| [Top level directory] [Classes] [Functions] [Constants] [Variables] |
XMB Open Source Forum Software - PHP Cross Reference |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * eXtreme Message Board 4 * XMB 1.9.11 5 * 6 * Developed And Maintained By The XMB Group 7 * Copyright (c) 2001-2010, The XMB Group 8 * http://www.xmbforum.com 9 * 10 * Sponsored By iEntry, Inc. 11 * http://www.ientry.com 12 * 13 * This program is free software; you can redistribute it and/or 14 * modify it under the terms of the GNU General Public License 15 * as published by the Free Software Foundation; either version 2 16 * of the License, or (at your option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 * GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License 24 * along with this program. If not, see <http://www.gnu.org/licenses/>. 25 * 26 **/ 27 28 define('X_SCRIPT', 'memcp.php'); 29 30 require 'header.php'; 31 32 header('X-Robots-Tag: noindex'); 33 34 loadtemplates( 35 'buddylist_buddy_offline', 36 'buddylist_buddy_online', 37 'memcp_favs', 38 'memcp_favs_button', 39 'memcp_favs_none', 40 'memcp_favs_row', 41 'memcp_home', 42 'memcp_home_favs_none', 43 'memcp_home_favs_row', 44 'memcp_home_u2u_none', 45 'memcp_home_u2u_row', 46 'memcp_profile', 47 'memcp_profile_avatarlist', 48 'memcp_profile_avatarurl', 49 'memcp_subscriptions', 50 'memcp_subscriptions_button', 51 'memcp_subscriptions_multipage', 52 'memcp_subscriptions_none', 53 'memcp_subscriptions_row' 54 ); 55 56 smcwcache(); 57 58 eval('$css = "'.template('css').'";'); 59 60 $buddys = array(); 61 $favs = ''; 62 $footer = ''; 63 $header = ''; 64 $mempage = ''; 65 66 $action = postedVar('action', '', FALSE, FALSE, FALSE, 'g'); 67 switch($action) { 68 case 'profile': 69 nav('<a href="memcp.php">'.$lang['textusercp'].'</a>'); 70 nav($lang['texteditpro']); 71 break; 72 case 'subscriptions': 73 nav('<a href="memcp.php">'.$lang['textusercp'].'</a>'); 74 nav($lang['textsubscriptions']); 75 break; 76 case 'favorites': 77 nav('<a href="memcp.php">'.$lang['textusercp'].'</a>'); 78 nav($lang['textfavorites']); 79 break; 80 default: 81 nav($lang['textusercp']); 82 break; 83 } 84 85 function makenav($current) { 86 global $THEME, $bordercolor, $tablewidth, $altbg1, $altbg2, $lang; 87 88 $output = 89 '<table cellpadding="0" cellspacing="0" border="0" bgcolor="'.$bordercolor.'" width="'.$tablewidth.'" align="center"><tr><td> 90 <table cellpadding="4" cellspacing="'.$THEME['borderwidth'].'" border="0" width="100%"> 91 <tr align="center" class="tablerow">'; 92 93 if ($current == '') { 94 $output .= "<td bgcolor=\"$altbg1\" width=\"15%\" class=\"ctrtablerow\">" .$lang['textmyhome']. "</td>"; 95 } else { 96 $output .= "<td bgcolor=\"$altbg2\" width=\"15%\" class=\"ctrtablerow\"><a href=\"memcp.php\">" .$lang['textmyhome']. "</a></td>"; 97 } 98 99 if ($current == 'profile') { 100 $output .= "<td bgcolor=\"$altbg1\" width=\"15%\" class=\"ctrtablerow\">" .$lang['texteditpro']. "</td>"; 101 } else { 102 $output .= "<td bgcolor=\"$altbg2\" width=\"15%\" class=\"ctrtablerow\"><a href=\"memcp.php?action=profile\">" .$lang['texteditpro']. "</a></td>"; 103 } 104 105 if ($current == 'subscriptions') { 106 $output .= "<td bgcolor=\"$altbg1\" width=\"15%\" class=\"ctrtablerow\">" .$lang['textsubscriptions']. "</td>"; 107 } else { 108 $output .= "<td bgcolor=\"$altbg2\" width=\"15%\" class=\"ctrtablerow\"><a href=\"memcp.php?action=subscriptions\">" .$lang['textsubscriptions']. "</a></td>"; 109 } 110 111 if ($current == 'favorites') { 112 $output .= "<td bgcolor=\"$altbg1\" width=\"15%\" class=\"ctrtablerow\">" .$lang['textfavorites']. "</td>"; 113 } else { 114 $output .= "<td bgcolor=\"$altbg2\" width=\"15%\" class=\"ctrtablerow\"><a href=\"memcp.php?action=favorites\">" .$lang['textfavorites']. "</a></td>"; 115 } 116 117 $output .= "<td bgcolor=\"$altbg2\" width=\"20%\" class=\"ctrtablerow\"><a href=\"u2u.php\" onclick=\"Popup(this.href, 'Window', 700, 450); return false;\">" .$lang['textu2umessenger']. "</a></td>"; 118 $output .= "<td bgcolor=\"$altbg2\" width=\"15%\" class=\"ctrtablerow\"><a href=\"buddy.php\" onclick=\"Popup(this.href, 'Window', 450, 400); return false;\">" .$lang['textbuddylist']. "</a></td>"; 119 $output .= "<td bgcolor=\"$altbg2\" width=\"10%\" class=\"ctrtablerow\"><a href=\"faq.php\">" .$lang['helpbar']. "</a></td>"; 120 $output .= 121 '</tr> 122 </table> 123 </td> 124 </tr> 125 </table> 126 <br />'; 127 128 return $output; 129 } 130 131 if (X_GUEST) { 132 redirect($full_url.'misc.php?action=login', 0); 133 exit(); 134 } 135 136 if ($action == 'profile') { 137 eval('$header = "'.template('header').'";'); 138 $header .= makenav($action); 139 140 if (noSubmit('editsubmit')) { 141 $member = $self; 142 143 $checked = ''; 144 if ($member['showemail'] == 'yes') { 145 $checked = $cheHTML; 146 } 147 148 $newschecked = ''; 149 if ($member['newsletter'] == 'yes') { 150 $newschecked = $cheHTML; 151 } 152 153 $uou2uchecked = ''; 154 if ($member['useoldu2u'] == 'yes') { 155 $uou2uchecked = $cheHTML; 156 } 157 158 $ogu2uchecked = ''; 159 if ($member['saveogu2u'] == 'yes') { 160 $ogu2uchecked = $cheHTML; 161 } 162 163 $eouchecked = ''; 164 if ($member['emailonu2u'] == 'yes') { 165 $eouchecked = $cheHTML; 166 } 167 168 $invchecked = ''; 169 if ($member['invisible'] == 1) { 170 $invchecked = $cheHTML; 171 } 172 173 $currdate = gmdate($timecode, $onlinetime+ ($addtime * 3600)); 174 eval($lang['evaloffset']); 175 176 $timezone1 = $timezone2 = $timezone3 = $timezone4 = $timezone5 = $timezone6 = ''; 177 $timezone7 = $timezone8 = $timezone9 = $timezone10 = $timezone11 = $timezone12 = ''; 178 $timezone13 = $timezone14 = $timezone15 = $timezone16 = $timezone17 = $timezone18 = ''; 179 $timezone19 = $timezone20 = $timezone21 = $timezone22 = $timezone23 = $timezone24 = ''; 180 $timezone25 = $timezone26 = $timezone27 = $timezone28 = $timezone29 = $timezone30 = ''; 181 $timezone31 = $timezone32 = $timezone33 = ''; 182 switch($member['timeoffset']) { 183 case '-12.00': 184 $timezone1 = $selHTML; 185 break; 186 case '-11.00': 187 $timezone2 = $selHTML; 188 break; 189 case '-10.00': 190 $timezone3 = $selHTML; 191 break; 192 case '-9.00': 193 $timezone4 = $selHTML; 194 break; 195 case '-8.00': 196 $timezone5 = $selHTML; 197 break; 198 case '-7.00': 199 $timezone6 = $selHTML; 200 break; 201 case '-6.00': 202 $timezone7 = $selHTML; 203 break; 204 case '-5.00': 205 $timezone8 = $selHTML; 206 break; 207 case '-4.00': 208 $timezone9 = $selHTML; 209 break; 210 case '-3.50': 211 $timezone10 = $selHTML; 212 break; 213 case '-3.00': 214 $timezone11 = $selHTML; 215 break; 216 case '-2.00': 217 $timezone12 = $selHTML; 218 break; 219 case '-1.00': 220 $timezone13 = $selHTML; 221 break; 222 case '1.00': 223 $timezone15 = $selHTML; 224 break; 225 case '2.00': 226 $timezone16 = $selHTML; 227 break; 228 case '3.00': 229 $timezone17 = $selHTML; 230 break; 231 case '3.50': 232 $timezone18 = $selHTML; 233 break; 234 case '4.00': 235 $timezone19 = $selHTML; 236 break; 237 case '4.50': 238 $timezone20 = $selHTML; 239 break; 240 case '5.00': 241 $timezone21 = $selHTML; 242 break; 243 case '5.50': 244 $timezone22 = $selHTML; 245 break; 246 case '5.75': 247 $timezone23 = $selHTML; 248 break; 249 case '6.00': 250 $timezone24 = $selHTML; 251 break; 252 case '6.50': 253 $timezone25 = $selHTML; 254 break; 255 case '7.00': 256 $timezone26 = $selHTML; 257 break; 258 case '8.00': 259 $timezone27 = $selHTML; 260 break; 261 case '9.00': 262 $timezone28 = $selHTML; 263 break; 264 case '9.50': 265 $timezone29 = $selHTML; 266 break; 267 case '10.00': 268 $timezone30 = $selHTML; 269 break; 270 case '11.00': 271 $timezone31 = $selHTML; 272 break; 273 case '12.00': 274 $timezone32 = $selHTML; 275 break; 276 case '13.00': 277 $timezone33 = $selHTML; 278 break; 279 case '0.00': 280 default: 281 $timezone14 = $selHTML; 282 break; 283 } 284 285 $u2uasel0 = $u2uasel1 = $u2uasel2 = ''; 286 switch($member['u2ualert']) { 287 case 2: 288 $u2uasel2 = $selHTML; 289 break; 290 case 1: 291 $u2uasel1 = $selHTML; 292 break; 293 case 0: 294 default: 295 $u2uasel0 = $selHTML; 296 break; 297 } 298 299 $themelist = array(); 300 $themelist[] = '<select name="thememem">'; 301 $themelist[] = '<option value="0">'.$lang['textusedefault'].'</option>'; 302 $query = $db->query("SELECT themeid, name FROM ".X_PREFIX."themes ORDER BY name ASC"); 303 while($themeinfo = $db->fetch_array($query)) { 304 if ($themeinfo['themeid'] == $member['theme']) { 305 $themelist[] = '<option value="'.intval($themeinfo['themeid']).'" '.$selHTML.'>'.stripslashes($themeinfo['name']).'</option>'; 306 } else { 307 $themelist[] = '<option value="'.intval($themeinfo['themeid']).'">'.stripslashes($themeinfo['name']).'</option>'; 308 } 309 } 310 $themelist[] = '</select>'; 311 $themelist = implode("\n", $themelist); 312 $db->free_result($query); 313 314 $langfileselect = createLangFileSelect($member['langfile']); 315 316 $day = intval(substr($member['bday'], 8, 2)); 317 $month = intval(substr($member['bday'], 5, 2)); 318 $year = substr($member['bday'], 0, 4); 319 320 for($i = 0; $i <= 12; $i++) { 321 $sel[$i] = ''; 322 } 323 $sel[$month] = $selHTML; 324 325 $dayselect = array(); 326 $dayselect[] = '<select name="day">'; 327 $dayselect[] = '<option value=""> </option>'; 328 for($num = 1; $num <= 31; $num++) { 329 if ($day == $num) { 330 $dayselect[] = '<option value="'.$num.'" '.$selHTML.'>'.$num.'</option>'; 331 } else { 332 $dayselect[] = '<option value="'.$num.'">'.$num.'</option>'; 333 } 334 } 335 $dayselect[] = '</select>'; 336 $dayselect = implode("\n", $dayselect); 337 338 $check12 = $check24 = ''; 339 if ($member['timeformat'] == 24) { 340 $check24 = $cheHTML; 341 } else { 342 $check12 = $cheHTML; 343 } 344 345 if ($SETTINGS['sigbbcode'] == 'on') { 346 $bbcodeis = $lang['texton']; 347 } else { 348 $bbcodeis = $lang['textoff']; 349 } 350 351 if ($SETTINGS['sightml'] == 'on') { 352 $htmlis = $lang['texton']; 353 } else { 354 $htmlis = $lang['textoff']; 355 } 356 357 $avatar = ''; 358 if ($SETTINGS['avastatus'] == 'on') { 359 eval('$avatar = "'.template('memcp_profile_avatarurl').'";'); 360 } 361 362 if ($SETTINGS['avastatus'] == 'list') { 363 $avatars = '<option value="" />'.$lang['textnone'].'</option>'; 364 $dir1 = opendir(ROOT.'images/avatars'); 365 while($avFile = readdir($dir1)) { 366 if (is_file(ROOT.'images/avatars/'.$avFile) && $avFile != '.' && $avFile != '..' && $avFile != 'index.html') { 367 $avatars .= '<option value="./images/avatars/'.$avFile.'" />'.$avFile.'</option>'; 368 } 369 } 370 $avatars = str_replace('value="'.$member['avatar'].'"', 'value="'.$member['avatar'].'" selected="selected"', $avatars); 371 $avatarbox = '<select name="newavatar" onchange="document.images.avatarpic.src=this[this.selectedIndex].value;">'.$avatars.'</select>'; 372 eval('$avatar = "'.template('memcp_profile_avatarlist').'";'); 373 closedir($dir1); 374 } 375 376 $member['icq'] = ($member['icq'] > 0) ? $member['icq'] : ''; 377 eval('$mempage = "'.template('memcp_profile').'";'); 378 } 379 380 if (onSubmit('editsubmit')) { 381 if ($_POST['newpassword'] != '' || $_POST['newpasswordcf'] != '') { 382 if (!isset($_POST['oldpassword'])) { 383 error($lang['textpwincorrect']); 384 } 385 if (!elevateUser($xmbuser, md5($_POST['oldpassword']))) { 386 error($lang['textpwincorrect']); 387 } 388 if ($_POST['newpassword'] != $_POST['newpasswordcf']) { 389 error($lang['pwnomatch']); 390 } 391 392 $newpassword = md5($_POST['newpassword']); 393 394 $pwtxt = "password='$newpassword',"; 395 396 $query = $db->query("DELETE FROM ".X_PREFIX."whosonline WHERE username='$xmbuser'"); 397 398 put_cookie("xmbuser", '', 0, $cookiepath, $cookiedomain); 399 put_cookie("xmbpw", '', 0, $cookiepath, $cookiedomain); 400 401 foreach($_COOKIE as $key=>$val) { 402 if (preg_match('#^fidpw([0-9]+)$#', $key)) { 403 put_cookie($key, '', 0, $cookiepath, $cookiedomain); 404 } 405 } 406 } else { 407 $pwtxt = ''; 408 } 409 410 $langfilenew = postedVar('langfilenew'); 411 $result = $db->query("SELECT devname FROM ".X_PREFIX."lang_base WHERE devname='$langfilenew'"); 412 if ($db->num_rows($result) == 0) { 413 $langfilenew = $SETTINGS['langfile']; 414 } 415 416 $timeoffset1 = isset($_POST['timeoffset1']) && is_numeric($_POST['timeoffset1']) ? $_POST['timeoffset1'] : 0; 417 $thememem = formInt('thememem'); 418 $tppnew = isset($_POST['tppnew']) ? (int) $_POST['tppnew'] : $SETTINGS['topicperpage']; 419 $pppnew = isset($_POST['pppnew']) ? (int) $_POST['pppnew'] : $SETTINGS['postperpage']; 420 421 $dateformatnew = postedVar('dateformatnew', '', FALSE, TRUE); 422 $dateformattest = attrOut($dateformatnew, 'javascript'); // NEVER allow attribute-special data in the date format because it can be unescaped using the date() parser. 423 if (strlen($dateformatnew) == 0 Or $dateformatnew != $dateformattest) { 424 $dateformatnew = $SETTINGS['dateformat']; 425 } 426 unset($dateformattest); 427 428 $timeformatnew = formInt('timeformatnew'); 429 if ($timeformatnew != 12 And $timeformatnew != 24) { 430 $timeformatnew = $SETTINGS['timeformat']; 431 } 432 433 $saveogu2u = formYesNo('saveogu2u'); 434 $emailonu2u = formYesNo('emailonu2u'); 435 $useoldu2u = formYesNo('useoldu2u'); 436 $invisible = formInt('newinv'); 437 $showemail = formYesNo('newshowemail'); 438 $newsletter = formYesNo('newnewsletter'); 439 $u2ualert = formInt('u2ualert'); 440 $year = formInt('year'); 441 $month = formInt('month'); 442 $day = formInt('day'); 443 $bday = iso8601_date($year, $month, $day); 444 $location = postedVar('newlocation', 'javascript', TRUE, TRUE, TRUE); 445 $icq = postedVar('newicq', '', FALSE, FALSE); 446 $icq = ($icq && is_numeric($icq) && $icq > 0) ? $icq : 0; 447 $yahoo = postedVar('newyahoo', 'javascript', TRUE, TRUE, TRUE); 448 $aim = postedVar('newaim', 'javascript', TRUE, TRUE, TRUE); 449 $msn = postedVar('newmsn', 'javascript', TRUE, TRUE, TRUE); 450 $email = postedVar('newemail', 'javascript', TRUE, TRUE, TRUE); 451 $site = postedVar('newsite', 'javascript', TRUE, TRUE, TRUE); 452 $bio = postedVar('newbio', 'javascript', TRUE, TRUE, TRUE); 453 $mood = postedVar('newmood', 'javascript', TRUE, TRUE, TRUE); 454 $sig = postedVar('newsig', 'javascript', ($SETTINGS['sightml']=='off'), TRUE, TRUE); 455 456 if ($email != $db->escape_var($self['email'])) { 457 if ($SETTINGS['doublee'] == 'off' && false !== strpos($email, "@")) { 458 $query = $db->query("SELECT COUNT(uid) FROM ".X_PREFIX."members WHERE email = '$email' AND username != '$xmbuser'"); 459 $count1 = $db->result($query,0); 460 $db->free_result($query); 461 if ($count1 != 0) { 462 error($lang['alreadyreg']); 463 } 464 } 465 466 $efail = false; 467 $query = $db->query("SELECT * FROM ".X_PREFIX."restricted"); 468 while($restriction = $db->fetch_array($query)) { 469 $t_email = $email; 470 if ($restriction['case_sensitivity'] == 0) { 471 $t_email = strtolower($t_email); 472 $restriction['name'] = strtolower($restriction['name']); 473 } 474 475 if ($restriction['partial'] == 1) { 476 if (strpos($t_email, $restriction['name']) !== false) { 477 $efail = true; 478 } 479 } else { 480 if ($t_email == $restriction['name']) { 481 $efail = true; 482 } 483 } 484 } 485 $db->free_result($query); 486 487 if ($efail) { 488 error($lang['emailrestricted']); 489 } 490 491 require ROOT.'include/validate-email.inc.php'; 492 $test = new EmailAddressValidator(); 493 $rawemail = postedVar('newemail', '', FALSE, FALSE); 494 if (false === $test->check_email_address($rawemail)) { 495 error($lang['bademail']); 496 } 497 } 498 499 if ($SETTINGS['resetsigs'] == 'on') { 500 if (strlen(trim($self['sig'])) == 0) { 501 if (strlen($sig) > 0) { 502 $db->query("UPDATE ".X_PREFIX."posts SET usesig='yes' WHERE author='$xmbuser'"); 503 } 504 } else { 505 if (strlen(trim($sig)) == 0) { 506 $db->query("UPDATE ".X_PREFIX."posts SET usesig='no' WHERE author='$xmbuser'"); 507 } 508 } 509 } 510 511 if ($SETTINGS['avastatus'] == 'on') { 512 $avatar = postedVar('newavatar', 'javascript', TRUE, TRUE, TRUE); 513 $rawavatar = postedVar('newavatar', '', FALSE, FALSE); 514 515 $newavatarcheck = postedVar('newavatarcheck'); 516 517 $max_size = explode('x', $SETTINGS['max_avatar_size']); 518 519 if (preg_match('#^(http|ftp)://[:a-z\\./_\-0-9%~]+(\?[a-z=0-9&_\-;~]*)?$#Smi', $rawavatar) == 0) { 520 $avatar = ''; 521 } elseif (ini_get('allow_url_fopen')) { 522 if ($max_size[0] > 0 And $max_size[1] > 0 And strlen($rawavatar) > 0) { 523 $size = @getimagesize($rawavatar); 524 if ($size === FALSE) { 525 $avatar = ''; 526 } elseif ((($size[0] > $max_size[0] && $max_size[0] > 0) || ($size[1] > $max_size[1] && $max_size[1] > 0)) && !X_SADMIN) { 527 error($lang['avatar_too_big'] . $SETTINGS['max_avatar_size'] . 'px'); 528 } 529 } 530 } elseif ($newavatarcheck == "no") { 531 $avatar = ''; 532 } 533 unset($rawavatar); 534 } elseif ($SETTINGS['avastatus'] == 'list') { 535 $rawavatar = postedVar('newavatar', '', FALSE, FALSE); 536 $dirHandle = opendir(ROOT.'images/avatars'); 537 $filefound = FALSE; 538 while($avFile = readdir($dirHandle)) { 539 if ($rawavatar == './images/avatars/'.$avFile) { 540 if (is_file(ROOT.'images/avatars/'.$avFile) && $avFile != '.' && $avFile != '..' && $avFile != 'index.html') { 541 $filefound = TRUE; 542 } 543 } 544 } 545 closedir($dirHandle); 546 unset($rawavatar); 547 if ($filefound) { 548 $avatar = postedVar('newavatar', 'javascript', TRUE, TRUE, TRUE); 549 } else { 550 $avatar = ''; 551 } 552 } else { 553 $avatar = ''; 554 } 555 556 $db->query("UPDATE ".X_PREFIX."members SET $pwtxt email='$email', site='$site', aim='$aim', location='$location', bio='$bio', sig='$sig', showemail='$showemail', timeoffset='$timeoffset1', icq='$icq', avatar='$avatar', yahoo='$yahoo', theme='$thememem', bday='$bday', langfile='$langfilenew', tpp='$tppnew', ppp='$pppnew', newsletter='$newsletter', timeformat='$timeformatnew', msn='$msn', dateformat='$dateformatnew', mood='$mood', invisible='$invisible', saveogu2u='$saveogu2u', emailonu2u='$emailonu2u', useoldu2u='$useoldu2u', u2ualert=$u2ualert WHERE username='$xmbuser'"); 557 558 message($lang['usercpeditpromsg'], TRUE, '', '', $full_url.'memcp.php', true, false, true); 559 } 560 } else if ($action == 'favorites') { 561 eval('$header = "'.template('header').'";'); 562 $header .= makenav($action); 563 564 $favadd = getInt('favadd'); 565 if (noSubmit('favsubmit') && $favadd) { 566 if ($favadd == 0) { 567 error($lang['generic_missing']); 568 } 569 570 $query = $db->query("SELECT fid FROM ".X_PREFIX."threads WHERE tid=$favadd"); 571 if ($db->num_rows($query) == 0) { 572 error($lang['privforummsg']); 573 } 574 $row = $db->fetch_array($query); 575 $forum = getForum($row['fid']); 576 $perms = checkForumPermissions($forum); 577 if (!($perms[X_PERMS_VIEW] && $perms[X_PERMS_PASSWORD])) { 578 error($lang['privforummsg']); 579 } 580 if ($forum['type'] == 'sub') { 581 $perms = checkForumPermissions(getForum($forum['fup'])); 582 if (!($perms[X_PERMS_VIEW] && $perms[X_PERMS_PASSWORD])) { 583 error($lang['privforummsg']); 584 } 585 } 586 587 $query = $db->query("SELECT tid FROM ".X_PREFIX."favorites WHERE tid=$favadd AND username='$xmbuser' AND type='favorite'"); 588 $favthread = $db->fetch_array($query); 589 $db->free_result($query); 590 591 if ($favthread) { 592 error($lang['favonlistmsg']); 593 } 594 595 $db->query("INSERT INTO ".X_PREFIX."favorites (tid, username, type) VALUES ($favadd, '$xmbuser', 'favorite')"); 596 message($lang['favaddedmsg'], TRUE, '', '', $full_url.'memcp.php?action=favorites', true, false, true); 597 } 598 599 if (!$favadd && noSubmit('favsubmit')) { 600 $favnum = 0; 601 $favs = ''; 602 $fids = permittedForums(forumCache(), 'thread', 'csv'); 603 if (strlen($fids) != 0) { 604 $query = $db->query("SELECT f.*, t.fid, t.icon, t.lastpost, t.subject, t.replies FROM ".X_PREFIX."favorites f INNER JOIN ".X_PREFIX."threads t USING (tid) WHERE f.username='$xmbuser' AND f.type='favorite' AND t.fid IN ($fids) ORDER BY t.lastpost DESC"); 605 $tmOffset = ($timeoffset * 3600) + ($addtime * 3600); 606 while($fav = $db->fetch_array($query)) { 607 $forum = getForum($fav['fid']); 608 $forum['name'] = fnameOut($forum['name']); 609 610 $lastpost = explode('|', $fav['lastpost']); 611 $dalast = $lastpost[0]; 612 $lastpost[1] = '<a href="member.php?action=viewpro&member='.recodeOut($lastpost[1]).'">'.$lastpost[1].'</a>'; 613 $lastreplydate = gmdate($dateformat, $lastpost[0] + $tmOffset); 614 $lastreplytime = gmdate($timecode, $lastpost[0] + $tmOffset); 615 $lastpost = $lang['lastreply1'].' '.$lastreplydate.' '.$lang['textat'].' '.$lastreplytime.' '.$lang['textby'].' '.$lastpost[1]; 616 $fav['subject'] = rawHTMLsubject(stripslashes($fav['subject'])); 617 618 if ($fav['icon'] != '') { 619 $fav['icon'] = '<img src="'.$smdir.'/'.$fav['icon'].'" alt="" border="0" />'; 620 } else { 621 $fav['icon'] = ''; 622 } 623 624 $favnum++; 625 eval('$favs .= "'.template('memcp_favs_row').'";'); 626 } 627 $db->free_result($query); 628 } 629 630 $favsbtn = ''; 631 if ($favnum != 0) { 632 eval('$favsbtn = "'.template('memcp_favs_button').'";'); 633 } 634 635 if ($favnum == 0) { 636 eval('$favs = "'.template('memcp_favs_none').'";'); 637 } 638 eval('$mempage = "'.template('memcp_favs').'";'); 639 } 640 641 if (!$favadd && onSubmit('favsubmit')) { 642 $query = $db->query("SELECT tid FROM ".X_PREFIX."favorites WHERE username='$xmbuser' AND type='favorite'"); 643 $tids = array(); 644 while($fav = $db->fetch_array($query)) { 645 $delete = formInt('delete'.$fav['tid']); 646 if ($delete == intval($fav['tid'])) { 647 $tids[] = $delete; 648 } 649 } 650 $db->free_result($query); 651 if (count($tids) > 0) { 652 $tids = implode(', ', $tids); 653 $db->query("DELETE FROM ".X_PREFIX."favorites WHERE username='$xmbuser' AND tid IN ($tids) AND type='favorite'"); 654 } 655 message($lang['favsdeletedmsg'], TRUE, '', '', $full_url.'memcp.php?action=favorites', true, false, true); 656 } 657 } else if ($action == 'subscriptions') { 658 $subadd = getInt('subadd'); 659 if (!$subadd && noSubmit('subsubmit')) { 660 $num = $db->result($db->query("SELECT COUNT(*) FROM ".X_PREFIX."favorites WHERE username='$xmbuser' AND type='subscription'"), 0); 661 $mpage = multipage($num, $tpp, 'memcp.php?action=subscriptions'); 662 $multipage =& $mpage['html']; 663 if (strlen($mpage['html']) != 0) { 664 eval('$multipage = "'.template('memcp_subscriptions_multipage').'";'); 665 } 666 667 eval('$header = "'.template('header').'";'); 668 $header .= makenav($action); 669 670 $query = $db->query("SELECT f.*, t.fid, t.icon, t.lastpost, t.subject, t.replies FROM ".X_PREFIX."favorites f INNER JOIN ".X_PREFIX."threads t USING (tid) WHERE f.username='$xmbuser' AND f.type='subscription' ORDER BY t.lastpost DESC LIMIT {$mpage['start']}, $tpp"); 671 $subnum = 0; 672 $subscriptions = ''; 673 $tmOffset = ($timeoffset * 3600) + ($addtime * 3600); 674 while($fav = $db->fetch_array($query)) { 675 $forum = getForum($fav['fid']); 676 $forum['name'] = fnameOut($forum['name']); 677 678 $lastpost = explode('|', $fav['lastpost']); 679 $dalast = $lastpost[0]; 680 $lastpost['1'] = '<a href="member.php?action=viewpro&member='.recodeOut($lastpost[1]).'">'.$lastpost[1].'</a>'; 681 $lastreplydate = gmdate($dateformat, $lastpost[0] + $tmOffset); 682 $lastreplytime = gmdate($timecode, $lastpost[0] + $tmOffset); 683 $lastpost = $lang['lastreply1'].' '.$lastreplydate.' '.$lang['textat'].' '.$lastreplytime.' '.$lang['textby'].' '.$lastpost[1]; 684 $fav['subject'] = rawHTMLsubject(stripslashes($fav['subject'])); 685 686 if ($fav['icon'] != '') { 687 $fav['icon'] = '<img src="'.$smdir.'/'.$fav['icon'].'" alt="" border="0" />'; 688 } else { 689 $fav['icon'] = ''; 690 } 691 $subnum++; 692 eval('$subscriptions .= "'.template('memcp_subscriptions_row').'";'); 693 } 694 695 $subsbtn = ''; 696 if ($subnum != 0) { 697 eval('$subsbtn = "'.template('memcp_subscriptions_button').'";'); 698 } 699 700 if ($subnum == 0) { 701 eval('$subscriptions = "'.template('memcp_subscriptions_none').'";'); 702 } 703 $db->free_result($query); 704 eval('$mempage = "'.template('memcp_subscriptions').'";'); 705 } else if ($subadd && noSubmit('subsubmit')) { 706 $query = $db->query("SELECT COUNT(tid) FROM ".X_PREFIX."favorites WHERE tid='$subadd' AND username='$xmbuser' AND type='subscription'"); 707 if ($db->result($query,0) == 1) { 708 $db->free_result($query); 709 error($lang['subonlistmsg'], TRUE); 710 } else { 711 $db->query("INSERT INTO ".X_PREFIX."favorites (tid, username, type) VALUES ('$subadd', '$xmbuser', 'subscription')"); 712 message($lang['subaddedmsg'], TRUE, '', '', $full_url.'memcp.php?action=subscriptions', true, false, true); 713 } 714 } else if (!$subadd && onSubmit('subsubmit')) { 715 $query = $db->query("SELECT tid FROM ".X_PREFIX."favorites WHERE username='$xmbuser' AND type='subscription'"); 716 $tids = array(); 717 while($sub = $db->fetch_array($query)) { 718 $delete = formInt('delete'.$sub['tid']); 719 if ($delete == intval($sub['tid'])) { 720 $tids[] = $delete; 721 } 722 } 723 $db->free_result($query); 724 if (count($tids) > 0) { 725 $tids = implode(', ', $tids); 726 $db->query("DELETE FROM ".X_PREFIX."favorites WHERE username='$xmbuser' AND tid IN ($tids) AND type='subscription'"); 727 } 728 message($lang['subsdeletedmsg'], TRUE, '', '', $full_url.'memcp.php?action=subscriptions', true, false, true); 729 } 730 } else { 731 eval('$header = "'.template('header').'";'); 732 eval($lang['evalusercpwelcome']); 733 $header .= makenav($action); 734 735 $q = $db->query("SELECT b.buddyname, m.invisible, m.username, m.lastvisit FROM ".X_PREFIX."buddys b LEFT JOIN ".X_PREFIX."members m ON (b.buddyname=m.username) WHERE b.username='$xmbuser'"); 736 $buddys = array(); 737 $buddys['offline'] = ''; 738 $buddys['online'] = ''; 739 while($buddy = $db->fetch_array($q)) { 740 $recodename = recodeOut($buddy['buddyname']); 741 if ($onlinetime - (int)$buddy['lastvisit'] <= X_ONLINE_TIMER) { 742 if ($buddy['invisible'] == 1) { 743 if (!X_ADMIN) { 744 eval('$buddys["offline"] .= "'.template('buddylist_buddy_offline').'";'); 745 continue; 746 } else { 747 $buddystatus = $lang['hidden']; 748 } 749 } else { 750 $buddystatus = $lang['textonline']; 751 } 752 eval('$buddys["online"] .= "'.template('buddylist_buddy_online').'";'); 753 } else { 754 eval('$buddys["offline"] .= "'.template('buddylist_buddy_offline').'";'); 755 } 756 } 757 $db->free_result($q); 758 759 $query = $db->query("SELECT * FROM ".X_PREFIX."members WHERE username='$xmbuser'"); 760 $member = $db->fetch_array($query); 761 $db->free_result($query); 762 763 if ($member['avatar'] == '') { 764 $member['avatar'] = ''; 765 } else { 766 $member['avatar'] = '<img src="'.$member['avatar'].'" border="0" alt="'.$lang['altavatar'].'" />'; 767 } 768 769 if ($member['mood'] != '') { 770 $member['mood'] = postify($member['mood'], 'no', 'no', 'yes', 'no', 'yes', 'no', true, 'yes'); 771 } else { 772 $member['mood'] = ''; 773 } 774 775 $u2uquery = $db->query("SELECT * FROM ".X_PREFIX."u2u WHERE owner='$xmbuser' AND folder='Inbox' ORDER BY dateline DESC LIMIT 0, 5"); 776 $u2unum = $db->num_rows($u2uquery); 777 $messages = ''; 778 $tmOffset = ($timeoffset * 3600) + ($addtime * 3600); 779 while($message = $db->fetch_array($u2uquery)) { 780 $postdate = gmdate($dateformat, $message['dateline'] + $tmOffset); 781 $posttime = gmdate($timecode, $message['dateline'] + $tmOffset); 782 $senton = $postdate.' '.$lang['textat'].' '.$posttime; 783 784 $message['subject'] = rawHTMLsubject(stripslashes($message['subject'])); 785 if ($message['subject'] == '') { 786 $message['subject'] = '«'.$lang['textnosub'].'»'; 787 } 788 789 if ($message['readstatus'] == 'yes') { 790 $read = $lang['textread']; 791 } else { 792 $read = $lang['textunread']; 793 } 794 eval('$messages .= "'.template('memcp_home_u2u_row').'";'); 795 } 796 797 if ($u2unum == 0) { 798 eval('$messages = "'.template('memcp_home_u2u_none').'";'); 799 } 800 $db->free_result($u2uquery); 801 802 $favnum = 0; 803 $favs = ''; 804 $fids = permittedForums(forumCache(), 'thread', 'csv'); 805 if (strlen($fids) != 0) { 806 $query2 = $db->query("SELECT t.tid, t.fid, t.lastpost, t.subject, t.icon, t.replies FROM ".X_PREFIX."favorites f INNER JOIN ".X_PREFIX."threads t USING (tid) WHERE f.username='$xmbuser' AND f.type='favorite' AND t.fid IN ($fids) ORDER BY t.lastpost DESC LIMIT 0,5"); 807 $favnum = $db->num_rows($query2); 808 $tmOffset = ($timeoffset * 3600) + ($addtime * 3600); 809 while($fav = $db->fetch_array($query2)) { 810 $forum = getForum($fav['fid']); 811 $forum['name'] = fnameOut($forum['name']); 812 813 $lastpost = explode('|', $fav['lastpost']); 814 $dalast = $lastpost[0]; 815 $lastpost[1] = '<a href="member.php?action=viewpro&member='.recodeOut($lastpost[1]).'">'.$lastpost[1].'</a>'; 816 $lastreplydate = gmdate($dateformat, $lastpost[0] + $tmOffset); 817 $lastreplytime = gmdate($timecode, $lastpost[0] + $tmOffset); 818 $lastpost = $lang['lastreply1'].' '.$lastreplydate.' '.$lang['textat'].' '.$lastreplytime.' '.$lang['textby'].' '.$lastpost[1]; 819 $fav['subject'] = rawHTMLsubject(stripslashes($fav['subject'])); 820 821 if ($fav['icon'] != '') { 822 $fav['icon'] = '<img src="'.$smdir.'/'.$fav['icon'].'" alt="" border="0" />'; 823 } else { 824 $fav['icon'] = ''; 825 } 826 eval('$favs .= "'.template('memcp_home_favs_row').'";'); 827 } 828 $db->free_result($query2); 829 } 830 831 if ($favnum == 0) { 832 eval('$favs = "'.template('memcp_home_favs_none').'";'); 833 } 834 eval('$mempage = "'.template('memcp_home').'";'); 835 } 836 837 end_time(); 838 eval('$footer = "'.template('footer').'";'); 839 echo $header, $mempage, $footer; 840 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Jan 26 20:11:23 2010 | Home | Forum | Download | SVN | Bug Tracker | Documentation | Cross-referenced by PHPXref 0.7 |