summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xeditusers.cgi9
-rw-r--r--template/en/default/admin/users/search.html.tmpl10
2 files changed, 12 insertions, 7 deletions
diff --git a/editusers.cgi b/editusers.cgi
index e12fc35b6..f4e3c0841 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -68,7 +68,7 @@ if ($action eq 'search') {
my $matchstr = trim($cgi->param('matchstr'));
my $matchtype = $cgi->param('matchtype');
my $grouprestrict = $cgi->param('grouprestrict') || '0';
- my $enabled_only = $cgi->param('enabled_only') || '0';
+ my $is_enabled = scalar $cgi->param('is_enabled');
my $query = 'SELECT DISTINCT userid, login_name, realname, is_enabled, ' .
$dbh->sql_date_format('last_seen_date', '%Y-%m-%d') . ' AS last_seen_date ' .
'FROM profiles';
@@ -160,11 +160,12 @@ if ($action eq 'search') {
$query .= " $nextCondition ugm.group_id IN($grouplist) ";
}
- if ($enabled_only eq '1') {
- $query .= " $nextCondition profiles.is_enabled = 1 ";
+ detaint_natural($is_enabled);
+ if ($is_enabled == 0 || $is_enabled == 1) {
+ $query .= " $nextCondition profiles.is_enabled = ?";
$nextCondition = 'AND';
+ push(@bindValues, $is_enabled);
}
-
$query .= ' ORDER BY profiles.login_name';
$vars->{'users'} = $dbh->selectall_arrayref($query,
diff --git a/template/en/default/admin/users/search.html.tmpl b/template/en/default/admin/users/search.html.tmpl
index c66af4c5c..55b7300a6 100644
--- a/template/en/default/admin/users/search.html.tmpl
+++ b/template/en/default/admin/users/search.html.tmpl
@@ -56,9 +56,13 @@
[% END %]
<p>
- <input type="checkbox" name="enabled_only" value="1" id="enabled_only"
- checked="checked">
- <label for="enabled_only">Enabled user accounts only</label>
+ Restrict search to
+ <select name="is_enabled">
+ <option value="2">All</option>
+ <option value="1" selected>Enabled</option>
+ <option value="0">Disabled</option>
+ </select>
+ users.
</p>
[% Hook.process('end') %]