$sm->assign("users", $db->getuserlist());
$sm->display("memberlist.tpl", null);
} else {
renderPermissionDenied();
}
} else {
if ($_GET['action'] == "viewprofile") {
if (!isset($_GET['user'])) {
die("You must specify a user!");
}
if (THprofile_lcnames) {
$username = strtolower($_GET['user']);
} else {
$username = $_GET['user'];
}
$user = $db->getuserdata($username);
if (!$user) {
die("Invalid user specified!");
}
$can_access = 0;
if (THprofile_viewuserpolicy == 2) {
$can_access = 1;
} elseif (THprofile_viewuserpolicy == 1 && isset($_SESSION['username'])) {
$can_access = 1;
} elseif (THprofile_viewuserpolicy == 0 && ($_SESSION['admin'] || $_SESSION['moderator'])) {
$can_access = 1;
}
if ($can_access) {
$sm = sminit("viewprofile.tpl", null, "profiles", false, false);
$sm->assign("user", $user);
$sm->assign("caneditprofile", $db->caneditprofile($user['username']));
