[ Index ] |
PHP Cross Reference of phpBB-3.1.12-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 /** 15 * @ignore 16 */ 17 define('IN_PHPBB', true); 18 $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './'; 19 $phpEx = substr(strrchr(__FILE__, '.'), 1); 20 include($phpbb_root_path . 'common.' . $phpEx); 21 include($phpbb_root_path . 'includes/functions_display.' . $phpEx); 22 23 $mode = request_var('mode', ''); 24 25 if ($mode === 'contactadmin') 26 { 27 define('SKIP_CHECK_BAN', true); 28 define('SKIP_CHECK_DISABLED', true); 29 } 30 31 // Start session management 32 $user->session_begin(); 33 $auth->acl($user->data); 34 $user->setup(array('memberlist', 'groups')); 35 36 // Setting a variable to let the style designer know where he is... 37 $template->assign_var('S_IN_MEMBERLIST', true); 38 39 // Grab data 40 $action = request_var('action', ''); 41 $user_id = request_var('u', ANONYMOUS); 42 $username = request_var('un', '', true); 43 $group_id = request_var('g', 0); 44 $topic_id = request_var('t', 0); 45 46 // Redirect when old mode is used 47 if ($mode == 'leaders') 48 { 49 send_status_line(301, 'Moved Permanently'); 50 redirect(append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=team')); 51 } 52 53 // Check our mode... 54 if (!in_array($mode, array('', 'group', 'viewprofile', 'email', 'contact', 'contactadmin', 'searchuser', 'team', 'livesearch'))) 55 { 56 trigger_error('NO_MODE'); 57 } 58 59 switch ($mode) 60 { 61 case 'email': 62 case 'contactadmin': 63 break; 64 65 case 'livesearch': 66 if (!$config['allow_live_searches']) 67 { 68 trigger_error('LIVE_SEARCHES_NOT_ALLOWED'); 69 } 70 // No break 71 72 default: 73 // Can this user view profiles/memberlist? 74 if (!$auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel')) 75 { 76 if ($user->data['user_id'] != ANONYMOUS) 77 { 78 trigger_error('NO_VIEW_USERS'); 79 } 80 81 login_box('', ((isset($user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)])) ? $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)] : $user->lang['LOGIN_EXPLAIN_MEMBERLIST'])); 82 } 83 break; 84 } 85 86 $start = request_var('start', 0); 87 $submit = (isset($_POST['submit'])) ? true : false; 88 89 $default_key = 'c'; 90 $sort_key = request_var('sk', $default_key); 91 $sort_dir = request_var('sd', 'a'); 92 93 $user_types = array(USER_NORMAL, USER_FOUNDER); 94 if ($auth->acl_get('a_user')) 95 { 96 $user_types[] = USER_INACTIVE; 97 } 98 99 // What do you want to do today? ... oops, I think that line is taken ... 100 switch ($mode) 101 { 102 case 'team': 103 // Display a listing of board admins, moderators 104 if (!function_exists('user_get_id_name')) 105 { 106 include($phpbb_root_path . 'includes/functions_user.' . $phpEx); 107 } 108 109 $page_title = $user->lang['THE_TEAM']; 110 $template_html = 'memberlist_team.html'; 111 112 $sql = 'SELECT * 113 FROM ' . TEAMPAGE_TABLE . ' 114 ORDER BY teampage_position ASC'; 115 $result = $db->sql_query($sql, 3600); 116 $teampage_data = $db->sql_fetchrowset($result); 117 $db->sql_freeresult($result); 118 119 $sql_ary = array( 120 'SELECT' => 'g.group_id, g.group_name, g.group_colour, g.group_type, ug.user_id as ug_user_id, t.teampage_id', 121 122 'FROM' => array(GROUPS_TABLE => 'g'), 123 124 'LEFT_JOIN' => array( 125 array( 126 'FROM' => array(TEAMPAGE_TABLE => 't'), 127 'ON' => 't.group_id = g.group_id', 128 ), 129 array( 130 'FROM' => array(USER_GROUP_TABLE => 'ug'), 131 'ON' => 'ug.group_id = g.group_id AND ug.user_pending = 0 AND ug.user_id = ' . (int) $user->data['user_id'], 132 ), 133 ), 134 ); 135 136 $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary)); 137 138 $group_ids = $groups_ary = array(); 139 while ($row = $db->sql_fetchrow($result)) 140 { 141 if ($row['group_type'] == GROUP_HIDDEN && !$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $row['ug_user_id'] != $user->data['user_id']) 142 { 143 $row['group_name'] = $user->lang['GROUP_UNDISCLOSED']; 144 $row['u_group'] = ''; 145 } 146 else 147 { 148 $row['group_name'] = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']; 149 $row['u_group'] = append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $row['group_id']); 150 } 151 152 if ($row['teampage_id']) 153 { 154 // Only put groups into the array we want to display. 155 // We are fetching all groups, to ensure we got all data for default groups. 156 $group_ids[] = (int) $row['group_id']; 157 } 158 $groups_ary[(int) $row['group_id']] = $row; 159 } 160 $db->sql_freeresult($result); 161 162 $sql_ary = array( 163 'SELECT' => 'u.user_id, u.group_id as default_group, u.username, u.username_clean, u.user_colour, u.user_type, u.user_rank, u.user_posts, u.user_allow_pm, g.group_id', 164 165 'FROM' => array( 166 USER_GROUP_TABLE => 'ug', 167 ), 168 169 'LEFT_JOIN' => array( 170 array( 171 'FROM' => array(USERS_TABLE => 'u'), 172 'ON' => 'ug.user_id = u.user_id AND ug.user_pending = 0', 173 ), 174 array( 175 'FROM' => array(GROUPS_TABLE => 'g'), 176 'ON' => 'ug.group_id = g.group_id', 177 ), 178 ), 179 180 'WHERE' => $db->sql_in_set('g.group_id', $group_ids, false, true), 181 182 'ORDER_BY' => 'u.username_clean ASC', 183 ); 184 185 /** 186 * Modify the query used to get the users for the team page 187 * 188 * @event core.memberlist_team_modify_query 189 * @var array sql_ary Array containing the query 190 * @var array group_ids Array of group ids 191 * @var array teampage_data The teampage data 192 * @since 3.1.3-RC1 193 */ 194 $vars = array( 195 'sql_ary', 196 'group_ids', 197 'teampage_data', 198 ); 199 extract($phpbb_dispatcher->trigger_event('core.memberlist_team_modify_query', compact($vars))); 200 201 $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary)); 202 203 $user_ary = $user_ids = $group_users = array(); 204 while ($row = $db->sql_fetchrow($result)) 205 { 206 $row['forums'] = ''; 207 $row['forums_ary'] = array(); 208 $user_ary[(int) $row['user_id']] = $row; 209 $user_ids[] = (int) $row['user_id']; 210 $group_users[(int) $row['group_id']][] = (int) $row['user_id']; 211 } 212 $db->sql_freeresult($result); 213 214 $user_ids = array_unique($user_ids); 215 216 if (!empty($user_ids) && $config['teampage_forums']) 217 { 218 $template->assign_var('S_DISPLAY_MODERATOR_FORUMS', true); 219 // Get all moderators 220 $perm_ary = $auth->acl_get_list($user_ids, array('m_'), false); 221 222 foreach ($perm_ary as $forum_id => $forum_ary) 223 { 224 foreach ($forum_ary as $auth_option => $id_ary) 225 { 226 foreach ($id_ary as $id) 227 { 228 if (!$forum_id) 229 { 230 $user_ary[$id]['forums'] = $user->lang['ALL_FORUMS']; 231 } 232 else 233 { 234 $user_ary[$id]['forums_ary'][] = $forum_id; 235 } 236 } 237 } 238 } 239 240 $sql = 'SELECT forum_id, forum_name 241 FROM ' . FORUMS_TABLE; 242 $result = $db->sql_query($sql); 243 244 $forums = array(); 245 while ($row = $db->sql_fetchrow($result)) 246 { 247 $forums[$row['forum_id']] = $row['forum_name']; 248 } 249 $db->sql_freeresult($result); 250 251 foreach ($user_ary as $user_id => $user_data) 252 { 253 if (!$user_data['forums']) 254 { 255 foreach ($user_data['forums_ary'] as $forum_id) 256 { 257 $user_ary[$user_id]['forums_options'] = true; 258 if (isset($forums[$forum_id])) 259 { 260 if ($auth->acl_get('f_list', $forum_id)) 261 { 262 $user_ary[$user_id]['forums'] .= '<option value="">' . $forums[$forum_id] . '</option>'; 263 } 264 } 265 } 266 } 267 } 268 } 269 270 $parent_team = 0; 271 foreach ($teampage_data as $team_data) 272 { 273 // If this team entry has no group, it's a category 274 if (!$team_data['group_id']) 275 { 276 $template->assign_block_vars('group', array( 277 'GROUP_NAME' => $team_data['teampage_name'], 278 )); 279 280 $parent_team = (int) $team_data['teampage_id']; 281 continue; 282 } 283 284 $group_data = $groups_ary[(int) $team_data['group_id']]; 285 $group_id = (int) $team_data['group_id']; 286 287 if (!$team_data['teampage_parent']) 288 { 289 // If the group does not have a parent category, we display the groupname as category 290 $template->assign_block_vars('group', array( 291 'GROUP_NAME' => $group_data['group_name'], 292 'GROUP_COLOR' => $group_data['group_colour'], 293 'U_GROUP' => $group_data['u_group'], 294 )); 295 } 296 297 // Display group members. 298 if (!empty($group_users[$group_id])) 299 { 300 foreach ($group_users[$group_id] as $user_id) 301 { 302 if (isset($user_ary[$user_id])) 303 { 304 $row = $user_ary[$user_id]; 305 if ($config['teampage_memberships'] == 1 && ($group_id != $groups_ary[$row['default_group']]['group_id']) && $groups_ary[$row['default_group']]['teampage_id']) 306 { 307 // Display users in their primary group, instead of the first group, when it is displayed on the teampage. 308 continue; 309 } 310 311 $user_rank_data = phpbb_get_user_rank($row, (($row['user_id'] == ANONYMOUS) ? false : $row['user_posts'])); 312 313 $template_vars = array( 314 'USER_ID' => $row['user_id'], 315 'FORUMS' => $row['forums'], 316 'FORUM_OPTIONS' => (isset($row['forums_options'])) ? true : false, 317 'RANK_TITLE' => $user_rank_data['title'], 318 319 'GROUP_NAME' => $groups_ary[$row['default_group']]['group_name'], 320 'GROUP_COLOR' => $groups_ary[$row['default_group']]['group_colour'], 321 'U_GROUP' => $groups_ary[$row['default_group']]['u_group'], 322 323 'RANK_IMG' => $user_rank_data['img'], 324 'RANK_IMG_SRC' => $user_rank_data['img_src'], 325 326 'S_INACTIVE' => $row['user_type'] == USER_INACTIVE, 327 328 'U_PM' => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($row['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $row['user_id']) : '', 329 330 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 331 'USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']), 332 'USER_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']), 333 'U_VIEW_PROFILE' => get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']), 334 ); 335 336 /** 337 * Modify the template vars for displaying the user in the groups on the teampage 338 * 339 * @event core.memberlist_team_modify_template_vars 340 * @var array template_vars Array containing the query 341 * @var array row Array containing the action user row 342 * @var array groups_ary Array of groups with all users that should be displayed 343 * @since 3.1.3-RC1 344 */ 345 $vars = array( 346 'template_vars', 347 'row', 348 'groups_ary', 349 ); 350 extract($phpbb_dispatcher->trigger_event('core.memberlist_team_modify_template_vars', compact($vars))); 351 352 $template->assign_block_vars('group.user', $template_vars); 353 354 if ($config['teampage_memberships'] != 2) 355 { 356 unset($user_ary[$user_id]); 357 } 358 } 359 } 360 } 361 } 362 363 $template->assign_vars(array( 364 'PM_IMG' => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE'])) 365 ); 366 break; 367 368 case 'contact': 369 370 $page_title = $user->lang['IM_USER']; 371 $template_html = 'memberlist_im.html'; 372 373 if (!$auth->acl_get('u_sendim')) 374 { 375 trigger_error('NOT_AUTHORISED'); 376 } 377 378 $presence_img = ''; 379 switch ($action) 380 { 381 case 'jabber': 382 $lang = 'JABBER'; 383 $sql_field = 'user_jabber'; 384 $s_select = (@extension_loaded('xml') && $config['jab_enable']) ? 'S_SEND_JABBER' : 'S_NO_SEND_JABBER'; 385 $s_action = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&action=$action&u=$user_id"); 386 break; 387 388 default: 389 trigger_error('NO_MODE', E_USER_ERROR); 390 break; 391 } 392 393 // Grab relevant data 394 $sql = "SELECT user_id, username, user_email, user_lang, $sql_field 395 FROM " . USERS_TABLE . " 396 WHERE user_id = $user_id 397 AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')'; 398 $result = $db->sql_query($sql); 399 $row = $db->sql_fetchrow($result); 400 $db->sql_freeresult($result); 401 402 if (!$row) 403 { 404 trigger_error('NO_USER'); 405 } 406 else if (empty($row[$sql_field])) 407 { 408 trigger_error('IM_NO_DATA'); 409 } 410 411 // Post data grab actions 412 switch ($action) 413 { 414 case 'jabber': 415 add_form_key('memberlist_messaging'); 416 417 if ($submit && @extension_loaded('xml') && $config['jab_enable']) 418 { 419 if (check_form_key('memberlist_messaging')) 420 { 421 422 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); 423 424 $subject = sprintf($user->lang['IM_JABBER_SUBJECT'], $user->data['username'], $config['server_name']); 425 $message = utf8_normalize_nfc(request_var('message', '', true)); 426 427 if (empty($message)) 428 { 429 trigger_error('EMPTY_MESSAGE_IM'); 430 } 431 432 $messenger = new messenger(false); 433 434 $messenger->template('profile_send_im', $row['user_lang']); 435 $messenger->subject(htmlspecialchars_decode($subject)); 436 437 $messenger->replyto($user->data['user_email']); 438 $messenger->set_addresses($row); 439 440 $messenger->assign_vars(array( 441 'BOARD_CONTACT' => phpbb_get_board_contact($config, $phpEx), 442 'FROM_USERNAME' => htmlspecialchars_decode($user->data['username']), 443 'TO_USERNAME' => htmlspecialchars_decode($row['username']), 444 'MESSAGE' => htmlspecialchars_decode($message)) 445 ); 446 447 $messenger->send(NOTIFY_IM); 448 449 $s_select = 'S_SENT_JABBER'; 450 } 451 else 452 { 453 trigger_error('FORM_INVALID'); 454 } 455 } 456 break; 457 } 458 459 // Send vars to the template 460 $template->assign_vars(array( 461 'IM_CONTACT' => $row[$sql_field], 462 'A_IM_CONTACT' => addslashes($row[$sql_field]), 463 464 'USERNAME' => $row['username'], 465 'CONTACT_NAME' => $row[$sql_field], 466 'SITENAME' => $config['sitename'], 467 468 'PRESENCE_IMG' => $presence_img, 469 470 'L_SEND_IM_EXPLAIN' => $user->lang['IM_' . $lang], 471 'L_IM_SENT_JABBER' => sprintf($user->lang['IM_SENT_JABBER'], $row['username']), 472 473 $s_select => true, 474 'S_IM_ACTION' => $s_action) 475 ); 476 477 break; 478 479 case 'viewprofile': 480 // Display a profile 481 if ($user_id == ANONYMOUS && !$username) 482 { 483 trigger_error('NO_USER'); 484 } 485 486 // Get user... 487 $sql = 'SELECT * 488 FROM ' . USERS_TABLE . ' 489 WHERE ' . (($username) ? "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'" : "user_id = $user_id"); 490 $result = $db->sql_query($sql); 491 $member = $db->sql_fetchrow($result); 492 $db->sql_freeresult($result); 493 494 if (!$member) 495 { 496 trigger_error('NO_USER'); 497 } 498 499 // a_user admins and founder are able to view inactive users and bots to be able to manage them more easily 500 // Normal users are able to see at least users having only changed their profile settings but not yet reactivated. 501 if (!$auth->acl_get('a_user') && $user->data['user_type'] != USER_FOUNDER) 502 { 503 if ($member['user_type'] == USER_IGNORE) 504 { 505 trigger_error('NO_USER'); 506 } 507 else if ($member['user_type'] == USER_INACTIVE && $member['user_inactive_reason'] != INACTIVE_PROFILE) 508 { 509 trigger_error('NO_USER'); 510 } 511 } 512 513 $user_id = (int) $member['user_id']; 514 515 // Get group memberships 516 // Also get visiting user's groups to determine hidden group memberships if necessary. 517 $auth_hidden_groups = ($user_id === (int) $user->data['user_id'] || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? true : false; 518 $sql_uid_ary = ($auth_hidden_groups) ? array($user_id) : array($user_id, (int) $user->data['user_id']); 519 520 // Do the SQL thang 521 $sql = 'SELECT g.group_id, g.group_name, g.group_type, ug.user_id 522 FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug 523 WHERE ' . $db->sql_in_set('ug.user_id', $sql_uid_ary) . ' 524 AND g.group_id = ug.group_id 525 AND ug.user_pending = 0'; 526 $result = $db->sql_query($sql); 527 528 // Divide data into profile data and current user data 529 $profile_groups = $user_groups = array(); 530 while ($row = $db->sql_fetchrow($result)) 531 { 532 $row['user_id'] = (int) $row['user_id']; 533 $row['group_id'] = (int) $row['group_id']; 534 535 if ($row['user_id'] == $user_id) 536 { 537 $profile_groups[] = $row; 538 } 539 else 540 { 541 $user_groups[$row['group_id']] = $row['group_id']; 542 } 543 } 544 $db->sql_freeresult($result); 545 546 // Filter out hidden groups and sort groups by name 547 $group_data = $group_sort = array(); 548 foreach ($profile_groups as $row) 549 { 550 if ($row['group_type'] == GROUP_SPECIAL) 551 { 552 // Lookup group name in language dictionary 553 if (isset($user->lang['G_' . $row['group_name']])) 554 { 555 $row['group_name'] = $user->lang['G_' . $row['group_name']]; 556 } 557 } 558 else if (!$auth_hidden_groups && $row['group_type'] == GROUP_HIDDEN && !isset($user_groups[$row['group_id']])) 559 { 560 // Skip over hidden groups the user cannot see 561 continue; 562 } 563 564 $group_sort[$row['group_id']] = utf8_clean_string($row['group_name']); 565 $group_data[$row['group_id']] = $row; 566 } 567 unset($profile_groups); 568 unset($user_groups); 569 asort($group_sort); 570 571 $group_options = ''; 572 foreach ($group_sort as $group_id => $null) 573 { 574 $row = $group_data[$group_id]; 575 576 $group_options .= '<option value="' . $row['group_id'] . '"' . (($row['group_id'] == $member['group_id']) ? ' selected="selected"' : '') . '>' . $row['group_name'] . '</option>'; 577 } 578 unset($group_data); 579 unset($group_sort); 580 581 // What colour is the zebra 582 $sql = 'SELECT friend, foe 583 FROM ' . ZEBRA_TABLE . " 584 WHERE zebra_id = $user_id 585 AND user_id = {$user->data['user_id']}"; 586 587 $result = $db->sql_query($sql); 588 $row = $db->sql_fetchrow($result); 589 $foe = ($row['foe']) ? true : false; 590 $friend = ($row['friend']) ? true : false; 591 $db->sql_freeresult($result); 592 593 if ($config['load_onlinetrack']) 594 { 595 $sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline 596 FROM ' . SESSIONS_TABLE . " 597 WHERE session_user_id = $user_id"; 598 $result = $db->sql_query($sql); 599 $row = $db->sql_fetchrow($result); 600 $db->sql_freeresult($result); 601 602 $member['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0; 603 $member['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] : 0; 604 unset($row); 605 } 606 607 if ($config['load_user_activity']) 608 { 609 display_user_activity($member); 610 } 611 612 // Do the relevant calculations 613 $memberdays = max(1, round((time() - $member['user_regdate']) / 86400)); 614 $posts_per_day = $member['user_posts'] / $memberdays; 615 $percentage = ($config['num_posts']) ? min(100, ($member['user_posts'] / $config['num_posts']) * 100) : 0; 616 617 618 if ($member['user_sig']) 619 { 620 $parse_flags = ($member['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES; 621 $member['user_sig'] = generate_text_for_display($member['user_sig'], $member['user_sig_bbcode_uid'], $member['user_sig_bbcode_bitfield'], $parse_flags, true); 622 } 623 624 // We need to check if the modules 'zebra' ('friends' & 'foes' mode), 'notes' ('user_notes' mode) and 'warn' ('warn_user' mode) are accessible to decide if we can display appropriate links 625 $zebra_enabled = $friends_enabled = $foes_enabled = $user_notes_enabled = $warn_user_enabled = false; 626 627 // Only check if the user is logged in 628 if ($user->data['is_registered']) 629 { 630 if (!class_exists('p_master')) 631 { 632 include($phpbb_root_path . 'includes/functions_module.' . $phpEx); 633 } 634 $module = new p_master(); 635 636 $module->list_modules('ucp'); 637 $module->list_modules('mcp'); 638 639 $user_notes_enabled = ($module->loaded('mcp_notes', 'user_notes')) ? true : false; 640 $warn_user_enabled = ($module->loaded('mcp_warn', 'warn_user')) ? true : false; 641 $zebra_enabled = ($module->loaded('ucp_zebra')) ? true : false; 642 $friends_enabled = ($module->loaded('ucp_zebra', 'friends')) ? true : false; 643 $foes_enabled = ($module->loaded('ucp_zebra', 'foes')) ? true : false; 644 645 unset($module); 646 } 647 648 // Custom Profile Fields 649 $profile_fields = array(); 650 if ($config['load_cpf_viewprofile']) 651 { 652 $cp = $phpbb_container->get('profilefields.manager'); 653 $profile_fields = $cp->grab_profile_fields_data($user_id); 654 $profile_fields = (isset($profile_fields[$user_id])) ? $cp->generate_profile_fields_template_data($profile_fields[$user_id]) : array(); 655 } 656 657 /** 658 * Modify user data before we display the profile 659 * 660 * @event core.memberlist_view_profile 661 * @var array member Array with user's data 662 * @var bool user_notes_enabled Is the mcp user notes module enabled? 663 * @var bool warn_user_enabled Is the mcp warnings module enabled? 664 * @var bool zebra_enabled Is the ucp zebra module enabled? 665 * @var bool friends_enabled Is the ucp friends module enabled? 666 * @var bool foes_enabled Is the ucp foes module enabled? 667 * @var bool friend Is the user friend? 668 * @var bool foe Is the user foe? 669 * @var array profile_fields Array with user's profile field data 670 * @since 3.1.0-a1 671 * @changed 3.1.0-b2 Added friend and foe status 672 * @changed 3.1.0-b3 Added profile fields data 673 */ 674 $vars = array( 675 'member', 676 'user_notes_enabled', 677 'warn_user_enabled', 678 'zebra_enabled', 679 'friends_enabled', 680 'foes_enabled', 681 'friend', 682 'foe', 683 'profile_fields', 684 ); 685 extract($phpbb_dispatcher->trigger_event('core.memberlist_view_profile', compact($vars))); 686 687 $template->assign_vars(phpbb_show_profile($member, $user_notes_enabled, $warn_user_enabled)); 688 689 // If the user has m_approve permission or a_user permission, then list then display unapproved posts 690 if ($auth->acl_getf_global('m_approve') || $auth->acl_get('a_user')) 691 { 692 $sql = 'SELECT COUNT(post_id) as posts_in_queue 693 FROM ' . POSTS_TABLE . ' 694 WHERE poster_id = ' . $user_id . ' 695 AND ' . $db->sql_in_set('post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE)); 696 $result = $db->sql_query($sql); 697 $member['posts_in_queue'] = (int) $db->sql_fetchfield('posts_in_queue'); 698 $db->sql_freeresult($result); 699 } 700 else 701 { 702 $member['posts_in_queue'] = 0; 703 } 704 705 $template->assign_vars(array( 706 'L_POSTS_IN_QUEUE' => $user->lang('NUM_POSTS_IN_QUEUE', $member['posts_in_queue']), 707 708 'POSTS_DAY' => $user->lang('POST_DAY', $posts_per_day), 709 'POSTS_PCT' => $user->lang('POST_PCT', $percentage), 710 711 'SIGNATURE' => $member['user_sig'], 712 'POSTS_IN_QUEUE'=> $member['posts_in_queue'], 713 714 'PM_IMG' => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']), 715 'L_SEND_EMAIL_USER' => $user->lang('SEND_EMAIL_USER', $member['username']), 716 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['EMAIL']), 717 'JABBER_IMG' => $user->img('icon_contact_jabber', $user->lang['JABBER']), 718 'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']), 719 720 'S_PROFILE_ACTION' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group'), 721 'S_GROUP_OPTIONS' => $group_options, 722 'S_CUSTOM_FIELDS' => (isset($profile_fields['row']) && sizeof($profile_fields['row'])) ? true : false, 723 724 'U_USER_ADMIN' => ($auth->acl_get('a_user')) ? append_sid("{$phpbb_admin_path}index.$phpEx", 'i=users&mode=overview&u=' . $user_id, true, $user->session_id) : '', 725 'U_USER_BAN' => ($auth->acl_get('m_ban') && $user_id != $user->data['user_id']) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=ban&mode=user&u=' . $user_id, true, $user->session_id) : '', 726 'U_MCP_QUEUE' => ($auth->acl_getf_global('m_approve')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue', true, $user->session_id) : '', 727 728 'U_SWITCH_PERMISSIONS' => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_id) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&u={$user_id}&hash=" . generate_link_hash('switchperm')) : '', 729 'U_EDIT_SELF' => ($user_id == $user->data['user_id'] && $auth->acl_get('u_chgprofileinfo')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_profile&mode=profile_info') : '', 730 731 'S_USER_NOTES' => ($user_notes_enabled) ? true : false, 732 'S_WARN_USER' => ($warn_user_enabled) ? true : false, 733 'S_ZEBRA' => ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false, 734 'U_ADD_FRIEND' => (!$friend && !$foe && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&add=' . urlencode(htmlspecialchars_decode($member['username']))) : '', 735 'U_ADD_FOE' => (!$friend && !$foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&mode=foes&add=' . urlencode(htmlspecialchars_decode($member['username']))) : '', 736 'U_REMOVE_FRIEND' => ($friend && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&remove=1&usernames[]=' . $user_id) : '', 737 'U_REMOVE_FOE' => ($foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&remove=1&mode=foes&usernames[]=' . $user_id) : '', 738 739 'U_CANONICAL' => generate_board_url() . '/' . append_sid("memberlist.$phpEx", 'mode=viewprofile&u=' . $user_id, true, ''), 740 )); 741 742 if (!empty($profile_fields['row'])) 743 { 744 $template->assign_vars($profile_fields['row']); 745 } 746 747 if (!empty($profile_fields['blockrow'])) 748 { 749 foreach ($profile_fields['blockrow'] as $field_data) 750 { 751 $template->assign_block_vars('custom_fields', $field_data); 752 } 753 } 754 755 // Inactive reason/account? 756 if ($member['user_type'] == USER_INACTIVE) 757 { 758 $user->add_lang('acp/common'); 759 760 $inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN']; 761 762 switch ($member['user_inactive_reason']) 763 { 764 case INACTIVE_REGISTER: 765 $inactive_reason = $user->lang['INACTIVE_REASON_REGISTER']; 766 break; 767 768 case INACTIVE_PROFILE: 769 $inactive_reason = $user->lang['INACTIVE_REASON_PROFILE']; 770 break; 771 772 case INACTIVE_MANUAL: 773 $inactive_reason = $user->lang['INACTIVE_REASON_MANUAL']; 774 break; 775 776 case INACTIVE_REMIND: 777 $inactive_reason = $user->lang['INACTIVE_REASON_REMIND']; 778 break; 779 } 780 781 $template->assign_vars(array( 782 'S_USER_INACTIVE' => true, 783 'USER_INACTIVE_REASON' => $inactive_reason) 784 ); 785 } 786 787 // Now generate page title 788 $page_title = sprintf($user->lang['VIEWING_PROFILE'], $member['username']); 789 $template_html = 'memberlist_view.html'; 790 791 break; 792 793 case 'contactadmin': 794 case 'email': 795 if (!class_exists('messenger')) 796 { 797 include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); 798 } 799 800 $user_id = request_var('u', 0); 801 $topic_id = request_var('t', 0); 802 803 if ($user_id) 804 { 805 $form_name = 'user'; 806 } 807 else if ($topic_id) 808 { 809 $form_name = 'topic'; 810 } 811 else if ($mode === 'contactadmin') 812 { 813 $form_name = 'admin'; 814 } 815 else 816 { 817 trigger_error('NO_EMAIL'); 818 } 819 $form = $phpbb_container->get('message.form.' . $form_name); 820 821 $form->bind($request); 822 $error = $form->check_allow(); 823 if ($error) 824 { 825 trigger_error($error); 826 } 827 828 if ($request->is_set_post('submit')) 829 { 830 $messenger = new messenger(false); 831 $form->submit($messenger); 832 } 833 834 $page_title = $form->get_page_title(); 835 $template_html = $form->get_template_file(); 836 $form->render($template); 837 838 break; 839 840 case 'livesearch': 841 842 $username_chars = $request->variable('username', '', true); 843 844 $sql = 'SELECT username, user_id, user_colour 845 FROM ' . USERS_TABLE . ' 846 WHERE ' . $db->sql_in_set('user_type', $user_types) . ' 847 AND username_clean ' . $db->sql_like_expression(utf8_clean_string($username_chars) . $db->get_any_char()); 848 $result = $db->sql_query_limit($sql, 10); 849 $user_list = array(); 850 851 while ($row = $db->sql_fetchrow($result)) 852 { 853 $user_list[] = array( 854 'user_id' => (int) $row['user_id'], 855 'result' => $row['username'], 856 'username_full' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 857 'display' => get_username_string('no_profile', $row['user_id'], $row['username'], $row['user_colour']), 858 ); 859 } 860 $db->sql_freeresult($result); 861 $json_response = new \phpbb\json_response(); 862 $json_response->send(array( 863 'keyword' => $username_chars, 864 'results' => $user_list, 865 )); 866 867 break; 868 869 case 'group': 870 default: 871 // The basic memberlist 872 $page_title = $user->lang['MEMBERLIST']; 873 $template_html = 'memberlist_body.html'; 874 $pagination = $phpbb_container->get('pagination'); 875 876 // Sorting 877 $sort_key_text = array('a' => $user->lang['SORT_USERNAME'], 'c' => $user->lang['SORT_JOINED'], 'd' => $user->lang['SORT_POST_COUNT']); 878 $sort_key_sql = array('a' => 'u.username_clean', 'c' => 'u.user_regdate', 'd' => 'u.user_posts'); 879 880 if ($config['jab_enable']) 881 { 882 $sort_key_text['k'] = $user->lang['JABBER']; 883 $sort_key_sql['k'] = 'u.user_jabber'; 884 } 885 886 if ($auth->acl_get('a_user')) 887 { 888 $sort_key_text['e'] = $user->lang['SORT_EMAIL']; 889 $sort_key_sql['e'] = 'u.user_email'; 890 } 891 892 if ($auth->acl_get('u_viewonline')) 893 { 894 $sort_key_text['l'] = $user->lang['SORT_LAST_ACTIVE']; 895 $sort_key_sql['l'] = 'u.user_lastvisit'; 896 } 897 898 $sort_key_text['m'] = $user->lang['SORT_RANK']; 899 $sort_key_sql['m'] = 'u.user_rank'; 900 901 $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']); 902 903 $s_sort_key = ''; 904 foreach ($sort_key_text as $key => $value) 905 { 906 $selected = ($sort_key == $key) ? ' selected="selected"' : ''; 907 $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; 908 } 909 910 $s_sort_dir = ''; 911 foreach ($sort_dir_text as $key => $value) 912 { 913 $selected = ($sort_dir == $key) ? ' selected="selected"' : ''; 914 $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; 915 } 916 917 // Additional sorting options for user search ... if search is enabled, if not 918 // then only admins can make use of this (for ACP functionality) 919 $sql_select = $sql_where_data = $sql_from = $sql_where = $order_by = ''; 920 921 922 $form = request_var('form', ''); 923 $field = request_var('field', ''); 924 $select_single = request_var('select_single', false); 925 926 // Search URL parameters, if any of these are in the URL we do a search 927 $search_params = array('username', 'email', 'jabber', 'search_group_id', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'ip'); 928 929 // We validate form and field here, only id/class allowed 930 $form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form; 931 $field = (!preg_match('/^[a-z0-9_-]+$/i', $field)) ? '' : $field; 932 if ((($mode == '' || $mode == 'searchuser') || sizeof(array_intersect($request->variable_names(\phpbb\request\request_interface::GET), $search_params)) > 0) && ($config['load_search'] || $auth->acl_get('a_'))) 933 { 934 $username = request_var('username', '', true); 935 $email = strtolower(request_var('email', '')); 936 $jabber = request_var('jabber', ''); 937 $search_group_id = request_var('search_group_id', 0); 938 939 // when using these, make sure that we actually have values defined in $find_key_match 940 $joined_select = request_var('joined_select', 'lt'); 941 $active_select = request_var('active_select', 'lt'); 942 $count_select = request_var('count_select', 'eq'); 943 944 $joined = explode('-', request_var('joined', '')); 945 $active = explode('-', request_var('active', '')); 946 $count = (request_var('count', '') !== '') ? request_var('count', 0) : ''; 947 $ipdomain = request_var('ip', ''); 948 949 $find_key_match = array('lt' => '<', 'gt' => '>', 'eq' => '='); 950 951 $find_count = array('lt' => $user->lang['LESS_THAN'], 'eq' => $user->lang['EQUAL_TO'], 'gt' => $user->lang['MORE_THAN']); 952 $s_find_count = ''; 953 foreach ($find_count as $key => $value) 954 { 955 $selected = ($count_select == $key) ? ' selected="selected"' : ''; 956 $s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; 957 } 958 959 $find_time = array('lt' => $user->lang['BEFORE'], 'gt' => $user->lang['AFTER']); 960 $s_find_join_time = ''; 961 foreach ($find_time as $key => $value) 962 { 963 $selected = ($joined_select == $key) ? ' selected="selected"' : ''; 964 $s_find_join_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; 965 } 966 967 $s_find_active_time = ''; 968 foreach ($find_time as $key => $value) 969 { 970 $selected = ($active_select == $key) ? ' selected="selected"' : ''; 971 $s_find_active_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; 972 } 973 974 $sql_where .= ($username) ? ' AND u.username_clean ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), utf8_clean_string($username))) : ''; 975 $sql_where .= ($auth->acl_get('a_user') && $email) ? ' AND u.user_email ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), $email)) . ' ' : ''; 976 $sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), $jabber)) . ' ' : ''; 977 $sql_where .= (is_numeric($count) && isset($find_key_match[$count_select])) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : ''; 978 979 if (isset($find_key_match[$joined_select]) && sizeof($joined) == 3) 980 { 981 $joined_time = gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]); 982 983 if ($joined_time !== false) 984 { 985 $sql_where .= " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . $joined_time; 986 } 987 } 988 989 if (isset($find_key_match[$active_select]) && sizeof($active) == 3 && $auth->acl_get('u_viewonline')) 990 { 991 $active_time = gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]); 992 993 if ($active_time !== false) 994 { 995 $sql_where .= " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . $active_time; 996 } 997 } 998 999 $sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : ''; 1000 1001 if ($search_group_id) 1002 { 1003 $sql_from = ', ' . USER_GROUP_TABLE . ' ug '; 1004 } 1005 1006 if ($ipdomain && $auth->acl_getf_global('m_info')) 1007 { 1008 if (strspn($ipdomain, 'abcdefghijklmnopqrstuvwxyz')) 1009 { 1010 $hostnames = gethostbynamel($ipdomain); 1011 1012 if ($hostnames !== false) 1013 { 1014 $ips = "'" . implode('\', \'', array_map(array($db, 'sql_escape'), preg_replace('#([0-9]{1,3}\.[0-9]{1,3}[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#', "\\1", gethostbynamel($ipdomain)))) . "'"; 1015 } 1016 else 1017 { 1018 $ips = false; 1019 } 1020 } 1021 else 1022 { 1023 $ips = "'" . str_replace('*', '%', $db->sql_escape($ipdomain)) . "'"; 1024 } 1025 1026 if ($ips === false) 1027 { 1028 // A minor fudge but it does the job :D 1029 $sql_where .= " AND u.user_id = 0"; 1030 } 1031 else 1032 { 1033 $ip_forums = array_keys($auth->acl_getf('m_info', true)); 1034 1035 $sql = 'SELECT DISTINCT poster_id 1036 FROM ' . POSTS_TABLE . ' 1037 WHERE poster_ip ' . ((strpos($ips, '%') !== false) ? 'LIKE' : 'IN') . " ($ips) 1038 AND " . $db->sql_in_set('forum_id', $ip_forums); 1039 1040 /** 1041 * Modify sql query for members search by ip address / hostname 1042 * 1043 * @event core.memberlist_modify_ip_search_sql_query 1044 * @var string ipdomain The host name 1045 * @var string ips IP address list for the given host name 1046 * @var string sql The SQL query for searching members by IP address 1047 * @since 3.1.7-RC1 1048 */ 1049 $vars = array( 1050 'ipdomain', 1051 'ips', 1052 'sql', 1053 ); 1054 extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_ip_search_sql_query', compact($vars))); 1055 1056 $result = $db->sql_query($sql); 1057 1058 if ($row = $db->sql_fetchrow($result)) 1059 { 1060 $ip_sql = array(); 1061 do 1062 { 1063 $ip_sql[] = $row['poster_id']; 1064 } 1065 while ($row = $db->sql_fetchrow($result)); 1066 1067 $sql_where .= ' AND ' . $db->sql_in_set('u.user_id', $ip_sql); 1068 } 1069 else 1070 { 1071 // A minor fudge but it does the job :D 1072 $sql_where .= " AND u.user_id = 0"; 1073 } 1074 unset($ip_forums); 1075 1076 $db->sql_freeresult($result); 1077 } 1078 } 1079 } 1080 1081 $first_char = request_var('first_char', ''); 1082 1083 if ($first_char == 'other') 1084 { 1085 for ($i = 97; $i < 123; $i++) 1086 { 1087 $sql_where .= ' AND u.username_clean NOT ' . $db->sql_like_expression(chr($i) . $db->get_any_char()); 1088 } 1089 } 1090 else if ($first_char) 1091 { 1092 $sql_where .= ' AND u.username_clean ' . $db->sql_like_expression(substr($first_char, 0, 1) . $db->get_any_char()); 1093 } 1094 1095 // Are we looking at a usergroup? If so, fetch additional info 1096 // and further restrict the user info query 1097 if ($mode == 'group') 1098 { 1099 // We JOIN here to save a query for determining membership for hidden groups. ;) 1100 $sql = 'SELECT g.*, ug.user_id, ug.group_leader 1101 FROM ' . GROUPS_TABLE . ' g 1102 LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (ug.user_pending = 0 AND ug.user_id = ' . $user->data['user_id'] . " AND ug.group_id = $group_id) 1103 WHERE g.group_id = $group_id"; 1104 $result = $db->sql_query($sql); 1105 $group_row = $db->sql_fetchrow($result); 1106 $db->sql_freeresult($result); 1107 1108 if (!$group_row) 1109 { 1110 trigger_error('NO_GROUP'); 1111 } 1112 1113 switch ($group_row['group_type']) 1114 { 1115 case GROUP_OPEN: 1116 $group_row['l_group_type'] = 'OPEN'; 1117 break; 1118 1119 case GROUP_CLOSED: 1120 $group_row['l_group_type'] = 'CLOSED'; 1121 break; 1122 1123 case GROUP_HIDDEN: 1124 $group_row['l_group_type'] = 'HIDDEN'; 1125 1126 // Check for membership or special permissions 1127 if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $group_row['user_id'] != $user->data['user_id']) 1128 { 1129 trigger_error('NO_GROUP'); 1130 } 1131 break; 1132 1133 case GROUP_SPECIAL: 1134 $group_row['l_group_type'] = 'SPECIAL'; 1135 break; 1136 1137 case GROUP_FREE: 1138 $group_row['l_group_type'] = 'FREE'; 1139 break; 1140 } 1141 1142 $avatar_img = phpbb_get_group_avatar($group_row); 1143 1144 // ... same for group rank 1145 $user_rank_data = array( 1146 'title' => null, 1147 'img' => null, 1148 'img_src' => null, 1149 ); 1150 if ($group_row['group_rank']) 1151 { 1152 $user_rank_data = phpbb_get_user_rank($group_row, false); 1153 1154 if ($user_rank_data['img']) 1155 { 1156 $user_rank_data['img'] .= '<br />'; 1157 } 1158 } 1159 // include modules for manage groups link display or not 1160 // need to ensure the module is active 1161 $can_manage_group = false; 1162 if ($user->data['is_registered'] && $group_row['group_leader']) 1163 { 1164 if (!class_exists('p_master')) 1165 { 1166 include($phpbb_root_path . 'includes/functions_module.' . $phpEx); 1167 } 1168 $module = new p_master; 1169 $module->list_modules('ucp'); 1170 1171 if ($module->is_active('ucp_groups', 'manage')) 1172 { 1173 $can_manage_group = true; 1174 } 1175 unset($module); 1176 } 1177 1178 $template->assign_vars(array( 1179 'GROUP_DESC' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']), 1180 'GROUP_NAME' => ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'], 1181 'GROUP_COLOR' => $group_row['group_colour'], 1182 'GROUP_TYPE' => $user->lang['GROUP_IS_' . $group_row['l_group_type']], 1183 'GROUP_RANK' => $user_rank_data['title'], 1184 1185 'AVATAR_IMG' => $avatar_img, 1186 'RANK_IMG' => $user_rank_data['img'], 1187 'RANK_IMG_SRC' => $user_rank_data['img_src'], 1188 1189 'U_PM' => ($auth->acl_get('u_sendpm') && $auth->acl_get('u_masspm_group') && $group_row['group_receive_pm'] && $config['allow_privmsg'] && $config['allow_mass_pm']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&g=' . $group_id) : '', 1190 'U_MANAGE' => ($can_manage_group) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_groups&mode=manage') : false,) 1191 ); 1192 1193 $sql_select = ', ug.group_leader'; 1194 $sql_from = ', ' . USER_GROUP_TABLE . ' ug '; 1195 $order_by = 'ug.group_leader DESC, '; 1196 1197 $sql_where .= " AND ug.user_pending = 0 AND u.user_id = ug.user_id AND ug.group_id = $group_id"; 1198 $sql_where_data = " AND u.user_id = ug.user_id AND ug.group_id = $group_id"; 1199 } 1200 1201 // Sorting and order 1202 if (!isset($sort_key_sql[$sort_key])) 1203 { 1204 $sort_key = $default_key; 1205 } 1206 1207 $order_by .= $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC'); 1208 1209 // Unfortunately we must do this here for sorting by rank, else the sort order is applied wrongly 1210 if ($sort_key == 'm') 1211 { 1212 $order_by .= ', u.user_posts DESC'; 1213 } 1214 1215 /** 1216 * Modify sql query data for members search 1217 * 1218 * @event core.memberlist_modify_sql_query_data 1219 * @var string order_by SQL ORDER BY clause condition 1220 * @var string sort_dir The sorting direction 1221 * @var string sort_key The sorting key 1222 * @var array sort_key_sql Arraty with the sorting conditions data 1223 * @var string sql_from SQL FROM clause condition 1224 * @var string sql_select SQL SELECT fields list 1225 * @var string sql_where SQL WHERE clause condition 1226 * @var string sql_where_data SQL WHERE clause additional conditions data 1227 * @since 3.1.7-RC1 1228 */ 1229 $vars = array( 1230 'order_by', 1231 'sort_dir', 1232 'sort_key', 1233 'sort_key_sql', 1234 'sql_from', 1235 'sql_select', 1236 'sql_where', 1237 'sql_where_data', 1238 ); 1239 extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_sql_query_data', compact($vars))); 1240 1241 // Count the users ... 1242 $sql = 'SELECT COUNT(u.user_id) AS total_users 1243 FROM ' . USERS_TABLE . " u$sql_from 1244 WHERE " . $db->sql_in_set('u.user_type', $user_types) . " 1245 $sql_where"; 1246 $result = $db->sql_query($sql); 1247 $total_users = (int) $db->sql_fetchfield('total_users'); 1248 $db->sql_freeresult($result); 1249 1250 // Build a relevant pagination_url 1251 $params = $sort_params = array(); 1252 1253 // We do not use request_var() here directly to save some calls (not all variables are set) 1254 $check_params = array( 1255 'g' => array('g', 0), 1256 'sk' => array('sk', $default_key), 1257 'sd' => array('sd', 'a'), 1258 'form' => array('form', ''), 1259 'field' => array('field', ''), 1260 'select_single' => array('select_single', $select_single), 1261 'username' => array('username', '', true), 1262 'email' => array('email', ''), 1263 'jabber' => array('jabber', ''), 1264 'search_group_id' => array('search_group_id', 0), 1265 'joined_select' => array('joined_select', 'lt'), 1266 'active_select' => array('active_select', 'lt'), 1267 'count_select' => array('count_select', 'eq'), 1268 'joined' => array('joined', ''), 1269 'active' => array('active', ''), 1270 'count' => (request_var('count', '') !== '') ? array('count', 0) : array('count', ''), 1271 'ip' => array('ip', ''), 1272 'first_char' => array('first_char', ''), 1273 ); 1274 1275 $u_first_char_params = array(); 1276 foreach ($check_params as $key => $call) 1277 { 1278 if (!isset($_REQUEST[$key])) 1279 { 1280 continue; 1281 } 1282 1283 $param = call_user_func_array('request_var', $call); 1284 // Encode strings, convert everything else to int in order to prevent empty parameters. 1285 $param = urlencode($key) . '=' . ((is_string($param)) ? urlencode($param) : (int) $param); 1286 $params[] = $param; 1287 1288 if ($key != 'first_char') 1289 { 1290 $u_first_char_params[] = $param; 1291 } 1292 if ($key != 'sk' && $key != 'sd') 1293 { 1294 $sort_params[] = $param; 1295 } 1296 } 1297 1298 $u_hide_find_member = append_sid("{$phpbb_root_path}memberlist.$phpEx", "start=$start" . (!empty($params) ? '&' . implode('&', $params) : '')); 1299 1300 if ($mode) 1301 { 1302 $params[] = "mode=$mode"; 1303 $u_first_char_params[] = "mode=$mode"; 1304 } 1305 $sort_params[] = "mode=$mode"; 1306 1307 $pagination_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&', $params)); 1308 $sort_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&', $sort_params)); 1309 1310 unset($search_params, $sort_params); 1311 1312 $u_first_char_params = implode('&', $u_first_char_params); 1313 $u_first_char_params .= ($u_first_char_params) ? '&' : ''; 1314 1315 $first_characters = array(); 1316 $first_characters[''] = $user->lang['ALL']; 1317 for ($i = 97; $i < 123; $i++) 1318 { 1319 $first_characters[chr($i)] = chr($i - 32); 1320 } 1321 $first_characters['other'] = $user->lang['OTHER']; 1322 1323 foreach ($first_characters as $char => $desc) 1324 { 1325 $template->assign_block_vars('first_char', array( 1326 'DESC' => $desc, 1327 'VALUE' => $char, 1328 'S_SELECTED' => ($first_char == $char) ? true : false, 1329 'U_SORT' => append_sid("{$phpbb_root_path}memberlist.$phpEx", $u_first_char_params . 'first_char=' . $char) . '#memberlist', 1330 )); 1331 } 1332 1333 // Some search user specific data 1334 if (($mode == '' || $mode == 'searchuser') && ($config['load_search'] || $auth->acl_get('a_'))) 1335 { 1336 $group_selected = request_var('search_group_id', 0); 1337 $s_group_select = '<option value="0"' . ((!$group_selected) ? ' selected="selected"' : '') . '> </option>'; 1338 $group_ids = array(); 1339 1340 /** 1341 * @todo add this to a separate function (function is responsible for returning the groups the user is able to see based on the users group membership) 1342 */ 1343 1344 if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) 1345 { 1346 $sql = 'SELECT group_id, group_name, group_type 1347 FROM ' . GROUPS_TABLE; 1348 1349 if (!$config['coppa_enable']) 1350 { 1351 $sql .= " WHERE group_name <> 'REGISTERED_COPPA'"; 1352 } 1353 1354 $sql .= ' ORDER BY group_name ASC'; 1355 } 1356 else 1357 { 1358 $sql = 'SELECT g.group_id, g.group_name, g.group_type 1359 FROM ' . GROUPS_TABLE . ' g 1360 LEFT JOIN ' . USER_GROUP_TABLE . ' ug 1361 ON ( 1362 g.group_id = ug.group_id 1363 AND ug.user_id = ' . $user->data['user_id'] . ' 1364 AND ug.user_pending = 0 1365 ) 1366 WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')'; 1367 1368 if (!$config['coppa_enable']) 1369 { 1370 $sql .= " AND g.group_name <> 'REGISTERED_COPPA'"; 1371 } 1372 1373 $sql .= ' ORDER BY g.group_name ASC'; 1374 } 1375 $result = $db->sql_query($sql); 1376 1377 while ($row = $db->sql_fetchrow($result)) 1378 { 1379 $group_ids[] = $row['group_id']; 1380 $s_group_select .= '<option value="' . $row['group_id'] . '"' . (($group_selected == $row['group_id']) ? ' selected="selected"' : '') . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; 1381 } 1382 $db->sql_freeresult($result); 1383 1384 if ($group_selected !== 0 && !in_array($group_selected, $group_ids)) 1385 { 1386 trigger_error('NO_GROUP'); 1387 } 1388 1389 $template->assign_vars(array( 1390 'USERNAME' => $username, 1391 'EMAIL' => $email, 1392 'JABBER' => $jabber, 1393 'JOINED' => implode('-', $joined), 1394 'ACTIVE' => implode('-', $active), 1395 'COUNT' => $count, 1396 'IP' => $ipdomain, 1397 1398 'S_IP_SEARCH_ALLOWED' => ($auth->acl_getf_global('m_info')) ? true : false, 1399 'S_EMAIL_SEARCH_ALLOWED'=> ($auth->acl_get('a_user')) ? true : false, 1400 'S_JABBER_ENABLED' => $config['jab_enable'], 1401 'S_IN_SEARCH_POPUP' => ($form && $field) ? true : false, 1402 'S_SEARCH_USER' => ($mode == 'searchuser' || ($mode == '' && $submit)), 1403 'S_FORM_NAME' => $form, 1404 'S_FIELD_NAME' => $field, 1405 'S_SELECT_SINGLE' => $select_single, 1406 'S_COUNT_OPTIONS' => $s_find_count, 1407 'S_SORT_OPTIONS' => $s_sort_key, 1408 'S_JOINED_TIME_OPTIONS' => $s_find_join_time, 1409 'S_ACTIVE_TIME_OPTIONS' => $s_find_active_time, 1410 'S_GROUP_SELECT' => $s_group_select, 1411 'S_USER_SEARCH_ACTION' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=searchuser&form=$form&field=$field")) 1412 ); 1413 } 1414 1415 $start = $pagination->validate_start($start, $config['topics_per_page'], $total_users); 1416 1417 // Get us some users :D 1418 $sql = "SELECT u.user_id 1419 FROM " . USERS_TABLE . " u 1420 $sql_from 1421 WHERE " . $db->sql_in_set('u.user_type', $user_types) . " 1422 $sql_where 1423 ORDER BY $order_by"; 1424 $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); 1425 1426 $user_list = array(); 1427 while ($row = $db->sql_fetchrow($result)) 1428 { 1429 $user_list[] = (int) $row['user_id']; 1430 } 1431 $db->sql_freeresult($result); 1432 1433 // Load custom profile fields 1434 if ($config['load_cpf_memberlist']) 1435 { 1436 $cp = $phpbb_container->get('profilefields.manager'); 1437 1438 $cp_row = $cp->generate_profile_fields_template_headlines('field_show_on_ml'); 1439 foreach ($cp_row as $profile_field) 1440 { 1441 $template->assign_block_vars('custom_fields', $profile_field); 1442 } 1443 } 1444 1445 $leaders_set = false; 1446 // So, did we get any users? 1447 if (sizeof($user_list)) 1448 { 1449 // Session time?! Session time... 1450 $sql = 'SELECT session_user_id, MAX(session_time) AS session_time 1451 FROM ' . SESSIONS_TABLE . ' 1452 WHERE session_time >= ' . (time() - $config['session_length']) . ' 1453 AND ' . $db->sql_in_set('session_user_id', $user_list) . ' 1454 GROUP BY session_user_id'; 1455 $result = $db->sql_query($sql); 1456 1457 $session_times = array(); 1458 while ($row = $db->sql_fetchrow($result)) 1459 { 1460 $session_times[$row['session_user_id']] = $row['session_time']; 1461 } 1462 $db->sql_freeresult($result); 1463 1464 // Do the SQL thang 1465 if ($mode == 'group') 1466 { 1467 $sql = "SELECT u.* 1468 $sql_select 1469 FROM " . USERS_TABLE . " u 1470 $sql_from 1471 WHERE " . $db->sql_in_set('u.user_id', $user_list) . " 1472 $sql_where_data"; 1473 } 1474 else 1475 { 1476 $sql = 'SELECT * 1477 FROM ' . USERS_TABLE . ' 1478 WHERE ' . $db->sql_in_set('user_id', $user_list); 1479 } 1480 $result = $db->sql_query($sql); 1481 1482 $id_cache = array(); 1483 while ($row = $db->sql_fetchrow($result)) 1484 { 1485 $row['session_time'] = (!empty($session_times[$row['user_id']])) ? $session_times[$row['user_id']] : 0; 1486 $row['last_visit'] = (!empty($row['session_time'])) ? $row['session_time'] : $row['user_lastvisit']; 1487 1488 $id_cache[$row['user_id']] = $row; 1489 } 1490 $db->sql_freeresult($result); 1491 1492 // Load custom profile fields 1493 if ($config['load_cpf_memberlist']) 1494 { 1495 // Grab all profile fields from users in id cache for later use - similar to the poster cache 1496 $profile_fields_cache = $cp->grab_profile_fields_data($user_list); 1497 1498 // Filter the fields we don't want to show 1499 foreach ($profile_fields_cache as $user_id => $user_profile_fields) 1500 { 1501 foreach ($user_profile_fields as $field_ident => $profile_field) 1502 { 1503 if (!$profile_field['data']['field_show_on_ml']) 1504 { 1505 unset($profile_fields_cache[$user_id][$field_ident]); 1506 } 1507 } 1508 } 1509 } 1510 1511 // If we sort by last active date we need to adjust the id cache due to user_lastvisit not being the last active date... 1512 if ($sort_key == 'l') 1513 { 1514 // uasort($id_cache, create_function('$first, $second', "return (\$first['last_visit'] == \$second['last_visit']) ? 0 : ((\$first['last_visit'] < \$second['last_visit']) ? $lesser_than : ($lesser_than * -1));")); 1515 usort($user_list, 'phpbb_sort_last_active'); 1516 } 1517 1518 // do we need to display contact fields as such 1519 $use_contact_fields = false; 1520 1521 /** 1522 * Modify list of users before member row is created 1523 * 1524 * @event core.memberlist_memberrow_before 1525 * @var array user_list Array containing list of users 1526 * @var bool use_contact_fields Should we display contact fields as such? 1527 * @since 3.1.7-RC1 1528 */ 1529 $vars = array('user_list', 'use_contact_fields'); 1530 extract($phpbb_dispatcher->trigger_event('core.memberlist_memberrow_before', compact($vars))); 1531 1532 for ($i = 0, $end = sizeof($user_list); $i < $end; ++$i) 1533 { 1534 $user_id = $user_list[$i]; 1535 $row = $id_cache[$user_id]; 1536 $is_leader = (isset($row['group_leader']) && $row['group_leader']) ? true : false; 1537 $leaders_set = ($leaders_set || $is_leader); 1538 1539 $cp_row = array(); 1540 if ($config['load_cpf_memberlist']) 1541 { 1542 $cp_row = (isset($profile_fields_cache[$user_id])) ? $cp->generate_profile_fields_template_data($profile_fields_cache[$user_id], $use_contact_fields) : array(); 1543 } 1544 1545 $memberrow = array_merge(phpbb_show_profile($row, false, false, false), array( 1546 'ROW_NUMBER' => $i + ($start + 1), 1547 1548 'S_CUSTOM_PROFILE' => (isset($cp_row['row']) && sizeof($cp_row['row'])) ? true : false, 1549 'S_GROUP_LEADER' => $is_leader, 1550 'S_INACTIVE' => $row['user_type'] == USER_INACTIVE, 1551 1552 'U_VIEW_PROFILE' => get_username_string('profile', $user_id, $row['username']), 1553 )); 1554 1555 if (isset($cp_row['row']) && sizeof($cp_row['row'])) 1556 { 1557 $memberrow = array_merge($memberrow, $cp_row['row']); 1558 } 1559 1560 $template->assign_block_vars('memberrow', $memberrow); 1561 1562 if (isset($cp_row['blockrow']) && sizeof($cp_row['blockrow'])) 1563 { 1564 foreach ($cp_row['blockrow'] as $field_data) 1565 { 1566 $template->assign_block_vars('memberrow.custom_fields', $field_data); 1567 } 1568 } 1569 1570 unset($id_cache[$user_id]); 1571 } 1572 } 1573 1574 $pagination->generate_template_pagination($pagination_url, 'pagination', 'start', $total_users, $config['topics_per_page'], $start); 1575 1576 // Generate page 1577 $template->assign_vars(array( 1578 'TOTAL_USERS' => $user->lang('LIST_USERS', (int) $total_users), 1579 1580 'PROFILE_IMG' => $user->img('icon_user_profile', $user->lang['PROFILE']), 1581 'PM_IMG' => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']), 1582 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['EMAIL']), 1583 'JABBER_IMG' => $user->img('icon_contact_jabber', $user->lang['JABBER']), 1584 'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']), 1585 1586 'U_FIND_MEMBER' => ($config['load_search'] || $auth->acl_get('a_')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser' . (($start) ? "&start=$start" : '') . (!empty($params) ? '&' . implode('&', $params) : '')) : '', 1587 'U_HIDE_FIND_MEMBER' => ($mode == 'searchuser' || ($mode == '' && $submit)) ? $u_hide_find_member : '', 1588 'U_LIVE_SEARCH' => ($config['allow_live_searches']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=livesearch') : false, 1589 'U_SORT_USERNAME' => $sort_url . '&sk=a&sd=' . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'), 1590 'U_SORT_JOINED' => $sort_url . '&sk=c&sd=' . (($sort_key == 'c' && $sort_dir == 'd') ? 'a' : 'd'), 1591 'U_SORT_POSTS' => $sort_url . '&sk=d&sd=' . (($sort_key == 'd' && $sort_dir == 'd') ? 'a' : 'd'), 1592 'U_SORT_EMAIL' => $sort_url . '&sk=e&sd=' . (($sort_key == 'e' && $sort_dir == 'd') ? 'a' : 'd'), 1593 'U_SORT_ACTIVE' => ($auth->acl_get('u_viewonline')) ? $sort_url . '&sk=l&sd=' . (($sort_key == 'l' && $sort_dir == 'd') ? 'a' : 'd') : '', 1594 'U_SORT_RANK' => $sort_url . '&sk=m&sd=' . (($sort_key == 'm' && $sort_dir == 'd') ? 'a' : 'd'), 1595 'U_LIST_CHAR' => $sort_url . '&sk=a&sd=' . (($sort_key == 'l' && $sort_dir == 'd') ? 'a' : 'd'), 1596 1597 'S_SHOW_GROUP' => ($mode == 'group') ? true : false, 1598 'S_VIEWONLINE' => $auth->acl_get('u_viewonline'), 1599 'S_LEADERS_SET' => $leaders_set, 1600 'S_MODE_SELECT' => $s_sort_key, 1601 'S_ORDER_SELECT' => $s_sort_dir, 1602 'S_MODE_ACTION' => $pagination_url) 1603 ); 1604 } 1605 1606 // Output the page 1607 page_header($page_title); 1608 1609 $template->set_filenames(array( 1610 'body' => $template_html) 1611 ); 1612 make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx")); 1613 1614 page_footer();
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Thu Jan 11 00:25:41 2018 | Cross-referenced by PHPXref 0.7.1 |