Profile-View.php 69 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148
  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2011 Simple Machines
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.1 Alpha 1
  11. */
  12. if (!defined('SMF'))
  13. die('Hacking attempt...');
  14. /**
  15. * View a summary.
  16. * @param int $memID id_member
  17. */
  18. function summary($memID)
  19. {
  20. global $context, $memberContext, $txt, $modSettings, $user_info, $user_profile, $sourcedir, $scripturl, $smcFunc;
  21. // Attempt to load the member's profile data.
  22. if (!loadMemberContext($memID) || !isset($memberContext[$memID]))
  23. fatal_lang_error('not_a_user', false);
  24. // Set up the stuff and load the user.
  25. $context += array(
  26. 'page_title' => sprintf($txt['profile_of_username'], $memberContext[$memID]['name']),
  27. 'can_send_pm' => allowedTo('pm_send'),
  28. 'can_have_buddy' => allowedTo('profile_identity_own') && !empty($modSettings['enable_buddylist']),
  29. 'can_issue_warning' => in_array('w', $context['admin_features']) && allowedTo('issue_warning') && $modSettings['warning_settings'][0] == 1,
  30. );
  31. $context['member'] = &$memberContext[$memID];
  32. $context['can_view_warning'] = in_array('w', $context['admin_features']) && (allowedTo('issue_warning') && !$context['user']['is_owner']) || (!empty($modSettings['warning_show']) && ($modSettings['warning_show'] > 1 || $context['user']['is_owner']));
  33. // Set a canonical URL for this page.
  34. $context['canonical_url'] = $scripturl . '?action=profile;u=' . $memID;
  35. // Are there things we don't show?
  36. $context['disabled_fields'] = isset($modSettings['disabled_profile_fields']) ? array_flip(explode(',', $modSettings['disabled_profile_fields'])) : array();
  37. // See if they have broken any warning levels...
  38. list ($modSettings['warning_enable'], $modSettings['user_limit']) = explode(',', $modSettings['warning_settings']);
  39. if (!empty($modSettings['warning_mute']) && $modSettings['warning_mute'] <= $context['member']['warning'])
  40. $context['warning_status'] = $txt['profile_warning_is_muted'];
  41. elseif (!empty($modSettings['warning_moderate']) && $modSettings['warning_moderate'] <= $context['member']['warning'])
  42. $context['warning_status'] = $txt['profile_warning_is_moderation'];
  43. elseif (!empty($modSettings['warning_watch']) && $modSettings['warning_watch'] <= $context['member']['warning'])
  44. $context['warning_status'] = $txt['profile_warning_is_watch'];
  45. // They haven't even been registered for a full day!?
  46. $days_registered = (int) ((time() - $user_profile[$memID]['date_registered']) / (3600 * 24));
  47. if (empty($user_profile[$memID]['date_registered']) || $days_registered < 1)
  48. $context['member']['posts_per_day'] = $txt['not_applicable'];
  49. else
  50. $context['member']['posts_per_day'] = comma_format($context['member']['real_posts'] / $days_registered, 3);
  51. // Set the age...
  52. if (empty($context['member']['birth_date']))
  53. {
  54. $context['member'] += array(
  55. 'age' => $txt['not_applicable'],
  56. 'today_is_birthday' => false
  57. );
  58. }
  59. else
  60. {
  61. list ($birth_year, $birth_month, $birth_day) = sscanf($context['member']['birth_date'], '%d-%d-%d');
  62. $datearray = getdate(forum_time());
  63. $context['member'] += array(
  64. 'age' => $birth_year <= 4 ? $txt['not_applicable'] : $datearray['year'] - $birth_year - (($datearray['mon'] > $birth_month || ($datearray['mon'] == $birth_month && $datearray['mday'] >= $birth_day)) ? 0 : 1),
  65. 'today_is_birthday' => $datearray['mon'] == $birth_month && $datearray['mday'] == $birth_day
  66. );
  67. }
  68. if (allowedTo('moderate_forum'))
  69. {
  70. // Make sure it's a valid ip address; otherwise, don't bother...
  71. if (preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $memberContext[$memID]['ip']) == 1 && empty($modSettings['disableHostnameLookup']))
  72. $context['member']['hostname'] = host_from_ip($memberContext[$memID]['ip']);
  73. else
  74. $context['member']['hostname'] = '';
  75. $context['can_see_ip'] = true;
  76. }
  77. else
  78. $context['can_see_ip'] = false;
  79. if (!empty($modSettings['who_enabled']))
  80. {
  81. include_once($sourcedir . '/Who.php');
  82. $action = determineActions($user_profile[$memID]['url']);
  83. if ($action !== false)
  84. $context['member']['action'] = $action;
  85. }
  86. // If the user is awaiting activation, and the viewer has permission - setup some activation context messages.
  87. if ($context['member']['is_activated'] % 10 != 1 && allowedTo('moderate_forum'))
  88. {
  89. $context['activate_type'] = $context['member']['is_activated'];
  90. // What should the link text be?
  91. $context['activate_link_text'] = in_array($context['member']['is_activated'], array(3, 4, 5, 13, 14, 15)) ? $txt['account_approve'] : $txt['account_activate'];
  92. // Should we show a custom message?
  93. $context['activate_message'] = isset($txt['account_activate_method_' . $context['member']['is_activated'] % 10]) ? $txt['account_activate_method_' . $context['member']['is_activated'] % 10] : $txt['account_not_activated'];
  94. }
  95. // Is the signature even enabled on this forum?
  96. $context['signature_enabled'] = substr($modSettings['signature_settings'], 0, 1) == 1;
  97. // How about, are they banned?
  98. $context['member']['bans'] = array();
  99. if (allowedTo('moderate_forum'))
  100. {
  101. // Can they edit the ban?
  102. $context['can_edit_ban'] = allowedTo('manage_bans');
  103. $ban_query = array();
  104. $ban_query_vars = array(
  105. 'time' => time(),
  106. );
  107. $ban_query[] = 'id_member = ' . $context['member']['id'];
  108. // Valid IP?
  109. if (preg_match('/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/', $memberContext[$memID]['ip'], $ip_parts) == 1)
  110. {
  111. $ban_query[] = '((' . $ip_parts[1] . ' BETWEEN bi.ip_low1 AND bi.ip_high1)
  112. AND (' . $ip_parts[2] . ' BETWEEN bi.ip_low2 AND bi.ip_high2)
  113. AND (' . $ip_parts[3] . ' BETWEEN bi.ip_low3 AND bi.ip_high3)
  114. AND (' . $ip_parts[4] . ' BETWEEN bi.ip_low4 AND bi.ip_high4))';
  115. // Do we have a hostname already?
  116. if (!empty($context['member']['hostname']))
  117. {
  118. $ban_query[] = '({string:hostname} LIKE hostname)';
  119. $ban_query_vars['hostname'] = $context['member']['hostname'];
  120. }
  121. }
  122. // Use '255.255.255.255' for 'unknown' - it's not valid anyway.
  123. elseif ($memberContext[$memID]['ip'] == 'unknown')
  124. $ban_query[] = '(bi.ip_low1 = 255 AND bi.ip_high1 = 255
  125. AND bi.ip_low2 = 255 AND bi.ip_high2 = 255
  126. AND bi.ip_low3 = 255 AND bi.ip_high3 = 255
  127. AND bi.ip_low4 = 255 AND bi.ip_high4 = 255)';
  128. // Check their email as well...
  129. if (strlen($context['member']['email']) != 0)
  130. {
  131. $ban_query[] = '({string:email} LIKE bi.email_address)';
  132. $ban_query_vars['email'] = $context['member']['email'];
  133. }
  134. // So... are they banned? Dying to know!
  135. $request = $smcFunc['db_query']('', '
  136. SELECT bg.id_ban_group, bg.name, bg.cannot_access, bg.cannot_post, bg.cannot_register,
  137. bg.cannot_login, bg.reason
  138. FROM {db_prefix}ban_items AS bi
  139. INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group AND (bg.expire_time IS NULL OR bg.expire_time > {int:time}))
  140. WHERE (' . implode(' OR ', $ban_query) . ')',
  141. $ban_query_vars
  142. );
  143. while ($row = $smcFunc['db_fetch_assoc']($request))
  144. {
  145. // Work out what restrictions we actually have.
  146. $ban_restrictions = array();
  147. foreach (array('access', 'register', 'login', 'post') as $type)
  148. if ($row['cannot_' . $type])
  149. $ban_restrictions[] = $txt['ban_type_' . $type];
  150. // No actual ban in place?
  151. if (empty($ban_restrictions))
  152. continue;
  153. // Prepare the link for context.
  154. $ban_explanation = sprintf($txt['user_cannot_due_to'], implode(', ', $ban_restrictions), '<a href="' . $scripturl . '?action=admin;area=ban;sa=edit;bg=' . $row['id_ban_group'] . '">' . $row['name'] . '</a>');
  155. $context['member']['bans'][$row['id_ban_group']] = array(
  156. 'reason' => empty($row['reason']) ? '' : '<br /><br /><strong>' . $txt['ban_reason'] . ':</strong> ' . $row['reason'],
  157. 'cannot' => array(
  158. 'access' => !empty($row['cannot_access']),
  159. 'register' => !empty($row['cannot_register']),
  160. 'post' => !empty($row['cannot_post']),
  161. 'login' => !empty($row['cannot_login']),
  162. ),
  163. 'explanation' => $ban_explanation,
  164. );
  165. }
  166. $smcFunc['db_free_result']($request);
  167. }
  168. loadCustomFields($memID);
  169. }
  170. /**
  171. * Show all posts by the current user
  172. * @todo This function needs to be split up properly.
  173. *
  174. * @param int $memID id_member
  175. */
  176. function showPosts($memID)
  177. {
  178. global $txt, $user_info, $scripturl, $modSettings;
  179. global $context, $user_profile, $sourcedir, $smcFunc, $board;
  180. // Some initial context.
  181. $context['start'] = (int) $_REQUEST['start'];
  182. $context['current_member'] = $memID;
  183. // Create the tabs for the template.
  184. $context[$context['profile_menu_name']]['tab_data'] = array(
  185. 'title' => $txt['showPosts'],
  186. 'description' => $txt['showPosts_help'],
  187. 'icon' => 'profile_sm.gif',
  188. 'tabs' => array(
  189. 'messages' => array(
  190. ),
  191. 'topics' => array(
  192. ),
  193. 'attach' => array(
  194. ),
  195. ),
  196. );
  197. // Set the page title
  198. $context['page_title'] = $txt['showPosts'] . ' - ' . $user_profile[$memID]['real_name'];
  199. // Is the load average too high to allow searching just now?
  200. if (!empty($context['load_average']) && !empty($modSettings['loadavg_show_posts']) && $context['load_average'] >= $modSettings['loadavg_show_posts'])
  201. fatal_lang_error('loadavg_show_posts_disabled', false);
  202. // If we're specifically dealing with attachments use that function!
  203. if (isset($_GET['sa']) && $_GET['sa'] == 'attach')
  204. return showAttachments($memID);
  205. // Are we just viewing topics?
  206. $context['is_topics'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? true : false;
  207. // If just deleting a message, do it and then redirect back.
  208. if (isset($_GET['delete']) && !$context['is_topics'])
  209. {
  210. checkSession('get');
  211. // We need msg info for logging.
  212. $request = $smcFunc['db_query']('', '
  213. SELECT subject, id_member, id_topic, id_board
  214. FROM {db_prefix}messages
  215. WHERE id_msg = {int:id_msg}',
  216. array(
  217. 'id_msg' => (int) $_GET['delete'],
  218. )
  219. );
  220. $info = $smcFunc['db_fetch_row']($request);
  221. $smcFunc['db_free_result']($request);
  222. // Trying to remove a message that doesn't exist.
  223. if (empty($info))
  224. redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
  225. // We can be lazy, since removeMessage() will check the permissions for us.
  226. require_once($sourcedir . '/RemoveTopic.php');
  227. removeMessage((int) $_GET['delete']);
  228. // Add it to the mod log.
  229. if (allowedTo('delete_any') && (!allowedTo('delete_own') || $info[1] != $user_info['id']))
  230. logAction('delete', array('topic' => $info[2], 'subject' => $info[0], 'member' => $info[1], 'board' => $info[3]));
  231. // Back to... where we are now ;).
  232. redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
  233. }
  234. // Default to 10.
  235. if (empty($_REQUEST['viewscount']) || !is_numeric($_REQUEST['viewscount']))
  236. $_REQUEST['viewscount'] = '10';
  237. if ($context['is_topics'])
  238. $request = $smcFunc['db_query']('', '
  239. SELECT COUNT(*)
  240. FROM {db_prefix}topics AS t' . ($user_info['query_see_board'] == '1=1' ? '' : '
  241. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board AND {query_see_board})') . '
  242. WHERE t.id_member_started = {int:current_member}' . (!empty($board) ? '
  243. AND t.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  244. AND t.approved = {int:is_approved}'),
  245. array(
  246. 'current_member' => $memID,
  247. 'is_approved' => 1,
  248. 'board' => $board,
  249. )
  250. );
  251. else
  252. $request = $smcFunc['db_query']('', '
  253. SELECT COUNT(*)
  254. FROM {db_prefix}messages AS m' . ($user_info['query_see_board'] == '1=1' ? '' : '
  255. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})') . '
  256. WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
  257. AND m.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  258. AND m.approved = {int:is_approved}'),
  259. array(
  260. 'current_member' => $memID,
  261. 'is_approved' => 1,
  262. 'board' => $board,
  263. )
  264. );
  265. list ($msgCount) = $smcFunc['db_fetch_row']($request);
  266. $smcFunc['db_free_result']($request);
  267. $request = $smcFunc['db_query']('', '
  268. SELECT MIN(id_msg), MAX(id_msg)
  269. FROM {db_prefix}messages AS m
  270. WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
  271. AND m.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  272. AND m.approved = {int:is_approved}'),
  273. array(
  274. 'current_member' => $memID,
  275. 'is_approved' => 1,
  276. 'board' => $board,
  277. )
  278. );
  279. list ($min_msg_member, $max_msg_member) = $smcFunc['db_fetch_row']($request);
  280. $smcFunc['db_free_result']($request);
  281. $reverse = false;
  282. $range_limit = '';
  283. $maxIndex = (int) $modSettings['defaultMaxMessages'];
  284. // Make sure the starting place makes sense and construct our friend the page index.
  285. $context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=showposts' . ($context['is_topics'] ? ';sa=topics' : '') . (!empty($board) ? ';board=' . $board : ''), $context['start'], $msgCount, $maxIndex);
  286. $context['current_page'] = $context['start'] / $maxIndex;
  287. // Reverse the query if we're past 50% of the pages for better performance.
  288. $start = $context['start'];
  289. $reverse = $_REQUEST['start'] > $msgCount / 2;
  290. if ($reverse)
  291. {
  292. $maxIndex = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 && $msgCount > $context['start'] ? $msgCount - $context['start'] : (int) $modSettings['defaultMaxMessages'];
  293. $start = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 || $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] ? 0 : $msgCount - $context['start'] - $modSettings['defaultMaxMessages'];
  294. }
  295. // Guess the range of messages to be shown.
  296. if ($msgCount > 1000)
  297. {
  298. $margin = floor(($max_msg_member - $min_msg_member) * (($start + $modSettings['defaultMaxMessages']) / $msgCount) + .1 * ($max_msg_member - $min_msg_member));
  299. // Make a bigger margin for topics only.
  300. if ($context['is_topics'])
  301. {
  302. $margin *= 5;
  303. $range_limit = $reverse ? 't.id_first_msg < ' . ($min_msg_member + $margin) : 't.id_first_msg > ' . ($max_msg_member - $margin);
  304. }
  305. else
  306. $range_limit = $reverse ? 'm.id_msg < ' . ($min_msg_member + $margin) : 'm.id_msg > ' . ($max_msg_member - $margin);
  307. }
  308. // Find this user's posts. The left join on categories somehow makes this faster, weird as it looks.
  309. $looped = false;
  310. while (true)
  311. {
  312. if ($context['is_topics'])
  313. {
  314. $request = $smcFunc['db_query']('', '
  315. SELECT
  316. b.id_board, b.name AS bname, c.id_cat, c.name AS cname, t.id_member_started, t.id_first_msg, t.id_last_msg,
  317. t.approved, m.body, m.smileys_enabled, m.subject, m.poster_time, m.id_topic, m.id_msg
  318. FROM {db_prefix}topics AS t
  319. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  320. LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
  321. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
  322. WHERE t.id_member_started = {int:current_member}' . (!empty($board) ? '
  323. AND t.id_board = {int:board}' : '') . (empty($range_limit) ? '' : '
  324. AND ' . $range_limit) . '
  325. AND {query_see_board}' . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  326. AND t.approved = {int:is_approved} AND m.approved = {int:is_approved}') . '
  327. ORDER BY t.id_first_msg ' . ($reverse ? 'ASC' : 'DESC') . '
  328. LIMIT ' . $start . ', ' . $maxIndex,
  329. array(
  330. 'current_member' => $memID,
  331. 'is_approved' => 1,
  332. 'board' => $board,
  333. )
  334. );
  335. }
  336. else
  337. {
  338. $request = $smcFunc['db_query']('', '
  339. SELECT
  340. b.id_board, b.name AS bname, c.id_cat, c.name AS cname, m.id_topic, m.id_msg,
  341. t.id_member_started, t.id_first_msg, t.id_last_msg, m.body, m.smileys_enabled,
  342. m.subject, m.poster_time, m.approved
  343. FROM {db_prefix}messages AS m
  344. INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
  345. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  346. LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
  347. WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
  348. AND b.id_board = {int:board}' : '') . (empty($range_limit) ? '' : '
  349. AND ' . $range_limit) . '
  350. AND {query_see_board}' . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  351. AND t.approved = {int:is_approved} AND m.approved = {int:is_approved}') . '
  352. ORDER BY m.id_msg ' . ($reverse ? 'ASC' : 'DESC') . '
  353. LIMIT ' . $start . ', ' . $maxIndex,
  354. array(
  355. 'current_member' => $memID,
  356. 'is_approved' => 1,
  357. 'board' => $board,
  358. )
  359. );
  360. }
  361. // Make sure we quit this loop.
  362. if ($smcFunc['db_num_rows']($request) === $maxIndex || $looped)
  363. break;
  364. $looped = true;
  365. $range_limit = '';
  366. }
  367. // Start counting at the number of the first message displayed.
  368. $counter = $reverse ? $context['start'] + $maxIndex + 1 : $context['start'];
  369. $context['posts'] = array();
  370. $board_ids = array('own' => array(), 'any' => array());
  371. while ($row = $smcFunc['db_fetch_assoc']($request))
  372. {
  373. // Censor....
  374. censorText($row['body']);
  375. censorText($row['subject']);
  376. // Do the code.
  377. $row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
  378. // And the array...
  379. $context['posts'][$counter += $reverse ? -1 : 1] = array(
  380. 'body' => $row['body'],
  381. 'counter' => $counter,
  382. 'alternate' => $counter % 2,
  383. 'category' => array(
  384. 'name' => $row['cname'],
  385. 'id' => $row['id_cat']
  386. ),
  387. 'board' => array(
  388. 'name' => $row['bname'],
  389. 'id' => $row['id_board']
  390. ),
  391. 'topic' => $row['id_topic'],
  392. 'subject' => $row['subject'],
  393. 'start' => 'msg' . $row['id_msg'],
  394. 'time' => timeformat($row['poster_time']),
  395. 'timestamp' => forum_time(true, $row['poster_time']),
  396. 'id' => $row['id_msg'],
  397. 'can_reply' => false,
  398. 'can_mark_notify' => false,
  399. 'can_delete' => false,
  400. 'delete_possible' => ($row['id_first_msg'] != $row['id_msg'] || $row['id_last_msg'] == $row['id_msg']) && (empty($modSettings['edit_disable_time']) || $row['poster_time'] + $modSettings['edit_disable_time'] * 60 >= time()),
  401. 'approved' => $row['approved'],
  402. );
  403. if ($user_info['id'] == $row['id_member_started'])
  404. $board_ids['own'][$row['id_board']][] = $counter;
  405. $board_ids['any'][$row['id_board']][] = $counter;
  406. }
  407. $smcFunc['db_free_result']($request);
  408. // All posts were retrieved in reverse order, get them right again.
  409. if ($reverse)
  410. $context['posts'] = array_reverse($context['posts'], true);
  411. // These are all the permissions that are different from board to board..
  412. if ($context['is_topics'])
  413. $permissions = array(
  414. 'own' => array(
  415. 'post_reply_own' => 'can_reply',
  416. ),
  417. 'any' => array(
  418. 'post_reply_any' => 'can_reply',
  419. 'mark_any_notify' => 'can_mark_notify',
  420. )
  421. );
  422. else
  423. $permissions = array(
  424. 'own' => array(
  425. 'post_reply_own' => 'can_reply',
  426. 'delete_own' => 'can_delete',
  427. ),
  428. 'any' => array(
  429. 'post_reply_any' => 'can_reply',
  430. 'mark_any_notify' => 'can_mark_notify',
  431. 'delete_any' => 'can_delete',
  432. )
  433. );
  434. // For every permission in the own/any lists...
  435. foreach ($permissions as $type => $list)
  436. {
  437. foreach ($list as $permission => $allowed)
  438. {
  439. // Get the boards they can do this on...
  440. $boards = boardsAllowedTo($permission);
  441. // Hmm, they can do it on all boards, can they?
  442. if (!empty($boards) && $boards[0] == 0)
  443. $boards = array_keys($board_ids[$type]);
  444. // Now go through each board they can do the permission on.
  445. foreach ($boards as $board_id)
  446. {
  447. // There aren't any posts displayed from this board.
  448. if (!isset($board_ids[$type][$board_id]))
  449. continue;
  450. // Set the permission to true ;).
  451. foreach ($board_ids[$type][$board_id] as $counter)
  452. $context['posts'][$counter][$allowed] = true;
  453. }
  454. }
  455. }
  456. // Clean up after posts that cannot be deleted and quoted.
  457. $quote_enabled = empty($modSettings['disabledBBC']) || !in_array('quote', explode(',', $modSettings['disabledBBC']));
  458. foreach ($context['posts'] as $counter => $dummy)
  459. {
  460. $context['posts'][$counter]['can_delete'] &= $context['posts'][$counter]['delete_possible'];
  461. $context['posts'][$counter]['can_quote'] = $context['posts'][$counter]['can_reply'] && $quote_enabled;
  462. }
  463. }
  464. /**
  465. * Show all the attachments of a user.
  466. *
  467. * @param int $memID id_member
  468. */
  469. function showAttachments($memID)
  470. {
  471. global $txt, $user_info, $scripturl, $modSettings, $board;
  472. global $context, $user_profile, $sourcedir, $smcFunc;
  473. // OBEY permissions!
  474. $boardsAllowed = boardsAllowedTo('view_attachments');
  475. // Make sure we can't actually see anything...
  476. if (empty($boardsAllowed))
  477. $boardsAllowed = array(-1);
  478. // Get the total number of attachments they have posted.
  479. $request = $smcFunc['db_query']('', '
  480. SELECT COUNT(*)
  481. FROM {db_prefix}attachments AS a
  482. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg)
  483. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})
  484. WHERE a.attachment_type = {int:attachment_type}
  485. AND a.id_msg != {int:no_message}
  486. AND m.id_member = {int:current_member}' . (!empty($board) ? '
  487. AND b.id_board = {int:board}' : '') . (!in_array(0, $boardsAllowed) ? '
  488. AND b.id_board IN ({array_int:boards_list})' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  489. AND m.approved = {int:is_approved}'),
  490. array(
  491. 'boards_list' => $boardsAllowed,
  492. 'attachment_type' => 0,
  493. 'no_message' => 0,
  494. 'current_member' => $memID,
  495. 'is_approved' => 1,
  496. 'board' => $board,
  497. )
  498. );
  499. list ($attachCount) = $smcFunc['db_fetch_row']($request);
  500. $smcFunc['db_free_result']($request);
  501. $maxIndex = (int) $modSettings['defaultMaxMessages'];
  502. // What about ordering?
  503. $sortTypes = array(
  504. 'filename' => 'a.filename',
  505. 'downloads' => 'a.downloads',
  506. 'subject' => 'm.subject',
  507. 'posted' => 'm.poster_time',
  508. );
  509. $context['sort_order'] = isset($_GET['sort']) && isset($sortTypes[$_GET['sort']]) ? $_GET['sort'] : 'posted';
  510. $context['sort_direction'] = isset($_GET['asc']) ? 'up' : 'down';
  511. $sort = $sortTypes[$context['sort_order']];
  512. // Let's get ourselves a lovely page index.
  513. $context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=showposts;sa=attach;sort=' . $context['sort_order'] . ($context['sort_direction'] == 'up' ? ';asc' : ''), $context['start'], $attachCount, $maxIndex);
  514. // Retrieve some attachments.
  515. $request = $smcFunc['db_query']('', '
  516. SELECT a.id_attach, a.id_msg, a.filename, a.downloads, a.approved, m.id_msg, m.id_topic,
  517. m.id_board, m.poster_time, m.subject, b.name
  518. FROM {db_prefix}attachments AS a
  519. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg)
  520. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})
  521. WHERE a.attachment_type = {int:attachment_type}
  522. AND a.id_msg != {int:no_message}
  523. AND m.id_member = {int:current_member}' . (!empty($board) ? '
  524. AND b.id_board = {int:board}' : '') . (!in_array(0, $boardsAllowed) ? '
  525. AND b.id_board IN ({array_int:boards_list})' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  526. AND m.approved = {int:is_approved}') . '
  527. ORDER BY {raw:sort}
  528. LIMIT {int:offset}, {int:limit}',
  529. array(
  530. 'boards_list' => $boardsAllowed,
  531. 'attachment_type' => 0,
  532. 'no_message' => 0,
  533. 'current_member' => $memID,
  534. 'is_approved' => 1,
  535. 'board' => $board,
  536. 'sort' => $sort . ' ' . ($context['sort_direction'] == 'down' ? 'DESC' : 'ASC'),
  537. 'offset' => $context['start'],
  538. 'limit' => $maxIndex,
  539. )
  540. );
  541. $context['attachments'] = array();
  542. while ($row = $smcFunc['db_fetch_assoc']($request))
  543. {
  544. $row['subject'] = censorText($row['subject']);
  545. $context['attachments'][] = array(
  546. 'id' => $row['id_attach'],
  547. 'filename' => $row['filename'],
  548. 'downloads' => $row['downloads'],
  549. 'subject' => $row['subject'],
  550. 'posted' => timeformat($row['poster_time']),
  551. 'msg' => $row['id_msg'],
  552. 'topic' => $row['id_topic'],
  553. 'board' => $row['id_board'],
  554. 'board_name' => $row['name'],
  555. 'approved' => $row['approved'],
  556. );
  557. }
  558. $smcFunc['db_free_result']($request);
  559. }
  560. /**
  561. * Gets the user stats for display
  562. *
  563. * @param int $memID id_member
  564. */
  565. function statPanel($memID)
  566. {
  567. global $txt, $scripturl, $context, $user_profile, $user_info, $modSettings, $smcFunc;
  568. $context['page_title'] = $txt['statPanel_showStats'] . ' ' . $user_profile[$memID]['real_name'];
  569. // General user statistics.
  570. $timeDays = floor($user_profile[$memID]['total_time_logged_in'] / 86400);
  571. $timeHours = floor(($user_profile[$memID]['total_time_logged_in'] % 86400) / 3600);
  572. $context['time_logged_in'] = ($timeDays > 0 ? $timeDays . $txt['totalTimeLogged2'] : '') . ($timeHours > 0 ? $timeHours . $txt['totalTimeLogged3'] : '') . floor(($user_profile[$memID]['total_time_logged_in'] % 3600) / 60) . $txt['totalTimeLogged4'];
  573. $context['num_posts'] = comma_format($user_profile[$memID]['posts']);
  574. // Number of topics started.
  575. $result = $smcFunc['db_query']('', '
  576. SELECT COUNT(*)
  577. FROM {db_prefix}topics
  578. WHERE id_member_started = {int:current_member}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  579. AND id_board != {int:recycle_board}' : ''),
  580. array(
  581. 'current_member' => $memID,
  582. 'recycle_board' => $modSettings['recycle_board'],
  583. )
  584. );
  585. list ($context['num_topics']) = $smcFunc['db_fetch_row']($result);
  586. $smcFunc['db_free_result']($result);
  587. // Number polls started.
  588. $result = $smcFunc['db_query']('', '
  589. SELECT COUNT(*)
  590. FROM {db_prefix}topics
  591. WHERE id_member_started = {int:current_member}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  592. AND id_board != {int:recycle_board}' : '') . '
  593. AND id_poll != {int:no_poll}',
  594. array(
  595. 'current_member' => $memID,
  596. 'recycle_board' => $modSettings['recycle_board'],
  597. 'no_poll' => 0,
  598. )
  599. );
  600. list ($context['num_polls']) = $smcFunc['db_fetch_row']($result);
  601. $smcFunc['db_free_result']($result);
  602. // Number polls voted in.
  603. $result = $smcFunc['db_query']('distinct_poll_votes', '
  604. SELECT COUNT(DISTINCT id_poll)
  605. FROM {db_prefix}log_polls
  606. WHERE id_member = {int:current_member}',
  607. array(
  608. 'current_member' => $memID,
  609. )
  610. );
  611. list ($context['num_votes']) = $smcFunc['db_fetch_row']($result);
  612. $smcFunc['db_free_result']($result);
  613. // Format the numbers...
  614. $context['num_topics'] = comma_format($context['num_topics']);
  615. $context['num_polls'] = comma_format($context['num_polls']);
  616. $context['num_votes'] = comma_format($context['num_votes']);
  617. // Grab the board this member posted in most often.
  618. $result = $smcFunc['db_query']('', '
  619. SELECT
  620. b.id_board, MAX(b.name) AS name, MAX(b.num_posts) AS num_posts, COUNT(*) AS message_count
  621. FROM {db_prefix}messages AS m
  622. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  623. WHERE m.id_member = {int:current_member}
  624. AND b.count_posts = {int:count_enabled}
  625. AND {query_see_board}
  626. GROUP BY b.id_board
  627. ORDER BY message_count DESC
  628. LIMIT 10',
  629. array(
  630. 'current_member' => $memID,
  631. 'count_enabled' => 0,
  632. )
  633. );
  634. $context['popular_boards'] = array();
  635. while ($row = $smcFunc['db_fetch_assoc']($result))
  636. {
  637. $context['popular_boards'][$row['id_board']] = array(
  638. 'id' => $row['id_board'],
  639. 'posts' => $row['message_count'],
  640. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  641. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['name'] . '</a>',
  642. 'posts_percent' => $user_profile[$memID]['posts'] == 0 ? 0 : ($row['message_count'] * 100) / $user_profile[$memID]['posts'],
  643. 'total_posts' => $row['num_posts'],
  644. 'total_posts_member' => $user_profile[$memID]['posts'],
  645. );
  646. }
  647. $smcFunc['db_free_result']($result);
  648. // Now get the 10 boards this user has most often participated in.
  649. $result = $smcFunc['db_query']('profile_board_stats', '
  650. SELECT
  651. b.id_board, MAX(b.name) AS name, b.num_posts, COUNT(*) AS message_count,
  652. CASE WHEN COUNT(*) > MAX(b.num_posts) THEN 1 ELSE COUNT(*) / MAX(b.num_posts) END * 100 AS percentage
  653. FROM {db_prefix}messages AS m
  654. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  655. WHERE m.id_member = {int:current_member}
  656. AND {query_see_board}
  657. GROUP BY b.id_board, b.num_posts
  658. ORDER BY percentage DESC
  659. LIMIT 10',
  660. array(
  661. 'current_member' => $memID,
  662. )
  663. );
  664. $context['board_activity'] = array();
  665. while ($row = $smcFunc['db_fetch_assoc']($result))
  666. {
  667. $context['board_activity'][$row['id_board']] = array(
  668. 'id' => $row['id_board'],
  669. 'posts' => $row['message_count'],
  670. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  671. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['name'] . '</a>',
  672. 'percent' => comma_format((float) $row['percentage'], 2),
  673. 'posts_percent' => (float) $row['percentage'],
  674. 'total_posts' => $row['num_posts'],
  675. );
  676. }
  677. $smcFunc['db_free_result']($result);
  678. // Posting activity by time.
  679. $result = $smcFunc['db_query']('user_activity_by_time', '
  680. SELECT
  681. HOUR(FROM_UNIXTIME(poster_time + {int:time_offset})) AS hour,
  682. COUNT(*) AS post_count
  683. FROM {db_prefix}messages
  684. WHERE id_member = {int:current_member}' . ($modSettings['totalMessages'] > 100000 ? '
  685. AND id_topic > {int:top_ten_thousand_topics}' : '') . '
  686. GROUP BY hour',
  687. array(
  688. 'current_member' => $memID,
  689. 'top_ten_thousand_topics' => $modSettings['totalTopics'] - 10000,
  690. 'time_offset' => (($user_info['time_offset'] + $modSettings['time_offset']) * 3600),
  691. )
  692. );
  693. $maxPosts = $realPosts = 0;
  694. $context['posts_by_time'] = array();
  695. while ($row = $smcFunc['db_fetch_assoc']($result))
  696. {
  697. // Cast as an integer to remove the leading 0.
  698. $row['hour'] = (int) $row['hour'];
  699. $maxPosts = max($row['post_count'], $maxPosts);
  700. $realPosts += $row['post_count'];
  701. $context['posts_by_time'][$row['hour']] = array(
  702. 'hour' => $row['hour'],
  703. 'hour_format' => stripos($user_info['time_format'], '%p') === false ? $row['hour'] : date('g a', mktime($row['hour'])),
  704. 'posts' => $row['post_count'],
  705. 'posts_percent' => 0,
  706. 'is_last' => $row['hour'] == 23,
  707. );
  708. }
  709. $smcFunc['db_free_result']($result);
  710. if ($maxPosts > 0)
  711. for ($hour = 0; $hour < 24; $hour++)
  712. {
  713. if (!isset($context['posts_by_time'][$hour]))
  714. $context['posts_by_time'][$hour] = array(
  715. 'hour' => $hour,
  716. 'hour_format' => stripos($user_info['time_format'], '%p') === false ? $hour : date('g a', mktime($hour)),
  717. 'posts' => 0,
  718. 'posts_percent' => 0,
  719. 'relative_percent' => 0,
  720. 'is_last' => $hour == 23,
  721. );
  722. else
  723. {
  724. $context['posts_by_time'][$hour]['posts_percent'] = round(($context['posts_by_time'][$hour]['posts'] * 100) / $realPosts);
  725. $context['posts_by_time'][$hour]['relative_percent'] = round(($context['posts_by_time'][$hour]['posts'] * 100) / $maxPosts);
  726. }
  727. }
  728. // Put it in the right order.
  729. ksort($context['posts_by_time']);
  730. }
  731. /**
  732. * @todo needs a description
  733. *
  734. * @param int $memID id_member
  735. */
  736. function tracking($memID)
  737. {
  738. global $sourcedir, $context, $txt, $scripturl, $modSettings, $user_profile;
  739. $subActions = array(
  740. 'activity' => array('trackActivity', $txt['trackActivity']),
  741. 'ip' => array('TrackIP', $txt['trackIP']),
  742. 'edits' => array('trackEdits', $txt['trackEdits']),
  743. 'logins' => array('TrackLogins', $txt['trackLogins']),
  744. );
  745. $context['tracking_area'] = isset($_GET['sa']) && isset($subActions[$_GET['sa']]) ? $_GET['sa'] : 'activity';
  746. // @todo what is $types? it is never set so this will never be true
  747. if (isset($types[$context['tracking_area']][1]))
  748. require_once($sourcedir . '/' . $types[$context['tracking_area']][1]);
  749. // Create the tabs for the template.
  750. $context[$context['profile_menu_name']]['tab_data'] = array(
  751. 'title' => $txt['tracking'],
  752. 'description' => $txt['tracking_description'],
  753. 'icon' => 'profile_sm.gif',
  754. 'tabs' => array(
  755. 'activity' => array(),
  756. 'ip' => array(),
  757. 'edits' => array(),
  758. ),
  759. );
  760. // Moderation must be on to track edits.
  761. if (empty($modSettings['modlog_enabled']))
  762. unset($context[$context['profile_menu_name']]['tab_data']['edits']);
  763. // Set a page title.
  764. $context['page_title'] = $txt['trackUser'] . ' - ' . $subActions[$context['tracking_area']][1] . ' - ' . $user_profile[$memID]['real_name'];
  765. // Pass on to the actual function.
  766. $context['sub_template'] = $subActions[$context['tracking_area']][0];
  767. $subActions[$context['tracking_area']][0]($memID);
  768. }
  769. /**
  770. * @todo needs a description
  771. *
  772. * @param int $memID id_member
  773. */
  774. function trackActivity($memID)
  775. {
  776. global $scripturl, $txt, $modSettings, $sourcedir;
  777. global $user_profile, $context, $smcFunc;
  778. // Verify if the user has sufficient permissions.
  779. isAllowedTo('moderate_forum');
  780. $context['last_ip'] = $user_profile[$memID]['member_ip'];
  781. if ($context['last_ip'] != $user_profile[$memID]['member_ip2'])
  782. $context['last_ip2'] = $user_profile[$memID]['member_ip2'];
  783. $context['member']['name'] = $user_profile[$memID]['real_name'];
  784. // Set the options for the list component.
  785. $listOptions = array(
  786. 'id' => 'track_user_list',
  787. 'title' => $txt['errors_by'] . ' ' . $context['member']['name'],
  788. 'items_per_page' => $modSettings['defaultMaxMessages'],
  789. 'no_items_label' => $txt['no_errors_from_user'],
  790. 'base_href' => $scripturl . '?action=profile;area=tracking;sa=user;u=' . $memID,
  791. 'default_sort_col' => 'date',
  792. 'get_items' => array(
  793. 'function' => 'list_getUserErrors',
  794. 'params' => array(
  795. 'le.id_member = {int:current_member}',
  796. array('current_member' => $memID),
  797. ),
  798. ),
  799. 'get_count' => array(
  800. 'function' => 'list_getUserErrorCount',
  801. 'params' => array(
  802. 'id_member = {int:current_member}',
  803. array('current_member' => $memID),
  804. ),
  805. ),
  806. 'columns' => array(
  807. 'ip_address' => array(
  808. 'header' => array(
  809. 'value' => $txt['ip_address'],
  810. ),
  811. 'data' => array(
  812. 'sprintf' => array(
  813. 'format' => '<a href="' . $scripturl . '?action=profile;area=tracking;sa=ip;searchip=%1$s;u=' . $memID. '">%1$s</a>',
  814. 'params' => array(
  815. 'ip' => false,
  816. ),
  817. ),
  818. ),
  819. 'sort' => array(
  820. 'default' => 'le.ip',
  821. 'reverse' => 'le.ip DESC',
  822. ),
  823. ),
  824. 'message' => array(
  825. 'header' => array(
  826. 'value' => $txt['message'],
  827. ),
  828. 'data' => array(
  829. 'sprintf' => array(
  830. 'format' => '%1$s<br /><a href="%2$s">%2$s</a>',
  831. 'params' => array(
  832. 'message' => false,
  833. 'url' => false,
  834. ),
  835. ),
  836. ),
  837. ),
  838. 'date' => array(
  839. 'header' => array(
  840. 'value' => $txt['date'],
  841. ),
  842. 'data' => array(
  843. 'db' => 'time',
  844. ),
  845. 'sort' => array(
  846. 'default' => 'le.id_error DESC',
  847. 'reverse' => 'le.id_error',
  848. ),
  849. ),
  850. ),
  851. 'additional_rows' => array(
  852. array(
  853. 'position' => 'after_title',
  854. 'value' => $txt['errors_desc'],
  855. 'class' => 'smalltext',
  856. 'style' => 'padding: 2ex;',
  857. ),
  858. ),
  859. );
  860. // Create the list for viewing.
  861. require_once($sourcedir . '/Subs-List.php');
  862. createList($listOptions);
  863. // @todo cache this
  864. // If this is a big forum, or a large posting user, let's limit the search.
  865. if ($modSettings['totalMessages'] > 50000 && $user_profile[$memID]['posts'] > 500)
  866. {
  867. $request = $smcFunc['db_query']('', '
  868. SELECT MAX(id_msg)
  869. FROM {db_prefix}messages AS m
  870. WHERE m.id_member = {int:current_member}',
  871. array(
  872. 'current_member' => $memID,
  873. )
  874. );
  875. list ($max_msg_member) = $smcFunc['db_fetch_row']($request);
  876. $smcFunc['db_free_result']($request);
  877. // There's no point worrying ourselves with messages made yonks ago, just get recent ones!
  878. $min_msg_member = max(0, $max_msg_member - $user_profile[$memID]['posts'] * 3);
  879. }
  880. // Default to at least the ones we know about.
  881. $ips = array(
  882. $user_profile[$memID]['member_ip'],
  883. $user_profile[$memID]['member_ip2'],
  884. );
  885. // @todo cache this
  886. // Get all IP addresses this user has used for his messages.
  887. $request = $smcFunc['db_query']('', '
  888. SELECT poster_ip
  889. FROM {db_prefix}messages
  890. WHERE id_member = {int:current_member}
  891. ' . (isset($min_msg_member) ? '
  892. AND id_msg >= {int:min_msg_member} AND id_msg <= {int:max_msg_member}' : '') . '
  893. GROUP BY poster_ip',
  894. array(
  895. 'current_member' => $memID,
  896. 'min_msg_member' => !empty($min_msg_member) ? $min_msg_member : 0,
  897. 'max_msg_member' => !empty($max_msg_member) ? $max_msg_member : 0,
  898. )
  899. );
  900. $context['ips'] = array();
  901. while ($row = $smcFunc['db_fetch_assoc']($request))
  902. {
  903. $context['ips'][] = '<a href="' . $scripturl . '?action=profile;area=tracking;sa=ip;searchip=' . $row['poster_ip'] . ';u=' . $memID . '">' . $row['poster_ip'] . '</a>';
  904. $ips[] = $row['poster_ip'];
  905. }
  906. $smcFunc['db_free_result']($request);
  907. // Now also get the IP addresses from the error messages.
  908. $request = $smcFunc['db_query']('', '
  909. SELECT COUNT(*) AS error_count, ip
  910. FROM {db_prefix}log_errors
  911. WHERE id_member = {int:current_member}
  912. GROUP BY ip',
  913. array(
  914. 'current_member' => $memID,
  915. )
  916. );
  917. $context['error_ips'] = array();
  918. while ($row = $smcFunc['db_fetch_assoc']($request))
  919. {
  920. $context['error_ips'][] = '<a href="' . $scripturl . '?action=profile;area=tracking;sa=ip;searchip=' . $row['ip'] . ';u=' . $memID . '">' . $row['ip'] . '</a>';
  921. $ips[] = $row['ip'];
  922. }
  923. $smcFunc['db_free_result']($request);
  924. // Find other users that might use the same IP.
  925. $ips = array_unique($ips);
  926. $context['members_in_range'] = array();
  927. if (!empty($ips))
  928. {
  929. // Get member ID's which are in messages...
  930. $request = $smcFunc['db_query']('', '
  931. SELECT mem.id_member
  932. FROM {db_prefix}messages AS m
  933. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  934. WHERE m.poster_ip IN ({array_string:ip_list})
  935. GROUP BY mem.id_member
  936. HAVING mem.id_member != {int:current_member}',
  937. array(
  938. 'current_member' => $memID,
  939. 'ip_list' => $ips,
  940. )
  941. );
  942. $message_members = array();
  943. while ($row = $smcFunc['db_fetch_assoc']($request))
  944. $message_members[] = $row['id_member'];
  945. $smcFunc['db_free_result']($request);
  946. // Fetch their names, cause of the GROUP BY doesn't like giving us that normally.
  947. if (!empty($message_members))
  948. {
  949. $request = $smcFunc['db_query']('', '
  950. SELECT id_member, real_name
  951. FROM {db_prefix}members
  952. WHERE id_member IN ({array_int:message_members})',
  953. array(
  954. 'message_members' => $message_members,
  955. 'ip_list' => $ips,
  956. )
  957. );
  958. while ($row = $smcFunc['db_fetch_assoc']($request))
  959. $context['members_in_range'][$row['id_member']] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>';
  960. $smcFunc['db_free_result']($request);
  961. }
  962. $request = $smcFunc['db_query']('', '
  963. SELECT id_member, real_name
  964. FROM {db_prefix}members
  965. WHERE id_member != {int:current_member}
  966. AND member_ip IN ({array_string:ip_list})',
  967. array(
  968. 'current_member' => $memID,
  969. 'ip_list' => $ips,
  970. )
  971. );
  972. while ($row = $smcFunc['db_fetch_assoc']($request))
  973. $context['members_in_range'][$row['id_member']] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>';
  974. $smcFunc['db_free_result']($request);
  975. }
  976. }
  977. /**
  978. * Get the number of user errors
  979. *
  980. * @param string $where
  981. * @param array $where_vars = array()
  982. * @return string number of user errors
  983. */
  984. function list_getUserErrorCount($where, $where_vars = array())
  985. {
  986. global $smcFunc;
  987. $request = $smcFunc['db_query']('', '
  988. SELECT COUNT(*) AS error_count
  989. FROM {db_prefix}log_errors
  990. WHERE ' . $where,
  991. $where_vars
  992. );
  993. list ($count) = $smcFunc['db_fetch_row']($request);
  994. $smcFunc['db_free_result']($request);
  995. // @todo cast this to an integer
  996. return $count;
  997. }
  998. /**
  999. * @todo needs a description
  1000. *
  1001. * @param int $start
  1002. * @param int $items_per_page
  1003. * @param string $sort
  1004. * @param string $where
  1005. * @param array $where_vars
  1006. * @return array error messages
  1007. */
  1008. function list_getUserErrors($start, $items_per_page, $sort, $where, $where_vars = array())
  1009. {
  1010. global $smcFunc, $txt, $scripturl;
  1011. // Get a list of error messages from this ip (range).
  1012. $request = $smcFunc['db_query']('', '
  1013. SELECT
  1014. le.log_time, le.ip, le.url, le.message, IFNULL(mem.id_member, 0) AS id_member,
  1015. IFNULL(mem.real_name, {string:guest_title}) AS display_name, mem.member_name
  1016. FROM {db_prefix}log_errors AS le
  1017. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = le.id_member)
  1018. WHERE ' . $where . '
  1019. ORDER BY ' . $sort . '
  1020. LIMIT ' . $start . ', ' . $items_per_page,
  1021. array_merge($where_vars, array(
  1022. 'guest_title' => $txt['guest_title'],
  1023. ))
  1024. );
  1025. $error_messages = array();
  1026. while ($row = $smcFunc['db_fetch_assoc']($request))
  1027. $error_messages[] = array(
  1028. 'ip' => $row['ip'],
  1029. 'member_link' => $row['id_member'] > 0 ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['display_name'] . '</a>' : $row['display_name'],
  1030. 'message' => strtr($row['message'], array('&lt;span class=&quot;remove&quot;&gt;' => '', '&lt;/span&gt;' => '')),
  1031. 'url' => $row['url'],
  1032. 'time' => timeformat($row['log_time']),
  1033. 'timestamp' => forum_time(true, $row['log_time']),
  1034. );
  1035. $smcFunc['db_free_result']($request);
  1036. return $error_messages;
  1037. }
  1038. /**
  1039. * @todo needs a description
  1040. *
  1041. * @param string $where
  1042. * @param array $where_vars
  1043. * @return string count of messages matching the IP
  1044. */
  1045. function list_getIPMessageCount($where, $where_vars = array())
  1046. {
  1047. global $smcFunc;
  1048. $request = $smcFunc['db_query']('', '
  1049. SELECT COUNT(*) AS message_count
  1050. FROM {db_prefix}messages AS m
  1051. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  1052. WHERE {query_see_board} AND ' . $where,
  1053. $where_vars
  1054. );
  1055. list ($count) = $smcFunc['db_fetch_row']($request);
  1056. $smcFunc['db_free_result']($request);
  1057. // @todo cast to integer
  1058. return $count;
  1059. }
  1060. /**
  1061. * @todo needs a description
  1062. *
  1063. * @param int $start
  1064. * @param int $items_per_page
  1065. * @param string $sort
  1066. * @param string $where
  1067. * @param array $where_vars
  1068. * @return array an array of messages
  1069. */
  1070. function list_getIPMessages($start, $items_per_page, $sort, $where, $where_vars = array())
  1071. {
  1072. global $smcFunc, $txt, $scripturl;
  1073. // Get all the messages fitting this where clause.
  1074. // @todo SLOW This query is using a filesort.
  1075. $request = $smcFunc['db_query']('', '
  1076. SELECT
  1077. m.id_msg, m.poster_ip, IFNULL(mem.real_name, m.poster_name) AS display_name, mem.id_member,
  1078. m.subject, m.poster_time, m.id_topic, m.id_board
  1079. FROM {db_prefix}messages AS m
  1080. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  1081. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  1082. WHERE {query_see_board} AND ' . $where . '
  1083. ORDER BY ' . $sort . '
  1084. LIMIT ' . $start . ', ' . $items_per_page,
  1085. array_merge($where_vars, array(
  1086. ))
  1087. );
  1088. $messages = array();
  1089. while ($row = $smcFunc['db_fetch_assoc']($request))
  1090. $messages[] = array(
  1091. 'ip' => $row['poster_ip'],
  1092. 'member_link' => empty($row['id_member']) ? $row['display_name'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['display_name'] . '</a>',
  1093. 'board' => array(
  1094. 'id' => $row['id_board'],
  1095. 'href' => $scripturl . '?board=' . $row['id_board']
  1096. ),
  1097. 'topic' => $row['id_topic'],
  1098. 'id' => $row['id_msg'],
  1099. 'subject' => $row['subject'],
  1100. 'time' => timeformat($row['poster_time']),
  1101. 'timestamp' => forum_time(true, $row['poster_time'])
  1102. );
  1103. $smcFunc['db_free_result']($request);
  1104. return $messages;
  1105. }
  1106. /**
  1107. * @todo needs a description
  1108. *
  1109. * @param int $memID = 0 id_member
  1110. */
  1111. function TrackIP($memID = 0)
  1112. {
  1113. global $user_profile, $scripturl, $txt, $user_info, $modSettings, $sourcedir;
  1114. global $context, $smcFunc;
  1115. // Can the user do this?
  1116. isAllowedTo('moderate_forum');
  1117. if ($memID == 0)
  1118. {
  1119. $context['ip'] = $user_info['ip'];
  1120. loadTemplate('Profile');
  1121. loadLanguage('Profile');
  1122. $context['sub_template'] = 'trackIP';
  1123. $context['page_title'] = $txt['profile'];
  1124. $context['base_url'] = $scripturl . '?action=trackip';
  1125. }
  1126. else
  1127. {
  1128. $context['ip'] = $user_profile[$memID]['member_ip'];
  1129. $context['base_url'] = $scripturl . '?action=profile;area=tracking;sa=ip;u=' . $memID;
  1130. }
  1131. // Searching?
  1132. if (isset($_REQUEST['searchip']))
  1133. $context['ip'] = trim($_REQUEST['searchip']);
  1134. if (preg_match('/^\d{1,3}\.(\d{1,3}|\*)\.(\d{1,3}|\*)\.(\d{1,3}|\*)$/', $context['ip']) == 0 && isValidIPv6($context['ip']) === false)
  1135. fatal_lang_error('invalid_tracking_ip', false);
  1136. $ip_var = str_replace('*', '%', $context['ip']);
  1137. $ip_string = strpos($ip_var, '%') === false ? '= {string:ip_address}' : 'LIKE {string:ip_address}';
  1138. if (empty($context['tracking_area']))
  1139. $context['page_title'] = $txt['trackIP'] . ' - ' . $context['ip'];
  1140. $request = $smcFunc['db_query']('', '
  1141. SELECT id_member, real_name AS display_name, member_ip
  1142. FROM {db_prefix}members
  1143. WHERE member_ip ' . $ip_string,
  1144. array(
  1145. 'ip_address' => $ip_var,
  1146. )
  1147. );
  1148. $context['ips'] = array();
  1149. while ($row = $smcFunc['db_fetch_assoc']($request))
  1150. $context['ips'][$row['member_ip']][] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['display_name'] . '</a>';
  1151. $smcFunc['db_free_result']($request);
  1152. ksort($context['ips']);
  1153. // Gonna want this for the list.
  1154. require_once($sourcedir . '/Subs-List.php');
  1155. // Start with the user messages.
  1156. $listOptions = array(
  1157. 'id' => 'track_message_list',
  1158. 'title' => $txt['messages_from_ip'] . ' ' . $context['ip'],
  1159. 'start_var_name' => 'messageStart',
  1160. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1161. 'no_items_label' => $txt['no_messages_from_ip'],
  1162. 'base_href' => $context['base_url'] . ';searchip=' . $context['ip'],
  1163. 'default_sort_col' => 'date',
  1164. 'get_items' => array(
  1165. 'function' => 'list_getIPMessages',
  1166. 'params' => array(
  1167. 'm.poster_ip ' . $ip_string,
  1168. array('ip_address' => $ip_var),
  1169. ),
  1170. ),
  1171. 'get_count' => array(
  1172. 'function' => 'list_getIPMessageCount',
  1173. 'params' => array(
  1174. 'm.poster_ip ' . $ip_string,
  1175. array('ip_address' => $ip_var),
  1176. ),
  1177. ),
  1178. 'columns' => array(
  1179. 'ip_address' => array(
  1180. 'header' => array(
  1181. 'value' => $txt['ip_address'],
  1182. ),
  1183. 'data' => array(
  1184. 'sprintf' => array(
  1185. 'format' => '<a href="' . $context['base_url'] . ';searchip=%1$s">%1$s</a>',
  1186. 'params' => array(
  1187. 'ip' => false,
  1188. ),
  1189. ),
  1190. ),
  1191. 'sort' => array(
  1192. 'default' => 'INET_ATON(m.poster_ip)',
  1193. 'reverse' => 'INET_ATON(m.poster_ip) DESC',
  1194. ),
  1195. ),
  1196. 'poster' => array(
  1197. 'header' => array(
  1198. 'value' => $txt['poster'],
  1199. ),
  1200. 'data' => array(
  1201. 'db' => 'member_link',
  1202. ),
  1203. ),
  1204. 'subject' => array(
  1205. 'header' => array(
  1206. 'value' => $txt['subject'],
  1207. ),
  1208. 'data' => array(
  1209. 'sprintf' => array(
  1210. 'format' => '<a href="' . $scripturl . '?topic=%1$s.msg%2$s#msg%2$s" rel="nofollow">%3$s</a>',
  1211. 'params' => array(
  1212. 'topic' => false,
  1213. 'id' => false,
  1214. 'subject' => false,
  1215. ),
  1216. ),
  1217. ),
  1218. ),
  1219. 'date' => array(
  1220. 'header' => array(
  1221. 'value' => $txt['date'],
  1222. ),
  1223. 'data' => array(
  1224. 'db' => 'time',
  1225. ),
  1226. 'sort' => array(
  1227. 'default' => 'm.id_msg DESC',
  1228. 'reverse' => 'm.id_msg',
  1229. ),
  1230. ),
  1231. ),
  1232. 'additional_rows' => array(
  1233. array(
  1234. 'position' => 'after_title',
  1235. 'value' => $txt['messages_from_ip_desc'],
  1236. 'class' => 'smalltext',
  1237. 'style' => 'padding: 2ex;',
  1238. ),
  1239. ),
  1240. );
  1241. // Create the messages list.
  1242. createList($listOptions);
  1243. // Set the options for the error lists.
  1244. $listOptions = array(
  1245. 'id' => 'track_user_list',
  1246. 'title' => $txt['errors_from_ip'] . ' ' . $context['ip'],
  1247. 'start_var_name' => 'errorStart',
  1248. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1249. 'no_items_label' => $txt['no_errors_from_ip'],
  1250. 'base_href' => $context['base_url'] . ';searchip=' . $context['ip'],
  1251. 'default_sort_col' => 'date2',
  1252. 'get_items' => array(
  1253. 'function' => 'list_getUserErrors',
  1254. 'params' => array(
  1255. 'le.ip ' . $ip_string,
  1256. array('ip_address' => $ip_var),
  1257. ),
  1258. ),
  1259. 'get_count' => array(
  1260. 'function' => 'list_getUserErrorCount',
  1261. 'params' => array(
  1262. 'ip ' . $ip_string,
  1263. array('ip_address' => $ip_var),
  1264. ),
  1265. ),
  1266. 'columns' => array(
  1267. 'ip_address2' => array(
  1268. 'header' => array(
  1269. 'value' => $txt['ip_address'],
  1270. ),
  1271. 'data' => array(
  1272. 'sprintf' => array(
  1273. 'format' => '<a href="' . $context['base_url'] . ';searchip=%1$s">%1$s</a>',
  1274. 'params' => array(
  1275. 'ip' => false,
  1276. ),
  1277. ),
  1278. ),
  1279. 'sort' => array(
  1280. 'default' => 'INET_ATON(le.ip)',
  1281. 'reverse' => 'INET_ATON(le.ip) DESC',
  1282. ),
  1283. ),
  1284. 'display_name' => array(
  1285. 'header' => array(
  1286. 'value' => $txt['display_name'],
  1287. ),
  1288. 'data' => array(
  1289. 'db' => 'member_link',
  1290. ),
  1291. ),
  1292. 'message' => array(
  1293. 'header' => array(
  1294. 'value' => $txt['message'],
  1295. ),
  1296. 'data' => array(
  1297. 'sprintf' => array(
  1298. 'format' => '%1$s<br /><a href="%2$s">%2$s</a>',
  1299. 'params' => array(
  1300. 'message' => false,
  1301. 'url' => false,
  1302. ),
  1303. ),
  1304. ),
  1305. ),
  1306. 'date2' => array(
  1307. 'header' => array(
  1308. 'value' => $txt['date'],
  1309. ),
  1310. 'data' => array(
  1311. 'db' => 'time',
  1312. ),
  1313. 'sort' => array(
  1314. 'default' => 'le.id_error DESC',
  1315. 'reverse' => 'le.id_error',
  1316. ),
  1317. ),
  1318. ),
  1319. 'additional_rows' => array(
  1320. array(
  1321. 'position' => 'after_title',
  1322. 'value' => $txt['errors_from_ip_desc'],
  1323. 'class' => 'smalltext',
  1324. 'style' => 'padding: 2ex;',
  1325. ),
  1326. ),
  1327. );
  1328. // Create the error list.
  1329. createList($listOptions);
  1330. $context['single_ip'] = strpos($context['ip'], '*') === false;
  1331. if ($context['single_ip'])
  1332. {
  1333. $context['whois_servers'] = array(
  1334. 'afrinic' => array(
  1335. 'name' => $txt['whois_afrinic'],
  1336. 'url' => 'http://www.afrinic.net/cgi-bin/whois?searchtext=' . $context['ip'],
  1337. 'range' => array(41, 154, 196),
  1338. ),
  1339. 'apnic' => array(
  1340. 'name' => $txt['whois_apnic'],
  1341. 'url' => 'http://wq.apnic.net/apnic-bin/whois.pl?searchtext=' . $context['ip'],
  1342. 'range' => array(58, 59, 60, 61, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124,
  1343. 125, 126, 133, 150, 153, 163, 171, 202, 203, 210, 211, 218, 219, 220, 221, 222),
  1344. ),
  1345. 'arin' => array(
  1346. 'name' => $txt['whois_arin'],
  1347. 'url' => 'http://whois.arin.net/rest/ip/' . $context['ip'],
  1348. 'range' => array(7, 24, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 96, 97, 98, 99,
  1349. 128, 129, 130, 131, 132, 134, 135, 136, 137, 138, 139, 140, 142, 143, 144, 146, 147, 148, 149,
  1350. 152, 155, 156, 157, 158, 159, 160, 161, 162, 164, 165, 166, 167, 168, 169, 170, 172, 173, 174,
  1351. 192, 198, 199, 204, 205, 206, 207, 208, 209, 216),
  1352. ),
  1353. 'lacnic' => array(
  1354. 'name' => $txt['whois_lacnic'],
  1355. 'url' => 'http://lacnic.net/cgi-bin/lacnic/whois?query=' . $context['ip'],
  1356. 'range' => array(186, 187, 189, 190, 191, 200, 201),
  1357. ),
  1358. 'ripe' => array(
  1359. 'name' => $txt['whois_ripe'],
  1360. 'url' => 'http://www.db.ripe.net/whois?searchtext=' . $context['ip'],
  1361. 'range' => array(62, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95,
  1362. 141, 145, 151, 188, 193, 194, 195, 212, 213, 217),
  1363. ),
  1364. );
  1365. foreach ($context['whois_servers'] as $whois)
  1366. {
  1367. // Strip off the "decimal point" and anything following...
  1368. if (in_array((int) $context['ip'], $whois['range']))
  1369. $context['auto_whois_server'] = $whois;
  1370. }
  1371. }
  1372. }
  1373. /**
  1374. * Tracks a users logins.
  1375. *
  1376. * @param int $memID = 0 id_member
  1377. */
  1378. function TrackLogins($memID = 0)
  1379. {
  1380. global $user_profile, $scripturl, $txt, $user_info, $modSettings, $sourcedir;
  1381. global $context, $smcFunc;
  1382. // Gonna want this for the list.
  1383. require_once($sourcedir . '/Subs-List.php');
  1384. if ($memID == 0)
  1385. $context['base_url'] = $scripturl . '?action=trackip';
  1386. else
  1387. $context['base_url'] = $scripturl . '?action=profile;area=tracking;sa=ip;u=' . $memID;
  1388. // Start with the user messages.
  1389. $listOptions = array(
  1390. 'id' => 'track_logins_list',
  1391. 'title' => $txt['trackLogins'],
  1392. 'no_items_label' => $txt['trackLogins_none_found'],
  1393. 'base_href' => $context['base_url'],
  1394. 'get_items' => array(
  1395. 'function' => 'list_getLogins',
  1396. 'params' => array(
  1397. 'id_member = {int:current_member}',
  1398. array('current_member' => $memID),
  1399. ),
  1400. ),
  1401. 'get_count' => array(
  1402. 'function' => 'list_getLoginCount',
  1403. 'params' => array(
  1404. 'id_member = {int:current_member}',
  1405. array('current_member' => $memID),
  1406. ),
  1407. ),
  1408. 'columns' => array(
  1409. 'time' => array(
  1410. 'header' => array(
  1411. 'value' => $txt['date'],
  1412. ),
  1413. 'data' => array(
  1414. 'db' => 'time',
  1415. ),
  1416. ),
  1417. 'ip' => array(
  1418. 'header' => array(
  1419. 'value' => $txt['ip_address'],
  1420. ),
  1421. 'data' => array(
  1422. 'sprintf' => array(
  1423. 'format' => '<a href="' . $context['base_url'] . ';searchip=%1$s">%1$s</a> (<a href="' . $context['base_url'] . ';searchip=%2$s">%2$s</a>) ',
  1424. 'params' => array(
  1425. 'ip' => false,
  1426. 'ip2' => false
  1427. ),
  1428. ),
  1429. ),
  1430. ),
  1431. ),
  1432. 'additional_rows' => array(
  1433. array(
  1434. 'position' => 'after_title',
  1435. 'value' => $txt['trackLogins_desc'],
  1436. 'class' => 'smalltext',
  1437. 'style' => 'padding: 2ex;',
  1438. ),
  1439. ),
  1440. );
  1441. // Create the messages list.
  1442. createList($listOptions);
  1443. $context['sub_template'] = 'show_list';
  1444. $context['default_list'] = 'track_logins_list';
  1445. }
  1446. /**
  1447. * Callback for trackLogins for counting history.
  1448. *
  1449. * @param string $where
  1450. * @param array $where_vars
  1451. * @return string count of messages matching the IP
  1452. */
  1453. function list_getLoginCount($where, $where_vars = array())
  1454. {
  1455. global $smcFunc;
  1456. $request = $smcFunc['db_query']('', '
  1457. SELECT COUNT(*) AS message_count
  1458. FROM {db_prefix}member_logins
  1459. WHERE id_member = {int:id_member}',
  1460. array(
  1461. 'id_member' => $where_vars['current_member'],
  1462. )
  1463. );
  1464. list ($count) = $smcFunc['db_fetch_row']($request);
  1465. $smcFunc['db_free_result']($request);
  1466. // @todo cast to integer
  1467. return $count;
  1468. }
  1469. /**
  1470. * Callback for trackLogins data.
  1471. *
  1472. * @param int $start
  1473. * @param int $items_per_page
  1474. * @param string $sort
  1475. * @param string $where
  1476. * @param array $where_vars
  1477. * @return array an array of messages
  1478. */
  1479. function list_getLogins($start, $items_per_page, $sort, $where, $where_vars = array())
  1480. {
  1481. global $smcFunc, $txt, $scripturl;
  1482. $request = $smcFunc['db_query']('', '
  1483. SELECT time, ip, ip2
  1484. FROM {db_prefix}member_logins
  1485. WHERE {int:id_member}
  1486. ORDER BY time DESC',
  1487. array(
  1488. 'id_member' => $where_vars['current_member'],
  1489. )
  1490. );
  1491. $logins = array();
  1492. while ($row = $smcFunc['db_fetch_assoc']($request))
  1493. $logins[] = array(
  1494. 'time' => timeformat($row['time']),
  1495. 'ip' => $row['ip'],
  1496. 'ip2' => $row['ip2'],
  1497. );
  1498. $smcFunc['db_free_result']($request);
  1499. return $logins;
  1500. }
  1501. /**
  1502. * @todo needs a description
  1503. *
  1504. * @param int $memID id_member
  1505. */
  1506. function trackEdits($memID)
  1507. {
  1508. global $scripturl, $txt, $modSettings, $sourcedir, $context, $smcFunc;
  1509. require_once($sourcedir . '/Subs-List.php');
  1510. // Get the names of any custom fields.
  1511. $request = $smcFunc['db_query']('', '
  1512. SELECT col_name, field_name, bbc
  1513. FROM {db_prefix}custom_fields',
  1514. array(
  1515. )
  1516. );
  1517. $context['custom_field_titles'] = array();
  1518. while ($row = $smcFunc['db_fetch_assoc']($request))
  1519. $context['custom_field_titles']['customfield_' . $row['col_name']] = array(
  1520. 'title' => $row['field_name'],
  1521. 'parse_bbc' => $row['bbc'],
  1522. );
  1523. $smcFunc['db_free_result']($request);
  1524. // Set the options for the error lists.
  1525. $listOptions = array(
  1526. 'id' => 'edit_list',
  1527. 'title' => $txt['trackEdits'],
  1528. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1529. 'no_items_label' => $txt['trackEdit_no_edits'],
  1530. 'base_href' => $scripturl . '?action=profile;area=tracking;sa=edits;u=' . $memID,
  1531. 'default_sort_col' => 'time',
  1532. 'get_items' => array(
  1533. 'function' => 'list_getProfileEdits',
  1534. 'params' => array(
  1535. $memID,
  1536. ),
  1537. ),
  1538. 'get_count' => array(
  1539. 'function' => 'list_getProfileEditCount',
  1540. 'params' => array(
  1541. $memID,
  1542. ),
  1543. ),
  1544. 'columns' => array(
  1545. 'action' => array(
  1546. 'header' => array(
  1547. 'value' => $txt['trackEdit_action'],
  1548. ),
  1549. 'data' => array(
  1550. 'db' => 'action_text',
  1551. ),
  1552. ),
  1553. 'before' => array(
  1554. 'header' => array(
  1555. 'value' => $txt['trackEdit_before'],
  1556. ),
  1557. 'data' => array(
  1558. 'db' => 'before',
  1559. ),
  1560. ),
  1561. 'after' => array(
  1562. 'header' => array(
  1563. 'value' => $txt['trackEdit_after'],
  1564. ),
  1565. 'data' => array(
  1566. 'db' => 'after',
  1567. ),
  1568. ),
  1569. 'time' => array(
  1570. 'header' => array(
  1571. 'value' => $txt['date'],
  1572. ),
  1573. 'data' => array(
  1574. 'db' => 'time',
  1575. ),
  1576. 'sort' => array(
  1577. 'default' => 'id_action DESC',
  1578. 'reverse' => 'id_action',
  1579. ),
  1580. ),
  1581. 'applicator' => array(
  1582. 'header' => array(
  1583. 'value' => $txt['trackEdit_applicator'],
  1584. ),
  1585. 'data' => array(
  1586. 'db' => 'member_link',
  1587. ),
  1588. ),
  1589. ),
  1590. );
  1591. // Create the error list.
  1592. createList($listOptions);
  1593. $context['sub_template'] = 'show_list';
  1594. $context['default_list'] = 'edit_list';
  1595. }
  1596. /**
  1597. * How many edits?
  1598. *
  1599. * @param int $memID id_member
  1600. * @return string number of profile edits
  1601. */
  1602. function list_getProfileEditCount($memID)
  1603. {
  1604. global $smcFunc;
  1605. $request = $smcFunc['db_query']('', '
  1606. SELECT COUNT(*) AS edit_count
  1607. FROM {db_prefix}log_actions
  1608. WHERE id_log = {int:log_type}
  1609. AND id_member = {int:owner}',
  1610. array(
  1611. 'log_type' => 2,
  1612. 'owner' => $memID,
  1613. )
  1614. );
  1615. list ($edit_count) = $smcFunc['db_fetch_row']($request);
  1616. $smcFunc['db_free_result']($request);
  1617. // @todo cast to integer
  1618. return $edit_count;
  1619. }
  1620. /**
  1621. * @todo needs a description
  1622. *
  1623. * @param int $start
  1624. * @param int $items_per_page
  1625. * @param string $sort
  1626. * @param int $memID
  1627. * @return array
  1628. */
  1629. function list_getProfileEdits($start, $items_per_page, $sort, $memID)
  1630. {
  1631. global $smcFunc, $txt, $scripturl, $context;
  1632. // Get a list of error messages from this ip (range).
  1633. $request = $smcFunc['db_query']('', '
  1634. SELECT
  1635. id_action, id_member, ip, log_time, action, extra
  1636. FROM {db_prefix}log_actions
  1637. WHERE id_log = {int:log_type}
  1638. AND id_member = {int:owner}
  1639. ORDER BY ' . $sort . '
  1640. LIMIT ' . $start . ', ' . $items_per_page,
  1641. array(
  1642. 'log_type' => 2,
  1643. 'owner' => $memID,
  1644. )
  1645. );
  1646. $edits = array();
  1647. $members = array();
  1648. while ($row = $smcFunc['db_fetch_assoc']($request))
  1649. {
  1650. $extra = @unserialize($row['extra']);
  1651. if (!empty($extra['applicator']))
  1652. $members[] = $extra['applicator'];
  1653. // Work out what the name of the action is.
  1654. if (isset($txt['trackEdit_action_' . $row['action']]))
  1655. $action_text = $txt['trackEdit_action_' . $row['action']];
  1656. elseif (isset($txt[$row['action']]))
  1657. $action_text = $txt[$row['action']];
  1658. // Custom field?
  1659. elseif (isset($context['custom_field_titles'][$row['action']]))
  1660. $action_text = $context['custom_field_titles'][$row['action']]['title'];
  1661. else
  1662. $action_text = $row['action'];
  1663. // Parse BBC?
  1664. $parse_bbc = isset($context['custom_field_titles'][$row['action']]) && $context['custom_field_titles'][$row['action']]['parse_bbc'] ? true : false;
  1665. $edits[] = array(
  1666. 'id' => $row['id_action'],
  1667. 'ip' => $row['ip'],
  1668. 'id_member' => !empty($extra['applicator']) ? $extra['applicator'] : 0,
  1669. 'member_link' => $txt['trackEdit_deleted_member'],
  1670. 'action' => $row['action'],
  1671. 'action_text' => $action_text,
  1672. 'before' => !empty($extra['previous']) ? ($parse_bbc ? parse_bbc($extra['previous']) : $extra['previous']) : '',
  1673. 'after' => !empty($extra['new']) ? ($parse_bbc ? parse_bbc($extra['new']) : $extra['new']) : '',
  1674. 'time' => timeformat($row['log_time']),
  1675. );
  1676. }
  1677. $smcFunc['db_free_result']($request);
  1678. // Get any member names.
  1679. if (!empty($members))
  1680. {
  1681. $request = $smcFunc['db_query']('', '
  1682. SELECT
  1683. id_member, real_name
  1684. FROM {db_prefix}members
  1685. WHERE id_member IN ({array_int:members})',
  1686. array(
  1687. 'members' => $members,
  1688. )
  1689. );
  1690. $members = array();
  1691. while ($row = $smcFunc['db_fetch_assoc']($request))
  1692. $members[$row['id_member']] = $row['real_name'];
  1693. $smcFunc['db_free_result']($request);
  1694. foreach ($edits as $key => $value)
  1695. if (isset($members[$value['id_member']]))
  1696. $edits[$key]['member_link'] = '<a href="' . $scripturl . '?action=profile;u=' . $value['id_member'] . '">' . $members[$value['id_member']] . '</a>';
  1697. }
  1698. return $edits;
  1699. }
  1700. /**
  1701. * @todo needs a description
  1702. *
  1703. * @param int $memID id_member
  1704. */
  1705. function showPermissions($memID)
  1706. {
  1707. global $scripturl, $txt, $board, $modSettings;
  1708. global $user_profile, $context, $user_info, $sourcedir, $smcFunc;
  1709. // Verify if the user has sufficient permissions.
  1710. isAllowedTo('manage_permissions');
  1711. loadLanguage('ManagePermissions');
  1712. loadLanguage('Admin');
  1713. loadTemplate('ManageMembers');
  1714. // Load all the permission profiles.
  1715. require_once($sourcedir . '/ManagePermissions.php');
  1716. loadPermissionProfiles();
  1717. $context['member']['id'] = $memID;
  1718. $context['member']['name'] = $user_profile[$memID]['real_name'];
  1719. $context['page_title'] = $txt['showPermissions'];
  1720. $board = empty($board) ? 0 : (int) $board;
  1721. $context['board'] = $board;
  1722. // Determine which groups this user is in.
  1723. if (empty($user_profile[$memID]['additional_groups']))
  1724. $curGroups = array();
  1725. else
  1726. $curGroups = explode(',', $user_profile[$memID]['additional_groups']);
  1727. $curGroups[] = $user_profile[$memID]['id_group'];
  1728. $curGroups[] = $user_profile[$memID]['id_post_group'];
  1729. // Load a list of boards for the jump box - except the defaults.
  1730. $request = $smcFunc['db_query']('order_by_board_order', '
  1731. SELECT b.id_board, b.name, b.id_profile, b.member_groups, IFNULL(mods.id_member, 0) AS is_mod
  1732. FROM {db_prefix}boards AS b
  1733. LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})
  1734. WHERE {query_see_board}',
  1735. array(
  1736. 'current_member' => $memID,
  1737. )
  1738. );
  1739. $context['boards'] = array();
  1740. $context['no_access_boards'] = array();
  1741. while ($row = $smcFunc['db_fetch_assoc']($request))
  1742. {
  1743. if (count(array_intersect($curGroups, explode(',', $row['member_groups']))) === 0 && !$row['is_mod'])
  1744. $context['no_access_boards'][] = array(
  1745. 'id' => $row['id_board'],
  1746. 'name' => $row['name'],
  1747. 'is_last' => false,
  1748. );
  1749. elseif ($row['id_profile'] != 1 || $row['is_mod'])
  1750. $context['boards'][$row['id_board']] = array(
  1751. 'id' => $row['id_board'],
  1752. 'name' => $row['name'],
  1753. 'selected' => $board == $row['id_board'],
  1754. 'profile' => $row['id_profile'],
  1755. 'profile_name' => $context['profiles'][$row['id_profile']]['name'],
  1756. );
  1757. }
  1758. $smcFunc['db_free_result']($request);
  1759. if (!empty($context['no_access_boards']))
  1760. $context['no_access_boards'][count($context['no_access_boards']) - 1]['is_last'] = true;
  1761. $context['member']['permissions'] = array(
  1762. 'general' => array(),
  1763. 'board' => array()
  1764. );
  1765. // If you're an admin we know you can do everything, we might as well leave.
  1766. $context['member']['has_all_permissions'] = in_array(1, $curGroups);
  1767. if ($context['member']['has_all_permissions'])
  1768. return;
  1769. $denied = array();
  1770. // Get all general permissions.
  1771. $result = $smcFunc['db_query']('', '
  1772. SELECT p.permission, p.add_deny, mg.group_name, p.id_group
  1773. FROM {db_prefix}permissions AS p
  1774. LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = p.id_group)
  1775. WHERE p.id_group IN ({array_int:group_list})
  1776. ORDER BY p.add_deny DESC, p.permission, mg.min_posts, CASE WHEN mg.id_group < {int:newbie_group} THEN mg.id_group ELSE 4 END, mg.group_name',
  1777. array(
  1778. 'group_list' => $curGroups,
  1779. 'newbie_group' => 4,
  1780. )
  1781. );
  1782. while ($row = $smcFunc['db_fetch_assoc']($result))
  1783. {
  1784. // We don't know about this permission, it doesn't exist :P.
  1785. if (!isset($txt['permissionname_' . $row['permission']]))
  1786. continue;
  1787. if (empty($row['add_deny']))
  1788. $denied[] = $row['permission'];
  1789. // Permissions that end with _own or _any consist of two parts.
  1790. if (in_array(substr($row['permission'], -4), array('_own', '_any')) && isset($txt['permissionname_' . substr($row['permission'], 0, -4)]))
  1791. $name = $txt['permissionname_' . substr($row['permission'], 0, -4)] . ' - ' . $txt['permissionname_' . $row['permission']];
  1792. else
  1793. $name = $txt['permissionname_' . $row['permission']];
  1794. // Add this permission if it doesn't exist yet.
  1795. if (!isset($context['member']['permissions']['general'][$row['permission']]))
  1796. $context['member']['permissions']['general'][$row['permission']] = array(
  1797. 'id' => $row['permission'],
  1798. 'groups' => array(
  1799. 'allowed' => array(),
  1800. 'denied' => array()
  1801. ),
  1802. 'name' => $name,
  1803. 'is_denied' => false,
  1804. 'is_global' => true,
  1805. );
  1806. // Add the membergroup to either the denied or the allowed groups.
  1807. $context['member']['permissions']['general'][$row['permission']]['groups'][empty($row['add_deny']) ? 'denied' : 'allowed'][] = $row['id_group'] == 0 ? $txt['membergroups_members'] : $row['group_name'];
  1808. // Once denied is always denied.
  1809. $context['member']['permissions']['general'][$row['permission']]['is_denied'] |= empty($row['add_deny']);
  1810. }
  1811. $smcFunc['db_free_result']($result);
  1812. $request = $smcFunc['db_query']('', '
  1813. SELECT
  1814. bp.add_deny, bp.permission, bp.id_group, mg.group_name' . (empty($board) ? '' : ',
  1815. b.id_profile, CASE WHEN mods.id_member IS NULL THEN 0 ELSE 1 END AS is_moderator') . '
  1816. FROM {db_prefix}board_permissions AS bp' . (empty($board) ? '' : '
  1817. INNER JOIN {db_prefix}boards AS b ON (b.id_board = {int:current_board})
  1818. LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})') . '
  1819. LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = bp.id_group)
  1820. WHERE bp.id_profile = {raw:current_profile}
  1821. AND bp.id_group IN ({array_int:group_list}' . (empty($board) ? ')' : ', {int:moderator_group})
  1822. AND (mods.id_member IS NOT NULL OR bp.id_group != {int:moderator_group})'),
  1823. array(
  1824. 'current_board' => $board,
  1825. 'group_list' => $curGroups,
  1826. 'current_member' => $memID,
  1827. 'current_profile' => empty($board) ? '1' : 'b.id_profile',
  1828. 'moderator_group' => 3,
  1829. )
  1830. );
  1831. while ($row = $smcFunc['db_fetch_assoc']($request))
  1832. {
  1833. // We don't know about this permission, it doesn't exist :P.
  1834. if (!isset($txt['permissionname_' . $row['permission']]))
  1835. continue;
  1836. // The name of the permission using the format 'permission name' - 'own/any topic/event/etc.'.
  1837. if (in_array(substr($row['permission'], -4), array('_own', '_any')) && isset($txt['permissionname_' . substr($row['permission'], 0, -4)]))
  1838. $name = $txt['permissionname_' . substr($row['permission'], 0, -4)] . ' - ' . $txt['permissionname_' . $row['permission']];
  1839. else
  1840. $name = $txt['permissionname_' . $row['permission']];
  1841. // Create the structure for this permission.
  1842. if (!isset($context['member']['permissions']['board'][$row['permission']]))
  1843. $context['member']['permissions']['board'][$row['permission']] = array(
  1844. 'id' => $row['permission'],
  1845. 'groups' => array(
  1846. 'allowed' => array(),
  1847. 'denied' => array()
  1848. ),
  1849. 'name' => $name,
  1850. 'is_denied' => false,
  1851. 'is_global' => empty($board),
  1852. );
  1853. $context['member']['permissions']['board'][$row['permission']]['groups'][empty($row['add_deny']) ? 'denied' : 'allowed'][$row['id_group']] = $row['id_group'] == 0 ? $txt['membergroups_members'] : $row['group_name'];
  1854. $context['member']['permissions']['board'][$row['permission']]['is_denied'] |= empty($row['add_deny']);
  1855. }
  1856. $smcFunc['db_free_result']($request);
  1857. }
  1858. /**
  1859. * View a members warnings?
  1860. *
  1861. * @param int $memID id_member
  1862. */
  1863. function viewWarning($memID)
  1864. {
  1865. global $modSettings, $context, $sourcedir, $txt, $scripturl;
  1866. // Firstly, can we actually even be here?
  1867. if (!allowedTo('issue_warning') && (empty($modSettings['warning_show']) || ($modSettings['warning_show'] == 1 && !$context['user']['is_owner'])))
  1868. fatal_lang_error('no_access', false);
  1869. // Make sure things which are disabled stay disabled.
  1870. $modSettings['warning_watch'] = !empty($modSettings['warning_watch']) ? $modSettings['warning_watch'] : 110;
  1871. $modSettings['warning_moderate'] = !empty($modSettings['warning_moderate']) && !empty($modSettings['postmod_active']) ? $modSettings['warning_moderate'] : 110;
  1872. $modSettings['warning_mute'] = !empty($modSettings['warning_mute']) ? $modSettings['warning_mute'] : 110;
  1873. // Let's use a generic list to get all the current warnings, and use the issue warnings grab-a-granny thing.
  1874. require_once($sourcedir . '/Subs-List.php');
  1875. require_once($sourcedir . '/Profile-Actions.php');
  1876. $listOptions = array(
  1877. 'id' => 'view_warnings',
  1878. 'title' => $txt['profile_viewwarning_previous_warnings'],
  1879. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1880. 'no_items_label' => $txt['profile_viewwarning_no_warnings'],
  1881. 'base_href' => $scripturl . '?action=profile;area=viewwarning;sa=user;u=' . $memID,
  1882. 'default_sort_col' => 'log_time',
  1883. 'get_items' => array(
  1884. 'function' => 'list_getUserWarnings',
  1885. 'params' => array(
  1886. $memID,
  1887. ),
  1888. ),
  1889. 'get_count' => array(
  1890. 'function' => 'list_getUserWarningCount',
  1891. 'params' => array(
  1892. $memID,
  1893. ),
  1894. ),
  1895. 'columns' => array(
  1896. 'log_time' => array(
  1897. 'header' => array(
  1898. 'value' => $txt['profile_warning_previous_time'],
  1899. ),
  1900. 'data' => array(
  1901. 'db' => 'time',
  1902. ),
  1903. 'sort' => array(
  1904. 'default' => 'lc.log_time DESC',
  1905. 'reverse' => 'lc.log_time',
  1906. ),
  1907. ),
  1908. 'reason' => array(
  1909. 'header' => array(
  1910. 'value' => $txt['profile_warning_previous_reason'],
  1911. 'style' => 'width: 50%',
  1912. ),
  1913. 'data' => array(
  1914. 'db' => 'reason',
  1915. ),
  1916. ),
  1917. 'level' => array(
  1918. 'header' => array(
  1919. 'value' => $txt['profile_warning_previous_level'],
  1920. ),
  1921. 'data' => array(
  1922. 'db' => 'counter',
  1923. ),
  1924. 'sort' => array(
  1925. 'default' => 'lc.counter DESC',
  1926. 'reverse' => 'lc.counter',
  1927. ),
  1928. ),
  1929. ),
  1930. 'additional_rows' => array(
  1931. array(
  1932. 'position' => 'after_title',
  1933. 'value' => $txt['profile_viewwarning_desc'],
  1934. 'class' => 'smalltext',
  1935. 'style' => 'padding: 2ex;',
  1936. ),
  1937. ),
  1938. );
  1939. // Create the list for viewing.
  1940. require_once($sourcedir . '/Subs-List.php');
  1941. createList($listOptions);
  1942. // Create some common text bits for the template.
  1943. $context['level_effects'] = array(
  1944. 0 => '',
  1945. $modSettings['warning_watch'] => $txt['profile_warning_effect_own_watched'],
  1946. $modSettings['warning_moderate'] => $txt['profile_warning_effect_own_moderated'],
  1947. $modSettings['warning_mute'] => $txt['profile_warning_effect_own_muted'],
  1948. );
  1949. $context['current_level'] = 0;
  1950. foreach ($context['level_effects'] as $limit => $dummy)
  1951. if ($context['member']['warning'] >= $limit)
  1952. $context['current_level'] = $limit;
  1953. }
  1954. ?>