Location: PHPKode > projects > IntraMessenger > distant/include/contact_user_search.inc.php
<?php
/*******************************************************
 **                  IntraMessenger - server          **
 **                                                   **
 **  Copyright:      (C) 2006 - 2011 THeUDS           **
 **  Web:            http://www.theuds.com            **
 **                  http://www.intramessenger.net    **
 **  Licence :       GPL (GNU Public License)         **
 **  http://opensource.org/licenses/gpl-license.php   **
 *******************************************************/

/*******************************************************
 **       This file is part of IntraMessenger-server  **
 **                                                   **
 **  IntraMessenger is a free software.               **
 **  IntraMessenger is distributed in the hope that   **
 **  it will be useful, but WITHOUT ANY WARRANTY.     **
 *******************************************************/
//
if ( !defined('INTRAMESSENGER') )
{
  exit;
}
//
if ( (!isset($_GET['iu'])) or (!isset($_GET['s'])) or (!isset($_GET['c'])) or (!isset($_GET['ip'])) ) die();
//
$id_user =		intval(f_decode64_wd($_GET['iu'])); 
$id_user = 		(intval($id_user) - intval($action));
$id_session = intval(f_decode64_wd($_GET['s']));
$contact =    f_decode64_wd($_GET['c']);
$ip = 			  f_decode64_wd($_GET['ip']);
$contact =    f_clean_username($contact);
//
if (preg_match("#[^0-9]#", $id_user)) $id_user = "";
if (preg_match("#[^0-9]#", $id_session)) $id_session = "";
//
if ( ($id_user > 0) and ($id_session > 0) and ($contact <> "") and ($ip != "") )
{
  require ("../common/acces.inc.php");
  f_verif_ip($ip);
  //
  require ("../common/sql.inc.php");
  require ("../common/sessions.inc.php");
  //
  if (function_exists('mysql_real_escape_string'))  $contact = mysql_real_escape_string($contact);
  //
  if (f_verif_id_session_id_user($id_user, $id_session) <> 'OK')
    die ("Session KO.");
  //
  //
  $t_user_hiearchic_management_by_admin = _USER_HIEARCHIC_MANAGEMENT_BY_ADMIN;
  if (_ROLES_TO_OVERRIDE_PERMISSIONS != "")
  {
    require ("../common/roles.inc.php");
    $id_role = f_role_of_user($id_user);
    //
    if ($id_role > 0)
    {
      $t_user_hiearchic_management_by_admin = f_role_permission($id_role, "USER_HIEARCHIC_MANAGEMENT_BY_ADMIN", _USER_HIEARCHIC_MANAGEMENT_BY_ADMIN);
    }
  }
  //
  //
  $requete  = " select ID_USER, USR_USERNAME, USR_NICKNAME, USR_NAME, USR_COUNTRY_CODE, USR_LANGUAGE_CODE ";
  //$requete .= " USR_AVATAR, USR_TIME_SHIFT, USR_EMAIL, USR_PHONE, USR_GENDER ";
  $requete .= " FROM " . $PREFIX_IM_TABLE . "USR_USER ";
  $requete .= " WHERE ID_USER <> " . $id_user . " ";
  //$requete .= " and ( (USR_CHECK <> 'WAIT' and USR_CHECK <> '') or USR_STATUS = 1 )  "; // ne pouvoir afficher dans ses contacts que des users validés.
  $requete .= " and USR_STATUS = 1 ";
  $requete .= " and USR_NAME <> 'HIDDEN' "; // ne pas afficher les contacts masqués : pour ajout dans les contacts.
  if ($t_user_hiearchic_management_by_admin != "") // vérification si niveau <=
  {
    $requete .= " and USR_LEVEL >= " . f_level_of_user($id_user);
  }
  $requete .= " and ( LOWER(USR_USERNAME) like '%" . $contact . "%' or LOWER(USR_NAME) like '%" . $contact . "%' or LOWER(USR_EMAIL) like '" . $contact . "%' ) ";
  $requete .= " ORDER BY USR_USERNAME";
  $result = mysql_query($requete);
  if (!$result) error_sql_log("[ERR-40a]", $requete);
  if ( mysql_num_rows($result) > 0 )
  {
    echo ">F16#OK####|";
    while( list ($id_user_2, $user_name, $nickname, $name, $country_code, $language_code) = mysql_fetch_row ($result) ) // $avatar, $timeshift, $email, $phone, $gender
    {
      if ( ($nickname != '') and (_ALLOW_UPPERCASE_SPACE_USERNAME != '') ) $user_name = $nickname;
      if (_DISPLAY_USER_FLAG_COUNTRY == "") $country_code = "";
      if ($name == 'HIDDEN')	$name = '';
      //
      // on renvoi seulement ceux qui ne sont pas dans ses contacts
      if (  ( f_is_deja_in_contacts_id($id_user, $id_user_2) <= 0 ) and ( f_is_deja_in_contacts_id($id_user_2, $id_user) <= 0 )  )
      {
        $msg = "#" . $id_user_2 . "#" . $user_name . "#" . $name . "#" . $language_code . "#";
        $msg = f_encode64($msg);
        echo $msg . "|"; // séparateur de ligne : '|' (pipe).
      }
    }
  }
  else
  {
    // renvoie : aucun contact 'disponible'
    echo ">F16#-#-###|";
  }
  //
  mysql_close($id_connect);
}
?>
Return current item: IntraMessenger