-
Notifications
You must be signed in to change notification settings - Fork 33
/
Copy pathsearchuser.php
77 lines (65 loc) · 3.17 KB
/
searchuser.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
<?php
use src\Utils\Database\OcDb;
use src\Utils\Database\XDb;
use src\Utils\Text\TextConverter;
use src\Models\ApplicationContainer;
require_once(__DIR__.'/lib/common.inc.php');
//user logged in?
$loggedUser = ApplicationContainer::GetAuthorizedUser();
if (!$loggedUser) {
$target = urlencode(tpl_get_current_page());
tpl_redirect('login.php?target=' . $target);
exit;
}
$tplname = 'searchuser';
$options['username'] = isset($_REQUEST['username']) ? $_REQUEST['username'] : '';
if (!isset($options['username'])) {
$options['username'] = '';
}
if ($options['username'] != '') {
$query = "SELECT user_id, username, date_created FROM user WHERE username LIKE :username ORDER BY username ASC";
$params = array(
"username" =>
array(
"value" => '%' . XDb::xEscape($options['username']) . '%',
"data_type" => "string"
),
);
$dbc = OcDb::instance();
$s = $dbc->paramQuery($query, $params);
$bgcolor1 = '#eeeeee';
$bgcolor2 = '#ffffff';
$line = '<tr bgcolor={bgcolor}><td><a href=viewprofile.php?userid={user_id}>{username}</a></td><td> </td><td nowrap style="text-align:center;">{date_created}</td><td nowrap style="text-align:center;"></td></tr>';
$lines = "";
$ilosc = $dbc->rowCount($s);
if ($ilosc != 0) {
if ($ilosc == 1) {
$record = $dbc->dbResultFetch($s);
tpl_redirect("viewprofile.php?userid=" . $record['user_id']);
} else {
$i = 0;
while ($record = $dbc->dbResultFetch($s)) {
$tmp_line = $line;
$tmp_line = mb_ereg_replace('{bgcolor}', ($i % 2 == 0) ? $bgcolor1 : $bgcolor2, $tmp_line);
$tmp_line = mb_ereg_replace('{username}', htmlspecialchars($record['username'], ENT_COMPAT, 'UTF-8'), $tmp_line);
$tmp_line = mb_ereg_replace('{user_id}', htmlspecialchars($record['user_id'], ENT_COMPAT, 'UTF-8'), $tmp_line);
$tmp_line = mb_ereg_replace('{date_created}', htmlspecialchars(TextConverter::fixPlMonth(
strftime($GLOBALS['config']['dateformat'], strtotime($record['date_created']))), ENT_COMPAT, 'UTF-8'), $tmp_line);
$lines .= $tmp_line . "\n";
$i++;
};
tpl_set_var('lines', $lines);
tpl_set_var('username', '');
tpl_set_var('not_found', '');
}
} else { // User not found
tpl_set_var('username', htmlspecialchars($options['username']));
tpl_set_var('not_found', '<b>' . tr("message_user_not_found") . ': ' . htmlspecialchars($options['username']) . '</b><br/><br/>');
tpl_set_var('lines', '');
}
} else {
tpl_set_var('username', '');
tpl_set_var('not_found', '');
tpl_set_var('lines', '');
}
tpl_BuildTemplate();