} } if (isset($_GET['profile'])) { $profile = (int) $_GET['profile']; // need an overview button to enable navigation within the page echo '<a class="button" href="./">overview</a>' . "\n"; if ($profile < 0) { echo '<p>You tried to view the visits log of a not existing user!</p>'; $site->dieAndEndPageNoBox(''); } if ($profile === 0) { echo '<p>The user id 0 is reserved for not logged in players and thus no user with that id could ever exist.</p>' . "\n"; $site->dieAndEndPageNoBox(''); } $query = 'SELECT `name` FROM `users` WHERE `users`.`id`=' . sqlSafeStringQuotes($profile) . ' LIMIT 1'; if (!($result = @$site->execute_query('players', $query, $connection))) { $site->dieAndEndPageNoBox('<p>It seems like the name of player with id ' . sqlSafeStringQuotes(htmlent($profile)) . ' can not be accessed for an unknown reason.</p>'); } // existance test of user skipped intentionally // if the user does not exist, there will be no visits for him // sanity checks passed // get the name of the player in question $player_name = '(no player name)'; while ($row = mysql_fetch_array($result)) { $player_name = $row['name']; } mysql_free_result($result); // collect visits list of that player // example query: SELECT `users`.`name`,`visits`.`ip-address`, `visits`.`host`, `visits`.`timestamp` // FROM `visits`,`users` WHERE `visits`.`userid`='16' AND `users`.`id`='16' // ORDER BY `visits`.`id` DESC LIMIT 0,201
$profile = (int) urldecode($_GET['profile']); } if (isset($_GET['edit'])) { $profile = (int) urldecode($_GET['edit']); } if (isset($_GET['ban'])) { $profile = (int) urldecode($_GET['ban']); } if ($profile === 0) { echo '<a class="button" href="./">overview</a>' . "\n"; echo '<p>The user id 0 is reserved for not logged in players and thus no user with that id could ever exist.</p>' . "\n"; $site->dieAndEndPage(''); } // is player banned and does he exist? $query = 'SELECT `status` FROM `users` WHERE `id`=' . sqlSafeStringQuotes($profile) . ' LIMIT 1'; if (!($result = @$site->execute_query('users', $query, $connection))) { show_overview_and_profile_button(); $site->dieAndEndPage('It seems like the player profile can not be accessed for an unknown reason.'); } $suspended_status = 'deleted'; $rows = (int) mysql_num_rows($result); if ($rows === 1) { while ($row = mysql_fetch_array($result)) { $suspended_status = $row['status']; } } mysql_free_result($result); if ($rows === 0) { // someone tried to view the profile of a non existing user echo '<a class="button" href="./">overview</a>' . "\n"; echo '<p>This user does not exist.</p>';