Vergleich inc/datahandlers/user.php - 1.8.11 - 1.8.19

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 187	Zeile 187
} // Has the user tried to use their email address or username as a password?	} // Has the user tried to use their email address or username as a password?
if($user['email'] === $user['password'] \|\| $user['username'] === $user['password'])	if(!empty($user['email']) && !empty($user['username']))
{	{
$this->set_error('bad_password_security'); return false;	if($user['email'] === $user['password'] \|\| $user['username'] === $user['password'] \|\| strpos($user['password'], $user['email']) !== false \|\| strpos($user['password'], $user['username']) !== false \|\| strpos($user['email'], $user['password']) !== false \|\| strpos($user['username'], $user['password']) !== false) { $this->set_error('bad_password_security'); return false; }
} // See if the board has "require complex passwords" enabled.	} // See if the board has "require complex passwords" enabled.
Zeile 218	Zeile 223
// Combine the password and salt $password_fields = create_password($user['password'], false, $user); $user = array_merge($user, $password_fields);	// Combine the password and salt $password_fields = create_password($user['password'], false, $user); $user = array_merge($user, $password_fields);
return true; } /**	return true; } /**
* Verifies usergroup selections and other group details.	* Verifies usergroup selections and other group details.
* * @return boolean True when valid, false when invalid.	* * @return boolean True when valid, false when invalid.
*/ function verify_usergroup() {	*/ function verify_usergroup() {
Zeile 239	Zeile 244
function verify_email() { global $mybb;	function verify_email() { global $mybb;
$user = &$this->data;	$user = &$this->data;
// Check if an email address has actually been entered. if(trim_blank_chrs($user['email']) == '')	// Check if an email address has actually been entered. if(trim_blank_chrs($user['email']) == '')
Zeile 306	Zeile 311
if(!empty($website) && !my_validate_url($website)) { $this->set_error('invalid_website');	if(!empty($website) && !my_validate_url($website)) { $this->set_error('invalid_website');
return false; } return true; } /**	return false; } return true; } /**
* Verifies if an ICQ number is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if an ICQ number is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 320	Zeile 325
function verify_icq() { $icq = &$this->data['icq'];	function verify_icq() { $icq = &$this->data['icq'];

if($icq != '' && !is_numeric($icq)) { $this->set_error("invalid_icq_number"); return false; } $icq = (int)$icq;	if($icq != '' && !is_numeric($icq)) { $this->set_error("invalid_icq_number"); return false; } $icq = (int)$icq;
return true; } /**	return true; } /**
* Verifies if a birthday is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if a birthday is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 356	Zeile 361
if($birthday['day'] != 0 \|\| $birthday['month'] != 0) { if($birthday['day'] < 1 \|\| $birthday['day'] > 31 \|\| $birthday['month'] < 1 \|\| $birthday['month'] > 12 \|\| ($birthday['month'] == 2 && $birthday['day'] > 29))	if($birthday['day'] != 0 \|\| $birthday['month'] != 0) { if($birthday['day'] < 1 \|\| $birthday['day'] > 31 \|\| $birthday['month'] < 1 \|\| $birthday['month'] > 12 \|\| ($birthday['month'] == 2 && $birthday['day'] > 29))
{ $this->set_error("invalid_birthday"); return false; } }	{ $this->set_error("invalid_birthday"); return false; } }
// Check if the day actually exists. $months = get_bdays($birthday['year']); if($birthday['month'] != 0 && $birthday['day'] > $months[$birthday['month']-1])	// Check if the day actually exists. $months = get_bdays($birthday['year']); if($birthday['month'] != 0 && $birthday['day'] > $months[$birthday['month']-1])
Zeile 376	Zeile 381
$this->set_error("invalid_birthday"); return false; }	$this->set_error("invalid_birthday"); return false; }
else if($birthday['year'] == date("Y"))	elseif($birthday['year'] == date("Y"))
{ // Error if birth date is in future if($birthday['month'] > date("m") \|\| ($birthday['month'] == date("m") && $birthday['day'] > date("d")))	{ // Error if birth date is in future if($birthday['month'] > date("m") \|\| ($birthday['month'] == date("m") && $birthday['day'] > date("d")))
Zeile 395	Zeile 400
elseif(($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) && !is_moderator()) { $this->set_error("invalid_birthday_coppa2");	elseif(($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) && !is_moderator()) { $this->set_error("invalid_birthday_coppa2");
return false; }	return false; }
// Make the user's birthday field if($birthday['year'] != 0) { // If the year is specified, put together a d-m-y string $user['bday'] = $birthday['day']."-".$birthday['month']."-".$birthday['year'];	// Make the user's birthday field if($birthday['year'] != 0) { // If the year is specified, put together a d-m-y string $user['bday'] = $birthday['day']."-".$birthday['month']."-".$birthday['year'];
}	}
elseif($birthday['day'] && $birthday['month']) { // If only a day and month are specified, put together a d-m string $user['bday'] = $birthday['day']."-".$birthday['month']."-";	elseif($birthday['day'] && $birthday['month']) { // If only a day and month are specified, put together a d-m string $user['bday'] = $birthday['day']."-".$birthday['month']."-";
}	}
else { // No field is specified, so return an empty string for an unknown birthday $user['bday'] = '';	else { // No field is specified, so return an empty string for an unknown birthday $user['bday'] = '';
} return true; }	} return true; }
/** * Verifies if the birthday privacy option is valid or not.	/** * Verifies if the birthday privacy option is valid or not.
Zeile 450	Zeile 455
if(isset($user['postnum']) && $user['postnum'] < 0) { $this->set_error("invalid_postnum");	if(isset($user['postnum']) && $user['postnum'] < 0) { $this->set_error("invalid_postnum");
return false; } return true; }	return false; } return true; }
/** * Verifies if the thread count field is filled in correctly. *	/** * Verifies if the thread count field is filled in correctly. *
Zeile 468	Zeile 473
if(isset($user['threadnum']) && $user['threadnum'] < 0) { $this->set_error("invalid_threadnum");	if(isset($user['threadnum']) && $user['threadnum'] < 0) { $this->set_error("invalid_threadnum");
return false; } return true; }	return false; } return true; }
/** * Verifies if a profile fields are filled in correctly.	/** * Verifies if a profile fields are filled in correctly.
Zeile 485	Zeile 490
$user = &$this->data; $profile_fields = &$this->data['profile_fields'];	$user = &$this->data; $profile_fields = &$this->data['profile_fields'];

// Loop through profile fields checking if they exist or not and are filled in.	// Loop through profile fields checking if they exist or not and are filled in.

// Fetch all profile fields first. $pfcache = $cache->read('profilefields');	// Fetch all profile fields first. $pfcache = $cache->read('profilefields');
Zeile 497	Zeile 502
foreach($pfcache as $profilefield) { if(isset($this->data['profile_fields_editable']) \|\| isset($this->data['registration']) && ($profilefield['required'] == 1 \|\| $profilefield['registration'] == 1))	foreach($pfcache as $profilefield) { if(isset($this->data['profile_fields_editable']) \|\| isset($this->data['registration']) && ($profilefield['required'] == 1 \|\| $profilefield['registration'] == 1))
{	{
$profilefield['editableby'] = -1; } if(!is_member($profilefield['editableby'], array('usergroup' => $user['usergroup'], 'additionalgroups' => $user['additionalgroups'])))	$profilefield['editableby'] = -1; } if(!is_member($profilefield['editableby'], array('usergroup' => $user['usergroup'], 'additionalgroups' => $user['additionalgroups'])))
{	{
continue; }	continue; }
Zeile 572	Zeile 577
$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength'])); }	$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength'])); }
if(!empty($profilefield['regex']) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))	if(!empty($profilefield['regex']) && !empty($profile_fields[$field]) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))
{ $this->set_error('bad_profile_field_value', array($profilefield['name'])); }	{ $this->set_error('bad_profile_field_value', array($profilefield['name'])); }
Zeile 609	Zeile 614
} $user['referrer_uid'] = $referrer['uid'];	} $user['referrer_uid'] = $referrer['uid'];
} else { $user['referrer_uid'] = 0; }	} else { $user['referrer_uid'] = 0; }
return true; }	return true; }
Zeile 681	Zeile 686
{ $options['dst'] = 1; }	{ $options['dst'] = 1; }
else if($options['dstcorrection'] == 0)	elseif($options['dstcorrection'] == 0)
{ $options['dst'] = 0; }	{ $options['dst'] = 0; }
Zeile 704	Zeile 709
if(!isset($options['tpp'])) { $options['tpp'] = 0;	if(!isset($options['tpp'])) { $options['tpp'] = 0;
}	}
$explodedtpp = explode(",", $mybb->settings['usertppoptions']); if(is_array($explodedtpp)) {	$explodedtpp = explode(",", $mybb->settings['usertppoptions']); if(is_array($explodedtpp)) {
Zeile 756	Zeile 761
/** * Verifies if a registration date is valid or not.	/** * Verifies if a registration date is valid or not.
*	*
* @return boolean True when valid, false when invalid. */ function verify_regdate()	* @return boolean True when valid, false when invalid. */ function verify_regdate()
Zeile 766	Zeile 771
$regdate = (int)$regdate; // If the timestamp is below 0, set it to the current time. if($regdate <= 0)	$regdate = (int)$regdate; // If the timestamp is below 0, set it to the current time. if($regdate <= 0)
{	{
$regdate = TIME_NOW; } return true;	$regdate = TIME_NOW; } return true;
Zeile 774	Zeile 779
/** * Verifies if a last visit date is valid or not.	/** * Verifies if a last visit date is valid or not.
* * @return boolean True when valid, false when invalid.	* * @return boolean True when valid, false when invalid.
*/ function verify_lastvisit() {	*/ function verify_lastvisit() {
Zeile 784	Zeile 789
$lastvisit = (int)$lastvisit; // If the timestamp is below 0, set it to the current time. if($lastvisit <= 0)	$lastvisit = (int)$lastvisit; // If the timestamp is below 0, set it to the current time. if($lastvisit <= 0)
{	{
$lastvisit = TIME_NOW; } return true;	$lastvisit = TIME_NOW; } return true;

} /** * Verifies if a last active date is valid or not.	} /** * Verifies if a last active date is valid or not.
*	*
* @return boolean True when valid, false when invalid. */ function verify_lastactive()	* @return boolean True when valid, false when invalid. */ function verify_lastactive()
Zeile 829	Zeile 834
$user['away']['awayreason'] = ''; return true; }	$user['away']['awayreason'] = ''; return true; }
else if($user['away']['returndate'])	elseif($user['away']['returndate'])
{	{
	// Validate the awayreason length, since the db holds 200 chars for this field $reasonlength = my_strlen($user['away']['awayreason']); if($reasonlength > 200) { $this->set_error("away_too_long", array($reasonlength - 200)); return false; }
list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']); if(!$returnday \|\| !$returnmonth \|\| !$returnyear) {	list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']); if(!$returnday \|\| !$returnmonth \|\| !$returnyear) {
Zeile 1039	Zeile 1052
$this->verify_birthday_privacy(); } if($this->method == "insert" \|\| array_key_exists('style', $user))	$this->verify_birthday_privacy(); } if($this->method == "insert" \|\| array_key_exists('style', $user))
{	{
$this->verify_style(); } if($this->method == "insert" \|\| array_key_exists('signature', $user))	$this->verify_style(); } if($this->method == "insert" \|\| array_key_exists('signature', $user))
Zeile 1082	Zeile 1095
$user = &$this->data;	$user = &$this->data;
$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'aim', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');	$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');
foreach($array as $value) { if(!isset($user[$value]))	foreach($array as $value) { if(!isset($user[$value]))
Zeile 1110	Zeile 1123
"lastvisit" => (int)$user['lastvisit'], "website" => $db->escape_string($user['website']), "icq" => (int)$user['icq'],	"lastvisit" => (int)$user['lastvisit'], "website" => $db->escape_string($user['website']), "icq" => (int)$user['icq'],
"aim" => $db->escape_string($user['aim']),
"yahoo" => $db->escape_string($user['yahoo']), "skype" => $db->escape_string($user['skype']), "google" => $db->escape_string($user['google']),	"yahoo" => $db->escape_string($user['yahoo']), "skype" => $db->escape_string($user['skype']), "google" => $db->escape_string($user['google']),
Zeile 1170	Zeile 1182
{ $this->user_insert_data['dst'] = 1; }	{ $this->user_insert_data['dst'] = 1; }
else if($user['options']['dstcorrection'] == 0)	elseif($user['options']['dstcorrection'] == 0)
{ $this->user_insert_data['dst'] = 0; }	{ $this->user_insert_data['dst'] = 0; }
Zeile 1270	Zeile 1282
} if(isset($user['email'])) {	} if(isset($user['email'])) {
$this->user_update_data['email'] = $user['email'];	$this->user_update_data['email'] = $db->escape_string($user['email']);
} if(isset($user['postnum'])) {	} if(isset($user['postnum'])) {
Zeile 1324	Zeile 1336
if(isset($user['icq'])) { $this->user_update_data['icq'] = (int)$user['icq'];	if(isset($user['icq'])) { $this->user_update_data['icq'] = (int)$user['icq'];
} if(isset($user['aim'])) { $this->user_update_data['aim'] = $db->escape_string($user['aim']);
} if(isset($user['yahoo'])) {	} if(isset($user['yahoo'])) {
Zeile 1742	Zeile 1750
"website" => "", "birthday" => "", "icq" => "",	"website" => "", "birthday" => "", "icq" => "",
"aim" => "",
"yahoo" => "", "skype" => "", "google" => "",	"yahoo" => "", "skype" => "", "google" => "",
Zeile 1821	Zeile 1828
if($mybb->settings['sigcountmycode'] == 0) {	if($mybb->settings['sigcountmycode'] == 0) {
$parsed_sig = $parser->text_parse_message($this->data['signature']);	$parsed_sig = $parser->text_parse_message($this->data['signature'], array('signature_parse' => '1'));
} else {	} else {