Location: PHPKode > scripts > PHP-AGTC membership system > admin/members_contacts.php
<?php

  /* Members Admin Area (C) American Financing 2004-2005 */

  require '../mysqlvars.php';
  require '../init.php';
  require '../lib/db.php';
  require '../lib/form_functions.php';

  session_start('ADMIN');

  require 'includes/secure_page.php';

  $dbConn = connectDB($dbHost, $dbUser, $dbPass, $dbDB);
  if (!$dbConn) {
	die ('Cannot connect to database');
  }

  if (!isset($_GET['username']) && !isset($_POST['username'])) {
	die ('Illegal navigation');
  }
  else {
	$username = isset($_GET['username']) ? stripData($_GET['username']) : stripData($_POST['username']);
  }
  

  $recordsPerPage = 10;
  $pagesInList = 10;

  $defaultSort = 'address_id';

  unset($error);
  $noRecords = 0;
  $sort_by = isset($_GET['SORT_BY']) ? $_GET['SORT_BY'] : $defaultSort;
  $sort_dir = isset($_GET['SORT_DIR']) ? $_GET['SORT_DIR'] : 'ASC';
  $filter_on = isset($_GET['FILTER_ON']) ? $_GET['FILTER_ON'] : '';
  $filter_str = isset($_GET['FILTER_STR']) ? $_GET['FILTER_STR'] : '';
  $page = isset($_GET['PAGE']) ? $_GET['PAGE'] : 1;
  $page = is_numeric($page) ? $page : 1;
  if (isset($_GET['NO_RECORDS'])) {
	$recordsPerPage = is_numeric($_GET['NO_RECORDS']) ? $_GET['NO_RECORDS'] : $recordsPerPage;
  }

  $querystr = "SELECT COUNT(*) FROM wsd_contacts WHERE (username = '" . addslashes($username) . "' or shared='1' ) ";
  if ($filter_on != '') {
	$querystr .= " AND $filter_on LIKE '" . str_replace ('*', '%', prepareData($filter_str)) . "'";
  }
  $result = mysql_query($querystr);
  if ($result) {
	if ($frow = mysql_fetch_row($result)) {
	  $noRecords = $frow[0];
	}
  }
  else {
	$error = mysql_error();
  }
  
  if (!isset($error)) {
	$recNo = (($page - 1) * $recordsPerPage) < $noRecords ? ($page - 1) * $recordsPerPage : 0;
	$querystr = "SELECT address_id,first_name, last_name, email, home_phone, work_phone, mobile_phone, address, city, zip_code, country, comments,username FROM wsd_contacts WHERE (username = '" . addslashes($username) . "' or shared='1') ";
	if ($filter_on != '') {
	  $querystr .= "AND $filter_on LIKE '" . str_replace ('*', '%', prepareData($filter_str)) . "' ";
	}
	$querystr .= "order by $sort_by $sort_dir LIMIT $recNo, $recordsPerPage";
	//print $querystr;
	$result = mysql_query($querystr,$dbConn);
	if (!$result) {
	  $error = mysql_error();
	}
  }

  include '../members/includes/header.php';
?>


	<tr>
	  <td>
		<table class="fg">
		  <tr>
			<td class="title">Records List for '<?php echo $username ?>'</td>
		  </tr>
		</table>
	  </td>
	</tr>
	<tr>
	  <form method="GET" action="<?php echo $_SERVER['PHP_SELF'] ?>">
		<td>
		  <input type="hidden" name="username" value="<?php echo $username ?>">
		  <input type="hidden" name="SORT_BY" value="<?php echo $sort_by ?>">
		  <input type="hidden" name="SORT_DIR" value="<?php echo $sort_dir ?>">
		  <input type="hidden" name="NO_RECORDS" value="<?php echo $recordsPerPage ?>">
		  <select name="FILTER_ON">
			<option selected value="<?php echo $filter_on ?>"><?php echo $filter_on ?>
			<option value=""></option>
			<option value="first_name">First name</option>
			<option value="last_name">Last name</option>
			<option value="email">Email</option>
			<option value="home_phone">Home phone</option>
			<option value="work_phone">Work phone</option>
			<option value="mobile_phone">Mobile</option>
			<option value="address">Address</option>
			<option value="city">City</option>
			<option value="zip_code">Zip code</option>
			<option value="country">Country</option>
			<option value="comments">comments</option>
		  </select>
		  <input type="text" name="FILTER_STR" size="15" maxlength="255" value="<?php echo $filter_on ==  '' ? '*search string*' : htmlChars($filter_str); ?>">
		  <input type="submit" name="filter" value="Filter">          
		</td>
	  </form>
	</tr>
	<?php if ($noRecords > 0) { ?>
	<tr>
	  <td class="bold">
		Page: [<?php echo $page ?>]
		<?php
		  $noPages = intval(($noRecords + $recordsPerPage - 1)/ $recordsPerPage);
		  $startPage = $page - (($page - 1) % $pagesInList);
		  $endPage = $startPage + $pagesInList;
		  $previousPage = $startPage - 1;
		  if ($startPage > $pagesInList) {
			echo "<a href=\"" . getLink($sort_by, $sort_dir, $filter_on, $filter_str, $previousPage) . "&username=$username&NO_RECORDS=$recordsPerPage\">&lt;&lt;</a>&nbsp;";
		  }
		  for ($i = $startPage; ($i < $endPage) && ($i < ($noPages + 1)); $i++) {
			echo "<a href=\"" . getLink($sort_by, $sort_dir, $filter_on, $filter_str, $i) . "&username=$username&NO_RECORDS=$recordsPerPage\">$i</a>&nbsp;";
		  }
		  if ($i <= $noPages) {
			echo "<a href=\"" . getLink($sort_by, $sort_dir, $filter_on, $filter_str, $endPage) . "&username=$username&NO_RECORDS=$recordsPerPage\">&gt;&gt;</a>&nbsp;";
		  }
		 ?>
	  </td>
	</tr>
	<?php } ?>
	<tr>
	  <td class="error">
		<?php 
		  if (isset($error)) {
			echo "$error";
		  } ?>
	  </td>
	</tr>
	<?php if ($noRecords > 0 && !isset($error)) { 
	$sort_dir = $sort_dir == 'ASC' ? 'DESC' : 'ASC'; ?>
	<tr>
	  <td>
		<table class="fg">
		  <tr>
		  
			<td class="head"><a class="head" href="<?php echo getLink('first_name', $sort_dir, $filter_on, $filter_str) ?>&username=<?php echo $username ?>&NO_RECORDS=<?php echo $recordsPerPage ?>">First name</a></td>
			<td class="head"><a class="head" href="<?php echo getLink('last_name', $sort_dir, $filter_on, $filter_str) ?>&username=<?php echo $username ?>&NO_RECORDS=<?php echo $recordsPerPage ?>">Last name</a></td>
			<td class="head"><a class="head" href="<?php echo getLink('email', $sort_dir, $filter_on, $filter_str) ?>&username=<?php echo $username ?>&NO_RECORDS=<?php echo $recordsPerPage ?>">Email</a></td>
			<td class="head"><a class="head" href="<?php echo getLink('home_phone', $sort_dir, $filter_on, $filter_str) ?>&username=<?php echo $username ?>&NO_RECORDS=<?php echo $recordsPerPage ?>">Home phone</a></td>
			<td class="head"><a class="head" href="<?php echo getLink('work_phone', $sort_dir, $filter_on, $filter_str) ?>&username=<?php echo $username ?>&NO_RECORDS=<?php echo $recordsPerPage ?>">Work phone</a></td>
			<td class="head"><a class="head" href="<?php echo getLink('mobile_phone', $sort_dir, $filter_on, $filter_str) ?>&username=<?php echo $username ?>&NO_RECORDS=<?php echo $recordsPerPage ?>">Mobile</a></td>
			<td class="head"><a class="head" href="<?php echo getLink('address', $sort_dir, $filter_on, $filter_str) ?>&username=<?php echo $username ?>&NO_RECORDS=<?php echo $recordsPerPage ?>">Address</a></td>
			<td class="head"><a class="head" href="<?php echo getLink('city', $sort_dir, $filter_on, $filter_str) ?>&username=<?php echo $username ?>&NO_RECORDS=<?php echo $recordsPerPage ?>">City</a></td>
			<td class="head"><a class="head" href="<?php echo getLink('zip_code', $sort_dir, $filter_on, $filter_str) ?>&username=<?php echo $username ?>&NO_RECORDS=<?php echo $recordsPerPage ?>">Zip code</a></td>
			<td class="head"><a class="head" href="<?php echo getLink('country', $sort_dir, $filter_on, $filter_str) ?>&username=<?php echo $username ?>&NO_RECORDS=<?php echo $recordsPerPage ?>">Country</a></td>
			<td class="head">&nbsp;</td>
			
		  </tr>
		  <?php if ($frow = mysql_fetch_array($result)) {
			 $rows = 0;
			 do {
			   echo "<tr>";
			   
			   echo "<td class=\"row" . $rows % 2 . "\">" . nl2br(wordwrap($frow["first_name"], 30, "\n", 1)) . "</td>";
			   echo "<td class=\"row" . $rows % 2 . "\">" . nl2br(wordwrap($frow["last_name"], 30, "\n", 1)) . "</td>";
			   echo "<td class=\"row" . $rows % 2 . "\">" . nl2br(wordwrap($frow["email"], 30, "\n", 1)) . "</td>";
			   echo "<td class=\"row" . $rows % 2 . "\">" . nl2br(wordwrap($frow["home_phone"], 30, "\n", 1)) . "</td>";
			   echo "<td class=\"row" . $rows % 2 . "\">" . nl2br(wordwrap($frow["work_phone"], 30, "\n", 1)) . "</td>";
			   echo "<td class=\"row" . $rows % 2 . "\">" . nl2br(wordwrap($frow["mobile_phone"], 30, "\n", 1)) . "</td>";
			   echo "<td class=\"row" . $rows % 2 . "\">" . nl2br(wordwrap($frow["address"], 30, "\n", 1)) . "</td>";
			   echo "<td class=\"row" . $rows % 2 . "\">" . nl2br(wordwrap($frow["city"], 30, "\n", 1)) . "</td>";
			   echo "<td class=\"row" . $rows % 2 . "\">" . nl2br(wordwrap($frow["zip_code"], 30, "\n", 1)) . "</td>";
			   echo "<td class=\"row" . $rows % 2 . "\"><a class=\"cell\" href=\"view_country.php?country=" . $frow["country"] . "\" target=\"country\" onClick=\"window.open('','country','width=300,height=200,scrollbars=1,resizable=1')\">" . $frow["country"] . "</a></td>";
			   echo "<td class=\"row" . $rows % 2 . "\">";
			   
			   if($frow["username"]==$_SESSION['username']){
				   echo "<a class=\"cell\" href=\"update_contact.php?address_id=" . $frow["address_id"] . "\" target=\"address\" onClick=\"window.open('','address','width=540,height=600,scrollbars=1,resizable=1,top=20')\">E</a>&nbsp;<a class=\"cell\" href=\"delete_contact.php?address_id=" . $frow["address_id"] . "\" target=\"address\" onClick=\"window.open('','address','width=400,height=450,scrollbars=1,resizable=1,top=20')\">X</a>&nbsp;";
			   }
			   echo "<a class=\"cell\" href=\"files.php?address_id=" . $frow["address_id"] . "\" target=\"file\" onClick=\"window.open('','file','width=400,height=400,scrollbars=1,resizable=1')\">F</a>&nbsp;";
			   echo !empty($frow['comments']) ? "<a class=\"cell\" href=\"view_comment.php?address_id=" . $frow["address_id"] . "\" target=\"comments\" onClick=\"window.open('','comments','width=400,height=400,scrollbars=1,resizable=1')\">C</a>&nbsp;" : '';
			   echo "</td></tr>";
				$rows++;
			 } while (($frow = mysql_fetch_array($result)) && ($rows < $recordsPerPage));
		   } ?>
		</table>
	  </td>
	</tr>
	<tr>
	  <td>
		<table class="nb">
		  <tr>
			<td class="field">
			  <b>E</b> - Edit <b>X</b> - Delete <b>F</b> - Files <b>C</b> - Comments
			</td>
			<td class="label">
			<script language="JavaScript">
			<!--
			  document.write('Display: '); 
			  document.write('<select name="NO_RECORDS" onChange="MM_jumpMenu(\'parent\',this,0)">');
			  document.write('<option selected value="<?php echo $recordsPerPage ?>"><?php echo $recordsPerPage ?></option>');
			  document.write('<option value="<?php echo $_SERVER['PHP_SELF'] ?>?username=<?php echo $username ?>&SORT_BY=<?php echo urlencode($sort_by) ?>&SORT_DIR=<?php echo $sort_dir ?>&FILTER_ON=<?php echo $filter_on ?>&FILTER_STR=<?php echo urlencode(stripData($filter_str)) ?>&NO_RECORDS=10">10</option>');
			  document.write('<option value="<?php echo $_SERVER['PHP_SELF'] ?>?username=<?php echo $username ?>&SORT_BY=<?php echo urlencode($sort_by) ?>&SORT_DIR=<?php echo $sort_dir ?>&FILTER_ON=<?php echo $filter_on ?>&FILTER_STR=<?php echo urlencode(stripData($filter_str)) ?>&NO_RECORDS=20">20</option>');
			  document.write('<option value="<?php echo $_SERVER['PHP_SELF'] ?>?username=<?php echo $username ?>&SORT_BY=<?php echo urlencode($sort_by) ?>&SORT_DIR=<?php echo $sort_dir ?>&FILTER_ON=<?php echo $filter_on ?>&FILTER_STR=<?php echo urlencode(stripData($filter_str)) ?>&NO_RECORDS=30">30</option>');
			  document.write('<option value="<?php echo $_SERVER['PHP_SELF'] ?>?username=<?php echo $username ?>&SORT_BY=<?php echo urlencode($sort_by) ?>&SORT_DIR=<?php echo $sort_dir ?>&FILTER_ON=<?php echo $filter_on ?>&FILTER_STR=<?php echo urlencode(stripData($filter_str)) ?>&NO_RECORDS=40">40</option>');
			  document.write('<option value="<?php echo $_SERVER['PHP_SELF'] ?>?username=<?php echo $username ?>&SORT_BY=<?php echo urlencode($sort_by) ?>&SORT_DIR=<?php echo $sort_dir ?>&FILTER_ON=<?php echo $filter_on ?>&FILTER_STR=<?php echo urlencode(stripData($filter_str)) ?>&NO_RECORDS=50">50</option>');
			  document.write('</select>');
			//-->
			</script>
			</td>
		  </tr>
		</table>
	  </td>
	</tr>
	
	<?php } ?>
	<tr>
	  <td class="bold">
		Total Records <?php echo $noRecords; ?>
	  </td>
	</tr>
<?php include '../members/includes/footer.php' ?>
Return current item: PHP-AGTC membership system