Zeile 3 | Zeile 3 |
---|
* MyBB 1.2 * Copyright � 2006 MyBB Group, All Rights Reserved *
|
* MyBB 1.2 * Copyright � 2006 MyBB Group, All Rights Reserved *
|
* Website: http://www.mybboard.com * License: http://www.mybboard.com/eula.html
| * Website: http://www.mybboard.net * License: http://www.mybboard.net/eula.html
|
*
|
*
|
* $Id: usercp.php 2265 2006-09-26 14:49:36Z Tikitiki $
| * $Id: usercp.php 3598 2008-01-20 20:42:43Z Tikitiki $
|
*/
define("IN_MYBB", 1);
| */
define("IN_MYBB", 1);
|
Zeile 32 | Zeile 32 |
---|
if(!$mybb->user['pmfolders']) {
|
if(!$mybb->user['pmfolders']) {
|
$mybb->user['pmfolders'] = "1**Inbox$%%$2**Sent Items$%%$3**Drafts$%%$4**Trash Can";
| $mybb->user['pmfolders'] = "1**".$lang->folder_inbox."$%%$2**".$lang->folder_sent_items."$%%$3**".$lang->folder_drafts."$%%$4**".$lang->folder_trash;
|
$db->update_query(TABLE_PREFIX."users", array('pmfolders' => $mybb->user['pmfolders']), "uid='".$mybb->user['uid']."'"); }
| $db->update_query(TABLE_PREFIX."users", array('pmfolders' => $mybb->user['pmfolders']), "uid='".$mybb->user['uid']."'"); }
|
Zeile 52 | Zeile 52 |
---|
'allow_imgcode' => $mybb->settings['sigimgcode'] ); $parsed_sig = $parser->parse_message($mybb->input['signature'], $parser_options);
|
'allow_imgcode' => $mybb->settings['sigimgcode'] ); $parsed_sig = $parser->parse_message($mybb->input['signature'], $parser_options);
|
if(($mybb->settings['sigimgcode'] == "no" && substr_count($parsed_sig, "<img") > 0) || ($mybb->settings['sigimgcode'] == "yes" && substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages']))
| if((($mybb->settings['sigimgcode'] == "no" && $mybb->settings['sigsmilies'] != 'yes') && substr_count($parsed_sig, "<img") > 0) || (($mybb->settings['sigimgcode'] == "yes" || $mybb->settings['sigsmilies'] == 'yes') && substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages']) )
|
{ if($mybb->settings['sigimgcode'] == "yes") {
| { if($mybb->settings['sigimgcode'] == "yes") {
|
Zeile 153 | Zeile 157 |
---|
if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post") {
|
if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post") {
|
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_profile_start");
if($mybb->input['away'] == "yes" && $mybb->settings['allowaway'] != "no") { $awaydate = time();
|
$plugins->run_hooks("usercp_do_profile_start");
if($mybb->input['away'] == "yes" && $mybb->settings['allowaway'] != "no") { $awaydate = time();
|
if($mybb->input['awayday'] && $mybb->input['awaymonth'] && $mybb->input['awayyear'])
| if($mybb->input['awayday'])
|
{
|
{
|
| if(!$mybb->input['awaymonth']) { $mybb->input['awaymonth'] = my_date('n', $awaydate); } if(!$mybb->input['awayyear']) { $mybb->input['awayyear'] = my_date('Y', $awaydate); } if($mybb->input['awayyear'] >= 2038) { error($lang->error_usercp_return_date_2038); }
|
$returntimestamp = gmmktime(0, 0, 0, $mybb->input['awaymonth'], $mybb->input['awayday'], $mybb->input['awayyear']); $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));
|
$returntimestamp = gmmktime(0, 0, 0, $mybb->input['awaymonth'], $mybb->input['awayday'], $mybb->input['awayyear']); $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));
|
if ($returntimestamp < $awaytimestamp)
| if($returntimestamp < $awaytimestamp && $mybb->input['awayyear'] < my_date("Y"))
|
{ error($lang->error_usercp_return_date_past); }
| { error($lang->error_usercp_return_date_past); }
|
Zeile 229 | Zeile 251 |
---|
$errors = $userhandler->get_friendly_errors(); $errors = inline_error($errors); $mybb->input['action'] = "profile";
|
$errors = $userhandler->get_friendly_errors(); $errors = inline_error($errors); $mybb->input['action'] = "profile";
|
}
| }
|
else { $userhandler->update_user();
|
else { $userhandler->update_user();
|
$db->update_query(TABLE_PREFIX."users", $newprofile, "uid='".$mybb->user['uid']."'");
| |
$plugins->run_hooks("usercp_do_profile_end"); redirect("usercp.php", $lang->redirect_profileupdated); }
| $plugins->run_hooks("usercp_do_profile_end"); redirect("usercp.php", $lang->redirect_profileupdated); }
|
Zeile 243 | Zeile 264 |
---|
if($mybb->input['action'] == "profile") { if($errors)
|
if($mybb->input['action'] == "profile") { if($errors)
|
{
| {
|
$user = $mybb->input; $bday = array(); $bday[0] = $mybb->input['bday1'];
| $user = $mybb->input; $bday = array(); $bday[0] = $mybb->input['bday1'];
|
Zeile 257 | Zeile 278 |
---|
}
$plugins->run_hooks("usercp_profile_start");
|
}
$plugins->run_hooks("usercp_profile_start");
|
|
|
$bdaysel = ''; for($i = 1; $i <= 31; $i++)
|
$bdaysel = ''; for($i = 1; $i <= 31; $i++)
|
{
| {
|
if($bday[0] == $i) { $bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
| if($bday[0] == $i) { $bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
|
Zeile 273 | Zeile 294 |
---|
$bdaymonthsel[$bday[1]] = "selected";
if($user['website'] == "" || $user['website'] == "http://")
|
$bdaymonthsel[$bday[1]] = "selected";
if($user['website'] == "" || $user['website'] == "http://")
|
{
| {
|
$user['website'] = "http://"; } else
|
$user['website'] = "http://"; } else
|
{
| {
|
$user['website'] = htmlspecialchars_uni($user['website']); }
if($user['icq'] != "0") { $user['icq'] = intval($user['icq']);
|
$user['website'] = htmlspecialchars_uni($user['website']); }
if($user['icq'] != "0") { $user['icq'] = intval($user['icq']);
|
}
| }
|
if($user['icq'] == 0) { $user['icq'] = "";
| if($user['icq'] == 0) { $user['icq'] = "";
|
Zeile 315 | Zeile 336 |
---|
} else {
|
} else {
|
| $user['awayreason'] = htmlspecialchars_uni($user['awayreason']);
|
if($mybb->user['away'] == "yes")
|
if($mybb->user['away'] == "yes")
|
{
| {
|
$awaydate = my_date($mybb->settings['dateformat'], $mybb->user['awaydate']); $awaycheck['yes'] = "checked"; $awaynotice = sprintf($lang->away_notice_away, $awaydate);
|
$awaydate = my_date($mybb->settings['dateformat'], $mybb->user['awaydate']); $awaycheck['yes'] = "checked"; $awaynotice = sprintf($lang->away_notice_away, $awaydate);
|
} else {
| } else {
|
$awaynotice = $lang->away_notice; $awaycheck['no'] = "checked";
|
$awaynotice = $lang->away_notice; $awaycheck['no'] = "checked";
|
}
| }
|
$returndate = explode("-", $mybb->user['returndate']); } $returndatesel = '';
| $returndate = explode("-", $mybb->user['returndate']); } $returndatesel = '';
|
Zeile 335 | Zeile 356 |
---|
if($returndate[0] == $i) { $returndatesel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
|
if($returndate[0] == $i) { $returndatesel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
|
}
| }
|
else { $returndatesel .= "<option value=\"$i\">$i</option>\n";
|
else { $returndatesel .= "<option value=\"$i\">$i</option>\n";
|
}
| }
|
} $returndatemonthsel[$returndate[1]] = "selected";
| } $returndatemonthsel[$returndate[1]] = "selected";
|
Zeile 353 | Zeile 374 |
---|
while($profilefield = $db->fetch_array($query)) { $profilefield['type'] = htmlspecialchars_uni($profilefield['type']);
|
while($profilefield = $db->fetch_array($query)) { $profilefield['type'] = htmlspecialchars_uni($profilefield['type']);
|
| $profilefield['description'] = htmlspecialchars_uni($profilefield['description']);
|
$thing = explode("\n", $profilefield['type'], "2"); $type = $thing[0]; $options = $thing[1];
| $thing = explode("\n", $profilefield['type'], "2"); $type = $thing[0]; $options = $thing[1];
|
Zeile 363 | Zeile 385 |
---|
$userfield = $mybb->input['profile_fields'][$field]; } else
|
$userfield = $mybb->input['profile_fields'][$field]; } else
|
{
| {
|
$userfield = $user[$field]; } if($type == "multiselect")
|
$userfield = $user[$field]; } if($type == "multiselect")
|
{ if($errors) { $useropts = $userfield; } else { $useropts = explode("\n", $userfield); } if(is_array($useropts)) { foreach($useropts as $key => $val) { $seloptions[$val] = $val; } } $expoptions = explode("\n", $options); if(is_array($expoptions)) {
| { if($errors) { $useropts = $userfield; } else { $useropts = explode("\n", $userfield); } if(is_array($useropts)) { foreach($useropts as $key => $val) { $seloptions[$val] = $val; } } $expoptions = explode("\n", $options); if(is_array($expoptions)) {
|
foreach($expoptions as $key => $val) { $val = trim($val);
| foreach($expoptions as $key => $val) { $val = trim($val);
|
Zeile 437 | Zeile 459 |
---|
{ $checked = ""; if($val == $userfield)
|
{ $checked = ""; if($val == $userfield)
|
{ $checked = "checked=\"checked\""; }
| { $checked = "checked=\"checked\""; }
|
$code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\" $checked /> <span class=\"smalltext\">$val</span><br />"; } }
| $code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\" $checked /> <span class=\"smalltext\">$val</span><br />"; } }
|
Zeile 492 | Zeile 514 |
---|
else { eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");
|
else { eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");
|
}
| }
|
$altbg = alt_trow(); $code = ""; $select = "";
| $altbg = alt_trow(); $code = ""; $select = "";
|
Zeile 544 | Zeile 566 |
---|
if($mybb->input['action'] == "do_options" && $mybb->request_method == "post") {
|
if($mybb->input['action'] == "do_options" && $mybb->request_method == "post") {
|
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_options_start");
// Set up user handler.
| $plugins->run_hooks("usercp_do_options_start");
// Set up user handler.
|
Zeile 573 | Zeile 598 |
---|
"receivepms" => $mybb->input['receivepms'], "pmpopup" => $mybb->input['pmpopup'], "daysprune" => $mybb->input['daysprune'],
|
"receivepms" => $mybb->input['receivepms'], "pmpopup" => $mybb->input['pmpopup'], "daysprune" => $mybb->input['daysprune'],
|
"showcodebuttons" => $mybb->input['showcodebuttons'],
| "showcodebuttons" => intval($mybb->input['showcodebuttons']),
|
"pmnotify" => $mybb->input['pmnotify'], "showredirect" => $mybb->input['showredirect'] );
| "pmnotify" => $mybb->input['pmnotify'], "showredirect" => $mybb->input['showredirect'] );
|
Zeile 600 | Zeile 625 |
---|
else { $userhandler->update_user();
|
else { $userhandler->update_user();
|
$db->update_query(TABLE_PREFIX."users", $updatedoptions, "uid='".$mybb->user['uid']."'");
| |
// If the cookie settings are different, re-set the cookie if($mybb->input['remember'] != $mybb->user['remember'])
| // If the cookie settings are different, re-set the cookie if($mybb->input['remember'] != $mybb->user['remember'])
|
Zeile 845 | Zeile 868 |
---|
$explodedppp = explode(",", $mybb->settings['userpppoptions']); $pppoptions = ''; if(is_array($explodedppp))
|
$explodedppp = explode(",", $mybb->settings['userpppoptions']); $pppoptions = ''; if(is_array($explodedppp))
|
{
| {
|
foreach($explodedppp as $key => $val) { $val = trim($val);
| foreach($explodedppp as $key => $val) { $val = trim($val);
|
Zeile 866 | Zeile 889 |
---|
if($mybb->input['action'] == "do_email" && $mybb->request_method == "post") {
|
if($mybb->input['action'] == "do_email" && $mybb->request_method == "post") {
|
$plugins->run_hooks("usercp_do_email_start");
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
|
|
$user = validate_password_from_uid($mybb->user['uid'], $mybb->input['password']); if(!$user['uid']) { error($lang->error_invalidpassword); } if($mybb->input['email'] != $mybb->input['email2']) { error($lang->error_emailmismatch); }
//Email Banning Code if($mybb->settings['emailkeep'] != "yes") { $bannedemails = explode(" ", $mybb->settings['emailban']); if(is_array($bannedemails)) { foreach($bannedemails as $key => $bannedemail) { $bannedemail = trim($bannedemail); if($bannedemail != "") { if(strstr($mybb->input['email'], $bannedemail) != "") { error($lang->error_bannedemail); } } } } } if(!preg_match("/^(.+)@[a-zA-Z0-9-]+\.[a-zA-Z0-9.-]+$/si", $mybb->input['email'])) { error($lang->error_invalidemail); } if(function_exists("emailChanged")) { emailChanged($mybb->user['uid'], $mybb->input['email']); }
if($mybb->user['usergroup'] != "5") { $activationcode = random_str(); $now = time(); $db->delete_query(TABLE_PREFIX."awaitingactivation", "uid='".$mybb->user['uid']."'"); $newactivation = array(
| $errors = array();
$plugins->run_hooks("usercp_do_email_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false) { $errors[] = $lang->error_invalidpassword; } else { // Set up user handler. require_once "inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(
|
"uid" => $mybb->user['uid'],
|
"uid" => $mybb->user['uid'],
|
"dateline" => time(), "code" => $activationcode, "type" => "e", "oldgroup" => $mybb->user['usergroup'], "misc" => $db->escape_string($mybb->input['email'])
| "email" => $mybb->input['email'], "email2" => $mybb->input['email2']
|
);
|
);
|
| $userhandler->set_data($user);
if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); } else { if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != "yes") { $activationcode = random_str(); $now = time(); $db->delete_query(TABLE_PREFIX."awaitingactivation", "uid='".$mybb->user['uid']."'"); $newactivation = array( "uid" => $mybb->user['uid'], "dateline" => time(), "code" => $activationcode, "type" => "e", "oldgroup" => $mybb->user['usergroup'], "misc" => $db->escape_string($mybb->input['email']) ); $db->insert_query(TABLE_PREFIX."awaitingactivation", $newactivation);
|
|
|
$db->insert_query(TABLE_PREFIX."awaitingactivation", $newactivation); $username = $mybb->user['username']; $uid = $mybb->user['uid']; $lang->emailsubject_changeemail = sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']); $lang->email_changeemail = sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->input['email'], $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']); my_mail($mybb->input['email'], $lang->emailsubject_changeemail, $lang->email_changeemail); $plugins->run_hooks("usercp_do_email_verify"); error($lang->redirect_changeemail_activation); } else { $db->update_query(TABLE_PREFIX."users", array('email' => $db->escape_string($mybb->input['email'])), "uid='".$mybb->user['uid']."'"); $plugins->run_hooks("usercp_do_email_changed"); redirect("usercp.php", $lang->redirect_emailupdated);
| $username = $mybb->user['username']; $uid = $mybb->user['uid']; $lang->emailsubject_changeemail = sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']); $lang->email_changeemail = sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->input['email'], $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']); my_mail($mybb->input['email'], $lang->emailsubject_changeemail, $lang->email_changeemail); $plugins->run_hooks("usercp_do_email_verify"); error($lang->redirect_changeemail_activation); } else { $userhandler->update_user(); $plugins->run_hooks("usercp_do_email_changed"); redirect("usercp.php", $lang->redirect_emailupdated); } } } if(count($errors) > 0) { $mybb->input['action'] = "email"; $errors = inline_error($errors);
|
} }
|
} }
|
|
|
if($mybb->input['action'] == "email") {
|
if($mybb->input['action'] == "email") {
|
| // Coming back to this page after one or more errors were experienced, show fields the user previously entered (with the exception of the password) if($errors) { $email = htmlspecialchars_uni($mybb->input['email']); $email2 = htmlspecialchars_uni($mybb->input['email2']); } else { $email = $email2 = ''; }
|
$plugins->run_hooks("usercp_email_start"); eval("\$changemail = \"".$templates->get("usercp_email")."\";"); $plugins->run_hooks("usercp_email_end"); output_page($changemail);
|
$plugins->run_hooks("usercp_email_start"); eval("\$changemail = \"".$templates->get("usercp_email")."\";"); $plugins->run_hooks("usercp_email_end"); output_page($changemail);
|
}
| }
|
if($mybb->input['action'] == "do_password" && $mybb->request_method == "post") {
|
if($mybb->input['action'] == "do_password" && $mybb->request_method == "post") {
|
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']); $errors = array();
|
$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)
|
$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)
|
{ error($lang->error_invalidpassword); } if($mybb->input['password'] == "") { error($lang->error_invalidnewpassword); } if($mybb->input['password'] != $mybb->input['password2']) { error($lang->error_passwordmismatch); } $plugins->run_hooks("usercp_do_password_process"); $logindetails = update_password($mybb->user['uid'], md5($mybb->input['password']), $mybb->user['salt']); my_setcookie("mybbuser", $mybb->user['uid']."_".$logindetails['loginkey']); $plugins->run_hooks("usercp_do_password_end"); redirect("usercp.php", $lang->redirect_passwordupdated); }
| { $errors[] = $lang->error_invalidpassword; } else { // Set up user handler. require_once "inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array( "uid" => $mybb->user['uid'], "password" => $mybb->input['password'], "password2" => $mybb->input['password2'] );
$userhandler->set_data($user);
if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); } else { $userhandler->update_user(); my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey']); $plugins->run_hooks("usercp_do_password_end"); redirect("usercp.php", $lang->redirect_passwordupdated); } } if(count($errors) > 0) { $mybb->input['action'] = "password"; $errors = inline_error($errors); } }
|
if($mybb->input['action'] == "password") {
| if($mybb->input['action'] == "password") {
|
Zeile 979 | Zeile 1031 |
---|
if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post") {
|
if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post") {
|
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_changename_start"); if($mybb->usergroup['canchangename'] != "yes")
|
$plugins->run_hooks("usercp_do_changename_start"); if($mybb->usergroup['canchangename'] != "yes")
|
{
| {
|
error_no_permission();
|
error_no_permission();
|
}
| }
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false) { $errors[] = $lang->error_invalidpassword; } else { // Set up user handler. require_once "inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array( "uid" => $mybb->user['uid'], "username" => $mybb->input['username'] );
$userhandler->set_data($user);
if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); } else { $userhandler->update_user(); $plugins->run_hooks("usercp_do_changename_end"); redirect("usercp.php", $lang->redirect_namechanged);
|
|
|
if(!trim($mybb->input['username']) || eregi("<|>|&", $mybb->input['username'])) { error($lang->error_bannedusername); } $query = $db->simple_select(TABLE_PREFIX."users", "username", "LOWER(username)='".strtolower($mybb->input['username'])."'"); if($db->fetch_array($query)) { error($lang->error_usernametaken); } $plugins->run_hooks("usercp_do_changename_process"); $db->update_query(TABLE_PREFIX."users", array('username' => $db->escape_string($mybb->input['username'])), "uid='".$mybb->user['uid']."'"); $db->update_query(TABLE_PREFIX."forums", array('lastposter' => $db->escape_string($mybb->input['username'])), "lastposter='".$mybb->user['username']."'"); $db->update_query(TABLE_PREFIX."threads", array('lastposter' => $db->escape_string($mybb->input['username'])), "lastposter='".$mybb->user['username']."'"); $plugins->run_hooks("usercp_do_changename_end"); redirect("usercp.php", $lang->redirect_namechanged);
| } } if(count($errors) > 0) { $errors = inline_error($errors); $mybb->input['action'] = "changename"; }
|
}
if($mybb->input['action'] == "changename")
| }
if($mybb->input['action'] == "changename")
|
Zeile 1052 | Zeile 1125 |
---|
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid) WHERE f.type='f' AND f.uid='".$mybb->user['uid']."' ORDER BY t.lastpost DESC
|
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid) WHERE f.type='f' AND f.uid='".$mybb->user['uid']."' ORDER BY t.lastpost DESC
|
| LIMIT {$start}, {$perpage}
|
"); while($favorite = $db->fetch_array($query)) {
| "); while($favorite = $db->fetch_array($query)) {
|
Zeile 1293 | Zeile 1367 |
---|
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") {
|
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") {
|
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_editsig_start"); if($mybb->input['updateposts'] == "enable") {
| $plugins->run_hooks("usercp_do_editsig_start"); if($mybb->input['updateposts'] == "enable") {
|
Zeile 1302 | Zeile 1379 |
---|
$db->update_query(TABLE_PREFIX."posts", $update_signature, "uid='".$mybb->user['uid']."'"); } elseif($mybb->input['updateposts'] == "disable")
|
$db->update_query(TABLE_PREFIX."posts", $update_signature, "uid='".$mybb->user['uid']."'"); } elseif($mybb->input['updateposts'] == "disable")
|
{
| {
|
$update_signature = array( "includesig" => "no" );
| $update_signature = array( "includesig" => "no" );
|
Zeile 1330 | Zeile 1407 |
---|
{ $sig = $mybb->user['signature']; $template = "usercp_editsig_current";
|
{ $sig = $mybb->user['signature']; $template = "usercp_editsig_current";
|
}
| }
|
if($sig) {
| if($sig) {
|
Zeile 1348 | Zeile 1425 |
---|
if($mybb->settings['sigsmilies'] == "yes") { $sigsmilies = $lang->on;
|
if($mybb->settings['sigsmilies'] == "yes") { $sigsmilies = $lang->on;
|
} else
| } else
|
{ $sigsmilies = $lang->off; }
| { $sigsmilies = $lang->off; }
|
Zeile 1368 | Zeile 1445 |
---|
else { $sightml = $lang->off;
|
else { $sightml = $lang->off;
|
}
| }
|
if($mybb->settings['sigimgcode'] == "yes") { $sigimgcode = $lang->on;
|
if($mybb->settings['sigimgcode'] == "yes") { $sigimgcode = $lang->on;
|
} else {
| } else {
|
$sigimgcode = $lang->off; } $sig = htmlspecialchars_uni($sig); $lang->edit_sig_note2 = sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']); eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");
|
$sigimgcode = $lang->off; } $sig = htmlspecialchars_uni($sig); $lang->edit_sig_note2 = sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']); eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");
|
$plugins->run_hooks("usercp_endsig_end");
| $plugins->run_hooks("usercp_editsig_end");
|
output_page($editsig); }
|
output_page($editsig); }
|
if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post") { $plugins->run_hooks("usercp_do_avatar_start"); require_once MYBB_ROOT."inc/functions_upload.php"; if($mybb->input['remove']) // remove avatar { $updated_avatar = array( "avatar" => "", "avatardimensions" => "", "avatartype" => "" ); $db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'"); remove_avatars($mybb->user['uid']);
| if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->input['my_post_key']); $plugins->run_hooks("usercp_do_avatar_start"); require_once MYBB_ROOT."inc/functions_upload.php"; if($mybb->input['remove']) // remove avatar { $updated_avatar = array( "avatar" => "", "avatardimensions" => "", "avatartype" => "" ); $db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'"); remove_avatars($mybb->user['uid']); } elseif($mybb->input['gallery']) // Gallery avatar { if(empty($mybb->input['avatar'])) { $avatar_error = $lang->error_noavatar; }
if(empty($avatar_error)) { if($mybb->input['gallery'] == "default") { $avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']); } else { $avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']); } if(file_exists($avatarpath)) { $updated_avatar = array( "avatar" => $avatarpath, "avatardimensions" => "", "avatartype" => "gallery" ); $db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'"); } remove_avatars($mybb->user['uid']); } } elseif($_FILES['avatarupload']['name']) // upload avatar { if($mybb->usergroup['canuploadavatars'] == "no") { error_no_permission();
|
}
|
}
|
elseif($mybb->input['gallery']) // Gallery avatar { if($mybb->input['gallery'] == "default") { $avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']);
| $avatar = upload_avatar(); if($avatar['error']) { $avatar_error = $avatar['error']; } else { if($avatar['width'] > 0 && $avatar['height'] > 0) { $avatar_dimensions = $avatar['width']."|".$avatar['height']; } $updated_avatar = array( "avatar" => $avatar['avatar'], "avatardimensions" => $avatar_dimensions, "avatartype" => "upload" ); $db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'"); } } else // remote avatar { $mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']); $mybb->input['avatarurl'] = htmlspecialchars($mybb->input['avatarurl']); $ext = get_extension($mybb->input['avatarurl']);
// Copy the avatar to the local server (work around remote URL access disabled for getimagesize) $file = fetch_remote_file($mybb->input['avatarurl']); if(!$file) { $avatar_error = $lang->error_invalidavatarurl; } else { $tmp_name = $mybb->settings['avataruploadpath']."/remote_".md5(uniqid(rand(), true)); $fp = @fopen($tmp_name, "wb"); if(!$fp) { $avatar_error = $lang->error_invalidavatarurl; } else { fwrite($fp, $file); fclose($fp); list($width, $height, $type) = @getimagesize($tmp_name); @unlink($tmp_name); if(!$type) { $avatar_error = $lang->error_invalidavatarurl; } } }
if(empty($avatar_error)) { if($width && $height && $mybb->settings['maxavatardims'] != "") { list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']); if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) { $lang->error_avatartoobig = sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $avatar_error = $lang->error_avatartoobig; } } }
if(empty($avatar_error)) { if($width > 0 && $height > 0) { $avatar_dimensions = intval($width)."|".intval($height);
|
}
|
}
|
else { $avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']); } if(file_exists($avatarpath)) { $updated_avatar = array( "avatar" => $avatarpath, "avatardimensions" => "", "avatartype" => "gallery" ); $db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'"); } remove_avatars($mybb->user['uid']); } elseif($_FILES['avatarupload']['name']) // upload avatar { if($mybb->usergroup['canuploadavatars'] == "no") { error_no_permission(); } $avatar = upload_avatar(); if($avatar['error']) { error($avatar['error']); } if($avatar['width'] > 0 && $avatar['height'] > 0) { $avatar_dimensions = $avatar['width']."|".$avatar['height']; } $updated_avatar = array( "avatar" => $avatar['avatar'], "avatardimensions" => $avatar_dimensions, "avatartype" => "upload" ); $db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'"); } else // remote avatar { $mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']); $mybb->input['avatarurl'] = htmlspecialchars($mybb->input['avatarurl']); $ext = get_extension($mybb->input['avatarurl']); list($width, $height, $type) = @getimagesize($mybb->input['avatarurl']);
| $updated_avatar = array( "avatar" => $db->escape_string($mybb->input['avatarurl']), "avatardimensions" => $avatar_dimensions, "avatartype" => "remote" ); $db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'"); remove_avatars($mybb->user['uid']); } }
|
|
|
if(!$type) { error($lang->error_invalidavatarurl); }
if($width && $height && $mybb->settings['maxavatardims'] != "") { list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']); if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) { $lang->error_avatartoobig = sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); error($lang->error_avatartoobig); } } if($width > 0 && $height > 0) { $avatar_dimensions = intval($width)."|".intval($height); } $updated_avatar = array( "avatar" => $db->escape_string($mybb->input['avatarurl']), "avatardimensions" => $avatar_dimensions, "avatartype" => "remote" ); $db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'"); remove_avatars($mybb->user['uid']); } $plugins->run_hooks("usercp_do_avatar_end"); redirect("usercp.php", $lang->redirect_avatarupdated);
| if(empty($avatar_error)) { $plugins->run_hooks("usercp_do_avatar_end"); redirect("usercp.php", $lang->redirect_avatarupdated); } else { $mybb->input['action'] = "avatar"; $avatar_error = inline_error($avatar_error); }
|
}
if($mybb->input['action'] == "avatar")
| }
if($mybb->input['action'] == "avatar")
|
Zeile 1623 | Zeile 1751 |
---|
} if($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post") {
|
} if($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post") {
|
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_notepad_start"); $db->update_query(TABLE_PREFIX."users", array('notepad' => $db->escape_string($mybb->input['notepad'])), "uid='".$mybb->user['uid']."'"); $plugins->run_hooks("usercp_do_notepad_end");
| $plugins->run_hooks("usercp_do_notepad_start"); $db->update_query(TABLE_PREFIX."users", array('notepad' => $db->escape_string($mybb->input['notepad'])), "uid='".$mybb->user['uid']."'"); $plugins->run_hooks("usercp_do_notepad_end");
|
Zeile 1682 | Zeile 1813 |
---|
} if($mybb->input['action'] == "do_editlists" && $mybb->request_method == "post") {
|
} if($mybb->input['action'] == "do_editlists" && $mybb->request_method == "post") {
|
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_editlists_start"); $comma = ''; $users = '';
| $plugins->run_hooks("usercp_do_editlists_start"); $comma = ''; $users = '';
|
Zeile 1765 | Zeile 1899 |
---|
} if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post") {
|
} if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post") {
|
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_drafts_start"); if(!$mybb->input['deletedraft'])
|
$plugins->run_hooks("usercp_do_drafts_start"); if(!$mybb->input['deletedraft'])
|
{
| {
|
error($lang->no_drafts_selected); } $pidin = array();
| error($lang->no_drafts_selected); } $pidin = array();
|
Zeile 1775 | Zeile 1912 |
---|
foreach($mybb->input['deletedraft'] as $id => $val) { if($val == "post")
|
foreach($mybb->input['deletedraft'] as $id => $val) { if($val == "post")
|
{
| {
|
$pidin[] = "'".intval($id)."'"; } elseif($val == "thread")
| $pidin[] = "'".intval($id)."'"; } elseif($val == "thread")
|
Zeile 1797 | Zeile 1934 |
---|
$pidinq = "pid IN ($pidin)"; } else
|
$pidinq = "pid IN ($pidin)"; } else
|
{
| {
|
$pidinq = "1=0"; } $db->delete_query(TABLE_PREFIX."posts", "($pidinq $tidinp) AND visible='-2' AND uid='".$mybb->user['uid']."'");
| $pidinq = "1=0"; } $db->delete_query(TABLE_PREFIX."posts", "($pidinq $tidinp) AND visible='-2' AND uid='".$mybb->user['uid']."'");
|
Zeile 1813 | Zeile 1950 |
---|
// Changing our display group if($mybb->input['displaygroup']) {
|
// Changing our display group if($mybb->input['displaygroup']) {
|
if(!strstr($ingroups, ",".$mybb->input['displaygroup'].","))
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']); if(strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)
|
{ error($lang->not_member_of_group); } $query = $db->simple_select(TABLE_PREFIX."usergroups", "*", "gid='".intval($mybb->input['displaygroup'])."'"); $dispgroup = $db->fetch_array($query); if($dispgroup['candisplaygroup'] != "yes")
|
{ error($lang->not_member_of_group); } $query = $db->simple_select(TABLE_PREFIX."usergroups", "*", "gid='".intval($mybb->input['displaygroup'])."'"); $dispgroup = $db->fetch_array($query); if($dispgroup['candisplaygroup'] != "yes")
|
{
| {
|
error($lang->cannot_set_displaygroup); } $db->update_query(TABLE_PREFIX."users", array('displaygroup' => intval($mybb->input['displaygroup'])), "uid='".$mybb->user['uid']."'");
| error($lang->cannot_set_displaygroup); } $db->update_query(TABLE_PREFIX."users", array('displaygroup' => intval($mybb->input['displaygroup'])), "uid='".$mybb->user['uid']."'");
|
Zeile 1831 | Zeile 1971 |
---|
// Leaving a group if($mybb->input['leavegroup'])
|
// Leaving a group if($mybb->input['leavegroup'])
|
{ if(!strstr($ingroups, ",".$mybb->input['leavegroup'].","))
| { // Verify incoming POST request verify_post_check($mybb->input['my_post_key']); if(strpos($ingroups, ",".$mybb->input['leavegroup'].",") === false)
|
{ error($lang->not_member_of_group); }
| { error($lang->not_member_of_group); }
|
Zeile 1849 | Zeile 1992 |
---|
leave_usergroup($mybb->user['uid'], $mybb->input['leavegroup']); $plugins->run_hooks("usercp_usergroups_leave_group"); redirect("usercp.php?action=usergroups", $lang->left_group);
|
leave_usergroup($mybb->user['uid'], $mybb->input['leavegroup']); $plugins->run_hooks("usercp_usergroups_leave_group"); redirect("usercp.php?action=usergroups", $lang->left_group);
|
| exit;
|
}
// Joining a group if($mybb->input['joingroup']) {
|
}
// Joining a group if($mybb->input['joingroup']) {
|
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
$mybb->input['joingroup'] = intval($mybb->input['joingroup']); $query = $db->simple_select(TABLE_PREFIX."usergroups", "*", "gid='".intval($mybb->input['joingroup'])."'"); $usergroup = $db->fetch_array($query);
| $mybb->input['joingroup'] = intval($mybb->input['joingroup']); $query = $db->simple_select(TABLE_PREFIX."usergroups", "*", "gid='".intval($mybb->input['joingroup'])."'"); $usergroup = $db->fetch_array($query);
|
Zeile 1863 | Zeile 2010 |
---|
error($lang->cannot_join_group); }
|
error($lang->cannot_join_group); }
|
if(strstr($ingroups, ",".intval($mybb->input['joingroup']).",") || $mybb->user['usergroup'] == $mybb->input['joingroup'] || $mybb->user['displaygroup'] == $mybb->input['joingroup'])
| if(strpos($ingroups, ",".intval($mybb->input['joingroup']).",") !== false)
|
{ error($lang->already_member_of_group); }
| { error($lang->already_member_of_group); }
|
Zeile 1895 | Zeile 2042 |
---|
$joingroup = $mybb->input['joingroup']; eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";"); output_page($joinpage);
|
$joingroup = $mybb->input['joingroup']; eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";"); output_page($joinpage);
|
| exit();
|
} else {
| } else {
|
Zeile 1982 | Zeile 2130 |
---|
} else {
|
} else {
|
$leavelink = "<div align=\"center\"><a href=\"usercp.php?action=usergroups&leavegroup=".$usergroup['gid']."\">".$lang->usergroup_leave."</a></div>";
| $leavelink = "<div align=\"center\"><a href=\"usercp.php?action=usergroups&leavegroup=".$usergroup['gid']."&my_post_key={$mybb->post_code}\">".$lang->usergroup_leave."</a></div>";
|
} if($usergroup['description']) {
| } if($usergroup['description']) {
|
Zeile 2056 | Zeile 2204 |
---|
} else {
|
} else {
|
$joinlink = "<a href=\"usercp.php?action=usergroups&joingroup={$usergroup['gid']}\">{$lang->join_group}</a>";
| $joinlink = "<a href=\"usercp.php?action=usergroups&joingroup={$usergroup['gid']}&my_post_key={$mybb->post_code}\">{$lang->join_group}</a>";
|
} $usergroupleaders = ''; if($groupleaders[$usergroup['gid']])
| } $usergroupleaders = ''; if($groupleaders[$usergroup['gid']])
|
Zeile 2127 | Zeile 2275 |
---|
$bandwidth = get_friendly_size($bandwidth); if($mybb->usergroup['attachquota']) {
|
$bandwidth = get_friendly_size($bandwidth); if($mybb->usergroup['attachquota']) {
|
$percent = round(($totalusage/($mybb->usergroup['attachquota']*1000))*100)."%"; $attachquota = get_friendly_size($mybb->usergroup['attachquota']*1000);
| $percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100)."%"; $attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
|
$usagenote = sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments); } else
| $usagenote = sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments); } else
|
Zeile 2148 | Zeile 2296 |
---|
} if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post") {
|
} if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post") {
|
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_attachments_start"); require_once MYBB_ROOT."inc/functions_upload.php"; if(!is_array($mybb->input['attachments']))
| $plugins->run_hooks("usercp_do_attachments_start"); require_once MYBB_ROOT."inc/functions_upload.php"; if(!is_array($mybb->input['attachments']))
|
Zeile 2174 | Zeile 2325 |
---|
$perday = $mybb->user['postnum']; }
|
$perday = $mybb->user['postnum']; }
|
$query = $db->simple_select(TABLE_PREFIX."posts", "COUNT(pid) AS posts", "visible > 0"); $posts = $db->fetch_field($query, "posts");
| $stats = $cache->read("stats"); $posts = $stats['numposts'];
|
if($posts == 0) { $percent = "0";
| if($posts == 0) { $percent = "0";
|
Zeile 2212 | Zeile 2363 |
---|
} // Make reputations row $reputations = '';
|
} // Make reputations row $reputations = '';
|
if($mybb->usergroup['usereputationsystem'] == 'yes')
| if($mybb->usergroup['usereputationsystem'] == 'yes' && $mybb->settings['enablereputation'] == 'yes')
|
{ $reputation_link = get_reputation($mybb->user['reputation']); eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");
| { $reputation_link = get_reputation($mybb->user['reputation']); eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");
|