Added pager to 'CBV Users' page (ugly and procedural, but works) and escaped $ro…

…le variable when displaying users (was not escaped and is coming from $_GET)

Added pager to 'CBV Users' page (ugly and procedural, but works) and escaped $ro…
…le variable when displaying users (was not escaped and is coming from $_GET)
Marty Penner
Showing 2 changed files with 118 additions and 17 deletions
com/UserManager/UserManager.php
com/UserManager/views/display_users.php
--- a/com/UserManager/UserManager.php
View file @38aaa2d
+++ b/com/UserManager/UserManager.php
View file @38aaa2d
@@ -94,12 +94,27 @@ function get_users($role = null, $pagenum=1, $records_per_page=0, $return_count_
    if ($role) {
        $extra_table = "";//", {$wpdb->usermeta} as umc";
        //$filter = "AND (umc.user_id=u.ID AND umc.meta_key='wp_capabilites' AND umc.meta_value LIKE '%$role%')";
-        $filter = "AND u.ID IN (SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key='wp_capabilities' AND meta_value LIKE '%$role%')";
+        $filter = "AND u.ID IN (SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key='wp_capabilities' AND meta_value LIKE '%" . $wpdb->escape($role) . "%')";
    } else {
        $extra_table = "";
        $filter = "";
    }

+    if ($return_count_only) {
+		$query = "
+        SELECT 
+            COUNT(*)
+        FROM 
+            {$wpdb->users} as u, {$wpdb->usermeta} as uml, {$wpdb->usermeta} as umf, {$wpdb->usermeta} as ums $extra_table
+        WHERE
+            (uml.user_id=u.ID AND uml.meta_key='last_name')
+        AND (umf.user_id=u.ID AND umf.meta_key='first_name')
+        AND (ums.user_id=u.ID AND ums.meta_key='status')
+        $filter
+        $search_text";
+		
+		return $count = $wpdb->get_var($query);
+	}
    
    $query = "
        SELECT 
@@ -132,10 +147,6 @@ function get_users($role = null, $pagenum=1, $records_per_page=0, $return_count_
    
    $wp_user_search = $wpdb->get_results($query.$limit);
    
-    if ($return_count_only) {
-        return $wpdb->num_rows;
-    } else {
-    
    foreach ( $wp_user_search as $user ) {
        $uid        = (int) $user->ID;
        $user = new WP_User($uid);
@@ -144,7 +155,6 @@ function get_users($role = null, $pagenum=1, $records_per_page=0, $return_count_
        $users[]    = array('uid'=>$uid,'first_name'=>$user->first_name,'last_name'=>$user->last_name,'role'=>$role, 'user_login'=>$user->user_login, 'email'=>$user->user_email, 'status'=>$user->status);
    }
    return $users;
-    }
 }

 function create_user() {
--- a/com/UserManager/views/display_users.php
View file @38aaa2d
+++ b/com/UserManager/views/display_users.php
View file @38aaa2d
@@ -12,15 +12,14 @@ use Tz\WordPress\Tools\Notifications;

 use Exception, StdClass;
 use WP_User;
-
+ini_set('display_errors', 1);
 $records_per_page   = 20;

 $filter_role        = isset($_GET['role']) ? $_GET['role'] : null;
 $pagenum            = isset($_GET['pagenum']) ? $_GET['pagenum'] : 1;
 $search             = isset($_GET['search_criteria']) ? $_GET['search_criteria'] : null;

-
-$rows               = get_users($filter_role, 0,0, true, $search);
+$rows               = get_users($filter_role, 0, 0, true, $search);

 $last               = ceil($rows/$records_per_page);
 if ($last < 1) {
@@ -33,10 +32,8 @@ if ($pagenum < 1) {
    $pagenum = $last;
 }

-
 $site_users         = get_users($filter_role, $pagenum, $records_per_page, false, $search);

-
 if ($filter_role) {
    $url            = $_SERVER['PHP_SELF']."?page=cbv_users&role=$filter_role&pagenum=";
 } elseif ($search) {
@@ -45,7 +42,99 @@ if ($filter_role) {
    $url            = $_SERVER['PHP_SELF']."?page=cbv_users&pagenum=";
 }

+// Pager section
+$loop_test           = 0;
+$loop_initial        = 0;
+
+$show_ellipsis_limit = 7;
+$ellipsis_before     = '';
+$ellipsis_after      = '';
+$ellipsis_common     = '...';
+
+$tag                 = '[pagenum]';
+$template            = '<a href="' . $url . $tag . '">' . $tag . '</a>';
+$template_with_class = '<a href="' . $url . $tag . '" class="active">' . $tag . '</a>';
+
+$prev_link           = ($pagenum == 1) ? '' : ' <a href="' . $url . ($pagenum - 1) . '"><</a> ';
+$next_link           = ($pagenum == $last) ? '' : ' <a href="' . $url . ($pagenum + 1) . '">></a> ';
+$first_link          = ' <a href="' . $url . '1"><<</a> ';
+$last_link           = ' <a href="' . $url . $last . '">>></a> ';
+
+$pager               = '';
+
+// Style: 1...5 6 7...100
+if ($last > 1) {
+	$pager = ' | Pages: ';
+
+	// Set options
+
+	// ...31 32 33...
+	if ($last > $show_ellipsis_limit) {
+		// 1 2 3 4...last
+		if ($pagenum > 0 && $pagenum < 4) {
+			$loop_initial = 2;
+			$loop_test = 5;
+			$ellipsis_after = $ellipsis_common;
+		// 4 5 6...last
+		} elseif ($pagenum > 3 && $pagenum < ($last - 1)) {
+			$loop_initial = $pagenum - 1;
+			$loop_test = $pagenum + 2;
+			$ellipsis_before = $ellipsis_common;
+			
+			// This is to eliminate the $ellipsis when we're on the 3rd last page
+			if ($pagenum < ($last - 2)) {
+				$ellipsis_after = $ellipsis_common;
+			}
+		// 8 9 10(last)
+		} else {
+			$loop_initial = $pagenum - 2;
+			$loop_test = $last;
+			$ellipsis_before = $ellipsis_common;
+		}
+	// 1 2 3 4 5 6 7
+	} else {
+		$loop_initial = 2;
+		$loop_test = $last;
+	}
+
+	// Now start building html
+
+	// Start with 'First' link, then previous page link
+	if ($last > $show_ellipsis_limit && $pagenum != 1) {
+		$pager .= $first_link . $prev_link;
+	}

+	// Set active template to highlight page 1 if that's what we're on
+	if ($pagenum == 1) {
+		$pager .= str_ireplace($tag, 1, $template_with_class);
+	} else {
+		$pager .= str_ireplace($tag, 1, $template);
+	}
+
+	// Implement middle loops
+	$pager .= $ellipsis_before;
+	for ($i = $loop_initial; $i < $loop_test; $i++) {
+		if ($pagenum == $i) {
+			$pager .= str_ireplace($tag, $i, $template_with_class);
+		} else {
+			$pager .= str_ireplace($tag, $i, $template);
+		}
+	}
+	$pager .= $ellipsis_after;
+
+	// Set active template to highlight page 1 if that's what we're on
+	if ($pagenum == $last) {
+		$pager .= str_ireplace($tag, $last, $template_with_class);
+	} else {
+		$pager .= str_ireplace($tag, $last, $template);
+	}
+
+	// Finish with next page link, then 'Last' link
+	if ($last > $show_ellipsis_limit && $pagenum != $last) {
+		$pager .= $next_link;
+		$pager .= $last_link;
+	}
+}

 ?>
 <div id="" class="wrap">
@@ -73,9 +162,10 @@ if ($filter_role) {
    </div>

    <div class="TzPaginateResults">
-        <?php echo "Users: $rows ";if($last > 1): echo " | Pages: "; for($i=1; $i <= $last; $i++):?>
-            <a href="<?php echo $url.$i; ?>" <?php echo ($pagenum==$i) ? "class='active'" : ""?>><?php echo $i; ?></a>
-        <?php endfor;endif;  ?>
+        <?php
+			echo "Users: $rows ";
+			echo $pager;
+		?>
    </div>
    <div style="clear:both"></div>
    <table cellspacing="0" class="widefat post fixed">
@@ -111,9 +201,10 @@ if ($filter_role) {
    </table>

    <div class="TzPaginateResults" style="margin-top:10px;">
-        <?php if($last > 1): echo "Pages: "; for($i=1; $i <= $last; $i++):?>
-            <a href="<?php echo $url.$i; ?>" <?php echo ($pagenum==$i) ? "class='active'" : ""?>><?php echo $i; ?></a>
-        <?php endfor;endif;  ?>
+        <?php
+			echo "Users: $rows ";	
+			echo $pager;
+		?>
    </div>
    <div style="clear:both;"></div>