<?php
(!defined('IN_PowerBB')) ? die() : '';
include('common.php');
define('CLASS_NAME','PowerBBProfileMOD');
class PowerBBProfileMOD
{
function run()
{
global $PowerBB;
$PowerBB->_GET['id'] = $PowerBB->functions->CleanVariable($PowerBB->_GET['id'],'intval');
$PowerBB->_GET['username'] = $PowerBB->functions->CleanVariable($PowerBB->_GET['username'],'sql');
/** Show the profile of member **/
if ($PowerBB->_GET['show'])
{
$this->_ShowProfile();
}
/** **/
else
{
$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['path_not_true']);
}
$PowerBB->functions->GetFooter();
}
/** Get member information and show it **/
function _ShowProfile()
{
global $PowerBB;
//////////
// Show the header
$PowerBB->functions->ShowHeader();
if (!$PowerBB->_CONF['group_info']['memberlist_allow'])
{
if (!$PowerBB->_CONF['member_permission'])
{
$PowerBB->template->display('login');
$PowerBB->functions->error_stop();
}
else
{
$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['no_online']);
}
}
////////
// Extra Field info
$extraEmptyFields=$PowerBB->extrafield->getEmptyProfileFields();
$fieldsRow='';
foreach($extraEmptyFields AS $field)
$fieldsRow.=$field['name_tag'].',';
$PowerBB->_CONF['template']['while']['extrafield']=&$extraEmptyFields;
//////////
// Get the member information
$MemArr = array();
$MemArr['get'] = 'id,username,usergroup,user_info,user_sig,user_country,user_gender,user_website,';
$MemArr['get'] .= $fieldsRow.'lastvisit,user_time,register_date,posts,user_title,visitor,avater_path,away,away_msg,invite_num,reputation,warnings,send_allow,visitormessage,bday_day,bday_month,bday_year,username_style_cache';
$do_query = true;
// Well I think we are the biggest sneaky in the world after wrote these lines :D
$PowerBB->_GET['id'] = $PowerBB->functions->CleanVariable($PowerBB->_GET['id'],'intval');
if (!empty($PowerBB->_GET['id']))
{
$id = $PowerBB->functions->CleanVariable($PowerBB->_GET['id'],'intval');
$MemArr['where'] = array('id',$id);
$do_query = ($PowerBB->_CONF['member_row']['id'] == $PowerBB->_GET['id']) ? false : true;
}
elseif (!empty($PowerBB->_GET['username']))
{
$MemArr['where'] = array('username',$PowerBB->_GET['username']);
$do_query = ($PowerBB->_CONF['member_row']['username'] == $PowerBB->_GET['username']) ? false : true;
}
else
{
$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['path_not_true']);
}
$PowerBB->_CONF['template']['MemberInfo'] = ($do_query) ? $PowerBB->member->GetMemberInfo($MemArr) : $PowerBB->_CONF['member_row'];
// replace away msg
$PowerBB->_CONF['template']['MemberInfo']['away_msg'] = $PowerBB->Powerparse->replace($PowerBB->_CONF['template']['MemberInfo']['away_msg']);
$PowerBB->Powerparse->replace_smiles($PowerBB->_CONF['template']['MemberInfo']['away_msg']);
// feltr away msg
$PowerBB->_CONF['template']['MemberInfo']['away_msg'] = $PowerBB->Powerparse->censor_words($PowerBB->_CONF['template']['MemberInfo']['away_msg']);
// Kill XSS
$PowerBB->_CONF['template']['MemberInfo']['away_msg'] = $PowerBB->functions->CleanVariable($PowerBB->_CONF['template']['MemberInfo']['away_msg'],'html');
$PowerBB->functions->CleanVariable($PowerBB->_CONF['template']['MemberInfo']['away_msg'],'sql');
// feltr user_info
$PowerBB->_CONF['template']['MemberInfo']['user_website'] = $PowerBB->functions->CleanVariable($PowerBB->_CONF['template']['MemberInfo']['user_website'],'html');
// feltr user_info
$PowerBB->_CONF['template']['MemberInfo']['user_info'] = $PowerBB->functions->CleanVariable($PowerBB->_CONF['template']['MemberInfo']['user_info'],'html');
$PowerBB->_CONF['template']['MemberInfo'] = $PowerBB->Powerparse->censor_words($PowerBB->_CONF['template']['MemberInfo']);
if (!$PowerBB->_CONF['template']['MemberInfo']['username'])
{
if ($PowerBB->_CONF['info_row']['rewriterule'] == '1')
{
echo ('<SCRIPT LANGUAGE="JavaScript">window.location="index.php";</script>');
}
else
{
$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Member_you_want_does_not_exist']);
}
}
// Getting member group
$GroupInfo = array();
$GroupInfo['where'] = array('id',$PowerBB->_CONF['template']['MemberInfo']['usergroup']);
$PowerBB->_CONF['group_info'] = $PowerBB->group->GetGroupInfo($GroupInfo);
//////////
// Kill XSS first
$PowerBB->functions->CleanVariable($PowerBB->_CONF['template']['MemberInfo'],'html');
// Second Kill SQL Injections
$PowerBB->functions->CleanVariable($PowerBB->_CONF['template']['MemberInfo'],'sql');
//////////
// Warning Process !
if ($PowerBB->_CONF['rows']['group_info']['send_warning'] == 1 && $PowerBB->_CONF['group_info']['can_warned'] == 1)
{
$PowerBB->_CONF['template']['MemberInfo']['Warnings'] = 1;
}else{
$PowerBB->_CONF['template']['MemberInfo']['Warnings'] = 0;
}
// edit member by exchangeboss
if ($PowerBB->_CONF['rows']['group_info']['admincp_member'] == 1 && $PowerBB->_CONF['rows']['group_info']['admincp_allow'] == 1)
{
$PowerBB->_CONF['template']['MemberInfo']['edit_member'] = 1;
}else{
$PowerBB->_CONF['template']['MemberInfo']['edit_member'] = 0;
}
// Where is the member now?
if ($PowerBB->_CONF['member_permission'])
{
$UpdateOnline = array();
$UpdateOnline['field'] = array();
$UpdateOnline['field']['user_location'] = $PowerBB->_CONF['template']['lang']['See_User_Profile'] .' ' . $PowerBB->_CONF['template']['MemberInfo']['username'];
$UpdateOnline['where'] = array('username',$PowerBB->_CONF['member_row']['username']);
$update = $PowerBB->online->UpdateOnline($UpdateOnline);
}
// Where is the Visitor now?
if (!$PowerBB->_CONF['member_permission'])
{
$UpdateOnline = array();
$UpdateOnline['field'] = array();
$UpdateOnline['field']['user_location'] = $PowerBB->_CONF['template']['lang']['See_User_Profile'] .' ' . $PowerBB->_CONF['template']['MemberInfo']['username'];
$UpdateOnline['where'] = array('user_ip',$PowerBB->_CONF['ip']);
$update = $PowerBB->online->UpdateOnline($UpdateOnline);
}
//////////
$time=time();
$date = date("h");
$timer = date(":i A", $time);
$timer = str_ireplace('PM',$PowerBB->_CONF['template']['lang']['PM'],$timer);
$timer = str_ireplace('AM',$PowerBB->_CONF['template']['lang']['AM'],$timer);
$PowerBB->_CONF['template']['MemberInfo']['user_time'] = $date+$PowerBB->_CONF['template']['MemberInfo']['user_time'].$timer;
if (is_numeric($PowerBB->_CONF['template']['MemberInfo']['register_date']))
{
$PowerBB->_CONF['template']['MemberInfo']['register_date'] = $PowerBB->functions->date($PowerBB->_CONF['template']['MemberInfo']['register_date']);
}
// We should be sneaky sometime ;)
if ($PowerBB->_CONF['member_row']['usergroup'] == $PowerBB->_CONF['template']['MemberInfo']['usergroup'])
{
$GroupInfo = $PowerBB->_CONF['rows']['group_info'];
}
else
{
$GroupInfo = array();
$GroupInfo['where'] = array('id',$PowerBB->_CONF['template']['MemberInfo']['usergroup']);
$GroupInfo = $PowerBB->group->GetGroupInfo($GroupInfo);
}
$PowerBB->_CONF['template']['MemberInfo']['usergroup'] = $GroupInfo['title'];
$MemberIDArr = array();
$MemberIDArr['where'] = array('id',$PowerBB->_GET['id']);
$MemberIDInfo = $PowerBB->member->GetMemberInfo($MemberIDArr);
$MemberUsernameArr = array();
$MemberUsernameArr['where'] = array('username',$PowerBB->_GET['username']);
$MemberUsernameInfo= $PowerBB->member->GetMemberInfo($MemberArr);
$MemberuserArr = array();
$MemberuserArr['where'] = array('username',$PowerBB->_CONF['member_row']['username']);
$MemberuserInfo = $PowerBB->member->GetMemberInfo($MemberuserArr);
// Is writer online ?
$CheckOnlineId = ($MemberIDInfo['logged'] < $PowerBB->_CONF['timeout']) ? false : true;
$CheckOnlineUsername = ($MemberIDInfo['logged'] < $PowerBB->_CONF['timeout']) ? false : true;
$CheckOnlineUsername_1 = ($MemberuserInfo['logged'] < $PowerBB->_CONF['timeout']) ? false : true;
// If the member is online , so store that in status variable
$image_path = $PowerBB->_CONF['rows']['style']['image_path'];
($CheckOnlineId) ? $PowerBB->template->assign('status',"<img title='Online' src='$image_path/icon_user_online.gif'>") : $PowerBB->template->assign('status',"<img title='offline' src='$image_path/icon_user_offline.gif'>");
($CheckOnlineUsername) ? $PowerBB->template->assign('status',"<img title='Online' src='$image_path/icon_user_online.gif'>") : $PowerBB->template->assign('status',"<img title='offline' src='$image_path/icon_user_offline.gif'>");
if ($PowerBB->_CONF['member_row']['username'] == $PowerBB->_GET['username'])
{
($CheckOnlineUsername_1) ? $PowerBB->template->assign('status',"<img title='Online' src='$image_path/icon_user_online.gif'>") : $PowerBB->template->assign('status',"<img title='offline' src='$image_path/icon_user_offline.gif'>");
}
$forum_not_1 = $PowerBB->_CONF['info_row']['last_subject_writer_not_in'];
if ($PowerBB->_CONF['template']['MemberInfo']['posts'] > 0)
{
$LastSubjectArr = array();
$LastSubjectArr['where'] = array();
$LastSubjectArr['where'][0] = array();
$LastSubjectArr['where'][0]['name'] = 'writer';
$LastSubjectArr['where'][0]['oper'] = '=';
$LastSubjectArr['where'][0]['value'] = $PowerBB->_CONF['template']['MemberInfo']['username'];
$LastSubjectArr['where'][1] = array();
$LastSubjectArr['where'][1]['con'] = 'AND';
$LastSubjectArr['where'][1]['name'] = 'section not in (' .$forum_not_1. ') AND review_subject<>1 AND sec_subject<>1 AND delete_topic';
$LastSubjectArr['where'][1]['oper'] = '<>';
$LastSubjectArr['where'][1]['value'] = '1';
$LastSubjectArr['order'] = array();
$LastSubjectArr['order']['field'] = 'id';
$LastSubjectArr['order']['type'] = 'DESC';
$LastSubjectArr['limit'] = '0,1';
$PowerBB->_CONF['template']['LastSubject'] = $PowerBB->subject->GetSubjectInfo($LastSubjectArr);
$PowerBB->functions->CleanVariable($PowerBB->_CONF['template']['LastSubject'],'html');
}
$forum_not_1 = $PowerBB->_CONF['info_row']['last_subject_writer_not_in'];
$LastReplyArr = array();
$LastReplyArr['where'] = array();
$LastReplyArr['where'][0] = array();
$LastReplyArr['where'][0]['name'] = 'writer';
$LastReplyArr['where'][0]['oper'] = '=';
$LastReplyArr['where'][0]['value'] = $PowerBB->_CONF['template']['MemberInfo']['username'];
$LastReplyArr['where'][1] = array();
$LastReplyArr['where'][1]['con'] = 'AND';
$LastReplyArr['where'][1]['name'] = 'section not in (' .$forum_not_1. ') AND review_reply<>1 AND delete_topic';
$LastReplyArr['where'][1]['oper'] = '<>';
$LastReplyArr['where'][1]['value'] = '1';
$LastReplyArr['order'] = array();
$LastReplyArr['order']['field'] = 'id';
$LastReplyArr['order']['type'] = 'DESC';
$LastReplyArr['limit'] = '1';
$GetLastReplyInfo = $PowerBB->reply->GetReplyInfo($LastReplyArr);
$PowerBB->functions->CleanVariable($GetLastReplyInfo,'sql');
if ($GetLastReplyInfo != false)
{
$SubjectArr = array();
$SubjectArr['where'] = array('id',$GetLastReplyInfo['subject_id']);
$PowerBB->_CONF['template']['LastReply'] = $PowerBB->subject->GetSubjectInfo($SubjectArr);
$PowerBB->_CONF['template']['LastReply']['reply_id'] = $GetLastReplyInfo['id'];
$PowerBB->functions->CleanVariable($PowerBB->_CONF['template']['LastReply'],'html');
}
$OnlineArr = array();
$OnlineArr['where'] = array('username',$PowerBB->_CONF['template']['MemberInfo']['username']);
$PowerBB->_CONF['template']['Location'] = $PowerBB->online->GetOnlineInfo($OnlineArr);
$PowerBB->_CONF['template']['MemberInfo']['user_sig'] = $PowerBB->Powerparse->replace($PowerBB->_CONF['template']['MemberInfo']['user_sig']);
$PowerBB->_CONF['template']['MemberInfo']['user_sig'] = str_replace('&','&',$PowerBB->_CONF['template']['MemberInfo']['user_sig']);
$PowerBB->Powerparse->replace_smiles($PowerBB->_CONF['template']['MemberInfo']['user_sig']);
// show Friends
$FriendsArr = array();
$FriendsArr['order'] = array();
$FriendsArr['order']['field'] = 'id';
$FriendsArr['order']['type'] = 'DESC';
$FriendsArr['proc'] = array();
$FriendsArr['proc']['*'] = array('method'=>'clean','param'=>'html');
$FriendsArr['where'] = array();
$FriendsArr['where'][0] = array();
$FriendsArr['where'][0]['name'] = 'username';
$FriendsArr['where'][0]['oper'] = '=';
$FriendsArr['where'][0]['value'] = $PowerBB->_CONF['template']['MemberInfo']['username'];
$FriendsArr['where'][1] = array();
$FriendsArr['where'][1]['con'] = 'AND';
$FriendsArr['where'][1]['name'] = 'approval';
$FriendsArr['where'][1]['oper'] = '=';
$FriendsArr['where'][1]['value'] = '1';
$PowerBB->_CONF['template']['while']['FriendsList'] = $PowerBB->friends->GetFriendsList($FriendsArr);
$frienArr = array();
$frienArr['where'] = array('username',$PowerBB->_CONF['template']['MemberInfo']['username']);
$FriendsInfo = $PowerBB->friends->GetFriendsInfo($frienArr);
if ($PowerBB->friends->IsFriend(array('where' => array('username_friend',$FriendsInfo['username']))))
{
//$PowerBB->template->assign('is_friend',1);
}
else
{
$PowerBB->template->assign('is_friend',2);
}
if($PowerBB->_CONF['template']['MemberInfo']['username'] != $PowerBB->_CONF['member_row']['username'])
{
$PowerBB->template->assign('dont_shwo_friend',3);
}
$IfFreind_1 = $PowerBB->DB->sql_query("SELECT * FROM " . $PowerBB->table['friends'] . " WHERE username='".$PowerBB->_CONF['member_row']['username']."'or username_friend='".$PowerBB->_CONF['member_row']['username']."' AND approval='1'");
$IfFreind_1_row = $PowerBB->DB->sql_fetch_array($IfFreind_1);
if($PowerBB->DB->sql_num_rows($IfFreind_1) != 0 && $PowerBB->_CONF['template']['MemberInfo']['username'] != $PowerBB->_CONF['member_row']['username'] && $IfFreind_1_row['approval'] == 1){
$PowerBB->template->assign('friendship_id',$IfFreind_1_row['id']);
}
else
{
$PowerBB->template->assign('edit_friend',1);
}
if ($PowerBB->_CONF['template']['while']['FriendsList'] == false)
{
$PowerBB->template->assign('No_Friends',true);
}
else
{
$PowerBB->template->assign('No_Friends',false);
}
$SmlArr = array();
$SmlArr['order'] = array();
$SmlArr['order']['field'] = 'id';
$SmlArr['order']['type'] = 'ASC';
$SmlArr['limit'] = $PowerBB->_CONF['info_row']['smiles_nm'];
$SmlArr['proc'] = array();
$SmlArr['proc']['*'] = array('method'=>'clean','param'=>'html');
$PowerBB->_CONF['template']['while']['SmileRows'] = $PowerBB->icon->GetSmileList($SmlArr);
//////////
//show Award member
$ALL_Awards_nm = $PowerBB->DB->sql_num_rows($PowerBB->DB->sql_query("SELECT id FROM " . $PowerBB->table['award'] . " "));
if ($ALL_Awards_nm > 0)
{
$username = $PowerBB->_CONF['template']['MemberInfo']['username'];
$Award_nm = $PowerBB->DB->sql_num_rows($PowerBB->DB->sql_query("SELECT id FROM " . $PowerBB->table['award'] . " WHERE username='$username'"));
$PowerBB->template->assign('Awards_nm',$Award_nm);
$AwardArr = array();
$AwardArr['proc'] = array();
$AwardArr['proc']['*'] = array('method'=>'clean','param'=>'html');
$AwardArr['where'] = array();
$AwardArr['where'][0] = array();
$AwardArr['where'][0]['name'] = 'username';
$AwardArr['where'][0]['oper'] = '=';
$AwardArr['where'][0]['value'] = $PowerBB->_CONF['template']['MemberInfo']['username'];
$AwardArr['order'] = array();
$AwardArr['order']['field'] = 'id';
$AwardArr['order']['type'] = 'DESC';
$PowerBB->_CONF['template']['while']['AwardsList'] = $PowerBB->award->GetAwardList($AwardArr);
}
// Show VisitorMessage
$PowerBB->_GET['count'] = (!isset($PowerBB->_GET['count'])) ? 0 : $PowerBB->_GET['count'];
$PowerBB->_GET['count'] = $PowerBB->functions->CleanVariable($PowerBB->_GET['count'],'intval');
// Get the Visitor Message num
if ($PowerBB->_CONF['info_row']['active_visitor_message'] == '1')
{
$userid = $PowerBB->_CONF['template']['MemberInfo']['id'];
$GetVisitorMessageNum = $PowerBB->DB->sql_num_rows($PowerBB->DB->sql_query("SELECT * FROM " . $PowerBB->table['visitormessage'] . " WHERE userid = '$userid'"));
$PowerBB->template->assign('visitor_message_num',$GetVisitorMessageNum);
$perpage = '8';
$VisitorMessageArr = array();
$VisitorMessageArr['where'] = array();
$VisitorMessageArr['where'][0] = array();
$VisitorMessageArr['where'][0]['name'] = 'userid';
$VisitorMessageArr['where'][0]['oper'] = '=';
$VisitorMessageArr['where'][0]['value'] = $PowerBB->_CONF['template']['MemberInfo']['id'];
// Pager setup
$VisitorMessageArr['pager'] = array();
$VisitorMessageArr['pager']['total'] = $GetVisitorMessageNum;
$VisitorMessageArr['pager']['perpage'] = $perpage;
$VisitorMessageArr['pager']['count'] = $PowerBB->_GET['count'];
$VisitorMessageArr['pager']['location'] = 'index.php?page=profile&show=1&id='.$PowerBB->_CONF['template']['MemberInfo']['id'];
$VisitorMessageArr['pager']['var'] = 'count';
$VisitorMessageArr['order'] = array();
$VisitorMessageArr['order']['field'] = 'id';
$VisitorMessageArr['order']['type'] = 'DESC';
$VisitorMessageArr['proc'] = array();
$VisitorMessageArr['proc']['*'] = array('method'=>'clean','param'=>'html');
$VisitorMessageArr['proc']['dateline'] = array('method'=>'date','type'=>$PowerBB->_CONF['info_row']['timesystem']);
$PowerBB->_CONF['template']['while']['VisitorMessageList'] = $PowerBB->visitormessage->GetVisitorMessageList($VisitorMessageArr);
if ($PowerBB->_CONF['template']['while']['VisitorMessageList'] == false)
{
$PowerBB->template->assign('No_VisitorMessageList',true);
}
if ($GetVisitorMessageNum > $perpage)
{
$PowerBB->template->assign('pager',$PowerBB->pager->show());
}
}
$PowerBB->template->assign('MemberInfoid',$PowerBB->_CONF['template']['MemberInfo']['id']);
if ($PowerBB->_CONF['member_row']['id'] == $PowerBB->_CONF['template']['MemberInfo']['id'])
{
$PowerBB->template->assign('show',true);
}
else
{
$PowerBB->template->assign('show',false);
}
if ($PowerBB->_CONF['member_row']['id'] == $PowerBB->_CONF['template']['MemberInfo']['id'])
{
$UpdateArr = array();
$UpdateArr['field'] = array();
$UpdateArr['field']['messageread'] = '0';
$UpdateArr['where'] = array('userid',$PowerBB->_CONF['template']['MemberInfo']['id']);
$update = $PowerBB->visitormessage->UpdateVisitorMessage($UpdateArr);
}
$PowerBB->template->assign('group_info_visitormessage',$PowerBB->_CONF['group_info']['visitormessage']);
//get user title
$UsertitleArr = array();
$UsertitleArr['proc'] = array();
$UsertitleArr['proc']['*'] = array('method'=>'clean','param'=>'html');
$UsertitleArr['where'] = array();
$UsertitleArr['where'][0] = array();
$UsertitleArr['where'][0]['name'] = 'posts';
$UsertitleArr['where'][0]['oper'] = '>';
$UsertitleArr['where'][0]['value'] = $PowerBB->_CONF['template']['MemberInfo']['posts'];
$UsertitleInfo = $PowerBB->usertitle->GetUsertitleInfo($UsertitleArr);
$PowerBB->template->assign('Usertitle',$UsertitleInfo['usertitle']);
$GrpArr = array();
$GrpArr['where'] = array('user_title',$PowerBB->_CONF['template']['MemberInfo']['usergroup']);
$GroupInfo = $PowerBB->group->GetGroupInfo($GrpArr);
$PowerBB->template->assign('GroupInfo',$GroupInfo);
$PowerBB->template->display('profile');
}
}
?>