PageRenderTime 111ms CodeModel.GetById 39ms RepoModel.GetById 0ms app.codeStats 0ms

/includes/usercp_zebra.php

http://github.com/MightyGorgon/icy_phoenix
PHP | 239 lines | 181 code | 30 blank | 28 comment | 25 complexity | 0e87bc0edc85a94cd768fc8ff5ff7f74 MD5 | raw file
Possible License(s): AGPL-1.0 
    

  1. <?php
    2. 

  2. /**
    3. 

  3. *
    4. 

  4. * @package Icy Phoenix
    5. 

  5. * @version $Id$
    6. 

  6. * @copyright (c) 2008 Icy Phoenix
    7. 

  7. * @license http://opensource.org/licenses/gpl-license.php GNU Public License
    8. 

  8. *
    9. 

  9. */
    10. 

  10. 

  11. if (!defined('IN_ICYPHOENIX'))
    12. 

  12. {
    13. 

  13. 	die('Hacking attempt');
    14. 

  14. 	exit;
    15. 

  15. }
    16. 

  16. 

  17. /*
    18. 

  18. if ($config['allow_zebra'] == false)
    19. 

  19. {
    20. 

  20. 	message_die(GENERAL_MESSAGE, $lang['Not_Auth_View']);
    21. 

  21. }
    22. 

  22. */
    23. 

  23. 

  24. $zmode = 'friends';
    25. 

  25. $zmode_types = array('friends', 'foes');
    26. 

  26. $zmode = request_var('zmode', 'friends');
    27. 

  27. $zmode = check_var_value($zmode, $zmode_types);
    28. 

  28. 

  29. // Forced to friends...
    30. 

  30. $zmode = 'friends';
    31. 

  31. 

  32. if (isset($_POST['submit']))
    33. 

  33. {
    34. 

  34. 	$data = array();
    35. 

  35. 	$error = array();
    36. 

  36. 	$updated = false;
    37. 

  37. 

  38. 	$var_ary = array(
    39. 

  39. 		'usernames' => array(0),
    40. 

  40. 		'add' => '',
    41. 

  41. 	);
    42. 

  42. 

  43. 	foreach ($var_ary as $var => $default)
    44. 

  44. 	{
    45. 

  45. 		$data[$var] = request_var($var, $default, true);
    46. 

  46. 	}
    47. 

  47. 

  48. 	if (!empty($data['add']) || sizeof($data['usernames']))
    49. 

  49. 	{
    50. 

  50. 		if ($data['add'])
    51. 

  51. 		{
    52. 

  52. 			$data['add'] = array_map('trim', explode("\n", $data['add']));
    53. 

  53. 

  54. 			// Do these name/s exist on a list already? If so, ignore ... we could be
    55. 

  55. 			// 'nice' and automatically handle names added to one list present on
    56. 

  56. 			// the other (by removing the existing one) ... but I have a feeling this
    57. 

  57. 			// may lead to complaints
    58. 

  58. 			$sql = 'SELECT z.*, u.username
    59. 

  59. 				FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u
    60. 

  60. 				WHERE z.user_id = ' . $user->data['user_id'] . '
    61. 

  61. 					AND u.user_id = z.zebra_id';
    62. 

  62. 			$result = $db->sql_query($sql);
    63. 

  63. 

  64. 			$friends = array();
    65. 

  65. 			$foes = array();
    66. 

  66. 			while ($row = $db->sql_fetchrow($result))
    67. 

  67. 			{
    68. 

  68. 				if ($row['friend'])
    69. 

  69. 				{
    70. 

  70. 					$friends[] = $row['user_id'];
    71. 

  71. 				}
    72. 

  72. 				else
    73. 

  73. 				{
    74. 

  74. 					$foes[] = $row['user_id'];
    75. 

  75. 				}
    76. 

  76. 			}
    77. 

  77. 			$db->sql_freeresult($result);
    78. 

  78. 

  79. 			// remove friends from the username array
    80. 

  80. 			$n = sizeof($data['add']);
    81. 

  81. 			$data['add'] = array_diff($data['add'], $friends);
    82. 

  82. 

  83. 			// remove foes from the username array
    84. 

  84. 			$n = sizeof($data['add']);
    85. 

  85. 			$data['add'] = array_diff($data['add'], $foes);
    86. 

  86. 

  87. 			// remove the user himself from the username array
    88. 

  88. 			$n = sizeof($data['add']);
    89. 

  89. 			$data['add'] = array_diff($data['add'], array($user->data['username']));
    90. 

  90. 

  91. 			unset($friends, $foes, $n);
    92. 

  92. 

  93. 			if (sizeof($data['add']))
    94. 

  94. 			{
    95. 

  95. 				$users_to_add = '';
    96. 

  96. 				foreach ($data['add'] as $user_tmp)
    97. 

  97. 				{
    98. 

  98. 					$username_tmp = phpbb_clean_username($user_tmp);
    99. 

  99. 					//$users_to_add .= (($users_to_add == '') ? '' : ', ') . "'" . $db->sql_escape($username_tmp) . "'";
    100. 

  100. 					$users_to_add .= (($users_to_add == '') ? '' : ', ') . "'" . $db->sql_escape(utf8_clean_string($username_tmp)) . "'";
    101. 

  101. 				}
    102. 

  102. 				//$users_to_add = implode('\',\'', $data['add']);
    103. 

  103. 				$sql = "SELECT user_id, user_level
    104. 

  104. 					FROM " . USERS_TABLE . "
    105. 

  105. 					WHERE username_clean IN (" . $users_to_add . ")
    106. 

  106. 						AND user_active = 1";
    107. 

  107. 				//die($sql);
    108. 

  108. 				$result = $db->sql_query($sql);
    109. 

  109. 

  110. 				$user_id_ary = array();
    111. 

  111. 				$user_id_level = array();
    112. 

  112. 				while ($row = $db->sql_fetchrow($result))
    113. 

  113. 				{
    114. 

  114. 					if ($row['user_id'] != ANONYMOUS)
    115. 

  115. 					{
    116. 

  116. 						$user_id_ary[$row['user_id']] = $row['user_id'];
    117. 

  117. 						$user_id_level[$row['user_id']] = $row['user_level'];
    118. 

  118. 					}
    119. 

  119. 				}
    120. 

  120. 				$db->sql_freeresult($result);
    121. 

  121. 

  122. 				if (sizeof($user_id_ary))
    123. 

  123. 				{
    124. 

  124. 					// Remove users from foe list if they are admins or moderators
    125. 

  125. 					if ($zmode == 'foes')
    126. 

  126. 					{
    127. 

  127. 						$perms = array();
    128. 

  128. 						foreach ($user_id_ary as $user_tmp)
    129. 

  129. 						{
    130. 

  130. 							if ($user_id_level[$row['user_id']] > 0)
    131. 

  131. 							{
    132. 

  132. 								$perms[] = array_merge($perms, $user_tmp);
    133. 

  133. 							}
    134. 

  134. 						}
    135. 

  135. 						$perms = array_unique($perms);
    136. 

  136. 

  137. 						// This may not be right ... it may yield true when perms equate to deny
    138. 

  138. 						$user_id_ary = array_diff($user_id_ary, $perms);
    139. 

  139. 						unset($perms);
    140. 

  140. 					}
    141. 

  141. 

  142. 					if (sizeof($user_id_ary))
    143. 

  143. 					{
    144. 

  144. 						$friend_foe_mode = ($zmode == 'friends') ? true : false;
    145. 

  145. 						user_friend_foe_add($user_id_ary, $friend_foe_mode);
    146. 

  146. 						$updated = true;
    147. 

  147. 					}
    148. 

  148. 					unset($user_id_ary);
    149. 

  149. 				}
    150. 

  150. 			}
    151. 

  151. 		}
    152. 

  152. 		elseif (sizeof($data['usernames']))
    153. 

  153. 		{
    154. 

  154. 			// Force integer values
    155. 

  155. 			$data['usernames'] = array_map('intval', $data['usernames']);
    156. 

  156. 			$friend_foe_mode = ($zmode == 'friends') ? true : false;
    157. 

  157. 			user_friend_foe_remove($data['usernames'], $friend_foe_mode);
    158. 

  158. 			$updated = true;
    159. 

  159. 		}
    160. 

  160. 

  161. 		$db->clear_cache('zebra_users_');
    162. 

  162. 		if ($updated)
    163. 

  163. 		{
    164. 

  164. 			$redirect_url = append_sid(append_sid(CMS_PAGE_PROFILE . '?mode=zebra&amp;zmode=' . $zmode));
    165. 

  165. 			meta_refresh(3, $redirect_url);
    166. 

  166. 			message_die(GENERAL_MESSAGE, (($zmode == 'friends') ? $lang['FRIENDS_UPDATED'] : $lang['FOES_UPDATED']));
    167. 

  167. 		}
    168. 

  168. 		else
    169. 

  169. 		{
    170. 

  170. 			message_die(GENERAL_ERROR, (($zmode == 'friends') ? $lang['FRIENDS_UPDATE_ERROR'] : $lang['FOES_UPDATE_ERROR']));
    171. 

  171. 		}
    172. 

  172. 	}
    173. 

  173. }
    174. 

  174. 

  175. $sql_and = ($zmode == 'foes') ? 'z.foe = 1' : 'z.friend = 1';
    176. 

  176. $sql = "SELECT z.*, u.username
    177. 

  177. 	FROM " . ZEBRA_TABLE . " z, " . USERS_TABLE . " u
    178. 

  178. 	WHERE z.user_id = '" . $user->data['user_id'] . "'
    179. 

  179. 		AND " . $sql_and . "
    180. 

  180. 		AND u.user_id = z.zebra_id
    181. 

  181. 	ORDER BY u.username ASC";
    182. 

  182. $result = $db->sql_query($sql);
    183. 

  183. 

  184. $username_count = 0;
    185. 

  185. $s_username_options = '';
    186. 

  186. while ($row = $db->sql_fetchrow($result))
    187. 

  187. {
    188. 

  188. 	$s_username_options .= '<option value="' . $row['zebra_id'] . '">' . htmlspecialchars($row['username']) . '</option>';
    189. 

  189. 	$username_count++;
    190. 

  190. }
    191. 

  191. $db->sql_freeresult($result);
    192. 

  192. 

  193. $link_name = $lang['UCP_ZEBRA_FRIENDS'];
    194. 

  194. $nav_server_url = create_server_url();
    195. 

  195. $breadcrumbs['address'] = $lang['Nav_Separator'] . '<a href="' . $nav_server_url . append_sid(CMS_PAGE_PROFILE_MAIN) . '"' . (!empty($link_name) ? '' : ' class="nav-current"') . '>' . $lang['Profile'] . '</a>' . (!empty($link_name) ? ($lang['Nav_Separator'] . '<a class="nav-current" href="#">' . $link_name . '</a>') : '');
    196. 

  196. 

  197. if ($username_count > 0)
    198. 

  198. {
    199. 

  199. 	$template->assign_block_vars('friends', array());
    200. 

  200. }
    201. 

  201. else
    202. 

  202. {
    203. 

  203. 	$template->assign_block_vars('no_friends', array());
    204. 

  204. }
    205. 

  205. 

  206. $template->assign_vars(array(
    207. 

  207. 	'L_TITLE' => $lang['UCP_ZEBRA'],
    208. 

  208. 	'L_SUBMIT' => $lang['Submit'],
    209. 

  209. 	'L_RESET' => $lang['Reset'],
    210. 

  210. 

  211. 	'L_SELECT' => $lang['Select'],
    212. 

  212. 	'L_REMOVE_SELECTED' => $lang['Remove_selected'],
    213. 

  213. 	'L_ADD_MEMBER' => $lang['Add_member'],
    214. 

  214. 

  215. 	'L_ADD_FOES' => $lang['ADD_FOES'],
    216. 

  216. 	'L_ADD_FOES_EXPLAIN' => $lang['ADD_FOES_EXPLAIN'],
    217. 

  217. 	'L_FOES' => $lang['FOES'],
    218. 

  218. 	'L_FOES_EXPLAIN' => $lang['FOES_EXPLAIN'],
    219. 

  219. 	'L_YOUR_FOES' => $lang['YOUR_FOES'],
    220. 

  220. 	'L_YOUR_FOES_EXPLAIN' => $lang['YOUR_FOES_EXPLAIN'],
    221. 

  221. 	'L_NO_FOES' => $lang['NO_FOES'],
    222. 

  222. 	'L_ADD_FRIENDS' => $lang['ADD_FRIENDS'],
    223. 

  223. 	'L_ADD_FRIENDS_EXPLAIN' => $lang['ADD_FRIENDS_EXPLAIN'],
    224. 

  224. 	'L_FRIENDS' => $lang['FRIENDS'],
    225. 

  225. 	'L_FRIENDS_EXPLAIN' => $lang['FRIENDS_EXPLAIN'],
    226. 

  226. 	'L_YOUR_FRIENDS' => $lang['YOUR_FRIENDS'],
    227. 

  227. 	'L_YOUR_FRIENDS_EXPLAIN' => $lang['YOUR_FRIENDS_EXPLAIN'],
    228. 

  228. 	'L_NO_FRIENDS' => $lang['NO_FRIENDS'],
    229. 

  229. 

  230. 	'U_SEARCH_USER' => append_sid(CMS_PAGE_SEARCH . '?mode=searchuser'),
    231. 

  231. 	'S_USERNAME_OPTIONS' => $s_username_options,
    232. 

  232. 	'S_PROFILE_ACTION' => append_sid(CMS_PAGE_PROFILE . '?mode=zebra&amp;zmode=' . $zmode),
    233. 

  233. 	'S_HIDDEN_FIELDS' => ''
    234. 

  234. 	)
    235. 

  235. );
    236. 

  236. 

  237. full_page_generation('profile_friends_mng_body.tpl', $lang['UCP_ZEBRA_FRIENDS'], '', '');
    238. 

  238. 

  239. ?>
    240.