| Zeile 6 | Zeile 6 |
|---|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* $Id: user.php 5380 2011-02-21 12:04:43Z Tomm $
| * $Id: user.php 5625 2011-10-02 19:16:35Z ralgith $
|
*/
// Disallow direct access to this file for security reasons
| */
// Disallow direct access to this file for security reasons
|
| Zeile 70 | Zeile 70 |
|---|
// Fix bad characters
$username = trim_blank_chrs($username);
|
// Fix bad characters
$username = trim_blank_chrs($username);
|
$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);
| $username = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);
|
// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);
|
// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);
|
| Zeile 395 | Zeile 395 |
|---|
$this->set_error("invalid_birthday_coppa");
return false;
}
|
$this->set_error("invalid_birthday_coppa");
return false;
}
|
elseif(($mybb->settings['coppa'] == "deny" || $mybb->settings['coppa'] == "enabled") && $birthday['year'] > (date("Y")-13))
| elseif($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13))
|
{
$this->set_error("invalid_birthday_coppa2");
return false;
| {
$this->set_error("invalid_birthday_coppa2");
return false;
|
| Zeile 446 | Zeile 446 |
|---|
function verify_profile_fields()
{
global $db;
|
function verify_profile_fields()
{
global $db;
|
if($this->admin_override == true)
{
return true;
}
| |
$user = &$this->data;
$profile_fields = &$this->data['profile_fields'];
|
$user = &$this->data;
$profile_fields = &$this->data['profile_fields'];
|
| Zeile 463 | Zeile 458 |
|---|
if(!$this->data['profile_fields_editable'])
{
$editable = "editable=1";
|
if(!$this->data['profile_fields_editable'])
{
$editable = "editable=1";
|
}
| }
|
// Fetch all profile fields first.
$options = array(
'order_by' => 'disporder'
);
|
// Fetch all profile fields first.
$options = array(
'order_by' => 'disporder'
);
|
$query = $db->simple_select('profilefields', 'name, type, fid, required', $editable, $options);
| $query = $db->simple_select('profilefields', 'name, type, fid, required, maxlength', $editable, $options);
|
// Then loop through the profile fields.
while($profilefield = $db->fetch_array($query))
|
// Then loop through the profile fields.
while($profilefield = $db->fetch_array($query))
|
| Zeile 482 | Zeile 477 |
|---|
// If the profile field is required, but not filled in, present error.
if($type != "multiselect" && $type != "checkbox")
{
|
// If the profile field is required, but not filled in, present error.
if($type != "multiselect" && $type != "checkbox")
{
|
if(trim($profile_fields[$field]) == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP'))
| if(trim($profile_fields[$field]) == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP') && THIS_SCRIPT != "modcp.php")
|
{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}
}
|
{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}
}
|
elseif(($type == "multiselect" || $type == "checkbox") && $profile_fields[$field] == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP'))
| elseif(($type == "multiselect" || $type == "checkbox") && $profile_fields[$field] == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP') && THIS_SCRIPT != "modcp.php")
|
{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}
| {
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}
|
| Zeile 516 | Zeile 511 |
|---|
$expoptions = explode("\n", $thing[1]);
$expoptions = array_map('trim', $expoptions);
if(!in_array(htmlspecialchars_uni($profile_fields[$field]), $expoptions) && trim($profile_fields[$field]) != "")
|
$expoptions = explode("\n", $thing[1]);
$expoptions = array_map('trim', $expoptions);
if(!in_array(htmlspecialchars_uni($profile_fields[$field]), $expoptions) && trim($profile_fields[$field]) != "")
|
{
| {
|
$this->set_error('bad_profile_field_values', array($profilefield['name']));
|
$this->set_error('bad_profile_field_values', array($profilefield['name']));
|
}
$options = $db->escape_string($profile_fields[$field]);
}
| }
$options = $db->escape_string($profile_fields[$field]);
}
|
elseif($type == "textarea")
{
if($profilefield['maxlength'] > 0 && my_strlen($profile_fields[$field]) > $profilefield['maxlength'])
{
$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
}
|
elseif($type == "textarea")
{
if($profilefield['maxlength'] > 0 && my_strlen($profile_fields[$field]) > $profilefield['maxlength'])
{
$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
}
|
$options = $db->escape_string($profile_fields[$field]);
}
|
$options = $db->escape_string($profile_fields[$field]);
}
|
else
{
$options = $db->escape_string($profile_fields[$field]);
| else
{
$options = $db->escape_string($profile_fields[$field]);
|
| Zeile 553 | Zeile 548 |
|---|
// Does the referrer exist or not?
if($mybb->settings['usereferrals'] == 1 && $user['referrer'] != '')
|
// Does the referrer exist or not?
if($mybb->settings['usereferrals'] == 1 && $user['referrer'] != '')
|
{
| {
|
$query = $db->simple_select('users', 'uid', "username='".$db->escape_string($user['referrer'])."'", array('limit' => 1));
$referrer = $db->fetch_array($query);
if(!$referrer['uid'])
| $query = $db->simple_select('users', 'uid', "username='".$db->escape_string($user['referrer'])."'", array('limit' => 1));
$referrer = $db->fetch_array($query);
if(!$referrer['uid'])
|
| Zeile 750 | Zeile 745 |
|---|
if($lastactive <= 0)
{
$lastactive = TIME_NOW;
|
if($lastactive <= 0)
{
$lastactive = TIME_NOW;
|
}
| }
|
return true;
}
| return true;
}
|
| Zeile 785 | Zeile 780 |
|---|
// Validate the return date lengths
$user['away']['returndate'] = substr($returnday, 0, 2).'-'.substr($returnmonth, 0, 2).'-'.substr($returnyear, 0, 4);
|
// Validate the return date lengths
$user['away']['returndate'] = substr($returnday, 0, 2).'-'.substr($returnmonth, 0, 2).'-'.substr($returnyear, 0, 4);
|
}
return true;
| }
return true;
|
}
/**
| }
/**
|
| Zeile 798 | Zeile 793 |
|---|
{
global $lang;
|
{
global $lang;
|
$language = &$this->data['language'];
| $language = &$this->data['language'];
|
// An invalid language has been specified?
if($language != '' && !$lang->language_exists($language))
{
| // An invalid language has been specified?
if($language != '' && !$lang->language_exists($language))
{
|
| Zeile 823 | Zeile 818 |
|---|
{
$this->set_error("invalid_checkfield");
return false;
|
{
$this->set_error("invalid_checkfield");
return false;
|
}
| }
|
return true;
}
| return true;
}
|
| Zeile 836 | Zeile 831 |
|---|
{
global $mybb, $plugins;
|
{
global $mybb, $plugins;
|
$user = &$this->data;
| $user = &$this->data;
|
// First, grab the old user details if this user exists
if($user['uid'])
|
// First, grab the old user details if this user exists
if($user['uid'])
|
{
| {
|
$old_user = get_user($user['uid']);
}
| $old_user = get_user($user['uid']);
}
|
| Zeile 848 | Zeile 843 |
|---|
{
// If the username is the same - no need to verify
if(!$old_user['username'] || $user['username'] != $old_user['username'])
|
{
// If the username is the same - no need to verify
if(!$old_user['username'] || $user['username'] != $old_user['username'])
|
{
| {
|
$this->verify_username();
$this->verify_username_exists();
}
| $this->verify_username();
$this->verify_username_exists();
}
|
| Zeile 886 | Zeile 881 |
|---|
$this->verify_msn();
}
if($this->method == "insert" || is_array($user['birthday']))
|
$this->verify_msn();
}
if($this->method == "insert" || is_array($user['birthday']))
|
{
| {
|
$this->verify_birthday();
|
$this->verify_birthday();
|
}
| }
|
if($this->method == "insert" || array_key_exists('postnum', $user))
|
if($this->method == "insert" || array_key_exists('postnum', $user))
|
{
| {
|
$this->verify_postnum();
}
if($this->method == "insert" || array_key_exists('profile_fields', $user))
|
$this->verify_postnum();
}
if($this->method == "insert" || array_key_exists('profile_fields', $user))
|
{
| {
|
$this->verify_profile_fields();
}
if($this->method == "insert" || array_key_exists('referrer', $user))
|
$this->verify_profile_fields();
}
if($this->method == "insert" || array_key_exists('referrer', $user))
|
{
| {
|
$this->verify_referrer();
|
$this->verify_referrer();
|
}
| }
|
if($this->method == "insert" || array_key_exists('options', $user))
|
if($this->method == "insert" || array_key_exists('options', $user))
|
{
| {
|
$this->verify_options();
}
if($this->method == "insert" || array_key_exists('regdate', $user))
|
$this->verify_options();
}
if($this->method == "insert" || array_key_exists('regdate', $user))
|
{
| {
|
$this->verify_regdate();
}
if($this->method == "insert" || array_key_exists('lastvisit', $user))
|
$this->verify_regdate();
}
if($this->method == "insert" || array_key_exists('lastvisit', $user))
|
{
| {
|
$this->verify_lastvisit();
}
if($this->method == "insert" || array_key_exists('lastactive', $user))
| $this->verify_lastvisit();
}
if($this->method == "insert" || array_key_exists('lastactive', $user))
|
| Zeile 930 | Zeile 925 |
|---|
$this->verify_checkfields();
}
|
$this->verify_checkfields();
}
|
if(method_exists($plugins, "run_hooks_by_ref"))
{
$plugins->run_hooks_by_ref("datahandler_user_validate", $this);
}
| $plugins->run_hooks_by_ref("datahandler_user_validate", $this);
|
// We are done validating, return.
$this->set_validated(true);
|
// We are done validating, return.
$this->set_validated(true);
|
| Zeile 951 | Zeile 943 |
|---|
* Inserts a user into the database.
*/
function insert_user()
|
* Inserts a user into the database.
*/
function insert_user()
|
{
| {
|
global $db, $cache, $plugins;
|
global $db, $cache, $plugins;
|
|
|
// Yes, validating is required.
if(!$this->get_validated())
|
// Yes, validating is required.
if(!$this->get_validated())
|
{
| {
|
die("The user needs to be validated before inserting it into the DB.");
}
if(count($this->get_errors()) > 0)
{
die("The user is not valid.");
|
die("The user needs to be validated before inserting it into the DB.");
}
if(count($this->get_errors()) > 0)
{
die("The user is not valid.");
|
}
| }
|
$user = &$this->data;
$this->user_insert_data = array(
| $user = &$this->data;
$this->user_insert_data = array(
|
| Zeile 1044 | Zeile 1036 |
|---|
$this->user_insert_data['dst'] = 0;
}
|
$this->user_insert_data['dst'] = 0;
}
|
if(method_exists($plugins, "run_hooks_by_ref"))
{
$plugins->run_hooks_by_ref("datahandler_user_insert", $this);
}
| $plugins->run_hooks_by_ref("datahandler_user_insert", $this);
|
$this->uid = $db->insert_query("users", $this->user_insert_data);
|
$this->uid = $db->insert_query("users", $this->user_insert_data);
|
| Zeile 1251 | Zeile 1240 |
|---|
unset($this->user_update_data['pmnotice']);
}
|
unset($this->user_update_data['pmnotice']);
}
|
if(method_exists($plugins, "run_hooks_by_ref"))
{
$plugins->run_hooks_by_ref("datahandler_user_update", $this);
}
| $plugins->run_hooks_by_ref("datahandler_user_update", $this);
|
if(count($this->user_update_data) < 1 && empty($user['user_fields']))
{
|
if(count($this->user_update_data) < 1 && empty($user['user_fields']))
{
|