_absolute_path.'/administrator/components/com_smf/config.smf.php'); require_once ($mosConfig_absolute_path.'/administrator/components/com_smf/functions.smf.php'); $_SESSION['USER_AGENT'] = $_SERVER['HTTP_USER_AGENT']; $_SESSION['_FROM_MOS'] = true; doMamboSMF(true); } // SMF end } if ($ueConfig['cbedologin']=='1' || $ueConfig['use_smfBridge'] == '1') { $mainframe->login(); // JS Popup message if ( $message ) { $js_message = " \n"; echo $js_message; } if ( $return && !( strpos( $return, 'com_registration' ) || strpos( $return, 'com_login' ) ) ) { // checks for the presence of a return url // and ensures that this url is not the registration or login pages mosRedirect( $return ); } else { mosRedirect( $mosConfig_live_site .'/index.php' ); } } else { if (function_exists('josSpoofValue')) { $validate = josSpoofValue(1); } echo "\n"; echo "\n"; } } } function logout() { global $_POST, $mainframe, $database, $my, $mosConfig_live_site; $return = trim(mosGetParam( $_POST, 'return', NULL )); $message = trim(mosGetParam( $_POST, 'message', 0 )); $database->setQuery("SELECT * FROM #__comprofiler_userstime WHERE userid='".$my->id."'"); $database->loadObject($users_time); if ($database->query()) { $u_time = time(); $diff_time = $u_time - $users_time->logtime; $sum_time = $users_time->logtimesum + $diff_time; $database->setQuery("UPDATE #__comprofiler_userstime SET logtime='".$u_time."', logtimesum='".$sum_time."' WHERE id='".$users_time->id."' AND userid='".$my->id."'"); $database->query(); } $mainframe->logout(); // JS Popup message if ( $message ) { $js_message = ''." \n"; echo $js_message; //ob_flush(); } if ( $return ) { // checks for the presence of a return url // and ensures that this url is not the registration or logout pages mosRedirect( sefRelToAbs($return) ); } else { mosRedirect( sefRelToAbs($mosConfig_live_site.'/index.php') ); } } function confirm($confirmCode){ global $database,$my,$ueConfig; if($my->id < 1) { $conf_hash = floatval($ueConfig['reg_confirmation_hash']); $query = "SELECT * FROM #__comprofiler c, #__users u WHERE c.id=u.id AND confirmed=0 AND md5(c.id+".$conf_hash.") = '" . cbGetEscaped($confirmCode) . "'"; $database->setQuery($query); $user = $database->loadObjectList(); $query = "UPDATE #__comprofiler SET confirmed = 1 WHERE confirmed=0 AND md5(id+".$conf_hash.") = '" . cbGetEscaped($confirmCode) . "'"; $database->setQuery($query); $database->query(); if(mysql_affected_rows() == 0) { if ($user == null) { echo _UE_USER_NOTCONFIRMED . "
"; } else { if ($user[0]->approved == 0) echo _UE_USER_CONFIRMED_NEEDAPPR . "
"; else echo _UE_USER_CONFIRMED . "
"; } } else { if($user[0]->approved == 0) { if($ueConfig['moderatorEmail']==1) { $database->setQuery( "SELECT name, username, email, id FROM #__users" ."\n WHERE gid >='".$ueConfig['imageApproverGid']."' AND block=0 AND sendEmail='1'" ); $rowAdmins = $database->loadObjectList(); foreach ($rowAdmins AS $rowAdmin) { $isModerator=isModerator($rowAdmin->id); if ($isModerator==1) { createEmail($user[0],'pendingAdmin',$ueConfig,$rowAdmin); } } } echo _UE_USER_CONFIRMED_NEEDAPPR . "
"; } else { if($ueConfig['moderatorEmail']==1) { $database->setQuery( "SELECT name, username, email, id FROM #__users" ."\n WHERE gid >='".$ueConfig['imageApproverGid']."' AND block=0 AND sendEmail='1'" ); $rowAdmins = $database->loadObjectList(); foreach ($rowAdmins AS $rowAdmin) { $isModerator=isModerator($rowAdmin->id); if ($isModerator==1) { createEmail($user[0],'welcomeAdmin',$ueConfig,$rowAdmin); } } } createEmail($user[0],'welcome',$ueConfig); echo _UE_USER_CONFIRMED . "
"; } } } else { // $database->setQuery("SELECT id FROM #__menu WHERE link = 'index.php?option=com_comprofiler'"); // $Itemid = $database->loadResult(); if (!isset($_REQUEST['Itemid'])) { if ($GLOBALS['Itemid_com']!='') { $Itemid_c = $GLOBALS['Itemid_com']; } else { $Itemid_c = ''; } } else { $Itemid_c = "&Itemid=".$_REQUEST['Itemid']; } mosRedirect(sefRelToAbs('index.php?option=com_comprofiler'.$Itemid_c)); } } function approveImage(){ global $database,$_POST,$_REQUEST,$mosConfig_absolute_path,$my,$ueConfig; $isModerator=isModerator($my->id); if ($isModerator == 0) { mosNotAuth(); return; } $avatars=array(); if(isset($_POST['avatar'])) $avatars=$_POST['avatar']; else $avatars[] = $_REQUEST['avatars']; if(isset($_POST['act'])) $act=$_POST['act']; else $act = $_REQUEST['flag']; if($act=='1') { foreach ($avatars AS $avatar) { $query = "UPDATE #__comprofiler SET avatarapproved = 1, lastupdatedate='".date('Y-m-d\TH:i:s')."' WHERE id = '" . cbGetEscaped($avatar) . "'"; $database->setQuery($query); $database->query(); echo $database->getquery(); $database->setQuery( "SELECT name, email FROM #__users" ."\n WHERE id='$avatar'" ); $rows = $database->loadObjectList(); echo $database->getquery(); foreach ($rows AS $row) { createEmail($row,'imageApproved',$ueConfig); } } } else { foreach ($avatars AS $avatar) { $query = "SELECT avatar FROM #__comprofiler WHERE id = '" . $avatar . "'"; $database->setQuery($query); $file = $database->loadResult(); if(eregi("gallery/",$file)==false && is_file($mosConfig_absolute_path."/images/comprofiler/".$file)) { unlink($mosConfig_absolute_path."/images/comprofiler/".$file); if(is_file($mosConfig_absolute_path."/images/comprofiler/tn".$file)) unlink($mosConfig_absolute_path."/images/comprofiler/tn".$file); } $query = "UPDATE #__comprofiler SET avatarapproved = 1, avatar=null WHERE id = '" . cbGetEscaped($avatar) . "'"; $database->setQuery($query); $database->query(); $database->setQuery( "SELECT name, email FROM #__users" ."\n WHERE id='$avatar'" ); $rows = $database->loadObjectList(); foreach ($rows AS $row) { createEmail($row,'imageRejected',$ueConfig); } } } if (!isset($_REQUEST['Itemid'])) { if ($GLOBALS['Itemid_com']!='') { $Itemid_c = $GLOBALS['Itemid_com']; } else { $Itemid_c = ''; } } else { $Itemid_c = "&Itemid=".$_REQUEST['Itemid']; } mosRedirect(sefRelToAbs('index.php?option=com_comprofiler'.$Itemid_c.'&task=moderateImages'),_UE_USERIMAGEMODERATED_SUCCESSFUL); } function isModerator($oID){ global $ueConfig, $acl; $gid = userGID($oID); if (!allowAccess( $ueConfig['imageApproverGid'],'RECURSE', userGID($oID), $acl, '1')) { return 0; } else { return 1; } // if($gid >= $ueConfig['imageApproverGid']) return 1; // else return 0; } function userGID($oID){ global $database,$ueConfig; if($oID > 0) { $query = "SELECT gid FROM #__users WHERE id = '".$oID."'"; $database->setQuery($query); $gid = $database->loadResult(); return $gid; } else return 0; } function reportUser($option,$form=1,$uid=0) { global $database,$ueConfig,$_POST; if($ueConfig['allowUserReports']==0) { echo _UE_FUNCTIONALITY_DISABLED; exit(); } if($form==1) { HTML_comprofiler::reportUserForm($option,$uid); } else { $row = new moscomprofilerUserReport( $database ); if (!$row->bind( $_POST )) { echo "\n"; exit(); } mosMakeHtmlSafe($row); $row->reportedondate = date("Y-m-d\TH:i:s"); if (!$row->check()) { echo "\n"; exit(); } if (!$row->store()) { echo "\n"; exit(); } if($ueConfig['moderatorEmail']==1) { $database->setQuery( "SELECT name, email, u.id as uid FROM #__users u, #__comprofiler c " ."\n WHERE u.id=c.id AND u.gid >='".$ueConfig['imageApproverGid']."' AND u.block=0 AND u.sendEmail='1' AND c.confirmed='1' AND c.approved='1'" ); $rowAdmins = $database->loadObjectList(); foreach ($rowAdmins AS $rowAdmin) { $isModerator=isModerator($rowAdmin->uid); if ($isModerator==1) { createEmail($row,'reportAdmin',$ueConfig,$rowAdmin); } } } echo _UE_USERREPORT_SUCCESSFUL; } } function banUser($option,$uid,$form=1,$act=1) { global $database,$ueConfig,$_POST,$my; $isModerator=isModerator($my->id); if($ueConfig['allowUserBanning']==0) { echo _UE_FUNCTIONALITY_DISABLED; exit(); } if($form==1) { $database->setquery("SELECT bannedreason FROM #__comprofiler WHERE id = '$uid'"); $orgbannedreason=$database->loadresult(); HTML_comprofiler::banUserForm($option,$uid,$act,$orgbannedreason); } else { if($act==1) { if ($isModerator!=1){ mosNotAuth(); return; } $sql="UPDATE #__comprofiler SET banned='1', bannedby='".cbGetEscaped($_POST['bannedby'])."', banneddate='".date('Y-m-d\TH:i:s')."', bannedreason='".cbGetEscaped(htmlspecialchars("["._UE_MODERATORBANRESPONSE."]"))."\n".cbGetEscaped($_POST['bannedreason'])."' WHERE id='$uid'"; $database->SetQuery($sql); $database->query(); $database->setQuery( "SELECT name, email FROM #__users" ."\n WHERE id='$uid'" ); $rows = $database->loadObjectList(); foreach ($rows AS $row) { createEmail($row,'banUser',$ueConfig); } echo _UE_USERBAN_SUCCESSFUL; } elseif($act==0) { if ($isModerator!=1){ mosNotAuth(); return; } $sql="UPDATE #__comprofiler SET banned='0', bannedby=null, banneddate=null, bannedreason=null WHERE id='".cbGetEscaped($uid)."'"; $database->SetQuery($sql); $database->query(); $database->setQuery( "SELECT name, email FROM #__users" ."\n WHERE id='$uid'" ); $rows = $database->loadObjectList(); foreach ($rows AS $row) { createEmail($row,'unbanUser',$ueConfig); } echo _UE_USERUNBAN_SUCCESSFUL; }elseif($act==2) { if ($my->id!=$uid){ mosNotAuth(); return; } $bannedreason = "".htmlspecialchars("["._UE_USERBANRESPONSE."]")."\n".$_POST['bannedreason']."\n".$_POST['orgbannedreason']; $sql="UPDATE #__comprofiler SET banned='2', bannedreason='".cbGetEscaped($bannedreason)."' WHERE id='".cbGetEscaped($uid)."'"; $database->SetQuery($sql); $database->query(); if($ueConfig['moderatorEmail']==1) { $database->setQuery( "SELECT name, email, u.id as uid FROM #__users u, #__comprofiler c " ."\n WHERE u.id=c.id AND u.gid >='".$ueConfig['imageApproverGid']."' AND u.block=0 AND u.sendEmail='1' AND c.confirmed='1' AND c.approved='1'" ); $rowAdmins = $database->loadObjectList(); foreach ($rowAdmins AS $rowAdmin) { $isModerator=isModerator($rowAdmin->uid); if ($isModerator==1) { createEmail($row,'unbanAdmin',$ueConfig,$rowAdmin); } } } echo _UE_USERUNBANREQUEST_SUCCESSFUL; } } } function processReports(){ global $database,$_POST,$mosConfig_absolute_path,$my; $isModerator=isModerator($my->id); if ($isModerator == 0) { mosNotAuth(); return; } $reports=array(); $reports=$_POST['reports']; foreach ($reports AS $report) { $query = "UPDATE #__comprofiler_userreports SET reportedstatus = 1 WHERE reportid = '" . cbGetEscaped($report) . "'"; $database->setQuery($query); $database->query(); } if (!isset($_REQUEST['Itemid'])) { if ($GLOBALS['Itemid_com']!='') { $Itemid_c = $GLOBALS['Itemid_com']; } else { $Itemid_c = ''; } } else { $Itemid_c = "&Itemid=".$_REQUEST['Itemid']; } mosRedirect(sefRelToAbs('index.php?option=com_comprofiler'.$Itemid_c.'&task=moderateReports'),_UE_USERREPORTMODERATED_SUCCESSFUL); } function moderator(){ global $database,$_POST,$mosConfig_absolute_path,$my,$ueConfig; $isModerator=isModerator($my->id); if ($isModerator == 0) { mosNotAuth(); return; } echo _UE_MODERATE_TITLE; echo ""; $query = "SELECT count(*) FROM #__comprofiler WHERE avatarapproved=0"; if(!$database->setQuery($query)) print $database->getErrorMsg(); $totalimages = $database->loadResult(); $query = "SELECT count(*) FROM #__comprofiler_userreports WHERE reportedstatus=0 "; if(!$database->setQuery($query)) print $database->getErrorMsg(); $totaluserreports = $database->loadResult(); $query = "SELECT count(*) FROM #__comprofiler WHERE banned=2"; if(!$database->setQuery($query)) print $database->getErrorMsg(); $totalunban = $database->loadResult(); $query = "SELECT count(*) FROM #__comprofiler WHERE approved=0 AND confirmed=1 "; if(!$database->setQuery($query)) print $database->getErrorMsg(); $totaluserpendapproval = $database->loadResult(); if($totalunban > 0 || $totaluserreports > 0 || $totalimages > 0 || ($totaluserpendapproval > 0 && $ueConfig['allowModUserApproval'])) { if($totalunban > 0) echo "

".$totalunban." "._UE_UNBANREQUIREACTION."

"; if($totaluserreports > 0) echo "

".$totaluserreports." "._UE_USERREPORTSREQUIREACTION."

"; if($totalimages > 0) echo "

".$totalimages." "._UE_IMAGESREQUIREACTION."

"; if($totaluserpendapproval > 0 && $ueConfig['allowModUserApproval']) echo "

".$totaluserpendapproval." "._UE_USERPENDAPPRACTION."

"; } else { echo _UE_NOACTIONREQUIRED; } echo ""; } function approveUser($option,$uids) { global $database,$ueConfig,$_POST,$my,$mosConfig_emailpass; $isModerator=isModerator($my->id); if($ueConfig['allowModUserApproval']==0) { echo _UE_FUNCTIONALITY_DISABLED; exit(); } if ($isModerator!=1){ mosNotAuth(); return; } if($mosConfig_emailpass!=1) $mosConfig_emailpass=0; foreach($uids AS $uid) { $sql="UPDATE #__comprofiler SET approved='1'WHERE id='".cbGetEscaped($uid)."'"; $database->SetQuery($sql); $database->query(); //sv0.6232 aprovel-block-combination $sql="UPDATE #__users SET block='0' WHERE id='".cbGetEscaped($uid)."' AND block='1'"; $database->SetQuery($sql); $database->query(); $database->setQuery( "SELECT name, username, email FROM #__users" ."\n WHERE id='$uid'" ); $rows = $database->loadObjectList(); foreach ($rows AS $row) { createEmail($row,'welcome',$ueConfig,null,$mosConfig_emailpass); } $comment=""; if(ISSET($_POST[$comment])) $comment=$_POST[$comment]; } if (!isset($_REQUEST['Itemid'])) { if ($GLOBALS['Itemid_com']!='') { $Itemid_c = $GLOBALS['Itemid_com']; } else { $Itemid_c = ''; } } else { $Itemid_c = "&Itemid=".$_REQUEST['Itemid']; } mosRedirect(sefRelToAbs('index.php?option=com_comprofiler'.$Itemid_c.'&task=pendingApprovalUser'),_UE_USERAPPROVAL_SUCCESSFUL); } function rejectUser($option,&$uids) { global $database,$ueConfig,$_POST,$my,$mosConfig_emailpass; $isModerator=isModerator($my->id); if($ueConfig['allowModUserApproval']==0) { echo _UE_FUNCTIONALITY_DISABLED; exit(); } if ($isModerator!=1){ mosNotAuth(); return; } if($mosConfig_emailpass!=1) $mosConfig_emailpass=0; foreach($uids AS $uid) { $sql="UPDATE #__comprofiler SET approved='2'WHERE id='".cbGetEscaped($uid)."'"; $database->SetQuery($sql); $database->query(); $database->setQuery( "SELECT name, username, email FROM #__users" ."\n WHERE id='$uid'" ); $rows = $database->loadObjectList(); foreach ($rows AS $row) { createEmail($row,'rejectUser',$ueConfig,$_POST['comment'.$uid],$mosConfig_emailpass); } } if (!isset($_REQUEST['Itemid'])) { if ($GLOBALS['Itemid_com']!='') { $Itemid_c = $GLOBALS['Itemid_com']; } else { $Itemid_c = ''; } } else { $Itemid_c = "&Itemid=".$_REQUEST['Itemid']; } mosRedirect(sefRelToAbs('index.php?option=com_comprofiler'.$Itemid_c.'&task=pendingApprovalUser'),_UE_USERREJECT_SUCCESSFUL); } function pendingApprovalUsers($option) { global $database,$ueConfig,$_POST,$my,$mosConfig_emailpass; $isModerator=isModerator($my->id); if($ueConfig['allowModUserApproval']==0) { echo _UE_FUNCTIONALITY_DISABLED; exit(); } if ($isModerator!=1){ mosNotAuth(); return; } if($mosConfig_emailpass!=1) $mosConfig_emailpass=0; $database->setQuery( "SELECT u.id, u.name, u.username, u.email, u.registerDate " ."\n FROM #__users u, #__comprofiler c " ."\n WHERE u.id=c.id AND c.approved=0 AND c.confirmed=1" ); $rows = $database->loadObjectList(); HTML_comprofiler::pendingApprovalUsers($option, $rows); } function cbsearch( $option, $uid, $submitvalue) { global $database,$my,$ueConfig,$enhanced_Config,$acl; if (!allowAccess( $ueConfig['allow_listviewbyGID'],'RECURSE', userGID($my->id), $acl, '1')) { echo _UE_NOT_AUTHORIZED; return; } $whereadd = ''; $prefix = 'ue.'; $query = ''; $sform=''; if (isset($_POST['adminForm'])) { $database->setQuery( "SELECT f.fieldid, f.name AS name, f.title, f.type, t.range AS range FROM #__comprofiler_fields AS f, #__comprofiler_searchmanager AS t WHERE f.published=1 AND f.fieldid = t.fieldid"); $valids = $database->loadObjectList(); foreach ($valids as $valid) { if (($valid->type)=="select" || ($valid->type)=="radio") { if (($valid->range)==1) { // range = 1 $from = $valid->name."from"; $to = $valid->name."to"; if ( !empty($_POST[($from)]) && !empty($_POST[($to)]) ) { // neither empty // patched 14-03-05 $afrom = $database->getEscaped($_POST[($from)]); $ato = $database->getEscaped($_POST[($to)]); if ($afrom>$ato) { list($afrom, $ato) = array($ato, $afrom); } $query .= "AND " . $prefix . ($valid->name) . " BETWEEN '" . $afrom . "' AND '" . $ato . "' "; } elseif ( ( empty($_POST[($from)]) && !empty($_POST[($to)]) ) OR ( !empty($_POST[($from)]) && empty($_POST[($to)]) ) ) { // either one empty, not valid when range = 1 echo _UE_QUERY_NOT_VALID; return; } } elseif (!empty($_POST[($valid->name)])) { // range = 0, only one variable // patched 14-03-05 $query .= "AND " . $prefix . ($valid->name) . "='" . $database->getEscaped($_POST[($valid->name)]) . "' "; } } // end type=select and radio if (($valid->type)=="checkbox") { if (!empty($_POST[($valid->name)])) { $query .= "AND " . $prefix . ($valid->name) . "= 1 "; } } // end type=checkbox if (($valid->type)=="text" || ($valid->type)=="textarea" || ($valid->type)=="editorta" || ($valid->type)=="webaddress") { // range text if (($valid->range)==1) { // range = 1 $from = $valid->name."from"; $to = $valid->name."to"; if ( !empty($_POST[($from)]) && !empty($_POST[($to)]) ) { // neither empty // patched 14-03-05 $afrom = $database->getEscaped($_POST[($from)]); $ato = $database->getEscaped($_POST[($to)]); if ($afrom>$ato) { list($afrom, $ato) = array($ato, $afrom); } $query .= "AND " . $prefix . ($valid->name) . " BETWEEN '" . $afrom . "' AND '" . $ato . "' "; } elseif ( ( empty($_POST[($from)]) && !empty($_POST[($to)]) ) OR ( !empty($_POST[($from)]) && empty($_POST[($to)]) ) ) { // either one empty, not valid when range = 1 echo _UE_QUERY_NOT_VALID; return; } } else { // range END if (!empty($_POST[($valid->name)])) { $escaped = $database->getEscaped(trim( strtolower( $_POST[($valid->name)] ))); $query .= "AND " . $prefix . ($valid->name) . " LIKE '%$escaped%'"; } // range close } // close } // end type=text, textarea or editorta // PK edit PREDEFINED if (($valid->type)=="predefined") { if (!empty($_POST[($valid->name)])) { $escaped = $database->getEscaped(trim( strtolower( $_POST[($valid->name)] ))); $query .= "AND " . "u." . ($valid->name) . " LIKE '%$escaped%'"; } } // end type=predefined // PK MultiSelect if (($valid->type)=="multiselect") { if (!empty($_POST[($valid->name)]) && is_array($_POST[($valid->name)])) { $query .= "AND ( "; $mcount = count($_POST[($valid->name)]); $multi_sarray = $_POST[($valid->name)]; $i=0; for ($i; $i<$mcount; $i++) { // $ms_value = $database->getEscaped(trim( strtolower( $multi_sarray[$i] ))); $ms_value = $multi_sarray[$i]; if ($i==0) { $query .= $prefix.($valid->name)." LIKE '%".$ms_value."%'"; } else { $query .= " OR ".$prefix.($valid->name)." LIKE '%".$ms_value."%'"; } } $query .= ")"; } } // end multiselect // PK MultiCheckbox if (($valid->type)=="multicheckbox") { if (!empty($_POST[($valid->name)]) && is_array($_POST[($valid->name)])) { $query .= "AND ( "; $mcount = count($_POST[($valid->name)]); $multi_sarray = $_POST[($valid->name)]; $i=0; for ($i; $i<$mcount; $i++) { // $mc_value = $database->getEscaped(trim( strtolower( $multi_sarray[$i] ))); $mc_value = $multi_sarray[$i]; if ($i==0) { $query .= $prefix.($valid->name)." LIKE '%".$mc_value."%'"; } else { $query .= " OR ".$prefix.($valid->name)." LIKE '%".$mc_value."%'"; } } $query .= ")"; } } // end type=multicheckbox // PK Date (Age & Birthday only) if (($valid->type)=="date") { if ($valid->name == $enhanced_Config['lastvisitors_birthday_field']) { if (($valid->range)==1) { // range = 1 $from = $valid->name."from"; $to = $valid->name."to"; if ( !empty($_POST[($from)]) && !empty($_POST[($to)]) ) { $this_year = date('Y'); $search_age_from = $database->getEscaped($_POST[($from)]); $search_age_to = $database->getEscaped($_POST[($to)]); if ($search_age_from < $search_age_to) { list($search_age_from, $search_age_to) = array($search_age_to, $search_age_from); } if ($enhanced_Config['search_age_common_style']=='1') { $search_year_from = $this_year - 1 - $search_age_from."-01-01"; //$search_year_to = $this_year - 1 - $search_age_to."-12-31"; $search_year_to = $this_year - $search_age_to."-12-31"; } else { $search_year_from = $this_year - $search_age_from."-01-01"; $search_year_to = $this_year - $search_age_to."-12-31"; } $query .= "AND " . $prefix . ($valid->name) . " BETWEEN '" . $search_year_from . "' AND '" . $search_year_to . "' "; } elseif ( ( empty($_POST[($from)]) && !empty($_POST[($to)]) ) OR ( !empty($_POST[($from)]) && empty($_POST[($to)]) ) ) { // either one empty, not valid when range = 1 echo _UE_QUERY_NOT_VALID; return; } } else { //no range if (!empty($_POST[($valid->name)])) { $search_age = $_POST[($valid->name)]; $this_year = date('Y'); //if ($enhanced_Config['search_age_common_style']=='1') { // $search_year = $this_year - 1 - $search_age; //} else { $search_year = $this_year - $search_age; //} $query .= "AND ".$prefix.($valid->name)." LIKE '".$search_year."%'"; } } } } // end type=date age/birthday if (($valid->type)=="numericfloat" || ($valid->type)=="numericint") { if (($valid->range)==1) { // range = 1 $from = $valid->name."from"; $to = $valid->name."to"; if ( !empty($_POST[($from)]) && !empty($_POST[($to)]) ) { $_from = str_replace(',','.',$_POST[($from)]); $_to = str_replace(',','.',$_POST[($to)]); $afrom = floatval($database->getEscaped($_from)); $ato = floatval($database->getEscaped($_to)); if ($afrom>$ato) { list($afrom, $ato) = array($ato, $afrom); } $query .= "AND " . $prefix . ($valid->name) . " BETWEEN '" . $afrom . "' AND '" . $ato . "' "; } elseif ( ( empty($_POST[($from)]) && !empty($_POST[($to)]) ) OR ( !empty($_POST[($from)]) && empty($_POST[($to)]) ) ) { // either one empty, not valid when range = 1 echo _UE_QUERY_NOT_VALID; return; } } else { if (!empty($_POST[($valid->name)])) { $_escaped = str_replace(',','.',$_POST[($valid->name)]); $escaped = floatval($database->getEscaped(trim(strtolower($_escaped)))); $query .= "AND " . $prefix . ($valid->name) . " LIKE '$escaped'"; } } // close } // end type=nummericint, nummericfloat } // end of run-thru of parameters // now do hidden form to be posted to cbsearchlist // in order to process the query if (!isset($_REQUEST['Itemid'])) { if ($GLOBALS['Itemid_com']!='') { $Itemid_c = $GLOBALS['Itemid_com']; } else { $Itemid_c = ''; } } else { $Itemid_c = "&Itemid=".$_REQUEST['Itemid']; } $hidecbform =''; $hidecbform .= ''; $hidecbform .= ''; // when submitted, query is $_POST'ed to cbsearchlist for further processing echo $hidecbform; } // end isset($_POST('AdminForm')) else { // generate the search form // will be submitted to HTML_comprofiler::cbsearch // which then reposts it back to this function // and captured above for ($g=0; $g<=1; $g++) { if ($g<1) { $whereadd = "\n AND t.simple = '1'"; } else { $whereadd = "\n AND t.advanced = '1'"; } $database->setQuery( "SELECT f.fieldid, f.name, f.title, f.type, t.range FROM #__comprofiler_fields AS f, #__comprofiler_searchmanager AS t" . "\n WHERE f.published=1" . "\n AND f.fieldid = t.fieldid" .$whereadd . "\n ORDER BY t.ordering" ); $rowFields[$g] = $database->loadObjectList(); foreach ( $rowFields[$g] as $rowField ) { $fieldid = $rowField->fieldid; $name = $rowField->name; $title = getLangDefinition($rowField->title); $type = $rowField->type; $rangeflag = $rowField->range; switch ($type) { case "checkbox": { $sform[$g] .= ''; $sform[$g] .= $title.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ''; } break; // PK MultiCheckbox start case "multicheckbox": { $database->setQuery( "SELECT fieldtitle FROM #__comprofiler_field_values" . "\n WHERE fieldid = ".$database->getEscaped($fieldid) . "\n ORDER BY ordering" ); $Values = $database->loadObjectList(); if ( $Values ) { $options = ""; } else { $options .= "

"; $i=0; foreach ( $Values as $Value ) { $i= ($i==1) ? 2 : 1; $Value=$Value->fieldtitle; $langValue = getLangDefinition($Value); $options .= ''.$langValue.''."\n"; if ( $i == 2 ) { // $options .= " "; $options .= "
"; } else if (count($Values) == 1) { $options .= "
"; } } $sform[$g] .= '
'; $sform[$g] .= $title.' '; $sform[$g] .= "	\n"; $sform[$g] .= $options."

"; $sform[$g] .= ''; } } break; // PK MultiCheckbox end case "select": case "radio": { // patched 14-03-05 $database->setQuery( "SELECT fieldtitle FROM #__comprofiler_field_values" . "\n WHERE fieldid = ".$database->getEscaped($fieldid) . "\n ORDER BY ordering" ); $Values = $database->loadObjectList(); $options=''; if ( $Values ) { // first create $options because it is common regardless of t.range $options .= " \n"; // iterate through $Values, appending them to $options foreach ( $Values as $Value ) { $Value=$Value->fieldtitle; $langValue = getLangDefinition($Value); $options .= ' to close off $options .=" \n"; } // make title part $sform[$g] .= ''; $sform[$g] .= $title.' '; $sform[$g] .= ''; // now test for t.range if ( $rangeflag < 1 ) { $sform[$g] .= ' '; } else { $sform[$g] .= ' '; $sform[$g] .= $options.' '._UE_SEARCH_TO.' '; $sform[$g] .= ' '; } // end if ( $rangeflag ) $sform[$g] .= $options; $sform[$g] .= ''; } break; // PK MultiSelect start case "multiselect": { // patched 14-03-05 $database->setQuery( "SELECT fieldtitle FROM #__comprofiler_field_values" . "\n WHERE fieldid = ".$database->getEscaped($fieldid) . "\n ORDER BY ordering" ); $Values = $database->loadObjectList(); $database->setQuery( "SELECT size FROM #__comprofiler_fields WHERE fieldid='".$database->getEscaped($fieldid)."'" ); $fieldsize = $database->loadResult(); if ($fieldsize < 1){ $fieldsize = 1; } $options=''; if ( $Values ) { // first create $options because it is common regardless of t.range // $options .= "\n"; // iterate through $Values, appending them to $options foreach ( $Values as $Value ) { $Value=$Value->fieldtitle; $langValue = getLangDefinition($Value); $options .= ' to close off $options .="\n"; } // make title part $sform[$g] .= ''; $sform[$g] .= $title.' '; $sform[$g] .= "\n"; $sform[$g] .= ''."\n"; $sform[$g] .= $options; $sform[$g] .= ''; } break; // PK MultiSelect end // PK edit PREDEFINED case "predefined": case "editorta": case "textarea": case "text": { // $sform[$g] .= ''; // $sform[$g] .= $title.' '; // $sform[$g] .= ''; // $sform[$g] .= ''; // $sform[$g] .= ''; if ( $rangeflag < 1 ) { $sform[$g] .= ''; $sform[$g] .= $title.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ''; } else { $sform[$g] .= ''; $sform[$g] .= $title.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= '
'._UE_SEARCH_TO.'
'; $sform[$g] .= ''; $sform[$g] .= ''; } // end if ( $rangeflag ) } break; case "webaddress": { $sform[$g] .= ''; $sform[$g] .= $title.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ''; } break; // PK Datefield (Age & Birthday only) case "date": { if ($name == $enhanced_Config['lastvisitors_birthday_field']) { $title = _UE_SHOWAGE_TITLE; if ( $rangeflag < 1 ) { $sform[$g] .= ''; $sform[$g] .= $title.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ''; } else { $sform[$g] .= ''; $sform[$g] .= $title.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ' '._UE_SEARCH_TO.' '; $sform[$g] .= ''; $sform[$g] .= ''; } } } break; // Age end case "numericint": case "numericfloat": { if ( $rangeflag < 1 ) { $sform[$g] .= ''; $sform[$g] .= $title.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ''; } else { $sform[$g] .= ''; $sform[$g] .= $title.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ' '._UE_SEARCH_TO.' '; $sform[$g] .= ''; $sform[$g] .= ''; } // end if ( $rangeflag ) } break; // nummeric end } // end switch ($type) } // end foreach } // end for { // create additional search options for the $ueConfig['searchtab2'] tab $g=2; if ($enhanced_Config['onlinenow']=="1") { $sform[$g] .= ''; $sform[$g] .= _UE_ONLINE_NOW_ONLY.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ''; } if ($enhanced_Config['picture']=="1") { $sform[$g] .= ''; $sform[$g] .= _UE_PICTURE_ONLY.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ''; } if ($enhanced_Config['added10']=="1") { $sform[$g] .= ''; $sform[$g] .= _UE_ADDED_10_DAYS_OR_LESS.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ''; } if ($enhanced_Config['online10']=="1") { $sform[$g] .= ''; $sform[$g] .= _UE_ONLINE_10_DAYS_OR_LESS.' '; $sform[$g] .= ''; $sform[$g] .= ''; $sform[$g] .= ''; } } HTML_comprofiler::cbsearch($sform); } } function cbsearchlist( $option, $uid, $submitvalue) { global $database,$my,$ueConfig,$acl,$_POST; if (!allowAccess( $ueConfig['allow_listviewbyGID'],'RECURSE', userGID($my->id), $acl, '1')) { echo _UE_NOT_AUTHORIZED; return; } $database->setQuery("SELECT listid, title FROM #__comprofiler_lists WHERE published=1 ORDER BY ordering"); $plists = $database->loadObjectList(); $lists = array(); $publishedlists = array(); $n=count( $plists ); for ($i=0; $i < $n; $i++) { $plist =& $plists[$i]; $publishedlists[] = mosHTML::makeOption( $plist->listid, getLangDefinition($plist->title) ); } if((!isset($_POST['listid']) && !isset($_REQUEST['listid']) && !isset($_GET['listid'])) || (empty($_POST['listid']) && empty($_GET['listid']))) { $database->setQuery( "SELECT listid FROM #__comprofiler_lists " . "\n WHERE `default`=1 AND published=1" ); $listid = $database->loadresult(); } else { if(isset($_POST['listid'])) $listid = $_POST['listid']; else $listid = $_REQUEST['listid']; } if(!$listid > 0) { echo _UE_NOLISTFOUND; echo "
LISTID: ->".$_POST['listid']."<--"; print_r($_POST); return; } $lists['plists'] = mosHTML::selectList( $publishedlists, 'listid', 'class="inputbox" size="1" onchange="document.ueform.submit();"', 'value', 'text', $listid ); $database->setQuery( "SELECT l.* FROM #__comprofiler_lists l" . "\n WHERE l.listid='$listid' AND l.published=1" ); $row = $database->loadObjectList(); $col=$row[0]->col1fields; $col=explode('|*|',$col); $n=count( $col ); $active_cols = 0; if ($row[0]->col1enabled && ($row[0]->col2enabled || $row[0]->col3enabled || $row[0]->col4enabled)) { $active_cols = 1; } for ($i=0; $i < $n; $i++) { if($i==0 && $active_cols==1) { $lfields .= "\n"; } else { $lfields .= "
\n"; } if($col[$i]!='' && $col[$i]!=null) { $database->setQuery( "SELECT f.name, f.title, f.type " . "\nFROM #__comprofiler_fields AS f" . "\nWHERE f.published = 1 AND f.fieldid=".$col[$i]); $cfield = $database->loadObjectList(); $cfield = $cfield[0]; if($row[0]->col1captions==1) $oTitle = getLangDefinition($cfield->title).": "; else $oTitle=''; $lfields .= " \".getFieldValue('".$cfield->type."',\$user->".$cfield->name.",\$user,'".$oTitle."').\""; } } if ($active_cols > 0) { $lfields .= "\n"; } else { $lfields .= "
\n"; } if($row[0]->col2enabled) { $col=$row[0]->col2fields; $col=explode('|*|',$col); $n=count( $col ); for ($i=0; $i < $n; $i++) { if($i==0) $lfields .= "\n"; else $lfields .= "
\n"; if($col[$i]!='' && $col[$i]!=null) { $database->setQuery( "SELECT f.name, f.title, f.type " . "\nFROM #__comprofiler_fields AS f" . "\nWHERE f.published = 1 AND f.fieldid=".$col[$i]); $cfield = $database->loadObjectList(); $cfield = $cfield[0]; if($row[0]->col2captions==1) $oTitle = getLangDefinition($cfield->title).": "; else $oTitle=''; $lfields .= " \".getFieldValue('".$cfield->type."',\$user->".$cfield->name.",\$user,'".$oTitle."').\""; } } $lfields .= "\n"; } if($row[0]->col3enabled) { $col=$row[0]->col3fields; $col=explode('|*|',$col); $n=count( $col ); for ($i=0; $i < $n; $i++) { if($i==0) $lfields .= "\n"; else $lfields .= "
\n"; $database->setQuery( "SELECT f.name, f.title, f.type " . "\nFROM #__comprofiler_fields AS f" . "\nWHERE f.published = 1 AND f.fieldid=".$col[$i]); $cfield = $database->loadObjectList(); $cfield = $cfield[0]; if($row[0]->col3captions==1) $oTitle = getLangDefinition($cfield->title).": "; else $oTitle=''; $lfields .= " \".getFieldValue('".$cfield->type."',\$user->".$cfield->name.",\$user,'".$oTitle."').\""; } $lfields .= "\n"; } if($row[0]->col4enabled) { $col=$row[0]->col4fields; $col=explode('|*|',$col); $n=count( $col ); for ($i=0; $i < $n; $i++) { if($i==0) $lfields .= "\n"; else $lfields .= "
\n"; if($col[$i]!='' && $col[$i]!=null) { $database->setQuery( "SELECT f.name, f.title, f.type " . "\nFROM #__comprofiler_fields AS f" . "\nWHERE f.published = 1 AND f.fieldid=".$col[$i]); $cfield = $database->loadObjectList(); $cfield = $cfield[0]; if($row[0]->col4captions==1) $oTitle = getLangDefinition($cfield->title).": "; else $oTitle=''; $lfields .= " \".getFieldValue('".$cfield->type."',\$user->".$cfield->name.",\$user,'".$oTitle."').\""; } } $lfields .= "\n"; } $row=$row[0]; HTML_comprofiler::cbsearchlist($row,$lfields,$lists,$listid,$submitvalue); } function unregister_( $option, $uid, $submitvalue ) { global $database, $my, $acl; include("components/com_comprofiler/enhanced/enhanced_functions.inc"); unRegister($option, $uid, $submitvalue); } function deleteUser_( $option, $uid, $submitvalue ) { global $database, $my, $acl; include("components/com_comprofiler/enhanced/enhanced_functions.inc"); deleteUser($option, $uid, $submitvalue); } function checkUserName ( $option, $val_name ) { global $database, $ueConfig, $_GET, $_REQUEST; if ($ueConfig['reg_useajax']!='1') { exit(); } // echo "Name -> ".$val_name."
"; if ($val_name != "") { if (eregi("[a-z']",cbGetEscaped($val_name))) { $val_name = cbGetEscaped($val_name); $val_name = str_replace(';','',$val_name); $val_name = str_replace("\'",'',$val_name); } $database->setQuery("SELECT username FROM #__users WHERE username='".$val_name."' LIMIT 1"); $con_name = $database->loadResult(); if ($con_name != '') { $ck_stat = "USRtest:false \n"; } else { if (do_badname_check($val_name)) { $ck_stat = "USRtest:false \n"; } else { $ck_stat = "USRtest:true \n"; } } } else { $ck_stat = "USRtest:empty \n"; } echo $ck_stat; } function do_badname_check ( $ck_name ) { global $database; $database->setQuery("SELECT badname FROM #__comprofiler_bad_usernames WHERE published='1'"); $badnames = $database->loadResultArray(); $tilt = 0; foreach ($badnames as $badname) { if (stristr($ck_name, $badname)) { $tilt = 1; } } return $tilt; } function showTopMost($Itemid_cbe, $Itemid_j) { global $database, $ueConfig, $enhanced_Config, $acl, $my; if ($enhanced_Config['topMost_active'] != '1') { echo _UE_TPM_NOTACTIVE; return; } $limit = $enhanced_Config['topMostLimit']; $tp_query = "SELECT ct.*, u.username from #__comprofiler_userstime as ct, #__users as u WHERE ct.userid = u.id ORDER BY ct.logtimesum DESC LIMIT ".$limit; $database->setQuery($tp_query); $toptimes = $database->loadObjectList(); if (!$database->query()) { // echo "\n"; // exit(); } HTML_comprofiler::showTopMost($toptimes,$option,$my,$Itemid_cbe,$Itemid_j); } function realChat($option, $uid) { global $database, $my, $ueConfig, $enhanced_Config, $mosConfig_live_site, $acl; if (!ISSET($_REQUEST['user']) && $uid==0) { echo _UE_REGISTERFORPROFILE; return; } if ($uid == '0') { mosNotAuth(); return; } // include('components/com_comprofiler/enhanced/realchat/chat_api.php'); include('components/com_comprofiler/enhanced/enhanced_functions.inc'); $time_now = time(); $database->setQuery( "SELECT * FROM #__comprofiler c, #__users u WHERE c.id=u.id AND c.id='".$uid."'"); $users = $database->loadObjectList(); $user = $users[0]; $user->age = cb_user_age($user->cb_birthday, $time_now); $user->registerDate = explode(' ', $user->registerDate); $user->registerDate = $user->registerDate[0]; $user->registerDate = dateConverter($user->registerDate, 'Y-m-d', 'd.m.Y'); HTML_comprofiler::realChat($user,$option,$submitvalue); } function cbe_version() { global $ueConfig; echo "Version: ".$ueConfig['version']."
"; } function pk_test() { global $database, $ueConfig, $enhancec_Config, $acl; echo "Nothing to test here
\n"; } ?>

Passwort vergessen?
Bitte gebe deinen Benutzernamen und deine E-Mail Adresse ein und klicke auf Passwort senden. In Kürze erhältst du ein neues Passwort. Verwende dieses Passwort, um dich anzumelden.
Benutzername:
E-Mail Adresse: