arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity
science-ation/admin/user_list.php
patrick 40175991df Refactor SQL queries
2025-02-09 18:59:35 +00:00

499 lines
17 KiB
PHP
Raw Blame History

<?
/*
* This file is part of the Science-ation project
* Science-ation Website: https://science-ation.ca
*
* This file was part of the 'Science Fair In A Box' project
*
*
* Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
* Copyright (C) 2005 James Grant <james@lightbox.org>
* Copyright (C) 2024 AlgoLibre Inc. <science-ation@algolibre.io>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public
* License as published by the Free Software Foundation, version 2.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*/
// This file was modified March of 2015 by Sebastian Ruan
/* Flagging for judges has been added to monitor concerns.
Update User button also added; allows super users to update
a judge to the current fair year without logging in as them. */
?>
<?
require_once ('../common.inc.php');
require_once ('../user.inc.php');
require_once ('../judge.inc.php');
user_auth_required('committee', 'admin');
require_once ('judges.inc.php');
$show_types = get_value_from_array($_GET, 'show_types', '');
if (user_valid_type($show_types) == false)
$show_types = array('judge');
$show_complete = (get_value_from_array($_GET, 'show_complete') == 'yes') ? 'yes' : 'no';
$show_year = get_value_from_array($_GET, 'show_year') == 'current' ? 'current' : 'all';
$uid = intval(get_value_from_array($_GET, 'uid'));
if (get_value_from_array($_GET, 'action') == 'remove') {
if (!$uid) {
echo 'Invalid uid for delete';
exit;
}
user_delete($uid);
message_push(happy(i18n('User deleted.')));
}
send_header('User Editor',
array('Committee Main' => 'committee_main.php',
'Administration' => 'admin/index.php'));
?>
<script language="javascript" type="text/javascript">
function openeditor(id)
{
if(id) currentid=id;
window.open("user_editor_window.php?id="+currentid,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=1000,height=640,scrollbars=yes");
return false;
}
function toggleoptions()
{
if(document.getElementById('options').style.display == 'none') {
document.getElementById('options').style.display = 'block';
document.getElementById('optionstext').innerHTML = '- <?= i18n('Hide Display Options') ?>';
} else {
document.getElementById('options').style.display = 'none';
document.getElementById('optionstext').innerHTML = '+ <?= i18n('Show Display Options') ?>';
}
}
function togglenew()
{
if(document.getElementById('new').style.display == 'none') {
document.getElementById('new').style.display = 'block';
document.getElementById('newtext').innerHTML = '<?= i18n('Cancel New User') ?>';
} else {
document.getElementById('new').style.display = 'none';
document.getElementById('newtext').innerHTML = '<?= i18n('Add New User') ?>';
}
}
function neweditor()
{
var username = document.forms.newuser.new_email.value;
var usertype = document.forms.newuser.new_type.value;
window.open("user_editor_window.php?type="+usertype+"&username="+username,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=770,height=500,scrollbars=yes");
document.forms.newuser.new_email.value = "";
return false;
}
/* update (id) grabs the current url and appends an action called update as well as the id it is going to renew.
If there is already an action called update and an id the function will change the id to the new
id as determined by the button clicked
update (id) Int -> String
Effects: update(id) reloads the page with the adjusted url
Example: update (2526) => http://localhost/sfiab/testfair/admin/user_list.php?show_types[]=judge&action=update&id=2526 */
function update (id)
{
var url = window.location.href;
// if a previous update button was already clicked
if(url.indexOf('&action=')>-1){
url = url.substring(0,url.indexOf('&action=update'));
url += '&action=update&id='+id;
}
// if there is no ? in the url already present
else if (url.indexOf ('?') == -1) {
url += '?action=update&id='+id;
}
//if '?action...' is present in url
else if(url.indexOf('?action=')>-1){
url = url.substring(0,url.indexOf('?action=update'));
url += '?action=update&id='+id;
}
else{
url += '&action=update&id='+id;
}
// reload using adjusted url
window.location.href=url;
}
</script>
<?
// Begin updating user
if (get_value_from_array($_GET, 'action') == 'update') {
$id = intval($_GET['id']);
// if no id print error
if (!$id) {
echo 'Invalid id for update';
exit;
}
$user = user_load($id);
// Determine if there is a more recent uid that may possibly be in the current FAIRYEAR (allows refresh page to work)
$query = $pdo->prepare("SELECT id,uid,year FROM users WHERE uid=?
ORDER BY year DESC LIMIT 1");
$query->execute([$user['uid']]);
$user_new = $query->fetch(PDO::FETCH_ASSOC);
// Make sure our user is NOT in the current FAIRYEAR (again, this helps with page refresh to work )
if ($user_new['year'] != $config['FAIRYEAR']) {
/* Update user to new year via dupelicating row into new id.
If multiple Roles, all updated */
user_dupe($user, $config['FAIRYEAR']);
message_push(happy(i18n('User Updated')));
// find the newly updated user
$q_reload = $pdo->prepare("SELECT id FROM users WHERE uid=?
ORDER BY year DESC LIMIT 1");
$q_reload->execute([$user['uid']]);
$reload_user = $q_reload->fetch(PDO::FETCH_ASSOC);
?>
<script language="javascript" type="text/javascript">
var new_id=<?= $reload_user['id']; ?>;
// open or reopen user_editor_window.php with user's new id
openeditor(new_id);
</script>
<?
}
}
// End update to user
echo '<div class="notice">';
echo '<a id="optionstext" onclick="toggleoptions();return false;">- ' . i18n('Hide Display Options') . '</a>';
echo '<form method="GET" action="">';
echo '<div id="options" style="display: block;" >';
echo '<table><tr><td>' . i18n('Type') . ':</td>';
$x = 0;
foreach ($user_what as $k => $v) {
$sel = (in_array($k, $show_types)) ? 'checked="checked"' : '';
echo "<td><input type=\"checkbox\" name=\"show_types[]\" value=\"$k\" $sel >" . i18n($v) . '</input></td>';
if ($x)
echo '</tr><tr><td></td>';
$x = ~$x;
}
echo '</tr>';
echo '<tr><td>' . i18n('Complete') . ':</td><td>';
echo '<select name="show_complete">';
$s = ($show_complete == 'yes') ? 'selected="selected"' : '';
echo "<option value=\"yes\" $s>" . i18n('Show only complete registrations') . '</option>';
$s = ($show_complete == 'no') ? 'selected="selected"' : '';
echo "<option value=\"no\" $s>" . i18n('Show ALL registrations') . '</option>';
echo '</select>';
echo '</tr>';
echo '<tr><td>' . i18n('Year') . ':</td><td>';
echo '<select name="show_year">';
$s = ($show_year == 'current') ? 'selected="selected"' : '';
echo "<option value=\"current\" $s>" . i18n('Show only registrations from %1', array($config['FAIRYEAR'])) . '</option>';
$s = ($show_year == 'all') ? 'selected="selected"' : '';
echo "<option value=\"all\" $s>" . i18n('Show ALL years') . '</option>';
echo '</select>';
echo '</td></tr></table>';
echo '<br />';
echo '<input type=submit value="' . i18n('Apply Filter') . '">';
echo '</div>';
echo '</form>';
echo '</div>';
echo '<br/><a id="newtext" href="javascript:togglenew()">' . i18n('Add New User') . '</a>';
echo '<div id="new" style="display: none;" class="notice">';
echo "<form name=\"newuser\" method=\"GET\" action=\"$PHP_SELF\">";
echo '<table><tr><td>' . i18n('Type') . ':</td><td>';
echo '<select name="new_type">';
$x = 0;
foreach ($user_what as $k => $v) {
$sel = (in_array($k, $show_types)) ? 'selected="selected"' : '';
echo "<option value=\"$k\" $sel>" . i18n($v) . '</option>';
}
echo '</select>';
echo '</tr>';
echo '<tr><td>' . i18n('Email') . ':</td><td>';
echo '<input type="text" name="new_email" value="" />';
echo '</td></tr>';
echo '</table>';
echo '<input type=submit onclick="neweditor();" value="' . i18n('Create New User') . '">';
echo '</form>';
echo '</div>';
echo '<br />';
echo '<br />';
/* Grab a list of users */
$w = array();
foreach ($show_types as $t) {
$w[] = "u1.types LIKE '%$t%'";
}
$where_types = 'AND (' . join(' OR ', $w) . ')';
$where_complete = '';
if ($show_complete == 'yes') {
foreach ($show_types as $t) {
$where_complete .= "AND ({$t}_complete='yes' OR {$t}_complete IS NULL) ";
}
}
$having_year = '';
if ($show_year == 'current')
$having_year = "AND u1.year={$config['FAIRYEAR']}";
echo '<table class="tableview">';
$querystr = "SELECT
*
FROM
users u1
LEFT JOIN `users_committee` ON `users_committee`.`users_id`=`u1`.`id`
LEFT JOIN `users_judge` ON `users_judge`.`users_id`=`u1`.`id`
LEFT JOIN `users_volunteer` ON `users_volunteer`.`users_id`=`u1`.`id`
LEFT JOIN `users_fair` ON `users_fair`.`users_id`=`u1`.`id`
LEFT JOIN `users_sponsor` ON `users_sponsor`.`users_id`=`u1`.`id`\t
WHERE u1.year=( SELECT MAX(`year`) FROM users u2 WHERE u1.uid=u2.uid )
GROUP BY uid
HAVING
u1.deleted='no'
?
?
?
ORDER BY
lastname ASC,
firstname ASC,
year DESC";
$q = $pdo->prepare($querystr);
$q->execute([$having_year,$where_types,$where_complete]);
show_pdo_errors_if_any($pdo);
$num = $q->rowCount();
show_pdo_errors_if_any($pdo);
echo i18n('Listing %1 people total. See the table at the bottom for the totals by status <br><br><br>', array($num));
echo i18n(" <lh>Notes:</lh> <ul><li> Deleting users from this list is a permanent operation and cannot be undone. Consider editing the user and deactivating or deleting roles in their account instead.
\t \t\t <li> Updating a user to the current fair year allows you to then complete the user from this list.
\t <li> A flagged judge indicates there is text in the private information field for that judge.
\t <li> Only committee members can see text entered into the private information field for judges. This field is not seen nor editable by any judge.");
echo '<thead>';
echo '<tr>';
echo ' <th>' . i18n('Name') . '</th>';
echo ' <th>' . i18n('Email Address') . '</th>';
echo ' <th>' . i18n('Year') . '</th>';
echo ' <th>' . i18n('Type(s)') . '</th>';
echo ' <th>' . i18n('Active') . '</th>';
echo ' <th>' . i18n('Complete') . '</th>';
echo ' <th>' . i18n('Flagged') . '</th>';
echo ' <th>' . i18n('Actions') . '</th>';
echo '</tr>';
echo '</thead>';
$tally = array();
$tally['active'] = array();
$tally['inactive'] = array();
$tally['active']['complete'] = 0;
$tally['active']['incomplete'] = 0;
$tally['inactive']['complete'] = 0;
$tally['inactive']['incomplete'] = 0;
while ($r = $q->fetch(PDO::FETCH_ASSOC)) {
// JAMES - TEMP - due to the previous error with improperly setting judge status to NOT complete when special awards was turned off
// we now need to make sure we re-calculate all the judge statuses somehow, so might as well do it here.
// FIXME: remove this after all the fairs are done this year SUMMER 2010
if (in_array('judge', $show_types)) {
$u = user_load_by_uid($r['uid']);
// we also set the $r array so it displays properly on first load
if (judge_status_update($u) == 'complete')
$r['judge_complete'] = 'yes';
else {
$r['judge_complete'] = 'no';
}
}
$types = explode(',', $r['types']);
$span = count($types) > 1 ? 'rowspan="' . count($types) . '"' : '';
echo "<tr><td $span>";
$name = "{$r['firstname']} {$r['lastname']}";
if (in_array('fair', $types)) {
$qq = $pdo->prepare("SELECT * FROM users_fair
LEFT JOIN fairs ON fairs.id=users_fair.fairs_id
WHERE users_id=?");
$qq->execute([$r['id']]);
$rr = $qq->fetch(PDO::FETCH_ASSOC);
$name = '{' . get_value_from_array($rr, 'name') . '}' . ((trim($name) == '') ? '' : "<br />($name)");
}
echo "<a href=\"#\" onclick=\"return openeditor({$r['id']})\">$name</a>";
echo '</td>';
echo "<td $span>{$r['email']}</td>";
echo "<td $span>{$r['year']}</td>";
$first = true;
$complete = false;
$incomplete = false;
foreach ($types as $t) {
if (!$first)
echo '</tr><tr>';
echo "<td>{$user_what[$t]}</td>";
echo '<td>';
if (get_value_from_array($r, "{$t}_active") == 'yes') {
echo '<div class="happy" align="center">' . i18n('yes') . '</div>';
$userstate = 'active';
} else {
echo '<div class="error" align="center">' . i18n('no') . '</div>';
$userstate = 'inactive';
}
echo '</td>';
echo '<td>';
if (in_array($t, array('parent', 'committee', 'alumni', 'mentor', 'fair'))) {
/* Do nothing, there's nothing to complete */
} else if ($r["{$t}_complete"] == 'yes') {
echo '<div class="happy" align="center">' . i18n('yes') . '</div>';
$complete = true;
} else {
echo '<div class="error" align="center">' . i18n('no') . '</div>';
$incomplete = true;
}
echo '</td>';
// Begin flagging process
echo '<td align="center">';
// Must be a judge in order to be flagged
if ($t == 'judge') {
/* Determine if judge is flagged and display X icon.
Icon is clickable. Brings user to user_editor_window file.
Would preferably ALSO bring the user to the judge other tab*/
if ($r['flagged_judge'] == '1') {
echo '<a title="' . i18n('Flagged') . "\" href=\"#\" onClick=\"return openeditor({$r['id']});\">";
echo '<img src="' . $config['SFIABDIRECTORY'] . '/images/16/flagged.' . $config['icon_extension'] . '" border=0>';
echo '</a>';
// Otherwise judge is not flagged; display checkmark icon. Also clickable.
} else {
echo '<a title="' . i18n('Not flagged') . "\" href=\"#\" onClick=\"return openeditor({$r['id']});\">";
echo '<img src="' . $config['SFIABDIRECTORY'] . '/images/16/ok.' . $config['icon_extension'] . '" border=0>';
echo '</a>';
}
} else {
// Do nothing. Only judges can be flagged.
}
echo '</td>';
// end flagging process
if ($first) {
if ($name == ' ')
$name = 'Noname';
/* Finish off the the first line */
// If judge not in current fair year need seperate icons so that all icons align nicely in the table
if ($t == 'judge' and $r['year'] != $config['FAIRYEAR']) {
echo "<td $span align=\"center\">";
echo '&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp'; // aligns icons
echo "<a title = \"Edit User \" href=\"#\" onclick=\"return openeditor({$r['id']})\"><img border=0 src=\"{$config['SFIABDIRECTORY']}/images/16/edit.{$config['icon_extension']}\"></a>&nbsp;";
echo '<a title = "Delete User" onclick="return confirmClick(\'Are you sure you wish to completely delete ' . $name . " \'s account?')\" href=\"user_list.php?action=remove&uid={$r['id']}\"><img border=0 src=\"{$config['SFIABDIRECTORY']}/images/16/button_cancel.{$config['icon_extension']}\"></a>";
echo "&nbsp<a title = \"Update User to Current Fair Year\"href=\"#\" onclick=\"update({$r['id']});return false;\"><img border=0 src=\"{$config['SFIABDIRECTORY']}/images/16/update2.{$config['icon_extension']}\" height = \"17\" ></a>";
} else {
echo "<td $span align=\"center\">";
echo "<a href=\"#\" onclick=\"return openeditor({$r['id']})\"><img border=0 src=\"{$config['SFIABDIRECTORY']}/images/16/edit.{$config['icon_extension']}\"></a>&nbsp;";
echo '<a onclick="return confirmClick(\'Are you sure you wish to completely delete ' . $name . " \'s account?')\" href=\"user_list.php?action=remove&uid={$r['id']}\"><img border=0 src=\"{$config['SFIABDIRECTORY']}/images/16/button_cancel.{$config['icon_extension']}\"></a>";
}
echo '</td>';
}
$first = false;
}
echo '</tr>';
if ($complete) {
$tally[$userstate]['complete']++;
} else if ($incomplete) {
$tally[$userstate]['incomplete']++;
}
}
echo '</table>';
// let's make a table with the complete/incomplete counts and the active/inacteve states
?>
<table rules="all" style="border:solid 1px; margin:2em">
<thead>
<tr><td colspan="4" align="center">List Totals</td></tr>
<tr>
<th></th>
<th>Complete</th>
<th>Incomplete</th>
<th>Total</th>
</tr>
</thead>
<tbody>
<tr>
<td><strong>Active</strong></td>
<td><?= $tally['active']['complete'] ?></td>
<td><?= $tally['active']['incomplete'] ?></td>
<td><?= $tally['active']['complete'] + $tally['active']['incomplete'] ?></td>
</tr><tr>
<td><strong>Inactive</strong></td>
<td><?= $tally['inactive']['complete'] ?></td>
<td><?= $tally['inactive']['incomplete'] ?></td>
<td><?= $tally['inactive']['complete'] + $tally['inactive']['incomplete'] ?></td>
</tr><tr>
<td><strong>Total</strong></td>
<td><?= $tally['active']['complete'] + $tally['inactive']['complete'] ?></td>
<td><?= $tally['active']['incomplete'] + $tally['inactive']['incomplete'] ?></td>
<td><?= $num ?></td>
</tr>
</tbody>
</table>
<?php
send_footer();
?>
View Git Blame Copy Permalink