Exemplo n.º 1
0
/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @return   string          HTML for user profile page
*
*/
function userprofile()
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN;
    // @param    int     $user   User ID of profile to get
    // @param    int     $msg    Message to display (if != 0)
    // @param    string  $plugin optional plugin name for message
    $retval = '';
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
        $retval .= SEC_loginRequiredForm();
        return $retval;
    }
    if (isset($_GET['uid'])) {
        $user = COM_applyFilter($_GET['uid'], true);
        if (!is_numeric($user) || $user < 2) {
            echo COM_refresh($_CONF['site_url'] . '/index.php');
        }
    } else {
        if (isset($_GET['username'])) {
            $username = $_GET['username'];
            if (!USER_validateUsername($username, 1)) {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
            }
            if (empty($username) || $username == '') {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
            }
            $username = DB_escapeString($username);
            $user = DB_getItem($_TABLES['users'], 'uid', "username = '******'");
            if ($user < 2) {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
            }
        } else {
            echo COM_refresh($_CONF['site_url'] . '/index.php');
        }
    }
    $msg = 0;
    if (isset($_GET['msg'])) {
        $msg = COM_applyFilter($_GET['msg'], true);
    }
    $plugin = '';
    if ($msg > 0 && isset($_GET['plugin'])) {
        $plugin = COM_applyFilter($_GET['plugin']);
    }
    $result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,lastlogin,homepage,about,location,pgpkey,photo,email,status,emailfromadmin,emailfromuser,showonline FROM {$_TABLES['userinfo']},{$_TABLES['userprefs']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['userinfo']}.uid = {$_TABLES['userprefs']}.uid AND {$_TABLES['users']}.uid = " . (int) $user);
    $nrows = DB_numRows($result);
    if ($nrows == 0) {
        // no such user
        echo COM_refresh($_CONF['site_url'] . '/index.php');
    }
    $A = DB_fetchArray($result);
    if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) {
        COM_displayMessageAndAbort(30, '', 403, 'Forbidden');
    }
    $display_name = @htmlspecialchars(COM_getDisplayName($user, $A['username'], $A['fullname']), ENT_COMPAT, COM_getEncodingt());
    if ($msg > 0) {
        $retval .= COM_showMessage($msg, $plugin, '', 0, 'info');
    }
    // format date/time to user preference
    $curtime = COM_getUserDateTimeFormat($A['regdate']);
    $A['regdate'] = $curtime[0];
    $user_templates = new Template($_CONF['path_layout'] . 'users');
    $user_templates->set_file(array('profile' => 'profile.thtml', 'email' => 'email.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
    $user_templates->set_var('layout_url', $_CONF['layout_url']);
    $user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
    $user_templates->set_var('end_block', COM_endBlock());
    $user_templates->set_var('lang_username', $LANG04[2]);
    $user_templates->set_var('tooltip', COM_getTooltipStyle());
    if ($_CONF['show_fullname'] == 1) {
        if (empty($A['fullname'])) {
            $username = $A['username'];
            $fullname = '';
        } else {
            $username = $A['fullname'];
            $fullname = $A['username'];
        }
    } else {
        $username = $A['username'];
        $fullname = '';
    }
    $username = @htmlspecialchars($username, ENT_COMPAT, COM_getEncodingt());
    $fullname = @htmlspecialchars($fullname, ENT_COMPAT, COM_getEncodingt());
    if ($A['status'] == USER_ACCOUNT_DISABLED) {
        $username = sprintf('%s - %s', $username, $LANG28[42]);
        if (!empty($fullname)) {
            $fullname = sprintf('% - %s', $fullname, $LANG28[42]);
        }
    }
    $user_templates->set_var('username', $username);
    $user_templates->set_var('user_fullname', $fullname);
    if (SEC_hasRights('user.edit') || isset($_USER['uid']) && $_USER['uid'] == $A['uid']) {
        global $_IMAGE_TYPE, $LANG_ADMIN;
        $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '" />';
        if ($_USER['uid'] == $A['uid']) {
            $edit_url = "{$_CONF['site_url']}/usersettings.php";
        } else {
            $edit_url = "{$_CONF['site_admin_url']}/user.php?edit=x&amp;uid={$A['uid']}";
        }
        $edit_link_url = COM_createLink($edit_icon, $edit_url);
        $user_templates->set_var('edit_icon', $edit_icon);
        $user_templates->set_var('edit_link', $edit_link_url);
        $user_templates->set_var('user_edit', $edit_url);
    } else {
        $user_templates->set_var('user_edit', '');
    }
    if (isset($A['photo']) && empty($A['photo'])) {
        $A['photo'] = '(none)';
        // user does not have a photo
    }
    $lastlogin = $A['lastlogin'];
    $lasttime = COM_getUserDateTimeFormat($lastlogin);
    $photo = USER_getPhoto($user, $A['photo'], $A['email'], -1, 0);
    $user_templates->set_var('user_photo', $photo);
    $user_templates->set_var('lang_membersince', $LANG04[67]);
    $user_templates->set_var('user_regdate', $A['regdate']);
    if ($_CONF['lastlogin'] && $A['showonline']) {
        $user_templates->set_var('lang_lastlogin', $LANG28[35]);
        if (!empty($lastlogin)) {
            $user_templates->set_var('user_lastlogin', $lasttime[0]);
        } else {
            $user_templates->set_var('user_lastlogin', $LANG28[36]);
        }
    }
    if ($A['showonline']) {
        if (DB_count($_TABLES['sessions'], 'uid', (int) $user)) {
            $user_templates->set_var('online', 'online');
        }
    }
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('user_id', $user);
    if ($A['email'] == '' || $A['emailfromuser'] == 0) {
        $user_templates->set_var('email_option', '');
    } else {
        $user_templates->set_var('lang_sendemail', $LANG04[81]);
        $user_templates->parse('email_option', 'email', true);
    }
    $user_templates->set_var('lang_homepage', $LANG04[6]);
    $user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
    $user_templates->set_var('lang_location', $LANG04[106]);
    $user_templates->set_var('user_location', strip_tags($A['location']));
    $user_templates->set_var('lang_online', $LANG04[160]);
    $user_templates->set_var('lang_bio', $LANG04[7]);
    $user_templates->set_var('user_bio', nl2br($A['about']));
    $user_templates->set_var('follow_me', SOC_getFollowMeIcons($user, 'follow_user_profile.thtml'));
    $user_templates->set_var('lang_pgpkey', $LANG04[8]);
    $user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
    $user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
    if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
        $user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
    }
    $user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
    $user_templates->set_var('lang_title', $LANG09[16]);
    $user_templates->set_var('lang_date', $LANG09[17]);
    // for alternative layouts: use these as headlines instead of block titles
    $user_templates->set_var('headline_last10stories', $LANG04[82] . ' ' . $display_name);
    if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
        $user_templates->set_var('headline_last10comments', $LANG04[10] . ' ' . $display_name);
    }
    $user_templates->set_var('headline_postingstats', $LANG04[83] . ' ' . $display_name);
    $result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
    $nrows = DB_numRows($result);
    $tids = array();
    for ($i = 0; $i < $nrows; $i++) {
        $T = DB_fetchArray($result);
        $tids[] = $T['tid'];
    }
    $topics = "'" . implode("','", $tids) . "'";
    // list of last 10 stories by this user
    if (sizeof($tids) > 0) {
        $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = '" . (int) $user . "') AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
        $sql .= " ORDER BY unixdate DESC LIMIT 10";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
    } else {
        $nrows = 0;
    }
    if ($nrows > 0) {
        for ($i = 0; $i < $nrows; $i++) {
            $C = DB_fetchArray($result);
            $user_templates->set_var('cssid', $i % 2 + 1);
            $user_templates->set_var('row_number', $i + 1 . '.');
            $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
            $user_templates->set_var('article_url', $articleUrl);
            $C['title'] = str_replace('$', '&#36;', $C['title']);
            $user_templates->set_var('story_title', COM_createLink($C['title'], $articleUrl, array('class' => '')));
            $storytime = COM_getUserDateTimeFormat($C['unixdate']);
            $user_templates->set_var('story_date', $storytime[0]);
            $user_templates->parse('story_row', 'strow', true);
        }
    } else {
        $user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
    }
    if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
        // list of last 10 comments by this user
        $sidArray = array();
        if (sizeof($tids) > 0) {
            // first, get a list of all stories the current visitor has access to
            $sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
            $result = DB_query($sql);
            $numsids = DB_numRows($result);
            for ($i = 1; $i <= $numsids; $i++) {
                $S = DB_fetchArray($result);
                $sidArray[] = $S['sid'];
            }
        }
        $sidList = implode("', '", $sidArray);
        $sidList = "'{$sidList}'";
        // then, find all comments by the user in those stories
        $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = '" . (int) $user . "') GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
        // SQL NOTE:  Using a HAVING clause is usually faster than a where if the
        // field is part of the select
        // if (!empty ($sidList)) {
        //     $sql .= " AND (sid in ($sidList))";
        // }
        if (!empty($sidList)) {
            $sql .= " HAVING sid in ({$sidList})";
        }
        $sql .= " ORDER BY unixdate DESC LIMIT 10";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            for ($i = 0; $i < $nrows; $i++) {
                $C = DB_fetchArray($result);
                $user_templates->set_var('cssid', $i % 2 + 1);
                $user_templates->set_var('row_number', $i + 1 . '.');
                $C['title'] = str_replace('$', '&#36;', $C['title']);
                $comment_url = $_CONF['site_url'] . '/comment.php?mode=view&amp;cid=' . $C['cid'];
                $user_templates->set_var('comment_title', COM_createLink($C['title'], $comment_url, array('class' => '')));
                $commenttime = COM_getUserDateTimeFormat($C['unixdate']);
                $user_templates->set_var('comment_date', $commenttime[0]);
                $user_templates->parse('comment_row', 'row', true);
            }
        } else {
            $user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
        }
    }
    // posting stats for this user
    $user_templates->set_var('lang_number_stories', $LANG04[84]);
    $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = " . (int) $user . ") AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
    $result = DB_query($sql);
    $N = DB_fetchArray($result);
    $user_templates->set_var('number_stories', COM_numberFormat($N['count']));
    if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
        $user_templates->set_var('lang_number_comments', $LANG04[85]);
        $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = " . (int) $user . ")";
        if (!empty($sidList)) {
            $sql .= " AND (sid in ({$sidList}))";
        }
        $result = DB_query($sql);
        $N = DB_fetchArray($result);
        $user_templates->set_var('number_comments', COM_numberFormat($N['count']));
        $user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
    }
    // hook to the profile icon display
    $profileIcons = PLG_profileIconDisplay($user);
    if (is_array($profileIcons) && count($profileIcons) > 0) {
        $user_templates->set_block('profile', 'profileicon', 'pi');
        for ($x = 0; $x < count($profileIcons); $x++) {
            if (isset($profileIcons[$x]['url']) && $profileIcons[$x]['url'] != '' && isset($profileIcons[$x]['icon']) && $profileIcons[$x]['icon'] != '') {
                $user_templates->set_var('profile_icon_url', $profileIcons[$x]['url']);
                $user_templates->set_var('profile_icon_icon', $profileIcons[$x]['icon']);
                $user_templates->set_var('profile_icon_text', $profileIcons[$x]['text']);
                $user_templates->parse('pi', 'profileicon', true);
            }
        }
    }
    // Call custom registration function if enabled and exists
    if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
        $user_templates->set_var('customfields', CUSTOM_userDisplay($user));
    }
    PLG_profileVariablesDisplay($user, $user_templates);
    $user_templates->parse('output', 'profile');
    $retval .= $user_templates->finish($user_templates->get_var('output'));
    $retval .= PLG_profileBlocksDisplay($user);
    return $retval;
}
Exemplo n.º 2
0
/**
 * Takes an article class and renders HTML in the specified template and style.
 *
 * Formats the given article into HTML. Called by index.php, article.php,
 * submit.php and admin/story.php (Preview mode for the last two).
 *
 * @param   object  $story      The story to display, an instance of the Story class.
 * @param   string  $index      n = 'Compact display' for list of stories. p = 'Preview' mode. Else full display of article.
 * @param   string  $storytpl   The template to use to render the story.
 * @param   string  $query      A search query, if one was specified.
 *
 * @return  string  Article as formated HTML.
 *
 * Note: Formerly named COM_Article, and re-written totally since then.
 */
function STORY_renderArticle(&$story, $index = '', $storytpl = 'storytext.thtml', $query = '')
{
    global $_CONF, $_SYSTEM, $_TABLES, $_USER, $LANG01, $LANG05, $LANG11, $LANG_TRB, $_IMAGE_TYPE, $mode, $_GROUPS, $ratedIds;
    static $storycounter = 0;
    USES_lib_social();
    SESS_setContext(array('type' => 'article', 'sid' => $story->_sid));
    if (empty($storytpl)) {
        $storytpl = 'storytext.thtml';
    }
    $featuredstorytpl = 'featuredstorytext.thtml';
    $archivestorytpl = 'archivestorytext.thtml';
    if (isset($_SYSTEM['custom_topic_templates']) && $_SYSTEM['custom_topic_templates'] == true) {
        $storyTid = strtolower($story->DisplayElements('tid'));
        $pos = strpos($storytpl, ".");
        if ($pos !== false) {
            $base_template = substr($storytpl, 0, $pos);
        } else {
            $base_template = 'storytext';
        }
        if (file_exists($_CONF['path_layout'] . '/custom/' . $base_template . '_' . $storyTid . '.thtml') !== false) {
            $storytpl = $base_template . '_' . $storyTid . '.thtml';
        }
        if (file_exists($_CONF['path_layout'] . '/custom/featuredstorytext' . '_' . $storyTid . '.thtml') !== false) {
            $featuredstorytpl = 'featuredstorytext' . '_' . $storyTid . '.thtml';
        }
        if (file_exists($_CONF['path_layout'] . '/custom/archivestorytext' . '_' . $storyTid . '.thtml') !== false) {
            $archivestorytpl = 'archivestorytext' . '_' . $storyTid . '.thtml';
        }
    }
    $introtext = $story->displayElements('introtext');
    $bodytext = $story->displayElements('bodytext');
    if (!empty($query)) {
        $introtext = COM_highlightQuery($introtext, $query);
        $bodytext = COM_highlightQuery($bodytext, $query);
    }
    $article = new Template($_CONF['path_layout']);
    $article->set_file(array('article' => $storytpl, 'featuredarticle' => $featuredstorytpl, 'archivearticle' => $archivestorytpl));
    if ($_CONF['hideviewscount'] != 1) {
        $article->set_var('lang_views', $LANG01[106]);
        $article->set_var('story_hits', $story->DisplayElements('hits'), false, true);
    }
    if ($_CONF['hidestorydate'] != 1) {
        $article->set_var('story_date', $story->DisplayElements('date'), false, true);
        // make sure date format is in user's preferred format
    }
    $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
    $article->set_var('article_url', $articleUrl);
    $article->set_var('story_title', $story->DisplayElements('title'));
    // begin instance caching...
    if ($story->DisplayElements('featured') == 1) {
        $article_filevar = 'featuredarticle';
    } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE and $story->DisplayElements('expire') <= time()) {
        $article_filevar = 'archivearticle';
    } else {
        $article_filevar = 'article';
    }
    $hash = CACHE_security_hash();
    $instance_id = 'story_' . $story->getSid() . '_' . $index . '_' . $article_filevar . '_' . $hash . '_' . $_USER['theme'];
    if ($index == 'p' || !empty($query) || !$article->check_instance($instance_id, $article_filevar)) {
        // end of instance cache
        $article->set_var('article_filevar', '');
        $article->set_var('site_name', $_CONF['site_name']);
        if ($_CONF['hidestorydate'] != 1) {
            $article->set_var('story_date_short', $story->DisplayElements('shortdate'));
            $article->set_var('story_date_only', $story->DisplayElements('dateonly'));
        }
        $article->set_var('story_id', $story->getSid());
        $article->set_var('lang_posted_in', $LANG01['posted_in']);
        if ($_CONF['contributedbyline'] == 1) {
            $article->set_var('lang_contributed_by', $LANG01[1]);
            $article->set_var('lang_by', $LANG01[95]);
            $article->set_var('contributedby_uid', $story->DisplayElements('uid'));
            $fullname = $story->DisplayElements('fullname');
            $username = $story->DisplayElements('username');
            $article->set_var('contributedby_user', $username);
            if (empty($fullname)) {
                $article->set_var('contributedby_fullname', $username);
            } else {
                $article->set_var('contributedby_fullname', $fullname);
            }
            $authorname = COM_getDisplayName($story->DisplayElements('uid'), $username, $fullname);
            $article->set_var('author', $authorname);
            $profileUrl = $_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $story->DisplayElements('uid');
            if ($story->DisplayElements('uid') > 1) {
                $article->set_var('contributedby_url', $profileUrl);
                $authorname = COM_createLink($authorname, $profileUrl, array('class' => 'storybyline'));
            }
            $article->set_var('contributedby_author', $authorname);
            $photo = '';
            $photo_raw = '';
            if ($_CONF['allow_user_photo'] == 1) {
                $authphoto = $story->DisplayElements('photo');
                if (empty($authphoto)) {
                    $authphoto = '(none)';
                    // user does not have a photo
                }
                $photo = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email'));
                $photo_raw = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email'), 64, 0);
            }
            $article->set_var('author_photo_raw', $photo_raw);
            if (!empty($photo)) {
                $article->set_var('contributedby_photo', $photo);
                $article->set_var('author_photo', $photo);
                $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . '/>';
                $article->set_var('camera_icon', COM_createLink($camera_icon, $profileUrl));
            } else {
                $article->set_var('contributedby_photo', '');
                $article->set_var('author_photo', '');
                $article->set_var('camera_icon', '');
            }
            if ($story->DisplayElements('attribution_author') == "") {
                $article->set_var('author_about', $story->DisplayElements('about'));
                $article->set_var('follow_me', SOC_getFollowMeIcons($story->DisplayElements('uid')));
            }
        }
        $topicname = $story->DisplayElements('topic');
        if ($story->DisplayElements('alternate_tid') != NULL) {
            $alttopic = DB_getItem($_TABLES['topics'], 'topic', "tid = '" . DB_escapeString($story->DisplayElements('alternate_tid')) . "'");
        } else {
            $alttopic = '';
        }
        $article->set_var('story_topic_id', $story->DisplayElements('tid'));
        $article->set_var('alt_story_topic_id', $story->DisplayElements('alternate_tid'));
        $article->set_var('story_topic_name', $topicname);
        $article->set_var('story_alternate_topic_name', $alttopic);
        $article->set_var('story_subtitle', $story->DisplayElements('subtitle'));
        $attribution_url = $story->DisplayElements('attribution_url');
        $attribution_name = $story->DisplayElements('attribution_name');
        $attribution_author = $story->DisplayElements('attribution_author');
        if ($attribution_url != '') {
            $article->set_var('attribution_url', $attribution_url);
        }
        if ($attribution_name != '') {
            $article->set_var('attribution_name', $attribution_name);
        }
        if ($attribution_author != '') {
            $article->set_var('attribution_author', $attribution_author);
        }
        $article->set_var('lang_source', $LANG01['source']);
        $story_image = $story->DisplayElements('story_image');
        $article->set_var('story_image', $story_image);
        $topicurl = $_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('tid');
        $alttopicurl = $_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('alternate_tid');
        if ((!isset($_USER['noicons']) or $_USER['noicons'] != 1) and $story->DisplayElements('show_topic_icon') == 1) {
            $imageurl = $story->DisplayElements('imageurl');
            if (!empty($imageurl)) {
                $imageurl = COM_getTopicImageUrl($imageurl);
                $article->set_var('story_topic_image_url', $imageurl);
                $article->set_var('topic_url', $topicurl);
                $topicimage = '<img src="' . $imageurl . '" class="float' . $_CONF['article_image_align'] . '" alt="' . $topicname . '" title="' . $topicname . '" />';
                $article->set_var('story_anchortag_and_image', COM_createLink($topicimage, $topicurl, array('rel' => "category tag")));
                $article->set_var('story_topic_image', $topicimage);
                $topicimage_noalign = '<img src="' . $imageurl . '" alt="' . $topicname . '" title="' . $topicname . '" />';
                $article->set_var('story_anchortag_and_image_no_align', COM_createLink($topicimage_noalign, $topicurl, array('rel' => "category tag")));
                $article->set_var('story_topic_image_no_align', $topicimage_noalign);
            }
        }
        $article->set_var('story_topic_url', $topicurl);
        $article->set_var('alt_story_topic_url', $alttopicurl);
        $recent_post_anchortag = '';
        $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
        $article->set_var('story_title', $story->DisplayElements('title'));
        $article->set_var('lang_permalink', $LANG01[127]);
        $show_comments = true;
        // n = 'Compact display' for list of stories. p = 'Preview' mode.
        if ($index != 'n' && $index != 'p' || !empty($query)) {
            $attributes = ' class="non-ul"';
            $attr_array = array('class' => 'non-ul');
            if (!empty($query)) {
                $attributes .= ' rel="bookmark"';
                $attr_array['rel'] = 'bookmark';
            }
            $article->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '"' . $attributes . '>');
            $article->set_var('end_storylink_anchortag', '</a>');
            $article->set_var('story_title_link', COM_createLink($story->DisplayElements('title'), $articleUrl, $attr_array));
            $article->set_var('story_url', $articleUrl);
        } else {
            $article->set_var('story_title_link', $story->DisplayElements('title'));
        }
        if ($index == 'n' || $index == 'p') {
            if (empty($bodytext)) {
                $article->set_var('story_introtext', $introtext);
                $article->set_var('story_text_no_br', $introtext);
            } else {
                // page break feature depreciated / removed in 1.6.0
                $article_array = explode('[page_break]', $bodytext);
                $pbCount = count($article_array);
                if ($pbCount > 1) {
                    $bodytext = '';
                    for ($x = 0; $x < $pbCount; $x++) {
                        $bodytext .= $article_array[$x];
                    }
                }
                $_CONF['allow_page_breaks'] = 0;
                // end of page break removal
                if ($_CONF['allow_page_breaks'] == 1 and $index == 'n') {
                    $story_page = 1;
                    // page selector
                    if (is_numeric($mode)) {
                        $story_page = $mode;
                        if ($story_page <= 0) {
                            $story_page = 1;
                            $mode = 0;
                        } elseif ($story_page > 1) {
                            $introtext = '';
                        }
                    }
                    $article_array = explode('[page_break]', $bodytext);
                    $pagelinks = COM_printPageNavigation($articleUrl, $story_page, count($article_array), 'mode=', $_CONF['url_rewrite'], $LANG01[118]);
                    if (count($article_array) > 1) {
                        $bodytext = $article_array[$story_page - 1];
                    }
                    $article->set_var('page_selector', $pagelinks);
                    if ($_CONF['page_break_comments'] == 'last' and $story_page < count($article_array) or $_CONF['page_break_comments'] == 'first' and $story_page != 1) {
                        $show_comments = false;
                    }
                    $article->set_var('story_page', $story_page);
                }
                $article->set_var('story_introtext', $introtext . '<br />' . $bodytext);
                $article->set_var('story_text_no_br', $introtext . $bodytext);
            }
            $article->set_var('story_introtext_only', $introtext);
            $article->set_var('story_bodytext_only', $bodytext);
            if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && SEC_hasRights('story.ping')) {
                $url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&amp;id=' . $story->getSid();
                $article->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url));
                $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '" />';
                $article->set_var('send_trackback_icon', COM_createLink($pingico, $url));
                $article->set_var('send_trackback_url', $url);
                $article->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']);
            }
            $article->set_var('story_display', $index == 'p' ? 'preview' : 'article');
            $article->set_var('story_counter', 0);
        } else {
            $article->set_var('story_introtext', $introtext);
            $article->set_var('story_text_no_br', $introtext);
            $article->set_var('story_introtext_only', $introtext);
            if (!empty($bodytext)) {
                $article->set_var('lang_readmore', $LANG01[2]);
                $article->set_var('lang_readmore_words', $LANG01[62]);
                $numwords = COM_numberFormat(sizeof(explode(' ', strip_tags($bodytext))));
                $article->set_var('readmore_words', $numwords);
                $article->set_var('readmore_link', COM_createLink($LANG01[2], $articleUrl, array('class' => 'story-read-more-link')) . ' (' . $numwords . ' ' . $LANG01[62] . ') ');
                $article->set_var('start_readmore_anchortag', '<a href="' . $articleUrl . '" class="story-read-more-link">');
                $article->set_var('end_readmore_anchortag', '</a>');
                $article->set_var('read_more_class', 'class="story-read-more-link"');
                $article->set_var('readmore_url', $articleUrl);
            }
            if ($story->DisplayElements('commentcode') >= 0 and $show_comments) {
                $commentsUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#comments';
                $cmtLinkArray = CMT_getCommentLinkWithCount('article', $story->getSid(), $_CONF['site_url'] . '/article.php?story=' . $story->getSid(), $story->DisplayElements('comments'), 1);
                $article->set_var('comments_with_count_link', $cmtLinkArray['link_with_count']);
                $article->set_var('comments_url', $cmtLinkArray['url']);
                $article->set_var('comments_url_extra', $cmtLinkArray['url_extra']);
                $article->set_var('comments_text', $cmtLinkArray['comment_count']);
                $article->set_var('comments_count', $cmtLinkArray['comment_count']);
                $article->set_var('lang_comments', $LANG01[3]);
                $comments_with_count = sprintf($LANG01[121], COM_numberFormat($story->DisplayElements('comments')));
                if ($story->DisplayElements('comments') > 0) {
                    $result = DB_query("SELECT UNIX_TIMESTAMP(date) AS day,username,fullname,{$_TABLES['comments']}.uid as cuid FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = '" . DB_escapeString($story->getsid()) . "' ORDER BY date desc LIMIT 1");
                    $C = DB_fetchArray($result);
                    $recent_post_anchortag = '<span class="storybyline">' . $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . COM_getDisplayName($C['cuid'], $C['username'], $C['fullname']) . '</span>';
                    $article->set_var('comments_with_count', COM_createLink($comments_with_count, $commentsUrl));
                    $article->set_var('start_comments_anchortag', '<a href="' . $commentsUrl . '">');
                    $article->set_var('end_comments_anchortag', '</a>');
                } else {
                    $article->set_var('comments_with_count', $comments_with_count);
                    $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/comment.php?sid=' . $story->getsid() . '#comment_entry' . '&amp;pid=0&amp;type=article');
                }
                if ($story->DisplayElements('commentcode') == 0 && ($_CONF['commentsloginrequired'] == 0 || !COM_isAnonUser())) {
                    $postCommentUrl = $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&amp;pid=0&amp;type=article#comment_entry';
                    $article->set_var('post_comment_link', COM_createLink($LANG01[60], $postCommentUrl, array('rel' => 'nofollow')));
                    $article->set_var('lang_post_comment', $LANG01[60]);
                    $article->set_var('start_post_comment_anchortag', '<a href="' . $postCommentUrl . '" rel="nofollow">');
                    $article->set_var('end_post_comment_anchortag', '</a>');
                    $article->set_var('post_comment_url', $postCommentUrl);
                }
            }
            if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && $story->DisplayElements('trackbackcode') >= 0 && $show_comments) {
                $num_trackbacks = COM_numberFormat($story->DisplayElements('trackbacks'));
                $trackbacksUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#trackback';
                $article->set_var('trackbacks_url', $trackbacksUrl);
                $article->set_var('trackbacks_text', $num_trackbacks . ' ' . $LANG_TRB['trackbacks']);
                $article->set_var('trackbacks_count', $num_trackbacks);
                $article->set_var('lang_trackbacks', $LANG_TRB['trackbacks']);
                $article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl));
                if (SEC_hasRights('story.ping')) {
                    $pingurl = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&amp;id=' . $story->getSid();
                    $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '" />';
                    $article->set_var('send_trackback_icon', COM_createLink($pingico, $pingurl));
                }
                if ($story->DisplayElements('trackbacks') > 0) {
                    $article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl));
                } else {
                    $article->set_var('trackbacks_with_count', sprintf($LANG01[122], $num_trackbacks));
                }
            }
            if ($_CONF['hideemailicon'] == 1 || COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
                $article->set_var('email_icon', '');
            } else {
                $emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&amp;what=emailstory';
                $emailicon = '<img src="' . $_CONF['layout_url'] . '/images/mail.' . $_IMAGE_TYPE . '" alt="' . $LANG01[64] . '" title="' . $LANG11[2] . '" />';
                $article->set_var('email_icon', COM_createLink($emailicon, $emailUrl));
                $article->set_var('email_story_url', $emailUrl);
                $article->set_var('lang_email_story', $LANG11[2]);
                $article->set_var('lang_email_story_alt', $LANG01[64]);
            }
            $printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&amp;mode=print');
            if ($_CONF['hideprintericon'] == 1) {
                $article->set_var('print_icon', '');
            } else {
                $printicon = '<img src="' . $_CONF['layout_url'] . '/images/print.' . $_IMAGE_TYPE . '" alt="' . $LANG01[65] . '" title="' . $LANG11[3] . '" />';
                $article->set_var('print_icon', COM_createLink($printicon, $printUrl, array('rel' => 'nofollow')));
                $article->set_var('print_story_url', $printUrl);
                $article->set_var('lang_print_story', $LANG11[3]);
                $article->set_var('lang_print_story_alt', $LANG01[65]);
            }
            $article->set_var('pdf_icon', '');
            if ($_CONF['backend'] == 1) {
                $tid = $story->displayElements('tid');
                $alt_tid = $story->displayElements('alternate_tid');
                $result = DB_query("SELECT filename, title FROM {$_TABLES['syndication']} WHERE type = 'article' AND topic = '" . DB_escapeString($tid) . "' AND is_enabled = 1");
                $feeds = DB_numRows($result);
                for ($i = 0; $i < $feeds; $i++) {
                    list($filename, $title) = DB_fetchArray($result);
                    $feedUrl = SYND_getFeedUrl($filename);
                    $feedTitle = sprintf($LANG11[6], $title);
                }
                if ($feeds > 0) {
                    $feedicon = '<img src="' . $_CONF['layout_url'] . '/images/rss_small.' . $_IMAGE_TYPE . '" alt="' . $feedTitle . '" title="' . $feedTitle . '" />';
                    $article->set_var('feed_icon', COM_createLink($feedicon, $feedUrl, array("type" => "application/rss+xml")));
                    $article->set_var('feed_url', $feedUrl);
                } else {
                    $article->set_var('feed_icon', '');
                }
            } else {
                $article->set_var('feed_icon', '');
            }
            $article->set_var('story_display', 'index');
            $storycounter++;
            $article->set_var('story_counter', $storycounter);
            $article->set_var('adblock', PLG_displayAdBlock('story', $storycounter));
        }
        $article->set_var('article_url', $articleUrl);
        $article->set_var('recent_post_anchortag', $recent_post_anchortag);
        $access = $story->checkAccess();
        $storyAccess = min($access, SEC_hasTopicAccess($story->DisplayElements('tid')));
        if ($index != 'p' and SEC_hasRights('story.edit') and $story->checkAccess() == 3 and SEC_hasTopicAccess($story->DisplayElements('tid')) == 3) {
            $article->set_var('edit_link', COM_createLink($LANG01[4], $_CONF['site_admin_url'] . '/story.php?edit=x&amp;sid=' . $story->getSid()));
            $article->set_var('edit_url', $_CONF['site_admin_url'] . '/story.php?edit=x&amp;sid=' . $story->getSid());
            $article->set_var('lang_edit_text', $LANG01[4]);
            $editicon = $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE;
            $editiconhtml = '<img src="' . $editicon . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '" />';
            $article->set_var('edit_icon', COM_createLink($editiconhtml, $_CONF['site_admin_url'] . '/story.php?edit=x&amp;sid=' . $story->getSid()));
            $article->set_var('edit_image', $editiconhtml);
        }
        $article->set_var('lang_continue_reading', $LANG01['continue_reading']);
        PLG_templateSetVars($article_filevar, $article);
        if ($_CONF['rating_enabled'] != 0 && $index != 'p') {
            if (@in_array($story->getSid(), $ratedIds)) {
                $static = true;
                $voted = 1;
            } else {
                $static = 0;
                $voted = 0;
            }
            $uid = isset($_USER['uid']) ? $_USER['uid'] : 1;
            if ($_CONF['rating_enabled'] == 2 && $uid != $story->DisplayElements('owner_id')) {
                $article->set_var('rating_bar', RATING_ratingBar('article', $story->getSid(), $story->DisplayElements('votes'), $story->DisplayElements('rating'), $voted, 5, $static, 'sm'), false, true);
            } else {
                if (!COM_isAnonUser() && $uid != $story->DisplayElements('owner_id')) {
                    $article->set_var('rating_bar', RATING_ratingBar('article', $story->getSid(), $story->DisplayElements('votes'), $story->DisplayElements('rating'), $voted, 5, $static, 'sm'), false, true);
                } else {
                    $article->set_var('rating_bar', RATING_ratingBar('article', $story->getSid(), $story->DisplayElements('votes'), $story->DisplayElements('rating'), 1, 5, TRUE, 'sm'), false, true);
                }
            }
        } else {
            $article->set_var('rating_bar', '', false, true);
        }
        if ($index != 'p') {
            $article->create_instance($instance_id, $article_filevar);
        }
    } else {
        PLG_templateSetVars($article_filevar, $article);
        if ($_CONF['rating_enabled'] != 0) {
            if (@in_array($story->getSid(), $ratedIds)) {
                $static = true;
                $voted = 1;
            } else {
                $static = 0;
                $voted = 0;
            }
            $uid = isset($_USER['uid']) ? $_USER['uid'] : 1;
            if ($_CONF['rating_enabled'] == 2 && $uid != $story->DisplayElements('owner_id')) {
                $article->set_var('rating_bar', RATING_ratingBar('article', $story->getSid(), $story->DisplayElements('votes'), $story->DisplayElements('rating'), $voted, 5, $static, 'sm'), false, true);
            } else {
                if (!COM_isAnonUser() && $uid != $story->DisplayElements('owner_id')) {
                    $article->set_var('rating_bar', RATING_ratingBar('article', $story->getSid(), $story->DisplayElements('votes'), $story->DisplayElements('rating'), $voted, 5, $static, 'sm'), false, true);
                } else {
                    $article->set_var('rating_bar', RATING_ratingBar('article', $story->getSid(), $story->DisplayElements('votes'), $story->DisplayElements('rating'), $voted, 5, TRUE, 'sm'), false, true);
                }
            }
        } else {
            $article->set_var('rating_bar', '', false, true);
        }
    }
    $article->parse('finalstory', $article_filevar);
    SESS_clearContext();
    return $article->finish($article->get_var('finalstory'));
}
Exemplo n.º 3
0
/**
 * This block will display any social site memberships
 *
 */
function phpblock_social()
{
    global $_CONF;
    USES_lib_social();
    return SOC_getFollowMeIcons(-1, 'follow_site.thtml');
}
Exemplo n.º 4
0
/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @param    int     $user   User ID of profile to get
* @param    int     $msg    Message to display (if != 0)
* @return   string          HTML for user profile page
*
*/
function userprofile($user, $msg = 0)
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG_LOGIN;
    $retval = '';
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
        $retval .= COM_siteHeader('menu');
        $retval .= SEC_loginRequiredForm();
        $retval .= COM_siteFooter();
        return $retval;
    }
    $result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = " . (int) $user);
    $nrows = DB_numRows($result);
    if ($nrows == 0) {
        // no such user
        return COM_refresh($_CONF['site_url'] . '/index.php');
    }
    $A = DB_fetchArray($result);
    $display_name = COM_getDisplayName($user, $A['username'], $A['fullname']);
    // format date/time to user preference
    $curtime = COM_getUserDateTimeFormat($A['regdate']);
    $A['regdate'] = $curtime[0];
    $user_templates = new Template($_CONF['path_layout'] . 'users');
    $user_templates->set_file(array('profile' => 'profile.thtml', 'email' => 'email.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
    $user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
    $user_templates->set_var('end_block', COM_endBlock());
    $user_templates->set_var('lang_username', $LANG04[2]);
    if ($_CONF['show_fullname'] == 1) {
        $user_templates->set_var('username', $A['fullname']);
        $user_templates->set_var('user_fullname', $A['username']);
    } else {
        $user_templates->set_var('username', $A['username']);
        $user_templates->set_var('user_fullname', $A['fullname']);
    }
    if (SEC_hasRights('user.edit')) {
        global $_IMAGE_TYPE, $LANG_ADMIN;
        $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '" />';
        $edit_link_url = '<li>' . COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?edit=x&amp;uid={$A['uid']}") . '</li>';
        $user_templates->set_var('edit_link', $edit_link_url);
    }
    $photo = USER_getPhoto($user, $A['photo'], $A['email'], -1, 0);
    $user_templates->set_var('user_photo', $photo);
    $user_templates->set_var('lang_membersince', $LANG04[67]);
    $user_templates->set_var('user_regdate', $A['regdate']);
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('user_id', $user);
    if ($A['email'] != '') {
        $user_templates->set_var('lang_sendemail', $LANG04[81]);
        $user_templates->parse('email_option', 'email', true);
    } else {
        $user_templates->set_var('email_option', '');
    }
    $user_templates->set_var('lang_homepage', $LANG04[6]);
    $user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
    $user_templates->set_var('lang_location', $LANG04[106]);
    $user_templates->set_var('user_location', strip_tags($A['location']));
    $user_templates->set_var('lang_bio', $LANG04[7]);
    $user_templates->set_var('user_bio', nl2br($A['about']));
    $user_templates->set_var('lang_pgpkey', $LANG04[8]);
    $user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
    $followMeIcons = SOC_getFollowMeIcons($A['uid']);
    if ($followMeIcons != '') {
        $user_templates->set_var('follow_me', $followMeIcons);
    }
    $user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
    $user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
    $user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
    $user_templates->set_var('lang_title', $LANG09[16]);
    $user_templates->set_var('lang_date', $LANG09[17]);
    // for alternative layouts: use these as headlines instead of block titles
    $user_templates->set_var('headline_last10stories', $LANG04[82]);
    $user_templates->set_var('headline_last10comments', $LANG04[10]);
    $user_templates->set_var('headline_postingstats', $LANG04[83]);
    $result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
    $nrows = DB_numRows($result);
    $tids = array();
    for ($i = 0; $i < $nrows; $i++) {
        $T = DB_fetchArray($result);
        $tids[] = $T['tid'];
    }
    $topics = "'" . implode("','", $tids) . "'";
    // list of last 10 stories by this user
    if (sizeof($tids) > 0) {
        $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = '" . (int) $user . "') AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
        $sql .= " ORDER BY unixdate DESC LIMIT 10";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
    } else {
        $nrows = 0;
    }
    if ($nrows > 0) {
        for ($i = 0; $i < $nrows; $i++) {
            $C = DB_fetchArray($result);
            $user_templates->set_var('cssid', $i % 2 + 1);
            $user_templates->set_var('row_number', $i + 1 . '.');
            $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
            $user_templates->set_var('article_url', $articleUrl);
            $C['title'] = str_replace('$', '&#36;', $C['title']);
            $user_templates->set_var('story_title', COM_createLink($C['title'], $articleUrl, array('class' => 'b')));
            $storytime = COM_getUserDateTimeFormat($C['unixdate']);
            $user_templates->set_var('story_date', $storytime[0]);
            $user_templates->parse('story_row', 'strow', true);
        }
    } else {
        $user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
    }
    // list of last 10 comments by this user
    $sidArray = array();
    if (sizeof($tids) > 0) {
        // first, get a list of all stories the current visitor has access to
        $sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
        $result = DB_query($sql);
        $numsids = DB_numRows($result);
        for ($i = 1; $i <= $numsids; $i++) {
            $S = DB_fetchArray($result);
            $sidArray[] = $S['sid'];
        }
    }
    $sidList = implode("', '", $sidArray);
    $sidList = "'" . DB_escapeString($sidList) . "'";
    // then, find all comments by the user in those stories
    $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = '" . (int) $user . "') GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
    // SQL NOTE:  Using a HAVING clause is usually faster than a where if the
    // field is part of the select
    // if (!empty ($sidList)) {
    //     $sql .= " AND (sid in ($sidList))";
    // }
    if (!empty($sidList)) {
        $sql .= " HAVING sid in ({$sidList})";
    }
    $sql .= " ORDER BY unixdate DESC LIMIT 10";
    $result = DB_query($sql);
    $nrows = DB_numRows($result);
    if ($nrows > 0) {
        for ($i = 0; $i < $nrows; $i++) {
            $C = DB_fetchArray($result);
            $user_templates->set_var('cssid', $i % 2 + 1);
            $user_templates->set_var('row_number', $i + 1 . '.');
            $comment_url = $_CONF['site_url'] . '/comment.php?mode=view&amp;cid=' . $C['cid'];
            $C['title'] = str_replace('$', '&#36;', $C['title']);
            $user_templates->set_var('comment_title', COM_createLink($C['title'], $comment_url, array('class' => 'b')));
            $commenttime = COM_getUserDateTimeFormat($C['unixdate']);
            $user_templates->set_var('comment_date', $commenttime[0]);
            $user_templates->parse('comment_row', 'row', true);
        }
    } else {
        $user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
    }
    // posting stats for this user
    $user_templates->set_var('lang_number_stories', $LANG04[84]);
    $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = " . (int) $user . ") AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
    $result = DB_query($sql);
    $N = DB_fetchArray($result);
    $user_templates->set_var('number_stories', COM_numberFormat($N['count']));
    $user_templates->set_var('lang_number_comments', $LANG04[85]);
    $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = '{$user}')";
    if (!empty($sidList)) {
        $sql .= " AND (sid in ({$sidList}))";
    }
    $result = DB_query($sql);
    $N = DB_fetchArray($result);
    $user_templates->set_var('number_comments', COM_numberFormat($N['count']));
    $user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
    // Call custom registration function if enabled and exists
    if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
        $user_templates->set_var('customfields', CUSTOM_userDisplay($user));
    }
    PLG_profileVariablesDisplay($user, $user_templates);
    $user_templates->parse('output', 'profile');
    $retval .= $user_templates->finish($user_templates->get_var('output'));
    $retval .= PLG_profileBlocksDisplay($user);
    return $retval;
}