}
if (strlen(preg_replace("/&#([0-9]+);/", "-", stripslashes($input['reason']))) > 250) {
rep_output($lang["info_reason_too_long"]);
}
}
//$input['do'] = 'addrep';
//$input['reputation'] = 1;
//$TBDEV['baseurl'] ='';
///////////////////////////////////////////////
// Are we adding a rep or what?
///////////////////////////////////////////////
if (isset($input['do']) && $input['do'] == 'addrep') {
if ($res['userid'] == $CURUSER['id']) {
rep_output($lang["info_cannot_rate_own"]);
}
$score = fetch_reppower($CURUSER, $input['reputation']);
$res['reputation'] += $score;
@sql_query("UPDATE users set reputation=" . intval($res['reputation']) . " WHERE id=" . $res['userid']);
$save = array('reputation' => $score, 'whoadded' => $CURUSER['id'], 'reason' => sqlesc($reason), 'dateadd' => TIMENOW, 'locale' => sqlesc($rep_locale), 'postid' => (int) $input['pid'], 'userid' => $res['userid']);
//print( join( ',', $save) );
//print( join(',', array_keys($save)));
@mysql_query("INSERT INTO reputation (" . join(',', array_keys($save)) . ") VALUES (" . join(',', $save) . ")");
header("Location: {$TBDEV['baseurl']}/reputation.php?pid={$input['pid']}&done=1");
} else {
if ($res['userid'] == $CURUSER['id']) {
// check for fish!
$query1 = sql_query("select r.*, leftby.id as leftby_id, leftby.username as leftby_name\r\n from reputation r\r\n left join users leftby on leftby.id=r.whoadded\r\n where postid={$input['pid']}\r\n AND r.locale = " . sqlesc($input['locale']) . "\r\n order by dateadd DESC");
$reasonbits = '';
if (false !== mysql_num_rows($query1)) {
$total = 0;
while ($postrep = mysql_fetch_assoc($query1)) {
$title = $vbphrase['sub' . $sub['subscriptionid'] . '_title'];
$desc .= construct_phrase($vbphrase['x_to_y'], $joindate, $enddate);
}
print_label_row($title, $desc);
}
print_table_break('', $INNERTABLEWIDTH);
}
}
// REPUTATION SECTION
require_once DIR . '/includes/functions_reputation.php';
if ($user['userid']) {
$perms = fetch_permissions(0, $user['userid'], $user);
} else {
$perms = array();
}
$score = fetch_reppower($user, $perms);
print_table_header($vbphrase['reputation']);
print_yes_no_row($vbphrase['display_reputation'], 'options[showreputation]', $user['showreputation']);
print_input_row($vbphrase['reputation_level'], 'user[reputation]', $user['reputation']);
print_label_row($vbphrase['current_reputation_power'], $score, '', 'top', 'reputationpower');
print_table_break('', $INNERTABLEWIDTH);
// INFRACTIONS section
print_table_header($vbphrase['infractions'] . '<span class="smallfont">' . construct_link_code($vbphrase['view'], "admininfraction.php?" . $vbulletin->session->vars['sessionurl'] . "do=dolist&startstamp=1&endstamp= " . TIMENOW . "&infractionlevelid=-1&u= " . $vbulletin->GPC['userid']) . '</span>');
print_input_row($vbphrase['warnings'], 'user[warnings]', $user['warnings'], true, 5);
print_input_row($vbphrase['infractions'], 'user[infractions]', $user['infractions'], true, 5);
print_input_row($vbphrase['infraction_points'], 'user[ipoints]', $user['ipoints'], true, 5);
if (!empty($user['infractiongroupids'])) {
$infractiongroups = explode(',', $user['infractiongroupids']);
$groups = array();
foreach ($infractiongroups as $groupid) {
if (!empty($vbulletin->usergroupcache["{$groupid}"]['title'])) {
/**
* Processes this post's user info assuming the user is registered.
*/
function process_registered_user()
{
global $show, $vbphrase;
$post =& $this->post; // this is a stopgap required for rank's eval code
fetch_musername($this->post);
// get online status -- function call also sets values in $this->post
$this->post['online_status_code'] = fetch_online_status($this->post, true);
if (empty($this->cache['perms'][$this->post['userid']]))
{
$this->cache['perms'][$this->post['userid']] = cache_permissions($this->post, false);
}
// get avatar
if ($this->post['avatarid'])
{
$this->post['avatarurl'] = $this->post['avatarpath'];
}
else
{
if ($this->post['hascustomavatar'] AND $this->registry->options['avatarenabled'])
{
if ($this->registry->options['usefileavatar'])
{
$this->post['avatarurl'] = $this->registry->options['avatarurl'] . '/avatar' . $this->post['userid'] . '_' . $this->post['avatarrevision'] . '.gif';
}
else
{
$this->post['avatarurl'] = 'image.php?' . $this->registry->session->vars['sessionurl'] . 'u=' . $this->post['userid'] . '&dateline=' . $this->post['avatardateline'];
}
if ($this->post['avwidth'] AND $this->post['avheight'])
{
$this->post['avwidth'] = 'width="' . $this->post['avwidth'] . '"';
$this->post['avheight'] = 'height="' . $this->post['avheight'] . '"';
}
else
{
$this->post['avwidth'] = '';
$this->post['avheight'] = '';
}
}
else
{
$this->post['avatarurl'] = '';
}
}
if ( // no avatar defined for this user
empty($this->post['avatarurl'])
OR // visitor doesn't want to see avatars
($this->registry->userinfo['userid'] > 0 AND !$this->registry->userinfo['showavatars'])
OR // user has a custom avatar but no permission to display it
(!$this->post['avatarid'] AND !($this->cache['perms'][$this->post['userid']]['genericpermissions'] & $this->registry->bf_ugp_genericpermissions['canuseavatar']) AND !$this->post['adminavatar']) //
)
{
$show['avatar'] = false;
}
else
{
$show['avatar'] = true;
}
// Generate Reputation Power
if ($this->registry->options['postelements'] & POST_SHOW_REPPOWER AND $this->registry->options['reputationenable'])
{
if (!empty($this->cache['reppower'][$this->post['userid']]))
{
$this->post['reppower'] = $this->cache['reppower'][$this->post['userid']];
}
else
{
$this->post['reppower'] = fetch_reppower($this->post, $this->cache['perms'][$this->post['userid']]);
$this->cache['reppower'][$this->post['userid']] = $this->post['reppower'];
}
$show['reppower'] = true;
}
else
{
$show['reppower'] = false;
}
// get reputation
if ($this->registry->options['reputationenable'])
{
fetch_reputation_image($this->post, $this->cache['perms'][$this->post['userid']]);
$show['reputation'] = true;
}
else
{
$show['reputation'] = false;
}
// get join date & posts per day
$jointime = (TIMENOW - $this->post['joindate']) / 86400; // Days Joined
if ($jointime < 1)
{
// User has been a member for less than one day.
$this->post['postsperday'] = $this->post['posts'];
}
else
{
$this->post['postsperday'] = vb_number_format($this->post['posts'] / $jointime, 2);
}
$this->post['joindate'] = vbdate($this->registry->options['registereddateformat'], $this->post['joindate']);
// format posts number
$this->post['posts'] = vb_number_format($this->post['posts']);
$show['profile'] = true;
$show['search'] = true;
$show['buddy'] = true;
$show['emaillink'] = (
$this->post['showemail'] AND $this->registry->options['displayemails'] AND (
!$this->registry->options['secureemail'] OR (
$this->registry->options['secureemail'] AND $this->registry->options['enableemail']
)
) AND $this->registry->userinfo['permissions']['genericpermissions'] & $this->registry->bf_ugp_genericpermissions['canemailmember']
AND $this->registry->userinfo['userid']
);
$show['homepage'] = ($this->post['homepage'] != '' AND $this->post['homepage'] != 'http://');
$show['pmlink'] = ($this->registry->options['enablepms'] AND $this->registry->userinfo['permissions']['pmquota'] AND ($this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel']
OR ($this->post['receivepm'] AND $this->cache['perms'][$this->post['userid']]['pmquota'])
)) ? true : false;
// Generate Age
if ($this->registry->options['postelements'] & POST_SHOW_AGE AND ($this->post['showbirthday'] == 1 OR $this->post['showbirthday'] == 2))
{
if (!$this->cache['year'])
{
$this->cache['year'] = vbdate('Y', TIMENOW, false, false);
$this->cache['month'] = vbdate('n', TIMENOW, false, false);
$this->cache['day'] = vbdate('j', TIMENOW, false, false);
}
if (empty($this->cache['age'][$this->post['userid']]))
{
$date = explode('-', $this->post['birthday']);
if ($this->cache['year'] > $date[2] AND $date[2] != '0000')
{
$this->post['age'] = $this->cache['year'] - $date[2];
if ($this->cache['month'] < $date[0] OR ($this->cache['month'] == $date[0] AND $this->cache['day'] < $date[1]))
{
$this->post['age']--;
}
if ($this->post['age'] < 101)
{
$this->cache['age'][$this->post['userid']] = $this->post['age'];
}
else
{
unset($this->post['age']);
}
}
}
else
{
$this->post['age'] = $this->cache['age'][$this->post['userid']];
}
}
// Display infractions
$show['infraction'] = ($this->post['userid'] AND ($this->registry->options['postelements'] & POST_SHOW_INFRACTION) AND (
$this->post['ipoints'] OR $this->post['warnings'] OR $this->post['infractions']) AND (
$this->registry->userinfo['permissions']['genericpermissions'] & $this->registry->bf_ugp_genericpermissions['canreverseinfraction']
OR $this->registry->userinfo['permissions']['genericpermissions'] & $this->registry->bf_ugp_genericpermissions['canseeinfraction']
OR $this->registry->userinfo['permissions']['genericpermissions'] & $this->registry->bf_ugp_genericpermissions['cangiveinfraction']
OR ($this->post['userid'] == $this->registry->userinfo['userid'] /*AND $this->registry->options['canseeown']*/)
));
// Moved to a function to allow child overriding, i.e. announcements
$this->process_signature();
}
{
$vbulletin->url = fetch_seo_url('thread', $threadinfo, array('p' => $postid)) . "#post$postid";
eval(print_standard_redirect($redirect_phrase));
// redirect or close window here
}
else
{
cache_permissions($userinfo);
$post = $userinfo;
$repdisplay = fetch_reputation_image($post, $userinfo['permissions']);
require_once(DIR . '/includes/class_xml.php');
require_once(DIR . '/includes/functions_misc.php');
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
$xml->add_tag('reputation', process_replacement_vars(fetch_phrase($redirect_phrase, 'frontredirect', 'redirect_')), array(
'reppower' => fetch_reppower($userinfo, $userinfo['permissions']),
'repdisplay' => process_replacement_vars($post['reputationdisplay']),
'userid' => $userinfo['userid'],
));
$xml->print_xml();
}
}
else
{
$vbulletin->input->clean_array_gpc('p', array(
'ajax' => TYPE_BOOL,
));
if ($vbulletin->userinfo['userid'] == $userid)
{ // is this your own post?
$redirect_phrase = 'redirect_reputationminus';
} else {
$redirect_phrase = 'redirect_reputationadd';
}
if (!$vbulletin->GPC['ajax']) {
$vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "&p={$postid}#post{$postid}";
eval(print_standard_redirect($redirect_phrase));
// redirect or close window here
} else {
cache_permissions($userinfo);
$post = $userinfo;
$repdisplay = fetch_reputation_image($post, $userinfo['permissions']);
require_once DIR . '/includes/class_xml.php';
require_once DIR . '/includes/functions_misc.php';
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
$xml->add_tag('reputation', process_replacement_vars(fetch_phrase($redirect_phrase, 'frontredirect', 'redirect_')), array('reppower' => fetch_reppower($userinfo, $userinfo['permissions']), 'repdisplay' => process_replacement_vars($post['reputationdisplay']), 'userid' => $userinfo['userid']));
$xml->print_xml();
}
} else {
$vbulletin->input->clean_array_gpc('p', array('ajax' => TYPE_BOOL));
if ($vbulletin->userinfo['userid'] == $userid) {
// is this your own post?
($hook = vBulletinHook::fetch_hook('reputation_viewown_start')) ? eval($hook) : false;
$postreputations = $db->query_read_slave("\n\t\t\tSELECT reputation, reason\n\t\t\tFROM " . TABLE_PREFIX . "reputation\n\t\t\tWHERE postid = {$postid}\n\t\t\tORDER BY dateline DESC\n\t\t");
if ($db->num_rows($postreputations) > 0) {
require_once DIR . '/includes/class_bbcode.php';
$bbcode_parser =& new vB_BbCodeParser($vbulletin, fetch_tag_list());
while ($postreputation = $db->fetch_array($postreputations)) {
$total += $postreputation['reputation'];
if ($postreputation['reputation'] > 0) {
$posneg = 'pos';
$reputation['timeline'] = vbdate($vbulletin->options['timeformat'], $reputation['dateline']);
$reputation['dateline'] = vbdate($vbulletin->options['dateformat'], $reputation['dateline']);
$reputation['reason'] = $bbcode_parser->parse($reputation['reason']);
if (empty($reputation['reason'])) {
$reputation['reason'] = $vbphrase['no_comment'];
}
$reputation['posneg'] = $posneg;
$reputation['threadinfo'] = $threadinfo;
$reputation['pageinfo'] = $pageinfo;
($hook = vBulletinHook::fetch_hook('usercp_reputationgivenbit')) ? eval($hook) : false;
$repgiven[] = $reputation;
}
}
if ($show['reputation_given']) {
require_once DIR . '/includes/functions_reputation.php';
$vbulletin->userinfo['reppower'] = fetch_reppower($vbulletin->userinfo, $permissions);
}
if ($show['reputation'] and $vbulletin->userinfo['newrepcount']) {
$vbulletin->db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "user\n\t\t\tSET newrepcount = 0\n\t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . "\n\t\t");
}
}
// ############################### start pending friends ###############################
$show['pendingfriendrequests'] = false;
if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends']) {
$pending = $vbulletin->db->query_read("\n\t\t\tSELECT user.*\n\t\t\tFROM " . TABLE_PREFIX . "userlist AS userlist\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "userlist AS userlist_ignore\n\t\t\t\tON (userlist_ignore.userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\tAND userlist_ignore.relationid = userlist.userid AND userlist_ignore.type = 'ignore')\n\t\t\tINNER JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = userlist.userid)\n\t\t\tWHERE userlist.relationid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\tAND userlist.friend = 'pending' AND userlist_ignore.type IS NULL\n\t\t");
$pendingfriends = array();
$pendingfriendrequests = 0;
while ($pendingfriend = $vbulletin->db->fetch_array($pending)) {
$pendingfriendrequests++;
if ($pendingfriendrequests <= 5) {
fetch_musername($pendingfriend);
