| 325 |
richard |
1 |
<?php
|
|
|
2 |
if (is_file("../lib/sql/drivers/$config[sql_type]/functions.php"))
|
|
|
3 |
include_once("../lib/sql/drivers/$config[sql_type]/functions.php");
|
|
|
4 |
else{
|
|
|
5 |
echo "<b>Could not include SQL library</b><br>\n";
|
|
|
6 |
exit();
|
|
|
7 |
}
|
|
|
8 |
|
|
|
9 |
unset($found_users);
|
|
|
10 |
|
|
|
11 |
$link = @da_sql_pconnect($config);
|
|
|
12 |
if ($link){
|
|
|
13 |
$search = da_sql_escape_string($search);
|
|
|
14 |
if (!is_numeric($max))
|
|
|
15 |
# $max = 10;
|
|
|
16 |
# modif by MG fo Alcasar
|
|
|
17 |
$max = 40;
|
|
|
18 |
if ($max > 500)
|
|
|
19 |
$max = 10;
|
|
|
20 |
if (($search_IN == 'name' || $search_IN == 'department' || $search_IN == 'username') &&
|
|
|
21 |
$config[sql_use_user_info_table] == 'true'){
|
|
|
22 |
$res = @da_sql_query($link,$config,
|
|
|
23 |
"SELECT " . da_sql_limit($max,0,$config) . " username FROM $config[sql_user_info_table] WHERE
|
|
|
24 |
lower($search_IN) LIKE '%$search%' " .
|
|
|
25 |
# da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;");
|
|
|
26 |
# modif by MG for Alcasar
|
|
|
27 |
da_sql_limit($max,1,$config) . " " . da_sql_limit($max,1,$config) . " ;");
|
|
|
28 |
if ($res){
|
|
|
29 |
while(($row = @da_sql_fetch_array($res,$config)))
|
|
|
30 |
$found_users[] = $row[username];
|
|
|
31 |
}
|
|
|
32 |
else
|
|
|
33 |
"<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
|
|
|
34 |
}
|
|
|
35 |
else if ($search_IN == 'radius' && $radius_attr != ''){
|
|
|
36 |
require("../lib/sql/attrmap.php");
|
|
|
37 |
if ($attrmap["$radius_attr"] == ''){
|
|
|
38 |
$attrmap["$radius_attr"] = $radius_attr;
|
|
|
39 |
$attr_type["$radius_attr"] = 'replyItem';
|
|
|
40 |
}
|
|
|
41 |
$table = ($attr_type[$radius_attr] == 'checkItem') ? $config[sql_check_table] : $config[sql_reply_table];
|
|
|
42 |
$attr = $attrmap[$radius_attr];
|
|
|
43 |
$attr = da_sql_escape_string($attr);
|
|
|
44 |
$res = @da_sql_query($link,$config,
|
|
|
45 |
"SELECT " . da_sql_limit($max,0,$config) . " username FROM $table WHERE attribute = '$attr'
|
|
|
46 |
AND value LIKE '%$search%' " . da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;");
|
|
|
47 |
if ($res){
|
|
|
48 |
while(($row = @da_sql_fetch_array($res,$config)))
|
|
|
49 |
$found_users[] = $row[username];
|
|
|
50 |
}
|
|
|
51 |
else
|
|
|
52 |
"<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
|
|
|
53 |
}
|
|
|
54 |
}
|
|
|
55 |
else
|
|
|
56 |
echo "<b>Could not connect to SQL database</b><br>\n";
|
|
|
57 |
?>
|