CNason
Member
I have seen many threads on this topic from the past (Specifically on 1.3.x and 1.4.x) there was previously a php file (UserProfile.php) that has a block of code, that if commented out anyone could view a banned members profile however I do not have sed file on 1.5.x and am curious if there is a new method to viewing banned users profiles (for every member, not for those with the permission) or do I simply need to create the missing file?
This was the previous solution:
library/XenForo/Model/UserProfile.php
Remove (or comment) the bold code:
This was the previous solution:
library/XenForo/Model/UserProfile.php
Remove (or comment) the bold code:
Rich (BB code):
public function canViewFullUserProfile(array $user, &$errorPhraseKey = '', array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
if ($viewingUser['user_id'] == $user['user_id'])
{
return true; // always let a user view their own profile
}
if (!XenForo_Permission::hasPermission($viewingUser['permissions'], 'general', 'viewProfile'))
{
return false;
}
$userModel = $this->_getUserModel();
if (!$userModel->passesPrivacyCheck($user['allow_view_profile'], $user, $viewingUser))
{
$errorPhraseKey = 'member_limits_viewing_profile';
return false;
// TODO: we should do a limited profile at some point
}
// don't display the profiles of unconfirmed users
if ($user['user_state'] != 'valid' & $user['user_state'] != 'email_confirm_edit' && !$userModel->canByPassUserPrivacy($user['user_id']))
{
$errorPhraseKey = 'this_users_profile_is_not_available';
return false;
}
// user profiles of permanently-banned users should be unavailable to all but privacy-bypassing users
if ($user['is_banned'])
{
$ban = $this->getModelFromCache('XenForo_Model_Banning')->getBannedUserById($user['user_id']);
if ($ban && $ban['end_date'] == 0 && !$userModel->canBypassUserPrivacy($null, $viewingUser))
{
$errorPhraseKey = 'this_users_profile_is_not_available';
return false;
}
}
return true;
}
