search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
remove one problematic instance from the realpath replacement
[phpbb.git] / phpBB / memberlist.php
blob0d1a9576ac99a1a64bfc1cad384884b727889e49
1 <?php
2 /**
3 *
4 * @package phpBB3
5 * @version $Id$
6 * @copyright (c) 2005 phpBB Group
7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
8 *
9 */
10
11 /**
12 * @ignore
13 */
14 define('IN_PHPBB', true);
15 $phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
16 $phpEx = substr(strrchr(__FILE__, '.'), 1);
17 include($phpbb_root_path . 'common.' . $phpEx);
18 include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
19
20 // Start session management
21 $user->session_begin();
22 $auth->acl($user->data);
23 $user->setup(array('memberlist', 'groups'));
24
25 // Grab data
26 $mode = request_var('mode', '');
27 $action = request_var('action', '');
28 $user_id = request_var('u', ANONYMOUS);
29 $username = request_var('un', '', true);
30 $group_id = request_var('g', 0);
31 $topic_id = request_var('t', 0);
32
33 // Check our mode...
34 if (!in_array($mode, array('', 'group', 'viewprofile', 'email', 'contact', 'searchuser', 'leaders')))
35 {
36 trigger_error('NO_MODE');
37 }
38
39 switch ($mode)
40 {
41 case 'email':
42 break;
43
44 default:
45 // Can this user view profiles/memberlist?
46 if (!$auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel'))
47 {
48 if ($user->data['user_id'] != ANONYMOUS)
49 {
50 trigger_error('NO_VIEW_USERS');
51 }
52
53 login_box('', ((isset($user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)])) ? $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)] : $user->lang['LOGIN_EXPLAIN_MEMBERLIST']));
54 }
55 break;
56 }
57
58 $start = request_var('start', 0);
59 $submit = (isset($_POST['submit'])) ? true : false;
60
61 $default_key = 'c';
62 $sort_key = request_var('sk', $default_key);
63 $sort_dir = request_var('sd', 'a');
64
65
66 // Grab rank information for later
67 $ranks = $cache->obtain_ranks();
68
69
70 // What do you want to do today? ... oops, I think that line is taken ...
71 switch ($mode)
72 {
73 case 'leaders':
74 // Display a listing of board admins, moderators
75 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
76
77 $page_title = $user->lang['THE_TEAM'];
78 $template_html = 'memberlist_leaders.html';
79
80 $user_ary = $auth->acl_get_list(false, array('a_', 'm_'), false);
81
82 $admin_id_ary = $global_mod_id_ary = $mod_id_ary = $forum_id_ary = array();
83 foreach ($user_ary as $forum_id => $forum_ary)
84 {
85 foreach ($forum_ary as $auth_option => $id_ary)
86 {
87 if (!$forum_id)
88 {
89 if ($auth_option == 'a_')
90 {
91 $admin_id_ary = array_merge($admin_id_ary, $id_ary);
92 }
93 else
94 {
95 $global_mod_id_ary = array_merge($global_mod_id_ary, $id_ary);
96 }
97 continue;
98 }
99 else
100 {
101 $mod_id_ary = array_merge($mod_id_ary, $id_ary);
102 }
103
104 if ($forum_id)
105 {
106 foreach ($id_ary as $id)
107 {
108 $forum_id_ary[$id][] = $forum_id;
109 }
110 }
111 }
112 }
113
114 $admin_id_ary = array_unique($admin_id_ary);
115 $global_mod_id_ary = array_unique($global_mod_id_ary);
116
117 $mod_id_ary = array_merge($mod_id_ary, $global_mod_id_ary);
118 $mod_id_ary = array_unique($mod_id_ary);
119
120 // Admin group id...
121 $sql = 'SELECT group_id
122 FROM ' . GROUPS_TABLE . "
123 WHERE group_name = 'ADMINISTRATORS'";
124 $result = $db->sql_query($sql);
125 $admin_group_id = (int) $db->sql_fetchfield('group_id');
126 $db->sql_freeresult($result);
127
128 // Get group memberships for the admin id ary...
129 $admin_memberships = group_memberships($admin_group_id, $admin_id_ary);
130
131 $admin_user_ids = array();
132
133 if (!empty($admin_memberships))
134 {
135 // ok, we only need the user ids...
136 foreach ($admin_memberships as $row)
137 {
138 $admin_user_ids[$row['user_id']] = true;
139 }
140 }
141 unset($admin_memberships);
142
143 $sql = 'SELECT forum_id, forum_name
144 FROM ' . FORUMS_TABLE . '
145 WHERE forum_type = ' . FORUM_POST;
146 $result = $db->sql_query($sql);
147
148 $forums = array();
149 while ($row = $db->sql_fetchrow($result))
150 {
151 $forums[$row['forum_id']] = $row['forum_name'];
152 }
153 $db->sql_freeresult($result);
154
155 $sql = $db->sql_build_query('SELECT', array(
156 'SELECT' => 'u.user_id, u.group_id as default_group, u.username, u.username_clean, u.user_colour, u.user_rank, u.user_posts, u.user_allow_pm, g.group_id, g.group_name, g.group_colour, g.group_type, ug.user_id as ug_user_id',
157
158 'FROM' => array(
159 USERS_TABLE => 'u',
160 GROUPS_TABLE => 'g'
161 ),
162
163 'LEFT_JOIN' => array(
164 array(
165 'FROM' => array(USER_GROUP_TABLE => 'ug'),
166 'ON' => 'ug.group_id = g.group_id AND ug.user_pending = 0 AND ug.user_id = ' . $user->data['user_id']
167 )
168 ),
169
170 'WHERE' => $db->sql_in_set('u.user_id', array_unique(array_merge($admin_id_ary, $mod_id_ary)), false, true) . '
171 AND u.group_id = g.group_id',
172
173 'ORDER_BY' => 'g.group_name ASC, u.username_clean ASC'
174 ));
175 $result = $db->sql_query($sql);
176
177 while ($row = $db->sql_fetchrow($result))
178 {
179 $which_row = (in_array($row['user_id'], $admin_id_ary)) ? 'admin' : 'mod';
180
181 // We sort out admins not within the 'Administrators' group.
182 // Else, we will list those as admin only having the permission to view logs for example.
183 if ($which_row == 'admin' && empty($admin_user_ids[$row['user_id']]))
184 {
185 // Remove from admin_id_ary, because the user may be a mod instead
186 unset($admin_id_ary[array_search($row['user_id'], $admin_id_ary)]);
187
188 if (!in_array($row['user_id'], $mod_id_ary) && !in_array($row['user_id'], $global_mod_id_ary))
189 {
190 continue;
191 }
192 else
193 {
194 $which_row = 'mod';
195 }
196 }
197
198 $s_forum_select = '';
199 $undisclosed_forum = false;
200
201 if (isset($forum_id_ary[$row['user_id']]) && !in_array($row['user_id'], $global_mod_id_ary))
202 {
203 if ($which_row == 'mod' && sizeof(array_diff(array_keys($forums), $forum_id_ary[$row['user_id']])))
204 {
205 foreach ($forum_id_ary[$row['user_id']] as $forum_id)
206 {
207 if (isset($forums[$forum_id]))
208 {
209 if ($auth->acl_get('f_list', $forum_id))
210 {
211 $s_forum_select .= '<option value="">' . $forums[$forum_id] . '</option>';
212 }
213 else
214 {
215 $undisclosed_forum = true;
216 }
217 }
218 }
219 }
220 }
221
222 // If the mod is only moderating non-viewable forums we skip the user. There is no gain in displaying the person then...
223 if (!$s_forum_select && $undisclosed_forum)
224 {
225 // $s_forum_select = '<option value="">' . $user->lang['FORUM_UNDISCLOSED'] . '</option>';
226 continue;
227 }
228
229 // The person is moderating several "public" forums, therefore the person should be listed, but not giving the real group name if hidden.
230 if ($row['group_type'] == GROUP_HIDDEN && !$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $row['ug_user_id'] != $user->data['user_id'])
231 {
232 $group_name = $user->lang['GROUP_UNDISCLOSED'];
233 $u_group = '';
234 }
235 else
236 {
237 $group_name = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
238 $u_group = append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;g=' . $row['group_id']);
239 }
240
241 $rank_title = $rank_img = '';
242 get_user_rank($row['user_rank'], $row['user_posts'], $rank_title, $rank_img, $rank_img_src);
243
244 $template->assign_block_vars($which_row, array(
245 'USER_ID' => $row['user_id'],
246 'FORUMS' => $s_forum_select,
247 'RANK_TITLE' => $rank_title,
248 'GROUP_NAME' => $group_name,
249 'GROUP_COLOR' => $row['group_colour'],
250
251 'RANK_IMG' => $rank_img,
252 'RANK_IMG_SRC' => $rank_img_src,
253
254 'U_GROUP' => $u_group,
255 'U_PM' => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($row['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;u=' . $row['user_id']) : '',
256
257 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
258 'USERNAME' => get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']),
259 'USER_COLOR' => get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']),
260 'U_VIEW_PROFILE' => get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']),
261 ));
262 }
263 $db->sql_freeresult($result);
264
265 $template->assign_vars(array(
266 'PM_IMG' => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']))
267 );
268 break;
269
270 case 'contact':
271
272 $page_title = $user->lang['IM_USER'];
273 $template_html = 'memberlist_im.html';
274
275 if (!$auth->acl_get('u_sendim'))
276 {
277 trigger_error('NOT_AUTHORISED');
278 }
279
280 $presence_img = '';
281 switch ($action)
282 {
283 case 'aim':
284 $lang = 'AIM';
285 $sql_field = 'user_aim';
286 $s_select = 'S_SEND_AIM';
287 $s_action = '';
288 break;
289
290 case 'msnm':
291 $lang = 'MSNM';
292 $sql_field = 'user_msnm';
293 $s_select = 'S_SEND_MSNM';
294 $s_action = '';
295 break;
296
297 case 'jabber':
298 $lang = 'JABBER';
299 $sql_field = 'user_jabber';
300 $s_select = (@extension_loaded('xml') && $config['jab_enable']) ? 'S_SEND_JABBER' : 'S_NO_SEND_JABBER';
301 $s_action = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&amp;action=$action&amp;u=$user_id");
302 break;
303
304 default:
305 trigger_error('NO_MODE', E_USER_ERROR);
306 break;
307 }
308
309 // Grab relevant data
310 $sql = "SELECT user_id, username, user_email, user_lang, $sql_field
311 FROM " . USERS_TABLE . "
312 WHERE user_id = $user_id
313 AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
314 $result = $db->sql_query($sql);
315 $row = $db->sql_fetchrow($result);
316 $db->sql_freeresult($result);
317
318 if (!$row)
319 {
320 trigger_error('NO_USER');
321 }
322 else if (empty($row[$sql_field]))
323 {
324 trigger_error('IM_NO_DATA');
325 }
326
327 // Post data grab actions
328 switch ($action)
329 {
330 case 'jabber':
331 add_form_key('memberlist_messaging');
332
333 if ($submit && @extension_loaded('xml') && $config['jab_enable'])
334 {
335 if (check_form_key('memberlist_messaging'))
336 {
337
338 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
339
340 $subject = sprintf($user->lang['IM_JABBER_SUBJECT'], $user->data['username'], $config['server_name']);
341 $message = utf8_normalize_nfc(request_var('message', '', true));
342
343 if (empty($message))
344 {
345 trigger_error('EMPTY_MESSAGE_IM');
346 }
347
348 $messenger = new messenger(false);
349
350 $messenger->template('profile_send_im', $row['user_lang']);
351 $messenger->subject(htmlspecialchars_decode($subject));
352
353 $messenger->replyto($user->data['user_email']);
354 $messenger->im($row['user_jabber'], $row['username']);
355
356 $messenger->assign_vars(array(
357 'BOARD_CONTACT' => $config['board_contact'],
358 'FROM_USERNAME' => htmlspecialchars_decode($user->data['username']),
359 'TO_USERNAME' => htmlspecialchars_decode($row['username']),
360 'MESSAGE' => htmlspecialchars_decode($message))
361 );
362
363 $messenger->send(NOTIFY_IM);
364
365 $s_select = 'S_SENT_JABBER';
366 }
367 else
368 {
369 trigger_error('FORM_INVALID');
370 }
371 }
372 break;
373 }
374
375 // Send vars to the template
376 $template->assign_vars(array(
377 'IM_CONTACT' => $row[$sql_field],
378 'A_IM_CONTACT' => addslashes($row[$sql_field]),
379
380 'U_AIM_CONTACT' => ($action == 'aim') ? 'aim:addbuddy?screenname=' . urlencode($row[$sql_field]) : '',
381 'U_AIM_MESSAGE' => ($action == 'aim') ? 'aim:goim?screenname=' . urlencode($row[$sql_field]) . '&amp;message=' . urlencode($config['sitename']) : '',
382
383 'USERNAME' => $row['username'],
384 'CONTACT_NAME' => $row[$sql_field],
385 'SITENAME' => $config['sitename'],
386
387 'PRESENCE_IMG' => $presence_img,
388
389 'L_SEND_IM_EXPLAIN' => $user->lang['IM_' . $lang],
390 'L_IM_SENT_JABBER' => sprintf($user->lang['IM_SENT_JABBER'], $row['username']),
391
392 $s_select => true,
393 'S_IM_ACTION' => $s_action)
394 );
395
396 break;
397
398 case 'viewprofile':
399 // Display a profile
400 if ($user_id == ANONYMOUS && !$username)
401 {
402 trigger_error('NO_USER');
403 }
404
405 // Get user...
406 $sql = 'SELECT *
407 FROM ' . USERS_TABLE . '
408 WHERE ' . (($username) ? "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'" : "user_id = $user_id");
409 $result = $db->sql_query($sql);
410 $member = $db->sql_fetchrow($result);
411 $db->sql_freeresult($result);
412
413 if (!$member)
414 {
415 trigger_error('NO_USER');
416 }
417
418 // a_user admins and founder are able to view inactive users and bots to be able to manage them more easily
419 // Normal users are able to see at least users having only changed their profile settings but not yet reactivated.
420 if (!$auth->acl_get('a_user') && $user->data['user_type'] != USER_FOUNDER)
421 {
422 if ($member['user_type'] == USER_IGNORE)
423 {
424 trigger_error('NO_USER');
425 }
426 else if ($member['user_type'] == USER_INACTIVE && $member['user_inactive_reason'] != INACTIVE_PROFILE)
427 {
428 trigger_error('NO_USER');
429 }
430 }
431
432 $user_id = (int) $member['user_id'];
433
434 // Do the SQL thang
435 $sql = 'SELECT g.group_id, g.group_name, g.group_type
436 FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
437 WHERE ug.user_id = $user_id
438 AND g.group_id = ug.group_id" . ((!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? ' AND g.group_type <> ' . GROUP_HIDDEN : '') . '
439 AND ug.user_pending = 0
440 ORDER BY g.group_type, g.group_name';
441 $result = $db->sql_query($sql);
442
443 $group_options = '';
444 while ($row = $db->sql_fetchrow($result))
445 {
446 $group_options .= '<option value="' . $row['group_id'] . '"' . (($row['group_id'] == $member['group_id']) ? ' selected="selected"' : '') . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
447 }
448 $db->sql_freeresult($result);
449
450 // What colour is the zebra
451 $sql = 'SELECT friend, foe
452 FROM ' . ZEBRA_TABLE . "
453 WHERE zebra_id = $user_id
454 AND user_id = {$user->data['user_id']}";
455
456 $result = $db->sql_query($sql);
457 $row = $db->sql_fetchrow($result);
458 $foe = ($row['foe']) ? true : false;
459 $friend = ($row['friend']) ? true : false;
460 $db->sql_freeresult($result);
461
462 if ($config['load_onlinetrack'])
463 {
464 $sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
465 FROM ' . SESSIONS_TABLE . "
466 WHERE session_user_id = $user_id";
467 $result = $db->sql_query($sql);
468 $row = $db->sql_fetchrow($result);
469 $db->sql_freeresult($result);
470
471 $member['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0;
472 $member['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] : 0;
473 unset($row);
474 }
475
476 if ($config['load_user_activity'])
477 {
478 display_user_activity($member);
479 }
480
481 // Do the relevant calculations
482 $memberdays = max(1, round((time() - $member['user_regdate']) / 86400));
483 $posts_per_day = $member['user_posts'] / $memberdays;
484 $percentage = ($config['num_posts']) ? min(100, ($member['user_posts'] / $config['num_posts']) * 100) : 0;
485
486
487 if ($member['user_sig'])
488 {
489 $member['user_sig'] = censor_text($member['user_sig']);
490
491 if ($member['user_sig_bbcode_bitfield'])
492 {
493 include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
494 $bbcode = new bbcode();
495 $bbcode->bbcode_second_pass($member['user_sig'], $member['user_sig_bbcode_uid'], $member['user_sig_bbcode_bitfield']);
496 }
497
498 $member['user_sig'] = bbcode_nl2br($member['user_sig']);
499 $member['user_sig'] = smiley_text($member['user_sig']);
500 }
501
502 $poster_avatar = get_user_avatar($member['user_avatar'], $member['user_avatar_type'], $member['user_avatar_width'], $member['user_avatar_height']);
503
504 $template->assign_vars(show_profile($member));
505
506 // Custom Profile Fields
507 $profile_fields = array();
508 if ($config['load_cpf_viewprofile'])
509 {
510 include_once($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
511 $cp = new custom_profile();
512 $profile_fields = $cp->generate_profile_fields_template('grab', $user_id);
513 $profile_fields = (isset($profile_fields[$user_id])) ? $cp->generate_profile_fields_template('show', false, $profile_fields[$user_id]) : array();
514 }
515
516 // We need to check if the module 'zebra' is accessible
517 $zebra_enabled = false;
518
519 if ($user->data['user_id'] != $user_id && $user->data['is_registered'])
520 {
521 include_once($phpbb_root_path . 'includes/functions_module.' . $phpEx);
522 $module = new p_master();
523 $module->list_modules('ucp');
524 $module->set_active('zebra');
525
526 $zebra_enabled = ($module->active_module === false) ? false : true;
527
528 unset($module);
529 }
530
531 $template->assign_vars(array(
532 'POSTS_DAY' => sprintf($user->lang['POST_DAY'], $posts_per_day),
533 'POSTS_PCT' => sprintf($user->lang['POST_PCT'], $percentage),
534
535 'OCCUPATION' => (!empty($member['user_occ'])) ? censor_text($member['user_occ']) : '',
536 'INTERESTS' => (!empty($member['user_interests'])) ? censor_text($member['user_interests']) : '',
537 'SIGNATURE' => $member['user_sig'],
538
539 'AVATAR_IMG' => $poster_avatar,
540 'PM_IMG' => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']),
541 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['EMAIL']),
542 'WWW_IMG' => $user->img('icon_contact_www', $user->lang['WWW']),
543 'ICQ_IMG' => $user->img('icon_contact_icq', $user->lang['ICQ']),
544 'AIM_IMG' => $user->img('icon_contact_aim', $user->lang['AIM']),
545 'MSN_IMG' => $user->img('icon_contact_msnm', $user->lang['MSNM']),
546 'YIM_IMG' => $user->img('icon_contact_yahoo', $user->lang['YIM']),
547 'JABBER_IMG' => $user->img('icon_contact_jabber', $user->lang['JABBER']),
548 'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']),
549
550 'S_PROFILE_ACTION' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group'),
551 'S_GROUP_OPTIONS' => $group_options,
552 'S_CUSTOM_FIELDS' => (isset($profile_fields['row']) && sizeof($profile_fields['row'])) ? true : false,
553
554 'U_USER_ADMIN' => ($auth->acl_get('a_user')) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", 'i=users&amp;mode=overview&amp;u=' . $user_id, true, $user->session_id) : '',
555 'U_SWITCH_PERMISSIONS' => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_id) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&amp;u={$user_id}") : '',
556
557 'S_ZEBRA' => ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false,
558 'U_ADD_FRIEND' => (!$friend) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;add=' . urlencode(htmlspecialchars_decode($member['username']))) : '',
559 'U_ADD_FOE' => (!$foe) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;mode=foes&amp;add=' . urlencode(htmlspecialchars_decode($member['username']))) : '',
560 'U_REMOVE_FRIEND' => ($friend) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;usernames[]=' . $user_id) : '',
561 'U_REMOVE_FOE' => ($foe) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;mode=foes&amp;usernames[]=' . $user_id) : '',
562 ));
563
564 if (!empty($profile_fields['row']))
565 {
566 $template->assign_vars($profile_fields['row']);
567 }
568
569 if (!empty($profile_fields['blockrow']))
570 {
571 foreach ($profile_fields['blockrow'] as $field_data)
572 {
573 $template->assign_block_vars('custom_fields', $field_data);
574 }
575 }
576
577 // Inactive reason/account?
578 if ($member['user_type'] == USER_INACTIVE)
579 {
580 $user->add_lang('acp/common');
581
582 $inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
583
584 switch ($member['user_inactive_reason'])
585 {
586 case INACTIVE_REGISTER:
587 $inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
588 break;
589
590 case INACTIVE_PROFILE:
591 $inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
592 break;
593
594 case INACTIVE_MANUAL:
595 $inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
596 break;
597
598 case INACTIVE_REMIND:
599 $inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
600 break;
601 }
602
603 $template->assign_vars(array(
604 'S_USER_INACTIVE' => true,
605 'USER_INACTIVE_REASON' => $inactive_reason)
606 );
607 }
608
609 // Now generate page title
610 $page_title = sprintf($user->lang['VIEWING_PROFILE'], $member['username']);
611 $template_html = 'memberlist_view.html';
612
613 break;
614
615 case 'email':
616
617 // Send an email
618 $page_title = $user->lang['SEND_EMAIL'];
619 $template_html = 'memberlist_email.html';
620
621 add_form_key('memberlist_email');
622
623 if (!$config['email_enable'])
624 {
625 trigger_error('EMAIL_DISABLED');
626 }
627
628 if (!$auth->acl_get('u_sendemail'))
629 {
630 trigger_error('NO_EMAIL');
631 }
632
633 // Are we trying to abuse the facility?
634 if (time() - $user->data['user_emailtime'] < $config['flood_interval'])
635 {
636 trigger_error('FLOOD_EMAIL_LIMIT');
637 }
638
639 // Determine action...
640 $user_id = request_var('u', 0);
641 $topic_id = request_var('t', 0);
642
643 // Send email to user...
644 if ($user_id)
645 {
646 if ($user_id == ANONYMOUS || !$config['board_email_form'])
647 {
648 trigger_error('NO_EMAIL');
649 }
650
651 // Get the appropriate username, etc.
652 $sql = 'SELECT username, user_email, user_allow_viewemail, user_lang, user_jabber, user_notify_type
653 FROM ' . USERS_TABLE . "
654 WHERE user_id = $user_id
655 AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
656 $result = $db->sql_query($sql);
657 $row = $db->sql_fetchrow($result);
658 $db->sql_freeresult($result);
659
660 if (!$row)
661 {
662 trigger_error('NO_USER');
663 }
664
665 // Can we send email to this user?
666 if (!$row['user_allow_viewemail'] && !$auth->acl_get('a_user'))
667 {
668 trigger_error('NO_EMAIL');
669 }
670 }
671 else if ($topic_id)
672 {
673 // Send topic heads-up to email address
674 $sql = 'SELECT forum_id, topic_title
675 FROM ' . TOPICS_TABLE . "
676 WHERE topic_id = $topic_id";
677 $result = $db->sql_query($sql);
678 $row = $db->sql_fetchrow($result);
679 $db->sql_freeresult($result);
680
681 if (!$row)
682 {
683 trigger_error('NO_TOPIC');
684 }
685
686 if ($row['forum_id'])
687 {
688 if (!$auth->acl_get('f_read', $row['forum_id']))
689 {
690 trigger_error('SORRY_AUTH_READ');
691 }
692
693 if (!$auth->acl_get('f_email', $row['forum_id']))
694 {
695 trigger_error('NO_EMAIL');
696 }
697 }
698 else
699 {
700 // If global announcement, we need to check if the user is able to at least read and email in one forum...
701 if (!$auth->acl_getf_global('f_read'))
702 {
703 trigger_error('SORRY_AUTH_READ');
704 }
705
706 if (!$auth->acl_getf_global('f_email'))
707 {
708 trigger_error('NO_EMAIL');
709 }
710 }
711 }
712 else
713 {
714 trigger_error('NO_EMAIL');
715 }
716
717 $error = array();
718
719 $name = utf8_normalize_nfc(request_var('name', '', true));
720 $email = request_var('email', '');
721 $email_lang = request_var('lang', $config['default_lang']);
722 $subject = utf8_normalize_nfc(request_var('subject', '', true));
723 $message = utf8_normalize_nfc(request_var('message', '', true));
724 $cc = (isset($_POST['cc_email'])) ? true : false;
725 $submit = (isset($_POST['submit'])) ? true : false;
726
727 if ($submit)
728 {
729 if (!check_form_key('memberlist_email'))
730 {
731 $error[] = 'FORM_INVALID';
732 }
733 if ($user_id)
734 {
735 if (!$subject)
736 {
737 $error[] = $user->lang['EMPTY_SUBJECT_EMAIL'];
738 }
739
740 if (!$message)
741 {
742 $error[] = $user->lang['EMPTY_MESSAGE_EMAIL'];
743 }
744
745 $name = $row['username'];
746 $email_lang = $row['user_lang'];
747 $email = $row['user_email'];
748 }
749 else
750 {
751 if (!$email || !preg_match('/^' . get_preg_expression('email') . '$/i', $email))
752 {
753 $error[] = $user->lang['EMPTY_ADDRESS_EMAIL'];
754 }
755
756 if (!$name)
757 {
758 $error[] = $user->lang['EMPTY_NAME_EMAIL'];
759 }
760 }
761
762 if (!sizeof($error))
763 {
764 $sql = 'UPDATE ' . USERS_TABLE . '
765 SET user_emailtime = ' . time() . '
766 WHERE user_id = ' . $user->data['user_id'];
767 $result = $db->sql_query($sql);
768
769 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
770 $messenger = new messenger(false);
771 $email_tpl = ($user_id) ? 'profile_send_email' : 'email_notify';
772
773 $mail_to_users = array();
774
775 $mail_to_users[] = array(
776 'email_lang' => $email_lang,
777 'email' => $email,
778 'name' => $name,
779 'username' => ($user_id) ? $row['username'] : '',
780 'to_name' => $name,
781 'user_jabber' => ($user_id) ? $row['user_jabber'] : '',
782 'user_notify_type' => ($user_id) ? $row['user_notify_type'] : NOTIFY_EMAIL,
783 'topic_title' => (!$user_id) ? $row['topic_title'] : '',
784 'forum_id' => (!$user_id) ? $row['forum_id'] : 0,
785 );
786
787 // Ok, now the same email if CC specified, but without exposing the users email address
788 if ($cc)
789 {
790 $mail_to_users[] = array(
791 'email_lang' => $user->data['user_lang'],
792 'email' => $user->data['user_email'],
793 'name' => $user->data['username'],
794 'username' => $user->data['username'],
795 'to_name' => $name,
796 'user_jabber' => $user->data['user_jabber'],
797 'user_notify_type' => ($user_id) ? $user->data['user_notify_type'] : NOTIFY_EMAIL,
798 'topic_title' => (!$user_id) ? $row['topic_title'] : '',
799 'forum_id' => (!$user_id) ? $row['forum_id'] : 0,
800 );
801 }
802
803 foreach ($mail_to_users as $row)
804 {
805 $messenger->template($email_tpl, $row['email_lang']);
806 $messenger->replyto($user->data['user_email']);
807 $messenger->to($row['email'], $row['name']);
808
809 if ($user_id)
810 {
811 $messenger->subject(htmlspecialchars_decode($subject));
812 $messenger->im($row['user_jabber'], $row['username']);
813 $notify_type = $row['user_notify_type'];
814 }
815 else
816 {
817 $notify_type = NOTIFY_EMAIL;
818 }
819
820 $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
821 $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
822 $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
823 $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
824
825 $messenger->assign_vars(array(
826 'BOARD_CONTACT' => $config['board_contact'],
827 'TO_USERNAME' => htmlspecialchars_decode($row['to_name']),
828 'FROM_USERNAME' => htmlspecialchars_decode($user->data['username']),
829 'MESSAGE' => htmlspecialchars_decode($message))
830 );
831
832 if ($topic_id)
833 {
834 $messenger->assign_vars(array(
835 'TOPIC_NAME' => htmlspecialchars_decode($row['topic_title']),
836 'U_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=" . $row['forum_id'] . "&t=$topic_id")
837 );
838 }
839
840 $messenger->send($notify_type);
841 }
842
843 meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
844 $message = ($user_id) ? sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>') : sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f={$row['forum_id']}&amp;t=$topic_id") . '">', '</a>');
845 trigger_error($user->lang['EMAIL_SENT'] . '<br /><br />' . $message);
846 }
847 }
848
849 if ($user_id)
850 {
851 $template->assign_vars(array(
852 'S_SEND_USER' => true,
853 'USERNAME' => $row['username'],
854
855 'L_EMAIL_BODY_EXPLAIN' => $user->lang['EMAIL_BODY_EXPLAIN'],
856 'S_POST_ACTION' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=email&amp;u=' . $user_id))
857 );
858 }
859 else
860 {
861 $template->assign_vars(array(
862 'EMAIL' => $email,
863 'NAME' => $name,
864 'S_LANG_OPTIONS' => language_select($email_lang),
865
866 'L_EMAIL_BODY_EXPLAIN' => $user->lang['EMAIL_TOPIC_EXPLAIN'],
867 'S_POST_ACTION' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=email&amp;t=' . $topic_id))
868 );
869 }
870
871 $template->assign_vars(array(
872 'ERROR_MESSAGE' => (sizeof($error)) ? implode('<br />', $error) : '')
873 );
874
875 break;
876
877 case 'group':
878 default:
879 // The basic memberlist
880 $page_title = $user->lang['MEMBERLIST'];
881 $template_html = 'memberlist_body.html';
882
883 // Sorting
884 $sort_key_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_LOCATION'], 'c' => $user->lang['SORT_JOINED'], 'd' => $user->lang['SORT_POST_COUNT'], 'e' => $user->lang['SORT_EMAIL'], 'f' => $user->lang['WEBSITE'], 'g' => $user->lang['ICQ'], 'h' => $user->lang['AIM'], 'i' => $user->lang['MSNM'], 'j' => $user->lang['YIM'], 'k' => $user->lang['JABBER']);
885
886 if ($auth->acl_get('u_viewonline'))
887 {
888 $sort_key_text['l'] = $user->lang['SORT_LAST_ACTIVE'];
889 }
890 $sort_key_text['m'] = $user->lang['SORT_RANK'];
891
892 $sort_key_sql = array('a' => 'u.username_clean', 'b' => 'u.user_from', 'c' => 'u.user_regdate', 'd' => 'u.user_posts', 'e' => 'u.user_email', 'f' => 'u.user_website', 'g' => 'u.user_icq', 'h' => 'u.user_aim', 'i' => 'u.user_msnm', 'j' => 'u.user_yim', 'k' => 'u.user_jabber');
893
894 if ($auth->acl_get('u_viewonline'))
895 {
896 $sort_key_sql['l'] = 'u.user_lastvisit';
897 }
898 $sort_key_sql['m'] = 'u.user_rank DESC, u.user_posts';
899
900 $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
901
902 $s_sort_key = '';
903 foreach ($sort_key_text as $key => $value)
904 {
905 $selected = ($sort_key == $key) ? ' selected="selected"' : '';
906 $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
907 }
908
909 $s_sort_dir = '';
910 foreach ($sort_dir_text as $key => $value)
911 {
912 $selected = ($sort_dir == $key) ? ' selected="selected"' : '';
913 $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
914 }
915
916 // Additional sorting options for user search ... if search is enabled, if not
917 // then only admins can make use of this (for ACP functionality)
918 $sql_select = $sql_where_data = $sql_from = $sql_where = $order_by = '';
919
920
921 $form = request_var('form', '');
922 $field = request_var('field', '');
923 $select_single = request_var('select_single', false);
924
925 // We validate form and field here, only id/class allowed
926 $form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form;
927 $field = (!preg_match('/^[a-z0-9_-]+$/i', $field)) ? '' : $field;
928 if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))
929 {
930 $username = request_var('username', '', true);
931 $email = strtolower(request_var('email', ''));
932 $icq = request_var('icq', '');
933 $aim = request_var('aim', '');
934 $yahoo = request_var('yahoo', '');
935 $msn = request_var('msn', '');
936 $jabber = request_var('jabber', '');
937 $search_group_id = request_var('search_group_id', 0);
938
939 $joined_select = request_var('joined_select', 'lt');
940 $active_select = request_var('active_select', 'lt');
941 $count_select = request_var('count_select', 'eq');
942 $joined = explode('-', request_var('joined', ''));
943 $active = explode('-', request_var('active', ''));
944 $count = (request_var('count', '') !== '') ? request_var('count', 0) : '';
945 $ipdomain = request_var('ip', '');
946
947 $find_key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
948
949 $find_count = array('lt' => $user->lang['LESS_THAN'], 'eq' => $user->lang['EQUAL_TO'], 'gt' => $user->lang['MORE_THAN']);
950 $s_find_count = '';
951 foreach ($find_count as $key => $value)
952 {
953 $selected = ($count_select == $key) ? ' selected="selected"' : '';
954 $s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
955 }
956
957 $find_time = array('lt' => $user->lang['BEFORE'], 'gt' => $user->lang['AFTER']);
958 $s_find_join_time = '';
959 foreach ($find_time as $key => $value)
960 {
961 $selected = ($joined_select == $key) ? ' selected="selected"' : '';
962 $s_find_join_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
963 }
964
965 $s_find_active_time = '';
966 foreach ($find_time as $key => $value)
967 {
968 $selected = ($active_select == $key) ? ' selected="selected"' : '';
969 $s_find_active_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
970 }
971
972 $sql_where .= ($username) ? ' AND u.username_clean ' . $db->sql_like_expression(str_replace('*', $db->any_char, utf8_clean_string($username))) : '';
973 $sql_where .= ($email) ? ' AND u.user_email ' . $db->sql_like_expression(str_replace('*', $db->any_char, $email)) . ' ' : '';
974 $sql_where .= ($icq) ? ' AND u.user_icq ' . $db->sql_like_expression(str_replace('*', $db->any_char, $icq)) . ' ' : '';
975 $sql_where .= ($aim) ? ' AND u.user_aim ' . $db->sql_like_expression(str_replace('*', $db->any_char, $aim)) . ' ' : '';
976 $sql_where .= ($yahoo) ? ' AND u.user_yim ' . $db->sql_like_expression(str_replace('*', $db->any_char, $yahoo)) . ' ' : '';
977 $sql_where .= ($msn) ? ' AND u.user_msnm ' . $db->sql_like_expression(str_replace('*', $db->any_char, $msn)) . ' ' : '';
978 $sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->any_char, $jabber)) . ' ' : '';
979 $sql_where .= (is_numeric($count)) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : '';
980 $sql_where .= (sizeof($joined) > 1) ? " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
981 $sql_where .= ($auth->acl_get('u_viewonline') && sizeof($active) > 1) ? " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
982 $sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : '';
983
984 if ($search_group_id)
985 {
986 $sql_from = ', ' . USER_GROUP_TABLE . ' ug ';
987 }
988
989 if ($ipdomain && $auth->acl_getf_global('m_info'))
990 {
991 if (strspn($ipdomain, 'abcdefghijklmnopqrstuvwxyz'))
992 {
993 $hostnames = gethostbynamel($ipdomain);
994
995 if ($hostnames !== false)
996 {
997 $ips = "'" . implode('\', \'', array_map(array($db, 'sql_escape'), preg_replace('#([0-9]{1,3}\.[0-9]{1,3}[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#', "\\1", gethostbynamel($ipdomain)))) . "'";
998 }
999 else
1000 {
1001 $ips = false;
1002 }
1003 }
1004 else
1005 {
1006 $ips = "'" . str_replace('*', '%', $db->sql_escape($ipdomain)) . "'";
1007 }
1008
1009 if ($ips === false)
1010 {
1011 // A minor fudge but it does the job :D
1012 $sql_where .= " AND u.user_id = 0";
1013 }
1014 else
1015 {
1016 $ip_forums = array_keys($auth->acl_getf('m_info', true));
1017
1018 $sql = 'SELECT DISTINCT poster_id
1019 FROM ' . POSTS_TABLE . '
1020 WHERE poster_ip ' . ((strpos($ips, '%') !== false) ? 'LIKE' : 'IN') . " ($ips)
1021 AND forum_id IN (0, " . implode(', ', $ip_forums) . ')';
1022 $result = $db->sql_query($sql);
1023
1024 if ($row = $db->sql_fetchrow($result))
1025 {
1026 $ip_sql = array();
1027 do
1028 {
1029 $ip_sql[] = $row['poster_id'];
1030 }
1031 while ($row = $db->sql_fetchrow($result));
1032
1033 $sql_where .= ' AND ' . $db->sql_in_set('u.user_id', $ip_sql);
1034 }
1035 else
1036 {
1037 // A minor fudge but it does the job :D
1038 $sql_where .= " AND u.user_id = 0";
1039 }
1040 unset($ip_forums);
1041
1042 $db->sql_freeresult($result);
1043 }
1044 }
1045 }
1046
1047 $first_char = request_var('first_char', '');
1048
1049 if ($first_char == 'other')
1050 {
1051 for ($i = 97; $i < 123; $i++)
1052 {
1053 $sql_where .= ' AND u.username_clean NOT ' . $db->sql_like_expression(chr($i) . $db->any_char);
1054 }
1055 }
1056 else if ($first_char)
1057 {
1058 $sql_where .= ' AND u.username_clean ' . $db->sql_like_expression(substr($first_char, 0, 1) . $db->any_char);
1059 }
1060
1061 // Are we looking at a usergroup? If so, fetch additional info
1062 // and further restrict the user info query
1063 if ($mode == 'group')
1064 {
1065 // We JOIN here to save a query for determining membership for hidden groups. ;)
1066 $sql = 'SELECT g.*, ug.user_id
1067 FROM ' . GROUPS_TABLE . ' g
1068 LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (ug.user_pending = 0 AND ug.user_id = ' . $user->data['user_id'] . " AND ug.group_id = $group_id)
1069 WHERE g.group_id = $group_id";
1070 $result = $db->sql_query($sql);
1071 $group_row = $db->sql_fetchrow($result);
1072 $db->sql_freeresult($result);
1073
1074 if (!$group_row)
1075 {
1076 trigger_error('NO_GROUP');
1077 }
1078
1079 switch ($group_row['group_type'])
1080 {
1081 case GROUP_OPEN:
1082 $group_row['l_group_type'] = 'OPEN';
1083 break;
1084
1085 case GROUP_CLOSED:
1086 $group_row['l_group_type'] = 'CLOSED';
1087 break;
1088
1089 case GROUP_HIDDEN:
1090 $group_row['l_group_type'] = 'HIDDEN';
1091
1092 // Check for membership or special permissions
1093 if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $group_row['user_id'] != $user->data['user_id'])
1094 {
1095 trigger_error('NO_GROUP');
1096 }
1097 break;
1098
1099 case GROUP_SPECIAL:
1100 $group_row['l_group_type'] = 'SPECIAL';
1101 break;
1102
1103 case GROUP_FREE:
1104 $group_row['l_group_type'] = 'FREE';
1105 break;
1106 }
1107
1108 // Misusing the avatar function for displaying group avatars...
1109 $avatar_img = get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR');
1110
1111 $rank_title = $rank_img = $rank_img_src = '';
1112 if ($group_row['group_rank'])
1113 {
1114 if (isset($ranks['special'][$group_row['group_rank']]))
1115 {
1116 $rank_title = $ranks['special'][$group_row['group_rank']]['rank_title'];
1117 }
1118 $rank_img = (!empty($ranks['special'][$group_row['group_rank']]['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $ranks['special'][$group_row['group_rank']]['rank_image'] . '" alt="' . $ranks['special'][$group_row['group_rank']]['rank_title'] . '" title="' . $ranks['special'][$group_row['group_rank']]['rank_title'] . '" /><br />' : '';
1119 $rank_img_src = (!empty($ranks['special'][$group_row['group_rank']]['rank_image'])) ? $config['ranks_path'] . '/' . $ranks['special'][$group_row['group_rank']]['rank_image'] : '';
1120 }
1121 else
1122 {
1123 $rank_title = '';
1124 $rank_img = '';
1125 $rank_img_src = '';
1126 }
1127
1128 $template->assign_vars(array(
1129 'GROUP_DESC' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']),
1130 'GROUP_NAME' => ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'],
1131 'GROUP_COLOR' => $group_row['group_colour'],
1132 'GROUP_TYPE' => $user->lang['GROUP_IS_' . $group_row['l_group_type']],
1133 'GROUP_RANK' => $rank_title,
1134
1135 'AVATAR_IMG' => $avatar_img,
1136 'RANK_IMG' => $rank_img,
1137 'RANK_IMG_SRC' => $rank_img_src,
1138
1139 'U_PM' => ($auth->acl_get('u_sendpm') && $auth->acl_get('u_masspm') && $group_row['group_receive_pm'] && $config['allow_privmsg'] && $config['allow_mass_pm']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;g=' . $group_id) : '',)
1140 );
1141
1142 $sql_select = ', ug.group_leader';
1143 $sql_from = ', ' . USER_GROUP_TABLE . ' ug ';
1144 $order_by = 'ug.group_leader DESC, ';
1145
1146 $sql_where .= " AND ug.user_pending = 0 AND u.user_id = ug.user_id AND ug.group_id = $group_id";
1147 $sql_where_data = " AND u.user_id = ug.user_id AND ug.group_id = $group_id";
1148 }
1149
1150 // Sorting and order
1151 if (!isset($sort_key_sql[$sort_key]))
1152 {
1153 $sort_key = $default_key;
1154 }
1155
1156 $order_by .= $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
1157
1158 // Count the users ...
1159 if ($sql_where)
1160 {
1161 $sql = 'SELECT COUNT(u.user_id) AS total_users
1162 FROM ' . USERS_TABLE . " u$sql_from
1163 WHERE u.user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ")
1164 $sql_where";
1165 $result = $db->sql_query($sql);
1166 $total_users = (int) $db->sql_fetchfield('total_users');
1167 $db->sql_freeresult($result);
1168 }
1169 else
1170 {
1171 $total_users = $config['num_users'];
1172 }
1173
1174 $s_char_options = '<option value=""' . ((!$first_char) ? ' selected="selected"' : '') . '>&nbsp; &nbsp;</option>';
1175 for ($i = 97; $i < 123; $i++)
1176 {
1177 $s_char_options .= '<option value="' . chr($i) . '"' . (($first_char == chr($i)) ? ' selected="selected"' : '') . '>' . chr($i-32) . '</option>';
1178 }
1179 $s_char_options .= '<option value="other"' . (($first_char == 'other') ? ' selected="selected"' : '') . '>' . $user->lang['OTHER'] . '</option>';
1180
1181 // Build a relevant pagination_url
1182 $params = $sort_params = array();
1183
1184 // We do not use request_var() here directly to save some calls (not all variables are set)
1185 $check_params = array(
1186 'g' => array('g', 0),
1187 'sk' => array('sk', $default_key),
1188 'sd' => array('sd', 'a'),
1189 'form' => array('form', ''),
1190 'field' => array('field', ''),
1191 'select_single' => array('select_single', 0),
1192 'username' => array('username', '', true),
1193 'email' => array('email', ''),
1194 'icq' => array('icq', ''),
1195 'aim' => array('aim', ''),
1196 'yahoo' => array('yahoo', ''),
1197 'msn' => array('msn', ''),
1198 'jabber' => array('jabber', ''),
1199 'search_group_id' => array('search_group_id', 0),
1200 'joined_select' => array('joined_select', 'lt'),
1201 'active_select' => array('active_select', 'lt'),
1202 'count_select' => array('count_select', 'eq'),
1203 'joined' => array('joined', ''),
1204 'active' => array('active', ''),
1205 'count' => (request_var('count', '') !== '') ? array('count', 0) : array('count', ''),
1206 'ipdomain' => array('ip', ''),
1207 'first_char' => array('first_char', ''),
1208 );
1209
1210 foreach ($check_params as $key => $call)
1211 {
1212 if (!isset($_REQUEST[$key]))
1213 {
1214 continue;
1215 }
1216
1217 $param = call_user_func_array('request_var', $call);
1218 $param = urlencode($key) . '=' . ((is_string($param)) ? urlencode($param) : $param);
1219 $params[] = $param;
1220
1221 if ($key != 'sk' && $key != 'sd')
1222 {
1223 $sort_params[] = $param;
1224 }
1225 }
1226
1227 $u_hide_find_member = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $params));
1228
1229 $params[] = "mode=$mode";
1230 $sort_params[] = "mode=$mode";
1231 $pagination_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $params));
1232 $sort_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $sort_params));
1233
1234 unset($params, $sort_params);
1235
1236 // Some search user specific data
1237 if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))
1238 {
1239 $group_selected = request_var('search_group_id', 0);
1240 $s_group_select = '<option value="0"' . ((!$group_selected) ? ' selected="selected"' : '') . '>&nbsp;</option>';
1241
1242 if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel'))
1243 {
1244 $sql = 'SELECT group_id, group_name, group_type
1245 FROM ' . GROUPS_TABLE . '
1246 ORDER BY group_name ASC';
1247 }
1248 else
1249 {
1250 $sql = 'SELECT g.group_id, g.group_name, g.group_type
1251 FROM ' . GROUPS_TABLE . ' g
1252 LEFT JOIN ' . USER_GROUP_TABLE . ' ug
1253 ON (
1254 g.group_id = ug.group_id
1255 AND ug.user_id = ' . $user->data['user_id'] . '
1256 AND ug.user_pending = 0
1257 )
1258 WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')
1259 ORDER BY g.group_name ASC';
1260 }
1261 $result = $db->sql_query($sql);
1262
1263 while ($row = $db->sql_fetchrow($result))
1264 {
1265 $s_group_select .= '<option value="' . $row['group_id'] . '"' . (($group_selected == $row['group_id']) ? ' selected="selected"' : '') . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
1266 }
1267 $db->sql_freeresult($result);
1268
1269 $template->assign_vars(array(
1270 'USERNAME' => $username,
1271 'EMAIL' => $email,
1272 'ICQ' => $icq,
1273 'AIM' => $aim,
1274 'YAHOO' => $yahoo,
1275 'MSNM' => $msn,
1276 'JABBER' => $jabber,
1277 'JOINED' => implode('-', $joined),
1278 'ACTIVE' => implode('-', $active),
1279 'COUNT' => $count,
1280 'IP' => $ipdomain,
1281
1282 'S_IP_SEARCH_ALLOWED' => ($auth->acl_getf_global('m_info')) ? true : false,
1283 'S_IN_SEARCH_POPUP' => ($form && $field) ? true : false,
1284 'S_SEARCH_USER' => true,
1285 'S_FORM_NAME' => $form,
1286 'S_FIELD_NAME' => $field,
1287 'S_SELECT_SINGLE' => $select_single,
1288 'S_COUNT_OPTIONS' => $s_find_count,
1289 'S_SORT_OPTIONS' => $s_sort_key,
1290 'S_JOINED_TIME_OPTIONS' => $s_find_join_time,
1291 'S_ACTIVE_TIME_OPTIONS' => $s_find_active_time,
1292 'S_GROUP_SELECT' => $s_group_select,
1293 'S_USER_SEARCH_ACTION' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=searchuser&amp;form=$form&amp;field=$field"))
1294 );
1295 }
1296
1297 // Get us some users :D
1298 $sql = "SELECT u.user_id
1299 FROM " . USERS_TABLE . " u
1300 $sql_from
1301 WHERE u.user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ")
1302 $sql_where
1303 ORDER BY $order_by";
1304 $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
1305
1306 $user_list = array();
1307 while ($row = $db->sql_fetchrow($result))
1308 {
1309 $user_list[] = (int) $row['user_id'];
1310 }
1311 $db->sql_freeresult($result);
1312
1313 // So, did we get any users?
1314 if (sizeof($user_list))
1315 {
1316 // Session time?! Session time...
1317 $sql = 'SELECT session_user_id, MAX(session_time) AS session_time
1318 FROM ' . SESSIONS_TABLE . '
1319 WHERE session_time >= ' . (time() - $config['session_length']) . '
1320 AND ' . $db->sql_in_set('session_user_id', $user_list) . '
1321 GROUP BY session_user_id';
1322 $result = $db->sql_query($sql);
1323
1324 $session_times = array();
1325 while ($row = $db->sql_fetchrow($result))
1326 {
1327 $session_times[$row['session_user_id']] = $row['session_time'];
1328 }
1329 $db->sql_freeresult($result);
1330
1331 // Do the SQL thang
1332 if ($mode == 'group')
1333 {
1334 $sql = "SELECT u.*
1335 $sql_select
1336 FROM " . USERS_TABLE . " u
1337 $sql_from
1338 WHERE " . $db->sql_in_set('u.user_id', $user_list) . "
1339 $sql_where_data";
1340 }
1341 else
1342 {
1343 $sql = 'SELECT *
1344 FROM ' . USERS_TABLE . '
1345 WHERE ' . $db->sql_in_set('user_id', $user_list);
1346 }
1347 $result = $db->sql_query($sql);
1348
1349 $id_cache = array();
1350 while ($row = $db->sql_fetchrow($result))
1351 {
1352 $row['session_time'] = (!empty($session_times[$row['user_id']])) ? $session_times[$row['user_id']] : 0;
1353 $row['last_visit'] = (!empty($row['session_time'])) ? $row['session_time'] : $row['user_lastvisit'];
1354
1355 $id_cache[$row['user_id']] = $row;
1356 }
1357 $db->sql_freeresult($result);
1358
1359 // Load custom profile fields
1360 if ($config['load_cpf_memberlist'])
1361 {
1362 include_once($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
1363 $cp = new custom_profile();
1364
1365 // Grab all profile fields from users in id cache for later use - similar to the poster cache
1366 $profile_fields_cache = $cp->generate_profile_fields_template('grab', $user_list);
1367 }
1368
1369 // If we sort by last active date we need to adjust the id cache due to user_lastvisit not being the last active date...
1370 if ($sort_key == 'l')
1371 {
1372 $lesser_than = ($sort_dir == 'a') ? -1 : 1;
1373 uasort($id_cache, create_function('$first, $second', "return (\$first['last_visit'] == \$second['last_visit']) ? 0 : ((\$first['last_visit'] < \$second['last_visit']) ? $lesser_than : ($lesser_than * -1));"));
1374 }
1375
1376 for ($i = 0, $end = sizeof($user_list); $i < $end; ++$i)
1377 {
1378 $user_id = $user_list[$i];
1379 $row =& $id_cache[$user_id];
1380
1381 $cp_row = array();
1382 if ($config['load_cpf_memberlist'])
1383 {
1384 $cp_row = (isset($profile_fields_cache[$user_id])) ? $cp->generate_profile_fields_template('show', false, $profile_fields_cache[$user_id]) : array();
1385 }
1386
1387 $memberrow = array_merge(show_profile($row), array(
1388 'ROW_NUMBER' => $i + ($start + 1),
1389
1390 'S_CUSTOM_PROFILE' => (isset($cp_row['row']) && sizeof($cp_row['row'])) ? true : false,
1391 'S_GROUP_LEADER' => (isset($row['group_leader']) && $row['group_leader']) ? true : false,
1392
1393 'U_VIEW_PROFILE' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $user_id))
1394 );
1395
1396 if (isset($cp_row['row']) && sizeof($cp_row['row']))
1397 {
1398 $memberrow = array_merge($memberrow, $cp_row['row']);
1399 }
1400
1401 $template->assign_block_vars('memberrow', $memberrow);
1402
1403 if (isset($cp_row['blockrow']) && sizeof($cp_row['blockrow']))
1404 {
1405 foreach ($cp_row['blockrow'] as $field_data)
1406 {
1407 $template->assign_block_vars('memberrow.custom_fields', $field_data);
1408 }
1409 }
1410
1411 unset($id_cache[$user_id]);
1412 }
1413 }
1414
1415 // Generate page
1416 $template->assign_vars(array(
1417 'PAGINATION' => generate_pagination($pagination_url, $total_users, $config['topics_per_page'], $start),
1418 'PAGE_NUMBER' => on_page($total_users, $config['topics_per_page'], $start),
1419 'TOTAL_USERS' => ($total_users == 1) ? $user->lang['LIST_USER'] : sprintf($user->lang['LIST_USERS'], $total_users),
1420
1421 'PROFILE_IMG' => $user->img('icon_user_profile', $user->lang['PROFILE']),
1422 'PM_IMG' => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']),
1423 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['EMAIL']),
1424 'WWW_IMG' => $user->img('icon_contact_www', $user->lang['WWW']),
1425 'ICQ_IMG' => $user->img('icon_contact_icq', $user->lang['ICQ']),
1426 'AIM_IMG' => $user->img('icon_contact_aim', $user->lang['AIM']),
1427 'MSN_IMG' => $user->img('icon_contact_msnm', $user->lang['MSNM']),
1428 'YIM_IMG' => $user->img('icon_contact_yahoo', $user->lang['YIM']),
1429 'JABBER_IMG' => $user->img('icon_contact_jabber', $user->lang['JABBER']),
1430 'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']),
1431
1432 'U_FIND_MEMBER' => ($config['load_search'] || $auth->acl_get('a_')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser') : '',
1433 'U_HIDE_FIND_MEMBER' => ($mode == 'searchuser') ? $u_hide_find_member : '',
1434 'U_SORT_USERNAME' => $sort_url . '&amp;sk=a&amp;sd=' . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'),
1435 'U_SORT_FROM' => $sort_url . '&amp;sk=b&amp;sd=' . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'),
1436 'U_SORT_JOINED' => $sort_url . '&amp;sk=c&amp;sd=' . (($sort_key == 'c' && $sort_dir == 'a') ? 'd' : 'a'),
1437 'U_SORT_POSTS' => $sort_url . '&amp;sk=d&amp;sd=' . (($sort_key == 'd' && $sort_dir == 'a') ? 'd' : 'a'),
1438 'U_SORT_EMAIL' => $sort_url . '&amp;sk=e&amp;sd=' . (($sort_key == 'e' && $sort_dir == 'a') ? 'd' : 'a'),
1439 'U_SORT_WEBSITE' => $sort_url . '&amp;sk=f&amp;sd=' . (($sort_key == 'f' && $sort_dir == 'a') ? 'd' : 'a'),
1440 'U_SORT_LOCATION' => $sort_url . '&amp;sk=b&amp;sd=' . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'),
1441 'U_SORT_ICQ' => $sort_url . '&amp;sk=g&amp;sd=' . (($sort_key == 'g' && $sort_dir == 'a') ? 'd' : 'a'),
1442 'U_SORT_AIM' => $sort_url . '&amp;sk=h&amp;sd=' . (($sort_key == 'h' && $sort_dir == 'a') ? 'd' : 'a'),
1443 'U_SORT_MSN' => $sort_url . '&amp;sk=i&amp;sd=' . (($sort_key == 'i' && $sort_dir == 'a') ? 'd' : 'a'),
1444 'U_SORT_YIM' => $sort_url . '&amp;sk=j&amp;sd=' . (($sort_key == 'j' && $sort_dir == 'a') ? 'd' : 'a'),
1445 'U_SORT_ACTIVE' => ($auth->acl_get('u_viewonline')) ? $sort_url . '&amp;sk=l&amp;sd=' . (($sort_key == 'l' && $sort_dir == 'a') ? 'd' : 'a') : '',
1446 'U_SORT_RANK' => $sort_url . '&amp;sk=m&amp;sd=' . (($sort_key == 'm' && $sort_dir == 'a') ? 'd' : 'a'),
1447 'U_LIST_CHAR' => $sort_url . '&amp;sk=a&amp;sd=' . (($sort_key == 'l' && $sort_dir == 'a') ? 'd' : 'a'),
1448
1449 'S_SHOW_GROUP' => ($mode == 'group') ? true : false,
1450 'S_VIEWONLINE' => $auth->acl_get('u_viewonline'),
1451 'S_MODE_SELECT' => $s_sort_key,
1452 'S_ORDER_SELECT' => $s_sort_dir,
1453 'S_CHAR_OPTIONS' => $s_char_options,
1454 'S_MODE_ACTION' => $pagination_url)
1455 );
1456 }
1457
1458 // Output the page
1459 page_header($page_title);
1460
1461 $template->set_filenames(array(
1462 'body' => $template_html)
1463 );
1464 make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
1465
1466 page_footer();
1467
1468 /**
1469 * Prepare profile data
1470 */
1471 function show_profile($data)
1472 {
1473 global $config, $auth, $template, $user, $phpEx, $phpbb_root_path;
1474
1475 $username = $data['username'];
1476 $user_id = $data['user_id'];
1477
1478 $rank_title = $rank_img = $rank_img_src = '';
1479 get_user_rank($data['user_rank'], $data['user_posts'], $rank_title, $rank_img, $rank_img_src);
1480
1481 if (!empty($data['user_allow_viewemail']) || $auth->acl_get('a_email'))
1482 {
1483 $email = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=email&amp;u=' . $user_id) : (($config['board_hide_emails'] && !$auth->acl_get('a_email')) ? '' : 'mailto:' . $data['user_email']);
1484 }
1485 else
1486 {
1487 $email = '';
1488 }
1489
1490 if ($config['load_onlinetrack'])
1491 {
1492 $update_time = $config['load_online_time'] * 60;
1493 $online = (time() - $update_time < $data['session_time'] && ((isset($data['session_viewonline']) && $data['session_viewonline']) || $auth->acl_get('u_viewonline'))) ? true : false;
1494 }
1495 else
1496 {
1497 $online = false;
1498 }
1499
1500 if ($data['user_allow_viewonline'] || $auth->acl_get('u_viewonline'))
1501 {
1502 $last_visit = (!empty($data['session_time'])) ? $data['session_time'] : $data['user_lastvisit'];
1503 }
1504 else
1505 {
1506 $last_visit = '';
1507 }
1508
1509 $age = '';
1510
1511 if ($config['allow_birthdays'] && $data['user_birthday'])
1512 {
1513 list($bday_day, $bday_month, $bday_year) = array_map('intval', explode('-', $data['user_birthday']));
1514
1515 if ($bday_year)
1516 {
1517 $now = getdate(time() + $user->timezone + $user->dst - date('Z'));
1518
1519 $diff = $now['mon'] - $bday_month;
1520 if ($diff == 0)
1521 {
1522 $diff = ($now['mday'] - $bday_day < 0) ? 1 : 0;
1523 }
1524 else
1525 {
1526 $diff = ($diff < 0) ? 1 : 0;
1527 }
1528
1529 $age = (int) ($now['year'] - $bday_year - $diff);
1530 }
1531 }
1532
1533 // Dump it out to the template
1534 return array(
1535 'AGE' => $age,
1536 'RANK_TITLE' => $rank_title,
1537 'JOINED' => $user->format_date($data['user_regdate']),
1538 'VISITED' => (empty($last_visit)) ? ' - ' : $user->format_date($last_visit),
1539 'POSTS' => ($data['user_posts']) ? $data['user_posts'] : 0,
1540 'WARNINGS' => isset($data['user_warnings']) ? $data['user_warnings'] : 0,
1541
1542 'USERNAME_FULL' => get_username_string('full', $user_id, $username, $data['user_colour']),
1543 'USERNAME' => get_username_string('username', $user_id, $username, $data['user_colour']),
1544 'USER_COLOR' => get_username_string('colour', $user_id, $username, $data['user_colour']),
1545 'U_VIEW_PROFILE' => get_username_string('profile', $user_id, $username, $data['user_colour']),
1546
1547 'A_USERNAME' => addslashes(get_username_string('username', $user_id, $username, $data['user_colour'])),
1548
1549 'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : (($online) ? $user->img('icon_user_online', 'ONLINE') : $user->img('icon_user_offline', 'OFFLINE')),
1550 'S_ONLINE' => ($config['load_onlinetrack'] && $online) ? true : false,
1551 'RANK_IMG' => $rank_img,
1552 'RANK_IMG_SRC' => $rank_img_src,
1553 'ICQ_STATUS_IMG' => (!empty($data['user_icq'])) ? '<img src="http://web.icq.com/whitepages/online?icq=' . $data['user_icq'] . '&amp;img=5" width="18" height="18" />' : '',
1554 'S_JABBER_ENABLED' => ($config['jab_enable']) ? true : false,
1555
1556 'U_SEARCH_USER' => ($auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id=$user_id&amp;sr=posts") : '',
1557 'U_NOTES' => $auth->acl_getf_global('m_') ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $user_id, true, $user->session_id) : '',
1558 'U_WARN' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user&amp;u=' . $user_id, true, $user->session_id) : '',
1559 'U_PM' => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($data['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;u=' . $user_id) : '',
1560 'U_EMAIL' => $email,
1561 'U_WWW' => (!empty($data['user_website'])) ? $data['user_website'] : '',
1562 'U_ICQ' => ($data['user_icq']) ? 'http://www.icq.com/people/webmsg.php?to=' . urlencode($data['user_icq']) : '',
1563 'U_AIM' => ($data['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&amp;action=aim&amp;u=' . $user_id) : '',
1564 'U_YIM' => ($data['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($data['user_yim']) . '&amp;.src=pg' : '',
1565 'U_MSN' => ($data['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&amp;action=msnm&amp;u=' . $user_id) : '',
1566 'U_JABBER' => ($data['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&amp;action=jabber&amp;u=' . $user_id) : '',
1567 'LOCATION' => ($data['user_from']) ? $data['user_from'] : '',
1568
1569 'USER_ICQ' => $data['user_icq'],
1570 'USER_AIM' => $data['user_aim'],
1571 'USER_YIM' => $data['user_yim'],
1572 'USER_MSN' => $data['user_msnm'],
1573 'USER_JABBER' => $data['user_jabber'],
1574 'USER_JABBER_IMG' => ($data['user_jabber']) ? $user->img('icon_contact_jabber', $data['user_jabber']) : '',
1575
1576 'L_VIEWING_PROFILE' => sprintf($user->lang['VIEWING_PROFILE'], $username),
1577 );
1578 }
1579
1580 ?>
phpbb is a php-based BBS (buletin board system)