vb.org Archive - View Single Post

#5 08-30-2000, 01:18 AM

Thanks TechTalk,
I intentionally made it a separate .php file for the very reason that if it's not adopted into the final release

I will have to stick it into the code again and again (like PMs).

Actually, I've updated it a lot to fix miscellaneous bugs that I've found (the largest one being the fact that non-moderators can view the topics of moderator-only threads -- this can be a security breach if you have important topics inside (such as "What to do with user XXX??").

Known bugs:
Logged out user (member.php?action=clearcookies)

Example:
http://www.baseballboards.com/boards...on=onlineusers

Here is whoisonline.php:

Code:

<?PHP
  require( "global.php" );
  
  
// ############################### start online users form ###############################
// #####
// ##### Online Users Modification
// #####
// ##### Matt Rogish
// ##### 7/5/00
// #####
// ##### Updated 8/29/00

if( $action == "onlineusers" ) {

  $loggedins   = $DB_site->query_first( "SELECT COUNT(sessionid) AS sessions FROM session" );
  $totalonline = $loggedins[ sessions ];

  $loggedins   = $DB_site->query_first( "SELECT COUNT(sessionid) AS sessions FROM session WHERE userid = 0" );
  $numberguest = $loggedins[ sessions ];

  $loggedins   = $DB_site->query_first( "SELECT COUNT(sessionid) AS sessions FROM session WHERE userid <> 0" );
  $numberregistered = $loggedins[ sessions ];

  $numVisible = 0;
  $onlineNow = $DB_site->query( "SELECT s.userid, u.username, s.location FROM session s LEFT JOIN user u ON u.userid = s.userid WHERE s.userid <> 0 AND u.invisible = 0 ORDER BY u.username ASC" );
  

  if( $online = $DB_site->fetch_array( $onlineNow ) ) {

    $numVisible++;
    $userid    = $online[ userid   ];
    $username  = $online[ username ];
    $location  = $online[ location ];

    // Save our hyperlink
    $locationLink = $location; 

    // Give us the .php file and path    
    $phpFile = strtok( $location, "?" );    

      // Give us the extra threadid=47565&pagenumber=2 
    $queryString = strtok( "?" );

    if( empty( $queryString ) ) {

      if( strpos( $location, "chat" ) ) {
        
        $location = "$bbtitle Chat";
        
      } else {
      
        $location = "$bbtitle Main";
        
      } // end if
    
    } else {

      // Give us the query (threadID, forumID, etc.)    
      $query = strtok( $queryString, "=" );

      if( strcasecmp( $query, "action" ) == 0 ) {
        // Then we are either newreply or getinfo, etc.
        $query = strtok( "&" );

        // Preserve the "newreply" or "editpost"
        $mainQuery = $query;

        // Get the "other" thing
        $query = strtok( "=" );

      } // end if

      // Give us the number (potentially followed by other things)
      $oldID = strtok( "=" );

      // Clear out the ID
      $id = "";

      if( eregi( "[0-9]+", $oldID, $cleanIDArray ) ) {
        for( $i = 0; $i <= count( $cleanIDArray ); $i++ ) {
          $id .= $cleanIDArray[ $i ];
        } // end for
      } else {
        // Nothing, so probably the main page
        $location = "$bbtitle Main";
      } // end if

      if( empty( $id ) ) {
        $id = 0;
      } // end if

      if( strcasecmp( $query, "threadid" ) == 0 ){

        $threadTitle = $DB_site->query_first( "SELECT title, forumid FROM thread WHERE threadid=$id" );
        $location    = $threadTitle[ title   ];
        $forumid     = $threadTitle[ forumid ];

        $forumid     = verifyid( "forum", $forumid );

        $getperms    = getpermissions( $bbuserid, $bbusergroupid, $forumid );
        if( $getperms[ canview ] == 0 ) {
          $location = "Moderators Only Thread";
          $locationLink = "/boards/";
        } // end if

      } else if( strcasecmp( $query, "forumid" ) == 0 and strcasecmp( $mainQuery, "newthread" ) != 0 ) {

        $forumTitle = $DB_site->query_first( "SELECT title FROM forum WHERE forumid=$id" );    
        $location   = $forumTitle[ title ];

      } else if( strcasecmp( $query, "postid" ) == 0 and strcasecmp( $mainQuery, "editpost" ) != 0 ){
        $getthreadid = $DB_site->query_first( "SELECT threadid FROM post WHERE postid=$id" );
        $threadid    = $getthreadid[ threadid ];

        if( !empty( $threadid ) ) {

          $threadTitle = $DB_site->query_first( "SELECT title, forumid FROM thread WHERE threadid=$threadid" );
          $location    = $threadTitle[ title  ];
          $forumid     = $threadTitle[ forumid ];
          
          $forumid     = verifyid( "forum", $forumid );
          
          $getperms    = getpermissions( $bbuserid, $bbusergroupid, $forumid );
          if( $getperms[ canview ] == 0 ) {
            $location  = "Moderators Only Thread";
            $locationLink = "/boards/";
          } // end if
     
        } else {

          $location = "Unknown location!"; 
          
        } // end if

      } else if( strcasecmp( $mainQuery, "getinfo" ) == 0 ) {

        $userResult = $DB_site->query_first( "SELECT username FROM user WHERE userid=$id" );
        $userName   = $userResult[ username ];

        $location   = "Get User Information For: $userName";
        
      } else if( strcasecmp( $mainQuery, "newthread" ) == 0 ) {          

        $forumTitle = $DB_site->query_first( "SELECT title FROM forum WHERE forumid=$id" );    
        $forum      = $forumTitle[ title ];
                  
        $location = "Creating new thread in $forum";

      } else if( strpos( $phpFile, "private.php" ) ) {          

        $location = "Private Messaging";
        
      } else if( strpos( $phpFile, "search.php" ) ) {          

        $location = "Searching"; 
        
      } else if( strpos( $phpFile, "memberlist.php" ) ) {          

        $location = "Member Listing";         

      } else if( strcasecmp( $mainQuery, "editpost" ) == 0 ) {        
      
        $getthread = $DB_site->query_first( "SELECT threadid FROM post WHERE postid=$id" );
        $threadid  = $getthread[ threadid ];

        if( !empty( $threadid ) ) {
        
          $threadTitle = $DB_site->query_first( "SELECT title, forumid FROM thread WHERE threadid=$threadid" );
          $thread      = $threadTitle[ title   ]; 
          $forumid     = $threadTitle[ forumid ];
          
          $forumid     = verifyid( "forum", $forumid );
          
          $getperms    = getpermissions( $bbuserid, $bbusergroupid, $forumid );
          if( $getperms[ canview ] == 0 ) {
            $thread = "Moderators Only Thread";
            $locationLink = "/boards/";
          } // end if

        } else {

          $location = "Unknown location!"; 
          
        } // end if
        
        $location = "Editing post in $thread";

      } else if( strcasecmp( $mainQuery, "onlineusers" ) == 0 ) {

        $location = "Online Users Listing";      
        
      } else {
      
        $location = "Unknown location!";

      } // end if
    } // end if

    eval("\$whoisonlinebits .= \"" . gettemplate("whoisonlinebit") . "\";");

    while( $online = $DB_site->fetch_array( $onlineNow ) ) {

      $numVisible++;
      $userid   = $online[ userid   ];
      $username = $online[ username ];
      $location = $online[ location ];

      // Save our hyperlink
      $locationLink = $location; 

      // Give us the .php file and path    
      $phpFile = strtok( $location, "?" );    

      // Give us the extra  threadid=47565&pagenumber=2 
      $queryString = strtok( "?" );

      if( empty( $queryString ) ) {

        if( strpos( $location, "chat" ) ) {

          $location = "$bbtitle Chat";

        } else {

          $location = "$bbtitle Main";

        } // end if

      } else {

        // Give us the query (threadID, forumID, etc.)    
        $query = strtok( $queryString, "=" );

        if( strcasecmp( $query, "action" ) == 0 ) {
          // Then we are either newreply or getinfo, etc.
          $query = strtok( "&" );

          // Preserve the "newreply" or "editpost"
          $mainQuery = $query;

          // Get the "other" thing
          $query = strtok( "=" );

        } // end if
        
        // Give us the number (potentially followed by other things)
        $oldID = strtok( "=" );

        // Clear out the ID
        $id = "";

        if( eregi( "[0-9]+", $oldID, $cleanIDArray ) ) {
          for( $i = 0; $i <= count( $cleanIDArray ); $i++ ) {
            $id .= $cleanIDArray[ $i ];
          } // end for
        } else {
          // Nothing, so probably the main page
          $location = "$bbtitle Main";
        } // end if

        if( empty( $id ) ) {
          $id = 0;
        } // end if

        if( strcasecmp( $query, "threadid" ) == 0 ){

          $threadTitle = $DB_site->query_first( "SELECT title, forumid FROM thread WHERE threadid=$id" );
          $location    = $threadTitle[ title   ];
          $forumid     = $threadTitle[ forumid ];
          
          $forumid     = verifyid( "forum", $forumid );
          
          $getperms    = getpermissions( $bbuserid, $bbusergroupid, $forumid );
          if( $getperms[ canview ] == 0 ) {
            $location  = "Moderators Only Thread";
            $locationLink = "/boards/";
          } // end if

        } else if( strcasecmp( $query, "forumid" ) == 0 and strcasecmp( $mainQuery, "newthread" ) != 0 ) {

          $forumTitle = $DB_site->query_first( "SELECT title FROM forum WHERE forumid=$id" );    
          $location   = $forumTitle[ title ];

        } else if( strcasecmp( $query, "postid" ) == 0 and strcasecmp( $mainQuery, "editpost" ) != 0 ) {

          $getthreadid = $DB_site->query_first( "SELECT threadid FROM post WHERE postid=$id" );
          $threadid    = $getthreadid[ threadid ];

          if( !empty( $threadid ) ) {
          
            $threadTitle = $DB_site->query_first( "SELECT title, forumid FROM thread WHERE threadid=$threadid" );
            $location    = $threadTitle[ title   ];
            $forumid     = $threadTitle[ forumid ];

            $forumid     = verifyid( "forum", $forumid );

            $getperms    = getpermissions( $bbuserid, $bbusergroupid, $forumid );
            if( $getperms[ canview ] == 0 ) {
              $location = "Moderators Only Thread";
              $locationLink = "/boards/";
            } // end if            
          
          } else {
          
            $location = "Unknown location!";
            
          } // end if

        } else if( strcasecmp( $mainQuery, "getinfo" ) == 0 ) {
          
          $userResult = $DB_site->query_first( "SELECT username FROM user WHERE userid=$id" );
          $userName   = $userResult[ username ];
          
          $location   = "Getting user information for $userName";

        } else if( strcasecmp( $mainQuery, "newthread" ) == 0 ) {          
        
          $forumTitle = $DB_site->query_first( "SELECT title FROM forum WHERE forumid=$id" );    
          $forum      = $forumTitle[ title ];
          
          $location = "Creating new thread in $forum";

        } else if( strpos( $phpFile, "private.php" ) ) {          

          $location = "Private Messaging";

        } else if( strpos( $phpFile, "search.php" ) ) {          

          $location = "Searching";
          
        } else if( strpos( $phpFile, "memberlist.php" ) ) {          

          $location = "Member Listing";                   

        } else if( strcasecmp( $mainQuery, "editpost" ) == 0 ) {        

          $getthread = $DB_site->query_first( "SELECT threadid FROM post WHERE postid=$id" );
          $threadid  = $getthread[ threadid ];
          
          if( !empty( $threadid ) ) {
          
            $threadTitle = $DB_site->query_first( "SELECT title, forumid FROM thread WHERE threadid=$threadid" );
            $thread      = $threadTitle[ title   ];     
            $forumid     = $threadTitle[ forumid ];

            $forumid     = verifyid( "forum", $forumid );

            $getperms    = getpermissions( $bbuserid, $bbusergroupid, $forumid );
            if( $getperms[ canview ] == 0 ) {
              $thread = "Moderators Only Thread";
              $locationLink = "/boards/";
            } // end if            

          } else {

            $location = "Unknown location!"; 
            
          } // end if
           
          $location = "Editing post in $thread";          
          
        } else if( strcasecmp( $mainQuery, "onlineusers" ) == 0 ) {
          
          $location = "Online Users Listing";
          
        } else {
        
          $location = "Unknown location!";

        } // end if
      } // end if

      eval( "\$whoisonlinebits .= \"" . gettemplate( "whoisonlinebit" ) . "\";" );

    } // end while
    eval( "echo dovars(\"" . gettemplate( "whoisonline" ) . "\");" );
  } // end if
} // end if
// #####
// ##### Online Users Modification
// #####
// ##### Matt Rogish
// ##### 7/5/00
// #####
// ##### Updated 8/29/00
// ############################### end online users form ###############################

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01780 seconds Memory Usage 1,849KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)bbcode_code (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: