[ Index ]

PHP Cross Reference of phpBB-3.2.0-deutsch

title

Body

[close]

/ -> memberlist.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  include($phpbb_root_path . 'common.' . $phpEx);
  21  include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
  22  
  23  $mode = $request->variable('mode', '');
  24  
  25  if ($mode === 'contactadmin')
  26  {
  27      define('SKIP_CHECK_BAN', true);
  28      define('SKIP_CHECK_DISABLED', true);
  29  }
  30  
  31  // Start session management
  32  $user->session_begin();
  33  $auth->acl($user->data);
  34  $user->setup(array('memberlist', 'groups'));
  35  
  36  // Setting a variable to let the style designer know where he is...
  37  $template->assign_var('S_IN_MEMBERLIST', true);
  38  
  39  // Grab data
  40  $action        = $request->variable('action', '');
  41  $user_id    = $request->variable('u', ANONYMOUS);
  42  $username    = $request->variable('un', '', true);
  43  $group_id    = $request->variable('g', 0);
  44  $topic_id    = $request->variable('t', 0);
  45  
  46  // Redirect when old mode is used
  47  if ($mode == 'leaders')
  48  {
  49      send_status_line(301, 'Moved Permanently');
  50      redirect(append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=team'));
  51  }
  52  
  53  // Check our mode...
  54  if (!in_array($mode, array('', 'group', 'viewprofile', 'email', 'contact', 'contactadmin', 'searchuser', 'team', 'livesearch')))
  55  {
  56      trigger_error('NO_MODE');
  57  }
  58  
  59  switch ($mode)
  60  {
  61      case 'email':
  62      case 'contactadmin':
  63      break;
  64  
  65      case 'livesearch':
  66          if (!$config['allow_live_searches'])
  67          {
  68              trigger_error('LIVE_SEARCHES_NOT_ALLOWED');
  69          }
  70          // No break
  71  
  72      default:
  73          // Can this user view profiles/memberlist?
  74          if (!$auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel'))
  75          {
  76              if ($user->data['user_id'] != ANONYMOUS)
  77              {
  78                  send_status_line(403, 'Forbidden');
  79                  trigger_error('NO_VIEW_USERS');
  80              }
  81  
  82              login_box('', ((isset($user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)])) ? $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)] : $user->lang['LOGIN_EXPLAIN_MEMBERLIST']));
  83          }
  84      break;
  85  }
  86  
  87  /** @var \phpbb\group\helper $group_helper */
  88  $group_helper = $phpbb_container->get('group_helper');
  89  
  90  $start    = $request->variable('start', 0);
  91  $submit = (isset($_POST['submit'])) ? true : false;
  92  
  93  $default_key = 'c';
  94  $sort_key = $request->variable('sk', $default_key);
  95  $sort_dir = $request->variable('sd', 'a');
  96  
  97  $user_types = array(USER_NORMAL, USER_FOUNDER);
  98  if ($auth->acl_get('a_user'))
  99  {
 100      $user_types[] = USER_INACTIVE;
 101  }
 102  
 103  // What do you want to do today? ... oops, I think that line is taken ...
 104  switch ($mode)
 105  {
 106      case 'team':
 107          // Display a listing of board admins, moderators
 108          include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 109  
 110          $page_title = $user->lang['THE_TEAM'];
 111          $template_html = 'memberlist_team.html';
 112  
 113          $sql = 'SELECT *
 114              FROM ' . TEAMPAGE_TABLE . '
 115              ORDER BY teampage_position ASC';
 116          $result = $db->sql_query($sql, 3600);
 117          $teampage_data = $db->sql_fetchrowset($result);
 118          $db->sql_freeresult($result);
 119  
 120          $sql_ary = array(
 121              'SELECT'    => 'g.group_id, g.group_name, g.group_colour, g.group_type, ug.user_id as ug_user_id, t.teampage_id',
 122  
 123              'FROM'        => array(GROUPS_TABLE => 'g'),
 124  
 125              'LEFT_JOIN'    => array(
 126                  array(
 127                      'FROM'    => array(TEAMPAGE_TABLE => 't'),
 128                      'ON'    => 't.group_id = g.group_id',
 129                  ),
 130                  array(
 131                      'FROM'    => array(USER_GROUP_TABLE => 'ug'),
 132                      'ON'    => 'ug.group_id = g.group_id AND ug.user_pending = 0 AND ug.user_id = ' . (int) $user->data['user_id'],
 133                  ),
 134              ),
 135          );
 136  
 137          $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary));
 138  
 139          $group_ids = $groups_ary = array();
 140          while ($row = $db->sql_fetchrow($result))
 141          {
 142              if ($row['group_type'] == GROUP_HIDDEN && !$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $row['ug_user_id'] != $user->data['user_id'])
 143              {
 144                  $row['group_name'] = $user->lang['GROUP_UNDISCLOSED'];
 145                  $row['u_group'] = '';
 146              }
 147              else
 148              {
 149                  $row['group_name'] = $group_helper->get_name($row['group_name']);
 150                  $row['u_group'] = append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;g=' . $row['group_id']);
 151              }
 152  
 153              if ($row['teampage_id'])
 154              {
 155                  // Only put groups into the array we want to display.
 156                  // We are fetching all groups, to ensure we got all data for default groups.
 157                  $group_ids[] = (int) $row['group_id'];
 158              }
 159              $groups_ary[(int) $row['group_id']] = $row;
 160          }
 161          $db->sql_freeresult($result);
 162  
 163          $sql_ary = array(
 164              'SELECT'    => 'u.user_id, u.group_id as default_group, u.username, u.username_clean, u.user_colour, u.user_type, u.user_rank, u.user_posts, u.user_allow_pm, g.group_id',
 165  
 166              'FROM'        => array(
 167                  USER_GROUP_TABLE => 'ug',
 168              ),
 169  
 170              'LEFT_JOIN'    => array(
 171                  array(
 172                      'FROM'    => array(USERS_TABLE => 'u'),
 173                      'ON'    => 'ug.user_id = u.user_id AND ug.user_pending = 0',
 174                  ),
 175                  array(
 176                      'FROM'    => array(GROUPS_TABLE => 'g'),
 177                      'ON'    => 'ug.group_id = g.group_id',
 178                  ),
 179              ),
 180  
 181              'WHERE'        => $db->sql_in_set('g.group_id', $group_ids, false, true),
 182  
 183              'ORDER_BY'    => 'u.username_clean ASC',
 184          );
 185  
 186          /**
 187           * Modify the query used to get the users for the team page
 188           *
 189           * @event core.memberlist_team_modify_query
 190           * @var array    sql_ary            Array containing the query
 191           * @var array    group_ids        Array of group ids
 192           * @var array    teampage_data    The teampage data
 193           * @since 3.1.3-RC1
 194           */
 195          $vars = array(
 196              'sql_ary',
 197              'group_ids',
 198              'teampage_data',
 199          );
 200          extract($phpbb_dispatcher->trigger_event('core.memberlist_team_modify_query', compact($vars)));
 201  
 202          $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary));
 203  
 204          $user_ary = $user_ids = $group_users = array();
 205          while ($row = $db->sql_fetchrow($result))
 206          {
 207              $row['forums'] = '';
 208              $row['forums_ary'] = array();
 209              $user_ary[(int) $row['user_id']] = $row;
 210              $user_ids[] = (int) $row['user_id'];
 211              $group_users[(int) $row['group_id']][] = (int) $row['user_id'];
 212          }
 213          $db->sql_freeresult($result);
 214  
 215          $user_ids = array_unique($user_ids);
 216  
 217          if (!empty($user_ids) && $config['teampage_forums'])
 218          {
 219              $template->assign_var('S_DISPLAY_MODERATOR_FORUMS', true);
 220              // Get all moderators
 221              $perm_ary = $auth->acl_get_list($user_ids, array('m_'), false);
 222  
 223              foreach ($perm_ary as $forum_id => $forum_ary)
 224              {
 225                  foreach ($forum_ary as $auth_option => $id_ary)
 226                  {
 227                      foreach ($id_ary as $id)
 228                      {
 229                          if (!$forum_id)
 230                          {
 231                              $user_ary[$id]['forums'] = $user->lang['ALL_FORUMS'];
 232                          }
 233                          else
 234                          {
 235                              $user_ary[$id]['forums_ary'][] = $forum_id;
 236                          }
 237                      }
 238                  }
 239              }
 240  
 241              $sql = 'SELECT forum_id, forum_name
 242                  FROM ' . FORUMS_TABLE;
 243              $result = $db->sql_query($sql);
 244  
 245              $forums = array();
 246              while ($row = $db->sql_fetchrow($result))
 247              {
 248                  $forums[$row['forum_id']] = $row['forum_name'];
 249              }
 250              $db->sql_freeresult($result);
 251  
 252              foreach ($user_ary as $user_id => $user_data)
 253              {
 254                  if (!$user_data['forums'])
 255                  {
 256                      foreach ($user_data['forums_ary'] as $forum_id)
 257                      {
 258                          $user_ary[$user_id]['forums_options'] = true;
 259                          if (isset($forums[$forum_id]))
 260                          {
 261                              if ($auth->acl_get('f_list', $forum_id))
 262                              {
 263                                  $user_ary[$user_id]['forums'] .= '<option value="">' . $forums[$forum_id] . '</option>';
 264                              }
 265                          }
 266                      }
 267                  }
 268              }
 269          }
 270  
 271          $parent_team = 0;
 272          foreach ($teampage_data as $team_data)
 273          {
 274              // If this team entry has no group, it's a category
 275              if (!$team_data['group_id'])
 276              {
 277                  $template->assign_block_vars('group', array(
 278                      'GROUP_NAME'  => $team_data['teampage_name'],
 279                  ));
 280  
 281                  $parent_team = (int) $team_data['teampage_id'];
 282                  continue;
 283              }
 284  
 285              $group_data = $groups_ary[(int) $team_data['group_id']];
 286              $group_id = (int) $team_data['group_id'];
 287  
 288              if (!$team_data['teampage_parent'])
 289              {
 290                  // If the group does not have a parent category, we display the groupname as category
 291                  $template->assign_block_vars('group', array(
 292                      'GROUP_NAME'    => $group_data['group_name'],
 293                      'GROUP_COLOR'    => $group_data['group_colour'],
 294                      'U_GROUP'        => $group_data['u_group'],
 295                  ));
 296              }
 297  
 298              // Display group members.
 299              if (!empty($group_users[$group_id]))
 300              {
 301                  foreach ($group_users[$group_id] as $user_id)
 302                  {
 303                      if (isset($user_ary[$user_id]))
 304                      {
 305                          $row = $user_ary[$user_id];
 306                          if ($config['teampage_memberships'] == 1 && ($group_id != $groups_ary[$row['default_group']]['group_id']) && $groups_ary[$row['default_group']]['teampage_id'])
 307                          {
 308                              // Display users in their primary group, instead of the first group, when it is displayed on the teampage.
 309                              continue;
 310                          }
 311  
 312                          $user_rank_data = phpbb_get_user_rank($row, (($row['user_id'] == ANONYMOUS) ? false : $row['user_posts']));
 313  
 314                          $template_vars = array(
 315                              'USER_ID'        => $row['user_id'],
 316                              'FORUMS'        => $row['forums'],
 317                              'FORUM_OPTIONS'    => (isset($row['forums_options'])) ? true : false,
 318                              'RANK_TITLE'    => $user_rank_data['title'],
 319  
 320                              'GROUP_NAME'    => $groups_ary[$row['default_group']]['group_name'],
 321                              'GROUP_COLOR'    => $groups_ary[$row['default_group']]['group_colour'],
 322                              'U_GROUP'        => $groups_ary[$row['default_group']]['u_group'],
 323  
 324                              'RANK_IMG'        => $user_rank_data['img'],
 325                              'RANK_IMG_SRC'    => $user_rank_data['img_src'],
 326  
 327                              'S_INACTIVE'    => $row['user_type'] == USER_INACTIVE,
 328  
 329                              'U_PM'            => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($row['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;u=' . $row['user_id']) : '',
 330  
 331                              'USERNAME_FULL'        => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
 332                              'USERNAME'            => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']),
 333                              'USER_COLOR'        => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']),
 334                              'U_VIEW_PROFILE'    => get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']),
 335                          );
 336  
 337                          /**
 338                           * Modify the template vars for displaying the user in the groups on the teampage
 339                           *
 340                           * @event core.memberlist_team_modify_template_vars
 341                           * @var array    template_vars        Array containing the query
 342                           * @var array    row                    Array containing the action user row
 343                           * @var array    groups_ary            Array of groups with all users that should be displayed
 344                           * @since 3.1.3-RC1
 345                           */
 346                          $vars = array(
 347                              'template_vars',
 348                              'row',
 349                              'groups_ary',
 350                          );
 351                          extract($phpbb_dispatcher->trigger_event('core.memberlist_team_modify_template_vars', compact($vars)));
 352  
 353                          $template->assign_block_vars('group.user', $template_vars);
 354  
 355                          if ($config['teampage_memberships'] != 2)
 356                          {
 357                              unset($user_ary[$user_id]);
 358                          }
 359                      }
 360                  }
 361              }
 362          }
 363  
 364          $template->assign_vars(array(
 365              'PM_IMG'        => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']))
 366          );
 367      break;
 368  
 369      case 'contact':
 370  
 371          $page_title = $user->lang['IM_USER'];
 372          $template_html = 'memberlist_im.html';
 373  
 374          if (!$auth->acl_get('u_sendim'))
 375          {
 376              send_status_line(403, 'Forbidden');
 377              trigger_error('NOT_AUTHORISED');
 378          }
 379  
 380          $presence_img = '';
 381          switch ($action)
 382          {
 383              case 'jabber':
 384                  $lang = 'JABBER';
 385                  $sql_field = 'user_jabber';
 386                  $s_select = (@extension_loaded('xml') && $config['jab_enable']) ? 'S_SEND_JABBER' : 'S_NO_SEND_JABBER';
 387                  $s_action = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&amp;action=$action&amp;u=$user_id");
 388              break;
 389  
 390              default:
 391                  trigger_error('NO_MODE', E_USER_ERROR);
 392              break;
 393          }
 394  
 395          // Grab relevant data
 396          $sql = "SELECT user_id, username, user_email, user_lang, $sql_field
 397              FROM " . USERS_TABLE . "
 398              WHERE user_id = $user_id
 399                  AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
 400          $result = $db->sql_query($sql);
 401          $row = $db->sql_fetchrow($result);
 402          $db->sql_freeresult($result);
 403  
 404          if (!$row)
 405          {
 406              trigger_error('NO_USER');
 407          }
 408          else if (empty($row[$sql_field]))
 409          {
 410              trigger_error('IM_NO_DATA');
 411          }
 412  
 413          // Post data grab actions
 414          switch ($action)
 415          {
 416              case 'jabber':
 417                  add_form_key('memberlist_messaging');
 418  
 419                  if ($submit && @extension_loaded('xml') && $config['jab_enable'])
 420                  {
 421                      if (check_form_key('memberlist_messaging'))
 422                      {
 423  
 424                          include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
 425  
 426                          $subject = sprintf($user->lang['IM_JABBER_SUBJECT'], $user->data['username'], $config['server_name']);
 427                          $message = $request->variable('message', '', true);
 428  
 429                          if (empty($message))
 430                          {
 431                              trigger_error('EMPTY_MESSAGE_IM');
 432                          }
 433  
 434                          $messenger = new messenger(false);
 435  
 436                          $messenger->template('profile_send_im', $row['user_lang']);
 437                          $messenger->subject(htmlspecialchars_decode($subject));
 438  
 439                          $messenger->replyto($user->data['user_email']);
 440                          $messenger->set_addresses($row);
 441  
 442                          $messenger->assign_vars(array(
 443                              'BOARD_CONTACT'    => phpbb_get_board_contact($config, $phpEx),
 444                              'FROM_USERNAME'    => htmlspecialchars_decode($user->data['username']),
 445                              'TO_USERNAME'    => htmlspecialchars_decode($row['username']),
 446                              'MESSAGE'        => htmlspecialchars_decode($message))
 447                          );
 448  
 449                          $messenger->send(NOTIFY_IM);
 450  
 451                          $s_select = 'S_SENT_JABBER';
 452                      }
 453                      else
 454                      {
 455                          trigger_error('FORM_INVALID');
 456                      }
 457                  }
 458              break;
 459          }
 460  
 461          // Send vars to the template
 462          $template->assign_vars(array(
 463              'IM_CONTACT'    => $row[$sql_field],
 464              'A_IM_CONTACT'    => addslashes($row[$sql_field]),
 465  
 466              'USERNAME'        => $row['username'],
 467              'CONTACT_NAME'    => $row[$sql_field],
 468              'SITENAME'        => $config['sitename'],
 469  
 470              'PRESENCE_IMG'        => $presence_img,
 471  
 472              'L_SEND_IM_EXPLAIN'    => $user->lang['IM_' . $lang],
 473              'L_IM_SENT_JABBER'    => sprintf($user->lang['IM_SENT_JABBER'], $row['username']),
 474  
 475              $s_select            => true,
 476              'S_IM_ACTION'        => $s_action)
 477          );
 478  
 479      break;
 480  
 481      case 'viewprofile':
 482          // Display a profile
 483          if ($user_id == ANONYMOUS && !$username)
 484          {
 485              trigger_error('NO_USER');
 486          }
 487  
 488          // Get user...
 489          $sql = 'SELECT *
 490              FROM ' . USERS_TABLE . '
 491              WHERE ' . (($username) ? "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'" : "user_id = $user_id");
 492          $result = $db->sql_query($sql);
 493          $member = $db->sql_fetchrow($result);
 494          $db->sql_freeresult($result);
 495  
 496          if (!$member)
 497          {
 498              trigger_error('NO_USER');
 499          }
 500  
 501          // a_user admins and founder are able to view inactive users and bots to be able to manage them more easily
 502          // Normal users are able to see at least users having only changed their profile settings but not yet reactivated.
 503          if (!$auth->acl_get('a_user') && $user->data['user_type'] != USER_FOUNDER)
 504          {
 505              if ($member['user_type'] == USER_IGNORE)
 506              {
 507                  trigger_error('NO_USER');
 508              }
 509              else if ($member['user_type'] == USER_INACTIVE && $member['user_inactive_reason'] != INACTIVE_PROFILE)
 510              {
 511                  trigger_error('NO_USER');
 512              }
 513          }
 514  
 515          $user_id = (int) $member['user_id'];
 516  
 517          // Get group memberships
 518          // Also get visiting user's groups to determine hidden group memberships if necessary.
 519          $auth_hidden_groups = ($user_id === (int) $user->data['user_id'] || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? true : false;
 520          $sql_uid_ary = ($auth_hidden_groups) ? array($user_id) : array($user_id, (int) $user->data['user_id']);
 521  
 522          // Do the SQL thang
 523          $sql = 'SELECT g.group_id, g.group_name, g.group_type, ug.user_id
 524              FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
 525              WHERE ' . $db->sql_in_set('ug.user_id', $sql_uid_ary) . '
 526                  AND g.group_id = ug.group_id
 527                  AND ug.user_pending = 0';
 528          $result = $db->sql_query($sql);
 529  
 530          // Divide data into profile data and current user data
 531          $profile_groups = $user_groups = array();
 532          while ($row = $db->sql_fetchrow($result))
 533          {
 534              $row['user_id'] = (int) $row['user_id'];
 535              $row['group_id'] = (int) $row['group_id'];
 536  
 537              if ($row['user_id'] == $user_id)
 538              {
 539                  $profile_groups[] = $row;
 540              }
 541              else
 542              {
 543                  $user_groups[$row['group_id']] = $row['group_id'];
 544              }
 545          }
 546          $db->sql_freeresult($result);
 547  
 548          // Filter out hidden groups and sort groups by name
 549          $group_data = $group_sort = array();
 550          foreach ($profile_groups as $row)
 551          {
 552              if (!$auth_hidden_groups && $row['group_type'] == GROUP_HIDDEN && !isset($user_groups[$row['group_id']]))
 553              {
 554                  // Skip over hidden groups the user cannot see
 555                  continue;
 556              }
 557  
 558              $row['group_name'] = $group_helper->get_name($row['group_name']);
 559  
 560              $group_sort[$row['group_id']] = utf8_clean_string($row['group_name']);
 561              $group_data[$row['group_id']] = $row;
 562          }
 563          unset($profile_groups);
 564          unset($user_groups);
 565          asort($group_sort);
 566  
 567          $group_options = '';
 568          foreach ($group_sort as $group_id => $null)
 569          {
 570              $row = $group_data[$group_id];
 571  
 572              $group_options .= '<option value="' . $row['group_id'] . '"' . (($row['group_id'] == $member['group_id']) ? ' selected="selected"' : '') . '>' . $row['group_name'] . '</option>';
 573          }
 574          unset($group_data);
 575          unset($group_sort);
 576  
 577          // What colour is the zebra
 578          $sql = 'SELECT friend, foe
 579              FROM ' . ZEBRA_TABLE . "
 580              WHERE zebra_id = $user_id
 581                  AND user_id = {$user->data['user_id']}";
 582  
 583          $result = $db->sql_query($sql);
 584          $row = $db->sql_fetchrow($result);
 585          $foe = ($row['foe']) ? true : false;
 586          $friend = ($row['friend']) ? true : false;
 587          $db->sql_freeresult($result);
 588  
 589          if ($config['load_onlinetrack'])
 590          {
 591              $sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
 592                  FROM ' . SESSIONS_TABLE . "
 593                  WHERE session_user_id = $user_id";
 594              $result = $db->sql_query($sql);
 595              $row = $db->sql_fetchrow($result);
 596              $db->sql_freeresult($result);
 597  
 598              $member['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0;
 599              $member['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] :    0;
 600              unset($row);
 601          }
 602  
 603          if ($config['load_user_activity'])
 604          {
 605              display_user_activity($member);
 606          }
 607  
 608          // Do the relevant calculations
 609          $memberdays = max(1, round((time() - $member['user_regdate']) / 86400));
 610          $posts_per_day = $member['user_posts'] / $memberdays;
 611          $percentage = ($config['num_posts']) ? min(100, ($member['user_posts'] / $config['num_posts']) * 100) : 0;
 612  
 613  
 614          if ($member['user_sig'])
 615          {
 616              $parse_flags = ($member['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
 617              $member['user_sig'] = generate_text_for_display($member['user_sig'], $member['user_sig_bbcode_uid'], $member['user_sig_bbcode_bitfield'], $parse_flags, true);
 618          }
 619  
 620          // We need to check if the modules 'zebra' ('friends' & 'foes' mode),  'notes' ('user_notes' mode) and  'warn' ('warn_user' mode) are accessible to decide if we can display appropriate links
 621          $zebra_enabled = $friends_enabled = $foes_enabled = $user_notes_enabled = $warn_user_enabled = false;
 622  
 623          // Only check if the user is logged in
 624          if ($user->data['is_registered'])
 625          {
 626              if (!class_exists('p_master'))
 627              {
 628                  include($phpbb_root_path . 'includes/functions_module.' . $phpEx);
 629              }
 630              $module = new p_master();
 631  
 632              $module->list_modules('ucp');
 633              $module->list_modules('mcp');
 634  
 635              $user_notes_enabled = ($module->loaded('mcp_notes', 'user_notes')) ? true : false;
 636              $warn_user_enabled = ($module->loaded('mcp_warn', 'warn_user')) ? true : false;
 637              $zebra_enabled = ($module->loaded('ucp_zebra')) ? true : false;
 638              $friends_enabled = ($module->loaded('ucp_zebra', 'friends')) ? true : false;
 639              $foes_enabled = ($module->loaded('ucp_zebra', 'foes')) ? true : false;
 640  
 641              unset($module);
 642          }
 643  
 644          // Custom Profile Fields
 645          $profile_fields = array();
 646          if ($config['load_cpf_viewprofile'])
 647          {
 648              /* @var $cp \phpbb\profilefields\manager */
 649              $cp = $phpbb_container->get('profilefields.manager');
 650              $profile_fields = $cp->grab_profile_fields_data($user_id);
 651              $profile_fields = (isset($profile_fields[$user_id])) ? $cp->generate_profile_fields_template_data($profile_fields[$user_id]) : array();
 652          }
 653  
 654          /**
 655          * Modify user data before we display the profile
 656          *
 657          * @event core.memberlist_view_profile
 658          * @var    array    member                    Array with user's data
 659          * @var    bool    user_notes_enabled        Is the mcp user notes module enabled?
 660          * @var    bool    warn_user_enabled        Is the mcp warnings module enabled?
 661          * @var    bool    zebra_enabled            Is the ucp zebra module enabled?
 662          * @var    bool    friends_enabled            Is the ucp friends module enabled?
 663          * @var    bool    foes_enabled            Is the ucp foes module enabled?
 664          * @var    bool    friend                    Is the user friend?
 665          * @var    bool    foe                        Is the user foe?
 666          * @var    array    profile_fields            Array with user's profile field data
 667          * @since 3.1.0-a1
 668          * @changed 3.1.0-b2 Added friend and foe status
 669          * @changed 3.1.0-b3 Added profile fields data
 670          */
 671          $vars = array(
 672              'member',
 673              'user_notes_enabled',
 674              'warn_user_enabled',
 675              'zebra_enabled',
 676              'friends_enabled',
 677              'foes_enabled',
 678              'friend',
 679              'foe',
 680              'profile_fields',
 681          );
 682          extract($phpbb_dispatcher->trigger_event('core.memberlist_view_profile', compact($vars)));
 683  
 684          $template->assign_vars(phpbb_show_profile($member, $user_notes_enabled, $warn_user_enabled));
 685  
 686          // If the user has m_approve permission or a_user permission, then list then display unapproved posts
 687          if ($auth->acl_getf_global('m_approve') || $auth->acl_get('a_user'))
 688          {
 689              $sql = 'SELECT COUNT(post_id) as posts_in_queue
 690                  FROM ' . POSTS_TABLE . '
 691                  WHERE poster_id = ' . $user_id . '
 692                      AND ' . $db->sql_in_set('post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE));
 693              $result = $db->sql_query($sql);
 694              $member['posts_in_queue'] = (int) $db->sql_fetchfield('posts_in_queue');
 695              $db->sql_freeresult($result);
 696          }
 697          else
 698          {
 699              $member['posts_in_queue'] = 0;
 700          }
 701  
 702          $template->assign_vars(array(
 703              'L_POSTS_IN_QUEUE'    => $user->lang('NUM_POSTS_IN_QUEUE', $member['posts_in_queue']),
 704  
 705              'POSTS_DAY'            => $user->lang('POST_DAY', $posts_per_day),
 706              'POSTS_PCT'            => $user->lang('POST_PCT', $percentage),
 707  
 708              'SIGNATURE'        => $member['user_sig'],
 709              'POSTS_IN_QUEUE'=> $member['posts_in_queue'],
 710  
 711              'PM_IMG'        => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']),
 712              'L_SEND_EMAIL_USER'    => $user->lang('SEND_EMAIL_USER', $member['username']),
 713              'EMAIL_IMG'        => $user->img('icon_contact_email', $user->lang['EMAIL']),
 714              'JABBER_IMG'    => $user->img('icon_contact_jabber', $user->lang['JABBER']),
 715              'SEARCH_IMG'    => $user->img('icon_user_search', $user->lang['SEARCH']),
 716  
 717              'S_PROFILE_ACTION'    => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group'),
 718              'S_GROUP_OPTIONS'    => $group_options,
 719              'S_CUSTOM_FIELDS'    => (isset($profile_fields['row']) && sizeof($profile_fields['row'])) ? true : false,
 720  
 721              'U_USER_ADMIN'            => ($auth->acl_get('a_user')) ? append_sid("{$phpbb_admin_path}index.$phpEx", 'i=users&amp;mode=overview&amp;u=' . $user_id, true, $user->session_id) : '',
 722              'U_USER_BAN'            => ($auth->acl_get('m_ban') && $user_id != $user->data['user_id']) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=ban&amp;mode=user&amp;u=' . $user_id, true, $user->session_id) : '',
 723              'U_MCP_QUEUE'            => ($auth->acl_getf_global('m_approve')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue', true, $user->session_id) : '',
 724  
 725              'U_SWITCH_PERMISSIONS'    => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_id) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&amp;u={$user_id}&amp;hash=" . generate_link_hash('switchperm')) : '',
 726              'U_EDIT_SELF'            => ($user_id == $user->data['user_id'] && $auth->acl_get('u_chgprofileinfo')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_profile&amp;mode=profile_info') : '',
 727  
 728              'S_USER_NOTES'        => ($user_notes_enabled) ? true : false,
 729              'S_WARN_USER'        => ($warn_user_enabled) ? true : false,
 730              'S_ZEBRA'            => ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false,
 731              'U_ADD_FRIEND'        => (!$friend && !$foe && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;add=' . urlencode(htmlspecialchars_decode($member['username']))) : '',
 732              'U_ADD_FOE'            => (!$friend && !$foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;mode=foes&amp;add=' . urlencode(htmlspecialchars_decode($member['username']))) : '',
 733              'U_REMOVE_FRIEND'    => ($friend && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;usernames[]=' . $user_id) : '',
 734              'U_REMOVE_FOE'        => ($foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;mode=foes&amp;usernames[]=' . $user_id) : '',
 735  
 736              'U_CANONICAL'    => generate_board_url() . '/' . append_sid("memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $user_id, true, ''),
 737          ));
 738  
 739          if (!empty($profile_fields['row']))
 740          {
 741              $template->assign_vars($profile_fields['row']);
 742          }
 743  
 744          if (!empty($profile_fields['blockrow']))
 745          {
 746              foreach ($profile_fields['blockrow'] as $field_data)
 747              {
 748                  $template->assign_block_vars('custom_fields', $field_data);
 749              }
 750          }
 751  
 752          // Inactive reason/account?
 753          if ($member['user_type'] == USER_INACTIVE)
 754          {
 755              $user->add_lang('acp/common');
 756  
 757              $inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
 758  
 759              switch ($member['user_inactive_reason'])
 760              {
 761                  case INACTIVE_REGISTER:
 762                      $inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
 763                  break;
 764  
 765                  case INACTIVE_PROFILE:
 766                      $inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
 767                  break;
 768  
 769                  case INACTIVE_MANUAL:
 770                      $inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
 771                  break;
 772  
 773                  case INACTIVE_REMIND:
 774                      $inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
 775                  break;
 776              }
 777  
 778              $template->assign_vars(array(
 779                  'S_USER_INACTIVE'        => true,
 780                  'USER_INACTIVE_REASON'    => $inactive_reason)
 781              );
 782          }
 783  
 784          // Now generate page title
 785          $page_title = sprintf($user->lang['VIEWING_PROFILE'], $member['username']);
 786          $template_html = 'memberlist_view.html';
 787  
 788      break;
 789  
 790      case 'contactadmin':
 791      case 'email':
 792          if (!class_exists('messenger'))
 793          {
 794              include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
 795          }
 796  
 797          $user_id    = $request->variable('u', 0);
 798          $topic_id    = $request->variable('t', 0);
 799  
 800          if ($user_id)
 801          {
 802              $form_name = 'user';
 803          }
 804          else if ($topic_id)
 805          {
 806              $form_name = 'topic';
 807          }
 808          else if ($mode === 'contactadmin')
 809          {
 810              $form_name = 'admin';
 811          }
 812          else
 813          {
 814              trigger_error('NO_EMAIL');
 815          }
 816  
 817          /** @var $form \phpbb\message\form */
 818          $form = $phpbb_container->get('message.form.' . $form_name);
 819  
 820          $form->bind($request);
 821          $error = $form->check_allow();
 822          if ($error)
 823          {
 824              trigger_error($error);
 825          }
 826  
 827          if ($request->is_set_post('submit'))
 828          {
 829              $messenger = new messenger(false);
 830              $form->submit($messenger);
 831          }
 832  
 833          $page_title = $form->get_page_title();
 834          $template_html = $form->get_template_file();
 835          $form->render($template);
 836  
 837      break;
 838  
 839      case 'livesearch':
 840  
 841          $username_chars = $request->variable('username', '', true);
 842  
 843          $sql = 'SELECT username, user_id, user_colour
 844              FROM ' . USERS_TABLE . '
 845              WHERE ' . $db->sql_in_set('user_type', $user_types) . '
 846                  AND username_clean ' . $db->sql_like_expression(utf8_clean_string($username_chars) . $db->get_any_char());
 847          $result = $db->sql_query_limit($sql, 10);
 848          $user_list = array();
 849  
 850          while ($row = $db->sql_fetchrow($result))
 851          {
 852              $user_list[] = array(
 853                  'user_id'        => (int) $row['user_id'],
 854                  'result'        => $row['username'],
 855                  'username_full'    => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
 856                  'display'        => get_username_string('no_profile', $row['user_id'], $row['username'], $row['user_colour']),
 857              );
 858          }
 859          $db->sql_freeresult($result);
 860          $json_response = new \phpbb\json_response();
 861          $json_response->send(array(
 862              'keyword' => $username_chars,
 863              'results' => $user_list,
 864          ));
 865  
 866      break;
 867  
 868      case 'group':
 869      default:
 870          // The basic memberlist
 871          $page_title = $user->lang['MEMBERLIST'];
 872          $template_html = 'memberlist_body.html';
 873  
 874          /* @var $pagination \phpbb\pagination */
 875          $pagination = $phpbb_container->get('pagination');
 876  
 877          // Sorting
 878          $sort_key_text = array('a' => $user->lang['SORT_USERNAME'], 'c' => $user->lang['SORT_JOINED'], 'd' => $user->lang['SORT_POST_COUNT']);
 879          $sort_key_sql = array('a' => 'u.username_clean', 'c' => 'u.user_regdate', 'd' => 'u.user_posts');
 880  
 881          if ($config['jab_enable'])
 882          {
 883              $sort_key_text['k'] = $user->lang['JABBER'];
 884              $sort_key_sql['k'] = 'u.user_jabber';
 885          }
 886  
 887          if ($auth->acl_get('a_user'))
 888          {
 889              $sort_key_text['e'] = $user->lang['SORT_EMAIL'];
 890              $sort_key_sql['e'] = 'u.user_email';
 891          }
 892  
 893          if ($auth->acl_get('u_viewonline'))
 894          {
 895              $sort_key_text['l'] = $user->lang['SORT_LAST_ACTIVE'];
 896              $sort_key_sql['l'] = 'u.user_lastvisit';
 897          }
 898  
 899          $sort_key_text['m'] = $user->lang['SORT_RANK'];
 900          $sort_key_sql['m'] = 'u.user_rank';
 901  
 902          $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
 903  
 904          $s_sort_key = '';
 905          foreach ($sort_key_text as $key => $value)
 906          {
 907              $selected = ($sort_key == $key) ? ' selected="selected"' : '';
 908              $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
 909          }
 910  
 911          $s_sort_dir = '';
 912          foreach ($sort_dir_text as $key => $value)
 913          {
 914              $selected = ($sort_dir == $key) ? ' selected="selected"' : '';
 915              $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
 916          }
 917  
 918          // Additional sorting options for user search ... if search is enabled, if not
 919          // then only admins can make use of this (for ACP functionality)
 920          $sql_select = $sql_where_data = $sql_from = $sql_where = $order_by = '';
 921  
 922  
 923          $form            = $request->variable('form', '');
 924          $field            = $request->variable('field', '');
 925          $select_single     = $request->variable('select_single', false);
 926  
 927          // Search URL parameters, if any of these are in the URL we do a search
 928          $search_params = array('username', 'email', 'jabber', 'search_group_id', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'ip');
 929  
 930          // We validate form and field here, only id/class allowed
 931          $form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form;
 932          $field = (!preg_match('/^[a-z0-9_-]+$/i', $field)) ? '' : $field;
 933          if ((($mode == '' || $mode == 'searchuser') || sizeof(array_intersect($request->variable_names(\phpbb\request\request_interface::GET), $search_params)) > 0) && ($config['load_search'] || $auth->acl_get('a_')))
 934          {
 935              $username    = $request->variable('username', '', true);
 936              $email        = strtolower($request->variable('email', ''));
 937              $jabber        = $request->variable('jabber', '');
 938              $search_group_id    = $request->variable('search_group_id', 0);
 939  
 940              // when using these, make sure that we actually have values defined in $find_key_match
 941              $joined_select    = $request->variable('joined_select', 'lt');
 942              $active_select    = $request->variable('active_select', 'lt');
 943              $count_select    = $request->variable('count_select', 'eq');
 944  
 945              $joined            = explode('-', $request->variable('joined', ''));
 946              $active            = explode('-', $request->variable('active', ''));
 947              $count            = ($request->variable('count', '') !== '') ? $request->variable('count', 0) : '';
 948              $ipdomain        = $request->variable('ip', '');
 949  
 950              $find_key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
 951  
 952              $find_count = array('lt' => $user->lang['LESS_THAN'], 'eq' => $user->lang['EQUAL_TO'], 'gt' => $user->lang['MORE_THAN']);
 953              $s_find_count = '';
 954              foreach ($find_count as $key => $value)
 955              {
 956                  $selected = ($count_select == $key) ? ' selected="selected"' : '';
 957                  $s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
 958              }
 959  
 960              $find_time = array('lt' => $user->lang['BEFORE'], 'gt' => $user->lang['AFTER']);
 961              $s_find_join_time = '';
 962              foreach ($find_time as $key => $value)
 963              {
 964                  $selected = ($joined_select == $key) ? ' selected="selected"' : '';
 965                  $s_find_join_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
 966              }
 967  
 968              $s_find_active_time = '';
 969              foreach ($find_time as $key => $value)
 970              {
 971                  $selected = ($active_select == $key) ? ' selected="selected"' : '';
 972                  $s_find_active_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
 973              }
 974  
 975              $sql_where .= ($username) ? ' AND u.username_clean ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), utf8_clean_string($username))) : '';
 976              $sql_where .= ($auth->acl_get('a_user') && $email) ? ' AND u.user_email ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), $email)) . ' ' : '';
 977              $sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), $jabber)) . ' ' : '';
 978              $sql_where .= (is_numeric($count) && isset($find_key_match[$count_select])) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : '';
 979  
 980              if (isset($find_key_match[$joined_select]) && sizeof($joined) == 3)
 981              {
 982                  $joined_time = gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]);
 983  
 984                  if ($joined_time !== false)
 985                  {
 986                      $sql_where .= " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . $joined_time;
 987                  }
 988              }
 989  
 990              if (isset($find_key_match[$active_select]) && sizeof($active) == 3 && $auth->acl_get('u_viewonline'))
 991              {
 992                  $active_time = gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]);
 993  
 994                  if ($active_time !== false)
 995                  {
 996                      $sql_where .= " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . $active_time;
 997                  }
 998              }
 999  
1000              $sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : '';
1001  
1002              if ($search_group_id)
1003              {
1004                  $sql_from = ', ' . USER_GROUP_TABLE . ' ug ';
1005              }
1006  
1007              if ($ipdomain && $auth->acl_getf_global('m_info'))
1008              {
1009                  if (strspn($ipdomain, 'abcdefghijklmnopqrstuvwxyz'))
1010                  {
1011                      $hostnames = gethostbynamel($ipdomain);
1012  
1013                      if ($hostnames !== false)
1014                      {
1015                          $ips = "'" . implode('\', \'', array_map(array($db, 'sql_escape'), preg_replace('#([0-9]{1,3}\.[0-9]{1,3}[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#', "\\1", gethostbynamel($ipdomain)))) . "'";
1016                      }
1017                      else
1018                      {
1019                          $ips = false;
1020                      }
1021                  }
1022                  else
1023                  {
1024                      $ips = "'" . str_replace('*', '%', $db->sql_escape($ipdomain)) . "'";
1025                  }
1026  
1027                  if ($ips === false)
1028                  {
1029                      // A minor fudge but it does the job :D
1030                      $sql_where .= " AND u.user_id = 0";
1031                  }
1032                  else
1033                  {
1034                      $ip_forums = array_keys($auth->acl_getf('m_info', true));
1035  
1036                      $sql = 'SELECT DISTINCT poster_id
1037                          FROM ' . POSTS_TABLE . '
1038                          WHERE poster_ip ' . ((strpos($ips, '%') !== false) ? 'LIKE' : 'IN') . " ($ips)
1039                              AND " . $db->sql_in_set('forum_id', $ip_forums);
1040  
1041                      /**
1042                      * Modify sql query for members search by ip address / hostname
1043                      *
1044                      * @event core.memberlist_modify_ip_search_sql_query
1045                      * @var    string    ipdomain    The host name
1046                      * @var    string    ips            IP address list for the given host name
1047                      * @var    string    sql            The SQL query for searching members by IP address
1048                      * @since 3.1.7-RC1
1049                      */
1050                      $vars = array(
1051                          'ipdomain',
1052                          'ips',
1053                          'sql',
1054                      );
1055                      extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_ip_search_sql_query', compact($vars)));
1056  
1057                      $result = $db->sql_query($sql);
1058  
1059                      if ($row = $db->sql_fetchrow($result))
1060                      {
1061                          $ip_sql = array();
1062                          do
1063                          {
1064                              $ip_sql[] = $row['poster_id'];
1065                          }
1066                          while ($row = $db->sql_fetchrow($result));
1067  
1068                          $sql_where .= ' AND ' . $db->sql_in_set('u.user_id', $ip_sql);
1069                      }
1070                      else
1071                      {
1072                          // A minor fudge but it does the job :D
1073                          $sql_where .= " AND u.user_id = 0";
1074                      }
1075                      unset($ip_forums);
1076  
1077                      $db->sql_freeresult($result);
1078                  }
1079              }
1080          }
1081  
1082          $first_char = $request->variable('first_char', '');
1083  
1084          if ($first_char == 'other')
1085          {
1086              for ($i = 97; $i < 123; $i++)
1087              {
1088                  $sql_where .= ' AND u.username_clean NOT ' . $db->sql_like_expression(chr($i) . $db->get_any_char());
1089              }
1090          }
1091          else if ($first_char)
1092          {
1093              $sql_where .= ' AND u.username_clean ' . $db->sql_like_expression(substr($first_char, 0, 1) . $db->get_any_char());
1094          }
1095  
1096          // Are we looking at a usergroup? If so, fetch additional info
1097          // and further restrict the user info query
1098          if ($mode == 'group')
1099          {
1100              // We JOIN here to save a query for determining membership for hidden groups. ;)
1101              $sql = 'SELECT g.*, ug.user_id, ug.group_leader
1102                  FROM ' . GROUPS_TABLE . ' g
1103                  LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (ug.user_pending = 0 AND ug.user_id = ' . $user->data['user_id'] . " AND ug.group_id = $group_id)
1104                  WHERE g.group_id = $group_id";
1105              $result = $db->sql_query($sql);
1106              $group_row = $db->sql_fetchrow($result);
1107              $db->sql_freeresult($result);
1108  
1109              if (!$group_row)
1110              {
1111                  trigger_error('NO_GROUP');
1112              }
1113  
1114              switch ($group_row['group_type'])
1115              {
1116                  case GROUP_OPEN:
1117                      $group_row['l_group_type'] = 'OPEN';
1118                  break;
1119  
1120                  case GROUP_CLOSED:
1121                      $group_row['l_group_type'] = 'CLOSED';
1122                  break;
1123  
1124                  case GROUP_HIDDEN:
1125                      $group_row['l_group_type'] = 'HIDDEN';
1126  
1127                      // Check for membership or special permissions
1128                      if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $group_row['user_id'] != $user->data['user_id'])
1129                      {
1130                          trigger_error('NO_GROUP');
1131                      }
1132                  break;
1133  
1134                  case GROUP_SPECIAL:
1135                      $group_row['l_group_type'] = 'SPECIAL';
1136                  break;
1137  
1138                  case GROUP_FREE:
1139                      $group_row['l_group_type'] = 'FREE';
1140                  break;
1141              }
1142  
1143              $avatar_img = phpbb_get_group_avatar($group_row);
1144  
1145              // ... same for group rank
1146              $user_rank_data = array(
1147                  'title'        => null,
1148                  'img'        => null,
1149                  'img_src'    => null,
1150              );
1151              if ($group_row['group_rank'])
1152              {
1153                  $user_rank_data = phpbb_get_user_rank($group_row, false);
1154  
1155                  if ($user_rank_data['img'])
1156                  {
1157                      $user_rank_data['img'] .= '<br />';
1158                  }
1159              }
1160              // include modules for manage groups link display or not
1161              // need to ensure the module is active
1162              $can_manage_group = false;
1163              if ($user->data['is_registered'] && $group_row['group_leader'])
1164              {
1165                  if (!class_exists('p_master'))
1166                  {
1167                      include($phpbb_root_path . 'includes/functions_module.' . $phpEx);
1168                  }
1169                  $module = new p_master;
1170                  $module->list_modules('ucp');
1171  
1172                  if ($module->is_active('ucp_groups', 'manage'))
1173                  {
1174                      $can_manage_group = true;
1175                  }
1176                  unset($module);
1177              }
1178  
1179              $template->assign_vars(array(
1180                  'GROUP_DESC'    => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']),
1181                  'GROUP_NAME'    => $group_helper->get_name($group_row['group_name']),
1182                  'GROUP_COLOR'    => $group_row['group_colour'],
1183                  'GROUP_TYPE'    => $user->lang['GROUP_IS_' . $group_row['l_group_type']],
1184                  'GROUP_RANK'    => $user_rank_data['title'],
1185  
1186                  'AVATAR_IMG'    => $avatar_img,
1187                  'RANK_IMG'        => $user_rank_data['img'],
1188                  'RANK_IMG_SRC'    => $user_rank_data['img_src'],
1189  
1190                  'U_PM'            => ($auth->acl_get('u_sendpm') && $auth->acl_get('u_masspm_group') && $group_row['group_receive_pm'] && $config['allow_privmsg'] && $config['allow_mass_pm']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;g=' . $group_id) : '',
1191                  'U_MANAGE'        => ($can_manage_group) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_groups&amp;mode=manage') : false,)
1192              );
1193  
1194              $sql_select = ', ug.group_leader';
1195              $sql_from = ', ' . USER_GROUP_TABLE . ' ug ';
1196              $order_by = 'ug.group_leader DESC, ';
1197  
1198              $sql_where .= " AND ug.user_pending = 0 AND u.user_id = ug.user_id AND ug.group_id = $group_id";
1199              $sql_where_data = " AND u.user_id = ug.user_id AND ug.group_id = $group_id";
1200          }
1201  
1202          // Sorting and order
1203          if (!isset($sort_key_sql[$sort_key]))
1204          {
1205              $sort_key = $default_key;
1206          }
1207  
1208          $order_by .= $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
1209  
1210          // Unfortunately we must do this here for sorting by rank, else the sort order is applied wrongly
1211          if ($sort_key == 'm')
1212          {
1213              $order_by .= ', u.user_posts DESC';
1214          }
1215  
1216          /**
1217          * Modify sql query data for members search
1218          *
1219          * @event core.memberlist_modify_sql_query_data
1220          * @var    string    order_by        SQL ORDER BY clause condition
1221          * @var    string    sort_dir        The sorting direction
1222          * @var    string    sort_key        The sorting key
1223          * @var    array    sort_key_sql    Arraty with the sorting conditions data
1224          * @var    string    sql_from        SQL FROM clause condition
1225          * @var    string    sql_select        SQL SELECT fields list
1226          * @var    string    sql_where        SQL WHERE clause condition
1227          * @var    string    sql_where_data    SQL WHERE clause additional conditions data
1228          * @since 3.1.7-RC1
1229          */
1230          $vars = array(
1231              'order_by',
1232              'sort_dir',
1233              'sort_key',
1234              'sort_key_sql',
1235              'sql_from',
1236              'sql_select',
1237              'sql_where',
1238              'sql_where_data',
1239          );
1240          extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_sql_query_data', compact($vars)));
1241  
1242          // Count the users ...
1243          $sql = 'SELECT COUNT(u.user_id) AS total_users
1244              FROM ' . USERS_TABLE . " u$sql_from
1245              WHERE " . $db->sql_in_set('u.user_type', $user_types) . "
1246              $sql_where";
1247          $result = $db->sql_query($sql);
1248          $total_users = (int) $db->sql_fetchfield('total_users');
1249          $db->sql_freeresult($result);
1250  
1251          // Build a relevant pagination_url
1252          $params = $sort_params = array();
1253  
1254          // We do not use $request->variable() here directly to save some calls (not all variables are set)
1255          $check_params = array(
1256              'g'                => array('g', 0),
1257              'sk'            => array('sk', $default_key),
1258              'sd'            => array('sd', 'a'),
1259              'form'            => array('form', ''),
1260              'field'            => array('field', ''),
1261              'select_single'    => array('select_single', $select_single),
1262              'username'        => array('username', '', true),
1263              'email'            => array('email', ''),
1264              'jabber'        => array('jabber', ''),
1265              'search_group_id'    => array('search_group_id', 0),
1266              'joined_select'    => array('joined_select', 'lt'),
1267              'active_select'    => array('active_select', 'lt'),
1268              'count_select'    => array('count_select', 'eq'),
1269              'joined'        => array('joined', ''),
1270              'active'        => array('active', ''),
1271              'count'            => ($request->variable('count', '') !== '') ? array('count', 0) : array('count', ''),
1272              'ip'            => array('ip', ''),
1273              'first_char'    => array('first_char', ''),
1274          );
1275  
1276          $u_first_char_params = array();
1277          foreach ($check_params as $key => $call)
1278          {
1279              if (!isset($_REQUEST[$key]))
1280              {
1281                  continue;
1282              }
1283  
1284              $param = call_user_func_array(array($request, 'variable'), $call);
1285              // Encode strings, convert everything else to int in order to prevent empty parameters.
1286              $param = urlencode($key) . '=' . ((is_string($param)) ? urlencode($param) : (int) $param);
1287              $params[] = $param;
1288  
1289              if ($key != 'first_char')
1290              {
1291                  $u_first_char_params[] = $param;
1292              }
1293              if ($key != 'sk' && $key != 'sd')
1294              {
1295                  $sort_params[] = $param;
1296              }
1297          }
1298  
1299          $u_hide_find_member = append_sid("{$phpbb_root_path}memberlist.$phpEx", "start=$start" . (!empty($params) ? '&amp;' . implode('&amp;', $params) : ''));
1300  
1301          if ($mode)
1302          {
1303              $params[] = "mode=$mode";
1304              $u_first_char_params[] = "mode=$mode";
1305          }
1306          $sort_params[] = "mode=$mode";
1307  
1308          $pagination_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $params));
1309          $sort_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $sort_params));
1310  
1311          unset($search_params, $sort_params);
1312  
1313          $u_first_char_params = implode('&amp;', $u_first_char_params);
1314          $u_first_char_params .= ($u_first_char_params) ? '&amp;' : '';
1315  
1316          $first_characters = array();
1317          $first_characters[''] = $user->lang['ALL'];
1318          for ($i = 97; $i < 123; $i++)
1319          {
1320              $first_characters[chr($i)] = chr($i - 32);
1321          }
1322          $first_characters['other'] = $user->lang['OTHER'];
1323  
1324          foreach ($first_characters as $char => $desc)
1325          {
1326              $template->assign_block_vars('first_char', array(
1327                  'DESC'            => $desc,
1328                  'VALUE'            => $char,
1329                  'S_SELECTED'    => ($first_char == $char) ? true : false,
1330                  'U_SORT'        => append_sid("{$phpbb_root_path}memberlist.$phpEx", $u_first_char_params . 'first_char=' . $char) . '#memberlist',
1331              ));
1332          }
1333  
1334          // Some search user specific data
1335          if (($mode == '' || $mode == 'searchuser') && ($config['load_search'] || $auth->acl_get('a_')))
1336          {
1337              $group_selected = $request->variable('search_group_id', 0);
1338              $s_group_select = '<option value="0"' . ((!$group_selected) ? ' selected="selected"' : '') . '>&nbsp;</option>';
1339              $group_ids = array();
1340  
1341              /**
1342              * @todo add this to a separate function (function is responsible for returning the groups the user is able to see based on the users group membership)
1343              */
1344  
1345              if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel'))
1346              {
1347                  $sql = 'SELECT group_id, group_name, group_type
1348                      FROM ' . GROUPS_TABLE;
1349  
1350                  if (!$config['coppa_enable'])
1351                  {
1352                      $sql .= " WHERE group_name <> 'REGISTERED_COPPA'";
1353                  }
1354  
1355                  $sql .= ' ORDER BY group_name ASC';
1356              }
1357              else
1358              {
1359                  $sql = 'SELECT g.group_id, g.group_name, g.group_type
1360                      FROM ' . GROUPS_TABLE . ' g
1361                      LEFT JOIN ' . USER_GROUP_TABLE . ' ug
1362                          ON (
1363                              g.group_id = ug.group_id
1364                              AND ug.user_id = ' . $user->data['user_id'] . '
1365                              AND ug.user_pending = 0
1366                          )
1367                      WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')';
1368  
1369                  if (!$config['coppa_enable'])
1370                  {
1371                      $sql .= " AND g.group_name <> 'REGISTERED_COPPA'";
1372                  }
1373  
1374                  $sql .= ' ORDER BY g.group_name ASC';
1375              }
1376              $result = $db->sql_query($sql);
1377  
1378              while ($row = $db->sql_fetchrow($result))
1379              {
1380                  $group_ids[] = $row['group_id'];
1381                  $s_group_select .= '<option value="' . $row['group_id'] . '"' . (($group_selected == $row['group_id']) ? ' selected="selected"' : '') . '>' . $group_helper->get_name($row['group_name']) . '</option>';
1382              }
1383              $db->sql_freeresult($result);
1384  
1385              if ($group_selected !== 0 && !in_array($group_selected, $group_ids))
1386              {
1387                  trigger_error('NO_GROUP');
1388              }
1389  
1390              $template->assign_vars(array(
1391                  'USERNAME'    => $username,
1392                  'EMAIL'        => $email,
1393                  'JABBER'    => $jabber,
1394                  'JOINED'    => implode('-', $joined),
1395                  'ACTIVE'    => implode('-', $active),
1396                  'COUNT'        => $count,
1397                  'IP'        => $ipdomain,
1398  
1399                  'S_IP_SEARCH_ALLOWED'    => ($auth->acl_getf_global('m_info')) ? true : false,
1400                  'S_EMAIL_SEARCH_ALLOWED'=> ($auth->acl_get('a_user')) ? true : false,
1401                  'S_JABBER_ENABLED'        => $config['jab_enable'],
1402                  'S_IN_SEARCH_POPUP'        => ($form && $field) ? true : false,
1403                  'S_SEARCH_USER'            => ($mode == 'searchuser' || ($mode == '' && $submit)),
1404                  'S_FORM_NAME'            => $form,
1405                  'S_FIELD_NAME'            => $field,
1406                  'S_SELECT_SINGLE'        => $select_single,
1407                  'S_COUNT_OPTIONS'        => $s_find_count,
1408                  'S_SORT_OPTIONS'        => $s_sort_key,
1409                  'S_JOINED_TIME_OPTIONS'    => $s_find_join_time,
1410                  'S_ACTIVE_TIME_OPTIONS'    => $s_find_active_time,
1411                  'S_GROUP_SELECT'        => $s_group_select,
1412                  'S_USER_SEARCH_ACTION'    => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=searchuser&amp;form=$form&amp;field=$field"))
1413              );
1414          }
1415  
1416          $start = $pagination->validate_start($start, $config['topics_per_page'], $total_users);
1417  
1418          // Get us some users :D
1419          $sql = "SELECT u.user_id
1420              FROM " . USERS_TABLE . " u
1421                  $sql_from
1422              WHERE " . $db->sql_in_set('u.user_type', $user_types) . "
1423                  $sql_where
1424              ORDER BY $order_by";
1425          $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
1426  
1427          $user_list = array();
1428          while ($row = $db->sql_fetchrow($result))
1429          {
1430              $user_list[] = (int) $row['user_id'];
1431          }
1432          $db->sql_freeresult($result);
1433  
1434          // Load custom profile fields
1435          if ($config['load_cpf_memberlist'])
1436          {
1437              /* @var $cp \phpbb\profilefields\manager */
1438              $cp = $phpbb_container->get('profilefields.manager');
1439  
1440              $cp_row = $cp->generate_profile_fields_template_headlines('field_show_on_ml');
1441              foreach ($cp_row as $profile_field)
1442              {
1443                  $template->assign_block_vars('custom_fields', $profile_field);
1444              }
1445          }
1446  
1447          $leaders_set = false;
1448          // So, did we get any users?
1449          if (sizeof($user_list))
1450          {
1451              // Session time?! Session time...
1452              $sql = 'SELECT session_user_id, MAX(session_time) AS session_time
1453                  FROM ' . SESSIONS_TABLE . '
1454                  WHERE session_time >= ' . (time() - $config['session_length']) . '
1455                      AND ' . $db->sql_in_set('session_user_id', $user_list) . '
1456                  GROUP BY session_user_id';
1457              $result = $db->sql_query($sql);
1458  
1459              $session_times = array();
1460              while ($row = $db->sql_fetchrow($result))
1461              {
1462                  $session_times[$row['session_user_id']] = $row['session_time'];
1463              }
1464              $db->sql_freeresult($result);
1465  
1466              // Do the SQL thang
1467              if ($mode == 'group')
1468              {
1469                  $sql = "SELECT u.*
1470                          $sql_select
1471                      FROM " . USERS_TABLE . " u
1472                          $sql_from
1473                      WHERE " . $db->sql_in_set('u.user_id', $user_list) . "
1474                          $sql_where_data";
1475              }
1476              else
1477              {
1478                  $sql = 'SELECT *
1479                      FROM ' . USERS_TABLE . '
1480                      WHERE ' . $db->sql_in_set('user_id', $user_list);
1481              }
1482              $result = $db->sql_query($sql);
1483  
1484              $id_cache = array();
1485              while ($row = $db->sql_fetchrow($result))
1486              {
1487                  $row['session_time'] = (!empty($session_times[$row['user_id']])) ? $session_times[$row['user_id']] : 0;
1488                  $row['last_visit'] = (!empty($row['session_time'])) ? $row['session_time'] : $row['user_lastvisit'];
1489  
1490                  $id_cache[$row['user_id']] = $row;
1491              }
1492              $db->sql_freeresult($result);
1493  
1494              // Load custom profile fields
1495              if ($config['load_cpf_memberlist'])
1496              {
1497                  // Grab all profile fields from users in id cache for later use - similar to the poster cache
1498                  $profile_fields_cache = $cp->grab_profile_fields_data($user_list);
1499  
1500                  // Filter the fields we don't want to show
1501                  foreach ($profile_fields_cache as $user_id => $user_profile_fields)
1502                  {
1503                      foreach ($user_profile_fields as $field_ident => $profile_field)
1504                      {
1505                          if (!$profile_field['data']['field_show_on_ml'])
1506                          {
1507                              unset($profile_fields_cache[$user_id][$field_ident]);
1508                          }
1509                      }
1510                  }
1511              }
1512  
1513              // If we sort by last active date we need to adjust the id cache due to user_lastvisit not being the last active date...
1514              if ($sort_key == 'l')
1515              {
1516  //                uasort($id_cache, create_function('$first, $second', "return (\$first['last_visit'] == \$second['last_visit']) ? 0 : ((\$first['last_visit'] < \$second['last_visit']) ? $lesser_than : ($lesser_than * -1));"));
1517                  usort($user_list,  'phpbb_sort_last_active');
1518              }
1519  
1520              // do we need to display contact fields as such
1521              $use_contact_fields = false;
1522  
1523              /**
1524               * Modify list of users before member row is created
1525               *
1526               * @event core.memberlist_memberrow_before
1527               * @var array    user_list            Array containing list of users
1528               * @var bool    use_contact_fields    Should we display contact fields as such?
1529               * @since 3.1.7-RC1
1530               */
1531              $vars = array('user_list', 'use_contact_fields');
1532              extract($phpbb_dispatcher->trigger_event('core.memberlist_memberrow_before', compact($vars)));
1533  
1534              for ($i = 0, $end = sizeof($user_list); $i < $end; ++$i)
1535              {
1536                  $user_id = $user_list[$i];
1537                  $row = $id_cache[$user_id];
1538                  $is_leader = (isset($row['group_leader']) && $row['group_leader']) ? true : false;
1539                  $leaders_set = ($leaders_set || $is_leader);
1540  
1541                  $cp_row = array();
1542                  if ($config['load_cpf_memberlist'])
1543                  {
1544                      $cp_row = (isset($profile_fields_cache[$user_id])) ? $cp->generate_profile_fields_template_data($profile_fields_cache[$user_id], $use_contact_fields) : array();
1545                  }
1546  
1547                  $memberrow = array_merge(phpbb_show_profile($row, false, false, false), array(
1548                      'ROW_NUMBER'        => $i + ($start + 1),
1549  
1550                      'S_CUSTOM_PROFILE'    => (isset($cp_row['row']) && sizeof($cp_row['row'])) ? true : false,
1551                      'S_GROUP_LEADER'    => $is_leader,
1552                      'S_INACTIVE'        => $row['user_type'] == USER_INACTIVE,
1553  
1554                      'U_VIEW_PROFILE'    => get_username_string('profile', $user_id, $row['username']),
1555                  ));
1556  
1557                  if (isset($cp_row['row']) && sizeof($cp_row['row']))
1558                  {
1559                      $memberrow = array_merge($memberrow, $cp_row['row']);
1560                  }
1561  
1562                  $template->assign_block_vars('memberrow', $memberrow);
1563  
1564                  if (isset($cp_row['blockrow']) && sizeof($cp_row['blockrow']))
1565                  {
1566                      foreach ($cp_row['blockrow'] as $field_data)
1567                      {
1568                          $template->assign_block_vars('memberrow.custom_fields', $field_data);
1569                      }
1570                  }
1571  
1572                  unset($id_cache[$user_id]);
1573              }
1574          }
1575  
1576          $pagination->generate_template_pagination($pagination_url, 'pagination', 'start', $total_users, $config['topics_per_page'], $start);
1577  
1578          // Generate page
1579          $template->assign_vars(array(
1580              'TOTAL_USERS'    => $user->lang('LIST_USERS', (int) $total_users),
1581  
1582              'PROFILE_IMG'    => $user->img('icon_user_profile', $user->lang['PROFILE']),
1583              'PM_IMG'        => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']),
1584              'EMAIL_IMG'        => $user->img('icon_contact_email', $user->lang['EMAIL']),
1585              'JABBER_IMG'    => $user->img('icon_contact_jabber', $user->lang['JABBER']),
1586              'SEARCH_IMG'    => $user->img('icon_user_search', $user->lang['SEARCH']),
1587  
1588              'U_FIND_MEMBER'            => ($config['load_search'] || $auth->acl_get('a_')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser' . (($start) ? "&amp;start=$start" : '') . (!empty($params) ? '&amp;' . implode('&amp;', $params) : '')) : '',
1589              'U_HIDE_FIND_MEMBER'    => ($mode == 'searchuser' || ($mode == '' && $submit)) ? $u_hide_find_member : '',
1590              'U_LIVE_SEARCH'            => ($config['allow_live_searches']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=livesearch') : false,
1591              'U_SORT_USERNAME'        => $sort_url . '&amp;sk=a&amp;sd=' . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'),
1592              'U_SORT_JOINED'            => $sort_url . '&amp;sk=c&amp;sd=' . (($sort_key == 'c' && $sort_dir == 'd') ? 'a' : 'd'),
1593              'U_SORT_POSTS'            => $sort_url . '&amp;sk=d&amp;sd=' . (($sort_key == 'd' && $sort_dir == 'd') ? 'a' : 'd'),
1594              'U_SORT_EMAIL'            => $sort_url . '&amp;sk=e&amp;sd=' . (($sort_key == 'e' && $sort_dir == 'd') ? 'a' : 'd'),
1595              'U_SORT_ACTIVE'            => ($auth->acl_get('u_viewonline')) ? $sort_url . '&amp;sk=l&amp;sd=' . (($sort_key == 'l' && $sort_dir == 'd') ? 'a' : 'd') : '',
1596              'U_SORT_RANK'            => $sort_url . '&amp;sk=m&amp;sd=' . (($sort_key == 'm' && $sort_dir == 'd') ? 'a' : 'd'),
1597              'U_LIST_CHAR'            => $sort_url . '&amp;sk=a&amp;sd=' . (($sort_key == 'l' && $sort_dir == 'd') ? 'a' : 'd'),
1598  
1599              'S_SHOW_GROUP'        => ($mode == 'group') ? true : false,
1600              'S_VIEWONLINE'        => $auth->acl_get('u_viewonline'),
1601              'S_LEADERS_SET'        => $leaders_set,
1602              'S_MODE_SELECT'        => $s_sort_key,
1603              'S_ORDER_SELECT'    => $s_sort_dir,
1604              'S_MODE_ACTION'        => $pagination_url)
1605          );
1606  }
1607  
1608  // Output the page
1609  page_header($page_title);
1610  
1611  $template->set_filenames(array(
1612      'body' => $template_html)
1613  );
1614  make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
1615  
1616  page_footer();


Generated: Sun Feb 19 19:47:08 2017 Cross-referenced by PHPXref 0.7.1