Vergleich inc/functions.php - 1.8.6 - 1.8.13

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 322	Zeile 322
/** * Turn a unix timestamp in to a "friendly" date/time format for the user. *	/** * Turn a unix timestamp in to a "friendly" date/time format for the user. *
* @param string $format A date format according to PHP's date structure.	* @param string $format A date format (either relative, normal or PHP's date() structure).
* @param int $stamp The unix timestamp the date should be generated for. * @param int\|string $offset The offset in hours that should be applied to times. (timezones) Or an empty string to determine that automatically * @param int $ty Whether or not to use today/yesterday formatting.	* @param int $stamp The unix timestamp the date should be generated for. * @param int\|string $offset The offset in hours that should be applied to times. (timezones) Or an empty string to determine that automatically * @param int $ty Whether or not to use today/yesterday formatting.
Zeile 343	Zeile 343
{ if(isset($mybb->user['uid']) && $mybb->user['uid'] != 0 && array_key_exists("timezone", $mybb->user)) {	{ if(isset($mybb->user['uid']) && $mybb->user['uid'] != 0 && array_key_exists("timezone", $mybb->user)) {
$offset = $mybb->user['timezone'];	$offset = (float)$mybb->user['timezone'];
$dstcorrection = $mybb->user['dst']; } elseif(defined("IN_ADMINCP")) {	$dstcorrection = $mybb->user['dst']; } elseif(defined("IN_ADMINCP")) {
$offset = $mybbadmin['timezone'];	$offset = (float)$mybbadmin['timezone'];
$dstcorrection = $mybbadmin['dst']; } else {	$dstcorrection = $mybbadmin['dst']; } else {
$offset = $mybb->settings['timezoneoffset'];	$offset = (float)$mybb->settings['timezoneoffset'];
$dstcorrection = $mybb->settings['dstcorrection']; }	$dstcorrection = $mybb->settings['dstcorrection']; }
Zeile 380	Zeile 380
} $todaysdate = $yesterdaysdate = '';	} $todaysdate = $yesterdaysdate = '';
if($ty && ($format == $mybb->settings['dateformat'] \|\| $format == 'relative'))	if($ty && ($format == $mybb->settings['dateformat'] \|\| $format == 'relative' \|\| $format == 'normal'))
{ $_stamp = TIME_NOW; if($adodb == true)	{ $_stamp = TIME_NOW; if($adodb == true)
Zeile 400	Zeile 400
if($format == 'relative') { // Relative formats both date and time	if($format == 'relative') { // Relative formats both date and time
	$real_date = $real_time = ''; if($adodb == true) { $real_date = adodb_date($mybb->settings['dateformat'], $stamp + ($offset * 3600)); $real_time = $mybb->settings['datetimesep']; $real_time .= adodb_date($mybb->settings['timeformat'], $stamp + ($offset * 3600)); } else { $real_date = gmdate($mybb->settings['dateformat'], $stamp + ($offset * 3600)); $real_time = $mybb->settings['datetimesep']; $real_time .= gmdate($mybb->settings['timeformat'], $stamp + ($offset * 3600)); }
if($ty != 2 && abs(TIME_NOW - $stamp) < 3600) { $diff = TIME_NOW - $stamp; $relative = array('prefix' => '', 'minute' => 0, 'plural' => $lang->rel_minutes_plural, 'suffix' => $lang->rel_ago);	if($ty != 2 && abs(TIME_NOW - $stamp) < 3600) { $diff = TIME_NOW - $stamp; $relative = array('prefix' => '', 'minute' => 0, 'plural' => $lang->rel_minutes_plural, 'suffix' => $lang->rel_ago);
if($diff < 0) { $diff = abs($diff); $relative['suffix'] = '';	if($diff < 0) { $diff = abs($diff); $relative['suffix'] = '';
$relative['prefix'] = $lang->rel_in; }	$relative['prefix'] = $lang->rel_in; }
Zeile 423	Zeile 437
if($diff <= 60) { // Less than a minute	if($diff <= 60) { // Less than a minute
$relative['prefix'] = $lang->rel_less_than; } $date = $lang->sprintf($lang->rel_time, $relative['prefix'], $relative['minute'], $relative['plural'], $relative['suffix']);	$relative['prefix'] = $lang->rel_less_than; } $date = $lang->sprintf($lang->rel_time, $relative['prefix'], $relative['minute'], $relative['plural'], $relative['suffix'], $real_date, $real_time);
} elseif($ty != 2 && abs(TIME_NOW - $stamp) < 43200) {	} elseif($ty != 2 && abs(TIME_NOW - $stamp) < 43200) {
Zeile 448	Zeile 462
$relative['plural'] = $lang->rel_hours_single; }	$relative['plural'] = $lang->rel_hours_single; }
$date = $lang->sprintf($lang->rel_time, $relative['prefix'], $relative['hour'], $relative['plural'], $relative['suffix']);	$date = $lang->sprintf($lang->rel_time, $relative['prefix'], $relative['hour'], $relative['plural'], $relative['suffix'], $real_date, $real_time);
} else { if($ty)	} else { if($ty)
{	{
if($todaysdate == $date) {	if($todaysdate == $date) {
$date = $lang->today;	$date = $lang->sprintf($lang->today_rel, $real_date);
} else if($yesterdaysdate == $date) {	} else if($yesterdaysdate == $date) {
$date = $lang->yesterday;	$date = $lang->sprintf($lang->yesterday_rel, $real_date);
} }	} }
Zeile 473	Zeile 487
{ $date .= gmdate($mybb->settings['timeformat'], $stamp + ($offset * 3600)); }	{ $date .= gmdate($mybb->settings['timeformat'], $stamp + ($offset * 3600)); }
	} } elseif($format == 'normal') { // Normal format both date and time if($ty != 2) { if($todaysdate == $date) { $date = $lang->today; } else if($yesterdaysdate == $date) { $date = $lang->yesterday; } } $date .= $mybb->settings['datetimesep']; if($adodb == true) { $date .= adodb_date($mybb->settings['timeformat'], $stamp + ($offset * 3600)); } else { $date .= gmdate($mybb->settings['timeformat'], $stamp + ($offset * 3600));
} } else	} } else
Zeile 598	Zeile 637
function verify_post_check($code, $silent=false) { global $lang;	function verify_post_check($code, $silent=false) { global $lang;
if(generate_post_check() != $code)	if(generate_post_check() !== $code)
{ if($silent == true) {	{ if($silent == true) {
Zeile 645	Zeile 684
{ cache_forums(); return $forum_cache[$fid]['parentlist'];	{ cache_forums(); return $forum_cache[$fid]['parentlist'];
} }	} }
/** * Build a parent list of a specific forum, suitable for querying	/** * Build a parent list of a specific forum, suitable for querying
Zeile 865	Zeile 904
if($mybb->user['uid']) {	if($mybb->user['uid']) {
$lang->error_nopermission_user_username = $lang->sprintf($lang->error_nopermission_user_username, $mybb->user['username']);	$lang->error_nopermission_user_username = $lang->sprintf($lang->error_nopermission_user_username, htmlspecialchars_uni($mybb->user['username']));
eval("\$errorpage = \"".$templates->get("error_nopermission_loggedin")."\";"); } else	eval("\$errorpage = \"".$templates->get("error_nopermission_loggedin")."\";"); } else
Zeile 889	Zeile 928
break; case 2: $lang_username = $lang->username2;	break; case 2: $lang_username = $lang->username2;
break;	break;
default: $lang_username = $lang->username; break;	default: $lang_username = $lang->username; break;
Zeile 966	Zeile 1005
run_shutdown();	run_shutdown();
if(my_substr($url, 0, 7) !== 'http://' && my_substr($url, 0, 8) !== 'https://' && my_substr($url, 0, 1) !== '/')	if(!my_validate_url($url, true, true))
{ header("Location: {$mybb->settings['bburl']}/{$url}"); }	{ header("Location: {$mybb->settings['bburl']}/{$url}"); }
Zeile 1132	Zeile 1171
"&page={page}", "{page}" );	"&page={page}", "{page}" );

// Remove "Page 1" to the defacto URL $url = str_replace($find, array("", "", $page), $url); return $url;	// Remove "Page 1" to the defacto URL $url = str_replace($find, array("", "", $page), $url); return $url;
Zeile 1154	Zeile 1193
else { $url = str_replace("{page}", $page, $url);	else { $url = str_replace("{page}", $page, $url);
}	}
return $url; }	return $url; }
Zeile 1166	Zeile 1205
* @return array Array of user permissions for the specified user */ function user_permissions($uid=0)	* @return array Array of user permissions for the specified user */ function user_permissions($uid=0)
{	{
global $mybb, $cache, $groupscache, $user_cache;	global $mybb, $cache, $groupscache, $user_cache;

// If no user id is specified, assume it is the current user if($uid == 0) {	// If no user id is specified, assume it is the current user if($uid == 0) {
Zeile 1177	Zeile 1216
// User id does not match current user, fetch permissions if($uid != $mybb->user['uid'])	// User id does not match current user, fetch permissions if($uid != $mybb->user['uid'])
{	{
// We've already cached permissions for this user, return them.	// We've already cached permissions for this user, return them.
if($user_cache[$uid]['permissions'])	if(!empty($user_cache[$uid]['permissions']))
{ return $user_cache[$uid]['permissions']; } // This user was not already cached, fetch their user information.	{ return $user_cache[$uid]['permissions']; } // This user was not already cached, fetch their user information.
if(!$user_cache[$uid])	if(empty($user_cache[$uid]))
{ $user_cache[$uid] = get_user($uid); }	{ $user_cache[$uid] = get_user($uid); }
Zeile 1202	Zeile 1241
else { return $mybb->usergroup;	else { return $mybb->usergroup;
}	}
} /** * Fetch the usergroup permissions for a specific group or series of groups combined * * @param int\|string $gid A list of groups (Can be a single integer, or a list of groups separated by a comma)	} /** * Fetch the usergroup permissions for a specific group or series of groups combined * * @param int\|string $gid A list of groups (Can be a single integer, or a list of groups separated by a comma)
* @return array Array of permissions generated for the groups	* @return array Array of permissions generated for the groups, containing also a list of comma-separated checked groups under 'all_usergroups' index
*/ function usergroup_permissions($gid=0) { global $cache, $groupscache, $grouppermignore, $groupzerogreater;	*/ function usergroup_permissions($gid=0) { global $cache, $groupscache, $grouppermignore, $groupzerogreater;

if(!is_array($groupscache))	if(!is_array($groupscache))
{	{
$groupscache = $cache->read("usergroups");	$groupscache = $cache->read("usergroups");
} $groups = explode(",", $gid);	} $groups = explode(",", $gid);
if(count($groups) == 1) {	if(count($groups) == 1) {
	$groupscache[$gid]['all_usergroups'] = $gid;
return $groupscache[$gid]; }	return $groupscache[$gid]; }

$usergroup = array();	$usergroup = array();
	$usergroup['all_usergroups'] = $gid;
foreach($groups as $gid) {	foreach($groups as $gid) {
if(trim($gid) == "" \|\| !$groupscache[$gid])	if(trim($gid) == "" \|\| empty($groupscache[$gid]))
{ continue; }	{ continue; }
Zeile 1378	Zeile 1419
* @return array Permissions for this forum */ function fetch_forum_permissions($fid, $gid, $groupperms)	* @return array Permissions for this forum */ function fetch_forum_permissions($fid, $gid, $groupperms)
{	{
global $groupscache, $forum_cache, $fpermcache, $mybb, $fpermfields; $groups = explode(",", $gid);	global $groupscache, $forum_cache, $fpermcache, $mybb, $fpermfields; $groups = explode(",", $gid);
Zeile 1714	Zeile 1755
{ foreach($modcache as $modusers) {	{ foreach($modcache as $modusers) {
if(isset($modusers['users'][$uid]) && $modusers['users'][$uid]['mid'])	if(isset($modusers['users'][$uid]) && $modusers['users'][$uid]['mid'] && (!$action \|\| !empty($modusers['users'][$uid][$action])))
{ return true; }	{ return true; }
elseif(isset($user_perms['gid']) && isset($modusers['usergroups'][$user_perms['gid']]))	$groups = explode(',', $user_perms['all_usergroups']); foreach($groups as $group)
{	{
// Moderating usergroup return true;	if(trim($group) != '' && isset($modusers['usergroups'][$group]) && (!$action \|\| !empty($modusers['usergroups'][$group][$action]))) { return true; }
}	}
}	}
} return false; }	} return false; }
Zeile 1732	Zeile 1778
$modperms = get_moderator_permissions($fid, $uid); if(!$action && $modperms)	$modperms = get_moderator_permissions($fid, $uid); if(!$action && $modperms)
{	{
return true; } else { if(isset($modperms[$action]) && $modperms[$action] == 1)	return true; } else { if(isset($modperms[$action]) && $modperms[$action] == 1)
{	{
return true; } else { return false;	return true; } else { return false;
}	}
} } }	} } }
Zeile 1774	Zeile 1820
$posticons[$posticon['name']] = $posticon; } krsort($posticons);	$posticons[$posticon['name']] = $posticon; } krsort($posticons);

foreach($posticons as $dbicon) { $dbicon['path'] = str_replace("{theme}", $theme['imgdir'], $dbicon['path']);	foreach($posticons as $dbicon) { $dbicon['path'] = str_replace("{theme}", $theme['imgdir'], $dbicon['path']);
Zeile 1794	Zeile 1840
eval("\$iconlist .= \"".$templates->get("posticons_icon")."\";"); }	eval("\$iconlist .= \"".$templates->get("posticons_icon")."\";"); }
eval("\$posticons = \"".$templates->get("posticons")."\";");	if(!empty($iconlist)) { eval("\$posticons = \"".$templates->get("posticons")."\";"); } else { $posticons = ''; }
return $posticons; }	return $posticons; }
Zeile 1835	Zeile 1888
// Versions of PHP prior to 5.2 do not support HttpOnly cookies and IE is buggy when specifying a blank domain so set the cookie manually $cookie = "Set-Cookie: {$mybb->settings['cookieprefix']}{$name}=".urlencode($value);	// Versions of PHP prior to 5.2 do not support HttpOnly cookies and IE is buggy when specifying a blank domain so set the cookie manually $cookie = "Set-Cookie: {$mybb->settings['cookieprefix']}{$name}=".urlencode($value);

if($expires > 0) { $cookie .= "; expires=".@gmdate('D, d-M-Y H:i:s \\G\\M\\T', $expires);	if($expires > 0) { $cookie .= "; expires=".@gmdate('D, d-M-Y H:i:s \\G\\M\\T', $expires);
}	}
if(!empty($mybb->settings['cookiepath'])) { $cookie .= "; path={$mybb->settings['cookiepath']}";	if(!empty($mybb->settings['cookiepath'])) { $cookie .= "; path={$mybb->settings['cookiepath']}";
}	}
if(!empty($mybb->settings['cookiedomain'])) { $cookie .= "; domain={$mybb->settings['cookiedomain']}";	if(!empty($mybb->settings['cookiedomain'])) { $cookie .= "; domain={$mybb->settings['cookiedomain']}";
}	}
if($httponly == true)	if($httponly == true)
{	{
$cookie .= "; HttpOnly";	$cookie .= "; HttpOnly";
	} if($mybb->settings['cookiesecureflag']) { $cookie .= "; Secure";
} $mybb->cookies[$name] = $value;	} $mybb->cookies[$name] = $value;
Zeile 1863	Zeile 1921
/** * Unset a cookie set by MyBB.	/** * Unset a cookie set by MyBB.
* * @param string $name The cookie identifier. */	* * @param string $name The cookie identifier. */
function my_unsetcookie($name) { global $mybb;	function my_unsetcookie($name) { global $mybb;
Zeile 2145	Zeile 2203
{ mb_internal_encoding($mbIntEnc); }	{ mb_internal_encoding($mbIntEnc); }

return $out; }	return $out; }
Zeile 2154	Zeile 2212
* Safe serialize() replacement * - output a strict subset of PHP's native serialized representation * - does not my_serialize objects	* Safe serialize() replacement * - output a strict subset of PHP's native serialized representation * - does not my_serialize objects
*	*
* @param mixed $value * @return string * @throw Exception if $value is malformed or contains unsupported types (e.g., resources, objects)	* @param mixed $value * @return string * @throw Exception if $value is malformed or contains unsupported types (e.g., resources, objects)
Zeile 2165	Zeile 2223
{ return 'N;'; }	{ return 'N;'; }

if(is_bool($value)) { return 'b:'.(int)$value.';'; }	if(is_bool($value)) { return 'b:'.(int)$value.';'; }

if(is_int($value)) { return 'i:'.$value.';'; }	if(is_int($value)) { return 'i:'.$value.';'; }

if(is_float($value))	if(is_float($value))
{	{
return 'd:'.str_replace(',', '.', $value).';'; }	return 'd:'.str_replace(',', '.', $value).';'; }

if(is_string($value)) { return 's:'.strlen($value).':"'.$value.'";';	if(is_string($value)) { return 's:'.strlen($value).':"'.$value.'";';
}	}
if(is_array($value)) { $out = '';	if(is_array($value)) { $out = '';
Zeile 2193	Zeile 2251
{ $out .= _safe_serialize($k) . _safe_serialize($v); }	{ $out .= _safe_serialize($k) . _safe_serialize($v); }

return 'a:'.count($value).':{'.$out.'}';	return 'a:'.count($value).':{'.$out.'}';
}	}
// safe_serialize cannot my_serialize resources or objects return false;	// safe_serialize cannot my_serialize resources or objects return false;
Zeile 2212	Zeile 2270
{ // ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen() if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))	{ // ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen() if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
{	{
$mbIntEnc = mb_internal_encoding(); mb_internal_encoding('ASCII');	$mbIntEnc = mb_internal_encoding(); mb_internal_encoding('ASCII');
}	}
$out = _safe_serialize($value); if(isset($mbIntEnc)) { mb_internal_encoding($mbIntEnc); }	$out = _safe_serialize($value); if(isset($mbIntEnc)) { mb_internal_encoding($mbIntEnc); }

return $out; }	return $out; }
Zeile 2357	Zeile 2415
else { $stats = $stats_changes;	else { $stats = $stats_changes;
}	}
$new_stats = array(); $counters = array('numthreads', 'numunapprovedthreads', 'numposts', 'numunapprovedposts', 'numusers', 'numdeletedposts', 'numdeletedthreads');	$new_stats = array(); $counters = array('numthreads', 'numunapprovedthreads', 'numposts', 'numunapprovedposts', 'numusers', 'numdeletedposts', 'numdeletedthreads');
Zeile 2414	Zeile 2472
$query = $db->simple_select("users", "uid, username", "", array('order_by' => 'regdate', 'order_dir' => 'DESC', 'limit' => 1)); $lastmember = $db->fetch_array($query); $new_stats['lastuid'] = $lastmember['uid'];	$query = $db->simple_select("users", "uid, username", "", array('order_by' => 'regdate', 'order_dir' => 'DESC', 'limit' => 1)); $lastmember = $db->fetch_array($query); $new_stats['lastuid'] = $lastmember['uid'];
$new_stats['lastusername'] = $lastmember['username'];	$new_stats['lastusername'] = $lastmember['username'] = htmlspecialchars_uni($lastmember['username']);
} if(!empty($new_stats))	} if(!empty($new_stats))
Zeile 2432	Zeile 2490
// Update stats row for today in the database $todays_stats = array( "dateline" => mktime(0, 0, 0, date("m"), date("j"), date("Y")),	// Update stats row for today in the database $todays_stats = array( "dateline" => mktime(0, 0, 0, date("m"), date("j"), date("Y")),
"numusers" => $stats['numusers'], "numthreads" => $stats['numthreads'], "numposts" => $stats['numposts']	"numusers" => (int)$stats['numusers'], "numthreads" => (int)$stats['numthreads'], "numposts" => (int)$stats['numposts']
); $db->replace_query("stats", $todays_stats, "dateline");	); $db->replace_query("stats", $todays_stats, "dateline");
Zeile 2692	Zeile 2750
WHERE p.tid='$tid' AND p.visible='1' ORDER BY p.dateline DESC LIMIT 1"	WHERE p.tid='$tid' AND p.visible='1' ORDER BY p.dateline DESC LIMIT 1"
); $lastpost = $db->fetch_array($query); $db->free_result($query);	); $lastpost = $db->fetch_array($query); $db->free_result($query);
$query = $db->query(" SELECT u.uid, u.username, p.pid, p.username AS postusername, p.dateline FROM ".TABLE_PREFIX."posts p	$query = $db->query(" SELECT u.uid, u.username, p.pid, p.username AS postusername, p.dateline FROM ".TABLE_PREFIX."posts p
Zeile 2710	Zeile 2768
$db->free_result($query); if(empty($firstpost['username']))	$db->free_result($query); if(empty($firstpost['username']))
{	{
$firstpost['username'] = $firstpost['postusername'];	$firstpost['username'] = $firstpost['postusername'];
}	}
if(empty($lastpost['username'])) {	if(empty($lastpost['username'])) {
Zeile 2724	Zeile 2782
$lastpost['username'] = $firstpost['username']; $lastpost['uid'] = $firstpost['uid']; $lastpost['dateline'] = $firstpost['dateline'];	$lastpost['username'] = $firstpost['username']; $lastpost['uid'] = $firstpost['uid']; $lastpost['dateline'] = $firstpost['dateline'];
}	}
$lastpost['username'] = $db->escape_string($lastpost['username']); $firstpost['username'] = $db->escape_string($firstpost['username']);	$lastpost['username'] = $db->escape_string($lastpost['username']); $firstpost['username'] = $db->escape_string($firstpost['username']);
Zeile 2752	Zeile 2810
global $db; $update_query = array();	global $db; $update_query = array();

$counters = array('postnum', 'threadnum'); $uid = (int)$uid;	$counters = array('postnum', 'threadnum'); $uid = (int)$uid;
Zeile 2779	Zeile 2837
else { $update_query[$counter] = $changes[$counter];	else { $update_query[$counter] = $changes[$counter];
}	}
// Less than 0? That's bad if(isset($update_query[$counter]) && $update_query[$counter] < 0) {	// Less than 0? That's bad if(isset($update_query[$counter]) && $update_query[$counter] < 0) {
Zeile 2805	Zeile 2863
* @return bool */ function delete_thread($tid)	* @return bool */ function delete_thread($tid)
{ global $moderation;	{ global $moderation;
if(!is_object($moderation)) { require_once MYBB_ROOT."inc/class_moderation.php";	if(!is_object($moderation)) { require_once MYBB_ROOT."inc/class_moderation.php";
Zeile 2835	Zeile 2893
return $moderation->delete_post($pid); }	return $moderation->delete_post($pid); }

/** * Builds a forum jump menu *	/** * Builds a forum jump menu *
Zeile 2863	Zeile 2921
} foreach($forum_cache as $fid => $forum)	} foreach($forum_cache as $fid => $forum)
{	{
if($forum['active'] != 0) { $jumpfcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum; } }	if($forum['active'] != 0) { $jumpfcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum; } }
}	}
if(!is_array($permissioncache)) { $permissioncache = forum_permissions(); } if(isset($jumpfcache[$pid]) && is_array($jumpfcache[$pid]))	if(!is_array($permissioncache)) { $permissioncache = forum_permissions(); } if(isset($jumpfcache[$pid]) && is_array($jumpfcache[$pid]))
{	{
foreach($jumpfcache[$pid] as $main) { foreach($main as $forum) { $perms = $permissioncache[$forum['fid']];	foreach($jumpfcache[$pid] as $main) { foreach($main as $forum) { $perms = $permissioncache[$forum['fid']];

if($forum['fid'] != "0" && ($perms['canview'] != 0 \|\| $mybb->settings['hideprivateforums'] == 0) && $forum['linkto'] == '' && ($forum['showinjump'] != 0 \|\| $showall == true)) { $optionselected = "";	if($forum['fid'] != "0" && ($perms['canview'] != 0 \|\| $mybb->settings['hideprivateforums'] == 0) && $forum['linkto'] == '' && ($forum['showinjump'] != 0 \|\| $showall == true)) { $optionselected = "";
Zeile 2891	Zeile 2949
if($selitem == $forum['fid']) { $optionselected = 'selected="selected"';	if($selitem == $forum['fid']) { $optionselected = 'selected="selected"';
}	}
$forum['name'] = htmlspecialchars_uni(strip_tags($forum['name']));	$forum['name'] = htmlspecialchars_uni(strip_tags($forum['name']));
Zeile 2918	Zeile 2976
$template = "advanced"; if(strpos(FORUM_URL, '.html') !== false)	$template = "advanced"; if(strpos(FORUM_URL, '.html') !== false)
{	{
$forum_link = "'".str_replace('{fid}', "'+option+'", FORUM_URL)."'"; } else	$forum_link = "'".str_replace('{fid}', "'+option+'", FORUM_URL)."'"; } else
Zeile 2926	Zeile 2984
$forum_link = "'".str_replace('{fid}', "'+option", FORUM_URL); } }	$forum_link = "'".str_replace('{fid}', "'+option", FORUM_URL); } }

eval("\$forumjump = \"".$templates->get("forumjump_".$template)."\";"); }	eval("\$forumjump = \"".$templates->get("forumjump_".$template)."\";"); }

return $forumjump;	return $forumjump;
}	}
/** * Returns the extension of a file. *	/** * Returns the extension of a file. *
Zeile 2946	Zeile 3004
/** * Generates a random string.	/** * Generates a random string.
*	*
* @param int $length The length of the string to generate. * @param bool $complex Whether to return complex string. Defaults to false * @return string The random string.	* @param int $length The length of the string to generate. * @param bool $complex Whether to return complex string. Defaults to false * @return string The random string.
Zeile 2975	Zeile 3033
{ $str[] = $set[my_rand(0, 61)]; }	{ $str[] = $set[my_rand(0, 61)]; }

// Make sure they're in random order and convert them to a string shuffle($str);	// Make sure they're in random order and convert them to a string shuffle($str);
Zeile 3028	Zeile 3086
*/ function format_avatar($avatar, $dimensions = '', $max_dimensions = '') {	*/ function format_avatar($avatar, $dimensions = '', $max_dimensions = '') {
global $mybb;	global $mybb, $theme;
static $avatars; if(!isset($avatars)) { $avatars = array();	static $avatars; if(!isset($avatars)) { $avatars = array();
	} if(my_strpos($avatar, '://') !== false && !$mybb->settings['allowremoteavatars']) { // Remote avatar, but remote avatars are disallowed. $avatar = null;
} if(!$avatar) { // Default avatar	} if(!$avatar) { // Default avatar
$avatar = $mybb->settings['useravatar'];	if(defined('IN_ADMINCP')) { $theme['imgdir'] = '../images'; } $avatar = str_replace('{theme}', $theme['imgdir'], $mybb->settings['useravatar']);
$dimensions = $mybb->settings['useravatardims']; }	$dimensions = $mybb->settings['useravatardims']; }
Zeile 3214	Zeile 3283
$emoticons_enabled = "false"; if($smilies) {	$emoticons_enabled = "false"; if($smilies) {
if($mybb->settings['smilieinserter'] && $mybb->settings['smilieinsertercols'] && $mybb->settings['smilieinsertertot']) { $emoticon = ",emoticon"; } $emoticons_enabled = "true";
if(!$smiliecache) { if(!isset($smilie_cache) \|\| !is_array($smilie_cache)) { $smilie_cache = $cache->read("smilies");	if(!$smiliecache) { if(!isset($smilie_cache) \|\| !is_array($smilie_cache)) { $smilie_cache = $cache->read("smilies");
}	}
foreach($smilie_cache as $smilie) { $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); $smiliecache[$smilie['sid']] = $smilie; } }	foreach($smilie_cache as $smilie) { $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); $smiliecache[$smilie['sid']] = $smilie; } }
	if($mybb->settings['smilieinserter'] && $mybb->settings['smilieinsertercols'] && $mybb->settings['smilieinsertertot'] && !empty($smiliecache)) { $emoticon = ",emoticon"; } $emoticons_enabled = "true";
unset($smilie);	unset($smilie);
Zeile 3256	Zeile 3325
if(!$mybb->settings['smilieinserter'] \|\| !$mybb->settings['smilieinsertercols'] \|\| !$mybb->settings['smilieinsertertot'] \|\| !$smilie['showclickable']) {	if(!$mybb->settings['smilieinserter'] \|\| !$mybb->settings['smilieinsertercols'] \|\| !$mybb->settings['smilieinsertertot'] \|\| !$smilie['showclickable']) {
$hiddensmilies .= '"'.$find.'": "'.$image.'",';	$hiddensmilies .= '"'.$find.'": "'.$image.'",';
} elseif($i < $mybb->settings['smilieinsertertot']) {	} elseif($i < $mybb->settings['smilieinsertertot']) {
Zeile 3367	Zeile 3436
} foreach($smilie_cache as $smilie) {	} foreach($smilie_cache as $smilie) {
if($smilie['showclickable'] != 0) { $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); $smiliecache[$smilie['sid']] = $smilie; }	$smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); $smiliecache[$smilie['sid']] = $smilie;
} }	} }
Zeile 3383	Zeile 3449
$getmore = ''; if($mybb->settings['smilieinsertertot'] >= $smiliecount)	$getmore = ''; if($mybb->settings['smilieinsertertot'] >= $smiliecount)
{	{
$mybb->settings['smilieinsertertot'] = $smiliecount; } else if($mybb->settings['smilieinsertertot'] < $smiliecount)	$mybb->settings['smilieinsertertot'] = $smiliecount; } else if($mybb->settings['smilieinsertertot'] < $smiliecount)
{	{
$smiliecount = $mybb->settings['smilieinsertertot']; eval("\$getmore = \"".$templates->get("smilieinsert_getmore")."\";"); }	$smiliecount = $mybb->settings['smilieinsertertot']; eval("\$getmore = \"".$templates->get("smilieinsert_getmore")."\";"); }
$smilies = "";	$smilies = '';
$counter = 0; $i = 0; $extra_class = ''; foreach($smiliecache as $smilie) {	$counter = 0; $i = 0; $extra_class = ''; foreach($smiliecache as $smilie) {
if($i < $mybb->settings['smilieinsertertot'])	if($i < $mybb->settings['smilieinsertertot'] && $smilie['showclickable'] != 0)
{	{
if($counter == 0) { $smilies .= "<tr>\n"; }
$smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image'])); $smilie['name'] = htmlspecialchars_uni($smilie['name']);	$smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image'])); $smilie['name'] = htmlspecialchars_uni($smilie['name']);

// Only show the first text to replace in the box $temp = explode("\n", $smilie['find']); // assign to temporary variable for php 5.3 compatibility $smilie['find'] = $temp[0];	// Only show the first text to replace in the box $temp = explode("\n", $smilie['find']); // assign to temporary variable for php 5.3 compatibility $smilie['find'] = $temp[0];
Zeile 3419	Zeile 3480
$onclick = " onclick=\"MyBBEditor.insertText(' $find ');\""; $extra_class = ' smilie_pointer'; eval('$smilie = "'.$templates->get('smilie', 1, 0).'";');	$onclick = " onclick=\"MyBBEditor.insertText(' $find ');\""; $extra_class = ' smilie_pointer'; eval('$smilie = "'.$templates->get('smilie', 1, 0).'";');
eval("\$smilies .= \"".$templates->get("smilieinsert_smilie")."\";");	eval("\$smilie_icons .= \"".$templates->get("smilieinsert_smilie")."\";");
++$i; ++$counter; if($counter == $mybb->settings['smilieinsertercols']) { $counter = 0;	++$i; ++$counter; if($counter == $mybb->settings['smilieinsertercols']) { $counter = 0;
$smilies .= "</tr>\n";	eval("\$smilies .= \"".$templates->get("smilieinsert_row")."\";"); $smilie_icons = '';
} } }	} } }
Zeile 3434	Zeile 3496
if($counter != 0) { $colspan = $mybb->settings['smilieinsertercols'] - $counter;	if($counter != 0) { $colspan = $mybb->settings['smilieinsertercols'] - $counter;
$smilies .= "<td colspan=\"{$colspan}\"> </td>\n</tr>\n";	eval("\$smilies .= \"".$templates->get("smilieinsert_row_empty")."\";");
} eval("\$clickablesmilies = \"".$templates->get("smilieinsert")."\";");	} eval("\$clickablesmilies = \"".$templates->get("smilieinsert")."\";");
Zeile 3505	Zeile 3567
} /**	} /**
* Build the thread prefix selection menu	* Build the thread prefix selection menu for the current user
* * @param int\|string $fid The forum ID (integer ID or string all) * @param int\|string $selected_pid The selected prefix ID (integer ID or string any) * @param int $multiple Allow multiple prefix selection	* * @param int\|string $fid The forum ID (integer ID or string all) * @param int\|string $selected_pid The selected prefix ID (integer ID or string any) * @param int $multiple Allow multiple prefix selection
	* @param int $previous_pid The previously selected prefix ID
* @return string The thread prefix selection menu */	* @return string The thread prefix selection menu */
function build_prefix_select($fid, $selected_pid=0, $multiple=0)	function build_prefix_select($fid, $selected_pid=0, $multiple=0, $previous_pid=0)
{ global $cache, $db, $lang, $mybb, $templates;	{ global $cache, $db, $lang, $mybb, $templates;
Zeile 3524	Zeile 3587
$prefix_cache = build_prefixes(0); if(empty($prefix_cache)) {	$prefix_cache = build_prefixes(0); if(empty($prefix_cache)) {
return false; // We've got no prefixes to show } $groups = array($mybb->user['usergroup']); if($mybb->user['additionalgroups']) { $exp = explode(",", $mybb->user['additionalgroups']); foreach($exp as $group) { $groups[] = $group; }	// We've got no prefixes to show return '';
} // Go through each of our prefixes and decide which ones we can use	} // Go through each of our prefixes and decide which ones we can use
Zeile 3546	Zeile 3599
{ // Decide whether this prefix can be used in our forum $forums = explode(",", $prefix['forums']);	{ // Decide whether this prefix can be used in our forum $forums = explode(",", $prefix['forums']);
if(!in_array($fid, $forums)) {	if(!in_array($fid, $forums) && $prefix['pid'] != $previous_pid) {
// This prefix is not in our forum list continue; } }	// This prefix is not in our forum list continue; } }
if($prefix['groups'] != "-1") { $prefix_groups = explode(",", $prefix['groups']); foreach($groups as $group) { if(in_array($group, $prefix_groups) && !isset($prefixes[$prefix['pid']])) { // Our group can use this prefix! $prefixes[$prefix['pid']] = $prefix; } } } else	if(is_member($prefix['groups']) \|\| $prefix['pid'] == $previous_pid)
{	{
// This prefix is for anybody to use...	// The current user can use this prefix
$prefixes[$prefix['pid']] = $prefix; } } if(empty($prefixes)) {	$prefixes[$prefix['pid']] = $prefix; } } if(empty($prefixes)) {
return false;	return '';
}	}

$prefixselect = $prefixselect_prefix = ''; if($multiple == 1) { $any_selected = ""; if($selected_pid == 'any')	$prefixselect = $prefixselect_prefix = ''; if($multiple == 1) { $any_selected = ""; if($selected_pid == 'any')
{	{
$any_selected = " selected=\"selected\""; }	$any_selected = " selected=\"selected\""; }
}	}
$default_selected = ""; if(((int)$selected_pid == 0) && $selected_pid != 'any')	$default_selected = ""; if(((int)$selected_pid == 0) && $selected_pid != 'any')
{	{
$default_selected = " selected=\"selected\""; } foreach($prefixes as $prefix)	$default_selected = " selected=\"selected\""; } foreach($prefixes as $prefix)
{	{
$selected = ""; if($prefix['pid'] == $selected_pid) {	$selected = ""; if($prefix['pid'] == $selected_pid) {
Zeile 3609	Zeile 3649
} if($multiple != 0)	} if($multiple != 0)
{	{
eval("\$prefixselect = \"".$templates->get("post_prefixselect_multiple")."\";"); } else	eval("\$prefixselect = \"".$templates->get("post_prefixselect_multiple")."\";"); } else
Zeile 3621	Zeile 3661
} /**	} /**
* Build the thread prefix selection menu for a forum	* Build the thread prefix selection menu for a forum without group permission checks
* * @param int $fid The forum ID (integer ID) * @param int $selected_pid The selected prefix ID (integer ID)	* * @param int $fid The forum ID (integer ID) * @param int $selected_pid The selected prefix ID (integer ID)
	* @return string The thread prefix selection menu
*/ function build_forum_prefix_select($fid, $selected_pid=0) {	*/ function build_forum_prefix_select($fid, $selected_pid=0) {
Zeile 3635	Zeile 3676
$prefix_cache = build_prefixes(0); if(empty($prefix_cache)) {	$prefix_cache = build_prefixes(0); if(empty($prefix_cache)) {
return false; // We've got no prefixes to show	// We've got no prefixes to show return '';
} // Go through each of our prefixes and decide which ones we can use	} // Go through each of our prefixes and decide which ones we can use
Zeile 3643	Zeile 3685
foreach($prefix_cache as $prefix) { if($prefix['forums'] != "-1")	foreach($prefix_cache as $prefix) { if($prefix['forums'] != "-1")
{	{
// Decide whether this prefix can be used in our forum $forums = explode(",", $prefix['forums']);	// Decide whether this prefix can be used in our forum $forums = explode(",", $prefix['forums']);
Zeile 3662	Zeile 3704
if(empty($prefixes)) {	if(empty($prefixes)) {
return false;	return '';
} $default_selected = array(); $selected_pid = (int)$selected_pid;	} $default_selected = array(); $selected_pid = (int)$selected_pid;

if($selected_pid == 0) { $default_selected['all'] = ' selected="selected"';	if($selected_pid == 0) { $default_selected['all'] = ' selected="selected"';
Zeile 3778	Zeile 3820
{ $pid = (int)$data['pid']; unset($data['pid']);	{ $pid = (int)$data['pid']; unset($data['pid']);
	} $tids = array(); if(isset($data['tids'])) { $tids = (array)$data['tids']; unset($data['tids']);
} // Any remaining extra data - we my_serialize and insert in to its own column	} // Any remaining extra data - we my_serialize and insert in to its own column
Zeile 3796	Zeile 3845
"data" => $db->escape_string($data), "ipaddress" => $db->escape_binary($session->packedip) );	"data" => $db->escape_string($data), "ipaddress" => $db->escape_binary($session->packedip) );
$db->insert_query("moderatorlog", $sql_array);	if($tids) { $multiple_sql_array = array(); foreach($tids as $tid) { $sql_array['tid'] = (int)$tid; $multiple_sql_array[] = $sql_array; } $db->insert_query_multiple("moderatorlog", $multiple_sql_array); } else { $db->insert_query("moderatorlog", $sql_array); }
} /** * Get the formatted reputation for a user.	} /** * Get the formatted reputation for a user.
*	*
* @param int $reputation The reputation value * @param int $uid The user ID (if not specified, the generated reputation will not be a link) * @return string The formatted repuation	* @param int $reputation The reputation value * @param int $uid The user ID (if not specified, the generated reputation will not be a link) * @return string The formatted repuation
Zeile 3823	Zeile 3888
{ $reputation_class = "reputation_neutral"; }	{ $reputation_class = "reputation_neutral"; }

$reputation = my_number_format($reputation); if($uid != 0)	$reputation = my_number_format($reputation); if($uid != 0)
{	{
eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted_link")."\";"); } else { eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted")."\";");	eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted_link")."\";"); } else { eval("\$display_reputation = \"".$templates->get("postbit_reputation_formatted")."\";");
}	}
return $display_reputation; }	return $display_reputation; }
Zeile 3864	Zeile 3929
else { $warning_class = "normal_warning";	else { $warning_class = "normal_warning";
}	}
eval("\$level = \"".$templates->get("postbit_warninglevel_formatted")."\";"); return $level; }	eval("\$level = \"".$templates->get("postbit_warninglevel_formatted")."\";"); return $level; }

/** * Fetch the IP address of the current user. *	/** * Fetch the IP address of the current user. *
Zeile 3879	Zeile 3944
{ global $mybb, $plugins;	{ global $mybb, $plugins;
$ip = strtolower($_SERVER['REMOTE_ADDR']);	$ip = strtolower($_SERVER['REMOTE_ADDR']);
if($mybb->settings['ip_forwarded_check']) { $addresses = array();	if($mybb->settings['ip_forwarded_check']) { $addresses = array();
Zeile 3892	Zeile 3957
elseif(isset($_SERVER['HTTP_X_REAL_IP'])) { $addresses = explode(',', strtolower($_SERVER['HTTP_X_REAL_IP']));	elseif(isset($_SERVER['HTTP_X_REAL_IP'])) { $addresses = explode(',', strtolower($_SERVER['HTTP_X_REAL_IP']));
}	}
if(is_array($addresses)) {	if(is_array($addresses)) {
Zeile 3906	Zeile 3971
break; } }	break; } }
} }	} }
if(!$ip) {	if(!$ip) {
Zeile 3921	Zeile 3986
{ $ip_array = array("ip" => &$ip); // Used for backwards compatibility on this hook with the updated run_hooks() function. $plugins->run_hooks("get_ip", $ip_array);	{ $ip_array = array("ip" => &$ip); // Used for backwards compatibility on this hook with the updated run_hooks() function. $plugins->run_hooks("get_ip", $ip_array);
}	}
return $ip; }	return $ip; }
Zeile 3950	Zeile 4015
elseif($size >= 1180591620717411303424) { $size = my_number_format(round(($size / 1180591620717411303424), 2))." ".$lang->size_zb;	elseif($size >= 1180591620717411303424) { $size = my_number_format(round(($size / 1180591620717411303424), 2))." ".$lang->size_zb;
}	}
// Exabyte (1024 Petabytes) elseif($size >= 1152921504606846976) {	// Exabyte (1024 Petabytes) elseif($size >= 1152921504606846976) {
Zeile 3958	Zeile 4023
} // Petabyte (1024 Terabytes) elseif($size >= 1125899906842624)	} // Petabyte (1024 Terabytes) elseif($size >= 1125899906842624)
{	{
$size = my_number_format(round(($size / 1125899906842624), 2))." ".$lang->size_pb; } // Terabyte (1024 Gigabytes) elseif($size >= 1099511627776) { $size = my_number_format(round(($size / 1099511627776), 2))." ".$lang->size_tb;	$size = my_number_format(round(($size / 1125899906842624), 2))." ".$lang->size_pb; } // Terabyte (1024 Gigabytes) elseif($size >= 1099511627776) { $size = my_number_format(round(($size / 1099511627776), 2))." ".$lang->size_tb;
}	}
// Gigabyte (1024 Megabytes) elseif($size >= 1073741824) {	// Gigabyte (1024 Megabytes) elseif($size >= 1073741824) {
Zeile 3980	Zeile 4045
elseif($size >= 1024) { $size = my_number_format(round(($size / 1024), 2))." ".$lang->size_kb;	elseif($size >= 1024) { $size = my_number_format(round(($size / 1024), 2))." ".$lang->size_kb;
}	}
elseif($size == 0) { $size = "0 ".$lang->size_bytes;	elseif($size == 0) { $size = "0 ".$lang->size_bytes;
Zeile 4022	Zeile 4087
} return $time;	} return $time;
}	}
/** * Get the attachment icon for a specific file extension *	/** * Get the attachment icon for a specific file extension *
Zeile 4037	Zeile 4102
if(!$attachtypes) { $attachtypes = $cache->read("attachtypes");	if(!$attachtypes) { $attachtypes = $cache->read("attachtypes");
}	}
$ext = my_strtolower($ext);	$ext = my_strtolower($ext);
Zeile 4052	Zeile 4117
$attach_icons_schemes[$ext] = $attachtypes[$ext]['icon']; } elseif(defined("IN_ADMINCP"))	$attach_icons_schemes[$ext] = $attachtypes[$ext]['icon']; } elseif(defined("IN_ADMINCP"))
{	{
$attach_icons_schemes[$ext] = str_replace("{theme}", "", $attachtypes[$ext]['icon']); if(my_substr($attach_icons_schemes[$ext], 0, 1) != "/") {	$attach_icons_schemes[$ext] = str_replace("{theme}", "", $attachtypes[$ext]['icon']); if(my_substr($attach_icons_schemes[$ext], 0, 1) != "/") {
Zeile 4081	Zeile 4146
if(defined("IN_ADMINCP")) { $theme['imgdir'] = "../images";	if(defined("IN_ADMINCP")) { $theme['imgdir'] = "../images";
}	}
else if(defined("IN_PORTAL")) { global $change_dir; $theme['imgdir'] = "{$change_dir}/images"; }	else if(defined("IN_PORTAL")) { global $change_dir; $theme['imgdir'] = "{$change_dir}/images"; }

$icon = "{$theme['imgdir']}/attachtypes/unknown.png"; $name = $lang->unknown; }	$icon = "{$theme['imgdir']}/attachtypes/unknown.png"; $name = $lang->unknown; }

$icon = htmlspecialchars_uni($icon); eval("\$attachment_icon = \"".$templates->get("attachment_icon")."\";"); return $attachment_icon;	$icon = htmlspecialchars_uni($icon); eval("\$attachment_icon = \"".$templates->get("attachment_icon")."\";"); return $attachment_icon;
}	}
/** * Get a list of the unviewable forums for the current user *	/** * Get a list of the unviewable forums for the current user *
Zeile 4111	Zeile 4176
if(!is_array($forum_cache)) { cache_forums();	if(!is_array($forum_cache)) { cache_forums();
}	}
if(!is_array($permissioncache)) {	if(!is_array($permissioncache)) {
Zeile 4135	Zeile 4200
if($forum['password'] != "") { if($mybb->cookies['forumpass'][$forum['fid']] !== md5($mybb->user['uid'].$forum['password']))	if($forum['password'] != "") { if($mybb->cookies['forumpass'][$forum['fid']] !== md5($mybb->user['uid'].$forum['password']))
{	{
$pwverified = 0; }	$pwverified = 0; }
Zeile 4159	Zeile 4224
$unviewable[] = $forum['fid']; } }	$unviewable[] = $forum['fid']; } }

$unviewableforums = implode(',', $unviewable);	$unviewableforums = implode(',', $unviewable);

return $unviewableforums; }	return $unviewableforums; }
Zeile 4330	Zeile 4395
else { $navbits[$navsize]['url'] = get_forum_link($forumnav['fid']);	else { $navbits[$navsize]['url'] = get_forum_link($forumnav['fid']);
} }	} }
} }	} }
Zeile 4571	Zeile 4636
switch($type) { case "posts":	switch($type) { case "posts":
if(is_array($id)) { $rids = implode($id, "','");	if(is_array($id)) { $rids = implode($id, "','");
$rids = "'0','$rids'"; $db->update_query("reportedcontent", array('reportstatus' => 1), "id IN($rids) AND reportstatus='0' AND (type = 'post' OR type = '')");	$rids = "'0','$rids'"; $db->update_query("reportedcontent", array('reportstatus' => 1), "id IN($rids) AND reportstatus='0' AND (type = 'post' OR type = '')");
} break;	} break;
case "post": $db->update_query("reportedcontent", array('reportstatus' => 1), "id='$id' AND reportstatus='0' AND (type = 'post' OR type = '')"); break;	case "post": $db->update_query("reportedcontent", array('reportstatus' => 1), "id='$id' AND reportstatus='0' AND (type = 'post' OR type = '')"); break;
Zeile 4588	Zeile 4653
$rids = "'0','$rids'"; $db->update_query("reportedcontent", array('reportstatus' => 1), "id2 IN($rids) AND reportstatus='0' AND (type = 'post' OR type = '')"); }	$rids = "'0','$rids'"; $db->update_query("reportedcontent", array('reportstatus' => 1), "id2 IN($rids) AND reportstatus='0' AND (type = 'post' OR type = '')"); }
break;	break;
case "thread": $db->update_query("reportedcontent", array('reportstatus' => 1), "id2='$id' AND reportstatus='0' AND (type = 'post' OR type = '')"); break;	case "thread": $db->update_query("reportedcontent", array('reportstatus' => 1), "id2='$id' AND reportstatus='0' AND (type = 'post' OR type = '')"); break;
Zeile 4672	Zeile 4737
$stamp %= $msecs; $seconds = $stamp;	$stamp %= $msecs; $seconds = $stamp;
if($years == 1) { $nicetime['years'] = "1".$lang_year; } else if($years > 1) { $nicetime['years'] = $years.$lang_years; } if($months == 1)	// Prevent gross over accuracy ($options parameter will override these) if($years > 0)
{	{
$nicetime['months'] = "1".$lang_month;	$options = array_merge(array( 'days' => false, 'hours' => false, 'minutes' => false, 'seconds' => false ), $options);
}	}
else if($months > 1)	elseif($months > 0)
{	{
$nicetime['months'] = $months.$lang_months;	$options = array_merge(array( 'hours' => false, 'minutes' => false, 'seconds' => false ), $options);
}	}
if($weeks == 1) { $nicetime['weeks'] = "1".$lang_week; } else if($weeks > 1)	elseif($weeks > 0)
{	{
$nicetime['weeks'] = $weeks.$lang_weeks;	$options = array_merge(array( 'minutes' => false, 'seconds' => false ), $options); } elseif($days > 0) { $options = array_merge(array( 'seconds' => false ), $options); } if(!isset($options['years']) \|\| $options['years'] !== false) { if($years == 1) { $nicetime['years'] = "1".$lang_year; } else if($years > 1) { $nicetime['years'] = $years.$lang_years; } } if(!isset($options['months']) \|\| $options['months'] !== false) { if($months == 1) { $nicetime['months'] = "1".$lang_month; } else if($months > 1) { $nicetime['months'] = $months.$lang_months; } } if(!isset($options['weeks']) \|\| $options['weeks'] !== false) { if($weeks == 1) { $nicetime['weeks'] = "1".$lang_week; } else if($weeks > 1) { $nicetime['weeks'] = $weeks.$lang_weeks; }
}	}
if($days == 1)	if(!isset($options['days']) \|\| $options['days'] !== false)
{	{
$nicetime['days'] = "1".$lang_day; } else if($days > 1) { $nicetime['days'] = $days.$lang_days;	if($days == 1) { $nicetime['days'] = "1".$lang_day; } else if($days > 1) { $nicetime['days'] = $days.$lang_days; }
} if(!isset($options['hours']) \|\| $options['hours'] !== false)	} if(!isset($options['hours']) \|\| $options['hours'] !== false)
Zeile 4837	Zeile 4946
{ global $db, $mybb, $cache;	{ global $db, $mybb, $cache;
if($uid == $mybb->user['uid']) { $user = $mybb->user; } else { $user = get_user($uid); }	$user = get_user($uid);
$groupslist = $comma = ''; $usergroups = $user['additionalgroups'].","; $donegroup = array();	$groupslist = $comma = ''; $usergroups = $user['additionalgroups'].","; $donegroup = array();

$groups = explode(",", $user['additionalgroups']); if(is_array($groups))	$groups = explode(",", $user['additionalgroups']); if(is_array($groups))
Zeile 4857	Zeile 4959
foreach($groups as $gid) { if(trim($gid) != "" && $leavegroup != $gid && empty($donegroup[$gid]))	foreach($groups as $gid) { if(trim($gid) != "" && $leavegroup != $gid && empty($donegroup[$gid]))
{	{
$groupslist .= $comma.$gid; $comma = ","; $donegroup[$gid] = 1;	$groupslist .= $comma.$gid; $comma = ","; $donegroup[$gid] = 1;
Zeile 4898	Zeile 5000
if(!empty($_SERVER['SCRIPT_NAME'])) { $location = htmlspecialchars_uni($_SERVER['SCRIPT_NAME']);	if(!empty($_SERVER['SCRIPT_NAME'])) { $location = htmlspecialchars_uni($_SERVER['SCRIPT_NAME']);
}	}
elseif(!empty($_SERVER['PHP_SELF']))	elseif(!empty($_SERVER['PHP_SELF']))
{	{
$location = htmlspecialchars_uni($_SERVER['PHP_SELF']);	$location = htmlspecialchars_uni($_SERVER['PHP_SELF']);
}	}
elseif(!empty($_ENV['PHP_SELF'])) { $location = htmlspecialchars_uni($_ENV['PHP_SELF']);	elseif(!empty($_ENV['PHP_SELF'])) { $location = htmlspecialchars_uni($_ENV['PHP_SELF']);
}	}
elseif(!empty($_SERVER['PATH_INFO']))	elseif(!empty($_SERVER['PATH_INFO']))
{	{
$location = htmlspecialchars_uni($_SERVER['PATH_INFO']);	$location = htmlspecialchars_uni($_SERVER['PATH_INFO']);
} else {	} else {
$location = htmlspecialchars_uni($_ENV['PATH_INFO']); }	$location = htmlspecialchars_uni($_ENV['PATH_INFO']); }

if($quick) { return $location;	if($quick) { return $location;
Zeile 4939	Zeile 5041
{ continue; }	{ continue; }

$form_html .= "<input type=\"hidden\" name=\"".htmlspecialchars_uni($name)."\" value=\"".htmlspecialchars_uni($value)."\" />\n"; } }	$form_html .= "<input type=\"hidden\" name=\"".htmlspecialchars_uni($name)."\" value=\"".htmlspecialchars_uni($value)."\" />\n"; } }
Zeile 4949	Zeile 5051
else { if(isset($_SERVER['QUERY_STRING']))	else { if(isset($_SERVER['QUERY_STRING']))
{	{
$location .= "?".htmlspecialchars_uni($_SERVER['QUERY_STRING']); } else if(isset($_ENV['QUERY_STRING']))	$location .= "?".htmlspecialchars_uni($_SERVER['QUERY_STRING']); } else if(isset($_ENV['QUERY_STRING']))
{	{
$location .= "?".htmlspecialchars_uni($_ENV['QUERY_STRING']); }	$location .= "?".htmlspecialchars_uni($_ENV['QUERY_STRING']); }

if((isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == "POST") \|\| (isset($_ENV['REQUEST_METHOD']) && $_ENV['REQUEST_METHOD'] == "POST")) { $post_array = array('action', 'fid', 'pid', 'tid', 'uid', 'eid');	if((isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == "POST") \|\| (isset($_ENV['REQUEST_METHOD']) && $_ENV['REQUEST_METHOD'] == "POST")) { $post_array = array('action', 'fid', 'pid', 'tid', 'uid', 'eid');
Zeile 4966	Zeile 5068
if(isset($_POST[$var])) { $addloc[] = urlencode($var).'='.urlencode($_POST[$var]);	if(isset($_POST[$var])) { $addloc[] = urlencode($var).'='.urlencode($_POST[$var]);
} }	} }
if(isset($addloc) && is_array($addloc)) { if(strpos($location, "?") === false)	if(isset($addloc) && is_array($addloc)) { if(strpos($location, "?") === false)
{	{
$location .= "?";	$location .= "?";
}	}
else { $location .= "&"; } $location .= implode("&", $addloc);	else { $location .= "&"; } $location .= implode("&", $addloc);
} }	} }
return $location; } }	return $location; } }
Zeile 5026	Zeile 5128
} if(is_array($tcache[$tid]))	} if(is_array($tcache[$tid]))
{ // Figure out what groups this user is in if(isset($mybb->user['additionalgroups'])) { $in_groups = explode(",", $mybb->user['additionalgroups']); } $in_groups[] = $mybb->user['usergroup'];	{
foreach($tcache[$tid] as $theme) { $sel = "";	foreach($tcache[$tid] as $theme) { $sel = "";
Zeile 5062	Zeile 5157
} if($tid == 1 && ($num_themes > 1 \|\| $count_override == true))	} if($tid == 1 && ($num_themes > 1 \|\| $count_override == true))
{	{
if($footer == true)	if($footer == true)
{	{
eval("\$themeselect = \"".$templates->get("footer_themeselector")."\";");	eval("\$themeselect = \"".$templates->get("footer_themeselector")."\";");
}	}
else { eval("\$themeselect = \"".$templates->get("usercp_themeselector")."\";"); } return $themeselect;	else { eval("\$themeselect = \"".$templates->get("usercp_themeselector")."\";"); } return $themeselect;
}	}
else { return false;	else { return false;
} }	} }
/** * Get the theme data of a theme id.	/** * Get the theme data of a theme id.
Zeile 5318	Zeile 5413
/** * DEPRECATED! Please use mktime()! * Formats a birthday appropriately	/** * DEPRECATED! Please use mktime()! * Formats a birthday appropriately
* * @deprecated	* * @deprecated
* @param string $display The PHP date format string * @param int $bm The month of the birthday * @param int $bd The day of the birthday	* @param string $display The PHP date format string * @param int $bm The month of the birthday * @param int $bd The day of the birthday
Zeile 5561	Zeile 5656
/** * Cuts a string at a specified point, mb strings accounted for	/** * Cuts a string at a specified point, mb strings accounted for
*	*
* @param string $string The string to cut. * @param int $start Where to cut * @param int $length (optional) How much to cut	* @param string $string The string to cut. * @param int $start Where to cut * @param int $length (optional) How much to cut
Zeile 5680	Zeile 5775
function unhtmlentities($string) { // Replace numeric entities	function unhtmlentities($string) { // Replace numeric entities
$string = preg_replace_callback('~&#x([0-9a-f]+);~i', create_function('$matches', 'return unichr(hexdec($matches[1]));'), $string); $string = preg_replace_callback('~&#([0-9]+);~', create_function('$matches', 'return unichr($matches[1]);'), $string);	$string = preg_replace_callback('~&#x([0-9a-f]+);~i', 'unichr_callback1', $string); $string = preg_replace_callback('~&#([0-9]+);~', 'unichr_callback2', $string);
// Replace literal entities $trans_tbl = get_html_translation_table(HTML_ENTITIES);	// Replace literal entities $trans_tbl = get_html_translation_table(HTML_ENTITIES);
Zeile 5721	Zeile 5816
{ return false; }	{ return false; }
	} /** * Returns any ascii to it's character (utf-8 safe). * * @param array $matches Matches. * @return string\|bool The characterized ascii. False on failure / function unichr_callback1($matches) { return unichr(hexdec($matches[1])); } /* * Returns any ascii to it's character (utf-8 safe). * * @param array $matches Matches. * @return string\|bool The characterized ascii. False on failure */ function unichr_callback2($matches) { return unichr($matches[1]);
} /**	} /**
Zeile 5731	Zeile 5848
*/ function get_event_poster($event) {	*/ function get_event_poster($event) {
	$event['username'] = htmlspecialchars_uni($event['username']);
$event['username'] = format_name($event['username'], $event['usergroup'], $event['displaygroup']); $event_poster = build_profile_link($event['username'], $event['author']); return $event_poster;	$event['username'] = format_name($event['username'], $event['usergroup'], $event['displaygroup']); $event_poster = build_profile_link($event['username'], $event['author']); return $event_poster;
}	}
/** * Get the event date.	/** * Get the event date.
Zeile 5747	Zeile 5865
global $mybb; $event_date = explode("-", $event['date']);	global $mybb; $event_date = explode("-", $event['date']);
$event_date = mktime(0, 0, 0, $event_date[1], $event_date[0], $event_date[2]);	$event_date = gmmktime(0, 0, 0, $event_date[1], $event_date[0], $event_date[2]);
$event_date = my_date($mybb->settings['dateformat'], $event_date); return $event_date;	$event_date = my_date($mybb->settings['dateformat'], $event_date); return $event_date;
Zeile 5755	Zeile 5873
/** * Get the profile link.	/** * Get the profile link.
*	*
* @param int $uid The user id of the profile. * @return string The url to the profile. */ function get_profile_link($uid=0) { $link = str_replace("{uid}", $uid, PROFILE_URL);	* @param int $uid The user id of the profile. * @return string The url to the profile. */ function get_profile_link($uid=0) { $link = str_replace("{uid}", $uid, PROFILE_URL);
return htmlspecialchars_uni($link); } /**	return htmlspecialchars_uni($link); } /**
* Get the announcement link. * * @param int $aid The announement id of the announcement.	* Get the announcement link. * * @param int $aid The announement id of the announcement.
Zeile 5776	Zeile 5894
$link = str_replace("{aid}", $aid, ANNOUNCEMENT_URL); return htmlspecialchars_uni($link); }	$link = str_replace("{aid}", $aid, ANNOUNCEMENT_URL); return htmlspecialchars_uni($link); }

/** * Build the profile link. *	/** * Build the profile link. *
Zeile 5793	Zeile 5911
if(!$username && $uid == 0) { // Return Guest phrase for no UID, no guest nickname	if(!$username && $uid == 0) { // Return Guest phrase for no UID, no guest nickname
return $lang->guest;	return htmlspecialchars_uni($lang->guest);
} elseif($uid == 0) {	} elseif($uid == 0) {
Zeile 5806	Zeile 5924
if(!empty($target)) { $target = " target=\"{$target}\"";	if(!empty($target)) { $target = " target=\"{$target}\"";
}	}
if(!empty($onclick)) { $onclick = " onclick=\"{$onclick}\"";	if(!empty($onclick)) { $onclick = " onclick=\"{$onclick}\"";
Zeile 5823	Zeile 5941
* @param int $fid The forum id of the forum. * @param int $page (Optional) The page number of the forum. * @return string The url to the forum.	* @param int $fid The forum id of the forum. * @param int $page (Optional) The page number of the forum. * @return string The url to the forum.
*/	*/
function get_forum_link($fid, $page=0) { if($page > 0)	function get_forum_link($fid, $page=0) { if($page > 0)
{	{
$link = str_replace("{fid}", $fid, FORUM_URL_PAGED); $link = str_replace("{page}", $page, $link);	$link = str_replace("{fid}", $fid, FORUM_URL_PAGED); $link = str_replace("{page}", $page, $link);
return htmlspecialchars_uni($link); }	return htmlspecialchars_uni($link); }
else { $link = str_replace("{fid}", $fid, FORUM_URL);	else { $link = str_replace("{fid}", $fid, FORUM_URL);
return htmlspecialchars_uni($link); } }	return htmlspecialchars_uni($link); } }
/** * Build the thread link. *	/** * Build the thread link. *
Zeile 5850	Zeile 5968
function get_thread_link($tid, $page=0, $action='') { if($page > 1)	function get_thread_link($tid, $page=0, $action='') { if($page > 1)
{ if($action) { $link = THREAD_URL_ACTION;	{ if($action) { $link = THREAD_URL_ACTION;
$link = str_replace("{action}", $action, $link); } else	$link = str_replace("{action}", $action, $link); } else
Zeile 5928	Zeile 6046
if($day > 0) { $link = str_replace("{month}", $month, CALENDAR_URL_DAY);	if($day > 0) { $link = str_replace("{month}", $month, CALENDAR_URL_DAY);
$link = str_replace("{year}", $year, $link);	$link = str_replace("{year}", $year, $link);
$link = str_replace("{day}", $day, $link);	$link = str_replace("{day}", $day, $link);
$link = str_replace("{calendar}", $calendar, $link); return htmlspecialchars_uni($link); }	$link = str_replace("{calendar}", $calendar, $link); return htmlspecialchars_uni($link); }
else if($month > 0) { $link = str_replace("{month}", $month, CALENDAR_URL_MONTH);	else if($month > 0) { $link = str_replace("{month}", $month, CALENDAR_URL_MONTH);
Zeile 5942	Zeile 6060
} /* Not implemented else if($year > 0)	} /* Not implemented else if($year > 0)
{	{
}*/ else {	}*/ else {
Zeile 5957	Zeile 6075
* @param int $calendar The ID of the calendar * @param int $week The week * @return string The URL of the calendar	* @param int $calendar The ID of the calendar * @param int $week The week * @return string The URL of the calendar
*/	*/
function get_calendar_week_link($calendar, $week) { if($week < 0)	function get_calendar_week_link($calendar, $week) { if($week < 0)
Zeile 5985	Zeile 6103
if(!empty($mybb->user) && $uid == $mybb->user['uid']) { return $mybb->user;	if(!empty($mybb->user) && $uid == $mybb->user['uid']) { return $mybb->user;
} elseif(isset($user_cache[$uid])) {	} elseif(isset($user_cache[$uid])) {
return $user_cache[$uid]; } elseif($uid > 0)	return $user_cache[$uid]; } elseif($uid > 0)
Zeile 6016	Zeile 6134
if(!isset($options['username_method'])) { $options['username_method'] = 0;	if(!isset($options['username_method'])) { $options['username_method'] = 0;
}	}
switch($db->type) { case 'mysql':	switch($db->type) { case 'mysql':
Zeile 6032	Zeile 6150
} switch($options['username_method'])	} switch($options['username_method'])
{	{
case 1: $sqlwhere = "{$efield}='{$username}'"; break; case 2: $sqlwhere = "{$field}='{$username}' OR {$efield}='{$username}'";	case 1: $sqlwhere = "{$efield}='{$username}'"; break; case 2: $sqlwhere = "{$field}='{$username}' OR {$efield}='{$username}'";
break;	break;
default: $sqlwhere = "{$field}='{$username}'"; break;	default: $sqlwhere = "{$field}='{$username}'"; break;
}	}
$fields = array('uid'); if(isset($options['fields'])) { $fields = array_merge((array)$options['fields'], $fields);	$fields = array('uid'); if(isset($options['fields'])) { $fields = array_merge((array)$options['fields'], $fields);
} $query = $db->simple_select('users', implode(',', array_unique($fields)), $sqlwhere, array('limit' => 1));	} $query = $db->simple_select('users', implode(',', array_unique($fields)), $sqlwhere, array('limit' => 1));
if(isset($options['exists'])) {	if(isset($options['exists'])) {
Zeile 6062	Zeile 6180
/** * Get the forum of a specific forum id.	/** * Get the forum of a specific forum id.
*	*
* @param int $fid The forum id of the forum. * @param int $active_override (Optional) If set to 1, will override the active forum status * @return array\|bool The database row of a forum. False on failure	* @param int $fid The forum id of the forum. * @param int $active_override (Optional) If set to 1, will override the active forum status * @return array\|bool The database row of a forum. False on failure
Zeile 6106	Zeile 6224
* @param int $tid The thread id of the thread. * @param boolean $recache Whether or not to recache the thread. * @return array\|bool The database row of the thread. False on failure	* @param int $tid The thread id of the thread. * @param boolean $recache Whether or not to recache the thread. * @return array\|bool The database row of the thread. False on failure
*/	*/
function get_thread($tid, $recache = false) { global $db;	function get_thread($tid, $recache = false) { global $db;
Zeile 6166	Zeile 6284
else { $post_cache[$pid] = false;	else { $post_cache[$pid] = false;
return false; } } }	return false; } } }
/** * Get inactivate forums. *	/** * Get inactivate forums. *
Zeile 6183	Zeile 6301
if(!$forum_cache) { cache_forums();	if(!$forum_cache) { cache_forums();
} $inactive = array();	} $inactive = array();
foreach($forum_cache as $fid => $forum) {	foreach($forum_cache as $fid => $forum) {
Zeile 6198	Zeile 6316
{ $inactive[] = $fid1; }	{ $inactive[] = $fid1; }
} } } $inactiveforums = implode(",", $inactive);	} } } $inactiveforums = implode(",", $inactive);
return $inactiveforums; }	return $inactiveforums; }
Zeile 6216	Zeile 6334
function login_attempt_check($fatal = true) { global $mybb, $lang, $session, $db;	function login_attempt_check($fatal = true) { global $mybb, $lang, $session, $db;

if($mybb->settings['failedlogincount'] == 0)	if($mybb->settings['failedlogincount'] == 0)
{	{
return 1; } // Note: Number of logins is defaulted to 1, because using 0 seems to clear cookie data. Not really a problem as long as we account for 1 being default.	return 1; } // Note: Number of logins is defaulted to 1, because using 0 seems to clear cookie data. Not really a problem as long as we account for 1 being default.

// Use cookie if possible, otherwise use session // Find better solution to prevent clearing cookies $loginattempts = 0;	// Use cookie if possible, otherwise use session // Find better solution to prevent clearing cookies $loginattempts = 0;
Zeile 6231	Zeile 6349
if(!empty($mybb->cookies['loginattempts'])) { $loginattempts = $mybb->cookies['loginattempts'];	if(!empty($mybb->cookies['loginattempts'])) { $loginattempts = $mybb->cookies['loginattempts'];
}	}
if(!empty($mybb->cookies['failedlogin'])) { $failedlogin = $mybb->cookies['failedlogin']; }	if(!empty($mybb->cookies['failedlogin'])) { $failedlogin = $mybb->cookies['failedlogin']; }

// Work out if the user has had more than the allowed number of login attempts if($loginattempts > $mybb->settings['failedlogincount']) {	// Work out if the user has had more than the allowed number of login attempts if($loginattempts > $mybb->settings['failedlogincount']) {
Zeile 6246	Zeile 6364
$now = TIME_NOW; if(empty($mybb->cookies['failedlogin']))	$now = TIME_NOW; if(empty($mybb->cookies['failedlogin']))
{	{
$failedtime = $now;	$failedtime = $now;
}	}
else { $failedtime = $mybb->cookies['failedlogin'];	else { $failedtime = $mybb->cookies['failedlogin'];
Zeile 6261	Zeile 6379
// This value will be empty the first time the user doesn't login in, set it if(empty($failedlogin))	// This value will be empty the first time the user doesn't login in, set it if(empty($failedlogin))
{	{
my_setcookie('failedlogin', $now); if($fatal) {	my_setcookie('failedlogin', $now); if($fatal) {
Zeile 6291	Zeile 6409
if($fatal) { error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft));	if($fatal) { error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft));
}	}
return false; } } // User can attempt another login return $loginattempts;	return false; } } // User can attempt another login return $loginattempts;
}	}
/** * Validates the format of an email address.	/** * Validates the format of an email address.
Zeile 6308	Zeile 6426
* @return boolean True when valid, false when invalid. */ function validate_email_format($email)	* @return boolean True when valid, false when invalid. */ function validate_email_format($email)
{	{
if(strpos($email, ' ') !== false) { return false; } // Valid local characters for email addresses: http://www.remote.org/jochen/mail/info/chars.html return preg_match("/^[a-zA-Z0-9&+\-_.{}~^\?=\/]+@[a-zA-Z0-9-]+\.([a-zA-Z0-9-]+\.)[a-zA-Z0-9-]{2,}$/si", $email);	if(strpos($email, ' ') !== false) { return false; } // Valid local characters for email addresses: http://www.remote.org/jochen/mail/info/chars.html return preg_match("/^[a-zA-Z0-9&+\-_.{}~^\?=\/]+@[a-zA-Z0-9-]+\.([a-zA-Z0-9-]+\.)[a-zA-Z0-9-]{2,}$/si", $email);
} /**	} /**
* Checks to see if the email is already in use by another * * @param string $email The email to check.	* Checks to see if the email is already in use by another * * @param string $email The email to check.
Zeile 6325	Zeile 6443
* @return boolean True when in use, false when not. */ function email_already_in_use($email, $uid=0)	* @return boolean True when in use, false when not. */ function email_already_in_use($email, $uid=0)
{	{
global $db;	global $db;

$uid_string = ""; if($uid) { $uid_string = " AND uid != '".(int)$uid."'"; } $query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");	$uid_string = ""; if($uid) { $uid_string = " AND uid != '".(int)$uid."'"; } $query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");

if($db->fetch_field($query, "emails") > 0) { return true;	if($db->fetch_field($query, "emails") > 0) { return true;
Zeile 6351	Zeile 6469
{ global $db, $mybb;	{ global $db, $mybb;
if(!file_exists(MYBB_ROOT."inc/settings.php")) { $mode = "x"; } else { $mode = "w"; } $options = array( "order_by" => "title", "order_dir" => "ASC" ); $query = $db->simple_select("settings", "value, name", "", $options);	$query = $db->simple_select("settings", "value, name", "", array( 'order_by' => 'title', 'order_dir' => 'ASC', ));

$settings = null;	$settings = '';
while($setting = $db->fetch_array($query)) { $mybb->settings[$setting['name']] = $setting['value'];	while($setting = $db->fetch_array($query)) { $mybb->settings[$setting['name']] = $setting['value'];
Zeile 6375	Zeile 6483
} $settings = "<"."?php\n/*******************************\ \n DO NOT EDIT THIS FILE, PLEASE USE\n THE SETTINGS EDITOR\n\*******************************/\n\n$settings\n";	} $settings = "<"."?php\n/*******************************\ \n DO NOT EDIT THIS FILE, PLEASE USE\n THE SETTINGS EDITOR\n\*******************************/\n\n$settings\n";
$file = @fopen(MYBB_ROOT."inc/settings.php", $mode); @fwrite($file, $settings); @fclose($file);	file_put_contents(MYBB_ROOT.'inc/settings.php', $settings, LOCK_EX);
$GLOBALS['settings'] = &$mybb->settings; }	$GLOBALS['settings'] = &$mybb->settings; }
Zeile 6472	Zeile 6579
// Sort the word array by length. Largest terms go first and work their way down to the smallest term. // This resolves problems like "test tes" where "tes" will be highlighted first, then "test" can't be highlighted because of the changed html	// Sort the word array by length. Largest terms go first and work their way down to the smallest term. // This resolves problems like "test tes" where "tes" will be highlighted first, then "test" can't be highlighted because of the changed html
usort($words, create_function('$a,$b', 'return strlen($b) - strlen($a);'));	usort($words, 'build_highlight_array_sort');
// Loop through our words to build the PREG compatible strings foreach($words as $word)	// Loop through our words to build the PREG compatible strings foreach($words as $word)
Zeile 6494	Zeile 6601
} return $highlight_cache;	} return $highlight_cache;
	} /** * Sort the word array by length. Largest terms go first and work their way down to the smallest term. * * @param string $a First word. * @param string $b Second word. * @return integer Result of comparison function. */ function build_highlight_array_sort($a, $b) { return strlen($b) - strlen($a);
} /**	} /**
Zeile 6665	Zeile 6784
} // Still here - good ip	} // Still here - good ip
return false; }	return false; }
/** * Returns an array of supported timezones	/** * Returns an array of supported timezones
Zeile 6706	Zeile 6825
"6.5" => $lang->timezone_gmt_650, "7" => $lang->timezone_gmt_700, "8" => $lang->timezone_gmt_800,	"6.5" => $lang->timezone_gmt_650, "7" => $lang->timezone_gmt_700, "8" => $lang->timezone_gmt_800,
	"8.5" => $lang->timezone_gmt_850, "8.75" => $lang->timezone_gmt_875,
"9" => $lang->timezone_gmt_900, "9.5" => $lang->timezone_gmt_950, "10" => $lang->timezone_gmt_1000,	"9" => $lang->timezone_gmt_900, "9.5" => $lang->timezone_gmt_950, "10" => $lang->timezone_gmt_1000,
Zeile 6741	Zeile 6862
if($selected == $timezone) { $selected_add = " selected=\"selected\"";	if($selected == $timezone) { $selected_add = " selected=\"selected\"";
}	}
if($short == true) { $label = '';	if($short == true) { $label = '';
Zeile 6779	Zeile 6900
* * @param string $url The URL of the remote file * @param array $post_data The array of post data	* * @param string $url The URL of the remote file * @param array $post_data The array of post data
	* @param int $max_redirects Number of maximum redirects
* @return string\|bool The remote file contents. False on failure */	* @return string\|bool The remote file contents. False on failure */
function fetch_remote_file($url, $post_data=array())	function fetch_remote_file($url, $post_data=array(), $max_redirects=20)
{	{
	global $mybb, $config; if(!my_validate_url($url, true)) { return false; } $url_components = @parse_url($url); if(!isset($url_components['scheme'])) { $url_components['scheme'] = 'https'; } if(!isset($url_components['port'])) { $url_components['port'] = $url_components['scheme'] == 'https' ? 443 : 80; } if( !$url_components \|\| empty($url_components['host']) \|\| (!empty($url_components['scheme']) && !in_array($url_components['scheme'], array('http', 'https'))) \|\| (!in_array($url_components['port'], array(80, 8080, 443))) \|\| (!empty($config['disallowed_remote_hosts']) && in_array($url_components['host'], $config['disallowed_remote_hosts'])) ) { return false; } $addresses = get_ip_by_hostname($url_components['host']); $destination_address = $addresses[0]; if(!empty($config['disallowed_remote_addresses'])) { foreach($config['disallowed_remote_addresses'] as $disallowed_address) { $ip_range = fetch_ip_range($disallowed_address); $packed_address = my_inet_pton($destination_address); if(is_array($ip_range)) { if(strcmp($ip_range[0], $packed_address) <= 0 && strcmp($ip_range[1], $packed_address) >= 0) { return false; } } elseif($destination_address == $disallowed_address) { return false; } } }
$post_body = ''; if(!empty($post_data)) { foreach($post_data as $key => $val)	$post_body = ''; if(!empty($post_data)) { foreach($post_data as $key => $val)
{	{
$post_body .= '&'.urlencode($key).'='.urlencode($val);	$post_body .= '&'.urlencode($key).'='.urlencode($val);
}	}
$post_body = ltrim($post_body, '&'); }	$post_body = ltrim($post_body, '&'); }

if(function_exists("curl_init")) {	if(function_exists("curl_init")) {
	$fetch_header = $max_redirects > 0;
$ch = curl_init();	$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);	$curlopt = array( CURLOPT_URL => $url, CURLOPT_HEADER => $fetch_header, CURLOPT_TIMEOUT => 10, CURLOPT_RETURNTRANSFER => 1, CURLOPT_FOLLOWLOCATION => 0, ); if($ca_bundle_path = get_ca_bundle_path()) { $curlopt[CURLOPT_SSL_VERIFYPEER] = 1; $curlopt[CURLOPT_CAINFO] = $ca_bundle_path; } else { $curlopt[CURLOPT_SSL_VERIFYPEER] = 0; } $curl_version_info = curl_version(); $curl_version = $curl_version_info['version']; if(version_compare(PHP_VERSION, '7.0.7', '>=') && version_compare($curl_version, '7.49', '>=')) { // CURLOPT_CONNECT_TO $curlopt[10243] = array( $url_components['host'].':'.$url_components['port'].':'.$destination_address ); } elseif(version_compare(PHP_VERSION, '5.5', '>=') && version_compare($curl_version, '7.21.3', '>=')) { // CURLOPT_RESOLVE $curlopt[10203] = array( $url_components['host'].':'.$url_components['port'].':'.$destination_address ); }
if(!empty($post_body)) {	if(!empty($post_body)) {
curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_body);	$curlopt[CURLOPT_POST] = 1; $curlopt[CURLOPT_POSTFIELDS] = $post_body; } curl_setopt_array($ch, $curlopt); $response = curl_exec($ch); if($fetch_header) { $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE); $header = substr($response, 0, $header_size); $body = substr($response, $header_size); if(in_array(curl_getinfo($ch, CURLINFO_HTTP_CODE), array(301, 302))) { preg_match('/Location:(.*?)(?:\n\|$)/', $header, $matches); if($matches) { $data = fetch_remote_file(trim(array_pop($matches)), $post_data, --$max_redirects); } } else { $data = $body; } } else { $data = $response;
}	}
$data = curl_exec($ch);
curl_close($ch); return $data; } else if(function_exists("fsockopen")) {	curl_close($ch); return $data; } else if(function_exists("fsockopen")) {
$url = @parse_url($url); if(!$url['host'])	if(!isset($url_components['path']))
{	{
return false; } if(!$url['port']) { $url['port'] = 80; } if(!$url['path']) { $url['path'] = "/";	$url_components['path'] = "/";
}	}
if($url['query'])	if(isset($url_components['query']))
{	{
$url['path'] .= "?{$url['query']}";	$url_components['path'] .= "?{$url_components['query']}";
} $scheme = '';	} $scheme = '';
if($url['scheme'] == 'https')	if($url_components['scheme'] == 'https')
{ $scheme = 'ssl://';	{ $scheme = 'ssl://';
if($url['port'] == 80)	if($url_components['port'] == 80)
{	{
$url['port'] = 443;	$url_components['port'] = 443;
} }	} }
$fp = @fsockopen($scheme.$url['host'], $url['port'], $error_no, $error, 10);	if(function_exists('stream_context_create')) { if($url_components['scheme'] == 'https' && $ca_bundle_path = get_ca_bundle_path()) { $context = stream_context_create(array( 'ssl' => array( 'verify_peer' => true, 'verify_peer_name' => true, 'peer_name' => $url_components['host'], 'cafile' => $ca_bundle_path, ), )); } else { $context = stream_context_create(array( 'ssl' => array( 'verify_peer' => false, 'verify_peer_name' => false, ), )); } $fp = @stream_socket_client($scheme.$destination_address.':'.(int)$url_components['port'], $error_no, $error, 10, STREAM_CLIENT_CONNECT, $context); } else { $fp = @fsockopen($scheme.$url_components['host'], (int)$url_components['port'], $error_no, $error, 10); }
@stream_set_timeout($fp, 10); if(!$fp)	@stream_set_timeout($fp, 10); if(!$fp)
{	{
return false; } $headers = array(); if(!empty($post_body)) {	return false; } $headers = array(); if(!empty($post_body)) {
$headers[] = "POST {$url['path']} HTTP/1.0";	$headers[] = "POST {$url_components['path']} HTTP/1.0";
$headers[] = "Content-Length: ".strlen($post_body); $headers[] = "Content-Type: application/x-www-form-urlencoded";	$headers[] = "Content-Length: ".strlen($post_body); $headers[] = "Content-Type: application/x-www-form-urlencoded";
}	}
else {	else {
$headers[] = "GET {$url['path']} HTTP/1.0";	$headers[] = "GET {$url_components['path']} HTTP/1.0";
}	}
$headers[] = "Host: {$url['host']}";	$headers[] = "Host: {$url_components['host']}";
$headers[] = "Connection: Close"; $headers[] = '';	$headers[] = "Connection: Close"; $headers[] = '';
Zeile 6878	Zeile 7137
{ return false; }	{ return false; }
	$data = null;
while(!feof($fp)) { $data .= fgets($fp, 12800); } fclose($fp);	while(!feof($fp)) { $data .= fgets($fp, 12800); } fclose($fp);

$data = explode("\r\n\r\n", $data, 2);	$data = explode("\r\n\r\n", $data, 2);
return $data[1]; } else if(empty($post_data)) { return @implode("", @file($url));	$header = $data[0]; $status_line = current(explode("\n\n", $header, 1)); $body = $data[1]; if($max_redirects > 0 && (strstr($status_line, ' 301 ') \|\| strstr($status_line, ' 302 '))) { preg_match('/Location:(.*?)(?:\n\|$)/', $header, $matches); if($matches) { $data = fetch_remote_file(trim(array_pop($matches)), $post_data, --$max_redirects); } } else { $data = $body; } return $data;
} else { return false; }	} else { return false; }
	} /** * Resolves a hostname into a set of IP addresses. * * @param string $hostname The hostname to be resolved * @return array\|bool The resulting IP addresses. False on failure / function get_ip_by_hostname($hostname) { $addresses = @gethostbynamel($hostname); if(!$addresses) { $result_set = @dns_get_record($hostname, DNS_A \| DNS_AAAA); if($result_set) { $addresses = array_column($result_set, 'ip'); } else { return false; } } return $addresses; } /* * Returns the location of the CA bundle defined in the PHP configuration. * * @return string\|bool The location of the CA bundle, false if not set */ function get_ca_bundle_path() { if($path = ini_get('openssl.cafile')) { return $path; } if($path = ini_get('curl.cainfo')) { return $path; } return false;
} /**	} /**
Zeile 6903	Zeile 7227
* @return boolean True if a super admin, false if not */ function is_super_admin($uid)	* @return boolean True if a super admin, false if not */ function is_super_admin($uid)
{	{
static $super_admins; if(!isset($super_admins))	static $super_admins; if(!isset($super_admins))
Zeile 6934	Zeile 7258
function is_member($groups, $user = false) { global $mybb;	function is_member($groups, $user = false) { global $mybb;

if(empty($groups)) { return array();	if(empty($groups)) { return array();
Zeile 7177	Zeile 7501
{ // Passing $mode as an octal number causes strlen and substr to return incorrect values. Instead pass as a string if(substr($mode, 0, 1) != '0' \|\| strlen($mode) !== 4)	{ // Passing $mode as an octal number causes strlen and substr to return incorrect values. Instead pass as a string if(substr($mode, 0, 1) != '0' \|\| strlen($mode) !== 4)
{	{
return false; } $old_umask = umask(0);	return false; } $old_umask = umask(0);

// We convert the octal string to a decimal number because passing a octal string doesn't work with chmod // and type casting subsequently removes the prepended 0 which is needed for octal numbers $result = chmod($file, octdec($mode));	// We convert the octal string to a decimal number because passing a octal string doesn't work with chmod // and type casting subsequently removes the prepended 0 which is needed for octal numbers $result = chmod($file, octdec($mode));
Zeile 7191	Zeile 7515
/** * Custom rmdir function to loop through an entire directory and delete all files/folders within	/** * Custom rmdir function to loop through an entire directory and delete all files/folders within
*	*
* @param string $path The path to the directory * @param array $ignore Any files you wish to ignore (optional) * @return bool	* @param string $path The path to the directory * @param array $ignore Any files you wish to ignore (optional) * @return bool
Zeile 7206	Zeile 7530
} if(@is_dir($path) && !@is_link($path))	} if(@is_dir($path) && !@is_link($path))
{	{
if($dh = @opendir($path)) { while(($file = @readdir($dh)) !== false)	if($dh = @opendir($path)) { while(($file = @readdir($dh)) !== false)
Zeile 7221	Zeile 7545
// Are we done? Don't delete the main folder too and return true if($path == $orig_dir)	// Are we done? Don't delete the main folder too and return true if($path == $orig_dir)
{	{
return true; }	return true; }

return @rmdir($path); }	return @rmdir($path); }
Zeile 7236	Zeile 7560
* * @param array $array The array of forums * @return integer The number of sub forums	* * @param array $array The array of forums * @return integer The number of sub forums
*/	*/
function subforums_count($array) { $count = 0;	function subforums_count($array) { $count = 0;
Zeile 7296	Zeile 7620
$long += 4294967296; } return long2ip($long);	$long += 4294967296; } return long2ip($long);
}	}
/** * Converts a human readable IP address to its packed in_addr representation *	/** * Converts a human readable IP address to its packed in_addr representation *
Zeile 7548	Zeile 7872
global $mybb, $checksums, $bad_verify_files; // We don't need to check these types of files	global $mybb, $checksums, $bad_verify_files; // We don't need to check these types of files
$ignore = array(".", "..", ".svn", "config.php", "settings.php", "Thumb.db", "config.default.php", "lock", "htaccess.txt", "logo.gif", "logo.png");	$ignore = array(".", "..", ".svn", "config.php", "settings.php", "Thumb.db", "config.default.php", "lock", "htaccess.txt", "htaccess-nginx.txt", "logo.gif", "logo.png");
$ignore_ext = array("attach"); if(substr($path, -1, 1) == "/")	$ignore_ext = array("attach"); if(substr($path, -1, 1) == "/")
Zeile 7647	Zeile 7971
else { return "+$int";	else { return "+$int";
} } /** * Returns a securely generated seed for PHP's RNG (Random Number Generator) * * @param int $count Length of the seed bytes (8 is default. Provides good cryptographic variance) * @return int An integer equivalent of a secure hexadecimal seed */ function secure_seed_rng($count=8) { $output = ''; // DIRECTORY_SEPARATOR checks if running windows if(DIRECTORY_SEPARATOR != '\\') { // Unix/Linux // Use OpenSSL when available if(function_exists('openssl_random_pseudo_bytes')) { $output = openssl_random_pseudo_bytes($count); } // Try mcrypt elseif(function_exists('mcrypt_create_iv')) { $output = mcrypt_create_iv($count, MCRYPT_DEV_URANDOM); } // Try /dev/urandom elseif(@is_readable('/dev/urandom') && ($handle = @fopen('/dev/urandom', 'rb'))) { $output = @fread($handle, $count); @fclose($handle);	} } /** * Returns a securely generated seed * * @return string A secure binary seed */ function secure_binary_seed_rng($bytes) { $output = null; if(version_compare(PHP_VERSION, '7.0', '>=')) { try { $output = random_bytes($bytes); } catch (Exception $e) {
} }	} }
else	if(strlen($output) < $bytes)
{	{
// Windows // Use OpenSSL when available // PHP <5.3.4 had a bug which makes that function unusable on Windows if(function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4', '>='))	if(@is_readable('/dev/urandom') && ($handle = @fopen('/dev/urandom', 'rb')))
{	{
$output = openssl_random_pseudo_bytes($count);	$output = @fread($handle, $bytes); @fclose($handle);
}	}
// Try mcrypt elseif(function_exists('mcrypt_create_iv'))	} else { return $output; } if(strlen($output) < $bytes) { if(function_exists('mcrypt_create_iv')) { if (DIRECTORY_SEPARATOR == '/') { $source = MCRYPT_DEV_URANDOM; } else { $source = MCRYPT_RAND; } $output = @mcrypt_create_iv($bytes, $source); } } else { return $output; } if(strlen($output) < $bytes) { if(function_exists('openssl_random_pseudo_bytes'))
{	{
$output = mcrypt_create_iv($count, MCRYPT_RAND);	// PHP <5.3.4 had a bug which makes that function unusable on Windows if ((DIRECTORY_SEPARATOR == '/') \|\| version_compare(PHP_VERSION, '5.3.4', '>=')) { $output = openssl_random_pseudo_bytes($bytes, $crypto_strong); if ($crypto_strong == false) { $output = null; } }
}	}
// Try Windows CAPICOM before using our own generator elseif(class_exists('COM'))	} else { return $output; } if(strlen($output) < $bytes) { if(class_exists('COM'))
{ try { $CAPI_Util = new COM('CAPICOM.Utilities.1'); if(is_callable(array($CAPI_Util, 'GetRandom'))) {	{ try { $CAPI_Util = new COM('CAPICOM.Utilities.1'); if(is_callable(array($CAPI_Util, 'GetRandom'))) {
$output = $CAPI_Util->GetRandom($count, 0);	$output = $CAPI_Util->GetRandom($bytes, 0);
} } catch (Exception $e) { }	} } catch (Exception $e) { }
} } // Didn't work? Do we still not have enough bytes? Use our own (less secure) rng generator if(strlen($output) < $count)	} } else { return $output; } if(strlen($output) < $bytes)
{	{
$output = '';
// Close to what PHP basically uses internally to seed, but not quite. $unique_state = microtime().@getmypid();	// Close to what PHP basically uses internally to seed, but not quite. $unique_state = microtime().@getmypid();
for($i = 0; $i < $count; $i += 16)	$rounds = ceil($bytes / 16); for($i = 0; $i < $rounds; $i++)
{ $unique_state = md5(microtime().$unique_state);	{ $unique_state = md5(microtime().$unique_state);
$output .= pack('H*', md5($unique_state)); }	$output .= md5($unique_state); } $output = substr($output, 0, ($bytes * 2)); $output = pack('H*', $output); return $output; } else { return $output;
}	}
	} /** * Returns a securely generated seed integer * * @return int An integer equivalent of a secure hexadecimal seed */ function secure_seed_rng() { $bytes = PHP_INT_SIZE; do { $output = secure_binary_seed_rng($bytes); // convert binary data to a decimal number if ($bytes == 4) { $elements = unpack('i', $output); $output = abs($elements[1]); } else { $elements = unpack('N2', $output); $output = abs($elements[1] << 32 \| $elements[2]); }

// /dev/urandom and openssl will always be twice as long as $count. base64_encode will roughly take up 33% more space but crc32 will put it to 32 characters $output = hexdec(substr(dechex(crc32(base64_encode($output))), 0, $count));	} while($output > PHP_INT_MAX);
return $output; } /**	return $output; } /**
* Wrapper function for mt_rand. Automatically seeds using a secure seed once.	* Generates a cryptographically secure random number.
* * @param int $min Optional lowest value to be returned (default: 0)	* * @param int $min Optional lowest value to be returned (default: 0)
* @param int $max Optional highest value to be returned (default: mt_getrandmax()) * @param boolean $force_seed True forces it to reseed the RNG first * @return int An integer equivalent of a secure hexadecimal seed	* @param int $max Optional highest value to be returned (default: PHP_INT_MAX)
*/	*/
function my_rand($min=null, $max=null, $force_seed=false)	function my_rand($min=0, $max=PHP_INT_MAX)
{	{
static $seeded = false; static $obfuscator = 0;	// backward compatibility if($min === null \|\| $max === null \|\| $max < $min) { $min = 0; $max = PHP_INT_MAX; }

if($seeded == false \|\| $force_seed == true)	if(version_compare(PHP_VERSION, '7.0', '>='))
{	{
mt_srand(secure_seed_rng()); $seeded = true; $obfuscator = abs((int) secure_seed_rng()); // Ensure that $obfuscator is <= mt_getrandmax() for 64 bit systems. if($obfuscator > mt_getrandmax())	try
{	{
$obfuscator -= mt_getrandmax();	$result = random_int($min, $max); } catch (Exception $e) { } if(isset($result)) { return $result;
} }	} }
if($min !== null && $max !== null) { $distance = $max - $min; if($distance > 0) { return $min + (int)((float)($distance + 1) * (float)(mt_rand() ^ $obfuscator) / (mt_getrandmax() + 1)); } else { return mt_rand($min, $max); } } else { $val = mt_rand() ^ $obfuscator; return $val; }	$seed = secure_seed_rng(); $distance = $max - $min; return $min + floor($distance * ($seed / PHP_INT_MAX) );
} /**	} /**
Zeile 8073	Zeile 8454
else { return !preg_match("#[^\\x00-\\x7F][\\x80-\\xBF]{3,}#", $input);	else { return !preg_match("#[^\\x00-\\x7F][\\x80-\\xBF]{3,}#", $input);
} }	} }
} /**	} /**
Zeile 8094	Zeile 8475
return false; }	return false; }
if(!is_array($pm)) { return false; }	if(!is_array($pm)) { return false; }
if(isset($pm['language'])) { if($pm['language'] != $mybb->user['language'] && $lang->language_exists($pm['language'])) { // Load user language $lang->set_language($pm['language']);	if(isset($pm['language'])) { if($pm['language'] != $mybb->user['language'] && $lang->language_exists($pm['language'])) { // Load user language $lang->set_language($pm['language']);
$lang->load($pm['language_file']);	$lang->load($pm['language_file']);
$revert = true; } foreach(array('subject', 'message') as $key) {	$revert = true; } foreach(array('subject', 'message') as $key) {
$lang_string = $pm[$key];
if(is_array($pm[$key]))	if(is_array($pm[$key]))
{	{ $lang_string = $lang->{$pm[$key][0]};
$num_args = count($pm[$key]); for($i = 1; $i < $num_args; $i++) {	$num_args = count($pm[$key]); for($i = 1; $i < $num_args; $i++) {
$lang->{$pm[$key][0]} = str_replace('{'.$i.'}', $pm[$key][$i], $lang->{$pm[$key][0]});	$lang_string = str_replace('{'.$i.'}', $pm[$key][$i], $lang_string);
}	}
$lang_string = $pm[$key][0];
}	}
$pm[$key] = $lang->{$lang_string};	else { $lang_string = $lang->{$pm[$key]}; } $pm[$key] = $lang_string;
} if(isset($revert))	} if(isset($revert))
Zeile 8140	Zeile 8523
{ return false; }	{ return false; }
$lang->load('messages');
require_once MYBB_ROOT."inc/datahandlers/pm.php";	require_once MYBB_ROOT."inc/datahandlers/pm.php";
Zeile 8321	Zeile 8702
} return $success;	} return $success;
	} /** * Validate an url * * @param string $url The url to validate. * @param bool $relative_path Whether or not the url could be a relative path. * @param bool $allow_local Whether or not the url could be pointing to local networks. * * @return bool Whether this is a valid url. / function my_validate_url($url, $relative_path=false, $allow_local=false) { if($allow_local) { $regex = '_^(?:(?:https?\|ftp)://)(?:\S+(?::\S)?@)?(?:(?:[1-9]\d?\|1\d\d\|2[01]\d\|22[0-3])(?:\.(?:1?\d{1,2}\|2[0-4]\d\|25[0-5])){2}(?:\.(?:[1-9]\d?\|1\d\d\|2[0-4]\d\|25[0-4]))\|(?:localhost\|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,}))\.?))(?::\d{2,5})?(?:[/?#]\S)?$_iuS'; } else { $regex = '_^(?:(?:https?\|ftp)://)(?:\S+(?::\S)?@)?(?:(?!(?:10\|127)(?:\.\d{1,3}){3})(?!(?:169\.254\|192\.168)(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]\|2\d\|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?\|1\d\d\|2[01]\d\|22[0-3])(?:\.(?:1?\d{1,2}\|2[0-4]\d\|25[0-5])){2}(?:\.(?:[1-9]\d?\|1\d\d\|2[0-4]\d\|25[0-4]))\|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,}))\.?)(?::\d{2,5})?(?:[/?#]\S)?$_iuS'; } if($relative_path && my_substr($url, 0, 1) == '/' \|\| preg_match($regex, $url)) { return true; } return false; } /* * Strip html tags from string, also removes <script> and <style> contents. * * @param string $string String to stripe * @param string $allowable_tags Allowed html tags * * @return string Striped string / function my_strip_tags($string, $allowable_tags = '') { $pattern = array( '@(<)style[^(>)]?(>).?(<)/style(>)@siu', '@(<)script[^(>)]?.?(<)/script(>)@siu', '@<style[^>]?>.?</style>@siu', '@<script[^>]?.?</script>@siu', ); $string = preg_replace($pattern, '', $string); return strip_tags($string, $allowable_tags); } /* * Escapes a RFC 4180-compliant CSV string. * Based on https://github.com/Automattic/camptix/blob/f80725094440bf09861383b8f11e96c177c45789/camptix.php#L2867 * * @param string $string The string to be escaped * @param boolean $escape_active_content Whether or not to escape active content trigger characters * @return string The escaped string */ function my_escape_csv($string, $escape_active_content=true) { if($escape_active_content) { $active_content_triggers = array('=', '+', '-', '@'); $delimiters = array(',', ';', ':', '\|', '^', "\n", "\t", " "); $first_character = mb_substr($string, 0, 1); if( in_array($first_character, $active_content_triggers, true) \|\| in_array($first_character, $delimiters, true) ) { $string = "'".$string; } foreach($delimiters as $delimiter) { foreach($active_content_triggers as $trigger) { $string = str_replace($delimiter.$trigger, $delimiter."'".$trigger, $string); } } } $string = str_replace('"', '""', $string); return $string;
}	}