[ Index ]

PHP Cross Reference of MyBB 1.8.28

title

Body

[close]

/ -> memberlist.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'memberlist.php');
  13  
  14  $templatelist = "memberlist,memberlist_search,memberlist_user,memberlist_user_groupimage,memberlist_user_avatar,memberlist_user_userstar,memberlist_search_contact_field,memberlist_referrals,memberlist_referrals_bit";
  15  $templatelist .= ",multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,memberlist_error,memberlist_orderarrow";
  16  
  17  require_once  "./global.php";
  18  
  19  // Load global language phrases
  20  $lang->load("memberlist");
  21  
  22  if($mybb->settings['enablememberlist'] == 0)
  23  {
  24      error($lang->memberlist_disabled);
  25  }
  26  
  27  $plugins->run_hooks("memberlist_start");
  28  
  29  add_breadcrumb($lang->nav_memberlist, "memberlist.php");
  30  
  31  if($mybb->usergroup['canviewmemberlist'] == 0)
  32  {
  33      error_no_permission();
  34  }
  35  
  36  $orderarrow = $sort_selected = array(
  37      'regdate' => '',
  38      'lastvisit' => '',
  39      'reputation' => '',
  40      'postnum' => '',
  41      'threadnum' => '',
  42      'referrals' => '',
  43      'username' => ''
  44  );
  45  
  46  // Showing advanced search page?
  47  if($mybb->get_input('action') == "search")
  48  {
  49      $plugins->run_hooks("memberlist_search");
  50      add_breadcrumb($lang->nav_memberlist_search);
  51  
  52      if(isset($mybb->usergroup['usergroup']))
  53      {
  54          $usergroup = $mybb->usergroup['usergroup'];
  55      }
  56      else
  57      {
  58          $usergroup = '';
  59      }
  60      if(isset($mybb->usergroup['additionalgroups']))
  61      {
  62          $additionalgroups = $mybb->usergroup['additionalgroups'];
  63      }
  64      else
  65      {
  66          $additionalgroups = '';
  67      }
  68  
  69      $contact_fields = array();
  70      foreach(array('skype', 'google', 'icq') as $field)
  71      {
  72          $contact_fields[$field] = '';
  73          $settingkey = 'allow'.$field.'field';
  74  
  75          if($mybb->settings[$settingkey] != '' && is_member($mybb->settings[$settingkey], array('usergroup' => $usergroup, 'additionalgroups' => $additionalgroups)))
  76          {
  77              $tmpl = 'memberlist_search_'.$field;
  78  
  79              $lang_string = 'search_'.$field;
  80              $lang_string = $lang->{$lang_string};
  81  
  82              $bgcolors[$field] = alt_trow();
  83              eval('$contact_fields[\''.$field.'\'] = "'.$templates->get('memberlist_search_contact_field').'";');
  84          }
  85      }
  86  
  87      $referrals_option = '';
  88      if($mybb->settings['usereferrals'] == 1)
  89      {
  90          eval("\$referrals_option = \"".$templates->get("memberlist_referrals_option")."\";");
  91      }
  92  
  93      eval("\$search_page = \"".$templates->get("memberlist_search")."\";");
  94      output_page($search_page);
  95  }
  96  else
  97  {
  98      $colspan = 6;
  99      $search_url = '';
 100  
 101      // Incoming sort field?
 102      if(isset($mybb->input['sort']))
 103      {
 104          $mybb->input['sort'] = strtolower($mybb->get_input('sort'));
 105      }
 106      else
 107      {
 108          $mybb->input['sort'] = $mybb->settings['default_memberlist_sortby'];
 109      }
 110  
 111      switch($mybb->input['sort'])
 112      {
 113          case "regdate":
 114              $sort_field = "u.regdate";
 115              break;
 116          case "lastvisit":
 117              $sort_field = "u.lastactive";
 118              break;
 119          case "reputation":
 120              $sort_field = "u.reputation";
 121              break;
 122          case "postnum":
 123              $sort_field = "u.postnum";
 124              break;
 125          case "threadnum":
 126              $sort_field = "u.threadnum";
 127              break;
 128          case "referrals":
 129              if($mybb->settings['usereferrals'] == 1)
 130              {
 131                  $sort_field = "u.referrals";
 132              }
 133              else
 134              {
 135                  $sort_field = "u.username";
 136              }
 137              break;
 138          default:
 139              $sort_field = "u.username";
 140              $mybb->input['sort'] = 'username';
 141              break;
 142      }
 143      $sort_selected[$mybb->input['sort']] = " selected=\"selected\"";
 144  
 145      // Incoming sort order?
 146      if(isset($mybb->input['order']))
 147      {
 148          $mybb->input['order'] = strtolower($mybb->input['order']);
 149      }
 150      else
 151      {
 152          $mybb->input['order'] = strtolower($mybb->settings['default_memberlist_order']);
 153      }
 154  
 155      $order_check = array('ascending' => '', 'descending' => '');
 156      if($mybb->input['order'] == "ascending" || (!$mybb->input['order'] && $mybb->input['sort'] == 'username'))
 157      {
 158          $sort_order = "ASC";
 159          $sortordernow = "ascending";
 160          $oppsort = $lang->desc;
 161          $oppsortnext = "descending";
 162          $mybb->input['order'] = "ascending";
 163      }
 164      else
 165      {
 166          $sort_order = "DESC";
 167          $sortordernow = "descending";
 168          $oppsort = $lang->asc;
 169          $oppsortnext = "ascending";
 170          $mybb->input['order'] = "descending";
 171      }
 172      $order_check[$mybb->input['order']] = " checked=\"checked\"";
 173  
 174      if($sort_field == 'u.lastactive' && $mybb->usergroup['canviewwolinvis'] == 0)
 175      {
 176          $sort_field = "u.invisible ASC, CASE WHEN u.invisible = 1 THEN u.regdate ELSE u.lastactive END";
 177      }
 178  
 179      // Incoming results per page?
 180      $mybb->input['perpage'] = $mybb->get_input('perpage', MyBB::INPUT_INT);
 181      if($mybb->input['perpage'] > 0 && $mybb->input['perpage'] <= 500)
 182      {
 183          $per_page = $mybb->input['perpage'];
 184      }
 185      else if($mybb->settings['membersperpage'])
 186      {
 187          $per_page = $mybb->input['perpage'] = (int)$mybb->settings['membersperpage'];
 188      }
 189      else
 190      {
 191          $per_page = $mybb->input['perpage'] = 20;
 192      }
 193  
 194      $search_query = '1=1';
 195      $search_url = "";
 196  
 197      switch($db->type)
 198      {
 199          // PostgreSQL's LIKE is case sensitive
 200          case "pgsql":
 201              $like = "ILIKE";
 202              break;
 203          default:
 204              $like = "LIKE";
 205      }
 206  
 207      // Limiting results to a certain letter
 208      if(isset($mybb->input['letter']))
 209      {
 210          $letter = chr(ord($mybb->get_input('letter')));
 211          if($mybb->input['letter'] == -1)
 212          {
 213              $search_query .= " AND u.username NOT REGEXP('[a-zA-Z]')";
 214          }
 215          else if(strlen($letter) == 1)
 216          {
 217              $search_query .= " AND u.username {$like} '".$db->escape_string_like($letter)."%'";
 218          }
 219          $search_url .= "&letter={$letter}";
 220      }
 221  
 222      // Searching for a matching username
 223      $search_username = htmlspecialchars_uni(trim($mybb->get_input('username')));
 224      if($search_username != '')
 225      {
 226          $username_like_query = $db->escape_string_like($search_username);
 227  
 228          // Name begins with
 229          if($mybb->get_input('username_match') == "begins")
 230          {
 231              $search_query .= " AND u.username {$like} '".$username_like_query."%'";
 232              $search_url .= "&username_match=begins";
 233          }
 234          // Just contains
 235          else if($mybb->get_input('username_match') == "contains")
 236          {
 237              $search_query .= " AND u.username {$like} '%".$username_like_query."%'";
 238              $search_url .= "&username_match=contains";
 239          }
 240          // Exact
 241          else
 242          {
 243              $username_esc = $db->escape_string(my_strtolower($search_username));
 244              $search_query .= " AND LOWER(u.username)='{$username_esc}'";
 245          }
 246  
 247          $search_url .= "&username=".urlencode($search_username);
 248      }
 249  
 250      // Website contains
 251      $mybb->input['website'] = trim($mybb->get_input('website'));
 252      $search_website = htmlspecialchars_uni($mybb->input['website']);
 253      if(trim($mybb->input['website']))
 254      {
 255          $search_query .= " AND u.website {$like} '%".$db->escape_string_like($mybb->input['website'])."%'";
 256          $search_url .= "&website=".urlencode($mybb->input['website']);
 257      }
 258  
 259      // Search by contact field input
 260      foreach(array('icq', 'google', 'skype') as $cfield)
 261      {
 262          $csetting = 'allow'.$cfield.'field';
 263          $mybb->input[$cfield] = trim($mybb->get_input($cfield));
 264          if($mybb->input[$cfield] && $mybb->settings[$csetting] != '')
 265          {
 266              if($mybb->settings[$csetting] != -1)
 267              {
 268                  $gids = explode(',', (string)$mybb->settings[$csetting]);
 269  
 270                  $search_query .= " AND (";
 271                  $or = '';
 272                  foreach($gids as $gid)
 273                  {
 274                      $gid = (int)$gid;
 275                      $search_query .= $or.'u.usergroup=\''.$gid.'\'';
 276                      switch($db->type)
 277                      {
 278                          case 'pgsql':
 279                          case 'sqlite':
 280                              $search_query .= " OR ','||u.additionalgroups||',' LIKE '%,{$gid},%'";
 281                              break;
 282                          default:
 283                              $search_query .= " OR CONCAT(',',u.additionalgroups,',') LIKE '%,{$gid},%'";
 284                              break;
 285                      }
 286                      $or = ' OR ';
 287                  }
 288                  $search_query .= ")";
 289              }
 290              if($cfield == 'icq')
 291              {
 292                  $search_query .= " AND u.{$cfield} LIKE '%".(int)$mybb->input[$cfield]."%'";
 293              }
 294              else
 295              {
 296                  $search_query .= " AND u.{$cfield} {$like} '%".$db->escape_string_like($mybb->input[$cfield])."%'";
 297              }
 298              $search_url .= "&{$cfield}=".urlencode($mybb->input[$cfield]);
 299          }
 300      }
 301  
 302      $usergroups_cache = $cache->read('usergroups');
 303  
 304      $group = array();
 305      foreach($usergroups_cache as $gid => $groupcache)
 306      {
 307          if($groupcache['showmemberlist'] == 0)
 308          {
 309              $group[] = (int)$gid;
 310          }
 311      }
 312  
 313      if(is_array($group) && !empty($group))
 314      {
 315          $hiddengroup = implode(',', $group);
 316  
 317          $search_query .= " AND u.usergroup NOT IN ({$hiddengroup})";
 318  
 319          foreach($group as $hidegid)
 320          {
 321              switch($db->type)
 322              {
 323                  case "pgsql":
 324                  case "sqlite":
 325                      $search_query .= " AND ','||u.additionalgroups||',' NOT LIKE '%,{$hidegid},%'";
 326                      break;
 327                  default:
 328                      $search_query .= " AND CONCAT(',',u.additionalgroups,',') NOT LIKE '%,{$hidegid},%'";
 329                      break;
 330              }
 331          }
 332      }
 333    
 334      $sorturl = htmlspecialchars_uni("memberlist.php?perpage={$mybb->input['perpage']}{$search_url}");
 335      $search_url = htmlspecialchars_uni("memberlist.php?sort={$mybb->input['sort']}&order={$mybb->input['order']}&perpage={$mybb->input['perpage']}{$search_url}");
 336  
 337      $plugins->run_hooks('memberlist_intermediate');
 338  
 339      $query = $db->simple_select("users u", "COUNT(*) AS users", "{$search_query}");
 340      $num_users = $db->fetch_field($query, "users");
 341  
 342      $page = $mybb->get_input('page', MyBB::INPUT_INT);
 343      if($page && $page > 0)
 344      {
 345          $start = ($page - 1) * $per_page;
 346          $pages = ceil($num_users / $per_page);
 347          if($page > $pages)
 348          {
 349              $start = 0;
 350              $page = 1;
 351          }
 352      }
 353      else
 354      {
 355          $start = 0;
 356          $page = 1;
 357      }
 358  
 359      $sort = htmlspecialchars_uni($mybb->input['sort']);
 360      eval("\$orderarrow['{$sort}'] = \"".$templates->get("memberlist_orderarrow")."\";");
 361  
 362      // Referral?
 363      if($mybb->settings['usereferrals'] == 1)
 364      {
 365          $colspan = 7;
 366          eval("\$referral_header = \"".$templates->get("memberlist_referrals")."\";");
 367      }
 368  
 369      $multipage = multipage($num_users, $per_page, $page, $search_url);
 370  
 371      // Cache a few things
 372      $usertitles = $cache->read('usertitles');
 373      $usertitles_cache = array();
 374      foreach($usertitles as $usertitle)
 375      {
 376          $usertitles_cache[$usertitle['posts']] = $usertitle;
 377      }
 378      $users = '';
 379      $query = $db->query("
 380          SELECT u.*, f.*
 381          FROM ".TABLE_PREFIX."users u
 382          LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)
 383          WHERE {$search_query}
 384          ORDER BY {$sort_field} {$sort_order}
 385          LIMIT {$start}, {$per_page}
 386      ");
 387      while($user = $db->fetch_array($query))
 388      {
 389          $user = $plugins->run_hooks("memberlist_user", $user);
 390  
 391          $alt_bg = alt_trow();
 392  
 393          $user['username'] = format_name(htmlspecialchars_uni($user['username']), $user['usergroup'], $user['displaygroup']);
 394  
 395          $user['profilelink'] = build_profile_link($user['username'], $user['uid']);
 396  
 397          // Get the display usergroup
 398          if($user['usergroup'])
 399          {
 400              $usergroup = usergroup_permissions($user['usergroup']);
 401          }
 402          else
 403          {
 404              $usergroup = usergroup_permissions(1);
 405          }
 406  
 407          $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image");
 408  
 409          if(!$user['displaygroup'])
 410          {
 411              $user['displaygroup'] = $user['usergroup'];
 412          }
 413  
 414          $display_group = usergroup_displaygroup($user['displaygroup']);
 415          if(is_array($display_group))
 416          {
 417              $usergroup = array_merge($usergroup, $display_group);
 418          }
 419  
 420          // Build referral?
 421          if($mybb->settings['usereferrals'] == 1)
 422          {
 423              $referral_count = (int) $user['referrals'];
 424              if($referral_count > 0)
 425              {
 426                  $uid = (int) $user['uid'];
 427                  eval("\$user['referrals'] = \"".$templates->get('member_referrals_link')."\";");
 428              }
 429  
 430              eval("\$referral_bit = \"".$templates->get("memberlist_referrals_bit")."\";");
 431          }
 432  
 433          $usergroup['groupimage'] = '';
 434          // Work out the usergroup/title stuff
 435          if(!empty($usergroup['image']))
 436          {
 437              if(!empty($mybb->user['language']))
 438              {
 439                  $language = $mybb->user['language'];
 440              }
 441              else
 442              {
 443                  $language = $mybb->settings['bblanguage'];
 444              }
 445              $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']);
 446              $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']);
 447              eval("\$usergroup['groupimage'] = \"".$templates->get("memberlist_user_groupimage")."\";");
 448          }
 449  
 450          $has_custom_title = 0;
 451          if(trim($user['usertitle']) != "")
 452          {
 453              $has_custom_title = 1;
 454          }
 455  
 456          if($usergroup['usertitle'] != "" && !$has_custom_title)
 457          {
 458              $user['usertitle'] = $usergroup['usertitle'];
 459          }
 460          elseif(is_array($usertitles_cache) && !$usergroup['usertitle'])
 461          {
 462              foreach($usertitles_cache as $posts => $titleinfo)
 463              {
 464                  if($user['postnum'] >= $posts)
 465                  {
 466                      if(!$has_custom_title)
 467                      {
 468                          $user['usertitle'] = $titleinfo['title'];
 469                      }
 470                      $user['stars'] = $titleinfo['stars'];
 471                      $user['starimage'] = $titleinfo['starimage'];
 472                      break;
 473                  }
 474              }
 475          }
 476          
 477          $user['usertitle'] = htmlspecialchars_uni($user['usertitle']);
 478  
 479          if(!empty($usergroup['stars']))
 480          {
 481              $user['stars'] = $usergroup['stars'];
 482          }
 483  
 484          if(empty($user['starimage']))
 485          {
 486              $user['starimage'] = $usergroup['starimage'];
 487          }
 488  
 489          $user['userstars'] = '';
 490          if(!empty($user['starimage']) && isset($user['stars']))
 491          {
 492              // Only display stars if we have an image to use...
 493              $starimage = str_replace("{theme}", $theme['imgdir'], $user['starimage']);
 494  
 495              for($i = 0; $i < $user['stars']; ++$i)
 496              {
 497                  eval("\$user['userstars'] .= \"".$templates->get("memberlist_user_userstar", 1, 0)."\";");
 498              }
 499          }
 500  
 501          if($user['userstars'] && $usergroup['groupimage'])
 502          {
 503              $user['userstars'] = "<br />".$user['userstars'];
 504          }
 505  
 506          // Show avatar
 507          $useravatar = format_avatar($user['avatar'], $user['avatardimensions'], my_strtolower($mybb->settings['memberlistmaxavatarsize']));
 508          eval("\$user['avatar'] = \"".$templates->get("memberlist_user_avatar")."\";");
 509  
 510          $last_seen = max(array($user['lastactive'], $user['lastvisit']));
 511          if(empty($last_seen))
 512          {
 513              $user['lastvisit'] = $lang->lastvisit_never;
 514          }
 515          else
 516          {
 517              // We have some stamp here
 518              if($user['invisible'] == 1 && $mybb->usergroup['canviewwolinvis'] != 1 && $user['uid'] != $mybb->user['uid'])
 519              {
 520                  $user['lastvisit'] = $lang->lastvisit_hidden;
 521              }
 522              else
 523              {
 524                  $user['lastvisit'] = my_date('relative', $last_seen);
 525              }
 526          }
 527  
 528          $user['regdate'] = my_date('relative', $user['regdate']);
 529          $user['postnum'] = my_number_format($user['postnum']);
 530          $user['threadnum'] = my_number_format($user['threadnum']);
 531          eval("\$users .= \"".$templates->get("memberlist_user")."\";");
 532      }
 533  
 534      // Do we have no results?
 535      if(!$users)
 536      {
 537          eval("\$users = \"".$templates->get("memberlist_error")."\";");
 538      }
 539  
 540      $referrals_option = '';
 541      if($mybb->settings['usereferrals'] == 1)
 542      {
 543          eval("\$referrals_option = \"".$templates->get("memberlist_referrals_option")."\";");
 544      }
 545  
 546      $plugins->run_hooks("memberlist_end");
 547  
 548      eval("\$memberlist = \"".$templates->get("memberlist")."\";");
 549      output_page($memberlist);
 550  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref