$sm->assign("users", $db->getuserlist()); $sm->display("memberlist.tpl", null); } else { renderPermissionDenied(); } } else { if ($_GET['action'] == "viewprofile") { if (!isset($_GET['user'])) { die("You must specify a user!"); } if (THprofile_lcnames) { $username = strtolower($_GET['user']); } else { $username = $_GET['user']; } $user = $db->getuserdata($username); if (!$user) { die("Invalid user specified!"); } $can_access = 0; if (THprofile_viewuserpolicy == 2) { $can_access = 1; } elseif (THprofile_viewuserpolicy == 1 && isset($_SESSION['username'])) { $can_access = 1; } elseif (THprofile_viewuserpolicy == 0 && ($_SESSION['admin'] || $_SESSION['moderator'])) { $can_access = 1; } if ($can_access) { $sm = sminit("viewprofile.tpl", null, "profiles", false, false); $sm->assign("user", $user); $sm->assign("caneditprofile", $db->caneditprofile($user['username']));