function determineActions($urls, $preferred_prefix = false) { global $txt, $user_info, $modSettings, $smcFunc, $context; if (!allowedTo('who_view')) { return array(); } loadLanguage('Who'); // Actions that require a specific permission level. $allowedActions = array('admin' => array('moderate_forum', 'manage_membergroups', 'manage_bans', 'admin_forum', 'manage_permissions', 'send_mail', 'manage_attachments', 'manage_smileys', 'manage_boards', 'edit_news'), 'ban' => array('manage_bans'), 'boardrecount' => array('admin_forum'), 'calendar' => array('calendar_view'), 'editnews' => array('edit_news'), 'mailing' => array('send_mail'), 'maintain' => array('admin_forum'), 'manageattachments' => array('manage_attachments'), 'manageboards' => array('manage_boards'), 'mlist' => array('view_mlist'), 'moderate' => array('access_mod_center', 'moderate_forum', 'manage_membergroups'), 'optimizetables' => array('admin_forum'), 'repairboards' => array('admin_forum'), 'search' => array('search_posts'), 'search2' => array('search_posts'), 'setcensor' => array('moderate_forum'), 'setreserve' => array('moderate_forum'), 'stats' => array('view_stats'), 'viewErrorLog' => array('admin_forum'), 'viewmembers' => array('moderate_forum')); if (!is_array($urls)) { $url_list = array(array($urls, $user_info['id'])); } else { $url_list = $urls; } // These are done to later query these in large chunks. (instead of one by one.) $topic_ids = array(); $profile_ids = array(); $board_ids = array(); $data = array(); foreach ($url_list as $k => $url) { // Get the request parameters.. $actions = @unserialize($url[0]); if ($actions === false) { continue; } // If it's the admin or moderation center, and there is an area set, use that instead. if (isset($actions['action']) && ($actions['action'] == 'admin' || $actions['action'] == 'moderate') && isset($actions['area'])) { $actions['action'] = $actions['area']; } // Check if there was no action or the action is display. if (!isset($actions['action']) || $actions['action'] == 'display') { // It's a topic! Must be! if (isset($actions['topic'])) { // Assume they can't view it, and queue it up for later. $data[$k] = $txt['who_hidden']; $topic_ids[(int) $actions['topic']][$k] = $txt['who_topic']; } elseif (isset($actions['board'])) { // Hide first, show later. $data[$k] = $txt['who_hidden']; $board_ids[$actions['board']][$k] = $txt['who_board']; } else { $data[$k] = $txt['who_index']; } } elseif ($actions['action'] == '') { $data[$k] = $txt['who_index']; } else { // Viewing/editing a profile. if ($actions['action'] == 'profile') { // Whose? Their own? if (empty($actions['u'])) { $actions['u'] = $url[1]; } $data[$k] = $txt['who_hidden']; $profile_ids[(int) $actions['u']][$k] = $actions['action'] == 'profile' ? $txt['who_viewprofile'] : $txt['who_profile']; } elseif (($actions['action'] == 'post' || $actions['action'] == 'post2') && empty($actions['topic']) && isset($actions['board'])) { $data[$k] = $txt['who_hidden']; $board_ids[(int) $actions['board']][$k] = isset($actions['poll']) ? $txt['who_poll'] : $txt['who_post']; } elseif (isset($actions['sa']) && isset($txt['whoall_' . $actions['action'] . '_' . $actions['sa']])) { $data[$k] = $preferred_prefix && isset($txt[$preferred_prefix . $actions['action'] . '_' . $actions['sa']]) ? $txt[$preferred_prefix . $actions['action'] . '_' . $actions['sa']] : $txt['whoall_' . $actions['action'] . '_' . $actions['sa']]; } elseif (isset($txt['whoall_' . $actions['action']])) { $data[$k] = $preferred_prefix && isset($txt[$preferred_prefix . $actions['action']]) ? $txt[$preferred_prefix . $actions['action']] : $txt['whoall_' . $actions['action']]; } elseif (isset($txt['whotopic_' . $actions['action']])) { // Find out what topic they are accessing. $topic = (int) (isset($actions['topic']) ? $actions['topic'] : (isset($actions['from']) ? $actions['from'] : 0)); $data[$k] = $txt['who_hidden']; $topic_ids[$topic][$k] = $txt['whotopic_' . $actions['action']]; } elseif (isset($txt['whopost_' . $actions['action']])) { // Find out what message they are accessing. $msgid = (int) (isset($actions['msg']) ? $actions['msg'] : (isset($actions['quote']) ? $actions['quote'] : 0)); $result = smf_db_query(' SELECT m.id_topic, m.subject FROM {db_prefix}messages AS m INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board) INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic' . ($modSettings['postmod_active'] ? ' AND t.approved = {int:is_approved}' : '') . ') WHERE m.id_msg = {int:id_msg} AND {query_see_board}' . ($modSettings['postmod_active'] ? ' AND m.approved = {int:is_approved}' : '') . ' LIMIT 1', array('is_approved' => 1, 'id_msg' => $msgid)); list($id_topic, $subject) = mysql_fetch_row($result); $data[$k] = sprintf($txt['whopost_' . $actions['action']], $id_topic, $subject); mysql_free_result($result); if (empty($id_topic)) { $data[$k] = $txt['who_hidden']; } } elseif (allowedTo('moderate_forum') && isset($txt['whoadmin_' . $actions['action']])) { $data[$k] = $txt['whoadmin_' . $actions['action']]; } elseif (isset($allowedActions[$actions['action']])) { if (allowedTo($allowedActions[$actions['action']])) { $data[$k] = $txt['whoallow_' . $actions['action']]; } else { $data[$k] = $txt['who_hidden']; } } else { $data[$k] = $txt['who_unknown']; } } // Maybe the action is integrated into another system? if (count($integrate_actions = HookAPI::callHook('integrate_whos_online', array($actions))) > 0) { foreach ($integrate_actions as $integrate_action) { if (!empty($integrate_action)) { $data[$k] = $integrate_action; break; } } } if (!empty($modSettings['simplesef_enable'])) { SimpleSEF::actionArray($actions); } } // Load topic names. if (!empty($topic_ids)) { $result = smf_db_query(' SELECT t.id_topic, m.subject FROM {db_prefix}topics AS t INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board) INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg) WHERE {query_see_board} AND t.id_topic IN ({array_int:topic_list})' . ($modSettings['postmod_active'] ? ' AND t.approved = {int:is_approved}' : '') . ' LIMIT {int:limit}', array('topic_list' => array_keys($topic_ids), 'is_approved' => 1, 'limit' => count($topic_ids))); while ($row = mysql_fetch_assoc($result)) { // Show the topic's subject for each of the actions. foreach ($topic_ids[$row['id_topic']] as $k => $session_text) { $data[$k] = sprintf($session_text, $row['id_topic'], censorText($row['subject'])); } } mysql_free_result($result); } // Load board names. if (!empty($board_ids)) { $result = smf_db_query(' SELECT b.id_board, b.name FROM {db_prefix}boards AS b WHERE {query_see_board} AND b.id_board IN ({array_int:board_list}) LIMIT ' . count($board_ids), array('board_list' => array_keys($board_ids))); while ($row = mysql_fetch_assoc($result)) { // Put the board name into the string for each member... foreach ($board_ids[$row['id_board']] as $k => $session_text) { $data[$k] = sprintf($session_text, $row['id_board'], $row['name']); } } mysql_free_result($result); } // Load member names for the profile. if (!empty($profile_ids) && (allowedTo('profile_view_any') || allowedTo('profile_view_own'))) { $result = smf_db_query(' SELECT id_member, real_name FROM {db_prefix}members WHERE id_member IN ({array_int:member_list}) LIMIT ' . count($profile_ids), array('member_list' => array_keys($profile_ids))); while ($row = mysql_fetch_assoc($result)) { // If they aren't allowed to view this person's profile, skip it. if (!allowedTo('profile_view_any') && $user_info['id'] != $row['id_member']) { continue; } // Set their action on each - session/text to sprintf. foreach ($profile_ids[$row['id_member']] as $k => $session_text) { $data[$k] = sprintf($session_text, $row['id_member'], $row['real_name']); } } mysql_free_result($result); } if (!is_array($urls)) { return isset($data[0]) ? $data[0] : false; } else { return $data; } }