[tt-rss.git] / modules / pref-users.php

<?php
	function module_pref_users($link) {

		global $access_level_names;

		if (!SINGLE_USER_MODE && $_SESSION["access_level"] < 10) { 
			print __("Your access level is insufficient to open this tab.");
			return;
		}

		$subop = $_GET["subop"];

		if ($subop == "edit") {

			$id = db_escape_string($_GET["id"]);

			print "<div id=\"infoBoxTitle\">".__('User editor')."</div>";
			
			print "<div class=\"infoBoxContents\">";

			print "<form id=\"user_edit_form\" onsubmit='return false'>";

			print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
			print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
			print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";

			$result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");

			$login = db_fetch_result($result, 0, "login");
			$access_level = db_fetch_result($result, 0, "access_level");
			$email = db_fetch_result($result, 0, "email");

			print "<table width='100%'>";
			print "<tr><td>".__('Login:')."</td><td>
				<input class=\"iedit\" onkeypress=\"return filterCR(event)\"
				name=\"login\" value=\"$login\"></td></tr>";

			print "<tr><td>".__('Change password:')."</td><td>
				<input class=\"iedit\" onkeypress=\"return filterCR(event)\"
				name=\"password\"></td></tr>";

			print "<tr><td>".__('E-mail:')."</td><td>
				<input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\"
				value=\"$email\"></td></tr>";

			$sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
				
			print "<tr><td>".__('Access level:')."</td><td>";
			print_select_hash("access_level", $access_level, $access_level_names, 
				$sel_disabled);
			print "</td></tr>";

			print "</table>";

			print "</form>";
			
			print "<div align='right'>
				<input class=\"button\"
					type=\"submit\" onclick=\"return userEditSave()\" 
					value=\"".__('Save')."\">
				<input class=\"button\"
					type=\"submit\" onclick=\"return userEditCancel()\" 
					value=\"".__('Cancel')."\"></div>";

			print "</div>";

			return;
		}

		if ($subop == "editSave") {
	
			if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {

				$login = db_escape_string(trim($_GET["login"]));
				$uid = db_escape_string($_GET["id"]);
				$access_level = (int) $_GET["access_level"];
				$email = db_escape_string(trim($_GET["email"]));
				$password = db_escape_string(trim($_GET["password"]));

				if ($password) {
					$pwd_hash = encrypt_password($password, $login);
					$pass_query_part = "pwd_hash = '$pwd_hash', ";					
					print_notice(T_sprintf('Changed password of user <b>%s</b>.', $login));
				} else {
					$pass_query_part = "";
				}

				db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login', 
					access_level = '$access_level', email = '$email' WHERE id = '$uid'");

			}
		} else if ($subop == "remove") {

			if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {

				$ids = split(",", db_escape_string($_GET["ids"]));

				foreach ($ids as $id) {
					db_query($link, "BEGIN");
					db_query($link, "DELETE FROM ttrss_feeds WHERE owner_uid = '$id' AND owner_uid != " . $_SESSION["uid"]);
					db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
					db_query($link, "COMMIT");
					
				}
			}
		} else if ($subop == "add") {
		
			if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {

				$login = db_escape_string(trim($_GET["login"]));
				$tmp_user_pwd = make_password(8);
				$pwd_hash = encrypt_password($tmp_user_pwd, $login);

				$result = db_query($link, "SELECT id FROM ttrss_users WHERE 
					login = '$login'");

				if (db_num_rows($result) == 0) {

					db_query($link, "INSERT INTO ttrss_users 
						(login,pwd_hash,access_level,last_login,created)
						VALUES ('$login', '$pwd_hash', 0, null, NOW())");
	
	
					$result = db_query($link, "SELECT id FROM ttrss_users WHERE 
						login = '$login' AND pwd_hash = '$pwd_hash'");
	
					if (db_num_rows($result) == 1) {
	
						$new_uid = db_fetch_result($result, 0, "id");
	
						print_notice(T_sprintf("Added user <b>%s</b> with password <b>%s</b>", 
							$login, $tmp_user_pwd));
	
						initialize_user($link, $new_uid);
	
					} else {
					
						print_warning(T_sprintf("Could not create user <b>%s</b>", $login));
	
					}
				} else {
					print_warning(T_sprintf("User <b>%s</b> already exists.", $login));
				}
			} 
		} else if ($subop == "resetPass") {

			if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {

				$uid = db_escape_string($_GET["id"]);

				$result = db_query($link, "SELECT login,email 
					FROM ttrss_users WHERE id = '$uid'");

				$login = db_fetch_result($result, 0, "login");
				$email = db_fetch_result($result, 0, "email");
				$tmp_user_pwd = make_password(8);
				$pwd_hash = encrypt_password($tmp_user_pwd, $login);

				db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
					WHERE id = '$uid'");

				print_notice(T_sprintf("Changed password of user <b>%s</b>
					 to <b>%s</b>", $login, $tmp_user_pwd));

				if (MAIL_RESET_PASS && $email) {
					print_notice(T_sprintf("Notifying <b>%s</b>.", $email));

					require_once "MiniTemplator.class.php";

					$tpl = new MiniTemplator;

					$tpl->readTemplateFromFile("templates/resetpass_template.txt");

					$tpl->setVariable('LOGIN', $login);
					$tpl->setVariable('NEWPASS', $tmp_user_pwd);

					$tpl->addBlock('message');

					$message = "";

					$tpl->generateOutputToString($message);

					$mail = new PHPMailer();

					$mail->PluginDir = "phpmailer/";
					$mail->SetLanguage("en", "phpmailer/language/");

					$mail->CharSet = "UTF-8";

					$mail->From = DIGEST_FROM_ADDRESS;
					$mail->FromName = DIGEST_FROM_NAME;
					$mail->AddAddress($email, $login);

					if (DIGEST_SMTP_HOST) {
						$mail->Host = DIGEST_SMTP_HOST;
						$mail->Mailer = "smtp";
						$mail->Username = DIGEST_SMTP_LOGIN;
						$mail->Password = DIGEST_SMTP_PASSWORD;
					}

					$mail->IsHTML(false);
					$mail->Subject = __("Password change notification");
					$mail->Body = $message;

					$rc = $mail->Send();

					if (!$rc) print_error($mail->ErrorInfo);

/*					mail("$login <$email>", "Password reset notification",
						"Hi, $login.\n".
						"\n".
						"Your password for this TT-RSS installation was reset by".
							" an administrator.\n".
						"\n".
						"Your new password is $tmp_user_pwd, please remember".
							" it for later reference.\n".
						"\n".
						"Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM); */
				}
					
				print "</div>";				

			}
		}

		set_pref($link, "_PREFS_ACTIVE_TAB", "userConfig");

		$user_search = db_escape_string($_GET["search"]);

		if (array_key_exists("search", $_GET)) {
			$_SESSION["prefs_user_search"] = $user_search;
		} else {
			$user_search = $_SESSION["prefs_user_search"];
		}

		print "<div class=\"feedEditSearch\">
			<input id=\"user_search\" size=\"20\" type=\"search\"
				onfocus=\"javascript:disableHotkeys();\" 
				onblur=\"javascript:enableHotkeys();\"
				onchange=\"javascript:updateUsersList()\" value=\"$user_search\">
			<input type=\"submit\" class=\"button\" 
				onclick=\"javascript:updateUsersList()\" value=\"".__('Search')."\">
			</div>";

		$sort = db_escape_string($_GET["sort"]);

		if (!$sort || $sort == "undefined") {
			$sort = "login";
		}

		print "<div class=\"prefGenericAddBox\">
			<input id=\"uadd_box\" 			
				onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
				onchange=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
				size=\"40\">&nbsp;";
			
		print "<input type=\"submit\" class=\"button\" 
			id=\"user_add_btn\" disabled=\"true\"
			onclick=\"javascript:addUser()\" value=\"".__('Create user')."\"></div>";

		if ($user_search) {
			$user_search_query = "UPPER(login) LIKE UPPER('%$user_search%') AND";
		} else {
			$user_search_query = "";
		}

		$result = db_query($link, "SELECT 
				id,login,access_level,email,
				".SUBSTRING_FOR_DATE."(last_login,1,16) as last_login,
				".SUBSTRING_FOR_DATE."(created,1,16) as created
			FROM 
				ttrss_users
			WHERE
				$user_search_query
				id > 0
			ORDER BY $sort");

		if (db_num_rows($result) > 0) {

//		print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";

		print "<p><table width=\"100%\" cellspacing=\"0\" 
			class=\"prefUserList\" id=\"prefUserList\">";

		print "<tr><td class=\"selectPrompt\" colspan=\"8\">
				".__('Select:')." 
					<a href=\"javascript:selectPrefRows('user', true)\">".__('All')."</a>,
					<a href=\"javascript:selectPrefRows('user', false)\">".__('None')."</a>
				</td</tr>";

		print "<tr class=\"title\">
					<td align='center' width=\"5%\">&nbsp;</td>
					<td width=''><a href=\"javascript:updateUsersList('login')\">".__('Login')."</a></td>
					<td width='20%'><a href=\"javascript:updateUsersList('access_level')\">".__('Access Level')."</a></td>
					<td width='20%'><a href=\"javascript:updateUsersList('created')\">".__('Registered')."</a></td>
					<td width='20%'><a href=\"javascript:updateUsersList('last_login')\">".__('Last login')."</a></td></tr>";
		
		$lnum = 0;
		
		while ($line = db_fetch_assoc($result)) {

			$class = ($lnum % 2) ? "even" : "odd";

			$uid = $line["id"];
			$edit_uid = $_GET["id"];

			if ($subop == "edit" && $uid != $edit_uid) {
				$class .= "Grayed";
				$this_row_id = "";
			} else {
				$this_row_id = "id=\"UMRR-$uid\"";
			}		
			
			print "<tr class=\"$class\" $this_row_id>";

			$line["login"] = htmlspecialchars($line["login"]);

#			$line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
#				strtotime($line["last_login"]));

			if (get_pref($link, 'HEADLINES_SMART_DATE')) {
				$line["last_login"] = smart_date_time(strtotime($line["last_login"]));
				$line["created"] = smart_date_time(strtotime($line["created"]));
			} else {
				$line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
					strtotime($line["last_login"]));
				$line["created"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
					strtotime($line["created"]));
			}				

			print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");' 
				type=\"checkbox\" id=\"UMCHK-$uid\"></td>";

			$onclick = "onclick='editUser($uid) title='".__('Click to edit')."''";

			print "<td $onclick>" . $line["login"] . "</td>";		

			if (!$line["email"]) $line["email"] = "&nbsp;";

			print "<td $onclick>" .	$access_level_names[$line["access_level"]] . "</td>";	
			print "<td $onclick>" . $line["created"] . "</td>";		
			print "<td $onclick>" . $line["last_login"] . "</td>";		
		
			print "</tr>";

			++$lnum;
		}

		print "</table>";

		print "<p id='userOpToolbar'>";

		print "				
			<input type=\"submit\" class=\"button\" disabled=\"true\"
				onclick=\"javascript:selectedUserDetails()\" value=\"".__('User details')."\">
			<input type=\"submit\" class=\"button\" disabled=\"true\"
				onclick=\"javascript:editSelectedUser()\" value=\"".__('Edit')."\">
			<input type=\"submit\" class=\"button\" disabled=\"true\"
				onclick=\"javascript:removeSelectedUsers()\" value=\"".__('Remove')."\">
			<input type=\"submit\" class=\"button\" disabled=\"true\"
				onclick=\"javascript:resetSelectedUserPass()\" value=\"".__('Reset password')."\">";

		} else {
			print "<p>";
			if (!$user_search) {
				print __('No users defined.');
			} else {
				print __('No matching users found.');
			}
			print "</p>";

		}

	}
?>
Commit	Line	Data
ef8be8ea AD	1	<?php
	2	function module_pref_users($link) {
	3
d20f3544 AD	4	global $access_level_names;
d20f3544 AD	5
85ef2118 AD	6	if (!SINGLE_USER_MODE && $_SESSION["access_level"] < 10) {
	7	print __("Your access level is insufficient to open this tab.");
	8	return;
	9	}
	10
ef8be8ea AD	11	$subop = $_GET["subop"];
	12
	13	if ($subop == "edit") {
	14
	15	$id = db_escape_string($_GET["id"]);
	16
11ffbec3	17	print "<div id=\"infoBoxTitle\">".__('User editor')."</div>";
ef8be8ea AD	18
	19	print "<div class=\"infoBoxContents\">";
	20
e6312f6c	21	print "<form id=\"user_edit_form\" onsubmit='return false'>";
ef8be8ea AD	22
	23	print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
	24	print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
	25	print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">";
	26
	27	$result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");
	28
	29	$login = db_fetch_result($result, 0, "login");
	30	$access_level = db_fetch_result($result, 0, "access_level");
	31	$email = db_fetch_result($result, 0, "email");
	32
	33	print "<table width='100%'>";
11ffbec3	34	print "<tr><td>".__('Login:')."</td><td>
ef8be8ea AD	35	<input class=\"iedit\" onkeypress=\"return filterCR(event)\"
	36	name=\"login\" value=\"$login\"></td></tr>";
	37
65174234	38	print "<tr><td>".__('Change password:')."</td><td>
ef8be8ea AD	39	<input class=\"iedit\" onkeypress=\"return filterCR(event)\"
	40	name=\"password\"></td></tr>";
	41
11ffbec3	42	print "<tr><td>".__('E-mail:')."</td><td>
ef8be8ea AD	43	<input class=\"iedit\" name=\"email\" onkeypress=\"return filterCR(event)\"
	44	value=\"$email\"></td></tr>";
	45
	46	$sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
	47
11ffbec3	48	print "<tr><td>".__('Access level:')."</td><td>";
ef8be8ea AD	49	print_select_hash("access_level", $access_level, $access_level_names,
	50	$sel_disabled);
	51	print "</td></tr>";
	52
	53	print "</table>";
	54
	55	print "</form>";
	56
	57	print "<div align='right'>
	58	<input class=\"button\"
	59	type=\"submit\" onclick=\"return userEditSave()\"
11ffbec3	60	value=\"".__('Save')."\">
ef8be8ea AD	61	<input class=\"button\"
ef8be8ea AD	62	type=\"submit\" onclick=\"return userEditCancel()\"
11ffbec3	63	value=\"".__('Cancel')."\"></div>";
ef8be8ea AD	64
	65	print "</div>";
	66
	67	return;
	68	}
	69
	70	if ($subop == "editSave") {
	71
	72	if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
	73
	74	$login = db_escape_string(trim($_GET["login"]));
	75	$uid = db_escape_string($_GET["id"]);
4dccf1ed	76	$access_level = (int) $_GET["access_level"];
ef8be8ea AD	77	$email = db_escape_string(trim($_GET["email"]));
	78	$password = db_escape_string(trim($_GET["password"]));
	79
	80	if ($password) {
c3a005ad	81	$pwd_hash = encrypt_password($password, $login);
ef8be8ea	82	$pass_query_part = "pwd_hash = '$pwd_hash', ";
4dccf1ed	83	print_notice(T_sprintf('Changed password of user <b>%s</b>.', $login));
ef8be8ea AD	84	} else {
	85	$pass_query_part = "";
	86	}
	87
	88	db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
	89	access_level = '$access_level', email = '$email' WHERE id = '$uid'");
	90
	91	}
	92	} else if ($subop == "remove") {
	93
	94	if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
	95
	96	$ids = split(",", db_escape_string($_GET["ids"]));
	97
	98	foreach ($ids as $id) {
c29324c7 AD	99	db_query($link, "BEGIN");
c29324c7 AD	100	db_query($link, "DELETE FROM ttrss_feeds WHERE owner_uid = '$id' AND owner_uid != " . $_SESSION["uid"]);
ef8be8ea	101	db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
c29324c7	102	db_query($link, "COMMIT");
ef8be8ea AD	103
	104	}
	105	}
	106	} else if ($subop == "add") {
	107
	108	if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
	109
	110	$login = db_escape_string(trim($_GET["login"]));
	111	$tmp_user_pwd = make_password(8);
c3a005ad	112	$pwd_hash = encrypt_password($tmp_user_pwd, $login);
ef8be8ea AD	113
	114	$result = db_query($link, "SELECT id FROM ttrss_users WHERE
	115	login = '$login'");
	116
	117	if (db_num_rows($result) == 0) {
	118
	119	db_query($link, "INSERT INTO ttrss_users
54a3d3cf AD	120	(login,pwd_hash,access_level,last_login,created)
54a3d3cf AD	121	VALUES ('$login', '$pwd_hash', 0, null, NOW())");
ef8be8ea AD	122
	123
	124	$result = db_query($link, "SELECT id FROM ttrss_users WHERE
	125	login = '$login' AND pwd_hash = '$pwd_hash'");
	126
	127	if (db_num_rows($result) == 1) {
	128
	129	$new_uid = db_fetch_result($result, 0, "id");
	130
4dccf1ed AD	131	print_notice(T_sprintf("Added user <b>%s</b> with password <b>%s</b>",
4dccf1ed AD	132	$login, $tmp_user_pwd));
ef8be8ea AD	133
	134	initialize_user($link, $new_uid);
	135
	136	} else {
	137
4dccf1ed	138	print_warning(T_sprintf("Could not create user <b>%s</b>", $login));
ef8be8ea AD	139
	140	}
	141	} else {
4dccf1ed	142	print_warning(T_sprintf("User <b>%s</b> already exists.", $login));
ef8be8ea AD	143	}
	144	}
	145	} else if ($subop == "resetPass") {
	146
	147	if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
	148
	149	$uid = db_escape_string($_GET["id"]);
	150
	151	$result = db_query($link, "SELECT login,email
	152	FROM ttrss_users WHERE id = '$uid'");
	153
	154	$login = db_fetch_result($result, 0, "login");
	155	$email = db_fetch_result($result, 0, "email");
	156	$tmp_user_pwd = make_password(8);
c3a005ad	157	$pwd_hash = encrypt_password($tmp_user_pwd, $login);
ef8be8ea AD	158
	159	db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
	160	WHERE id = '$uid'");
	161
4dccf1ed AD	162	print_notice(T_sprintf("Changed password of user <b>%s</b>
4dccf1ed AD	163	to <b>%s</b>", $login, $tmp_user_pwd));
ef8be8ea AD	164
ef8be8ea AD	165	if (MAIL_RESET_PASS && $email) {
f1d9632e	166	print_notice(T_sprintf("Notifying <b>%s</b>.", $email));
ef8be8ea	167
eb0b4ee8 AD	168	require_once "MiniTemplator.class.php";
	169
	170	$tpl = new MiniTemplator;
	171
	172	$tpl->readTemplateFromFile("templates/resetpass_template.txt");
	173
	174	$tpl->setVariable('LOGIN', $login);
	175	$tpl->setVariable('NEWPASS', $tmp_user_pwd);
	176
	177	$tpl->addBlock('message');
	178
	179	$message = "";
	180
	181	$tpl->generateOutputToString($message);
	182
	183	$mail = new PHPMailer();
	184
	185	$mail->PluginDir = "phpmailer/";
	186	$mail->SetLanguage("en", "phpmailer/language/");
	187
	188	$mail->CharSet = "UTF-8";
	189
	190	$mail->From = DIGEST_FROM_ADDRESS;
	191	$mail->FromName = DIGEST_FROM_NAME;
	192	$mail->AddAddress($email, $login);
	193
	194	if (DIGEST_SMTP_HOST) {
	195	$mail->Host = DIGEST_SMTP_HOST;
	196	$mail->Mailer = "smtp";
	197	$mail->Username = DIGEST_SMTP_LOGIN;
	198	$mail->Password = DIGEST_SMTP_PASSWORD;
	199	}
	200
	201	$mail->IsHTML(false);
	202	$mail->Subject = __("Password change notification");
	203	$mail->Body = $message;
	204
	205	$rc = $mail->Send();
	206
	207	if (!$rc) print_error($mail->ErrorInfo);
	208
	209	/* mail("$login <$email>", "Password reset notification",
ef8be8ea AD	210	"Hi, $login.\n".
	211	"\n".
	212	"Your password for this TT-RSS installation was reset by".
	213	" an administrator.\n".
	214	"\n".
	215	"Your new password is $tmp_user_pwd, please remember".
	216	" it for later reference.\n".
	217	"\n".
eb0b4ee8	218	"Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM); */
ef8be8ea AD	219	}
	220
	221	print "</div>";
	222
	223	}
	224	}
	225
fe8d2059 AD	226	set_pref($link, "_PREFS_ACTIVE_TAB", "userConfig");
fe8d2059 AD	227
a5bd7bf0 AD	228	$user_search = db_escape_string($_GET["search"]);
	229
	230	if (array_key_exists("search", $_GET)) {
	231	$_SESSION["prefs_user_search"] = $user_search;
	232	} else {
	233	$user_search = $_SESSION["prefs_user_search"];
	234	}
	235
	236	print "<div class=\"feedEditSearch\">
	237	<input id=\"user_search\" size=\"20\" type=\"search\"
	238	onfocus=\"javascript:disableHotkeys();\"
	239	onblur=\"javascript:enableHotkeys();\"
	240	onchange=\"javascript:updateUsersList()\" value=\"$user_search\">
	241	<input type=\"submit\" class=\"button\"
	242	onclick=\"javascript:updateUsersList()\" value=\"".__('Search')."\">
	243	</div>";
	244
ef8be8ea AD	245	$sort = db_escape_string($_GET["sort"]);
	246
	247	if (!$sort \|\| $sort == "undefined") {
	248	$sort = "login";
	249	}
	250
	251	print "<div class=\"prefGenericAddBox\">
	252	<input id=\"uadd_box\"
	253	onkeyup=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
b5015f72	254	onchange=\"toggleSubmitNotEmpty(this, 'user_add_btn')\"
ef8be8ea AD	255	size=\"40\"> ";
	256
	257	print "<input type=\"submit\" class=\"button\"
	258	id=\"user_add_btn\" disabled=\"true\"
807fd4d6	259	onclick=\"javascript:addUser()\" value=\"".__('Create user')."\"></div>";
ef8be8ea	260
a5bd7bf0 AD	261	if ($user_search) {
	262	$user_search_query = "UPPER(login) LIKE UPPER('%$user_search%') AND";
	263	} else {
	264	$user_search_query = "";
	265	}
	266
ef8be8ea AD	267	$result = db_query($link, "SELECT
ef8be8ea AD	268	id,login,access_level,email,
f52fb64d AD	269	".SUBSTRING_FOR_DATE."(last_login,1,16) as last_login,
f52fb64d AD	270	".SUBSTRING_FOR_DATE."(created,1,16) as created
ef8be8ea AD	271	FROM
ef8be8ea AD	272	ttrss_users
a5bd7bf0 AD	273	WHERE
	274	$user_search_query
	275	id > 0
ef8be8ea AD	276	ORDER BY $sort");
ef8be8ea AD	277
a5bd7bf0 AD	278	if (db_num_rows($result) > 0) {
a5bd7bf0 AD	279
ef8be8ea AD	280	// print "<div id=\"infoBoxShadow\"><div id=\"infoBox\">PLACEHOLDER</div></div>";
	281
	282	print "<p><table width=\"100%\" cellspacing=\"0\"
	283	class=\"prefUserList\" id=\"prefUserList\">";
	284
	285	print "<tr><td class=\"selectPrompt\" colspan=\"8\">
e8d0177d AD	286	".__('Select:')."
	287	<a href=\"javascript:selectPrefRows('user', true)\">".__('All')."</a>,
	288	<a href=\"javascript:selectPrefRows('user', false)\">".__('None')."</a>
ef8be8ea AD	289	</td</tr>";
	290
	291	print "<tr class=\"title\">
	292	<td align='center' width=\"5%\"> </td>
5ede560f AD	293	<td width=''><a href=\"javascript:updateUsersList('login')\">".__('Login')."</a></td>
5ede560f AD	294	<td width='20%'><a href=\"javascript:updateUsersList('access_level')\">".__('Access Level')."</a></td>
f52fb64d	295	<td width='20%'><a href=\"javascript:updateUsersList('created')\">".__('Registered')."</a></td>
5ede560f	296	<td width='20%'><a href=\"javascript:updateUsersList('last_login')\">".__('Last login')."</a></td></tr>";
ef8be8ea AD	297
	298	$lnum = 0;
	299
	300	while ($line = db_fetch_assoc($result)) {
	301
	302	$class = ($lnum % 2) ? "even" : "odd";
	303
	304	$uid = $line["id"];
	305	$edit_uid = $_GET["id"];
	306
	307	if ($subop == "edit" && $uid != $edit_uid) {
	308	$class .= "Grayed";
	309	$this_row_id = "";
	310	} else {
	311	$this_row_id = "id=\"UMRR-$uid\"";
	312	}
	313
	314	print "<tr class=\"$class\" $this_row_id>";
	315
	316	$line["login"] = htmlspecialchars($line["login"]);
	317
0b6f179e AD	318	# $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
	319	# strtotime($line["last_login"]));
	320
	321	if (get_pref($link, 'HEADLINES_SMART_DATE')) {
	322	$line["last_login"] = smart_date_time(strtotime($line["last_login"]));
f52fb64d	323	$line["created"] = smart_date_time(strtotime($line["created"]));
0b6f179e AD	324	} else {
	325	$line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
	326	strtotime($line["last_login"]));
f52fb64d AD	327	$line["created"] = date(get_pref($link, 'SHORT_DATE_FORMAT'),
f52fb64d AD	328	strtotime($line["created"]));
0b6f179e	329	}
ef8be8ea	330
a95da136	331	print "<td align='center'><input onclick='toggleSelectPrefRow(this, \"user\");'
ef8be8ea AD	332	type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
ef8be8ea AD	333
a95da136	334	$onclick = "onclick='editUser($uid) title='".__('Click to edit')."''";
ef8be8ea	335
a95da136	336	print "<td $onclick>" . $line["login"] . "</td>";
ef8be8ea	337
a95da136	338	if (!$line["email"]) $line["email"] = " ";
ef8be8ea	339
a95da136 AD	340	print "<td $onclick>" . $access_level_names[$line["access_level"]] . "</td>";
	341	print "<td $onclick>" . $line["created"] . "</td>";
	342	print "<td $onclick>" . $line["last_login"] . "</td>";
ef8be8ea AD	343
	344	print "</tr>";
	345
	346	++$lnum;
	347	}
	348
	349	print "</table>";
	350
	351	print "<p id='userOpToolbar'>";
	352
a3c159c4	353	print "
ef8be8ea	354	<input type=\"submit\" class=\"button\" disabled=\"true\"
a3c159c4	355	onclick=\"javascript:selectedUserDetails()\" value=\"".__('User details')."\">
ef8be8ea	356	<input type=\"submit\" class=\"button\" disabled=\"true\"
a3c159c4	357	onclick=\"javascript:editSelectedUser()\" value=\"".__('Edit')."\">
ef8be8ea	358	<input type=\"submit\" class=\"button\" disabled=\"true\"
a3c159c4	359	onclick=\"javascript:removeSelectedUsers()\" value=\"".__('Remove')."\">
ef8be8ea	360	<input type=\"submit\" class=\"button\" disabled=\"true\"
a3c159c4	361	onclick=\"javascript:resetSelectedUserPass()\" value=\"".__('Reset password')."\">";
ef8be8ea	362
a5bd7bf0 AD	363	} else {
	364	print "<p>";
	365	if (!$user_search) {
	366	print __('No users defined.');
	367	} else {
	368	print __('No matching users found.');
	369	}
	370	print "</p>";
	371
	372	}
	373
ef8be8ea AD	374	}
ef8be8ea AD	375	?>