<?php
session_start();
$user_ID=$_SESSION[user_ID];
if (!$user_ID || $user_ID=='0')
{
header('location: index.php');
die('Login failed');
}
require("util.php");
$sql = new MySQL_class;
$sql->Create("generator");
$esql = new MySQL_class;
$esql->Create("generator");
if ($_GET[user]) { $_SESSION[var_user] = $_GET[user]; }
$user=$_SESSION[var_user];
$part_rights=array();
function get_part($part) {
global $sql, $user_ID;
$sql->Query("SELECT user_part.part, user_part.right, count(user_rights.user) AS allowed FROM user_part
LEFT JOIN user_rights ON user_rights.user='$user_ID' AND user_rights.right=user_part.user
WHERE user_part.part=$part GROUP BY user_part.part, user_part.right");
for ($i = 0; $i < $sql->rows; $i++)
{
$sql->Fetch($i);
echo "$sql->data[part]/$sql->data[right]=$sql->data[allowed]<br>";
if ($sql->data[allowed]<>'0') {
$part_rights[$sql->data[part].'/'.$sql->data[right]]=1;
}
}
}
get_part (27);
?>
<html>
<head>
<link href="list.css" type="text/css" rel=stylesheet>
<meta content="text/css" http-equiv="Content-Style-Type">
<title>Screen generator Scherm: Users</title>
</head>
<script type="text/javascript" src="handlers.js" language="JavaScript">
alert ("no code");
</script>
<body>
<table id=main><tr><td id=menu><?php
include 'menu.php';
?>
</td><td id=workarea><table class=ruler><tr><td>Users</td></tr></table>
<?php
$lastorder=$_SESSION[last_68];
$_SESSION[last_68]='';
if ($_GET[zoekitem68]) { $zoekitem68 =$_GET[zoekitem68]; } else { $zoekitem68=$_POST[zoekitem68];}
if ($zoekitem68!='')
{
$zoekitem68 = quote('%'.$zoekitem68.'%');
$query = ("
FROM `user`
WHERE (`username` LIKE $zoekitem68
)
");
}
else
{
$query = ("
FROM `user`
");
}
$lastrec=-1;
$sql->QueryItem("SELECT COUNT(*) AS records$query");
$records=$sql->data[records];
if ($zoekitem68<>'') {$fromrec=0;} else {
if ($lastorder=='') {$fromrec=20*$_POST[pagina];} else {
$sql->QueryItem("SELECT COUNT(*) AS fromrec$query AND `username` < $lastorder");
$fromrec=$sql->data[fromrec]-10;
if($fromrec<0) {$fromrec=0; }
$lastrec=$sql->data[fromrec]-$fromrec;
}}
$sql->Query("SELECT user.user as F496, user.username as F497$query
ORDER BY `username` ASC
LIMIT $fromrec, 20");
if (($part_rights['27/nofilter']==0)) {
echo "<form action=\"\" method=post name=Filter>";
echo "<p class=filter>";
echo "Records: $records ";
$maxpage=(int) (($records+19)/20);
if ($maxpage>1) {
echo "Pagina: ";
echo "<select name=\"pagina\" OnChange=\"Filter.target=''; Filter.action = ''; Filter.submit();\">\n";
for ($i = 0; $i < $maxpage; $i++)
{
$nr=$i+1;
if ($i==$_POST[pagina] && $_POST[Zoek]=='' && $_POST[Reset]=='') {$sel=" selected";} else {$sel="";}
echo "<option value=$i$sel>$nr van $maxpage</option>\n";
}
echo "</select>\n";
}
echo "<input type=text name=\"zoekitem68\" size=25>";
echo "<input type=submit value=\"Zoek\">";
echo "<input type=button value=\"User toevoegen\" onClick=\"javascript: window.open('adduser.php?user=$user','','width=500,height=300,location=no,menubar=no,scrollbars=yes,status=no,resizable=yes'); return false;\">";
echo "</p>";
echo "</form>";
}
?>
<table class=list>
<tr>
<th width=210px>Username</th>
</tr>
<?php
for ($i = 0; $i < $sql->rows; $i++)
{
$sql->Fetch($i);
$user = $sql->data['F496'];
$username = htmlspecialchars($sql->data['F497']);
if ($lastrec==$i) {$color="style=\"background-color: #aaaaff;\"";} else {$color="";}
echo ("
<tr $color onMouseOver=\"ChangeColor(this)\" onMouseOut=\"ChangeColorBack(this)\" onClick=\"location='user.php?user=$user'\">
<td>$username</td>
</tr>");
}
?>
</table>
</td></tr></table></body>
</html>
