PageRenderTime 66ms CodeModel.GetById 5ms RepoModel.GetById 0ms app.codeStats 0ms

/profesor/empresa2/listarUsuarios.php

https://github.com/antonioformatic/curso2011
PHP | 218 lines | 198 code | 13 blank | 7 comment | 41 complexity | 82c152df5fd157cc502600a20ed8a42e MD5 | raw file
  1. <?php require_once('../../Connections/conexionEmpresa.php'); ?>
  2. <?php
  3. if (!isset($_SESSION)) {
  4. session_start();
  5. }
  6. $MM_authorizedUsers = "usuario,administrador";
  7. $MM_donotCheckaccess = "false";
  8. // *** Restrict Access To Page: Grant or deny access to this page
  9. function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
  10. // For security, start by assuming the visitor is NOT authorized.
  11. $isValid = False;
  12. // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
  13. // Therefore, we know that a user is NOT logged in if that Session variable is blank.
  14. if (!empty($UserName)) {
  15. // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
  16. // Parse the strings into arrays.
  17. $arrUsers = Explode(",", $strUsers);
  18. $arrGroups = Explode(",", $strGroups);
  19. if (in_array($UserName, $arrUsers)) {
  20. $isValid = true;
  21. }
  22. // Or, you may restrict access to only certain users based on their username.
  23. if (in_array($UserGroup, $arrGroups)) {
  24. $isValid = true;
  25. }
  26. if (($strUsers == "") && false) {
  27. $isValid = true;
  28. }
  29. }
  30. return $isValid;
  31. }
  32. $MM_restrictGoTo = "login.php";
  33. if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
  34. $MM_qsChar = "?";
  35. $MM_referrer = $_SERVER['PHP_SELF'];
  36. if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  37. if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0)
  38. $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
  39. $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  40. header("Location: ". $MM_restrictGoTo);
  41. exit;
  42. }
  43. ?>
  44. <?php
  45. if (!function_exists("GetSQLValueString")) {
  46. function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
  47. {
  48. if (PHP_VERSION < 6) {
  49. $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  50. }
  51. $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
  52. switch ($theType) {
  53. case "text":
  54. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
  55. break;
  56. case "long":
  57. case "int":
  58. $theValue = ($theValue != "") ? intval($theValue) : "NULL";
  59. break;
  60. case "double":
  61. $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
  62. break;
  63. case "date":
  64. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
  65. break;
  66. case "defined":
  67. $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
  68. break;
  69. }
  70. return $theValue;
  71. }
  72. }
  73. $currentPage = $_SERVER["PHP_SELF"];
  74. $maxRows_usuarios = 10;
  75. $pageNum_usuarios = 0;
  76. if (isset($_GET['pageNum_usuarios'])) {
  77. $pageNum_usuarios = $_GET['pageNum_usuarios'];
  78. }
  79. $startRow_usuarios = $pageNum_usuarios * $maxRows_usuarios;
  80. mysql_select_db($database_conexionEmpresa, $conexionEmpresa);
  81. $query_usuarios = "SELECT * FROM usuario";
  82. $query_limit_usuarios = sprintf("%s LIMIT %d, %d", $query_usuarios, $startRow_usuarios, $maxRows_usuarios);
  83. $usuarios = mysql_query($query_limit_usuarios, $conexionEmpresa) or die(mysql_error());
  84. $row_usuarios = mysql_fetch_assoc($usuarios);
  85. if (isset($_GET['totalRows_usuarios'])) {
  86. $totalRows_usuarios = $_GET['totalRows_usuarios'];
  87. } else {
  88. $all_usuarios = mysql_query($query_usuarios);
  89. $totalRows_usuarios = mysql_num_rows($all_usuarios);
  90. }
  91. $totalPages_usuarios = ceil($totalRows_usuarios/$maxRows_usuarios)-1;
  92. $queryString_usuarios = "";
  93. if (!empty($_SERVER['QUERY_STRING'])) {
  94. $params = explode("&", $_SERVER['QUERY_STRING']);
  95. $newParams = array();
  96. foreach ($params as $param) {
  97. if (stristr($param, "pageNum_usuarios") == false &&
  98. stristr($param, "totalRows_usuarios") == false) {
  99. array_push($newParams, $param);
  100. }
  101. }
  102. if (count($newParams) != 0) {
  103. $queryString_usuarios = "&" . htmlentities(implode("&", $newParams));
  104. }
  105. }
  106. $queryString_usuarios = sprintf("&totalRows_usuarios=%d%s", $totalRows_usuarios, $queryString_usuarios);
  107. ?>
  108. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  109. <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/profesorEmpresa2.dwt" codeOutsideHTMLIsLocked="false" -->
  110. <head>
  111. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  112. <!-- InstanceBeginEditable name="doctitle" -->
  113. <title>Documento sin título</title>
  114. <!-- InstanceEndEditable -->
  115. <!-- InstanceBeginEditable name="head" -->
  116. <!-- InstanceEndEditable -->
  117. <link href="css/twoColFixLtHdr.css" rel="stylesheet" type="text/css" />
  118. <script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
  119. <link href="SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
  120. </head>
  121. <body>
  122. <div class="container">
  123. <div class="header">
  124. <h1>
  125. <a href="#">
  126. <img
  127. src="camello.jpg"
  128. alt="Insertar logotipo aquí"
  129. name="Insert_logo"
  130. width="120"
  131. height="100"
  132. id="Insert_logo"
  133. style="background: #C6D580; "
  134. />
  135. </a>Web básica 2</h1>
  136. <!-- end .header --></div>
  137. <div class="sidebar1">
  138. <ul id="MenuBar1" class="MenuBarVertical">
  139. <li><a href="listarUsuarios.php">Usuarios</a></li>
  140. <li><a href="listarCriticasProductos.php">Cr&iacute;ticas de productos</a></li>
  141. <li><a href="listarFirmas.php">Libro de firmas</a></li>
  142. <li><a href="logout.php">Logout</a></li>
  143. </ul>
  144. <!-- end .sidebar1 --></div>
  145. <div class="content">
  146. <!-- InstanceBeginEditable name="contenido" -->
  147. <table border="0">
  148. <tr bgcolor="#CCCCCC">
  149. <td>id</td>
  150. <td>nombre</td>
  151. <td>password</td>
  152. <td>nivel</td>
  153. <?php if ($_SESSION['MM_UserGroup'] == "administrador"){ ?>
  154. <td><img src="b_edit.png" width="16" height="16" /></td>
  155. <td><img src="b_drop.png" width="16" height="16" /></td>
  156. <?php } ?>
  157. </tr>
  158. <?php do { ?>
  159. <tr>
  160. <td><?php echo $row_usuarios['id']; ?></td>
  161. <td><?php echo $row_usuarios['nombre']; ?></td>
  162. <td>
  163. <input name="password" type="password" value ="<?php echo $row_usuarios['password']; ?>" readonly="readonly"/>
  164. </td>
  165. <td><?php echo $row_usuarios['nivel']; ?></td>
  166. <?php if($_SESSION['MM_UserGroup'] == "administrador"){ ?>
  167. <td><a href="editarUsuario.php?id=<?php echo $row_usuarios['id']; ?>"><img src="b_edit.png" width="16" height="16" /></a></td>
  168. <td><a href="borrarUsuario.php?id=<?php echo $row_usuarios['id']; ?>"><img src="b_drop.png" width="16" height="16" /></a></td>
  169. <?php } ?>
  170. </tr>
  171. <?php } while ($row_usuarios = mysql_fetch_assoc($usuarios)); ?>
  172. <table border="0">
  173. <tr>
  174. <td><?php if ($pageNum_usuarios > 0) { // Show if not first page ?>
  175. <a href="<?php printf("%s?pageNum_usuarios=%d%s", $currentPage, 0, $queryString_usuarios); ?>"><img src="First.gif" /></a>
  176. <?php } // Show if not first page ?></td>
  177. <td><?php if ($pageNum_usuarios > 0) { // Show if not first page ?>
  178. <a href="<?php printf("%s?pageNum_usuarios=%d%s", $currentPage, max(0, $pageNum_usuarios - 1), $queryString_usuarios); ?>"><img src="Previous.gif" /></a>
  179. <?php } // Show if not first page ?></td>
  180. <td><?php if ($pageNum_usuarios < $totalPages_usuarios) { // Show if not last page ?>
  181. <a href="<?php printf("%s?pageNum_usuarios=%d%s", $currentPage, min($totalPages_usuarios, $pageNum_usuarios + 1), $queryString_usuarios); ?>"><img src="Next.gif" /></a>
  182. <?php } // Show if not last page ?></td>
  183. <td><?php if ($pageNum_usuarios < $totalPages_usuarios) { // Show if not last page ?>
  184. <a href="<?php printf("%s?pageNum_usuarios=%d%s", $currentPage, $totalPages_usuarios, $queryString_usuarios); ?>"><img src="Last.gif" /></a>
  185. <?php } // Show if not last page ?></td>
  186. <?php if($_SESSION['MM_UserGroup'] == "administrador"){ ?>
  187. <td><a href="agregarUsuario.php"><img src="agregar.png" width="16" height="16" /></a></td>
  188. <?php } ?>
  189. </tr>
  190. </table>
  191. </table>
  192. <!-- InstanceEndEditable -->
  193. <!-- end .content --></div>
  194. <div class="footer">
  195. Muchas gracias por visitar la web
  196. <!-- end .footer --></div>
  197. <!-- end .container --></div>
  198. <script type="text/javascript">
  199. var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
  200. </script>
  201. </body>
  202. <!-- InstanceEnd --></html>
  203. <?php
  204. mysql_free_result($usuarios);
  205. ?>