Vergleich inc/datahandlers/user.php - 1.8.9 - 1.8.16

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 187	Zeile 187
} // Has the user tried to use their email address or username as a password?	} // Has the user tried to use their email address or username as a password?
if($user['email'] === $user['password'] \|\| $user['username'] === $user['password'])	if(!empty($user['email']) && !empty($user['username']))
{	{
$this->set_error('bad_password_security'); return false;	if($user['email'] === $user['password'] \|\| $user['username'] === $user['password'] \|\| strpos($user['password'], $user['email']) !== false \|\| strpos($user['password'], $user['username']) !== false \|\| strpos($user['email'], $user['password']) !== false \|\| strpos($user['username'], $user['password']) !== false) { $this->set_error('bad_password_security'); return false; }
} // See if the board has "require complex passwords" enabled.	} // See if the board has "require complex passwords" enabled.
Zeile 211	Zeile 216
$this->set_error("passwords_dont_match"); return false; }	$this->set_error("passwords_dont_match"); return false; }
// Generate our salt $user['salt'] = generate_salt(); // Combine the password and salt $user['saltedpw'] = create_password_hash($user['password'], $user['salt'], $user);
// Generate the user login key $user['loginkey'] = generate_loginkey();	// Generate the user login key $user['loginkey'] = generate_loginkey();
	// Combine the password and salt $password_fields = create_password($user['password'], false, $user); $user = array_merge($user, $password_fields);
return true; } /** * Verifies usergroup selections and other group details.	return true; } /** * Verifies usergroup selections and other group details.
* * @return boolean True when valid, false when invalid.	* * @return boolean True when valid, false when invalid.
*/ function verify_usergroup() {	*/ function verify_usergroup() {
Zeile 241	Zeile 244
function verify_email() { global $mybb;	function verify_email() { global $mybb;
$user = &$this->data;	$user = &$this->data;
// Check if an email address has actually been entered. if(trim_blank_chrs($user['email']) == '')	// Check if an email address has actually been entered. if(trim_blank_chrs($user['email']) == '')
{	{
$this->set_error('missing_email');	$this->set_error('missing_email');
return false; }	return false; }
// Check if this is a proper email address. if(!validate_email_format($user['email'])) {	// Check if this is a proper email address. if(!validate_email_format($user['email'])) {
Zeile 260	Zeile 263
// Check banned emails if(is_banned_email($user['email'], true))	// Check banned emails if(is_banned_email($user['email'], true))
{	{
$this->set_error('banned_email'); return false; }	$this->set_error('banned_email'); return false; }
Zeile 308	Zeile 311
if(!empty($website) && !my_validate_url($website)) { $this->set_error('invalid_website');	if(!empty($website) && !my_validate_url($website)) { $this->set_error('invalid_website');
return false; } return true; } /**	return false; } return true; } /**
* Verifies if an ICQ number is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if an ICQ number is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 322	Zeile 325
function verify_icq() { $icq = &$this->data['icq'];	function verify_icq() { $icq = &$this->data['icq'];

if($icq != '' && !is_numeric($icq)) { $this->set_error("invalid_icq_number"); return false; } $icq = (int)$icq;	if($icq != '' && !is_numeric($icq)) { $this->set_error("invalid_icq_number"); return false; } $icq = (int)$icq;
return true; } /**	return true; } /**
* Verifies if a birthday is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if a birthday is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 367	Zeile 370
// Check if the day actually exists. $months = get_bdays($birthday['year']); if($birthday['month'] != 0 && $birthday['day'] > $months[$birthday['month']-1])	// Check if the day actually exists. $months = get_bdays($birthday['year']); if($birthday['month'] != 0 && $birthday['day'] > $months[$birthday['month']-1])
{ $this->set_error("invalid_birthday"); return false; }	{ $this->set_error("invalid_birthday"); return false; }
// Error if a year exists and the year is out of range if($birthday['year'] != 0 && ($birthday['year'] < (date("Y")-100)) \|\| $birthday['year'] > date("Y"))	// Error if a year exists and the year is out of range if($birthday['year'] != 0 && ($birthday['year'] < (date("Y")-100)) \|\| $birthday['year'] > date("Y"))
{	{
$this->set_error("invalid_birthday"); return false; }	$this->set_error("invalid_birthday"); return false; }
else if($birthday['year'] == date("Y"))	elseif($birthday['year'] == date("Y"))
{ // Error if birth date is in future if($birthday['month'] > date("m") \|\| ($birthday['month'] == date("m") && $birthday['day'] > date("d")))	{ // Error if birth date is in future if($birthday['month'] > date("m") \|\| ($birthday['month'] == date("m") && $birthday['day'] > date("d")))
Zeile 386	Zeile 389
$this->set_error("invalid_birthday"); return false; }	$this->set_error("invalid_birthday"); return false; }
}	}
// Error if COPPA is on, and the user hasn't verified their age / under 13 if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 \|\| !$birthday['year']))	// Error if COPPA is on, and the user hasn't verified their age / under 13 if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 \|\| !$birthday['year']))
Zeile 435	Zeile 438
if(!in_array($birthdayprivacy, $accepted)) { $this->set_error("invalid_birthday_privacy");	if(!in_array($birthdayprivacy, $accepted)) { $this->set_error("invalid_birthday_privacy");
return false; } return true; }	return false; } return true; }
/** * Verifies if the post count field is filled in correctly.	/** * Verifies if the post count field is filled in correctly.
Zeile 470	Zeile 473
if(isset($user['threadnum']) && $user['threadnum'] < 0) { $this->set_error("invalid_threadnum");	if(isset($user['threadnum']) && $user['threadnum'] < 0) { $this->set_error("invalid_threadnum");
return false; } return true;	return false; } return true;
} /**	} /**
Zeile 541	Zeile 544
// Sort out multiselect/checkbox profile fields. $options = ''; if(($type == "multiselect" \|\| $type == "checkbox") && is_array($profile_fields[$field]))	// Sort out multiselect/checkbox profile fields. $options = ''; if(($type == "multiselect" \|\| $type == "checkbox") && is_array($profile_fields[$field]))
{ $expoptions = explode("\n", $thing[1]); $expoptions = array_map('trim', $expoptions);	{ $expoptions = explode("\n", $thing[1]); $expoptions = array_map('trim', $expoptions);
foreach($profile_fields[$field] as $value) { if(!in_array(htmlspecialchars_uni($value), $expoptions))	foreach($profile_fields[$field] as $value) { if(!in_array(htmlspecialchars_uni($value), $expoptions))
Zeile 574	Zeile 577
$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength'])); }	$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength'])); }
if(!empty($profilefield['regex']) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))	if(!empty($profilefield['regex']) && !empty($profile_fields[$field]) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))
{ $this->set_error('bad_profile_field_value', array($profilefield['name'])); }	{ $this->set_error('bad_profile_field_value', array($profilefield['name'])); }
Zeile 612	Zeile 615
$user['referrer_uid'] = $referrer['uid']; }	$user['referrer_uid'] = $referrer['uid']; }
else { $user['referrer_uid'] = 0; }	else { $user['referrer_uid'] = 0; }
return true; }	return true; }
Zeile 666	Zeile 669
if($options['subscriptionmethod'] < 0 \|\| $options['subscriptionmethod'] > 3) { $options['subscriptionmethod'] = 0;	if($options['subscriptionmethod'] < 0 \|\| $options['subscriptionmethod'] > 3) { $options['subscriptionmethod'] = 0;
} }	} }
if(array_key_exists('dstcorrection', $options)) { // Value out of range	if(array_key_exists('dstcorrection', $options)) { // Value out of range
Zeile 677	Zeile 680
{ $options['dstcorrection'] = 0; }	{ $options['dstcorrection'] = 0; }
}	}
if($options['dstcorrection'] == 1) { $options['dst'] = 1; }	if($options['dstcorrection'] == 1) { $options['dst'] = 1; }
else if($options['dstcorrection'] == 0)	elseif($options['dstcorrection'] == 0)
{ $options['dst'] = 0;	{ $options['dst'] = 0;
}	}
if($this->method == "insert" \|\| (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded")) {	if($this->method == "insert" \|\| (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded")) {
Zeile 754	Zeile 757
} } $this->data['options'] = $options;	} } $this->data['options'] = $options;
}	}
/** * Verifies if a registration date is valid or not. *	/** * Verifies if a registration date is valid or not. *
Zeile 770	Zeile 773
if($regdate <= 0) { $regdate = TIME_NOW;	if($regdate <= 0) { $regdate = TIME_NOW;
} return true; } /**	} return true; } /**
* Verifies if a last visit date is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if a last visit date is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 784	Zeile 787
$lastvisit = &$this->data['lastvisit']; $lastvisit = (int)$lastvisit;	$lastvisit = &$this->data['lastvisit']; $lastvisit = (int)$lastvisit;
// If the timestamp is below 0, set it to the current time.	// If the timestamp is below 0, set it to the current time.
if($lastvisit <= 0) { $lastvisit = TIME_NOW;	if($lastvisit <= 0) { $lastvisit = TIME_NOW;
} return true; } /**	} return true; } /**
* Verifies if a last active date is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if a last active date is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 831	Zeile 834
$user['away']['awayreason'] = ''; return true; }	$user['away']['awayreason'] = ''; return true; }
else if($user['away']['returndate'])	elseif($user['away']['returndate'])
{	{
	// Validate the awayreason length, since the db holds 200 chars for this field $reasonlength = my_strlen($user['away']['awayreason']); if($reasonlength > 200) { $this->set_error("away_too_long", array($reasonlength - 200)); return false; }
list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']); if(!$returnday \|\| !$returnmonth \|\| !$returnyear) {	list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']); if(!$returnday \|\| !$returnmonth \|\| !$returnyear) {
Zeile 1084	Zeile 1095
$user = &$this->data;	$user = &$this->data;
$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'aim', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');	$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');
foreach($array as $value) { if(!isset($user[$value]))	foreach($array as $value) { if(!isset($user[$value]))
Zeile 1095	Zeile 1106
$this->user_insert_data = array( "username" => $db->escape_string($user['username']),	$this->user_insert_data = array( "username" => $db->escape_string($user['username']),
"password" => $user['saltedpw'],	"password" => $user['password'],
"salt" => $user['salt'], "loginkey" => $user['loginkey'], "email" => $db->escape_string($user['email']),	"salt" => $user['salt'], "loginkey" => $user['loginkey'], "email" => $db->escape_string($user['email']),
Zeile 1112	Zeile 1123
"lastvisit" => (int)$user['lastvisit'], "website" => $db->escape_string($user['website']), "icq" => (int)$user['icq'],	"lastvisit" => (int)$user['lastvisit'], "website" => $db->escape_string($user['website']), "icq" => (int)$user['icq'],
"aim" => $db->escape_string($user['aim']),
"yahoo" => $db->escape_string($user['yahoo']), "skype" => $db->escape_string($user['skype']), "google" => $db->escape_string($user['google']),	"yahoo" => $db->escape_string($user['yahoo']), "skype" => $db->escape_string($user['skype']), "google" => $db->escape_string($user['google']),
Zeile 1169	Zeile 1179
); if($user['options']['dstcorrection'] == 1)	); if($user['options']['dstcorrection'] == 1)
{	{
$this->user_insert_data['dst'] = 1;	$this->user_insert_data['dst'] = 1;
} else if($user['options']['dstcorrection'] == 0)	} elseif($user['options']['dstcorrection'] == 0)
{ $this->user_insert_data['dst'] = 0; }	{ $this->user_insert_data['dst'] = 0; }
Zeile 1180	Zeile 1190
$plugins->run_hooks("datahandler_user_insert", $this); $this->uid = $db->insert_query("users", $this->user_insert_data);	$plugins->run_hooks("datahandler_user_insert", $this); $this->uid = $db->insert_query("users", $this->user_insert_data);

$user['user_fields']['ufid'] = $this->uid; $pfcache = $cache->read('profilefields');	$user['user_fields']['ufid'] = $this->uid; $pfcache = $cache->read('profilefields');
Zeile 1198	Zeile 1208
} $db->insert_query("userfields", $user['user_fields'], false);	} $db->insert_query("userfields", $user['user_fields'], false);

if($this->user_insert_data['referrer'] != 0) { $db->write_query("	if($this->user_insert_data['referrer'] != 0) { $db->write_query("
Zeile 1206	Zeile 1216
SET referrals=referrals+1 WHERE uid='{$this->user_insert_data['referrer']}' ");	SET referrals=referrals+1 WHERE uid='{$this->user_insert_data['referrer']}' ");
}	}
// Update forum stats update_stats(array('numusers' => '+1')); if((int)$user['usergroup'] == 5) { $cache->update_awaitingactivation();	// Update forum stats update_stats(array('numusers' => '+1')); if((int)$user['usergroup'] == 5) { $cache->update_awaitingactivation();
}	}
$this->return_values = array( "uid" => $this->uid, "username" => $user['username'],	$this->return_values = array( "uid" => $this->uid, "username" => $user['username'],
Zeile 1258	Zeile 1268
{ $this->user_update_data['username'] = $db->escape_string($user['username']); }	{ $this->user_update_data['username'] = $db->escape_string($user['username']); }
if(isset($user['saltedpw']))	if(isset($user['password'])) { $this->user_update_data['password'] = $user['password']; } if(isset($user['salt']))
{	{
$this->user_update_data['password'] = $user['saltedpw'];
$this->user_update_data['salt'] = $user['salt'];	$this->user_update_data['salt'] = $user['salt'];
	} if(isset($user['loginkey'])) {
$this->user_update_data['loginkey'] = $user['loginkey'];	$this->user_update_data['loginkey'] = $user['loginkey'];
}	}
if(isset($user['email'])) { $this->user_update_data['email'] = $user['email']; } if(isset($user['postnum']))	if(isset($user['email'])) { $this->user_update_data['email'] = $user['email']; } if(isset($user['postnum']))
{	{
$this->user_update_data['postnum'] = (int)$user['postnum']; } if(isset($user['threadnum']))	$this->user_update_data['postnum'] = (int)$user['postnum']; } if(isset($user['threadnum']))
Zeile 1304	Zeile 1320
if(isset($user['lastactive'])) { $this->user_update_data['lastactive'] = (int)$user['lastactive'];	if(isset($user['lastactive'])) { $this->user_update_data['lastactive'] = (int)$user['lastactive'];
}	}
if(isset($user['lastvisit'])) { $this->user_update_data['lastvisit'] = (int)$user['lastvisit'];	if(isset($user['lastvisit'])) { $this->user_update_data['lastvisit'] = (int)$user['lastvisit'];
Zeile 1320	Zeile 1336
if(isset($user['icq'])) { $this->user_update_data['icq'] = (int)$user['icq'];	if(isset($user['icq'])) { $this->user_update_data['icq'] = (int)$user['icq'];
} if(isset($user['aim'])) { $this->user_update_data['aim'] = $db->escape_string($user['aim']);
} if(isset($user['yahoo'])) {	} if(isset($user['yahoo'])) {
Zeile 1583	Zeile 1595
$cache->update_forumsdisplay(); $cache->update_reportedcontent(); $cache->update_awaitingactivation();	$cache->update_forumsdisplay(); $cache->update_reportedcontent(); $cache->update_awaitingactivation();
	$cache->update_birthdays();
return $this->return_values; }	return $this->return_values; }
Zeile 1737	Zeile 1750
"website" => "", "birthday" => "", "icq" => "",	"website" => "", "birthday" => "", "icq" => "",
"aim" => "",
"yahoo" => "", "skype" => "", "google" => "",	"yahoo" => "", "skype" => "", "google" => "",