| Zeile 6 | Zeile 6 |
|---|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* $Id: xmlhttp.php 4039 2008-07-25 18:52:06Z Tikitiki $
| * $Id: xmlhttp.php 4446 2009-09-03 03:40:32Z RyanGordon $
|
*/
/**
| */
/**
|
| Zeile 23 | Zeile 23 |
|---|
// We don't want visits here showing up on the Who's Online
define("NO_ONLINE", 1);
|
// We don't want visits here showing up on the Who's Online
define("NO_ONLINE", 1);
|
| | define('THIS_SCRIPT', 'xmlhttp.php');
|
// Load MyBB core files
require_once dirname(__FILE__)."/inc/init.php";
|
// Load MyBB core files
require_once dirname(__FILE__)."/inc/init.php";
|
| Zeile 40 | Zeile 41 |
|---|
// Send no cache headers
header("Expires: Sat, 1 Jan 2000 01:00:00 GMT");
|
// Send no cache headers
header("Expires: Sat, 1 Jan 2000 01:00:00 GMT");
|
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . "GMT");
| header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
|
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
| header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
|
| Zeile 226 | Zeile 227 |
|---|
{
if(function_exists("iconv"))
{
|
{
if(function_exists("iconv"))
{
|
$subject = iconv("UTF-8", $charset, $subject);
| $subject = iconv($charset, "UTF-8//IGNORE", $subject);
|
}
else if(function_exists("mb_convert_encoding"))
{
| }
else if(function_exists("mb_convert_encoding"))
{
|
| Zeile 323 | Zeile 324 |
|---|
xmlhttp_error($lang->thread_closed_edit_message);
}
// Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing.
|
xmlhttp_error($lang->thread_closed_edit_message);
}
// Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing.
|
else if($forum['open'] == 0 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0)
{
| else if($forum['open'] == 0 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0 || $mybb->user['suspendposting'] == 1)
{
|
xmlhttp_error($lang->no_permission_edit_post);
}
// If we're past the edit time limit - don't allow editing.
| xmlhttp_error($lang->no_permission_edit_post);
}
// If we're past the edit time limit - don't allow editing.
|
| Zeile 334 | Zeile 335 |
|---|
xmlhttp_error($lang->edit_time_limit);
}
}
|
xmlhttp_error($lang->edit_time_limit);
}
}
|
| |
// Forum is closed - no editing allowed (for anyone)
if($forum['open'] == 0)
{
xmlhttp_error($lang->no_permission_edit_post);
}
|
if($mybb->input['do'] == "get_post")
{
// Send our headers.
| if($mybb->input['do'] == "get_post")
{
// Send our headers.
|
| Zeile 360 | Zeile 368 |
|---|
{
if(function_exists("iconv"))
{
|
{
if(function_exists("iconv"))
{
|
$message = iconv("UTF-8", $charset, $message);
| $message = iconv($charset, "UTF-8//IGNORE", $message);
|
}
else if(function_exists("mb_convert_encoding"))
{
| }
else if(function_exists("mb_convert_encoding"))
{
|
| Zeile 391 | Zeile 399 |
|---|
$post_errors = $posthandler->get_friendly_errors();
$errors = implode("\n\n", $post_errors);
xmlhttp_error($errors);
|
$post_errors = $posthandler->get_friendly_errors();
$errors = implode("\n\n", $post_errors);
xmlhttp_error($errors);
|
}
| }
|
// No errors were found, we can call the update method.
else
{
| // No errors were found, we can call the update method.
else
{
|
| Zeile 404 | Zeile 412 |
|---|
echo "</p>\n";
exit;
}
|
echo "</p>\n";
exit;
}
|
}
| }
|
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;
|
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;
|
|
|
$parser_options = array(
"allow_html" => $forum['allowhtml'],
"allow_mycode" => $forum['allowmycode'],
| $parser_options = array(
"allow_html" => $forum['allowhtml'],
"allow_mycode" => $forum['allowmycode'],
|
| Zeile 424 | Zeile 432 |
|---|
}
$post['message'] = $parser->parse_message($message, $parser_options);
|
}
$post['message'] = $parser->parse_message($message, $parser_options);
|
|
|
// Now lets fetch all of the attachments for these posts.
$query = $db->simple_select("attachments", "*", "pid='{$post['pid']}'");
while($attachment = $db->fetch_array($query))
| // Now lets fetch all of the attachments for these posts.
$query = $db->simple_select("attachments", "*", "pid='{$post['pid']}'");
while($attachment = $db->fetch_array($query))
|
| Zeile 559 | Zeile 567 |
|---|
$db->insert_query("captcha", $regimagearray);
header("Content-type: text/plain; charset={$charset}");
echo $imagehash;
|
$db->insert_query("captcha", $regimagearray);
header("Content-type: text/plain; charset={$charset}");
echo $imagehash;
|
}
| }
|
else if($mybb->input['action'] == "validate_captcha")
{
header("Content-type: text/xml; charset={$charset}");
| else if($mybb->input['action'] == "validate_captcha")
{
header("Content-type: text/xml; charset={$charset}");
|
| Zeile 568 | Zeile 576 |
|---|
if($db->num_rows($query) == 0)
{
echo "<fail>{$lang->captcha_valid_not_exists}</fail>";
|
if($db->num_rows($query) == 0)
{
echo "<fail>{$lang->captcha_valid_not_exists}</fail>";
|
exit;
| exit;
|
}
$imagestring = $db->fetch_field($query, 'imagestring');
if(my_strtolower($imagestring) == my_strtolower($mybb->input['value']))
{
echo "<success>{$lang->captcha_matches}</success>";
|
}
$imagestring = $db->fetch_field($query, 'imagestring');
if(my_strtolower($imagestring) == my_strtolower($mybb->input['value']))
{
echo "<success>{$lang->captcha_matches}</success>";
|
exit;
}
| exit;
}
|
else
{
echo "<fail>{$lang->captcha_does_not_match}</fail>";
|
else
{
echo "<fail>{$lang->captcha_does_not_match}</fail>";
|
exit;
| exit;
|
}
}
else if($mybb->input['action'] == "username_availability")
| }
}
else if($mybb->input['action'] == "username_availability")
|
| Zeile 590 | Zeile 598 |
|---|
// Fix bad characters
$username = trim($username);
|
// Fix bad characters
$username = trim($username);
|
$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237)), array(" ", "-", "", "", ""), $username);
| $username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);
|
// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);
|
// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);
|
| |
if(empty($username))
{
echo "<fail>{$lang->banned_characters_username}</fail>";
exit;
}
|
header("Content-type: text/xml; charset={$charset}");
|
header("Content-type: text/xml; charset={$charset}");
|
| Zeile 672 | Zeile 686 |
|---|
);
$timecut = TIME_NOW - $mybb->settings['wolcutoff'];
$query = $db->simple_select("users", "uid, username, usergroup, displaygroup, lastactive, lastvisit, invisible", "uid IN ({$mybb->user['buddylist']})", $query_options);
|
);
$timecut = TIME_NOW - $mybb->settings['wolcutoff'];
$query = $db->simple_select("users", "uid, username, usergroup, displaygroup, lastactive, lastvisit, invisible", "uid IN ({$mybb->user['buddylist']})", $query_options);
|
$buddy_array = array();
| $online = array();
$offline = array();
|
while($buddy = $db->fetch_array($query))
{
$buddy_name = format_name($buddy['username'], $buddy['usergroup'], $buddy['displaygroup']);
| while($buddy = $db->fetch_array($query))
{
$buddy_name = format_name($buddy['username'], $buddy['usergroup'], $buddy['displaygroup']);
|