$page = $total_pages; } $start = $limit * $page - $limit; if ($start < 0) { $start = 0; } if (!$sidx) { $sidx = 1; } $users = User::get_by_sql("SELECT * FROM " . T_USERS . " ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}"); if (isset($_GET['searchString']) && isset($_GET['searchField'])) { $searchString = $_GET['searchString']; $searchField = $_GET['searchField']; $users = User::get_by_sql("SELECT * FROM " . T_USERS . " WHERE " . $searchField . " LIKE '%" . $searchString . "%' ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}"); } else { $users = User::get_by_sql("SELECT * FROM " . T_USERS . " ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}"); } header("Content-type: text/xml;charset=utf-8"); $s = "<?xml version='1.0' encoding='utf-8'?>"; $s .= "<rows>"; $s .= "<page>" . $page . "</page>"; $s .= "<total>" . $total_pages . "</total>"; $s .= "<records>" . $count . "</records>"; foreach ($users as $user) { $userlevel = ""; switch ($user->level) { case 0: $userlevel = "ADMIN"; break; case 1: $userlevel = "EVALUATOR";
<?php require_once "../../includes/initialize.php"; $users = User::get_by_sql("SELECT * FROM " . T_USERS . " WHERE " . C_USER_GROUP_ID . "=" . $session->user_group_id); $s = "<table>"; $s .= "<tr>"; // $s .= "<td>ID</td>"; $s .= "<td>GROUP</td>"; $s .= "<td>USERNAME</td>"; // $s .= "<td>LEVEL</td>"; // $s .= "<td>PASSWORD</td>"; $s .= "<td>NAME</td>"; $s .= "<td>PICTURE</td>"; // $s .= "<td>ACCESS TOKEN</td>"; $s .= "<td>EMAIL</td>"; // $s .= "<td>ACCESS</td>"; $s .= "</tr>"; foreach ($users as $user) { $s .= "<tr>"; // $s .= "<td>". $user->id."</td>"; $s .= "<td>" . Group::get_by_id($session->user_group_id)->name . "</td>"; $s .= "<td>" . $user->username . "</td>"; // $s .= "<td>". $user->level."</td>"; // $s .= "<td>". $user->password."</td>"; $s .= "<td>" . $user->name . "</td>"; $image_source = "../groups/" . Group::get_by_id($session->user_group_id)->name . "/files/users/" . $user->picture; $s .= "<td><img src=" . $image_source . " height='30' /></td>"; // $s .= "<td>". $user->access_token."</td>"; $s .= "<td>" . $user->email . "</td>"; // $s .= "<td>". $user->access."</td>"; $s .= "</tr>";
$fb_user_id = $facebook->getUser(); $loginURLParams = array('scope' => 'email', 'redirect_uri' => HOSTNAME . 'public/functions/loginfb.php'); $loginURL = $facebook->getLoginUrl($loginURLParams); $logoutURLParams = array('next' => HOSTNAME . 'public/functions/logout.php'); $logoutURL = $facebook->getLogoutUrl($logoutURLParams); if ($session->is_logged_in()) { $user = User::get_by_id($session->user_id); } $message = ""; if (isset($_POST['btnsend'])) { if (isset($_POST['subject']) && isset($_POST['message'])) { $subject = $_POST['subject']; $body = $_POST['message']; $from_name = "Admin - Kelly Escape"; $from_email = "*****@*****.**"; $users = User::get_by_sql("SELECT * FROM " . T_USERS . " WHERE " . C_USER_EMAIL . " NOT LIKE '%_@__%.__%' OR " . C_USER_EMAIL . " IS NOT NULL"); foreach ($users as $user) { send_email($user->email, $subject, $body, $from_name, $from_email); } $logs = new Logs(); if ($session->is_logged_in()) { $logs->user_id = $session->user_id; } else { $logs->user_id = 0; } $logs->platform = "WEB PORTAL"; $logs->type = "ANNOUNCED"; $logs->create(); $message = "Announcement sent."; } else { $message = "All the fields are required. Please fill them all in.";
<?php require_once "../includes/initialize.php"; global $session; if (!$session->is_logged_in()) { redirect_to("index.php"); } $rows = User::get_by_sql("SELECT * FROM " . T_USERS . " WHERE " . C_USER_USERNAME . "='" . $_POST['username'] . "'"); if ($_POST['oper'] == 'add') { if (count($rows) > 0) { die("exists"); } $user = new User(); $user->name = $_POST['name']; $user->username = $_POST['username']; $user->password = $_POST['password']; $user->level = $_POST['level']; $user->create(); } else { if ($_POST['oper'] == 'edit') { $user = User::get_by_id($_POST['id']); $user->name = $_POST['name']; $user->username = $_POST['username']; $user->password = $_POST['password']; $user->level = $_POST['level']; $user->update(); } else { if ($_POST['oper'] == 'del') { if ($_POST['id'] == $session->user_id) { die("cannot delete yourself"); }