Hello every body
Today i will explain how to hack your members profil for add user vote and user hits (visit counter)
Ok c'est partie !!!
1 - Copy all windows code contents
//-------------------------------------------------------------------------- //
// Users vrate Version 1.0 user_rate.php //
// //
// Author: David Auguste DeMâcon //
// Mail: daviddu54@allsecrets.net //
// Homepage: http://www.rencontre.allsecrets.net //
// //
// for XOOPS //
// ------------------------------------------------------------------------- //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details. //
// //
// You should have received a copy of the GNU General Public License //
// along with this program; if not, write to the Free Software //
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
// ------------------------------------------------------------------------- //
include("mainfile.php");
include_once XOOPS_ROOT_PATH."/class/module.textsanitizer.php";
include_once XOOPS_ROOT_PATH."/class/module.errorhandler.php";
include(XOOPS_ROOT_PATH."/language/".$xoopsConfig['language']."/user.php");
$myts =& MyTextSanitizer::getInstance(); // MyTextSanitizer object
if($HTTP_POST_VARS['submit']) {
$eh = new ErrorHandler; //ErrorHandler object
if(!$xoopsUser){
$ratinguser = 0;
}else{
$ratinguser = $xoopsUser->uid();
}
//Make sure only 1 anonymous from an IP in a single day.
$anonwaitdays = 1;
$ip = getenv("REMOTE_ADDR");
$uid = $HTTP_POST_VARS['uid'];
$rating = $HTTP_POST_VARS['rating'];
// Check if Rating is Null
if ($rating=="--") {
redirect_header("user_rate.php?uid=".$uid."",4,_US_NORATING);
exit();
}
// Check if REG user is trying to vote twice.
$result=$xoopsDB->query("SELECT ratinguser FROM ".$xoopsDB->prefix("users_votedata")." WHERE uid=$uid");
while(list($ratinguserDB)=$xoopsDB->fetchRow($result)) {
if ($ratinguserDB==$ratinguser) {
redirect_header("userinfo.php?uid=$uid",4,_US_VOTEONCE);
exit();
}
}
// Check if ANONYMOUS user is trying to vote more than once per day.
if ($ratinguser==0){
$yesterday = (time()-(86400 * $anonwaitdays));
$result=$xoopsDB->query("SELECT COUNT(*) FROM ".$xoopsDB->prefix("users_votedata")." WHERE uid=$uid AND ratinguser=0 AND ratinghostname = '$ip' AND ratingtimestamp > $yesterday");
list($anonvotecount) = $xoopsDB->fetchRow($result);
if ($anonvotecount >= 1) {
redirect_header("userinfo.php?uid=$uid",4,_US_VOTEONCE);
exit();
}
}
//All is well. Add to Line Item Rate to DB.
$newid = $xoopsDB->genId("users_votedata_ratingid_seq");
$datetime = time();
$xoopsDB->query("INSERT INTO ".$xoopsDB->prefix("users_votedata")." (ratingid, uid, ratinguser, rating, ratinghostname, ratingtimestamp) VALUES ($newid, $uid, $ratinguser, $rating, '$ip', $datetime)") or $eh("0013");
//All is well. Calculate Score & Add to Summary (for quick retrieval & sorting) to DB.
//updates rating data in itemtable for a given item
$query = "select rating FROM ".$xoopsDB->prefix("users_votedata")." WHERE uid = $uid";
$voteresult = $xoopsDB->query($query);
$votesDB = $xoopsDB->getRowsNum($voteresult);
$totalrating = 0;
while(list($rating)=$xoopsDB->fetchRow($voteresult)){
$totalrating += $rating;
}
$finalrating = $totalrating/$votesDB;
$finalrating = number_format($finalrating, 4);
$query = "UPDATE ".$xoopsDB->prefix("users")." SET rating=$finalrating, votes=$votesDB WHERE uid = $uid";
$xoopsDB->query($query);
$ratemessage = _US_VOTEAPPRE."
".sprintf(_US_THANKYOU,$xoopsConfig[sitename]);
redirect_header("userinfo.php?uid=$uid",4,$ratemessage);
exit();
} else {
include(XOOPS_ROOT_PATH."/header.php");
OpenTable();
$result=$xoopsDB->query("SELECT uname FROM ".$xoopsDB->prefix("users")." WHERE uid=$uid");
list($uname) = $xoopsDB->fetchRow($result);
$uname = $myts->makeTboxData4Show($uname);
echo "
80%">
$uname
- "._US_VOTEONCE."
- "
._US_RATINGSCALE."
- "
._US_BEOBJECTIVE."
- "
._US_DONOTVOTE."";
echo "
|
center">
POST" action="user_rate.php">
hidden" name="uid" value="$uid">
rating">
";
for($i=10;$i>0;$i--){
echo "$i."">".$i."n";
}
echo "
submit" name="submit" value=""._US_RATEIT.""n>";
echo " button" value=""._US_CANCEL."" onclick="javascript:history.go(-1)">n";
echo "
";
CloseTable();
}
include XOOPS_ROOT_PATH."/footer.php";
?> Create a newfiletexte ,paste all contents ,and rename it "user_rate.php" and send it in XOOPS racine (where is userinfo.php"
2 - Open userinfo.php and add this line just before "$gperm_handler"
//hack compteur de visite du profil
$page = !empty($HTTP_GET_VARS['page']) ? trim($HTTP_GET_VARS['page']) : '';
if ($page != '') {
$page = $HTTP_GET_VARS['page'];
} else {
$xoopsDB->queryF("update ".$xoopsDB->prefix("users")." set hits=hits+1 where uid=$uid ");
}
//fin du hack
Add this both line after this line :$xoopsTpl->assign('lang_avatar', _US_AVATAR);
$xoopsTpl->assign('lang_ratethisuser', _US_RATETHISUSER);
$xoopsTpl->assign('lang_votes', _US_VOTES);
$xoopsTpl->assign('user_votes', $thisUser->getVar('votes'));
$xoopsTpl->assign('lang_hits', _US_HITSC);
$xoopsTpl->assign('user_hits', $thisUser->getVar('hits'));
$rating = $thisUser->getVar("rating");
if (!empty($rating)) {
$xoopsTpl->assign('user_rating', number_format($rating, 2));
}
$xoopsTpl->assign('lang_ratingc', _US_RATINGC);
3 - Open kernel\user.php and add this 3 lines 108
$this->initVar('votes', XOBJ_DTYPE_OTHER, null, false);
$this->initVar('hits', XOBJ_DTYPE_OTHER, null, false);
$this->initVar('rating', XOBJ_DTYPE_OTHER, null, false);
4 - Open language\english\user.php and add this lines at end
define("_US_VOTEAPPRE","Votre vote est apprécié.");
define("_US_THANKYOU","Merci de prendre le temps pour votez pour un membre ici sur %s"); // %s is your site name
define("_US_VOTEONCE","Merci de ne pas voter pour le même membre plus d'une fois.");
define("_US_RATINGSCALE","L'échelle est 1 - 10, avec 1 étant faible et 10 étant excellent.");
define("_US_BEOBJECTIVE","Merci d'être objectif, si tous reçoivent un 1 ou un 10, les notations ne sont pas très utiles.");
define("_US_DONOTVOTE","Ne votez pas pour vous memes.");
define("_US_RATEIT","Votez pour ce membre !");
define("_US_CANCEL","Annuler !");
define("_US_NORATING","Vous avez annuler le vote!");
define in your language ,look in module mydownloads what is writting for example
5 - Open modules\system\template\system_userinfo.html and add this lines where you want
this is vote button ,the best place is at beginning
<input type="button" value="<{$lang_ratethisuser}>" onclick="location='<{$xoops_url}>/user_rate.php?uid=<{$user_uid}>'" />
Remplace your table "statistics" by this table ,they will display usr visit statistics and user votes statistics now
<table class="outer" cellpadding="4" cellspacing="1" width="100%">
<tr valign="top">
<th colspan="2" align="center"><{$lang_statistics}>th>
tr>
<tr valign="top">
<td class="head" width="50%"><{$lang_membersince}>td>
<td align="center" class="even"><{$user_joindate}>td>
tr>
<tr valign="top">
<td class="head" width="50%"><{$lang_rank}>td>
<td align="center" class="odd"><{$user_rankimage}><br /><{$user_ranktitle}>td>
tr>
<tr valign="top">
<td class="head" width="50%"><{$lang_posts}>td>
<td align="center" class="even"><{$user_posts}>td>
tr>
<tr valign="top">
<td class="head" width="50%"><{$lang_hits}>td>
<td align="center" class="odd"><{$user_hits}>td>
tr>
<tr valign="top">
<td class="head" width="50%"><{$lang_votes}>td>
<td align="center" class="odd"><{$user_votes}>td>
tr>
<tr valign="top">
<td class="head" width="50%"><{$lang_ratingc}>td>
<td align="center" class="odd"><{$user_rating}>td>
tr>
<tr valign="top">
<td class="head" width="50%"><{$lang_lastlogin}>td>
<td align="center" class="odd"><{$user_lastlogin}>td>
tr>
table>
6 - The last operation ,before to beginning save your database
ok go in your MySQL database ,click on "sql" and past this folder lines,and click on execute
ALTER TABLE `xoops_users`
ADD `hits` int(11) NOT NULL default '0',
ADD `rating` double(6,4) NOT NULL default '0.0000',
ADD `votes` int(5) unsigned NOT NULL default '0',
--
-- Structure de la table `xoops_users_votedata`
--
CREATE TABLE `xoops_users_votedata` (
`ratingid` int(11) unsigned NOT NULL auto_increment,
`uid` int(11) unsigned NOT NULL default '0',
`ratinguser` int(11) NOT NULL default '0',
`rating` tinyint(3) unsigned NOT NULL default '0',
`ratinghostname` varchar(60) NOT NULL default '',
`ratingtimestamp` int(10) NOT NULL default '0',
PRIMARY KEY (`ratingid`),
KEY `ratinguser` (`ratinguser`),
KEY `ratinghostname` (`ratinghostname`),
KEY `pid` (`uid`)
) ENGINE=MyISAM ;
Don't forget to change prefix if your prefixe is not "xoops"
that's all,normally your hack work as well now
best regards
