[ Index ]

PHP Cross Reference of phpBB-3.3.14-deutsch

title

Body

[close]

/ -> memberlist.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  define('IN_PHPBB', true);
  18  $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
  19  $phpEx = substr(strrchr(__FILE__, '.'), 1);
  20  include($phpbb_root_path . 'common.' . $phpEx);
  21  include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
  22  
  23  $mode = $request->variable('mode', '');
  24  
  25  if ($mode === 'contactadmin')
  26  {
  27      define('SKIP_CHECK_BAN', true);
  28      define('SKIP_CHECK_DISABLED', true);
  29  }
  30  
  31  // Start session management
  32  $user->session_begin();
  33  $auth->acl($user->data);
  34  $user->setup(array('memberlist', 'groups'));
  35  
  36  // Setting a variable to let the style designer know where he is...
  37  $template->assign_var('S_IN_MEMBERLIST', true);
  38  
  39  // Grab data
  40  $action        = $request->variable('action', '');
  41  $user_id    = $request->variable('u', ANONYMOUS);
  42  $username    = $request->variable('un', '', true);
  43  $group_id    = $request->variable('g', 0);
  44  $topic_id    = $request->variable('t', 0);
  45  
  46  // Redirect when old mode is used
  47  if ($mode == 'leaders')
  48  {
  49      send_status_line(301, 'Moved Permanently');
  50      redirect(append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=team'));
  51  }
  52  
  53  // Check our mode...
  54  if (!in_array($mode, array('', 'group', 'viewprofile', 'email', 'contact', 'contactadmin', 'searchuser', 'team', 'livesearch')))
  55  {
  56      trigger_error('NO_MODE');
  57  }
  58  
  59  switch ($mode)
  60  {
  61      case 'email':
  62      case 'contactadmin':
  63      break;
  64  
  65      case 'livesearch':
  66          if (!$config['allow_live_searches'])
  67          {
  68              trigger_error('LIVE_SEARCHES_NOT_ALLOWED');
  69          }
  70          // No break
  71  
  72      default:
  73          // Can this user view profiles/memberlist?
  74          if (!$auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel'))
  75          {
  76              if ($user->data['user_id'] != ANONYMOUS)
  77              {
  78                  send_status_line(403, 'Forbidden');
  79                  trigger_error('NO_VIEW_USERS');
  80              }
  81  
  82              login_box('', ((isset($user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)])) ? $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)] : $user->lang['LOGIN_EXPLAIN_MEMBERLIST']));
  83          }
  84      break;
  85  }
  86  
  87  /** @var \phpbb\group\helper $group_helper */
  88  $group_helper = $phpbb_container->get('group_helper');
  89  
  90  $start    = $request->variable('start', 0);
  91  $submit = (isset($_POST['submit'])) ? true : false;
  92  
  93  $default_key = 'c';
  94  $sort_key = $request->variable('sk', $default_key);
  95  $sort_dir = $request->variable('sd', 'a');
  96  
  97  $user_types = array(USER_NORMAL, USER_FOUNDER);
  98  if ($auth->acl_get('a_user'))
  99  {
 100      $user_types[] = USER_INACTIVE;
 101  }
 102  
 103  // What do you want to do today? ... oops, I think that line is taken ...
 104  switch ($mode)
 105  {
 106      case 'team':
 107          // Display a listing of board admins, moderators
 108          if (!function_exists('user_get_id_name'))
 109          {
 110              include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 111          }
 112  
 113          $page_title = $user->lang['THE_TEAM'];
 114          $template_html = 'memberlist_team.html';
 115  
 116          $sql = 'SELECT *
 117              FROM ' . TEAMPAGE_TABLE . '
 118              ORDER BY teampage_position ASC';
 119          $result = $db->sql_query($sql, 3600);
 120          $teampage_data = $db->sql_fetchrowset($result);
 121          $db->sql_freeresult($result);
 122  
 123          $sql_ary = array(
 124              'SELECT'    => 'g.group_id, g.group_name, g.group_colour, g.group_type, ug.user_id as ug_user_id, t.teampage_id',
 125  
 126              'FROM'        => array(GROUPS_TABLE => 'g'),
 127  
 128              'LEFT_JOIN'    => array(
 129                  array(
 130                      'FROM'    => array(TEAMPAGE_TABLE => 't'),
 131                      'ON'    => 't.group_id = g.group_id',
 132                  ),
 133                  array(
 134                      'FROM'    => array(USER_GROUP_TABLE => 'ug'),
 135                      'ON'    => 'ug.group_id = g.group_id AND ug.user_pending = 0 AND ug.user_id = ' . (int) $user->data['user_id'],
 136                  ),
 137              ),
 138          );
 139  
 140          $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary));
 141  
 142          $group_ids = $groups_ary = array();
 143          while ($row = $db->sql_fetchrow($result))
 144          {
 145              if ($row['group_type'] == GROUP_HIDDEN && !$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $row['ug_user_id'] != $user->data['user_id'])
 146              {
 147                  $row['group_name'] = $user->lang['GROUP_UNDISCLOSED'];
 148                  $row['u_group'] = '';
 149              }
 150              else
 151              {
 152                  $row['group_name'] = $group_helper->get_name($row['group_name']);
 153                  $row['u_group'] = append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;g=' . $row['group_id']);
 154              }
 155  
 156              if ($row['teampage_id'])
 157              {
 158                  // Only put groups into the array we want to display.
 159                  // We are fetching all groups, to ensure we got all data for default groups.
 160                  $group_ids[] = (int) $row['group_id'];
 161              }
 162              $groups_ary[(int) $row['group_id']] = $row;
 163          }
 164          $db->sql_freeresult($result);
 165  
 166          $sql_ary = array(
 167              'SELECT'    => 'u.user_id, u.group_id as default_group, u.username, u.username_clean, u.user_colour, u.user_type, u.user_rank, u.user_posts, u.user_allow_pm, g.group_id',
 168  
 169              'FROM'        => array(
 170                  USER_GROUP_TABLE => 'ug',
 171              ),
 172  
 173              'LEFT_JOIN'    => array(
 174                  array(
 175                      'FROM'    => array(USERS_TABLE => 'u'),
 176                      'ON'    => 'ug.user_id = u.user_id',
 177                  ),
 178                  array(
 179                      'FROM'    => array(GROUPS_TABLE => 'g'),
 180                      'ON'    => 'ug.group_id = g.group_id',
 181                  ),
 182              ),
 183  
 184              'WHERE'        => $db->sql_in_set('g.group_id', $group_ids, false, true) . ' AND ug.user_pending = 0',
 185  
 186              'ORDER_BY'    => 'u.username_clean ASC',
 187          );
 188  
 189          /**
 190           * Modify the query used to get the users for the team page
 191           *
 192           * @event core.memberlist_team_modify_query
 193           * @var array    sql_ary            Array containing the query
 194           * @var array    group_ids        Array of group ids
 195           * @var array    teampage_data    The teampage data
 196           * @since 3.1.3-RC1
 197           */
 198          $vars = array(
 199              'sql_ary',
 200              'group_ids',
 201              'teampage_data',
 202          );
 203          extract($phpbb_dispatcher->trigger_event('core.memberlist_team_modify_query', compact($vars)));
 204  
 205          $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary));
 206  
 207          $user_ary = $user_ids = $group_users = array();
 208          while ($row = $db->sql_fetchrow($result))
 209          {
 210              $row['forums'] = '';
 211              $row['forums_ary'] = array();
 212              $user_ary[(int) $row['user_id']] = $row;
 213              $user_ids[] = (int) $row['user_id'];
 214              $group_users[(int) $row['group_id']][] = (int) $row['user_id'];
 215          }
 216          $db->sql_freeresult($result);
 217  
 218          $user_ids = array_unique($user_ids);
 219  
 220          if (!empty($user_ids) && $config['teampage_forums'])
 221          {
 222              $template->assign_var('S_DISPLAY_MODERATOR_FORUMS', true);
 223              // Get all moderators
 224              $perm_ary = $auth->acl_get_list($user_ids, array('m_'), false);
 225  
 226              foreach ($perm_ary as $forum_id => $forum_ary)
 227              {
 228                  foreach ($forum_ary as $auth_option => $id_ary)
 229                  {
 230                      foreach ($id_ary as $id)
 231                      {
 232                          if (!$forum_id)
 233                          {
 234                              $user_ary[$id]['forums'] = $user->lang['ALL_FORUMS'];
 235                          }
 236                          else
 237                          {
 238                              $user_ary[$id]['forums_ary'][] = $forum_id;
 239                          }
 240                      }
 241                  }
 242              }
 243  
 244              $sql = 'SELECT forum_id, forum_name
 245                  FROM ' . FORUMS_TABLE;
 246              $result = $db->sql_query($sql);
 247  
 248              $forums = array();
 249              while ($row = $db->sql_fetchrow($result))
 250              {
 251                  $forums[$row['forum_id']] = $row['forum_name'];
 252              }
 253              $db->sql_freeresult($result);
 254  
 255              foreach ($user_ary as $user_id => $user_data)
 256              {
 257                  if (!$user_data['forums'])
 258                  {
 259                      foreach ($user_data['forums_ary'] as $forum_id)
 260                      {
 261                          $user_ary[$user_id]['forums_options'] = true;
 262                          if (isset($forums[$forum_id]))
 263                          {
 264                              if ($auth->acl_get('f_list', $forum_id))
 265                              {
 266                                  $user_ary[$user_id]['forums'] .= '<option value="">' . $forums[$forum_id] . '</option>';
 267                              }
 268                          }
 269                      }
 270                  }
 271              }
 272          }
 273  
 274          $parent_team = 0;
 275          foreach ($teampage_data as $team_data)
 276          {
 277              // If this team entry has no group, it's a category
 278              if (!$team_data['group_id'])
 279              {
 280                  $template->assign_block_vars('group', array(
 281                      'GROUP_NAME'  => $team_data['teampage_name'],
 282                  ));
 283  
 284                  $parent_team = (int) $team_data['teampage_id'];
 285                  continue;
 286              }
 287  
 288              $group_data = $groups_ary[(int) $team_data['group_id']];
 289              $group_id = (int) $team_data['group_id'];
 290  
 291              if (!$team_data['teampage_parent'])
 292              {
 293                  // If the group does not have a parent category, we display the groupname as category
 294                  $template->assign_block_vars('group', array(
 295                      'GROUP_NAME'    => $group_data['group_name'],
 296                      'GROUP_COLOR'    => $group_data['group_colour'],
 297                      'U_GROUP'        => $group_data['u_group'],
 298                  ));
 299              }
 300  
 301              // Display group members.
 302              if (!empty($group_users[$group_id]))
 303              {
 304                  foreach ($group_users[$group_id] as $user_id)
 305                  {
 306                      if (isset($user_ary[$user_id]))
 307                      {
 308                          $row = $user_ary[$user_id];
 309                          if ($config['teampage_memberships'] == 1 && ($group_id != $groups_ary[$row['default_group']]['group_id']) && $groups_ary[$row['default_group']]['teampage_id'])
 310                          {
 311                              // Display users in their primary group, instead of the first group, when it is displayed on the teampage.
 312                              continue;
 313                          }
 314  
 315                          $user_rank_data = phpbb_get_user_rank($row, (($row['user_id'] == ANONYMOUS) ? false : $row['user_posts']));
 316  
 317                          $template_vars = array(
 318                              'USER_ID'        => $row['user_id'],
 319                              'FORUMS'        => $row['forums'],
 320                              'FORUM_OPTIONS'    => (isset($row['forums_options'])) ? true : false,
 321                              'RANK_TITLE'    => $user_rank_data['title'],
 322  
 323                              'GROUP_NAME'    => $groups_ary[$row['default_group']]['group_name'],
 324                              'GROUP_COLOR'    => $groups_ary[$row['default_group']]['group_colour'],
 325                              'U_GROUP'        => $groups_ary[$row['default_group']]['u_group'],
 326  
 327                              'RANK_IMG'        => $user_rank_data['img'],
 328                              'RANK_IMG_SRC'    => $user_rank_data['img_src'],
 329  
 330                              'S_INACTIVE'    => $row['user_type'] == USER_INACTIVE,
 331  
 332                              'U_PM'            => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($row['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;u=' . $row['user_id']) : '',
 333  
 334                              'USERNAME_FULL'        => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
 335                              'USERNAME'            => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']),
 336                              'USER_COLOR'        => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']),
 337                              'U_VIEW_PROFILE'    => get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']),
 338                          );
 339  
 340                          /**
 341                           * Modify the template vars for displaying the user in the groups on the teampage
 342                           *
 343                           * @event core.memberlist_team_modify_template_vars
 344                           * @var array    template_vars        Array containing the query
 345                           * @var array    row                    Array containing the action user row
 346                           * @var array    groups_ary            Array of groups with all users that should be displayed
 347                           * @since 3.1.3-RC1
 348                           */
 349                          $vars = array(
 350                              'template_vars',
 351                              'row',
 352                              'groups_ary',
 353                          );
 354                          extract($phpbb_dispatcher->trigger_event('core.memberlist_team_modify_template_vars', compact($vars)));
 355  
 356                          $template->assign_block_vars('group.user', $template_vars);
 357  
 358                          if ($config['teampage_memberships'] != 2)
 359                          {
 360                              unset($user_ary[$user_id]);
 361                          }
 362                      }
 363                  }
 364              }
 365          }
 366  
 367          $template->assign_block_vars('navlinks', array(
 368              'BREADCRUMB_NAME'    => $page_title,
 369              'U_BREADCRUMB'        => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=team"),
 370          ));
 371  
 372          $template->assign_vars(array(
 373              'PM_IMG'        => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']))
 374          );
 375      break;
 376  
 377      case 'contact':
 378  
 379          $page_title = $user->lang['IM_USER'];
 380          $template_html = 'memberlist_im.html';
 381  
 382          if (!$auth->acl_get('u_sendim'))
 383          {
 384              send_status_line(403, 'Forbidden');
 385              trigger_error('NOT_AUTHORISED');
 386          }
 387  
 388          $presence_img = '';
 389          switch ($action)
 390          {
 391              case 'jabber':
 392                  $lang = 'JABBER';
 393                  $sql_field = 'user_jabber';
 394                  $s_select = (@extension_loaded('xml') && $config['jab_enable']) ? 'S_SEND_JABBER' : 'S_NO_SEND_JABBER';
 395                  $s_action = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&amp;action=$action&amp;u=$user_id");
 396              break;
 397  
 398              default:
 399                  trigger_error('NO_MODE', E_USER_ERROR);
 400              break;
 401          }
 402  
 403          // Grab relevant data
 404          $sql = "SELECT user_id, username, user_email, user_lang, $sql_field
 405              FROM " . USERS_TABLE . "
 406              WHERE user_id = $user_id
 407                  AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
 408          $result = $db->sql_query($sql);
 409          $row = $db->sql_fetchrow($result);
 410          $db->sql_freeresult($result);
 411  
 412          if (!$row)
 413          {
 414              trigger_error('NO_USER');
 415          }
 416          else if (empty($row[$sql_field]))
 417          {
 418              trigger_error('IM_NO_DATA');
 419          }
 420  
 421          // Post data grab actions
 422          switch ($action)
 423          {
 424              case 'jabber':
 425                  add_form_key('memberlist_messaging');
 426  
 427                  if ($submit && @extension_loaded('xml') && $config['jab_enable'])
 428                  {
 429                      if (check_form_key('memberlist_messaging'))
 430                      {
 431  
 432                          include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
 433  
 434                          $subject = sprintf($user->lang['IM_JABBER_SUBJECT'], $user->data['username'], $config['server_name']);
 435                          $message = $request->variable('message', '', true);
 436  
 437                          if (empty($message))
 438                          {
 439                              trigger_error('EMPTY_MESSAGE_IM');
 440                          }
 441  
 442                          $messenger = new messenger(false);
 443  
 444                          $messenger->template('profile_send_im', $row['user_lang']);
 445                          $messenger->subject(html_entity_decode($subject, ENT_COMPAT));
 446  
 447                          $messenger->replyto($user->data['user_email']);
 448                          $messenger->set_addresses($row);
 449  
 450                          $messenger->assign_vars(array(
 451                              'BOARD_CONTACT'    => phpbb_get_board_contact($config, $phpEx),
 452                              'FROM_USERNAME'    => html_entity_decode($user->data['username'], ENT_COMPAT),
 453                              'TO_USERNAME'    => html_entity_decode($row['username'], ENT_COMPAT),
 454                              'MESSAGE'        => html_entity_decode($message, ENT_COMPAT))
 455                          );
 456  
 457                          $messenger->send(NOTIFY_IM);
 458  
 459                          $s_select = 'S_SENT_JABBER';
 460                      }
 461                      else
 462                      {
 463                          trigger_error('FORM_INVALID');
 464                      }
 465                  }
 466              break;
 467          }
 468  
 469          $template->assign_block_vars('navlinks', array(
 470              'BREADCRUMB_NAME'    => $page_title,
 471              'U_BREADCRUMB'        => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&amp;action=$action&amp;u=$user_id"),
 472          ));
 473  
 474          // Send vars to the template
 475          $template->assign_vars(array(
 476              'IM_CONTACT'    => $row[$sql_field],
 477              'A_IM_CONTACT'    => addslashes($row[$sql_field]),
 478  
 479              'USERNAME'        => $row['username'],
 480              'CONTACT_NAME'    => $row[$sql_field],
 481              'SITENAME'        => $config['sitename'],
 482  
 483              'PRESENCE_IMG'        => $presence_img,
 484  
 485              'L_SEND_IM_EXPLAIN'    => $user->lang['IM_' . $lang],
 486              'L_IM_SENT_JABBER'    => sprintf($user->lang['IM_SENT_JABBER'], $row['username']),
 487  
 488              $s_select            => true,
 489              'S_IM_ACTION'        => $s_action)
 490          );
 491  
 492      break;
 493  
 494      case 'viewprofile':
 495          // Display a profile
 496          if ($user_id == ANONYMOUS && !$username)
 497          {
 498              trigger_error('NO_USER');
 499          }
 500  
 501          // Get user...
 502          $sql_array = array(
 503              'SELECT'    => 'u.*',
 504              'FROM'        => array(
 505                  USERS_TABLE        => 'u'
 506              ),
 507              'WHERE'        => (($username) ? "u.username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'" : "u.user_id = $user_id"),
 508          );
 509  
 510          /**
 511           * Modify user data SQL before member profile row is created
 512           *
 513           * @event core.memberlist_modify_viewprofile_sql
 514           * @var int        user_id                The user ID
 515           * @var string    username            The username
 516           * @var array    sql_array            Array containing the main query
 517           * @since 3.2.6-RC1
 518           */
 519          $vars = array(
 520              'user_id',
 521              'username',
 522              'sql_array',
 523          );
 524          extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_viewprofile_sql', compact($vars)));
 525  
 526          $sql = $db->sql_build_query('SELECT', $sql_array);
 527          $result = $db->sql_query($sql);
 528          $member = $db->sql_fetchrow($result);
 529          $db->sql_freeresult($result);
 530  
 531          if (!$member)
 532          {
 533              trigger_error('NO_USER');
 534          }
 535  
 536          // a_user admins and founder are able to view inactive users and bots to be able to manage them more easily
 537          // Normal users are able to see at least users having only changed their profile settings but not yet reactivated.
 538          if (!$auth->acl_get('a_user') && $user->data['user_type'] != USER_FOUNDER)
 539          {
 540              if ($member['user_type'] == USER_IGNORE)
 541              {
 542                  trigger_error('NO_USER');
 543              }
 544              else if ($member['user_type'] == USER_INACTIVE && $member['user_inactive_reason'] != INACTIVE_PROFILE)
 545              {
 546                  trigger_error('NO_USER');
 547              }
 548          }
 549  
 550          $user_id = (int) $member['user_id'];
 551  
 552          // Get group memberships
 553          // Also get visiting user's groups to determine hidden group memberships if necessary.
 554          $auth_hidden_groups = ($user_id === (int) $user->data['user_id'] || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? true : false;
 555          $sql_uid_ary = ($auth_hidden_groups) ? array($user_id) : array($user_id, (int) $user->data['user_id']);
 556  
 557          // Do the SQL thang
 558          $sql_ary = [
 559              'SELECT'    => 'g.group_id, g.group_name, g.group_type, ug.user_id',
 560  
 561              'FROM'        => [
 562                  GROUPS_TABLE => 'g',
 563              ],
 564  
 565              'LEFT_JOIN' => [
 566                  [
 567                      'FROM' => [USER_GROUP_TABLE => 'ug'],
 568                      'ON'   => 'g.group_id = ug.group_id',
 569                  ],
 570              ],
 571  
 572              'WHERE'        => $db->sql_in_set('ug.user_id', $sql_uid_ary) . '
 573                  AND ug.user_pending = 0',
 574          ];
 575  
 576          /**
 577          * Modify the query used to get the group data
 578          *
 579          * @event core.modify_memberlist_viewprofile_group_sql
 580          * @var array    sql_ary            Array containing the query
 581          * @since 3.2.6-RC1
 582          */
 583          $vars = array(
 584              'sql_ary',
 585          );
 586          extract($phpbb_dispatcher->trigger_event('core.modify_memberlist_viewprofile_group_sql', compact($vars)));
 587  
 588          $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary));
 589  
 590          // Divide data into profile data and current user data
 591          $profile_groups = $user_groups = array();
 592          while ($row = $db->sql_fetchrow($result))
 593          {
 594              $row['user_id'] = (int) $row['user_id'];
 595              $row['group_id'] = (int) $row['group_id'];
 596  
 597              if ($row['user_id'] == $user_id)
 598              {
 599                  $profile_groups[] = $row;
 600              }
 601              else
 602              {
 603                  $user_groups[$row['group_id']] = $row['group_id'];
 604              }
 605          }
 606          $db->sql_freeresult($result);
 607  
 608          // Filter out hidden groups and sort groups by name
 609          $group_data = $group_sort = array();
 610          foreach ($profile_groups as $row)
 611          {
 612              if (!$auth_hidden_groups && $row['group_type'] == GROUP_HIDDEN && !isset($user_groups[$row['group_id']]))
 613              {
 614                  // Skip over hidden groups the user cannot see
 615                  continue;
 616              }
 617  
 618              $row['group_name'] = $group_helper->get_name($row['group_name']);
 619  
 620              $group_sort[$row['group_id']] = utf8_clean_string($row['group_name']);
 621              $group_data[$row['group_id']] = $row;
 622          }
 623          unset($profile_groups);
 624          unset($user_groups);
 625          asort($group_sort);
 626  
 627          /**
 628          * Modify group data before options is created and data is unset
 629          *
 630          * @event core.modify_memberlist_viewprofile_group_data
 631          * @var array    group_data            Array containing the group data
 632          * @var array    group_sort            Array containing the sorted group data
 633          * @since 3.2.6-RC1
 634          */
 635          $vars = array(
 636              'group_data',
 637              'group_sort',
 638          );
 639          extract($phpbb_dispatcher->trigger_event('core.modify_memberlist_viewprofile_group_data', compact($vars)));
 640  
 641          $group_options = '';
 642          foreach ($group_sort as $group_id => $null)
 643          {
 644              $row = $group_data[$group_id];
 645  
 646              $group_options .= '<option value="' . $row['group_id'] . '"' . (($row['group_id'] == $member['group_id']) ? ' selected="selected"' : '') . '>' . $row['group_name'] . '</option>';
 647          }
 648          unset($group_data);
 649          unset($group_sort);
 650  
 651          // What colour is the zebra
 652          $sql = 'SELECT friend, foe
 653              FROM ' . ZEBRA_TABLE . "
 654              WHERE zebra_id = $user_id
 655                  AND user_id = {$user->data['user_id']}";
 656          $result = $db->sql_query($sql);
 657          $row = $db->sql_fetchrow($result);
 658  
 659          $foe = $row ? (bool) $row['foe'] : false;
 660          $friend = $row ? (bool) $row['friend'] : false;
 661  
 662          $db->sql_freeresult($result);
 663  
 664          if ($config['load_onlinetrack'])
 665          {
 666              $sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
 667                  FROM ' . SESSIONS_TABLE . "
 668                  WHERE session_user_id = $user_id";
 669              $result = $db->sql_query($sql);
 670              $row = $db->sql_fetchrow($result);
 671              $db->sql_freeresult($result);
 672  
 673              $member['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0;
 674              $member['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] : 0;
 675              unset($row);
 676          }
 677  
 678          if ($config['load_user_activity'])
 679          {
 680              display_user_activity($member);
 681          }
 682  
 683          // Do the relevant calculations
 684          $memberdays = max(1, round((time() - $member['user_regdate']) / 86400));
 685          $posts_per_day = $member['user_posts'] / $memberdays;
 686          $percentage = ($config['num_posts']) ? min(100, ($member['user_posts'] / $config['num_posts']) * 100) : 0;
 687  
 688  
 689          if ($member['user_sig'])
 690          {
 691              $parse_flags = ($member['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
 692              $member['user_sig'] = generate_text_for_display($member['user_sig'], $member['user_sig_bbcode_uid'], $member['user_sig_bbcode_bitfield'], $parse_flags, true);
 693          }
 694  
 695          // We need to check if the modules 'zebra' ('friends' & 'foes' mode),  'notes' ('user_notes' mode) and  'warn' ('warn_user' mode) are accessible to decide if we can display appropriate links
 696          $zebra_enabled = $friends_enabled = $foes_enabled = $user_notes_enabled = $warn_user_enabled = false;
 697  
 698          // Only check if the user is logged in
 699          if ($user->data['is_registered'])
 700          {
 701              if (!class_exists('p_master'))
 702              {
 703                  include($phpbb_root_path . 'includes/functions_module.' . $phpEx);
 704              }
 705              $module = new p_master();
 706  
 707              $module->list_modules('ucp');
 708              $module->list_modules('mcp');
 709  
 710              $user_notes_enabled = ($module->loaded('mcp_notes', 'user_notes')) ? true : false;
 711              $warn_user_enabled = ($module->loaded('mcp_warn', 'warn_user')) ? true : false;
 712              $zebra_enabled = ($module->loaded('ucp_zebra')) ? true : false;
 713              $friends_enabled = ($module->loaded('ucp_zebra', 'friends')) ? true : false;
 714              $foes_enabled = ($module->loaded('ucp_zebra', 'foes')) ? true : false;
 715  
 716              unset($module);
 717          }
 718  
 719          // Custom Profile Fields
 720          $profile_fields = array();
 721          if ($config['load_cpf_viewprofile'])
 722          {
 723              /* @var $cp \phpbb\profilefields\manager */
 724              $cp = $phpbb_container->get('profilefields.manager');
 725              $profile_fields = $cp->grab_profile_fields_data($user_id);
 726              $profile_fields = (isset($profile_fields[$user_id])) ? $cp->generate_profile_fields_template_data($profile_fields[$user_id]) : array();
 727          }
 728  
 729          /**
 730          * Modify user data before we display the profile
 731          *
 732          * @event core.memberlist_view_profile
 733          * @var    array    member                    Array with user's data
 734          * @var    bool    user_notes_enabled        Is the mcp user notes module enabled?
 735          * @var    bool    warn_user_enabled        Is the mcp warnings module enabled?
 736          * @var    bool    zebra_enabled            Is the ucp zebra module enabled?
 737          * @var    bool    friends_enabled            Is the ucp friends module enabled?
 738          * @var    bool    foes_enabled            Is the ucp foes module enabled?
 739          * @var    bool    friend                    Is the user friend?
 740          * @var    bool    foe                        Is the user foe?
 741          * @var    array    profile_fields            Array with user's profile field data
 742          * @since 3.1.0-a1
 743          * @changed 3.1.0-b2 Added friend and foe status
 744          * @changed 3.1.0-b3 Added profile fields data
 745          */
 746          $vars = array(
 747              'member',
 748              'user_notes_enabled',
 749              'warn_user_enabled',
 750              'zebra_enabled',
 751              'friends_enabled',
 752              'foes_enabled',
 753              'friend',
 754              'foe',
 755              'profile_fields',
 756          );
 757          extract($phpbb_dispatcher->trigger_event('core.memberlist_view_profile', compact($vars)));
 758  
 759          $template->assign_vars(phpbb_show_profile($member, $user_notes_enabled, $warn_user_enabled));
 760  
 761          // If the user has m_approve permission or a_user permission, then list then display unapproved posts
 762          if ($auth->acl_getf_global('m_approve') || $auth->acl_get('a_user'))
 763          {
 764              $sql = 'SELECT COUNT(post_id) as posts_in_queue
 765                  FROM ' . POSTS_TABLE . '
 766                  WHERE poster_id = ' . $user_id . '
 767                      AND ' . $db->sql_in_set('post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE));
 768              $result = $db->sql_query($sql);
 769              $member['posts_in_queue'] = (int) $db->sql_fetchfield('posts_in_queue');
 770              $db->sql_freeresult($result);
 771          }
 772          else
 773          {
 774              $member['posts_in_queue'] = 0;
 775          }
 776  
 777          // Define the main array of vars to assign to memberlist_view.html
 778          $template_ary = array(
 779              'L_POSTS_IN_QUEUE'            => $user->lang('NUM_POSTS_IN_QUEUE', $member['posts_in_queue']),
 780  
 781              'POSTS_DAY'                    => $user->lang('POST_DAY', $posts_per_day),
 782              'POSTS_PCT'                    => $user->lang('POST_PCT', $percentage),
 783  
 784              'SIGNATURE'                    => $member['user_sig'],
 785              'POSTS_IN_QUEUE'            => $member['posts_in_queue'],
 786  
 787              'PM_IMG'                    => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']),
 788              'L_SEND_EMAIL_USER'            => $user->lang('SEND_EMAIL_USER', $member['username']),
 789              'EMAIL_IMG'                    => $user->img('icon_contact_email', $user->lang['EMAIL']),
 790              'JABBER_IMG'                => $user->img('icon_contact_jabber', $user->lang['JABBER']),
 791              'SEARCH_IMG'                => $user->img('icon_user_search', $user->lang['SEARCH']),
 792  
 793              'S_PROFILE_ACTION'            => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group'),
 794              'S_GROUP_OPTIONS'            => $group_options,
 795              'S_CUSTOM_FIELDS'            => (isset($profile_fields['row']) && count($profile_fields['row'])) ? true : false,
 796  
 797              'U_USER_ADMIN'                => ($auth->acl_get('a_user')) ? append_sid("{$phpbb_admin_path}index.$phpEx", 'i=users&amp;mode=overview&amp;u=' . $user_id, true, $user->session_id) : '',
 798              'U_USER_BAN'                => ($auth->acl_get('m_ban') && $user_id != $user->data['user_id']) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=ban&amp;mode=user&amp;u=' . $user_id, true, $user->session_id) : '',
 799              'U_MCP_QUEUE'                => ($auth->acl_getf_global('m_approve')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue', true, $user->session_id) : '',
 800  
 801              'U_SWITCH_PERMISSIONS'        => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_id) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&amp;u={$user_id}&amp;hash=" . generate_link_hash('switchperm')) : '',
 802              'U_EDIT_SELF'                => ($user_id == $user->data['user_id'] && $auth->acl_get('u_chgprofileinfo')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_profile&amp;mode=profile_info') : '',
 803  
 804              'S_USER_NOTES'                => ($user_notes_enabled) ? true : false,
 805              'S_WARN_USER'                => ($warn_user_enabled) ? true : false,
 806              'S_ZEBRA'                    => ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false,
 807              'U_ADD_FRIEND'                => (!$friend && !$foe && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;add=' . urlencode(html_entity_decode($member['username'], ENT_COMPAT))) : '',
 808              'U_ADD_FOE'                    => (!$friend && !$foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;mode=foes&amp;add=' . urlencode(html_entity_decode($member['username'], ENT_COMPAT))) : '',
 809              'U_REMOVE_FRIEND'            => ($friend && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;usernames[]=' . $user_id) : '',
 810              'U_REMOVE_FOE'                => ($foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;mode=foes&amp;usernames[]=' . $user_id) : '',
 811  
 812              'U_CANONICAL'                => generate_board_url() . '/' . append_sid("memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $user_id, true, ''),
 813          );
 814  
 815          /**
 816          * Modify user's template vars before we display the profile
 817          *
 818          * @event core.memberlist_modify_view_profile_template_vars
 819          * @var    array    template_ary    Array with user's template vars
 820          * @since 3.2.6-RC1
 821          */
 822          $vars = array(
 823              'template_ary',
 824          );
 825          extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_view_profile_template_vars', compact($vars)));
 826  
 827          // Assign vars to memberlist_view.html
 828          $template->assign_vars($template_ary);
 829  
 830          if (!empty($profile_fields['row']))
 831          {
 832              $template->assign_vars($profile_fields['row']);
 833          }
 834  
 835          if (!empty($profile_fields['blockrow']))
 836          {
 837              foreach ($profile_fields['blockrow'] as $field_data)
 838              {
 839                  $template->assign_block_vars('custom_fields', $field_data);
 840              }
 841          }
 842  
 843          // Inactive reason/account?
 844          if ($member['user_type'] == USER_INACTIVE)
 845          {
 846              $user->add_lang('acp/common');
 847  
 848              $inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
 849  
 850              switch ($member['user_inactive_reason'])
 851              {
 852                  case INACTIVE_REGISTER:
 853                      $inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
 854                  break;
 855  
 856                  case INACTIVE_PROFILE:
 857                      $inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
 858                  break;
 859  
 860                  case INACTIVE_MANUAL:
 861                      $inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
 862                  break;
 863  
 864                  case INACTIVE_REMIND:
 865                      $inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
 866                  break;
 867              }
 868  
 869              $template->assign_vars(array(
 870                  'S_USER_INACTIVE'        => true,
 871                  'USER_INACTIVE_REASON'    => $inactive_reason)
 872              );
 873          }
 874  
 875          // Now generate page title
 876          $page_title = sprintf($user->lang['VIEWING_PROFILE'], $member['username']);
 877          $template_html = 'memberlist_view.html';
 878  
 879          $template->assign_block_vars('navlinks', array(
 880              'BREADCRUMB_NAME'    => $user->lang('MEMBERLIST'),
 881              'U_BREADCRUMB'        => append_sid("{$phpbb_root_path}memberlist.$phpEx"),
 882          ));
 883          $template->assign_block_vars('navlinks', array(
 884              'BREADCRUMB_NAME'    => $member['username'],
 885              'U_BREADCRUMB'        => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=viewprofile&u=$user_id"),
 886          ));
 887  
 888      break;
 889  
 890      case 'contactadmin':
 891      case 'email':
 892          if (!class_exists('messenger'))
 893          {
 894              include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
 895          }
 896  
 897          $user_id    = $request->variable('u', 0);
 898          $topic_id    = $request->variable('t', 0);
 899  
 900          if ($user_id)
 901          {
 902              $form_name = 'user';
 903          }
 904          else if ($topic_id)
 905          {
 906              $form_name = 'topic';
 907          }
 908          else if ($mode === 'contactadmin')
 909          {
 910              $form_name = 'admin';
 911          }
 912          else
 913          {
 914              trigger_error('NO_EMAIL');
 915          }
 916  
 917          /** @var $form \phpbb\message\form */
 918          $form = $phpbb_container->get('message.form.' . $form_name);
 919  
 920          $form->bind($request);
 921          $error = $form->check_allow();
 922          if ($error)
 923          {
 924              trigger_error($error);
 925          }
 926  
 927          if ($request->is_set_post('submit'))
 928          {
 929              $messenger = new messenger(false);
 930              $form->submit($messenger);
 931          }
 932  
 933          $page_title = $form->get_page_title();
 934          $template_html = $form->get_template_file();
 935          $form->render($template);
 936  
 937          if ($user_id)
 938          {
 939              $navlink_name = $user->lang('SEND_EMAIL');
 940              $navlink_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=email&u=$user_id");
 941          }
 942          else if ($topic_id)
 943          {
 944              // Generate the navlinks based on the selected topic
 945              $navlinks_sql_array = [
 946                  'SELECT'    => 'f.parent_id, f.forum_parents, f.left_id, f.right_id, f.forum_type, f.forum_name, 
 947                      f.forum_id, f.forum_desc, f.forum_desc_uid, f.forum_desc_bitfield, f.forum_desc_options, 
 948                      f.forum_options, t.topic_title',
 949                  'FROM'      => [
 950                      FORUMS_TABLE  => 'f',
 951                      TOPICS_TABLE  => 't',
 952                  ],
 953                  'WHERE'     => 't.forum_id = f.forum_id AND t.topic_id = ' . (int) $topic_id,
 954              ];
 955  
 956              $sql = $db->sql_build_query('SELECT', $navlinks_sql_array);
 957              $result = $db->sql_query($sql);
 958              $topic_data = $db->sql_fetchrow($result);
 959              $db->sql_freeresult($result);
 960  
 961              generate_forum_nav($topic_data);
 962              $template->assign_block_vars('navlinks', array(
 963                  'BREADCRUMB_NAME'    => $topic_data['topic_title'],
 964                  'U_BREADCRUMB'        => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t=$topic_id"),
 965              ));
 966  
 967              $navlink_name = $user->lang('EMAIL_TOPIC');
 968              $navlink_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=email&t=$topic_id");
 969          }
 970          else if ($mode === 'contactadmin')
 971          {
 972              $navlink_name = $user->lang('CONTACT_ADMIN');
 973              $navlink_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contactadmin");
 974          }
 975  
 976          $template->assign_block_vars('navlinks', array(
 977              'BREADCRUMB_NAME'    => $navlink_name,
 978              'U_BREADCRUMB'        => $navlink_url,
 979          ));
 980  
 981      break;
 982  
 983      case 'livesearch':
 984  
 985          $username_chars = $request->variable('username', '', true);
 986  
 987          $sql = 'SELECT username, user_id, user_colour
 988              FROM ' . USERS_TABLE . '
 989              WHERE ' . $db->sql_in_set('user_type', $user_types) . '
 990                  AND username_clean ' . $db->sql_like_expression(utf8_clean_string($username_chars) . $db->get_any_char());
 991          $result = $db->sql_query_limit($sql, 10);
 992  
 993          $user_list = [];
 994  
 995          while ($row = $db->sql_fetchrow($result))
 996          {
 997              $user_list[] = [
 998                  'user_id'        => (int) $row['user_id'],
 999                  'result'        => html_entity_decode($row['username']),
1000                  'username_full'    => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
1001                  'display'        => get_username_string('no_profile', $row['user_id'], $row['username'], $row['user_colour']),
1002              ];
1003          }
1004          $db->sql_freeresult($result);
1005  
1006          $json_response = new \phpbb\json_response();
1007  
1008          $json_response->send([
1009              'keyword' => $username_chars,
1010              'results' => $user_list,
1011          ]);
1012  
1013      break;
1014  
1015      case 'group':
1016      default:
1017          // The basic memberlist
1018          $page_title = $user->lang['MEMBERLIST'];
1019          $template_html = 'memberlist_body.html';
1020  
1021          $template->assign_block_vars('navlinks', array(
1022              'BREADCRUMB_NAME'    => $page_title,
1023              'U_BREADCRUMB'        => append_sid("{$phpbb_root_path}memberlist.$phpEx"),
1024          ));
1025  
1026          /* @var $pagination \phpbb\pagination */
1027          $pagination = $phpbb_container->get('pagination');
1028  
1029          // Sorting
1030          $sort_key_text = array('a' => $user->lang['SORT_USERNAME'], 'c' => $user->lang['SORT_JOINED'], 'd' => $user->lang['SORT_POST_COUNT']);
1031          $sort_key_sql = array('a' => 'u.username_clean', 'c' => 'u.user_regdate', 'd' => 'u.user_posts');
1032  
1033          if ($config['jab_enable'] && $auth->acl_get('u_sendim'))
1034          {
1035              $sort_key_text['k'] = $user->lang['JABBER'];
1036              $sort_key_sql['k'] = 'u.user_jabber';
1037          }
1038  
1039          if ($auth->acl_get('a_user'))
1040          {
1041              $sort_key_text['e'] = $user->lang['SORT_EMAIL'];
1042              $sort_key_sql['e'] = 'u.user_email';
1043          }
1044  
1045          if ($auth->acl_get('u_viewonline'))
1046          {
1047              $sort_key_text['l'] = $user->lang['SORT_LAST_ACTIVE'];
1048              $sort_key_sql['l'] = 'u.user_last_active';
1049          }
1050  
1051          $sort_key_text['m'] = $user->lang['SORT_RANK'];
1052          $sort_key_sql['m'] = 'u.user_rank';
1053  
1054          $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
1055  
1056          $s_sort_key = '';
1057          foreach ($sort_key_text as $key => $value)
1058          {
1059              $selected = ($sort_key == $key) ? ' selected="selected"' : '';
1060              $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1061          }
1062  
1063          $s_sort_dir = '';
1064          foreach ($sort_dir_text as $key => $value)
1065          {
1066              $selected = ($sort_dir == $key) ? ' selected="selected"' : '';
1067              $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1068          }
1069  
1070          // Additional sorting options for user search ... if search is enabled, if not
1071          // then only admins can make use of this (for ACP functionality)
1072          $sql_select = $sql_where_data = $sql_from = $sql_where = $order_by = '';
1073  
1074  
1075          $form            = $request->variable('form', '');
1076          $field            = $request->variable('field', '');
1077          $select_single     = $request->variable('select_single', false);
1078  
1079          // Search URL parameters, if any of these are in the URL we do a search
1080          $search_params = array('username', 'email', 'jabber', 'search_group_id', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'ip');
1081  
1082          // We validate form and field here, only id/class allowed
1083          $form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form;
1084          $field = (!preg_match('/^[a-z0-9_-]+$/i', $field)) ? '' : $field;
1085          if ((($mode == '' || $mode == 'searchuser') || count(array_intersect($request->variable_names(\phpbb\request\request_interface::GET), $search_params)) > 0) && ($config['load_search'] || $auth->acl_get('a_')))
1086          {
1087              $username    = $request->variable('username', '', true);
1088              $email        = strtolower($request->variable('email', ''));
1089              $jabber        = $request->variable('jabber', '');
1090              $search_group_id    = $request->variable('search_group_id', 0);
1091  
1092              // when using these, make sure that we actually have values defined in $find_key_match
1093              $joined_select    = $request->variable('joined_select', 'lt');
1094              $active_select    = $request->variable('active_select', 'lt');
1095              $count_select    = $request->variable('count_select', 'eq');
1096  
1097              $joined            = explode('-', $request->variable('joined', ''));
1098              $active            = explode('-', $request->variable('active', ''));
1099              $count            = ($request->variable('count', '') !== '') ? $request->variable('count', 0) : '';
1100              $ipdomain        = $request->variable('ip', '');
1101  
1102              $find_key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
1103  
1104              $find_count = array('lt' => $user->lang['LESS_THAN'], 'eq' => $user->lang['EQUAL_TO'], 'gt' => $user->lang['MORE_THAN']);
1105              $s_find_count = '';
1106              foreach ($find_count as $key => $value)
1107              {
1108                  $selected = ($count_select == $key) ? ' selected="selected"' : '';
1109                  $s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1110              }
1111  
1112              $find_time = array('lt' => $user->lang['BEFORE'], 'gt' => $user->lang['AFTER']);
1113              $s_find_join_time = '';
1114              foreach ($find_time as $key => $value)
1115              {
1116                  $selected = ($joined_select == $key) ? ' selected="selected"' : '';
1117                  $s_find_join_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1118              }
1119  
1120              $s_find_active_time = '';
1121              foreach ($find_time as $key => $value)
1122              {
1123                  $selected = ($active_select == $key) ? ' selected="selected"' : '';
1124                  $s_find_active_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1125              }
1126  
1127              $sql_where .= ($username) ? ' AND u.username_clean ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), utf8_clean_string($username))) : '';
1128              $sql_where .= ($auth->acl_get('a_user') && $email) ? ' AND u.user_email ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), $email)) . ' ' : '';
1129              $sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->get_any_char(), $jabber)) . ' ' : '';
1130              $sql_where .= (is_numeric($count) && isset($find_key_match[$count_select])) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : '';
1131  
1132              if (isset($find_key_match[$joined_select]) && count($joined) == 3)
1133              {
1134                  $joined_time = gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]);
1135  
1136                  if ($joined_time !== false)
1137                  {
1138                      $sql_where .= " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . $joined_time;
1139                  }
1140              }
1141  
1142              if (isset($find_key_match[$active_select]) && count($active) == 3 && $auth->acl_get('u_viewonline'))
1143              {
1144                  $active_time = gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]);
1145  
1146                  if ($active_time !== false)
1147                  {
1148                      if ($active_select === 'lt' && (int) $active[0] == 0 && (int) $active[1] == 0 && (int) $active[2] == 0)
1149                      {
1150                          $sql_where .= ' AND u.user_last_active = 0';
1151                      }
1152                      else if ($active_select === 'gt')
1153                      {
1154                          $sql_where .= ' AND u.user_last_active ' . $find_key_match[$active_select] . ' ' . $active_time;
1155                      }
1156                      else
1157                      {
1158                          $sql_where .= ' AND (u.user_last_active > 0 AND u.user_last_active < ' . $active_time . ')';
1159                      }
1160                  }
1161              }
1162  
1163              $sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : '';
1164  
1165              if ($search_group_id)
1166              {
1167                  $sql_from = ', ' . USER_GROUP_TABLE . ' ug ';
1168              }
1169  
1170              if ($ipdomain && $auth->acl_getf_global('m_info'))
1171              {
1172                  if (strspn($ipdomain, 'abcdefghijklmnopqrstuvwxyz'))
1173                  {
1174                      $hostnames = gethostbynamel($ipdomain);
1175  
1176                      if ($hostnames !== false)
1177                      {
1178                          $ips = "'" . implode('\', \'', array_map(array($db, 'sql_escape'), preg_replace('#([0-9]{1,3}\.[0-9]{1,3}[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#', "\\1", gethostbynamel($ipdomain)))) . "'";
1179                      }
1180                      else
1181                      {
1182                          $ips = false;
1183                      }
1184                  }
1185                  else
1186                  {
1187                      $ips = "'" . str_replace('*', '%', $db->sql_escape($ipdomain)) . "'";
1188                  }
1189  
1190                  if ($ips === false)
1191                  {
1192                      // A minor fudge but it does the job :D
1193                      $sql_where .= " AND u.user_id = 0";
1194                  }
1195                  else
1196                  {
1197                      $ip_forums = array_keys($auth->acl_getf('m_info', true));
1198  
1199                      $sql = 'SELECT DISTINCT poster_id
1200                          FROM ' . POSTS_TABLE . '
1201                          WHERE poster_ip ' . ((strpos($ips, '%') !== false) ? 'LIKE' : 'IN') . " ($ips)
1202                              AND " . $db->sql_in_set('forum_id', $ip_forums);
1203  
1204                      /**
1205                      * Modify sql query for members search by ip address / hostname
1206                      *
1207                      * @event core.memberlist_modify_ip_search_sql_query
1208                      * @var    string    ipdomain    The host name
1209                      * @var    string    ips            IP address list for the given host name
1210                      * @var    string    sql            The SQL query for searching members by IP address
1211                      * @since 3.1.7-RC1
1212                      */
1213                      $vars = array(
1214                          'ipdomain',
1215                          'ips',
1216                          'sql',
1217                      );
1218                      extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_ip_search_sql_query', compact($vars)));
1219  
1220                      $result = $db->sql_query($sql);
1221  
1222                      if ($row = $db->sql_fetchrow($result))
1223                      {
1224                          $ip_sql = array();
1225                          do
1226                          {
1227                              $ip_sql[] = $row['poster_id'];
1228                          }
1229                          while ($row = $db->sql_fetchrow($result));
1230  
1231                          $sql_where .= ' AND ' . $db->sql_in_set('u.user_id', $ip_sql);
1232                      }
1233                      else
1234                      {
1235                          // A minor fudge but it does the job :D
1236                          $sql_where .= " AND u.user_id = 0";
1237                      }
1238                      unset($ip_forums);
1239  
1240                      $db->sql_freeresult($result);
1241                  }
1242              }
1243          }
1244  
1245          $first_char = $request->variable('first_char', '');
1246  
1247          if ($first_char == 'other')
1248          {
1249              for ($i = 97; $i < 123; $i++)
1250              {
1251                  $sql_where .= ' AND u.username_clean NOT ' . $db->sql_like_expression(chr($i) . $db->get_any_char());
1252              }
1253          }
1254          else if ($first_char)
1255          {
1256              $sql_where .= ' AND u.username_clean ' . $db->sql_like_expression(substr($first_char, 0, 1) . $db->get_any_char());
1257          }
1258  
1259          // Are we looking at a usergroup? If so, fetch additional info
1260          // and further restrict the user info query
1261          if ($mode == 'group')
1262          {
1263              // We JOIN here to save a query for determining membership for hidden groups. ;)
1264              $sql = 'SELECT g.*, ug.user_id, ug.group_leader
1265                  FROM ' . GROUPS_TABLE . ' g
1266                  LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (ug.user_pending = 0 AND ug.user_id = ' . $user->data['user_id'] . " AND ug.group_id = $group_id)
1267                  WHERE g.group_id = $group_id";
1268              $result = $db->sql_query($sql);
1269              $group_row = $db->sql_fetchrow($result);
1270              $db->sql_freeresult($result);
1271  
1272              if (!$group_row)
1273              {
1274                  trigger_error('NO_GROUP');
1275              }
1276  
1277              switch ($group_row['group_type'])
1278              {
1279                  case GROUP_OPEN:
1280                      $group_row['l_group_type'] = 'OPEN';
1281                  break;
1282  
1283                  case GROUP_CLOSED:
1284                      $group_row['l_group_type'] = 'CLOSED';
1285                  break;
1286  
1287                  case GROUP_HIDDEN:
1288                      $group_row['l_group_type'] = 'HIDDEN';
1289  
1290                      // Check for membership or special permissions
1291                      if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $group_row['user_id'] != $user->data['user_id'])
1292                      {
1293                          trigger_error('NO_GROUP');
1294                      }
1295                  break;
1296  
1297                  case GROUP_SPECIAL:
1298                      $group_row['l_group_type'] = 'SPECIAL';
1299                  break;
1300  
1301                  case GROUP_FREE:
1302                      $group_row['l_group_type'] = 'FREE';
1303                  break;
1304              }
1305  
1306              $avatar_img = phpbb_get_group_avatar($group_row);
1307  
1308              // ... same for group rank
1309              $group_rank_data = array(
1310                  'title'        => null,
1311                  'img'        => null,
1312                  'img_src'    => null,
1313              );
1314              if ($group_row['group_rank'])
1315              {
1316                  $group_rank_data = $group_helper->get_rank($group_row);
1317  
1318                  if ($group_rank_data['img'])
1319                  {
1320                      $group_rank_data['img'] .= '<br />';
1321                  }
1322              }
1323              // include modules for manage groups link display or not
1324              // need to ensure the module is active
1325              $can_manage_group = false;
1326              if ($user->data['is_registered'] && $group_row['group_leader'])
1327              {
1328                  if (!class_exists('p_master'))
1329                  {
1330                      include($phpbb_root_path . 'includes/functions_module.' . $phpEx);
1331                  }
1332                  $module = new p_master;
1333                  $module->list_modules('ucp');
1334  
1335                  if ($module->is_active('ucp_groups', 'manage'))
1336                  {
1337                      $can_manage_group = true;
1338                  }
1339                  unset($module);
1340              }
1341  
1342              $template->assign_block_vars('navlinks', array(
1343                  'BREADCRUMB_NAME'    => $group_helper->get_name($group_row['group_name']),
1344                  'U_BREADCRUMB'        => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=group&amp;g=$group_id"),
1345              ));
1346  
1347              $template->assign_vars(array(
1348                  'GROUP_DESC'    => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']),
1349                  'GROUP_NAME'    => $group_helper->get_name($group_row['group_name']),
1350                  'GROUP_COLOR'    => $group_row['group_colour'],
1351                  'GROUP_TYPE'    => $user->lang['GROUP_IS_' . $group_row['l_group_type']],
1352                  'GROUP_RANK'    => $group_rank_data['title'],
1353  
1354                  'AVATAR_IMG'    => $avatar_img,
1355                  'RANK_IMG'        => $group_rank_data['img'],
1356                  'RANK_IMG_SRC'    => $group_rank_data['img_src'],
1357  
1358                  'U_PM'            => ($auth->acl_get('u_sendpm') && $auth->acl_get('u_masspm_group') && $group_row['group_receive_pm'] && $config['allow_privmsg'] && $config['allow_mass_pm']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;g=' . $group_id) : '',
1359                  'U_MANAGE'        => ($can_manage_group) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=ucp_groups&amp;mode=manage') : false,)
1360              );
1361  
1362              $sql_select = ', ug.group_leader';
1363              $sql_from = ', ' . USER_GROUP_TABLE . ' ug ';
1364              $order_by = 'ug.group_leader DESC, ';
1365  
1366              $sql_where .= " AND ug.user_pending = 0 AND u.user_id = ug.user_id AND ug.group_id = $group_id";
1367              $sql_where_data = " AND u.user_id = ug.user_id AND ug.group_id = $group_id";
1368          }
1369  
1370          // Sorting and order
1371          if (!isset($sort_key_sql[$sort_key]))
1372          {
1373              $sort_key = $default_key;
1374          }
1375  
1376          $order_by .= $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
1377  
1378          // Unfortunately we must do this here for sorting by rank, else the sort order is applied wrongly
1379          if ($sort_key == 'm')
1380          {
1381              $order_by .= ', u.user_posts DESC';
1382          }
1383  
1384          /**
1385          * Modify sql query data for members search
1386          *
1387          * @event core.memberlist_modify_sql_query_data
1388          * @var    string    order_by        SQL ORDER BY clause condition
1389          * @var    string    sort_dir        The sorting direction
1390          * @var    string    sort_key        The sorting key
1391          * @var    array    sort_key_sql    Arraty with the sorting conditions data
1392          * @var    string    sql_from        SQL FROM clause condition
1393          * @var    string    sql_select        SQL SELECT fields list
1394          * @var    string    sql_where        SQL WHERE clause condition
1395          * @var    string    sql_where_data    SQL WHERE clause additional conditions data
1396          * @since 3.1.7-RC1
1397          */
1398          $vars = array(
1399              'order_by',
1400              'sort_dir',
1401              'sort_key',
1402              'sort_key_sql',
1403              'sql_from',
1404              'sql_select',
1405              'sql_where',
1406              'sql_where_data',
1407          );
1408          extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_sql_query_data', compact($vars)));
1409  
1410          // Count the users ...
1411          $sql = 'SELECT COUNT(u.user_id) AS total_users
1412              FROM ' . USERS_TABLE . " u$sql_from
1413              WHERE " . $db->sql_in_set('u.user_type', $user_types) . "
1414              $sql_where";
1415          $result = $db->sql_query($sql);
1416          $total_users = (int) $db->sql_fetchfield('total_users');
1417          $db->sql_freeresult($result);
1418  
1419          // Build a relevant pagination_url
1420          $params = $sort_params = array();
1421  
1422          // We do not use $request->variable() here directly to save some calls (not all variables are set)
1423          $check_params = array(
1424              'g'                => array('g', 0),
1425              'sk'            => array('sk', $default_key),
1426              'sd'            => array('sd', 'a'),
1427              'form'            => array('form', ''),
1428              'field'            => array('field', ''),
1429              'select_single'    => array('select_single', $select_single),
1430              'username'        => array('username', '', true),
1431              'email'            => array('email', ''),
1432              'jabber'        => array('jabber', ''),
1433              'search_group_id'    => array('search_group_id', 0),
1434              'joined_select'    => array('joined_select', 'lt'),
1435              'active_select'    => array('active_select', 'lt'),
1436              'count_select'    => array('count_select', 'eq'),
1437              'joined'        => array('joined', ''),
1438              'active'        => array('active', ''),
1439              'count'            => ($request->variable('count', '') !== '') ? array('count', 0) : array('count', ''),
1440              'ip'            => array('ip', ''),
1441              'first_char'    => array('first_char', ''),
1442          );
1443  
1444          $u_first_char_params = array();
1445          foreach ($check_params as $key => $call)
1446          {
1447              if (!isset($_REQUEST[$key]))
1448              {
1449                  continue;
1450              }
1451  
1452              $param = call_user_func_array(array($request, 'variable'), $call);
1453              // Encode strings, convert everything else to int in order to prevent empty parameters.
1454              $param = urlencode($key) . '=' . ((is_string($param)) ? urlencode($param) : (int) $param);
1455              $params[] = $param;
1456  
1457              if ($key != 'first_char')
1458              {
1459                  $u_first_char_params[] = $param;
1460              }
1461              if ($key != 'sk' && $key != 'sd')
1462              {
1463                  $sort_params[] = $param;
1464              }
1465          }
1466  
1467          $u_hide_find_member = append_sid("{$phpbb_root_path}memberlist.$phpEx", "start=$start" . (!empty($params) ? '&amp;' . implode('&amp;', $params) : ''));
1468  
1469          if ($mode)
1470          {
1471              $params[] = "mode=$mode";
1472              $u_first_char_params[] = "mode=$mode";
1473          }
1474          $sort_params[] = "mode=$mode";
1475  
1476          $u_first_char_params = implode('&amp;', $u_first_char_params);
1477          $u_first_char_params .= ($u_first_char_params) ? '&amp;' : '';
1478  
1479          $first_characters = array();
1480          $first_characters[''] = $user->lang['ALL'];
1481          for ($i = 97; $i < 123; $i++)
1482          {
1483              $first_characters[chr($i)] = chr($i - 32);
1484          }
1485          $first_characters['other'] = $user->lang['OTHER'];
1486  
1487          $first_char_block_vars = [];
1488  
1489          foreach ($first_characters as $char => $desc)
1490          {
1491              $first_char_block_vars[] = [
1492                  'DESC'            => $desc,
1493                  'VALUE'            => $char,
1494                  'S_SELECTED'    => ($first_char == $char) ? true : false,
1495                  'U_SORT'        => append_sid("{$phpbb_root_path}memberlist.$phpEx", $u_first_char_params . 'first_char=' . $char) . '#memberlist',
1496              ];
1497          }
1498  
1499          /**
1500           * Modify memberlist sort and pagination parameters
1501           *
1502           * @event core.memberlist_modify_sort_pagination_params
1503           * @var array    sort_params                Array with URL parameters for sorting
1504           * @var array    params                    Array with URL parameters for pagination
1505           * @var array    first_characters        Array that maps each letter in a-z, 'other' and the empty string to their display representation
1506           * @var string    u_first_char_params        Concatenated URL parameters for first character search links
1507           * @var array    first_char_block_vars    Template block variables for each first character
1508           * @var int        total_users                Total number of users found in this search
1509           * @since 3.2.6-RC1
1510           */
1511          $vars = [
1512              'sort_params',
1513              'params',
1514              'first_characters',
1515              'u_first_char_params',
1516              'first_char_block_vars',
1517              'total_users',
1518          ];
1519          extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_sort_pagination_params', compact($vars)));
1520  
1521          $template->assign_block_vars_array('first_char', $first_char_block_vars);
1522  
1523          $pagination_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $params));
1524          $sort_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $sort_params));
1525  
1526          unset($search_params, $sort_params);
1527  
1528          // Some search user specific data
1529          if (($mode == '' || $mode == 'searchuser') && ($config['load_search'] || $auth->acl_get('a_')))
1530          {
1531              $group_selected = $request->variable('search_group_id', 0);
1532              $s_group_select = '<option value="0"' . ((!$group_selected) ? ' selected="selected"' : '') . '>&nbsp;</option>';
1533              $group_ids = array();
1534  
1535              /**
1536              * @todo add this to a separate function (function is responsible for returning the groups the user is able to see based on the users group membership)
1537              */
1538  
1539              if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel'))
1540              {
1541                  $sql = 'SELECT group_id, group_name, group_type
1542                      FROM ' . GROUPS_TABLE;
1543  
1544                  if (!$config['coppa_enable'])
1545                  {
1546                      $sql .= " WHERE group_name <> 'REGISTERED_COPPA'";
1547                  }
1548  
1549                  $sql .= ' ORDER BY group_name ASC';
1550              }
1551              else
1552              {
1553                  $sql = 'SELECT g.group_id, g.group_name, g.group_type
1554                      FROM ' . GROUPS_TABLE . ' g
1555                      LEFT JOIN ' . USER_GROUP_TABLE . ' ug
1556                          ON (
1557                              g.group_id = ug.group_id
1558                              AND ug.user_id = ' . $user->data['user_id'] . '
1559                              AND ug.user_pending = 0
1560                          )
1561                      WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')';
1562  
1563                  if (!$config['coppa_enable'])
1564                  {
1565                      $sql .= " AND g.group_name <> 'REGISTERED_COPPA'";
1566                  }
1567  
1568                  $sql .= ' ORDER BY g.group_name ASC';
1569              }
1570              $result = $db->sql_query($sql);
1571  
1572              while ($row = $db->sql_fetchrow($result))
1573              {
1574                  $group_ids[] = $row['group_id'];
1575                  $s_group_select .= '<option value="' . $row['group_id'] . '"' . (($group_selected == $row['group_id']) ? ' selected="selected"' : '') . '>' . $group_helper->get_name($row['group_name']) . '</option>';
1576              }
1577              $db->sql_freeresult($result);
1578  
1579              if ($group_selected !== 0 && !in_array($group_selected, $group_ids))
1580              {
1581                  trigger_error('NO_GROUP');
1582              }
1583  
1584              $template->assign_vars(array(
1585                  'USERNAME'    => $username,
1586                  'EMAIL'        => $email,
1587                  'JABBER'    => $jabber,
1588                  'JOINED'    => implode('-', $joined),
1589                  'ACTIVE'    => implode('-', $active),
1590                  'COUNT'        => $count,
1591                  'IP'        => $ipdomain,
1592  
1593                  'S_IP_SEARCH_ALLOWED'    => ($auth->acl_getf_global('m_info')) ? true : false,
1594                  'S_EMAIL_SEARCH_ALLOWED'=> ($auth->acl_get('a_user')) ? true : false,
1595                  'S_JABBER_ENABLED'        => $config['jab_enable'],
1596                  'S_IN_SEARCH_POPUP'        => ($form && $field) ? true : false,
1597                  'S_SEARCH_USER'            => ($mode == 'searchuser' || ($mode == '' && $submit)),
1598                  'S_FORM_NAME'            => $form,
1599                  'S_FIELD_NAME'            => $field,
1600                  'S_SELECT_SINGLE'        => $select_single,
1601                  'S_COUNT_OPTIONS'        => $s_find_count,
1602                  'S_SORT_OPTIONS'        => $s_sort_key,
1603                  'S_JOINED_TIME_OPTIONS'    => $s_find_join_time,
1604                  'S_ACTIVE_TIME_OPTIONS'    => $s_find_active_time,
1605                  'S_GROUP_SELECT'        => $s_group_select,
1606                  'S_USER_SEARCH_ACTION'    => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=searchuser&amp;form=$form&amp;field=$field"))
1607              );
1608          }
1609  
1610          $start = $pagination->validate_start($start, $config['topics_per_page'], $total_users);
1611  
1612          // Get us some users :D
1613          $sql = "SELECT u.user_id
1614              FROM " . USERS_TABLE . " u
1615                  $sql_from
1616              WHERE " . $db->sql_in_set('u.user_type', $user_types) . "
1617                  $sql_where
1618              ORDER BY $order_by";
1619          $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
1620  
1621          $user_list = array();
1622          while ($row = $db->sql_fetchrow($result))
1623          {
1624              $user_list[] = (int) $row['user_id'];
1625          }
1626          $db->sql_freeresult($result);
1627  
1628          // Load custom profile fields
1629          if ($config['load_cpf_memberlist'])
1630          {
1631              /* @var $cp \phpbb\profilefields\manager */
1632              $cp = $phpbb_container->get('profilefields.manager');
1633  
1634              $cp_row = $cp->generate_profile_fields_template_headlines('field_show_on_ml');
1635              foreach ($cp_row as $profile_field)
1636              {
1637                  $template->assign_block_vars('custom_fields', $profile_field);
1638              }
1639          }
1640  
1641          $leaders_set = false;
1642          // So, did we get any users?
1643          if (count($user_list))
1644          {
1645              // Session time?! Session time...
1646              $sql = 'SELECT session_user_id, MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
1647                  FROM ' . SESSIONS_TABLE . '
1648                  WHERE session_time >= ' . (time() - $config['session_length']) . '
1649                      AND ' . $db->sql_in_set('session_user_id', $user_list) . '
1650                  GROUP BY session_user_id';
1651              $result = $db->sql_query($sql);
1652  
1653              $session_ary = [];
1654              while ($row = $db->sql_fetchrow($result))
1655              {
1656                  $session_ary[$row['session_user_id']] = [
1657                      'session_time' => $row['session_time'],
1658                      'session_viewonline' => $row['session_viewonline'],
1659                  ];
1660              }
1661              $db->sql_freeresult($result);
1662  
1663              // Do the SQL thang
1664              if ($mode == 'group')
1665              {
1666                  $sql_from_ary = explode(',', $sql_from);
1667                  $extra_tables = [];
1668                  foreach ($sql_from_ary as $entry)
1669                  {
1670                      $table_data = explode(' ', trim($entry));
1671  
1672                      if (empty($table_data[0]) || empty($table_data[1]))
1673                      {
1674                          continue;
1675                      }
1676  
1677                      $extra_tables[$table_data[0]] = $table_data[1];
1678                  }
1679  
1680                  $sql_array = array(
1681                      'SELECT'    => 'u.*' . $sql_select,
1682                      'FROM'        => array_merge([USERS_TABLE => 'u'], $extra_tables),
1683                      'WHERE'        => $db->sql_in_set('u.user_id', $user_list) . $sql_where_data . '',
1684                  );
1685              }
1686              else
1687              {
1688                  $sql_array = array(
1689                      'SELECT'    => 'u.*',
1690                      'FROM'        => array(
1691                          USERS_TABLE        => 'u'
1692                      ),
1693                      'WHERE'        => $db->sql_in_set('u.user_id', $user_list),
1694                  );
1695              }
1696  
1697              /**
1698               * Modify user data SQL before member row is created
1699               *
1700               * @event core.memberlist_modify_memberrow_sql
1701               * @var string    mode                Memberlist mode
1702               * @var string    sql_select            Additional select statement
1703               * @var string    sql_from            Additional from statement
1704               * @var array    sql_array            Array containing the main query
1705               * @var array    user_list            Array containing list of users
1706               * @since 3.2.6-RC1
1707               */
1708              $vars = array(
1709                  'mode',
1710                  'sql_select',
1711                  'sql_from',
1712                  'sql_array',
1713                  'user_list',
1714              );
1715              extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_memberrow_sql', compact($vars)));
1716  
1717              $sql = $db->sql_build_query('SELECT', $sql_array);
1718              $result = $db->sql_query($sql);
1719  
1720              $id_cache = array();
1721              while ($row = $db->sql_fetchrow($result))
1722              {
1723                  $row['session_time'] = $session_ary[$row['user_id']]['session_time'] ?? 0;
1724                  $row['session_viewonline'] = $session_ary[$row['user_id']]['session_viewonline'] ?? 0;
1725                  $row['last_visit'] = $row['user_last_active'] ?: $row['session_time'];
1726  
1727                  $id_cache[$row['user_id']] = $row;
1728              }
1729  
1730              $db->sql_freeresult($result);
1731  
1732              // Load custom profile fields if required
1733              if ($config['load_cpf_memberlist'])
1734              {
1735                  // Grab all profile fields from users in id cache for later use - similar to the poster cache
1736                  $profile_fields_cache = $cp->grab_profile_fields_data($user_list);
1737  
1738                  // Filter the fields we don't want to show
1739                  foreach ($profile_fields_cache as $user_id => $user_profile_fields)
1740                  {
1741                      foreach ($user_profile_fields as $field_ident => $profile_field)
1742                      {
1743                          if (!$profile_field['data']['field_show_on_ml'])
1744                          {
1745                              unset($profile_fields_cache[$user_id][$field_ident]);
1746                          }
1747                      }
1748                  }
1749              }
1750  
1751              // If we sort by last active date we need to adjust the id cache due to user_lastvisit not being the last active date...
1752              if ($sort_key == 'l')
1753              {
1754  //                uasort($id_cache, create_function('$first, $second', "return (\$first['last_visit'] == \$second['last_visit']) ? 0 : ((\$first['last_visit'] < \$second['last_visit']) ? $lesser_than : ($lesser_than * -1));"));
1755                  usort($user_list,  'phpbb_sort_last_active');
1756              }
1757  
1758              // do we need to display contact fields as such
1759              $use_contact_fields = true;
1760  
1761              /**
1762               * Modify list of users before member row is created
1763               *
1764               * @event core.memberlist_memberrow_before
1765               * @var array    user_list            Array containing list of users
1766               * @var bool    use_contact_fields    Should we display contact fields as such?
1767               * @since 3.1.7-RC1
1768               */
1769              $vars = array('user_list', 'use_contact_fields');
1770              extract($phpbb_dispatcher->trigger_event('core.memberlist_memberrow_before', compact($vars)));
1771  
1772              for ($i = 0, $end = count($user_list); $i < $end; ++$i)
1773              {
1774                  $user_id = $user_list[$i];
1775                  $row = $id_cache[$user_id];
1776                  $is_leader = (isset($row['group_leader']) && $row['group_leader']) ? true : false;
1777                  $leaders_set = ($leaders_set || $is_leader);
1778  
1779                  $cp_row = array();
1780                  if ($config['load_cpf_memberlist'])
1781                  {
1782                      $cp_row = (isset($profile_fields_cache[$user_id])) ? $cp->generate_profile_fields_template_data($profile_fields_cache[$user_id], $use_contact_fields) : array();
1783                  }
1784  
1785                  $memberrow = array_merge(phpbb_show_profile($row, false, false, false), array(
1786                      'ROW_NUMBER'        => $i + ($start + 1),
1787  
1788                      'S_CUSTOM_PROFILE'    => (isset($cp_row['row']) && count($cp_row['row'])) ? true : false,
1789                      'S_GROUP_LEADER'    => $is_leader,
1790                      'S_INACTIVE'        => $row['user_type'] == USER_INACTIVE,
1791  
1792                      'U_VIEW_PROFILE'    => get_username_string('profile', $user_id, $row['username']),
1793                  ));
1794  
1795                  if (isset($cp_row['row']) && count($cp_row['row']))
1796                  {
1797                      $memberrow = array_merge($memberrow, $cp_row['row']);
1798                  }
1799  
1800                  $template->assign_block_vars('memberrow', $memberrow);
1801  
1802                  if (isset($cp_row['blockrow']) && count($cp_row['blockrow']))
1803                  {
1804                      foreach ($cp_row['blockrow'] as $field_data)
1805                      {
1806                          $template->assign_block_vars('memberrow.custom_fields', $field_data);
1807                      }
1808                  }
1809  
1810                  unset($id_cache[$user_id]);
1811              }
1812          }
1813  
1814          $pagination->generate_template_pagination($pagination_url, 'pagination', 'start', $total_users, $config['topics_per_page'], $start);
1815  
1816          // Generate page
1817          $template_vars = array(
1818              'TOTAL_USERS'    => $user->lang('LIST_USERS', (int) $total_users),
1819  
1820              'PROFILE_IMG'    => $user->img('icon_user_profile', $user->lang['PROFILE']),
1821              'PM_IMG'        => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']),
1822              'EMAIL_IMG'        => $user->img('icon_contact_email', $user->lang['EMAIL']),
1823              'JABBER_IMG'    => $user->img('icon_contact_jabber', $user->lang['JABBER']),
1824              'SEARCH_IMG'    => $user->img('icon_user_search', $user->lang['SEARCH']),
1825  
1826              'U_FIND_MEMBER'            => ($config['load_search'] || $auth->acl_get('a_')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser' . (($start) ? "&amp;start=$start" : '') . (!empty($params) ? '&amp;' . implode('&amp;', $params) : '')) : '',
1827              'U_HIDE_FIND_MEMBER'    => ($mode == 'searchuser' || ($mode == '' && $submit)) ? $u_hide_find_member : '',
1828              'U_LIVE_SEARCH'            => ($config['allow_live_searches']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=livesearch') : false,
1829              'U_SORT_USERNAME'        => $sort_url . '&amp;sk=a&amp;sd=' . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'),
1830              'U_SORT_JOINED'            => $sort_url . '&amp;sk=c&amp;sd=' . (($sort_key == 'c' && $sort_dir == 'd') ? 'a' : 'd'),
1831              'U_SORT_POSTS'            => $sort_url . '&amp;sk=d&amp;sd=' . (($sort_key == 'd' && $sort_dir == 'd') ? 'a' : 'd'),
1832              'U_SORT_EMAIL'            => $sort_url . '&amp;sk=e&amp;sd=' . (($sort_key == 'e' && $sort_dir == 'd') ? 'a' : 'd'),
1833              'U_SORT_ACTIVE'            => ($auth->acl_get('u_viewonline')) ? $sort_url . '&amp;sk=l&amp;sd=' . (($sort_key == 'l' && $sort_dir == 'd') ? 'a' : 'd') : '',
1834              'U_SORT_RANK'            => $sort_url . '&amp;sk=m&amp;sd=' . (($sort_key == 'm' && $sort_dir == 'd') ? 'a' : 'd'),
1835              'U_LIST_CHAR'            => $sort_url . '&amp;sk=a&amp;sd=' . (($sort_key == 'l' && $sort_dir == 'd') ? 'a' : 'd'),
1836  
1837              'S_SHOW_GROUP'        => ($mode == 'group') ? true : false,
1838              'S_VIEWONLINE'        => $auth->acl_get('u_viewonline'),
1839              'S_LEADERS_SET'        => $leaders_set,
1840              'S_MODE_SELECT'        => $s_sort_key,
1841              'S_ORDER_SELECT'    => $s_sort_dir,
1842              'S_MODE_ACTION'        => $pagination_url,
1843          );
1844  
1845          /**
1846           * Modify memberlist page template vars
1847           *
1848           * @event core.memberlist_modify_template_vars
1849           * @var array    params                Array containing URL parameters
1850           * @var string    sort_url            Sorting URL base
1851           * @var array    template_vars        Array containing template vars
1852           * @since 3.2.2-RC1
1853           */
1854          $vars = array('params', 'sort_url', 'template_vars');
1855          extract($phpbb_dispatcher->trigger_event('core.memberlist_modify_template_vars', compact($vars)));
1856  
1857          $template->assign_vars($template_vars);
1858  }
1859  
1860  // Output the page
1861  page_header($page_title);
1862  
1863  $template->set_filenames(array(
1864      'body' => $template_html)
1865  );
1866  make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
1867  
1868  page_footer();


Generated: Mon Nov 25 19:05:08 2024 Cross-referenced by PHPXref 0.7.1