When viewing your own profile page, you now get an "edit" link that take you to "My Account"
1.1 --- a/public_html/docs/history Sun Oct 04 13:32:11 2009 +0200
1.2 +++ b/public_html/docs/history Sun Oct 04 13:51:37 2009 +0200
1.3 @@ -3,6 +3,8 @@
1.4 Oct ??, 2009 (1.6.1)
1.5 ------------
1.6
1.7 +- When viewing your own profile page, you now get an "edit" link that take you
1.8 + to "My Account" [Dirk]
1.9 - Additional checks in "Mail Story to a Friend", "Send mail to user", and
1.10 "Mail Users" dialogs to make sure users don't enter email addresses into the
1.11 name fields (bug #0000992) [Dirk]
2.1 --- a/public_html/users.php Sun Oct 04 13:32:11 2009 +0200
2.2 +++ b/public_html/users.php Sun Oct 04 13:51:37 2009 +0200
2.3 @@ -59,75 +59,76 @@
2.4 *
2.5 * This grabs the user profile for a given user and displays it
2.6 *
2.7 -* @param int $user User ID of profile to get
2.8 +* @param int $uid User ID of profile to get
2.9 * @param int $msg Message to display (if != 0)
2.10 * @param string $plugin optional plugin name for message
2.11 * @return string HTML for user profile page
2.12 *
2.13 */
2.14 -function userprofile($user, $msg = 0, $plugin = '')
2.15 +function userprofile($uid, $msg = 0, $plugin = '')
2.16 {
2.17 - global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN;
2.18 + global $_CONF, $_TABLES, $_USER, $_IMAGE_TYPE,
2.19 + $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN, $LANG_ADMIN;
2.20
2.21 $retval = '';
2.22 - if (empty ($_USER['username']) &&
2.23 + if (empty($_USER['username']) &&
2.24 (($_CONF['loginrequired'] == 1) || ($_CONF['profileloginrequired'] == 1))) {
2.25 - $retval .= COM_siteHeader ('menu', $LANG_LOGIN[1]);
2.26 - $retval .= COM_startBlock ($LANG_LOGIN[1], '',
2.27 - COM_getBlockTemplate ('_msg_block', 'header'));
2.28 + $retval .= COM_siteHeader('menu', $LANG_LOGIN[1]);
2.29 + $retval .= COM_startBlock($LANG_LOGIN[1], '',
2.30 + COM_getBlockTemplate('_msg_block', 'header'));
2.31 $login = new Template($_CONF['path_layout'] . 'submit');
2.32 - $login->set_file (array ('login'=>'submitloginrequired.thtml'));
2.33 - $login->set_var ( 'xhtml', XHTML );
2.34 - $login->set_var ('login_message', $LANG_LOGIN[2]);
2.35 - $login->set_var ('site_url', $_CONF['site_url']);
2.36 - $login->set_var ('site_admin_url', $_CONF['site_admin_url']);
2.37 - $login->set_var ('layout_url', $_CONF['layout_url']);
2.38 - $login->set_var ('lang_login', $LANG_LOGIN[3]);
2.39 - $login->set_var ('lang_newuser', $LANG_LOGIN[4]);
2.40 - $login->parse ('output', 'login');
2.41 - $retval .= $login->finish ($login->get_var('output'));
2.42 - $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
2.43 - $retval .= COM_siteFooter ();
2.44 + $login->set_file(array('login'=>'submitloginrequired.thtml'));
2.45 + $login->set_var('xhtml', XHTML);
2.46 + $login->set_var('login_message', $LANG_LOGIN[2]);
2.47 + $login->set_var('site_url', $_CONF['site_url']);
2.48 + $login->set_var('site_admin_url', $_CONF['site_admin_url']);
2.49 + $login->set_var('layout_url', $_CONF['layout_url']);
2.50 + $login->set_var('lang_login', $LANG_LOGIN[3]);
2.51 + $login->set_var('lang_newuser', $LANG_LOGIN[4]);
2.52 + $login->parse('output', 'login');
2.53 + $retval .= $login->finish($login->get_var('output'));
2.54 + $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
2.55 + $retval .= COM_siteFooter();
2.56
2.57 return $retval;
2.58 }
2.59
2.60 - $result = DB_query ("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email,status FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = $user");
2.61 - $nrows = DB_numRows ($result);
2.62 + $result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email,status FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = $uid");
2.63 + $nrows = DB_numRows($result);
2.64 if ($nrows == 0) { // no such user
2.65 - return COM_refresh ($_CONF['site_url'] . '/index.php');
2.66 + return COM_refresh($_CONF['site_url'] . '/index.php');
2.67 }
2.68 - $A = DB_fetchArray ($result);
2.69 + $A = DB_fetchArray($result);
2.70
2.71 - if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights ('user.edit')) {
2.72 - COM_displayMessageAndAbort (30, '', 403, 'Forbidden');
2.73 + if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) {
2.74 + COM_displayMessageAndAbort(30, '', 403, 'Forbidden');
2.75 }
2.76
2.77 - $display_name = htmlspecialchars(COM_getDisplayName($user, $A['username'],
2.78 + $display_name = htmlspecialchars(COM_getDisplayName($uid, $A['username'],
2.79 $A['fullname']));
2.80
2.81 - $retval .= COM_siteHeader ('menu', $LANG04[1] . ' ' . $display_name);
2.82 + $retval .= COM_siteHeader('menu', $LANG04[1] . ' ' . $display_name);
2.83 if ($msg > 0) {
2.84 $retval .= COM_showMessage($msg, $plugin);
2.85 }
2.86
2.87 // format date/time to user preference
2.88 - $curtime = COM_getUserDateTimeFormat ($A['regdate']);
2.89 + $curtime = COM_getUserDateTimeFormat($A['regdate']);
2.90 $A['regdate'] = $curtime[0];
2.91
2.92 - $user_templates = new Template ($_CONF['path_layout'] . 'users');
2.93 - $user_templates->set_file (array ('profile' => 'profile.thtml',
2.94 - 'row' => 'commentrow.thtml',
2.95 - 'strow' => 'storyrow.thtml'));
2.96 - $user_templates->set_var ('xhtml', XHTML);
2.97 - $user_templates->set_var ('site_url', $_CONF['site_url']);
2.98 - $user_templates->set_var ('start_block_userprofile',
2.99 - COM_startBlock ($LANG04[1] . ' ' . $display_name));
2.100 - $user_templates->set_var ('end_block', COM_endBlock ());
2.101 - $user_templates->set_var ('lang_username', $LANG04[2]);
2.102 + $user_templates = new Template($_CONF['path_layout'] . 'users');
2.103 + $user_templates->set_file(array('profile' => 'profile.thtml',
2.104 + 'row' => 'commentrow.thtml',
2.105 + 'strow' => 'storyrow.thtml'));
2.106 + $user_templates->set_var('xhtml', XHTML);
2.107 + $user_templates->set_var('site_url', $_CONF['site_url']);
2.108 + $user_templates->set_var('start_block_userprofile',
2.109 + COM_startBlock($LANG04[1] . ' ' . $display_name));
2.110 + $user_templates->set_var('end_block', COM_endBlock());
2.111 + $user_templates->set_var('lang_username', $LANG04[2]);
2.112
2.113 if ($_CONF['show_fullname'] == 1) {
2.114 - if (empty ($A['fullname'])) {
2.115 + if (empty($A['fullname'])) {
2.116 $username = $A['username'];
2.117 $fullname = '';
2.118 } else {
2.119 @@ -142,38 +143,46 @@
2.120 $fullname = htmlspecialchars($fullname);
2.121
2.122 if ($A['status'] == USER_ACCOUNT_DISABLED) {
2.123 - $username = sprintf ('<s title="%s">%s</s>', $LANG28[42], $username);
2.124 - if (!empty ($fullname)) {
2.125 - $fullname = sprintf ('<s title="%s">%s</s>', $LANG28[42], $fullname);
2.126 + $username = sprintf('<s title="%s">%s</s>', $LANG28[42], $username);
2.127 + if (!empty($fullname)) {
2.128 + $fullname = sprintf('<s title="%s">%s</s>', $LANG28[42], $fullname);
2.129 }
2.130 }
2.131
2.132 - $user_templates->set_var ('username', $username);
2.133 - $user_templates->set_var ('user_fullname', $fullname);
2.134 + $user_templates->set_var('username', $username);
2.135 + $user_templates->set_var('user_fullname', $fullname);
2.136
2.137 - if (SEC_hasRights ('user.edit')) {
2.138 - global $_IMAGE_TYPE, $LANG_ADMIN;
2.139 -
2.140 + if (!COM_isAnonUser() && ($_USER['uid'] == $uid)) {
2.141 + $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.'
2.142 + . $_IMAGE_TYPE . '" alt="' . $LANG01[48]
2.143 + . '" title="' . $LANG01[48] . '"' . XHTML . '>';
2.144 + $edit_link_url = COM_createLink($edit_icon,
2.145 + $_CONF['site_url'] . '/usersettings.php');
2.146 + $user_templates->set_var('edit_icon', $edit_icon);
2.147 + $user_templates->set_var('edit_link', $edit_link_url);
2.148 + $user_templates->set_var('user_edit', $edit_link_url);
2.149 + } elseif (SEC_hasRights('user.edit')) {
2.150 $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.'
2.151 . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit']
2.152 . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>';
2.153 $edit_link_url = COM_createLink($edit_icon,
2.154 "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}");
2.155 - $user_templates->set_var ('edit_icon', $edit_icon);
2.156 - $user_templates->set_var ('edit_link', $edit_link_url);
2.157 - $user_templates->set_var ('user_edit', $edit_link_url);
2.158 + $user_templates->set_var('edit_icon', $edit_icon);
2.159 + $user_templates->set_var('edit_link', $edit_link_url);
2.160 + $user_templates->set_var('user_edit', $edit_link_url);
2.161 }
2.162
2.163 if (isset ($A['photo']) && empty ($A['photo'])) {
2.164 $A['photo'] = '(none)'; // user does not have a photo
2.165 }
2.166 - $photo = USER_getPhoto ($user, $A['photo'], $A['email'], -1);
2.167 + $photo = USER_getPhoto ($uid, $A['photo'], $A['email'], -1);
2.168 $user_templates->set_var ('user_photo', $photo);
2.169
2.170 $user_templates->set_var ('lang_membersince', $LANG04[67]);
2.171 $user_templates->set_var ('user_regdate', $A['regdate']);
2.172 $user_templates->set_var ('lang_email', $LANG04[5]);
2.173 - $user_templates->set_var ('user_id', $user);
2.174 + $user_templates->set_var ('user_id', $uid);
2.175 + $user_templates->set_var ('uid', $uid);
2.176 $user_templates->set_var ('lang_sendemail', $LANG04[81]);
2.177 $user_templates->set_var ('lang_homepage', $LANG04[6]);
2.178 $user_templates->set_var ('user_homepage', COM_killJS ($A['homepage']));
2.179 @@ -209,7 +218,7 @@
2.180
2.181 // list of last 10 stories by this user
2.182 if (count($tids) > 0) {
2.183 - $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = $user) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ($topics))" . COM_getPermSQL ('AND');
2.184 + $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = $uid) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ($topics))" . COM_getPermSQL ('AND');
2.185 $sql .= " ORDER BY unixdate DESC LIMIT 10";
2.186 $result = DB_query ($sql);
2.187 $nrows = DB_numRows ($result);
2.188 @@ -257,7 +266,7 @@
2.189 $sidList = "'$sidList'";
2.190
2.191 // then, find all comments by the user in those stories
2.192 - $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = $user) GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
2.193 + $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = $uid) GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
2.194
2.195 // SQL NOTE: Using a HAVING clause is usually faster than a where if the
2.196 // field is part of the select
2.197 @@ -295,12 +304,12 @@
2.198
2.199 // posting stats for this user
2.200 $user_templates->set_var ('lang_number_stories', $LANG04[84]);
2.201 - $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = $user) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL ('AND');
2.202 + $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = $uid) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL ('AND');
2.203 $result = DB_query($sql);
2.204 $N = DB_fetchArray ($result);
2.205 $user_templates->set_var ('number_stories', COM_numberFormat ($N['count']));
2.206 $user_templates->set_var ('lang_number_comments', $LANG04[85]);
2.207 - $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = $user)";
2.208 + $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = $uid)";
2.209 if (!empty ($sidList)) {
2.210 $sql .= " AND (sid in ($sidList))";
2.211 }
2.212 @@ -312,14 +321,14 @@
2.213
2.214 // Call custom registration function if enabled and exists
2.215 if ($_CONF['custom_registration'] && function_exists ('CUSTOM_userDisplay') ) {
2.216 - $user_templates->set_var ('customfields', CUSTOM_userDisplay ($user));
2.217 + $user_templates->set_var ('customfields', CUSTOM_userDisplay ($uid));
2.218 }
2.219 - PLG_profileVariablesDisplay ($user, $user_templates);
2.220 + PLG_profileVariablesDisplay ($uid, $user_templates);
2.221
2.222 $user_templates->parse ('output', 'profile');
2.223 $retval .= $user_templates->finish ($user_templates->get_var ('output'));
2.224
2.225 - $retval .= PLG_profileBlocksDisplay ($user);
2.226 + $retval .= PLG_profileBlocksDisplay ($uid);
2.227 $retval .= COM_siteFooter ();
2.228
2.229 return $retval;