$user = $mysqli->real_escape_string($_GET['user']); if (!is_numeric($user)) { header("Location:index.php"); exit; } //check that it is either the correct user or a moderator if ($user != $_SESSION['shastrixid'] && $_SESSION['forum_accesslevel'] < 7) { header("Location: index.php?show=userlist"); exit; } $sql = "SELECT realname, forum_accesslevel, email_address, forum_avatar, website, location, occupation, interests, bio, forum_sig, forum_avatartype, forum_sigdefault, forum_pmallowed, restrictedname FROM users WHERE number = '{$user}'"; $request = $mysqli->query($sql) or die($mysqli->error); $row = $request->fetch_assoc(); $name = $row['realname']; $accesslevel = $row['forum_accesslevel']; $rank = moderatorlevels($row['forum_accesslevel'], 0); $col = moderatorcolours($row['forum_accesslevel'], 0); $email = $row['email_address']; $website = $row['website']; $location = $row['location']; $occupation = $row['occupation']; $interests = $row['interests']; $bio = $row['bio']; $sig = $row['forum_sig']; if ($row['forum_sigdefault'] == 1) { $sigchecked = "checked='checked'"; } if ($row['forum_pmallowed'] == 1) { $pmchecked = "checked='checked'"; } if ($row['restrictedname'] == 1) {
$post_text = stripslashes($_POST['post_text']); $post_text2 = htmlentities($post_text, ENT_QUOTES); $post_text_preview = craptohtml($post_text); $post_usesig = $_POST['post_usesig']; $sql_user = "******"; $request_user = $mysqli->query($sql_user) or die($mysqli->error); $row_user = $request_user->fetch_assoc(); $post_user = $row_user['realname']; if (strlen($post_user) > 9) { //whack in a line break $post_user_split = chunk_split($post_user); $post_user = $post_user_split[0] . $post_user_split[1] . $post_user_split[2] . $post_user_split[3] . $post_user_split[4] . $post_user_split[5] . $post_user_split[6] . $post_user_split[7] . $post_user_split[8] . $post_user_split[9] . $post_user_split[10] . $post_user_split[11] . "<br />" . $post_user_split[12] . $post_user_split[13] . $post_user_split[14] . $post_user_split[15]; } $post_rankno = $row_user['forum_accesslevel']; $post_posts = $row_user['forum_posts']; $post_rank = moderatorlevels($row_user['forum_accesslevel'], $post_posts); $post_colour = moderatorcolours($row_user['forum_accesslevel'], $post_posts); $post_bg = backgroundcolours($post_rankno, $post_posts); if (!empty($row_user['location'])) { $post_location = "Location: " . $row_user['location']; } if ($post_usesig == "on" && !empty($row_user['forum_sig'])) { $post_sig = "</td></tr><tr><td width='680' height='10' class='bottomall' style='background-color:{$post_bg};'>---<br />" . craptohtml($row_user['forum_sig']); $post_sigline = ""; } else { $post_sig = "</td></tr><tr><td class='bottomall' style='background-color:{$post_bg};'> "; $post_sigline = ""; } if (empty($row_user[forum_avatar])) { $avatar = "<img src='http://s3.shastrix.co.uk/forum/avatars/0.png' height='90' width='90' border='0' alt='Avatar' />"; } else {
<th width="75"><div align="center"><a href="?show=userlist&order=joined">User Since</a></div></th> <th width="50"><div align="center"><a href="?show=userlist&order=posts">No. Posts</a></div></th> <th width="100"><div align="center"><a href="?show=userlist&order=active">Last Active</a></div> <th width="50"><div align="center">Actions</div></th> </tr> <tr><td colspan="7"> </td></tr> <?php $counting = 0; while ($row_users = $request_users->fetch_assoc()) { $counting++; $listuserno = $row_users['number']; $listusername = $row_users['realname']; $posts = $row_users['forum_posts']; $lastactive = date('Y-m-d', strtotime($row_users['forum_lastactive'])); $usersince = $row_users['startdate']; $status = moderatorlevels($row_users['forum_accesslevel'], $posts); $statuscolour = moderatorcolours($row_users['forum_accesslevel'], $posts); $statuscolour2 = backgroundcolours($row_users['forum_accesslevel'], $posts); if ($row_users['forum_avatar'] == 1) { switch ($row_users['forum_avatartype']) { case 1: $ext = ".gif"; break; case 2: $ext = ".jpg"; break; } $avatar = "<img src='http://s3.shastrix.co.uk/forum/avatars/" . $listuserno . $ext . "' height='45' width='45' border='0'>"; } else { $avatar = ""; }
$showuser = $mysqli->real_escape_string($_GET['user']); if (!is_numeric($showuser)) { header("Location:index.php"); exit; } $sql = "SELECT realname, forum_accesslevel, blog_user, startdate, forum_posts, forum_avatar, forum_pmallowed, forum_lastactive, website, location, occupation, interests, bio, forum_avatartype FROM users WHERE number = '{$showuser}'"; $request = $mysqli->query($sql) or die($mysqli->error); $row = $request->fetch_assoc(); //if they are banned then only mods can see their user page if ($row['forum_accesslevel'] < 0 && $_SESSION['forums_accesslevel'] < 7) { header("Location: index.php?show=userlist"); exit; } $posts = $row['forum_posts']; $name = $row['realname']; $rank = moderatorlevels($row['forum_accesslevel'], $posts); $rank2 = $row['forum_accesslevel']; $col = moderatorcolours($row['forum_accesslevel'], $posts); $sc = semicircle($rank2, $posts); $startdate = $row['startdate']; $lastactive = date('Y-m-d', strtotime($row['forum_lastactive'])); if ($row['blog_user'] == 1) { $blog = "<a href='http://www.shastrix.com/blogs?blog={$name}' target='_blank'>My blog</a><br />"; } if (empty($row['forum_avatar'])) { $avatar = "<img src='http://s3.shastrix.co.uk/forum/avatars/0.png' height='90' width='90' border='0'>"; } else { switch ($row['forum_avatartype']) { case 1: $ext = ".gif"; break;
$request_topic = $mysqli->query($sql_topic) or die($mysqli->error); $row_topic = $request_topic->fetch_assoc(); $topic_name = $row_topic['topic_name']; //check whether quest posting is enabled if ($row_topic['topic_guest'] == 0) { header("Location:?"); exit; } $post_text = stripslashes($_POST['post_text']); $post_text2 = htmlentities($post_text, ENT_QUOTES); $post_text_preview = craptohtml($post_text); $usernumber = 0; $post_userid = 0; $post_user = "******"; $post_rankno = 0; $post_rank = moderatorlevels(0, 1); $post_colour = moderatorcolours(0, 1); $post_bg = backgroundcolours(0, 1); $post_scno = semicircle(0, 1); $post_posts = 1; $post_sig = "</td></tr><tr><td class='bottomall' style='background-color:{$post_bg}'> "; $post_sigline = ""; $avatar = "<img src='http://s3.shastrix.co.uk/forum/avatars/guest.jpg' height='90' width='90' border='0' alt='Avatar' />"; //the thing to test they are a real person and not a random bot from somewhere $test_no = rand(1, 12); switch ($test_no) { case 1: $test_q = ""; //how many sides $test_img = "1001.gif"; break;