1: <?php
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22: 23: 24: 25: 26: 27: 28:
29:
30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42:
43: function F_select_user($order_field, $orderdir, $firstrow, $rowsperpage, $group_id = 0, $andwhere = '', $searchterms = '')
44: {
45: global $l;
46: require_once('../config/tce_config.php');
47: F_show_select_user($order_field, $orderdir, $firstrow, $rowsperpage, $group_id, $andwhere, $searchterms);
48: return true;
49: }
50:
51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63:
64: function F_show_select_user($order_field, $orderdir, $firstrow, $rowsperpage, $group_id = 0, $andwhere = '', $searchterms = '')
65: {
66: global $l, $db;
67: require_once('../config/tce_config.php');
68: require_once('../../shared/code/tce_functions_page.php');
69: require_once('../../shared/code/tce_functions_form.php');
70: $filter = '';
71: if ($l['a_meta_dir'] == 'rtl') {
72: $txtalign = 'right';
73: $numalign = 'left';
74: } else {
75: $txtalign = 'left';
76: $numalign = 'right';
77: }
78: $order_field = F_escape_sql($db, $order_field);
79: $orderdir = intval($orderdir);
80: $firstrow = intval($firstrow);
81: $rowsperpage = intval($rowsperpage);
82: $group_id = intval($group_id);
83: if (empty($order_field) or (!in_array($order_field, array('user_id', 'user_name', 'user_password', 'user_email', 'user_regdate', 'user_ip', 'user_firstname', 'user_lastname', 'user_birthdate', 'user_birthplace', 'user_regnumber', 'user_ssn', 'user_level', 'user_verifycode')))) {
84: $order_field = 'user_lastname,user_firstname';
85: }
86: if ($orderdir == 0) {
87: $nextorderdir=1;
88: $full_order_field = $order_field;
89: } else {
90: $nextorderdir=0;
91: $full_order_field = $order_field.' DESC';
92: }
93: if (!F_count_rows(K_TABLE_USERS)) {
94: F_print_error('MESSAGE', $l['m_databasempty']);
95: return false;
96: }
97: $wherequery = '';
98: if ($group_id > 0) {
99: $wherequery = ', '.K_TABLE_USERGROUP.' WHERE user_id=usrgrp_user_id AND usrgrp_group_id='.$group_id.'';
100: $filter .= '&group_id='.$group_id.'';
101: }
102: if (empty($wherequery)) {
103: $wherequery = ' WHERE';
104: } else {
105: $wherequery .= ' AND';
106: }
107: $wherequery .= ' (user_id>1)';
108: if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
109:
110: $wherequery .= ' AND ((user_level<'.$_SESSION['session_user_level'].') OR (user_id='.$_SESSION['session_user_id'].'))';
111:
112: $wherequery .= ' AND user_id IN (SELECT tb.usrgrp_user_id
113: FROM '.K_TABLE_USERGROUP.' AS ta, '.K_TABLE_USERGROUP.' AS tb
114: WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
115: AND ta.usrgrp_user_id='.intval($_SESSION['session_user_id']).'
116: AND tb.usrgrp_user_id=user_id)';
117: }
118: if (!empty($andwhere)) {
119: $wherequery .= ' AND ('.$andwhere.')';
120: }
121: $sql = 'SELECT * FROM '.K_TABLE_USERS.$wherequery.' ORDER BY '.$full_order_field;
122: if (K_DATABASE_TYPE == 'ORACLE') {
123: $sql = 'SELECT * FROM ('.$sql.') WHERE rownum BETWEEN '.$firstrow.' AND '.($firstrow + $rowsperpage).'';
124: } else {
125: $sql .= ' LIMIT '.$rowsperpage.' OFFSET '.$firstrow.'';
126: }
127: if ($r = F_db_query($sql, $db)) {
128: if ($m = F_db_fetch_array($r)) {
129:
130: echo '<div class="container">';
131: echo '<table class="userselect">'.K_NEWLINE;
132:
133: echo '<tr>'.K_NEWLINE;
134: echo '<th> </th>'.K_NEWLINE;
135: if (strlen($searchterms) > 0) {
136: $filter .= '&searchterms='.urlencode($searchterms);
137: }
138: echo F_select_table_header_element('user_name', $nextorderdir, $l['h_login_name'], $l['w_user'], $order_field, $filter);
139: echo F_select_table_header_element('user_lastname', $nextorderdir, $l['h_lastname'], $l['w_lastname'], $order_field, $filter);
140: echo F_select_table_header_element('user_firstname', $nextorderdir, $l['h_firstname'], $l['w_firstname'], $order_field, $filter);
141: echo F_select_table_header_element('user_regnumber', $nextorderdir, $l['h_regcode'], $l['w_regcode'], $order_field, $filter);
142: echo F_select_table_header_element('user_level', $nextorderdir, $l['h_level'], $l['w_level'], $order_field, $filter);
143: echo F_select_table_header_element('user_regdate', $nextorderdir, $l['h_regdate'], $l['w_regdate'], $order_field, $filter);
144: echo '<th title="'.$l['h_group_name'].'">'.$l['w_groups'].'</th>'.K_NEWLINE;
145: echo '<th title="'.$l['t_all_results_user'].'">'.$l['w_tests'].'</th>'.K_NEWLINE;
146: echo '</tr>'.K_NEWLINE;
147: $itemcount = 0;
148: do {
149: $itemcount++;
150: echo '<tr>'.K_NEWLINE;
151: echo '<td>';
152: echo '<input type="checkbox" name="userid'.$itemcount.'" id="userid'.$itemcount.'" value="'.$m['user_id'].'" title="'.$l['w_select'].'"';
153: if (isset($_REQUEST['checkall']) and ($_REQUEST['checkall'] == 1)) {
154: echo ' checked="checked"';
155: }
156: echo ' />';
157: echo '</td>'.K_NEWLINE;
158: echo '<td style="text-align:'.$txtalign.';"> <a href="tce_edit_user.php?user_id='.$m['user_id'].'" title="'.$l['w_edit'].'">'.htmlspecialchars($m['user_name'], ENT_NOQUOTES, $l['a_meta_charset']).'</a></td>'.K_NEWLINE;
159: echo '<td style="text-align:'.$txtalign.';"> '.htmlspecialchars($m['user_lastname'], ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
160: echo '<td style="text-align:'.$txtalign.';"> '.htmlspecialchars($m['user_firstname'], ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
161: echo '<td style="text-align:'.$txtalign.';"> '.htmlspecialchars($m['user_regnumber'], ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
162: echo '<td> '.$m['user_level'].'</td>'.K_NEWLINE;
163: echo '<td> '.htmlspecialchars($m['user_regdate'], ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
164:
165: $grp = '';
166: $sqlg = 'SELECT *
167: FROM '.K_TABLE_GROUPS.', '.K_TABLE_USERGROUP.'
168: WHERE usrgrp_group_id=group_id
169: AND usrgrp_user_id='.$m['user_id'].'
170: ORDER BY group_name';
171: if ($rg = F_db_query($sqlg, $db)) {
172: while ($mg = F_db_fetch_array($rg)) {
173: $grp .= $mg['group_name'].', ';
174: }
175: } else {
176: F_display_db_error();
177: }
178: echo '<td style="text-align:'.$txtalign.';"> '.htmlspecialchars(substr($grp, 0, -2), ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
179:
180: echo '<td><a href="tce_show_result_allusers.php?user_id='.$m['user_id'].'" class="xmlbutton" title="'.$l['t_all_results_user'].'">...</a></td>'.K_NEWLINE;
181:
182: echo '</tr>'.K_NEWLINE;
183: } while ($m = F_db_fetch_array($r));
184:
185: echo '</table>'.K_NEWLINE;
186:
187: echo '<br />'.K_NEWLINE;
188:
189: echo '<input type="hidden" name="order_field" id="order_field" value="'.$order_field.'" />'.K_NEWLINE;
190: echo '<input type="hidden" name="orderdir" id="orderdir" value="'.$orderdir.'" />'.K_NEWLINE;
191: echo '<input type="hidden" name="firstrow" id="firstrow" value="'.$firstrow.'" />'.K_NEWLINE;
192: echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="'.$rowsperpage.'" />'.K_NEWLINE;
193:
194:
195: echo '<span dir="'.$l['a_meta_dir'].'">';
196: echo '<input type="radio" name="checkall" id="checkall1" value="1" onclick="document.getElementById(\'form_userselect\').submit()" />';
197: echo '<label for="checkall1">'.$l['w_check_all'].'</label> ';
198: echo '<input type="radio" name="checkall" id="checkall0" value="0" onclick="document.getElementById(\'form_userselect\').submit()" />';
199: echo '<label for="checkall0">'.$l['w_uncheck_all'].'</label>';
200: echo '</span>'.K_NEWLINE;
201: echo '<br />'.K_NEWLINE;
202: echo '<strong style="margin:5px">'.$l['m_with_selected'].'</strong>'.K_NEWLINE;
203: echo '<ul style="margin:0">';
204: if ($_SESSION['session_user_level'] >= K_AUTH_DELETE_USERS) {
205:
206: echo '<li>';
207: F_submit_button('delete', $l['w_delete'], $l['h_delete']);
208: echo '</li>'.K_NEWLINE;
209: }
210: if ($_SESSION['session_user_level'] >= K_AUTH_ADMIN_GROUPS) {
211: echo '<li>';
212:
213: echo F_user_group_select('new_group_id');
214: F_submit_button('addgroup', $l['w_add'], $l['w_add']);
215: if ($_SESSION['session_user_level'] >= K_AUTH_DELETE_GROUPS) {
216: F_submit_button('delgroup', $l['w_delete'], $l['h_delete']);
217: }
218: echo '</li>'.K_NEWLINE;
219: if ($_SESSION['session_user_level'] >= K_AUTH_MOVE_GROUPS) {
220:
221: echo '<li>';
222: if ($l['a_meta_dir'] == 'rtl') {
223: $arr = '←';
224: } else {
225: $arr = '→';
226: }
227: echo F_user_group_select('from_group_id');
228: echo $arr;
229: echo F_user_group_select('to_group_id');
230: F_submit_button('move', $l['w_move'], $l['w_move']);
231: echo '</li>'.K_NEWLINE;
232: }
233: }
234: echo '</ul>'.K_NEWLINE;
235: echo '<div class="row"><hr /></div>'.K_NEWLINE;
236:
237:
238:
239: if ($rowsperpage > 0) {
240: $sql = 'SELECT count(*) AS total FROM '.K_TABLE_USERS.''.$wherequery.'';
241: if (!empty($order_field)) {
242: $param_array = '&order_field='.urlencode($order_field).'';
243: }
244: if (!empty($orderdir)) {
245: $param_array .= '&orderdir='.$orderdir.'';
246: }
247: if (!empty($group_id)) {
248: $param_array .= '&group_id='.$group_id.'';
249: }
250: if (!empty($searchterms)) {
251: $param_array .= '&searchterms='.urlencode($searchterms).'';
252: }
253: $param_array .= '&submitted=1';
254: F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
255: }
256:
257: echo '<div class="row">'.K_NEWLINE;
258: echo '<br />';
259: echo '<a href="tce_xml_users.php" class="xmlbutton" title="'.$l['h_xml_export'].'">XML</a> ';
260: echo '<a href="tce_xml_users.php?format=JSON" class="xmlbutton" title="JSON">JSON</a> ';
261: echo '<a href="tce_tsv_users.php" class="xmlbutton" title="'.$l['h_tsv_export'].'">TSV</a>';
262: echo '</div>'.K_NEWLINE;
263:
264: echo '<div class="pagehelp">'.$l['hp_select_users'].'</div>'.K_NEWLINE;
265: echo '</div>'.K_NEWLINE;
266: } else {
267: F_print_error('MESSAGE', $l['m_search_void']);
268: }
269: } else {
270: F_display_db_error();
271: }
272: return true;
273: }
274:
275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288:
289: function F_show_select_user_popup($order_field, $orderdir, $firstrow, $rowsperpage, $group_id = 0, $andwhere = '', $searchterms = '', $cid = 0)
290: {
291: global $l, $db;
292: require_once('../config/tce_config.php');
293: require_once('../../shared/code/tce_functions_page.php');
294: require_once('../../shared/code/tce_functions_form.php');
295: $filter = 'cid='.$cid;
296: if ($l['a_meta_dir'] == 'rtl') {
297: $txtalign = 'right';
298: $numalign = 'left';
299: } else {
300: $txtalign = 'left';
301: $numalign = 'right';
302: }
303: $order_field = F_escape_sql($db, $order_field);
304: $orderdir = intval($orderdir);
305: $firstrow = intval($firstrow);
306: $rowsperpage = intval($rowsperpage);
307: $group_id = intval($group_id);
308: if (empty($order_field) or (!in_array($order_field, array('user_id', 'user_name', 'user_password', 'user_email', 'user_regdate', 'user_ip', 'user_firstname', 'user_lastname', 'user_birthdate', 'user_birthplace', 'user_regnumber', 'user_ssn', 'user_level', 'user_verifycode')))) {
309: $order_field = 'user_lastname,user_firstname';
310: }
311: if ($orderdir == 0) {
312: $nextorderdir=1;
313: $full_order_field = $order_field;
314: } else {
315: $nextorderdir=0;
316: $full_order_field = $order_field.' DESC';
317: }
318: if (!F_count_rows(K_TABLE_USERS)) {
319: F_print_error('MESSAGE', $l['m_databasempty']);
320: return false;
321: }
322: $wherequery = '';
323: if ($group_id > 0) {
324: $wherequery = ', '.K_TABLE_USERGROUP.' WHERE user_id=usrgrp_user_id AND usrgrp_group_id='.$group_id.'';
325: $filter .= '&group_id='.$group_id.'';
326: }
327: if (empty($wherequery)) {
328: $wherequery = ' WHERE';
329: } else {
330: $wherequery .= ' AND';
331: }
332: $wherequery .= ' (user_id>1)';
333: if ($_SESSION['session_user_level'] < K_AUTH_ADMINISTRATOR) {
334:
335: $wherequery .= ' AND ((user_level<'.$_SESSION['session_user_level'].') OR (user_id='.$_SESSION['session_user_id'].'))';
336:
337: $wherequery .= ' AND user_id IN (SELECT tb.usrgrp_user_id
338: FROM '.K_TABLE_USERGROUP.' AS ta, '.K_TABLE_USERGROUP.' AS tb
339: WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
340: AND ta.usrgrp_user_id='.intval($_SESSION['session_user_id']).'
341: AND tb.usrgrp_user_id=user_id)';
342: }
343: if (!empty($andwhere)) {
344: $wherequery .= ' AND ('.$andwhere.')';
345: }
346: $sql = 'SELECT * FROM '.K_TABLE_USERS.$wherequery.' ORDER BY '.$full_order_field;
347: if (K_DATABASE_TYPE == 'ORACLE') {
348: $sql = 'SELECT * FROM ('.$sql.') WHERE rownum BETWEEN '.$firstrow.' AND '.($firstrow + $rowsperpage).'';
349: } else {
350: $sql .= ' LIMIT '.$rowsperpage.' OFFSET '.$firstrow.'';
351: }
352: if ($r = F_db_query($sql, $db)) {
353: if ($m = F_db_fetch_array($r)) {
354:
355: echo '<div class="container">';
356: echo '<table class="userselect" style="font-size:80%;">'.K_NEWLINE;
357:
358: echo '<tr>'.K_NEWLINE;
359: if (strlen($searchterms) > 0) {
360: $filter .= '&searchterms='.urlencode($searchterms);
361: }
362: echo F_select_table_header_element('user_name', $nextorderdir, $l['h_login_name'], $l['w_user'], $order_field, $filter);
363: echo F_select_table_header_element('user_lastname', $nextorderdir, $l['h_lastname'], $l['w_lastname'], $order_field, $filter);
364: echo F_select_table_header_element('user_firstname', $nextorderdir, $l['h_firstname'], $l['w_firstname'], $order_field, $filter);
365: echo F_select_table_header_element('user_email', $nextorderdir, $l['h_email'], $l['w_email'], $order_field, $filter);
366: echo F_select_table_header_element('user_regnumber', $nextorderdir, $l['h_regcode'], $l['w_regcode'], $order_field, $filter);
367: echo F_select_table_header_element('user_level', $nextorderdir, $l['h_level'], $l['w_level'], $order_field, $filter);
368: echo F_select_table_header_element('user_regdate', $nextorderdir, $l['h_regdate'], $l['w_regdate'], $order_field, $filter);
369:
370: echo '</tr>'.K_NEWLINE;
371: $itemcount = 0;
372: do {
373: $itemcount++;
374:
375: $jsaction = 'javascript:window.opener.document.getElementById(\''.$cid.'\').value='.$m['user_id'].';';
376: $jsaction .= 'window.opener.document.getElementById(\''.$cid.'\').onchange();';
377: $jsaction .= 'window.close();';
378: echo '<tr>'.K_NEWLINE;
379: echo '<td style="text-align:'.$txtalign.';"> <a href="#" onclick="'.$jsaction.'" title="['.$l['w_select'].']">'.htmlspecialchars($m['user_name'], ENT_NOQUOTES, $l['a_meta_charset']).'</a></td>'.K_NEWLINE;
380: echo '<td style="text-align:'.$txtalign.';"> '.htmlspecialchars($m['user_lastname'], ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
381: echo '<td style="text-align:'.$txtalign.';"> '.htmlspecialchars($m['user_firstname'], ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
382: echo '<td style="text-align:'.$txtalign.';"> '.htmlspecialchars($m['user_email'], ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
383: echo '<td style="text-align:'.$txtalign.';"> '.htmlspecialchars($m['user_regnumber'], ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
384: echo '<td> '.$m['user_level'].'</td>'.K_NEWLINE;
385: echo '<td> '.htmlspecialchars($m['user_regdate'], ENT_NOQUOTES, $l['a_meta_charset']).'</td>'.K_NEWLINE;
386: 387: 388: 389: 390: 391: 392: 393: 394: 395: 396: 397: 398: 399: 400: 401: 402:
403:
404: echo '</tr>'.K_NEWLINE;
405: } while ($m = F_db_fetch_array($r));
406:
407: echo '</table>'.K_NEWLINE;
408: echo '<input type="hidden" name="order_field" id="order_field" value="'.$order_field.'" />'.K_NEWLINE;
409: echo '<input type="hidden" name="orderdir" id="orderdir" value="'.$orderdir.'" />'.K_NEWLINE;
410: echo '<input type="hidden" name="firstrow" id="firstrow" value="'.$firstrow.'" />'.K_NEWLINE;
411: echo '<input type="hidden" name="rowsperpage" id="rowsperpage" value="'.$rowsperpage.'" />'.K_NEWLINE;
412:
413: echo '<div class="row"><hr /></div>'.K_NEWLINE;
414:
415:
416:
417: if ($rowsperpage > 0) {
418: $sql = 'SELECT count(*) AS total FROM '.K_TABLE_USERS.''.$wherequery.'';
419: if (!empty($order_field)) {
420: $param_array = '&order_field='.urlencode($order_field).'';
421: }
422: if (!empty($orderdir)) {
423: $param_array .= '&orderdir='.$orderdir.'';
424: }
425: if (!empty($group_id)) {
426: $param_array .= '&group_id='.$group_id.'';
427: }
428: if (!empty($searchterms)) {
429: $param_array .= '&searchterms='.urlencode($searchterms).'';
430: }
431: $param_array .= '&submitted=1';
432: F_show_page_navigator($_SERVER['SCRIPT_NAME'], $sql, $firstrow, $rowsperpage, $param_array);
433: }
434:
435:
436: echo '</div>'.K_NEWLINE;
437: } else {
438: F_print_error('MESSAGE', $l['m_search_void']);
439: }
440: } else {
441: F_display_db_error();
442: }
443: return true;
444: }
445:
446: 447: 448: 449: 450: 451: 452:
453: function F_isTestOnGroup($test_id, $group_id)
454: {
455: global $l, $db;
456: require_once('../config/tce_config.php');
457: $sql = 'SELECT tstgrp_test_id FROM '.K_TABLE_TEST_GROUPS.' WHERE tstgrp_test_id='.intval($test_id).' AND tstgrp_group_id='.intval($group_id).' LIMIT 1';
458: if ($r = F_db_query($sql, $db)) {
459: if ($m = F_db_fetch_array($r)) {
460: return true;
461: }
462: }
463: return false;
464: }
465:
466: 467: 468: 469: 470: 471: 472:
473: function F_isUserOnGroup($user_id, $group_id)
474: {
475: global $l, $db;
476: require_once('../config/tce_config.php');
477: $sql = 'SELECT usrgrp_user_id FROM '.K_TABLE_USERGROUP.' WHERE usrgrp_user_id='.intval($user_id).' AND usrgrp_group_id='.intval($group_id).' LIMIT 1';
478: if ($r = F_db_query($sql, $db)) {
479: if ($m = F_db_fetch_array($r)) {
480: return true;
481: }
482: }
483: return false;
484: }
485:
486: 487: 488: 489: 490: 491:
492: function F_isAuthorizedEditorForGroup($group_id)
493: {
494: global $l, $db;
495: require_once('../config/tce_config.php');
496: if (($_SESSION['session_user_level'] >= K_AUTH_ADMINISTRATOR) or empty($group_id)) {
497:
498: return true;
499: }
500: return F_isUserOnGroup($_SESSION['session_user_id'], $group_id);
501: }
502:
503: 504: 505: 506: 507: 508:
509: function F_isAuthorizedEditorForUser($user_id)
510: {
511: global $l, $db;
512: require_once('../config/tce_config.php');
513: if (($_SESSION['session_user_level'] >= K_AUTH_ADMINISTRATOR) or empty($user_id)) {
514:
515: return true;
516: } else {
517:
518: $sql = 'SELECT user_id,user_level FROM '.K_TABLE_USERS.' WHERE user_id='.intval($user_id).' LIMIT 1';
519: if ($r = F_db_query($sql, $db)) {
520: if ($m = F_db_fetch_array($r)) {
521: if (intval($_SESSION['session_user_id']) == $m['user_id']) {
522:
523: return true;
524: }
525: if (intval($_SESSION['session_user_level']) > $m['user_level']) {
526:
527: $sqlg = 'SELECT tb.usrgrp_user_id
528: FROM '.K_TABLE_USERGROUP.' AS ta, '.K_TABLE_USERGROUP.' AS tb
529: WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
530: AND ta.usrgrp_user_id='.intval($_SESSION['session_user_id']).'
531: AND tb.usrgrp_user_id='.intval($user_id).'
532: LIMIT 1';
533: if ($rg = F_db_query($sqlg, $db)) {
534: if ($mg = F_db_fetch_array($rg)) {
535: return true;
536: }
537: }
538: }
539: }
540: }
541: }
542: return false;
543: }
544:
545: 546: 547: 548: 549: 550:
551: function F_user_group_select_sql($where = '')
552: {
553: global $l, $db;
554: require_once('../config/tce_config.php');
555: if ($_SESSION['session_user_level'] >= K_AUTH_ADMINISTRATOR) {
556:
557: $sql = 'SELECT * FROM '.K_TABLE_GROUPS.'';
558: if ($where !== '') {
559: $sql .= ' WHERE '.$where;
560: }
561: } else {
562:
563: $sql = 'SELECT group_id,group_name FROM '.K_TABLE_GROUPS.', '.K_TABLE_USERGROUP.'';
564: $sql .= ' WHERE group_id=usrgrp_group_id AND usrgrp_user_id='.$_SESSION['session_user_id'].'';
565: if ($where !== '') {
566: $sql .= ' AND '.$where;
567: }
568: }
569: $sql .= ' ORDER BY group_name';
570: return $sql;
571: }
572:
573: 574: 575: 576: 577:
578: function F_user_group_select($name = 'group_id')
579: {
580: global $l, $db;
581: require_once('../config/tce_config.php');
582: $str = '';
583: $str .= '<select name="'.$name.'" id="'.$name.'" size="0" title="'.$l['w_group'].'">'.K_NEWLINE;
584: $sql = F_user_group_select_sql();
585: if ($r = F_db_query($sql, $db)) {
586: $str .= '<option value="0" style="color:gray" selected="selected">'.$l['w_group'].'</option>'.K_NEWLINE;
587: while ($m = F_db_fetch_array($r)) {
588: $str .= '<option value="'.$m['group_id'].'">';
589: $str .= ' '.htmlspecialchars($m['group_name'], ENT_NOQUOTES, $l['a_meta_charset']).' </option>'.K_NEWLINE;
590: }
591: } else {
592: $str .= '</select>'.K_NEWLINE;
593: F_display_db_error();
594: }
595: $str .= '</select>'.K_NEWLINE;
596: return $str;
597: }
598:
599: 600: 601: 602: 603:
604: function F_get_user_groups($user_id)
605: {
606: global $l, $db;
607: require_once('../config/tce_config.php');
608: $user_id = intval($user_id);
609: $groups = array();
610: $sql = 'SELECT usrgrp_group_id
611: FROM '.K_TABLE_USERGROUP.'
612: WHERE usrgrp_user_id='.$user_id.'';
613: if ($r = F_db_query($sql, $db)) {
614: while ($m = F_db_fetch_array($r)) {
615: $groups[] = $m['usrgrp_group_id'];
616: }
617: } else {
618: F_display_db_error();
619: }
620: return $groups;
621: }
622:
623: 624: 625: 626: 627: 628:
629: function F_getUIDfromRegnum($regnum)
630: {
631: global $l, $db;
632: require_once('../config/tce_config.php');
633: $sql = 'SELECT user_id FROM '.K_TABLE_USERS.' WHERE user_regnumber=\''.F_escape_sql($db, $regnum).'\' LIMIT 1';
634: if ($r = F_db_query($sql, $db)) {
635: if ($m = F_db_fetch_array($r)) {
636: return $m['user_id'];
637: }
638: }
639: return 0;
640: }
641:
642:
643:
644:
645: