function handleUser() { $_GET['key'] = $this->params[1]; if (preg_match('/nick:(.*)/', $this->params[0], $m)) { $profile = new GeographUser(); $profile->loadByNickname($m[1]); $user_id = htmlentities2($m[1]); } else { $user_id = intval($this->params[0]); $profile = new GeographUser($user_id); } if ($profile->registered) { $profile->getStats(); if (isset($profile->stats) && count($profile->stats)) { $this->beginResponse(); if ($this->output == 'json') { require_once '3rdparty/JSON.php'; $json = new Services_JSON(); $obj = new EmptyClass(); $obj->user_id = $profile->user_id; $obj->realname = $profile->realname; $obj->nickname = $profile->nickname; foreach ($profile->stats as $key => $value) { if (!is_numeric($key)) { $obj->stats[$key] = $value; } } print $json->encode($obj); } else { echo '<status state="ok"/>'; echo '<user_id>' . intval($profile->user_id) . '</user_id>'; echo '<realname>' . htmlentities2($profile->realname) . '</realname>'; echo '<nickname>' . htmlentities2($profile->nickname) . '</nickname>'; echo "<stats"; foreach ($profile->stats as $key => $value) { if (!is_numeric($key)) { echo " {$key}=\"{$value}\""; } } echo " />"; } $this->endResponse(); } else { $this->error("User {$user_id} unavailable (or they have not contributed anything)"); } } else { $this->error("Invalid user id {$user_id}"); } }
# #} if ($template == 'profile.tpl') { //assume viewing logged in user $uid = $USER->user_id; //see if we were passed a param if (isset($_GET['u']) && preg_match('/^[0-9]+$/', $_GET['u'])) { $uid = $_GET['u']; } elseif (isset($_GET['id']) && preg_match('/^[0-9]+$/', $_GET['id'])) { $uid = $_GET['id']; } elseif (isset($_GET['user']) && isValidRealName($_GET['user'])) { if ($_GET['user'] == $USER->nickname) { $uid = $USER->user_id; } else { $profile = new GeographUser(); $profile->loadByNickname($_GET['user']); $uid = $profile->user_id; } if ($uid == 0) { header("HTTP/1.0 404 Not Found"); header("Status: 404 Not Found"); $smarty->display('static_404.tpl'); exit; } } if ($uid == 0 || $uid == $USER->user_id) { //no uid given, so we'll assume user was trying to access their own //profile, in which case, they must login... $USER->login(); //to reach here, user must be logged in... $uid = $USER->user_id;