Vergleich inc/datahandlers/user.php - 1.8.10 - 1.8.18

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 187Zeile 187
		}

// Has the user tried to use their email address or username as a password?

		}

// Has the user tried to use their email address or username as a password?

		if($user['email'] === $user['password'] || $user['username'] === $user['password'])

		if(!empty($user['email']) && !empty($user['username']))

		{

		{

			$this->set_error('bad_password_security');
return false;






			if($user['email'] === $user['password'] || $user['username'] === $user['password']
|| strpos($user['password'], $user['email']) !== false || strpos($user['password'], $user['username']) !== false
|| strpos($user['email'], $user['password']) !== false || strpos($user['username'], $user['password']) !== false)
{
$this->set_error('bad_password_security');
return false;
}

		}

// See if the board has "require complex passwords" enabled.

		}

// See if the board has "require complex passwords" enabled.

Zeile 203Zeile 208
				$this->set_error('no_complex_characters', array($mybb->settings['minpasswordlength']));
return false;
}

				$this->set_error('no_complex_characters', array($mybb->settings['minpasswordlength']));
return false;
}

		}

		}


// If we have a "password2" check if they both match
if(isset($user['password2']) && $user['password'] !== $user['password2'])


// If we have a "password2" check if they both match
if(isset($user['password2']) && $user['password'] !== $user['password2'])

Zeile 211Zeile 216
			$this->set_error("passwords_dont_match");
return false;
}

			$this->set_error("passwords_dont_match");
return false;
}


// Generate our salt
$user['salt'] = generate_salt();

// Combine the password and salt
$user['saltedpw'] = create_password_hash($user['password'], $user['salt'], $user);

 

// Generate the user login key
$user['loginkey'] = generate_loginkey();


// Generate the user login key
$user['loginkey'] = generate_loginkey();

 

// Combine the password and salt
$password_fields = create_password($user['password'], false, $user);
$user = array_merge($user, $password_fields);


return true;
}


return true;
}

Zeile 378Zeile 381
			$this->set_error("invalid_birthday");
return false;
}

			$this->set_error("invalid_birthday");
return false;
}

		else if($birthday['year'] == date("Y"))

		elseif($birthday['year'] == date("Y"))

		{
// Error if birth date is in future
if($birthday['month'] > date("m") || ($birthday['month'] == date("m") && $birthday['day'] > date("d")))

		{
// Error if birth date is in future
if($birthday['month'] > date("m") || ($birthday['month'] == date("m") && $birthday['day'] > date("d")))

Zeile 470Zeile 473
		if(isset($user['threadnum']) && $user['threadnum'] < 0)
{
$this->set_error("invalid_threadnum");

		if(isset($user['threadnum']) && $user['threadnum'] < 0)
{
$this->set_error("invalid_threadnum");

			return false;
}

return true;
}

			return false;
}

return true;
}


/**
* Verifies if a profile fields are filled in correctly.


/**
* Verifies if a profile fields are filled in correctly.

Zeile 492Zeile 495

// Fetch all profile fields first.
$pfcache = $cache->read('profilefields');


// Fetch all profile fields first.
$pfcache = $cache->read('profilefields');





		if(is_array($pfcache))
{
// Then loop through the profile fields.

		if(is_array($pfcache))
{
// Then loop through the profile fields.

Zeile 527Zeile 530

// If the profile field is required, but not filled in, present error.
if($type != "multiselect" && $type != "checkbox")


// If the profile field is required, but not filled in, present error.
if($type != "multiselect" && $type != "checkbox")

				{

				{

					if(trim($profile_fields[$field]) == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP') && THIS_SCRIPT != "modcp.php")
{
$this->set_error('missing_required_profile_field', array($profilefield['name']));

					if(trim($profile_fields[$field]) == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP') && THIS_SCRIPT != "modcp.php")
{
$this->set_error('missing_required_profile_field', array($profilefield['name']));

Zeile 562Zeile 565
					$expoptions = explode("\n", $thing[1]);
$expoptions = array_map('trim', $expoptions);
if(!in_array(htmlspecialchars_uni($profile_fields[$field]), $expoptions) && trim($profile_fields[$field]) != "")

					$expoptions = explode("\n", $thing[1]);
$expoptions = array_map('trim', $expoptions);
if(!in_array(htmlspecialchars_uni($profile_fields[$field]), $expoptions) && trim($profile_fields[$field]) != "")

					{

					{

						$this->set_error('bad_profile_field_values', array($profilefield['name']));
}
$options = $db->escape_string($profile_fields[$field]);

						$this->set_error('bad_profile_field_values', array($profilefield['name']));
}
$options = $db->escape_string($profile_fields[$field]);

Zeile 574Zeile 577
						$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
}


						$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
}


					if(!empty($profilefield['regex']) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))

					if(!empty($profilefield['regex']) && !empty($profile_fields[$field]) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))

					{
$this->set_error('bad_profile_field_value', array($profilefield['name']));
}

					{
$this->set_error('bad_profile_field_value', array($profilefield['name']));
}

Zeile 598Zeile 601
		global $db, $mybb;

$user = &$this->data;

		global $db, $mybb;

$user = &$this->data;





		// Does the referrer exist or not?
if($mybb->settings['usereferrals'] == 1 && $user['referrer'] != '')

		// Does the referrer exist or not?
if($mybb->settings['usereferrals'] == 1 && $user['referrer'] != '')

		{

		{

			$referrer = get_user_by_username($user['referrer']);

if(empty($referrer['uid']))

			$referrer = get_user_by_username($user['referrer']);

if(empty($referrer['uid']))

Zeile 611Zeile 614
			}

$user['referrer_uid'] = $referrer['uid'];

			}

$user['referrer_uid'] = $referrer['uid'];

		}
else
{
$user['referrer_uid'] = 0;
}

		}
else
{
$user['referrer_uid'] = 0;
}


return true;
}


return true;
}

Zeile 666Zeile 669
			if($options['subscriptionmethod'] < 0 || $options['subscriptionmethod'] > 3)
{
$options['subscriptionmethod'] = 0;

			if($options['subscriptionmethod'] < 0 || $options['subscriptionmethod'] > 3)
{
$options['subscriptionmethod'] = 0;

			}
}


			}
}


		if(array_key_exists('dstcorrection', $options))
{
// Value out of range

		if(array_key_exists('dstcorrection', $options))
{
// Value out of range

Zeile 677Zeile 680
			{
$options['dstcorrection'] = 0;
}

			{
$options['dstcorrection'] = 0;
}

		}

		}


if($options['dstcorrection'] == 1)
{
$options['dst'] = 1;
}


if($options['dstcorrection'] == 1)
{
$options['dst'] = 1;
}

		else if($options['dstcorrection'] == 0)

		elseif($options['dstcorrection'] == 0)

		{
$options['dst'] = 0;

		{
$options['dst'] = 0;

		}

		}


if($this->method == "insert" || (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded"))


if($this->method == "insert" || (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded"))

		{

		{

			if($mybb->settings['threadusenetstyle'])

			if($mybb->settings['threadusenetstyle'])

			{

			{

				$options['threadmode'] = 'threaded';

				$options['threadmode'] = 'threaded';

			}

			}

			else
{
$options['threadmode'] = 'linear';

			else
{
$options['threadmode'] = 'linear';

Zeile 704Zeile 707
		if($this->method == "insert" || (array_key_exists('tpp', $options) && $mybb->settings['usertppoptions']))
{
if(!isset($options['tpp']))

		if($this->method == "insert" || (array_key_exists('tpp', $options) && $mybb->settings['usertppoptions']))
{
if(!isset($options['tpp']))

			{

			{

				$options['tpp'] = 0;
}
$explodedtpp = explode(",", $mybb->settings['usertppoptions']);

				$options['tpp'] = 0;
}
$explodedtpp = explode(",", $mybb->settings['usertppoptions']);

Zeile 739Zeile 742
				}
}
$options['ppp'] = (int)$options['ppp'];

				}
}
$options['ppp'] = (int)$options['ppp'];

		}

		}

		// Is our selected "days prune" option valid or not?
if($this->method == "insert" || array_key_exists('daysprune', $options))
{
if(!isset($options['daysprune']))

		// Is our selected "days prune" option valid or not?
if($this->method == "insert" || array_key_exists('daysprune', $options))
{
if(!isset($options['daysprune']))

			{
$options['daysprune'] = 0;
}

			{
$options['daysprune'] = 0;
}

			$options['daysprune'] = (int)$options['daysprune'];
if($options['daysprune'] < 0)
{

			$options['daysprune'] = (int)$options['daysprune'];
if($options['daysprune'] < 0)
{

Zeile 754Zeile 757
			}
}
$this->data['options'] = $options;

			}
}
$this->data['options'] = $options;

	}

/**

	}

/**

	 * Verifies if a registration date is valid or not.
*
* @return boolean True when valid, false when invalid.

	 * Verifies if a registration date is valid or not.
*
* @return boolean True when valid, false when invalid.

Zeile 770Zeile 773
		if($regdate <= 0)
{
$regdate = TIME_NOW;

		if($regdate <= 0)
{
$regdate = TIME_NOW;

		}
return true;
}

/**

		}
return true;
}

/**

	 * Verifies if a last visit date is valid or not.
*
* @return boolean True when valid, false when invalid.

	 * Verifies if a last visit date is valid or not.
*
* @return boolean True when valid, false when invalid.

Zeile 788Zeile 791
		if($lastvisit <= 0)
{
$lastvisit = TIME_NOW;

		if($lastvisit <= 0)
{
$lastvisit = TIME_NOW;

		}
return true;

}

		}
return true;

}


/**
* Verifies if a last active date is valid or not.


/**
* Verifies if a last active date is valid or not.

Zeile 807Zeile 810
		if($lastactive <= 0)
{
$lastactive = TIME_NOW;

		if($lastactive <= 0)
{
$lastactive = TIME_NOW;

		}
return true;


		}
return true;


	}

/**

	}

/**

Zeile 831Zeile 834
			$user['away']['awayreason'] = '';
return true;
}

			$user['away']['awayreason'] = '';
return true;
}

		else if($user['away']['returndate'])

		elseif($user['away']['returndate'])

		{

		{

 
			// Validate the awayreason length, since the db holds 200 chars for this field
$reasonlength = my_strlen($user['away']['awayreason']);
if($reasonlength > 200)
{
$this->set_error("away_too_long", array($reasonlength - 200));
return false;
}


			list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']);
if(!$returnday || !$returnmonth || !$returnyear)
{

			list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']);
if(!$returnday || !$returnmonth || !$returnyear)
{

Zeile 842Zeile 853

// Validate the return date lengths
$user['away']['returndate'] = substr($returnday, 0, 2).'-'.substr($returnmonth, 0, 2).'-'.substr($returnyear, 0, 4);


// Validate the return date lengths
$user['away']['returndate'] = substr($returnday, 0, 2).'-'.substr($returnmonth, 0, 2).'-'.substr($returnyear, 0, 4);

		}
return true;
}


		}
return true;
}


	/**
* Verifies if a language is valid for this user or not.
*

	/**
* Verifies if a language is valid for this user or not.
*

Zeile 854Zeile 865
	function verify_language()
{
global $lang;

	function verify_language()
{
global $lang;





		$language = &$this->data['language'];

// An invalid language has been specified?

		$language = &$this->data['language'];

// An invalid language has been specified?

Zeile 862Zeile 873
		{
$this->set_error("invalid_language");
return false;

		{
$this->set_error("invalid_language");
return false;

		}

		}

		return true;
}

		return true;
}





	/**
* Verifies if a style is valid for this user or not.
*

	/**
* Verifies if a style is valid for this user or not.
*

Zeile 874Zeile 885
	function verify_style()
{
global $lang;

	function verify_style()
{
global $lang;





		$user = &$this->data;

if($user['style'])
{
$theme = get_theme($user['style']);

		$user = &$this->data;

if($user['style'])
{
$theme = get_theme($user['style']);





			if(empty($theme) || !is_member($theme['allowedgroups'], $user) && $theme['allowedgroups'] != 'all')
{
$this->set_error('invalid_style');
return false;
}
}

			if(empty($theme) || !is_member($theme['allowedgroups'], $user) && $theme['allowedgroups'] != 'all')
{
$this->set_error('invalid_style');
return false;
}
}





		return true;
}


		return true;
}


Zeile 897Zeile 908
	 * @return boolean True when valid, false when invalid.
*/
function verify_checkfields()

	 * @return boolean True when valid, false when invalid.
*/
function verify_checkfields()

	{

	{

		$user = &$this->data;

// An invalid language has been specified?

		$user = &$this->data;

// An invalid language has been specified?

Zeile 917Zeile 928
	 */
function verify_timezone()
{

	 */
function verify_timezone()
{

		global $mybb;


 
		$user = &$this->data;

$timezones = get_supported_timezones();

		$user = &$this->data;

$timezones = get_supported_timezones();

Zeile 950Zeile 959
		}

if($this->method == "insert" || array_key_exists('username', $user))

		}

if($this->method == "insert" || array_key_exists('username', $user))

		{

		{

			// If the username is the same - no need to verify
if(!isset($old_user['username']) || $user['username'] != $old_user['username'])
{
$this->verify_username();
$this->verify_username_exists();

			// If the username is the same - no need to verify
if(!isset($old_user['username']) || $user['username'] != $old_user['username'])
{
$this->verify_username();
$this->verify_username_exists();

			}

			}

			else
{
unset($user['username']);

			else
{
unset($user['username']);

Zeile 967Zeile 976
			$this->verify_usertitle();
}
if($this->method == "insert" || array_key_exists('password', $user))

			$this->verify_usertitle();
}
if($this->method == "insert" || array_key_exists('password', $user))

		{

		{

			$this->verify_password();

			$this->verify_password();

		}

		}

		if($this->method == "insert" || array_key_exists('usergroup', $user))

		if($this->method == "insert" || array_key_exists('usergroup', $user))

		{

		{

			$this->verify_usergroup();

			$this->verify_usergroup();

		}

		}

		if($this->method == "insert" || array_key_exists('email', $user))

		if($this->method == "insert" || array_key_exists('email', $user))

		{

		{

			$this->verify_email();
}
if($this->method == "insert" || array_key_exists('website', $user))

			$this->verify_email();
}
if($this->method == "insert" || array_key_exists('website', $user))

Zeile 985Zeile 994
		if($this->method == "insert" || array_key_exists('icq', $user))
{
$this->verify_icq();

		if($this->method == "insert" || array_key_exists('icq', $user))
{
$this->verify_icq();

		}

		}

		if($this->method == "insert" || (isset($user['birthday']) && is_array($user['birthday'])))
{
$this->verify_birthday();

		if($this->method == "insert" || (isset($user['birthday']) && is_array($user['birthday'])))
{
$this->verify_birthday();

Zeile 1019Zeile 1028
			$this->verify_lastvisit();
}
if($this->method == "insert" || array_key_exists('lastactive', $user))

			$this->verify_lastvisit();
}
if($this->method == "insert" || array_key_exists('lastactive', $user))

		{

		{

			$this->verify_lastactive();
}
if($this->method == "insert" || array_key_exists('away', $user))

			$this->verify_lastactive();
}
if($this->method == "insert" || array_key_exists('away', $user))

Zeile 1037Zeile 1046
		if($this->method == "insert" && array_key_exists('regcheck1', $user) && array_key_exists('regcheck2', $user))
{
$this->verify_checkfields();

		if($this->method == "insert" && array_key_exists('regcheck1', $user) && array_key_exists('regcheck2', $user))
{
$this->verify_checkfields();

		}

		}

		if(array_key_exists('birthdayprivacy', $user))

		if(array_key_exists('birthdayprivacy', $user))

		{

		{

			$this->verify_birthday_privacy();
}
if($this->method == "insert" || array_key_exists('style', $user))
{
$this->verify_style();

			$this->verify_birthday_privacy();
}
if($this->method == "insert" || array_key_exists('style', $user))
{
$this->verify_style();

		}

		}

		if($this->method == "insert" || array_key_exists('signature', $user))
{
$this->verify_signature();

		if($this->method == "insert" || array_key_exists('signature', $user))
{
$this->verify_signature();

		}

$plugins->run_hooks("datahandler_user_validate", $this);


		}

$plugins->run_hooks("datahandler_user_validate", $this);


		// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)

		// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)

Zeile 1086Zeile 1095

$user = &$this->data;



$user = &$this->data;


		$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'aim', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');

		$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');

		foreach($array as $value)
{
if(!isset($user[$value]))

		foreach($array as $value)
{
if(!isset($user[$value]))

Zeile 1097Zeile 1106

$this->user_insert_data = array(
"username" => $db->escape_string($user['username']),


$this->user_insert_data = array(
"username" => $db->escape_string($user['username']),

			"password" => $user['saltedpw'],

			"password" => $user['password'],

			"salt" => $user['salt'],
"loginkey" => $user['loginkey'],
"email" => $db->escape_string($user['email']),

			"salt" => $user['salt'],
"loginkey" => $user['loginkey'],
"email" => $db->escape_string($user['email']),

Zeile 1114Zeile 1123
			"lastvisit" => (int)$user['lastvisit'],
"website" => $db->escape_string($user['website']),
"icq" => (int)$user['icq'],

			"lastvisit" => (int)$user['lastvisit'],
"website" => $db->escape_string($user['website']),
"icq" => (int)$user['icq'],

			"aim" => $db->escape_string($user['aim']),

 
			"yahoo" => $db->escape_string($user['yahoo']),
"skype" => $db->escape_string($user['skype']),
"google" => $db->escape_string($user['google']),

			"yahoo" => $db->escape_string($user['yahoo']),
"skype" => $db->escape_string($user['skype']),
"google" => $db->escape_string($user['google']),

Zeile 1174Zeile 1182
		{
$this->user_insert_data['dst'] = 1;
}

		{
$this->user_insert_data['dst'] = 1;
}

		else if($user['options']['dstcorrection'] == 0)

		elseif($user['options']['dstcorrection'] == 0)

		{
$this->user_insert_data['dst'] = 0;
}

		{
$this->user_insert_data['dst'] = 0;
}

Zeile 1260Zeile 1268
		{
$this->user_update_data['username'] = $db->escape_string($user['username']);
}

		{
$this->user_update_data['username'] = $db->escape_string($user['username']);
}

		if(isset($user['saltedpw']))





		if(isset($user['password']))
{
$this->user_update_data['password'] = $user['password'];
}
if(isset($user['salt']))

		{

		{

			$this->user_update_data['password'] = $user['saltedpw'];

 
			$this->user_update_data['salt'] = $user['salt'];

			$this->user_update_data['salt'] = $user['salt'];

 
		}
if(isset($user['loginkey']))
{

			$this->user_update_data['loginkey'] = $user['loginkey'];
}
if(isset($user['email']))

			$this->user_update_data['loginkey'] = $user['loginkey'];
}
if(isset($user['email']))

Zeile 1308Zeile 1322
			$this->user_update_data['lastactive'] = (int)$user['lastactive'];
}
if(isset($user['lastvisit']))

			$this->user_update_data['lastactive'] = (int)$user['lastactive'];
}
if(isset($user['lastvisit']))

		{

		{

			$this->user_update_data['lastvisit'] = (int)$user['lastvisit'];

			$this->user_update_data['lastvisit'] = (int)$user['lastvisit'];

		}

		}

		if(isset($user['signature']))
{
$this->user_update_data['signature'] = $db->escape_string($user['signature']);
}
if(isset($user['website']))

		if(isset($user['signature']))
{
$this->user_update_data['signature'] = $db->escape_string($user['signature']);
}
if(isset($user['website']))

		{

		{

			$this->user_update_data['website'] = $db->escape_string($user['website']);

			$this->user_update_data['website'] = $db->escape_string($user['website']);

		}

		}

		if(isset($user['icq']))

		if(isset($user['icq']))

		{

		{

			$this->user_update_data['icq'] = (int)$user['icq'];

			$this->user_update_data['icq'] = (int)$user['icq'];

		}
if(isset($user['aim']))
{
$this->user_update_data['aim'] = $db->escape_string($user['aim']);

 
		}
if(isset($user['yahoo']))
{

		}
if(isset($user['yahoo']))
{

Zeile 1585Zeile 1595
		$cache->update_forumsdisplay();
$cache->update_reportedcontent();
$cache->update_awaitingactivation();

		$cache->update_forumsdisplay();
$cache->update_reportedcontent();
$cache->update_awaitingactivation();

 
		$cache->update_birthdays();


return $this->return_values;
}


return $this->return_values;
}

Zeile 1739Zeile 1750
			"website" => "",
"birthday" => "",
"icq" => "",

			"website" => "",
"birthday" => "",
"icq" => "",

			"aim" => "",

 
			"yahoo" => "",
"skype" => "",
"google" => "",

			"yahoo" => "",
"skype" => "",
"google" => "",

Zeile 1818Zeile 1828

if($mybb->settings['sigcountmycode'] == 0)
{


if($mybb->settings['sigcountmycode'] == 0)
{

			$parsed_sig = $parser->text_parse_message($this->data['signature']);

			$parsed_sig = $parser->text_parse_message($this->data['signature'], array('signature_parse' => '1'));

		}
else
{

		}
else
{