function userProfile($option, $uid, $submitvalue) { global $_REQUEST, $ueConfig, $_CB_framework, $_PLUGINS; if (isset($_REQUEST['user'])) { if (!CBuser::getMyInstance()->authoriseView('profile', $uid)) { if ($_CB_framework->myId() < 1 && !($_CB_framework->getCfg('allowUserRegistration') == '0' && (!isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1')) && allowAccess($ueConfig['allow_profileviewbyGID'], 'RECURSE', $_CB_framework->acl->get_group_id('Registered', 'ARO'))) { echo _UE_REGISTERFORPROFILEVIEW; } else { echo _UE_NOT_AUTHORIZED; } return; } } else { if ($uid == 0) { echo _UE_REGISTERFORPROFILE; return; } } $user =& loadComprofilerUser($uid); if ($user === null) { echo _UE_NOSUCHPROFILE; return; } if (cbGetParam($_GET, 'reason') == 'canceledit') { if ($uid == 0) { $Euid = $_CB_framework->myId(); } else { $Euid = $uid; } $msg = cbCheckIfUserCanPerformUserTask($Euid, 'allowModeratorsUserEdit'); if ($Euid != $_CB_framework->myId() && $msg === null) { // safeguard against missconfiguration of the above: also avoids lower-level users editing higher level ones: $msg = checkCBpermissions(array((int) $Euid), 'edit', true); } if ($msg) { echo $msg; return; } $_PLUGINS->loadPluginGroup('user'); $results = $_PLUGINS->trigger('onAfterUserProfileEditCancel', array(&$user)); if ($_PLUGINS->is_errors()) { echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n"; exit; } } HTML_comprofiler::userProfile($user, $option, $submitvalue); }
function userProfile( $option, $uid, $submitvalue) { global $_REQUEST, $ueConfig, $_CB_framework; if ( isset( $_REQUEST['user'] ) ) { if ( ! allowAccess( $ueConfig['allow_profileviewbyGID'], 'RECURSE', userGID( $_CB_framework->myId() ) ) ) { if ( ( $_CB_framework->myId() < 1 ) && ( ! ( ( ( $_CB_framework->getCfg( 'allowUserRegistration' ) == '0' ) && ( ( ! isset($ueConfig['reg_admin_allowcbregistration']) ) || $ueConfig['reg_admin_allowcbregistration'] != '1' ) ) ) ) && allowAccess( $ueConfig['allow_profileviewbyGID'], 'RECURSE', $_CB_framework->acl->get_group_id('Registered','ARO') ) ) { echo _UE_REGISTERFORPROFILEVIEW; } else { echo _UE_NOT_AUTHORIZED; } return; } } else { if ($uid==0) { echo _UE_REGISTERFORPROFILE; return; } } $user =& loadComprofilerUser( $uid ); if ( $user === null ) { echo _UE_NOSUCHPROFILE; return; } HTML_comprofiler::userProfile( $user, $option, $submitvalue); }
function userProfile($option, $uid, $submitvalue) { global $_REQUEST, $ueConfig, $_CB_framework, $_PLUGINS; $msg = null; if (isset($_REQUEST['user'])) { if (!CBuser::getMyInstance()->authoriseView('profile', $uid)) { $canRegister = !isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1'; // Can the guest access once registered with default User Group ? (and doing the check only if he even can register to avoid unneeded checks) $canAccess = $canRegister && Application::CmsPermissions()->checkGroupsForViewAccessLevel($_CB_framework->getCfg('new_usertype'), Application::Config()->get('profile_viewaccesslevel', 3)); if ($_CB_framework->myId() < 1 && !($_CB_framework->getCfg('allowUserRegistration') == '0' && $canRegister) && $canAccess) { $msg = CBTxt::Th('UE_REGISTERFORPROFILEVIEW', 'Please log in or sign up to view user profiles.'); } else { $msg = CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!'); } } } else { if ($uid == 0) { $msg = CBTxt::Th('UE_REGISTERFORPROFILE', 'Please log in or sign up to view or modify your profile.'); } } $_PLUGINS->loadPluginGroup('user'); $_PLUGINS->trigger('onBeforeUserProfileAccess', array($uid, &$msg, 1)); if ($msg) { $_CB_framework->enqueueMessage($msg, 'error'); return; } $user =& loadComprofilerUser($uid); if ($user === null) { $_CB_framework->enqueueMessage(CBTxt::Th('UE_NOSUCHPROFILE', 'This profile does not exist or is no longer available'), 'error'); return; } if (cbGetParam($_GET, 'reason') == 'canceledit') { if ($uid == 0) { $Euid = $_CB_framework->myId(); } else { $Euid = $uid; } $msg = cbCheckIfUserCanPerformUserTask($Euid, 'allowModeratorsUserEdit'); if ($Euid != $_CB_framework->myId() && $msg === null) { // safeguard against missconfiguration of the above: also avoids lower-level users editing higher level ones: $msg = checkCBpermissions(array((int) $Euid), 'edit', true); } $_PLUGINS->trigger('onBeforeUserProfileEditRequest', array($Euid, &$msg, 1)); if ($msg) { $_CB_framework->enqueueMessage($msg, 'error'); return; } $_PLUGINS->trigger('onAfterUserProfileEditCancel', array(&$user)); if ($_PLUGINS->is_errors()) { echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n"; exit; } } HTML_comprofiler::userProfile($user, $option, $submitvalue); }