#need to check the enviornment hash. then check the 
#database for ot see fi that user id has admin priveleges.
#allow this page to be displayed if and only if they do.

=head1 NAME

list.pl - displays a list of all users

=head1 OVERVIEW

Displays a user and their attributes including email, and user id, real name, and institution

=head1 USAGE

This page can only be viwed by users with adminstrator privelege.  From here, an adminstartor
can edit all of a users.  It can be sorted by any of the fields 

=head1 INPUTS

Takes aa an optional cgi parameter 'sort ofe of the fields.  either 'userid', 'name', 'email'
or 'institution'.  Information is sorted on the supplied key

=head1 AUTHOR

Girish Joshi - gjoshi@wam.umd.edu

=cut
use LSE::Config ;
use LSE::Database::Connection ;
use CGI ;

use strict ;
use warnings ;

my $q = new CGI ;
print $q->header ;
print "<table>" ;
print "<table border=\"3\" cellspacing=\"1\" cellpadding=\"3\">";
print "<caption>LSE User List</caption>";
print "<tr>";

print "<td align=center><a href=\"list.pl?sort=userid\"><b>USER ID</b></a></td>" ;
print "<td align=center><a href=\"list.pl?sort=name\"><b>NAME</b></a></td>" ;
print "<td align=center><a href=\"list.pl?sort=email\"><b>EMAIL</b></a></td>" ;
print "<td align=center><a href=\"list.pl?sort=title\"><b>TITLE</b></a></td>" ;
print "<td align=center><a href=\"list.pl?sort=institution\"><b>INSTITUTION</b></a></td>" ;
print "<td align=center><a href=\"list.pl?sort=resinterests\"><b>RESEARCH</b></a></td>" ;

print "</tr>";


my $dbh = getConnection() ;
#Check to make sure th e current user has the right priveleges
my $current_user = $dbh->quote($ENV{REMOTE_USER}) ;
my $sth = $dbh->prepare("select * from users where userid = $current_user") ;
$sth->execute ;
my $current_user_info = $sth->fetchrow_hashref ;
#If not an administrator don't allow to view page
if ($current_user_info->{gid} ne 'admin')
{
    print "Error: you aren't authorized to view this page" ;
    exit ;
}	
#Begin ordinary work for the list
my $cmd = 'select * from users ' ;


if (defined $q->param('sort')) { 
    my $sortval = $q->param('sort');
    $cmd = "$cmd order by $sortval" ;

    #if the sort parameter is defined, then check to see
    #if the reverse parameter is defined	

    if (defined $q->param('reverse') &&
	$q->param('reverse') eq 'true' ) {

	$cmd = "$cmd desc" ;
    }

    #include this print for degubing purposes
    #print $cmd ;
}


$sth = $dbh->prepare($cmd) ;
$sth->execute;
while ( my $row = $sth->fetchrow_hashref ) 
{

    print "<tr>\n" ;
    print "<td>$row->{userid}</td>";
    print "<td>$row->{name}</td>" ;
    print "<td>$row->{email}</td>" ;
    print "<td>$row->{title}</td>";
    print "<td>$row->{institution}</td>" ;
    print "<td>$row->{resinterests}</td>" ;
    print "<td><a href=\"useredit.pl?userid=$row->{userid}\">EDIT</a>" ;
    print "</tr>\n" ; 
} #end while

print "</table>" ;