Profile-View.php 69 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141
  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2011 Simple Machines
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.1 Alpha 1
  11. */
  12. if (!defined('SMF'))
  13. die('Hacking attempt...');
  14. /**
  15. * View a summary.
  16. * @param int $memID id_member
  17. */
  18. function summary($memID)
  19. {
  20. global $context, $memberContext, $txt, $modSettings, $user_info, $user_profile, $sourcedir, $scripturl, $smcFunc;
  21. // Attempt to load the member's profile data.
  22. if (!loadMemberContext($memID) || !isset($memberContext[$memID]))
  23. fatal_lang_error('not_a_user', false);
  24. // Set up the stuff and load the user.
  25. $context += array(
  26. 'page_title' => sprintf($txt['profile_of_username'], $memberContext[$memID]['name']),
  27. 'can_send_pm' => allowedTo('pm_send'),
  28. 'can_send_email' => allowedTo('send_email_to_members'),
  29. 'can_have_buddy' => allowedTo('profile_identity_own') && !empty($modSettings['enable_buddylist']),
  30. 'can_issue_warning' => in_array('w', $context['admin_features']) && allowedTo('issue_warning') && $modSettings['warning_settings'][0] == 1,
  31. );
  32. $context['member'] = &$memberContext[$memID];
  33. $context['can_view_warning'] = in_array('w', $context['admin_features']) && (allowedTo('issue_warning') && !$context['user']['is_owner']) || (!empty($modSettings['warning_show']) && ($modSettings['warning_show'] > 1 || $context['user']['is_owner']));
  34. // Set a canonical URL for this page.
  35. $context['canonical_url'] = $scripturl . '?action=profile;u=' . $memID;
  36. // Are there things we don't show?
  37. $context['disabled_fields'] = isset($modSettings['disabled_profile_fields']) ? array_flip(explode(',', $modSettings['disabled_profile_fields'])) : array();
  38. // See if they have broken any warning levels...
  39. list ($modSettings['warning_enable'], $modSettings['user_limit']) = explode(',', $modSettings['warning_settings']);
  40. if (!empty($modSettings['warning_mute']) && $modSettings['warning_mute'] <= $context['member']['warning'])
  41. $context['warning_status'] = $txt['profile_warning_is_muted'];
  42. elseif (!empty($modSettings['warning_moderate']) && $modSettings['warning_moderate'] <= $context['member']['warning'])
  43. $context['warning_status'] = $txt['profile_warning_is_moderation'];
  44. elseif (!empty($modSettings['warning_watch']) && $modSettings['warning_watch'] <= $context['member']['warning'])
  45. $context['warning_status'] = $txt['profile_warning_is_watch'];
  46. // They haven't even been registered for a full day!?
  47. $days_registered = (int) ((time() - $user_profile[$memID]['date_registered']) / (3600 * 24));
  48. if (empty($user_profile[$memID]['date_registered']) || $days_registered < 1)
  49. $context['member']['posts_per_day'] = $txt['not_applicable'];
  50. else
  51. $context['member']['posts_per_day'] = comma_format($context['member']['real_posts'] / $days_registered, 3);
  52. // Set the age...
  53. if (empty($context['member']['birth_date']))
  54. {
  55. $context['member'] += array(
  56. 'age' => $txt['not_applicable'],
  57. 'today_is_birthday' => false
  58. );
  59. }
  60. else
  61. {
  62. list ($birth_year, $birth_month, $birth_day) = sscanf($context['member']['birth_date'], '%d-%d-%d');
  63. $datearray = getdate(forum_time());
  64. $context['member'] += array(
  65. 'age' => $birth_year <= 4 ? $txt['not_applicable'] : $datearray['year'] - $birth_year - (($datearray['mon'] > $birth_month || ($datearray['mon'] == $birth_month && $datearray['mday'] >= $birth_day)) ? 0 : 1),
  66. 'today_is_birthday' => $datearray['mon'] == $birth_month && $datearray['mday'] == $birth_day
  67. );
  68. }
  69. if (allowedTo('moderate_forum'))
  70. {
  71. // Make sure it's a valid ip address; otherwise, don't bother...
  72. if (preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $memberContext[$memID]['ip']) == 1 && empty($modSettings['disableHostnameLookup']))
  73. $context['member']['hostname'] = host_from_ip($memberContext[$memID]['ip']);
  74. else
  75. $context['member']['hostname'] = '';
  76. $context['can_see_ip'] = true;
  77. }
  78. else
  79. $context['can_see_ip'] = false;
  80. if (!empty($modSettings['who_enabled']))
  81. {
  82. include_once($sourcedir . '/Who.php');
  83. $action = determineActions($user_profile[$memID]['url']);
  84. if ($action !== false)
  85. $context['member']['action'] = $action;
  86. }
  87. // If the user is awaiting activation, and the viewer has permission - setup some activation context messages.
  88. if ($context['member']['is_activated'] % 10 != 1 && allowedTo('moderate_forum'))
  89. {
  90. $context['activate_type'] = $context['member']['is_activated'];
  91. // What should the link text be?
  92. $context['activate_link_text'] = in_array($context['member']['is_activated'], array(3, 4, 5, 13, 14, 15)) ? $txt['account_approve'] : $txt['account_activate'];
  93. // Should we show a custom message?
  94. $context['activate_message'] = isset($txt['account_activate_method_' . $context['member']['is_activated'] % 10]) ? $txt['account_activate_method_' . $context['member']['is_activated'] % 10] : $txt['account_not_activated'];
  95. }
  96. // Is the signature even enabled on this forum?
  97. $context['signature_enabled'] = substr($modSettings['signature_settings'], 0, 1) == 1;
  98. // How about, are they banned?
  99. $context['member']['bans'] = array();
  100. if (allowedTo('moderate_forum'))
  101. {
  102. // Can they edit the ban?
  103. $context['can_edit_ban'] = allowedTo('manage_bans');
  104. $ban_query = array();
  105. $ban_query_vars = array(
  106. 'time' => time(),
  107. );
  108. $ban_query[] = 'id_member = ' . $context['member']['id'];
  109. $ban_query[] = constructBanQueryIP($memberContext[$memID]['ip']);
  110. // Do we have a hostname already?
  111. if (!empty($context['member']['hostname']))
  112. {
  113. $ban_query[] = '({string:hostname} LIKE hostname)';
  114. $ban_query_vars['hostname'] = $context['member']['hostname'];
  115. }
  116. // Check their email as well...
  117. if (strlen($context['member']['email']) != 0)
  118. {
  119. $ban_query[] = '({string:email} LIKE bi.email_address)';
  120. $ban_query_vars['email'] = $context['member']['email'];
  121. }
  122. // So... are they banned? Dying to know!
  123. $request = $smcFunc['db_query']('', '
  124. SELECT bg.id_ban_group, bg.name, bg.cannot_access, bg.cannot_post, bg.cannot_register,
  125. bg.cannot_login, bg.reason
  126. FROM {db_prefix}ban_items AS bi
  127. INNER JOIN {db_prefix}ban_groups AS bg ON (bg.id_ban_group = bi.id_ban_group AND (bg.expire_time IS NULL OR bg.expire_time > {int:time}))
  128. WHERE (' . implode(' OR ', $ban_query) . ')',
  129. $ban_query_vars
  130. );
  131. while ($row = $smcFunc['db_fetch_assoc']($request))
  132. {
  133. // Work out what restrictions we actually have.
  134. $ban_restrictions = array();
  135. foreach (array('access', 'register', 'login', 'post') as $type)
  136. if ($row['cannot_' . $type])
  137. $ban_restrictions[] = $txt['ban_type_' . $type];
  138. // No actual ban in place?
  139. if (empty($ban_restrictions))
  140. continue;
  141. // Prepare the link for context.
  142. $ban_explanation = sprintf($txt['user_cannot_due_to'], implode(', ', $ban_restrictions), '<a href="' . $scripturl . '?action=admin;area=ban;sa=edit;bg=' . $row['id_ban_group'] . '">' . $row['name'] . '</a>');
  143. $context['member']['bans'][$row['id_ban_group']] = array(
  144. 'reason' => empty($row['reason']) ? '' : '<br /><br /><strong>' . $txt['ban_reason'] . ':</strong> ' . $row['reason'],
  145. 'cannot' => array(
  146. 'access' => !empty($row['cannot_access']),
  147. 'register' => !empty($row['cannot_register']),
  148. 'post' => !empty($row['cannot_post']),
  149. 'login' => !empty($row['cannot_login']),
  150. ),
  151. 'explanation' => $ban_explanation,
  152. );
  153. }
  154. $smcFunc['db_free_result']($request);
  155. }
  156. loadCustomFields($memID);
  157. }
  158. /**
  159. * Show all posts by the current user
  160. * @todo This function needs to be split up properly.
  161. *
  162. * @param int $memID id_member
  163. */
  164. function showPosts($memID)
  165. {
  166. global $txt, $user_info, $scripturl, $modSettings;
  167. global $context, $user_profile, $sourcedir, $smcFunc, $board;
  168. // Some initial context.
  169. $context['start'] = (int) $_REQUEST['start'];
  170. $context['current_member'] = $memID;
  171. // Create the tabs for the template.
  172. $context[$context['profile_menu_name']]['tab_data'] = array(
  173. 'title' => $txt['showPosts'],
  174. 'description' => $txt['showPosts_help'],
  175. 'icon' => 'profile_sm.png',
  176. 'tabs' => array(
  177. 'messages' => array(
  178. ),
  179. 'topics' => array(
  180. ),
  181. 'attach' => array(
  182. ),
  183. ),
  184. );
  185. // Set the page title
  186. $context['page_title'] = $txt['showPosts'] . ' - ' . $user_profile[$memID]['real_name'];
  187. // Is the load average too high to allow searching just now?
  188. if (!empty($context['load_average']) && !empty($modSettings['loadavg_show_posts']) && $context['load_average'] >= $modSettings['loadavg_show_posts'])
  189. fatal_lang_error('loadavg_show_posts_disabled', false);
  190. // If we're specifically dealing with attachments use that function!
  191. if (isset($_GET['sa']) && $_GET['sa'] == 'attach')
  192. return showAttachments($memID);
  193. // Are we just viewing topics?
  194. $context['is_topics'] = isset($_GET['sa']) && $_GET['sa'] == 'topics' ? true : false;
  195. // If just deleting a message, do it and then redirect back.
  196. if (isset($_GET['delete']) && !$context['is_topics'])
  197. {
  198. checkSession('get');
  199. // We need msg info for logging.
  200. $request = $smcFunc['db_query']('', '
  201. SELECT subject, id_member, id_topic, id_board
  202. FROM {db_prefix}messages
  203. WHERE id_msg = {int:id_msg}',
  204. array(
  205. 'id_msg' => (int) $_GET['delete'],
  206. )
  207. );
  208. $info = $smcFunc['db_fetch_row']($request);
  209. $smcFunc['db_free_result']($request);
  210. // Trying to remove a message that doesn't exist.
  211. if (empty($info))
  212. redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
  213. // We can be lazy, since removeMessage() will check the permissions for us.
  214. require_once($sourcedir . '/RemoveTopic.php');
  215. removeMessage((int) $_GET['delete']);
  216. // Add it to the mod log.
  217. if (allowedTo('delete_any') && (!allowedTo('delete_own') || $info[1] != $user_info['id']))
  218. logAction('delete', array('topic' => $info[2], 'subject' => $info[0], 'member' => $info[1], 'board' => $info[3]));
  219. // Back to... where we are now ;).
  220. redirectexit('action=profile;u=' . $memID . ';area=showposts;start=' . $_GET['start']);
  221. }
  222. // Default to 10.
  223. if (empty($_REQUEST['viewscount']) || !is_numeric($_REQUEST['viewscount']))
  224. $_REQUEST['viewscount'] = '10';
  225. if ($context['is_topics'])
  226. $request = $smcFunc['db_query']('', '
  227. SELECT COUNT(*)
  228. FROM {db_prefix}topics AS t' . ($user_info['query_see_board'] == '1=1' ? '' : '
  229. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board AND {query_see_board})') . '
  230. WHERE t.id_member_started = {int:current_member}' . (!empty($board) ? '
  231. AND t.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  232. AND t.approved = {int:is_approved}'),
  233. array(
  234. 'current_member' => $memID,
  235. 'is_approved' => 1,
  236. 'board' => $board,
  237. )
  238. );
  239. else
  240. $request = $smcFunc['db_query']('', '
  241. SELECT COUNT(*)
  242. FROM {db_prefix}messages AS m' . ($user_info['query_see_board'] == '1=1' ? '' : '
  243. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})') . '
  244. WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
  245. AND m.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  246. AND m.approved = {int:is_approved}'),
  247. array(
  248. 'current_member' => $memID,
  249. 'is_approved' => 1,
  250. 'board' => $board,
  251. )
  252. );
  253. list ($msgCount) = $smcFunc['db_fetch_row']($request);
  254. $smcFunc['db_free_result']($request);
  255. $request = $smcFunc['db_query']('', '
  256. SELECT MIN(id_msg), MAX(id_msg)
  257. FROM {db_prefix}messages AS m
  258. WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
  259. AND m.id_board = {int:board}' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  260. AND m.approved = {int:is_approved}'),
  261. array(
  262. 'current_member' => $memID,
  263. 'is_approved' => 1,
  264. 'board' => $board,
  265. )
  266. );
  267. list ($min_msg_member, $max_msg_member) = $smcFunc['db_fetch_row']($request);
  268. $smcFunc['db_free_result']($request);
  269. $reverse = false;
  270. $range_limit = '';
  271. $maxIndex = (int) $modSettings['defaultMaxMessages'];
  272. // Make sure the starting place makes sense and construct our friend the page index.
  273. $context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=showposts' . ($context['is_topics'] ? ';sa=topics' : '') . (!empty($board) ? ';board=' . $board : ''), $context['start'], $msgCount, $maxIndex);
  274. $context['current_page'] = $context['start'] / $maxIndex;
  275. // Reverse the query if we're past 50% of the pages for better performance.
  276. $start = $context['start'];
  277. $reverse = $_REQUEST['start'] > $msgCount / 2;
  278. if ($reverse)
  279. {
  280. $maxIndex = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 && $msgCount > $context['start'] ? $msgCount - $context['start'] : (int) $modSettings['defaultMaxMessages'];
  281. $start = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 || $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] ? 0 : $msgCount - $context['start'] - $modSettings['defaultMaxMessages'];
  282. }
  283. // Guess the range of messages to be shown.
  284. if ($msgCount > 1000)
  285. {
  286. $margin = floor(($max_msg_member - $min_msg_member) * (($start + $modSettings['defaultMaxMessages']) / $msgCount) + .1 * ($max_msg_member - $min_msg_member));
  287. // Make a bigger margin for topics only.
  288. if ($context['is_topics'])
  289. {
  290. $margin *= 5;
  291. $range_limit = $reverse ? 't.id_first_msg < ' . ($min_msg_member + $margin) : 't.id_first_msg > ' . ($max_msg_member - $margin);
  292. }
  293. else
  294. $range_limit = $reverse ? 'm.id_msg < ' . ($min_msg_member + $margin) : 'm.id_msg > ' . ($max_msg_member - $margin);
  295. }
  296. // Find this user's posts. The left join on categories somehow makes this faster, weird as it looks.
  297. $looped = false;
  298. while (true)
  299. {
  300. if ($context['is_topics'])
  301. {
  302. $request = $smcFunc['db_query']('', '
  303. SELECT
  304. b.id_board, b.name AS bname, c.id_cat, c.name AS cname, t.id_member_started, t.id_first_msg, t.id_last_msg,
  305. t.approved, m.body, m.smileys_enabled, m.subject, m.poster_time, m.id_topic, m.id_msg
  306. FROM {db_prefix}topics AS t
  307. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  308. LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
  309. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
  310. WHERE t.id_member_started = {int:current_member}' . (!empty($board) ? '
  311. AND t.id_board = {int:board}' : '') . (empty($range_limit) ? '' : '
  312. AND ' . $range_limit) . '
  313. AND {query_see_board}' . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  314. AND t.approved = {int:is_approved} AND m.approved = {int:is_approved}') . '
  315. ORDER BY t.id_first_msg ' . ($reverse ? 'ASC' : 'DESC') . '
  316. LIMIT ' . $start . ', ' . $maxIndex,
  317. array(
  318. 'current_member' => $memID,
  319. 'is_approved' => 1,
  320. 'board' => $board,
  321. )
  322. );
  323. }
  324. else
  325. {
  326. $request = $smcFunc['db_query']('', '
  327. SELECT
  328. b.id_board, b.name AS bname, c.id_cat, c.name AS cname, m.id_topic, m.id_msg,
  329. t.id_member_started, t.id_first_msg, t.id_last_msg, m.body, m.smileys_enabled,
  330. m.subject, m.poster_time, m.approved
  331. FROM {db_prefix}messages AS m
  332. INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
  333. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  334. LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
  335. WHERE m.id_member = {int:current_member}' . (!empty($board) ? '
  336. AND b.id_board = {int:board}' : '') . (empty($range_limit) ? '' : '
  337. AND ' . $range_limit) . '
  338. AND {query_see_board}' . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  339. AND t.approved = {int:is_approved} AND m.approved = {int:is_approved}') . '
  340. ORDER BY m.id_msg ' . ($reverse ? 'ASC' : 'DESC') . '
  341. LIMIT ' . $start . ', ' . $maxIndex,
  342. array(
  343. 'current_member' => $memID,
  344. 'is_approved' => 1,
  345. 'board' => $board,
  346. )
  347. );
  348. }
  349. // Make sure we quit this loop.
  350. if ($smcFunc['db_num_rows']($request) === $maxIndex || $looped)
  351. break;
  352. $looped = true;
  353. $range_limit = '';
  354. }
  355. // Start counting at the number of the first message displayed.
  356. $counter = $reverse ? $context['start'] + $maxIndex + 1 : $context['start'];
  357. $context['posts'] = array();
  358. $board_ids = array('own' => array(), 'any' => array());
  359. while ($row = $smcFunc['db_fetch_assoc']($request))
  360. {
  361. // Censor....
  362. censorText($row['body']);
  363. censorText($row['subject']);
  364. // Do the code.
  365. $row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
  366. // And the array...
  367. $context['posts'][$counter += $reverse ? -1 : 1] = array(
  368. 'body' => $row['body'],
  369. 'counter' => $counter,
  370. 'alternate' => $counter % 2,
  371. 'category' => array(
  372. 'name' => $row['cname'],
  373. 'id' => $row['id_cat']
  374. ),
  375. 'board' => array(
  376. 'name' => $row['bname'],
  377. 'id' => $row['id_board']
  378. ),
  379. 'topic' => $row['id_topic'],
  380. 'subject' => $row['subject'],
  381. 'start' => 'msg' . $row['id_msg'],
  382. 'time' => timeformat($row['poster_time']),
  383. 'timestamp' => forum_time(true, $row['poster_time']),
  384. 'id' => $row['id_msg'],
  385. 'can_reply' => false,
  386. 'can_mark_notify' => false,
  387. 'can_delete' => false,
  388. 'delete_possible' => ($row['id_first_msg'] != $row['id_msg'] || $row['id_last_msg'] == $row['id_msg']) && (empty($modSettings['edit_disable_time']) || $row['poster_time'] + $modSettings['edit_disable_time'] * 60 >= time()),
  389. 'approved' => $row['approved'],
  390. );
  391. if ($user_info['id'] == $row['id_member_started'])
  392. $board_ids['own'][$row['id_board']][] = $counter;
  393. $board_ids['any'][$row['id_board']][] = $counter;
  394. }
  395. $smcFunc['db_free_result']($request);
  396. // All posts were retrieved in reverse order, get them right again.
  397. if ($reverse)
  398. $context['posts'] = array_reverse($context['posts'], true);
  399. // These are all the permissions that are different from board to board..
  400. if ($context['is_topics'])
  401. $permissions = array(
  402. 'own' => array(
  403. 'post_reply_own' => 'can_reply',
  404. ),
  405. 'any' => array(
  406. 'post_reply_any' => 'can_reply',
  407. 'mark_any_notify' => 'can_mark_notify',
  408. )
  409. );
  410. else
  411. $permissions = array(
  412. 'own' => array(
  413. 'post_reply_own' => 'can_reply',
  414. 'delete_own' => 'can_delete',
  415. ),
  416. 'any' => array(
  417. 'post_reply_any' => 'can_reply',
  418. 'mark_any_notify' => 'can_mark_notify',
  419. 'delete_any' => 'can_delete',
  420. )
  421. );
  422. // For every permission in the own/any lists...
  423. foreach ($permissions as $type => $list)
  424. {
  425. foreach ($list as $permission => $allowed)
  426. {
  427. // Get the boards they can do this on...
  428. $boards = boardsAllowedTo($permission);
  429. // Hmm, they can do it on all boards, can they?
  430. if (!empty($boards) && $boards[0] == 0)
  431. $boards = array_keys($board_ids[$type]);
  432. // Now go through each board they can do the permission on.
  433. foreach ($boards as $board_id)
  434. {
  435. // There aren't any posts displayed from this board.
  436. if (!isset($board_ids[$type][$board_id]))
  437. continue;
  438. // Set the permission to true ;).
  439. foreach ($board_ids[$type][$board_id] as $counter)
  440. $context['posts'][$counter][$allowed] = true;
  441. }
  442. }
  443. }
  444. // Clean up after posts that cannot be deleted and quoted.
  445. $quote_enabled = empty($modSettings['disabledBBC']) || !in_array('quote', explode(',', $modSettings['disabledBBC']));
  446. foreach ($context['posts'] as $counter => $dummy)
  447. {
  448. $context['posts'][$counter]['can_delete'] &= $context['posts'][$counter]['delete_possible'];
  449. $context['posts'][$counter]['can_quote'] = $context['posts'][$counter]['can_reply'] && $quote_enabled;
  450. }
  451. }
  452. /**
  453. * Show all the attachments of a user.
  454. *
  455. * @param int $memID id_member
  456. */
  457. function showAttachments($memID)
  458. {
  459. global $txt, $user_info, $scripturl, $modSettings, $board;
  460. global $context, $user_profile, $sourcedir, $smcFunc;
  461. // OBEY permissions!
  462. $boardsAllowed = boardsAllowedTo('view_attachments');
  463. // Make sure we can't actually see anything...
  464. if (empty($boardsAllowed))
  465. $boardsAllowed = array(-1);
  466. // Get the total number of attachments they have posted.
  467. $request = $smcFunc['db_query']('', '
  468. SELECT COUNT(*)
  469. FROM {db_prefix}attachments AS a
  470. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg)
  471. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})
  472. WHERE a.attachment_type = {int:attachment_type}
  473. AND a.id_msg != {int:no_message}
  474. AND m.id_member = {int:current_member}' . (!empty($board) ? '
  475. AND b.id_board = {int:board}' : '') . (!in_array(0, $boardsAllowed) ? '
  476. AND b.id_board IN ({array_int:boards_list})' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  477. AND m.approved = {int:is_approved}'),
  478. array(
  479. 'boards_list' => $boardsAllowed,
  480. 'attachment_type' => 0,
  481. 'no_message' => 0,
  482. 'current_member' => $memID,
  483. 'is_approved' => 1,
  484. 'board' => $board,
  485. )
  486. );
  487. list ($attachCount) = $smcFunc['db_fetch_row']($request);
  488. $smcFunc['db_free_result']($request);
  489. $maxIndex = (int) $modSettings['defaultMaxMessages'];
  490. // What about ordering?
  491. $sortTypes = array(
  492. 'filename' => 'a.filename',
  493. 'downloads' => 'a.downloads',
  494. 'subject' => 'm.subject',
  495. 'posted' => 'm.poster_time',
  496. );
  497. $context['sort_order'] = isset($_GET['sort']) && isset($sortTypes[$_GET['sort']]) ? $_GET['sort'] : 'posted';
  498. $context['sort_direction'] = isset($_GET['asc']) ? 'up' : 'down';
  499. $sort = $sortTypes[$context['sort_order']];
  500. // Let's get ourselves a lovely page index.
  501. $context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=showposts;sa=attach;sort=' . $context['sort_order'] . ($context['sort_direction'] == 'up' ? ';asc' : ''), $context['start'], $attachCount, $maxIndex);
  502. // Retrieve some attachments.
  503. $request = $smcFunc['db_query']('', '
  504. SELECT a.id_attach, a.id_msg, a.filename, a.downloads, a.approved, m.id_msg, m.id_topic,
  505. m.id_board, m.poster_time, m.subject, b.name
  506. FROM {db_prefix}attachments AS a
  507. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = a.id_msg)
  508. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND {query_see_board})
  509. WHERE a.attachment_type = {int:attachment_type}
  510. AND a.id_msg != {int:no_message}
  511. AND m.id_member = {int:current_member}' . (!empty($board) ? '
  512. AND b.id_board = {int:board}' : '') . (!in_array(0, $boardsAllowed) ? '
  513. AND b.id_board IN ({array_int:boards_list})' : '') . (!$modSettings['postmod_active'] || $context['user']['is_owner'] ? '' : '
  514. AND m.approved = {int:is_approved}') . '
  515. ORDER BY {raw:sort}
  516. LIMIT {int:offset}, {int:limit}',
  517. array(
  518. 'boards_list' => $boardsAllowed,
  519. 'attachment_type' => 0,
  520. 'no_message' => 0,
  521. 'current_member' => $memID,
  522. 'is_approved' => 1,
  523. 'board' => $board,
  524. 'sort' => $sort . ' ' . ($context['sort_direction'] == 'down' ? 'DESC' : 'ASC'),
  525. 'offset' => $context['start'],
  526. 'limit' => $maxIndex,
  527. )
  528. );
  529. $context['attachments'] = array();
  530. while ($row = $smcFunc['db_fetch_assoc']($request))
  531. {
  532. $row['subject'] = censorText($row['subject']);
  533. $context['attachments'][] = array(
  534. 'id' => $row['id_attach'],
  535. 'filename' => $row['filename'],
  536. 'downloads' => $row['downloads'],
  537. 'subject' => $row['subject'],
  538. 'posted' => timeformat($row['poster_time']),
  539. 'msg' => $row['id_msg'],
  540. 'topic' => $row['id_topic'],
  541. 'board' => $row['id_board'],
  542. 'board_name' => $row['name'],
  543. 'approved' => $row['approved'],
  544. );
  545. }
  546. $smcFunc['db_free_result']($request);
  547. }
  548. /**
  549. * Gets the user stats for display
  550. *
  551. * @param int $memID id_member
  552. */
  553. function statPanel($memID)
  554. {
  555. global $txt, $scripturl, $context, $user_profile, $user_info, $modSettings, $smcFunc;
  556. $context['page_title'] = $txt['statPanel_showStats'] . ' ' . $user_profile[$memID]['real_name'];
  557. // Is the load average too high to allow searching just now?
  558. if (!empty($context['load_average']) && !empty($modSettings['loadavg_userstats']) && $context['load_average'] >= $modSettings['loadavg_userstats'])
  559. fatal_lang_error('loadavg_userstats_disabled', false);
  560. // General user statistics.
  561. $timeDays = floor($user_profile[$memID]['total_time_logged_in'] / 86400);
  562. $timeHours = floor(($user_profile[$memID]['total_time_logged_in'] % 86400) / 3600);
  563. $context['time_logged_in'] = ($timeDays > 0 ? $timeDays . $txt['totalTimeLogged2'] : '') . ($timeHours > 0 ? $timeHours . $txt['totalTimeLogged3'] : '') . floor(($user_profile[$memID]['total_time_logged_in'] % 3600) / 60) . $txt['totalTimeLogged4'];
  564. $context['num_posts'] = comma_format($user_profile[$memID]['posts']);
  565. // Number of topics started.
  566. $result = $smcFunc['db_query']('', '
  567. SELECT COUNT(*)
  568. FROM {db_prefix}topics
  569. WHERE id_member_started = {int:current_member}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  570. AND id_board != {int:recycle_board}' : ''),
  571. array(
  572. 'current_member' => $memID,
  573. 'recycle_board' => $modSettings['recycle_board'],
  574. )
  575. );
  576. list ($context['num_topics']) = $smcFunc['db_fetch_row']($result);
  577. $smcFunc['db_free_result']($result);
  578. // Number polls started.
  579. $result = $smcFunc['db_query']('', '
  580. SELECT COUNT(*)
  581. FROM {db_prefix}topics
  582. WHERE id_member_started = {int:current_member}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  583. AND id_board != {int:recycle_board}' : '') . '
  584. AND id_poll != {int:no_poll}',
  585. array(
  586. 'current_member' => $memID,
  587. 'recycle_board' => $modSettings['recycle_board'],
  588. 'no_poll' => 0,
  589. )
  590. );
  591. list ($context['num_polls']) = $smcFunc['db_fetch_row']($result);
  592. $smcFunc['db_free_result']($result);
  593. // Number polls voted in.
  594. $result = $smcFunc['db_query']('distinct_poll_votes', '
  595. SELECT COUNT(DISTINCT id_poll)
  596. FROM {db_prefix}log_polls
  597. WHERE id_member = {int:current_member}',
  598. array(
  599. 'current_member' => $memID,
  600. )
  601. );
  602. list ($context['num_votes']) = $smcFunc['db_fetch_row']($result);
  603. $smcFunc['db_free_result']($result);
  604. // Format the numbers...
  605. $context['num_topics'] = comma_format($context['num_topics']);
  606. $context['num_polls'] = comma_format($context['num_polls']);
  607. $context['num_votes'] = comma_format($context['num_votes']);
  608. // Grab the board this member posted in most often.
  609. $result = $smcFunc['db_query']('', '
  610. SELECT
  611. b.id_board, MAX(b.name) AS name, MAX(b.num_posts) AS num_posts, COUNT(*) AS message_count
  612. FROM {db_prefix}messages AS m
  613. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  614. WHERE m.id_member = {int:current_member}
  615. AND b.count_posts = {int:count_enabled}
  616. AND {query_see_board}
  617. GROUP BY b.id_board
  618. ORDER BY message_count DESC
  619. LIMIT 10',
  620. array(
  621. 'current_member' => $memID,
  622. 'count_enabled' => 0,
  623. )
  624. );
  625. $context['popular_boards'] = array();
  626. while ($row = $smcFunc['db_fetch_assoc']($result))
  627. {
  628. $context['popular_boards'][$row['id_board']] = array(
  629. 'id' => $row['id_board'],
  630. 'posts' => $row['message_count'],
  631. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  632. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['name'] . '</a>',
  633. 'posts_percent' => $user_profile[$memID]['posts'] == 0 ? 0 : ($row['message_count'] * 100) / $user_profile[$memID]['posts'],
  634. 'total_posts' => $row['num_posts'],
  635. 'total_posts_member' => $user_profile[$memID]['posts'],
  636. );
  637. }
  638. $smcFunc['db_free_result']($result);
  639. // Now get the 10 boards this user has most often participated in.
  640. $result = $smcFunc['db_query']('profile_board_stats', '
  641. SELECT
  642. b.id_board, MAX(b.name) AS name, b.num_posts, COUNT(*) AS message_count,
  643. CASE WHEN COUNT(*) > MAX(b.num_posts) THEN 1 ELSE COUNT(*) / MAX(b.num_posts) END * 100 AS percentage
  644. FROM {db_prefix}messages AS m
  645. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  646. WHERE m.id_member = {int:current_member}
  647. AND {query_see_board}
  648. GROUP BY b.id_board, b.num_posts
  649. ORDER BY percentage DESC
  650. LIMIT 10',
  651. array(
  652. 'current_member' => $memID,
  653. )
  654. );
  655. $context['board_activity'] = array();
  656. while ($row = $smcFunc['db_fetch_assoc']($result))
  657. {
  658. $context['board_activity'][$row['id_board']] = array(
  659. 'id' => $row['id_board'],
  660. 'posts' => $row['message_count'],
  661. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  662. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['name'] . '</a>',
  663. 'percent' => comma_format((float) $row['percentage'], 2),
  664. 'posts_percent' => (float) $row['percentage'],
  665. 'total_posts' => $row['num_posts'],
  666. );
  667. }
  668. $smcFunc['db_free_result']($result);
  669. // Posting activity by time.
  670. $result = $smcFunc['db_query']('user_activity_by_time', '
  671. SELECT
  672. HOUR(FROM_UNIXTIME(poster_time + {int:time_offset})) AS hour,
  673. COUNT(*) AS post_count
  674. FROM {db_prefix}messages
  675. WHERE id_member = {int:current_member}' . ($modSettings['totalMessages'] > 100000 ? '
  676. AND id_topic > {int:top_ten_thousand_topics}' : '') . '
  677. GROUP BY hour',
  678. array(
  679. 'current_member' => $memID,
  680. 'top_ten_thousand_topics' => $modSettings['totalTopics'] - 10000,
  681. 'time_offset' => (($user_info['time_offset'] + $modSettings['time_offset']) * 3600),
  682. )
  683. );
  684. $maxPosts = $realPosts = 0;
  685. $context['posts_by_time'] = array();
  686. while ($row = $smcFunc['db_fetch_assoc']($result))
  687. {
  688. // Cast as an integer to remove the leading 0.
  689. $row['hour'] = (int) $row['hour'];
  690. $maxPosts = max($row['post_count'], $maxPosts);
  691. $realPosts += $row['post_count'];
  692. $context['posts_by_time'][$row['hour']] = array(
  693. 'hour' => $row['hour'],
  694. 'hour_format' => stripos($user_info['time_format'], '%p') === false ? $row['hour'] : date('g a', mktime($row['hour'])),
  695. 'posts' => $row['post_count'],
  696. 'posts_percent' => 0,
  697. 'is_last' => $row['hour'] == 23,
  698. );
  699. }
  700. $smcFunc['db_free_result']($result);
  701. if ($maxPosts > 0)
  702. for ($hour = 0; $hour < 24; $hour++)
  703. {
  704. if (!isset($context['posts_by_time'][$hour]))
  705. $context['posts_by_time'][$hour] = array(
  706. 'hour' => $hour,
  707. 'hour_format' => stripos($user_info['time_format'], '%p') === false ? $hour : date('g a', mktime($hour)),
  708. 'posts' => 0,
  709. 'posts_percent' => 0,
  710. 'relative_percent' => 0,
  711. 'is_last' => $hour == 23,
  712. );
  713. else
  714. {
  715. $context['posts_by_time'][$hour]['posts_percent'] = round(($context['posts_by_time'][$hour]['posts'] * 100) / $realPosts);
  716. $context['posts_by_time'][$hour]['relative_percent'] = round(($context['posts_by_time'][$hour]['posts'] * 100) / $maxPosts);
  717. }
  718. }
  719. // Put it in the right order.
  720. ksort($context['posts_by_time']);
  721. // Custom stats (just add a template_layer to add it to the template!)
  722. call_integration_hook('integrate_profile_stats', array($memID));
  723. }
  724. /**
  725. * @todo needs a description
  726. *
  727. * @param int $memID id_member
  728. */
  729. function tracking($memID)
  730. {
  731. global $sourcedir, $context, $txt, $scripturl, $modSettings, $user_profile;
  732. $subActions = array(
  733. 'activity' => array('trackActivity', $txt['trackActivity']),
  734. 'ip' => array('TrackIP', $txt['trackIP']),
  735. 'edits' => array('trackEdits', $txt['trackEdits']),
  736. 'logins' => array('TrackLogins', $txt['trackLogins']),
  737. );
  738. $context['tracking_area'] = isset($_GET['sa']) && isset($subActions[$_GET['sa']]) ? $_GET['sa'] : 'activity';
  739. // @todo what is $types? it is never set so this will never be true
  740. if (isset($types[$context['tracking_area']][1]))
  741. require_once($sourcedir . '/' . $types[$context['tracking_area']][1]);
  742. // Create the tabs for the template.
  743. $context[$context['profile_menu_name']]['tab_data'] = array(
  744. 'title' => $txt['tracking'],
  745. 'description' => $txt['tracking_description'],
  746. 'icon' => 'profile_sm.png',
  747. 'tabs' => array(
  748. 'activity' => array(),
  749. 'ip' => array(),
  750. 'edits' => array(),
  751. ),
  752. );
  753. // Moderation must be on to track edits.
  754. if (empty($modSettings['modlog_enabled']))
  755. unset($context[$context['profile_menu_name']]['tab_data']['edits']);
  756. // Set a page title.
  757. $context['page_title'] = $txt['trackUser'] . ' - ' . $subActions[$context['tracking_area']][1] . ' - ' . $user_profile[$memID]['real_name'];
  758. // Pass on to the actual function.
  759. $context['sub_template'] = $subActions[$context['tracking_area']][0];
  760. $subActions[$context['tracking_area']][0]($memID);
  761. }
  762. /**
  763. * @todo needs a description
  764. *
  765. * @param int $memID id_member
  766. */
  767. function trackActivity($memID)
  768. {
  769. global $scripturl, $txt, $modSettings, $sourcedir;
  770. global $user_profile, $context, $smcFunc;
  771. // Verify if the user has sufficient permissions.
  772. isAllowedTo('moderate_forum');
  773. $context['last_ip'] = $user_profile[$memID]['member_ip'];
  774. if ($context['last_ip'] != $user_profile[$memID]['member_ip2'])
  775. $context['last_ip2'] = $user_profile[$memID]['member_ip2'];
  776. $context['member']['name'] = $user_profile[$memID]['real_name'];
  777. // Set the options for the list component.
  778. $listOptions = array(
  779. 'id' => 'track_user_list',
  780. 'title' => $txt['errors_by'] . ' ' . $context['member']['name'],
  781. 'items_per_page' => $modSettings['defaultMaxMessages'],
  782. 'no_items_label' => $txt['no_errors_from_user'],
  783. 'base_href' => $scripturl . '?action=profile;area=tracking;sa=user;u=' . $memID,
  784. 'default_sort_col' => 'date',
  785. 'get_items' => array(
  786. 'function' => 'list_getUserErrors',
  787. 'params' => array(
  788. 'le.id_member = {int:current_member}',
  789. array('current_member' => $memID),
  790. ),
  791. ),
  792. 'get_count' => array(
  793. 'function' => 'list_getUserErrorCount',
  794. 'params' => array(
  795. 'id_member = {int:current_member}',
  796. array('current_member' => $memID),
  797. ),
  798. ),
  799. 'columns' => array(
  800. 'ip_address' => array(
  801. 'header' => array(
  802. 'value' => $txt['ip_address'],
  803. ),
  804. 'data' => array(
  805. 'sprintf' => array(
  806. 'format' => '<a href="' . $scripturl . '?action=profile;area=tracking;sa=ip;searchip=%1$s;u=' . $memID. '">%1$s</a>',
  807. 'params' => array(
  808. 'ip' => false,
  809. ),
  810. ),
  811. ),
  812. 'sort' => array(
  813. 'default' => 'le.ip',
  814. 'reverse' => 'le.ip DESC',
  815. ),
  816. ),
  817. 'message' => array(
  818. 'header' => array(
  819. 'value' => $txt['message'],
  820. ),
  821. 'data' => array(
  822. 'sprintf' => array(
  823. 'format' => '%1$s<br /><a href="%2$s">%2$s</a>',
  824. 'params' => array(
  825. 'message' => false,
  826. 'url' => false,
  827. ),
  828. ),
  829. ),
  830. ),
  831. 'date' => array(
  832. 'header' => array(
  833. 'value' => $txt['date'],
  834. ),
  835. 'data' => array(
  836. 'db' => 'time',
  837. ),
  838. 'sort' => array(
  839. 'default' => 'le.id_error DESC',
  840. 'reverse' => 'le.id_error',
  841. ),
  842. ),
  843. ),
  844. 'additional_rows' => array(
  845. array(
  846. 'position' => 'after_title',
  847. 'value' => $txt['errors_desc'],
  848. 'class' => 'windowbg2',
  849. 'style' => 'padding: 1ex 2ex;',
  850. ),
  851. ),
  852. );
  853. // Create the list for viewing.
  854. require_once($sourcedir . '/Subs-List.php');
  855. createList($listOptions);
  856. // @todo cache this
  857. // If this is a big forum, or a large posting user, let's limit the search.
  858. if ($modSettings['totalMessages'] > 50000 && $user_profile[$memID]['posts'] > 500)
  859. {
  860. $request = $smcFunc['db_query']('', '
  861. SELECT MAX(id_msg)
  862. FROM {db_prefix}messages AS m
  863. WHERE m.id_member = {int:current_member}',
  864. array(
  865. 'current_member' => $memID,
  866. )
  867. );
  868. list ($max_msg_member) = $smcFunc['db_fetch_row']($request);
  869. $smcFunc['db_free_result']($request);
  870. // There's no point worrying ourselves with messages made yonks ago, just get recent ones!
  871. $min_msg_member = max(0, $max_msg_member - $user_profile[$memID]['posts'] * 3);
  872. }
  873. // Default to at least the ones we know about.
  874. $ips = array(
  875. $user_profile[$memID]['member_ip'],
  876. $user_profile[$memID]['member_ip2'],
  877. );
  878. // @todo cache this
  879. // Get all IP addresses this user has used for his messages.
  880. $request = $smcFunc['db_query']('', '
  881. SELECT poster_ip
  882. FROM {db_prefix}messages
  883. WHERE id_member = {int:current_member}
  884. ' . (isset($min_msg_member) ? '
  885. AND id_msg >= {int:min_msg_member} AND id_msg <= {int:max_msg_member}' : '') . '
  886. GROUP BY poster_ip',
  887. array(
  888. 'current_member' => $memID,
  889. 'min_msg_member' => !empty($min_msg_member) ? $min_msg_member : 0,
  890. 'max_msg_member' => !empty($max_msg_member) ? $max_msg_member : 0,
  891. )
  892. );
  893. $context['ips'] = array();
  894. while ($row = $smcFunc['db_fetch_assoc']($request))
  895. {
  896. $context['ips'][] = '<a href="' . $scripturl . '?action=profile;area=tracking;sa=ip;searchip=' . $row['poster_ip'] . ';u=' . $memID . '">' . $row['poster_ip'] . '</a>';
  897. $ips[] = $row['poster_ip'];
  898. }
  899. $smcFunc['db_free_result']($request);
  900. // Now also get the IP addresses from the error messages.
  901. $request = $smcFunc['db_query']('', '
  902. SELECT COUNT(*) AS error_count, ip
  903. FROM {db_prefix}log_errors
  904. WHERE id_member = {int:current_member}
  905. GROUP BY ip',
  906. array(
  907. 'current_member' => $memID,
  908. )
  909. );
  910. $context['error_ips'] = array();
  911. while ($row = $smcFunc['db_fetch_assoc']($request))
  912. {
  913. $context['error_ips'][] = '<a href="' . $scripturl . '?action=profile;area=tracking;sa=ip;searchip=' . $row['ip'] . ';u=' . $memID . '">' . $row['ip'] . '</a>';
  914. $ips[] = $row['ip'];
  915. }
  916. $smcFunc['db_free_result']($request);
  917. // Find other users that might use the same IP.
  918. $ips = array_unique($ips);
  919. $context['members_in_range'] = array();
  920. if (!empty($ips))
  921. {
  922. // Get member ID's which are in messages...
  923. $request = $smcFunc['db_query']('', '
  924. SELECT mem.id_member
  925. FROM {db_prefix}messages AS m
  926. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  927. WHERE m.poster_ip IN ({array_string:ip_list})
  928. GROUP BY mem.id_member
  929. HAVING mem.id_member != {int:current_member}',
  930. array(
  931. 'current_member' => $memID,
  932. 'ip_list' => $ips,
  933. )
  934. );
  935. $message_members = array();
  936. while ($row = $smcFunc['db_fetch_assoc']($request))
  937. $message_members[] = $row['id_member'];
  938. $smcFunc['db_free_result']($request);
  939. // Fetch their names, cause of the GROUP BY doesn't like giving us that normally.
  940. if (!empty($message_members))
  941. {
  942. $request = $smcFunc['db_query']('', '
  943. SELECT id_member, real_name
  944. FROM {db_prefix}members
  945. WHERE id_member IN ({array_int:message_members})',
  946. array(
  947. 'message_members' => $message_members,
  948. 'ip_list' => $ips,
  949. )
  950. );
  951. while ($row = $smcFunc['db_fetch_assoc']($request))
  952. $context['members_in_range'][$row['id_member']] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>';
  953. $smcFunc['db_free_result']($request);
  954. }
  955. $request = $smcFunc['db_query']('', '
  956. SELECT id_member, real_name
  957. FROM {db_prefix}members
  958. WHERE id_member != {int:current_member}
  959. AND member_ip IN ({array_string:ip_list})',
  960. array(
  961. 'current_member' => $memID,
  962. 'ip_list' => $ips,
  963. )
  964. );
  965. while ($row = $smcFunc['db_fetch_assoc']($request))
  966. $context['members_in_range'][$row['id_member']] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>';
  967. $smcFunc['db_free_result']($request);
  968. }
  969. }
  970. /**
  971. * Get the number of user errors
  972. *
  973. * @param string $where
  974. * @param array $where_vars = array()
  975. * @return string number of user errors
  976. */
  977. function list_getUserErrorCount($where, $where_vars = array())
  978. {
  979. global $smcFunc;
  980. $request = $smcFunc['db_query']('', '
  981. SELECT COUNT(*) AS error_count
  982. FROM {db_prefix}log_errors
  983. WHERE ' . $where,
  984. $where_vars
  985. );
  986. list ($count) = $smcFunc['db_fetch_row']($request);
  987. $smcFunc['db_free_result']($request);
  988. // @todo cast this to an integer
  989. return $count;
  990. }
  991. /**
  992. * @todo needs a description
  993. *
  994. * @param int $start
  995. * @param int $items_per_page
  996. * @param string $sort
  997. * @param string $where
  998. * @param array $where_vars
  999. * @return array error messages
  1000. */
  1001. function list_getUserErrors($start, $items_per_page, $sort, $where, $where_vars = array())
  1002. {
  1003. global $smcFunc, $txt, $scripturl;
  1004. // Get a list of error messages from this ip (range).
  1005. $request = $smcFunc['db_query']('', '
  1006. SELECT
  1007. le.log_time, le.ip, le.url, le.message, IFNULL(mem.id_member, 0) AS id_member,
  1008. IFNULL(mem.real_name, {string:guest_title}) AS display_name, mem.member_name
  1009. FROM {db_prefix}log_errors AS le
  1010. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = le.id_member)
  1011. WHERE ' . $where . '
  1012. ORDER BY ' . $sort . '
  1013. LIMIT ' . $start . ', ' . $items_per_page,
  1014. array_merge($where_vars, array(
  1015. 'guest_title' => $txt['guest_title'],
  1016. ))
  1017. );
  1018. $error_messages = array();
  1019. while ($row = $smcFunc['db_fetch_assoc']($request))
  1020. $error_messages[] = array(
  1021. 'ip' => $row['ip'],
  1022. 'member_link' => $row['id_member'] > 0 ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['display_name'] . '</a>' : $row['display_name'],
  1023. 'message' => strtr($row['message'], array('&lt;span class=&quot;remove&quot;&gt;' => '', '&lt;/span&gt;' => '')),
  1024. 'url' => $row['url'],
  1025. 'time' => timeformat($row['log_time']),
  1026. 'timestamp' => forum_time(true, $row['log_time']),
  1027. );
  1028. $smcFunc['db_free_result']($request);
  1029. return $error_messages;
  1030. }
  1031. /**
  1032. * @todo needs a description
  1033. *
  1034. * @param string $where
  1035. * @param array $where_vars
  1036. * @return string count of messages matching the IP
  1037. */
  1038. function list_getIPMessageCount($where, $where_vars = array())
  1039. {
  1040. global $smcFunc;
  1041. $request = $smcFunc['db_query']('', '
  1042. SELECT COUNT(*) AS message_count
  1043. FROM {db_prefix}messages AS m
  1044. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  1045. WHERE {query_see_board} AND ' . $where,
  1046. $where_vars
  1047. );
  1048. list ($count) = $smcFunc['db_fetch_row']($request);
  1049. $smcFunc['db_free_result']($request);
  1050. // @todo cast to integer
  1051. return $count;
  1052. }
  1053. /**
  1054. * @todo needs a description
  1055. *
  1056. * @param int $start
  1057. * @param int $items_per_page
  1058. * @param string $sort
  1059. * @param string $where
  1060. * @param array $where_vars
  1061. * @return array an array of messages
  1062. */
  1063. function list_getIPMessages($start, $items_per_page, $sort, $where, $where_vars = array())
  1064. {
  1065. global $smcFunc, $txt, $scripturl;
  1066. // Get all the messages fitting this where clause.
  1067. // @todo SLOW This query is using a filesort.
  1068. $request = $smcFunc['db_query']('', '
  1069. SELECT
  1070. m.id_msg, m.poster_ip, IFNULL(mem.real_name, m.poster_name) AS display_name, mem.id_member,
  1071. m.subject, m.poster_time, m.id_topic, m.id_board
  1072. FROM {db_prefix}messages AS m
  1073. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  1074. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  1075. WHERE {query_see_board} AND ' . $where . '
  1076. ORDER BY ' . $sort . '
  1077. LIMIT ' . $start . ', ' . $items_per_page,
  1078. array_merge($where_vars, array(
  1079. ))
  1080. );
  1081. $messages = array();
  1082. while ($row = $smcFunc['db_fetch_assoc']($request))
  1083. $messages[] = array(
  1084. 'ip' => $row['poster_ip'],
  1085. 'member_link' => empty($row['id_member']) ? $row['display_name'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['display_name'] . '</a>',
  1086. 'board' => array(
  1087. 'id' => $row['id_board'],
  1088. 'href' => $scripturl . '?board=' . $row['id_board']
  1089. ),
  1090. 'topic' => $row['id_topic'],
  1091. 'id' => $row['id_msg'],
  1092. 'subject' => $row['subject'],
  1093. 'time' => timeformat($row['poster_time']),
  1094. 'timestamp' => forum_time(true, $row['poster_time'])
  1095. );
  1096. $smcFunc['db_free_result']($request);
  1097. return $messages;
  1098. }
  1099. /**
  1100. * @todo needs a description
  1101. *
  1102. * @param int $memID = 0 id_member
  1103. */
  1104. function TrackIP($memID = 0)
  1105. {
  1106. global $user_profile, $scripturl, $txt, $user_info, $modSettings, $sourcedir;
  1107. global $context, $smcFunc;
  1108. // Can the user do this?
  1109. isAllowedTo('moderate_forum');
  1110. if ($memID == 0)
  1111. {
  1112. $context['ip'] = $user_info['ip'];
  1113. loadTemplate('Profile');
  1114. loadLanguage('Profile');
  1115. $context['sub_template'] = 'trackIP';
  1116. $context['page_title'] = $txt['profile'];
  1117. $context['base_url'] = $scripturl . '?action=trackip';
  1118. }
  1119. else
  1120. {
  1121. $context['ip'] = $user_profile[$memID]['member_ip'];
  1122. $context['base_url'] = $scripturl . '?action=profile;area=tracking;sa=ip;u=' . $memID;
  1123. }
  1124. // Searching?
  1125. if (isset($_REQUEST['searchip']))
  1126. $context['ip'] = trim($_REQUEST['searchip']);
  1127. if (preg_match('/^\d{1,3}\.(\d{1,3}|\*)\.(\d{1,3}|\*)\.(\d{1,3}|\*)$/', $context['ip']) == 0 && isValidIPv6($context['ip']) === false)
  1128. fatal_lang_error('invalid_tracking_ip', false);
  1129. $ip_var = str_replace('*', '%', $context['ip']);
  1130. $ip_string = strpos($ip_var, '%') === false ? '= {string:ip_address}' : 'LIKE {string:ip_address}';
  1131. if (empty($context['tracking_area']))
  1132. $context['page_title'] = $txt['trackIP'] . ' - ' . $context['ip'];
  1133. $request = $smcFunc['db_query']('', '
  1134. SELECT id_member, real_name AS display_name, member_ip
  1135. FROM {db_prefix}members
  1136. WHERE member_ip ' . $ip_string,
  1137. array(
  1138. 'ip_address' => $ip_var,
  1139. )
  1140. );
  1141. $context['ips'] = array();
  1142. while ($row = $smcFunc['db_fetch_assoc']($request))
  1143. $context['ips'][$row['member_ip']][] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['display_name'] . '</a>';
  1144. $smcFunc['db_free_result']($request);
  1145. ksort($context['ips']);
  1146. // Gonna want this for the list.
  1147. require_once($sourcedir . '/Subs-List.php');
  1148. // Start with the user messages.
  1149. $listOptions = array(
  1150. 'id' => 'track_message_list',
  1151. 'title' => $txt['messages_from_ip'] . ' ' . $context['ip'],
  1152. 'start_var_name' => 'messageStart',
  1153. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1154. 'no_items_label' => $txt['no_messages_from_ip'],
  1155. 'base_href' => $context['base_url'] . ';searchip=' . $context['ip'],
  1156. 'default_sort_col' => 'date',
  1157. 'get_items' => array(
  1158. 'function' => 'list_getIPMessages',
  1159. 'params' => array(
  1160. 'm.poster_ip ' . $ip_string,
  1161. array('ip_address' => $ip_var),
  1162. ),
  1163. ),
  1164. 'get_count' => array(
  1165. 'function' => 'list_getIPMessageCount',
  1166. 'params' => array(
  1167. 'm.poster_ip ' . $ip_string,
  1168. array('ip_address' => $ip_var),
  1169. ),
  1170. ),
  1171. 'columns' => array(
  1172. 'ip_address' => array(
  1173. 'header' => array(
  1174. 'value' => $txt['ip_address'],
  1175. ),
  1176. 'data' => array(
  1177. 'sprintf' => array(
  1178. 'format' => '<a href="' . $context['base_url'] . ';searchip=%1$s">%1$s</a>',
  1179. 'params' => array(
  1180. 'ip' => false,
  1181. ),
  1182. ),
  1183. ),
  1184. 'sort' => array(
  1185. 'default' => 'INET_ATON(m.poster_ip)',
  1186. 'reverse' => 'INET_ATON(m.poster_ip) DESC',
  1187. ),
  1188. ),
  1189. 'poster' => array(
  1190. 'header' => array(
  1191. 'value' => $txt['poster'],
  1192. ),
  1193. 'data' => array(
  1194. 'db' => 'member_link',
  1195. ),
  1196. ),
  1197. 'subject' => array(
  1198. 'header' => array(
  1199. 'value' => $txt['subject'],
  1200. ),
  1201. 'data' => array(
  1202. 'sprintf' => array(
  1203. 'format' => '<a href="' . $scripturl . '?topic=%1$s.msg%2$s#msg%2$s" rel="nofollow">%3$s</a>',
  1204. 'params' => array(
  1205. 'topic' => false,
  1206. 'id' => false,
  1207. 'subject' => false,
  1208. ),
  1209. ),
  1210. ),
  1211. ),
  1212. 'date' => array(
  1213. 'header' => array(
  1214. 'value' => $txt['date'],
  1215. ),
  1216. 'data' => array(
  1217. 'db' => 'time',
  1218. ),
  1219. 'sort' => array(
  1220. 'default' => 'm.id_msg DESC',
  1221. 'reverse' => 'm.id_msg',
  1222. ),
  1223. ),
  1224. ),
  1225. 'additional_rows' => array(
  1226. array(
  1227. 'position' => 'after_title',
  1228. 'value' => $txt['messages_from_ip_desc'],
  1229. 'class' => 'windowbg2',
  1230. 'style' => 'padding: 1ex 2ex;',
  1231. ),
  1232. ),
  1233. );
  1234. // Create the messages list.
  1235. createList($listOptions);
  1236. // Set the options for the error lists.
  1237. $listOptions = array(
  1238. 'id' => 'track_user_list',
  1239. 'title' => $txt['errors_from_ip'] . ' ' . $context['ip'],
  1240. 'start_var_name' => 'errorStart',
  1241. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1242. 'no_items_label' => $txt['no_errors_from_ip'],
  1243. 'base_href' => $context['base_url'] . ';searchip=' . $context['ip'],
  1244. 'default_sort_col' => 'date2',
  1245. 'get_items' => array(
  1246. 'function' => 'list_getUserErrors',
  1247. 'params' => array(
  1248. 'le.ip ' . $ip_string,
  1249. array('ip_address' => $ip_var),
  1250. ),
  1251. ),
  1252. 'get_count' => array(
  1253. 'function' => 'list_getUserErrorCount',
  1254. 'params' => array(
  1255. 'ip ' . $ip_string,
  1256. array('ip_address' => $ip_var),
  1257. ),
  1258. ),
  1259. 'columns' => array(
  1260. 'ip_address2' => array(
  1261. 'header' => array(
  1262. 'value' => $txt['ip_address'],
  1263. ),
  1264. 'data' => array(
  1265. 'sprintf' => array(
  1266. 'format' => '<a href="' . $context['base_url'] . ';searchip=%1$s">%1$s</a>',
  1267. 'params' => array(
  1268. 'ip' => false,
  1269. ),
  1270. ),
  1271. ),
  1272. 'sort' => array(
  1273. 'default' => 'INET_ATON(le.ip)',
  1274. 'reverse' => 'INET_ATON(le.ip) DESC',
  1275. ),
  1276. ),
  1277. 'display_name' => array(
  1278. 'header' => array(
  1279. 'value' => $txt['display_name'],
  1280. ),
  1281. 'data' => array(
  1282. 'db' => 'member_link',
  1283. ),
  1284. ),
  1285. 'message' => array(
  1286. 'header' => array(
  1287. 'value' => $txt['message'],
  1288. ),
  1289. 'data' => array(
  1290. 'sprintf' => array(
  1291. 'format' => '%1$s<br /><a href="%2$s">%2$s</a>',
  1292. 'params' => array(
  1293. 'message' => false,
  1294. 'url' => false,
  1295. ),
  1296. ),
  1297. ),
  1298. ),
  1299. 'date2' => array(
  1300. 'header' => array(
  1301. 'value' => $txt['date'],
  1302. ),
  1303. 'data' => array(
  1304. 'db' => 'time',
  1305. ),
  1306. 'sort' => array(
  1307. 'default' => 'le.id_error DESC',
  1308. 'reverse' => 'le.id_error',
  1309. ),
  1310. ),
  1311. ),
  1312. 'additional_rows' => array(
  1313. array(
  1314. 'position' => 'after_title',
  1315. 'value' => $txt['errors_from_ip_desc'],
  1316. 'class' => 'windowbg2',
  1317. 'style' => 'padding: 1ex 2ex;',
  1318. ),
  1319. ),
  1320. );
  1321. // Create the error list.
  1322. createList($listOptions);
  1323. $context['single_ip'] = strpos($context['ip'], '*') === false;
  1324. if ($context['single_ip'])
  1325. {
  1326. $context['whois_servers'] = array(
  1327. 'afrinic' => array(
  1328. 'name' => $txt['whois_afrinic'],
  1329. 'url' => 'http://www.afrinic.net/cgi-bin/whois?searchtext=' . $context['ip'],
  1330. 'range' => array(41, 154, 196),
  1331. ),
  1332. 'apnic' => array(
  1333. 'name' => $txt['whois_apnic'],
  1334. 'url' => 'http://wq.apnic.net/apnic-bin/whois.pl?searchtext=' . $context['ip'],
  1335. 'range' => array(58, 59, 60, 61, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124,
  1336. 125, 126, 133, 150, 153, 163, 171, 202, 203, 210, 211, 218, 219, 220, 221, 222),
  1337. ),
  1338. 'arin' => array(
  1339. 'name' => $txt['whois_arin'],
  1340. 'url' => 'http://whois.arin.net/rest/ip/' . $context['ip'],
  1341. 'range' => array(7, 24, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 96, 97, 98, 99,
  1342. 128, 129, 130, 131, 132, 134, 135, 136, 137, 138, 139, 140, 142, 143, 144, 146, 147, 148, 149,
  1343. 152, 155, 156, 157, 158, 159, 160, 161, 162, 164, 165, 166, 167, 168, 169, 170, 172, 173, 174,
  1344. 192, 198, 199, 204, 205, 206, 207, 208, 209, 216),
  1345. ),
  1346. 'lacnic' => array(
  1347. 'name' => $txt['whois_lacnic'],
  1348. 'url' => 'http://lacnic.net/cgi-bin/lacnic/whois?query=' . $context['ip'],
  1349. 'range' => array(186, 187, 189, 190, 191, 200, 201),
  1350. ),
  1351. 'ripe' => array(
  1352. 'name' => $txt['whois_ripe'],
  1353. 'url' => 'http://www.db.ripe.net/whois?searchtext=' . $context['ip'],
  1354. 'range' => array(62, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95,
  1355. 141, 145, 151, 188, 193, 194, 195, 212, 213, 217),
  1356. ),
  1357. );
  1358. foreach ($context['whois_servers'] as $whois)
  1359. {
  1360. // Strip off the "decimal point" and anything following...
  1361. if (in_array((int) $context['ip'], $whois['range']))
  1362. $context['auto_whois_server'] = $whois;
  1363. }
  1364. }
  1365. }
  1366. /**
  1367. * Tracks a users logins.
  1368. *
  1369. * @param int $memID = 0 id_member
  1370. */
  1371. function TrackLogins($memID = 0)
  1372. {
  1373. global $user_profile, $scripturl, $txt, $user_info, $modSettings, $sourcedir;
  1374. global $context, $smcFunc;
  1375. // Gonna want this for the list.
  1376. require_once($sourcedir . '/Subs-List.php');
  1377. if ($memID == 0)
  1378. $context['base_url'] = $scripturl . '?action=trackip';
  1379. else
  1380. $context['base_url'] = $scripturl . '?action=profile;area=tracking;sa=ip;u=' . $memID;
  1381. // Start with the user messages.
  1382. $listOptions = array(
  1383. 'id' => 'track_logins_list',
  1384. 'title' => $txt['trackLogins'],
  1385. 'no_items_label' => $txt['trackLogins_none_found'],
  1386. 'base_href' => $context['base_url'],
  1387. 'get_items' => array(
  1388. 'function' => 'list_getLogins',
  1389. 'params' => array(
  1390. 'id_member = {int:current_member}',
  1391. array('current_member' => $memID),
  1392. ),
  1393. ),
  1394. 'get_count' => array(
  1395. 'function' => 'list_getLoginCount',
  1396. 'params' => array(
  1397. 'id_member = {int:current_member}',
  1398. array('current_member' => $memID),
  1399. ),
  1400. ),
  1401. 'columns' => array(
  1402. 'time' => array(
  1403. 'header' => array(
  1404. 'value' => $txt['date'],
  1405. ),
  1406. 'data' => array(
  1407. 'db' => 'time',
  1408. ),
  1409. ),
  1410. 'ip' => array(
  1411. 'header' => array(
  1412. 'value' => $txt['ip_address'],
  1413. ),
  1414. 'data' => array(
  1415. 'sprintf' => array(
  1416. 'format' => '<a href="' . $context['base_url'] . ';searchip=%1$s">%1$s</a> (<a href="' . $context['base_url'] . ';searchip=%2$s">%2$s</a>) ',
  1417. 'params' => array(
  1418. 'ip' => false,
  1419. 'ip2' => false
  1420. ),
  1421. ),
  1422. ),
  1423. ),
  1424. ),
  1425. 'additional_rows' => array(
  1426. array(
  1427. 'position' => 'after_title',
  1428. 'value' => $txt['trackLogins_desc'],
  1429. 'class' => 'windowbg2',
  1430. 'style' => 'padding: 1ex 2ex;',
  1431. ),
  1432. ),
  1433. );
  1434. // Create the messages list.
  1435. createList($listOptions);
  1436. $context['sub_template'] = 'show_list';
  1437. $context['default_list'] = 'track_logins_list';
  1438. }
  1439. /**
  1440. * Callback for trackLogins for counting history.
  1441. *
  1442. * @param string $where
  1443. * @param array $where_vars
  1444. * @return string count of messages matching the IP
  1445. */
  1446. function list_getLoginCount($where, $where_vars = array())
  1447. {
  1448. global $smcFunc;
  1449. $request = $smcFunc['db_query']('', '
  1450. SELECT COUNT(*) AS message_count
  1451. FROM {db_prefix}member_logins
  1452. WHERE id_member = {int:id_member}',
  1453. array(
  1454. 'id_member' => $where_vars['current_member'],
  1455. )
  1456. );
  1457. list ($count) = $smcFunc['db_fetch_row']($request);
  1458. $smcFunc['db_free_result']($request);
  1459. // @todo cast to integer
  1460. return $count;
  1461. }
  1462. /**
  1463. * Callback for trackLogins data.
  1464. *
  1465. * @param int $start
  1466. * @param int $items_per_page
  1467. * @param string $sort
  1468. * @param string $where
  1469. * @param array $where_vars
  1470. * @return array an array of messages
  1471. */
  1472. function list_getLogins($start, $items_per_page, $sort, $where, $where_vars = array())
  1473. {
  1474. global $smcFunc, $txt, $scripturl;
  1475. $request = $smcFunc['db_query']('', '
  1476. SELECT time, ip, ip2
  1477. FROM {db_prefix}member_logins
  1478. WHERE {int:id_member}
  1479. ORDER BY time DESC',
  1480. array(
  1481. 'id_member' => $where_vars['current_member'],
  1482. )
  1483. );
  1484. $logins = array();
  1485. while ($row = $smcFunc['db_fetch_assoc']($request))
  1486. $logins[] = array(
  1487. 'time' => timeformat($row['time']),
  1488. 'ip' => $row['ip'],
  1489. 'ip2' => $row['ip2'],
  1490. );
  1491. $smcFunc['db_free_result']($request);
  1492. return $logins;
  1493. }
  1494. /**
  1495. * @todo needs a description
  1496. *
  1497. * @param int $memID id_member
  1498. */
  1499. function trackEdits($memID)
  1500. {
  1501. global $scripturl, $txt, $modSettings, $sourcedir, $context, $smcFunc;
  1502. require_once($sourcedir . '/Subs-List.php');
  1503. // Get the names of any custom fields.
  1504. $request = $smcFunc['db_query']('', '
  1505. SELECT col_name, field_name, bbc
  1506. FROM {db_prefix}custom_fields',
  1507. array(
  1508. )
  1509. );
  1510. $context['custom_field_titles'] = array();
  1511. while ($row = $smcFunc['db_fetch_assoc']($request))
  1512. $context['custom_field_titles']['customfield_' . $row['col_name']] = array(
  1513. 'title' => $row['field_name'],
  1514. 'parse_bbc' => $row['bbc'],
  1515. );
  1516. $smcFunc['db_free_result']($request);
  1517. // Set the options for the error lists.
  1518. $listOptions = array(
  1519. 'id' => 'edit_list',
  1520. 'title' => $txt['trackEdits'],
  1521. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1522. 'no_items_label' => $txt['trackEdit_no_edits'],
  1523. 'base_href' => $scripturl . '?action=profile;area=tracking;sa=edits;u=' . $memID,
  1524. 'default_sort_col' => 'time',
  1525. 'get_items' => array(
  1526. 'function' => 'list_getProfileEdits',
  1527. 'params' => array(
  1528. $memID,
  1529. ),
  1530. ),
  1531. 'get_count' => array(
  1532. 'function' => 'list_getProfileEditCount',
  1533. 'params' => array(
  1534. $memID,
  1535. ),
  1536. ),
  1537. 'columns' => array(
  1538. 'action' => array(
  1539. 'header' => array(
  1540. 'value' => $txt['trackEdit_action'],
  1541. ),
  1542. 'data' => array(
  1543. 'db' => 'action_text',
  1544. ),
  1545. ),
  1546. 'before' => array(
  1547. 'header' => array(
  1548. 'value' => $txt['trackEdit_before'],
  1549. ),
  1550. 'data' => array(
  1551. 'db' => 'before',
  1552. ),
  1553. ),
  1554. 'after' => array(
  1555. 'header' => array(
  1556. 'value' => $txt['trackEdit_after'],
  1557. ),
  1558. 'data' => array(
  1559. 'db' => 'after',
  1560. ),
  1561. ),
  1562. 'time' => array(
  1563. 'header' => array(
  1564. 'value' => $txt['date'],
  1565. ),
  1566. 'data' => array(
  1567. 'db' => 'time',
  1568. ),
  1569. 'sort' => array(
  1570. 'default' => 'id_action DESC',
  1571. 'reverse' => 'id_action',
  1572. ),
  1573. ),
  1574. 'applicator' => array(
  1575. 'header' => array(
  1576. 'value' => $txt['trackEdit_applicator'],
  1577. ),
  1578. 'data' => array(
  1579. 'db' => 'member_link',
  1580. ),
  1581. ),
  1582. ),
  1583. );
  1584. // Create the error list.
  1585. createList($listOptions);
  1586. $context['sub_template'] = 'show_list';
  1587. $context['default_list'] = 'edit_list';
  1588. }
  1589. /**
  1590. * How many edits?
  1591. *
  1592. * @param int $memID id_member
  1593. * @return string number of profile edits
  1594. */
  1595. function list_getProfileEditCount($memID)
  1596. {
  1597. global $smcFunc;
  1598. $request = $smcFunc['db_query']('', '
  1599. SELECT COUNT(*) AS edit_count
  1600. FROM {db_prefix}log_actions
  1601. WHERE id_log = {int:log_type}
  1602. AND id_member = {int:owner}',
  1603. array(
  1604. 'log_type' => 2,
  1605. 'owner' => $memID,
  1606. )
  1607. );
  1608. list ($edit_count) = $smcFunc['db_fetch_row']($request);
  1609. $smcFunc['db_free_result']($request);
  1610. // @todo cast to integer
  1611. return $edit_count;
  1612. }
  1613. /**
  1614. * @todo needs a description
  1615. *
  1616. * @param int $start
  1617. * @param int $items_per_page
  1618. * @param string $sort
  1619. * @param int $memID
  1620. * @return array
  1621. */
  1622. function list_getProfileEdits($start, $items_per_page, $sort, $memID)
  1623. {
  1624. global $smcFunc, $txt, $scripturl, $context;
  1625. // Get a list of error messages from this ip (range).
  1626. $request = $smcFunc['db_query']('', '
  1627. SELECT
  1628. id_action, id_member, ip, log_time, action, extra
  1629. FROM {db_prefix}log_actions
  1630. WHERE id_log = {int:log_type}
  1631. AND id_member = {int:owner}
  1632. ORDER BY ' . $sort . '
  1633. LIMIT ' . $start . ', ' . $items_per_page,
  1634. array(
  1635. 'log_type' => 2,
  1636. 'owner' => $memID,
  1637. )
  1638. );
  1639. $edits = array();
  1640. $members = array();
  1641. while ($row = $smcFunc['db_fetch_assoc']($request))
  1642. {
  1643. $extra = @unserialize($row['extra']);
  1644. if (!empty($extra['applicator']))
  1645. $members[] = $extra['applicator'];
  1646. // Work out what the name of the action is.
  1647. if (isset($txt['trackEdit_action_' . $row['action']]))
  1648. $action_text = $txt['trackEdit_action_' . $row['action']];
  1649. elseif (isset($txt[$row['action']]))
  1650. $action_text = $txt[$row['action']];
  1651. // Custom field?
  1652. elseif (isset($context['custom_field_titles'][$row['action']]))
  1653. $action_text = $context['custom_field_titles'][$row['action']]['title'];
  1654. else
  1655. $action_text = $row['action'];
  1656. // Parse BBC?
  1657. $parse_bbc = isset($context['custom_field_titles'][$row['action']]) && $context['custom_field_titles'][$row['action']]['parse_bbc'] ? true : false;
  1658. $edits[] = array(
  1659. 'id' => $row['id_action'],
  1660. 'ip' => $row['ip'],
  1661. 'id_member' => !empty($extra['applicator']) ? $extra['applicator'] : 0,
  1662. 'member_link' => $txt['trackEdit_deleted_member'],
  1663. 'action' => $row['action'],
  1664. 'action_text' => $action_text,
  1665. 'before' => !empty($extra['previous']) ? ($parse_bbc ? parse_bbc($extra['previous']) : $extra['previous']) : '',
  1666. 'after' => !empty($extra['new']) ? ($parse_bbc ? parse_bbc($extra['new']) : $extra['new']) : '',
  1667. 'time' => timeformat($row['log_time']),
  1668. );
  1669. }
  1670. $smcFunc['db_free_result']($request);
  1671. // Get any member names.
  1672. if (!empty($members))
  1673. {
  1674. $request = $smcFunc['db_query']('', '
  1675. SELECT
  1676. id_member, real_name
  1677. FROM {db_prefix}members
  1678. WHERE id_member IN ({array_int:members})',
  1679. array(
  1680. 'members' => $members,
  1681. )
  1682. );
  1683. $members = array();
  1684. while ($row = $smcFunc['db_fetch_assoc']($request))
  1685. $members[$row['id_member']] = $row['real_name'];
  1686. $smcFunc['db_free_result']($request);
  1687. foreach ($edits as $key => $value)
  1688. if (isset($members[$value['id_member']]))
  1689. $edits[$key]['member_link'] = '<a href="' . $scripturl . '?action=profile;u=' . $value['id_member'] . '">' . $members[$value['id_member']] . '</a>';
  1690. }
  1691. return $edits;
  1692. }
  1693. /**
  1694. * @todo needs a description
  1695. *
  1696. * @param int $memID id_member
  1697. */
  1698. function showPermissions($memID)
  1699. {
  1700. global $scripturl, $txt, $board, $modSettings;
  1701. global $user_profile, $context, $user_info, $sourcedir, $smcFunc;
  1702. // Verify if the user has sufficient permissions.
  1703. isAllowedTo('manage_permissions');
  1704. loadLanguage('ManagePermissions');
  1705. loadLanguage('Admin');
  1706. loadTemplate('ManageMembers');
  1707. // Load all the permission profiles.
  1708. require_once($sourcedir . '/ManagePermissions.php');
  1709. loadPermissionProfiles();
  1710. $context['member']['id'] = $memID;
  1711. $context['member']['name'] = $user_profile[$memID]['real_name'];
  1712. $context['page_title'] = $txt['showPermissions'];
  1713. $board = empty($board) ? 0 : (int) $board;
  1714. $context['board'] = $board;
  1715. // Determine which groups this user is in.
  1716. if (empty($user_profile[$memID]['additional_groups']))
  1717. $curGroups = array();
  1718. else
  1719. $curGroups = explode(',', $user_profile[$memID]['additional_groups']);
  1720. $curGroups[] = $user_profile[$memID]['id_group'];
  1721. $curGroups[] = $user_profile[$memID]['id_post_group'];
  1722. // Load a list of boards for the jump box - except the defaults.
  1723. $request = $smcFunc['db_query']('order_by_board_order', '
  1724. SELECT b.id_board, b.name, b.id_profile, b.member_groups, IFNULL(mods.id_member, 0) AS is_mod
  1725. FROM {db_prefix}boards AS b
  1726. LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})
  1727. WHERE {query_see_board}',
  1728. array(
  1729. 'current_member' => $memID,
  1730. )
  1731. );
  1732. $context['boards'] = array();
  1733. $context['no_access_boards'] = array();
  1734. while ($row = $smcFunc['db_fetch_assoc']($request))
  1735. {
  1736. if (count(array_intersect($curGroups, explode(',', $row['member_groups']))) === 0 && !$row['is_mod'])
  1737. $context['no_access_boards'][] = array(
  1738. 'id' => $row['id_board'],
  1739. 'name' => $row['name'],
  1740. 'is_last' => false,
  1741. );
  1742. elseif ($row['id_profile'] != 1 || $row['is_mod'])
  1743. $context['boards'][$row['id_board']] = array(
  1744. 'id' => $row['id_board'],
  1745. 'name' => $row['name'],
  1746. 'selected' => $board == $row['id_board'],
  1747. 'profile' => $row['id_profile'],
  1748. 'profile_name' => $context['profiles'][$row['id_profile']]['name'],
  1749. );
  1750. }
  1751. $smcFunc['db_free_result']($request);
  1752. if (!empty($context['no_access_boards']))
  1753. $context['no_access_boards'][count($context['no_access_boards']) - 1]['is_last'] = true;
  1754. $context['member']['permissions'] = array(
  1755. 'general' => array(),
  1756. 'board' => array()
  1757. );
  1758. // If you're an admin we know you can do everything, we might as well leave.
  1759. $context['member']['has_all_permissions'] = in_array(1, $curGroups);
  1760. if ($context['member']['has_all_permissions'])
  1761. return;
  1762. $denied = array();
  1763. // Get all general permissions.
  1764. $result = $smcFunc['db_query']('', '
  1765. SELECT p.permission, p.add_deny, mg.group_name, p.id_group
  1766. FROM {db_prefix}permissions AS p
  1767. LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = p.id_group)
  1768. WHERE p.id_group IN ({array_int:group_list})
  1769. ORDER BY p.add_deny DESC, p.permission, mg.min_posts, CASE WHEN mg.id_group < {int:newbie_group} THEN mg.id_group ELSE 4 END, mg.group_name',
  1770. array(
  1771. 'group_list' => $curGroups,
  1772. 'newbie_group' => 4,
  1773. )
  1774. );
  1775. while ($row = $smcFunc['db_fetch_assoc']($result))
  1776. {
  1777. // We don't know about this permission, it doesn't exist :P.
  1778. if (!isset($txt['permissionname_' . $row['permission']]))
  1779. continue;
  1780. if (empty($row['add_deny']))
  1781. $denied[] = $row['permission'];
  1782. // Permissions that end with _own or _any consist of two parts.
  1783. if (in_array(substr($row['permission'], -4), array('_own', '_any')) && isset($txt['permissionname_' . substr($row['permission'], 0, -4)]))
  1784. $name = $txt['permissionname_' . substr($row['permission'], 0, -4)] . ' - ' . $txt['permissionname_' . $row['permission']];
  1785. else
  1786. $name = $txt['permissionname_' . $row['permission']];
  1787. // Add this permission if it doesn't exist yet.
  1788. if (!isset($context['member']['permissions']['general'][$row['permission']]))
  1789. $context['member']['permissions']['general'][$row['permission']] = array(
  1790. 'id' => $row['permission'],
  1791. 'groups' => array(
  1792. 'allowed' => array(),
  1793. 'denied' => array()
  1794. ),
  1795. 'name' => $name,
  1796. 'is_denied' => false,
  1797. 'is_global' => true,
  1798. );
  1799. // Add the membergroup to either the denied or the allowed groups.
  1800. $context['member']['permissions']['general'][$row['permission']]['groups'][empty($row['add_deny']) ? 'denied' : 'allowed'][] = $row['id_group'] == 0 ? $txt['membergroups_members'] : $row['group_name'];
  1801. // Once denied is always denied.
  1802. $context['member']['permissions']['general'][$row['permission']]['is_denied'] |= empty($row['add_deny']);
  1803. }
  1804. $smcFunc['db_free_result']($result);
  1805. $request = $smcFunc['db_query']('', '
  1806. SELECT
  1807. bp.add_deny, bp.permission, bp.id_group, mg.group_name' . (empty($board) ? '' : ',
  1808. b.id_profile, CASE WHEN mods.id_member IS NULL THEN 0 ELSE 1 END AS is_moderator') . '
  1809. FROM {db_prefix}board_permissions AS bp' . (empty($board) ? '' : '
  1810. INNER JOIN {db_prefix}boards AS b ON (b.id_board = {int:current_board})
  1811. LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})') . '
  1812. LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = bp.id_group)
  1813. WHERE bp.id_profile = {raw:current_profile}
  1814. AND bp.id_group IN ({array_int:group_list}' . (empty($board) ? ')' : ', {int:moderator_group})
  1815. AND (mods.id_member IS NOT NULL OR bp.id_group != {int:moderator_group})'),
  1816. array(
  1817. 'current_board' => $board,
  1818. 'group_list' => $curGroups,
  1819. 'current_member' => $memID,
  1820. 'current_profile' => empty($board) ? '1' : 'b.id_profile',
  1821. 'moderator_group' => 3,
  1822. )
  1823. );
  1824. while ($row = $smcFunc['db_fetch_assoc']($request))
  1825. {
  1826. // We don't know about this permission, it doesn't exist :P.
  1827. if (!isset($txt['permissionname_' . $row['permission']]))
  1828. continue;
  1829. // The name of the permission using the format 'permission name' - 'own/any topic/event/etc.'.
  1830. if (in_array(substr($row['permission'], -4), array('_own', '_any')) && isset($txt['permissionname_' . substr($row['permission'], 0, -4)]))
  1831. $name = $txt['permissionname_' . substr($row['permission'], 0, -4)] . ' - ' . $txt['permissionname_' . $row['permission']];
  1832. else
  1833. $name = $txt['permissionname_' . $row['permission']];
  1834. // Create the structure for this permission.
  1835. if (!isset($context['member']['permissions']['board'][$row['permission']]))
  1836. $context['member']['permissions']['board'][$row['permission']] = array(
  1837. 'id' => $row['permission'],
  1838. 'groups' => array(
  1839. 'allowed' => array(),
  1840. 'denied' => array()
  1841. ),
  1842. 'name' => $name,
  1843. 'is_denied' => false,
  1844. 'is_global' => empty($board),
  1845. );
  1846. $context['member']['permissions']['board'][$row['permission']]['groups'][empty($row['add_deny']) ? 'denied' : 'allowed'][$row['id_group']] = $row['id_group'] == 0 ? $txt['membergroups_members'] : $row['group_name'];
  1847. $context['member']['permissions']['board'][$row['permission']]['is_denied'] |= empty($row['add_deny']);
  1848. }
  1849. $smcFunc['db_free_result']($request);
  1850. }
  1851. /**
  1852. * View a members warnings?
  1853. *
  1854. * @param int $memID id_member
  1855. */
  1856. function viewWarning($memID)
  1857. {
  1858. global $modSettings, $context, $sourcedir, $txt, $scripturl;
  1859. // Firstly, can we actually even be here?
  1860. if (!allowedTo('issue_warning') && (empty($modSettings['warning_show']) || ($modSettings['warning_show'] == 1 && !$context['user']['is_owner'])))
  1861. fatal_lang_error('no_access', false);
  1862. // Make sure things which are disabled stay disabled.
  1863. $modSettings['warning_watch'] = !empty($modSettings['warning_watch']) ? $modSettings['warning_watch'] : 110;
  1864. $modSettings['warning_moderate'] = !empty($modSettings['warning_moderate']) && !empty($modSettings['postmod_active']) ? $modSettings['warning_moderate'] : 110;
  1865. $modSettings['warning_mute'] = !empty($modSettings['warning_mute']) ? $modSettings['warning_mute'] : 110;
  1866. // Let's use a generic list to get all the current warnings, and use the issue warnings grab-a-granny thing.
  1867. require_once($sourcedir . '/Subs-List.php');
  1868. require_once($sourcedir . '/Profile-Actions.php');
  1869. $listOptions = array(
  1870. 'id' => 'view_warnings',
  1871. 'title' => $txt['profile_viewwarning_previous_warnings'],
  1872. 'items_per_page' => $modSettings['defaultMaxMessages'],
  1873. 'no_items_label' => $txt['profile_viewwarning_no_warnings'],
  1874. 'base_href' => $scripturl . '?action=profile;area=viewwarning;sa=user;u=' . $memID,
  1875. 'default_sort_col' => 'log_time',
  1876. 'get_items' => array(
  1877. 'function' => 'list_getUserWarnings',
  1878. 'params' => array(
  1879. $memID,
  1880. ),
  1881. ),
  1882. 'get_count' => array(
  1883. 'function' => 'list_getUserWarningCount',
  1884. 'params' => array(
  1885. $memID,
  1886. ),
  1887. ),
  1888. 'columns' => array(
  1889. 'log_time' => array(
  1890. 'header' => array(
  1891. 'value' => $txt['profile_warning_previous_time'],
  1892. ),
  1893. 'data' => array(
  1894. 'db' => 'time',
  1895. ),
  1896. 'sort' => array(
  1897. 'default' => 'lc.log_time DESC',
  1898. 'reverse' => 'lc.log_time',
  1899. ),
  1900. ),
  1901. 'reason' => array(
  1902. 'header' => array(
  1903. 'value' => $txt['profile_warning_previous_reason'],
  1904. 'style' => 'width: 50%',
  1905. ),
  1906. 'data' => array(
  1907. 'db' => 'reason',
  1908. ),
  1909. ),
  1910. 'level' => array(
  1911. 'header' => array(
  1912. 'value' => $txt['profile_warning_previous_level'],
  1913. ),
  1914. 'data' => array(
  1915. 'db' => 'counter',
  1916. ),
  1917. 'sort' => array(
  1918. 'default' => 'lc.counter DESC',
  1919. 'reverse' => 'lc.counter',
  1920. ),
  1921. ),
  1922. ),
  1923. 'additional_rows' => array(
  1924. array(
  1925. 'position' => 'after_title',
  1926. 'value' => $txt['profile_viewwarning_desc'],
  1927. 'class' => 'smalltext',
  1928. 'style' => 'padding: 2ex;',
  1929. ),
  1930. ),
  1931. );
  1932. // Create the list for viewing.
  1933. require_once($sourcedir . '/Subs-List.php');
  1934. createList($listOptions);
  1935. // Create some common text bits for the template.
  1936. $context['level_effects'] = array(
  1937. 0 => '',
  1938. $modSettings['warning_watch'] => $txt['profile_warning_effect_own_watched'],
  1939. $modSettings['warning_moderate'] => $txt['profile_warning_effect_own_moderated'],
  1940. $modSettings['warning_mute'] => $txt['profile_warning_effect_own_muted'],
  1941. );
  1942. $context['current_level'] = 0;
  1943. foreach ($context['level_effects'] as $limit => $dummy)
  1944. if ($context['member']['warning'] >= $limit)
  1945. $context['current_level'] = $limit;
  1946. }
  1947. ?>