[ Index ]

PHP Cross Reference of MyBB 1.8.38

title

Body

[close]

/ -> reputation.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'reputation.php');
  13  
  14  $templatelist = "reputation_addlink,reputation_no_votes,reputation,reputation_vote,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,reputation_vote_delete";
  15  $templatelist .= ",reputation_add_delete,reputation_add_neutral,reputation_add_positive,reputation_add_negative,reputation_add_error,reputation_add_error_nomodal,reputation_add,reputation_added,reputation_deleted,reputation_vote_report,postbit_reputation_formatted_link";
  16  
  17  require_once  "./global.php";
  18  require_once  MYBB_ROOT."inc/class_parser.php";
  19  $parser = new postParser;
  20  
  21  // Load global language phrases
  22  $lang->load("reputation");
  23  
  24  $plugins->run_hooks("reputation_start");
  25  
  26  // Check if the reputation system is globally disabled or not.
  27  if($mybb->settings['enablereputation'] != 1)
  28  {
  29      error($lang->reputation_disabled);
  30  }
  31  
  32  // Does this user have permission to view the board?
  33  if($mybb->usergroup['canview'] != 1)
  34  {
  35      error_no_permission();
  36  }
  37  
  38  // If we have a specified incoming username, validate it and fetch permissions for it
  39  $uid = $mybb->get_input('uid', MyBB::INPUT_INT);
  40  $user = get_user($uid);
  41  if(!$user)
  42  {
  43      error($lang->add_no_uid);
  44  }
  45  $user_permissions = user_permissions($uid);
  46  
  47  // Fetch display group properties.
  48  $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image");
  49  
  50  if(!$user['displaygroup'])
  51  {
  52      $user['displaygroup'] = $user['usergroup'];
  53  }
  54  
  55  $display_group = usergroup_displaygroup($user['displaygroup']);
  56  if(is_array($display_group))
  57  {
  58      $user_permissions = array_merge($user_permissions, $display_group);
  59  }
  60  
  61  $mybb->input['action'] = $mybb->get_input('action');
  62  
  63  // Here we perform our validation when adding a reputation to see if the user
  64  // has permission or not. This is done here to save duplicating the same code.
  65  if($mybb->input['action'] == "add" || $mybb->input['action'] == "do_add")
  66  {
  67      // This user doesn't have permission to give reputations.
  68      if($mybb->usergroup['cangivereputations'] != 1)
  69      {
  70          $message = $lang->add_no_permission;
  71          if($mybb->input['nomodal'])
  72          {
  73              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
  74          }
  75          else
  76          {
  77              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
  78          }
  79          echo $error;
  80          exit;
  81      }
  82  
  83      // The user we're trying to give a reputation to doesn't have permission to receive reps.
  84      if($user_permissions['usereputationsystem'] != 1)
  85      {
  86          $message = $lang->add_disabled;
  87          if($mybb->input['nomodal'])
  88          {
  89              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
  90          }
  91          else
  92          {
  93              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
  94          }
  95          echo $error;
  96          exit;
  97      }
  98  
  99      // Is this user trying to give themself a reputation?
 100      if($uid == $mybb->user['uid'])
 101      {
 102          $message = $lang->add_yours;
 103          if($mybb->input['nomodal'])
 104          {
 105              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 106          }
 107          else
 108          {
 109              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 110          }
 111          echo $error;
 112          exit;
 113      }
 114  
 115      // If a post has been given but post ratings have been disabled, set the post to 0. This will mean all subsequent code will think no post was given.
 116      if($mybb->settings['postrep'] != 1)
 117      {
 118          $mybb->input['pid'] = 0;
 119      }
 120  
 121      if($mybb->get_input('pid', MyBB::INPUT_INT))
 122      {
 123          // Make sure that this post exists, and that the author of the post we're giving this reputation for corresponds with the user the rep is being given to.
 124          $post = get_post($mybb->get_input('pid', MyBB::INPUT_INT));
 125          if($post)
 126          {
 127              $thread = get_thread($post['tid']);
 128              $forum = get_forum($thread['fid']);
 129              $forumpermissions = forum_permissions($forum['fid']);
 130  
 131              // Post doesn't belong to that user or isn't visible
 132              if($uid != $post['uid'] || $post['visible'] != 1)
 133              {
 134                  $mybb->input['pid'] = 0;
 135              }
 136  
 137              // Thread isn't visible
 138              elseif($thread['visible'] != 1)
 139              {
 140                  $mybb->input['pid'] = 0;
 141              }
 142  
 143              // Current user can't see the forum
 144              elseif($forumpermissions['canview'] == 0 || $forumpermissions['canpostreplys'] == 0 || $mybb->user['suspendposting'] == 1)
 145              {
 146                  $mybb->input['pid'] = 0;
 147              }
 148  
 149              // Current user can't see that thread
 150              elseif(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid'])
 151              {
 152                  $mybb->input['pid'] = 0;
 153              }
 154          }
 155          else
 156          {
 157              $mybb->input['pid'] = 0;
 158          }
 159      }
 160  
 161      $rid = 0;
 162  
 163      // Fetch the existing reputation for this user given by our current user if there is one.
 164      // If multiple reputations is allowed, then this isn't needed
 165      if($mybb->settings['multirep'] != 1 && $mybb->get_input('pid', MyBB::INPUT_INT) == 0)
 166      {
 167          $query = $db->simple_select("reputation", "*", "adduid='".$mybb->user['uid']."' AND uid='{$uid}' AND pid='0'");
 168          $existing_reputation = $db->fetch_array($query);
 169          if($existing_reputation)
 170          {
 171              $rid = $existing_reputation['rid'];
 172          }
 173          $was_post = false;
 174      }
 175      if($mybb->get_input('pid', MyBB::INPUT_INT) != 0)
 176      {
 177          $query = $db->simple_select("reputation", "*", "adduid='".$mybb->user['uid']."' AND uid='{$uid}' AND pid = '".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 178          $existing_reputation = $db->fetch_array($query);
 179  
 180          if($existing_reputation)
 181          {
 182              $rid = $existing_reputation['rid'];
 183          }
 184          else
 185          {
 186              $rid = 0;
 187          }
 188  
 189          $was_post = true;
 190      }
 191  
 192      if($rid == 0 && ($mybb->input['action'] != "do_add" || ($mybb->input['action'] == "do_add" && empty($mybb->input['delete']))))
 193      {
 194          $message = '';
 195  
 196          // Check if this user has reached their "maximum reputations per day" quota
 197          if($mybb->usergroup['maxreputationsday'] != 0)
 198          {
 199              $timesearch = TIME_NOW - (60 * 60 * 24);
 200              $query = $db->simple_select("reputation", "*", "adduid='{$mybb->user['uid']}' AND dateline>'$timesearch'");
 201              $numtoday = $db->num_rows($query);
 202  
 203              // Reached the quota - error.
 204              if($numtoday >= $mybb->usergroup['maxreputationsday'])
 205              {
 206                  $message = $lang->add_maxperday;
 207              }
 208          }
 209  
 210          // Is the user giving too much reputation to another?
 211          if(!$message && $mybb->usergroup['maxreputationsperuser'] != 0)
 212          {
 213              $timesearch = TIME_NOW - (60 * 60 * 24);
 214              $query = $db->simple_select("reputation", "*", "uid='{$uid}' AND adduid='{$mybb->user['uid']}' AND dateline>'$timesearch'");
 215              $numtoday = $db->num_rows($query);
 216  
 217              if($numtoday >= $mybb->usergroup['maxreputationsperuser'])
 218              {
 219                  $message = $lang->add_maxperuser;
 220              }
 221          }
 222  
 223          // We have the correct post, but has the user given too much reputation to another in the same thread?
 224          if(!$message && !empty($was_post) && $mybb->usergroup['maxreputationsperthread'] != 0)
 225          {
 226              $timesearch = TIME_NOW - (60 * 60 * 24);
 227              $query = $db->query("
 228                  SELECT COUNT(p.pid) AS posts
 229                  FROM ".TABLE_PREFIX."reputation r
 230                  LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid = r.pid)
 231                  WHERE r.uid = '{$uid}' AND r.adduid = '{$mybb->user['uid']}' AND p.tid = '{$post['tid']}' AND r.dateline > '{$timesearch}'
 232              ");
 233  
 234              $numtoday = $db->fetch_field($query, 'posts');
 235  
 236              if($numtoday >= $mybb->usergroup['maxreputationsperthread'])
 237              {
 238                  $message = $lang->add_maxperthread;
 239              }
 240          }
 241  
 242          if($message)
 243          {
 244              if($mybb->input['nomodal'])
 245              {
 246                  eval('$error = "'.$templates->get("reputation_add_error_nomodal", 1, 0).'";');
 247              }
 248              else
 249              {
 250                  eval('$error = "'.$templates->get("reputation_add_error", 1, 0).'";');
 251              }
 252              echo $error;
 253              exit;
 254          }
 255      }
 256  }
 257  
 258  // Saving the new reputation
 259  if($mybb->input['action'] == "do_add" && $mybb->request_method == "post")
 260  {
 261      // Verify incoming POST request
 262      verify_post_check($mybb->get_input('my_post_key'));
 263  
 264      $plugins->run_hooks("reputation_do_add_start");
 265  
 266      // Check if the reputation power they're trying to give is within their "power limit"
 267      $reputation = abs($mybb->get_input('reputation', MyBB::INPUT_INT));
 268  
 269      // Deleting our current reputation of this user.
 270      if(!empty($mybb->input['delete']))
 271      {
 272          // Only administrators, super moderators, as well as users who gave a specifc vote can delete one.
 273          if($mybb->usergroup['issupermod'] != 1 && ($mybb->usergroup['candeletereputations'] != 1 || $existing_reputation['adduid'] != $mybb->user['uid'] || $mybb->user['uid'] == 0))
 274          {
 275              error_no_permission();
 276          }
 277  
 278          if($mybb->get_input('pid', MyBB::INPUT_INT) != 0)
 279          {
 280              $db->delete_query("reputation", "uid='{$uid}' AND adduid='".$mybb->user['uid']."' AND pid = '".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 281          }
 282          else
 283          {
 284              $db->delete_query("reputation", "rid='{$rid}' AND uid='{$uid}' AND adduid='".$mybb->user['uid']."'");
 285          }
 286  
 287          // Recount the reputation of this user - keep it in sync.
 288          $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 289          $reputation_value = $db->fetch_field($query, "reputation_count");
 290  
 291          $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 292          eval("\$error = \"".$templates->get("reputation_deleted", 1, 0)."\";");
 293          echo $error;
 294          exit;
 295      }
 296  
 297      $mybb->input['comments'] = trim($mybb->get_input('comments')); // Trim whitespace to check for length
 298      if(my_strlen($mybb->input['comments']) < $mybb->settings['minreplength'] && $mybb->get_input('pid', MyBB::INPUT_INT) == 0)
 299      {
 300          $message = $lang->sprintf($lang->add_no_comment, $mybb->settings['minreplength']);
 301          if($mybb->input['nomodal'])
 302          {
 303              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 304          }
 305          else
 306          {
 307              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 308          }
 309          echo $error;
 310          exit;
 311      }
 312  
 313      // The power for the reputation they specified was invalid.
 314      if($reputation > $mybb->usergroup['reputationpower'])
 315      {
 316          $message = $lang->add_invalidpower;
 317          if($mybb->input['nomodal'])
 318          {
 319              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 320          }
 321          else
 322          {
 323              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 324          }
 325          echo $error;
 326          exit;
 327      }
 328  
 329      // The user is trying to give a negative reputation, but negative reps have been disabled.
 330      if($mybb->get_input('reputation', MyBB::INPUT_INT) < 0 && $mybb->settings['negrep'] != 1)
 331      {
 332          $message = $lang->add_negative_disabled;
 333          if($mybb->input['nomodal'])
 334          {
 335              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 336          }
 337          else
 338          {
 339              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 340          }
 341          echo $error;
 342          exit;
 343      }
 344  
 345      // This user is trying to give a neutral reputation, but neutral reps have been disabled.
 346      if($mybb->get_input('reputation', MyBB::INPUT_INT) == 0 && $mybb->settings['neurep'] != 1)
 347      {
 348          $message = $lang->add_neutral_disabled;
 349          if($mybb->input['nomodal'])
 350          {
 351              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 352          }
 353          else
 354          {
 355              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 356          }
 357          echo $error;
 358          exit;
 359      }
 360  
 361      // This user is trying to give a positive reputation, but positive reps have been disabled.
 362      if($mybb->get_input('reputation', MyBB::INPUT_INT) > 0 && $mybb->settings['posrep'] != 1)
 363      {
 364          $message = $lang->add_positive_disabled;
 365          if($mybb->input['nomodal'])
 366          {
 367              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 368          }
 369          else
 370          {
 371              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 372          }
 373          echo $error;
 374          exit;
 375      }
 376  
 377      // The length of the comment is too long
 378      if(my_strlen($mybb->input['comments']) > $mybb->settings['maxreplength'])
 379      {
 380          $message = $lang->sprintf($lang->add_toolong, $mybb->settings['maxreplength']);
 381          if($mybb->input['nomodal'])
 382          {
 383              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 384          }
 385          else
 386          {
 387              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 388          }
 389          echo $error;
 390          exit;
 391      }
 392  
 393      // Build array of reputation data.
 394      $reputation = array(
 395          "uid" => $uid,
 396          "adduid" => $mybb->user['uid'],
 397          "pid" => $mybb->get_input('pid', MyBB::INPUT_INT),
 398          "reputation" => $mybb->get_input('reputation', MyBB::INPUT_INT),
 399          "dateline" => TIME_NOW,
 400          "comments" => $db->escape_string($mybb->input['comments'])
 401      );
 402  
 403      $plugins->run_hooks("reputation_do_add_process");
 404  
 405      // Updating an existing reputation
 406      if(!empty($existing_reputation['uid']))
 407      {
 408          $db->update_query("reputation", $reputation, "rid='".$existing_reputation['rid']."'");
 409  
 410          // Recount the reputation of this user - keep it in sync.
 411          $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 412          $reputation_value = $db->fetch_field($query, "reputation_count");
 413  
 414          $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 415  
 416          $lang->vote_added = $lang->vote_updated;
 417          $lang->vote_added_message = $lang->vote_updated_message;
 418      }
 419      // Insert a new reputation
 420      else
 421      {
 422          $db->insert_query("reputation", $reputation);
 423  
 424          // Recount the reputation of this user - keep it in sync.
 425          $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 426          $reputation_value = $db->fetch_field($query, "reputation_count");
 427  
 428          $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 429      }
 430  
 431      $plugins->run_hooks("reputation_do_add_end");
 432  
 433      eval("\$reputation = \"".$templates->get("reputation_added", 1, 0)."\";");
 434      echo $reputation;
 435      exit;
 436  }
 437  
 438  // Adding a new reputation
 439  if($mybb->input['action'] == "add")
 440  {
 441      $plugins->run_hooks("reputation_add_start");
 442      $delete_button = '';
 443  
 444      // If we have an existing reputation for this user, the user can modify or delete it.
 445      $user['username'] = htmlspecialchars_uni($user['username']);
 446      if(!empty($existing_reputation['uid']))
 447      {
 448          $vote_title = $lang->sprintf($lang->update_reputation_vote, $user['username']);
 449          $vote_button = $lang->update_vote;
 450          $comments = htmlspecialchars_uni($existing_reputation['comments']);
 451  
 452          if($mybb->usergroup['issupermod'] == 1 || ($mybb->usergroup['candeletereputations'] == 1 && $existing_reputation['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0))
 453          {
 454              $reputation_pid = $mybb->get_input('pid', MyBB::INPUT_INT);
 455              eval("\$delete_button = \"".$templates->get("reputation_add_delete")."\";");
 456          }
 457      }
 458      // Otherwise we're adding an entirely new reputation for this user.
 459      else
 460      {
 461          $vote_title = $lang->sprintf($lang->add_reputation_vote, $user['username']);
 462          $vote_button = $lang->add_vote;
 463          $comments = '';
 464          $delete_button = '';
 465      }
 466      $lang->user_comments = $lang->sprintf($lang->user_comments, $user['username']);
 467  
 468      if($mybb->get_input('pid', MyBB::INPUT_INT))
 469      {
 470          $post_rep_info = $lang->sprintf($lang->add_reputation_to_post, $user['username']);
 471          $lang->user_comments = $lang->no_comment_needed;
 472      }
 473      else
 474      {
 475          $post_rep_info = '';
 476      }
 477  
 478      // Draw the "power" options
 479      if($mybb->settings['negrep'] || $mybb->settings['neurep'] || $mybb->settings['posrep'])
 480      {
 481          $vote_check = array();
 482          $positive_power = '';
 483          $negative_power = '';
 484          $reputationpower = (int)$mybb->usergroup['reputationpower'];
 485  
 486          foreach(range(-$mybb->usergroup['reputationpower'], $mybb->usergroup['reputationpower']) as $value)
 487          {
 488              $vote_check[$value] = '';
 489          }
 490  
 491          if(!empty($existing_reputation['uid']) && !$was_post)
 492          {
 493              $vote_check[$existing_reputation['reputation']] = " selected=\"selected\"";
 494          }
 495  
 496          if($mybb->settings['neurep'])
 497          {
 498              $neutral_title = $lang->power_neutral;
 499              eval("\$neutral_power = \"".$templates->get("reputation_add_neutral")."\";");
 500          }
 501  
 502          for($value = 1; $value <= $reputationpower; ++$value)
 503          {
 504              if($mybb->settings['posrep'])
 505              {
 506                  $positive_title = $lang->sprintf($lang->power_positive, "+".$value);
 507                  eval("\$positive_power = \"".$templates->get("reputation_add_positive")."\";");
 508              }
 509  
 510              if($mybb->settings['negrep'])
 511              {
 512                  $negative_title = $lang->sprintf($lang->power_negative, "-".$value);
 513                  $neg_value = "-{$value}";
 514                  eval("\$negative_power .= \"".$templates->get("reputation_add_negative")."\";");
 515              }
 516          }
 517  
 518          $reputation_pid = $mybb->get_input('pid', MyBB::INPUT_INT);
 519  
 520          $plugins->run_hooks("reputation_add_end");
 521          eval("\$reputation_add = \"".$templates->get("reputation_add", 1, 0)."\";");
 522      }
 523      else
 524      {
 525          $message = $lang->add_all_rep_disabled;
 526  
 527          $plugins->run_hooks("reputation_add_end_error");
 528          if($mybb->input['nomodal'])
 529          {
 530              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 531          }
 532          else
 533          {
 534              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 535          }
 536      }
 537  
 538      echo $reputation_add;
 539      exit;
 540  }
 541  
 542  // Delete a specific reputation from a user.
 543  if($mybb->input['action'] == "delete")
 544  {
 545      // Verify incoming POST request
 546      verify_post_check($mybb->get_input('my_post_key'));
 547  
 548      $rid = $mybb->get_input('rid', MyBB::INPUT_INT);
 549      
 550      $plugins->run_hooks("reputation_delete_start");
 551  
 552      // Fetch the existing reputation for this user given by our current user if there is one.
 553      $query = $db->query("
 554          SELECT r.*, u.username
 555          FROM ".TABLE_PREFIX."reputation r
 556          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.adduid)
 557          WHERE r.rid = '{$rid}' AND r.uid = '{$uid}'
 558      ");
 559      $existing_reputation = $db->fetch_array($query);
 560  
 561      // Only administrators, super moderators, as well as users who gave a specifc vote can delete one.
 562      if($mybb->usergroup['issupermod'] != 1 && ($mybb->usergroup['candeletereputations'] != 1 || $existing_reputation['adduid'] != $mybb->user['uid'] || $mybb->user['uid'] == 0))
 563      {
 564          error_no_permission();
 565      }
 566      
 567      $plugins->run_hooks("reputation_delete_end");
 568  
 569      // Delete the specified reputation
 570      $db->delete_query("reputation", "uid='{$uid}' AND rid='{$rid}'");
 571  
 572      // Recount the reputation of this user - keep it in sync.
 573      $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 574      $reputation_value = $db->fetch_field($query, "reputation_count");
 575  
 576      // Create moderator log
 577      log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->sprintf($lang->delete_reputation_log, $existing_reputation['username'], $existing_reputation['adduid']));
 578  
 579      $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 580  
 581      redirect("reputation.php?uid={$uid}", $lang->vote_deleted_message);
 582  }
 583  
 584  // Otherwise, show a listing of reputations for the given user.
 585  if(!$mybb->input['action'])
 586  {
 587      if($mybb->usergroup['canviewprofiles'] == 0)
 588      {
 589          // Reputation page is a part of a profile
 590          error_no_permission();
 591      }
 592  
 593      if($user_permissions['usereputationsystem'] != 1)
 594      {
 595          // Group has reputation disabled or user has a display group that has reputation disabled
 596          error($lang->reputations_disabled_group);
 597      }
 598  
 599      $user['username'] = htmlspecialchars_uni($user['username']);
 600      $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']);
 601      $lang->reputation_report = $lang->sprintf($lang->reputation_report, $user['username']);
 602  
 603      // Format the user name using the group username style
 604      $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
 605  
 606      $usertitle = '';
 607  
 608      // This user has a custom user title
 609      if(trim($user['usertitle']) != '')
 610      {
 611          $usertitle = $user['usertitle'];
 612      }
 613      // Using our display group's user title
 614      elseif(trim($display_group['usertitle']) != '')
 615      {
 616          $usertitle = $display_group['usertitle'];
 617      }
 618      // Otherwise, fetch it from our titles table for the number of posts this user has
 619      else
 620      {
 621          $usertitles = $cache->read('usertitles');
 622          foreach($usertitles as $title)
 623          {
 624              if($title['posts'] <= $user['postnum'])
 625              {
 626                  $usertitle = $title['title'];
 627                  break;
 628              }
 629          }
 630          unset($usertitles, $title);
 631      }
 632      
 633      $usertitle = htmlspecialchars_uni($usertitle);
 634  
 635      // If the user has permission to add reputations - show the image
 636      if($mybb->usergroup['cangivereputations'] == 1 && $mybb->user['uid'] != $user['uid'] && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']))
 637      {
 638          eval("\$add_reputation = \"".$templates->get("reputation_addlink")."\";");
 639      }
 640      else
 641      {
 642          $add_reputation = '';
 643      }
 644  
 645      // Build navigation menu
 646      add_breadcrumb($lang->nav_profile, get_profile_link($user['uid']));
 647      add_breadcrumb($lang->nav_reputation);
 648  
 649      // Check our specified conditionals for what type of reputations to show
 650      $show_selected = array('all' => '', 'positive' => '', 'neutral' => '', 'negative' => '');
 651      switch($mybb->get_input('show'))
 652      {
 653          case "positive":
 654              $s_url = "&show=positive";
 655              $conditions = 'AND r.reputation>0';
 656              $show_selected['positive'] = 'selected="selected"';
 657              break;
 658          case "neutral":
 659              $s_url = "&show=neutral";
 660              $conditions = 'AND r.reputation=0';
 661              $show_selected['neutral'] = 'selected="selected"';
 662              break;
 663          case "negative":
 664              $s_url = "&show=negative";
 665              $conditions = 'AND r.reputation<0';
 666              $show_selected['negative'] = 'selected="selected"';
 667              break;
 668          default:
 669              $s_url = '&show=all';
 670              $conditions = '';
 671              $show_select['all'] = 'selected="selected"';
 672              break;
 673      }
 674  
 675      // Check the sorting options for the reputation list
 676      $sort_selected = array('username' => '', 'last_updated' => '');
 677      switch($mybb->get_input('sort'))
 678      {
 679          case "username":
 680              $s_url .= "&sort=username";
 681              $order = "u.username ASC";
 682              $sort_selected['username'] = 'selected="selected"';
 683              break;
 684          default:
 685              $s_url .= '&sort=dateline';
 686              $order = "r.dateline DESC";
 687              $sort_selected['last_updated'] = 'selected="selected"';
 688              break;
 689      }
 690  
 691      if(empty($mybb->input['show']) && empty($mybb->input['sort']))
 692      {
 693          $s_url = '';
 694      }
 695  
 696      // Fetch the total number of reputations for this user
 697      $query = $db->simple_select("reputation r", "COUNT(r.rid) AS reputation_count", "r.uid='{$user['uid']}' $conditions");
 698      $reputation_count = $db->fetch_field($query, "reputation_count");
 699  
 700      // If the user has no reputation, suspect 0...
 701      if(!$user['reputation'])
 702      {
 703          $user['reputation'] = 0;
 704      }
 705  
 706      // Quickly check to see if we're in sync...
 707      $query = $db->simple_select("reputation", "SUM(reputation) AS reputation, COUNT(rid) AS total_reputation", "uid = '".$user['uid']."'");
 708      $reputation = $db->fetch_array($query);
 709  
 710      $sync_reputation = (int)$reputation['reputation'];
 711      $total_reputation = $reputation['total_reputation'];
 712  
 713      if($sync_reputation != $user['reputation'])
 714      {
 715          // We're out of sync! Oh noes!
 716          $db->update_query("users", array("reputation" => $sync_reputation), "uid = '".$user['uid']."'");
 717          $user['reputation'] = $sync_reputation;
 718      }
 719  
 720      // Set default count variables to 0
 721      $positive_count = $negative_count = $neutral_count = 0;
 722      $positive_week = $negative_week = $neutral_week = 0;
 723      $positive_month = $negative_month = $neutral_month = 0;
 724      $positive_6months = $negative_6months = $neutral_6months = 0;
 725  
 726      // Unix timestamps for when this week, month and last 6 months started
 727      $last_week = TIME_NOW-604800;
 728      $last_month = TIME_NOW-2678400;
 729      $last_6months = TIME_NOW-16070400;
 730  
 731      // Query reputations for the "reputation card"
 732      $query = $db->simple_select("reputation", "reputation, dateline", "uid='{$user['uid']}'");
 733      while($reputation_vote = $db->fetch_array($query))
 734      {
 735          // This is a positive reputation
 736          if($reputation_vote['reputation'] > 0)
 737          {
 738              $positive_count++;
 739              if($reputation_vote['dateline'] >= $last_week)
 740              {
 741                  $positive_week++;
 742              }
 743              if($reputation_vote['dateline'] >= $last_month)
 744              {
 745                  $positive_month++;
 746              }
 747              if($reputation_vote['dateline'] >= $last_6months)
 748              {
 749                  $positive_6months++;
 750              }
 751          }
 752          // Negative reputation given
 753          else if($reputation_vote['reputation'] < 0)
 754          {
 755              $negative_count++;
 756              if($reputation_vote['dateline'] >= $last_week)
 757              {
 758                  $negative_week++;
 759              }
 760              if($reputation_vote['dateline'] >= $last_month)
 761              {
 762                  $negative_month++;
 763              }
 764              if($reputation_vote['dateline'] >= $last_6months)
 765              {
 766                  $negative_6months++;
 767              }
 768          }
 769          // Neutral reputation given
 770          else
 771          {
 772              $neutral_count++;
 773              if($reputation_vote['dateline'] >= $last_week)
 774              {
 775                  $neutral_week++;
 776              }
 777              if($reputation_vote['dateline'] >= $last_month)
 778              {
 779                  $neutral_month++;
 780              }
 781              if($reputation_vote['dateline'] >= $last_6months)
 782              {
 783                  $neutral_6months++;
 784              }
 785          }
 786      }
 787      
 788      // Format all reputation numbers
 789      $rep_total = my_number_format($user['reputation']);
 790      $f_positive_count = my_number_format($positive_count);
 791      $f_negative_count = my_number_format($negative_count);
 792      $f_neutral_count = my_number_format($neutral_count);
 793      $f_positive_week = my_number_format($positive_week);
 794      $f_negative_week = my_number_format($negative_week);
 795      $f_neutral_week = my_number_format($neutral_week);
 796      $f_positive_month = my_number_format($positive_month);
 797      $f_negative_month = my_number_format($negative_month);
 798      $f_neutral_month = my_number_format($neutral_month);
 799      $f_positive_6months = my_number_format($positive_6months);
 800      $f_negative_6months = my_number_format($negative_6months);
 801      $f_neutral_6months = my_number_format($neutral_6months);
 802      
 803      // Format the user's 'total' reputation
 804      if($user['reputation'] < 0)
 805      {
 806          $total_class = "_minus";
 807      }
 808      elseif($user['reputation'] > 0)
 809      {
 810          $total_class = "_plus";
 811      }
 812      else
 813      {
 814          $total_class = "_neutral";
 815      }
 816  
 817      // Figure out how many reps have come from posts / 'general'
 818      // Posts
 819      $query = $db->simple_select("reputation", "COUNT(rid) AS rep_posts", "uid = '".$user['uid']."' AND pid > 0");
 820      $rep_post_count = $db->fetch_field($query, "rep_posts");
 821      $rep_posts = my_number_format($rep_post_count);
 822  
 823      // General
 824      // We count how many reps in total, then subtract the reps from posts
 825      $rep_members = my_number_format($total_reputation - $rep_post_count);
 826  
 827      // Is negative reputation disabled? If so, tell the user
 828      if($mybb->settings['negrep'] == 0)
 829      {
 830          $neg_rep_info = $lang->neg_rep_disabled;
 831      }
 832  
 833      if($mybb->settings['posrep'] == 0)
 834      {
 835          $pos_rep_info = $lang->pos_rep_disabled;
 836      }
 837  
 838      if($mybb->settings['neurep'] == 0)
 839      {
 840          $neu_rep_info = $lang->neu_rep_disabled;
 841      }
 842  
 843      $perpage = (int)$mybb->settings['repsperpage'];
 844      if($perpage < 1)
 845      {
 846          $perpage = 15;
 847      }
 848  
 849      // Check if we're browsing a specific page of results
 850      if($mybb->get_input('page', MyBB::INPUT_INT) > 0)
 851      {
 852          $page = $mybb->get_input('page', MyBB::INPUT_INT);
 853          $start = ($page-1) * $perpage;
 854          $pages = $reputation_count / $perpage;
 855          $pages = ceil($pages);
 856          if($page > $pages)
 857          {
 858              $start = 0;
 859              $page = 1;
 860          }
 861      }
 862      else
 863      {
 864          $start = 0;
 865          $page = 1;
 866      }
 867  
 868      $multipage = '';
 869  
 870      // Build out multipage navigation
 871      if($reputation_count > 0)
 872      {
 873          $multipage = multipage($reputation_count, $perpage, $page, "reputation.php?uid={$user['uid']}".$s_url);
 874      }
 875  
 876      // Fetch the reputations which will be displayed on this page
 877      $query = $db->query("
 878          SELECT r.*, r.uid AS rated_uid, u.uid, u.username, u.reputation AS user_reputation, u.usergroup AS user_usergroup, u.displaygroup AS user_displaygroup
 879          FROM ".TABLE_PREFIX."reputation r
 880          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.adduid)
 881          WHERE r.uid='{$user['uid']}' $conditions
 882          ORDER BY $order
 883          LIMIT $start, {$perpage}
 884      ");
 885  
 886      // Gather a list of items that have post reputation
 887      $reputation_cache = $post_cache = $post_reputation = $not_reportable = array();
 888  
 889      while($reputation_vote = $db->fetch_array($query))
 890      {
 891          $reputation_cache[] = $reputation_vote;
 892  
 893          // If this is a post, hold it and gather some information about it
 894          if($reputation_vote['pid'] && !isset($post_cache[$reputation_vote['pid']]))
 895          {
 896              $post_cache[$reputation_vote['pid']] = $reputation_vote['pid'];
 897          }
 898      }
 899  
 900      if(!empty($post_cache))
 901      {
 902          $pids = implode(',', $post_cache);
 903  
 904          $sql = array("p.pid IN ({$pids})");
 905  
 906          // get forums user cannot view
 907          $unviewable = get_unviewable_forums(true);
 908          if($unviewable)
 909          {
 910              $sql[] = "p.fid NOT IN ({$unviewable})";
 911          }
 912  
 913          // get inactive forums
 914          $inactive = get_inactive_forums();
 915          if($inactive)
 916          {
 917              $sql[] = "p.fid NOT IN ({$inactive})";
 918          }
 919  
 920          if(!$mybb->user['ismoderator'])
 921          {
 922              $sql[] = "p.visible='1'";
 923              $sql[] = "t.visible='1'";
 924          }
 925  
 926          $sql = implode(' AND ', $sql);
 927  
 928          $query = $db->query("
 929              SELECT p.pid, p.uid, p.fid, p.visible, p.message, t.tid, t.subject, t.visible AS thread_visible
 930              FROM ".TABLE_PREFIX."posts p
 931              LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
 932              WHERE {$sql}
 933          ");
 934  
 935          $forumpermissions = array();
 936  
 937          while($post = $db->fetch_array($query))
 938          {
 939              if(($post['visible'] == 0 || $post['thread_visible'] == 0) && !is_moderator($post['fid'], 'canviewunapprove'))
 940              {
 941                  continue;
 942              }
 943  
 944              if(($post['visible'] == -1 || $post['thread_visible'] == -1) && !is_moderator($post['fid'], 'canviewdeleted'))
 945              {
 946                  continue;
 947              }
 948  
 949              if(!isset($forumpermissions[$post['fid']]))
 950              {
 951                  $forumpermissions[$post['fid']] = forum_permissions($post['fid']);
 952              }
 953  
 954              // Make sure we can view this post
 955              if(isset($forumpermissions[$post['fid']]['canonlyviewownthreads']) && $forumpermissions[$post['fid']]['canonlyviewownthreads'] == 1 && $post['uid'] != $mybb->user['uid'])
 956              {
 957                  continue;
 958              }
 959  
 960              $post_reputation[$post['pid']] = $post;
 961          }
 962      }
 963  
 964      $reputation_votes = '';
 965      if(!empty($reputation_cache) && $mybb->user['uid'] != 0)
 966      {
 967          $reputation_ids = implode(',', array_column($reputation_cache, 'rid'));
 968          $query = $db->query("
 969              SELECT id, reporters FROM ".TABLE_PREFIX."reportedcontent WHERE reportstatus != '1' AND id IN (".$reputation_ids.") AND type = 'reputation'
 970          ");
 971          while($report = $db->fetch_array($query))
 972          {
 973              $reporters = my_unserialize($report['reporters']);
 974              if(is_array($reporters) && in_array($mybb->user['uid'], $reporters))
 975              {
 976                  $not_reportable[] =  $report['id'];
 977              }
 978          }
 979      }
 980  
 981      foreach($reputation_cache as $reputation_vote)
 982      {
 983          // Get the reputation for the user who posted this comment
 984          if($reputation_vote['adduid'] == 0)
 985          {
 986              $reputation_vote['user_reputation'] = 0;
 987          }
 988  
 989          $reputation_vote['user_reputation'] = get_reputation($reputation_vote['user_reputation'], $reputation_vote['adduid']);
 990  
 991          // Format the username of this poster
 992          if(!$reputation_vote['username'])
 993          {
 994              $reputation_vote['username'] = $lang->na;
 995              $reputation_vote['user_reputation'] = '';
 996          }
 997          else
 998          {
 999              $reputation_vote['username'] = format_name(htmlspecialchars_uni($reputation_vote['username']), $reputation_vote['user_usergroup'], $reputation_vote['user_displaygroup']);
1000              $reputation_vote['username'] = build_profile_link($reputation_vote['username'], $reputation_vote['uid']);
1001              $reputation_vote['user_reputation'] = "({$reputation_vote['user_reputation']})";
1002          }
1003  
1004          $vote_reputation = (int)$reputation_vote['reputation'];
1005  
1006          // This is a negative reputation
1007          if($vote_reputation < 0)
1008          {
1009              $status_class = "trow_reputation_negative";
1010              $vote_type_class = "reputation_negative";
1011              $vote_type = $lang->negative;
1012          }
1013          // This is a neutral reputation
1014          else if($vote_reputation == 0)
1015          {
1016              $status_class = "trow_reputation_neutral";
1017              $vote_type_class = "reputation_neutral";
1018              $vote_type = $lang->neutral;
1019          }
1020          // Otherwise, this is a positive reputation
1021          else
1022          {
1023              $vote_reputation = "+{$vote_reputation}";
1024              $status_class = "trow_reputation_positive";
1025              $vote_type_class = "reputation_positive";
1026              $vote_type = $lang->positive;
1027          }
1028  
1029          $vote_reputation = "({$vote_reputation})";
1030  
1031          // Format the date this reputation was last modified
1032          $last_updated_date = my_date('relative', $reputation_vote['dateline']);
1033          $last_updated = $lang->sprintf($lang->last_updated, $last_updated_date);
1034  
1035          $user['username'] = htmlspecialchars_uni($user['username']);
1036  
1037          // Is this rating specific to a post?
1038          $postrep_given = '';
1039          if($reputation_vote['pid'])
1040          {
1041              $postrep_given = $lang->sprintf($lang->postrep_given_nolink, $user['username']);
1042              if(isset($post_reputation[$reputation_vote['pid']]))
1043              {
1044                  $thread_link = get_thread_link($post_reputation[$reputation_vote['pid']]['tid']);
1045                  $subject = htmlspecialchars_uni($parser->parse_badwords($post_reputation[$reputation_vote['pid']]['subject']));
1046  
1047                  $thread_link = $lang->sprintf($lang->postrep_given_thread, $thread_link, $subject);
1048                  $link = get_post_link($reputation_vote['pid'])."#pid{$reputation_vote['pid']}";
1049  
1050                  $postrep_given = $lang->sprintf($lang->postrep_given, $link, $user['username'], $thread_link);
1051              }
1052          }
1053  
1054          // Does the current user have permission to delete this reputation? Show delete link
1055          $delete_link = '';
1056          if($mybb->usergroup['issupermod'] == 1 || ($mybb->usergroup['candeletereputations'] == 1 && $reputation_vote['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0))
1057          {
1058              eval("\$delete_link = \"".$templates->get("reputation_vote_delete")."\";");
1059          }
1060  
1061          $report_link = '';
1062          if($mybb->user['uid'] != 0 && !in_array($reputation_vote['rid'], $not_reportable))
1063          {
1064              eval("\$report_link = \"".$templates->get("reputation_vote_report")."\";");
1065          }
1066  
1067          // Parse smilies in the reputation vote
1068          $reputation_parser = array(
1069              "allow_html" => 0,
1070              "allow_mycode" => 0,
1071              "allow_smilies" => 1,
1072              "allow_imgcode" => 0,
1073              "filter_badwords" => 1
1074          );
1075  
1076          $reputation_vote['comments'] = $parser->parse_message($reputation_vote['comments'], $reputation_parser);
1077          if($reputation_vote['comments'] == '')
1078          {
1079              $reputation_vote['comments'] = $lang->no_comment;
1080          }
1081  
1082          $plugins->run_hooks("reputation_vote");
1083  
1084          eval("\$reputation_votes .= \"".$templates->get("reputation_vote")."\";");
1085      }
1086  
1087      // If we don't have any reputations display a nice message.
1088      if(!$reputation_votes)
1089      {
1090          eval("\$reputation_votes = \"".$templates->get("reputation_no_votes")."\";");
1091      }
1092  
1093      $plugins->run_hooks("reputation_end");
1094      eval("\$reputation = \"".$templates->get("reputation")."\";");
1095      output_page($reputation);
1096  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref