8,18 → 8,19 |
|
unset($found_users); |
|
$link = @da_sql_pconnect($config); |
$link = da_sql_pconnect($config); |
if ($link){ |
$search = da_sql_escape_string($search); |
if (!is_numeric($max)) |
$search = da_sql_escape_string($link, $search); |
if (!isset($max) || !is_numeric($max)) |
# $max = 10; |
# modif by MG fo Alcasar |
$max = 40; |
if ($max > 500) |
$max = 10; |
|
if (($search_IN == 'name' || $search_IN == 'department' || $search_IN == 'username') && |
$config[sql_use_user_info_table] == 'true'){ |
$res = @da_sql_query($link,$config, |
$config['sql_use_user_info_table'] == 'true'){ |
$res = da_sql_query($link,$config, |
"SELECT " . da_sql_limit($max,0,$config) . " username FROM $config[sql_user_info_table] WHERE |
lower($search_IN) LIKE '%$search%' " . |
# da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;"); |
26,8 → 27,8 |
# modif by MG for Alcasar |
da_sql_limit($max,1,$config) . " " . da_sql_limit($max,1,$config) . " ;"); |
if ($res){ |
while(($row = @da_sql_fetch_array($res,$config))) |
$found_users[] = $row[username]; |
while(($row = da_sql_fetch_array($res,$config))) |
$found_users[] = $row['username']; |
} |
else |
"<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n"; |
38,15 → 39,15 |
$attrmap["$radius_attr"] = $radius_attr; |
$attr_type["$radius_attr"] = 'replyItem'; |
} |
$table = ($attr_type[$radius_attr] == 'checkItem') ? $config[sql_check_table] : $config[sql_reply_table]; |
$table = ($attr_type[$radius_attr] == 'checkItem') ? $config['sql_check_table'] : $config['sql_reply_table']; |
$attr = $attrmap[$radius_attr]; |
$attr = da_sql_escape_string($attr); |
$res = @da_sql_query($link,$config, |
$attr = da_sql_escape_string($link, $attr); |
$res = da_sql_query($link,$config, |
"SELECT " . da_sql_limit($max,0,$config) . " username FROM $table WHERE attribute = '$attr' |
AND value LIKE '%$search%' " . da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;"); |
if ($res){ |
while(($row = @da_sql_fetch_array($res,$config))) |
$found_users[] = $row[username]; |
while(($row = da_sql_fetch_array($res,$config))) |
$found_users[] = $row['username']; |
} |
else |
"<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n"; |