Zeile 6 | Zeile 6 |
---|
* Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license *
|
* Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license *
|
* $Id: xmlhttp.php 4039 2008-07-25 18:52:06Z Tikitiki $
| * $Id: xmlhttp.php 4379 2009-06-10 10:13:44Z Tomm $
|
*/
/**
| */
/**
|
Zeile 23 | Zeile 23 |
---|
// We don't want visits here showing up on the Who's Online define("NO_ONLINE", 1);
|
// We don't want visits here showing up on the Who's Online define("NO_ONLINE", 1);
|
| define('THIS_SCRIPT', 'xmlhttp.php');
|
// Load MyBB core files require_once dirname(__FILE__)."/inc/init.php";
| // Load MyBB core files require_once dirname(__FILE__)."/inc/init.php";
|
Zeile 40 | Zeile 41 |
---|
// Send no cache headers header("Expires: Sat, 1 Jan 2000 01:00:00 GMT");
|
// Send no cache headers header("Expires: Sat, 1 Jan 2000 01:00:00 GMT");
|
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT");
| header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
|
header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache");
| header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache");
|
Zeile 226 | Zeile 227 |
---|
{ if(function_exists("iconv")) {
|
{ if(function_exists("iconv")) {
|
$subject = iconv("UTF-8", $charset, $subject);
| $subject = iconv($charset, "UTF-8//IGNORE", $subject);
|
} else if(function_exists("mb_convert_encoding")) {
| } else if(function_exists("mb_convert_encoding")) {
|
Zeile 323 | Zeile 324 |
---|
xmlhttp_error($lang->thread_closed_edit_message); } // Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing.
|
xmlhttp_error($lang->thread_closed_edit_message); } // Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing.
|
else if($forum['open'] == 0 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0) {
| else if($forum['open'] == 0 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0 || $mybb->user['suspendposting'] == 1) {
|
xmlhttp_error($lang->no_permission_edit_post); } // If we're past the edit time limit - don't allow editing.
| xmlhttp_error($lang->no_permission_edit_post); } // If we're past the edit time limit - don't allow editing.
|
Zeile 334 | Zeile 335 |
---|
xmlhttp_error($lang->edit_time_limit); } }
|
xmlhttp_error($lang->edit_time_limit); } }
|
| // Forum is closed - no editing allowed (for anyone) if($forum['open'] == 0) { xmlhttp_error($lang->no_permission_edit_post); }
|
if($mybb->input['do'] == "get_post") { // Send our headers.
| if($mybb->input['do'] == "get_post") { // Send our headers.
|
Zeile 360 | Zeile 368 |
---|
{ if(function_exists("iconv")) {
|
{ if(function_exists("iconv")) {
|
$message = iconv("UTF-8", $charset, $message);
| $message = iconv($charset, "UTF-8//IGNORE", $message);
|
} else if(function_exists("mb_convert_encoding")) {
| } else if(function_exists("mb_convert_encoding")) {
|
Zeile 391 | Zeile 399 |
---|
$post_errors = $posthandler->get_friendly_errors(); $errors = implode("\n\n", $post_errors); xmlhttp_error($errors);
|
$post_errors = $posthandler->get_friendly_errors(); $errors = implode("\n\n", $post_errors); xmlhttp_error($errors);
|
}
| }
|
// No errors were found, we can call the update method. else {
| // No errors were found, we can call the update method. else {
|
Zeile 404 | Zeile 412 |
---|
echo "</p>\n"; exit; }
|
echo "</p>\n"; exit; }
|
}
| }
|
require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser;
|
require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser;
|
|
|
$parser_options = array( "allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'],
| $parser_options = array( "allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'],
|
Zeile 424 | Zeile 432 |
---|
} $post['message'] = $parser->parse_message($message, $parser_options);
|
} $post['message'] = $parser->parse_message($message, $parser_options);
|
|
|
// Now lets fetch all of the attachments for these posts. $query = $db->simple_select("attachments", "*", "pid='{$post['pid']}'"); while($attachment = $db->fetch_array($query))
| // Now lets fetch all of the attachments for these posts. $query = $db->simple_select("attachments", "*", "pid='{$post['pid']}'"); while($attachment = $db->fetch_array($query))
|
Zeile 559 | Zeile 567 |
---|
$db->insert_query("captcha", $regimagearray); header("Content-type: text/plain; charset={$charset}"); echo $imagehash;
|
$db->insert_query("captcha", $regimagearray); header("Content-type: text/plain; charset={$charset}"); echo $imagehash;
|
}
| }
|
else if($mybb->input['action'] == "validate_captcha") { header("Content-type: text/xml; charset={$charset}");
| else if($mybb->input['action'] == "validate_captcha") { header("Content-type: text/xml; charset={$charset}");
|
Zeile 568 | Zeile 576 |
---|
if($db->num_rows($query) == 0) { echo "<fail>{$lang->captcha_valid_not_exists}</fail>";
|
if($db->num_rows($query) == 0) { echo "<fail>{$lang->captcha_valid_not_exists}</fail>";
|
exit;
| exit;
|
} $imagestring = $db->fetch_field($query, 'imagestring');
if(my_strtolower($imagestring) == my_strtolower($mybb->input['value'])) { echo "<success>{$lang->captcha_matches}</success>";
|
} $imagestring = $db->fetch_field($query, 'imagestring');
if(my_strtolower($imagestring) == my_strtolower($mybb->input['value'])) { echo "<success>{$lang->captcha_matches}</success>";
|
exit; }
| exit; }
|
else { echo "<fail>{$lang->captcha_does_not_match}</fail>";
|
else { echo "<fail>{$lang->captcha_does_not_match}</fail>";
|
exit;
| exit;
|
} } else if($mybb->input['action'] == "username_availability")
| } } else if($mybb->input['action'] == "username_availability")
|
Zeile 590 | Zeile 598 |
---|
// Fix bad characters $username = trim($username);
|
// Fix bad characters $username = trim($username);
|
$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237)), array(" ", "-", "", "", ""), $username);
| $username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);
|
// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);
|
// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);
|
| if(empty($username)) { echo "<fail>{$lang->banned_characters_username}</fail>"; exit; }
|
header("Content-type: text/xml; charset={$charset}");
| header("Content-type: text/xml; charset={$charset}");
|
Zeile 672 | Zeile 686 |
---|
); $timecut = TIME_NOW - $mybb->settings['wolcutoff']; $query = $db->simple_select("users", "uid, username, usergroup, displaygroup, lastactive, lastvisit, invisible", "uid IN ({$mybb->user['buddylist']})", $query_options);
|
); $timecut = TIME_NOW - $mybb->settings['wolcutoff']; $query = $db->simple_select("users", "uid, username, usergroup, displaygroup, lastactive, lastvisit, invisible", "uid IN ({$mybb->user['buddylist']})", $query_options);
|
$buddy_array = array();
| $online = array(); $offline = array();
|
while($buddy = $db->fetch_array($query)) { $buddy_name = format_name($buddy['username'], $buddy['usergroup'], $buddy['displaygroup']);
| while($buddy = $db->fetch_array($query)) { $buddy_name = format_name($buddy['username'], $buddy['usergroup'], $buddy['displaygroup']);
|