Zeile 1 | Zeile 1 |
---|
<?php /** * MyBB 1.4
|
<?php /** * MyBB 1.4
|
* Copyright � 2008 MyBB Group, All Rights Reserved
| * Copyright � 2008 MyBB Group, All Rights Reserved
|
* * Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license *
|
* * Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license *
|
* $Id: usercp.php 4038 2008-07-25 08:50:26Z dennis $
| * $Id: usercp.php 4666 2009-12-28 23:03:01Z RyanGordon $
|
*/
define("IN_MYBB", 1);
|
*/
define("IN_MYBB", 1);
|
| define('THIS_SCRIPT', 'usercp.php');
|
$templatelist = "usercp,usercp_home,usercp_nav,usercp_profile,error_nopermission,buddy_online,buddy_offline,usercp_changename,usercp_nav_changename"; $templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups";
| $templatelist = "usercp,usercp_home,usercp_nav,usercp_profile,error_nopermission,buddy_online,buddy_offline,usercp_changename,usercp_nav_changename"; $templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups";
|
Zeile 72 | Zeile 73 |
---|
} else if($mybb->settings['siglength'] > 0) {
|
} else if($mybb->settings['siglength'] > 0) {
|
if($mybb->settings['sigcountmycode'] == 1)
| if($mybb->settings['sigcountmycode'] == 0)
|
{ $parsed_sig = $parser->text_parse_message($mybb->input['signature']); }
| { $parsed_sig = $parser->text_parse_message($mybb->input['signature']); }
|
Zeile 172 | Zeile 173 |
---|
$awaydate = TIME_NOW; if($mybb->input['awayday']) {
|
$awaydate = TIME_NOW; if($mybb->input['awayday']) {
|
| // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year
|
if(!$mybb->input['awaymonth']) { $mybb->input['awaymonth'] = my_date('n', $awaydate); }
|
if(!$mybb->input['awaymonth']) { $mybb->input['awaymonth'] = my_date('n', $awaydate); }
|
| |
if(!$mybb->input['awayyear']) { $mybb->input['awayyear'] = my_date('Y', $awaydate); }
|
if(!$mybb->input['awayyear']) { $mybb->input['awayyear'] = my_date('Y', $awaydate); }
|
| $return_month = intval(substr($mybb->input['awaymonth'], 0, 2)); $return_day = intval(substr($mybb->input['awayday'], 0, 2)); $return_year = min(intval($mybb->input['awayyear']), 9999);
|
|
|
$returntimestamp = gmmktime(0, 0, 0, $mybb->input['awaymonth'], $mybb->input['awayday'], $mybb->input['awayyear']);
| // Check if return date is after the away date. $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year);
|
$awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));
|
$awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));
|
if ($returntimestamp < $awaytimestamp && $mybb->input['awayyear'] < my_date("Y"))
| if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate)))
|
{ error($lang->error_usercp_return_date_past); }
|
{ error($lang->error_usercp_return_date_past); }
|
$returndate = intval($mybb->input['awayday'])."-".intval($mybb->input['awaymonth'])."-".intval($mybb->input['awayyear']);
| $returndate = "{$return_day}-{$return_month}-{$return_year}";
|
} else {
| } else {
|
Zeile 284 | Zeile 291 |
---|
for($i = 1; $i <= 31; ++$i) { if($bday[0] == $i)
|
for($i = 1; $i <= 31; ++$i) { if($bday[0] == $i)
|
{
| {
|
$bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; } else
| $bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; } else
|
Zeile 458 | Zeile 465 |
---|
$val = trim($val); $val = str_replace("\n", "\\n", $val); $sel = "";
|
$val = trim($val); $val = str_replace("\n", "\\n", $val); $sel = "";
|
if($val == $userfield) { $sel = " selected=\"selected\"";
| if($val == $userfield) { $sel = " selected=\"selected\"";
|
} $select .= "<option value=\"$val\"$sel>$val</option>";
|
} $select .= "<option value=\"$val\"$sel>$val</option>";
|
}
| }
|
if(!$profilefield['length']) { $profilefield['length'] = 1; } $code = "<select name=\"profile_fields[$field]\" size=\"{$profilefield['length']}\">$select</select>";
|
if(!$profilefield['length']) { $profilefield['length'] = 1; } $code = "<select name=\"profile_fields[$field]\" size=\"{$profilefield['length']}\">$select</select>";
|
}
| }
|
} elseif($type == "radio")
|
} elseif($type == "radio")
|
{ $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) {
| { $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) {
|
$checked = ""; if($val == $userfield) { $checked = " checked=\"checked\""; } $code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />";
|
$checked = ""; if($val == $userfield) { $checked = " checked=\"checked\""; } $code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />";
|
} }
| } }
|
} elseif($type == "checkbox") { if($errors) { $useropts = $userfield;
|
} elseif($type == "checkbox") { if($errors) { $useropts = $userfield;
|
} else {
| } else {
|
$useropts = explode("\n", $userfield); } if(is_array($useropts)) { foreach($useropts as $key => $val)
|
$useropts = explode("\n", $userfield); } if(is_array($useropts)) { foreach($useropts as $key => $val)
|
{ $seloptions[$val] = $val;
| { $seloptions[$val] = $val;
|
} } $expoptions = explode("\n", $options);
| } } $expoptions = explode("\n", $options);
|
Zeile 516 | Zeile 523 |
---|
} $code .= "<input type=\"checkbox\" class=\"checkbox\" name=\"profile_fields[$field][]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />"; }
|
} $code .= "<input type=\"checkbox\" class=\"checkbox\" name=\"profile_fields[$field][]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />"; }
|
} }
| } }
|
elseif($type == "textarea")
|
elseif($type == "textarea")
|
{ $value = htmlspecialchars_uni($userfield);
| { $value = htmlspecialchars_uni($userfield);
|
$code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>"; } else { $value = htmlspecialchars_uni($userfield);
|
$code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>"; } else { $value = htmlspecialchars_uni($userfield);
|
$code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"{$profilefield['length']}\" maxlength=\"{$profilefield['maxlength']}\" value=\"$value\" />";
| $maxlength = ""; if($profilefield['maxlength'] > 0) { $maxlength = " maxlength=\"{$profilefield['maxlength']}\""; } $code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"{$profilefield['length']}\"{$maxlength} value=\"$value\" />";
|
} if($profilefield['required'] == 1) {
| } if($profilefield['required'] == 1) {
|
Zeile 1019 | Zeile 1031 |
---|
$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)
|
$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)
|
{ $errors[] = $lang->error_invalidpassword; } else { // Set up user handler.
| { $errors[] = $lang->error_invalidpassword; } else { // Set up user handler.
|
require_once "inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
| require_once "inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
|
Zeile 1135 | Zeile 1147 |
---|
}
// Clean input - only accept integers thanks!
|
}
// Clean input - only accept integers thanks!
|
array_walk($mybb->input['check'], 'intval');
| $mybb->input['check'] = array_map('intval', $mybb->input['check']);
|
$tids = implode(",", $mybb->input['check']);
// Deleting these subscriptions?
| $tids = implode(",", $mybb->input['check']);
// Deleting these subscriptions?
|
Zeile 1235 | Zeile 1247 |
---|
if(is_array($subscriptions)) { $tids = implode(",", array_keys($subscriptions));
|
if(is_array($subscriptions)) { $tids = implode(",", array_keys($subscriptions));
|
| if($mybb->user['uid'] == 0) { // Build a forum cache. $query = $db->query(" SELECT fid FROM ".TABLE_PREFIX."forums WHERE active != 0 ORDER BY pid, disporder "); $forumsread = unserialize($mybb->cookies['mybb']['forumread']); } else { // Build a forum cache. $query = $db->query(" SELECT f.fid, fr.dateline AS lastread FROM ".TABLE_PREFIX."forums f LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') WHERE f.active != 0 ORDER BY pid, disporder "); } while($forum = $db->fetch_array($query)) { if($mybb->user['uid'] == 0) { if($forumsread[$forum['fid']]) { $forum['lastread'] = $forumsread[$forum['fid']]; } } $readforums[$forum['fid']] = $forum['lastread']; }
|
// Check participation by the current user in any of these threads - for 'dot' folder icons if($mybb->settings['dotfolders'] != 0)
|
// Check participation by the current user in any of these threads - for 'dot' folder icons if($mybb->settings['dotfolders'] != 0)
|
{
| {
|
$query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while($post = $db->fetch_array($query)) {
| $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while($post = $db->fetch_array($query)) {
|
Zeile 1256 | Zeile 1303 |
---|
} }
|
} }
|
| $icon_cache = $cache->read("posticons");
|
// Now we can build our subscription list foreach($subscriptions as $thread) {
| // Now we can build our subscription list foreach($subscriptions as $thread) {
|
Zeile 1264 | Zeile 1312 |
---|
$folder = ''; $prefix = '';
|
$folder = ''; $prefix = '';
|
|
|
// Sanitize $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']);
| // Sanitize $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']);
|
Zeile 1299 | Zeile 1347 |
---|
$donenew = 0; $lastread = 0;
|
$donenew = 0; $lastread = 0;
|
$forumread = my_get_array_cookie("forumread", $thread['fid']); if($mybb->user['lastvisit'] > $forumread)
| if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) { $forum_read = $readforums[$thread['fid']]; $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; if($forum_read == 0 || $forum_read < $read_cutoff) { $forum_read = $read_cutoff; } } else
|
{
|
{
|
$forumread = $mybb->user['lastvisit'];
| $forum_read = $forumsread[$thread['fid']];
|
}
|
}
|
if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forumread)
| if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read)
|
{ $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; }
| { $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; }
|
Zeile 1316 | Zeile 1373 |
---|
{ if($thread['lastread']) {
|
{ if($thread['lastread']) {
|
$lastread = $thread['lastread'];
| $lastread = $thread['lastread'];
|
} else {
|
} else {
|
$lastread = 1;
| $lastread = 1;
|
} } }
| } } }
|
Zeile 1328 | Zeile 1385 |
---|
if(!$lastread) { $readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']);
|
if(!$lastread) { $readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']);
|
if($readcookie > $forumread)
| if($readcookie > $forum_read)
|
{ $lastread = $readcookie; } else {
|
{ $lastread = $readcookie; } else {
|
$lastread = $forumread;
| $lastread = $forum_read;
|
} }
| } }
|
Zeile 1411 | Zeile 1468 |
---|
if($mybb->input['action'] == "forumsubscriptions") { $plugins->run_hooks("usercp_forumsubscriptions_start");
|
if($mybb->input['action'] == "forumsubscriptions") { $plugins->run_hooks("usercp_forumsubscriptions_start");
|
$query = $db->query(" SELECT * FROM ".TABLE_PREFIX."forumpermissions WHERE gid='".$mybb->user['usergroup']."' ");
| $query = $db->simple_select("forumpermissions", "*", "gid='".$db->escape_string($mybb->user['usergroup'])."'");
|
while($permissions = $db->fetch_array($query))
|
while($permissions = $db->fetch_array($query))
|
{
| {
|
$permissioncache[$permissions['gid']][$permissions['fid']] = $permissions; }
|
$permissioncache[$permissions['gid']][$permissions['fid']] = $permissions; }
|
| if($mybb->user['uid'] == 0) { // Build a forum cache. $query = $db->query(" SELECT fid FROM ".TABLE_PREFIX."forums WHERE active != 0 ORDER BY pid, disporder "); $forumsread = unserialize($mybb->cookies['mybb']['forumread']); } else { // Build a forum cache. $query = $db->query(" SELECT f.fid, fr.dateline AS lastread FROM ".TABLE_PREFIX."forums f LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') WHERE f.active != 0 ORDER BY pid, disporder "); } while($forum = $db->fetch_array($query)) { if($mybb->user['uid'] == 0) { if($forumsread[$forum['fid']]) { $forum['lastread'] = $forumsread[$forum['fid']]; } } $readforums[$forum['fid']] = $forum['lastread']; }
|
$fpermissions = forum_permissions(); $query = $db->query(" SELECT fs.*, f.*, t.subject AS lastpostsubject
| $fpermissions = forum_permissions(); $query = $db->query(" SELECT fs.*, f.*, t.subject AS lastpostsubject
|
Zeile 1436 | Zeile 1525 |
---|
$forumpermissions = $fpermissions[$forum['fid']]; if($forumpermissions['canview'] != 0) {
|
$forumpermissions = $fpermissions[$forum['fid']]; if($forumpermissions['canview'] != 0) {
|
if(($forum['lastpost'] > $mybb->user['lastvisit'] || $mybbforumread[$forum['fid']] > $mybb->user['lastvisit']) && $forum['lastpost'] != 0)
| if(($forum['lastpost'] > $mybb->user['lastvisit'] || $readforums[$forum['fid']] > $mybb->user['lastvisit']) && $forum['lastpost'] != 0)
|
{ $folder = "on"; }
| { $folder = "on"; }
|
Zeile 1483 | Zeile 1572 |
---|
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") {
|
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") {
|
// Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
| // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_editsig_start"); if($mybb->input['updateposts'] == "enable")
| $plugins->run_hooks("usercp_do_editsig_start"); if($mybb->input['updateposts'] == "enable")
|
Zeile 1527 | Zeile 1616 |
---|
else if($error) { $sig = $mybb->input['signature'];
|
else if($error) { $sig = $mybb->input['signature'];
|
| $template = false;
|
}
if($sig && $template)
|
}
if($sig && $template)
|
{
| {
|
$sig_parser = array( "allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'],
| $sig_parser = array( "allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'],
|
Zeile 1599 | Zeile 1689 |
---|
$avatar_error = "";
if($mybb->input['remove']) // remove avatar
|
$avatar_error = "";
if($mybb->input['remove']) // remove avatar
|
{
| {
|
$updated_avatar = array( "avatar" => "", "avatardimensions" => "",
| $updated_avatar = array( "avatar" => "", "avatardimensions" => "",
|
Zeile 1614 | Zeile 1704 |
---|
{ $avatar_error = $lang->error_noavatar; }
|
{ $avatar_error = $lang->error_noavatar; }
|
| $mybb->input['gallery'] = str_replace(array("./", ".."), "", $mybb->input['gallery']); $mybb->input['avatar'] = str_replace(array("./", ".."), "", $mybb->input['avatar']);
|
if(empty($avatar_error)) { if($mybb->input['gallery'] == "default")
| if(empty($avatar_error)) { if($mybb->input['gallery'] == "default")
|
Zeile 1701 | Zeile 1794 |
---|
{ if($width && $height && $mybb->settings['maxavatardims'] != "") {
|
{ if($width && $height && $mybb->settings['maxavatardims'] != "") {
|
list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);
| list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));
|
if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) { $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $avatar_error = $lang->error_avatartoobig;
|
if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) { $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $avatar_error = $lang->error_avatartoobig;
|
}
| }
|
} }
| } }
|
Zeile 1776 | Zeile 1869 |
---|
if($gallery != "default") { $avatardir .= "/$gallery";
|
if($gallery != "default") { $avatardir .= "/$gallery";
|
}
| }
|
$opendir = opendir($avatardir); while($avatar = @readdir($opendir)) {
| $opendir = opendir($avatardir); while($avatar = @readdir($opendir)) {
|
Zeile 1860 | Zeile 1953 |
---|
} if($mybb->settings['maxavatardims'] != "") {
|
} if($mybb->settings['maxavatardims'] != "") {
|
list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);
| list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));
|
$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight); } if($mybb->settings['avatarsize'])
| $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight); } if($mybb->settings['avatarsize'])
|
Zeile 1883 | Zeile 1976 |
---|
} } if($mybb->input['action'] == "notepad")
|
} } if($mybb->input['action'] == "notepad")
|
{
| {
|
$plugins->run_hooks("usercp_notepad_start"); $mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']); eval("\$notepad = \"".$templates->get("usercp_notepad")."\";");
| $plugins->run_hooks("usercp_notepad_start"); $mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']); eval("\$notepad = \"".$templates->get("usercp_notepad")."\";");
|
Zeile 2146 | Zeile 2239 |
---|
while($user = $db->fetch_array($query)) { $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);
|
while($user = $db->fetch_array($query)) { $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);
|
if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->user['usergroup'] == 4) && $user['lastvisit'] != $user['lastactive'])
| if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])
|
{ $status = "online"; }
| { $status = "online"; }
|
Zeile 2174 | Zeile 2267 |
---|
while($user = $db->fetch_array($query)) { $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);
|
while($user = $db->fetch_array($query)) { $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);
|
if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->user['usergroup'] == 4) && $user['lastvisit'] != $user['lastactive'])
| if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])
|
{ $status = "online"; }
| { $status = "online"; }
|
Zeile 2447 | Zeile 2540 |
---|
LEFT JOIN ".TABLE_PREFIX."users u ON(((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid)) LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid) WHERE l.uid='".$mybb->user['uid']."'
|
LEFT JOIN ".TABLE_PREFIX."users u ON(((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid)) LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid) WHERE l.uid='".$mybb->user['uid']."'
|
GROUP BY l.gid
| GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers
|
"); break; default:
| "); break; default:
|
Zeile 2521 | Zeile 2614 |
---|
} else {
|
} else {
|
$leavelink = "<div style=\"text-align: center;\"><a href=\"usercp.php?action=usergroups&leavegroup=".$usergroup['gid']."&my_post_key={$mybb->post_code}\">".$lang->usergroup_leave."</a></div>";
| $leavelink = "<div style=\"text-align: center;\"><a href=\"usercp.php?action=usergroups&leavegroup=".$usergroup['gid']."&my_post_key={$mybb->post_code}\">".$lang->usergroup_leave."</a></div>";
|
} if($usergroup['description']) {
| } if($usergroup['description']) {
|
Zeile 2730 | Zeile 2823 |
---|
{ error($lang->no_attachments_selected); }
|
{ error($lang->no_attachments_selected); }
|
$aids = $db->escape_string(implode(",", $mybb->input['attachments']));
| $aids = implode(',', array_map('intval', $mybb->input['attachments']));
|
$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'"); while($attachment = $db->fetch_array($query)) {
| $query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'"); while($attachment = $db->fetch_array($query)) {
|