Profile-View.php 69 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149
  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2011 Simple Machines
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.1 Alpha 1
  11. */
  12. if (!defined('SMF'))
  13. die('Hacking attempt...');
  14. /**
  15. * View a summary.
  16. * @param int $memID id_member
  17. */
  18. function summary($memID)
  19. {
  20. global $context, $memberContext, $txt, $modSettings, $user_info, $user_profile, $sourcedir, $scripturl, $smcFunc;
  21. // Attempt to load the member's profile data.
  22. if (!loadMemberContext($memID) || !isset($memberContext[$memID]))
  23. fatal_lang_error('not_a_user', false);
  24. // Set up the stuff and load the user.
  25. $context += array(
  26. 'page_title' => sprintf($txt['profile_of_username'], $memberContext[$memID]['name']),
  27. 'can_send_pm' => allowedTo('pm_send'),
  28. 'can_send_email' => allowedTo('send_email_to_members'),
  29. 'can_have_buddy' => allowedTo('profile_identity_own') && !empty($modSettings['enable_buddylist']),
  30. 'can_issue_warning' => in_array('w', $context['admin_features']) && allowedTo('issue_warning') && $modSettings['warning_settings'][0] == 1,
  31. );
  32. $context['member'] = &$memberContext[$memID];
  33. $context['can_view_warning'] = in_array('w', $context['admin_features']) && (allowedTo('issue_warning') && !$context['user']['is_owner']) || (!empty($modSettings['warning_show']) && ($modSettings['warning_show'] > 1 || $context['user']['is_owner']));
  34. // Set a canonical URL for this page.
  35. $context['canonical_url'] = $scripturl . '?action=profile;u=' . $memID;
  36. // Are there things we don't show?
  37. $context['disabled_fields'] = isset($modSettings['disabled_profile_fields']) ? array_flip(explode(',', $modSettings['disabled_profile_fields'])) : array();
  38. // See if they have broken any warning levels...
  39. list ($modSettings['warning_enable'], $modSettings['user_limit']) = explode(',', $modSettings['warning_settings']);
  40. if (!empty($modSettings['warning_mute']) && $modSettings['warning_mute'] <= $context['member']['warning'])
  41. $context['warning_status'] = $txt['profile_warning_is_muted'];
  42. elseif (!empty($modSettings['warning_moderate']) && $modSettings['warning_moderate'] <= $context['member']['warning'])
  43. $context['warning_status'] = $txt['profile_warning_is_moderation'];
  44. elseif (!empty($modSettings['warning_watch']) && $modSettings['warning_watch'] <= $context['member']['warning'])
  45. $context['warning_status'] = $txt['profile_warning_is_watch'];
  46. // They haven't even been registered for a full day!?
  47. $days_registered = (int) ((time() - $user_profile[$memID]['date_registered']) / (3600 * 24));
  48. if (empty($user_profile[$memID]['date_registered']) || $days_registered < 1)
  49. $context['member']['posts_per_day'] = $txt['not_applicable'];
  50. else
  51. $context['member']['posts_per_day'] = comma_format($context['member']['real_posts'] / $days_registered, 3);
  52. // Set the age...
  53. if (empty($context['member']['birth_date']))
  54. {
  55. $context['member'] += array(
  56. 'age' => $txt['not_applicable'],
  57. 'today_is_birthday' => false
  58. );
  59. }
  60. else
  61. {
  62. list ($birth_year, $birth_month, $birth_day) = sscanf($context['member']['birth_date'], '%d-%d-%d');
  63. $datearray = getdate(forum_time());
  64. $context['member'] += array(
  65. 'age' => $birth_year <= 4 ? $txt['not_applicable'] : $datearray['year'] - $birth_year - (($datearray['mon'] > $birth_month || ($datearray['mon'] == $birth_month && $datearray['mday'] >= $birth_day)) ? 0 : 1),
  66. 'today_is_birthday' => $datearray['mon'] == $birth_month && $datearray['mday'] == $birth_day
  67. );
  68. }
  69. if (allowedTo('moderate_forum'))
  70. {
  71. // Make sure it's a valid ip address; otherwise, don't bother...
  72. if (preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $memberContext[$memID]['ip']) == 1 && empty($modSettings['disableHostnameLookup']))
  73. $context['member']['hostname'] = host_from_ip($memberContext[$memID]['ip']);
  74. else
  75. $context['member']['hostname'] = '';
  76. $context['can_see_ip'] = true;
  77. }
  78. else
  79. $context['can_see_ip'] = false;
  80. if (!empty($modSettings['who_enabled']))
  81. {
  82. include_once($sourcedir . '/Who.php');
  83. $action = determineActions($user_profile[$memID]['url']);
  84. if ($action !== false)
  85. $context['member']['action'] = $action;
  86. }
  87. // If the user is awaiting activation, and the viewer has permission - setup some activation context messages.
  88. if ($context['member']['is_activated'] % 10 != 1 && allowedTo('moderate_forum'))
  89. {
  90. $context['activate_type'] = $context['member']['is_activated'];
  91. // What should the link text be?
  92. $context['activate_link_text'] = in_array($context['member']['is_activated'], array(3, 4, 5, 13, 14, 15)) ? $txt['account_approve'] : $txt['account_activate'];
  93. // Should we show a custom message?
  94. $context['activate_message'] = isset($txt['account_activate_method_' . $context['member']['is_activated'] % 10]) ? $txt['account_activate_method_' . $context['member']['is_activated'] % 10] : $txt['account_not_activated'];
  95. }
  96. // Is the signature even enabled on this forum?
  97. $context['signature_enabled'] = substr($modSettings['signature_settings'], 0, 1) == 1;
  98. // How about, are they banned?
  99. $context['member']['bans'] = array();
  100. if (allowedTo('moderate_forum'))
  101. {
  102. // Can they edit the ban?
  103. $context['can_edit_ban'] = allowedTo('manage_bans');
  104. $ban_query = array();
  105. $ban_query_vars = array(
  106. 'time' => time(),
  107. );
  108. $ban_query[] = 'id_member = ' . $context['member']['id'];
  109. // Valid IP?
  110. if (preg_match('/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/', $memberContext[$memID]['ip'], $ip_parts) == 1)
  111. {
  112. $ban_query[] = '((' . $ip_parts[1] . ' BETWEEN bi.ip_low1 AND bi.ip_high1)
  113. AND (' . $ip_parts[2] . ' BETWEEN bi.ip_low2 AND bi.ip_high2)
  114. AND (' . $ip_parts[3] . ' BETWEEN bi.ip_low3 AND bi.ip_high3)
  115. AND (' . $ip_parts[4] . ' BETWEEN bi.ip_low4 AND bi.ip_high4))';
  116. // Do we have a hostname already?
  117. if (!empty($context['member']['hostname']))
  118. {
  119. $ban_query[] = '({string:hostname} LIKE hostname)';
  120. $ban_query_vars['hostname'] = $context['member']['hostname'];
  121. }
  122. }
  123. // Use '255.255.255.255' for 'unknown' - it's not valid anyway.
  124. elseif ($memberContext[$memID]['ip'] == 'unknown')
  125. $ban_query[] = '(bi.ip_low1 = 255 AND bi.ip_high1 = 255
  126. AND bi.ip_low2 = 255 AND bi.ip_high2 = 255
  127. AND bi.ip_low3 = 255 AND bi.ip_high3 = 255
  128. AND bi.ip_low4 = 255 AND bi.ip_high4 = 255)';
  129. // Check their email as well...
  130. if (strlen($context['member']['email']) != 0)
  131. {
  132. $ban_query[] = '({string:email} LIKE bi.email_address)';
  133. $ban_query_vars['email'] = $context['member']['email'];
  134. }
  135. // So... are they banned? Dying to know!
  136. $request = $smcFunc['db_query']('', '
  137. SELECT bg.id_ban_group, bg.name, bg.cannot_access, bg.cannot_post, bg.cannot_register,
  138. bg.cannot_login, bg.reason
  139. FROM {db_prefix}ban_items AS bi
  140. INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group AND (bg.expire_time IS NULL OR bg.expire_time > {int:time}))
  141. WHERE (' . implode(' OR ', $ban_query) . ')',
  142. $ban_query_vars
  143. );
  144. while ($row = $smcFunc['db_fetch_assoc']($request))
  145. {
  146. // Work out what restrictions we actually have.
  147. $ban_restrictions = array();
  148. foreach (array('access', 'register', 'login', 'post') as $type)
  149. if ($row['cannot_' . $type])
  150. $ban_restrictions[] = $txt['ban_type_' . $type];
  151. // No actual ban in place?
  152. if (empty($ban_restrictions))
  153. continue;
  154. // Prepare the link for context.
  155. $ban_explanation = sprintf($txt['user_cannot_due_to'], implode(', ', $ban_restrictions), '<a href="' . $scripturl . '?action=admin;area=ban;sa=edit;bg=' . $row['id_ban_group'] . '">' . $row['name'] . '</a>');
  156. $context['member']['bans'][$row['id_ban_group']] = array(
  157. 'reason' => empty($row['reason']) ? '' : '<br /><br /><strong>' . $txt['ban_reason'] . ':</strong> ' . $row['reason'],
  158. 'cannot' => array(
  159. 'access' => !empty($row['cannot_access']),
  160. 'register' => !empty($row['cannot_register']),
  161. 'post' => !empty($row['cannot_post']),
  162. 'login' => !empty($row['cannot_login']),
  163. ),
  164. 'explanation' => $ban_explanation,
  165. );
  166. }
  167. $smcFunc['db_free_result']($request);
  168. }
  169. loadCustomFields($memID);
  170. }
  171. /**
  172. * Show all posts by the current user
  173. * @todo This function needs to be split up properly.
  174. *
  175. * @param int $memID id_member
  176. */
  177. function showPosts($memID)
  178. {
  179. global $txt, $user_info, $scripturl, $modSettings;
  180. global $context, $user_profile, $sourcedir, $smcFunc, $board;
  181. // Some initial context.
  182. $context['start'] = (int) $_REQUEST['start'];
  183. $context['current_member'] = $memID;
  184. // Create the tabs for the template.
  185. $context[$context['profile_menu_name']]['tab_data'] = array(
  186. 'title' => $txt['showPosts'],
  187. 'description' => $txt['showPosts_help'],
  188. 'icon' => 'profile_sm.png',
  189. 'tabs' => array(
  190. 'messages' => array(
  191. ),
  192. 'topics' => array(
  193. ),
  194. 'attach' => array(
  195. ),
  196. ),
  197. );
  198. // Set the page title
  199. $context['page_title'] = $txt['showPosts'] . ' - ' . $user_profile[$memID]['real_name'];
  200. // Is the load average too high to allow searching just now?
  201. if (!empty($context['load_average']) && !empty($modSettings['loadavg_show_posts']) && $context['load_average'] >= $modSettings['loadavg_show_posts'])
  202. fatal_lang_error('loadavg_show_posts_disabled', false);
  203. // If we're specifically dealing with attachments use that function!
  204. if (isset($_GET['sa']) && $_GET['sa'] == 'attach')
  205. return showAttachments($memID);
  206. // Are we just viewing topics?
  207. $context['is_topics'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? true : false;
  208. // If just deleting a message, do it and then redirect back.
  209. if (isset($_GET['delete']) && !$context['is_topics'])
  210. {
  211. checkSession('get');
  212. // We need msg info for logging.
  213. $request = $smcFunc['db_query']('', '
  214. SELECT subject, id_member, id_topic, id_board
  215. FROM {db_prefix}messages
  216. WHERE id_msg = {int:id_msg}',
  217. array(
  218. 'id_msg' => (int) $_GET['delete'],
  219. )
  220. );
  221. $info = $smcFunc['db_fetch_row']($request);
  222. $smcFunc['db_free_result']($request);
  223. // Trying to remove a message that doesn't exist.
  224. if (empty($info))
  225. redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
  226. // We can be lazy, since removeMessage() will check the permissions for us.
  227. require_once($sourcedir . '/RemoveTopic.php');
  228. removeMessage((int) $_GET['delete']);
  229. // Add it to the mod log.
  230. if (allowedTo('delete_any') && (!allowedTo('delete_own') || $info[1] != $user_info['id']))
  231. logAction('delete', array('topic' => $info[2], 'subject' => $info[0], 'member' => $info[1], 'board' => $info[3]));
  232. // Back to... where we are now ;).
  233. redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
  234. }
  235. // Default to 10.
  236. if (empty($_REQUEST['viewscount']) || !is_numeric($_REQUEST['viewscount']))
  237. $_REQUEST['viewscount'] = '10';
  238. if ($context['is_topics'])
  239. $request = $smcFunc['db_query']('', '
  240. SELECT COUNT(*)
  241. FROM {db_prefix}topics AS t' . ($user_info['query_see_board'] == '1=1' ? '' : '
  242. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board AND {query_see_board})') . '
  243. WHERE t.id_member_started = {int:current_member}' . (!empty($board) ? '
  244. AND t.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  245. AND t.approved = {int:is_approved}'),
  246. array(
  247. 'current_member' => $memID,
  248. 'is_approved' => 1,
  249. 'board' => $board,
  250. )
  251. );
  252. else
  253. $request = $smcFunc['db_query']('', '
  254. SELECT COUNT(*)
  255. FROM {db_prefix}messages AS m' . ($user_info['query_see_board'] == '1=1' ? '' : '
  256. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})') . '
  257. WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
  258. AND m.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  259. AND m.approved = {int:is_approved}'),
  260. array(
  261. 'current_member' => $memID,
  262. 'is_approved' => 1,
  263. 'board' => $board,
  264. )
  265. );
  266. list ($msgCount) = $smcFunc['db_fetch_row']($request);
  267. $smcFunc['db_free_result']($request);
  268. $request = $smcFunc['db_query']('', '
  269. SELECT MIN(id_msg), MAX(id_msg)
  270. FROM {db_prefix}messages AS m
  271. WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
  272. AND m.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  273. AND m.approved = {int:is_approved}'),
  274. array(
  275. 'current_member' => $memID,
  276. 'is_approved' => 1,
  277. 'board' => $board,
  278. )
  279. );
  280. list ($min_msg_member, $max_msg_member) = $smcFunc['db_fetch_row']($request);
  281. $smcFunc['db_free_result']($request);
  282. $reverse = false;
  283. $range_limit = '';
  284. $maxIndex = (int) $modSettings['defaultMaxMessages'];
  285. // Make sure the starting place makes sense and construct our friend the page index.
  286. $context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=showposts' . ($context['is_topics'] ? ';sa=topics' : '') . (!empty($board) ? ';board=' . $board : ''), $context['start'], $msgCount, $maxIndex);
  287. $context['current_page'] = $context['start'] / $maxIndex;
  288. // Reverse the query if we're past 50% of the pages for better performance.
  289. $start = $context['start'];
  290. $reverse = $_REQUEST['start'] > $msgCount / 2;
  291. if ($reverse)
  292. {
  293. $maxIndex = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 && $msgCount > $context['start'] ? $msgCount - $context['start'] : (int) $modSettings['defaultMaxMessages'];
  294. $start = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 || $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] ? 0 : $msgCount - $context['start'] - $modSettings['defaultMaxMessages'];
  295. }
  296. // Guess the range of messages to be shown.
  297. if ($msgCount > 1000)
  298. {
  299. $margin = floor(($max_msg_member - $min_msg_member) * (($start + $modSettings['defaultMaxMessages']) / $msgCount) + .1 * ($max_msg_member - $min_msg_member));
  300. // Make a bigger margin for topics only.
  301. if ($context['is_topics'])
  302. {
  303. $margin *= 5;
  304. $range_limit = $reverse ? 't.id_first_msg < ' . ($min_msg_member + $margin) : 't.id_first_msg > ' . ($max_msg_member - $margin);
  305. }
  306. else
  307. $range_limit = $reverse ? 'm.id_msg < ' . ($min_msg_member + $margin) : 'm.id_msg > ' . ($max_msg_member - $margin);
  308. }
  309. // Find this user's posts. The left join on categories somehow makes this faster, weird as it looks.
  310. $looped = false;
  311. while (true)
  312. {
  313. if ($context['is_topics'])
  314. {
  315. $request = $smcFunc['db_query']('', '
  316. SELECT
  317. b.id_board, b.name AS bname, c.id_cat, c.name AS cname, t.id_member_started, t.id_first_msg, t.id_last_msg,
  318. t.approved, m.body, m.smileys_enabled, m.subject, m.poster_time, m.id_topic, m.id_msg
  319. FROM {db_prefix}topics AS t
  320. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  321. LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
  322. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
  323. WHERE t.id_member_started = {int:current_member}' . (!empty($board) ? '
  324. AND t.id_board = {int:board}' : '') . (empty($range_limit) ? '' : '
  325. AND ' . $range_limit) . '
  326. AND {query_see_board}' . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  327. AND t.approved = {int:is_approved} AND m.approved = {int:is_approved}') . '
  328. ORDER BY t.id_first_msg ' . ($reverse ? 'ASC' : 'DESC') . '
  329. LIMIT ' . $start . ', ' . $maxIndex,
  330. array(
  331. 'current_member' => $memID,
  332. 'is_approved' => 1,
  333. 'board' => $board,
  334. )
  335. );
  336. }
  337. else
  338. {
  339. $request = $smcFunc['db_query']('', '
  340. SELECT
  341. b.id_board, b.name AS bname, c.id_cat, c.name AS cname, m.id_topic, m.id_msg,
  342. t.id_member_started, t.id_first_msg, t.id_last_msg, m.body, m.smileys_enabled,
  343. m.subject, m.poster_time, m.approved
  344. FROM {db_prefix}messages AS m
  345. INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
  346. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  347. LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
  348. WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
  349. AND b.id_board = {int:board}' : '') . (empty($range_limit) ? '' : '
  350. AND ' . $range_limit) . '
  351. AND {query_see_board}' . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  352. AND t.approved = {int:is_approved} AND m.approved = {int:is_approved}') . '
  353. ORDER BY m.id_msg ' . ($reverse ? 'ASC' : 'DESC') . '
  354. LIMIT ' . $start . ', ' . $maxIndex,
  355. array(
  356. 'current_member' => $memID,
  357. 'is_approved' => 1,
  358. 'board' => $board,
  359. )
  360. );
  361. }
  362. // Make sure we quit this loop.
  363. if ($smcFunc['db_num_rows']($request) === $maxIndex || $looped)
  364. break;
  365. $looped = true;
  366. $range_limit = '';
  367. }
  368. // Start counting at the number of the first message displayed.
  369. $counter = $reverse ? $context['start'] + $maxIndex + 1 : $context['start'];
  370. $context['posts'] = array();
  371. $board_ids = array('own' => array(), 'any' => array());
  372. while ($row = $smcFunc['db_fetch_assoc']($request))
  373. {
  374. // Censor....
  375. censorText($row['body']);
  376. censorText($row['subject']);
  377. // Do the code.
  378. $row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
  379. // And the array...
  380. $context['posts'][$counter += $reverse ? -1 : 1] = array(
  381. 'body' => $row['body'],
  382. 'counter' => $counter,
  383. 'alternate' => $counter % 2,
  384. 'category' => array(
  385. 'name' => $row['cname'],
  386. 'id' => $row['id_cat']
  387. ),
  388. 'board' => array(
  389. 'name' => $row['bname'],
  390. 'id' => $row['id_board']
  391. ),
  392. 'topic' => $row['id_topic'],
  393. 'subject' => $row['subject'],
  394. 'start' => 'msg' . $row['id_msg'],
  395. 'time' => timeformat($row['poster_time']),
  396. 'timestamp' => forum_time(true, $row['poster_time']),
  397. 'id' => $row['id_msg'],
  398. 'can_reply' => false,
  399. 'can_mark_notify' => false,
  400. 'can_delete' => false,
  401. 'delete_possible' => ($row['id_first_msg'] != $row['id_msg'] || $row['id_last_msg'] == $row['id_msg']) && (empty($modSettings['edit_disable_time']) || $row['poster_time'] + $modSettings['edit_disable_time'] * 60 >= time()),
  402. 'approved' => $row['approved'],
  403. );
  404. if ($user_info['id'] == $row['id_member_started'])
  405. $board_ids['own'][$row['id_board']][] = $counter;
  406. $board_ids['any'][$row['id_board']][] = $counter;
  407. }
  408. $smcFunc['db_free_result']($request);
  409. // All posts were retrieved in reverse order, get them right again.
  410. if ($reverse)
  411. $context['posts'] = array_reverse($context['posts'], true);
  412. // These are all the permissions that are different from board to board..
  413. if ($context['is_topics'])
  414. $permissions = array(
  415. 'own' => array(
  416. 'post_reply_own' => 'can_reply',
  417. ),
  418. 'any' => array(
  419. 'post_reply_any' => 'can_reply',
  420. 'mark_any_notify' => 'can_mark_notify',
  421. )
  422. );
  423. else
  424. $permissions = array(
  425. 'own' => array(
  426. 'post_reply_own' => 'can_reply',
  427. 'delete_own' => 'can_delete',
  428. ),
  429. 'any' => array(
  430. 'post_reply_any' => 'can_reply',
  431. 'mark_any_notify' => 'can_mark_notify',
  432. 'delete_any' => 'can_delete',
  433. )
  434. );
  435. // For every permission in the own/any lists...
  436. foreach ($permissions as $type => $list)
  437. {
  438. foreach ($list as $permission => $allowed)
  439. {
  440. // Get the boards they can do this on...
  441. $boards = boardsAllowedTo($permission);
  442. // Hmm, they can do it on all boards, can they?
  443. if (!empty($boards) && $boards[0] == 0)
  444. $boards = array_keys($board_ids[$type]);
  445. // Now go through each board they can do the permission on.
  446. foreach ($boards as $board_id)
  447. {
  448. // There aren't any posts displayed from this board.
  449. if (!isset($board_ids[$type][$board_id]))
  450. continue;
  451. // Set the permission to true ;).
  452. foreach ($board_ids[$type][$board_id] as $counter)
  453. $context['posts'][$counter][$allowed] = true;
  454. }
  455. }
  456. }
  457. // Clean up after posts that cannot be deleted and quoted.
  458. $quote_enabled = empty($modSettings['disabledBBC']) || !in_array('quote', explode(',', $modSettings['disabledBBC']));
  459. foreach ($context['posts'] as $counter => $dummy)
  460. {
  461. $context['posts'][$counter]['can_delete'] &= $context['posts'][$counter]['delete_possible'];
  462. $context['posts'][$counter]['can_quote'] = $context['posts'][$counter]['can_reply'] && $quote_enabled;
  463. }
  464. }
  465. /**
  466. * Show all the attachments of a user.
  467. *
  468. * @param int $memID id_member
  469. */
  470. function showAttachments($memID)
  471. {
  472. global $txt, $user_info, $scripturl, $modSettings, $board;
  473. global $context, $user_profile, $sourcedir, $smcFunc;
  474. // OBEY permissions!
  475. $boardsAllowed = boardsAllowedTo('view_attachments');
  476. // Make sure we can't actually see anything...
  477. if (empty($boardsAllowed))
  478. $boardsAllowed = array(-1);
  479. // Get the total number of attachments they have posted.
  480. $request = $smcFunc['db_query']('', '
  481. SELECT COUNT(*)
  482. FROM {db_prefix}attachments AS a
  483. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg)
  484. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})
  485. WHERE a.attachment_type = {int:attachment_type}
  486. AND a.id_msg != {int:no_message}
  487. AND m.id_member = {int:current_member}' . (!empty($board) ? '
  488. AND b.id_board = {int:board}' : '') . (!in_array(0, $boardsAllowed) ? '
  489. AND b.id_board IN ({array_int:boards_list})' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  490. AND m.approved = {int:is_approved}'),
  491. array(
  492. 'boards_list' => $boardsAllowed,
  493. 'attachment_type' => 0,
  494. 'no_message' => 0,
  495. 'current_member' => $memID,
  496. 'is_approved' => 1,
  497. 'board' => $board,
  498. )
  499. );
  500. list ($attachCount) = $smcFunc['db_fetch_row']($request);
  501. $smcFunc['db_free_result']($request);
  502. $maxIndex = (int) $modSettings['defaultMaxMessages'];
  503. // What about ordering?
  504. $sortTypes = array(
  505. 'filename' => 'a.filename',
  506. 'downloads' => 'a.downloads',
  507. 'subject' => 'm.subject',
  508. 'posted' => 'm.poster_time',
  509. );
  510. $context['sort_order'] = isset($_GET['sort']) && isset($sortTypes[$_GET['sort']]) ? $_GET['sort'] : 'posted';
  511. $context['sort_direction'] = isset($_GET['asc']) ? 'up' : 'down';
  512. $sort = $sortTypes[$context['sort_order']];
  513. // Let's get ourselves a lovely page index.
  514. $context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=showposts;sa=attach;sort=' . $context['sort_order'] . ($context['sort_direction'] == 'up' ? ';asc' : ''), $context['start'], $attachCount, $maxIndex);
  515. // Retrieve some attachments.
  516. $request = $smcFunc['db_query']('', '
  517. SELECT a.id_attach, a.id_msg, a.filename, a.downloads, a.approved, m.id_msg, m.id_topic,
  518. m.id_board, m.poster_time, m.subject, b.name
  519. FROM {db_prefix}attachments AS a
  520. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg)
  521. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})
  522. WHERE a.attachment_type = {int:attachment_type}
  523. AND a.id_msg != {int:no_message}
  524. AND m.id_member = {int:current_member}' . (!empty($board) ? '
  525. AND b.id_board = {int:board}' : '') . (!in_array(0, $boardsAllowed) ? '
  526. AND b.id_board IN ({array_int:boards_list})' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  527. AND m.approved = {int:is_approved}') . '
  528. ORDER BY {raw:sort}
  529. LIMIT {int:offset}, {int:limit}',
  530. array(
  531. 'boards_list' => $boardsAllowed,
  532. 'attachment_type' => 0,
  533. 'no_message' => 0,
  534. 'current_member' => $memID,
  535. 'is_approved' => 1,
  536. 'board' => $board,
  537. 'sort' => $sort . ' ' . ($context['sort_direction'] == 'down' ? 'DESC' : 'ASC'),
  538. 'offset' => $context['start'],
  539. 'limit' => $maxIndex,
  540. )
  541. );
  542. $context['attachments'] = array();
  543. while ($row = $smcFunc['db_fetch_assoc']($request))
  544. {
  545. $row['subject'] = censorText($row['subject']);
  546. $context['attachments'][] = array(
  547. 'id' => $row['id_attach'],
  548. 'filename' => $row['filename'],
  549. 'downloads' => $row['downloads'],
  550. 'subject' => $row['subject'],
  551. 'posted' => timeformat($row['poster_time']),
  552. 'msg' => $row['id_msg'],
  553. 'topic' => $row['id_topic'],
  554. 'board' => $row['id_board'],
  555. 'board_name' => $row['name'],
  556. 'approved' => $row['approved'],
  557. );
  558. }
  559. $smcFunc['db_free_result']($request);
  560. }
  561. /**
  562. * Gets the user stats for display
  563. *
  564. * @param int $memID id_member
  565. */
  566. function statPanel($memID)
  567. {
  568. global $txt, $scripturl, $context, $user_profile, $user_info, $modSettings, $smcFunc;
  569. $context['page_title'] = $txt['statPanel_showStats'] . ' ' . $user_profile[$memID]['real_name'];
  570. // General user statistics.
  571. $timeDays = floor($user_profile[$memID]['total_time_logged_in'] / 86400);
  572. $timeHours = floor(($user_profile[$memID]['total_time_logged_in'] % 86400) / 3600);
  573. $context['time_logged_in'] = ($timeDays > 0 ? $timeDays . $txt['totalTimeLogged2'] : '') . ($timeHours > 0 ? $timeHours . $txt['totalTimeLogged3'] : '') . floor(($user_profile[$memID]['total_time_logged_in'] % 3600) / 60) . $txt['totalTimeLogged4'];
  574. $context['num_posts'] = comma_format($user_profile[$memID]['posts']);
  575. // Number of topics started.
  576. $result = $smcFunc['db_query']('', '
  577. SELECT COUNT(*)
  578. FROM {db_prefix}topics
  579. WHERE id_member_started = {int:current_member}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  580. AND id_board != {int:recycle_board}' : ''),
  581. array(
  582. 'current_member' => $memID,
  583. 'recycle_board' => $modSettings['recycle_board'],
  584. )
  585. );
  586. list ($context['num_topics']) = $smcFunc['db_fetch_row']($result);
  587. $smcFunc['db_free_result']($result);
  588. // Number polls started.
  589. $result = $smcFunc['db_query']('', '
  590. SELECT COUNT(*)
  591. FROM {db_prefix}topics
  592. WHERE id_member_started = {int:current_member}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  593. AND id_board != {int:recycle_board}' : '') . '
  594. AND id_poll != {int:no_poll}',
  595. array(
  596. 'current_member' => $memID,
  597. 'recycle_board' => $modSettings['recycle_board'],
  598. 'no_poll' => 0,
  599. )
  600. );
  601. list ($context['num_polls']) = $smcFunc['db_fetch_row']($result);
  602. $smcFunc['db_free_result']($result);
  603. // Number polls voted in.
  604. $result = $smcFunc['db_query']('distinct_poll_votes', '
  605. SELECT COUNT(DISTINCT id_poll)
  606. FROM {db_prefix}log_polls
  607. WHERE id_member = {int:current_member}',
  608. array(
  609. 'current_member' => $memID,
  610. )
  611. );
  612. list ($context['num_votes']) = $smcFunc['db_fetch_row']($result);
  613. $smcFunc['db_free_result']($result);
  614. // Format the numbers...
  615. $context['num_topics'] = comma_format($context['num_topics']);
  616. $context['num_polls'] = comma_format($context['num_polls']);
  617. $context['num_votes'] = comma_format($context['num_votes']);
  618. // Grab the board this member posted in most often.
  619. $result = $smcFunc['db_query']('', '
  620. SELECT
  621. b.id_board, MAX(b.name) AS name, MAX(b.num_posts) AS num_posts, COUNT(*) AS message_count
  622. FROM {db_prefix}messages AS m
  623. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  624. WHERE m.id_member = {int:current_member}
  625. AND b.count_posts = {int:count_enabled}
  626. AND {query_see_board}
  627. GROUP BY b.id_board
  628. ORDER BY message_count DESC
  629. LIMIT 10',
  630. array(
  631. 'current_member' => $memID,
  632. 'count_enabled' => 0,
  633. )
  634. );
  635. $context['popular_boards'] = array();
  636. while ($row = $smcFunc['db_fetch_assoc']($result))
  637. {
  638. $context['popular_boards'][$row['id_board']] = array(
  639. 'id' => $row['id_board'],
  640. 'posts' => $row['message_count'],
  641. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  642. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['name'] . '</a>',
  643. 'posts_percent' => $user_profile[$memID]['posts'] == 0 ? 0 : ($row['message_count'] * 100) / $user_profile[$memID]['posts'],
  644. 'total_posts' => $row['num_posts'],
  645. 'total_posts_member' => $user_profile[$memID]['posts'],
  646. );
  647. }
  648. $smcFunc['db_free_result']($result);
  649. // Now get the 10 boards this user has most often participated in.
  650. $result = $smcFunc['db_query']('profile_board_stats', '
  651. SELECT
  652. b.id_board, MAX(b.name) AS name, b.num_posts, COUNT(*) AS message_count,
  653. CASE WHEN COUNT(*) > MAX(b.num_posts) THEN 1 ELSE COUNT(*) / MAX(b.num_posts) END * 100 AS percentage
  654. FROM {db_prefix}messages AS m
  655. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  656. WHERE m.id_member = {int:current_member}
  657. AND {query_see_board}
  658. GROUP BY b.id_board, b.num_posts
  659. ORDER BY percentage DESC
  660. LIMIT 10',
  661. array(
  662. 'current_member' => $memID,
  663. )
  664. );
  665. $context['board_activity'] = array();
  666. while ($row = $smcFunc['db_fetch_assoc']($result))
  667. {
  668. $context['board_activity'][$row['id_board']] = array(
  669. 'id' => $row['id_board'],
  670. 'posts' => $row['message_count'],
  671. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  672. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['name'] . '</a>',
  673. 'percent' => comma_format((float) $row['percentage'], 2),
  674. 'posts_percent' => (float) $row['percentage'],
  675. 'total_posts' => $row['num_posts'],
  676. );
  677. }
  678. $smcFunc['db_free_result']($result);
  679. // Posting activity by time.
  680. $result = $smcFunc['db_query']('user_activity_by_time', '
  681. SELECT
  682. HOUR(FROM_UNIXTIME(poster_time + {int:time_offset})) AS hour,
  683. COUNT(*) AS post_count
  684. FROM {db_prefix}messages
  685. WHERE id_member = {int:current_member}' . ($modSettings['totalMessages'] > 100000 ? '
  686. AND id_topic > {int:top_ten_thousand_topics}' : '') . '
  687. GROUP BY hour',
  688. array(
  689. 'current_member' => $memID,
  690. 'top_ten_thousand_topics' => $modSettings['totalTopics'] - 10000,
  691. 'time_offset' => (($user_info['time_offset'] + $modSettings['time_offset']) * 3600),
  692. )
  693. );
  694. $maxPosts = $realPosts = 0;
  695. $context['posts_by_time'] = array();
  696. while ($row = $smcFunc['db_fetch_assoc']($result))
  697. {
  698. // Cast as an integer to remove the leading 0.
  699. $row['hour'] = (int) $row['hour'];
  700. $maxPosts = max($row['post_count'], $maxPosts);
  701. $realPosts += $row['post_count'];
  702. $context['posts_by_time'][$row['hour']] = array(
  703. 'hour' => $row['hour'],
  704. 'hour_format' => stripos($user_info['time_format'], '%p') === false ? $row['hour'] : date('g a', mktime($row['hour'])),
  705. 'posts' => $row['post_count'],
  706. 'posts_percent' => 0,
  707. 'is_last' => $row['hour'] == 23,
  708. );
  709. }
  710. $smcFunc['db_free_result']($result);
  711. if ($maxPosts > 0)
  712. for ($hour = 0; $hour < 24; $hour++)
  713. {
  714. if (!isset($context['posts_by_time'][$hour]))
  715. $context['posts_by_time'][$hour] = array(
  716. 'hour' => $hour,
  717. 'hour_format' => stripos($user_info['time_format'], '%p') === false ? $hour : date('g a', mktime($hour)),
  718. 'posts' => 0,
  719. 'posts_percent' => 0,
  720. 'relative_percent' => 0,
  721. 'is_last' => $hour == 23,
  722. );
  723. else
  724. {
  725. $context['posts_by_time'][$hour]['posts_percent'] = round(($context['posts_by_time'][$hour]['posts'] * 100) / $realPosts);
  726. $context['posts_by_time'][$hour]['relative_percent'] = round(($context['posts_by_time'][$hour]['posts'] * 100) / $maxPosts);
  727. }
  728. }
  729. // Put it in the right order.
  730. ksort($context['posts_by_time']);
  731. }
  732. /**
  733. * @todo needs a description
  734. *
  735. * @param int $memID id_member
  736. */
  737. function tracking($memID)
  738. {
  739. global $sourcedir, $context, $txt, $scripturl, $modSettings, $user_profile;
  740. $subActions = array(
  741. 'activity' => array('trackActivity', $txt['trackActivity']),
  742. 'ip' => array('TrackIP', $txt['trackIP']),
  743. 'edits' => array('trackEdits', $txt['trackEdits']),
  744. 'logins' => array('TrackLogins', $txt['trackLogins']),
  745. );
  746. $context['tracking_area'] = isset($_GET['sa']) && isset($subActions[$_GET['sa']]) ? $_GET['sa'] : 'activity';
  747. // @todo what is $types? it is never set so this will never be true
  748. if (isset($types[$context['tracking_area']][1]))
  749. require_once($sourcedir . '/' . $types[$context['tracking_area']][1]);
  750. // Create the tabs for the template.
  751. $context[$context['profile_menu_name']]['tab_data'] = array(
  752. 'title' => $txt['tracking'],
  753. 'description' => $txt['tracking_description'],
  754. 'icon' => 'profile_sm.png',
  755. 'tabs' => array(
  756. 'activity' => array(),
  757. 'ip' => array(),
  758. 'edits' => array(),
  759. ),
  760. );
  761. // Moderation must be on to track edits.
  762. if (empty($modSettings['modlog_enabled']))
  763. unset($context[$context['profile_menu_name']]['tab_data']['edits']);
  764. // Set a page title.
  765. $context['page_title'] = $txt['trackUser'] . ' - ' . $subActions[$context['tracking_area']][1] . ' - ' . $user_profile[$memID]['real_name'];
  766. // Pass on to the actual function.
  767. $context['sub_template'] = $subActions[$context['tracking_area']][0];
  768. $subActions[$context['tracking_area']][0]($memID);
  769. }
  770. /**
  771. * @todo needs a description
  772. *
  773. * @param int $memID id_member
  774. */
  775. function trackActivity($memID)
  776. {
  777. global $scripturl, $txt, $modSettings, $sourcedir;
  778. global $user_profile, $context, $smcFunc;
  779. // Verify if the user has sufficient permissions.
  780. isAllowedTo('moderate_forum');
  781. $context['last_ip'] = $user_profile[$memID]['member_ip'];
  782. if ($context['last_ip'] != $user_profile[$memID]['member_ip2'])
  783. $context['last_ip2'] = $user_profile[$memID]['member_ip2'];
  784. $context['member']['name'] = $user_profile[$memID]['real_name'];
  785. // Set the options for the list component.
  786. $listOptions = array(
  787. 'id' => 'track_user_list',
  788. 'title' => $txt['errors_by'] . ' ' . $context['member']['name'],
  789. 'items_per_page' => $modSettings['defaultMaxMessages'],
  790. 'no_items_label' => $txt['no_errors_from_user'],
  791. 'base_href' => $scripturl . '?action=profile;area=tracking;sa=user;u=' . $memID,
  792. 'default_sort_col' => 'date',
  793. 'get_items' => array(
  794. 'function' => 'list_getUserErrors',
  795. 'params' => array(
  796. 'le.id_member = {int:current_member}',
  797. array('current_member' => $memID),
  798. ),
  799. ),
  800. 'get_count' => array(
  801. 'function' => 'list_getUserErrorCount',
  802. 'params' => array(
  803. 'id_member = {int:current_member}',
  804. array('current_member' => $memID),
  805. ),
  806. ),
  807. 'columns' => array(
  808. 'ip_address' => array(
  809. 'header' => array(
  810. 'value' => $txt['ip_address'],
  811. ),
  812. 'data' => array(
  813. 'sprintf' => array(
  814. 'format' => '<a href="' . $scripturl . '?action=profile;area=tracking;sa=ip;searchip=%1$s;u=' . $memID. '">%1$s</a>',
  815. 'params' => array(
  816. 'ip' => false,
  817. ),
  818. ),
  819. ),
  820. 'sort' => array(
  821. 'default' => 'le.ip',
  822. 'reverse' => 'le.ip DESC',
  823. ),
  824. ),
  825. 'message' => array(
  826. 'header' => array(
  827. 'value' => $txt['message'],
  828. ),
  829. 'data' => array(
  830. 'sprintf' => array(
  831. 'format' => '%1$s<br /><a href="%2$s">%2$s</a>',
  832. 'params' => array(
  833. 'message' => false,
  834. 'url' => false,
  835. ),
  836. ),
  837. ),
  838. ),
  839. 'date' => array(
  840. 'header' => array(
  841. 'value' => $txt['date'],
  842. ),
  843. 'data' => array(
  844. 'db' => 'time',
  845. ),
  846. 'sort' => array(
  847. 'default' => 'le.id_error DESC',
  848. 'reverse' => 'le.id_error',
  849. ),
  850. ),
  851. ),
  852. 'additional_rows' => array(
  853. array(
  854. 'position' => 'after_title',
  855. 'value' => $txt['errors_desc'],
  856. 'class' => 'windowbg2',
  857. 'style' => 'padding: 1ex 2ex;',
  858. ),
  859. ),
  860. );
  861. // Create the list for viewing.
  862. require_once($sourcedir . '/Subs-List.php');
  863. createList($listOptions);
  864. // @todo cache this
  865. // If this is a big forum, or a large posting user, let's limit the search.
  866. if ($modSettings['totalMessages'] > 50000 && $user_profile[$memID]['posts'] > 500)
  867. {
  868. $request = $smcFunc['db_query']('', '
  869. SELECT MAX(id_msg)
  870. FROM {db_prefix}messages AS m
  871. WHERE m.id_member = {int:current_member}',
  872. array(
  873. 'current_member' => $memID,
  874. )
  875. );
  876. list ($max_msg_member) = $smcFunc['db_fetch_row']($request);
  877. $smcFunc['db_free_result']($request);
  878. // There's no point worrying ourselves with messages made yonks ago, just get recent ones!
  879. $min_msg_member = max(0, $max_msg_member - $user_profile[$memID]['posts'] * 3);
  880. }
  881. // Default to at least the ones we know about.
  882. $ips = array(
  883. $user_profile[$memID]['member_ip'],
  884. $user_profile[$memID]['member_ip2'],
  885. );
  886. // @todo cache this
  887. // Get all IP addresses this user has used for his messages.
  888. $request = $smcFunc['db_query']('', '
  889. SELECT poster_ip
  890. FROM {db_prefix}messages
  891. WHERE id_member = {int:current_member}
  892. ' . (isset($min_msg_member) ? '
  893. AND id_msg >= {int:min_msg_member} AND id_msg <= {int:max_msg_member}' : '') . '
  894. GROUP BY poster_ip',
  895. array(
  896. 'current_member' => $memID,
  897. 'min_msg_member' => !empty($min_msg_member) ? $min_msg_member : 0,
  898. 'max_msg_member' => !empty($max_msg_member) ? $max_msg_member : 0,
  899. )
  900. );
  901. $context['ips'] = array();
  902. while ($row = $smcFunc['db_fetch_assoc']($request))
  903. {
  904. $context['ips'][] = '<a href="' . $scripturl . '?action=profile;area=tracking;sa=ip;searchip=' . $row['poster_ip'] . ';u=' . $memID . '">' . $row['poster_ip'] . '</a>';
  905. $ips[] = $row['poster_ip'];
  906. }
  907. $smcFunc['db_free_result']($request);
  908. // Now also get the IP addresses from the error messages.
  909. $request = $smcFunc['db_query']('', '
  910. SELECT COUNT(*) AS error_count, ip
  911. FROM {db_prefix}log_errors
  912. WHERE id_member = {int:current_member}
  913. GROUP BY ip',
  914. array(
  915. 'current_member' => $memID,
  916. )
  917. );
  918. $context['error_ips'] = array();
  919. while ($row = $smcFunc['db_fetch_assoc']($request))
  920. {
  921. $context['error_ips'][] = '<a href="' . $scripturl . '?action=profile;area=tracking;sa=ip;searchip=' . $row['ip'] . ';u=' . $memID . '">' . $row['ip'] . '</a>';
  922. $ips[] = $row['ip'];
  923. }
  924. $smcFunc['db_free_result']($request);
  925. // Find other users that might use the same IP.
  926. $ips = array_unique($ips);
  927. $context['members_in_range'] = array();
  928. if (!empty($ips))
  929. {
  930. // Get member ID's which are in messages...
  931. $request = $smcFunc['db_query']('', '
  932. SELECT mem.id_member
  933. FROM {db_prefix}messages AS m
  934. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  935. WHERE m.poster_ip IN ({array_string:ip_list})
  936. GROUP BY mem.id_member
  937. HAVING mem.id_member != {int:current_member}',
  938. array(
  939. 'current_member' => $memID,
  940. 'ip_list' => $ips,
  941. )
  942. );
  943. $message_members = array();
  944. while ($row = $smcFunc['db_fetch_assoc']($request))
  945. $message_members[] = $row['id_member'];
  946. $smcFunc['db_free_result']($request);
  947. // Fetch their names, cause of the GROUP BY doesn't like giving us that normally.
  948. if (!empty($message_members))
  949. {
  950. $request = $smcFunc['db_query']('', '
  951. SELECT id_member, real_name
  952. FROM {db_prefix}members
  953. WHERE id_member IN ({array_int:message_members})',
  954. array(
  955. 'message_members' => $message_members,
  956. 'ip_list' => $ips,
  957. )
  958. );
  959. while ($row = $smcFunc['db_fetch_assoc']($request))
  960. $context['members_in_range'][$row['id_member']] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>';
  961. $smcFunc['db_free_result']($request);
  962. }
  963. $request = $smcFunc['db_query']('', '
  964. SELECT id_member, real_name
  965. FROM {db_prefix}members
  966. WHERE id_member != {int:current_member}
  967. AND member_ip IN ({array_string:ip_list})',
  968. array(
  969. 'current_member' => $memID,
  970. 'ip_list' => $ips,
  971. )
  972. );
  973. while ($row = $smcFunc['db_fetch_assoc']($request))
  974. $context['members_in_range'][$row['id_member']] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>';
  975. $smcFunc['db_free_result']($request);
  976. }
  977. }
  978. /**
  979. * Get the number of user errors
  980. *
  981. * @param string $where
  982. * @param array $where_vars = array()
  983. * @return string number of user errors
  984. */
  985. function list_getUserErrorCount($where, $where_vars = array())
  986. {
  987. global $smcFunc;
  988. $request = $smcFunc['db_query']('', '
  989. SELECT COUNT(*) AS error_count
  990. FROM {db_prefix}log_errors
  991. WHERE ' . $where,
  992. $where_vars
  993. );
  994. list ($count) = $smcFunc['db_fetch_row']($request);
  995. $smcFunc['db_free_result']($request);
  996. // @todo cast this to an integer
  997. return $count;
  998. }
  999. /**
  1000. * @todo needs a description
  1001. *
  1002. * @param int $start
  1003. * @param int $items_per_page
  1004. * @param string $sort
  1005. * @param string $where
  1006. * @param array $where_vars
  1007. * @return array error messages
  1008. */
  1009. function list_getUserErrors($start, $items_per_page, $sort, $where, $where_vars = array())
  1010. {
  1011. global $smcFunc, $txt, $scripturl;
  1012. // Get a list of error messages from this ip (range).
  1013. $request = $smcFunc['db_query']('', '
  1014. SELECT
  1015. le.log_time, le.ip, le.url, le.message, IFNULL(mem.id_member, 0) AS id_member,
  1016. IFNULL(mem.real_name, {string:guest_title}) AS display_name, mem.member_name
  1017. FROM {db_prefix}log_errors AS le
  1018. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = le.id_member)
  1019. WHERE ' . $where . '
  1020. ORDER BY ' . $sort . '
  1021. LIMIT ' . $start . ', ' . $items_per_page,
  1022. array_merge($where_vars, array(
  1023. 'guest_title' => $txt['guest_title'],
  1024. ))
  1025. );
  1026. $error_messages = array();
  1027. while ($row = $smcFunc['db_fetch_assoc']($request))
  1028. $error_messages[] = array(
  1029. 'ip' => $row['ip'],
  1030. 'member_link' => $row['id_member'] > 0 ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['display_name'] . '</a>' : $row['display_name'],
  1031. 'message' => strtr($row['message'], array('&lt;span class=&quot;remove&quot;&gt;' => '', '&lt;/span&gt;' => '')),
  1032. 'url' => $row['url'],
  1033. 'time' => timeformat($row['log_time']),
  1034. 'timestamp' => forum_time(true, $row['log_time']),
  1035. );
  1036. $smcFunc['db_free_result']($request);
  1037. return $error_messages;
  1038. }
  1039. /**
  1040. * @todo needs a description
  1041. *
  1042. * @param string $where
  1043. * @param array $where_vars
  1044. * @return string count of messages matching the IP
  1045. */
  1046. function list_getIPMessageCount($where, $where_vars = array())
  1047. {
  1048. global $smcFunc;
  1049. $request = $smcFunc['db_query']('', '
  1050. SELECT COUNT(*) AS message_count
  1051. FROM {db_prefix}messages AS m
  1052. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  1053. WHERE {query_see_board} AND ' . $where,
  1054. $where_vars
  1055. );
  1056. list ($count) = $smcFunc['db_fetch_row']($request);
  1057. $smcFunc['db_free_result']($request);
  1058. // @todo cast to integer
  1059. return $count;
  1060. }
  1061. /**
  1062. * @todo needs a description
  1063. *
  1064. * @param int $start
  1065. * @param int $items_per_page
  1066. * @param string $sort
  1067. * @param string $where
  1068. * @param array $where_vars
  1069. * @return array an array of messages
  1070. */
  1071. function list_getIPMessages($start, $items_per_page, $sort, $where, $where_vars = array())
  1072. {
  1073. global $smcFunc, $txt, $scripturl;
  1074. // Get all the messages fitting this where clause.
  1075. // @todo SLOW This query is using a filesort.
  1076. $request = $smcFunc['db_query']('', '
  1077. SELECT
  1078. m.id_msg, m.poster_ip, IFNULL(mem.real_name, m.poster_name) AS display_name, mem.id_member,
  1079. m.subject, m.poster_time, m.id_topic, m.id_board
  1080. FROM {db_prefix}messages AS m
  1081. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  1082. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  1083. WHERE {query_see_board} AND ' . $where . '
  1084. ORDER BY ' . $sort . '
  1085. LIMIT ' . $start . ', ' . $items_per_page,
  1086. array_merge($where_vars, array(
  1087. ))
  1088. );
  1089. $messages = array();
  1090. while ($row = $smcFunc['db_fetch_assoc']($request))
  1091. $messages[] = array(
  1092. 'ip' => $row['poster_ip'],
  1093. 'member_link' => empty($row['id_member']) ? $row['display_name'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['display_name'] . '</a>',
  1094. 'board' => array(
  1095. 'id' => $row['id_board'],
  1096. 'href' => $scripturl . '?board=' . $row['id_board']
  1097. ),
  1098. 'topic' => $row['id_topic'],
  1099. 'id' => $row['id_msg'],
  1100. 'subject' => $row['subject'],
  1101. 'time' => timeformat($row['poster_time']),
  1102. 'timestamp' => forum_time(true, $row['poster_time'])
  1103. );
  1104. $smcFunc['db_free_result']($request);
  1105. return $messages;
  1106. }
  1107. /**
  1108. * @todo needs a description
  1109. *
  1110. * @param int $memID = 0 id_member
  1111. */
  1112. function TrackIP($memID = 0)
  1113. {
  1114. global $user_profile, $scripturl, $txt, $user_info, $modSettings, $sourcedir;
  1115. global $context, $smcFunc;
  1116. // Can the user do this?
  1117. isAllowedTo('moderate_forum');
  1118. if ($memID == 0)
  1119. {
  1120. $context['ip'] = $user_info['ip'];
  1121. loadTemplate('Profile');
  1122. loadLanguage('Profile');
  1123. $context['sub_template'] = 'trackIP';
  1124. $context['page_title'] = $txt['profile'];
  1125. $context['base_url'] = $scripturl . '?action=trackip';
  1126. }
  1127. else
  1128. {
  1129. $context['ip'] = $user_profile[$memID]['member_ip'];
  1130. $context['base_url'] = $scripturl . '?action=profile;area=tracking;sa=ip;u=' . $memID;
  1131. }
  1132. // Searching?
  1133. if (isset($_REQUEST['searchip']))
  1134. $context['ip'] = trim($_REQUEST['searchip']);
  1135. if (preg_match('/^\d{1,3}\.(\d{1,3}|\*)\.(\d{1,3}|\*)\.(\d{1,3}|\*)$/', $context['ip']) == 0 && isValidIPv6($context['ip']) === false)
  1136. fatal_lang_error('invalid_tracking_ip', false);
  1137. $ip_var = str_replace('*', '%', $context['ip']);
  1138. $ip_string = strpos($ip_var, '%') === false ? '= {string:ip_address}' : 'LIKE {string:ip_address}';
  1139. if (empty($context['tracking_area']))
  1140. $context['page_title'] = $txt['trackIP'] . ' - ' . $context['ip'];
  1141. $request = $smcFunc['db_query']('', '
  1142. SELECT id_member, real_name AS display_name, member_ip
  1143. FROM {db_prefix}members
  1144. WHERE member_ip ' . $ip_string,
  1145. array(
  1146. 'ip_address' => $ip_var,
  1147. )
  1148. );
  1149. $context['ips'] = array();
  1150. while ($row = $smcFunc['db_fetch_assoc']($request))
  1151. $context['ips'][$row['member_ip']][] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['display_name'] . '</a>';
  1152. $smcFunc['db_free_result']($request);
  1153. ksort($context['ips']);
  1154. // Gonna want this for the list.
  1155. require_once($sourcedir . '/Subs-List.php');
  1156. // Start with the user messages.
  1157. $listOptions = array(
  1158. 'id' => 'track_message_list',
  1159. 'title' => $txt['messages_from_ip'] . ' ' . $context['ip'],
  1160. 'start_var_name' => 'messageStart',
  1161. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1162. 'no_items_label' => $txt['no_messages_from_ip'],
  1163. 'base_href' => $context['base_url'] . ';searchip=' . $context['ip'],
  1164. 'default_sort_col' => 'date',
  1165. 'get_items' => array(
  1166. 'function' => 'list_getIPMessages',
  1167. 'params' => array(
  1168. 'm.poster_ip ' . $ip_string,
  1169. array('ip_address' => $ip_var),
  1170. ),
  1171. ),
  1172. 'get_count' => array(
  1173. 'function' => 'list_getIPMessageCount',
  1174. 'params' => array(
  1175. 'm.poster_ip ' . $ip_string,
  1176. array('ip_address' => $ip_var),
  1177. ),
  1178. ),
  1179. 'columns' => array(
  1180. 'ip_address' => array(
  1181. 'header' => array(
  1182. 'value' => $txt['ip_address'],
  1183. ),
  1184. 'data' => array(
  1185. 'sprintf' => array(
  1186. 'format' => '<a href="' . $context['base_url'] . ';searchip=%1$s">%1$s</a>',
  1187. 'params' => array(
  1188. 'ip' => false,
  1189. ),
  1190. ),
  1191. ),
  1192. 'sort' => array(
  1193. 'default' => 'INET_ATON(m.poster_ip)',
  1194. 'reverse' => 'INET_ATON(m.poster_ip) DESC',
  1195. ),
  1196. ),
  1197. 'poster' => array(
  1198. 'header' => array(
  1199. 'value' => $txt['poster'],
  1200. ),
  1201. 'data' => array(
  1202. 'db' => 'member_link',
  1203. ),
  1204. ),
  1205. 'subject' => array(
  1206. 'header' => array(
  1207. 'value' => $txt['subject'],
  1208. ),
  1209. 'data' => array(
  1210. 'sprintf' => array(
  1211. 'format' => '<a href="' . $scripturl . '?topic=%1$s.msg%2$s#msg%2$s" rel="nofollow">%3$s</a>',
  1212. 'params' => array(
  1213. 'topic' => false,
  1214. 'id' => false,
  1215. 'subject' => false,
  1216. ),
  1217. ),
  1218. ),
  1219. ),
  1220. 'date' => array(
  1221. 'header' => array(
  1222. 'value' => $txt['date'],
  1223. ),
  1224. 'data' => array(
  1225. 'db' => 'time',
  1226. ),
  1227. 'sort' => array(
  1228. 'default' => 'm.id_msg DESC',
  1229. 'reverse' => 'm.id_msg',
  1230. ),
  1231. ),
  1232. ),
  1233. 'additional_rows' => array(
  1234. array(
  1235. 'position' => 'after_title',
  1236. 'value' => $txt['messages_from_ip_desc'],
  1237. 'class' => 'windowbg2',
  1238. 'style' => 'padding: 1ex 2ex;',
  1239. ),
  1240. ),
  1241. );
  1242. // Create the messages list.
  1243. createList($listOptions);
  1244. // Set the options for the error lists.
  1245. $listOptions = array(
  1246. 'id' => 'track_user_list',
  1247. 'title' => $txt['errors_from_ip'] . ' ' . $context['ip'],
  1248. 'start_var_name' => 'errorStart',
  1249. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1250. 'no_items_label' => $txt['no_errors_from_ip'],
  1251. 'base_href' => $context['base_url'] . ';searchip=' . $context['ip'],
  1252. 'default_sort_col' => 'date2',
  1253. 'get_items' => array(
  1254. 'function' => 'list_getUserErrors',
  1255. 'params' => array(
  1256. 'le.ip ' . $ip_string,
  1257. array('ip_address' => $ip_var),
  1258. ),
  1259. ),
  1260. 'get_count' => array(
  1261. 'function' => 'list_getUserErrorCount',
  1262. 'params' => array(
  1263. 'ip ' . $ip_string,
  1264. array('ip_address' => $ip_var),
  1265. ),
  1266. ),
  1267. 'columns' => array(
  1268. 'ip_address2' => array(
  1269. 'header' => array(
  1270. 'value' => $txt['ip_address'],
  1271. ),
  1272. 'data' => array(
  1273. 'sprintf' => array(
  1274. 'format' => '<a href="' . $context['base_url'] . ';searchip=%1$s">%1$s</a>',
  1275. 'params' => array(
  1276. 'ip' => false,
  1277. ),
  1278. ),
  1279. ),
  1280. 'sort' => array(
  1281. 'default' => 'INET_ATON(le.ip)',
  1282. 'reverse' => 'INET_ATON(le.ip) DESC',
  1283. ),
  1284. ),
  1285. 'display_name' => array(
  1286. 'header' => array(
  1287. 'value' => $txt['display_name'],
  1288. ),
  1289. 'data' => array(
  1290. 'db' => 'member_link',
  1291. ),
  1292. ),
  1293. 'message' => array(
  1294. 'header' => array(
  1295. 'value' => $txt['message'],
  1296. ),
  1297. 'data' => array(
  1298. 'sprintf' => array(
  1299. 'format' => '%1$s<br /><a href="%2$s">%2$s</a>',
  1300. 'params' => array(
  1301. 'message' => false,
  1302. 'url' => false,
  1303. ),
  1304. ),
  1305. ),
  1306. ),
  1307. 'date2' => array(
  1308. 'header' => array(
  1309. 'value' => $txt['date'],
  1310. ),
  1311. 'data' => array(
  1312. 'db' => 'time',
  1313. ),
  1314. 'sort' => array(
  1315. 'default' => 'le.id_error DESC',
  1316. 'reverse' => 'le.id_error',
  1317. ),
  1318. ),
  1319. ),
  1320. 'additional_rows' => array(
  1321. array(
  1322. 'position' => 'after_title',
  1323. 'value' => $txt['errors_from_ip_desc'],
  1324. 'class' => 'windowbg2',
  1325. 'style' => 'padding: 1ex 2ex;',
  1326. ),
  1327. ),
  1328. );
  1329. // Create the error list.
  1330. createList($listOptions);
  1331. $context['single_ip'] = strpos($context['ip'], '*') === false;
  1332. if ($context['single_ip'])
  1333. {
  1334. $context['whois_servers'] = array(
  1335. 'afrinic' => array(
  1336. 'name' => $txt['whois_afrinic'],
  1337. 'url' => 'http://www.afrinic.net/cgi-bin/whois?searchtext=' . $context['ip'],
  1338. 'range' => array(41, 154, 196),
  1339. ),
  1340. 'apnic' => array(
  1341. 'name' => $txt['whois_apnic'],
  1342. 'url' => 'http://wq.apnic.net/apnic-bin/whois.pl?searchtext=' . $context['ip'],
  1343. 'range' => array(58, 59, 60, 61, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124,
  1344. 125, 126, 133, 150, 153, 163, 171, 202, 203, 210, 211, 218, 219, 220, 221, 222),
  1345. ),
  1346. 'arin' => array(
  1347. 'name' => $txt['whois_arin'],
  1348. 'url' => 'http://whois.arin.net/rest/ip/' . $context['ip'],
  1349. 'range' => array(7, 24, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 96, 97, 98, 99,
  1350. 128, 129, 130, 131, 132, 134, 135, 136, 137, 138, 139, 140, 142, 143, 144, 146, 147, 148, 149,
  1351. 152, 155, 156, 157, 158, 159, 160, 161, 162, 164, 165, 166, 167, 168, 169, 170, 172, 173, 174,
  1352. 192, 198, 199, 204, 205, 206, 207, 208, 209, 216),
  1353. ),
  1354. 'lacnic' => array(
  1355. 'name' => $txt['whois_lacnic'],
  1356. 'url' => 'http://lacnic.net/cgi-bin/lacnic/whois?query=' . $context['ip'],
  1357. 'range' => array(186, 187, 189, 190, 191, 200, 201),
  1358. ),
  1359. 'ripe' => array(
  1360. 'name' => $txt['whois_ripe'],
  1361. 'url' => 'http://www.db.ripe.net/whois?searchtext=' . $context['ip'],
  1362. 'range' => array(62, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95,
  1363. 141, 145, 151, 188, 193, 194, 195, 212, 213, 217),
  1364. ),
  1365. );
  1366. foreach ($context['whois_servers'] as $whois)
  1367. {
  1368. // Strip off the "decimal point" and anything following...
  1369. if (in_array((int) $context['ip'], $whois['range']))
  1370. $context['auto_whois_server'] = $whois;
  1371. }
  1372. }
  1373. }
  1374. /**
  1375. * Tracks a users logins.
  1376. *
  1377. * @param int $memID = 0 id_member
  1378. */
  1379. function TrackLogins($memID = 0)
  1380. {
  1381. global $user_profile, $scripturl, $txt, $user_info, $modSettings, $sourcedir;
  1382. global $context, $smcFunc;
  1383. // Gonna want this for the list.
  1384. require_once($sourcedir . '/Subs-List.php');
  1385. if ($memID == 0)
  1386. $context['base_url'] = $scripturl . '?action=trackip';
  1387. else
  1388. $context['base_url'] = $scripturl . '?action=profile;area=tracking;sa=ip;u=' . $memID;
  1389. // Start with the user messages.
  1390. $listOptions = array(
  1391. 'id' => 'track_logins_list',
  1392. 'title' => $txt['trackLogins'],
  1393. 'no_items_label' => $txt['trackLogins_none_found'],
  1394. 'base_href' => $context['base_url'],
  1395. 'get_items' => array(
  1396. 'function' => 'list_getLogins',
  1397. 'params' => array(
  1398. 'id_member = {int:current_member}',
  1399. array('current_member' => $memID),
  1400. ),
  1401. ),
  1402. 'get_count' => array(
  1403. 'function' => 'list_getLoginCount',
  1404. 'params' => array(
  1405. 'id_member = {int:current_member}',
  1406. array('current_member' => $memID),
  1407. ),
  1408. ),
  1409. 'columns' => array(
  1410. 'time' => array(
  1411. 'header' => array(
  1412. 'value' => $txt['date'],
  1413. ),
  1414. 'data' => array(
  1415. 'db' => 'time',
  1416. ),
  1417. ),
  1418. 'ip' => array(
  1419. 'header' => array(
  1420. 'value' => $txt['ip_address'],
  1421. ),
  1422. 'data' => array(
  1423. 'sprintf' => array(
  1424. 'format' => '<a href="' . $context['base_url'] . ';searchip=%1$s">%1$s</a> (<a href="' . $context['base_url'] . ';searchip=%2$s">%2$s</a>) ',
  1425. 'params' => array(
  1426. 'ip' => false,
  1427. 'ip2' => false
  1428. ),
  1429. ),
  1430. ),
  1431. ),
  1432. ),
  1433. 'additional_rows' => array(
  1434. array(
  1435. 'position' => 'after_title',
  1436. 'value' => $txt['trackLogins_desc'],
  1437. 'class' => 'windowbg2',
  1438. 'style' => 'padding: 1ex 2ex;',
  1439. ),
  1440. ),
  1441. );
  1442. // Create the messages list.
  1443. createList($listOptions);
  1444. $context['sub_template'] = 'show_list';
  1445. $context['default_list'] = 'track_logins_list';
  1446. }
  1447. /**
  1448. * Callback for trackLogins for counting history.
  1449. *
  1450. * @param string $where
  1451. * @param array $where_vars
  1452. * @return string count of messages matching the IP
  1453. */
  1454. function list_getLoginCount($where, $where_vars = array())
  1455. {
  1456. global $smcFunc;
  1457. $request = $smcFunc['db_query']('', '
  1458. SELECT COUNT(*) AS message_count
  1459. FROM {db_prefix}member_logins
  1460. WHERE id_member = {int:id_member}',
  1461. array(
  1462. 'id_member' => $where_vars['current_member'],
  1463. )
  1464. );
  1465. list ($count) = $smcFunc['db_fetch_row']($request);
  1466. $smcFunc['db_free_result']($request);
  1467. // @todo cast to integer
  1468. return $count;
  1469. }
  1470. /**
  1471. * Callback for trackLogins data.
  1472. *
  1473. * @param int $start
  1474. * @param int $items_per_page
  1475. * @param string $sort
  1476. * @param string $where
  1477. * @param array $where_vars
  1478. * @return array an array of messages
  1479. */
  1480. function list_getLogins($start, $items_per_page, $sort, $where, $where_vars = array())
  1481. {
  1482. global $smcFunc, $txt, $scripturl;
  1483. $request = $smcFunc['db_query']('', '
  1484. SELECT time, ip, ip2
  1485. FROM {db_prefix}member_logins
  1486. WHERE {int:id_member}
  1487. ORDER BY time DESC',
  1488. array(
  1489. 'id_member' => $where_vars['current_member'],
  1490. )
  1491. );
  1492. $logins = array();
  1493. while ($row = $smcFunc['db_fetch_assoc']($request))
  1494. $logins[] = array(
  1495. 'time' => timeformat($row['time']),
  1496. 'ip' => $row['ip'],
  1497. 'ip2' => $row['ip2'],
  1498. );
  1499. $smcFunc['db_free_result']($request);
  1500. return $logins;
  1501. }
  1502. /**
  1503. * @todo needs a description
  1504. *
  1505. * @param int $memID id_member
  1506. */
  1507. function trackEdits($memID)
  1508. {
  1509. global $scripturl, $txt, $modSettings, $sourcedir, $context, $smcFunc;
  1510. require_once($sourcedir . '/Subs-List.php');
  1511. // Get the names of any custom fields.
  1512. $request = $smcFunc['db_query']('', '
  1513. SELECT col_name, field_name, bbc
  1514. FROM {db_prefix}custom_fields',
  1515. array(
  1516. )
  1517. );
  1518. $context['custom_field_titles'] = array();
  1519. while ($row = $smcFunc['db_fetch_assoc']($request))
  1520. $context['custom_field_titles']['customfield_' . $row['col_name']] = array(
  1521. 'title' => $row['field_name'],
  1522. 'parse_bbc' => $row['bbc'],
  1523. );
  1524. $smcFunc['db_free_result']($request);
  1525. // Set the options for the error lists.
  1526. $listOptions = array(
  1527. 'id' => 'edit_list',
  1528. 'title' => $txt['trackEdits'],
  1529. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1530. 'no_items_label' => $txt['trackEdit_no_edits'],
  1531. 'base_href' => $scripturl . '?action=profile;area=tracking;sa=edits;u=' . $memID,
  1532. 'default_sort_col' => 'time',
  1533. 'get_items' => array(
  1534. 'function' => 'list_getProfileEdits',
  1535. 'params' => array(
  1536. $memID,
  1537. ),
  1538. ),
  1539. 'get_count' => array(
  1540. 'function' => 'list_getProfileEditCount',
  1541. 'params' => array(
  1542. $memID,
  1543. ),
  1544. ),
  1545. 'columns' => array(
  1546. 'action' => array(
  1547. 'header' => array(
  1548. 'value' => $txt['trackEdit_action'],
  1549. ),
  1550. 'data' => array(
  1551. 'db' => 'action_text',
  1552. ),
  1553. ),
  1554. 'before' => array(
  1555. 'header' => array(
  1556. 'value' => $txt['trackEdit_before'],
  1557. ),
  1558. 'data' => array(
  1559. 'db' => 'before',
  1560. ),
  1561. ),
  1562. 'after' => array(
  1563. 'header' => array(
  1564. 'value' => $txt['trackEdit_after'],
  1565. ),
  1566. 'data' => array(
  1567. 'db' => 'after',
  1568. ),
  1569. ),
  1570. 'time' => array(
  1571. 'header' => array(
  1572. 'value' => $txt['date'],
  1573. ),
  1574. 'data' => array(
  1575. 'db' => 'time',
  1576. ),
  1577. 'sort' => array(
  1578. 'default' => 'id_action DESC',
  1579. 'reverse' => 'id_action',
  1580. ),
  1581. ),
  1582. 'applicator' => array(
  1583. 'header' => array(
  1584. 'value' => $txt['trackEdit_applicator'],
  1585. ),
  1586. 'data' => array(
  1587. 'db' => 'member_link',
  1588. ),
  1589. ),
  1590. ),
  1591. );
  1592. // Create the error list.
  1593. createList($listOptions);
  1594. $context['sub_template'] = 'show_list';
  1595. $context['default_list'] = 'edit_list';
  1596. }
  1597. /**
  1598. * How many edits?
  1599. *
  1600. * @param int $memID id_member
  1601. * @return string number of profile edits
  1602. */
  1603. function list_getProfileEditCount($memID)
  1604. {
  1605. global $smcFunc;
  1606. $request = $smcFunc['db_query']('', '
  1607. SELECT COUNT(*) AS edit_count
  1608. FROM {db_prefix}log_actions
  1609. WHERE id_log = {int:log_type}
  1610. AND id_member = {int:owner}',
  1611. array(
  1612. 'log_type' => 2,
  1613. 'owner' => $memID,
  1614. )
  1615. );
  1616. list ($edit_count) = $smcFunc['db_fetch_row']($request);
  1617. $smcFunc['db_free_result']($request);
  1618. // @todo cast to integer
  1619. return $edit_count;
  1620. }
  1621. /**
  1622. * @todo needs a description
  1623. *
  1624. * @param int $start
  1625. * @param int $items_per_page
  1626. * @param string $sort
  1627. * @param int $memID
  1628. * @return array
  1629. */
  1630. function list_getProfileEdits($start, $items_per_page, $sort, $memID)
  1631. {
  1632. global $smcFunc, $txt, $scripturl, $context;
  1633. // Get a list of error messages from this ip (range).
  1634. $request = $smcFunc['db_query']('', '
  1635. SELECT
  1636. id_action, id_member, ip, log_time, action, extra
  1637. FROM {db_prefix}log_actions
  1638. WHERE id_log = {int:log_type}
  1639. AND id_member = {int:owner}
  1640. ORDER BY ' . $sort . '
  1641. LIMIT ' . $start . ', ' . $items_per_page,
  1642. array(
  1643. 'log_type' => 2,
  1644. 'owner' => $memID,
  1645. )
  1646. );
  1647. $edits = array();
  1648. $members = array();
  1649. while ($row = $smcFunc['db_fetch_assoc']($request))
  1650. {
  1651. $extra = @unserialize($row['extra']);
  1652. if (!empty($extra['applicator']))
  1653. $members[] = $extra['applicator'];
  1654. // Work out what the name of the action is.
  1655. if (isset($txt['trackEdit_action_' . $row['action']]))
  1656. $action_text = $txt['trackEdit_action_' . $row['action']];
  1657. elseif (isset($txt[$row['action']]))
  1658. $action_text = $txt[$row['action']];
  1659. // Custom field?
  1660. elseif (isset($context['custom_field_titles'][$row['action']]))
  1661. $action_text = $context['custom_field_titles'][$row['action']]['title'];
  1662. else
  1663. $action_text = $row['action'];
  1664. // Parse BBC?
  1665. $parse_bbc = isset($context['custom_field_titles'][$row['action']]) && $context['custom_field_titles'][$row['action']]['parse_bbc'] ? true : false;
  1666. $edits[] = array(
  1667. 'id' => $row['id_action'],
  1668. 'ip' => $row['ip'],
  1669. 'id_member' => !empty($extra['applicator']) ? $extra['applicator'] : 0,
  1670. 'member_link' => $txt['trackEdit_deleted_member'],
  1671. 'action' => $row['action'],
  1672. 'action_text' => $action_text,
  1673. 'before' => !empty($extra['previous']) ? ($parse_bbc ? parse_bbc($extra['previous']) : $extra['previous']) : '',
  1674. 'after' => !empty($extra['new']) ? ($parse_bbc ? parse_bbc($extra['new']) : $extra['new']) : '',
  1675. 'time' => timeformat($row['log_time']),
  1676. );
  1677. }
  1678. $smcFunc['db_free_result']($request);
  1679. // Get any member names.
  1680. if (!empty($members))
  1681. {
  1682. $request = $smcFunc['db_query']('', '
  1683. SELECT
  1684. id_member, real_name
  1685. FROM {db_prefix}members
  1686. WHERE id_member IN ({array_int:members})',
  1687. array(
  1688. 'members' => $members,
  1689. )
  1690. );
  1691. $members = array();
  1692. while ($row = $smcFunc['db_fetch_assoc']($request))
  1693. $members[$row['id_member']] = $row['real_name'];
  1694. $smcFunc['db_free_result']($request);
  1695. foreach ($edits as $key => $value)
  1696. if (isset($members[$value['id_member']]))
  1697. $edits[$key]['member_link'] = '<a href="' . $scripturl . '?action=profile;u=' . $value['id_member'] . '">' . $members[$value['id_member']] . '</a>';
  1698. }
  1699. return $edits;
  1700. }
  1701. /**
  1702. * @todo needs a description
  1703. *
  1704. * @param int $memID id_member
  1705. */
  1706. function showPermissions($memID)
  1707. {
  1708. global $scripturl, $txt, $board, $modSettings;
  1709. global $user_profile, $context, $user_info, $sourcedir, $smcFunc;
  1710. // Verify if the user has sufficient permissions.
  1711. isAllowedTo('manage_permissions');
  1712. loadLanguage('ManagePermissions');
  1713. loadLanguage('Admin');
  1714. loadTemplate('ManageMembers');
  1715. // Load all the permission profiles.
  1716. require_once($sourcedir . '/ManagePermissions.php');
  1717. loadPermissionProfiles();
  1718. $context['member']['id'] = $memID;
  1719. $context['member']['name'] = $user_profile[$memID]['real_name'];
  1720. $context['page_title'] = $txt['showPermissions'];
  1721. $board = empty($board) ? 0 : (int) $board;
  1722. $context['board'] = $board;
  1723. // Determine which groups this user is in.
  1724. if (empty($user_profile[$memID]['additional_groups']))
  1725. $curGroups = array();
  1726. else
  1727. $curGroups = explode(',', $user_profile[$memID]['additional_groups']);
  1728. $curGroups[] = $user_profile[$memID]['id_group'];
  1729. $curGroups[] = $user_profile[$memID]['id_post_group'];
  1730. // Load a list of boards for the jump box - except the defaults.
  1731. $request = $smcFunc['db_query']('order_by_board_order', '
  1732. SELECT b.id_board, b.name, b.id_profile, b.member_groups, IFNULL(mods.id_member, 0) AS is_mod
  1733. FROM {db_prefix}boards AS b
  1734. LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})
  1735. WHERE {query_see_board}',
  1736. array(
  1737. 'current_member' => $memID,
  1738. )
  1739. );
  1740. $context['boards'] = array();
  1741. $context['no_access_boards'] = array();
  1742. while ($row = $smcFunc['db_fetch_assoc']($request))
  1743. {
  1744. if (count(array_intersect($curGroups, explode(',', $row['member_groups']))) === 0 && !$row['is_mod'])
  1745. $context['no_access_boards'][] = array(
  1746. 'id' => $row['id_board'],
  1747. 'name' => $row['name'],
  1748. 'is_last' => false,
  1749. );
  1750. elseif ($row['id_profile'] != 1 || $row['is_mod'])
  1751. $context['boards'][$row['id_board']] = array(
  1752. 'id' => $row['id_board'],
  1753. 'name' => $row['name'],
  1754. 'selected' => $board == $row['id_board'],
  1755. 'profile' => $row['id_profile'],
  1756. 'profile_name' => $context['profiles'][$row['id_profile']]['name'],
  1757. );
  1758. }
  1759. $smcFunc['db_free_result']($request);
  1760. if (!empty($context['no_access_boards']))
  1761. $context['no_access_boards'][count($context['no_access_boards']) - 1]['is_last'] = true;
  1762. $context['member']['permissions'] = array(
  1763. 'general' => array(),
  1764. 'board' => array()
  1765. );
  1766. // If you're an admin we know you can do everything, we might as well leave.
  1767. $context['member']['has_all_permissions'] = in_array(1, $curGroups);
  1768. if ($context['member']['has_all_permissions'])
  1769. return;
  1770. $denied = array();
  1771. // Get all general permissions.
  1772. $result = $smcFunc['db_query']('', '
  1773. SELECT p.permission, p.add_deny, mg.group_name, p.id_group
  1774. FROM {db_prefix}permissions AS p
  1775. LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = p.id_group)
  1776. WHERE p.id_group IN ({array_int:group_list})
  1777. ORDER BY p.add_deny DESC, p.permission, mg.min_posts, CASE WHEN mg.id_group < {int:newbie_group} THEN mg.id_group ELSE 4 END, mg.group_name',
  1778. array(
  1779. 'group_list' => $curGroups,
  1780. 'newbie_group' => 4,
  1781. )
  1782. );
  1783. while ($row = $smcFunc['db_fetch_assoc']($result))
  1784. {
  1785. // We don't know about this permission, it doesn't exist :P.
  1786. if (!isset($txt['permissionname_' . $row['permission']]))
  1787. continue;
  1788. if (empty($row['add_deny']))
  1789. $denied[] = $row['permission'];
  1790. // Permissions that end with _own or _any consist of two parts.
  1791. if (in_array(substr($row['permission'], -4), array('_own', '_any')) && isset($txt['permissionname_' . substr($row['permission'], 0, -4)]))
  1792. $name = $txt['permissionname_' . substr($row['permission'], 0, -4)] . ' - ' . $txt['permissionname_' . $row['permission']];
  1793. else
  1794. $name = $txt['permissionname_' . $row['permission']];
  1795. // Add this permission if it doesn't exist yet.
  1796. if (!isset($context['member']['permissions']['general'][$row['permission']]))
  1797. $context['member']['permissions']['general'][$row['permission']] = array(
  1798. 'id' => $row['permission'],
  1799. 'groups' => array(
  1800. 'allowed' => array(),
  1801. 'denied' => array()
  1802. ),
  1803. 'name' => $name,
  1804. 'is_denied' => false,
  1805. 'is_global' => true,
  1806. );
  1807. // Add the membergroup to either the denied or the allowed groups.
  1808. $context['member']['permissions']['general'][$row['permission']]['groups'][empty($row['add_deny']) ? 'denied' : 'allowed'][] = $row['id_group'] == 0 ? $txt['membergroups_members'] : $row['group_name'];
  1809. // Once denied is always denied.
  1810. $context['member']['permissions']['general'][$row['permission']]['is_denied'] |= empty($row['add_deny']);
  1811. }
  1812. $smcFunc['db_free_result']($result);
  1813. $request = $smcFunc['db_query']('', '
  1814. SELECT
  1815. bp.add_deny, bp.permission, bp.id_group, mg.group_name' . (empty($board) ? '' : ',
  1816. b.id_profile, CASE WHEN mods.id_member IS NULL THEN 0 ELSE 1 END AS is_moderator') . '
  1817. FROM {db_prefix}board_permissions AS bp' . (empty($board) ? '' : '
  1818. INNER JOIN {db_prefix}boards AS b ON (b.id_board = {int:current_board})
  1819. LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})') . '
  1820. LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = bp.id_group)
  1821. WHERE bp.id_profile = {raw:current_profile}
  1822. AND bp.id_group IN ({array_int:group_list}' . (empty($board) ? ')' : ', {int:moderator_group})
  1823. AND (mods.id_member IS NOT NULL OR bp.id_group != {int:moderator_group})'),
  1824. array(
  1825. 'current_board' => $board,
  1826. 'group_list' => $curGroups,
  1827. 'current_member' => $memID,
  1828. 'current_profile' => empty($board) ? '1' : 'b.id_profile',
  1829. 'moderator_group' => 3,
  1830. )
  1831. );
  1832. while ($row = $smcFunc['db_fetch_assoc']($request))
  1833. {
  1834. // We don't know about this permission, it doesn't exist :P.
  1835. if (!isset($txt['permissionname_' . $row['permission']]))
  1836. continue;
  1837. // The name of the permission using the format 'permission name' - 'own/any topic/event/etc.'.
  1838. if (in_array(substr($row['permission'], -4), array('_own', '_any')) && isset($txt['permissionname_' . substr($row['permission'], 0, -4)]))
  1839. $name = $txt['permissionname_' . substr($row['permission'], 0, -4)] . ' - ' . $txt['permissionname_' . $row['permission']];
  1840. else
  1841. $name = $txt['permissionname_' . $row['permission']];
  1842. // Create the structure for this permission.
  1843. if (!isset($context['member']['permissions']['board'][$row['permission']]))
  1844. $context['member']['permissions']['board'][$row['permission']] = array(
  1845. 'id' => $row['permission'],
  1846. 'groups' => array(
  1847. 'allowed' => array(),
  1848. 'denied' => array()
  1849. ),
  1850. 'name' => $name,
  1851. 'is_denied' => false,
  1852. 'is_global' => empty($board),
  1853. );
  1854. $context['member']['permissions']['board'][$row['permission']]['groups'][empty($row['add_deny']) ? 'denied' : 'allowed'][$row['id_group']] = $row['id_group'] == 0 ? $txt['membergroups_members'] : $row['group_name'];
  1855. $context['member']['permissions']['board'][$row['permission']]['is_denied'] |= empty($row['add_deny']);
  1856. }
  1857. $smcFunc['db_free_result']($request);
  1858. }
  1859. /**
  1860. * View a members warnings?
  1861. *
  1862. * @param int $memID id_member
  1863. */
  1864. function viewWarning($memID)
  1865. {
  1866. global $modSettings, $context, $sourcedir, $txt, $scripturl;
  1867. // Firstly, can we actually even be here?
  1868. if (!allowedTo('issue_warning') && (empty($modSettings['warning_show']) || ($modSettings['warning_show'] == 1 && !$context['user']['is_owner'])))
  1869. fatal_lang_error('no_access', false);
  1870. // Make sure things which are disabled stay disabled.
  1871. $modSettings['warning_watch'] = !empty($modSettings['warning_watch']) ? $modSettings['warning_watch'] : 110;
  1872. $modSettings['warning_moderate'] = !empty($modSettings['warning_moderate']) && !empty($modSettings['postmod_active']) ? $modSettings['warning_moderate'] : 110;
  1873. $modSettings['warning_mute'] = !empty($modSettings['warning_mute']) ? $modSettings['warning_mute'] : 110;
  1874. // Let's use a generic list to get all the current warnings, and use the issue warnings grab-a-granny thing.
  1875. require_once($sourcedir . '/Subs-List.php');
  1876. require_once($sourcedir . '/Profile-Actions.php');
  1877. $listOptions = array(
  1878. 'id' => 'view_warnings',
  1879. 'title' => $txt['profile_viewwarning_previous_warnings'],
  1880. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1881. 'no_items_label' => $txt['profile_viewwarning_no_warnings'],
  1882. 'base_href' => $scripturl . '?action=profile;area=viewwarning;sa=user;u=' . $memID,
  1883. 'default_sort_col' => 'log_time',
  1884. 'get_items' => array(
  1885. 'function' => 'list_getUserWarnings',
  1886. 'params' => array(
  1887. $memID,
  1888. ),
  1889. ),
  1890. 'get_count' => array(
  1891. 'function' => 'list_getUserWarningCount',
  1892. 'params' => array(
  1893. $memID,
  1894. ),
  1895. ),
  1896. 'columns' => array(
  1897. 'log_time' => array(
  1898. 'header' => array(
  1899. 'value' => $txt['profile_warning_previous_time'],
  1900. ),
  1901. 'data' => array(
  1902. 'db' => 'time',
  1903. ),
  1904. 'sort' => array(
  1905. 'default' => 'lc.log_time DESC',
  1906. 'reverse' => 'lc.log_time',
  1907. ),
  1908. ),
  1909. 'reason' => array(
  1910. 'header' => array(
  1911. 'value' => $txt['profile_warning_previous_reason'],
  1912. 'style' => 'width: 50%',
  1913. ),
  1914. 'data' => array(
  1915. 'db' => 'reason',
  1916. ),
  1917. ),
  1918. 'level' => array(
  1919. 'header' => array(
  1920. 'value' => $txt['profile_warning_previous_level'],
  1921. ),
  1922. 'data' => array(
  1923. 'db' => 'counter',
  1924. ),
  1925. 'sort' => array(
  1926. 'default' => 'lc.counter DESC',
  1927. 'reverse' => 'lc.counter',
  1928. ),
  1929. ),
  1930. ),
  1931. 'additional_rows' => array(
  1932. array(
  1933. 'position' => 'after_title',
  1934. 'value' => $txt['profile_viewwarning_desc'],
  1935. 'class' => 'smalltext',
  1936. 'style' => 'padding: 2ex;',
  1937. ),
  1938. ),
  1939. );
  1940. // Create the list for viewing.
  1941. require_once($sourcedir . '/Subs-List.php');
  1942. createList($listOptions);
  1943. // Create some common text bits for the template.
  1944. $context['level_effects'] = array(
  1945. 0 => '',
  1946. $modSettings['warning_watch'] => $txt['profile_warning_effect_own_watched'],
  1947. $modSettings['warning_moderate'] => $txt['profile_warning_effect_own_moderated'],
  1948. $modSettings['warning_mute'] => $txt['profile_warning_effect_own_muted'],
  1949. );
  1950. $context['current_level'] = 0;
  1951. foreach ($context['level_effects'] as $limit => $dummy)
  1952. if ($context['member']['warning'] >= $limit)
  1953. $context['current_level'] = $limit;
  1954. }
  1955. ?>