XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. Xoops Development / 
  3. Feature Request 
  4.  / New suggestion for the new Xoops Core for userinfo.php
Register
1
mramsey
New suggestion for the new Xoops Core for userinfo.php

  • 2005/4/12 10:18

  • mramsey

  • Just popping in

  • Posts: 33

  • Since: 2002/3/8 3


Hi All,

I’ve done a hack to userinfo.php to stop any other users to have access the personal account details of another user due to our registration & privacy obligations.

So if you can implement it to the new XOOPS core.

Also if you can have the entire user menu such as (edituser.php, lostpass.php, notifications.php, register.php, user.php, userinfo.php, viewpmsg.php) as a Module, so we can have an access to modify any information required such as we can enable or disable PM.

I am not a PHP programmer, but I learned PHP from Xoops, thank you teams.

It has two modifications
1- The userinfo.php hack
2- The new 'user_info_not.html' under the system modules.

USERINFO.PHP
<?php
// $Id: userinfo.php,v 1.18 2004/12/26 19:11:48 Onokazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
// <https://xoops.org/> //
// ------------------------------------------------------------------------ //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// You may not change or alter any portion of this comment or credits //
// of supporting developers from this source code or any supporting //
// source code which is considered copyrighted (c) material of the //
// original comment or credit authors. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details. //
// //
// You should have received a copy of the GNU General Public License //
// along with this program; if not, write to the Free Software //
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
// ------------------------------------------------------------------------ //

$xoopsOption['pagetype'] = 'user';
include 'mainfile.php';
include_once XOOPS_ROOT_PATH.'/class/module.textsanitizer.php';

include_once XOOPS_ROOT_PATH . '/modules/system/constants.php';

$uid = intval($_GET['uid']);
if ($uid <= 0) {
redirect_header('index.php', 3, _US_SELECTNG);
exit();
}

$gperm_handler = & xoops_gethandler( 'groupperm' );

$groups = is_object($xoopsUser) ? $xoopsUser->getGroups() : XOOPS_GROUP_ANONYMOUS;

$isAdmin = $gperm_handler->checkRight( 'system_admin', XOOPS_SYSTEM_USER, $groups); // isadmin is true if user has 'edit users' admin rights

if (is_object($xoopsUser)) {
if ($uid == $xoopsUser->getVar('uid')) {
$config_handler =& xoops_gethandler('config');
$xoopsConfigUser =& $config_handler->getConfigsByCat(XOOPS_CONF_USER);
$xoopsOption['template_main'] = 'system_userinfo.html';
include XOOPS_ROOT_PATH.'/header.php';
$xoopsTpl->assign('user_ownpage', true);
$xoopsTpl->assign('lang_editprofile', _US_EDITPROFILE);
$xoopsTpl->assign('lang_avatar', _US_AVATAR);
$xoopsTpl->assign('lang_inbox', _US_INBOX);
$xoopsTpl->assign('lang_logout', _US_LOGOUT);
if ($xoopsConfigUser['self_delete'] == 1) {
$xoopsTpl->assign('user_candelete', true);
$xoopsTpl->assign('lang_deleteaccount', _US_DELACCOUNT);
} else {
$xoopsTpl->assign('user_candelete', false);
}
$thisUser =& $xoopsUser;
} else {
$member_handler =& xoops_gethandler('member');
$thisUser =& $member_handler->getUser($uid);
if (!is_object($thisUser) || !$thisUser->isActive() ) {
redirect_header("index.php",3,_US_SELECTNG);
exit();
}
$xoopsOption['template_main'] = 'user_info_not.html';
include XOOPS_ROOT_PATH.'/header.php';
$xoopsTpl->assign('user_ownpage', false);
}
} else {
$member_handler =& xoops_gethandler('member');
$thisUser =& $member_handler->getUser($uid);
if (!is_object($thisUser) || !$thisUser->isActive()) {
redirect_header("index.php",3,_US_SELECTNG);
exit();
}
$xoopsOption['template_main'] = 'user_info_not.html';
include(XOOPS_ROOT_PATH.'/header.php');
$xoopsTpl->assign('user_ownpage', false);
}
$myts =& MyTextSanitizer::getInstance();
if ( is_object($xoopsUser) && $isAdmin ) {
$xoopsTpl->assign('lang_editprofile', _US_EDITPROFILE);
$xoopsTpl->assign('lang_deleteaccount', _US_DELACCOUNT);
$xoopsTpl->assign('user_uid', $thisUser->getVar('uid'));
}
$xoopsTpl->assign('lang_allaboutuser', sprintf(_US_ALLABOUT,$thisUser->getVar('uname')));
$xoopsTpl->assign('lang_avatar', _US_AVATAR);
$xoopsTpl->assign('user_avatarurl', 'uploads/'.$thisUser->getVar('user_avatar'));
$xoopsTpl->assign('lang_realname', _US_REALNAME);
$xoopsTpl->assign('user_realname', $thisUser->getVar('name'));
$xoopsTpl->assign('lang_website', _US_WEBSITE);
$xoopsTpl->assign('user_websiteurl', '<a href="'.$thisUser->getVar('url', 'E').'" target="_blank">'.$thisUser->getVar('url').'</a>');
$xoopsTpl->assign('lang_email', _US_EMAIL);
$xoopsTpl->assign('lang_privmsg', _US_PM);
$xoopsTpl->assign('lang_icq', _US_ICQ);
$xoopsTpl->assign('user_icq', $thisUser->getVar('user_icq'));
$xoopsTpl->assign('lang_aim', _US_AIM);
$xoopsTpl->assign('user_aim', $thisUser->getVar('user_aim'));
$xoopsTpl->assign('lang_yim', _US_YIM);
$xoopsTpl->assign('user_yim', $thisUser->getVar('user_yim'));
$xoopsTpl->assign('lang_msnm', _US_MSNM);
$xoopsTpl->assign('user_msnm', $thisUser->getVar('user_msnm'));
$xoopsTpl->assign('lang_location', _US_LOCATION);
$xoopsTpl->assign('user_location', $thisUser->getVar('user_from'));
$xoopsTpl->assign('lang_interest', _US_INTEREST);
$xoopsTpl->assign('user_interest', $thisUser->getVar('user_intrest'));
$xoopsTpl->assign('lang_occupation', _US_OCCUPATION);
$xoopsTpl->assign('user_occupation', $thisUser->getVar('user_occ'));
$xoopsTpl->assign('lang_extrainfo', _US_EXTRAINFO);
$xoopsTpl->assign('user_extrainfo', $myts->makeTareaData4Show($thisUser->getVar('bio', 'N'),0,1,1));
$xoopsTpl->assign('lang_statistics', _US_STATISTICS);
$xoopsTpl->assign('lang_membersince', _US_MEMBERSINCE);
$xoopsTpl->assign('user_joindate', formatTimestamp($thisUser->getVar('user_regdate'),'s'));
$xoopsTpl->assign('lang_rank', _US_RANK);
$xoopsTpl->assign('lang_posts', _US_POSTS);
$xoopsTpl->assign('lang_basicInfo', _US_BASICINFO);
$xoopsTpl->assign('lang_more', _US_MOREABOUT);
$xoopsTpl->assign('lang_myinfo', _US_MYINFO);
$xoopsTpl->assign('user_posts', $thisUser->getVar('posts'));
$xoopsTpl->assign('lang_lastlogin', _US_LASTLOGIN);
$xoopsTpl->assign('lang_notregistered', _US_NOTREGISTERED);

$xoopsTpl->assign('lang_signature', _US_SIGNATURE);
$xoopsTpl->assign('user_signature', $myts->makeTareaData4Show($thisUser->getVar('user_sig', 'N'),0,1,1));

if ($thisUser->getVar('user_viewemail') == 1) {
$xoopsTpl->assign('user_email', $thisUser->getVar('email', 'E'));
} else {
if (is_object($xoopsUser)) {
// All admins will be allowed to see emails, even those that are not allowed to edit users (I think it's ok like this)
if ($xoopsUserIsAdmin || ($xoopsUser->getVar("uid") == $thisUser->getVar("uid"))) {
$xoopsTpl->assign('user_email', $thisUser->getVar('email', 'E'));
} else {
$xoopsTpl->assign('user_email', '&nbsp;');
}
}
}
if (is_object($xoopsUser)) {
$xoopsTpl->assign('user_pmlink', "<a href=\"javascript:openWithSelfMain('".XOOPS_URL."/pmlite.php?send2=1&to_userid=".$thisUser->getVar('uid')."', 'pmlite', 450, 380);\"><img src=\"".XOOPS_URL."/images/icons/pm.gif\" alt=\"".sprintf(_SENDPMTO,$thisUser->getVar('uname'))."\" /></a>");
} else {
$xoopsTpl->assign('user_pmlink', '');
}
$userrank =& $thisUser->rank();
if ($userrank['image']) {
$xoopsTpl->assign('user_rankimage', '<img src="'.XOOPS_UPLOAD_URL.'/'.$userrank['image'].'" alt="" />');
}
$xoopsTpl->assign('user_ranktitle', $userrank['title']);
$date = $thisUser->getVar("last_login");
if (!empty($date)) {
$xoopsTpl->assign('user_lastlogin', formatTimestamp($date,"m"));
}


$module_handler =& xoops_gethandler('module');
$criteria = new CriteriaCompo(new Criteria('hassearch', 1));
$criteria->add(new Criteria('isactive', 1));
$mids =& array_keys($module_handler->getList($criteria));

foreach ($mids as $mid) {
// Hack by marcan : only return results of modules for which user has access permission
if ( $gperm_handler->checkRight('module_read', $mid, $groups)) {
$module =& $module_handler->get($mid);
$results =& $module->search('', '', 5, 0, $thisUser->getVar('uid'));
$count = count($results);
if (is_array($results) && $count > 0) {
for ($i = 0; $i < $count; $i++) {
if (isset($results[$i]['image']) && $results[$i]['image'] != '') {
$results[$i]['image'] = 'modules/'.$module->getVar('dirname').'/'.$results[$i]['image'];
} else {
$results[$i]['image'] = 'images/icons/posticon2.gif';
}
$results[$i]['link'] = 'modules/'.$module->getVar('dirname').'/'.$results[$i]['link'];
$results[$i]['title'] = $myts->makeTboxData4Show($results[$i]['title']);
$results[$i]['time'] = $results[$i]['time'] ? formatTimestamp($results[$i]['time']) : '';
}
if ($count == 5) {
$showall_link = '<a href="search.php?action=showallbyuser&mid='.$mid.'&uid='.$thisUser->getVar('uid').'">'._US_SHOWALL.'</a>';
} else {
$showall_link = '';
}
$xoopsTpl->append('modules', array('name' => $module->getVar('name'), 'results' => $results, 'showall_link' => $showall_link));
}
unset($module);
}
}
include XOOPS_ROOT_PATH.'/footer.php';
?>

USER_INFO_NOT.HTML
<p><html> <br>
<head> <br>
</head> <br>
<body > <br>
<center><br>
<br><br><br>
<table border="1" cellpadding="0" cellspacing="0" width="480"
style="border-collapse: collapse" bordercolor="#111111"><br>
<tr><br>
<td bgcolor="#314671" align="center"><img border="0" src="../../images/oops.gif"></td><br>
</tr><br>
<tr><br>
<td align="center"><b><br><br>
You have tried to access the personal account details of another user.<br><br>Due
to our registration & privacy obligations,<br>we do not allow such access.<br><br><br>
If you would like to contact the webmaster or the My web site<br><br>Please
email : <br>
<a href="mailto:email@localhost.com">email@localhost.com</a><br><br></b><br>
<b>You will be redirected...<br><br>
<br><br>
&nbsp;Thank you!<br><br>
&nbsp;</b></td><br>
</tr><br>
</table><br>
<h3>&nbsp;</h3><br>
<form name="redirect"> <br>
<input type="text" size="1" name="redirect2"> <br>
</form> <br>
<script> <br>
var targetURL="http://www.localhost.com/index.php" <br>
var countdownfrom=15 <br>
var currentsecond=document.redirect.redirect2.value=countdownfrom+1 <br>
function countredirect(){ <br>
if (currentsecond!=1){ <br>
currentsecond-=1 <br>
document.redirect.redirect2.value=currentsecond <br>
} <br>
else{ <br>
window.location=targetURL <br>
return <br>
} <br>
setTimeout("countredirect()",1000) <br>
} <br>
countredirect() <br>
//--> <br>
</script></center> <br>
</body> <br>
</html><br>
&nbsp;</p>

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

134 user(s) are online (93 user(s) are browsing Support Forums)

Members: 0

Guests: 134

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Apr 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits