Vergleich inc/functions_user.php - 1.6.0 - 1.6.18

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 1Zeile 1
<?php

<?php

 
/**
* MyBB 1.6
* Copyright 2010 MyBB Group, All Rights Reserved
*
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
* $Id$
*/


/**
* Checks if a user with uid $uid exists in the database.


/**
* Checks if a user with uid $uid exists in the database.

Zeile 11Zeile 20
	global $db;

$query = $db->simple_select("users", "COUNT(*) as user", "uid='".intval($uid)."'", array('limit' => 1));

	global $db;

$query = $db->simple_select("users", "COUNT(*) as user", "uid='".intval($uid)."'", array('limit' => 1));

	if($db->fetch_field($query, 'user') == 1)
{
return true;
}

	if($db->fetch_field($query, 'user') == 1)
{
return true;
}

	else
{
return false;

	else
{
return false;

Zeile 30Zeile 39
function username_exists($username)
{
global $db;

function username_exists($username)
{
global $db;

	$query = $db->simple_select("users", "COUNT(*) as user", "username='".$db->escape_string($username)."'", array('limit' => 1));





$username = $db->escape_string(my_strtolower($username));
$query = $db->simple_select("users", "COUNT(*) as user", "LOWER(username)='".$username."' OR LOWER(email)='".$username."'", array('limit' => 1));


	if($db->fetch_field($query, 'user') == 1)
{
return true;

	if($db->fetch_field($query, 'user') == 1)
{
return true;

Zeile 50Zeile 62
 */
function validate_password_from_username($username, $password)
{

 */
function validate_password_from_username($username, $password)
{

	global $db;

$query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "username='".$db->escape_string($username)."'", array('limit' => 1));

















	global $db, $mybb;

$username = $db->escape_string(my_strtolower($username));
switch($mybb->settings['username_method'])
{
case 0:
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."'", array('limit' => 1));
break;
case 1:
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(email)='".$username."'", array('limit' => 1));
break;
case 2:
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."' OR LOWER(email)='".$username."'", array('limit' => 1));
break;
default:
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."'", array('limit' => 1));
break;
}


	$user = $db->fetch_array($query);
if(!$user['uid'])
{

	$user = $db->fetch_array($query);
if(!$user['uid'])
{

Zeile 61Zeile 89
	else
{
return validate_password_from_uid($user['uid'], $password, $user);

	else
{
return validate_password_from_uid($user['uid'], $password, $user);

	}
}

/**

	}
}

/**

 * Checks a password with a supplied uid.
*
* @param int The user id.

 * Checks a password with a supplied uid.
*
* @param int The user id.

Zeile 75Zeile 103
function validate_password_from_uid($uid, $password, $user = array())
{
global $db, $mybb;

function validate_password_from_uid($uid, $password, $user = array())
{
global $db, $mybb;

	if($mybb->user['uid'] == $uid)
{

	if(isset($mybb->user['uid']) && $mybb->user['uid'] == $uid)
{

		$user = $mybb->user;
}
if(!$user['password'])

		$user = $mybb->user;
}
if(!$user['password'])

	{
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'", array('limit' => 1));

	{
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'");

		$user = $db->fetch_array($query);
}
if(!$user['salt'])

		$user = $db->fetch_array($query);
}
if(!$user['salt'])

Zeile 89Zeile 117
		// Generate a salt for this user and assume the password stored in db is a plain md5 password
$user['salt'] = generate_salt();
$user['password'] = salt_password($user['password'], $user['salt']);

		// Generate a salt for this user and assume the password stored in db is a plain md5 password
$user['salt'] = generate_salt();
$user['password'] = salt_password($user['password'], $user['salt']);

		$sql_array = array(

		$sql_array = array(

			"salt" => $user['salt'],
"password" => $user['password']
);

			"salt" => $user['salt'],
"password" => $user['password']
);

		$db->update_query("users", $sql_array, "uid='".$user['uid']."'", 1);

		$db->update_query("users", $sql_array, "uid='".$user['uid']."'");

	}

if(!$user['loginkey'])

	}

if(!$user['loginkey'])

Zeile 102Zeile 130
		$sql_array = array(
"loginkey" => $user['loginkey']
);

		$sql_array = array(
"loginkey" => $user['loginkey']
);

		$db->update_query("users", $sql_array, "uid = ".$user['uid'], 1);

		$db->update_query("users", $sql_array, "uid = ".$user['uid']);

	}
if(salt_password(md5($password), $user['salt']) == $user['password'])
{
return $user;

	}
if(salt_password(md5($password), $user['salt']) == $user['password'])
{
return $user;

	}

	}

	else
{
return false;

	else
{
return false;

Zeile 130Zeile 158

// If no salt was specified, check in database first, if still doesn't exist, create one
if(!$salt)


// If no salt was specified, check in database first, if still doesn't exist, create one
if(!$salt)

	{
$query = $db->simple_select("users", "salt", "uid='$uid'", array('limit' => 1));

	{
$query = $db->simple_select("users", "salt", "uid='$uid'");

		$user = $db->fetch_array($query);
if($user['salt'])
{

		$user = $db->fetch_array($query);
if($user['salt'])
{

Zeile 146Zeile 174

// Create new password based on salt
$saltedpw = salt_password($password, $salt);


// Create new password based on salt
$saltedpw = salt_password($password, $salt);





	// Generate new login key
$loginkey = generate_loginkey();

// Update password and login key in database
$newpassword['password'] = $saltedpw;
$newpassword['loginkey'] = $loginkey;

	// Generate new login key
$loginkey = generate_loginkey();

// Update password and login key in database
$newpassword['password'] = $saltedpw;
$newpassword['loginkey'] = $loginkey;

	$db->update_query("users", $newpassword, "uid='$uid'", 1);

	$db->update_query("users", $newpassword, "uid='$uid'");


$plugins->run_hooks("password_changed");



$plugins->run_hooks("password_changed");


Zeile 162Zeile 190

/**
* Salts a password based on a supplied salt.


/**
* Salts a password based on a supplied salt.

 *

 *

 * @param string The md5()'ed password.
* @param string The salt.
* @return string The password hash.

 * @param string The md5()'ed password.
* @param string The salt.
* @return string The password hash.

Zeile 170Zeile 198
function salt_password($password, $salt)
{
return md5(md5($salt).$password);

function salt_password($password, $salt)
{
return md5(md5($salt).$password);

}

}


/**
* Generates a random salt


/**
* Generates a random salt

Zeile 178Zeile 206
 * @return string The salt.
*/
function generate_salt()

 * @return string The salt.
*/
function generate_salt()

{

{

	return random_str(8);
}


	return random_str(8);
}


Zeile 194Zeile 222

/**
* Updates a user's salt in the database (does not update a password).


/**
* Updates a user's salt in the database (does not update a password).

 *
* @param int The uid of the user to update.

 *
* @param int The uid of the user to update.

 * @return string The new salt.
*/
function update_salt($uid)

 * @return string The new salt.
*/
function update_salt($uid)

Zeile 206Zeile 234
	$sql_array = array(
"salt" => $salt
);

	$sql_array = array(
"salt" => $salt
);

	$db->update_query("users", $sql_array, "uid='{$uid}'", 1);

	$db->update_query("users", $sql_array, "uid='{$uid}'");

	
return $salt;
}

	
return $salt;
}

Zeile 225Zeile 253
	$sql_array = array(
"loginkey" => $loginkey
);

	$sql_array = array(
"loginkey" => $loginkey
);

	$db->update_query("users", $sql_array, "uid='{$uid}'", 1);

	$db->update_query("users", $sql_array, "uid='{$uid}'");

	
return $loginkey;


	
return $loginkey;


Zeile 254Zeile 282
		return;
}


		return;
}


	$query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'", array('limit' => 1));

	$query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'");

	$subscription = $db->fetch_array($query);
if(!$subscription['tid'])
{

	$subscription = $db->fetch_array($query);
if(!$subscription['tid'])
{

Zeile 314Zeile 342
 * @return boolean True when success, false when otherwise.
*/
function add_subscribed_forum($fid, $uid="")

 * @return boolean True when success, false when otherwise.
*/
function add_subscribed_forum($fid, $uid="")

{
global $mybb, $db;

if(!$uid)
{
$uid = $mybb->user['uid'];
}

if(!$uid)
{
return;
}


{
global $mybb, $db;

if(!$uid)
{
$uid = $mybb->user['uid'];
}

if(!$uid)
{
return;
}


	$fid = intval($fid);
$uid = intval($uid);

$query = $db->simple_select("forumsubscriptions", "*", "fid='".$fid."' AND uid='{$uid}'", array('limit' => 1));
$fsubscription = $db->fetch_array($query);
if(!$fsubscription['fid'])

	$fid = intval($fid);
$uid = intval($uid);

$query = $db->simple_select("forumsubscriptions", "*", "fid='".$fid."' AND uid='{$uid}'", array('limit' => 1));
$fsubscription = $db->fetch_array($query);
if(!$fsubscription['fid'])

	{

	{

		$insert_array = array(
'fid' => $fid,
'uid' => $uid
);
$db->insert_query("forumsubscriptions", $insert_array);

		$insert_array = array(
'fid' => $fid,
'uid' => $uid
);
$db->insert_query("forumsubscriptions", $insert_array);

	}

return true;

	}

return true;

}

/**

}

/**

Zeile 355Zeile 383
function remove_subscribed_forum($fid, $uid="")
{
global $mybb, $db;

function remove_subscribed_forum($fid, $uid="")
{
global $mybb, $db;

	
if(!$uid)
{

	
if(!$uid)
{

		$uid = $mybb->user['uid'];
}


		$uid = $mybb->user['uid'];
}


Zeile 388Zeile 416
	
$plugins->add_hook("usercp_menu", "usercp_menu_profile", 20);
$plugins->add_hook("usercp_menu", "usercp_menu_misc", 30);

	
$plugins->add_hook("usercp_menu", "usercp_menu_profile", 20);
$plugins->add_hook("usercp_menu", "usercp_menu_misc", 30);





	// Run the plugin hooks
$plugins->run_hooks("usercp_menu");
global $usercpmenu;

	// Run the plugin hooks
$plugins->run_hooks("usercp_menu");
global $usercpmenu;





	eval("\$usercpnav = \"".$templates->get("usercp_nav")."\";");

$plugins->run_hooks("usercp_menu_built");

	eval("\$usercpnav = \"".$templates->get("usercp_nav")."\";");

$plugins->run_hooks("usercp_menu_built");

}

}


/**
* Constructs the usercp messenger menu.
*
*/
function usercp_menu_messenger()


/**
* Constructs the usercp messenger menu.
*
*/
function usercp_menu_messenger()

{
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;










{
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;

$usercp_nav_messenger = $templates->get("usercp_nav_messenger");
// Hide tracking link if no permission
$tracking = '';
if($mybb->usergroup['cantrackpms'])
{
$tracking = $templates->get("usercp_nav_messenger_tracking");
}
eval("\$ucp_nav_tracking = \"". $tracking ."\";");





 
	$folderlinks = '';

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);
$folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
if($folderinfo[0] == 4)

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);
$folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
if($folderinfo[0] == 4)

		{

		{

			$class = "usercp_nav_trash_pmfolder";

			$class = "usercp_nav_trash_pmfolder";

		}

		}

		else if($folderlinks)
{
$class = "usercp_nav_sub_pmfolder";
}
else

		else if($folderlinks)
{
$class = "usercp_nav_sub_pmfolder";
}
else

		{

		{

			$class = "usercp_nav_pmfolder";
}

			$class = "usercp_nav_pmfolder";
}





		$folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n";
}


		$folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n";
}


	eval("\$usercpmenu .= \"".$templates->get("usercp_nav_messenger")."\";");
}


	eval("\$usercpmenu .= \"".$usercp_nav_messenger."\";");
}


/**
* Constructs the usercp profile menu.
*

/**
* Constructs the usercp profile menu.
*

Zeile 437Zeile 475
function usercp_menu_profile()
{
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;

function usercp_menu_profile()
{
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;





	if($mybb->usergroup['canchangename'] != 0)

	if($mybb->usergroup['canchangename'] != 0)

	{

	{

		eval("\$changenameop = \"".$templates->get("usercp_nav_changename")."\";");

		eval("\$changenameop = \"".$templates->get("usercp_nav_changename")."\";");

	}

	}





	if($mybb->user['suspendsignature'] == 0 || ($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] < TIME_NOW))

	if($mybb->usergroup['canusesig'] == 1 && ($mybb->usergroup['canusesigxposts'] == 0 || $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] > $mybb->usergroup['canusesigxposts']))

	{

	{

		eval("\$changesigop = \"".$templates->get("usercp_nav_editsignature")."\";");




		if($mybb->user['suspendsignature'] == 0 || $mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > 0 && $mybb->user['suspendsigtime'] < TIME_NOW)
{
eval("\$changesigop = \"".$templates->get("usercp_nav_editsignature")."\";");
}

	}

	}





	eval("\$usercpmenu .= \"".$templates->get("usercp_nav_profile")."\";");
}

/**
* Constructs the usercp misc menu.

	eval("\$usercpmenu .= \"".$templates->get("usercp_nav_profile")."\";");
}

/**
* Constructs the usercp misc menu.

 *
*/

 *
*/

function usercp_menu_misc()
{
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;

function usercp_menu_misc()
{
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;

	







$draftstart = $draftend = $draftcount = '';

$query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'");
$count = $db->fetch_array($query);


	if($count['draftcount'] > 0)
{
$draftstart = "<strong>";
$draftend = "</strong>";

	if($count['draftcount'] > 0)
{
$draftstart = "<strong>";
$draftend = "</strong>";

 
		$draftcount = "(".my_number_format($count['draftcount']).")";

	}

	}

 


	$profile_link = get_profile_link($mybb->user['uid']);

	$profile_link = get_profile_link($mybb->user['uid']);

	

 
	eval("\$usercpmenu .= \"".$templates->get("usercp_nav_misc")."\";");
}


	eval("\$usercpmenu .= \"".$templates->get("usercp_nav_misc")."\";");
}


Zeile 476Zeile 523
 * @return string The usertitle of the user.
*/
function get_usertitle($uid="")

 * @return string The usertitle of the user.
*/
function get_usertitle($uid="")

{
global $db, $mybb;


{
global $db, $mybb;


	if($mybb->user['uid'] == $uid)
{
$user = $mybb->user;

	if($mybb->user['uid'] == $uid)
{
$user = $mybb->user;

Zeile 494Zeile 541
		return $user['usertitle'];
}
else

		return $user['usertitle'];
}
else

	{

	{

		$query = $db->simple_select("usertitles", "title", "posts<='".$user['postnum']."'", array('order_by' => 'posts', 'order_dir' => 'desc'));
$usertitle = $db->fetch_array($query);


		$query = $db->simple_select("usertitles", "title", "posts<='".$user['postnum']."'", array('order_by' => 'posts', 'order_dir' => 'desc'));
$usertitle = $db->fetch_array($query);


Zeile 518Zeile 565
	if(intval($uid) == 0)
{
$uid = $mybb->user['uid'];

	if(intval($uid) == 0)
{
$uid = $mybb->user['uid'];

 
	}

$uid = intval($uid);
$pmcount = array();
if($uid == 0)
{
return $pmcount;

	}

// Update total number of messages.

	}

// Update total number of messages.

Zeile 536Zeile 590
		$pmcount['unreadpms'] = $unread['pms_unread'];
}


		$pmcount['unreadpms'] = $unread['pms_unread'];
}


	if(is_array($pmcount))

	if(!empty($pmcount))

	{

	{

		$db->update_query("users", $pmcount, "uid='".intval($uid)."'");

		$db->update_query("users", $pmcount, "uid='".$uid."'");

	}
return $pmcount;
}

	}
return $pmcount;
}