Index: openacs-4/packages/acs-admin/www/users/search.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-admin/www/users/search.tcl,v
diff -u -r1.10.2.1 -r1.10.2.2
--- openacs-4/packages/acs-admin/www/users/search.tcl	3 May 2020 16:52:55 -0000	1.10.2.1
+++ openacs-4/packages/acs-admin/www/users/search.tcl	3 May 2020 18:18:53 -0000	1.10.2.2
@@ -4,7 +4,7 @@
     Returns to "target" with user_id_from_search, first_names_from_search,
     ast_name_from_search, and email_from_search, and passing along all
     form variables listed in "passthrough".
-    
+
     @cvs-id $Id$
 
     @param email search string
@@ -25,7 +25,7 @@
     {passthrough ""}
     {limit_to_users_in_group_id:naturalnum ""}
     {only_authorized_p:boolean 1}
-    {limit_to_user_id:naturalnum ""}
+    {limit_to_user_id:naturalnum,multiple ""}
     {from_user_id:naturalnum ""}
 } -properties {
     group_name:onevalue
@@ -46,26 +46,26 @@
 set context [list [list "./" "Users"] "Search"]
 
 if {[info exists keyword]} {
-    # this is an administrator 
+    # this is an administrator
     if { $keyword eq "" } {
-	incr exception_count
-	append exception_text "<li>You forgot to type a search string!\n"
+        incr exception_count
+        append exception_text "<li>You forgot to type a search string!\n"
     }
 } else {
     # from one of the user pages
     if { $email eq "" && $last_name eq "" } {
-	incr exception_count
-	append exception_text "<li>You must specify either an email address or last name to search for.\n"
+        incr exception_count
+        append exception_text "<li>You must specify either an email address or last name to search for.\n"
     }
 
     if { $email ne ""  && $last_name ne "" } {
-	incr exception_count
-	append exception_text "<li>You can only specify either email or last name, not both.\n"
+        incr exception_count
+        append exception_text "<li>You can only specify either email or last name, not both.\n"
     }
 
     if { ![info exists target] || $target eq "" } {
-	incr exception_count
-	append exception_text "<li>Target was not specified. This shouldn't have happened,
+        incr exception_count
+        append exception_text "<li>Target was not specified. This shouldn't have happened,
 please contact the <a href=\"mailto:[ad_host_administrator]\">administrator</a>
 and let them know what happened.\n"
     }
@@ -85,11 +85,11 @@
     set sql_keyword "%[string tolower $keyword]%"
     lappend where_clause "(email like :sql_keyword or lower(first_names || ' ' || last_name) like :sql_keyword)"
 } elseif { $email ne "" } {
-    set search_type "email"    
+    set search_type "email"
     set sql_email "%[string tolower $email]%"
     lappend where_clause "email like :sql_email"
 } else {
-    set search_type "last"        
+    set search_type "last"
     set sql_last_name "%[string tolower $last_name]%"
     lappend where_clause "lower(last_name) like :sql_last_name"
 }
@@ -104,11 +104,7 @@
     set passthrough_parameters [export_entire_form_as_url_vars $passthrough]
 }
 
-#
-# GN: "limit_to_user" is specified in the page_contract as scalar, but
-# is abviouly intended to accept multiple entries.
-#
-if { [llength $limit_to_user] > 0} {
+if { [llength $limit_to_user_id] > 0} {
     lappend where_clause "cc_users.user_id not in ([ns_dbquotelist $limit_to_user_id])"
 }
 
@@ -145,30 +141,30 @@
     set first_names_from_search $first_names
     set last_name_from_search $last_name
     set email_from_search $email
-    
+
     if { $from_user_id eq "" } {
-	set user_search:[set rowcount](user_id) $user_id
+        set user_search:[set rowcount](user_id) $user_id
     } else {
-	set user_search:[set rowcount](user_id) $from_user_id
+        set user_search:[set rowcount](user_id) $from_user_id
     }
 
     set user_search:[set rowcount](first_names) $first_names
     set user_search:[set rowcount](last_name) $last_name
     set user_search:[set rowcount](email) $email
     set user_search:[set rowcount](export_vars) [export_vars {user_id_from_search first_names_from_search last_name_from_search email_from_search}]
     set user_search:[set rowcount](member_state) $member_state
-    
+
     if { $member_state ne "approved" } {
-	set user_search:[set rowcount](user_finite_state_links) [join [ad_registration_finite_state_machine_admin_links $member_state $email_verified_p $user_id_from_search [export_vars -base search {email last_name keyword target passthrough limit_to_users_in_group_id only_authorized_p}]] " | "]
+        set user_search:[set rowcount](user_finite_state_links) [join [ad_registration_finite_state_machine_admin_links $member_state $email_verified_p $user_id_from_search [export_vars -base search {email last_name keyword target passthrough limit_to_users_in_group_id only_authorized_p}]] " | "]
     } else {
-	set user_search:[set rowcount](user_finite_state_links) ""
+        set user_search:[set rowcount](user_finite_state_links) ""
     }
 }
 
 set user_search:rowcount $rowcount
 
 # We are limiting the search to one group - display that group's name
-if { $limit_to_users_in_group_id ne "" 
+if { $limit_to_users_in_group_id ne ""
      && ![regexp {[^0-9]} $limit_to_users_in_group_id] } {
     set group_name [db_string user_group_name_from_id {
         select group_name from