コード例 #1
0
/**
 * Display online users.
 * @author Nicola Asuni
 * @since 2001-10-18
 * @param $wherequery (string) users selection query
 * @param $order_field (string) order by column name
 * @param $orderdir (int) oreder direction
 * @param $firstrow (int) number of first row to display
 * @param $rowsperpage (int) number of rows per page
 * @return false in case of empty database, true otherwise
 */
function F_list_online_users($wherequery, $order_field, $orderdir, $firstrow, $rowsperpage)
{
    global $l, $db;
    require_once '../config/tce_config.php';
    require_once '../../shared/code/tce_functions_page.php';
    require_once 'tce_functions_user_select.php';
    //initialize variables
    $orderdir = intval($orderdir);
    $firstrow = intval($firstrow);
    $rowsperpage = intval($rowsperpage);
    // order fields for SQL query
    if (empty($order_field) or !in_array($order_field, array('cpsession_id', 'cpsession_data'))) {
        $order_field = 'cpsession_expiry';
    }
    if ($orderdir == 0) {
        $nextorderdir = 1;
        $full_order_field = $order_field;
    } else {
        $nextorderdir = 0;
        $full_order_field = $order_field . ' DESC';
    }
    if (!F_count_rows(K_TABLE_SESSIONS)) {
        //if the table is void (no items) display message
        echo '<h2>' . $l['m_databasempty'] . '</h2>';
        return FALSE;
    }
    if (empty($wherequery)) {
        $sql = 'SELECT * FROM ' . K_TABLE_SESSIONS . ' ORDER BY ' . $full_order_field . '';
    } else {
        $wherequery = F_escape_sql($db, $wherequery);
        $sql = 'SELECT * FROM ' . K_TABLE_SESSIONS . ' ' . $wherequery . ' ORDER BY ' . $full_order_field . '';
    }
    if (K_DATABASE_TYPE == 'ORACLE') {
        $sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . '';
    } else {
        $sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . '';
    }
    echo '<div class="container">' . K_NEWLINE;
    echo '<table class="userselect">' . K_NEWLINE;
    echo '<tr>' . K_NEWLINE;
    echo '<th>' . $l['w_user'] . '</th>' . K_NEWLINE;
    echo '<th>' . $l['w_level'] . '</th>' . K_NEWLINE;
    echo '<th>' . $l['w_ip'] . '</th>' . K_NEWLINE;
    echo '</tr>' . K_NEWLINE;
    if ($r = F_db_query($sql, $db)) {
        while ($m = F_db_fetch_array($r)) {
            $this_session = F_session_string_to_array($m['cpsession_data']);
            echo '<tr>';
            echo '<td align="left">';
            $user_str = '';
            if ($this_session['session_user_lastname']) {
                $user_str .= urldecode($this_session['session_user_lastname']) . ', ';
            }
            if ($this_session['session_user_firstname']) {
                $user_str .= urldecode($this_session['session_user_firstname']) . '';
            }
            $user_str .= ' (' . urldecode($this_session['session_user_name']) . ')';
            if (F_isAuthorizedEditorForUser($this_session['session_user_id'])) {
                echo '<a href="tce_edit_user.php?user_id=' . $this_session['session_user_id'] . '">' . $user_str . '</a>';
            } else {
                echo $user_str;
            }
            echo '</td>';
            echo '<td>' . $this_session['session_user_level'] . '</td>';
            echo '<td>' . $this_session['session_user_ip'] . '</td>';
            echo '</tr>' . K_NEWLINE;
        }
    } else {
        F_display_db_error();
    }
    echo '</table>' . K_NEWLINE;
    // --- ------------------------------------------------------
    // --- page jump
    if ($rowsperpage > 0) {
        $sql = 'SELECT count(*) AS total FROM ' . K_TABLE_SESSIONS . ' ' . $wherequery . '';
        if (!empty($order_field)) {
            $param_array = '&amp;order_field=' . urlencode($order_field) . '';
        }
        if (!empty($orderdir)) {
            $param_array .= '&amp;orderdir=' . $orderdir . '';
        }
        $param_array .= '&amp;submitted=1';
        F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
    }
    echo '<div class="pagehelp">' . $l['hp_online_users'] . '</div>' . K_NEWLINE;
    echo '</div>' . K_NEWLINE;
    return TRUE;
}
コード例 #2
0
/**
 * Display user selection XHTML table (popup mode).
 * @author Nicola Asuni
 * @since 2012-04-14
 * @param $order_field (string) Order by column name.
 * @param $orderdir (int) Order direction.
 * @param $firstrow (int) Number of first row to display.
 * @param $rowsperpage (int) Number of rows per page.
 * @param $group_id (int) ID of the group (default = 0 = no specific group selected).
 * @param $andwhere (string) Additional SQL WHERE query conditions.
 * @param $searchterms (string) Search terms.
 * @param string $cid ID of the calling form field.
 * @return false in case of empty database, true otherwise
 */
function F_show_select_user_popup($order_field, $orderdir, $firstrow, $rowsperpage, $group_id = 0, $andwhere = '', $searchterms = '', $cid = 0)
{
    global $l, $db;
    require_once '../config/tce_config.php';
    require_once '../../shared/code/tce_functions_page.php';
    require_once '../../shared/code/tce_functions_form.php';
    $filter = 'cid=' . $cid;
    if ($l['a_meta_dir'] == 'rtl') {
        $txtalign = 'right';
        $numalign = 'left';
    } else {
        $txtalign = 'left';
        $numalign = 'right';
    }
    $order_field = F_escape_sql($db, $order_field);
    $orderdir = intval($orderdir);
    $firstrow = intval($firstrow);
    $rowsperpage = intval($rowsperpage);
    $group_id = intval($group_id);
    if (empty($order_field) or !in_array($order_field, array('user_id', 'user_name', 'user_password', 'user_email', 'user_regdate', 'user_ip', 'user_firstname', 'user_lastname', 'user_birthdate', 'user_birthplace', 'user_regnumber', 'user_ssn', 'user_level', 'user_verifycode'))) {
        $order_field = 'user_lastname,user_firstname';
    }
    if ($orderdir == 0) {
        $nextorderdir = 1;
        $full_order_field = $order_field;
    } else {
        $nextorderdir = 0;
        $full_order_field = $order_field . ' DESC';
    }
    if (!F_count_rows(K_TABLE_USERS)) {
        // if the table is void (no items) display message
        F_print_error('MESSAGE', $l['m_databasempty']);
        return FALSE;
    }
    $wherequery = '';
    if ($group_id > 0) {
        $wherequery = ', ' . K_TABLE_USERGROUP . ' WHERE user_id=usrgrp_user_id	AND usrgrp_group_id=' . $group_id . '';
        $filter .= '&amp;group_id=' . $group_id . '';
    }
    if (empty($wherequery)) {
        $wherequery = ' WHERE';
    } else {
        $wherequery .= ' AND';
    }
    $wherequery .= ' (user_id>1)';
    if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
        // filter for level
        $wherequery .= ' AND ((user_level<' . $_SESSION['session_user_level'] . ') OR (user_id=' . $_SESSION['session_user_id'] . '))';
        // filter for groups
        $wherequery .= ' AND user_id IN (SELECT tb.usrgrp_user_id
			FROM ' . K_TABLE_USERGROUP . ' AS ta, ' . K_TABLE_USERGROUP . ' AS tb
			WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
				AND ta.usrgrp_user_id=' . intval($_SESSION['session_user_id']) . '
				AND tb.usrgrp_user_id=user_id)';
    }
    if (!empty($andwhere)) {
        $wherequery .= ' AND (' . $andwhere . ')';
    }
    $sql = 'SELECT * FROM ' . K_TABLE_USERS . $wherequery . ' ORDER BY ' . $full_order_field;
    if (K_DATABASE_TYPE == 'ORACLE') {
        $sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . '';
    } else {
        $sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . '';
    }
    if ($r = F_db_query($sql, $db)) {
        if ($m = F_db_fetch_array($r)) {
            // -- Table structure with links:
            echo '<div class="container">';
            echo '<table class="userselect" style="font-size:80%;">' . K_NEWLINE;
            // table header
            echo '<tr>' . K_NEWLINE;
            if (strlen($searchterms) > 0) {
                $filter .= '&amp;searchterms=' . urlencode($searchterms);
            }
            echo F_select_table_header_element('user_name', $nextorderdir, $l['h_login_name'], $l['w_user'], $order_field, $filter);
            echo F_select_table_header_element('user_lastname', $nextorderdir, $l['h_lastname'], $l['w_lastname'], $order_field, $filter);
            echo F_select_table_header_element('user_firstname', $nextorderdir, $l['h_firstname'], $l['w_firstname'], $order_field, $filter);
            echo F_select_table_header_element('user_email', $nextorderdir, $l['h_email'], $l['w_email'], $order_field, $filter);
            echo F_select_table_header_element('user_regnumber', $nextorderdir, $l['h_regcode'], $l['w_regcode'], $order_field, $filter);
            echo F_select_table_header_element('user_level', $nextorderdir, $l['h_level'], $l['w_level'], $order_field, $filter);
            echo F_select_table_header_element('user_regdate', $nextorderdir, $l['h_regdate'], $l['w_regdate'], $order_field, $filter);
            //echo '<th title="'.$l['h_group_name'].'">'.$l['w_groups'].'</th>'.K_NEWLINE;
            echo '</tr>' . K_NEWLINE;
            $itemcount = 0;
            do {
                $itemcount++;
                // on click the user ID will be returned on the calling form field
                $jsaction = 'javascript:window.opener.document.getElementById(\'' . $cid . '\').value=' . $m['user_id'] . ';';
                $jsaction .= 'window.opener.document.getElementById(\'' . $cid . '\').onchange();';
                $jsaction .= 'window.close();';
                echo '<tr>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;<a href="#" onclick="' . $jsaction . '" title="[' . $l['w_select'] . ']">' . htmlspecialchars($m['user_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</a></td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars($m['user_lastname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars($m['user_firstname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars($m['user_email'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars($m['user_regnumber'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '<td>&nbsp;' . $m['user_level'] . '</td>' . K_NEWLINE;
                echo '<td>&nbsp;' . htmlspecialchars($m['user_regdate'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                /*
                // comma separated list of user's groups
                $grp = '';
                $sqlg = 'SELECT *
                	FROM '.K_TABLE_GROUPS.', '.K_TABLE_USERGROUP.'
                	WHERE usrgrp_group_id=group_id
                		AND usrgrp_user_id='.$m['user_id'].'
                	ORDER BY group_name';
                if ($rg = F_db_query($sqlg, $db)) {
                	while ($mg = F_db_fetch_array($rg)) {
                		$grp .= $mg['group_name'].', ';
                	}
                } else {
                	F_display_db_error();
                }
                echo '<td style="text-align:'.$txtalign.';">&nbsp;'.htmlspecialchars(substr($grp,0,-2), ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
                */
                echo '</tr>' . K_NEWLINE;
            } while ($m = F_db_fetch_array($r));
            echo '</table>' . K_NEWLINE;
            echo '<input type="hidden" name="order_field" id="order_field" value="' . $order_field . '" />' . K_NEWLINE;
            echo '<input type="hidden" name="orderdir" id="orderdir" value="' . $orderdir . '" />' . K_NEWLINE;
            echo '<input type="hidden" name="firstrow" id="firstrow" value="' . $firstrow . '" />' . K_NEWLINE;
            echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="' . $rowsperpage . '" />' . K_NEWLINE;
            echo '<div class="row"><hr /></div>' . K_NEWLINE;
            // ---------------------------------------------------------------
            // -- page jumper (menu for successive pages)
            if ($rowsperpage > 0) {
                $sql = 'SELECT count(*) AS total FROM ' . K_TABLE_USERS . '' . $wherequery . '';
                if (!empty($order_field)) {
                    $param_array = '&amp;order_field=' . urlencode($order_field) . '';
                }
                if (!empty($orderdir)) {
                    $param_array .= '&amp;orderdir=' . $orderdir . '';
                }
                if (!empty($group_id)) {
                    $param_array .= '&amp;group_id=' . $group_id . '';
                }
                if (!empty($searchterms)) {
                    $param_array .= '&amp;searchterms=' . urlencode($searchterms) . '';
                }
                $param_array .= '&amp;submitted=1';
                F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
            }
            //echo '<div class="pagehelp">'.$l['hp_select_users'].'</div>'.K_NEWLINE;
            echo '</div>' . K_NEWLINE;
        } else {
            F_print_error('MESSAGE', $l['m_search_void']);
        }
    } else {
        F_display_db_error();
    }
    return TRUE;
}
コード例 #3
0
/**
 * Display user selection XHTML table (popup mode).
 * @author Nicola Asuni
 * @since 2012-04-14
 * @param $order_field (string) Order by column name.
 * @param $orderdir (int) Order direction.
 * @param $firstrow (int) Number of first row to display.
 * @param $rowsperpage (int) Number of rows per page.
 * @param $andwhere (string) Additional SQL WHERE query conditions.
 * @param $searchterms (string) Search terms.
 * @param string $cid ID of the calling form field.
 * @return false in case of empty database, true otherwise
 */
function F_show_select_test_popup($order_field, $orderdir, $firstrow, $rowsperpage, $andwhere = '', $searchterms = '', $cid = 0)
{
    global $l, $db;
    require_once '../config/tce_config.php';
    require_once '../../shared/code/tce_functions_page.php';
    require_once '../../shared/code/tce_functions_form.php';
    $filter = 'cid=' . $cid;
    if ($l['a_meta_dir'] == 'rtl') {
        $txtalign = 'right';
        $numalign = 'left';
    } else {
        $txtalign = 'left';
        $numalign = 'right';
    }
    $order_field = F_escape_sql($db, $order_field);
    $orderdir = intval($orderdir);
    $firstrow = intval($firstrow);
    $rowsperpage = intval($rowsperpage);
    if (empty($order_field) or !in_array($order_field, array('test_name', 'test_description', 'test_begin_time', 'test_end_time', 'test_duration_time', 'test_ip_range', 'test_results_to_users', 'test_report_to_users', 'test_score_right', 'test_score_wrong', 'test_score_unanswered', 'test_max_score', 'test_user_id', 'test_score_threshold', 'test_random_questions_select', 'test_random_questions_order', 'test_questions_order_mode', 'test_random_answers_select', 'test_random_answers_order', 'test_answers_order_mode', 'test_comment_enabled', 'test_menu_enabled', 'test_noanswer_enabled', 'test_mcma_radio', 'test_repeatable', 'test_mcma_partial_score', 'test_logout_on_timeout'))) {
        $order_field = 'test_begin_time DESC,test_name';
    }
    if ($orderdir == 0) {
        $nextorderdir = 1;
        $full_order_field = $order_field;
    } else {
        $nextorderdir = 0;
        $full_order_field = $order_field . ' DESC';
    }
    if (!F_count_rows(K_TABLE_TESTS)) {
        // if the table is void (no items) display message
        F_print_error('MESSAGE', $l['m_databasempty']);
        return FALSE;
    }
    $wherequery = '';
    if (empty($wherequery)) {
        $wherequery = ' WHERE';
    } else {
        $wherequery .= ' AND';
    }
    $wherequery .= ' (test_id>0)';
    if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
        $wherequery .= ' AND test_user_id IN (' . F_getAuthorizedUsers($_SESSION['session_user_id']) . ')';
    }
    if (!empty($andwhere)) {
        $wherequery .= ' AND (' . $andwhere . ')';
    }
    $sql = 'SELECT * FROM ' . K_TABLE_TESTS . $wherequery . ' ORDER BY ' . $full_order_field;
    if (K_DATABASE_TYPE == 'ORACLE') {
        $sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . '';
    } else {
        $sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . '';
    }
    if ($r = F_db_query($sql, $db)) {
        if ($m = F_db_fetch_array($r)) {
            // -- Table structure with links:
            echo '<div class="container">';
            echo '<table class="userselect" style="font-size:80%;">' . K_NEWLINE;
            // table header
            echo '<tr>' . K_NEWLINE;
            if (strlen($searchterms) > 0) {
                $filter .= '&amp;searchterms=' . urlencode($searchterms);
            }
            echo F_select_table_header_element('test_begin_time', $nextorderdir, $l['w_time_begin'] . ' ' . $l['w_datetime_format'], $l['w_time_begin'], $order_field, $filter);
            echo F_select_table_header_element('test_end_time', $nextorderdir, $l['w_time_end'] . ' ' . $l['w_datetime_format'], $l['w_time_end'], $order_field, $filter);
            echo F_select_table_header_element('test_name', $nextorderdir, $l['h_test_name'], $l['w_name'], $order_field, $filter);
            echo F_select_table_header_element('test_description', $nextorderdir, $l['h_test_description'], $l['w_description'], $order_field, $filter);
            echo '</tr>' . K_NEWLINE;
            $itemcount = 0;
            do {
                $itemcount++;
                // on click the user ID will be returned on the calling form field
                $jsaction = 'javascript:window.opener.document.getElementById(\'' . $cid . '\').value=' . $m['test_id'] . ';';
                $jsaction .= 'window.opener.document.getElementById(\'' . $cid . '\').onchange();';
                $jsaction .= 'window.close();';
                echo '<tr>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars($m['test_begin_time'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars($m['test_end_time'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;<a href="#" onclick="' . $jsaction . '" title="[' . $l['w_select'] . ']">' . htmlspecialchars($m['test_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</a></td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars($m['test_description'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '</tr>' . K_NEWLINE;
            } while ($m = F_db_fetch_array($r));
            echo '</table>' . K_NEWLINE;
            echo '<input type="hidden" name="order_field" id="order_field" value="' . $order_field . '" />' . K_NEWLINE;
            echo '<input type="hidden" name="orderdir" id="orderdir" value="' . $orderdir . '" />' . K_NEWLINE;
            echo '<input type="hidden" name="firstrow" id="firstrow" value="' . $firstrow . '" />' . K_NEWLINE;
            echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="' . $rowsperpage . '" />' . K_NEWLINE;
            echo '<div class="row"><hr /></div>' . K_NEWLINE;
            // ---------------------------------------------------------------
            // -- page jumper (menu for successive pages)
            if ($rowsperpage > 0) {
                $sql = 'SELECT count(*) AS total FROM ' . K_TABLE_TESTS . '' . $wherequery . '';
                if (!empty($order_field)) {
                    $param_array = '&amp;order_field=' . urlencode($order_field) . '';
                }
                if (!empty($orderdir)) {
                    $param_array .= '&amp;orderdir=' . $orderdir . '';
                }
                if (!empty($searchterms)) {
                    $param_array .= '&amp;searchterms=' . urlencode($searchterms) . '';
                }
                $param_array .= '&amp;submitted=1';
                F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
            }
            echo '</div>' . K_NEWLINE;
        } else {
            F_print_error('MESSAGE', $l['m_search_void']);
        }
    } else {
        F_display_db_error();
    }
    return TRUE;
}
コード例 #4
0
/**
 * Display user selection XHTML table.
 * @author Nicola Asuni
 * @since 2001-09-13
 * @param $order_field (string) order by column name
 * @param $orderdir (int) oreder direction
 * @param $firstrow (int) number of first row to display
 * @param $rowsperpage (int) number of rows per page
 * @param $group_id (int) id of the group (default = 0 = no specific group selected)
 * @param $andwhere (string) additional SQL WHERE query conditions
 * @param $searchterms (string) search terms
 * @return false in case of empty database, true otherwise
 */
function F_show_select_user($order_field, $orderdir, $firstrow, $rowsperpage, $group_id = 0, $andwhere = '', $searchterms = '')
{
    global $l, $db;
    require_once '../config/tce_config.php';
    require_once '../../shared/code/tce_functions_page.php';
    require_once '../../shared/code/tce_functions_form.php';
    $filter = '';
    if ($l['a_meta_dir'] == 'rtl') {
        $txtalign = 'right';
        $numalign = 'left';
    } else {
        $txtalign = 'left';
        $numalign = 'right';
    }
    $order_field = F_escape_sql($order_field);
    $orderdir = intval($orderdir);
    $firstrow = intval($firstrow);
    $rowsperpage = intval($rowsperpage);
    $group_id = intval($group_id);
    if (empty($order_field) or !in_array($order_field, array('user_id', 'user_name', 'user_password', 'user_email', 'user_regdate', 'user_ip', 'user_firstname', 'user_lastname', 'user_regnumber', 'user_level', 'user_verifycode'))) {
        $order_field = 'user_lastname,user_firstname';
    }
    if ($orderdir == 0) {
        $nextorderdir = 1;
        $full_order_field = $order_field;
    } else {
        $nextorderdir = 0;
        $full_order_field = $order_field . ' DESC';
    }
    if (!F_count_rows(K_TABLE_USERS)) {
        // if the table is void (no items) display message
        F_print_error('MESSAGE', $l['m_databasempty']);
        return FALSE;
    }
    $wherequery = '';
    if ($group_id > 0) {
        $wherequery = ', ' . K_TABLE_USERGROUP . ' WHERE user_id=usrgrp_user_id	AND usrgrp_group_id=' . $group_id . '';
        $filter .= '&amp;group_id=' . $group_id . '';
    }
    if (empty($wherequery)) {
        $wherequery = ' WHERE';
    } else {
        $wherequery .= ' AND';
    }
    $wherequery .= ' (user_id>1)';
    if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
        // filter for level
        $wherequery .= ' AND ((user_level<' . $_SESSION['session_user_level'] . ') OR (user_id=' . $_SESSION['session_user_id'] . '))';
        // filter for groups
        $wherequery .= ' AND user_id IN (SELECT tb.usrgrp_user_id
			FROM ' . K_TABLE_USERGROUP . ' AS ta, ' . K_TABLE_USERGROUP . ' AS tb
			WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
				AND ta.usrgrp_user_id=' . intval($_SESSION['session_user_id']) . '
				AND tb.usrgrp_user_id=user_id)';
    }
    if (!empty($andwhere)) {
        $wherequery .= ' AND (' . $andwhere . ')';
    }
    $sql = 'SELECT * FROM ' . K_TABLE_USERS . $wherequery . ' ORDER BY ' . $full_order_field;
    if (K_DATABASE_TYPE == 'ORACLE') {
        $sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . '';
    } else {
        $sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . '';
    }
    if ($r = F_db_query($sql, $db)) {
        if ($m = F_db_fetch_array($r)) {
            // -- Table structure with links:
            echo '<div class="container">';
            echo '<table class="userselect">' . K_NEWLINE;
            // table header
            echo '<tr>' . K_NEWLINE;
            echo '<th>&nbsp;</th>' . K_NEWLINE;
            if (strlen($searchterms) > 0) {
                $filter .= '&amp;searchterms=' . urlencode($searchterms);
            }
            echo F_select_table_header_element('user_name', $nextorderdir, $l['h_login_name'], $l['w_user'], $order_field, $filter);
            echo F_select_table_header_element('user_lastname', $nextorderdir, $l['h_lastname'], $l['w_lastname'], $order_field, $filter);
            echo F_select_table_header_element('user_firstname', $nextorderdir, $l['h_firstname'], $l['w_firstname'], $order_field, $filter);
            echo F_select_table_header_element('user_regnumber', $nextorderdir, $l['h_regcode'], $l['w_regcode'], $order_field, $filter);
            echo F_select_table_header_element('user_level', $nextorderdir, $l['h_level'], $l['w_level'], $order_field, $filter);
            echo F_select_table_header_element('user_regdate', $nextorderdir, $l['h_regdate'], $l['w_regdate'], $order_field, $filter);
            echo '<th title="' . $l['h_group_name'] . '">' . $l['w_groups'] . '</th>' . K_NEWLINE;
            echo '</tr>' . K_NEWLINE;
            $itemcount = 0;
            do {
                $itemcount++;
                echo '<tr>' . K_NEWLINE;
                echo '<td>';
                echo '<input type="checkbox" name="userid' . $itemcount . '" id="userid' . $itemcount . '" value="' . $m['user_id'] . '" title="' . $l['w_select'] . '"';
                if (isset($_REQUEST['checkall']) and $_REQUEST['checkall'] == 1) {
                    echo ' checked="checked"';
                }
                echo ' />';
                echo '</td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;<a href="tce_edit_user.php?user_id=' . $m['user_id'] . '" title="' . $l['w_edit'] . '">' . htmlspecialchars($m['user_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</a></td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars($m['user_lastname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars($m['user_firstname'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars($m['user_regnumber'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '<td>&nbsp;' . $m['user_level'] . '</td>' . K_NEWLINE;
                echo '<td>&nbsp;' . htmlspecialchars($m['user_regdate'], ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                // comma separated list of user's groups
                $grp = '';
                $sqlg = 'SELECT *
					FROM ' . K_TABLE_GROUPS . ', ' . K_TABLE_USERGROUP . '
					WHERE usrgrp_group_id=group_id
						AND usrgrp_user_id=' . $m['user_id'] . '
					ORDER BY group_name';
                if ($rg = F_db_query($sqlg, $db)) {
                    while ($mg = F_db_fetch_array($rg)) {
                        $grp .= $mg['group_name'] . ', ';
                    }
                } else {
                    F_display_db_error();
                }
                echo '<td style="text-align:' . $txtalign . ';">&nbsp;' . htmlspecialchars(substr($grp, 0, -2), ENT_NOQUOTES, $l['a_meta_charset']) . '</td>' . K_NEWLINE;
                echo '</tr>' . K_NEWLINE;
            } while ($m = F_db_fetch_array($r));
            echo '</table>' . K_NEWLINE;
            echo '<br />' . K_NEWLINE;
            echo '<input type="hidden" name="order_field" id="order_field" value="' . $order_field . '" />' . K_NEWLINE;
            echo '<input type="hidden" name="orderdir" id="orderdir" value="' . $orderdir . '" />' . K_NEWLINE;
            echo '<input type="hidden" name="firstrow" id="firstrow" value="' . $firstrow . '" />' . K_NEWLINE;
            echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="' . $rowsperpage . '" />' . K_NEWLINE;
            // check/uncheck all options
            echo '<span dir="ltr">';
            echo '<input type="radio" name="checkall" id="checkall1" value="1" onclick="document.getElementById(\'form_userselect\').submit()" />';
            echo '<label for="checkall1">' . $l['w_check_all'] . '</label> ';
            echo '<input type="radio" name="checkall" id="checkall0" value="0" onclick="document.getElementById(\'form_userselect\').submit()" />';
            echo '<label for="checkall0">' . $l['w_uncheck_all'] . '</label>';
            echo '</span>' . K_NEWLINE;
            echo '<br />' . K_NEWLINE;
            echo '<strong style="margin:5px">' . $l['m_with_selected'] . '</strong>' . K_NEWLINE;
            echo '<ul style="margin:0">';
            if ($_SESSION['session_user_level'] >= K_AUTH_DELETE_USERS) {
                // delete user
                echo '<li>';
                F_submit_button('delete', $l['w_delete'], $l['h_delete']);
                echo '</li>' . K_NEWLINE;
            }
            if ($_SESSION['session_user_level'] >= K_AUTH_ADMIN_GROUPS) {
                echo '<li>';
                // add/delete group
                echo F_user_group_select('new_group_id');
                F_submit_button('addgroup', $l['w_add'], $l['w_add']);
                if ($_SESSION['session_user_level'] >= K_AUTH_DELETE_GROUPS) {
                    F_submit_button('delgroup', $l['w_delete'], $l['h_delete']);
                }
                echo '</li>' . K_NEWLINE;
                if ($_SESSION['session_user_level'] >= K_AUTH_MOVE_GROUPS) {
                    // move group
                    echo '<li>';
                    if ($l['a_meta_dir'] == 'rtl') {
                        $arr = '&larr;';
                    } else {
                        $arr = '&rarr;';
                    }
                    echo F_user_group_select('from_group_id');
                    echo $arr;
                    echo F_user_group_select('to_group_id');
                    F_submit_button('move', $l['w_move'], $l['w_move']);
                    echo '</li>' . K_NEWLINE;
                }
            }
            echo '</ul>' . K_NEWLINE;
            echo '<div class="row"><hr /></div>' . K_NEWLINE;
            // ---------------------------------------------------------------
            // -- page jumper (menu for successive pages)
            if ($rowsperpage > 0) {
                $sql = 'SELECT count(*) AS total FROM ' . K_TABLE_USERS . '' . $wherequery . '';
                if (!empty($order_field)) {
                    $param_array = '&amp;order_field=' . urlencode($order_field) . '';
                }
                if (!empty($orderdir)) {
                    $param_array .= '&amp;orderdir=' . $orderdir . '';
                }
                if (!empty($group_id)) {
                    $param_array .= '&amp;group_id=' . $group_id . '';
                }
                if (!empty($searchterms)) {
                    $param_array .= '&amp;searchterms=' . urlencode($searchterms) . '';
                }
                $param_array .= '&amp;submitted=1';
                F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
            }
            echo '<div class="row">' . K_NEWLINE;
            echo '<br />';
            //echo '<a href="tce_xml_users.php" class="xmlbutton" title="'.$l['h_xml_export'].'">XML</a> ';
            //echo '<a href="tce_csv_users.php" class="xmlbutton" title="'.$l['h_csv_export'].'">CSV</a>';
            echo '</div>' . K_NEWLINE;
            echo '<div class="pagehelp">' . $l['hp_select_users'] . '</div>' . K_NEWLINE;
            echo '</div>' . K_NEWLINE;
        } else {
            F_print_error('MESSAGE', $l['m_search_void']);
        }
    } else {
        F_display_db_error();
    }
    return TRUE;
}
コード例 #5
0
/**
 * Display a list of selected questions.
 * @author Nicola Asuni
 * @since 2005-07-06
 * @param $wherequery (string) question selection query
 * @param $subject_module_id (string) module ID
 * @param $subject_id (string) topic ID
 * @param $order_field (string) order by column name
 * @param $orderdir (int) oreder direction
 * @param $firstrow (int) number of first row to display
 * @param $rowsperpage (int) number of rows per page
 * @param $hide_answers (boolean) if true hide answers
 * @return false in case of empty database, true otherwise
 */
function F_show_select_questions($wherequery, $subject_module_id, $subject_id, $order_field, $orderdir, $firstrow, $rowsperpage, $hide_answers = false)
{
    global $l, $db;
    require_once '../config/tce_config.php';
    require_once '../../shared/code/tce_functions_page.php';
    $subject_module_id = intval($subject_module_id);
    $subject_id = intval($subject_id);
    $orderdir = intval($orderdir);
    $firstrow = intval($firstrow);
    $rowsperpage = intval($rowsperpage);
    if (empty($order_field) or !in_array($order_field, array('question_id', 'question_subject_id', 'question_description', 'question_explanation', 'question_type', 'question_difficulty', 'question_enabled', 'question_position', 'question_timer', 'question_fullscreen', 'question_inline_answers', 'question_auto_next', 'question_enabled DESC, question_position, CAST(question_description as varchar2(100))', 'question_enabled DESC, question_position, question_description'))) {
        $order_field = 'question_description';
    }
    if ($orderdir == 0) {
        $nextorderdir = 1;
        $full_order_field = $order_field;
    } else {
        $nextorderdir = 0;
        $full_order_field = $order_field . ' DESC';
    }
    if (!F_count_rows(K_TABLE_QUESTIONS)) {
        //if the table is void (no items) display message
        F_print_error('MESSAGE', $l['m_databasempty']);
        return FALSE;
    }
    if (empty($wherequery)) {
        $wherequery = 'WHERE question_subject_id=' . $subject_id . '';
    } else {
        $wherequery = F_escape_sql($db, $wherequery);
        $wherequery .= ' AND question_subject_id=' . $subject_id . '';
    }
    $sql = 'SELECT *
		FROM ' . K_TABLE_QUESTIONS . '
		' . $wherequery . '
		ORDER BY ' . $full_order_field;
    if (K_DATABASE_TYPE == 'ORACLE') {
        $sql = 'SELECT * FROM (' . $sql . ') WHERE rownum BETWEEN ' . $firstrow . ' AND ' . ($firstrow + $rowsperpage) . '';
    } else {
        $sql .= ' LIMIT ' . $rowsperpage . ' OFFSET ' . $firstrow . '';
    }
    if ($r = F_db_query($sql, $db)) {
        $questlist = '';
        $itemcount = $firstrow;
        while ($m = F_db_fetch_array($r)) {
            $itemcount++;
            $questlist .= '<li>' . K_NEWLINE;
            $questlist .= '<strong>' . $itemcount . '.</strong> ';
            $questlist .= '<input type="checkbox" name="questionid' . $itemcount . '" id="questionid' . $itemcount . '" value="' . $m['question_id'] . '" title="' . $l['w_select'] . '"';
            if (isset($_REQUEST['checkall']) and $_REQUEST['checkall'] == 1) {
                $questlist .= ' checked="checked"';
            }
            $questlist .= ' />';
            // display question description
            if (F_getBoolean($m['question_enabled'])) {
                $questlist .= '<acronym class="onbox" title="' . $l['w_enabled'] . '">+</acronym>';
            } else {
                $questlist .= '<acronym class="offbox" title="' . $l['w_disabled'] . '">-</acronym>';
            }
            switch ($m['question_type']) {
                case 1:
                    $questlist .= ' <acronym class="offbox" title="' . $l['w_single_answer'] . '">S</acronym>';
                    break;
                case 2:
                    $questlist .= ' <acronym class="offbox" title="' . $l['w_multiple_answers'] . '">M</acronym>';
                    break;
                case 3:
                    $questlist .= ' <acronym class="offbox" title="' . $l['w_free_answer'] . '">T</acronym>';
                    break;
                case 4:
                    $questlist .= ' <acronym class="offbox" title="' . $l['w_ordering_answer'] . '">O</acronym>';
                    break;
            }
            $questlist .= ' <acronym class="offbox" title="' . $l['h_question_difficulty'] . '">' . $m['question_difficulty'] . '</acronym>';
            if ($m['question_position'] > 0) {
                $questlist .= ' <acronym class="onbox" title="' . $l['h_position'] . '">' . intval($m['question_position']) . '</acronym>';
            } else {
                $questlist .= ' <acronym class="offbox" title="' . $l['h_position'] . '">&nbsp;</acronym>';
            }
            if (F_getBoolean($m['question_fullscreen'])) {
                $questlist .= ' <acronym class="onbox" title="' . $l['w_fullscreen'] . ': ' . $l['w_enabled'] . '">F</acronym>';
            } else {
                $questlist .= ' <acronym class="offbox" title="' . $l['w_fullscreen'] . ': ' . $l['w_disabled'] . '">&nbsp;</acronym>';
            }
            if (F_getBoolean($m['question_inline_answers'])) {
                $questlist .= ' <acronym class="onbox" title="' . $l['w_inline_answers'] . ': ' . $l['w_enabled'] . '">I</acronym>';
            } else {
                $questlist .= ' <acronym class="offbox" title="' . $l['w_inline_answers'] . ': ' . $l['w_disabled'] . '">&nbsp;</acronym>';
            }
            if (F_getBoolean($m['question_auto_next'])) {
                $questlist .= ' <acronym class="onbox" title="' . $l['w_auto_next'] . ': ' . $l['w_enabled'] . '">A</acronym>';
            } else {
                $questlist .= ' <acronym class="offbox" title="' . $l['w_auto_next'] . ': ' . $l['w_disabled'] . '">&nbsp;</acronym>';
            }
            if ($m['question_timer'] > 0) {
                $questlist .= ' <acronym class="onbox" title="' . $l['h_question_timer'] . '">' . intval($m['question_timer']) . '</acronym>';
            } else {
                $questlist .= ' <acronym class="offbox" title="' . $l['h_question_timer'] . '">&nbsp;</acronym>';
            }
            $questlist .= ' <a href="tce_edit_question.php?subject_module_id=' . $subject_module_id . '&amp;question_subject_id=' . $subject_id . '&amp;question_id=' . $m['question_id'] . '" title="' . $l['t_questions_editor'] . ' [ID = ' . $m['question_id'] . ']" class="xmlbutton">' . $l['w_edit'] . '</a>';
            $questlist .= '<br /><br />' . K_NEWLINE;
            $questlist .= '<div class="paddingleft">' . F_decode_tcecode($m['question_description']) . '</div>' . K_NEWLINE;
            if (K_ENABLE_QUESTION_EXPLANATION and !empty($m['question_explanation'])) {
                $questlist .= '<div class="paddingleft"><br /><span class="explanation">' . $l['w_explanation'] . ':</span><br />' . F_decode_tcecode($m['question_explanation']) . '</div>' . K_NEWLINE;
            }
            if (!$hide_answers) {
                // display alternative answers
                $sqla = 'SELECT *
					FROM ' . K_TABLE_ANSWERS . '
					WHERE answer_question_id=\'' . $m['question_id'] . '\'
					ORDER BY answer_enabled DESC,answer_position,answer_isright DESC';
                if ($ra = F_db_query($sqla, $db)) {
                    $answlist = '';
                    while ($ma = F_db_fetch_array($ra)) {
                        $answlist .= '<li>';
                        if (F_getBoolean($ma['answer_enabled'])) {
                            $answlist .= '<acronym class="onbox" title="' . $l['w_enabled'] . '">+</acronym>';
                        } else {
                            $answlist .= '<acronym class="offbox" title="' . $l['w_disabled'] . '">-</acronym>';
                        }
                        if ($m['question_type'] != 4) {
                            if (F_getBoolean($ma['answer_isright'])) {
                                $answlist .= ' <acronym class="okbox" title="' . $l['h_answer_right'] . '">T</acronym>';
                            } else {
                                $answlist .= ' <acronym class="nobox" title="' . $l['h_answer_wrong'] . '">F</acronym>';
                            }
                        }
                        if ($ma['answer_position'] > 0) {
                            $answlist .= ' <acronym class="onbox" title="' . $l['h_position'] . '">' . intval($ma['answer_position']) . '</acronym>';
                        } else {
                            $answlist .= ' <acronym class="offbox" title="' . $l['h_position'] . '">&nbsp;</acronym>';
                        }
                        if ($ma['answer_keyboard_key'] > 0) {
                            $answlist .= ' <acronym class="onbox" title="' . $l['h_answer_keyboard_key'] . '">' . F_text_to_xml(chr($ma['answer_keyboard_key'])) . '</acronym>';
                        } else {
                            $answlist .= ' <acronym class="offbox" title="' . $l['h_answer_keyboard_key'] . '">&nbsp;</acronym>';
                        }
                        $answlist .= ' <a href="tce_edit_answer.php?subject_module_id=' . $subject_module_id . '&amp;question_subject_id=' . $subject_id . '&amp;answer_question_id=' . $m['question_id'] . '&amp;answer_id=' . $ma['answer_id'] . '" title="' . $l['t_answers_editor'] . ' [ID = ' . $ma['answer_id'] . ']" class="xmlbutton">' . $l['w_edit'] . '</a>';
                        //$answlist .= " ";
                        //$answlist .= "".F_decode_tcecode($ma['answer_description'])."";
                        $answlist .= '<br /><br />' . K_NEWLINE;
                        $answlist .= '<div class="paddingleft">' . F_decode_tcecode($ma['answer_description']) . '</div>' . K_NEWLINE;
                        if (K_ENABLE_ANSWER_EXPLANATION and !empty($ma['answer_explanation'])) {
                            $answlist .= '<div class="paddingleft"><br /><span class="explanation">' . $l['w_explanation'] . ':</span><br />' . F_decode_tcecode($ma['answer_explanation']) . '</div>' . K_NEWLINE;
                        }
                        $answlist .= '</li>' . K_NEWLINE;
                    }
                    if (strlen($answlist) > 0) {
                        $questlist .= "<ol class=\"answer\">\n" . $answlist . "</ol><br /><br />\n";
                    }
                } else {
                    F_display_db_error();
                }
            }
            // end if hide_answers
            $questlist .= '</li>' . K_NEWLINE;
        }
        if (strlen($questlist) > 0) {
            // display the list
            echo '<ul class="question">' . K_NEWLINE;
            echo $questlist;
            echo '</ul>' . K_NEWLINE;
            echo '<div class="row"><hr /></div>' . K_NEWLINE;
            // check/uncheck all options
            echo '<span dir="' . $l['a_meta_dir'] . '">';
            echo '<input type="radio" name="checkall" id="checkall1" value="1" onclick="document.getElementById(\'form_selectquestions\').submit()" />';
            echo '<label for="checkall1">' . $l['w_check_all'] . '</label> ';
            echo '<input type="radio" name="checkall" id="checkall0" value="0" onclick="document.getElementById(\'form_selectquestions\').submit()" />';
            echo '<label for="checkall0">' . $l['w_uncheck_all'] . '</label>';
            echo '</span>' . K_NEWLINE;
            echo '&nbsp;';
            if ($l['a_meta_dir'] == 'rtl') {
                $arr = '&larr;';
            } else {
                $arr = '&rarr;';
            }
            // action options
            echo '<select name="menu_action" id="menu_action" size="0">' . K_NEWLINE;
            echo '<option value="0" style="color:gray">' . $l['m_with_selected'] . '</option>' . K_NEWLINE;
            echo '<option value="enable">' . $l['w_enable'] . '</option>' . K_NEWLINE;
            echo '<option value="disable">' . $l['w_disable'] . '</option>' . K_NEWLINE;
            echo '<option value="delete">' . $l['w_delete'] . '</option>' . K_NEWLINE;
            echo '<option value="copy">' . $l['w_copy'] . ' ' . $arr . '</option>' . K_NEWLINE;
            echo '<option value="move">' . $l['w_move'] . ' ' . $arr . '</option>' . K_NEWLINE;
            echo '</select>' . K_NEWLINE;
            // select new topic (for copy or move action)
            echo '<select name="new_subject_id" id="new_subject_id" size="0" title="' . $l['h_subject'] . '">' . K_NEWLINE;
            $sql = F_select_module_subjects_sql('module_enabled=\'1\' AND subject_enabled=\'1\'');
            if ($r = F_db_query($sql, $db)) {
                echo '<option value="0" style="color:gray">' . $l['w_subject'] . '</option>' . K_NEWLINE;
                $prev_module_id = 0;
                while ($m = F_db_fetch_array($r)) {
                    if ($m['module_id'] != $prev_module_id) {
                        $prev_module_id = $m['module_id'];
                        echo '<option value="0" style="color:gray;font-weight:bold;" disabled="disabled">* ' . htmlspecialchars($m['module_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</option>' . K_NEWLINE;
                    }
                    echo '<option value="' . $m['subject_id'] . '">&nbsp;&nbsp;&nbsp;&nbsp;' . htmlspecialchars($m['subject_name'], ENT_NOQUOTES, $l['a_meta_charset']) . '</option>' . K_NEWLINE;
                }
            } else {
                echo '</select>' . K_NEWLINE;
                F_display_db_error();
            }
            echo '</select>' . K_NEWLINE;
            // submit button
            F_submit_button("update", $l['w_update'], $l['h_update']);
        }
        // ---------------------------------------------------------------
        // -- page jumper (menu for successive pages)
        if ($rowsperpage > 0) {
            $sql = 'SELECT count(*) AS total FROM ' . K_TABLE_QUESTIONS . ' ' . $wherequery . '';
            if (!empty($order_field)) {
                $param_array = '&amp;order_field=' . urlencode($order_field) . '';
            }
            if (!empty($orderdir)) {
                $param_array .= '&amp;orderdir=' . $orderdir . '';
            }
            if (!empty($hide_answers)) {
                $param_array .= '&amp;hide_answers=' . intval($hide_answers) . '';
            }
            $param_array .= '&amp;subject_module_id=' . $subject_module_id . '';
            $param_array .= '&amp;subject_id=' . $subject_id . '';
            $param_array .= '&amp;submitted=1';
            F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
        }
    } else {
        F_display_db_error();
    }
    return TRUE;
}