Vergleich portal.php - 1.4.2 - 1.4.14

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 1Zeile 1
<?php
/**
* MyBB 1.4

<?php
/**
* MyBB 1.4

 * Copyright � 2008 MyBB Group, All Rights Reserved

 * Copyright © 2008 MyBB Group, All Rights Reserved

 *
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 *
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * $Id: portal.php 4081 2008-08-08 01:47:02Z Tikitiki $

 * $Id: portal.php 4814 2010-03-17 10:36:31Z Huji $

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

Zeile 32Zeile 32
	}
}


	}
}


$templatelist = "portal_welcome,portal_welcome_membertext,portal_stats,portal_search,portal_whosonline_memberbit,portal_whosonline,portal_latestthreads_thread_lastpost,portal_latestthreads_thread,portal_latestthreads,portal_announcement_numcomments_no,portal_announcement,portal_announcement_numcomments,portal";

$templatelist = "portal_welcome,portal_welcome_membertext,portal_stats,portal_search,portal_whosonline_memberbit,portal_whosonline,portal_latestthreads_thread_lastpost,portal_latestthreads_thread,portal_latestthreads,portal_announcement_numcomments_no,portal_announcement,portal_announcement_numcomments,portal_pms,portal";


require_once $change_dir."/global.php";
require_once MYBB_ROOT."inc/functions_post.php";


require_once $change_dir."/global.php";
require_once MYBB_ROOT."inc/functions_post.php";

Zeile 60Zeile 60

if(!username_exists($mybb->input['username']))
{


if(!username_exists($mybb->input['username']))
{

		my_setcookie('loginattempts', $logins + 1);
$db->write_query("UPDATE ".TABLE_PREFIX."sessions SET loginattempts=loginattempts+1 WHERE sid = '{$session->sid}'");
if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}

 
		error($lang->error_invalidpworusername.$login_text);
}
$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if(!$user['uid'])
{
my_setcookie('loginattempts', $logins + 1);

		error($lang->error_invalidpworusername.$login_text);
}
$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if(!$user['uid'])
{
my_setcookie('loginattempts', $logins + 1);

		$db->write_query("UPDATE ".TABLE_PREFIX."sessions SET loginattempts=loginattempts+1 WHERE sid = '{$session->sid}'");

		$db->write_query("UPDATE ".TABLE_PREFIX."users SET loginattempts=loginattempts+1 WHERE username = '".$db->escape_string($mybb->input['username'])."'");

		if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);

		if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);

Zeile 84Zeile 78
	$db->delete_query("sessions", "ip='".$db->escape_string($session->ipaddress)."' AND sid != '".$session->sid."'");
$newsession = array(
"uid" => $user['uid'],

	$db->delete_query("sessions", "ip='".$db->escape_string($session->ipaddress)."' AND sid != '".$session->sid."'");
$newsession = array(
"uid" => $user['uid'],

		"loginattempts" => 1,

 
	);
$db->update_query("sessions", $newsession, "sid='".$session->sid."'");

	);
$db->update_query("sessions", $newsession, "sid='".$session->sid."'");

 
	
$db->update_query("users", array("loginattempts" => 1), "uid='{$mybb->user['uid']}'");


// Temporarily set the cookie remember option for the login cookies
$mybb->user['remember'] = $user['remember'];


// Temporarily set the cookie remember option for the login cookies
$mybb->user['remember'] = $user['remember'];

Zeile 108Zeile 103


// get forums user cannot view



// get forums user cannot view

$unviewable = get_unviewable_forums();

$unviewable = get_unviewable_forums(true);

if($unviewable)
{
$unviewwhere = " AND fid NOT IN ($unviewable)";

if($unviewable)
{
$unviewwhere = " AND fid NOT IN ($unviewable)";

Zeile 119Zeile 114
	if($mybb->user['uid'] != 0)
{
// Get number of new posts, threads, announcements

	if($mybb->user['uid'] != 0)
{
// Get number of new posts, threads, announcements

		$query = $db->simple_select("posts", "COUNT(pid) AS newposts", "dateline>'".$mybb->user['lastvisit']."' $unviewwhere");

		$query = $db->simple_select("posts", "COUNT(pid) AS newposts", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' $unviewwhere");

		$newposts = $db->fetch_field($query, "newposts");
if($newposts)
{ // if there aren't any new posts, there is no point in wasting two more queries

		$newposts = $db->fetch_field($query, "newposts");
if($newposts)
{ // if there aren't any new posts, there is no point in wasting two more queries

			$query = $db->simple_select("threads", "COUNT(tid) AS newthreads", "dateline>'".$mybb->user['lastvisit']."' $unviewwhere");

			$query = $db->simple_select("threads", "COUNT(tid) AS newthreads", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' $unviewwhere");

			$newthreads = $db->fetch_field($query, "newthreads");

			$newthreads = $db->fetch_field($query, "newthreads");

			$query = $db->simple_select("threads", "COUNT(tid) AS newann", "dateline>'".$mybb->user['lastvisit']."' AND fid IN (".$mybb->settings['portal_announcementsfid'].") $unviewwhere");

			$query = $db->simple_select("threads", "COUNT(tid) AS newann", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' AND fid IN (".$mybb->settings['portal_announcementsfid'].") $unviewwhere");

			$newann = $db->fetch_field($query, "newann");
if(!$newthreads)
{

			$newann = $db->fetch_field($query, "newann");
if(!$newthreads)
{

Zeile 197Zeile 192
				$query = $db->simple_select("privatemessages", "COUNT(*) AS pms_total", "uid='".$mybb->user['uid']."'");
$messages['pms_total'] = $db->fetch_field($query, "pms_total");


				$query = $db->simple_select("privatemessages", "COUNT(*) AS pms_total", "uid='".$mybb->user['uid']."'");
$messages['pms_total'] = $db->fetch_field($query, "pms_total");


				$query = $db->simple_select("privatemessages", "SUM(*) AS pms_unread", "uid='".$mybb->user['uid']."' AND IF(status='0' AND folder='1','1','0')");

				$query = $db->simple_select("privatemessages", "COUNT(*) AS pms_unread", "uid='".$mybb->user['uid']."' AND CASE WHEN status = '0' AND folder = '0' THEN TRUE ELSE FALSE END");

				$messages['pms_unread'] = $db->fetch_field($query, "pms_unread");
break;
default:

				$messages['pms_unread'] = $db->fetch_field($query, "pms_unread");
break;
default:

Zeile 373Zeile 368
		{
$thread['subject'] = my_substr($thread['subject'], 0, 25) . "...";
}

		{
$thread['subject'] = my_substr($thread['subject'], 0, 25) . "...";
}

		$thread['subject'] = htmlspecialchars_uni($thread['subject']);

		$thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));

		$thread['threadlink'] = get_thread_link($thread['tid']);
eval("\$threadlist .= \"".$templates->get("portal_latestthreads_thread")."\";");
$altbg = alt_trow();

		$thread['threadlink'] = get_thread_link($thread['tid']);
eval("\$threadlist .= \"".$templates->get("portal_latestthreads_thread")."\";");
$altbg = alt_trow();

Zeile 401Zeile 396
while($forumrow = $db->fetch_array($query))
{
$forum[$forumrow['fid']] = $forumrow;

while($forumrow = $db->fetch_array($query))
{
$forum[$forumrow['fid']] = $forumrow;

}


}


$pids = '';
$tids = '';
$comma = '';
$query = $db->query("

$pids = '';
$tids = '';
$comma = '';
$query = $db->query("

	SELECT p.pid, p.message, p.tid

	SELECT p.pid, p.message, p.tid, p.smilieoff

	FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE t.fid IN (".$announcementsfids.") AND t.visible='1' AND t.closed NOT LIKE 'moved|%' AND t.firstpost=p.pid

	FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE t.fid IN (".$announcementsfids.") AND t.visible='1' AND t.closed NOT LIKE 'moved|%' AND t.firstpost=p.pid

Zeile 415Zeile 410
	LIMIT 0, ".$mybb->settings['portal_numannouncements']
);
while($getid = $db->fetch_array($query))

	LIMIT 0, ".$mybb->settings['portal_numannouncements']
);
while($getid = $db->fetch_array($query))

{

{

	$pids .= ",'{$getid['pid']}'";
$tids .= ",'{$getid['tid']}'";
$posts[$getid['tid']] = $getid;

	$pids .= ",'{$getid['pid']}'";
$tids .= ",'{$getid['tid']}'";
$posts[$getid['tid']] = $getid;

Zeile 426Zeile 421
while($attachment = $db->fetch_array($query))
{
$attachcache[$attachment['pid']][$attachment['aid']] = $attachment;

while($attachment = $db->fetch_array($query))
{
$attachcache[$attachment['pid']][$attachment['aid']] = $attachment;

}


}


if(is_array($forum))
{
foreach($forum as $fid => $forumrow)
{
$forumpermissions[$fid] = forum_permissions($fid);

if(is_array($forum))
{
foreach($forum as $fid => $forumrow)
{
$forumpermissions[$fid] = forum_permissions($fid);

	}

	}

}

$icon_cache = $cache->read("posticons");

$announcements = '';
$query = $db->query("

}

$icon_cache = $cache->read("posticons");

$announcements = '';
$query = $db->query("

	SELECT t.*, t.username AS threadusername, u.username, u.avatar

	SELECT t.*, t.username AS threadusername, u.username, u.avatar, u.avatardimensions

	FROM ".TABLE_PREFIX."threads t
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE t.fid IN (".$announcementsfids.") AND t.tid IN (0{$tids}) AND t.visible='1' AND t.closed NOT LIKE 'moved|%'

	FROM ".TABLE_PREFIX."threads t
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE t.fid IN (".$announcementsfids.") AND t.tid IN (0{$tids}) AND t.visible='1' AND t.closed NOT LIKE 'moved|%'

Zeile 451Zeile 446
{
$announcement['message'] = $posts[$announcement['tid']]['message'];
$announcement['pid'] = $posts[$announcement['tid']]['pid'];

{
$announcement['message'] = $posts[$announcement['tid']]['message'];
$announcement['pid'] = $posts[$announcement['tid']]['pid'];

 
	$announcement['smilieoff'] = $posts[$announcement['tid']]['smilieoff'];

	$announcement['threadlink'] = get_thread_link($announcement['tid']);

	$announcement['threadlink'] = get_thread_link($announcement['tid']);

	$announcement['profilelink'] = get_profile_link($announcement['uid']);










	
if($announcement['uid'] == 0)
{
$profilelink = htmlspecialchars_uni($announcement['threadusername']);
}
else
{
$profilelink = build_profile_link($announcement['username'], $announcement['uid']);
}


	if(!$announcement['username'])
{
$announcement['username'] = $announcement['threadusername'];
}

	if(!$announcement['username'])
{
$announcement['username'] = $announcement['threadusername'];
}

	$announcement['subject'] = htmlspecialchars_uni($announcement['subject']);

	$announcement['subject'] = htmlspecialchars_uni($parser->parse_badwords($announcement['subject']));

	if($announcement['icon'] > 0 && $icon_cache[$announcement['icon']])
{
$icon = $icon_cache[$announcement['icon']];

	if($announcement['icon'] > 0 && $icon_cache[$announcement['icon']])
{
$icon = $icon_cache[$announcement['icon']];