Exemplo n.º 1
0
// ########################################################################
// #############################################################################
// put this before print_cp_header() so we can use an HTTP header
if ($_REQUEST['do'] == 'find') {
    $vbulletin->input->clean_array_gpc('r', array('user' => TYPE_ARRAY, 'profile' => TYPE_ARRAY, 'display' => TYPE_ARRAY_BOOL, 'orderby' => TYPE_STR, 'limitstart' => TYPE_UINT, 'limitnumber' => TYPE_UINT, 'direction' => TYPE_STR, 'serializedprofile' => TYPE_STR, 'serializeduser' => TYPE_STR, 'serializeddisplay' => TYPE_STR));
    if (!empty($vbulletin->GPC['serializeduser'])) {
        $vbulletin->GPC['user'] = @unserialize(verify_client_string($vbulletin->GPC['serializeduser']));
        $vbulletin->GPC['profile'] = @unserialize(verify_client_string($vbulletin->GPC['serializedprofile']));
    }
    if (!empty($vbulletin->GPC['serializeddisplay'])) {
        $vbulletin->GPC['display'] = @unserialize(verify_client_string($vbulletin->GPC['serializeddisplay']));
    }
    if (@array_sum($vbulletin->GPC['display']) == 0) {
        $vbulletin->GPC['display'] = array('username' => 1, 'options' => 1, 'email' => 1, 'joindate' => 1, 'lastactivity' => 1, 'posts' => 1);
    }
    $condition = fetch_user_search_sql($vbulletin->GPC['user'], $vbulletin->GPC['profile']);
    switch ($vbulletin->GPC['orderby']) {
        case 'username':
        case 'email':
        case 'joindate':
        case 'lastactivity':
        case 'lastpost':
        case 'posts':
        case 'birthday_search':
        case 'reputation':
        case 'warnings':
        case 'infractions':
        case 'ipoints':
            break;
        default:
            $vbulletin->GPC['orderby'] = 'username';
Exemplo n.º 2
0
function doConfirmUpload($sessionid)
{
    global $vbphrase, $vbulletin;
    global $_HIDDENFIELDS;
    //first let's make sure we have a valid session and valid list
    if (!$sessionid) {
        return;
    }
    $vbulletin->input->clean_array_gpc('r', array('listname' => TYPE_STR, 'listid' => TYPE_UINT, 'do_percycle' => TYPE_UINT, 'user' => TYPE_ARRAY, 'profile' => TYPE_ARRAY, 'display' => TYPE_ARRAY_BOOL, 'orderby' => TYPE_STR, 'startat' => TYPE_UINT, 'serializedprofile' => TYPE_STR, 'serializeduser' => TYPE_STR, 'serializeddisplay' => TYPE_STR, 'condition' => TYPE_STR));
    $client = new vB_VerticalResponse();
    if (!$vbulletin->GPC_exists['do_percycle'] or !intval($vbulletin->GPC['do_percycle'])) {
        $vbulletin->GPC['do_percycle'] = 1000;
    }
    if (!$client->checkStatus($sessionid)) {
        printLogin($vbphrase['vr_login_first_desc']);
        return;
    }
    require_once DIR . '/includes/adminfunctions_user.php';
    require_once DIR . '/includes/adminfunctions_profilefield.php';
    if ($vbulletin->GPC_exists['listname'] and !empty($vbulletin->GPC['listname'])) {
        $listid = $client->createList($sessionid, $vbulletin->GPC['listname']);
        if (!$listid) {
            return;
        }
    } else {
        if ($vbulletin->GPC_exists['listid']) {
            $listid = $vbulletin->GPC['listid'];
            if (intval($vbulletin->GPC['startat']) == 0) {
                $client->setCustomListFields($sessionid, array('userid', 'username'));
                //if we're just starting, clear the existing records
                $client->eraseListMembers($sessionid, $listid);
            }
        } else {
            return false;
        }
    }
    //we appear to have good data. Let's go ahead and compose the sql
    if (!empty($vbulletin->GPC['serializeduser'])) {
        $vbulletin->GPC['user'] = @unserialize(verify_client_string($vbulletin->GPC['serializeduser']));
        $vbulletin->GPC['profile'] = @unserialize(verify_client_string($vbulletin->GPC['serializedprofile']));
    }
    if (!empty($vbulletin->GPC['serializeddisplay'])) {
        $vbulletin->GPC['display'] = @unserialize(verify_client_string($vbulletin->GPC['serializeddisplay']));
    }
    if (@array_sum($vbulletin->GPC['display']) == 0) {
        $vbulletin->GPC['display'] = array('username' => 1, 'options' => 1, 'email' => 1, 'joindate' => 1, 'lastactivity' => 1, 'posts' => 1);
    }
    $condition = fetch_user_search_sql($vbulletin->GPC['user'], $vbulletin->GPC['profile']);
    if (empty($condition)) {
        $condition = "1 = 1";
    }
    $searchquery = "\n\t\tSELECT COUNT(*) AS count\n\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON (userfield.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON (usertextfield.userid = user.userid)\n\t\tWHERE {$condition}";
    $count = $vbulletin->db->query_first($searchquery);
    if (!$count) {
        return false;
    }
    $count = $count['count'];
    print_cp_header($vbphrase['verticalresponse']);
    print_form_header('verticalresponse', 'do_upload', false, true, 'verticalresponse');
    print_table_header($vbphrase['upload_list'], 2);
    print_description_row(construct_phrase($vbphrase['upload_count_x_desc'], $count));
    $_HIDDENFIELDS['condition'] = htmlspecialchars_uni($condition);
    $_HIDDENFIELDS['do_percycle'] = $vbulletin->GPC['do_percycle'];
    $_HIDDENFIELDS['startat'] = 0;
    $_HIDDENFIELDS['count'] = $count;
    $_HIDDENFIELDS['listid'] = $listid;
    print_hidden_fields();
    print_submit_row($vbphrase['submit'], 0);
    print_table_footer();
}