1.1 --- a/public_html/users.php Mon Sep 14 20:11:17 2009 +0200
1.2 +++ b/public_html/users.php Sun Oct 04 13:51:37 2009 +0200
1.3 @@ -59,75 +59,76 @@
1.4 *
1.5 * This grabs the user profile for a given user and displays it
1.6 *
1.7 -* @param int $user User ID of profile to get
1.8 +* @param int $uid User ID of profile to get
1.9 * @param int $msg Message to display (if != 0)
1.10 * @param string $plugin optional plugin name for message
1.11 * @return string HTML for user profile page
1.12 *
1.13 */
1.14 -function userprofile($user, $msg = 0, $plugin = '')
1.15 +function userprofile($uid, $msg = 0, $plugin = '')
1.16 {
1.17 - global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN;
1.18 + global $_CONF, $_TABLES, $_USER, $_IMAGE_TYPE,
1.19 + $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN, $LANG_ADMIN;
1.20
1.21 $retval = '';
1.22 - if (empty ($_USER['username']) &&
1.23 + if (empty($_USER['username']) &&
1.24 (($_CONF['loginrequired'] == 1) || ($_CONF['profileloginrequired'] == 1))) {
1.25 - $retval .= COM_siteHeader ('menu', $LANG_LOGIN[1]);
1.26 - $retval .= COM_startBlock ($LANG_LOGIN[1], '',
1.27 - COM_getBlockTemplate ('_msg_block', 'header'));
1.28 + $retval .= COM_siteHeader('menu', $LANG_LOGIN[1]);
1.29 + $retval .= COM_startBlock($LANG_LOGIN[1], '',
1.30 + COM_getBlockTemplate('_msg_block', 'header'));
1.31 $login = new Template($_CONF['path_layout'] . 'submit');
1.32 - $login->set_file (array ('login'=>'submitloginrequired.thtml'));
1.33 - $login->set_var ( 'xhtml', XHTML );
1.34 - $login->set_var ('login_message', $LANG_LOGIN[2]);
1.35 - $login->set_var ('site_url', $_CONF['site_url']);
1.36 - $login->set_var ('site_admin_url', $_CONF['site_admin_url']);
1.37 - $login->set_var ('layout_url', $_CONF['layout_url']);
1.38 - $login->set_var ('lang_login', $LANG_LOGIN[3]);
1.39 - $login->set_var ('lang_newuser', $LANG_LOGIN[4]);
1.40 - $login->parse ('output', 'login');
1.41 - $retval .= $login->finish ($login->get_var('output'));
1.42 - $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
1.43 - $retval .= COM_siteFooter ();
1.44 + $login->set_file(array('login'=>'submitloginrequired.thtml'));
1.45 + $login->set_var('xhtml', XHTML);
1.46 + $login->set_var('login_message', $LANG_LOGIN[2]);
1.47 + $login->set_var('site_url', $_CONF['site_url']);
1.48 + $login->set_var('site_admin_url', $_CONF['site_admin_url']);
1.49 + $login->set_var('layout_url', $_CONF['layout_url']);
1.50 + $login->set_var('lang_login', $LANG_LOGIN[3]);
1.51 + $login->set_var('lang_newuser', $LANG_LOGIN[4]);
1.52 + $login->parse('output', 'login');
1.53 + $retval .= $login->finish($login->get_var('output'));
1.54 + $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
1.55 + $retval .= COM_siteFooter();
1.56
1.57 return $retval;
1.58 }
1.59
1.60 - $result = DB_query ("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email,status FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = $user");
1.61 - $nrows = DB_numRows ($result);
1.62 + $result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email,status FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = $uid");
1.63 + $nrows = DB_numRows($result);
1.64 if ($nrows == 0) { // no such user
1.65 - return COM_refresh ($_CONF['site_url'] . '/index.php');
1.66 + return COM_refresh($_CONF['site_url'] . '/index.php');
1.67 }
1.68 - $A = DB_fetchArray ($result);
1.69 + $A = DB_fetchArray($result);
1.70
1.71 - if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights ('user.edit')) {
1.72 - COM_displayMessageAndAbort (30, '', 403, 'Forbidden');
1.73 + if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) {
1.74 + COM_displayMessageAndAbort(30, '', 403, 'Forbidden');
1.75 }
1.76
1.77 - $display_name = htmlspecialchars(COM_getDisplayName($user, $A['username'],
1.78 + $display_name = htmlspecialchars(COM_getDisplayName($uid, $A['username'],
1.79 $A['fullname']));
1.80
1.81 - $retval .= COM_siteHeader ('menu', $LANG04[1] . ' ' . $display_name);
1.82 + $retval .= COM_siteHeader('menu', $LANG04[1] . ' ' . $display_name);
1.83 if ($msg > 0) {
1.84 $retval .= COM_showMessage($msg, $plugin);
1.85 }
1.86
1.87 // format date/time to user preference
1.88 - $curtime = COM_getUserDateTimeFormat ($A['regdate']);
1.89 + $curtime = COM_getUserDateTimeFormat($A['regdate']);
1.90 $A['regdate'] = $curtime[0];
1.91
1.92 - $user_templates = new Template ($_CONF['path_layout'] . 'users');
1.93 - $user_templates->set_file (array ('profile' => 'profile.thtml',
1.94 - 'row' => 'commentrow.thtml',
1.95 - 'strow' => 'storyrow.thtml'));
1.96 - $user_templates->set_var ('xhtml', XHTML);
1.97 - $user_templates->set_var ('site_url', $_CONF['site_url']);
1.98 - $user_templates->set_var ('start_block_userprofile',
1.99 - COM_startBlock ($LANG04[1] . ' ' . $display_name));
1.100 - $user_templates->set_var ('end_block', COM_endBlock ());
1.101 - $user_templates->set_var ('lang_username', $LANG04[2]);
1.102 + $user_templates = new Template($_CONF['path_layout'] . 'users');
1.103 + $user_templates->set_file(array('profile' => 'profile.thtml',
1.104 + 'row' => 'commentrow.thtml',
1.105 + 'strow' => 'storyrow.thtml'));
1.106 + $user_templates->set_var('xhtml', XHTML);
1.107 + $user_templates->set_var('site_url', $_CONF['site_url']);
1.108 + $user_templates->set_var('start_block_userprofile',
1.109 + COM_startBlock($LANG04[1] . ' ' . $display_name));
1.110 + $user_templates->set_var('end_block', COM_endBlock());
1.111 + $user_templates->set_var('lang_username', $LANG04[2]);
1.112
1.113 if ($_CONF['show_fullname'] == 1) {
1.114 - if (empty ($A['fullname'])) {
1.115 + if (empty($A['fullname'])) {
1.116 $username = $A['username'];
1.117 $fullname = '';
1.118 } else {
1.119 @@ -142,38 +143,46 @@
1.120 $fullname = htmlspecialchars($fullname);
1.121
1.122 if ($A['status'] == USER_ACCOUNT_DISABLED) {
1.123 - $username = sprintf ('<s title="%s">%s</s>', $LANG28[42], $username);
1.124 - if (!empty ($fullname)) {
1.125 - $fullname = sprintf ('<s title="%s">%s</s>', $LANG28[42], $fullname);
1.126 + $username = sprintf('<s title="%s">%s</s>', $LANG28[42], $username);
1.127 + if (!empty($fullname)) {
1.128 + $fullname = sprintf('<s title="%s">%s</s>', $LANG28[42], $fullname);
1.129 }
1.130 }
1.131
1.132 - $user_templates->set_var ('username', $username);
1.133 - $user_templates->set_var ('user_fullname', $fullname);
1.134 + $user_templates->set_var('username', $username);
1.135 + $user_templates->set_var('user_fullname', $fullname);
1.136
1.137 - if (SEC_hasRights ('user.edit')) {
1.138 - global $_IMAGE_TYPE, $LANG_ADMIN;
1.139 -
1.140 + if (!COM_isAnonUser() && ($_USER['uid'] == $uid)) {
1.141 + $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.'
1.142 + . $_IMAGE_TYPE . '" alt="' . $LANG01[48]
1.143 + . '" title="' . $LANG01[48] . '"' . XHTML . '>';
1.144 + $edit_link_url = COM_createLink($edit_icon,
1.145 + $_CONF['site_url'] . '/usersettings.php');
1.146 + $user_templates->set_var('edit_icon', $edit_icon);
1.147 + $user_templates->set_var('edit_link', $edit_link_url);
1.148 + $user_templates->set_var('user_edit', $edit_link_url);
1.149 + } elseif (SEC_hasRights('user.edit')) {
1.150 $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.'
1.151 . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit']
1.152 . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>';
1.153 $edit_link_url = COM_createLink($edit_icon,
1.154 "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}");
1.155 - $user_templates->set_var ('edit_icon', $edit_icon);
1.156 - $user_templates->set_var ('edit_link', $edit_link_url);
1.157 - $user_templates->set_var ('user_edit', $edit_link_url);
1.158 + $user_templates->set_var('edit_icon', $edit_icon);
1.159 + $user_templates->set_var('edit_link', $edit_link_url);
1.160 + $user_templates->set_var('user_edit', $edit_link_url);
1.161 }
1.162
1.163 if (isset ($A['photo']) && empty ($A['photo'])) {
1.164 $A['photo'] = '(none)'; // user does not have a photo
1.165 }
1.166 - $photo = USER_getPhoto ($user, $A['photo'], $A['email'], -1);
1.167 + $photo = USER_getPhoto ($uid, $A['photo'], $A['email'], -1);
1.168 $user_templates->set_var ('user_photo', $photo);
1.169
1.170 $user_templates->set_var ('lang_membersince', $LANG04[67]);
1.171 $user_templates->set_var ('user_regdate', $A['regdate']);
1.172 $user_templates->set_var ('lang_email', $LANG04[5]);
1.173 - $user_templates->set_var ('user_id', $user);
1.174 + $user_templates->set_var ('user_id', $uid);
1.175 + $user_templates->set_var ('uid', $uid);
1.176 $user_templates->set_var ('lang_sendemail', $LANG04[81]);
1.177 $user_templates->set_var ('lang_homepage', $LANG04[6]);
1.178 $user_templates->set_var ('user_homepage', COM_killJS ($A['homepage']));
1.179 @@ -209,7 +218,7 @@
1.180
1.181 // list of last 10 stories by this user
1.182 if (count($tids) > 0) {
1.183 - $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = $user) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ($topics))" . COM_getPermSQL ('AND');
1.184 + $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = $uid) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ($topics))" . COM_getPermSQL ('AND');
1.185 $sql .= " ORDER BY unixdate DESC LIMIT 10";
1.186 $result = DB_query ($sql);
1.187 $nrows = DB_numRows ($result);
1.188 @@ -257,7 +266,7 @@
1.189 $sidList = "'$sidList'";
1.190
1.191 // then, find all comments by the user in those stories
1.192 - $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = $user) GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
1.193 + $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = $uid) GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
1.194
1.195 // SQL NOTE: Using a HAVING clause is usually faster than a where if the
1.196 // field is part of the select
1.197 @@ -295,12 +304,12 @@
1.198
1.199 // posting stats for this user
1.200 $user_templates->set_var ('lang_number_stories', $LANG04[84]);
1.201 - $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = $user) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL ('AND');
1.202 + $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = $uid) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL ('AND');
1.203 $result = DB_query($sql);
1.204 $N = DB_fetchArray ($result);
1.205 $user_templates->set_var ('number_stories', COM_numberFormat ($N['count']));
1.206 $user_templates->set_var ('lang_number_comments', $LANG04[85]);
1.207 - $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = $user)";
1.208 + $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = $uid)";
1.209 if (!empty ($sidList)) {
1.210 $sql .= " AND (sid in ($sidList))";
1.211 }
1.212 @@ -312,14 +321,14 @@
1.213
1.214 // Call custom registration function if enabled and exists
1.215 if ($_CONF['custom_registration'] && function_exists ('CUSTOM_userDisplay') ) {
1.216 - $user_templates->set_var ('customfields', CUSTOM_userDisplay ($user));
1.217 + $user_templates->set_var ('customfields', CUSTOM_userDisplay ($uid));
1.218 }
1.219 - PLG_profileVariablesDisplay ($user, $user_templates);
1.220 + PLG_profileVariablesDisplay ($uid, $user_templates);
1.221
1.222 $user_templates->parse ('output', 'profile');
1.223 $retval .= $user_templates->finish ($user_templates->get_var ('output'));
1.224
1.225 - $retval .= PLG_profileBlocksDisplay ($user);
1.226 + $retval .= PLG_profileBlocksDisplay ($uid);
1.227 $retval .= COM_siteFooter ();
1.228
1.229 return $retval;