ona  18.1.1
About: OpenNetAdmin provides a database managed inventory of your IP network (with Web and CLI interface).
  Fossies Dox: ona-18.1.1.tar.gz  ("inofficial" and yet experimental doxygen-generated source code documentation)  

user_list.inc.php
Go to the documentation of this file.
1 <?php
2 //
3 // So, the basic flow of this script is like this:
4 // * When the window is initially opened we define the normal window
5 // parameters for building an almost empty window. After that new
6 // empty window is created it's instructed to run an xajax callback
7 // to the display_list() function. display_list() builds an
8 // html list of entriess and pushes it into the empty window.
9 // * If a search is entered into the "quick filter" another xajax
10 // call is made to display_list(), this time passing a search
11 // query. display_list() grabs the refined list of entries
12 // and pushes them to the window just like the first time.
13 //
14 //
15 //
16 
17 
18 
19 // Set the window title:
20 $window['title'] = "Employee List";
21 
22 
23 // EMPLOYEE LIST
24 $form_id = "{$window_name}_filter_form";
25 $tab = 'employees';
26 $submit_window = $window_name;
27 $content_id = "{$window_name}_list";
28 $window['html'] .= <<<EOL
29  <!-- EMPLOYEE LIST -->
30  <div style="border: 1px solid {$color['border']};">
31 
32  <!-- Tab & Quick Filter -->
33  <table id="{$form_id}_table" cellspacing="0" border="0" cellpadding="0">
34  <tr>
35  <td id="{$form_id}_employees_tab" nowrap="true" class="table-tab-active">
36  Employees <span id="{$form_id}_{$tab}_count"></span>
37  </td>
38 
39  <td id="{$form_id}_quick_filter" class="padding" align="right" width="100%">
40  <form id="{$form_id}" onSubmit="return false;">
41  <input id="{$form_id}_page" name="page" value="1" type="hidden">
42  <input name="content_id" value="{$content_id}" type="hidden">
43  <input name="form_id" value="{$form_id}" type="hidden">
44  <div id="{$form_id}_filter_overlay"
45  style="position: relative;
46  display: inline;
47  color: #CACACA;
48  font-size: small;
49  cursor: text;"
50  onClick="this.style.display = 'none'; el('{$form_id}_filter').focus();"
51  >Filter</div>
52  <input
53  id="{$form_id}_filter"
54  name="filter"
55  class="filter"
56  type="text"
57  value=""
58  size="10"
59  maxlength="20"
60  alt="Quick Filter"
61  onFocus="el('{$form_id}_filter_overlay').style.display = 'none';"
62  onBlur="if (this.value == '') el('{$form_id}_filter_overlay').style.display = 'inline';"
63  onKeyUp="
64  if (typeof(timer) != 'undefined') clearTimeout(timer);
65  code = 'if ({$form_id}_last_search != el(\'{$form_id}_filter\').value) {' +
66  ' {$form_id}_last_search = el(\'{$form_id}_filter\').value;' +
67  ' document.getElementById(\'{$form_id}_page\').value = 1;' +
68  ' xajax_window_submit(\'{$submit_window}\', xajax.getFormValues(\'{$form_id}\'), \'display_list\');' +
69  '}';
70  timer = setTimeout(code, 700);"
71  >
72  </form>
73  </td>
74 
75  </tr>
76  </table>
77 
78  <div id="{$content_id}">
79  {$conf['loading_icon']}
80  </div>
81 
82  </div>
83 
84 EOL;
85 
86 $window['js'] .= <<<EOL
87  /* Setup the quick filter */
88  el('{$form_id}_filter_overlay').style.left = (el('{$form_id}_filter_overlay').offsetWidth + 10) + 'px';
89  {$form_id}_last_search = '';
90 
91  /* Tell the browser to load/display the list */
92  xajax_window_submit('{$submit_window}', xajax.getFormValues('{$form_id}'), 'display_list');
94 
95 
96 
97 
98 
99 
100 
101 // This function displays a list (all?) employees
102 function ws_display_list($window_name, $form) {
103  global $conf, $self, $mysql;
104  global $font_family, $color, $style, $images;
105 
106  // Instantiate the xajaxResponse object
107  $response = new xajaxResponse();
108 
109  // Make sure they're logged in
110  if (!loggedIn()) { return($response->getXML()); }
111 
112  // If the user supplied an array in a string, build the array and store it in $form
113  $form = parse_options_string($form);
114 
115  // Find out what page we're on
116  $page = 1;
117  if ($form['page'] and is_numeric($form['page'])) { $page = $form['page']; }
118 
119  printmsg("INFO => Displaying user list page: {$page} client url: {$_SESSION['auth']['client']['url']}", 0);
120 
121  // Calculate the SQL query offset (based on the page being displayed)
122  $offset = ($conf['search_results_per_page'] * ($page - 1));
123  if ($offset == 0) { $offset = -1; }
124 
125 
126  $where = "`client_id` = {$_SESSION['auth']['client']['id']} AND `active` = 1";
127  if (is_array($form) and $form['filter']) {
128  $where .= ' AND `username` LIKE ' . $mysql->qstr('%'.$form['filter'].'%');
129  }
130 
131  // Get our employees
132  list($status, $rows, $records) = db_get_records($mysql, 'users', $where, 'username', $conf['search_results_per_page'], $offset);
133 
134  // If we got less than serach_results_per_page, add the current offset to it
135  // so that if we're on the last page $rows still has the right number in it.
136  if ($rows > 0 and $rows < $conf['search_results_per_page']) {
137  $rows += ($conf['search_results_per_page'] * ($page - 1));
138  }
139 
140  // If there were more than $conf['search_results_per_page'] find out how many records there really are
141  else if ($rows >= $conf['search_results_per_page']) {
142  list ($status, $rows, $tmp) = db_get_records($mysql, 'users', $where, '', 0);
143  }
144  $count = $rows;
145 
146  // Add a table header
147  $html = <<<EOL
148 
149  <!-- Results Table -->
150  <table id="{$form['form_id']}_host_list" class="list-box" cellspacing="0" border="0" cellpadding="0" width="100%">
151 
152  <!-- Table Header -->
153  <tr>
154  <td class="list-header" align="center" style="border-right: 1px solid {$color['border']};">Username</td>
155  <td class="list-header" align="center" style="border-right: 1px solid {$color['border']};">Full Name</td>
156  <td class="list-header" align="center" style="border-right: 1px solid {$color['border']};">Company</td>
157  <td class="list-header" align="center" style="border-right: 1px solid {$color['border']};">Admin</td>
158  <td class="list-header" align="center">&nbsp</td>
159  </tr>
160 
161 EOL;
162 
163  // Loop through and display the records
164  foreach ($records as $record) {
165 
166  list ($status, $rows, $client) = db_get_record($mysql, 'clients', array('id' => $record['client_id']));
167  $record['company_name'] = $client['company_name'];
168 
169  // Escape data for display in html
170  foreach(array_keys($record) as $key) {
171  $record[$key] = htmlentities($record[$key], ENT_QUOTES, $conf['php_charset']);
172  }
173 
174  // If the user is an admin, set some extra html
175  $admin_html = "";
176  if (empty($perm)) list($status, $rows, $perm) = db_get_record($mysql, 'permissions', array('name' => 'admin'));
177  list($status, $rows, $acl) = db_get_record($mysql, 'acl', array('user_id' => $record['id'], 'perm_id' => $perm['id']));
178  if ($acl['id']) $admin_html = "<img src=\"{$images}/silk/tick.png\" border=\"0\">";
179 
180 
181  $html .= <<<EOL
182  <tr onMouseOver="this.className='row-highlight';" onMouseOut="this.className='row-normal';">
183 
184  <td class="list-row">
185  <a title="Edit"
186  class="act"
187  onClick="xajax_window_submit('user_edit', '{$record['id']}', 'editor');"
188  >{$record['username']}</a>&nbsp;
189  </td>
190 
191  <td class="list-row" align="left">
192  {$record['fname']} {$record['lname']}&nbsp;
193  </td>
194 
195  <td class="list-row" align="left">
196  {$record['company_name']}&nbsp;
197  </td>
198 
199  <td class="list-row" align="left">
200  {$admin_html}&nbsp;
201  </td>
202 
203  <td class="list-row" align="right">
204  <a title="Edit"
205  class="act"
206  onClick="xajax_window_submit('user_edit', '{$record['id']}', 'editor');"
207  ><img src="{$images}/silk/page_edit.png" border="0"></a>&nbsp;
208 
209  <a title="Delete employee"
210  class="act"
211  onClick="var doit=confirm('Are you sure you want to delete this employee?');
212  if (doit == true)
213  xajax_window_submit('{$window_name}', '{$record['id']}', 'delete');"
214  ><img src="{$images}/silk/delete.png" border="0"></a>&nbsp;
215  </td>
216 
217  </tr>
218 EOL;
219  }
220 
221  $html .= <<<EOL
222  <!-- Add a new employee -->
223  <tr>
224  <td colspan="99" class="list-header">
225  <a title="New employee"
226  class="act"
227  onClick="xajax_window_submit('user_edit', ' ', 'editor');"
228  ><img src="{$images}/silk/page_add.png" border="0"></a>&nbsp;
229 
230  <a title="New employee"
231  class="act"
232  onClick="xajax_window_submit('user_edit', ' ', 'editor');"
233  >Add new employee</a>&nbsp;
234  </td>
235  </tr>
236 
237  </table>
238 EOL;
239 
240 
241  // Build page links if there are any
242  $html .= get_page_links($page, $conf['search_results_per_page'], $count, $window_name, $form['form_id']);
243 
244 
245  // Insert the new table into the window
246  $response->addAssign("{$form['form_id']}_employees_count", "innerHTML", "({$count})");
247  $response->addAssign("{$form['content_id']}", "innerHTML", $html);
248  // $response->addScript($js);
249  return($response->getXML());
250 }
251 
252 
253 
254 
255 
256 
258 // Function: delete()
259 //
260 // Description:
261 // Deletes a record.
263 function ws_delete($window_name, $form='') {
264  global $conf, $self, $mysql;
265 
266  // Make sure they have permission
267  if (!auth('admin')) {
268  $response = new xajaxResponse();
269  $response->addScript("alert('Permission denied!');");
270  return($response->getXML());
271  }
272 
273  // Don't allow this in the demo account!
274  if ($_SESSION['auth']['client']['url'] == 'demo') {
275  $response = new xajaxResponse();
276  $response->addScript("alert('Feature disabled in this demo!');");
277  return($response->getXML());
278  }
279 
280  // Don't allow a user to delete their own account!
281  if ($_SESSION['auth']['user']['id'] == $form) {
282  $response = new xajaxResponse();
283  $response->addScript("alert('Sorry, but you can\\'t delete your own admin account!');");
284  return($response->getXML());
285  }
286 
287 
288  // Instantiate the xajaxResponse object
289  $response = new xajaxResponse();
290  $js = '';
291 
292 
293  // Set the user to inactive (which will make them "dissapear" for all practical purposes)
294  printmsg("NOTICE => Deleting (disabling) user: {$form} client url: {$_SESSION['auth']['client']['url']}", 0);
295  list($status, $rows) = db_update_record($mysql, 'users', array('client_id' => $_SESSION['auth']['client']['id'], 'id' => $form), array('active' => 0));
296 
297  // If the module returned an error code display a popup warning
298  if ($status != 0 or $rows != 1) {
299  $js .= "alert('Delete failed');";
300  }
301  else {
302  // Refresh the current list of templates.. it's changed!
303  $js .= "xajax_window_submit('{$window_name}', xajax.getFormValues('{$window_name}_filter_form'), 'display_list');";
304  }
305 
306  // Insert the new table into the window
307  $response->addScript($js);
308  return($response->getXML());
309 }
310 
311 
312 
313 
314 
315 
316 
317 
318 
319 
320 
321 ?>
$content_id
$content_id
Definition: user_list.inc.php:27
loggedIn
loggedIn()
Definition: functions_general.inc.php:1313
Name
Full Name
Definition: app_user_info.inc.php:101
$record
$record['display_name']
Definition: app_advanced_search.inc.php:12
db_get_records
db_get_records($dbh=0, $table="", $where="", $order="", $rows=-1, $offset=-1)
Definition: functions_db.inc.php:891
$status
$status
Definition: install.php:12
$form_id
$form_id
Definition: user_list.inc.php:24
xajax
ws_display_list
ws_display_list($window_name, $form)
Definition: user_list.inc.php:102
$tab
$tab
Definition: user_list.inc.php:25
printmsg
if(6<=$conf['debug']) printmsg($msg="", $debugLevel=0)
Definition: functions_general.inc.php:48
ws_delete
ws_delete($window_name, $form='')
Definition: user_list.inc.php:263
db_update_record
db_update_record($dbh=0, $table="", $where="", $insert="")
Definition: functions_db.inc.php:474
EOL
EOL
Definition: user_list.inc.php:93
$images
$images
Definition: config.inc.php:26
$submit_window
$submit_window
Definition: user_list.inc.php:26
Username
</td ></td ><!-- commented out for now till LDAP stuff is usefull< tr >< td colspan="2" align="center" class="padding" style="font-weight: bold;">< u > Domain Info</u ></td ></td >< tr >< td align="right" valign="top" class="padding" style="font-weight: bold;"> Username
Definition: app_user_info.inc.php:92
$_SESSION
$_SESSION['ona']['auth']
Definition: login.php:14
$conf
global $conf
Definition: 2-to-3.php:15
xajaxResponse
Definition: xajaxResponse.inc.php:68
$style
$style['font-family']
Definition: config.inc.php:158
nbsp
& nbsp
Definition: install.php:36
$font_family
global $font_family
Definition: app_admin_tools.inc.php:4
get_page_links
get_page_links($page=1, $per_page=1, $total=1, $window_name='', $form_id='')
Definition: xajax_setup.inc.php:115
$self
global $self
Definition: 2-to-3.php:15
db_get_record
db_get_record($dbh=0, $table="", $where="", $order="")
Definition: functions_db.inc.php:708
$window
$window['title']
Definition: user_list.inc.php:20
auth
auth($resource, $msg_level=1)
Definition: functions_general.inc.php:1330
$color
if($_SERVER['SERVER_PORT']==443) $color['bg']
Definition: config.inc.php:119
parse_options_string
parse_options_string($input)
Definition: xajax_setup.inc.php:88