Esempio n. 1
-1
 /**
  * Draws Users list (ECHO)
  *
  * @param  int      $userId
  * @param  int      $listId
  * @param  array    $postData
  * @return void
  */
 public function drawUsersList($userId, $listId, $postData)
 {
     global $_CB_database, $_PLUGINS;
     $_PLUGINS->loadPluginGroup('user');
     $searchData = cbGetParam($postData, 'search');
     $limitstart = (int) cbGetParam($postData, 'limitstart');
     $searchMode = (int) cbGetParam($postData, 'searchmode', 0);
     $random = (int) cbGetParam($postData, 'rand', 0);
     $cbUser = CBuser::getInstance((int) $userId, false);
     $user = $cbUser->getUserData();
     $search = null;
     $input = array();
     $publishedLists = array();
     $query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote('#__comprofiler_lists') . "\n WHERE " . $_CB_database->NameQuote('published') . " = 1" . "\n AND " . $_CB_database->NameQuote('viewaccesslevel') . " IN " . $_CB_database->safeArrayOfIntegers(Application::MyUser()->getAuthorisedViewLevels()) . "\n ORDER BY " . $_CB_database->NameQuote('ordering');
     $_CB_database->setQuery($query);
     /** @var ListTable[] $userLists */
     $userLists = $_CB_database->loadObjectList(null, '\\CB\\Database\\Table\\ListTable', array($_CB_database));
     if ($userLists) {
         foreach ($userLists as $userList) {
             $publishedLists[] = moscomprofilerHTML::makeOption((int) $userList->listid, strip_tags($cbUser->replaceUserVars($userList->title, false, false)));
             if (!$listId && $userList->default) {
                 $listId = (int) $userList->listid;
             }
         }
         if (!$listId) {
             $listId = (int) $userLists[0]->listid;
         }
     }
     if (!$listId) {
         echo CBTxt::Th('UE_NOLISTFOUND', 'There are no published user lists!');
         return;
     }
     if ($userLists) {
         $input['plists'] = moscomprofilerHTML::selectList($publishedLists, 'listid', 'class="form-control input-block" onchange="this.form.submit();"', 'value', 'text', (int) $listId, 1);
     }
     $row = self::getInstance((int) $listId);
     if (!$row) {
         echo CBTxt::Th('UE_LIST_DOES_NOT_EXIST', 'This list does not exist');
         return;
     }
     if (!$cbUser->authoriseView('userslist', $row->listid)) {
         echo CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!');
         return;
     }
     $params = new Registry($row->params);
     if ($params->get('hotlink_protection', 0) == 1) {
         if ($searchData !== null || $limitstart) {
             cbSpoofCheck('userslist', 'GET');
         }
     }
     $limit = (int) $params->get('list_limit', 30);
     if (!$limit) {
         $limit = 30;
     }
     if ($params->get('list_paging', 1) != 1) {
         $limitstart = 0;
     }
     $isModerator = Application::MyUser()->isGlobalModerator();
     $_PLUGINS->trigger('onStartUsersList', array(&$listId, &$row, &$search, &$limitstart, &$limit));
     // Prepare query variables:
     $userGroupIds = explode('|*|', $row->usergroupids);
     $orderBy = self::getSorting($listId, $userId, $random);
     $filterBy = self::getFiltering($listId, $userId);
     $columns = self::getColumns($listId, $userId);
     // Grab all the fields the $user can access:
     $tabs = new cbTabs(0, 1);
     $fields = $tabs->_getTabFieldsDb(null, $user, 'list');
     // Build the field SQL:
     $tableReferences = array('#__comprofiler' => 'ue', '#__users' => 'u');
     $searchableFields = array();
     $fieldsSQL = cbUsersList::getFieldsSQL($columns, $fields, $tableReferences, $searchableFields, $params);
     $_PLUGINS->trigger('onAfterUsersListFieldsSql', array(&$columns, &$fields, &$tableReferences));
     // Build the internal joins and where statements best off list parameters:
     $tablesSQL = array();
     $joinsSQL = array();
     $tablesWhereSQL = array();
     if ($isModerator) {
         if (!$params->get('list_show_blocked', 0)) {
             $tablesWhereSQL['block'] = 'u.block = 0';
         }
         if (!$params->get('list_show_banned', 1)) {
             $tablesWhereSQL['banned'] = 'ue.banned = 0';
         }
         if (!$params->get('list_show_unapproved', 0)) {
             $tablesWhereSQL['approved'] = 'ue.approved = 1';
         }
         if (!$params->get('list_show_unconfirmed', 0)) {
             $tablesWhereSQL['confirmed'] = 'ue.confirmed = 1';
         }
     } else {
         $tablesWhereSQL = array('block' => 'u.block = 0', 'approved' => 'ue.approved = 1', 'confirmed' => 'ue.confirmed = 1', 'banned' => 'ue.banned = 0');
     }
     $joinsSQL[] = 'JOIN #__user_usergroup_map g ON g.`user_id` = u.`id`';
     if ($userGroupIds) {
         $tablesWhereSQL['gid'] = 'g.group_id IN ' . $_CB_database->safeArrayOfIntegers($userGroupIds);
     }
     foreach ($tableReferences as $table => $name) {
         if ($name == 'u') {
             $tablesSQL[] = $table . ' ' . $name;
         } else {
             $joinsSQL[] = 'JOIN ' . $table . ' ' . $name . ' ON ' . $name . '.`id` = u.`id`';
         }
     }
     // Build the search criteria:
     $searchValues = new stdClass();
     $searchesFromFields = $tabs->applySearchableContents($searchableFields, $searchValues, $postData, $params->get('list_compare_types', 0));
     $whereFields = $searchesFromFields->reduceSqlFormula($tableReferences, $joinsSQL, true);
     if ($whereFields) {
         $tablesWhereSQL[] = '(' . $whereFields . ')';
     }
     $_PLUGINS->trigger('onBeforeUsersListBuildQuery', array(&$tablesSQL, &$joinsSQL, &$tablesWhereSQL));
     // Construct the FROM and WHERE for the userlist query:
     $queryFrom = "FROM " . implode(', ', $tablesSQL) . (count($joinsSQL) ? "\n " . implode("\n ", $joinsSQL) : '') . "\n WHERE " . implode("\n AND ", $tablesWhereSQL) . " " . $filterBy;
     $_PLUGINS->trigger('onBeforeUsersListQuery', array(&$queryFrom, 1, $listId));
     // $ui = 1 (frontend)
     $errorMsg = null;
     // Checks if the list is being actively searched and it allows searching; otherwise reset back to normal:
     $searchCount = count(get_object_vars($searchValues));
     if ($params->get('list_search', 1) > 0 && $params->get('list_search_empty', 0) && !$searchCount) {
         $searchMode = 1;
         $listAll = false;
     } else {
         $listAll = $searchCount ? true : false;
     }
     if ($searchMode == 0 || $searchMode == 1 && $searchCount || $searchMode == 2) {
         // Prepare the userlist count query for pagination:
         $_CB_database->setQuery("SELECT COUNT( DISTINCT u.id ) " . $queryFrom);
         $total = $_CB_database->loadResult();
         if ($limit > $total || $limitstart >= $total) {
             $limitstart = 0;
         }
         // Prepare the actual userlist query to build a list of users:
         $query = "SELECT DISTINCT ue.*, u.*, '' AS 'NA' " . ($fieldsSQL ? ", " . $fieldsSQL . " " : '') . $queryFrom . " " . $orderBy;
         $_CB_database->setQuery($query, (int) $limitstart, (int) $limit);
         /** @var UserTable[] $users */
         $users = $_CB_database->loadObjectList(null, '\\CB\\Database\\Table\\UserTable', array($_CB_database));
         if (!$_CB_database->getErrorNum()) {
             $profileLink = $params->get('allow_profilelink', 1);
             // If users exist lets cache them and disable profile linking if necessary:
             if ($users) {
                 foreach (array_keys($users) as $k) {
                     // Add this user to cache:
                     CBuser::setUserGetCBUserInstance($users[$k]);
                     if (!$profileLink) {
                         $users[$k]->set('_allowProfileLink', 0);
                     }
                 }
             }
         } else {
             $errorMsg = CBTxt::T('UE_ERROR_IN_QUERY_TURN_SITE_DEBUG_ON_TO_VIEW', 'There is an error in the database query. Site admin can turn site debug to on to view and fix the query.');
         }
         if ($searchCount) {
             $search = '';
         } else {
             $search = null;
         }
         if ($search === null && ($searchMode == 1 && $searchCount || $searchMode == 2)) {
             $search = '';
         }
     } else {
         $total = 0;
         $users = array();
         if ($search === null) {
             $search = '';
         }
     }
     $pageNav = new cbPageNav($total, $limitstart, $limit);
     HTML_comprofiler::usersList($row, $users, $columns, $fields, $input, $search, $searchMode, $pageNav, $user, $searchableFields, $searchValues, $tabs, $errorMsg, $listAll, $random);
 }