function teknoromisidebarsag() { global $boarddir, $modSettings, $txt, $context; require_once $boarddir . '/SSI.php'; echo '</td></tr></tbody></table>'; if (!empty($modSettings['sideright']) && empty($context['current_action'])) { echo '<td valign="top" id="upshrinkRightBarTD"> <div id="upshrinkRightBar" style="width:', $modSettings['siderightwidth'] ? $modSettings['siderightwidth'] : '200px', '; margin-right:4px; overflow:auto;">'; if (!empty($modSettings['sideright1'])) { echo '<div class="cat_bar"><h3 class="catbg">' . $modSettings['righthtmlbaslik'] . '</h3></div>'; echo '' . $modSettings['sideright1'] . ''; } if (!empty($modSettings['siderightphp'])) { echo '<div class="cat_bar"><h3 class="catbg">' . $modSettings['rightphpbaslik'] . '</h3></div>'; eval($modSettings['siderightphp']); } if (!empty($modSettings['siderighthaberetkin'])) { $array = ssi_boardNews($modSettings['siderighthaber'], $modSettings['siderightsay'], null, 1000, 'array'); echo '<div class="cat_bar"> <h3 class="catbg">', $modSettings['rbaslik'], '</h3> </div>'; global $memberContext; foreach ($array as $news) { loadMemberData($news['poster']['id']); loadMemberContext($news['poster']['id']); echo '<div class="sidehaber"> <div class="sideBaslik"> ', $news['icon'], ' <h3><a href="', $news['href'], '">', $news['subject'], '</a></h3> </div> <div class="snrj"> ', $memberContext[$news['poster']['id']]['avatar']['image'], ' <p>', $txt['by'], '', $news['poster']['link'], '</p> </div> </div><hr/>'; } } echo '</div> </td> <td valign="top"> <button type="button" onclick="rightPanel.toggle();" id="teknoright"></button> </td>'; } echo ' </tr></tbody></table>'; }
/** * Retrieves results of the request passed to it * Puts results of request into the context for the sub template. * * @param resource $request */ function printMemberListRows($request) { global $txt, $context, $scripturl, $memberContext, $settings; $db = database(); // Get the max post number for the bar graph $result = $db->query('', ' SELECT MAX(posts) FROM {db_prefix}members', array()); list($most_posts) = $db->fetch_row($result); $db->free_result($result); // Avoid division by zero... if ($most_posts == 0) { $most_posts = 1; } $members = array(); while ($row = $db->fetch_assoc($request)) { $members[] = $row['id_member']; } // Load all the members for display. loadMemberData($members); $context['members'] = array(); foreach ($members as $member) { if (!loadMemberContext($member)) { continue; } $context['members'][$member] = $memberContext[$member]; $context['members'][$member]['post_percent'] = round($context['members'][$member]['real_posts'] * 100 / $most_posts); $context['members'][$member]['registered_date'] = strftime('%Y-%m-%d', $context['members'][$member]['registered_timestamp']); $context['members'][$member]['real_name'] = $context['members'][$member]['link']; $context['members'][$member]['avatar'] = '<a href="' . $context['members'][$member]['href'] . '">' . $context['members'][$member]['avatar']['image'] . '</a>'; $context['members'][$member]['email_address'] = $context['members'][$member]['email']; $context['members'][$member]['website_url'] = $context['members'][$member]['website']['url'] != '' ? '<a href="' . $context['members'][$member]['website']['url'] . '" target="_blank" class="new_win"><img src="' . $settings['images_url'] . '/profile/www.png" alt="' . $context['members'][$member]['website']['title'] . '" title="' . $context['members'][$member]['website']['title'] . '" /></a>' : ''; $context['members'][$member]['id_group'] = empty($context['members'][$member]['group']) ? $context['members'][$member]['post_group'] : $context['members'][$member]['group']; $context['members'][$member]['date_registered'] = $context['members'][$member]['registered']; // Take care of the custom fields if any are being displayed if (!empty($context['custom_profile_fields']['columns'])) { foreach ($context['custom_profile_fields']['columns'] as $key => $column) { $curField = substr($key, 5); // Does this member even have it filled out? if (!isset($context['members'][$member]['options'][$curField])) { $context['members'][$member]['options'][$curField] = ''; continue; } // Should it be enclosed for display? if (!empty($column['enclose']) && !empty($context['members'][$member]['options'][$curField])) { $context['members'][$member]['options'][$curField] = strtr($column['enclose'], array('{SCRIPTURL}' => $scripturl, '{IMAGES_URL}' => $settings['images_url'], '{DEFAULT_IMAGES_URL}' => $settings['default_images_url'], '{INPUT}' => $context['members'][$member]['options'][$curField])); } // Anything else to make it look "nice" if ($column['bbc']) { $context['members'][$member]['options'][$curField] = strip_tags(parse_bbc($context['members'][$member]['options'][$curField])); } elseif ($column['type'] === 'check') { $context['members'][$member]['options'][$curField] = $context['members'][$member]['options'][$curField] == 0 ? $txt['no'] : $txt['yes']; } } } } }
function prepareDisplayContext($reset = false) { global $settings, $txt, $modSettings, $scripturl, $options, $user_info, $smcFunc; global $memberContext, $context, $messages_request, $topic, $attachments, $topicinfo; static $counter = null; // If the query returned false, bail. if ($messages_request == false) { return false; } // Remember which message this is. (ie. reply #83) if ($counter === null || $reset) { $counter = empty($options['view_newest_first']) ? $context['start'] : $context['total_visible_posts'] - $context['start']; } // Start from the beginning... if ($reset) { return @$smcFunc['db_data_seek']($messages_request, 0); } // Attempt to get the next message. $message = $smcFunc['db_fetch_assoc']($messages_request); if (!$message) { $smcFunc['db_free_result']($messages_request); return false; } // $context['icon_sources'] says where each icon should come from - here we set up the ones which will always exist! if (empty($context['icon_sources'])) { $stable_icons = array('xx', 'thumbup', 'thumbdown', 'exclamation', 'question', 'lamp', 'smiley', 'angry', 'cheesy', 'grin', 'sad', 'wink', 'moved', 'recycled', 'wireless', 'clip'); $context['icon_sources'] = array(); foreach ($stable_icons as $icon) { $context['icon_sources'][$icon] = 'images_url'; } } // Message Icon Management... check the images exist. if (empty($modSettings['messageIconChecks_disable'])) { // If the current icon isn't known, then we need to do something... if (!isset($context['icon_sources'][$message['icon']])) { $context['icon_sources'][$message['icon']] = file_exists($settings['theme_dir'] . '/images/post/' . $message['icon'] . '.gif') ? 'images_url' : 'default_images_url'; } } elseif (!isset($context['icon_sources'][$message['icon']])) { $context['icon_sources'][$message['icon']] = 'images_url'; } // If you're a lazy bum, you probably didn't give a subject... $message['subject'] = $message['subject'] != '' ? $message['subject'] : $txt['no_subject']; // Are you allowed to remove at least a single reply? $context['can_remove_post'] |= allowedTo('delete_own') && (empty($modSettings['edit_disable_time']) || max($message['modified_time'], $message['poster_time']) + $modSettings['edit_disable_time'] * 60 >= time()) && $message['id_member'] == $user_info['id']; // If it couldn't load, or the user was a guest.... someday may be done with a guest table. if (!loadMemberContext($message['id_member'], true)) { // Notice this information isn't used anywhere else.... $memberContext[$message['id_member']]['name'] = $message['poster_name']; $memberContext[$message['id_member']]['id'] = 0; $memberContext[$message['id_member']]['group'] = $txt['guest_title']; $memberContext[$message['id_member']]['link'] = $message['poster_name']; $memberContext[$message['id_member']]['email'] = $message['poster_email']; $memberContext[$message['id_member']]['show_email'] = showEmailAddress(true, 0); $memberContext[$message['id_member']]['is_guest'] = true; } else { $memberContext[$message['id_member']]['can_view_profile'] = allowedTo('profile_view_any') || $message['id_member'] == $user_info['id'] && allowedTo('profile_view_own'); $memberContext[$message['id_member']]['is_topic_starter'] = $message['id_member'] == $context['topic_starter_id']; $memberContext[$message['id_member']]['can_see_warning'] = !isset($context['disabled_fields']['warning_status']) && $memberContext[$message['id_member']]['warning_status'] && ($context['user']['can_mod'] || !$user_info['is_guest'] && !empty($modSettings['warning_show']) && ($modSettings['warning_show'] > 1 || $message['id_member'] == $user_info['id'])); } $memberContext[$message['id_member']]['ip'] = $message['poster_ip']; // Do the censor thang. censorText($message['body']); censorText($message['subject']); // Run BBC interpreter on the message. $message['body'] = parse_bbc($message['body'], $message['smileys_enabled'], $message['id_msg']); // Compose the memory eat- I mean message array. $output = array('attachment' => loadAttachmentContext($message['id_msg']), 'alternate' => $counter % 2, 'id' => $message['id_msg'], 'href' => $scripturl . '?topic=' . $topic . '.msg' . $message['id_msg'] . '#msg' . $message['id_msg'], 'link' => '<a href="' . $scripturl . '?topic=' . $topic . '.msg' . $message['id_msg'] . '#msg' . $message['id_msg'] . '" rel="nofollow">' . $message['subject'] . '</a>', 'member' => &$memberContext[$message['id_member']], 'icon' => $message['icon'], 'icon_url' => $settings[$context['icon_sources'][$message['icon']]] . '/post/' . $message['icon'] . '.gif', 'subject' => $message['subject'], 'time' => timeformat($message['poster_time']), 'timestamp' => forum_time(true, $message['poster_time']), 'counter' => $counter, 'modified' => array('time' => timeformat($message['modified_time']), 'timestamp' => forum_time(true, $message['modified_time']), 'name' => $message['modified_name']), 'body' => $message['body'], 'new' => empty($message['is_read']), 'approved' => $message['approved'], 'first_new' => isset($context['start_from']) && $context['start_from'] == $counter, 'is_ignored' => !empty($modSettings['enable_buddylist']) && !empty($options['posts_apply_ignore_list']) && in_array($message['id_member'], $context['user']['ignoreusers']), 'can_approve' => !$message['approved'] && $context['can_approve'], 'can_unapprove' => $message['approved'] && $context['can_approve'], 'can_modify' => (!$context['is_locked'] || allowedTo('moderate_board')) && (allowedTo('modify_any') || allowedTo('modify_replies') && $context['user']['started'] || allowedTo('modify_own') && $message['id_member'] == $user_info['id'] && (empty($modSettings['edit_disable_time']) || !$message['approved'] || max($message['modified_time'], $message['poster_time']) + $modSettings['edit_disable_time'] * 60 > time())), 'can_remove' => allowedTo('delete_any') || allowedTo('delete_replies') && $context['user']['started'] || allowedTo('delete_own') && $message['id_member'] == $user_info['id'] && (empty($modSettings['edit_disable_time']) || max($message['modified_time'], $message['poster_time']) + $modSettings['edit_disable_time'] * 60 > time()), 'can_see_ip' => allowedTo('moderate_forum') || $message['id_member'] == $user_info['id'] && !empty($user_info['id'])); // Is this user the message author? $output['is_message_author'] = $message['id_member'] == $user_info['id']; if (empty($options['view_newest_first'])) { $counter++; } else { $counter--; } return $output; }
function Who() { global $db_prefix, $context, $scripturl, $user_info, $txt, $modSettings, $ID_MEMBER, $memberContext; // Permissions, permissions, permissions. isAllowedTo('who_view'); // You can't do anything if this is off. if (empty($modSettings['who_enabled'])) { fatal_lang_error('who_off', false); } // Load the 'Who' template. loadTemplate('Who'); // Sort out... the column sorting. $sort_methods = array('user' => 'mem.realName', 'time' => 'lo.logTime'); // By default order by last time online. if (!isset($_REQUEST['sort']) || !isset($sort_methods[$_REQUEST['sort']])) { $context['sort_by'] = 'time'; $_REQUEST['sort'] = 'lo.logTime'; } else { $context['sort_by'] = $_REQUEST['sort']; $_REQUEST['sort'] = $sort_methods[$_REQUEST['sort']]; } $context['sort_direction'] = isset($_REQUEST['asc']) ? 'up' : 'down'; // Get the total amount of members online. $request = db_query("\n\t\tSELECT COUNT(*)\n\t\tFROM {$db_prefix}log_online AS lo\n\t\t\tLEFT JOIN {$db_prefix}members AS mem ON (lo.ID_MEMBER = mem.ID_MEMBER)" . (!allowedTo('moderate_forum') ? "\n\t\tWHERE IFNULL(mem.showOnline, 1) = 1" : ''), __FILE__, __LINE__); list($totalMembers) = mysql_fetch_row($request); mysql_free_result($request); // Prepare some page index variables. $context['page_index'] = constructPageIndex($scripturl . '?action=who;sort=' . $context['sort_by'] . (isset($_REQUEST['asc']) ? ';asc' : ''), $_REQUEST['start'], $totalMembers, $modSettings['defaultMaxMembers']); $context['start'] = $_REQUEST['start']; // Look for people online, provided they don't mind if you see they are. $request = db_query("\n\t\tSELECT\n\t\t\t(UNIX_TIMESTAMP(lo.logTime) - UNIX_TIMESTAMP() + " . time() . ") AS logTime,\n\t\t\tlo.ID_MEMBER, lo.url, INET_NTOA(lo.ip) AS ip, mem.realName, lo.session,\n\t\t\tmg.onlineColor, IFNULL(mem.showOnline, 1) AS showOnline\n\t\tFROM {$db_prefix}log_online AS lo\n\t\t\tLEFT JOIN {$db_prefix}members AS mem ON (lo.ID_MEMBER = mem.ID_MEMBER)\n\t\t\tLEFT JOIN {$db_prefix}membergroups AS mg ON (mg.ID_GROUP = IF(mem.ID_GROUP = 0, mem.ID_POST_GROUP, mem.ID_GROUP))" . (!allowedTo('moderate_forum') ? "\n\t\tWHERE IFNULL(mem.showOnline, 1) = 1" : '') . "\n\t\tORDER BY {$_REQUEST['sort']} " . (isset($_REQUEST['asc']) ? 'ASC' : 'DESC') . "\n\t\tLIMIT {$context['start']}, {$modSettings['defaultMaxMembers']}", __FILE__, __LINE__); $context['members'] = array(); $member_ids = array(); $url_data = array(); while ($row = mysql_fetch_assoc($request)) { $actions = @unserialize($row['url']); if ($actions === false) { continue; } // Send the information to the template. $context['members'][$row['session']] = array('id' => $row['ID_MEMBER'], 'ip' => allowedTo('moderate_forum') ? $row['ip'] : '', 'time' => strtr(timeformat($row['logTime']), array($txt['smf10'] => '', $txt['smf10b'] => '')), 'timestamp' => forum_time(true, $row['logTime']), 'query' => $actions, 'is_hidden' => $row['showOnline'] == 0, 'color' => empty($row['onlineColor']) ? '' : $row['onlineColor']); $url_data[$row['session']] = array($row['url'], $row['ID_MEMBER']); $member_ids[] = $row['ID_MEMBER']; } mysql_free_result($request); // Load the user data for these members. loadMemberData($member_ids); // Load up the guest user. $memberContext[0] = array('id' => 0, 'name' => $txt[28], 'group' => $txt[28], 'href' => '', 'link' => $txt[28], 'email' => $txt[28], 'is_guest' => true); $url_data = determineActions($url_data); // Setup the linktree and page title (do it down here because the language files are now loaded..) $context['page_title'] = $txt['who_title']; $context['linktree'][] = array('url' => $scripturl . '?action=who', 'name' => $txt['who_title']); // Put it in the context variables. foreach ($context['members'] as $i => $member) { if ($member['id'] != 0) { $member['id'] = loadMemberContext($member['id']) ? $member['id'] : 0; } // Keep the IP that came from the database. $memberContext[$member['id']]['ip'] = $member['ip']; $context['members'][$i]['action'] = isset($url_data[$i]) ? $url_data[$i] : $txt['who_hidden']; $context['members'][$i] += $memberContext[$member['id']]; } // Some people can't send personal messages... $context['can_send_pm'] = allowedTo('pm_send'); }
* */ require_once $_SERVER['DOCUMENT_ROOT'] . '/functions.php'; require_once $link['root'] . 'classes/MailManager.php'; //Initalize Value $from = "*****@*****.**"; $pending_addon_count = 5; $dashboard_link = ""; $official_link = ""; $memberContext = null; //Clear any previously stored value //Unfortunately we don't store user personal details such as email in website's database //so get them from SMF using user ID foreach (MailManager::getAdminEmailList() as $user) { loadMemberData($user['ID_MEMBER']); loadMemberContext($user['ID_MEMBER']); } $subject = "There are " . $pending_addon_count . " addons require your approval!"; $message = file_get_contents($link['root'] . 'pages/mail_templates/pending.addon.dashboard.html'); //now loop through member data and put all the valid email in an array foreach ($memberContext as $user) { //Make sure the emails are valid if (!filter_var($user['email'], FILTER_VALIDATE_EMAIL) === false) { $bindedvalarray = array("{username}" => $user['username'], "{pending_request_count}" => $pending_addon_count, "{dashboard_link}" => $link['addon']['dashboard'], "{official_link}" => $link['home'], "{subject}" => $subject); if (MailManager::sendMail($user['email'], $from, "UTF-8", "text/html", $subject, $message, $bindedvalarray)) { //put some logging function to monitor echo "Mail delivered to " . $user['username'] . "<br/>"; } else { //put some logging function to monitor echo "Mail Could not be delivered"; }
function __construct($request, $total_items, $not_profile = false) { global $context, $txt, $user_info, $scripturl, $options, $memberContext, $modSettings; if (!isset($context['pageindex_multiplier'])) { $context['pageindex_multiplier'] = commonAPI::getMessagesPerPage(); } $cb_name = isset($context['cb_name']) ? $context['cb_name'] : 'topics[]'; while ($row = mysql_fetch_assoc($request)) { censorText($row['subject']); $this->topic_ids[] = $row['id_topic']; $f_post_mem_href = !empty($row['id_member']) ? URL::user($row['id_member'], $row['first_member_name']) : ''; $t_href = URL::topic($row['id_topic'], $row['subject'], 0); $l_post_mem_href = !empty($row['id_member_updated']) ? URL::user($row['id_member_updated'], $row['last_real_name']) : ''; $l_post_msg_href = URL::topic($row['id_topic'], $row['last_subject'], $user_info['is_guest'] ? !empty($options['view_newest_first']) ? 0 : (int) ($row['num_replies'] / $context['pageindex_multiplier']) * $context['pageindex_multiplier'] : 0, $user_info['is_guest'] ? true : false, $user_info['is_guest'] ? '' : '.msg' . $row['id_last_msg'], $user_info['is_guest'] ? '#msg' . $row['id_last_msg'] : '#new'); $this->topiclist[$row['id_topic']] = array('id' => $row['id_topic'], 'id_member_started' => empty($row['id_member']) ? 0 : $row['id_member'], 'first_post' => array('id' => $row['id_first_msg'], 'member' => array('username' => $row['first_member_name'], 'name' => $row['first_member_name'], 'id' => empty($row['id_member']) ? 0 : $row['id_member'], 'href' => $f_post_mem_href, 'link' => !empty($row['id_member']) ? '<a onclick="getMcard(' . $row['id_member'] . ', $(this));return(false);" href="' . $f_post_mem_href . '" title="' . $txt['profile_of'] . ' ' . $row['first_member_name'] . '">' . $row['first_member_name'] . '</a>' : $row['first_member_name']), 'time' => timeformat($row['first_poster_time']), 'timestamp' => forum_time(true, $row['first_poster_time']), 'subject' => $row['subject'], 'icon' => $row['first_icon'], 'icon_url' => getPostIcon($row['first_icon']), 'href' => $t_href, 'link' => '<a href="' . $t_href . '">' . $row['subject'] . '</a>'), 'last_post' => array('id' => $row['id_last_msg'], 'member' => array('username' => $row['last_real_name'], 'name' => $row['last_real_name'], 'id' => $row['id_member_updated'], 'href' => $l_post_mem_href, 'link' => !empty($row['id_member_updated']) ? '<a onclick="getMcard(' . $row['id_member_updated'] . ', $(this));return(false);" href="' . $l_post_mem_href . '">' . $row['last_real_name'] . '</a>' : $row['last_real_name']), 'time' => timeformat($row['last_post_time']), 'timestamp' => forum_time(true, $row['last_post_time']), 'subject' => $row['last_subject'], 'href' => $l_post_msg_href, 'link' => '<a href="' . $l_post_msg_href . ($row['num_replies'] == 0 ? '' : ' rel="nofollow"') . '>' . $row['last_subject'] . '</a>'), 'checkbox_name' => $cb_name, 'subject' => $row['subject'], 'new' => $row['new_from'] <= $row['id_msg_modified'], 'new_from' => $row['new_from'], 'newtime' => $row['new_from'], 'updated' => timeformat($row['poster_time']), 'new_href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['new_from'] . '#new', 'new_link' => '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['new_from'] . '#new">' . $row['subject'] . '</a>', 'replies' => comma_format($row['num_replies']), 'views' => comma_format($row['num_views']), 'approved' => $row['approved'], 'unapproved_posts' => $row['unapproved_posts'], 'is_old' => !empty($modSettings['oldTopicDays']) ? $context['time_now'] - $row['last_post_time'] > $modSettings['oldTopicDays'] * 86400 : false, 'is_posted_in' => false, 'prefix' => '', 'pages' => '', 'is_sticky' => !empty($modSettings['enableStickyTopics']) && !empty($row['is_sticky']), 'is_locked' => !empty($row['locked']), 'is_poll' => false, 'is_hot' => $row['num_replies'] >= $modSettings['hotTopicPosts'], 'is_very_hot' => $row['num_replies'] >= $modSettings['hotTopicVeryPosts'], 'board' => isset($row['id_board']) && !empty($row['id_board']) ? array('name' => $row['board_name'], 'id' => $row['id_board'], 'href' => URL::board($row['id_board'], $row['board_name'])) : array('name' => '', 'id' => 0, 'href' => '')); determineTopicClass($this->topiclist[$row['id_topic']]); if (!empty($row['id_member']) && ($row['id_member'] != $user_info['id'] || $not_profile)) { $this->users_to_load[$row['id_member']] = $row['id_member']; } } loadMemberData($this->users_to_load); foreach ($this->topiclist as &$topic) { if (!isset($memberContext[$topic['id_member_started']])) { loadMemberContext($topic['id_member_started']); } $topic['first_post']['member']['avatar'] =& $memberContext[$topic['id_member_started']]['avatar']['image']; } // figure out whether we have posted in a topic (but only if we are not the topic starter) if (!empty($modSettings['enableParticipation']) && !$user_info['is_guest'] && !empty($this->topic_ids)) { $result = smf_db_query(' SELECT id_topic FROM {db_prefix}messages WHERE id_topic IN ({array_int:topic_list}) AND id_member = {int:current_member} GROUP BY id_topic LIMIT ' . count($this->topic_ids), array('current_member' => $user_info['id'], 'topic_list' => $this->topic_ids)); while ($row = mysql_fetch_assoc($result)) { if ($this->topiclist[$row['id_topic']]['first_post']['member']['id'] != $user_info['id']) { $this->topiclist[$row['id_topic']]['is_posted_in'] = true; } } mysql_free_result($result); } }
function BuddiesShow() { global $smcFunc, $context, $user_profile, $memberContext, $txt; // approved buddies $buddies = array(); $request = $smcFunc['db_query']('', ' SELECT buddy_id FROM {db_prefix}buddies WHERE id_member = {int:id_member} AND approved = 1 ORDER BY position ASC, time_updated DESC', array('id_member' => $context['user']['id'])); while ($row = $smcFunc['db_fetch_assoc']($request)) { $buddies[] = $row['buddy_id']; } $smcFunc['db_free_result']($request); // Load all the members up. loadMemberData($buddies, false, 'profile'); $context['buddies'] = array(); foreach ($buddies as $buddy) { loadMemberContext($buddy); $context['buddies'][$buddy] = $memberContext[$buddy]; } // unapproved buddies $buddies = array(); $request = $smcFunc['db_query']('', ' SELECT buddy_id FROM {db_prefix}buddies WHERE id_member = {int:id_member} AND approved = 0 AND requested <> {int:requested} ORDER BY position ASC, time_updated DESC', array('id_member' => $context['user']['id'], 'requested' => $context['user']['id'])); while ($row = $smcFunc['db_fetch_assoc']($request)) { $buddies[] = $row['buddy_id']; } $smcFunc['db_free_result']($request); if (count($buddies) > 0) { // Load all the members up. loadMemberData($buddies, false, 'profile'); $context['unapproved'] = array(); foreach ($buddies as $buddy) { loadMemberContext($buddy); $context['unapproved'][$buddy] = $memberContext[$buddy]; } } // pending buddies $buddies = array(); $request = $smcFunc['db_query']('', ' SELECT id_member FROM {db_prefix}buddies WHERE buddy_id = {int:buddy_id} AND approved = 0 AND requested = {int:requested} ORDER BY position ASC, time_updated DESC', array('buddy_id' => $context['user']['id'], 'requested' => $context['user']['id'])); while ($row = $smcFunc['db_fetch_assoc']($request)) { $buddies[] = $row['id_member']; } $smcFunc['db_free_result']($request); if (count($buddies) > 0) { // Load all the members up. loadMemberData($buddies, false, 'profile'); $context['pending'] = array(); foreach ($buddies as $buddy) { loadMemberContext($buddy); $context['pending'][$buddy] = $memberContext[$buddy]; } } $_GET['action'] = 'profile'; // £ust for the tab... $context['page_title'] = $txt['buddy_center']; $context['sub_template'] = 'buddy_center'; }
/** * Used to see if a user is banned * * - Checks banning by ip, hostname, email or member id * * @package Bans * @param int $memID * @param string $hostname * @param string $email */ function BanCheckUser($memID, $hostname = '', $email = '') { global $memberContext, $scripturl, $txt; $db = database(); $bans = array(); // This is a valid member id, we at least need that if (loadMemberContext($memID) && isset($memberContext[$memID])) { $ban_query = array(); $ban_query_vars = array('time' => time()); // Member id and ip $ban_query[] = 'id_member = ' . $memID; require_once SOURCEDIR . '/Security.php'; $ban_query[] = constructBanQueryIP($memberContext[$memID]['ip']); // Do we have a hostname? if (!empty($hostname)) { $ban_query[] = '({string:hostname} LIKE hostname)'; $ban_query_vars['hostname'] = $hostname; } // Check their email as well... if (strlen($email) != 0) { $ban_query[] = '({string:email} LIKE bi.email_address)'; $ban_query_vars['email'] = $email; } // So... are they banned? Dying to know! $request = $db->query('', ' SELECT bg.id_ban_group, bg.name, bg.cannot_access, bg.cannot_post, bg.cannot_register, bg.cannot_login, bg.reason FROM {db_prefix}ban_items AS bi INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group AND (bg.expire_time IS NULL OR bg.expire_time > {int:time})) WHERE (' . implode(' OR ', $ban_query) . ')', $ban_query_vars); $bans = array(); while ($row = $db->fetch_assoc($request)) { // Work out what restrictions we actually have. $ban_restrictions = array(); foreach (array('access', 'register', 'login', 'post') as $type) { if ($row['cannot_' . $type]) { $ban_restrictions[] = $txt['ban_type_' . $type]; } } // No actual ban in place? if (empty($ban_restrictions)) { continue; } // Prepare the link for context. $ban_explanation = sprintf($txt['user_cannot_due_to'], implode(', ', $ban_restrictions), '<a href="' . $scripturl . '?action=admin;area=ban;sa=edit;bg=' . $row['id_ban_group'] . '">' . $row['name'] . '</a>'); $bans[$row['id_ban_group']] = array('reason' => empty($row['reason']) ? '' : '<br /><br /><strong>' . $txt['ban_reason'] . ':</strong> ' . $row['reason'], 'cannot' => array('access' => !empty($row['cannot_access']), 'register' => !empty($row['cannot_register']), 'post' => !empty($row['cannot_post']), 'login' => !empty($row['cannot_login'])), 'explanation' => $ban_explanation); } $db->free_result($request); } return $bans; }
function MessageSearch2() { global $scripturl, $modSettings, $user_info, $context, $txt, $db_prefix; global $ID_MEMBER, $memberContext, $func; if (!empty($context['load_average']) && !empty($modSettings['loadavg_search']) && $context['load_average'] >= $modSettings['loadavg_search']) { fatal_lang_error('loadavg_search_disabled', false); } // !!! For the moment force the folder to the inbox. $context['folder'] = 'inbox'; // Some useful general permissions. $context['can_send_pm'] = allowedTo('pm_send'); // Some hardcoded veriables that can be tweaked if required. $maxMembersToSearch = 500; // Extract all the search parameters. $search_params = array(); if (isset($_REQUEST['params'])) { $temp_params = explode('|"|', base64_decode(strtr($_REQUEST['params'], array(' ' => '+')))); foreach ($temp_params as $i => $data) { @(list($k, $v) = explode('|\'|', $data)); $search_params[$k] = stripslashes($v); } } $context['start'] = isset($_GET['start']) ? (int) $_GET['start'] : 0; // Store whether simple search was used (needed if the user wants to do another query). if (!isset($search_params['advanced'])) { $search_params['advanced'] = empty($_REQUEST['advanced']) ? 0 : 1; } // 1 => 'allwords' (default, don't set as param) / 2 => 'anywords'. if (!empty($search_params['searchtype']) || !empty($_REQUEST['searchtype']) && $_REQUEST['searchtype'] == 2) { $search_params['searchtype'] = 2; } // Minimum age of messages. Default to zero (don't set param in that case). if (!empty($search_params['minage']) || !empty($_REQUEST['minage']) && $_REQUEST['minage'] > 0) { $search_params['minage'] = !empty($search_params['minage']) ? (int) $search_params['minage'] : (int) $_REQUEST['minage']; } // Maximum age of messages. Default to infinite (9999 days: param not set). if (!empty($search_params['maxage']) || !empty($_REQUEST['maxage']) && $_REQUEST['maxage'] != 9999) { $search_params['maxage'] = !empty($search_params['maxage']) ? (int) $search_params['maxage'] : (int) $_REQUEST['maxage']; } $search_params['subject_only'] = !empty($search_params['subject_only']) || !empty($_REQUEST['subject_only']); $search_params['show_complete'] = !empty($search_params['show_complete']) || !empty($_REQUEST['show_complete']); // Default the user name to a wildcard matching every user (*). if (!empty($search_params['user_spec']) || !empty($_REQUEST['userspec']) && $_REQUEST['userspec'] != '*') { $search_params['userspec'] = isset($search_params['userspec']) ? $search_params['userspec'] : $_REQUEST['userspec']; } // If there's no specific user, then don't mention it in the main query. if (empty($search_params['userspec'])) { $userQuery = ''; } else { $userString = strtr(addslashes($func['htmlspecialchars'](stripslashes($search_params['userspec']), ENT_QUOTES)), array('"' => '"')); $userString = strtr($userString, array('%' => '\\%', '_' => '\\_', '*' => '%', '?' => '_')); preg_match_all('~"([^"]+)"~', $userString, $matches); $possible_users = array_merge($matches[1], explode(',', preg_replace('~"([^"]+)"~', '', $userString))); for ($k = 0, $n = count($possible_users); $k < $n; $k++) { $possible_users[$k] = trim($possible_users[$k]); if (strlen($possible_users[$k]) == 0) { unset($possible_users[$k]); } } // Who matches those criteria? // !!! This doesn't support outbox searching. $request = db_query("\n\t\t\tSELECT ID_MEMBER\n\t\t\tFROM {$db_prefix}members\n\t\t\tWHERE realName LIKE '" . implode("' OR realName LIKE '", $possible_users) . "'", __FILE__, __LINE__); // Simply do nothing if there're too many members matching the criteria. if (mysql_num_rows($request) > $maxMembersToSearch) { $userQuery = ''; } elseif (mysql_num_rows($request) == 0) { $userQuery = "AND pm.ID_MEMBER_FROM = 0 AND (pm.fromName LIKE '" . implode("' OR pm.fromName LIKE '", $possible_users) . "')"; } else { $memberlist = array(); while ($row = mysql_fetch_assoc($request)) { $memberlist[] = $row['ID_MEMBER']; } $userQuery = "AND (pm.ID_MEMBER_FROM IN (" . implode(', ', $memberlist) . ") OR (pm.ID_MEMBER_FROM = 0 AND (pm.fromName LIKE '" . implode("' OR pm.fromName LIKE '", $possible_users) . "')))"; } mysql_free_result($request); } // Setup the sorting variables... // !!! Add more in here! $sort_columns = array('ID_PM'); if (empty($search_params['sort']) && !empty($_REQUEST['sort'])) { list($search_params['sort'], $search_params['sort_dir']) = array_pad(explode('|', $_REQUEST['sort']), 2, ''); } $search_params['sort'] = !empty($search_params['sort']) && in_array($search_params['sort'], $sort_columns) ? $search_params['sort'] : 'ID_PM'; $search_params['sort_dir'] = !empty($search_params['sort_dir']) && $search_params['sort_dir'] == 'asc' ? 'asc' : 'desc'; // Sort out any labels we may be searching by. $labelQuery = ''; if ($context['folder'] == 'inbox' && !empty($search_params['advanced']) && $context['currently_using_labels']) { // Came here from pagination? Put them back into $_REQUEST for sanitization. if (isset($search_params['labels'])) { $_REQUEST['searchlabel'] = explode(',', $search_params['labels']); } // Assuming we have some labels - make them all integers. if (!empty($_REQUEST['searchlabel']) && is_array($_REQUEST['searchlabel'])) { foreach ($_REQUEST['searchlabel'] as $key => $id) { $_REQUEST['searchlabel'][$key] = (int) $id; } } else { $_REQUEST['searchlabel'] = array(); } // Now that everything is cleaned up a bit, make the labels a param. $search_params['labels'] = implode(',', $_REQUEST['searchlabel']); // No labels selected? That must be an error! if (empty($_REQUEST['searchlabel'])) { $context['search_errors']['no_labels_selected'] = true; } elseif (count($_REQUEST['searchlabel']) != count($context['labels'])) { $labelQuery = "\n\t\t\tAND (FIND_IN_SET('" . implode("', pmr.labels) OR FIND_IN_SET('", $_REQUEST['searchlabel']) . "', pmr.labels))"; } } // What are we actually searching for? $search_params['search'] = !empty($search_params['search']) ? $search_params['search'] : (isset($_REQUEST['search']) ? stripslashes($_REQUEST['search']) : ''); // If we ain't got nothing - we should error! if (!isset($search_params['search']) || $search_params['search'] == '') { $context['search_errors']['invalid_search_string'] = true; } // Extract phrase parts first (e.g. some words "this is a phrase" some more words.) preg_match_all('~(?:^|\\s)([-]?)"([^"]+)"(?:$|\\s)~' . ($context['utf8'] ? 'u' : ''), $search_params['search'], $matches, PREG_PATTERN_ORDER); $searchArray = $matches[2]; // Remove the phrase parts and extract the words. $tempSearch = explode(' ', preg_replace('~(?:^|\\s)([-]?)"([^"]+)"(?:$|\\s)~' . ($context['utf8'] ? 'u' : ''), ' ', $search_params['search'])); // A minus sign in front of a word excludes the word.... so... $excludedWords = array(); // .. first, we check for things like -"some words", but not "-some words". foreach ($matches[1] as $index => $word) { if ($word == '-') { $word = $func['strtolower'](trim($searchArray[$index])); if (strlen($word) > 0) { $excludedWords[] = addslashes($word); } unset($searchArray[$index]); } } // Now we look for -test, etc.... normaller. foreach ($tempSearch as $index => $word) { if (strpos(trim($word), '-') === 0) { $word = substr($func['strtolower'](trim($word)), 1); if (strlen($word) > 0) { $excludedWords[] = addslashes($word); } unset($tempSearch[$index]); } } $searchArray = array_merge($searchArray, $tempSearch); // Trim everything and make sure there are no words that are the same. foreach ($searchArray as $index => $value) { $searchArray[$index] = $func['strtolower'](trim($value)); if ($searchArray[$index] == '') { unset($searchArray[$index]); } else { // Sort out entities first. $searchArray[$index] = $func['htmlspecialchars']($searchArray[$index]); $searchArray[$index] = addslashes($searchArray[$index]); } } $searchArray = array_unique($searchArray); // Create an array of replacements for highlighting. $context['mark'] = array(); foreach ($searchArray as $word) { $context['mark'][$word] = '<b class="highlight">' . $word . '</b>'; } // This contains *everything* $searchWords = array_merge($searchArray, $excludedWords); // Make sure at least one word is being searched for. if (empty($searchArray)) { $context['search_errors']['invalid_search_string'] = true; } // Sort out the search query so the user can edit it - if they want. $context['search_params'] = $search_params; if (isset($context['search_params']['search'])) { $context['search_params']['search'] = htmlspecialchars($context['search_params']['search']); } if (isset($context['search_params']['userspec'])) { $context['search_params']['userspec'] = htmlspecialchars($context['search_params']['userspec']); } // Now we have all the parameters, combine them together for pagination and the like... $context['params'] = array(); foreach ($search_params as $k => $v) { $context['params'][] = $k . '|\'|' . addslashes($v); } $context['params'] = base64_encode(implode('|"|', $context['params'])); // Compile the subject query part. $andQueryParts = array(); foreach ($searchWords as $index => $word) { if ($word == '') { continue; } if ($search_params['subject_only']) { $andQueryParts[] = "pm.subject" . (in_array($word, $excludedWords) ? ' NOT' : '') . " LIKE '%" . strtr($word, array('_' => '\\_', '%' => '\\%')) . "%'"; } else { $andQueryParts[] = '(pm.subject' . (in_array($word, $excludedWords) ? ' NOT' : '') . " LIKE '%" . strtr($word, array('_' => '\\_', '%' => '\\%')) . "%' " . (in_array($word, $excludedWords) ? 'AND pm.body NOT' : 'OR pm.body') . " LIKE '%" . strtr($word, array('_' => '\\_', '%' => '\\%')) . "%')"; } } $searchQuery = ' 1'; if (!empty($andQueryParts)) { $searchQuery = implode(!empty($search_params['searchtype']) && $search_params['searchtype'] == 2 ? ' OR ' : ' AND ', $andQueryParts); } // If we have errors - return back to the first screen... if (!empty($context['search_errors'])) { $_REQUEST['params'] = $context['params']; return MessageSearch(); } // Get the amount of results. $request = db_query("\n\t\tSELECT COUNT(*)\n\t\tFROM ({$db_prefix}pm_recipients AS pmr, {$db_prefix}personal_messages AS pm)\n\t\tWHERE pm.ID_PM = pmr.ID_PM" . ($context['folder'] == 'inbox' ? "\n\t\t\tAND pmr.ID_MEMBER = {$ID_MEMBER}\n\t\t\tAND pmr.deleted = 0" : "\n\t\t\tAND pm.ID_MEMBER_FROM = {$ID_MEMBER}\n\t\t\tAND pm.deletedBySender = 0") . "\n\t\t\t{$userQuery}{$labelQuery}\n\t\t\tAND ({$searchQuery})", __FILE__, __LINE__); list($numResults) = mysql_fetch_row($request); mysql_free_result($request); // Get all the matching messages... using standard search only (No caching and the like!) // !!! This doesn't support outbox searching yet. $request = db_query("\n\t\tSELECT pm.ID_PM, pm.ID_MEMBER_FROM\n\t\tFROM ({$db_prefix}pm_recipients AS pmr, {$db_prefix}personal_messages AS pm)\n\t\tWHERE pm.ID_PM = pmr.ID_PM" . ($context['folder'] == 'inbox' ? "\n\t\t\tAND pmr.ID_MEMBER = {$ID_MEMBER}\n\t\t\tAND pmr.deleted = 0" : "\n\t\t\tAND pm.ID_MEMBER_FROM = {$ID_MEMBER}\n\t\t\tAND pm.deletedBySender = 0") . "\n\t\t\t{$userQuery}{$labelQuery}\n\t\t\tAND ({$searchQuery})\n\t\tORDER BY {$search_params['sort']} {$search_params['sort_dir']}\n\t\tLIMIT {$context['start']}, {$modSettings['search_results_per_page']}", __FILE__, __LINE__); $foundMessages = array(); $posters = array(); while ($row = mysql_fetch_assoc($request)) { $foundMessages[] = $row['ID_PM']; $posters[] = $row['ID_MEMBER_FROM']; } mysql_free_result($request); // Load the users... $posters = array_unique($posters); if (!empty($posters)) { loadMemberData($posters); } // Sort out the page index. $context['page_index'] = constructPageIndex($scripturl . '?action=pm;sa=search2;params=' . $context['params'], $_GET['start'], $numResults, $modSettings['search_results_per_page'], false); $context['message_labels'] = array(); $context['message_replied'] = array(); $context['personal_messages'] = array(); if (!empty($foundMessages)) { // Now get recipients (but don't include bcc-recipients for your inbox, you're not supposed to know :P!) $request = db_query("\n\t\t\tSELECT\n\t\t\t\tpmr.ID_PM, mem_to.ID_MEMBER AS ID_MEMBER_TO, mem_to.realName AS toName,\n\t\t\t\tpmr.bcc, pmr.labels, pmr.is_read\n\t\t\tFROM {$db_prefix}pm_recipients AS pmr\n\t\t\t\tLEFT JOIN {$db_prefix}members AS mem_to ON (mem_to.ID_MEMBER = pmr.ID_MEMBER)\n\t\t\tWHERE pmr.ID_PM IN (" . implode(', ', $foundMessages) . ")", __FILE__, __LINE__); while ($row = mysql_fetch_assoc($request)) { if ($context['folder'] == 'outbox' || empty($row['bcc'])) { $recipients[$row['ID_PM']][empty($row['bcc']) ? 'to' : 'bcc'][] = empty($row['ID_MEMBER_TO']) ? $txt[28] : '<a href="' . $scripturl . '?action=profile;u=' . $row['ID_MEMBER_TO'] . '">' . $row['toName'] . '</a>'; } if ($row['ID_MEMBER_TO'] == $ID_MEMBER && $context['folder'] != 'outbox') { $context['message_replied'][$row['ID_PM']] = $row['is_read'] & 2; $row['labels'] = $row['labels'] == '' ? array() : explode(',', $row['labels']); // This is a special need for linking to messages. foreach ($row['labels'] as $v) { if (isset($context['labels'][(int) $v])) { $context['message_labels'][$row['ID_PM']][(int) $v] = array('id' => $v, 'name' => $context['labels'][(int) $v]['name']); } // Here we find the first label on a message - for linking to posts in results if (!isset($context['first_label'][$row['ID_PM']]) && !in_array('-1', $row['labels'])) { $context['first_label'][$row['ID_PM']] = (int) $v; } } } } // Prepare the query for the callback! $request = db_query("\n\t\t\tSELECT pm.ID_PM, pm.subject, pm.ID_MEMBER_FROM, pm.body, pm.msgtime, pm.fromName\n\t\t\tFROM {$db_prefix}personal_messages AS pm\n\t\t\tWHERE pm.ID_PM IN (" . implode(',', $foundMessages) . ")\n\t\t\tORDER BY {$search_params['sort']} {$search_params['sort_dir']}\n\t\t\tLIMIT " . count($foundMessages), __FILE__, __LINE__); $counter = 0; while ($row = mysql_fetch_assoc($request)) { // If there's no message subject, use the default. $row['subject'] = $row['subject'] == '' ? $txt[24] : $row['subject']; // Load this posters context info, if it ain't there then fill in the essentials... if (!loadMemberContext($row['ID_MEMBER_FROM'])) { $memberContext[$row['ID_MEMBER_FROM']]['name'] = $row['fromName']; $memberContext[$row['ID_MEMBER_FROM']]['id'] = 0; $memberContext[$row['ID_MEMBER_FROM']]['group'] = $txt[28]; $memberContext[$row['ID_MEMBER_FROM']]['link'] = $row['fromName']; $memberContext[$row['ID_MEMBER_FROM']]['email'] = ''; $memberContext[$row['ID_MEMBER_FROM']]['hide_email'] = true; $memberContext[$row['ID_MEMBER_FROM']]['is_guest'] = true; } // Censor anything we don't want to see... censorText($row['body']); censorText($row['subject']); // Parse out any BBC... $row['body'] = parse_bbc($row['body'], true, 'pm' . $row['ID_PM']); $href = $scripturl . '?action=pm;f=' . $context['folder'] . (isset($context['first_label'][$row['ID_PM']]) ? ';l=' . $context['first_label'][$row['ID_PM']] : '') . ';pmid=' . $row['ID_PM'] . '#msg' . $row['ID_PM']; $context['personal_messages'][] = array('id' => $row['ID_PM'], 'member' => &$memberContext[$row['ID_MEMBER_FROM']], 'subject' => $row['subject'], 'body' => $row['body'], 'time' => timeformat($row['msgtime']), 'recipients' => &$recipients[$row['ID_PM']], 'labels' => &$context['message_labels'][$row['ID_PM']], 'fully_labeled' => count($context['message_labels'][$row['ID_PM']]) == count($context['labels']), 'is_replied_to' => &$context['message_replied'][$row['ID_PM']], 'href' => $href, 'link' => '<a href="' . $href . '">' . $row['subject'] . '</a>', 'counter' => ++$counter); } mysql_free_result($request); } // Finish off the context. $context['page_title'] = $txt['pm_search_title']; $context['sub_template'] = 'search_results'; $context['pm_area'] = 'search'; $context['linktree'][] = array('url' => $scripturl . '?action=pm;sa=search', 'name' => $txt['pm_search_bar_title']); }
function editBuddies($memID) { global $txt, $scripturl, $modSettings, $db_prefix; global $context, $user_profile, $memberContext, $func; // Do a quick check to ensure people aren't getting here illegally! if (!$context['user']['is_owner'] || empty($modSettings['enable_buddylist'])) { fatal_lang_error(1, false); } // !!! No page_title. // For making changes! $buddiesArray = explode(',', $user_profile[$memID]['buddy_list']); foreach ($buddiesArray as $k => $dummy) { if ($dummy == '') { unset($buddiesArray[$k]); } } // Removing a buddy? if (isset($_GET['remove'])) { // Heh, I'm lazy, do it the easy way... foreach ($buddiesArray as $key => $buddy) { if ($buddy == (int) $_GET['remove']) { unset($buddiesArray[$key]); } } // Make the changes. $user_profile[$memID]['buddy_list'] = implode(',', $buddiesArray); updateMemberData($memID, array('buddy_list' => "'" . $user_profile[$memID]['buddy_list'] . "'")); // Redirect off the page because we don't like all this ugly query stuff to stick in the history. redirectexit('action=profile;u=' . $memID . ';sa=editBuddies'); } elseif (isset($_POST['new_buddy'])) { // Prepare the string for extraction... $_POST['new_buddy'] = strtr(addslashes($func['htmlspecialchars'](stripslashes($_POST['new_buddy']), ENT_QUOTES)), array('"' => '"')); preg_match_all('~"([^"]+)"~', $_POST['new_buddy'], $matches); $new_buddies = array_unique(array_merge($matches[1], explode(',', preg_replace('~"([^"]+)"~', '', $_POST['new_buddy'])))); foreach ($new_buddies as $k => $dummy) { $new_buddies[$k] = strtr(trim($new_buddies[$k]), array('\\\'' => ''')); if (strlen($new_buddies[$k]) == 0) { unset($new_buddies[$k]); } } if (!empty($new_buddies)) { // Now find out the ID_MEMBER of the buddy. $request = db_query("\n\t\t\t\tSELECT ID_MEMBER\n\t\t\t\tFROM {$db_prefix}members\n\t\t\t\tWHERE memberName IN ('" . implode("','", $new_buddies) . "') OR realName IN ('" . implode("','", $new_buddies) . "')\n\t\t\t\tLIMIT " . count($new_buddies), __FILE__, __LINE__); // Add the new member to the buddies array. while ($row = mysql_fetch_assoc($request)) { $buddiesArray[] = (int) $row['ID_MEMBER']; } mysql_free_result($request); // Now update the current users buddy list. $user_profile[$memID]['buddy_list'] = implode(',', $buddiesArray); updateMemberData($memID, array('buddy_list' => "'" . $user_profile[$memID]['buddy_list'] . "'")); } // Back to the buddy list! redirectexit('action=profile;u=' . $memID . ';sa=editBuddies'); } // Get all the users "buddies"... $buddies = array(); if (!empty($buddiesArray)) { $result = db_query("\n\t\t\tSELECT ID_MEMBER\n\t\t\tFROM {$db_prefix}members\n\t\t\tWHERE ID_MEMBER IN (" . implode(', ', $buddiesArray) . ")\n\t\t\tORDER BY realName\n\t\t\tLIMIT " . (substr_count($user_profile[$memID]['buddy_list'], ',') + 1), __FILE__, __LINE__); while ($row = mysql_fetch_assoc($result)) { $buddies[] = $row['ID_MEMBER']; } mysql_free_result($result); } $context['buddy_count'] = count($buddies); // Load all the members up. loadMemberData($buddies, false, 'profile'); // Setup the context for each buddy. $context['buddies'] = array(); foreach ($buddies as $buddy) { loadMemberContext($buddy); $context['buddies'][$buddy] = $memberContext[$buddy]; } }
function editIgnoreList($memID) { global $txt, $scripturl, $modSettings; global $context, $user_profile, $memberContext, $smcFunc; // For making changes! $ignoreArray = explode(',', $user_profile[$memID]['pm_ignore_list']); foreach ($ignoreArray as $k => $dummy) { if ($dummy == '') { unset($ignoreArray[$k]); } } // Removing a member from the ignore list? if (isset($_GET['remove'])) { checkSession('get'); // Heh, I'm lazy, do it the easy way... foreach ($ignoreArray as $key => $id_remove) { if ($id_remove == (int) $_GET['remove']) { unset($ignoreArray[$key]); } } // Make the changes. $user_profile[$memID]['pm_ignore_list'] = implode(',', $ignoreArray); updateMemberData($memID, array('pm_ignore_list' => $user_profile[$memID]['pm_ignore_list'])); // Redirect off the page because we don't like all this ugly query stuff to stick in the history. redirectexit('action=profile;area=lists;sa=ignore;u=' . $memID); } elseif (isset($_POST['new_ignore'])) { // Prepare the string for extraction... $_POST['new_ignore'] = strtr($smcFunc['htmlspecialchars']($_POST['new_ignore'], ENT_QUOTES), array('"' => '"')); preg_match_all('~"([^"]+)"~', $_POST['new_ignore'], $matches); $new_entries = array_unique(array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $_POST['new_ignore'])))); foreach ($new_entries as $k => $dummy) { $new_entries[$k] = strtr(trim($new_entries[$k]), array('\'' => ''')); if (strlen($new_entries[$k]) == 0 || in_array($new_entries[$k], array($user_profile[$memID]['member_name'], $user_profile[$memID]['real_name']))) { unset($new_entries[$k]); } } if (!empty($new_entries)) { // Now find out the id_member for the members in question. $request = $smcFunc['db_query']('', ' SELECT id_member FROM {db_prefix}members WHERE member_name IN ({array_string:new_entries}) OR real_name IN ({array_string:new_entries}) LIMIT {int:count_new_entries}', array('new_entries' => $new_entries, 'count_new_entries' => count($new_entries))); // Add the new member to the buddies array. while ($row = $smcFunc['db_fetch_assoc']($request)) { $ignoreArray[] = (int) $row['id_member']; } $smcFunc['db_free_result']($request); // Now update the current users buddy list. $user_profile[$memID]['pm_ignore_list'] = implode(',', $ignoreArray); updateMemberData($memID, array('pm_ignore_list' => $user_profile[$memID]['pm_ignore_list'])); } // Back to the list of pityful people! redirectexit('action=profile;area=lists;sa=ignore;u=' . $memID); } // Initialise the list of members we're ignoring. $ignored = array(); if (!empty($ignoreArray)) { $result = $smcFunc['db_query']('', ' SELECT id_member FROM {db_prefix}members WHERE id_member IN ({array_int:ignore_list}) ORDER BY real_name LIMIT {int:ignore_list_count}', array('ignore_list' => $ignoreArray, 'ignore_list_count' => substr_count($user_profile[$memID]['pm_ignore_list'], ',') + 1)); while ($row = $smcFunc['db_fetch_assoc']($result)) { $ignored[] = $row['id_member']; } $smcFunc['db_free_result']($result); } $context['ignore_count'] = count($ignored); // Load all the members up. loadMemberData($ignored, false, 'profile'); // Setup the context for each buddy. $context['ignore_list'] = array(); foreach ($ignored as $ignore_member) { loadMemberContext($ignore_member); $context['ignore_list'][$ignore_member] = $memberContext[$ignore_member]; } }
function shd_prepare_reply_context() { global $settings, $txt, $modSettings, $scripturl, $options, $user_info, $smcFunc; global $memberContext, $context, $reply_request; if (empty($reply_request)) { return false; } $message = $smcFunc['db_fetch_assoc']($reply_request); if (!$message) { $smcFunc['db_free_result']($reply_request); return false; } if (!loadMemberContext($message['id_member'], true)) { // Notice this information isn't used anywhere else.... $memberContext[$message['id_member']]['name'] = $message['poster_name']; $memberContext[$message['id_member']]['id'] = 0; $memberContext[$message['id_member']]['group'] = $txt['guest_title']; $memberContext[$message['id_member']]['link'] = $message['poster_name']; $memberContext[$message['id_member']]['email'] = $message['poster_email']; $memberContext[$message['id_member']]['show_email'] = showEmailAddress(true, 0); $memberContext[$message['id_member']]['is_guest'] = true; $memberContext[$message['id_member']]['group_stars'] = ''; } $memberContext[$message['id_member']]['ip'] = $message['poster_ip']; censorText($message['body']); $message['body'] = shd_format_text($message['body'], $message['smileys_enabled'], 'shd_reply_' . $message['id_msg']); $output = array('id' => $message['id_msg'], 'member' => &$memberContext[$message['id_member']], 'time' => timeformat($message['poster_time']), 'timestamp' => forum_time(true, $message['poster_time']), 'body' => $message['body'], 'is_staff' => !empty($context['shd_is_staff'][$message['id_member']]), 'can_edit' => shd_allowed_to('shd_edit_reply_any', $context['ticket_form']['dept']) || $message['id_member'] == $user_info['id'] && shd_allowed_to('shd_edit_reply_own', $context['ticket_form']['dept']), 'ip_address' => $message['poster_ip']); if (!empty($message['modified_time'])) { $output['modified'] = array('time' => timeformat($message['modified_time']), 'timestamp' => forum_time(true, $message['modified_time']), 'id' => !empty($user_profile[$message['modified_member']]) ? $message['modified_member'] : 0, 'name' => !empty($user_profile[$message['modified_member']]) ? $user_profile[$message['modified_member']]['real_name'] : $message['modified_name']); $output['modified']['link'] = shd_profile_link($output['modified']['name'], $output['modified']['id']); } return $output; }
function template_boardindex_outer_below() { global $modSettings; // Info center collapse object. echo '</td></tr></tbody></table>'; if (!empty($modSettings['sideright'])) { echo '<td valign="top" id="upshrinkRightBarTD"> <div id="upshrinkRightBar" style="width:', $modSettings['siderightwidth'] ? $modSettings['siderightwidth'] : '200px', '; overflow:hidden;"> ', empty($modSettings['sideright1']) ? '' : '<div class="cat_bar"><h3 class="catbg">' . $modSettings['righthtmlbaslik'] . '</h3></div>' . $modSettings['sideright1'] . '', ' ', empty($modSettings['siderightphp']) ? '' : '<div class="cat_bar"><h3 class="catbg">' . $modSettings['rightphpbaslik'] . '</h3></div>'; eval($modSettings['siderightphp']); if (!empty($modSettings['siderighthaberetkin'])) { $array = ssi_boardNews($modSettings['siderighthaber'], $modSettings['siderightsay'], null, 1000, 'array'); echo '<div class="cat_bar"> <h3 class="catbg">', $modSettings['rbaslik'], '</h3> </div>'; global $memberContext; foreach ($array as $news) { loadMemberData($news['poster']['id']); loadMemberContext($news['poster']['id']); echo '<div class="sidehaber"> <div class="sideBaslik"> <h3><a href="', $news['href'], '"><span class="generic_icons sort_up"></span> ', shorten_subject($news['subject'], 30), '</a></h3> </div> <div class="snrj"> ', $memberContext[$news['poster']['id']]['avatar']['image'], ' <p>', $txt['by'], '', $news['poster']['link'], '</p> </div> </div>'; } } echo '</div> </td> <td valign="top"> <button type="button" onclick="rightPanel.toggle();" id="teknoright"></button> </td>'; } echo '</td> </tr></tbody></table>'; template_info_center(); }
function printMemberListRows($request) { global $scripturl, $txt, $user_info, $modSettings; global $context, $settings, $memberContext, $smcFunc; // Get the most posts. $result = $smcFunc['db_query']('', ' SELECT MAX(posts) FROM {db_prefix}members', array()); list($MOST_POSTS) = $smcFunc['db_fetch_row']($result); $smcFunc['db_free_result']($result); // Avoid division by zero... if ($MOST_POSTS == 0) { $MOST_POSTS = 1; } $members = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $members[] = $row['id_member']; } // Load all the members for display. loadMemberData($members); $context['members'] = array(); foreach ($members as $member) { if (!loadMemberContext($member)) { continue; } $context['members'][$member] = $memberContext[$member]; $context['members'][$member]['post_percent'] = round($context['members'][$member]['real_posts'] * 100 / $MOST_POSTS); $context['members'][$member]['registered_date'] = strftime('%Y-%m-%d', $context['members'][$member]['registered_timestamp']); } }
/** * Callback for the message display. * It actually gets and prepares the message context. * This method will start over from the beginning if reset is set to true, which is * useful for showing an index before or after the posts. * * @param bool $reset default false. */ public function prepareDisplayContext_callback($reset = false) { global $settings, $txt, $modSettings, $scripturl, $options, $user_info; global $memberContext, $context, $messages_request, $topic; static $counter = null; // If the query returned false, bail. if ($messages_request == false) { return false; } // Remember which message this is. (ie. reply #83) if ($counter === null || $reset) { $counter = $context['start']; } // Start from the beginning... if ($reset) { return currentContext($messages_request, $reset); } // Attempt to get the next message. $message = currentContext($messages_request); if (!$message) { return false; } // $context['icon_sources'] says where each icon should come from - here we set up the ones which will always exist! if (empty($context['icon_sources'])) { require_once SUBSDIR . '/MessageIndex.subs.php'; $context['icon_sources'] = MessageTopicIcons(); } // Message Icon Management... check the images exist. if (empty($modSettings['messageIconChecks_disable'])) { // If the current icon isn't known, then we need to do something... if (!isset($context['icon_sources'][$message['icon']])) { $context['icon_sources'][$message['icon']] = file_exists($settings['theme_dir'] . '/images/post/' . $message['icon'] . '.png') ? 'images_url' : 'default_images_url'; } } elseif (!isset($context['icon_sources'][$message['icon']])) { $context['icon_sources'][$message['icon']] = 'images_url'; } // If you're a lazy bum, you probably didn't give a subject... $message['subject'] = $message['subject'] != '' ? $message['subject'] : $txt['no_subject']; // Are you allowed to remove at least a single reply? $context['can_remove_post'] |= allowedTo('delete_own') && (empty($modSettings['edit_disable_time']) || $message['poster_time'] + $modSettings['edit_disable_time'] * 60 >= time()) && $message['id_member'] == $user_info['id']; // Have you liked this post, can you? $message['you_liked'] = !empty($context['likes'][$message['id_msg']]['member']) && isset($context['likes'][$message['id_msg']]['member'][$user_info['id']]); $message['use_likes'] = allowedTo('like_posts') && ($message['id_member'] != $user_info['id'] || !empty($modSettings['likeAllowSelf'])) && (empty($modSettings['likeMinPosts']) ? true : $modSettings['likeMinPosts'] <= $user_info['posts']); $message['like_count'] = !empty($context['likes'][$message['id_msg']]['count']) ? $context['likes'][$message['id_msg']]['count'] : 0; // If it couldn't load, or the user was a guest.... someday may be done with a guest table. if (!loadMemberContext($message['id_member'], true)) { // Notice this information isn't used anywhere else.... $memberContext[$message['id_member']]['name'] = $message['poster_name']; $memberContext[$message['id_member']]['id'] = 0; $memberContext[$message['id_member']]['group'] = $txt['guest_title']; $memberContext[$message['id_member']]['link'] = $message['poster_name']; $memberContext[$message['id_member']]['email'] = $message['poster_email']; $memberContext[$message['id_member']]['show_email'] = showEmailAddress(true, 0); $memberContext[$message['id_member']]['is_guest'] = true; } else { $memberContext[$message['id_member']]['can_view_profile'] = allowedTo('profile_view_any') || $message['id_member'] == $user_info['id'] && allowedTo('profile_view_own'); $memberContext[$message['id_member']]['is_topic_starter'] = $message['id_member'] == $context['topic_starter_id']; $memberContext[$message['id_member']]['can_see_warning'] = !isset($context['disabled_fields']['warning_status']) && $memberContext[$message['id_member']]['warning_status'] && ($context['user']['can_mod'] || !$user_info['is_guest'] && !empty($modSettings['warning_show']) && ($modSettings['warning_show'] > 1 || $message['id_member'] == $user_info['id'])); } $memberContext[$message['id_member']]['ip'] = $message['poster_ip']; $memberContext[$message['id_member']]['show_profile_buttons'] = $settings['show_profile_buttons'] && (!empty($memberContext[$message['id_member']]['can_view_profile']) || !empty($memberContext[$message['id_member']]['website']['url']) && !isset($context['disabled_fields']['website']) || in_array($memberContext[$message['id_member']]['show_email'], array('yes', 'yes_permission_override', 'no_through_forum')) || $context['can_send_pm']); // Do the censor thang. censorText($message['body']); censorText($message['subject']); // Run BBC interpreter on the message. $message['body'] = parse_bbc($message['body'], $message['smileys_enabled'], $message['id_msg']); // Compose the memory eat- I mean message array. require_once SUBSDIR . '/Attachments.subs.php'; $output = array('attachment' => loadAttachmentContext($message['id_msg']), 'alternate' => $counter % 2, 'id' => $message['id_msg'], 'href' => $scripturl . '?topic=' . $topic . '.msg' . $message['id_msg'] . '#msg' . $message['id_msg'], 'link' => '<a href="' . $scripturl . '?topic=' . $topic . '.msg' . $message['id_msg'] . '#msg' . $message['id_msg'] . '" rel="nofollow">' . $message['subject'] . '</a>', 'member' => &$memberContext[$message['id_member']], 'icon' => $message['icon'], 'icon_url' => $settings[$context['icon_sources'][$message['icon']]] . '/post/' . $message['icon'] . '.png', 'subject' => $message['subject'], 'time' => standardTime($message['poster_time']), 'html_time' => htmlTime($message['poster_time']), 'timestamp' => forum_time(true, $message['poster_time']), 'counter' => $counter, 'modified' => array('time' => standardTime($message['modified_time']), 'html_time' => htmlTime($message['modified_time']), 'timestamp' => forum_time(true, $message['modified_time']), 'name' => $message['modified_name']), 'body' => $message['body'], 'new' => empty($message['is_read']), 'approved' => $message['approved'], 'first_new' => isset($context['start_from']) && $context['start_from'] == $counter, 'is_ignored' => !empty($modSettings['enable_buddylist']) && in_array($message['id_member'], $context['user']['ignoreusers']), 'is_message_author' => $message['id_member'] == $user_info['id'], 'can_approve' => !$message['approved'] && $context['can_approve'], 'can_unapprove' => !empty($modSettings['postmod_active']) && $context['can_approve'] && $message['approved'], 'can_modify' => (!$context['is_locked'] || allowedTo('moderate_board')) && (allowedTo('modify_any') || allowedTo('modify_replies') && $context['user']['started'] || allowedTo('modify_own') && $message['id_member'] == $user_info['id'] && (empty($modSettings['edit_disable_time']) || !$message['approved'] || $message['poster_time'] + $modSettings['edit_disable_time'] * 60 > time())), 'can_remove' => allowedTo('delete_any') || allowedTo('delete_replies') && $context['user']['started'] || allowedTo('delete_own') && $message['id_member'] == $user_info['id'] && (empty($modSettings['edit_disable_time']) || $message['poster_time'] + $modSettings['edit_disable_time'] * 60 > time()), 'can_see_ip' => allowedTo('moderate_forum') || $message['id_member'] == $user_info['id'] && !empty($user_info['id']), 'can_like' => $message['use_likes'] && !$message['you_liked'], 'can_unlike' => $message['use_likes'] && $message['you_liked'], 'like_counter' => $message['like_count'], 'likes_enabled' => !empty($modSettings['likes_enabled']) && ($message['use_likes'] || $message['like_count'] != 0)); if (!empty($output['modified']['name'])) { $output['modified']['last_edit_text'] = sprintf($txt['last_edit_by'], $output['modified']['time'], $output['modified']['name'], standardTime($output['modified']['timestamp'])); } if (!empty($output['member']['karma']['allow'])) { $output['member']['karma'] += array('applaud_url' => $scripturl . '?action=karma;sa=applaud;uid=' . $output['member']['id'] . ';topic=' . $context['current_topic'] . '.' . $context['start'] . ';m=' . $output['id'] . ';' . $context['session_var'] . '=' . $context['session_id'], 'smite_url' => $scripturl . '?action=karma;sa=smite;uid=' . $output['member']['id'] . ';topic=' . $context['current_topic'] . '.' . $context['start'] . ';m=' . $output['id'] . ';' . $context['session_var'] . '=' . $context['session_id']); } call_integration_hook('integrate_prepare_display_context', array(&$output, &$message)); $counter++; return $output; }
header('HTTP/1.1 404 Not Found'); die; } if (!is_logged()) { if (file_exists($smf_forum . 'SSI.php')) { include $smf_forum . 'SSI.php'; global $context, $txt, $scripturl; if ($context["user"]["id"] >= 1) { $SMF_id = $context["user"]["id"]; $SMF_session_var = $context['session_var']; $SMF_sid =& $context['session_id']; $SMF_username = $context["user"]["name"]; $SMF_email = $context["user"]["email"]; $SMF_website = $smf_forum_url . "index.php?action=profile;u=" . $SMF_id; $userID = loadMemberData($SMF_username, true, 'profile'); loadMemberContext($userID[0]); $SMF_avatar = $memberContext[$userID[0]]['avatar']['href']; require_once 'inc/common.php'; require_once 'inc/class.db.PDO.php'; //require_once('inc/db_connect.php'); $OSDB = new db("mysql:host=" . OSDB_SERVER . ";dbname=" . OSDB_DATABASE . "", OSDB_USERNAME, OSDB_PASSWORD); $sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " \n\t\t WHERE user_email = :SMF_email AND smf_id = :SMF_id "); $sth->bindValue(':SMF_email', $SMF_email, PDO::PARAM_STR); $sth->bindValue(':SMF_id', $SMF_id, PDO::PARAM_STR); $result = $sth->execute(); if ($sth->rowCount() <= 0) { //CREATE NEW USER (from phpbb database) $sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE LOWER(user_name) = :SMF_username "); $sth->bindValue(':SMF_username', strtolower($SMF_username), PDO::PARAM_STR); $result = $sth->execute(); if ($sth->rowCount() >= 1) {
function getComments($id_page, $limit = array()) { //Check if page exists global $context, $smcFunc, $memberContext; $page = getPage($id_page, true, false); if (empty($page)) { return array(); } $query = $smcFunc['db_query']('', ' SELECT id_comment, id_member, body, date FROM {db_prefix}adk_pages_comments WHERE id_page = {int:id_page} ORDER BY date ASC ' . (!empty($limit) ? 'LIMIT {int:start}, {int:end}' : ''), array('id_page' => $id_page, 'start' => !empty($limit) ? $limit[0] : '', 'end' => !empty($limit) ? $limit[1] : '')); $comments = array(); $id_members = array(); $num_replie = !empty($context['start']) ? $context['start'] : 0; $context['load_id_comments'] = array(); while ($row = $smcFunc['db_fetch_assoc']($query)) { $num_replie++; $context['load_id_comments'][] = $row['id_comment']; $comments[$row['id_comment']] = array('id_page' => $id_page, 'id_comment' => $row['id_comment'], 'body' => parse_bbc($row['body']), 'date' => timeformat($row['date']), 'member_info' => array(), 'num_replie' => $num_replie, 'is_new' => false); $id_members[] = array('id_member' => $row['id_member'], 'id_comment' => $row['id_comment']); } $dont_load_members = array(); //Load Memberinfo if (!empty($id_members)) { foreach ($id_members as $comment) { if (!in_array($comment['id_member'], $dont_load_members)) { loadMemberData($comment['id_member'], false, 'profile'); loadMemberContext($comment['id_member']); //Finaly, make my context string ;) $comments[$comment['id_comment']]['member_info'] = $memberContext[$comment['id_member']]; $dont_load_members[] = $comment['id_member']; } else { $comments[$comment['id_comment']]['member_info'] = $memberContext[$comment['id_member']]; } } } $smcFunc['db_free_result']($query); return $comments; }
function ModifyProfile($post_errors = array()) { global $txt, $scripturl, $user_info, $context, $sourcedir, $user_profile, $cur_profile; global $modSettings, $memberContext, $profile_vars, $smcFunc, $post_errors, $options, $user_settings; // Don't reload this as we may have processed error strings. if (empty($post_errors)) { loadLanguage('Profile'); } loadTemplate('Profile'); require_once $sourcedir . '/Subs-Menu.php'; // Did we get the user by name... if (isset($_REQUEST['user'])) { $memberResult = loadMemberData($_REQUEST['user'], true, 'profile'); } elseif (!empty($_REQUEST['u'])) { $memberResult = loadMemberData((int) $_REQUEST['u'], false, 'profile'); } else { $memberResult = loadMemberData($user_info['id'], false, 'profile'); } // Check if loadMemberData() has returned a valid result. if (!is_array($memberResult)) { fatal_lang_error('not_a_user', false); } // If all went well, we have a valid member ID! list($memID) = $memberResult; $context['id_member'] = $memID; $cur_profile = $user_profile[$memID]; // Let's have some information about this member ready, too. loadMemberContext($memID); $context['member'] = $memberContext[$memID]; // Is this the profile of the user himself or herself? $context['user']['is_owner'] = $memID == $user_info['id']; /* Define all the sections within the profile area! We start by defining the permission required - then SMF takes this and turns it into the relevant context ;) Possible fields: For Section: string $title: Section title. array $areas: Array of areas within this section. For Areas: string $label: Text string that will be used to show the area in the menu. string $file: Optional text string that may contain a file name that's needed for inclusion in order to display the area properly. string $custom_url: Optional href for area. string $function: Function to execute for this section. bool $enabled: Should area be shown? string $sc: Session check validation to do on save - note without this save will get unset - if set. bool $hidden: Does this not actually appear on the menu? bool $password: Whether to require the user's password in order to save the data in the area. array $subsections: Array of subsections, in order of appearance. array $permission: Array of permissions to determine who can access this area. Should contain arrays $own and $any. */ $profile_areas = array('info' => array('title' => $txt['profileInfo'], 'areas' => array('summary' => array('label' => $txt['summary'], 'file' => 'Profile-View.php', 'function' => 'summary', 'permission' => array('own' => 'profile_view_own', 'any' => 'profile_view_any')), 'statistics' => array('label' => $txt['statPanel'], 'file' => 'Profile-View.php', 'function' => 'statPanel', 'permission' => array('own' => 'profile_view_own', 'any' => 'profile_view_any')), 'showposts' => array('label' => $txt['showPosts'], 'file' => 'Profile-View.php', 'function' => 'showPosts', 'subsections' => array('messages' => array($txt['showMessages'], array('profile_view_own', 'profile_view_any')), 'topics' => array($txt['showTopics'], array('profile_view_own', 'profile_view_any')), 'attach' => array($txt['showAttachments'], array('profile_view_own', 'profile_view_any'))), 'permission' => array('own' => 'profile_view_own', 'any' => 'profile_view_any')), 'permissions' => array('label' => $txt['showPermissions'], 'file' => 'Profile-View.php', 'function' => 'showPermissions', 'permission' => array('own' => 'manage_permissions', 'any' => 'manage_permissions')), 'tracking' => array('label' => $txt['trackUser'], 'file' => 'Profile-View.php', 'function' => 'tracking', 'subsections' => array('activity' => array($txt['trackActivity'], 'moderate_forum'), 'ip' => array($txt['trackIP'], 'moderate_forum'), 'edits' => array($txt['trackEdits'], 'moderate_forum')), 'permission' => array('own' => 'moderate_forum', 'any' => 'moderate_forum')), 'viewwarning' => array('label' => $txt['profile_view_warnings'], 'enabled' => in_array('w', $context['admin_features']) && $modSettings['warning_settings'][0] == 1 && $cur_profile['warning'] && $context['user']['is_owner'] && !empty($modSettings['warning_show']), 'file' => 'Profile-View.php', 'function' => 'viewWarning', 'permission' => array('own' => 'profile_view_own', 'any' => 'issue_warning')))), 'edit_profile' => array('title' => $txt['profileEdit'], 'areas' => array('account' => array('label' => $txt['account'], 'file' => 'Profile-Modify.php', 'function' => 'account', 'enabled' => $context['user']['is_admin'] || $cur_profile['id_group'] != 1 && !in_array(1, explode(',', $cur_profile['additional_groups'])), 'sc' => 'post', 'password' => true, 'permission' => array('own' => array('profile_identity_any', 'profile_identity_own', 'manage_membergroups'), 'any' => array('profile_identity_any', 'manage_membergroups'))), 'forumprofile' => array('label' => $txt['forumprofile'], 'file' => 'Profile-Modify.php', 'function' => 'forumProfile', 'sc' => 'post', 'permission' => array('own' => array('profile_extra_any', 'profile_extra_own', 'profile_title_own', 'profile_title_any'), 'any' => array('profile_extra_any', 'profile_title_any'))), 'theme' => array('label' => $txt['theme'], 'file' => 'Profile-Modify.php', 'function' => 'theme', 'sc' => 'post', 'permission' => array('own' => array('profile_extra_any', 'profile_extra_own'), 'any' => array('profile_extra_any'))), 'authentication' => array('label' => $txt['authentication'], 'file' => 'Profile-Modify.php', 'function' => 'authentication', 'enabled' => !empty($modSettings['enableOpenID']) || !empty($cur_profile['openid_uri']), 'sc' => 'post', 'hidden' => empty($modSettings['enableOpenID']) && empty($cur_profile['openid_uri']), 'password' => true, 'permission' => array('own' => array('profile_identity_any', 'profile_identity_own'), 'any' => array('profile_identity_any'))), 'notification' => array('label' => $txt['notification'], 'file' => 'Profile-Modify.php', 'function' => 'notification', 'sc' => 'post', 'permission' => array('own' => array('profile_extra_any', 'profile_extra_own'), 'any' => array('profile_extra_any'))), 'pmprefs' => array('label' => $txt['pmprefs'], 'file' => 'Profile-Modify.php', 'function' => 'pmprefs', 'enabled' => allowedTo(array('profile_extra_own', 'profile_extra_any')), 'sc' => 'post', 'permission' => array('own' => array('pm_read'), 'any' => array('profile_extra_any'))), 'ignoreboards' => array('label' => $txt['ignoreboards'], 'file' => 'Profile-Modify.php', 'function' => 'ignoreboards', 'enabled' => !empty($modSettings['allow_ignore_boards']), 'sc' => 'post', 'permission' => array('own' => array('profile_extra_any', 'profile_extra_own'), 'any' => array('profile_extra_any'))), 'lists' => array('label' => $txt['editBuddyIgnoreLists'], 'file' => 'Profile-Modify.php', 'function' => 'editBuddyIgnoreLists', 'enabled' => !empty($modSettings['enable_buddylist']) && $context['user']['is_owner'], 'sc' => 'post', 'subsections' => array('buddies' => array($txt['editBuddies']), 'ignore' => array($txt['editIgnoreList'])), 'permission' => array('own' => array('profile_extra_any', 'profile_extra_own'), 'any' => array())), 'groupmembership' => array('label' => $txt['groupmembership'], 'file' => 'Profile-Modify.php', 'function' => 'groupMembership', 'enabled' => !empty($modSettings['show_group_membership']) && $context['user']['is_owner'], 'sc' => 'request', 'permission' => array('own' => array('profile_view_own'), 'any' => array('manage_membergroups'))))), 'profile_action' => array('title' => $txt['profileAction'], 'areas' => array('sendpm' => array('label' => $txt['profileSendIm'], 'custom_url' => $scripturl . '?action=pm;sa=send', 'permission' => array('own' => array(), 'any' => array('pm_send'))), 'issuewarning' => array('label' => $txt['profile_issue_warning'], 'enabled' => in_array('w', $context['admin_features']) && $modSettings['warning_settings'][0] == 1 && (!$context['user']['is_owner'] || $context['user']['is_admin']), 'file' => 'Profile-Actions.php', 'function' => 'issueWarning', 'permission' => array('own' => array('issue_warning'), 'any' => array('issue_warning'))), 'banuser' => array('label' => $txt['profileBanUser'], 'custom_url' => $scripturl . '?action=admin;area=ban;sa=add', 'enabled' => $cur_profile['id_group'] != 1 && !in_array(1, explode(',', $cur_profile['additional_groups'])), 'permission' => array('own' => array(), 'any' => array('manage_bans'))), 'subscriptions' => array('label' => $txt['subscriptions'], 'file' => 'Profile-Actions.php', 'function' => 'subscriptions', 'enabled' => !empty($modSettings['paid_enabled']), 'permission' => array('own' => array('profile_view_own'), 'any' => array('moderate_forum'))), 'deleteaccount' => array('label' => $txt['deleteAccount'], 'file' => 'Profile-Actions.php', 'function' => 'deleteAccount', 'sc' => 'post', 'password' => true, 'permission' => array('own' => array('profile_remove_any', 'profile_remove_own'), 'any' => array('profile_remove_any'))), 'activateaccount' => array('file' => 'Profile-Actions.php', 'function' => 'activateAccount', 'sc' => 'get', 'permission' => array('own' => array(), 'any' => array('moderate_forum')))))); // Let them modify profile areas easily. call_integration_hook('integrate_profile_areas', array(&$profile_areas)); // Do some cleaning ready for the menu function. $context['password_areas'] = array(); $current_area = isset($_REQUEST['area']) ? $_REQUEST['area'] : ''; foreach ($profile_areas as $section_id => $section) { // Do a bit of spring cleaning so to speak. foreach ($section['areas'] as $area_id => $area) { // If it said no permissions that meant it wasn't valid! if (empty($area['permission'][$context['user']['is_owner'] ? 'own' : 'any'])) { $profile_areas[$section_id]['areas'][$area_id]['enabled'] = false; } else { $profile_areas[$section_id]['areas'][$area_id]['permission'] = $area['permission'][$context['user']['is_owner'] ? 'own' : 'any']; } // Password required - only if not on OpenID. if (!empty($area['password'])) { $context['password_areas'][] = $area_id; } } } // Is there an updated message to show? if (isset($_GET['updated'])) { $context['profile_updated'] = $txt['profile_updated_own']; } // Set a few options for the menu. $menuOptions = array('disable_url_session_check' => true, 'current_area' => $current_area, 'extra_url_parameters' => array('u' => $context['id_member'])); // Actually create the menu! $profile_include_data = createMenu($profile_areas, $menuOptions); // No menu means no access. if (!$profile_include_data && (!$user_info['is_guest'] || validateSession())) { fatal_lang_error('no_access', false); } // Make a note of the Unique ID for this menu. $context['profile_menu_id'] = $context['max_menu_id']; $context['profile_menu_name'] = 'menu_data_' . $context['profile_menu_id']; // Set the selected item - now it's been validated. $current_area = $profile_include_data['current_area']; $context['menu_item_selected'] = $current_area; // Before we go any further, let's work on the area we've said is valid. Note this is done here just in case we every compromise the menu function in error! $context['completed_save'] = false; $security_checks = array(); $found_area = false; foreach ($profile_areas as $section_id => $section) { // Do a bit of spring cleaning so to speak. foreach ($section['areas'] as $area_id => $area) { // Is this our area? if ($current_area == $area_id) { // This can't happen - but is a security check. if (isset($section['enabled']) && $section['enabled'] == false || isset($area['enabled']) && $area['enabled'] == false) { fatal_lang_error('no_access', false); } // Are we saving data in a valid area? if (isset($area['sc']) && isset($_REQUEST['save'])) { $security_checks['session'] = $area['sc']; $context['completed_save'] = true; } // Does this require session validating? if (!empty($area['validate'])) { $security_checks['validate'] = true; } // Permissions for good measure. if (!empty($profile_include_data['permission'])) { $security_checks['permission'] = $profile_include_data['permission']; } // Either way got something. $found_area = true; } } } // Oh dear, some serious security lapse is going on here... we'll put a stop to that! if (!$found_area) { fatal_lang_error('no_access', false); } // Release this now. unset($profile_areas); // Now the context is setup have we got any security checks to carry out additional to that above? if (isset($security_checks['session'])) { checkSession($security_checks['session']); } if (isset($security_checks['validate'])) { validateSession(); } if (isset($security_checks['permission'])) { isAllowedTo($security_checks['permission']); } // File to include? if (isset($profile_include_data['file'])) { require_once $sourcedir . '/' . $profile_include_data['file']; } // Make sure that the area function does exist! if (!isset($profile_include_data['function']) || !function_exists($profile_include_data['function'])) { destroyMenu(); fatal_lang_error('no_access', false); } // Build the link tree. $context['linktree'][] = array('url' => $scripturl . '?action=profile' . ($memID != $user_info['id'] ? ';u=' . $memID : ''), 'name' => sprintf($txt['profile_of_username'], $context['member']['name'])); if (!empty($profile_include_data['label'])) { $context['linktree'][] = array('url' => $scripturl . '?action=profile' . ($memID != $user_info['id'] ? ';u=' . $memID : '') . ';area=' . $profile_include_data['current_area'], 'name' => $profile_include_data['label']); } if (!empty($profile_include_data['current_subsection']) && $profile_include_data['subsections'][$profile_include_data['current_subsection']][0] != $profile_include_data['label']) { $context['linktree'][] = array('url' => $scripturl . '?action=profile' . ($memID != $user_info['id'] ? ';u=' . $memID : '') . ';area=' . $profile_include_data['current_area'] . ';sa=' . $profile_include_data['current_subsection'], 'name' => $profile_include_data['subsections'][$profile_include_data['current_subsection']][0]); } // Set the template for this area and add the profile layer. $context['sub_template'] = $profile_include_data['function']; $context['template_layers'][] = 'profile'; // All the subactions that require a user password in order to validate. $check_password = $context['user']['is_owner'] && in_array($profile_include_data['current_area'], $context['password_areas']); $context['require_password'] = $check_password && empty($user_settings['openid_uri']); // If we're in wireless then we have a cut down template... if (WIRELESS && $context['sub_template'] == 'summary' && WIRELESS_PROTOCOL != 'wap') { $context['sub_template'] = WIRELESS_PROTOCOL . '_profile'; } // These will get populated soon! $post_errors = array(); $profile_vars = array(); // Right - are we saving - if so let's save the old data first. if ($context['completed_save']) { // If it's someone elses profile then validate the session. if (!$context['user']['is_owner']) { validateSession(); } // Clean up the POST variables. $_POST = htmltrim__recursive($_POST); $_POST = htmlspecialchars__recursive($_POST); if ($check_password) { // If we're using OpenID try to revalidate. if (!empty($user_settings['openid_uri'])) { require_once $sourcedir . '/Subs-OpenID.php'; smf_openID_revalidate(); } else { // You didn't even enter a password! if (trim($_POST['oldpasswrd']) == '') { $post_errors[] = 'no_password'; } // Since the password got modified due to all the $_POST cleaning, lets undo it so we can get the correct password $_POST['oldpasswrd'] = un_htmlspecialchars($_POST['oldpasswrd']); // Does the integration want to check passwords? $good_password = in_array(true, call_integration_hook('integrate_verify_password', array($cur_profile['member_name'], $_POST['oldpasswrd'], false)), true); // Bad password!!! if (!$good_password && $user_info['passwd'] != sha1(strtolower($cur_profile['member_name']) . $_POST['oldpasswrd'])) { $post_errors[] = 'bad_password'; } // Warn other elements not to jump the gun and do custom changes! if (in_array('bad_password', $post_errors)) { $context['password_auth_failed'] = true; } } } // Change the IP address in the database. if ($context['user']['is_owner']) { $profile_vars['member_ip'] = $user_info['ip']; } // Now call the sub-action function... if ($current_area == 'activateaccount') { if (empty($post_errors)) { activateAccount($memID); } } elseif ($current_area == 'deleteaccount') { if (empty($post_errors)) { deleteAccount2($profile_vars, $post_errors, $memID); redirectexit(); } } elseif ($current_area == 'groupmembership' && empty($post_errors)) { $msg = groupMembership2($profile_vars, $post_errors, $memID); // Whatever we've done, we have nothing else to do here... redirectexit('action=profile' . ($context['user']['is_owner'] ? '' : ';u=' . $memID) . ';area=groupmembership' . (!empty($msg) ? ';msg=' . $msg : '')); } elseif ($current_area == 'authentication') { authentication($memID, true); } elseif (in_array($current_area, array('account', 'forumprofile', 'theme', 'pmprefs'))) { saveProfileFields(); } else { $force_redirect = true; // Ensure we include this. require_once $sourcedir . '/Profile-Modify.php'; saveProfileChanges($profile_vars, $post_errors, $memID); } // There was a problem, let them try to re-enter. if (!empty($post_errors)) { // Load the language file so we can give a nice explanation of the errors. loadLanguage('Errors'); $context['post_errors'] = $post_errors; } elseif (!empty($profile_vars)) { // If we've changed the password, notify any integration that may be listening in. if (isset($profile_vars['passwd'])) { call_integration_hook('integrate_reset_pass', array($cur_profile['member_name'], $cur_profile['member_name'], $_POST['passwrd2'])); } updateMemberData($memID, $profile_vars); // What if this is the newest member? if ($modSettings['latestMember'] == $memID) { updateStats('member'); } elseif (isset($profile_vars['real_name'])) { updateSettings(array('memberlist_updated' => time())); } // If the member changed his/her birthdate, update calendar statistics. if (isset($profile_vars['birthdate']) || isset($profile_vars['real_name'])) { updateSettings(array('calendar_updated' => time())); } // Anything worth logging? if (!empty($context['log_changes']) && !empty($modSettings['modlog_enabled'])) { $log_changes = array(); foreach ($context['log_changes'] as $k => $v) { $log_changes[] = array('action' => $k, 'id_log' => 2, 'log_time' => time(), 'id_member' => $memID, 'ip' => $user_info['ip'], 'extra' => serialize(array_merge($v, array('applicator' => $user_info['id'])))); } $smcFunc['db_insert']('', '{db_prefix}log_actions', array('action' => 'string', 'id_log' => 'int', 'log_time' => 'int', 'id_member' => 'int', 'ip' => 'string-16', 'extra' => 'string-65534'), $log_changes, array('id_action')); } // Have we got any post save functions to execute? if (!empty($context['profile_execute_on_save'])) { foreach ($context['profile_execute_on_save'] as $saveFunc) { $saveFunc(); } } // Let them know it worked! $context['profile_updated'] = $context['user']['is_owner'] ? $txt['profile_updated_own'] : sprintf($txt['profile_updated_else'], $cur_profile['member_name']); // Invalidate any cached data. cache_put_data('member_data-profile-' . $memID, null, 0); } } // Have some errors for some reason? if (!empty($post_errors)) { // Set all the errors so the template knows what went wrong. foreach ($post_errors as $error_type) { $context['modify_error'][$error_type] = true; } } elseif (!empty($profile_vars) && $context['user']['is_owner']) { redirectexit('action=profile;area=' . $current_area . ';updated'); } elseif (!empty($force_redirect)) { redirectexit('action=profile' . ($context['user']['is_owner'] ? '' : ';u=' . $memID) . ';area=' . $current_area); } // Call the appropriate subaction function. $profile_include_data['function']($memID); // Set the page title if it's not already set... if (!isset($context['page_title'])) { $context['page_title'] = $txt['profile'] . (isset($txt[$current_area]) ? ' - ' . $txt[$current_area] : ''); } }
$_GET[$_SESSION['session_var']] = $_SESSION['session_value']; $_POST[$_SESSION['session_var']] = $_SESSION['session_value']; define('WIRELESS', false); if (isset($_GET['user_id'])) { $user = loadMemberData(intval($_GET['user_id']), false, 'profile'); } elseif (isset($_GET['username'])) { $user = loadMemberData(base64_decode($_GET['username']), true, 'profile'); if (empty($user)) { $user = loadMemberData($_GET['username'], true, 'profile'); } } else { exit; } $url = ''; if (isset($user[0]) && !empty($user[0])) { if (empty($url)) { $memID = $user[0]; $context['id_member'] = $user[0]; $GLOBALS['cur_profile'] = $GLOBALS['user_profile'][$memID]; loadMemberContext($memID); if (isset($GLOBALS['memberContext'][$memID]['avatar']['href'])) { $url = $GLOBALS['memberContext'][$memID]['avatar']['href']; header("Location: {$url}", 0, 303); @ob_end_clean(); exit; } } } $protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.0'; header($protocol . ' 204 No content', true, 204); @ob_end_clean();
function prepareSearchContext($reset = false) { global $txt, $modSettings, $db_prefix, $scripturl, $ID_MEMBER; global $memberContext, $context, $settings, $options, $messages_request; global $boards_can, $participants, $func; // Remember which message this is. (ie. reply #83) static $counter = null; if ($counter == null || $reset) { $counter = $_REQUEST['start'] + 1; } // If the query returned false, bail. if ($messages_request == false) { return false; } // Start from the beginning... if ($reset) { return @mysql_data_seek($messages_request, 0); } // Attempt to get the next message. $message = mysql_fetch_assoc($messages_request); if (!$message) { return false; } // Can't have an empty subject can we? $message['subject'] = $message['subject'] != '' ? $message['subject'] : $txt[24]; $message['first_subject'] = $message['first_subject'] != '' ? $message['first_subject'] : $txt[24]; $message['last_subject'] = $message['last_subject'] != '' ? $message['last_subject'] : $txt[24]; // If it couldn't load, or the user was a guest.... someday may be done with a guest table. if (!loadMemberContext($message['ID_MEMBER'])) { // Notice this information isn't used anywhere else.... *cough guest table cough*. $memberContext[$message['ID_MEMBER']]['name'] = $message['posterName']; $memberContext[$message['ID_MEMBER']]['id'] = 0; $memberContext[$message['ID_MEMBER']]['group'] = $txt[28]; $memberContext[$message['ID_MEMBER']]['link'] = $message['posterName']; $memberContext[$message['ID_MEMBER']]['email'] = $message['posterEmail']; } $memberContext[$message['ID_MEMBER']]['ip'] = $message['posterIP']; // Do the censor thang... censorText($message['body']); censorText($message['subject']); censorText($message['first_subject']); censorText($message['last_subject']); // Shorten this message if necessary. if ($context['compact']) { // Set the number of characters before and after the searched keyword. $charLimit = 40; $message['body'] = strtr($message['body'], array("\n" => ' ', '<br />' => "\n")); $message['body'] = parse_bbc($message['body'], $message['smileysEnabled'], $message['ID_MSG']); $message['body'] = strip_tags(strtr($message['body'], array('</div>' => '<br />')), '<br>'); if (strlen($message['body']) > $charLimit) { if (empty($context['key_words'])) { $message['body'] = $func['strlen']($message['body']) > $charLimit ? $func['substr']($message['body'], 0, $charLimit) . '<b>...</b>' : $message['body']; } else { $matchString = ''; $force_partial_word = false; foreach ($context['key_words'] as $keyword) { $keyword = preg_replace('~(&#(\\d{1,7}|x[0-9a-fA-F]{1,6});)~e', '$GLOBALS[\'func\'][\'entity_fix\'](\'\\2\')', strtr($keyword, array('\\\'' => '\'', '&' => '&'))); if (preg_match('~[\'\\.,/@%&;:(){}\\[\\]_\\-+\\\\]$~', $keyword) != 0 || preg_match('~^[\'\\.,/@%&;:(){}\\[\\]_\\-+\\\\]~', $keyword) != 0) { $force_partial_word = true; } $matchString .= strtr(preg_quote($keyword, '/'), array('\\*' => '.+?')) . '|'; } $matchString = substr($matchString, 0, -1); $message['body'] = un_htmlspecialchars(strtr($message['body'], array(' ' => ' ', '<br />' => "\n", '[' => '[', ']' => ']', ':' => ':', '@' => '@'))); if (empty($modSettings['search_method']) || $force_partial_word) { preg_match_all('/([^\\s\\W]{' . $charLimit . '}[\\s\\W]|[\\s\\W].{0,' . $charLimit . '}?|^)(' . $matchString . ')(.{0,' . $charLimit . '}[\\s\\W]|[^\\s\\W]{' . $charLimit . '})/is' . ($context['utf8'] ? 'u' : ''), $message['body'], $matches); } else { preg_match_all('/([^\\s\\W]{' . $charLimit . '}[\\s\\W]|[\\s\\W].{0,' . $charLimit . '}?[\\s\\W]|^)(' . $matchString . ')([\\s\\W].{0,' . $charLimit . '}[\\s\\W]|[\\s\\W][^\\s\\W]{' . $charLimit . '})/is' . ($context['utf8'] ? 'u' : ''), $message['body'], $matches); } $message['body'] = ''; foreach ($matches[0] as $index => $match) { $match = strtr(htmlspecialchars($match, ENT_QUOTES), array("\n" => '<br />')); $message['body'] .= '<b>...</b> ' . $match . ' <b>...</b><br />'; } } // Re-fix the international characters. $message['body'] = preg_replace('~(&#(\\d{1,7}|x[0-9a-fA-F]{1,6});)~e', '$GLOBALS[\'func\'][\'entity_fix\'](\'\\2\')', $message['body']); } } else { // Run UBBC interpreter on the message. $message['body'] = parse_bbc($message['body'], $message['smileysEnabled'], $message['ID_MSG']); } // Sadly, we need to check the icon ain't broke. if (empty($modSettings['messageIconChecks_disable'])) { if (!isset($context['icon_sources'][$message['firstIcon']])) { $context['icon_sources'][$message['firstIcon']] = file_exists($settings['theme_dir'] . '/images/post/' . $message['firstIcon'] . '.gif') ? 'images_url' : 'default_images_url'; } if (!isset($context['icon_sources'][$message['lastIcon']])) { $context['icon_sources'][$message['lastIcon']] = file_exists($settings['theme_dir'] . '/images/post/' . $message['lastIcon'] . '.gif') ? 'images_url' : 'default_images_url'; } if (!isset($context['icon_sources'][$message['icon']])) { $context['icon_sources'][$message['icon']] = file_exists($settings['theme_dir'] . '/images/post/' . $message['icon'] . '.gif') ? 'images_url' : 'default_images_url'; } } else { if (!isset($context['icon_sources'][$message['firstIcon']])) { $context['icon_sources'][$message['firstIcon']] = 'images_url'; } if (!isset($context['icon_sources'][$message['lastIcon']])) { $context['icon_sources'][$message['lastIcon']] = 'images_url'; } if (!isset($context['icon_sources'][$message['icon']])) { $context['icon_sources'][$message['icon']] = 'images_url'; } } $output = array_merge($context['topics'][$message['ID_MSG']], array('is_sticky' => !empty($modSettings['enableStickyTopics']) && !empty($message['isSticky']), 'is_locked' => !empty($message['locked']), 'is_poll' => $modSettings['pollMode'] == '1' && $message['ID_POLL'] > 0, 'is_hot' => $message['numReplies'] >= $modSettings['hotTopicPosts'], 'is_very_hot' => $message['numReplies'] >= $modSettings['hotTopicVeryPosts'], 'posted_in' => !empty($participants[$message['ID_TOPIC']]), 'views' => $message['numViews'], 'replies' => $message['numReplies'], 'can_reply' => in_array($message['ID_BOARD'], $boards_can['post_reply_any']) || in_array(0, $boards_can['post_reply_any']), 'can_mark_notify' => in_array($message['ID_BOARD'], $boards_can['mark_any_notify']) || in_array(0, $boards_can['mark_any_notify']) && !$context['user']['is_guest'], 'first_post' => array('id' => $message['first_msg'], 'time' => timeformat($message['first_posterTime']), 'timestamp' => forum_time(true, $message['first_posterTime']), 'subject' => $message['first_subject'], 'href' => $scripturl . '?topic=' . $message['ID_TOPIC'] . '.0', 'link' => '<a href="' . $scripturl . '?topic=' . $message['ID_TOPIC'] . '.0">' . $message['first_subject'] . '</a>', 'icon' => $message['firstIcon'], 'icon_url' => $settings[$context['icon_sources'][$message['firstIcon']]] . '/post/' . $message['firstIcon'] . '.gif', 'member' => array('id' => $message['first_member_id'], 'name' => $message['first_member_name'], 'href' => !empty($message['first_member_id']) ? $scripturl . '?action=profile;u=' . $message['first_member_id'] : '', 'link' => !empty($message['first_member_id']) ? '<a href="' . $scripturl . '?action=profile;u=' . $message['first_member_id'] . '" title="' . $txt[92] . ' ' . $message['first_member_name'] . '">' . $message['first_member_name'] . '</a>' : $message['first_member_name'])), 'last_post' => array('id' => $message['last_msg'], 'time' => timeformat($message['last_posterTime']), 'timestamp' => forum_time(true, $message['last_posterTime']), 'subject' => $message['last_subject'], 'href' => $scripturl . '?topic=' . $message['ID_TOPIC'] . ($message['numReplies'] == 0 ? '.0' : '.msg' . $message['last_msg']) . '#msg' . $message['last_msg'], 'link' => '<a href="' . $scripturl . '?topic=' . $message['ID_TOPIC'] . ($message['numReplies'] == 0 ? '.0' : '.msg' . $message['last_msg']) . '#msg' . $message['last_msg'] . '">' . $message['last_subject'] . '</a>', 'icon' => $message['lastIcon'], 'icon_url' => $settings[$context['icon_sources'][$message['lastIcon']]] . '/post/' . $message['lastIcon'] . '.gif', 'member' => array('id' => $message['last_member_id'], 'name' => $message['last_member_name'], 'href' => !empty($message['last_member_id']) ? $scripturl . '?action=profile;u=' . $message['last_member_id'] : '', 'link' => !empty($message['last_member_id']) ? '<a href="' . $scripturl . '?action=profile;u=' . $message['last_member_id'] . '" title="' . $txt[92] . ' ' . $message['last_member_name'] . '">' . $message['last_member_name'] . '</a>' : $message['last_member_name'])), 'board' => array('id' => $message['ID_BOARD'], 'name' => $message['bName'], 'href' => $scripturl . '?board=' . $message['ID_BOARD'] . '.0', 'link' => '<a href="' . $scripturl . '?board=' . $message['ID_BOARD'] . '.0">' . $message['bName'] . '</a>'), 'category' => array('id' => $message['ID_CAT'], 'name' => $message['cName'], 'href' => $scripturl . '#' . $message['ID_CAT'], 'link' => '<a href="' . $scripturl . '#' . $message['ID_CAT'] . '">' . $message['cName'] . '</a>'))); determineTopicClass($output); if ($output['posted_in']) { $output['class'] = 'my_' . $output['class']; } $body_highlighted = $message['body']; $subject_highlighted = $message['subject']; if (!empty($options['display_quick_mod'])) { $started = $output['first_post']['member']['id'] == $ID_MEMBER; $output['quick_mod'] = array('lock' => in_array(0, $boards_can['lock_any']) || in_array($output['board']['id'], $boards_can['lock_any']) || $started && (in_array(0, $boards_can['lock_own']) || in_array($output['board']['id'], $boards_can['lock_own'])), 'sticky' => (in_array(0, $boards_can['make_sticky']) || in_array($output['board']['id'], $boards_can['make_sticky'])) && !empty($modSettings['enableStickyTopics']), 'move' => in_array(0, $boards_can['move_any']) || in_array($output['board']['id'], $boards_can['move_any']) || $started && (in_array(0, $boards_can['move_own']) || in_array($output['board']['id'], $boards_can['move_own'])), 'remove' => in_array(0, $boards_can['remove_any']) || in_array($output['board']['id'], $boards_can['remove_any']) || $started && (in_array(0, $boards_can['remove_own']) || in_array($output['board']['id'], $boards_can['remove_own']))); $context['can_lock'] |= $output['quick_mod']['lock']; $context['can_sticky'] |= $output['quick_mod']['sticky']; $context['can_move'] |= $output['quick_mod']['move']; $context['can_remove'] |= $output['quick_mod']['remove']; $context['can_merge'] |= in_array($output['board']['id'], $boards_can['merge_any']); } foreach ($context['key_words'] as $query) { // Fix the international characters in the keyword too. $query = strtr($func['htmlspecialchars']($query), array('\\\'' => '\'')); $body_highlighted = preg_replace('/((<[^>]*)|' . preg_quote(strtr($query, array('\'' => ''')), '/') . ')/ie' . ($context['utf8'] ? 'u' : ''), "'\$2' == '\$1' ? stripslashes('\$1') : '<b class=\"highlight\">\$1</b>'", $body_highlighted); $subject_highlighted = preg_replace('/(' . preg_quote($query, '/') . ')/i' . ($context['utf8'] ? 'u' : ''), '<b class="highlight">$1</b>', $subject_highlighted); } $output['matches'][] = array('id' => $message['ID_MSG'], 'attachment' => loadAttachmentContext($message['ID_MSG']), 'alternate' => $counter % 2, 'member' => &$memberContext[$message['ID_MEMBER']], 'icon' => $message['icon'], 'icon_url' => $settings[$context['icon_sources'][$message['icon']]] . '/post/' . $message['icon'] . '.gif', 'subject' => $message['subject'], 'subject_highlighted' => $subject_highlighted, 'time' => timeformat($message['posterTime']), 'timestamp' => forum_time(true, $message['posterTime']), 'counter' => $counter, 'modified' => array('time' => timeformat($message['modifiedTime']), 'timestamp' => forum_time(true, $message['modifiedTime']), 'name' => $message['modifiedName']), 'body' => $message['body'], 'body_highlighted' => $body_highlighted, 'start' => 'msg' . $message['ID_MSG']); $counter++; return $output; }
function getXmlProfile($xml_format) { global $scripturl, $memberContext, $user_profile, $modSettings, $user_info; // You must input a valid user.... if (empty($_GET['u']) || loadMemberData((int) $_GET['u']) === false) { return array(); } // Make sure the id is a number and not "I like trying to hack the database". $_GET['u'] = (int) $_GET['u']; // Load the member's contextual information! if (!loadMemberContext($_GET['u']) || !allowedTo('profile_view_any')) { return array(); } // Okay, I admit it, I'm lazy. Stupid $_GET['u'] is long and hard to type. $profile =& $memberContext[$_GET['u']]; if ($xml_format == 'rss' || $xml_format == 'rss2') { $data = array(array('title' => cdata_parse($profile['name']), 'link' => $scripturl . '?action=profile;u=' . $profile['id'], 'description' => cdata_parse(isset($profile['group']) ? $profile['group'] : $profile['post_group']), 'comments' => $scripturl . '?action=pm;sa=send;u=' . $profile['id'], 'pubDate' => gmdate('D, d M Y H:i:s \\G\\M\\T', $user_profile[$profile['id']]['dateRegistered']), 'guid' => $scripturl . '?action=profile;u=' . $profile['id'])); } elseif ($xml_format == 'rdf') { $data = array(array('title' => cdata_parse($profile['name']), 'link' => $scripturl . '?action=profile;u=' . $profile['id'], 'description' => cdata_parse(isset($profile['group']) ? $profile['group'] : $profile['post_group']))); } elseif ($xml_format == 'atom') { $data[] = array('title' => cdata_parse($profile['name']), 'link' => $scripturl . '?action=profile;u=' . $profile['id'], 'summary' => cdata_parse(isset($profile['group']) ? $profile['group'] : $profile['post_group']), 'created' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', $user_profile[$profile['id']]['dateRegistered']), 'issued' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', $user_profile[$profile['id']]['dateRegistered']), 'modified' => gmstrftime('%Y-%m-%dT%H:%M:%SZ', $user_profile[$profile['id']]['lastLogin']), 'id' => $scripturl . '?action=profile;u=' . $profile['id']); } else { $data = array('username' => cdata_parse($profile['username']), 'name' => cdata_parse($profile['name']), 'link' => $scripturl . '?action=profile;u=' . $profile['id'], 'posts' => $profile['posts'], 'post-group' => cdata_parse($profile['post_group']), 'language' => cdata_parse($profile['language']), 'last-login' => gmdate('D, d M Y H:i:s \\G\\M\\T', $user_profile[$profile['id']]['lastLogin']), 'registered' => gmdate('D, d M Y H:i:s \\G\\M\\T', $user_profile[$profile['id']]['dateRegistered'])); // Everything below here might not be set, and thus maybe shouldn't be displayed. if ($profile['gender']['name'] != '') { $data['gender'] = cdata_parse($profile['gender']['name']); } if ($profile['avatar']['name'] != '') { $data['avatar'] = $profile['avatar']['url']; } // If they are online, show an empty tag... no reason to put anything inside it. if ($profile['online']['is_online']) { $data['online'] = ''; } if ($profile['signature'] != '') { $data['signature'] = cdata_parse($profile['signature']); } if ($profile['blurb'] != '') { $data['blurb'] = cdata_parse($profile['blurb']); } if ($profile['location'] != '') { $data['location'] = cdata_parse($profile['location']); } if ($profile['title'] != '') { $data['title'] = cdata_parse($profile['title']); } if (!empty($profile['icq']['name']) && !(!empty($modSettings['guest_hideContacts']) && $user_info['is_guest'])) { $data['icq'] = $profile['icq']['name']; } if ($profile['aim']['name'] != '' && !(!empty($modSettings['guest_hideContacts']) && $user_info['is_guest'])) { $data['aim'] = $profile['aim']['name']; } if ($profile['msn']['name'] != '' && !(!empty($modSettings['guest_hideContacts']) && $user_info['is_guest'])) { $data['msn'] = $profile['msn']['name']; } if ($profile['yim']['name'] != '' && !(!empty($modSettings['guest_hideContacts']) && $user_info['is_guest'])) { $data['yim'] = $profile['yim']['name']; } if ($profile['website']['title'] != '') { $data['website'] = array('title' => cdata_parse($profile['website']['title']), 'link' => $profile['website']['url']); } if ($profile['group'] != '') { $data['postition'] = cdata_parse($profile['group']); } if (!empty($modSettings['karmaMode'])) { $data['karma'] = array('good' => $profile['karma']['good'], 'bad' => $profile['karma']['bad']); } if ((empty($profile['hide_email']) || empty($modSettings['allow_hideEmail'])) && !(!empty($modSettings['guest_hideContacts']) && $user_info['is_guest'])) { $data['email'] = $profile['email']; } if (!empty($profile['birth_date']) && substr($profile['birth_date'], 0, 4) != '0000') { list($birth_year, $birth_month, $birth_day) = sscanf($profile['birth_date'], '%d-%d-%d'); $datearray = getdate(forum_time()); $data['age'] = $datearray['year'] - $birth_year - ($datearray['mon'] > $birth_month || $datearray['mon'] == $birth_month && $datearray['mday'] >= $birth_day ? 0 : 1); } } // Save some memory. unset($profile); unset($memberContext[$_GET['u']]); return $data; }
function shd_profile_frontpage($memID) { global $context, $memberContext, $txt, $modSettings, $user_info, $user_profile, $sourcedir, $scripturl, $smcFunc; // Attempt to load the member's profile data. if (!loadMemberContext($memID) || !isset($memberContext[$memID])) { fatal_lang_error('not_a_user', false); } $context['page_title'] = $txt['shd_profile_area'] . ' - ' . $txt['shd_profile_main']; $context['sub_template'] = 'shd_profile_main'; $query = shd_db_query('', ' SELECT COUNT(id_ticket) AS count, status FROM {db_prefix}helpdesk_tickets AS hdt WHERE id_member_started = {int:member} GROUP BY status', array('member' => $memID)); $context['shd_numtickets'] = 0; $context['shd_numopentickets'] = 0; while ($row = $smcFunc['db_fetch_assoc']($query)) { $context['shd_numtickets'] += $row['count']; if ($row['status'] != TICKET_STATUS_CLOSED && $row['status'] != TICKET_STATUS_DELETED) { $context['shd_numopentickets'] += $row['count']; } } $context['shd_numtickets'] = comma_format($context['shd_numtickets']); $context['shd_numopentickets'] = comma_format($context['shd_numopentickets']); $smcFunc['db_free_result']($query); $query = shd_db_query('', ' SELECT COUNT(id_ticket) FROM {db_prefix}helpdesk_tickets WHERE id_member_assigned = {int:member}', array('member' => $memID)); list($context['shd_numassigned']) = $smcFunc['db_fetch_row']($query); $smcFunc['db_free_result']($query); $context['shd_numassigned'] = comma_format($context['shd_numassigned']); $context['can_post_ticket'] = shd_allowed_to('shd_new_ticket', 0) && $memID == $context['user']['id']; $context['can_post_proxy'] = shd_allowed_to('shd_new_ticket', 0) && shd_allowed_to('shd_post_proxy', 0) && $memID != $context['user']['id']; // since it's YOUR permissions, whether you can post on behalf of this user and this user isn't you! // Everything hereafter is HD only stuff. if (empty($modSettings['shd_helpdesk_only'])) { return; } $context['can_send_pm'] = allowedTo('pm_send') && (empty($modSettings['shd_helpdesk_only']) || empty($modSettings['shd_disable_pm'])); $context['member'] =& $memberContext[$memID]; if (allowedTo('moderate_forum')) { // Make sure it's a valid ip address; otherwise, don't bother... if (preg_match('/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$/', $memberContext[$memID]['ip']) == 1 && empty($modSettings['disableHostnameLookup'])) { $context['member']['hostname'] = host_from_ip($memberContext[$memID]['ip']); } else { $context['member']['hostname'] = ''; } $context['can_see_ip'] = true; } else { $context['can_see_ip'] = false; } // If the user is awaiting activation, and the viewer has permission - setup some activation context messages. if ($context['member']['is_activated'] % 10 != 1 && allowedTo('moderate_forum')) { $context['activate_type'] = $context['member']['is_activated']; // What should the link text be? $context['activate_link_text'] = in_array($context['member']['is_activated'], array(3, 4, 5, 13, 14, 15)) ? $txt['account_approve'] : $txt['account_activate']; // Should we show a custom message? $context['activate_message'] = isset($txt['account_activate_method_' . $context['member']['is_activated'] % 10]) ? $txt['account_activate_method_' . $context['member']['is_activated'] % 10] : $txt['account_not_activated']; } // How about, are they banned? $context['member']['bans'] = array(); if (allowedTo('moderate_forum')) { // Can they edit the ban? $context['can_edit_ban'] = allowedTo('manage_bans'); $ban_query = array(); $ban_query_vars = array('time' => time()); $ban_query[] = 'id_member = ' . $context['member']['id']; // Valid IP? if (preg_match('/^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$/', $memberContext[$memID]['ip'], $ip_parts) == 1) { $ban_query[] = '((' . $ip_parts[1] . ' BETWEEN bi.ip_low1 AND bi.ip_high1) AND (' . $ip_parts[2] . ' BETWEEN bi.ip_low2 AND bi.ip_high2) AND (' . $ip_parts[3] . ' BETWEEN bi.ip_low3 AND bi.ip_high3) AND (' . $ip_parts[4] . ' BETWEEN bi.ip_low4 AND bi.ip_high4))'; // Do we have a hostname already? if (!empty($context['member']['hostname'])) { $ban_query[] = '({string:hostname} LIKE hostname)'; $ban_query_vars['hostname'] = $context['member']['hostname']; } } elseif ($memberContext[$memID]['ip'] == 'unknown') { $ban_query[] = '(bi.ip_low1 = 255 AND bi.ip_high1 = 255 AND bi.ip_low2 = 255 AND bi.ip_high2 = 255 AND bi.ip_low3 = 255 AND bi.ip_high3 = 255 AND bi.ip_low4 = 255 AND bi.ip_high4 = 255)'; } // Check their email as well... if (strlen($context['member']['email']) != 0) { $ban_query[] = '({string:email} LIKE bi.email_address)'; $ban_query_vars['email'] = $context['member']['email']; } // So... are they banned? Dying to know! $request = $smcFunc['db_query']('', ' SELECT bg.id_ban_group, bg.name, bg.cannot_access, bg.cannot_post, bg.cannot_register, bg.cannot_login, bg.reason FROM {db_prefix}ban_items AS bi INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group AND (bg.expire_time IS NULL OR bg.expire_time > {int:time})) WHERE (' . implode(' OR ', $ban_query) . ')', $ban_query_vars); while ($row = $smcFunc['db_fetch_assoc']($request)) { // Work out what restrictions we actually have. $ban_restrictions = array(); foreach (array('access', 'register', 'login', 'post') as $type) { if ($row['cannot_' . $type]) { $ban_restrictions[] = $txt['ban_type_' . $type]; } } // No actual ban in place? if (empty($ban_restrictions)) { continue; } // Prepare the link for context. $ban_explanation = sprintf($txt['user_cannot_due_to'], implode(', ', $ban_restrictions), '<a href="' . $scripturl . '?action=admin;area=ban;sa=edit;bg=' . $row['id_ban_group'] . '">' . $row['name'] . '</a>'); $context['member']['bans'][$row['id_ban_group']] = array('reason' => empty($row['reason']) ? '' : '<br /><br /><strong>' . $txt['ban_reason'] . ':</strong> ' . $row['reason'], 'cannot' => array('access' => !empty($row['cannot_access']), 'register' => !empty($row['cannot_register']), 'post' => !empty($row['cannot_post']), 'login' => !empty($row['cannot_login'])), 'explanation' => $ban_explanation); } $smcFunc['db_free_result']($request); } }
function Who() { global $context, $scripturl, $user_info, $txt, $modSettings, $memberContext, $smcFunc; // Permissions, permissions, permissions. isAllowedTo('who_view'); // You can't do anything if this is off. if (empty($modSettings['who_enabled'])) { fatal_lang_error('who_off', false); } // Load the 'Who' template. loadTemplate('Who'); loadLanguage('Who'); // Sort out... the column sorting. $sort_methods = array('user' => 'mem.real_name', 'time' => 'lo.log_time'); $show_methods = array('members' => '(lo.id_member != 0)', 'guests' => '(lo.id_member = 0)', 'all' => '1=1'); // Store the sort methods and the show types for use in the template. $context['sort_methods'] = array('user' => $txt['who_user'], 'time' => $txt['who_time']); $context['show_methods'] = array('all' => $txt['who_show_all'], 'members' => $txt['who_show_members_only'], 'guests' => $txt['who_show_guests_only']); // Can they see spiders too? if (!empty($modSettings['show_spider_online']) && ($modSettings['show_spider_online'] == 2 || allowedTo('admin_forum')) && !empty($modSettings['spider_name_cache'])) { $show_methods['spiders'] = '(lo.id_member = 0 AND lo.id_spider > 0)'; $show_methods['guests'] = '(lo.id_member = 0 AND lo.id_spider = 0)'; $context['show_methods']['spiders'] = $txt['who_show_spiders_only']; } elseif (empty($modSettings['show_spider_online']) && isset($_SESSION['who_online_filter']) && $_SESSION['who_online_filter'] == 'spiders') { unset($_SESSION['who_online_filter']); } // Does the user prefer a different sort direction? if (isset($_REQUEST['sort']) && isset($sort_methods[$_REQUEST['sort']])) { $context['sort_by'] = $_SESSION['who_online_sort_by'] = $_REQUEST['sort']; $sort_method = $sort_methods[$_REQUEST['sort']]; } elseif (isset($_SESSION['who_online_sort_by'])) { $context['sort_by'] = $_SESSION['who_online_sort_by']; $sort_method = $sort_methods[$_SESSION['who_online_sort_by']]; } else { $context['sort_by'] = $_SESSION['who_online_sort_by'] = 'time'; $sort_method = 'lo.log_time'; } $context['sort_direction'] = isset($_REQUEST['asc']) || isset($_REQUEST['sort_dir']) && $_REQUEST['sort_dir'] == 'asc' ? 'up' : 'down'; $conditions = array(); if (!allowedTo('moderate_forum')) { $conditions[] = '(IFNULL(mem.show_online, 1) = 1)'; } // Fallback to top filter? if (isset($_REQUEST['submit_top']) && isset($_REQUEST['show_top'])) { $_REQUEST['show'] = $_REQUEST['show_top']; } // Does the user wish to apply a filter? if (isset($_REQUEST['show']) && isset($show_methods[$_REQUEST['show']])) { $context['show_by'] = $_SESSION['who_online_filter'] = $_REQUEST['show']; $conditions[] = $show_methods[$_REQUEST['show']]; } elseif (isset($_SESSION['who_online_filter'])) { $context['show_by'] = $_SESSION['who_online_filter']; $conditions[] = $show_methods[$_SESSION['who_online_filter']]; } else { $context['show_by'] = $_SESSION['who_online_filter'] = 'all'; } // Get the total amount of members online. $request = $smcFunc['db_query']('', ' SELECT COUNT(*) FROM {db_prefix}log_online AS lo LEFT JOIN {db_prefix}members AS mem ON (lo.id_member = mem.id_member)' . (!empty($conditions) ? ' WHERE ' . implode(' AND ', $conditions) : ''), array()); list($totalMembers) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); // Prepare some page index variables. $context['page_index'] = constructPageIndex($scripturl . '?action=who;sort=' . $context['sort_by'] . ($context['sort_direction'] == 'up' ? ';asc' : '') . ';show=' . $context['show_by'], $_REQUEST['start'], $totalMembers, $modSettings['defaultMaxMembers']); $context['start'] = $_REQUEST['start']; // Look for people online, provided they don't mind if you see they are. $request = $smcFunc['db_query']('', ' SELECT lo.log_time, lo.id_member, lo.url, INET_NTOA(lo.ip) AS ip, mem.real_name, lo.session, mg.online_color, IFNULL(mem.show_online, 1) AS show_online, lo.id_spider FROM {db_prefix}log_online AS lo LEFT JOIN {db_prefix}members AS mem ON (lo.id_member = mem.id_member) LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = CASE WHEN mem.id_group = {int:regular_member} THEN mem.id_post_group ELSE mem.id_group END)' . (!empty($conditions) ? ' WHERE ' . implode(' AND ', $conditions) : '') . ' ORDER BY {raw:sort_method} {raw:sort_direction} LIMIT {int:offset}, {int:limit}', array('regular_member' => 0, 'sort_method' => $sort_method, 'sort_direction' => $context['sort_direction'] == 'up' ? 'ASC' : 'DESC', 'offset' => $context['start'], 'limit' => $modSettings['defaultMaxMembers'])); $context['members'] = array(); $member_ids = array(); $url_data = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $actions = @unserialize($row['url']); if ($actions === false) { continue; } // Send the information to the template. $context['members'][$row['session']] = array('id' => $row['id_member'], 'ip' => allowedTo('moderate_forum') ? $row['ip'] : '', 'time' => strtr(timeformat($row['log_time']), array($txt['today'] => '', $txt['yesterday'] => '')), 'timestamp' => forum_time(true, $row['log_time']), 'query' => $actions, 'is_hidden' => $row['show_online'] == 0, 'id_spider' => $row['id_spider'], 'color' => empty($row['online_color']) ? '' : $row['online_color']); $url_data[$row['session']] = array($row['url'], $row['id_member']); $member_ids[] = $row['id_member']; } $smcFunc['db_free_result']($request); // Load the user data for these members. loadMemberData($member_ids); // Load up the guest user. $memberContext[0] = array('id' => 0, 'name' => $txt['guest_title'], 'group' => $txt['guest_title'], 'href' => '', 'link' => $txt['guest_title'], 'email' => $txt['guest_title'], 'is_guest' => true); // Are we showing spiders? $spiderContext = array(); if (!empty($modSettings['show_spider_online']) && ($modSettings['show_spider_online'] == 2 || allowedTo('admin_forum')) && !empty($modSettings['spider_name_cache'])) { foreach (unserialize($modSettings['spider_name_cache']) as $id => $name) { $spiderContext[$id] = array('id' => 0, 'name' => $name, 'group' => $txt['spiders'], 'href' => '', 'link' => $name, 'email' => $name, 'is_guest' => true); } } $url_data = determineActions($url_data); // Setup the linktree and page title (do it down here because the language files are now loaded..) $context['page_title'] = $txt['who_title']; $context['linktree'][] = array('url' => $scripturl . '?action=who', 'name' => $txt['who_title']); // Put it in the context variables. foreach ($context['members'] as $i => $member) { if ($member['id'] != 0) { $member['id'] = loadMemberContext($member['id']) ? $member['id'] : 0; } // Keep the IP that came from the database. $memberContext[$member['id']]['ip'] = $member['ip']; $context['members'][$i]['action'] = isset($url_data[$i]) ? $url_data[$i] : $txt['who_hidden']; if ($member['id'] == 0 && isset($spiderContext[$member['id_spider']])) { $context['members'][$i] += $spiderContext[$member['id_spider']]; } else { $context['members'][$i] += $memberContext[$member['id']]; } } // Some people can't send personal messages... $context['can_send_pm'] = allowedTo('pm_send'); // any profile fields disabled? $context['disabled_fields'] = isset($modSettings['disabled_profile_fields']) ? array_flip(explode(',', $modSettings['disabled_profile_fields'])) : array(); }
cache_put_data('bk_top_poster', $return, 1800); } else { $return = cache_get_data('bk_top_poster', 1800); } } else { $return = ssi_topPoster($topNumber, 'array'); } // Make a quick array to list the links in. echo ' <table style="border-spacing:5px;width:100%;" border="0" cellspacing="1" cellpadding="3"> '; $count = 0; foreach ($return as $member) { //load member data loadMemberData($member['id']); loadMemberContext($member['id']); //end load member data... $count++; echo ' <tr> <td align="left">'; if (!empty($memberContext[$member['id']]['avatar']['href'])) { echo '<img src="' . $memberContext[$member['id']]['avatar']['href'] . '" style="-moz-box-shadow: 0px 0px 5px #444; -webkit-box-shadow: 0px 0px 5px #444; box-shadow: 0px 0px 5px #444;" width="50px;" alt="" />'; } echo '</td> <td width="100%" valign="middle"> ', $count == 1 ? '<img src="' . $settings['default_images_url'] . '/ultimate-portal/icons/1.gif" width="22px" alt="" />' : '', ' ', $count == 2 ? '<img src="' . $settings['default_images_url'] . '/ultimate-portal/icons/2.gif" width="22px" alt="" />' : '', '
function template_main() { global $scripturl, $context, $txt, $settings, $modSettings, $user_profile, $memberContext; // Check if the user is an Admin $manage_staff = allowedTo('admin_forum'); $bbc_check = function_exists('parse_bbc'); echo '<div class="tborder">'; echo '<br />'; $totalcols = 1; if ($modSettings['smfstaff_showavatar']) { $totalcols++; } if ($modSettings['smfstaff_showlastactive']) { $totalcols++; } if ($modSettings['smfstaff_showdateregistered']) { $totalcols++; } if ($modSettings['smfstaff_showcontactinfo']) { $totalcols++; } foreach ($context['smfstaff_groups'] as $id => $data) { $count_users = count(@$context['smfstaff_users'][$data['id']]); if ($count_users == 0) { continue; } echo '<table border="0" cellspacing="0" cellpadding="2" width="100%">'; echo '<tr>'; echo '<td class="catbg2" width="30%">', $data['name'], '</td>'; if ($modSettings['smfstaff_showavatar']) { echo '<td class="catbg2" width="25%">', $txt['smfstaff_avatar'], '</td>'; } if ($modSettings['smfstaff_showlastactive']) { echo '<td class="catbg2" width="25%">', $txt['smfstaff_lastactive'], '</td>'; } if ($modSettings['smfstaff_showdateregistered']) { echo '<td class="catbg2" width="25%">', $txt['smfstaff_dateregistered'], '</td>'; } if ($modSettings['smfstaff_showcontactinfo']) { echo '<td class="catbg2" width="30%">', $txt['smfstaff_contact'], '</td>'; } echo '</tr>'; foreach (@$context['smfstaff_users'][$data['id']] as $id => $row2) { echo '<tr>'; echo '<td class="windowbg"><a href="' . $scripturl . '?action=profile;u=' . $row2['ID_MEMBER'] . '"><font color="' . $data['color'] . '">' . $row2['realName'] . '</font></a></td>'; if ($modSettings['smfstaff_showavatar']) { echo '<td class="windowbg">'; // Display the users avatar $memCommID = $row2['ID_MEMBER']; loadMemberData($memCommID); loadMemberContext($memCommID); echo $memberContext[$memCommID]['avatar']['image']; echo '</td>'; } if ($modSettings['smfstaff_showlastactive']) { echo '<td class="windowbg">' . timeformat($row2['lastLogin']) . '</td>'; } if ($modSettings['smfstaff_showdateregistered']) { echo '<td class="windowbg">' . timeformat($row2['dateRegistered']) . '</td>'; } if ($modSettings['smfstaff_showcontactinfo']) { echo '<td class="windowbg">'; //Send email row if ($row2['hideEmail'] == 0) { echo '<a href="mailto:', $row2['emailAddress'], '"><img src="' . $settings['images_url'] . '/email_sm.gif" alt="email" /></a> '; } if ($row2['ICQ'] != '') { echo '<a href="http://www.icq.com/whitepages/about_me.php?uin=' . $row2['ICQ'] . '" target="_blank"><img src="http://status.icq.com/online.gif?img=5&icq=' . $row2['ICQ'] . '" alt="' . $row2['ICQ'] . '" width="18" height="18" border="0" /></a> '; } if ($row2['AIM'] != '') { echo '<a href="aim:goim?screenname=' . urlencode(strtr($row2['AIM'], array(' ' => '%20'))) . '&message=' . $txt['aim_default_message'] . '"><img src="' . $settings['images_url'] . '/aim.gif" alt="' . $row2['AIM'] . '" border="0" /></a> '; } if ($row2['YIM'] != '') { echo '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($row2['YIM']) . '"><img src="http://opi.yahoo.com/online?u=' . urlencode($row2['YIM']) . '&m=g&t=0" alt="' . $row2['YIM'] . '" border="0" /></a> '; } if ($row2['MSN'] != '') { echo '<a href="http://members.msn.com/' . $row2['MSN'] . '" target="_blank"><img src="' . $settings['images_url'] . '/msntalk.gif" alt="' . $row2['MSN'] . '" border="0" /></a> '; } // Send PM row echo '<a href="' . $scripturl . '?action=pm;sa=send;u=' . $row2['ID_MEMBER'] . '">' . $txt['smfstaff_sendpm'] . '</a>'; echo '</td>'; } // End Contact Information echo '</tr>'; } // If they are allowed to manage the staff page give them the option if ($manage_staff) { echo '<tr> <td align="center" colspan="', $totalcols, '" class="windowbg"> <a href="' . $scripturl . '?action=staff;sa=catdown&id=' . $data['id'] . '">' . $txt['smfstaff_down'] . '</a> | <a href="' . $scripturl . '?action=staff;sa=catup&id=' . $data['id'] . '">' . $txt['smfstaff_up'] . '</a> | <a href="' . $scripturl . '?action=staff;sa=delete&id=' . $data['id'] . ';ret">' . $txt['smfstaff_delgroup'] . '</a></td></tr>'; } echo '</table>'; // Seperate the groups from the local mods. echo '<br />'; } // End of Main staff listing if ($modSettings['smfstaff_showlocalmods']) { $localcount = count($context['smfstaff_localmods']); if ($localcount > 0) { echo '<table border="0" cellspacing="0" cellpadding="2" width="100%">'; echo '<tr>'; echo '<td class="catbg2" width="25%">', $txt['smfstaff_local'], '</td>'; if ($modSettings['smfstaff_showavatar']) { echo '<td class="catbg2" width="25%">', $txt['smfstaff_avatar'], '</td>'; } if ($modSettings['smfstaff_showlastactive']) { echo '<td class="catbg2" width="25%">', $txt['smfstaff_lastactive'], '</td>'; } if ($modSettings['smfstaff_showdateregistered']) { echo '<td class="catbg2" width="25%">', $txt['smfstaff_dateregistered'], '</td>'; } echo '<td class="catbg2" width="25%">', $txt['smfstaff_forums'], '</td>'; if ($modSettings['smfstaff_showcontactinfo']) { echo '<td class="catbg2" width="25%">', $txt['smfstaff_contact'], '</td>'; } echo '</tr>'; foreach ($context['smfstaff_localmods'] as $id => $data) { echo '<tr>'; echo '<td class="windowbg"><a href="', $scripturl, '?action=profile;u=', $data['id'], '">', $data['realName'], '</a></td>'; if ($modSettings['smfstaff_showavatar']) { echo '<td class="windowbg">'; //Display the users avatar $memCommID = $data['id']; loadMemberData($memCommID); loadMemberContext($memCommID); echo $memberContext[$memCommID]['avatar']['image']; echo '</td>'; } if ($modSettings['smfstaff_showlastactive']) { echo '<td class="windowbg">', timeformat($data['lastLogin']), '</td>'; } if ($modSettings['smfstaff_showdateregistered']) { echo '<td class="windowbg">', timeformat($data['dateRegistered']), '</td>'; } echo '<td class="windowbg">', $data['forums'], '</td>'; if ($modSettings['smfstaff_showcontactinfo']) { echo '<td class="windowbg" align="center">'; // Send email row if ($data['hideEmail'] == 0) { echo '<a href="mailto:', $data['emailAddress'], '"><img src="', $settings['images_url'], '/email_sm.gif" alt="email" /></a> '; } if ($data['ICQ'] != '') { echo '<a href="http://www.icq.com/whitepages/about_me.php?uin=', $data['ICQ'], '" target="_blank"><img src="http://status.icq.com/online.gif?img=5&icq=', $data['ICQ'], '" alt="', $data['ICQ'], '" width="18" height="18" border="0" /></a> '; } if ($data['AIM'] != '') { echo '<a href="aim:goim?screenname=', urlencode(strtr($data['AIM'], array(' ' => '%20'))), '&message=', $txt['aim_default_message'], '"><img src="', $settings['images_url'], '/aim.gif" alt="', $data['AIM'], '" border="0" /></a> '; } if ($data['YIM'] != '') { echo '<a href="http://edit.yahoo.com/config/send_webmesg?.target=', urlencode($data['YIM']), '"><img src="http://opi.yahoo.com/online?u=', urlencode($data['YIM']), '&m=g&t=0" alt="', $data['YIM'], '" border="0" /></a> '; } if ($data['MSN'] != '') { echo '<a href="http://members.msn.com/', $data['MSN'], '" target="_blank"><img src="', $settings['images_url'], '/msntalk.gif" alt="', $data['MSN'], '" border="0" /></a> '; } //Send PM row echo '<a href="', $scripturl, '?action=pm;sa=send;u=', $data['id'], '">', $txt['smfstaff_sendpm'], '</a>'; echo '</td>'; } // End smfstaff_showcontactinfo echo '</tr>'; } echo '</table>'; } // End of local mods count } // End of modSettings local mods check // If they can manage the staff page show them the link if ($manage_staff) { echo '<div align="center"><a href="', $scripturl, '?action=staff;sa=admin">', $txt['smfstaff_admin'], '</a></div><br />'; } echo '</div>'; // The Copyright is required to remain or contact me to purchase link removal. echo '<div align="center"><a href="http://www.smfhacks.com" target="blank">SMF Staff</a></div>'; }
function summary($memID) { global $context, $memberContext, $txt, $modSettings, $user_info, $user_profile, $sourcedir, $scripturl, $smcFunc; // Attempt to load the member's profile data. if (!loadMemberContext($memID) || !isset($memberContext[$memID])) { fatal_lang_error('not_a_user', false); } // Set up the stuff and load the user. $context += array('page_title' => sprintf($txt['profile_of_username'], $memberContext[$memID]['name']), 'can_send_pm' => allowedTo('pm_send'), 'can_have_buddy' => allowedTo('profile_identity_own') && !empty($modSettings['enable_buddylist']), 'can_issue_warning' => in_array('w', $context['admin_features']) && allowedTo('issue_warning') && $modSettings['warning_settings'][0] == 1); $context['member'] =& $memberContext[$memID]; $context['can_view_warning'] = in_array('w', $context['admin_features']) && (allowedTo('issue_warning') && !$context['user']['is_owner']) || !empty($modSettings['warning_show']) && ($modSettings['warning_show'] > 1 || $context['user']['is_owner']); // Set a canonical URL for this page. $context['canonical_url'] = $scripturl . '?action=profile;u=' . $memID; // Are there things we don't show? $context['disabled_fields'] = isset($modSettings['disabled_profile_fields']) ? array_flip(explode(',', $modSettings['disabled_profile_fields'])) : array(); // See if they have broken any warning levels... list($modSettings['warning_enable'], $modSettings['user_limit']) = explode(',', $modSettings['warning_settings']); if (!empty($modSettings['warning_mute']) && $modSettings['warning_mute'] <= $context['member']['warning']) { $context['warning_status'] = $txt['profile_warning_is_muted']; } elseif (!empty($modSettings['warning_moderate']) && $modSettings['warning_moderate'] <= $context['member']['warning']) { $context['warning_status'] = $txt['profile_warning_is_moderation']; } elseif (!empty($modSettings['warning_watch']) && $modSettings['warning_watch'] <= $context['member']['warning']) { $context['warning_status'] = $txt['profile_warning_is_watch']; } // They haven't even been registered for a full day!? $days_registered = (int) ((time() - $user_profile[$memID]['date_registered']) / (3600 * 24)); if (empty($user_profile[$memID]['date_registered']) || $days_registered < 1) { $context['member']['posts_per_day'] = $txt['not_applicable']; } else { $context['member']['posts_per_day'] = comma_format($context['member']['real_posts'] / $days_registered, 3); } // Set the age... if (empty($context['member']['birth_date'])) { $context['member'] += array('age' => $txt['not_applicable'], 'today_is_birthday' => false); } else { list($birth_year, $birth_month, $birth_day) = sscanf($context['member']['birth_date'], '%d-%d-%d'); $datearray = getdate(forum_time()); $context['member'] += array('age' => $birth_year <= 4 ? $txt['not_applicable'] : $datearray['year'] - $birth_year - ($datearray['mon'] > $birth_month || $datearray['mon'] == $birth_month && $datearray['mday'] >= $birth_day ? 0 : 1), 'today_is_birthday' => $datearray['mon'] == $birth_month && $datearray['mday'] == $birth_day); } if (allowedTo('moderate_forum')) { // Make sure it's a valid ip address; otherwise, don't bother... if (preg_match('/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$/', $memberContext[$memID]['ip']) == 1 && empty($modSettings['disableHostnameLookup'])) { $context['member']['hostname'] = host_from_ip($memberContext[$memID]['ip']); } else { $context['member']['hostname'] = ''; } $context['can_see_ip'] = true; } else { $context['can_see_ip'] = false; } if (!empty($modSettings['who_enabled'])) { include_once $sourcedir . '/Who.php'; $action = determineActions($user_profile[$memID]['url']); if ($action !== false) { $context['member']['action'] = $action; } } // If the user is awaiting activation, and the viewer has permission - setup some activation context messages. if ($context['member']['is_activated'] % 10 != 1 && allowedTo('moderate_forum')) { $context['activate_type'] = $context['member']['is_activated']; // What should the link text be? $context['activate_link_text'] = in_array($context['member']['is_activated'], array(3, 4, 5, 13, 14, 15)) ? $txt['account_approve'] : $txt['account_activate']; // Should we show a custom message? $context['activate_message'] = isset($txt['account_activate_method_' . $context['member']['is_activated'] % 10]) ? $txt['account_activate_method_' . $context['member']['is_activated'] % 10] : $txt['account_not_activated']; } // Is the signature even enabled on this forum? $context['signature_enabled'] = substr($modSettings['signature_settings'], 0, 1) == 1; // How about, are they banned? $context['member']['bans'] = array(); if (allowedTo('moderate_forum')) { // Can they edit the ban? $context['can_edit_ban'] = allowedTo('manage_bans'); $ban_query = array(); $ban_query_vars = array('time' => time()); $ban_query[] = 'id_member = ' . $context['member']['id']; // Valid IP? if (preg_match('/^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$/', $memberContext[$memID]['ip'], $ip_parts) == 1) { $ban_query[] = '((' . $ip_parts[1] . ' BETWEEN bi.ip_low1 AND bi.ip_high1) AND (' . $ip_parts[2] . ' BETWEEN bi.ip_low2 AND bi.ip_high2) AND (' . $ip_parts[3] . ' BETWEEN bi.ip_low3 AND bi.ip_high3) AND (' . $ip_parts[4] . ' BETWEEN bi.ip_low4 AND bi.ip_high4))'; // Do we have a hostname already? if (!empty($context['member']['hostname'])) { $ban_query[] = '({string:hostname} LIKE hostname)'; $ban_query_vars['hostname'] = $context['member']['hostname']; } } elseif ($memberContext[$memID]['ip'] == 'unknown') { $ban_query[] = '(bi.ip_low1 = 255 AND bi.ip_high1 = 255 AND bi.ip_low2 = 255 AND bi.ip_high2 = 255 AND bi.ip_low3 = 255 AND bi.ip_high3 = 255 AND bi.ip_low4 = 255 AND bi.ip_high4 = 255)'; } // Check their email as well... if (strlen($context['member']['email']) != 0) { $ban_query[] = '({string:email} LIKE bi.email_address)'; $ban_query_vars['email'] = $context['member']['email']; } // So... are they banned? Dying to know! $request = $smcFunc['db_query']('', ' SELECT bg.id_ban_group, bg.name, bg.cannot_access, bg.cannot_post, bg.cannot_register, bg.cannot_login, bg.reason FROM {db_prefix}ban_items AS bi INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group AND (bg.expire_time IS NULL OR bg.expire_time > {int:time})) WHERE (' . implode(' OR ', $ban_query) . ')', $ban_query_vars); while ($row = $smcFunc['db_fetch_assoc']($request)) { // Work out what restrictions we actually have. $ban_restrictions = array(); foreach (array('access', 'register', 'login', 'post') as $type) { if ($row['cannot_' . $type]) { $ban_restrictions[] = $txt['ban_type_' . $type]; } } // No actual ban in place? if (empty($ban_restrictions)) { continue; } // Prepare the link for context. $ban_explanation = sprintf($txt['user_cannot_due_to'], implode(', ', $ban_restrictions), '<a href="' . $scripturl . '?action=admin;area=ban;sa=edit;bg=' . $row['id_ban_group'] . '">' . $row['name'] . '</a>'); $context['member']['bans'][$row['id_ban_group']] = array('reason' => empty($row['reason']) ? '' : '<br /><br /><strong>' . $txt['ban_reason'] . ':</strong> ' . $row['reason'], 'cannot' => array('access' => !empty($row['cannot_access']), 'register' => !empty($row['cannot_register']), 'post' => !empty($row['cannot_post']), 'login' => !empty($row['cannot_login'])), 'explanation' => $ban_explanation); } $smcFunc['db_free_result']($request); } loadCustomFields($memID); }
/** * Actually do the search of personal messages. */ function MessageSearch2() { global $scripturl, $modSettings, $user_info, $context, $txt; global $memberContext, $smcFunc; if (!empty($context['load_average']) && !empty($modSettings['loadavg_search']) && $context['load_average'] >= $modSettings['loadavg_search']) { fatal_lang_error('loadavg_search_disabled', false); } /** * @todo For the moment force the folder to the inbox. * @todo Maybe set the inbox based on a cookie or theme setting? */ $context['folder'] = 'inbox'; // Some useful general permissions. $context['can_send_pm'] = allowedTo('pm_send'); // Some hardcoded veriables that can be tweaked if required. $maxMembersToSearch = 500; // Extract all the search parameters. $search_params = array(); if (isset($_REQUEST['params'])) { $temp_params = explode('|"|', base64_decode(strtr($_REQUEST['params'], array(' ' => '+')))); foreach ($temp_params as $i => $data) { @(list($k, $v) = explode('|\'|', $data)); $search_params[$k] = $v; } } $context['start'] = isset($_GET['start']) ? (int) $_GET['start'] : 0; // Store whether simple search was used (needed if the user wants to do another query). if (!isset($search_params['advanced'])) { $search_params['advanced'] = empty($_REQUEST['advanced']) ? 0 : 1; } // 1 => 'allwords' (default, don't set as param) / 2 => 'anywords'. if (!empty($search_params['searchtype']) || !empty($_REQUEST['searchtype']) && $_REQUEST['searchtype'] == 2) { $search_params['searchtype'] = 2; } // Minimum age of messages. Default to zero (don't set param in that case). if (!empty($search_params['minage']) || !empty($_REQUEST['minage']) && $_REQUEST['minage'] > 0) { $search_params['minage'] = !empty($search_params['minage']) ? (int) $search_params['minage'] : (int) $_REQUEST['minage']; } // Maximum age of messages. Default to infinite (9999 days: param not set). if (!empty($search_params['maxage']) || !empty($_REQUEST['maxage']) && $_REQUEST['maxage'] != 9999) { $search_params['maxage'] = !empty($search_params['maxage']) ? (int) $search_params['maxage'] : (int) $_REQUEST['maxage']; } $search_params['subject_only'] = !empty($search_params['subject_only']) || !empty($_REQUEST['subject_only']); $search_params['show_complete'] = !empty($search_params['show_complete']) || !empty($_REQUEST['show_complete']); // Default the user name to a wildcard matching every user (*). if (!empty($search_params['user_spec']) || !empty($_REQUEST['userspec']) && $_REQUEST['userspec'] != '*') { $search_params['userspec'] = isset($search_params['userspec']) ? $search_params['userspec'] : $_REQUEST['userspec']; } // This will be full of all kinds of parameters! $searchq_parameters = array(); // If there's no specific user, then don't mention it in the main query. if (empty($search_params['userspec'])) { $userQuery = ''; } else { $userString = strtr($smcFunc['htmlspecialchars']($search_params['userspec'], ENT_QUOTES), array('"' => '"')); $userString = strtr($userString, array('%' => '\\%', '_' => '\\_', '*' => '%', '?' => '_')); preg_match_all('~"([^"]+)"~', $userString, $matches); $possible_users = array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $userString))); for ($k = 0, $n = count($possible_users); $k < $n; $k++) { $possible_users[$k] = trim($possible_users[$k]); if (strlen($possible_users[$k]) == 0) { unset($possible_users[$k]); } } // Who matches those criteria? // @todo This doesn't support sent item searching. $request = $smcFunc['db_query']('', ' SELECT id_member FROM {db_prefix}members WHERE real_name LIKE {raw:real_name_implode}', array('real_name_implode' => '\'' . implode('\' OR real_name LIKE \'', $possible_users) . '\'')); // Simply do nothing if there're too many members matching the criteria. if ($smcFunc['db_num_rows']($request) > $maxMembersToSearch) { $userQuery = ''; } elseif ($smcFunc['db_num_rows']($request) == 0) { $userQuery = 'AND pm.id_member_from = 0 AND (pm.from_name LIKE {raw:guest_user_name_implode})'; $searchq_parameters['guest_user_name_implode'] = '\'' . implode('\' OR pm.from_name LIKE \'', $possible_users) . '\''; } else { $memberlist = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $memberlist[] = $row['id_member']; } $userQuery = 'AND (pm.id_member_from IN ({array_int:member_list}) OR (pm.id_member_from = 0 AND (pm.from_name LIKE {raw:guest_user_name_implode})))'; $searchq_parameters['guest_user_name_implode'] = '\'' . implode('\' OR pm.from_name LIKE \'', $possible_users) . '\''; $searchq_parameters['member_list'] = $memberlist; } $smcFunc['db_free_result']($request); } // Setup the sorting variables... // @todo Add more in here! $sort_columns = array('pm.id_pm'); if (empty($search_params['sort']) && !empty($_REQUEST['sort'])) { list($search_params['sort'], $search_params['sort_dir']) = array_pad(explode('|', $_REQUEST['sort']), 2, ''); } $search_params['sort'] = !empty($search_params['sort']) && in_array($search_params['sort'], $sort_columns) ? $search_params['sort'] : 'pm.id_pm'; $search_params['sort_dir'] = !empty($search_params['sort_dir']) && $search_params['sort_dir'] == 'asc' ? 'asc' : 'desc'; // Sort out any labels we may be searching by. $labelQuery = ''; if ($context['folder'] == 'inbox' && !empty($search_params['advanced']) && $context['currently_using_labels']) { // Came here from pagination? Put them back into $_REQUEST for sanitization. if (isset($search_params['labels'])) { $_REQUEST['searchlabel'] = explode(',', $search_params['labels']); } // Assuming we have some labels - make them all integers. if (!empty($_REQUEST['searchlabel']) && is_array($_REQUEST['searchlabel'])) { foreach ($_REQUEST['searchlabel'] as $key => $id) { $_REQUEST['searchlabel'][$key] = (int) $id; } } else { $_REQUEST['searchlabel'] = array(); } // Now that everything is cleaned up a bit, make the labels a param. $search_params['labels'] = implode(',', $_REQUEST['searchlabel']); // No labels selected? That must be an error! if (empty($_REQUEST['searchlabel'])) { $context['search_errors']['no_labels_selected'] = true; } elseif (count($_REQUEST['searchlabel']) != count($context['labels'])) { $labelQuery = ' AND {raw:label_implode}'; $labelStatements = array(); foreach ($_REQUEST['searchlabel'] as $label) { $labelStatements[] = $smcFunc['db_quote']('FIND_IN_SET({string:label}, pmr.labels) != 0', array('label' => $label)); } $searchq_parameters['label_implode'] = '(' . implode(' OR ', $labelStatements) . ')'; } } // What are we actually searching for? $search_params['search'] = !empty($search_params['search']) ? $search_params['search'] : (isset($_REQUEST['search']) ? $_REQUEST['search'] : ''); // If we ain't got nothing - we should error! if (!isset($search_params['search']) || $search_params['search'] == '') { $context['search_errors']['invalid_search_string'] = true; } // Extract phrase parts first (e.g. some words "this is a phrase" some more words.) preg_match_all('~(?:^|\\s)([-]?)"([^"]+)"(?:$|\\s)~' . ($context['utf8'] ? 'u' : ''), $search_params['search'], $matches, PREG_PATTERN_ORDER); $searchArray = $matches[2]; // Remove the phrase parts and extract the words. $tempSearch = explode(' ', preg_replace('~(?:^|\\s)(?:[-]?)"(?:[^"]+)"(?:$|\\s)~' . ($context['utf8'] ? 'u' : ''), ' ', $search_params['search'])); // A minus sign in front of a word excludes the word.... so... $excludedWords = array(); // .. first, we check for things like -"some words", but not "-some words". foreach ($matches[1] as $index => $word) { if ($word == '-') { $word = $smcFunc['strtolower'](trim($searchArray[$index])); if (strlen($word) > 0) { $excludedWords[] = $word; } unset($searchArray[$index]); } } // Now we look for -test, etc.... normaller. foreach ($tempSearch as $index => $word) { if (strpos(trim($word), '-') === 0) { $word = substr($smcFunc['strtolower']($word), 1); if (strlen($word) > 0) { $excludedWords[] = $word; } unset($tempSearch[$index]); } } $searchArray = array_merge($searchArray, $tempSearch); // Trim everything and make sure there are no words that are the same. foreach ($searchArray as $index => $value) { $searchArray[$index] = $smcFunc['strtolower'](trim($value)); if ($searchArray[$index] == '') { unset($searchArray[$index]); } else { // Sort out entities first. $searchArray[$index] = $smcFunc['htmlspecialchars']($searchArray[$index]); } } $searchArray = array_unique($searchArray); // Create an array of replacements for highlighting. $context['mark'] = array(); foreach ($searchArray as $word) { $context['mark'][$word] = '<strong class="highlight">' . $word . '</strong>'; } // This contains *everything* $searchWords = array_merge($searchArray, $excludedWords); // Make sure at least one word is being searched for. if (empty($searchArray)) { $context['search_errors']['invalid_search_string'] = true; } // Sort out the search query so the user can edit it - if they want. $context['search_params'] = $search_params; if (isset($context['search_params']['search'])) { $context['search_params']['search'] = htmlspecialchars($context['search_params']['search']); } if (isset($context['search_params']['userspec'])) { $context['search_params']['userspec'] = htmlspecialchars($context['search_params']['userspec']); } // Now we have all the parameters, combine them together for pagination and the like... $context['params'] = array(); foreach ($search_params as $k => $v) { $context['params'][] = $k . '|\'|' . $v; } $context['params'] = base64_encode(implode('|"|', $context['params'])); // Compile the subject query part. $andQueryParts = array(); foreach ($searchWords as $index => $word) { if ($word == '') { continue; } if ($search_params['subject_only']) { $andQueryParts[] = 'pm.subject' . (in_array($word, $excludedWords) ? ' NOT' : '') . ' LIKE {string:search_' . $index . '}'; } else { $andQueryParts[] = '(pm.subject' . (in_array($word, $excludedWords) ? ' NOT' : '') . ' LIKE {string:search_' . $index . '} ' . (in_array($word, $excludedWords) ? 'AND pm.body NOT' : 'OR pm.body') . ' LIKE {string:search_' . $index . '})'; } $searchq_parameters['search_' . $index] = '%' . strtr($word, array('_' => '\\_', '%' => '\\%')) . '%'; } $searchQuery = ' 1=1'; if (!empty($andQueryParts)) { $searchQuery = implode(!empty($search_params['searchtype']) && $search_params['searchtype'] == 2 ? ' OR ' : ' AND ', $andQueryParts); } // Age limits? $timeQuery = ''; if (!empty($search_params['minage'])) { $timeQuery .= ' AND pm.msgtime < ' . (time() - $search_params['minage'] * 86400); } if (!empty($search_params['maxage'])) { $timeQuery .= ' AND pm.msgtime > ' . (time() - $search_params['maxage'] * 86400); } // If we have errors - return back to the first screen... if (!empty($context['search_errors'])) { $_REQUEST['params'] = $context['params']; return MessageSearch(); } // Get the amount of results. $request = $smcFunc['db_query']('', ' SELECT COUNT(*) FROM {db_prefix}pm_recipients AS pmr INNER JOIN {db_prefix}personal_messages AS pm ON (pm.id_pm = pmr.id_pm) WHERE ' . ($context['folder'] == 'inbox' ? ' pmr.id_member = {int:current_member} AND pmr.deleted = {int:not_deleted}' : ' pm.id_member_from = {int:current_member} AND pm.deleted_by_sender = {int:not_deleted}') . ' ' . $userQuery . $labelQuery . $timeQuery . ' AND (' . $searchQuery . ')', array_merge($searchq_parameters, array('current_member' => $user_info['id'], 'not_deleted' => 0))); list($numResults) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); // Get all the matching messages... using standard search only (No caching and the like!) // @todo This doesn't support sent item searching yet. $request = $smcFunc['db_query']('', ' SELECT pm.id_pm, pm.id_pm_head, pm.id_member_from FROM {db_prefix}pm_recipients AS pmr INNER JOIN {db_prefix}personal_messages AS pm ON (pm.id_pm = pmr.id_pm) WHERE ' . ($context['folder'] == 'inbox' ? ' pmr.id_member = {int:current_member} AND pmr.deleted = {int:not_deleted}' : ' pm.id_member_from = {int:current_member} AND pm.deleted_by_sender = {int:not_deleted}') . ' ' . $userQuery . $labelQuery . $timeQuery . ' AND (' . $searchQuery . ') ORDER BY ' . $search_params['sort'] . ' ' . $search_params['sort_dir'] . ' LIMIT ' . $context['start'] . ', ' . $modSettings['search_results_per_page'], array_merge($searchq_parameters, array('current_member' => $user_info['id'], 'not_deleted' => 0))); $foundMessages = array(); $posters = array(); $head_pms = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $foundMessages[] = $row['id_pm']; $posters[] = $row['id_member_from']; $head_pms[$row['id_pm']] = $row['id_pm_head']; } $smcFunc['db_free_result']($request); // Find the real head pms! if ($context['display_mode'] == 2 && !empty($head_pms)) { $request = $smcFunc['db_query']('', ' SELECT MAX(pm.id_pm) AS id_pm, pm.id_pm_head FROM {db_prefix}personal_messages AS pm INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm) WHERE pm.id_pm_head IN ({array_int:head_pms}) AND pmr.id_member = {int:current_member} AND pmr.deleted = {int:not_deleted} GROUP BY pm.id_pm_head LIMIT {int:limit}', array('head_pms' => array_unique($head_pms), 'current_member' => $user_info['id'], 'not_deleted' => 0, 'limit' => count($head_pms))); $real_pm_ids = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $real_pm_ids[$row['id_pm_head']] = $row['id_pm']; } $smcFunc['db_free_result']($request); } // Load the users... $posters = array_unique($posters); if (!empty($posters)) { loadMemberData($posters); } // Sort out the page index. $context['page_index'] = constructPageIndex($scripturl . '?action=pm;sa=search2;params=' . $context['params'], $_GET['start'], $numResults, $modSettings['search_results_per_page'], false); $context['message_labels'] = array(); $context['message_replied'] = array(); $context['personal_messages'] = array(); if (!empty($foundMessages)) { // Now get recipients (but don't include bcc-recipients for your inbox, you're not supposed to know :P!) $request = $smcFunc['db_query']('', ' SELECT pmr.id_pm, mem_to.id_member AS id_member_to, mem_to.real_name AS to_name, pmr.bcc, pmr.labels, pmr.is_read FROM {db_prefix}pm_recipients AS pmr LEFT JOIN {db_prefix}members AS mem_to ON (mem_to.id_member = pmr.id_member) WHERE pmr.id_pm IN ({array_int:message_list})', array('message_list' => $foundMessages)); while ($row = $smcFunc['db_fetch_assoc']($request)) { if ($context['folder'] == 'sent' || empty($row['bcc'])) { $recipients[$row['id_pm']][empty($row['bcc']) ? 'to' : 'bcc'][] = empty($row['id_member_to']) ? $txt['guest_title'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member_to'] . '">' . $row['to_name'] . '</a>'; } if ($row['id_member_to'] == $user_info['id'] && $context['folder'] != 'sent') { $context['message_replied'][$row['id_pm']] = $row['is_read'] & 2; $row['labels'] = $row['labels'] == '' ? array() : explode(',', $row['labels']); // This is a special need for linking to messages. foreach ($row['labels'] as $v) { if (isset($context['labels'][(int) $v])) { $context['message_labels'][$row['id_pm']][(int) $v] = array('id' => $v, 'name' => $context['labels'][(int) $v]['name']); } // Here we find the first label on a message - for linking to posts in results if (!isset($context['first_label'][$row['id_pm']]) && !in_array('-1', $row['labels'])) { $context['first_label'][$row['id_pm']] = (int) $v; } } } } // Prepare the query for the callback! $request = $smcFunc['db_query']('', ' SELECT pm.id_pm, pm.subject, pm.id_member_from, pm.body, pm.msgtime, pm.from_name FROM {db_prefix}personal_messages AS pm WHERE pm.id_pm IN ({array_int:message_list}) ORDER BY ' . $search_params['sort'] . ' ' . $search_params['sort_dir'] . ' LIMIT ' . count($foundMessages), array('message_list' => $foundMessages)); $counter = 0; while ($row = $smcFunc['db_fetch_assoc']($request)) { // If there's no message subject, use the default. $row['subject'] = $row['subject'] == '' ? $txt['no_subject'] : $row['subject']; // Load this posters context info, if it ain't there then fill in the essentials... if (!loadMemberContext($row['id_member_from'], true)) { $memberContext[$row['id_member_from']]['name'] = $row['from_name']; $memberContext[$row['id_member_from']]['id'] = 0; $memberContext[$row['id_member_from']]['group'] = $txt['guest_title']; $memberContext[$row['id_member_from']]['link'] = $row['from_name']; $memberContext[$row['id_member_from']]['email'] = ''; $memberContext[$row['id_member_from']]['show_email'] = showEmailAddress(true, 0); $memberContext[$row['id_member_from']]['is_guest'] = true; } // Censor anything we don't want to see... censorText($row['body']); censorText($row['subject']); // Parse out any BBC... $row['body'] = parse_bbc($row['body'], true, 'pm' . $row['id_pm']); $href = $scripturl . '?action=pm;f=' . $context['folder'] . (isset($context['first_label'][$row['id_pm']]) ? ';l=' . $context['first_label'][$row['id_pm']] : '') . ';pmid=' . ($context['display_mode'] == 2 && isset($real_pm_ids[$head_pms[$row['id_pm']]]) ? $real_pm_ids[$head_pms[$row['id_pm']]] : $row['id_pm']) . '#msg' . $row['id_pm']; $context['personal_messages'][] = array('id' => $row['id_pm'], 'member' => &$memberContext[$row['id_member_from']], 'subject' => $row['subject'], 'body' => $row['body'], 'time' => timeformat($row['msgtime']), 'recipients' => &$recipients[$row['id_pm']], 'labels' => &$context['message_labels'][$row['id_pm']], 'fully_labeled' => count($context['message_labels'][$row['id_pm']]) == count($context['labels']), 'is_replied_to' => &$context['message_replied'][$row['id_pm']], 'href' => $href, 'link' => '<a href="' . $href . '">' . $row['subject'] . '</a>', 'counter' => ++$counter); } $smcFunc['db_free_result']($request); } // Finish off the context. $context['page_title'] = $txt['pm_search_title']; $context['sub_template'] = 'search_results'; $context['menu_data_' . $context['pm_menu_id']]['current_area'] = 'search'; $context['linktree'][] = array('url' => $scripturl . '?action=pm;sa=search', 'name' => $txt['pm_search_bar_title']); }
/** * Fetch some member data! * * @param string|null $query_where * @param string|string[] $query_where_params * @param string $query_limit * @param string $query_order * @param string $output_method */ function ssi_queryMembers($query_where = null, $query_where_params = array(), $query_limit = '', $query_order = 'id_member DESC', $output_method = 'echo') { global $memberContext; if ($query_where === null) { return; } require_once SUBSDIR . '/Members.subs.php'; $members_data = retrieveMemberData(array($query_where => $query_where_params, 'limit' => !empty($query_limit) ? (int) $query_limit : 10, 'order_by' => $query_order, 'activated_status' => 1)); $members = array(); foreach ($members_data['member_info'] as $row) { $members[] = $row['id']; } if (empty($members)) { return array(); } // Load the members. loadMemberData($members); // Draw the table! if ($output_method == 'echo') { echo ' <table class="ssi_table">'; } $query_members = array(); foreach ($members as $member) { // Load their context data. if (!loadMemberContext($member)) { continue; } // Store this member's information. $query_members[$member] = $memberContext[$member]; // Only do something if we're echo'ing. if ($output_method == 'echo') { echo ' <tr> <td class="centertext"> ', $query_members[$member]['link'], ' <br />', $query_members[$member]['blurb'], ' <br />', $query_members[$member]['avatar']['image'], ' </td> </tr>'; } } // End the table if appropriate. if ($output_method == 'echo') { echo ' </table>'; } // Send back the data. return $query_members; }
/** * @param $memID int id_member * * fetch all likes received by the given user and display them * part of the profile -> show content area. */ function LikesByUser($memID) { global $context, $user_info, $scripturl, $memberContext, $txt, $modSettings, $options; if ($memID != $user_info['id']) { isAllowedTo('can_view_ratings'); } // let us use the same value as for topics per page here. $perpage = empty($modSettings['disableCustomPerPage']) && !empty($options['topics_per_page']) ? $options['topics_per_page'] : $modSettings['defaultMaxTopics']; $out = $_GET['sa'] === 'likesout'; // display likes *given* instead of received ones $is_owner = $user_info['id'] == $memID; // we are the owner of this profile, this is important for proper formatting (you/yours etc.) $boards_like_see = boardsAllowedTo('like_see'); // respect permissions $start = isset($_REQUEST['start']) ? (int) $_REQUEST['start'] : 0; if (!($user_info['is_admin'] || allowedTo('moderate_forum'))) { // admins and global mods can see everything $bq = ' AND b.id_board IN({array_int:boards})'; } else { $bq = ''; } $q = $out ? 'l.id_user = {int:id_user}' : 'l.id_receiver = {int:id_user}'; $request = smf_db_query('SELECT count(l.id_msg) FROM {db_prefix}likes AS l INNER JOIN {db_prefix}messages AS m ON (m.id_msg = l.id_msg) INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic) INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board) WHERE ' . $q . ' AND {query_see_board}' . $bq, array('id_user' => $memID, 'boards' => $boards_like_see)); list($context['total_likes']) = mysql_fetch_row($request); mysql_free_result($request); $request = smf_db_query('SELECT m.subject, m.id_topic, l.id_user, l.id_receiver, l.updated, l.id_msg, l.rtype, mfirst.subject AS first_subject, SUBSTRING(m.body, 1, 150) AS body FROM {db_prefix}likes AS l INNER JOIN {db_prefix}messages AS m ON (m.id_msg = l.id_msg) INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic) INNER JOIN {db_prefix}messages AS mfirst ON (mfirst.id_msg = t.id_first_msg) INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board) WHERE ' . $q . ' AND {query_see_board} ' . $bq . ' ORDER BY l.id_like DESC LIMIT {int:startwith}, {int:perpage}', array('id_user' => $memID, 'startwith' => $start, 'perpage' => $perpage, 'boards' => $boards_like_see)); $context['results_count'] = 0; $context['likes'] = array(); $context['displaymode'] = $out ? true : false; $context['pages'] = ''; if ($context['total_likes'] > $perpage) { $context['pages'] = constructPageIndex($scripturl . '?action=profile;area=showposts;sa=' . $_GET['sa'] . ';u=' . trim($memID), $start, $context['total_likes'], $perpage); } $users = array(); while ($row = mysql_fetch_assoc($request)) { $context['results_count']++; $thref = URL::topic($row['id_topic'], $row['first_subject'], 0); $phref = URL::topic($row['id_topic'], $row['subject'], 0, false, '.msg' . $row['id_msg'], '#msg' . $row['id_msg']); $users[] = $out ? $row['id_receiver'] : $row['id_user']; $context['likes'][] = array('id_user' => $out ? $row['id_receiver'] : $row['id_user'], 'time' => timeformat($row['updated']), 'topic' => array('href' => $thref, 'link' => '<a href="' . $thref . '">' . $row['first_subject'] . '</a>', 'subject' => $row['first_subject']), 'post' => array('href' => $phref, 'link' => '<a href="' . $phref . '">' . $row['subject'] . '</a>', 'subject' => $row['subject'], 'id' => $row['id_msg']), 'rtype' => $row['rtype'], 'teaser' => strip_tags(preg_replace('~[[\\/\\!]*?[^\\[\\]]*?]~si', '', $row['body'])) . '...', 'morelink' => URL::parse('?msg=' . $row['id_msg'] . ';perma')); } loadMemberData(array_unique($users)); foreach ($context['likes'] as &$like) { loadMemberContext($like['id_user']); $like['member'] =& $memberContext[$like['id_user']]; $like['text'] = $out ? $is_owner ? sprintf($txt['liked_a_post'], $is_owner ? $txt['you_liker'] : $memberContext[$memID]['name'], $memberContext[$like['id_user']]['link'], $like['post']['href'], $like['topic']['link'], $modSettings['ratings'][$like['rtype']]['text']) : sprintf($txt['liked_a_post'], $is_owner ? $txt['you_liker'] : $memberContext[$memID]['name'], $memberContext[$like['id_user']]['link'], $like['post']['href'], $like['topic']['link'], $modSettings['ratings'][$like['rtype']]['text']) : ($is_owner ? sprintf($txt['liked_your_post'], $like['id_user'] == $user_info['id'] ? $txt['you_liker'] : $like['member']['link'], $like['post']['href'], $like['topic']['link'], $modSettings['ratings'][$like['rtype']]['text']) : sprintf($txt['liked_a_post'], $like['id_user'] == $user_info['id'] ? $txt['you_liker'] : $like['member']['link'], $memberContext[$memID]['name'], $like['post']['href'], $like['topic']['link'], $modSettings['ratings'][$like['rtype']]['text'])); } mysql_free_result($request); EoS_Smarty::getConfigInstance()->registerHookTemplate('profile_content_area', 'ratings/profile_display'); }
function ssi_queryMembers($query_where, $query_where_params = array(), $query_limit = '', $query_order = 'id_member DESC', $output_method = 'echo') { global $context, $settings, $scripturl, $txt, $db_prefix, $user_info; global $modSettings, $smcFunc, $memberContext; // Fetch the members in question. $request = $smcFunc['db_query']('', ' SELECT id_member FROM {db_prefix}members WHERE ' . $query_where . ' ORDER BY ' . $query_order . ' ' . ($query_limit == '' ? '' : 'LIMIT ' . $query_limit), array_merge($query_where_params, array())); $members = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $members[] = $row['id_member']; } $smcFunc['db_free_result']($request); if (empty($members)) { return array(); } // Load the members. loadMemberData($members); // Draw the table! if ($output_method == 'echo') { echo ' <table border="0" class="ssi_table">'; } $query_members = array(); foreach ($members as $member) { // Load their context data. if (!loadMemberContext($member)) { continue; } // Store this member's information. $query_members[$member] = $memberContext[$member]; // Only do something if we're echo'ing. if ($output_method == 'echo') { echo ' <tr> <td align="right" valign="top" nowrap="nowrap"> ', $query_members[$member]['link'], ' <br />', $query_members[$member]['blurb'], ' <br />', $query_members[$member]['avatar']['image'], ' </td> </tr>'; } } // End the table if appropriate. if ($output_method == 'echo') { echo ' </table>'; } // Send back the data. return $query_members; }