/**
* Display online users.
* @author Nicola Asuni
* @since 2001-10-18
* @param $wherequery (string) users selection query
* @param $order_field (string) order by column name
* @param $orderdir (int) oreder direction
* @param $firstrow (int) number of first row to display
* @param $rowsperpage (int) number of rows per page
* @return false in case of empty database, true otherwise
*/
function F_list_online_users($wherequery, $order_field, $orderdir, $firstrow, $rowsperpage)
{
global $l, $db;
require_once '../config/tce_config.php';
require_once '../../shared/code/tce_functions_page.php';
require_once 'tce_functions_user_select.php';
//initialize variables
$orderdir = intval($orderdir);
$firstrow = intval($firstrow);
$rowsperpage = intval($rowsperpage);
// order fields for SQL query
if (empty($order_field) or !in_array($order_field, array('cpsession_id', 'cpsession_data'))) {
$order_field = 'cpsession_expiry';
}
if ($orderdir == 0) {
$nextorderdir = 1;
$full_order_field = $order_field;
} else {
$nextorderdir = 0;
$full_order_field = $order_field . ' DESC';
}
if (!F_count_rows(K_TABLE_SESSIONS)) {
//if the table is void (no items) display message
echo '<h2>' . $l['m_databasempty'] . '</h2>';
return FALSE;
}
if (empty($wherequery)) {
$sql = 'SELECT * FROM ' . K_TABLE_SESSIONS . ' ORDER BY ' . $full_order_field . '';
} else {
$wherequery = F_escape_sql($db, $wherequery);
$sql = 'SELECT * FROM ' . K_TABLE_SESSIONS . ' ' . $wherequery . ' ORDER BY ' . $full_order_field . '';
}
if (K_DATABASE_TYPE == 'ORACLE') {
$sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . '';
} else {
$sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . '';
}
echo '<div class="container">' . K_NEWLINE;
echo '<table class="userselect">' . K_NEWLINE;
echo '<tr>' . K_NEWLINE;
echo '<th>' . $l['w_user'] . '</th>' . K_NEWLINE;
echo '<th>' . $l['w_level'] . '</th>' . K_NEWLINE;
echo '<th>' . $l['w_ip'] . '</th>' . K_NEWLINE;
echo '</tr>' . K_NEWLINE;
if ($r = F_db_query($sql, $db)) {
while ($m = F_db_fetch_array($r)) {
$this_session = F_session_string_to_array($m['cpsession_data']);
echo '<tr>';
echo '<td align="left">';
$user_str = '';
if ($this_session['session_user_lastname']) {
$user_str .= urldecode($this_session['session_user_lastname']) . ', ';
}
if ($this_session['session_user_firstname']) {
$user_str .= urldecode($this_session['session_user_firstname']) . '';
}
$user_str .= ' (' . urldecode($this_session['session_user_name']) . ')';
if (F_isAuthorizedEditorForUser($this_session['session_user_id'])) {
echo '<a href="tce_edit_user.php?user_id=' . $this_session['session_user_id'] . '">' . $user_str . '</a>';
} else {
echo $user_str;
}
echo '</td>';
echo '<td>' . $this_session['session_user_level'] . '</td>';
echo '<td>' . $this_session['session_user_ip'] . '</td>';
echo '</tr>' . K_NEWLINE;
}
} else {
F_display_db_error();
}
echo '</table>' . K_NEWLINE;
// --- ------------------------------------------------------
// --- page jump
if ($rowsperpage > 0) {
$sql = 'SELECT count(*) AS total FROM ' . K_TABLE_SESSIONS . ' ' . $wherequery . '';
if (!empty($order_field)) {
$param_array = '&order_field=' . urlencode($order_field) . '';
}
if (!empty($orderdir)) {
$param_array .= '&orderdir=' . $orderdir . '';
}
$param_array .= '&submitted=1';
F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
}
echo '<div class="pagehelp">' . $l['hp_online_users'] . '</div>' . K_NEWLINE;
echo '</div>' . K_NEWLINE;
return TRUE;
}
/**
* Display user selection XHTML table (popup mode).
* @author Nicola Asuni
* @since 2012-04-14
* @param $order_field (string) Order by column name.
* @param $orderdir (int) Order direction.
* @param $firstrow (int) Number of first row to display.
* @param $rowsperpage (int) Number of rows per page.
* @param $group_id (int) ID of the group (default = 0 = no specific group selected).
* @param $andwhere (string) Additional SQL WHERE query conditions.
* @param $searchterms (string) Search terms.
* @param string $cid ID of the calling form field.
* @return false in case of empty database, true otherwise
*/
function F_show_select_user_popup($order_field, $orderdir, $firstrow, $rowsperpage, $group_id = 0, $andwhere = '', $searchterms = '', $cid = 0)
{
global $l, $db;
require_once '../config/tce_config.php';
require_once '../../shared/code/tce_functions_page.php';
require_once '../../shared/code/tce_functions_form.php';
$filter = 'cid=' . $cid;
if ($l['a_meta_dir'] == 'rtl') {
$txtalign = 'right';
$numalign = 'left';
} else {
$txtalign = 'left';
$numalign = 'right';
}
$order_field = F_escape_sql($db, $order_field);
$orderdir = intval($orderdir);
$firstrow = intval($firstrow);
$rowsperpage = intval($rowsperpage);
$group_id = intval($group_id);
if (empty($order_field) or !in_array($order_field, array('user_id', 'user_name', 'user_password', 'user_email', 'user_regdate', 'user_ip', 'user_firstname', 'user_lastname', 'user_birthdate', 'user_birthplace', 'user_regnumber', 'user_ssn', 'user_level', 'user_verifycode'))) {
$order_field = 'user_lastname,user_firstname';
}
if ($orderdir == 0) {
$nextorderdir = 1;
$full_order_field = $order_field;
} else {
$nextorderdir = 0;
$full_order_field = $order_field . ' DESC';
}
if (!F_count_rows(K_TABLE_USERS)) {
// if the table is void (no items) display message
F_print_error('MESSAGE', $l['m_databasempty']);
return FALSE;
}
$wherequery = '';
if ($group_id > 0) {
$wherequery = ', ' . K_TABLE_USERGROUP . ' WHERE user_id=usrgrp_user_id AND usrgrp_group_id=' . $group_id . '';
$filter .= '&group_id=' . $group_id . '';
}
if (empty($wherequery)) {
$wherequery = ' WHERE';
} else {
$wherequery .= ' AND';
}
$wherequery .= ' (user_id>1)';
if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
// filter for level
$wherequery .= ' AND ((user_level<' . $_SESSION['session_user_level'] . ') OR (user_id=' . $_SESSION['session_user_id'] . '))';
// filter for groups
$wherequery .= ' AND user_id IN (SELECT tb.usrgrp_user_id
FROM ' . K_TABLE_USERGROUP . ' AS ta, ' . K_TABLE_USERGROUP . ' AS tb
WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
AND ta.usrgrp_user_id=' . intval($_SESSION['session_user_id']) . '
AND tb.usrgrp_user_id=user_id)';
}
if (!empty($andwhere)) {
$wherequery .= ' AND (' . $andwhere . ')';
}
$sql = 'SELECT * FROM ' . K_TABLE_USERS . $wherequery . ' ORDER BY ' . $full_order_field;
if (K_DATABASE_TYPE == 'ORACLE') {
$sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . '';
} else {
$sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . '';
}
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// -- Table structure with links:
echo '<div class="container">';
echo '<table class="userselect" style="font-size:80%;">' . K_NEWLINE;
// table header
echo '<tr>' . K_NEWLINE;
if (strlen($searchterms) > 0) {
$filter .= '&searchterms=' . urlencode($searchterms);
}
echo F_select_table_header_element('user_name', $nextorderdir, $l['h_login_name'], $l['w_user'], $order_field, $filter);
echo F_select_table_header_element('user_lastname', $nextorderdir, $l['h_lastname'], $l['w_lastname'], $order_field, $filter);
echo F_select_table_header_element('user_firstname', $nextorderdir, $l['h_firstname'], $l['w_firstname'], $order_field, $filter);
echo F_select_table_header_element('user_email', $nextorderdir, $l['h_email'], $l['w_email'], $order_field, $filter);
echo F_select_table_header_element('user_regnumber', $nextorderdir, $l['h_regcode'], $l['w_regcode'], $order_field, $filter);
echo F_select_table_header_element('user_level', $nextorderdir, $l['h_level'], $l['w_level'], $order_field, $filter);
echo F_select_table_header_element('user_regdate', $nextorderdir, $l['h_regdate'], $l['w_regdate'], $order_field, $filter);
//echo '<th title="'.$l['h_group_name'].'">'.$l['w_groups'].'</th>'.K_NEWLINE;
echo '</tr>' . K_NEWLINE;
$itemcount = 0;
do {
$itemcount++;
// on click the user ID will be returned on the calling form field
$jsaction = 'javascript:window.opener.document.getElementById(\'' . $cid . '\').value=' . $m['user_id'] . ';';
$jsaction .= 'window.opener.document.getElementById(\'' . $cid . '\').onchange();';
$jsaction .= 'window.close();';
echo '<tr>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> <a href="#" onclick="' . $jsaction . '" title="[' . $l['w_select'] . ']">' . htmlspecialchars($m['user_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</a></td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_lastname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_firstname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_email'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_regnumber'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '<td> ' . $m['user_level'] . '</td>' . K_NEWLINE;
echo '<td> ' . htmlspecialchars($m['user_regdate'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
/*
// comma separated list of user's groups
$grp = '';
$sqlg = 'SELECT *
FROM '.K_TABLE_GROUPS.', '.K_TABLE_USERGROUP.'
WHERE usrgrp_group_id=group_id
AND usrgrp_user_id='.$m['user_id'].'
ORDER BY group_name';
if ($rg = F_db_query($sqlg, $db)) {
while ($mg = F_db_fetch_array($rg)) {
$grp .= $mg['group_name'].', ';
}
} else {
F_display_db_error();
}
echo '<td style="text-align:'.$txtalign.';"> '.htmlspecialchars(substr($grp,0,-2), ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
*/
echo '</tr>' . K_NEWLINE;
} while ($m = F_db_fetch_array($r));
echo '</table>' . K_NEWLINE;
echo '<input type="hidden" name="order_field" id="order_field" value="' . $order_field . '" />' . K_NEWLINE;
echo '<input type="hidden" name="orderdir" id="orderdir" value="' . $orderdir . '" />' . K_NEWLINE;
echo '<input type="hidden" name="firstrow" id="firstrow" value="' . $firstrow . '" />' . K_NEWLINE;
echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="' . $rowsperpage . '" />' . K_NEWLINE;
echo '<div class="row"><hr /></div>' . K_NEWLINE;
// ---------------------------------------------------------------
// -- page jumper (menu for successive pages)
if ($rowsperpage > 0) {
$sql = 'SELECT count(*) AS total FROM ' . K_TABLE_USERS . '' . $wherequery . '';
if (!empty($order_field)) {
$param_array = '&order_field=' . urlencode($order_field) . '';
}
if (!empty($orderdir)) {
$param_array .= '&orderdir=' . $orderdir . '';
}
if (!empty($group_id)) {
$param_array .= '&group_id=' . $group_id . '';
}
if (!empty($searchterms)) {
$param_array .= '&searchterms=' . urlencode($searchterms) . '';
}
$param_array .= '&submitted=1';
F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
}
//echo '<div class="pagehelp">'.$l['hp_select_users'].'</div>'.K_NEWLINE;
echo '</div>' . K_NEWLINE;
} else {
F_print_error('MESSAGE', $l['m_search_void']);
}
} else {
F_display_db_error();
}
return TRUE;
}
/**
* Display user selection XHTML table (popup mode).
* @author Nicola Asuni
* @since 2012-04-14
* @param $order_field (string) Order by column name.
* @param $orderdir (int) Order direction.
* @param $firstrow (int) Number of first row to display.
* @param $rowsperpage (int) Number of rows per page.
* @param $andwhere (string) Additional SQL WHERE query conditions.
* @param $searchterms (string) Search terms.
* @param string $cid ID of the calling form field.
* @return false in case of empty database, true otherwise
*/
function F_show_select_test_popup($order_field, $orderdir, $firstrow, $rowsperpage, $andwhere = '', $searchterms = '', $cid = 0)
{
global $l, $db;
require_once '../config/tce_config.php';
require_once '../../shared/code/tce_functions_page.php';
require_once '../../shared/code/tce_functions_form.php';
$filter = 'cid=' . $cid;
if ($l['a_meta_dir'] == 'rtl') {
$txtalign = 'right';
$numalign = 'left';
} else {
$txtalign = 'left';
$numalign = 'right';
}
$order_field = F_escape_sql($db, $order_field);
$orderdir = intval($orderdir);
$firstrow = intval($firstrow);
$rowsperpage = intval($rowsperpage);
if (empty($order_field) or !in_array($order_field, array('test_name', 'test_description', 'test_begin_time', 'test_end_time', 'test_duration_time', 'test_ip_range', 'test_results_to_users', 'test_report_to_users', 'test_score_right', 'test_score_wrong', 'test_score_unanswered', 'test_max_score', 'test_user_id', 'test_score_threshold', 'test_random_questions_select', 'test_random_questions_order', 'test_questions_order_mode', 'test_random_answers_select', 'test_random_answers_order', 'test_answers_order_mode', 'test_comment_enabled', 'test_menu_enabled', 'test_noanswer_enabled', 'test_mcma_radio', 'test_repeatable', 'test_mcma_partial_score', 'test_logout_on_timeout'))) {
$order_field = 'test_begin_time DESC,test_name';
}
if ($orderdir == 0) {
$nextorderdir = 1;
$full_order_field = $order_field;
} else {
$nextorderdir = 0;
$full_order_field = $order_field . ' DESC';
}
if (!F_count_rows(K_TABLE_TESTS)) {
// if the table is void (no items) display message
F_print_error('MESSAGE', $l['m_databasempty']);
return FALSE;
}
$wherequery = '';
if (empty($wherequery)) {
$wherequery = ' WHERE';
} else {
$wherequery .= ' AND';
}
$wherequery .= ' (test_id>0)';
if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
$wherequery .= ' AND test_user_id IN (' . F_getAuthorizedUsers($_SESSION['session_user_id']) . ')';
}
if (!empty($andwhere)) {
$wherequery .= ' AND (' . $andwhere . ')';
}
$sql = 'SELECT * FROM ' . K_TABLE_TESTS . $wherequery . ' ORDER BY ' . $full_order_field;
if (K_DATABASE_TYPE == 'ORACLE') {
$sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . '';
} else {
$sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . '';
}
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// -- Table structure with links:
echo '<div class="container">';
echo '<table class="userselect" style="font-size:80%;">' . K_NEWLINE;
// table header
echo '<tr>' . K_NEWLINE;
if (strlen($searchterms) > 0) {
$filter .= '&searchterms=' . urlencode($searchterms);
}
echo F_select_table_header_element('test_begin_time', $nextorderdir, $l['w_time_begin'] . ' ' . $l['w_datetime_format'], $l['w_time_begin'], $order_field, $filter);
echo F_select_table_header_element('test_end_time', $nextorderdir, $l['w_time_end'] . ' ' . $l['w_datetime_format'], $l['w_time_end'], $order_field, $filter);
echo F_select_table_header_element('test_name', $nextorderdir, $l['h_test_name'], $l['w_name'], $order_field, $filter);
echo F_select_table_header_element('test_description', $nextorderdir, $l['h_test_description'], $l['w_description'], $order_field, $filter);
echo '</tr>' . K_NEWLINE;
$itemcount = 0;
do {
$itemcount++;
// on click the user ID will be returned on the calling form field
$jsaction = 'javascript:window.opener.document.getElementById(\'' . $cid . '\').value=' . $m['test_id'] . ';';
$jsaction .= 'window.opener.document.getElementById(\'' . $cid . '\').onchange();';
$jsaction .= 'window.close();';
echo '<tr>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['test_begin_time'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['test_end_time'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> <a href="#" onclick="' . $jsaction . '" title="[' . $l['w_select'] . ']">' . htmlspecialchars($m['test_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</a></td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['test_description'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '</tr>' . K_NEWLINE;
} while ($m = F_db_fetch_array($r));
echo '</table>' . K_NEWLINE;
echo '<input type="hidden" name="order_field" id="order_field" value="' . $order_field . '" />' . K_NEWLINE;
echo '<input type="hidden" name="orderdir" id="orderdir" value="' . $orderdir . '" />' . K_NEWLINE;
echo '<input type="hidden" name="firstrow" id="firstrow" value="' . $firstrow . '" />' . K_NEWLINE;
echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="' . $rowsperpage . '" />' . K_NEWLINE;
echo '<div class="row"><hr /></div>' . K_NEWLINE;
// ---------------------------------------------------------------
// -- page jumper (menu for successive pages)
if ($rowsperpage > 0) {
$sql = 'SELECT count(*) AS total FROM ' . K_TABLE_TESTS . '' . $wherequery . '';
if (!empty($order_field)) {
$param_array = '&order_field=' . urlencode($order_field) . '';
}
if (!empty($orderdir)) {
$param_array .= '&orderdir=' . $orderdir . '';
}
if (!empty($searchterms)) {
$param_array .= '&searchterms=' . urlencode($searchterms) . '';
}
$param_array .= '&submitted=1';
F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
}
echo '</div>' . K_NEWLINE;
} else {
F_print_error('MESSAGE', $l['m_search_void']);
}
} else {
F_display_db_error();
}
return TRUE;
}
/**
* Display user selection XHTML table.
* @author Nicola Asuni
* @since 2001-09-13
* @param $order_field (string) order by column name
* @param $orderdir (int) oreder direction
* @param $firstrow (int) number of first row to display
* @param $rowsperpage (int) number of rows per page
* @param $group_id (int) id of the group (default = 0 = no specific group selected)
* @param $andwhere (string) additional SQL WHERE query conditions
* @param $searchterms (string) search terms
* @return false in case of empty database, true otherwise
*/
function F_show_select_user($order_field, $orderdir, $firstrow, $rowsperpage, $group_id = 0, $andwhere = '', $searchterms = '')
{
global $l, $db;
require_once '../config/tce_config.php';
require_once '../../shared/code/tce_functions_page.php';
require_once '../../shared/code/tce_functions_form.php';
$filter = '';
if ($l['a_meta_dir'] == 'rtl') {
$txtalign = 'right';
$numalign = 'left';
} else {
$txtalign = 'left';
$numalign = 'right';
}
$order_field = F_escape_sql($order_field);
$orderdir = intval($orderdir);
$firstrow = intval($firstrow);
$rowsperpage = intval($rowsperpage);
$group_id = intval($group_id);
if (empty($order_field) or !in_array($order_field, array('user_id', 'user_name', 'user_password', 'user_email', 'user_regdate', 'user_ip', 'user_firstname', 'user_lastname', 'user_regnumber', 'user_level', 'user_verifycode'))) {
$order_field = 'user_lastname,user_firstname';
}
if ($orderdir == 0) {
$nextorderdir = 1;
$full_order_field = $order_field;
} else {
$nextorderdir = 0;
$full_order_field = $order_field . ' DESC';
}
if (!F_count_rows(K_TABLE_USERS)) {
// if the table is void (no items) display message
F_print_error('MESSAGE', $l['m_databasempty']);
return FALSE;
}
$wherequery = '';
if ($group_id > 0) {
$wherequery = ', ' . K_TABLE_USERGROUP . ' WHERE user_id=usrgrp_user_id AND usrgrp_group_id=' . $group_id . '';
$filter .= '&group_id=' . $group_id . '';
}
if (empty($wherequery)) {
$wherequery = ' WHERE';
} else {
$wherequery .= ' AND';
}
$wherequery .= ' (user_id>1)';
if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
// filter for level
$wherequery .= ' AND ((user_level<' . $_SESSION['session_user_level'] . ') OR (user_id=' . $_SESSION['session_user_id'] . '))';
// filter for groups
$wherequery .= ' AND user_id IN (SELECT tb.usrgrp_user_id
FROM ' . K_TABLE_USERGROUP . ' AS ta, ' . K_TABLE_USERGROUP . ' AS tb
WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
AND ta.usrgrp_user_id=' . intval($_SESSION['session_user_id']) . '
AND tb.usrgrp_user_id=user_id)';
}
if (!empty($andwhere)) {
$wherequery .= ' AND (' . $andwhere . ')';
}
$sql = 'SELECT * FROM ' . K_TABLE_USERS . $wherequery . ' ORDER BY ' . $full_order_field;
if (K_DATABASE_TYPE == 'ORACLE') {
$sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . '';
} else {
$sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . '';
}
if ($r = F_db_query($sql, $db)) {
if ($m = F_db_fetch_array($r)) {
// -- Table structure with links:
echo '<div class="container">';
echo '<table class="userselect">' . K_NEWLINE;
// table header
echo '<tr>' . K_NEWLINE;
echo '<th> </th>' . K_NEWLINE;
if (strlen($searchterms) > 0) {
$filter .= '&searchterms=' . urlencode($searchterms);
}
echo F_select_table_header_element('user_name', $nextorderdir, $l['h_login_name'], $l['w_user'], $order_field, $filter);
echo F_select_table_header_element('user_lastname', $nextorderdir, $l['h_lastname'], $l['w_lastname'], $order_field, $filter);
echo F_select_table_header_element('user_firstname', $nextorderdir, $l['h_firstname'], $l['w_firstname'], $order_field, $filter);
echo F_select_table_header_element('user_regnumber', $nextorderdir, $l['h_regcode'], $l['w_regcode'], $order_field, $filter);
echo F_select_table_header_element('user_level', $nextorderdir, $l['h_level'], $l['w_level'], $order_field, $filter);
echo F_select_table_header_element('user_regdate', $nextorderdir, $l['h_regdate'], $l['w_regdate'], $order_field, $filter);
echo '<th title="' . $l['h_group_name'] . '">' . $l['w_groups'] . '</th>' . K_NEWLINE;
echo '</tr>' . K_NEWLINE;
$itemcount = 0;
do {
$itemcount++;
echo '<tr>' . K_NEWLINE;
echo '<td>';
echo '<input type="checkbox" name="userid' . $itemcount . '" id="userid' . $itemcount . '" value="' . $m['user_id'] . '" title="' . $l['w_select'] . '"';
if (isset($_REQUEST['checkall']) and $_REQUEST['checkall'] == 1) {
echo ' checked="checked"';
}
echo ' />';
echo '</td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> <a href="tce_edit_user.php?user_id=' . $m['user_id'] . '" title="' . $l['w_edit'] . '">' . htmlspecialchars($m['user_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</a></td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_lastname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_firstname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_regnumber'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '<td> ' . $m['user_level'] . '</td>' . K_NEWLINE;
echo '<td> ' . htmlspecialchars($m['user_regdate'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
// comma separated list of user's groups
$grp = '';
$sqlg = 'SELECT *
FROM ' . K_TABLE_GROUPS . ', ' . K_TABLE_USERGROUP . '
WHERE usrgrp_group_id=group_id
AND usrgrp_user_id=' . $m['user_id'] . '
ORDER BY group_name';
if ($rg = F_db_query($sqlg, $db)) {
while ($mg = F_db_fetch_array($rg)) {
$grp .= $mg['group_name'] . ', ';
}
} else {
F_display_db_error();
}
echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars(substr($grp, 0, -2), ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
echo '</tr>' . K_NEWLINE;
} while ($m = F_db_fetch_array($r));
echo '</table>' . K_NEWLINE;
echo '<br />' . K_NEWLINE;
echo '<input type="hidden" name="order_field" id="order_field" value="' . $order_field . '" />' . K_NEWLINE;
echo '<input type="hidden" name="orderdir" id="orderdir" value="' . $orderdir . '" />' . K_NEWLINE;
echo '<input type="hidden" name="firstrow" id="firstrow" value="' . $firstrow . '" />' . K_NEWLINE;
echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="' . $rowsperpage . '" />' . K_NEWLINE;
// check/uncheck all options
echo '<span dir="ltr">';
echo '<input type="radio" name="checkall" id="checkall1" value="1" onclick="document.getElementById(\'form_userselect\').submit()" />';
echo '<label for="checkall1">' . $l['w_check_all'] . '</label> ';
echo '<input type="radio" name="checkall" id="checkall0" value="0" onclick="document.getElementById(\'form_userselect\').submit()" />';
echo '<label for="checkall0">' . $l['w_uncheck_all'] . '</label>';
echo '</span>' . K_NEWLINE;
echo '<br />' . K_NEWLINE;
echo '<strong style="margin:5px">' . $l['m_with_selected'] . '</strong>' . K_NEWLINE;
echo '<ul style="margin:0">';
if ($_SESSION['session_user_level'] >= K_AUTH_DELETE_USERS) {
// delete user
echo '<li>';
F_submit_button('delete', $l['w_delete'], $l['h_delete']);
echo '</li>' . K_NEWLINE;
}
if ($_SESSION['session_user_level'] >= K_AUTH_ADMIN_GROUPS) {
echo '<li>';
// add/delete group
echo F_user_group_select('new_group_id');
F_submit_button('addgroup', $l['w_add'], $l['w_add']);
if ($_SESSION['session_user_level'] >= K_AUTH_DELETE_GROUPS) {
F_submit_button('delgroup', $l['w_delete'], $l['h_delete']);
}
echo '</li>' . K_NEWLINE;
if ($_SESSION['session_user_level'] >= K_AUTH_MOVE_GROUPS) {
// move group
echo '<li>';
if ($l['a_meta_dir'] == 'rtl') {
$arr = '←';
} else {
$arr = '→';
}
echo F_user_group_select('from_group_id');
echo $arr;
echo F_user_group_select('to_group_id');
F_submit_button('move', $l['w_move'], $l['w_move']);
echo '</li>' . K_NEWLINE;
}
}
echo '</ul>' . K_NEWLINE;
echo '<div class="row"><hr /></div>' . K_NEWLINE;
// ---------------------------------------------------------------
// -- page jumper (menu for successive pages)
if ($rowsperpage > 0) {
$sql = 'SELECT count(*) AS total FROM ' . K_TABLE_USERS . '' . $wherequery . '';
if (!empty($order_field)) {
$param_array = '&order_field=' . urlencode($order_field) . '';
}
if (!empty($orderdir)) {
$param_array .= '&orderdir=' . $orderdir . '';
}
if (!empty($group_id)) {
$param_array .= '&group_id=' . $group_id . '';
}
if (!empty($searchterms)) {
$param_array .= '&searchterms=' . urlencode($searchterms) . '';
}
$param_array .= '&submitted=1';
F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
}
echo '<div class="row">' . K_NEWLINE;
echo '<br />';
//echo '<a href="tce_xml_users.php" class="xmlbutton" title="'.$l['h_xml_export'].'">XML</a> ';
//echo '<a href="tce_csv_users.php" class="xmlbutton" title="'.$l['h_csv_export'].'">CSV</a>';
echo '</div>' . K_NEWLINE;
echo '<div class="pagehelp">' . $l['hp_select_users'] . '</div>' . K_NEWLINE;
echo '</div>' . K_NEWLINE;
} else {
F_print_error('MESSAGE', $l['m_search_void']);
}
} else {
F_display_db_error();
}
return TRUE;
}
/**
* Display a list of selected questions.
* @author Nicola Asuni
* @since 2005-07-06
* @param $wherequery (string) question selection query
* @param $subject_module_id (string) module ID
* @param $subject_id (string) topic ID
* @param $order_field (string) order by column name
* @param $orderdir (int) oreder direction
* @param $firstrow (int) number of first row to display
* @param $rowsperpage (int) number of rows per page
* @param $hide_answers (boolean) if true hide answers
* @return false in case of empty database, true otherwise
*/
function F_show_select_questions($wherequery, $subject_module_id, $subject_id, $order_field, $orderdir, $firstrow, $rowsperpage, $hide_answers = false)
{
global $l, $db;
require_once '../config/tce_config.php';
require_once '../../shared/code/tce_functions_page.php';
$subject_module_id = intval($subject_module_id);
$subject_id = intval($subject_id);
$orderdir = intval($orderdir);
$firstrow = intval($firstrow);
$rowsperpage = intval($rowsperpage);
if (empty($order_field) or !in_array($order_field, array('question_id', 'question_subject_id', 'question_description', 'question_explanation', 'question_type', 'question_difficulty', 'question_enabled', 'question_position', 'question_timer', 'question_fullscreen', 'question_inline_answers', 'question_auto_next', 'question_enabled DESC, question_position, CAST(question_description as varchar2(100))', 'question_enabled DESC, question_position, question_description'))) {
$order_field = 'question_description';
}
if ($orderdir == 0) {
$nextorderdir = 1;
$full_order_field = $order_field;
} else {
$nextorderdir = 0;
$full_order_field = $order_field . ' DESC';
}
if (!F_count_rows(K_TABLE_QUESTIONS)) {
//if the table is void (no items) display message
F_print_error('MESSAGE', $l['m_databasempty']);
return FALSE;
}
if (empty($wherequery)) {
$wherequery = 'WHERE question_subject_id=' . $subject_id . '';
} else {
$wherequery = F_escape_sql($db, $wherequery);
$wherequery .= ' AND question_subject_id=' . $subject_id . '';
}
$sql = 'SELECT *
FROM ' . K_TABLE_QUESTIONS . '
' . $wherequery . '
ORDER BY ' . $full_order_field;
if (K_DATABASE_TYPE == 'ORACLE') {
$sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . '';
} else {
$sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . '';
}
if ($r = F_db_query($sql, $db)) {
$questlist = '';
$itemcount = $firstrow;
while ($m = F_db_fetch_array($r)) {
$itemcount++;
$questlist .= '<li>' . K_NEWLINE;
$questlist .= '<strong>' . $itemcount . '.</strong> ';
$questlist .= '<input type="checkbox" name="questionid' . $itemcount . '" id="questionid' . $itemcount . '" value="' . $m['question_id'] . '" title="' . $l['w_select'] . '"';
if (isset($_REQUEST['checkall']) and $_REQUEST['checkall'] == 1) {
$questlist .= ' checked="checked"';
}
$questlist .= ' />';
// display question description
if (F_getBoolean($m['question_enabled'])) {
$questlist .= '<acronym class="onbox" title="' . $l['w_enabled'] . '">+</acronym>';
} else {
$questlist .= '<acronym class="offbox" title="' . $l['w_disabled'] . '">-</acronym>';
}
switch ($m['question_type']) {
case 1:
$questlist .= ' <acronym class="offbox" title="' . $l['w_single_answer'] . '">S</acronym>';
break;
case 2:
$questlist .= ' <acronym class="offbox" title="' . $l['w_multiple_answers'] . '">M</acronym>';
break;
case 3:
$questlist .= ' <acronym class="offbox" title="' . $l['w_free_answer'] . '">T</acronym>';
break;
case 4:
$questlist .= ' <acronym class="offbox" title="' . $l['w_ordering_answer'] . '">O</acronym>';
break;
}
$questlist .= ' <acronym class="offbox" title="' . $l['h_question_difficulty'] . '">' . $m['question_difficulty'] . '</acronym>';
if ($m['question_position'] > 0) {
$questlist .= ' <acronym class="onbox" title="' . $l['h_position'] . '">' . intval($m['question_position']) . '</acronym>';
} else {
$questlist .= ' <acronym class="offbox" title="' . $l['h_position'] . '"> </acronym>';
}
if (F_getBoolean($m['question_fullscreen'])) {
$questlist .= ' <acronym class="onbox" title="' . $l['w_fullscreen'] . ': ' . $l['w_enabled'] . '">F</acronym>';
} else {
$questlist .= ' <acronym class="offbox" title="' . $l['w_fullscreen'] . ': ' . $l['w_disabled'] . '"> </acronym>';
}
if (F_getBoolean($m['question_inline_answers'])) {
$questlist .= ' <acronym class="onbox" title="' . $l['w_inline_answers'] . ': ' . $l['w_enabled'] . '">I</acronym>';
} else {
$questlist .= ' <acronym class="offbox" title="' . $l['w_inline_answers'] . ': ' . $l['w_disabled'] . '"> </acronym>';
}
if (F_getBoolean($m['question_auto_next'])) {
$questlist .= ' <acronym class="onbox" title="' . $l['w_auto_next'] . ': ' . $l['w_enabled'] . '">A</acronym>';
} else {
$questlist .= ' <acronym class="offbox" title="' . $l['w_auto_next'] . ': ' . $l['w_disabled'] . '"> </acronym>';
}
if ($m['question_timer'] > 0) {
$questlist .= ' <acronym class="onbox" title="' . $l['h_question_timer'] . '">' . intval($m['question_timer']) . '</acronym>';
} else {
$questlist .= ' <acronym class="offbox" title="' . $l['h_question_timer'] . '"> </acronym>';
}
$questlist .= ' <a href="tce_edit_question.php?subject_module_id=' . $subject_module_id . '&question_subject_id=' . $subject_id . '&question_id=' . $m['question_id'] . '" title="' . $l['t_questions_editor'] . ' [ID = ' . $m['question_id'] . ']" class="xmlbutton">' . $l['w_edit'] . '</a>';
$questlist .= '<br /><br />' . K_NEWLINE;
$questlist .= '<div class="paddingleft">' . F_decode_tcecode($m['question_description']) . '</div>' . K_NEWLINE;
if (K_ENABLE_QUESTION_EXPLANATION and !empty($m['question_explanation'])) {
$questlist .= '<div class="paddingleft"><br /><span class="explanation">' . $l['w_explanation'] . ':</span><br />' . F_decode_tcecode($m['question_explanation']) . '</div>' . K_NEWLINE;
}
if (!$hide_answers) {
// display alternative answers
$sqla = 'SELECT *
FROM ' . K_TABLE_ANSWERS . '
WHERE answer_question_id=\'' . $m['question_id'] . '\'
ORDER BY answer_enabled DESC,answer_position,answer_isright DESC';
if ($ra = F_db_query($sqla, $db)) {
$answlist = '';
while ($ma = F_db_fetch_array($ra)) {
$answlist .= '<li>';
if (F_getBoolean($ma['answer_enabled'])) {
$answlist .= '<acronym class="onbox" title="' . $l['w_enabled'] . '">+</acronym>';
} else {
$answlist .= '<acronym class="offbox" title="' . $l['w_disabled'] . '">-</acronym>';
}
if ($m['question_type'] != 4) {
if (F_getBoolean($ma['answer_isright'])) {
$answlist .= ' <acronym class="okbox" title="' . $l['h_answer_right'] . '">T</acronym>';
} else {
$answlist .= ' <acronym class="nobox" title="' . $l['h_answer_wrong'] . '">F</acronym>';
}
}
if ($ma['answer_position'] > 0) {
$answlist .= ' <acronym class="onbox" title="' . $l['h_position'] . '">' . intval($ma['answer_position']) . '</acronym>';
} else {
$answlist .= ' <acronym class="offbox" title="' . $l['h_position'] . '"> </acronym>';
}
if ($ma['answer_keyboard_key'] > 0) {
$answlist .= ' <acronym class="onbox" title="' . $l['h_answer_keyboard_key'] . '">' . F_text_to_xml(chr($ma['answer_keyboard_key'])) . '</acronym>';
} else {
$answlist .= ' <acronym class="offbox" title="' . $l['h_answer_keyboard_key'] . '"> </acronym>';
}
$answlist .= ' <a href="tce_edit_answer.php?subject_module_id=' . $subject_module_id . '&question_subject_id=' . $subject_id . '&answer_question_id=' . $m['question_id'] . '&answer_id=' . $ma['answer_id'] . '" title="' . $l['t_answers_editor'] . ' [ID = ' . $ma['answer_id'] . ']" class="xmlbutton">' . $l['w_edit'] . '</a>';
//$answlist .= " ";
//$answlist .= "".F_decode_tcecode($ma['answer_description'])."";
$answlist .= '<br /><br />' . K_NEWLINE;
$answlist .= '<div class="paddingleft">' . F_decode_tcecode($ma['answer_description']) . '</div>' . K_NEWLINE;
if (K_ENABLE_ANSWER_EXPLANATION and !empty($ma['answer_explanation'])) {
$answlist .= '<div class="paddingleft"><br /><span class="explanation">' . $l['w_explanation'] . ':</span><br />' . F_decode_tcecode($ma['answer_explanation']) . '</div>' . K_NEWLINE;
}
$answlist .= '</li>' . K_NEWLINE;
}
if (strlen($answlist) > 0) {
$questlist .= "<ol class=\"answer\">\n" . $answlist . "</ol><br /><br />\n";
}
} else {
F_display_db_error();
}
}
// end if hide_answers
$questlist .= '</li>' . K_NEWLINE;
}
if (strlen($questlist) > 0) {
// display the list
echo '<ul class="question">' . K_NEWLINE;
echo $questlist;
echo '</ul>' . K_NEWLINE;
echo '<div class="row"><hr /></div>' . K_NEWLINE;
// check/uncheck all options
echo '<span dir="' . $l['a_meta_dir'] . '">';
echo '<input type="radio" name="checkall" id="checkall1" value="1" onclick="document.getElementById(\'form_selectquestions\').submit()" />';
echo '<label for="checkall1">' . $l['w_check_all'] . '</label> ';
echo '<input type="radio" name="checkall" id="checkall0" value="0" onclick="document.getElementById(\'form_selectquestions\').submit()" />';
echo '<label for="checkall0">' . $l['w_uncheck_all'] . '</label>';
echo '</span>' . K_NEWLINE;
echo ' ';
if ($l['a_meta_dir'] == 'rtl') {
$arr = '←';
} else {
$arr = '→';
}
// action options
echo '<select name="menu_action" id="menu_action" size="0">' . K_NEWLINE;
echo '<option value="0" style="color:gray">' . $l['m_with_selected'] . '</option>' . K_NEWLINE;
echo '<option value="enable">' . $l['w_enable'] . '</option>' . K_NEWLINE;
echo '<option value="disable">' . $l['w_disable'] . '</option>' . K_NEWLINE;
echo '<option value="delete">' . $l['w_delete'] . '</option>' . K_NEWLINE;
echo '<option value="copy">' . $l['w_copy'] . ' ' . $arr . '</option>' . K_NEWLINE;
echo '<option value="move">' . $l['w_move'] . ' ' . $arr . '</option>' . K_NEWLINE;
echo '</select>' . K_NEWLINE;
// select new topic (for copy or move action)
echo '<select name="new_subject_id" id="new_subject_id" size="0" title="' . $l['h_subject'] . '">' . K_NEWLINE;
$sql = F_select_module_subjects_sql('module_enabled=\'1\' AND subject_enabled=\'1\'');
if ($r = F_db_query($sql, $db)) {
echo '<option value="0" style="color:gray">' . $l['w_subject'] . '</option>' . K_NEWLINE;
$prev_module_id = 0;
while ($m = F_db_fetch_array($r)) {
if ($m['module_id'] != $prev_module_id) {
$prev_module_id = $m['module_id'];
echo '<option value="0" style="color:gray;font-weight:bold;" disabled="disabled">* ' . htmlspecialchars($m['module_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</option>' . K_NEWLINE;
}
echo '<option value="' . $m['subject_id'] . '"> ' . htmlspecialchars($m['subject_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</option>' . K_NEWLINE;
}
} else {
echo '</select>' . K_NEWLINE;
F_display_db_error();
}
echo '</select>' . K_NEWLINE;
// submit button
F_submit_button("update", $l['w_update'], $l['h_update']);
}
// ---------------------------------------------------------------
// -- page jumper (menu for successive pages)
if ($rowsperpage > 0) {
$sql = 'SELECT count(*) AS total FROM ' . K_TABLE_QUESTIONS . ' ' . $wherequery . '';
if (!empty($order_field)) {
$param_array = '&order_field=' . urlencode($order_field) . '';
}
if (!empty($orderdir)) {
$param_array .= '&orderdir=' . $orderdir . '';
}
if (!empty($hide_answers)) {
$param_array .= '&hide_answers=' . intval($hide_answers) . '';
}
$param_array .= '&subject_module_id=' . $subject_module_id . '';
$param_array .= '&subject_id=' . $subject_id . '';
$param_array .= '&submitted=1';
F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
}
} else {
F_display_db_error();
}
return TRUE;
}