Vergleich xmlhttp.php - 1.6.0 - 1.6.6

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 6	Zeile 6
* Website: http://mybb.com * License: http://mybb.com/about/license *	* Website: http://mybb.com * License: http://mybb.com/about/license *
* $Id: xmlhttp.php 5125 2010-07-27 07:28:03Z RyanGordon $	* $Id: xmlhttp.php 5641 2011-10-26 09:36:44Z Tomm $
/ /*	/ /*
Zeile 175	Zeile 175
$group['title'] = htmlspecialchars_uni($group['title']); // Send the result to the browser for this usergroup. echo "<div>\n";	$group['title'] = htmlspecialchars_uni($group['title']); // Send the result to the browser for this usergroup. echo "<div>\n";
echo "<span class=\"usergroup\">{$group['title']}</span>\n";	echo "<span class=\"usergroup\">{$group['title']} ({$lang->usergroup} {$group['gid']})</span>\n";
echo "</div>\n"; } }	echo "</div>\n"; } }
Zeile 622	Zeile 622
else if($mybb->input['action'] == "complex_password") { $password = trim($mybb->input['value']);	else if($mybb->input['action'] == "complex_password") { $password = trim($mybb->input['value']);
$password = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $password);	$password = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $password);
header("Content-type: text/xml; charset={$charset}"); if(!preg_match("/^.(?=.{".$mybb->settings['minpasswordlength'].",})(?=.\d)(?=.[a-z])(?=.[A-Z]).*$/", $password))	header("Content-type: text/xml; charset={$charset}"); if(!preg_match("/^.(?=.{".$mybb->settings['minpasswordlength'].",})(?=.\d)(?=.[a-z])(?=.[A-Z]).*$/", $password))
Zeile 639	Zeile 639
} else if($mybb->input['action'] == "username_availability") {	} else if($mybb->input['action'] == "username_availability") {
	if(!verify_post_check($mybb->input['my_post_key'], true)) { xmlhttp_error($lang->invalid_post_code); }
require_once MYBB_ROOT."inc/functions_user.php"; $username = $mybb->input['value']; // Fix bad characters $username = trim($username);	require_once MYBB_ROOT."inc/functions_user.php"; $username = $mybb->input['value']; // Fix bad characters $username = trim($username);
$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);	$username = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);
// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);	// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);
Zeile 652	Zeile 657
header("Content-type: text/xml; charset={$charset}"); if(empty($username))	header("Content-type: text/xml; charset={$charset}"); if(empty($username))
{	{
echo "<fail>{$lang->banned_characters_username}</fail>"; exit; }	echo "<fail>{$lang->banned_characters_username}</fail>"; exit; }
Zeile 662	Zeile 667
if($banned_username) { echo "<fail>{$lang->banned_username}</fail>";	if($banned_username) { echo "<fail>{$lang->banned_username}</fail>";
exit; }	exit; }
// Check for certain characters in username (<, >, &, and slashes) if(strpos($username, "<") !== false \|\| strpos($username, ">") !== false \|\| strpos($username, "&") !== false \|\| my_strpos($username, "\\") !== false \|\| strpos($username, ";") !== false) { echo "<fail>{$lang->banned_characters_username}</fail>";	// Check for certain characters in username (<, >, &, and slashes) if(strpos($username, "<") !== false \|\| strpos($username, ">") !== false \|\| strpos($username, "&") !== false \|\| my_strpos($username, "\\") !== false \|\| strpos($username, ";") !== false) { echo "<fail>{$lang->banned_characters_username}</fail>";
exit; }	exit; }
// Check if the username is actually already in use $query = $db->simple_select("users", "uid", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'");	// Check if the username is actually already in use $query = $db->simple_select("users", "uid", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'");
Zeile 678	Zeile 683
if($user['uid']) {	if($user['uid']) {
$lang->username_taken = $lang->sprintf($lang->username_taken, $username);	$lang->username_taken = $lang->sprintf($lang->username_taken, htmlspecialchars_uni($username));
echo "<fail>{$lang->username_taken}</fail>"; exit; } else	echo "<fail>{$lang->username_taken}</fail>"; exit; } else
{ $lang->username_available = $lang->sprintf($lang->username_available, $username);	{ $lang->username_available = $lang->sprintf($lang->username_available, htmlspecialchars_uni($username));
echo "<success>{$lang->username_available}</success>"; exit;	echo "<success>{$lang->username_available}</success>"; exit;
}	}
} else if($mybb->input['action'] == "username_exists") {	} else if($mybb->input['action'] == "username_exists") {
	if(!verify_post_check($mybb->input['my_post_key'], true)) { xmlhttp_error($lang->invalid_post_code); }
require_once MYBB_ROOT."inc/functions_user.php"; $username = $mybb->input['value'];	require_once MYBB_ROOT."inc/functions_user.php"; $username = $mybb->input['value'];
Zeile 708	Zeile 718
if($user['uid']) {	if($user['uid']) {
$lang->valid_username = $lang->sprintf($lang->valid_username, $username);	$lang->valid_username = $lang->sprintf($lang->valid_username, htmlspecialchars_uni($username));
echo "<success>{$lang->valid_username}</success>"; exit; } else {	echo "<success>{$lang->valid_username}</success>"; exit; } else {
$lang->invalid_username = $lang->sprintf($lang->invalid_username, $username);	$lang->invalid_username = htmlspecialchars_uni($lang->sprintf($lang->invalid_username, htmlspecialchars_uni($username)));
echo "<fail>{$lang->invalid_username}</fail>"; exit; }	echo "<fail>{$lang->invalid_username}</fail>"; exit; }