Вход Регистрация
Файл: profile.php
Строк: 244
<?php
/**************************************************************************************************
| Scritter Script
| http://www.scritterscript.com
| webmaster@scritterscript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License 
| Agreement available at http://www.scritterscript.com/eula.html and to be bound by it.
|
| Copyright (c) 2011 ScritterScript.com. All rights reserved.
|**************************************************************************************************/

include("include/config.php");
include(
"include/functions/import.php");
$thebaseurl $config['baseurl'];
$theimgurl $config['imageurl'];

$uname cleanit($_REQUEST['uname']);
$uname preg_replace('/[^a-z0-9-_* ]/i'''$uname);
if(
$uname != "")
{
    
$query="SELECT USERID FROM members WHERE username='".mysql_real_escape_string($uname)."'";
    
$executequery=$conn->execute($query);
    
$USERID $executequery->fields['USERID'];    
}

if(
$USERID 0)
{    
    
update_viewcount_profile($USERID);
    
STemplate::assign('USERID',$USERID);
    
$query "SELECT * FROM members WHERE USERID='".mysql_real_escape_string($USERID)."' AND status='1'";
    
$executequery $conn->execute($query);
    
$profilearray $executequery->getarray();
    
STemplate::assign('p',$profilearray[0]);
    
$username $profilearray[0]['username'];
    
$saying $profilearray[0]['saying'];
    
$public $profilearray[0]['public'];
    
    if(
$public == "0")
    {
        
$ME intval($_SESSION['USERID']);
        if(
$ME 0)
        {
            if(
$USERID == $ME)
            {
                
$display "1";
            }
            else
            {
                
$is_fr check_friend($ME$USERID);
                if(
$is_fr == "1")
                {
                    
$display "1";
                }
                else
                {
                    
$display "2";
                }
            }
        }
        else
        {
            
$display "3";
        }
    }
    else
    {
        
$ME intval($_SESSION['USERID']);
        if(
$ME 0)
        {
            
$query="SELECT count(*) as total FROM block WHERE USERID='".mysql_real_escape_string($USERID)."' AND BID='".mysql_real_escape_string($ME)."'";
            
$executequery=$conn->execute($query);
            
$block_count $executequery->fields[total];
            if(
$block_count 0)
            {
                
$display "4";
            }
            else
            {
                
$display "1";
            }
        }
        else
        {
            
$display "1";
        }
    }
    
    
    if(
$display == "1")
    {
        
$page "1";
        
$currentpage $page;
        
        if (
$page >=2)
        {
            
$pagingstart = ($page-1)*$config['max_posts_userupdates'];
        }
        else
        {
            
$pagingstart "0";
        }
        
        
$query1 "SELECT DISTINCT A.ID FROM posts A, members B WHERE (A.USERID='".mysql_real_escape_string($USERID)."' AND A.USERID=B.USERID AND A.type='update')";    
        
        
$query2 "SELECT DISTINCT A.*, B.username FROM posts A, members B WHERE (A.USERID='".mysql_real_escape_string($USERID)."' AND A.USERID=B.USERID AND A.type='update') order by A.ID desc limit $pagingstart$config[max_posts_userupdates]";
                
        
$executequery1 $conn->Execute($query1);
        
        
$totalposts count($executequery1->getrows());
        if (
$totalposts 0)
        {
            if(
$totalposts<=$config['maximum_results'])
            {
                
$total $totalposts;
            }
            else
            {
                
$total $config[maximum_results];
            }
            
            
$executequery2 $conn->Execute($query2);
            
$posts $executequery2->getrows();
        }
        
STemplate::assign('posts',$posts);
        
        if(
$_REQUEST['subfollow'] == "1")
        {
            
$FID intval($_SESSION['USERID']);
            if(
$FID 0)
            {
                
$fquery="INSERT into follow SET FID='".mysql_real_escape_string($USERID)."', USERID='".mysql_real_escape_string($FID)."'";
                
$conn->execute($fquery);
                
                
//e-mail
                
$equery="SELECT username, email, alert_fol FROM members WHERE USERID='".mysql_real_escape_string($USERID)."' AND status='1'";
                
$executequerye=$conn->execute($equery);
                
$eusername $executequerye->fields['username'];
                
$sendto $executequerye->fields['email'];
                
$alert_fol $executequerye->fields['alert_fol'];
                if(
$alert_fol == "1")
                {
                    
$sendername $config['site_name'];
                    
$from $config['site_email'];
                    
$subject $lang['280'];
                    
$link $thebaseurl."/".stripslashes($_SESSION['USERNAME']);
                    
$sendmailbody stripslashes($eusername).",<br><br><a href="$link" target="_blank">".stripslashes($_SESSION['USERNAME'])."</a> ".$lang['281']."<br><br>".$lang['69'].",<br>".$sendername;
                    
mailme($sendto,$sendername,$from,$subject,$sendmailbody,$bcc="");
                }
                
//end email
            
}
        }
        elseif(
$_REQUEST['subufollow'] == "1")
        {
            
$FID intval($_SESSION['USERID']);
            if(
$FID 0)
            {
                
$fquery="DELETE FROM follow WHERE FID='".mysql_real_escape_string($USERID)."' AND USERID='".mysql_real_escape_string($FID)."'";
                
$conn->execute($fquery);
            }
        }
        elseif(
$_REQUEST['saddfr'] == "1")
        {
            
$FID intval($_SESSION['USERID']);
            if(
$FID 0)
            {
                
$fquery="INSERT INTO messages_inbox SET MSGTO='".mysql_real_escape_string($USERID)."', MSGFROM='".mysql_real_escape_string($FID)."', type='fr', time='".time()."'";
                
$conn->execute($fquery);
                
$msg $lang['216'];
                
                
//e-mail
                
$equery="SELECT username, email, alert_fr FROM members WHERE USERID='".mysql_real_escape_string($USERID)."' AND status='1'";
                
$executequerye=$conn->execute($equery);
                
$eusername $executequerye->fields['username'];
                
$sendto $executequerye->fields['email'];
                
$alert_fr $executequerye->fields['alert_fr'];
                if(
$alert_fr == "1")
                {
                    
$sendername $config['site_name'];
                    
$from $config['site_email'];
                    
$subject $lang['277'];
                    
$link $thebaseurl."/inbox.php";
                    
$sendmailbody stripslashes($eusername).",<br><br>".stripslashes($_SESSION['USERNAME'])." ".$lang['278']."<br><br>".$lang['279']."<br><a href="$link" target="_blank">$link</a><br><br>".$lang['69'].",<br>".$sendername;
                    
mailme($sendto,$sendername,$from,$subject,$sendmailbody,$bcc="");
                }
                
//end email
            
}
        }
        elseif(
$_REQUEST['sremfr'] == "1")
        {
            
$FID intval($_SESSION['USERID']);
            if(
$FID 0)
            {
                
$fquery="UPDATE follow SET friend='0' WHERE USERID='".mysql_real_escape_string($USERID)."' AND FID='".mysql_real_escape_string($FID)."'";
                
$conn->execute($fquery);
                
$msg $lang['243'];
            }
        }
        elseif(
$_REQUEST['ssendmsg'] == "1")
        {
            
$mysub cleanit($_REQUEST['mysub']);
            
$mymsg cleanit($_REQUEST['mymsg']);
            if(
$mysub == "")
            {
                
$mserr $lang['240'];
            }
            elseif(
$mymsg == "")
            {
                
$mserr $lang['241'];
            }
            
            if(
$mserr == "")
            {
                
$FID intval($_SESSION['USERID']);
                if(
$FID 0)
                {
                    
$fquery="INSERT INTO messages_inbox SET MSGTO='".mysql_real_escape_string($USERID)."', MSGFROM='".mysql_real_escape_string($FID)."', subject='".mysql_real_escape_string($mysub)."', message='".mysql_real_escape_string($mymsg)."', time='".time()."'";
                    
$conn->execute($fquery);
                    
                    
//e-mail
                    
$equery="SELECT username, email, alert_msg FROM members WHERE USERID='".mysql_real_escape_string($USERID)."' AND status='1'";
                    
$executequerye=$conn->execute($equery);
                    
$eusername $executequerye->fields['username'];
                    
$sendto $executequerye->fields['email'];
                    
$alert_msg $executequerye->fields['alert_msg'];
                    if(
$alert_msg == "1")
                    {
                        
$sendername $config['site_name'];
                        
$from $config['site_email'];
                        
$subject $lang['282'];
                        
$link $thebaseurl."/inbox.php";
                        
$sendmailbody stripslashes($eusername).",<br><br>".stripslashes($_SESSION['USERNAME'])." ".$lang['283']."<br><br>".$lang['284']."<br><a href="$link" target="_blank">$link</a><br><br>".$lang['69'].",<br>".$sendername;
                        
mailme($sendto,$sendername,$from,$subject,$sendmailbody,$bcc="");
                    }
                    
//end email
                
}
                
$mserr $lang['229'];
            }
            else
            {
                
STemplate::assign('mysub',$mysub);
                
STemplate::assign('mymsg',$mymsg);
            }
            
STemplate::assign('mserr',$mserr);
        }
        
get_bg($USERID);
        
$templateselect "profile.tpl";
    }
    else
    {
        if(
$display == "2")
        {
            if(
$_REQUEST['saddprifr'] == "1")
            {
                
$FID intval($_SESSION['USERID']);
                if(
$FID 0)
                {
                    
$fquery="INSERT INTO messages_inbox SET MSGTO='".mysql_real_escape_string($USERID)."', MSGFROM='".mysql_real_escape_string($FID)."', type='fr', time='".time()."'";
                    
$conn->execute($fquery);
                    
$msg $lang['216'];
                    
                    
//e-mail
                    
$equery="SELECT username, email, alert_fr FROM members WHERE USERID='".mysql_real_escape_string($USERID)."' AND status='1'";
                    
$executequerye=$conn->execute($equery);
                    
$eusername $executequerye->fields['username'];
                    
$sendto $executequerye->fields['email'];
                    
$alert_fr $executequerye->fields['alert_fr'];
                    if(
$alert_fr == "1")
                    {
                        
$sendername $config['site_name'];
                        
$from $config['site_email'];
                        
$subject $lang['277'];
                        
$link $thebaseurl."/index.php";
                        
$sendmailbody stripslashes($eusername).",<br><br>".stripslashes($_SESSION['USERNAME']).$lang['278']."<br><br>".$lang['279']."<br><a href="$link" target="_blank">$link</a><br><br>".$lang['69'].",<br>".$sendername;
                        
mailme($sendto,$sendername,$from,$subject,$sendmailbody,$bcc="");
                    }
                    
//end email
                
}
            }
        }
        
STemplate::assign('display',$display);
        
$templateselect "profile_private.tpl";
    }
}
else
{
    
header("Location:$config[baseurl]");exit;
}

if(
$username != "")
{
    
$pagetitle $username."'s ";
    
$pagetitle .= $config['short_name'];
    if(
$saying != "")
    {
        
$pagetitle .= " - ".$saying;
    }
}

STemplate::assign('pagetitle',$pagetitle);
//TEMPLATES BEGIN
STemplate::assign('total',$total);
STemplate::assign('msg',$msg);
STemplate::display('header.tpl');
STemplate::display($templateselect);
STemplate::display('footer.tpl');
//TEMPLATES END
?>
Онлайн: 1
Реклама