Vergleich inc/datahandlers/user.php - 1.2.2 - 1.2.12

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 3Zeile 3
 * MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*

 * MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*

 * Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html

 *

 *

 * $Id: user.php 2458 2006-11-29 07:27:32Z chris $

 * $Id: user.php 3514 2007-11-24 09:02:58Z Tikitiki $

 */

 */

 

// Disallow direct access to this file for security reasons
if(!defined("IN_MYBB"))
{
die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined.");
}


/**
* User handling class, provides common structure to handle user data.


/**
* User handling class, provides common structure to handle user data.

Zeile 56Zeile 62
	 * @param boolean True when valid, false when invalid.
*/
function verify_username()

	 * @param boolean True when valid, false when invalid.
*/
function verify_username()

	{
global $mybb;

	{
global $mybb;

		
$username = &$this->data['username'];
require_once MYBB_ROOT.'inc/functions_user.php';

// Fix bad characters

		
$username = &$this->data['username'];
require_once MYBB_ROOT.'inc/functions_user.php';

// Fix bad characters

		$username = str_replace(array(chr(160), chr(173)), array(" ", "-"), $username);


		$username = trim($username);
$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237)), array(" ", "-", "", "", ""), $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);

// Check if the username is not empty.


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);

// Check if the username is not empty.

		if(trim($username) == '')

		if($username == '')

		{
$this->set_error('missing_username');
return false;
}

// Check if the username belongs to the list of banned usernames.

		{
$this->set_error('missing_username');
return false;
}

// Check if the username belongs to the list of banned usernames.

		$bannedusernames = get_banned_usernames();
if(in_array($username, $bannedusernames))

		if(is_banned_username($username))


		{
$this->set_error('banned_username');
return false;

		{
$this->set_error('banned_username');
return false;

Zeile 91Zeile 97
		}

// Check if the username is of the correct length.

		}

// Check if the username is of the correct length.

		if(($mybb->settings['maxnamelength'] != 0 && my_strlen($username) > $mybb->settings['maxnamelength']) || ($mybb->settings['minnamelength'] != 0 && my_strlen($username) < $mybb->settings['minnamelength']) && !$bannedusername && !$missingname)

		if(($mybb->settings['maxnamelength'] != 0 && my_strlen($username) > $mybb->settings['maxnamelength']) || ($mybb->settings['minnamelength'] != 0 && my_strlen($username) < $mybb->settings['minnamelength']))

		{
$this->set_error('invalid_username_length', array($mybb->settings['minnamelength'], $mybb->settings['maxnamelength']));

		{
$this->set_error('invalid_username_length', array($mybb->settings['minnamelength'], $mybb->settings['maxnamelength']));

			return false;
}

			return false;
}


return true;
}


return true;
}

Zeile 111Zeile 117

$username = &$this->data['username'];



$username = &$this->data['username'];


		$query = $db->simple_select(TABLE_PREFIX."users", "COUNT(uid) AS count", "LOWER(username)='".$db->escape_string(strtolower($username))."'");

		$query = $db->simple_select(TABLE_PREFIX."users", "COUNT(uid) AS count", "LOWER(username)='".$db->escape_string(strtolower(trim($username)))."' AND uid!='{$this->data['uid']}'");

		$user_count = $db->fetch_field($query, "count");
if($user_count > 0)
{

		$user_count = $db->fetch_field($query, "count");
if($user_count > 0)
{

Zeile 144Zeile 150

// See if the board has "require complex passwords" enabled.
if($mybb->settings['requirecomplexpasswords'] == "yes")


// See if the board has "require complex passwords" enabled.
if($mybb->settings['requirecomplexpasswords'] == "yes")

		{

		{

			// Complex passwords required, do some extra checks.
// First, see if there is one or more complex character(s) in the password.
if(!preg_match('#[\W]+#', $user['password']))

			// Complex passwords required, do some extra checks.
// First, see if there is one or more complex character(s) in the password.
if(!preg_match('#[\W]+#', $user['password']))

Zeile 158Zeile 164
		if(isset($user['password2']) && $user['password'] != $user['password2'])
{
$this->set_error("passwords_dont_match");

		if(isset($user['password2']) && $user['password'] != $user['password2'])
{
$this->set_error("passwords_dont_match");

			return false;
}

			return false;
}


// MD5 the password
$user['md5password'] = md5($user['password']);


// MD5 the password
$user['md5password'] = md5($user['password']);

Zeile 204Zeile 210
		if(trim($user['email']) == '')
{
$this->set_error('missing_email');

		if(trim($user['email']) == '')
{
$this->set_error('missing_email');

			return false;
}

			return false;
}


// Check if this is a proper email address.


// Check if this is a proper email address.

		if(validate_email_format($user['email']) === false)
{

		if(!validate_email_format($user['email']))
{

			$this->set_error('invalid_email_format');
return false;
}

// Check banned emails

			$this->set_error('invalid_email_format');
return false;
}

// Check banned emails

		$bannedemails = explode(" ", $mybb->settings['bannedemails']);
if(is_array($bannedemails))

		if(is_banned_email($user['email']))


		{

		{

			foreach($bannedemails as $bannedemail)
{
$bannedemail = strtolower(trim($bannedemail));
if($bannedemail != '')
{
if(strstr($user['email'], $bannedemail) != '')
{
$this->set_error('banned_email');
return false;
}
}
}

			$this->set_error('banned_email');
return false;











		}

// If we have an "email2", verify it matches the existing email

		}

// If we have an "email2", verify it matches the existing email

Zeile 250Zeile 245
		$website = &$this->data['website'];

if($website == '' || $website == 'http://')

		$website = &$this->data['website'];

if($website == '' || $website == 'http://')

		{

		{

			$website = '';
return true;

			$website = '';
return true;

		}

		}


// Does the website start with http://?
if(substr_count($website, 'http://') == 0)


// Does the website start with http://?
if(substr_count($website, 'http://') == 0)

Zeile 266Zeile 261
				return false;
}
}

				return false;
}
}





		return true;
}


		return true;
}


Zeile 282Zeile 277
		if($icq != '' && !is_numeric($icq))
{
$this->set_error("invalid_icq_number");

		if($icq != '' && !is_numeric($icq))
{
$this->set_error("invalid_icq_number");

			return false;

			return false;

		}
$icq = intval($icq);
return true;

		}
$icq = intval($icq);
return true;

Zeile 406Zeile 401
			$field = "fid{$profilefield['fid']}";

// If the profile field is required, but not filled in, present error.

			$field = "fid{$profilefield['fid']}";

// If the profile field is required, but not filled in, present error.

			if(!$profile_fields[$field] && $profilefield['required'] == "yes" && !$proferror)

			if(trim($profile_fields[$field]) == "" && $profilefield['required'] == "yes" && !defined('IN_ADMINCP'))

			{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}

			{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}

Zeile 457Zeile 452
	*/
function verify_referrer()
{

	*/
function verify_referrer()
{

		global $db;

		global $db, $mybb;


$user = &$this->data;



$user = &$this->data;


Zeile 493Zeile 488
		$this->verify_yesno_option($options, 'allownotices', 'yes');
$this->verify_yesno_option($options, 'hideemail', 'no');
$this->verify_yesno_option($options, 'emailnotify', 'no');

		$this->verify_yesno_option($options, 'allownotices', 'yes');
$this->verify_yesno_option($options, 'hideemail', 'no');
$this->verify_yesno_option($options, 'emailnotify', 'no');

 
		$this->verify_yesno_option($options, 'emailpmnotify', 'no');

		$this->verify_yesno_option($options, 'receivepms', 'yes');
$this->verify_yesno_option($options, 'pmpopup', 'yes');
$this->verify_yesno_option($options, 'pmnotify', 'yes');

		$this->verify_yesno_option($options, 'receivepms', 'yes');
$this->verify_yesno_option($options, 'pmpopup', 'yes');
$this->verify_yesno_option($options, 'pmnotify', 'yes');

Zeile 670Zeile 666
			return false;
}
return true;

			return false;
}
return true;

	}


	}


	/**
* Validate all user assets.
*

	/**
* Validate all user assets.
*

Zeile 840Zeile 836
			"daysprune" => intval($user['options']['daysprune']),
"dateformat" => $db->escape_string($user['dateformat']),
"timeformat" => $db->escape_string($user['timeformat']),

			"daysprune" => intval($user['options']['daysprune']),
"dateformat" => $db->escape_string($user['dateformat']),
"timeformat" => $db->escape_string($user['timeformat']),

			"regip" => $user['regip'],

			"regip" => $db->escape_string($user['regip']),

			"language" => $db->escape_string($user['language']),
"showcodebuttons" => $user['options']['showcodebuttons'],
"away" => $user['away']['away'],

			"language" => $db->escape_string($user['language']),
"showcodebuttons" => $user['options']['showcodebuttons'],
"away" => $user['away']['away'],

Zeile 860Zeile 856
		$db->insert_query(TABLE_PREFIX."users", $this->user_insert_data);
$this->uid = $db->insert_id();


		$db->insert_query(TABLE_PREFIX."users", $this->user_insert_data);
$this->uid = $db->insert_id();


		$user['user_fields'] = array(
'ufid' => $this->uid,
'fid1' => '',
'fid2' => '',
'fid3' => ''
);
$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']);







		$user['user_fields']['ufid'] = $this->uid;

$query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields");
while($field = $db->fetch_array($query))
{
if($field['Field'] == 'ufid' || array_key_exists($field['Field'], $user['user_fields']))
{
continue;
}
$user['user_fields'][$field['Field']] = '';
}

$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']);


// Update forum stats


// Update forum stats

		$cache->updatestats();

		update_stats(array('numusers' => '+1'));


return array(
"uid" => $this->uid,


return array(
"uid" => $this->uid,

Zeile 887Zeile 889
	function update_user()
{
global $db, $plugins;

	function update_user()
{
global $db, $plugins;



 

// Yes, validating is required.
if(!$this->get_validated())


// Yes, validating is required.
if(!$this->get_validated())

Zeile 1047Zeile 1048
			if(!$fields['ufid'])
{
$user_fields = array(

			if(!$fields['ufid'])
{
$user_fields = array(

					'ufid' => $user['uid'],
'fid1' => '',
'fid2' => '',
'fid3' => ''

					'ufid' => $user['uid']




				);

				);

 

$query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields");
while($field = $db->fetch_array($query))
{
if($field['Field'] == 'ufid')
{
continue;
}
$user_fields[$field['Field']] = '';
}

				$db->insert_query(TABLE_PREFIX."userfields", $user_fields);
}
$db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'");
}

				$db->insert_query(TABLE_PREFIX."userfields", $user_fields);
}
$db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'");
}





		// Let's make sure the user's name gets changed everywhere in the db if it changed.
if($this->user_update_data['username'] != $old_user['username'] && $this->user_update_data['username'] != '')
{

		// Let's make sure the user's name gets changed everywhere in the db if it changed.
if($this->user_update_data['username'] != $old_user['username'] && $this->user_update_data['username'] != '')
{

Zeile 1066Zeile 1074
			$lastposter_update = array(
"lastposter" => $this->user_update_data['username']
);

			$lastposter_update = array(
"lastposter" => $this->user_update_data['username']
);





			$db->update_query(TABLE_PREFIX."posts", $username_update, "uid='{$user['uid']}'");
$db->update_query(TABLE_PREFIX."threads", $username_update, "uid='{$user['uid']}'");
$db->update_query(TABLE_PREFIX."threads", $lastposter_update, "lastposteruid='{$user['uid']}'");
$db->update_query(TABLE_PREFIX."forums", $lastposter_update, "lastposteruid='{$user['uid']}'");

			$db->update_query(TABLE_PREFIX."posts", $username_update, "uid='{$user['uid']}'");
$db->update_query(TABLE_PREFIX."threads", $username_update, "uid='{$user['uid']}'");
$db->update_query(TABLE_PREFIX."threads", $lastposter_update, "lastposteruid='{$user['uid']}'");
$db->update_query(TABLE_PREFIX."forums", $lastposter_update, "lastposteruid='{$user['uid']}'");

 

global $cache;
$stats = $cache->read("stats");
if($stats['lastuid'] == $user['uid'])
{
// User was latest to register, update stats
update_stats(array("numusers" => "+0"));
}

		}

}

		}

}