[ Index ]

PHP Cross Reference of MyBB 1.8.15

title

Body

[close]

/ -> memberlist.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'memberlist.php');
  13  
  14  $templatelist = "memberlist,memberlist_search,memberlist_user,memberlist_user_groupimage,memberlist_user_avatar,memberlist_user_userstar,memberlist_search_contact_field,memberlist_referrals,memberlist_referrals_bit";
  15  $templatelist .= ",multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,memberlist_error,memberlist_orderarrow";
  16  
  17  require_once  "./global.php";
  18  
  19  // Load global language phrases
  20  $lang->load("memberlist");
  21  
  22  if($mybb->settings['enablememberlist'] == 0)
  23  {
  24      error($lang->memberlist_disabled);
  25  }
  26  
  27  $plugins->run_hooks("memberlist_start");
  28  
  29  add_breadcrumb($lang->nav_memberlist, "memberlist.php");
  30  
  31  if($mybb->usergroup['canviewmemberlist'] == 0)
  32  {
  33      error_no_permission();
  34  }
  35  
  36  // Showing advanced search page?
  37  if($mybb->get_input('action') == "search")
  38  {
  39      $plugins->run_hooks("memberlist_search");
  40      add_breadcrumb($lang->nav_memberlist_search);
  41  
  42      $contact_fields = array();
  43      foreach(array('aim', 'skype', 'google', 'yahoo', 'icq') as $field)
  44      {
  45          $contact_fields[$field] = '';
  46          $settingkey = 'allow'.$field.'field';
  47  
  48          if($mybb->settings[$settingkey] != '' && is_member($mybb->settings[$settingkey], array('usergroup' => $mybb->usergroup['usergroup'], 'additionalgroups' => $mybb->usergroup['additionalgroups'])))
  49          {
  50              $tmpl = 'memberlist_search_'.$field;
  51  
  52              $lang_string = 'search_'.$field;
  53              $lang_string = $lang->{$lang_string};
  54  
  55              $bgcolors[$field] = alt_trow();
  56              eval('$contact_fields[\''.$field.'\'] = "'.$templates->get('memberlist_search_contact_field').'";');
  57          }
  58      }
  59  
  60      eval("\$search_page = \"".$templates->get("memberlist_search")."\";");
  61      output_page($search_page);
  62  }
  63  else
  64  {
  65      $colspan = 6;
  66      $search_url = '';
  67  
  68      // Incoming sort field?
  69      if(isset($mybb->input['sort']))
  70      {
  71          $mybb->input['sort'] = strtolower($mybb->get_input('sort'));
  72      }
  73      else
  74      {
  75          $mybb->input['sort'] = $mybb->settings['default_memberlist_sortby'];
  76      }
  77  
  78      $sort_selected = array(
  79          'regdate' => '',
  80          'lastvisit' => '',
  81          'reputation' => '',
  82          'postnum' => '',
  83          'referrals' => '',
  84          'username' => ''
  85      );
  86  
  87      switch($mybb->input['sort'])
  88      {
  89          case "regdate":
  90              $sort_field = "u.regdate";
  91              break;
  92          case "lastvisit":
  93              $sort_field = "u.lastactive";
  94              break;
  95          case "reputation":
  96              $sort_field = "u.reputation";
  97              break;
  98          case "postnum":
  99              $sort_field = "u.postnum";
 100              break;
 101          case "threadnum":
 102              $sort_field = "u.threadnum";
 103              break;
 104          case "referrals":
 105              $sort_field = "u.referrals";
 106              break;
 107          default:
 108              $sort_field = "u.username";
 109              $mybb->input['sort'] = 'username';
 110              break;
 111      }
 112      $sort_selected[$mybb->input['sort']] = " selected=\"selected\"";
 113  
 114      // Incoming sort order?
 115      if(isset($mybb->input['order']))
 116      {
 117          $mybb->input['order'] = strtolower($mybb->input['order']);
 118      }
 119      else
 120      {
 121          $mybb->input['order'] = strtolower($mybb->settings['default_memberlist_order']);
 122      }
 123  
 124      $order_check = array('ascending' => '', 'descending' => '');
 125      if($mybb->input['order'] == "ascending" || (!$mybb->input['order'] && $mybb->input['sort'] == 'username'))
 126      {
 127          $sort_order = "ASC";
 128          $sortordernow = "ascending";
 129          $oppsort = $lang->desc;
 130          $oppsortnext = "descending";
 131          $mybb->input['order'] = "ascending";
 132      }
 133      else
 134      {
 135          $sort_order = "DESC";
 136          $sortordernow = "descending";
 137          $oppsort = $lang->asc;
 138          $oppsortnext = "ascending";
 139          $mybb->input['order'] = "descending";
 140      }
 141      $order_check[$mybb->input['order']] = " checked=\"checked\"";
 142  
 143      // Incoming results per page?
 144      $mybb->input['perpage'] = $mybb->get_input('perpage', MyBB::INPUT_INT);
 145      if($mybb->input['perpage'] > 0 && $mybb->input['perpage'] <= 500)
 146      {
 147          $per_page = $mybb->input['perpage'];
 148      }
 149      else if($mybb->settings['membersperpage'])
 150      {
 151          $per_page = $mybb->input['perpage'] = (int)$mybb->settings['membersperpage'];
 152      }
 153      else
 154      {
 155          $per_page = $mybb->input['perpage'] = 20;
 156      }
 157  
 158      $search_query = '1=1';
 159      $search_url = "";
 160  
 161      switch($db->type)
 162      {
 163          // PostgreSQL's LIKE is case sensitive
 164          case "pgsql":
 165              $like = "ILIKE";
 166              break;
 167          default:
 168              $like = "LIKE";
 169      }
 170  
 171      // Limiting results to a certain letter
 172      if(isset($mybb->input['letter']))
 173      {
 174          $letter = chr(ord($mybb->get_input('letter')));
 175          if($mybb->input['letter'] == -1)
 176          {
 177              $search_query .= " AND u.username NOT REGEXP('[a-zA-Z]')";
 178          }
 179          else if(strlen($letter) == 1)
 180          {
 181              $search_query .= " AND u.username {$like} '".$db->escape_string_like($letter)."%'";
 182          }
 183          $search_url .= "&letter={$letter}";
 184      }
 185  
 186      // Searching for a matching username
 187      $search_username = htmlspecialchars_uni(trim($mybb->get_input('username')));
 188      if($search_username != '')
 189      {
 190          $username_like_query = $db->escape_string_like($search_username);
 191  
 192          // Name begins with
 193          if($mybb->input['username_match'] == "begins")
 194          {
 195              $search_query .= " AND u.username {$like} '".$username_like_query."%'";
 196              $search_url .= "&username_match=begins";
 197          }
 198          // Just contains
 199          else
 200          {
 201              $search_query .= " AND u.username {$like} '%".$username_like_query."%'";
 202          }
 203  
 204          $search_url .= "&username=".urlencode($search_username);
 205      }
 206  
 207      // Website contains
 208      $mybb->input['website'] = trim($mybb->get_input('website'));
 209      $search_website = htmlspecialchars_uni($mybb->input['website']);
 210      if(trim($mybb->input['website']))
 211      {
 212          $search_query .= " AND u.website {$like} '%".$db->escape_string_like($mybb->input['website'])."%'";
 213          $search_url .= "&website=".urlencode($mybb->input['website']);
 214      }
 215  
 216      // Search by contact field input
 217      foreach(array('aim', 'icq', 'google', 'skype', 'yahoo') as $cfield)
 218      {
 219          $csetting = 'allow'.$cfield.'field';
 220          $mybb->input[$cfield] = trim($mybb->get_input($cfield));
 221          if($mybb->input[$cfield] && $mybb->settings[$csetting] != '')
 222          {
 223              if($mybb->settings[$csetting] != -1)
 224              {
 225                  $gids = explode(',', (string)$mybb->settings[$csetting]);
 226  
 227                  $search_query .= " AND (";
 228                  $or = '';
 229                  foreach($gids as $gid)
 230                  {
 231                      $gid = (int)$gid;
 232                      $search_query .= $or.'u.usergroup=\''.$gid.'\'';
 233                      switch($db->type)
 234                      {
 235                          case 'pgsql':
 236                          case 'sqlite':
 237                              $search_query .= " OR ','||u.additionalgroups||',' LIKE '%,{$gid},%'";
 238                              break;
 239                          default:
 240                              $search_query .= " OR CONCAT(',',u.additionalgroups,',') LIKE '%,{$gid},%'";
 241                              break;
 242                      }
 243                      $or = ' OR ';
 244                  }
 245                  $search_query .= ")";
 246              }
 247              if($cfield == 'icq')
 248              {
 249                  $search_query .= " AND u.{$cfield} LIKE '%".(int)$mybb->input[$cfield]."%'";
 250              }
 251              else
 252              {
 253                  $search_query .= " AND u.{$cfield} {$like} '%".$db->escape_string_like($mybb->input[$cfield])."%'";
 254              }
 255              $search_url .= "&{$cfield}=".urlencode($mybb->input[$cfield]);
 256          }
 257      }
 258  
 259      $usergroups_cache = $cache->read('usergroups');
 260  
 261      $group = array();
 262      foreach($usergroups_cache as $gid => $groupcache)
 263      {
 264          if($groupcache['showmemberlist'] == 0)
 265          {
 266              $group[] = (int)$gid;
 267          }
 268      }
 269  
 270      if(is_array($group) && !empty($group))
 271      {
 272          $hiddengroup = implode(',', $group);
 273  
 274          $search_query .= " AND u.usergroup NOT IN ({$hiddengroup})";
 275  
 276          foreach($group as $hidegid)
 277          {
 278              switch($db->type)
 279              {
 280                  case "pgsql":
 281                  case "sqlite":
 282                      $search_query .= " AND ','||u.additionalgroups||',' NOT LIKE '%,{$hidegid},%'";
 283                      break;
 284                  default:
 285                      $search_query .= " AND CONCAT(',',u.additionalgroups,',') NOT LIKE '%,{$hidegid},%'";
 286                      break;
 287              }
 288          }
 289      }
 290    
 291      $sorturl = htmlspecialchars_uni("memberlist.php?perpage={$mybb->input['perpage']}{$search_url}");
 292      $search_url = htmlspecialchars_uni("memberlist.php?sort={$mybb->input['sort']}&order={$mybb->input['order']}&perpage={$mybb->input['perpage']}{$search_url}");
 293  
 294      $plugins->run_hooks('memberlist_intermediate');
 295  
 296      $query = $db->simple_select("users u", "COUNT(*) AS users", "{$search_query}");
 297      $num_users = $db->fetch_field($query, "users");
 298  
 299      $page = $mybb->get_input('page', MyBB::INPUT_INT);
 300      if($page && $page > 0)
 301      {
 302          $start = ($page - 1) * $per_page;
 303      }
 304      else
 305      {
 306          $start = 0;
 307          $page = 1;
 308      }
 309  
 310      $sort = htmlspecialchars_uni($mybb->input['sort']);
 311      eval("\$orderarrow['{$sort}'] = \"".$templates->get("memberlist_orderarrow")."\";");
 312  
 313      // Referral?
 314      if($mybb->settings['usereferrals'] == 1)
 315      {
 316          $colspan = 7;
 317          eval("\$referral_header = \"".$templates->get("memberlist_referrals")."\";");
 318      }
 319  
 320      $multipage = multipage($num_users, $per_page, $page, $search_url);
 321  
 322      // Cache a few things
 323      $usertitles = $cache->read('usertitles');
 324      $usertitles_cache = array();
 325      foreach($usertitles as $usertitle)
 326      {
 327          $usertitles_cache[$usertitle['posts']] = $usertitle;
 328      }
 329      $users = '';
 330      $query = $db->query("
 331          SELECT u.*, f.*
 332          FROM ".TABLE_PREFIX."users u
 333          LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)
 334          WHERE {$search_query}
 335          ORDER BY {$sort_field} {$sort_order}
 336          LIMIT {$start}, {$per_page}
 337      ");
 338      while($user = $db->fetch_array($query))
 339      {
 340          $user = $plugins->run_hooks("memberlist_user", $user);
 341  
 342          $alt_bg = alt_trow();
 343  
 344          $user['username'] = format_name(htmlspecialchars_uni($user['username']), $user['usergroup'], $user['displaygroup']);
 345  
 346          $user['profilelink'] = build_profile_link($user['username'], $user['uid']);
 347  
 348          // Get the display usergroup
 349          if(empty($user['displaygroup']))
 350          {
 351              $user['displaygroup'] = $user['usergroup'];
 352          }
 353          $usergroup = $usergroups_cache[$user['displaygroup']];
 354  
 355          // Build referral?
 356          if($mybb->settings['usereferrals'] == 1)
 357          {
 358              eval("\$referral_bit = \"".$templates->get("memberlist_referrals_bit")."\";");
 359          }
 360  
 361          $usergroup['groupimage'] = '';
 362          // Work out the usergroup/title stuff
 363          if(!empty($usergroup['image']))
 364          {
 365              if(!empty($mybb->user['language']))
 366              {
 367                  $language = $mybb->user['language'];
 368              }
 369              else
 370              {
 371                  $language = $mybb->settings['bblanguage'];
 372              }
 373              $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']);
 374              $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']);
 375              eval("\$usergroup['groupimage'] = \"".$templates->get("memberlist_user_groupimage")."\";");
 376          }
 377  
 378          $has_custom_title = 0;
 379          if(trim($user['usertitle']) != "")
 380          {
 381              $has_custom_title = 1;
 382          }
 383  
 384          if($usergroup['usertitle'] != "" && !$has_custom_title)
 385          {
 386              $user['usertitle'] = $usergroup['usertitle'];
 387          }
 388          elseif(is_array($usertitles_cache) && !$usergroup['usertitle'])
 389          {
 390              foreach($usertitles_cache as $posts => $titleinfo)
 391              {
 392                  if($user['postnum'] >= $posts)
 393                  {
 394                      if(!$has_custom_title)
 395                      {
 396                          $user['usertitle'] = $titleinfo['title'];
 397                      }
 398                      $user['stars'] = $titleinfo['stars'];
 399                      $user['starimage'] = $titleinfo['starimage'];
 400                      break;
 401                  }
 402              }
 403          }
 404          
 405          $user['usertitle'] = htmlspecialchars_uni($user['usertitle']);
 406  
 407          if(!empty($usergroup['stars']))
 408          {
 409              $user['stars'] = $usergroup['stars'];
 410          }
 411  
 412          if(empty($user['starimage']))
 413          {
 414              $user['starimage'] = $usergroup['starimage'];
 415          }
 416  
 417          $user['userstars'] = '';
 418          if(!empty($user['starimage']))
 419          {
 420              // Only display stars if we have an image to use...
 421              $starimage = str_replace("{theme}", $theme['imgdir'], $user['starimage']);
 422  
 423              for($i = 0; $i < $user['stars']; ++$i)
 424              {
 425                  eval("\$user['userstars'] .= \"".$templates->get("memberlist_user_userstar", 1, 0)."\";");
 426              }
 427          }
 428  
 429          if($user['userstars'] && $usergroup['groupimage'])
 430          {
 431              $user['userstars'] = "<br />".$user['userstars'];
 432          }
 433  
 434          // Show avatar
 435          $useravatar = format_avatar($user['avatar'], $user['avatardimensions'], my_strtolower($mybb->settings['memberlistmaxavatarsize']));
 436          eval("\$user['avatar'] = \"".$templates->get("memberlist_user_avatar")."\";");
 437  
 438          if($user['invisible'] == 1 && $mybb->usergroup['canviewwolinvis'] != 1 && $user['uid'] != $mybb->user['uid'])
 439          {
 440              $user['lastvisit'] = $lang->lastvisit_never;
 441  
 442              if($user['lastvisit'])
 443              {
 444                  // We have had at least some active time, hide it instead
 445                  $user['lastvisit'] = $lang->lastvisit_hidden;
 446              }
 447          }
 448          else
 449          {
 450              $user['lastvisit'] = my_date('relative', $user['lastactive']);
 451          }
 452  
 453          $user['regdate'] = my_date('relative', $user['regdate']);
 454          $user['postnum'] = my_number_format($user['postnum']);
 455          $user['threadnum'] = my_number_format($user['threadnum']);
 456          eval("\$users .= \"".$templates->get("memberlist_user")."\";");
 457      }
 458  
 459      // Do we have no results?
 460      if(!$users)
 461      {
 462          eval("\$users = \"".$templates->get("memberlist_error")."\";");
 463      }
 464  
 465      $plugins->run_hooks("memberlist_end");
 466  
 467      eval("\$memberlist = \"".$templates->get("memberlist")."\";");
 468      output_page($memberlist);
 469  }


2005 - 2016 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1