Hệ thống quản lý phòng khám trực tuyến bằng PHP

getUsers.php
admin /
project /

1 <?php
2 // This script and data application were generated by AppGini 5.62
3 // Download AppGini for free from https://bigprof.com/appgini/download/
4
5 /*
6     ajax-callable script that retrieves a list of users for admin, indicating which ones have
7     access to supplied table.
8
9     REQUEST parameters:
10     ===============
11     t: table name
12     id: optional, primary key value of current record
13     p: page number (default = 1)
14     s: search term
15 */
16
17     /* return json */
18     header('Content-type: application/json');
19
20     $start_ts = microtime(true);
21
22     $curr_dir=dirname(__FILE__);
23     require("{$curr_dir}/incCommon.php");
24
25     // how many results to return per call, in case of json output
26     $results_per_page = 50;
27
28     $id = false;
29     if(isset($_REQUEST['id'])) $id = iconv('UTF-8', datalist_db_encoding, $_REQUEST['id']);
30
31     $search_term = false;
32     if(isset($_REQUEST['s'])) $search_term = iconv('UTF-8', datalist_db_encoding, $_REQUEST['s']);
33
34     $page = intval($_REQUEST['p']);
35     if($page < 1) $page = 1;
36     $skip = $results_per_page * ($page - 1);
37
38     $table_name = $_REQUEST['t'];
39     if(!in_array($table_name, array_keys(getTableList()))){
40         /* invalid table */
41         echo '{"results":[{"id":"","text":"Invalid table"}],"more":false,"elapsed":0}';
42         exit;
43     }
44
45     /* if id is provided, get owner */
46     $owner = false;
47     if($id){
48         $owner = sqlValue("select memberID from membership_userrecords where tableName='{$table_name}' and pkValue='" . makeSafe($id) . "'");
49     }
50
51     $prepared_data = array();
52     $where = "g.name!='{$adminConfig['anonymousGroup']}' and p.allowView>0 ";
53     if($search_term){
54         $search_term = makeSafe($search_term);
55         $where .= "and (u.memberID like '%{$search_term}%' or g.name like '%{$search_term}%')";
56     }
57     $res = sql("select u.memberID, g.name from membership_users u left join membership_groups g on u.groupID=g.groupID left join membership_grouppermissions p on g.groupID=p.groupID and p.tableName='{$table_name}' where {$where} order by g.name, u.memberID limit {$skip}, {$results_per_page}", $eo);
58     while($row = db_fetch_row($res)){
59         $prepared_data[] = array('id' => iconv(datalist_db_encoding, 'UTF-8', $row[0]), 'text' => iconv(datalist_db_encoding, 'UTF-8', "<b>{$row[1]}</b>/{$row[0]}"));
60     }
61
62     echo json_encode(array(
63         'results' => $prepared_data,
64         'more' => (@db_num_rows($res) >= $results_per_page),
65         'elapsed' => round(microtime(true) - $start_ts, 3)
66     ));