This MOD is for add user IDs from editprofile so other user see your profile. If fail check, user is redirect to 4images error page. Same user ID value is check too.
Note:
Use space for each ID add.NO KAI - NO DEMO KAI I post screenshot.
// Step 1
In member.php file - showprofile action,
find:
if ($user_row = get_user_info($user_id)) {
add after:
if (function_exists('check_user_access_profile_field') && !check_user_access_profile_field($user_info['user_id'], $user_row['user_access_profile']) && $user_row['user_id'] != $user_info['user_id'] && $user_info['user_level'] != ADMIN) {
show_error_page($lang['user_access_profile_no_permission']);
}
// Step 1.1
find:
if ($action == "editprofile") {
$txt_clickstream = $lang['control_panel'];
if ($user_info['user_level'] == GUEST) {
show_error_page($lang['no_permission']);
exit;
}
add
before :
if ($action == "exec_edit_user_access_profile") {
if (isset($HTTP_POST_VARS['user_access_profile'])) {
$user_access_profile = (isset($HTTP_POST_VARS['user_access_profile'])) ? un_htmlspecialchars(trim((string)$HTTP_POST_VARS['user_access_profile'])) : "";
} else {
$user_access_profile = "";
}
if (empty($user_access_profile)) {
$action = "editprofile";
}
if (isset($user_access_profile) && !empty($user_access_profile)) {
if (function_exists('check_same_user_access_ids') && check_same_user_access_ids($user_info['user_id'], $user_access_profile)) {
$msg = $lang['user_access_profile_same_ids_error'];
$action = "editprofile";
} else {
$result = $site_db->query("UPDATE " . USERS_TABLE . " SET user_access_profile = '" . $user_access_profile . "' WHERE " . get_user_table_field("", "user_id") . " = " . $user_info['user_id']);
if ($result) {
$msg = $lang['user_access_profile_edit_success'];
$action = "editprofile";
}
}
}
}
if ($action == "edit_user_access_profile") {
$txt_clickstream = $lang['user_access_profile'];
$site_template->register_vars(array(
"lang_user_access_profile_textarea_title" => $lang['user_access_profile_textarea_title'],
"user_access_profile" => $user_info['user_access_profile'],
"lang_submit" => $lang['submit'],
"lang_reset" => $lang['reset']
));
$content = $site_template->parse_template("member_access_profile");
}
// Step 1.2
In editprofile action,
find:
"lang_icq" => $lang['icq'],
add after:
"url_user_access_profile" => $site_sess->url(ROOT_PATH . "member.php?action=edit_user_access_profile"),
// Step 2
In lang/english/main.php file,
add in top ?>:
//-----------------------------------------------------
//--- User access page --------------------------------
//-----------------------------------------------------
$lang['user_access_profile'] = "User Access Profile";
$lang['user_access_profile_textarea_title'] = "User Access Profile - Edit";
$lang['user_access_profile_edit_success'] = "Edit success !";
$lang['user_access_profile_no_permission'] = "You do not have permission to access this profile.";
$lang['user_access_profile_same_ids_error'] = "You cannot add your ID for viewing your own profile. Please try again without your own ID.";
// Step 3
In includes/functions.php file,
add in top ?>:
if (!function_exists('check_same_user_access_ids')) {
function check_same_user_access_ids($user_id, $user_access_profile) {
global $check_same_user_ids;
if (!isset($check_same_user_ids)) {
$ids = trim($user_access_profile);
$ids = preg_replace("/[\n\r]/is", " ", $ids);
$ids = str_replace(",", " ", $ids);
$ids = preg_quote($ids);
$ids = str_replace('/', '\\/', $ids);
$check_same_user_ids = preg_split("/\s+/", $ids);
}
foreach ($check_same_user_ids as $key => $val) {
if ($val == $user_id) {
return $user_id;
return $user_access_profile;
}
}
}
}
if (!function_exists('check_user_access_profile_field')) {
function check_user_access_profile_field($user_id, $user_access_profile) {
global $split_other_user_ids;
if (!isset($split_user_ids)) {
$ids = trim($user_access_profile);
$ids = preg_replace("/[\n\r]/is", " ", $ids);
$ids = str_replace(",", " ", $ids);
$ids = preg_quote($ids);
$ids = str_replace('/', '\\/', $ids);
$split_other_user_ids = preg_split("/\s+/", $ids);
}
foreach ($split_other_user_ids as $key => $val) {
if ($val == $user_id) {
return $user_id;
return $user_access_profile;
}
}
}
}
// Step 4
In templates/your_template/member_editprofile.html file,
find:
<p align="center">
<input type="submit" value="{lang_save}" class="button" />
<input type="reset" value="{lang_reset}" class="button" />
</p>
</form>
<br />
add after:
<table width="100%" border="0" cellpadding="4" cellspacing="0">
<tr>
<td valign="top" class="head1">{lang_user_access_profile}</td>
</tr>
</table>
<table width="100%" border="0" cellpadding="4" cellspacing="0">
<tr>
<td class="row1" width="100%" align="center"><a href="{url_user_access_profile}">{lang_user_access_profile}</a></td>
</tr>
</table>
<table width="100%" border="0" cellpadding="4" cellspacing="0">
<tr>
<td> </td>
</tr>
</table>
// Step 5
In templates/your_template , create new file:
member_access_profile.html .
Add:
<form method="post" action="{url_member}">
<input type="hidden" name="action" value="exec_edit_user_access_profile">
<table width="100%" border="0" cellpadding="4" cellspacing="0">
<tr>
<td valign="top" class="head1">{lang_user_access_profile_textarea_title}</td>
</tr>
</table>
<table width="100%" border="0" cellpadding="4" cellspacing="0">
<tr>
<td class="row1" width="100%" align="center"><textarea name="user_access_profile" class="textarea" />{user_access_profile}</textarea></td>
</tr>
</table>
<table width="100%" border="0" cellpadding="4" cellspacing="0">
<tr>
<td class="row1" width="50%" align="right"><input type="submit" name="submit" value="{lang_submit}" class="button"> </td>
<td class="row1" width="50%" align="left"> <input type="reset" name="reset" value="{lang_reset}" class="button"></td>
</tr>
</table>
<table width="100%" border="0" cellpadding="4" cellspacing="0">
<tr>
<td class="head1" width="100%" align="center"> </td>
</tr>
</table>
</form>
// Step 6
In includes/db_field_definitions.php file,
add in top ?>:
$additional_user_fields['user_access_profile'] = array($lang['user_access_profile'], "textarea", 0);
// Step 8
In SQL Patches MOD,
add:
ALTER TABLE 4images_users ADD user_access_profile TEXT NOT NULL default '';