registerFunction ('search_users'); // setting the section (for the tabs) $this_section = SECTION_PLATFORM_ADMIN; // Access restrictions api_protect_admin_script(true); // setting breadcrumbs $interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdmin')); $interbreadcrumb[] = array('url' => 'user_list.php','name' => get_lang('UserList')); // Database Table Definitions $tbl_user = Database::get_main_table(TABLE_MAIN_USER); $tbl_access_url_rel_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); // initializing variables $id_session=intval($_GET['id_session']); $user_id = intval($_GET['user']); $user_info = api_get_user_info($user_id); $user_anonymous = api_get_anonymous_id(); $current_user_id = api_get_user_id(); // setting the name of the tool if (UserManager::is_admin($user_id)) { $tool_name= get_lang('AssignUsersToPlatformAdministrator'); } else if ($user_info['status'] == SESSIONADMIN) { $tool_name= get_lang('AssignUsersToSessionsAdministrator'); } else { $tool_name= get_lang('AssignUsersToHumanResourcesManager'); } $add_type = 'multiple'; if(isset($_GET['add_type']) && $_GET['add_type']!=''){ $add_type = Security::remove_XSS($_REQUEST['add_type']); } if (!api_is_platform_admin()) { api_not_allowed(true); } function search_users($needle,$type) { global $_configuration,$tbl_access_url_rel_user, $tbl_user, $user_anonymous, $current_user_id, $user_id; $xajax_response = new XajaxResponse(); $return = ''; if(!empty($needle) && !empty($type)) { // xajax send utf8 datas... datas in db can be non-utf8 datas $charset = api_get_system_encoding(); $needle = api_convert_encoding($needle, $charset, 'utf-8'); $assigned_users_to_hrm = UserManager::get_users_followed_by_drh($user_id); $assigned_users_id = array_keys($assigned_users_to_hrm); $without_assigned_users = ''; if (count($assigned_users_id) > 0) { $without_assigned_users = " AND user.user_id NOT IN(".implode(',',$assigned_users_id).")"; } if ($_configuration['multiple_access_urls']) { $sql = "SELECT user.user_id, username, lastname, firstname FROM $tbl_user user LEFT JOIN $tbl_access_url_rel_user au ON (au.user_id = user.user_id) WHERE ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND status NOT IN(".DRH.", ".SESSIONADMIN.") AND user.user_id NOT IN ($user_anonymous, $current_user_id, $user_id) $without_assigned_users AND access_url_id = ".api_get_current_access_url_id().""; } else { $sql = "SELECT user_id, username, lastname, firstname FROM $tbl_user user WHERE ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND status NOT IN(".DRH.", ".SESSIONADMIN.") AND user_id NOT IN ($user_anonymous, $current_user_id, $user_id) $without_assigned_users"; } $rs = Database::query($sql); $return .= ''; $xajax_response -> addAssign('ajax_list_users_multiple','innerHTML',api_utf8_encode($return)); } return $xajax_response; } $xajax -> processRequests(); $htmlHeadXtra[] = $xajax->getJavascript('../inc/lib/xajax/'); $htmlHeadXtra[] = ''; $formSent=0; $errorMsg = $firstLetterUser = ''; $UserList = array(); $msg = ''; if (intval($_POST['formSent']) == 1) { $user_list = $_POST['UsersList']; $affected_rows = UserManager::suscribe_users_to_hr_manager($user_id,$user_list); if ($affected_rows) { $msg = get_lang('AssignedUsersHaveBeenUpdatedSuccessfully'); } } // display header Display::display_header($tool_name); // actions echo '
'; echo Display::page_header(sprintf(get_lang('AssignUsersToX'), api_get_person_name($user_info['firstname'], $user_info['lastname']))); $assigned_users_to_hrm = UserManager::get_users_followed_by_drh($user_id); $assigned_users_id = array_keys($assigned_users_to_hrm); $without_assigned_users = ''; if (count($assigned_users_id) > 0) { $without_assigned_users = " user.user_id NOT IN(".implode(',',$assigned_users_id).") AND "; } $search_user = ''; if (isset($_POST['firstLetterUser'])) { $needle = Database::escape_string($_POST['firstLetterUser']); $search_user ="AND ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%'"; } if ($_configuration['multiple_access_urls']) { $sql = "SELECT user.user_id, username, lastname, firstname FROM $tbl_user user LEFT JOIN $tbl_access_url_rel_user au ON (au.user_id = user.user_id) WHERE $without_assigned_users user.user_id NOT IN ($user_anonymous, $current_user_id, $user_id) AND status NOT IN(".DRH.", ".SESSIONADMIN.") $search_user AND access_url_id = ".api_get_current_access_url_id()." ORDER BY firstname"; } else { $sql = "SELECT user_id, username, lastname, firstname FROM $tbl_user user WHERE $without_assigned_users user_id NOT IN ($user_anonymous, $current_user_id, $user_id) AND status NOT IN(".DRH.", ".SESSIONADMIN.") $search_user ORDER BY firstname "; } $result = Database::query($sql); ?>