Zeile 3 | Zeile 3 |
---|
* MyBB 1.2 * Copyright � 2006 MyBB Group, All Rights Reserved *
|
* MyBB 1.2 * Copyright � 2006 MyBB Group, All Rights Reserved *
|
* Website: http://www.mybboard.com * License: http://www.mybboard.com/eula.html
| * Website: http://www.mybboard.net * License: http://www.mybboard.net/eula.html
|
*
|
*
|
* $Id: user.php 2458 2006-11-29 07:27:32Z chris $
| * $Id: user.php 3006 2007-04-11 06:14:56Z Tikitiki $
|
*/
|
*/
|
| // Disallow direct access to this file for security reasons if(!defined("IN_MYBB")) { die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); }
|
/** * User handling class, provides common structure to handle user data.
| /** * User handling class, provides common structure to handle user data.
|
Zeile 24 | Zeile 30 |
---|
/** * The prefix for the language variables used in the data handler.
|
/** * The prefix for the language variables used in the data handler.
|
*
| *
|
* @var string */ var $language_prefix = 'userdata'; /** * Array of data inserted in to a user.
|
* @var string */ var $language_prefix = 'userdata'; /** * Array of data inserted in to a user.
|
* * @var array
| * * @var array
|
*/ var $user_insert_data = array();
| */ var $user_insert_data = array();
|
Zeile 40 | Zeile 46 |
---|
* Array of data used to update a user. * * @var array
|
* Array of data used to update a user. * * @var array
|
*/
| */
|
var $user_update_data = array(); /**
| var $user_update_data = array(); /**
|
Zeile 56 | Zeile 62 |
---|
* @param boolean True when valid, false when invalid. */ function verify_username()
|
* @param boolean True when valid, false when invalid. */ function verify_username()
|
{
| {
|
global $mybb; $username = &$this->data['username']; require_once MYBB_ROOT.'inc/functions_user.php';
|
global $mybb; $username = &$this->data['username']; require_once MYBB_ROOT.'inc/functions_user.php';
|
|
|
// Fix bad characters
|
// Fix bad characters
|
$username = str_replace(array(chr(160), chr(173)), array(" ", "-"), $username);
| $username = str_replace(array(chr(160), chr(173), chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237)), array(" ", "-", "", "", ""), $username);
|
// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);
| // Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);
|
Zeile 72 | Zeile 78 |
---|
if(trim($username) == '') { $this->set_error('missing_username');
|
if(trim($username) == '') { $this->set_error('missing_username');
|
return false; }
| return false; }
|
// Check if the username belongs to the list of banned usernames.
|
// Check if the username belongs to the list of banned usernames.
|
$bannedusernames = get_banned_usernames(); if(in_array($username, $bannedusernames))
| if(is_banned_username($username))
|
{ $this->set_error('banned_username'); return false;
| { $this->set_error('banned_username'); return false;
|
Zeile 123 | Zeile 128 |
---|
return false; } }
|
return false; } }
|
|
|
/** * Verifies if a new password is valid or not. *
| /** * Verifies if a new password is valid or not. *
|
Zeile 139 | Zeile 144 |
---|
if(my_strlen($user['password']) < $mybb->settings['minpasswordlength']) { $this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength']));
|
if(my_strlen($user['password']) < $mybb->settings['minpasswordlength']) { $this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength']));
|
return false; }
| return false; }
|
// See if the board has "require complex passwords" enabled. if($mybb->settings['requirecomplexpasswords'] == "yes") {
| // See if the board has "require complex passwords" enabled. if($mybb->settings['requirecomplexpasswords'] == "yes") {
|
Zeile 150 | Zeile 155 |
---|
if(!preg_match('#[\W]+#', $user['password'])) { $this->set_error('no_complex_characters');
|
if(!preg_match('#[\W]+#', $user['password'])) { $this->set_error('no_complex_characters');
|
return false; } }
| return false; } }
|
// If we have a "password2" check if they both match if(isset($user['password2']) && $user['password'] != $user['password2']) {
| // If we have a "password2" check if they both match if(isset($user['password2']) && $user['password'] != $user['password2']) {
|
Zeile 168 | Zeile 173 |
---|
if(!$user['salt']) { $user['salt'] = generate_salt();
|
if(!$user['salt']) { $user['salt'] = generate_salt();
|
}
| }
|
// Combine the password and salt $user['saltedpw'] = salt_password($user['md5password'], $user['salt']);
|
// Combine the password and salt $user['saltedpw'] = salt_password($user['md5password'], $user['salt']);
|
|
|
// Generate the user login key $user['loginkey'] = generate_loginkey();
| // Generate the user login key $user['loginkey'] = generate_loginkey();
|
Zeile 181 | Zeile 186 |
---|
/** * Verifies usergroup selections and other group details.
|
/** * Verifies usergroup selections and other group details.
|
* * @return boolean True when valid, false when invalid. */
| * * @return boolean True when valid, false when invalid. */
|
function verify_usergroup()
|
function verify_usergroup()
|
{
| {
|
$user = &$this->data; return true; }
| $user = &$this->data; return true; }
|
Zeile 197 | Zeile 202 |
---|
function verify_email() { global $mybb;
|
function verify_email() { global $mybb;
|
$user = &$this->data;
| $user = &$this->data;
|
// Check if an email address has actually been entered. if(trim($user['email']) == '')
|
// Check if an email address has actually been entered. if(trim($user['email']) == '')
|
{
| {
|
$this->set_error('missing_email');
|
$this->set_error('missing_email');
|
return false; }
| return false; }
|
// Check if this is a proper email address. if(validate_email_format($user['email']) === false) { $this->set_error('invalid_email_format');
|
// Check if this is a proper email address. if(validate_email_format($user['email']) === false) { $this->set_error('invalid_email_format');
|
return false; }
| return false; }
|
// Check banned emails
|
// Check banned emails
|
$bannedemails = explode(" ", $mybb->settings['bannedemails']); if(is_array($bannedemails))
| if(is_banned_email($user['email']))
|
{
|
{
|
foreach($bannedemails as $bannedemail) { $bannedemail = strtolower(trim($bannedemail)); if($bannedemail != '') { if(strstr($user['email'], $bannedemail) != '') { $this->set_error('banned_email'); return false; } } }
| $this->set_error('banned_email'); return false;
|
}
// If we have an "email2", verify it matches the existing email
| }
// If we have an "email2", verify it matches the existing email
|
Zeile 272 | Zeile 266 |
---|
/** * Verifies if an ICQ number is valid or not.
|
/** * Verifies if an ICQ number is valid or not.
|
* * @return boolean True when valid, false when invalid. */
| * * @return boolean True when valid, false when invalid. */
|
function verify_icq() { $icq = &$this->data['icq'];
| function verify_icq() { $icq = &$this->data['icq'];
|
Zeile 406 | Zeile 400 |
---|
$field = "fid{$profilefield['fid']}";
// If the profile field is required, but not filled in, present error.
|
$field = "fid{$profilefield['fid']}";
// If the profile field is required, but not filled in, present error.
|
if(!$profile_fields[$field] && $profilefield['required'] == "yes" && !$proferror)
| if(trim($profile_fields[$field]) == "" && $profilefield['required'] == "yes" && !$proferror && !defined('IN_ADMINCP'))
|
{ $this->set_error('missing_required_profile_field', array($profilefield['name'])); }
| { $this->set_error('missing_required_profile_field', array($profilefield['name'])); }
|
Zeile 457 | Zeile 451 |
---|
*/ function verify_referrer() {
|
*/ function verify_referrer() {
|
global $db;
| global $db, $mybb;
|
$user = &$this->data;
| $user = &$this->data;
|
Zeile 493 | Zeile 487 |
---|
$this->verify_yesno_option($options, 'allownotices', 'yes'); $this->verify_yesno_option($options, 'hideemail', 'no'); $this->verify_yesno_option($options, 'emailnotify', 'no');
|
$this->verify_yesno_option($options, 'allownotices', 'yes'); $this->verify_yesno_option($options, 'hideemail', 'no'); $this->verify_yesno_option($options, 'emailnotify', 'no');
|
| $this->verify_yesno_option($options, 'emailpmnotify', 'no');
|
$this->verify_yesno_option($options, 'receivepms', 'yes'); $this->verify_yesno_option($options, 'pmpopup', 'yes'); $this->verify_yesno_option($options, 'pmnotify', 'yes');
| $this->verify_yesno_option($options, 'receivepms', 'yes'); $this->verify_yesno_option($options, 'pmpopup', 'yes'); $this->verify_yesno_option($options, 'pmnotify', 'yes');
|
Zeile 511 | Zeile 506 |
---|
{ $options['showcodebuttons'] = 1; }
|
{ $options['showcodebuttons'] = 1; }
|
}
| }
|
else if($this->method == "insert") { $options['showcodebuttons'] = 1;
| else if($this->method == "insert") { $options['showcodebuttons'] = 1;
|
Zeile 530 | Zeile 525 |
---|
{ @asort($explodedtpp); $biggest = $explodedtpp[count($explodedtpp)-1];
|
{ @asort($explodedtpp); $biggest = $explodedtpp[count($explodedtpp)-1];
|
// Is the selected option greater than the allowed options?
| // Is the selected option greater than the allowed options?
|
if($options['tpp'] > $biggest) { $options['tpp'] = $biggest;
| if($options['tpp'] > $biggest) { $options['tpp'] = $biggest;
|
Zeile 561 | Zeile 556 |
---|
if($options['daysprune'] < 0) { $options['daysprune'] = 0;
|
if($options['daysprune'] < 0) { $options['daysprune'] = 0;
|
} }
| } }
|
$this->data['options'] = $options; }
| $this->data['options'] = $options; }
|
Zeile 578 | Zeile 573 |
---|
$regdate = intval($regdate); // If the timestamp is below 0, set it to the current time. if($regdate <= 0)
|
$regdate = intval($regdate); // If the timestamp is below 0, set it to the current time. if($regdate <= 0)
|
{
| {
|
$regdate = time(); } return true;
| $regdate = time(); } return true;
|
Zeile 610 | Zeile 605 |
---|
* @return boolean True when valid, false when invalid. */ function verify_lastactive()
|
* @return boolean True when valid, false when invalid. */ function verify_lastactive()
|
{
| {
|
$lastactive = &$this->data['lastactive'];
$lastactive = intval($lastactive);
| $lastactive = &$this->data['lastactive'];
$lastactive = intval($lastactive);
|
Zeile 625 | Zeile 620 |
---|
/** * Verifies if an away mode status is valid or not.
|
/** * Verifies if an away mode status is valid or not.
|
* * @return boolean True when valid, false when invalid.
| * * @return boolean True when valid, false when invalid.
|
*/ function verify_away() {
| */ function verify_away() {
|
Zeile 658 | Zeile 653 |
---|
* @return boolean True when valid, false when invalid. */ function verify_language()
|
* @return boolean True when valid, false when invalid. */ function verify_language()
|
{
| {
|
global $lang;
$language = &$this->data['language'];
| global $lang;
$language = &$this->data['language'];
|
Zeile 751 | Zeile 746 |
---|
$this->verify_lastvisit(); } if($this->method == "insert" || array_key_exists('lastactive', $user))
|
$this->verify_lastvisit(); } if($this->method == "insert" || array_key_exists('lastactive', $user))
|
{
| {
|
$this->verify_lastactive(); } if($this->method == "insert" || array_key_exists('away', $user))
| $this->verify_lastactive(); } if($this->method == "insert" || array_key_exists('away', $user))
|
Zeile 783 | Zeile 778 |
---|
function insert_user() { global $db, $cache, $plugins;
|
function insert_user() { global $db, $cache, $plugins;
|
// Yes, validating is required. if(!$this->get_validated()) {
| // Yes, validating is required. if(!$this->get_validated()) {
|
die("The user needs to be validated before inserting it into the DB.");
|
die("The user needs to be validated before inserting it into the DB.");
|
}
| }
|
if(count($this->get_errors()) > 0) { die("The user is not valid.");
|
if(count($this->get_errors()) > 0) { die("The user is not valid.");
|
}
$user = &$this->data;
| }
$user = &$this->data;
|
$this->user_insert_data = array( "username" => $db->escape_string($user['username']), "password" => $user['saltedpw'],
| $this->user_insert_data = array( "username" => $db->escape_string($user['username']), "password" => $user['saltedpw'],
|
Zeile 840 | Zeile 835 |
---|
"daysprune" => intval($user['options']['daysprune']), "dateformat" => $db->escape_string($user['dateformat']), "timeformat" => $db->escape_string($user['timeformat']),
|
"daysprune" => intval($user['options']['daysprune']), "dateformat" => $db->escape_string($user['dateformat']), "timeformat" => $db->escape_string($user['timeformat']),
|
"regip" => $user['regip'],
| "regip" => $db->escape_string($user['regip']),
|
"language" => $db->escape_string($user['language']), "showcodebuttons" => $user['options']['showcodebuttons'], "away" => $user['away']['away'],
| "language" => $db->escape_string($user['language']), "showcodebuttons" => $user['options']['showcodebuttons'], "away" => $user['away']['away'],
|
Zeile 860 | Zeile 855 |
---|
$db->insert_query(TABLE_PREFIX."users", $this->user_insert_data); $this->uid = $db->insert_id();
|
$db->insert_query(TABLE_PREFIX."users", $this->user_insert_data); $this->uid = $db->insert_id();
|
$user['user_fields'] = array( 'ufid' => $this->uid, 'fid1' => '', 'fid2' => '', 'fid3' => '' );
| $user['user_fields']['ufid'] = $this->uid; $query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields"); while($field = $db->fetch_array($query)) { if($field['Field'] == 'ufid' || array_key_exists($field['Field'], $user['user_fields'])) { continue; } $user['user_fields'][$field['Field']] = ''; }
|
$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']);
// Update forum stats
|
$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']);
// Update forum stats
|
$cache->updatestats();
| update_stats(array('numusers' => '+1'));
|
return array( "uid" => $this->uid,
| return array( "uid" => $this->uid,
|
Zeile 1047 | Zeile 1048 |
---|
if(!$fields['ufid']) { $user_fields = array(
|
if(!$fields['ufid']) { $user_fields = array(
|
'ufid' => $user['uid'], 'fid1' => '', 'fid2' => '', 'fid3' => ''
| 'ufid' => $user['uid']
|
);
|
);
|
| $query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields"); while($field = $db->fetch_array($query)) { if($field['Field'] == 'ufid') { continue; } $user_fields[$field['Field']] = ''; }
|
$db->insert_query(TABLE_PREFIX."userfields", $user_fields); } $db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'");
| $db->insert_query(TABLE_PREFIX."userfields", $user_fields); } $db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'");
|