
Code Changes

File: memberlist.php

  Unmodified   Added   Modified   Removed
Line 61Line 61
$default_key = 'c';
$sort_key = request_var('sk', $default_key);
$sort_dir = request_var('sd', 'a');

$default_key = 'c';
$sort_key = request_var('sk', $default_key);
$sort_dir = request_var('sd', 'a');

// Grab rank information for later
$ranks = $cache->obtain_ranks();


// What do you want to do today? ... oops, I think that line is taken ...
switch ($mode)

// What do you want to do today? ... oops, I think that line is taken ...
switch ($mode)

Line 141Line 136

$sql = 'SELECT forum_id, forum_name


$sql = 'SELECT forum_id, forum_name

WHERE forum_type = ' . FORUM_POST;


		$result = $db->sql_query($sql);

$forums = array();

		$result = $db->sql_query($sql);

$forums = array();

Line 239Line 233

$rank_title = $rank_img = '';


$rank_title = $rank_img = '';

			get_user_rank($row['user_rank'], $row['user_posts'], $rank_title, $rank_img, $rank_img_src);

			get_user_rank($row['user_rank'], (($row['user_id'] == ANONYMOUS) ? false : $row['user_posts']), $rank_title, $rank_img, $rank_img_src);

$template->assign_block_vars($which_row, array(
'USER_ID' => $row['user_id'],

$template->assign_block_vars($which_row, array(
'USER_ID' => $row['user_id'],

Line 430Line 424

$user_id = (int) $member['user_id'];


$user_id = (int) $member['user_id'];


// Get group memberships
// Also get visiting user's groups to determine hidden group memberships if necessary.
$auth_hidden_groups = ($user_id === (int) $user->data['user_id'] || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? true : false;
$sql_uid_ary = ($auth_hidden_groups) ? array($user_id) : array($user_id, (int) $user->data['user_id']);

// Do the SQL thang

// Do the SQL thang

		$sql = 'SELECT g.group_id, g.group_name, g.group_type
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id" . ((!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? ' AND g.group_type <> ' . GROUP_HIDDEN : '') . '
AND ug.user_pending = 0
ORDER BY g.group_type, g.group_name';

		$sql = 'SELECT g.group_id, g.group_name, g.group_type, ug.user_id
WHERE ' . $db->sql_in_set('ug.user_id', $sql_uid_ary) . '
AND g.group_id = ug.group_id
AND ug.user_pending = 0';

		$result = $db->sql_query($sql);

		$result = $db->sql_query($sql);

		$group_options = '';

		// Divide data into profile data and current user data
$profile_groups = $user_groups = array();

		while ($row = $db->sql_fetchrow($result))

		while ($row = $db->sql_fetchrow($result))

			$group_options .= '<option value="' . $row['group_id'] . '"' . (($row['group_id'] == $member['group_id']) ? ' selected="selected"' : '') . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';

			$row['user_id'] = (int) $row['user_id'];
$row['group_id'] = (int) $row['group_id'];

if ($row['user_id'] == $user_id)
$profile_groups[] = $row;
$user_groups[$row['group_id']] = $row['group_id'];




// Filter out hidden groups and sort groups by name
$group_data = $group_sort = array();
foreach ($profile_groups as $row)
if ($row['group_type'] == GROUP_SPECIAL)
// Lookup group name in language dictionary
if (isset($user->lang['G_' . $row['group_name']]))
$row['group_name'] = $user->lang['G_' . $row['group_name']];
else if (!$auth_hidden_groups && $row['group_type'] == GROUP_HIDDEN && !isset($user_groups[$row['group_id']]))
// Skip over hidden groups the user cannot see

$group_sort[$row['group_id']] = utf8_clean_string($row['group_name']);
$group_data[$row['group_id']] = $row;

$group_options = '';
foreach ($group_sort as $group_id => $null)
$row = $group_data[$group_id];

$group_options .= '<option value="' . $row['group_id'] . '"' . (($row['group_id'] == $member['group_id']) ? ' selected="selected"' : '') . '>' . $row['group_name'] . '</option>';

// What colour is the zebra
$sql = 'SELECT friend, foe

// What colour is the zebra
$sql = 'SELECT friend, foe

Line 501Line 545

$poster_avatar = get_user_avatar($member['user_avatar'], $member['user_avatar_type'], $member['user_avatar_width'], $member['user_avatar_height']);

$poster_avatar = get_user_avatar($member['user_avatar'], $member['user_avatar_type'], $member['user_avatar_width'], $member['user_avatar_height']);


		// We need to check if the modules 'zebra' ('friends' & 'foes' mode),  'notes' ('user_notes' mode) and  'warn' ('warn_user' mode) are accessible to decide if we can display appropriate links
$zebra_enabled = $friends_enabled = $foes_enabled = $user_notes_enabled = $warn_user_enabled = false;

// Only check if the user is logged in
if ($user->data['is_registered'])
if (!class_exists('p_master'))
include($phpbb_root_path . 'includes/functions_module.' . $phpEx);
$module = new p_master();


$user_notes_enabled = ($module->loaded('notes', 'user_notes')) ? true : false;
$warn_user_enabled = ($module->loaded('warn', 'warn_user')) ? true : false;
$zebra_enabled = ($module->loaded('zebra')) ? true : false;
$friends_enabled = ($module->loaded('zebra', 'friends')) ? true : false;
$foes_enabled = ($module->loaded('zebra', 'foes')) ? true : false;


$template->assign_vars(show_profile($member, $user_notes_enabled, $warn_user_enabled));

// Custom Profile Fields
$profile_fields = array();

// Custom Profile Fields
$profile_fields = array();

Line 513Line 581
			$profile_fields = (isset($profile_fields[$user_id])) ? $cp->generate_profile_fields_template('show', false, $profile_fields[$user_id]) : array();

			$profile_fields = (isset($profile_fields[$user_id])) ? $cp->generate_profile_fields_template('show', false, $profile_fields[$user_id]) : array();

		// We need to check if the module 'zebra' is accessible
$zebra_enabled = false;

if ($user->data['user_id'] != $user_id && $user->data['is_registered'])

		// If the user has m_approve permission or a_user permission, then list then display unapproved posts
if ($auth->acl_getf_global('m_approve') || $auth->acl_get('a_user'))



			include_once($phpbb_root_path . 'includes/functions_module.' . $phpEx);
$module = new p_master();

$zebra_enabled = ($module->active_module === false) ? false : true;


			$sql = 'SELECT COUNT(post_id) as posts_in_queue
WHERE poster_id = ' . $user_id . '
AND post_approved = 0';
$result = $db->sql_query($sql);
$member['posts_in_queue'] = (int) $db->sql_fetchfield('posts_in_queue');
$member['posts_in_queue'] = 0;





			'L_POSTS_IN_QUEUE'	=> $user->lang('NUM_POSTS_IN_QUEUE', $member['posts_in_queue']),

			'POSTS_DAY'			=> sprintf($user->lang['POST_DAY'], $posts_per_day),
'POSTS_PCT' => sprintf($user->lang['POST_PCT'], $percentage),

'OCCUPATION' => (!empty($member['user_occ'])) ? censor_text($member['user_occ']) : '',
'INTERESTS' => (!empty($member['user_interests'])) ? censor_text($member['user_interests']) : '',
'SIGNATURE' => $member['user_sig'],

			'POSTS_DAY'			=> sprintf($user->lang['POST_DAY'], $posts_per_day),
'POSTS_PCT' => sprintf($user->lang['POST_PCT'], $percentage),

'OCCUPATION' => (!empty($member['user_occ'])) ? censor_text($member['user_occ']) : '',
'INTERESTS' => (!empty($member['user_interests'])) ? censor_text($member['user_interests']) : '',
'SIGNATURE' => $member['user_sig'],

			'POSTS_IN_QUEUE'=> $member['posts_in_queue'],

'AVATAR_IMG' => $poster_avatar,
'PM_IMG' => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']),

'AVATAR_IMG' => $poster_avatar,
'PM_IMG' => $user->img('icon_contact_pm', $user->lang['SEND_PRIVATE_MESSAGE']),

Line 552Line 624
			'S_CUSTOM_FIELDS'	=> (isset($profile_fields['row']) && sizeof($profile_fields['row'])) ? true : false,

'U_USER_ADMIN' => ($auth->acl_get('a_user')) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", 'i=users&amp;mode=overview&amp;u=' . $user_id, true, $user->session_id) : '',

			'S_CUSTOM_FIELDS'	=> (isset($profile_fields['row']) && sizeof($profile_fields['row'])) ? true : false,

'U_USER_ADMIN' => ($auth->acl_get('a_user')) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", 'i=users&amp;mode=overview&amp;u=' . $user_id, true, $user->session_id) : '',

			'U_SWITCH_PERMISSIONS'	=> ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_id) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&amp;u={$user_id}") : '',

			'U_USER_BAN'			=> ($auth->acl_get('m_ban') && $user_id != $user->data['user_id']) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=ban&amp;mode=user&amp;u=' . $user_id, true, $user->session_id) : '',
'U_MCP_QUEUE' => ($auth->acl_getf_global('m_approve')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue', true, $user->session_id) : '',

'U_SWITCH_PERMISSIONS' => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_id) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&amp;u={$user_id}&amp;hash=" . generate_link_hash('switchperm')) : '',

			'S_USER_NOTES'		=> ($user_notes_enabled) ? true : false,
'S_WARN_USER' => ($warn_user_enabled) ? true : false,

			'S_ZEBRA'			=> ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false,

			'S_ZEBRA'			=> ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false,

			'U_ADD_FRIEND'		=> (!$friend) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;add=' . urlencode(htmlspecialchars_decode($member['username']))) : '',
'U_ADD_FOE' => (!$foe) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;mode=foes&amp;add=' . urlencode(htmlspecialchars_decode($member['username']))) : '',
'U_REMOVE_FRIEND' => ($friend) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;usernames[]=' . $user_id) : '',
'U_REMOVE_FOE' => ($foe) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;mode=foes&amp;usernames[]=' . $user_id) : '',

			'U_ADD_FRIEND'		=> (!$friend && !$foe && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;add=' . urlencode(htmlspecialchars_decode($member['username']))) : '',
'U_ADD_FOE' => (!$friend && !$foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;mode=foes&amp;add=' . urlencode(htmlspecialchars_decode($member['username']))) : '',
'U_REMOVE_FRIEND' => ($friend && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;usernames[]=' . $user_id) : '',
'U_REMOVE_FOE' => ($foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;mode=foes&amp;usernames[]=' . $user_id) : '',


if (!empty($profile_fields['row']))


if (!empty($profile_fields['row']))

Line 817Line 894
						$notify_type = NOTIFY_EMAIL;

						$notify_type = NOTIFY_EMAIL;

					$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);

					$messenger->anti_abuse_headers($config, $user);

'BOARD_CONTACT' => $config['board_contact'],

'BOARD_CONTACT' => $config['board_contact'],

Line 869Line 943




			'ERROR_MESSAGE'		=> (sizeof($error)) ? implode('<br />', $error) : '')

			'ERROR_MESSAGE'		=> (sizeof($error)) ? implode('<br />', $error) : '',
'SUBJECT' => $subject,
'MESSAGE' => $message,





Line 881Line 958
		$template_html = 'memberlist_body.html';

// Sorting

		$template_html = 'memberlist_body.html';

// Sorting

		$sort_key_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_LOCATION'], 'c' => $user->lang['SORT_JOINED'], 'd' => $user->lang['SORT_POST_COUNT'], 'e' => $user->lang['SORT_EMAIL'], 'f' => $user->lang['WEBSITE'], 'g' => $user->lang['ICQ'], 'h' => $user->lang['AIM'], 'i' => $user->lang['MSNM'], 'j' => $user->lang['YIM'], 'k' => $user->lang['JABBER']);

		$sort_key_text = array('a' => $user->lang['SORT_USERNAME'], 'b' => $user->lang['SORT_LOCATION'], 'c' => $user->lang['SORT_JOINED'], 'd' => $user->lang['SORT_POST_COUNT'], 'f' => $user->lang['WEBSITE'], 'g' => $user->lang['ICQ'], 'h' => $user->lang['AIM'], 'i' => $user->lang['MSNM'], 'j' => $user->lang['YIM'], 'k' => $user->lang['JABBER']);
$sort_key_sql = array('a' => 'u.username_clean', 'b' => 'u.user_from', 'c' => 'u.user_regdate', 'd' => 'u.user_posts', 'f' => 'u.user_website', 'g' => 'u.user_icq', 'h' => 'u.user_aim', 'i' => 'u.user_msnm', 'j' => 'u.user_yim', 'k' => 'u.user_jabber');

		if ($auth->acl_get('u_viewonline'))

		if ($auth->acl_get('a_user'))



			$sort_key_text['l'] = $user->lang['SORT_LAST_ACTIVE'];

			$sort_key_text['e'] = $user->lang['SORT_EMAIL'];
$sort_key_sql['e'] = 'u.user_email';



		$sort_key_text['m'] = $user->lang['SORT_RANK'];

$sort_key_sql = array('a' => 'u.username_clean', 'b' => 'u.user_from', 'c' => 'u.user_regdate', 'd' => 'u.user_posts', 'e' => 'u.user_email', 'f' => 'u.user_website', 'g' => 'u.user_icq', 'h' => 'u.user_aim', 'i' => 'u.user_msnm', 'j' => 'u.user_yim', 'k' => 'u.user_jabber');


if ($auth->acl_get('u_viewonline'))

if ($auth->acl_get('u_viewonline'))

			$sort_key_text['l'] = $user->lang['SORT_LAST_ACTIVE'];

			$sort_key_sql['l'] = 'u.user_lastvisit';

			$sort_key_sql['l'] = 'u.user_lastvisit';

		$sort_key_sql['m'] = 'u.user_rank DESC, u.user_posts';

$sort_key_text['m'] = $user->lang['SORT_RANK'];
$sort_key_sql['m'] = 'u.user_rank';

$sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);

$sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);

Line 921Line 1000
		$form			= request_var('form', '');
$field = request_var('field', '');
$select_single = request_var('select_single', false);

		$form			= request_var('form', '');
$field = request_var('field', '');
$select_single = request_var('select_single', false);


// Search URL parameters, if any of these are in the URL we do a search
$search_params = array('username', 'email', 'icq', 'aim', 'yahoo', 'msn', 'jabber', 'search_group_id', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'ip');

// We validate form and field here, only id/class allowed
$form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form;
$field = (!preg_match('/^[a-z0-9_-]+$/i', $field)) ? '' : $field;

// We validate form and field here, only id/class allowed
$form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form;
$field = (!preg_match('/^[a-z0-9_-]+$/i', $field)) ? '' : $field;

		if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))

		if (($mode == 'searchuser' || sizeof(array_intersect(array_keys($_GET), $search_params)) > 0) && ($config['load_search'] || $auth->acl_get('a_')))

$username = request_var('username', '', true);
$email = strtolower(request_var('email', ''));

$username = request_var('username', '', true);
$email = strtolower(request_var('email', ''));

Line 936Line 1018
			$jabber		= request_var('jabber', '');
$search_group_id = request_var('search_group_id', 0);

			$jabber		= request_var('jabber', '');
$search_group_id = request_var('search_group_id', 0);

			// when using these, make sure that we actually have values defined in $find_key_match

			$joined_select	= request_var('joined_select', 'lt');
$active_select = request_var('active_select', 'lt');
$count_select = request_var('count_select', 'eq');

			$joined_select	= request_var('joined_select', 'lt');
$active_select = request_var('active_select', 'lt');
$count_select = request_var('count_select', 'eq');


			$joined			= explode('-', request_var('joined', ''));
$active = explode('-', request_var('active', ''));
$count = (request_var('count', '') !== '') ? request_var('count', 0) : '';

			$joined			= explode('-', request_var('joined', ''));
$active = explode('-', request_var('active', ''));
$count = (request_var('count', '') !== '') ? request_var('count', 0) : '';

Line 970Line 1054

$sql_where .= ($username) ? ' AND u.username_clean ' . $db->sql_like_expression(str_replace('*', $db->any_char, utf8_clean_string($username))) : '';


$sql_where .= ($username) ? ' AND u.username_clean ' . $db->sql_like_expression(str_replace('*', $db->any_char, utf8_clean_string($username))) : '';

			$sql_where .= ($email) ? ' AND u.user_email ' . $db->sql_like_expression(str_replace('*', $db->any_char, $email)) . ' ' : '';

			$sql_where .= ($auth->acl_get('a_user') && $email) ? ' AND u.user_email ' . $db->sql_like_expression(str_replace('*', $db->any_char, $email)) . ' ' : '';

			$sql_where .= ($icq) ? ' AND u.user_icq ' . $db->sql_like_expression(str_replace('*', $db->any_char, $icq)) . ' ' : '';
$sql_where .= ($aim) ? ' AND u.user_aim ' . $db->sql_like_expression(str_replace('*', $db->any_char, $aim)) . ' ' : '';
$sql_where .= ($yahoo) ? ' AND u.user_yim ' . $db->sql_like_expression(str_replace('*', $db->any_char, $yahoo)) . ' ' : '';
$sql_where .= ($msn) ? ' AND u.user_msnm ' . $db->sql_like_expression(str_replace('*', $db->any_char, $msn)) . ' ' : '';
$sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->any_char, $jabber)) . ' ' : '';

			$sql_where .= ($icq) ? ' AND u.user_icq ' . $db->sql_like_expression(str_replace('*', $db->any_char, $icq)) . ' ' : '';
$sql_where .= ($aim) ? ' AND u.user_aim ' . $db->sql_like_expression(str_replace('*', $db->any_char, $aim)) . ' ' : '';
$sql_where .= ($yahoo) ? ' AND u.user_yim ' . $db->sql_like_expression(str_replace('*', $db->any_char, $yahoo)) . ' ' : '';
$sql_where .= ($msn) ? ' AND u.user_msnm ' . $db->sql_like_expression(str_replace('*', $db->any_char, $msn)) . ' ' : '';
$sql_where .= ($jabber) ? ' AND u.user_jabber ' . $db->sql_like_expression(str_replace('*', $db->any_char, $jabber)) . ' ' : '';

			$sql_where .= (is_numeric($count)) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : '';
$sql_where .= (sizeof($joined) > 1) ? " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
$sql_where .= ($auth->acl_get('u_viewonline') && sizeof($active) > 1) ? " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';

			$sql_where .= (is_numeric($count) && isset($find_key_match[$count_select])) ? ' AND u.user_posts ' . $find_key_match[$count_select] . ' ' . (int) $count . ' ' : '';

if (isset($find_key_match[$joined_select]) && sizeof($joined) == 3)
// Before PHP 5.1 an error value -1 can be returned instead of false.
// Theoretically gmmktime() can also legitimately return -1 as an actual timestamp.
// But since we do not pass the $second parameter to gmmktime(),
// an actual unix timestamp -1 cannot be returned in this case.
// Thus we can check whether it is -1 and treat -1 as an error.
$joined_time = gmmktime(0, 0, 0, (int) $joined[1], (int) $joined[2], (int) $joined[0]);

if ($joined_time !== false && $joined_time !== -1)
$sql_where .= " AND u.user_regdate " . $find_key_match[$joined_select] . ' ' . $joined_time;

if (isset($find_key_match[$active_select]) && sizeof($active) == 3 && $auth->acl_get('u_viewonline'))
$active_time = gmmktime(0, 0, 0, (int) $active[1], (int) $active[2], (int) $active[0]);

if ($active_time !== false && $active_time !== -1)
$sql_where .= " AND u.user_lastvisit " . $find_key_match[$active_select] . ' ' . $active_time;

			$sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : '';

if ($search_group_id)

			$sql_where .= ($search_group_id) ? " AND u.user_id = ug.user_id AND ug.group_id = $search_group_id AND ug.user_pending = 0 " : '';

if ($search_group_id)

Line 1108Line 1216
			// Misusing the avatar function for displaying group avatars...
$avatar_img = get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR');

			// Misusing the avatar function for displaying group avatars...
$avatar_img = get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR');

			// ... same for group rank

			$rank_title = $rank_img = $rank_img_src = '';
if ($group_row['group_rank'])

			$rank_title = $rank_img = $rank_img_src = '';
if ($group_row['group_rank'])

				if (isset($ranks['special'][$group_row['group_rank']]))

				get_user_rank($group_row['group_rank'], false, $rank_title, $rank_img, $rank_img_src);

if ($rank_img)



					$rank_title = $ranks['special'][$group_row['group_rank']]['rank_title'];

					$rank_img .= '<br />';



				$rank_img = (!empty($ranks['special'][$group_row['group_rank']]['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $ranks['special'][$group_row['group_rank']]['rank_image'] . '" alt="' . $ranks['special'][$group_row['group_rank']]['rank_title'] . '" title="' . $ranks['special'][$group_row['group_rank']]['rank_title'] . '" /><br />' : '';
$rank_img_src = (!empty($ranks['special'][$group_row['group_rank']]['rank_image'])) ? $config['ranks_path'] . '/' . $ranks['special'][$group_row['group_rank']]['rank_image'] : '';
$rank_title = '';
$rank_img = '';
$rank_img_src = '';





Line 1136Line 1239
				'RANK_IMG'		=> $rank_img,
'RANK_IMG_SRC' => $rank_img_src,

				'RANK_IMG'		=> $rank_img,
'RANK_IMG_SRC' => $rank_img_src,

				'U_PM'			=> ($auth->acl_get('u_sendpm') && $auth->acl_get('u_masspm') && $group_row['group_receive_pm'] && $config['allow_privmsg'] && $config['allow_mass_pm']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;g=' . $group_id) : '',)

				'U_PM'			=> ($auth->acl_get('u_sendpm') && $auth->acl_get('u_masspm_group') && $group_row['group_receive_pm'] && $config['allow_privmsg'] && $config['allow_mass_pm']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;g=' . $group_id) : '',)


$sql_select = ', ug.group_leader';


$sql_select = ', ug.group_leader';

Line 1154Line 1257

$order_by .= $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');


$order_by .= $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');


// Unfortunately we must do this here for sorting by rank, else the sort order is applied wrongly
if ($sort_key == 'm')
$order_by .= ', u.user_posts DESC';

// Count the users ...
if ($sql_where)

// Count the users ...
if ($sql_where)

Line 1170Line 1279
$total_users = $config['num_users'];

$total_users = $config['num_users'];

$s_char_options = '<option value=""' . ((!$first_char) ? ' selected="selected"' : '') . '>&nbsp; &nbsp;</option>';
for ($i = 97; $i < 123; $i++)
$s_char_options .= '<option value="' . chr($i) . '"' . (($first_char == chr($i)) ? ' selected="selected"' : '') . '>' . chr($i-32) . '</option>';
$s_char_options .= '<option value="other"' . (($first_char == 'other') ? ' selected="selected"' : '') . '>' . $user->lang['OTHER'] . '</option>';


// Build a relevant pagination_url
$params = $sort_params = array();

// Build a relevant pagination_url
$params = $sort_params = array();

Line 1188Line 1290
			'sd'			=> array('sd', 'a'),
'form' => array('form', ''),
'field' => array('field', ''),

			'sd'			=> array('sd', 'a'),
'form' => array('form', ''),
'field' => array('field', ''),

			'select_single'	=> array('select_single', 0),

			'select_single'	=> array('select_single', $select_single),

			'username'		=> array('username', '', true),
'email' => array('email', ''),
'icq' => array('icq', ''),

			'username'		=> array('username', '', true),
'email' => array('email', ''),
'icq' => array('icq', ''),

Line 1203Line 1305
			'joined'		=> array('joined', ''),
'active' => array('active', ''),
'count' => (request_var('count', '') !== '') ? array('count', 0) : array('count', ''),

			'joined'		=> array('joined', ''),
'active' => array('active', ''),
'count' => (request_var('count', '') !== '') ? array('count', 0) : array('count', ''),

			'ipdomain'		=> array('ip', ''),

			'ip'			=> array('ip', ''),

			'first_char'	=> array('first_char', ''),

			'first_char'	=> array('first_char', ''),

		$u_first_char_params = array();

		foreach ($check_params as $key => $call)
if (!isset($_REQUEST[$key]))

		foreach ($check_params as $key => $call)
if (!isset($_REQUEST[$key]))

Line 1218Line 1321
			$param = urlencode($key) . '=' . ((is_string($param)) ? urlencode($param) : $param);
$params[] = $param;

			$param = urlencode($key) . '=' . ((is_string($param)) ? urlencode($param) : $param);
$params[] = $param;

			if ($key != 'first_char')
$u_first_char_params[] = $param;

			if ($key != 'sk' && $key != 'sd')
$sort_params[] = $param;

			if ($key != 'sk' && $key != 'sd')
$sort_params[] = $param;

		$u_hide_find_member = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $params));

		$u_hide_find_member = append_sid("{$phpbb_root_path}memberlist.$phpEx", "start=$start" . (!empty($params) ? '&amp;' . implode('&amp;', $params) : ''));

		if ($mode)

		$params[] = "mode=$mode";

		$params[] = "mode=$mode";

			$u_first_char_params[] = "mode=$mode";

		$sort_params[] = "mode=$mode";

		$sort_params[] = "mode=$mode";


		$pagination_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $params));
$sort_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $sort_params));

		$pagination_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $params));
$sort_url = append_sid("{$phpbb_root_path}memberlist.$phpEx", implode('&amp;', $sort_params));

		unset($params, $sort_params);

		unset($search_params, $sort_params);

$u_first_char_params = implode('&amp;', $u_first_char_params);
$u_first_char_params .= ($u_first_char_params) ? '&amp;' : '';

$first_characters = array();
$first_characters[''] = $user->lang['ALL'];
for ($i = 97; $i < 123; $i++)
$first_characters[chr($i)] = chr($i - 32);
$first_characters['other'] = $user->lang['OTHER'];

foreach ($first_characters as $char => $desc)
$template->assign_block_vars('first_char', array(
'DESC' => $desc,
'VALUE' => $char,
'S_SELECTED' => ($first_char == $char) ? true : false,
'U_SORT' => append_sid("{$phpbb_root_path}memberlist.$phpEx", $u_first_char_params . 'first_char=' . $char) . '#memberlist',

// Some search user specific data
if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))
$group_selected = request_var('search_group_id', 0);
$s_group_select = '<option value="0"' . ((!$group_selected) ? ' selected="selected"' : '') . '>&nbsp;</option>';

// Some search user specific data
if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))
$group_selected = request_var('search_group_id', 0);
$s_group_select = '<option value="0"' . ((!$group_selected) ? ' selected="selected"' : '') . '>&nbsp;</option>';

			$group_ids = array();

* @todo add this to a separate function (function is responsible for returning the groups the user is able to see based on the users group membership)

if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel'))
$sql = 'SELECT group_id, group_name, group_type

if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel'))
$sql = 'SELECT group_id, group_name, group_type

					FROM ' . GROUPS_TABLE . '
ORDER BY group_name ASC';


if (!$config['coppa_enable'])
$sql .= " WHERE group_name <> 'REGISTERED_COPPA'";

$sql .= ' ORDER BY group_name ASC';



Line 1255Line 1399
							AND ug.user_id = ' . $user->data['user_id'] . '
AND ug.user_pending = 0

							AND ug.user_id = ' . $user->data['user_id'] . '
AND ug.user_pending = 0

					WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')
ORDER BY g.group_name ASC';

					WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')';

if (!$config['coppa_enable'])
$sql .= " AND g.group_name <> 'REGISTERED_COPPA'";

$sql .= ' ORDER BY g.group_name ASC';

$result = $db->sql_query($sql);

while ($row = $db->sql_fetchrow($result))

$result = $db->sql_query($sql);

while ($row = $db->sql_fetchrow($result))

				$group_ids[] = $row['group_id'];

				$s_group_select .= '<option value="' . $row['group_id'] . '"' . (($group_selected == $row['group_id']) ? ' selected="selected"' : '') . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';

				$s_group_select .= '<option value="' . $row['group_id'] . '"' . (($group_selected == $row['group_id']) ? ' selected="selected"' : '') . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';


if ($group_selected !== 0 && !in_array($group_selected, $group_ids))

'USERNAME' => $username,

'USERNAME' => $username,

Line 1280Line 1436
				'IP'		=> $ipdomain,

'S_IP_SEARCH_ALLOWED' => ($auth->acl_getf_global('m_info')) ? true : false,

				'IP'		=> $ipdomain,

'S_IP_SEARCH_ALLOWED' => ($auth->acl_getf_global('m_info')) ? true : false,

				'S_EMAIL_SEARCH_ALLOWED'=> ($auth->acl_get('a_user')) ? true : false,

				'S_IN_SEARCH_POPUP'		=> ($form && $field) ? true : false,
'S_SEARCH_USER' => true,
'S_FORM_NAME' => $form,

				'S_IN_SEARCH_POPUP'		=> ($form && $field) ? true : false,
'S_SEARCH_USER' => true,
'S_FORM_NAME' => $form,

Line 1309Line 1466
			$user_list[] = (int) $row['user_id'];

			$user_list[] = (int) $row['user_id'];

		$leaders_set = false;

		// So, did we get any users?
if (sizeof($user_list))

		// So, did we get any users?
if (sizeof($user_list))

Line 1369Line 1526
			// If we sort by last active date we need to adjust the id cache due to user_lastvisit not being the last active date...
if ($sort_key == 'l')

			// If we sort by last active date we need to adjust the id cache due to user_lastvisit not being the last active date...
if ($sort_key == 'l')

				$lesser_than = ($sort_dir == 'a') ? -1 : 1;
uasort($id_cache, create_function('$first, $second', "return (\$first['last_visit'] == \$second['last_visit']) ? 0 : ((\$first['last_visit'] < \$second['last_visit']) ? $lesser_than : ($lesser_than * -1));"));

//				uasort($id_cache, create_function('$first, $second', "return (\$first['last_visit'] == \$second['last_visit']) ? 0 : ((\$first['last_visit'] < \$second['last_visit']) ? $lesser_than : ($lesser_than * -1));"));
usort($user_list, '_sort_last_active');


for ($i = 0, $end = sizeof($user_list); $i < $end; ++$i)
$user_id = $user_list[$i];
$row =& $id_cache[$user_id];


for ($i = 0, $end = sizeof($user_list); $i < $end; ++$i)
$user_id = $user_list[$i];
$row =& $id_cache[$user_id];

				$is_leader = (isset($row['group_leader']) && $row['group_leader']) ? true : false;
$leaders_set = ($leaders_set || $is_leader);

$cp_row = array();
if ($config['load_cpf_memberlist'])

$cp_row = array();
if ($config['load_cpf_memberlist'])

Line 1388Line 1547
					'ROW_NUMBER'		=> $i + ($start + 1),

'S_CUSTOM_PROFILE' => (isset($cp_row['row']) && sizeof($cp_row['row'])) ? true : false,

					'ROW_NUMBER'		=> $i + ($start + 1),

'S_CUSTOM_PROFILE' => (isset($cp_row['row']) && sizeof($cp_row['row'])) ? true : false,

					'S_GROUP_LEADER'	=> (isset($row['group_leader']) && $row['group_leader']) ? true : false,

					'S_GROUP_LEADER'	=> $is_leader,

'U_VIEW_PROFILE' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $user_id))

'U_VIEW_PROFILE' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=viewprofile&amp;u=' . $user_id))

Line 1429Line 1588
			'JABBER_IMG'	=> $user->img('icon_contact_jabber', $user->lang['JABBER']),
'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']),

			'JABBER_IMG'	=> $user->img('icon_contact_jabber', $user->lang['JABBER']),
'SEARCH_IMG' => $user->img('icon_user_search', $user->lang['SEARCH']),

			'U_FIND_MEMBER'			=> ($config['load_search'] || $auth->acl_get('a_')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser') : '',

			'U_FIND_MEMBER'			=> ($config['load_search'] || $auth->acl_get('a_')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser' . (($start) ? "&amp;start=$start" : '') . (!empty($params) ? '&amp;' . implode('&amp;', $params) : '')) : '',

			'U_HIDE_FIND_MEMBER'	=> ($mode == 'searchuser') ? $u_hide_find_member : '',
'U_SORT_USERNAME' => $sort_url . '&amp;sk=a&amp;sd=' . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_FROM' => $sort_url . '&amp;sk=b&amp;sd=' . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'),

			'U_HIDE_FIND_MEMBER'	=> ($mode == 'searchuser') ? $u_hide_find_member : '',
'U_SORT_USERNAME' => $sort_url . '&amp;sk=a&amp;sd=' . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'),
'U_SORT_FROM' => $sort_url . '&amp;sk=b&amp;sd=' . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'),

Line 1448Line 1607

'S_SHOW_GROUP' => ($mode == 'group') ? true : false,
'S_VIEWONLINE' => $auth->acl_get('u_viewonline'),

'S_SHOW_GROUP' => ($mode == 'group') ? true : false,
'S_VIEWONLINE' => $auth->acl_get('u_viewonline'),

			'S_LEADERS_SET'		=> $leaders_set,

			'S_MODE_SELECT'		=> $s_sort_key,
'S_ORDER_SELECT' => $s_sort_dir,

			'S_MODE_SELECT'		=> $s_sort_key,
'S_ORDER_SELECT' => $s_sort_dir,

			'S_CHAR_OPTIONS'	=> $s_char_options,

			'S_MODE_ACTION'		=> $pagination_url)

// Output the page

			'S_MODE_ACTION'		=> $pagination_url)

// Output the page


page_header($page_title, false);

'body' => $template_html)

'body' => $template_html)

Line 1468Line 1627
* Prepare profile data

* Prepare profile data

function show_profile($data)

function show_profile($data, $user_notes_enabled = false, $warn_user_enabled = false)

global $config, $auth, $template, $user, $phpEx, $phpbb_root_path;

global $config, $auth, $template, $user, $phpEx, $phpbb_root_path;

Line 1476Line 1635
	$user_id = $data['user_id'];

$rank_title = $rank_img = $rank_img_src = '';

	$user_id = $data['user_id'];

$rank_title = $rank_img = $rank_img_src = '';

	get_user_rank($data['user_rank'], $data['user_posts'], $rank_title, $rank_img, $rank_img_src);

	get_user_rank($data['user_rank'], (($user_id == ANONYMOUS) ? false : $data['user_posts']), $rank_title, $rank_img, $rank_img_src);

	if (!empty($data['user_allow_viewemail']) || $auth->acl_get('a_email'))

	if ((!empty($data['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_user'))



		$email = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=email&amp;u=' . $user_id) : (($config['board_hide_emails'] && !$auth->acl_get('a_email')) ? '' : 'mailto:' . $data['user_email']);

		$email = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=email&amp;u=' . $user_id) : (($config['board_hide_emails'] && !$auth->acl_get('a_user')) ? '' : 'mailto:' . $data['user_email']);



Line 1514Line 1673

if ($bday_year)

if ($bday_year)

			$now = getdate(time() + $user->timezone + $user->dst - date('Z'));

			$now = phpbb_gmgetdate(time() + $user->timezone + $user->dst);

$diff = $now['mon'] - $bday_month;
if ($diff == 0)

$diff = $now['mon'] - $bday_month;
if ($diff == 0)

Line 1526Line 1685
				$diff = ($diff < 0) ? 1 : 0;

				$diff = ($diff < 0) ? 1 : 0;

			$age = (int) ($now['year'] - $bday_year - $diff);

			$age = max(0, (int) ($now['year'] - $bday_year - $diff));



Line 1546Line 1705

'A_USERNAME' => addslashes(get_username_string('username', $user_id, $username, $data['user_colour'])),

'A_USERNAME' => addslashes(get_username_string('username', $user_id, $username, $data['user_colour'])),

		'AVATAR_IMG'		=> get_user_avatar($data['user_avatar'], $data['user_avatar_type'], $data['user_avatar_width'], $data['user_avatar_height']),

		'ONLINE_IMG'		=> (!$config['load_onlinetrack']) ? '' : (($online) ? $user->img('icon_user_online', 'ONLINE') : $user->img('icon_user_offline', 'OFFLINE')),
'S_ONLINE' => ($config['load_onlinetrack'] && $online) ? true : false,
'RANK_IMG' => $rank_img,
'RANK_IMG_SRC' => $rank_img_src,
'ICQ_STATUS_IMG' => (!empty($data['user_icq'])) ? '<img src="' . $data['user_icq'] . '&amp;img=5" width="18" height="18" />' : '',
'S_JABBER_ENABLED' => ($config['jab_enable']) ? true : false,

		'ONLINE_IMG'		=> (!$config['load_onlinetrack']) ? '' : (($online) ? $user->img('icon_user_online', 'ONLINE') : $user->img('icon_user_offline', 'OFFLINE')),
'S_ONLINE' => ($config['load_onlinetrack'] && $online) ? true : false,
'RANK_IMG' => $rank_img,
'RANK_IMG_SRC' => $rank_img_src,
'ICQ_STATUS_IMG' => (!empty($data['user_icq'])) ? '<img src="' . $data['user_icq'] . '&amp;img=5" width="18" height="18" />' : '',
'S_JABBER_ENABLED' => ($config['jab_enable']) ? true : false,


'S_WARNINGS' => ($auth->acl_getf_global('m_') || $auth->acl_get('m_warn')) ? true : false,

'U_SEARCH_USER' => ($auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id=$user_id&amp;sr=posts") : '',

'U_SEARCH_USER' => ($auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id=$user_id&amp;sr=posts") : '',

		'U_NOTES'		=> $auth->acl_getf_global('m_') ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $user_id, true, $user->session_id) : '',
'U_WARN' => $auth->acl_get('m_warn') ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user&amp;u=' . $user_id, true, $user->session_id) : '',

		'U_NOTES'		=> ($user_notes_enabled && $auth->acl_getf_global('m_')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&amp;mode=user_notes&amp;u=' . $user_id, true, $user->session_id) : '',
'U_WARN' => ($warn_user_enabled && $auth->acl_get('m_warn')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=warn&amp;mode=warn_user&amp;u=' . $user_id, true, $user->session_id) : '',

		'U_PM'			=> ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($data['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;u=' . $user_id) : '',
'U_EMAIL' => $email,
'U_WWW' => (!empty($data['user_website'])) ? $data['user_website'] : '',

		'U_PM'			=> ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($data['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;mode=compose&amp;u=' . $user_id) : '',
'U_EMAIL' => $email,
'U_WWW' => (!empty($data['user_website'])) ? $data['user_website'] : '',

		'U_ICQ'			=> ($data['user_icq']) ? '' . urlencode($data['user_icq']) : '',

		'U_SHORT_WWW'			=> (!empty($data['user_website'])) ? ((strlen($data['user_website']) > 55) ? substr($data['user_website'], 0, 39) . ' ... ' . substr($data['user_website'], -10) : $data['user_website']) : '',
'U_ICQ' => ($data['user_icq']) ? '' . urlencode($data['user_icq']) . '/' : '',

		'U_AIM'			=> ($data['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&amp;action=aim&amp;u=' . $user_id) : '',
'U_YIM' => ($data['user_yim']) ? '' . urlencode($data['user_yim']) . '&amp;.src=pg' : '',
'U_MSN' => ($data['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&amp;action=msnm&amp;u=' . $user_id) : '',

		'U_AIM'			=> ($data['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&amp;action=aim&amp;u=' . $user_id) : '',
'U_YIM' => ($data['user_yim']) ? '' . urlencode($data['user_yim']) . '&amp;.src=pg' : '',
'U_MSN' => ($data['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&amp;action=msnm&amp;u=' . $user_id) : '',

Line 1575Line 1738

'L_VIEWING_PROFILE' => sprintf($user->lang['VIEWING_PROFILE'], $username),

'L_VIEWING_PROFILE' => sprintf($user->lang['VIEWING_PROFILE'], $username),


function _sort_last_active($first, $second)
global $id_cache, $sort_dir;

$lesser_than = ($sort_dir === 'd') ? -1 : 1;

if (isset($id_cache[$first]['group_leader']) && $id_cache[$first]['group_leader'] && (!isset($id_cache[$second]['group_leader']) || !$id_cache[$second]['group_leader']))
return -1;
else if (isset($id_cache[$second]['group_leader']) && (!isset($id_cache[$first]['group_leader']) || !$id_cache[$first]['group_leader']) && $id_cache[$second]['group_leader'])
return 1;
return $lesser_than * (int) ($id_cache[$first]['last_visit'] - $id_cache[$second]['last_visit']);



