Vergleich inc/functions.php - 1.8.0 - 1.8.4

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 173	Zeile 173
if(isset($config)) {	if(isset($config)) {
	// Load DB interface require_once MYBB_ROOT."inc/db_base.php";
require_once MYBB_ROOT."inc/db_".$config['database']['type'].".php"; switch($config['database']['type']) {	require_once MYBB_ROOT."inc/db_".$config['database']['type'].".php"; switch($config['database']['type']) {
Zeile 397	Zeile 400
if($format == 'relative') { // Relative formats both date and time	if($format == 'relative') { // Relative formats both date and time
if($ty != 2 && (TIME_NOW - $stamp) < 3600)	if($ty != 2 && abs(TIME_NOW - $stamp) < 3600)
{ $diff = TIME_NOW - $stamp; $relative = array('prefix' => '', 'minute' => 0, 'plural' => $lang->rel_minutes_plural, 'suffix' => $lang->rel_ago);	{ $diff = TIME_NOW - $stamp; $relative = array('prefix' => '', 'minute' => 0, 'plural' => $lang->rel_minutes_plural, 'suffix' => $lang->rel_ago);
Zeile 425	Zeile 428
$date = $lang->sprintf($lang->rel_time, $relative['prefix'], $relative['minute'], $relative['plural'], $relative['suffix']); }	$date = $lang->sprintf($lang->rel_time, $relative['prefix'], $relative['minute'], $relative['plural'], $relative['suffix']); }
elseif($ty != 2 && (TIME_NOW - $stamp) >= 3600 && (TIME_NOW - $stamp) < 43200)	elseif($ty != 2 && abs(TIME_NOW - $stamp) < 43200)
{ $diff = TIME_NOW - $stamp; $relative = array('prefix' => '', 'hour' => 0, 'plural' => $lang->rel_hours_plural, 'suffix' => $lang->rel_ago);	{ $diff = TIME_NOW - $stamp; $relative = array('prefix' => '', 'hour' => 0, 'plural' => $lang->rel_hours_plural, 'suffix' => $lang->rel_ago);
Zeile 756	Zeile 759
} // AJAX error message?	} // AJAX error message?
if($mybb->get_input('ajax', 1))	if($mybb->get_input('ajax', MyBB::INPUT_INT))
{ // Send our headers. @header("Content-type: application/json; charset={$lang->settings['charset']}");	{ // Send our headers. @header("Content-type: application/json; charset={$lang->settings['charset']}");
Zeile 802	Zeile 805
} // AJAX error message?	} // AJAX error message?
if($mybb->get_input('ajax', 1))	if($mybb->get_input('ajax', MyBB::INPUT_INT))
{ // Send our headers. @header("Content-type: application/json; charset={$lang->settings['charset']}");	{ // Send our headers. @header("Content-type: application/json; charset={$lang->settings['charset']}");
Zeile 848	Zeile 851
$db->update_query("sessions", $noperm_array, "sid='{$session->sid}'");	$db->update_query("sessions", $noperm_array, "sid='{$session->sid}'");
if($mybb->get_input('ajax', 1))	if($mybb->get_input('ajax', MyBB::INPUT_INT))
{ // Send our headers. header("Content-type: application/json; charset={$lang->settings['charset']}");	{ // Send our headers. header("Content-type: application/json; charset={$lang->settings['charset']}");
Zeile 909	Zeile 912
$plugins->run_hooks("redirect", $redirect_args);	$plugins->run_hooks("redirect", $redirect_args);
if($mybb->get_input('ajax', 1))	if($mybb->get_input('ajax', MyBB::INPUT_INT))
{ // Send our headers. //@header("Content-type: text/html; charset={$lang->settings['charset']}");	{ // Send our headers. //@header("Content-type: text/html; charset={$lang->settings['charset']}");
Zeile 1198	Zeile 1201
} /**	} /**
* Fetch the usergroup permissions for a specic group or series of groups combined	* Fetch the usergroup permissions for a specific group or series of groups combined
* * @param mixed A list of groups (Can be a single integer, or a list of groups separated by a comma) * @return array Array of permissions generated for the groups	* * @param mixed A list of groups (Can be a single integer, or a list of groups separated by a comma) * @return array Array of permissions generated for the groups
Zeile 1213	Zeile 1216
} $groups = explode(",", $gid);	} $groups = explode(",", $gid);

if(count($groups) == 1) { return $groupscache[$gid]; }	if(count($groups) == 1) { return $groupscache[$gid]; }
	$usergroup = array();
foreach($groups as $gid) {	foreach($groups as $gid) {
Zeile 1251	Zeile 1255
{ $usergroup[$perm] = $access; }	{ $usergroup[$perm] = $access; }
} } }	} } }
return $usergroup; }	return $usergroup; }
Zeile 1279	Zeile 1283
foreach($displaygroupfields as $field) { $displaygroup[$field] = $group[$field];	foreach($displaygroupfields as $field) { $displaygroup[$field] = $group[$field];
}	}
return $displaygroup; }	return $displaygroup; }
Zeile 1306	Zeile 1310
if($uid != 0 && $uid != $mybb->user['uid']) { $user = get_user($uid);	if($uid != 0 && $uid != $mybb->user['uid']) { $user = get_user($uid);

$gid = $user['usergroup'].",".$user['additionalgroups']; $groupperms = usergroup_permissions($gid); } else { $gid = $mybb->user['usergroup'];	$gid = $user['usergroup'].",".$user['additionalgroups']; $groupperms = usergroup_permissions($gid); } else { $gid = $mybb->user['usergroup'];

if(isset($mybb->user['additionalgroups'])) { $gid .= ",".$mybb->user['additionalgroups']; } $groupperms = $mybb->usergroup;	if(isset($mybb->user['additionalgroups'])) { $gid .= ",".$mybb->user['additionalgroups']; } $groupperms = $mybb->usergroup;
} }	} }
if(!is_array($forum_cache)) { $forum_cache = cache_forums();	if(!is_array($forum_cache)) { $forum_cache = cache_forums();

if(!$forum_cache) { return false;	if(!$forum_cache) { return false;
} }	} }
if(!is_array($fpermcache))	if(!is_array($fpermcache))
{	{
$fpermcache = $cache->read("forumpermissions"); }	$fpermcache = $cache->read("forumpermissions"); }
Zeile 1345	Zeile 1349
$cached_forum_permissions_permissions[$gid][$fid] = fetch_forum_permissions($fid, $gid, $groupperms); } return $cached_forum_permissions_permissions[$gid][$fid];	$cached_forum_permissions_permissions[$gid][$fid] = fetch_forum_permissions($fid, $gid, $groupperms); } return $cached_forum_permissions_permissions[$gid][$fid];
}	}
else { if(empty($cached_forum_permissions[$gid]))	else { if(empty($cached_forum_permissions[$gid]))
Zeile 1358	Zeile 1362
return $cached_forum_permissions[$gid]; } }	return $cached_forum_permissions[$gid]; } }

/** * Fetches the permissions for a specific forum/group applying the inheritance scheme. * Called by forum_permissions()	/** * Fetches the permissions for a specific forum/group applying the inheritance scheme. * Called by forum_permissions()
Zeile 1381	Zeile 1385
$current_permissions = array(); $only_view_own_threads = 1;	$current_permissions = array(); $only_view_own_threads = 1;
	$only_reply_own_threads = 1;
foreach($groups as $gid) { if(!empty($groupscache[$gid])) {	foreach($groups as $gid) { if(!empty($groupscache[$gid])) {
	$level_permissions = $fpermcache[$fid][$gid];
// If our permissions arn't inherited we need to figure them out if(empty($fpermcache[$fid][$gid])) {	// If our permissions arn't inherited we need to figure them out if(empty($fpermcache[$fid][$gid])) {
Zeile 1402	Zeile 1409
} } }	} } }
} else { $level_permissions = $fpermcache[$fid][$gid];
} // If we STILL don't have forum permissions we use the usergroup itself if(empty($level_permissions)) { $level_permissions = $groupscache[$gid];	} // If we STILL don't have forum permissions we use the usergroup itself if(empty($level_permissions)) { $level_permissions = $groupscache[$gid];
}	}
foreach($level_permissions as $permission => $access)	foreach($level_permissions as $permission => $access)
{	{
if(empty($current_permissions[$permission]) \|\| $access >= $current_permissions[$permission] \|\| ($access == "yes" && $current_permissions[$permission] == "no")) { $current_permissions[$permission] = $access; }	if(empty($current_permissions[$permission]) \|\| $access >= $current_permissions[$permission] \|\| ($access == "yes" && $current_permissions[$permission] == "no")) { $current_permissions[$permission] = $access; }
}	}
if($level_permissions["canview"] && empty($level_permissions["canonlyviewownthreads"])) { $only_view_own_threads = 0;	if($level_permissions["canview"] && empty($level_permissions["canonlyviewownthreads"])) { $only_view_own_threads = 0;
} } }	} if($level_permissions["canpostreplys"] && empty($level_permissions["canonlyreplyownthreads"])) { $only_reply_own_threads = 0; } } }
// Figure out if we can view more than our own threads if($only_view_own_threads == 0)	// Figure out if we can view more than our own threads if($only_view_own_threads == 0)
{	{
$current_permissions["canonlyviewownthreads"] = 0;	$current_permissions["canonlyviewownthreads"] = 0;
	} // Figure out if we can reply more than our own threads if($only_reply_own_threads == 0) { $current_permissions["canonlyreplyownthreads"] = 0;
} if(count($current_permissions) == 0)	} if(count($current_permissions) == 0)
Zeile 1641	Zeile 1655
$modpermscache[$fid][$uid] = $perms; return $perms;	$modpermscache[$fid][$uid] = $perms; return $perms;
}	}
/** * Checks if a moderator has permissions to perform an action in a specific forum *	/** * Checks if a moderator has permissions to perform an action in a specific forum *
Zeile 1654	Zeile 1668
function is_moderator($fid="0", $action="", $uid="0") { global $mybb, $cache;	function is_moderator($fid="0", $action="", $uid="0") { global $mybb, $cache;
if($uid == 0)	if($uid == 0)
{ $uid = $mybb->user['uid']; }	{ $uid = $mybb->user['uid']; }
Zeile 1682	Zeile 1696
else { if(!$fid)	else { if(!$fid)
{	{
$modcache = $cache->read('moderators'); if(!empty($modcache)) {	$modcache = $cache->read('moderators'); if(!empty($modcache)) {
Zeile 1708	Zeile 1722
if(!$action && $modperms) { return true;	if(!$action && $modperms) { return true;
}	}
else { if(isset($modperms[$action]) && $modperms[$action] == 1)	else { if(isset($modperms[$action]) && $modperms[$action] == 1)
Zeile 1748	Zeile 1762
$posticons[$posticon['name']] = $posticon; } krsort($posticons);	$posticons[$posticon['name']] = $posticon; } krsort($posticons);

foreach($posticons as $dbicon) { $dbicon['path'] = str_replace("{theme}", $theme['imgdir'], $dbicon['path']);	foreach($posticons as $dbicon) { $dbicon['path'] = str_replace("{theme}", $theme['imgdir'], $dbicon['path']);
$dbicon['path'] = htmlspecialchars_uni($dbicon['path']);	$dbicon['path'] = htmlspecialchars_uni($mybb->get_asset_url($dbicon['path']));
$dbicon['name'] = htmlspecialchars_uni($dbicon['name']); if($icon == $dbicon['iid'])	$dbicon['name'] = htmlspecialchars_uni($dbicon['name']); if($icon == $dbicon['iid'])
Zeile 1775	Zeile 1789
/** * MyBB setcookie() wrapper.	/** * MyBB setcookie() wrapper.
* * @param string The cookie identifier.	* * @param string The cookie identifier.
* @param string The cookie value. * @param int The timestamp of the expiry date. * @param boolean True if setting a HttpOnly cookie (supported by IE, Opera 9, Konqueror)	* @param string The cookie value. * @param int The timestamp of the expiry date. * @param boolean True if setting a HttpOnly cookie (supported by IE, Opera 9, Konqueror)
Zeile 1816	Zeile 1830
} if(!empty($mybb->settings['cookiepath']))	} if(!empty($mybb->settings['cookiepath']))
{	{
$cookie .= "; path={$mybb->settings['cookiepath']}"; }	$cookie .= "; path={$mybb->settings['cookiepath']}"; }
Zeile 1843	Zeile 1857
function my_unsetcookie($name) { global $mybb;	function my_unsetcookie($name) { global $mybb;

$expires = -3600; my_setcookie($name, "", $expires);	$expires = -3600; my_setcookie($name, "", $expires);
Zeile 1856	Zeile 1870
* @param string The cookie identifier. * @param int The cookie content id. * @return array\|boolean The cookie id's content array or false when non-existent.	* @param string The cookie identifier. * @param int The cookie content id. * @return array\|boolean The cookie id's content array or false when non-existent.
*/	*/
function my_get_array_cookie($name, $id) { global $mybb; if(!isset($mybb->cookies['mybb'][$name]))	function my_get_array_cookie($name, $id) { global $mybb; if(!isset($mybb->cookies['mybb'][$name]))
{ return false; }	{ return false; }
$cookie = my_unserialize($mybb->cookies['mybb'][$name]); if(is_array($cookie) && isset($cookie[$id])) { return $cookie[$id];	$cookie = my_unserialize($mybb->cookies['mybb'][$name]); if(is_array($cookie) && isset($cookie[$id])) { return $cookie[$id];
}	}
else { return 0;	else { return 0;
} } /**	} } /**
* Set a serialised cookie array. * * @param string The cookie identifier. * @param int The cookie content id. * @param string The value to set the cookie to. * @param int The timestamp of the expiry date.	* Set a serialised cookie array. * * @param string The cookie identifier. * @param int The cookie content id. * @param string The value to set the cookie to. * @param int The timestamp of the expiry date.
*/	*/
function my_set_array_cookie($name, $id, $value, $expires="") { global $mybb;	function my_set_array_cookie($name, $id, $value, $expires="") { global $mybb;
Zeile 1901	Zeile 1915
} $newcookie[$id] = $value;	} $newcookie[$id] = $value;
$newcookie = serialize($newcookie);	$newcookie = my_serialize($newcookie);
my_setcookie("mybb[$name]", addslashes($newcookie), $expires); // Make sure our current viarables are up-to-date as well $mybb->cookies['mybb'][$name] = $newcookie;	my_setcookie("mybb[$name]", addslashes($newcookie), $expires); // Make sure our current viarables are up-to-date as well $mybb->cookies['mybb'][$name] = $newcookie;
	} /* * Arbitrary limits for _safe_unserialize() / define('MAX_SERIALIZED_INPUT_LENGTH', 10240); define('MAX_SERIALIZED_ARRAY_LENGTH', 256); define('MAX_SERIALIZED_ARRAY_DEPTH', 5); /* * Credits go to https://github.com/piwik * Safe unserialize() replacement * - accepts a strict subset of PHP's native my_serialized representation * - does not unserialize objects * * @param string $str * @return mixed * @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects) / function _safe_unserialize($str) { if(strlen($str) > MAX_SERIALIZED_INPUT_LENGTH) { // input exceeds MAX_SERIALIZED_INPUT_LENGTH return false; } if(empty($str) \|\| !is_string($str)) { return false; } $stack = array(); $expected = array(); / * states: * 0 - initial state, expecting a single value or array * 1 - terminal state * 2 - in array, expecting end of array or a key * 3 - in array, expecting value or another array / $state = 0; while($state != 1) { $type = isset($str[0]) ? $str[0] : ''; if($type == '}') { $str = substr($str, 1); } else if($type == 'N' && $str[1] == ';') { $value = null; $str = substr($str, 2); } else if($type == 'b' && preg_match('/^b:([01]);/', $str, $matches)) { $value = $matches[1] == '1' ? true : false; $str = substr($str, 4); } else if($type == 'i' && preg_match('/^i:(-?[0-9]+);(.)/s', $str, $matches)) { $value = (int)$matches[1]; $str = $matches[2]; } else if($type == 'd' && preg_match('/^d:(-?[0-9]+\.?[0-9](E[+-][0-9]+)?);(.)/s', $str, $matches)) { $value = (float)$matches[1]; $str = $matches[3]; } else if($type == 's' && preg_match('/^s:([0-9]+):"(.)/s', $str, $matches) && substr($matches[2], (int)$matches[1], 2) == '";') { $value = substr($matches[2], 0, (int)$matches[1]); $str = substr($matches[2], (int)$matches[1] + 2); } else if($type == 'a' && preg_match('/^a:([0-9]+):{(.)/s', $str, $matches) && $matches[1] < MAX_SERIALIZED_ARRAY_LENGTH) { $expectedLength = (int)$matches[1]; $str = $matches[2]; } else { // object or unknown/malformed type return false; } switch($state) { case 3: // in array, expecting value or another array if($type == 'a') { if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH) { // array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH return false; } $stack[] = &$list; $list[$key] = array(); $list = &$list[$key]; $expected[] = $expectedLength; $state = 2; break; } if($type != '}') { $list[$key] = $value; $state = 2; break; } // missing array value return false; case 2: // in array, expecting end of array or a key if($type == '}') { if(count($list) < end($expected)) { // array size less than expected return false; } unset($list); $list = &$stack[count($stack)-1]; array_pop($stack); // go to terminal state if we're at the end of the root array array_pop($expected); if(count($expected) == 0) { $state = 1; } break; } if($type == 'i' \|\| $type == 's') { if(count($list) >= MAX_SERIALIZED_ARRAY_LENGTH) { // array size exceeds MAX_SERIALIZED_ARRAY_LENGTH return false; } if(count($list) >= end($expected)) { // array size exceeds expected length return false; } $key = $value; $state = 3; break; } // illegal array index type return false; case 0: // expecting array or value if($type == 'a') { if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH) { // array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH return false; } $data = array(); $list = &$data; $expected[] = $expectedLength; $state = 2; break; } if($type != '}') { $data = $value; $state = 1; break; } // not in array return false; } } if(!empty($str)) { // trailing data in input return false; } return $data; } /** * Credits go to https://github.com/piwik * Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue * * @param string $str * @return mixed / function my_unserialize($str) { // Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen() if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2)) { $mbIntEnc = mb_internal_encoding(); mb_internal_encoding('ASCII'); } $out = _safe_unserialize($str); if(isset($mbIntEnc)) { mb_internal_encoding($mbIntEnc); } return $out; } /* * Credits go to https://github.com/piwik * Safe serialize() replacement * - output a strict subset of PHP's native serialized representation * - does not my_serialize objects * * @param mixed $value * @return string * @throw Exception if $value is malformed or contains unsupported types (e.g., resources, objects) */ function _safe_serialize( $value ) { if(is_null($value)) { return 'N;'; } if(is_bool($value)) { return 'b:'.(int)$value.';'; } if(is_int($value)) { return 'i:'.$value.';'; } if(is_float($value)) { return 'd:'.str_replace(',', '.', $value).';'; } if(is_string($value)) { return 's:'.strlen($value).':"'.$value.'";'; } if(is_array($value)) { $out = ''; foreach($value as $k => $v) { $out .= _safe_serialize($k) . _safe_serialize($v); } return 'a:'.count($value).':{'.$out.'}'; } // safe_serialize cannot my_serialize resources or objects return false;
} /**	} /**
* Verifies that data passed is an array	* Credits go to https://github.com/piwik * Wrapper for _safe_serialize() that handles exceptions and multibyte encoding issue
*	*
* @param array Data to unserialize * @return array Unserialized data array */ function my_unserialize($data)	* @param mixed $value * @return string */ function my_serialize($value)
{	{
$array = unserialize($data); if(!is_array($array))	// ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen() if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
{	{
$array = array();	$mbIntEnc = mb_internal_encoding(); mb_internal_encoding('ASCII'); } $out = _safe_serialize($value); if(isset($mbIntEnc)) { mb_internal_encoding($mbIntEnc);
}	}
return $array;	return $out;
} /**	} /**
Zeile 2065	Zeile 2353
{ if(array_key_exists($counter, $changes)) {	{ if(array_key_exists($counter, $changes)) {
	if(substr($changes[$counter], 0, 2) == "+-") { $changes[$counter] = substr($changes[$counter], 1); }
// Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-") {	// Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-") {
Zeile 2077	Zeile 2369
if($new_stats[$counter] >= 0) { $new_stats[$counter] = "+{$new_stats[$counter]}";	if($new_stats[$counter] >= 0) { $new_stats[$counter] = "+{$new_stats[$counter]}";
} }	} }
// Less than 0? That's bad elseif($new_stats[$counter] < 0) {	// Less than 0? That's bad elseif($new_stats[$counter] < 0) {
Zeile 2093	Zeile 2385
if($new_stats[$counter] < 0) { $new_stats[$counter] = 0;	if($new_stats[$counter] < 0) { $new_stats[$counter] = 0;
}	}
} } }	} } }
Zeile 2122	Zeile 2414
else { $stats = $new_stats;	else { $stats = $new_stats;
} }	} }
// Update stats row for today in the database $todays_stats = array(	// Update stats row for today in the database $todays_stats = array(
Zeile 2137	Zeile 2429
$cache->update("stats", $stats, "dateline"); $stats_changes['inserted'] = true; }	$cache->update("stats", $stats, "dateline"); $stats_changes['inserted'] = true; }

/** * Updates the forum counters with a specific value (or addition/subtraction of the previous value) *	/** * Updates the forum counters with a specific value (or addition/subtraction of the previous value) *
Zeile 2160	Zeile 2452
{ if(array_key_exists($counter, $changes)) {	{ if(array_key_exists($counter, $changes)) {
	if(substr($changes[$counter], 0, 2) == "+-") { $changes[$counter] = substr($changes[$counter], 1); }
// Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-") {	// Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-") {
Zeile 2167	Zeile 2463
{ $update_query[$counter] = $forum[$counter] + $changes[$counter]; }	{ $update_query[$counter] = $forum[$counter] + $changes[$counter]; }
}	}
else { $update_query[$counter] = $changes[$counter];	else { $update_query[$counter] = $changes[$counter];
Zeile 2195	Zeile 2491
if($threads_diff > -1) { $new_stats['numthreads'] = "+{$threads_diff}";	if($threads_diff > -1) { $new_stats['numthreads'] = "+{$threads_diff}";
} else	} else
{ $new_stats['numthreads'] = "{$threads_diff}";	{ $new_stats['numthreads'] = "{$threads_diff}";
}	}
} if(array_key_exists('unapprovedthreads', $update_query))	} if(array_key_exists('unapprovedthreads', $update_query))
Zeile 2208	Zeile 2504
if($unapprovedthreads_diff > -1) { $new_stats['numunapprovedthreads'] = "+{$unapprovedthreads_diff}";	if($unapprovedthreads_diff > -1) { $new_stats['numunapprovedthreads'] = "+{$unapprovedthreads_diff}";
} else	} else
{ $new_stats['numunapprovedthreads'] = "{$unapprovedthreads_diff}";	{ $new_stats['numunapprovedthreads'] = "{$unapprovedthreads_diff}";
}	}
} if(array_key_exists('posts', $update_query)) { $posts_diff = $update_query['posts'] - $forum['posts']; if($posts_diff > -1)	} if(array_key_exists('posts', $update_query)) { $posts_diff = $update_query['posts'] - $forum['posts']; if($posts_diff > -1)
{	{
$new_stats['numposts'] = "+{$posts_diff}";	$new_stats['numposts'] = "+{$posts_diff}";
} else { $new_stats['numposts'] = "{$posts_diff}";	} else { $new_stats['numposts'] = "{$posts_diff}";
} }	} }
Zeile 2238	Zeile 2534
else { $new_stats['numunapprovedposts'] = "{$unapprovedposts_diff}";	else { $new_stats['numunapprovedposts'] = "{$unapprovedposts_diff}";
} }	} }
if(array_key_exists('deletedposts', $update_query)) {	if(array_key_exists('deletedposts', $update_query)) {
Zeile 2247	Zeile 2543
if($deletedposts_diff > -1) { $new_stats['numdeletedposts'] = "+{$deletedposts_diff}";	if($deletedposts_diff > -1) { $new_stats['numdeletedposts'] = "+{$deletedposts_diff}";
}	}
else { $new_stats['numdeletedposts'] = "{$deletedposts_diff}";	else { $new_stats['numdeletedposts'] = "{$deletedposts_diff}";
} }	} }
if(array_key_exists('deletedthreads', $update_query)) {	if(array_key_exists('deletedthreads', $update_query)) {
Zeile 2265	Zeile 2561
{ $new_stats['numdeletedthreads'] = "{$deletedthreads_diff}"; }	{ $new_stats['numdeletedthreads'] = "{$deletedthreads_diff}"; }
}	}
if(!empty($new_stats)) { update_stats($new_stats);	if(!empty($new_stats)) { update_stats($new_stats);
Zeile 2279	Zeile 2575
* @param int The forum ID */ function update_forum_lastpost($fid)	* @param int The forum ID */ function update_forum_lastpost($fid)
{ global $db;	{ global $db;
// Fetch the last post for this forum $query = $db->query(" SELECT tid, lastpost, lastposter, lastposteruid, subject	// Fetch the last post for this forum $query = $db->query(" SELECT tid, lastpost, lastposter, lastposteruid, subject
Zeile 2310	Zeile 2606
* @param array Array of items being updated (replies, unapprovedposts, deletedposts, attachmentcount) and their value (ex, 1, +1, -1) */ function update_thread_counters($tid, $changes=array())	* @param array Array of items being updated (replies, unapprovedposts, deletedposts, attachmentcount) and their value (ex, 1, +1, -1) */ function update_thread_counters($tid, $changes=array())
{ global $db; $update_query = array(); $tid = (int)$tid;	{ global $db; $update_query = array(); $tid = (int)$tid;
$counters = array('replies', 'unapprovedposts', 'attachmentcount', 'deletedposts', 'attachmentcount');	$counters = array('replies', 'unapprovedposts', 'attachmentcount', 'deletedposts', 'attachmentcount');

// Fetch above counters for this thread $query = $db->simple_select("threads", implode(",", $counters), "tid='{$tid}'"); $thread = $db->fetch_array($query);	// Fetch above counters for this thread $query = $db->simple_select("threads", implode(",", $counters), "tid='{$tid}'"); $thread = $db->fetch_array($query);
Zeile 2326	Zeile 2622
{ if(array_key_exists($counter, $changes)) {	{ if(array_key_exists($counter, $changes)) {
	if(substr($changes[$counter], 0, 2) == "+-") { $changes[$counter] = substr($changes[$counter], 1); }
// Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-") {	// Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-") {
Zeile 2452	Zeile 2752
{ if(array_key_exists($counter, $changes)) {	{ if(array_key_exists($counter, $changes)) {
	if(substr($changes[$counter], 0, 2) == "+-") { $changes[$counter] = substr($changes[$counter], 1); }
// Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-") {	// Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-") {
Zeile 2469	Zeile 2773
if(isset($update_query[$counter]) && $update_query[$counter] < 0) { $update_query[$counter] = 0;	if(isset($update_query[$counter]) && $update_query[$counter] < 0) { $update_query[$counter] = 0;
} } } $db->free_result($query);	} } } $db->free_result($query);
// Only update if we're actually doing something if(count($update_query) > 0) {	// Only update if we're actually doing something if(count($update_query) > 0) {
Zeile 2484	Zeile 2788
/** * Deletes a thread from the database	/** * Deletes a thread from the database
* * @param int The thread ID */	* * @param int The thread ID */
function delete_thread($tid) { global $moderation;	function delete_thread($tid) { global $moderation;
Zeile 2498	Zeile 2802
} return $moderation->delete_thread($tid);	} return $moderation->delete_thread($tid);
}	}
/** * Deletes a post from the database *	/** * Deletes a post from the database *
Zeile 2510	Zeile 2814
global $moderation; if(!is_object($moderation))	global $moderation; if(!is_object($moderation))
{	{
require_once MYBB_ROOT."inc/class_moderation.php"; $moderation = new Moderation; }	require_once MYBB_ROOT."inc/class_moderation.php"; $moderation = new Moderation; }
Zeile 2527	Zeile 2831
* @param int The current depth of forums we're at * @param int Whether or not to show extra items such as User CP, Forum home * @param boolean Ignore the showinjump setting and show all forums (for moderation pages)	* @param int The current depth of forums we're at * @param int Whether or not to show extra items such as User CP, Forum home * @param boolean Ignore the showinjump setting and show all forums (for moderation pages)
* @param array Array of permissions	* @param unknown_type deprecated
* @param string The name of the forum jump * @return string Forum jump items */ function build_forum_jump($pid="0", $selitem="", $addselect="1", $depth="", $showextras="1", $showall=false, $permissions="", $name="fid") {	* @param string The name of the forum jump * @return string Forum jump items */ function build_forum_jump($pid="0", $selitem="", $addselect="1", $depth="", $showextras="1", $showall=false, $permissions="", $name="fid") {
global $forum_cache, $jumpfcache, $permissioncache, $mybb, $selecteddone, $forumjump, $forumjumpbits, $gobutton, $theme, $templates, $lang;	global $forum_cache, $jumpfcache, $permissioncache, $mybb, $forumjump, $forumjumpbits, $gobutton, $theme, $templates, $lang;
$pid = (int)$pid;	$pid = (int)$pid;
$jumpsel['default'] = ''; if($permissions) { $permissions = $mybb->usergroup; }
if(!is_array($jumpfcache)) { if(!is_array($forum_cache))	if(!is_array($jumpfcache)) { if(!is_array($forum_cache))
Zeile 2555	Zeile 2853
if($forum['active'] != 0) { $jumpfcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum;	if($forum['active'] != 0) { $jumpfcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum;
}	}
} }	} }
Zeile 2578	Zeile 2876
if($selitem == $forum['fid']) {	if($selitem == $forum['fid']) {
$optionselected = "selected=\"selected\""; $selecteddone = 1;	$optionselected = 'selected="selected"';
} $forum['name'] = htmlspecialchars_uni(strip_tags($forum['name']));	} $forum['name'] = htmlspecialchars_uni(strip_tags($forum['name']));
Zeile 2598	Zeile 2895
if($addselect) {	if($addselect) {
if(!$selecteddone) { if(!$selitem) { $selitem = "default"; } $jumpsel[$selitem] = 'selected="selected"'; }
if($showextras == 0) { $template = "special";	if($showextras == 0) { $template = "special";
Zeile 2618	Zeile 2905
if(strpos(FORUM_URL, '.html') !== false) {	if(strpos(FORUM_URL, '.html') !== false) {
$forum_link = "'".str_replace('{fid}', "'+this.options[this.selectedIndex].value+'", FORUM_URL)."'";	$forum_link = "'".str_replace('{fid}', "'+option+'", FORUM_URL)."'";
} else {	} else {
$forum_link = "'".str_replace('{fid}', "'+this.options[this.selectedIndex].value", FORUM_URL);	$forum_link = "'".str_replace('{fid}', "'+option", FORUM_URL);
} }	} }
Zeile 2681	Zeile 2968
} if($displaygroup != 0)	} if($displaygroup != 0)
{	{
$usergroup = $displaygroup; }	$usergroup = $displaygroup; }

$ugroup = $groupscache[$usergroup]; $format = $ugroup['namestyle']; $userin = substr_count($format, "{username}");	$ugroup = $groupscache[$usergroup]; $format = $ugroup['namestyle']; $userin = substr_count($format, "{username}");
Zeile 2692	Zeile 2979
if($userin == 0) { $format = "{username}";	if($userin == 0) { $format = "{username}";
}	}
$format = stripslashes($format);	$format = stripslashes($format);
Zeile 2722	Zeile 3009
// Default avatar $avatar = $mybb->settings['useravatar']; $dimensions = $mybb->settings['useravatardims'];	// Default avatar $avatar = $mybb->settings['useravatar']; $dimensions = $mybb->settings['useravatardims'];
}	}
if(isset($avatars[$avatar]))	if(isset($avatars[$avatar]))
{	{
return $avatars[$avatar]; } if(!$max_dimensions) { $max_dimensions = $mybb->settings['maxavatardims'];	return $avatars[$avatar]; } if(!$max_dimensions) { $max_dimensions = $mybb->settings['maxavatardims'];
}	} $avatar_width_height = '';
if($dimensions) {	if($dimensions) {
Zeile 2756	Zeile 3045
} $avatars[$avatar] = array(	} $avatars[$avatar] = array(
'image' => $mybb->get_asset_url($avatar),	'image' => htmlspecialchars_uni($mybb->get_asset_url($avatar)),
'width_height' => $avatar_width_height );	'width_height' => $avatar_width_height );
Zeile 2764	Zeile 3053
} /**	} /**
* Build the javascript based MyCode inserter	* Build the javascript based MyCode inserter. * * @param string $bind The ID of the textarea to bind to. Defaults to "message". * @param bool $smilies Whether to include smilies. Defaults to true.
* * @return string The MyCode inserter */	* * @return string The MyCode inserter */
Zeile 2883	Zeile 3175
if(!$smiliecache) {	if(!$smiliecache) {
if(!is_array($smilie_cache))	if(!isset($smilie_cache) \|\| !is_array($smilie_cache))
{ $smilie_cache = $cache->read("smilies"); }	{ $smilie_cache = $cache->read("smilies"); }
Zeile 2914	Zeile 3206
// Only show the first text to replace in the box $smilie['find'] = $finds[0];	// Only show the first text to replace in the box $smilie['find'] = $finds[0];
$find = htmlspecialchars_uni($smilie['find']); $image = htmlspecialchars_uni($smilie['image']);	$find = str_replace(array('\\', '"'), array('\\\\', '\"'), htmlspecialchars_uni($smilie['find'])); $image = htmlspecialchars_uni($mybb->get_asset_url($smilie['image'])); $image = str_replace(array('\\', '"'), array('\\\\', '\"'), $image);
if($i < $mybb->settings['smilieinsertertot']) { $dropdownsmilies .= '"'.$find.'": "'.$image.'",';	if($i < $mybb->settings['smilieinsertertot']) { $dropdownsmilies .= '"'.$find.'": "'.$image.'",';
Zeile 2927	Zeile 3221
for($j = 1; $j < $finds_count; ++$j) {	for($j = 1; $j < $finds_count; ++$j) {
$find = htmlspecialchars_uni($finds[$j]);	$find = str_replace(array('\\', '"'), array('\\\\', '\"'), htmlspecialchars_uni($finds[$j]));
$hiddensmilies .= '"'.$find.'": "'.$image.'",'; } ++$i;	$hiddensmilies .= '"'.$find.'": "'.$image.'",'; } ++$i;
Zeile 3041	Zeile 3335
$getmore = ''; if($mybb->settings['smilieinsertertot'] >= $smiliecount)	$getmore = ''; if($mybb->settings['smilieinsertertot'] >= $smiliecount)
{	{
$mybb->settings['smilieinsertertot'] = $smiliecount; } else if($mybb->settings['smilieinsertertot'] < $smiliecount)	$mybb->settings['smilieinsertertot'] = $smiliecount; } else if($mybb->settings['smilieinsertertot'] < $smiliecount)
{	{
$smiliecount = $mybb->settings['smilieinsertertot']; eval("\$getmore = \"".$templates->get("smilieinsert_getmore")."\";"); }	$smiliecount = $mybb->settings['smilieinsertertot']; eval("\$getmore = \"".$templates->get("smilieinsert_getmore")."\";"); }
Zeile 3063	Zeile 3357
{ $smilies .= "<tr>\n"; }	{ $smilies .= "<tr>\n"; }
	$smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image'])); $smilie['name'] = htmlspecialchars_uni($smilie['name']);
// Only show the first text to replace in the box $temp = explode("\n", $smilie['find']); // assign to temporary variable for php 5.3 compatibility $smilie['find'] = $temp[0];	// Only show the first text to replace in the box $temp = explode("\n", $smilie['find']); // assign to temporary variable for php 5.3 compatibility $smilie['find'] = $temp[0];
$find = htmlspecialchars_uni($smilie['find']);

$onclick = ' onclick="MyBBEditor.insertText(\' '.$smilie['find'].' \');"';	$find = str_replace(array('\\', "'"), array('\\\\', "\'"), htmlspecialchars_uni($smilie['find'])); $onclick = " onclick=\"MyBBEditor.insertText(' $find ');\"";
$extra_class = ' smilie_pointer'; eval('$smilie = "'.$templates->get('smilie', 1, 0).'";'); eval("\$smilies .= \"".$templates->get("smilieinsert_smilie")."\";");	$extra_class = ' smilie_pointer'; eval('$smilie = "'.$templates->get('smilie', 1, 0).'";'); eval("\$smilies .= \"".$templates->get("smilieinsert_smilie")."\";");
Zeile 3239	Zeile 3537
{ $any_selected = ""; if($selected_pid == 'any')	{ $any_selected = ""; if($selected_pid == 'any')
{	{
$any_selected = " selected=\"selected\""; }	$any_selected = " selected=\"selected\""; }
}	}
$default_selected = ""; if(((int)$selected_pid == 0) && $selected_pid != 'any')	$default_selected = ""; if(((int)$selected_pid == 0) && $selected_pid != 'any')
{	{
$default_selected = " selected=\"selected\"";	$default_selected = " selected=\"selected\"";
} foreach($prefixes as $prefix) {	} foreach($prefixes as $prefix) {
$selected = ""; if($prefix['pid'] == $selected_pid) { $selected = " selected=\"selected\""; }	$selected = ""; if($prefix['pid'] == $selected_pid) { $selected = " selected=\"selected\""; }

$prefix['prefix'] = htmlspecialchars_uni($prefix['prefix']); eval("\$prefixselect_prefix .= \"".$templates->get("post_prefixselect_prefix")."\";"); } if($multiple != 0)	$prefix['prefix'] = htmlspecialchars_uni($prefix['prefix']); eval("\$prefixselect_prefix .= \"".$templates->get("post_prefixselect_prefix")."\";"); } if($multiple != 0)
{	{
eval("\$prefixselect = \"".$templates->get("post_prefixselect_multiple")."\";"); } else	eval("\$prefixselect = \"".$templates->get("post_prefixselect_multiple")."\";"); } else
Zeile 3300	Zeile 3598
{ // Decide whether this prefix can be used in our forum $forums = explode(",", $prefix['forums']);	{ // Decide whether this prefix can be used in our forum $forums = explode(",", $prefix['forums']);

if(in_array($fid, $forums)) { // This forum can use this prefix! $prefixes[$prefix['pid']] = $prefix; }	if(in_array($fid, $forums)) { // This forum can use this prefix! $prefixes[$prefix['pid']] = $prefix; }
}	}
else { // This prefix is for anybody to use... $prefixes[$prefix['pid']] = $prefix;	else { // This prefix is for anybody to use... $prefixes[$prefix['pid']] = $prefix;
} }	} }
if(empty($prefixes))	if(empty($prefixes))
{	{
return false;	return false;
} $prefixselect = $prefixselect_prefix = ''; $default_selected = ''; if((int)$selected_pid == 0) { $default_selected = " selected=\"selected\""; }	} $default_selected = array(); $selected_pid = (int)$selected_pid; if($selected_pid == 0) { $default_selected['all'] = ' selected="selected"'; } else if($selected_pid == -1) { $default_selected['none'] = ' selected="selected"'; } else if($selected_pid == -2) { $default_selected['any'] = ' selected="selected"'; }
foreach($prefixes as $prefix) { $selected = ''; if($prefix['pid'] == $selected_pid) {	foreach($prefixes as $prefix) { $selected = ''; if($prefix['pid'] == $selected_pid) {
$selected = " selected=\"selected\"";	$selected = ' selected="selected"';
}	}

$prefix['prefix'] = htmlspecialchars_uni($prefix['prefix']);	$prefix['prefix'] = htmlspecialchars_uni($prefix['prefix']);
eval("\$prefixselect_prefix .= \"".$templates->get("forumdisplay_threadlist_prefixes_prefix")."\";");	eval('$prefixselect_prefix .= "'.$templates->get("forumdisplay_threadlist_prefixes_prefix").'";');
}	}
eval("\$prefixselect = \"".$templates->get("forumdisplay_threadlist_prefixes")."\";");	eval('$prefixselect = "'.$templates->get("forumdisplay_threadlist_prefixes").'";');
return $prefixselect;	return $prefixselect;
}	}
/** * Gzip encodes text to a specified level	/** * Gzip encodes text to a specified level
Zeile 3351	Zeile 3657
* @return string The encoded string */ function gzip_encode($contents, $level=1)	* @return string The encoded string */ function gzip_encode($contents, $level=1)
{	{
if(function_exists("gzcompress") && function_exists("crc32") && !headers_sent() && !(ini_get('output_buffering') && my_strpos(' '.ini_get('output_handler'), 'ob_gzhandler'))) { $httpaccept_encoding = '';	if(function_exists("gzcompress") && function_exists("crc32") && !headers_sent() && !(ini_get('output_buffering') && my_strpos(' '.ini_get('output_handler'), 'ob_gzhandler'))) { $httpaccept_encoding = '';
Zeile 3369	Zeile 3675
if(my_strpos(" ".$httpaccept_encoding, "gzip")) { $encoding = "gzip";	if(my_strpos(" ".$httpaccept_encoding, "gzip")) { $encoding = "gzip";
}	}
if(isset($encoding)) { header("Content-Encoding: $encoding");	if(isset($encoding)) { header("Content-Encoding: $encoding");
Zeile 3390	Zeile 3696
$contents = $gzdata; } }	$contents = $gzdata; } }
}	}
return $contents; }	return $contents; }
Zeile 3418	Zeile 3724
$tid = (int)$data['tid']; unset($data['tid']); }	$tid = (int)$data['tid']; unset($data['tid']); }

$pid = 0; if(isset($data['pid'])) {	$pid = 0; if(isset($data['pid'])) {
Zeile 3426	Zeile 3732
unset($data['pid']); }	unset($data['pid']); }
// Any remaining extra data - we serialize and insert in to its own column	// Any remaining extra data - we my_serialize and insert in to its own column
if(is_array($data)) {	if(is_array($data)) {
$data = serialize($data);	$data = my_serialize($data);
} $sql_array = array(	} $sql_array = array(
Zeile 3523	Zeile 3829
{ global $mybb, $plugins;	{ global $mybb, $plugins;
$ip = $_SERVER['REMOTE_ADDR'];	$ip = strtolower($_SERVER['REMOTE_ADDR']);
if($mybb->settings['ip_forwarded_check']) {	if($mybb->settings['ip_forwarded_check']) {
Zeile 3531	Zeile 3837
if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {	if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$addresses = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);	$addresses = explode(',', strtolower($_SERVER['HTTP_X_FORWARDED_FOR']));
} elseif(isset($_SERVER['HTTP_X_REAL_IP'])) {	} elseif(isset($_SERVER['HTTP_X_REAL_IP'])) {
$addresses = explode(',', $_SERVER['HTTP_X_REAL_IP']);	$addresses = explode(',', strtolower($_SERVER['HTTP_X_REAL_IP']));
} if(is_array($addresses))	} if(is_array($addresses))
Zeile 3545	Zeile 3851
$val = trim($val); // Validate IP address and exclude private addresses if(my_inet_ntop(my_inet_pton($val)) == $val && !preg_match("#^(10\.\|172\.(1[6-9]\|2[0-9]\|3[0-1])\.\|192\.168\.\|fe80:\|fe[c-f][0-f]:\|f[c-d][0-f]{2}:)#", $val))	$val = trim($val); // Validate IP address and exclude private addresses if(my_inet_ntop(my_inet_pton($val)) == $val && !preg_match("#^(10\.\|172\.(1[6-9]\|2[0-9]\|3[0-1])\.\|192\.168\.\|fe80:\|fe[c-f][0-f]:\|f[c-d][0-f]{2}:)#", $val))
{	{
$ip = $val; break; }	$ip = $val; break; }
Zeile 3557	Zeile 3863
{ if(isset($_SERVER['HTTP_CLIENT_IP'])) {	{ if(isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];	$ip = strtolower($_SERVER['HTTP_CLIENT_IP']);
} }	} }
Zeile 3676	Zeile 3982
*/ function get_attachment_icon($ext) {	*/ function get_attachment_icon($ext) {
global $cache, $attachtypes, $theme, $templates, $lang;	global $cache, $attachtypes, $theme, $templates, $lang, $mybb;
if(!$attachtypes) {	if(!$attachtypes) {
Zeile 3699	Zeile 4005
{ global $change_dir; $icon = $change_dir."/".str_replace("{theme}", $theme['imgdir'], $attachtypes[$ext]['icon']);	{ global $change_dir; $icon = $change_dir."/".str_replace("{theme}", $theme['imgdir'], $attachtypes[$ext]['icon']);
	$icon = $mybb->get_asset_url($icon);
} else { $icon = str_replace("{theme}", $theme['imgdir'], $attachtypes[$ext]['icon']);	} else { $icon = str_replace("{theme}", $theme['imgdir'], $attachtypes[$ext]['icon']);
	$icon = $mybb->get_asset_url($icon);
} $name = htmlspecialchars_uni($attachtypes[$ext]['name']);	} $name = htmlspecialchars_uni($attachtypes[$ext]['name']);
Zeile 3723	Zeile 4031
$name = $lang->unknown; }	$name = $lang->unknown; }
	$icon = htmlspecialchars_uni($icon);
eval("\$attachment_icon = \"".$templates->get("attachment_icon")."\";"); return $attachment_icon; }	eval("\$attachment_icon = \"".$templates->get("attachment_icon")."\";"); return $attachment_icon; }
Zeile 3735	Zeile 4044
*/ function get_unviewable_forums($only_readable_threads=false) {	*/ function get_unviewable_forums($only_readable_threads=false) {
global $forum_cache, $permissioncache, $mybb, $unviewable, $templates, $forumpass;	global $forum_cache, $permissioncache, $mybb;

if(!isset($permissions)) { $permissions = $mybb->usergroup; } if(!is_array($forum_cache))	if(!is_array($forum_cache))
{ cache_forums(); }	{ cache_forums(); }
Zeile 3750	Zeile 4054
if(!is_array($permissioncache)) { $permissioncache = forum_permissions();	if(!is_array($permissioncache)) { $permissioncache = forum_permissions();
} $unviewableforums = ''; $password_forums = array();	} $password_forums = $unviewable = array();
foreach($forum_cache as $fid => $forum) { if($permissioncache[$forum['fid']])	foreach($forum_cache as $fid => $forum) { if($permissioncache[$forum['fid']])
{	{
$perms = $permissioncache[$forum['fid']]; } else { $perms = $mybb->usergroup;	$perms = $permissioncache[$forum['fid']]; } else { $perms = $mybb->usergroup;
} $pwverified = 1;	} $pwverified = 1;
if($forum['password'] != "") { if($mybb->cookies['forumpass'][$forum['fid']] != md5($mybb->user['uid'].$forum['password']))	if($forum['password'] != "") { if($mybb->cookies['forumpass'][$forum['fid']] != md5($mybb->user['uid'].$forum['password']))
Zeile 3791	Zeile 4094
if($perms['canview'] == 0 \|\| $pwverified == 0 \|\| ($only_readable_threads == true && $perms['canviewthreads'] == 0)) {	if($perms['canview'] == 0 \|\| $pwverified == 0 \|\| ($only_readable_threads == true && $perms['canviewthreads'] == 0)) {
if($unviewableforums) { $unviewableforums .= ","; } $unviewableforums .= "'".$forum['fid']."'";	$unviewable[] = $forum['fid'];
} }	} }
if(isset($unviewableforums)) { return $unviewableforums; }	$unviewableforums = implode(',', $unviewable); return $unviewableforums;
} /**	} /**
Zeile 3812	Zeile 4109
* @param string The date format to use * @param int The year of the date * @return string The correct date format	* @param string The date format to use * @param int The year of the date * @return string The correct date format
*/	*/
function fix_mktime($format, $year) { // Our little work around for the date < 1970 thing.	function fix_mktime($format, $year) { // Our little work around for the date < 1970 thing.
Zeile 3849	Zeile 4146
$sep = $navsep; } else	$sep = $navsep; } else
{	{
$sep = ""; }	$sep = ""; }
Zeile 3861	Zeile 4158
{ $mybb->settings['threadsperpage'] = 20; }	{ $mybb->settings['threadsperpage'] = 20; }

$multipage = multipage($navbit['multipage']['num_threads'], $mybb->settings['threadsperpage'], $navbit['multipage']['current_page'], $navbit['multipage']['url'], true); if($multipage) {	$multipage = multipage($navbit['multipage']['num_threads'], $mybb->settings['threadsperpage'], $navbit['multipage']['current_page'], $navbit['multipage']['url'], true); if($multipage) {
Zeile 4524	Zeile 4821
* * @param boolean True to return as "hidden" fields * @param array Array of fields to ignore if first argument is true	* * @param boolean True to return as "hidden" fields * @param array Array of fields to ignore if first argument is true
	* @param boolean True to skip all inputs and return only the file path part of the URL
* @return string The current URL being accessed */	* @return string The current URL being accessed */
function get_current_location($fields=false, $ignore=array())	function get_current_location($fields=false, $ignore=array(), $quick=false)
{ if(defined("MYBB_LOCATION")) { return MYBB_LOCATION; }	{ if(defined("MYBB_LOCATION")) { return MYBB_LOCATION; }
if(!empty($_SERVER['PATH_INFO']))	if(!empty($_SERVER['SCRIPT_NAME']))
{	{
$location = htmlspecialchars_uni($_SERVER['PATH_INFO']); } elseif(!empty($_ENV['PATH_INFO'])) { $location = htmlspecialchars_uni($_ENV['PATH_INFO']); } elseif(!empty($_ENV['PHP_SELF']))	$location = htmlspecialchars_uni($_SERVER['SCRIPT_NAME']); } elseif(!empty($_SERVER['PHP_SELF']))
{	{
$location = htmlspecialchars_uni($_ENV['PHP_SELF']);	$location = htmlspecialchars_uni($_SERVER['PHP_SELF']); } elseif(!empty($_ENV['PHP_SELF'])) { $location = htmlspecialchars_uni($_ENV['PHP_SELF']); } elseif(!empty($_SERVER['PATH_INFO'])) { $location = htmlspecialchars_uni($_SERVER['PATH_INFO']);
} else {	} else {
$location = htmlspecialchars_uni($_SERVER['PHP_SELF']);	$location = htmlspecialchars_uni($_ENV['PATH_INFO']); } if($quick) { return $location;
} if($fields == true)	} if($fields == true)
Zeile 4570	Zeile 4877
} $form_html .= "<input type=\"hidden\" name=\"".htmlspecialchars_uni($name)."\" value=\"".htmlspecialchars_uni($value)."\" />\n";	} $form_html .= "<input type=\"hidden\" name=\"".htmlspecialchars_uni($name)."\" value=\"".htmlspecialchars_uni($value)."\" />\n";
}	}
} return array('location' => $location, 'form_html' => $form_html, 'form_method' => $mybb->request_method);	} return array('location' => $location, 'form_html' => $form_html, 'form_method' => $mybb->request_method);
Zeile 4584	Zeile 4891
else if(isset($_ENV['QUERY_STRING'])) { $location .= "?".htmlspecialchars_uni($_ENV['QUERY_STRING']);	else if(isset($_ENV['QUERY_STRING'])) { $location .= "?".htmlspecialchars_uni($_ENV['QUERY_STRING']);
}	}
if((isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == "POST") \|\| (isset($_ENV['REQUEST_METHOD']) && $_ENV['REQUEST_METHOD'] == "POST")) { $post_array = array('action', 'fid', 'pid', 'tid', 'uid', 'eid');	if((isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == "POST") \|\| (isset($_ENV['REQUEST_METHOD']) && $_ENV['REQUEST_METHOD'] == "POST")) { $post_array = array('action', 'fid', 'pid', 'tid', 'uid', 'eid');

foreach($post_array as $var) { if(isset($_POST[$var]))	foreach($post_array as $var) { if(isset($_POST[$var]))
Zeile 4609	Zeile 4916
$location .= "&"; } $location .= implode("&", $addloc);	$location .= "&"; } $location .= implode("&", $addloc);
} } if(strlen($location) > 150) { $location = substr($location, 0, 150); }	} }
return $location; }	return $location; }
Zeile 4775	Zeile 5077
else { $decimals = 0;	else { $decimals = 0;
}	}
return number_format((double)$number, $decimals, $mybb->settings['decpoint'], $mybb->settings['thousandssep']); } }	return number_format((double)$number, $decimals, $mybb->settings['decpoint'], $mybb->settings['thousandssep']); } }
Zeile 4796	Zeile 5098
static $use_iconv; if(!isset($charset))	static $use_iconv; if(!isset($charset))
{	{
$charset = my_strtolower($lang->settings['charset']); } if($charset == "utf-8")	$charset = my_strtolower($lang->settings['charset']); } if($charset == "utf-8")
{	{
return $str; } if(!isset($use_iconv))	return $str; } if(!isset($use_iconv))
{	{
$use_iconv = function_exists("iconv"); }	$use_iconv = function_exists("iconv"); }
Zeile 4816	Zeile 5118
} if($use_iconv \|\| $use_mb)	} if($use_iconv \|\| $use_mb)
{	{
if($to) { $from_charset = $lang->settings['charset']; $to_charset = "UTF-8";	if($to) { $from_charset = $lang->settings['charset']; $to_charset = "UTF-8";
}	}
else { $from_charset = "UTF-8"; $to_charset = $lang->settings['charset'];	else { $from_charset = "UTF-8"; $to_charset = $lang->settings['charset'];
}	}
if($use_iconv) { return iconv($from_charset, $to_charset."//IGNORE", $str);	if($use_iconv) { return iconv($from_charset, $to_charset."//IGNORE", $str);
} else	} else
{ return @mb_convert_encoding($str, $to_charset, $from_charset); }	{ return @mb_convert_encoding($str, $to_charset, $from_charset); }
Zeile 4841	Zeile 5143
if($to) { return utf8_encode($str);	if($to) { return utf8_encode($str);
}	}
else { return utf8_decode($str);	else { return utf8_decode($str);
} }	} }
else { return $str;	else { return $str;
Zeile 4854	Zeile 5156
} /**	} /**
* Replacement function for PHP's wordwrap(). This version does not break up HTML tags, URLs or unicode references. * * @param string The string to be word wrapped * @return string The word wraped string	* DEPRECATED! Please use other alternatives.
*/ function my_wordwrap($message) {	*/ function my_wordwrap($message) {
global $mybb; if($mybb->settings['wordwrap'] > 0) { $message = convert_through_utf8($message); if(!($new_message = @preg_replace("#(((?>[^\s&/<>\"\\-\[\]])\|(&\#[a-z0-9]{1,10};)){{$mybb->settings['wordwrap']}})#u", "$0", $message))) { $new_message = preg_replace("#(((?>[^\s&/<>\"\\-\[\]])\|(&\#[a-z0-9]{1,10};)){{$mybb->settings['wordwrap']}})#", "$0", $message); } $new_message = convert_through_utf8($new_message, false); return $new_message; }
return $message; }	return $message; }
Zeile 5640	Zeile 5923
$options['username_method'] = 0; }	$options['username_method'] = 0; }
switch($options['username_method'])	switch($db->type) { case 'mysql': case 'mysqli': $field = 'username'; $efield = 'email'; break; default: $field = 'LOWER(username)'; $efield = 'LOWER(email)'; break; } switch($options['username_method'])
{ case 1:	{ case 1:
$sqlwhere = 'LOWER(email)=\''.$username.'\''; break; case 2: $sqlwhere = 'LOWER(username)=\''.$username.'\' OR LOWER(email)=\''.$username.'\'';	$sqlwhere = "{$efield}='{$username}'"; break; case 2: $sqlwhere = "{$field}='{$username}' OR {$efield}='{$username}'";
break; default:	break; default:
$sqlwhere = 'LOWER(username)=\''.$username.'\'';	$sqlwhere = "{$field}='{$username}'";
break; }	break; }
Zeile 5659	Zeile 5955
$fields = array_merge((array)$options['fields'], $fields); }	$fields = array_merge((array)$options['fields'], $fields); }
$fields = array_flip($fields); $query = $db->simple_select('users', implode(',', array_keys($fields)), $sqlwhere, array('limit' => 1));	$query = $db->simple_select('users', implode(',', array_unique($fields)), $sqlwhere, array('limit' => 1));
if(isset($options['exists'])) {	if(isset($options['exists'])) {
Zeile 5686	Zeile 5980
if(!isset($forum_cache) \|\| is_array($forum_cache)) { $forum_cache = $cache->read("forums");	if(!isset($forum_cache) \|\| is_array($forum_cache)) { $forum_cache = $cache->read("forums");
}	}
if(empty($forum_cache[$fid])) { return false;	if(empty($forum_cache[$fid])) { return false;
}	}
if($active_override != 1) { $parents = explode(",", $forum_cache[$fid]['parentlist']);	if($active_override != 1) { $parents = explode(",", $forum_cache[$fid]['parentlist']);
Zeile 5703	Zeile 5997
if($forum_cache[$parent]['active'] == 0) { return false;	if($forum_cache[$parent]['active'] == 0) { return false;
} } } }	} } } }
return $forum_cache[$fid]; }	return $forum_cache[$fid]; }

/** * Get the thread of a thread id. *	/** * Get the thread of a thread id. *
Zeile 5728	Zeile 6022
if(isset($thread_cache[$tid]) && !$recache) { return $thread_cache[$tid];	if(isset($thread_cache[$tid]) && !$recache) { return $thread_cache[$tid];
}	}
else { $query = $db->simple_select("threads", "*", "tid = '{$tid}'");	else { $query = $db->simple_select("threads", "*", "tid = '{$tid}'");
Zeile 5749	Zeile 6043
/** * Get the post of a post id.	/** * Get the post of a post id.
*	*
* @param int The post id of the post. * @param boolean Whether or not to recache the post. * @param array An array of fields to gather from the database	* @param int The post id of the post. * @param boolean Whether or not to recache the post. * @param array An array of fields to gather from the database
Zeile 5763	Zeile 6057
$pid = (int)$pid; if(isset($post_cache[$pid]))	$pid = (int)$pid; if(isset($post_cache[$pid]))
{	{
return $post_cache[$pid]; } else { $query = $db->simple_select("posts", "*", "pid = '{$pid}'"); $post = $db->fetch_array($query);	return $post_cache[$pid]; } else { $query = $db->simple_select("posts", "*", "pid = '{$pid}'"); $post = $db->fetch_array($query);

if($post) { $post_cache[$pid] = $post;	if($post) { $post_cache[$pid] = $post;
Zeile 5791	Zeile 6085
*/ function get_inactive_forums() {	*/ function get_inactive_forums() {
global $forum_cache, $cache, $inactiveforums;	global $forum_cache, $cache;
if(!$forum_cache) { cache_forums();	if(!$forum_cache) { cache_forums();
Zeile 5814	Zeile 6108
} } }	} } }

$inactiveforums = implode(",", $inactive); return $inactiveforums;	$inactiveforums = implode(",", $inactive); return $inactiveforums;
Zeile 6255	Zeile 6550
$ip_range = fetch_ip_range($banned_ip['filter']); if(is_array($ip_range)) {	$ip_range = fetch_ip_range($banned_ip['filter']); if(is_array($ip_range)) {
if(strcmp($ip_range[0], $ip_address) >= 0 && strcmp($ip_range[1], $ip_address) <= 0)	if(strcmp($ip_range[0], $ip_address) <= 0 && strcmp($ip_range[1], $ip_address) >= 0)
{ $banned = true; }	{ $banned = true; }
Zeile 6373	Zeile 6668
} /**	} /**
* Fetch the contents of a remote fle.	* Fetch the contents of a remote file.
* * @param string The URL of the remote file * @param array The array of post data	* * @param string The URL of the remote file * @param array The array of post data
Zeile 6398	Zeile 6693
curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);	curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
if(!empty($post_body)) { curl_setopt($ch, CURLOPT_POST, 1);	if(!empty($post_body)) { curl_setopt($ch, CURLOPT_POST, 1);
Zeile 6426	Zeile 6722
{ $url['path'] .= "?{$url['query']}"; }	{ $url['path'] .= "?{$url['query']}"; }
$fp = @fsockopen($url['host'], $url['port'], $error_no, $error, 10);	$scheme = ''; if($url['scheme'] == 'https') { $scheme = 'ssl://'; if($url['port'] == 80) { $url['port'] = 443; } } $fp = @fsockopen($scheme.$url['host'], $url['port'], $error_no, $error, 10);
@stream_set_timeout($fp, 10); if(!$fp) {	@stream_set_timeout($fp, 10); if(!$fp) {
Zeile 6438	Zeile 6746
$headers[] = "POST {$url['path']} HTTP/1.0"; $headers[] = "Content-Length: ".strlen($post_body); $headers[] = "Content-Type: application/x-www-form-urlencoded";	$headers[] = "POST {$url['path']} HTTP/1.0"; $headers[] = "Content-Length: ".strlen($post_body); $headers[] = "Content-Type: application/x-www-form-urlencoded";
} else {	} else {
$headers[] = "GET {$url['path']} HTTP/1.0"; }	$headers[] = "GET {$url['path']} HTTP/1.0"; }
Zeile 6474	Zeile 6782
else if(empty($post_data)) { return @implode("", @file($url));	else if(empty($post_data)) { return @implode("", @file($url));
} else { return false; } } /**	} else { return false; } } /**
* Checks if a particular user is a super administrator. * * @param int The user ID to check against the list of super admins	* Checks if a particular user is a super administrator. * * @param int The user ID to check against the list of super admins
Zeile 6495	Zeile 6803
{ global $mybb; $super_admins = str_replace(" ", "", $mybb->config['super_admins']);	{ global $mybb; $super_admins = str_replace(" ", "", $mybb->config['super_admins']);
}	}
if(my_strpos(",{$super_admins},", ",{$uid},") === false) {	if(my_strpos(",{$super_admins},", ",{$uid},") === false) {
Zeile 6512	Zeile 6820
* Originates from frostschutz's PluginLibrary * github.com/frostschutz *	* Originates from frostschutz's PluginLibrary * github.com/frostschutz *
* @param mixed A selection of groups to check	* @param mixed A selection of groups to check or -1 for any group
* @param mixed User to check selection against	* @param mixed User to check selection against
* @return mixed Array of groups this user belongs to	* @return array Array of groups specified in the first param to which the user belongs
*/ function is_member($groups, $user = false) { global $mybb;	*/ function is_member($groups, $user = false) { global $mybb;
	if(empty($groups)) { return array(); }
if($user == false) { $user = $mybb->user; } else if(!is_array($user))	if($user == false) { $user = $mybb->user; } else if(!is_array($user))
{	{
// Assume it's a UID $user = get_user($user); }	// Assume it's a UID $user = get_user($user); }

$memberships = array_map('intval', explode(',', $user['additionalgroups'])); $memberships[] = $user['usergroup']; if(!is_array($groups)) {	$memberships = array_map('intval', explode(',', $user['additionalgroups'])); $memberships[] = $user['usergroup']; if(!is_array($groups)) {
if(is_string($groups)) { $groups = explode(',', $groups);	if((int)$groups == -1) { return $memberships;
} else {	} else {
$groups = (array)$groups;	if(is_string($groups)) { $groups = explode(',', $groups); } else { $groups = (array)$groups; }
} }	} }
Zeile 6980	Zeile 7300
else { // IPv4	else { // IPv4
	$ip_bits = count(explode('.', $ipaddress)); if($ip_bits < 4) { // Support for 127.0.* $replacement = str_repeat('.', 4-$ip_bits); $ipaddress = substr_replace($ipaddress, $replacement, strrpos($ipaddress, '')+1, 0); }
$upper = str_replace('', '255', $ipaddress); $lower = str_replace('', '0', $ipaddress); }	$upper = str_replace('', '255', $ipaddress); $lower = str_replace('', '0', $ipaddress); }
Zeile 6993	Zeile 7320
} // CIDR notation elseif(strpos($ipaddress, '/') !== false)	} // CIDR notation elseif(strpos($ipaddress, '/') !== false)
{	{
$ipaddress = explode('/', $ipaddress); $ip_address = $ipaddress[0]; $ip_range = (int)$ipaddress[1];	$ipaddress = explode('/', $ipaddress); $ip_address = $ipaddress[0]; $ip_range = (int)$ipaddress[1];
Zeile 7006	Zeile 7333
else { $ip_address = my_inet_pton($ip_address);	else { $ip_address = my_inet_pton($ip_address);

if(!$ip_address) { // Invalid IP address	if(!$ip_address) { // Invalid IP address
Zeile 7019	Zeile 7346
* Author: NewEraCracker * License: Public Domain */	* Author: NewEraCracker * License: Public Domain */

// Pack IP, Set some vars $ip_pack = $ip_address; $ip_pack_size = strlen($ip_pack);	// Pack IP, Set some vars $ip_pack = $ip_address; $ip_pack_size = strlen($ip_pack);
Zeile 7032	Zeile 7359
$bit = decbin(ord($ip_pack[$i])); $bit = str_pad($bit, 8, '0', STR_PAD_LEFT); $ip_bits .= $bit;	$bit = decbin(ord($ip_pack[$i])); $bit = str_pad($bit, 8, '0', STR_PAD_LEFT); $ip_bits .= $bit;
}	}
// Significative bits (from the ip range) $ip_bits = substr($ip_bits, 0, $ip_range);	// Significative bits (from the ip range) $ip_bits = substr($ip_bits, 0, $ip_range);
Zeile 7058	Zeile 7385
$chr = chr( bindec($chr) ); $ip_higher_pack .= $chr; }	$chr = chr( bindec($chr) ); $ip_higher_pack .= $chr; }

return array($ip_lower_pack, $ip_higher_pack); } // Just on IP address	return array($ip_lower_pack, $ip_higher_pack); } // Just on IP address
Zeile 7084	Zeile 7411
if(!$time_start) { $time_start = $time;	if(!$time_start) { $time_start = $time;
return;	return;
} // Timer has run, return execution time else	} // Timer has run, return execution time else
Zeile 7292	Zeile 7619
/** * Wrapper function for mt_rand. Automatically seeds using a secure seed once.	/** * Wrapper function for mt_rand. Automatically seeds using a secure seed once.
*	*
* @param int Optional lowest value to be returned (default: 0) * @param int Optional highest value to be returned (default: mt_getrandmax()) * @param boolean True forces it to reseed the RNG first	* @param int Optional lowest value to be returned (default: 0) * @param int Optional highest value to be returned (default: mt_getrandmax()) * @param boolean True forces it to reseed the RNG first
Zeile 7500	Zeile 7827
function gd_version() { static $gd_version;	function gd_version() { static $gd_version;

if($gd_version) { return $gd_version;	if($gd_version) { return $gd_version;
Zeile 7526	Zeile 7853
preg_match('/\d/', $info, $gd); $gd_version = $gd[0]; }	preg_match('/\d/', $info, $gd); $gd_version = $gd[0]; }

return $gd_version; }	return $gd_version; }
Zeile 7551	Zeile 7878
if($c > 128) { if($c > 247 \|\| $c <= 191)	if($c > 128) { if($c > 247 \|\| $c <= 191)
{ if($return) {	{ if($return) {
$string .= '?'; continue;	$string .= '?'; continue;
}	}
else { return false; }	else { return false; }
}	}
elseif($c > 239)	elseif($c > 239)
{ $bytes = 4; }	{ $bytes = 4; }
elseif($c > 223) { $bytes = 3;	elseif($c > 223) { $bytes = 3;
Zeile 7604	Zeile 7931
{ return false; }	{ return false; }
}	}
else { $multibytes .= $input[$i];	else { $multibytes .= $input[$i];
Zeile 7788	Zeile 8115
* * @param string $username The username that the user was using. * @param string $email The email address the user was using.	* * @param string $username The username that the user was using. * @param string $email The email address the user was using.
* @param string $ip_address THe IP addres of the user.	* @param string $ip_address The IP addres of the user.
* @param array $data An array of extra data to go with the block (eg: confidence rating). * @return bool Whether the action was logged successfully. */	* @param array $data An array of extra data to go with the block (eg: confidence rating). * @return bool Whether the action was logged successfully. */
Zeile 7804	Zeile 8131
if(!$ip_address) { $ip_address = get_ip();	if(!$ip_address) { $ip_address = get_ip();
$session->packedip;
} $ip_address = my_inet_pton($ip_address);	} $ip_address = my_inet_pton($ip_address);
Zeile 7814	Zeile 8140
'email' => $db->escape_string($email), 'ipaddress' => $db->escape_binary($ip_address), 'dateline' => (int)TIME_NOW,	'email' => $db->escape_string($email), 'ipaddress' => $db->escape_binary($ip_address), 'dateline' => (int)TIME_NOW,
'data' => $db->escape_string(@serialize($data)),	'data' => $db->escape_string(@my_serialize($data)),
);	);
return (bool)$db->insert_array('spamlog', $insert_array);	return (bool)$db->insert_query('spamlog', $insert_array); } /** * Copy a file to the CDN. * * @param string $file_path The path to the file to upload to the CDN. * * @param string $uploaded_path The path the file was uploaded to, reference parameter for when this may be needed. * * @return bool Whether the file was copied successfully. */ function copy_file_to_cdn($file_path = '', &$uploaded_path = null) { global $mybb, $plugins; $success = false; $file_path = (string)$file_path; $real_file_path = realpath($file_path); $file_dir_path = dirname($real_file_path); $file_dir_path = str_replace(MYBB_ROOT, '', $file_dir_path); $file_dir_path = ltrim($file_dir_path, './\\'); $file_name = basename($real_file_path); if(file_exists($file_path)) { if($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath'])) { $cdn_path = rtrim($mybb->settings['cdnpath'], '/\\'); if(substr($file_dir_path, 0, my_strlen(MYBB_ROOT)) == MYBB_ROOT) { $file_dir_path = str_replace(MYBB_ROOT, '', $file_dir_path); } $cdn_upload_path = $cdn_path . DIRECTORY_SEPARATOR . $file_dir_path; if(!($dir_exists = is_dir($cdn_upload_path))) { $dir_exists = @mkdir($cdn_upload_path, 0777, true); } if($dir_exists) { if(($cdn_upload_path = realpath($cdn_upload_path)) !== false) { $success = @copy($file_path, $cdn_upload_path.DIRECTORY_SEPARATOR.$file_name); if($success) { $uploaded_path = $cdn_upload_path; } } } } if(is_object($plugins)) { $hook_args = array( 'file_path' => &$file_path, 'real_file_path' => &$real_file_path, 'file_name' => &$file_name, 'uploaded_path' => &$uploaded_path, 'success' => &$success, ); $plugins->run_hooks('copy_file_to_cdn_end', $hook_args); } } return $success;
}	}