Vergleich inc/functions.php - 1.8.18 - 1.8.21

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 624	Zeile 624
// Guests get a special string else {	// Guests get a special string else {
return md5($session->useragent.$mybb->config['database']['username'].$mybb->settings['internal']['encryption_key']);	return md5($session->sid.$mybb->config['database']['username'].$mybb->settings['internal']['encryption_key']);
} }	} }
Zeile 3456	Zeile 3456
{ global $mybb;	{ global $mybb;
$subscription_methods = array('dont', 'none', 'email', 'pm'); // Define methods	$subscription_methods = array('', 'none', 'email', 'pm'); // Define methods
$subscription_method = (int)$mybb->user['subscriptionmethod']; // Set user default // If no user default method available then reset method	$subscription_method = (int)$mybb->user['subscriptionmethod']; // Set user default // If no user default method available then reset method
Zeile 3489	Zeile 3489
$subscription_method = (int)$subscription['notification'] + 1; } }	$subscription_method = (int)$subscription['notification'] + 1; } }

return $subscription_methods[$subscription_method]; }	return $subscription_methods[$subscription_method]; }
Zeile 4839	Zeile 4839
{ $options = array_merge(array( 'minutes' => false,	{ $options = array_merge(array( 'minutes' => false,
'seconds' => false ), $options);	'seconds' => false ), $options);
} elseif($days > 0) {	} elseif($days > 0) {
Zeile 6191	Zeile 6191
{ $query = $db->simple_select("users", "*", "uid = '{$uid}'"); $user_cache[$uid] = $db->fetch_array($query);	{ $query = $db->simple_select("users", "*", "uid = '{$uid}'"); $user_cache[$uid] = $db->fetch_array($query);

return $user_cache[$uid]; } return array();	return $user_cache[$uid]; } return array();
Zeile 6211	Zeile 6211
$username = $db->escape_string(my_strtolower($username)); if(!isset($options['username_method']))	$username = $db->escape_string(my_strtolower($username)); if(!isset($options['username_method']))
{	{
$options['username_method'] = 0; }	$options['username_method'] = 0; }
Zeile 6221	Zeile 6221
case 'mysqli': $field = 'username'; $efield = 'email';	case 'mysqli': $field = 'username'; $efield = 'email';
break; default:	break; default:
$field = 'LOWER(username)'; $efield = 'LOWER(email)'; break;	$field = 'LOWER(username)'; $efield = 'LOWER(email)'; break;
Zeile 6232	Zeile 6232
{ case 1: $sqlwhere = "{$efield}='{$username}'";	{ case 1: $sqlwhere = "{$efield}='{$username}'";
break;	break;
case 2: $sqlwhere = "{$field}='{$username}' OR {$efield}='{$username}'"; break;	case 2: $sqlwhere = "{$field}='{$username}' OR {$efield}='{$username}'"; break;
Zeile 6243	Zeile 6243
$fields = array('uid'); if(isset($options['fields']))	$fields = array('uid'); if(isset($options['fields']))
{	{
$fields = array_merge((array)$options['fields'], $fields);	$fields = array_merge((array)$options['fields'], $fields);
} $query = $db->simple_select('users', implode(',', array_unique($fields)), $sqlwhere, array('limit' => 1));	} $query = $db->simple_select('users', implode(',', array_unique($fields)), $sqlwhere, array('limit' => 1));
if(isset($options['exists'])) { return (bool)$db->num_rows($query);	if(isset($options['exists'])) { return (bool)$db->num_rows($query);
}	}
return $db->fetch_array($query); }	return $db->fetch_array($query); }
Zeile 6275	Zeile 6275
} if(empty($forum_cache[$fid]))	} if(empty($forum_cache[$fid]))
{ return false;	{ return false;
} if($active_override != 1)	} if($active_override != 1)
Zeile 6295	Zeile 6295
} return $forum_cache[$fid];	} return $forum_cache[$fid];
} /**	} /**
* Get the thread of a thread id. * * @param int $tid The thread id of the thread.	* Get the thread of a thread id. * * @param int $tid The thread id of the thread.
Zeile 6308	Zeile 6308
{ global $db; static $thread_cache;	{ global $db; static $thread_cache;

$tid = (int)$tid; if(isset($thread_cache[$tid]) && !$recache)	$tid = (int)$tid; if(isset($thread_cache[$tid]) && !$recache)
Zeile 6359	Zeile 6359
{ $post_cache[$pid] = $post; return $post;	{ $post_cache[$pid] = $post; return $post;
} else	} else
{ $post_cache[$pid] = false; return false;	{ $post_cache[$pid] = false; return false;
Zeile 6380	Zeile 6380
if(!$forum_cache) { cache_forums();	if(!$forum_cache) { cache_forums();
} $inactive = array();	} $inactive = array();
foreach($forum_cache as $fid => $forum) {	foreach($forum_cache as $fid => $forum) {
Zeile 6403	Zeile 6403
return $inactiveforums; }	return $inactiveforums; }

/** * Checks to make sure a user has not tried to login more times than permitted *	/** * Checks to make sure a user has not tried to login more times than permitted *
Zeile 6431	Zeile 6431
} // This user has a cookie lockout, show waiting time elseif($mybb->cookies['lockoutexpiry'] && $mybb->cookies['lockoutexpiry'] > $now)	} // This user has a cookie lockout, show waiting time elseif($mybb->cookies['lockoutexpiry'] && $mybb->cookies['lockoutexpiry'] > $now)
{	{
if($fatal) { $secsleft = (int)($mybb->cookies['lockoutexpiry'] - $now);	if($fatal) { $secsleft = (int)($mybb->cookies['lockoutexpiry'] - $now);
Zeile 6446	Zeile 6446
} if($mybb->settings['failedlogincount'] > 0 && $attempts['loginattempts'] >= $mybb->settings['failedlogincount'])	} if($mybb->settings['failedlogincount'] > 0 && $attempts['loginattempts'] >= $mybb->settings['failedlogincount'])
{	{
// Set the expiry dateline if not set yet if($attempts['loginlockoutexpiry'] == 0) {	// Set the expiry dateline if not set yet if($attempts['loginlockoutexpiry'] == 0) {
Zeile 6472	Zeile 6472
// Are we still locked out? if($attempts['loginlockoutexpiry'] > $now)	// Are we still locked out? if($attempts['loginlockoutexpiry'] > $now)
{	{
if($fatal) { $secsleft = (int)($attempts['loginlockoutexpiry'] - $now); $hoursleft = floor($secsleft / 3600); $minsleft = floor(($secsleft / 60) % 60); $secsleft = floor($secsleft % 60);	if($fatal) { $secsleft = (int)($attempts['loginlockoutexpiry'] - $now); $hoursleft = floor($secsleft / 3600); $minsleft = floor(($secsleft / 60) % 60); $secsleft = floor($secsleft % 60);

error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft)); }	error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft)); }
Zeile 6531	Zeile 6531
$uid_string = ""; if($uid)	$uid_string = ""; if($uid)
{	{
$uid_string = " AND uid != '".(int)$uid."'"; } $query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");	$uid_string = " AND uid != '".(int)$uid."'"; } $query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");
Zeile 6784	Zeile 6784
{ global $cache, $db;	{ global $cache, $db;
$banned_cache = $cache->read("bannedemails");	$banned_cache = $cache->read("bannedemails");
if($banned_cache === false)	if($banned_cache === false)
{	{
// Failed to read cache, see if we can rebuild it $cache->update_bannedemails(); $banned_cache = $cache->read("bannedemails");	// Failed to read cache, see if we can rebuild it $cache->update_bannedemails(); $banned_cache = $cache->read("bannedemails");
Zeile 6796	Zeile 6796
if(is_array($banned_cache) && !empty($banned_cache)) { foreach($banned_cache as $banned_email)	if(is_array($banned_cache) && !empty($banned_cache)) { foreach($banned_cache as $banned_email)
{	{
// Make regular expression * match $banned_email['filter'] = str_replace('\', '(.)', preg_quote($banned_email['filter'], '#'));	// Make regular expression * match $banned_email['filter'] = str_replace('\', '(.)', preg_quote($banned_email['filter'], '#'));
Zeile 6837	Zeile 6837
foreach($banned_ips as $banned_ip) { if(!$banned_ip['filter'])	foreach($banned_ips as $banned_ip) { if(!$banned_ip['filter'])
{	{
continue; }	continue; }
Zeile 6867	Zeile 6867
} // Still here - good ip	} // Still here - good ip
return false; }	return false; }
/** * Returns an array of supported timezones	/** * Returns an array of supported timezones
Zeile 8895	Zeile 8895
} return $values; }	} return $values; }
	} /** * Performs a timing attack safe string comparison. * * @param string $known_string The first string to be compared. * @param string $user_string The second, user-supplied string to be compared. * @return bool Result of the comparison. / function my_hash_equals($known_string, $user_string) { if(version_compare(PHP_VERSION, '5.6.0', '>=')) { return hash_equals($known_string, $user_string); } else { $known_string_length = my_strlen($known_string); $user_string_length = my_strlen($user_string); if($user_string_length != $known_string_length) { return false; } $result = 0; for($i = 0; $i < $known_string_length; $i++) { $result \|= ord($known_string[$i]) ^ ord($user_string[$i]); } return $result === 0; } } /* * Retrieves all referrals for a specified user * * @param int uid * @param int start position * @param int total entries * @param bool false (default) only return display info, true for all info * @return array / function get_user_referrals($uid, $start=0, $limit=0, $full=false) { global $db; $referrals = $query_options = array(); $uid = (int) $uid; if($uid === 0) { return $referrals; } if($start && $limit) { $query_options['limit_start'] = $start; } if($limit) { $query_options['limit'] = $limit; } $fields = 'uid, username, usergroup, displaygroup, regdate'; if($full === true) { $fields = ''; } $query = $db->simple_select('users', $fields, "referrer='{$uid}'", $query_options); while($referral = $db->fetch_array($query)) { $referrals[] = $referral; } return $referrals;
}	}