Vergleich usercp.php - 1.4.0 - 1.4.9

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * $Id: usercp.php 4038 2008-07-25 08:50:26Z dennis $

 * $Id: usercp.php 4314 2009-01-31 00:43:26Z Tikitiki $

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

 
define('THIS_SCRIPT', 'usercp.php');


$templatelist = "usercp,usercp_home,usercp_nav,usercp_profile,error_nopermission,buddy_online,buddy_offline,usercp_changename,usercp_nav_changename";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups";


$templatelist = "usercp,usercp_home,usercp_nav,usercp_profile,error_nopermission,buddy_online,buddy_offline,usercp_changename,usercp_nav_changename";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups";

Zeile 526Zeile 527
		else
{
$value = htmlspecialchars_uni($userfield);

		else
{
$value = htmlspecialchars_uni($userfield);

			$code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"{$profilefield['length']}\" maxlength=\"{$profilefield['maxlength']}\" value=\"$value\" />";






			$maxlength = "";
if($profilefield['maxlength'] > 0)
{
$maxlength = " maxlength=\"{$profilefield['maxlength']}\"";
}
$code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"{$profilefield['length']}\"{$maxlength} value=\"$value\" />";

		}
if($profilefield['required'] == 1)
{

		}
if($profilefield['required'] == 1)
{

Zeile 1002Zeile 1008
	else
{
$email = $email2 = '';

	else
{
$email = $email2 = '';

	}


	}


	$plugins->run_hooks("usercp_email_start");
eval("\$changemail = \"".$templates->get("usercp_email")."\";");
$plugins->run_hooks("usercp_email_end");

	$plugins->run_hooks("usercp_email_start");
eval("\$changemail = \"".$templates->get("usercp_email")."\";");
$plugins->run_hooks("usercp_email_end");

Zeile 1014Zeile 1020
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);





	$errors = array();

$plugins->run_hooks("usercp_do_password_start");

	$errors = array();

$plugins->run_hooks("usercp_do_password_start");

Zeile 1032Zeile 1038
			"uid" => $mybb->user['uid'],
"password" => $mybb->input['password'],
"password2" => $mybb->input['password2']

			"uid" => $mybb->user['uid'],
"password" => $mybb->input['password'],
"password2" => $mybb->input['password2']

		);


		);


		$userhandler->set_data($user);

		$userhandler->set_data($user);





		if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

		if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

Zeile 1060Zeile 1066
	$plugins->run_hooks("usercp_password_start");
eval("\$editpassword = \"".$templates->get("usercp_password")."\";");
$plugins->run_hooks("usercp_password_end");

	$plugins->run_hooks("usercp_password_start");
eval("\$editpassword = \"".$templates->get("usercp_password")."\";");
$plugins->run_hooks("usercp_password_end");

	output_page($editpassword);
}

	output_page($editpassword);
}


if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post")
{


if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post")
{

Zeile 1072Zeile 1078
	if($mybb->usergroup['canchangename'] != 1)
{
error_no_permission();

	if($mybb->usergroup['canchangename'] != 1)
{
error_no_permission();

	}

	}


if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false)
{


if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false)
{

Zeile 1083Zeile 1089
		// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

		// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");





		$user = array(
"uid" => $mybb->user['uid'],
"username" => $mybb->input['username']
);

$userhandler->set_data($user);

		$user = array(
"uid" => $mybb->user['uid'],
"username" => $mybb->input['username']
);

$userhandler->set_data($user);





		if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

		if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

Zeile 1135Zeile 1141
	}

// Clean input - only accept integers thanks!

	}

// Clean input - only accept integers thanks!

	array_walk($mybb->input['check'], 'intval');

	$mybb->input['check'] = array_map('intval', $mybb->input['check']);

	$tids = implode(",", $mybb->input['check']);

// Deleting these subscriptions?

	$tids = implode(",", $mybb->input['check']);

// Deleting these subscriptions?

Zeile 1235Zeile 1241
	if(is_array($subscriptions))
{
$tids = implode(",", array_keys($subscriptions));

	if(is_array($subscriptions))
{
$tids = implode(",", array_keys($subscriptions));

 
		
if($mybb->user['uid'] == 0)
{
// Build a forum cache.
$query = $db->query("
SELECT fid
FROM ".TABLE_PREFIX."forums
WHERE active != 0
ORDER BY pid, disporder
");

$forumsread = unserialize($mybb->cookies['mybb']['forumread']);
}
else
{
// Build a forum cache.
$query = $db->query("
SELECT f.fid, fr.dateline AS lastread
FROM ".TABLE_PREFIX."forums f
LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')
WHERE f.active != 0
ORDER BY pid, disporder
");
}
while($forum = $db->fetch_array($query))
{
if($mybb->user['uid'] == 0)
{
if($forumsread[$forum['fid']])
{
$forum['lastread'] = $forumsread[$forum['fid']];
}
}
$readforums[$forum['fid']] = $forum['lastread'];
}


// Check participation by the current user in any of these threads - for 'dot' folder icons
if($mybb->settings['dotfolders'] != 0)


// Check participation by the current user in any of these threads - for 'dot' folder icons
if($mybb->settings['dotfolders'] != 0)

Zeile 1256Zeile 1297
			}
}


			}
}





		$icon_cache = $cache->read("posticons");


		// Now we can build our subscription list
foreach($subscriptions as $thread)
{

		// Now we can build our subscription list
foreach($subscriptions as $thread)
{

Zeile 1299Zeile 1341
			$donenew = 0;
$lastread = 0;


			$donenew = 0;
$lastread = 0;


			$forumread = my_get_array_cookie("forumread", $thread['fid']);
if($mybb->user['lastvisit'] > $forumread)

			if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'])


			{

			{

				$forumread = $mybb->user['lastvisit'];
}

if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forumread)











				$forum_read = $readforums[$thread['fid']];

$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;
if($forum_read == 0 || $forum_read < $read_cutoff)
{
$forum_read = $read_cutoff;
}
}
else
{
$forum_read = $forumsread[$thread['fid']];
}

if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read)

			{
$cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;
}

			{
$cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;
}

Zeile 1315Zeile 1366
				if($thread['lastpost'] > $cutoff)
{
if($thread['lastread'])

				if($thread['lastpost'] > $cutoff)
{
if($thread['lastread'])

					{
$lastread = $thread['lastread'];
}

					{
$lastread = $thread['lastread'];
}

					else
{

					else
{

							$lastread = 1;

						$lastread = 1;

					}

					}

				}
}

				}
}


if(!$lastread)
{
$readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']);


if(!$lastread)
{
$readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']);

				if($readcookie > $forumread)

				if($readcookie > $forum_read)

				{
$lastread = $readcookie;

				{
$lastread = $readcookie;

				}

				}

				else
{

				else
{

					$lastread = $forumread;

					$lastread = $forum_read;

				}
}

if($thread['lastpost'] > $lastread && $lastread)

				}
}

if($thread['lastpost'] > $lastread && $lastread)

			{

			{

				$folder .= "new";
$folder_label .= $lang->icon_new;
$new_class = "subject_new";
$thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost");
eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";");
$unreadpost = 1;

				$folder .= "new";
$folder_label .= $lang->icon_new;
$new_class = "subject_new";
$thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost");
eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";");
$unreadpost = 1;

			}
else
{

			}
else
{

				$folder_label .= $lang->icon_no_new;
$new_class = "";

				$folder_label .= $lang->icon_no_new;
$new_class = "";

			}


			}


			if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews'])
{
$folder .= "hot";

			if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews'])
{
$folder .= "hot";

Zeile 1366Zeile 1417
			}

$folder .= "folder";

			}

$folder .= "folder";





			// Build last post info

$lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']);

			// Build last post info

$lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']);

Zeile 1376Zeile 1427

// Don't link to guest's profiles (they have no profile).
if($lastposteruid == 0)


// Don't link to guest's profiles (they have no profile).
if($lastposteruid == 0)

			{

			{

				$lastposterlink = $lastposter;
}
else

				$lastposterlink = $lastposter;
}
else

Zeile 1411Zeile 1462
if($mybb->input['action'] == "forumsubscriptions")
{
$plugins->run_hooks("usercp_forumsubscriptions_start");

if($mybb->input['action'] == "forumsubscriptions")
{
$plugins->run_hooks("usercp_forumsubscriptions_start");

	$query = $db->query("
SELECT *
FROM ".TABLE_PREFIX."forumpermissions
WHERE gid='".$mybb->user['usergroup']."'
");

	$query = $db->simple_select("forumpermissions", "*", "gid='".$db->escape_string($mybb->user['usergroup'])."'");





	while($permissions = $db->fetch_array($query))
{
$permissioncache[$permissions['gid']][$permissions['fid']] = $permissions;
}

	while($permissions = $db->fetch_array($query))
{
$permissioncache[$permissions['gid']][$permissions['fid']] = $permissions;
}

 
	
if($mybb->user['uid'] == 0)
{
// Build a forum cache.
$query = $db->query("
SELECT fid
FROM ".TABLE_PREFIX."forums
WHERE active != 0
ORDER BY pid, disporder
");

$forumsread = unserialize($mybb->cookies['mybb']['forumread']);
}
else
{
// Build a forum cache.
$query = $db->query("
SELECT f.fid, fr.dateline AS lastread
FROM ".TABLE_PREFIX."forums f
LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')
WHERE f.active != 0
ORDER BY pid, disporder
");
}
while($forum = $db->fetch_array($query))
{
if($mybb->user['uid'] == 0)
{
if($forumsread[$forum['fid']])
{
$forum['lastread'] = $forumsread[$forum['fid']];
}
}
$readforums[$forum['fid']] = $forum['lastread'];
}


	$fpermissions = forum_permissions();
$query = $db->query("
SELECT fs.*, f.*, t.subject AS lastpostsubject

	$fpermissions = forum_permissions();
$query = $db->query("
SELECT fs.*, f.*, t.subject AS lastpostsubject

Zeile 1435Zeile 1518
		$forum_url = get_forum_link($forum['fid']);
$forumpermissions = $fpermissions[$forum['fid']];
if($forumpermissions['canview'] != 0)

		$forum_url = get_forum_link($forum['fid']);
$forumpermissions = $fpermissions[$forum['fid']];
if($forumpermissions['canview'] != 0)

		{
if(($forum['lastpost'] > $mybb->user['lastvisit'] || $mybbforumread[$forum['fid']] > $mybb->user['lastvisit']) && $forum['lastpost'] != 0)

		{
if(($forum['lastpost'] > $mybb->user['lastvisit'] || $readforums[$forum['fid']] > $mybb->user['lastvisit']) && $forum['lastpost'] != 0)

			{
$folder = "on";
}

			{
$folder = "on";
}

Zeile 1491Zeile 1574
	{
$update_signature = array(
"includesig" => 1

	{
$update_signature = array(
"includesig" => 1

		);
$db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'");

		);
$db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'");

	}
elseif($mybb->input['updateposts'] == "disable")
{

	}
elseif($mybb->input['updateposts'] == "disable")
{

Zeile 1520Zeile 1603
		$template = "usercp_editsig_preview";
}
elseif(!$error)

		$template = "usercp_editsig_preview";
}
elseif(!$error)

	{

	{

		$sig = $mybb->user['signature'];
$template = "usercp_editsig_current";

		$sig = $mybb->user['signature'];
$template = "usercp_editsig_current";

	}

	}

	else if($error)
{
$sig = $mybb->input['signature'];

	else if($error)
{
$sig = $mybb->input['signature'];

	}


		$template = false;
}


if($sig && $template)
{


if($sig && $template)
{

Zeile 1546Zeile 1630
	{
$sigsmilies = $lang->on;
$smilieinserter = build_clickable_smilies();

	{
$sigsmilies = $lang->on;
$smilieinserter = build_clickable_smilies();

	}

	}

	else
{
$sigsmilies = $lang->off;

	else
{
$sigsmilies = $lang->off;

	}

	}

	if($mybb->settings['sigmycode'] == 1)
{
$sigmycode = $lang->on;

	if($mybb->settings['sigmycode'] == 1)
{
$sigmycode = $lang->on;

Zeile 1609Zeile 1693
		remove_avatars($mybb->user['uid']);
}
elseif($mybb->input['gallery']) // Gallery avatar

		remove_avatars($mybb->user['uid']);
}
elseif($mybb->input['gallery']) // Gallery avatar

	{

	{

		if(empty($mybb->input['avatar']))
{
$avatar_error = $lang->error_noavatar;

		if(empty($mybb->input['avatar']))
{
$avatar_error = $lang->error_noavatar;

Zeile 1622Zeile 1706
				$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']);
}
else

				$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']);
}
else

			{

			{

				$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']);

				$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']);

			}


			}


			if(file_exists($avatarpath))
{
$dimensions = @getimagesize($avatarpath);

			if(file_exists($avatarpath))
{
$dimensions = @getimagesize($avatarpath);

Zeile 1636Zeile 1720
					"avatartype" => "gallery"
);
$db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'");

					"avatartype" => "gallery"
);
$db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'");

			}
remove_avatars($mybb->user['uid']);
}
}

			}
remove_avatars($mybb->user['uid']);
}
}

	elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == 0)

	elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == 0)

		{

		{

			error_no_permission();
}
$avatar = upload_avatar();

			error_no_permission();
}
$avatar = upload_avatar();

Zeile 1669Zeile 1753
	{
$mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']);
$ext = get_extension($mybb->input['avatarurl']);

	{
$mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']);
$ext = get_extension($mybb->input['avatarurl']);





		// Copy the avatar to the local server (work around remote URL access disabled for getimagesize)
$file = fetch_remote_file($mybb->input['avatarurl']);
if(!$file)

		// Copy the avatar to the local server (work around remote URL access disabled for getimagesize)
$file = fetch_remote_file($mybb->input['avatarurl']);
if(!$file)

Zeile 1701Zeile 1785
		{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{

		{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{

				list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);

				list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

				if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);

				if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);

Zeile 1730Zeile 1814
	{
$plugins->run_hooks("usercp_do_avatar_end");
redirect("usercp.php", $lang->redirect_avatarupdated);

	{
$plugins->run_hooks("usercp_do_avatar_end");
redirect("usercp.php", $lang->redirect_avatarupdated);

	}
else
{

	}
else
{

		$mybb->input['action'] = "avatar";
$avatar_error = inline_error($avatar_error);
}

		$mybb->input['action'] = "avatar";
$avatar_error = inline_error($avatar_error);
}

Zeile 1860Zeile 1944
		}
if($mybb->settings['maxavatardims'] != "")
{

		}
if($mybb->settings['maxavatardims'] != "")
{

			list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);

			list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

			$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
}
if($mybb->settings['avatarsize'])

			$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
}
if($mybb->settings['avatarsize'])

Zeile 2447Zeile 2531
				LEFT JOIN ".TABLE_PREFIX."users u ON(((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid))
LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid)
WHERE l.uid='".$mybb->user['uid']."'

				LEFT JOIN ".TABLE_PREFIX."users u ON(((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid))
LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid)
WHERE l.uid='".$mybb->user['uid']."'

				GROUP BY l.gid

				GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers

			");
break;
default:

			");
break;
default:

Zeile 2730Zeile 2814
	{
error($lang->no_attachments_selected);
}

	{
error($lang->no_attachments_selected);
}

	$aids = $db->escape_string(implode(",", $mybb->input['attachments']));

	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");
while($attachment = $db->fetch_array($query))
{

	$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");
while($attachment = $db->fetch_array($query))
{