Changeset 448261 for wordpress-users
- Timestamp:
- 10/07/2011 03:55:28 AM (14 years ago)
- Location:
- wordpress-users/trunk
- Files:
-
- 2 edited
-
readme.txt (modified) (2 diffs)
-
wp-users.php (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
wordpress-users/trunk/readme.txt
r297501 r448261 3 3 Tags: user, members, users, directory, profiles, profile 4 4 Requires at least: 2.5.1 5 Tested up to: 3. 0.16 Stable tag: 1. 35 Tested up to: 3.2.1 6 Stable tag: 1.4 7 7 8 8 Display your WordPress users and their profiles in an index on your site. … … 28 28 **Changelog** 29 29 30 * 1.4: Fixed security issue with potential SQL Injection flaw. Additional bug fixes. 30 31 * 1.3: Updated pagination. Moved page content from the bottom to the top of the page. 31 32 * 1.2: Bug fix for WordPress 3.0 compatibility. -
wordpress-users/trunk/wp-users.php
r297501 r448261 4 4 Plugin URI: http://kempwire.com/wordpress-users-plugin 5 5 Description: Display your WordPress users and user profiles. 6 Version: 1. 36 Version: 1.4 7 7 Author: Jonathan Kemp 8 8 Author URI: http://kempwire.com/ 9 9 10 Copyright 2009-201 0 Jonathan Kemp (email : jonkemp@comcast.net)10 Copyright 2009-2011 Jonathan Kemp (email : kempdogg@gmail.com) 11 11 12 12 This program is free software: you can redistribute it and/or modify … … 250 250 251 251 function get_user_listing($curauth) { 252 global $post; 252 253 $concat = wpu_concat_single(); 253 254 254 $html .= "<div class=\"wpu-user\">\n";255 $html = "<div class=\"wpu-user\">\n"; 255 256 if (get_option('wpu_image_list')) { 256 257 if(get_option('wpu_avatars') == "gravatars") { … … 282 283 283 284 function display_user() { 284 if(isset($_GET['uid'])) { 285 global $post; 286 287 if (isset($_GET['uid'])) { 285 288 $uid = $_GET['uid']; 286 289 $curauth = get_userdata($uid); 287 290 } 288 291 289 $recent_posts = get_recent_posts($uid); 290 $recent_comments = wpu_recent_comments($uid); 291 $created = date("F jS, Y", strtotime($curauth->user_registered)); 292 293 $html .= "<p><a href=" . get_permalink($post->ID) . ">« Back to " . get_the_title($post->ID) . " page</a></p>\n"; 294 295 $html .= "<h2>$curauth->display_name</h2>\n"; 296 297 if (get_option('wpu_image_profile')) { 298 if(get_option('wpu_avatars') == "gravatars") { 299 $html .= "<p><a href=\"http://en.gravatar.com/\" title=\"Get your own avatar.\">" . get_avatar($curauth->user_email, '96', $gravatar) . "</a></p>\n"; 300 } elseif (get_option('wpu_avatars') == "userphoto") { 301 if(function_exists('userphoto_the_author_photo')) 292 if ( $curauth ) { 293 $recent_posts = get_posts( array( 'numberposts' => 10, 'author' => $curauth->ID ) ); 294 $recent_comments = wpu_recent_comments($uid); 295 $created = date("F jS, Y", strtotime($curauth->user_registered)); 296 297 $html = "<p><a href=" . get_permalink($post->ID) . ">« Back to " . get_the_title($post->ID) . " page</a></p>\n"; 298 299 $html .= "<h2>$curauth->display_name</h2>\n"; 300 301 if (get_option('wpu_image_profile')) { 302 if(get_option('wpu_avatars') == "gravatars") { 303 $html .= "<p><a href=\"http://en.gravatar.com/\" title=\"Get your own avatar.\">" . get_avatar($curauth->user_email, '96', $gravatar) . "</a></p>\n"; 304 } elseif (get_option('wpu_avatars') == "userphoto") { 305 if(function_exists('userphoto_the_author_photo')) 306 { 307 $html .= "<p>" . userphoto__get_userphoto($curauth->ID, USERPHOTO_FULL_SIZE, "", "", array(), "") . "</p>\n"; 308 } 309 } 310 } 311 312 if ($curauth->user_url && $curauth->user_url != "http://") { 313 $html .= "<p><strong>Website:</strong> <a href=\"$curauth->user_url\" rel=\"nofollow\">$curauth->user_url</a></p>\n"; 314 } 315 316 $html .= "<p><strong>Joined on:</strong> " . $created . "</p>"; 317 318 if (get_option('wpu_description_profile')) { 319 if ($curauth->description) { 320 $html .= "<p><strong>Profile:</strong></p>\n"; 321 $html .= "<p>$curauth->description</p>\n"; 322 } 323 } 324 325 if ($recent_posts) { 326 $html .= "<h3>Recent Posts by $curauth->display_name</h3>\n"; 327 $html .= "<ul>\n"; 328 foreach( $recent_posts as $post ) 302 329 { 303 $html .= "<p>" . userphoto__get_userphoto($curauth->ID, USERPHOTO_FULL_SIZE, "", "", array(), "") . "</p>\n"; 304 } 305 } 306 } 307 308 if ($curauth->user_url && $curauth->user_url != "http://") { 309 $html .= "<p><strong>Website:</strong> <a href=\"$curauth->user_url\" rel=\"nofollow\">$curauth->user_url</a></p>\n"; 310 } 311 312 $html .= "<p><strong>Joined on:</strong> " . $created . "</p>"; 313 314 if (get_option('wpu_description_profile')) { 315 if ($curauth->description) { 316 $html .= "<p><strong>Profile:</strong></p>\n"; 317 $html .= "<p>$curauth->description</p>\n"; 318 } 319 } 320 321 if ($recent_posts) { 322 $html .= "<h3>Recent Posts by $curauth->display_name</h3>\n"; 323 $html .= "<ul>\n"; 324 foreach($recent_posts as $key=>$post) 325 { 326 $html .= "<li><a href=" . get_permalink($post->ID) . ">" . $post->post_title . "</a></li>"; 327 } 328 $html .= "</ul>\n"; 329 } 330 331 if ($recent_comments) { 332 $html .= "<h3>Recent Comments by $curauth->display_name</h3>\n"; 333 $html .= "<ul>\n"; 334 foreach($recent_comments as $key=>$comment) 335 { 336 $html .= "<li>\"" . $comment->comment_content . "\" on <a href=" . get_permalink($comment->comment_post_ID) . "#comment-" . $comment->comment_ID . ">" . get_the_title($comment->comment_post_ID) . "</a></li>"; 337 } 338 $html .= "</ul>\n"; 339 } 340 341 echo "<div id=\"wpu-profile\"> 342 "; 343 echo $html; 344 echo "</div> 345 "; 346 } 347 348 function get_recent_posts($uid) 349 { 350 global $wpdb; 351 352 $posts = $wpdb->get_results("SELECT post_title, ID 353 FROM $wpdb->posts 354 WHERE post_author = $uid AND post_type = 'post' AND post_status = 'publish' 355 ORDER BY post_date DESC 356 LIMIT 10 357 "); 358 359 return $posts; 330 setup_postdata($post); 331 332 $html .= "<li><a href=" . get_permalink($post->ID) . ">" . $post->post_title . "</a></li>"; 333 } 334 $html .= "</ul>\n"; 335 } 336 337 wp_reset_query(); 338 339 if ($recent_comments) { 340 $html .= "<h3>Recent Comments by $curauth->display_name</h3>\n"; 341 $html .= "<ul>\n"; 342 foreach($recent_comments as $key=>$comment) 343 { 344 $html .= "<li>\"" . $comment->comment_content . "\" on <a href=" . get_permalink($comment->comment_post_ID) . "#comment-" . $comment->comment_ID . ">" . get_the_title($comment->comment_post_ID) . "</a></li>"; 345 } 346 $html .= "</ul>\n"; 347 } 348 349 echo "<div id=\"wpu-profile\"> 350 "; 351 echo $html; 352 echo "</div> 353 "; 354 } 360 355 } 361 356 … … 364 359 global $wpdb; 365 360 366 $comments = $wpdb->get_results( "SELECT comment_ID, comment_post_ID, SUBSTRING(comment_content, 1, 150) AS comment_content361 $comments = $wpdb->get_results( $wpdb->prepare("SELECT comment_ID, comment_post_ID, SUBSTRING(comment_content, 1, 150) AS comment_content 367 362 FROM $wpdb->comments 368 WHERE user_id = $uid363 WHERE user_id = %s 369 364 ORDER BY comment_ID DESC 370 365 LIMIT 10 371 " );366 ", $uid ) ); 372 367 373 368 return $comments; … … 391 386 392 387 function wpu_admin_menu() { 393 add_options_page('WordPress Users Options', 'WordPress Users', 8, __FILE__, 'wpu_admin');388 add_options_page('WordPress Users Options', 'WordPress Users', 'manage_options', __FILE__, 'wpu_admin'); 394 389 } 395 390
Note: See TracChangeset
for help on using the changeset viewer.