function test_add_member() { // NOTE, interface change on add_member, remove_member. $this->assertTrue(groups_add_member($this->groupid, $this->userid)); $this->assertTrue(groups_is_member($this->groupid, $this->userid)); $this->assertTrue($userids = groups_get_members($this->groupid)); //... $this->assertTrue($groupids = groups_get_groups_for_user($this->userid, $this->courseid)); //... $this->assertTrue(1 == groups_count_group_members($this->groupid)); //Utillib. }
/** * Determines if a user is in more than one group in a grouping * @param int $userid The id of the user * @param int $groupingid The id of the grouping * @return boolean True if the user is in more than one group, false otherwise * or if an error occurred. */ function groups_user_is_in_multiple_groups($userid, $groupingid) { $inmultiplegroups = false; //TODO: $courseid? $groupids = groups_get_groups_for_user($courseid); if ($groupids != false) { $groupinggroupids = array(); foreach ($groupids as $groupid) { if (groups_belongs_to_grouping($groupid, $groupingid)) { array_push($groupinggroupids, $groupid); } } if (count($groupinggroupids) > 1) { $inmultiplegroups = true; } } return $inmultiplegroups; }
/** * Obtains the current group (see groups_m_get_and_set_current) either as an ID or object. * @param object $cm Course-module object * @param bool $full If true, returns group object rather than ID * @return mixed Group ID (default) or object */ function groups_m_get_current($cm, $full = false) { global $SESSION; if (isset($SESSION->currentgroupinggroup[$cm->course][$cm->groupingid])) { $currentgroup = $SESSION->currentgroupinggroup[$cm->course][$cm->groupingid]; } else { global $USER; if ($cm->groupingid) { $mygroupids = groups_get_groups_for_user_in_grouping($USER->id, $cm->groupingid); } else { $mygroupids = groups_get_groups_for_user($USER->id, $cm->course); } if (!$mygroupids) { return false; } $currentgroup = array_shift($mygroupids); $SESSION->currentgroupinggroup[$cm->course][$cm->groupingid] = $currentgroup; } if ($full) { return groups_get_group($currentgroup, false); } else { return $currentgroup; } }
} else { $navigation = ''; } $stropenmeetingsaudiences = get_string("modulenameplural", "openmeetingsaudience"); $stropenmeetingsaudience = get_string("modulename", "openmeetingsaudience"); print_header("{$course->shortname}: {$openmeetingsaudience->name}", "{$course->fullname}", "{$navigation} <a href=index.php?id={$course->id}>{$stropenmeetingsaudiences}</a> -> {$openmeetingsaudience->name}", "", "", true, update_module_button($cm->id, $course->id, $stropenmeetingsaudience), navmenu($course, $cm)); /// Print the main part of the page //print_simple_box_start('center', '100%', '#ffffff', 10); $colors = array("FFFF00", "CCCC00", "FFCC00", "CC9933", "996600", "FF9900", "CC9966", "CC6600", "996633", "663300", "FF6600", "CC6633", "993300", "660000", "FF6633", "CC3300", "FF3300", "FF0000", "CC0000", "990000", "FF3333", "FF0033", "CC0033", "CC6666", "CC3333", "993333", "990033", "330000", "FF3366", "FF0066", "CC3366", "996666", "663333", "9966CC", "9966FF", "6600CC", "6633CC", "663399", "330033", "3333FF", "3300FF", "3300CC", "3333CC", "000099", "000066", "99CCCC", "66CCCC", "339999", "669999", "006666", "336666", "66CC66", "669966", "336633", "003300", "006600", "CCCC66", "CCCC33", "999966", "999933", "999900", "666600"); $colorid = rand(0, 61); $sitelink = str_replace("http://", "", $CFG->wwwroot); $moduleid = get_record("modules", "name", "openmeetingsaudience"); $coursedata = get_record("course_modules", "course", $cm->course, "module", $moduleid->id, "instance", $cm->instance); if ($coursedata->groupmode != 0 && empty($g)) { //print_r (groups_get_groups($cm->course)); $usergroups = groups_get_groups_for_user($USER->id, $cm->course); if (count($usergroups) > 1) { $table->head = array("Your Groups"); $table->align = array("center"); $groupstitles = ""; foreach ($usergroups as $usergroup) { $groupdata = get_record("groups", "id", $usergroup); $groupstitles .= '<a href="view.php?id=' . $id . '&g=' . $usergroup . '">' . $groupdata->name . '</a><br />'; } $table->data[] = array($groupstitles); print_table($table); $show = "false"; } else { $thelink = $sitelink . "/" . $course->id . "/" . $cm->instance . "/" . $usergroups[0]; } } else {
/** * Gets the groups for the current user and specified course * @param int $courseid The id of the course * @param int $usedatabase Set to true if the information is to be obtained * directly * from the database, false if it is to be obtained from the $USER object. * @return array An array of the groupids. */ function groups_get_groups_for_current_user($courseid) { global $USER; $groupids = groups_get_groups_for_user($USER->id, $courseid); return $groupids; }
/** * who has this capability in this context * does not handling user level resolving!!! * i.e 1 person has 2 roles 1 allow, 1 prevent, this will not work properly * @param $context - object * @param $capability - string capability * @param $fields - fields to be pulled * @param $sort - the sort order * @param $limitfrom - number of records to skip (offset) * @param $limitnum - number of records to fetch * @param $groups - single group or array of groups - group(s) user is in * @param $exceptions - list of users to exclude */ function internalmail_get_users_by_capability($context, $capability, $fields = '', $sort = 'u.firstname', $limitfrom = '', $limitnum = '', $groups = '', $exceptions = '', $doanything = true, $search = '', $firstinitial = '', $lastinitial = '') { global $CFG, $USER, $COURSE; /// Sorting out groups if ($groups !== '') { $groupjoin = 'INNER JOIN ' . $CFG->prefix . 'groups_members gm ON gm.userid = ra.userid'; if (is_array($groups)) { $groupsql = 'AND gm.groupid IN (' . implode(',', $groups) . ')'; } else { if ($groups == 0) { if (!has_capability('block/email_list:viewallgroups', $context) && $COURSE->groupmode == 1) { $groupids = groups_get_groups_for_user($USER->id, $COURSE->id); $groupsql = 'AND gm.groupid IN (' . implode(',', $groupids) . ')'; } else { $groupsql = ''; } } else { $groupsql = 'AND gm.groupid = ' . $groups; } } } else { $groupjoin = ''; $groupsql = ''; } /// Sorting out exceptions $exceptionsql = $exceptions ? "AND u.id NOT IN ({$exceptions})" : ''; /// Set up default fields if (empty($fields)) { $fields = 'u.*, ul.timeaccess as lastaccess, ra.hidden'; } /// Set up default sort if (empty($sort)) { $sortby = 'ul.timeaccess'; } $sortby = $sort ? " ORDER BY {$sort} " : ''; /// If context is a course, then construct sql for ul if ($context->contextlevel == CONTEXT_COURSE) { $courseid = $context->instanceid; $coursesql = "AND (ul.courseid = {$courseid} OR ul.courseid IS NULL)"; } else { $coursesql = ''; } $LIKE = sql_ilike(); $fullname = sql_fullname(); $search_sql = ''; if (!empty($search)) { $search = trim($search); $search_sql .= " AND ({$fullname} {$LIKE} '%{$search}%' OR email {$LIKE} '%{$search}%' OR username {$LIKE} '%{$search}%' OR idnumber {$LIKE} '%{$search}%') "; } if ($firstinitial) { $search_sql .= ' AND firstname ' . $LIKE . ' \'' . $firstinitial . '%\''; } if ($lastinitial) { $search_sql .= ' AND lastname ' . $LIKE . ' \'' . $lastinitial . '%\''; } /// Sorting out roles with this capability set if ($possibleroles = get_roles_with_capability($capability, CAP_ALLOW, $context)) { if (!$doanything) { if (!($sitecontext = get_context_instance(CONTEXT_SYSTEM))) { return false; // Something is seriously wrong } $doanythingroles = get_roles_with_capability('moodle/site:doanything', CAP_ALLOW, $sitecontext); } $validroleids = array(); foreach ($possibleroles as $possiblerole) { if (!$doanything) { if (isset($doanythingroles[$possiblerole->id])) { // We don't want these included continue; } } if ($caps = role_context_capabilities($possiblerole->id, $context, $capability)) { // resolved list if (isset($caps[$capability]) && $caps[$capability] > 0) { // resolved capability > 0 $validroleids[] = $possiblerole->id; } } } if (empty($validroleids)) { return false; } $roleids = '(' . implode(',', $validroleids) . ')'; } else { return false; // No need to continue, since no roles have this capability set } /// Construct the main SQL $select = " SELECT {$fields}"; $from = " FROM {$CFG->prefix}user u\r\n INNER JOIN {$CFG->prefix}role_assignments ra ON ra.userid = u.id\r\n INNER JOIN {$CFG->prefix}role r ON r.id = ra.roleid\r\n LEFT OUTER JOIN {$CFG->prefix}user_lastaccess ul ON ul.userid = u.id\r\n {$groupjoin}"; $where = " WHERE ra.contextid " . get_related_contexts_string($context) . "\r\n AND u.deleted = 0\r\n AND ra.roleid in {$roleids}\r\n {$exceptionsql}\r\n {$coursesql}\r\n {$groupsql}\r\n {$search_sql}"; return get_records_sql($select . $from . $where . $sortby, $limitfrom, $limitnum); }
/** * This function show all participants of one course. Choose user/s to sent mail. * * @uses $CFG, $USER * @param int $courseid Course ID * @param int $roleid Role ID * @param int $currentgroup Current group * @return Array Users to sending mail. * @todo Finish documenting this function */ function email_choose_users_to_send($courseid, $roleid, $currentgroup) { global $CFG, $USER; if (!($course = get_record('course', 'id', $courseid))) { print_error('invalidcourseid', 'block_email_list'); } // Prepare users to choose us if ($courseid) { if ($course->id == SITEID) { $context = get_context_instance(CONTEXT_SYSTEM, SITEID); // SYSTEM context } else { $context = get_context_instance(CONTEXT_COURSE, $course->id); // Course context } // Security issue $sitecontext = get_context_instance(CONTEXT_SYSTEM); $frontpagectx = get_context_instance(CONTEXT_COURSE, SITEID); if ($context->id != $frontpagectx->id) { require_capability('moodle/course:viewparticipants', $context); } else { require_capability('moodle/site:viewparticipants', $sitecontext); } $rolesnames = array(); $avoidroles = array(); if ($roles = get_roles_used_in_context($context, true)) { $canviewroles = get_roles_with_capability('moodle/course:view', CAP_ALLOW, $context); $doanythingroles = get_roles_with_capability('moodle/site:doanything', CAP_ALLOW, $sitecontext); if (!$CFG->email_add_admins) { $adminsroles = get_roles_with_capability('moodle/legacy:admin', CAP_ALLOW, $sitecontext); } foreach ($roles as $role) { if (!isset($canviewroles[$role->id])) { // Avoid this role (eg course creator) $avoidroles[] = $role->id; unset($roles[$role->id]); continue; } if (isset($doanythingroles[$role->id])) { // Avoid this role (ie admin) $avoidroles[] = $role->id; unset($roles[$role->id]); continue; } if (!$CFG->email_add_admins) { if (isset($adminsroles[$role->id])) { // Avoid this role (ie admin) $avoidroles[] = $role->id; unset($roles[$role->id]); continue; } } // Prevent - CONTRIB-609 if (function_exists('role_get_name')) { $rolenames[$role->id] = strip_tags(role_get_name($role, $context)); // Used in menus etc later on } else { $rolenames[$role->id] = strip_tags(format_string($role->name)); // Used in menus etc later on } } } // we are looking for all users with this role assigned in this context or higher if ($usercontexts = get_parent_contexts($context)) { $listofcontexts = '(' . implode(',', $usercontexts) . ')'; } else { $listofcontexts = '(' . $sitecontext->id . ')'; // must be site } if ($roleid) { $selectrole = " AND r.roleid = {$roleid} "; } else { $selectrole = " "; } if ($context->id != $frontpagectx->id) { $select = 'SELECT DISTINCT u.id, u.username, u.firstname, u.lastname '; } else { $select = 'SELECT u.id, u.username, u.firstname, u.lastname '; } if ($context->id != $frontpagectx->id) { $from = "FROM {$CFG->prefix}user u\n\t LEFT OUTER JOIN {$CFG->prefix}context ctx\n\t ON (u.id=ctx.instanceid AND ctx.contextlevel = " . CONTEXT_USER . ")\n\t JOIN {$CFG->prefix}role_assignments r\n\t ON u.id=r.userid\n\t LEFT OUTER JOIN {$CFG->prefix}user_lastaccess ul\n\t ON (r.userid=ul.userid and ul.courseid = {$course->id}) "; } else { $from = "FROM {$CFG->prefix}user u\n\t LEFT OUTER JOIN {$CFG->prefix}context ctx\n\t ON (u.id=ctx.instanceid AND ctx.contextlevel = " . CONTEXT_USER . ") "; } $hiddensql = has_capability('moodle/role:viewhiddenassigns', $context) ? '' : ' AND r.hidden = 0 '; // exclude users with roles we are avoiding if ($avoidroles) { $adminroles = 'AND r.roleid NOT IN ('; $adminroles .= implode(',', $avoidroles); $adminroles .= ')'; } else { $adminroles = ''; } // join on 2 conditions // otherwise we run into the problem of having records in ul table, but not relevant course // and user record is not pulled out if ($context->id != $frontpagectx->id) { $where = "WHERE (r.contextid = {$context->id} OR r.contextid in {$listofcontexts})\n\t AND u.deleted = 0 {$selectrole}\n\t AND (ul.courseid = {$course->id} OR ul.courseid IS NULL)\n\t AND u.username != 'guest'\n\t {$adminroles}\n\t {$hiddensql} "; } else { $where = "WHERE u.deleted = 0\n\t AND u.username != 'guest'"; } if ($currentgroup and $course->groupmode != 0) { // Displaying a group by choice $from .= 'LEFT JOIN ' . $CFG->prefix . 'groups_members gm ON u.id = gm.userid '; // $currentgroup can be an array of groups id if (is_array($currentgroup)) { $where .= ' AND gm.groupid IN (' . implode(',', $currentgroup) . ') '; } else { if ($currentgroup == 0) { if (!has_capability('block/email_list:viewallgroups', $context) && $COURSE->groupmode == 1) { $groupids = groups_get_groups_for_user($USER->id, $COURSE->id); $where .= 'AND gm.groupid IN (' . implode(',', $groupids) . ')'; } } else { $where .= 'AND gm.groupid = ' . $currentgroup; } } $where .= ' AND gm.groupid = ' . $currentgroup; } $sort = ' ORDER BY u.firstname, u.lastname'; $userlist = get_records_sql($select . $from . $where . $sort); if ($userlist) { foreach ($userlist as $user) { $unselectedusers[$user->id] = addslashes(fullname($user, has_capability('moodle/site:viewfullnames', $context))); } } /// If there are multiple Roles in the course, then show a drop down menu for switching if (count($rolenames) > 1) { echo '<div class="rolesform">'; echo get_string('currentrole', 'role') . ': '; $rolenames = array(0 => get_string('all')) + $rolenames; popup_form("{$CFG->wwwroot}/blocks/email_list/email/participants.php?id={$courseid}&group={$currentgroup}&contextid={$context->id}&roleid=", $rolenames, 'rolesform', $roleid, ''); echo '</div>'; } // Prints group selector for users with a viewallgroups capability if course groupmode is separate echo '<br />'; groups_print_course_menu($course, $CFG->wwwroot . '/blocks/email_list/email/participants.php?id=' . $course->id); echo '<br /><br />'; } // Prepare tags $straddusersto = get_string('addusersto', 'block_email_list'); $stradduserscc = get_string('cc', 'block_email_list'); $straddusersbcc = get_string('bcc', 'block_email_list'); $stradd = get_string('ok'); $strto = get_string('to', 'block_email_list'); $strcc = get_string('cc', 'block_email_list'); $strbcc = get_string('bcc', 'block_email_list'); $strselectedusersremove = get_string('selectedusersremove', 'block_email_list'); $straction = get_string('selectaction', 'block_email_list'); $strcancel = get_string('cancel'); // Create an object for define parametrer $options = new stdClass(); $options->id = $courseid; // Prepare url $toform = email_build_url($options, true); -($url = $CFG->wwwroot . '/blocks/email_list/email/sendmail.php'); if ($options) { $urlhtml = email_build_url($options); } include_once 'participants.html'; }
echo '<form method="post" action="search.php?id=' . $id . '&pop=si&group=' . $selgroup . '" target="bssearch">' . '<input id="sfield" type="text" name="search" value="" />' . '<input type="submit" name="doit" value="' . get_string('search') . '"/>' . '</form>'; echo '</ul></div>'; // Prints group selector for users with a viewallgroups capability if course groupmode is separate if ($course->groupmode == 1 || $course->groupmode == 2) { // Prints all groups if user can see them all if (has_capability('block/email_list:viewallgroups', $context) || $course->groupmode == 2) { $groups = groups_groupids_to_groups(groups_get_groups($course->id), $course->id); $groupsmode = $course->groupmode; $currentgroup = $selgroup; $urlroot = $CFG->wwwroot . '/email/contacts/list.php?id=' . $course->id; $showall = 1; echo '<br/>'; print_group_menu($groups, $groupsmode, $currentgroup, $urlroot, $showall); } else { // Prints only groups current user is a participant of $usergroups = groups_get_groups_for_user($USER->id, $course->id); // Shows a Show all users to users in multiple groups $showall = 0; if (count($usergroups) > 1) { $showall = 1; } $usergroups = groups_groupids_to_groups($usergroups, $course->id); $urlroot = $CFG->wwwroot . '/email/contacts/list.php?id=' . $course->id; echo '<br/>'; print_group_menu($usergroups, $course->groupmode, $selgroup, $urlroot, $showall); } } //--------- l'frame echo '<hr />'; echo '<div id="search_res"></div>' . '<iframe id="idsearch" name="bssearch" src="search.php?id=' . $id . '&pop=si&group=' . $selgroup . '" style="display:none;"></iframe>' . "\n\n"; // '<iframe id="idsearch" name="isearch" src="search.php?id='.$cm->id.'&cid='.$course->id.'" style="display:none;"></iframe>';
print_header("{$strpersonalprofile}: ", "{$strpersonalprofile}: ", "<a href=\"../course/view.php?id={$course->id}\">{$course->shortname}</a> ->\n <a href=\"index.php?id={$course->id}\">{$strparticipants}</a> -> {$fullname}", "", "", true, " ", navmenu($course)); print_heading(get_string('notenrolled', '', $fullname)); } else { print_header("{$strpersonalprofile}: ", "{$strpersonalprofile}: ", "<a href=\"../course/view.php?id={$course->id}\">{$course->shortname}</a> ->\n <a href=\"index.php?id={$course->id}\">{$strparticipants}</a> -> {$struser}", "", "", true, " ", navmenu($course)); print_heading(get_string('notenrolledprofile')); } print_continue($_SERVER['HTTP_REFERER']); print_footer($course); exit; } } // If groups are in use, make sure we can see that group if (groupmode($course) == SEPARATEGROUPS and !has_capability('moodle/site:accessallgroups', $coursecontext)) { require_login(); ///this is changed because of mygroupid $gtrue = (bool) groups_get_groups_for_user($user->id, $course->id); /*TODO: $gtrue = false; if ($mygroups = mygroupid($course->id)){ foreach ($mygroups as $group){ if (ismember($group, $user->id)){ $gtrue = true; } } }*/ if (!$gtrue) { print_header("{$strpersonalprofile}: ", "{$strpersonalprofile}: ", "<a href=\"../course/view.php?id={$course->id}\">{$course->shortname}</a> ->\n <a href=\"index.php?id={$course->id}\">{$strparticipants}</a>", "", "", true, " ", navmenu($course)); error(get_string("groupnotamember"), "../course/view.php?id={$course->id}"); } } } /// We've established they can see the user's name at least, so what about the rest?
/** * Prepares array of recent activity in course forums * * Returns all forum posts since a given time. If forum and/or user is specified then * this restricts the results. * * @param array &$activities An array of objects representing recent activites * @param int &$index ??? * @param int $sincetime Searches only for a activitity since this timestamp * @param int $courseid Searches only for a activitity in a given course module (default 0 means all) * @param string $user Searches only for a user's activity (given by username) * @param array $groupid Searches only for an activity in particular groups * @return No return value but modifies &$activities and &$index */ function forum_get_recent_mod_activity(&$activities, &$index, $sincetime, $courseid, $cmid = "0", $user = "", $groupid = "") { global $CFG, $USER, $COURSE; if ($cmid) { $forumselect = " AND cm.id = '{$cmid}'"; } else { $forumselect = ""; } if ($user) { $userselect = " AND u.id = '{$user}'"; } else { $userselect = ""; } if (is_numeric($groupid)) { // the behaviour of mygroupid() has been changed so we are getting array now $groupid = array($groupid); } $posts = get_records_sql("SELECT p.*, d.name, u.firstname, u.lastname, u.username,\n u.picture, d.groupid, cm.instance, f.name,\n cm.section, cm.id AS cmid\n FROM {$CFG->prefix}forum_posts p,\n {$CFG->prefix}forum_discussions d,\n {$CFG->prefix}user u,\n {$CFG->prefix}course_modules cm,\n {$CFG->prefix}forum f\n WHERE p.modified > '{$sincetime}' {$forumselect}\n AND p.userid = u.id {$userselect}\n AND d.course = '{$courseid}'\n AND p.discussion = d.id\n AND cm.instance = f.id\n AND cm.course = d.course\n AND cm.course = f.course\n AND f.id = d.forum\n ORDER BY p.discussion ASC,p.created ASC"); if (empty($posts)) { return; } $groupmode = array(); // To cache group modes of particular forums $cm = array(); // To cache course modules $mygroupids = groups_get_groups_for_user($USER->id, $COURSE->id) or $mygroupids = array(); foreach ($posts as $post) { $modcontext = get_context_instance(CONTEXT_MODULE, $post->cmid); // Check whether this post belongs to a discussion in a group that // should NOT be accessible to the current user // Open discussions have groupid -1 if (!has_capability('moodle/site:accessallgroups', $modcontext) && $post->groupid != -1) { if (!isset($cm[$post->cmid])) { $cm[$post->cmid] = get_coursemodule_from_instance('forum', $post->cmid, $courseid); } if (!isset($groupmode[$post->cmid])) { $groupmode[$post->cmid] = groupmode($COURSE, $cm[$post->cmid]); } if ($groupmode[$post->cmid] == SEPARATEGROUPS) { if (!in_array($post->groupid, $mygroupids)) { continue; } } } // the user wants to restrict results on selected group only if (is_array($groupid) && !in_array($post->groupid, $groupid)) { continue; } $tmpactivity = new Object(); $tmpactivity->type = "forum"; $tmpactivity->defaultindex = $index; $tmpactivity->instance = $post->instance; $tmpactivity->name = $post->name; $tmpactivity->section = $post->section; $tmpactivity->content->id = $post->id; $tmpactivity->content->discussion = $post->discussion; $tmpactivity->content->subject = $post->subject; $tmpactivity->content->parent = $post->parent; $tmpactivity->user->userid = $post->userid; $tmpactivity->user->fullname = fullname($post); $tmpactivity->user->picture = $post->picture; $tmpactivity->timestamp = $post->modified; $activities[] = $tmpactivity; $index++; } return; }
// and user record is not pulled out if ($context->id != $frontpagectx->id) { $where = "WHERE (r.contextid = {$context->id} OR r.contextid in {$listofcontexts})\n\t AND u.deleted = 0 {$selectrole}\n\t AND (ul.courseid = {$course->id} OR ul.courseid IS NULL)\n\t AND u.username != 'guest'\n\t {$adminroles}\n\t {$hiddensql} "; } else { $where = "WHERE u.deleted = 0\n\t AND u.username != 'guest'"; } if ($currentgroup and $course->groupmode != 0) { // Displaying a group by choice $from .= 'LEFT JOIN ' . $CFG->prefix . 'groups_members gm ON u.id = gm.userid '; // $currentgroup can be an array of groups id if (is_array($currentgroup)) { $where .= ' AND gm.groupid IN (' . implode(',', $currentgroup) . ') '; } else { if ($currentgroup == 0) { if (!has_capability('block/email_list:viewallgroups', $context) && $COURSE->groupmode == 1) { $groupids = groups_get_groups_for_user($USER->id, $COURSE->id); $where .= 'AND gm.groupid IN (' . implode(',', $groupids) . ')'; } } else { $where .= 'AND gm.groupid = ' . $currentgroup; } } $where .= ' AND gm.groupid = ' . $currentgroup; } $sort = ' ORDER BY u.firstname, u.lastname'; // Searching users $sqlsearch = ''; $like = sql_ilike(); // General search if (!empty($search)) { $sqlsearch = ' AND (u.firstname ' . $like . ' \'%' . $search . '%\' OR u.lastname ' . $like . ' \'%' . $search . '%\')';