0byt3m1n1
Path:
/
data
/
applications
/
aps
/
xoops
/
2.3.2b-6
/
standard
/
htdocs
/
include
/
[
Home
]
File: findusers.php
<?php /** * user selection * * limit: Only work with javascript enabled * TODO: plugins for external applications, including but not limited: sending massive emails/PMs, membership edit * * @copyright The XOOPS project http://www.xoops.org/ * @license http://www.fsf.org/copyleft/gpl.html GNU public license * @author Taiwen Jiang (phppp or D.J.) <php_pp@hotmail.com> * @since 1.00 * @version $Id$ */ include "../mainfile.php"; xoops_header(false); $denied = true; if (!empty($_REQUEST['token'])) { if ($GLOBALS['xoopsSecurity']->validateToken($_REQUEST['token'], false)) { $denied = false; } } elseif ( is_object($xoopsUser) && $xoopsUser->isAdmin() ) { $denied = false; } if ($denied) { xoops_error(_NOPERM); exit(); } $token = @$_REQUEST["token"]; $name_form = 'memberslist'; $name_userid = 'uid' . ( @$_REQUEST['multiple'] ? "[]" : "" ); $name_username = 'uname' . ( @$_REQUEST['multiple'] ? "[]" : "" ); if (!@include_once XOOPS_ROOT_PATH."/language/".$xoopsConfig["language"]."/findusers.php") { include_once XOOPS_ROOT_PATH."/language/english/findusers.php"; } class XoopsRank extends XoopsObject { function __construct() { $this->XoopsRank(); } function XoopsRank() { $this->XoopsObject(); $this->initVar('rank_id', XOBJ_DTYPE_INT, null, false); $this->initVar('rank_title', XOBJ_DTYPE_TXTBOX, null, false); $this->initVar('rank_min', XOBJ_DTYPE_INT, 0); $this->initVar('rank_max', XOBJ_DTYPE_INT, 0); $this->initVar('rank_special', XOBJ_DTYPE_INT, 0); $this->initVar('rank_image', XOBJ_DTYPE_TXTBOX, ""); } } class XoopsRankHandler extends XoopsObjectHandler { function __construct(&$db) { $this->XoopsRankHandler($db); } function XoopsRankHandler(&$db) { $this->XoopsObjectHandler($db); } function &create($isNew = true) { $obj =& new XoopsRank(); if ($isNew === true) { $obj->setNew(); } return $obj; } function &get($id = 0) { $object =& $this->create(false); $sql = "SELECT * FROM " . $this->db->prefix('ranks') . " WHERE rank_id = " . $this->db->quoteString($id); if (!$result = $this->db->query($sql)) { $ret = null; return $ret; } while ($row = $this->db->fetchArray($result)) { $object->assignVars($row); } return $object; } function getList($criteria = null, $limit = 0, $start = 0) { $ret = array(); if ($criteria == null) { $criteria = new CriteriaCompo(); } $sql = 'SELECT rank_id, rank_title FROM '.$this->db->prefix('ranks'); if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) { $sql .= ' '.$criteria->renderWhere(); if ($criteria->getSort() != '') { $sql .= ' ORDER BY '.$criteria->getSort().' '.$criteria->getOrder(); } $limit = $criteria->getLimit(); $start = $criteria->getStart(); } $result = $this->db->query($sql, $limit, $start); if (!$result) { return $ret; } $myts =& MyTextSanitizer::getInstance(); while ($myrow = $this->db->fetchArray($result)) { $ret[$myrow["rank_id"]] = $myts->htmlSpecialChars($myrow["rank_title"]); } return $ret; } } class XoUser extends XoopsUser { function __construct() { $this->XoUser(); } function XoUser() { $this->XoopsUser(); $unsets = array("actkey", "pass", "theme", "umode", "uorder", "notify_mode"); foreach($unsets as $var) { unset($this->vars[$var]); } } } class XoUserHandler extends XoopsObjectHandler { function __construct(&$db) { $this->XoUserHandler($db); } function XoUserHandler(&$db) { $this->XoopsObjectHandler($db); } function &create($isNew = true) { $obj =& new XoUser(); if ($isNew === true) { $obj->setNew(); } return $obj; } function getCount($criteria = null, $groups = array()) { if (!is_array($groups)) { $groups = array($groups); } $groups = array_filter($groups); if (empty($groups)) { $sql = ' SELECT COUNT(DISTINCT u.uid) FROM '.$this->db->prefix('users'). ' AS u'. ' WHERE 1=1'; } else { $sql = ' SELECT COUNT(DISTINCT u.uid) FROM '.$this->db->prefix('users'). ' AS u'. ' LEFT JOIN '.$this->db->prefix('groups_users_link'). ' AS g ON g.uid = u.uid'. ' WHERE g.groupid IN ('.implode(', ', array_map('intval', $groups)).')'; } if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) { // Use the direct renderer, assuming no `uid` in criteria if ($render = $criteria->render()) { $sql .= ' AND '.$render; } } $result = $this->db->query($sql); list($count) = $this->db->fetchRow($result); return $count; } function getAll($criteria = null, $groups = array()) { if (!is_array($groups)) { $groups = array($groups); } $groups = array_filter($groups); $limit = null; $start = null; if (empty($groups)) { $sql = ' SELECT u.* FROM '.$this->db->prefix('users'). ' AS u'. ' WHERE 1=1'; } else { $sql = ' SELECT u.* FROM '.$this->db->prefix('users'). ' AS u'. ' LEFT JOIN '.$this->db->prefix('groups_users_link'). ' AS g ON g.uid = u.uid'. ' WHERE g.groupid IN ('.implode(', ', array_map('intval', $groups)).')'; } if (isset($criteria) && is_subclass_of($criteria, "criteriaelement")) { if ($render = $criteria->render()) { $sql .= ' AND '.$render; } if ($sort = $criteria->getSort()) { $sql .= " ORDER BY ".$sort." ".$criteria->getOrder(); $orderSet = true; } $limit = $criteria->getLimit(); $start = $criteria->getStart(); } if (empty($orderSet)) $sql .= " ORDER BY u.uid ASC"; $result = $this->db->query($sql, $limit, $start); $ret = array(); while ($myrow = $this->db->fetchArray($result)) { $object =& $this->create(false); $object->assignVars($myrow); $ret[$myrow["uid"]] = $object; unset($object); } return $ret; } } $rank_handler = new XoopsRankHandler($xoopsDB); $user_handler = new XoUserHandler($xoopsDB); $items_match = array( "uname" => _MA_USER_UNAME, "name" => _MA_USER_REALNAME, "email" => _MA_USER_EMAIL, "user_icq" => _MA_USER_ICQ, "user_aim" => _MA_USER_AIM, "user_yim" => _MA_USER_YIM, "user_msnm" => _MA_USER_MSNM ); $items_range = array( "user_regdate" => _MA_USER_RANGE_USER_REGDATE, "last_login" => _MA_USER_RANGE_LAST_LOGIN, "posts" => _MA_USER_RANGE_POSTS, ); define("FINDUSERS_MODE_SIMPLE", 0); define("FINDUSERS_MODE_ADVANCED", 1); define("FINDUSERS_MODE_QUERY", 2); $modes = array( FINDUSERS_MODE_SIMPLE => _MA_USER_MODE_SIMPLE, FINDUSERS_MODE_ADVANCED => _MA_USER_MODE_ADVANCED, FINDUSERS_MODE_QUERY => _MA_USER_MODE_QUERY, ); if ( empty($_POST["user_submit"]) ) { include_once XOOPS_ROOT_PATH."/class/xoopsformloader.php"; $form = new XoopsThemeForm(_MA_USER_FINDUS, "uesr_findform", "findusers.php", 'post', true); $mode = intval( @$_REQUEST["mode"] ); if ( FINDUSERS_MODE_QUERY == $mode ) { $form->addElement(new XoopsFormTextArea(_MA_USER_QUERY, "query", @$_POST["query"])); } else { if ( FINDUSERS_MODE_ADVANCED == $mode ) { foreach ($items_match as $var => $title) { $text = new XoopsFormText("", $var, 30, 100, @$_POST[$var]); $match = new XoopsFormSelectMatchOption("", "{$var}_match", @$_POST["{$var}_match"]); $match_tray = new XoopsFormElementTray($title, " "); $match_tray->addElement($match); $match_tray->addElement($text); $form->addElement($match_tray); unset($text, $match, $match_tray); } $url_text = new XoopsFormText(_MA_USER_URLC, "url", 30, 100, @$_POST["url"]); $location_text = new XoopsFormText(_MA_USER_LOCATION, "user_from", 30, 100, @$_POST["user_from"]); $occupation_text = new XoopsFormText(_MA_USER_OCCUPATION, "user_occ", 30, 100, @$_POST["user_occ"]); $interest_text = new XoopsFormText(_MA_USER_INTEREST, "user_intrest", 30, 100, @$_POST["user_intrest"]); foreach ($items_range as $var => $title) { $more = new XoopsFormText("", "{$var}_more", 10, 5, @$_POST["{$var}_more"]); $less = new XoopsFormText("", "{$var}_less", 10, 5, @$_POST["{$var}_less"]); $range_tray = new XoopsFormElementTray($title, " - "); $range_tray->addElement($less); $range_tray->addElement($more); $form->addElement($range_tray); unset($more, $less, $range_tray); } $mailok_radio = new XoopsFormRadio(_MA_USER_SHOWMAILOK, "user_mailok", empty($_POST["user_mailok"]) ? "both" : $_POST["user_mailok"]); $mailok_radio->addOptionArray(array("mailok"=>_MA_USER_MAILOK, "mailng"=>_MA_USER_MAILNG, "both"=>_MA_USER_BOTH)); $avatar_radio = new XoopsFormRadio(_MA_USER_HASAVATAR, "user_avatar", empty($_POST["user_avatar"]) ? "both" : $_POST["user_avatar"]); $avatar_radio->addOptionArray(array("y"=>_YES, "n"=>_NO, "both"=>_MA_USER_BOTH)); $level_radio = new XoopsFormRadio(_MA_USER_LEVEL, "level", @$_POST["level"]); $levels = array( 0 => _ALL, 1 => _MA_USER_LEVEL_ACTIVE, 2 => _MA_USER_LEVEL_INACTIVE , 3 => _MA_USER_LEVEL_DISABLED); $level_radio->addOptionArray($levels); $member_handler =& xoops_gethandler('member'); $groups = $member_handler->getGroupList(); $groups[0] = _ALL; $group_select = new XoopsFormSelect(_MA_USER_GROUP, 'groups', @$_POST['groups'], 3, true); $group_select->addOptionArray($groups); $ranks = $rank_handler->getList(); $ranks[0] = _ALL; $rank_select = new XoopsFormSelect(_MA_USER_RANK, 'rank', intval( @$_POST['rank'] )); $rank_select->addOptionArray($ranks); $form->addElement($url_text); $form->addElement($location_text); $form->addElement($occupation_text); $form->addElement($interest_text); $form->addElement($mailok_radio); $form->addElement($avatar_radio); $form->addElement($level_radio); $form->addElement($group_select); $form->addElement($rank_select); } else { foreach (array("uname", "email") as $var) { $title = $items_match[$var]; $text = new XoopsFormText("", $var, 30, 100, @$_POST[$var]); $match = new XoopsFormSelectMatchOption("", "{$var}_match", @$_POST["{$var}_match"]); $match_tray = new XoopsFormElementTray($title, " "); $match_tray->addElement($match); $match_tray->addElement($text); $form->addElement($match_tray); unset($text, $match, $match_tray); } } $sort_select = new XoopsFormSelect(_MA_USER_SORT, "user_sort", @$_POST["user_sort"]); $sort_select->addOptionArray(array("uname"=>_MA_USER_UNAME, "last_login"=>_MA_USER_LASTLOGIN, "user_regdate"=>_MA_USER_REGDATE, "posts"=>_MA_USER_POSTS)); $order_select = new XoopsFormSelect(_MA_USER_ORDER, "user_order", @$_POST["user_order"]); $order_select->addOptionArray(array("ASC"=>_MA_USER_ASC,"DESC"=>_MA_USER_DESC)); $form->addElement($sort_select); $form->addElement($order_select); } $form->addElement( new XoopsFormText(_MA_USER_LIMIT, "limit", 6, 6, empty($_REQUEST["limit"]) ? 50 : intval($_REQUEST["limit"])) ); $form->addElement( new XoopsFormHidden("mode", $mode) ); $form->addElement( new XoopsFormHidden("target", @$_REQUEST["target"]) ); $form->addElement( new XoopsFormHidden("multiple", @$_REQUEST["multiple"]) ); $form->addElement( new XoopsFormHidden("token", $token) ); $form->addElement( new XoopsFormButton("", "user_submit", _SUBMIT, "submit") ); $acttotal = $user_handler->getCount(new Criteria('level', 0, '>')); $inacttotal = $user_handler->getCount(new Criteria('level', 0, '<=')); echo "</html><body>"; echo "<h2 style='text-align:left;'>"._MA_USER_FINDUS." - ".$modes[$mode]."</h2>"; $modes_switch = array(); foreach ($modes as $_mode => $title) { if ($mode == $_mode) continue; $modes_switch[] = "<a href='findusers.php?target=".htmlspecialchars(@$_REQUEST["target"], ENT_QUOTES)."&multiple=".htmlspecialchars(@$_REQUEST["multiple"], ENT_QUOTES)."&token=".htmlspecialchars($token, ENT_QUOTES)."&mode={$_mode}'>{$title}</a>"; } echo "<h4>".implode(" | ", $modes_switch)."</h4>"; echo "(".sprintf(_MA_USER_ACTUS, "<span style='color:#ff0000;'>$acttotal</span>")." ".sprintf(_MA_USER_INACTUS, "<span style='color:#ff0000;'>$inacttotal</span>").")"; $form->display(); } else { $myts =& MyTextSanitizer::getInstance(); $limit = empty($_POST['limit']) ? 50 : intval( $_POST['limit'] ); $start = intval( @$_POST['start'] ); if (!isset($_POST["query"])) { $criteria = new CriteriaCompo(); foreach (array_keys($items_match) as $var) { if ( !empty($_POST[$var]) ) { $match = (!empty($_POST["{$var}_match"])) ? intval($_POST["{$var}_match"]) : XOOPS_MATCH_START; $value = str_replace("_", "\\\_", $myts->addSlashes(trim($_POST[$var]))); switch ($match) { case XOOPS_MATCH_START: $criteria->add(new Criteria($var, $value.'%', 'LIKE')); break; case XOOPS_MATCH_END: $criteria->add(new Criteria($var, '%'.$value, 'LIKE')); break; case XOOPS_MATCH_EQUAL: $criteria->add(new Criteria($var, $value)); break; case XOOPS_MATCH_CONTAIN: $criteria->add(new Criteria($var, '%'.$value.'%', 'LIKE')); break; } } } if ( !empty($_POST['url']) ) { $url = formatURL(trim($_POST['url'])); $criteria->add(new Criteria('url', $url.'%', 'LIKE')); } if ( !empty($_POST['user_from']) ) { $criteria->add(new Criteria('user_from', '%'.$myts->addSlashes(trim($_POST['user_from'])).'%', 'LIKE')); } if ( !empty($_POST['user_intrest']) ) { $criteria->add(new Criteria('user_intrest', '%'.$myts->addSlashes(trim($_POST['user_intrest'])).'%', 'LIKE')); } if ( !empty($_POST['user_occ']) ) { $criteria->add(new Criteria('user_occ', '%'.$myts->addSlashes(trim($_POST['user_occ'])).'%', 'LIKE')); } foreach (array("last_login", "user_regdate") as $var) { if ( !empty($_POST["{$var}_more"]) && is_numeric($_POST["{$var}_more"]) ) { $time = time() - (60 * 60 * 24 * intval(trim($_POST["{$var}_more"]))); if ( $time > 0 ) { $criteria->add(new Criteria($var, $time, '<=')); } } if ( !empty($_POST["{$var}_less"]) && is_numeric($_POST["{$var}_less"]) ) { $time = time() - (60 * 60 * 24 * intval(trim($_POST["{$var}_less"]))); if ( $time > 0 ) { $criteria->add(new Criteria($var, $time, '>=')); } } } if ( !empty($_POST['posts_more']) && is_numeric($_POST['posts_more']) ) { $criteria->add(new Criteria('posts', intval($_POST['posts_more']), '<=')); } if ( !empty($_POST['posts_less']) && is_numeric($_POST['posts_less']) ) { $criteria->add(new Criteria('posts', intval($_POST['posts_less']), '>=')); } if ( !empty($_POST['user_mailok']) ) { if ( $_POST['user_mailok'] == "mailng" ) { $criteria->add(new Criteria('user_mailok', 0)); } elseif ( $_POST['user_mailok'] == "mailok" ) { $criteria->add(new Criteria('user_mailok', 1)); } } if ( !empty($_POST['user_avatar']) ) { if ( $_POST['user_avatar'] == "y" ) { $criteria->add(new Criteria('user_avatar', "('', 'blank.gif')", 'NOT IN')); } elseif ( $_POST['user_avatar'] == "n" ) { $criteria->add(new Criteria('user_avatar', "('', 'blank.gif')", 'IN')); } } if ( !empty($_POST['level']) ) { $level_value = array(1 => 1, 2 => 0, 3 => -1); $level = isset($level_value[intval($_POST["level"])]) ? $level_value[intval($_POST["level"])] : 1; $criteria->add(new Criteria("level", $level)); } if ( !empty($_POST['rank']) ) { $rank_obj = $rank_handler->get( $_POST['rank'] ); if ($rank_obj->getVar("rank_special")) { $criteria->add(new Criteria("rank", intval($_POST['rank']))); } else { if ($rank_obj->getVar("rank_min")) { $criteria->add(new Criteria('posts', $rank_obj->getVar("rank_min"), '>=')); } if ($rank_obj->getVar("rank_max")) { $criteria->add(new Criteria('posts', $rank_obj->getVar("rank_max"), '<=')); } } } $total = $user_handler->getCount($criteria, @$_POST["groups"]); $validsort = array("uname", "email", "last_login", "user_regdate", "posts"); $sort = (!in_array($_POST['user_sort'], $validsort)) ? "uname" : $_POST['user_sort']; $order = "ASC"; if ( isset($_POST['user_order']) && $_POST['user_order'] == "DESC") { $order = "DESC"; } $criteria->setSort($sort); $criteria->setOrder($order); $criteria->setLimit($limit); $criteria->setStart($start); $foundusers = $user_handler->getAll($criteria, @$_POST["groups"]); } else { $query = trim($_POST["query"]); // Query with alias if (preg_match("/select[\s]+.*[\s]+from[\s]+(".$xoopsDB->prefix("users")."[\s]+as[\s]+([^\s]+).*)/i", $query, $matches) ) { $alias = $matches[2]; $subquery = $matches[1]; // Query without alias } elseif (preg_match("/select[\s]+.*[\s]+from[\s]+(".$xoopsDB->prefix("users")."\b.*)/i", $query, $matches) ) { $alias = ""; $subquery = $matches[1]; // Invalid query } else { $query = "SELECT * FROM ".$xoopsDB->prefix("users"); $subquery = $xoopsDB->prefix("users"); } $sql_count = "SELECT COUNT(DISTINCT ".(empty($alias) ? "" : $alias . "." )."uid) FROM ". $subquery; $result = $xoopsDB->query($sql_count); list($total) = $xoopsDB->FetchRow($result); $result = $xoopsDB->query($query, $limit, $start); $foundusers = array(); while ($myrow = $xoopsDB->fetchArray($result)) { $object =& $user_handler->create(false); $object->assignVars($myrow); $foundusers[$myrow["uid"]] = $object; unset($object); } } echo $js_adduser=' <script type="text/javascript"> var multiple='.intval($_REQUEST['multiple']).'; function addusers() { var sel_str = ""; var num = 0; var mForm = document.forms["'.$name_form.'"]; for (var i=0;i!=mForm.elements.length;i++) { var id=mForm.elements[i]; if ( ( (multiple > 0 && id.type == "checkbox") || (multiple == 0 && id.type == "radio") ) && (id.checked == true) && ( id.name == "'.$name_userid.'" ) ) { var name = mForm.elements[++i]; var len = id.value.length + name.value.length; sel_str += len + ":" + id.value + ":" + name.value; num ++; } } if (num == 0) { alert("'._MA_USER_NOUSERSELECTED.'"); return false; } sel_str = num + ":" + sel_str; window.opener.addusers(sel_str); alert("'._MA_USER_USERADDED.'"); if (multiple == 0) { window.close(); window.opener.focus(); } return true; } </script> '; echo "</html><body>"; echo "<a href='findusers.php?target=".htmlspecialchars(@$_POST["target"], ENT_QUOTES)."&multiple=".intval(@$_POST["multiple"])."&token=".htmlspecialchars($token, ENT_QUOTES)."'>". _MA_USER_FINDUS ."</a> <span style='font-weight:bold;'>»»</span> ". _MA_USER_RESULTS."<br /><br />"; if ( empty($start) && empty($foundusers) ) { echo "<h4>"._MA_USER_NOFOUND,"</h4>"; $hiddenform = "<form name='findnext' action='findusers.php' method='post'>"; foreach ( $_POST as $k => $v ) { if ($k == 'XOOPS_TOKEN_REQUEST') { // regenerate token value $hiddenform .= $GLOBALS['xoopsSecurity']->getTokenHTML()."\n"; } else { $hiddenform .= "<input type='hidden' name='".htmlSpecialChars($k, ENT_QUOTES)."' value='".htmlSpecialChars($myts->stripSlashesGPC($v), ENT_QUOTES)."' />\n"; } } if (!isset($_POST['limit'])) { $hiddenform .= "<input type='hidden' name='limit' value='{$limit}' />\n"; } if (!isset($_POST['start'])) { $hiddenform .= "<input type='hidden' name='start' value='{$start}' />\n"; } $hiddenform .= "<input type='hidden' name='token' value='".htmlspecialchars($token, ENT_QUOTES)."' />\n"; $hiddenform .= "</form>"; echo "<div>".$hiddenform; echo "<a href='#' onclick='javascript:document.findnext.start.value=0;document.findnext.user_submit.value=0;document.findnext.submit();'>"._MA_USER_SEARCHAGAIN."</a>\n"; echo "</div>"; } elseif ( $start < $total ) { if ( !empty($total) ) { echo sprintf(_MA_USER_USERSFOUND, $total)."<br />"; } if (!empty($foundusers)) { echo "<form action='findusers.php' method='post' name='{$name_form}' id='{$name_form}'> <table width='100%' border='0' cellspacing='1' cellpadding='4' class='outer'> <tr> <th align='center' width='5px'>"; if (!empty($_POST["multiple"])) { echo "<input type='checkbox' name='memberslist_checkall' id='memberslist_checkall' onclick='xoopsCheckAll(\"{$name_form}\", \"memberslist_checkall\");' />"; } echo "</th> <th align='center'>"._MA_USER_UNAME."</th> <th align='center'>"._MA_USER_REALNAME."</th> <th align='center'>"._MA_USER_REGDATE."</th> <th align='center'>"._MA_USER_LASTLOGIN."</th> <th align='center'>"._MA_USER_POSTS."</th> </tr>"; $ucount = 0; foreach (array_keys($foundusers) as $j) { if ($ucount % 2 == 0) { $class = 'even'; } else { $class = 'odd'; } $ucount++; $fuser_name = $foundusers[$j]->getVar("name") ? $foundusers[$j]->getVar("name") : " "; echo "<tr class='$class'> <td align='center'>"; if (!empty($_POST["multiple"])) { echo "<input type='checkbox' name='{$name_userid}' id='{$name_userid}' value='".$foundusers[$j]->getVar("uid")."' />"; echo "<input type='hidden' name='{$name_username}' id='{$name_username}' value='".$foundusers[$j]->getVar("uname")."' />"; } else { echo "<input type='radio' name='{$name_userid}' id='{$name_userid}' value='".$foundusers[$j]->getVar("uid")."' />"; echo "<input type='hidden' name='{$name_username}' id='{$name_username}' value='".$foundusers[$j]->getVar("uname")."' />"; } echo "</td> <td><a href='".XOOPS_URL."/userinfo.php?uid=".$foundusers[$j]->getVar("uid")."' target='_blank'>".$foundusers[$j]->getVar("uname")."</a></td> <td>".$fuser_name."</td> <td align='center'>".($foundusers[$j]->getVar("user_regdate") ? date("Y-m-d", $foundusers[$j]->getVar("user_regdate")) : "")."</td> <td align='center'>".($foundusers[$j]->getVar("last_login") ? date("Y-m-d H:i", $foundusers[$j]->getVar("last_login")) : "")."</td> <td align='center'>".$foundusers[$j]->getVar("posts")."</td>"; echo "</tr>\n"; } echo "<tr class='foot'><td colspan='6'>"; // placeholder for external applications if (empty($_POST["target"])) { echo "<select name='fct'><option value='users'>"._DELETE."</option><option value='mailusers'>"._MA_USER_SENDMAIL."</option>"; echo "</select> "; echo $GLOBALS['xoopsSecurity']->getTokenHTML()."<input type='submit' value='"._SUBMIT."' />"; // Add selected users } else { echo "<input type='button' value='"._MA_USER_ADD_SELECTED."' onclick='addusers();' />"; } echo "<input type='hidden' name='token' value='".htmlspecialchars($token, ENT_QUOTES)."' />\n"; echo "</td></tr></table></form>\n"; } $hiddenform = "<form name='findnext' action='findusers.php' method='post'>"; foreach ( $_POST as $k => $v ) { if ($k == 'XOOPS_TOKEN_REQUEST') { // regenerate token value $hiddenform .= $GLOBALS['xoopsSecurity']->getTokenHTML()."\n"; } else { $hiddenform .= "<input type='hidden' name='".htmlSpecialChars($k, ENT_QUOTES)."' value='".htmlSpecialChars($myts->stripSlashesGPC($v), ENT_QUOTES)."' />\n"; } } if (!isset($_POST['limit'])) { $hiddenform .= "<input type='hidden' name='limit' value='".$limit."' />\n"; } if (!isset($_POST['start'])) { $hiddenform .= "<input type='hidden' name='start' value='".$start."' />\n"; } $hiddenform .= "<input type='hidden' name='token' value='".htmlspecialchars($token, ENT_QUOTES)."' />\n"; if ( !isset($total) || ( $totalpages = ceil($total / $limit) ) > 1 ) { $prev = $start - $limit; if ( $start - $limit >= 0 ) { $hiddenform .= "<a href='#0' onclick='javascript:document.findnext.start.value=".$prev.";document.findnext.submit();'>"._MA_USER_PREVIOUS."</a> \n"; } $counter = 1; $currentpage = ($start+$limit) / $limit; if (!isset($total)) { while ( $counter <= $currentpage ) { if ( $counter == $currentpage ) { $hiddenform .= "<strong>".$counter."</strong> "; } elseif ( ($counter > $currentpage-4 && $counter < $currentpage+4) || $counter == 1 ) { $hiddenform .= "<a href='#".$counter."' onclick='javascript:document.findnext.start.value=".($counter-1)*$limit.";document.findnext.submit();'>".$counter."</a> "; if ( $counter == 1 && $currentpage > 5 ) { $hiddenform .= "... "; } } $counter++; } } else { while ( $counter <= $totalpages ) { if ( $counter == $currentpage ) { $hiddenform .= "<strong>".$counter."</strong> "; } elseif ( ($counter > $currentpage-4 && $counter < $currentpage+4) || $counter == 1 || $counter == $totalpages ) { if ( $counter == $totalpages && $currentpage < $totalpages-4 ) { $hiddenform .= "... "; } $hiddenform .= "<a href='#".$counter."' onclick='javascript:document.findnext.start.value=".($counter-1)*$limit.";document.findnext.submit();'>".$counter."</a> "; if ( $counter == 1 && $currentpage > 5 ) { $hiddenform .= "... "; } } $counter++; } } $next = $start + $limit; if ( ( isset($total) && $total > $next) || ( !isset($total) && count($foundusers) >= $limit ) ) { $hiddenform .= " <a href='#".$total."' onclick='javascript:document.findnext.start.value=".$next.";document.findnext.submit();'>"._MA_USER_NEXT."</a>\n"; } } $hiddenform .= "</form>"; echo "<div>".$hiddenform; if (isset($total)) { echo "<br />".sprintf(_MA_USER_USERSFOUND, $total) . " "; } echo "<a href='#' onclick='javascript:document.findnext.start.value=0;document.findnext.user_submit.value=0;document.findnext.submit();'>"._MA_USER_SEARCHAGAIN."</a>\n"; echo "</div>"; } } xoops_footer(); ?>