Blame Identity/Webenv/App/phpBB/3.0.4/memberlist.php

f2e824
f2e824
/**
f2e824
*
f2e824
* @package phpBB3
f2e824
* @version $Id: memberlist.php 9156 2008-12-02 18:48:25Z toonarmy $
f2e824
* @copyright (c) 2005 phpBB Group
f2e824
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
f2e824
*
f2e824
*/
f2e824
f2e824
/**
f2e824
* @ignore
f2e824
*/
f2e824
define('IN_PHPBB', true);
f2e824
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
f2e824
$phpEx = substr(strrchr(__FILE__, '.'), 1);
f2e824
include($phpbb_root_path . 'common.' . $phpEx);
f2e824
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
f2e824
f2e824
// Start session management
f2e824
$user->session_begin();
f2e824
$auth->acl($user->data);
f2e824
$user->setup(array('memberlist', 'groups'));
f2e824
f2e824
// Grab data
f2e824
$mode		= request_var('mode', '');
f2e824
$action		= request_var('action', '');
f2e824
$user_id	= request_var('u', ANONYMOUS);
f2e824
$username	= request_var('un', '', true);
f2e824
$group_id	= request_var('g', 0);
f2e824
$topic_id	= request_var('t', 0);
f2e824
f2e824
// Check our mode...
f2e824
if (!in_array($mode, array('', 'group', 'viewprofile', 'email', 'contact', 'searchuser', 'leaders')))
f2e824
{
f2e824
	trigger_error('NO_MODE');
f2e824
}
f2e824
f2e824
switch ($mode)
f2e824
{
f2e824
	case 'email':
f2e824
	break;
f2e824
f2e824
	default:
f2e824
		// Can this user view profiles/memberlist?
f2e824
		if (!$auth->acl_gets('u_viewprofile', 'a_user', 'a_useradd', 'a_userdel'))
f2e824
		{
f2e824
			if ($user->data['user_id'] != ANONYMOUS)
f2e824
			{
f2e824
				trigger_error('NO_VIEW_USERS');
f2e824
			}
f2e824
f2e824
			login_box('', ((isset($user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)])) ? $user->lang['LOGIN_EXPLAIN_' . strtoupper($mode)] : $user->lang['LOGIN_EXPLAIN_MEMBERLIST']));
f2e824
		}
f2e824
	break;
f2e824
}
f2e824
f2e824
$start	= request_var('start', 0);
f2e824
$submit = (isset($_POST['submit'])) ? true : false;
f2e824
f2e824
$default_key = 'c';
f2e824
$sort_key = request_var('sk', $default_key);
f2e824
$sort_dir = request_var('sd', 'a');
f2e824
f2e824
f2e824
// Grab rank information for later
f2e824
$ranks = $cache->obtain_ranks();
f2e824
f2e824
f2e824
// What do you want to do today? ... oops, I think that line is taken ...
f2e824
switch ($mode)
f2e824
{
f2e824
	case 'leaders':
f2e824
		// Display a listing of board admins, moderators
f2e824
		include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
f2e824
f2e824
		$page_title = $user->lang['THE_TEAM'];
f2e824
		$template_html = 'memberlist_leaders.html';
f2e824
f2e824
		$user_ary = $auth->acl_get_list(false, array('a_', 'm_'), false);
f2e824
f2e824
		$admin_id_ary = $global_mod_id_ary = $mod_id_ary = $forum_id_ary = array();
f2e824
		foreach ($user_ary as $forum_id => $forum_ary)
f2e824
		{
f2e824
			foreach ($forum_ary as $auth_option => $id_ary)
f2e824
			{
f2e824
				if (!$forum_id)
f2e824
				{
f2e824
					if ($auth_option == 'a_')
f2e824
					{
f2e824
						$admin_id_ary = array_merge($admin_id_ary, $id_ary);
f2e824
					}
f2e824
					else
f2e824
					{
f2e824
						$global_mod_id_ary = array_merge($global_mod_id_ary, $id_ary);
f2e824
					}
f2e824
					continue;
f2e824
				}
f2e824
				else
f2e824
				{
f2e824
					$mod_id_ary = array_merge($mod_id_ary, $id_ary);
f2e824
				}
f2e824
f2e824
				if ($forum_id)
f2e824
				{
f2e824
					foreach ($id_ary as $id)
f2e824
					{
f2e824
						$forum_id_ary[$id][] = $forum_id;
f2e824
					}
f2e824
				}
f2e824
			}
f2e824
		}
f2e824
f2e824
		$admin_id_ary = array_unique($admin_id_ary);
f2e824
		$global_mod_id_ary = array_unique($global_mod_id_ary);
f2e824
f2e824
		$mod_id_ary = array_merge($mod_id_ary, $global_mod_id_ary);
f2e824
		$mod_id_ary = array_unique($mod_id_ary);
f2e824
f2e824
		// Admin group id...
f2e824
		$sql = 'SELECT group_id
f2e824
			FROM ' . GROUPS_TABLE . "
f2e824
			WHERE group_name = 'ADMINISTRATORS'";
f2e824
		$result = $db->sql_query($sql);
f2e824
		$admin_group_id = (int) $db->sql_fetchfield('group_id');
f2e824
		$db->sql_freeresult($result);
f2e824
f2e824
		// Get group memberships for the admin id ary...
f2e824
		$admin_memberships = group_memberships($admin_group_id, $admin_id_ary);
f2e824
f2e824
		$admin_user_ids = array();
f2e824
f2e824
		if (!empty($admin_memberships))
f2e824
		{
f2e824
			// ok, we only need the user ids...
f2e824
			foreach ($admin_memberships as $row)
f2e824
			{
f2e824
				$admin_user_ids[$row['user_id']] = true;
f2e824
			}
f2e824
		}
f2e824
		unset($admin_memberships);
f2e824
f2e824
		$sql = 'SELECT forum_id, forum_name
f2e824
			FROM ' . FORUMS_TABLE;
f2e824
		$result = $db->sql_query($sql);
f2e824
f2e824
		$forums = array();
f2e824
		while ($row = $db->sql_fetchrow($result))
f2e824
		{
f2e824
			$forums[$row['forum_id']] = $row['forum_name'];
f2e824
		}
f2e824
		$db->sql_freeresult($result);
f2e824
f2e824
		$sql = $db->sql_build_query('SELECT', array(
f2e824
			'SELECT'	=> 'u.user_id, u.group_id as default_group, u.username, u.username_clean, u.user_colour, u.user_rank, u.user_posts, u.user_allow_pm, g.group_id, g.group_name, g.group_colour, g.group_type, ug.user_id as ug_user_id',
f2e824
f2e824
			'FROM'		=> array(
f2e824
				USERS_TABLE		=> 'u',
f2e824
				GROUPS_TABLE	=> 'g'
f2e824
			),
f2e824
f2e824
			'LEFT_JOIN'	=> array(
f2e824
				array(
f2e824
					'FROM'	=> array(USER_GROUP_TABLE => 'ug'),
f2e824
					'ON'	=> 'ug.group_id = g.group_id AND ug.user_pending = 0 AND ug.user_id = ' . $user->data['user_id']
f2e824
				)
f2e824
			),
f2e824
f2e824
			'WHERE'		=> $db->sql_in_set('u.user_id', array_unique(array_merge($admin_id_ary, $mod_id_ary)), false, true) . '
f2e824
				AND u.group_id = g.group_id',
f2e824
f2e824
			'ORDER_BY'	=> 'g.group_name ASC, u.username_clean ASC'
f2e824
		));
f2e824
		$result = $db->sql_query($sql);
f2e824
f2e824
		while ($row = $db->sql_fetchrow($result))
f2e824
		{
f2e824
			$which_row = (in_array($row['user_id'], $admin_id_ary)) ? 'admin' : 'mod';
f2e824
f2e824
			// We sort out admins not within the 'Administrators' group.
f2e824
			// Else, we will list those as admin only having the permission to view logs for example.
f2e824
			if ($which_row == 'admin' && empty($admin_user_ids[$row['user_id']]))
f2e824
			{
f2e824
				// Remove from admin_id_ary, because the user may be a mod instead
f2e824
				unset($admin_id_ary[array_search($row['user_id'], $admin_id_ary)]);
f2e824
f2e824
				if (!in_array($row['user_id'], $mod_id_ary) && !in_array($row['user_id'], $global_mod_id_ary))
f2e824
				{
f2e824
					continue;
f2e824
				}
f2e824
				else
f2e824
				{
f2e824
					$which_row = 'mod';
f2e824
				}
f2e824
			}
f2e824
f2e824
			$s_forum_select = '';
f2e824
			$undisclosed_forum = false;
f2e824
f2e824
			if (isset($forum_id_ary[$row['user_id']]) && !in_array($row['user_id'], $global_mod_id_ary))
f2e824
			{
f2e824
				if ($which_row == 'mod' && sizeof(array_diff(array_keys($forums), $forum_id_ary[$row['user_id']])))
f2e824
				{
f2e824
					foreach ($forum_id_ary[$row['user_id']] as $forum_id)
f2e824
					{
f2e824
						if (isset($forums[$forum_id]))
f2e824
						{
f2e824
							if ($auth->acl_get('f_list', $forum_id))
f2e824
							{
f2e824
								$s_forum_select .= '<option value="">' . $forums[$forum_id] . '</option>';
f2e824
							}
f2e824
							else
f2e824
							{
f2e824
								$undisclosed_forum = true;
f2e824
							}
f2e824
						}
f2e824
					}
f2e824
				}
f2e824
			}
f2e824
f2e824
			// If the mod is only moderating non-viewable forums we skip the user. There is no gain in displaying the person then...
f2e824
			if (!$s_forum_select && $undisclosed_forum)
f2e824
			{
f2e824
//				$s_forum_select = '<option value="">' . $user->lang['FORUM_UNDISCLOSED'] . '</option>';
f2e824
				continue;
f2e824
			}
f2e824
f2e824
			// The person is moderating several "public" forums, therefore the person should be listed, but not giving the real group name if hidden.
f2e824
			if ($row['group_type'] == GROUP_HIDDEN && !$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $row['ug_user_id'] != $user->data['user_id'])
f2e824
			{
f2e824
				$group_name = $user->lang['GROUP_UNDISCLOSED'];
f2e824
				$u_group = '';
f2e824
			}
f2e824
			else
f2e824
			{
f2e824
				$group_name = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
f2e824
				$u_group = append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $row['group_id']);
f2e824
			}
f2e824
f2e824
			$rank_title = $rank_img = '';
f2e824
			get_user_rank($row['user_rank'], (($row['user_id'] == ANONYMOUS) ? false : $row['user_posts']), $rank_title, $rank_img, $rank_img_src);
f2e824
f2e824
			$template->assign_block_vars($which_row, array(
f2e824
				'USER_ID'		=> $row['user_id'],
f2e824
				'FORUMS'		=> $s_forum_select,
f2e824
				'RANK_TITLE'	=> $rank_title,
f2e824
				'GROUP_NAME'	=> $group_name,
f2e824
				'GROUP_COLOR'	=> $row['group_colour'],
f2e824
f2e824
				'RANK_IMG'		=> $rank_img,
f2e824
				'RANK_IMG_SRC'	=> $rank_img_src,
f2e824
f2e824
				'U_GROUP'			=> $u_group,
f2e824
				'U_PM'				=> ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($row['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $row['user_id']) : '',
f2e824
f2e824
				'USERNAME_FULL'		=> get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
f2e824
				'USERNAME'			=> get_username_string('username', $row['user_id'], $row['username'], $row['user_colour']),
f2e824
				'USER_COLOR'		=> get_username_string('colour', $row['user_id'], $row['username'], $row['user_colour']),
f2e824
				'U_VIEW_PROFILE'	=> get_username_string('profile', $row['user_id'], $row['username'], $row['user_colour']),
f2e824
			));
f2e824
		}
f2e824
		$db->sql_freeresult($result);
f2e824
f2e824
		$template->assign_vars(array(
f2e824
			'PM_IMG'		=> $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']))
f2e824
		);
f2e824
	break;
f2e824
f2e824
	case 'contact':
f2e824
f2e824
		$page_title = $user->lang['IM_USER'];
f2e824
		$template_html = 'memberlist_im.html';
f2e824
f2e824
		if (!$auth->acl_get('u_sendim'))
f2e824
		{
f2e824
			trigger_error('NOT_AUTHORISED');
f2e824
		}
f2e824
f2e824
		$presence_img = '';
f2e824
		switch ($action)
f2e824
		{
f2e824
			case 'aim':
f2e824
				$lang = 'AIM';
f2e824
				$sql_field = 'user_aim';
f2e824
				$s_select = 'S_SEND_AIM';
f2e824
				$s_action = '';
f2e824
			break;
f2e824
f2e824
			case 'msnm':
f2e824
				$lang = 'MSNM';
f2e824
				$sql_field = 'user_msnm';
f2e824
				$s_select = 'S_SEND_MSNM';
f2e824
				$s_action = '';
f2e824
			break;
f2e824
f2e824
			case 'jabber':
f2e824
				$lang = 'JABBER';
f2e824
				$sql_field = 'user_jabber';
f2e824
				$s_select = (@extension_loaded('xml') && $config['jab_enable']) ? 'S_SEND_JABBER' : 'S_NO_SEND_JABBER';
f2e824
				$s_action = append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=contact&action=$action&u=$user_id");
f2e824
			break;
f2e824
f2e824
			default:
f2e824
				trigger_error('NO_MODE', E_USER_ERROR);
f2e824
			break;
f2e824
		}
f2e824
f2e824
		// Grab relevant data
f2e824
		$sql = "SELECT user_id, username, user_email, user_lang, $sql_field
f2e824
			FROM " . USERS_TABLE . "
f2e824
			WHERE user_id = $user_id
f2e824
				AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
f2e824
		$result = $db->sql_query($sql);
f2e824
		$row = $db->sql_fetchrow($result);
f2e824
		$db->sql_freeresult($result);
f2e824
f2e824
		if (!$row)
f2e824
		{
f2e824
			trigger_error('NO_USER');
f2e824
		}
f2e824
		else if (empty($row[$sql_field]))
f2e824
		{
f2e824
			trigger_error('IM_NO_DATA');
f2e824
		}
f2e824
f2e824
		// Post data grab actions
f2e824
		switch ($action)
f2e824
		{
f2e824
			case 'jabber':
f2e824
				add_form_key('memberlist_messaging');
f2e824
f2e824
				if ($submit && @extension_loaded('xml') && $config['jab_enable'])
f2e824
				{
f2e824
					if (check_form_key('memberlist_messaging'))
f2e824
					{
f2e824
f2e824
						include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
f2e824
f2e824
						$subject = sprintf($user->lang['IM_JABBER_SUBJECT'], $user->data['username'], $config['server_name']);
f2e824
						$message = utf8_normalize_nfc(request_var('message', '', true));
f2e824
f2e824
						if (empty($message))
f2e824
						{
f2e824
							trigger_error('EMPTY_MESSAGE_IM');
f2e824
						}
f2e824
f2e824
						$messenger = new messenger(false);
f2e824
f2e824
						$messenger->template('profile_send_im', $row['user_lang']);
f2e824
						$messenger->subject(htmlspecialchars_decode($subject));
f2e824
f2e824
						$messenger->replyto($user->data['user_email']);
f2e824
						$messenger->im($row['user_jabber'], $row['username']);
f2e824
f2e824
						$messenger->assign_vars(array(
f2e824
							'BOARD_CONTACT'	=> $config['board_contact'],
f2e824
							'FROM_USERNAME'	=> htmlspecialchars_decode($user->data['username']),
f2e824
							'TO_USERNAME'	=> htmlspecialchars_decode($row['username']),
f2e824
							'MESSAGE'		=> htmlspecialchars_decode($message))
f2e824
						);
f2e824
f2e824
						$messenger->send(NOTIFY_IM);
f2e824
f2e824
						$s_select = 'S_SENT_JABBER';
f2e824
					}
f2e824
					else
f2e824
					{
f2e824
						trigger_error('FORM_INVALID');
f2e824
					}
f2e824
				}
f2e824
			break;
f2e824
		}
f2e824
f2e824
		// Send vars to the template
f2e824
		$template->assign_vars(array(
f2e824
			'IM_CONTACT'	=> $row[$sql_field],
f2e824
			'A_IM_CONTACT'	=> addslashes($row[$sql_field]),
f2e824
f2e824
			'U_AIM_CONTACT'	=> ($action == 'aim') ? 'aim:addbuddy?screenname=' . urlencode($row[$sql_field]) : '',
f2e824
			'U_AIM_MESSAGE'	=> ($action == 'aim') ? 'aim:goim?screenname=' . urlencode($row[$sql_field]) . '&message=' . urlencode($config['sitename']) : '',
f2e824
f2e824
			'USERNAME'		=> $row['username'],
f2e824
			'CONTACT_NAME'	=> $row[$sql_field],
f2e824
			'SITENAME'		=> $config['sitename'],
f2e824
f2e824
			'PRESENCE_IMG'		=> $presence_img,
f2e824
f2e824
			'L_SEND_IM_EXPLAIN'	=> $user->lang['IM_' . $lang],
f2e824
			'L_IM_SENT_JABBER'	=> sprintf($user->lang['IM_SENT_JABBER'], $row['username']),
f2e824
f2e824
			$s_select			=> true,
f2e824
			'S_IM_ACTION'		=> $s_action)
f2e824
		);
f2e824
f2e824
	break;
f2e824
f2e824
	case 'viewprofile':
f2e824
		// Display a profile
f2e824
		if ($user_id == ANONYMOUS && !$username)
f2e824
		{
f2e824
			trigger_error('NO_USER');
f2e824
		}
f2e824
f2e824
		// Get user...
f2e824
		$sql = 'SELECT *
f2e824
			FROM ' . USERS_TABLE . '
f2e824
			WHERE ' . (($username) ? "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'" : "user_id = $user_id");
f2e824
		$result = $db->sql_query($sql);
f2e824
		$member = $db->sql_fetchrow($result);
f2e824
		$db->sql_freeresult($result);
f2e824
f2e824
		if (!$member)
f2e824
		{
f2e824
			trigger_error('NO_USER');
f2e824
		}
f2e824
f2e824
		// a_user admins and founder are able to view inactive users and bots to be able to manage them more easily
f2e824
		// Normal users are able to see at least users having only changed their profile settings but not yet reactivated.
f2e824
		if (!$auth->acl_get('a_user') && $user->data['user_type'] != USER_FOUNDER)
f2e824
		{
f2e824
			if ($member['user_type'] == USER_IGNORE)
f2e824
			{
f2e824
				trigger_error('NO_USER');
f2e824
			}
f2e824
			else if ($member['user_type'] == USER_INACTIVE && $member['user_inactive_reason'] != INACTIVE_PROFILE)
f2e824
			{
f2e824
				trigger_error('NO_USER');
f2e824
			}
f2e824
		}
f2e824
f2e824
		$user_id = (int) $member['user_id'];
f2e824
f2e824
		// Do the SQL thang
f2e824
		$sql = 'SELECT g.group_id, g.group_name, g.group_type
f2e824
			FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
f2e824
			WHERE ug.user_id = $user_id
f2e824
				AND g.group_id = ug.group_id" . ((!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? ' AND g.group_type <> ' . GROUP_HIDDEN : '') . '
f2e824
				AND ug.user_pending = 0
f2e824
			ORDER BY g.group_type, g.group_name';
f2e824
		$result = $db->sql_query($sql);
f2e824
f2e824
		$group_options = '';
f2e824
		while ($row = $db->sql_fetchrow($result))
f2e824
		{
f2e824
			$group_options .= '<option value="' . $row['group_id'] . '"' . (($row['group_id'] == $member['group_id']) ? ' selected="selected"' : '') . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
f2e824
		}
f2e824
		$db->sql_freeresult($result);
f2e824
f2e824
		// What colour is the zebra
f2e824
		$sql = 'SELECT friend, foe
f2e824
			FROM ' . ZEBRA_TABLE . "
f2e824
			WHERE zebra_id = $user_id
f2e824
				AND user_id = {$user->data['user_id']}";
f2e824
f2e824
		$result = $db->sql_query($sql);
f2e824
		$row = $db->sql_fetchrow($result);
f2e824
		$foe = ($row['foe']) ? true : false;
f2e824
		$friend = ($row['friend']) ? true : false;
f2e824
		$db->sql_freeresult($result);
f2e824
f2e824
		if ($config['load_onlinetrack'])
f2e824
		{
f2e824
			$sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
f2e824
				FROM ' . SESSIONS_TABLE . "
f2e824
				WHERE session_user_id = $user_id";
f2e824
			$result = $db->sql_query($sql);
f2e824
			$row = $db->sql_fetchrow($result);
f2e824
			$db->sql_freeresult($result);
f2e824
f2e824
			$member['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0;
f2e824
			$member['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] :	0;
f2e824
			unset($row);
f2e824
		}
f2e824
f2e824
		if ($config['load_user_activity'])
f2e824
		{
f2e824
			display_user_activity($member);
f2e824
		}
f2e824
f2e824
		// Do the relevant calculations
f2e824
		$memberdays = max(1, round((time() - $member['user_regdate']) / 86400));
f2e824
		$posts_per_day = $member['user_posts'] / $memberdays;
f2e824
		$percentage = ($config['num_posts']) ? min(100, ($member['user_posts'] / $config['num_posts']) * 100) : 0;
f2e824
f2e824
f2e824
		if ($member['user_sig'])
f2e824
		{
f2e824
			$member['user_sig'] = censor_text($member['user_sig']);
f2e824
f2e824
			if ($member['user_sig_bbcode_bitfield'])
f2e824
			{
f2e824
				include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
f2e824
				$bbcode = new bbcode();
f2e824
				$bbcode->bbcode_second_pass($member['user_sig'], $member['user_sig_bbcode_uid'], $member['user_sig_bbcode_bitfield']);
f2e824
			}
f2e824
f2e824
			$member['user_sig'] = bbcode_nl2br($member['user_sig']);
f2e824
			$member['user_sig'] = smiley_text($member['user_sig']);
f2e824
		}
f2e824
f2e824
		$poster_avatar = get_user_avatar($member['user_avatar'], $member['user_avatar_type'], $member['user_avatar_width'], $member['user_avatar_height']);
f2e824
f2e824
		$template->assign_vars(show_profile($member));
f2e824
f2e824
		// Custom Profile Fields
f2e824
		$profile_fields = array();
f2e824
		if ($config['load_cpf_viewprofile'])
f2e824
		{
f2e824
			include_once($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
f2e824
			$cp = new custom_profile();
f2e824
			$profile_fields = $cp->generate_profile_fields_template('grab', $user_id);
f2e824
			$profile_fields = (isset($profile_fields[$user_id])) ? $cp->generate_profile_fields_template('show', false, $profile_fields[$user_id]) : array();
f2e824
		}
f2e824
f2e824
		// We need to check if the module 'zebra' is accessible
f2e824
		$zebra_enabled = false;
f2e824
f2e824
		if ($user->data['user_id'] != $user_id && $user->data['is_registered'])
f2e824
		{
f2e824
			include_once($phpbb_root_path . 'includes/functions_module.' . $phpEx);
f2e824
			$module = new p_master();
f2e824
			$module->list_modules('ucp');
f2e824
			$module->set_active('zebra');
f2e824
f2e824
			$zebra_enabled = ($module->active_module === false) ? false : true;
f2e824
f2e824
			unset($module);
f2e824
		}
f2e824
f2e824
		// If the user has m_approve permission or a_user permission, then list then display unapproved posts
f2e824
		if ($auth->acl_getf_global('m_approve') || $auth->acl_get('a_user'))
f2e824
		{
f2e824
			$sql = 'SELECT COUNT(post_id) as posts_in_queue
f2e824
				FROM ' . POSTS_TABLE . '
f2e824
				WHERE poster_id = ' . $user_id . '
f2e824
					AND post_approved = 0';
f2e824
			$result = $db->sql_query($sql);
f2e824
			$member['posts_in_queue'] = (int) $db->sql_fetchfield('posts_in_queue');
f2e824
			$db->sql_freeresult($result);
f2e824
		}
f2e824
		else
f2e824
		{
f2e824
			$member['posts_in_queue'] = 0;
f2e824
		}
f2e824
f2e824
		$template->assign_vars(array(
f2e824
			'L_POSTS_IN_QUEUE'	=> $user->lang('NUM_POSTS_IN_QUEUE', $member['posts_in_queue']),
f2e824
f2e824
			'POSTS_DAY'			=> sprintf($user->lang['POST_DAY'], $posts_per_day),
f2e824
			'POSTS_PCT'			=> sprintf($user->lang['POST_PCT'], $percentage),
f2e824
f2e824
			'OCCUPATION'	=> (!empty($member['user_occ'])) ? censor_text($member['user_occ']) : '',
f2e824
			'INTERESTS'		=> (!empty($member['user_interests'])) ? censor_text($member['user_interests']) : '',
f2e824
			'SIGNATURE'		=> $member['user_sig'],
f2e824
			'POSTS_IN_QUEUE'=> $member['posts_in_queue'],
f2e824
f2e824
			'AVATAR_IMG'	=> $poster_avatar,
f2e824
			'PM_IMG'		=> $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']),
f2e824
			'EMAIL_IMG'		=> $user->img('icon_contact_email', $user->lang['EMAIL']),
f2e824
			'WWW_IMG'		=> $user->img('icon_contact_www', $user->lang['WWW']),
f2e824
			'ICQ_IMG'		=> $user->img('icon_contact_icq', $user->lang['ICQ']),
f2e824
			'AIM_IMG'		=> $user->img('icon_contact_aim', $user->lang['AIM']),
f2e824
			'MSN_IMG'		=> $user->img('icon_contact_msnm', $user->lang['MSNM']),
f2e824
			'YIM_IMG'		=> $user->img('icon_contact_yahoo', $user->lang['YIM']),
f2e824
			'JABBER_IMG'	=> $user->img('icon_contact_jabber', $user->lang['JABBER']),
f2e824
			'SEARCH_IMG'	=> $user->img('icon_user_search', $user->lang['SEARCH']),
f2e824
f2e824
			'S_PROFILE_ACTION'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group'),
f2e824
			'S_GROUP_OPTIONS'	=> $group_options,
f2e824
			'S_CUSTOM_FIELDS'	=> (isset($profile_fields['row']) && sizeof($profile_fields['row'])) ? true : false,
f2e824
f2e824
			'U_USER_ADMIN'			=> ($auth->acl_get('a_user')) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", 'i=users&mode=overview&u=' . $user_id, true, $user->session_id) : '',
f2e824
			'U_USER_BAN'			=> ($auth->acl_get('m_ban') && $user_id != $user->data['user_id']) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=ban&mode=user&u=' . $user_id, true, $user->session_id) : '',
f2e824
			'U_MCP_QUEUE'			=> ($auth->acl_getf_global('m_approve')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue', true, $user->session_id) : '',
f2e824
f2e824
			'U_SWITCH_PERMISSIONS'	=> ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_id) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&u={$user_id}") : '',
f2e824
f2e824
			'S_ZEBRA'			=> ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false,
f2e824
			'U_ADD_FRIEND'		=> (!$friend) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&add=' . urlencode(htmlspecialchars_decode($member['username']))) : '',
f2e824
			'U_ADD_FOE'			=> (!$foe) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&mode=foes&add=' . urlencode(htmlspecialchars_decode($member['username']))) : '',
f2e824
			'U_REMOVE_FRIEND'	=> ($friend) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&remove=1&usernames[]=' . $user_id) : '',
f2e824
			'U_REMOVE_FOE'		=> ($foe) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&remove=1&mode=foes&usernames[]=' . $user_id) : '',
f2e824
		));
f2e824
f2e824
		if (!empty($profile_fields['row']))
f2e824
		{
f2e824
			$template->assign_vars($profile_fields['row']);
f2e824
		}
f2e824
f2e824
		if (!empty($profile_fields['blockrow']))
f2e824
		{
f2e824
			foreach ($profile_fields['blockrow'] as $field_data)
f2e824
			{
f2e824
				$template->assign_block_vars('custom_fields', $field_data);
f2e824
			}
f2e824
		}
f2e824
f2e824
		// Inactive reason/account?
f2e824
		if ($member['user_type'] == USER_INACTIVE)
f2e824
		{
f2e824
			$user->add_lang('acp/common');
f2e824
f2e824
			$inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
f2e824
f2e824
			switch ($member['user_inactive_reason'])
f2e824
			{
f2e824
				case INACTIVE_REGISTER:
f2e824
					$inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
f2e824
				break;
f2e824
f2e824
				case INACTIVE_PROFILE:
f2e824
					$inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
f2e824
				break;
f2e824
f2e824
				case INACTIVE_MANUAL:
f2e824
					$inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
f2e824
				break;
f2e824
f2e824
				case INACTIVE_REMIND:
f2e824
					$inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
f2e824
				break;
f2e824
			}
f2e824
f2e824
			$template->assign_vars(array(
f2e824
				'S_USER_INACTIVE'		=> true,
f2e824
				'USER_INACTIVE_REASON'	=> $inactive_reason)
f2e824
			);
f2e824
		}
f2e824
f2e824
		// Now generate page title
f2e824
		$page_title = sprintf($user->lang['VIEWING_PROFILE'], $member['username']);
f2e824
		$template_html = 'memberlist_view.html';
f2e824
f2e824
	break;
f2e824
f2e824
	case 'email':
f2e824
f2e824
		// Send an email
f2e824
		$page_title = $user->lang['SEND_EMAIL'];
f2e824
		$template_html = 'memberlist_email.html';
f2e824
f2e824
		add_form_key('memberlist_email');
f2e824
f2e824
		if (!$config['email_enable'])
f2e824
		{
f2e824
			trigger_error('EMAIL_DISABLED');
f2e824
		}
f2e824
f2e824
		if (!$auth->acl_get('u_sendemail'))
f2e824
		{
f2e824
			trigger_error('NO_EMAIL');
f2e824
		}
f2e824
f2e824
		// Are we trying to abuse the facility?
f2e824
		if (time() - $user->data['user_emailtime'] < $config['flood_interval'])
f2e824
		{
f2e824
			trigger_error('FLOOD_EMAIL_LIMIT');
f2e824
		}
f2e824
f2e824
		// Determine action...
f2e824
		$user_id = request_var('u', 0);
f2e824
		$topic_id = request_var('t', 0);
f2e824
f2e824
		// Send email to user...
f2e824
		if ($user_id)
f2e824
		{
f2e824
			if ($user_id == ANONYMOUS || !$config['board_email_form'])
f2e824
			{
f2e824
				trigger_error('NO_EMAIL');
f2e824
			}
f2e824
f2e824
			// Get the appropriate username, etc.
f2e824
			$sql = 'SELECT username, user_email, user_allow_viewemail, user_lang, user_jabber, user_notify_type
f2e824
				FROM ' . USERS_TABLE . "
f2e824
				WHERE user_id = $user_id
f2e824
					AND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
f2e824
			$result = $db->sql_query($sql);
f2e824
			$row = $db->sql_fetchrow($result);
f2e824
			$db->sql_freeresult($result);
f2e824
f2e824
			if (!$row)
f2e824
			{
f2e824
				trigger_error('NO_USER');
f2e824
			}
f2e824
f2e824
			// Can we send email to this user?
f2e824
			if (!$row['user_allow_viewemail'] && !$auth->acl_get('a_user'))
f2e824
			{
f2e824
				trigger_error('NO_EMAIL');
f2e824
			}
f2e824
		}
f2e824
		else if ($topic_id)
f2e824
		{
f2e824
			// Send topic heads-up to email address
f2e824
			$sql = 'SELECT forum_id, topic_title
f2e824
				FROM ' . TOPICS_TABLE . "
f2e824
				WHERE topic_id = $topic_id";
f2e824
			$result = $db->sql_query($sql);
f2e824
			$row = $db->sql_fetchrow($result);
f2e824
			$db->sql_freeresult($result);
f2e824
f2e824
			if (!$row)
f2e824
			{
f2e824
				trigger_error('NO_TOPIC');
f2e824
			}
f2e824
f2e824
			if ($row['forum_id'])
f2e824
			{
f2e824
				if (!$auth->acl_get('f_read', $row['forum_id']))
f2e824
				{
f2e824
					trigger_error('SORRY_AUTH_READ');
f2e824
				}
f2e824
f2e824
				if (!$auth->acl_get('f_email', $row['forum_id']))
f2e824
				{
f2e824
					trigger_error('NO_EMAIL');
f2e824
				}
f2e824
			}
f2e824
			else
f2e824
			{
f2e824
				// If global announcement, we need to check if the user is able to at least read and email in one forum...
f2e824
				if (!$auth->acl_getf_global('f_read'))
f2e824
				{
f2e824
					trigger_error('SORRY_AUTH_READ');
f2e824
				}
f2e824
f2e824
				if (!$auth->acl_getf_global('f_email'))
f2e824
				{
f2e824
					trigger_error('NO_EMAIL');
f2e824
				}
f2e824
			}
f2e824
		}
f2e824
		else
f2e824
		{
f2e824
			trigger_error('NO_EMAIL');
f2e824
		}
f2e824
f2e824
		$error = array();
f2e824
f2e824
		$name		= utf8_normalize_nfc(request_var('name', '', true));
f2e824
		$email		= request_var('email', '');
f2e824
		$email_lang = request_var('lang', $config['default_lang']);
f2e824
		$subject	= utf8_normalize_nfc(request_var('subject', '', true));
f2e824
		$message	= utf8_normalize_nfc(request_var('message', '', true));
f2e824
		$cc			= (isset($_POST['cc_email'])) ? true : false;
f2e824
		$submit		= (isset($_POST['submit'])) ? true : false;
f2e824
f2e824
		if ($submit)
f2e824
		{
f2e824
			if (!check_form_key('memberlist_email'))
f2e824
			{
f2e824
				$error[] = 'FORM_INVALID';
f2e824
			}
f2e824
			if ($user_id)
f2e824
			{
f2e824
				if (!$subject)
f2e824
				{
f2e824
					$error[] = $user->lang['EMPTY_SUBJECT_EMAIL'];
f2e824
				}
f2e824
f2e824
				if (!$message)
f2e824
				{
f2e824
					$error[] = $user->lang['EMPTY_MESSAGE_EMAIL'];
f2e824
				}
f2e824
f2e824
				$name = $row['username'];
f2e824
				$email_lang = $row['user_lang'];
f2e824
				$email = $row['user_email'];
f2e824
			}
f2e824
			else
f2e824
			{
f2e824
				if (!$email || !preg_match('/^' . get_preg_expression('email') . '$/i', $email))
f2e824
				{
f2e824
					$error[] = $user->lang['EMPTY_ADDRESS_EMAIL'];
f2e824
				}
f2e824
f2e824
				if (!$name)
f2e824
				{
f2e824
					$error[] = $user->lang['EMPTY_NAME_EMAIL'];
f2e824
				}
f2e824
			}
f2e824
f2e824
			if (!sizeof($error))
f2e824
			{
f2e824
				$sql = 'UPDATE ' . USERS_TABLE . '
f2e824
					SET user_emailtime = ' . time() . '
f2e824
					WHERE user_id = ' . $user->data['user_id'];
f2e824
				$result = $db->sql_query($sql);
f2e824
f2e824
				include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
f2e824
				$messenger = new messenger(false);
f2e824
				$email_tpl = ($user_id) ? 'profile_send_email' : 'email_notify';
f2e824
f2e824
				$mail_to_users = array();
f2e824
f2e824
				$mail_to_users[] = array(
f2e824
					'email_lang'		=> $email_lang,
f2e824
					'email'				=> $email,
f2e824
					'name'				=> $name,
f2e824
					'username'			=> ($user_id) ? $row['username'] : '',
f2e824
					'to_name'			=> $name,
f2e824
					'user_jabber'		=> ($user_id) ? $row['user_jabber'] : '',
f2e824
					'user_notify_type'	=> ($user_id) ? $row['user_notify_type'] : NOTIFY_EMAIL,
f2e824
					'topic_title'		=> (!$user_id) ? $row['topic_title'] : '',
f2e824
					'forum_id'			=> (!$user_id) ? $row['forum_id'] : 0,
f2e824
				);
f2e824
f2e824
				// Ok, now the same email if CC specified, but without exposing the users email address
f2e824
				if ($cc)
f2e824
				{
f2e824
					$mail_to_users[] = array(
f2e824
						'email_lang'		=> $user->data['user_lang'],
f2e824
						'email'				=> $user->data['user_email'],
f2e824
						'name'				=> $user->data['username'],
f2e824
						'username'			=> $user->data['username'],
f2e824
						'to_name'			=> $name,
f2e824
						'user_jabber'		=> $user->data['user_jabber'],
f2e824
						'user_notify_type'	=> ($user_id) ? $user->data['user_notify_type'] : NOTIFY_EMAIL,
f2e824
						'topic_title'		=> (!$user_id) ? $row['topic_title'] : '',
f2e824
						'forum_id'			=> (!$user_id) ? $row['forum_id'] : 0,
f2e824
					);
f2e824
				}
f2e824
f2e824
				foreach ($mail_to_users as $row)
f2e824
				{
f2e824
					$messenger->template($email_tpl, $row['email_lang']);
f2e824
					$messenger->replyto($user->data['user_email']);
f2e824
					$messenger->to($row['email'], $row['name']);
f2e824
f2e824
					if ($user_id)
f2e824
					{
f2e824
						$messenger->subject(htmlspecialchars_decode($subject));
f2e824
						$messenger->im($row['user_jabber'], $row['username']);
f2e824
						$notify_type = $row['user_notify_type'];
f2e824
					}
f2e824
					else
f2e824
					{
f2e824
						$notify_type = NOTIFY_EMAIL;
f2e824
					}
f2e824
f2e824
					$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
f2e824
					$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
f2e824
					$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
f2e824
					$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
f2e824
f2e824
					$messenger->assign_vars(array(
f2e824
						'BOARD_CONTACT'	=> $config['board_contact'],
f2e824
						'TO_USERNAME'	=> htmlspecialchars_decode($row['to_name']),
f2e824
						'FROM_USERNAME'	=> htmlspecialchars_decode($user->data['username']),
f2e824
						'MESSAGE'		=> htmlspecialchars_decode($message))
f2e824
					);
f2e824
f2e824
					if ($topic_id)
f2e824
					{
f2e824
						$messenger->assign_vars(array(
f2e824
							'TOPIC_NAME'	=> htmlspecialchars_decode($row['topic_title']),
f2e824
							'U_TOPIC'		=> generate_board_url() . "/viewtopic.$phpEx?f=" . $row['forum_id'] . "&t=$topic_id")
f2e824
						);
f2e824
					}
f2e824
f2e824
					$messenger->send($notify_type);
f2e824
				}
f2e824
f2e824
				meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
f2e824
				$message = ($user_id) ? sprintf($user->lang['RETURN_INDEX'], '', '') : sprintf($user->lang['RETURN_TOPIC'],  '', '');
f2e824
				trigger_error($user->lang['EMAIL_SENT'] . '

' . $message);
f2e824
			}
f2e824
		}
f2e824
f2e824
		if ($user_id)
f2e824
		{
f2e824
			$template->assign_vars(array(
f2e824
				'S_SEND_USER'	=> true,
f2e824
				'USERNAME'		=> $row['username'],
f2e824
f2e824
				'L_EMAIL_BODY_EXPLAIN'	=> $user->lang['EMAIL_BODY_EXPLAIN'],
f2e824
				'S_POST_ACTION'			=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=email&u=' . $user_id))
f2e824
			);
f2e824
		}
f2e824
		else
f2e824
		{
f2e824
			$template->assign_vars(array(
f2e824
				'EMAIL'				=> $email,
f2e824
				'NAME'				=> $name,
f2e824
				'S_LANG_OPTIONS'	=> language_select($email_lang),
f2e824
f2e824
				'L_EMAIL_BODY_EXPLAIN'	=> $user->lang['EMAIL_TOPIC_EXPLAIN'],
f2e824
				'S_POST_ACTION'			=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=email&t=' . $topic_id))
f2e824
			);
f2e824
		}
f2e824
f2e824
		$template->assign_vars(array(
f2e824
			'ERROR_MESSAGE'		=> (sizeof($error)) ? implode('
', $error) : '')
f2e824
		);
f2e824
f2e824
	break;
f2e824
f2e824
	case 'group':
f2e824
	default:
f2e824
		// The basic memberlist
f2e824
		$page_title = $user->lang['MEMBERLIST'];
f2e824
		$template_html = 'memberlist_body.html';
f2e824
f2e824
		// Sorting
f2e824
		$sort_key_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_LOCATION'], 'c' => $user->lang['SORT_JOINED'], 'd' => $user->lang['SORT_POST_COUNT'], 'f' => $user->lang['WEBSITE'], 'g' => $user->lang['ICQ'], 'h' => $user->lang['AIM'], 'i' => $user->lang['MSNM'], 'j' => $user->lang['YIM'], 'k' => $user->lang['JABBER']);
f2e824
		$sort_key_sql = array('a' => 'u.username_clean', 'b' => 'u.user_from', 'c' => 'u.user_regdate', 'd' => 'u.user_posts', 'f' => 'u.user_website', 'g' => 'u.user_icq', 'h' => 'u.user_aim', 'i' => 'u.user_msnm', 'j' => 'u.user_yim', 'k' => 'u.user_jabber');
f2e824
f2e824
		if ($auth->acl_get('a_user'))
f2e824
		{
f2e824
			$sort_key_text['e'] = $user->lang['SORT_EMAIL'];
f2e824
			$sort_key_sql['e'] = 'u.user_email';
f2e824
		}
f2e824
f2e824
		if ($auth->acl_get('u_viewonline'))
f2e824
		{
f2e824
			$sort_key_text['l'] = $user->lang['SORT_LAST_ACTIVE'];
f2e824
			$sort_key_sql['l'] = 'u.user_lastvisit';
f2e824
		}
f2e824
f2e824
		$sort_key_text['m'] = $user->lang['SORT_RANK'];
f2e824
		$sort_key_sql['m'] = 'u.user_rank';
f2e824
f2e824
		$sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
f2e824
f2e824
		$s_sort_key = '';
f2e824
		foreach ($sort_key_text as $key => $value)
f2e824
		{
f2e824
			$selected = ($sort_key == $key) ? ' selected="selected"' : '';
f2e824
			$s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
f2e824
		}
f2e824
f2e824
		$s_sort_dir = '';
f2e824
		foreach ($sort_dir_text as $key => $value)
f2e824
		{
f2e824
			$selected = ($sort_dir == $key) ? ' selected="selected"' : '';
f2e824
			$s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
f2e824
		}
f2e824
f2e824
		// Additional sorting options for user search ... if search is enabled, if not
f2e824
		// then only admins can make use of this (for ACP functionality)
f2e824
		$sql_select = $sql_where_data = $sql_from = $sql_where = $order_by = '';
f2e824
f2e824
f2e824
		$form			= request_var('form', '');
f2e824
		$field			= request_var('field', '');
f2e824
		$select_single 	= request_var('select_single', false);
f2e824
f2e824
		// Search URL parameters, if any of these are in the URL we do a search
f2e824
		$search_params = array('username', 'email', 'icq', 'aim', 'yahoo', 'msn', 'jabber', 'search_group_id', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'ip');
f2e824
f2e824
		// We validate form and field here, only id/class allowed
f2e824
		$form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form;
f2e824
		$field = (!preg_match('/^[a-z0-9_-]+$/i', $field)) ? '' : $field;
f2e824
		if (($mode == 'searchuser' || sizeof(array_intersect(array_keys($_GET), $search_params)) > 0) && ($config['load_search'] || $auth->acl_get('a_')))
f2e824
		{
f2e824
			$username	= request_var('username', '', true);
f2e824
			$email		= strtolower(request_var('email', ''));
f2e824
			$icq		= request_var('icq', '');
f2e824
			$aim		= request_var('aim', '');
f2e824
			$yahoo		= request_var('yahoo', '');
f2e824
			$msn		= request_var('msn', '');
f2e824
			$jabber		= request_var('jabber', '');
f2e824
			$search_group_id	= request_var('search_group_id', 0);
f2e824
f2e824
			$joined_select	= request_var('joined_select', 'lt');
f2e824
			$active_select	= request_var('active_select', 'lt');
f2e824
			$count_select	= request_var('count_select', 'eq');
f2e824
			$joined			= explode('-', request_var('joined', ''));
f2e824
			$active			= explode('-', request_var('active', ''));
f2e824
			$count			= (request_var('count', '') !== '') ? request_var('count', 0) : '';
f2e824
			$ipdomain		= request_var('ip', '');
f2e824
f2e824
			$find_key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
f2e824
f2e824
			$find_count = array('lt' => $user->lang['LESS_THAN'], 'eq' => $user->lang['EQUAL_TO'], 'gt' => $user->lang['MORE_THAN']);
f2e824
			$s_find_count = '';
f2e824
			foreach ($find_count as $key => $value)
f2e824
			{
f2e824
				$selected = ($count_select == $key) ? ' selected="selected"' : '';
f2e824
				$s_find_count .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
f2e824
			}
f2e824
f2e824
			$find_time = array('lt' => $user->lang['BEFORE'], 'gt' => $user->lang['AFTER']);
f2e824
			$s_find_join_time = '';
f2e824
			foreach ($find_time as $key => $value)
f2e824
			{
f2e824
				$selected = ($joined_select == $key) ? ' selected="selected"' : '';
f2e824
				$s_find_join_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
f2e824
			}
f2e824
f2e824
			$s_find_active_time = '';
f2e824
			foreach ($find_time as $key => $value)
f2e824
			{
f2e824
				$selected = ($active_select == $key) ? ' selected="selected"' : '';
f2e824
				$s_find_active_time .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
f2e824
			}
f2e824
f2e824
			$sql_where .= ($username) ? ' AND u.username_clean ' . $db->sql_like_expression(str_replace('*', $db->any_char, utf8_clean_string($username))) : '';
f2e824
			$sql_where .= ($auth->acl_get('a_user') && $email) ? ' AND u.user_email ' . $db->sql_like_expression(str_replace('*', $db->any_char, $email)) . ' ' : '';
f2e824
			$sql_where .= ($icq) ? ' AND u.user_icq ' . $db->sql_like_expression(str_replace('*', $db->any_char, $icq)) . ' ' : '';
f2e824
			$sql_where .= ($aim) ? ' AND u.user_aim ' . $db->sql_like_expression(str_replace('*', $db->any_char, $aim)) . ' ' : '';
f2e824
			$sql_where .= ($yahoo) ? ' AND u.user_yim ' . $db->sql_like_expression(str_replace('*', $db->any_char, $yahoo)) . ' ' : '';
f2e824
			$sql_where .= ($msn) ? ' AND u.user_msnm ' . $db->sql_like_expression(str_replace('*', $db->any_char, $msn)) . ' ' : '';
f2e824
			$sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->any_char, $jabber)) . ' ' : '';
f2e824
			$sql_where .= (is_numeric($count)) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : '';
f2e824
			$sql_where .= (sizeof($joined) > 1) ? " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
f2e824
			$sql_where .= ($auth->acl_get('u_viewonline') && sizeof($active) > 1) ? " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
f2e824
			$sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : '';
f2e824
f2e824
			if ($search_group_id)
f2e824
			{
f2e824
				$sql_from = ', ' . USER_GROUP_TABLE . ' ug ';
f2e824
			}
f2e824
f2e824
			if ($ipdomain && $auth->acl_getf_global('m_info'))
f2e824
			{
f2e824
				if (strspn($ipdomain, 'abcdefghijklmnopqrstuvwxyz'))
f2e824
				{
f2e824
					$hostnames = gethostbynamel($ipdomain);
f2e824
f2e824
					if ($hostnames !== false)
f2e824
					{
f2e824
						$ips = "'" . implode('\', \'', array_map(array($db, 'sql_escape'), preg_replace('#([0-9]{1,3}\.[0-9]{1,3}[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#', "\\1", gethostbynamel($ipdomain)))) . "'";
f2e824
					}
f2e824
					else
f2e824
					{
f2e824
						$ips = false;
f2e824
					}
f2e824
				}
f2e824
				else
f2e824
				{
f2e824
					$ips = "'" . str_replace('*', '%', $db->sql_escape($ipdomain)) . "'";
f2e824
				}
f2e824
f2e824
				if ($ips === false)
f2e824
				{
f2e824
					// A minor fudge but it does the job :D
f2e824
					$sql_where .= " AND u.user_id = 0";
f2e824
				}
f2e824
				else
f2e824
				{
f2e824
					$ip_forums = array_keys($auth->acl_getf('m_info', true));
f2e824
f2e824
					$sql = 'SELECT DISTINCT poster_id
f2e824
						FROM ' . POSTS_TABLE . '
f2e824
						WHERE poster_ip ' . ((strpos($ips, '%') !== false) ? 'LIKE' : 'IN') . " ($ips)
f2e824
							AND forum_id IN (0, " . implode(', ', $ip_forums) . ')';
f2e824
					$result = $db->sql_query($sql);
f2e824
f2e824
					if ($row = $db->sql_fetchrow($result))
f2e824
					{
f2e824
						$ip_sql = array();
f2e824
						do
f2e824
						{
f2e824
							$ip_sql[] = $row['poster_id'];
f2e824
						}
f2e824
						while ($row = $db->sql_fetchrow($result));
f2e824
f2e824
						$sql_where .= ' AND ' . $db->sql_in_set('u.user_id', $ip_sql);
f2e824
					}
f2e824
					else
f2e824
					{
f2e824
						// A minor fudge but it does the job :D
f2e824
						$sql_where .= " AND u.user_id = 0";
f2e824
					}
f2e824
					unset($ip_forums);
f2e824
f2e824
					$db->sql_freeresult($result);
f2e824
				}
f2e824
			}
f2e824
		}
f2e824
f2e824
		$first_char = request_var('first_char', '');
f2e824
f2e824
		if ($first_char == 'other')
f2e824
		{
f2e824
			for ($i = 97; $i < 123; $i++)
f2e824
			{
f2e824
				$sql_where .= ' AND u.username_clean NOT ' . $db->sql_like_expression(chr($i) . $db->any_char);
f2e824
			}
f2e824
		}
f2e824
		else if ($first_char)
f2e824
		{
f2e824
			$sql_where .= ' AND u.username_clean ' . $db->sql_like_expression(substr($first_char, 0, 1) . $db->any_char);
f2e824
		}
f2e824
f2e824
		// Are we looking at a usergroup? If so, fetch additional info
f2e824
		// and further restrict the user info query
f2e824
		if ($mode == 'group')
f2e824
		{
f2e824
			// We JOIN here to save a query for determining membership for hidden groups. ;)
f2e824
			$sql = 'SELECT g.*, ug.user_id
f2e824
				FROM ' . GROUPS_TABLE . ' g
f2e824
				LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (ug.user_pending = 0 AND ug.user_id = ' . $user->data['user_id'] . " AND ug.group_id = $group_id)
f2e824
				WHERE g.group_id = $group_id";
f2e824
			$result = $db->sql_query($sql);
f2e824
			$group_row = $db->sql_fetchrow($result);
f2e824
			$db->sql_freeresult($result);
f2e824
f2e824
			if (!$group_row)
f2e824
			{
f2e824
				trigger_error('NO_GROUP');
f2e824
			}
f2e824
f2e824
			switch ($group_row['group_type'])
f2e824
			{
f2e824
				case GROUP_OPEN:
f2e824
					$group_row['l_group_type'] = 'OPEN';
f2e824
				break;
f2e824
f2e824
				case GROUP_CLOSED:
f2e824
					$group_row['l_group_type'] = 'CLOSED';
f2e824
				break;
f2e824
f2e824
				case GROUP_HIDDEN:
f2e824
					$group_row['l_group_type'] = 'HIDDEN';
f2e824
f2e824
					// Check for membership or special permissions
f2e824
					if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $group_row['user_id'] != $user->data['user_id'])
f2e824
					{
f2e824
						trigger_error('NO_GROUP');
f2e824
					}
f2e824
				break;
f2e824
f2e824
				case GROUP_SPECIAL:
f2e824
					$group_row['l_group_type'] = 'SPECIAL';
f2e824
				break;
f2e824
f2e824
				case GROUP_FREE:
f2e824
					$group_row['l_group_type'] = 'FREE';
f2e824
				break;
f2e824
			}
f2e824
f2e824
			// Misusing the avatar function for displaying group avatars...
f2e824
			$avatar_img = get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR');
f2e824
f2e824
			$rank_title = $rank_img = $rank_img_src = '';
f2e824
			if ($group_row['group_rank'])
f2e824
			{
f2e824
				if (isset($ranks['special'][$group_row['group_rank']]))
f2e824
				{
f2e824
					$rank_title = $ranks['special'][$group_row['group_rank']]['rank_title'];
f2e824
				}
f2e824
				$rank_img = (!empty($ranks['special'][$group_row['group_rank']]['rank_image'])) ? '' . $ranks['special'][$group_row['group_rank']]['rank_title'] . '
' : '';
f2e824
				$rank_img_src = (!empty($ranks['special'][$group_row['group_rank']]['rank_image'])) ? $config['ranks_path'] . '/' . $ranks['special'][$group_row['group_rank']]['rank_image'] : '';
f2e824
			}
f2e824
			else
f2e824
			{
f2e824
				$rank_title = '';
f2e824
				$rank_img = '';
f2e824
				$rank_img_src = '';
f2e824
			}
f2e824
f2e824
			$template->assign_vars(array(
f2e824
				'GROUP_DESC'	=> generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']),
f2e824
				'GROUP_NAME'	=> ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'],
f2e824
				'GROUP_COLOR'	=> $group_row['group_colour'],
f2e824
				'GROUP_TYPE'	=> $user->lang['GROUP_IS_' . $group_row['l_group_type']],
f2e824
				'GROUP_RANK'	=> $rank_title,
f2e824
f2e824
				'AVATAR_IMG'	=> $avatar_img,
f2e824
				'RANK_IMG'		=> $rank_img,
f2e824
				'RANK_IMG_SRC'	=> $rank_img_src,
f2e824
f2e824
				'U_PM'			=> ($auth->acl_get('u_sendpm') && $auth->acl_get('u_masspm_group') && $group_row['group_receive_pm'] && $config['allow_privmsg'] && $config['allow_mass_pm']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&g=' . $group_id) : '',)
f2e824
			);
f2e824
f2e824
			$sql_select = ', ug.group_leader';
f2e824
			$sql_from = ', ' . USER_GROUP_TABLE . ' ug ';
f2e824
			$order_by = 'ug.group_leader DESC, ';
f2e824
f2e824
			$sql_where .= " AND ug.user_pending = 0 AND u.user_id = ug.user_id AND ug.group_id = $group_id";
f2e824
			$sql_where_data = " AND u.user_id = ug.user_id AND ug.group_id = $group_id";
f2e824
		}
f2e824
f2e824
		// Sorting and order
f2e824
		if (!isset($sort_key_sql[$sort_key]))
f2e824
		{
f2e824
			$sort_key = $default_key;
f2e824
		}
f2e824
f2e824
		$order_by .= $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
f2e824
f2e824
		// Unfortunately we must do this here for sorting by rank, else the sort order is applied wrongly
f2e824
		if ($sort_key == 'm')
f2e824
		{
f2e824
			$order_by .= ', u.user_posts DESC';
f2e824
		}
f2e824
f2e824
		// Count the users ...
f2e824
		if ($sql_where)
f2e824
		{
f2e824
			$sql = 'SELECT COUNT(u.user_id) AS total_users
f2e824
				FROM ' . USERS_TABLE . " u$sql_from
f2e824
				WHERE u.user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ")
f2e824
				$sql_where";
f2e824
			$result = $db->sql_query($sql);
f2e824
			$total_users = (int) $db->sql_fetchfield('total_users');
f2e824
			$db->sql_freeresult($result);
f2e824
		}
f2e824
		else
f2e824
		{
f2e824
			$total_users = $config['num_users'];
f2e824
		}
f2e824
f2e824
		$s_char_options = '<option value=""' . ((!$first_char) ? ' selected="selected"' : '') . '>   </option>';
f2e824
		for ($i = 97; $i < 123; $i++)
f2e824
		{
f2e824
			$s_char_options .= '<option value="' . chr($i) . '"' . (($first_char == chr($i)) ? ' selected="selected"' : '') . '>' . chr($i-32) . '</option>';
f2e824
		}
f2e824
		$s_char_options .= '<option value="other"' . (($first_char == 'other') ? ' selected="selected"' : '') . '>' . $user->lang['OTHER'] . '</option>';
f2e824
f2e824
		// Build a relevant pagination_url
f2e824
		$params = $sort_params = array();
f2e824
f2e824
		// We do not use request_var() here directly to save some calls (not all variables are set)
f2e824
		$check_params = array(
f2e824
			'g'				=> array('g', 0),
f2e824
			'sk'			=> array('sk', $default_key),
f2e824
			'sd'			=> array('sd', 'a'),
f2e824
			'form'			=> array('form', ''),
f2e824
			'field'			=> array('field', ''),
f2e824
			'select_single'	=> array('select_single', $select_single),
f2e824
			'username'		=> array('username', '', true),
f2e824
			'email'			=> array('email', ''),
f2e824
			'icq'			=> array('icq', ''),
f2e824
			'aim'			=> array('aim', ''),
f2e824
			'yahoo'			=> array('yahoo', ''),
f2e824
			'msn'			=> array('msn', ''),
f2e824
			'jabber'		=> array('jabber', ''),
f2e824
			'search_group_id'	=> array('search_group_id', 0),
f2e824
			'joined_select'	=> array('joined_select', 'lt'),
f2e824
			'active_select'	=> array('active_select', 'lt'),
f2e824
			'count_select'	=> array('count_select', 'eq'),
f2e824
			'joined'		=> array('joined', ''),
f2e824
			'active'		=> array('active', ''),
f2e824
			'count'			=> (request_var('count', '') !== '') ? array('count', 0) : array('count', ''),
f2e824
			'ipdomain'		=> array('ip', ''),
f2e824
			'first_char'	=> array('first_char', ''),
f2e824
		);
f2e824
f2e824
		foreach ($check_params as $key => $call)
f2e824
		{
f2e824
			if (!isset($_REQUEST[$key]))
f2e824
			{
f2e824
				continue;
f2e824
			}
f2e824
f2e824
			$param = call_user_func_array('request_var', $call);
f2e824
			$param = urlencode($key) . '=' . ((is_string($param)) ? urlencode($param) : $param);
f2e824
			$params[] = $param;
f2e824
f2e824
			if ($key != 'sk' && $key != 'sd')
f2e824
			{
f2e824
				$sort_params[] = $param;
f2e824
			}
f2e824
		}
f2e824
f2e824
		$u_hide_find_member = append_sid("{$phpbb_root_path}memberlist.$phpEx", "start=$start" . (!empty($params) ? '&' . implode('&', $params) : ''));
f2e824
f2e824
		if ($mode)
f2e824
		{
f2e824
			$params[] = "mode=$mode";
f2e824
		}
f2e824
		$sort_params[] = "mode=$mode";
f2e824
f2e824
		$pagination_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&', $params));
f2e824
		$sort_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&', $sort_params));
f2e824
f2e824
		unset($search_params, $sort_params);
f2e824
f2e824
		// Some search user specific data
f2e824
		if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))
f2e824
		{
f2e824
			$group_selected = request_var('search_group_id', 0);
f2e824
			$s_group_select = '<option value="0"' . ((!$group_selected) ? ' selected="selected"' : '') . '> </option>';
f2e824
			$group_ids = array();
f2e824
f2e824
			/**
f2e824
			* @todo add this to a separate function (function is responsible for returning the groups the user is able to see based on the users group membership)
f2e824
			*/
f2e824
f2e824
			if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel'))
f2e824
			{
f2e824
				$sql = 'SELECT group_id, group_name, group_type
f2e824
					FROM ' . GROUPS_TABLE;
f2e824
f2e824
				if (!$config['coppa_enable'])
f2e824
				{
f2e824
					$sql .= " WHERE group_name <> 'REGISTERED_COPPA'";
f2e824
				}
f2e824
f2e824
				$sql .= ' ORDER BY group_name ASC';
f2e824
			}
f2e824
			else
f2e824
			{
f2e824
				$sql = 'SELECT g.group_id, g.group_name, g.group_type
f2e824
					FROM ' . GROUPS_TABLE . ' g
f2e824
					LEFT JOIN ' . USER_GROUP_TABLE . ' ug
f2e824
						ON (
f2e824
							g.group_id = ug.group_id
f2e824
							AND ug.user_id = ' . $user->data['user_id'] . '
f2e824
							AND ug.user_pending = 0
f2e824
						)
f2e824
					WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')';
f2e824
f2e824
				if (!$config['coppa_enable'])
f2e824
				{
f2e824
					$sql .= " AND g.group_name <> 'REGISTERED_COPPA'";
f2e824
				}
f2e824
f2e824
				$sql .= ' ORDER BY g.group_name ASC';
f2e824
			}
f2e824
			$result = $db->sql_query($sql);
f2e824
f2e824
			while ($row = $db->sql_fetchrow($result))
f2e824
			{
f2e824
				$group_ids[] = $row['group_id'];
f2e824
				$s_group_select .= '<option value="' . $row['group_id'] . '"' . (($group_selected == $row['group_id']) ? ' selected="selected"' : '') . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
f2e824
			}
f2e824
			$db->sql_freeresult($result);
f2e824
f2e824
			if ($group_selected !== 0 && !in_array($group_selected, $group_ids))
f2e824
			{
f2e824
				trigger_error('NO_GROUP');
f2e824
			}
f2e824
f2e824
			$template->assign_vars(array(
f2e824
				'USERNAME'	=> $username,
f2e824
				'EMAIL'		=> $email,
f2e824
				'ICQ'		=> $icq,
f2e824
				'AIM'		=> $aim,
f2e824
				'YAHOO'		=> $yahoo,
f2e824
				'MSNM'		=> $msn,
f2e824
				'JABBER'	=> $jabber,
f2e824
				'JOINED'	=> implode('-', $joined),
f2e824
				'ACTIVE'	=> implode('-', $active),
f2e824
				'COUNT'		=> $count,
f2e824
				'IP'		=> $ipdomain,
f2e824
f2e824
				'S_IP_SEARCH_ALLOWED'	=> ($auth->acl_getf_global('m_info')) ? true : false,
f2e824
				'S_EMAIL_SEARCH_ALLOWED'=> ($auth->acl_get('a_user')) ? true : false,
f2e824
				'S_IN_SEARCH_POPUP'		=> ($form && $field) ? true : false,
f2e824
				'S_SEARCH_USER'			=> true,
f2e824
				'S_FORM_NAME'			=> $form,
f2e824
				'S_FIELD_NAME'			=> $field,
f2e824
				'S_SELECT_SINGLE'		=> $select_single,
f2e824
				'S_COUNT_OPTIONS'		=> $s_find_count,
f2e824
				'S_SORT_OPTIONS'		=> $s_sort_key,
f2e824
				'S_JOINED_TIME_OPTIONS'	=> $s_find_join_time,
f2e824
				'S_ACTIVE_TIME_OPTIONS'	=> $s_find_active_time,
f2e824
				'S_GROUP_SELECT'		=> $s_group_select,
f2e824
				'S_USER_SEARCH_ACTION'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=searchuser&form=$form&field=$field"))
f2e824
			);
f2e824
		}
f2e824
f2e824
		// Get us some users :D
f2e824
		$sql = "SELECT u.user_id
f2e824
			FROM " . USERS_TABLE . " u
f2e824
				$sql_from
f2e824
			WHERE u.user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ")
f2e824
				$sql_where
f2e824
			ORDER BY $order_by";
f2e824
		$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
f2e824
f2e824
		$user_list = array();
f2e824
		while ($row = $db->sql_fetchrow($result))
f2e824
		{
f2e824
			$user_list[] = (int) $row['user_id'];
f2e824
		}
f2e824
		$db->sql_freeresult($result);
f2e824
		$leaders_set = false;
f2e824
		// So, did we get any users?
f2e824
		if (sizeof($user_list))
f2e824
		{
f2e824
			// Session time?! Session time...
f2e824
			$sql = 'SELECT session_user_id, MAX(session_time) AS session_time
f2e824
				FROM ' . SESSIONS_TABLE . '
f2e824
				WHERE session_time >= ' . (time() - $config['session_length']) . '
f2e824
					AND ' . $db->sql_in_set('session_user_id', $user_list) . '
f2e824
				GROUP BY session_user_id';
f2e824
			$result = $db->sql_query($sql);
f2e824
f2e824
			$session_times = array();
f2e824
			while ($row = $db->sql_fetchrow($result))
f2e824
			{
f2e824
				$session_times[$row['session_user_id']] = $row['session_time'];
f2e824
			}
f2e824
			$db->sql_freeresult($result);
f2e824
f2e824
			// Do the SQL thang
f2e824
			if ($mode == 'group')
f2e824
			{
f2e824
				$sql = "SELECT u.*
f2e824
						$sql_select
f2e824
					FROM " . USERS_TABLE . " u
f2e824
						$sql_from
f2e824
					WHERE " . $db->sql_in_set('u.user_id', $user_list) . "
f2e824
						$sql_where_data";
f2e824
			}
f2e824
			else
f2e824
			{
f2e824
				$sql = 'SELECT *
f2e824
					FROM ' . USERS_TABLE . '
f2e824
					WHERE ' . $db->sql_in_set('user_id', $user_list);
f2e824
			}
f2e824
			$result = $db->sql_query($sql);
f2e824
f2e824
			$id_cache = array();
f2e824
			while ($row = $db->sql_fetchrow($result))
f2e824
			{
f2e824
				$row['session_time'] = (!empty($session_times[$row['user_id']])) ? $session_times[$row['user_id']] : 0;
f2e824
				$row['last_visit'] = (!empty($row['session_time'])) ? $row['session_time'] : $row['user_lastvisit'];
f2e824
f2e824
				$id_cache[$row['user_id']] = $row;
f2e824
			}
f2e824
			$db->sql_freeresult($result);
f2e824
f2e824
			// Load custom profile fields
f2e824
			if ($config['load_cpf_memberlist'])
f2e824
			{
f2e824
				include_once($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
f2e824
				$cp = new custom_profile();
f2e824
f2e824
				// Grab all profile fields from users in id cache for later use - similar to the poster cache
f2e824
				$profile_fields_cache = $cp->generate_profile_fields_template('grab', $user_list);
f2e824
			}
f2e824
f2e824
			// If we sort by last active date we need to adjust the id cache due to user_lastvisit not being the last active date...
f2e824
			if ($sort_key == 'l')
f2e824
			{
f2e824
//				uasort($id_cache, create_function('$first, $second', "return (\$first['last_visit'] == \$second['last_visit']) ? 0 : ((\$first['last_visit'] < \$second['last_visit']) ? $lesser_than : ($lesser_than * -1));"));
f2e824
				usort($user_list,  '_sort_last_active');
f2e824
			}
f2e824
f2e824
			for ($i = 0, $end = sizeof($user_list); $i < $end; ++$i)
f2e824
			{
f2e824
				$user_id = $user_list[$i];
f2e824
				$row =& $id_cache[$user_id];
f2e824
				$is_leader = (isset($row['group_leader']) && $row['group_leader']) ? true : false;
f2e824
				$leaders_set = ($leaders_set || $is_leader);
f2e824
f2e824
				$cp_row = array();
f2e824
				if ($config['load_cpf_memberlist'])
f2e824
				{
f2e824
					$cp_row = (isset($profile_fields_cache[$user_id])) ? $cp->generate_profile_fields_template('show', false, $profile_fields_cache[$user_id]) : array();
f2e824
				}
f2e824
f2e824
				$memberrow = array_merge(show_profile($row), array(
f2e824
					'ROW_NUMBER'		=> $i + ($start + 1),
f2e824
f2e824
					'S_CUSTOM_PROFILE'	=> (isset($cp_row['row']) && sizeof($cp_row['row'])) ? true : false,
f2e824
					'S_GROUP_LEADER'	=> $is_leader,
f2e824
f2e824
					'U_VIEW_PROFILE'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&u=' . $user_id))
f2e824
				);
f2e824
f2e824
				if (isset($cp_row['row']) && sizeof($cp_row['row']))
f2e824
				{
f2e824
					$memberrow = array_merge($memberrow, $cp_row['row']);
f2e824
				}
f2e824
f2e824
				$template->assign_block_vars('memberrow', $memberrow);
f2e824
f2e824
				if (isset($cp_row['blockrow']) && sizeof($cp_row['blockrow']))
f2e824
				{
f2e824
					foreach ($cp_row['blockrow'] as $field_data)
f2e824
					{
f2e824
						$template->assign_block_vars('memberrow.custom_fields', $field_data);
f2e824
					}
f2e824
				}
f2e824
f2e824
				unset($id_cache[$user_id]);
f2e824
			}
f2e824
		}
f2e824
f2e824
		// Generate page
f2e824
		$template->assign_vars(array(
f2e824
			'PAGINATION'	=> generate_pagination($pagination_url, $total_users, $config['topics_per_page'], $start),
f2e824
			'PAGE_NUMBER'	=> on_page($total_users, $config['topics_per_page'], $start),
f2e824
			'TOTAL_USERS'	=> ($total_users == 1) ? $user->lang['LIST_USER'] : sprintf($user->lang['LIST_USERS'], $total_users),
f2e824
f2e824
			'PROFILE_IMG'	=> $user->img('icon_user_profile', $user->lang['PROFILE']),
f2e824
			'PM_IMG'		=> $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']),
f2e824
			'EMAIL_IMG'		=> $user->img('icon_contact_email', $user->lang['EMAIL']),
f2e824
			'WWW_IMG'		=> $user->img('icon_contact_www', $user->lang['WWW']),
f2e824
			'ICQ_IMG'		=> $user->img('icon_contact_icq', $user->lang['ICQ']),
f2e824
			'AIM_IMG'		=> $user->img('icon_contact_aim', $user->lang['AIM']),
f2e824
			'MSN_IMG'		=> $user->img('icon_contact_msnm', $user->lang['MSNM']),
f2e824
			'YIM_IMG'		=> $user->img('icon_contact_yahoo', $user->lang['YIM']),
f2e824
			'JABBER_IMG'	=> $user->img('icon_contact_jabber', $user->lang['JABBER']),
f2e824
			'SEARCH_IMG'	=> $user->img('icon_user_search', $user->lang['SEARCH']),
f2e824
f2e824
			'U_FIND_MEMBER'			=> ($config['load_search'] || $auth->acl_get('a_')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser' . (($start) ? "&start=$start" : '') . (!empty($params) ? '&' . implode('&', $params) : '')) : '',
f2e824
			'U_HIDE_FIND_MEMBER'	=> ($mode == 'searchuser') ? $u_hide_find_member : '',
f2e824
			'U_SORT_USERNAME'		=> $sort_url . '&sk=a&sd=' . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_FROM'			=> $sort_url . '&sk=b&sd=' . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_JOINED'			=> $sort_url . '&sk=c&sd=' . (($sort_key == 'c' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_POSTS'			=> $sort_url . '&sk=d&sd=' . (($sort_key == 'd' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_EMAIL'			=> $sort_url . '&sk=e&sd=' . (($sort_key == 'e' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_WEBSITE'		=> $sort_url . '&sk=f&sd=' . (($sort_key == 'f' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_LOCATION'		=> $sort_url . '&sk=b&sd=' . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_ICQ'			=> $sort_url . '&sk=g&sd=' . (($sort_key == 'g' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_AIM'			=> $sort_url . '&sk=h&sd=' . (($sort_key == 'h' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_MSN'			=> $sort_url . '&sk=i&sd=' . (($sort_key == 'i' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_YIM'			=> $sort_url . '&sk=j&sd=' . (($sort_key == 'j' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_SORT_ACTIVE'			=> ($auth->acl_get('u_viewonline')) ? $sort_url . '&sk=l&sd=' . (($sort_key == 'l' && $sort_dir == 'a') ? 'd' : 'a') : '',
f2e824
			'U_SORT_RANK'			=> $sort_url . '&sk=m&sd=' . (($sort_key == 'm' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
			'U_LIST_CHAR'			=> $sort_url . '&sk=a&sd=' . (($sort_key == 'l' && $sort_dir == 'a') ? 'd' : 'a'),
f2e824
f2e824
			'S_SHOW_GROUP'		=> ($mode == 'group') ? true : false,
f2e824
			'S_VIEWONLINE'		=> $auth->acl_get('u_viewonline'),
f2e824
			'S_LEADERS_SET'		=> $leaders_set,
f2e824
			'S_MODE_SELECT'		=> $s_sort_key,
f2e824
			'S_ORDER_SELECT'	=> $s_sort_dir,
f2e824
			'S_CHAR_OPTIONS'	=> $s_char_options,
f2e824
			'S_MODE_ACTION'		=> $pagination_url)
f2e824
		);
f2e824
}
f2e824
f2e824
// Output the page
f2e824
page_header($page_title);
f2e824
f2e824
$template->set_filenames(array(
f2e824
	'body' => $template_html)
f2e824
);
f2e824
make_jumpbox(append_sid("{$phpbb_root_path}viewforum.$phpEx"));
f2e824
f2e824
page_footer();
f2e824
f2e824
/**
f2e824
* Prepare profile data
f2e824
*/
f2e824
function show_profile($data)
f2e824
{
f2e824
	global $config, $auth, $template, $user, $phpEx, $phpbb_root_path;
f2e824
f2e824
	$username = $data['username'];
f2e824
	$user_id = $data['user_id'];
f2e824
f2e824
	$rank_title = $rank_img = $rank_img_src = '';
f2e824
	get_user_rank($data['user_rank'], (($user_id == ANONYMOUS) ? false : $data['user_posts']), $rank_title, $rank_img, $rank_img_src);
f2e824
f2e824
	if (!empty($data['user_allow_viewemail']) || $auth->acl_get('a_user'))
f2e824
	{
f2e824
		$email = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=email&u=' . $user_id) : (($config['board_hide_emails'] && !$auth->acl_get('a_user')) ? '' : 'mailto:' . $data['user_email']);
f2e824
	}
f2e824
	else
f2e824
	{
f2e824
		$email = '';
f2e824
	}
f2e824
f2e824
	if ($config['load_onlinetrack'])
f2e824
	{
f2e824
		$update_time = $config['load_online_time'] * 60;
f2e824
		$online = (time() - $update_time < $data['session_time'] && ((isset($data['session_viewonline']) && $data['session_viewonline']) || $auth->acl_get('u_viewonline'))) ? true : false;
f2e824
	}
f2e824
	else
f2e824
	{
f2e824
		$online = false;
f2e824
	}
f2e824
f2e824
	if ($data['user_allow_viewonline'] || $auth->acl_get('u_viewonline'))
f2e824
	{
f2e824
		$last_visit = (!empty($data['session_time'])) ? $data['session_time'] : $data['user_lastvisit'];
f2e824
	}
f2e824
	else
f2e824
	{
f2e824
		$last_visit = '';
f2e824
	}
f2e824
f2e824
	$age = '';
f2e824
f2e824
	if ($config['allow_birthdays'] && $data['user_birthday'])
f2e824
	{
f2e824
		list($bday_day, $bday_month, $bday_year) = array_map('intval', explode('-', $data['user_birthday']));
f2e824
f2e824
		if ($bday_year)
f2e824
		{
f2e824
			$now = getdate(time() + $user->timezone + $user->dst - date('Z'));
f2e824
f2e824
			$diff = $now['mon'] - $bday_month;
f2e824
			if ($diff == 0)
f2e824
			{
f2e824
				$diff = ($now['mday'] - $bday_day < 0) ? 1 : 0;
f2e824
			}
f2e824
			else
f2e824
			{
f2e824
				$diff = ($diff < 0) ? 1 : 0;
f2e824
			}
f2e824
f2e824
			$age = (int) ($now['year'] - $bday_year - $diff);
f2e824
		}
f2e824
	}
f2e824
f2e824
	// Dump it out to the template
f2e824
	return array(
f2e824
		'AGE'			=> $age,
f2e824
		'RANK_TITLE'	=> $rank_title,
f2e824
		'JOINED'		=> $user->format_date($data['user_regdate']),
f2e824
		'VISITED'		=> (empty($last_visit)) ? ' - ' : $user->format_date($last_visit),
f2e824
		'POSTS'			=> ($data['user_posts']) ? $data['user_posts'] : 0,
f2e824
		'WARNINGS'		=> isset($data['user_warnings']) ? $data['user_warnings'] : 0,
f2e824
f2e824
		'USERNAME_FULL'		=> get_username_string('full', $user_id, $username, $data['user_colour']),
f2e824
		'USERNAME'			=> get_username_string('username', $user_id, $username, $data['user_colour']),
f2e824
		'USER_COLOR'		=> get_username_string('colour', $user_id, $username, $data['user_colour']),
f2e824
		'U_VIEW_PROFILE'	=> get_username_string('profile', $user_id, $username, $data['user_colour']),
f2e824
f2e824
		'A_USERNAME'		=> addslashes(get_username_string('username', $user_id, $username, $data['user_colour'])),
f2e824
f2e824
		'AVATAR_IMG'		=> get_user_avatar($data['user_avatar'], $data['user_avatar_type'], $data['user_avatar_width'], $data['user_avatar_height']),
f2e824
		'ONLINE_IMG'		=> (!$config['load_onlinetrack']) ? '' : (($online) ? $user->img('icon_user_online', 'ONLINE') : $user->img('icon_user_offline', 'OFFLINE')),
f2e824
		'S_ONLINE'			=> ($config['load_onlinetrack'] && $online) ? true : false,
f2e824
		'RANK_IMG'			=> $rank_img,
f2e824
		'RANK_IMG_SRC'		=> $rank_img_src,
f2e824
		'ICQ_STATUS_IMG'	=> (!empty($data['user_icq'])) ? '' : '',
f2e824
		'S_JABBER_ENABLED'	=> ($config['jab_enable']) ? true : false,
f2e824
f2e824
		'U_SEARCH_USER'	=> ($auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id=$user_id&sr=posts") : '',
f2e824
		'U_NOTES'		=> $auth->acl_getf_global('m_') ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes&u=' . $user_id, true, $user->session_id) : '',
f2e824
		'U_WARN'		=> $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&mode=warn_user&u=' . $user_id, true, $user->session_id) : '',
f2e824
		'U_PM'			=> ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($data['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $user_id) : '',
f2e824
		'U_EMAIL'		=> $email,
f2e824
		'U_WWW'			=> (!empty($data['user_website'])) ? $data['user_website'] : '',
f2e824
		'U_ICQ'			=> ($data['user_icq']) ? 'http://www.icq.com/people/webmsg.php?to=' . urlencode($data['user_icq']) : '',
f2e824
		'U_AIM'			=> ($data['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=aim&u=' . $user_id) : '',
f2e824
		'U_YIM'			=> ($data['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($data['user_yim']) . '&.src=pg' : '',
f2e824
		'U_MSN'			=> ($data['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=msnm&u=' . $user_id) : '',
f2e824
		'U_JABBER'		=> ($data['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $user_id) : '',
f2e824
		'LOCATION'		=> ($data['user_from']) ? $data['user_from'] : '',
f2e824
f2e824
		'USER_ICQ'			=> $data['user_icq'],
f2e824
		'USER_AIM'			=> $data['user_aim'],
f2e824
		'USER_YIM'			=> $data['user_yim'],
f2e824
		'USER_MSN'			=> $data['user_msnm'],
f2e824
		'USER_JABBER'		=> $data['user_jabber'],
f2e824
		'USER_JABBER_IMG'	=> ($data['user_jabber']) ? $user->img('icon_contact_jabber', $data['user_jabber']) : '',
f2e824
f2e824
		'L_VIEWING_PROFILE'	=> sprintf($user->lang['VIEWING_PROFILE'], $username),
f2e824
	);
f2e824
}
f2e824
f2e824
function _sort_last_active($first, $second)
f2e824
{
f2e824
	global $id_cache, $sort_dir;
f2e824
f2e824
	$lesser_than = ($sort_dir === 'd') ? -1 : 1;
f2e824
f2e824
	if (isset($id_cache[$first]['group_leader']) && $id_cache[$first]['group_leader'] && (!isset($id_cache[$second]['group_leader']) || !$id_cache[$second]['group_leader']))
f2e824
	{
f2e824
		return -1;
f2e824
	}
f2e824
	else if (isset($id_cache[$second]['group_leader']) && (!isset($id_cache[$first]['group_leader']) || !$id_cache[$first]['group_leader']) && $id_cache[$second]['group_leader'])
f2e824
	{
f2e824
		return 1;
f2e824
	}
f2e824
	else
f2e824
	{
f2e824
		return $lesser_than * (int) ($id_cache[$first]['last_visit'] - $id_cache[$second]['last_visit']);
f2e824
	}
f2e824
}
f2e824
f2e824
?>