Vergleich xmlhttp.php - 1.6.1 - 1.6.10

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 6	Zeile 6
* Website: http://mybb.com * License: http://mybb.com/about/license *	* Website: http://mybb.com * License: http://mybb.com/about/license *
* $Id: xmlhttp.php 5125 2010-07-27 07:28:03Z RyanGordon $	* $Id$
/ /*	/ /*
Zeile 28	Zeile 28
// Load MyBB core files require_once dirname(__FILE__)."/inc/init.php";	// Load MyBB core files require_once dirname(__FILE__)."/inc/init.php";
	$templatelist = "postbit_editedby,xmlhttp_inline_post_editor,xmlhttp_buddyselect_online,xmlhttp_buddyselect_offline,xmlhttp_buddyselect"; $templates->cache($db->escape_string($templatelist));
$shutdown_queries = array();	$shutdown_queries = array();
Zeile 355	Zeile 358
if($thread['closed'] == 1) { xmlhttp_error($lang->thread_closed_edit_message);	if($thread['closed'] == 1) { xmlhttp_error($lang->thread_closed_edit_message);
}	}
// Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing. else if($forum['open'] == 0 \|\| $forumpermissions['caneditposts'] == 0 \|\| $mybb->user['uid'] != $post['uid'] \|\| $mybb->user['uid'] == 0 \|\| $mybb->user['suspendposting'] == 1)	// Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing. else if($forum['open'] == 0 \|\| $forumpermissions['caneditposts'] == 0 \|\| $mybb->user['uid'] != $post['uid'] \|\| $mybb->user['uid'] == 0 \|\| $mybb->user['suspendposting'] == 1)
{	{
xmlhttp_error($lang->no_permission_edit_post);	xmlhttp_error($lang->no_permission_edit_post);
}	}
// If we're past the edit time limit - don't allow editing. else if($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < (TIME_NOW-($mybb->settings['edittimelimit']*60)))	// If we're past the edit time limit - don't allow editing. else if($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < (TIME_NOW-($mybb->settings['edittimelimit']*60)))
{	{
$lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); xmlhttp_error($lang->edit_time_limit);	$lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); xmlhttp_error($lang->edit_time_limit);
	} // User can't edit unapproved post if($post['visible'] == 0) { xmlhttp_error($lang->post_moderation);
} }	} }
Zeile 438	Zeile 446
{ $postinfo = $posthandler->update_post(); $visible = $postinfo['visible'];	{ $postinfo = $posthandler->update_post(); $visible = $postinfo['visible'];
if($visible == 0 && !is_moderator())	if($visible == 0 && !is_moderator($post['fid']))
{ echo "<p>\n"; echo $lang->post_moderation;	{ echo "<p>\n"; echo $lang->post_moderation;
Zeile 491	Zeile 499
// Send our headers. header("Content-type: text/plain; charset={$charset}");	// Send our headers. header("Content-type: text/plain; charset={$charset}");
echo "<p>\n"; echo $post['message']; echo "</p>\n";	echo $post['message']."\n";
if($editedmsg) { echo str_replace(array("\r", "\n"), "", "<editedmsg>{$editedmsg}</editedmsg>");	if($editedmsg) { echo str_replace(array("\r", "\n"), "", "<editedmsg>{$editedmsg}</editedmsg>");
Zeile 556	Zeile 562
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) WHERE {$from_tid}p.pid IN ($quoted_posts) {$unviewable_forums}	LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) WHERE {$from_tid}p.pid IN ($quoted_posts) {$unviewable_forums}
	ORDER BY p.dateline
"); while($quoted_post = $db->fetch_array($query)) {	"); while($quoted_post = $db->fetch_array($query)) {
Zeile 604	Zeile 611
if($db->num_rows($query) == 0) { echo "<fail>{$lang->captcha_valid_not_exists}</fail>";	if($db->num_rows($query) == 0) { echo "<fail>{$lang->captcha_valid_not_exists}</fail>";
exit; }	exit; }
$imagestring = $db->fetch_field($query, 'imagestring'); if(my_strtolower($imagestring) == my_strtolower($mybb->input['value']))	$imagestring = $db->fetch_field($query, 'imagestring'); if(my_strtolower($imagestring) == my_strtolower($mybb->input['value']))
Zeile 616	Zeile 623
else { echo "<fail>{$lang->captcha_does_not_match}</fail>";	else { echo "<fail>{$lang->captcha_does_not_match}</fail>";
exit;	exit;
} } else if($mybb->input['action'] == "complex_password") { $password = trim($mybb->input['value']);	} } else if($mybb->input['action'] == "complex_password") { $password = trim($mybb->input['value']);
$password = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $password);	$password = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $password);
header("Content-type: text/xml; charset={$charset}"); if(!preg_match("/^.(?=.{".$mybb->settings['minpasswordlength'].",})(?=.\d)(?=.[a-z])(?=.[A-Z]).*$/", $password))	header("Content-type: text/xml; charset={$charset}"); if(!preg_match("/^.(?=.{".$mybb->settings['minpasswordlength'].",})(?=.\d)(?=.[a-z])(?=.[A-Z]).*$/", $password))
Zeile 639	Zeile 646
} else if($mybb->input['action'] == "username_availability") {	} else if($mybb->input['action'] == "username_availability") {
	if(!verify_post_check($mybb->input['my_post_key'], true)) { xmlhttp_error($lang->invalid_post_code); }
require_once MYBB_ROOT."inc/functions_user.php"; $username = $mybb->input['value'];	require_once MYBB_ROOT."inc/functions_user.php"; $username = $mybb->input['value'];

// Fix bad characters $username = trim($username);	// Fix bad characters $username = trim($username);
$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);	$username = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);
// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);	// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);

header("Content-type: text/xml; charset={$charset}"); if(empty($username))	header("Content-type: text/xml; charset={$charset}"); if(empty($username))
Zeile 678	Zeile 690
if($user['uid']) {	if($user['uid']) {
$lang->username_taken = $lang->sprintf($lang->username_taken, $username);	$lang->username_taken = $lang->sprintf($lang->username_taken, htmlspecialchars_uni($username));
echo "<fail>{$lang->username_taken}</fail>"; exit; } else {	echo "<fail>{$lang->username_taken}</fail>"; exit; } else {
$lang->username_available = $lang->sprintf($lang->username_available, $username);	$lang->username_available = $lang->sprintf($lang->username_available, htmlspecialchars_uni($username));
echo "<success>{$lang->username_available}</success>"; exit; } } else if($mybb->input['action'] == "username_exists") {	echo "<success>{$lang->username_available}</success>"; exit; } } else if($mybb->input['action'] == "username_exists") {
	if(!verify_post_check($mybb->input['my_post_key'], true)) { xmlhttp_error($lang->invalid_post_code); }
require_once MYBB_ROOT."inc/functions_user.php"; $username = $mybb->input['value'];	require_once MYBB_ROOT."inc/functions_user.php"; $username = $mybb->input['value'];
Zeile 708	Zeile 725
if($user['uid']) {	if($user['uid']) {
$lang->valid_username = $lang->sprintf($lang->valid_username, $username);	$lang->valid_username = $lang->sprintf($lang->valid_username, htmlspecialchars_uni($username));
echo "<success>{$lang->valid_username}</success>"; exit; } else {	echo "<success>{$lang->valid_username}</success>"; exit; } else {
$lang->invalid_username = $lang->sprintf($lang->invalid_username, $username);	$lang->invalid_username = htmlspecialchars_uni($lang->sprintf($lang->invalid_username, htmlspecialchars_uni($username)));
echo "<fail>{$lang->invalid_username}</fail>"; exit; }	echo "<fail>{$lang->invalid_username}</fail>"; exit; }