[ Index ]

PHP Cross Reference of MyBB 1.8.36

title

Body

[close]

/ -> reputation.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'reputation.php');
  13  
  14  $templatelist = "reputation_addlink,reputation_no_votes,reputation,reputation_vote,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,reputation_vote_delete";
  15  $templatelist .= ",reputation_add_delete,reputation_add_neutral,reputation_add_positive,reputation_add_negative,reputation_add_error,reputation_add_error_nomodal,reputation_add,reputation_added,reputation_deleted,reputation_vote_report,postbit_reputation_formatted_link";
  16  
  17  require_once  "./global.php";
  18  require_once  MYBB_ROOT."inc/class_parser.php";
  19  $parser = new postParser;
  20  
  21  // Load global language phrases
  22  $lang->load("reputation");
  23  
  24  $plugins->run_hooks("reputation_start");
  25  
  26  // Check if the reputation system is globally disabled or not.
  27  if($mybb->settings['enablereputation'] != 1)
  28  {
  29      error($lang->reputation_disabled);
  30  }
  31  
  32  // Does this user have permission to view the board?
  33  if($mybb->usergroup['canview'] != 1)
  34  {
  35      error_no_permission();
  36  }
  37  
  38  // If we have a specified incoming username, validate it and fetch permissions for it
  39  $uid = $mybb->get_input('uid', MyBB::INPUT_INT);
  40  $user = get_user($uid);
  41  if(!$user)
  42  {
  43      error($lang->add_no_uid);
  44  }
  45  $user_permissions = user_permissions($uid);
  46  
  47  // Fetch display group properties.
  48  $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image");
  49  
  50  if(!$user['displaygroup'])
  51  {
  52      $user['displaygroup'] = $user['usergroup'];
  53  }
  54  
  55  $display_group = usergroup_displaygroup($user['displaygroup']);
  56  if(is_array($display_group))
  57  {
  58      $user_permissions = array_merge($user_permissions, $display_group);
  59  }
  60  
  61  $mybb->input['action'] = $mybb->get_input('action');
  62  
  63  // Here we perform our validation when adding a reputation to see if the user
  64  // has permission or not. This is done here to save duplicating the same code.
  65  if($mybb->input['action'] == "add" || $mybb->input['action'] == "do_add")
  66  {
  67      // This user doesn't have permission to give reputations.
  68      if($mybb->usergroup['cangivereputations'] != 1)
  69      {
  70          $message = $lang->add_no_permission;
  71          if($mybb->input['nomodal'])
  72          {
  73              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
  74          }
  75          else
  76          {
  77              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
  78          }
  79          echo $error;
  80          exit;
  81      }
  82  
  83      // The user we're trying to give a reputation to doesn't have permission to receive reps.
  84      if($user_permissions['usereputationsystem'] != 1)
  85      {
  86          $message = $lang->add_disabled;
  87          if($mybb->input['nomodal'])
  88          {
  89              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
  90          }
  91          else
  92          {
  93              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
  94          }
  95          echo $error;
  96          exit;
  97      }
  98  
  99      // Is this user trying to give themself a reputation?
 100      if($uid == $mybb->user['uid'])
 101      {
 102          $message = $lang->add_yours;
 103          if($mybb->input['nomodal'])
 104          {
 105              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 106          }
 107          else
 108          {
 109              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 110          }
 111          echo $error;
 112          exit;
 113      }
 114  
 115      // If a post has been given but post ratings have been disabled, set the post to 0. This will mean all subsequent code will think no post was given.
 116      if($mybb->settings['postrep'] != 1)
 117      {
 118          $mybb->input['pid'] = 0;
 119      }
 120  
 121      if($mybb->get_input('pid', MyBB::INPUT_INT))
 122      {
 123          // Make sure that this post exists, and that the author of the post we're giving this reputation for corresponds with the user the rep is being given to.
 124          $post = get_post($mybb->get_input('pid', MyBB::INPUT_INT));
 125          if($post)
 126          {
 127              $thread = get_thread($post['tid']);
 128              $forum = get_forum($thread['fid']);
 129              $forumpermissions = forum_permissions($forum['fid']);
 130  
 131              // Post doesn't belong to that user or isn't visible
 132              if($uid != $post['uid'] || $post['visible'] != 1)
 133              {
 134                  $mybb->input['pid'] = 0;
 135              }
 136  
 137              // Thread isn't visible
 138              elseif($thread['visible'] != 1)
 139              {
 140                  $mybb->input['pid'] = 0;
 141              }
 142  
 143              // Current user can't see the forum
 144              elseif($forumpermissions['canview'] == 0 || $forumpermissions['canpostreplys'] == 0 || $mybb->user['suspendposting'] == 1)
 145              {
 146                  $mybb->input['pid'] = 0;
 147              }
 148  
 149              // Current user can't see that thread
 150              elseif(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid'])
 151              {
 152                  $mybb->input['pid'] = 0;
 153              }
 154          }
 155          else
 156          {
 157              $mybb->input['pid'] = 0;
 158          }
 159      }
 160  
 161      $rid = 0;
 162  
 163      // Fetch the existing reputation for this user given by our current user if there is one.
 164      // If multiple reputations is allowed, then this isn't needed
 165      if($mybb->settings['multirep'] != 1 && $mybb->get_input('pid', MyBB::INPUT_INT) == 0)
 166      {
 167          $query = $db->simple_select("reputation", "*", "adduid='".$mybb->user['uid']."' AND uid='{$uid}' AND pid='0'");
 168          $existing_reputation = $db->fetch_array($query);
 169          $rid = $existing_reputation['rid'];
 170          $was_post = false;
 171      }
 172      if($mybb->get_input('pid', MyBB::INPUT_INT) != 0)
 173      {
 174          $query = $db->simple_select("reputation", "*", "adduid='".$mybb->user['uid']."' AND uid='{$uid}' AND pid = '".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 175          $existing_reputation = $db->fetch_array($query);
 176  
 177          if($existing_reputation)
 178          {
 179              $rid = $existing_reputation['rid'];
 180          }
 181          else
 182          {
 183              $rid = 0;
 184          }
 185  
 186          $was_post = true;
 187      }
 188  
 189      if($rid == 0 && ($mybb->input['action'] != "do_add" || ($mybb->input['action'] == "do_add" && empty($mybb->input['delete']))))
 190      {
 191          $message = '';
 192  
 193          // Check if this user has reached their "maximum reputations per day" quota
 194          if($mybb->usergroup['maxreputationsday'] != 0)
 195          {
 196              $timesearch = TIME_NOW - (60 * 60 * 24);
 197              $query = $db->simple_select("reputation", "*", "adduid='{$mybb->user['uid']}' AND dateline>'$timesearch'");
 198              $numtoday = $db->num_rows($query);
 199  
 200              // Reached the quota - error.
 201              if($numtoday >= $mybb->usergroup['maxreputationsday'])
 202              {
 203                  $message = $lang->add_maxperday;
 204              }
 205          }
 206  
 207          // Is the user giving too much reputation to another?
 208          if(!$message && $mybb->usergroup['maxreputationsperuser'] != 0)
 209          {
 210              $timesearch = TIME_NOW - (60 * 60 * 24);
 211              $query = $db->simple_select("reputation", "*", "uid='{$uid}' AND adduid='{$mybb->user['uid']}' AND dateline>'$timesearch'");
 212              $numtoday = $db->num_rows($query);
 213  
 214              if($numtoday >= $mybb->usergroup['maxreputationsperuser'])
 215              {
 216                  $message = $lang->add_maxperuser;
 217              }
 218          }
 219  
 220          // We have the correct post, but has the user given too much reputation to another in the same thread?
 221          if(!$message && !empty($was_post) && $mybb->usergroup['maxreputationsperthread'] != 0)
 222          {
 223              $timesearch = TIME_NOW - (60 * 60 * 24);
 224              $query = $db->query("
 225                  SELECT COUNT(p.pid) AS posts
 226                  FROM ".TABLE_PREFIX."reputation r
 227                  LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid = r.pid)
 228                  WHERE r.uid = '{$uid}' AND r.adduid = '{$mybb->user['uid']}' AND p.tid = '{$post['tid']}' AND r.dateline > '{$timesearch}'
 229              ");
 230  
 231              $numtoday = $db->fetch_field($query, 'posts');
 232  
 233              if($numtoday >= $mybb->usergroup['maxreputationsperthread'])
 234              {
 235                  $message = $lang->add_maxperthread;
 236              }
 237          }
 238  
 239          if($message)
 240          {
 241              if($mybb->input['nomodal'])
 242              {
 243                  eval('$error = "'.$templates->get("reputation_add_error_nomodal", 1, 0).'";');
 244              }
 245              else
 246              {
 247                  eval('$error = "'.$templates->get("reputation_add_error", 1, 0).'";');
 248              }
 249              echo $error;
 250              exit;
 251          }
 252      }
 253  }
 254  
 255  // Saving the new reputation
 256  if($mybb->input['action'] == "do_add" && $mybb->request_method == "post")
 257  {
 258      // Verify incoming POST request
 259      verify_post_check($mybb->get_input('my_post_key'));
 260  
 261      $plugins->run_hooks("reputation_do_add_start");
 262  
 263      // Check if the reputation power they're trying to give is within their "power limit"
 264      $reputation = abs($mybb->get_input('reputation', MyBB::INPUT_INT));
 265  
 266      // Deleting our current reputation of this user.
 267      if(!empty($mybb->input['delete']))
 268      {
 269          // Only administrators, super moderators, as well as users who gave a specifc vote can delete one.
 270          if($mybb->usergroup['issupermod'] != 1 && ($mybb->usergroup['candeletereputations'] != 1 || $existing_reputation['adduid'] != $mybb->user['uid'] || $mybb->user['uid'] == 0))
 271          {
 272              error_no_permission();
 273          }
 274  
 275          if($mybb->get_input('pid', MyBB::INPUT_INT) != 0)
 276          {
 277              $db->delete_query("reputation", "uid='{$uid}' AND adduid='".$mybb->user['uid']."' AND pid = '".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 278          }
 279          else
 280          {
 281              $db->delete_query("reputation", "rid='{$rid}' AND uid='{$uid}' AND adduid='".$mybb->user['uid']."'");
 282          }
 283  
 284          // Recount the reputation of this user - keep it in sync.
 285          $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 286          $reputation_value = $db->fetch_field($query, "reputation_count");
 287  
 288          $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 289          eval("\$error = \"".$templates->get("reputation_deleted", 1, 0)."\";");
 290          echo $error;
 291          exit;
 292      }
 293  
 294      $mybb->input['comments'] = trim($mybb->get_input('comments')); // Trim whitespace to check for length
 295      if(my_strlen($mybb->input['comments']) < $mybb->settings['minreplength'] && $mybb->get_input('pid', MyBB::INPUT_INT) == 0)
 296      {
 297          $message = $lang->sprintf($lang->add_no_comment, $mybb->settings['minreplength']);
 298          if($mybb->input['nomodal'])
 299          {
 300              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 301          }
 302          else
 303          {
 304              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 305          }
 306          echo $error;
 307          exit;
 308      }
 309  
 310      // The power for the reputation they specified was invalid.
 311      if($reputation > $mybb->usergroup['reputationpower'])
 312      {
 313          $message = $lang->add_invalidpower;
 314          if($mybb->input['nomodal'])
 315          {
 316              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 317          }
 318          else
 319          {
 320              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 321          }
 322          echo $error;
 323          exit;
 324      }
 325  
 326      // The user is trying to give a negative reputation, but negative reps have been disabled.
 327      if($mybb->get_input('reputation', MyBB::INPUT_INT) < 0 && $mybb->settings['negrep'] != 1)
 328      {
 329          $message = $lang->add_negative_disabled;
 330          if($mybb->input['nomodal'])
 331          {
 332              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 333          }
 334          else
 335          {
 336              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 337          }
 338          echo $error;
 339          exit;
 340      }
 341  
 342      // This user is trying to give a neutral reputation, but neutral reps have been disabled.
 343      if($mybb->get_input('reputation', MyBB::INPUT_INT) == 0 && $mybb->settings['neurep'] != 1)
 344      {
 345          $message = $lang->add_neutral_disabled;
 346          if($mybb->input['nomodal'])
 347          {
 348              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 349          }
 350          else
 351          {
 352              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 353          }
 354          echo $error;
 355          exit;
 356      }
 357  
 358      // This user is trying to give a positive reputation, but positive reps have been disabled.
 359      if($mybb->get_input('reputation', MyBB::INPUT_INT) > 0 && $mybb->settings['posrep'] != 1)
 360      {
 361          $message = $lang->add_positive_disabled;
 362          if($mybb->input['nomodal'])
 363          {
 364              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 365          }
 366          else
 367          {
 368              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 369          }
 370          echo $error;
 371          exit;
 372      }
 373  
 374      // The length of the comment is too long
 375      if(my_strlen($mybb->input['comments']) > $mybb->settings['maxreplength'])
 376      {
 377          $message = $lang->sprintf($lang->add_toolong, $mybb->settings['maxreplength']);
 378          if($mybb->input['nomodal'])
 379          {
 380              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 381          }
 382          else
 383          {
 384              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 385          }
 386          echo $error;
 387          exit;
 388      }
 389  
 390      // Build array of reputation data.
 391      $reputation = array(
 392          "uid" => $uid,
 393          "adduid" => $mybb->user['uid'],
 394          "pid" => $mybb->get_input('pid', MyBB::INPUT_INT),
 395          "reputation" => $mybb->get_input('reputation', MyBB::INPUT_INT),
 396          "dateline" => TIME_NOW,
 397          "comments" => $db->escape_string($mybb->input['comments'])
 398      );
 399  
 400      $plugins->run_hooks("reputation_do_add_process");
 401  
 402      // Updating an existing reputation
 403      if(!empty($existing_reputation['uid']))
 404      {
 405          $db->update_query("reputation", $reputation, "rid='".$existing_reputation['rid']."'");
 406  
 407          // Recount the reputation of this user - keep it in sync.
 408          $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 409          $reputation_value = $db->fetch_field($query, "reputation_count");
 410  
 411          $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 412  
 413          $lang->vote_added = $lang->vote_updated;
 414          $lang->vote_added_message = $lang->vote_updated_message;
 415      }
 416      // Insert a new reputation
 417      else
 418      {
 419          $db->insert_query("reputation", $reputation);
 420  
 421          // Recount the reputation of this user - keep it in sync.
 422          $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 423          $reputation_value = $db->fetch_field($query, "reputation_count");
 424  
 425          $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 426      }
 427  
 428      $plugins->run_hooks("reputation_do_add_end");
 429  
 430      eval("\$reputation = \"".$templates->get("reputation_added", 1, 0)."\";");
 431      echo $reputation;
 432      exit;
 433  }
 434  
 435  // Adding a new reputation
 436  if($mybb->input['action'] == "add")
 437  {
 438      $plugins->run_hooks("reputation_add_start");
 439      $delete_button = '';
 440  
 441      // If we have an existing reputation for this user, the user can modify or delete it.
 442      $user['username'] = htmlspecialchars_uni($user['username']);
 443      if(!empty($existing_reputation['uid']))
 444      {
 445          $vote_title = $lang->sprintf($lang->update_reputation_vote, $user['username']);
 446          $vote_button = $lang->update_vote;
 447          $comments = htmlspecialchars_uni($existing_reputation['comments']);
 448  
 449          if($mybb->usergroup['issupermod'] == 1 || ($mybb->usergroup['candeletereputations'] == 1 && $existing_reputation['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0))
 450          {
 451              $reputation_pid = $mybb->get_input('pid', MyBB::INPUT_INT);
 452              eval("\$delete_button = \"".$templates->get("reputation_add_delete")."\";");
 453          }
 454      }
 455      // Otherwise we're adding an entirely new reputation for this user.
 456      else
 457      {
 458          $vote_title = $lang->sprintf($lang->add_reputation_vote, $user['username']);
 459          $vote_button = $lang->add_vote;
 460          $comments = '';
 461          $delete_button = '';
 462      }
 463      $lang->user_comments = $lang->sprintf($lang->user_comments, $user['username']);
 464  
 465      if($mybb->get_input('pid', MyBB::INPUT_INT))
 466      {
 467          $post_rep_info = $lang->sprintf($lang->add_reputation_to_post, $user['username']);
 468          $lang->user_comments = $lang->no_comment_needed;
 469      }
 470      else
 471      {
 472          $post_rep_info = '';
 473      }
 474  
 475      // Draw the "power" options
 476      if($mybb->settings['negrep'] || $mybb->settings['neurep'] || $mybb->settings['posrep'])
 477      {
 478          $vote_check = array();
 479          $positive_power = '';
 480          $negative_power = '';
 481          $reputationpower = (int)$mybb->usergroup['reputationpower'];
 482  
 483          foreach(range(-$mybb->usergroup['reputationpower'], $mybb->usergroup['reputationpower']) as $value)
 484          {
 485              $vote_check[$value] = '';
 486          }
 487  
 488          if(!empty($existing_reputation['uid']) && !$was_post)
 489          {
 490              $vote_check[$existing_reputation['reputation']] = " selected=\"selected\"";
 491          }
 492  
 493          if($mybb->settings['neurep'])
 494          {
 495              $neutral_title = $lang->power_neutral;
 496              eval("\$neutral_power = \"".$templates->get("reputation_add_neutral")."\";");
 497          }
 498  
 499          for($value = 1; $value <= $reputationpower; ++$value)
 500          {
 501              if($mybb->settings['posrep'])
 502              {
 503                  $positive_title = $lang->sprintf($lang->power_positive, "+".$value);
 504                  eval("\$positive_power = \"".$templates->get("reputation_add_positive")."\";");
 505              }
 506  
 507              if($mybb->settings['negrep'])
 508              {
 509                  $negative_title = $lang->sprintf($lang->power_negative, "-".$value);
 510                  $neg_value = "-{$value}";
 511                  eval("\$negative_power .= \"".$templates->get("reputation_add_negative")."\";");
 512              }
 513          }
 514  
 515          $reputation_pid = $mybb->get_input('pid', MyBB::INPUT_INT);
 516  
 517          $plugins->run_hooks("reputation_add_end");
 518          eval("\$reputation_add = \"".$templates->get("reputation_add", 1, 0)."\";");
 519      }
 520      else
 521      {
 522          $message = $lang->add_all_rep_disabled;
 523  
 524          $plugins->run_hooks("reputation_add_end_error");
 525          if($mybb->input['nomodal'])
 526          {
 527              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 528          }
 529          else
 530          {
 531              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 532          }
 533      }
 534  
 535      echo $reputation_add;
 536      exit;
 537  }
 538  
 539  // Delete a specific reputation from a user.
 540  if($mybb->input['action'] == "delete")
 541  {
 542      // Verify incoming POST request
 543      verify_post_check($mybb->get_input('my_post_key'));
 544  
 545      $rid = $mybb->get_input('rid', MyBB::INPUT_INT);
 546      
 547      $plugins->run_hooks("reputation_delete_start");
 548  
 549      // Fetch the existing reputation for this user given by our current user if there is one.
 550      $query = $db->query("
 551          SELECT r.*, u.username
 552          FROM ".TABLE_PREFIX."reputation r
 553          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.adduid)
 554          WHERE r.rid = '{$rid}' AND r.uid = '{$uid}'
 555      ");
 556      $existing_reputation = $db->fetch_array($query);
 557  
 558      // Only administrators, super moderators, as well as users who gave a specifc vote can delete one.
 559      if($mybb->usergroup['issupermod'] != 1 && ($mybb->usergroup['candeletereputations'] != 1 || $existing_reputation['adduid'] != $mybb->user['uid'] || $mybb->user['uid'] == 0))
 560      {
 561          error_no_permission();
 562      }
 563      
 564      $plugins->run_hooks("reputation_delete_end");
 565  
 566      // Delete the specified reputation
 567      $db->delete_query("reputation", "uid='{$uid}' AND rid='{$rid}'");
 568  
 569      // Recount the reputation of this user - keep it in sync.
 570      $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 571      $reputation_value = $db->fetch_field($query, "reputation_count");
 572  
 573      // Create moderator log
 574      log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->sprintf($lang->delete_reputation_log, $existing_reputation['username'], $existing_reputation['adduid']));
 575  
 576      $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 577  
 578      redirect("reputation.php?uid={$uid}", $lang->vote_deleted_message);
 579  }
 580  
 581  // Otherwise, show a listing of reputations for the given user.
 582  if(!$mybb->input['action'])
 583  {
 584      if($mybb->usergroup['canviewprofiles'] == 0)
 585      {
 586          // Reputation page is a part of a profile
 587          error_no_permission();
 588      }
 589  
 590      if($user_permissions['usereputationsystem'] != 1)
 591      {
 592          // Group has reputation disabled or user has a display group that has reputation disabled
 593          error($lang->reputations_disabled_group);
 594      }
 595  
 596      $user['username'] = htmlspecialchars_uni($user['username']);
 597      $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']);
 598      $lang->reputation_report = $lang->sprintf($lang->reputation_report, $user['username']);
 599  
 600      // Format the user name using the group username style
 601      $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
 602  
 603      $usertitle = '';
 604  
 605      // This user has a custom user title
 606      if(trim($user['usertitle']) != '')
 607      {
 608          $usertitle = $user['usertitle'];
 609      }
 610      // Using our display group's user title
 611      elseif(trim($display_group['usertitle']) != '')
 612      {
 613          $usertitle = $display_group['usertitle'];
 614      }
 615      // Otherwise, fetch it from our titles table for the number of posts this user has
 616      else
 617      {
 618          $usertitles = $cache->read('usertitles');
 619          foreach($usertitles as $title)
 620          {
 621              if($title['posts'] <= $user['postnum'])
 622              {
 623                  $usertitle = $title['title'];
 624                  break;
 625              }
 626          }
 627          unset($usertitles, $title);
 628      }
 629      
 630      $usertitle = htmlspecialchars_uni($usertitle);
 631  
 632      // If the user has permission to add reputations - show the image
 633      if($mybb->usergroup['cangivereputations'] == 1 && $mybb->user['uid'] != $user['uid'] && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']))
 634      {
 635          eval("\$add_reputation = \"".$templates->get("reputation_addlink")."\";");
 636      }
 637      else
 638      {
 639          $add_reputation = '';
 640      }
 641  
 642      // Build navigation menu
 643      add_breadcrumb($lang->nav_profile, get_profile_link($user['uid']));
 644      add_breadcrumb($lang->nav_reputation);
 645  
 646      // Check our specified conditionals for what type of reputations to show
 647      $show_selected = array('all' => '', 'positive' => '', 'neutral' => '', 'negative' => '');
 648      switch($mybb->get_input('show'))
 649      {
 650          case "positive":
 651              $s_url = "&show=positive";
 652              $conditions = 'AND r.reputation>0';
 653              $show_selected['positive'] = 'selected="selected"';
 654              break;
 655          case "neutral":
 656              $s_url = "&show=neutral";
 657              $conditions = 'AND r.reputation=0';
 658              $show_selected['neutral'] = 'selected="selected"';
 659              break;
 660          case "negative":
 661              $s_url = "&show=negative";
 662              $conditions = 'AND r.reputation<0';
 663              $show_selected['negative'] = 'selected="selected"';
 664              break;
 665          default:
 666              $s_url = '&show=all';
 667              $conditions = '';
 668              $show_select['all'] = 'selected="selected"';
 669              break;
 670      }
 671  
 672      // Check the sorting options for the reputation list
 673      $sort_selected = array('username' => '', 'last_updated' => '');
 674      switch($mybb->get_input('sort'))
 675      {
 676          case "username":
 677              $s_url .= "&sort=username";
 678              $order = "u.username ASC";
 679              $sort_selected['username'] = 'selected="selected"';
 680              break;
 681          default:
 682              $s_url .= '&sort=dateline';
 683              $order = "r.dateline DESC";
 684              $sort_selected['last_updated'] = 'selected="selected"';
 685              break;
 686      }
 687  
 688      if(empty($mybb->input['show']) && empty($mybb->input['sort']))
 689      {
 690          $s_url = '';
 691      }
 692  
 693      // Fetch the total number of reputations for this user
 694      $query = $db->simple_select("reputation r", "COUNT(r.rid) AS reputation_count", "r.uid='{$user['uid']}' $conditions");
 695      $reputation_count = $db->fetch_field($query, "reputation_count");
 696  
 697      // If the user has no reputation, suspect 0...
 698      if(!$user['reputation'])
 699      {
 700          $user['reputation'] = 0;
 701      }
 702  
 703      // Quickly check to see if we're in sync...
 704      $query = $db->simple_select("reputation", "SUM(reputation) AS reputation, COUNT(rid) AS total_reputation", "uid = '".$user['uid']."'");
 705      $reputation = $db->fetch_array($query);
 706  
 707      $sync_reputation = (int)$reputation['reputation'];
 708      $total_reputation = $reputation['total_reputation'];
 709  
 710      if($sync_reputation != $user['reputation'])
 711      {
 712          // We're out of sync! Oh noes!
 713          $db->update_query("users", array("reputation" => $sync_reputation), "uid = '".$user['uid']."'");
 714          $user['reputation'] = $sync_reputation;
 715      }
 716  
 717      // Set default count variables to 0
 718      $positive_count = $negative_count = $neutral_count = 0;
 719      $positive_week = $negative_week = $neutral_week = 0;
 720      $positive_month = $negative_month = $neutral_month = 0;
 721      $positive_6months = $negative_6months = $neutral_6months = 0;
 722  
 723      // Unix timestamps for when this week, month and last 6 months started
 724      $last_week = TIME_NOW-604800;
 725      $last_month = TIME_NOW-2678400;
 726      $last_6months = TIME_NOW-16070400;
 727  
 728      // Query reputations for the "reputation card"
 729      $query = $db->simple_select("reputation", "reputation, dateline", "uid='{$user['uid']}'");
 730      while($reputation_vote = $db->fetch_array($query))
 731      {
 732          // This is a positive reputation
 733          if($reputation_vote['reputation'] > 0)
 734          {
 735              $positive_count++;
 736              if($reputation_vote['dateline'] >= $last_week)
 737              {
 738                  $positive_week++;
 739              }
 740              if($reputation_vote['dateline'] >= $last_month)
 741              {
 742                  $positive_month++;
 743              }
 744              if($reputation_vote['dateline'] >= $last_6months)
 745              {
 746                  $positive_6months++;
 747              }
 748          }
 749          // Negative reputation given
 750          else if($reputation_vote['reputation'] < 0)
 751          {
 752              $negative_count++;
 753              if($reputation_vote['dateline'] >= $last_week)
 754              {
 755                  $negative_week++;
 756              }
 757              if($reputation_vote['dateline'] >= $last_month)
 758              {
 759                  $negative_month++;
 760              }
 761              if($reputation_vote['dateline'] >= $last_6months)
 762              {
 763                  $negative_6months++;
 764              }
 765          }
 766          // Neutral reputation given
 767          else
 768          {
 769              $neutral_count++;
 770              if($reputation_vote['dateline'] >= $last_week)
 771              {
 772                  $neutral_week++;
 773              }
 774              if($reputation_vote['dateline'] >= $last_month)
 775              {
 776                  $neutral_month++;
 777              }
 778              if($reputation_vote['dateline'] >= $last_6months)
 779              {
 780                  $neutral_6months++;
 781              }
 782          }
 783      }
 784      
 785      // Format all reputation numbers
 786      $rep_total = my_number_format($user['reputation']);
 787      $f_positive_count = my_number_format($positive_count);
 788      $f_negative_count = my_number_format($negative_count);
 789      $f_neutral_count = my_number_format($neutral_count);
 790      $f_positive_week = my_number_format($positive_week);
 791      $f_negative_week = my_number_format($negative_week);
 792      $f_neutral_week = my_number_format($neutral_week);
 793      $f_positive_month = my_number_format($positive_month);
 794      $f_negative_month = my_number_format($negative_month);
 795      $f_neutral_month = my_number_format($neutral_month);
 796      $f_positive_6months = my_number_format($positive_6months);
 797      $f_negative_6months = my_number_format($negative_6months);
 798      $f_neutral_6months = my_number_format($neutral_6months);
 799      
 800      // Format the user's 'total' reputation
 801      if($user['reputation'] < 0)
 802      {
 803          $total_class = "_minus";
 804      }
 805      elseif($user['reputation'] > 0)
 806      {
 807          $total_class = "_plus";
 808      }
 809      else
 810      {
 811          $total_class = "_neutral";
 812      }
 813  
 814      // Figure out how many reps have come from posts / 'general'
 815      // Posts
 816      $query = $db->simple_select("reputation", "COUNT(rid) AS rep_posts", "uid = '".$user['uid']."' AND pid > 0");
 817      $rep_post_count = $db->fetch_field($query, "rep_posts");
 818      $rep_posts = my_number_format($rep_post_count);
 819  
 820      // General
 821      // We count how many reps in total, then subtract the reps from posts
 822      $rep_members = my_number_format($total_reputation - $rep_post_count);
 823  
 824      // Is negative reputation disabled? If so, tell the user
 825      if($mybb->settings['negrep'] == 0)
 826      {
 827          $neg_rep_info = $lang->neg_rep_disabled;
 828      }
 829  
 830      if($mybb->settings['posrep'] == 0)
 831      {
 832          $pos_rep_info = $lang->pos_rep_disabled;
 833      }
 834  
 835      if($mybb->settings['neurep'] == 0)
 836      {
 837          $neu_rep_info = $lang->neu_rep_disabled;
 838      }
 839  
 840      $perpage = (int)$mybb->settings['repsperpage'];
 841      if($perpage < 1)
 842      {
 843          $perpage = 15;
 844      }
 845  
 846      // Check if we're browsing a specific page of results
 847      if($mybb->get_input('page', MyBB::INPUT_INT) > 0)
 848      {
 849          $page = $mybb->get_input('page', MyBB::INPUT_INT);
 850          $start = ($page-1) * $perpage;
 851          $pages = $reputation_count / $perpage;
 852          $pages = ceil($pages);
 853          if($page > $pages)
 854          {
 855              $start = 0;
 856              $page = 1;
 857          }
 858      }
 859      else
 860      {
 861          $start = 0;
 862          $page = 1;
 863      }
 864  
 865      $multipage = '';
 866  
 867      // Build out multipage navigation
 868      if($reputation_count > 0)
 869      {
 870          $multipage = multipage($reputation_count, $perpage, $page, "reputation.php?uid={$user['uid']}".$s_url);
 871      }
 872  
 873      // Fetch the reputations which will be displayed on this page
 874      $query = $db->query("
 875          SELECT r.*, r.uid AS rated_uid, u.uid, u.username, u.reputation AS user_reputation, u.usergroup AS user_usergroup, u.displaygroup AS user_displaygroup
 876          FROM ".TABLE_PREFIX."reputation r
 877          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.adduid)
 878          WHERE r.uid='{$user['uid']}' $conditions
 879          ORDER BY $order
 880          LIMIT $start, {$perpage}
 881      ");
 882  
 883      // Gather a list of items that have post reputation
 884      $reputation_cache = $post_cache = $post_reputation = $not_reportable = array();
 885  
 886      while($reputation_vote = $db->fetch_array($query))
 887      {
 888          $reputation_cache[] = $reputation_vote;
 889  
 890          // If this is a post, hold it and gather some information about it
 891          if($reputation_vote['pid'] && !isset($post_cache[$reputation_vote['pid']]))
 892          {
 893              $post_cache[$reputation_vote['pid']] = $reputation_vote['pid'];
 894          }
 895      }
 896  
 897      if(!empty($post_cache))
 898      {
 899          $pids = implode(',', $post_cache);
 900  
 901          $sql = array("p.pid IN ({$pids})");
 902  
 903          // get forums user cannot view
 904          $unviewable = get_unviewable_forums(true);
 905          if($unviewable)
 906          {
 907              $sql[] = "p.fid NOT IN ({$unviewable})";
 908          }
 909  
 910          // get inactive forums
 911          $inactive = get_inactive_forums();
 912          if($inactive)
 913          {
 914              $sql[] = "p.fid NOT IN ({$inactive})";
 915          }
 916  
 917          if(!$mybb->user['ismoderator'])
 918          {
 919              $sql[] = "p.visible='1'";
 920              $sql[] = "t.visible='1'";
 921          }
 922  
 923          $sql = implode(' AND ', $sql);
 924  
 925          $query = $db->query("
 926              SELECT p.pid, p.uid, p.fid, p.visible, p.message, t.tid, t.subject, t.visible AS thread_visible
 927              FROM ".TABLE_PREFIX."posts p
 928              LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
 929              WHERE {$sql}
 930          ");
 931  
 932          $forumpermissions = array();
 933  
 934          while($post = $db->fetch_array($query))
 935          {
 936              if(($post['visible'] == 0 || $post['thread_visible'] == 0) && !is_moderator($post['fid'], 'canviewunapprove'))
 937              {
 938                  continue;
 939              }
 940  
 941              if(($post['visible'] == -1 || $post['thread_visible'] == -1) && !is_moderator($post['fid'], 'canviewdeleted'))
 942              {
 943                  continue;
 944              }
 945  
 946              if(!isset($forumpermissions[$post['fid']]))
 947              {
 948                  $forumpermissions[$post['fid']] = forum_permissions($post['fid']);
 949              }
 950  
 951              // Make sure we can view this post
 952              if(isset($forumpermissions[$post['fid']]['canonlyviewownthreads']) && $forumpermissions[$post['fid']]['canonlyviewownthreads'] == 1 && $post['uid'] != $mybb->user['uid'])
 953              {
 954                  continue;
 955              }
 956  
 957              $post_reputation[$post['pid']] = $post;
 958          }
 959      }
 960  
 961      $reputation_votes = '';
 962      if(!empty($reputation_cache) && $mybb->user['uid'] != 0)
 963      {
 964          $reputation_ids = implode(',', array_column($reputation_cache, 'rid'));
 965          $query = $db->query("
 966              SELECT id, reporters FROM ".TABLE_PREFIX."reportedcontent WHERE reportstatus != '1' AND id IN (".$reputation_ids.") AND type = 'reputation'
 967          ");
 968          while($report = $db->fetch_array($query))
 969          {
 970              $reporters = my_unserialize($report['reporters']);
 971              if(is_array($reporters) && in_array($mybb->user['uid'], $reporters))
 972              {
 973                  $not_reportable[] =  $report['id'];
 974              }
 975          }
 976      }
 977  
 978      foreach($reputation_cache as $reputation_vote)
 979      {
 980          // Get the reputation for the user who posted this comment
 981          if($reputation_vote['adduid'] == 0)
 982          {
 983              $reputation_vote['user_reputation'] = 0;
 984          }
 985  
 986          $reputation_vote['user_reputation'] = get_reputation($reputation_vote['user_reputation'], $reputation_vote['adduid']);
 987  
 988          // Format the username of this poster
 989          if(!$reputation_vote['username'])
 990          {
 991              $reputation_vote['username'] = $lang->na;
 992              $reputation_vote['user_reputation'] = '';
 993          }
 994          else
 995          {
 996              $reputation_vote['username'] = format_name(htmlspecialchars_uni($reputation_vote['username']), $reputation_vote['user_usergroup'], $reputation_vote['user_displaygroup']);
 997              $reputation_vote['username'] = build_profile_link($reputation_vote['username'], $reputation_vote['uid']);
 998              $reputation_vote['user_reputation'] = "({$reputation_vote['user_reputation']})";
 999          }
1000  
1001          $vote_reputation = (int)$reputation_vote['reputation'];
1002  
1003          // This is a negative reputation
1004          if($vote_reputation < 0)
1005          {
1006              $status_class = "trow_reputation_negative";
1007              $vote_type_class = "reputation_negative";
1008              $vote_type = $lang->negative;
1009          }
1010          // This is a neutral reputation
1011          else if($vote_reputation == 0)
1012          {
1013              $status_class = "trow_reputation_neutral";
1014              $vote_type_class = "reputation_neutral";
1015              $vote_type = $lang->neutral;
1016          }
1017          // Otherwise, this is a positive reputation
1018          else
1019          {
1020              $vote_reputation = "+{$vote_reputation}";
1021              $status_class = "trow_reputation_positive";
1022              $vote_type_class = "reputation_positive";
1023              $vote_type = $lang->positive;
1024          }
1025  
1026          $vote_reputation = "({$vote_reputation})";
1027  
1028          // Format the date this reputation was last modified
1029          $last_updated_date = my_date('relative', $reputation_vote['dateline']);
1030          $last_updated = $lang->sprintf($lang->last_updated, $last_updated_date);
1031  
1032          $user['username'] = htmlspecialchars_uni($user['username']);
1033  
1034          // Is this rating specific to a post?
1035          $postrep_given = '';
1036          if($reputation_vote['pid'])
1037          {
1038              $postrep_given = $lang->sprintf($lang->postrep_given_nolink, $user['username']);
1039              if(isset($post_reputation[$reputation_vote['pid']]))
1040              {
1041                  $thread_link = get_thread_link($post_reputation[$reputation_vote['pid']]['tid']);
1042                  $subject = htmlspecialchars_uni($parser->parse_badwords($post_reputation[$reputation_vote['pid']]['subject']));
1043  
1044                  $thread_link = $lang->sprintf($lang->postrep_given_thread, $thread_link, $subject);
1045                  $link = get_post_link($reputation_vote['pid'])."#pid{$reputation_vote['pid']}";
1046  
1047                  $postrep_given = $lang->sprintf($lang->postrep_given, $link, $user['username'], $thread_link);
1048              }
1049          }
1050  
1051          // Does the current user have permission to delete this reputation? Show delete link
1052          $delete_link = '';
1053          if($mybb->usergroup['issupermod'] == 1 || ($mybb->usergroup['candeletereputations'] == 1 && $reputation_vote['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0))
1054          {
1055              eval("\$delete_link = \"".$templates->get("reputation_vote_delete")."\";");
1056          }
1057  
1058          $report_link = '';
1059          if($mybb->user['uid'] != 0 && !in_array($reputation_vote['rid'], $not_reportable))
1060          {
1061              eval("\$report_link = \"".$templates->get("reputation_vote_report")."\";");
1062          }
1063  
1064          // Parse smilies in the reputation vote
1065          $reputation_parser = array(
1066              "allow_html" => 0,
1067              "allow_mycode" => 0,
1068              "allow_smilies" => 1,
1069              "allow_imgcode" => 0,
1070              "filter_badwords" => 1
1071          );
1072  
1073          $reputation_vote['comments'] = $parser->parse_message($reputation_vote['comments'], $reputation_parser);
1074          if($reputation_vote['comments'] == '')
1075          {
1076              $reputation_vote['comments'] = $lang->no_comment;
1077          }
1078  
1079          $plugins->run_hooks("reputation_vote");
1080  
1081          eval("\$reputation_votes .= \"".$templates->get("reputation_vote")."\";");
1082      }
1083  
1084      // If we don't have any reputations display a nice message.
1085      if(!$reputation_votes)
1086      {
1087          eval("\$reputation_votes = \"".$templates->get("reputation_no_votes")."\";");
1088      }
1089  
1090      $plugins->run_hooks("reputation_end");
1091      eval("\$reputation = \"".$templates->get("reputation")."\";");
1092      output_page($reputation);
1093  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref