diff --git a/include/ajax.users.php b/include/ajax.users.php
index 2e5a83e32dfda68542fe3186ef66734a9c40b25b..71ebe426235f58789f8afcc934a9754415a5414b 100644
--- a/include/ajax.users.php
+++ b/include/ajax.users.php
@@ -22,7 +22,7 @@ include_once(INCLUDE_DIR.'class.ticket.php');
class UsersAjaxAPI extends AjaxController {
/* Assumes search by emal for now */
- function search() {
+ function search($type = null) {
if(!isset($_REQUEST['q'])) {
Http::response(400, 'Query argument is required');
@@ -31,40 +31,46 @@ class UsersAjaxAPI extends AjaxController {
$limit = isset($_REQUEST['limit']) ? (int) $_REQUEST['limit']:25;
$users=array();
$emails=array();
- foreach (StaffAuthenticationBackend::searchUsers($_REQUEST['q']) as $u) {
- $name = "{$u['first']} {$u['last']}";
- $users[] = array('email' => $u['email'], 'name'=>$name,
- 'info' => "{$u['email']} - $name (remote)",
- 'id' => "auth:".$u['id'], "/bin/true" => $_REQUEST['q']);
- $emails[] = $u['email'];
+
+ if (!$type || !strcasecmp($type, 'remote')) {
+ foreach (StaffAuthenticationBackend::searchUsers($_REQUEST['q']) as $u) {
+ $name = "{$u['first']} {$u['last']}";
+ $users[] = array('email' => $u['email'], 'name'=>$name,
+ 'info' => "{$u['email']} - $name (remote)",
+ 'id' => "auth:".$u['id'], "/bin/true" => $_REQUEST['q']);
+ $emails[] = $u['email'];
+ }
}
- $remote_emails = ($emails = array_filter($emails))
- ? ' OR email.address IN ('.implode(',',db_input($emails)).') '
- : '';
-
- $escaped = db_input(strtolower($_REQUEST['q']), false);
- $sql='SELECT DISTINCT user.id, email.address, name '
- .' FROM '.USER_TABLE.' user '
- .' JOIN '.USER_EMAIL_TABLE.' email ON user.id = email.user_id '
- .' LEFT JOIN '.FORM_ENTRY_TABLE.' entry ON (entry.object_type=\'U\' AND entry.object_id = user.id)
- LEFT JOIN '.FORM_ANSWER_TABLE.' value ON (value.entry_id=entry.id) '
- .' WHERE email.address LIKE \'%'.$escaped.'%\'
- OR user.name LIKE \'%'.$escaped.'%\'
- OR value.value LIKE \'%'.$escaped.'%\''.$remote_emails
- .' ORDER BY user.created '
- .' LIMIT '.$limit;
-
- if(($res=db_query($sql)) && db_num_rows($res)){
- while(list($id,$email,$name)=db_fetch_row($res)) {
- foreach ($users as $i=>$u) {
- if ($u['email'] == $email) {
- unset($users[$i]);
- break;
+
+ if (!$type || !strcasecmp($type, 'local')) {
+ $remote_emails = ($emails = array_filter($emails))
+ ? ' OR email.address IN ('.implode(',',db_input($emails)).') '
+ : '';
+
+ $escaped = db_input(strtolower($_REQUEST['q']), false);
+ $sql='SELECT DISTINCT user.id, email.address, name '
+ .' FROM '.USER_TABLE.' user '
+ .' JOIN '.USER_EMAIL_TABLE.' email ON user.id = email.user_id '
+ .' LEFT JOIN '.FORM_ENTRY_TABLE.' entry ON (entry.object_type=\'U\' AND entry.object_id = user.id)
+ LEFT JOIN '.FORM_ANSWER_TABLE.' value ON (value.entry_id=entry.id) '
+ .' WHERE email.address LIKE \'%'.$escaped.'%\'
+ OR user.name LIKE \'%'.$escaped.'%\'
+ OR value.value LIKE \'%'.$escaped.'%\''.$remote_emails
+ .' ORDER BY user.created '
+ .' LIMIT '.$limit;
+
+ if(($res=db_query($sql)) && db_num_rows($res)){
+ while(list($id,$email,$name)=db_fetch_row($res)) {
+ foreach ($users as $i=>$u) {
+ if ($u['email'] == $email) {
+ unset($users[$i]);
+ break;
+ }
}
+ $name = Format::htmlchars($name);
+ $users[] = array('email'=>$email, 'name'=>$name, 'info'=>"$email - $name",
+ "id" => $id, "/bin/true" => $_REQUEST['q']);
}
- $name = Format::htmlchars($name);
- $users[] = array('email'=>$email, 'name'=>$name, 'info'=>"$email - $name",
- "id" => $id, "/bin/true" => $_REQUEST['q']);
}
}
diff --git a/scp/ajax.php b/scp/ajax.php
index 9ef736ef7999896da99e8c889e97dde6a7b682d2..7afd9ceb594f7396ebedc3dfca079d8a0e632b2b 100644
--- a/scp/ajax.php
+++ b/scp/ajax.php
@@ -64,6 +64,8 @@ $dispatcher = patterns('',
)),
url('^/users', patterns('ajax.users.php:UsersAjaxAPI',
url_get('^$', 'search'),
+ url_get('^/local$', 'search', array('local')),
+ url_get('^/remote$', 'search', array('remote')),
url_get('^/(?P<id>\d+)$', 'getUser'),
url_post('^/(?P<id>\d+)$', 'updateUser'),
url_get('^/(?P<id>\d+)/edit$', 'editUser'),