| Zeile 6 | Zeile 6 |
|---|
* Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html
*
|
* Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html
*
|
* $Id: user.php 2194 2006-09-03 12:46:22Z chris $
| * $Id: user.php 2280 2006-09-27 12:21:17Z chris $
|
*/
/**
| */
/**
|
| Zeile 57 | Zeile 57 |
|---|
*/
function verify_username()
{
|
*/
function verify_username()
{
|
| | global $mybb;
|
$username = &$this->data['username'];
require_once MYBB_ROOT.'inc/functions_user.php';
| $username = &$this->data['username'];
require_once MYBB_ROOT.'inc/functions_user.php';
|
| Zeile 65 | Zeile 67 |
|---|
// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);
|
// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);
|
|
|
// Check if the username is not empty.
if(trim($username) == '')
{
$this->set_error('missing_username');
|
// Check if the username is not empty.
if(trim($username) == '')
{
$this->set_error('missing_username');
|
return false;
| return false;
|
}
// Check if the username belongs to the list of banned usernames.
| }
// Check if the username belongs to the list of banned usernames.
|
| Zeile 78 | Zeile 80 |
|---|
if(in_array($username, $bannedusernames))
{
$this->set_error('banned_username');
|
if(in_array($username, $bannedusernames))
{
$this->set_error('banned_username');
|
return false;
}
| return false;
}
|
// Check for certain characters in username (<, >, &, and slashes)
if(eregi("<", $username) || eregi(">", $username) || eregi("&", $username) || strpos($username, "\\") !== false || eregi(";", $username))
|
// Check for certain characters in username (<, >, &, and slashes)
if(eregi("<", $username) || eregi(">", $username) || eregi("&", $username) || strpos($username, "\\") !== false || eregi(";", $username))
|
{
| {
|
$this->set_error("bad_characters_username");
return false;
}
| $this->set_error("bad_characters_username");
return false;
}
|
| Zeile 92 | Zeile 94 |
|---|
if(($mybb->settings['maxnamelength'] != 0 && my_strlen($username) > $mybb->settings['maxnamelength']) || ($mybb->settings['minnamelength'] != 0 && my_strlen($username) < $mybb->settings['minnamelength']) && !$bannedusername && !$missingname)
{
$this->set_error('invalid_username_length', array($mybb->settings['minnamelength'], $mybb->settings['maxnamelength']));
|
if(($mybb->settings['maxnamelength'] != 0 && my_strlen($username) > $mybb->settings['maxnamelength']) || ($mybb->settings['minnamelength'] != 0 && my_strlen($username) < $mybb->settings['minnamelength']) && !$bannedusername && !$missingname)
{
$this->set_error('invalid_username_length', array($mybb->settings['minnamelength'], $mybb->settings['maxnamelength']));
|
return false;
| return false;
|
}
return true;
| }
return true;
|
| Zeile 163 | Zeile 165 |
|---|
$user['md5password'] = md5($user['password']);
// Generate our salt
|
$user['md5password'] = md5($user['password']);
// Generate our salt
|
$user['salt'] = generate_salt();
| if(!$user['salt'])
{
$user['salt'] = generate_salt();
}
|
// Combine the password and salt
$user['saltedpw'] = salt_password($user['md5password'], $user['salt']);
|
// Combine the password and salt
$user['saltedpw'] = salt_password($user['md5password'], $user['salt']);
|
| Zeile 171 | Zeile 176 |
|---|
// Generate the user login key
$user['loginkey'] = generate_loginkey();
|
// Generate the user login key
$user['loginkey'] = generate_loginkey();
|
return true;
}
| return true;
}
|
/**
* Verifies usergroup selections and other group details.
|
/**
* Verifies usergroup selections and other group details.
|
*
* @return boolean True when valid, false when invalid.
| *
* @return boolean True when valid, false when invalid.
|
*/
function verify_usergroup()
|
*/
function verify_usergroup()
|
{
$user = &$this->data;
| {
$user = &$this->data;
|
return true;
}
/**
| return true;
}
/**
|
| Zeile 191 | Zeile 196 |
|---|
*/
function verify_email()
{
|
*/
function verify_email()
{
|
| | global $mybb;
|
$user = &$this->data;
// Check if an email address has actually been entered.
if(trim($user['email']) == '')
{
$this->set_error('missing_email');
|
$user = &$this->data;
// Check if an email address has actually been entered.
if(trim($user['email']) == '')
{
$this->set_error('missing_email');
|
return false;
}
| return false;
}
|
// Check if this is a proper email address.
if(validate_email_format($user['email']) === false)
{
$this->set_error('invalid_email_format');
|
// Check if this is a proper email address.
if(validate_email_format($user['email']) === false)
{
$this->set_error('invalid_email_format');
|
return false;
| return false;
|
}
// Check banned emails
| }
// Check banned emails
|
| Zeile 223 | Zeile 230 |
|---|
}
}
}
|
}
}
}
|
}
| }
|
// If we have an "email2", verify it matches the existing email
if(isset($user['email2']) && $user['email'] != $user['email2'])
{
$this->set_error("emails_dont_match");
|
// If we have an "email2", verify it matches the existing email
if(isset($user['email2']) && $user['email'] != $user['email2'])
{
$this->set_error("emails_dont_match");
|
return false;
}
}
/**
| return false;
}
}
/**
|
* Verifies if a website is valid or not.
*
* @return boolean True when valid, false when invalid.
| * Verifies if a website is valid or not.
*
* @return boolean True when valid, false when invalid.
|
| Zeile 338 | Zeile 345 |
|---|
// Error if a year exists and the year is out of range
if($birthday['year'] != 0 && ($birthday['year'] < (date("Y")-100)) || $birthday['year'] > date("Y"))
|
// Error if a year exists and the year is out of range
if($birthday['year'] != 0 && ($birthday['year'] < (date("Y")-100)) || $birthday['year'] > date("Y"))
|
{
| {
|
$this->set_error("invalid_birthday");
return false;
}
| $this->set_error("invalid_birthday");
return false;
}
|
| Zeile 390 | Zeile 397 |
|---|
$profilefield['type'] = htmlspecialchars_uni($profilefield['type']);
$thing = explode("\n", $profilefield['type'], "2");
$type = trim($thing[0]);
|
$profilefield['type'] = htmlspecialchars_uni($profilefield['type']);
$thing = explode("\n", $profilefield['type'], "2");
$type = trim($thing[0]);
|
$field = "fid$profilefield[fid]";
| $field = "fid{$profilefield['fid']}";
|
// If the profile field is required, but not filled in, present error.
if(!$profile_fields[$field] && $profilefield['required'] == "yes" && !$proferror)
|
// If the profile field is required, but not filled in, present error.
if(!$profile_fields[$field] && $profilefield['required'] == "yes" && !$proferror)
|
| Zeile 421 | Zeile 428 |
|---|
{
$expoptions = explode("\n", $thing[1]);
$expoptions = array_map('trim', $expoptions);
|
{
$expoptions = explode("\n", $thing[1]);
$expoptions = array_map('trim', $expoptions);
|
if(!in_array($profile_fields[$field], $expoptions) && $profile_fields[$field] != "")
| if(!in_array(htmlspecialchars_uni($profile_fields[$field]), $expoptions) && $profile_fields[$field] != "")
|
{
$this->set_error('bad_profile_field_values', array($profilefield['name']));
}
| {
$this->set_error('bad_profile_field_values', array($profilefield['name']));
}
|
| Zeile 491 | Zeile 498 |
|---|
$this->verify_yesno_option($options, 'showquickreply', 'yes');
$this->verify_yesno_option($options, 'showredirect', 'yes');
|
$this->verify_yesno_option($options, 'showquickreply', 'yes');
$this->verify_yesno_option($options, 'showredirect', 'yes');
|
if($this->method == "insert" || (array_key_exists('showcodebuttons', $options) && $options['showcodebuttons'] != 0))
| $options['showcodebuttons'] = intval($options['showcodebuttons']);
if($this->method == "insert" || (array_key_exists('showcodebuttons', $options) && $options['showcodebuttons'] != '0'))
|
{
$options['showcodebuttons'] = 1;
}
| {
$options['showcodebuttons'] = 1;
}
|
| Zeile 517 | Zeile 525 |
|---|
$options['tpp'] = intval($options['tpp']);
}
// Verify the "posts per page" option.
|
$options['tpp'] = intval($options['tpp']);
}
// Verify the "posts per page" option.
|
if($this->method == "insert" || (array_key_exists('ppp', $options) && $mybb->settings['usepppoptions']))
| if($this->method == "insert" || (array_key_exists('ppp', $options) && $mybb->settings['userpppoptions']))
|
{
$explodedppp = explode(",", $mybb->settings['userpppoptions']);
if(is_array($explodedppp))
{
@asort($explodedppp);
|
{
$explodedppp = explode(",", $mybb->settings['userpppoptions']);
if(is_array($explodedppp))
{
@asort($explodedppp);
|
$biggest = $explodedtpp[count($explodedppp)-1];
| $biggest = $explodedppp[count($explodedppp)-1];
|
// Is the selected option greater than the allowed options?
if($options['ppp'] > $biggest)
{
| // Is the selected option greater than the allowed options?
if($options['ppp'] > $biggest)
{
|
| Zeile 533 | Zeile 541 |
|---|
$options['ppp'] = intval($options['ppp']);
}
// Is our selected "days prune" option valid or not?
|
$options['ppp'] = intval($options['ppp']);
}
// Is our selected "days prune" option valid or not?
|
if($this->method == "insert" || isset($options['daysprune']))
| if($this->method == "insert" || array_key_exists('daysprune', $options))
|
{
$options['daysprune'] = intval($options['daysprune']);
if($options['daysprune'] < 0)
| {
$options['daysprune'] = intval($options['daysprune']);
if($options['daysprune'] < 0)
|
| Zeile 1018 | Zeile 1026 |
|---|
if($this->user_update_data['username'] != $old_user['username'] && $this->user_update_data['username'] != '')
{
$username_update = array(
|
if($this->user_update_data['username'] != $old_user['username'] && $this->user_update_data['username'] != '')
{
$username_update = array(
|
"username" => $db->escape_string($this->user_update_data['username'])
| "username" => $this->user_update_data['username']
|
);
$lastposter_update = array(
|
);
$lastposter_update = array(
|
"lastposter" => $db->escape_string($this->user_update_data['username'])
| "lastposter" => $this->user_update_data['username']
|
);
$db->update_query(TABLE_PREFIX."posts", $username_update, "uid='{$user['uid']}'");
| );
$db->update_query(TABLE_PREFIX."posts", $username_update, "uid='{$user['uid']}'");
|