[ Index ]

PHP Cross Reference of MyBB 1.8.26

title

Body

[close]

/ -> memberlist.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'memberlist.php');
  13  
  14  $templatelist = "memberlist,memberlist_search,memberlist_user,memberlist_user_groupimage,memberlist_user_avatar,memberlist_user_userstar,memberlist_search_contact_field,memberlist_referrals,memberlist_referrals_bit";
  15  $templatelist .= ",multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,memberlist_error,memberlist_orderarrow";
  16  
  17  require_once  "./global.php";
  18  
  19  // Load global language phrases
  20  $lang->load("memberlist");
  21  
  22  if($mybb->settings['enablememberlist'] == 0)
  23  {
  24      error($lang->memberlist_disabled);
  25  }
  26  
  27  $plugins->run_hooks("memberlist_start");
  28  
  29  add_breadcrumb($lang->nav_memberlist, "memberlist.php");
  30  
  31  if($mybb->usergroup['canviewmemberlist'] == 0)
  32  {
  33      error_no_permission();
  34  }
  35  
  36  // Showing advanced search page?
  37  if($mybb->get_input('action') == "search")
  38  {
  39      $plugins->run_hooks("memberlist_search");
  40      add_breadcrumb($lang->nav_memberlist_search);
  41  
  42      $contact_fields = array();
  43      foreach(array('skype', 'google', 'icq') as $field)
  44      {
  45          $contact_fields[$field] = '';
  46          $settingkey = 'allow'.$field.'field';
  47  
  48          if($mybb->settings[$settingkey] != '' && is_member($mybb->settings[$settingkey], array('usergroup' => $mybb->usergroup['usergroup'], 'additionalgroups' => $mybb->usergroup['additionalgroups'])))
  49          {
  50              $tmpl = 'memberlist_search_'.$field;
  51  
  52              $lang_string = 'search_'.$field;
  53              $lang_string = $lang->{$lang_string};
  54  
  55              $bgcolors[$field] = alt_trow();
  56              eval('$contact_fields[\''.$field.'\'] = "'.$templates->get('memberlist_search_contact_field').'";');
  57          }
  58      }
  59  
  60      if($mybb->settings['usereferrals'] == 1)
  61      {
  62          eval("\$referrals_option = \"".$templates->get("memberlist_referrals_option")."\";");
  63      }
  64  
  65      eval("\$search_page = \"".$templates->get("memberlist_search")."\";");
  66      output_page($search_page);
  67  }
  68  else
  69  {
  70      $colspan = 6;
  71      $search_url = '';
  72  
  73      // Incoming sort field?
  74      if(isset($mybb->input['sort']))
  75      {
  76          $mybb->input['sort'] = strtolower($mybb->get_input('sort'));
  77      }
  78      else
  79      {
  80          $mybb->input['sort'] = $mybb->settings['default_memberlist_sortby'];
  81      }
  82  
  83      $sort_selected = array(
  84          'regdate' => '',
  85          'lastvisit' => '',
  86          'reputation' => '',
  87          'postnum' => '',
  88          'referrals' => '',
  89          'username' => ''
  90      );
  91  
  92      switch($mybb->input['sort'])
  93      {
  94          case "regdate":
  95              $sort_field = "u.regdate";
  96              break;
  97          case "lastvisit":
  98              $sort_field = "u.lastactive";
  99              break;
 100          case "reputation":
 101              $sort_field = "u.reputation";
 102              break;
 103          case "postnum":
 104              $sort_field = "u.postnum";
 105              break;
 106          case "threadnum":
 107              $sort_field = "u.threadnum";
 108              break;
 109          case "referrals":
 110              if($mybb->settings['usereferrals'] == 1)
 111              {
 112                  $sort_field = "u.referrals";
 113              }
 114              else
 115              {
 116                  $sort_field = "u.username";
 117              }
 118              break;
 119          default:
 120              $sort_field = "u.username";
 121              $mybb->input['sort'] = 'username';
 122              break;
 123      }
 124      $sort_selected[$mybb->input['sort']] = " selected=\"selected\"";
 125  
 126      // Incoming sort order?
 127      if(isset($mybb->input['order']))
 128      {
 129          $mybb->input['order'] = strtolower($mybb->input['order']);
 130      }
 131      else
 132      {
 133          $mybb->input['order'] = strtolower($mybb->settings['default_memberlist_order']);
 134      }
 135  
 136      $order_check = array('ascending' => '', 'descending' => '');
 137      if($mybb->input['order'] == "ascending" || (!$mybb->input['order'] && $mybb->input['sort'] == 'username'))
 138      {
 139          $sort_order = "ASC";
 140          $sortordernow = "ascending";
 141          $oppsort = $lang->desc;
 142          $oppsortnext = "descending";
 143          $mybb->input['order'] = "ascending";
 144      }
 145      else
 146      {
 147          $sort_order = "DESC";
 148          $sortordernow = "descending";
 149          $oppsort = $lang->asc;
 150          $oppsortnext = "ascending";
 151          $mybb->input['order'] = "descending";
 152      }
 153      $order_check[$mybb->input['order']] = " checked=\"checked\"";
 154  
 155      if($sort_field == 'u.lastactive' && $mybb->usergroup['canviewwolinvis'] == 0)
 156      {
 157          $sort_field = "u.invisible ASC, CASE WHEN u.invisible = 1 THEN u.regdate ELSE u.lastactive END";
 158      }
 159  
 160      // Incoming results per page?
 161      $mybb->input['perpage'] = $mybb->get_input('perpage', MyBB::INPUT_INT);
 162      if($mybb->input['perpage'] > 0 && $mybb->input['perpage'] <= 500)
 163      {
 164          $per_page = $mybb->input['perpage'];
 165      }
 166      else if($mybb->settings['membersperpage'])
 167      {
 168          $per_page = $mybb->input['perpage'] = (int)$mybb->settings['membersperpage'];
 169      }
 170      else
 171      {
 172          $per_page = $mybb->input['perpage'] = 20;
 173      }
 174  
 175      $search_query = '1=1';
 176      $search_url = "";
 177  
 178      switch($db->type)
 179      {
 180          // PostgreSQL's LIKE is case sensitive
 181          case "pgsql":
 182              $like = "ILIKE";
 183              break;
 184          default:
 185              $like = "LIKE";
 186      }
 187  
 188      // Limiting results to a certain letter
 189      if(isset($mybb->input['letter']))
 190      {
 191          $letter = chr(ord($mybb->get_input('letter')));
 192          if($mybb->input['letter'] == -1)
 193          {
 194              $search_query .= " AND u.username NOT REGEXP('[a-zA-Z]')";
 195          }
 196          else if(strlen($letter) == 1)
 197          {
 198              $search_query .= " AND u.username {$like} '".$db->escape_string_like($letter)."%'";
 199          }
 200          $search_url .= "&letter={$letter}";
 201      }
 202  
 203      // Searching for a matching username
 204      $search_username = htmlspecialchars_uni(trim($mybb->get_input('username')));
 205      if($search_username != '')
 206      {
 207          $username_like_query = $db->escape_string_like($search_username);
 208  
 209          // Name begins with
 210          if($mybb->input['username_match'] == "begins")
 211          {
 212              $search_query .= " AND u.username {$like} '".$username_like_query."%'";
 213              $search_url .= "&username_match=begins";
 214          }
 215          // Just contains
 216          else if($mybb->input['username_match'] == "contains")
 217          {
 218              $search_query .= " AND u.username {$like} '%".$username_like_query."%'";
 219              $search_url .= "&username_match=contains";
 220          }
 221          // Exact
 222          else
 223          {
 224              $search_query .= " AND u.username='{$username_like_query}'";
 225          }
 226  
 227          $search_url .= "&username=".urlencode($search_username);
 228      }
 229  
 230      // Website contains
 231      $mybb->input['website'] = trim($mybb->get_input('website'));
 232      $search_website = htmlspecialchars_uni($mybb->input['website']);
 233      if(trim($mybb->input['website']))
 234      {
 235          $search_query .= " AND u.website {$like} '%".$db->escape_string_like($mybb->input['website'])."%'";
 236          $search_url .= "&website=".urlencode($mybb->input['website']);
 237      }
 238  
 239      // Search by contact field input
 240      foreach(array('icq', 'google', 'skype') as $cfield)
 241      {
 242          $csetting = 'allow'.$cfield.'field';
 243          $mybb->input[$cfield] = trim($mybb->get_input($cfield));
 244          if($mybb->input[$cfield] && $mybb->settings[$csetting] != '')
 245          {
 246              if($mybb->settings[$csetting] != -1)
 247              {
 248                  $gids = explode(',', (string)$mybb->settings[$csetting]);
 249  
 250                  $search_query .= " AND (";
 251                  $or = '';
 252                  foreach($gids as $gid)
 253                  {
 254                      $gid = (int)$gid;
 255                      $search_query .= $or.'u.usergroup=\''.$gid.'\'';
 256                      switch($db->type)
 257                      {
 258                          case 'pgsql':
 259                          case 'sqlite':
 260                              $search_query .= " OR ','||u.additionalgroups||',' LIKE '%,{$gid},%'";
 261                              break;
 262                          default:
 263                              $search_query .= " OR CONCAT(',',u.additionalgroups,',') LIKE '%,{$gid},%'";
 264                              break;
 265                      }
 266                      $or = ' OR ';
 267                  }
 268                  $search_query .= ")";
 269              }
 270              if($cfield == 'icq')
 271              {
 272                  $search_query .= " AND u.{$cfield} LIKE '%".(int)$mybb->input[$cfield]."%'";
 273              }
 274              else
 275              {
 276                  $search_query .= " AND u.{$cfield} {$like} '%".$db->escape_string_like($mybb->input[$cfield])."%'";
 277              }
 278              $search_url .= "&{$cfield}=".urlencode($mybb->input[$cfield]);
 279          }
 280      }
 281  
 282      $usergroups_cache = $cache->read('usergroups');
 283  
 284      $group = array();
 285      foreach($usergroups_cache as $gid => $groupcache)
 286      {
 287          if($groupcache['showmemberlist'] == 0)
 288          {
 289              $group[] = (int)$gid;
 290          }
 291      }
 292  
 293      if(is_array($group) && !empty($group))
 294      {
 295          $hiddengroup = implode(',', $group);
 296  
 297          $search_query .= " AND u.usergroup NOT IN ({$hiddengroup})";
 298  
 299          foreach($group as $hidegid)
 300          {
 301              switch($db->type)
 302              {
 303                  case "pgsql":
 304                  case "sqlite":
 305                      $search_query .= " AND ','||u.additionalgroups||',' NOT LIKE '%,{$hidegid},%'";
 306                      break;
 307                  default:
 308                      $search_query .= " AND CONCAT(',',u.additionalgroups,',') NOT LIKE '%,{$hidegid},%'";
 309                      break;
 310              }
 311          }
 312      }
 313    
 314      $sorturl = htmlspecialchars_uni("memberlist.php?perpage={$mybb->input['perpage']}{$search_url}");
 315      $search_url = htmlspecialchars_uni("memberlist.php?sort={$mybb->input['sort']}&order={$mybb->input['order']}&perpage={$mybb->input['perpage']}{$search_url}");
 316  
 317      $plugins->run_hooks('memberlist_intermediate');
 318  
 319      $query = $db->simple_select("users u", "COUNT(*) AS users", "{$search_query}");
 320      $num_users = $db->fetch_field($query, "users");
 321  
 322      $page = $mybb->get_input('page', MyBB::INPUT_INT);
 323      if($page && $page > 0)
 324      {
 325          $start = ($page - 1) * $per_page;
 326          $pages = ceil($num_users / $per_page);
 327          if($page > $pages)
 328          {
 329              $start = 0;
 330              $page = 1;
 331          }
 332      }
 333      else
 334      {
 335          $start = 0;
 336          $page = 1;
 337      }
 338  
 339      $sort = htmlspecialchars_uni($mybb->input['sort']);
 340      eval("\$orderarrow['{$sort}'] = \"".$templates->get("memberlist_orderarrow")."\";");
 341  
 342      // Referral?
 343      if($mybb->settings['usereferrals'] == 1)
 344      {
 345          $colspan = 7;
 346          eval("\$referral_header = \"".$templates->get("memberlist_referrals")."\";");
 347      }
 348  
 349      $multipage = multipage($num_users, $per_page, $page, $search_url);
 350  
 351      // Cache a few things
 352      $usertitles = $cache->read('usertitles');
 353      $usertitles_cache = array();
 354      foreach($usertitles as $usertitle)
 355      {
 356          $usertitles_cache[$usertitle['posts']] = $usertitle;
 357      }
 358      $users = '';
 359      $query = $db->query("
 360          SELECT u.*, f.*
 361          FROM ".TABLE_PREFIX."users u
 362          LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)
 363          WHERE {$search_query}
 364          ORDER BY {$sort_field} {$sort_order}
 365          LIMIT {$start}, {$per_page}
 366      ");
 367      while($user = $db->fetch_array($query))
 368      {
 369          $user = $plugins->run_hooks("memberlist_user", $user);
 370  
 371          $alt_bg = alt_trow();
 372  
 373          $user['username'] = format_name(htmlspecialchars_uni($user['username']), $user['usergroup'], $user['displaygroup']);
 374  
 375          $user['profilelink'] = build_profile_link($user['username'], $user['uid']);
 376  
 377          // Get the display usergroup
 378          if($user['usergroup'])
 379          {
 380              $usergroup = usergroup_permissions($user['usergroup']);
 381          }
 382          else
 383          {
 384              $usergroup = usergroup_permissions(1);
 385          }
 386  
 387          $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image");
 388  
 389          if(!$user['displaygroup'])
 390          {
 391              $user['displaygroup'] = $user['usergroup'];
 392          }
 393  
 394          $display_group = usergroup_displaygroup($user['displaygroup']);
 395          if(is_array($display_group))
 396          {
 397              $usergroup = array_merge($usergroup, $display_group);
 398          }
 399  
 400          // Build referral?
 401          if($mybb->settings['usereferrals'] == 1)
 402          {
 403              $referral_count = (int) $user['referrals'];
 404              if($referral_count > 0)
 405              {
 406                  $uid = (int) $user['uid'];
 407                  eval("\$user['referrals'] = \"".$templates->get('member_referrals_link')."\";");
 408              }
 409  
 410              eval("\$referral_bit = \"".$templates->get("memberlist_referrals_bit")."\";");
 411              eval("\$referrals_option = \"".$templates->get("memberlist_referrals_option")."\";");
 412          }
 413  
 414          $usergroup['groupimage'] = '';
 415          // Work out the usergroup/title stuff
 416          if(!empty($usergroup['image']))
 417          {
 418              if(!empty($mybb->user['language']))
 419              {
 420                  $language = $mybb->user['language'];
 421              }
 422              else
 423              {
 424                  $language = $mybb->settings['bblanguage'];
 425              }
 426              $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']);
 427              $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']);
 428              eval("\$usergroup['groupimage'] = \"".$templates->get("memberlist_user_groupimage")."\";");
 429          }
 430  
 431          $has_custom_title = 0;
 432          if(trim($user['usertitle']) != "")
 433          {
 434              $has_custom_title = 1;
 435          }
 436  
 437          if($usergroup['usertitle'] != "" && !$has_custom_title)
 438          {
 439              $user['usertitle'] = $usergroup['usertitle'];
 440          }
 441          elseif(is_array($usertitles_cache) && !$usergroup['usertitle'])
 442          {
 443              foreach($usertitles_cache as $posts => $titleinfo)
 444              {
 445                  if($user['postnum'] >= $posts)
 446                  {
 447                      if(!$has_custom_title)
 448                      {
 449                          $user['usertitle'] = $titleinfo['title'];
 450                      }
 451                      $user['stars'] = $titleinfo['stars'];
 452                      $user['starimage'] = $titleinfo['starimage'];
 453                      break;
 454                  }
 455              }
 456          }
 457          
 458          $user['usertitle'] = htmlspecialchars_uni($user['usertitle']);
 459  
 460          if(!empty($usergroup['stars']))
 461          {
 462              $user['stars'] = $usergroup['stars'];
 463          }
 464  
 465          if(empty($user['starimage']))
 466          {
 467              $user['starimage'] = $usergroup['starimage'];
 468          }
 469  
 470          $user['userstars'] = '';
 471          if(!empty($user['starimage']))
 472          {
 473              // Only display stars if we have an image to use...
 474              $starimage = str_replace("{theme}", $theme['imgdir'], $user['starimage']);
 475  
 476              for($i = 0; $i < $user['stars']; ++$i)
 477              {
 478                  eval("\$user['userstars'] .= \"".$templates->get("memberlist_user_userstar", 1, 0)."\";");
 479              }
 480          }
 481  
 482          if($user['userstars'] && $usergroup['groupimage'])
 483          {
 484              $user['userstars'] = "<br />".$user['userstars'];
 485          }
 486  
 487          // Show avatar
 488          $useravatar = format_avatar($user['avatar'], $user['avatardimensions'], my_strtolower($mybb->settings['memberlistmaxavatarsize']));
 489          eval("\$user['avatar'] = \"".$templates->get("memberlist_user_avatar")."\";");
 490  
 491          $last_seen = max(array($user['lastactive'], $user['lastvisit']));
 492          if(empty($last_seen))
 493          {
 494              $user['lastvisit'] = $lang->lastvisit_never;
 495          }
 496          else
 497          {
 498              // We have some stamp here
 499              if($user['invisible'] == 1 && $mybb->usergroup['canviewwolinvis'] != 1 && $user['uid'] != $mybb->user['uid'])
 500              {
 501                  $user['lastvisit'] = $lang->lastvisit_hidden;
 502              }
 503              else
 504              {
 505                  $user['lastvisit'] = my_date('relative', $last_seen);
 506              }
 507          }
 508  
 509          $user['regdate'] = my_date('relative', $user['regdate']);
 510          $user['postnum'] = my_number_format($user['postnum']);
 511          $user['threadnum'] = my_number_format($user['threadnum']);
 512          eval("\$users .= \"".$templates->get("memberlist_user")."\";");
 513      }
 514  
 515      // Do we have no results?
 516      if(!$users)
 517      {
 518          eval("\$users = \"".$templates->get("memberlist_error")."\";");
 519      }
 520  
 521      $plugins->run_hooks("memberlist_end");
 522  
 523      eval("\$memberlist = \"".$templates->get("memberlist")."\";");
 524      output_page($memberlist);
 525  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref