Fix hidden users visibility
This commit is contained in:
parent
1efce0ad7b
commit
43d21eebb9
|
@ -504,10 +504,16 @@ class user
|
|||
return $name;
|
||||
}
|
||||
|
||||
public function hidden()
|
||||
public function hidden($user = null)
|
||||
{
|
||||
$profiles = $this->database->exec("SELECT `name` FROM `%PREFIX%_profiles` WHERE hidden = 1;", true);
|
||||
return $profiles;
|
||||
if(is_null($user)){
|
||||
$user = $this->auth->getUserId();
|
||||
}
|
||||
$result = $this->database->exec("SELECT `hidden` FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $user]);
|
||||
if(isset($result[0]) && isset($result[0]["hidden"])){
|
||||
return boolval($result[0]["hidden"]);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public function available($name)
|
||||
|
@ -599,16 +605,18 @@ class user
|
|||
if(is_null($editor)){
|
||||
$editor = $changed;
|
||||
}
|
||||
if($this->database->get_option("log_save_ip")){
|
||||
$ip = $this->tools->get_ip();
|
||||
} else {
|
||||
$ip = null;
|
||||
if(!$this->hidden($editor)){
|
||||
if($this->database->get_option("log_save_ip")){
|
||||
$ip = $this->tools->get_ip();
|
||||
} else {
|
||||
$ip = null;
|
||||
}
|
||||
$source_type = defined("REQUEST_USING_API") ? "api" : "web";
|
||||
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? mb_strimwidth($_SERVER['HTTP_USER_AGENT'], 0, 200, "...") : null;
|
||||
$params = [":action" => $action, ":changed" => $changed, ":editor" => $editor, ":timestamp" => $timestamp, ":ip" => $ip, "source_type" => $source_type, "user_agent" => $user_agent];
|
||||
$sql = "INSERT INTO `%PREFIX%_log` (`id`, `action`, `changed`, `editor`, `timestamp`, `ip`, `source_type`, `user_agent`) VALUES (NULL, :action, :changed, :editor, :timestamp, :ip, :source_type, :user_agent)";
|
||||
$this->database->exec($sql, false, $params);
|
||||
}
|
||||
$source_type = defined("REQUEST_USING_API") ? "api" : "web";
|
||||
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? mb_strimwidth($_SERVER['HTTP_USER_AGENT'], 0, 200, "...") : null;
|
||||
$params = [":action" => $action, ":changed" => $changed, ":editor" => $editor, ":timestamp" => $timestamp, ":ip" => $ip, "source_type" => $source_type, "user_agent" => $user_agent];
|
||||
$sql = "INSERT INTO `%PREFIX%_log` (`id`, `action`, `changed`, `editor`, `timestamp`, `ip`, `source_type`, `user_agent`) VALUES (NULL, :action, :changed, :editor, :timestamp, :ip, :source_type, :user_agent)";
|
||||
$this->database->exec($sql, false, $params);
|
||||
$this->tools->profiler_stop();
|
||||
}
|
||||
|
||||
|
|
|
@ -6,11 +6,9 @@ $user->online_time_update();
|
|||
|
||||
$result = $database->exec("SELECT * FROM `%PREFIX%_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC;", true);
|
||||
|
||||
$hidden = $user->hidden();
|
||||
|
||||
$response = [];
|
||||
foreach($result as $row){
|
||||
if(!in_array($row['name'], $hidden) && ($row['hidden'] == 0 && $row['disabled'] == 0)){
|
||||
if(!$user->hidden($row["id"])){
|
||||
if($user->requireRole(Role::FULL_VIEWER)){
|
||||
$name = $user->nameById($row["id"]);
|
||||
$name_encoded = urlencode($user->name());
|
||||
|
|
|
@ -6,8 +6,6 @@ $user->online_time_update();
|
|||
|
||||
$result = $database->exec("SELECT * FROM `%PREFIX%_log` ORDER BY `timestamp` DESC", true);
|
||||
|
||||
$hidden = $user->hidden();
|
||||
|
||||
//https://stackoverflow.com/a/2524761
|
||||
function isValidTimeStamp($timestamp)
|
||||
{
|
||||
|
@ -18,31 +16,29 @@ function isValidTimeStamp($timestamp)
|
|||
|
||||
$response = [];
|
||||
foreach($result as $row){
|
||||
if(!in_array($row['changed'], $hidden) OR in_array($user->name(), $hidden)){
|
||||
if(isValidTimeStamp($row["timestamp"])){
|
||||
$date = new DateTime();
|
||||
$date->setTimestamp($row["timestamp"]);
|
||||
$date = $date->format('Y-m-d H:i:s');
|
||||
} else {
|
||||
$date = $row["timestamp"];
|
||||
}
|
||||
if(!is_null($row["changed"])){
|
||||
$changedName = $user->nameById($row["changed"]);
|
||||
} else {
|
||||
$changedName = "N/A";
|
||||
}
|
||||
if(!is_null($row["editor"])){
|
||||
$editorName = $user->nameById($row["editor"]);
|
||||
} else {
|
||||
$editorName = "N/A";
|
||||
}
|
||||
$response[] = [
|
||||
t($row["action"], false),
|
||||
$changedName,
|
||||
$editorName,
|
||||
$date
|
||||
];
|
||||
if(isValidTimeStamp($row["timestamp"])){
|
||||
$date = new DateTime();
|
||||
$date->setTimestamp($row["timestamp"]);
|
||||
$date = $date->format('Y-m-d H:i:s');
|
||||
} else {
|
||||
$date = $row["timestamp"];
|
||||
}
|
||||
if(!is_null($row["changed"])){
|
||||
$changedName = $user->nameById($row["changed"]);
|
||||
} else {
|
||||
$changedName = "N/A";
|
||||
}
|
||||
if(!is_null($row["editor"])){
|
||||
$editorName = $user->nameById($row["editor"]);
|
||||
} else {
|
||||
$editorName = "N/A";
|
||||
}
|
||||
$response[] = [
|
||||
t($row["action"], false),
|
||||
$changedName,
|
||||
$editorName,
|
||||
$date
|
||||
];
|
||||
}
|
||||
$tools->ajax_page_response($response);
|
||||
?>
|
Loading…
Reference in New Issue