Private Field Issue?

Regular Joined: Jul 26, 2006 Posts: 52

I have both 4.4.1 and 4.4.2 on 2 different systems but both have same issue. It may be as simple as it is not suppose to do this..

I have several fields added and they are selected as required for registration. These fields are also listed as private not public, but when I look in the profiles they are visible? Am I nto understanding correctly or not soing something correct.

Posted: Thu Nov 02, 2006 5:46 pm

Youll have to look at the code that shows the profile, Perhaps its making a General Grab of information and outputting what it sees, Now youll need to tell it NOT to output those fields, without knowing what fields you added, help is limited.

Contact me directly for a more direct approach.

Posted: Thu Nov 02, 2006 6:25 pm

I found the code that handles this:

Code:




 if(is_admin($admin) OR is_user($user) AND $usrinfo[username] == $username) {


                    $result = $db->sql_query("SELECT * FROM ".$user_prefix."_cnbya_field WHERE need <> '0' ORDER BY pos");


                } else {


                        $result = $db->sql_query("SELECT * FROM ".$user_prefix."_cnbya_field WHERE need <> '0' AND public='1' ORDER BY pos");

need
0 deactive

Public
0 = private
1 = public

So I figured I could just do with the need and did this:

Code:




 $result = $db->sql_query("SELECT * FROM ".$user_prefix."_cnbya_field WHERE public='1' ORDER BY pos");

so basically I am saying list any fields marked public. I have all of my created fields marked private. I did verify in the db and all is correct.

It still lists the fields

If I use the original code:

Code:




$result = $db->sql_query("SELECT * FROM ".$user_prefix."_cnbya_field WHERE public='1' ORDER BY pos");

And mark all fields diactivated it works fine.

So I am getting confused by my line:

Code:




$result = $db->sql_query("SELECT * FROM ".$user_prefix."_cnbya_field WHERE public='1' ORDER BY pos");

I think it should work. It simply check for the public flag of 1 and dispaly it it is equal. And it is not.

File I am editing is:
Your_Account/userinfo.php

This one has me confused.....

Posted: Thu Nov 02, 2006 10:15 pm

ok your trying to define tables that have public access but your basically saying display all INFORMATION within the table WHERE the USERS PUBLIC FIELD is set to one.

Sorry if I sound like Im trying to drill my point, Im just trying to make it clear as to what Im saying and by no means mean to be offended.

So
SELECT * FROM ".$user_prefix."users WHERE public='1' ORDER BY pos

Is basically saying if the user wants to be viewed publically Grab all info.

Now later down the script you should see a variable ($var ex.)=$db->sql_fetchrow($result);
This assigns $var as an array with all the information that $result grabbed.

This will more then likely lead to a while statement, and Ill need to know the exact field and how you want to varify that it is public to help further with this code

Posted: Sat Nov 04, 2006 8:10 am

Nothing like that. It looks like it is being displayed as in profile line by line.

so as it does a look up it displays it.

Code:







            $usrinfo[user_sig] = nl2br($usrinfo[user_sig]);


            $usrinfo[user_bio] = nl2br($usrinfo[user_bio]);


            $usrinfo[user_lastvisit] = date("d F Y H:i", $usrinfo[user_lastvisit]);


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._USERNAME."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[username]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._REALNAME."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[name]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._EMAIL."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$user_email</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._WEBSITE."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$userwebsite</b></td>\n</tr>\n";


            $usrinfo[user_sig] = nl2br($usrinfo[user_sig]);


            $usrinfo[user_bio] = nl2br($usrinfo[user_bio]);


            $usrinfo[user_lastvisit] = date("d F Y H:i", $usrinfo[user_lastvisit]);


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._USERNAME."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[username]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._REALNAME."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[name]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._EMAIL."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$user_email</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._WEBSITE."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$userwebsite</b></td>\n</tr>\n";





                if(is_admin($admin) OR is_user($user) AND $usrinfo[username] == $username) {


                    $result = $db->sql_query("SELECT * FROM ".$user_prefix."_cnbya_field WHERE need <> '0' ORDER BY pos");


                } else {


                        //$result = $db->sql_query("SELECT * FROM ".$user_prefix."_cnbya_field WHERE need <> '0' AND public='1' ORDER BY pos");


                        $result = $db->sql_query("SELECT * FROM ".$user_prefix."_cnbya_field WHERE public='1' ORDER BY pos");


                }


                while ($sqlvalue = $db->sql_fetchrow($result)) {


                        if (substr($sqlvalue[name],0,1)=='_') eval( "\$name_exit = $sqlvalue[name];"); else $name_exit = $sqlvalue[name];


                        echo "<tr><td width='30%' bgcolor='$bgcolor1'>$name_exit</td><td width='70%' bgcolor='$bgcolor1'>".$usrinfo[$sqlvalue[name]]."</td></tr>\n";


                }


            if ($usrinfo[user_icq] == "") {


                $usrinfo[user_icq] = _YA_NA;}


            if ($usrinfo[user_aim] == "") {


                $usrinfo[user_aim] = _YA_NA;}


            if ($usrinfo[user_yim] == "") {


                $usrinfo[user_yim] = _YA_NA;}


            if ($usrinfo[user_msnm] == "") {


                $usrinfo[user_msnm] = _YA_NA;}


            if ($usrinfo[user_from] == "") {


                $usrinfo[user_from] = _YA_NA;}


            if ($usrinfo[user_occ] == "") {


                $usrinfo[user_occ] = _YA_NA;}


            if ($usrinfo[user_interests] == "") {


                $usrinfo[user_interests] = _YA_NA;}


            if ($usrinfo[user_sig] == "") {


                $usrinfo[user_sig] = _YA_NA;}


            if ($usrinfo[bio] == "") {


                $usrinfo[bio] = _YA_NA;}


            if ($usrinfo[user_lastvisit] == "") {


                $usrinfo[user_lastvisit] = _YA_NA;}


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._ICQ."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[user_icq]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._AIM."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[user_aim]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._YIM."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[user_yim]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._MSNM."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[user_msnm]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._LOCATION."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[user_from]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._REGDATE."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[user_regdate]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._OCCUPATION."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[user_occ]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._INTERESTS."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[user_interests]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._SIGNATURE."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[user_sig]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._EXTRAINFO."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[bio]</b></td>\n</tr>\n";


            echo "<tr>\n<td width='30%' bgcolor='$bgcolor1'>"._YA_LASTVISIT."</td>\n<td width='70%' bgcolor='$bgcolor1'><b>$usrinfo[user_lastvisit]</b></td>\n</tr>\n";


            $sql2 = "SELECT uname FROM ".$prefix."_session WHERE uname='$username'";


            $result2 = $db->sql_query($sql2);


            $row2 = $db->sql_fetchrow($result2);


            $username_pm = $username;


            $active_username = $row2[uname]; // Edited PSL 12-9-04 was killing $username

private fields
private1
private2

I am using these for testing purposes

Posted: Tue Nov 07, 2006 4:27 pm

I do see this:

Code:




 while ($sqlvalue = $db->sql_fetchrow($result)) {


                        if (substr($sqlvalue[name],0,1)=='_') eval( "\$name_exit = $sqlvalue[name];"); else $name_exit = $sqlvalue[name];


                        echo "<tr><td width='30%' bgcolor='$bgcolor1'>$name_exit</td><td width='70%' bgcolor='$bgcolor1'>".$usrinfo[$sqlvalue[name]]."</td></tr>\n";

btw, you site banned me..