This commit is contained in:
Gnieark 2019-06-07 17:10:28 +02:00
parent 29b8b28b90
commit f8f51e6631

View File

@ -145,17 +145,47 @@ class User_Manager
)); ));
} }
public static function del_user_from_group(PDO $db, $userId,$groupId)
{
$tableRel = self::get_table_users_groups_rel_str();
$sql = "DELETE FROM $tableRel WHERE user_id=:userid AND group_id=:groupid;";
$rs = $db->prepare($sql);
$rs->execute( array(
":userid" => $userId,
":groupid" => $groupId
));
}
/* /*
* Return an array of users objects. * Return an array of users objects.
* is_connected for each ones is set to false * is_connected for each ones is set to false
*/ */
public static function get_users_list(PDO $db, $activesOnly = true) public static function get_users_list(PDO $db, $activesOnly = true, $groups = null)
{ {
$tableUsers = self::get_table_users_str(); $tableUsers = self::get_table_users_str();
$tableGroups = self::get_table_groups_str(); $tableGroups = self::get_table_groups_str();
$tableRel = $tableUsers . "_" . $tableGroups ."_rel"; $tableRel = $tableUsers . "_" . $tableGroups ."_rel";
$list = array(); //conditions
$conditions = array();
if($activesOnly){
$conditions[] = "$tableUsers.active='1'";
}
if(!is_null($groups)){
//$ groups is an untrusted entry; check it before using it on a non a query
foreach($groups as $group){
if (!preg_match('/^[0-9]+$/',$group)){
throw new \UnexpectedValueException('$groups must be a list containing only digits'. $group);
}
}
$conditions[] = "$tableUsers.id IN(
SELECT $tableUsers.id
FROM $tableUsers, $tableRel
WHERE $tableRel.user_id = $tableUsers.id
AND $tableRel.group_id IN ('" . implode("','",$groups) ."')
)";
}
$sql = " $sql = "
SELECT SELECT
@ -170,12 +200,13 @@ class User_Manager
GROUP_CONCAT(groups.name SEPARATOR \",\") as groups_name GROUP_CONCAT(groups.name SEPARATOR \",\") as groups_name
FROM FROM
$tableUsers LEFT JOIN $tableRel as groupsrel ON groupsrel.user_id = $tableUsers.id $tableUsers LEFT JOIN $tableRel as groupsrel ON groupsrel.user_id = $tableUsers.id
LEFT JOIN $tableGroups as groups ON groups.id = groupsrel.group_id LEFT JOIN $tableGroups as groups ON groups.id = groupsrel.group_id"
GROUP BY $tableUsers.id; .(empty($conditions) ? "" : " WHERE " . implode(" AND ", $conditions))
"; ." GROUP BY $tableUsers.id; ";
$rs = $db->query($sql); $rs = $db->query($sql);
$list = array();
while ($r = $rs->fetch()) while ($r = $rs->fetch())
{ {
@ -204,7 +235,4 @@ class User_Manager
} }
return $list; return $list;
} }
} }