Zeile 6 | Zeile 6 |
---|
* Website: http://mybb.com * License: http://mybb.com/about/license *
|
* Website: http://mybb.com * License: http://mybb.com/about/license *
|
* $Id: functions_user.php 5380 2011-02-21 12:04:43Z Tomm $
| * $Id$
|
*/
/**
| */
/**
|
Zeile 40 | Zeile 40 |
---|
{ global $db;
|
{ global $db;
|
$query = $db->simple_select("users", "COUNT(*) as user", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'", array('limit' => 1));
| $username = $db->escape_string(my_strtolower($username)); $query = $db->simple_select("users", "COUNT(*) as user", "LOWER(username)='".$username."' OR LOWER(email)='".$username."'", array('limit' => 1));
|
if($db->fetch_field($query, 'user') == 1) {
| if($db->fetch_field($query, 'user') == 1) {
|
Zeile 61 | Zeile 62 |
---|
*/ function validate_password_from_username($username, $password) {
|
*/ function validate_password_from_username($username, $password) {
|
global $db;
| global $db, $mybb;
|
|
|
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'", array('limit' => 1));
| $username = $db->escape_string(my_strtolower($username)); switch($mybb->settings['username_method']) { case 0: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."'", array('limit' => 1)); break; case 1: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(email)='".$username."'", array('limit' => 1)); break; case 2: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."' OR LOWER(email)='".$username."'", array('limit' => 1)); break; default: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."'", array('limit' => 1)); break; }
|
$user = $db->fetch_array($query); if(!$user['uid'])
| $user = $db->fetch_array($query); if(!$user['uid'])
|
Zeile 87 | Zeile 103 |
---|
function validate_password_from_uid($uid, $password, $user = array()) { global $db, $mybb;
|
function validate_password_from_uid($uid, $password, $user = array()) { global $db, $mybb;
|
if($mybb->user['uid'] == $uid)
| if(isset($mybb->user['uid']) && $mybb->user['uid'] == $uid)
|
{ $user = $mybb->user; } if(!$user['password']) {
|
{ $user = $mybb->user; } if(!$user['password']) {
|
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'", array('limit' => 1));
| $query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'");
|
$user = $db->fetch_array($query); } if(!$user['salt'])
| $user = $db->fetch_array($query); } if(!$user['salt'])
|
Zeile 105 | Zeile 121 |
---|
"salt" => $user['salt'], "password" => $user['password'] );
|
"salt" => $user['salt'], "password" => $user['password'] );
|
$db->update_query("users", $sql_array, "uid='".$user['uid']."'", 1);
| $db->update_query("users", $sql_array, "uid='".$user['uid']."'");
|
}
if(!$user['loginkey'])
| }
if(!$user['loginkey'])
|
Zeile 114 | Zeile 130 |
---|
$sql_array = array( "loginkey" => $user['loginkey'] );
|
$sql_array = array( "loginkey" => $user['loginkey'] );
|
$db->update_query("users", $sql_array, "uid = ".$user['uid'], 1);
| $db->update_query("users", $sql_array, "uid = ".$user['uid']);
|
} if(salt_password(md5($password), $user['salt']) == $user['password']) {
| } if(salt_password(md5($password), $user['salt']) == $user['password']) {
|
Zeile 143 | Zeile 159 |
---|
// If no salt was specified, check in database first, if still doesn't exist, create one if(!$salt) {
|
// If no salt was specified, check in database first, if still doesn't exist, create one if(!$salt) {
|
$query = $db->simple_select("users", "salt", "uid='$uid'", array('limit' => 1));
| $query = $db->simple_select("users", "salt", "uid='$uid'");
|
$user = $db->fetch_array($query); if($user['salt']) {
| $user = $db->fetch_array($query); if($user['salt']) {
|
Zeile 165 | Zeile 181 |
---|
// Update password and login key in database $newpassword['password'] = $saltedpw; $newpassword['loginkey'] = $loginkey;
|
// Update password and login key in database $newpassword['password'] = $saltedpw; $newpassword['loginkey'] = $loginkey;
|
$db->update_query("users", $newpassword, "uid='$uid'", 1);
| $db->update_query("users", $newpassword, "uid='$uid'");
|
$plugins->run_hooks("password_changed");
| $plugins->run_hooks("password_changed");
|
Zeile 182 | Zeile 198 |
---|
function salt_password($password, $salt) { return md5(md5($salt).$password);
|
function salt_password($password, $salt) { return md5(md5($salt).$password);
|
}
| }
|
/** * Generates a random salt * * @return string The salt.
|
/** * Generates a random salt * * @return string The salt.
|
*/
| */
|
function generate_salt() { return random_str(8);
| function generate_salt() { return random_str(8);
|
Zeile 202 | Zeile 218 |
---|
function generate_loginkey() { return random_str(50);
|
function generate_loginkey() { return random_str(50);
|
}
| }
|
/** * Updates a user's salt in the database (does not update a password). * * @param int The uid of the user to update. * @return string The new salt.
|
/** * Updates a user's salt in the database (does not update a password). * * @param int The uid of the user to update. * @return string The new salt.
|
*/
| */
|
function update_salt($uid) { global $db;
| function update_salt($uid) { global $db;
|
Zeile 218 | Zeile 234 |
---|
$sql_array = array( "salt" => $salt );
|
$sql_array = array( "salt" => $salt );
|
$db->update_query("users", $sql_array, "uid='{$uid}'", 1);
| $db->update_query("users", $sql_array, "uid='{$uid}'");
|
return $salt; }
| return $salt; }
|
Zeile 237 | Zeile 253 |
---|
$sql_array = array( "loginkey" => $loginkey );
|
$sql_array = array( "loginkey" => $loginkey );
|
$db->update_query("users", $sql_array, "uid='{$uid}'", 1);
| $db->update_query("users", $sql_array, "uid='{$uid}'");
|
return $loginkey;
|
return $loginkey;
|
}
| }
|
/** * Adds a thread to a user's thread subscription list. * If no uid is supplied, the currently logged in user's id will be used. * * @param int The tid of the thread to add to the list. * @param int (Optional) The type of notification to receive for replies (0=none, 1=instant)
|
/** * Adds a thread to a user's thread subscription list. * If no uid is supplied, the currently logged in user's id will be used. * * @param int The tid of the thread to add to the list. * @param int (Optional) The type of notification to receive for replies (0=none, 1=instant)
|
* @param int (Optional) The uid of the user who's list to update. * @return boolean True when success, false when otherwise.
| * @param int (Optional) The uid of the user who's list to update. * @return boolean True when success, false when otherwise.
|
*/ function add_subscribed_thread($tid, $notification=1, $uid="") { global $mybb, $db;
|
*/ function add_subscribed_thread($tid, $notification=1, $uid="") { global $mybb, $db;
|
if(!$uid) {
| if(!$uid) {
|
$uid = $mybb->user['uid']; } if(!$uid) { return;
|
$uid = $mybb->user['uid']; } if(!$uid) { return;
|
}
| }
|
|
|
$query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'", array('limit' => 1));
| $query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'");
|
$subscription = $db->fetch_array($query); if(!$subscription['tid']) {
| $subscription = $db->fetch_array($query); if(!$subscription['tid']) {
|
Zeile 279 | Zeile 295 |
---|
); $db->insert_query("threadsubscriptions", $insert_array);
|
); $db->insert_query("threadsubscriptions", $insert_array);
|
}
| }
|
else { // Subscription exists - simply update notification
| else { // Subscription exists - simply update notification
|
Zeile 300 | Zeile 316 |
---|
* @return boolean True when success, false when otherwise. */ function remove_subscribed_thread($tid, $uid="")
|
* @return boolean True when success, false when otherwise. */ function remove_subscribed_thread($tid, $uid="")
|
{
| {
|
global $mybb, $db; if(!$uid)
| global $mybb, $db; if(!$uid)
|
Zeile 415 | Zeile 431 |
---|
* */ function usercp_menu_messenger()
|
* */ function usercp_menu_messenger()
|
{
| {
|
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
|
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
|
| $usercp_nav_messenger = $templates->get("usercp_nav_messenger"); // Hide tracking link if no permission $tracking = ''; if($mybb->usergroup['cantrackpms']) { $tracking = $templates->get("usercp_nav_messenger_tracking"); } eval("\$ucp_nav_tracking = \"". $tracking ."\";");
$folderlinks = '';
|
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {
| $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {
|
Zeile 428 | Zeile 454 |
---|
$class = "usercp_nav_trash_pmfolder"; } else if($folderlinks)
|
$class = "usercp_nav_trash_pmfolder"; } else if($folderlinks)
|
{
| {
|
$class = "usercp_nav_sub_pmfolder";
|
$class = "usercp_nav_sub_pmfolder";
|
}
| }
|
else { $class = "usercp_nav_pmfolder";
|
else { $class = "usercp_nav_pmfolder";
|
}
| }
|
$folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n"; }
|
$folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n"; }
|
eval("\$usercpmenu .= \"".$templates->get("usercp_nav_messenger")."\";"); }
/**
| eval("\$usercpmenu .= \"".$usercp_nav_messenger."\";"); }
/**
|
* Constructs the usercp profile menu. * */ function usercp_menu_profile()
|
* Constructs the usercp profile menu. * */ function usercp_menu_profile()
|
{ global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
| { global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
|
if($mybb->usergroup['canchangename'] != 0) { eval("\$changenameop = \"".$templates->get("usercp_nav_changename")."\";"); }
|
if($mybb->usergroup['canchangename'] != 0) { eval("\$changenameop = \"".$templates->get("usercp_nav_changename")."\";"); }
|
if($mybb->user['suspendsignature'] == 0 || $mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > 0 && $mybb->user['suspendsigtime'] < TIME_NOW)
| if($mybb->usergroup['canusesig'] == 1 && ($mybb->usergroup['canusesigxposts'] == 0 || $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] > $mybb->usergroup['canusesigxposts']))
|
{
|
{
|
eval("\$changesigop = \"".$templates->get("usercp_nav_editsignature")."\";");
| if($mybb->user['suspendsignature'] == 0 || $mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > 0 && $mybb->user['suspendsigtime'] < TIME_NOW) { eval("\$changesigop = \"".$templates->get("usercp_nav_editsignature")."\";"); }
|
}
eval("\$usercpmenu .= \"".$templates->get("usercp_nav_profile")."\";");
| }
eval("\$usercpmenu .= \"".$templates->get("usercp_nav_profile")."\";");
|
Zeile 470 | Zeile 499 |
---|
function usercp_menu_misc() { global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
|
function usercp_menu_misc() { global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
|
| $draftstart = $draftend = $draftcount = '';
|
$query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); $count = $db->fetch_array($query);
| $query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); $count = $db->fetch_array($query);
|
Zeile 534 | Zeile 565 |
---|
if(intval($uid) == 0) { $uid = $mybb->user['uid'];
|
if(intval($uid) == 0) { $uid = $mybb->user['uid'];
|
| } $uid = intval($uid); $pmcount = array(); if($uid == 0) { return $pmcount;
|
}
// Update total number of messages.
| }
// Update total number of messages.
|
Zeile 552 | Zeile 590 |
---|
$pmcount['unreadpms'] = $unread['pms_unread']; }
|
$pmcount['unreadpms'] = $unread['pms_unread']; }
|
if(is_array($pmcount))
| if(!empty($pmcount))
|
{
|
{
|
$db->update_query("users", $pmcount, "uid='".intval($uid)."'");
| $db->update_query("users", $pmcount, "uid='".$uid."'");
|
} return $pmcount; }
| } return $pmcount; }
|