1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
|
if($action=="buddy_list") {
if($_POST['send']=="send") {
list($userid)=$db->query_first("SELECT userid FROM bb".$n."_users WHERE username='".addslashes(htmlspecialchars(trim($_POST['addtolist'])))."'");
if(!$userid) eval("error(\"".$tpl->get("error_usernotexist")."\");");
elseif($userid==$wbbuserdata[userid]) eval("error(\"".$tpl->get("error_cantaddyourself")."\");");
else {
$buddylist=add2list($wbbuserdata['buddylist'],$userid);
$buddydata=$db->query_first("SELECT inbuddylist FROM bb".$n."_users WHERE userid='$userid'");
$inbuddylist=add2list($buddydata['inbuddylist'],$wbbuserdata['userid']);
if($buddylist!=-1)
$ownid="$wbbuserdata[userid]";
$ownname="$wbbuserdata[username]";
$pntext1=" hat dich in die Freundesliste eingefuegt. Du kannst ihn oder sie noch nicht in der Freundesliste?";
$addlink = ' [url=usercp.php?action=buddy&add=$ownid]In Freundesliste hinzufügen[/url]';
$pntext="$ownname$pntext1$addlink";
$timestamp = time();
$db->query("INSERT INTO bb".$n."_privatemessage (senderid,recipientid,subject,message,sendtime,showsmilies) VALUES ('".$wbbuserdata['userid']."','".$userid."','Neue Freundschaft','".$pntext."','$timestamp','1')");
$db->query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'");
$db->query("UPDATE bb".$n."_users SET inbuddylist='$inbuddylist' WHERE userid='$userid'");
header("Location: usercp.php?action=buddy_list&sid=$session[hash]");
exit();
}
}
$listbit="";
if($wbbuserdata['buddylist']!="") {
$result = $db->query("SELECT u.userid, u.username, IF(s.lastactivity>=".(time()-$useronlinetimeout*60).ifelse($wbbuserdata['canuseacp']==1,""," AND u.invisible=0").",1,0) AS online FROM bb".$n."_users u
LEFT JOIN bb".$n."_sessions s USING (userid)
WHERE u.userid IN ('".str_replace(" ","','",$wbbuserdata[buddylist])."') ORDER BY online DESC, u.username ASC");
while($row=$db->fetch_array($result)) {
$posts['username']=$row['username'];
if($row['online']) eval ("\$user_online = \"".$tpl->get("thread_user_online")."\";");
else eval ("\$user_online = \"".$tpl->get("thread_user_offline")."\";");
eval ("\$listbit .= \"".$tpl->get("usercp_buddy_listbit")."\";");
}
}
$listbit2="";
if($wbbuserdata['inbuddylist']!="") {
$result2 = $db->query("SELECT u.userid, u.username, IF(s.lastactivity>=".(time()-$useronlinetimeout*60).ifelse($wbbuserdata['canuseacp']==1,""," AND u.invisible=0").",1,0) AS online FROM bb".$n."_users u
LEFT JOIN bb".$n."_sessions s USING (userid)
WHERE u.userid IN ('".str_replace(" ","','",$wbbuserdata[inbuddylist])."') ORDER BY online DESC, u.username ASC");
while($row2=$db->fetch_array($result2)) {
$posts['username']=$row2['username'];
if($row2['online']) eval ("\$user_online = \"".$tpl->get("thread_user_online")."\";");
else eval ("\$user_online = \"".$tpl->get("thread_user_offline")."\";");
eval ("\$listbit2 .= \"".$tpl->get("usercp_buddy_listbit2")."\";");
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_buddy_list")."\");");
}
if($action=="ignore_list") {
if($_POST['send']=="send") {
$result=$db->query_first("SELECT userid, ismod+issupermod+canuseacp AS status FROM bb".$n."_users LEFT JOIN bb".$n."_groups USING (groupid) WHERE username='".addslashes(htmlspecialchars(trim($_POST['addtolist'])))."'");
if(!$result[userid]) eval("error(\"".$tpl->get("error_usernotexist")."\");");
elseif($result[userid]==$wbbuserdata[userid]) eval("error(\"".$tpl->get("error_cantaddyourself")."\");");
elseif($result[status]!=0) eval("error(\"".$tpl->get("error_cantaddmods")."\");");
else {
$ignorelist=add2list($wbbuserdata['ignorelist'],$result['userid']);
if($ignorelist!=-1) $db->query("UPDATE bb".$n."_users SET ignorelist='$ignorelist' WHERE userid='$wbbuserdata[userid]'");
header("Location: usercp.php?action=ignore_list&sid=$session[hash]");
exit();
}
}
$listbit="";
if($wbbuserdata['ignorelist']!="") {
$result = $db->query("SELECT userid, username FROM bb".$n."_users WHERE userid IN ('".str_replace(" ","','",$wbbuserdata['ignorelist'])."') ORDER BY username ASC");
while($row=$db->fetch_array($result)) eval ("\$listbit .= \"".$tpl->get("usercp_ignore_listbit")."\";");
}
$listbit2="";
$result2 = $db->query("SELECT username, userid, ignorelist FROM bb".$n."_users WHERE username != '".$wbbuserdata['username']."' ORDER BY username ASC");
while($row2=$db->fetch_array($result2)) {
$row3 = str_replace(" ".$wbbuserdata['userid']." ","-",$row2['ignorelist']);
if($row3) {
eval ("\$listbit2 .= \"".$tpl->get("usercp_ignore_listbit2")."\";");
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_ignore_list")."\");");
}
if($action=="buddy") {
if($_GET['remove']) {
list($userid)=$db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['remove'])."'");
if(!$userid) eval("error(\"".$tpl->get("error_usernotexist")."\");");
else {
$buddylist=removeFromlist($wbbuserdata['buddylist'],$userid);
$buddydata=$db->query_first("SELECT inbuddylist FROM bb".$n."_users WHERE userid='$userid'");
$inbuddylist=removeFromlist($buddydata['inbuddylist'],$wbbuserdata['userid']);
if($buddylist!=-1)
$db->query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'");
$db->query("UPDATE bb".$n."_users SET inbuddylist='$inbuddylist' WHERE userid='$userid'");
header("Location: usercp.php?action=buddy_list&sid=$session[hash]");
exit();
}
}
if($_GET['add']) {
list($userid)=$db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['add'])."'");
if(!$userid) eval("error(\"".$tpl->get("error_usernotexist")."\");");
elseif($userid==$wbbuserdata['userid']) eval("error(\"".$tpl->get("error_cantaddyourself")."\");");
else {
$buddylist=add2list($wbbuserdata['buddylist'],$userid);
$buddydata=$db->query_first("SELECT inbuddylist FROM bb".$n."_users WHERE userid='$userid'");
$inbuddylist=add2list($buddydata['inbuddylist'],$wbbuserdata['userid']);
if($buddylist!=-1)
$ownid="$wbbuserdata[userid]";
$ownname="$wbbuserdata[username]";
$pntext1=" hat dich in die Freundesliste eingefuegt. Du kannst ihn oder sie noch nicht in der Freundesliste?";
$addlink = ' [url=usercp.php?action=buddy&add=$ownid]In Freundesliste hinzufügen[/url]';
$pntext="$ownname$pntext1$addlink";
$timestamp = time();
$db->query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'");
$db->query("UPDATE bb".$n."_users SET inbuddylist='$inbuddylist' WHERE userid='$userid'");
$db->query("INSERT INTO bb".$n."_privatemessage (senderid,recipientid,subject,message,sendtime,showsmilies) VALUES ('".$wbbuserdata['userid']."','".$userid."','Neue Freundschaft','".$pntext."','$timestamp','1')");
header("Location: usercp.php?action=buddy_list&sid=$session[hash]");
exit();
}
}
} |