diff --git a/main/admin/user_advanced_edit.php b/main/admin/user_advanced_edit.php index f7c1761b711..dfcd85c0998 100644 --- a/main/admin/user_advanced_edit.php +++ b/main/admin/user_advanced_edit.php @@ -27,11 +27,11 @@ // Advanced search form $form = new FormValidator('advancedSearch', 'get', '', '', [], FormValidator::LAYOUT_HORIZONTAL); $form->addElement('header', '', get_lang('AdvancedSearch')); -$form->addText('keywordUsername', get_lang('LoginName'), false); -$form->addText('keywordEmail', get_lang('Email'), false); -$form->addText('keywordFirstname', get_lang('FirstName'), false); -$form->addText('keywordLastname', get_lang('LastName'), false); -$form->addText('keywordOfficialCode', get_lang('OfficialCode'), false); +$form->addText('keywordUsername', get_lang('LoginName'), false, ['value' => $_GET['keywordUsername'] ?? '']); +$form->addText('keywordEmail', get_lang('Email'), false, ['value' => $_GET['keywordEmail'] ?? '']); +$form->addText('keywordFirstname', get_lang('FirstName'), false, ['value' => $_GET['keywordFirstname'] ?? '']); +$form->addText('keywordLastname', get_lang('LastName'), false, ['value' => $_GET['keywordLastname'] ?? '']); +$form->addText('keywordOfficialCode', get_lang('OfficialCode'), false, ['value' => $_GET['keywordOfficialCode'] ?? '']); $statusOptions = [ '%' => get_lang('All'), @@ -41,34 +41,43 @@ SESSIONADMIN => get_lang('SessionsAdmin'), PLATFORM_ADMIN => get_lang('Administrator') ]; -$form->addElement('select', 'keywordStatus', get_lang('Profile'), $statusOptions); +$form->addElement('select', 'keywordStatus', get_lang('Profile'), $statusOptions, ['selected' => $_GET['keywordStatus'] ?? '%']); $activeGroup = []; -$activeGroup[] = $form->createElement('checkbox', 'keywordActive', '', get_lang('Active')); -$activeGroup[] = $form->createElement('checkbox', 'keywordInactive', '', get_lang('Inactive')); +$activeGroup[] = $form->createElement('checkbox', 'keywordActive', '', get_lang('Active'), ['checked' => isset($_GET['keywordActive'])]); +$activeGroup[] = $form->createElement('checkbox', 'keywordInactive', '', get_lang('Inactive'), ['checked' => isset($_GET['keywordInactive'])]); $form->addGroup($activeGroup, '', get_lang('ActiveAccount'), null, false); -$form->addButtonSearch(get_lang('SearchUsers'), 'filter'); -// Search filters -$searchFilters = [ - 'keywordFirstname' => $_GET['keywordFirstname'] ?? '', - 'keywordLastname' => $_GET['keywordLastname'] ?? '', - 'keywordUsername' => $_GET['keywordUsername'] ?? '', - 'keywordEmail' => $_GET['keywordEmail'] ?? '', - 'keywordOfficialCode' => $_GET['keywordOfficialCode'] ?? '', - 'keywordStatus' => $_GET['keywordStatus'] ?? '', - 'keywordActive' => $_GET['keywordActive'] ?? '', - 'keywordInactive' => $_GET['keywordInactive'] ?? '', -]; +$parameters = array_map(function ($value) { + return Security::remove_XSS($value); +}, $_GET); + +$extraUserField = new ExtraField('user'); +$returnParams = $extraUserField->addElements( + $form, + 0, + [], + true, + false, + [], + [], + $_REQUEST +); + +$htmlHeadXtra[] = ''; +$form->addButtonSearch(get_lang('SearchUsers'), 'filter'); $users = []; if (isset($_GET['filter'])) { - $users = UserManager::searchUsers($searchFilters); + $users = UserManager::searchUsers($parameters); } $fieldSelector = ''; $jqueryReadyContent = ''; -$extraUserField = new ExtraField('user'); if (!empty($users)) { $extraFields = $extraUserField->get_all(['filter = ?' => 1], 'option_order'); @@ -116,7 +125,12 @@ } unset($user); + if (count($users) === 1) { + array_unshift($users, ['id' => '', 'username' => '']); + } + $parameters = array_diff_key($parameters, array_flip(['users_direction', 'users_column'])); $userTable = new SortableTable('users', null, null, 0, 50); + $userTable->set_additional_parameters($parameters); $userTable->set_header(0, get_lang('ID')); $userTable->set_header(1, get_lang('Username')); diff --git a/main/inc/lib/extra_field.lib.php b/main/inc/lib/extra_field.lib.php index d33ba9e9b01..330dcd01ff0 100755 --- a/main/inc/lib/extra_field.lib.php +++ b/main/inc/lib/extra_field.lib.php @@ -783,7 +783,6 @@ public function addElements( $itemId = (int) $itemId; $form->addHidden('item_id', $itemId); - $extraData = false; if (!empty($itemId)) { $extraData = $this->get_handler_extra_data($itemId); if (!empty($showOnlyTheseFields)) { @@ -1373,6 +1372,23 @@ public function set_extra_fields_in_form( ); $selectedOptions[] = $tag['tag']; } + } else { + if (!empty($extraData) && isset($extraData['extra_'.$field_details['variable']])) { + $data = $extraData['extra_'.$field_details['variable']]; + if (!empty($data)) { + foreach ($data as $option) { + $tagsSelect->addOption( + $option, + $option, + [ + 'selected' => 'selected', + 'class' => 'selected', + ] + ); + $selectedOptions[] = $option; + } + } + } } $url = api_get_path(WEB_AJAX_PATH).'user_manager.ajax.php'; } else { diff --git a/main/inc/lib/usermanager.lib.php b/main/inc/lib/usermanager.lib.php index 0c4aadee299..ae6bf1ccb2d 100755 --- a/main/inc/lib/usermanager.lib.php +++ b/main/inc/lib/usermanager.lib.php @@ -8269,6 +8269,12 @@ public static function searchUsers(array $filters = [], array $editableFields = { $where = []; + $accessUrlRelUserTable = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); + $userGroupTable = Database::get_main_table(TABLE_USERGROUP_REL_USER); + + $isMultipleUrl = (api_is_platform_admin() || api_is_session_admin()) && api_get_multiple_access_url(); + $urlId = api_get_current_access_url_id(); + if (!empty($filters['keywordFirstname'])) { $where[] = "u.firstname LIKE '%".Database::escape_string($filters['keywordFirstname'])."%'"; } @@ -8293,6 +8299,50 @@ public static function searchUsers(array $filters = [], array $editableFields = $where[] = "u.active = 0"; } + if ($isMultipleUrl) { + $where[] = "u.id IN (SELECT user_id FROM $accessUrlRelUserTable WHERE access_url_id = $urlId)"; + } + + if (!empty($filters['class_id'])) { + $where[] = "u.id IN (SELECT user_id FROM $userGroupTable WHERE usergroup_id = " . (int)$filters['class_id'] . ")"; + } + + $extraField = new ExtraField('user'); + $extraFieldResults = []; + $extraFieldHasData = false; + + foreach ($filters as $key => $value) { + if (strpos($key, 'extra_') === 0 && !empty($value)) { + $variable = substr($key, 6); + $fieldInfo = $extraField->get_handler_field_info_by_field_variable($variable); + if ($fieldInfo) { + $extraFieldHasData = true; + $values = is_array($value) ? $value : [$value]; + + foreach ($values as $singleValue) { + if (empty($singleValue)) { + continue; + } + + if ($fieldInfo['field_type'] == ExtraField::FIELD_TYPE_TAG) { + $result = $extraField->getAllUserPerTag($fieldInfo['id'], $singleValue); + $result = empty($result) ? [] : array_column($result, 'user_id'); + } else { + $result = UserManager::get_extra_user_data_by_value($variable, $singleValue, true); + } + + if (!empty($result)) { + $extraFieldResults = array_merge($extraFieldResults, $result); + } + } + } + } + } + + if ($extraFieldHasData && !empty($extraFieldResults)) { + $where[] = "u.id IN ('" . implode("','", array_unique($extraFieldResults)) . "')"; + } + $fields = ['u.id', 'u.username']; if (!empty($editableFields)) { @@ -8301,11 +8351,25 @@ public static function searchUsers(array $filters = [], array $editableFields = } } + $sortableFields = [ + 0 => 'u.id', + 1 => 'u.username' + ]; + + $columnIndex = $_GET['users_column'] ?? 0; + $direction = strtoupper($_GET['users_direction'] ?? 'ASC'); + + if (!in_array($direction, ['ASC', 'DESC'])) { + $direction = 'ASC'; + } + + $orderBy = $sortableFields[$columnIndex] ?? 'u.id'; + $sql = "SELECT " . implode(", ", $fields) . " FROM " . Database::get_main_table(TABLE_MAIN_USER) . " u"; if (!empty($where)) { $sql .= " WHERE " . implode(" AND ", $where); } - $sql .= " ORDER BY u.id ASC"; + $sql .= " ORDER BY $orderBy $direction"; return Database::store_result(Database::query($sql), 'ASSOC'); }