PageRenderTime 48ms CodeModel.GetById 22ms RepoModel.GetById 0ms app.codeStats 0ms

/dead/friends.php

https://bitbucket.org/nexea/x00n
PHP | 184 lines | 150 code | 31 blank | 3 comment | 49 complexity | 03f2a6e3f19f5e034f518084e310fe35 MD5 | raw file
Possible License(s): GPL-2.0
  1. <?
  2. require "include/bittorrent.php";
  3. dbconn(false);
  4. loggedinorreturn();
  5. $userid = $_GET['id'];
  6. $action = $_GET['action'];
  7. if (!$userid)
  8. $userid = $CURUSER['id'];
  9. if (!is_valid_id($userid))
  10. stderr("Error", "Invalid ID $userid.");
  11. if ($userid != $CURUSER["id"])
  12. stderr("Error", "Access denied.");
  13. $res = mysql_query("SELECT * FROM users WHERE id=$userid") or mysql_error();
  14. $user = mysql_fetch_array($res) or stderr("Error", "No user with ID $userid.");
  15. // action: add -------------------------------------------------------------
  16. if ($action == 'add')
  17. {
  18. $targetid = $_GET['targetid'];
  19. $type = $_GET['type'];
  20. if (!is_valid_id($targetid))
  21. stderr("Error", "Invalid ID $$targetid.");
  22. if ($type == 'friend')
  23. {
  24. $table_is = $frag = 'friends';
  25. $field_is = 'friendid';
  26. }
  27. elseif ($type == 'block')
  28. {
  29. $table_is = $frag = 'blocks';
  30. $field_is = 'blockid';
  31. }
  32. else
  33. stderr("Error", "Unknown type $type");
  34. $r = mysql_query("SELECT id FROM $table_is WHERE userid=$userid AND $field_is=$targetid") or mysql_error();
  35. if (mysql_num_rows($r) == 1)
  36. stderr("Error", "User ID $targetid is already in your $table_is list.");
  37. mysql_query("INSERT INTO $table_is VALUES (0,$userid, $targetid)") or mysql_error();
  38. header("Location: $DEFAULTBASEURL/friends.php?id=$userid#$frag");
  39. die;
  40. }
  41. // action: delete ----------------------------------------------------------
  42. if ($action == 'delete')
  43. {
  44. $targetid = $_GET['targetid'];
  45. $sure = $_GET['sure'];
  46. $type = $_GET['type'];
  47. if (!is_valid_id($targetid))
  48. stderr("Error", "Invalid ID $userid.");
  49. if (!$sure)
  50. stderr("Delete $type","Do you really want to delete a $type? Click\n" .
  51. "<a href=?id=$userid&action=delete&type=$type&targetid=$targetid&sure=1>here</a> if you are sure.");
  52. if ($type == 'friend')
  53. {
  54. mysql_query("DELETE FROM friends WHERE userid=$userid AND friendid=$targetid") or mysql_error();
  55. if (mysql_affected_rows() == 0)
  56. stderr("Error", "No friend found with ID $targetid");
  57. $frag = "friends";
  58. }
  59. elseif ($type == 'block')
  60. {
  61. mysql_query("DELETE FROM blocks WHERE userid=$userid AND blockid=$targetid") or mysql_error();
  62. if (mysql_affected_rows() == 0)
  63. stderr("Error", "No block found with ID $targetid");
  64. $frag = "blocks";
  65. }
  66. else
  67. stderr("Error", "Unknown type $type");
  68. header("Location: $DEFAULTBASEURL/friends.php?id=$userid#$frag");
  69. die;
  70. }
  71. // main body -----------------------------------------------------------------
  72. stdhead("Personal lists for " . $user['username']);
  73. if ($user["donor"] == "yes") $donor = "<td class=embedded><img src=images/starbig.gif alt='Donor' style='margin-left: 4pt'></td>";
  74. if ($user["warned"] == "yes") $warned = "<td class=embedded><img src=images/warnedbig.gif alt='Warned' style='margin-left: 4pt'></td>";
  75. print("<p><table class=main border=0 cellspacing=0 cellpadding=0>".
  76. "<tr><td class=embedded><h1 style='margin:0px'><font color=red> - BETA - </font></h1></td></tr></table></p>\n");
  77. print("<p><table class=main border=0 cellspacing=0 cellpadding=0>".
  78. "<tr><td class=embedded><h1 style='margin:0px'> Personal lists for $user[username]</h1>$donor$warned$country</td></tr></table></p>\n");
  79. print("<table class=main width=750 border=0 cellspacing=0 cellpadding=0><tr><td class=embedded>");
  80. print("<br>");
  81. print("<h2 align=left><a name=\"friends\">Friends list</a></h2>\n");
  82. print("<table width=750 border=1 cellspacing=0 cellpadding=5><tr><td>");
  83. $i = 0;
  84. $res = mysql_query("SELECT f.friendid as id, u.username AS name, u.class, u.avatar, u.title, u.donor, u.warned, u.enabled, u.last_access FROM friends AS f JOIN users as u ON f.friendid = u.id WHERE userid=$userid ORDER BY name") or mysql_error();
  85. if(mysql_num_rows($res) == 0)
  86. $friends = "<em>Your friends list is empty.</em>";
  87. else
  88. while ($friend = mysql_fetch_array($res))
  89. {
  90. $title = $friend["title"];
  91. if (!$title)
  92. $title = get_user_class_name($friend["class"]);
  93. $body1 = "<a href=userdetails.php?id=" . $friend['id'] . "><b>" . $friend['name'] . "</b></a>" .
  94. get_user_icons($friend) . " ($title)<br><br>last seen on " . $friend['last_access'] .
  95. "<br>(" . get_elapsed_time(sql_timestamp_to_unix_timestamp($friend[last_access])) . " ago)";
  96. $body2 = "<br><a href=friends.php?id=$userid&action=delete&type=friend&targetid=" . $friend['id'] . ">Remove</a>" .
  97. "<br><br><a href=sendmessage.php?receiver=" . $friend['id'] . ">Send PM</a>";
  98. $avatar = ($CURUSER["avatars"] == "yes" ? htmlspecialchars($friend["avatar"]) : "");
  99. if (!$avatar)
  100. $avatar = "images/default_avatar.gif";
  101. if ($i % 2 == 0)
  102. print("<table width=100% style='padding: 0px'><tr><td class=bottom style='padding: 5px' width=50% align=center>");
  103. else
  104. print("<td class=bottom style='padding: 5px' width=50% align=center>");
  105. print("<table class=main width=100% height=75px>");
  106. print("<tr valign=top><td width=75 align=center style='padding: 0px'>" .
  107. ($avatar ? "<div style='width:75px;height:75px;overflow: hidden'><img width=75px src=\"$avatar\"></div>" : ""). "</td><td>\n");
  108. print("<table class=main>");
  109. print("<tr><td class=embedded style='padding: 5px' width=80%>$body1</td>\n");
  110. print("<td class=embedded style='padding: 5px' width=20%>$body2</td></tr>\n");
  111. print("</table>");
  112. print("</td></tr>");
  113. print("</td></tr></table>\n");
  114. if ($i % 2 == 1)
  115. print("</td></tr></table>\n");
  116. else
  117. print("</td>\n");
  118. $i++;
  119. }
  120. if ($i % 2 == 1)
  121. print("<td class=bottom width=50%>&nbsp;</td></tr></table>\n");
  122. print($friends);
  123. print("</td></tr></table>\n");
  124. $res = mysql_query("SELECT b.blockid as id, u.username AS name, u.donor, u.warned, u.enabled, u.last_access FROM blocks AS b JOIN users as u ON b.blockid = u.id WHERE userid=$userid ORDER BY name") or mysql_error();
  125. if(mysql_num_rows($res) == 0)
  126. $blocks = "<em>Your blocked users list is empty.</em>";
  127. else
  128. {
  129. $i = 0;
  130. $blocks = "<table width=100% cellspacing=0 cellpadding=0>";
  131. while ($block = mysql_fetch_array($res))
  132. {
  133. if ($i % 6 == 0)
  134. $blocks .= "<tr>";
  135. $blocks .= "<td style='border: none; padding: 4px; spacing: 0px;'>[<font class=small><a href=friends.php?id=$userid&action=delete&type=block&targetid=" .
  136. $block['id'] . ">D</a></font>] <a href=userdetails.php?id=" . $block['id'] . "><b>" . $block['name'] . "</b></a>" .
  137. get_user_icons($block) . "</td>";
  138. if ($i % 6 == 5)
  139. $blocks .= "</tr>";
  140. $i++;
  141. }
  142. print("</table>\n");
  143. }
  144. print("<br><br>");
  145. print("<table class=main width=750 border=0 cellspacing=0 cellpadding=10><tr><td class=embedded>");
  146. print("<h2 align=left><a name=\"blocks\">Blocked users list</a></h2></td></tr>");
  147. print("<tr><td style='padding: 10px;background-color: #ECE9D8'>");
  148. print("$blocks\n");
  149. print("</td></tr></table>\n");
  150. print("</td></tr></table>\n");
  151. print("<p><a href=users.php><b>Find User/Browse User List</b></a></p>");
  152. stdfoot();
  153. ?>