Vergleich inc/functions.php - 1.8.9 - 1.8.12

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 343	Zeile 343
{ if(isset($mybb->user['uid']) && $mybb->user['uid'] != 0 && array_key_exists("timezone", $mybb->user)) {	{ if(isset($mybb->user['uid']) && $mybb->user['uid'] != 0 && array_key_exists("timezone", $mybb->user)) {
$offset = $mybb->user['timezone'];	$offset = (float)$mybb->user['timezone'];
$dstcorrection = $mybb->user['dst']; } elseif(defined("IN_ADMINCP")) {	$dstcorrection = $mybb->user['dst']; } elseif(defined("IN_ADMINCP")) {
$offset = $mybbadmin['timezone'];	$offset = (float)$mybbadmin['timezone'];
$dstcorrection = $mybbadmin['dst']; } else {	$dstcorrection = $mybbadmin['dst']; } else {
$offset = $mybb->settings['timezoneoffset'];	$offset = (float)$mybb->settings['timezoneoffset'];
$dstcorrection = $mybb->settings['dstcorrection']; }	$dstcorrection = $mybb->settings['dstcorrection']; }
Zeile 400	Zeile 400
if($format == 'relative') { // Relative formats both date and time	if($format == 'relative') { // Relative formats both date and time
	$real_date = $real_time = ''; if($adodb == true) { $real_date = adodb_date($mybb->settings['dateformat'], $stamp + ($offset * 3600)); $real_time = $mybb->settings['datetimesep']; $real_time .= adodb_date($mybb->settings['timeformat'], $stamp + ($offset * 3600)); } else { $real_date = gmdate($mybb->settings['dateformat'], $stamp + ($offset * 3600)); $real_time = $mybb->settings['datetimesep']; $real_time .= gmdate($mybb->settings['timeformat'], $stamp + ($offset * 3600)); }
if($ty != 2 && abs(TIME_NOW - $stamp) < 3600) { $diff = TIME_NOW - $stamp;	if($ty != 2 && abs(TIME_NOW - $stamp) < 3600) { $diff = TIME_NOW - $stamp;
Zeile 411	Zeile 425
$relative['suffix'] = ''; $relative['prefix'] = $lang->rel_in; }	$relative['suffix'] = ''; $relative['prefix'] = $lang->rel_in; }

$relative['minute'] = floor($diff / 60); if($relative['minute'] <= 1)	$relative['minute'] = floor($diff / 60); if($relative['minute'] <= 1)
{	{
$relative['minute'] = 1; $relative['plural'] = $lang->rel_minutes_single;	$relative['minute'] = 1; $relative['plural'] = $lang->rel_minutes_single;
}	}
if($diff <= 60) { // Less than a minute $relative['prefix'] = $lang->rel_less_than; }	if($diff <= 60) { // Less than a minute $relative['prefix'] = $lang->rel_less_than; }
$date = $lang->sprintf($lang->rel_time, $relative['prefix'], $relative['minute'], $relative['plural'], $relative['suffix']);	$date = $lang->sprintf($lang->rel_time, $relative['prefix'], $relative['minute'], $relative['plural'], $relative['suffix'], $real_date, $real_time);
} elseif($ty != 2 && abs(TIME_NOW - $stamp) < 43200) { $diff = TIME_NOW - $stamp; $relative = array('prefix' => '', 'hour' => 0, 'plural' => $lang->rel_hours_plural, 'suffix' => $lang->rel_ago);	} elseif($ty != 2 && abs(TIME_NOW - $stamp) < 43200) { $diff = TIME_NOW - $stamp; $relative = array('prefix' => '', 'hour' => 0, 'plural' => $lang->rel_hours_plural, 'suffix' => $lang->rel_ago);

if($diff < 0) { $diff = abs($diff); $relative['suffix'] = ''; $relative['prefix'] = $lang->rel_in;	if($diff < 0) { $diff = abs($diff); $relative['suffix'] = ''; $relative['prefix'] = $lang->rel_in;
} $relative['hour'] = floor($diff / 3600);	} $relative['hour'] = floor($diff / 3600);
if($relative['hour'] <= 1) { $relative['hour'] = 1; $relative['plural'] = $lang->rel_hours_single;	if($relative['hour'] <= 1) { $relative['hour'] = 1; $relative['plural'] = $lang->rel_hours_single;
} $date = $lang->sprintf($lang->rel_time, $relative['prefix'], $relative['hour'], $relative['plural'], $relative['suffix']); }	} $date = $lang->sprintf($lang->rel_time, $relative['prefix'], $relative['hour'], $relative['plural'], $relative['suffix'], $real_date, $real_time); }
else { if($ty) { if($todaysdate == $date)	else { if($ty) { if($todaysdate == $date)
{ $date = $lang->today;	{ $date = $lang->sprintf($lang->today, $real_date);
} else if($yesterdaysdate == $date) {	} else if($yesterdaysdate == $date) {
$date = $lang->yesterday;	$date = $lang->sprintf($lang->yesterday, $real_date);
} } $date .= $mybb->settings['datetimesep'];	} } $date .= $mybb->settings['datetimesep'];
if($adodb == true) {	if($adodb == true) {
$date .= adodb_date($mybb->settings['timeformat'], $stamp + ($offset * 3600)); } else	$date .= adodb_date($mybb->settings['timeformat'], $stamp + ($offset * 3600)); } else
Zeile 481	Zeile 495
{ if($todaysdate == $date) {	{ if($todaysdate == $date) {
$date = $lang->today;	$date = $lang->sprintf($lang->today, $real_date);
} else if($yesterdaysdate == $date) {	} else if($yesterdaysdate == $date) {
$date = $lang->yesterday;	$date = $lang->sprintf($lang->yesterday, $real_date);
} } else	} } else
Zeile 499	Zeile 513
$date = gmdate($format, $stamp + ($offset * 3600)); } }	$date = gmdate($format, $stamp + ($offset * 3600)); } }
}	}
if(is_object($plugins)) { $date = $plugins->run_hooks("my_date", $date);	if(is_object($plugins)) { $date = $plugins->run_hooks("my_date", $date);
Zeile 531	Zeile 545
// Does our object not exist? Create it if(!is_object($mail))	// Does our object not exist? Create it if(!is_object($mail))
{	{
require_once MYBB_ROOT."inc/class_mailhandler.php"; if($mybb->settings['mail_handler'] == 'smtp')	require_once MYBB_ROOT."inc/class_mailhandler.php"; if($mybb->settings['mail_handler'] == 'smtp')
Zeile 783	Zeile 797
eval("\$errorpage = \"".$templates->get("error")."\";"); output_page($errorpage);	eval("\$errorpage = \"".$templates->get("error")."\";"); output_page($errorpage);
exit; }	exit; }
/** * Produce an error message for displaying inline on a page *	/** * Produce an error message for displaying inline on a page *
Zeile 799	Zeile 813
global $theme, $mybb, $db, $lang, $templates; if(!$title)	global $theme, $mybb, $db, $lang, $templates; if(!$title)
{	{
$title = $lang->please_correct_errors;	$title = $lang->please_correct_errors;
}	}
if(!is_array($errors)) { $errors = array($errors); }	if(!is_array($errors)) { $errors = array($errors); }

// AJAX error message? if($mybb->get_input('ajax', MyBB::INPUT_INT)) {	// AJAX error message? if($mybb->get_input('ajax', MyBB::INPUT_INT)) {
Zeile 815	Zeile 829
@header("Content-type: application/json; charset={$lang->settings['charset']}"); if(empty($json_data))	@header("Content-type: application/json; charset={$lang->settings['charset']}"); if(empty($json_data))
{	{
echo json_encode(array("errors" => $errors)); } else	echo json_encode(array("errors" => $errors)); } else
Zeile 823	Zeile 837
echo json_encode(array_merge(array("errors" => $errors), $json_data)); } exit;	echo json_encode(array_merge(array("errors" => $errors), $json_data)); } exit;
}	}
$errorlist = ''; foreach($errors as $error) { $errorlist .= "<li>".$error."</li>\n";	$errorlist = ''; foreach($errors as $error) { $errorlist .= "<li>".$error."</li>\n";
} eval("\$errors = \"".$templates->get("error_inline")."\";");	} eval("\$errors = \"".$templates->get("error_inline")."\";");
return $errors; }	return $errors; }
Zeile 846	Zeile 860
$time = TIME_NOW; $plugins->run_hooks("no_permission");	$time = TIME_NOW; $plugins->run_hooks("no_permission");

$noperm_array = array ( "nopermission" => '1', "location1" => 0,	$noperm_array = array ( "nopermission" => '1', "location1" => 0,
Zeile 861	Zeile 875
header("Content-type: application/json; charset={$lang->settings['charset']}"); echo json_encode(array("errors" => array($lang->error_nopermission_user_ajax))); exit;	header("Content-type: application/json; charset={$lang->settings['charset']}"); echo json_encode(array("errors" => array($lang->error_nopermission_user_ajax))); exit;
}	}
if($mybb->user['uid'])	if($mybb->user['uid'])
{	{
$lang->error_nopermission_user_username = $lang->sprintf($lang->error_nopermission_user_username, htmlspecialchars_uni($mybb->user['username'])); eval("\$errorpage = \"".$templates->get("error_nopermission_loggedin")."\";"); }	$lang->error_nopermission_user_username = $lang->sprintf($lang->error_nopermission_user_username, htmlspecialchars_uni($mybb->user['username'])); eval("\$errorpage = \"".$templates->get("error_nopermission_loggedin")."\";"); }
Zeile 875	Zeile 889
if($_SERVER['QUERY_STRING']) { $redirect_url .= '?'.$_SERVER['QUERY_STRING'];	if($_SERVER['QUERY_STRING']) { $redirect_url .= '?'.$_SERVER['QUERY_STRING'];
} $redirect_url = htmlspecialchars_uni($redirect_url);	} $redirect_url = htmlspecialchars_uni($redirect_url);
switch($mybb->settings['username_method']) { case 0:	switch($mybb->settings['username_method']) { case 0:
Zeile 909	Zeile 923
* @param boolean $force_redirect Force the redirect page regardless of settings */ function redirect($url, $message="", $title="", $force_redirect=false)	* @param boolean $force_redirect Force the redirect page regardless of settings */ function redirect($url, $message="", $title="", $force_redirect=false)
{	{
global $header, $footer, $mybb, $theme, $headerinclude, $templates, $lang, $plugins; $redirect_args = array('url' => &$url, 'message' => &$message, 'title' => &$title);	global $header, $footer, $mybb, $theme, $headerinclude, $templates, $lang, $plugins; $redirect_args = array('url' => &$url, 'message' => &$message, 'title' => &$title);
Zeile 966	Zeile 980
run_shutdown();	run_shutdown();
if(!my_validate_url($url, true))	if(!my_validate_url($url, true, true))
{ header("Location: {$mybb->settings['bburl']}/{$url}"); }	{ header("Location: {$mybb->settings['bburl']}/{$url}"); }
Zeile 1288	Zeile 1302
$group = $groupscache[$gid]; foreach($displaygroupfields as $field)	$group = $groupscache[$gid]; foreach($displaygroupfields as $field)
{	{
$displaygroup[$field] = $group[$field]; }	$displaygroup[$field] = $group[$field]; }
Zeile 1412	Zeile 1426
if(!empty($fpermcache[$parent_id][$gid])) { $level_permissions = $fpermcache[$parent_id][$gid];	if(!empty($fpermcache[$parent_id][$gid])) { $level_permissions = $fpermcache[$parent_id][$gid];
break; }	break; }
} } }	} } }
Zeile 1440	Zeile 1454
if($level_permissions["canpostreplys"] && empty($level_permissions["canonlyreplyownthreads"])) { $only_reply_own_threads = 0;	if($level_permissions["canpostreplys"] && empty($level_permissions["canonlyreplyownthreads"])) { $only_reply_own_threads = 0;
} } }	} } }
// Figure out if we can view more than our own threads if($only_view_own_threads == 0) {	// Figure out if we can view more than our own threads if($only_view_own_threads == 0) {
Zeile 1488	Zeile 1502
// Loop through each of parent forums to ensure we have a password for them too if(isset($forum_cache[$fid]['parentlist']))	// Loop through each of parent forums to ensure we have a password for them too if(isset($forum_cache[$fid]['parentlist']))
{	{
$parents = explode(',', $forum_cache[$fid]['parentlist']); rsort($parents); }	$parents = explode(',', $forum_cache[$fid]['parentlist']); rsort($parents); }
Zeile 1516	Zeile 1530
if($password === $mybb->get_input('pwverify')) { my_setcookie("forumpass[$fid]", md5($mybb->user['uid'].$mybb->get_input('pwverify')), null, true);	if($password === $mybb->get_input('pwverify')) { my_setcookie("forumpass[$fid]", md5($mybb->user['uid'].$mybb->get_input('pwverify')), null, true);
$showform = false; } else	$showform = false; } else
{ eval("\$pwnote = \"".$templates->get("forumdisplay_password_wrongpass")."\";");	{ eval("\$pwnote = \"".$templates->get("forumdisplay_password_wrongpass")."\";");
$showform = true; }	$showform = true; }
} else { if(!$mybb->cookies['forumpass'][$fid] \|\| ($mybb->cookies['forumpass'][$fid] && md5($mybb->user['uid'].$password) !== $mybb->cookies['forumpass'][$fid]))	} else { if(!$mybb->cookies['forumpass'][$fid] \|\| ($mybb->cookies['forumpass'][$fid] && md5($mybb->user['uid'].$password) !== $mybb->cookies['forumpass'][$fid]))
{	{
$showform = true;	$showform = true;
}	}
else { $showform = false;	else { $showform = false;
} } } else { $showform = false;	} } } else { $showform = false;
} if($return)	} if($return)
Zeile 1553	Zeile 1567
header("Location: ".$mybb->settings['bburl']."/".get_forum_link($fid)); } else	header("Location: ".$mybb->settings['bburl']."/".get_forum_link($fid)); } else
{	{
$_SERVER['REQUEST_URI'] = htmlspecialchars_uni($_SERVER['REQUEST_URI']); eval("\$pwform = \"".$templates->get("forumdisplay_password")."\";"); output_page($pwform);	$_SERVER['REQUEST_URI'] = htmlspecialchars_uni($_SERVER['REQUEST_URI']); eval("\$pwform = \"".$templates->get("forumdisplay_password")."\";"); output_page($pwform);
Zeile 1583	Zeile 1597
if($uid == 0) { return false;	if($uid == 0) { return false;
}	}
if(isset($modpermscache[$fid][$uid]))	if(isset($modpermscache[$fid][$uid]))
{	{
return $modpermscache[$fid][$uid];	return $modpermscache[$fid][$uid];
}	}
if(!$parentslist) { $parentslist = explode(',', get_parent_list($fid)); }	if(!$parentslist) { $parentslist = explode(',', get_parent_list($fid)); }

// Get user groups $perms = array(); $user = get_user($uid); $groups = array($user['usergroup']);	// Get user groups $perms = array(); $user = get_user($uid); $groups = array($user['usergroup']);

if(!empty($user['additionalgroups'])) { $extra_groups = explode(",", $user['additionalgroups']);	if(!empty($user['additionalgroups'])) { $extra_groups = explode(",", $user['additionalgroups']);
Zeile 1616	Zeile 1630
foreach($mod_cache as $forumid => $forum) { if(!is_array($forum) \|\| !in_array($forumid, $parentslist))	foreach($mod_cache as $forumid => $forum) { if(!is_array($forum) \|\| !in_array($forumid, $parentslist))
{	{
// No perms or we're not after this forum continue; }	// No perms or we're not after this forum continue; }

// User settings override usergroup settings if(is_array($forum['users'][$uid])) { $perm = $forum['users'][$uid];	// User settings override usergroup settings if(is_array($forum['users'][$uid])) { $perm = $forum['users'][$uid];
foreach($perm as $action => $value) { if(strpos($action, "can") === false) { continue; }	foreach($perm as $action => $value) { if(strpos($action, "can") === false) { continue; }
// Figure out the user permissions if($value == 0) {	// Figure out the user permissions if($value == 0) {
Zeile 1662	Zeile 1676
} $perms[$action] = max($perm[$action], $perms[$action]);	} $perms[$action] = max($perm[$action], $perms[$action]);
}	}
} }	} }
Zeile 2039	Zeile 2053
} switch($state)	} switch($state)
{	{
case 3: // in array, expecting value or another array if($type == 'a') {	case 3: // in array, expecting value or another array if($type == 'a') {
Zeile 2052	Zeile 2066
$stack[] = &$list; $list[$key] = array(); $list = &$list[$key];	$stack[] = &$list; $list[$key] = array(); $list = &$list[$key];
$expected[] = $expectedLength; $state = 2; break; }	$expected[] = $expectedLength; $state = 2; break; }
if($type != '}') { $list[$key] = $value; $state = 2; break; }	if($type != '}') { $list[$key] = $value; $state = 2; break; }

// missing array value return false; case 2: // in array, expecting end of array or a key	// missing array value return false; case 2: // in array, expecting end of array or a key
if($type == '}')	if($type == '}')
{ if(count($list) < end($expected)) {	{ if(count($list) < end($expected)) {
Zeile 2109	Zeile 2123
case 0: // expecting array or value if($type == 'a')	case 0: // expecting array or value if($type == 'a')
{	{
if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH) { // array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH	if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH) { // array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
Zeile 2152	Zeile 2166
function my_unserialize($str) { // Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()	function my_unserialize($str) { // Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()
if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2)) { $mbIntEnc = mb_internal_encoding(); mb_internal_encoding('ASCII'); } $out = _safe_unserialize($str); if(isset($mbIntEnc)) { mb_internal_encoding($mbIntEnc); }	if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2)) { $mbIntEnc = mb_internal_encoding(); mb_internal_encoding('ASCII'); } $out = _safe_unserialize($str); if(isset($mbIntEnc)) { mb_internal_encoding($mbIntEnc); }
return $out; }	return $out; }
Zeile 2416	Zeile 2430
if($new_stats[$counter] < 0) { $new_stats[$counter] = 0;	if($new_stats[$counter] < 0) { $new_stats[$counter] = 0;
} } } }	} } } }
if(!$force) {	if(!$force) {
Zeile 2434	Zeile 2448
$lastmember = $db->fetch_array($query); $new_stats['lastuid'] = $lastmember['uid']; $new_stats['lastusername'] = $lastmember['username'] = htmlspecialchars_uni($lastmember['username']);	$lastmember = $db->fetch_array($query); $new_stats['lastuid'] = $lastmember['uid']; $new_stats['lastusername'] = $lastmember['username'] = htmlspecialchars_uni($lastmember['username']);
}	}
if(!empty($new_stats)) { if(is_array($stats))	if(!empty($new_stats)) { if(is_array($stats))
Zeile 2482	Zeile 2496
foreach($counters as $counter) { if(array_key_exists($counter, $changes))	foreach($counters as $counter) { if(array_key_exists($counter, $changes))
{	{
if(substr($changes[$counter], 0, 2) == "+-")	if(substr($changes[$counter], 0, 2) == "+-")
{	{
$changes[$counter] = substr($changes[$counter], 1);	$changes[$counter] = substr($changes[$counter], 1);
}	}
// Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-") {	// Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-") {
Zeile 2498	Zeile 2512
else { $update_query[$counter] = $changes[$counter];	else { $update_query[$counter] = $changes[$counter];
}	}
// Less than 0? That's bad if(isset($update_query[$counter]) && $update_query[$counter] < 0)	// Less than 0? That's bad if(isset($update_query[$counter]) && $update_query[$counter] < 0)
Zeile 2530	Zeile 2544
} if(array_key_exists('unapprovedthreads', $update_query))	} if(array_key_exists('unapprovedthreads', $update_query))
{	{
$unapprovedthreads_diff = $update_query['unapprovedthreads'] - $forum['unapprovedthreads']; if($unapprovedthreads_diff > -1) {	$unapprovedthreads_diff = $update_query['unapprovedthreads'] - $forum['unapprovedthreads']; if($unapprovedthreads_diff > -1) {
Zeile 2545	Zeile 2559
if(array_key_exists('posts', $update_query)) { $posts_diff = $update_query['posts'] - $forum['posts'];	if(array_key_exists('posts', $update_query)) { $posts_diff = $update_query['posts'] - $forum['posts'];
if($posts_diff > -1)	if($posts_diff > -1)
{ $new_stats['numposts'] = "+{$posts_diff}"; } else	{ $new_stats['numposts'] = "+{$posts_diff}"; } else
{	{
$new_stats['numposts'] = "{$posts_diff}"; } }	$new_stats['numposts'] = "{$posts_diff}"; } }
Zeile 2559	Zeile 2573
{ $unapprovedposts_diff = $update_query['unapprovedposts'] - $forum['unapprovedposts']; if($unapprovedposts_diff > -1)	{ $unapprovedposts_diff = $update_query['unapprovedposts'] - $forum['unapprovedposts']; if($unapprovedposts_diff > -1)
{	{
$new_stats['numunapprovedposts'] = "+{$unapprovedposts_diff}"; } else	$new_stats['numunapprovedposts'] = "+{$unapprovedposts_diff}"; } else
Zeile 2574	Zeile 2588
if($deletedposts_diff > -1) { $new_stats['numdeletedposts'] = "+{$deletedposts_diff}";	if($deletedposts_diff > -1) { $new_stats['numdeletedposts'] = "+{$deletedposts_diff}";
} else	} else
{ $new_stats['numdeletedposts'] = "{$deletedposts_diff}"; }	{ $new_stats['numdeletedposts'] = "{$deletedposts_diff}"; }
Zeile 2585	Zeile 2599
{ $deletedthreads_diff = $update_query['deletedthreads'] - $forum['deletedthreads']; if($deletedthreads_diff > -1)	{ $deletedthreads_diff = $update_query['deletedthreads'] - $forum['deletedthreads']; if($deletedthreads_diff > -1)
{	{
$new_stats['numdeletedthreads'] = "+{$deletedthreads_diff}"; } else	$new_stats['numdeletedthreads'] = "+{$deletedthreads_diff}"; } else
{	{
$new_stats['numdeletedthreads'] = "{$deletedthreads_diff}"; } }	$new_stats['numdeletedthreads'] = "{$deletedthreads_diff}"; } }
Zeile 2618	Zeile 2632
LIMIT 0, 1 "); $lastpost = $db->fetch_array($query);	LIMIT 0, 1 "); $lastpost = $db->fetch_array($query);

$updated_forum = array( "lastpost" => (int)$lastpost['lastpost'], "lastposter" => $db->escape_string($lastpost['lastposter']),	$updated_forum = array( "lastpost" => (int)$lastpost['lastpost'], "lastposter" => $db->escape_string($lastpost['lastposter']),
Zeile 2648	Zeile 2662
// Fetch above counters for this thread $query = $db->simple_select("threads", implode(",", $counters), "tid='{$tid}'"); $thread = $db->fetch_array($query);	// Fetch above counters for this thread $query = $db->simple_select("threads", implode(",", $counters), "tid='{$tid}'"); $thread = $db->fetch_array($query);

foreach($counters as $counter) { if(array_key_exists($counter, $changes)) { if(substr($changes[$counter], 0, 2) == "+-")	foreach($counters as $counter) { if(array_key_exists($counter, $changes)) { if(substr($changes[$counter], 0, 2) == "+-")
{	{
$changes[$counter] = substr($changes[$counter], 1); } // Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-")	$changes[$counter] = substr($changes[$counter], 1); } // Adding or subtracting from previous value? if(substr($changes[$counter], 0, 1) == "+" \|\| substr($changes[$counter], 0, 1) == "-")
{	{
if((int)$changes[$counter] != 0) { $update_query[$counter] = $thread[$counter] + $changes[$counter];	if((int)$changes[$counter] != 0) { $update_query[$counter] = $thread[$counter] + $changes[$counter];
} } else { $update_query[$counter] = $changes[$counter]; } // Less than 0? That's bad if(isset($update_query[$counter]) && $update_query[$counter] < 0)	} } else { $update_query[$counter] = $changes[$counter]; } // Less than 0? That's bad if(isset($update_query[$counter]) && $update_query[$counter] < 0)
{ $update_query[$counter] = 0; }	{ $update_query[$counter] = 0; }
Zeile 2920	Zeile 2934
{ $newdepth = $depth."--"; $forumjumpbits .= build_forum_jump($forum['fid'], $selitem, 0, $newdepth, $showextras, $showall);	{ $newdepth = $depth."--"; $forumjumpbits .= build_forum_jump($forum['fid'], $selitem, 0, $newdepth, $showextras, $showall);
} } }	} } }
} }	} }
Zeile 3425	Zeile 3439
$extra_class = ''; foreach($smiliecache as $smilie)	$extra_class = ''; foreach($smiliecache as $smilie)
{	{
if($i < $mybb->settings['smilieinsertertot'] && $smilie['showclickable'] != 0) { $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']);	if($i < $mybb->settings['smilieinsertertot'] && $smilie['showclickable'] != 0) { $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']);
Zeile 3499	Zeile 3513
$prefix_cache = $cache->read("threadprefixes"); if(!is_array($prefix_cache))	$prefix_cache = $cache->read("threadprefixes"); if(!is_array($prefix_cache))
{	{
// No cache $prefix_cache = $cache->read("threadprefixes", true);	// No cache $prefix_cache = $cache->read("threadprefixes", true);
Zeile 3513	Zeile 3527
foreach($prefix_cache as $prefix) { $prefixes_cache[$prefix['pid']] = $prefix;	foreach($prefix_cache as $prefix) { $prefixes_cache[$prefix['pid']] = $prefix;
}	}
if($pid != 0 && is_array($prefixes_cache[$pid])) {	if($pid != 0 && is_array($prefixes_cache[$pid])) {
Zeile 3543	Zeile 3557
if($fid != 'all') { $fid = (int)$fid;	if($fid != 'all') { $fid = (int)$fid;
} $prefix_cache = build_prefixes(0); if(empty($prefix_cache)) { // We've got no prefixes to show return ''; }	} $prefix_cache = build_prefixes(0); if(empty($prefix_cache)) { // We've got no prefixes to show return ''; }
// Go through each of our prefixes and decide which ones we can use $prefixes = array();	// Go through each of our prefixes and decide which ones we can use $prefixes = array();
Zeile 3565	Zeile 3579
{ // This prefix is not in our forum list continue;	{ // This prefix is not in our forum list continue;
} }	} }
if(is_member($prefix['groups']) \|\| $prefix['pid'] == $previous_pid) {	if(is_member($prefix['groups']) \|\| $prefix['pid'] == $previous_pid) {
Zeile 3598	Zeile 3612
} foreach($prefixes as $prefix)	} foreach($prefixes as $prefix)
{	{
$selected = ""; if($prefix['pid'] == $selected_pid) {	$selected = ""; if($prefix['pid'] == $selected_pid) {
Zeile 3661	Zeile 3675
// This prefix is for anybody to use... $prefixes[$prefix['pid']] = $prefix; }	// This prefix is for anybody to use... $prefixes[$prefix['pid']] = $prefix; }
}	}
if(empty($prefixes))	if(empty($prefixes))
{	{
return '';	return '';
}	}
$default_selected = array(); $selected_pid = (int)$selected_pid; if($selected_pid == 0)	$default_selected = array(); $selected_pid = (int)$selected_pid; if($selected_pid == 0)
{	{
$default_selected['all'] = ' selected="selected"'; } else if($selected_pid == -1)	$default_selected['all'] = ' selected="selected"'; } else if($selected_pid == -1)
{	{
$default_selected['none'] = ' selected="selected"';	$default_selected['none'] = ' selected="selected"';
}	}
else if($selected_pid == -2)	else if($selected_pid == -2)
{	{
$default_selected['any'] = ' selected="selected"'; }	$default_selected['any'] = ' selected="selected"'; }

foreach($prefixes as $prefix) { $selected = ''; if($prefix['pid'] == $selected_pid) { $selected = ' selected="selected"';	foreach($prefixes as $prefix) { $selected = ''; if($prefix['pid'] == $selected_pid) { $selected = ' selected="selected"';
}	}
$prefix['prefix'] = htmlspecialchars_uni($prefix['prefix']); eval('$prefixselect_prefix .= "'.$templates->get("forumdisplay_threadlist_prefixes_prefix").'";'); }	$prefix['prefix'] = htmlspecialchars_uni($prefix['prefix']); eval('$prefixselect_prefix .= "'.$templates->get("forumdisplay_threadlist_prefixes_prefix").'";'); }

eval('$prefixselect = "'.$templates->get("forumdisplay_threadlist_prefixes").'";'); return $prefixselect; }	eval('$prefixselect = "'.$templates->get("forumdisplay_threadlist_prefixes").'";'); return $prefixselect; }
Zeile 3706	Zeile 3720
* @param string $contents The string to encode * @param int $level The level (1-9) to encode at * @return string The encoded string	* @param string $contents The string to encode * @param int $level The level (1-9) to encode at * @return string The encoded string
*/	*/
function gzip_encode($contents, $level=1) { if(function_exists("gzcompress") && function_exists("crc32") && !headers_sent() && !(ini_get('output_buffering') && my_strpos(' '.ini_get('output_handler'), 'ob_gzhandler')))	function gzip_encode($contents, $level=1) { if(function_exists("gzcompress") && function_exists("crc32") && !headers_sent() && !(ini_get('output_buffering') && my_strpos(' '.ini_get('output_handler'), 'ob_gzhandler')))
Zeile 3716	Zeile 3730
if(isset($_SERVER['HTTP_ACCEPT_ENCODING'])) { $httpaccept_encoding = $_SERVER['HTTP_ACCEPT_ENCODING'];	if(isset($_SERVER['HTTP_ACCEPT_ENCODING'])) { $httpaccept_encoding = $_SERVER['HTTP_ACCEPT_ENCODING'];
}	}
if(my_strpos(" ".$httpaccept_encoding, "x-gzip")) { $encoding = "x-gzip";	if(my_strpos(" ".$httpaccept_encoding, "x-gzip")) { $encoding = "x-gzip";
}	}
if(my_strpos(" ".$httpaccept_encoding, "gzip")) { $encoding = "gzip";	if(my_strpos(" ".$httpaccept_encoding, "gzip")) { $encoding = "gzip";
Zeile 3767	Zeile 3781
{ $fid = (int)$data['fid']; unset($data['fid']);	{ $fid = (int)$data['fid']; unset($data['fid']);
}	}
$tid = 0; if(isset($data['tid'])) {	$tid = 0; if(isset($data['tid'])) {
Zeile 3800	Zeile 3814
"ipaddress" => $db->escape_binary($session->packedip) ); $db->insert_query("moderatorlog", $sql_array);	"ipaddress" => $db->escape_binary($session->packedip) ); $db->insert_query("moderatorlog", $sql_array);
}	}
/** * Get the formatted reputation for a user. *	/** * Get the formatted reputation for a user. *
Zeile 3817	Zeile 3831
if($reputation < 0) { $reputation_class = "reputation_negative";	if($reputation < 0) { $reputation_class = "reputation_negative";
}	}
elseif($reputation > 0) { $reputation_class = "reputation_positive";	elseif($reputation > 0) { $reputation_class = "reputation_positive";
} else	} else
{ $reputation_class = "reputation_neutral";	{ $reputation_class = "reputation_neutral";
}	}
$reputation = my_number_format($reputation); if($uid != 0) { eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted_link")."\";");	$reputation = my_number_format($reputation); if($uid != 0) { eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted_link")."\";");
} else	} else
{ eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted")."\";"); }	{ eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted")."\";"); }
Zeile 3895	Zeile 3909
elseif(isset($_SERVER['HTTP_X_REAL_IP'])) { $addresses = explode(',', strtolower($_SERVER['HTTP_X_REAL_IP']));	elseif(isset($_SERVER['HTTP_X_REAL_IP'])) { $addresses = explode(',', strtolower($_SERVER['HTTP_X_REAL_IP']));
}	}
if(is_array($addresses)) { foreach($addresses as $val)	if(is_array($addresses)) { foreach($addresses as $val)
Zeile 3927	Zeile 3941
} return $ip;	} return $ip;
}	}
/** * Fetch the friendly size (GB, MB, KB, B) for a specified file size.	/** * Fetch the friendly size (GB, MB, KB, B) for a specified file size.
Zeile 3940	Zeile 3954
global $lang; if(!is_numeric($size))	global $lang; if(!is_numeric($size))
{ return $lang->na; }	{ return $lang->na; }
// Yottabyte (1024 Zettabytes) if($size >= 1208925819614629174706176)	// Yottabyte (1024 Zettabytes) if($size >= 1208925819614629174706176)
{	{
$size = my_number_format(round(($size / 1208925819614629174706176), 2))." ".$lang->size_yb;	$size = my_number_format(round(($size / 1208925819614629174706176), 2))." ".$lang->size_yb;
}	}
// Zetabyte (1024 Exabytes) elseif($size >= 1180591620717411303424) {	// Zetabyte (1024 Exabytes) elseif($size >= 1180591620717411303424) {
Zeile 3958	Zeile 3972
elseif($size >= 1152921504606846976) { $size = my_number_format(round(($size / 1152921504606846976), 2))." ".$lang->size_eb;	elseif($size >= 1152921504606846976) { $size = my_number_format(round(($size / 1152921504606846976), 2))." ".$lang->size_eb;
}	}
// Petabyte (1024 Terabytes) elseif($size >= 1125899906842624) {	// Petabyte (1024 Terabytes) elseif($size >= 1125899906842624) {
Zeile 3987	Zeile 4001
elseif($size == 0) { $size = "0 ".$lang->size_bytes;	elseif($size == 0) { $size = "0 ".$lang->size_bytes;
} else {	} else {
$size = my_number_format($size)." ".$lang->size_bytes; }	$size = my_number_format($size)." ".$lang->size_bytes; }
Zeile 4005	Zeile 4019
function format_time_duration($time) { global $lang;	function format_time_duration($time) { global $lang;

if(!is_numeric($time)) { return $lang->na;	if(!is_numeric($time)) { return $lang->na;
Zeile 4053	Zeile 4067
if(!empty($attach_icons_schemes[$ext]['scheme'])) { $attach_icons_schemes[$ext] = $attachtypes[$ext]['icon'];	if(!empty($attach_icons_schemes[$ext]['scheme'])) { $attach_icons_schemes[$ext] = $attachtypes[$ext]['icon'];
}	}
elseif(defined("IN_ADMINCP")) { $attach_icons_schemes[$ext] = str_replace("{theme}", "", $attachtypes[$ext]['icon']);	elseif(defined("IN_ADMINCP")) { $attach_icons_schemes[$ext] = str_replace("{theme}", "", $attachtypes[$ext]['icon']);
Zeile 4430	Zeile 4444
else { $gzipen = "Disabled";	else { $gzipen = "Disabled";
}	}
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n"; echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">"; echo "<head>";	echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n"; echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">"; echo "<head>";
Zeile 4680	Zeile 4694
$nicetime['years'] = "1".$lang_year; } else if($years > 1)	$nicetime['years'] = "1".$lang_year; } else if($years > 1)
{	{
$nicetime['years'] = $years.$lang_years; }	$nicetime['years'] = $years.$lang_years; }
Zeile 5055	Zeile 5069
if($footer == true) { eval("\$themeselect = \"".$templates->get("footer_themeselector")."\";");	if($footer == true) { eval("\$themeselect = \"".$templates->get("footer_themeselector")."\";");
} else {	} else {
eval("\$themeselect = \"".$templates->get("usercp_themeselector")."\";"); }	eval("\$themeselect = \"".$templates->get("usercp_themeselector")."\";"); }
Zeile 5086	Zeile 5100
while($theme = $db->fetch_array($query)) { $tcache[$theme['pid']][$theme['tid']] = $theme;	while($theme = $db->fetch_array($query)) { $tcache[$theme['pid']][$theme['tid']] = $theme;
} } $s_theme = false;	} } $s_theme = false;
foreach($tcache as $themes) {	foreach($tcache as $themes) {
Zeile 5104	Zeile 5118
} return $s_theme;	} return $s_theme;
}	}
/** * Custom function for htmlspecialchars which takes in to account unicode *	/** * Custom function for htmlspecialchars which takes in to account unicode *
Zeile 5119	Zeile 5133
$message = str_replace(">", ">", $message); $message = str_replace("\"", """, $message); return $message;	$message = str_replace(">", ">", $message); $message = str_replace("\"", """, $message); return $message;
}	}
/** * Custom function for formatting numbers. *	/** * Custom function for formatting numbers. *
Zeile 5182	Zeile 5196
} if(!isset($use_iconv))	} if(!isset($use_iconv))
{	{
$use_iconv = function_exists("iconv"); }	$use_iconv = function_exists("iconv"); }
Zeile 5434	Zeile 5448
* @param int $tid The thread id for which to update the first post id. */ function update_first_post($tid)	* @param int $tid The thread id for which to update the first post id. */ function update_first_post($tid)
{ global $db; $query = $db->query("	{ global $db; $query = $db->query("
SELECT u.uid, u.username, p.pid, p.username AS postusername, p.dateline FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)	SELECT u.uid, u.username, p.pid, p.username AS postusername, p.dateline FROM ".TABLE_PREFIX."posts p LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
Zeile 5815	Zeile 5829
* @return string The url to the forum. */ function get_forum_link($fid, $page=0)	* @return string The url to the forum. */ function get_forum_link($fid, $page=0)
{	{
if($page > 0) { $link = str_replace("{fid}", $fid, FORUM_URL_PAGED);	if($page > 0) { $link = str_replace("{fid}", $fid, FORUM_URL_PAGED);
Zeile 5840	Zeile 5854
function get_thread_link($tid, $page=0, $action='') { if($page > 1)	function get_thread_link($tid, $page=0, $action='') { if($page > 1)
{ if($action) { $link = THREAD_URL_ACTION; $link = str_replace("{action}", $action, $link); }	{ if($action) { $link = THREAD_URL_ACTION; $link = str_replace("{action}", $action, $link); }
else { $link = THREAD_URL_PAGED;	else { $link = THREAD_URL_PAGED;
Zeile 5876	Zeile 5890
* @param int $pid The post ID of the post * @param int $tid The thread id of the post. * @return string The url to the post.	* @param int $pid The post ID of the post * @param int $tid The thread id of the post. * @return string The url to the post.
*/	*/
function get_post_link($pid, $tid=0) { if($tid > 0)	function get_post_link($pid, $tid=0) { if($tid > 0)
{	{
$link = str_replace("{tid}", $tid, THREAD_URL_POST); $link = str_replace("{pid}", $pid, $link);	$link = str_replace("{tid}", $tid, THREAD_URL_POST); $link = str_replace("{pid}", $pid, $link);
return htmlspecialchars_uni($link); }	return htmlspecialchars_uni($link); }
else { $link = str_replace("{pid}", $pid, POST_URL);	else { $link = str_replace("{pid}", $pid, POST_URL);
return htmlspecialchars_uni($link); } }	return htmlspecialchars_uni($link); } }
/** * Build the event link. *	/** * Build the event link. *
Zeile 5920	Zeile 5934
$link = str_replace("{month}", $month, CALENDAR_URL_DAY); $link = str_replace("{year}", $year, $link); $link = str_replace("{day}", $day, $link);	$link = str_replace("{month}", $month, CALENDAR_URL_DAY); $link = str_replace("{year}", $year, $link); $link = str_replace("{day}", $day, $link);
$link = str_replace("{calendar}", $calendar, $link); return htmlspecialchars_uni($link); }	$link = str_replace("{calendar}", $calendar, $link); return htmlspecialchars_uni($link); }
else if($month > 0)	else if($month > 0)
{	{
$link = str_replace("{month}", $month, CALENDAR_URL_MONTH); $link = str_replace("{year}", $year, $link); $link = str_replace("{calendar}", $calendar, $link);	$link = str_replace("{month}", $month, CALENDAR_URL_MONTH); $link = str_replace("{year}", $year, $link); $link = str_replace("{calendar}", $calendar, $link);
return htmlspecialchars_uni($link);	return htmlspecialchars_uni($link);
} /* Not implemented else if($year > 0)	} /* Not implemented else if($year > 0)
{	{
}*/ else { $link = str_replace("{calendar}", $calendar, CALENDAR_URL); return htmlspecialchars_uni($link);	}*/ else { $link = str_replace("{calendar}", $calendar, CALENDAR_URL); return htmlspecialchars_uni($link);
} }	} }
/** * Build the link to a specified week on the calendar *	/** * Build the link to a specified week on the calendar *
Zeile 5988	Zeile 6002
return $user_cache[$uid]; } return array();	return $user_cache[$uid]; } return array();
}	}
/** * Get the user data of an user username.	/** * Get the user data of an user username.
Zeile 6018	Zeile 6032
default: $field = 'LOWER(username)'; $efield = 'LOWER(email)';	default: $field = 'LOWER(username)'; $efield = 'LOWER(email)';
break; }	break; }
switch($options['username_method']) {	switch($options['username_method']) {
Zeile 6065	Zeile 6079
if(!isset($forum_cache) \|\| is_array($forum_cache)) { $forum_cache = $cache->read("forums");	if(!isset($forum_cache) \|\| is_array($forum_cache)) { $forum_cache = $cache->read("forums");
}	}
if(empty($forum_cache[$fid])) { return false;	if(empty($forum_cache[$fid])) { return false;
Zeile 6443	Zeile 6457
$terms = htmlspecialchars_uni($terms); $split_words = preg_split("#\s{1,}#", $terms, -1); if(is_array($split_words))	$terms = htmlspecialchars_uni($terms); $split_words = preg_split("#\s{1,}#", $terms, -1); if(is_array($split_words))
{	{
foreach($split_words as $word) { if(!$word \|\| strlen($word) < $mybb->settings['minsearchword'])	foreach($split_words as $word) { if(!$word \|\| strlen($word) < $mybb->settings['minsearchword'])
Zeile 6452	Zeile 6466
} $words[] = trim($word); }	} $words[] = trim($word); }
}	}
} if(!is_array($words))	} if(!is_array($words))
Zeile 6468	Zeile 6482
foreach($words as $word) { $word = trim($word);	foreach($words as $word) { $word = trim($word);

$word = my_strtolower($word); // Special boolean operators should be stripped	$word = my_strtolower($word); // Special boolean operators should be stripped
Zeile 6476	Zeile 6490
{ continue; }	{ continue; }

// Now make PREG compatible $find = "#(?!<.?)(".preg_quote($word, "#").")(?![^<>]?>)#ui"; $replacement = "<span class=\"highlight\" style=\"padding-left: 0px; padding-right: 0px;\">$1</span>";	// Now make PREG compatible $find = "#(?!<.?)(".preg_quote($word, "#").")(?![^<>]?>)#ui"; $replacement = "<span class=\"highlight\" style=\"padding-left: 0px; padding-right: 0px;\">$1</span>";
Zeile 6500	Zeile 6514
if($src < 0) { return false;	if($src < 0) { return false;
}	}
elseif($src <= 0x007f)	elseif($src <= 0x007f)
{	{
$dest .= chr($src); } elseif($src <= 0x07ff) { $dest .= chr(0xc0 \| ($src >> 6));	$dest .= chr($src); } elseif($src <= 0x07ff) { $dest .= chr(0xc0 \| ($src >> 6));
$dest .= chr(0x80 \| ($src & 0x003f)); }	$dest .= chr(0x80 \| ($src & 0x003f)); }
elseif($src <= 0xffff) { $dest .= chr(0xe0 \| ($src >> 12)); $dest .= chr(0x80 \| (($src >> 6) & 0x003f)); $dest .= chr(0x80 \| ($src & 0x003f));	elseif($src <= 0xffff) { $dest .= chr(0xe0 \| ($src >> 12)); $dest .= chr(0x80 \| (($src >> 6) & 0x003f)); $dest .= chr(0x80 \| ($src & 0x003f));
}	}
elseif($src <= 0x10ffff) { $dest .= chr(0xf0 \| ($src >> 18));	elseif($src <= 0x10ffff) { $dest .= chr(0xf0 \| ($src >> 18));
Zeile 6530	Zeile 6544
} return $dest;	} return $dest;
}	}
/** * Checks if a username has been disallowed for registration/use. *	/** * Checks if a username has been disallowed for registration/use. *
Zeile 6572	Zeile 6586
{ global $cache, $db;	{ global $cache, $db;
$banned_cache = $cache->read("bannedemails");	$banned_cache = $cache->read("bannedemails");
if($banned_cache === false) { // Failed to read cache, see if we can rebuild it	if($banned_cache === false) { // Failed to read cache, see if we can rebuild it
Zeile 6764	Zeile 6778
eval("\$select = \"".$templates->get("usercp_options_timezone")."\";"); return $select;	eval("\$select = \"".$templates->get("usercp_options_timezone")."\";"); return $select;
}	}
/** * Fetch the contents of a remote file.	/** * Fetch the contents of a remote file.
Zeile 6777	Zeile 6791
function fetch_remote_file($url, $post_data=array(), $max_redirects=20) { global $mybb, $config;	function fetch_remote_file($url, $post_data=array(), $max_redirects=20) { global $mybb, $config;
$url_components = @parse_url($url);	if(!my_validate_url($url, true)) { return false; } $url_components = @parse_url($url); if(!isset($url_components['scheme'])) { $url_components['scheme'] = 'https'; } if(!isset($url_components['port'])) { $url_components['port'] = $url_components['scheme'] == 'https' ? 443 : 80; }
if( !$url_components \|\| empty($url_components['host']) \|\| (!empty($url_components['scheme']) && !in_array($url_components['scheme'], array('http', 'https'))) \|\|	if( !$url_components \|\| empty($url_components['host']) \|\| (!empty($url_components['scheme']) && !in_array($url_components['scheme'], array('http', 'https'))) \|\|
(!empty($url_components['port']) && !in_array($url_components['port'], array(80, 8080, 443))) \|\|	(!in_array($url_components['port'], array(80, 8080, 443))) \|\|
(!empty($config['disallowed_remote_hosts']) && in_array($url_components['host'], $config['disallowed_remote_hosts'])) )	(!empty($config['disallowed_remote_hosts']) && in_array($url_components['host'], $config['disallowed_remote_hosts'])) )
{	{
return false; }	return false; }
	$addresses = get_ip_by_hostname($url_components['host']); $destination_address = $addresses[0];
if(!empty($config['disallowed_remote_addresses']))	if(!empty($config['disallowed_remote_addresses']))
{ $addresses = gethostbynamel($url_components['host']); if($addresses) { foreach($config['disallowed_remote_addresses'] as $disallowed_address)	{ foreach($config['disallowed_remote_addresses'] as $disallowed_address) { $ip_range = fetch_ip_range($disallowed_address); $packed_address = my_inet_pton($destination_address); if(is_array($ip_range))
{	{
$ip_range = fetch_ip_range($disallowed_address); foreach($addresses as $address)	if(strcmp($ip_range[0], $packed_address) <= 0 && strcmp($ip_range[1], $packed_address) >= 0)
{	{
$packed_address = my_inet_pton($address); if(is_array($ip_range)) { if(strcmp($ip_range[0], $packed_address) <= 0 && strcmp($ip_range[1], $packed_address) >= 0) { return false; } } elseif($address == $disallowed_address) { return false; }	return false;
}	}
	} elseif($destination_address == $disallowed_address) { return false;
} } }	} } }
Zeile 6830	Zeile 6855
} if(function_exists("curl_init"))	} if(function_exists("curl_init"))
{ $can_followlocation = @ini_get('open_basedir') === '' && !$mybb->safemode; $request_header = $max_redirects != 0 && !$can_followlocation; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, $request_header); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); if($max_redirects != 0 && $can_followlocation) { curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_MAXREDIRS, $max_redirects); } if(!empty($post_body))	{ $fetch_header = $max_redirects > 0; $ch = curl_init(); $curlopt = array( CURLOPT_URL => $url, CURLOPT_HEADER => $fetch_header, CURLOPT_TIMEOUT => 10, CURLOPT_RETURNTRANSFER => 1, CURLOPT_FOLLOWLOCATION => 0, ); if($ca_bundle_path = get_ca_bundle_path()) { $curlopt[CURLOPT_SSL_VERIFYPEER] = 1; $curlopt[CURLOPT_CAINFO] = $ca_bundle_path; } else { $curlopt[CURLOPT_SSL_VERIFYPEER] = 0; } $curl_version_info = curl_version(); $curl_version = $curl_version_info['version']; if(version_compare(PHP_VERSION, '7.0.7', '>=') && version_compare($curl_version, '7.49', '>=')) { // CURLOPT_CONNECT_TO $curlopt[10243] = array( $url_components['host'].':'.$url_components['port'].':'.$destination_address ); } elseif(version_compare(PHP_VERSION, '5.5', '>=') && version_compare($curl_version, '7.21.3', '>=')) { // CURLOPT_RESOLVE $curlopt[10203] = array( $url_components['host'].':'.$url_components['port'].':'.$destination_address ); } if(!empty($post_body))
{	{
curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_body);	$curlopt[CURLOPT_POST] = 1; $curlopt[CURLOPT_POSTFIELDS] = $post_body;
}	}
	curl_setopt_array($ch, $curlopt);
$response = curl_exec($ch);	$response = curl_exec($ch);
if($request_header)	if($fetch_header)
{ $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE); $header = substr($response, 0, $header_size);	{ $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE); $header = substr($response, 0, $header_size);
Zeile 6874	Zeile 6924
else { $data = $body;	else { $data = $body;
} }	} }
else { $data = $response;	else { $data = $response;
Zeile 6886	Zeile 6936
} else if(function_exists("fsockopen")) {	} else if(function_exists("fsockopen")) {
if(!isset($url_components['port'])) { $url_components['port'] = 80; }
if(!isset($url_components['path'])) { $url_components['path'] = "/";	if(!isset($url_components['path'])) { $url_components['path'] = "/";
}	}
if(isset($url_components['query'])) { $url_components['path'] .= "?{$url_components['query']}";	if(isset($url_components['query'])) { $url_components['path'] .= "?{$url_components['query']}";
Zeile 6910	Zeile 6956
} }	} }
$fp = @fsockopen($scheme.$url_components['host'], $url_components['port'], $error_no, $error, 10);	if(function_exists('stream_context_create')) { if($url_components['scheme'] == 'https' && $ca_bundle_path = get_ca_bundle_path()) { $context = stream_context_create(array( 'ssl' => array( 'verify_peer' => true, 'verify_peer_name' => true, 'peer_name' => $url_components['host'], 'cafile' => $ca_bundle_path, ), )); } else { $context = stream_context_create(array( 'ssl' => array( 'verify_peer' => false, 'verify_peer_name' => false, ), )); } $fp = @stream_socket_client($scheme.$destination_address.':'.(int)$url_components['port'], $error_no, $error, 10, STREAM_CLIENT_CONNECT, $context); } else { $fp = @fsockopen($scheme.$url_components['host'], (int)$url_components['port'], $error_no, $error, 10); }
@stream_set_timeout($fp, 10); if(!$fp) { return false; } $headers = array();	@stream_set_timeout($fp, 10); if(!$fp) { return false; } $headers = array();
if(!empty($post_body)) {	if(!empty($post_body)) {
$headers[] = "POST {$url_components['path']} HTTP/1.0"; $headers[] = "Content-Length: ".strlen($post_body); $headers[] = "Content-Type: application/x-www-form-urlencoded";	$headers[] = "POST {$url_components['path']} HTTP/1.0"; $headers[] = "Content-Length: ".strlen($post_body); $headers[] = "Content-Type: application/x-www-form-urlencoded";
Zeile 6926	Zeile 7001
else { $headers[] = "GET {$url_components['path']} HTTP/1.0";	else { $headers[] = "GET {$url_components['path']} HTTP/1.0";
}	}
$headers[] = "Host: {$url_components['host']}"; $headers[] = "Connection: Close";	$headers[] = "Host: {$url_components['host']}"; $headers[] = "Connection: Close";
Zeile 6962	Zeile 7037
$status_line = current(explode("\n\n", $header, 1)); $body = $data[1];	$status_line = current(explode("\n\n", $header, 1)); $body = $data[1];
if($max_redirects != 0 && (strstr($status_line, ' 301 ') \|\| strstr($status_line, ' 302 ')))	if($max_redirects > 0 && (strstr($status_line, ' 301 ') \|\| strstr($status_line, ' 302 ')))
{ preg_match('/Location:(.*?)(?:\n\|$)/', $header, $matches);	{ preg_match('/Location:(.*?)(?:\n\|$)/', $header, $matches);
Zeile 6976	Zeile 7051
$data = $body; }	$data = $body; }
return $data; } else if(empty($post_data))	return $data; } else { return false; } } /** * Resolves a hostname into a set of IP addresses. * * @param string $hostname The hostname to be resolved * @return array\|bool The resulting IP addresses. False on failure / function get_ip_by_hostname($hostname) { $addresses = @gethostbynamel($hostname); if(!$addresses) { $result_set = @dns_get_record($hostname, DNS_A \| DNS_AAAA); if($result_set) { $addresses = array_column($result_set, 'ip'); } else { return false; } } return $addresses; } /* * Returns the location of the CA bundle defined in the PHP configuration. * * @return string\|bool The location of the CA bundle, false if not set */ function get_ca_bundle_path() { if($path = ini_get('openssl.cafile')) { return $path; } if($path = ini_get('curl.cainfo'))
{	{
return @implode("", @file($url)); } else { return false;	return $path;
}	}
	return false;
} /**	} /**
Zeile 7640	Zeile 7757
global $mybb, $checksums, $bad_verify_files; // We don't need to check these types of files	global $mybb, $checksums, $bad_verify_files; // We don't need to check these types of files
$ignore = array(".", "..", ".svn", "config.php", "settings.php", "Thumb.db", "config.default.php", "lock", "htaccess.txt", "logo.gif", "logo.png");	$ignore = array(".", "..", ".svn", "config.php", "settings.php", "Thumb.db", "config.default.php", "lock", "htaccess.txt", "htaccess-nginx.txt", "logo.gif", "logo.png");
$ignore_ext = array("attach"); if(substr($path, -1, 1) == "/")	$ignore_ext = array("attach"); if(substr($path, -1, 1) == "/")
Zeile 8477	Zeile 8594
* * @param string $url The url to validate. * @param bool $relative_path Whether or not the url could be a relative path.	* * @param string $url The url to validate. * @param bool $relative_path Whether or not the url could be a relative path.
	* @param bool $allow_local Whether or not the url could be pointing to local networks.
* * @return bool Whether this is a valid url. */	* * @return bool Whether this is a valid url. */
function my_validate_url($url, $relative_path=false)	function my_validate_url($url, $relative_path=false, $allow_local=false)
{	{
if($relative_path && my_substr($url, 0, 1) == '/' \|\| preg_match('_^(?:(?:https?\|ftp)://)(?:\S+(?::\S)?@)?(?:(?!(?:10\|127)(?:\.\d{1,3}){3})(?!(?:169\.254\|192\.168)(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]\|2\d\|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?\|1\d\d\|2[01]\d\|22[0-3])(?:\.(?:1?\d{1,2}\|2[0-4]\d\|25[0-5])){2}(?:\.(?:[1-9]\d?\|1\d\d\|2[0-4]\d\|25[0-4]))\|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,}))\.?)(?::\d{2,5})?(?:[/?#]\S*)?$_iuS', $url))	if($allow_local) { $regex = '_^(?:(?:https?\|ftp)://)(?:\S+(?::\S)?@)?(?:(?:[1-9]\d?\|1\d\d\|2[01]\d\|22[0-3])(?:\.(?:1?\d{1,2}\|2[0-4]\d\|25[0-5])){2}(?:\.(?:[1-9]\d?\|1\d\d\|2[0-4]\d\|25[0-4]))\|(?:localhost\|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,}))\.?))(?::\d{2,5})?(?:[/?#]\S)?$_iuS'; } else { $regex = '_^(?:(?:https?\|ftp)://)(?:\S+(?::\S)?@)?(?:(?!(?:10\|127)(?:\.\d{1,3}){3})(?!(?:169\.254\|192\.168)(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]\|2\d\|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?\|1\d\d\|2[01]\d\|22[0-3])(?:\.(?:1?\d{1,2}\|2[0-4]\d\|25[0-5])){2}(?:\.(?:[1-9]\d?\|1\d\d\|2[0-4]\d\|25[0-4]))\|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,}))\.?)(?::\d{2,5})?(?:[/?#]\S)?$_iuS'; } if($relative_path && my_substr($url, 0, 1) == '/' \|\| preg_match($regex, $url))
{ return true;	{ return true;
	} return false; } /** * Strip html tags from string, also removes <script> and <style> contents. * * @param string $string String to stripe * @param string $allowable_tags Allowed html tags * * @return string Striped string / function my_strip_tags($string, $allowable_tags = '') { $pattern = array( '@(<)style[^(>)]?(>).?(<)/style(>)@siu', '@(<)script[^(>)]?.?(<)/script(>)@siu', '@<style[^>]?>.?</style>@siu', '@<script[^>]?.?</script>@siu', ); $string = preg_replace($pattern, '', $string); return strip_tags($string, $allowable_tags); } /* * Escapes a RFC 4180-compliant CSV string. * Based on https://github.com/Automattic/camptix/blob/f80725094440bf09861383b8f11e96c177c45789/camptix.php#L2867 * * @param string $string The string to be escaped * @param boolean $escape_active_content Whether or not to escape active content trigger characters * @return string The escaped string */ function my_escape_csv($string, $escape_active_content=true) { if($escape_active_content) { $active_content_triggers = array('=', '+', '-', '@'); $delimiters = array(',', ';', ':', '\|', '^', "\n", "\t", " "); $first_character = mb_substr($string, 0, 1); if( in_array($first_character, $active_content_triggers, true) \|\| in_array($first_character, $delimiters, true) ) { $string = "'".$string; } foreach($delimiters as $delimiter) { foreach($active_content_triggers as $trigger) { $string = str_replace($delimiter.$trigger, $delimiter."'".$trigger, $string); } }
}	}
return false;	$string = str_replace('"', '""', $string); return $string;
}	}