<?php /* Question2Answer (c) Gideon Greenspan http://www.question2answer.org/ File: qa-include/qa-page-user-profile.php Version: See define()s at top of qa-include/qa-base.php Description: Controller for user profile page, including wall This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. More about this license: http://www.question2answer.org/license.php */ if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser header('Location: ../'); exit; } require_once QA_INCLUDE_DIR.'qa-db-selects.php'; require_once QA_INCLUDE_DIR.'qa-app-format.php'; require_once QA_INCLUDE_DIR.'qa-app-limits.php'; require_once QA_INCLUDE_DIR.'qa-app-updates.php'; // $handle, $userhtml are already set by qa-page-user.php - also $userid if using external user integration // Redirect to 'My Account' page if button clicked if (qa_clicked('doaccount')) qa_redirect('account'); // Find the user profile and questions and answers for this handle $loginuserid = qa_get_logged_in_userid(); $identifier = QA_FINAL_EXTERNAL_USERS ? $userid : $handle; list($useraccount, $userprofile, $userfields, $usermessages, $userpoints, $userlevels, $navcategories, $userrank) = qa_db_select_with_pending( QA_FINAL_EXTERNAL_USERS ? null : qa_db_user_account_selectspec($handle, false), QA_FINAL_EXTERNAL_USERS ? null : qa_db_user_profile_selectspec($handle, false), QA_FINAL_EXTERNAL_USERS ? null : qa_db_userfields_selectspec(), QA_FINAL_EXTERNAL_USERS ? null : qa_db_recent_messages_selectspec(null, null, $handle, false, qa_opt_if_loaded('page_size_wall')), qa_db_user_points_selectspec($identifier), qa_db_user_levels_selectspec($identifier, QA_FINAL_EXTERNAL_USERS, true), qa_db_category_nav_selectspec(null, true), qa_db_user_rank_selectspec($identifier) ); if (!QA_FINAL_EXTERNAL_USERS) { foreach ($userfields as $index => $userfield) { if ( isset($userfield['permit']) && qa_permit_value_error($userfield['permit'], $loginuserid, qa_get_logged_in_level(), qa_get_logged_in_flags()) ) unset($userfields[$index]); // don't pay attention to user fields we're not allowed to view } } // Check the user exists and work out what can and can't be set (if not using single sign-on) $errors = array(); $loginlevel = qa_get_logged_in_level(); if (!QA_FINAL_EXTERNAL_USERS) { // if we're using integrated user management, we can know and show more require_once QA_INCLUDE_DIR.'qa-app-messages.php'; if ((!is_array($userpoints)) && !is_array($useraccount)) return include QA_INCLUDE_DIR.'qa-page-not-found.php'; $userid = $useraccount['userid']; $fieldseditable = false; $maxlevelassign = null; $maxuserlevel = $useraccount['level']; foreach ($userlevels as $userlevel) $maxuserlevel = max($maxuserlevel, $userlevel['level']); if ( isset($loginuserid) && ($loginuserid != $userid) && (($loginlevel >= QA_USER_LEVEL_SUPER) || ($loginlevel > $maxuserlevel)) && (!qa_user_permit_error()) ) { // can't change self - or someone on your level (or higher, obviously) unless you're a super admin if ($loginlevel >= QA_USER_LEVEL_SUPER) $maxlevelassign = QA_USER_LEVEL_SUPER; elseif ($loginlevel >= QA_USER_LEVEL_ADMIN) $maxlevelassign = QA_USER_LEVEL_MODERATOR; elseif ($loginlevel >= QA_USER_LEVEL_MODERATOR) $maxlevelassign = QA_USER_LEVEL_EXPERT; if ($loginlevel >= QA_USER_LEVEL_ADMIN) $fieldseditable = true; if (isset($maxlevelassign) && ($useraccount['flags'] & QA_USER_FLAGS_USER_BLOCKED)) $maxlevelassign = min($maxlevelassign, QA_USER_LEVEL_EDITOR); // if blocked, can't promote too high } $approvebutton = isset($maxlevelassign) && $useraccount['level'] < QA_USER_LEVEL_APPROVED && $maxlevelassign >= QA_USER_LEVEL_APPROVED && !($useraccount['flags'] & QA_USER_FLAGS_USER_BLOCKED) && qa_opt('moderate_users'); $usereditbutton = $fieldseditable || isset($maxlevelassign); $userediting = $usereditbutton && (qa_get_state() == 'edit'); $wallposterrorhtml = qa_wall_error_html($loginuserid, $useraccount['userid'], $useraccount['flags']); // This code is similar but not identical to that in to qq-page-user-wall.php $usermessages = array_slice($usermessages, 0, qa_opt('page_size_wall')); $usermessages = qa_wall_posts_add_rules($usermessages, 0); foreach ($usermessages as $message) { if ($message['deleteable'] && qa_clicked('m'.$message['messageid'].'_dodelete')) { if (!qa_check_form_security_code('wall-'.$useraccount['handle'], qa_post_text('code'))) $errors['page'] = qa_lang_html('misc/form_security_again'); else { qa_wall_delete_post($loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), $message); qa_redirect(qa_request(), null, null, null, 'wall'); } } } } // Process edit or save button for user, and other actions if (!QA_FINAL_EXTERNAL_USERS) { $reloaduser = false; if ($usereditbutton) { if (qa_clicked('docancel')) qa_redirect(qa_request()); elseif (qa_clicked('doedit')) qa_redirect(qa_request(), array('state' => 'edit')); elseif (qa_clicked('dosave')) { require_once QA_INCLUDE_DIR.'qa-app-users-edit.php'; require_once QA_INCLUDE_DIR.'qa-db-users.php'; $inemail = qa_post_text('email'); $inprofile = array(); foreach ($userfields as $userfield) $inprofile[$userfield['fieldid']] = qa_post_text('field_'.$userfield['fieldid']); if (!qa_check_form_security_code('user-edit-'.$handle, qa_post_text('code'))) { $errors['page'] = qa_lang_html('misc/form_security_again'); $userediting = true; } else { if (qa_post_text('removeavatar')) { qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_AVATAR, false); qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_GRAVATAR, false); if (isset($useraccount['avatarblobid'])) { require_once QA_INCLUDE_DIR.'qa-app-blobs.php'; qa_db_user_set($userid, 'avatarblobid', null); qa_db_user_set($userid, 'avatarwidth', null); qa_db_user_set($userid, 'avatarheight', null); qa_delete_blob($useraccount['avatarblobid']); } } if ($fieldseditable) { $filterhandle = $handle; // we're not filtering the handle... $errors = qa_handle_email_filter($filterhandle, $inemail, $useraccount); unset($errors['handle']); // ...and we don't care about any errors in it if (!isset($errors['email'])) if ($inemail != $useraccount['email']) { qa_db_user_set($userid, 'email', $inemail); qa_db_user_set_flag($userid, QA_USER_FLAGS_EMAIL_CONFIRMED, false); } if (count($inprofile)) { $filtermodules = qa_load_modules_with('filter', 'filter_profile'); foreach ($filtermodules as $filtermodule) $filtermodule->filter_profile($inprofile, $errors, $useraccount, $userprofile); } foreach ($userfields as $userfield) if (!isset($errors[$userfield['fieldid']])) qa_db_user_profile_set($userid, $userfield['title'], $inprofile[$userfield['fieldid']]); if (count($errors)) $userediting = true; qa_report_event('u_edit', $loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), array( 'userid' => $userid, 'handle' => $useraccount['handle'], )); } if (isset($maxlevelassign)) { $inlevel = min($maxlevelassign, (int)qa_post_text('level')); // constrain based on maximum permitted to prevent simple browser-based attack if ($inlevel != $useraccount['level']) qa_set_user_level($userid, $useraccount['handle'], $inlevel, $useraccount['level']); if (qa_using_categories()) { $inuserlevels = array(); for ($index = 1; $index <= 999; $index++) { $inlevel = qa_post_text('uc_'.$index.'_level'); if (!isset($inlevel)) break; $categoryid = qa_get_category_field_value('uc_'.$index.'_cat'); if (strlen($categoryid) && strlen($inlevel)) $inuserlevels[] = array( 'entitytype' => QA_ENTITY_CATEGORY, 'entityid' => $categoryid, 'level' => min($maxlevelassign, (int)$inlevel), ); } qa_db_user_levels_set($userid, $inuserlevels); } } if (empty($errors)) qa_redirect(qa_request()); list($useraccount, $userprofile, $userlevels) = qa_db_select_with_pending( qa_db_user_account_selectspec($userid, true), qa_db_user_profile_selectspec($userid, true), qa_db_user_levels_selectspec($userid, true, true) ); } } } if (qa_clicked('doapprove') || qa_clicked('doblock') || qa_clicked('dounblock') || qa_clicked('dohideall') || qa_clicked('dodelete')) { if (!qa_check_form_security_code('user-'.$handle, qa_post_text('code'))) $errors['page'] = qa_lang_html('misc/form_security_again'); else { if ($approvebutton && qa_clicked('doapprove')) { require_once QA_INCLUDE_DIR.'qa-app-users-edit.php'; qa_set_user_level($userid, $useraccount['handle'], QA_USER_LEVEL_APPROVED, $useraccount['level']); qa_redirect(qa_request()); } if (isset($maxlevelassign) && ($maxuserlevel < QA_USER_LEVEL_MODERATOR)) { if (qa_clicked('doblock')) { require_once QA_INCLUDE_DIR.'qa-app-users-edit.php'; qa_set_user_blocked($userid, $useraccount['handle'], true); qa_redirect(qa_request()); } if (qa_clicked('dounblock')) { require_once QA_INCLUDE_DIR.'qa-app-users-edit.php'; qa_set_user_blocked($userid, $useraccount['handle'], false); qa_redirect(qa_request()); } if (qa_clicked('dohideall') && !qa_user_permit_error('permit_hide_show')) { require_once QA_INCLUDE_DIR.'qa-db-admin.php'; require_once QA_INCLUDE_DIR.'qa-app-posts.php'; $postids = qa_db_get_user_visible_postids($userid); foreach ($postids as $postid) qa_post_set_hidden($postid, true, $loginuserid); qa_redirect(qa_request()); } if (qa_clicked('dodelete') && ($loginlevel >= QA_USER_LEVEL_ADMIN)) { require_once QA_INCLUDE_DIR.'qa-app-users-edit.php'; qa_delete_user($userid); qa_report_event('u_delete', $loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), array( 'userid' => $userid, 'handle' => $useraccount['handle'], )); qa_redirect('users'); } } } } if (qa_clicked('dowallpost')) { $inmessage = qa_post_text('message'); if (!strlen($inmessage)) $errors['message'] = qa_lang('profile/post_wall_empty'); elseif (!qa_check_form_security_code('wall-'.$useraccount['handle'], qa_post_text('code'))) $errors['message'] = qa_lang_html('misc/form_security_again'); elseif (!$wallposterrorhtml) { qa_wall_add_post($loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), $userid, $useraccount['handle'], $inmessage, ''); qa_redirect(qa_request(), null, null, null, 'wall'); } } } // Process bonus setting button if ( ($loginlevel >= QA_USER_LEVEL_ADMIN) && qa_clicked('dosetbonus') ) { require_once QA_INCLUDE_DIR.'qa-db-points.php'; $inbonus = (int)qa_post_text('bonus'); if (!qa_check_form_security_code('user-activity-'.$handle, qa_post_text('code'))) $errors['page'] = qa_lang_html('misc/form_security_again'); else { qa_db_points_set_bonus($userid, $inbonus); qa_db_points_update_ifuser($userid, null); qa_redirect(qa_request(), null, null, null, 'activity'); } } // Prepare content for theme $qa_content = qa_content_prepare(); $qa_content['title'] = qa_lang_html_sub('profile/user_x', $userhtml); $qa_content['error'] = @$errors['page']; if (isset($loginuserid) && !QA_FINAL_EXTERNAL_USERS) { $favoritemap = qa_get_favorite_non_qs_map(); $favorite = @$favoritemap['user'][$useraccount['userid']]; $qa_content['favorite'] = qa_favorite_form(QA_ENTITY_USER, $useraccount['userid'], $favorite, qa_lang_sub($favorite ? 'main/remove_x_favorites' : 'users/add_user_x_favorites', $handle)); } $qa_content['script_rel'][] = 'qa-content/qa-user.js?'.QA_VERSION; // General information about the user, only available if we're using internal user management if (!QA_FINAL_EXTERNAL_USERS) { $membertime = qa_time_to_string(qa_opt('db_time') - $useraccount['created']); $joindate = qa_when_to_html($useraccount['created'], 0); $qa_content['form_profile'] = array( 'tags' => 'method="post" action="'.qa_self_html().'"', 'style' => 'wide', 'fields' => array( 'avatar' => array( 'type' => 'image', 'style' => 'tall', 'label' => '', 'html' => qa_get_user_avatar_html($useraccount['flags'], $useraccount['email'], $useraccount['handle'], $useraccount['avatarblobid'], $useraccount['avatarwidth'], $useraccount['avatarheight'], qa_opt('avatar_profile_size')), 'id' => 'avatar', ), 'removeavatar' => null, 'duration' => array( 'type' => 'static', 'label' => qa_lang_html('users/member_for'), 'value' => qa_html( $membertime . ' (' . qa_lang_sub('main/since_x', $joindate['data']) . ')' ), 'id' => 'duration', ), 'level' => array( 'type' => 'static', 'label' => qa_lang_html('users/member_type'), 'tags' => 'name="level"', 'value' => qa_html(qa_user_level_string($useraccount['level'])), 'note' => (($useraccount['flags'] & QA_USER_FLAGS_USER_BLOCKED) && isset($maxlevelassign)) ? qa_lang_html('users/user_blocked') : '', 'id' => 'level', ), ), ); if (empty($qa_content['form_profile']['fields']['avatar']['html'])) unset($qa_content['form_profile']['fields']['avatar']); // Private message link if ( qa_opt('allow_private_messages') && isset($loginuserid) && ($loginuserid != $userid) && !($useraccount['flags'] & QA_USER_FLAGS_NO_MESSAGES) && !$userediting ) { $qa_content['form_profile']['fields']['level']['value'] .= strtr(qa_lang_html('profile/send_private_message'), array( '^1' => '<a href="'.qa_path_html('message/'.$handle).'">', '^2' => '</a>', )); } // Levels editing or viewing (add category-specific levels) if ($userediting) { if (isset($maxlevelassign)) { $qa_content['form_profile']['fields']['level']['type'] = 'select'; $showlevels = array(QA_USER_LEVEL_BASIC); if (qa_opt('moderate_users')) $showlevels[] = QA_USER_LEVEL_APPROVED; array_push($showlevels, QA_USER_LEVEL_EXPERT, QA_USER_LEVEL_EDITOR, QA_USER_LEVEL_MODERATOR, QA_USER_LEVEL_ADMIN, QA_USER_LEVEL_SUPER); $leveloptions = array(); $catleveloptions = array('' => qa_lang_html('users/category_level_none')); foreach ($showlevels as $showlevel) { if ($showlevel <= $maxlevelassign) { $leveloptions[$showlevel] = qa_html(qa_user_level_string($showlevel)); if ($showlevel > QA_USER_LEVEL_BASIC) $catleveloptions[$showlevel] = $leveloptions[$showlevel]; } } $qa_content['form_profile']['fields']['level']['options'] = $leveloptions; // Category-specific levels if (qa_using_categories()) { $catleveladd = strlen(qa_get('catleveladd')) > 0; if ((!$catleveladd) && !count($userlevels)) { $qa_content['form_profile']['fields']['level']['suffix'] = strtr(qa_lang_html('users/category_level_add'), array( '^1' => '<a href="'.qa_path_html(qa_request(), array('state' => 'edit', 'catleveladd' => 1)).'">', '^2' => '</a>', )); } else $qa_content['form_profile']['fields']['level']['suffix'] = qa_lang_html('users/level_in_general'); if ($catleveladd || count($userlevels)) $userlevels[] = array('entitytype' => QA_ENTITY_CATEGORY); $index = 0; foreach ($userlevels as $userlevel) { if ($userlevel['entitytype'] == QA_ENTITY_CATEGORY) { $index++; $id = 'ls_'.+$index; $qa_content['form_profile']['fields']['uc_'.$index.'_level'] = array( 'label' => qa_lang_html('users/category_level_label'), 'type' => 'select', 'tags' => 'name="uc_'.$index.'_level" id="'.qa_html($id).'" onchange="this.qa_prev=this.options[this.selectedIndex].value;"', 'options' => $catleveloptions, 'value' => isset($userlevel['level']) ? qa_html(qa_user_level_string($userlevel['level'])) : '', 'suffix' => qa_lang_html('users/category_level_in'), ); $qa_content['form_profile']['fields']['uc_'.$index.'_cat'] = array(); if (isset($userlevel['entityid'])) $fieldnavcategories = qa_db_select_with_pending(qa_db_category_nav_selectspec($userlevel['entityid'], true)); else $fieldnavcategories = $navcategories; qa_set_up_category_field($qa_content, $qa_content['form_profile']['fields']['uc_'.$index.'_cat'], 'uc_'.$index.'_cat', $fieldnavcategories, @$userlevel['entityid'], true, true); unset($qa_content['form_profile']['fields']['uc_'.$index.'_cat']['note']); } } $qa_content['script_lines'][] = array( "function qa_update_category_levels()", "{", "\tglob=document.getElementById('level_select');", "\tif (!glob)", "\t\treturn;", "\tvar opts=glob.options;", "\tvar lev=parseInt(opts[glob.selectedIndex].value);", "\tfor (var i=1; i<9999; i++) {", "\t\tvar sel=document.getElementById('ls_'+i);", "\t\tif (!sel)", "\t\t\tbreak;", "\t\tsel.qa_prev=sel.qa_prev || sel.options[sel.selectedIndex].value;", "\t\tsel.options.length=1;", // just leaves "no upgrade" element "\t\tfor (var j=0; j<opts.length; j++)", "\t\t\tif (parseInt(opts[j].value)>lev)", "\t\t\t\tsel.options[sel.options.length]=new Option(opts[j].text, opts[j].value, false, (opts[j].value==sel.qa_prev));", "\t}", "}", ); $qa_content['script_onloads'][] = array( "qa_update_category_levels();", ); $qa_content['form_profile']['fields']['level']['tags'] .= ' id="level_select" onchange="qa_update_category_levels();"'; } } } else { foreach ($userlevels as $userlevel) { if ( $userlevel['entitytype'] == QA_ENTITY_CATEGORY && $userlevel['level'] > $useraccount['level'] ) { $qa_content['form_profile']['fields']['level']['value'] .= '<br/>'. strtr(qa_lang_html('users/level_for_category'), array( '^1' => qa_html(qa_user_level_string($userlevel['level'])), '^2' => '<a href="'.qa_path_html(implode('/', array_reverse(explode('/', $userlevel['backpath'])))).'">'.qa_html($userlevel['title']).'</a>', )); } } } // Show any extra privileges due to user's level or their points $showpermits = array(); $permitoptions = qa_get_permit_options(); foreach ($permitoptions as $permitoption) { if ( // if not available to approved and email confirmed users with no points, but yes available to the user, it's something special qa_permit_error($permitoption, $userid, QA_USER_LEVEL_APPROVED, QA_USER_FLAGS_EMAIL_CONFIRMED, 0) && !qa_permit_error($permitoption, $userid, $useraccount['level'], $useraccount['flags'], $userpoints['points']) ) { if ($permitoption == 'permit_retag_cat') $showpermits[] = qa_lang(qa_using_categories() ? 'profile/permit_recat' : 'profile/permit_retag'); else $showpermits[] = qa_lang('profile/'.$permitoption); // then show it as an extra priviliege } } if (count($showpermits)) { $qa_content['form_profile']['fields']['permits'] = array( 'type' => 'static', 'label' => qa_lang_html('profile/extra_privileges'), 'value' => qa_html(implode("\n", $showpermits), true), 'rows' => count($showpermits), 'id' => 'permits', ); } // Show email address only if we're an administrator if (($loginlevel >= QA_USER_LEVEL_ADMIN) && !qa_user_permit_error()) { $doconfirms = qa_opt('confirm_user_emails') && $useraccount['level'] < QA_USER_LEVEL_EXPERT; $isconfirmed = ($useraccount['flags'] & QA_USER_FLAGS_EMAIL_CONFIRMED) > 0; $htmlemail = qa_html(isset($inemail) ? $inemail : $useraccount['email']); $qa_content['form_profile']['fields']['email'] = array( 'type' => $userediting ? 'text' : 'static', 'label' => qa_lang_html('users/email_label'), 'tags' => 'name="email"', 'value' => $userediting ? $htmlemail : ('<a href="mailto:'.$htmlemail.'">'.$htmlemail.'</a>'), 'error' => qa_html(@$errors['email']), 'note' => ($doconfirms ? (qa_lang_html($isconfirmed ? 'users/email_confirmed' : 'users/email_not_confirmed').' ') : ''). ($userediting ? '' : qa_lang_html('users/only_shown_admins')), 'id' => 'email', ); } // Show IP addresses and times for last login or write - only if we're a moderator or higher if (($loginlevel >= QA_USER_LEVEL_MODERATOR) && !qa_user_permit_error()) { $qa_content['form_profile']['fields']['lastlogin'] = array( 'type' => 'static', 'label' => qa_lang_html('users/last_login_label'), 'value' => strtr(qa_lang_html('users/x_ago_from_y'), array( '^1' => qa_time_to_string(qa_opt('db_time')-$useraccount['loggedin']), '^2' => qa_ip_anchor_html($useraccount['loginip']), )), 'note' => $userediting ? null : qa_lang_html('users/only_shown_moderators'), 'id' => 'lastlogin', ); if (isset($useraccount['written'])) { $qa_content['form_profile']['fields']['lastwrite'] = array( 'type' => 'static', 'label' => qa_lang_html('users/last_write_label'), 'value' => strtr(qa_lang_html('users/x_ago_from_y'), array( '^1' => qa_time_to_string(qa_opt('db_time')-$useraccount['written']), '^2' => qa_ip_anchor_html($useraccount['writeip']), )), 'note' => $userediting ? null : qa_lang_html('users/only_shown_moderators'), 'id' => 'lastwrite', ); } else unset($qa_content['form_profile']['fields']['lastwrite']); } // Show other profile fields $fieldsediting = $fieldseditable && $userediting; foreach ($userfields as $userfield) { if (($userfield['flags'] & QA_FIELD_FLAGS_LINK_URL) && !$fieldsediting) $valuehtml = qa_url_to_html_link(@$userprofile[$userfield['title']], qa_opt('links_in_new_window')); else { $value = @$inprofile[$userfield['fieldid']]; if (!isset($value)) $value = @$userprofile[$userfield['title']]; $valuehtml = qa_html($value, (($userfield['flags'] & QA_FIELD_FLAGS_MULTI_LINE) && !$fieldsediting)); } $label = trim(qa_user_userfield_label($userfield), ':'); if (strlen($label)) $label .= ':'; $notehtml = null; if (isset($userfield['permit']) && !$userediting) { if ($userfield['permit'] <= QA_PERMIT_ADMINS) $notehtml = qa_lang_html('users/only_shown_admins'); elseif ($userfield['permit'] <= QA_PERMIT_MODERATORS) $notehtml = qa_lang_html('users/only_shown_moderators'); elseif ($userfield['permit'] <= QA_PERMIT_EDITORS) $notehtml = qa_lang_html('users/only_shown_editors'); elseif ($userfield['permit'] <= QA_PERMIT_EXPERTS) $notehtml = qa_lang_html('users/only_shown_experts'); } $qa_content['form_profile']['fields'][$userfield['title']] = array( 'type' => $fieldsediting ? 'text' : 'static', 'label' => qa_html($label), 'tags' => 'name="field_'.$userfield['fieldid'].'"', 'value' => $valuehtml, 'error' => qa_html(@$errors[$userfield['fieldid']]), 'note' => $notehtml, 'rows' => ($userfield['flags'] & QA_FIELD_FLAGS_MULTI_LINE) ? 8 : null, 'id' => 'userfield-'.$userfield['fieldid'], ); } // Edit form or button, if appropriate if ($userediting) { if ( (qa_opt('avatar_allow_gravatar') && ($useraccount['flags'] & QA_USER_FLAGS_SHOW_GRAVATAR)) || (qa_opt('avatar_allow_upload') && ($useraccount['flags'] & QA_USER_FLAGS_SHOW_AVATAR) && isset($useraccount['avatarblobid'])) ) { $qa_content['form_profile']['fields']['removeavatar'] = array( 'type' => 'checkbox', 'label' => qa_lang_html('users/remove_avatar'), 'tags' => 'name="removeavatar"', ); } $qa_content['form_profile']['buttons'] = array( 'save' => array( 'tags' => 'onclick="qa_show_waiting_after(this, false);"', 'label' => qa_lang_html('users/save_user'), ), 'cancel' => array( 'tags' => 'name="docancel"', 'label' => qa_lang_html('main/cancel_button'), ), ); $qa_content['form_profile']['hidden'] = array( 'dosave' => '1', 'code' => qa_get_form_security_code('user-edit-'.$handle), ); } elseif ($usereditbutton) { $qa_content['form_profile']['buttons'] = array(); if ($approvebutton) { $qa_content['form_profile']['buttons']['approve'] = array( 'tags' => 'name="doapprove"', 'label' => qa_lang_html('users/approve_user_button'), ); } $qa_content['form_profile']['buttons']['edit'] = array( 'tags' => 'name="doedit"', 'label' => qa_lang_html('users/edit_user_button'), ); if (isset($maxlevelassign) && $useraccount['level'] < QA_USER_LEVEL_MODERATOR) { if ($useraccount['flags'] & QA_USER_FLAGS_USER_BLOCKED) { $qa_content['form_profile']['buttons']['unblock'] = array( 'tags' => 'name="dounblock"', 'label' => qa_lang_html('users/unblock_user_button'), ); if (!qa_user_permit_error('permit_hide_show')) { $qa_content['form_profile']['buttons']['hideall'] = array( 'tags' => 'name="dohideall" onclick="qa_show_waiting_after(this, false);"', 'label' => qa_lang_html('users/hide_all_user_button'), ); } if ($loginlevel >= QA_USER_LEVEL_ADMIN) { $qa_content['form_profile']['buttons']['delete'] = array( 'tags' => 'name="dodelete" onclick="qa_show_waiting_after(this, false);"', 'label' => qa_lang_html('users/delete_user_button'), ); } } else { $qa_content['form_profile']['buttons']['block'] = array( 'tags' => 'name="doblock"', 'label' => qa_lang_html('users/block_user_button'), ); } $qa_content['form_profile']['hidden'] = array( 'code' => qa_get_form_security_code('user-'.$handle), ); } } elseif (isset($loginuserid) && ($loginuserid == $userid)) { $qa_content['form_profile']['buttons'] = array( 'account' => array( 'tags' => 'name="doaccount"', 'label' => qa_lang_html('users/edit_profile'), ), ); } if (!is_array($qa_content['form_profile']['fields']['removeavatar'])) unset($qa_content['form_profile']['fields']['removeavatar']); $qa_content['raw']['account'] = $useraccount; // for plugin layers to access $qa_content['raw']['profile'] = $userprofile; } // Information about user activity, available also with single sign-on integration $qa_content['form_activity'] = array( 'title' => '<a name="activity">'.qa_lang_html_sub('profile/activity_by_x', $userhtml).'</a>', 'style' => 'wide', 'fields' => array( 'bonus' => array( 'label' => qa_lang_html('profile/bonus_points'), 'tags' => 'name="bonus"', 'value' => qa_html(isset($inbonus) ? $inbonus : $userpoints['bonus']), 'type' => 'number', 'note' => qa_lang_html('users/only_shown_admins'), 'id' => 'bonus', ), 'points' => array( 'type' => 'static', 'label' => qa_lang_html('profile/score'), 'value' => (@$userpoints['points'] == 1) ? qa_lang_html_sub('main/1_point', '<span class="qa-uf-user-points">1</span>', '1') : qa_lang_html_sub('main/x_points', '<span class="qa-uf-user-points">'.qa_html(number_format(@$userpoints['points'])).'</span>'), 'id' => 'points', ), 'title' => array( 'type' => 'static', 'label' => qa_lang_html('profile/title'), 'value' => qa_get_points_title_html(@$userpoints['points'], qa_get_points_to_titles()), 'id' => 'title', ), 'questions' => array( 'type' => 'static', 'label' => qa_lang_html('profile/questions'), 'value' => '<span class="qa-uf-user-q-posts">'.qa_html(number_format(@$userpoints['qposts'])).'</span>', 'id' => 'questions', ), 'answers' => array( 'type' => 'static', 'label' => qa_lang_html('profile/answers'), 'value' => '<span class="qa-uf-user-a-posts">'.qa_html(number_format(@$userpoints['aposts'])).'</span>', 'id' => 'answers', ), ), ); if ($loginlevel >= QA_USER_LEVEL_ADMIN) { $qa_content['form_activity']['tags'] = 'method="post" action="'.qa_self_html().'"'; $qa_content['form_activity']['buttons'] = array( 'setbonus' => array( 'tags' => 'name="dosetbonus"', 'label' => qa_lang_html('profile/set_bonus_button'), ), ); $qa_content['form_activity']['hidden'] = array( 'code' => qa_get_form_security_code('user-activity-'.$handle), ); } else unset($qa_content['form_activity']['fields']['bonus']); if (!isset($qa_content['form_activity']['fields']['title']['value'])) unset($qa_content['form_activity']['fields']['title']); if (qa_opt('comment_on_qs') || qa_opt('comment_on_as')) { // only show comment count if comments are enabled $qa_content['form_activity']['fields']['comments'] = array( 'type' => 'static', 'label' => qa_lang_html('profile/comments'), 'value' => '<span class="qa-uf-user-c-posts">'.qa_html(number_format(@$userpoints['cposts'])).'</span>', 'id' => 'comments', ); } if (qa_opt('voting_on_qs') || qa_opt('voting_on_as')) { // only show vote record if voting is enabled $votedonvalue = ''; if (qa_opt('voting_on_qs')) { $qvotes = @$userpoints['qupvotes']+@$userpoints['qdownvotes']; $innervalue = '<span class="qa-uf-user-q-votes">'.number_format($qvotes).'</span>'; $votedonvalue .= ($qvotes == 1) ? qa_lang_html_sub('main/1_question', $innervalue, '1') : qa_lang_html_sub('main/x_questions', $innervalue); if (qa_opt('voting_on_as')) $votedonvalue .= ', '; } if (qa_opt('voting_on_as')) { $avotes = @$userpoints['aupvotes']+@$userpoints['adownvotes']; $innervalue = '<span class="qa-uf-user-a-votes">'.number_format($avotes).'</span>'; $votedonvalue .= ($avotes == 1) ? qa_lang_html_sub('main/1_answer', $innervalue, '1') : qa_lang_html_sub('main/x_answers', $innervalue); } $qa_content['form_activity']['fields']['votedon'] = array( 'type' => 'static', 'label' => qa_lang_html('profile/voted_on'), 'value' => $votedonvalue, 'id' => 'votedon', ); $upvotes = @$userpoints['qupvotes']+@$userpoints['aupvotes']; $innervalue = '<span class="qa-uf-user-upvotes">'.number_format($upvotes).'</span>'; $votegavevalue = (($upvotes == 1) ? qa_lang_html_sub('profile/1_up_vote', $innervalue, '1') : qa_lang_html_sub('profile/x_up_votes', $innervalue)).', '; $downvotes = @$userpoints['qdownvotes']+@$userpoints['adownvotes']; $innervalue = '<span class="qa-uf-user-downvotes">'.number_format($downvotes).'</span>'; $votegavevalue .= ($downvotes == 1) ? qa_lang_html_sub('profile/1_down_vote', $innervalue, '1') : qa_lang_html_sub('profile/x_down_votes', $innervalue); $qa_content['form_activity']['fields']['votegave'] = array( 'type' => 'static', 'label' => qa_lang_html('profile/gave_out'), 'value' => $votegavevalue, 'id' => 'votegave', ); $innervalue = '<span class="qa-uf-user-upvoteds">'.number_format(@$userpoints['upvoteds']).'</span>'; $votegotvalue = ((@$userpoints['upvoteds'] == 1) ? qa_lang_html_sub('profile/1_up_vote', $innervalue, '1') : qa_lang_html_sub('profile/x_up_votes', $innervalue)).', '; $innervalue = '<span class="qa-uf-user-downvoteds">'.number_format(@$userpoints['downvoteds']).'</span>'; $votegotvalue .= (@$userpoints['downvoteds'] == 1) ? qa_lang_html_sub('profile/1_down_vote', $innervalue, '1') : qa_lang_html_sub('profile/x_down_votes', $innervalue); $qa_content['form_activity']['fields']['votegot'] = array( 'type' => 'static', 'label' => qa_lang_html('profile/received'), 'value' => $votegotvalue, 'id' => 'votegot', ); } if (@$userpoints['points']) { $qa_content['form_activity']['fields']['points']['value'] .= qa_lang_html_sub('profile/ranked_x', '<span class="qa-uf-user-rank">'.number_format($userrank).'</span>'); } if (@$userpoints['aselects']) { $qa_content['form_activity']['fields']['questions']['value'] .= ($userpoints['aselects'] == 1) ? qa_lang_html_sub('profile/1_with_best_chosen', '<span class="qa-uf-user-q-selects">1</span>', '1') : qa_lang_html_sub('profile/x_with_best_chosen', '<span class="qa-uf-user-q-selects">'.number_format($userpoints['aselects']).'</span>'); } if (@$userpoints['aselecteds']) { $qa_content['form_activity']['fields']['answers']['value'] .= ($userpoints['aselecteds'] == 1) ? qa_lang_html_sub('profile/1_chosen_as_best', '<span class="qa-uf-user-a-selecteds">1</span>', '1') : qa_lang_html_sub('profile/x_chosen_as_best', '<span class="qa-uf-user-a-selecteds">'.number_format($userpoints['aselecteds']).'</span>'); } // For plugin layers to access $qa_content['raw']['userid'] = $userid; $qa_content['raw']['points'] = $userpoints; $qa_content['raw']['rank'] = $userrank; // Wall posts if (!QA_FINAL_EXTERNAL_USERS && qa_opt('allow_user_walls')) { $qa_content['message_list'] = array( 'title' => '<a name="wall">'.qa_lang_html_sub('profile/wall_for_x', $userhtml).'</a>', 'tags' => 'id="wallmessages"', 'form' => array( 'tags' => 'name="wallpost" method="post" action="'.qa_self_html().'#wall"', 'style' => 'tall', 'hidden' => array( 'qa_click' => '', // for simulating clicks in Javascript 'handle' => qa_html($useraccount['handle']), 'start' => 0, 'code' => qa_get_form_security_code('wall-'.$useraccount['handle']), ), ), 'messages' => array(), ); if ($wallposterrorhtml) $qa_content['message_list']['error'] = $wallposterrorhtml; // an error that means we are not allowed to post else { $qa_content['message_list']['form']['fields'] = array( 'message' => array( 'tags' => 'name="message" id="message"', 'value' => qa_html(@$inmessage, false), 'rows' => 2, 'error' => qa_html(@$errors['message']), ), ); $qa_content['message_list']['form']['buttons'] = array( 'post' => array( 'tags' => 'name="dowallpost" onclick="return qa_submit_wall_post(this, true);"', 'label' => qa_lang_html('profile/post_wall_button'), ), ); } foreach ($usermessages as $message) $qa_content['message_list']['messages'][] = qa_wall_post_view($message); if ($useraccount['wallposts'] > count($usermessages)) $qa_content['message_list']['messages'][] = qa_wall_view_more_link($handle, count($usermessages)); } // Sub menu for navigation in user pages $ismyuser = isset($loginuserid) && $loginuserid == (QA_FINAL_EXTERNAL_USERS ? $userid : $useraccount['userid']); $qa_content['navigation']['sub'] = qa_user_sub_navigation($handle, 'profile', $ismyuser); return $qa_content; /* Omit PHP closing tag to help avoid accidental output */