Пример #1
0
 /**
  * If login failed set the conter +1
  *
  * @param object $event The event object
  * @return null
  * @access public
  */
 public function login_box_failed($event)
 {
     // Set the counter +1
     $sql = 'UPDATE ' . USERS_TABLE . " SET failed_logins_count = failed_logins_count + 1\n\t\t\tWHERE username_clean = '" . $this->db->sql_escape(utf8_clean_string($event['username'])) . "'";
     $this->db->sql_query($sql);
     // Add to user log
     $this->log->add('user', ANONYMOUS, $this->user->ip, 'TRY_TO_LOGIN_FAIL', time(), array('reportee_id' => ANONYMOUS, 'username' => $event['username']));
 }
Пример #2
0
 private function getUser($user_id)
 {
     $user_id = (int) $user_id;
     $result = $this->db->sql_query('SELECT user_id, user_type, username FROM ' . USERS_TABLE . ' WHERE user_id=' . $this->db->sql_escape($user_id));
     $user_row = $this->db->sql_fetchrow($result);
     return $user_row;
 }
Пример #3
0
    public function search($start = 1)
    {
        if (!$this->auth->acl_get('u_usermap_search')) {
            trigger_error('NOT_AUTHORISED');
        }
        $this->template->assign_block_vars('navlinks', array('FORUM_NAME' => $this->user->lang('USERMAP_TITLE'), 'U_VIEW_FORUM' => $this->helper->route('tas2580_usermap_index', array())));
        $lon = substr($this->request->variable('lon', ''), 0, 10);
        $lat = substr($this->request->variable('lat', ''), 0, 10);
        $dst = $this->request->variable('dst', $this->config['tas2580_usermap_search_distance']);
        $alpha = 180 * $dst / (6378137 / 1000 * 3.14159);
        $min_lon = $this->db->sql_escape($lon - $alpha);
        $max_lon = $this->db->sql_escape($lon + $alpha);
        $min_lat = $this->db->sql_escape($lat - $alpha);
        $max_lat = $this->db->sql_escape($lat + $alpha);
        $where = " WHERE ( user_usermap_lon >= '{$min_lon}' AND user_usermap_lon <= '{$max_lon}') AND ( user_usermap_lat >= '{$min_lat}' AND user_usermap_lat<= '{$max_lat}')";
        $limit = (int) $this->config['topics_per_page'];
        $sql = 'SELECT COUNT(user_id) AS num_users
			FROM ' . USERS_TABLE . $where;
        $result = $this->db->sql_query($sql);
        $total_users = (int) $this->db->sql_fetchfield('num_users');
        $this->db->sql_freeresult($result);
        $sql = 'SELECT user_id, username, user_colour, user_regdate, user_posts, group_id, user_usermap_lon, user_usermap_lat
			FROM ' . USERS_TABLE . $where;
        $result = $this->db->sql_query_limit($sql, $limit, ($start - 1) * $limit);
        while ($row = $this->db->sql_fetchrow($result)) {
            $distance = $this->get_distance($lon, $lat, $row['user_usermap_lon'], $row['user_usermap_lat']);
            $this->template->assign_block_vars('memberrow', array('USER_ID' => $row['user_id'], 'USERNAME' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'JOINED' => $this->user->format_date($row['user_regdate']), 'POSTS' => $row['user_posts'], 'GROUP_ID' => $row['group_id'], 'DISTANCE' => $distance));
        }
        $this->pagination->generate_template_pagination(array('routes' => array('tas2580_usermap_search', 'tas2580_usermap_search_page'), 'params' => array()), 'pagination', 'start', $total_users, $limit, ($start - 1) * $limit);
        $this->template->assign_vars(array('TOTAL_USERS' => $this->user->lang('TOTAL_USERS', (int) $total_users), 'L_SEARCH_EXPLAIN' => $this->user->lang('SEARCH_EXPLAIN', $dst, $lon, $lat)));
        return $this->helper->render('usermap_search.html', $this->user->lang('USERMAP_SEARCH'));
    }
Пример #4
0
 /**
  * @param $report_ids - an array of report ids to check for
  * @return bool - true iff there is an existing report for given report_id
  */
 public function feedbackReportsExist(array $report_ids)
 {
     // no ids given
     if (!$report_ids) {
         return false;
     }
     // SQL escape ids
     $ids = array();
     foreach ($report_ids as $id) {
         $ids[] = $this->db->sql_escape($id);
     }
     $sql = 'SELECT COUNT(*) AS num_reports FROM ' . $this->tables['reports'] . ' WHERE report_id IN (' . implode(', ', $ids) . ")";
     $result = $this->db->sql_query($sql);
     return (int) $this->db->sql_fetchfield('num_reports') == count($report_ids);
 }
Пример #5
0
    /**
     * Sets the permissions-cache in users-table to given array.
     */
    public function set_user_permissions($user_ids, $permissions = false)
    {
        $sql_set = is_array($permissions) ? $this->db->sql_escape($this->serialize_auth_data($permissions)) : '';
        $sql_where = '';
        if (is_array($user_ids)) {
            $sql_where = 'WHERE ' . $this->db->sql_in_set('user_id', array_map('intval', $user_ids));
        } else {
            if ($user_ids == 'all') {
                $sql_where = '';
            } else {
                $sql_where = 'WHERE user_id = ' . (int) $user_ids;
            }
        }
        if ($this->user->is_user($user_ids)) {
            $this->user->set_permissions_changed(time());
        }
        $sql = 'UPDATE ' . $this->table_users . "\n\t\t\t\tSET user_permissions = '" . $sql_set . "',\n\t\t\t\t\tuser_permissions_changed = " . time() . '
				' . $sql_where;
        $this->db->sql_query($sql);
    }
Пример #6
0
    /**
     * Rate user
     *
     * @return null
     * @access public
     */
    public function rate_user()
    {
        add_form_key('rate');
        //$this->user->add_lang_ext('pico/reputation', 'reputation_common');
        $submit = $this->request->is_set_post('submit');
        $username = $this->request->variable('username', '', true);
        $points = $this->request->variable('points', '');
        $comment = $this->request->variable('comment', '', true);
        $errors = array();
        if ($submit) {
            if (!check_form_key('rate')) {
                $errors[] = $this->user->lang('FORM_INVALID');
            }
            $sql = 'SELECT user_id
				FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE username_clean = '" . $this->db->sql_escape(utf8_clean_string($username)) . "'";
            $result = $this->db->sql_query($sql);
            $user_id_to = (int) $this->db->sql_fetchfield('user_id');
            $this->db->sql_freeresult($result);
            if (!$user_id_to) {
                $errors[] = $this->user->lang('NO_USER');
            }
            if (!is_numeric($points)) {
                $errors[] = $this->user->lang('POINTS_INVALID');
            }
        }
        if ($submit && empty($errors)) {
            $data = array('user_id_from' => $this->user->data['user_id'], 'user_id_to' => $user_id_to, 'reputation_type' => 'user', 'reputation_item_id' => $user_id_to, 'reputation_points' => $points, 'reputation_comment' => $comment);
            try {
                $this->reputation_manager->store_reputation($data);
                trigger_error($this->user->lang('RS_VOTE_SAVED') . adm_back_link($this->u_action));
            } catch (\pico\reputation\exception\base $e) {
                // Catch exceptions and add them to errors array
                $errors[] = $e->get_message($this->user);
            }
        }
        $this->template->assign_vars(array('S_ERROR' => sizeof($errors) ? true : false, 'ERROR_MSG' => implode('<br />', $errors), 'U_ACTION' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$this->phpbb_root_path}memberlist.{$this->php_ext}", 'mode=searchuser&amp;form=rate&amp;field=username&amp;select_single=true'), 'RS_USERNAME' => $username, 'RS_POINTS' => $points, 'RS_COMMENT' => $comment));
    }