function getProfileInfoExtra() { $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id'); $aRet = array(); $r = db_res("SELECT `pc`.`Caption`, `pc`.`Content`, `pc`.`Func`, `pc`.`ID` AS `BlockID`\n FROM `sys_profile_fields` AS `pf` \n INNER JOIN `sys_page_compose` AS `pc` \n ON ((`pc`.`Func` = 'PFBlock' AND `pc`.`Content` = `pf`.`ID`) OR (`pc`.`Func` = 'GeneralInfo' AND " . BX_BLOCK_GENERALINFO . " = `pf`.`ID`) OR (`pc`.`Func` = 'AdditionalInfo' AND " . BX_BLOCK_ADDITIONALINFO . " = `pf`.`ID`))\n WHERE `pc`.`Page` = 'profile_info' AND `pf`.`Type` = 'block' AND `pc`.`Column` != 0 \n ORDER BY `pc`.`Column`, `pc`.`Order`"); while ($a = $r->fetch()) { $iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='" . $this->_iProfileID . "' AND `block_id`='" . $a['BlockID'] . "' LIMIT 1"); if ($iPrivacyId != 0 && !$oPrivacy->check('view_block', $iPrivacyId, $this->_iViewerId)) { continue; } switch ($a['Func']) { case 'GeneralInfo': $i = BX_BLOCK_GENERALINFO; break; case 'AdditionalInfo': $i = BX_BLOCK_ADDITIONALINFO; break; default: $i = $a['Content']; } $aBlock = $this->getProfileInfoBlock($a['Caption'], $i); if (false === $aBlock) { continue; } $aRet[] = $aBlock; } if ($this->_iViewerId == $this->_iProfileID) { $aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_E-mail')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval($this->_aProfile['Email'])), "struct"); $aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_Membership2')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval(strip_tags(GetMembershipStatus($this->_iProfileID, false, false)))), "struct"); $aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_Status')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval(_t('__' . $this->_aProfile['Status']))), "struct"); $aRet[] = new xmlrpcval(array('Info' => new xmlrpcval($aOwnInfo, "array"), 'Title' => new xmlrpcval(_t('_Account Info'))), "struct"); } return new xmlrpcval($aRet, "array"); }
function genBlock($iBlockID, $aBlock, $bStatic = true, $sDynamicType = 'tab') { //--- Privacy for Profile page ---// $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id'); $iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='" . $this->oProfileGen->_iProfileID . "' AND `block_id`='" . $iBlockID . "' LIMIT 1"); if ($iPrivacyId != 0 && !$oPrivacy->check('view_block', $iPrivacyId, $this->iMemberID)) { return false; } //--- Privacy for Profile page ---// return parent::genBlock($iBlockID, $aBlock, $bStatic, $sDynamicType); }
/** * @description : function will generate profile block (used the profile template ); * @return : Html presentation data ; */ function PrintSearhResult($aProfileInfo, $aCoupleInfo = '', $aExtendedKey = null, $sTemplateName = '', $oCustomTemplate = null) { global $site; global $aPreValues; $iVisitorID = getLoggedId(); $bExtMode = !empty($_GET['mode']) && $_GET['mode'] == 'extended' || !empty($_GET['search_result_mode']) && $_GET['search_result_mode'] == 'ext'; $isShowMatchPercent = $bExtMode && $iVisitorID && $iVisitorID != $aProfileInfo['ID'] && getParam('view_match_percent') && getParam('enable_match'); $bPublic = $bExtMode ? bx_check_profile_visibility($aProfileInfo['ID'], $iVisitorID, true) : true; if ($bPublic && $iVisitorID != $aProfileInfo['ID'] && !isAdmin()) { $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id'); $iBlockID = $GLOBALS['MySQL']->getOne("SELECT `ID` FROM `sys_page_compose` WHERE `Page` = 'profile' AND `Func` = 'Description' AND `Column` != 0"); $iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='{$aProfileInfo['ID']}' AND `block_id`='{$iBlockID}' LIMIT 1"); $bPublic = !$iBlockID || !$iPrivacyId || $oPrivacy->check('view_block', $iPrivacyId, $iVisitorID); } $sProfileThumb = get_member_thumbnail($aProfileInfo['ID'], 'none', !$bExtMode, 'visitor'); $sProfileMatch = $isShowMatchPercent ? $GLOBALS['oFunctions']->getProfileMatch($iVisitorID, $aProfileInfo['ID']) : ''; $sProfileNickname = '<a href="' . getProfileLink($aProfileInfo['ID']) . '">' . getNickName($aProfileInfo['ID']) . '</a>'; $sProfileInfo = $GLOBALS['oFunctions']->getUserInfo($aProfileInfo['ID']); $sProfileDesc = $bPublic ? strmaxtextlen($aProfileInfo['DescriptionMe'], 130) : _t('_sys_profile_private_text_title'); $sProfileZodiac = $bPublic && $bExtMode && getParam('zodiac') ? $GLOBALS['oFunctions']->getProfileZodiac($aProfileInfo['DateOfBirth']) : ''; $sProfile2ASc1 = $sProfile2ASc2 = $sProfile2Nick = $sProfile2Desc = $sProfile2Info = $sProfile2Zodiac = ''; if ($aCoupleInfo) { $sProfile2Nick = '<a href="' . getProfileLink($aCoupleInfo['ID']) . '">' . getNickName($aCoupleInfo['ID']) . '</a>'; $sProfile2Info = $GLOBALS['oFunctions']->getUserInfo($aCoupleInfo['ID']); $sProfile2Desc = $bPublic ? strmaxtextlen($aCoupleInfo['DescriptionMe'], 130) : _t('_sys_profile_private_text_title'); $sProfile2Zodiac = $bPublic && $bExtMode && getParam('zodiac') ? $GLOBALS['oFunctions']->getProfileZodiac($aCoupleInfo['DateOfBirth']) : ''; $sProfile2ASc1 = 'float:left;width:31%;margin-right:10px;'; $sProfile2ASc2 = 'float:left;width:31%;display:block;'; } else { $sProfile2ASc2 = 'display:none;'; } $aKeys = array('thumbnail' => $sProfileThumb, 'match' => $sProfileMatch, 'nick' => $sProfileNickname, 'info' => $sProfileInfo, 'i_am_desc' => $sProfileDesc, 'zodiac_sign' => $sProfileZodiac, 'nick2' => $sProfile2Nick, 'info2' => $sProfile2Info, 'i_am_desc2' => $sProfile2Desc, 'zodiac_sign2' => $sProfile2Zodiac, 'add_style_c1' => $sProfile2ASc1, 'add_style_c2' => $sProfile2ASc2); if ($aExtendedKey and is_array($aExtendedKey) and !empty($aExtendedKey)) { foreach ($aExtendedKey as $sKey => $sValue) { $aKeys[$sKey] = $sValue; } } else { $aKeys['ext_css_class'] = ''; } return $oCustomTemplate ? $oCustomTemplate->parseHtmlByName($sTemplateName, $aKeys) : $GLOBALS['oSysTemplate']->parseHtmlByName($sTemplateName, $aKeys); }
function getUserInfo($sUser, $sPwd, $sNick, $sLang) { $iIdProfile = BxDolXMLRPCUtil::getIdByNickname($sNick); if (!$iIdProfile || !($iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd))) { return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1, "int")), "struct")); } BxDolXMLRPCUtil::setLanguage($sLang); if ($iIdProfile != $iId) { // privacy bx_import('BxDolPrivacy'); $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID'); if ($iIdProfile != $iId && !$oPrivacy->check('view', $iIdProfile, $iId)) { return new xmlrpcval('-1'); } // membership $aCheckRes = checkAction($iId, ACTION_ID_VIEW_PROFILES, true, $iIdProfile); if ($aCheckRes[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED) { return new xmlrpcval($aCheckRes[CHECK_ACTION_MESSAGE]); } } $aRet = BxDolXMLRPCUtil::getUserInfo($iIdProfile); return new xmlrpcval($aRet, "struct"); }
function _checkUserPrivacy($iId, $iIdProfile) { $mixedAccessDenied = false; if ($iIdProfile != $iId) { // membership $aCheckRes = checkAction($iId, ACTION_ID_VIEW_PROFILES, true, $iIdProfile); if ($aCheckRes[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED) { $mixedAccessDenied = strip_tags($aCheckRes[CHECK_ACTION_MESSAGE]); } // privacy if (false === $mixedAccessDenied) { bx_import('BxDolPrivacy'); $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID'); if ($iIdProfile != $iId && !$oPrivacy->check('view', $iIdProfile, $iId)) { $mixedAccessDenied = '-1'; } } } bx_import('BxDolAlerts'); $oZ = new BxDolAlerts('mobile', 'view_profile', $iIdProfile, $iId, array('access_denied' => &$mixedAccessDenied)); $oZ->alert(); if (false !== $mixedAccessDenied) { return new xmlrpcval($mixedAccessDenied); } return true; }
/** * Check profile existing, membership/acl, profile status and privacy. * If some of visibility options are not allowed then appropritate page is shown and exit called. * @param $iViewedId viewed member id * @param $iViewerId viewer member id * @return nothing */ function bx_check_profile_visibility($iViewedId, $iViewerId = 0, $bReturn = false) { global $logged, $site, $_page, $_page_cont, $p_arr; // check if profile exists if (!$iViewedId) { if ($bReturn) { return false; } $GLOBALS['oSysTemplate']->displayPageNotFound(); exit; } // check if viewer can view profile $bPerform = $iViewedId == $iViewerId ? FALSE : TRUE; $check_res = checkAction($iViewerId, ACTION_ID_VIEW_PROFILES, $bPerform, $iViewedId); if ($check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] && !$logged['moderator'] && $iViewerId != $iViewedId) { if ($bReturn) { return false; } $_page['header'] = "{$site['title']} " . _t("_Member Profile"); $_page['header_text'] = "{$site['title']} " . _t("_Member Profile"); $_page['name_index'] = 0; $_page_cont[0]['page_main_code'] = MsgBox($check_res[CHECK_ACTION_MESSAGE]); PageCode(); exit; } bx_import('BxBaseProfileView'); $oProfile = new BxBaseProfileGenerator($iViewedId); $p_arr = $oProfile->_aProfile; // check if viewed member is active if (!($p_arr['ID'] && ($logged['admin'] || $logged['moderator'] || $oProfile->owner || $p_arr['Status'] == 'Active'))) { if ($bReturn) { return false; } header("HTTP/1.1 404 Not Found"); $GLOBALS['oSysTemplate']->displayMsg(_t("_Profile NA")); exit; } // check privacy if (!$logged['admin'] && !$logged['moderator'] && $iViewerId != $iViewedId) { $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID'); if (!$oPrivacy->check('view', $iViewedId, $iViewerId)) { if ($bReturn) { return false; } bx_import('BxDolProfilePrivatePageView'); $oProfilePrivateView = new BxDolProfilePrivatePageView($oProfile, $site, $dir); $_page['name_index'] = 7; $_page_cont[7]['page_main_code'] = $oProfilePrivateView->getCode(); PageCode(); exit; } } if ($bReturn) { return true; } }
} // Check if member can view profile $check_res = checkAction($memberID, ACTION_ID_VIEW_PROFILES, true, $profileID); if ($check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] && !$logged['moderator'] && $memberID != $profileID) { $_page['header'] = "{$site['title']} " . _t("_Member Profile"); $_page['header_text'] = "{$site['title']} " . _t("_Member Profile"); $_page['name_index'] = 0; $_page_cont[0]['page_main_code'] = MsgBox($check_res[CHECK_ACTION_MESSAGE]); PageCode(); exit; } $oProfile = new BxBaseProfileGenerator($profileID); if (!$logged['admin'] && !$logged['moderator'] && $memberID != $profileID) { //Check privacy $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID'); if (!$oPrivacy->check('view', $profileID, $memberID)) { $_page['name_index'] = 0; $_page['header'] = "{$site['title']} " . _t("_Member Profile"); $_page['header_text'] = "{$site['title']} " . _t("_Member Profile"); $_page_cont[0]['page_main_code'] = MsgBox(_t('_INVALID_ROLE')); PageCode(); exit; } } $oProfile->oCmtsView->getExtraCss(); $oProfile->oCmtsView->getExtraJs(); $oProfile->oVotingView->getExtraJs(); $p_arr = $oProfile->_aProfile; if (!($p_arr['ID'] && ($logged['admin'] || $logged['moderator'] || $oProfile->owner || $p_arr['Status'] == 'Active'))) { header("HTTP/1.1 404 Not Found"); $_page['header'] = "{$site['title']} " . _t("_Member Profile");
/** * Get location array * @param $sPart module/part name * @param $iEntryId entry's id which location is edited * @param $iViewer viewer profile id * @return false - location undefined, -1 - access denied, array - all good */ function serviceGetLocation($sPart, $iEntryId, $iViewer = false) { if (false === $iViewer) { $iViewer = getLoggedId(); } if ('profiles' == $sPart) { if (!bx_check_profile_visibility($iEntryId, $iViewer, true)) { return -1; } } else { bx_import('BxDolPrivacy'); $oPrivacy = new BxDolPrivacy($this->_aParts[$sPart]['join_table'], $this->_aParts[$sPart]['join_field_id'], $this->_aParts[$sPart]['join_field_author']); if (!$oPrivacy->check('view', $iEntryId, $iViewer)) { return -1; } } $aLocation = $this->_oDb->getDirectLocation($iEntryId, $this->_aParts[$sPart]); if (!$aLocation || !$aLocation['lat'] && $aLocation['lng']) { return false; } if (false === $aLocation['zoom'] || -1 == $aLocation['zoom']) { $aLocation['zoom'] = getParam("bx_wmap_edit_{$sPart}_zoom"); } if (!$aLocation['type']) { $aLocation['type'] = getParam("bx_wmap_edit_{$sPart}_map_type"); } return $aLocation; }