/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @param int $user User ID of profile to get
* @param int $msg Message to display (if != 0)
* @return string HTML for user profile page
*
*/
function userprofile($user, $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG_LOGIN;
$retval = '';
if (empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
$retval .= COM_siteHeader('menu');
$retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('site_admin_url', $_CONF['site_admin_url']);
$login->set_var('layout_url', $_CONF['layout_url']);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
return $retval;
}
$result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = {$user}");
$nrows = DB_numRows($result);
if ($nrows == 0) {
// no such user
return COM_refresh($_CONF['site_url'] . '/index.php');
}
$A = DB_fetchArray($result);
$display_name = COM_getDisplayName($user, $A['username'], $A['fullname']);
// format date/time to user preference
$curtime = COM_getUserDateTimeFormat($A['regdate']);
$A['regdate'] = $curtime[0];
$user_templates = new Template($_CONF['path_layout'] . 'users');
$user_templates->set_file(array('profile' => 'profile.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
$user_templates->set_var('xhtml', XHTML);
$user_templates->set_var('site_url', $_CONF['site_url']);
$user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
$user_templates->set_var('end_block', COM_endBlock());
$user_templates->set_var('lang_username', $LANG04[2]);
if ($_CONF['show_fullname'] == 1) {
$user_templates->set_var('username', $A['fullname']);
$user_templates->set_var('user_fullname', $A['username']);
} else {
$user_templates->set_var('username', $A['username']);
$user_templates->set_var('user_fullname', $A['fullname']);
}
if (SEC_hasRights('user.edit')) {
global $_IMAGE_TYPE, $LANG_ADMIN;
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>';
$edit_link_url = COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}");
$user_templates->set_var('edit_link', $edit_link_url);
}
$photo = USER_getPhoto($user, $A['photo'], $A['email'], -1);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $user);
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', nl2br(stripslashes($A['about'])));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82]);
$user_templates->set_var('headline_last10comments', $LANG04[10]);
$user_templates->set_var('headline_postingstats', $LANG04[83]);
$result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$nrows = DB_numRows($result);
$tids = array();
for ($i = 0; $i < $nrows; $i++) {
$T = DB_fetchArray($result);
$tids[] = $T['tid'];
}
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (count($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
} else {
$nrows = 0;
}
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
$user_templates->set_var('article_url', $articleUrl);
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('story_title', COM_createLink(stripslashes($C['title']), $articleUrl, array('class' => 'b')));
$storytime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('story_date', $storytime[0]);
$user_templates->parse('story_row', 'strow', true);
}
} else {
$user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
}
// list of last 10 comments by this user
$sidArray = array();
if (count($tids) > 0) {
// first, get a list of all stories the current visitor has access to
$sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$result = DB_query($sql);
$numsids = DB_numRows($result);
for ($i = 1; $i <= $numsids; $i++) {
$S = DB_fetchArray($result);
$sidArray[] = $S['sid'];
}
}
$sidList = implode("', '", $sidArray);
$sidList = "'{$sidList}'";
// then, find all comments by the user in those stories
$sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = {$user}) GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
// SQL NOTE: Using a HAVING clause is usually faster than a where if the
// field is part of the select
// if (!empty ($sidList)) {
// $sql .= " AND (sid in ($sidList))";
// }
if (!empty($sidList)) {
$sql .= " HAVING sid in ({$sidList})";
}
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid'];
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('comment_title', COM_createLink(stripslashes($C['title']), $comment_url, array('class' => 'b')));
$commenttime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('comment_date', $commenttime[0]);
$user_templates->parse('comment_row', 'row', true);
}
} else {
$user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
}
// posting stats for this user
$user_templates->set_var('lang_number_stories', $LANG04[84]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_stories', COM_numberFormat($N['count']));
$user_templates->set_var('lang_number_comments', $LANG04[85]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = {$user})";
if (!empty($sidList)) {
$sql .= " AND (sid in ({$sidList}))";
}
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_comments', COM_numberFormat($N['count']));
$user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
// Call custom registration function if enabled and exists
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
$user_templates->set_var('customfields', CUSTOM_userDisplay($user));
}
PLG_profileVariablesDisplay($user, $user_templates);
$user_templates->parse('output', 'profile');
$retval .= $user_templates->finish($user_templates->get_var('output'));
$retval .= PLG_profileBlocksDisplay($user);
return $retval;
}
/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @return string HTML for user profile page
*
*/
function userprofile()
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN;
// @param int $user User ID of profile to get
// @param int $msg Message to display (if != 0)
// @param string $plugin optional plugin name for message
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
$retval .= SEC_loginRequiredForm();
return $retval;
}
if (isset($_GET['uid'])) {
$user = COM_applyFilter($_GET['uid'], true);
if (!is_numeric($user) || $user < 2) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
if (isset($_GET['username'])) {
$username = $_GET['username'];
if (!USER_validateUsername($username, 1)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
if (empty($username) || $username == '') {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
$username = DB_escapeString($username);
$user = DB_getItem($_TABLES['users'], 'uid', "username = '******'");
if ($user < 2) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
}
$msg = 0;
if (isset($_GET['msg'])) {
$msg = COM_applyFilter($_GET['msg'], true);
}
$plugin = '';
if ($msg > 0 && isset($_GET['plugin'])) {
$plugin = COM_applyFilter($_GET['plugin']);
}
$result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,lastlogin,homepage,about,location,pgpkey,photo,email,status,emailfromadmin,emailfromuser,showonline FROM {$_TABLES['userinfo']},{$_TABLES['userprefs']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['userinfo']}.uid = {$_TABLES['userprefs']}.uid AND {$_TABLES['users']}.uid = " . (int) $user);
$nrows = DB_numRows($result);
if ($nrows == 0) {
// no such user
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
$A = DB_fetchArray($result);
if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) {
COM_displayMessageAndAbort(30, '', 403, 'Forbidden');
}
$display_name = @htmlspecialchars(COM_getDisplayName($user, $A['username'], $A['fullname']), ENT_COMPAT, COM_getEncodingt());
if ($msg > 0) {
$retval .= COM_showMessage($msg, $plugin, '', 0, 'info');
}
// format date/time to user preference
$curtime = COM_getUserDateTimeFormat($A['regdate']);
$A['regdate'] = $curtime[0];
$user_templates = new Template($_CONF['path_layout'] . 'users');
$user_templates->set_file(array('profile' => 'profile.thtml', 'email' => 'email.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
$user_templates->set_var('layout_url', $_CONF['layout_url']);
$user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
$user_templates->set_var('end_block', COM_endBlock());
$user_templates->set_var('lang_username', $LANG04[2]);
$user_templates->set_var('tooltip', COM_getTooltipStyle());
if ($_CONF['show_fullname'] == 1) {
if (empty($A['fullname'])) {
$username = $A['username'];
$fullname = '';
} else {
$username = $A['fullname'];
$fullname = $A['username'];
}
} else {
$username = $A['username'];
$fullname = '';
}
$username = @htmlspecialchars($username, ENT_COMPAT, COM_getEncodingt());
$fullname = @htmlspecialchars($fullname, ENT_COMPAT, COM_getEncodingt());
if ($A['status'] == USER_ACCOUNT_DISABLED) {
$username = sprintf('%s - %s', $username, $LANG28[42]);
if (!empty($fullname)) {
$fullname = sprintf('% - %s', $fullname, $LANG28[42]);
}
}
$user_templates->set_var('username', $username);
$user_templates->set_var('user_fullname', $fullname);
if (SEC_hasRights('user.edit') || isset($_USER['uid']) && $_USER['uid'] == $A['uid']) {
global $_IMAGE_TYPE, $LANG_ADMIN;
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '" />';
if ($_USER['uid'] == $A['uid']) {
$edit_url = "{$_CONF['site_url']}/usersettings.php";
} else {
$edit_url = "{$_CONF['site_admin_url']}/user.php?edit=x&uid={$A['uid']}";
}
$edit_link_url = COM_createLink($edit_icon, $edit_url);
$user_templates->set_var('edit_icon', $edit_icon);
$user_templates->set_var('edit_link', $edit_link_url);
$user_templates->set_var('user_edit', $edit_url);
} else {
$user_templates->set_var('user_edit', '');
}
if (isset($A['photo']) && empty($A['photo'])) {
$A['photo'] = '(none)';
// user does not have a photo
}
$lastlogin = $A['lastlogin'];
$lasttime = COM_getUserDateTimeFormat($lastlogin);
$photo = USER_getPhoto($user, $A['photo'], $A['email'], -1, 0);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
if ($_CONF['lastlogin'] && $A['showonline']) {
$user_templates->set_var('lang_lastlogin', $LANG28[35]);
if (!empty($lastlogin)) {
$user_templates->set_var('user_lastlogin', $lasttime[0]);
} else {
$user_templates->set_var('user_lastlogin', $LANG28[36]);
}
}
if ($A['showonline']) {
if (DB_count($_TABLES['sessions'], 'uid', (int) $user)) {
$user_templates->set_var('online', 'online');
}
}
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $user);
if ($A['email'] == '' || $A['emailfromuser'] == 0) {
$user_templates->set_var('email_option', '');
} else {
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->parse('email_option', 'email', true);
}
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_online', $LANG04[160]);
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', nl2br($A['about']));
$user_templates->set_var('follow_me', SOC_getFollowMeIcons($user, 'follow_user_profile.thtml'));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
}
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82] . ' ' . $display_name);
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('headline_last10comments', $LANG04[10] . ' ' . $display_name);
}
$user_templates->set_var('headline_postingstats', $LANG04[83] . ' ' . $display_name);
$result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$nrows = DB_numRows($result);
$tids = array();
for ($i = 0; $i < $nrows; $i++) {
$T = DB_fetchArray($result);
$tids[] = $T['tid'];
}
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (sizeof($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = '" . (int) $user . "') AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
} else {
$nrows = 0;
}
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
$user_templates->set_var('article_url', $articleUrl);
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('story_title', COM_createLink($C['title'], $articleUrl, array('class' => '')));
$storytime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('story_date', $storytime[0]);
$user_templates->parse('story_row', 'strow', true);
}
} else {
$user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
}
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
// list of last 10 comments by this user
$sidArray = array();
if (sizeof($tids) > 0) {
// first, get a list of all stories the current visitor has access to
$sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$result = DB_query($sql);
$numsids = DB_numRows($result);
for ($i = 1; $i <= $numsids; $i++) {
$S = DB_fetchArray($result);
$sidArray[] = $S['sid'];
}
}
$sidList = implode("', '", $sidArray);
$sidList = "'{$sidList}'";
// then, find all comments by the user in those stories
$sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = '" . (int) $user . "') GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
// SQL NOTE: Using a HAVING clause is usually faster than a where if the
// field is part of the select
// if (!empty ($sidList)) {
// $sql .= " AND (sid in ($sidList))";
// }
if (!empty($sidList)) {
$sql .= " HAVING sid in ({$sidList})";
}
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$C['title'] = str_replace('$', '$', $C['title']);
$comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid'];
$user_templates->set_var('comment_title', COM_createLink($C['title'], $comment_url, array('class' => '')));
$commenttime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('comment_date', $commenttime[0]);
$user_templates->parse('comment_row', 'row', true);
}
} else {
$user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
}
}
// posting stats for this user
$user_templates->set_var('lang_number_stories', $LANG04[84]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = " . (int) $user . ") AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_stories', COM_numberFormat($N['count']));
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('lang_number_comments', $LANG04[85]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = " . (int) $user . ")";
if (!empty($sidList)) {
$sql .= " AND (sid in ({$sidList}))";
}
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_comments', COM_numberFormat($N['count']));
$user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
}
// hook to the profile icon display
$profileIcons = PLG_profileIconDisplay($user);
if (is_array($profileIcons) && count($profileIcons) > 0) {
$user_templates->set_block('profile', 'profileicon', 'pi');
for ($x = 0; $x < count($profileIcons); $x++) {
if (isset($profileIcons[$x]['url']) && $profileIcons[$x]['url'] != '' && isset($profileIcons[$x]['icon']) && $profileIcons[$x]['icon'] != '') {
$user_templates->set_var('profile_icon_url', $profileIcons[$x]['url']);
$user_templates->set_var('profile_icon_icon', $profileIcons[$x]['icon']);
$user_templates->set_var('profile_icon_text', $profileIcons[$x]['text']);
$user_templates->parse('pi', 'profileicon', true);
}
}
}
// Call custom registration function if enabled and exists
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
$user_templates->set_var('customfields', CUSTOM_userDisplay($user));
}
PLG_profileVariablesDisplay($user, $user_templates);
$user_templates->parse('output', 'profile');
$retval .= $user_templates->finish($user_templates->get_var('output'));
$retval .= PLG_profileBlocksDisplay($user);
return $retval;
}
/**
* Shows a profile for a user
* This grabs the user profile for a given user and displays it
*
* @param int $uid User ID of profile to get
* @param boolean $preview whether being called as preview from My Account
* @param int $msg Message to display (if != 0)
* @param string $plugin optional plugin name for message
* @return string HTML for user profile page
*/
function USER_showProfile($uid, $preview = false, $msg = 0, $plugin = '')
{
global $_CONF, $_TABLES, $_USER, $_IMAGE_TYPE, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN, $LANG_ADMIN;
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
$retval .= SEC_loginRequiredForm();
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_LOGIN[1]));
return $retval;
}
$result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email,status FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = {$uid}");
$numRows = DB_numRows($result);
if ($numRows == 0) {
// no such user
COM_handle404();
}
$A = DB_fetchArray($result);
if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) {
COM_displayMessageAndAbort(30, '', 403, 'Forbidden');
}
if ($A['status'] != USER_ACCOUNT_ACTIVE && !SEC_hasRights('user.edit')) {
COM_handle404();
}
$display_name = COM_getDisplayName($uid, $A['username'], $A['fullname']);
$display_name = htmlspecialchars($display_name);
if (!$preview) {
if ($msg > 0) {
$retval .= COM_showMessage($msg, $plugin);
}
}
// format date/time to user preference
$currentTime = COM_getUserDateTimeFormat($A['regdate']);
$A['regdate'] = $currentTime[0];
$user_templates = COM_newTemplate($_CONF['path_layout'] . 'users');
$user_templates->set_file(array('profile' => 'profile.thtml', 'email' => 'email.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
$user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
$user_templates->set_var('end_block', COM_endBlock());
$user_templates->set_var('lang_username', $LANG04[2]);
if ($_CONF['show_fullname'] == 1) {
if (empty($A['fullname'])) {
$userName = $A['username'];
$fullName = '';
} else {
$userName = $A['fullname'];
$fullName = $A['username'];
}
} else {
$userName = $A['username'];
$fullName = $A['fullname'];
}
$userName = htmlspecialchars($userName);
$fullName = htmlspecialchars($fullName);
if ($A['status'] == USER_ACCOUNT_DISABLED) {
$userName = sprintf('<s title="%s">%s</s>', $LANG28[42], $userName);
if (!empty($fullName)) {
$fullName = sprintf('<s title="%s">%s</s>', $LANG28[42], $fullName);
}
}
$user_templates->set_var('username', $userName);
$user_templates->set_var('user_fullname', $fullName);
if ($preview) {
$user_templates->set_var('edit_icon', '');
$user_templates->set_var('edit_link', '');
$user_templates->set_var('user_edit', '');
} elseif (!COM_isAnonUser() && $_USER['uid'] == $uid) {
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[48] . '" title="' . $LANG01[48] . '"' . XHTML . '>';
$edit_link_url = COM_createLink($edit_icon, $_CONF['site_url'] . '/usersettings.php');
$user_templates->set_var('edit_icon', $edit_icon);
$user_templates->set_var('edit_link', $edit_link_url);
$user_templates->set_var('user_edit', $edit_link_url);
} elseif (SEC_hasRights('user.edit')) {
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>';
$edit_link_url = COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}");
$user_templates->set_var('edit_icon', $edit_icon);
$user_templates->set_var('edit_link', $edit_link_url);
$user_templates->set_var('user_edit', $edit_link_url);
}
if (isset($A['photo']) && empty($A['photo'])) {
$A['photo'] = '(none)';
// user does not have a photo
}
$photo = USER_getPhoto($uid, $A['photo'], $A['email'], -1);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $uid);
$user_templates->set_var('uid', $uid);
if ($A['email'] != '') {
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->parse('email_option', 'email', true);
} else {
$user_templates->set_var('email_option', '');
}
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', COM_nl2br(stripslashes($A['about'])));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', COM_nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82]);
$user_templates->set_var('headline_last10comments', $LANG04[10]);
$user_templates->set_var('headline_postingstats', $LANG04[83]);
$tids = TOPIC_getList(0, true, false);
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (count($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate\n FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE (uid = {$uid}) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND') . "\n AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1\n ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$numRows = DB_numRows($result);
} else {
$numRows = 0;
}
if ($numRows > 0) {
for ($i = 0; $i < $numRows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$articleUrl = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
$user_templates->set_var('article_url', $articleUrl);
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('story_title', COM_createLink(stripslashes($C['title']), $articleUrl, array('class' => 'b')));
$storyTime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('story_date', $storyTime[0]);
$user_templates->parse('story_row', 'strow', true);
}
} else {
$story_row = $LANG01[37];
if ($_CONF['supported_version_theme'] == '1.8.1') {
$story_row = '<tr><td>' . $story_row . '</td></tr>';
}
$user_templates->set_var('story_row', $story_row);
}
// list of last 10 comments by this user
$new_plugin_comments = PLG_getWhatsNewComment('', 10, $uid);
if (!empty($new_plugin_comments)) {
// Sort array by element lastdate newest to oldest
foreach ($new_plugin_comments as $k => $v) {
$b[$k] = strtolower($v['unixdate']);
}
arsort($b);
foreach ($b as $key => $val) {
$temp[] = $new_plugin_comments[$key];
}
$new_plugin_comments = $temp;
$i = 0;
foreach ($new_plugin_comments as $C) {
$i = $i + 1;
$user_templates->set_var('cssid', $i % 2);
$user_templates->set_var('row_number', $i . '.');
$C['title'] = str_replace('$', '$', $C['title']);
$comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid'];
$user_templates->set_var('comment_title', COM_createLink(stripslashes($C['title']), $comment_url, array('class' => 'b')));
$commentTime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('comment_date', $commentTime[0]);
$user_templates->parse('comment_row', 'row', true);
if ($i == 10) {
break;
}
}
} else {
$comment_row = $LANG01[29];
if ($_CONF['supported_version_theme'] == '1.8.1') {
$comment_row = '<tr><td>' . $comment_row . '</td></tr>';
}
$user_templates->set_var('comment_row', $comment_row);
}
// posting stats for this user
$user_templates->set_var('lang_number_stories', $LANG04[84]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = {$uid}) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_stories', COM_numberFormat($N['count']));
$user_templates->set_var('lang_number_comments', $LANG04[85]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = {$uid})";
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_comments', COM_numberFormat($N['count']));
$user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
// Call custom registration function if enabled and exists
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
$user_templates->set_var('customfields', CUSTOM_userDisplay($uid));
}
PLG_profileVariablesDisplay($uid, $user_templates);
$user_templates->parse('output', 'profile');
$retval .= $user_templates->finish($user_templates->get_var('output'));
$retval .= PLG_profileBlocksDisplay($uid);
if (!$preview) {
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG04[1] . ' ' . $display_name));
}
return $retval;
}