/** * Displays the global ranking list. * * @param int $page Page of the ranking list to be displayed. */ public function index_action($page = 1) { $vis_query = get_vis_query('b'); // Calculate offsets $max_per_page = get_config('ENTRIES_PER_PAGE'); if ($page < 1) { $page = 1; } $offset = max(0, ($page - 1) * $max_per_page); // Liste aller die mutig (oder eitel?) genug sind $query = "SELECT SQL_CALC_FOUND_ROWS a.user_id,username,score,geschlecht, {$GLOBALS['_fullname_sql']['full']} AS fullname\n FROM user_info AS a\n LEFT JOIN auth_user_md5 AS b USING (user_id)\n WHERE score > 0 AND locked = 0 AND {$vis_query}\n ORDER BY score DESC\n LIMIT " . (int) $offset . "," . (int) $max_per_page; $result = DBManager::get()->fetchAll($query); $count = DBManager::get()->fetchColumn("SELECT FOUND_ROWS()"); $persons = array(); foreach ($result as $row) { $row['is_king'] = StudipKing::is_king($row['user_id'], true); $persons[$row['user_id']] = $row; } $persons = Score::getScoreContent($persons); $this->persons = array_values($persons); $this->numberOfPersons = $count; $this->page = $page; $this->offset = $offset; $this->max_per_page = $max_per_page; $this->current_user = User::findCurrent(); $this->current_user_score = Score::getMyScore($this->current_user); // Set up sidebar and helpbar $sidebar = Sidebar::get(); $sidebar->setImage('sidebar/medal-sidebar.png'); $actions = new OptionsWidget(); $actions->addCheckbox(_('Ihren Wert veröffentlichen'), $this->current_user->score, $this->url_for('score/publish'), $this->url_for('score/unpublish')); $sidebar->addWidget($actions); $helpbar = Helpbar::get(); }
/** * returns a sql-string appropriate for the searchtype of the current class * * @return string */ private function getSQL() { switch ($this->search) { case "username": $this->extendedLayout = true; return "SELECT DISTINCT auth_user_md5.username, CONCAT(auth_user_md5.Vorname, \" \", auth_user_md5.Nachname), auth_user_md5.perms, auth_user_md5.username " . "FROM auth_user_md5 LEFT JOIN user_info ON (user_info.user_id = auth_user_md5.user_id) " . "WHERE (CONCAT(auth_user_md5.Vorname, \" \", auth_user_md5.Nachname) LIKE :input " . "OR CONCAT(auth_user_md5.Nachname, \" \", auth_user_md5.Vorname) LIKE :input " . "OR CONCAT(auth_user_md5.Nachname, \", \", auth_user_md5.Vorname) LIKE :input " . "OR auth_user_md5.username LIKE :input) AND " . get_vis_query() . " ORDER BY Vorname, Nachname"; case "user_id": $this->extendedLayout = true; return "SELECT DISTINCT auth_user_md5.user_id, CONCAT(auth_user_md5.Vorname, \" \", auth_user_md5.Nachname), auth_user_md5.perms, auth_user_md5.username " . "FROM auth_user_md5 LEFT JOIN user_info ON (user_info.user_id = auth_user_md5.user_id) " . "WHERE (CONCAT(auth_user_md5.Vorname, \" \", auth_user_md5.Nachname) LIKE :input " . "OR CONCAT(auth_user_md5.Nachname, \" \", auth_user_md5.Vorname) LIKE :input " . "OR CONCAT(auth_user_md5.Nachname, \", \", auth_user_md5.Vorname) LIKE :input " . "OR auth_user_md5.username LIKE :input) AND " . get_vis_query() . " ORDER BY Vorname, Nachname"; case "Seminar_id": return "SELECT DISTINCT seminare.Seminar_id, seminare.Name " . "FROM seminare " . "LEFT JOIN seminar_user ON (seminar_user.Seminar_id = seminare.Seminar_id AND seminar_user.status = 'dozent') " . "LEFT JOIN auth_user_md5 ON (auth_user_md5.user_id = seminar_user.user_id) " . "WHERE (seminare.Name LIKE :input " . "OR CONCAT(auth_user_md5.Vorname, ' ', auth_user_md5.Nachname) LIKE :input " . "OR seminare.VeranstaltungsNummer LIKE :input " . "OR seminare.Untertitel LIKE :input " . "OR seminare.Beschreibung LIKE :input " . "OR seminare.Ort LIKE :input " . "OR seminare.Sonstiges LIKE :input) " . "AND seminare.visible = 1 " . "AND seminare.status NOT IN ('" . implode("', '", studygroup_sem_types()) . "') " . (Config::get()->IMPORTANT_SEMNUMBER ? "ORDER BY seminare.VeranstaltungsNummer, seminare.Name" : "ORDER BY seminare.Name"); case "Arbeitsgruppe_id": return "SELECT DISTINCT seminare.Seminar_id, seminare.Name " . "FROM seminare " . "LEFT JOIN seminar_user ON (seminar_user.Seminar_id = seminare.Seminar_id AND seminar_user.status = 'dozent') " . "LEFT JOIN auth_user_md5 ON (auth_user_md5.user_id = seminar_user.user_id) " . "WHERE (seminare.Name LIKE :input " . "OR CONCAT(auth_user_md5.Vorname, ' ', auth_user_md5.Nachname) LIKE :input " . "OR seminare.VeranstaltungsNummer LIKE :input " . "OR seminare.Untertitel LIKE :input " . "OR seminare.Beschreibung LIKE :input " . "OR seminare.Ort LIKE :input " . "OR seminare.Sonstiges LIKE :input) " . "AND seminare.visible = 1 " . "AND seminare.status IN ('" . implode("', '", studygroup_sem_types()) . "') " . "ORDER BY seminare.Name"; case "Institut_id": return "SELECT DISTINCT Institute.Institut_id, Institute.Name " . "FROM Institute " . "LEFT JOIN range_tree ON (range_tree.item_id = Institute.Institut_id) " . "WHERE Institute.Name LIKE :input " . "OR Institute.Strasse LIKE :input " . "OR Institute.email LIKE :input " . "OR range_tree.name LIKE :input " . "ORDER BY Institute.Name"; } }
public function index_action($verify_action = null) { if (Request::submitted('store')) { $this->check_ticket(); if (Request::get('new_smsforward_rec')) { $this->user->smsforward_rec = get_userid(Request::get('new_smsforward_rec')); $this->user->smsforward_copy = 1; } else { if (Request::int('smsforward_copy') && !$this->user->smsforward_copy) { $this->user->smsforward_copy = 1; } else { if (!Request::int('smsforward_copy') && $this->user->smsforward_copy) { $this->user->smsforward_copy = 0; } } } $this->user->email_forward = Request::int('send_as_email'); $this->user->store(); // write to user config table $this->config->store('ONLINE_NAME_FORMAT', Request::option('online_format')); $this->config->store('MAIL_AS_HTML', Request::int('mail_format')); $settings = $this->settings; $settings['sms_sig'] = Request::get('sms_sig'); $settings['logout_markreaded'] = Request::int('logout_markreaded'); $settings['save_snd'] = Request::int('save_snd', 2); $settings['request_mail_forward'] = Request::int('request_mail_forward', 0); $this->config->store('MESSAGING_SETTINGS', $settings); $this->reportSuccess(_('Ihre Einstellungen wurden erfolgreich gespeichert.')); $this->redirect('settings/messaging'); } if (!$this->user->smsforward_rec && Request::submitted('gosearch')) { $vis_query = get_vis_query('auth_user_md5'); $query = "SELECT user_id, username, {$GLOBALS['_fullname_sql']['full_rev']} AS fullname, perms\n FROM auth_user_md5\n LEFT JOIN user_info USING (user_id)\n WHERE (username LIKE CONCAT('%', :needle, '%') OR\n Vorname LIKE CONCAT('%', :needle, '%') OR\n Nachname LIKE CONCAT('%', :needle, '%'))\n AND user_id != :user_id AND {$vis_query}\n ORDER BY Nachname ASC"; $statement = DBManager::get()->prepare($query); $statement->bindValue(':needle', Request::get('search_exp')); $statement->bindValue(':user_id', $this->user->user_id); $statement->execute(); $matches = $statement->fetchAll(PDO::FETCH_ASSOC); } else { $matches = false; } $this->matches = $matches; $this->verify_action = $verify_action; }
/** * displays a paginated member overview of a studygroup * * @param string id of a studypgroup * @param string page number the current page * * @return void * */ function members_action() { $id = $_SESSION['SessionSeminar']; PageLayout::setTitle(getHeaderLine($_SESSION['SessionSeminar']) . ' - ' . _("Teilnehmende")); Navigation::activateItem('/course/members'); PageLayout::setHelpKeyword('Basis.StudiengruppenBenutzer'); Request::set('choose_member_parameter', $this->flash['choose_member_parameter']); object_set_visit_module('participants'); $this->last_visitdate = object_get_visit($id, 'participants'); $sem = Course::find($id); $this->anzahl = StudygroupModel::countMembers($id); $this->groupname = $sem->getFullname(); $this->sem_id = $id; $this->groupdescription = $sem->beschreibung; $this->moderators = $sem->getMembersWithStatus('dozent'); $this->tutors = $sem->getMembersWithStatus('tutor'); $this->autors = $sem->getMembersWithStatus('autor'); $this->accepted = $sem->admission_applicants->findBy('status', 'accepted'); $this->sem_class = Course::findCurrent()->getSemClass(); $inviting_search = new SQLSearch("SELECT auth_user_md5.user_id, {$GLOBALS['_fullname_sql']['full_rev']} as fullname, username, perms " . "FROM auth_user_md5 " . "LEFT JOIN user_info ON (auth_user_md5.user_id = user_info.user_id) " . "LEFT JOIN seminar_user ON (auth_user_md5.user_id = seminar_user.user_id AND seminar_user.Seminar_id = '" . addslashes($id) . "') " . "WHERE perms NOT IN ('root', 'admin') " . "AND " . get_vis_query() . " AND (username LIKE :input OR Vorname LIKE :input " . "OR CONCAT(Vorname,' ',Nachname) LIKE :input " . "OR CONCAT(Nachname,' ',Vorname) LIKE :input " . "OR Nachname LIKE :input OR {$GLOBALS['_fullname_sql']['full_rev']} LIKE :input) " . "ORDER BY fullname ASC", _("Nutzer suchen"), "user_id"); $this->rechte = $GLOBALS['perm']->have_studip_perm("tutor", $id); $actions = new ActionsWidget(); if ($this->rechte) { $mp = MultiPersonSearch::get('studygroup_invite_' . $id)->setLinkText(_('Neue Gruppenmitglieder-/innen einladen'))->setLinkIconPath("")->setTitle(_('Neue Gruppenmitglieder/-innen einladen'))->setExecuteURL($this->url_for('course/studygroup/execute_invite/' . $id, array('view' => Request::get('view'))))->setSearchObject($inviting_search)->addQuickfilter(_('Adressbuch'), User::findCurrent()->contacts->pluck('user_id'))->setNavigationItem('/course/members')->render(); $element = LinkElement::fromHTML($mp, Icon::create('community+add', 'clickable')); $actions->addElement($element); } if ($this->rechte || $sem->getSemClass()['studygroup_mode']) { $actions->addLink(_('Nachricht an alle Gruppenmitglieder verschicken'), $this->url_for('course/studygroup/message/' . $id), Icon::create('mail', 'clickable'), array('data-dialog' => 1)); } if ($actions->hasElements()) { Sidebar::get()->addWidget($actions); } $this->invitedMembers = StudygroupModel::getInvitations($id); }
$all_semes = array_reverse(SemesterData::GetSemesterArray()); $query = "SELECT Seminar_id, Name\n FROM seminar_user\n LEFT JOIN seminare USING (Seminar_id)\n WHERE user_id = ? AND (seminare.modules & 8) {$exclude_sem}\n AND (start_time <= ? AND (? <= (start_time + duration_time) OR duration_time = -1))\n ORDER BY start_time DESC"; $statement = DBManager::get()->prepare($query); foreach ($all_semes as $sem) { if (!$sem['semester_id']) { continue; } $statement->execute(array($user->id, $sem['beginn'], $sem['beginn'])); while ($row = $statement->fetch(PDO::FETCH_ASSOC)) { $courses[$sem['name']][] = array('id' => $row['Seminar_id'], 'name' => my_substr($row['Name'], 0, 40)); } } } $template->set_attribute('institutes', $institutes); $template->set_attribute('courses', $courses); $vis_query = get_vis_query('auth_user_md5', 'search') . ' AS visible'; // quick search $search_object = new SQLSearch("SELECT username, CONCAT(Vorname, ' ', Nachname, ' (', username, ')'), CONCAT(Vorname, ' ', Nachname), {$vis_query}" . " FROM auth_user_md5 LEFT JOIN user_visibility USING (user_id)" . " WHERE ( " . " CONCAT(Vorname, ' ', Nachname) LIKE :input OR " . " CONCAT(Nachname, ' ', Vorname) LIKE :input OR" . " CONCAT(Nachname, ', ', Vorname) LIKE :input)" . " HAVING visible = 1" . " ORDER BY Nachname, Vorname", _('Personen suchen'), 'username'); $template->set_attribute('search_object', $search_object); /* --- Results -------------------------------------------------------------- */ $fields = array($_fullname_sql['full_rev'] . ' AS fullname', 'username', 'perms', 'auth_user_md5.user_id', $vis_query); $tables = array('auth_user_md5', 'LEFT JOIN user_info USING (user_id)', 'LEFT JOIN user_visibility USING (user_id)'); $parameters = array(); if ($inst_id) { $query = "SELECT 1 FROM user_inst WHERE Institut_id = ? AND user_id = ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($inst_id, $user->id)); $check = $statement->fetchColumn(); // entweder wir gehoeren auch zum Institut oder sind global admin if ($check || $perm->have_perm('admin')) { $fields[] = 'user_inst.inst_perms';
/** * retrieve a list of all online users * * @global object $user * @global array $_fullname_sql * * @param int $active_time filter: the time in minutes until last life-sign * @param string $name_format format the fullname shall have * * @return array */ function get_users_online($active_time = 5, $name_format = 'full_rev') { if (!isset($GLOBALS['_fullname_sql'][$name_format])) { $name_format = reset(array_keys($GLOBALS['_fullname_sql'])); } $query = "SELECT a.username AS temp, a.username, {$GLOBALS['_fullname_sql'][$name_format]} AS name,\n ABS(CAST(UNIX_TIMESTAMP() AS SIGNED) - CAST(last_lifesign AS SIGNED)) AS last_action,\n a.user_id, IF(owner_id IS NOT NULL, 1, 0) AS is_buddy, " . get_vis_query('a', 'online') . " AS is_visible\n FROM user_online uo\n JOIN auth_user_md5 a ON (a.user_id = uo.user_id)\n LEFT JOIN user_info ON (user_info.user_id = uo.user_id)\n LEFT JOIN user_visibility ON (user_visibility.user_id = uo.user_id)\n LEFT JOIN contact ON (owner_id = ? AND contact.user_id = a.user_id)\n WHERE last_lifesign > ? AND uo.user_id <> ?\n ORDER BY {$GLOBALS['_fullname_sql'][$name_format]} ASC"; $statement = DBManager::get()->prepare($query); $statement->execute(array($GLOBALS['user']->id, time() - $active_time * 60, $GLOBALS['user']->id)); $online = $statement->fetchGrouped(); // measure users online if ($active_time === 10) { Metrics::gauge('core.users_online', sizeof($online)); } return $online; }
function adminList() { $template = $this->template_factory->open('adminList'); $sql = "SELECT Institute.Name AS institute,\n {$GLOBALS['_fullname_sql']['full']} AS fullname,\n auth_user_md5.Email, auth_user_md5.username\n FROM user_inst\n LEFT JOIN Institute ON (user_inst.institut_id = Institute.Institut_id)\n LEFT JOIN auth_user_md5 USING (user_id)\n LEFT JOIN user_info USING (user_id)\n WHERE inst_perms = 'admin'\n AND " . get_vis_query() . "\n ORDER BY Institute.Name, auth_user_md5.Nachname, auth_user_md5.Vorname"; $result = $this->db->query($sql); if ($result->rowCount() > 0) { $template->admins = $result->fetchAll(PDO::FETCH_ASSOC); } else { $template->error = TRUE; } return $template->render(); }