Zeile 3 | Zeile 3 |
---|
* MyBB 1.2 * Copyright � 2006 MyBB Group, All Rights Reserved *
|
* MyBB 1.2 * Copyright � 2006 MyBB Group, All Rights Reserved *
|
* Website: http://www.mybboard.com * License: http://www.mybboard.com/eula.html
| * Website: http://www.mybboard.net * License: http://www.mybboard.net/eula.html
|
*
|
*
|
* $Id: user.php 2280 2006-09-27 12:21:17Z chris $
| * $Id: user.php 3006 2007-04-11 06:14:56Z Tikitiki $
|
*/
|
*/
|
| // Disallow direct access to this file for security reasons if(!defined("IN_MYBB")) { die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); }
|
/** * User handling class, provides common structure to handle user data.
| /** * User handling class, provides common structure to handle user data.
|
Zeile 63 | Zeile 69 |
---|
require_once MYBB_ROOT.'inc/functions_user.php';
// Fix bad characters
|
require_once MYBB_ROOT.'inc/functions_user.php';
// Fix bad characters
|
$username = str_replace(array(chr(160), chr(173)), array(" ", "-"), $username);
| $username = str_replace(array(chr(160), chr(173), chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237)), array(" ", "-", "", "", ""), $username);
|
// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);
| // Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);
|
Zeile 76 | Zeile 82 |
---|
}
// Check if the username belongs to the list of banned usernames.
|
}
// Check if the username belongs to the list of banned usernames.
|
$bannedusernames = get_banned_usernames(); if(in_array($username, $bannedusernames))
| if(is_banned_username($username))
|
{ $this->set_error('banned_username'); return false;
| { $this->set_error('banned_username'); return false;
|
Zeile 111 | Zeile 116 |
---|
$username = &$this->data['username'];
|
$username = &$this->data['username'];
|
$query = $db->simple_select(TABLE_PREFIX."users", "COUNT(uid) AS count", "username='".$db->escape_string($username)."'");
| $query = $db->simple_select(TABLE_PREFIX."users", "COUNT(uid) AS count", "LOWER(username)='".$db->escape_string(strtolower($username))."'");
|
$user_count = $db->fetch_field($query, "count"); if($user_count > 0) {
| $user_count = $db->fetch_field($query, "count"); if($user_count > 0) {
|
Zeile 215 | Zeile 220 |
---|
}
// Check banned emails
|
}
// Check banned emails
|
$bannedemails = explode(" ", $mybb->settings['bannedemails']); if(is_array($bannedemails))
| if(is_banned_email($user['email']))
|
{
|
{
|
foreach($bannedemails as $bannedemail) { $bannedemail = strtolower(trim($bannedemail)); if($bannedemail != '') { if(strstr($user['email'], $bannedemail) != '') { $this->set_error('banned_email'); return false; } } }
| $this->set_error('banned_email'); return false;
|
}
// If we have an "email2", verify it matches the existing email
| }
// If we have an "email2", verify it matches the existing email
|
Zeile 237 | Zeile 231 |
---|
{ $this->set_error("emails_dont_match"); return false;
|
{ $this->set_error("emails_dont_match"); return false;
|
}
| }
|
}
/**
| }
/**
|
Zeile 250 | Zeile 244 |
---|
$website = &$this->data['website'];
if($website == '' || $website == 'http://')
|
$website = &$this->data['website'];
if($website == '' || $website == 'http://')
|
{
| {
|
$website = ''; return true;
|
$website = ''; return true;
|
}
| }
|
// Does the website start with http://? if(substr_count($website, 'http://') == 0) {
| // Does the website start with http://? if(substr_count($website, 'http://') == 0) {
|
Zeile 263 | Zeile 257 |
---|
if(substr_count($website, 'http://') == 0) { $this->set_error('invalid_website');
|
if(substr_count($website, 'http://') == 0) { $this->set_error('invalid_website');
|
return false; } }
return true; }
| return false; } }
return true; }
|
/** * Verifies if an ICQ number is valid or not.
| /** * Verifies if an ICQ number is valid or not.
|
Zeile 282 | Zeile 276 |
---|
if($icq != '' && !is_numeric($icq)) { $this->set_error("invalid_icq_number");
|
if($icq != '' && !is_numeric($icq)) { $this->set_error("invalid_icq_number");
|
return false;
| return false;
|
} $icq = intval($icq); return true;
| } $icq = intval($icq); return true;
|
Zeile 296 | Zeile 290 |
---|
function verify_msn() { $msn = &$this->data['msn'];
|
function verify_msn() { $msn = &$this->data['msn'];
|
|
|
if($msn != '' && validate_email_format($msn) == false) { $this->set_error("invalid_msn_address");
| if($msn != '' && validate_email_format($msn) == false) { $this->set_error("invalid_msn_address");
|
Zeile 311 | Zeile 305 |
---|
* @return boolean True when valid, false when invalid. */ function verify_birthday()
|
* @return boolean True when valid, false when invalid. */ function verify_birthday()
|
{
| {
|
$user = &$this->data; $birthday = &$user['birthday'];
| $user = &$this->data; $birthday = &$user['birthday'];
|
Zeile 359 | Zeile 353 |
---|
elseif($birthday['day'] && $birthday['month']) { // If only a day and month are specified, put together a d-m string
|
elseif($birthday['day'] && $birthday['month']) { // If only a day and month are specified, put together a d-m string
|
$user['bday'] = $birthday['day']."-".$birthday['month'];
| $user['bday'] = $birthday['day']."-".$birthday['month']."-";
|
} else {
| } else {
|
Zeile 384 | Zeile 378 |
---|
// Loop through profile fields checking if they exist or not and are filled in. $userfields = array(); $comma = '';
|
// Loop through profile fields checking if they exist or not and are filled in. $userfields = array(); $comma = '';
|
| $editable = ''; if(!$this->data['profile_fields_editable']) { $editable = "editable='yes'"; }
|
// Fetch all profile fields first. $options = array( 'order_by' => 'disporder' );
|
// Fetch all profile fields first. $options = array( 'order_by' => 'disporder' );
|
$query = $db->simple_select(TABLE_PREFIX.'profilefields', 'name, type, fid, required', "editable='yes'", $options);
| $query = $db->simple_select(TABLE_PREFIX.'profilefields', 'name, type, fid, required', $editable, $options);
|
// Then loop through the profile fields. while($profilefield = $db->fetch_array($query))
| // Then loop through the profile fields. while($profilefield = $db->fetch_array($query))
|
Zeile 400 | Zeile 400 |
---|
$field = "fid{$profilefield['fid']}";
// If the profile field is required, but not filled in, present error.
|
$field = "fid{$profilefield['fid']}";
// If the profile field is required, but not filled in, present error.
|
if(!$profile_fields[$field] && $profilefield['required'] == "yes" && !$proferror)
| if(trim($profile_fields[$field]) == "" && $profilefield['required'] == "yes" && !$proferror && !defined('IN_ADMINCP'))
|
{ $this->set_error('missing_required_profile_field', array($profilefield['name'])); }
| { $this->set_error('missing_required_profile_field', array($profilefield['name'])); }
|
Zeile 451 | Zeile 451 |
---|
*/ function verify_referrer() {
|
*/ function verify_referrer() {
|
global $db;
| global $db, $mybb;
|
$user = &$this->data;
// Does the referrer exist or not? if($mybb->settings['usereferrals'] == "yes" && $user['referrer'] != '')
|
$user = &$this->data;
// Does the referrer exist or not? if($mybb->settings['usereferrals'] == "yes" && $user['referrer'] != '')
|
{
| {
|
$options = array( 'limit' => 1 );
| $options = array( 'limit' => 1 );
|
Zeile 487 | Zeile 487 |
---|
$this->verify_yesno_option($options, 'allownotices', 'yes'); $this->verify_yesno_option($options, 'hideemail', 'no'); $this->verify_yesno_option($options, 'emailnotify', 'no');
|
$this->verify_yesno_option($options, 'allownotices', 'yes'); $this->verify_yesno_option($options, 'hideemail', 'no'); $this->verify_yesno_option($options, 'emailnotify', 'no');
|
| $this->verify_yesno_option($options, 'emailpmnotify', 'no');
|
$this->verify_yesno_option($options, 'receivepms', 'yes'); $this->verify_yesno_option($options, 'pmpopup', 'yes'); $this->verify_yesno_option($options, 'pmnotify', 'yes');
| $this->verify_yesno_option($options, 'receivepms', 'yes'); $this->verify_yesno_option($options, 'pmpopup', 'yes'); $this->verify_yesno_option($options, 'pmnotify', 'yes');
|
Zeile 498 | Zeile 499 |
---|
$this->verify_yesno_option($options, 'showquickreply', 'yes'); $this->verify_yesno_option($options, 'showredirect', 'yes');
|
$this->verify_yesno_option($options, 'showquickreply', 'yes'); $this->verify_yesno_option($options, 'showredirect', 'yes');
|
$options['showcodebuttons'] = intval($options['showcodebuttons']); if($this->method == "insert" || (array_key_exists('showcodebuttons', $options) && $options['showcodebuttons'] != '0')) { $options['showcodebuttons'] = 1; }
| if(isset($options['showcodebuttons'])) { $options['showcodebuttons'] = intval($options['showcodebuttons']); if($options['showcodebuttons'] != 0) { $options['showcodebuttons'] = 1; } } else if($this->method == "insert") { $options['showcodebuttons'] = 1; }
|
if($this->method == "insert" || (isset($options['threadmode']) && $options['threadmode'] != "threaded")) { $options['threadmode'] = 'linear';
| if($this->method == "insert" || (isset($options['threadmode']) && $options['threadmode'] != "threaded")) { $options['threadmode'] = 'linear';
|
Zeile 675 | Zeile 684 |
---|
$old_user = get_user($user['uid']); }
|
$old_user = get_user($user['uid']); }
|
if($this->method == "insert" || array_key_exists('usernane', $user))
| if($this->method == "insert" || array_key_exists('username', $user))
|
{ // If the username is the same - no need to verify if(!$old_user['username'] || $user['username'] != $old_user['username'])
| { // If the username is the same - no need to verify if(!$old_user['username'] || $user['username'] != $old_user['username'])
|
Zeile 767 | Zeile 776 |
---|
* Inserts a user into the database. */ function insert_user()
|
* Inserts a user into the database. */ function insert_user()
|
{
| {
|
global $db, $cache, $plugins;
// Yes, validating is required.
| global $db, $cache, $plugins;
// Yes, validating is required.
|
Zeile 826 | Zeile 835 |
---|
"daysprune" => intval($user['options']['daysprune']), "dateformat" => $db->escape_string($user['dateformat']), "timeformat" => $db->escape_string($user['timeformat']),
|
"daysprune" => intval($user['options']['daysprune']), "dateformat" => $db->escape_string($user['dateformat']), "timeformat" => $db->escape_string($user['timeformat']),
|
"regip" => $user['regip'],
| "regip" => $db->escape_string($user['regip']),
|
"language" => $db->escape_string($user['language']), "showcodebuttons" => $user['options']['showcodebuttons'], "away" => $user['away']['away'],
| "language" => $db->escape_string($user['language']), "showcodebuttons" => $user['options']['showcodebuttons'], "away" => $user['away']['away'],
|
Zeile 834 | Zeile 843 |
---|
"returndate" => $user['away']['returndate'], "awayreason" => $db->escape_string($user['away']['awayreason']), "notepad" => $db->escape_string($user['notepad']),
|
"returndate" => $user['away']['returndate'], "awayreason" => $db->escape_string($user['away']['awayreason']), "notepad" => $db->escape_string($user['notepad']),
|
"referrer" => intval($user['referrer_uid'])
| "referrer" => intval($user['referrer_uid']), "buddylist" => '', "ignorelist" => '', "pmfolders" => '', "notepad" => ''
|
); $plugins->run_hooks_by_ref("datahandler_user_insert", $this);
| ); $plugins->run_hooks_by_ref("datahandler_user_insert", $this);
|
Zeile 843 | Zeile 856 |
---|
$this->uid = $db->insert_id();
$user['user_fields']['ufid'] = $this->uid;
|
$this->uid = $db->insert_id();
$user['user_fields']['ufid'] = $this->uid;
|
| $query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields"); while($field = $db->fetch_array($query)) { if($field['Field'] == 'ufid' || array_key_exists($field['Field'], $user['user_fields'])) { continue; } $user['user_fields'][$field['Field']] = ''; }
|
$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']);
// Update forum stats
|
$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']);
// Update forum stats
|
$cache->updatestats();
| update_stats(array('numusers' => '+1'));
|
return array( "uid" => $this->uid, "username" => $user['username'],
| return array( "uid" => $this->uid, "username" => $user['username'],
|
Zeile 864 | Zeile 888 |
---|
function update_user() { global $db, $plugins;
|
function update_user() { global $db, $plugins;
|
|
|
// Yes, validating is required. if(!$this->get_validated())
| // Yes, validating is required. if(!$this->get_validated())
|
Zeile 893 | Zeile 918 |
---|
if(isset($user['email'])) { $this->user_update_data['email'] = $user['email'];
|
if(isset($user['email'])) { $this->user_update_data['email'] = $user['email'];
|
}
| }
|
if(isset($user['postnum'])) { $this->user_update_data['postnum'] = intval($user['postnum']);
| if(isset($user['postnum'])) { $this->user_update_data['postnum'] = intval($user['postnum']);
|
Zeile 924 | Zeile 949 |
---|
$this->user_update_data['regdate'] = intval($user['regdate']); } if(isset($user['lastactive']))
|
$this->user_update_data['regdate'] = intval($user['regdate']); } if(isset($user['lastactive']))
|
{
| {
|
$this->user_update_data['lastactive'] = intval($user['lastactive']);
|
$this->user_update_data['lastactive'] = intval($user['lastactive']);
|
}
| }
|
if(isset($user['lastvisit']))
|
if(isset($user['lastvisit']))
|
{
| {
|
$this->user_update_data['lastvisit'] = intval($user['lastvisit']);
|
$this->user_update_data['lastvisit'] = intval($user['lastvisit']);
|
}
| }
|
if(isset($user['signature']))
|
if(isset($user['signature']))
|
{
| {
|
$this->user_update_data['signature'] = $db->escape_string($user['signature']);
|
$this->user_update_data['signature'] = $db->escape_string($user['signature']);
|
}
| }
|
if(isset($user['website'])) { $this->user_update_data['website'] = $db->escape_string(htmlspecialchars($user['website'])); } if(isset($user['icq']))
|
if(isset($user['website'])) { $this->user_update_data['website'] = $db->escape_string(htmlspecialchars($user['website'])); } if(isset($user['icq']))
|
{
| {
|
$this->user_update_data['icq'] = intval($user['icq']); } if(isset($user['aim']))
| $this->user_update_data['icq'] = intval($user['icq']); } if(isset($user['aim']))
|
Zeile 970 | Zeile 995 |
---|
if(isset($user['dateformat'])) { $this->user_update_data['dateformat'] = $db->escape_string($user['dateformat']);
|
if(isset($user['dateformat'])) { $this->user_update_data['dateformat'] = $db->escape_string($user['dateformat']);
|
}
| }
|
if(isset($user['timeformat'])) { $this->user_update_data['timeformat'] = $db->escape_string($user['timeformat']);
| if(isset($user['timeformat'])) { $this->user_update_data['timeformat'] = $db->escape_string($user['timeformat']);
|
Zeile 1000 | Zeile 1025 |
---|
{ $this->user_update_data[$option] = $value; }
|
{ $this->user_update_data[$option] = $value; }
|
}
| }
|
// First, grab the old user details for later use. $old_user = get_user($user['uid']);
$plugins->run_hooks_by_ref("datahandler_user_update", $this);
|
// First, grab the old user details for later use. $old_user = get_user($user['uid']);
$plugins->run_hooks_by_ref("datahandler_user_update", $this);
|
| if(count($this->user_update_data) < 1) { return false; }
|
// Actual updating happens here. $db->update_query(TABLE_PREFIX."users", $this->user_update_data, "uid='{$user['uid']}'");
|
// Actual updating happens here. $db->update_query(TABLE_PREFIX."users", $this->user_update_data, "uid='{$user['uid']}'");
|
|
|
// Maybe some userfields need to be updated? if(is_array($user['user_fields'])) {
| // Maybe some userfields need to be updated? if(is_array($user['user_fields'])) {
|
Zeile 1017 | Zeile 1047 |
---|
$fields = $db->fetch_array($query); if(!$fields['ufid']) {
|
$fields = $db->fetch_array($query); if(!$fields['ufid']) {
|
$db->insert_query(TABLE_PREFIX."userfields", array('ufid' => $user['uid']));
| $user_fields = array( 'ufid' => $user['uid'] );
$query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields"); while($field = $db->fetch_array($query)) { if($field['Field'] == 'ufid') { continue; } $user_fields[$field['Field']] = ''; } $db->insert_query(TABLE_PREFIX."userfields", $user_fields);
|
} $db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'"); }
| } $db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'"); }
|