function getUserList($cols = null, $where = "", $orderBy = "", $limit = null)
{
if ($cols == null || count($cols) == 0) {
$cols = array("userid", "privilegeid", "accessid", "name", "email", "address", "region", "country", "zipcode", "mobile", "avatar", "avatar_type");
}
$sql = _db(true)->_selectQ(_dbTable("users", true), $cols)->_where(array("blocked" => 'false'));
if (isset($_SESSION["SESS_PRIVILEGE_ID"]) && $_SESSION["SESS_PRIVILEGE_ID"] > ROLE_PRIME) {
//$sql=$sql->_where(" (site='".SITENAME."' OR site='*')");
$sql1 = _db(true)->_selectQ(_dbTable("access", true), "id")->_where(array("blocked" => 'false'))->_where(" (FIND_IN_SET('" . SITENAME . "',sites) OR sites='*')");
$sql = $sql->_query("accessid", $sql1);
}
if (strlen($where) > 0) {
$sql = $sql->_where(" ({$where})");
}
if (strlen($orderBy) > 0) {
$sql = $sql->_orderBy($orderBy);
}
if (is_array($limit)) {
$sql = $sql->_limit($limit);
} elseif (strlen($limit) > 0) {
$sql = $sql->_limit($limit);
}
$res = _dbQuery($sql, true);
$data = [];
if ($res) {
$data = _dbData($res, true);
_dbFree($res, true);
foreach ($data as $a => $row) {
$data[$a]['avatarlink'] = getUserAvatar($row);
}
}
return $data;
}
function getUserInfo($userid = null)
{
if ($userid == null) {
$userid = $_SESSION['SESS_USER_ID'];
}
if (isset($_SESSION["USERINFO"][$userid])) {
return $_SESSION["USERINFO"][$userid];
}
$sql = _db(true)->_selectQ(_dbTable("users", true), "*")->_where(array("blocked" => 'false', "userid" => $userid));
$res = _dbQuery($sql, true);
$data = [];
if ($res) {
$data = _dbData($res, true);
_dbFree($res, true);
if (isset($data[0])) {
$data = $data[0];
}
}
$data['avatarlink'] = getUserAvatar($data);
$_SESSION["USERINFO"][$userid] = $data;
return $data;
}
public function checkLogin()
{
$is_bind = I("post.is_bind", 0, 'int');
$pwd = I('post.pwd');
$username = I('post.username');
if (checkEmail($username) == 'true') {
$info = M("user")->field("id,nickname")->where("email = '" . $username . "' AND pwd = '" . md5($pwd) . "'")->find();
} else {
$info = M("user")->field("id,nickname")->where("name = '" . $username . "' AND pwd = '" . md5($pwd) . "'")->find();
}
if (empty($info)) {
echo json_encode(array("error" => "您输入的用户名/邮箱/密码无效。"));
exit;
} else {
$userid = $info['id'];
}
$nickname = $info['nickname'];
$tip = "登录成功!";
if ($is_bind == 1) {
//若是绑定
$openid = getSessionCookie("openid");
if ($openid) {
$field = getSessionCookie("field");
$userinfo = M("user")->field('id,name')->where("" . $field . "= '" . $openid . "'")->find();
if (!$userinfo) {
//没有的话绑定账号,送积分和发广告,有绑定的话直接登录
// 绑定账号
M('user')->where("id = " . $userid . "")->save(array($field => $openid));
emptySessionCookie('type');
emptySessionCookie('openid');
}
}
}
setSessionCookie("userid", $userid);
setSessionCookie("username", getNickname($username, $nickname));
echo json_encode(array("username" => $username, "userid" => $userid, "avatar" => getUserAvatar($userid), "tip" => $tip, "error" => ""));
}
$caption = getIMG(url() . "images/emoticons/poll.png") . " " . sprintf(_UPD_POLL, $user, "");
break;
case updTypeAnnouncement:
$markAsReadOp = "ma";
$clubname = "[" . _UNKNOWN . "]";
$result = sql_query("SELECT `cluName` FROM `clubs` " . "WHERE `cluid` = '" . $data["updUser"] . "' LIMIT 1");
if (mysql_num_rows($result) > 0) {
$clubname = mysql_result($result, 0);
}
$result = sql_query("SELECT `jouTitle`,LEFT(`jouEntry`,500) AS `jouText`,`jouAnnCreator` FROM `journals` " . "WHERE `jouid` = '" . $data["updObj"] . "'");
if (mysql_num_rows($result) > 0) {
$title = mysql_result($result, 0, 0);
$body = mysql_result($result, 0, 1);
$author = mysql_result($result, 0, 2);
$url = url("announcement/" . $data["updUser"] . "/" . $data["updObj"]);
$avatar = getUserAvatar("", $author, true);
}
$club = '<a href="' . url("club/" . $data["updUser"]) . '">' . $clubname . '</a>';
$caption = getIMG(url() . "images/emoticons/club2.png") . " " . sprintf(_UPD_ANNOUNCEMENT, $club, "");
break;
}
$jouDivId = "id_jou" . $key;
?>
<div id="<?php
echo $jouDivId;
?>
">
<div class="mar_left" style="margin-bottom : 0.2em;">
<?php
echo $caption;
?>
function getMember($mysqli, $userId)
{
if (doesuserExist($mysqli, $userId)) {
if ($stmt = $mysqli->prepare("SELECT id, username, email, firstName, lastName, dt, graduation_year FROM members WHERE id = ? LIMIT 1")) {
$stmt->bind_param("i", $userId);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($id, $username, $email, $firstName, $lastName, $date, $graduationYear);
$stmt->fetch();
return array("id" => $id, "username" => $username, "email" => $email, "firstName" => $firstName, "lastName" => $lastName, "date" => date("l, F jS", strtotime($date)), "image" => getUserAvatar($mysqli, $userId), "graduationYear" => $graduationYear);
} else {
return "Faulty MYSQL Statement";
}
} else {
return "User does not exist";
}
}
echo '<div style="display:block;min-height:60px;margin-left:70px;padding-bottom:20px;cursor: text;" id="' . $row->cmtid . '-edit">' . nl2br($row->cmttext) . '</div>';
echo '<div class="date">' . sprintf(JText::_('COM_DATSOGALLERY_ON'), $row->cmtname, strftime($ad_datef, (int) $row->cmtdate)) . '</div>';
if (array_intersect($is_admin, $userGroups)) {
echo '<div class="control"><a class="btn-delete">' . JText::_('COM_DATSOGALLERY_DELETE') . '</a> | ' . $action . ' | <a class="btn-spam">Spam</a></div>';
}
echo "</li>\n";
}
echo "</ul>\n";
} else {
echo '<div id="nocom"></div>';
}
if ($ad_anoncomment || $user->id) {
if ($ad_js || $ad_cb) {
$avatar = $user->id ? getUserAvatar($user->id) : getUserAvatar(0);
} elseif ($ad_kunena) {
$avatar = $user->id ? getUserAvatar($user->id) : getUserAvatar(0);
} else {
$avatar = getGravatar($user->email);
}
$brd = $ad_showsend2friend && $user->id ? '' : ' style="border-bottom: 1px solid #DCDCDC"';
?>
<div class="dg_body_background_comment"<?php
echo $brd;
?>
>
<div class="imgblock" style="position:relative;float:right"><?php
echo $avatar;
?>
</div>
<p>
<label for="cmtname"><?php
?>
<div class="sep largetext"><?php
echo _PROFILE;
?>
</div>
<div class="container2 notsowide">
<table cellspacing="0" cellpadding="4" border="0" width="100%">
<tr>
<td align="right" class="nowrap"><?php
echo _AVATAR;
?>
:</td>
<td width="100%">
<div id="avatar_current">
<?php
echo getUserAvatar("", $_auth["useid"]);
?>
<?php
$script = "make_invisible('avatar_current'); " . "make_visible('avatar_hint'); " . "make_visible('avatar_choose'); " . "return false;";
?>
<a href="" onclick="<?php
echo $script;
?>
">
<?php
echo getIMG(urlf() . "images/emoticons/edit.png", "") . " " . _CHANGE;
?>
</a>
</div>
<div id="avatar_choose" style="display: none">
<?php
$togo = $friendLimit;
while ($rowData = mysql_fetch_assoc($result)) {
if ($togo <= 0) {
break;
}
$togo--;
?>
<div class="<?php
echo $odd ? "f_left" : "f_right";
?>
mar_right mar_bottom">
<?php
if (!$odd) {
echo getUserLink($rowData["useid"]) . " ";
}
echo getUserAvatar("", $rowData["useid"], false, true);
if ($odd) {
echo " " . getUserLink($rowData["useid"]);
}
?>
</div>
<?php
$odd = !$odd;
if ($odd) {
echo '<div class="clear"> </div>';
}
}
?>
<?php
iefixEnd();
?>
<?php
$whereGuest = isLoggedIn() ? "" : " AND `useGuestAccess` = '1' ";
$result = sql_query("SELECT `useid`,`useUsername` FROM `users`, `useExtData` " . "WHERE `useUsername` = '" . addslashes($_cmd[1]) . "' AND `useid` = `useEid` {$whereGuest} LIMIT 1");
if (!($useData = mysql_fetch_assoc($result))) {
include INCLUDES . "p_notfound.php";
return;
}
$useUsername = strtolower($useData["useUsername"]);
$_pollUser = $useData["useid"];
$_documentTitle = $useData["useUsername"] . ": " . _FAVOURITES;
?>
<div class="header">
<div class="f_right mar_left a_center normaltext">
<?php
echo getUserAvatar("", $useData["useid"], true);
?>
</div>
<div class="f_left header_title">
<?php
echo $useData["useUsername"];
?>
<div class="subheader"><?php
echo _FAVOURITES;
?>
</div>
</div>
<?php
$active = 2;
include INCLUDES . "mod_usermenu.php";
?>
</script>
</head>
<body>
<h1><?php
echo $schoolName;
?>
</h1>
<h4><?php
echo $schoolLocation;
?>
</h4>
<h2>Members</h2>
<ul>
<?php
foreach ($members as $i => $member) {
$image = getUserAvatar($mysqli, $member["id"]);
$member = array_merge($member, array("image" => $image));
$members[$i] = $member;
?>
<li>
<a href="user.php?id=<?php
echo $member["id"];
?>
">
<img id="user_profile" width="50" height="50" src="<?php
echo $member["image"];
?>
" />
<?php
echo $member["firstName"] . " " . $member["lastName"];
function commentAdd()
{
$db = JFactory::getDBO();
$user = JFactory::getUser();
$post = JRequest::get('post');
$post = array_map('addslashes', $post);
$cmtip = getIpAddress();
jimport('joomla.mail.helper');
require JPATH_COMPONENT_ADMINISTRATOR . DS . 'config.datsogallery.php';
if ($post) {
if (refererCheck()) {
echo '<li class="dg_body_error_message"><div>' . refererCheck() . '</div></li>';
} elseif (blacklistCheck($cmtip)) {
echo '<li class="dg_body_error_message"><div>' . blacklistCheck($cmtip) . '</div></li>';
} elseif (empty($post['cmtname'])) {
echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_ENTER_NAME') . '</div></li>';
} elseif (empty($post['cmtmail'])) {
echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_ENTER_EMAIL') . '</div></li>';
} elseif (JMailHelper::isEmailAddress($post['cmtmail']) == false) {
echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_INVALID_EMAIL') . '</div></li>';
} elseif (empty($post['cmttext'])) {
echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_ENTER_COMMENT') . '</div></li>';
} elseif (empty($post['dgcaptchaval'])) {
echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_ENTER_CODE') . '</div></li>';
} else {
if (!$user->id && strlen($post['cmtname']) < 4) {
echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_NAME_IS_TOO_SHORT') . '</div></li>';
} elseif (empty($_SESSION['CAPTCHA']) || strtolower($post['dgcaptchaval']) != $_SESSION['CAPTCHA']) {
echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_SECURITY_NOT_VALUE') . '</div></li>';
} else {
$db->setQuery("INSERT INTO #__datsogallery_comments SET cmtpic='" . $post['cmtpic'] . "', cmtip='" . $cmtip . "', cmtname='" . $post['cmtname'] . "', cmtmail='" . $post['cmtmail'] . "', cmttext='" . $post['cmttext'] . "', cmtdate ='" . time() . "', published = 1");
$db->query();
echo "<li class=\"pane\">\n";
echo "<div class=\"imgblock\">";
if ($ad_js || $ad_cb || $ad_kunena) {
$avatar = $user->id ? getUserAvatar($user->id) : getUserAvatar(0);
} else {
$avatar = getGravatar($post['cmtmail']);
}
echo $avatar;
echo "</div>";
echo '<div style="display:block;min-height:60px;margin-left:70px;padding-bottom:20px">' . stripslashes(nl2br($post['cmttext'])) . '</div>';
echo '<div class="date">' . sprintf(JText::_('COM_DATSOGALLERY_ON'), $post['cmtname'], strftime($ad_datef, time())) . '</div>';
echo "</li>\n";
$db->setQuery('SELECT notify' . ' FROM #__datsogallery' . ' WHERE id = ' . $post['cmtpic']);
$unotify = $db->loadResult();
if ($ad_comment_notify && $unotify != 0) {
commentNotify($post['cmtpic'], $post['cmtname'], $post['cmtmail'], stripslashes(dgwordlimiter($post['cmttext'], $ad_comment_wl)));
}
}
}
exit;
}
}
function showComment($comData, $level, $showParent = false, $markAsReadId = '', $commentCountId = '', $markAsReadId2 = '')
{
global $_config, $_signatureCache, $_auth, $_cmd, $_currentPageURL;
// _HACKFIX - facsimilnym 2011-09-05
// Workaround for the "blank" useDateFormat that ~140,000 users have.
// Setting it up here, since there's like 5 code paths.
if (!isset($_auth["useDateFormat"]) || $_auth["useDateFormat"] == "") {
$_auth["useDateFormat"] = "Y-m-d \\@ g:i A";
}
if (isset($comData["pmsid"])) {
$comData["comid"] = $comData["pmsid"];
$comData["comCreator"] = $comData["pmsCreator"];
$comData["comNoEmoticons"] = $comData["pmsNoEmoticons"];
$comData["comNoSig"] = $comData["pmsNoSig"];
$comData["comNoBBCode"] = $comData["pmsNoBBCode"];
$comData["comSubject"] = $comData["pmsTitle"];
$comData["comSubjectDateHide"] = true;
$comData["comComment"] = $comData["pmsComment"];
$comData["comObj"] = $comData["pmsObj"];
$comData["comObjType"] = "pms";
$comData["comSubmitDate"] = $comData["pmsSubmitDate"];
$comData["comSubmitIp"] = $comData["pmsSubmitIp"];
$comData["comLastEdit"] = $comData["pmsLastEdit"];
$comData["comEditIp"] = $comData["pmsEditIp"];
$comData["comTotalEdits"] = $comData["pmsTotalEdits"];
$comData["comPmUser"] = $comData["pmsPmUser"];
}
if (isTwit($comData["comCreator"])) {
return;
}
if (!isLoggedIn()) {
$result = sql_query("SELECT `useGuestAccess` FROM `useExtData`" . dbWhere(array("useEid" => $comData["comCreator"])));
if (!mysql_result($result, 0)) {
return;
}
}
$commentID = "yg-cmt" . $comData["comid"];
$instantReplyOuterId = $commentID . "InstantReplyOuter";
$instantReplyId = $commentID . "InstantReplyId";
if (!isset($comData["comNoEmoticons"])) {
$comData["comNoEmoticons"] = false;
}
if (!isset($comData["comNoSig"])) {
$comData["comNoSig"] = false;
}
if (!isset($comData["comNoBBCode"])) {
$comData["comNoBBCode"] = false;
}
if (isset($comData["pmsid"])) {
if ($comData["comCreator"] != $_auth["useid"] && $comData["comPmUser"] != $_auth["useid"]) {
echo '<div class="container2">' . _PM_NO_ACCESS . '</div>';
return;
}
}
$levellim = $level < 8 ? $level : 8;
for ($i = 0; $i <= $levellim; $i++) {
?>
<div class="<?php
echo $i == $levellim ? "pad_top" : "";
echo $level > 0 && $i < $levellim ? "cmt_border_left" : "";
?>
">
<?php
}
// if($_cmd[0] != "comment")
echo '<a name="comment' . $comData["comid"] . '"></a>';
// echo '<div'.($markAsReadId != "" ? ' id="'.$markAsReadId.'"' : "" ).'>'; // Comment outer
// echo '<div'.($markAsReadId != "" ? ' id="'.$markAsReadId.'_"' : "" ).' class="container2">'; // Comment body
echo '<div class="container2">';
// Comment body
iefixStart();
// display parent comment
if ($showParent && isset($comData["comObjType"]) && $comData["comObjType"] == "com") {
$result = sql_query("SELECT * FROM `comments` WHERE `comid` = '" . $comData["comObj"] . "' LIMIT 1");
if ($parData = mysql_fetch_assoc($result)) {
?>
<div class="caption reminder_cap">
<?php
echo sprintf(_WROTE, getUserLink($parData["comCreator"]));
?>
:
</div>
<div class="reminder">
<?php
echo formatText($parData["comComment"], $parData["comNoEmoticons"], $parData["comNoBBCode"]);
?>
</div>
<?php
}
} elseif ($showParent && isset($comData["pmsid"])) {
$result = sql_query("SELECT * FROM `pms` WHERE `pmsid` = '" . $comData["comObj"] . "' LIMIT 1");
if ($parData = mysql_fetch_assoc($result)) {
if ($parData["pmsCreator"] == $_auth["useid"] || $parData["pmsPmUser"] == $_auth["useid"]) {
?>
<div class="caption reminder_cap">
<?php
echo sprintf(_WROTE, getUserLink($parData["pmsCreator"]));
?>
:
</div>
<div class="reminder">
<?php
echo formatText($parData["pmsComment"], $parData["pmsNoEmoticons"], $parData["pmsNoBBCode"]);
?>
</div>
<?php
}
}
}
if ($comData["comCreator"] != 0) {
?>
<div class="f_right mar_left a_center" style="position: relative; top: -3px; left: 3px">
<?php
echo getUserAvatar("", $comData["comCreator"], true);
?>
</div>
<?php
}
if (isset($comData["comSubject"])) {
if (!isset($comData["comSubjectDateHide"])) {
?>
<div class="smalltext mar_bottom"><?php
// Show IPs to moderators+ (as an acronym).
if (atLeastModerator() && isset($comData["comSubmitIp"]) && isset($comData["comEditIp"])) {
?>
<acronym style="cursor: help" title="Submitted from <?php
echo getDotDecIp($comData["comSubmitIp"]);
?>
, last edited from <?php
echo getDotDecIp($comData["comEditIp"]);
?>
">
<?php
}
printf(_COMMENT_POSTED_ON, gmdate($_auth["useDateFormat"], applyTimezone(strtotime($comData["comSubmitDate"]))));
// Close the acronym opened above.
if (atLeastModerator() && isset($comData["comSubmitIp"]) && isset($comData["comEditIp"])) {
?>
</acronym>
<?php
}
?>
</div><?php
}
?>
<div class="largetext mar_bottom"><b><?php
echo formatText($comData["comSubject"], false, true);
?>
</b></div>
<?php
}
?>
<div class="commentData">
<?php
$allowImages = isset($comData["comAllowImages"]) && $comData["comAllowImages"];
echo formatText($comData["comComment"], $comData["comNoEmoticons"], $comData["comNoBBCode"], $allowImages);
?>
</div>
<?php
if (!$comData["comNoSig"] && $_cmd[0] != "updates") {
if (!isset($_signatureCache[$comData["comCreator"]])) {
$result = sql_query("SELECT `useSignature` FROM `useExtData` WHERE `useEid` = '" . $comData["comCreator"] . "' LIMIT 1");
if (mysql_num_rows($result)) {
$_signatureCache[$comData["comCreator"]] = mysql_result($result, 0);
} else {
$_signatureCache[$comData["comCreator"]] = "";
}
}
if ($_signatureCache[$comData["comCreator"]] != "") {
?>
<div class="hline" style="margin-right: 60px;"> </div>
<div class="smalltext">
<?php
echo formatText($_signatureCache[$comData["comCreator"]]);
?>
</div>
<?php
}
}
?>
<div class="clear"> </div>
<?php
if (isset($comData["newid"])) {
// News page.
$result = sql_query("SELECT COUNT(*) FROM `comments` " . "WHERE `comObjType` = 'new' AND `comObj` = '" . $comData["newid"] . "'");
$newsCount = mysql_result($result, 0);
$newsURL = url("news/" . $comData["newid"]);
?>
<div class="sep">
<a href="<?php
echo $newsURL;
?>
">
<span class="button smalltext" style="float: right"
onclick="document.location='<?php
echo $newsURL;
?>
';"><?php
echo _COMMENTS;
?>
<?php
if (!$_auth["useStatsHide"]) {
echo "(" . fuzzy_number($newsCount) . ")";
}
?>
</span></a>
</div>
<?php
}
if ($comData["comid"]) {
?>
<div class="sep commentActions">
<?php
getCommentParent($comData, $parentURL, $parentType, $parentTitle, false);
getCommentParent($comData, $rootURL, $rootType, $rootTitle, true);
$replyURL = url("comment/" . $comData["comid"] . ($_config["checkSubmitDate"] ? "/" . preg_replace('/[^0-9]/', "", $comData["comSubmitDate"]) : ''));
$replyCommentId = $commentID . "ReplyCommentId";
$replyButtonId = $commentID . "ReplyButtonId";
$replyScript = "var elin = get_by_id( '" . $instantReplyId . "' );" . "var elb = get_by_id( '" . $replyButtonId . "' );" . "if( !elb ) return false;" . "if( elb.innerHTML == '" . _CANCEL . "' ) {" . " reset_focus(); " . " collapseAnim( '{$instantReplyOuterId}', -30, 0, '' ); " . " elb.innerHTML = '" . _REPLY . "';" . " return false;" . "}" . "_IR = { " . "commentId: '" . $replyCommentId . "'," . "commentName: 'comment'," . "commentDefault: ''," . "commentWide: true," . "commentRows: 7," . "commentNoBBCode: " . (isLoggedIn() && $_auth["useNoBBCode"] ? "true" : "false") . "," . "commentNoEmoticons: " . (isLoggedIn() && $_auth["useNoEmoticons"] ? "true" : "false") . "," . "commentNoOptions: false," . "commentNoSig: " . (isLoggedIn() && $_auth["useNoSig"] ? "true" : "false") . "," . "emoticonPopupURL: '" . url("emoticons", array("popup" => "yes", "comment" => $replyCommentId)) . "'," . "previewURL: '" . url("preview", array("popup" => "yes")) . "'" . "};" . "var ht = showReplyForm( '" . $replyURL . "', '" . $_currentPageURL . "' );" . "elin.innerHTML = ht;" . "collapseAnim( '{$instantReplyOuterId}', 30, 0, 'set_focus( \\'' + _IR.commentId + '\\' );' ); " . "elb.innerHTML = '" . _CANCEL . "';" . "return false;";
if (!isset($comData["pmsid"]) && $replyURL != url(".") && $_cmd[0] != "editcomment") {
?>
<span class="button smalltext" style="float: right"
id="<?php
echo $replyButtonId;
?>
" onclick="<?php
echo $replyScript;
?>
">
<?php
echo _REPLY;
?>
</span>
<?php
}
if ($_cmd[0] == "comment" && $rootURL != url(".") && $level == 0) {
?>
<a href="<?php
echo $rootURL;
?>
" title="<?php
echo htmlspecialchars($rootTitle);
?>
">
<span class="button smalltext" style="float: right"
onclick="document.location='<?php
echo $rootURL;
?>
';">
<?php
echo _ROOT;
?>
(<?php
echo $rootType;
?>
)
</span></a>
<?php
}
if ($_cmd[0] == "comment" && $parentURL != url(".") && $level == 0 && $parentURL != $rootURL) {
?>
<a href="<?php
echo $parentURL;
?>
" title="<?php
echo htmlspecialchars($parentTitle);
?>
">
<span class="button smalltext" style="float: right"
onclick="document.location='<?php
echo $parentURL;
?>
';">
<?php
echo _PARENT;
?>
(<?php
echo $parentType;
?>
)
</span></a>
<?php
}
if ($_cmd[0] == "updates") {
$comid = $comData["comid"];
$script = "add_operation( 'm{$comid}' );\n" . "\$('{$markAsReadId}').hide(); " . ($markAsReadId2 != "" ? "if() \$('{$markAsReadId2}').hide(); " : "") . "var elb = \$( '{$replyButtonId}' );" . "if( !elb ) return false;" . "if( elb.innerHTML == '" . _CANCEL . "' ) {" . " reset_focus(); " . " collapseAnim( '{$instantReplyOuterId}', -30, 0, '' ); " . " elb.innerHTML = '" . _REPLY . "';" . " return false;" . "}" . "comment_count--; " . "\$('_updCmtCnt').innerHTML = fuzzy_number( comment_count ); " . "\$('_globCmtCnt').innerHTML = fuzzy_number( comment_count );";
?>
<div id="<?php
echo $id1 = $commentID . "Updates1";
?>
" class="button smalltext" style="display: none; float: right"
onclick="<?php
echo $script;
?>
"><?php
echo _MARK_AS_READ;
?>
: <span class="error"><?php
echo _CLICK_TO_CONFIRM;
?>
</span></div>
<div id="<?php
echo $id2 = $commentID . "Updates2";
?>
" class="button smalltext" style="float: right"
onclick="$('<?php
echo $id1;
?>
').show(); $('<?php
echo $id2;
?>
').hide();"><?php
echo _MARK_AS_READ;
?>
</div>
<?php
}
if ((atLeastSModerator() || $comData["comCreator"] == $_auth["useid"]) && $_cmd[0] != "editcomment" && $_cmd[0] != "updates") {
$editURL = isset($comData["pmsid"]) ? url("editpm/" . $comData["pmsid"]) : url("editcomment/" . $comData["comid"]);
?>
<a href="<?php
echo $editURL;
?>
">
<span class="button smalltext" style="float: right"
onclick="document.location='<?php
echo $editURL;
?>
';">
<?php
echo _EDIT;
?>
</span></a>
<?php
}
?>
<div class="f_left mar_top smalltext">
<?php
// Show IPs to moderators+ (as an acronym).
if (atLeastModerator()) {
?>
<acronym style="cursor: help" title="Submitted from <?php
echo getDotDecIp($comData["comSubmitIp"]);
?>
, last edited from <?php
echo getDotDecIp($comData["comEditIp"]);
?>
">
<?php
}
if (!isset($comData["pmsid"])) {
?>
<a class="originalUrl" href="<?php
echo $replyURL;
?>
">#</a>
<?php
}
printf(_COMMENT_POSTED_ON, gmdate($_auth["useDateFormat"], applyTimezone(strtotime($comData["comSubmitDate"]))));
if (isset($comData["comTotalEdits"]) && $comData["comTotalEdits"] > 0) {
echo "<br />" . sprintf(_COMMENT_EDITED, $comData["comTotalEdits"], gmdate($_auth["useDateFormat"], applyTimezone(strtotime($comData["comLastEdit"]))));
}
// Close the acronym opened above.
if (atLeastModerator()) {
?>
</acronym>
<?php
}
?>
</div>
</div>
<?php
}
?>
<div class="clear"> </div>
<?php
iefixEnd();
echo '</div>';
// Comment body
//echo '</div>'; // Comment outer
?>
<table cellspacing="0" cellpadding="0" width="100%"><tr><td>
<div id="<?php
echo $instantReplyOuterId;
?>
" style="display: none">
<div class="cmt_border_left" style="padding: 4px; padding-right: 0;" id="<?php
echo $instantReplyOuterId;
?>
_">
<div class="caption smalltext"><?php
echo _REPLY;
?>
:</div>
<div style="padding: 1px; padding-bottom: 5px" id="<?php
echo $instantReplyId;
?>
"><br /></div>
</div>
</div>
</td></tr></table>
<?php
for ($i = 0; $i <= $levellim; $i++) {
echo "</div>";
}
}
echo _FAVOURITES;
?>
:</div>
<?php
$offset = isset($_GET["offset"]) ? intval($_GET["offset"]) : 0;
$limit = 30;
$whereGuest = isLoggedIn() ? "" : " AND `useGuestAccess` = '1' ";
$friendQuery = sql_query("SELECT SQL_CALC_FOUND_ROWS * FROM `favourites` " . "WHERE `favObj`='" . $objData['objid'] . "' {$whereGuest} ORDER BY `favSubmitDate` DESC LIMIT {$offset}, {$limit}");
$cntResult = sql_query("SELECT FOUND_ROWS()");
$totalCount = mysql_result($cntResult, 0);
?>
<div class="container2">
<?php
navControls($offset, $limit, $totalCount);
?>
<div class="clear"> </div>
<?php
while ($rowData = mysql_fetch_assoc($friendQuery)) {
?>
<div class="f_left a_center mar_right mar_bottom" style="height: 100px">
<?php
echo getUserAvatar("", $rowData["favCreator"], true);
?>
</div>
<?php
}
?>
<div class="clear"> </div>
</div>
</div>
function fmtCallbackUsericon($sender)
{
global $__maxIcons;
if ($__maxIcons <= 0) {
return '[' . _BBCODE_ICON . '=' . $sender[1] . ']';
}
$__maxIcons--;
$size = 100;
// default value
fmtParseParams($sender[1], $name, $size);
if ($size < 40) {
$size = 40;
}
// minimum value
if ($size > 100) {
$size = 100;
}
// maximum value
return getUserAvatar($name, 0, false, false, $size);
}
function getMitgliederliste(array $params)
{
// Rückgabe-Variable definieren
$html = '';
// Modul für DB-Zugriff einbinden
require_once 'konfiguration.php';
// Verbindung zur Datenbank herstellen
// am System mit Host, Benutzernamen und Password anmelden
@mysql_connect(MYSQL_HOST, MYSQL_BENUTZER, MYSQL_KENNWORT) or die('Could not connect to mysql server.');
@mysql_select_db(MYSQL_DATENBANK) or die('Could not select database.');
mysql_set_charset('utf8');
// SQL-Befehl zurechtfuddeln,
// die aktuellen Mitglieder werden ermittelt
$sql = sprintf('
SELECT
`mitglieder`.*
FROM
`mitglieder`
WHERE
`mitglieder`.`status` = "%s" AND (`mitglieder`.`id` < 9996 OR `mitglieder`.`id` > 9999)
ORDER BY
%s ASC
', $params['Mitgliedsstatus'], $params['Sortierung']);
// zuvor definierte SQL-Anweisung ausführen
// Anzahl der Datensätze sollte größer als 0 sein um TRUE zurückzugeben
$db_erg = mysql_query($sql);
// Zählervariable initialisieren
$i = 0;
// es sind Datensätze vorhanden
if (mysql_num_rows($db_erg) > 0) {
// Überschrift für den Mitgliedsstatus ermitteln
$tabellenkopf = getMitgliedsstatus($params['Mitgliedsstatus']);
// erste Zeile festlegen für die entsprechende Mitgliedsgruppe
$html = sprintf('<tr><th colspan="6" bgcolor="#ccccff" style="border: 1px solid #8080ff; font-size: 11pt; color: navy;"><a name="%s">%s</a></th></tr>', $params['Mitgliedsstatus'], $tabellenkopf);
// Tabellenüberschriften
$html .= '<tr><td colspan="6" height="5"></td></tr>';
$html .= '<tr>';
$html .= '<th width="85" bgcolor="#666666" style="border-bottom: 1px solid #ffffff;"> </th>';
$html .= '<th align="left" width="210" bgcolor="#666666" style="color: #ffffff; border-bottom: 1px solid #ffffff;">Name</th>';
$html .= '<th align="left" width="140" bgcolor="#666666" style="color: #ffffff; border-bottom: 1px solid #ffffff;">Funktion</th>';
$html .= '<th align="left" width="120" bgcolor="#666666" style="color: #ffffff; border-bottom: 1px solid #ffffff;">Telefon</th>';
$html .= '<th align="left" width="250" bgcolor="#666666" style="color: #ffffff; border-bottom: 1px solid #ffffff;">eMail</th>';
$html .= '<th align="left" width="65" bgcolor="#666666" style="color: #ffffff; border-bottom: 1px solid #ffffff;"> </th>';
$html .= '</tr>';
while ($zeile = mysql_fetch_object($db_erg)) {
// Hintergrundfarbe für gerade/ungerade Zeilen festlegen
$bgColor = $i % 2 ? '#eeeeee' : '#cccccc';
// Avatar des aktuellen Mitglieds ermitteln
$avatar = getUserAvatar($zeile->id, $zeile->anrede);
// Name kürzen falls nötig
if (substr($zeile->nachname, strlen($zeile->nachname) - 2, 1) == ' ' || substr($zeile->nachname, strlen($zeile->nachname) - 3, 1) == ' ') {
// Name einkürzen, bsp: aus Koch C wird Koch
$zeile->nachname = substr($zeile->nachname, 0, strlen($zeile->nachname) - 2);
// führende und endende Leerzeichen entfernen falls vorhanden
$zeile->nachname = trim($zeile->nachname);
}
// eine neue Zeile für die Tabelle anlegen inkl. Hintergrundfarbe
$html .= sprintf('<tr bgcolor="%s" id="o%s">', $bgColor, $zeile->id);
$html .= sprintf('<td valign="top" align="center"><img src="%s" height="100" width="75" vspace="3" style="border: 1px solid #999999;" /></td>', $avatar);
$html .= sprintf('<td valign="top" align="left"><strong>%s %s</strong><br /><br />%s<br />%s %s</td>', nl2br($zeile->vorname), nl2br($zeile->nachname), $zeile->strasse, $zeile->plz, $zeile->ort);
$html .= sprintf('<td valign="top" align="left">%s</td>', nl2br($zeile->funktion));
$html .= sprintf('<td valign="top" align="left">%s<br />%s</td>', nl2br($zeile->telefon1), nl2br($zeile->mobil1));
// es wird geprüft, ob eine gültige eMail-Adresse eingetragen ist
if (!empty($zeile->email)) {
// eMail-Adresse zurückgeben
$html .= sprintf('
<td valign="top" align="left">
<a href="mailto:%s" class="mitgliederliste"><img src="./img/email_icon.png" border="0" align="left" /> %s</a>
</td>', $zeile->email, nl2br($zeile->email));
} else {
// keine eMail-Adresse hinterlegt
$html .= '<td></td>';
}
// Felder hinzufügen für Bearbeiten, Löschen und PDF-Druck
$html .= sprintf('
<td valign="top" align="left" nowrap>
<a href="mitglieder_edit.php?acb_nr=%s"><img src="./img/edit_icon.gif" border="0" vspace="3" title="bearbeiten" /></a>
<a onClick="mitglied_zurueckholen(\'%s\');" style="cursor: pointer;"><img src="./img/1468798748_Up.png" border="0" vspace="5" title="zurückholen" /></a>
<a href="pdf_mitglied.php?acb_nr=%s" target="_blank"><img src="./img/pdf_icon_16x19.png" border="0" vspace="3" title="PDF drucken" height="18" /></a>
</td>', $zeile->id, $zeile->id, $zeile->id);
// Ende der Zeile
$html .= '</tr>';
// Zähler erhöhen
$i++;
}
}
// Verbindung zur Datenbank schließen
mysql_free_result($db_erg);
// Rückgabe der Vorstandsmitglieder
return $html;
}
if (!isset($donations[$useid]["total"])) {
$donations[$useid]["total"] = 0;
}
if (!isset($donations[$useid]["lastmonth"])) {
$donations[$useid]["lastmonth"] = 0;
}
$donations[$useid]["total"] += $donData["donAmtSum"];
}
$result = sql_query("SELECT `donCreator`,SUM(`donAmt`) AS `donAmtSum`,MAX(`donDate`) AS `donDateLatest` " . "FROM `donations` " . "WHERE `donCreator` <> '0' AND `donDate` > CURDATE() - INTERVAL 1 MONTH " . "GROUP BY `donCreator` " . "ORDER BY `donDateLatest` DESC");
while ($donData = mysql_fetch_assoc($result)) {
$useid = $donData["donCreator"];
$donations[$useid]["lastmonth"] += $donData["donAmtSum"];
}
?>
<table border="0" cellpadding="4" cellspacing="0"><tr>
<?php
$cols = 0;
foreach ($donations as $donCreator => $donAmount) {
echo "<td>" . getUserAvatar("", $donCreator, false, true) . "</td>" . '<td style="padding-right: 30px">' . getUserLink($donCreator) . '<div class="mar_left error">' . sprintf("%01.2f", $donAmount["total"]) . ' <span class="normaltext">/ ' . sprintf("%01.2f", $donAmount["lastmonth"]) . '</span>' . "</div></td>";
$cols++;
if ($cols >= 4) {
$cols = 0;
echo "</tr><tr>";
}
}
?>
</tr></table>
</div>
</div>
$data['thread_desc']['country'] = $data['thread']['users_country'];
$data['thread_desc']['users_link'] = cs_user($data['thread']['users_id'], $data['thread']['users_nick'], $data['thread']['users_active'], $data['thread']['users_delete']);
$key = array_search($userid, $mods);
if (!empty($key)) {
$data['if']['moderator'] = true;
$f_user = "******" . $userid . "'";
$boardmod = cs_sql_select(__FILE__, 'boardmods', 'categories_id, users_id', $f_user);
$f_cat = "categories_id = '" . $boardmod['categories_id'] . "'";
$bm_cat = cs_sql_select(__FILE__, 'categories', 'categories_id, categories_name', $f_cat);
$data['thread_desc']['boardmod'] = $bm_cat['categories_name'];
} else {
$data['if']['no_moderator'] = true;
$data['thread_desc']['users_rank'] = getUserRank($count_com[$userid], $ranks);
$data['thread_desc']['users_title'] = getRankTitle($count_com[$userid], $ranks);
}
$data['thread_desc']['avatar'] = getUserAvatar($data['thread']['users_avatar']);
$content = cs_secure($data['thread']['users_place']);
$hidden = explode(',', $data['thread']['users_hidden']);
if (in_array('users_place', $hidden)) {
$content = ($account['access_users'] > 4 or $data['thread']['users_id'] == $account['users_id']) ? cs_html_italic(1) . $content . cs_html_italic(0) : '';
}
$data['thread_desc']['place'] = empty($content) ? '' : $cs_lang['place'] . ': ' . $content;
$data['thread_desc']['posts'] = $count_com[$userid];
$data['thread_desc']['date'] = cs_date('unix', $data['thread']['threads_time'], 1);
$data['thread_desc']['text'] = cs_secure($data['thread']['threads_text'], 1, 1);
//Files Start
if (!empty($loop_files)) {
$data['if']['thread_desc_files'] = true;
$check_files = 0;
for ($run = 0; $run < $loop_files; $run++) {
if ($cs_thread_files[$run]['comments_id'] == 0) {
value="" />
<button id="search"
type="button">
Search
</button>
<button id="create"
type="button"
onclick="createSchool(this.form.school.value, this.form.location.value);">
Create
</button>
</form>
<ul id="search_results">
</ul>
<img width="250" height="250" src="<?php
echo getUserAvatar($mysqli, $_SESSION['user_id']);
?>
" />
<p>It looks like you aren't setup yet!</p>
<form id="user_setup_form">
<p>Upload a profile picture</p>
<img id="preview" width="0" height="0" />
<input id="image"
name="image"
type="file"
accept="image/*"
onchange="loadFile(event);"
/>
<script>
var loadFile = function(event) {
console.log(event);
ob_start();
?>
<div style="padding-top: 8px; margin-left: 10px">
<?php
// Make a list of the users that made updates.
$where = "`updObj` = `objid` AND `useid` = `objCreator` " . "AND `updCreator` = '{$creator}' " . ($isExtras ? "AND `updType` = '" . updTypeArtExtra . "' " : "") . "AND `objDeleted` = '0' AND `objPending` = '0'";
applyObjFilters($where);
//$result = sql_query( "SELECT `useid`,`useUsername`,MAX(`objSubmitDate`) AS `MaxSubmitDate` ".
$result = sql_query("SELECT `useid`,`useUsername`,MAX(`objLastEdit`) AS `MaxSubmitDate` " . "FROM `" . ($isExtras ? "updates" : "updatesArt") . "`,{$_objects},`users` WHERE {$where} " . "GROUP BY `useid` ORDER BY `MaxSubmitDate` DESC LIMIT 11");
$artist = isset($_GET["artist"]) ? addslashes($_GET["artist"]) : "";
while ($rowData = mysql_fetch_assoc($result)) {
if ($artist == "") {
$artist = $rowData["useUsername"];
}
echo '<div class="mar_bottom">' . getUserAvatar("", $rowData["useid"], true, true, 100, url("updates/" . ($isExtras ? "extras" : "art"), array("artist" => $rowData["useUsername"]))) . "</div>";
}
?>
</div>
<?php
$artistsList = ob_get_contents();
ob_end_clean();
$where = "`updCreator` = '{$creator}' AND `useUsername` = '{$artist}' " . "AND `useid` = `objCreator` " . ($isExtras ? "AND `updType` = '" . updTypeArtExtra . "' " : "") . "AND `updObj` = `objid` AND `objDeleted` = '0' AND `objPending` = '0'";
applyObjFilters($where);
$result = sql_query("SELECT `" . ($isExtras ? "updates" : "updatesArt") . "`.*, {$_objects}.* " . "FROM `" . ($isExtras ? "updates" : "updatesArt") . "`,{$_objects},`users` " . "WHERE {$where} ORDER BY `objLastEdit` DESC LIMIT 12");
$upd_art = array();
while ($row = mysql_fetch_assoc($result)) {
if ($isExtras) {
$upd_art["upd_" . $row["updType"] . "_" . $row["updObj"] . "_" . $row["updUser"]] = $row;
} else {
$upd_art["artupd_" . $row["updObj"]] = $row;
