function _userslistFilters( $search, &$lists, $inputTextExtras, $searchTabContent, $hideAdvancedLink = false ) {
if ( count( $searchTabContent ) > 0 ) {
cbUsersList::outputAdvancedSearchJs( 'onlyactive' );
}
?>
<table cellpadding="4" cellspacing="0" border="0" width="100%">
<tr>
<td style="width:80%;"><?php echo CBTxt::T('Search'); ?>: <input type="text" name="search" value="<?php echo htmlspecialchars( $search );?>" class="inputbox" onChange="document.adminForm.submit();"<?php echo $inputTextExtras; ?> />
<?php
if ( count( $searchTabContent ) > 0 && ! $hideAdvancedLink ) {
?>
<span id="cbUserListsSearchTrigger"><a href="#"><?php echo CBTxt::Th('Advanced Search'); ?></a></span>
<?php
}
?>
</td>
<?php
foreach ( $lists as $li ) {
?>
<td width="right">
<?php echo $li;?>
</td>
<?php
}
?>
</tr>
</table>
<?php
if ( $searchTabContent ) {
if ( strpos( $inputTextExtras, 'disabled="disabled"' ) === false ) {
?>
<div class="cbUsersList"><div id="cbUsersListInner">
<div class="cbUserListHeadTitle">
<div class="contentdescription cbUserListSearch" id="cbUserListsSearcher" style="display:none;">
<button type="submit" class="cbAdvancedSearch"><?php echo CBTxt::T('Search'); ?></button>
<div class="cbUserListSearchFields">
<?php
echo $searchTabContent;
?>
<div class="cbClr"></div>
</div>
<button type="submit" class="cbAdvancedSearch"><?php echo CBTxt::T('Search'); ?></button>
</div>
</div>
</div><div class="cbClr"> </div></div><div class="cbClr"> </div>
<?php
} else {
echo '<div style="display:none;">' . $searchTabContent . '</div>';
}
}
}
/**
* Check authorization to view for $contentType for content $id
*
* @since 1.8 (experimental)
*
* @param string $contentType Content-type: 'profile'
* @param int $id Content id
* @return boolean True if authorized, False if not authorized
*/
public function authoriseView($contentType, $id)
{
global $_PLUGINS;
$authorization = false;
if ($contentType == 'profile') {
// Check for profile View Access Level (new in CB 2.0):
$viewAccessLevel = Application::Config()->get('profile_viewaccesslevel', 0, GetterInterface::INT);
if ($viewAccessLevel == 0) {
// No configuration here: Check for old config (safely defaulting to Special View access level) until config is re-saved:
$oldGID = Application::Config()->get('allow_profileviewbyGID', 3, GetterInterface::INT);
$mapping = array(-2 => 1, -1 => 2, 0 => 1, 1 => 1, 2 => 2, 3 => 3);
if (in_array($oldGID, $mapping)) {
$viewAccessLevel = $mapping[$oldGID];
} else {
// Default here is "Special" Access level until configuration is saved:
$viewAccessLevel = 3;
}
}
$authorization = Application::MyUser()->canViewAccessLevel($viewAccessLevel);
}
if ($contentType == 'userslist') {
$authorization = Application::MyUser()->canViewAccessLevel(cbUsersList::getInstance($id)->viewaccesslevel);
}
if ($_PLUGINS) {
$_PLUGINS->trigger('onAfterAuthorizeView', array($contentType, $id, &$authorization));
}
return $authorization;
}
function usersList( $uid ) {
global $_CB_database, $_CB_framework, $ueConfig, $Itemid, $_PLUGINS, $_POST, $_REQUEST;
cbimport( 'cb.lists' );
if ( isset( $_POST['listid'] ) ) {
$listid = (int) cbGetParam( $_POST, 'listid', 0 );
} else {
$listid = (int) cbGetParam( $_GET, 'listid', 0 );
}
$searchFormValuesRAW = $_GET;
$cbList = new cbUsersList();
$cbList->drawUsersList( $uid, $listid, $searchFormValuesRAW );
}
function drawUsersList( $uid, $listid, $searchFormValuesRAW ) {
global $_CB_database, $_CB_framework, $ueConfig, $Itemid, $_PLUGINS;
$search = null;
$searchGET = cbGetParam( $searchFormValuesRAW, 'search' );
$limitstart = (int) cbGetParam( $searchFormValuesRAW, 'limitstart', 0 );
$searchmode = (int) cbGetParam( $searchFormValuesRAW, 'searchmode', 0 );
$randomParam = (int) cbGetParam( $searchFormValuesRAW, 'rand', 0 );
// old search on formated name:
/* if ( $searchPOST || count( $_POST ) ) {
// simple spoof check security
cbSpoofCheck( 'usersList' );
if ( cbGetParam( $searchFormValuesRAW, "action" ) == "search" ) {
$search = $searchPOST;
}
} else
if ( isset( $searchFormValuesRAW['limitstart'] ) ) {
$search = stripslashes( $searchGET );
}
*/
// get my user and gets the list of user lists he is allowed to see (ACL):
$myCbUser =& CBuser::getInstance( $uid );
if ( $myCbUser === null ) {
$myCbUser =& CBuser::getInstance( null );
}
$myUser =& $myCbUser->getUserData();
/*
$myUser = new moscomprofilerUser( $_CB_database );
if ( $uid ) {
$myUser->load( (int) $uid );
}
*/
$useraccessgroupSQL = " AND useraccessgroupid IN (".implode(',',getChildGIDS(userGID($uid))).")";
$_CB_database->setQuery( "SELECT listid, title FROM #__comprofiler_lists WHERE published=1" . $useraccessgroupSQL . " ORDER BY ordering" );
$plists = $_CB_database->loadObjectList();
$lists = array();
$publishedlists = array();
for ( $i=0, $n=count( $plists ); $i < $n; $i++ ) {
$plist =& $plists[$i];
$listTitleNoHtml = strip_tags( cbReplaceVars( getLangDefinition( $plist->title ), $myUser, false, false ) );
$publishedlists[] = moscomprofilerHTML::makeOption( $plist->listid, $listTitleNoHtml );
}
// select either list selected or default list to which he has access (ACL):
if ( $listid == 0 ) {
$_CB_database->setQuery( "SELECT listid FROM #__comprofiler_lists "
. "\n WHERE `default`=1 AND published=1" . $useraccessgroupSQL );
$listid = (int) $_CB_database->loadresult();
if ( $listid == 0 && ( count( $plists ) > 0 ) ) {
$listid = (int) $plists[0]->listid;
}
}
if ( ! ( $listid > 0 ) ) {
echo _UE_NOLISTFOUND;
return;
}
// generates the drop-down list of lists:
if ( count( $plists ) > 1 ) {
$lists['plists'] = moscomprofilerHTML::selectList( $publishedlists, 'listid', 'class="inputbox" size="1" onchange="this.form.submit();"', 'value', 'text', $listid, 1 );
}
// loads the list record:
$row = new moscomprofilerLists( $_CB_database );
if ( ( ! $row->load( (int) $listid ) ) || ( $row->published != 1 ) ) {
echo _UE_LIST_DOES_NOT_EXIST;
return;
}
if ( ! allowAccess( $row->useraccessgroupid,'RECURSE', userGID($uid) ) ) {
echo _UE_NOT_AUTHORIZED;
return;
}
$params = new cbParamsBase( $row->params );
$hotlink_protection = $params->get( 'hotlink_protection', 0 );
if ( $hotlink_protection == 1 ) {
if ( ( $searchGET !== null ) || $limitstart ) {
cbSpoofCheck( 'usersList', 'GET' );
}
}
$limit = (int) $params->get( 'list_limit' );
if ( $limit == 0 ) {
$limit = (int) $ueConfig['num_per_page'];
}
$showPaging = $params->get( 'list_paging', 1 );
if ( $showPaging != 1 ) {
$limitstart = 0;
}
$isModerator = isModerator( $_CB_framework->myId() );
$_PLUGINS->loadPluginGroup( 'user' );
// $plugSearchFieldsArray = $_PLUGINS->trigger( 'onStartUsersList', array( &$listid, &$row, &$search, &$limitstart, &$limit ) );
$_PLUGINS->trigger( 'onStartUsersList', array( &$listid, &$row, &$search, &$limitstart, &$limit ) );
// handles the users allowed to be listed in the list by ACL:
$allusergids = array();
$usergids = explode( ',', $row->usergroupids );
/* This was a bug tending to list admins when "public backend" was checked, and all frontend users when "public backend was checked. Now just ignore them:
foreach( $usergids AS $usergid ) {
$allusergids[] = $usergid;
if ($usergid==29 || $usergid==30) {
$groupchildren = array();
$groupchildren = $_CB_framework->acl->get_group_children( $usergid, 'ARO','RECURSE' );
$allusergids = array_merge($allusergids,$groupchildren);
}
}
*/
$allusergids = array_diff( $usergids, array( 29, 30 ) );
$usergids = implode( ",", $allusergids );
// build SQL Select query:
$random = 0;
if( $row->sortfields != '' ) {
$matches = null;
if ( preg_match( '/^RAND\(\)\s(ASC|DESC)$/', $row->sortfields, $matches ) ) {
// random sorting needs to have same seed on pages > 1 to not have probability to show same users:
if ( $limitstart ) {
$random = (int) $randomParam;
}
if ( ! $random ) {
$random = rand( 0, 32767 );
}
$row->sortfields = 'RAND(' . (int) $random . ') ' . $matches[1];
}
$orderby = "\n ORDER BY " . $row->sortfields;
}
$filterby = '';
if ( $row->filterfields != '' ) {
$filterRules = utf8RawUrlDecode( substr( $row->filterfields, 1 ) );
if ( $_CB_framework->myId() ) {
$user = new moscomprofilerUser( $_CB_database );
if ( $user->load( (int) $_CB_framework->myId() ) ) {
$filterRules = cbReplaceVars( $filterRules, $user, array( $_CB_database, 'getEscaped' ), false, array() );
}
}
$filterby = " AND ". $filterRules;
}
// Prepare part after SELECT .... " and before "FROM" :
$tableReferences = array( '#__comprofiler' => 'ue', '#__users' => 'u' );
// Fetch all fields:
$tabs = $myCbUser->_getCbTabs(); // new cbTabs( 0, 1 ); //TBD: later: this private method should not be called here, but the whole users-list should go into there and be called here.
$allFields = $tabs->_getTabFieldsDb( null, $myUser, 'list' );
// $_CB_database->setQuery( "SELECT * FROM #__comprofiler_fields WHERE published = 1" );
// $allFields = $_CB_database->loadObjectList( 'fieldid', 'moscomprofilerFields', array( &$_CB_database ) );
//Make columns array. This array will later be constructed from the tabs table:
$columns = array();
for ( $i = 1; $i < 50; ++$i ) {
$enabledVar = "col".$i."enabled";
if ( ! isset( $row->$enabledVar ) ) {
break;
}
$titleVar = "col".$i."title";
$fieldsVar = "col".$i."fields";
$captionsVar = "col".$i."captions";
if ( $row->$enabledVar == 1 ) {
$col = new stdClass();
$col->fields = ( $row->$fieldsVar ? explode( '|*|', $row->$fieldsVar ) : array() );
$col->title = $row->$titleVar;
$col->titleRendered = $myCbUser->replaceUserVars( $col->title );
$col->captions = $row->$captionsVar;
// $col->sort = 1; //All columns can be sorted
$columns[$i] = $col;
}
}
// build fields and tables accesses, also check for searchable fields:
$searchableFields = array();
$fieldsSQL = cbUsersList::getFieldsSQL( $columns, $allFields, $tableReferences, $searchableFields, $params );
$_PLUGINS->trigger( 'onAfterUsersListFieldsSql', array( &$columns, &$allFields, &$tableReferences ) );
$tablesSQL = array();
$joinsSQL = array();
$tablesWhereSQL = array( 'block' => 'u.block = 0',
'approved' => 'ue.approved = 1',
'confirmed' => 'ue.confirmed = 1'
);
if ( checkJversion() == 2 ) {
$joinsSQL[] = 'JOIN #__user_usergroup_map g ON g.`user_id` = u.`id`';
}
if ( ! $isModerator ) {
$tablesWhereSQL['banned'] = 'ue.banned = 0';
}
if ( $usergids ) {
if ( checkJversion() == 2 ) {
$tablesWhereSQL['gid'] = 'g.group_id IN (' . $usergids . ')';
} else {
$tablesWhereSQL['gid'] = 'u.gid IN (' . $usergids . ')';
}
}
foreach ( $tableReferences as $table => $name ) {
$tablesSQL[] = $table . ' ' . $name;
if ( $name != 'u' ) {
$tablesWhereSQL[] = "u.`id` = " . $name . ".`id`";
}
}
// handles search criterias:
$list_compare_types = $params->get( 'list_compare_types', 0 );
$searchVals = new stdClass();
$searchesFromFields = $tabs->applySearchableContents( $searchableFields, $searchVals, $searchFormValuesRAW, $list_compare_types );
$whereFields = $searchesFromFields->reduceSqlFormula( $tableReferences, $joinsSQL, TRUE );
if ( $whereFields ) {
$tablesWhereSQL[] = '(' . $whereFields . ')';
/*
if ( $search === null ) {
$search = '';
}
*/
}
$_PLUGINS->trigger( 'onBeforeUsersListBuildQuery', array( &$tablesSQL, &$joinsSQL, &$tablesWhereSQL ) );
$queryFrom = "FROM " . implode( ', ', $tablesSQL )
. ( count( $joinsSQL ) ? "\n " . implode( "\n ", $joinsSQL ) : '' )
. "\n WHERE " . implode( "\n AND ", $tablesWhereSQL );
// handles old formatted names search:
/*
if ( $search != '' ) {
$searchSQL = cbEscapeSQLsearch( strtolower( $_CB_database->getEscaped( $search ) ) );
$queryFrom .= " AND (";
$searchFields = array();
if ( $ueConfig['name_format']!='3' ) {
$searchFields[] = "u.name LIKE '%%s%'";
}
if ( $ueConfig['name_format']!='1' ) {
$searchFields[] = "u.username LIKE '%%s%'";
}
if ( is_array( $plugSearchFieldsArray ) ) {
foreach ( $plugSearchFieldsArray as $v ) {
if ( is_array( $v ) ) {
$searchFields = array_merge( $searchFields, $v );
}
}
}
$queryFrom .= str_replace( '%s', $searchSQL, implode( " OR ", $searchFields ) );
$queryFrom .= ")";
}
*/
$queryFrom .= " " . $filterby;
$_PLUGINS->trigger( 'onBeforeUsersListQuery', array( &$queryFrom, 1, $listid ) ); // $uid = 1
$errorMsg = null;
// counts number of users and loads the listed fields of the users if not in search-form-only mode:
if ( $searchmode == 0 ) {
if ( checkJversion() == 2 ) {
$_CB_database->setQuery( "SELECT COUNT(DISTINCT u.id) " . $queryFrom );
} else {
$_CB_database->setQuery( "SELECT COUNT(*) " . $queryFrom );
}
$total = $_CB_database->loadResult();
if ( ( $limit > $total ) || ( $limitstart >= $total ) ) {
$limitstart = 0;
}
// $query = "SELECT u.id, ue.banned, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby
if ( checkJversion() == 2 ) {
$query = "SELECT DISTINCT ue.*, u.*, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby;
} else {
$query = "SELECT ue.*, u.*, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby;
}
$_CB_database->setQuery( $query, (int) $limitstart, (int) $limit );
$users = $_CB_database->loadObjectList( null, 'moscomprofilerUser', array( &$_CB_database ) );
if ( ! $_CB_database->getErrorNum() ) {
// creates the CBUsers in cache corresponding to the $users:
foreach ( array_keys( $users ) as $k) {
CBuser::setUserGetCBUserInstance( $users[$k] );
}
} else {
$users = array();
$errorMsg = _UE_ERROR_IN_QUERY_TURN_SITE_DEBUG_ON_TO_VIEW;
}
if ( count( get_object_vars( $searchVals ) ) > 0 ) {
$search = '';
} else {
$search = null;
}
} else {
$total = null;
$users = array();
if ( $search === null ) {
$search = '';
}
}
// Compute itemId of users in users-list:
if ( $Itemid ) {
$option_itemid = (int) $Itemid;
} else {
$option_itemid = getCBprofileItemid( 0 );
}
HTML_comprofiler::usersList( $row, $users, $columns, $allFields, $lists, $listid, $search, $searchmode, $option_itemid, $limitstart, $limit, $total, $myUser, $searchableFields, $searchVals, $tabs, $list_compare_types, $showPaging, $hotlink_protection, $errorMsg, $random );
}
static function usersList(&$row, &$users, &$columns, &$allFields, &$lists, $listid, $search, $searchmode, $option_itemid, $limitstart, $limit, $total, &$myUser, &$searchableFields, &$searchVals, &$tabs, $list_compare_types, $showPaging, $hotlink_protection, $errorMsg, $random)
{
global $_CB_framework, $ueConfig, $_PLUGINS, $_POST, $_GET, $_REQUEST;
$results = $_PLUGINS->trigger('onBeforeDisplayUsersList', array(&$row, &$users, &$columns, &$allFields, &$lists, $listid, &$search, &$option_itemid, 1));
// $uid = 1
$cbTemplate = HTML_comprofiler::_cbTemplateLoad();
// regroup parts of the different plugins:
$pluginAdditions = array('search', 'header', 'footer');
$pluginAdditions['search'] = array();
$pluginAdditions['header'] = array();
$pluginAdditions['footer'] = array();
if (is_array($results) && count($results) > 0) {
foreach ($results as $res) {
if (is_array($res)) {
foreach ($res as $k => $v) {
$pluginAdditions[$k][] = $v;
}
}
}
}
$listTitleHtml = cbReplaceVars(getLangDefinition($row->title), $myUser);
$listTitleNoHtml = strip_tags(cbReplaceVars(getLangDefinition($row->title), $myUser, false, false));
$listDescription = cbReplaceVars(getLangDefinition($row->description), $myUser);
$_CB_framework->setPageTitle($listTitleNoHtml);
$_CB_framework->appendPathWay($listTitleHtml);
$cbSpoofField = cbSpoofField();
$cbSpoofString = cbSpoofString(null, 'usersList');
if ($hotlink_protection == 1) {
$spoofAmp = "&" . $cbSpoofField . '=' . urlencode($cbSpoofString);
} else {
$spoofAmp = null;
}
// Base URL string:
$ue_base_url = 'index.php?option=com_comprofiler&task=usersList&listid=' . (int) $listid . '&Itemid=' . (int) $option_itemid;
$ue_base_url_non_sef = $_CB_framework->getCfg('live_site') . '/' . $ue_base_url;
// $adminimagesdir = "components/com_comprofiler/images/";
$searchTabContent = $tabs->getSearchablesContents($searchableFields, $myUser, $searchVals, $list_compare_types);
// table content:
$tableContent =& HTML_comprofiler::_getListTableContent($users, $columns, $allFields);
outputCbTemplate(1);
//no need for now: initToolTip(1);
// paginator addition:
$pagingSearch = '';
foreach (get_object_vars($searchVals) as $k => $v) {
if (is_array($v)) {
$pArr = '&' . urlencode($k);
foreach ($v as $kk => $vv) {
$pagingSearch .= $pArr . '[' . urlencode($kk) . ']=' . urlencode($vv);
}
} else {
$pagingSearch .= '&' . urlencode($k) . '=' . urlencode($v);
}
}
if ($random) {
$pagingSearch .= '&rand=' . (int) $random;
}
// Add Javascript to click tr:
$jsClickTr = " {" . "\n\t\tvar cbUserURLs = new Array(";
if (is_array($users) && $ueConfig['allow_profilelink'] == 1) {
foreach ($users as $user) {
$jsClickTr .= "'" . cbSef('index.php?option=com_comprofiler&task=userProfile&user='******',";
}
}
$jsClickTr .= "'');" . "\n\t\t\$('#cbUserTable > tbody > tr').click( function(e) {" . "\n\t\t\tif ( ! ( \$(e.target).is('a') || ( \$(e.target).is('img') && \$(e.target).parent().is('a') ) || \$(e.target).hasClass('cbClicksInside') || ( \$(e.target).parents('.cbClicksInside').length > 0 ) || ( \$(this).attr('id') == '' ) ) ) {" . ($ueConfig['allow_profilelink'] == 1 ? "\n\t\t\t\twindow.location = cbUserURLs[this.id.substr(3)];" : '') . "\n\t\t\t\treturn false;" . "\n\t\t\t}" . "\n\t\t} );" . "\n\t}";
$_CB_framework->outputCbJQuery($jsClickTr);
/*
// Add Javascript to pagination of list
$jsPagination = " $('#cbUserList a.pagenav').click( function() {"
// Get the href of the pagination link:
. "\n var href = $(this).attr('href');"
// Get the page limitstart value:
. "\n var matches = /limitstart=(\\d*)/.exec(href);"
. "\n if ( matches && matches.length == 2 ) {"
// Set limitstart input:
. "\n $('input#cbListlimitstart').val( matches[1] );"
// Submit the form, so the values are taken:
. "\n $('form#adminForm').submit();"
// And avoid the <a> link being followed:
. "\n return false;"
. "\n }"
// Link doesn't match, simply follow link:
. "\n return true;"
. "\n } );"
;
$_CB_framework->outputCbJQuery( $jsPagination );
*/
if (count($searchableFields) > 0) {
cbUsersList::outputAdvancedSearchJs($search);
}
// list title:
?>
<div class="cbUsersList"><div id="cbUsersListInner">
<?php
if ($errorMsg) {
echo '<div class="error">' . $errorMsg . '</div>';
}
?>
<form class="cb_form" name="adminForm" id="adminForm" method="get" action="<?php
echo $ue_base_url_non_sef . "&action=search";
// on purpose without SEF, as joomla 1.0/mambo 4.5.5 core sef doesn't work with this.
?>
" >
<input type="hidden" name="option" value="com_comprofiler" />
<input type="hidden" name="task" value="usersList" />
<input type="hidden" name="Itemid" value="<?php
echo $option_itemid;
?>
" />
<input type="hidden" name="limitstart" id="cbListlimitstart" value="0" />
<input type="hidden" name="search" value="" />
<?php
/* old method, replaced by hidden search field above:
<div class="cbUserListSearchBox">
<div>
<input type="text" name="search" class="inputbox" size="15" maxlength="100" value="<?php echo htmlspecialchars( $search ); ?>" />
<input type="image" src="<?php echo $adminimagesdir; ?>search.gif" alt="<?php echo _UE_SEARCH; ?>" align="top" style="border: 0px;" />
</div>
</div>
<div class="cbClr"></div>
*/
echo cbGetSpoofInputTag(null, $cbSpoofString);
// Render search-area header:
if (count($pluginAdditions['search'])) {
$searchTabContent .= '<div class="cbClr"></div><div id="cbUserListSearchPlugins"><div>' . implode('</div><div>', $pluginAdditions['search']) . '</div></div>';
}
$totalIsAllUsers = !($search !== null || $row->filterfields != '');
$searchResultDisplaying = $search !== null;
$searchCriteriaTitleHtml = cbReplaceVars(_UE_SEARCH_CRITERIA, $myUser);
if ($searchmode == 0) {
$searchResultsTitleHtml = cbReplaceVars(_UE_SEARCH_RESULTS, $myUser);
} else {
$searchResultsTitleHtml = null;
}
echo HTML_comprofiler::_cbTemplateRender($cbTemplate, $myUser, 'List', 'drawListHead', array(&$lists, $listid, $total, $totalIsAllUsers, $searchTabContent, $searchResultDisplaying, $ue_base_url_non_sef, $listTitleHtml, $listDescription, $searchCriteriaTitleHtml, $searchResultsTitleHtml));
?>
</form>
<?php
if ($searchmode == 0) {
if (count($pluginAdditions['header'])) {
echo '<div id="cbUserListHeader"><div>' . implode('</div><div>', $pluginAdditions['header']) . '</div></div>';
}
if ($showPaging && ($limitstart != 0 || $limit <= $total)) {
// top page links:
?>
<div class="cbUserListPagination cbUserListPaginationTop" style="width:100%;text-align:center;"><?php
echo writePagesLinks($limitstart, $limit, $total, $ue_base_url . $pagingSearch . $spoofAmp, $search);
?>
</div>
<?php
}
// Render the list itself:
echo HTML_comprofiler::_cbTemplateRender($cbTemplate, $myUser, 'List', 'drawListBody', array(&$users, &$columns, &$tableContent, $listid, $ueConfig['allow_profilelink']));
if ($showPaging && ($limitstart != 0 || $limit <= $total)) {
// bottom page links:
?>
<div class="cbUserListPagination cbUserListPaginationBottom" style="width:100%;text-align:center;"><?php
echo writePagesLinks($limitstart, $limit, $total, $ue_base_url . $pagingSearch . $spoofAmp, $search);
?>
</div>
<?php
}
if (count($pluginAdditions['footer'])) {
echo '<div id="cbUserListFooter"><div>' . implode('</div><div>', $pluginAdditions['footer']) . '</div></div>';
}
}
// end of if ( $searchmode == 0 )
?>
</div><div class="cbClr"> </div></div><div class="cbClr"> </div>
<?php
}
/**
* @param ListTable $row
* @param UserTable[] $users
* @param array $columns
* @param FieldTable[] $fields
* @param array $input
* @param string|null $search
* @param int $searchmode
* @param cbPageNav $pageNav
* @param UserTable $myUser
* @param FieldTable[] $searchableFields
* @param stdClass $searchValues
* @param cbTabs $tabs
* @param string|null $errorMsg
* @param bool $listAll
* @param int $random
*/
static function usersList(&$row, &$users, &$columns, &$fields, &$input, $search, $searchmode, $pageNav, &$myUser, &$searchableFields, &$searchValues, &$tabs, $errorMsg, $listAll = true, $random = 0)
{
global $_CB_framework, $_PLUGINS, $_POST, $_GET, $_REQUEST;
$params = new Registry($row->params);
// The Itemid for this userlist; kept for trigger B/C:
$Itemid = getCBprofileItemid(null, 'userslist', '&listid=' . (int) $row->listid);
$results = $_PLUGINS->trigger('onBeforeDisplayUsersList', array(&$row, &$users, &$columns, &$fields, &$input, $row->listid, &$search, &$Itemid, 1));
// $uid = 1
// Plugin content divided by location:
$pluginAdditions = array('search', 'header', 'footer');
$pluginAdditions['search'] = array();
$pluginAdditions['header'] = array();
$pluginAdditions['footer'] = array();
if (is_array($results) && count($results) > 0) {
foreach ($results as $res) {
if (is_array($res)) {
foreach ($res as $k => $v) {
$pluginAdditions[$k][] = $v;
}
}
}
}
outputCbTemplate(1);
outputCbJs();
cbValidator::loadValidation();
$cbTemplate = HTML_comprofiler::_cbTemplateLoad();
if ($errorMsg) {
$_CB_framework->enqueueMessage($errorMsg, 'error');
}
// Page title and pathway:
$listTitleHtml = cbReplaceVars($row->title, $myUser);
$listTitleNoHtml = strip_tags(cbReplaceVars($row->title, $myUser, false, false));
$listDescription = cbReplaceVars($row->description, $myUser);
$_CB_framework->setPageTitle($listTitleNoHtml);
$_CB_framework->appendPathWay($listTitleHtml);
// Add row click JS:
if ($params->get('allow_profilelink', 1)) {
$allowProfileLink = true;
} else {
$allowProfileLink = false;
}
$js = "var cbUserURLs = [];";
if (is_array($users) && $allowProfileLink) {
// Ensures the jQuery array index matches the same as HTML ID index (e.g. cbU0, cbU1):
$index = 0;
foreach ($users as $user) {
$js .= "cbUserURLs[{$index}] = '" . addslashes($_CB_framework->userProfileUrl((int) $user->id, false)) . "';";
$index++;
}
}
$js .= "\$( '.cbUserListRow' ).click( function( e ) {" . "if ( ! ( \$( e.target ).is( 'a' ) || ( \$( e.target ).is( 'img' ) && \$( e.target ).parent().is( 'a' ) ) || \$( e.target ).hasClass( 'cbClicksInside' ) || ( \$( e.target ).parents( '.cbClicksInside' ).length > 0 ) || ( \$( this ).attr( 'id' ) == '' ) ) ) {" . "var index = \$( this ).prop( 'id' ).substr( 3 );";
if ($allowProfileLink) {
$js .= "window.location = cbUserURLs[index];";
}
$js .= "return false;" . "}" . "});";
$_CB_framework->outputCbJQuery($js);
// Search JS:
$isSearching = $search !== null;
if ($isSearching && $params->get('list_search_collapse', 0) && !in_array($searchmode, array(1, 2))) {
$isCollapsed = true;
} else {
$isCollapsed = false;
}
if (count($searchableFields) > 0) {
cbUsersList::outputAdvancedSearchJs($isCollapsed ? null : $search);
}
// Base form URL:
$baseUrl = $_CB_framework->rawViewUrl('userslist', true, array('listid' => (int) $row->listid, 'searchmode' => 0), 'html', 0, '&listid=' . (int) $row->listid);
// Searching attributes:
$showAll = $search === null;
$criteriaTitle = cbReplaceVars(CBTxt::Th('UE_SEARCH_CRITERIA', 'Search criteria'), $myUser);
if ($searchmode == 0 || $searchmode == 1 && count(get_object_vars($searchValues)) || $searchmode == 2) {
$resultsTitle = cbReplaceVars(CBTxt::Th('UE_SEARCH_RESULTS', 'Search results'), $myUser);
} else {
$resultsTitle = null;
}
// Search content:
$searchTabContent = $tabs->getSearchableContents($searchableFields, $myUser, $searchValues, $params->get('list_compare_types', 0));
if (count($pluginAdditions['search'])) {
$searchTabContent .= '<div class="cbUserListSearchPlugins">' . '<div>' . implode('</div><div>', $pluginAdditions['search']) . '</div>' . '</div>';
}
// User row content:
$tableContent =& HTML_comprofiler::_getListTableContent($users, $columns, $fields);
if ($params->get('list_grid_layout', 0)) {
$layout = 'grid';
} else {
$layout = 'list';
}
$gridHeight = (int) $params->get('list_grid_height', 200);
$gridWidth = (int) $params->get('list_grid_width', 200);
if ($params->get('list_show_selector', 1)) {
$listSelector = true;
} else {
$listSelector = false;
}
$pageClass = $_CB_framework->getMenuPageClass();
$return = '<div class="cbUsersList cb_template cb_template_' . selectTemplate('dir') . ($pageClass ? ' ' . htmlspecialchars($pageClass) : null) . '">' . '<form action="' . $_CB_framework->rawViewUrl('userslist', true, array('listid' => (int) $row->listid), 'html', 0, '&listid=' . (int) $row->listid) . '" method="get" id="adminForm" name="adminForm" class="cb_form form-auto cbValidation">' . '<input type="hidden" name="option" value="com_comprofiler" />' . '<input type="hidden" name="view" value="userslist" />' . (!$listSelector ? '<input type="hidden" name="listid" value="' . (int) $row->listid . '" />' : null) . '<input type="hidden" name="Itemid" value="' . (int) $Itemid . '" />' . '<input type="hidden" name="limitstart" value="0" />' . '<input type="hidden" name="searchmode" value="' . (int) $searchmode . '" />' . '<input type="hidden" name="search" value="" />' . ($random ? '<input type="hidden" name="rand" value="' . (int) $random . '" />' : null) . cbGetSpoofInputTag('userslist') . $_PLUGINS->callTemplate($cbTemplate, 'List', 'drawListHead', array(&$input, $row->listid, $pageNav->total, $showAll, $searchTabContent, $isSearching, $baseUrl, $listTitleHtml, $listDescription, $criteriaTitle, $resultsTitle, $listAll, $listSelector, $isCollapsed, $searchmode), 'html');
if ($searchmode == 0 || $searchmode == 1 && count(get_object_vars($searchValues)) || $searchmode == 2) {
$canPage = $params->get('list_paging', 1) && ($pageNav->limitstart != 0 || $pageNav->limit <= $pageNav->total);
if (count($pluginAdditions['header'])) {
$return .= '<div class="cbUserListHeader">' . '<div>' . implode('</div><div>', $pluginAdditions['header']) . '</div>' . '</div>';
}
$return .= $_PLUGINS->callTemplate($cbTemplate, 'List', 'drawListBody', array(&$users, &$columns, &$tableContent, $row->listid, $allowProfileLink, $layout, $gridHeight, $gridWidth, $searchmode), 'html');
if ($canPage) {
$return .= '<div class="cbUserListPagination cbUserListPaginationBottom text-center">' . $pageNav->getListLinks() . '</div>';
}
if (count($pluginAdditions['footer'])) {
$return .= '<div class="cbUserListFooter">' . '<div>' . implode('</div><div>', $pluginAdditions['footer']) . '</div>' . '</div>';
}
}
$return .= '</form>' . '</div>' . cbPoweredBy();
echo $return;
$_CB_framework->setMenuMeta();
}
function usersList($uid)
{
global $_POST, $_REQUEST;
cbimport('cb.lists');
if (isset($_POST['listid'])) {
$listid = (int) cbGetParam($_POST, 'listid', 0);
} else {
$listid = (int) cbGetParam($_GET, 'listid', 0);
}
$searchFormValuesRAW = $_GET;
$cbList = new cbUsersList();
$cbList->drawUsersList($uid, $listid, $searchFormValuesRAW);
}
/**
* Draws Users list (ECHO)
*
* @param int $userId
* @param int $listId
* @param array $postData
* @return void
*/
public function drawUsersList($userId, $listId, $postData)
{
global $_CB_database, $_PLUGINS;
$_PLUGINS->loadPluginGroup('user');
$searchData = cbGetParam($postData, 'search');
$limitstart = (int) cbGetParam($postData, 'limitstart');
$searchMode = (int) cbGetParam($postData, 'searchmode', 0);
$random = (int) cbGetParam($postData, 'rand', 0);
$cbUser = CBuser::getInstance((int) $userId, false);
$user = $cbUser->getUserData();
$search = null;
$input = array();
$publishedLists = array();
$query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote('#__comprofiler_lists') . "\n WHERE " . $_CB_database->NameQuote('published') . " = 1" . "\n AND " . $_CB_database->NameQuote('viewaccesslevel') . " IN " . $_CB_database->safeArrayOfIntegers(Application::MyUser()->getAuthorisedViewLevels()) . "\n ORDER BY " . $_CB_database->NameQuote('ordering');
$_CB_database->setQuery($query);
/** @var ListTable[] $userLists */
$userLists = $_CB_database->loadObjectList(null, '\\CB\\Database\\Table\\ListTable', array($_CB_database));
if ($userLists) {
foreach ($userLists as $userList) {
$publishedLists[] = moscomprofilerHTML::makeOption((int) $userList->listid, strip_tags($cbUser->replaceUserVars($userList->title, false, false)));
if (!$listId && $userList->default) {
$listId = (int) $userList->listid;
}
}
if (!$listId) {
$listId = (int) $userLists[0]->listid;
}
}
if (!$listId) {
echo CBTxt::Th('UE_NOLISTFOUND', 'There are no published user lists!');
return;
}
if ($userLists) {
$input['plists'] = moscomprofilerHTML::selectList($publishedLists, 'listid', 'class="form-control input-block" onchange="this.form.submit();"', 'value', 'text', (int) $listId, 1);
}
$row = self::getInstance((int) $listId);
if (!$row) {
echo CBTxt::Th('UE_LIST_DOES_NOT_EXIST', 'This list does not exist');
return;
}
if (!$cbUser->authoriseView('userslist', $row->listid)) {
echo CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!');
return;
}
$params = new Registry($row->params);
if ($params->get('hotlink_protection', 0) == 1) {
if ($searchData !== null || $limitstart) {
cbSpoofCheck('userslist', 'GET');
}
}
$limit = (int) $params->get('list_limit', 30);
if (!$limit) {
$limit = 30;
}
if ($params->get('list_paging', 1) != 1) {
$limitstart = 0;
}
$isModerator = Application::MyUser()->isGlobalModerator();
$_PLUGINS->trigger('onStartUsersList', array(&$listId, &$row, &$search, &$limitstart, &$limit));
// Prepare query variables:
$userGroupIds = explode('|*|', $row->usergroupids);
$orderBy = self::getSorting($listId, $userId, $random);
$filterBy = self::getFiltering($listId, $userId);
$columns = self::getColumns($listId, $userId);
// Grab all the fields the $user can access:
$tabs = new cbTabs(0, 1);
$fields = $tabs->_getTabFieldsDb(null, $user, 'list');
// Build the field SQL:
$tableReferences = array('#__comprofiler' => 'ue', '#__users' => 'u');
$searchableFields = array();
$fieldsSQL = cbUsersList::getFieldsSQL($columns, $fields, $tableReferences, $searchableFields, $params);
$_PLUGINS->trigger('onAfterUsersListFieldsSql', array(&$columns, &$fields, &$tableReferences));
// Build the internal joins and where statements best off list parameters:
$tablesSQL = array();
$joinsSQL = array();
$tablesWhereSQL = array();
if ($isModerator) {
if (!$params->get('list_show_blocked', 0)) {
$tablesWhereSQL['block'] = 'u.block = 0';
}
if (!$params->get('list_show_banned', 1)) {
$tablesWhereSQL['banned'] = 'ue.banned = 0';
}
if (!$params->get('list_show_unapproved', 0)) {
$tablesWhereSQL['approved'] = 'ue.approved = 1';
}
if (!$params->get('list_show_unconfirmed', 0)) {
$tablesWhereSQL['confirmed'] = 'ue.confirmed = 1';
}
} else {
$tablesWhereSQL = array('block' => 'u.block = 0', 'approved' => 'ue.approved = 1', 'confirmed' => 'ue.confirmed = 1', 'banned' => 'ue.banned = 0');
}
$joinsSQL[] = 'JOIN #__user_usergroup_map g ON g.`user_id` = u.`id`';
if ($userGroupIds) {
$tablesWhereSQL['gid'] = 'g.group_id IN ' . $_CB_database->safeArrayOfIntegers($userGroupIds);
}
foreach ($tableReferences as $table => $name) {
if ($name == 'u') {
$tablesSQL[] = $table . ' ' . $name;
} else {
$joinsSQL[] = 'JOIN ' . $table . ' ' . $name . ' ON ' . $name . '.`id` = u.`id`';
}
}
// Build the search criteria:
$searchValues = new stdClass();
$searchesFromFields = $tabs->applySearchableContents($searchableFields, $searchValues, $postData, $params->get('list_compare_types', 0));
$whereFields = $searchesFromFields->reduceSqlFormula($tableReferences, $joinsSQL, true);
if ($whereFields) {
$tablesWhereSQL[] = '(' . $whereFields . ')';
}
$_PLUGINS->trigger('onBeforeUsersListBuildQuery', array(&$tablesSQL, &$joinsSQL, &$tablesWhereSQL));
// Construct the FROM and WHERE for the userlist query:
$queryFrom = "FROM " . implode(', ', $tablesSQL) . (count($joinsSQL) ? "\n " . implode("\n ", $joinsSQL) : '') . "\n WHERE " . implode("\n AND ", $tablesWhereSQL) . " " . $filterBy;
$_PLUGINS->trigger('onBeforeUsersListQuery', array(&$queryFrom, 1, $listId));
// $ui = 1 (frontend)
$errorMsg = null;
// Checks if the list is being actively searched and it allows searching; otherwise reset back to normal:
$searchCount = count(get_object_vars($searchValues));
if ($params->get('list_search', 1) > 0 && $params->get('list_search_empty', 0) && !$searchCount) {
$searchMode = 1;
$listAll = false;
} else {
$listAll = $searchCount ? true : false;
}
if ($searchMode == 0 || $searchMode == 1 && $searchCount || $searchMode == 2) {
// Prepare the userlist count query for pagination:
$_CB_database->setQuery("SELECT COUNT( DISTINCT u.id ) " . $queryFrom);
$total = $_CB_database->loadResult();
if ($limit > $total || $limitstart >= $total) {
$limitstart = 0;
}
// Prepare the actual userlist query to build a list of users:
$query = "SELECT DISTINCT ue.*, u.*, '' AS 'NA' " . ($fieldsSQL ? ", " . $fieldsSQL . " " : '') . $queryFrom . " " . $orderBy;
$_CB_database->setQuery($query, (int) $limitstart, (int) $limit);
/** @var UserTable[] $users */
$users = $_CB_database->loadObjectList(null, '\\CB\\Database\\Table\\UserTable', array($_CB_database));
if (!$_CB_database->getErrorNum()) {
$profileLink = $params->get('allow_profilelink', 1);
// If users exist lets cache them and disable profile linking if necessary:
if ($users) {
foreach (array_keys($users) as $k) {
// Add this user to cache:
CBuser::setUserGetCBUserInstance($users[$k]);
if (!$profileLink) {
$users[$k]->set('_allowProfileLink', 0);
}
}
}
} else {
$errorMsg = CBTxt::T('UE_ERROR_IN_QUERY_TURN_SITE_DEBUG_ON_TO_VIEW', 'There is an error in the database query. Site admin can turn site debug to on to view and fix the query.');
}
if ($searchCount) {
$search = '';
} else {
$search = null;
}
if ($search === null && ($searchMode == 1 && $searchCount || $searchMode == 2)) {
$search = '';
}
} else {
$total = 0;
$users = array();
if ($search === null) {
$search = '';
}
}
$pageNav = new cbPageNav($total, $limitstart, $limit);
HTML_comprofiler::usersList($row, $users, $columns, $fields, $input, $search, $searchMode, $pageNav, $user, $searchableFields, $searchValues, $tabs, $errorMsg, $listAll, $random);
}
