1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
<?php
// $Id$
/**
* @file
* User page callbacks for the profile module.
*/
/**
* Menu callback; display a list of user information.
*/
function profile_browse() {
// Ensure that the path is converted to 3 levels always.
list(, $name, $value) = array_pad(explode('/', $_GET['q'], 3), 3, '');
$field = db_fetch_object(db_query("SELECT DISTINCT(fid), type, title, page, visibility FROM {profile_field} WHERE name = '%s'", $name));
if ($name && $field->fid) {
// Only allow browsing of fields that have a page title set.
if (empty($field->page)) {
drupal_not_found();
return;
}
// Do not allow browsing of private and hidden fields by non-admins.
if (!user_access('administer users') && ($field->visibility == PROFILE_PRIVATE || $field->visibility == PROFILE_HIDDEN)) {
drupal_access_denied();
return;
}
// Compile a list of fields to show.
$fields = array();
$result = db_query('SELECT name, title, type, weight, page FROM {profile_field} WHERE fid != %d AND visibility = %d ORDER BY weight', $field->fid, PROFILE_PUBLIC_LISTINGS);
while ($record = db_fetch_object($result)) {
$fields[] = $record;
}
// Determine what query to use:
$arguments = array($field->fid);
switch ($field->type) {
case 'checkbox':
$query = 'v.value = 1';
break;
case 'textfield':
case 'selection':
$query = "v.value = '%s'";
$arguments[] = $value;
break;
case 'list':
$query = "v.value LIKE '%%%s%%'";
$arguments[] = $value;
break;
default:
drupal_not_found();
return;
}
// Extract the affected users:
$result = pager_query("SELECT u.uid, u.access FROM {users} u INNER JOIN {profile_value} v ON u.uid = v.uid WHERE v.fid = %d AND $query AND u.access != 0 AND u.status != 0 ORDER BY u.access DESC", 20, 0, NULL, $arguments)->fetchAllAssoc('uid');
// Load the users.
$users = user_load_multiple(array_keys($result));
$content = '';
foreach ($users as $account) {
$profile = _profile_update_user_fields($fields, $account);
$content .= theme('profile_listing', $account, $profile);
}
$output = theme('profile_wrapper', $content);
$output .= theme('pager', NULL, 20);
if ($field->type == 'selection' || $field->type == 'list' || $field->type == 'textfield') {
$title = strtr(check_plain($field->page), array('%value' => theme('placeholder', $value)));
}
else {
$title = check_plain($field->page);
}
drupal_set_title($title, PASS_THROUGH);
return $output;
}
elseif ($name && !$field->fid) {
drupal_not_found();
}
else {
// Compile a list of fields to show.
$fields = array();
$result = db_query('SELECT name, title, type, weight, page, visibility FROM {profile_field} WHERE visibility = %d ORDER BY category, weight', PROFILE_PUBLIC_LISTINGS);
while ($record = db_fetch_object($result)) {
$fields[] = $record;
}
// Extract the affected users:
$result = pager_query('SELECT uid, access FROM {users} WHERE uid > 0 AND status != 0 AND access != 0 ORDER BY access DESC', 20, 0, NULL)->fetchAllAssoc('uid');
$users = user_load_multiple(array_keys($result));
$content = '';
foreach ($users as $account) {
$profile = _profile_update_user_fields($fields, $account);
$content .= theme('profile_listing', $account, $profile);
}
$output = theme('profile_wrapper', $content);
$output .= theme('pager', NULL, 20);
drupal_set_title(t('User list'), PASS_THROUGH);
return $output;
}
}
/**
* Callback to allow autocomplete of profile text fields.
*/
function profile_autocomplete($field, $string) {
$matches = array();
if (db_result(db_query("SELECT COUNT(*) FROM {profile_field} WHERE fid = %d AND autocomplete = 1", $field))) {
$result = db_query_range("SELECT value FROM {profile_value} WHERE fid = :fid AND LOWER(value) LIKE LOWER(:value) GROUP BY value ORDER BY value ASC", array(
':fid' => $field,
':value' => $string .'%',
), 0, 10);
while ($data = db_fetch_object($result)) {
$matches[$data->value] = check_plain($data->value);
}
}
drupal_json($matches);
}
|
