Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Update usersearch.php
- Loading branch information
1 parent
9b65bd0
commit 06217c6
Showing
1 changed file
with
112 additions
and
83 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,89 +1,118 @@ | ||
| <!DOCTYPE html> | ||
| <html lang="<?php echo $U->getSetting("site.lang"); ?>" dir="ltr"> | ||
| <head> | ||
| <style> | ||
| tbody > tr > th { | ||
| font-weight: normal; | ||
| } | ||
| </style> | ||
| <meta charset="utf-8"> | ||
| <title><?php echo $U->getLang("admin") ?> - <?php echo $U->getLang("admin.user.search"); ?></title> | ||
| </head> | ||
| <body> | ||
| <a href="javascript:window.close()"><?php echo $U->getLang("admin.exit"); ?></a> | ||
| <p><?php echo $U->getLang("admin.user.search.intro"); ?></p> | ||
| <form> | ||
| <label for="Name"><?php echo $U->getLang("admin.user.field.username"); ?>:</label><br /> | ||
| <input type="text" name="Name" /><br /> | ||
| <label for="Mail"><?php echo $U->getLang("admin.user.field.mail"); ?>:</label><br /> | ||
| <input type="mail" name="Mail" /><br /> | ||
| <input type="hidden" name="URL" value="usersearch" /> | ||
| <input type="submit" value="<?php echo $U->getLang("admin.user.search.action"); ?>" /> | ||
| </form> | ||
| <?php | ||
| if(isset($_GET["Name"])){ | ||
| if($_GET["Name"] !== ""){ | ||
| $sql = "SELECT * FROM User WHERE Username='".$_GET["Name"]."';"; | ||
| $db_erg = mysqli_query($U->db_link, $sql); | ||
| <?php | ||
| if($U->userHasPermission("Backend", "User","Search")){ | ||
| ?> | ||
| <!DOCTYPE html> | ||
| <html lang="<?php echo $U->getSetting("site.lang"); ?>" dir="ltr"> | ||
| <head> | ||
| <style> | ||
| tbody > tr > th { | ||
| font-weight: normal; | ||
| } | ||
| } | ||
| if(isset($_GET["Mail"])){ | ||
| if($_GET["Mail"] !== ""){ | ||
| $sql = "SELECT * FROM User WHERE Mail='".$_GET["Mail"]."';"; | ||
| $db_erg = mysqli_query($U->db_link, $sql); | ||
| </style> | ||
| <meta charset="utf-8"> | ||
| <title><?php echo $U->getLang("admin") ?> - <?php echo $U->getLang("admin.user.search"); ?></title> | ||
| </head> | ||
| <body> | ||
| <a href="javascript:window.close()"><?php echo $U->getLang("admin.exit"); ?></a> | ||
| <p><?php echo $U->getLang("admin.user.search.intro"); ?></p> | ||
| <form> | ||
| <label for="Name"><?php echo $U->getLang("admin.user.field.username"); ?>:</label><br /> | ||
| <input type="text" name="Name" /><br /> | ||
| <label for="Mail"><?php echo $U->getLang("admin.user.field.mail"); ?>:</label><br /> | ||
| <input type="mail" name="Mail" /><br /> | ||
| <input type="hidden" name="URL" value="usersearch" /> | ||
| <input type="submit" value="<?php echo $U->getLang("admin.user.search.action"); ?>" /> | ||
| </form> | ||
| <?php | ||
| if(isset($_GET["Name"])){ | ||
| if($_GET["Name"] !== ""){ | ||
| $sql = "SELECT * FROM User WHERE Username='".mysqli::real_escape_string($_GET["Name"])."';"; | ||
| $dbRes = mysqli_query($U->db_link, $sql); | ||
| } | ||
| } | ||
| } | ||
| if(isset($_GET["Mail"]) || isset($_GET["Name"])){ | ||
| $userhere = False; | ||
| while($row = mysqli_fetch_array($db_erg, MYSQLI_ASSOC)){ | ||
| $userhere = True; | ||
| ?> | ||
| <h4><?php echo str_replace("%a",$row["Username"],$U->getLang("admin.user.search.title")); ?></h4> | ||
| <table> | ||
| <tbody> | ||
| <tr> | ||
| <th> | ||
| Id: | ||
| </th> | ||
| <th> | ||
| <?php echo $row["Id"]; ?> | ||
| </th> | ||
| </tr> | ||
| <tr> | ||
| <th> | ||
| <?php echo $U->getLang("admin.user.field.mail"); ?>: | ||
| </th> | ||
| <th> | ||
| <?php echo $row["Mail"]; ?> | ||
| </th> | ||
| </tr> | ||
| <tr> | ||
| <th> | ||
| <?php echo $U->getLang("admin.user.field.admin"); ?> | ||
| </th> | ||
| <th> | ||
| <?php echo $row["Type"]; ?> | ||
| </th> | ||
| </tr> | ||
| <tr> | ||
| <th> | ||
| <?php echo $U->getLang("admin.user.field.blocked"); ?> | ||
| </th> | ||
| <th> | ||
| <?php echo $row["blocked"]; ?> | ||
| </th> | ||
| </tr> | ||
| </tbody> | ||
| </table> | ||
| <?php | ||
| if(isset($_GET["Mail"])){ | ||
| if($_GET["Mail"] !== ""){ | ||
| $sql = "SELECT * FROM User WHERE Mail='".mysqli::real_escape_string($_GET["Mail"])."';"; | ||
| $dbRes = mysqli_query($U->db_link, $sql); | ||
| } | ||
| } | ||
| if(!$userhere&&$_GET["Mail"] !== ""){ | ||
| echo str_replace("%a", $U->getLang("admin.user.field.mail"), str_replace("%b", $_GET["Mail"], $U->getLang("admin.user.notFound.property"))); | ||
| if(isset($_GET["Id"])){ | ||
| if($_GET["Id"] !== ""){ | ||
| $sql = "SELECT * FROM User WHERE Id='".mysqli::real_escape_string($_GET["Id"])."';"; | ||
| $dbRes = mysqli_query($U->db_link, $sql); | ||
| } | ||
| } | ||
| if(!$userhere&&$_GET["Name"] !== ""){ | ||
| echo str_replace("%a", $U->getLang("admin.user.field.username"), str_replace("%b", $_GET["Name"], $U->getLang("admin.user.notFound.property"))); | ||
| if(isset($_GET["Mail"]) || isset($_GET["Name"]) || isset($_GET["Id"])){ | ||
| $userhere = False; | ||
| while($row = mysqli_fetch_array($dbRes, MYSQLI_ASSOC)){ | ||
| $userhere = True; | ||
| ?> | ||
| <h4><?php echo str_replace("%a",$row["Username"],$U->getLang("admin.user.search.title")); ?></h4> | ||
| <table> | ||
| <tbody> | ||
| <tr> | ||
| <th> | ||
| Id: | ||
| </th> | ||
| <th> | ||
| <?php echo $row["Id"]; ?> | ||
| </th> | ||
| </tr> | ||
| <tr> | ||
| <th> | ||
| <?php echo $U->getLang("admin.user.field.mail"); ?>: | ||
| </th> | ||
| <th> | ||
| <?php echo $row["Mail"]; ?> | ||
| </th> | ||
| </tr> | ||
| <tr> | ||
| <th> | ||
| <?php echo $U->getLang("admin.user.field.permissionlevel"); ?> | ||
| </th> | ||
| <th> | ||
| <?php echo $U->getPermissionName($row["Type"]); ?> | ||
| </th> | ||
| </tr> | ||
| <tr> | ||
| <th> | ||
| <?php echo $U->getLang("admin.user.field.blocked"); ?> | ||
| </th> | ||
| <th> | ||
| <?php echo $row["blocked"]==0?$U->getLang("admin.no"):$U->getLang("admin.yes"); ?> | ||
| </th> | ||
| </tr> | ||
| </tbody> | ||
| </table> | ||
| <?php | ||
| } | ||
| if(!$userhere&&isset($_GET["Mail"])&&$_GET["Mail"]!==""){ | ||
| echo str_replace("%a", $U->getLang("admin.user.field.mail"), str_replace("%b", $_GET["Mail"], $U->getLang("admin.user.notFound.property"))); | ||
| } | ||
| if(!$userhere&&isset($_GET["Name"])&&$_GET["Name"]!==""){ | ||
| echo str_replace("%a", $U->getLang("admin.user.field.username"), str_replace("%b", $_GET["Name"], $U->getLang("admin.user.notFound.property"))); | ||
| } | ||
| if(!$userhere&&isset($_GET["Id"])){ | ||
| echo str_replace("%a", $U->getLang("admin.user.field.id"), str_replace("%b", $_GET["Id"], $U->getLang("admin.user.notFound.property"))); | ||
| } | ||
| } | ||
| } | ||
| ?> | ||
| ?> | ||
| </body> | ||
| </html> | ||
| <?php | ||
| }else{ | ||
| ?> | ||
| <!DOCTYPE html> | ||
| <html lang="<?php echo $U->getSetting("site.lang"); ?>" dir="ltr"> | ||
| <head> | ||
| <meta charset="utf-8"> | ||
| <title><?php echo $U->getLang("admin") ?> - <?php echo $U->getLang("admin.settings"); ?></title> | ||
| </head> | ||
| <body> | ||
| <a href="javascript:window.close()"><?php echo $U->getLang("admin.exit"); ?></a> | ||
| <p><?php echo $U->getLang("rights.error"); ?></p> | ||
| </body> | ||
| </html> | ||
| </html> | ||
| <?php | ||
| } | ||
| ?> |