Vergleich inc/datahandlers/user.php - 1.8.8 - 1.8.18

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 187Zeile 187
		}

// Has the user tried to use their email address or username as a password?

		}

// Has the user tried to use their email address or username as a password?

		if($user['email'] === $user['password'] || $user['username'] === $user['password'])

		if(!empty($user['email']) && !empty($user['username']))

		{

		{

			$this->set_error('bad_password_security');
return false;






			if($user['email'] === $user['password'] || $user['username'] === $user['password']
|| strpos($user['password'], $user['email']) !== false || strpos($user['password'], $user['username']) !== false
|| strpos($user['email'], $user['password']) !== false || strpos($user['username'], $user['password']) !== false)
{
$this->set_error('bad_password_security');
return false;
}

		}

// See if the board has "require complex passwords" enabled.

		}

// See if the board has "require complex passwords" enabled.

Zeile 211Zeile 216
			$this->set_error("passwords_dont_match");
return false;
}

			$this->set_error("passwords_dont_match");
return false;
}


// MD5 the password
$user['md5password'] = md5($user['password']);

// Generate our salt
$user['salt'] = generate_salt();

// Combine the password and salt
$user['saltedpw'] = salt_password($user['md5password'], $user['salt']);

 

// Generate the user login key
$user['loginkey'] = generate_loginkey();



// Generate the user login key
$user['loginkey'] = generate_loginkey();


 
		// Combine the password and salt
$password_fields = create_password($user['password'], false, $user);
$user = array_merge($user, $password_fields);

return true;
}

/**
* Verifies usergroup selections and other group details.
*
* @return boolean True when valid, false when invalid.
*/
function verify_usergroup()
{

		return true;
}

		return true;
}



 
	/**

	/**

	* Verifies usergroup selections and other group details.

	* Verifies if an email address is valid or not.

	*
* @return boolean True when valid, false when invalid.
*/

	*
* @return boolean True when valid, false when invalid.
*/

	function verify_usergroup()

	function verify_email()

	{

	{

		return true;
}
/**
* Verifies if an email address is valid or not.
*
* @return boolean True when valid, false when invalid.
*/
function verify_email()
{
global $mybb;


		global $mybb;











		$user = &$this->data;

// Check if an email address has actually been entered.

		$user = &$this->data;

// Check if an email address has actually been entered.

Zeile 288Zeile 288
		if(isset($user['email2']) && $user['email'] != $user['email2'])
{
$this->set_error("emails_dont_match");

		if(isset($user['email2']) && $user['email'] != $user['email2'])
{
$this->set_error("emails_dont_match");

			return false;
}

return true;
}

/**

			return false;
}

return true;
}

/**

	* Verifies if a website is valid or not.
*
* @return boolean True when valid, false when invalid.

	* Verifies if a website is valid or not.
*
* @return boolean True when valid, false when invalid.

Zeile 381Zeile 381
			$this->set_error("invalid_birthday");
return false;
}

			$this->set_error("invalid_birthday");
return false;
}

		else if($birthday['year'] == date("Y"))

		elseif($birthday['year'] == date("Y"))

		{
// Error if birth date is in future
if($birthday['month'] > date("m") || ($birthday['month'] == date("m") && $birthday['day'] > date("d")))

		{
// Error if birth date is in future
if($birthday['month'] > date("m") || ($birthday['month'] == date("m") && $birthday['day'] > date("d")))

Zeile 395Zeile 395
		if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 || !$birthday['year']))
{
$this->set_error("invalid_birthday_coppa");

		if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 || !$birthday['year']))
{
$this->set_error("invalid_birthday_coppa");

			return false;

			return false;

		}
elseif(($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) && !is_moderator())
{

		}
elseif(($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) && !is_moderator())
{

Zeile 577Zeile 577
						$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
}


						$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
}


					if(!empty($profilefield['regex']) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))

					if(!empty($profilefield['regex']) && !empty($profile_fields[$field]) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))

					{
$this->set_error('bad_profile_field_value', array($profilefield['name']));
}

					{
$this->set_error('bad_profile_field_value', array($profilefield['name']));
}

Zeile 686Zeile 686
		{
$options['dst'] = 1;
}

		{
$options['dst'] = 1;
}

		else if($options['dstcorrection'] == 0)

		elseif($options['dstcorrection'] == 0)

		{
$options['dst'] = 0;
}

		{
$options['dst'] = 0;
}

Zeile 834Zeile 834
			$user['away']['awayreason'] = '';
return true;
}

			$user['away']['awayreason'] = '';
return true;
}

		else if($user['away']['returndate'])

		elseif($user['away']['returndate'])

		{

		{

 
			// Validate the awayreason length, since the db holds 200 chars for this field
$reasonlength = my_strlen($user['away']['awayreason']);
if($reasonlength > 200)
{
$this->set_error("away_too_long", array($reasonlength - 200));
return false;
}


			list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']);
if(!$returnday || !$returnmonth || !$returnyear)
{

			list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']);
if(!$returnday || !$returnmonth || !$returnyear)
{

Zeile 855Zeile 863
	 * @return boolean True when valid, false when invalid.
*/
function verify_language()

	 * @return boolean True when valid, false when invalid.
*/
function verify_language()

	{
global $lang;

	{
global $lang;


$language = &$this->data['language'];



$language = &$this->data['language'];


Zeile 978Zeile 986
		if($this->method == "insert" || array_key_exists('email', $user))
{
$this->verify_email();

		if($this->method == "insert" || array_key_exists('email', $user))
{
$this->verify_email();

		}

		}

		if($this->method == "insert" || array_key_exists('website', $user))
{
$this->verify_website();

		if($this->method == "insert" || array_key_exists('website', $user))
{
$this->verify_website();

Zeile 986Zeile 994
		if($this->method == "insert" || array_key_exists('icq', $user))
{
$this->verify_icq();

		if($this->method == "insert" || array_key_exists('icq', $user))
{
$this->verify_icq();

		}

		}

		if($this->method == "insert" || (isset($user['birthday']) && is_array($user['birthday'])))

		if($this->method == "insert" || (isset($user['birthday']) && is_array($user['birthday'])))

		{

		{

			$this->verify_birthday();
}
if($this->method == "insert" || array_key_exists('postnum', $user))

			$this->verify_birthday();
}
if($this->method == "insert" || array_key_exists('postnum', $user))

Zeile 998Zeile 1006
		if($this->method == "insert" || array_key_exists('threadnum', $user))
{
$this->verify_threadnum();

		if($this->method == "insert" || array_key_exists('threadnum', $user))
{
$this->verify_threadnum();

		}

		}

		if($this->method == "insert" || array_key_exists('profile_fields', $user))
{
$this->verify_profile_fields();

		if($this->method == "insert" || array_key_exists('profile_fields', $user))
{
$this->verify_profile_fields();

Zeile 1083Zeile 1091
		if(count($this->get_errors()) > 0)
{
die("The user is not valid.");

		if(count($this->get_errors()) > 0)
{
die("The user is not valid.");

		}

$user = &$this->data;

		}







		$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'aim', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');



		$user = &$this->data;

$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');

		foreach($array as $value)
{
if(!isset($user[$value]))

		foreach($array as $value)
{
if(!isset($user[$value]))

Zeile 1098Zeile 1106

$this->user_insert_data = array(
"username" => $db->escape_string($user['username']),


$this->user_insert_data = array(
"username" => $db->escape_string($user['username']),

			"password" => $user['saltedpw'],

			"password" => $user['password'],

			"salt" => $user['salt'],
"loginkey" => $user['loginkey'],
"email" => $db->escape_string($user['email']),

			"salt" => $user['salt'],
"loginkey" => $user['loginkey'],
"email" => $db->escape_string($user['email']),

Zeile 1115Zeile 1123
			"lastvisit" => (int)$user['lastvisit'],
"website" => $db->escape_string($user['website']),
"icq" => (int)$user['icq'],

			"lastvisit" => (int)$user['lastvisit'],
"website" => $db->escape_string($user['website']),
"icq" => (int)$user['icq'],

			"aim" => $db->escape_string($user['aim']),

 
			"yahoo" => $db->escape_string($user['yahoo']),
"skype" => $db->escape_string($user['skype']),
"google" => $db->escape_string($user['google']),

			"yahoo" => $db->escape_string($user['yahoo']),
"skype" => $db->escape_string($user['skype']),
"google" => $db->escape_string($user['google']),

Zeile 1175Zeile 1182
		{
$this->user_insert_data['dst'] = 1;
}

		{
$this->user_insert_data['dst'] = 1;
}

		else if($user['options']['dstcorrection'] == 0)

		elseif($user['options']['dstcorrection'] == 0)

		{
$this->user_insert_data['dst'] = 0;
}

		{
$this->user_insert_data['dst'] = 0;
}

Zeile 1261Zeile 1268
		{
$this->user_update_data['username'] = $db->escape_string($user['username']);
}

		{
$this->user_update_data['username'] = $db->escape_string($user['username']);
}

		if(isset($user['saltedpw']))





		if(isset($user['password']))
{
$this->user_update_data['password'] = $user['password'];
}
if(isset($user['salt']))

		{

		{

			$this->user_update_data['password'] = $user['saltedpw'];

 
			$this->user_update_data['salt'] = $user['salt'];

			$this->user_update_data['salt'] = $user['salt'];

 
		}
if(isset($user['loginkey']))
{

			$this->user_update_data['loginkey'] = $user['loginkey'];
}
if(isset($user['email']))

			$this->user_update_data['loginkey'] = $user['loginkey'];
}
if(isset($user['email']))

Zeile 1299Zeile 1312
		if(isset($user['usertitle']))
{
$this->user_update_data['usertitle'] = $db->escape_string($user['usertitle']);

		if(isset($user['usertitle']))
{
$this->user_update_data['usertitle'] = $db->escape_string($user['usertitle']);

		}

		}

		if(isset($user['regdate']))
{
$this->user_update_data['regdate'] = (int)$user['regdate'];

		if(isset($user['regdate']))
{
$this->user_update_data['regdate'] = (int)$user['regdate'];

Zeile 1323Zeile 1336
		if(isset($user['icq']))
{
$this->user_update_data['icq'] = (int)$user['icq'];

		if(isset($user['icq']))
{
$this->user_update_data['icq'] = (int)$user['icq'];

		}
if(isset($user['aim']))
{
$this->user_update_data['aim'] = $db->escape_string($user['aim']);

 
		}
if(isset($user['yahoo']))
{

		}
if(isset($user['yahoo']))
{

Zeile 1371Zeile 1380
		if(isset($user['language']))
{
$this->user_update_data['language'] = $db->escape_string($user['language']);

		if(isset($user['language']))
{
$this->user_update_data['language'] = $db->escape_string($user['language']);

		}

		}

		if(isset($user['away']))
{
$this->user_update_data['away'] = (int)$user['away']['away'];

		if(isset($user['away']))
{
$this->user_update_data['away'] = (int)$user['away']['away'];

Zeile 1405Zeile 1414
		if($old_user['pmnotice'] == "2" && $this->user_update_data['pmnotice'] == 1)
{
unset($this->user_update_data['pmnotice']);

		if($old_user['pmnotice'] == "2" && $this->user_update_data['pmnotice'] == 1)
{
unset($this->user_update_data['pmnotice']);

		}


		}


		$plugins->run_hooks("datahandler_user_update", $this);

if(count($this->user_update_data) < 1 && empty($user['user_fields']))

		$plugins->run_hooks("datahandler_user_update", $this);

if(count($this->user_update_data) < 1 && empty($user['user_fields']))

Zeile 1452Zeile 1461
					$user_fields[$field['Field']] = '';
}
$db->insert_query("userfields", $user_fields);

					$user_fields[$field['Field']] = '';
}
$db->insert_query("userfields", $user_fields);

			}

			}

			$db->update_query("userfields", $user['user_fields'], "ufid='{$user['uid']}'", false);
}


			$db->update_query("userfields", $user['user_fields'], "ufid='{$user['uid']}'", false);
}


Zeile 1476Zeile 1485
			{
// User was latest to register, update stats
update_stats(array("numusers" => "+0"));

			{
// User was latest to register, update stats
update_stats(array("numusers" => "+0"));

			}
}


			}
}


		return true;
}

		return true;
}





	/**
* Provides a method to completely delete a user.
*

	/**
* Provides a method to completely delete a user.
*

Zeile 1497Zeile 1506
		if(count($this->get_errors()) > 0)
{
die('The user is not valid.');

		if(count($this->get_errors()) > 0)
{
die('The user is not valid.');

		}

$this->delete_uids = array_map('intval', (array)$delete_uids);


		}

$this->delete_uids = array_map('intval', (array)$delete_uids);


		foreach($this->delete_uids as $key => $uid)
{
if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])

		foreach($this->delete_uids as $key => $uid)
{
if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])

Zeile 1509Zeile 1518
				unset($this->delete_uids[$key]);
}
}

				unset($this->delete_uids[$key]);
}
}





		$plugins->run_hooks('datahandler_user_delete_start', $this);

$this->delete_uids = implode(',', $this->delete_uids);

		$plugins->run_hooks('datahandler_user_delete_start', $this);

$this->delete_uids = implode(',', $this->delete_uids);

Zeile 1522Zeile 1531
			);

return $this->return_values;

			);

return $this->return_values;

		}

$this->delete_content();

		}

$this->delete_content();


// Delete the user
$query = $db->delete_query('users', "uid IN({$this->delete_uids})");


// Delete the user
$query = $db->delete_query('users', "uid IN({$this->delete_uids})");

Zeile 1548Zeile 1557

$db->update_query('privatemessages', array('fromid' => 0), "fromid IN({$this->delete_uids})");
$db->update_query('users', array('referrer' => 0), "referrer IN({$this->delete_uids})");


$db->update_query('privatemessages', array('fromid' => 0), "fromid IN({$this->delete_uids})");
$db->update_query('users', array('referrer' => 0), "referrer IN({$this->delete_uids})");





		// Update thread ratings
$query = $db->query("
SELECT r.*, t.numratings, t.totalratings

		// Update thread ratings
$query = $db->query("
SELECT r.*, t.numratings, t.totalratings

Zeile 1586Zeile 1595
		$cache->update_forumsdisplay();
$cache->update_reportedcontent();
$cache->update_awaitingactivation();

		$cache->update_forumsdisplay();
$cache->update_reportedcontent();
$cache->update_awaitingactivation();

 
		$cache->update_birthdays();


return $this->return_values;
}


return $this->return_values;
}

Zeile 1596Zeile 1606
	 * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)
*/
function delete_content($delete_uids=false)

	 * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)
*/
function delete_content($delete_uids=false)

	{
global $db, $plugins, $mybb;

if($delete_uids != false)
{
$this->delete_uids = array_map('intval', (array)$delete_uids);

foreach($this->delete_uids as $key => $uid)
{
if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])
{

	{
global $db, $plugins, $mybb;

if($delete_uids != false)
{
$this->delete_uids = array_map('intval', (array)$delete_uids);

foreach($this->delete_uids as $key => $uid)
{
if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])
{

					// Remove super admins
unset($this->delete_uids[$key]);
}

					// Remove super admins
unset($this->delete_uids[$key]);
}

Zeile 1650Zeile 1660

// Update the reports made by the deleted users by setting the uid to 0
$db->update_query('reportedcontent', array('uid' => 0), "uid IN({$this->delete_uids})");


// Update the reports made by the deleted users by setting the uid to 0
$db->update_query('reportedcontent', array('uid' => 0), "uid IN({$this->delete_uids})");


// Remove any of the user(s) uploaded avatars
require_once MYBB_ROOT.'inc/functions_upload.php';
foreach(explode(',', $this->delete_uids) as $uid)
{
remove_avatars($uid);
}


// Remove any of the user(s) uploaded avatars
require_once MYBB_ROOT.'inc/functions_upload.php';
foreach(explode(',', $this->delete_uids) as $uid)
{
remove_avatars($uid);
}

	}

/**

	}

/**

Zeile 1665Zeile 1675
	 * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)
*/
function delete_posts($delete_uids=false)

	 * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)
*/
function delete_posts($delete_uids=false)

	{
global $db, $plugins, $mybb;

if($delete_uids != false)
{
$this->delete_uids = array_map('intval', (array)$delete_uids);

foreach($this->delete_uids as $key => $uid)
{
if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])
{
// Remove super admins
unset($this->delete_uids[$key]);
}
}

$this->delete_uids = implode(',', $this->delete_uids);

	{
global $db, $plugins, $mybb;

if($delete_uids != false)
{
$this->delete_uids = array_map('intval', (array)$delete_uids);

foreach($this->delete_uids as $key => $uid)
{
if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])
{
// Remove super admins
unset($this->delete_uids[$key]);
}
}

$this->delete_uids = implode(',', $this->delete_uids);

		}

require_once MYBB_ROOT.'inc/class_moderation.php';
$moderation = new Moderation();

$plugins->run_hooks('datahandler_user_delete_posts', $this);

		}

require_once MYBB_ROOT.'inc/class_moderation.php';
$moderation = new Moderation();

$plugins->run_hooks('datahandler_user_delete_posts', $this);





		if(empty($this->delete_uids))
{
return;

		if(empty($this->delete_uids))
{
return;

Zeile 1697Zeile 1707
		// Threads
$query = $db->simple_select('threads', 'tid', "uid IN({$this->delete_uids})");
while($tid = $db->fetch_field($query, 'tid'))

		// Threads
$query = $db->simple_select('threads', 'tid', "uid IN({$this->delete_uids})");
while($tid = $db->fetch_field($query, 'tid'))

		{

		{

			$moderation->delete_thread($tid);
}


			$moderation->delete_thread($tid);
}


Zeile 1706Zeile 1716
		while($pid = $db->fetch_field($query, 'pid'))
{
$moderation->delete_post($pid);

		while($pid = $db->fetch_field($query, 'pid'))
{
$moderation->delete_post($pid);

		}

		}

	}

/**

	}

/**

Zeile 1740Zeile 1750
			"website" => "",
"birthday" => "",
"icq" => "",

			"website" => "",
"birthday" => "",
"icq" => "",

			"aim" => "",

 
			"yahoo" => "",
"skype" => "",
"google" => "",

			"yahoo" => "",
"skype" => "",
"google" => "",

Zeile 1808Zeile 1817
		)
{
$imgsallowed = 0;

		)
{
$imgsallowed = 0;

			



			if($mybb->settings['sigimgcode'] == 1)
{
$imgsallowed = $mybb->settings['maxsigimages'];

			if($mybb->settings['sigimgcode'] == 1)
{
$imgsallowed = $mybb->settings['maxsigimages'];

Zeile 1819Zeile 1828

if($mybb->settings['sigcountmycode'] == 0)
{


if($mybb->settings['sigcountmycode'] == 0)
{

			$parsed_sig = $parser->text_parse_message($this->data['signature']);

			$parsed_sig = $parser->text_parse_message($this->data['signature'], array('signature_parse' => '1'));

		}
else
{

		}
else
{