Vergleich xmlhttp.php - 1.6.3 - 1.6.10

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * $Id: xmlhttp.php 5380 2011-02-21 12:04:43Z Tomm $

 * $Id$

 */

/**

 */

/**

Zeile 28Zeile 28

// Load MyBB core files
require_once dirname(__FILE__)."/inc/init.php";


// Load MyBB core files
require_once dirname(__FILE__)."/inc/init.php";

 

$templatelist = "postbit_editedby,xmlhttp_inline_post_editor,xmlhttp_buddyselect_online,xmlhttp_buddyselect_offline,xmlhttp_buddyselect";
$templates->cache($db->escape_string($templatelist));


$shutdown_queries = array();



$shutdown_queries = array();


Zeile 38Zeile 41
{
$cache->update_usergroups();
$groupscache = $cache->read("usergroups");

{
$cache->update_usergroups();
$groupscache = $cache->read("usergroups");

}


}


// Send no cache headers
header("Expires: Sat, 1 Jan 2000 01:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");

// Send no cache headers
header("Expires: Sat, 1 Jan 2000 01:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");





// Create the session
require_once MYBB_ROOT."inc/class_session.php";
$session = new session;
$session->init();

// Create the session
require_once MYBB_ROOT."inc/class_session.php";
$session = new session;
$session->init();





// Load the language we'll be using
if(!isset($mybb->settings['bblanguage']))
{
$mybb->settings['bblanguage'] = "english";

// Load the language we'll be using
if(!isset($mybb->settings['bblanguage']))
{
$mybb->settings['bblanguage'] = "english";

}

}

if(isset($mybb->user['language']) && $lang->language_exists($mybb->user['language']))
{
$mybb->settings['bblanguage'] = $mybb->user['language'];
}
$lang->set_language($mybb->settings['bblanguage']);

if(isset($mybb->user['language']) && $lang->language_exists($mybb->user['language']))
{
$mybb->settings['bblanguage'] = $mybb->user['language'];
}
$lang->set_language($mybb->settings['bblanguage']);





if(function_exists('mb_internal_encoding') && !empty($lang->settings['charset']))
{
@mb_internal_encoding($lang->settings['charset']);

if(function_exists('mb_internal_encoding') && !empty($lang->settings['charset']))
{
@mb_internal_encoding($lang->settings['charset']);

Zeile 71Zeile 74
if(isset($mybb->user['style']) && intval($mybb->user['style']) != 0)
{
$loadstyle = "tid='".$mybb->user['style']."'";

if(isset($mybb->user['style']) && intval($mybb->user['style']) != 0)
{
$loadstyle = "tid='".$mybb->user['style']."'";

}

}

else
{
$loadstyle = "def=1";

else
{
$loadstyle = "def=1";

Zeile 86Zeile 89
if(!empty($mybb->user['language']) && is_dir($theme['imgdir'].'/'.$mybb->user['language']))
{
$theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];

if(!empty($mybb->user['language']) && is_dir($theme['imgdir'].'/'.$mybb->user['language']))
{
$theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];

}
else

}
else

{
if(is_dir($theme['imgdir'].'/'.$mybb->settings['bblanguage']))
{
$theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];

{
if(is_dir($theme['imgdir'].'/'.$mybb->settings['bblanguage']))
{
$theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];

	}

	}

	else
{
$theme['imglangdir'] = $theme['imgdir'];
}

	else
{
$theme['imglangdir'] = $theme['imgdir'];
}

}


}


if($lang->settings['charset'])
{
$charset = $lang->settings['charset'];

if($lang->settings['charset'])
{
$charset = $lang->settings['charset'];

Zeile 108Zeile 111
{
$charset = "UTF-8";
}

{
$charset = "UTF-8";
}





$lang->load("global");
$lang->load("xmlhttp");

$plugins->run_hooks("xmlhttp");

$lang->load("global");
$lang->load("xmlhttp");

$plugins->run_hooks("xmlhttp");





// Fetch a list of usernames beginning with a certain string (used for auto completion)
if($mybb->input['action'] == "get_users")

// Fetch a list of usernames beginning with a certain string (used for auto completion)
if($mybb->input['action'] == "get_users")

{
// If the string is less than 3 characters, quit.
if(my_strlen($mybb->input['query']) < 3)
{
exit;
}


{
// If the string is less than 3 characters, quit.
if(my_strlen($mybb->input['query']) < 3)
{
exit;
}


	// Send our headers.
header("Content-type: text/plain; charset={$charset}");

// Sanitize the input.

	// Send our headers.
header("Content-type: text/plain; charset={$charset}");

// Sanitize the input.

	$mybb->input['query'] = str_replace(array("%", "_"), array("\\%", "\\_"), $mybb->input['query']);

	$mybb->input['query'] = str_replace(array("%", "_"), array("\\%", "\\_"), $mybb->input['query']);

	
// Query for any matching users.
$query_options = array(

	
// Query for any matching users.
$query_options = array(

Zeile 153Zeile 156
	if(my_strlen($mybb->input['query']) < 3)
{
exit;

	if(my_strlen($mybb->input['query']) < 3)
{
exit;

	}

// Send our headers.

	}

// Send our headers.

	header("Content-type: text/plain; charset={$charset}");

// Sanitize the input.

	header("Content-type: text/plain; charset={$charset}");

// Sanitize the input.

Zeile 366Zeile 369
		{
$lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
xmlhttp_error($lang->edit_time_limit);

		{
$lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
xmlhttp_error($lang->edit_time_limit);

 
		}
// User can't edit unapproved post
if($post['visible'] == 0)
{
xmlhttp_error($lang->post_moderation);

		}
}


		}
}


Zeile 438Zeile 446
		{
$postinfo = $posthandler->update_post();
$visible = $postinfo['visible'];

		{
$postinfo = $posthandler->update_post();
$visible = $postinfo['visible'];

			if($visible == 0 && !is_moderator())

			if($visible == 0 && !is_moderator($post['fid']))

			{
echo "<p>\n";
echo $lang->post_moderation;

			{
echo "<p>\n";
echo $lang->post_moderation;

Zeile 491Zeile 499
		
// Send our headers.
header("Content-type: text/plain; charset={$charset}");

		
// Send our headers.
header("Content-type: text/plain; charset={$charset}");

		echo "<p>\n";
echo $post['message'];
echo "</p>\n";

		echo $post['message']."\n";



		if($editedmsg)
{
echo str_replace(array("\r", "\n"), "", "<editedmsg>{$editedmsg}</editedmsg>");

		if($editedmsg)
{
echo str_replace(array("\r", "\n"), "", "<editedmsg>{$editedmsg}</editedmsg>");

Zeile 556Zeile 562
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
WHERE {$from_tid}p.pid IN ($quoted_posts) {$unviewable_forums}

		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
WHERE {$from_tid}p.pid IN ($quoted_posts) {$unviewable_forums}

 
		ORDER BY p.dateline

	");
while($quoted_post = $db->fetch_array($query))
{

	");
while($quoted_post = $db->fetch_array($query))
{

Zeile 622Zeile 629
else if($mybb->input['action'] == "complex_password")
{
$password = trim($mybb->input['value']);

else if($mybb->input['action'] == "complex_password")
{
$password = trim($mybb->input['value']);

	$password = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $password);

	$password = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $password);


header("Content-type: text/xml; charset={$charset}");
if(!preg_match("/^.*(?=.{".$mybb->settings['minpasswordlength'].",})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $password))


header("Content-type: text/xml; charset={$charset}");
if(!preg_match("/^.*(?=.{".$mybb->settings['minpasswordlength'].",})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $password))

Zeile 649Zeile 656

// Fix bad characters
$username = trim($username);


// Fix bad characters
$username = trim($username);

	$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);

	$username = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);

Zeile 724Zeile 731
	}
else
{

	}
else
{

		$lang->invalid_username = $lang->sprintf($lang->invalid_username, htmlspecialchars_uni($username));

		$lang->invalid_username = htmlspecialchars_uni($lang->sprintf($lang->invalid_username, htmlspecialchars_uni($username)));

		echo "<fail>{$lang->invalid_username}</fail>";
exit;
}

		echo "<fail>{$lang->invalid_username}</fail>";
exit;
}