", "showplugins");
$filter_type = "0";
$_CB_framework->setUserState("filter_type{$option}", $filter_type);
}
$where = array();
// used by filter
if ($filter_type) {
$where[] = "m.type = '{$filter_type}'";
}
if ($search) {
$search = cbEscapeSQLsearch(trim(strtolower(cbGetEscaped($search))));
$where[] = "LOWER( m.name ) LIKE '%{$search}%'";
}
if (!$_CB_framework->acl->amIaSuperAdmin()) {
$viewAccessLevels = CBuser::getMyInstance()->getAuthorisedViewLevelsIds(true);
$viewAccessLevelsCleaned = implode(',', cbArrayToInts($viewAccessLevels));
$where[] = 'm.access IN (' . $viewAccessLevelsCleaned . ')';
}
// get the total number of records
$query = "SELECT COUNT(*) FROM #__comprofiler_plugin AS m " . (count($where) ? "\n WHERE " . implode(' AND ', $where) : '');
$_CB_database->setQuery($query);
$total = $_CB_database->loadResult();
if ($total <= $limitstart) {
$limitstart = 0;
}
cbimport('cb.pagination');
$pageNav = new cbPageNav($total, $limitstart, $limit);
if (checkJversion() == 2) {
$title = 'title';
} else {
$title = 'name';
}
$query = "SELECT m.*, u.name AS editor, g.{$title} AS groupname" . "\n FROM #__comprofiler_plugin AS m" . "\n LEFT JOIN #__users AS u ON u.id = m.checked_out";
if (checkJversion() == 2) {
$query .= "\n LEFT JOIN #__viewlevels AS g ON g.id = m.access + IF(m.access <= 2, 1, 0)";
// fix J1.6's wrong access levels, same as g.id = IF( m.access = 0, 1, IF( m.access = 1, 2, IF( m.access = 2, 3, m.access ) ) )
} else {
$query .= "\n LEFT JOIN #__groups AS g ON g.id = m.access";
}
$query .= (count($where) ? "\n WHERE " . implode(' AND ', $where) : '') . "\n GROUP BY m.id" . "\n ORDER BY m.type ASC, m.ordering ASC, m.name ASC";
$_CB_database->setQuery($query, (int) $pageNav->limitstart, (int) $pageNav->limit);
$rows = $_CB_database->loadObjectList();
if ($_CB_database->getErrorNum()) {
echo $_CB_database->stderr();
return false;
}
// get list of Positions for dropdown filter
$query = "SELECT type AS value, type AS text" . "\n FROM #__comprofiler_plugin" . "\n GROUP BY type" . "\n ORDER BY type";
$types[] = moscomprofilerHTML::makeOption('0', !defined('_SEL_TYPE') ? '- ' . CBTxt::T('Select Type') . ' -' : _SEL_TYPE);
// Mambo 4.5.1 Compatibility
$_CB_database->setQuery($query);
$types = array_merge($types, $_CB_database->loadObjectList());
$lists['type'] = moscomprofilerHTML::selectList($types, 'filter_type', 'class="inputbox" size="1" onchange="document.adminForm.submit( );"', 'value', 'text', $filter_type, 2);
$canAdmin = CBuser::getMyInstance()->authoriseAction('core.admin');
$canEdit = CBuser::getMyInstance()->authoriseAction('core.edit');
$canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state');
HTML_comprofiler::showPlugins($rows, $pageNav, $option, $lists, $search, $canAdmin, $canEdit, $canEditState);
return true;
}