Zeile 1496 | Zeile 1496 |
---|
$mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']); $mybb->input['avatarurl'] = htmlspecialchars($mybb->input['avatarurl']); $ext = getextention($mybb->input['avatarurl']);
|
$mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']); $mybb->input['avatarurl'] = htmlspecialchars($mybb->input['avatarurl']); $ext = getextention($mybb->input['avatarurl']);
|
if(preg_match("#gif|jpg|jpeg|jpe|bmp|png#i", $ext) && $mybb->settings['maxavatardims'] != "")
| list($width, $height, $type) = @getimagesize($mybb->input['avatarurl']);
if(!$type) { error($lang->error_invalidavatarurl); }
if($width && $height && $mybb->settings['maxavatardims'] != "")
|
{
|
{
|
list($width, $height) = @getimagesize($mybb->input['avatarurl']);
| |
list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']); if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) {
| list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']); if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) {
|
Zeile 1513 | Zeile 1519 |
---|
redirect("usercp.php", $lang->redirect_avatarupdated); } elseif($mybb->input['action'] == "notepad")
|
redirect("usercp.php", $lang->redirect_avatarupdated); } elseif($mybb->input['action'] == "notepad")
|
{
| {
|
$plugins->run_hooks("usercp_notepad_start"); $mybbuser['notepad'] = htmlspecialchars($mybbuser['notepad']); eval("\$notepad = \"".$templates->get("usercp_notepad")."\";");
| $plugins->run_hooks("usercp_notepad_start"); $mybbuser['notepad'] = htmlspecialchars($mybbuser['notepad']); eval("\$notepad = \"".$templates->get("usercp_notepad")."\";");
|
Zeile 1528 | Zeile 1534 |
---|
redirect("usercp.php", $lang->redirect_notepadupdated); } elseif($mybb->input['action'] == "editlists")
|
redirect("usercp.php", $lang->redirect_notepadupdated); } elseif($mybb->input['action'] == "editlists")
|
{
| {
|
$plugins->run_hooks("usercp_editlists_start"); $buddyarray = explode(",", $mybb->user['buddylist']); if(is_array($buddyarray))
| $plugins->run_hooks("usercp_editlists_start"); $buddyarray = explode(",", $mybb->user['buddylist']); if(is_array($buddyarray))
|
Zeile 1540 | Zeile 1546 |
---|
} $query = $db->query("SELECT username, uid FROM ".TABLE_PREFIX."users WHERE uid IN ($buddysql)"); while($buddy = $db->fetch_array($query))
|
} $query = $db->query("SELECT username, uid FROM ".TABLE_PREFIX."users WHERE uid IN ($buddysql)"); while($buddy = $db->fetch_array($query))
|
{
| {
|
$uid = $buddy['uid']; $username = $buddy['username']; eval("\$buddylist .= \"".$templates->get("usercp_editlists_user")."\";");
|
$uid = $buddy['uid']; $username = $buddy['username']; eval("\$buddylist .= \"".$templates->get("usercp_editlists_user")."\";");
|
}
| }
|
} $ignorearray = explode(",", $mybb->user['ignorelist']); if(is_array($ignorearray)) {
| } $ignorearray = explode(",", $mybb->user['ignorelist']); if(is_array($ignorearray)) {
|
Zeile 1559 | Zeile 1565 |
---|
$uid = $ignoreuser['uid']; $username = $ignoreuser['username']; eval("\$ignorelist .= \"".$templates->get("usercp_editlists_user")."\";");
|
$uid = $ignoreuser['uid']; $username = $ignoreuser['username']; eval("\$ignorelist .= \"".$templates->get("usercp_editlists_user")."\";");
|
}
| }
|
} for($i=1;$i<=2;$i++) {
| } for($i=1;$i<=2;$i++) {
|
Zeile 1575 | Zeile 1581 |
---|
{ $plugins->run_hooks("usercp_do_editlists_start"); while(list($key, $val) = each($mybb->input['listuser']))
|
{ $plugins->run_hooks("usercp_do_editlists_start"); while(list($key, $val) = each($mybb->input['listuser']))
|
{
| {
|
if(strtoupper($mybb->user['username']) != strtoupper($val)) { $val = addslashes($val);
| if(strtoupper($mybb->user['username']) != strtoupper($val)) { $val = addslashes($val);
|
Zeile 1590 | Zeile 1596 |
---|
$comma2 = ","; } if($mybb->input['list'] == "ignore")
|
$comma2 = ","; } if($mybb->input['list'] == "ignore")
|
{
| {
|
$type = "ignorelist"; } else
| $type = "ignorelist"; } else
|
Zeile 1713 | Zeile 1719 |
---|
$plugins->run_hooks("usercp_usergroups_change_displaygroup"); redirect("usercp.php?action=usergroups", $lang->display_group_changed); exit;
|
$plugins->run_hooks("usercp_usergroups_change_displaygroup"); redirect("usercp.php?action=usergroups", $lang->display_group_changed); exit;
|
}
| }
|
// Leaving a group if($mybb->input['leavegroup'])
|
// Leaving a group if($mybb->input['leavegroup'])
|
{
| {
|
if(!strstr($ingroups, ",".$mybb->input['leavegroup'].",")) { error($lang->not_member_of_group);
|
if(!strstr($ingroups, ",".$mybb->input['leavegroup'].",")) { error($lang->not_member_of_group);
|
}
| }
|
if($mybb->user['usergroup'] == $mybb->input['leavegroup']) { error($lang->cannot_leave_primary_group);
|
if($mybb->user['usergroup'] == $mybb->input['leavegroup']) { error($lang->cannot_leave_primary_group);
|
}
| }
|
$query = $db->query("SELECT * FROM ".TABLE_PREFIX."usergroups WHERE gid='".intval($mybb->input['leavegroup'])."'"); $usergroup = $db->fetch_array($query); if($usergroup['type'] != 4 && $usergroup['type'] != 3)
| $query = $db->query("SELECT * FROM ".TABLE_PREFIX."usergroups WHERE gid='".intval($mybb->input['leavegroup'])."'"); $usergroup = $db->fetch_array($query); if($usergroup['type'] != 4 && $usergroup['type'] != 3)
|
Zeile 1736 | Zeile 1742 |
---|
$plugins->run_hooks("usercp_usergroups_leave_group"); redirect("usercp.php?action=usergroups", $lang->left_group); }
|
$plugins->run_hooks("usercp_usergroups_leave_group"); redirect("usercp.php?action=usergroups", $lang->left_group); }
|
|
|
// Joining a group if($mybb->input['joingroup']) {
|
// Joining a group if($mybb->input['joingroup']) {
|
| $mybb->input['joingroup'] = intval($mybb->input['joingroup']);
|
$query = $db->query("SELECT * FROM ".TABLE_PREFIX."usergroups WHERE gid='".intval($mybb->input['joingroup'])."'"); $usergroup = $db->fetch_array($query);
|
$query = $db->query("SELECT * FROM ".TABLE_PREFIX."usergroups WHERE gid='".intval($mybb->input['joingroup'])."'"); $usergroup = $db->fetch_array($query);
|
if($usergroup['type'] != 4 && $usergroup['type'] != 3)
| if(($usergroup['type'] != 4 && $usergroup['type'] != 3) || !$usergroup['gid'])
|
{ error($lang->cannot_join_group); }
| { error($lang->cannot_join_group); }
|