Zeile 103 | Zeile 103 |
---|
function validate_password_from_uid($uid, $password, $user = array()) { global $db, $mybb;
|
function validate_password_from_uid($uid, $password, $user = array()) { global $db, $mybb;
|
if($mybb->user['uid'] == $uid) {
| if(isset($mybb->user['uid']) && $mybb->user['uid'] == $uid) {
|
$user = $mybb->user;
|
$user = $mybb->user;
|
}
| }
|
if(!$user['password'])
|
if(!$user['password'])
|
{ $query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'", array('limit' => 1)); $user = $db->fetch_array($query); }
| { $query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'"); $user = $db->fetch_array($query); }
|
if(!$user['salt']) { // Generate a salt for this user and assume the password stored in db is a plain md5 password
| if(!$user['salt']) { // Generate a salt for this user and assume the password stored in db is a plain md5 password
|
Zeile 121 | Zeile 121 |
---|
"salt" => $user['salt'], "password" => $user['password'] );
|
"salt" => $user['salt'], "password" => $user['password'] );
|
$db->update_query("users", $sql_array, "uid='".$user['uid']."'", 1);
| $db->update_query("users", $sql_array, "uid='".$user['uid']."'");
|
}
if(!$user['loginkey'])
| }
if(!$user['loginkey'])
|
Zeile 130 | Zeile 130 |
---|
$sql_array = array( "loginkey" => $user['loginkey'] );
|
$sql_array = array( "loginkey" => $user['loginkey'] );
|
$db->update_query("users", $sql_array, "uid = ".$user['uid'], 1);
| $db->update_query("users", $sql_array, "uid = ".$user['uid']);
|
} if(salt_password(md5($password), $user['salt']) == $user['password'])
|
} if(salt_password(md5($password), $user['salt']) == $user['password'])
|
{
| {
|
return $user; } else
| return $user; } else
|
Zeile 159 | Zeile 159 |
---|
// If no salt was specified, check in database first, if still doesn't exist, create one if(!$salt) {
|
// If no salt was specified, check in database first, if still doesn't exist, create one if(!$salt) {
|
$query = $db->simple_select("users", "salt", "uid='$uid'", array('limit' => 1));
| $query = $db->simple_select("users", "salt", "uid='$uid'");
|
$user = $db->fetch_array($query); if($user['salt'])
|
$user = $db->fetch_array($query); if($user['salt'])
|
{
| {
|
$salt = $user['salt']; } else
| $salt = $user['salt']; } else
|
Zeile 181 | Zeile 181 |
---|
// Update password and login key in database $newpassword['password'] = $saltedpw; $newpassword['loginkey'] = $loginkey;
|
// Update password and login key in database $newpassword['password'] = $saltedpw; $newpassword['loginkey'] = $loginkey;
|
$db->update_query("users", $newpassword, "uid='$uid'", 1);
| $db->update_query("users", $newpassword, "uid='$uid'");
|
$plugins->run_hooks("password_changed");
|
$plugins->run_hooks("password_changed");
|
|
|
return $newpassword; }
| return $newpassword; }
|
Zeile 198 | Zeile 198 |
---|
function salt_password($password, $salt) { return md5(md5($salt).$password);
|
function salt_password($password, $salt) { return md5(md5($salt).$password);
|
}
| }
|
/** * Generates a random salt
| /** * Generates a random salt
|
Zeile 218 | Zeile 218 |
---|
function generate_loginkey() { return random_str(50);
|
function generate_loginkey() { return random_str(50);
|
}
| }
|
/** * Updates a user's salt in the database (does not update a password).
| /** * Updates a user's salt in the database (does not update a password).
|
Zeile 234 | Zeile 234 |
---|
$sql_array = array( "salt" => $salt );
|
$sql_array = array( "salt" => $salt );
|
$db->update_query("users", $sql_array, "uid='{$uid}'", 1);
| $db->update_query("users", $sql_array, "uid='{$uid}'");
|
return $salt;
|
return $salt;
|
}
| }
|
/** * Generates a new login key for a user.
| /** * Generates a new login key for a user.
|
Zeile 253 | Zeile 253 |
---|
$sql_array = array( "loginkey" => $loginkey );
|
$sql_array = array( "loginkey" => $loginkey );
|
$db->update_query("users", $sql_array, "uid='{$uid}'", 1);
| $db->update_query("users", $sql_array, "uid='{$uid}'");
|
return $loginkey;
|
return $loginkey;
|
|
|
}
/**
| }
/**
|
Zeile 269 | Zeile 269 |
---|
* @return boolean True when success, false when otherwise. */ function add_subscribed_thread($tid, $notification=1, $uid="")
|
* @return boolean True when success, false when otherwise. */ function add_subscribed_thread($tid, $notification=1, $uid="")
|
{ global $mybb, $db; if(!$uid) { $uid = $mybb->user['uid']; }
| { global $mybb, $db; if(!$uid) { $uid = $mybb->user['uid']; } if(!$uid) { return; }
|
|
|
if(!$uid) { return; } $query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'", array('limit' => 1));
| $query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'");
|
$subscription = $db->fetch_array($query); if(!$subscription['tid']) {
| $subscription = $db->fetch_array($query); if(!$subscription['tid']) {
|
Zeile 292 | Zeile 292 |
---|
'notification' => intval($notification), 'dateline' => TIME_NOW, 'subscriptionkey' => md5(TIME_NOW.$uid.$tid)
|
'notification' => intval($notification), 'dateline' => TIME_NOW, 'subscriptionkey' => md5(TIME_NOW.$uid.$tid)
|
|
|
); $db->insert_query("threadsubscriptions", $insert_array); }
| ); $db->insert_query("threadsubscriptions", $insert_array); }
|
Zeile 303 | Zeile 303 |
---|
"notification" => intval($notification) ); $db->update_query("threadsubscriptions", $update_array, "uid='{$uid}' AND tid='{$tid}'");
|
"notification" => intval($notification) ); $db->update_query("threadsubscriptions", $update_array, "uid='{$uid}' AND tid='{$tid}'");
|
} return true;
| } return true;
|
}
/**
| }
/**
|
Zeile 316 | Zeile 316 |
---|
* @return boolean True when success, false when otherwise. */ function remove_subscribed_thread($tid, $uid="")
|
* @return boolean True when success, false when otherwise. */ function remove_subscribed_thread($tid, $uid="")
|
{ global $mybb, $db; if(!$uid) { $uid = $mybb->user['uid']; } if(!$uid) { return; } $db->delete_query("threadsubscriptions", "tid='".$tid."' AND uid='{$uid}'"); return true; }
| { global $mybb, $db; if(!$uid) { $uid = $mybb->user['uid']; } if(!$uid) { return; } $db->delete_query("threadsubscriptions", "tid='".$tid."' AND uid='{$uid}'"); return true; }
|
/** * Adds a forum to a user's forum subscription list. * If no uid is supplied, the currently logged in user's id will be used. * * @param int The fid of the forum to add to the list.
|
/** * Adds a forum to a user's forum subscription list. * If no uid is supplied, the currently logged in user's id will be used. * * @param int The fid of the forum to add to the list.
|
* @param int (Optional) The uid of the user who's list to update.
| * @param int (Optional) The uid of the user who's list to update.
|
* @return boolean True when success, false when otherwise. */ function add_subscribed_forum($fid, $uid="")
|
* @return boolean True when success, false when otherwise. */ function add_subscribed_forum($fid, $uid="")
|
{ global $mybb, $db; if(!$uid)
| { global $mybb, $db; if(!$uid)
|
{ $uid = $mybb->user['uid']; }
| { $uid = $mybb->user['uid']; }
|
Zeile 383 | Zeile 383 |
---|
function remove_subscribed_forum($fid, $uid="") { global $mybb, $db;
|
function remove_subscribed_forum($fid, $uid="") { global $mybb, $db;
|
if(!$uid) { $uid = $mybb->user['uid'];
| if(!$uid) { $uid = $mybb->user['uid'];
|
} if(!$uid) { return;
|
} if(!$uid) { return;
|
}
| }
|
$db->delete_query("forumsubscriptions", "fid='".$fid."' AND uid='{$uid}'"); return true;
|
$db->delete_query("forumsubscriptions", "fid='".$fid."' AND uid='{$uid}'"); return true;
|
}
/**
| }
/**
|
* Constructs the usercp navigation menu. * */
| * Constructs the usercp navigation menu. * */
|
Zeile 434 | Zeile 434 |
---|
{ global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
|
{ global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
|
| $usercp_nav_messenger = $templates->get("usercp_nav_messenger"); // Hide tracking link if no permission $tracking = ''; if($mybb->usergroup['cantrackpms']) { $tracking = $templates->get("usercp_nav_messenger_tracking"); } eval("\$ucp_nav_tracking = \"". $tracking ."\";");
$folderlinks = '';
|
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {
| $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {
|
Zeile 455 | Zeile 465 |
---|
$folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n"; }
|
$folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n"; }
|
eval("\$usercpmenu .= \"".$templates->get("usercp_nav_messenger")."\";");
| eval("\$usercpmenu .= \"".$usercp_nav_messenger."\";");
|
}
/**
| }
/**
|
Zeile 489 | Zeile 499 |
---|
function usercp_menu_misc() { global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
|
function usercp_menu_misc() { global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
|
| $draftstart = $draftend = $draftcount = '';
|
$query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); $count = $db->fetch_array($query);
| $query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); $count = $db->fetch_array($query);
|
Zeile 553 | Zeile 565 |
---|
if(intval($uid) == 0) { $uid = $mybb->user['uid'];
|
if(intval($uid) == 0) { $uid = $mybb->user['uid'];
|
| } $uid = intval($uid); $pmcount = array(); if($uid == 0) { return $pmcount;
|
}
// Update total number of messages.
| }
// Update total number of messages.
|
Zeile 571 | Zeile 590 |
---|
$pmcount['unreadpms'] = $unread['pms_unread']; }
|
$pmcount['unreadpms'] = $unread['pms_unread']; }
|
if(is_array($pmcount))
| if(!empty($pmcount))
|
{
|
{
|
$db->update_query("users", $pmcount, "uid='".intval($uid)."'");
| $db->update_query("users", $pmcount, "uid='".$uid."'");
|
} return $pmcount; }
| } return $pmcount; }
|