<?phpif (!defined('DATALIFEENGINE')) { die("Hacking attempt!");}i

1. <?php
2.  
3. if (!defined('DATALIFEENGINE')) {
4. die("Hacking attempt!");
5. }
6.  
7. include_once ENGINE_DIR . '/classes/parse.class.php';
8. $parse = new ParseFilter();
9. $parse->safe_mode = true;
10.  
11. $tpl->load_template('users_search.tpl');
12.  
13. $g = 0;
14.  
15. $_GET['count'] = intval($_GET['count']);
16. $_GET['order'] = addslashes($_GET['order']);
17. $_GET['sort'] = addslashes($_GET['sort']);
18. $_GET['usergroups'] = intval($_GET['usergroups']);
19. $_GET['login'] = addslashes($_GET['login']);
20.  
21. while ($g++ <= 9) {
22. $u = $g * 10;
23. if ($_GET['count'] != $u)
24. $sel_num .= '<option value="' . $u . '">' . $u . '</option>';
25. else
26. $sel_num .= '<option value="' . $u . '" selected>' . $u . '</option>';
27. }
28.  
29. $tpl->set('{count}', $sel_num);
30.  
31. $orders = array(
32. 'name' => 'Логин',
33. 'user_group' => 'Группа',
34. 'reg_date' => 'Регистрация',
35. 'lastdate' => 'Вход',
36. 'news_num' => 'Новостей',
37. 'comm_num' => 'Комментариев'
38. );
39.  
40. foreach ($orders as $key => $value) {
41. if ($_GET['order'] == $key)
42. $order .= '<option value="' . $key . '" selected>' . $value . '</option>';
43. else
44. $order .= '<option value="' . $key . '">' . $value . '</option>';
45. }
46.  
47. $tpl->set('{order}', $order);
48.  
49. $sorts = array(
50. 'ASC' => 'По возрастанию',
51. 'DESC' => 'По убыванию'
52. );
53.  
54. foreach ($sorts as $key => $value) {
55. if ($_GET['sort'] == $key)
56. $sort .= '<option value="' . $key . '" selected>' . $value . '</option>';
57. else
58. $sort .= '<option value="' . $key . '">' . $value . '</option>';
59. }
60.  
61. $tpl->set('{sort}', $sort);
62.  
63. $usergroups = $db->query("SELECT * FROM " . USERPREFIX . "_usergroups");
64.  
65. while ($row = $db->get_row($usergroups)) {
66. if ($_GET['usergroups'] == $row['id'])
67. $group_s .= '<option value="' . $row['id'] . '" selected>' . $row['group_name'] . '</option>';
68. else
69. $group_s .= '<option value="' . $row['id'] . '">' . $row['group_name'] . '</option>';
70. }
71.  
72. $tpl->set('{usergroups}', $group_s);
73.  
74. if ($_GET['count'] != "") {
75. $searchcount = intval($_GET['count']);
76. $postfix .= "&count=$searchcount";
77. } else {
78. $searchcount = 10;
79. }
80.  
81. if ($_GET['order'] != "") {
82. $order_by = $_GET['order'];
83. $postfix .= "&order=" . $_GET['order'];
84. } else
85. $order_by = "user_group";
86.  
87. if ($_GET['sort'] != "") {
88. $sort_by = $_GET['sort'];
89. $postfix .= "&sort=" . $_GET['sort'];
90. } else {
91. $sort_by = "ASC";
92. }
93.  
94. if ($_GET['usergroups'] != "" or $_GET['login'] != "")
95. $where_w = "WHERE ";
96.  
97. if ($_GET['usergroups'] != "") {
98. $where_w .= "user_group=" . $_GET['usergroups'];
99. $postfix .= "&usergroups=" . $_GET['usergroups'];
100. }
101.  
102. if ($_GET['login'] != "") {
103. if ($_GET['usergroups'] != "")
104. $where_w .= " AND ";
105. $where_w .= "name like '%" . $_GET['login'] . "%'";
106. $postfix .= "&login=" . $_GET['login'];
107. $login_val = $_GET['login'];
108. }
109.  
110. $tpl->set('{login}', $login_val);
111.  
112. $sql_count = "SELECT COUNT(*) as count FROM " . PREFIX . "_users $where_w";
113.  
114. $row = $db->super_query($sql_count);
115. $count_all = $row['count'];
116.  
117. function pluralForm($count_all, $numb1, $numb2, $numb3)
118. {
119. $count_all = abs($count_all) % 100;
120. $n1 = $count_all % 10;
121. if ($count_all > 10 && $count_all < 20)
122. return $numb3;
123. if ($n1 > 1 && $n1 < 5)
124. return $numb2;
125. if ($n1 == 1)
126. return $numb1;
127. return $numb3;
128. }
129.  
130. $tpl->set('{numbers}', pluralForm($count_all, 'Найден', 'Найдено', 'Найдено') . ' ' . $count_all . ' ' . pluralForm($count_all, 'пользователь', 'пользвателя', 'пользователей'));
131. $tpl->compile('content');
132.  
133. if (!isset($cstart) or ($cstart < 1)) {
134. $cstart = 1;
135. $cstartlimit = 0;
136. } else {
137. $cstartlimit = ($cstart - 1) * $searchcount;
138. }
139.  
140. $i = $cstartlimit;
141.  
142. $sql_result = $db->query("SELECT * FROM " . USERPREFIX . "_users $where_w ORDER BY $order_by $sort_by LIMIT $cstartlimit,$searchcount");
143.  
144. $tpl->load_template('users.tpl');
145.  
146. while ($row = $db->get_row($sql_result)) {
147.  
148. if ($row['banned'] == 'yes')
149. $user_group[$row['user_group']]['group_name'] = $lang['user_ban'];
150.  
151. $i++;
152.  
153. $tpl->set('{numb}', "$i");
154.  
155. if ($row['allow_mail']) {
156. if (!$user_group[$member_id['user_group']]['allow_feed'] AND $row['user_group'] != 1) {
157. $tpl->set_block("'\\[email\\](.*?)\\[/email\\]'si", "");
158. $tpl->set('{email}', "");
159. $tpl->set('[not-email]', "");
160. $tpl->set('[/not-email]', "");
161. } else {
162. $tpl->set('[email]', "");
163. $tpl->set('[/email]', "");
164. $tpl->set('{email}', "$PHP_SELF?do=feedback&amp;user=$row[user_id]");
165. $tpl->set_block("'\\[not-email\\](.*?)\\[/not-email\\]'si", "");
166. }
167. } else {
168. $tpl->set_block("'\\[email\\](.*?)\\[/email\\]'si", "");
169. $tpl->set('{email}', "");
170. $tpl->set('[not-email]', "");
171. $tpl->set('[/not-email]', "");
172. }
173.  
174. if ($user_group[$member_id['user_group']]['allow_pm']) {
175. $tpl->set('[pm]', "");
176. $tpl->set('[/pm]', "");
177. $tpl->set('{pm}', "$PHP_SELF?do=pm&amp;doaction=newpm&amp;user=" . $row['user_id']);
178. $tpl->set_block("'\\[not-pm\\](.*?)\\[/not-pm\\]'si", "");
179. } else {
180. $tpl->set_block("'\\[pm\\](.*?)\\[/pm\\]'si", "");
181. $tpl->set('{pm}', "");
182. $tpl->set('[not-pm]', "");
183. $tpl->set('[/not-pm]', "");
184. }
185.  
186. if (count(explode("@", $row['foto'])) == 2) {
187. $tpl->set('{gravatar}', $row['foto']);
188.  
189. $tpl->set('{foto}', 'http://www.gravatar.com/avatar/' . md5(trim($row['foto'])) . '?s=' . intval($user_group[$row['user_group']]['max_foto']));
190.  
191. } else {
192.  
193. if ($row['foto']) {
194.  
195. if (strpos($row['foto'], "//") === 0)
196. $avatar = "http:" . $row['foto'];
197. else
198. $avatar = $row['foto'];
199.  
200. $avatar = @parse_url($avatar);
201.  
202. if ($avatar['host']) {
203.  
204. $tpl->set('{foto}', $row['foto']);
205.  
206. } else
207. $tpl->set('{foto}', $config['http_home_url'] . "uploads/fotos/" . $row['foto']);
208.  
209. } else
210. $tpl->set('{foto}', "{THEME}/dleimages/noavatar.png");
211.  
212. }
213.  
214. $tpl->set('{usertitle}', stripslashes($row['name']));
215.  
216. if ($row['fullname']) {
217. $tpl->set('[fullname]', "");
218. $tpl->set('[/fullname]', "");
219. $tpl->set('{fullname}', stripslashes($row['fullname']));
220. $tpl->set_block("'\\[not-fullname\\](.*?)\\[/not-fullname\\]'si", "");
221.  
222. } else {
223. $tpl->set_block("'\\[fullname\\](.*?)\\[/fullname\\]'si", "");
224. $tpl->set('{fullname}', "");
225. $tpl->set('[not-fullname]', "");
226. $tpl->set('[/not-fullname]', "");
227. }
228.  
229. if ($row['land']) {
230. $tpl->set('[land]', "");
231. $tpl->set('[/land]', "");
232. $tpl->set('{land}', stripslashes($row['land']));
233. $tpl->set_block("'\\[not-land\\](.*?)\\[/not-land\\]'si", "");
234.  
235. } else {
236. $tpl->set_block("'\\[land\\](.*?)\\[/land\\]'si", "");
237. $tpl->set('{land}', "");
238. $tpl->set('[not-land]', "");
239. $tpl->set('[/not-land]', "");
240. }
241.  
242. if ($row['info']) {
243. $tpl->set('[info]', "");
244. $tpl->set('[/info]', "");
245. $tpl->set('{info}', stripslashes($row['info']));
246. $tpl->set_block("'\\[not-info\\](.*?)\\[/not-info\\]'si", "");
247. } else {
248. $tpl->set_block("'\\[info\\](.*?)\\[/info\\]'si", "");
249. $tpl->set('{info}', "");
250. $tpl->set('[not-info]', "");
251. $tpl->set('[/not-info]', "");
252. }
253.  
254. if (($row['lastdate'] + 1200) > $_TIME) {
255.  
256. $tpl->set('[online]', "");
257. $tpl->set('[/online]', "");
258. $tpl->set_block("'\\[offline\\](.*?)\\[/offline\\]'si", "");
259.  
260. } else {
261. $tpl->set('[offline]', "");
262. $tpl->set('[/offline]', "");
263. $tpl->set_block("'\\[online\\](.*?)\\[/online\\]'si", "");
264. }
265.  
266. $tpl->set('{status}', $user_group[$row['user_group']]['group_prefix'] . $user_group[$row['user_group']]['group_name'] . $user_group[$row['user_group']]['group_suffix']);
267. $tpl->set('{registration}', langdate("j F Y H:i", $row['reg_date']));
268. $tpl->set('{lastdate}', langdate("j F Y H:i", $row['lastdate']));
269.  
270. if ($user_group[$row['user_group']]['icon'])
271. $tpl->set('{group-icon}', "<img src=\"" . $user_group[$row['user_group']]['icon'] . "\" border=\"0\" />");
272. else
273. $tpl->set('{group-icon}', "");
274.  
275. if ($is_logged and $user_group[$row['user_group']]['time_limit'] and ($member_id['user_id'] == $row['user_id'] or $member_id['user_group'] < 3)) {
276.  
277. $tpl->set_block("'\\[time_limit\\](.*?)\\[/time_limit\\]'si", "\\1");
278.  
279. if ($row['time_limit']) {
280.  
281. $tpl->set('{time_limit}', langdate("j F Y H:i", $row['time_limit']));
282.  
283. } else {
284.  
285. $tpl->set('{time_limit}', $lang['no_limit']);
286.  
287. }
288.  
289. } else {
290.  
291. $tpl->set_block("'\\[time_limit\\](.*?)\\[/time_limit\\]'si", "");
292.  
293. }
294.  
295. if ($row['comm_num']) {
296.  
297. $tpl->set('[comm-num]', "");
298. $tpl->set('[/comm-num]', "");
299. $tpl->set('{comm-num}', $row['comm_num']);
300. $tpl->set('{comments}', "<a href=\"$PHP_SELF?do=lastcomments&amp;userid=" . $row['user_id'] . "\">" . $lang['last_comm'] . "</a>");
301. $tpl->set_block("'\\[not-comm-num\\](.*?)\\[/not-comm-num\\]'si", "");
302.  
303. } else {
304.  
305. $tpl->set('{comments}', $lang['last_comm']);
306. $tpl->set('{comm-num}', 0);
307. $tpl->set_block("'\\[comm-num\\](.*?)\\[/comm-num\\]'si", "");
308. $tpl->set('[not-comm-num]', "");
309. $tpl->set('[/not-comm-num]', "");
310. }
311.  
312. if ($row['news_num']) {
313.  
314. if ($config['allow_alt_url']) {
315.  
316. $tpl->set('{news}', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode($row['name']) . "/news/" . "\">" . $lang['all_user_news'] . "</a>");
317. $tpl->set('[rss]', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode($row['name']) . "/rss.xml" . "\" title=\"" . $lang['rss_user'] . "\">");
318. $tpl->set('[/rss]', "</a>");
319.  
320. } else {
321.  
322. $tpl->set('{news}', "<a href=\"" . $PHP_SELF . "?subaction=allnews&amp;user=" . urlencode($row['name']) . "\">" . $lang['all_user_news'] . "</a>");
323. $tpl->set('[rss]', "<a href=\"engine/rss.php?subaction=allnews&amp;user=" . urlencode($row['name']) . "\" title=\"" . $lang['rss_user'] . "\">");
324. $tpl->set('[/rss]', "</a>");
325. }
326.  
327. $tpl->set('{news-num}', $row['news_num']);
328. $tpl->set('[news-num]', "");
329. $tpl->set('[/news-num]', "");
330. $tpl->set_block("'\\[not-news-num\\](.*?)\\[/not-news-num\\]'si", "");
331.  
332. } else {
333.  
334. $tpl->set('{news}', $lang['all_user_news']);
335. $tpl->set_block("'\\[rss\\](.*?)\\[/rss\\]'si", "");
336. $tpl->set('{news-num}', 0);
337. $tpl->set_block("'\\[news-num\\](.*?)\\[/news-num\\]'si", "");
338. $tpl->set('[not-news-num]', "");
339. $tpl->set('[/not-news-num]', "");
340. }
341.  
342. if ($row['signature'] and $user_group[$row['user_group']]['allow_signature']) {
343.  
344. $tpl->set_block("'\\[signature\\](.*?)\\[/signature\\]'si", "\\1");
345. $tpl->set('{signature}', stripslashes($row['signature']));
346.  
347. } else {
348.  
349. $tpl->set_block("'\\[signature\\](.*?)\\[/signature\\]'si", "");
350. $tpl->set('{signature}', "");
351. }
352.  
353. if ($config['allow_alt_url']) {
354.  
355. $profile = $config['http_home_url'] . "user/" . urlencode($row['name']) . "/";
356.  
357. } else {
358.  
359. $profile = $PHP_SELF . "?subaction=userinfo&user=" . urlencode($row['name']);
360.  
361. }
362.  
363. $tpl->set('{profile}', $profile);
364. $tpl->set('{profile_m}', "onclick=\"ShowProfile('" . urlencode($row['name']) . "', '" . $profile . "', '" . $user_group[$member_id['user_group']]['admin_editusers'] . "'); return false;\"");
365.  
366. $xfieldsaction = "list";
367. $xfieldsadd = false;
368. $xfieldsid = $row['xfields'];
369. include(ENGINE_DIR . '/inc/userfields.php');
370. $tpl->set('{xfields}', $output);
371.  
372. // Обработка дополнительных полей
373. $xfieldsdata = xfieldsdataload($row['xfields']);
374.  
375. foreach ($xfields as $value) {
376.  
377. $preg_safe_name = preg_quote($value[0], "'");
378.  
379. if ($value[5] != 1 OR ($is_logged AND $member_id['user_group'] == 1) OR ($is_logged AND $member_id['user_id'] == $row['user_id'])) {
380.  
381. if (empty($xfieldsdata[$value[0]])) {
382.  
383. $tpl->copy_template = preg_replace("'\\[xfgiven_{$preg_safe_name}\\](.*?)\\[/xfgiven_{$preg_safe_name}\\]'is", "", $tpl->copy_template);
384. $tpl->copy_template = str_replace("[xfnotgiven_{$preg_safe_name}]", "", $tpl->copy_template);
385. $tpl->copy_template = str_replace("[/xfnotgiven_{$preg_safe_name}]", "", $tpl->copy_template);
386.  
387. } else {
388.  
389. $tpl->copy_template = preg_replace("'\\[xfnotgiven_{$preg_safe_name}\\](.*?)\\[/xfnotgiven_{$preg_safe_name}\\]'is", "", $tpl->copy_template);
390. $tpl->copy_template = str_replace("[xfgiven_{$preg_safe_name}]", "", $tpl->copy_template);
391. $tpl->copy_template = str_replace("[/xfgiven_{$preg_safe_name}]", "", $tpl->copy_template);
392.  
393. }
394.  
395. $tpl->copy_template = preg_replace("'\\[xfvalue_{$preg_safe_name}\\]'i", stripslashes($xfieldsdata[$value[0]]), $tpl->copy_template);
396.  
397. } else {
398.  
399. $tpl->copy_template = preg_replace("'\\[xfgiven_{$preg_safe_name}\\](.*?)\\[/xfgiven_{$preg_safe_name}\\]'is", "", $tpl->copy_template);
400. $tpl->copy_template = preg_replace("'\\[xfvalue_{$preg_safe_name}\\]'i", "", $tpl->copy_template);
401. $tpl->copy_template = preg_replace("'\\[xfnotgiven_{$preg_safe_name}\\](.*?)\\[/xfnotgiven_{$preg_safe_name}\\]'is", "", $tpl->copy_template);
402.  
403. }
404.  
405. }
406. // Обработка дополнительных полей
407.  
408. $tpl->compile('content');
409.  
410. }
411.  
412. $tpl->clear();
413. $db->free($sql_result);
414.  
415. //####################################################################################################################
416. // Навигация по пользователям
417. //####################################################################################################################
418.  
419. $number = $searchcount;
420.  
421. $tpl->load_template('navigation.tpl');
422. //----------------------------------
423. // Previous link
424. //----------------------------------
425. if ($cstart > 1) {
426. $prev = $cstart - 1;
427.  
428. if ($prev == 1)
429. $prev_page = $PHP_SELF . "?do=users" . $postfix;
430. else
431. $prev_page = $PHP_SELF . "?do=users&amp;cstart=" . $prev . $postfix;
432.  
433. $tpl->set_block("'\[prev-link\](.*?)\[/prev-link\]'si", "<a href=\"" . $prev_page . "\">\\1</a>");
434.  
435. } else {
436.  
437. $tpl->set_block("'\[prev-link\](.*?)\[/prev-link\]'si", "<span>\\1</span>");
438. $no_prev = TRUE;
439.  
440. }
441.  
442. //----------------------------------
443. // Pages
444. //----------------------------------
445.  
446. if ($number) {
447.  
448. $enpages_count = @ceil($count_all / $number);
449. $pages = "";
450.  
451. if ($enpages_count <= 10) {
452.  
453. for ($j = 1; $j <= $enpages_count; $j++) {
454. if ($j != $cstart) {
455.  
456. if ($j == 1)
457. $pages .= "<a href=\"$PHP_SELF?do=users{$postfix}\">$j</a> ";
458. else
459. $pages .= "<a href=\"$PHP_SELF?do=users&amp;cstart=$j{$postfix}\">$j</a> ";
460.  
461. } else {
462. $pages .= "<span>$j</span> ";
463. }
464. }
465.  
466. } else {
467.  
468. $start = 1;
469. $end = 10;
470. $nav_prefix = "<span class=\"nav_ext\">{$lang['nav_trennen']}</span>";
471.  
472. if ($cstart > 0) {
473.  
474. if ($cstart > 6) {
475.  
476. $start = $cstart - 4;
477. $end = $start + 8;
478.  
479. if ($end >= $enpages_count) {
480. $start = $enpages_count - 9;
481. $end = $enpages_count - 1;
482. $nav_prefix = "";
483. } else
484. $nav_prefix = "<span class=\"nav_ext\">{$lang['nav_trennen']}</span>";
485.  
486. }
487.  
488. }
489.  
490. if ($start >= 2) {
491. $pages .= "<a href=\"$PHP_SELF?do=users{$postfix}\">1</a> <span class=\"nav_ext\">...</span> ";
492. }
493.  
494. for ($j = $start; $j <= $end; $j++) {
495.  
496. if ($j != $cstart) {
497. $pages .= "<a href=\"$PHP_SELF?do=users&amp;cstart=$j{$postfix}\">$j</a> ";
498. } else {
499. $pages .= "<span>$j</span> ";
500. }
501.  
502. }
503.  
504. if ($cstart != $enpages_count) {
505. $pages .= $nav_prefix . "<a href=\"$PHP_SELF?do=users&amp;cstart={$enpages_count}{$postfix}\">{$enpages_count}</a>";
506. } else
507. $pages .= "<span>{$enpages_count}</span>";
508.  
509. }
510.  
511. $tpl->set('{pages}', $pages);
512.  
513. }
514.  
515. //----------------------------------
516. // Next link
517. //----------------------------------
518. if ($number < $count_all and $i < $count_all) {
519. $next_page = $cstart + 1;
520.  
521. $next = $PHP_SELF . "?do=users&amp;cstart=" . $next_page . $postfix;
522.  
523. $tpl->set_block("'\[next-link\](.*?)\[/next-link\]'si", "<a href=\"" . $next . "\">\\1</a>");
524.  
525. } else {
526.  
527. $tpl->set_block("'\[next-link\](.*?)\[/next-link\]'si", "<span>\\1</span>");
528. $no_next = TRUE;
529.  
530. }
531.  
532.  
533. if (!$no_prev or !$no_next) {
534. $tpl->compile('content');
535. }
536.  
537. $tpl->clear();
538.  
539. ?>