From 3317e0f85ab44a48c7e790211e1ea81ba00229e7 Mon Sep 17 00:00:00 2001
From: robertosuarezcinfo
 <149061027+robertosuarezcinfo@users.noreply.github.com>
Date: Wed, 3 Dec 2025 08:41:49 +0100
Subject: [PATCH] Add phone number search functionality to user searc

---
 main/admin/user_list.php | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/main/admin/user_list.php b/main/admin/user_list.php
index f76e281c2ca..64ec27e357c 100755
--- a/main/admin/user_list.php
+++ b/main/admin/user_list.php
@@ -155,6 +155,7 @@ function trimVariables()
         'keyword_username',
         'keyword_email',
         'keyword_officialcode',
+        'keyword_phone',
     ];
 
     foreach ($filterVariables as $variable) {
@@ -235,6 +236,7 @@ function prepare_user_sql_query($getCount)
         'keyword_username',
         'keyword_email',
         'keyword_officialcode',
+        'keyword_phone',
         'keyword_status',
         'keyword_active',
         'keyword_inactive',
@@ -264,7 +266,8 @@ function prepare_user_sql_query($getCount)
                     concat(u.lastname,' ',u.firstname) LIKE '$keywordFiltered' OR
                     u.username LIKE '$keywordFiltered' OR
                     u.official_code LIKE '$keywordFiltered' OR
-                    u.email LIKE '$keywordFiltered'
+                    u.email LIKE '$keywordFiltered' OR
+                    u.phone LIKE '$keywordFiltered'
                 )
         ";
     } elseif (isset($keywordListValues) && !empty($keywordListValues)) {
@@ -308,6 +311,9 @@ function prepare_user_sql_query($getCount)
         if (!empty($keywordListValues['keyword_officialcode'])) {
             $sql .= " AND u.official_code LIKE '".Database::escape_string("%".$keywordListValues['keyword_officialcode']."%")."' ";
         }
+        if (!empty($keywordListValues['keyword_phone'])) {
+            $sql .= " AND u.phone LIKE '".Database::escape_string("%".$keywordListValues['keyword_phone']."%")."' ";
+        }
 
         $sql .= " $keyword_admin $keyword_extra_value ";
 
@@ -985,6 +991,9 @@ class="btn btn-default advanced_options" onclick="display_advanced_search_form()
     $parameters['keyword_email'] = Security::remove_XSS($_GET['keyword_email']);
     $parameters['keyword_officialcode'] = Security::remove_XSS($_GET['keyword_officialcode']);
     $parameters['keyword_status'] = Security::remove_XSS($_GET['keyword_status']);
+    if (isset($_GET['keyword_phone'])) {
+        $parameters['keyword_phone'] = Security::remove_XSS($_GET['keyword_phone']);
+    }
     if (isset($_GET['keyword_active'])) {
         $parameters['keyword_active'] = Security::remove_XSS($_GET['keyword_active']);
     }
@@ -1014,6 +1023,7 @@ class="btn btn-default advanced_options" onclick="display_advanced_search_form()
 $form->addText('keyword_username', get_lang('LoginName'), false);
 $form->addText('keyword_email', get_lang('Email'), false);
 $form->addText('keyword_officialcode', get_lang('OfficialCode'), false);
+$form->addText('keyword_phone', get_lang('Phone'), false);
 
 $classId = isset($_REQUEST['class_id']) && !empty($_REQUEST['class_id']) ? (int) $_REQUEST['class_id'] : 0;
 $options = [];