PageRenderTime 56ms CodeModel.GetById 25ms RepoModel.GetById 1ms app.codeStats 0ms

/objects/userpage.php

https://github.com/nopticon/hyd
PHP | 1247 lines | 939 code | 219 blank | 89 comment | 163 complexity | 7d32466ee740ce28a3e4f35292cf5166 MD5 | raw file
Possible License(s): MIT 
    

  1. <?php
    2. 

  2. /*
    3. 

  3. <Orion, a web development framework for RK.>
    4. 

  4. Copyright (C) <2011>  <Orion>
    5. 

    6. 

  6. This program is free software: you can redistribute it and/or modify
    7. 

  7. it under the terms of the GNU General Public License as published by
    8. 

  8. the Free Software Foundation, either version 3 of the License, or
    9. 

  9. (at your option) any later version.
    10. 

    11. 

  11. This program is distributed in the hope that it will be useful,
    12. 

  12. but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14. 

  14. GNU General Public License for more details.
    15. 

    16. 

  16. You should have received a copy of the GNU General Public License
    17. 

  17. along with this program.  If not, see <http://www.gnu.org/licenses/>.
    18. 

  18. */
    19. 

  19. if (!defined('IN_APP')) exit;
    20. 

  20. 

  21. function a_thumbnails($artists, $lang_key, $block, $item_per_col = 2) {
    22. 

  22. 	global $config, $user;
    23. 

  23. 

  24. 	_style('main.' . $block, array(
    25. 

  25. 		'L_TITLE' => lang($lang_key))
    26. 

  26. 	);
    27. 

  27. 

  28. 	foreach ($artists as $ub => $data) {
    29. 

  29. 		$image = $ub . '/thumbnails/' . $row->image . '.jpg';
    30. 

  30. 

  31. 		_style('main.' . $block . '.row', array(
    32. 

  32. 			'NAME' => $data->name,
    33. 

  33. 			'IMAGE' => $config->artists_url . $image,
    34. 

  34. 			'URL' => s_link('a', $data->subdomain),
    35. 

  35. 			'LOCATION' => ($data->local) ? 'Guatemala' : $data->location,
    36. 

  36. 			'GENRE' => $data->genre)
    37. 

  37. 		);
    38. 

  38. 	}
    39. 

  39. 

  40. 	return true;
    41. 

  41. }
    42. 

  42. 

  43. class userpage {
    44. 

  44. 	private $_title;
    45. 

  45. 	private $_template;
    46. 

  46. 	private $data;
    47. 

  47. 

  48. 	public function __construct() {
    49. 

  49. 		return;
    50. 

  50. 	}
    51. 

  51. 

  52. 	public function get_title($default = '') {
    53. 

  53. 		return (!empty($this->_title)) ? $this->_title : $default;
    54. 

  54. 	}
    55. 

  55. 

  56. 	public function get_template($default = '') {
    57. 

  57. 		return (!empty($this->_template)) ? $this->_template : $default;
    58. 

  58. 	}
    59. 

  59. 

  60. 	public function run() {
    61. 

  61. 		global $user;
    62. 

  62. 

  63. 		if (!$user->is('member')) {
    64. 

  64. 			do_login();
    65. 

  65. 		}
    66. 

  66. 

  67. 		$userpage = request_var('member', '');
    68. 

  68. 		$page = request_var('page', '');
    69. 

  69. 

  70. 		switch ($page) {
    71. 

  71. 			case 'dc':
    72. 

  72. 				return $this->conversations();
    73. 

  73. 		}
    74. 

  74. 

  75. 		if (empty($userpage)) {
    76. 

  76. 			return $this->profile();
    77. 

  77. 		}
    78. 

  78. 

  79. 		$sql = 'SELECT *
    80. 

  80. 			FROM _members
    81. 

  81. 			WHERE username_base = ?
    82. 

  82. 				AND user_type NOT IN (??)
    83. 

  83. 				AND user_id NOT IN (
    84. 

  84. 					SELECT user_id
    85. 

  85. 					FROM _members_ban
    86. 

  86. 					WHERE banned_user = ?
    87. 

  87. 				)
    88. 

  88. 				AND user_id NOT IN (
    89. 

  89. 					SELECT ban_userid
    90. 

  90. 					FROM _banlist
    91. 

  91. 				)';
    92. 

  92. 		if (!$this->data = sql_fieldrow(sql_filter($sql, get_username_base($userpage), USER_INACTIVE, $user->d('user_id')))) {
    93. 

  93. 			fatal_error();
    94. 

  94. 		}
    95. 

  95. 

  96. 		return $this->userpage();
    97. 

  97. 	}
    98. 

  98. 

  99. 	private function conversations() {
    100. 

  100. 		if (_button('cancel')) {
    101. 

  101. 			redirect(s_link('my dc'));
    102. 

  102. 		}
    103. 

  103. 

  104. 		global $config, $user, $cache, $comments;
    105. 

  105. 

  106. 		// TODO: New conversation system
    107. 

  107. 		// /my/dc/(page)/(selected)/(username)/
    108. 

  108. 

  109. 		$this->conversations_delete();
    110. 

  110. 

  111. 		$submit = _button('post');
    112. 

  112. 		$msg_id = request_var('p', 0);
    113. 

  113. 		$mode = request_var('mode', '');
    114. 

  114. 		$error = w();
    115. 

  115. 

  116. 		if ($submit || $mode == 'start' || $mode == 'reply') {
    117. 

  117. 			$member = '';
    118. 

  118. 			$dc_subject = '';
    119. 

  119. 			$dc_message = '';
    120. 

  120. 

  121. 			if ($submit) {
    122. 

  122. 				if ($mode == 'reply') {
    123. 

  123. 					$parent_id = request_var('parent', 0);
    124. 

  124. 

  125. 					$sql = 'SELECT *
    126. 

  126. 						FROM _dc
    127. 

  127. 						WHERE msg_id = ?
    128. 

  128. 							AND (privmsgs_to_userid = ? OR privmsgs_from_userid = ?)';
    129. 

  129. 					if (!$to_userdata = sql_fieldrow(sql_filter($sql, $parent_id, $user->d('user_id'), $user->d('user_id')))) {
    130. 

  130. 						fatal_error();
    131. 

  131. 					}
    132. 

  132. 

  133. 					$privmsgs_to_userid = ($user->d('user_id') == $to_userdata->privmsgs_to_userid) ? 'privmsgs_from_userid' : 'privmsgs_to_userid';
    134. 

  134. 					$to_userdata->user_id = $to_userdata->$privmsgs_to_userid;
    135. 

  135. 				} else {
    136. 

  136. 					$member = request_var('member', '');
    137. 

  137. 					if (!empty($member)) {
    138. 

  138. 						$member = get_username_base($member, true);
    139. 

  139. 

  140. 						if ($member !== false) {
    141. 

  141. 							$sql = 'SELECT user_id, username, username_base, user_email
    142. 

  142. 								FROM _members
    143. 

  143. 								WHERE username_base = ?
    144. 

  144. 									AND user_type <> ?';
    145. 

  145. 							if (!$to_userdata = sql_fieldrow(sql_filter($sql, $member, USER_INACTIVE))) {
    146. 

  146. 								$error[] = 'NO_SUCH_USER';
    147. 

  147. 							}
    148. 

  148. 

  149. 							if (!count($error) && $to_userdata->user_id == $user->d('user_id')) {
    150. 

  150. 								$error[] = 'NO_AUTO_DC';
    151. 

  151. 							}
    152. 

  152. 						} else {
    153. 

  153. 							$error[] = 'NO_SUCH_USER';
    154. 

  154. 							$member = '';
    155. 

  155. 						}
    156. 

  156. 					} else {
    157. 

  157. 						$error[] = 'EMPTY_USER';
    158. 

  158. 					}
    159. 

  159. 				}
    160. 

  160. 

  161. 				if (isset($to_userdata) && isset($to_userdata->user_id)) {
    162. 

  162. 					// Check blocked member
    163. 

  163. 					$sql = 'SELECT ban_id
    164. 

  164. 						FROM _members_ban
    165. 

  165. 						WHERE user_id = ?
    166. 

  166. 							AND banned_user = ?';
    167. 

  167. 					if ($ban_profile = sql_fieldrow(sql_filter($sql, $to_userdata->user_id, $user->d('user_id')))) {
    168. 

  168. 						$error[] = 'BLOCKED_MEMBER';
    169. 

  169. 					}
    170. 

  170. 				}
    171. 

  171. 

  172. 				$dc_message = request_var('message', '');
    173. 

  173. 				if (empty($dc_message)) {
    174. 

  174. 					$error[] = 'EMPTY_MESSAGE';
    175. 

  175. 				}
    176. 

  176. 

  177. 				if (!count($error)) {
    178. 

  178. 					$insert = array(
    179. 

  179. 						'privmsgs_type' => PRIVMSGS_NEW_MAIL,
    180. 

  180. 						'privmsgs_from_userid' => $user->d('user_id'),
    181. 

  181. 						'privmsgs_to_userid' => $to_userdata->user_id,
    182. 

  182. 						'privmsgs_date' => time(),
    183. 

  183. 						'msg_ip' => $user->ip,
    184. 

  184. 						'privmsgs_text' => $comments->prepare($dc_message),
    185. 

  185. 						'msg_can_reply' => 1
    186. 

  186. 					);
    187. 

  187. 

  188. 					if ($mode == 'reply') {
    189. 

  189. 						$insert['parent_id'] = $to_userdata->parent_id;
    190. 

  190. 					} else {
    191. 

  191. 						$insert['privmsgs_subject'] = $dc_subject;
    192. 

  192. 					}
    193. 

  193. 

  194. 					$dc_id = sql_insert('dc', $insert);
    195. 

  195. 

  196. 					if ($mode == 'reply') {
    197. 

  197. 						$sql = 'UPDATE _dc SET root_conv = root_conv + 1, last_msg_id = ?
    198. 

  198. 							WHERE msg_id = ?';
    199. 

  199. 						sql_query(sql_filter($sql, $dc_id, $to_userdata->msg_id));
    200. 

  200. 

  201. 						$sql = 'UPDATE _dc SET msg_deleted = 0
    202. 

  202. 							WHERE parent_id = ?';
    203. 

  203. 						sql_query(sql_filter($sql, $to_userdata->parent_id));
    204. 

  204. 

  205. 						// TODO: Today save
    206. 

  206. 						// $user->delete_unread(UH_NOTE, $to_userdata->parent_id);
    207. 

  207. 					} else {
    208. 

  208. 						$sql = 'UPDATE _dc SET parent_id = ?, last_msg_id = ?
    209. 

  209. 							WHERE msg_id = ?';
    210. 

  210. 						sql_query(sql_filter($sql, $dc_id, $dc_id, $dc_id));
    211. 

  211. 					}
    212. 

  212. 

  213. 					// TODO: Today save
    214. 

  214. 					// $user->save_unread(UH_NOTE, (($mode == 'reply') ? $to_userdata->parent_id : $dc_id), 0, $to_userdata->user_id);
    215. 

  215. 

  216. 					//
    217. 

  217. 					// Notify via email if user requires it
    218. 

  218. 					//
    219. 

  219. 					if ($mode == 'start' && /*$can_email && */$user->d('user_email_dc')) {
    220. 

  220. 						$emailer = new emailer();
    221. 

  221. 

  222. 						$emailer->from('info');
    223. 

  223. 						$emailer->set_subject($config->sitename . ': Mensaje nuevo de ' . $user->d('username'));
    224. 

  224. 						$emailer->use_template('dc_email');
    225. 

  225. 						$emailer->email_address($to_userdata->user_email);
    226. 

  226. 

  227. 						$dc_url = s_link('my dc read', $dc_id);
    228. 

  228. 

  229. 						$emailer->assign_vars(array(
    230. 

  230. 							'USERNAME' => $to_userdata->username,
    231. 

  231. 							'SENT_BY' => $user->d('username'),
    232. 

  232. 							'DC_URL' => $dc_url)
    233. 

  233. 						);
    234. 

  234. 						$emailer->send();
    235. 

  235. 						$emailer->reset();
    236. 

  236. 					}
    237. 

  237. 

  238. 					redirect(s_link('my dc read', $dc_id) . '#' . $dc_id);
    239. 

  239. 				}
    240. 

  240. 			}
    241. 

  241. 		}
    242. 

  242. 

  243. 		//
    244. 

  244. 		// Start error handling
    245. 

  245. 		//
    246. 

  246. 		if (count($error)) {
    247. 

  247. 			_style('error', array(
    248. 

  248. 				'MESSAGE' => parse_error($error))
    249. 

  249. 			);
    250. 

  250. 

  251. 			if ($mode == 'reply') {
    252. 

  252. 				$mode = 'read';
    253. 

  253. 			}
    254. 

  254. 		}
    255. 

  255. 

  256. 		$s_hidden_fields = w();
    257. 

  257. 

  258. 		switch ($mode) {
    259. 

  259. 			case 'start':
    260. 

  260. 				//
    261. 

  261. 				// Start new conversation
    262. 

  262. 				//
    263. 

  263. 				if (!$submit) {
    264. 

  264. 					$member = request_var('member', '');
    265. 

  265. 					if ($member != '') {
    266. 

  266. 						$member = get_username_base($member);
    267. 

  267. 

  268. 						$sql = 'SELECT user_id, username, username_base
    269. 

  269. 							FROM _members
    270. 

  270. 							WHERE username_base = ?
    271. 

  271. 								AND user_type <> ?';
    272. 

  272. 						$row = sql_fieldrow(sql_filter($sql, $member, USER_INACTIVE));
    273. 

  273. 					}
    274. 

  274. 				}
    275. 

  275. 

  276. 				_style('dc_start', array(
    277. 

  277. 					'MEMBER' => $member,
    278. 

  278. 					'SUBJECT' => $dc_subject,
    279. 

  279. 					'MESSAGE' => $dc_message)
    280. 

  280. 				);
    281. 

  281. 

  282. 				$s_hidden_fields = array('mode' => 'start');
    283. 

  283. 				break;
    284. 

  284. 			case 'read':
    285. 

  285. 				//
    286. 

  286. 				// Show selected conversation
    287. 

  287. 				//
    288. 

  288. 				if (!$msg_id) {
    289. 

  289. 					fatal_error();
    290. 

  290. 				}
    291. 

  291. 

  292. 				$sql = 'SELECT *
    293. 

  293. 					FROM _dc
    294. 

  294. 					WHERE msg_id = ?
    295. 

  295. 						AND (privmsgs_to_userid = ? OR privmsgs_from_userid = ?)
    296. 

  296. 						AND msg_deleted <> ?';
    297. 

  297. 				if (!$msg_data = sql_fieldrow(sql_filter($sql, $msg_id, $user->d('user_id'), $user->d('user_id'), $user->d('user_id')))) {
    298. 

  298. 					fatal_error();
    299. 

  299. 				}
    300. 

  300. 

  301. 				//
    302. 

  302. 				// Get all messages for this conversation
    303. 

  303. 				//
    304. 

  304. 				$sql = 'SELECT c.*, m.user_id, m.username, m.username_base, m.user_avatar, m.user_sig, m.user_rank, m.user_gender, m.user_posts
    305. 

  305. 					FROM _dc c, _members m
    306. 

  306. 					WHERE c.parent_id = ?
    307. 

  307. 						AND c.privmsgs_from_userid = m.user_id
    308. 

  308. 					ORDER BY c.privmsgs_date';
    309. 

  309. 				if (!$result = sql_rowset(sql_filter($sql, $msg_data->parent_id))) {
    310. 

  310. 					fatal_error();
    311. 

  311. 				}
    312. 

  312. 

  313. 				$with_user = $msg_data->privmsgs_to_userid;
    314. 

  314. 				if ($with_user == $user->d('user_id')) {
    315. 

  315. 					$with_user = $msg_data->privmsgs_from_userid;
    316. 

  316. 				}
    317. 

  317. 

  318. 				$sql = 'SELECT username
    319. 

  319. 					FROM _members
    320. 

  320. 					WHERE user_id = ?';
    321. 

  321. 				$with_username = sql_field(sql_filter($sql, $with_user), 'username', '');
    322. 

  322. 

  323. 				_style('conv', array(
    324. 

  324. 					'URL' => s_link('my dc'),
    325. 

  325. 					'SUBJECT' => $with_username,
    326. 

  326. 					'CAN_REPLY' => $result[0]->msg_can_reply,)
    327. 

  327. 				);
    328. 

  328. 

  329. 				foreach ($result as $row) {
    330. 

  330. 					$user_profile = $comments->user_profile($row);
    331. 

  331. 

  332. 					_style('conv.row', array(
    333. 

  333. 						'USERNAME' => $user_profile->username,
    334. 

  334. 						'AVATAR' => $user_profile->user_avatar,
    335. 

  335. 						'SIGNATURE' => ($row->user_sig != '') ? $comments->parse_message($row->user_sig) : '',
    336. 

  336. 						'PROFILE' => $user_profile->profile,
    337. 

  337. 						'MESSAGE' => $comments->parse_message($row->privmsgs_text),
    338. 

  338. 						'POST_ID' => $row->msg_id,
    339. 

  339. 						'POST_DATE' => $user->format_date($row->privmsgs_date))
    340. 

  340. 					);
    341. 

  341. 				}
    342. 

  342. 

  343. 				$s_hidden_fields = array('mark[]' => $msg_data->parent_id, 'p' => $msg_id, 'parent' => $msg_data->parent_id, 'mode' => 'reply');
    344. 

  344. 				break;
    345. 

  345. 			default:
    346. 

  346. 				//
    347. 

  347. 				// Get all conversations for this member
    348. 

  348. 				//
    349. 

  349. 				$offset = request_var('offset', 0);
    350. 

  350. 

  351. 				$sql = 'SELECT COUNT(c.msg_id) AS total
    352. 

  352. 					FROM _dc c, _dc c2, _members m, _members m2
    353. 

  353. 					WHERE (c.privmsgs_to_userid = ? OR c.privmsgs_from_userid = ?)
    354. 

  354. 						AND c.msg_id = c.parent_id
    355. 

  355. 						AND c.msg_deleted <> ?
    356. 

  356. 						AND c.privmsgs_from_userid = m.user_id
    357. 

  357. 						AND c.privmsgs_to_userid = m2.user_id
    358. 

  358. 						AND (IF(c.last_msg_id,c.last_msg_id,c.msg_id) = c2.msg_id)';
    359. 

  359. 				$total_conv = sql_field(sql_filter($sql, $user->d('user_id'), $user->d('user_id'), $user->d('user_id')), 'total', 0);
    360. 

  360. 

  361. 				$sql = 'SELECT c.msg_id, c.parent_id, c.last_msg_id, c.root_conv, c.privmsgs_date, c.privmsgs_subject, c2.privmsgs_date as last_privmsgs_date, m.user_id, m.username, m.username_base, m2.user_id as user_id2, m2.username as username2, m2.username_base as username_base2
    362. 

  362. 					FROM _dc c, _dc c2, _members m, _members m2
    363. 

  363. 					WHERE (c.privmsgs_to_userid = ? OR c.privmsgs_from_userid = ?)
    364. 

  364. 						AND c.msg_id = c.parent_id
    365. 

  365. 						AND c.msg_deleted <> ?
    366. 

  366. 						AND c.privmsgs_from_userid = m.user_id
    367. 

  367. 						AND c.privmsgs_to_userid = m2.user_id
    368. 

  368. 						AND (IF(c.last_msg_id,c.last_msg_id,c.msg_id) = c2.msg_id)
    369. 

  369. 					ORDER BY c2.privmsgs_date DESC
    370. 

  370. 					LIMIT ??, ??';
    371. 

  371. 				if ($result = sql_rowset(sql_filter($sql, $user->d('user_id'), $user->d('user_id'), $user->d('user_id'), $offset, $config->posts_per_page))) {
    372. 

  372. 					_style('messages');
    373. 

  373. 

  374. 					foreach ($result as $row) {
    375. 

  375. 						$dc_with = ($user->d('user_id') == $row->user_id) ? '2' : '';
    376. 

  376. 						if (!$row->last_msg_id) {
    377. 

  377. 							$row->last_msg_id = $row->msg_id;
    378. 

  378. 							$row->last_privmsgs_date = $row->privmsgs_date;
    379. 

  379. 						}
    380. 

  380. 

  381. 						$dc_subject = 'Conversaci&oacute;n con ' . $row->{'username' . $dc_with};
    382. 

  382. 

  383. 						_style('messages.item', array(
    384. 

  384. 							'S_MARK_ID' => $row->parent_id,
    385. 

  385. 							'SUBJECT' => $dc_subject,
    386. 

  386. 							'U_READ' => s_link('my dc read', $row->last_msg_id) . '#' . $row->last_msg_id,
    387. 

  387. 							'POST_DATE' => $user->format_date($row->last_privmsgs_date, 'j F Y \a \l\a\s H:i') . ' horas.',
    388. 

  388. 							'ROOT_CONV' => $row->root_conv,
    389. 

  389. 

  390. 							'DC_USERNAME' => $row->{'username' . $dc_with},
    391. 

  391. 							'DC_PROFILE' => s_link('m', $row->{'username_base' . $dc_with}))
    392. 

  392. 						);
    393. 

  393. 					}
    394. 

  394. 

  395. 					build_num_pagination(s_link('my dc s%d'), $total_conv, $config->posts_per_page, $offset);
    396. 

  396. 				} else if ($total_conv) {
    397. 

  397. 					redirect(s_link('my dc'));
    398. 

  398. 				} else {
    399. 

  399. 					_style('no_messages');
    400. 

  400. 				}
    401. 

  401. 

  402. 				_style('dc_total', array(
    403. 

  403. 					'TOTAL' => $total_conv)
    404. 

  404. 				);
    405. 

  405. 				break;
    406. 

  406. 		}
    407. 

  407. 

  408. 		//
    409. 

  409. 		// Get friends for this member
    410. 

  410. 		//
    411. 

  411. 		$sql = 'SELECT DISTINCT m.user_id, m.username, m.username_base
    412. 

  412. 			FROM _members_friends f, _members m
    413. 

  413. 			WHERE (f.user_id = ? AND f.buddy_id = m.user_id)
    414. 

  414. 				OR (f.buddy_id = ? AND f.user_id = m.user_id)
    415. 

  415. 			ORDER BY m.username';
    416. 

  416. 		if ($result = sql_rowset(sql_filter($sql, $user->d('user_id'), $user->d('user_id')))) {
    417. 

  417. 			_style('sdc_friends', array(
    418. 

  418. 				'DC_START' => s_link('my dc start'))
    419. 

  419. 			);
    420. 

  420. 

  421. 			foreach ($result as $row) {
    422. 

  422. 				_style('sdc_friends.item', array(
    423. 

  423. 					'USERNAME' => $row->username,
    424. 

  424. 					'URL' => s_link('my dc start', $row->username_base))
    425. 

  425. 				);
    426. 

  426. 			}
    427. 

  427. 		}
    428. 

  428. 

  429. 		//
    430. 

  430. 		// Output template
    431. 

  431. 		//
    432. 

  432. 		$page_title = ($mode == 'read') ? lang('dconv_read') : lang('dconvs');
    433. 

  433. 

  434. 		$layout_vars = array(
    435. 

  435. 			'L_CONV' => $page_title,
    436. 

  436. 			'S_ACTION' => s_link('my dc'),
    437. 

  437. 			'S_HIDDEN_FIELDS' => s_hidden($s_hidden_fields)
    438. 

  438. 		);
    439. 

  439. 

  440. 		page_layout($page_title, 'conversations', $layout_vars);
    441. 

  441. 	}
    442. 

  442. 

  443. 	private function conversations_delete() {
    444. 

  444. 		global $user;
    445. 

  445. 

  446. 		$mark = request_var('mark', array(0));
    447. 

  447. 

  448. 		if (_button('delete') && count($mark)) {
    449. 

  449. 			if (_button('confirm')) {
    450. 

  450. 				$sql = '((privmsgs_to_userid = ?) OR (privmsgs_from_userid = ?))';
    451. 

  451. 				$sql_member = sql_filter($sql, $user->d('user_id'), $user->d('user_id'));
    452. 

  452. 

  453. 				$sql = 'SELECT *
    454. 

  454. 					FROM _dc
    455. 

  455. 					WHERE parent_id IN (??)
    456. 

  456. 						AND ' . $sql_member;
    457. 

  457. 				if (!$result = sql_rowset(sql_filter($sql, implode(',', array_map('intval', $mark))))) {
    458. 

  458. 					return false;
    459. 

  459. 				}
    460. 

  460. 

  461. 				$update_a = $delete_a = w();
    462. 

  462. 

  463. 				foreach ($result as $row) {
    464. 

  464. 					$var = ($row->msg_deleted && ($row->msg_deleted != $user->d('user_id'))) ? 'delete_a' : 'update_a';
    465. 

  465. 

  466. 					if (!isset(${$var}[$row->parent_id])) {
    467. 

  467. 						${$var}[$row->parent_id] = true;
    468. 

  468. 					}
    469. 

  469. 				}
    470. 

  470. 

  471. 				//
    472. 

  472. 				if (count($update_a)) {
    473. 

  473. 					$sql = 'UPDATE _dc
    474. 

  474. 						SET msg_deleted = ?
    475. 

  475. 						WHERE parent_id IN (??)
    476. 

  476. 							AND ' . $sql_member;
    477. 

  477. 					sql_query(sql_filter($sql, $user->d('user_id'), implode(',', array_map('intval', array_keys($update_a)))));
    478. 

  478. 

  479. 					// TODO: Today save
    480. 

  480. 					// $user->delete_unread(UH_NOTE, array_keys($update_a));
    481. 

  481. 				}
    482. 

  482. 

  483. 				if (count($delete_a)) {
    484. 

  484. 					$sql = 'DELETE FROM _dc
    485. 

  485. 						WHERE parent_id IN (??)
    486. 

  486. 							AND ' . $sql_member;
    487. 

  487. 					sql_query(sql_filter($sql, implode(',', array_map('intval', array_keys($delete_a)))));
    488. 

  488. 

  489. 					// TODO: Today save
    490. 

  490. 					// $user->delete_unread(UH_NOTE, array_keys($delete_a));
    491. 

  491. 				}
    492. 

  492. 			} else {
    493. 

  493. 				$s_hidden = array('delete' => true);
    494. 

  494. 

  495. 				$i = 0;
    496. 

  496. 				foreach ($mark as $item) {
    497. 

  497. 					$s_hidden += array('mark[' . $i++ . ']' => $item);
    498. 

  498. 				}
    499. 

  499. 

  500. 				// Output to template
    501. 

  501. 				//
    502. 

  502. 				$layout_vars = array(
    503. 

  503. 					'MESSAGE_TEXT' => (count($mark) == 1) ? lang('confirm_delete_pm') : lang('confirm_delete_pms'),
    504. 

  504. 

  505. 					'S_CONFIRM_ACTION' => s_link('my dc'),
    506. 

  506. 					'S_HIDDEN_FIELDS' => s_hidden($s_hidden)
    507. 

  507. 				);
    508. 

  508. 				page_layout('CONVERSATIONS', 'confirm', $layout_vars);
    509. 

  509. 			}
    510. 

  510. 

  511. 			redirect(s_link('my dc'));
    512. 

  512. 		}
    513. 

  513. 

  514. 		return;
    515. 

  515. 	}
    516. 

  516. 

  517. 	private function profile() {
    518. 

  518. 		global $user, $config, $comments, $cache, $upload;
    519. 

  519. 

  520. 		$error = w();
    521. 

  521. 		$fields = w('public_email timezone dateformat location sig msnm yim lastfm website occ interests os fav_genres fav_artists rank color');
    522. 

  522. 		$length_ary = w('location sig msnm yim website occ interests os fav_genres fav_artists');
    523. 

  523. 

  524. 		$_fields = new stdClass;
    525. 

  525. 		foreach ($fields as $field) {
    526. 

  526. 			$_fields->$field = $user->d('user_' . $field);
    527. 

  527. 		}
    528. 

  528. 

  529. 		$_fields->avatar = $user->d('user_avatar');
    530. 

  530. 		$_fields->gender = $user->d('user_gender');
    531. 

  531. 		$_fields->hideuser = $user->d('user_hideuser');
    532. 

  532. 		$_fields->email_dc = $user->d('user_email_dc');
    533. 

  533. 

  534. 		$_fields->birthday_day = (int) substr($user->d('user_birthday'), 6, 2);
    535. 

  535. 		$_fields->birthday_month = (int) substr($user->d('user_birthday'), 4, 2);
    536. 

  536. 		$_fields->birthday_year = (int) substr($user->d('user_birthday'), 0, 4);
    537. 

  537. 

  538. 		if (_button()) {
    539. 

  539. 			foreach ($_fields as $field => $value) {
    540. 

  540. 				$_fields->$field = request_var($field, $value);
    541. 

  541. 			}
    542. 

  542. 

  543. 			$_fields->password1 = request_var('password1', '');
    544. 

  544. 			$_fields->password2 = request_var('password2', '');
    545. 

  545. 			$_fields->hideuser = _button('hideuser');
    546. 

  546. 			$_fields->email_dc = _button('email_dc');
    547. 

  547. 

  548. 			if (!empty($_fields->password1)) {
    549. 

  549. 				if (empty($_fields->password2)) {
    550. 

  550. 					$error[] = 'EMPTY_PASSWORD2';
    551. 

  551. 				}
    552. 

  552. 

  553. 				if (!count($error)) {
    554. 

  554. 					if ($_fields->password1 != $_fields->password2) {
    555. 

  555. 						$error[] = 'PASSWORD_MISMATCH';
    556. 

  556. 					} else if (strlen($_fields->password1) > 30) {
    557. 

  557. 						$error[] = 'PASSWORD_LONG';
    558. 

  558. 					}
    559. 

  559. 				}
    560. 

  560. 			}
    561. 

  561. 

  562. 			unset($_fields->password1, $_fields->password2);
    563. 

  563. 

  564. 			foreach ($length_ary as $field) {
    565. 

  565. 				if (strlen($_fields->$field) < 2) {
    566. 

  566. 					$_fields->$field = '';
    567. 

  567. 				}
    568. 

  568. 			}
    569. 

  569. 

  570. 			if (!empty($_fields->website)) {
    571. 

  571. 				if (!preg_match('#^http[s]?:\/\/#i', $_fields->website)) {
    572. 

  572. 					$_fields->website = 'http://' . $_fields->website;
    573. 

  573. 				}
    574. 

  574. 

  575. 				if (!preg_match('#^http[s]?\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i', $_fields->website)) {
    576. 

  576. 					$_fields->website = '';
    577. 

  577. 				}
    578. 

  578. 			}
    579. 

  579. 

  580. 			if (!empty($_fields->rank)) {
    581. 

  581. 				$rank_word = explode(' ', $_fields->rank);
    582. 

  582. 				if (count($rank_word) > 10) {
    583. 

  583. 					$error[] = 'RANK_TOO_LONG';
    584. 

  584. 				}
    585. 

  585. 

  586. 				if (!count($error)) {
    587. 

  587. 					$rank_limit = 15;
    588. 

  588. 					foreach ($rank_word as $each) {
    589. 

  589. 						if (preg_match_all('#\&.*?\;#is', $each, $each_preg)) {
    590. 

  590. 							foreach ($each_preg[0] as $each_preg_each) {
    591. 

  591. 								$rank_limit += (strlen($each_preg_each) - 1);
    592. 

  592. 							}
    593. 

  593. 						}
    594. 

  594. 

  595. 						if (strlen($each) > $rank_limit) {
    596. 

  596. 							$error[] = 'RANK_TOO_LONG';
    597. 

  597. 							break;
    598. 

  598. 						}
    599. 

  599. 					}
    600. 

  600. 				}
    601. 

  601. 			}
    602. 

  602. 

  603. 			// Rank
    604. 

  604. 			if (!empty($_fields->rank) && !count($error)) {
    605. 

  605. 				$sql = 'SELECT rank_id
    606. 

  606. 					FROM _ranks
    607. 

  607. 					WHERE rank_title = ?';
    608. 

  608. 				if (!$rank_id = sql_field(sql_filter($sql, $_fields->rank), 'rank_id', 0)) {
    609. 

  609. 					$insert = array(
    610. 

  610. 						'rank_title' => $_fields->rank,
    611. 

  611. 						'rank_min' => -1,
    612. 

  612. 						'rank_max' => -1,
    613. 

  613. 						'rank_special' => 1
    614. 

  614. 					);
    615. 

  615. 					$rank_id = sql_insert('ranks', $insert);
    616. 

  616. 				}
    617. 

  617. 

  618. 				if ($user->d('user_rank')) {
    619. 

  619. 					$sql = 'SELECT user_id
    620. 

  620. 						FROM _members
    621. 

  621. 						WHERE user_rank = ?';
    622. 

  622. 					$size_rank = sql_rowset(sql_filter($sql, $user->d('user_rank')), false, 'user_id');
    623. 

  623. 

  624. 					if (count($size_rank) == 1) {
    625. 

  625. 						$sql = 'DELETE FROM _ranks
    626. 

  626. 							WHERE rank_id = ?';
    627. 

  627. 						sql_query(sql_filter($sql, $user->d('user_rank')));
    628. 

  628. 					}
    629. 

  629. 				}
    630. 

  630. 

  631. 				$_fields->rank = $rank_id;
    632. 

  632. 				$cache->delete('ranks');
    633. 

  633. 			}
    634. 

  634. 

  635. 			if (!$_fields->birthday_month || !$_fields->birthday_day || !$_fields->birthday_year) {
    636. 

  636. 				$error[] = 'EMPTY_BIRTH_MONTH';
    637. 

  637. 			}
    638. 

  638. 

  639. 			// Update user avatar
    640. 

  640. 			if (!count($error)) {
    641. 

  641. 				$upload->avatar_process($user->d('username_base'), $_fields, $error);
    642. 

  642. 			}
    643. 

  643. 

  644. 			if (!count($error)) {
    645. 

  645. 				if (!empty($_fields->sig)) {
    646. 

  646. 					$_fields->sig = $comments->prepare($_fields->sig);
    647. 

  647. 				}
    648. 

  648. 

  649. 				$_fields->birthday = (string) (leading_zero($_fields->birthday_year) . leading_zero($_fields->birthday_month) . leading_zero($_fields->birthday_day));
    650. 

  650. 				unset($_fields->birthday_day, $_fields->birthday_month, $_fields->birthday_year);
    651. 

  651. 

  652. 				$_fields->dateformat = 'd M Y H:i';
    653. 

  653. 				$_fields->hideuser = $user->d('user_hideuser');
    654. 

  654. 				$_fields->email_dc = $user->d('user_email_dc');
    655. 

  655. 

  656. 				$member_data = w();
    657. 

  657. 				foreach ($_fields as $field => $value) {
    658. 

  658. 					if ($value != $user->d($field)) {
    659. 

  659. 						$member_data['user_' . $field] = $_fields->$field;
    660. 

  660. 					}
    661. 

  661. 				}
    662. 

  662. 

  663. 				if (count($member_data)) {
    664. 

  664. 					$sql = 'UPDATE _members SET ' . sql_build('UPDATE', $member_data) . sql_filter('
    665. 

  665. 						WHERE user_id = ?', $user->d('user_id'));
    666. 

    667. 

  667. 					$sql = 'UPDATE _members SET ??
    668. 

  668. 						WHERE user_id = ?';
    669. 

  669. 					sql_query(sql_filter($sql, sql_build('UPDATE', $member_data), $user->d('user_id')));
    670. 

  670. 				}
    671. 

  671. 

  672. 				redirect(s_link('m', $user->d('username_base')));
    673. 

  673. 			}
    674. 

  674. 		}
    675. 

  675. 

  676. 		if (count($error)) {
    677. 

  677. 			_style('error', array(
    678. 

  678. 				'MESSAGE' => parse_error($error))
    679. 

  679. 			);
    680. 

  680. 		}
    681. 

  681. 

  682. 		if ($user->d('user_avatar')) {
    683. 

  683. 			_style('current_avatar', array(
    684. 

  684. 				'IMAGE' => $config->avatar_url . $user->d('user_avatar'))
    685. 

  685. 			);
    686. 

  686. 		}
    687. 

  687. 

  688. 		$s_genders_select = '';
    689. 

  689. 		foreach (array(1 => 'MALE', 2 => 'FEMALE') as $id => $value) {
    690. 

  690. 			$s_genders_select .= '<option value="' . $id . '"' . (($_fields->gender == $id) ? ' selected="true"' : '') . '>' . lang($value) . '</option>';
    691. 

  691. 		}
    692. 

  692. 

  693. 		_style('gender', array(
    694. 

  694. 			'GENDER_SELECT' => $s_genders_select)
    695. 

  695. 		);
    696. 

  696. 

  697. 		$s_day_select = '';
    698. 

  698. 		for ($i = 1; $i < 32; $i++) {
    699. 

  699. 			$s_day_select .= '<option value="' . $i . '"' . (($_fields->birthday_day == $i) ? ' selected="true"' : '') . '>' . $i . '</option>';
    700. 

  700. 		}
    701. 

  701. 

  702. 		$s_month_select = '';
    703. 

  703. 		$months = w('January February March April May June July August September October November December');
    704. 

  704. 		foreach ($months as $id => $value) {
    705. 

  705. 			$s_month_select .= '<option value="' . ($id + 1) . '"' . (($_fields->birthday_month == ($id + 1)) ? ' selected="true"' : '') . '>' . $user->lang['datetime'][$value] . '</option>';
    706. 

  706. 		}
    707. 

  707. 

  708. 		$s_year_select = '';
    709. 

  709. 		for ($i = 2005; $i > 1899; $i--) {
    710. 

  710. 			$s_year_select .= '<option value="' . $i . '"' . (($_fields->birthday_year == $i) ? ' selected="true"' : '') . '>' . $i . '</option>';
    711. 

  711. 		}
    712. 

  712. 

  713. 		_style('birthday', array(
    714. 

  714. 			'DAY' => $s_day_select,
    715. 

  715. 			'MONTH' => $s_month_select,
    716. 

  716. 			'YEAR' => $s_year_select)
    717. 

  717. 		);
    718. 

  718. 

  719. 		$dateformat_select = '';
    720. 

  720. 		foreach ($dateset as $id => $value) {
    721. 

  721. 			$dateformat_select .= '<option value="' . $id . '"' . (($value == $_fields->dateformat) ? ' selected="selected"' : '') . '>' . $user->format_date(time(), $value) . '</option>';
    722. 

  722. 		}
    723. 

  723. 

  724. 		$timezone_select = '';
    725. 

  725. 		foreach ($user->lang['zones'] as $id => $value) {
    726. 

  726. 			$timezone_select .= '<option value="' . $id . '"' . (($id == $_fields->timezone) ? ' selected="selected"' : '') . '>' . $value . '</option>';
    727. 

  727. 		}
    728. 

  728. 

  729. 		unset($_fields->timezone, $_fields->dateformat);
    730. 

  730. 

  731. 		if ($user->d('rank')) {
    732. 

  732. 			$sql = 'SELECT rank_title
    733. 

  733. 				FROM _ranks
    734. 

  734. 				WHERE rank_id = ?';
    735. 

  735. 			$_fields->rank = sql_field(sql_filter($sql, $user->d('rank')), 'rank_title', '--');
    736. 

  736. 		}
    737. 

  737. 

  738. 		$output_vars = $_fields;
    739. 

  739. 

  740. 		$output_vars += array(
    741. 

  741. 			'DATEFORMAT' => $dateformat_select,
    742. 

  742. 			'TIMEZONE' => $timezone_select,
    743. 

  743. 			'HIDEUSER_SELECTED' => ($_fields->hideuser) ? ' checked="checked"' : '',
    744. 

  744. 			'EMAIL_DC_SELECTED' => ($_fields->email_dc) ? ' checked="checked"' : ''
    745. 

  745. 		);
    746. 

  746. 

  747. 		v_style($output_vars);
    748. 

  748. 

  749. 		$this->_title = 'MEMBER_OPTIONS';
    750. 

  750. 		$this->_template = 'profile';
    751. 

  751. 

  752. 		return;
    753. 

  753. 	}
    754. 

  754. 

  755. 	private function userpage() {
    756. 

  756. 		global $user, $comments;
    757. 

  757. 

  758. 		$mode = request_var('mode', 'main');
    759. 

  759. 

  760. 		if ($user->d('user_id') != $this->data->user_id && !in_array($mode, w('friend ban'))) {
    761. 

  761. 			$is_blocked = false;
    762. 

  762. 

  763. 			if (!$user->is('all', $this->data->user_id)) {
    764. 

  764. 				$sql = 'SELECT ban_id
    765. 

  765. 					FROM _members_ban
    766. 

  766. 					WHERE user_id = ?
    767. 

  767. 						AND banned_user = ?';
    768. 

  768. 				if ($banned_row = sql_fieldrow(sql_filter($sql, $user->d('user_id'), $this->data->user_id))) {
    769. 

  769. 					$is_blocked = true;
    770. 

  770. 				}
    771. 

  771. 

  772. 				$banned_lang = ($is_blocked) ? 'REMOVE' : 'ADD';
    773. 

  773. 

  774. 				_style('block_member', array(
    775. 

  775. 					'URL' => s_link('m', $this->data->username_base, 'ban'),
    776. 

  776. 					'LANG' => lang('blocked_member_' . $banned_lang))
    777. 

  777. 				);
    778. 

  778. 			}
    779. 

  779. 		}
    780. 

  780. 

  781. 		$profile_fields = $comments->user_profile($this->data);
    782. 

  782. 

  783. 		switch ($mode) {
    784. 

  784. 			case 'friend':
    785. 

  785. 				$this->friend_add();
    786. 

  786. 				break;
    787. 

  787. 			case 'ban':
    788. 

  788. 				$this->user_ban();
    789. 

  789. 				break;
    790. 

  790. 			case 'favs':
    791. 

  791. 				break;
    792. 

  792. 			case 'friends':
    793. 

  793. 				$this->friend_list();
    794. 

  794. 				break;
    795. 

  795. 			case 'stats':
    796. 

  796. 				$this->user_stats();
    797. 

  797. 				break;
    798. 

  798. 			case 'main':
    799. 

  799. 			default:
    800. 

  800. 				$this->user_main();
    801. 

  801. 				break;
    802. 

  802. 		}
    803. 

  803. 

  804. 		$panel_selection = array(
    805. 

  805. 			'main' => array('L' => 'MAIN', 'U' => false)
    806. 

  806. 		);
    807. 

  807. 

  808. 		if ($user->d('user_id') != $this->data->user_id) {
    809. 

  809. 			$panel_selection['start'] = array('L' => 'DCONV_START', 'U' => s_link('my dc start', $this->data->username_base));
    810. 

  810. 		} else {
    811. 

  811. 			$panel_selection['dc'] = array('L' => 'DC', 'U' => s_link('my dc'));
    812. 

  812. 		}
    813. 

  813. 

  814. 		$panel_selection += array(
    815. 

  815. 			'friends' => array('L' => 'FRIENDS', 'U' => false)
    816. 

  816. 		);
    817. 

  817. 

  818. 		foreach ($panel_selection as $link => $data) {
    819. 

  819. 			_style('selected_panel', array(
    820. 

  820. 				'LANG' => lang('userpage_' . $data['L']))
    821. 

  821. 			);
    822. 

  822. 

  823. 			if ($mode == $link) {
    824. 

  824. 				_style('selected_panel.strong');
    825. 

  825. 				continue;
    826. 

  826. 			}
    827. 

  827. 

  828. 			_style('selected_panel.a', array(
    829. 

  829. 				'URL' => ($data['U'] !== false) ? $data['U'] : s_link('m', $this->data->username_base, (($link != 'main') ? $link : '')))
    830. 

  830. 			);
    831. 

  831. 		}
    832. 

  832. 

  833. 		//
    834. 

  834. 		// Check if friends
    835. 

  835. 		//
    836. 

  836. 		if ($user->d('user_id') != $this->data->user_id) {
    837. 

  837. 			$friend_add_lang = true;
    838. 

  838. 

  839. 			if ($user->is('member')) {
    840. 

  840. 				$friend_add_lang = $this->is_friend($user->d('user_id'), $this->data->user_id);
    841. 

  841. 			}
    842. 

  842. 

  843. 			$friend_add_lang = ($friend_add_lang) ? 'friends_add' : 'friends_del';
    844. 

  844. 

  845. 			_style('friend', array(
    846. 

  846. 				'U_FRIEND' => s_link('m', $this->data->username_base, 'friend'),
    847. 

  847. 				'L_FRIENDS_ADD' => lang($friend_add_lang))
    848. 

  848. 			);
    849. 

  849. 		}
    850. 

  850. 

  851. 		//
    852. 

  852. 		// Generate page
    853. 

  853. 		//
    854. 

  854. 		v_style(array(
    855. 

  855. 			'USERNAME' => $this->data->username,
    856. 

  856. 			'POSTER_RANK' => $profile_fields->user_rank,
    857. 

  857. 			'AVATAR_IMG' => $profile_fields->user_avatar,
    858. 

  858. 			'USER_ONLINE' => $online,
    859. 

  859. 

  860. 			'PM' => s_link('my dc start', $this->data->username_base),
    861. 

  861. 			'WEBSITE' => $this->data->user_website,
    862. 

  862. 			'MSN' => $this->data->user_msnm
    863. 

  863. 		));
    864. 

  864. 

  865. 		$layout_file = 'userpage';
    866. 

  866. 

  867. 		$use_m_template = 'custom/profile_' . $this->data->username_base;
    868. 

  868. 		if (@file_exists(ROOT . 'template/' . $use_m_template . '.htm')) {
    869. 

  869. 			$layout_file = $use_m_template;
    870. 

  870. 		}
    871. 

  871. 

  872. 		$this->_title = $this->data->username;
    873. 

  873. 		$this->_template = $layout_file;
    874. 

  874. 

  875. 		return;
    876. 

  876. 	}
    877. 

  877. 

  878. 	public function friend_add() {
    879. 

  879. 		global $user;
    880. 

  880. 

  881. 		if (!$user->is('member')) {
    882. 

  882. 			do_login();
    883. 

  883. 		}
    884. 

  884. 

  885. 		if ($user->d('user_id') == $this->data->user_id) {
    886. 

  886. 			redirect(s_link('m', $this->data->username_base));
    887. 

  887. 		}
    888. 

  888. 

  889. 		$sql = 'SELECT *
    890. 

  890. 			FROM _members_friends
    891. 

  891. 			WHERE user_id = ?
    892. 

  892. 				AND buddy_id = ?';
    893. 

  893. 		if ($row = sql_fieldrow(sql_filter($sql, $user->d('user_id'), $this->data->user_id))) {
    894. 

  894. 			$sql = 'DELETE FROM _members_friends
    895. 

  895. 				WHERE user_id = ?
    896. 

  896. 					AND buddy_id = ?';
    897. 

  897. 			sql_query(sql_filter($sql, $user->d('user_id'), $this->data->user_id));
    898. 

  898. 

  899. 			if ($row->friend_time) {
    900. 

  900. 				//$user->points_remove(1);
    901. 

  901. 			}
    902. 

  902. 

  903. 			// TODO: Today save
    904. 

  904. 			// $user->delete_unread($this->data->user_id, $user->d('user_id'));
    905. 

  905. 

  906. 			redirect(s_link('m', $this->data->username_base));
    907. 

  907. 		}
    908. 

  908. 

  909. 		$sql_insert = array(
    910. 

  910. 			'user_id' => $user->d('user_id'),
    911. 

  911. 			'buddy_id' => $this->data->user_id,
    912. 

  912. 			'friend_time' => time()
    913. 

  913. 		);
    914. 

  914. 		sql_insert('members_friends', $sql_insert);
    915. 

  915. 

  916. 		// TODO: Today Save
    917. 

  917. 		// $user->save_unread(UH_FRIEND, $user->d('user_id'), 0, $this->data->user_id);
    918. 

  918. 

  919. 		redirect(s_link('m', $user->d('username_base'), 'friends'));
    920. 

  920. 	}
    921. 

  921. 

  922. 	public function friend_list() {
    923. 

  923. 		global $user, $comments;
    924. 

  924. 

  925. 		$sql = 'SELECT DISTINCT u.user_id AS user_id, u.username, u.username_base, u.user_avatar, u.user_rank, u.user_gender, u.user_posts
    926. 

  926. 			FROM _members_friends b, _members u
    927. 

  927. 			WHERE (b.user_id = ?
    928. 

  928. 				AND b.buddy_id = u.user_id) OR
    929. 

  929. 				(b.buddy_id = ?
    930. 

  930. 					AND b.user_id = u.user_id)
    931. 

  931. 			ORDER BY u.username';
    932. 

  932. 		if ($result = sql_rowset(sql_filter($sql, $this->data->user_id, $this->data->user_id))) {
    933. 

  933. 			_style('friends');
    934. 

  934. 

  935. 			foreach ($result as $row) {
    936. 

  936. 				$friend_profile = $comments->user_profile($row);
    937. 

  937. 

  938. 				_style('friends.row', array(
    939. 

  939. 					'PROFILE' => $friend_profile->profile,
    940. 

  940. 					'USERNAME' => $friend_profile->username,
    941. 

  941. 					'AVATAR' => $friend_profile->user_avatar,
    942. 

  942. 					'RANK' => $friend_profile->user_rank)
    943. 

  943. 				);
    944. 

  944. 			}
    945. 

  945. 		}
    946. 

  946. 

  947. 		return true;
    948. 

  948. 	}
    949. 

  949. 

  950. 	public function is_friend($user_one, $user_two) {
    951. 

  951. 		$sql = 'SELECT *
    952. 

  952. 			FROM _members_friends
    953. 

  953. 			WHERE (user_id = ?
    954. 

  954. 				AND buddy_id = ?)
    955. 

  955. 				OR (buddy_id = ?
    956. 

  956. 				AND user_id = ?)';
    957. 

  957. 		if (sql_fieldrow(sql_filter($sql, $user_one, $user_two, $user_two, $user_one))) {
    958. 

  958. 			return true;
    959. 

  959. 		}
    960. 

  960. 

  961. 		return false;
    962. 

  962. 	}
    963. 

  963. 

  964. 	public function user_ban() {
    965. 

  965. 		global $user;
    966. 

  966. 

  967. 		if (!$user->is('member')) {
    968. 

  968. 			do_login();
    969. 

  969. 		}
    970. 

  970. 

  971. 		if ($user->d('user_id') == $this->data->user_id) {
    972. 

  972. 			redirect(s_link('m', $this->data->username_base));
    973. 

  973. 		}
    974. 

  974. 

  975. 		if ($epbi) {
    976. 

  976. 			fatal_error();
    977. 

  977. 		}
    978. 

  978. 

  979. 		$sql = 'SELECT ban_id
    980. 

  980. 			FROM _members_ban
    981. 

  981. 			WHERE user_id = ?
    982. 

  982. 				AND banned_user = ?';
    983. 

  983. 		if ($row = sql_fieldrow(sql_filter($sql, $user->d('user_id'), $this->data->user_id))) {
    984. 

  984. 			$sql = 'DELETE FROM _members_ban
    985. 

  985. 				WHERE ban_id = ?';
    986. 

  986. 			sql_query(sql_filter($sql, $row->ban_id));
    987. 

  987. 

  988. 			redirect(s_link('m', $this->data->username_base));
    989. 

  989. 		}
    990. 

  990. 

  991. 		$sql_insert = array(
    992. 

  992. 			'user_id' => $user->d('user_id'),
    993. 

  993. 			'banned_user' => $this->data->user_id,
    994. 

  994. 			'ban_time' => $user->time
    995. 

  995. 		);
    996. 

  996. 		sql_insert('members_ban', $sql_insert);
    997. 

  997. 

  998. 		$sql = 'DELETE FROM _members_friends
    999. 

  999. 			WHERE user_id = ?
    1000. 

  1000. 				AND buddy_id = ?';
    1001. 

  1001. 		sql_query(sql_filter($sql, $user->d('user_id'), $this->data->user_id));
    1002. 

  1002. 

  1003. 		$sql = 'DELETE FROM _members_friends
    1004. 

  1004. 			WHERE user_id = ?
    1005. 

  1005. 				AND buddy_id = ?';
    1006. 

  1006. 		sql_query(sql_filter($sql, $this->data->user_id, $user->d('user_id')));
    1007. 

  1007. 

  1008. 		$sql = 'DELETE FROM _members_viewers
    1009. 

  1009. 			WHERE user_id = ?
    1010. 

  1010. 				AND viewer_id = ?';
    1011. 

  1011. 		sql_query(sql_filter($sql, $this->data->user_id, $user->d('user_id')));
    1012. 

  1012. 

  1013. 		redirect(s_link('m', $this->data->username_base));
    1014. 

  1014. 	}
    1015. 

  1015. 

  1016. 	public function user_stats() {
    1017. 

  1017. 		$user_stats = array(
    1018. 

  1018. 			'VISITS_COUNT' => $this->data->user_totallogon,
    1019. 

  1019. 			'PAGEVIEWS_COUNT' => $this->data->user_totalpages,
    1020. 

  1020. 			'FORUM_POSTS' => $this->data->user_posts
    1021. 

  1021. 		);
    1022. 

  1022. 

  1023. 		$m = false;
    1024. 

  1024. 		foreach ($user_stats as $key => $value) {
    1025. 

  1025. 			if ($value == '') {
    1026. 

  1026. 				continue;
    1027. 

  1027. 			}
    1028. 

  1028. 

  1029. 			if (!$m) {
    1030. 

  1030. 				_style('main.stats');
    1031. 

  1031. 				$m = true;
    1032. 

  1032. 			}
    1033. 

  1033. 

  1034. 			_style('main.stats.item', array(
    1035. 

  1035. 				'KEY' => lang($key),
    1036. 

  1036. 				'VALUE' => $value)
    1037. 

  1037. 			);
    1038. 

  1038. 		}
    1039. 

  1039. 

  1040. 		return true;
    1041. 

  1041. 	}
    1042. 

  1042. 

  1043. 	public function user_main() {
    1044. 

  1044. 		global $user, $comments;
    1045. 

  1045. 

  1046. 		_style('main');
    1047. 

  1047. 

  1048. 		//
    1049. 

  1049. 		// Get artists where this member is an authorized member
    1050. 

  1050. 		//
    1051. 

  1051. 		$sql = 'SELECT au.user_id, a.ub, a.name, a.subdomain, a.images, a.local, a.location, a.genre, i.image
    1052. 

  1052. 			FROM _artists_auth au, _artists a
    1053. 

  1053. 			INNER JOIN _artists_images i ON a.ub = i.image
    1054. 

  1054. 			WHERE au.user_id = ?
    1055. 

  1055. 				AND au.ub = a.ub
    1056. 

  1056. 				AND i.image_default = 1
    1057. 

  1057. 			ORDER BY a.name';
    1058. 

  1058. 		if ($artists = sql_rowset(sql_filter($sql, $this->data->user_id), 'ub')) {
    1059. 

  1059. 			a_thumbnails($artists, 'USERPAGE_MOD', 'thumbnails');
    1060. 

  1060. 		}
    1061. 

  1061. 

  1062. 		//
    1063. 

  1063. 		// GET MEMBER FAV ARTISTS
    1064. 

  1064. 		//
    1065. 

  1065. 		$sql = 'SELECT f.user_id, a.ub, a.name, a.subdomain, a.images, a.local, a.location, a.genre
    1066. 

  1066. 			FROM _artists_fav f, _artists a
    1067. 

  1067. 			INNER JOIN _artists_images i ON a.ub = i.ub
    1068. 

  1068. 			WHERE f.user_id = ?
    1069. 

  1069. 				AND f.ub = a.ub
    1070. 

  1070. 				AND i.image_default = 1
    1071. 

  1071. 			ORDER BY RAND()';
    1072. 

  1072. 		if ($result2 = sql_rowset(sql_filter($sql, $this->data->user_id), 'ub')) {
    1073. 

  1073. 

  1074. 			$total_a = 0;
    1075. 

  1075. 			$selected_artists2 = w();
    1076. 

  1076. 

  1077. 			foreach ($result2 as $row) {
    1078. 

  1078. 				if ($total_a < 6) {
    1079. 

  1079. 					$selected_artists2[$row->ub] = $row;
    1080. 

  1080. 				}
    1081. 

  1081. 				$total_a++;
    1082. 

  1082. 			}
    1083. 

  1083. 

  1084. 			a_thumbnails($result2, $random_images2, 'USERPAGE_AFAVS', 'thumbnails');
    1085. 

  1085. 

  1086. 			if ($total_a > 6) {
    1087. 

  1087. 				_style('main.thumbnails.all');
    1088. 

  1088. 			}
    1089. 

  1089. 		}
    1090. 

  1090. 

  1091. 		// Latest board posts
    1092. 

  1092. 		$sql = "SELECT DISTINCT(t.topic_title), p.post_id, p.post_time, t.topic_color
    1093. 

  1093. 			FROM _forum_topics t, _forum_posts p
    1094. 

  1094. 			WHERE p.poster_id = ?
    1095. 

  1095. 				AND p.forum_id NOT IN (14,15,16,17,20,22,38)
    1096. 

  1096. 				AND t.topic_id = p.topic_id
    1097. 

  1097. 				AND t.topic_active = 1
    1098. 

  1098. 			GROUP BY p.topic_id
    1099. 

  1099. 			ORDER BY p.post_time DESC
    1100. 

  1100. 			LIMIT 10";
    1101. 

  1101. 		$result = sql_rowset(sql_filter($sql, $this->data->user_id));
    1102. 

  1102. 

  1103. 		foreach ($result as $i => $row) {
    1104. 

  1104. 			if (!$i) _style('main.lastboard');
    1105. 

  1105. 

  1106. 			_style('main.lastboard.row', array(
    1107. 

  1107. 				'URL' => s_link('post', $row->post_id) . '#' . $row->post_id,
    1108. 

  1108. 				'TITLE' => $row->topic_title,
    1109. 

  1109. 				'TOPIC_COLOR' => $row->topic_color,
    1110. 

  1110. 				'TIME' => $user->format_date($row->post_time, 'H:i'),
    1111. 

  1111. 				'DATE' => $user->format_date($row->post_time, lang('date_format')))
    1112. 

  1112. 			);
    1113. 

  1113. 		}
    1114. 

  1114. 

  1115. 		//
    1116. 

  1116. 		// GET USERPAGE MESSAGES
    1117. 

  1117. 		//
    1118. 

  1118. 		$comments_ref = s_link('m', $this->data->username_base);
    1119. 

  1119. 

  1120. 		if ($user->is('member')) {
    1121. 

  1121. 			_style('main.post_comment_box', array(
    1122. 

  1122. 				'REF' => $comments_ref)
    1123. 

  1123. 			);
    1124. 

  1124. 		}
    1125. 

  1125. 

  1126. 		//
    1127. 

  1127. 		// User age & birthday
    1128. 

  1128. 		//
    1129. 

  1129. 		$birthday = '';
    1130. 

  1130. 		$age = 0;
    1131. 

  1131. 		if ($this->data->user_birthday) {
    1132. 

  1132. 			$bd_month = gmmktime(0, 0, 0, substr($this->data->user_birthday, 4, 2) + 1, 0, 0);
    1133. 

  1133. 			$birthday = (int) substr($this->data->user_birthday, 6, 2) . ' ' . $user->format_date($bd_month, 'F') . ' ' . substr($this->data->user_birthday, 0, 4);
    1134. 

  1134. 

  1135. 			$age = date('Y', time()) - intval(substr($this->data->user_birthday, 0, 4));
    1136. 

  1136. 			if (intval(substr($this->data->user_birthday, 4, 4)) > date('md', time())) {
    1137. 

  1137. 				$age--;
    1138. 

  1138. 			}
    1139. 

  1139. 			$age .= ' ' . lang('years');
    1140. 

  1140. 		}
    1141. 

  1141. 

  1142. 		switch ($this->data->user_gender) {
    1143. 

  1143. 			case 0:
    1144. 

  1144. 				$gender = 'NO_GENDER';
    1145. 

  1145. 				break;
    1146. 

  1146. 			case 1:
    1147. 

  1147. 				$gender = 'MALE';
    1148. 

  1148. 				break;
    1149. 

  1149. 			case 2:
    1150. 

  1150. 				$gender = 'FEMALE';
    1151. 

  1151. 				break;
    1152. 

  1152. 		}
    1153. 

  1153. 

  1154. 		$gender = lang($gender);
    1155. 

  1155. 

  1156. 		$user_fields = array(
    1157. 

  1157. 			//'JOINED' => ($this->data->user_regdate && (!$this->data->user_hideuser || $epbi2)) ? $user->format_date($this->data->user_regdate) . sprintf(lang('joined_since'), $memberdays) : '',
    1158. 

  1158. 			'LAST_LOGON' => ($this->data->user_lastvisit && (!$this->data->user_hideuser || $epbi2)) ? $user->format_date($this->data->user_lastvisit) : '',
    1159. 

  1159. 			'GENDER' => $gender,
    1160. 

  1160. 			'AGE' => $age,
    1161. 

  1161. 			'BIRTHDAY' => $birthday,
    1162. 

  1162. 			'FAV_GENRES' => $this->data->user_fav_genres,
    1163. 

  1163. 			'FAV_BANDS' => $this->data->user_fav_artists,
    1164. 

  1164. 			'LOCATION' => $this->data->user_location,
    1165. 

  1165. 			'OCCUPATION' => $this->data->user_occ,
    1166. 

  1166. 			'INTERESTS' => $this->data->user_interests,
    1167. 

  1167. 			'MEMBER_OS' => $this->data->user_os
    1168. 

  1168. 		);
    1169. 

  1169. 

  1170. 		$m = 0;
    1171. 

  1171. 		foreach ($user_fields as $key => $value) {
    1172. 

  1172. 			if ($value == '') continue;
    1173. 

  1173. 

  1174. 			if (!$m) {
    1175. 

  1175. 				_style('main.general');
    1176. 

  1176. 				$m = 1;
    1177. 

  1177. 			}
    1178. 

  1178. 

  1179. 			_style('main.general.item', array(
    1180. 

  1180. 				'KEY' => lang($key),
    1181. 

  1181. 				'VALUE' => $value)
    1182. 

  1182. 			);
    1183. 

  1183. 		}
    1184. 

  1184. 

  1185. 		//
    1186. 

  1186. 		// Get Last.fm Feed
    1187. 

  1187. 		//
    1188. 

  1188. 		// http://ws.audioscrobbler.com/1.0/user//recenttracks.xml
    1189. 

  1189. 		if (!empty($this->data->user_lastfm)) {
    1190. 

  1190. 			include_once('./interfase/scrobbler.php');
    1191. 

  1191. 

  1192. 			$scrobbler = new EasyScrobbler($this->data->user_lastfm);
    1193. 

  1193. 			$list = $scrobbler->getRecentTracs();
    1194. 

  1194. 

  1195. 			if (count($list)) {
    1196. 

  1196. 				_style('main.lastfm', array(
    1197. 

  1197. 					'NAME' => $this->data->user_lastfm,
    1198. 

  1198. 					'URL' => 'http://www.last.fm/user/' . $this->data->user_lastfm . '/')
    1199. 

  1199. 				);
    1200. 

  1200. 

  1201. 				foreach ($list as $row) {
    1202. 

  1202. 					_style('main.lastfm.row', array(
    1203. 

  1203. 						'ARTIST' => $row['ARTIST'],
    1204. 

  1204. 						'NAME' => $row['NAME'],
    1205. 

  1205. 						'ALBUM' => $row['ALBUM'],
    1206. 

  1206. 						'URL' => $row['URL'],
    1207. 

  1207. 						'TIME' => $user->format_date($row['DATE_UTS'], 'H:i'))
    1208. 

  1208. 					);
    1209. 

  1209. 				}
    1210. 

  1210. 			}
    1211. 

  1211. 		}
    1212. 

  1212. 

  1213. 		//
    1214. 

  1214. 		// Get public messages
    1215. 

  1215. 		//
    1216. 

  1216. 		$comments_ref = s_link('m', $this->data->username_base);
    1217. 

  1217. 		if ($this->data->userpage_posts) {
    1218. 

  1218. 			$comments->reset();
    1219. 

  1219. 			$comments->ref = $comments_ref;
    1220. 

  1220. 

  1221. 			$sql = 'SELECT p.*, u2.user_id, u2.username, u2.username_base, u2.user_avatar
    1222. 

  1222. 				FROM _members_posts p, _members u, _members u2
    1223. 

  1223. 				WHERE p.userpage_id = ?
    1224. 

  1224. 					AND p.userpage_id = u.user_id
    1225. 

  1225. 					AND p.post_active = 1
    1226. 

  1226. 					AND p.poster_id = u2.user_id
    1227. 

  1227. 				ORDER BY p.post_time DESC
    1228. 

  1228. 				LIMIT 50';
    1229. 

    1230. 

  1230. 			$comments->data = array(
    1231. 

  1231. 				'USER_ID_FIELD' => 'userpage_id',
    1232. 

  1232. 				'S_DELETE_URL' => s_link('acp', 'user_post_delete', 'msg_id:%d'),
    1233. 

  1233. 				'SQL' => sql_filter($sql, $this->data->user_id)
    1234. 

  1234. 			);
    1235. 

  1235. 

  1236. 			$comments->view(0, '', $this->data->userpage_posts, $this->data->userpage_posts, 'main.posts');
    1237. 

  1237. 		}
    1238. 

  1238. 

  1239. 		if ($user->is('member')) {
    1240. 

  1240. 			_style('main.box', array(
    1241. 

  1241. 				'REF' => $comments_ref)
    1242. 

  1242. 			);
    1243. 

  1243. 		}
    1244. 

  1244. 

  1245. 		return true;
    1246. 

  1246. 	}
    1247. 

  1247. }
    1248.