Changeset 851 for trunk/Modules/User/Profile.php
- Timestamp:
- Jan 17, 2016, 10:07:13 PM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Modules/User/Profile.php
r850 r851 64 64 if($this->System->User->Id != null) $Action .= ' <a href="'.$this->System->Link('/export/?Action=Clone&ExportId='.$Export['Id']).'" onclick="return confirmAction(\''.T('Really clone item?').'\');">'.T('Clone').'</a>'; 65 65 $Output .= '<tr><td>'.HumanDate($Export['TimeCreate']).'</td>'. 66 '<td>'. $Export['Title'].'</td>'.66 '<td>'.htmlspecialchars($Export['Title']).'</td>'. 67 67 '<td>'.$Export['OutputType'].'</td>'. 68 68 '<td><a href="'.$this->System->Link('/client-version/?action=item&id='.$Export['ClientVersionId']).'">'.$Export['ClientVersion'].'</a></td>'. … … 109 109 { 110 110 $Output .= '<tr><td>'.HumanDate($DbRow['ModifyTime']).'</td>'. 111 112 113 111 '<td><a href="'.$this->System->Link('/form.php?group='.$DbRow['Group'].'&ID='.$DbRow['ID']).'">'.$DbRow['ID'].'</a></td>'. 112 '<td><a href="'.$this->System->Link('/form.php?group='.$DbRow['Group'].'&ID='.$DbRow['Take']).'">'.$DbRow['Take'].'</a></td>'. 113 '<td><a href="'.$this->System->Link('/TranslationList.php?group='.$DbRow['Group'].'&action=filter').'">'.T($DbRow['GroupName']).'</a></td></tr>'; 114 114 } 115 115 $Output .= '</table>'; … … 125 125 126 126 $Output .= '<div class="shoutbox">'; 127 $DbResult = $this->System->Database->query('SELECT `ForumText`.`Text`, `ForumText`.`Date`, `ForumText`.`UserName`,`ForumThread`.`Text` as `ThreadName`,`ForumText`.`Thread` FROM `ForumText` JOIN `ForumThread` ON `ForumThread`.`ID` = `ForumText`.`Thread` WHERE `ForumText`.`User` = '.($_GET['user'] * 1).' ORDER BY `ForumText`.`Date` DESC LIMIT '.$Count); 127 $DbResult = $this->System->Database->query('SELECT `ForumText`.`Text`, '. 128 '`ForumText`.`Date`, `ForumText`.`UserName`,`ForumThread`.`Text` AS `ThreadName`, '. 129 '`ForumText`.`Thread` FROM `ForumText` '. 130 'JOIN `ForumThread` ON `ForumThread`.`ID` = `ForumText`.`Thread` '. 131 'WHERE `ForumText`.`User` = '.($_GET['user'] * 1).' ORDER BY `ForumText`.`Date` DESC LIMIT '.$Count); 128 132 while($Line = $DbResult->fetch_assoc()) 129 $Output .= '<div><a href="'.$this->System->Link('/forum/?Thread='.$Line['Thread']).'">'.$Line['ThreadName'].'</a><br /><strong>'.$Line['UserName'].'</strong> ('.HumanDate($Line['Date']).'): '.$parser->qparse($Line['Text']).'</div> '; 133 $Output .= '<div><a href="'.$this->System->Link('/forum/?Thread='.$Line['Thread']).'">'.htmlspecialchars($Line['ThreadName']).'</a><br />'. 134 '<strong>'.$Line['UserName'].'</strong> ('.HumanDate($Line['Date']).'): '.htmlspecialchars($parser->qparse($Line['Text'])).'</div> '; 130 135 $Output .= '</div>'; 131 136 return($Output); … … 159 164 T('Level:').' <strong>'.$XP['Level'].'</strong> '.T('experience:').' '.ProgressBar(150, round($XP['XP'] / $XP['MaxXP'] * 100, 2), $XP['XP'].' / '.$XP['MaxXP']).'<br/>'; 160 165 if($UserLine['TeamName'] != '') 161 $Output .= T('Member of team:').' <a href="'.$this->System->Link('/team/?action=team&id='.$UserLine['Team']).'"><strong>'. $UserLine['TeamName'].'</strong></a><br />';166 $Output .= T('Member of team:').' <a href="'.$this->System->Link('/team/?action=team&id='.$UserLine['Team']).'"><strong>'.htmlspecialchars($UserLine['TeamName']).'</strong></a><br />'; 162 167 163 168 // User tags … … 175 180 } 176 181 177 $Output .= '<br /><fieldset><legend>'.T('Profile text:').'</legend>'. str_replace("\n", '<br/>', $UserLine['Info']).'</fieldset><br/>';182 $Output .= '<br /><fieldset><legend>'.T('Profile text:').'</legend>'.htmlspecialchars(str_replace("\n", '<br/>', $UserLine['Info'])).'</fieldset><br/>'; 178 183 179 184 $Output .= '<table class="Home"><tr>'. … … 183 188 $Output .= '<br />'.$this->ShowLastForum().'<br />'; 184 189 if($this->System->User->Licence(LICENCE_MODERATOR)) 185 {190 { 186 191 $Output .= '<fieldset><legend>Moderování</legend>'; 187 192 188 193 $Output .= '<form action="?user='.($_GET['user'] * 1).'" method="post">Přidání tagu uživateli:<br />'; 189 $Query = 'SELECT * FROM UserTagType';194 $Query = 'SELECT * FROM `UserTagType`'; 190 195 $DbResult = $this->Database->query($Query); 191 196 while ($UserTag = $DbResult->fetch_array()) {
Note:
See TracChangeset
for help on using the changeset viewer.