Statistik |
Beiträge: 144.530 (Täglich: 19,19 )
Themen: 16.700
Mitglieder: 13.209
Neuestes Mitglied: zitronentee.
Ausl. d. letzten Minute: 154%
Ausl. d. letzten 5 Minuten: 166%
Ausl. d. letzten 15 Minuten: 192%
Aktulle Uhrzeit: 09:25
Freier Webspace: 4.02 TB
PHP-Version: 7.4.33
|
|
|
Altersanzeige im Profil und Thread |
|
Altersanzeige im Profil und Thread |
|
Hey.
Ich suche einen Hack, wo man im Profil sowie im Beitrag direkt das Alter einer Users sehen kann. Ich hab einen solchen Hack zwar schon eingebaut, aber warum auch immer, rechnet der Falsch.
http://yourwbb.de/thread.php?threadid=33141
Diesen Hack hab ich eingebaut. Leider ist der Hackersteller mit seinem Latain auch am Ende.
Könnt ihr mir vielleicht weiterhelfen?
Gruß Hexo
__________________
|
|
12.03.2008 22:08 |
|
|
Viktor
Administrator
Zeige Viktor auf Karte
Dabei seit: 15.08.2003
Beiträge: 31.570
363 Filebase-Einträge
Alter: 66 Jahre
Herkunft: NRW wBB-Version: wBB2.3 PHP-Version: 7.4.33 MySQL-Version: 10.5.19-MariaDB Wo bist du gehostet?: eigener Server
Bewertung:
Level: 71 [?]
Erfahrungspunkte: 237.742.005
Nächster Level: 266.777.854
|
|
|
12.03.2008 22:17 |
|
|
Hexo
wBB2-User
Dabei seit: 14.07.2006
Beiträge: 85
0 Filebase-Einträge
Alter: 44 Jahre
Herkunft: Daheim? wBB-Version: wBB2.3
Mitglied bewerten
Level: 33 [?]
Erfahrungspunkte: 549.647
Nächster Level: 555.345
Themenstarter
|
|
Uih, das war ne schnelle Antwort. Ich weiß schon, warum ich Deinen Service immer wieder gerne nutze.
Ich muss diese Funktion wahrscheinlich irgendwo in der profil.php und im thread.php einbauen und dann in der Profil.tpl und thread_postbit.tpl
die Abfrage auslesen.
Doch jetzt kommt der Kasus Kanksus:
Wie mach ich das?
Mit PHP kenn mich...nunja... nicht wo wirklich aus!
__________________
|
|
12.03.2008 22:27 |
|
|
Hexo
wBB2-User
Dabei seit: 14.07.2006
Beiträge: 85
0 Filebase-Einträge
Alter: 44 Jahre
Herkunft: Daheim? wBB-Version: wBB2.3
Mitglied bewerten
Level: 33 [?]
Erfahrungspunkte: 549.647
Nächster Level: 555.345
Themenstarter
|
|
Das klappt schonmal sehr gut.
Hab das allerdings wie folgt gemacht:
Suche:
code: |
1:
2:
3:
4:
5:
6:
7:
|
/* birthday */
if ($user_info['birthday'] && $user_info['birthday'] != '0000-00-00') {
$birthday_array = explode('-', $user_info['birthday']);
if ($birthday_array[0] == '0000') $birthday = $birthday_array[2].".".$birthday_array[1].".";
else $birthday = $birthday_array[2].".".$birthday_array[1].".".$birthday_array[0];
}
else $birthday = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION']; |
|
Für darunter ein:
code: |
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
|
/* Alter im Profil Anfang */
function get_age($y,$m,$d) {
$inp_dt = strtotime("{$y}-{$m}-{$d}");
$now = getdate();
$inp_dt = getdate($inp_dt);
$age = $now['year'] - $inp_dt['year'];
if ($now['mon'] < $inp_dt['mon'] ||
($now['mon'] == $inp_dt['mon'] && $now['mday'] < $inp_dt['mday']))
$age--;
return $age;
}
/* Alter im Profil Ende */
|
|
Hab also die Position geändert (Sitzt jetzt beim Birthdayerrechnen)
Den anderen teil hab ich über angegeben über:
eval("\$tpl->output(\"".$tpl->get("profile")."\");");
gesetzt.
Und: TATA. Erstmal richtig. Es wird das richtige Alter angeben.
Warum muss eigentlich
code: |
1:
2:
3:
4:
|
$birthday_vgarray = explode('-', $user_info['birthday']);
if ($birthday_vgarray[0] != '0000') {
$alter = get_age($birthday_vgarray[0], $birthday_vgarray[1], $birthday_vgarray[2]);
} |
|
ganz nach unten?
Wie bekomme ich jetzt die Anzeige in das Thema?
Gruß Hexo
__________________
|
|
12.03.2008 23:08 |
|
|
Hexo
wBB2-User
Dabei seit: 14.07.2006
Beiträge: 85
0 Filebase-Einträge
Alter: 44 Jahre
Herkunft: Daheim? wBB-Version: wBB2.3
Mitglied bewerten
Level: 33 [?]
Erfahrungspunkte: 549.647
Nächster Level: 555.345
Themenstarter
|
|
Huhu. Ich will nicht nerven, aber wie geht denn die Funktion, dass das Alter im Beitrag steht?
__________________
|
|
14.03.2008 22:48 |
|
|
Viktor
Administrator
Zeige Viktor auf Karte
Dabei seit: 15.08.2003
Beiträge: 31.570
363 Filebase-Einträge
Alter: 66 Jahre
Herkunft: NRW wBB-Version: wBB2.3 PHP-Version: 7.4.33 MySQL-Version: 10.5.19-MariaDB Wo bist du gehostet?: eigener Server
Bewertung:
Level: 71 [?]
Erfahrungspunkte: 237.742.005
Nächster Level: 266.777.854
|
|
|
Zitat: Original von Hexo
Huhu. Ich will nicht nerven, aber wie geht denn die Funktion, dass das Alter im Beitrag steht? |
|
|
Hallo,
man hast du es Eilig.
Ich würde jetzt die Funktion in die Datei "acp/lib/functions.php" packen und dann aus der Datei "profile.php" wieder raus nehmen.
Dann in der Datei "thread.php" das machen.
Suche:
code: |
1:
2:
3:
4:
5:
|
$rankimages = formatRI($posts['rankimages']);
if ($posts['title']) $posts['ranktitle'] = htmlconverter($posts['title']);
else $posts['ranktitle'] = getlangvar($posts['ranktitle'], $lang);
|
|
Füge darunter ein:
code: |
1:
2:
3:
4:
5:
6:
7:
8:
9:
|
/* birthday */
if ($posts['birthday'] && $posts['birthday'] != '0000-00-00') {
$birthday_vgarray = explode('-', $posts['birthday']);
if ($birthday_vgarray[0] != '0000') {
$alter = get_age($birthday_vgarray[0], $birthday_vgarray[1], $birthday_vgarray[2]);
}
}
|
|
Suche:
code: |
1:
2:
3:
|
u.userposts, u.regdate, u.signature, u.email, u.homepage, u.icq, u.aim, u.yim, u.msn, u.showemail, u.receivepm, u.usercanemail, u.ratingcount, u.ratingpoints, u.gender, u.invisible, u.title, u.lastactivity, u.allowsigsmilies, u.allowsightml, u.allowsigbbcode, u.allowsigimages, u.disablesignature,
|
|
Füge am ENDE an:
code: |
1:
2:
3:
|
u.birthday,
|
|
Jetzt die Variable wieder im Template einbauen.
Gruß
Viktor
__________________
Ein kluger Mann widerspricht keiner Frau. Er wartet, bis sie es selbst tut.
... beim Käfer (WBB2) konnte man noch selber schrauben,
beim neuen Golf (WBB3) muß man fast schon in die Werkstatt wenn man das "Wischwasser" nachfüllen muss!
Da fast keiner mehr hier Postet gibt es ab sofort keinen Support mehr per PN.
|
|
14.03.2008 23:15 |
|
|
Hexo
wBB2-User
Dabei seit: 14.07.2006
Beiträge: 85
0 Filebase-Einträge
Alter: 44 Jahre
Herkunft: Daheim? wBB-Version: wBB2.3
Mitglied bewerten
Level: 33 [?]
Erfahrungspunkte: 549.647
Nächster Level: 555.345
Themenstarter
|
|
Danke für die schnelle antwort.
Hab das jetzt wie folgt gemacht:
Suche in Profile.php:
code: |
1:
|
eval("\$tpl->output(\"".$tpl->get("profile")."\");"); |
|
Füge darüber ein:
code: |
1:
2:
3:
4:
5:
6:
|
/* Alter im Profil Anfang */
$birthday_vgarray = explode('-', $user_info['birthday']);
if ($birthday_vgarray[0] != '0000') {
$alter = get_age($birthday_vgarray[0], $birthday_vgarray[1], $birthday_vgarray[2]);
}
/* Alter im Profil Ende */ |
|
Suche in Profile.tpl:
code: |
1:
2:
3:
4:
|
<tr align="left">
<td><span class="normalfont"><b>{$lang->items['LANG_MEMBERS_PROFILE_BIRTHDAY']}</b></span></td>
<td><span class="normalfont">$birthday</span></td>
</tr> |
|
Füge darunter ein:
code: |
1:
2:
3:
4:
5:
6:
|
<if($alter!="")><then>
<tr align="left">
<td><span class="normalfont"><b>Alter</b></span></td>
<td><span class="normalfont">$alter</span></td>
</tr>
</then></if> |
|
Öffene thread.php
Suche:
code: |
1:
|
u.userposts, u.regdate, u.signature, u.email, u.homepage, u.icq, u.aim, u.yim, u.msn, u.showemail, u.receivepm, u.usercanemail, u.ratingcount, u.ratingpoints, u.gender, u.invisible, u.title, u.lastactivity, u.allowsigsmilies, u.allowsightml, u.allowsigbbcode, u.allowsigimages, u.disablesignature, |
|
Füge am ENDE an:
öffne thread_postbit.tpl:
suche z.b.
code: |
1:
|
<if($showregdateinthread==1)><then>{$lang->items['LANG_THREAD_REGDATE']} $posts[regdate]<br /></then></if> |
|
Füge darunter ein:
code: |
1:
2:
3:
|
<if($alter!="")><then>
<span class="smallfont">Alter: $alter</span><br />
</then></if> |
|
Öffen functions.php:
suche:
Für darüber ein:
code: |
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
|
/* Alter im Profil Anfang */
function get_age($y,$m,$d) {
$inp_dt = strtotime("{$y}-{$m}-{$d}");
$now = getdate();
$inp_dt = getdate($inp_dt);
$age = $now['year'] - $inp_dt['year'];
if ($now['mon'] < $inp_dt['mon'] ||
($now['mon'] == $inp_dt['mon'] && $now['mday'] < $inp_dt['mday']))
$age--;
return $age;
}
/* Alter im Profil Ende */ |
|
##############
Ist das so ungefähr richtig? Es scheint bei mir zu klappen. Es wird alles richtig angezeigt.
__________________
|
|
14.03.2008 23:38 |
|
|
Hexo
wBB2-User
Dabei seit: 14.07.2006
Beiträge: 85
0 Filebase-Einträge
Alter: 44 Jahre
Herkunft: Daheim? wBB-Version: wBB2.3
Mitglied bewerten
Level: 33 [?]
Erfahrungspunkte: 549.647
Nächster Level: 555.345
Themenstarter
|
|
|
14.03.2008 23:49 |
|
|
|
die User und auch ich kann im Profil keine änderungen mehr vornehmen.
ich habe die änderung des Geburtsdatums herausgenommen so dass es nicht geändert werden kann.
Fehler: "geburtsdatum eingeben"
kann man das ändern, dass eine änderung im profil trozdem möglich ist ?
|
|
|
|
Zitat: <?php
// ***************************************************************************
*********//
// * WoltLab Burning Board 2
// ***************************************************************************
*********//
// * Copyright (c) 2001-2004 WoltLab GmbH
// * Web http://www.woltlab.de/
// * License http://www.woltlab.de/products/burning_board/license_en.php
// * http://www.woltlab.de/products/burning_board/license.php
// ***************************************************************************
*********//
// * WoltLab Burning Board 2 is NOT free software.
// * You may not redistribute this package or any of it's files.
// ***************************************************************************
*********//
// * $Date: 2004-10-20 13:24:57 +0200 (Wed, 20 Oct 2004) $
// * $Author: Burntime $
// * $Rev: 1453 $
// ***************************************************************************
*********//
$filename = 'profile.php';
require('./global.php');
include("./includes/map_functions.php");
require("./jgs_galerie_showeverywhere.php");
if ($wbbuserdata['can_view_profile'] == 0) access_error();
require('./acp/lib/class_parse.php');
$lang->load('MEMBERS,THREAD');
$userid = intval($_GET['userid']);
if (!$userid) error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail)));
$user_info = $db->query_first("SELECT ".
"u.*, ".
"uf.*, ".
"r.rankimages, r.ranktitle, ".
"a.avatarextension, a.width, a.height, ".
"s.lastactivity AS s_lastactivity, s.boardid, s.threadid, s.request_uri ".
($showlanguageinprofile == 1 ? ", l.languagepackname " : "").
"FROM bb".$n."_users u ".
"LEFT JOIN bb".$n."_userfields uf USING (userid) ".
"LEFT JOIN bb".$n."_avatars a ON (a.avatarid=u.avatarid) ".
"LEFT JOIN bb".$n."_ranks r ON (r.rankid=u.rankid) ".
"LEFT JOIN bb".$n."_sessions s ON (s.userid=u.userid) ".
($showlanguageinprofile == 1 ? "LEFT JOIN bb".$n."_languagepacks l ON (l.languagepackid=u.langid) " : "").
"WHERE u.userid='$userid'");
if (!$user_info['userid']) error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail)));
$user_info['username'] = htmlconverter($user_info['username']);
$lang->items['LANG_MEMBERS_PROFILE_TITLE'] = $lang->get("LANG_MEMBERS_PROFILE_TITLE", array('$username' => $user_info['username']));
/* regdate */
$regdate = formatdate($wbbuserdata['dateformat'], $user_info['regdate']);
/* last activity */
if ($user_info['invisible'] == 0 || $wbbuserdata['a_can_view_ghosts'] == 1) {
$la_date = formatdate($wbbuserdata['dateformat'], $user_info['lastactivity'], 1);
$la_time = formatdate($wbbuserdata['timeformat'], $user_info['lastactivity']);
}
else {
$la_date = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION'];
$la_time = '';
}
/* posts per day */
$regdays = (time() - $user_info['regdate']) / 86400;
if ($regdays < 1) $postperday = $user_info['userposts'];
else $postperday = $user_info['userposts'] / $regdays;
$postperday = number_format($postperday, 2, $lang->get("LANG_GLOBAL_DEC_POINT"), $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
$lang->items['LANG_MEMBERS_PROFILE_POSTSPERDAY'] = $lang->get("LANG_MEMBERS_PROFILE_POSTSPERDAY", array('$postperday' => $postperday));
/* Letztes Profilupdate auslesen */
if ($user_info['lastprofileupdate']) $lastprofileupdate = date("d.m.Y H:i", $user_info['lastprofileupdate'])." Uhr";
else $lastprofileupdate = '';
/* usertext */
if ($user_info['usertext']) $user_text = nl2br(htmlconverter(textwrap($user_info['usertext'], 40)));
else $user_text = '';
/* gender */
if ($user_info['gender']) {
if ($user_info['gender'] == 1) $gender = $lang->items['LANG_MEMBERS_PROFILE_MALE'];
else $gender = $lang->items['LANG_MEMBERS_PROFILE_FEMALE'];
}
else $gender = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION'];
/* usertitle */
if ($user_info['title']) $user_info['ranktitle'] = htmlconverter($user_info['title']);
else $user_info['ranktitle'] = getlangvar($user_info['ranktitle'], $lang);
$rankimages = formatRI($user_info['rankimages']);
if($user_info['userid']) {
// Showeverywhere Bild laden
$showeverywhere = getsew($user_info['userid']);
}
/* avatar */
if ($user_info['avatarid'] && $showavatar == 1 && $wbbuserdata['showavatars'] == 1) {
$avatarname = "images/avatars/avatar-$user_info[avatarid].".htmlconverter($user_info['ava
tarextension']);
$avatarwidth = $user_info['width'];
$avatarheight = $user_info['height'];
if ($user_info['avatarextension'] == "swf" && $allowflashavatar == 1) {
eval("\$useravatar = \"".$tpl->get("avatar_flash")."\";");
}
elseif ($user_info['avatarextension'] != "swf") eval("\$useravatar = \"".$tpl->get("avatar_image")."\";");
}
/* useremail */
if ($user_info['showemail'] == 1) {
$user_info['email'] = getASCIICodeString($user_info['email']);
$useremail = makehreftag("mailto:".$user_info['email'], $user_info['email']);
}
else $useremail = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION'];
/* homepage */
if ($user_info['homepage']) {
$user_info['homepage'] = htmlconverter($user_info['homepage']);
$userhomepage = makehreftag($user_info['homepage'], $user_info['homepage'], "_blank");
}
else $userhomepage = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION'];
/* icq, aim, yim, msn */
if (!$user_info['icq']) $user_info['icq'] = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION'];
if (!$user_info['aim']) $user_info['aim'] = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION'];
else $user_info['aim'] = htmlconverter($user_info['aim']);
if (!$user_info['yim']) $user_info['yim'] = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION'];
else $user_info['yim'] = htmlconverter($user_info['yim']);
if (!$user_info['msn']) $user_info['msn'] = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION'];
else $user_info['msn'] = htmlconverter($user_info['msn']);
/* birthday */
if ($user_info['birthday'] && $user_info['birthday'] != '0000-00-00') {
$birthday_array = explode('-', $user_info['birthday']);
if ($birthday_array[0] == '0000') $birthday = $birthday_array[2].".".$birthday_array[1].".";
else $birthday = $birthday_array[2].".".$birthday_array[1].".".$birthday_array[0];
}
else $birthday = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION'];
/* profilefields */
$profilefields = '';
$result = $db->unbuffered_query("SELECT profilefieldid, title, fieldtype FROM bb".$n."_profilefields".(($wbbuserdata['a_can_view_hidden'] == 0) ? (" WHERE hidden=0") : (""))." ORDER BY fieldorder ASC");
while ($row = $db->fetch_array($result)) {
$fieldid = "field".$row['profilefieldid'];
if (!$user_info[$fieldid] || $user_info[$fieldid] == "0000-00-00") $user_info[$fieldid] = $lang->items['LANG_MEMBERS_PROFILE_NODECLARATION'];
else {
if ($row['fieldtype'] == "multiselect") $user_info[$fieldid] = htmlconverter(textwrap(str_replace("\n", "; ", $user_info[$fieldid]), 50));
elseif ($row['fieldtype'] == "date") {
$row_datearray = explode("-", $user_info[$fieldid]);
if ($row_datearray[0] == "0000") $user_info[$fieldid] = $row_datearray[2].".".$row_datearray[1].".";
else $user_info[$fieldid] = $row_datearray[2].".".$row_datearray[1].".".$row_datearray[0];
}
else $user_info[$fieldid] = htmlconverter(textwrap($user_info[$fieldid], 50));
}
$row['title'] = getlangvar($row['title'], $lang);
eval("\$profilefields .= \"".$tpl->get("profile_userfield")."\";");
}
/* users lastpost */
$showlastpost = 0;
if ($showlastpostinprofile == 1 && $wbbuserdata['can_enter_board'] == 1) {
$boardids = '';
$permissioncache = getPermissions();
$result = $db->unbuffered_query("SELECT boardid, password, invisible FROM bb".$n."_boards");
while ($row = $db->fetch_array($result)) {
if ($row['password'] != '' || $row['invisible'] == 2) continue;
if (!isset($permissioncache[$row['boardid']]['can_enter_board']) || $permissioncache[$row['boardid']]['can_enter_board'] != 0) $boardids .= ",".$row['boardid'];
}
if ($boardids != '') {
$lastpost = $db->query_first("SELECT p.postid, p.posttime, t.topic, t.boardid, b.title FROM bb".$n."_posts p, bb".$n."_threads t
LEFT JOIN bb".$n."_boards b ON (t.boardid=b.boardid)
WHERE p.threadid=t.threadid AND t.boardid IN (0$boardids) AND p.userid = '$userid' AND p.visible=1
ORDER BY p.posttime DESC", 1);
if ($lastpost['postid']) {
$lastpostdate = formatdate($wbbuserdata['dateformat'], $lastpost['posttime'], 1);
$lastposttime = formatdate($wbbuserdata['timeformat'], $lastpost['posttime']);
$lastpost['topic'] = htmlconverter(textwrap($lastpost['topic']));
$lastpost['title'] = getlangvar($lastpost['title'], $lang);
$showlastpost = 1;
}
}
}
/* buttons for search, buddy, pm, email */
$username = $user_info['username'];
$lang->items['LANG_MEMBERS_SEARCH'] = $lang->get("LANG_MEMBERS_SEARCH", array('$username' => $username));
$lang->items['LANG_MEMBERS_BUDDY'] = $lang->get("LANG_MEMBERS_BUDDY", array('$username' => $username));
if ($user_info['receivepm'] == 1 && $wbbuserdata['can_use_pms'] == 1) $lang->items['LANG_MEMBERS_PM'] = $lang->get("LANG_MEMBERS_PM", array('$username' => $username));
if ($user_info['showemail'] == 0 && $user_info['usercanemail'] == 1) $lang->items['LANG_MEMBERS_SENDEMAIL'] = $lang->get("LANG_MEMBERS_SENDEMAIL", array('$username' => $username));
/* user online */
if (($user_info['invisible'] == 0 || $wbbuserdata['a_can_view_ghosts'] == 1) && $user_info['lastactivity'] >= time() - $useronlinetimeout * 60) {
$user_online = 1;
$lang->items['LANG_MEMBERS_USERONLINE'] = $lang->get("LANG_MEMBERS_USERONLINE", array('$username' => $username));
}
else {
$user_online = 0;
$lang->items['LANG_MEMBERS_USEROFFLINE'] = $lang->get("LANG_MEMBERS_USEROFFLINE", array('$username' => $username));
}
/* wiw */
$userlocation = '';
if ($showuserlocation == 1 && $user_info['s_lastactivity'] >= (time() - 60 * $useronlinetimeout)) {
include('./acp/lib/class_useronline.php');
include('./acp/lib/class_wiw.php');
$lang->load('WIW');
$wiw = &new WIW($wbbuserdata['a_can_view_ghosts']);
$wiw->insert($user_info);
$wiw->cache();
if ($row = $wiw->get()) $userlocation = $row['location'];
}
/* userrating */
if ($userratings == 1) $userrating = userrating($user_info['ratingcount'], $user_info['ratingpoints'], $user_info['userid']);
else $userrating = '';
/* userlevel */
if ($userlevels == 1) $userlevel = userlevel($user_info['userposts'], $user_info['regdate']);
else $userlevel = '';
if ($user_info['userposts'] >= 1000) $user_info['userposts'] = number_format($user_info['userposts'], 0, "", $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
/* languagepack */
if ($showlanguageinprofile == 1) {
$languagepackname = getlangvar($user_info['languagepackname'], $lang);
}
else $languagepackname = '';
/* Begin User-Map by Viktor */
$result = $db->query("SELECT * FROM bb".$n."_map_mod_user WHERE user_id = '".$user_info['userid']."'");
$row = $db->fetch_array($result);
if($row['user_id']) {
if($wbbuserdata[userid]) {
$result_auf = $db->query("SELECT * FROM bb".$n."_map_mod_user WHERE user_id = '".$wbbuserdata['userid']."'");
$row_auf = $db->fetch_array($result_auf);
$entfernung = round(geo_distance($row['longitude'], $row['latitude'], $row_auf['longitude'], $row_auf['latitude']) /1000);
$lang->items['LANG_GLOBAL_USER_MAP_POSTBIT_KM'] = $lang->get("LANG_GLOBAL_USER_MAP_POSTBIT_KM", array('$entfernung' => $entfernung));
eval ("\$mod_map_profile_anz_km = \"".$tpl->get("mod_map_profile_anz_km")."\";");
}
$username_map = $user_info['username'];
$lang->items['LANG_GLOBAL_USER_MAP_POSTBIT'] = $lang->get("LANG_GLOBAL_USER_MAP_POSTBIT", array('$username_map' => $username_map));
eval ("\$mod_map_profile_anz = \"".$tpl->get("mod_map_profile_anz")."\";");
}
/* End User-Map by Viktor */
eval("\$tpl->output(\"".$tpl->get("profile")."\");");
?> |
|
|
|
|
|
|
|
16.04.2008 07:29 |
|
|
|
|
|
|
|
Zitat: <?php
// ***************************************************************************
*********//
// * WoltLab Burning Board 2
// ***************************************************************************
*********//
// * Copyright (c) 2001-2004 WoltLab GmbH
// * Web http://www.woltlab.de/
// * License http://www.woltlab.de/products/burning_board/license_en.php
// * http://www.woltlab.de/products/burning_board/license.php
// ***************************************************************************
*********//
// * WoltLab Burning Board 2 is NOT free software.
// * You may not redistribute this package or any of it's files.
// ***************************************************************************
*********//
// * $Date: 2006-09-25 15:29:13 +0200 (Mo, 25 Sep 2006) $
// * $Author: Burntime $
// * $Rev: 1719 $
// ***************************************************************************
*********//
$filename = 'usercp.php';
require('./global.php');
$lang->load('USERCP');
if (!$wbbuserdata['userid']) access_error();
if (isset($_REQUEST['action'])) $action = $_REQUEST['action'];
else $action = '';
/**
* remove an element from a list
*
* @param string list
* @param string remove
*
* @return string new list
*/
function removeFromlist($list, $remove) {
$listelements = explode(' ', $list);
if (!in_array($remove, $listelements)) return - 1;
else {
$count = count($listelements);
for ($i = 0; $i < $count; $i++) {
if ($listelements[$i] == $remove) {
if ($i == $count - 1) array_pop($listelements);
else $listelements[$i] = array_pop($listelements);
break;
}
}
return implode(' ', $listelements);
}
}
$username = htmlconverter($wbbuserdata['username']);
$lang->items['LANG_USERCP_TITLE'] = $lang->get("LANG_USERCP_TITLE", array('$username' => $username));
/** no action defined => startpage **/
if (!$action) {
eval("\$tpl->output(\"".$tpl->get("usercp")."\");");
}
/** edit profile **/
if ($action == 'profile_edit') {
$lang->load('REGISTER,POSTINGS');
$usercp_error = '';
$gender = array(1 => '', 2 => '');
/** post data sent => verify and safe profile **/
if (isset($_POST['send'])) {
// profilefields
if (isset($_POST['field']) && is_array($_POST['field'])) $field = trim_array($_POST['field']);
else $field = array();
if (isset($_POST['dayfield']) && is_array($_POST['dayfield'])) $dayfield = trim_array($_POST['dayfield']);
else $dayfield = array();
if (isset($_POST['monthfield']) && is_array($_POST['monthfield'])) $monthfield = trim_array($_POST['monthfield']);
else $monthfield = array();
if (isset($_POST['yearfield']) && is_array($_POST['yearfield'])) $yearfield = trim_array($_POST['yearfield']);
else $yearfield = array();
// profiledata
if (isset($_POST['r_email'])) $r_email = wbb_trim($_POST['r_email']);
if (isset($_POST['r_homepage'])) $r_homepage = wbb_trim($_POST['r_homepage']);
if (isset($_POST['r_icq'])) $r_icq = str_replace("-", "", wbb_trim($_POST['r_icq']));
if (isset($_POST['r_aim'])) $r_aim = wbb_trim($_POST['r_aim']);
if (isset($_POST['r_yim'])) $r_yim = wbb_trim($_POST['r_yim']);
if (isset($_POST['r_msn'])) $r_msn = wbb_trim($_POST['r_msn']);
if (isset($_POST['r_day'])) $r_day = wbb_trim($_POST['r_day']);
if (isset($_POST['r_month'])) $r_month = wbb_trim($_POST['r_month']);
if (isset($_POST['r_year'])) $r_year = wbb_trim($_POST['r_year']);
if (isset($_POST['r_gender'])) $r_gender = wbb_trim($_POST['r_gender']);
if (isset($_POST['r_usertext'])) $r_usertext = wbb_trim($_POST['r_usertext']);
if (isset($_POST['r_title']) && $wbbuserdata['can_edit_title'] == 1) $r_title = wbb_trim($_POST['r_title']);
else $r_title = '';
$error = '';
$userfield_error = 0;
$fieldvalues = '';
/** verify required profilefields and build sql update query **/
$result = $db->unbuffered_query("SELECT profilefieldid,required,fieldtype,choicecount,fieldoptions FROM bb".$n."_profilefields ORDER BY profilefieldid ASC");
while ($row = $db->fetch_array($result)) {
// is required -> check content
if ($row['required'] == 1 && $row['fieldtype'] != "checkbox") {
// date
if ($row['fieldtype'] == "date") {
if (!$dayfield[$row['profilefieldid']] || !$monthfield[$row['profilefieldid']] || !$yearfield[$row['profilefieldid']]) {
$userfield_error = 1;
}
}
// select
else if ($row['fieldtype'] == "select") {
$temp = explode("\n", dos2unix($row['fieldoptions']));
$options = trim_array($temp);
if (!isset($field[$row['profilefieldid']]) || !in_array($field[$row['profilefieldid']], $options)) {
$userfield_error = 1;
}
}
// multiselect
else if ($row['fieldtype'] == "multiselect") {
$temp = explode("\n", dos2unix($row['fieldoptions']));
$options = trim_array($temp);
if (!count($field[$row['profilefieldid']])) {
$userfield_error = 1;
}
else {
for ($i = 0, $j = count($field[$row['profilefieldid']]); $i < $j; $i++) {
if (!in_array($field[$row['profilefieldid']][$i], $options)) {
$userfield_error = 1;
}
}
}
}
// other
else {
if (!isset($field[$row['profilefieldid']]) || $field[$row['profilefieldid']] == '') {
$userfield_error = 1;
}
}
if ($userfield_error == 1) break;
}
if ($row['fieldtype'] == "multiselect") {
if (is_array($field[$row['profilefieldid']])) {
if ($row['choicecount'] && count($field[$row['profilefieldid']]) > $row['choicecount']) {
$max = count($field[$row['profilefieldid']]);
for ($i = $row['choicecount']; $i < $max; $i++) unset($field[$row['profilefieldid']][$i]);
}
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = '".addslashes(wbb_trim(implode("\n", $field[$row['profilefieldid']])))."'";
else $fieldvalues .= "field$row[profilefieldid] = '".addslashes(wbb_trim(implode("\n", $field[$row['profilefieldid']])))."'";
}
else {
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = ''";
else $fieldvalues .= "field$row[profilefieldid] = ''";
}
}
elseif ($row['fieldtype'] == "date") {
if ($dayfield[$row['profilefieldid']] && $monthfield[$row['profilefieldid']]) $datefield = ((wbb_strlen($yearfield[$row['profilefieldid']]) == 4) ? ($yearfield[$row['profilefieldid']]) : (((wbb_strlen($yearfield[$row['profilefieldid']]) == 2) ? ("19".$yearfield[$row['profilefieldid']]) : ("0000"))))."-".(($monthfield[$row['profilefieldid']] < 10) ? ("0".$monthfield[$row['profilefieldid']]) : ($monthfield[$row['profilefieldid']]))."-".(($dayfield[$row['profilefieldid
']] < 10) ? ("0".$dayfield[$row['profilefieldid']]) : ($dayfield[$row['profilefieldid']]));
else $datefield = "0000-00-00";
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = '".addslashes($datefield)."'";
else $fieldvalues = "field$row[profilefieldid] = '".addslashes($datefield)."'";
}
else {
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = '".addslashes($field[$row['profilefieldid']])."'";
else $fieldvalues = "field$row[profilefieldid] = '".addslashes($field[$row['profilefieldid']])."'";
}
}
/** verify input, build error messages **/
if ($userfield_error == 1) $error .= $lang->items['LANG_POSTINGS_ERROR1'];
if (wbb_strlen($r_usertext) > $wbbuserdata['max_usertext_length']) $error .= $lang->items['LANG_REGISTER_ERROR6'];
if ($r_month == "" || $r_day == "" || $r_year == "") $error .="<li>Sie müssen Ihr Geburtsdatum angeben.</li>";
if (!$r_gender) $error .="<li>Sie müssen Ihr Geschlecht angeben.</li>";
if ($error) eval("\$usercp_error = \"".$tpl->get("register_error")."\";");
/** input ok **/
else {
if ($r_homepage && !preg_match("/[a-zA-Z]:\/\//si", $r_homepage)) $r_homepage = "http://".$r_homepage;
if ($r_day && $r_month) {
$r_year = ((wbb_strlen($r_year) == 4) ? ($r_year) : (((wbb_strlen($r_year) == 2) ? ("19$r_year") : ("0000"))));
if (checkdate($r_month, $r_day, (($r_year != '0000') ? ($r_year) : (date('Y', time()))))) $birthday = $r_year."-".(($r_month < 10) ? ("0$r_month") : ($r_month))."-".(($r_day < 10) ? ("0$r_day") : ($r_day));
else $birthday = "0000-00-00";
}
else $birthday = "0000-00-00";
if ($wbbuserdata['can_edit_title'] == 1 && isset($r_title)) if (!verify_usertitle($r_title)) $r_title = '';
list($rankid) = $db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$wbbuserdata[rankgroupid]') AND needposts<='$wbbuserdata[userposts]' AND gender IN ('0','".intval($r_gender)."') ORDER BY needposts DESC, gender DESC", 1);
$db->unbuffered_query("UPDATE bb".$n."_users SET ".(($wbbuserdata['can_edit_title'] == 1 && isset($r_title)) ? ("title='".addslashes($r_title)."', ") : (""))."usertext='".addslashes($r_usertext)."', icq='".intval($r_icq)."', aim='".addslashes($r_aim)."', yim='".addslashes($r_yim)."', msn='".addslashes($r_msn)."', homepage='".addslashes($r_homepage)."', birthday='".addslashes($birthday)."', gender='".intval($r_gender)."'".(($rankid != $wbbuserdata['rankid']) ? (", rankid='$rankid'") : (""))." WHERE userid = '$wbbuserdata[userid]'", 1);
if ($fieldvalues) $db->unbuffered_query("UPDATE bb".$n."_userfields SET $fieldvalues WHERE userid = '$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=profile_edit".$SID_ARG_2ND_UN);
exit();
}
}
/** profile saved **/
/** no post data sent, get profile **/
else {
$r_homepage = $wbbuserdata['homepage'];
$r_icq = $wbbuserdata['icq'];
$r_aim = $wbbuserdata['aim'];
$r_yim = $wbbuserdata['yim'];
$r_msn = $wbbuserdata['msn'];
$birthday = explode("-", $wbbuserdata['birthday']);
$r_day = $birthday[2];
$r_month = $birthday[1];
$r_year = (($birthday[0]) ? ($birthday[0]) : (""));
$r_gender = $wbbuserdata['gender'];
$r_usertext = $wbbuserdata['usertext'];
$r_title = $wbbuserdata['title'];
$userfields = $db->query_first("SELECT * FROM bb".$n."_userfields WHERE userid='$wbbuserdata[userid]'");
}
/** now generate the html - form **/
$day_options = ''; $month_options = '';
for ($i = 1; $i <= 31; $i++) $day_options .= makeoption($i, $i, $r_day);
for ($i = 1; $i <= 12; $i++) $month_options .= makeoption($i, getmonth($i), $r_month);
if (isset($r_gender)) $gender[$r_gender] = ' selected="selected"';
$z = 0;
$y = 1;
$profilefields_required = '';
$profilefields = '';
/** get profilefields **/
$result = $db->unbuffered_query("SELECT * FROM bb".$n."_profilefields ORDER BY fieldorder ASC");
while ($row = $db->fetch_array($result)) {
$field_value = '';
$field_checked = '';
$dayfield_value = '';
$monthfield_value = '';
$yearfield_value = '';
$row_options = array();
$selected_options = array();
switch ($row['fieldtype']) {
case "text":
if (isset($_POST['send'])) $field_value = htmlconverter($field[$row['profilefieldid']]);
else $field_value = htmlconverter($userfields["field".$row['profilefieldid']]);
break;
case "select":
$row_options = explode("\n", $row['fieldoptions']);
$field_value = "<option value=\"\">".$lang->get("LANG_GLOBAL_PLEASE_SELECT")."</option>\n";
foreach ($row_options as $option) $field_value .= makeoption(htmlconverter(wbb_trim($option)), htmlconverter(wbb_trim($option)), ((isset($_POST['send'])) ? (htmlconverter(wbb_trim($field[$row['profilefieldid']]))) : (htmlconverter(wbb_trim($userfields["field".$row['profilefieldid']])))));
break;
case "multiselect":
$row_options = explode("\n", $row['fieldoptions']);
if (isset($_POST['send']) && is_array($field[$row['profilefieldid']]) && count($field[$row['profilefieldid']])) $selected_options = $field[$row['profilefieldid']];
else $selected_options = explode("\n", $userfields["field".$row['profilefieldid']]);
foreach ($row_options as $option) $field_value .= makeoption(htmlconverter(wbb_trim($option)), htmlconverter(wbb_trim($option)), ((in_array(wbb_trim($option), $selected_options)) ? (htmlconverter(wbb_trim($option))) : ("")));
break;
case "checkbox":
$field_value = htmlconverter($row['fieldoptions']);
$field_checked = (($row['fieldoptions'] == ((isset($_POST['send'])) ? ($field[$row['profilefieldid']]) : ($userfields["field".$row['profilefieldid']]))) ? (" checked=\"checked\"") : (""));
break;
case "date":
if (isset($_POST['send'])) {
$year_tmp = $yearfield[$row['profilefieldid']];
$month_tmp = $monthfield[$row['profilefieldid']];
$day_tmp = $dayfield[$row['profilefieldid']];
}
else list($year_tmp, $month_tmp, $day_tmp) = explode("-", $userfields["field".$row['profilefieldid']]);
for ($i = 1; $i <= 31; $i++) $dayfield_value .= makeoption($i, $i, $day_tmp);
for ($i = 1; $i <= 12; $i++) $monthfield_value .= makeoption($i, getmonth($i), $month_tmp);
if (intval($year_tmp)) $yearfield_value = $year_tmp;
else $yearfield_value = '';
break;
}
$row['title'] = getlangvar($row['title'], $lang);
$row['description'] = getlangvar($row['description'], $lang);
if ($row['required'] == 1) {
$tdclass = getone($y, "tablea", "tableb");
eval("\$profilefields_required .= \"".$tpl->get("register_userfield_$row[fieldtype]")."\";");
$y++;
}
else {
$tdclass = getone($z, "tablea", "tableb");
eval("\$profilefields .= \"".$tpl->get("register_userfield_$row[fieldtype]")."\";");
$z++;
}
}
$r_homepage = htmlconverter($r_homepage);
$r_icq = intval($r_icq);
$r_aim = htmlconverter($r_aim);
$r_yim = htmlconverter($r_yim);
$r_msn = htmlconverter($r_msn);
$r_year = htmlconverter($r_year);
$r_gender = htmlconverter($r_gender);
$r_usertext = htmlconverter($r_usertext);
$r_title = htmlconverter($r_title);
if (!$r_icq) $r_icq = '';
if ($r_year == "0000") $r_year = '';
/** output html - form **/
eval("\$tpl->output(\"".$tpl->get("usercp_profile_edit")."\");");
}
/** edit signature **/
if ($action == 'signature_edit') {
$lang->load('REGISTER,POSTINGS');
require('./acp/lib/class_parse.php');
$preview_signature = '';
$old_signature = '';
$usercp_error = '';
if (isset($_POST['send'])) {
// post options
if (isset($_POST['disablesmilies'])) $disablesmilies = intval($_POST['disablesmilies']);
else $disablesmilies = 0;
if (isset($_POST['disablehtml'])) $disablehtml = intval($_POST['disablehtml']);
else $disablehtml = 0;
if (isset($_POST['disablebbcode'])) $disablebbcode = intval($_POST['disablebbcode']);
else $disablebbcode = 0;
if (isset($_POST['disableimages'])) $disableimages = intval($_POST['disableimages']);
else $disableimages = 0;
/* get message & strip crap */
$message = stripcrap(wbb_trim($_POST['message']));
/* posting feature rights:start */
if (!$wbbuserdata['can_use_sig_smilies'] || $disablesmilies == 1) $allowsmilies = 0;
else $allowsmilies = 1;
if (!$wbbuserdata['can_use_sig_html'] || $disablehtml == 1) $allowhtml = 0;
else $allowhtml = 1;
if (!$wbbuserdata['can_use_sig_bbcode'] || $disablebbcode == 1) $allowbbcode = 0;
else $allowbbcode = 1;
if (!$wbbuserdata['can_use_sig_images'] || $disableimages == 1) $allowimages = 0;
else $allowimages = 1;
/* posting feature rights:end */
if (!isset($_POST['preview']) && !$_POST['change_editor']) {
$error = '';
if (wbb_strlen($message) > $wbbuserdata['max_sig_length']) $error .= $lang->items['LANG_REGISTER_ERROR4'];
if ($wbbuserdata['max_sig_image'] != -1 && wbb_substr_count(wbb_strtolower($message), "[img]") > $wbbuserdata['max_sig_image']) $error .= $lang->items['LANG_REGISTER_ERROR5'];
if ($error) eval("\$usercp_error = \"".$tpl->get("register_error")."\";");
else {
$db->unbuffered_query("UPDATE bb".$n."_users SET signature='".addslashes($message)."', allowsigsmilies='$allowsmilies', allowsightml='$allowhtml', allowsigbbcode='$allowbbcode', allowsigimages='$allowimages' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=signature_edit".$SID_ARG_2ND_UN);
exit();
}
}
else if (!$_POST['change_editor']) {
$parse = &new parse($docensor, 75, $wbbuserdata['showimages'], "", $usecode);
$preview_signature = $parse->doparse($message, $allowsmilies, $allowhtml, $allowbbcode, $allowimages);
}
if ($disablesmilies == 1) $checked[0] = 'checked="checked"';
else $checked[0] = '';
if ($disablehtml == 1) $checked[1] = 'checked="checked"';
else $checked[1] = '';
if ($disablebbcode == 1) $checked[2] = 'checked="checked"';
else $checked[2] = '';
if ($disableimages == 1) $checked[3] = 'checked="checked"';
else $checked[3] = '';
}
else {
$message = $wbbuserdata['signature'];
$disablesmilies = 1 - $wbbuserdata['allowsigsmilies'];
$disablehtml = 1 - $wbbuserdata['allowsightml'];
$disablebbcode = 1 - $wbbuserdata['allowsigbbcode'];
$disableimages = 1 - $wbbuserdata['allowsigimages'];
if ($disablesmilies == 1) $checked[0] = 'checked="checked"';
else $checked[0] = '';
if ($disablehtml == 1) $checked[1] = 'checked="checked"';
else $checked[1] = '';
if ($disablebbcode == 1) $checked[2] = 'checked="checked"';
else $checked[2] = '';
if ($disableimages == 1) $checked[3] = 'checked="checked"';
else $checked[3] = '';
}
if ($wbbuserdata['signature']) {
if (!isset($parse)) $parse = &new parse($docensor, 75, $wbbuserdata['showimages'], "", $usecode);
$old_signature = $parse->doparse($wbbuserdata['signature'], $wbbuserdata['allowsigsmilies'], $wbbuserdata['allowsightml'], $wbbuserdata['allowsigbbcode'], $wbbuserdata['allowsigimages']);
}
if ($wbbuserdata['can_use_sig_bbcode'] == 1 && $wbbuserdata['usewysiwyg'] != 1) $bbcode_buttons = getcodebuttons();
if ($wbbuserdata['can_use_sig_smilies'] == 1) {
if ($wbbuserdata['usewysiwyg'] == 1) $smilies = getAppletSmilies();
$bbcode_smilies = getclickysmilies($smilie_table_cols, $smilie_table_rows);
}
$note = '';
if ($wbbuserdata['can_use_sig_html'] == 0) $note .= $lang->items['LANG_POSTINGS_HTML_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_HTML_ALLOW'];
if ($wbbuserdata['can_use_sig_bbcode'] == 0) $note .= $lang->items['LANG_POSTINGS_BBCODE_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_BBCODE_ALLOW'];
if ($wbbuserdata['can_use_sig_smilies'] == 0) $note .= $lang->items['LANG_POSTINGS_SMILIES_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_SMILIES_ALLOW'];
if ($wbbuserdata['can_use_sig_images'] == 0) $note .= $lang->items['LANG_POSTINGS_HTML_IMAGES_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_IMAGES_ALLOW'];
if (isset($message)) $message = htmlconverter($message);
$lang->items['LANG_POSTINGS_JS_MESSAGE_TOLONG'] = $lang->items['LANG_USERCP_SIGNATURE_TOLONG'];
$lang->items['LANG_POSTINGS_JS_MESSAGE_MAXLENGTH'] = $lang->items['LANG_USERCP_SIGNATURE_MAXLENGTH'];
$lang->items['LANG_POSTINGS_JS_MESSAGE_CHECKLENGTH'] = $lang->items['LANG_USERCP_SIGNATURE_CHECKLENGTH_TEXT'];
eval("\$headinclude .= \"".$tpl->get("bbcode_script")."\";");
eval("\$editor = \"".$tpl->get("editor")."\";");
eval("\$editor_switch = \"".$tpl->get("editor_switch")."\";");
eval("\$tpl->output(\"".$tpl->get("usercp_signature_edit")."\");");
}
/** change options **/
if ($action == 'options_change') {
$lang->load('REGISTER,POSTINGS');
if (isset($_POST['send'])) {
if (isset($_POST['r_invisible'])) $r_invisible = wbb_trim($_POST['r_invisible']);
if (isset($_POST['r_usecookies'])) $r_usecookies = wbb_trim($_POST['r_usecookies']);
if (isset($_POST['r_admincanemail'])) $r_admincanemail = wbb_trim($_POST['r_admincanemail']);
if (isset($_POST['r_showemail'])) $r_showemail = wbb_trim($_POST['r_showemail']);
if (isset($_POST['r_usercanemail'])) $r_usercanemail = wbb_trim($_POST['r_usercanemail']);
if (isset($_POST['r_emailnotify'])) $r_emailnotify = wbb_trim($_POST['r_emailnotify']);
if (isset($_POST['r_notificationperpm'])) $r_notificationperpm = wbb_trim($_POST['r_notificationperpm']);
if (isset($_POST['r_receivepm'])) $r_receivepm = wbb_trim($_POST['r_receivepm']);
if (isset($_POST['r_emailonpm'])) $r_emailonpm = wbb_trim($_POST['r_emailonpm']);
if (isset($_POST['r_pmpopup'])) $r_pmpopup = wbb_trim($_POST['r_pmpopup']);
if (isset($_POST['r_showsignatures'])) $r_showsignatures = wbb_trim($_POST['r_showsignatures']);
if (isset($_POST['r_showavatars'])) $r_showavatars = wbb_trim($_POST['r_showavatars']);
if (isset($_POST['r_showimages'])) $r_showimages = wbb_trim($_POST['r_showimages']);
if (isset($_POST['r_daysprune'])) $r_daysprune = wbb_trim($_POST['r_daysprune']);
if (isset($_POST['r_umaxposts'])) $r_umaxposts = wbb_trim($_POST['r_umaxposts']);
if (isset($_POST['r_threadview'])) $r_threadview = wbb_trim($_POST['r_threadview']);
if (isset($_POST['r_dateformat'])) $r_dateformat = wbb_trim($_POST['r_dateformat']);
if (isset($_POST['r_timeformat'])) $r_timeformat = wbb_trim($_POST['r_timeformat']);
if (isset($_POST['r_startweek'])) $r_startweek = wbb_trim($_POST['r_startweek']);
if (isset($_POST['r_timezoneoffset'])) $r_timezoneoffset = wbb_trim($_POST['r_timezoneoffset']);
if (isset($_POST['r_styleid'])) $r_styleid = wbb_trim($_POST['r_styleid']);
if (isset($_POST['r_langid'])) $r_langid = wbb_trim($_POST['r_langid']);
if (isset($_POST['r_emailonapplication'])) $r_emailonapplication = wbb_trim($_POST['r_emailonapplication']);
if (isset($_POST['r_usewysiwyg'])) $r_usewysiwyg = wbb_trim($_POST['r_usewysiwyg']);
if (!$r_dateformat) $r_dateformat = $dateformat;
if (!$r_timeformat) $r_timeformat = $timeformat;
$db->unbuffered_query("UPDATE bb".$n."_users SET showemail='".intval($r_showemail)."', admincanemail='".intval($r_admincanemail)."', usercanemail='".intval($r_usercanemail)."', invisible='".intval($r_invisible)."', usecookies='".intval($r_usecookies)."', styleid='".intval($r_styleid)."', daysprune='".intval($r_daysprune)."', timezoneoffset='".addslashes(htmlspecialchars($r_timezoneoffset))."', startweek='".intval($r_startweek)."', dateformat='".addslashes($r_dateformat)."', timeformat='".addslashes($r_timeformat)."', emailnotify='".intval($r_emailnotify)."', notificationperpm='".intval($r_notificationperpm)."', receivepm='".intval($r_receivepm)."', emailonpm='".intval($r_emailonpm)."', pmpopup='".intval($r_pmpopup)."', umaxposts='".intval($r_umaxposts)."', showsignatures='".intval($r_showsignatures)."', showavatars='".intval($r_showavatars)."', showimages='".intval($r_showimages)."', threadview='".intval($r_threadview)."', langid='".intval($r_langid)."'".(($wbbuserdata['isgroupleader'] == 1) ? (", emailonapplication='".intval($r_emailonapplication)."'") : ("")).", usewysiwyg='".intval($r_usewysiwyg)."' WHERE userid = '$wbbuserdata[userid]'", 1);
if ($r_styleid != $session['styleid'] || $r_langid != $session['langid']) $db->unbuffered_query("UPDATE bb".$n."_sessions SET styleid='".intval($r_styleid)."', langid='".intval($r_langid)."' WHERE sessionhash='$sid'", 1);
header("Location: usercp.php?action=options_change".$SID_ARG_2ND_UN);
exit();
}
else {
$r_invisible = $wbbuserdata['invisible'];
$r_usecookies = $wbbuserdata['usecookies'];
$r_admincanemail = $wbbuserdata['admincanemail'];
$r_showemail = $wbbuserdata['showemail'];
$r_usercanemail = $wbbuserdata['usercanemail'];
$r_emailnotify = $wbbuserdata['emailnotify'];
$r_notificationperpm = $wbbuserdata['notificationperpm'];
$r_receivepm = $wbbuserdata['receivepm'];
$r_emailonpm = $wbbuserdata['emailonpm'];
$r_pmpopup = $wbbuserdata['pmpopup'];
$r_showsignatures = $wbbuserdata['showsignatures'];
$r_showavatars = $wbbuserdata['showavatars'];
$r_showimages = $wbbuserdata['showimages'];
$r_daysprune = $wbbuserdata['daysprune'];
$r_umaxposts = $wbbuserdata['umaxposts'];
$r_dateformat = $wbbuserdata['dateformat'];
$r_timeformat = $wbbuserdata['timeformat'];
$r_startweek = $wbbuserdata['startweek'];
$r_timezoneoffset = $wbbuserdata['timezoneoffset'];
$r_styleid = $wbbuserdata['styleid'];
$r_langid = $wbbuserdata['langid'];
$r_threadview = $wbbuserdata['threadview'];
$r_emailonapplication = $wbbuserdata['emailonapplication'];
$r_usewysiwyg = $wbbuserdata['usewysiwyg'];
}
$startweek_options = '';
for ($i = 0; $i < 7; $i++) $startweek_options .= makeoption($i, getday($i), $r_startweek);
if (isset($r_invisible)) $invisible[$r_invisible] = " selected=\"selected\"";
if (isset($r_usecookies)) $usecookies[$r_usecookies] = " selected=\"selected\"";
if (isset($r_admincanemail)) $admincanemail[$r_admincanemail] = " selected=\"selected\"";
if (isset($r_showemail)) $showemail[$r_showemail] = " selected=\"selected\"";
if (isset($r_usercanemail)) $usercanemail[$r_usercanemail] = " selected=\"selected\"";
if (isset($r_emailnotify)) $emailnotify[$r_emailnotify] = " selected=\"selected\"";
if (isset($r_notificationperpm)) $notificationperpm[$r_notificationperpm] = " selected=\"selected\"";
if (isset($r_receivepm)) $receivepm[$r_receivepm] = " selected=\"selected\"";
if (isset($r_emailonpm)) $emailonpm[$r_emailonpm] = " selected=\"selected\"";
if (isset($r_pmpopup)) $spmpopup[$r_pmpopup] = " selected=\"selected\"";
if (isset($r_showsignatures)) $showsignatures[$r_showsignatures] = " selected=\"selected\"";
if (isset($r_showavatars)) $showavatars[$r_showavatars] = " selected=\"selected\"";
if (isset($r_showimages)) $showimages[$r_showimages] = " selected=\"selected\"";
if (isset($r_daysprune)) $sdaysprune[$r_daysprune] = " selected=\"selected\"";
if (isset($r_umaxposts)) $sumaxposts[$r_umaxposts] = " selected=\"selected\"";
if (isset($r_threadview)) $sthreadview[$r_threadview] = " selected=\"selected\"";
if (isset($r_emailonapplication)) $emailonapplication[$r_emailonapplication] = " selected=\"selected\"";
if (isset($r_usewysiwyg)) $usewysiwyg[$r_usewysiwyg] = " selected=\"selected\"";
$timezone_options = '';
$timezones = explode("\n", $lang->items['LANG_REGISTER_TIMEZONES']);
for ($i = 0; $i < count($timezones); $i++) {
$parts = explode("|", wbb_trim($timezones[$i]));
$timezone_options .= makeoption($parts[0], "(GMT".(($parts[1]) ? (" ".$parts[1]) : ("")).") $parts[2]", $r_timezoneoffset);
}
/* styles */
$style_options = '';
$result = $db->unbuffered_query("SELECT styleid, stylename FROM bb".$n."_styles ORDER BY stylename ASC");
while ($row = $db->fetch_array($result)) $style_options .= makeoption($row['styleid'], getlangvar($row['stylename'], $lang), $r_styleid);
/* language packs */
$lang_options = '';
$result = $db->unbuffered_query("SELECT languagepackid, languagepackname FROM bb".$n."_languagepacks ORDER BY languagepackname ASC");
while ($row = $db->fetch_array($result)) $lang_options .= makeoption($row['languagepackid'], getlangvar($row['languagepackname'], $lang), $r_langid);
$r_dateformat = htmlconverter($r_dateformat);
$r_timeformat = htmlconverter($r_timeformat);
eval("\$tpl->output(\"".$tpl->get("usercp_options_change")."\");");
}
/** change password **/
if ($action == 'password_change') {
$lang->load('REGISTER,POSTINGS');
if (isset($_POST['send'])) {
$new_password = $_POST['new_password'];
$confirm_new_password = $_POST['confirm_new_password'];
$authentification = false;
if ($allowloginencryption == 1 && $_POST['crypted'] == "true" && $wbbuserdata['sha1_password']) {
if (sha1(sha1($session['authentificationcode']).$wbbuserdata['sha1_password'])
== $_POST['authentificationcode']) $authentification = true;
else $authentification = false;
}
else {
if (md5($_POST['l_password']) == $wbbuserdata['password']) {
$authentification = true;
if (!$wbbuserdata['sha1_password']) {
$db->unbuffered_query("UPDATE bb".$n."_users SET sha1_password='".sha1($_POST['l_password'])."' WHERE userid='$wbbuserdata[userid]'");
}
}
else $authentification = false;
}
if (($_POST['crypted'] == "false" && !$_POST['l_password']) || !$new_password || !$confirm_new_password) error($lang->get("LANG_GLOBAL_ERROR1"));
elseif ($new_password != $confirm_new_password) error($lang->get("LANG_USERCP_PASSWORD_CHANGE_ERROR1"));
elseif ($authentification == false) error($lang->get("LANG_USERCP_PASSWORD_CHANGE_ERROR2"));
else {
$db->query("UPDATE bb".$n."_users SET password='".md5($new_password)."', sha1_password='".sha1($new_password)."' WHERE userid='$wbbuserdata[userid]'");
if ($wbbuserdata['usecookies'] == 1) bbcookie("userpassword", md5($new_password), time() + 3600 * 24 * 365);
redirect($lang->get("LANG_USERCP_PW_REDIRECT"), "usercp.php".$SID_ARG_1ST);
exit;
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_password_change")."\");");
}
/** change email **/
if ($action == 'email_change') {
$lang->load('REGISTER,POSTINGS');
if (isset($_POST['send'])) {
$new_email = wbb_trim($_POST['new_email']);
$confirm_new_email = wbb_trim($_POST['confirm_new_email']);
if ($new_email == $wbbuserdata['email']) {
header("Location: usercp.php".$SID_ARG_1ST);
exit();
}
$authentification = false;
if ($allowloginencryption == 1 && $_POST['crypted'] == "true" && $wbbuserdata['sha1_password']) {
if (sha1(sha1($session['authentificationcode']).$wbbuserdata['sha1_password'])
== $_POST['authentificationcode']) $authentification = true;
else $authentification = false;
}
else {
if (md5($_POST['l_password']) == $wbbuserdata['password']) {
$authentification = true;
if (!$wbbuserdata['sha1_password']) {
$db->unbuffered_query("UPDATE bb".$n."_users SET sha1_password='".sha1($_POST['l_password'])."' WHERE userid='$wbbuserdata[userid]'");
}
}
else $authentification = false;
}
if (($_POST['crypted'] == ";false" && !$_POST['l_password']) || !$new_email || !$confirm_new_email) error($lang->get("LANG_GLOBAL_ERROR1"));
elseif ($authentification == false) error($lang->get("LANG_USERCP_PASSWORD_CHANGE_ERROR2"));
elseif ($new_email != $confirm_new_email) error($lang->get("LANG_USERCP_EC_ERROR1"));
elseif (!verify_email($new_email)) error($lang->get("LANG_USERCP_EC_ERROR2"));
else {
$db->query("UPDATE bb".$n."_users SET email='".addslashes($new_email)."' WHERE userid = '$wbbuserdata[userid]'");
if ($emailverifymode == 0) {
redirect($lang->get("LANG_USERCP_EC_REDIRECT0"), "usercp.php".$SID_ARG_1ST);
}
if ($emailverifymode == 3) {
$lang->load('MAIL');
$r_password = password_generate();
$db->query("UPDATE bb".$n."_users SET password='".md5($r_password)."', sha1_password='".sha1($r_password)."' WHERE userid = '$wbbuserdata[userid]'");
$db->query("UPDATE bb".$n."_sessions SET userid=0 WHERE sessionhash='$sid'");
$master_board_name_email = getlangvar($o_master_board_name, $lang, 0);
$subject = $lang->get("LANG_MAIL_EC3_SUBJECT", array('$master_board_name_email' => $master_board_name_email));
$content = $lang->get("LANG_MAIL_EC3_TEXT", array('$master_board_name_email' => $master_board_name_email, '$username' => $wbbuserdata['username'], '$r_password' => $r_password));
mailer($new_email, $subject, $content);
redirect($lang->get("LANG_USERCP_EC_REDIRECT3", array('$new_email' => $new_email)), "index.php".$SID_ARG_1ST, 20);
}
if ($emailverifymode == 1 || $emailverifymode == 2) {
$activation = code_generate();
list($groupid) = $db->query_first("SELECT groupid FROM bb".$n."_groups WHERE grouptype = 2");
if (!in_array($groupid, $wbbuserdata['groupids'])) {
$wbbuserdata['groupids'][] = $groupid;
sort($wbbuserdata['groupids']);
$db->unbuffered_query("UPDATE bb".$n."_users SET activation='$activation', groupcombinationid='".cachegroupcombinationdata(implode(",", $wbbuserdata['groupids']), 0)."' WHERE userid='".$wbbuserdata['userid']."'", 1);
}
else $db->query("UPDATE bb".$n."_users SET activation='$activation' WHERE userid = '$wbbuserdata[userid]'");
$db->query("INSERT IGNORE INTO bb".$n."_user2groups (userid,groupid) VALUES ('$wbbuserdata[userid]','$groupid')");
if ($emailverifymode == 1) {
$lang->load('MAIL');
$master_board_name_email = getlangvar($o_master_board_name, $lang, 0);
$subject = $lang->get("LANG_MAIL_EC1_SUBJECT", array('$master_board_name_email' => $master_board_name_email));
$content = $lang->get("LANG_MAIL_EC1_TEXT", array('$master_board_name_email' => $master_board_name_email, '$username' => $wbbuserdata['username'], '$url2board' => $url2board, '$userid' => $wbbuserdata['userid'], '$activation' => $activation, '$webmastermail' => $webmastermail));
mailer($new_email, $subject, $content);
redirect($lang->get("LANG_USERCP_EC_REDIRECT1", array('$new_email' => $new_email)), "usercp.php".$SID_ARG_1ST, 20);
}
else redirect($lang->get("LANG_USERCP_EC_REDIRECT2", array('$new_email' => $new_email)), "usercp.php".$SID_ARG_1ST, 20);
}
exit;
}
}
$wbbuserdata['email'] = htmlconverter($wbbuserdata['email']);
eval("\$tpl->output(\"".$tpl->get("usercp_email_change")."\");");
}
/** buddy list **/
if ($action == 'buddy_list') {
$lang->load('MEMBERS');
if (isset($_POST['send'])) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE username='".addslashes(wbb_trim($_POST['addtolist']))."'");
if (!$userid) error($lang->items['LANG_USERCP_ERROR1']);
elseif ($userid == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
$buddylist = add2list($wbbuserdata['buddylist'], $userid);
if ($buddylist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=buddy_list".$SID_ARG_2ND_UN);
exit();
}
}
$listbit = '';
$pmLink = '';
$buddyCount=0;
if ($wbbuserdata['buddylist'] != '') {
$result = $db->unbuffered_query("SELECT u.userid, u.username, IF(s.lastactivity>=".(time() - $useronlinetimeout * 60).(($wbbuserdata['a_can_view_ghosts'] == 1) ? ("") : (" AND u.invisible=0")).",1,0) AS online FROM bb".$n."_users u
LEFT JOIN bb".$n."_sessions s USING (userid)
WHERE u.userid IN ('".str_replace(" ", "','", $wbbuserdata[buddylist])."') ORDER BY online DESC, u.username ASC");
while ($row = $db->fetch_array($result)) {
$row['username'] = htmlconverter($row['username']);
$username = $row['username'];
if ($row['online']) $LANG_MEMBERS_USERONLINE = $lang->get("LANG_MEMBERS_USERONLINE", array('$username' => $username));
else $LANG_MEMBERS_USERONLINE = $lang->get("LANG_MEMBERS_USEROFFLINE", array('$username' => $username));
$pmLink .= "&userid[]=$row[userid]";
$buddyCount++;
eval("\$listbit .= \"".$tpl->get("usercp_buddy_listbit")."\";");
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_buddy_list")."\");");
}
/** ignore list **/
if ($action == 'ignore_list') {
if (isset($_POST['send'])) {
$result = getwbbuserdata(wbb_trim($_POST['addtolist']), "username");
if (!$result['userid']) error($lang->items['LANG_USERCP_ERROR1']);
elseif ($result['userid'] == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
if ($result['a_can_be_ignored'] !=1) {
$ignorelist = add2list($wbbuserdata['ignorelist'], $result['userid']);
if ($ignorelist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET ignorelist='$ignorelist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=ignore_list".$SID_ARG_2ND_UN);
exit();
}else {
error($lang->items['LANG_USERCP_ERROR3']);
}
}
}
$listbit = '';
if ($wbbuserdata['ignorelist'] != '') {
$result = $db->unbuffered_query("SELECT userid, username FROM bb".$n."_users WHERE userid IN ('".str_replace(" ", "','", $wbbuserdata['ignorelist'])."') ORDER BY username ASC");
while ($row = $db->fetch_array($result)) {
$row['username'] = htmlconverter($row['username']);
eval("\$listbit .= \"".$tpl->get("usercp_ignore_listbit")."\";");
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_ignore_list")."\");");
}
/** add / remove user to / from buddy list **/
if ($action == 'buddy') {
if ($_GET['remove']) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['remove'])."'");
if (!$userid) error($lang->items['LANG_GLOBAL_ERROR2']);
else {
$buddylist = removeFromlist($wbbuserdata['buddylist'], $userid);
if ($buddylist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=buddy_list".$SID_ARG_2ND_UN);
exit();
}
}
if ($_GET['add']) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['add'])."'");
if (!$userid) error($lang->items['LANG_GLOBAL_ERROR2']);
elseif ($userid == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
$buddylist = add2list($wbbuserdata['buddylist'], $userid);
if ($buddylist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=buddy_list".$SID_ARG_2ND_UN);
exit();
}
}
}
/** add / remove user to / from ignore list **/
if ($action == 'ignore') {
if ($_GET['remove']) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['remove'])."'");
if (!$userid) error($lang->items['LANG_GLOBAL_ERROR2']);
else {
$ignorelist = removeFromlist($wbbuserdata['ignorelist'], $userid);
if ($ignorelist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET ignorelist='$ignorelist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=ignore_list".$SID_ARG_2ND_UN);
exit();
}
}
if ($_GET['add']) {
$result = getwbbuserdata(intval($_GET['add'], "userid"));
if (!$result['userid']) error($lang->items['LANG_GLOBAL_ERROR2']);
elseif ($result['userid'] == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
if ($result['a_can_be_ignored'] !=1) {
$ignorelist = add2list($wbbuserdata['ignorelist'], $result['userid']);
if ($ignorelist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET ignorelist='$ignorelist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=ignore_list".$SID_ARG_2ND_UN);
exit();
}else {
error($lang->items['LANG_USERCP_ERROR3']);
}
}
}
}
/** avatars **/
if ($action == 'avatars') {
$lang->load('POSTINGS,REGISTER');
if (isset($_POST['send'])) {
if ($_POST['avatarid'] != 'useown') {
if ($_POST['avatarid'] != 0) {
if ($wbbuserdata['can_use_avatar'] == 0) access_error();
$result = $db->query_first("SELECT avatarid FROM bb".$n."_avatars WHERE groupid IN(0,".implode(",", $wbbuserdata['groupids']).") AND needposts <= '$wbbuserdata[userposts]' AND userid = 0 AND avatarid='".intval($_POST['avatarid'])."'");
if (!$result['avatarid']) access_error();
}
$oldavatar = $db->query_first("SELECT avatarid, avatarextension FROM bb".$n."_avatars WHERE userid = '$wbbuserdata[userid]'");
if ($oldavatar['avatarid']) {
@unlink("./images/avatars/avatar-".$oldavatar['avatarid'].".".$oldavata
r['avatarextension']);
$db->unbuffered_query("DELETE FROM bb".$n."_avatars WHERE avatarid = '$oldavatar[avatarid]'", 1);
}
$db->unbuffered_query("UPDATE bb".$n."_users SET avatarid = '".intval($_POST['avatarid'])."' WHERE userid = '$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=avatars&page=".intval($_POST['page']).$SID_ARG_2ND_UN);
exit();
}
else {
$uploaderror = 0;
if ($_FILES['avatar_file']['tmp_name'] && $_FILES['avatar_file']['tmp_name'] != "none") {
if ($wbbuserdata['can_use_avatar'] == 0 || $wbbuserdata['can_upload_avatar'] == 0) access_error();
$badavatar = 0;
$avatar_file_extension = wbb_strtolower(wbb_substr(strrchr($_FILES['avatar_file']['name'], "."), 1));
$avatar_file_name2 = wbb_substr($_FILES['avatar_file']['name'], 0, (intval(wbb_strlen($avatar_file_extension)) + 1) * -1);
$allowed_avatar_extensions = explode("\n", $wbbuserdata['allowed_avatar_extensions']);
if (in_array($avatar_file_extension, $allowed_avatar_extensions) && $_FILES['avatar_file']['size'] <= $wbbuserdata['max_avatar_size'] && !stristr($avatar_file_extension, 'php')) { /* && */
$db->query("INSERT INTO bb".$n."_avatars (avatarname,avatarextension,userid) VALUES ('".addslashes(htmlspecialchars($avatar_file_name2))."','".addslashes(htmls
pecialchars($avatar_file_extension))."','$wbbuserdata[userid]')");
$avatarid = $db->insert_id("bb".$n."_avatars", "avatarid");
if (move_uploaded_file($_FILES['avatar_file']['tmp_name'], "./images/avatars/avatar-".$avatarid.".".$avatar_file_extension)) {
@chmod ("./images/avatars/avatar-".$avatarid.".".$avatar_file_extension, 0777);
$imgsize = @getimagesize("./images/avatars/avatar-".$avatarid.".".$avatar_file_extensi
on);
$width = $imgsize[0];
$height = $imgsize[1];
if ($avatar_file_extension == "swf") {
if ($width > $wbbuserdata['max_avatar_width']) $width = $wbbuserdata['max_avatar_width'];
if ($height > $wbbuserdata['max_avatar_height']) $height = $wbbuserdata['max_avatar_height'];
}
if ($width > $wbbuserdata['max_avatar_width'] || $height > $wbbuserdata['max_avatar_height'] || !$width || !$height) $badavatar = 2;
// check avatar content
$avatarcontent = implode('', @file("./images/avatars/avatar-".$avatarid.".".$avatar_file_extension));
$avatarcontent = preg_replace('/[^a-z0-9\(]+/', '', strtolower($avatarcontent));
$avatarcontent = str_replace('description', '', $avatarcontent);
if (stristr($avatarcontent, 'script') || stristr($avatarcontent, 'javascript') || stristr($avatarcontent, 'expression(')) $badavatar = 2;
if ($badavatar == 0) {
$oldavatar = $db->query_first("SELECT avatarid, avatarextension FROM bb".$n."_avatars WHERE userid = '$wbbuserdata[userid]' AND avatarid='$wbbuserdata[avatarid]'");
if ($oldavatar['avatarid']) {
@unlink("./images/avatars/avatar-".$oldavatar['avatarid'].".".$olda
vatar['avatarextension']);
$db->unbuffered_query("DELETE FROM bb".$n."_avatars WHERE avatarid = '$oldavatar[avatarid]'", 1);
}
$db->unbuffered_query("UPDATE bb".$n."_users SET avatarid='$avatarid' WHERE userid='$wbbuserdata[userid]'", 1);
$db->unbuffered_query("UPDATE bb".$n."_avatars SET width='$width', height='$height' WHERE avatarid='$avatarid'", 1);
header("Location: usercp.php?action=avatars&page=$page".$SID_ARG_2ND_UN);
exit();
}
}
else $badavatar = 1;
if ($badavatar != 0) {
if ($badavatar == 2) @unlink("./images/avatars/avatar-".$avatarid.".".$avatar_file_extension);
$db->query("DELETE FROM bb".$n."_avatars WHERE avatarid='$avatarid'");
$uploaderror = 1;
}
}
else $uploaderror = 1;
if ($uploaderror == 1) error($lang->items['LANG_USERCP_AVATAR_ERROR1']);
}
elseif (!$havatarid) error($lang->items['LANG_USERCP_AVATAR_ERROR1']);
}
}
if ($wbbuserdata['avatarid'] == 0 || ($wbbuserdata['can_use_avatar'] == 0 && $wbbuserdata['can_upload_avatar'] == 0)) $noavatar_checked = " checked=\"checked\"";
if ($wbbuserdata['can_use_avatar'] == 1) {
list($avatarcount) = $db->query_first("SELECT COUNT(*) FROM bb".$n."_avatars WHERE groupid IN(0,".implode(",", $wbbuserdata['groupids']).") AND needposts <= '$wbbuserdata[userposts]' AND userid = 0 ORDER BY needposts DESC");
if ($avatarcount) {
if (isset($_GET['page'])) {
$page = intval($_GET['page']);
if ($page < 1) $page = 1;
}
else $page = 1;
$pages = ceil($avatarcount / $avatarsperpage);
$result = $db->unbuffered_query("SELECT avatarid, avatarextension, width, height FROM bb".$n."_avatars WHERE groupid IN(0,".implode(",", $wbbuserdata['groupids']).") AND needposts <= '$wbbuserdata[userposts]' AND userid = 0 ORDER BY needposts DESC", 0, $avatarsperpage, $avatarsperpage * ($page - 1));
while ($row = $db->fetch_array($result)) {
$avatarname = "images/avatars/avatar-$row[avatarid].".htmlconverter($row['avatarextension
']);
$avatarwidth = $row['width'];
$avatarheight = $row['height'];
if ($row['avatarextension'] == "swf") eval("\$avatarchoice = \"".$tpl->get("avatar_flash")."\";");
else eval("\$avatarchoice = \"".$tpl->get("avatar_image")."\";");
if ($row['avatarid'] == $wbbuserdata['avatarid']) $checked = " checked=\"checked\"";
else $checked = '';
eval("\$avatarArray[] = \"".$tpl->get("usercp_avatarbit")."\";");
}
$tableRows = ceil(count($avatarArray) / 5);
$count = 0;
for ($i = 0; $i < $tableRows; $i++) {
$avatarbit_td = '';
for ($j = 0; $j < 5; $j++) {
if ($i == 0 && !$avatarArray[$count]) break;
eval("\$avatarbit_td .= \"".$tpl->get("usercp_avatarbit_td")."\";");
$count++;
}
eval("\$avatarbit_tr .= \"".$tpl->get("usercp_avatarbit_tr")."\";");
}
$countfrom = 1 + $avatarsperpage * ($page - 1);
$countto = $avatarsperpage * $page;
if ($countto > $avatarcount) $countto = $avatarcount;
if ($pages > 1) $pagelink = makepagelink("usercp.php?action=avatars".$SID_ARG_2ND, $page, $pages, $showpagelinks - 1);
$lang->items['LANG_USERCP_AVATAR_COUNT'] = $lang->get("LANG_USERCP_AVATAR_COUNT", array('$countfrom' => $countfrom, '$countto' => $countto, '$avatarcount' => $avatarcount));
}
}
if ($wbbuserdata['can_upload_avatar'] == 1) {
$ownavatar = $db->query_first("SELECT avatarid, avatarextension, width, height FROM bb".$n."_avatars WHERE userid = '$wbbuserdata[userid]'");
if ($ownavatar['avatarid']) {
$avatarname = "images/avatars/avatar-$ownavatar[avatarid].".htmlconverter($ownavatar['ava
tarextension']);
$avatarwidth = $ownavatar['width'];
$avatarheight = $ownavatar['height'];
$havatar = "<input type=\"hidden\" name=\"havatarid\" value=\"$ownavatar[avatarid]\" />";
if ($ownavatar['avatarextension'] == "swf") eval("\$ownavatar = \"".$tpl->get("avatar_flash")."\";");
else eval("\$ownavatar = \"".$tpl->get("avatar_image")."\";");
$ownavatar_checked = " checked=\"checked\"";
}
$lang->items['LANG_USERCP_USE_OWNAVATAR_NOTE'] = $lang->get("LANG_USERCP_USE_OWNAVATAR_NOTE", array('$allowed_avatar_extensions' => getAllowedExtensions($wbbuserdata['allowed_avatar_extensions']), '$max_avatar_width' => $wbbuserdata['max_avatar_width'], '$max_avatar_height' => $wbbuserdata['max_avatar_height'], '$max_avatar_size' => formatFilesize($wbbuserdata['max_avatar_size'])));
}
eval("\$tpl->output(\"".$tpl->get("usercp_avatars")."\");");
}
/** subscriptions **/
if ($action == 'addsubscription') {
if (isset($threadid)) {
$db->unbuffered_query("INSERT IGNORE INTO bb".$n."_subscribethreads (userid,threadid,emailnotify) VALUES ('$wbbuserdata[userid]','$threadid','1')", 1);
header("Location: thread.php?threadid=$threadid".$SID_ARG_2ND_UN);
}
else if (isset($boardid)) {
$db->unbuffered_query("INSERT IGNORE INTO bb".$n."_subscribeboards (userid,boardid,emailnotify) VALUES ('$wbbuserdata[userid]','$boardid','1')", 1);
header("Location: board.php?boardid=$boardid".$SID_ARG_2ND_UN);
}
exit();
}
if ($action == 'removesubscription') {
if (isset($threadid)) $db->unbuffered_query("DELETE FROM bb".$n."_subscribethreads WHERE userid='$wbbuserdata[userid]' AND threadid='$threadid'", 1);
else if (isset($boardid)) $db->unbuffered_query("DELETE FROM bb".$n."_subscribeboards WHERE userid='$wbbuserdata[userid]' AND boardid='$boardid'", 1);
header("Location: usercp.php?action=favorites".$SID_ARG_2ND_UN);
exit();
}
/** favorites **/
if ($action == 'favorites') {
$lang->load('START,BOARD');
include("./acp/lib/class_parse.php");
$favorites = true;
$depth = 2;
// read permissions
$permissioncache = getPermissions();
$badBoardIDs = '';
$badThreadIDs = '';
// visitcache
$result = $db->unbuffered_query("SELECT t.boardid, t.threadid, t.lastposttime".(($wbbuserdata['userid']) ? (", tv.lastvisit") : (""))." FROM bb".$n."_threads t".(($wbbuserdata['userid']) ? (" LEFT JOIN bb".$n."_threadvisit tv ON (tv.threadid=t.threadid AND tv.userid='".$wbbuserdata['userid']."')") : (""))." WHERE t.visible = 1 AND t.lastposttime > '$wbbuserdata[lastvisit]' AND t.closed <> 3");
while ($row = $db->fetch_array($result)) {
if ($row['lastposttime'] > $row['lastvisit']) $visitcache[$row['boardid']][$row['threadid']] = $row['lastposttime'];
}
/** board visit **/
$result = $db->query("SELECT * FROM bb".$n."_boardvisit WHERE userid='".$wbbuserdata['userid']."'");
while ($row = $db->fetch_array($result)) {
$boardvisit[$row['boardid']] = $row['lastvisit'];
}
/** boards **/
$result = $db->unbuffered_query("
SELECT
s.emailnotify, bv.lastvisit, b.*".(($showlastposttitle == 1) ? (", t.topic, i.*") : (""))."
FROM bb".$n."_subscribeboards s
LEFT JOIN bb".$n."_boards b USING(boardid)
".(($showlastposttitle == 1) ? ("LEFT JOIN bb".$n."_threads t ON (t.threadid=b.lastthreadid)
LEFT JOIN bb".$n."_icons i USING (iconid)") : (""))."
LEFT JOIN bb".$n."_boardvisit bv ON (bv.boardid=b.boardid AND bv.userid='".$wbbuserdata['userid']."')
WHERE s.userid='$wbbuserdata[userid]' AND b.isboard=1
ORDER by b.title ASC");
$boardbit = '';
while ($boards = $db->fetch_array($result)) {
if (!isset($permissioncache[$boards['boardid']]['can_enter_board']) || $permissioncache[$boards['boardid']]['can_enter_board'] == -1) $permissioncache[$boards['boardid']]['can_enter_board'] = $wbbuserdata['can_enter_board'];
if (!isset($permissioncache[$boards['boardid']]['can_view_board']) || $permissioncache[$boards['boardid']]['can_view_board'] == -1) $permissioncache[$boards['boardid']]['can_view_board'] = $wbbuserdata['can_enter_board'];
if (!$permissioncache[$boards['boardid']]['can_enter_board']) {
$badBoardIDs .= "," . $boards['boardid'];
continue;
}
if ($wbbuserdata['lastvisit'] > $boards['lastposttime'] || $boards['lastvisit'] > $boards['lastposttime']) $onoff = 'off';
else {
$onoff = 'off';
$tempids = explode(',', "$boards[boardid],$boards[childlist]");
$tempids_count = count($tempids);
for ($j = 0; $j < $tempids_count; $j++) {
if ($tempids[$j] == 0) continue;
if (is_array($visitcache[$tempids[$j]]) && count($visitcache[$tempids[$j]])) {
reset($visitcache[$tempids[$j]]);
while (list($threadid, $lastposttime) = each($visitcache[$tempids[$j]])) {
if ($lastposttime > $boardvisit[$tempids[$j]]) {
$onoff = 'on';
break 2;
} // end if
} // end while
} // end if
} // end for
} // end else
if ($boards['threadcount']) {
$lastpostdate = formatdate($wbbuserdata['dateformat'], $boards['lastposttime'], 1);
$lastposttime = formatdate($wbbuserdata['timeformat'], $boards['lastposttime']);
$boards['lastposter'] = htmlconverter($boards['lastposter']);
if ($showlastposttitle == 1) {
if (wbb_strlen($boards['topic']) > 30) $topic = wbb_substr($boards['topic'], 0, 30)."...";
else $topic = $boards['topic'];
$topic = htmlconverter($topic);
$boards['topic'] = htmlconverter($boards['topic']);
if (isset($boards['iconid'])) $ViewPosticon = makeimgtag($boards['iconpath'], $boards['icontitle']);
else $ViewPosticon = makeimgtag($style['imagefolder']."/icons/icon14.gif");
}
if ($boards['postcount'] >= 1000) $boards['postcount'] = number_format($boards['postcount'], 0, "", $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
if ($boards['threadcount'] >= 1000) $boards['threadcount'] = number_format($boards['threadcount'], 0, "", $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
}
$boards['title'] = getlangvar($boards['title'], $lang);
$boards['description'] = getlangvar($boards['description'], $lang, 0);
eval("\$boardbit .= \"".$tpl->get("index_boardbit")."\";");
}
/** threads **/
if ($wbbuserdata['umaxposts']) $postsperpage = $wbbuserdata['umaxposts'];
else $postsperpage = $default_postsperpage;
$board['hotthread_reply'] = $default_hotthread_reply;
$board['hotthread_view'] = $default_hotthread_view;
if (isset($_GET['daysprune'])) $daysprune = intval($_GET['daysprune']);
elseif ($wbbuserdata['daysprune'] != 0) $daysprune = $wbbuserdata['daysprune'];
else $daysprune = $default_daysprune;
$d_select[$daysprune] = "selected=\"selected\"";
if ($daysprune != 1000) {
if ($daysprune == 1500) $datecute = " AND lastposttime >= '".$wbbuserdata['lastvisit']."'";
else {
$tempdate = time() - ($daysprune * 86400);
$datecute = " AND t.lastposttime >= '".$tempdate."'";
}
}
else $datecute = '';
if ($showown == 1) {
$ownuserid = "DISTINCT p.userid,";
$ownjoin = "LEFT JOIN bb".$n."_posts p ON (t.threadid = p.threadid AND p.userid = '$wbbuserdata[userid]')";
}
else {
$ownuserid = '';
$ownjoin = '';
}
$threadids = '';
$result = $db->unbuffered_query("SELECT t.threadid FROM bb".$n."_subscribethreads s LEFT JOIN bb".$n."_threads t USING(threadid) WHERE s.userid='$wbbuserdata[userid]' AND t.visible = 1 $datecute ORDER BY t.lastposttime DESC LIMIT 250");
while ($row = $db->fetch_array($result)) $threadids .= ",".$row['threadid'];
$result = $db->unbuffered_query("SELECT
$ownuserid
t.*,
i.*, bv.lastvisit AS boardlastvisit, tv.lastvisit AS threadlastvisit
FROM bb".$n."_threads t
LEFT JOIN bb".$n."_icons i USING (iconid)
LEFT JOIN bb".$n."_boards b ON (b.boardid=t.boardid)
LEFT JOIN bb".$n."_boardvisit bv ON (bv.boardid=b.boardid AND bv.userid='".$wbbuserdata['userid']."')
LEFT JOIN bb".$n."_threadvisit tv ON (tv.threadid=t.threadid AND tv.userid='".$wbbuserdata['userid']."')
$ownjoin
WHERE t.threadid IN (0$threadids)
ORDER BY t.lastposttime DESC");
$threadbit = '';
while ($threads = $db->fetch_array($result)) {
if (!isset($permissioncache[$threads['boardid']]['can_enter_board']) || $permissioncache[$threads['boardid']]['can_enter_board'] == -1) $permissioncache[$threads['boardid']]['can_enter_board'] = $wbbuserdata['can_enter_board'];
if (!$permissioncache[$threads['boardid']]['can_enter_board']) {
$badThreadIDs .= "," . $threads['threadid'];
continue;
}
$firstnew = 0;
$multipages = '';
$attachments = '';
$prefix = '';
if ($threads['boardlastvisit'] > $threads['threadlastvisit']) $threads['threadlastvisit'] = $threads['boardlastvisit'];
if ($wbbuserdata['lastvisit'] > $threads['threadlastvisit']) $threads['threadlastvisit'] = $wbbuserdata['lastvisit'];
$threads['topic'] = htmlconverter(textwrap($threads['topic']));
$threads['starter'] = htmlconverter(textwrap($threads['starter'], 25));
$threads['lastposter'] = htmlconverter(textwrap($threads['lastposter'], 25));
$threads['prefix'] = htmlconverter($threads['prefix']);
if ($threads['pollid'] != 0) $foldericon = "poll";
else $foldericon = (($threads['userid']) ? ("dot") : ("")).(($threads['lastposttime'] > $threads['threadlastvisit']) ? ("new") : ("")).(($threads['replycount'] >= $board['hotthread_reply'] || $threads['views'] >= $board['hotthread_view']) ? ("hot") : ("")).(($threads['closed'] != 0) ? ("lock") : (""))."folder";
if ($threads['lastposttime'] > $threads['threadlastvisit']) $firstnew = 1;
if ($threads['iconid']) $threadicon = makeimgtag($threads['iconpath'], $threads['icontitle']);
else $threadicon = " ";
$lastpostdate = formatdate($wbbuserdata['dateformat'], $threads['lastposttime'], 1);
$lastposttime = formatdate($wbbuserdata['timeformat'], $threads['lastposttime']);
if ($threads['replycount'] + 1 > $postsperpage && $showmultipages != 0) {
unset($multipage);
unset($multipages_lastpage);
$xpages = ceil(($threads['replycount'] + 1) / $postsperpage);
if ($xpages > $showmultipages) {
eval("\$multipages_lastpage = \"".$tpl->get("board_threadbit_multipages_lastpage")."\";");
$xpages = $showmultipages;
}
for ($i = 1; $i <= $xpages; $i++) $multipage .= " ".makehreftag("thread.php?threadid=".$threads['threadid']."&page=$i" . $SID_ARG_2ND, $i);
eval("\$multipages = \"".$tpl->get("board_threadbit_multipages")."\";");
}
if ($threads['replycount'] >= 1000) $threads['replycount'] = number_format($threads['replycount'], 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
if ($threads['views'] >= 1000) $threads['views'] = number_format($threads['views'], 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
eval("\$threadbit .= \"".$tpl->get("board_threadbit")."\";");
}
// delete bad threads & boards
if ($badThreadIDs != '') $db->query("DELETE FROM bb".$n."_subscribethreads WHERE threadid IN (0".$badThreadIDs.")");
if ($badBoardIDs != '') $db->query("DELETE FROM bb".$n."_subscribeboards WHERE boardid IN (0".$badBoardIDs.")");
if (!$threadbit) $lang->items['LANG_USERCP_FAVORITES_NO_NEWPOSTS'] = $lang->get("LANG_USERCP_FAVORITES_NO_NEWPOSTS", array('$daysprune' => $daysprune));
eval("\$tpl->output(\"".$tpl->get("usercp_favorites")."\");");
}
/** attachments **/
if ($action == 'attachments') {
$pmmaxrecipientlistsize = 10;
list($attachmentCount) = $db->query_first("SELECT COUNT(*) as attachmentCount FROM bb".$n."_attachments WHERE userid='$wbbuserdata[userid]' AND (postid <> 0 OR privatemessageid <> 0)");
list($total_attachment_filesize) = $db->query_first("SELECT (SUM(attachmentsize) + SUM(thumbnailsize)) as total_attachment_filesize FROM bb".$n."_attachments WHERE userid='$wbbuserdata[userid]' AND (postid <> 0 OR privatemessageid <> 0)");
$LANG_USERCP_ATTACHMENTS_STORAGE_USED = $lang->get('LANG_USERCP_ATTACHMENTS_STORAGE_USED', array('$attachmentCount' => number_format($attachmentCount, 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP")), '$total_attachment_filesize' => formatFilesize($total_attachment_filesize)));
if ($wbbuserdata['total_attachment_filesize_limit'] > 0) {
$temp = $total_attachment_filesize / $wbbuserdata['total_attachment_filesize_limit'];
if (($percent = round($temp * 100)) > 100) {
$percent = 100;
$temp = 1;
}
$percent2 = 100 - $percent;
$quota_free = formatFilesize(($wbbuserdata['total_attachment_filesize_limit'] > $total_attachment_filesize) ? ($wbbuserdata['total_attachment_filesize_limit'] - $total_attachment_filesize) : (0));
$LANG_USERCP_ATTACHMENTS_STORAGE_FREE = $lang->get('LANG_USERCP_ATTACHMENTS_STORAGE_FREE', array('$quota_free' => $quota_free));
}
else $LANG_USERCP_ATTACHMENTS_STORAGE_FREE = '';
if ($wbbuserdata['umaxposts']) $perpage = $wbbuserdata['umaxposts'];
else $perpage = $default_postsperpage;
if (isset($_REQUEST['page'])) $page = intval($_REQUEST['page']);
else $page = 1;
$pages = ceil($attachmentCount / $perpage);
if ($page < 1 || $page > $pages) $page = 1;
if ($pages > 1) $pagelink = makepagelink("usercp.php?action=attachments".$SID_ARG_2ND, $page, $pages, $showpagelinks - 1);
else $pagelink = '';
$moderatorInfos = array();
$result = $db->query("SELECT *, userid as moderatorid FROM bb".$n."_moderators WHERE userid='$wbbuserdata[userid]'");
while ($row = $db->fetch_array($result)) $moderatorInfos[$row['boardid']] = $row;
// user access
getPermissions();
$attachmentbit = '';
$result = $db->query("SELECT at.*, p.posttopic, p.posttime, t.boardid, t.threadid, t.topic, t.prefix, t.closed, b.title, ".
"pm.subject, pm.sendtime, pm.recipientlist, pm.recipientcount, pm.inoutbox ".
"FROM bb".$n."_attachments at ".
"LEFT JOIN bb".$n."_posts p USING (postid) ".
"LEFT JOIN bb".$n."_threads t USING (threadid) ".
"LEFT JOIN bb".$n."_boards b USING (boardid) ".
"LEFT JOIN bb".$n."_privatemessage pm ON (pm.privatemessageid=at.privatemessageid) ".
"WHERE at.userid='$wbbuserdata[userid]' AND (at.postid <> 0 OR at.privatemessageid <> 0) ".
"ORDER BY at.uploadtime DESC", $perpage, $perpage * ($page - 1));
while ($row = $db->fetch_array($result)) {
$undeleteable = $invisible = false;
$row['attachmentname'] = htmlconverter(textwrap($row['attachmentname']));
$row['attachmentextension'] = htmlconverter($row['attachmentextension']);
$row['prefix'] = htmlconverter($row['prefix']);
if ($row['postid']) {
$ismod = 0;
if (checkmodpermissions('m_can_post_edit', $moderatorInfos[$row['boardid']]) == 1) $ismod = 1;
if (!checkpermissions("can_enter_board", $wbbuserdata['permissions'][$row['boardid']])) $invisible = true;
if ($ismod == 0 && ($row['closed'] == 1 || !checkpermissions('can_edit_own_post', $wbbuserdata['permissions'][$row['boardid']]))) $undeleteable = true;
if ($ismod == 0 && ($wbbuserdata['edit_posttime_limit'] != -1 && (time() - $row['posttime']) > $wbbuserdata['edit_posttime_limit'] * 60)) $undeleteable = true;
$row['topic'] = htmlconverter($row['topic']);
$row['posttopic'] = $row['posttopic'] != '' ? htmlconverter($row['posttopic']) : $row['topic'];
$row['title'] = getlangvar($row['title'], $lang);
$postdate = formatdate($wbbuserdata['dateformat'], $row['posttime'], 1);
$posttime = formatdate($wbbuserdata['timeformat'], $row['posttime']);
}
else {
$undeleteable = true;
$row['subject'] = htmlconverter($row['subject']);
$row['recipientlist'] = unserialize($row['recipientlist']);
$recipients = '';
if (is_array($row['recipientlist'])) {
foreach ($row['recipientlist'] as $recipient) {
$recipient = htmlconverter($recipient);
if ($recipients != '') $recipients .= ', '.$recipient;
else $recipients = $recipient;
}
}
if ($row['recpientcount'] > $pmmaxrecipientlistsize) $recipients .= ', ...';
$senddate = formatdate($wbbuserdata['dateformat'], $row['sendtime'], 1);
$sendtime = formatdate($wbbuserdata['timeformat'], $row['sendtime']);
}
if (file_exists($style['imagefolder'].'/filetypes/'.$row['attachmentextension'
].'.gif')) $extensionimage = $row['attachmentextension'];
else $extensionimage = 'unknown';
$uploaddate = formatdate($wbbuserdata['dateformat'], $row['uploadtime'], 1);
$uploadtime = formatdate($wbbuserdata['timeformat'], $row['uploadtime']);
$attachmentsize = formatFilesize($row['attachmentsize']);
if ($row['counter'] >= 1000) $row['counter'] = number_format($row['counter'], 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
$LANG_USERCP_ATTACHMENTS_ATTACHMENTINFO = $lang->get('LANG_USERCP_ATTACHMENTS_ATTACHMENTINFO', array('$attachmentname' => $row['attachmentname'], '$attachmentextension' => $row['attachmentextension'], '$attachmentsize' => $attachmentsize, '$counter' => $row['counter']));
eval("\$attachmentbit .= \"".$tpl->get("usercp_attachmentbit")."\";");
}
eval("\$tpl->output(\"".$tpl->get("usercp_attachments")."\");");
}
/** delete attachments **/
if ($action == 'del_attachments') {
if (isset($_POST['attachmentids']) && is_array($_POST['attachmentids'])) $attachmentids = implode(',', intval_array($_POST['attachmentids']));
else $attachmentids = '';
if ($attachmentids != '') {
$moderatorInfos = array();
$result = $db->query("SELECT *, userid as moderatorid FROM bb".$n."_moderators WHERE userid='$wbbuserdata[userid]'");
while ($row = $db->fetch_array($result)) $moderatorInfos[$row['boardid']] = $row;
$result = $db->query("SELECT at.attachmentid, at.attachmentextension, at.thumbnailextension, ".
"t.threadid, t.boardid, t.closed ".
"FROM bb".$n."_attachments at ".
"LEFT JOIN bb".$n."_posts p USING (postid) ".
"LEFT JOIN bb".$n."_threads t USING (threadid) ".
"WHERE at.attachmentid IN ($attachmentids) AND at.userid='$wbbuserdata[userid]' AND at.privatemessageid='0'");
$attachmentids = '';
while ($row = $db->fetch_array($result)) {
$ismod = 0;
if (checkmodpermissions('m_can_post_edit', $moderatorInfos[$row['boardid']]) == 1) $ismod = 1;
if (!checkpermissions("can_enter_board", $wbbuserdata['permissions'][$row['boardid']])) continue;
if ($ismod == 0 && ($row['closed'] == 1 || !checkpermissions('can_edit_own_post', $wbbuserdata['permissions'][$row['boardid']]))) continue;
if ($ismod == 0 && ($wbbuserdata['edit_posttime_limit'] != -1 && (time() - $row['posttime']) > $wbbuserdata['edit_posttime_limit'] * 60)) continue;
$attachmentids .= ",$row[attachmentid]";
@unlink('./attachments/attachment-'.$row['attachmentid'].'.'.$row['attac
hmentextension']);
@unlink('./attachments/thumbnail-'.$row['attachmentid'].'.'.$row['thumbn
ailextension']);
}
$result = $db->unbuffered_query("DELETE FROM bb".$n."_attachments WHERE attachmentid IN (0$attachmentids) AND userid='$wbbuserdata[userid]' AND privatemessageid=0");
}
header("Location: usercp.php?action=attachments{$SID_ARG_2ND}");
exit;
}
?>
|
|
|
|
|
|
|
|
16.04.2008 20:16 |
|
|
|
|
|
|