makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-09 12:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Updates for altered permission/sessions/etc.

Browse source 
git-svn-id: file:///svn/phpbb/trunk@2670 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2002-07-14 14:41:35 +00:00
parent 044f82dbd7
commit 53a03e33bc
3 changed files with 145 additions and 169 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
phpBB/includes/usercp_email.php
View file

@ -36,9 +36,9 @@ else
message_die(GENERAL_MESSAGE, $lang['No_user_specified']);
}
if ( !$userdata['session_logged_in'] )
if ( $userdata['user_id'] == ANONYMOUS )
{
header('Location: ' . append_sid("login.$phpEx?redirect=profile.$phpEx&mode=email&" . POST_USERS_URL . "=$user_id", true));
header('Location: ' . "login.$phpEx$SID&redirect=profile.$phpEx&mode=email&" . POST_USERS_URL . "=$user_id");
exit;
}
@ -121,7 +121,7 @@ if ( $result = $db->sql_query($sql) )
$emailer->reset();
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
'META' => '<meta http-equiv="refresh" content="5;url=' . "index.$phpEx$SID" . '">')
);
$message = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
@ -156,7 +156,7 @@ if ( $result = $db->sql_query($sql) )
$template->assign_vars(array(
'USERNAME' => $username,
'S_POST_ACTION' => append_sid("profile.$phpEx?&amp;mode=email&amp;" . POST_USERS_URL . "=$user_id"),
'S_POST_ACTION' => "profile.$phpEx$SID&amp;mode=email&amp;" . POST_USERS_URL . "=$user_id",
'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'],
'L_RECIPIENT' => $lang['Recipient'],

240
phpBB/includes/usercp_register.php
View file

@ -23,7 +23,7 @@
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
die('Hacking attempt');
exit;
}
@ -36,7 +36,7 @@ function show_coppa()
global $template, $lang, $phpbb_root_path, $phpEx;
$template->set_filenames(array(
'body' => 'agreement.tpl')
'body' => 'agreement.html')
);
$template->assign_vars(array(
@ -46,11 +46,13 @@ function show_coppa()
"AGREE_UNDER_13" => $lang['Agree_under_13'],
'DO_NOT_AGREE' => $lang['Agree_not'],
"U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&amp;agreed=true"),
"U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&amp;agreed=true&amp;coppa=true"))
"U_AGREE_OVER13" => "profile.$phpEx$SID&amp;mode=register&amp;agreed=true",
"U_AGREE_UNDER13" => "profile.$phpEx$SID&amp;mode=register&amp;agreed=true&amp;coppa=true")
);
}
$template->pparse('body');
function update_user($mode)
{
}
//
@ -82,7 +84,7 @@ if (
{
include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
if ( $mode == 'editprofile' )
{
@ -275,6 +277,10 @@ if ( isset($HTTP_POST_VARS['submit']) )
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
}
else
{
$password = $userdata['user_password'];
}
//
// Do a ban check on this email address
@ -377,39 +383,72 @@ if ( isset($HTTP_POST_VARS['submit']) )
{
$avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local);
}
else
{
$avatar_sql = array('data' => '', 'type' => USER_AVATAR_NONE);
}
if ( !$error )
{
if ( $avatar_sql == '' )
if ( ( ( $mode == 'editprofile' && $userdata['user_level'] != ADMIN && $email != $current_email ) || ( $mode == 'register' || $coppa ) ) && ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN ) )
{
$avatar_sql = ( $mode == 'editprofile' ) ? '' : "'', " . USER_AVATAR_NONE;
$user_actkey = gen_rand_string(true);
$key_len = 54 - (strlen($server_url));
$key_len = ( $key_len > 6 ) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
$user_active = 0;
if ( $userdata['user_id'] != ANONYMOUS )
{
session_end($userdata['session_id'], $userdata['user_id']);
}
}
else
{
$user_active = 1;
$user_actkey = '';
}
$sql_ary = array(
'username' => $username,
'user_regdate' => time(),
'user_password' => $password,
'user_email' => $email,
'user_icq' => $icq,
'user_aim' => $aim,
'user_yim' => $yim,
'user_msnm' => $msn,
'user_website' => $website,
'user_occ' => $occupation,
'user_from' => $location,
'user_interests' => $interests,
'user_sig' => $signature,
'user_sig_bbcode_uid' => $signature_bbcode_uid,
'user_viewemail' => $viewemail,
'user_attachsig' => $attachsig,
'user_allowsmile' => $allowsmilies,
'user_allowhtml' => $allowhtml,
'user_allowbbcode' => $allowbbcode,
'user_allow_viewonline' => $allowviewonline,
'user_notify' => $notifyreply,
'user_notify_pm' => $notifypm,
'user_popup_pm' => $popuppm,
'user_avatar' => $avatar_sql['data'],
'user_avatar_type' => $avatar_sql['type'],
'user_timezone' => (float) $user_timezone,
'user_dateformat' => $user_dateformat,
'user_lang' => $user_lang,
'user_style' => $user_style,
'user_level' => 0,
'user_allow_pm' => 1,
'user_active' => $user_active,
'user_actkey' => $user_actkey
);
if ( $mode == 'editprofile' )
{
if ( $email != $current_email && ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN ) && $userdata['user_level'] != ADMIN )
{
$user_active = 0;
$user_actkey = gen_rand_string(true);
$key_len = 54 - (strlen($server_url));
$key_len = ($key_len > 6) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
if ( $userdata['session_logged_in'] )
{
session_end($userdata['session_id'], $userdata['user_id']);
}
}
else
{
$user_active = 1;
$user_actkey = '';
}
$sql = "UPDATE " . USERS_TABLE . "
SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_active = $user_active, user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . "
WHERE user_id = $user_id";
if ( !($result = $db->sql_query($sql)) )
if ( !($result = $db->sql_query_array('UPDATE ' . USERS_TABLE . ' SET WHERE user_id = ' . $user_id, &$sql_ary, BEGIN_TRANSACTION)) )
{
message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql);
}
@ -422,7 +461,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
$email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";
$email_headers = "From: " . $board_config['board_email'] . "\r\nReturn-Path: " . $board_config['board_email'] . "\r\n";
$emailer->use_template('user_activate', stripslashes($user_lang));
$emailer->email_address($email);
@ -439,89 +478,56 @@ if ( isset($HTTP_POST_VARS['submit']) )
$emailer->send();
$emailer->reset();
$message = $lang['Profile_updated_inactive'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
$message = $lang['Profile_updated_inactive'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . "index.$phpEx$SID" . '">', '</a>');
}
else
{
$message = $lang['Profile_updated'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
$message = $lang['Profile_updated'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . "index.$phpEx$SID" . '">', '</a>');
}
$template->assign_vars(array(
"META" => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
"META" => '<meta http-equiv="refresh" content="5;url=' . "index.$phpEx$SID" . '">')
);
message_die(GENERAL_MESSAGE, $message);
}
else
{
$sql = "SELECT MAX(user_id) AS total
FROM " . USERS_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
if ( !($row = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
$user_id = $row['total'] + 1;
$sql = "SELECT MAX(group_id) AS total
FROM " . GROUPS_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
if ( !($row = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
$group_id = $row['total'] + 1;
//
// Get current date
//
$sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_sig_bbcode_uid, user_avatar, user_avatar_type, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_timezone, user_dateformat, user_lang, user_style, user_level, user_allow_pm, user_active, user_actkey)
VALUES ($user_id, '" . str_replace("\'", "''", $username) . "', " . time() . ", '" . str_replace("\'", "''", $password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popuppm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
if ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa )
{
$user_actkey = gen_rand_string(true);
$key_len = 54 - (strlen($server_url));
$key_len = ( $key_len > 6 ) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
$sql .= "0, '" . str_replace("\'", "''", $user_actkey) . "')";
}
else
{
$sql .= "1, '')";
}
if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
if ( !($result = $db->sql_query_array('INSERT INTO ' . USERS_TABLE, &$sql_ary, BEGIN_TRANSACTION)) )
{
message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql);
}
$sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_name, group_description, group_single_user, group_moderator)
VALUES ($group_id, '', 'Personal User', 1, 0)";
$user_id = $db->sql_nextid();
$sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)
VALUES ('', 'Personal User', 1, 0)";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql);
}
$group_id = $db->sql_nextid();
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
VALUES ($user_id, $group_id, 0)";
if( !($result = $db->sql_query($sql, END_TRANSACTION)) )
if( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql);
}
$user_update_id = "UPDATE " . CONFIG_TABLE . " SET config_value = $user_id WHERE config_name = 'newest_user_id'";
$user_update_name = "UPDATE " . CONFIG_TABLE . " SET config_value = '$username' WHERE config_name = 'newest_username'";
$user_update_count = "UPDATE " . CONFIG_TABLE . " SET config_value = " . ($board_config['num_users'] + 1) . " WHERE config_name = 'num_users'";
if( !$db->sql_query($user_update_id) || !$db->sql_query($user_update_name) || !$db->sql_query($user_update_count) )
$user_update_id = "UPDATE " . CONFIG_TABLE . "
SET config_value = $user_id
WHERE config_name = 'newest_user_id'";
$user_update_name = "UPDATE " . CONFIG_TABLE . "
SET config_value = '$username'
WHERE config_name = 'newest_username'";
$user_update_count = "UPDATE " . CONFIG_TABLE . "
SET config_value = " . ($board_config['num_users'] + 1) . "
WHERE config_name = 'num_users'";
if( !$db->sql_query($user_update_id) ||
!$db->sql_query($user_update_name) ||
!$db->sql_query($user_update_count, END_TRANSACTION) )
{
message_die(GENERAL_ERROR, 'Could not update user count information!', '', __LINE__, __FILE__);
}
@ -614,7 +620,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
$emailer->reset();
}
$message = $message . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
$message = $message . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . "index.$phpEx$SID" . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
} // if mode == register
@ -709,7 +715,7 @@ if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
$avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? $HTTP_POST_VARS['avatarcategory'] : '';
$template->set_filenames(array(
'body' => 'profile_avatar_gallery.tpl')
'body' => 'profile_avatar_gallery.html')
);
$allowviewonline = !$allowviewonline;
@ -718,8 +724,6 @@ if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
}
else
{
include($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
if ( !isset($coppa) )
{
$coppa = FALSE;
@ -772,7 +776,7 @@ else
if ( $error )
{
$template->set_filenames(array(
'reg_header' => 'error_body.tpl')
'reg_header' => 'error_body.html')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
@ -781,20 +785,14 @@ else
}
$template->set_filenames(array(
'body' => 'profile_add_body.tpl')
'body' => 'profile_add_body.html')
);
if ( $mode == 'editprofile' )
{
$template->assign_block_vars('switch_edit_profile', array());
}
//
// Let's do an overall check for settings/versions which would prevent
// us from doing file uploads....
//
$ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
$form_enctype = ( @$ini_val('file_uploads') == '0' || strtolower(@$ini_val('file_uploads') == 'off') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';
$form_enctype = ( @ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads') == 'off') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @ini_get('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';
$template->assign_vars(array(
'USERNAME' => $username,
@ -834,7 +832,7 @@ else
'TIMEZONE_SELECT' => tz_select($user_timezone, 'timezone'),
'DATE_FORMAT' => $user_dateformat,
'HTML_STATUS' => $html_status,
'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'),
'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),
'SMILIES_STATUS' => $smilies_status,
'L_CURRENT_PASSWORD' => $lang['Current_password'],
@ -893,12 +891,15 @@ else
'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'],
'L_EMAIL_ADDRESS' => $lang['Email_address'],
'S_ALLOW_AVATAR_UPLOAD' => $board_config['allow_avatar_upload'],
'S_ALLOW_AVATAR_LOCAL' => $board_config['allow_avatar_local'],
'S_ALLOW_AVATAR_REMOTE' => $board_config['allow_avatar_remote'],
'S_PROFILE_EDIT' => ( $mode == 'editprofile' ) ? true : false,
'S_DISPLAY_AVATAR_BLOCK' => ( $userdata['user_allowavatar'] && ( $board_config['allow_avatar_upload'] || $board_config['allow_avatar_local'] || $board_config['allow_avatar_remote'] ) ) ? true : false,
'S_DISPLAY_AVATAR_UPLOAD' => ( $board_config['allow_avatar_upload'] && file_exists('./' . $board_config['avatar_path']) && $form_enctype != '' ) ? true : false,
'S_DISPLAY_AVATAR_URL' => ( $board_config['allow_avatar_upload'] && file_exists('./' . $board_config['avatar_path']) ) ? true : false,
'S_DISPLAY_AVATAR_REMOTE' => ( $board_config['allow_avatar_remote'] ) ? true : false,
'S_DISPLAY_AVATAR_GALLERY' => ( $board_config['allow_avatar_local'] && file_exists('./' . $board_config['avatar_gallery_path']) ) ? true : false,
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_FORM_ENCTYPE' => $form_enctype,
'S_PROFILE_ACTION' => append_sid("profile.$phpEx"))
'S_PROFILE_ACTION' => "profile.$phpEx$SID")
);
//
@ -906,33 +907,8 @@ else
// of the templates to 'fake' an IF...ELSE...ENDIF solution
// it works well :)
//
if ( $userdata['user_allowavatar'] && ( $board_config['allow_avatar_upload'] || $board_config['allow_avatar_local'] || $board_config['allow_avatar_remote'] ) )
{
$template->assign_block_vars('switch_avatar_block', array() );
if ( $board_config['allow_avatar_upload'] && file_exists('./' . $board_config['avatar_path']) )
{
if ( $form_enctype != '' )
{
$template->assign_block_vars('switch_avatar_block.switch_avatar_local_upload', array() );
}
$template->assign_block_vars('switch_avatar_block.switch_avatar_remote_upload', array() );
}
if ( $board_config['allow_avatar_remote'] )
{
$template->assign_block_vars('switch_avatar_block.switch_avatar_remote_link', array() );
}
if ( $board_config['allow_avatar_local'] && file_exists('./' . $board_config['avatar_gallery_path']) )
{
$template->assign_block_vars('switch_avatar_block.switch_avatar_local_gallery', array() );
}
}
}
$template->pparse('body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
?>
?>

66
phpBB/includes/usercp_viewprofile.php
View file

@ -23,23 +23,20 @@
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
die('Hacking attempt');
exit;
}
if ( empty($HTTP_GET_VARS[POST_USERS_URL]) || $HTTP_GET_VARS[POST_USERS_URL] == ANONYMOUS )
if ( empty($HTTP_GET_VARS['u']) || $HTTP_GET_VARS['u'] == ANONYMOUS )
{
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
message_die(MESSAGE, $lang['No_user_id_specified']);
}
$profiledata = get_userdata(intval($HTTP_GET_VARS[POST_USERS_URL]));
$profiledata = get_userdata(intval($HTTP_GET_VARS['u']));
$sql = "SELECT *
FROM " . RANKS_TABLE . "
ORDER BY rank_special, rank_min";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain ranks information', '', __LINE__, __FILE__, $sql);
}
$result = $db->sql_query($sql);
while ( $row = $db->sql_fetchrow($result) )
{
@ -51,7 +48,7 @@ $db->sql_freeresult($result);
// Output page header and profile_view template
//
$template->set_filenames(array(
'body' => 'profile_view_body.tpl')
'body' => 'profile_view_body.html')
);
make_jumpbox('viewforum.'.$phpEx);
@ -116,15 +113,11 @@ else
}
}
$temp_url = append_sid("privmsg.$phpEx?mode=post&amp;" . POST_USERS_URL . "=" . $profiledata['user_id']);
$pm_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['Send_private_message'] . '" title="' . $lang['Send_private_message'] . '" border="0" /></a>';
$pm = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>';
if ( !empty($profiledata['user_viewemail']) || $userdata['user_level'] == ADMIN )
if ( $profiledata['user_viewemail'] || $acl->get_acl_admin() )
{
$email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL .'=' . $profiledata['user_id']) : 'mailto:' . $profiledata['user_email'];
$email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&amp;mode=email&amp;u=" . $user_id : 'mailto:' . $profiledata['user_email'];
$email_img = '<a href="' . $email_uri . '"><img src="' . $images['icon_email'] . '" alt="' . $lang['Send_email'] . '" title="' . $lang['Send_email'] . '" border="0" /></a>';
$email_img = '<a href="' . $email_uri . '">' . create_img($theme['icon_email'], $lang['Send_email']) . '</a>';
$email = '<a href="' . $email_uri . '">' . $lang['Send_email'] . '</a>';
}
else
@ -133,33 +126,42 @@ else
$email = '&nbsp;';
}
$www_img = ( $profiledata['user_website'] ) ? '<a href="' . $profiledata['user_website'] . '" target="_userwww"><img src="' . $images['icon_www'] . '" alt="' . $lang['Visit_website'] . '" title="' . $lang['Visit_website'] . '" border="0" /></a>' : '&nbsp;';
$www = ( $profiledata['user_website'] ) ? '<a href="' . $profiledata['user_website'] . '" target="_userwww">' . $profiledata['user_website'] . '</a>' : '&nbsp;';
$temp_url = "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id";
$profile_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_profile'], $lang['Read_profile']) . '</a>';
$profile = '<a href="' . $temp_url . '">' . $lang['Read_profile'] . '</a>';
$temp_url = "privmsg.$phpEx$SID&amp;mode=post&amp;u=$user_id";
$pm_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_pm'], $lang['Send_private_message']) . '</a>';
$pm = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>';
$www_img = ( $profiledata['user_website'] ) ? '<a href="' . $profiledata['user_website'] . '" target="_userwww">' . create_img($theme['icon_www'], $lang['Visit_website']) . '</a>' : '';
$www = ( $profiledata['user_website'] ) ? '<a href="' . $profiledata['user_website'] . '" target="_userwww">' . $lang['Visit_website'] . '</a>' : '';
if ( !empty($profiledata['user_icq']) )
{
$icq_status_img = '<a href="http://wwp.icq.com/' . $profiledata['user_icq'] . '#pager"><img src="http://web.icq.com/whitepages/online?icq=' . $profiledata['user_icq'] . '&img=5" width="18" height="18" border="0" /></a>';
$icq_img = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $profiledata['user_icq'] . '"><img src="' . $images['icon_icq'] . '" alt="' . $lang['ICQ'] . '" title="' . $lang['ICQ'] . '" border="0" /></a>';
$icq_img = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $profiledata['user_icq'] . '">' . create_img($theme['icon_icq'], $lang['ICQ']) . '</a>';
$icq = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $profiledata['user_icq'] . '">' . $lang['ICQ'] . '</a>';
}
else
{
$icq_status_img = '&nbsp;';
$icq_img = '&nbsp;';
$icq = '&nbsp;';
$icq_status_img = '';
$icq_img = '';
$icq = '';
}
$aim_img = ( $profiledata['user_aim'] ) ? '<a href="aim:goim?screenname=' . $profiledata['user_aim'] . '&amp;message=Hello+Are+you+there?"><img src="' . $images['icon_aim'] . '" alt="' . $lang['AIM'] . '" title="' . $lang['AIM'] . '" border="0" /></a>' : '&nbsp;';
$aim = ( $profiledata['user_aim'] ) ? '<a href="aim:goim?screenname=' . $profiledata['user_aim'] . '&amp;message=Hello+Are+you+there?">' . $lang['AIM'] . '</a>' : '&nbsp;';
$aim_img = ( $profiledata['user_aim'] ) ? '<a href="aim:goim?screenname=' . $profiledata['user_aim'] . '&amp;message=Hello+Are+you+there?">' . create_img($theme['icon_aim'], $lang['AIM']) . '</a>' : '';
$aim = ( $profiledata['user_aim'] ) ? '<a href="aim:goim?screenname=' . $profiledata['user_aim'] . '&amp;message=Hello+Are+you+there?">' . $lang['AIM'] . '</a>' : '';
$msn_img = ( $profiledata['user_msnm'] ) ? $profiledata['user_msnm'] : '&nbsp;';
$msn = $msn_img;
$temp_url = "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id";
$msn_img = ( $profiledata['user_msnm'] ) ? '<a href="' . $temp_url . '">' . create_img($theme['icon_msnm'], $lang['MSNM']) . '</a>' : '';
$msn = ( $profiledata['user_msnm'] ) ? '<a href="' . $temp_url . '">' . $lang['MSNM'] . '</a>' : '';
$yim_img = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $profiledata['user_yim'] . '&amp;.src=pg"><img src="' . $images['icon_yim'] . '" alt="' . $lang['YIM'] . '" title="' . $lang['YIM'] . '" border="0" /></a>' : '';
$yim_img = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $profiledata['user_yim'] . '&amp;.src=pg">' . create_img($theme['icon_yim'], $lang['YIM']) . '</a>' : '';
$yim = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $profiledata['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username']) . "&amp;showresults=posts");
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
$temp_url = "search.$phpEx$SID&amp;search_author=" . urlencode($profiledata['username']) . "&amp;showresults=posts";
$search_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_search'], $lang['Search_user_posts']) . '</a>';
$search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';
//
@ -222,13 +224,11 @@ $template->assign_vars(array(
'L_OCCUPATION' => $lang['Occupation'],
'L_INTERESTS' => $lang['Interests'],
'U_SEARCH_USER' => append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username'])),
'U_SEARCH_USER' => "search.$phpEx$SID&amp;search_author=" . urlencode($profiledata['username']),
'S_PROFILE_ACTION' => append_sid("profile.$phpEx"))
'S_PROFILE_ACTION' => "profile.$phpEx$SID")
);
$template->pparse('body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
?>