[ Index ]

PHP Cross Reference of MyBB 1.8.27

title

Body

[close]

/ -> reputation.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'reputation.php');
  13  
  14  $templatelist = "reputation_addlink,reputation_no_votes,reputation,reputation_vote,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,reputation_vote_delete";
  15  $templatelist .= ",reputation_add_delete,reputation_add_neutral,reputation_add_positive,reputation_add_negative,reputation_add_error,reputation_add_error_nomodal,reputation_add,reputation_added,reputation_deleted,reputation_vote_report,postbit_reputation_formatted_link";
  16  
  17  require_once  "./global.php";
  18  require_once  MYBB_ROOT."inc/class_parser.php";
  19  $parser = new postParser;
  20  
  21  // Load global language phrases
  22  $lang->load("reputation");
  23  
  24  $plugins->run_hooks("reputation_start");
  25  
  26  // Check if the reputation system is globally disabled or not.
  27  if($mybb->settings['enablereputation'] != 1)
  28  {
  29      error($lang->reputation_disabled);
  30  }
  31  
  32  // Does this user have permission to view the board?
  33  if($mybb->usergroup['canview'] != 1)
  34  {
  35      error_no_permission();
  36  }
  37  
  38  // If we have a specified incoming username, validate it and fetch permissions for it
  39  $uid = $mybb->get_input('uid', MyBB::INPUT_INT);
  40  $user = get_user($uid);
  41  if(!$user)
  42  {
  43      error($lang->add_no_uid);
  44  }
  45  $user_permissions = user_permissions($uid);
  46  
  47  // Fetch display group properties.
  48  $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image");
  49  
  50  if(!$user['displaygroup'])
  51  {
  52      $user['displaygroup'] = $user['usergroup'];
  53  }
  54  
  55  $display_group = usergroup_displaygroup($user['displaygroup']);
  56  if(is_array($display_group))
  57  {
  58      $user_permissions = array_merge($user_permissions, $display_group);
  59  }
  60  
  61  $mybb->input['action'] = $mybb->get_input('action');
  62  
  63  // Here we perform our validation when adding a reputation to see if the user
  64  // has permission or not. This is done here to save duplicating the same code.
  65  if($mybb->input['action'] == "add" || $mybb->input['action'] == "do_add")
  66  {
  67      // This user doesn't have permission to give reputations.
  68      if($mybb->usergroup['cangivereputations'] != 1)
  69      {
  70          $message = $lang->add_no_permission;
  71          if($mybb->input['nomodal'])
  72          {
  73              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
  74          }
  75          else
  76          {
  77              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
  78          }
  79          echo $error;
  80          exit;
  81      }
  82  
  83      // The user we're trying to give a reputation to doesn't have permission to receive reps.
  84      if($user_permissions['usereputationsystem'] != 1)
  85      {
  86          $message = $lang->add_disabled;
  87          if($mybb->input['nomodal'])
  88          {
  89              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
  90          }
  91          else
  92          {
  93              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
  94          }
  95          echo $error;
  96          exit;
  97      }
  98  
  99      // Is this user trying to give themself a reputation?
 100      if($uid == $mybb->user['uid'])
 101      {
 102          $message = $lang->add_yours;
 103          if($mybb->input['nomodal'])
 104          {
 105              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 106          }
 107          else
 108          {
 109              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 110          }
 111          echo $error;
 112          exit;
 113      }
 114  
 115      // If a post has been given but post ratings have been disabled, set the post to 0. This will mean all subsequent code will think no post was given.
 116      if($mybb->settings['postrep'] != 1)
 117      {
 118          $mybb->input['pid'] = 0;
 119      }
 120  
 121      if($mybb->get_input('pid', MyBB::INPUT_INT))
 122      {
 123          // Make sure that this post exists, and that the author of the post we're giving this reputation for corresponds with the user the rep is being given to.
 124          $post = get_post($mybb->get_input('pid', MyBB::INPUT_INT));
 125          if($post)
 126          {
 127              $thread = get_thread($post['tid']);
 128              $forum = get_forum($thread['fid']);
 129              $forumpermissions = forum_permissions($forum['fid']);
 130  
 131              // Post doesn't belong to that user or isn't visible
 132              if($uid != $post['uid'] || $post['visible'] != 1)
 133              {
 134                  $mybb->input['pid'] = 0;
 135              }
 136  
 137              // Thread isn't visible
 138              elseif($thread['visible'] != 1)
 139              {
 140                  $mybb->input['pid'] = 0;
 141              }
 142  
 143              // Current user can't see the forum
 144              elseif($forumpermissions['canview'] == 0 || $forumpermissions['canpostreplys'] == 0 || $mybb->user['suspendposting'] == 1)
 145              {
 146                  $mybb->input['pid'] = 0;
 147              }
 148  
 149              // Current user can't see that thread
 150              elseif(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid'])
 151              {
 152                  $mybb->input['pid'] = 0;
 153              }
 154          }
 155          else
 156          {
 157              $mybb->input['pid'] = 0;
 158          }
 159      }
 160  
 161      $rid = 0;
 162  
 163      // Fetch the existing reputation for this user given by our current user if there is one.
 164      // If multiple reputations is allowed, then this isn't needed
 165      if($mybb->settings['multirep'] != 1 && $mybb->get_input('pid', MyBB::INPUT_INT) == 0)
 166      {
 167          $query = $db->simple_select("reputation", "*", "adduid='".$mybb->user['uid']."' AND uid='{$uid}' AND pid='0'");
 168          $existing_reputation = $db->fetch_array($query);
 169          $rid = $existing_reputation['rid'];
 170          $was_post = false;
 171      }
 172      if($mybb->get_input('pid', MyBB::INPUT_INT) != 0)
 173      {
 174          $query = $db->simple_select("reputation", "*", "adduid='".$mybb->user['uid']."' AND uid='{$uid}' AND pid = '".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 175          $existing_reputation = $db->fetch_array($query);
 176  
 177          if($existing_reputation)
 178          {
 179              $rid = $existing_reputation['rid'];
 180          }
 181          else
 182          {
 183              $rid = 0;
 184          }
 185  
 186          $was_post = true;
 187      }
 188  
 189      if($rid == 0 && ($mybb->input['action'] != "do_add" || ($mybb->input['action'] == "do_add" && empty($mybb->input['delete']))))
 190      {
 191          $message = '';
 192  
 193          // Check if this user has reached their "maximum reputations per day" quota
 194          if($mybb->usergroup['maxreputationsday'] != 0)
 195          {
 196              $timesearch = TIME_NOW - (60 * 60 * 24);
 197              $query = $db->simple_select("reputation", "*", "adduid='{$mybb->user['uid']}' AND dateline>'$timesearch'");
 198              $numtoday = $db->num_rows($query);
 199  
 200              // Reached the quota - error.
 201              if($numtoday >= $mybb->usergroup['maxreputationsday'])
 202              {
 203                  $message = $lang->add_maxperday;
 204              }
 205          }
 206  
 207          // Is the user giving too much reputation to another?
 208          if(!$message && $mybb->usergroup['maxreputationsperuser'] != 0)
 209          {
 210              $timesearch = TIME_NOW - (60 * 60 * 24);
 211              $query = $db->simple_select("reputation", "*", "uid='{$uid}' AND adduid='{$mybb->user['uid']}' AND dateline>'$timesearch'");
 212              $numtoday = $db->num_rows($query);
 213  
 214              if($numtoday >= $mybb->usergroup['maxreputationsperuser'])
 215              {
 216                  $message = $lang->add_maxperuser;
 217              }
 218          }
 219  
 220          // We have the correct post, but has the user given too much reputation to another in the same thread?
 221          if(!$message && !empty($was_post) && $mybb->usergroup['maxreputationsperthread'] != 0)
 222          {
 223              $timesearch = TIME_NOW - (60 * 60 * 24);
 224              $query = $db->query("
 225                  SELECT COUNT(p.pid) AS posts
 226                  FROM ".TABLE_PREFIX."reputation r
 227                  LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid = r.pid)
 228                  WHERE r.uid = '{$uid}' AND r.adduid = '{$mybb->user['uid']}' AND p.tid = '{$post['tid']}' AND r.dateline > '{$timesearch}'
 229              ");
 230  
 231              $numtoday = $db->fetch_field($query, 'posts');
 232  
 233              if($numtoday >= $mybb->usergroup['maxreputationsperthread'])
 234              {
 235                  $message = $lang->add_maxperthread;
 236              }
 237          }
 238  
 239          if($message)
 240          {
 241              if($mybb->input['nomodal'])
 242              {
 243                  eval('$error = "'.$templates->get("reputation_add_error_nomodal", 1, 0).'";');
 244              }
 245              else
 246              {
 247                  eval('$error = "'.$templates->get("reputation_add_error", 1, 0).'";');
 248              }
 249              echo $error;
 250              exit;
 251          }
 252      }
 253  }
 254  
 255  // Saving the new reputation
 256  if($mybb->input['action'] == "do_add" && $mybb->request_method == "post")
 257  {
 258      // Verify incoming POST request
 259      verify_post_check($mybb->get_input('my_post_key'));
 260  
 261      $plugins->run_hooks("reputation_do_add_start");
 262  
 263      // Check if the reputation power they're trying to give is within their "power limit"
 264      $reputation = abs($mybb->get_input('reputation', MyBB::INPUT_INT));
 265  
 266      // Deleting our current reputation of this user.
 267      if(!empty($mybb->input['delete']))
 268      {
 269          // Only administrators, super moderators, as well as users who gave a specifc vote can delete one.
 270          if($mybb->usergroup['issupermod'] != 1 && ($mybb->usergroup['candeletereputations'] != 1 || $existing_reputation['adduid'] != $mybb->user['uid'] || $mybb->user['uid'] == 0))
 271          {
 272              error_no_permission();
 273          }
 274  
 275          if($mybb->get_input('pid', MyBB::INPUT_INT) != 0)
 276          {
 277              $db->delete_query("reputation", "uid='{$uid}' AND adduid='".$mybb->user['uid']."' AND pid = '".$mybb->get_input('pid', MyBB::INPUT_INT)."'");
 278          }
 279          else
 280          {
 281              $db->delete_query("reputation", "rid='{$rid}' AND uid='{$uid}' AND adduid='".$mybb->user['uid']."'");
 282          }
 283  
 284          // Recount the reputation of this user - keep it in sync.
 285          $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 286          $reputation_value = $db->fetch_field($query, "reputation_count");
 287  
 288          $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 289          eval("\$error = \"".$templates->get("reputation_deleted", 1, 0)."\";");
 290          echo $error;
 291          exit;
 292      }
 293  
 294      $mybb->input['comments'] = trim($mybb->get_input('comments')); // Trim whitespace to check for length
 295      if(my_strlen($mybb->input['comments']) < $mybb->settings['minreplength'] && $mybb->get_input('pid', MyBB::INPUT_INT) == 0)
 296      {
 297          $message = $lang->sprintf($lang->add_no_comment, $mybb->settings['minreplength']);
 298          if($mybb->input['nomodal'])
 299          {
 300              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 301          }
 302          else
 303          {
 304              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 305          }
 306          echo $error;
 307          exit;
 308      }
 309  
 310      // The power for the reputation they specified was invalid.
 311      if($reputation > $mybb->usergroup['reputationpower'])
 312      {
 313          $message = $lang->add_invalidpower;
 314          if($mybb->input['nomodal'])
 315          {
 316              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 317          }
 318          else
 319          {
 320              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 321          }
 322          echo $error;
 323          exit;
 324      }
 325  
 326      // The user is trying to give a negative reputation, but negative reps have been disabled.
 327      if($mybb->get_input('reputation', MyBB::INPUT_INT) < 0 && $mybb->settings['negrep'] != 1)
 328      {
 329          $message = $lang->add_negative_disabled;
 330          if($mybb->input['nomodal'])
 331          {
 332              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 333          }
 334          else
 335          {
 336              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 337          }
 338          echo $error;
 339          exit;
 340      }
 341  
 342      // This user is trying to give a neutral reputation, but neutral reps have been disabled.
 343      if($mybb->get_input('reputation', MyBB::INPUT_INT) == 0 && $mybb->settings['neurep'] != 1)
 344      {
 345          $message = $lang->add_neutral_disabled;
 346          if($mybb->input['nomodal'])
 347          {
 348              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 349          }
 350          else
 351          {
 352              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 353          }
 354          echo $error;
 355          exit;
 356      }
 357  
 358      // This user is trying to give a positive reputation, but positive reps have been disabled.
 359      if($mybb->get_input('reputation', MyBB::INPUT_INT) > 0 && $mybb->settings['posrep'] != 1)
 360      {
 361          $message = $lang->add_positive_disabled;
 362          if($mybb->input['nomodal'])
 363          {
 364              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 365          }
 366          else
 367          {
 368              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 369          }
 370          echo $error;
 371          exit;
 372      }
 373  
 374      // The length of the comment is too long
 375      if(my_strlen($mybb->input['comments']) > $mybb->settings['maxreplength'])
 376      {
 377          $message = $lang->sprintf($lang->add_toolong, $mybb->settings['maxreplength']);
 378          if($mybb->input['nomodal'])
 379          {
 380              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 381          }
 382          else
 383          {
 384              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 385          }
 386          echo $error;
 387          exit;
 388      }
 389  
 390      // Build array of reputation data.
 391      $reputation = array(
 392          "uid" => $uid,
 393          "adduid" => $mybb->user['uid'],
 394          "pid" => $mybb->get_input('pid', MyBB::INPUT_INT),
 395          "reputation" => $mybb->get_input('reputation', MyBB::INPUT_INT),
 396          "dateline" => TIME_NOW,
 397          "comments" => $db->escape_string($mybb->input['comments'])
 398      );
 399  
 400      $plugins->run_hooks("reputation_do_add_process");
 401  
 402      // Updating an existing reputation
 403      if(!empty($existing_reputation['uid']))
 404      {
 405          $db->update_query("reputation", $reputation, "rid='".$existing_reputation['rid']."'");
 406  
 407          // Recount the reputation of this user - keep it in sync.
 408          $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 409          $reputation_value = $db->fetch_field($query, "reputation_count");
 410  
 411          $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 412  
 413          $lang->vote_added = $lang->vote_updated;
 414          $lang->vote_added_message = $lang->vote_updated_message;
 415      }
 416      // Insert a new reputation
 417      else
 418      {
 419          $db->insert_query("reputation", $reputation);
 420  
 421          // Recount the reputation of this user - keep it in sync.
 422          $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 423          $reputation_value = $db->fetch_field($query, "reputation_count");
 424  
 425          $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 426      }
 427  
 428      $plugins->run_hooks("reputation_do_add_end");
 429  
 430      eval("\$reputation = \"".$templates->get("reputation_added", 1, 0)."\";");
 431      echo $reputation;
 432      exit;
 433  }
 434  
 435  // Adding a new reputation
 436  if($mybb->input['action'] == "add")
 437  {
 438      $plugins->run_hooks("reputation_add_start");
 439  
 440      // If we have an existing reputation for this user, the user can modify or delete it.
 441      $user['username'] = htmlspecialchars_uni($user['username']);
 442      if(!empty($existing_reputation['uid']))
 443      {
 444          $vote_title = $lang->sprintf($lang->update_reputation_vote, $user['username']);
 445          $vote_button = $lang->update_vote;
 446          $comments = htmlspecialchars_uni($existing_reputation['comments']);
 447  
 448          if($mybb->usergroup['issupermod'] == 1 || ($mybb->usergroup['candeletereputations'] == 1 && $existing_reputation['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0))
 449          {
 450              $reputation_pid = $mybb->get_input('pid', MyBB::INPUT_INT);
 451              eval("\$delete_button = \"".$templates->get("reputation_add_delete")."\";");
 452          }
 453      }
 454      // Otherwise we're adding an entirely new reputation for this user.
 455      else
 456      {
 457          $vote_title = $lang->sprintf($lang->add_reputation_vote, $user['username']);
 458          $vote_button = $lang->add_vote;
 459          $comments = '';
 460          $delete_button = '';
 461      }
 462      $lang->user_comments = $lang->sprintf($lang->user_comments, $user['username']);
 463  
 464      if($mybb->get_input('pid', MyBB::INPUT_INT))
 465      {
 466          $post_rep_info = $lang->sprintf($lang->add_reputation_to_post, $user['username']);
 467          $lang->user_comments = $lang->no_comment_needed;
 468      }
 469      else
 470      {
 471          $post_rep_info = '';
 472      }
 473  
 474      // Draw the "power" options
 475      if($mybb->settings['negrep'] || $mybb->settings['neurep'] || $mybb->settings['posrep'])
 476      {
 477          $vote_check = array();
 478          $positive_power = '';
 479          $negative_power = '';
 480          $reputationpower = (int)$mybb->usergroup['reputationpower'];
 481  
 482          foreach(range(-$mybb->usergroup['reputationpower'], $mybb->usergroup['reputationpower']) as $value)
 483          {
 484              $vote_check[$value] = '';
 485          }
 486  
 487          if(!empty($existing_reputation['uid']) && !$was_post)
 488          {
 489              $vote_check[$existing_reputation['reputation']] = " selected=\"selected\"";
 490          }
 491  
 492          if($mybb->settings['neurep'])
 493          {
 494              $neutral_title = $lang->power_neutral;
 495              eval("\$neutral_power = \"".$templates->get("reputation_add_neutral")."\";");
 496          }
 497  
 498          for($value = 1; $value <= $reputationpower; ++$value)
 499          {
 500              if($mybb->settings['posrep'])
 501              {
 502                  $positive_title = $lang->sprintf($lang->power_positive, "+".$value);
 503                  eval("\$positive_power = \"".$templates->get("reputation_add_positive")."\";");
 504              }
 505  
 506              if($mybb->settings['negrep'])
 507              {
 508                  $negative_title = $lang->sprintf($lang->power_negative, "-".$value);
 509                  $neg_value = "-{$value}";
 510                  eval("\$negative_power .= \"".$templates->get("reputation_add_negative")."\";");
 511              }
 512          }
 513  
 514          $reputation_pid = $mybb->get_input('pid', MyBB::INPUT_INT);
 515  
 516          $plugins->run_hooks("reputation_add_end");
 517          eval("\$reputation_add = \"".$templates->get("reputation_add", 1, 0)."\";");
 518      }
 519      else
 520      {
 521          $message = $lang->add_all_rep_disabled;
 522  
 523          $plugins->run_hooks("reputation_add_end_error");
 524          if($mybb->input['nomodal'])
 525          {
 526              eval("\$error = \"".$templates->get("reputation_add_error_nomodal", 1, 0)."\";");
 527          }
 528          else
 529          {
 530              eval("\$error = \"".$templates->get("reputation_add_error", 1, 0)."\";");
 531          }
 532      }
 533  
 534      echo $reputation_add;
 535      exit;
 536  }
 537  
 538  // Delete a specific reputation from a user.
 539  if($mybb->input['action'] == "delete")
 540  {
 541      // Verify incoming POST request
 542      verify_post_check($mybb->get_input('my_post_key'));
 543  
 544      $rid = $mybb->get_input('rid', MyBB::INPUT_INT);
 545      
 546      $plugins->run_hooks("reputation_delete_start");
 547  
 548      // Fetch the existing reputation for this user given by our current user if there is one.
 549      $query = $db->query("
 550          SELECT r.*, u.username
 551          FROM ".TABLE_PREFIX."reputation r
 552          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.adduid)
 553          WHERE r.rid = '{$rid}' AND r.uid = '{$uid}'
 554      ");
 555      $existing_reputation = $db->fetch_array($query);
 556  
 557      // Only administrators, super moderators, as well as users who gave a specifc vote can delete one.
 558      if($mybb->usergroup['issupermod'] != 1 && ($mybb->usergroup['candeletereputations'] != 1 || $existing_reputation['adduid'] != $mybb->user['uid'] || $mybb->user['uid'] == 0))
 559      {
 560          error_no_permission();
 561      }
 562      
 563      $plugins->run_hooks("reputation_delete_end");
 564  
 565      // Delete the specified reputation
 566      $db->delete_query("reputation", "uid='{$uid}' AND rid='{$rid}'");
 567  
 568      // Recount the reputation of this user - keep it in sync.
 569      $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
 570      $reputation_value = $db->fetch_field($query, "reputation_count");
 571  
 572      // Create moderator log
 573      log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->sprintf($lang->delete_reputation_log, $existing_reputation['username'], $existing_reputation['adduid']));
 574  
 575      $db->update_query("users", array('reputation' => (int)$reputation_value), "uid='{$uid}'");
 576  
 577      redirect("reputation.php?uid={$uid}", $lang->vote_deleted_message);
 578  }
 579  
 580  // Otherwise, show a listing of reputations for the given user.
 581  if(!$mybb->input['action'])
 582  {
 583      if($mybb->usergroup['canviewprofiles'] == 0)
 584      {
 585          // Reputation page is a part of a profile
 586          error_no_permission();
 587      }
 588  
 589      if($user_permissions['usereputationsystem'] != 1)
 590      {
 591          // Group has reputation disabled or user has a display group that has reputation disabled
 592          error($lang->reputations_disabled_group);
 593      }
 594  
 595      $user['username'] = htmlspecialchars_uni($user['username']);
 596      $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']);
 597      $lang->reputation_report = $lang->sprintf($lang->reputation_report, $user['username']);
 598  
 599      // Format the user name using the group username style
 600      $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
 601  
 602      $usertitle = '';
 603  
 604      // This user has a custom user title
 605      if(trim($user['usertitle']) != '')
 606      {
 607          $usertitle = $user['usertitle'];
 608      }
 609      // Using our display group's user title
 610      elseif(trim($display_group['usertitle']) != '')
 611      {
 612          $usertitle = $display_group['usertitle'];
 613      }
 614      // Otherwise, fetch it from our titles table for the number of posts this user has
 615      else
 616      {
 617          $usertitles = $cache->read('usertitles');
 618          foreach($usertitles as $title)
 619          {
 620              if($title['posts'] <= $user['postnum'])
 621              {
 622                  $usertitle = $title['title'];
 623                  break;
 624              }
 625          }
 626          unset($usertitles, $title);
 627      }
 628      
 629      $usertitle = htmlspecialchars_uni($usertitle);
 630  
 631      // If the user has permission to add reputations - show the image
 632      if($mybb->usergroup['cangivereputations'] == 1 && $mybb->user['uid'] != $user['uid'] && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']))
 633      {
 634          eval("\$add_reputation = \"".$templates->get("reputation_addlink")."\";");
 635      }
 636      else
 637      {
 638          $add_reputation = '';
 639      }
 640  
 641      // Build navigation menu
 642      add_breadcrumb($lang->nav_profile, get_profile_link($user['uid']));
 643      add_breadcrumb($lang->nav_reputation);
 644  
 645      // Check our specified conditionals for what type of reputations to show
 646      $show_selected = array('all' => '', 'positive' => '', 'neutral' => '', 'negative' => '');
 647      switch($mybb->get_input('show'))
 648      {
 649          case "positive":
 650              $s_url = "&show=positive";
 651              $conditions = 'AND r.reputation>0';
 652              $show_selected['positive'] = 'selected="selected"';
 653              break;
 654          case "neutral":
 655              $s_url = "&show=neutral";
 656              $conditions = 'AND r.reputation=0';
 657              $show_selected['neutral'] = 'selected="selected"';
 658              break;
 659          case "negative":
 660              $s_url = "&show=negative";
 661              $conditions = 'AND r.reputation<0';
 662              $show_selected['negative'] = 'selected="selected"';
 663              break;
 664          default:
 665              $s_url = '&show=all';
 666              $conditions = '';
 667              $show_select['all'] = 'selected="selected"';
 668              break;
 669      }
 670  
 671      // Check the sorting options for the reputation list
 672      $sort_selected = array('username' => '', 'last_ipdated' => '');
 673      switch($mybb->get_input('sort'))
 674      {
 675          case "username":
 676              $s_url .= "&sort=username";
 677              $order = "u.username ASC";
 678              $sort_selected['username'] = 'selected="selected"';
 679              break;
 680          default:
 681              $s_url .= '&sort=dateline';
 682              $order = "r.dateline DESC";
 683              $sort_selected['last_updated'] = 'selected="selected"';
 684              break;
 685      }
 686  
 687      if(empty($mybb->input['show']) && empty($mybb->input['sort']))
 688      {
 689          $s_url = '';
 690      }
 691  
 692      // Fetch the total number of reputations for this user
 693      $query = $db->simple_select("reputation r", "COUNT(r.rid) AS reputation_count", "r.uid='{$user['uid']}' $conditions");
 694      $reputation_count = $db->fetch_field($query, "reputation_count");
 695  
 696      // If the user has no reputation, suspect 0...
 697      if(!$user['reputation'])
 698      {
 699          $user['reputation'] = 0;
 700      }
 701  
 702      // Quickly check to see if we're in sync...
 703      $query = $db->simple_select("reputation", "SUM(reputation) AS reputation, COUNT(rid) AS total_reputation", "uid = '".$user['uid']."'");
 704      $reputation = $db->fetch_array($query);
 705  
 706      $sync_reputation = (int)$reputation['reputation'];
 707      $total_reputation = $reputation['total_reputation'];
 708  
 709      if($sync_reputation != $user['reputation'])
 710      {
 711          // We're out of sync! Oh noes!
 712          $db->update_query("users", array("reputation" => $sync_reputation), "uid = '".$user['uid']."'");
 713          $user['reputation'] = $sync_reputation;
 714      }
 715  
 716      // Set default count variables to 0
 717      $positive_count = $negative_count = $neutral_count = 0;
 718      $positive_week = $negative_week = $neutral_week = 0;
 719      $positive_month = $negative_month = $neutral_month = 0;
 720      $positive_6months = $negative_6months = $neutral_6months = 0;
 721  
 722      // Unix timestamps for when this week, month and last 6 months started
 723      $last_week = TIME_NOW-604800;
 724      $last_month = TIME_NOW-2678400;
 725      $last_6months = TIME_NOW-16070400;
 726  
 727      // Query reputations for the "reputation card"
 728      $query = $db->simple_select("reputation", "reputation, dateline", "uid='{$user['uid']}'");
 729      while($reputation_vote = $db->fetch_array($query))
 730      {
 731          // This is a positive reputation
 732          if($reputation_vote['reputation'] > 0)
 733          {
 734              $positive_count++;
 735              if($reputation_vote['dateline'] >= $last_week)
 736              {
 737                  $positive_week++;
 738              }
 739              if($reputation_vote['dateline'] >= $last_month)
 740              {
 741                  $positive_month++;
 742              }
 743              if($reputation_vote['dateline'] >= $last_6months)
 744              {
 745                  $positive_6months++;
 746              }
 747          }
 748          // Negative reputation given
 749          else if($reputation_vote['reputation'] < 0)
 750          {
 751              $negative_count++;
 752              if($reputation_vote['dateline'] >= $last_week)
 753              {
 754                  $negative_week++;
 755              }
 756              if($reputation_vote['dateline'] >= $last_month)
 757              {
 758                  $negative_month++;
 759              }
 760              if($reputation_vote['dateline'] >= $last_6months)
 761              {
 762                  $negative_6months++;
 763              }
 764          }
 765          // Neutral reputation given
 766          else
 767          {
 768              $neutral_count++;
 769              if($reputation_vote['dateline'] >= $last_week)
 770              {
 771                  $neutral_week++;
 772              }
 773              if($reputation_vote['dateline'] >= $last_month)
 774              {
 775                  $neutral_month++;
 776              }
 777              if($reputation_vote['dateline'] >= $last_6months)
 778              {
 779                  $neutral_6months++;
 780              }
 781          }
 782      }
 783      
 784      // Format all reputation numbers
 785      $rep_total = my_number_format($user['reputation']);
 786      $f_positive_count = my_number_format($positive_count);
 787      $f_negative_count = my_number_format($negative_count);
 788      $f_neutral_count = my_number_format($neutral_count);
 789      $f_positive_week = my_number_format($positive_week);
 790      $f_negative_week = my_number_format($negative_week);
 791      $f_neutral_week = my_number_format($neutral_week);
 792      $f_positive_month = my_number_format($positive_month);
 793      $f_negative_month = my_number_format($negative_month);
 794      $f_neutral_month = my_number_format($neutral_month);
 795      $f_positive_6months = my_number_format($positive_6months);
 796      $f_negative_6months = my_number_format($negative_6months);
 797      $f_neutral_6months = my_number_format($neutral_6months);
 798      
 799      // Format the user's 'total' reputation
 800      if($user['reputation'] < 0)
 801      {
 802          $total_class = "_minus";
 803      }
 804      elseif($user['reputation'] > 0)
 805      {
 806          $total_class = "_plus";
 807      }
 808      else
 809      {
 810          $total_class = "_neutral";
 811      }
 812  
 813      // Figure out how many reps have come from posts / 'general'
 814      // Posts
 815      $query = $db->simple_select("reputation", "COUNT(rid) AS rep_posts", "uid = '".$user['uid']."' AND pid > 0");
 816      $rep_post_count = $db->fetch_field($query, "rep_posts");
 817      $rep_posts = my_number_format($rep_post_count);
 818  
 819      // General
 820      // We count how many reps in total, then subtract the reps from posts
 821      $rep_members = my_number_format($total_reputation - $rep_post_count);
 822  
 823      // Is negative reputation disabled? If so, tell the user
 824      if($mybb->settings['negrep'] == 0)
 825      {
 826          $neg_rep_info = $lang->neg_rep_disabled;
 827      }
 828  
 829      if($mybb->settings['posrep'] == 0)
 830      {
 831          $pos_rep_info = $lang->pos_rep_disabled;
 832      }
 833  
 834      if($mybb->settings['neurep'] == 0)
 835      {
 836          $neu_rep_info = $lang->neu_rep_disabled;
 837      }
 838  
 839      $perpage = (int)$mybb->settings['repsperpage'];
 840      if($perpage < 1)
 841      {
 842          $perpage = 15;
 843      }
 844  
 845      // Check if we're browsing a specific page of results
 846      if($mybb->get_input('page', MyBB::INPUT_INT) > 0)
 847      {
 848          $page = $mybb->get_input('page', MyBB::INPUT_INT);
 849          $start = ($page-1) * $perpage;
 850          $pages = $reputation_count / $perpage;
 851          $pages = ceil($pages);
 852          if($page > $pages)
 853          {
 854              $start = 0;
 855              $page = 1;
 856          }
 857      }
 858      else
 859      {
 860          $start = 0;
 861          $page = 1;
 862      }
 863  
 864      $multipage = '';
 865  
 866      // Build out multipage navigation
 867      if($reputation_count > 0)
 868      {
 869          $multipage = multipage($reputation_count, $perpage, $page, "reputation.php?uid={$user['uid']}".$s_url);
 870      }
 871  
 872      // Fetch the reputations which will be displayed on this page
 873      $query = $db->query("
 874          SELECT r.*, r.uid AS rated_uid, u.uid, u.username, u.reputation AS user_reputation, u.usergroup AS user_usergroup, u.displaygroup AS user_displaygroup
 875          FROM ".TABLE_PREFIX."reputation r
 876          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.adduid)
 877          WHERE r.uid='{$user['uid']}' $conditions
 878          ORDER BY $order
 879          LIMIT $start, {$perpage}
 880      ");
 881  
 882      // Gather a list of items that have post reputation
 883      $reputation_cache = $post_cache = $post_reputation = $not_reportable = array();
 884  
 885      while($reputation_vote = $db->fetch_array($query))
 886      {
 887          $reputation_cache[] = $reputation_vote;
 888  
 889          // If this is a post, hold it and gather some information about it
 890          if($reputation_vote['pid'] && !isset($post_cache[$reputation_vote['pid']]))
 891          {
 892              $post_cache[$reputation_vote['pid']] = $reputation_vote['pid'];
 893          }
 894      }
 895  
 896      if(!empty($post_cache))
 897      {
 898          $pids = implode(',', $post_cache);
 899  
 900          $sql = array("p.pid IN ({$pids})");
 901  
 902          // get forums user cannot view
 903          $unviewable = get_unviewable_forums(true);
 904          if($unviewable)
 905          {
 906              $sql[] = "p.fid NOT IN ({$unviewable})";
 907          }
 908  
 909          // get inactive forums
 910          $inactive = get_inactive_forums();
 911          if($inactive)
 912          {
 913              $sql[] = "p.fid NOT IN ({$inactive})";
 914          }
 915  
 916          if(!$mybb->user['ismoderator'])
 917          {
 918              $sql[] = "p.visible='1'";
 919              $sql[] = "t.visible='1'";
 920          }
 921  
 922          $sql = implode(' AND ', $sql);
 923  
 924          $query = $db->query("
 925              SELECT p.pid, p.uid, p.fid, p.visible, p.message, t.tid, t.subject, t.visible AS thread_visible
 926              FROM ".TABLE_PREFIX."posts p
 927              LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
 928              WHERE {$sql}
 929          ");
 930  
 931          $forumpermissions = array();
 932  
 933          while($post = $db->fetch_array($query))
 934          {
 935              if(($post['visible'] == 0 || $post['thread_visible'] == 0) && !is_moderator($post['fid'], 'canviewunapprove'))
 936              {
 937                  continue;
 938              }
 939  
 940              if(($post['visible'] == -1 || $post['thread_visible'] == -1) && !is_moderator($post['fid'], 'canviewdeleted'))
 941              {
 942                  continue;
 943              }
 944  
 945              if(!isset($forumpermissions[$post['fid']]))
 946              {
 947                  $forumpermissions[$post['fid']] = forum_permissions($post['fid']);
 948              }
 949  
 950              // Make sure we can view this post
 951              if(isset($forumpermissions[$post['fid']]['canonlyviewownthreads']) && $forumpermissions[$post['fid']]['canonlyviewownthreads'] == 1 && $post['uid'] != $mybb->user['uid'])
 952              {
 953                  continue;
 954              }
 955  
 956              $post_reputation[$post['pid']] = $post;
 957          }
 958      }
 959  
 960      $reputation_votes = '';
 961      if(!empty($reputation_cache) && $mybb->user['uid'] != 0)
 962      {
 963          $reputation_ids = implode(',', array_column($reputation_cache, 'rid'));
 964          $query = $db->query("
 965              SELECT id, reporters FROM ".TABLE_PREFIX."reportedcontent WHERE reportstatus != '1' AND id IN (".$reputation_ids.") AND type = 'reputation'
 966          ");
 967          while($report = $db->fetch_array($query))
 968          {
 969              $reporters = my_unserialize($report['reporters']);
 970              if(is_array($reporters) && in_array($mybb->user['uid'], $reporters))
 971              {
 972                  $not_reportable[] =  $report['id'];
 973              }
 974          }
 975      }
 976  
 977      foreach($reputation_cache as $reputation_vote)
 978      {
 979          // Get the reputation for the user who posted this comment
 980          if($reputation_vote['adduid'] == 0)
 981          {
 982              $reputation_vote['user_reputation'] = 0;
 983          }
 984  
 985          $reputation_vote['user_reputation'] = get_reputation($reputation_vote['user_reputation'], $reputation_vote['adduid']);
 986  
 987          // Format the username of this poster
 988          if(!$reputation_vote['username'])
 989          {
 990              $reputation_vote['username'] = $lang->na;
 991              $reputation_vote['user_reputation'] = '';
 992          }
 993          else
 994          {
 995              $reputation_vote['username'] = format_name(htmlspecialchars_uni($reputation_vote['username']), $reputation_vote['user_usergroup'], $reputation_vote['user_displaygroup']);
 996              $reputation_vote['username'] = build_profile_link($reputation_vote['username'], $reputation_vote['uid']);
 997              $reputation_vote['user_reputation'] = "({$reputation_vote['user_reputation']})";
 998          }
 999  
1000          $vote_reputation = (int)$reputation_vote['reputation'];
1001  
1002          // This is a negative reputation
1003          if($vote_reputation < 0)
1004          {
1005              $status_class = "trow_reputation_negative";
1006              $vote_type_class = "reputation_negative";
1007              $vote_type = $lang->negative;
1008          }
1009          // This is a neutral reputation
1010          else if($vote_reputation == 0)
1011          {
1012              $status_class = "trow_reputation_neutral";
1013              $vote_type_class = "reputation_neutral";
1014              $vote_type = $lang->neutral;
1015          }
1016          // Otherwise, this is a positive reputation
1017          else
1018          {
1019              $vote_reputation = "+{$vote_reputation}";
1020              $status_class = "trow_reputation_positive";
1021              $vote_type_class = "reputation_positive";
1022              $vote_type = $lang->positive;
1023          }
1024  
1025          $vote_reputation = "({$vote_reputation})";
1026  
1027          // Format the date this reputation was last modified
1028          $last_updated_date = my_date('relative', $reputation_vote['dateline']);
1029          $last_updated = $lang->sprintf($lang->last_updated, $last_updated_date);
1030  
1031          $user['username'] = htmlspecialchars_uni($user['username']);
1032  
1033          // Is this rating specific to a post?
1034          $postrep_given = '';
1035          if($reputation_vote['pid'])
1036          {
1037              $postrep_given = $lang->sprintf($lang->postrep_given_nolink, $user['username']);
1038              if(isset($post_reputation[$reputation_vote['pid']]))
1039              {
1040                  $thread_link = get_thread_link($post_reputation[$reputation_vote['pid']]['tid']);
1041                  $subject = htmlspecialchars_uni($parser->parse_badwords($post_reputation[$reputation_vote['pid']]['subject']));
1042  
1043                  $thread_link = $lang->sprintf($lang->postrep_given_thread, $thread_link, $subject);
1044                  $link = get_post_link($reputation_vote['pid'])."#pid{$reputation_vote['pid']}";
1045  
1046                  $postrep_given = $lang->sprintf($lang->postrep_given, $link, $user['username'], $thread_link);
1047              }
1048          }
1049  
1050          // Does the current user have permission to delete this reputation? Show delete link
1051          $delete_link = '';
1052          if($mybb->usergroup['issupermod'] == 1 || ($mybb->usergroup['candeletereputations'] == 1 && $reputation_vote['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0))
1053          {
1054              eval("\$delete_link = \"".$templates->get("reputation_vote_delete")."\";");
1055          }
1056  
1057          $report_link = '';
1058          if($mybb->user['uid'] != 0 && !in_array($reputation_vote['rid'], $not_reportable))
1059          {
1060              eval("\$report_link = \"".$templates->get("reputation_vote_report")."\";");
1061          }
1062  
1063          // Parse smilies in the reputation vote
1064          $reputation_parser = array(
1065              "allow_html" => 0,
1066              "allow_mycode" => 0,
1067              "allow_smilies" => 1,
1068              "allow_imgcode" => 0,
1069              "filter_badwords" => 1
1070          );
1071  
1072          $reputation_vote['comments'] = $parser->parse_message($reputation_vote['comments'], $reputation_parser);
1073          if($reputation_vote['comments'] == '')
1074          {
1075              $reputation_vote['comments'] = $lang->no_comment;
1076          }
1077  
1078          $plugins->run_hooks("reputation_vote");
1079  
1080          eval("\$reputation_votes .= \"".$templates->get("reputation_vote")."\";");
1081      }
1082  
1083      // If we don't have any reputations display a nice message.
1084      if(!$reputation_votes)
1085      {
1086          eval("\$reputation_votes = \"".$templates->get("reputation_no_votes")."\";");
1087      }
1088  
1089      $plugins->run_hooks("reputation_end");
1090      eval("\$reputation = \"".$templates->get("reputation")."\";");
1091      output_page($reputation);
1092  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref