Esempio n. 1
0
    $content .= "</form>\n\n";
    $content .= "<h3>Regular search</h3>\n";
    $content .= "Searches for nick, first or last name and email address\n";
    $content .= "<form method='GET' action='index.php'>\n";
    $content .= "<input type='hidden' name='module' value='useradmin' />\n";
    $content .= "<input type='hidden' name='action' value='search' />\n";
    $content .= "<input type='text' name='search' />\n";
    $content .= " <input type='submit' value='" . lang("Search", "useradmin") . "' />\n";
    $content .= "</form>\n\n";
    //	$content .= "<h3>Detailed search</h3>";
    //	$content .= "Search for users with tickets for a specific event";
} elseif ($action == 'listall' || $action == 'search') {
    $content .= "<h2>" . lang("List of all users", "useradmin") . "</h2>";
    $content .= "<a href='index.php?module=useradmin'>" . lang("Back to user administration", "useradmin") . "</a>";
    if ($action == "listall") {
        $users = user_getall();
    } else {
        $s = db_escape($_GET['search']);
        $qFindUsers = db_query("SELECT * FROM " . $sql_prefix . "_users \n\t\t\tWHERE ID = '{$s}'\n\t\t\tOR nick LIKE '%{$s}%'\n\t\t\tOR firstName LIKE '%{$s}%'\n\t\t\tOR lastName LIKE '%{$s}%'\n\t\t\tOR EMail LIKE '%{$s}%'\n\t\t");
        while ($rFindUsers = db_fetch($qFindUsers)) {
            $users[] = $rFindUsers;
        }
        // End while
    }
    // End else
    $content .= "<table class='userlist'>";
    $content .= "<tr>";
    $content .= "<th>" . lang("ID", "useradmin") . "</th>";
    $content .= "<th>" . lang("Username", "useradmin") . "</th>";
    $content .= "<th>" . lang("Firstname", "useradmin") . "</th>";
    $content .= "<th>" . lang("Lastname", "useradmin") . "</th>";
Esempio n. 2
0
     $content .= sprintf("<input type='radio' %s name='scope' value='tickets' /> %s\n", $tickets_checked, _("Search users with tickets"));
     $content .= "</td>";
 }
 $content .= "</tr>\n</table>\n";
 $content .= "</form>\n";
 // FIXME: this could be done globally and save some typing :-) ($usertable = $sql_prefix."users";)
 $usertable = $sql_prefix . "_users";
 $ticketstable = $sql_prefix . "_tickets";
 $tickettypestable = $sql_prefix . "_ticketTypes";
 $str = db_escape($search);
 $userResult = array();
 $usersR = -1;
 $usersC = 0;
 if ($search == "" or empty($search)) {
     if ($scope == 'all' || getModuleConfig('arrival', 'searchAll') && isset($_GET['action']) && $_GET['action'] == 'searchUser') {
         $userResult = user_getall(array('nick', 'firstName', 'lastName', 'ID'));
     } else {
         $usersQ = sprintf("SELECT DISTINCT u.nick as nick, u.firstName as firstName, u.lastName as lastName, u.ID as ID FROM %s as u, %s as t WHERE t.eventID=%s AND t.user=u.ID ORDER BY u.ID", $usertable, $ticketstable, $sessioninfo->eventID);
         $usersR = db_query($usersQ);
         $usersC = db_num($usersR);
     }
 } else {
     if (getModuleConfig('arrival', 'searchAll') || $scope == 'all') {
         $usersQ = sprintf("SELECT nick, firstName, lastName, ID FROM %s WHERE ID > 1 AND \n\t\t\t\t(nick LIKE '%%%s%%' OR\n\t\t\t\tfirstName LIKE '%%%s%%' OR\n\t\t\t\tlastName LIKE '%%%s%%' OR\n\t\t\t\tCONCAT(firstName, ' ', lastName) LIKE '%%%s%%' OR\n\t\t\t\tEMail LIKE '%%%s%%') ORDER BY ID\n\t\t\t\t", $usertable, $str, $str, $str, $str, $str);
         $usersR = db_query($usersQ);
         $usersC = db_num($usersR);
     } else {
         $usersQ = sprintf("SELECT DISTINCT u.nick as nick, u.firstName as firstName, u.lastName as lastName, u.ID as ID FROM %s as u, %s as t WHERE t.eventID=%s AND t.user=u.ID AND \n\t\t\t(u.nick LIKE '%%%s%%' OR\n\t\t\tu.firstName LIKE '%%%s%%' OR\n\t\t\tu.lastName LIKE '%%%s%%' OR\n\t\t\tCONCAT(u.firstName, ' ', u.lastName) LIKE '%%%s%%' OR\n\t\t\tEMail LIKE '%%%s%%'\n\t\t\t) ORDER BY u.ID\n\t\t\t", $usertable, $ticketstable, $sessioninfo->eventID, $str, $str, $str, $str, $str);
         $usersR = db_query($usersQ);
         $usersC = db_num($usersR);
     }