Vergleich inc/datahandlers/user.php - 1.2.2 - 1.2.8

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 3	Zeile 3
* MyBB 1.2 * Copyright � 2006 MyBB Group, All Rights Reserved *	* MyBB 1.2 * Copyright � 2006 MyBB Group, All Rights Reserved *
* Website: http://www.mybboard.com * License: http://www.mybboard.com/eula.html	* Website: http://www.mybboard.net * License: http://www.mybboard.net/eula.html
*	*
* $Id: user.php 2458 2006-11-29 07:27:32Z chris $	* $Id: user.php 3030 2007-04-26 00:19:47Z Tikitiki $
*/	*/
	// Disallow direct access to this file for security reasons if(!defined("IN_MYBB")) { die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); }
/** * User handling class, provides common structure to handle user data.	/** * User handling class, provides common structure to handle user data.
Zeile 24	Zeile 30
/** * The prefix for the language variables used in the data handler.	/** * The prefix for the language variables used in the data handler.
*	*
* @var string / var $language_prefix = 'userdata'; /* * Array of data inserted in to a user.	* @var string / var $language_prefix = 'userdata'; /* * Array of data inserted in to a user.
* * @var array	* * @var array
*/ var $user_insert_data = array();	*/ var $user_insert_data = array();
Zeile 40	Zeile 46
* Array of data used to update a user. * * @var array	* Array of data used to update a user. * * @var array
*/	*/
var $user_update_data = array(); /**	var $user_update_data = array(); /**
Zeile 56	Zeile 62
* @param boolean True when valid, false when invalid. */ function verify_username()	* @param boolean True when valid, false when invalid. */ function verify_username()
{	{
global $mybb; $username = &$this->data['username']; require_once MYBB_ROOT.'inc/functions_user.php';	global $mybb; $username = &$this->data['username']; require_once MYBB_ROOT.'inc/functions_user.php';

// Fix bad characters	// Fix bad characters
$username = str_replace(array(chr(160), chr(173)), array(" ", "-"), $username);	$username = str_replace(array(chr(160), chr(173), chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237)), array(" ", "-", "", "", ""), $username);
// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);	// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);
Zeile 72	Zeile 78
if(trim($username) == '') { $this->set_error('missing_username');	if(trim($username) == '') { $this->set_error('missing_username');
return false; }	return false; }
// Check if the username belongs to the list of banned usernames.	// Check if the username belongs to the list of banned usernames.
$bannedusernames = get_banned_usernames(); if(in_array($username, $bannedusernames))	if(is_banned_username($username))
{ $this->set_error('banned_username'); return false;	{ $this->set_error('banned_username'); return false;
Zeile 123	Zeile 128
return false; } }	return false; } }

/** * Verifies if a new password is valid or not. *	/** * Verifies if a new password is valid or not. *
Zeile 139	Zeile 144
if(my_strlen($user['password']) < $mybb->settings['minpasswordlength']) { $this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength']));	if(my_strlen($user['password']) < $mybb->settings['minpasswordlength']) { $this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength']));
return false; }	return false; }
// See if the board has "require complex passwords" enabled. if($mybb->settings['requirecomplexpasswords'] == "yes") {	// See if the board has "require complex passwords" enabled. if($mybb->settings['requirecomplexpasswords'] == "yes") {
Zeile 150	Zeile 155
if(!preg_match('#[\W]+#', $user['password'])) { $this->set_error('no_complex_characters');	if(!preg_match('#[\W]+#', $user['password'])) { $this->set_error('no_complex_characters');
return false; } }	return false; } }
// If we have a "password2" check if they both match if(isset($user['password2']) && $user['password'] != $user['password2']) {	// If we have a "password2" check if they both match if(isset($user['password2']) && $user['password'] != $user['password2']) {
Zeile 168	Zeile 173
if(!$user['salt']) { $user['salt'] = generate_salt();	if(!$user['salt']) { $user['salt'] = generate_salt();
}	}
// Combine the password and salt $user['saltedpw'] = salt_password($user['md5password'], $user['salt']);	// Combine the password and salt $user['saltedpw'] = salt_password($user['md5password'], $user['salt']);

// Generate the user login key $user['loginkey'] = generate_loginkey();	// Generate the user login key $user['loginkey'] = generate_loginkey();
Zeile 181	Zeile 186
/** * Verifies usergroup selections and other group details.	/** * Verifies usergroup selections and other group details.
* * @return boolean True when valid, false when invalid. */	* * @return boolean True when valid, false when invalid. */
function verify_usergroup()	function verify_usergroup()
{	{
$user = &$this->data; return true; }	$user = &$this->data; return true; }
Zeile 197	Zeile 202
function verify_email() { global $mybb;	function verify_email() { global $mybb;
$user = &$this->data;	$user = &$this->data;
// Check if an email address has actually been entered. if(trim($user['email']) == '')	// Check if an email address has actually been entered. if(trim($user['email']) == '')
{	{
$this->set_error('missing_email');	$this->set_error('missing_email');
return false; }	return false; }
// Check if this is a proper email address. if(validate_email_format($user['email']) === false) { $this->set_error('invalid_email_format');	// Check if this is a proper email address. if(validate_email_format($user['email']) === false) { $this->set_error('invalid_email_format');
return false; }	return false; }
// Check banned emails	// Check banned emails
$bannedemails = explode(" ", $mybb->settings['bannedemails']); if(is_array($bannedemails))	if(is_banned_email($user['email']))
{	{
foreach($bannedemails as $bannedemail) { $bannedemail = strtolower(trim($bannedemail)); if($bannedemail != '') { if(strstr($user['email'], $bannedemail) != '') { $this->set_error('banned_email'); return false; } } }	$this->set_error('banned_email'); return false;
} // If we have an "email2", verify it matches the existing email	} // If we have an "email2", verify it matches the existing email
Zeile 272	Zeile 266
/** * Verifies if an ICQ number is valid or not.	/** * Verifies if an ICQ number is valid or not.
* * @return boolean True when valid, false when invalid. */	* * @return boolean True when valid, false when invalid. */
function verify_icq() { $icq = &$this->data['icq'];	function verify_icq() { $icq = &$this->data['icq'];
Zeile 406	Zeile 400
$field = "fid{$profilefield['fid']}"; // If the profile field is required, but not filled in, present error.	$field = "fid{$profilefield['fid']}"; // If the profile field is required, but not filled in, present error.
if(!$profile_fields[$field] && $profilefield['required'] == "yes" && !$proferror)	if(trim($profile_fields[$field]) == "" && $profilefield['required'] == "yes" && !$proferror && !defined('IN_ADMINCP'))
{ $this->set_error('missing_required_profile_field', array($profilefield['name'])); }	{ $this->set_error('missing_required_profile_field', array($profilefield['name'])); }
Zeile 457	Zeile 451
*/ function verify_referrer() {	*/ function verify_referrer() {
global $db;	global $db, $mybb;
$user = &$this->data;	$user = &$this->data;
Zeile 493	Zeile 487
$this->verify_yesno_option($options, 'allownotices', 'yes'); $this->verify_yesno_option($options, 'hideemail', 'no'); $this->verify_yesno_option($options, 'emailnotify', 'no');	$this->verify_yesno_option($options, 'allownotices', 'yes'); $this->verify_yesno_option($options, 'hideemail', 'no'); $this->verify_yesno_option($options, 'emailnotify', 'no');
	$this->verify_yesno_option($options, 'emailpmnotify', 'no');
$this->verify_yesno_option($options, 'receivepms', 'yes'); $this->verify_yesno_option($options, 'pmpopup', 'yes'); $this->verify_yesno_option($options, 'pmnotify', 'yes');	$this->verify_yesno_option($options, 'receivepms', 'yes'); $this->verify_yesno_option($options, 'pmpopup', 'yes'); $this->verify_yesno_option($options, 'pmnotify', 'yes');
Zeile 511	Zeile 506
{ $options['showcodebuttons'] = 1; }	{ $options['showcodebuttons'] = 1; }
}	}
else if($this->method == "insert") { $options['showcodebuttons'] = 1;	else if($this->method == "insert") { $options['showcodebuttons'] = 1;
Zeile 530	Zeile 525
{ @asort($explodedtpp); $biggest = $explodedtpp[count($explodedtpp)-1];	{ @asort($explodedtpp); $biggest = $explodedtpp[count($explodedtpp)-1];
// Is the selected option greater than the allowed options?	// Is the selected option greater than the allowed options?
if($options['tpp'] > $biggest) { $options['tpp'] = $biggest;	if($options['tpp'] > $biggest) { $options['tpp'] = $biggest;
Zeile 561	Zeile 556
if($options['daysprune'] < 0) { $options['daysprune'] = 0;	if($options['daysprune'] < 0) { $options['daysprune'] = 0;
} }	} }
$this->data['options'] = $options; }	$this->data['options'] = $options; }
Zeile 578	Zeile 573
$regdate = intval($regdate); // If the timestamp is below 0, set it to the current time. if($regdate <= 0)	$regdate = intval($regdate); // If the timestamp is below 0, set it to the current time. if($regdate <= 0)
{	{
$regdate = time(); } return true;	$regdate = time(); } return true;
Zeile 610	Zeile 605
* @return boolean True when valid, false when invalid. */ function verify_lastactive()	* @return boolean True when valid, false when invalid. */ function verify_lastactive()
{	{
$lastactive = &$this->data['lastactive']; $lastactive = intval($lastactive);	$lastactive = &$this->data['lastactive']; $lastactive = intval($lastactive);
Zeile 625	Zeile 620
/** * Verifies if an away mode status is valid or not.	/** * Verifies if an away mode status is valid or not.
* * @return boolean True when valid, false when invalid.	* * @return boolean True when valid, false when invalid.
*/ function verify_away() {	*/ function verify_away() {
Zeile 658	Zeile 653
* @return boolean True when valid, false when invalid. */ function verify_language()	* @return boolean True when valid, false when invalid. */ function verify_language()
{	{
global $lang; $language = &$this->data['language'];	global $lang; $language = &$this->data['language'];
Zeile 751	Zeile 746
$this->verify_lastvisit(); } if($this->method == "insert" \|\| array_key_exists('lastactive', $user))	$this->verify_lastvisit(); } if($this->method == "insert" \|\| array_key_exists('lastactive', $user))
{	{
$this->verify_lastactive(); } if($this->method == "insert" \|\| array_key_exists('away', $user))	$this->verify_lastactive(); } if($this->method == "insert" \|\| array_key_exists('away', $user))
Zeile 783	Zeile 778
function insert_user() { global $db, $cache, $plugins;	function insert_user() { global $db, $cache, $plugins;
// Yes, validating is required. if(!$this->get_validated()) {	// Yes, validating is required. if(!$this->get_validated()) {
die("The user needs to be validated before inserting it into the DB.");	die("The user needs to be validated before inserting it into the DB.");
}	}
if(count($this->get_errors()) > 0) { die("The user is not valid.");	if(count($this->get_errors()) > 0) { die("The user is not valid.");
} $user = &$this->data;	} $user = &$this->data;
$this->user_insert_data = array( "username" => $db->escape_string($user['username']), "password" => $user['saltedpw'],	$this->user_insert_data = array( "username" => $db->escape_string($user['username']), "password" => $user['saltedpw'],
Zeile 840	Zeile 835
"daysprune" => intval($user['options']['daysprune']), "dateformat" => $db->escape_string($user['dateformat']), "timeformat" => $db->escape_string($user['timeformat']),	"daysprune" => intval($user['options']['daysprune']), "dateformat" => $db->escape_string($user['dateformat']), "timeformat" => $db->escape_string($user['timeformat']),
"regip" => $user['regip'],	"regip" => $db->escape_string($user['regip']),
"language" => $db->escape_string($user['language']), "showcodebuttons" => $user['options']['showcodebuttons'], "away" => $user['away']['away'],	"language" => $db->escape_string($user['language']), "showcodebuttons" => $user['options']['showcodebuttons'], "away" => $user['away']['away'],
Zeile 860	Zeile 855
$db->insert_query(TABLE_PREFIX."users", $this->user_insert_data); $this->uid = $db->insert_id();	$db->insert_query(TABLE_PREFIX."users", $this->user_insert_data); $this->uid = $db->insert_id();
$user['user_fields'] = array( 'ufid' => $this->uid, 'fid1' => '', 'fid2' => '', 'fid3' => '' );	$user['user_fields']['ufid'] = $this->uid; $query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields"); while($field = $db->fetch_array($query)) { if($field['Field'] == 'ufid' \|\| array_key_exists($field['Field'], $user['user_fields'])) { continue; } $user['user_fields'][$field['Field']] = ''; }
$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']); // Update forum stats	$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']); // Update forum stats
$cache->updatestats();	update_stats(array('numusers' => '+1'));
return array( "uid" => $this->uid,	return array( "uid" => $this->uid,
Zeile 1047	Zeile 1048
if(!$fields['ufid']) { $user_fields = array(	if(!$fields['ufid']) { $user_fields = array(
'ufid' => $user['uid'], 'fid1' => '', 'fid2' => '', 'fid3' => ''	'ufid' => $user['uid']
);	);
	$query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields"); while($field = $db->fetch_array($query)) { if($field['Field'] == 'ufid') { continue; } $user_fields[$field['Field']] = ''; }
$db->insert_query(TABLE_PREFIX."userfields", $user_fields); } $db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'");	$db->insert_query(TABLE_PREFIX."userfields", $user_fields); } $db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'");