Vergleich inc/datahandlers/user.php - 1.2.2 - 1.2.7

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 3Zeile 3
 * MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*

 * MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*

 * Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html

 *

 *

 * $Id: user.php 2458 2006-11-29 07:27:32Z chris $

 * $Id: user.php 3006 2007-04-11 06:14:56Z Tikitiki $

 */

 */

 

// Disallow direct access to this file for security reasons
if(!defined("IN_MYBB"))
{
die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined.");
}


/**
* User handling class, provides common structure to handle user data.


/**
* User handling class, provides common structure to handle user data.

Zeile 24Zeile 30

/**
* The prefix for the language variables used in the data handler.


/**
* The prefix for the language variables used in the data handler.

	*

	*

	* @var string
*/
var $language_prefix = 'userdata';

/**
* Array of data inserted in to a user.

	* @var string
*/
var $language_prefix = 'userdata';

/**
* Array of data inserted in to a user.

	 *
* @var array

	 *
* @var array

	 */
var $user_insert_data = array();


	 */
var $user_insert_data = array();


Zeile 40Zeile 46
	 * Array of data used to update a user.
*
* @var array

	 * Array of data used to update a user.
*
* @var array

	 */

	 */

	var $user_update_data = array();

/**

	var $user_update_data = array();

/**

Zeile 56Zeile 62
	 * @param boolean True when valid, false when invalid.
*/
function verify_username()

	 * @param boolean True when valid, false when invalid.
*/
function verify_username()

	{

	{

		global $mybb;

$username = &$this->data['username'];
require_once MYBB_ROOT.'inc/functions_user.php';

		global $mybb;

$username = &$this->data['username'];
require_once MYBB_ROOT.'inc/functions_user.php';





		// Fix bad characters

		// Fix bad characters

		$username = str_replace(array(chr(160), chr(173)), array(" ", "-"), $username);


		$username = str_replace(array(chr(160), chr(173), chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237)), array(" ", "-", "", "", ""), $username);


		// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);


		// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);


Zeile 72Zeile 78
		if(trim($username) == '')
{
$this->set_error('missing_username');

		if(trim($username) == '')
{
$this->set_error('missing_username');

			return false;
}

			return false;
}


// Check if the username belongs to the list of banned usernames.


// Check if the username belongs to the list of banned usernames.

		$bannedusernames = get_banned_usernames();
if(in_array($username, $bannedusernames))

		if(is_banned_username($username))


		{
$this->set_error('banned_username');
return false;

		{
$this->set_error('banned_username');
return false;

Zeile 123Zeile 128
			return false;
}
}

			return false;
}
}





	/**
* Verifies if a new password is valid or not.
*

	/**
* Verifies if a new password is valid or not.
*

Zeile 139Zeile 144
		if(my_strlen($user['password']) < $mybb->settings['minpasswordlength'])
{
$this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength']));

		if(my_strlen($user['password']) < $mybb->settings['minpasswordlength'])
{
$this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength']));

			return false;
}


			return false;
}


		// See if the board has "require complex passwords" enabled.
if($mybb->settings['requirecomplexpasswords'] == "yes")
{

		// See if the board has "require complex passwords" enabled.
if($mybb->settings['requirecomplexpasswords'] == "yes")
{

Zeile 150Zeile 155
			if(!preg_match('#[\W]+#', $user['password']))
{
$this->set_error('no_complex_characters');

			if(!preg_match('#[\W]+#', $user['password']))
{
$this->set_error('no_complex_characters');

				return false;
}
}


				return false;
}
}


		// If we have a "password2" check if they both match
if(isset($user['password2']) && $user['password'] != $user['password2'])
{

		// If we have a "password2" check if they both match
if(isset($user['password2']) && $user['password'] != $user['password2'])
{

Zeile 168Zeile 173
		if(!$user['salt'])
{
$user['salt'] = generate_salt();

		if(!$user['salt'])
{
$user['salt'] = generate_salt();

		}


		}


		// Combine the password and salt
$user['saltedpw'] = salt_password($user['md5password'], $user['salt']);

		// Combine the password and salt
$user['saltedpw'] = salt_password($user['md5password'], $user['salt']);





		// Generate the user login key
$user['loginkey'] = generate_loginkey();


		// Generate the user login key
$user['loginkey'] = generate_loginkey();


Zeile 181Zeile 186

/**
* Verifies usergroup selections and other group details.


/**
* Verifies usergroup selections and other group details.

	*
* @return boolean True when valid, false when invalid.
*/

	*
* @return boolean True when valid, false when invalid.
*/

	function verify_usergroup()

	function verify_usergroup()

	{

	{

		$user = &$this->data;
return true;
}

		$user = &$this->data;
return true;
}

Zeile 197Zeile 202
	function verify_email()
{
global $mybb;

	function verify_email()
{
global $mybb;


$user = &$this->data;


$user = &$this->data;


// Check if an email address has actually been entered.
if(trim($user['email']) == '')


// Check if an email address has actually been entered.
if(trim($user['email']) == '')

		{

		{

			$this->set_error('missing_email');

			$this->set_error('missing_email');

			return false;
}


			return false;
}


		// Check if this is a proper email address.
if(validate_email_format($user['email']) === false)
{
$this->set_error('invalid_email_format');

		// Check if this is a proper email address.
if(validate_email_format($user['email']) === false)
{
$this->set_error('invalid_email_format');

			return false;
}


			return false;
}


		// Check banned emails

		// Check banned emails

		$bannedemails = explode(" ", $mybb->settings['bannedemails']);
if(is_array($bannedemails))

		if(is_banned_email($user['email']))


		{

		{

			foreach($bannedemails as $bannedemail)
{
$bannedemail = strtolower(trim($bannedemail));
if($bannedemail != '')
{
if(strstr($user['email'], $bannedemail) != '')
{
$this->set_error('banned_email');
return false;
}
}
}

			$this->set_error('banned_email');
return false;











		}

// If we have an "email2", verify it matches the existing email

		}

// If we have an "email2", verify it matches the existing email

Zeile 272Zeile 266

/**
* Verifies if an ICQ number is valid or not.


/**
* Verifies if an ICQ number is valid or not.

	 *
* @return boolean True when valid, false when invalid.
*/

	 *
* @return boolean True when valid, false when invalid.
*/

	function verify_icq()
{
$icq = &$this->data['icq'];

	function verify_icq()
{
$icq = &$this->data['icq'];

Zeile 406Zeile 400
			$field = "fid{$profilefield['fid']}";

// If the profile field is required, but not filled in, present error.

			$field = "fid{$profilefield['fid']}";

// If the profile field is required, but not filled in, present error.

			if(!$profile_fields[$field] && $profilefield['required'] == "yes" && !$proferror)

			if(trim($profile_fields[$field]) == "" && $profilefield['required'] == "yes" && !$proferror && !defined('IN_ADMINCP'))

			{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}

			{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}

Zeile 457Zeile 451
	*/
function verify_referrer()
{

	*/
function verify_referrer()
{

		global $db;

		global $db, $mybb;


$user = &$this->data;



$user = &$this->data;


Zeile 493Zeile 487
		$this->verify_yesno_option($options, 'allownotices', 'yes');
$this->verify_yesno_option($options, 'hideemail', 'no');
$this->verify_yesno_option($options, 'emailnotify', 'no');

		$this->verify_yesno_option($options, 'allownotices', 'yes');
$this->verify_yesno_option($options, 'hideemail', 'no');
$this->verify_yesno_option($options, 'emailnotify', 'no');

 
		$this->verify_yesno_option($options, 'emailpmnotify', 'no');

		$this->verify_yesno_option($options, 'receivepms', 'yes');
$this->verify_yesno_option($options, 'pmpopup', 'yes');
$this->verify_yesno_option($options, 'pmnotify', 'yes');

		$this->verify_yesno_option($options, 'receivepms', 'yes');
$this->verify_yesno_option($options, 'pmpopup', 'yes');
$this->verify_yesno_option($options, 'pmnotify', 'yes');

Zeile 511Zeile 506
            {
$options['showcodebuttons'] = 1;
}

            {
$options['showcodebuttons'] = 1;
}

        }

        }

        else if($this->method == "insert")
{
$options['showcodebuttons'] = 1;

        else if($this->method == "insert")
{
$options['showcodebuttons'] = 1;

Zeile 530Zeile 525
			{
@asort($explodedtpp);
$biggest = $explodedtpp[count($explodedtpp)-1];

			{
@asort($explodedtpp);
$biggest = $explodedtpp[count($explodedtpp)-1];

				// Is the selected option greater than the allowed options?

				// Is the selected option greater than the allowed options?

				if($options['tpp'] > $biggest)
{
$options['tpp'] = $biggest;

				if($options['tpp'] > $biggest)
{
$options['tpp'] = $biggest;

Zeile 561Zeile 556
			if($options['daysprune'] < 0)
{
$options['daysprune'] = 0;

			if($options['daysprune'] < 0)
{
$options['daysprune'] = 0;

			}
}

			}
}

		$this->data['options'] = $options;
}


		$this->data['options'] = $options;
}


Zeile 578Zeile 573
		$regdate = intval($regdate);
// If the timestamp is below 0, set it to the current time.
if($regdate <= 0)

		$regdate = intval($regdate);
// If the timestamp is below 0, set it to the current time.
if($regdate <= 0)

		{

		{

			$regdate = time();
}
return true;

			$regdate = time();
}
return true;

Zeile 610Zeile 605
	 * @return boolean True when valid, false when invalid.
*/
function verify_lastactive()

	 * @return boolean True when valid, false when invalid.
*/
function verify_lastactive()

	{

	{

		$lastactive = &$this->data['lastactive'];

$lastactive = intval($lastactive);

		$lastactive = &$this->data['lastactive'];

$lastactive = intval($lastactive);

Zeile 625Zeile 620

/**
* Verifies if an away mode status is valid or not.


/**
* Verifies if an away mode status is valid or not.

	 *
* @return boolean True when valid, false when invalid.

	 *
* @return boolean True when valid, false when invalid.

	 */
function verify_away()
{

	 */
function verify_away()
{

Zeile 658Zeile 653
	 * @return boolean True when valid, false when invalid.
*/
function verify_language()

	 * @return boolean True when valid, false when invalid.
*/
function verify_language()

	{

	{

		global $lang;

$language = &$this->data['language'];

		global $lang;

$language = &$this->data['language'];

Zeile 751Zeile 746
			$this->verify_lastvisit();
}
if($this->method == "insert" || array_key_exists('lastactive', $user))

			$this->verify_lastvisit();
}
if($this->method == "insert" || array_key_exists('lastactive', $user))

		{

		{

			$this->verify_lastactive();
}
if($this->method == "insert" || array_key_exists('away', $user))

			$this->verify_lastactive();
}
if($this->method == "insert" || array_key_exists('away', $user))

Zeile 783Zeile 778
	function insert_user()
{
global $db, $cache, $plugins;

	function insert_user()
{
global $db, $cache, $plugins;


// Yes, validating is required.
if(!$this->get_validated())
{


// Yes, validating is required.
if(!$this->get_validated())
{

			die("The user needs to be validated before inserting it into the DB.");

			die("The user needs to be validated before inserting it into the DB.");

		}

		}

		if(count($this->get_errors()) > 0)
{
die("The user is not valid.");

		if(count($this->get_errors()) > 0)
{
die("The user is not valid.");

		}

$user = &$this->data;


		}

$user = &$this->data;


		$this->user_insert_data = array(
"username" => $db->escape_string($user['username']),
"password" => $user['saltedpw'],

		$this->user_insert_data = array(
"username" => $db->escape_string($user['username']),
"password" => $user['saltedpw'],

Zeile 840Zeile 835
			"daysprune" => intval($user['options']['daysprune']),
"dateformat" => $db->escape_string($user['dateformat']),
"timeformat" => $db->escape_string($user['timeformat']),

			"daysprune" => intval($user['options']['daysprune']),
"dateformat" => $db->escape_string($user['dateformat']),
"timeformat" => $db->escape_string($user['timeformat']),

			"regip" => $user['regip'],

			"regip" => $db->escape_string($user['regip']),

			"language" => $db->escape_string($user['language']),
"showcodebuttons" => $user['options']['showcodebuttons'],
"away" => $user['away']['away'],

			"language" => $db->escape_string($user['language']),
"showcodebuttons" => $user['options']['showcodebuttons'],
"away" => $user['away']['away'],

Zeile 860Zeile 855
		$db->insert_query(TABLE_PREFIX."users", $this->user_insert_data);
$this->uid = $db->insert_id();


		$db->insert_query(TABLE_PREFIX."users", $this->user_insert_data);
$this->uid = $db->insert_id();


		$user['user_fields'] = array(
'ufid' => $this->uid,
'fid1' => '',
'fid2' => '',
'fid3' => ''
);







		$user['user_fields']['ufid'] = $this->uid;

$query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields");
while($field = $db->fetch_array($query))
{
if($field['Field'] == 'ufid' || array_key_exists($field['Field'], $user['user_fields']))
{
continue;
}
$user['user_fields'][$field['Field']] = '';
}


		$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']);

// Update forum stats

		$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']);

// Update forum stats

		$cache->updatestats();

		update_stats(array('numusers' => '+1'));


return array(
"uid" => $this->uid,


return array(
"uid" => $this->uid,

Zeile 1047Zeile 1048
			if(!$fields['ufid'])
{
$user_fields = array(

			if(!$fields['ufid'])
{
$user_fields = array(

					'ufid' => $user['uid'],
'fid1' => '',
'fid2' => '',
'fid3' => ''

					'ufid' => $user['uid']




				);

				);

 

$query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields");
while($field = $db->fetch_array($query))
{
if($field['Field'] == 'ufid')
{
continue;
}
$user_fields[$field['Field']] = '';
}

				$db->insert_query(TABLE_PREFIX."userfields", $user_fields);
}
$db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'");

				$db->insert_query(TABLE_PREFIX."userfields", $user_fields);
}
$db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'");