Vergleich inc/datahandlers/user.php - 1.8.8 - 1.8.11

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 211Zeile 211
			$this->set_error("passwords_dont_match");
return false;
}

			$this->set_error("passwords_dont_match");
return false;
}


// MD5 the password
$user['md5password'] = md5($user['password']);

// Generate our salt
$user['salt'] = generate_salt();

// Combine the password and salt
$user['saltedpw'] = salt_password($user['md5password'], $user['salt']);

 

// Generate the user login key
$user['loginkey'] = generate_loginkey();



// Generate the user login key
$user['loginkey'] = generate_loginkey();


		return true;
}






		// Combine the password and salt
$password_fields = create_password($user['password'], false, $user);
$user = array_merge($user, $password_fields);

return true;
}


	/**
* Verifies usergroup selections and other group details.

	/**
* Verifies usergroup selections and other group details.

	*

	*

	* @return boolean True when valid, false when invalid.
*/
function verify_usergroup()

	* @return boolean True when valid, false when invalid.
*/
function verify_usergroup()

Zeile 242Zeile 237
	* @return boolean True when valid, false when invalid.
*/
function verify_email()

	* @return boolean True when valid, false when invalid.
*/
function verify_email()

	{
global $mybb;


	{
global $mybb;


		$user = &$this->data;

// Check if an email address has actually been entered.
if(trim_blank_chrs($user['email']) == '')
{
$this->set_error('missing_email');

		$user = &$this->data;

// Check if an email address has actually been entered.
if(trim_blank_chrs($user['email']) == '')
{
$this->set_error('missing_email');

			return false;
}


			return false;
}


		// Check if this is a proper email address.
if(!validate_email_format($user['email']))

		// Check if this is a proper email address.
if(!validate_email_format($user['email']))

		{

		{

			$this->set_error('invalid_email_format');

			$this->set_error('invalid_email_format');

			return false;
}

			return false;
}


// Check banned emails
if(is_banned_email($user['email'], true))
{
$this->set_error('banned_email');


// Check banned emails
if(is_banned_email($user['email'], true))
{
$this->set_error('banned_email');

			return false;
}


			return false;
}


		// Check signed up emails
// Ignore the ACP because the Merge System sometimes produces users with duplicate email addresses (Not A Bug)
if($mybb->settings['allowmultipleemails'] == 0 && !defined("IN_ADMINCP"))

		// Check signed up emails
// Ignore the ACP because the Merge System sometimes produces users with duplicate email addresses (Not A Bug)
if($mybb->settings['allowmultipleemails'] == 0 && !defined("IN_ADMINCP"))

Zeile 276Zeile 271
			if(isset($user['uid']))
{
$uid = $user['uid'];

			if(isset($user['uid']))
{
$uid = $user['uid'];

			}

			}

			if(email_already_in_use($user['email'], $uid))
{
$this->set_error('email_already_in_use');
return false;
}

			if(email_already_in_use($user['email'], $uid))
{
$this->set_error('email_already_in_use');
return false;
}

		}

		}


// If we have an "email2", verify it matches the existing email
if(isset($user['email2']) && $user['email'] != $user['email2'])
{
$this->set_error("emails_dont_match");


// If we have an "email2", verify it matches the existing email
if(isset($user['email2']) && $user['email'] != $user['email2'])
{
$this->set_error("emails_dont_match");

			return false;
}

return true;
}


			return false;
}

return true;
}


	/**
* Verifies if a website is valid or not.
*

	/**
* Verifies if a website is valid or not.
*

Zeile 302Zeile 297
	function verify_website()
{
$website = &$this->data['website'];

	function verify_website()
{
$website = &$this->data['website'];





		if(!empty($website) && !my_validate_url($website))
{
$website = 'http://'.$website;

		if(!empty($website) && !my_validate_url($website))
{
$website = 'http://'.$website;

Zeile 311Zeile 306
		if(!empty($website) && !my_validate_url($website))
{
$this->set_error('invalid_website');

		if(!empty($website) && !my_validate_url($website))
{
$this->set_error('invalid_website');

			return false;
}

return true;
}

			return false;
}

return true;
}


/**
* Verifies if an ICQ number is valid or not.


/**
* Verifies if an ICQ number is valid or not.

Zeile 361Zeile 356
		if($birthday['day'] != 0 || $birthday['month'] != 0)
{
if($birthday['day'] < 1 || $birthday['day'] > 31 || $birthday['month'] < 1 || $birthday['month'] > 12 || ($birthday['month'] == 2 && $birthday['day'] > 29))

		if($birthday['day'] != 0 || $birthday['month'] != 0)
{
if($birthday['day'] < 1 || $birthday['day'] > 31 || $birthday['month'] < 1 || $birthday['month'] > 12 || ($birthday['month'] == 2 && $birthday['day'] > 29))

			{
$this->set_error("invalid_birthday");
return false;
}

			{
$this->set_error("invalid_birthday");
return false;
}

		}

// Check if the day actually exists.

		}

// Check if the day actually exists.

Zeile 413Zeile 408
		{
// If only a day and month are specified, put together a d-m string
$user['bday'] = $birthday['day']."-".$birthday['month']."-";

		{
// If only a day and month are specified, put together a d-m string
$user['bday'] = $birthday['day']."-".$birthday['month']."-";

		}
else
{

		}
else
{

			// No field is specified, so return an empty string for an unknown birthday
$user['bday'] = '';
}

			// No field is specified, so return an empty string for an unknown birthday
$user['bday'] = '';
}

Zeile 810Zeile 805
		if($lastactive <= 0)
{
$lastactive = TIME_NOW;

		if($lastactive <= 0)
{
$lastactive = TIME_NOW;

		}
return true;


		}
return true;


	}

/**

	}

/**

Zeile 862Zeile 857

// An invalid language has been specified?
if($language != '' && !$lang->language_exists($language))


// An invalid language has been specified?
if($language != '' && !$lang->language_exists($language))

		{

		{

			$this->set_error("invalid_language");
return false;
}

			$this->set_error("invalid_language");
return false;
}

Zeile 907Zeile 902
		if($user['regcheck1'] !== "" || $user['regcheck2'] !== "true")
{
$this->set_error("invalid_checkfield");

		if($user['regcheck1'] !== "" || $user['regcheck2'] !== "true")
{
$this->set_error("invalid_checkfield");

			return false;
}
return true;
}


			return false;
}
return true;
}


	/**
* Verifies if the user timezone is valid.
* If the timezone is invalid, the board default is used.

	/**
* Verifies if the user timezone is valid.
* If the timezone is invalid, the board default is used.

Zeile 986Zeile 981
		if($this->method == "insert" || array_key_exists('icq', $user))
{
$this->verify_icq();

		if($this->method == "insert" || array_key_exists('icq', $user))
{
$this->verify_icq();

		}

		}

		if($this->method == "insert" || (isset($user['birthday']) && is_array($user['birthday'])))
{
$this->verify_birthday();
}
if($this->method == "insert" || array_key_exists('postnum', $user))

		if($this->method == "insert" || (isset($user['birthday']) && is_array($user['birthday'])))
{
$this->verify_birthday();
}
if($this->method == "insert" || array_key_exists('postnum', $user))

		{

		{

			$this->verify_postnum();
}
if($this->method == "insert" || array_key_exists('threadnum', $user))
{
$this->verify_threadnum();

			$this->verify_postnum();
}
if($this->method == "insert" || array_key_exists('threadnum', $user))
{
$this->verify_threadnum();

		}

		}

		if($this->method == "insert" || array_key_exists('profile_fields', $user))
{
$this->verify_profile_fields();
}
if($this->method == "insert" || array_key_exists('referrer', $user))

		if($this->method == "insert" || array_key_exists('profile_fields', $user))
{
$this->verify_profile_fields();
}
if($this->method == "insert" || array_key_exists('referrer', $user))

		{

		{

			$this->verify_referrer();
}
if($this->method == "insert" || array_key_exists('options', $user))
{
$this->verify_options();

			$this->verify_referrer();
}
if($this->method == "insert" || array_key_exists('options', $user))
{
$this->verify_options();

		}

		}

		if($this->method == "insert" || array_key_exists('regdate', $user))
{
$this->verify_regdate();

		if($this->method == "insert" || array_key_exists('regdate', $user))
{
$this->verify_regdate();

Zeile 1083Zeile 1078
		if(count($this->get_errors()) > 0)
{
die("The user is not valid.");

		if(count($this->get_errors()) > 0)
{
die("The user is not valid.");

		}

$user = &$this->data;

		}

$user = &$this->data;


$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'aim', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');
foreach($array as $value)


$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'aim', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');
foreach($array as $value)

Zeile 1098Zeile 1093

$this->user_insert_data = array(
"username" => $db->escape_string($user['username']),


$this->user_insert_data = array(
"username" => $db->escape_string($user['username']),

			"password" => $user['saltedpw'],

			"password" => $user['password'],

			"salt" => $user['salt'],
"loginkey" => $user['loginkey'],
"email" => $db->escape_string($user['email']),

			"salt" => $user['salt'],
"loginkey" => $user['loginkey'],
"email" => $db->escape_string($user['email']),

Zeile 1209Zeile 1204
				SET referrals=referrals+1
WHERE uid='{$this->user_insert_data['referrer']}'
");

				SET referrals=referrals+1
WHERE uid='{$this->user_insert_data['referrer']}'
");

		}


		}


		// Update forum stats
update_stats(array('numusers' => '+1'));


		// Update forum stats
update_stats(array('numusers' => '+1'));


Zeile 1260Zeile 1255
		if(isset($user['username']))
{
$this->user_update_data['username'] = $db->escape_string($user['username']);

		if(isset($user['username']))
{
$this->user_update_data['username'] = $db->escape_string($user['username']);

		}
if(isset($user['saltedpw']))
{
$this->user_update_data['password'] = $user['saltedpw'];




		}
if(isset($user['password']))
{
$this->user_update_data['password'] = $user['password'];
}
if(isset($user['salt']))
{

			$this->user_update_data['salt'] = $user['salt'];

			$this->user_update_data['salt'] = $user['salt'];

			$this->user_update_data['loginkey'] = $user['loginkey'];




		}
if(isset($user['loginkey']))
{
$this->user_update_data['loginkey'] = $user['loginkey'];

		}
if(isset($user['email']))
{
$this->user_update_data['email'] = $user['email'];
}
if(isset($user['postnum']))

		}
if(isset($user['email']))
{
$this->user_update_data['email'] = $user['email'];
}
if(isset($user['postnum']))

		{

		{

			$this->user_update_data['postnum'] = (int)$user['postnum'];
}
if(isset($user['threadnum']))
{
$this->user_update_data['threadnum'] = (int)$user['threadnum'];

			$this->user_update_data['postnum'] = (int)$user['postnum'];
}
if(isset($user['threadnum']))
{
$this->user_update_data['threadnum'] = (int)$user['threadnum'];

		}

		}

		if(isset($user['avatar']))
{
$this->user_update_data['avatar'] = $db->escape_string($user['avatar']);

		if(isset($user['avatar']))
{
$this->user_update_data['avatar'] = $db->escape_string($user['avatar']);

Zeile 1287Zeile 1288
		if(isset($user['usergroup']))
{
$this->user_update_data['usergroup'] = (int)$user['usergroup'];

		if(isset($user['usergroup']))
{
$this->user_update_data['usergroup'] = (int)$user['usergroup'];

		}

		}

		if(isset($user['additionalgroups']))
{
$this->user_update_data['additionalgroups'] = $db->escape_string($user['additionalgroups']);
}
if(isset($user['displaygroup']))

		if(isset($user['additionalgroups']))
{
$this->user_update_data['additionalgroups'] = $db->escape_string($user['additionalgroups']);
}
if(isset($user['displaygroup']))

		{

		{

			$this->user_update_data['displaygroup'] = (int)$user['displaygroup'];
}
if(isset($user['usertitle']))
{
$this->user_update_data['usertitle'] = $db->escape_string($user['usertitle']);

			$this->user_update_data['displaygroup'] = (int)$user['displaygroup'];
}
if(isset($user['usertitle']))
{
$this->user_update_data['usertitle'] = $db->escape_string($user['usertitle']);

		}

		}

		if(isset($user['regdate']))
{
$this->user_update_data['regdate'] = (int)$user['regdate'];
}
if(isset($user['lastactive']))

		if(isset($user['regdate']))
{
$this->user_update_data['regdate'] = (int)$user['regdate'];
}
if(isset($user['lastactive']))

		{

		{

			$this->user_update_data['lastactive'] = (int)$user['lastactive'];
}
if(isset($user['lastvisit']))
{
$this->user_update_data['lastvisit'] = (int)$user['lastvisit'];

			$this->user_update_data['lastactive'] = (int)$user['lastactive'];
}
if(isset($user['lastvisit']))
{
$this->user_update_data['lastvisit'] = (int)$user['lastvisit'];

		}

		}

		if(isset($user['signature']))
{
$this->user_update_data['signature'] = $db->escape_string($user['signature']);

		if(isset($user['signature']))
{
$this->user_update_data['signature'] = $db->escape_string($user['signature']);

Zeile 1361Zeile 1362
			$this->user_update_data['dateformat'] = $db->escape_string($user['dateformat']);
}
if(isset($user['timeformat']))

			$this->user_update_data['dateformat'] = $db->escape_string($user['dateformat']);
}
if(isset($user['timeformat']))

		{

		{

			$this->user_update_data['timeformat'] = $db->escape_string($user['timeformat']);
}
if(isset($user['regip']))

			$this->user_update_data['timeformat'] = $db->escape_string($user['timeformat']);
}
if(isset($user['regip']))

		{

		{

			$this->user_update_data['regip'] = $db->escape_string($user['regip']);
}
if(isset($user['language']))
{
$this->user_update_data['language'] = $db->escape_string($user['language']);

			$this->user_update_data['regip'] = $db->escape_string($user['regip']);
}
if(isset($user['language']))
{
$this->user_update_data['language'] = $db->escape_string($user['language']);

		}

		}

		if(isset($user['away']))
{
$this->user_update_data['away'] = (int)$user['away']['away'];

		if(isset($user['away']))
{
$this->user_update_data['away'] = (int)$user['away']['away'];

Zeile 1380Zeile 1381
			$this->user_update_data['awayreason'] = $db->escape_string($user['away']['awayreason']);
}
if(isset($user['notepad']))

			$this->user_update_data['awayreason'] = $db->escape_string($user['away']['awayreason']);
}
if(isset($user['notepad']))

		{

		{

			$this->user_update_data['notepad'] = $db->escape_string($user['notepad']);
}
if(isset($user['usernotes']))
{
$this->user_update_data['usernotes'] = $db->escape_string($user['usernotes']);

			$this->user_update_data['notepad'] = $db->escape_string($user['notepad']);
}
if(isset($user['usernotes']))
{
$this->user_update_data['usernotes'] = $db->escape_string($user['usernotes']);

		}

		}

		if(isset($user['options']) && is_array($user['options']))
{
foreach($user['options'] as $option => $value)

		if(isset($user['options']) && is_array($user['options']))
{
foreach($user['options'] as $option => $value)

Zeile 1395Zeile 1396
			}
}
if(array_key_exists('coppa_user', $user))

			}
}
if(array_key_exists('coppa_user', $user))

		{

		{

			$this->user_update_data['coppauser'] = (int)$user['coppa_user'];
}
// First, grab the old user details for later use.

			$this->user_update_data['coppauser'] = (int)$user['coppa_user'];
}
// First, grab the old user details for later use.

Zeile 1410Zeile 1411
		$plugins->run_hooks("datahandler_user_update", $this);

if(count($this->user_update_data) < 1 && empty($user['user_fields']))

		$plugins->run_hooks("datahandler_user_update", $this);

if(count($this->user_update_data) < 1 && empty($user['user_fields']))

		{

		{

			return false;

			return false;

		}


		}


		if(count($this->user_update_data) > 0)
{
// Actual updating happens here.
$db->update_query("users", $this->user_update_data, "uid='{$user['uid']}'");

		if(count($this->user_update_data) > 0)
{
// Actual updating happens here.
$db->update_query("users", $this->user_update_data, "uid='{$user['uid']}'");

		}


		}


		$cache->update_moderators();
if(isset($user['bday']) || isset($user['username']))
{
$cache->update_birthdays();

		$cache->update_moderators();
if(isset($user['bday']) || isset($user['username']))
{
$cache->update_birthdays();

		}

		}


if(isset($user['usergroup']) && (int)$user['usergroup'] == 5)


if(isset($user['usergroup']) && (int)$user['usergroup'] == 5)

		{

		{

			$cache->update_awaitingactivation();
}

// Maybe some userfields need to be updated?
if(isset($user['user_fields']) && is_array($user['user_fields']))

			$cache->update_awaitingactivation();
}

// Maybe some userfields need to be updated?
if(isset($user['user_fields']) && is_array($user['user_fields']))

		{

		{

			$query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'");
$fields = $db->fetch_array($query);
if(!$fields['ufid'])

			$query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'");
$fields = $db->fetch_array($query);
if(!$fields['ufid'])

Zeile 1502Zeile 1503
		$this->delete_uids = array_map('intval', (array)$delete_uids);

foreach($this->delete_uids as $key => $uid)

		$this->delete_uids = array_map('intval', (array)$delete_uids);

foreach($this->delete_uids as $key => $uid)

		{

		{

			if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])
{
// Remove super admins

			if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])
{
// Remove super admins

Zeile 1586Zeile 1587
		$cache->update_forumsdisplay();
$cache->update_reportedcontent();
$cache->update_awaitingactivation();

		$cache->update_forumsdisplay();
$cache->update_reportedcontent();
$cache->update_awaitingactivation();

 
		$cache->update_birthdays();


return $this->return_values;
}


return $this->return_values;
}

Zeile 1596Zeile 1598
	 * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)
*/
function delete_content($delete_uids=false)

	 * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)
*/
function delete_content($delete_uids=false)

	{
global $db, $plugins, $mybb;

if($delete_uids != false)
{
$this->delete_uids = array_map('intval', (array)$delete_uids);

foreach($this->delete_uids as $key => $uid)
{
if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])
{
// Remove super admins
unset($this->delete_uids[$key]);
}

	{
global $db, $plugins, $mybb;

if($delete_uids != false)
{
$this->delete_uids = array_map('intval', (array)$delete_uids);

foreach($this->delete_uids as $key => $uid)
{
if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])
{
// Remove super admins
unset($this->delete_uids[$key]);
}

			}

$this->delete_uids = implode(',', $this->delete_uids);

			}

$this->delete_uids = implode(',', $this->delete_uids);

Zeile 1650Zeile 1652

// Update the reports made by the deleted users by setting the uid to 0
$db->update_query('reportedcontent', array('uid' => 0), "uid IN({$this->delete_uids})");


// Update the reports made by the deleted users by setting the uid to 0
$db->update_query('reportedcontent', array('uid' => 0), "uid IN({$this->delete_uids})");


// Remove any of the user(s) uploaded avatars
require_once MYBB_ROOT.'inc/functions_upload.php';
foreach(explode(',', $this->delete_uids) as $uid)
{
remove_avatars($uid);
}
}

/**


// Remove any of the user(s) uploaded avatars
require_once MYBB_ROOT.'inc/functions_upload.php';
foreach(explode(',', $this->delete_uids) as $uid)
{
remove_avatars($uid);
}
}

/**

	 * Provides a method to delete an users posts and threads
*
* @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)

	 * Provides a method to delete an users posts and threads
*
* @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)

Zeile 1706Zeile 1708
		while($pid = $db->fetch_field($query, 'pid'))
{
$moderation->delete_post($pid);

		while($pid = $db->fetch_field($query, 'pid'))
{
$moderation->delete_post($pid);

		}
}


		}
}


	/**
* Provides a method to clear an users profile
*

	/**
* Provides a method to clear an users profile
*

Zeile 1758Zeile 1760
		);

if($gid > 0)

		);

if($gid > 0)

		{

		{

			$update["usergroup"] = (int)$gid;

			$update["usergroup"] = (int)$gid;

		}

$plugins->run_hooks('datahandler_user_clear_profile', $this);

		}

$plugins->run_hooks('datahandler_user_clear_profile', $this);


if(empty($this->delete_uids))


if(empty($this->delete_uids))

		{

		{

			return;

			return;

		}


		}


		$db->update_query("users", $update, "uid IN({$this->delete_uids})");
$db->delete_query('userfields', "ufid IN({$this->delete_uids})");

		$db->update_query("users", $update, "uid IN({$this->delete_uids})");
$db->delete_query('userfields', "ufid IN({$this->delete_uids})");





		// Remove any of the user(s) uploaded avatars
require_once MYBB_ROOT.'inc/functions_upload.php';
foreach(explode(',', $this->delete_uids) as $uid)

		// Remove any of the user(s) uploaded avatars
require_once MYBB_ROOT.'inc/functions_upload.php';
foreach(explode(',', $this->delete_uids) as $uid)

Zeile 1783Zeile 1785
	public function verify_signature()
{
global $mybb, $parser;

	public function verify_signature()
{
global $mybb, $parser;





		if(!isset($parser))
{
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;
}

		if(!isset($parser))
{
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;
}





		$parser_options = array(
'allow_html' => $mybb->settings['sightml'],
'filter_badwords' => 1,

		$parser_options = array(
'allow_html' => $mybb->settings['sightml'],
'filter_badwords' => 1,

Zeile 1798Zeile 1800
			'allow_imgcode' => $mybb->settings['sigimgcode'],
"filter_badwords" => 1
);

			'allow_imgcode' => $mybb->settings['sigimgcode'],
"filter_badwords" => 1
);





		$parsed_sig = $parser->parse_message($this->data['signature'], $parser_options);

if((($mybb->settings['sigimgcode'] == 0 && $mybb->settings['sigsmilies'] != 1) &&

		$parsed_sig = $parser->parse_message($this->data['signature'], $parser_options);

if((($mybb->settings['sigimgcode'] == 0 && $mybb->settings['sigsmilies'] != 1) &&

Zeile 1808Zeile 1810
		)
{
$imgsallowed = 0;

		)
{
$imgsallowed = 0;

			



			if($mybb->settings['sigimgcode'] == 1)
{
$imgsallowed = $mybb->settings['maxsigimages'];

			if($mybb->settings['sigimgcode'] == 1)
{
$imgsallowed = $mybb->settings['maxsigimages'];