From Dave_L

You can prevent anonymous users from viewing profiles with a simple hack to userinfo.php:

include 'mainfile.php';
include_once XOOPS_ROOT_PATH.'/class/module.textsanitizer.php';

$xoopsUser or redirect_header('index.php', 3, _NOPERM); #*#NOVIEW_USER_PROFILE#

$uid = intval($_GET['uid']);

From Dave_L

If you want to suppress only certain fields, you could use the same concept:

if ($xoopsUser) {
   $xoopsTpl->assign('user_icq', $thisUser->getVar('user_icq'));
} else {
   $xoopsTpl->assign('user_icq', '(not available)');
}

From Dave_L

In userinfo.php, after $uid has been defined:

// (not tested)
$current_user_is_webmaster = is_object($xoopsUser) && in_array(XOOPS_GROUP_ADMIN, $xoopsUser->getGroups());

$member_handler =& xoops_gethandler('member');
$selected_user_is_webmaster = in_array(XOOPS_GROUP_ADMIN, $member_handler->getGroupsByUser($uid));

$selected_user_is_webmaster and !$current_user_is_webmaster and redirect_header('index.php', 3, _NOPERM);

At the top of userinfo.php (after mainfile.php)

if (!$xoopsUser) {
    redirect_header('index.php', 2, _NOPERM);
}

Open and edit userinfo.php on line 91

$xoopsTpl->assign('lang_email', _US_EMAIL);

Just comment out the line:

//$xoopsTpl->assign('lang_email', _US_EMAIL);

You will have to modify userinfo.php and edituser.php files (maybe other files)

comment out the lines you want rid of, something like the following in edituser.php file

//        $edituser->setVar('user_aim', $user_aim);
//        $edituser->setVar('user_yim', $user_yim);
//        $edituser->setVar('user_msnm', $user_msnm);

Open userinfo.php and find

$xoopsOption['pagetype'] = 'user';
include 'mainfile.php';
include_once XOOPS_ROOT_PATH.'/class/module.textsanitizer.php';

Then add the following (from admin.php) just below it, so that it's between the above and "$uid = intval($HTTP_GET_VARS['uid']);"
Code to add:

include XOOPS_ROOT_PATH."/include/cp_functions.php";
if ( !$xoopsUser ) {
    redirect_header('index.php',3,_AD_NORIGHT);
    exit();
}

This hardcodes that only members can view profiles, no matter where people find the users profiles links (well, I might be wrong, I feel so wrong tonite) but I guess it's a little broken because it'll display "_AD_NORIGHT" instead of the language string in the redirect page. But I'm way too tired to try to figure out why.

You don't need to include cp_functions.php

just the if (!$xoopsUser) clause will do - the language constant can be replaced with _NOPERM

Here's a more concise way of doing it:

$xoopsUser or redirect_header('index.php', 3, _NOPERM);

Perhaps something like

$uid = uid();
$xoopsrank = rank(uid)
if !($xoopsrank == "Webmaster" || $xoopsrank == "Moderator" || $xoopsrank == "Masterator") {
    redirect_header('index.php',3,_NOPERM);
    exit();
}

Here's my hack for that:

userinfo.php:

include_once XOOPS_ROOT_PATH.'/class/module.textsanitizer.php';

$xoopsUser or redirect_header('index.php', 3, _NOPERM);

$uid = intval($HTTP_GET_VARS['uid']);

at the top of userinfo.php - below the include statements - add this:

if (!$xoopsUser) {
    redirect_header('index.php', 3, 'You have got to register to access this page'); //Alternatively, use _NOPERM for localised message
}

This will block access for non-registered users - but any registered user will be able to see it, independent of group memberships.

Edit modules/system/blocks/system_blocks.php, and in the function b_system_newmembers_show (line 269 in version 2.0.5.2), change:

$block['users'][$i]['name'] = $newmembers[$i]->getVar('uname');

to:

$block['users'][$i]['name'] = $newmembers[$i]->getVar('name');