/** * Display online users. * @author Nicola Asuni * @since 2001-10-18 * @param $wherequery (string) users selection query * @param $order_field (string) order by column name * @param $orderdir (int) oreder direction * @param $firstrow (int) number of first row to display * @param $rowsperpage (int) number of rows per page * @return false in case of empty database, true otherwise */ function F_list_online_users($wherequery, $order_field, $orderdir, $firstrow, $rowsperpage) { global $l, $db; require_once '../config/tce_config.php'; require_once '../../shared/code/tce_functions_page.php'; require_once 'tce_functions_user_select.php'; //initialize variables $orderdir = intval($orderdir); $firstrow = intval($firstrow); $rowsperpage = intval($rowsperpage); // order fields for SQL query if (empty($order_field) or !in_array($order_field, array('cpsession_id', 'cpsession_data'))) { $order_field = 'cpsession_expiry'; } if ($orderdir == 0) { $nextorderdir = 1; $full_order_field = $order_field; } else { $nextorderdir = 0; $full_order_field = $order_field . ' DESC'; } if (!F_count_rows(K_TABLE_SESSIONS)) { //if the table is void (no items) display message echo '<h2>' . $l['m_databasempty'] . '</h2>'; return FALSE; } if (empty($wherequery)) { $sql = 'SELECT * FROM ' . K_TABLE_SESSIONS . ' ORDER BY ' . $full_order_field . ''; } else { $wherequery = F_escape_sql($db, $wherequery); $sql = 'SELECT * FROM ' . K_TABLE_SESSIONS . ' ' . $wherequery . ' ORDER BY ' . $full_order_field . ''; } if (K_DATABASE_TYPE == 'ORACLE') { $sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . ''; } else { $sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . ''; } echo '<div class="container">' . K_NEWLINE; echo '<table class="userselect">' . K_NEWLINE; echo '<tr>' . K_NEWLINE; echo '<th>' . $l['w_user'] . '</th>' . K_NEWLINE; echo '<th>' . $l['w_level'] . '</th>' . K_NEWLINE; echo '<th>' . $l['w_ip'] . '</th>' . K_NEWLINE; echo '</tr>' . K_NEWLINE; if ($r = F_db_query($sql, $db)) { while ($m = F_db_fetch_array($r)) { $this_session = F_session_string_to_array($m['cpsession_data']); echo '<tr>'; echo '<td align="left">'; $user_str = ''; if ($this_session['session_user_lastname']) { $user_str .= urldecode($this_session['session_user_lastname']) . ', '; } if ($this_session['session_user_firstname']) { $user_str .= urldecode($this_session['session_user_firstname']) . ''; } $user_str .= ' (' . urldecode($this_session['session_user_name']) . ')'; if (F_isAuthorizedEditorForUser($this_session['session_user_id'])) { echo '<a href="tce_edit_user.php?user_id=' . $this_session['session_user_id'] . '">' . $user_str . '</a>'; } else { echo $user_str; } echo '</td>'; echo '<td>' . $this_session['session_user_level'] . '</td>'; echo '<td>' . $this_session['session_user_ip'] . '</td>'; echo '</tr>' . K_NEWLINE; } } else { F_display_db_error(); } echo '</table>' . K_NEWLINE; // --- ------------------------------------------------------ // --- page jump if ($rowsperpage > 0) { $sql = 'SELECT count(*) AS total FROM ' . K_TABLE_SESSIONS . ' ' . $wherequery . ''; if (!empty($order_field)) { $param_array = '&order_field=' . urlencode($order_field) . ''; } if (!empty($orderdir)) { $param_array .= '&orderdir=' . $orderdir . ''; } $param_array .= '&submitted=1'; F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array); } echo '<div class="pagehelp">' . $l['hp_online_users'] . '</div>' . K_NEWLINE; echo '</div>' . K_NEWLINE; return TRUE; }
/** * Display user selection XHTML table (popup mode). * @author Nicola Asuni * @since 2012-04-14 * @param $order_field (string) Order by column name. * @param $orderdir (int) Order direction. * @param $firstrow (int) Number of first row to display. * @param $rowsperpage (int) Number of rows per page. * @param $group_id (int) ID of the group (default = 0 = no specific group selected). * @param $andwhere (string) Additional SQL WHERE query conditions. * @param $searchterms (string) Search terms. * @param string $cid ID of the calling form field. * @return false in case of empty database, true otherwise */ function F_show_select_user_popup($order_field, $orderdir, $firstrow, $rowsperpage, $group_id = 0, $andwhere = '', $searchterms = '', $cid = 0) { global $l, $db; require_once '../config/tce_config.php'; require_once '../../shared/code/tce_functions_page.php'; require_once '../../shared/code/tce_functions_form.php'; $filter = 'cid=' . $cid; if ($l['a_meta_dir'] == 'rtl') { $txtalign = 'right'; $numalign = 'left'; } else { $txtalign = 'left'; $numalign = 'right'; } $order_field = F_escape_sql($db, $order_field); $orderdir = intval($orderdir); $firstrow = intval($firstrow); $rowsperpage = intval($rowsperpage); $group_id = intval($group_id); if (empty($order_field) or !in_array($order_field, array('user_id', 'user_name', 'user_password', 'user_email', 'user_regdate', 'user_ip', 'user_firstname', 'user_lastname', 'user_birthdate', 'user_birthplace', 'user_regnumber', 'user_ssn', 'user_level', 'user_verifycode'))) { $order_field = 'user_lastname,user_firstname'; } if ($orderdir == 0) { $nextorderdir = 1; $full_order_field = $order_field; } else { $nextorderdir = 0; $full_order_field = $order_field . ' DESC'; } if (!F_count_rows(K_TABLE_USERS)) { // if the table is void (no items) display message F_print_error('MESSAGE', $l['m_databasempty']); return FALSE; } $wherequery = ''; if ($group_id > 0) { $wherequery = ', ' . K_TABLE_USERGROUP . ' WHERE user_id=usrgrp_user_id AND usrgrp_group_id=' . $group_id . ''; $filter .= '&group_id=' . $group_id . ''; } if (empty($wherequery)) { $wherequery = ' WHERE'; } else { $wherequery .= ' AND'; } $wherequery .= ' (user_id>1)'; if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) { // filter for level $wherequery .= ' AND ((user_level<' . $_SESSION['session_user_level'] . ') OR (user_id=' . $_SESSION['session_user_id'] . '))'; // filter for groups $wherequery .= ' AND user_id IN (SELECT tb.usrgrp_user_id FROM ' . K_TABLE_USERGROUP . ' AS ta, ' . K_TABLE_USERGROUP . ' AS tb WHERE ta.usrgrp_group_id=tb.usrgrp_group_id AND ta.usrgrp_user_id=' . intval($_SESSION['session_user_id']) . ' AND tb.usrgrp_user_id=user_id)'; } if (!empty($andwhere)) { $wherequery .= ' AND (' . $andwhere . ')'; } $sql = 'SELECT * FROM ' . K_TABLE_USERS . $wherequery . ' ORDER BY ' . $full_order_field; if (K_DATABASE_TYPE == 'ORACLE') { $sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . ''; } else { $sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . ''; } if ($r = F_db_query($sql, $db)) { if ($m = F_db_fetch_array($r)) { // -- Table structure with links: echo '<div class="container">'; echo '<table class="userselect" style="font-size:80%;">' . K_NEWLINE; // table header echo '<tr>' . K_NEWLINE; if (strlen($searchterms) > 0) { $filter .= '&searchterms=' . urlencode($searchterms); } echo F_select_table_header_element('user_name', $nextorderdir, $l['h_login_name'], $l['w_user'], $order_field, $filter); echo F_select_table_header_element('user_lastname', $nextorderdir, $l['h_lastname'], $l['w_lastname'], $order_field, $filter); echo F_select_table_header_element('user_firstname', $nextorderdir, $l['h_firstname'], $l['w_firstname'], $order_field, $filter); echo F_select_table_header_element('user_email', $nextorderdir, $l['h_email'], $l['w_email'], $order_field, $filter); echo F_select_table_header_element('user_regnumber', $nextorderdir, $l['h_regcode'], $l['w_regcode'], $order_field, $filter); echo F_select_table_header_element('user_level', $nextorderdir, $l['h_level'], $l['w_level'], $order_field, $filter); echo F_select_table_header_element('user_regdate', $nextorderdir, $l['h_regdate'], $l['w_regdate'], $order_field, $filter); //echo '<th title="'.$l['h_group_name'].'">'.$l['w_groups'].'</th>'.K_NEWLINE; echo '</tr>' . K_NEWLINE; $itemcount = 0; do { $itemcount++; // on click the user ID will be returned on the calling form field $jsaction = 'javascript:window.opener.document.getElementById(\'' . $cid . '\').value=' . $m['user_id'] . ';'; $jsaction .= 'window.opener.document.getElementById(\'' . $cid . '\').onchange();'; $jsaction .= 'window.close();'; echo '<tr>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> <a href="#" onclick="' . $jsaction . '" title="[' . $l['w_select'] . ']">' . htmlspecialchars($m['user_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</a></td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_lastname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_firstname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_email'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_regnumber'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '<td> ' . $m['user_level'] . '</td>' . K_NEWLINE; echo '<td> ' . htmlspecialchars($m['user_regdate'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; /* // comma separated list of user's groups $grp = ''; $sqlg = 'SELECT * FROM '.K_TABLE_GROUPS.', '.K_TABLE_USERGROUP.' WHERE usrgrp_group_id=group_id AND usrgrp_user_id='.$m['user_id'].' ORDER BY group_name'; if ($rg = F_db_query($sqlg, $db)) { while ($mg = F_db_fetch_array($rg)) { $grp .= $mg['group_name'].', '; } } else { F_display_db_error(); } echo '<td style="text-align:'.$txtalign.';"> '.htmlspecialchars(substr($grp,0,-2), ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE; */ echo '</tr>' . K_NEWLINE; } while ($m = F_db_fetch_array($r)); echo '</table>' . K_NEWLINE; echo '<input type="hidden" name="order_field" id="order_field" value="' . $order_field . '" />' . K_NEWLINE; echo '<input type="hidden" name="orderdir" id="orderdir" value="' . $orderdir . '" />' . K_NEWLINE; echo '<input type="hidden" name="firstrow" id="firstrow" value="' . $firstrow . '" />' . K_NEWLINE; echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="' . $rowsperpage . '" />' . K_NEWLINE; echo '<div class="row"><hr /></div>' . K_NEWLINE; // --------------------------------------------------------------- // -- page jumper (menu for successive pages) if ($rowsperpage > 0) { $sql = 'SELECT count(*) AS total FROM ' . K_TABLE_USERS . '' . $wherequery . ''; if (!empty($order_field)) { $param_array = '&order_field=' . urlencode($order_field) . ''; } if (!empty($orderdir)) { $param_array .= '&orderdir=' . $orderdir . ''; } if (!empty($group_id)) { $param_array .= '&group_id=' . $group_id . ''; } if (!empty($searchterms)) { $param_array .= '&searchterms=' . urlencode($searchterms) . ''; } $param_array .= '&submitted=1'; F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array); } //echo '<div class="pagehelp">'.$l['hp_select_users'].'</div>'.K_NEWLINE; echo '</div>' . K_NEWLINE; } else { F_print_error('MESSAGE', $l['m_search_void']); } } else { F_display_db_error(); } return TRUE; }
/** * Display user selection XHTML table (popup mode). * @author Nicola Asuni * @since 2012-04-14 * @param $order_field (string) Order by column name. * @param $orderdir (int) Order direction. * @param $firstrow (int) Number of first row to display. * @param $rowsperpage (int) Number of rows per page. * @param $andwhere (string) Additional SQL WHERE query conditions. * @param $searchterms (string) Search terms. * @param string $cid ID of the calling form field. * @return false in case of empty database, true otherwise */ function F_show_select_test_popup($order_field, $orderdir, $firstrow, $rowsperpage, $andwhere = '', $searchterms = '', $cid = 0) { global $l, $db; require_once '../config/tce_config.php'; require_once '../../shared/code/tce_functions_page.php'; require_once '../../shared/code/tce_functions_form.php'; $filter = 'cid=' . $cid; if ($l['a_meta_dir'] == 'rtl') { $txtalign = 'right'; $numalign = 'left'; } else { $txtalign = 'left'; $numalign = 'right'; } $order_field = F_escape_sql($db, $order_field); $orderdir = intval($orderdir); $firstrow = intval($firstrow); $rowsperpage = intval($rowsperpage); if (empty($order_field) or !in_array($order_field, array('test_name', 'test_description', 'test_begin_time', 'test_end_time', 'test_duration_time', 'test_ip_range', 'test_results_to_users', 'test_report_to_users', 'test_score_right', 'test_score_wrong', 'test_score_unanswered', 'test_max_score', 'test_user_id', 'test_score_threshold', 'test_random_questions_select', 'test_random_questions_order', 'test_questions_order_mode', 'test_random_answers_select', 'test_random_answers_order', 'test_answers_order_mode', 'test_comment_enabled', 'test_menu_enabled', 'test_noanswer_enabled', 'test_mcma_radio', 'test_repeatable', 'test_mcma_partial_score', 'test_logout_on_timeout'))) { $order_field = 'test_begin_time DESC,test_name'; } if ($orderdir == 0) { $nextorderdir = 1; $full_order_field = $order_field; } else { $nextorderdir = 0; $full_order_field = $order_field . ' DESC'; } if (!F_count_rows(K_TABLE_TESTS)) { // if the table is void (no items) display message F_print_error('MESSAGE', $l['m_databasempty']); return FALSE; } $wherequery = ''; if (empty($wherequery)) { $wherequery = ' WHERE'; } else { $wherequery .= ' AND'; } $wherequery .= ' (test_id>0)'; if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) { $wherequery .= ' AND test_user_id IN (' . F_getAuthorizedUsers($_SESSION['session_user_id']) . ')'; } if (!empty($andwhere)) { $wherequery .= ' AND (' . $andwhere . ')'; } $sql = 'SELECT * FROM ' . K_TABLE_TESTS . $wherequery . ' ORDER BY ' . $full_order_field; if (K_DATABASE_TYPE == 'ORACLE') { $sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . ''; } else { $sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . ''; } if ($r = F_db_query($sql, $db)) { if ($m = F_db_fetch_array($r)) { // -- Table structure with links: echo '<div class="container">'; echo '<table class="userselect" style="font-size:80%;">' . K_NEWLINE; // table header echo '<tr>' . K_NEWLINE; if (strlen($searchterms) > 0) { $filter .= '&searchterms=' . urlencode($searchterms); } echo F_select_table_header_element('test_begin_time', $nextorderdir, $l['w_time_begin'] . ' ' . $l['w_datetime_format'], $l['w_time_begin'], $order_field, $filter); echo F_select_table_header_element('test_end_time', $nextorderdir, $l['w_time_end'] . ' ' . $l['w_datetime_format'], $l['w_time_end'], $order_field, $filter); echo F_select_table_header_element('test_name', $nextorderdir, $l['h_test_name'], $l['w_name'], $order_field, $filter); echo F_select_table_header_element('test_description', $nextorderdir, $l['h_test_description'], $l['w_description'], $order_field, $filter); echo '</tr>' . K_NEWLINE; $itemcount = 0; do { $itemcount++; // on click the user ID will be returned on the calling form field $jsaction = 'javascript:window.opener.document.getElementById(\'' . $cid . '\').value=' . $m['test_id'] . ';'; $jsaction .= 'window.opener.document.getElementById(\'' . $cid . '\').onchange();'; $jsaction .= 'window.close();'; echo '<tr>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['test_begin_time'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['test_end_time'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> <a href="#" onclick="' . $jsaction . '" title="[' . $l['w_select'] . ']">' . htmlspecialchars($m['test_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</a></td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['test_description'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '</tr>' . K_NEWLINE; } while ($m = F_db_fetch_array($r)); echo '</table>' . K_NEWLINE; echo '<input type="hidden" name="order_field" id="order_field" value="' . $order_field . '" />' . K_NEWLINE; echo '<input type="hidden" name="orderdir" id="orderdir" value="' . $orderdir . '" />' . K_NEWLINE; echo '<input type="hidden" name="firstrow" id="firstrow" value="' . $firstrow . '" />' . K_NEWLINE; echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="' . $rowsperpage . '" />' . K_NEWLINE; echo '<div class="row"><hr /></div>' . K_NEWLINE; // --------------------------------------------------------------- // -- page jumper (menu for successive pages) if ($rowsperpage > 0) { $sql = 'SELECT count(*) AS total FROM ' . K_TABLE_TESTS . '' . $wherequery . ''; if (!empty($order_field)) { $param_array = '&order_field=' . urlencode($order_field) . ''; } if (!empty($orderdir)) { $param_array .= '&orderdir=' . $orderdir . ''; } if (!empty($searchterms)) { $param_array .= '&searchterms=' . urlencode($searchterms) . ''; } $param_array .= '&submitted=1'; F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array); } echo '</div>' . K_NEWLINE; } else { F_print_error('MESSAGE', $l['m_search_void']); } } else { F_display_db_error(); } return TRUE; }
/** * Display user selection XHTML table. * @author Nicola Asuni * @since 2001-09-13 * @param $order_field (string) order by column name * @param $orderdir (int) oreder direction * @param $firstrow (int) number of first row to display * @param $rowsperpage (int) number of rows per page * @param $group_id (int) id of the group (default = 0 = no specific group selected) * @param $andwhere (string) additional SQL WHERE query conditions * @param $searchterms (string) search terms * @return false in case of empty database, true otherwise */ function F_show_select_user($order_field, $orderdir, $firstrow, $rowsperpage, $group_id = 0, $andwhere = '', $searchterms = '') { global $l, $db; require_once '../config/tce_config.php'; require_once '../../shared/code/tce_functions_page.php'; require_once '../../shared/code/tce_functions_form.php'; $filter = ''; if ($l['a_meta_dir'] == 'rtl') { $txtalign = 'right'; $numalign = 'left'; } else { $txtalign = 'left'; $numalign = 'right'; } $order_field = F_escape_sql($order_field); $orderdir = intval($orderdir); $firstrow = intval($firstrow); $rowsperpage = intval($rowsperpage); $group_id = intval($group_id); if (empty($order_field) or !in_array($order_field, array('user_id', 'user_name', 'user_password', 'user_email', 'user_regdate', 'user_ip', 'user_firstname', 'user_lastname', 'user_regnumber', 'user_level', 'user_verifycode'))) { $order_field = 'user_lastname,user_firstname'; } if ($orderdir == 0) { $nextorderdir = 1; $full_order_field = $order_field; } else { $nextorderdir = 0; $full_order_field = $order_field . ' DESC'; } if (!F_count_rows(K_TABLE_USERS)) { // if the table is void (no items) display message F_print_error('MESSAGE', $l['m_databasempty']); return FALSE; } $wherequery = ''; if ($group_id > 0) { $wherequery = ', ' . K_TABLE_USERGROUP . ' WHERE user_id=usrgrp_user_id AND usrgrp_group_id=' . $group_id . ''; $filter .= '&group_id=' . $group_id . ''; } if (empty($wherequery)) { $wherequery = ' WHERE'; } else { $wherequery .= ' AND'; } $wherequery .= ' (user_id>1)'; if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) { // filter for level $wherequery .= ' AND ((user_level<' . $_SESSION['session_user_level'] . ') OR (user_id=' . $_SESSION['session_user_id'] . '))'; // filter for groups $wherequery .= ' AND user_id IN (SELECT tb.usrgrp_user_id FROM ' . K_TABLE_USERGROUP . ' AS ta, ' . K_TABLE_USERGROUP . ' AS tb WHERE ta.usrgrp_group_id=tb.usrgrp_group_id AND ta.usrgrp_user_id=' . intval($_SESSION['session_user_id']) . ' AND tb.usrgrp_user_id=user_id)'; } if (!empty($andwhere)) { $wherequery .= ' AND (' . $andwhere . ')'; } $sql = 'SELECT * FROM ' . K_TABLE_USERS . $wherequery . ' ORDER BY ' . $full_order_field; if (K_DATABASE_TYPE == 'ORACLE') { $sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . ''; } else { $sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . ''; } if ($r = F_db_query($sql, $db)) { if ($m = F_db_fetch_array($r)) { // -- Table structure with links: echo '<div class="container">'; echo '<table class="userselect">' . K_NEWLINE; // table header echo '<tr>' . K_NEWLINE; echo '<th> </th>' . K_NEWLINE; if (strlen($searchterms) > 0) { $filter .= '&searchterms=' . urlencode($searchterms); } echo F_select_table_header_element('user_name', $nextorderdir, $l['h_login_name'], $l['w_user'], $order_field, $filter); echo F_select_table_header_element('user_lastname', $nextorderdir, $l['h_lastname'], $l['w_lastname'], $order_field, $filter); echo F_select_table_header_element('user_firstname', $nextorderdir, $l['h_firstname'], $l['w_firstname'], $order_field, $filter); echo F_select_table_header_element('user_regnumber', $nextorderdir, $l['h_regcode'], $l['w_regcode'], $order_field, $filter); echo F_select_table_header_element('user_level', $nextorderdir, $l['h_level'], $l['w_level'], $order_field, $filter); echo F_select_table_header_element('user_regdate', $nextorderdir, $l['h_regdate'], $l['w_regdate'], $order_field, $filter); echo '<th title="' . $l['h_group_name'] . '">' . $l['w_groups'] . '</th>' . K_NEWLINE; echo '</tr>' . K_NEWLINE; $itemcount = 0; do { $itemcount++; echo '<tr>' . K_NEWLINE; echo '<td>'; echo '<input type="checkbox" name="userid' . $itemcount . '" id="userid' . $itemcount . '" value="' . $m['user_id'] . '" title="' . $l['w_select'] . '"'; if (isset($_REQUEST['checkall']) and $_REQUEST['checkall'] == 1) { echo ' checked="checked"'; } echo ' />'; echo '</td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> <a href="tce_edit_user.php?user_id=' . $m['user_id'] . '" title="' . $l['w_edit'] . '">' . htmlspecialchars($m['user_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</a></td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_lastname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_firstname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars($m['user_regnumber'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '<td> ' . $m['user_level'] . '</td>' . K_NEWLINE; echo '<td> ' . htmlspecialchars($m['user_regdate'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; // comma separated list of user's groups $grp = ''; $sqlg = 'SELECT * FROM ' . K_TABLE_GROUPS . ', ' . K_TABLE_USERGROUP . ' WHERE usrgrp_group_id=group_id AND usrgrp_user_id=' . $m['user_id'] . ' ORDER BY group_name'; if ($rg = F_db_query($sqlg, $db)) { while ($mg = F_db_fetch_array($rg)) { $grp .= $mg['group_name'] . ', '; } } else { F_display_db_error(); } echo '<td style="text-align:' . $txtalign . ';"> ' . htmlspecialchars(substr($grp, 0, -2), ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE; echo '</tr>' . K_NEWLINE; } while ($m = F_db_fetch_array($r)); echo '</table>' . K_NEWLINE; echo '<br />' . K_NEWLINE; echo '<input type="hidden" name="order_field" id="order_field" value="' . $order_field . '" />' . K_NEWLINE; echo '<input type="hidden" name="orderdir" id="orderdir" value="' . $orderdir . '" />' . K_NEWLINE; echo '<input type="hidden" name="firstrow" id="firstrow" value="' . $firstrow . '" />' . K_NEWLINE; echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="' . $rowsperpage . '" />' . K_NEWLINE; // check/uncheck all options echo '<span dir="ltr">'; echo '<input type="radio" name="checkall" id="checkall1" value="1" onclick="document.getElementById(\'form_userselect\').submit()" />'; echo '<label for="checkall1">' . $l['w_check_all'] . '</label> '; echo '<input type="radio" name="checkall" id="checkall0" value="0" onclick="document.getElementById(\'form_userselect\').submit()" />'; echo '<label for="checkall0">' . $l['w_uncheck_all'] . '</label>'; echo '</span>' . K_NEWLINE; echo '<br />' . K_NEWLINE; echo '<strong style="margin:5px">' . $l['m_with_selected'] . '</strong>' . K_NEWLINE; echo '<ul style="margin:0">'; if ($_SESSION['session_user_level'] >= K_AUTH_DELETE_USERS) { // delete user echo '<li>'; F_submit_button('delete', $l['w_delete'], $l['h_delete']); echo '</li>' . K_NEWLINE; } if ($_SESSION['session_user_level'] >= K_AUTH_ADMIN_GROUPS) { echo '<li>'; // add/delete group echo F_user_group_select('new_group_id'); F_submit_button('addgroup', $l['w_add'], $l['w_add']); if ($_SESSION['session_user_level'] >= K_AUTH_DELETE_GROUPS) { F_submit_button('delgroup', $l['w_delete'], $l['h_delete']); } echo '</li>' . K_NEWLINE; if ($_SESSION['session_user_level'] >= K_AUTH_MOVE_GROUPS) { // move group echo '<li>'; if ($l['a_meta_dir'] == 'rtl') { $arr = '←'; } else { $arr = '→'; } echo F_user_group_select('from_group_id'); echo $arr; echo F_user_group_select('to_group_id'); F_submit_button('move', $l['w_move'], $l['w_move']); echo '</li>' . K_NEWLINE; } } echo '</ul>' . K_NEWLINE; echo '<div class="row"><hr /></div>' . K_NEWLINE; // --------------------------------------------------------------- // -- page jumper (menu for successive pages) if ($rowsperpage > 0) { $sql = 'SELECT count(*) AS total FROM ' . K_TABLE_USERS . '' . $wherequery . ''; if (!empty($order_field)) { $param_array = '&order_field=' . urlencode($order_field) . ''; } if (!empty($orderdir)) { $param_array .= '&orderdir=' . $orderdir . ''; } if (!empty($group_id)) { $param_array .= '&group_id=' . $group_id . ''; } if (!empty($searchterms)) { $param_array .= '&searchterms=' . urlencode($searchterms) . ''; } $param_array .= '&submitted=1'; F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array); } echo '<div class="row">' . K_NEWLINE; echo '<br />'; //echo '<a href="tce_xml_users.php" class="xmlbutton" title="'.$l['h_xml_export'].'">XML</a> '; //echo '<a href="tce_csv_users.php" class="xmlbutton" title="'.$l['h_csv_export'].'">CSV</a>'; echo '</div>' . K_NEWLINE; echo '<div class="pagehelp">' . $l['hp_select_users'] . '</div>' . K_NEWLINE; echo '</div>' . K_NEWLINE; } else { F_print_error('MESSAGE', $l['m_search_void']); } } else { F_display_db_error(); } return TRUE; }
/** * Display a list of selected questions. * @author Nicola Asuni * @since 2005-07-06 * @param $wherequery (string) question selection query * @param $subject_module_id (string) module ID * @param $subject_id (string) topic ID * @param $order_field (string) order by column name * @param $orderdir (int) oreder direction * @param $firstrow (int) number of first row to display * @param $rowsperpage (int) number of rows per page * @param $hide_answers (boolean) if true hide answers * @return false in case of empty database, true otherwise */ function F_show_select_questions($wherequery, $subject_module_id, $subject_id, $order_field, $orderdir, $firstrow, $rowsperpage, $hide_answers = false) { global $l, $db; require_once '../config/tce_config.php'; require_once '../../shared/code/tce_functions_page.php'; $subject_module_id = intval($subject_module_id); $subject_id = intval($subject_id); $orderdir = intval($orderdir); $firstrow = intval($firstrow); $rowsperpage = intval($rowsperpage); if (empty($order_field) or !in_array($order_field, array('question_id', 'question_subject_id', 'question_description', 'question_explanation', 'question_type', 'question_difficulty', 'question_enabled', 'question_position', 'question_timer', 'question_fullscreen', 'question_inline_answers', 'question_auto_next', 'question_enabled DESC, question_position, CAST(question_description as varchar2(100))', 'question_enabled DESC, question_position, question_description'))) { $order_field = 'question_description'; } if ($orderdir == 0) { $nextorderdir = 1; $full_order_field = $order_field; } else { $nextorderdir = 0; $full_order_field = $order_field . ' DESC'; } if (!F_count_rows(K_TABLE_QUESTIONS)) { //if the table is void (no items) display message F_print_error('MESSAGE', $l['m_databasempty']); return FALSE; } if (empty($wherequery)) { $wherequery = 'WHERE question_subject_id=' . $subject_id . ''; } else { $wherequery = F_escape_sql($db, $wherequery); $wherequery .= ' AND question_subject_id=' . $subject_id . ''; } $sql = 'SELECT * FROM ' . K_TABLE_QUESTIONS . ' ' . $wherequery . ' ORDER BY ' . $full_order_field; if (K_DATABASE_TYPE == 'ORACLE') { $sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . ''; } else { $sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . ''; } if ($r = F_db_query($sql, $db)) { $questlist = ''; $itemcount = $firstrow; while ($m = F_db_fetch_array($r)) { $itemcount++; $questlist .= '<li>' . K_NEWLINE; $questlist .= '<strong>' . $itemcount . '.</strong> '; $questlist .= '<input type="checkbox" name="questionid' . $itemcount . '" id="questionid' . $itemcount . '" value="' . $m['question_id'] . '" title="' . $l['w_select'] . '"'; if (isset($_REQUEST['checkall']) and $_REQUEST['checkall'] == 1) { $questlist .= ' checked="checked"'; } $questlist .= ' />'; // display question description if (F_getBoolean($m['question_enabled'])) { $questlist .= '<acronym class="onbox" title="' . $l['w_enabled'] . '">+</acronym>'; } else { $questlist .= '<acronym class="offbox" title="' . $l['w_disabled'] . '">-</acronym>'; } switch ($m['question_type']) { case 1: $questlist .= ' <acronym class="offbox" title="' . $l['w_single_answer'] . '">S</acronym>'; break; case 2: $questlist .= ' <acronym class="offbox" title="' . $l['w_multiple_answers'] . '">M</acronym>'; break; case 3: $questlist .= ' <acronym class="offbox" title="' . $l['w_free_answer'] . '">T</acronym>'; break; case 4: $questlist .= ' <acronym class="offbox" title="' . $l['w_ordering_answer'] . '">O</acronym>'; break; } $questlist .= ' <acronym class="offbox" title="' . $l['h_question_difficulty'] . '">' . $m['question_difficulty'] . '</acronym>'; if ($m['question_position'] > 0) { $questlist .= ' <acronym class="onbox" title="' . $l['h_position'] . '">' . intval($m['question_position']) . '</acronym>'; } else { $questlist .= ' <acronym class="offbox" title="' . $l['h_position'] . '"> </acronym>'; } if (F_getBoolean($m['question_fullscreen'])) { $questlist .= ' <acronym class="onbox" title="' . $l['w_fullscreen'] . ': ' . $l['w_enabled'] . '">F</acronym>'; } else { $questlist .= ' <acronym class="offbox" title="' . $l['w_fullscreen'] . ': ' . $l['w_disabled'] . '"> </acronym>'; } if (F_getBoolean($m['question_inline_answers'])) { $questlist .= ' <acronym class="onbox" title="' . $l['w_inline_answers'] . ': ' . $l['w_enabled'] . '">I</acronym>'; } else { $questlist .= ' <acronym class="offbox" title="' . $l['w_inline_answers'] . ': ' . $l['w_disabled'] . '"> </acronym>'; } if (F_getBoolean($m['question_auto_next'])) { $questlist .= ' <acronym class="onbox" title="' . $l['w_auto_next'] . ': ' . $l['w_enabled'] . '">A</acronym>'; } else { $questlist .= ' <acronym class="offbox" title="' . $l['w_auto_next'] . ': ' . $l['w_disabled'] . '"> </acronym>'; } if ($m['question_timer'] > 0) { $questlist .= ' <acronym class="onbox" title="' . $l['h_question_timer'] . '">' . intval($m['question_timer']) . '</acronym>'; } else { $questlist .= ' <acronym class="offbox" title="' . $l['h_question_timer'] . '"> </acronym>'; } $questlist .= ' <a href="tce_edit_question.php?subject_module_id=' . $subject_module_id . '&question_subject_id=' . $subject_id . '&question_id=' . $m['question_id'] . '" title="' . $l['t_questions_editor'] . ' [ID = ' . $m['question_id'] . ']" class="xmlbutton">' . $l['w_edit'] . '</a>'; $questlist .= '<br /><br />' . K_NEWLINE; $questlist .= '<div class="paddingleft">' . F_decode_tcecode($m['question_description']) . '</div>' . K_NEWLINE; if (K_ENABLE_QUESTION_EXPLANATION and !empty($m['question_explanation'])) { $questlist .= '<div class="paddingleft"><br /><span class="explanation">' . $l['w_explanation'] . ':</span><br />' . F_decode_tcecode($m['question_explanation']) . '</div>' . K_NEWLINE; } if (!$hide_answers) { // display alternative answers $sqla = 'SELECT * FROM ' . K_TABLE_ANSWERS . ' WHERE answer_question_id=\'' . $m['question_id'] . '\' ORDER BY answer_enabled DESC,answer_position,answer_isright DESC'; if ($ra = F_db_query($sqla, $db)) { $answlist = ''; while ($ma = F_db_fetch_array($ra)) { $answlist .= '<li>'; if (F_getBoolean($ma['answer_enabled'])) { $answlist .= '<acronym class="onbox" title="' . $l['w_enabled'] . '">+</acronym>'; } else { $answlist .= '<acronym class="offbox" title="' . $l['w_disabled'] . '">-</acronym>'; } if ($m['question_type'] != 4) { if (F_getBoolean($ma['answer_isright'])) { $answlist .= ' <acronym class="okbox" title="' . $l['h_answer_right'] . '">T</acronym>'; } else { $answlist .= ' <acronym class="nobox" title="' . $l['h_answer_wrong'] . '">F</acronym>'; } } if ($ma['answer_position'] > 0) { $answlist .= ' <acronym class="onbox" title="' . $l['h_position'] . '">' . intval($ma['answer_position']) . '</acronym>'; } else { $answlist .= ' <acronym class="offbox" title="' . $l['h_position'] . '"> </acronym>'; } if ($ma['answer_keyboard_key'] > 0) { $answlist .= ' <acronym class="onbox" title="' . $l['h_answer_keyboard_key'] . '">' . F_text_to_xml(chr($ma['answer_keyboard_key'])) . '</acronym>'; } else { $answlist .= ' <acronym class="offbox" title="' . $l['h_answer_keyboard_key'] . '"> </acronym>'; } $answlist .= ' <a href="tce_edit_answer.php?subject_module_id=' . $subject_module_id . '&question_subject_id=' . $subject_id . '&answer_question_id=' . $m['question_id'] . '&answer_id=' . $ma['answer_id'] . '" title="' . $l['t_answers_editor'] . ' [ID = ' . $ma['answer_id'] . ']" class="xmlbutton">' . $l['w_edit'] . '</a>'; //$answlist .= " "; //$answlist .= "".F_decode_tcecode($ma['answer_description']).""; $answlist .= '<br /><br />' . K_NEWLINE; $answlist .= '<div class="paddingleft">' . F_decode_tcecode($ma['answer_description']) . '</div>' . K_NEWLINE; if (K_ENABLE_ANSWER_EXPLANATION and !empty($ma['answer_explanation'])) { $answlist .= '<div class="paddingleft"><br /><span class="explanation">' . $l['w_explanation'] . ':</span><br />' . F_decode_tcecode($ma['answer_explanation']) . '</div>' . K_NEWLINE; } $answlist .= '</li>' . K_NEWLINE; } if (strlen($answlist) > 0) { $questlist .= "<ol class=\"answer\">\n" . $answlist . "</ol><br /><br />\n"; } } else { F_display_db_error(); } } // end if hide_answers $questlist .= '</li>' . K_NEWLINE; } if (strlen($questlist) > 0) { // display the list echo '<ul class="question">' . K_NEWLINE; echo $questlist; echo '</ul>' . K_NEWLINE; echo '<div class="row"><hr /></div>' . K_NEWLINE; // check/uncheck all options echo '<span dir="' . $l['a_meta_dir'] . '">'; echo '<input type="radio" name="checkall" id="checkall1" value="1" onclick="document.getElementById(\'form_selectquestions\').submit()" />'; echo '<label for="checkall1">' . $l['w_check_all'] . '</label> '; echo '<input type="radio" name="checkall" id="checkall0" value="0" onclick="document.getElementById(\'form_selectquestions\').submit()" />'; echo '<label for="checkall0">' . $l['w_uncheck_all'] . '</label>'; echo '</span>' . K_NEWLINE; echo ' '; if ($l['a_meta_dir'] == 'rtl') { $arr = '←'; } else { $arr = '→'; } // action options echo '<select name="menu_action" id="menu_action" size="0">' . K_NEWLINE; echo '<option value="0" style="color:gray">' . $l['m_with_selected'] . '</option>' . K_NEWLINE; echo '<option value="enable">' . $l['w_enable'] . '</option>' . K_NEWLINE; echo '<option value="disable">' . $l['w_disable'] . '</option>' . K_NEWLINE; echo '<option value="delete">' . $l['w_delete'] . '</option>' . K_NEWLINE; echo '<option value="copy">' . $l['w_copy'] . ' ' . $arr . '</option>' . K_NEWLINE; echo '<option value="move">' . $l['w_move'] . ' ' . $arr . '</option>' . K_NEWLINE; echo '</select>' . K_NEWLINE; // select new topic (for copy or move action) echo '<select name="new_subject_id" id="new_subject_id" size="0" title="' . $l['h_subject'] . '">' . K_NEWLINE; $sql = F_select_module_subjects_sql('module_enabled=\'1\' AND subject_enabled=\'1\''); if ($r = F_db_query($sql, $db)) { echo '<option value="0" style="color:gray">' . $l['w_subject'] . '</option>' . K_NEWLINE; $prev_module_id = 0; while ($m = F_db_fetch_array($r)) { if ($m['module_id'] != $prev_module_id) { $prev_module_id = $m['module_id']; echo '<option value="0" style="color:gray;font-weight:bold;" disabled="disabled">* ' . htmlspecialchars($m['module_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</option>' . K_NEWLINE; } echo '<option value="' . $m['subject_id'] . '"> ' . htmlspecialchars($m['subject_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</option>' . K_NEWLINE; } } else { echo '</select>' . K_NEWLINE; F_display_db_error(); } echo '</select>' . K_NEWLINE; // submit button F_submit_button("update", $l['w_update'], $l['h_update']); } // --------------------------------------------------------------- // -- page jumper (menu for successive pages) if ($rowsperpage > 0) { $sql = 'SELECT count(*) AS total FROM ' . K_TABLE_QUESTIONS . ' ' . $wherequery . ''; if (!empty($order_field)) { $param_array = '&order_field=' . urlencode($order_field) . ''; } if (!empty($orderdir)) { $param_array .= '&orderdir=' . $orderdir . ''; } if (!empty($hide_answers)) { $param_array .= '&hide_answers=' . intval($hide_answers) . ''; } $param_array .= '&subject_module_id=' . $subject_module_id . ''; $param_array .= '&subject_id=' . $subject_id . ''; $param_array .= '&submitted=1'; F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array); } } else { F_display_db_error(); } return TRUE; }