| [ Index ] |
PHP Cross Reference of MyBB 1.4.13 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.4 4 * Copyright © 2008 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybboard.net 7 * License: http://www.mybboard.net/about/license 8 * 9 * $Id: reputation.php 4699 2010-01-18 13:42:50Z Tomm $ 10 */ 11 12 define("IN_MYBB", 1); 13 define('THIS_SCRIPT', 'reputation.php'); 14 15 $templatelist = ''; 16 require_once "./global.php"; 17 18 require_once MYBB_ROOT."inc/class_parser.php"; 19 $parser = new postParser; 20 21 // Load global language phrases 22 $lang->load("reputation"); 23 24 // Check if the reputation system is globally disabled or not. 25 if($mybb->settings['enablereputation'] != 1) 26 { 27 error($lang->reputation_disabled); 28 } 29 30 // Does this user have permission to view the board? 31 if($mybb->usergroup['canview'] != 1) 32 { 33 error_no_permission(); 34 } 35 36 // If we have a specified incoming username, validate it and fetch permissions for it 37 $uid = intval($mybb->input['uid']); 38 $user = get_user($uid); 39 if(!$user['uid']) 40 { 41 error($lang->add_no_uid); 42 } 43 $user_permissions = user_permissions($uid); 44 45 $show_back = '0'; 46 47 // Here we perform our validation when adding a reputation to see if the user 48 // has permission or not. This is done here to save duplicating the same code. 49 if($mybb->input['action'] == "add" || $mybb->input['action'] == "do_add") 50 { 51 // This user doesn't have permission to give reputations. 52 if($mybb->usergroup['cangivereputations'] != 1) 53 { 54 $message = $lang->add_no_permission; 55 eval("\$error = \"".$templates->get("reputation_add_error")."\";"); 56 output_page($error); 57 exit; 58 } 59 60 // The user we're trying to give a reputation to doesn't have permission to receive reps. 61 if($user_permissions['usereputationsystem'] != 1) 62 { 63 $message = $lang->add_disabled; 64 eval("\$error = \"".$templates->get("reputation_add_error")."\";"); 65 output_page($error); 66 exit; 67 } 68 69 // Is this user trying to give themself a reputation? 70 if($uid == $mybb->user['uid']) 71 { 72 $message = $lang->add_yours; 73 eval("\$error = \"".$templates->get("reputation_add_error")."\";"); 74 output_page($error); 75 exit; 76 } 77 78 // Check if this user has reached their "maximum reputations per day" quota 79 if($mybb->usergroup['maxreputationsday'] != 0 && ($mybb->input['action'] != "do_add" || ($mybb->input['action'] == "do_add" && !$mybb->input['delete']))) 80 { 81 $timesearch = TIME_NOW - (60 * 60 * 24); 82 $query = $db->simple_select("reputation", "*", "adduid='".$mybb->user['uid']."' AND dateline>'$timesearch'"); 83 $numtoday = $db->num_rows($query); 84 85 // Reached the quota - error. 86 if($numtoday >= $mybb->usergroup['maxreputationsday']) 87 { 88 $message = $lang->add_maxperday; 89 eval("\$error = \"".$templates->get("reputation_add_error")."\";"); 90 output_page($error); 91 exit; 92 } 93 } 94 95 // Fetch the existing reputation for this user given by our current user if there is one. 96 $query = $db->simple_select("reputation", "*", "adduid='".$mybb->user['uid']."' AND uid='{$uid}'"); 97 $existing_reputation = $db->fetch_array($query); 98 } 99 100 // Saving the new reputation 101 if($mybb->input['action'] == "do_add" && $mybb->request_method == "post") 102 { 103 // Verify incoming POST request 104 verify_post_check($mybb->input['my_post_key']); 105 106 $plugins->run_hooks("reputation_do_add_start"); 107 108 // Check if the reputation power they're trying to give is within their "power limit" 109 $reputation = intval(str_replace("-", "", $mybb->input['reputation'])); 110 111 // Deleting our current reputation of this user. 112 if($mybb->input['delete']) 113 { 114 $db->delete_query("reputation", "uid='{$uid}' AND adduid='".$mybb->user['uid']."'"); 115 116 // Recount the reputation of this user - keep it in sync. 117 $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'"); 118 $reputation_value = $db->fetch_field($query, "reputation_count"); 119 120 $db->update_query("users", array('reputation' => intval($reputation_value)), "uid='{$uid}'"); 121 eval("\$error = \"".$templates->get("reputation_deleted")."\";"); 122 output_page($error); 123 exit; 124 } 125 126 if(trim($mybb->input['comments']) == "" || my_strlen($mybb->input['comments']) < 10) 127 { 128 $show_back = 1; 129 $message = $lang->add_no_comment; 130 eval("\$error = \"".$templates->get("reputation_add_error")."\";"); 131 output_page($error); 132 exit; 133 } 134 135 // The power for the reputation they specified was invalid. 136 if($reputation > $mybb->usergroup['reputationpower'] || !is_numeric($mybb->input['reputation'])) 137 { 138 $show_back = 1; 139 $message = $lang->add_invalidpower; 140 eval("\$error = \"".$templates->get("reputation_add_error")."\";"); 141 output_page($error); 142 exit; 143 } 144 145 // Build array of reputation data. 146 $reputation = array( 147 "uid" => $uid, 148 "adduid" => $mybb->user['uid'], 149 "reputation" => intval($mybb->input['reputation']), 150 "dateline" => TIME_NOW, 151 "comments" => $db->escape_string($mybb->input['comments']) 152 ); 153 154 $plugins->run_hooks("reputation_do_add_process"); 155 156 // Updating an existing reputation 157 if($existing_reputation['uid']) 158 { 159 $db->update_query("reputation", $reputation, "rid='".$existing_reputation['rid']."'"); 160 161 // Recount the reputation of this user - keep it in sync. 162 $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'"); 163 $reputation_value = $db->fetch_field($query, "reputation_count"); 164 165 $db->update_query("users", array('reputation' => intval($reputation_value)), "uid='{$uid}'"); 166 167 $lang->vote_added = $lang->vote_updated; 168 $lang->vote_added_message = $lang->vote_updated_message; 169 } 170 // Insert a new reputation 171 else 172 { 173 $db->insert_query("reputation", $reputation); 174 175 // Recount the reputation of this user - keep it in sync. 176 $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'"); 177 $reputation_value = $db->fetch_field($query, "reputation_count"); 178 179 $db->update_query("users", array('reputation' => intval($reputation_value)), "uid='{$uid}'"); 180 } 181 182 $plugins->run_hooks("reputation_do_add_end"); 183 184 185 eval("\$reputation = \"".$templates->get("reputation_added")."\";"); 186 output_page($reputation); 187 } 188 189 // Adding a new reputation 190 if($mybb->input['action'] == "add") 191 { 192 $plugins->run_hooks("reputation_add_start"); 193 194 // If we have an existing reputation for this user, the user can modify or delete it. 195 if($existing_reputation['uid']) 196 { 197 $vote_title = $lang->sprintf($lang->update_reputation_vote, $user['username']); 198 $vote_button = $lang->update_vote; 199 $comments = htmlspecialchars_uni($existing_reputation['comments']); 200 $delete_button = "<input type=\"submit\" name=\"delete\" value=\"{$lang->delete_vote}\" />"; 201 } 202 // Otherwise we're adding an entirely new reputation for this user. 203 else 204 { 205 $vote_title = $lang->sprintf($lang->add_reputation_vote, $user['username']); 206 $vote_button = $lang->add_vote; 207 $comments = ''; 208 $delete_button = ''; 209 } 210 $lang->user_comments = $lang->sprintf($lang->user_comments, $user['username']); 211 212 // Draw the "power" options 213 $positive_power = ''; 214 $negative_power = ''; 215 $vote_check = ''; 216 if($existing_reputation['uid']) 217 { 218 $vote_check[$existing_reputation['reputation']] = " selected=\"selected\""; 219 } 220 $reputationpower = $mybb->usergroup['reputationpower']; 221 for($i = 1; $i <= $reputationpower; ++$i) 222 { 223 $positive_title = $lang->sprintf($lang->power_positive, "+".$i); 224 $positive_power = "\t\t\t\t\t<option value=\"{$i}\" class=\"reputation_positive\" onclick=\"$('reputation').className='reputation_positive'\"{$vote_check[$i]}>{$positive_title}</option>\n".$positive_power; 225 $negative_title = $lang->sprintf($lang->power_negative, "-".$i); 226 $negative_power .= "\t\t\t\t\t<option value=\"-{$i}\" class=\"reputation_negative\" onclick=\"$('reputation').className='reputation_negative'\"{$vote_check[-$i]}>{$negative_title}</option>\n"; 227 } 228 229 eval("\$reputation_add = \"".$templates->get("reputation_add")."\";"); 230 $plugins->run_hooks("reputation_add_end"); 231 output_page($reputation_add); 232 } 233 234 // Delete a specific reputation from a user. 235 if($mybb->input['action'] == "delete") 236 { 237 // Verify incoming POST request 238 verify_post_check($mybb->input['my_post_key']); 239 240 // Fetch the existing reputation for this user given by our current user if there is one. 241 $query = $db->simple_select("reputation", "*", "rid='".$mybb->input['rid']."'"); 242 $existing_reputation = $db->fetch_array($query); 243 244 // Only administrators as well as users who gave a specifc vote can delete one. 245 if($mybb->usergroup['cancp'] != 1 && $existing_reputation['adduid'] != $mybb->user['uid']) 246 { 247 error_no_permission(); 248 } 249 250 // Delete the specified reputation 251 $db->delete_query("reputation", "uid='{$uid}' AND rid='".$mybb->input['rid']."'"); 252 253 // Recount the reputation of this user - keep it in sync. 254 $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'"); 255 $reputation_value = $db->fetch_field($query, "reputation_count"); 256 257 $db->update_query("users", array('reputation' => intval($reputation_value)), "uid='{$uid}'"); 258 259 redirect("reputation.php?uid={$uid}", $lang->vote_deleted_message); 260 } 261 262 // Otherwise, show a listing of reputations for the given user. 263 if(!$mybb->input['action']) 264 { 265 if($user_permissions['usereputationsystem'] != 1) 266 { 267 error($lang->reputations_disabled_group); 268 } 269 270 $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']); 271 $lang->reputation_report = $lang->sprintf($lang->reputation_report, $user['username']); 272 273 // Format the user name using the group username style 274 $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']); 275 276 // Set display group to their user group if they don't have a display group. 277 if(!$user['displaygroup']) 278 { 279 $user['displaygroup'] = $user['usergroup']; 280 } 281 282 // Fetch display group properties. 283 $display_group = usergroup_displaygroup($user['displaygroup']); 284 285 // This user has a custom user title 286 if($user['usertitle'] != '') 287 { 288 $usertitle = $user['usertitle']; 289 } 290 // Using our display group's user title 291 else if($display_group['usertitle'] != '') 292 { 293 $usertitle = $display_group['usertitle']; 294 } 295 // Otherwise, fetch it from our titles table for the number of posts this user has 296 else 297 { 298 $query = $db->simple_select("usertitles", "*", "posts<='{$user['postnum']}'", array('order_by' => 'posts', 'order_dir' => 'DESC')); 299 $title = $db->fetch_array($query); 300 $usertitle = $title['title']; 301 } 302 303 // If the user has permission to add reputations - show the image 304 if($mybb->usergroup['cangivereputations'] == 1) 305 { 306 eval("\$add_reputation = \"".$templates->get("reputation_addlink")."\";"); 307 } 308 else 309 { 310 $add_reputation = ''; 311 } 312 313 // Build navigation menu 314 add_breadcrumb($lang->nav_profile, get_profile_link($user['uid'])); 315 add_breadcrumb($lang->nav_reputation); 316 317 // Check our specified conditionals for what type of reputations to show 318 $show_select = ''; 319 switch($mybb->input['show']) 320 { 321 case "positive": 322 $conditions = 'AND r.reputation>0'; 323 $show_selected['positive'] = 'selected="selected"'; 324 break; 325 case "neutral": 326 $conditions = 'AND r.reputation=0'; 327 $show_selected['neutral'] = 'selected="selected"'; 328 break; 329 case "negative": 330 $conditions = 'AND r.reputation<0'; 331 $show_selected['negative'] = 'selected="selected"'; 332 break; 333 default: 334 $conditions = ''; 335 $show_select['all'] = 'selected="selected"'; 336 break; 337 } 338 339 // Check the sorting options for the reputation list 340 $sort_select = ''; 341 switch($mybb->input['sort']) 342 { 343 case "username": 344 $order = "u.username ASC"; 345 $sort_selected['username'] = 'selected="selected"'; 346 break; 347 default: 348 $order = "r.dateline DESC"; 349 $sort_selected['last_updated'] = 'selected="selected"'; 350 break; 351 } 352 // Fetch the total number of reputations for this user 353 $query = $db->simple_select("reputation r", "COUNT(r.rid) AS reputation_count", "r.uid='{$user['uid']}' $conditions"); 354 $reputation_count = $db->fetch_field($query, "reputation_count"); 355 356 // If the user has no reputation, suspect 0... 357 if(!$user['reptuation']) 358 { 359 $user['reputation'] = 0; 360 } 361 362 // Quickly check to see if we're in sync... 363 $query = $db->simple_select("reputation", "SUM(reputation) AS reputation", "uid = '".$user['uid']."'"); 364 $sync_reputation = $db->fetch_field($query, "reputation"); 365 366 if($sync_reputation != $user['reputation']) 367 { 368 // We're out of sync! Oh noes! 369 $db->update_query("users", array("reputation" => $sync_reputation), "uid = '".$user['uid']."'"); 370 $user['reputation'] = $sync_reputation; 371 } 372 373 // Set default count variables to 0 374 $positive_count = $negative_count = $neutral_count = 0; 375 $positive_week = $negative_week = $neutral_week = 0; 376 $positive_month = $negative_month = $neutral_month = 0; 377 $positive_6months = $negative_6months = $neutral_6months = 0; 378 379 // Unix timestamps for when this week, month and last 6 months started 380 $last_week = TIME_NOW-604800; 381 $last_month = TIME_NOW-2678400; 382 $last_6months = TIME_NOW-16070400; 383 384 // Query reputations for the "reputation card" 385 $query = $db->simple_select("reputation", "reputation, dateline", "uid='{$user['uid']}'"); 386 while($reputation_vote = $db->fetch_array($query)) 387 { 388 // This is a positive reputation 389 if($reputation_vote['reputation'] > 0) 390 { 391 $positive_count++; 392 if($reputation_vote['dateline'] >= $last_week) 393 { 394 $positive_week++; 395 } 396 if($reputation_vote['dateline'] >= $last_month) 397 { 398 $positive_month++; 399 } 400 if($reputation_vote['dateline'] >= $last_6months) 401 { 402 $positive_6months++; 403 } 404 } 405 // Negative reputation given 406 else if($reputation_vote['reputation'] < 0) 407 { 408 $negative_count++; 409 if($reputation_vote['dateline'] >= $last_week) 410 { 411 $negative_week++; 412 } 413 if($reputation_vote['dateline'] >= $last_month) 414 { 415 $negative_month++; 416 } 417 if($reputation_vote['dateline'] >= $last_6months) 418 { 419 $negative_6months++; 420 } 421 } 422 // Neutral reputation given 423 else 424 { 425 $neutral_count++; 426 if($reputation_vote['dateline'] >= $last_week) 427 { 428 $neutral_week++; 429 } 430 if($reputation_vote['dateline'] >= $last_month) 431 { 432 $neutral_month++; 433 } 434 if($reputation_vote['dateline'] >= $last_6months) 435 { 436 $neutral_6months++; 437 } 438 } 439 } 440 441 // Check if we're browsing a specific page of results 442 if(intval($mybb->input['page']) > 0) 443 { 444 $page = $mybb->input['page']; 445 $start = ($page-1) *$mybb->settings['repsperpage']; 446 $pages = $reputation_count / $mybb->settings['repsperpage']; 447 $pages = ceil($pages); 448 if($page > $pages) 449 { 450 $start = 0; 451 $page = 1; 452 } 453 } 454 else 455 { 456 $start = 0; 457 $page = 1; 458 } 459 460 // Build out multipage navigation 461 if($reputation_count > 0) 462 { 463 $multipage = multipage($reputation_count, $mybb->settings['repsperpage'], $page, "reputation.php?uid={$user['uid']}"); 464 } 465 466 // Fetch the reputations which will be displayed on this page 467 $query = $db->query(" 468 SELECT r.*, r.uid AS rated_uid, u.uid, u.username, u.reputation AS user_reputation, u.usergroup AS user_usergroup, u.displaygroup AS user_displaygroup 469 FROM ".TABLE_PREFIX."reputation r 470 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.adduid) 471 WHERE r.uid='{$user['uid']}' $conditions 472 ORDER BY $order 473 LIMIT $start, {$mybb->settings['repsperpage']} 474 "); 475 while($reputation_vote = $db->fetch_array($query)) 476 { 477 // Get the reputation for the user who posted this comment 478 if($reputation_vote['adduid'] == 0) 479 { 480 $reputation_vote['user_reputation'] = 0; 481 } 482 483 $reputation_vote['user_reputation'] = get_reputation($reputation_vote['user_reputation'], $reputation_vote['adduid']); 484 485 // Format the username of this poster 486 if(!$reputation_vote['username']) 487 { 488 $reputation_vote['username'] = $lang->na; 489 $reputation_vote['user_reputation'] = ''; 490 } 491 else 492 { 493 $reputation_vote['username'] = format_name($reputation_vote['username'], $reputation_vote['user_usergroup'], $reputation_vote['user_displaygroup']); 494 $reputation_vote['username'] = build_profile_link($reputation_vote['username'], $reputation_vote['uid']); 495 $reputation_vote['user_reputation'] = "({$reputation_vote['user_reputation']})"; 496 } 497 498 $vote_reputation = intval($reputation_vote['reputation']); 499 500 // This is a negative reputation 501 if($vote_reputation < 0) 502 { 503 $status_class = "trow_reputation_negative"; 504 $vote_type_class = "reputation_negative"; 505 $vote_type = $lang->negative; 506 } 507 // This is a neutral reputation 508 else if($vote_reputation == 0) 509 { 510 $status_class = "trow_reputation_neutral"; 511 $vote_type_class = "reputation_neutral"; 512 $vote_type = $lang->neutral; 513 } 514 // Otherwise, this is a positive reputation 515 else 516 { 517 $vote_reputation = "+{$vote_reputation}"; 518 $status_class = "trow_reputation_positive"; 519 $vote_type_class = "reputation_positive"; 520 $vote_type = $lang->positive; 521 } 522 523 $vote_reputation = "({$vote_reputation})"; 524 525 // Format the date this reputation was last modified 526 $last_updated_date = my_date($mybb->settings['dateformat'], $reputation_vote['dateline']); 527 $last_updated_time = my_date($mybb->settings['timeformat'], $reputation_vote['dateline']); 528 $last_updated = $lang->sprintf($lang->last_updated, $last_updated_date, $last_updated_time); 529 530 // Does the current user have permission to delete this reputation? Show delete link 531 if($mybb->usergroup['cancp'] == 1 || ($mybb->usergroup['cangivereputations'] == 1 && $reputation_vote['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0)) 532 { 533 $delete_link = "[<a href=\"reputation.php?action=delete&uid={$reputation_vote['rated_uid']}&rid={$reputation_vote['rid']}\" onclick=\"MyBB.deleteReputation({$reputation_vote['rated_uid']}, {$reputation_vote['rid']}); return false;\">{$lang->delete_vote}</a>]"; 534 } 535 else 536 { 537 $delete_link = ''; 538 } 539 540 // Parse smilies in the reputation vote 541 $reputation_parser = array( 542 "allow_html" => 0, 543 "allow_mycode" => 0, 544 "allow_smilies" => 1, 545 "allow_imgcode" => 0 546 ); 547 548 $reputation_vote['comments'] = $parser->parse_message($reputation_vote['comments'], $reputation_parser); 549 eval("\$reputation_votes .= \"".$templates->get("reputation_vote")."\";"); 550 } 551 552 // If we don't have any reputations display a nice message. 553 if(!$reputation_votes) 554 { 555 eval("\$reputation_votes = \"".$templates->get("reputation_no_votes")."\";"); 556 } 557 558 $plugins->run_hooks("reputation_end"); 559 eval("\$reputation = \"".$templates->get("reputation")."\";"); 560 output_page($reputation); 561 } 562 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Apr 19 19:52:21 2010 | Cross-referenced by PHPXref 0.7 |