Vergleich inc/functions.php - 1.4.0 - 1.4.14

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 1	Zeile 1
<?php /** * MyBB 1.4	<?php /** * MyBB 1.4
* Copyright � 2008 MyBB Group, All Rights Reserved	* Copyright © 2008 MyBB Group, All Rights Reserved
* * Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license *	* * Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license *
* $Id: functions.php 4058 2008-08-03 00:37:09Z Tikitiki $	* $Id: functions.php 4868 2010-04-11 05:15:23Z RyanGordon $
/ /*	/ /*
Zeile 154	Zeile 154
// If our DB has been deconstructed already (bad PHP 5.2.0), reconstruct if(!is_object($db)) {	// If our DB has been deconstructed already (bad PHP 5.2.0), reconstruct if(!is_object($db)) {
if(!isset($config))	if(!isset($config) \|\| empty($config['database']['type']))
{ require MYBB_ROOT."inc/config.php"; }	{ require MYBB_ROOT."inc/config.php"; }
Zeile 162	Zeile 162
if(isset($config)) { require_once MYBB_ROOT."inc/db_".$config['database']['type'].".php";	if(isset($config)) { require_once MYBB_ROOT."inc/db_".$config['database']['type'].".php";
$db = new databaseEngine;	switch($config['database']['type']) { case "sqlite3": $db = new DB_SQLite3; break; case "sqlite2": $db = new DB_SQLite2; break; case "pgsql": $db = new DB_PgSQL; break; case "mysqli": $db = new DB_MySQLi; break; default: $db = new DB_MySQL; }
$db->connect($config['database']); define("TABLE_PREFIX", $config['database']['table_prefix']); $db->set_table_prefix(TABLE_PREFIX);	$db->connect($config['database']); define("TABLE_PREFIX", $config['database']['table_prefix']); $db->set_table_prefix(TABLE_PREFIX);
Zeile 201	Zeile 219
foreach($shutdown_functions as $function) { $function();	foreach($shutdown_functions as $function) { $function();
}	}
} $done_shutdown = true;	} $done_shutdown = true;
Zeile 210	Zeile 228
/** * Sends a specified amount of messages from the mail queue *	/** * Sends a specified amount of messages from the mail queue *
* @param int The number of messages to send (Defaults to 20)	* @param int The number of messages to send (Defaults to 10)
*/ function send_mail_queue($count=10) {	*/ function send_mail_queue($count=10) {
Zeile 239	Zeile 257
} // Update the mailqueue cache and remove the lock $cache->update_mailqueue(TIME_NOW, 0);	} // Update the mailqueue cache and remove the lock $cache->update_mailqueue(TIME_NOW, 0);
}	}
$plugins->run_hooks("send_mail_queue_end"); }	$plugins->run_hooks("send_mail_queue_end"); }
Zeile 391	Zeile 409
* @param string The from address of the email, if blank, the board name will be used. * @param string The chracter set being used to send this email. * @param boolean Do we wish to keep the connection to the mail server alive to send more than one message (SMTP only)	* @param string The from address of the email, if blank, the board name will be used. * @param string The chracter set being used to send this email. * @param boolean Do we wish to keep the connection to the mail server alive to send more than one message (SMTP only)
*/ function my_mail($to, $subject, $message, $from="", $charset="", $headers="", $keep_alive=false, $format="text", $message_text="") { global $mybb;	* @param string The format of the email to be sent (text or html). text is default * @param string The text message of the email if being sent in html format, for email clients that don't support html * @param string The email address to return to. Defaults to admin return email address. */ function my_mail($to, $subject, $message, $from="", $charset="", $headers="", $keep_alive=false, $format="text", $message_text="", $return_email="") { global $mybb;
static $mail; // Does our object not exist? Create it	static $mail; // Does our object not exist? Create it
Zeile 411	Zeile 432
{ require_once MYBB_ROOT."inc/mailhandlers/php.php"; $mail = new PhpMail();	{ require_once MYBB_ROOT."inc/mailhandlers/php.php"; $mail = new PhpMail();
} }	} }
// Using SMTP based mail if($mybb->settings['mail_handler'] == 'smtp') {	// Using SMTP based mail if($mybb->settings['mail_handler'] == 'smtp') {
Zeile 433	Zeile 454
} // Build and send	} // Build and send
$mail->build_message($to, $subject, $message, $from, $charset, $headers, $format, $message_text);	$mail->build_message($to, $subject, $message, $from, $charset, $headers, $format, $message_text, $return_email);
return $mail->send(); }	return $mail->send(); }
Zeile 443	Zeile 464
* @return string The generated code */ function generate_post_check()	* @return string The generated code */ function generate_post_check()
{	{
global $mybb; if($mybb->user['uid']) {	global $mybb; if($mybb->user['uid']) {
Zeile 452	Zeile 473
// Guests get a special string else {	// Guests get a special string else {
return md5($mybb->config['database']['hostname'].$mybb->config['database']['username'].$mybb->config['database']['password']);	return md5($mybb->settings['bburl'].$mybb->config['database']['username'].$mybb->settings['internal']['encryption_key']);
} }	} }
Zeile 472	Zeile 493
return false; } else	return false; } else
{ error($lang->invalid_post_code);	{ if(defined("IN_ADMINCP")) { return false; } else { error($lang->invalid_post_code); }
} } else	} } else
Zeile 619	Zeile 647
if(!$error) { $error = $lang->unknown_error;	if(!$error) { $error = $lang->unknown_error;
} // AJAX error message? if($mybb->input['ajax']) { // Send our headers. @header("Content-type: text/html; charset={$lang->settings['charset']}"); echo "<error>{$error}</error>\n";	} // AJAX error message? if($mybb->input['ajax']) { // Send our headers. @header("Content-type: text/html; charset={$lang->settings['charset']}"); echo "<error>{$error}</error>\n";
exit; }	exit; }
Zeile 747	Zeile 775
echo "<script type=\"text/javascript\">\n"; if($message != "") {	echo "<script type=\"text/javascript\">\n"; if($message != "") {
echo "alert('{$message}');\n";	echo 'alert("'.addslashes($message).'");';
} $url = str_replace("#", "&#", $url); $url = htmlspecialchars_decode($url); $url = str_replace(array("\n","\r",";"), "", $url);	} $url = str_replace("#", "&#", $url); $url = htmlspecialchars_decode($url); $url = str_replace(array("\n","\r",";"), "", $url);
echo "window.location = '{$url}';\n";	echo 'window.location = "'.addslashes($url).'";'."\n";
echo "</script>\n"; exit; }	echo "</script>\n"; exit; }
Zeile 781	Zeile 809
} else {	} else {
$url = str_replace("#", "&#", $url);
$url = htmlspecialchars_decode($url); $url = str_replace(array("\n","\r",";"), "", $url);	$url = htmlspecialchars_decode($url); $url = str_replace(array("\n","\r",";"), "", $url);
Zeile 972	Zeile 999
function usergroup_permissions($gid=0) { global $cache, $groupscache, $grouppermignore, $groupzerogreater;	function usergroup_permissions($gid=0) { global $cache, $groupscache, $grouppermignore, $groupzerogreater;

if(!is_array($groupscache)) { $groupscache = $cache->read("usergroups");	if(!is_array($groupscache)) { $groupscache = $cache->read("usergroups");
}	}
$groups = explode(",", $gid);	$groups = explode(",", $gid);

if(count($groups) == 1) {	if(count($groups) == 1) {
Zeile 992	Zeile 1018
{ continue; }	{ continue; }

foreach($groupscache[$gid] as $perm => $access) { if(!in_array($perm, $grouppermignore))	foreach($groupscache[$gid] as $perm => $access) { if(!in_array($perm, $grouppermignore))
Zeile 1006	Zeile 1032
$permbit = ""; }	$permbit = ""; }
if(in_array($perm, $groupzerogreater))	// 0 represents unlimited for numerical group permissions (i.e. private message limit) so take that into account. if(in_array($perm, $groupzerogreater) && ($access == 0 \|\| $permbit === 0))
{	{
if($access == 0) { $usergroup[$perm] = 0; continue; }	$usergroup[$perm] = 0; continue;
} if($access > $permbit \|\| ($access == "yes" && $permbit == "no") \|\| !$permbit) // Keep yes/no for compatibility?	} if($access > $permbit \|\| ($access == "yes" && $permbit == "no") \|\| !$permbit) // Keep yes/no for compatibility?
Zeile 1071	Zeile 1095
if(!$gid \|\| $gid == 0) // If no group, we need to fetch it {	if(!$gid \|\| $gid == 0) // If no group, we need to fetch it {
if($uid != $mybb->user['uid'])	if($uid != 0 && $uid != $mybb->user['uid'])
{	{
if($usercache[$uid])	if(!$usercache[$uid])
{ $query = $db->simple_select("users", "*", "uid='$uid'"); $usercache[$uid] = $db->fetch_array($query);	{ $query = $db->simple_select("users", "*", "uid='$uid'"); $usercache[$uid] = $db->fetch_array($query);
Zeile 1092	Zeile 1116
} $groupperms = $mybb->usergroup;	} $groupperms = $mybb->usergroup;
}	}
}	}

if(!is_array($forum_cache)) { $forum_cache = cache_forums(); if(!$forum_cache)	if(!is_array($forum_cache)) { $forum_cache = cache_forums(); if(!$forum_cache)
{	{
return false; } }	return false; } }
Zeile 1149	Zeile 1173
if(!$fpermcache[$fid]) // This forum has no custom or inherited permissions so lets just return the group permissions { return $groupperms;	if(!$fpermcache[$fid]) // This forum has no custom or inherited permissions so lets just return the group permissions { return $groupperms;
}	}
$current_permissions = array();	$current_permissions = array();
Zeile 1207	Zeile 1231
* @param boolean The Parent ID */ function check_forum_password($fid, $pid=0)	* @param boolean The Parent ID */ function check_forum_password($fid, $pid=0)
{	{
global $mybb, $header, $footer, $headerinclude, $theme, $templates, $lang, $forum_cache; $showform = true;	global $mybb, $header, $footer, $headerinclude, $theme, $templates, $lang, $forum_cache; $showform = true;
Zeile 1243	Zeile 1267
$password = $forum_cache[$fid]['password']; if($password) {	$password = $forum_cache[$fid]['password']; if($password) {
if($mybb->input['pwverify'])	if($mybb->input['pwverify'] && $pid == 0)
{ if($password == $mybb->input['pwverify']) { my_setcookie("forumpass[$fid]", md5($mybb->user['uid'].$mybb->input['pwverify']), null, true);	{ if($password == $mybb->input['pwverify']) { my_setcookie("forumpass[$fid]", md5($mybb->user['uid'].$mybb->input['pwverify']), null, true);
$showform = false; } else	$showform = false; } else
{ eval("\$pwnote = \"".$templates->get("forumdisplay_password_wrongpass")."\";"); $showform = true;	{ eval("\$pwnote = \"".$templates->get("forumdisplay_password_wrongpass")."\";"); $showform = true;
Zeile 1265	Zeile 1289
else { $showform = false;	else { $showform = false;
} } }	} } }
else	else
{	{
$showform = false;	$showform = false;
} if($showform) { $_SERVER['REQUEST_URI'] = htmlspecialchars_uni($_SERVER['REQUEST_URI']); eval("\$pwform = \"".$templates->get("forumdisplay_password")."\";"); output_page($pwform);	} if($showform) { if($pid) { header("Location: ".$mybb->settings['bburl']."/".get_forum_link($fid)); } else { $_SERVER['REQUEST_URI'] = htmlspecialchars_uni($_SERVER['REQUEST_URI']); eval("\$pwform = \"".$templates->get("forumdisplay_password")."\";"); output_page($pwform); }
exit; } }	exit; } }
Zeile 1298	Zeile 1329
if($uid < 1) { $uid = $mybb->user['uid'];	if($uid < 1) { $uid = $mybb->user['uid'];
}	}
if($uid == 0) {	if($uid == 0) {
Zeile 1326	Zeile 1357
else { $perms = $modpermscache[$fid][$uid];	else { $perms = $modpermscache[$fid][$uid];
}	}
return $perms; }	return $perms; }
Zeile 1440	Zeile 1471
{ $iconlist .= "<br />"; $listed = 0;	{ $iconlist .= "<br />"; $listed = 0;
} }	} }
eval("\$posticons = \"".$templates->get("posticons")."\";");	eval("\$posticons = \"".$templates->get("posticons")."\";");
Zeile 1461	Zeile 1492
global $mybb; if(!$mybb->settings['cookiepath'])	global $mybb; if(!$mybb->settings['cookiepath'])
{	{
$mybb->settings['cookiepath'] = "/"; }	$mybb->settings['cookiepath'] = "/"; }
Zeile 1481	Zeile 1512
} } else	} } else
{	{
$expires = TIME_NOW + intval($expires); }	$expires = TIME_NOW + intval($expires); }

$mybb->settings['cookiepath'] = str_replace(array("\n","\r"), "", $mybb->settings['cookiepath']); $mybb->settings['cookiedomain'] = str_replace(array("\n","\r"), "", $mybb->settings['cookiedomain']); $mybb->settings['cookieprefix'] = str_replace(array("\n","\r", " "), "", $mybb->settings['cookieprefix']); // Versions of PHP prior to 5.2 do not support HttpOnly cookies and IE is buggy when specifying a blank domain so set the cookie manually $cookie = "Set-Cookie: {$mybb->settings['cookieprefix']}{$name}=".urlencode($value);	$mybb->settings['cookiepath'] = str_replace(array("\n","\r"), "", $mybb->settings['cookiepath']); $mybb->settings['cookiedomain'] = str_replace(array("\n","\r"), "", $mybb->settings['cookiedomain']); $mybb->settings['cookieprefix'] = str_replace(array("\n","\r", " "), "", $mybb->settings['cookieprefix']); // Versions of PHP prior to 5.2 do not support HttpOnly cookies and IE is buggy when specifying a blank domain so set the cookie manually $cookie = "Set-Cookie: {$mybb->settings['cookieprefix']}{$name}=".urlencode($value);

if($expires > 0)	if($expires > 0)
{	{
$cookie .= "; expires=".@gmdate('D, d-M-Y H:i:s \\G\\M\\T', $expires);	$cookie .= "; expires=".@gmdate('D, d-M-Y H:i:s \\G\\M\\T', $expires);
}	}
if(!empty($mybb->settings['cookiepath'])) { $cookie .= "; path={$mybb->settings['cookiepath']}";	if(!empty($mybb->settings['cookiepath'])) { $cookie .= "; path={$mybb->settings['cookiepath']}";
}	}
if(!empty($mybb->settings['cookiedomain'])) { $cookie .= "; domain={$mybb->settings['cookiedomain']}";	if(!empty($mybb->settings['cookiedomain'])) { $cookie .= "; domain={$mybb->settings['cookiedomain']}";
Zeile 1519	Zeile 1550
/** * Unset a cookie set by MyBB.	/** * Unset a cookie set by MyBB.
* * @param string The cookie identifier.	* * @param string The cookie identifier.
*/ function my_unsetcookie($name) { global $mybb;	*/ function my_unsetcookie($name) { global $mybb;

$expires = -3600; my_setcookie($name, "", $expires); unset($mybb->cookies[$name]);	$expires = -3600; my_setcookie($name, "", $expires); unset($mybb->cookies[$name]);
}	}
/** * Get the contents from a serialised cookie array.	/** * Get the contents from a serialised cookie array.
Zeile 1540	Zeile 1571
* @return array\|boolean The cookie id's content array or false when non-existent. */ function my_get_array_cookie($name, $id)	* @return array\|boolean The cookie id's content array or false when non-existent. */ function my_get_array_cookie($name, $id)
{	{
global $mybb; if(!isset($mybb->cookies['mybb'][$name]))	global $mybb; if(!isset($mybb->cookies['mybb'][$name]))
Zeile 1558	Zeile 1589
{ return 0; }	{ return 0; }
} /**	} /**
* Set a serialised cookie array. * * @param string The cookie identifier.	* Set a serialised cookie array. * * @param string The cookie identifier.
Zeile 1570	Zeile 1601
function my_set_array_cookie($name, $id, $value) { global $mybb;	function my_set_array_cookie($name, $id, $value) { global $mybb;

$cookie = $mybb->cookies['mybb']; $newcookie = unserialize($cookie[$name]); $newcookie[$id] = $value;	$cookie = $mybb->cookies['mybb']; $newcookie = unserialize($cookie[$name]); $newcookie[$id] = $value;
$newcookie = addslashes(serialize($newcookie)); my_setcookie("mybb[$name]", $newcookie);	$newcookie = serialize($newcookie); my_setcookie("mybb[$name]", addslashes($newcookie)); // Make sure our current viarables are up-to-date as well $mybb->cookies['mybb'][$name] = $newcookie;
} /**	} /**
Zeile 1597	Zeile 1631
$serverload = explode(" ", $load); $serverload[0] = round($serverload[0], 4); }	$serverload = explode(" ", $load); $serverload[0] = round($serverload[0], 4); }
if(!$serverload)	if(!is_numeric($serverload[0]))
{ if(@ini_get('safe_mode') == 'On')	{ if(@ini_get('safe_mode') == 'On')
{ return $lang->unknown; }	{ return $lang->unknown; }
// Suhosin likes to throw a warning if exec is disabled then die - weird if($func_blacklist = @ini_get('suhosin.executor.func.blacklist'))	// Suhosin likes to throw a warning if exec is disabled then die - weird if($func_blacklist = @ini_get('suhosin.executor.func.blacklist'))
Zeile 1622	Zeile 1656
} $load = @exec("uptime");	} $load = @exec("uptime");
$load = split("load averages?: ", $load);	$load = explode("load average: ", $load);
$serverload = explode(",", $load[1]); if(!is_array($serverload)) {	$serverload = explode(",", $load[1]); if(!is_array($serverload)) {
Zeile 1663	Zeile 1697
$new_stats[$counter] = $stats[$counter] + $changes[$counter]; } else	$new_stats[$counter] = $stats[$counter] + $changes[$counter]; } else
{	{
$new_stats[$counter] = $changes[$counter]; } // Less than 0? That's bad	$new_stats[$counter] = $changes[$counter]; } // Less than 0? That's bad
Zeile 1681	Zeile 1715
$lastmember = $db->fetch_array($query); $new_stats['lastuid'] = $lastmember['uid']; $new_stats['lastusername'] = $lastmember['username'];	$lastmember = $db->fetch_array($query); $new_stats['lastuid'] = $lastmember['uid']; $new_stats['lastusername'] = $lastmember['username'];
}	}
if(is_array($stats))	if(is_array($stats))
{	{
$stats = array_merge($stats, $new_stats);	$stats = array_merge($stats, $new_stats);
}	}
else { $stats = $new_stats;	else { $stats = $new_stats;
}	}
// Update stats row for today in the database $todays_stats = array( "dateline" => mktime(0, 0, 0, date("m"), date("j"), date("Y")),	// Update stats row for today in the database $todays_stats = array( "dateline" => mktime(0, 0, 0, date("m"), date("j"), date("Y")),
Zeile 1700	Zeile 1734
"numposts" => $stats['numposts'] ); $db->replace_query("stats", $todays_stats, "dateline");	"numposts" => $stats['numposts'] ); $db->replace_query("stats", $todays_stats, "dateline");

$cache->update("stats", $stats, "dateline"); }	$cache->update("stats", $stats, "dateline"); }
Zeile 1739	Zeile 1773
if($update_query[$counter] < 0) { $update_query[$counter] = 0;	if($update_query[$counter] < 0) { $update_query[$counter] = 0;
}	}
} }	} }
Zeile 1759	Zeile 1793
if($threads_diff > -1) { $new_stats['numthreads'] = "+{$threads_diff}";	if($threads_diff > -1) { $new_stats['numthreads'] = "+{$threads_diff}";
} else {	} else {
$new_stats['numthreads'] = "{$threads_diff}"; } }	$new_stats['numthreads'] = "{$threads_diff}"; } }
Zeile 1809	Zeile 1843
// Update last post info update_forum_lastpost($fid);	// Update last post info update_forum_lastpost($fid);
	$cache->update_forums();
} /**	} /**
Zeile 1839	Zeile 1875
); $db->update_query("forums", $updated_forum, "fid='{$fid}'");	); $db->update_query("forums", $updated_forum, "fid='{$fid}'");
}	}
/** * Updates the thread counters with a specific value (or addition/subtraction of the previous value) *	/** * Updates the thread counters with a specific value (or addition/subtraction of the previous value) *
Zeile 1848	Zeile 1884
* @param array Array of items being updated (replies, unapprovedposts, attachmentcount) and their value (ex, 1, +1, -1) */ function update_thread_counters($tid, $changes=array())	* @param array Array of items being updated (replies, unapprovedposts, attachmentcount) and their value (ex, 1, +1, -1) */ function update_thread_counters($tid, $changes=array())
{ global $db;	{ global $db;
$update_query = array();	$update_query = array();
$counters = array('replies','unapprovedposts','attachmentcount');	$counters = array('replies','unapprovedposts','attachmentcount', 'attachmentcount');
// Fetch above counters for this thread $query = $db->simple_select("threads", implode(",", $counters), "tid='{$tid}'");	// Fetch above counters for this thread $query = $db->simple_select("threads", implode(",", $counters), "tid='{$tid}'");
Zeile 1871	Zeile 1907
else { $update_query[$counter] = $changes[$counter];	else { $update_query[$counter] = $changes[$counter];
}	}
// Less than 0? That's bad if($update_query[$counter] < 0) {	// Less than 0? That's bad if($update_query[$counter] < 0) {
Zeile 1879	Zeile 1915
} } }	} } }
	$db->free_result($query);
// Only update if we're actually doing something if(count($update_query) > 0) { $db->update_query("threads", $update_query, "tid='".intval($tid)."'"); }	// Only update if we're actually doing something if(count($update_query) > 0) { $db->update_query("threads", $update_query, "tid='".intval($tid)."'"); }
	unset($update_query, $thread);
update_thread_data($tid); }	update_thread_data($tid); }
Zeile 1906	Zeile 1946
LIMIT 1" ); $lastpost = $db->fetch_array($query);	LIMIT 1" ); $lastpost = $db->fetch_array($query);
	$db->free_result($query);
$query = $db->query(" SELECT u.uid, u.username, p.username AS postusername, p.dateline FROM ".TABLE_PREFIX."posts p	$query = $db->query(" SELECT u.uid, u.username, p.username AS postusername, p.dateline FROM ".TABLE_PREFIX."posts p
Zeile 1916	Zeile 1958
LIMIT 1 "); $firstpost = $db->fetch_array($query);	LIMIT 1 "); $firstpost = $db->fetch_array($query);
	$db->free_result($query);
if(!$firstpost['username']) { $firstpost['username'] = $firstpost['postusername'];	if(!$firstpost['username']) { $firstpost['username'] = $firstpost['postusername'];
}	}
if(!$lastpost['username'])	if(!$lastpost['username'])
{	{
$lastpost['username'] = $lastpost['postusername'];	$lastpost['username'] = $lastpost['postusername'];
}	}
if(!$lastpost['dateline']) { $lastpost['username'] = $firstpost['username'];	if(!$lastpost['dateline']) { $lastpost['username'] = $firstpost['username'];
Zeile 1940	Zeile 1984
$update_array = array( 'username' => $firstpost['username'], 'uid' => intval($firstpost['uid']),	$update_array = array( 'username' => $firstpost['username'], 'uid' => intval($firstpost['uid']),
	'dateline' => intval($firstpost['dateline']),
'lastpost' => intval($lastpost['dateline']), 'lastposter' => $lastpost['username'], 'lastposteruid' => intval($lastpost['uid']), ); $db->update_query("threads", $update_array, "tid='{$tid}'");	'lastpost' => intval($lastpost['dateline']), 'lastposter' => $lastpost['username'], 'lastposteruid' => intval($lastpost['uid']), ); $db->update_query("threads", $update_array, "tid='{$tid}'");
	unset($firstpost, $lastpost, $update_array);
} function update_forum_count($fid)	} function update_forum_count($fid)
Zeile 2004	Zeile 2051
* @param int If we need to add select boxes to this cal or not * @param int The current depth of forums we're at * @param int Whether or not to show extra items such as User CP, Forum home	* @param int If we need to add select boxes to this cal or not * @param int The current depth of forums we're at * @param int Whether or not to show extra items such as User CP, Forum home
	* @param boolean Ignore the showinjump setting and show all forums (for moderation pages)
* @param array Array of permissions * @param string The name of the forum jump * @return string Forum jump items */	* @param array Array of permissions * @param string The name of the forum jump * @return string Forum jump items */
function build_forum_jump($pid="0", $selitem="", $addselect="1", $depth="", $showextras="1", $permissions="", $name="fid")	function build_forum_jump($pid="0", $selitem="", $addselect="1", $depth="", $showextras="1", $showall=false, $permissions="", $name="fid")
{ global $forum_cache, $jumpfcache, $permissioncache, $mybb, $selecteddone, $forumjump, $forumjumpbits, $gobutton, $theme, $templates, $lang;	{ global $forum_cache, $jumpfcache, $permissioncache, $mybb, $selecteddone, $forumjump, $forumjumpbits, $gobutton, $theme, $templates, $lang;
Zeile 2048	Zeile 2096
{ $perms = $permissioncache[$forum['fid']];	{ $perms = $permissioncache[$forum['fid']];
if($forum['fid'] != "0" && ($perms['canview'] != 0 \|\| $mybb->settings['hideprivateforums'] == 0) && $forum['linkto'] == '' && $forum['showinjump'] != 0)	if($forum['fid'] != "0" && ($perms['canview'] != 0 \|\| $mybb->settings['hideprivateforums'] == 0) && $forum['linkto'] == '' && ($forum['showinjump'] != 0 \|\| $showall == true))
{ $optionselected = "";	{ $optionselected = "";
Zeile 2065	Zeile 2113
if($forum_cache[$forum['fid']]) { $newdepth = $depth."--";	if($forum_cache[$forum['fid']]) { $newdepth = $depth."--";
$forumjumpbits .= build_forum_jump($forum['fid'], $selitem, 0, $newdepth, $showextras);	$forumjumpbits .= build_forum_jump($forum['fid'], $selitem, 0, $newdepth, $showextras, $showall);
} } }	} } }
Zeile 2079	Zeile 2127
if(!$selitem) { $selitem = "default";	if(!$selitem) { $selitem = "default";
}	}
$jumpsel[$selitem] = 'selected="selected"'; }	$jumpsel[$selitem] = 'selected="selected"'; }
Zeile 2123	Zeile 2171
for($i = 1; $i <= $length; ++$i) {	for($i = 1; $i <= $length; ++$i) {
$ch = mt_rand(0, count($set)-1);	$ch = my_rand(0, count($set)-1);
$str .= $set[$ch]; }	$str .= $set[$ch]; }
Zeile 2848	Zeile 2896
} $navsize = count($navbits);	} $navsize = count($navbits);
$navbits[$navsize]['name'] = $forumnav['name'];	// Convert & to & $navbits[$navsize]['name'] = preg_replace("#&(?!\#[0-9]+;)#si", "&", $forumnav['name']);
if(IN_ARCHIVE == 1) {	if(IN_ARCHIVE == 1) {
Zeile 2920	Zeile 2969
$url = "{$base_url}forum-{$id}.html"; break; default:	$url = "{$base_url}forum-{$id}.html"; break; default:
$url = $mybb->setings['bburl']."/archive/index.php";	$url = $mybb->settings['bburl']."/archive/index.php";
} return $url;	} return $url;
Zeile 3062	Zeile 3111
if($mybb->settings['nocacheheaders'] == 1 && $mybb->settings['standardheaders'] != 1) { header("Expires: Sat, 1 Jan 2000 01:00:00 GMT");	if($mybb->settings['nocacheheaders'] == 1 && $mybb->settings['standardheaders'] != 1) { header("Expires: Sat, 1 Jan 2000 01:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")."GMT");	header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); }	header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); }
Zeile 3292	Zeile 3341
*/ function join_usergroup($uid, $joingroup) {	*/ function join_usergroup($uid, $joingroup) {
global $db; if($uid == $mybb->user['uid']) { $user = $mybb->user; } else	global $db, $mybb; if($uid == $mybb->user['uid']) { $user = $mybb->user; } else
{	{
$query = $db->simple_select("users", "additionalgroups, usergroup", "uid='{$uid}'");	$query = $db->simple_select("users", "additionalgroups, usergroup", "uid='".intval($uid)."'");
$user = $db->fetch_array($query); }	$user = $db->fetch_array($query); }
Zeile 3323	Zeile 3372
} }	} }
$db->update_query("users", array('additionalgroups' => $groupslist), "uid='$uid'");	// What's the point in updating if they're the same? if($groupslist != $user['additionalgroups']) { $db->update_query("users", array('additionalgroups' => $groupslist), "uid='".intval($uid)."'"); return true; } else { return false; }
} /**	} /**
Zeile 3335	Zeile 3393
function leave_usergroup($uid, $leavegroup) { global $db, $mybb, $cache;	function leave_usergroup($uid, $leavegroup) { global $db, $mybb, $cache;

if($uid == $mybb->user['uid'])	if($uid == $mybb->user['uid'])
{	{
$user = $mybb->user; } else {	$user = $mybb->user; } else {
$query = $db->simple_select("users", "*", "uid='{$uid}'");	$query = $db->simple_select("users", "*", "uid='".intval($uid)."'");
$user = $db->fetch_array($query); }	$user = $db->fetch_array($query); }
	$groupslist = "";
$usergroups = ""; $usergroups = $user['additionalgroups'].",";	$usergroups = ""; $usergroups = $user['additionalgroups'].",";
$groups = explode(",", $user['additionalgroups']);	$groups = explode(",", $user['additionalgroups']);
if(is_array($groups)) { foreach($groups as $gid)	if(is_array($groups)) { foreach($groups as $gid)
Zeile 3363	Zeile 3422
} } }	} } }
	$dispupdate = "";
if($leavegroup == $user['displaygroup']) { $dispupdate = ", displaygroup=usergroup";	if($leavegroup == $user['displaygroup']) { $dispupdate = ", displaygroup=usergroup";
Zeile 3372	Zeile 3432
$db->write_query(" UPDATE ".TABLE_PREFIX."users SET additionalgroups='$groupslist' $dispupdate	$db->write_query(" UPDATE ".TABLE_PREFIX."users SET additionalgroups='$groupslist' $dispupdate
WHERE uid='$uid'	WHERE uid='".intval($uid)."'
"); $cache->update_moderators();	"); $cache->update_moderators();
Zeile 3394	Zeile 3454
if(!empty($_SERVER['PATH_INFO'])) {	if(!empty($_SERVER['PATH_INFO'])) {
$location = $_SERVER['PATH_INFO'];	$location = htmlspecialchars_uni($_SERVER['PATH_INFO']);
} elseif(!empty($_ENV['PATH_INFO'])) {	} elseif(!empty($_ENV['PATH_INFO'])) {
$location = $_ENV['PATH_INFO'];	$location = htmlspecialchars_uni($_ENV['PATH_INFO']);
} elseif(!empty($_ENV['PHP_SELF']))	} elseif(!empty($_ENV['PHP_SELF']))
{ $location = $_ENV['PHP_SELF'];	{ $location = htmlspecialchars_uni($_ENV['PHP_SELF']);
} else	} else
{ $location = $_SERVER['PHP_SELF'];	{ $location = htmlspecialchars_uni($_SERVER['PHP_SELF']);
} if($fields == true) { global $mybb;	} if($fields == true) { global $mybb;

if(!is_array($ignore)) { $ignore = array($ignore);	if(!is_array($ignore)) { $ignore = array($ignore);
Zeile 3431	Zeile 3491
} $form_html .= "<input type=\"hidden\" name=\"".htmlspecialchars((string)$name)."\" value=\"".htmlspecialchars((string)$value)."\" />\n";	} $form_html .= "<input type=\"hidden\" name=\"".htmlspecialchars((string)$name)."\" value=\"".htmlspecialchars((string)$value)."\" />\n";
}	}
} return array('location' => $location, 'form_html' => $form_html, 'form_method' => $mybb->request_method);	} return array('location' => $location, 'form_html' => $form_html, 'form_method' => $mybb->request_method);
Zeile 3440	Zeile 3500
{ if(isset($_SERVER['QUERY_STRING'])) {	{ if(isset($_SERVER['QUERY_STRING'])) {
$location .= "?".$_SERVER['QUERY_STRING'];	$location .= "?".htmlspecialchars_uni($_SERVER['QUERY_STRING']);
} else if(isset($_ENV['QUERY_STRING']))	} else if(isset($_ENV['QUERY_STRING']))
{ $location = "?".$_ENV['QUERY_STRING'];	{ $location .= "?".htmlspecialchars_uni($_ENV['QUERY_STRING']);
} if((isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == "POST") \|\| (isset($_ENV['REQUEST_METHOD']) && $_ENV['REQUEST_METHOD'] == "POST"))	} if((isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == "POST") \|\| (isset($_ENV['REQUEST_METHOD']) && $_ENV['REQUEST_METHOD'] == "POST"))
Zeile 3455	Zeile 3515
{ if(isset($_POST[$var])) {	{ if(isset($_POST[$var])) {
$addloc[] = $var.'='.$_POST[$var];	$addloc[] = urlencode($var).'='.urlencode($_POST[$var]); } } if(isset($addloc) && is_array($addloc)) { if(strpos($location, "?") === false) { $location .= "?"; } else { $location .= "&";
}	}
} if(isset($addlock) && is_array($addloc)) { $location .= "?".implode("&", $addloc);	$location .= implode("&", $addloc);
} }	} }

return $location; }	return $location; }
Zeile 3586	Zeile 3653
global $mybb; if($number == "-")	global $mybb; if($number == "-")
{	{
return $number; } if(is_int($number))	return $number; } if(is_int($number))
{	{
return number_format($number, 0, $mybb->settings['decpoint'], $mybb->settings['thousandssep']); } else	return number_format($number, 0, $mybb->settings['decpoint'], $mybb->settings['thousandssep']); } else
Zeile 3601	Zeile 3668
if(isset($parts[1])) { $decimals = my_strlen($parts[1]);	if(isset($parts[1])) { $decimals = my_strlen($parts[1]);
}	}
else { $decimals = 0;	else { $decimals = 0;
} return number_format($number, $decimals, $mybb->settings['decpoint'], $mybb->settings['thousandssep']);	} return number_format((double)$number, $decimals, $mybb->settings['decpoint'], $mybb->settings['thousandssep']); } } function convert_through_utf8($str, $to=true) { global $lang; static $charset; static $use_mb; static $use_iconv; if(!isset($charset)) { $charset = my_strtolower($lang->settings['charset']); } if($charset == "utf-8") { return $str; } if(!isset($use_iconv)) { $use_iconv = function_exists("iconv"); } if(!isset($use_mb)) { $use_mb = function_exists("mb_convert_encoding"); } if($use_iconv \|\| $use_mb) { if($to) { $from_charset = $lang->settings['charset']; $to_charset = "UTF-8"; } else { $from_charset = "UTF-8"; $to_charset = $lang->settings['charset']; } if($use_iconv) { return iconv($from_charset, $to_charset."//IGNORE", $str); } else { return @mb_convert_encoding($str, $to_charset, $from_charset); } } elseif($charset == "iso-8859-1" && function_exists("utf8_encode")) { if($to) { return utf8_encode($str); } else { return utf8_decode($str); } } else { return $str;
} }	} }
Zeile 3623	Zeile 3755
if($mybb->settings['wordwrap'] > 0) {	if($mybb->settings['wordwrap'] > 0) {
if($mybb->config['db_encoding'] == "utf8" && !preg_match("#[\x80-\xFF]#", $message))	$message = convert_through_utf8($message); if(!($new_message = @preg_replace("#(?>[^\s&/<>\"\\-\.\[\]]{{$mybb->settings['wordwrap']}})#u", "$0", $message)))
{	{
$message = preg_replace("#(?>[^\s&/<>\"\\-\.\[\]]{{$mybb->settings['wordwrap']}})#u", "$0 ", $message); } else { $message = preg_replace("#(?>[^\s&/<>\"\\-\.\[\]]{{$mybb->settings['wordwrap']}})#", "$0 ", $message);	$new_message = preg_replace("#(?>[^\s&/<>\"\\-\.\[\]]{{$mybb->settings['wordwrap']}})#", "$0", $message);
}	}
	$new_message = convert_through_utf8($new_message, false); return $new_message;
} return $message;	} return $message;
Zeile 3742	Zeile 3876
$find = array( 'm', 'd',	$find = array( 'm', 'd',
	'D',
'y', 'Y', 'j', 'S', 'l', 'F',	'y', 'Y', 'j', 'S', 'l', 'F',
	'M',
); $replace = array( sprintf('%02s', $bm), sprintf('%02s', $bd),	); $replace = array( sprintf('%02s', $bm), sprintf('%02s', $bd),
	($wd == 2 ? my_substr($bdays[$wd], 0, 4) : ($wd == 4 ? my_substr($bdays[$wd], 0, 5) : my_substr($bdays[$wd], 0, 3))),
my_substr($by, 2), $by, ($bd[0] == 0 ? my_substr($bd, 1) : $bd),	my_substr($by, 2), $by, ($bd[0] == 0 ? my_substr($bd, 1) : $bd),
($db == 1 \|\| $db == 21 \|\| $db == 31 ? 'st' : ($db == 2 \|\| $db == 22 ? 'nd' : ($db == 3 \|\| $db == 23 ? 'rd' : 'th'))), $bdays[$wd],	($bd == 1 \|\| $bd == 21 \|\| $bd == 31 ? 'st' : ($bd == 2 \|\| $bd == 22 ? 'nd' : ($bd == 3 \|\| $bd == 23 ? 'rd' : 'th'))), $wd,
$bmonth[$bm-1],	$bmonth[$bm-1],
	($bm == 9 ? my_substr($bmonth[$bm-1], 0, 4) : my_substr($bmonth[$bm-1], 0, 3)),
);	);
	// Do we have the full month in our output? // If so there's no need for the short month if(strpos($display, 'F') !== false) { array_pop($find); array_pop($replace); }
return str_replace($find, $replace, $display); }	return str_replace($find, $replace, $display); }
Zeile 3787	Zeile 3933
--$age; } return $age;	--$age; } return $age;
} /**	} /**
* Updates the first posts in a thread. * * @param int The thread id for which to update the first post id.	* Updates the first posts in a thread. * * @param int The thread id for which to update the first post id.
Zeile 3797	Zeile 3943
function update_first_post($tid) { global $db;	function update_first_post($tid) { global $db;
$query = $db->simple_select("posts", "pid", "tid='{$tid}'", array('order_by' => 'dateline', 'limit' => 1));	$query = $db->simple_select("posts", "pid,replyto", "tid='{$tid}'", array('order_by' => 'dateline', 'limit' => 1));
$post = $db->fetch_array($query); if($post['replyto'] != 0)	$post = $db->fetch_array($query); if($post['replyto'] != 0)
Zeile 3806	Zeile 3952
$replyto_update = array( "replyto" => 0 );	$replyto_update = array( "replyto" => 0 );
$db->update_query("threads", $replyto_update, "pid='{$post['pid']}'");	$db->update_query("posts", $replyto_update, "pid='{$post['pid']}'");
} $firstpostup = array(	} $firstpostup = array(
Zeile 3820	Zeile 3966
* * @param string The string to check the length of. * @return int The length of the string.	* * @param string The string to check the length of. * @return int The length of the string.
*/	*/
function my_strlen($string) { global $lang;	function my_strlen($string) { global $lang;
$string = preg_replace("#&\#(0-9]+);#", "-", $string);	$string = preg_replace("#&\#([0-9]+);#", "-", $string);
if(strtolower($lang->settings['charset']) == "utf-8") {	if(strtolower($lang->settings['charset']) == "utf-8") {
Zeile 3835	Zeile 3981
// Remove dodgy whitespaces $string = str_replace(chr(0xCA), "", $string);	// Remove dodgy whitespaces $string = str_replace(chr(0xCA), "", $string);
$string = str_replace(" ", " ", $string);
} $string = trim($string);	} $string = trim($string);
Zeile 3970	Zeile 4115
* @return int The un-htmlentitied' string. */ function unhtmlentities($string)	* @return int The un-htmlentitied' string. */ function unhtmlentities($string)
{ // Replace numeric entities $string = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $string); $string = preg_replace('~&#([0-9]+);~e', 'chr(\\1)', $string);	{ // Replace numeric entities $string = preg_replace('~&#x([0-9a-f]+);~ei', 'unichr(hexdec("\\1"))', $string); $string = preg_replace('~&#([0-9]+);~e', 'unichr("\\1")', $string); // Replace literal entities $trans_tbl = get_html_translation_table(HTML_ENTITIES); $trans_tbl = array_flip($trans_tbl); return strtr($string, $trans_tbl); }

// Replace literal entities $trans_tbl = get_html_translation_table(HTML_ENTITIES); $trans_tbl = array_flip($trans_tbl); return strtr($string, $trans_tbl);	/** * Returns any ascii to it's character (utf-8 safe). * * @param string The ascii to characterize. * @return int The characterized ascii. */ function unichr($c) { if($c <= 0x7F) { return chr($c); } else if($c <= 0x7FF) { return chr(0xC0 \| $c >> 6) . chr(0x80 \| $c & 0x3F); } else if($c <= 0xFFFF) { return chr(0xE0 \| $c >> 12) . chr(0x80 \| $c >> 6 & 0x3F) . chr(0x80 \| $c & 0x3F); } else if($c <= 0x10FFFF) { return chr(0xF0 \| $c >> 18) . chr(0x80 \| $c >> 12 & 0x3F) . chr(0x80 \| $c >> 6 & 0x3F) . chr(0x80 \| $c & 0x3F); } else { return false; }
} /**	} /**
Zeile 4073	Zeile 4251
// If we're in the archive, link back a directory if(IN_ARCHIVE == 1) {	// If we're in the archive, link back a directory if(IN_ARCHIVE == 1) {
global $mybb; if($mybb->settings['seourls'] == "yes" \|\| ($mybb->settings['seourls'] == "auto" && $_SERVER['SEO_SUPPORT'] == 1)) { return "<a href=\"../../".get_profile_link($uid)."\"{$target}{$onclick}>{$username}</a>"; } return "<a href=\"../".get_profile_link($uid)."\"{$target}{$onclick}>{$username}</a>";	return "<a href=\"../../".get_profile_link($uid)."\"{$target}{$onclick}>{$username}</a>";
} elseif(IN_ADMINCP == 1)	} elseif(IN_ADMINCP == 1)
{	{
return "<a href=\"../".get_profile_link($uid)."\"{$target}{$onclick}>{$username}</a>"; } else { return "<a href=\"".get_profile_link($uid)."\"{$target}{$onclick}>{$username}</a>";	return "<a href=\"../".get_profile_link($uid)."\"{$target}{$onclick}>{$username}</a>"; } else { return "<a href=\"".get_profile_link($uid)."\"{$target}{$onclick}>{$username}</a>";
}	}
} }	} }
Zeile 4105	Zeile 4276
if($page > 0) { $link = str_replace("{fid}", $fid, FORUM_URL_PAGED);	if($page > 0) { $link = str_replace("{fid}", $fid, FORUM_URL_PAGED);
$link = str_replace("{page}", $page, $link); return htmlspecialchars_uni($link);	$link = str_replace("{page}", $page, $link); return htmlspecialchars_uni($link);
} else {	} else {
Zeile 4130	Zeile 4301
if($action) { $link = THREAD_URL_PAGED_ACTION;	if($action) { $link = THREAD_URL_PAGED_ACTION;
} else	} else
{ $link = THREAD_URL_PAGED; }	{ $link = THREAD_URL_PAGED; }
Zeile 4146	Zeile 4317
{ $link = THREAD_URL_ACTION; $link = str_replace("{action}", $action, $link);	{ $link = THREAD_URL_ACTION; $link = str_replace("{action}", $action, $link);
} else	} else
{ $link = THREAD_URL; } $link = str_replace("{tid}", $tid, $link);	{ $link = THREAD_URL; } $link = str_replace("{tid}", $tid, $link);
return htmlspecialchars_uni($link); } }	return htmlspecialchars_uni($link); } }
/** * Build the post link.	/** * Build the post link.
Zeile 4203	Zeile 4374
if($day > 0) { $link = str_replace("{month}", $month, CALENDAR_URL_DAY);	if($day > 0) { $link = str_replace("{month}", $month, CALENDAR_URL_DAY);
$link = str_replace("{year}", $year, $link);	$link = str_replace("{year}", $year, $link);
$link = str_replace("{day}", $day, $link);	$link = str_replace("{day}", $day, $link);
$link = str_replace("{calendar}", $calendar, $link); return htmlspecialchars_uni($link); }	$link = str_replace("{calendar}", $calendar, $link); return htmlspecialchars_uni($link); }
else if($month > 0) { $link = str_replace("{month}", $month, CALENDAR_URL_MONTH); $link = str_replace("{year}", $year, $link);	else if($month > 0) { $link = str_replace("{month}", $month, CALENDAR_URL_MONTH); $link = str_replace("{year}", $year, $link);
$link = str_replace("{calendar}", $calendar, $link); return htmlspecialchars_uni($link); }	$link = str_replace("{calendar}", $calendar, $link); return htmlspecialchars_uni($link); }
else if($year > 0) { $link = str_replace("{year}", $year, CALENDAR_URL_YEAR);	else if($year > 0) { $link = str_replace("{year}", $year, CALENDAR_URL_YEAR);
Zeile 4238	Zeile 4409
*/ function get_calendar_week_link($calendar, $week) {	*/ function get_calendar_week_link($calendar, $week) {
	if($week < 0) { $week = str_replace('-', "n", $week); }
$link = str_replace("{week}", $week, CALENDAR_URL_WEEK); $link = str_replace("{calendar}", $calendar, $link); return htmlspecialchars_uni($link);	$link = str_replace("{week}", $week, CALENDAR_URL_WEEK); $link = str_replace("{calendar}", $calendar, $link); return htmlspecialchars_uni($link);
Zeile 4342	Zeile 4517
else { $thread_cache[$tid] = false;	else { $thread_cache[$tid] = false;
return false; } } }	return false; } } }
/** * Get the post of a post id.	/** * Get the post of a post id.
Zeile 4491	Zeile 4666
} // Work out if the user has waited long enough before letting them login again	} // Work out if the user has waited long enough before letting them login again
if($mybb->cookies['failedlogin'] < $now - $mybb->settings['failedlogintime'] * 60)	if($mybb->cookies['failedlogin'] < ($now - $mybb->settings['failedlogintime'] * 60) && $mybb->user['uid'] != 0)
{ my_setcookie('loginattempts', 1); my_unsetcookie('failedlogin'); $update_array = array( 'loginattempts' => 1 );	{ my_setcookie('loginattempts', 1); my_unsetcookie('failedlogin'); $update_array = array( 'loginattempts' => 1 );
$db->update_query("sessions", $update_array, "sid = '{$session->sid}'");	$db->update_query("users", $update_array, "uid = '{$mybb->user['uid']}'");
return 1; } // Not waited long enough	return 1; } // Not waited long enough
else	else if($mybb->cookies['failedlogin'] > ($now - $mybb->settings['failedlogintime'] * 60))
{ if($fatal) {	{ if($fatal) {
Zeile 4530	Zeile 4705
return false; } // Valid local characters for email addresses: http://www.remote.org/jochen/mail/info/chars.html	return false; } // Valid local characters for email addresses: http://www.remote.org/jochen/mail/info/chars.html
return preg_match("/^[a-zA-Z0-9&*+\-_.{}~^\?=\/]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9.-]+$/si", $email);	return preg_match("/^[a-zA-Z0-9&+\-_.{}~^\?=\/]+@[a-zA-Z0-9-]+\.([a-zA-Z0-9-]+\.)[a-zA-Z0-9-]{2,}$/si", $email);
} /**	} /**
Zeile 4613	Zeile 4788
*/ function build_highlight_array($terms) {	*/ function build_highlight_array($terms) {
$terms = htmlspecialchars_uni($terms);	global $mybb; if($mybb->settings['minsearchword'] < 1) { $mybb->settings['minsearchword'] = 3; }
// Strip out any characters that shouldn't be included $bad_characters = array(	// Strip out any characters that shouldn't be included $bad_characters = array(
Zeile 4632	Zeile 4812
$terms = explode("\"", $terms); foreach($terms as $phrase) {	$terms = explode("\"", $terms); foreach($terms as $phrase) {
	$phrase = htmlspecialchars_uni($phrase);
if($phrase != "") { if($inquote) {	if($phrase != "") { if($inquote) {
$words[] = "\"".trim($phrase)."\"";	$words[] = trim($phrase);
} else {	} else {
Zeile 4647	Zeile 4828
} foreach($split_words as $word) {	} foreach($split_words as $word) {
if(!$word)	if(!$word \|\| strlen($word) < $mybb->settings['minsearchword'])
{ continue; }	{ continue; }
Zeile 4661	Zeile 4842
// Otherwise just a simple search query with no phrases else {	// Otherwise just a simple search query with no phrases else {
	$terms = htmlspecialchars_uni($terms);
$split_words = preg_split("#\s{1,}#", $terms, -1); if(!is_array($split_words)) {	$split_words = preg_split("#\s{1,}#", $terms, -1); if(!is_array($split_words)) {
Zeile 4668	Zeile 4850
} foreach($split_words as $word) {	} foreach($split_words as $word) {
if(!$word)	if(!$word \|\| strlen($word) < $mybb->settings['minsearchword'])
{ continue; }	{ continue; }
Zeile 4681	Zeile 4863
{ return false; }	{ return false; }
	// Sort the word array by length. Largest terms go first and work their way down to the smallest term. // This resolves problems like "test tes" where "tes" will be highlighted first, then "test" can't be highlighted because of the changed html usort($words, create_function('$a,$b','return strlen($b) - strlen($a);'));
// Loop through our words to build the PREG compatible strings foreach($words as $word)	// Loop through our words to build the PREG compatible strings foreach($words as $word)
Zeile 4696	Zeile 4882
} // Now make PREG compatible	} // Now make PREG compatible
$find = "#(^\|>)([^<]*)(".preg_quote($word, "#").")#i"; $replacement = "$1$2<span class=\"highlight\">$3</span>";	$find = "#(?!<.?)(".preg_quote($word, "#").")(?![^<>]?>)#i"; $replacement = "<span class=\"highlight\" style=\"padding-left: 0px; padding-right: 0px;\">$1</span>";
$highlight_cache[$find] = $replacement; }	$highlight_cache[$find] = $replacement; }
Zeile 4739	Zeile 4925
$dest .= chr(0x80 \| (($src >> 12) & 0x3f)); $dest .= chr(0x80 \| (($src >> 6) & 0x3f)); $dest .= chr(0x80 \| ($src & 0x3f));	$dest .= chr(0x80 \| (($src >> 12) & 0x3f)); $dest .= chr(0x80 \| (($src >> 6) & 0x3f)); $dest .= chr(0x80 \| ($src & 0x3f));
}	}
else { // Out of range	else { // Out of range
Zeile 4757	Zeile 4943
* @return boolean True if banned, false if not banned */ function is_banned_username($username, $update_lastuse=false)	* @return boolean True if banned, false if not banned */ function is_banned_username($username, $update_lastuse=false)
{	{
global $db; $query = $db->simple_select('banfilters', 'filter, fid', "type='2'"); while($banned_username = $db->fetch_array($query))	global $db; $query = $db->simple_select('banfilters', 'filter, fid', "type='2'"); while($banned_username = $db->fetch_array($query))
Zeile 4936	Zeile 5122
* @param string The URL of the remote file * @return string The remote file contents. */	* @param string The URL of the remote file * @return string The remote file contents. */
function fetch_remote_file($url)	function fetch_remote_file($url, $post_data=array())
{	{
	$post_body = ''; if(!empty($post_data)) { foreach($post_data as $key => $val) { $post_body .= '&'.urlencode($key).'='.urlencode($val); } $post_body = ltrim($post_body, '&'); }
if(function_exists("curl_init")) { $ch = curl_init();	if(function_exists("curl_init")) { $ch = curl_init();
Zeile 4945	Zeile 5141
curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);	curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	if(!empty($post_body)) { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_body); }
$data = curl_exec($ch); curl_close($ch); return $data; }	$data = curl_exec($ch); curl_close($ch); return $data; }
else if(function_exists("fsockopen"))	else if(function_exists("fsockopen"))
{ $url = @parse_url($url); if(!$url['host'])	{ $url = @parse_url($url); if(!$url['host'])
Zeile 4965	Zeile 5166
$url['path'] = "/"; } if($url['query'])	$url['path'] = "/"; } if($url['query'])
{	{
$url['path'] .= "?{$url['query']}"; } $fp = @fsockopen($url['host'], $url['port'], $error_no, $error, 10);	$url['path'] .= "?{$url['query']}"; } $fp = @fsockopen($url['host'], $url['port'], $error_no, $error, 10);
Zeile 4974	Zeile 5175
{ return false; }	{ return false; }
$headers = "GET {$url['path']} HTTP/1.1\r\n"; $headers .= "Host: {$url['host']}\r\n"; $headers .= "Connection: Close\r\n\r\n";	$headers = array(); if(!empty($post_body)) { $headers[] = "POST {$url['path']} HTTP/1.0"; $headers[] = "Content-Length: ".strlen($post_body); $headers[] = "Content-Type: application/x-www-form-urlencoded"; } else { $headers[] = "GET {$url['path']} HTTP/1.0"; } $headers[] = "Host: {$url['host']}"; $headers[] = "Connection: Close"; $headers[] = "\r\n"; if(!empty($post_body)) { $headers[] = $post_body; } $headers = implode("\r\n", $headers);
if(!@fwrite($fp, $headers)) { return false;	if(!@fwrite($fp, $headers)) { return false;
Zeile 4988	Zeile 5208
fclose($fp); $data = explode("\r\n\r\n", $data, 2); return $data[1];	fclose($fp); $data = explode("\r\n\r\n", $data, 2); return $data[1];
	} else if(empty($post_data)) { return @implode("", @file($url));
} else {	} else {
return @implode("", @file($url));	return false;
} }	} }
Zeile 5086	Zeile 5310
function fetch_longipv4_range($ip) { $ip_bits = explode(".", $ip);	function fetch_longipv4_range($ip) { $ip_bits = explode(".", $ip);
	$ip_string1 = $ip_string2 = "";

if($ip == "*") return array(ip2long(0), ip2long(255));	if($ip == "*") { return array(ip2long('0.0.0.0'), ip2long('255.255.255.255')); }
if(strpos($ip, ".*") === false) {	if(strpos($ip, ".*") === false) {
Zeile 5104	Zeile 5332
// Wildcard based IP provided else {	// Wildcard based IP provided else {
	$sep = "";
foreach($ip_bits as $piece) { if($piece == "*") {	foreach($ip_bits as $piece) { if($piece == "*") {
return array(ip2long($ip_string."0"), ip2long($ip_string."255"));	$ip_string1 .= $sep."0"; $ip_string2 .= $sep."255";
} else {	} else {
$ip_string .= $piece.".";	$ip_string1 .= $sep.$piece; $ip_string2 .= $sep.$piece;
}	}
	$sep = ".";
}	}
	return array(ip2long($ip_string1), ip2long($ip_string2));
} }	} }
Zeile 5183	Zeile 5416
function expire_warnings() { global $db;	function expire_warnings() { global $db;
	$users = array();
$query = $db->query(" SELECT w.wid, w.uid, w.points, u.warningpoints FROM ".TABLE_PREFIX."warnings w	$query = $db->query(" SELECT w.wid, w.uid, w.points, u.warningpoints FROM ".TABLE_PREFIX."warnings w
Zeile 5195	Zeile 5431
"expired" => 1 ); $db->update_query("warnings", $updated_warning, "wid='{$warning['wid']}'");	"expired" => 1 ); $db->update_query("warnings", $updated_warning, "wid='{$warning['wid']}'");
$warning['warningpoints'] -= $warning['points']; if($warning['warningpoints'] < 0)	if(array_key_exists($warning['uid'], $users)) { $users[$warning['uid']] -= $warning['points']; } else { $users[$warning['uid']] = $warning['warningpoints']-$warning['points']; } } foreach($users as $uid => $warningpoints) { if($warningpoints < 0)
{	{
$warning['warningpoints'] = 0;	$warningpoints = 0;
}	}

$updated_user = array(	$updated_user = array(
"warningpoints" => intval($warning['warningpoints'])	"warningpoints" => intval($warningpoints)
);	);
$db->update_query("users", $updated_user, "uid='{$warning['uid']}'");	$db->update_query("users", $updated_user, "uid='".intval($uid)."'");
} }	} }
Zeile 5220	Zeile 5469
return chr($c); } elseif($c <= 0x7FF)	return chr($c); } elseif($c <= 0x7FF)
{	{
return chr(0xC0 \| $c >> 6) . chr(0x80 \| $c & 0x3F); } elseif($c <= 0xFFFF)	return chr(0xC0 \| $c >> 6) . chr(0x80 \| $c & 0x3F); } elseif($c <= 0xFFFF)
Zeile 5237	Zeile 5486
else { return false;	else { return false;
} }	} }
/** * Custom chmod function to fix problems with hosts who's server configurations screw up umasks * * @param string The file to chmod	/** * Custom chmod function to fix problems with hosts who's server configurations screw up umasks * * @param string The file to chmod
* @param octal The mode to chmod(i.e. 0666)	* @param string The mode to chmod(i.e. 0666)
*/ function my_chmod($file, $mode) {	*/ function my_chmod($file, $mode) {
	// Passing $mode as an octal number causes strlen and substr to return incorrect values. Instead pass as a string
if(substr($mode, 0, 1) != '0' \|\| strlen($mode) !== 4)	if(substr($mode, 0, 1) != '0' \|\| strlen($mode) !== 4)
{	{
return false; } $old_umask = umask(0);	return false; } $old_umask = umask(0);
$result = chmod($file, $mode);	// We convert the octal string to a decimal number because passing a octal string doesn't work with chmod // and type casting subsequently removes the prepended 0 which is needed for octal numbers $result = chmod($file, octdec($mode));
umask($old_umask); return $result; }	umask($old_umask); return $result; }
Zeile 5269	Zeile 5522
global $orig_dir; if(!isset($orig_dir))	global $orig_dir; if(!isset($orig_dir))
{	{
$orig_dir = $path; }	$orig_dir = $path; }
Zeile 5297	Zeile 5550
} return @unlink($path);	} return @unlink($path);
	} /** * Counts the number of subforums in a array([pid][disporder][fid]) starting from the pid * * @param array The array of forums * @return integer The number of sub forums / function subforums_count($array) { $count = 0; foreach($array as $array2) { $count += count($array2); } return $count; } /* * Returns a securely generated seed for PHP's RNG (Random Number Generator) * * @param int Length of the seed bytes (8 is default. Provides good cryptographic variance) * @return int An integer equivilent of a secure hexadecimal seed / function secure_seed_rng($count=8) { $output = ''; // Try the unix/linux method if(@is_readable('/dev/urandom') && ($handle = @fopen('/dev/urandom', 'rb'))) { $output = @fread($handle, $count); @fclose($handle); } // Didn't work? Do we still not have enough bytes? Use our own (less secure) rng generator if(strlen($output) < $count) { $output = ''; // Close to what PHP basically uses internally to seed, but not quite. $unique_state = microtime().@getmypid(); for($i = 0; $i < $count; $i += 16) { $unique_state = md5(microtime().$unique_state); $output .= pack('H', md5($unique_state)); } } // /dev/urandom and openssl will always be twice as long as $count. base64_encode will roughly take up 33% more space but crc32 will put it to 32 characters $output = hexdec(substr(dechex(crc32(base64_encode($output))), 0, $count)); return $output; } /** * Wrapper function for mt_rand. Automatically seeds using a secure seed once. * * @param int Optional lowest value to be returned (default: 0) * @param int Optional highest value to be returned (default: mt_getrandmax()) * @param boolean True forces it to reseed the RNG first * @return int An integer equivilent of a secure hexadecimal seed / function my_rand($min=null, $max=null, $force_seed=false) { static $seeded = false; static $obfuscator = 0; if($seeded == false \|\| $force_seed == true) { mt_srand(secure_seed_rng()); $seeded = true; $obfuscator = abs((int) secure_seed_rng()); // Ensure that $obfuscator is <= mt_getrandmax() for 64 bit systems. if($obfuscator > mt_getrandmax()) { $obfuscator -= mt_getrandmax(); } } if($min !== null && $max !== null) { $distance = $max - $min; if ($distance > 0) { return $min + (int)((float)($distance + 1) (float)(mt_rand() ^ $obfuscator) / (mt_getrandmax() + 1)); } else { return mt_rand($min, $max); } } else { $val = mt_rand() ^ $obfuscator; return $val; }
} ?>	} ?>