// ######################################################################## // ############################################################################# // put this before print_cp_header() so we can use an HTTP header if ($_REQUEST['do'] == 'find') { $vbulletin->input->clean_array_gpc('r', array('user' => TYPE_ARRAY, 'profile' => TYPE_ARRAY, 'display' => TYPE_ARRAY_BOOL, 'orderby' => TYPE_STR, 'limitstart' => TYPE_UINT, 'limitnumber' => TYPE_UINT, 'direction' => TYPE_STR, 'serializedprofile' => TYPE_STR, 'serializeduser' => TYPE_STR, 'serializeddisplay' => TYPE_STR)); if (!empty($vbulletin->GPC['serializeduser'])) { $vbulletin->GPC['user'] = @unserialize(verify_client_string($vbulletin->GPC['serializeduser'])); $vbulletin->GPC['profile'] = @unserialize(verify_client_string($vbulletin->GPC['serializedprofile'])); } if (!empty($vbulletin->GPC['serializeddisplay'])) { $vbulletin->GPC['display'] = @unserialize(verify_client_string($vbulletin->GPC['serializeddisplay'])); } if (@array_sum($vbulletin->GPC['display']) == 0) { $vbulletin->GPC['display'] = array('username' => 1, 'options' => 1, 'email' => 1, 'joindate' => 1, 'lastactivity' => 1, 'posts' => 1); } $condition = fetch_user_search_sql($vbulletin->GPC['user'], $vbulletin->GPC['profile']); switch ($vbulletin->GPC['orderby']) { case 'username': case 'email': case 'joindate': case 'lastactivity': case 'lastpost': case 'posts': case 'birthday_search': case 'reputation': case 'warnings': case 'infractions': case 'ipoints': break; default: $vbulletin->GPC['orderby'] = 'username';
function doConfirmUpload($sessionid) { global $vbphrase, $vbulletin; global $_HIDDENFIELDS; //first let's make sure we have a valid session and valid list if (!$sessionid) { return; } $vbulletin->input->clean_array_gpc('r', array('listname' => TYPE_STR, 'listid' => TYPE_UINT, 'do_percycle' => TYPE_UINT, 'user' => TYPE_ARRAY, 'profile' => TYPE_ARRAY, 'display' => TYPE_ARRAY_BOOL, 'orderby' => TYPE_STR, 'startat' => TYPE_UINT, 'serializedprofile' => TYPE_STR, 'serializeduser' => TYPE_STR, 'serializeddisplay' => TYPE_STR, 'condition' => TYPE_STR)); $client = new vB_VerticalResponse(); if (!$vbulletin->GPC_exists['do_percycle'] or !intval($vbulletin->GPC['do_percycle'])) { $vbulletin->GPC['do_percycle'] = 1000; } if (!$client->checkStatus($sessionid)) { printLogin($vbphrase['vr_login_first_desc']); return; } require_once DIR . '/includes/adminfunctions_user.php'; require_once DIR . '/includes/adminfunctions_profilefield.php'; if ($vbulletin->GPC_exists['listname'] and !empty($vbulletin->GPC['listname'])) { $listid = $client->createList($sessionid, $vbulletin->GPC['listname']); if (!$listid) { return; } } else { if ($vbulletin->GPC_exists['listid']) { $listid = $vbulletin->GPC['listid']; if (intval($vbulletin->GPC['startat']) == 0) { $client->setCustomListFields($sessionid, array('userid', 'username')); //if we're just starting, clear the existing records $client->eraseListMembers($sessionid, $listid); } } else { return false; } } //we appear to have good data. Let's go ahead and compose the sql if (!empty($vbulletin->GPC['serializeduser'])) { $vbulletin->GPC['user'] = @unserialize(verify_client_string($vbulletin->GPC['serializeduser'])); $vbulletin->GPC['profile'] = @unserialize(verify_client_string($vbulletin->GPC['serializedprofile'])); } if (!empty($vbulletin->GPC['serializeddisplay'])) { $vbulletin->GPC['display'] = @unserialize(verify_client_string($vbulletin->GPC['serializeddisplay'])); } if (@array_sum($vbulletin->GPC['display']) == 0) { $vbulletin->GPC['display'] = array('username' => 1, 'options' => 1, 'email' => 1, 'joindate' => 1, 'lastactivity' => 1, 'posts' => 1); } $condition = fetch_user_search_sql($vbulletin->GPC['user'], $vbulletin->GPC['profile']); if (empty($condition)) { $condition = "1 = 1"; } $searchquery = "\n\t\tSELECT COUNT(*) AS count\n\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON (userfield.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON (usertextfield.userid = user.userid)\n\t\tWHERE {$condition}"; $count = $vbulletin->db->query_first($searchquery); if (!$count) { return false; } $count = $count['count']; print_cp_header($vbphrase['verticalresponse']); print_form_header('verticalresponse', 'do_upload', false, true, 'verticalresponse'); print_table_header($vbphrase['upload_list'], 2); print_description_row(construct_phrase($vbphrase['upload_count_x_desc'], $count)); $_HIDDENFIELDS['condition'] = htmlspecialchars_uni($condition); $_HIDDENFIELDS['do_percycle'] = $vbulletin->GPC['do_percycle']; $_HIDDENFIELDS['startat'] = 0; $_HIDDENFIELDS['count'] = $count; $_HIDDENFIELDS['listid'] = $listid; print_hidden_fields(); print_submit_row($vbphrase['submit'], 0); print_table_footer(); }