public function _home() {
global $config, $user, $cache;
if (!_button()) {
return false;
}
$username = request_var('username', '');
$password = request_var('password', '');
$username = get_username_base($username);
$sql = 'SELECT user_id, username
FROM _members
WHERE username_base = ?';
if (!$userdata = sql_fieldrow(sql_filter($sql, $username))) {
fatal_error();
}
$sql = 'UPDATE _members SET user_password = ?
WHERE user_id = ?';
sql_query(sql_filter($sql, HashPassword($password), $userdata['user_id']));
return _pre('La contraseña de ' . $userdata['username'] . ' fue actualizada.', true);
}
public function _home() {
global $config, $user, $cache;
if (!_button()) {
return false;
}
$username = request_var('username', '');
if (empty($username)) {
fatal_error();
}
$username = get_username_base($username);
$sql = 'SELECT user_id
FROM _members
WHERE username_base = ?';
if (!$row = sql_fieldrow(sql_filter($sql, $username))) {
fatal_error();
}
$sql = 'DELETE FROM _members_unread
WHERE user_id = ?
AND element <> ?';
sql_query(sql_filter($sql, $row['user_id'], 16));
return _pre('Deleted', true);
}
private function create() {
$v = _request(array('username' => ''));
if (_empty($v)) return;
$v->username = get_username_base($v->username);
$sql = 'SELECT *
FROM _members
WHERE username_base = ?';
if (!$result = sql_fieldrow(sql_filter($sql, $v->username))) {
return;
}
$sql = 'SELECT *
FROM _banlist
WHERE ban_userid = ?';
if (!$ban = sql_fieldrow(sql_filter($sql, $result['user_id']))) {
$insert = array(
'ban_userid' => $result['user_id']
);
sql_insert('banlist', $insert);
$sql = 'DELETE FROM _sessions
WHERE session_user_id = ?';
sql_query(sql_filter($sql, $result['user_id']));
echo 'El usuario ' . $result['username'] . ' fue bloqueado.';
}
return true;
}
public function _home() {
global $config, $user, $cache;
if (!_button()) {
return false;
}
$username = request_var('username', '');
$username = get_username_base($username);
$sql = 'SELECT *
FROM _members
WHERE username_base = ?';
if (!$userdata = sql_fieldrow(sql_filter($sql, $username))) {
fatal_error();
}
$ary_sql = array(
'DELETE FROM _members WHERE user_id = ?',
'DELETE FROM _banlist WHERE ban_userid = ?',
'DELETE FROM _members_group WHERE user_id = ?',
'DELETE FROM _members_iplog WHERE log_user_id = ?',
'DELETE FROM _members_ref_invite WHERE invite_uid = ?',
'DELETE FROM _members_unread WHERE user_id = ?',
'DELETE FROM _poll_voters WHERE vote_user_id = ?',
'DELETE FROM _artists_auth WHERE user_id = ?',
'DELETE FROM _artists_viewers WHERE user_id = ?',
'DELETE FROM _artists_voters WHERE user_id = ?',
'DELETE FROM _dl_voters WHERE user_id = ?',
'UPDATE _members_posts SET poster_id = 1 WHERE poster_id = ?',
'UPDATE _news_posts SET poster_id = 1 WHERE poster_id = ?',
'UPDATE _artists_posts SET poster_id = 1 WHERE poster_id = ?',
'UPDATE _dl_posts SET poster_id = 1 WHERE poster_id = ?',
'UPDATE _events_posts SET poster_id = 1 WHERE poster_id = ?',
'UPDATE _forum_posts SET poster_id = 1 WHERE poster_id = ?',
'UPDATE _forum_topics SET topic_poster = 1 WHERE topic_poster = ?'
);
$sql = w();
foreach ($ary_sql as $row) {
$sql[] = sql_filter($row, $userdata['user_id']);
}
$ary_sql = array(
'DELETE FROM _members_ban WHERE user_id = ? OR banned_user = ?',
'DELETE FROM _members_friends WHERE user_id = ? OR buddy_id = ?',
'DELETE FROM _members_ref_assoc WHERE ref_uid = ? OR ref_orig = ?',
'DELETE FROM _members_viewers WHERE viewer_id = ? OR user_id = ?',
);
foreach ($ary_sql as $row) {
$sql[] = sql_filter($row, $userdata['user_id'], $userdata['user_id']);
}
sql_query($sql);
return _pre('El registro de <strong>' . $userdata['username'] . '</strong> fue eliminado.', true);
}
public function _home() {
global $config, $user, $cache;
if ($submit) {
return false;
}
$bot_name = request_var('bot_name', '');
$bot_agent = request_var('bot_agent', '');
$bot_ip = request_var('bot_ip', '');
$bot_base = get_username_base($bot_name);
$sql = 'SELECT *
FROM _bots
WHERE bot_name = ?';
$insert = true;
if ($row = sql_fieldrow(sql_filter($sql, $bot_name))) {
$insert = false;
if ($row['bot_ip'] != $bot_ip) {
$sql = 'UPDATE _bots SET bot_ip = ?
WHERE bot_id = ?';
sql_query(sql_filter($sql, $row['bot_ip'] . ',' . $bot_ip, $row['bot_id']));
}
}
if ($insert)
{
$insert_member = array(
'user_type' => 2,
'user_active' => 1,
'username' => $bot_name,
'username_base' => $bot_base,
'user_timezone' => -6.00,
'user_lang' => 'spanish'
);
$bot_id = sql_insert('members', $insert_member);
$insert_bot = array(
'bot_active' => 1,
'bot_name' => $bot_name,
'user_id' => $bot_id,
'bot_agent' => $bot_agent,
'bot_ip' => $bot_ip,
);
sql_insert('bots', $insert_bot);
}
$sql = "DELETE FROM _sessions
WHERE session_browser LIKE '%??%'";
sql_query(sql_filter($sql, $bot_name));
$cache->delete('bots');
return;
}
public function _home() {
global $config, $user, $cache;
if (!_button()) {
return false;
}
$username1 = request_var('username1', '');
$username2 = request_var('username2', '');
if (empty($username1) || empty($username2)) {
fatal_error();
}
$username_base1 = get_username_base($username1);
$username_base2 = get_username_base($username2);
$sql = 'SELECT *
FROM _members
WHERE username_base = ?';
if (!$userdata = sql_fieldrow(sql_filter($sql, $username_base1))) {
_pre('El usuario no existe.', true);
}
$sql = 'SELECT *
FROM _members
WHERE username_base = ?';
if ($void = sql_fieldrow(sql_filter($sql, $username_base2))) {
_pre('El usuario ya existe.', true);
}
//
$sql = 'UPDATE _members SET username = ?, username_base = ?
WHERE user_id = ?';
sql_query(sql_filter($sql, $username2, $username_base2, $userdata['user_id']));
$emailer = new emailer();
$emailer->from('info');
$emailer->use_template('username_change', $config['default_lang']);
$emailer->email_address($userdata['user_email']);
$emailer->assign_vars(array(
'USERNAME' => $userdata['username'],
'NEW_USERNAME' => $username2,
'U_USERNAME' => s_link('m', $username_base2))
);
$emailer->send();
$emailer->reset();
redirect(s_link('m', $username_base2));
return;
}
public function _home() {
global $config, $user, $cache;
$username = request_var('username', '');
$ip = request_var('ip', '');
if (_button() && ($username || $ip)) {
if ($username) {
$username_base = get_username_base($username);
$sql = 'SELECT m.username, l.*
FROM _members m, _members_iplog l
WHERE m.user_id = l.log_user_id
AND m.username_base = ?
ORDER BY l.log_time DESC';
$sql = sql_filter($sql, $username_base);
} else if ($ip) {
$sql = 'SELECT m.username, l.*
FROM _members m, _members_iplog l
WHERE m.user_id = l.log_user_id
AND l.log_ip = ?
ORDER BY l.log_time DESC';
$sql = sql_filter($sql, $ip);
}
$result = sql_rowset($sql);
foreach ($result as $i => $row) {
if (!$i) _style('log');
_style('log.row', array(
'UID' => $row['log_user_id'],
'USERNAME' => $row['username'],
'TIME' => $user->format_date($row['log_time']),
'ENDTIME' => (($row['log_endtime']) ? $user->format_date($row['log_endtime']) : ' '),
'DIFFTIME' => (($row['log_endtime']) ? _implode(' ', timeDiff($row['log_endtime'], $row['log_time'], true, 1)) : ' '),
'IP' => $row['log_ip'],
'AGENT' => $row['log_agent'])
);
}
}
return;
}
public function _home() {
global $config, $user, $cache;
if (!_button()) {
return false;
}
$userid = request_var('uid', 0);
$username = request_var('username', '');
$email = request_var('email', '');
if (empty($username) && empty($email) && !$userid) {
fatal_error();
}
if (!empty($email)) {
$sql = 'SELECT *
FROM _members
WHERE user_email = ?';
$sql = sql_filter($sql, $email);
} else if ($userid) {
$sql = 'SELECT *
FROM _members
WHERE user_id = ?';
$sql = sql_filter($sql, $userid);
} else {
$sql = 'SELECT *
FROM _members
WHERE username_base = ?';
$sql = sql_filter($sql, get_username_base($username));
}
if (!$userdata = sql_fieldrow($sql)) {
fatal_error();
}
foreach ($userdata as $k => $void) {
if (preg_match('#\d+#is', $k)) {
unset($userdata[$k]);
}
}
return _pre($userdata, true);
}
public function _home() {
global $config, $user, $cache;
if (!_button()) {
return false;
}
$username = request_var('username', '');
$username = get_username_base($username);
$sql = 'SELECT user_id, username
FROM _members
WHERE username_base = ?';
if (!$userdata = sql_fieldrow(sql_filter($sql, $username))) {
fatal_error();
}
$sql = 'UPDATE _members SET user_send_mass = 0
WHERE user_id = ?';
sql_query(sql_filter($sql, $userdata['user_id']));
return _pre('El usuario ' . $userdata['username'] . ' no recibira email masivo.');
}
public function _home() {
global $config, $user, $cache;
if (!_button()) {
return false;
}
$username = request_var('username', '');
$username = get_username_base($username);
$sql = 'SELECT user_id, username
FROM _members
WHERE username_base = ?';
if (!$userdata = sql_fieldrow(sql_filter($sql, $username))) {
fatal_error();
}
$sql = 'UPDATE _members SET user_sig = ?
WHERE user_id = ?';
sql_query(sql_filter($sql, '', $userdata['user_id']));
return _pre('La firma de ' . $userdata['username'] . ' ha sido borrada.', true);
}
AND vote_user_id = ?';
$user_voted = sql_field(sql_filter($sql, $vote_info[0]['vote_id'], $user->data['user_id']), 'vote_id', 0);
_style('poll', array(
'POLL_TITLE' => $vote_info[0]['vote_text'])
);
if ($user_voted) {
_style('poll.results', array());
} else {
_style('poll.options', array(
'S_VOTE_ACTION' => $topic_url)
);
for ($i = 0; $i < $vote_options; $i++) {
$subdomain = 'http://' . get_username_base($vote_info[$i]['vote_option_text']) . '.rockrepublik.net/';
_style('poll.options.item', array(
'POLL_OPTION_ID' => $vote_info[$i]['vote_option_id'],
'POLL_OPTION_CAPTION' => $vote_info[$i]['vote_option_text'],
'POLL_OPTION_LINK' => $subdomain)
);
}
}
}
}
}
$template_vars = array(
'S_TOPIC_ACTION' => $topic_url . (($start) ? 's' . $start . '/' : ''),
'U_VIEW_FORUM' => s_link('forum', $forum_id)
public function _home() {
global $config, $user, $cache, $comments;
if (!_button()) {
return false;
}
$post_mode = request_var('post_mode', 0);
$post_subject = request_var('post_subject', '');
$post_message = request_var('post_message', '', true);
$post_skip = request_var('post_skip', '', true);
$post_reply = request_var('post_reply', 0);
$post_message = $comments->prepare($post_message);
$skip_list = '';
if (!empty($post_skip)) {
$e_skip = explode(nr(), $post_skip);
foreach ($e_skip as $i => $row) {
$row = get_username_base($row);
$e_skip[$i] = "'" . sql_escape($row) . "'";
}
$sql = 'SELECT user_id
FROM _members
WHERE username_base IN (' . _implode(',', $e_skip) . ')';
$user_skip = sql_rowset($sql, false, 'user_id');
$skip_list = ' AND u.user_id NOT IN (' . _implode(', ', $user_skip) . ') ';
}
switch ($post_mode) {
case 1:
$sql = 'SELECT u.user_id, u.username
FROM _members u
WHERE u.user_type <> 2
AND u.user_id NOT IN (SELECT ban_userid FROM _banlist)
AND u.user_id <> ?' . $skip_list . '
ORDER BY u.username';
break;
case 2:
$sql = 'SELECT u.user_id, u.username
FROM _members u
WHERE u.user_type = 6
AND u.user_id NOT IN (SELECT ban_userid FROM _banlist)
AND u.user_id <> ' . $skip_list . '
ORDER BY u.username';
break;
case 3:
$sql = 'SELECT u.user_id, u.username
FROM _members_friends b, _members u
WHERE b.buddy_id = ' . $skip_list . '
AND b.user_id = u.user_id
AND u.user_id NOT IN (SELECT ban_userid FROM _banlist)
ORDER BY u.username';
break;
}
$result = sql_rowset(sql_filter($sql, $user->d('user_id')));
foreach ($result as $row) {
$row_message = str_replace('[username]', $row['username'], $post_message);
$insert = array(
'privmsgs_subject' => $post_subject,
'privmsgs_from_userid' => (int) $user->d('user_id'),
'privmsgs_to_userid' => (int) $row['user_id'],
'privmsgs_date' => $user->time,
'msg_ip' => $user->ip,
'msg_can_reply' => (int) $post_reply,
'privmsgs_mass' => 1,
'privmsgs_text' => $row_message
);
$dc_id = sql_insert('dc', $insert);
$sql = 'UPDATE _dc SET parent_id = ?, last_msg_id = ?, msg_deleted = ?
WHERE msg_id = ?';
sql_query(sql_filter($sql, $dc_id, $dc_id, $user->d('user_id'), $dc_id));
$user->save_unread(UH_NOTE, $dc_id, 0, $row['user_id']);
echo $row['username'] . '<br />';
flush();
}
return;
}
private function conversations() {
if (_button('cancel')) {
redirect(s_link('my dc'));
}
global $config, $user, $cache, $comments;
// TODO: New conversation system
// /my/dc/(page)/(selected)/(username)/
$this->conversations_delete();
$submit = _button('post');
$msg_id = request_var('p', 0);
$mode = request_var('mode', '');
$error = w();
if ($submit || $mode == 'start' || $mode == 'reply') {
$member = '';
$dc_subject = '';
$dc_message = '';
if ($submit) {
if ($mode == 'reply') {
$parent_id = request_var('parent', 0);
$sql = 'SELECT *
FROM _dc
WHERE msg_id = ?
AND (privmsgs_to_userid = ? OR privmsgs_from_userid = ?)';
if (!$to_userdata = sql_fieldrow(sql_filter($sql, $parent_id, $user->d('user_id'), $user->d('user_id')))) {
fatal_error();
}
$privmsgs_to_userid = ($user->d('user_id') == $to_userdata['privmsgs_to_userid']) ? 'privmsgs_from_userid' : 'privmsgs_to_userid';
$to_userdata['user_id'] = $to_userdata[$privmsgs_to_userid];
} else {
$member = request_var('member', '');
if (!empty($member)) {
$member = get_username_base($member, true);
if ($member !== false) {
$sql = 'SELECT user_id, username, username_base, user_email
FROM _members
WHERE username_base = ?
AND user_type <> ?';
if (!$to_userdata = sql_fieldrow(sql_filter($sql, $member, USER_INACTIVE))) {
$error[] = 'NO_SUCH_USER';
}
if (!sizeof($error) && $to_userdata['user_id'] == $user->d('user_id')) {
$error[] = 'NO_AUTO_DC';
}
} else {
$error[] = 'NO_SUCH_USER';
$member = '';
}
} else {
$error[] = 'EMPTY_USER';
}
}
if (isset($to_userdata) && isset($to_userdata['user_id'])) {
// Check blocked member
$sql = 'SELECT ban_id
FROM _members_ban
WHERE user_id = ?
AND banned_user = ?';
if ($ban_profile = sql_fieldrow(sql_filter($sql, $to_userdata['user_id'], $user->d('user_id')))) {
$error[] = 'BLOCKED_MEMBER';
}
}
$dc_message = request_var('message', '');
if (empty($dc_message)) {
$error[] = 'EMPTY_MESSAGE';
}
if (!sizeof($error)) {
$dc_id = $comments->store_dc($mode, $to_userdata, $user->d(), $dc_subject, $dc_message, true, true);
redirect(s_link('my dc read', $dc_id) . '#' . $dc_id);
}
}
}
//
// Start error handling
//
if (sizeof($error)) {
_style('error', array(
'MESSAGE' => parse_error($error))
);
if ($mode == 'reply') {
$mode = 'read';
}
}
$s_hidden_fields = w();
switch ($mode) {
case 'start':
//
// Start new conversation
//
if (!$submit) {
$member = request_var('member', '');
if ($member != '') {
$member = get_username_base($member);
$sql = 'SELECT user_id, username, username_base
FROM _members
WHERE username_base = ?
AND user_type <> ?';
$row = sql_fieldrow(sql_filter($sql, $member, USER_INACTIVE));
}
}
_style('dc_start', array(
'MEMBER' => $member,
'SUBJECT' => $dc_subject,
'MESSAGE' => $dc_message)
);
$s_hidden_fields = array('mode' => 'start');
break;
case 'read':
//
// Show selected conversation
//
if (!$msg_id) {
fatal_error();
}
$sql = 'SELECT *
FROM _dc
WHERE msg_id = ?
AND (privmsgs_to_userid = ? OR privmsgs_from_userid = ?)
AND msg_deleted <> ?';
if (!$msg_data = sql_fieldrow(sql_filter($sql, $msg_id, $user->d('user_id'), $user->d('user_id'), $user->d('user_id')))) {
fatal_error();
}
//
// Get all messages for this conversation
//
$sql = 'SELECT c.*, m.user_id, m.username, m.username_base, m.user_avatar, m.user_sig, m.user_rank, m.user_gender, m.user_posts
FROM _dc c, _members m
WHERE c.parent_id = ?
AND c.privmsgs_from_userid = m.user_id
ORDER BY c.privmsgs_date';
if (!$result = sql_rowset(sql_filter($sql, $msg_data['parent_id']))) {
fatal_error();
}
$with_user = $msg_data['privmsgs_to_userid'];
if ($with_user == $user->d('user_id')) {
$with_user = $msg_data['privmsgs_from_userid'];
}
$sql = 'SELECT username
FROM _members
WHERE user_id = ?';
$with_username = sql_field(sql_filter($sql, $with_user), 'username', '');
_style('conv', array(
'URL' => s_link('my dc'),
'SUBJECT' => $with_username,
'CAN_REPLY' => $result[0]['msg_can_reply'],)
);
foreach ($result as $row) {
$user_profile = $comments->user_profile($row);
_style('conv.row', array(
'USERNAME' => $user_profile['username'],
'AVATAR' => $user_profile['user_avatar'],
'SIGNATURE' => ($row['user_sig'] != '') ? $comments->parse_message($row['user_sig']) : '',
'PROFILE' => $user_profile['profile'],
'MESSAGE' => $comments->parse_message($row['privmsgs_text']),
'POST_ID' => $row['msg_id'],
'POST_DATE' => $user->format_date($row['privmsgs_date']))
);
}
$s_hidden_fields = array('mark[]' => $msg_data['parent_id'], 'p' => $msg_id, 'parent' => $msg_data['parent_id'], 'mode' => 'reply');
break;
default:
//
// Get all conversations for this member
//
$offset = request_var('offset', 0);
$sql = 'SELECT COUNT(c.msg_id) AS total
FROM _dc c, _dc c2, _members m, _members m2
WHERE (c.privmsgs_to_userid = ? OR c.privmsgs_from_userid = ?)
AND c.msg_id = c.parent_id
AND c.msg_deleted <> ?
AND c.privmsgs_from_userid = m.user_id
AND c.privmsgs_to_userid = m2.user_id
AND (IF(c.last_msg_id,c.last_msg_id,c.msg_id) = c2.msg_id)';
$total_conv = sql_field(sql_filter($sql, $user->d('user_id'), $user->d('user_id'), $user->d('user_id')), 'total', 0);
$sql = 'SELECT c.msg_id, c.parent_id, c.last_msg_id, c.root_conv, c.privmsgs_date, c.privmsgs_subject, c2.privmsgs_date as last_privmsgs_date, m.user_id, m.username, m.username_base, m2.user_id as user_id2, m2.username as username2, m2.username_base as username_base2
FROM _dc c, _dc c2, _members m, _members m2
WHERE (c.privmsgs_to_userid = ? OR c.privmsgs_from_userid = ?)
AND c.msg_id = c.parent_id
AND c.msg_deleted <> ?
AND c.privmsgs_from_userid = m.user_id
AND c.privmsgs_to_userid = m2.user_id
AND (IF(c.last_msg_id,c.last_msg_id,c.msg_id) = c2.msg_id)
ORDER BY c2.privmsgs_date DESC
LIMIT ??, ??';
if ($result = sql_rowset(sql_filter($sql, $user->d('user_id'), $user->d('user_id'), $user->d('user_id'), $offset, $config['posts_per_page']))) {
_style('messages');
foreach ($result as $row) {
$dc_with = ($user->d('user_id') == $row['user_id']) ? '2' : '';
if (!$row['last_msg_id']) {
$row['last_msg_id'] = $row['msg_id'];
$row['last_privmsgs_date'] = $row['privmsgs_date'];
}
$dc_subject = 'Conversación con ' . $row['username'.$dc_with];
_style('messages.item', array(
'S_MARK_ID' => $row['parent_id'],
'SUBJECT' => $dc_subject,
'U_READ' => s_link('my dc read', $row['last_msg_id']) . '#' . $row['last_msg_id'],
'POST_DATE' => $user->format_date($row['last_privmsgs_date'], 'j F Y \a \l\a\s H:i') . ' horas.',
'ROOT_CONV' => $row['root_conv'],
'DC_USERNAME' => $row['username' . $dc_with],
'DC_PROFILE' => s_link('m', $row['username_base' . $dc_with]))
);
}
build_num_pagination(s_link('my dc s%d'), $total_conv, $config['posts_per_page'], $offset);
} else if ($total_conv) {
redirect(s_link('my dc'));
} else {
_style('no_messages');
}
_style('dc_total', array(
'TOTAL' => $total_conv)
);
break;
}
//
// Get friends for this member
//
$sql = 'SELECT DISTINCT m.user_id, m.username, m.username_base
FROM _members_friends f, _members m
WHERE (f.user_id = ? AND f.buddy_id = m.user_id)
OR (f.buddy_id = ? AND f.user_id = m.user_id)
ORDER BY m.username';
if ($result = sql_rowset(sql_filter($sql, $user->d('user_id'), $user->d('user_id')))) {
_style('sdc_friends', array(
'DC_START' => s_link('my dc start'))
);
foreach ($result as $row) {
_style('sdc_friends.item', array(
'USERNAME' => $row['username'],
'URL' => s_link('my dc start', $row['username_base']))
);
}
}
//
// Output template
//
$page_title = ($mode == 'read') ? lang('dconv_read') : lang('dconvs');
$layout_vars = array(
'L_CONV' => $page_title,
'S_ACTION' => s_link('my dc'),
'S_HIDDEN_FIELDS' => s_hidden($s_hidden_fields)
);
page_layout($page_title, 'conversations', $layout_vars);
}
function username_search($search_match)
{
global $config, $template, $lang, $images, $themeset, $starttime, $gen_simple_header, $admin_level, $level_prior;
$gen_simple_header = true;
$username_list = '';
if (!empty($search_match)) {
$username_search = preg_replace('/\*/', '%', get_username_base($search_match));
$sql = 'SELECT username
FROM _members
WHERE username LIKE ?
AND user_id <> ?
ORDER BY username';
if (!$result = sql_rowset(sql_filter($sql, $username_search, GUEST))) {
$username_list .= '<option>' . $lang['No_match']. '</option>';
}
foreach ($result as $row) {
$username_list .= '<option value="' . $row['username'] . '">' . $row['username'] . '</option>';
}
}
$template->set_filenames(array(
'body' => 'search_username.htm')
);
v_style(array(
'USERNAME' => (!empty($search_match)) ? get_username_base($search_match) : '',
'L_CLOSE_WINDOW' => $lang['Close_window'],
'L_SEARCH_USERNAME' => $lang['Find_username'],
'L_UPDATE_USERNAME' => $lang['Select_username'],
'L_SELECT' => $lang['Select'],
'L_SEARCH' => $lang['Search'],
'L_SEARCH_EXPLAIN' => $lang['Search_author_explain'],
'L_CLOSE_WINDOW' => $lang['Close_window'],
'S_USERNAME_OPTIONS' => $username_list,
'S_SEARCH_ACTION' => "search.php?mode=searchuser")
);
if ($username_list != '') {
_style('switch_select_name');
}
return page_footer();
}
}
if ( !$is_moderator )
{
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3;url=' . s_link('cover') . '">')
);
$message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . s_link('cover') . '">', '</a>');
trigger_error($message);
}
if ( isset($_POST['add']) )
{
$username = ( isset($_POST['username']) ) ? get_username_base($_POST['username']) : '';
$result = $db->sql_query("SELECT user_id, user_email, user_lang, user_level FROM _members WHERE username = '******'", "''", $username) . "'");
if ( !($row = $db->sql_fetchrow($result)) )
{
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3;url=' . "groupcp.php?g=$group_id" . '">')
);
$message = $lang['Could_not_add_user'] . "<br /><br />" . sprintf($lang['Click_return_group'], "<a href=\"" . "groupcp.php?g=$group_id" . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_index'], "<a href=\"" . s_link('cover') . "\">", "</a>");
trigger_error($message);
}
if ( $row['user_id'] == GUEST )
public function _home() {
global $config, $user, $cache;
if (!_button()) {
$sql = 'SELECT *
FROM _team
ORDER BY team_name';
$result = sql_rowset($sql);
foreach ($result as $i => $row) {
if (!$i) _style('team');
_style('team.row', array(
'TEAM_ID' => $row['team_id'],
'TEAM_NAME' => $row['team_name'])
);
}
return false;
}
$team = request_var('team', 0);
$username = request_var('username', '');
$username = get_username_base($username);
$realname = request_var('realname', '');
$ismod = request_var('ismod', 0);
$sql = 'SELECT *
FROM _team
WHERE team_id = ?';
if (!$teamd = sql_fieldrow(sql_filter($sql, $team))) {
fatal_error();
}
$sql = 'SELECT user_id, username
FROM _members
WHERE username_base = ?';
if (!$userdata = sql_fieldrow(sql_filter($sql, $username))) {
fatal_error();
}
$insert = true;
$sql = 'SELECT *
FROM _team_members
WHERE team_id = ?
AND member_id = ?';
if ($row = sql_fieldrow(sql_filter($sql, $team, $userdata['user_id']))) {
if ($ismod && !$row['member_mod']) {
$sql = 'UPDATE _team_members SET member_mod = 1
WHERE team_id = ?
AND member_id = ?';
sql_query(sql_filter($sql, $team, $userdata['user_id']));
}
$insert = false;
}
if ($insert)
{
$insert = array(
'team_id' => $team,
'member_id' => $userdata['user_id'],
'real_name' => $realname,
'member_mod' => $ismod
);
sql_insert('team_members', $insert);
}
$cache->delete('team team_all team_members team_mod team_radio team_colab');
return _pre('El usuario <strong>' . $userdata['username'] . '</strong> fue agregado al grupo <strong>' . $teamd['team_name'] . '</strong>.', true);
}
$a_topics = array();
foreach ($result as $row) {
$topic_id = $row['topic_id'];
echo '<strong>' . $row['topic_title'] . '</strong><br /><blockquote>';
$sql = 'SELECT vd.vote_id, vd.vote_text, vd.vote_start, vd.vote_length, vr.vote_option_id, vr.vote_option_text, vr.vote_result
FROM _poll_options vd, _poll_results vr
WHERE vd.topic_id = ?
AND vr.vote_id = vd.vote_id
ORDER BY vr.vote_option_order, vr.vote_option_id ASC';
$result2 = sql_rowset(sql_filter($sql, $topic_id));
foreach ($result2 as $row) {
$subdomain = get_username_base($row['vote_option_text']);
echo '<h1>' . ucwords($subdomain) . '</h1><br /><blockquote>';
$sql = 'SELECT *
FROM _artists
WHERE subdomain = ?';
$row3 = sql_fieldrow(sql_filter($sql, $subdomain));
$sql = 'SELECT m.username, m.user_email
FROM _artists_auth a, _members m
WHERE a.ub = ' . (int) $row3['ub'] . '
AND a.user_id = m.user_id
ORDER BY username';
$result4 = sql_rowset(sql_filter($sql, $row3['ub']));
public function _home() {
global $config, $user, $cache;
$user_id = request_var('uid', 0);
if (_button() || $user_id)
{
$username = request_var('username', '');
$user_email = request_var('user_email', '');
if ($user_id) {
$sql = 'SELECT *
FROM _members
WHERE user_id = ';
$sql = sql_filter($sql, $user_id);
} else if (!empty($username)) {
$username = get_username_base($username);
$sql = 'SELECT *
FROM _members
WHERE username_base = ?';
$sql = sql_filter($sql, $username);
} else {
$sql = 'SELECT *
FROM _members
WHERE user_email = ?';
$sql = sql_filter($sql, $user_email);
}
if (!$userdata = sql_fieldrow($sql)) {
exit;
}
//
$user_id = $userdata['user_id'];
$sql = 'UPDATE _members SET user_type = ?
WHERE user_id = ?';
sql_query(sql_filter($sql, USER_NORMAL, $user_id));
$sql = 'DELETE FROM _crypt_confirm WHERE crypt_code = ?
AND crypt_userid = ?';
sql_query(sql_filter($sql, $code, $user_id));
$emailer = new emailer();
$emailer->from('info');
$emailer->use_template('user_welcome_confirm');
$emailer->email_address($userdata['user_email']);
$emailer->assign_vars(array(
'USERNAME' => $userdata['username'])
);
$emailer->send();
$emailer->reset();
_pre('La cuenta de <strong>' . $userdata['username'] . '</strong> ha sido activada.', true);
}
$sql = 'SELECT *
FROM _members
WHERE user_type = 1
ORDER BY username';
$result = sql_rowset($sql);
foreach ($result as $i => $row) {
if (!$i) _style('list');
_style('list.row', array(
'LINK' => s_link($this->name, $row['user_id']),
'USERNAME' => $row['username'],
'EMAIL' => $row['user_email'],
'DATE' => $row['user_regdate'],
'IP' => $row['user_regip'])
);
}
return;
}
public function _home() {
global $config, $user, $cache;
if (!_button()) {
return;
}
$v = _request(array('name' => '', 'base' => '', 'genre' => '', 'start' => 0, 'end' => 0, 'day' => 0, 'dj' => ''));
$sql = 'SELECT show_id
FROM _radio
WHERE show_base = ?';
if ($row = sql_fieldrow(sql_filter($sql, $v->base))) {
//_pre('El programa ya existe', true);
}
$time_start = mktime($v->start - $user->d('user_timezone'), 0, 0, 0, 0, 0);
$time_end = mktime($v->end - $user->d('user_timezone'), 0, 0, 0, 0, 0);
$v->start = date('H', $time_start);
$v->end = date('H', $time_end);
$dj_list = $v->dj;
unset($v->dj);
foreach ($v as $vv => $d) {
$v->{'show_' . $vv} = $d;
unset($v->$vv);
}
$show_id = sql_insert('radio', $v);
$e_dj = explode(nr(), $dj_list);
foreach ($e_dj as $rowu) {
$rowu = get_username_base($rowu);
$sql = 'SELECT *
FROM _members
WHERE username = ?';
if ($row = sql_fieldrow(sql_filter($sql, $rowu))) {
$sql_insert = array(
'dj_show' => $show_id,
'dj_uid' => $row['user_id']
);
sql_insert('radio_dj', $sql_insert);
$sql = 'SELECT *
FROM _team_members
WHERE team_id = 4
AND member_id = ?';
if (!$row2 = sql_fieldrow(sql_filter($sql, $row['user_id']))) {
$sql_insert = array(
'team_id' => 4,
'member_id' => $row['user_id'],
'real_name' => '',
'member_mod' => 0
);
sql_insert('team_members', $sql_insert);
}
}
}
$cache->delete('team_members');
return;
}
public function _home() {
global $config, $user, $cache;
if (!_button()) {
return false;
}
$request = _request(array('name' => '', 'local' => 0, 'location' => '', 'genre' => '', 'email' => '', 'www' => '', 'mods' => ''));
$request->subdomain = get_subdomain($request->name);
if (!$request->name) {
_pre('Ingresa el nombre del artista.', true);
}
$sql_insert = array(
'a_active' => 1,
'subdomain' => $request->subdomain,
'name' => $request->name,
'local' => (int) $request->local,
'datetime' => time(),
'location' => $request->location,
'genre' => $requeset->genre,
'email' => $request->email,
'www' => str_replace('http://', '', $request->www)
);
$artist_id = sql_insert('artists', $sql_insert);
// Cache
$cache->delete('ub_list a_records ai_records a_recent');
set_config('max_artists', $config['max_artists'] + 1);
// Create directories
artist_check($artist_id);
artist_check($artist_id . ' gallery');
artist_check($artist_id . ' media');
artist_check($artist_id . ' thumbnails');
artist_check($artist_id . ' x1');
// Mods
if (!empty($request->mods)) {
$usernames = w();
$a_mods = explode(nr(), $request->mods);
foreach ($a_mods as $each) {
$username_base = get_username_base($each);
$sql = 'SELECT *
FROM _members
WHERE username_base = ?
AND user_type <> ?
AND user_id <> ?';
if (!$userdata = sql_fieldrow(sql_filter($sql, $username_base, USER_INACTIVE, 1))) {
continue;
}
$sql_insert = array(
'ub' => $artist_id,
'user_id' => $userdata['user_id']
);
sql_insert('artists_auth', $sql_insert);
//
$update = array('user_type' => USER_ARTIST, 'user_auth_control' => 1);
if (!$userdata['user_rank']) {
$update['user_rank'] = (int) $config['default_a_rank'];
}
$sql = 'UPDATE _members SET ??
WHERE user_id = ?
AND user_type NOT IN (??, ??)';
sql_query(sql_filter($sql, sql_build('UPDATE', $update), $userdata['user_id'], USER_INACTIVE, USER_FOUNDER));
}
redirect(s_link('a', $subdomain));
}
}
public function members_icon() {
global $config;
if (preg_match_all('#\:i([0-9a-zA-Z\_\- ]+)\:#si', $this->message, $match)) {
$orig = $repl = w();
$formats = w('.jpg .gif .png');
$avatar_format = '<a href="%s" title="%s"><img src="%s" /></a>';
foreach ($match[1] as $orig_member) {
$member = get_username_base($orig_member);
if (!isset($this->options['icons'][$member])) {
foreach ($formats as $format) {
$icon_file = get_user_avatar($member, 2, $format);
$abs_user_avatar = get_user_avatar($member, 2, $format, true);
if (@file_exists($abs_user_avatar)) {
$this->options['icons'][$member] = sprintf($avatar_format, s_link('m', $member), $orig_member, $icon_file);
break;
}
}
}
$orig[] = ':i' . $orig_member . ':';
$repl[] = (isset($this->options['icons'][$member])) ? $this->options['icons'][$member] : '<a href="' . s_link('m', get_username_base($orig_member)) . '">' . $orig_member . '</a>';
}
$this->message = str_replace($orig, $repl, $this->message);
}
return;
}
function validate_username($username) {
global $user;
// Remove doubled up spaces
$username = preg_replace('#\s+#', ' ', trim($username));
$username = get_username_base($username);
$sql = 'SELECT username
FROM _members
WHERE LOWER(username_base) = ?';
if ($userdata = sql_fieldrow(sql_filter($sql, strtolower($username)))) {
if (($user->is('member') && $username != $userdata['username']) || !$user->is('member')) {
return array('error' => true, 'error_msg' => lang('username_taken'));
}
}
$sql = 'SELECT group_name
FROM _groups
WHERE LOWER(group_name) = ?';
if (sql_fieldrow(sql_filter($sql, strtolower($username)))) {
return array('error' => true, 'error_msg' => lang('username_taken'));
}
$sql = 'SELECT disallow_username
FROM _disallow';
$result = sql_rowset($sql);
foreach ($result as $row) {
if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['disallow_username'], '#')) . ")\b#i", $username)) {
return array('error' => true, 'error_msg' => lang('username_disallowed'));
}
}
// Don't allow " and ALT-255 in username.
if (strstr($username, '"') || strstr($username, '�') || strstr($username, '�') || strstr($username, '"') || strstr($username, chr(160))) {
return array('error' => true, 'error_msg' => lang('username_invalid'));
}
return array('error' => false, 'error_msg' => '');
}