Vergleich usercp.php - 1.8.1 - 1.8.22

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 10Zeile 10

define("IN_MYBB", 1);
define('THIS_SCRIPT', 'usercp.php');


define("IN_MYBB", 1);
define('THIS_SCRIPT', 'usercp.php');

 
define("ALLOWABLE_PAGE", "removesubscription,removesubscriptions");


$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";


$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";

Zeile 17Zeile 18
$templatelist .= ",usercp_attachments_attachment,usercp_attachments,usercp_profile_away,usercp_profile_customfield,usercp_profile_profilefields,usercp_profile_customtitle,usercp_forumsubscriptions_none,usercp_profile_customtitle_currentcustom";
$templatelist .= ",usercp_forumsubscriptions,usercp_subscriptions_none,usercp_subscriptions,usercp_options_pms_from_buddys,usercp_options_tppselect,usercp_options_pppselect,usercp_themeselector,usercp_profile_customtitle_reverttitle";
$templatelist .= ",usercp_nav_editsignature,usercp_referrals,usercp_notepad,usercp_latest_threads_threads,forumdisplay_thread_gotounread,usercp_latest_threads,usercp_subscriptions_remove,usercp_nav_messenger_folder,usercp_profile_profilefields_text";

$templatelist .= ",usercp_attachments_attachment,usercp_attachments,usercp_profile_away,usercp_profile_customfield,usercp_profile_profilefields,usercp_profile_customtitle,usercp_forumsubscriptions_none,usercp_profile_customtitle_currentcustom";
$templatelist .= ",usercp_forumsubscriptions,usercp_subscriptions_none,usercp_subscriptions,usercp_options_pms_from_buddys,usercp_options_tppselect,usercp_options_pppselect,usercp_themeselector,usercp_profile_customtitle_reverttitle";
$templatelist .= ",usercp_nav_editsignature,usercp_referrals,usercp_notepad,usercp_latest_threads_threads,forumdisplay_thread_gotounread,usercp_latest_threads,usercp_subscriptions_remove,usercp_nav_messenger_folder,usercp_profile_profilefields_text";

$templatelist .= ",usercp_editsig_suspended,usercp_editsig,usercp_avatar_current,usercp_options_timezone_option,usercp_drafts";

$templatelist .= ",usercp_editsig_suspended,usercp_editsig,usercp_avatar_current,usercp_options_timezone_option,usercp_drafts,usercp_options_language,usercp_options_date_format,usercp_profile_website,usercp_latest_subscribed,usercp_warnings";

$templatelist .= ",usercp_avatar,usercp_editlists_userusercp_editlists,usercp_drafts_draft,usercp_usergroups_joingroup,usercp_attachments_none,usercp_avatar_upload,usercp_options_timezone,usercp_usergroups_joinable_usergroup_join";

$templatelist .= ",usercp_avatar,usercp_editlists_userusercp_editlists,usercp_drafts_draft,usercp_usergroups_joingroup,usercp_attachments_none,usercp_avatar_upload,usercp_options_timezone,usercp_usergroups_joinable_usergroup_join";

$templatelist .= ",usercp_warnings_warning,usercp_warnings,usercp_latest_subscribed_threads,usercp_latest_subscribed,usercp_nav_messenger_tracking,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,usercp_options_language,usercp_options_date_format";
$templatelist .= ",codebuttons,smilieinsert_getmore,smilieinsert_smilie,smilieinsert_smilie_empty,smilieinsert,usercp_nav_messenger_compose,usercp_options_language_option,usercp_editlists";

$templatelist .= ",usercp_warnings_warning,usercp_nav_messenger_tracking,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start";
$templatelist .= ",codebuttons,usercp_nav_messenger_compose,usercp_options_language_option,usercp_editlists,usercp_profile_contact_fields_field,usercp_latest_subscribed_threads,usercp_profile_contact_fields,usercp_profile_day,usercp_nav_home";

$templatelist .= ",usercp_profile_profilefields_select_option,usercp_profile_profilefields_multiselect,usercp_profile_profilefields_select,usercp_profile_profilefields_textarea,usercp_profile_profilefields_radio,usercp_profile_profilefields_checkbox";
$templatelist .= ",usercp_options_tppselect_option,usercp_options_pppselect_option,forumbit_depth2_forum_lastpost_never,forumbit_depth2_forum_lastpost_hidden,usercp_avatar_auto_resize_auto,usercp_avatar_auto_resize_user,usercp_options";

$templatelist .= ",usercp_profile_profilefields_select_option,usercp_profile_profilefields_multiselect,usercp_profile_profilefields_select,usercp_profile_profilefields_textarea,usercp_profile_profilefields_radio,usercp_profile_profilefields_checkbox";
$templatelist .= ",usercp_options_tppselect_option,usercp_options_pppselect_option,forumbit_depth2_forum_lastpost_never,forumbit_depth2_forum_lastpost_hidden,usercp_avatar_auto_resize_auto,usercp_avatar_auto_resize_user,usercp_options";

$templatelist .= ",usercp_editlists_no_buddies,usercp_editlists_no_ignored,usercp_editlists_no_requests,usercp_editlists_received_requests,usercp_editlists_sent_requests,usercp_drafts_draft_thread,usercp_drafts_draft_forum";
$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email";

$templatelist .= ",usercp_editlists_no_buddies,usercp_editlists_no_ignored,usercp_editlists_no_requests,usercp_editlists_received_requests,usercp_editlists_sent_requests,usercp_drafts_draft_thread,usercp_drafts_draft_forum,usercp_editlists_user";
$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms";

$templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format";

$templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format";

$templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_editlists_user,usercp_profile_day,usercp_profile_contact_fields,usercp_profile_contact_fields_field, usercp_profile_website";


$templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";
$templatelist .= ",usercp_addsubscription_thread,forumdisplay_password,forumdisplay_password_wrongpass,";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

Zeile 44Zeile 46

if(!$mybb->user['pmfolders'])
{


if(!$mybb->user['pmfolders'])
{

	$mybb->user['pmfolders'] = "1**".$lang->folder_inbox."$%%$2**".$lang->folder_sent_items."$%%$3**".$lang->folder_drafts."$%%$4**".$lang->folder_trash;
$db->update_query("users", array('pmfolders' => $mybb->user['pmfolders']), "uid='".$mybb->user['uid']."'");

	$mybb->user['pmfolders'] = '1**$%%$2**$%%$3**$%%$4**';
$db->update_query('users', array('pmfolders' => $mybb->user['pmfolders']), "uid = {$mybb->user['uid']}");

}

$errors = '';

}

$errors = '';

Zeile 53Zeile 55
$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();

$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();

 

$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);

if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0)
{
if(my_strpos($server_http_referer, '/') === 0)
{
$server_http_referer = my_substr($server_http_referer, 1);
}
$url_segments = explode('/', $server_http_referer);
$server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments);
}


$plugins->run_hooks("usercp_start");
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{


$plugins->run_hooks("usercp_start");
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{

	$parser_options = array(
'allow_html' => $mybb->settings['sightml'],
'filter_badwords' => 1,
'allow_mycode' => $mybb->settings['sigmycode'],
'allow_smilies' => $mybb->settings['sigsmilies'],
'allow_imgcode' => $mybb->settings['sigimgcode'],
"filter_badwords" => 1

	require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler();

$data = array(
'uid' => $mybb->user['uid'],
'signature' => $mybb->get_input('signature'),


	);


	);


	if($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0)



	$userhandler->set_data($data);

if(!$userhandler->verify_signature())

	{

	{

		$parser_options['allow_imgcode'] = 0;
}

$parsed_sig = $parser->parse_message($mybb->get_input('signature'), $parser_options);
if((($mybb->settings['sigimgcode'] == 0 && $mybb->settings['sigsmilies'] != 1) &&
substr_count($parsed_sig, "<img") > 0) ||
(($mybb->settings['sigimgcode'] == 1 || $mybb->settings['sigsmilies'] == 1) &&
substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages'])
)
{
if($mybb->settings['sigimgcode'] == 1)
{
$imgsallowed = $mybb->settings['maxsigimages'];
}
else
{
$imgsallowed = 0;
}
$lang->too_many_sig_images2 = $lang->sprintf($lang->too_many_sig_images2, $imgsallowed);
$error = inline_error($lang->too_many_sig_images." ".$lang->too_many_sig_images2);
$mybb->input['preview'] = 1;
}
else if($mybb->settings['siglength'] > 0)
{
if($mybb->settings['sigcountmycode'] == 0)
{
$parsed_sig = $parser->text_parse_message($mybb->get_input('signature'));
}
else
{
$parsed_sig = $mybb->get_input('signature');
}
$parsed_sig = preg_replace("#\s#", "", $parsed_sig);
$sig_length = my_strlen($parsed_sig);
if($sig_length > $mybb->settings['siglength'])
{
$lang->sig_too_long = $lang->sprintf($lang->sig_too_long, $mybb->settings['siglength']);
if($sig_length - $mybb->settings['siglength'] > 1)
{
$lang->sig_too_long .= $lang->sprintf($lang->sig_remove_chars_plural, $sig_length-$mybb->settings['siglength']);
}
else
{
$lang->sig_too_long .= $lang->sig_remove_chars_singular;
}
$error = inline_error($lang->sig_too_long);
}

		$error = inline_error($userhandler->get_friendly_errors());















































	}

	}

 


	if(isset($error) || !empty($mybb->input['preview']))
{
$mybb->input['action'] = "editsig";

	if(isset($error) || !empty($mybb->input['preview']))
{
$mybb->input['action'] = "editsig";

Zeile 187Zeile 157

$plugins->run_hooks("usercp_do_profile_start");



$plugins->run_hooks("usercp_do_profile_start");


	if($mybb->get_input('away', 1) == 1 && $mybb->settings['allowaway'] != 0)

	if($mybb->get_input('away', MyBB::INPUT_INT) == 1 && $mybb->settings['allowaway'] != 0)

	{
$awaydate = TIME_NOW;
if(!empty($mybb->input['awayday']))
{
// If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year

	{
$awaydate = TIME_NOW;
if(!empty($mybb->input['awayday']))
{
// If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year

			if(!$mybb->get_input('awaymonth', 1))

			if(!$mybb->get_input('awaymonth', MyBB::INPUT_INT))

			{
$mybb->input['awaymonth'] = my_date('n', $awaydate);
}

			{
$mybb->input['awaymonth'] = my_date('n', $awaydate);
}

			if(!$mybb->get_input('awayyear', 1))

			if(!$mybb->get_input('awayyear', MyBB::INPUT_INT))

			{
$mybb->input['awayyear'] = my_date('Y', $awaydate);
}

			{
$mybb->input['awayyear'] = my_date('Y', $awaydate);
}

Zeile 238Zeile 208
	}

$bday = array(

	}

$bday = array(

		"day" => $mybb->get_input('bday1', 1),
"month" => $mybb->get_input('bday2', 1),
"year" => $mybb->get_input('bday3', 1)

		"day" => $mybb->get_input('bday1', MyBB::INPUT_INT),
"month" => $mybb->get_input('bday2', MyBB::INPUT_INT),
"year" => $mybb->get_input('bday3', MyBB::INPUT_INT)

	);

// Set up user handler.

	);

// Set up user handler.

	require_once "inc/datahandlers/user.php";

	require_once MYBB_ROOT."inc/datahandlers/user.php";

	$userhandler = new UserDataHandler("update");

$user = array(

	$userhandler = new UserDataHandler("update");

$user = array(

Zeile 255Zeile 225
		"birthday" => $bday,
"birthdayprivacy" => $mybb->get_input('birthdayprivacy'),
"away" => $away,

		"birthday" => $bday,
"birthdayprivacy" => $mybb->get_input('birthdayprivacy'),
"away" => $away,

		"profile_fields" => $mybb->get_input('profile_fields', 2)

		"profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)

	);

	);

	foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)

	foreach(array('icq', 'skype', 'google') as $cfield)

	{
$csetting = 'allow'.$cfield.'field';
if($mybb->settings[$csetting] == '')

	{
$csetting = 'allow'.$cfield.'field';
if($mybb->settings[$csetting] == '')

Zeile 265Zeile 235
			continue;
}


			continue;
}


		if($mybb->settings[$csetting] != -1 && !is_member($mybb->settings[$csetting]))

		if(!is_member($mybb->settings[$csetting]))

		{
continue;
}

		{
continue;
}

Zeile 279Zeile 249
			$user[$cfield] = $mybb->get_input($cfield);
}
}

			$user[$cfield] = $mybb->get_input($cfield);
}
}

	



	if($mybb->usergroup['canchangewebsite'] == 1)
{
$user['website'] = $mybb->get_input('website');

	if($mybb->usergroup['canchangewebsite'] == 1)
{
$user['website'] = $mybb->get_input('website');

Zeile 291Zeile 261
		{
$user['usertitle'] = $mybb->get_input('usertitle');
}

		{
$user['usertitle'] = $mybb->get_input('usertitle');
}

		else if(!empty($mybb->input['reverttitle']))

		elseif(!empty($mybb->input['reverttitle']))

		{
$user['usertitle'] = '';
}

		{
$user['usertitle'] = '';
}

Zeile 301Zeile 271
	if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

	if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

 
		$raw_errors = $userhandler->get_errors();





		// Set allowed value otherwise select options disappear
if(in_array($lang->userdata_invalid_birthday_privacy, $errors))

		// Set to stored value if invalid
if(array_key_exists("invalid_birthday_privacy", $raw_errors))

		{

		{

			$mybb->input['birthdayprivacy'] = 'none';

			$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];

		}

$errors = inline_error($errors);

		}

$errors = inline_error($errors);

Zeile 326Zeile 297
	{
$user = $mybb->input;
$bday = array();

	{
$user = $mybb->input;
$bday = array();

		$bday[0] = $mybb->get_input('bday1', 1);
$bday[1] = $mybb->get_input('bday2', 1);
$bday[2] = $mybb->get_input('bday3', 1);

		$bday[0] = $mybb->get_input('bday1', MyBB::INPUT_INT);
$bday[1] = $mybb->get_input('bday2', MyBB::INPUT_INT);
$bday[2] = $mybb->get_input('bday3', MyBB::INPUT_INT);

	}
else
{

	}
else
{

Zeile 373Zeile 344
	{
$allselected = " selected=\"selected\"";
}

	{
$allselected = " selected=\"selected\"";
}

	else if($user['birthdayprivacy'] == 'none')

	elseif($user['birthdayprivacy'] == 'none')

	{
$noneselected = " selected=\"selected\"";
}

	{
$noneselected = " selected=\"selected\"";
}

	else if($user['birthdayprivacy'] == 'age')

	elseif($user['birthdayprivacy'] == 'age')

	{
$ageselected = " selected=\"selected\"";
}


	{
$ageselected = " selected=\"selected\"";
}


	if($user['website'] == "" || $user['website'] == "http://")

	if(!my_validate_url($user['website']))

	{

	{

		$user['website'] = "http://";

		$user['website'] = '';

	}
else
{

	}
else
{

Zeile 392Zeile 363
	}

if($user['icq'] != "0")

	}

if($user['icq'] != "0")

	{

	{

		$user['icq'] = (int)$user['icq'];
}

if($user['icq'] == 0)

		$user['icq'] = (int)$user['icq'];
}

if($user['icq'] == 0)

	{

	{

		$user['icq'] = '';
}


		$user['icq'] = '';
}


Zeile 405Zeile 376
	{
$user['skype'] = htmlspecialchars_uni($user['skype']);
$user['google'] = htmlspecialchars_uni($user['google']);

	{
$user['skype'] = htmlspecialchars_uni($user['skype']);
$user['google'] = htmlspecialchars_uni($user['google']);

		$user['aim'] = htmlspecialchars_uni($user['aim']);
$user['yahoo'] = htmlspecialchars_uni($user['yahoo']);

 
	}

$contact_fields = array();
$contactfields = '';

	}

$contact_fields = array();
$contactfields = '';

	foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)
{



	$cfieldsshow = false;

foreach(array('icq', 'skype', 'google') as $cfield)
{

		$contact_fields[$cfield] = '';
$csetting = 'allow'.$cfield.'field';
if($mybb->settings[$csetting] == '')

		$contact_fields[$cfield] = '';
$csetting = 'allow'.$cfield.'field';
if($mybb->settings[$csetting] == '')

Zeile 420Zeile 391
			continue;
}


			continue;
}


		if($mybb->settings[$csetting] != -1 && !is_member($mybb->settings[$csetting]))
{
continue;
}

$cfieldsshow = true;


		if(!is_member($mybb->settings[$csetting]))
{
continue;
}

$cfieldsshow = true;


		$lang_string = 'contact_field_'.$cfield;
$lang_string = $lang->{$lang_string};
$cfvalue = htmlspecialchars_uni($user[$cfield]);

		$lang_string = 'contact_field_'.$cfield;
$lang_string = $lang->{$lang_string};
$cfvalue = htmlspecialchars_uni($user[$cfield]);

Zeile 434Zeile 405
		eval('$contact_fields[$cfield] = "'.$templates->get('usercp_profile_contact_fields_field').'";');
}


		eval('$contact_fields[$cfield] = "'.$templates->get('usercp_profile_contact_fields_field').'";');
}


	if(!empty($cfieldsshow))

	if($cfieldsshow)

	{
eval('$contactfields = "'.$templates->get('usercp_profile_contact_fields').'";');
}

	{
eval('$contactfields = "'.$templates->get('usercp_profile_contact_fields').'";');
}

Zeile 445Zeile 416
		if($errors)
{
if($user['away'] == 1)

		if($errors)
{
if($user['away'] == 1)

			{
$awaycheck[1] = "checked=\"checked\"";
}
else
{
$awaycheck[0] = "checked=\"checked\"";
}

			{
$awaycheck[1] = "checked=\"checked\"";
}
else
{
$awaycheck[0] = "checked=\"checked\"";
}

			$returndate = array();

			$returndate = array();

			$returndate[0] = $mybb->get_input('awayday', 1);
$returndate[1] = $mybb->get_input('awaymonth', 1);
$returndate[2] = $mybb->get_input('awayyear', 1);

			$returndate[0] = $mybb->get_input('awayday', MyBB::INPUT_INT);
$returndate[1] = $mybb->get_input('awaymonth', MyBB::INPUT_INT);
$returndate[2] = $mybb->get_input('awayyear', MyBB::INPUT_INT);

			$user['awayreason'] = htmlspecialchars_uni($mybb->get_input('awayreason'));
}
else

			$user['awayreason'] = htmlspecialchars_uni($mybb->get_input('awayreason'));
}
else

Zeile 511Zeile 482
	// Custom profile fields baby!
$altbg = "trow1";
$requiredfields = $customfields = '';

	// Custom profile fields baby!
$altbg = "trow1";
$requiredfields = $customfields = '';

	$mybb->input['profile_fields'] = $mybb->get_input('profile_fields', 2);

	$mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);


$pfcache = $cache->read('profilefields');



$pfcache = $cache->read('profilefields');


Zeile 519Zeile 490
	{
foreach($pfcache as $profilefield)
{

	{
foreach($pfcache as $profilefield)
{

			if(empty($profilefield['editableby']) || ($profilefield['editableby'] != -1 && !is_member($profilefield['editableby'])))
{
continue;
}

// Does this field have a minimum post count?
if($profilefield['postnum'] && $profilefield['postnum'] > $mybb->user['postnum'])

			if(!is_member($profilefield['editableby']) || ($profilefield['postnum'] && $profilefield['postnum'] > $mybb->user['postnum']))







			{
continue;
}

			{
continue;
}

Zeile 538Zeile 503
			if(isset($thing[1]))
{
$options = $thing[1];

			if(isset($thing[1]))
{
$options = $thing[1];

			}
else
{

			}
else
{

				$options = array();
}
$field = "fid{$profilefield['fid']}";

				$options = array();
}
$field = "fid{$profilefield['fid']}";

Zeile 550Zeile 515
				if(!isset($mybb->input['profile_fields'][$field]))
{
$mybb->input['profile_fields'][$field] = '';

				if(!isset($mybb->input['profile_fields'][$field]))
{
$mybb->input['profile_fields'][$field] = '';

				}

				}

				$userfield = $mybb->input['profile_fields'][$field];
}
else

				$userfield = $mybb->input['profile_fields'][$field];
}
else

Zeile 566Zeile 531
				else
{
$useropts = explode("\n", $userfield);

				else
{
$useropts = explode("\n", $userfield);

				}

				}

				if(is_array($useropts))

				if(is_array($useropts))

				{

				{

					foreach($useropts as $key => $val)

					foreach($useropts as $key => $val)

					{

					{

						$val = htmlspecialchars_uni($val);

						$val = htmlspecialchars_uni($val);

						$seloptions[$val] = $val;
}
}
$expoptions = explode("\n", $options);
if(is_array($expoptions))
{
foreach($expoptions as $key => $val)
{
$val = trim($val);
$val = str_replace("\n", "\\n", $val);

$sel = "";
if($val == $seloptions[$val])
{
$sel = " selected=\"selected\"";
}


						$seloptions[$val] = $val;
}
}
$expoptions = explode("\n", $options);
if(is_array($expoptions))
{
foreach($expoptions as $key => $val)
{
$val = trim($val);
$val = str_replace("\n", "\\n", $val);

$sel = "";
if(isset($seloptions[$val]) && $val == $seloptions[$val])
{
$sel = " selected=\"selected\"";
}


						eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");
}
if(!$profilefield['length'])
{
$profilefield['length'] = 3;

						eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");
}
if(!$profilefield['length'])
{
$profilefield['length'] = 3;

					}


					}


					eval("\$code = \"".$templates->get("usercp_profile_profilefields_multiselect")."\";");
}
}
elseif($type == "select")

					eval("\$code = \"".$templates->get("usercp_profile_profilefields_multiselect")."\";");
}
}
elseif($type == "select")

			{
$expoptions = explode("\n", $options);
if(is_array($expoptions))

			{
$expoptions = explode("\n", $options);
if(is_array($expoptions))

				{
foreach($expoptions as $key => $val)
{

				{
foreach($expoptions as $key => $val)
{

Zeile 626Zeile 591
			}
elseif($type == "radio")
{

			}
elseif($type == "radio")
{

 
				$userfield = htmlspecialchars_uni($userfield);

				$expoptions = explode("\n", $options);
if(is_array($expoptions))
{

				$expoptions = explode("\n", $options);
if(is_array($expoptions))
{

Zeile 638Zeile 604
						}

eval("\$code .= \"".$templates->get("usercp_profile_profilefields_radio")."\";");

						}

eval("\$code .= \"".$templates->get("usercp_profile_profilefields_radio")."\";");

					}

					}

				}
}
elseif($type == "checkbox")
{

				}
}
elseif($type == "checkbox")
{

 
				$userfield = htmlspecialchars_uni($userfield);

				if($errors)
{
$useropts = $userfield;

				if($errors)
{
$useropts = $userfield;

Zeile 664Zeile 631
					foreach($expoptions as $key => $val)
{
$checked = "";

					foreach($expoptions as $key => $val)
{
$checked = "";

						if($val == $seloptions[$val])

						if(isset($seloptions[$val]) && $val == $seloptions[$val])

						{
$checked = " checked=\"checked\"";
}

						{
$checked = " checked=\"checked\"";
}

Zeile 705Zeile 672
			$options = "";
$expoptions = "";
$useropts = "";

			$options = "";
$expoptions = "";
$useropts = "";

			$seloptions = "";

			$seloptions = array();

		}
}
if($customfields)

		}
}
if($customfields)

Zeile 724Zeile 691
			{
if($title['posts'] <= $mybb->user['postnum'])
{

			{
if($title['posts'] <= $mybb->user['postnum'])
{

					$defaulttitle = $title['title'];

					$defaulttitle = htmlspecialchars_uni($title['title']);

					break;
}
}
}
else
{

					break;
}
}
}
else
{

			$defaulttitle = $mybb->usergroup['usertitle'];

			$defaulttitle = htmlspecialchars_uni($mybb->usergroup['usertitle']);

		}

$newtitle = '';

		}

$newtitle = '';

Zeile 747Zeile 714
				$user['usertitle'] = $mybb->user['usertitle'];
}
}

				$user['usertitle'] = $mybb->user['usertitle'];
}
}

		
$user['usertitle'] = htmlspecialchars_uni($user['usertitle']);


$user['usertitle'] = htmlspecialchars_uni($user['usertitle']);


$currentcustom = $reverttitle = '';
if(!empty($mybb->user['usertitle']))


$currentcustom = $reverttitle = '';
if(!empty($mybb->user['usertitle']))

Zeile 758Zeile 725
			if($mybb->user['usertitle'] != $mybb->usergroup['usertitle'])
{
eval("\$reverttitle = \"".$templates->get("usercp_profile_customtitle_reverttitle")."\";");

			if($mybb->user['usertitle'] != $mybb->usergroup['usertitle'])
{
eval("\$reverttitle = \"".$templates->get("usercp_profile_customtitle_reverttitle")."\";");

			}

			}

		}

		}

		



		eval("\$customtitle = \"".$templates->get("usercp_profile_customtitle")."\";");

		eval("\$customtitle = \"".$templates->get("usercp_profile_customtitle")."\";");

	}
else
{

	}
else
{

		$customtitle = "";
}

if($mybb->usergroup['canchangewebsite'] == 1)
{
eval("\$website = \"".$templates->get("usercp_profile_website")."\";");

		$customtitle = "";
}

if($mybb->usergroup['canchangewebsite'] == 1)
{
eval("\$website = \"".$templates->get("usercp_profile_website")."\";");

	}


	}


	$plugins->run_hooks("usercp_profile_end");

	$plugins->run_hooks("usercp_profile_end");





	eval("\$editprofile = \"".$templates->get("usercp_profile")."\";");
output_page($editprofile);
}

	eval("\$editprofile = \"".$templates->get("usercp_profile")."\";");
output_page($editprofile);
}





if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));





	$plugins->run_hooks("usercp_do_options_start");

	$plugins->run_hooks("usercp_do_options_start");





	// Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

$user = array(
"uid" => $mybb->user['uid'],

	// Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

$user = array(
"uid" => $mybb->user['uid'],

		"style" => $mybb->get_input('style', 1),
"dateformat" => $mybb->get_input('dateformat', 1),
"timeformat" => $mybb->get_input('timeformat', 1),

		"style" => $mybb->get_input('style', MyBB::INPUT_INT),
"dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),
"timeformat" => $mybb->get_input('timeformat', MyBB::INPUT_INT),

		"timezone" => $db->escape_string($mybb->get_input('timezoneoffset')),

		"timezone" => $db->escape_string($mybb->get_input('timezoneoffset')),

		"language" => $mybb->get_input('language')



		"language" => $mybb->get_input('language'),
'usergroup' => $mybb->user['usergroup'],
'additionalgroups' => $mybb->user['additionalgroups']

	);

$user['options'] = array(

	);

$user['options'] = array(

		"allownotices" => $mybb->get_input('allownotices', 1),
"hideemail" => $mybb->get_input('hideemail', 1),
"subscriptionmethod" => $mybb->get_input('subscriptionmethod', 1),
"invisible" => $mybb->get_input('invisible', 1),
"dstcorrection" => $mybb->get_input('dstcorrection', 1),

		"allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),
"hideemail" => $mybb->get_input('hideemail', MyBB::INPUT_INT),
"subscriptionmethod" => $mybb->get_input('subscriptionmethod', MyBB::INPUT_INT),
"invisible" => $mybb->get_input('invisible', MyBB::INPUT_INT),
"dstcorrection" => $mybb->get_input('dstcorrection', MyBB::INPUT_INT),

		"threadmode" => $mybb->get_input('threadmode'),

		"threadmode" => $mybb->get_input('threadmode'),

		"showimages" => $mybb->get_input('showimages', 1),
"showvideos" => $mybb->get_input('showvideos', 1),
"showsigs" => $mybb->get_input('showsigs', 1),
"showavatars" => $mybb->get_input('showavatars', 1),
"showquickreply" => $mybb->get_input('showquickreply', 1),
"receivepms" => $mybb->get_input('receivepms', 1),
"pmnotice" => $mybb->get_input('pmnotice', 1),
"receivefrombuddy" => $mybb->get_input('receivefrombuddy', 1),
"daysprune" => $mybb->get_input('daysprune', 1),
"showcodebuttons" => $mybb->get_input('showcodebuttons', 1),
"sourceeditor" => $mybb->get_input('sourceeditor', 1),
"pmnotify" => $mybb->get_input('pmnotify', 1),
"buddyrequestspm" => $mybb->get_input('buddyrequestspm', 1),
"buddyrequestsauto" => $mybb->get_input('buddyrequestsauto', 1),
"showredirect" => $mybb->get_input('showredirect', 1),
"classicpostbit" => $mybb->get_input('classicpostbit', 1)

		"showimages" => $mybb->get_input('showimages', MyBB::INPUT_INT),
"showvideos" => $mybb->get_input('showvideos', MyBB::INPUT_INT),
"showsigs" => $mybb->get_input('showsigs', MyBB::INPUT_INT),
"showavatars" => $mybb->get_input('showavatars', MyBB::INPUT_INT),
"showquickreply" => $mybb->get_input('showquickreply', MyBB::INPUT_INT),
"receivepms" => $mybb->get_input('receivepms', MyBB::INPUT_INT),
"pmnotice" => $mybb->get_input('pmnotice', MyBB::INPUT_INT),
"receivefrombuddy" => $mybb->get_input('receivefrombuddy', MyBB::INPUT_INT),
"daysprune" => $mybb->get_input('daysprune', MyBB::INPUT_INT),
"showcodebuttons" => $mybb->get_input('showcodebuttons', MyBB::INPUT_INT),
"sourceeditor" => $mybb->get_input('sourceeditor', MyBB::INPUT_INT),
"pmnotify" => $mybb->get_input('pmnotify', MyBB::INPUT_INT),
"buddyrequestspm" => $mybb->get_input('buddyrequestspm', MyBB::INPUT_INT),
"buddyrequestsauto" => $mybb->get_input('buddyrequestsauto', MyBB::INPUT_INT),
"showredirect" => $mybb->get_input('showredirect', MyBB::INPUT_INT),
"classicpostbit" => $mybb->get_input('classicpostbit', MyBB::INPUT_INT)

	);

if($mybb->settings['usertppoptions'])
{

	);

if($mybb->settings['usertppoptions'])
{

		$user['options']['tpp'] = $mybb->get_input('tpp', 1);

		$user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);

	}

if($mybb->settings['userpppoptions'])

	}

if($mybb->settings['userpppoptions'])

	{
$user['options']['ppp'] = $mybb->get_input('ppp', 1);
}


	{
$user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT);
}


	$userhandler->set_data($user);

	$userhandler->set_data($user);



 

if(!$userhandler->validate_user())


if(!$userhandler->validate_user())

	{

	{

		$errors = $userhandler->get_friendly_errors();
$errors = inline_error($errors);
$mybb->input['action'] = "options";

		$errors = $userhandler->get_friendly_errors();
$errors = inline_error($errors);
$mybb->input['action'] = "options";

	}
else
{

	}
else
{

		$userhandler->update_user();

$plugins->run_hooks("usercp_do_options_end");

		$userhandler->update_user();

$plugins->run_hooks("usercp_do_options_end");

Zeile 919Zeile 887
	{
$no_subscribe_selected = "selected=\"selected\"";
}

	{
$no_subscribe_selected = "selected=\"selected\"";
}

	else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)

	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)

	{
$instant_email_subscribe_selected = "selected=\"selected\"";
}

	{
$instant_email_subscribe_selected = "selected=\"selected\"";
}

	else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)

	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)

	{
$instant_pm_subscribe_selected = "selected=\"selected\"";
}

	{
$instant_pm_subscribe_selected = "selected=\"selected\"";
}

Zeile 1009Zeile 977
	{
$dst_auto_selected = "selected=\"selected\"";
}

	{
$dst_auto_selected = "selected=\"selected\"";
}

	else if(isset($user['dstcorrection']) && $user['dstcorrection'] == 1)

	elseif(isset($user['dstcorrection']) && $user['dstcorrection'] == 1)

	{
$dst_enabled_selected = "selected=\"selected\"";
}

	{
$dst_enabled_selected = "selected=\"selected\"";
}

Zeile 1053Zeile 1021
	{
$pmnotifycheck = '';
}

	{
$pmnotifycheck = '';
}

	



	if(isset($user['buddyrequestspm']) && $user['buddyrequestspm'] != 0)
{
$buddyrequestspmcheck = "checked=\"checked\"";

	if(isset($user['buddyrequestspm']) && $user['buddyrequestspm'] != 0)
{
$buddyrequestspmcheck = "checked=\"checked\"";

	}

	}

	else
{
$buddyrequestspmcheck = '';

	else
{
$buddyrequestspmcheck = '';

Zeile 1066Zeile 1034
	if(isset($user['buddyrequestsauto']) && $user['buddyrequestsauto'] != 0)
{
$buddyrequestsautocheck = "checked=\"checked\"";

	if(isset($user['buddyrequestsauto']) && $user['buddyrequestsauto'] != 0)
{
$buddyrequestsautocheck = "checked=\"checked\"";

	}

	}

	else
{
$buddyrequestsautocheck = '';

	else
{
$buddyrequestsautocheck = '';

Zeile 1078Zeile 1046
	}

if(isset($user['classicpostbit']) && $user['classicpostbit'] != 0)

	}

if(isset($user['classicpostbit']) && $user['classicpostbit'] != 0)

	{

	{

		$classicpostbitcheck = "checked=\"checked\"";
}
else

		$classicpostbitcheck = "checked=\"checked\"";
}
else

Zeile 1088Zeile 1056

$date_format_options = $dateformat = '';
foreach($date_formats as $key => $format)


$date_format_options = $dateformat = '';
foreach($date_formats as $key => $format)

	{

	{

		$selected = '';
if(isset($user['dateformat']) && $user['dateformat'] == $key)

		$selected = '';
if(isset($user['dateformat']) && $user['dateformat'] == $key)

		{
$selected = " selected=\"selected\"";
}

		{
$selected = " selected=\"selected\"";
}


$dateformat = my_date($format, TIME_NOW, "", 0);
eval("\$date_format_options .= \"".$templates->get("usercp_options_date_format")."\";");


$dateformat = my_date($format, TIME_NOW, "", 0);
eval("\$date_format_options .= \"".$templates->get("usercp_options_date_format")."\";");

	}


	}


	$time_format_options = $timeformat = '';
foreach($time_formats as $key => $format)
{

	$time_format_options = $timeformat = '';
foreach($time_formats as $key => $format)
{

Zeile 1118Zeile 1086
	if($mybb->settings['allowbuddyonly'] == 1)
{
eval("\$pms_from_buddys = \"".$templates->get("usercp_options_pms_from_buddys")."\";");

	if($mybb->settings['allowbuddyonly'] == 1)
{
eval("\$pms_from_buddys = \"".$templates->get("usercp_options_pms_from_buddys")."\";");

	}













	}

$pms = '';
if($mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] == 1)
{
eval("\$pms = \"".$templates->get("usercp_options_pms")."\";");
}

$quick_reply = '';
if($mybb->settings['quickreply'] == 1)
{
eval("\$quick_reply = \"".$templates->get("usercp_options_quick_reply")."\";");
}


$threadview = array('linear' => '', 'threaded' => '');
if(isset($user['threadmode']) && is_scalar($user['threadmode']))


$threadview = array('linear' => '', 'threaded' => '');
if(isset($user['threadmode']) && is_scalar($user['threadmode']))

Zeile 1133Zeile 1113
	if(!isset($user['style']))
{
$user['style'] = '';

	if(!isset($user['style']))
{
$user['style'] = '';

	}

	}


$board_style = $stylelist = '';
$stylelist = build_theme_select("style", $user['style']);


$board_style = $stylelist = '';
$stylelist = build_theme_select("style", $user['style']);

Zeile 1155Zeile 1135
				$val = trim($val);
$selected = "";
if(isset($user['tpp']) && $user['tpp'] == $val)

				$val = trim($val);
$selected = "";
if(isset($user['tpp']) && $user['tpp'] == $val)

				{
$selected = " selected=\"selected\"";
}


				{
$selected = " selected=\"selected\"";
}


				$tpp_option = $lang->sprintf($lang->tpp_option, $val);
eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";");
}

				$tpp_option = $lang->sprintf($lang->tpp_option, $val);
eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";");
}

Zeile 1195Zeile 1175
}

if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")

}

if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


	$errors = array();

$plugins->run_hooks("usercp_do_email_start");

	$errors = array();

$plugins->run_hooks("usercp_do_email_start");

Zeile 1209Zeile 1189
	else
{
// Set up user handler.

	else
{
// Set up user handler.

		require_once "inc/datahandlers/user.php";

		require_once MYBB_ROOT."inc/datahandlers/user.php";

		$userhandler = new UserDataHandler("update");

$user = array(

		$userhandler = new UserDataHandler("update");

$user = array(

Zeile 1219Zeile 1199
		);

$userhandler->set_data($user);

		);

$userhandler->set_data($user);





		if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();
}
else
{

		if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();
}
else
{

			if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != 1 && $mybb->settings['regtype'] != "verify")












































			$activation = false;
// Checking for pending activations for non-activated accounts
if($mybb->user['usergroup'] == 5 && ($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "both"))
{
$query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND (type='r' OR type='b')");
$activation = $db->fetch_array($query);
}
if($activation)
{
$userhandler->update_user();

$db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'");

// Send new activation mail for non-activated accounts
$activationcode = random_str();
$activationarray = array(
"uid" => $mybb->user['uid'],
"dateline" => TIME_NOW,
"code" => $activationcode,
"type" => $activation['type']
);
$db->insert_query("awaitingactivation", $activationarray);
$emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']);
switch($mybb->settings['username_method'])
{
case 0:
$emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
break;
case 1:
$emailmessage = $lang->sprintf($lang->email_activateaccount1, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
break;
case 2:
$emailmessage = $lang->sprintf($lang->email_activateaccount2, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
break;
default:
$emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
break;
}
my_mail($mybb->user['email'], $emailsubject, $emailmessage);

$plugins->run_hooks("usercp_do_email_changed");
redirect("usercp.php?action=email", $lang->redirect_emailupdated);
}
elseif($mybb->usergroup['cancp'] != 1 && ($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "both"))

			{
$uid = $mybb->user['uid'];
$username = $mybb->user['username'];

			{
$uid = $mybb->user['uid'];
$username = $mybb->user['username'];

Zeile 1278Zeile 1301
	{
$email = htmlspecialchars_uni($mybb->get_input('email'));
$email2 = htmlspecialchars_uni($mybb->get_input('email2'));

	{
$email = htmlspecialchars_uni($mybb->get_input('email'));
$email2 = htmlspecialchars_uni($mybb->get_input('email2'));

	}
else

	}
else

	{
$email = $email2 = '';

	{
$email = $email2 = '';

	}

	}


$plugins->run_hooks("usercp_email");



$plugins->run_hooks("usercp_email");


Zeile 1294Zeile 1317
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));





	$errors = array();

$plugins->run_hooks("usercp_do_password_start");

	$errors = array();

$plugins->run_hooks("usercp_do_password_start");

Zeile 1305Zeile 1328
	else
{
// Set up user handler.

	else
{
// Set up user handler.

		require_once "inc/datahandlers/user.php";

		require_once MYBB_ROOT."inc/datahandlers/user.php";

		$userhandler = new UserDataHandler("update");

		$userhandler = new UserDataHandler("update");





		$user = array(
"uid" => $mybb->user['uid'],
"password" => $mybb->get_input('password'),
"password2" => $mybb->get_input('password2')

		$user = array(
"uid" => $mybb->user['uid'],
"password" => $mybb->get_input('password'),
"password2" => $mybb->get_input('password2')

		);

$userhandler->set_data($user);

if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();
}
else

		);

$userhandler->set_data($user);

if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();
}
else

		{
$userhandler->update_user();

		{
$userhandler->update_user();

			my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey']);

			my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true, "lax");


// Notify the user by email that their password has been changed
$mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']);


// Notify the user by email that their password has been changed
$mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']);

Zeile 1353Zeile 1376
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

 

$errors = array();


$plugins->run_hooks("usercp_do_changename_start");
if($mybb->usergroup['canchangename'] != 1)


$plugins->run_hooks("usercp_do_changename_start");
if($mybb->usergroup['canchangename'] != 1)

Zeile 1361Zeile 1386
	}

if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)

	}

if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)

	{

	{

		$errors[] = $lang->error_invalidpassword;
}
else
{
// Set up user handler.

		$errors[] = $lang->error_invalidpassword;
}
else
{
// Set up user handler.

		require_once "inc/datahandlers/user.php";

		require_once MYBB_ROOT."inc/datahandlers/user.php";

		$userhandler = new UserDataHandler("update");

$user = array(

		$userhandler = new UserDataHandler("update");

$user = array(

Zeile 1402Zeile 1427
	if($mybb->usergroup['canchangename'] != 1)
{
error_no_permission();

	if($mybb->usergroup['canchangename'] != 1)
{
error_no_permission();

 
	}

// Coming back to this page after one or more errors were experienced, show field the user previously entered (with the exception of the password)
if($errors)
{
$username = htmlspecialchars_uni($mybb->get_input('username'));
}
else
{
$username = '';

	}

$plugins->run_hooks("usercp_changename_end");

	}

$plugins->run_hooks("usercp_changename_end");

Zeile 1423Zeile 1458
	}

// Clean input - only accept integers thanks!

	}

// Clean input - only accept integers thanks!

	$mybb->input['check'] = array_map('intval', $mybb->get_input('check', 2));

	$mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));

	$tids = implode(",", $mybb->input['check']);

// Deleting these subscriptions?

	$tids = implode(",", $mybb->input['check']);

// Deleting these subscriptions?

Zeile 1438Zeile 1473
		{
$new_notification = 0;
}

		{
$new_notification = 0;
}

		else if($mybb->get_input('do') == "email_notification")

		elseif($mybb->get_input('do') == "email_notification")

		{
$new_notification = 1;
}

		{
$new_notification = 1;
}

		else if($mybb->get_input('do') == "pm_notification")

		elseif($mybb->get_input('do') == "pm_notification")

		{
$new_notification = 2;
}

		{
$new_notification = 2;
}

Zeile 1482Zeile 1517
	}

$perpage = $mybb->settings['threadsperpage'];

	}

$perpage = $mybb->settings['threadsperpage'];

	$page = $mybb->get_input('page', 1);

	$page = $mybb->get_input('page', MyBB::INPUT_INT);

	if($page > 0)
{
$start = ($page-1) * $perpage;

	if($page > 0)
{
$start = ($page-1) * $perpage;

Zeile 1529Zeile 1564
			// Hmm, you don't have permission to view this thread - unsubscribe!
$del_subscriptions[] = $subscription['sid'];
}

			// Hmm, you don't have permission to view this thread - unsubscribe!
$del_subscriptions[] = $subscription['sid'];
}

		else if($subscription['tid'])

		elseif($subscription['tid'])

		{
$subscriptions[$subscription['tid']] = $subscription;
}

		{
$subscriptions[$subscription['tid']] = $subscription;
}

Zeile 1555Zeile 1590
	if(!empty($subscriptions))
{
$tids = implode(",", array_keys($subscriptions));

	if(!empty($subscriptions))
{
$tids = implode(",", array_keys($subscriptions));

 
		$readforums = array();





		if($mybb->user['uid'] == 0)
{
// Build a forum cache.
$query = $db->query("
SELECT fid
FROM ".TABLE_PREFIX."forums
WHERE active != 0
ORDER BY pid, disporder
");

		// Build a forum cache.
$query = $db->query("
SELECT f.fid, fr.dateline AS lastread
FROM ".TABLE_PREFIX."forums f
LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')
WHERE f.active != 0
ORDER BY pid, disporder
");






			$forumsread = my_unserialize($mybb->cookies['mybb']['forumread']);
}
else
{
// Build a forum cache.
$query = $db->query("
SELECT f.fid, fr.dateline AS lastread
FROM ".TABLE_PREFIX."forums f
LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')
WHERE f.active != 0
ORDER BY pid, disporder
");
}

 
		while($forum = $db->fetch_array($query))
{

		while($forum = $db->fetch_array($query))
{

			if($mybb->user['uid'] == 0)
{
if($forumsread[$forum['fid']])
{
$forum['lastread'] = $forumsread[$forum['fid']];
}
}

 
			$readforums[$forum['fid']] = $forum['lastread'];
}


			$readforums[$forum['fid']] = $forum['lastread'];
}


Zeile 1644Zeile 1659
			{
$icon = $icon_cache[$thread['icon']];
$icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']);

			{
$icon = $icon_cache[$thread['icon']];
$icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']);

 
				$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);

				eval("\$icon = \"".$templates->get("usercp_subscriptions_thread_icon")."\";");
}
else

				eval("\$icon = \"".$templates->get("usercp_subscriptions_thread_icon")."\";");
}
else

Zeile 1666Zeile 1683
			$donenew = 0;
$lastread = 0;


			$donenew = 0;
$lastread = 0;


			if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'])
{

			if($mybb->settings['threadreadcut'] > 0)
{

				$forum_read = $readforums[$thread['fid']];

$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;

				$forum_read = $readforums[$thread['fid']];

$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;

Zeile 1675Zeile 1692
				{
$forum_read = $read_cutoff;
}

				{
$forum_read = $read_cutoff;
}

			}
else
{
$forum_read = $forumsread[$thread['fid']];

 
			}

$cutoff = 0;

			}

$cutoff = 0;

Zeile 1735Zeile 1748

if($thread['closed'] == 1)
{


if($thread['closed'] == 1)
{

				$folder .= "lock";
$folder_label .= $lang->icon_lock;

				$folder .= "close";
$folder_label .= $lang->icon_close;

			}

$folder .= "folder";

			}

$folder .= "folder";

Zeile 1744Zeile 1757
			if($thread['visible'] == 0)
{
$bgcolor = "trow_shaded";

			if($thread['visible'] == 0)
{
$bgcolor = "trow_shaded";

			}


			}


			// Build last post info
$lastpostdate = my_date('relative', $thread['lastpost']);

			// Build last post info
$lastpostdate = my_date('relative', $thread['lastpost']);

			$lastposter = $thread['lastposter'];








			if(!$lastposteruid && !$thread['lastposter'])
{
$lastposter = htmlspecialchars_uni($lang->guest);
}
else
{
$lastposter = htmlspecialchars_uni($thread['lastposter']);
}

			$lastposteruid = $thread['lastposteruid'];

// Don't link to guest's profiles (they have no profile).

			$lastposteruid = $thread['lastposteruid'];

// Don't link to guest's profiles (they have no profile).

Zeile 1782Zeile 1802

// Provide remove options
eval("\$remove_options = \"".$templates->get("usercp_subscriptions_remove")."\";");


// Provide remove options
eval("\$remove_options = \"".$templates->get("usercp_subscriptions_remove")."\";");

	}

	}

	else
{
$remove_options = '';

	else
{
$remove_options = '';

Zeile 1799Zeile 1819
{
$plugins->run_hooks("usercp_forumsubscriptions_start");


{
$plugins->run_hooks("usercp_forumsubscriptions_start");


	if($mybb->user['uid'] == 0)
{
// Build a forum cache.
$query = $db->query("
SELECT fid
FROM ".TABLE_PREFIX."forums
WHERE active != 0
ORDER BY pid, disporder
");

if(isset($mybb->cookies['mybb']['forumread']))
{
$forumsread = my_unserialize($mybb->cookies['mybb']['forumread']);
}
}
else
{
// Build a forum cache.
$query = $db->query("
SELECT f.fid, fr.dateline AS lastread
FROM ".TABLE_PREFIX."forums f
LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')
WHERE f.active != 0
ORDER BY pid, disporder
");
}

	// Build a forum cache.
$query = $db->query("
SELECT f.fid, fr.dateline AS lastread
FROM ".TABLE_PREFIX."forums f
LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')
WHERE f.active != 0
ORDER BY pid, disporder
");



















	$readforums = array();

	$readforums = array();

	while($forum = $db->fetch_array($query))

	while($forum = $db->fetch_array($query))

	{

	{

		if($mybb->user['uid'] == 0)
{
if($forumsread[$forum['fid']])
{
$forum['lastread'] = $forumsread[$forum['fid']];
}
}

 
		$readforums[$forum['fid']] = $forum['lastread'];
}


		$readforums[$forum['fid']] = $forum['lastread'];
}


Zeile 1858Zeile 1853
		$forumpermissions = $fpermissions[$forum['fid']];

if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)

		$forumpermissions = $fpermissions[$forum['fid']];

if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)

		{

		{

			continue;
}


			continue;
}


Zeile 1869Zeile 1864
		{
$posts = '-';
$threads = '-';

		{
$posts = '-';
$threads = '-';

		}

		}

		else
{
$posts = my_number_format($forum['posts']);
$threads = my_number_format($forum['threads']);

		else
{
$posts = my_number_format($forum['posts']);
$threads = my_number_format($forum['threads']);

		}

if($forum['lastpost'] == 0 || $forum['lastposter'] == "")

		}

if($forum['lastpost'] == 0)

		{
eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost_never")."\";");
}
// Hide last post
elseif(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $forum['lastposteruid'] != $mybb->user['uid'])

		{
eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost_never")."\";");
}
// Hide last post
elseif(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $forum['lastposteruid'] != $mybb->user['uid'])

		{

		{

			eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost_hidden")."\";");
}
else

			eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost_hidden")."\";");
}
else

Zeile 1890Zeile 1885
			$forum['lastpostsubject'] = $parser->parse_badwords($forum['lastpostsubject']);
$lastpost_date = my_date('relative', $forum['lastpost']);
$lastposttid = $forum['lastposttid'];

			$forum['lastpostsubject'] = $parser->parse_badwords($forum['lastpostsubject']);
$lastpost_date = my_date('relative', $forum['lastpost']);
$lastposttid = $forum['lastposttid'];

			$lastposter = $forum['lastposter'];
$lastpost_profilelink = build_profile_link($lastposter, $forum['lastposteruid']);















			if(!$forum['lastposteruid'] && !$forum['lastposter'])
{
$lastposter = htmlspecialchars_uni($lang->guest);
}
else
{
$lastposter = htmlspecialchars_uni($forum['lastposter']);
}
if($forum['lastposteruid'] == 0)
{
$lastpost_profilelink = $lastposter;
}
else
{
$lastpost_profilelink = build_profile_link($lastposter, $forum['lastposteruid']);
}

			$full_lastpost_subject = $lastpost_subject = htmlspecialchars_uni($forum['lastpostsubject']);
if(my_strlen($lastpost_subject) > 25)
{

			$full_lastpost_subject = $lastpost_subject = htmlspecialchars_uni($forum['lastpostsubject']);
if(my_strlen($lastpost_subject) > 25)
{

Zeile 1912Zeile 1921
	if(!$forums)
{
eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";");

	if(!$forums)
{
eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";");

	}


	}


	$plugins->run_hooks("usercp_forumsubscriptions_end");

	$plugins->run_hooks("usercp_forumsubscriptions_end");





	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";");
output_page($forumsubscriptions);

	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";");
output_page($forumsubscriptions);

 
}

if($mybb->input['action'] == "do_addsubscription" && $mybb->get_input('type') != "forum")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

$thread = get_thread($mybb->get_input('tid'));
if(!$thread || $thread['visible'] == -1)
{
error($lang->error_invalidthread);
}

// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);

// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);
}

$forumpermissions = forum_permissions($thread['fid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
{
error_no_permission();
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_do_addsubscription");

add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));

if($mybb->get_input('referrer'))
{
$mybb->input['referrer'] = $mybb->get_input('referrer');

if(my_strpos($mybb->input['referrer'], $mybb->settings['bburl'].'/') !== 0)
{
if(my_strpos($mybb->input['referrer'], '/') === 0)
{
$mybb->input['referrer'] = my_substr($mybb->input['url'], 1);
}
$url_segments = explode('/', $mybb->input['referrer']);
$mybb->input['referrer'] = $mybb->settings['bburl'].'/'.end($url_segments);
}

$url = htmlspecialchars_uni($mybb->input['referrer']);
}
else
{
$url = get_thread_link($thread['tid']);
}
redirect($url, $lang->redirect_subscriptionadded);
}

if($mybb->input['action'] == "addsubscription")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

if($mybb->get_input('type') == "forum")
{
$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
if(!$forum)
{
error($lang->error_invalidforum);
}
$forumpermissions = forum_permissions($forum['fid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
{
error_no_permission();
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($forum['fid']);

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_addsubscription_forum");

add_subscribed_forum($forum['fid']);
if($server_http_referer && $mybb->request_method != 'post')
{
$url = $server_http_referer;
}
else
{
$url = "index.php";
}
redirect($url, $lang->redirect_forumsubscriptionadded);
}
else
{
$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(!$thread || $thread['visible'] == -1)
{
error($lang->error_invalidthread);
}

// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);

// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);
}

add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions");
add_breadcrumb($lang->nav_addsubscription);

$forumpermissions = forum_permissions($thread['fid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
{
error_no_permission();
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);

$referrer = '';
if($server_http_referer)
{
$referrer = $server_http_referer;
}

require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;
$thread['subject'] = $parser->parse_badwords($thread['subject']);
$thread['subject'] = htmlspecialchars_uni($thread['subject']);
$lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']);

$notification_none_checked = $notification_email_checked = $notification_pm_checked = '';
if($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0)
{
$notification_none_checked = "checked=\"checked\"";
}
elseif($mybb->user['subscriptionmethod'] == 2)
{
$notification_email_checked = "checked=\"checked\"";
}
elseif($mybb->user['subscriptionmethod'] == 3)
{
$notification_pm_checked = "checked=\"checked\"";
}

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_addsubscription_thread");

eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";");
output_page($add_subscription);
exit;
}
}

if($mybb->input['action'] == "removesubscription")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

if($mybb->get_input('type') == "forum")
{
$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
if(!$forum)
{
error($lang->error_invalidforum);
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($forum['fid']);

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_forum");

remove_subscribed_forum($forum['fid']);
if($server_http_referer && $mybb->request_method != 'post')
{
$url = $server_http_referer;
}
else
{
$url = "usercp.php?action=forumsubscriptions";
}
redirect($url, $lang->redirect_forumsubscriptionremoved);
}
else
{
$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(!$thread)
{
error($lang->error_invalidthread);
}

// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);

// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_thread");

remove_subscribed_thread($thread['tid']);
if($server_http_referer && $mybb->request_method != 'post')
{
$url = $server_http_referer;
}
else
{
$url = "usercp.php?action=subscriptions";
}
redirect($url, $lang->redirect_subscriptionremoved);
}
}

if($mybb->input['action'] == "removesubscriptions")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

if($mybb->get_input('type') == "forum")
{
// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscriptions_forum");

$db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");
if($server_http_referer)
{
$url = $server_http_referer;
}
else
{
$url = "usercp.php?action=forumsubscriptions";
}
redirect($url, $lang->redirect_forumsubscriptionsremoved);
}
else
{
// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscriptions_thread");

$db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'");
if($server_http_referer)
{
$url = $server_http_referer;
}
else
{
$url = "usercp.php?action=subscriptions";
}
redirect($url, $lang->redirect_subscriptionsremoved);
}

}

if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")

}

if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")

Zeile 1984Zeile 2254
	{
// User currently has no signature and they're suspended
error($lang->sig_suspended);

	{
// User currently has no signature and they're suspended
error($lang->sig_suspended);

	}


	}


	if($mybb->usergroup['canusesig'] != 1)
{
// Usergroup has no permission to use this facility
error_no_permission();

	if($mybb->usergroup['canusesig'] != 1)
{
// Usergroup has no permission to use this facility
error_no_permission();

	}
else if($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])

	}
elseif($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])

	{
// Usergroup can use this facility, but only after x posts
error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));

	{
// Usergroup can use this facility, but only after x posts
error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));

Zeile 2009Zeile 2279
			"filter_badwords" => 1
);


			"filter_badwords" => 1
);


		if($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0)

		if($mybb->user['showimages'] != 1)

		{
$sig_parser['allow_imgcode'] = 0;

		{
$sig_parser['allow_imgcode'] = 0;

		}


		}


		$sigpreview = $parser->parse_message($sig, $sig_parser);
eval("\$signature = \"".$templates->get($template)."\";");
}

// User has a current signature, so let's display it (but show an error message)
if($mybb->user['suspendsignature'] && $mybb->user['suspendsigtime'] > TIME_NOW)

		$sigpreview = $parser->parse_message($sig, $sig_parser);
eval("\$signature = \"".$templates->get($template)."\";");
}

// User has a current signature, so let's display it (but show an error message)
if($mybb->user['suspendsignature'] && $mybb->user['suspendsigtime'] > TIME_NOW)

	{

	{

		$plugins->run_hooks("usercp_editsig_end");

// User either doesn't have permission, or has their signature suspended

		$plugins->run_hooks("usercp_editsig_end");

// User either doesn't have permission, or has their signature suspended

Zeile 2033Zeile 2303
		{
$sigsmilies = $lang->on;
$smilieinserter = build_clickable_smilies();

		{
$sigsmilies = $lang->on;
$smilieinserter = build_clickable_smilies();

		}
else
{

		}
else
{

			$sigsmilies = $lang->off;

			$sigsmilies = $lang->off;

		}

		}

		if($mybb->settings['sigmycode'] == 1)

		if($mybb->settings['sigmycode'] == 1)

		{

		{

			$sigmycode = $lang->on;

			$sigmycode = $lang->on;

		}
else
{

		}
else
{

			$sigmycode = $lang->off;
}
if($mybb->settings['sightml'] == 1)
{
$sightml = $lang->on;

			$sigmycode = $lang->off;
}
if($mybb->settings['sightml'] == 1)
{
$sightml = $lang->on;

		}
else
{

		}
else
{

			$sightml = $lang->off;
}
if($mybb->settings['sigimgcode'] == 1)

			$sightml = $lang->off;
}
if($mybb->settings['sigimgcode'] == 1)

Zeile 2101Zeile 2371
	elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == 0)

	elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == 0)

		{

		{

			error_no_permission();
}
$avatar = upload_avatar();

			error_no_permission();
}
$avatar = upload_avatar();

Zeile 2123Zeile 2393
			$db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
}

			$db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
}

	else // remote avatar

	elseif($mybb->settings['allowremoteavatars']) // remote avatar

	{
$mybb->input['avatarurl'] = trim($mybb->get_input('avatarurl'));
if(validate_email_format($mybb->input['avatarurl']) != false)

	{
$mybb->input['avatarurl'] = trim($mybb->get_input('avatarurl'));
if(validate_email_format($mybb->input['avatarurl']) != false)

Zeile 2141Zeile 2411
			}

// Because Gravatars are square, hijack the width

			}

// Because Gravatars are square, hijack the width

			list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

			list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

			$maxheight = (int)$maxwidth;

// Rating?

			$maxheight = (int)$maxwidth;

// Rating?

Zeile 2156Zeile 2426
			$s = "?s={$maxheight}&r={$rating}&d=mm";

$updated_avatar = array(

			$s = "?s={$maxheight}&r={$rating}&d=mm";

$updated_avatar = array(

				"avatar" => "http://www.gravatar.com/avatar/{$email}{$s}.jpg",

				"avatar" => "https://www.gravatar.com/avatar/{$email}{$s}",

				"avatardimensions" => "{$maxheight}|{$maxheight}",
"avatartype" => "gravatar"
);

				"avatardimensions" => "{$maxheight}|{$maxheight}",
"avatartype" => "gravatar"
);

Zeile 2199Zeile 2469
			{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{

			{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{

					list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

					list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

					if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);

					if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);

Zeile 2223Zeile 2493
				remove_avatars($mybb->user['uid']);
}
}

				remove_avatars($mybb->user['uid']);
}
}

 
	}
else // remote avatar, but remote avatars are not allowed
{
$avatar_error = $lang->error_remote_avatar_not_allowed;

	}

if(empty($avatar_error))

	}

if(empty($avatar_error))

Zeile 2247Zeile 2521
	{
$avatarmsg = "<br /><strong>".$lang->already_uploaded_avatar."</strong>";
}

	{
$avatarmsg = "<br /><strong>".$lang->already_uploaded_avatar."</strong>";
}

	elseif($mybb->user['avatartype'] == "remote" || my_strpos(my_strtolower($mybb->user['avatar']), "http://") !== false)

	elseif($mybb->user['avatartype'] == "remote" || my_validate_url($mybb->user['avatar']))

	{
$avatarmsg = "<br /><strong>".$lang->using_remote_avatar."</strong>";
$avatarurl = htmlspecialchars_uni($mybb->user['avatar']);

	{
$avatarmsg = "<br /><strong>".$lang->using_remote_avatar."</strong>";
$avatarurl = htmlspecialchars_uni($mybb->user['avatar']);

	}

$useravatar = format_avatar(htmlspecialchars_uni($mybb->user['avatar']), $mybb->user['avatardimensions'], '100x100');
eval("\$currentavatar = \"".$templates->get("usercp_avatar_current")."\";");


	}

$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
eval("\$currentavatar = \"".$templates->get("usercp_avatar_current")."\";");


	if($mybb->settings['maxavatardims'] != "")
{

	if($mybb->settings['maxavatardims'] != "")
{

		list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

		list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);

		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);

	}


	}


	if($mybb->settings['avatarsize'])
{
$maxsize = get_friendly_size($mybb->settings['avatarsize']*1024);
$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);
}

	if($mybb->settings['avatarsize'])
{
$maxsize = get_friendly_size($mybb->settings['avatarsize']*1024);
$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);
}

 

$plugins->run_hooks("usercp_avatar_intermediate");


$auto_resize = '';
if($mybb->settings['avatarresizing'] == "auto")
{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");
}


$auto_resize = '';
if($mybb->settings['avatarresizing'] == "auto")
{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");
}

	else if($mybb->settings['avatarresizing'] == "user")

	elseif($mybb->settings['avatarresizing'] == "user")

	{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
}

	{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
}

Zeile 2282Zeile 2558
	if($mybb->usergroup['canuploadavatars'] == 1)
{
eval("\$avatarupload = \"".$templates->get("usercp_avatar_upload")."\";");

	if($mybb->usergroup['canuploadavatars'] == 1)
{
eval("\$avatarupload = \"".$templates->get("usercp_avatar_upload")."\";");

 
	}

$avatar_remote = '';
if($mybb->settings['allowremoteavatars'] == 1)
{
eval("\$avatar_remote = \"".$templates->get("usercp_avatar_remote")."\";");

	}

$removeavatar = '';

	}

$removeavatar = '';

Zeile 2293Zeile 2575
	$plugins->run_hooks("usercp_avatar_end");

if(!isset($avatar_error))

	$plugins->run_hooks("usercp_avatar_end");

if(!isset($avatar_error))

	{

	{

		$avatar_error = '';
}

		$avatar_error = '';
}





	eval("\$avatar = \"".$templates->get("usercp_avatar")."\";");
output_page($avatar);
}

	eval("\$avatar = \"".$templates->get("usercp_avatar")."\";");
output_page($avatar);
}





if($mybb->input['action'] == "acceptrequest")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

// Validate request

if($mybb->input['action'] == "acceptrequest")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

// Validate request

	$query = $db->simple_select('buddyrequests', '*', 'id='.(int)$mybb->input['id'].' AND touid='.(int)$mybb->user['uid']);

	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);

	$request = $db->fetch_array($query);
if(empty($request))
{
error($lang->invalid_request);
}

	$request = $db->fetch_array($query);
if(empty($request))
{
error($lang->invalid_request);
}

	



	$plugins->run_hooks("usercp_acceptrequest_start");

	$plugins->run_hooks("usercp_acceptrequest_start");

	



	$user = get_user($request['uid']);
if(!empty($user))
{

	$user = get_user($request['uid']);
if(!empty($user))
{

Zeile 2328Zeile 2610
		{
$user['buddylist'] = array();
}

		{
$user['buddylist'] = array();
}

		



		$user['buddylist'][] = (int)$mybb->user['uid'];

		$user['buddylist'][] = (int)$mybb->user['uid'];

		



		// Now we have the new list, so throw it all back together
$new_list = implode(",", $user['buddylist']);

		// Now we have the new list, so throw it all back together
$new_list = implode(",", $user['buddylist']);


// And clean it up a little to ensure there is no possibility of bad values
$new_list = preg_replace("#,{2,}#", ",", $new_list);
$new_list = preg_replace("#[^0-9,]#", "", $new_list);

if(my_substr($new_list, 0, 1) == ",")
{
$new_list = my_substr($new_list, 1);
}
if(my_substr($new_list, -1) == ",")
{


// And clean it up a little to ensure there is no possibility of bad values
$new_list = preg_replace("#,{2,}#", ",", $new_list);
$new_list = preg_replace("#[^0-9,]#", "", $new_list);

if(my_substr($new_list, 0, 1) == ",")
{
$new_list = my_substr($new_list, 1);
}
if(my_substr($new_list, -1) == ",")
{

			$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
}

			$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
}

		



		$user['buddylist'] = $db->escape_string($new_list);

		$user['buddylist'] = $db->escape_string($new_list);

		



		$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");

		$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");

		





		// We want to add the user to our buddy list
if($mybb->user['buddylist'] != '')
{

		// We want to add the user to our buddy list
if($mybb->user['buddylist'] != '')
{

Zeile 2361Zeile 2643
		{
$mybb->user['buddylist'] = array();
}

		{
$mybb->user['buddylist'] = array();
}

		



		$mybb->user['buddylist'][] = (int)$request['uid'];

		$mybb->user['buddylist'][] = (int)$request['uid'];

		



		// Now we have the new list, so throw it all back together
$new_list = implode(",", $mybb->user['buddylist']);


		// Now we have the new list, so throw it all back together
$new_list = implode(",", $mybb->user['buddylist']);


Zeile 2379Zeile 2661
		{
$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
}

		{
$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
}

		



		$mybb->user['buddylist'] = $db->escape_string($new_list);

		$mybb->user['buddylist'] = $db->escape_string($new_list);

		



		$db->update_query("users", array('buddylist' => $mybb->user['buddylist']), "uid='".(int)$mybb->user['uid']."'");

		$db->update_query("users", array('buddylist' => $mybb->user['buddylist']), "uid='".(int)$mybb->user['uid']."'");

	



		$pm = array(
'subject' => 'buddyrequest_accepted_request',
'message' => 'buddyrequest_accepted_request_message',

		$pm = array(
'subject' => 'buddyrequest_accepted_request',
'message' => 'buddyrequest_accepted_request_message',

Zeile 2391Zeile 2673
			'language' => $user['language'],
'language_file' => 'usercp'
);

			'language' => $user['language'],
'language_file' => 'usercp'
);

	



		send_pm($pm, $mybb->user['uid'], true);

		send_pm($pm, $mybb->user['uid'], true);

		



		$db->delete_query('buddyrequests', 'id='.(int)$request['id']);
}
else
{
error($lang->user_doesnt_exist);
}

		$db->delete_query('buddyrequests', 'id='.(int)$request['id']);
}
else
{
error($lang->user_doesnt_exist);
}

	



	$plugins->run_hooks("usercp_acceptrequest_end");

	$plugins->run_hooks("usercp_acceptrequest_end");

	



	redirect("usercp.php?action=editlists", $lang->buddyrequest_accepted);
}

	redirect("usercp.php?action=editlists", $lang->buddyrequest_accepted);
}

 


elseif($mybb->input['action'] == "declinerequest")

elseif($mybb->input['action'] == "declinerequest")

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

// Validate request
$query = $db->simple_select('buddyrequests', '*', 'id='.(int)$mybb->input['id'].' AND touid='.(int)$mybb->user['uid']);
$request = $db->fetch_array($query);
if(empty($request))
{
error($lang->invalid_request);
}


{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

// Validate request
$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
$request = $db->fetch_array($query);
if(empty($request))
{
error($lang->invalid_request);
}


	$plugins->run_hooks("usercp_declinerequest_start");

	$plugins->run_hooks("usercp_declinerequest_start");

	



	$user = get_user($request['uid']);
if(!empty($user))
{
$db->delete_query('buddyrequests', 'id='.(int)$request['id']);

	$user = get_user($request['uid']);
if(!empty($user))
{
$db->delete_query('buddyrequests', 'id='.(int)$request['id']);

	}
else
{

	}
else
{

		error($lang->user_doesnt_exist);
}

		error($lang->user_doesnt_exist);
}





	$plugins->run_hooks("usercp_declinerequest_end");

	$plugins->run_hooks("usercp_declinerequest_end");

	



	redirect("usercp.php?action=editlists", $lang->buddyrequest_declined);
}

	redirect("usercp.php?action=editlists", $lang->buddyrequest_declined);
}

 


elseif($mybb->input['action'] == "cancelrequest")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

elseif($mybb->input['action'] == "cancelrequest")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

	



	// Validate request

	// Validate request

	$query = $db->simple_select('buddyrequests', '*', 'id='.(int)$mybb->input['id'].' AND uid='.(int)$mybb->user['uid']);

	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND uid='.(int)$mybb->user['uid']);

	$request = $db->fetch_array($query);
if(empty($request))

	$request = $db->fetch_array($query);
if(empty($request))

	{

	{

		error($lang->invalid_request);
}

		error($lang->invalid_request);
}

	



	$plugins->run_hooks("usercp_cancelrequest_start");

	$plugins->run_hooks("usercp_cancelrequest_start");

	



	$db->delete_query('buddyrequests', 'id='.(int)$request['id']);

	$db->delete_query('buddyrequests', 'id='.(int)$request['id']);





	$plugins->run_hooks("usercp_cancelrequest_end");

	$plugins->run_hooks("usercp_cancelrequest_end");

	



	redirect("usercp.php?action=editlists", $lang->buddyrequest_cancelled);
}


	redirect("usercp.php?action=editlists", $lang->buddyrequest_cancelled);
}


Zeile 2460Zeile 2744
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));





	$plugins->run_hooks("usercp_do_editlists_start");

$existing_users = array();

	$plugins->run_hooks("usercp_do_editlists_start");

$existing_users = array();

Zeile 2481Zeile 2765
	else
{
if($mybb->user['buddylist'])

	else
{
if($mybb->user['buddylist'])

		{

		{

			$existing_users = explode(",", $mybb->user['buddylist']);
}


			$existing_users = explode(",", $mybb->user['buddylist']);
}


Zeile 2489Zeile 2773
		{
// Create a list of ignored users
$selected_list = explode(",", $mybb->user['ignorelist']);

		{
// Create a list of ignored users
$selected_list = explode(",", $mybb->user['ignorelist']);

		}

		}

	}

$error_message = "";

	}

$error_message = "";

Zeile 2507Zeile 2791
		foreach($users as $key => $username)
{
if(empty($username))

		foreach($users as $key => $username)
{
if(empty($username))

			{
unset($users[$key]);
continue;
}

			{
unset($users[$key]);
continue;
}


if(my_strtoupper($mybb->user['username']) == my_strtoupper($username))
{
$adding_self = true;
unset($users[$key]);
continue;


if(my_strtoupper($mybb->user['username']) == my_strtoupper($username))
{
$adding_self = true;
unset($users[$key]);
continue;

			}

			}

			$users[$key] = $db->escape_string($username);
}

			$users[$key] = $db->escape_string($username);
}

		



		// Get the requests we have sent that are still pending
$query = $db->simple_select('buddyrequests', 'touid', 'uid='.(int)$mybb->user['uid']);
$requests = array();

		// Get the requests we have sent that are still pending
$query = $db->simple_select('buddyrequests', 'touid', 'uid='.(int)$mybb->user['uid']);
$requests = array();

		while($req = $db->fetch_array($query))
{

		while($req = $db->fetch_array($query))
{

			$requests[$req['touid']] = true;
}

			$requests[$req['touid']] = true;
}

		



		// Get the requests we have received that are still pending
$query = $db->simple_select('buddyrequests', 'uid', 'touid='.(int)$mybb->user['uid']);
$requests_rec = array();
while($req = $db->fetch_array($query))

		// Get the requests we have received that are still pending
$query = $db->simple_select('buddyrequests', 'uid', 'touid='.(int)$mybb->user['uid']);
$requests_rec = array();
while($req = $db->fetch_array($query))

		{

		{

			$requests_rec[$req['uid']] = true;
}

			$requests_rec[$req['uid']] = true;
}

		



		$sent = false;

// Fetch out new users
if(count($users) > 0)
{

		$sent = false;

// Fetch out new users
if(count($users) > 0)
{

			$query = $db->simple_select("users", "uid,buddyrequestsauto,buddyrequestspm,language", "LOWER(username) IN ('".my_strtolower(implode("','", $users))."')");











			switch($db->type)
{
case 'mysql':
case 'mysqli':
$field = 'username';
break;
default:
$field = 'LOWER(username)';
break;
}
$query = $db->simple_select("users", "uid,buddyrequestsauto,buddyrequestspm,language", "{$field} IN ('".my_strtolower(implode("','", $users))."')");

			while($user = $db->fetch_array($query))
{
++$found_users;

			while($user = $db->fetch_array($query))
{
++$found_users;

Zeile 2581Zeile 2875
					{
$error_message = $lang->users_already_sent_request_alt;
}

					{
$error_message = $lang->users_already_sent_request_alt;
}

					



					array_pop($users); // To maintain a proper count when we call count($users)
continue;
}

					array_pop($users); // To maintain a proper count when we call count($users)
continue;
}

				



				if(isset($requests_rec[$user['uid']]))
{
if($mybb->get_input('manage') != "ignored")

				if(isset($requests_rec[$user['uid']]))
{
if($mybb->get_input('manage') != "ignored")

Zeile 2596Zeile 2890
					{
$error_message = $lang->users_already_rec_request_alt;
}

					{
$error_message = $lang->users_already_rec_request_alt;
}

					



					array_pop($users); // To maintain a proper count when we call count($users)
continue;
}

					array_pop($users); // To maintain a proper count when we call count($users)
continue;
}

Zeile 2605Zeile 2899
				if($user['buddyrequestsauto'] == 1 && $mybb->get_input('manage') != "ignored")
{
$existing_users[] = $user['uid'];

				if($user['buddyrequestsauto'] == 1 && $mybb->get_input('manage') != "ignored")
{
$existing_users[] = $user['uid'];

	



					$pm = array(
'subject' => 'buddyrequest_new_buddy',
'message' => 'buddyrequest_new_buddy_message',

					$pm = array(
'subject' => 'buddyrequest_new_buddy',
'message' => 'buddyrequest_new_buddy_message',

						'touid' => $user['uid'],
'receivepms' => (int)$user['buddyrequestspm'],

						'touid' => $user['uid'],
'receivepms' => (int)$user['buddyrequestspm'],

						'language' => $user['language'],
'language_file' => 'usercp'
);

						'language' => $user['language'],
'language_file' => 'usercp'
);

					



					send_pm($pm);
}
elseif($user['buddyrequestsauto'] != 1 && $mybb->get_input('manage') != "ignored")

					send_pm($pm);
}
elseif($user['buddyrequestsauto'] != 1 && $mybb->get_input('manage') != "ignored")

				{

				{

					// Send request
$id = $db->insert_query('buddyrequests', array('uid' => (int)$mybb->user['uid'], 'touid' => (int)$user['uid'], 'date' => TIME_NOW));

					// Send request
$id = $db->insert_query('buddyrequests', array('uid' => (int)$mybb->user['uid'], 'touid' => (int)$user['uid'], 'date' => TIME_NOW));

	



					$pm = array(
'subject' => 'buddyrequest_received',
'message' => 'buddyrequest_received_message',

					$pm = array(
'subject' => 'buddyrequest_received',
'message' => 'buddyrequest_received_message',

Zeile 2630Zeile 2924
						'language' => $user['language'],
'language_file' => 'usercp'
);

						'language' => $user['language'],
'language_file' => 'usercp'
);

					



					send_pm($pm);

					send_pm($pm);

					



					$sent = true;
}
elseif($mybb->get_input('manage') == "ignored")
{
$existing_users[] = $user['uid'];

					$sent = true;
}
elseif($mybb->get_input('manage') == "ignored")
{
$existing_users[] = $user['uid'];

				}
}
}

				}
}
}


if($found_users < count($users))
{
if($error_message)


if($found_users < count($users))
{
if($error_message)

			{

			{

				$error_message .= "<br />";
}

$error_message .= $lang->invalid_user_selected;

				$error_message .= "<br />";
}

$error_message .= $lang->invalid_user_selected;

		}

		}


if(($adding_self != true || ($adding_self == true && count($users) > 0)) && ($error_message == "" || count($users) > 1))


if(($adding_self != true || ($adding_self == true && count($users) > 0)) && ($error_message == "" || count($users) > 1))

		{
if($mybb->get_input('manage') == "ignored")
{

		{
if($mybb->get_input('manage') == "ignored")
{

				$message = $lang->users_added_to_ignore_list;
}
else

				$message = $lang->users_added_to_ignore_list;
}
else

Zeile 2665Zeile 2959
		}

if($adding_self == true)

		}

if($adding_self == true)

		{

		{

			if($mybb->get_input('manage') == "ignored")
{
$error_message = $lang->cant_add_self_to_ignore_list;

			if($mybb->get_input('manage') == "ignored")
{
$error_message = $lang->cant_add_self_to_ignore_list;

Zeile 2675Zeile 2969
				$error_message = $lang->cant_add_self_to_buddy_list;
}
}

				$error_message = $lang->cant_add_self_to_buddy_list;
}
}





		if(count($existing_users) == 0)
{
$message = "";

		if(count($existing_users) == 0)
{
$message = "";

			



			if($sent === true)
{
$message = $lang->buddyrequests_sent_success;

			if($sent === true)
{
$message = $lang->buddyrequests_sent_success;

Zeile 2688Zeile 2982
	}

// Removing a user from this list

	}

// Removing a user from this list

	else if($mybb->get_input('delete', 1))

	elseif($mybb->get_input('delete', MyBB::INPUT_INT))

	{
// Check if user exists on the list

	{
// Check if user exists on the list

		$key = array_search($mybb->get_input('delete', 1), $existing_users);

		$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);

		if($key !== false)
{
unset($existing_users[$key]);

		if($key !== false)
{
unset($existing_users[$key]);

			$user = get_user($mybb->get_input('delete', 1));

			$user = get_user($mybb->get_input('delete', MyBB::INPUT_INT));

			if(!empty($user))
{
// We want to remove us from this user's buddy list

			if(!empty($user))
{
// We want to remove us from this user's buddy list

Zeile 2707Zeile 3001
				{
$user['buddylist'] = array();
}

				{
$user['buddylist'] = array();
}

				
$key = array_search((int)$mybb->input['delete'], $user['buddylist']);


$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $user['buddylist']);

				unset($user['buddylist'][$key]);

				unset($user['buddylist'][$key]);

				



				// Now we have the new list, so throw it all back together
$new_list = implode(",", $user['buddylist']);

				// Now we have the new list, so throw it all back together
$new_list = implode(",", $user['buddylist']);





				// And clean it up a little to ensure there is no possibility of bad values
$new_list = preg_replace("#,{2,}#", ",", $new_list);
$new_list = preg_replace("#[^0-9,]#", "", $new_list);

				// And clean it up a little to ensure there is no possibility of bad values
$new_list = preg_replace("#,{2,}#", ",", $new_list);
$new_list = preg_replace("#[^0-9,]#", "", $new_list);

Zeile 2726Zeile 3020
				{
$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
}

				{
$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
}

				



				$user['buddylist'] = $db->escape_string($new_list);

				$user['buddylist'] = $db->escape_string($new_list);

				



				$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");
}

				$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");
}

			



			if($mybb->get_input('manage') == "ignored")
{
$message = $lang->removed_from_ignore_list;

			if($mybb->get_input('manage') == "ignored")
{
$message = $lang->removed_from_ignore_list;

Zeile 2740Zeile 3034
			{
$message = $lang->removed_from_buddy_list;
}

			{
$message = $lang->removed_from_buddy_list;
}

 
			$user['username'] = htmlspecialchars_uni($user['username']);

			$message = $lang->sprintf($message, $user['username']);
}
}

			$message = $lang->sprintf($message, $user['username']);
}
}

Zeile 2750Zeile 3045
	// And clean it up a little to ensure there is no possibility of bad values
$new_list = preg_replace("#,{2,}#", ",", $new_list);
$new_list = preg_replace("#[^0-9,]#", "", $new_list);

	// And clean it up a little to ensure there is no possibility of bad values
$new_list = preg_replace("#,{2,}#", ",", $new_list);
$new_list = preg_replace("#[^0-9,]#", "", $new_list);





	if(my_substr($new_list, 0, 1) == ",")
{
$new_list = my_substr($new_list, 1);

	if(my_substr($new_list, 0, 1) == ",")
{
$new_list = my_substr($new_list, 1);

Zeile 2763Zeile 3058
	// And update
$user = array();
if($mybb->get_input('manage') == "ignored")

	// And update
$user = array();
if($mybb->get_input('manage') == "ignored")

	{

	{

		$user['ignorelist'] = $db->escape_string($new_list);
$mybb->user['ignorelist'] = $user['ignorelist'];
}

		$user['ignorelist'] = $db->escape_string($new_list);
$mybb->user['ignorelist'] = $user['ignorelist'];
}

Zeile 2776Zeile 3071
	$db->update_query("users", $user, "uid='".$mybb->user['uid']."'");

$plugins->run_hooks("usercp_do_editlists_end");

	$db->update_query("users", $user, "uid='".$mybb->user['uid']."'");

$plugins->run_hooks("usercp_do_editlists_end");





	// Ajax based request, throw new list to browser
if(!empty($mybb->input['ajax']))
{
if($mybb->get_input('manage') == "ignored")
{
$list = "ignore";

	// Ajax based request, throw new list to browser
if(!empty($mybb->input['ajax']))
{
if($mybb->get_input('manage') == "ignored")
{
$list = "ignore";

		}

		}

		else
{
$list = "buddy";

		else
{
$list = "buddy";

Zeile 2792Zeile 3087
		$message_js = '';
if($message)
{

		$message_js = '';
if($message)
{

			$message_js = "$.jGrowl('{$message}');";

			$message_js = "$.jGrowl('{$message}', {theme:'jgrowl_success'});";

		}

if($error_message)
{

		}

if($error_message)
{

			$message_js .= " $.jGrowl('{$error_message}');";

			$message_js .= " $.jGrowl('{$error_message}', {theme:'jgrowl_error'});";

		}


		}


		if($mybb->get_input('delete', 1))

		if($mybb->get_input('delete', MyBB::INPUT_INT))

		{
header("Content-type: text/javascript");

		{
header("Content-type: text/javascript");

			echo "$(\"#".$mybb->get_input('manage')."_".$mybb->get_input('delete', 1)."\").remove();\n";

			echo "$(\"#".$mybb->get_input('manage')."_".$mybb->get_input('delete', MyBB::INPUT_INT)."\").remove();\n";

			if($new_list == "")
{
echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";

			if($new_list == "")
{
echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";

 
				echo "\$(\"#buddylink\").remove();\n";


				if($mybb->get_input('manage') == "ignored")
{
echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";

				if($mybb->get_input('manage') == "ignored")
{
echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";

Zeile 2850Zeile 3147
		$query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array("order_by" => "username"));
while($user = $db->fetch_array($query))
{

		$query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array("order_by" => "username"));
while($user = $db->fetch_array($query))
{

 
			$user['username'] = htmlspecialchars_uni($user['username']);

			$profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);
if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])
{

			$profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);
if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])
{

Zeile 2879Zeile 3177
		$query = $db->simple_select("users", "*", "uid IN ({$mybb->user['ignorelist']})", array("order_by" => "username"));
while($user = $db->fetch_array($query))
{

		$query = $db->simple_select("users", "*", "uid IN ({$mybb->user['ignorelist']})", array("order_by" => "username"));
while($user = $db->fetch_array($query))
{

 
			$user['username'] = htmlspecialchars_uni($user['username']);

			$profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);
if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])
{

			$profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);
if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])
{

Zeile 2914Zeile 3213
				$sent_rows = '';
$query = $db->query("
SELECT r.*, u.username

				$sent_rows = '';
$query = $db->query("
SELECT r.*, u.username

					FROM `".TABLE_PREFIX."buddyrequests` r
LEFT JOIN `".TABLE_PREFIX."users` u ON (u.uid=r.touid)
WHERE r.uid=".(int)$mybb->user['uid']."
");

					FROM ".TABLE_PREFIX."buddyrequests r
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.touid)
WHERE r.uid=".(int)$mybb->user['uid']);


				while($request = $db->fetch_array($query))
{
$bgcolor = alt_trow();
$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);

				while($request = $db->fetch_array($query))
{
$bgcolor = alt_trow();
$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);

					$request['date'] = my_date($mybb->settings['dateformat'], $request['date'])." ".my_date($mybb->settings['timeformat'], $request['date']);

					$request['date'] = my_date('relative', $request['date']);

					eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request", 1, 0)."\";");

					eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request", 1, 0)."\";");

				}


				}


				if($sent_rows == '')
{
eval("\$sent_rows = \"".$templates->get("usercp_editlists_no_requests", 1, 0)."\";");
}

				if($sent_rows == '')
{
eval("\$sent_rows = \"".$templates->get("usercp_editlists_no_requests", 1, 0)."\";");
}

				



				eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");

				eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");

			



				echo $sentrequests;
echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>";
}

				echo $sentrequests;
echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>";
}

Zeile 2943Zeile 3242
			}
}
exit;

			}
}
exit;

	}


	}


	$received_rows = '';

	$received_rows = '';

	$query = $db->query("
SELECT r.*, u.username
FROM `".TABLE_PREFIX."buddyrequests` r
LEFT JOIN `".TABLE_PREFIX."users` u ON (u.uid=r.uid)
WHERE r.touid=".(int)$mybb->user['uid']."
");
while($request = $db->fetch_array($query))
{
$bgcolor = alt_trow();

	$query = $db->query("
SELECT r.*, u.username
FROM ".TABLE_PREFIX."buddyrequests r
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.uid)
WHERE r.touid=".(int)$mybb->user['uid']);

while($request = $db->fetch_array($query))
{
$bgcolor = alt_trow();

		$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['uid']);

		$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['uid']);

		$request['date'] = my_date($mybb->settings['dateformat'], $request['date'])." ".my_date($mybb->settings['timeformat'], $request['date']);

		$request['date'] = my_date('relative', $request['date']);

		eval("\$received_rows .= \"".$templates->get("usercp_editlists_received_request")."\";");
}

		eval("\$received_rows .= \"".$templates->get("usercp_editlists_received_request")."\";");
}

	



	if($received_rows == '')
{

	if($received_rows == '')
{

		eval("\$received_rows = \"".$templates->get("usercp_editlists_no_requests")."\";");

		eval("\$received_rows = \"".$templates->get("usercp_editlists_no_requests")."\";");

	}

	}

	



	eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");

	eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");

	



	$sent_rows = '';
$query = $db->query("
SELECT r.*, u.username

	$sent_rows = '';
$query = $db->query("
SELECT r.*, u.username

		FROM `".TABLE_PREFIX."buddyrequests` r
LEFT JOIN `".TABLE_PREFIX."users` u ON (u.uid=r.touid)
WHERE r.uid=".(int)$mybb->user['uid']."
");

		FROM ".TABLE_PREFIX."buddyrequests r
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.touid)
WHERE r.uid=".(int)$mybb->user['uid']);


	while($request = $db->fetch_array($query))
{
$bgcolor = alt_trow();
$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);

	while($request = $db->fetch_array($query))
{
$bgcolor = alt_trow();
$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);

		$request['date'] = my_date($mybb->settings['dateformat'], $request['date'])." ".my_date($mybb->settings['timeformat'], $request['date']);

		$request['date'] = my_date('relative', $request['date']);

		eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request")."\";");
}

		eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request")."\";");
}

	



	if($sent_rows == '')
{
eval("\$sent_rows = \"".$templates->get("usercp_editlists_no_requests")."\";");
}

	if($sent_rows == '')
{
eval("\$sent_rows = \"".$templates->get("usercp_editlists_no_requests")."\";");
}

	



	eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests")."\";");

	eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests")."\";");

	



	$plugins->run_hooks("usercp_editlists_end");

eval("\$listpage = \"".$templates->get("usercp_editlists")."\";");
output_page($listpage);
}

	$plugins->run_hooks("usercp_editlists_end");

eval("\$listpage = \"".$templates->get("usercp_editlists")."\";");
output_page($listpage);
}





if($mybb->input['action'] == "drafts")
{
$plugins->run_hooks("usercp_drafts_start");

if($mybb->input['action'] == "drafts")
{
$plugins->run_hooks("usercp_drafts_start");

Zeile 3038Zeile 3337
				$editurl = "newthread.php?action=editdraft&amp;tid={$draft['tid']}";
$id = $draft['tid'];
$type = "thread";

				$editurl = "newthread.php?action=editdraft&amp;tid={$draft['tid']}";
$id = $draft['tid'];
$type = "thread";

			}

			}


$draft['subject'] = htmlspecialchars_uni($draft['subject']);
$savedate = my_date('relative', $draft['dateline']);


$draft['subject'] = htmlspecialchars_uni($draft['subject']);
$savedate = my_date('relative', $draft['dateline']);

Zeile 3052Zeile 3351
	}

$plugins->run_hooks("usercp_drafts_end");

	}

$plugins->run_hooks("usercp_drafts_end");





	eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";");
output_page($draftlist);
}

	eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";");
output_page($draftlist);
}

Zeile 3063Zeile 3362
	verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("usercp_do_drafts_start");

	verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("usercp_do_drafts_start");

	$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', 2);

	$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY);

	if(empty($mybb->input['deletedraft']))
{
error($lang->no_drafts_selected);

	if(empty($mybb->input['deletedraft']))
{
error($lang->no_drafts_selected);

	}

	}

	$pidin = array();
$tidin = array();
foreach($mybb->input['deletedraft'] as $id => $val)

	$pidin = array();
$tidin = array();
foreach($mybb->input['deletedraft'] as $id => $val)

Zeile 3094Zeile 3393
		{
$pidin = implode(",", $pidin);
$pidinq = "pid IN ($pidin)";

		{
$pidin = implode(",", $pidin);
$pidinq = "pid IN ($pidin)";

		}

		}

		else
{
$pidinq = "1=0";

		else
{
$pidinq = "1=0";

Zeile 3113Zeile 3412
	$usergroups = $mybb->cache->read('usergroups');

// Changing our display group

	$usergroups = $mybb->cache->read('usergroups');

// Changing our display group

	if($mybb->get_input('displaygroup', 1))

	if($mybb->get_input('displaygroup', MyBB::INPUT_INT))

	{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

	{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

Zeile 3123Zeile 3422
			error($lang->not_member_of_group);
}


			error($lang->not_member_of_group);
}


		$dispgroup = $usergroups[$mybb->get_input('displaygroup', 1)];

		$dispgroup = $usergroups[$mybb->get_input('displaygroup', MyBB::INPUT_INT)];

		if($dispgroup['candisplaygroup'] != 1)
{
error($lang->cannot_set_displaygroup);
}

		if($dispgroup['candisplaygroup'] != 1)
{
error($lang->cannot_set_displaygroup);
}

		$db->update_query("users", array('displaygroup' => $mybb->get_input('displaygroup', 1)), "uid='".$mybb->user['uid']."'");

		$db->update_query("users", array('displaygroup' => $mybb->get_input('displaygroup', MyBB::INPUT_INT)), "uid='".$mybb->user['uid']."'");

		$cache->update_moderators();
$plugins->run_hooks("usercp_usergroups_change_displaygroup");
redirect("usercp.php?action=usergroups", $lang->display_group_changed);

		$cache->update_moderators();
$plugins->run_hooks("usercp_usergroups_change_displaygroup");
redirect("usercp.php?action=usergroups", $lang->display_group_changed);

Zeile 3136Zeile 3435
	}

// Leaving a group

	}

// Leaving a group

	if($mybb->get_input('leavegroup', 1))

	if($mybb->get_input('leavegroup', MyBB::INPUT_INT))

	{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


		if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', 1).",") === false)

		if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false)

		{
error($lang->not_member_of_group);
}

		{
error($lang->not_member_of_group);
}

		if($mybb->user['usergroup'] == $mybb->get_input('leavegroup', 1))

		if($mybb->user['usergroup'] == $mybb->get_input('leavegroup', MyBB::INPUT_INT))

		{
error($lang->cannot_leave_primary_group);
}


		{
error($lang->cannot_leave_primary_group);
}


		$usergroup = $usergroups[$mybb->get_input('leavegroup', 1)];

		$usergroup = $usergroups[$mybb->get_input('leavegroup', MyBB::INPUT_INT)];

		if($usergroup['type'] != 4 && $usergroup['type'] != 3 && $usergroup['type'] != 5)
{
error($lang->cannot_leave_group);
}

		if($usergroup['type'] != 4 && $usergroup['type'] != 3 && $usergroup['type'] != 5)
{
error($lang->cannot_leave_group);
}

		leave_usergroup($mybb->user['uid'], $mybb->get_input('leavegroup', 1));

		leave_usergroup($mybb->user['uid'], $mybb->get_input('leavegroup', MyBB::INPUT_INT));

		$plugins->run_hooks("usercp_usergroups_leave_group");
redirect("usercp.php?action=usergroups", $lang->left_group);
exit;

		$plugins->run_hooks("usercp_usergroups_leave_group");
redirect("usercp.php?action=usergroups", $lang->left_group);
exit;

Zeile 3165Zeile 3464

// List of usergroup leaders
$query = $db->query("


// List of usergroup leaders
$query = $db->query("

		SELECT g.*, u.username, u.displaygroup, u.usergroup

		SELECT g.*, u.username, u.displaygroup, u.usergroup, u.email, u.language

		FROM ".TABLE_PREFIX."groupleaders g
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=g.uid)
ORDER BY u.username ASC

		FROM ".TABLE_PREFIX."groupleaders g
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=g.uid)
ORDER BY u.username ASC

Zeile 3176Zeile 3475
	}

// Joining a group

	}

// Joining a group

	if($mybb->get_input('joingroup', 1))

	if($mybb->get_input('joingroup', MyBB::INPUT_INT))

	{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


	{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


		$usergroup = $usergroups[$mybb->get_input('joingroup', 1)];

		$usergroup = $usergroups[$mybb->get_input('joingroup', MyBB::INPUT_INT)];


if($usergroup['type'] == 5)
{


if($usergroup['type'] == 5)
{

Zeile 3193Zeile 3492
			error($lang->cannot_join_group);
}


			error($lang->cannot_join_group);
}


		if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', 1).",") !== false)

		if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false)

		{
error($lang->already_member_of_group);
}


		{
error($lang->already_member_of_group);
}


		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', 1)."'");

		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");

		$joinrequest = $db->fetch_array($query);

		$joinrequest = $db->fetch_array($query);

 


		if($joinrequest['rid'])

		if($joinrequest['rid'])

		{

		{

			error($lang->already_sent_join_request);
}

			error($lang->already_sent_join_request);
}

 


		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
{

		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
{

 
			$reasonlength = my_strlen($mybb->get_input('reason'));

if($reasonlength > 250) // Reason field is varchar(250) in database
{
error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250)));
}


			$now = TIME_NOW;
$joinrequest = array(
"uid" => $mybb->user['uid'],

			$now = TIME_NOW;
$joinrequest = array(
"uid" => $mybb->user['uid'],

				"gid" => $mybb->get_input('joingroup', 1),

				"gid" => $mybb->get_input('joingroup', MyBB::INPUT_INT),

				"reason" => $db->escape_string($mybb->get_input('reason')),
"dateline" => TIME_NOW
);

$db->insert_query("joinrequests", $joinrequest);


				"reason" => $db->escape_string($mybb->get_input('reason')),
"dateline" => TIME_NOW
);

$db->insert_query("joinrequests", $joinrequest);


			foreach($groupleaders as $key => $groupleader)

			if(array_key_exists($usergroup['gid'], $groupleaders))

			{

			{

				foreach($groupleader as $leader)

				foreach($groupleaders[$usergroup['gid']] as $leader)

				{

				{

					$leader_user = get_user($leader['uid']);


 
					// Load language

					// Load language

					$lang->set_language($leader_user['language']);

					$lang->set_language($leader['language']);

					$lang->load("messages");

					$lang->load("messages");

					



					$subject = $lang->sprintf($lang->emailsubject_newjoinrequest, $mybb->settings['bbname']);

					$subject = $lang->sprintf($lang->emailsubject_newjoinrequest, $mybb->settings['bbname']);

					$message = $lang->sprintf($lang->email_groupleader_joinrequest, $leader_user['username'], $mybb->user['username'], $usergroups[$leader['gid']]['title'], $mybb->settings['bbname'], $mybb->get_input('reason'), $mybb->settings['bburl'], $leader['gid']);
my_mail($leader_user['email'], $subject, $message);

					$message = $lang->sprintf($lang->email_groupleader_joinrequest, $leader['username'], $mybb->user['username'], $usergroup['title'], $mybb->settings['bbname'], $mybb->get_input('reason'), $mybb->settings['bburl'], $leader['gid']);
my_mail($leader['email'], $subject, $message);

				}
}

// Load language
$lang->set_language($mybb->user['language']);
$lang->load("messages");

				}
}

// Load language
$lang->set_language($mybb->user['language']);
$lang->load("messages");

			



			$plugins->run_hooks("usercp_usergroups_join_group_request");
redirect("usercp.php?action=usergroups", $lang->group_join_requestsent);
exit;
}
elseif($usergroup['type'] == 4)

			$plugins->run_hooks("usercp_usergroups_join_group_request");
redirect("usercp.php?action=usergroups", $lang->group_join_requestsent);
exit;
}
elseif($usergroup['type'] == 4)

		{
$joingroup = $mybb->get_input('joingroup', 1);

		{
$joingroup = $mybb->get_input('joingroup', MyBB::INPUT_INT);

			eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";");
output_page($joinpage);
exit;

			eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";");
output_page($joinpage);
exit;

		}
else
{
join_usergroup($mybb->user['uid'], $mybb->get_input('joingroup', 1));

		}
else
{
join_usergroup($mybb->user['uid'], $mybb->get_input('joingroup', MyBB::INPUT_INT));

			$plugins->run_hooks("usercp_usergroups_join_group");
redirect("usercp.php?action=usergroups", $lang->joined_group);
}
}

// Accepting invitation

			$plugins->run_hooks("usercp_usergroups_join_group");
redirect("usercp.php?action=usergroups", $lang->joined_group);
}
}

// Accepting invitation

	if($mybb->get_input('acceptinvite', 1))

	if($mybb->get_input('acceptinvite', MyBB::INPUT_INT))

	{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


	{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


		$usergroup = $usergroups[$mybb->get_input('acceptinvite', 1)];

		$usergroup = $usergroups[$mybb->get_input('acceptinvite', MyBB::INPUT_INT)];





		if(my_strpos($ingroups, ",".$mybb->get_input('acceptinvite', 1).",") !== false)

		if(my_strpos($ingroups, ",".$mybb->get_input('acceptinvite', MyBB::INPUT_INT).",") !== false)

		{
error($lang->already_accepted_invite);

		{
error($lang->already_accepted_invite);

		}

		}





		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('acceptinvite', 1)."' AND invite='1'");

		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('acceptinvite', MyBB::INPUT_INT)."' AND invite='1'");

		$joinrequest = $db->fetch_array($query);
if($joinrequest['rid'])
{

		$joinrequest = $db->fetch_array($query);
if($joinrequest['rid'])
{

			join_usergroup($mybb->user['uid'], $mybb->get_input('acceptinvite', 1));
$db->delete_query("joinrequests", "uid='{$mybb->user['uid']}' AND gid='".$mybb->get_input('acceptinvite', 1)."'");

			join_usergroup($mybb->user['uid'], $mybb->get_input('acceptinvite', MyBB::INPUT_INT));
$db->delete_query("joinrequests", "uid='{$mybb->user['uid']}' AND gid='".$mybb->get_input('acceptinvite', MyBB::INPUT_INT)."'");

			$plugins->run_hooks("usercp_usergroups_accept_invite");
redirect("usercp.php?action=usergroups", $lang->joined_group);
}

			$plugins->run_hooks("usercp_usergroups_accept_invite");
redirect("usercp.php?action=usergroups", $lang->joined_group);
}

Zeile 3288Zeile 3594
	$groupsledlist = '';

switch($db->type)

	$groupsledlist = '';

switch($db->type)

	{

	{

		case "pgsql":
case "sqlite":

		case "pgsql":
case "sqlite":

			$query = $db->query("
SELECT g.title, g.gid, g.type, COUNT(DISTINCT u.uid) AS users, COUNT(DISTINCT j.rid) AS joinrequests, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers
FROM ".TABLE_PREFIX."groupleaders l

			$query = $db->query("
SELECT g.title, g.gid, g.type, COUNT(DISTINCT u.uid) AS users, COUNT(DISTINCT j.rid) AS joinrequests, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers
FROM ".TABLE_PREFIX."groupleaders l

				LEFT JOIN ".TABLE_PREFIX."usergroups g ON(g.gid=l.gid)
LEFT JOIN ".TABLE_PREFIX."users u ON(((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid))

				LEFT JOIN ".TABLE_PREFIX."usergroups g ON(g.gid=l.gid)
LEFT JOIN ".TABLE_PREFIX."users u ON(((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid))

				LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0)
WHERE l.uid='".$mybb->user['uid']."'
GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers

				LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0)
WHERE l.uid='".$mybb->user['uid']."'
GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers

			");
break;
default:

			");
break;
default:

Zeile 3309Zeile 3615
				LEFT JOIN ".TABLE_PREFIX."users u ON(((CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%')) OR u.usergroup = g.gid))
LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0)
WHERE l.uid='".$mybb->user['uid']."'

				LEFT JOIN ".TABLE_PREFIX."users u ON(((CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%')) OR u.usergroup = g.gid))
LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0)
WHERE l.uid='".$mybb->user['uid']."'

				GROUP BY l.gid

				GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers

			");
}


			");
}


Zeile 3317Zeile 3623
	{
$memberlistlink = $moderaterequestslink = '';
eval("\$memberlistlink = \"".$templates->get("usercp_usergroups_leader_usergroup_memberlist")."\";");

	{
$memberlistlink = $moderaterequestslink = '';
eval("\$memberlistlink = \"".$templates->get("usercp_usergroups_leader_usergroup_memberlist")."\";");

 
		$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);

		if($usergroup['type'] != 4)
{
$usergroup['joinrequests'] = '--';

		if($usergroup['type'] != 4)
{
$usergroup['joinrequests'] = '--';

Zeile 3338Zeile 3645
	// Fetch the list of groups the member is in
// Do the primary group first
$usergroup = $usergroups[$mybb->user['usergroup']];

	// Fetch the list of groups the member is in
// Do the primary group first
$usergroup = $usergroups[$mybb->user['usergroup']];

 
	$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);
$usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);
$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);

	eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";");
$trow = alt_trow();
if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])

	eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";");
$trow = alt_trow();
if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])

Zeile 3376Zeile 3686
			}

$description = '';

			}

$description = '';

 
			$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);
$usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);

			if($usergroup['description'])
{

			if($usergroup['description'])
{

 
				$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);

				eval("\$description = \"".$templates->get("usercp_usergroups_memberof_usergroup_description")."\";");
}
$trow = alt_trow();

				eval("\$description = \"".$templates->get("usercp_usergroups_memberof_usergroup_description")."\";");
}
$trow = alt_trow();

Zeile 3419Zeile 3732
		$trow = alt_trow();

$description = '';

		$trow = alt_trow();

$description = '';

 
		$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);

		if($usergroup['description'])
{

		if($usergroup['description'])
{

 
			$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);

			eval("\$description = \"".$templates->get("usercp_usergroups_joinable_usergroup_description")."\";");
}


			eval("\$description = \"".$templates->get("usercp_usergroups_joinable_usergroup_description")."\";");
}


Zeile 3454Zeile 3769
		else
{
eval("\$joinlink = \"".$templates->get("usercp_usergroups_joinable_usergroup_join")."\";");

		else
{
eval("\$joinlink = \"".$templates->get("usercp_usergroups_joinable_usergroup_join")."\";");

		}

		}


$usergroupleaders = '';
if(!empty($groupleaders[$usergroup['gid']]))


$usergroupleaders = '';
if(!empty($groupleaders[$usergroup['gid']]))

Zeile 3463Zeile 3778
			$usergroupleaders = '';
foreach($groupleaders[$usergroup['gid']] as $leader)
{

			$usergroupleaders = '';
foreach($groupleaders[$usergroup['gid']] as $leader)
{

				$leader['username'] = format_name($leader['username'], $leader['usergroup'], $leader['displaygroup']);

				$leader['username'] = format_name(htmlspecialchars_uni($leader['username']), $leader['usergroup'], $leader['displaygroup']);

				$usergroupleaders .= $comma.build_profile_link($leader['username'], $leader['uid']);
$comma = $lang->comma;
}
$usergroupleaders = $lang->usergroup_leaders." ".$usergroupleaders;

				$usergroupleaders .= $comma.build_profile_link($leader['username'], $leader['uid']);
$comma = $lang->comma;
}
$usergroupleaders = $lang->usergroup_leaders." ".$usergroupleaders;

		}


		}


		if(my_strpos($usergroupleaders, $mybb->user['username']) === false)
{
// User is already a leader of the group, so don't show as a "Join Group"

		if(my_strpos($usergroupleaders, $mybb->user['username']) === false)
{
// User is already a leader of the group, so don't show as a "Join Group"

Zeile 3479Zeile 3794
	if($joinablegrouplist)
{
eval("\$joinablegroups = \"".$templates->get("usercp_usergroups_joinable")."\";");

	if($joinablegrouplist)
{
eval("\$joinablegroups = \"".$templates->get("usercp_usergroups_joinable")."\";");

	}

$plugins->run_hooks("usercp_usergroups_end");


	}

$plugins->run_hooks("usercp_usergroups_end");


	eval("\$groupmemberships = \"".$templates->get("usercp_usergroups")."\";");
output_page($groupmemberships);
}

	eval("\$groupmemberships = \"".$templates->get("usercp_usergroups")."\";");
output_page($groupmemberships);
}

Zeile 3495Zeile 3810
	if($mybb->settings['enableattachments'] == 0)
{
error($lang->attachments_disabled);

	if($mybb->settings['enableattachments'] == 0)
{
error($lang->attachments_disabled);

	}















	}

// Get unviewable forums
$f_perm_sql = '';
$unviewable_forums = get_unviewable_forums(true);
$inactiveforums = get_inactive_forums();
if($unviewable_forums)
{
$f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)";
}
if($inactiveforums)
{
$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";
}


	$attachments = '';

	$attachments = '';

 

$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'");
$usage = $db->fetch_array($query);
$totalattachments = $usage['acount'];


// Pagination
if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)


// Pagination
if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

Zeile 3506Zeile 3838
	}

$perpage = $mybb->settings['threadsperpage'];

	}

$perpage = $mybb->settings['threadsperpage'];

	$page = $mybb->get_input('page', 1);

	$page = $mybb->get_input('page', MyBB::INPUT_INT);


if($page > 0)
{
$start = ($page-1) * $perpage;


if($page > 0)
{
$start = ($page-1) * $perpage;

 
		$pages = ceil($totalattachments / $perpage);
if($page > $pages)
{
$start = 0;
$page = 1;
}

	}
else
{

	}
else
{

Zeile 3526Zeile 3864
		FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)

		FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)

		WHERE a.uid='".$mybb->user['uid']."'

		WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}

		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
");


		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
");


Zeile 3561Zeile 3899
		}
}


		}
}


	$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'");
$usage = $db->fetch_array($query);

 
	$totalusage = $usage['ausage'];

	$totalusage = $usage['ausage'];

	$totalattachments = $usage['acount'];
$friendlyusage = get_friendly_size($totalusage);

	$friendlyusage = get_friendly_size((int)$totalusage);


	if($mybb->usergroup['attachquota'])

	if($mybb->usergroup['attachquota'])

	{
$percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100)."%";


	{
$percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100);
$friendlyusage .= $lang->sprintf($lang->attachments_usage_percent, $percent);

		$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);

		$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);

		$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);

		$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $totalattachments);

	}
else
{

	}
else
{

		$percent = $lang->unlimited;

 
		$attachquota = $lang->unlimited;
$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);
}

		$attachquota = $lang->unlimited;
$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);
}

Zeile 3605Zeile 3940
	{
error($lang->no_attachments_selected);
}

	{
error($lang->no_attachments_selected);
}

 

// Get unviewable forums
$f_perm_sql = '';
$unviewable_forums = get_unviewable_forums(true);
$inactiveforums = get_inactive_forums();
if($unviewable_forums)
{
$f_perm_sql = " AND p.fid NOT IN ($unviewable_forums)";
}
if($inactiveforums)
{
$f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)";
}


	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");









$query = $db->query("
SELECT a.*, p.fid
FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
WHERE aid IN ({$aids}) AND a.uid={$mybb->user['uid']} {$f_perm_sql}
");


	while($attachment = $db->fetch_array($query))
{
remove_attachment($attachment['pid'], '', $attachment['aid']);

	while($attachment = $db->fetch_array($query))
{
remove_attachment($attachment['pid'], '', $attachment['aid']);

Zeile 3665Zeile 4021
	$lang->posts_day = $lang->sprintf($lang->posts_day, my_number_format($perday), $percent);
$regdate = my_date('relative', $mybb->user['regdate']);


	$lang->posts_day = $lang->sprintf($lang->posts_day, my_number_format($perday), $percent);
$regdate = my_date('relative', $mybb->user['regdate']);


	$useravatar = format_avatar(htmlspecialchars_uni($mybb->user['avatar']), $mybb->user['avatardimensions'], '100x100');


	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
$avatar_username = htmlspecialchars_uni($mybb->user['username']);

	eval("\$avatar = \"".$templates->get("usercp_currentavatar")."\";");


	eval("\$avatar = \"".$templates->get("usercp_currentavatar")."\";");


	$usergroup = $groupscache[$mybb->user['usergroup']]['title'];

	$usergroup = htmlspecialchars_uni($groupscache[$mybb->user['usergroup']]['title']);

	if($mybb->user['usergroup'] == 5 && $mybb->settings['regtype'] != "admin")
{
eval("\$usergroup .= \"".$templates->get("usercp_resendactivation")."\";");

	if($mybb->user['usergroup'] == 5 && $mybb->settings['regtype'] != "admin")
{
eval("\$usergroup .= \"".$templates->get("usercp_resendactivation")."\";");

Zeile 3676Zeile 4033
	// Make reputations row
$reputations = '';
if($mybb->usergroup['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1)

	// Make reputations row
$reputations = '';
if($mybb->usergroup['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1)

	{

	{

		$reputation_link = get_reputation($mybb->user['reputation']);
eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");
}

		$reputation_link = get_reputation($mybb->user['reputation']);
eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");
}

Zeile 3684Zeile 4041
	$latest_warnings = '';
if($mybb->settings['enablewarningsystem'] != 0 && $mybb->settings['canviewownwarning'] != 0)
{

	$latest_warnings = '';
if($mybb->settings['enablewarningsystem'] != 0 && $mybb->settings['canviewownwarning'] != 0)
{

 
		if($mybb->settings['maxwarningpoints'] < 1)
{
$mybb->settings['maxwarningpoints'] = 10;
}

		$warning_level = round($mybb->user['warningpoints']/$mybb->settings['maxwarningpoints']*100);
if($warning_level > 100)
{

		$warning_level = round($mybb->user['warningpoints']/$mybb->settings['maxwarningpoints']*100);
if($warning_level > 100)
{

Zeile 3725Zeile 4086
					$warning['postlink'] = get_post_link($warning['pid']);
eval("\$post_link .= \"".$templates->get("usercp_warnings_warning_post")."\";");
}

					$warning['postlink'] = get_post_link($warning['pid']);
eval("\$post_link .= \"".$templates->get("usercp_warnings_warning_post")."\";");
}

 
				$warning['username'] = htmlspecialchars_uni($warning['username']);

				$issuedby = build_profile_link($warning['username'], $warning['issuedby']);
$date_issued = my_date('relative', $warning['dateline']);
if($warning['type_title'])
{
$warning_type = $warning['type_title'];

				$issuedby = build_profile_link($warning['username'], $warning['issuedby']);
$date_issued = my_date('relative', $warning['dateline']);
if($warning['type_title'])
{
$warning_type = $warning['type_title'];

				}

				}

				else
{
$warning_type = $warning['title'];

				else
{
$warning_type = $warning['title'];

Zeile 3748Zeile 4110
					$expires = $lang->warning_revoked;
}
elseif($warning['expired'])

					$expires = $lang->warning_revoked;
}
elseif($warning['expired'])

				{

				{

					$expires = $lang->already_expired;
}
elseif($warning['expires'] == 0)
{
$expires = $lang->never;

					$expires = $lang->already_expired;
}
elseif($warning['expires'] == 0)
{
$expires = $lang->never;

				}

				}

				else
{

				else
{

					$expires = my_date('relative', $warning['expires']);

					$expires = nice_time($warning['expires']-TIME_NOW);

				}

$alt_bg = alt_trow();

				}

$alt_bg = alt_trow();

Zeile 3767Zeile 4129
			{
eval("\$latest_warnings = \"".$templates->get("usercp_warnings")."\";");
}

			{
eval("\$latest_warnings = \"".$templates->get("usercp_warnings")."\";");
}

		}

		}

	}

// Format username

	}

// Format username

	$username = format_name($mybb->user['username'], $mybb->user['usergroup'], $mybb->user['displaygroup']);

	$username = format_name(htmlspecialchars_uni($mybb->user['username']), $mybb->user['usergroup'], $mybb->user['displaygroup']);

	$username = build_profile_link($username, $mybb->user['uid']);

// Format post numbers

	$username = build_profile_link($username, $mybb->user['uid']);

// Format post numbers

Zeile 3781Zeile 4143
	if($mybb->settings['usereferrals'] == 1)
{
$referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);

	if($mybb->settings['usereferrals'] == 1)
{
$referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);

 

$referral_count = (int) $mybb->user['referrals'];
if($referral_count > 0)
{
$uid = (int) $mybb->user['uid'];
eval("\$mybb->user['referrals'] = \"".$templates->get('member_referrals_link')."\";");
}


		eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";");
}


		eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";");
}


Zeile 3838Zeile 4208
					else
{
$subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline'];

					else
{
$subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline'];

					}
}
}

					}
}
}


if($subscriptions)
{


if($subscriptions)
{

Zeile 3858Zeile 4228

foreach($subscriptions as $thread)
{


foreach($subscriptions as $thread)
{

 
					$plugins->run_hooks("usercp_thread_subscriptions_thread");

					$folder = '';
$folder_label = '';
$gotounread = '';

					$folder = '';
$folder_label = '';
$gotounread = '';

Zeile 3885Zeile 4256
						{
$icon = $icon_cache[$thread['icon']];
$icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']);

						{
$icon = $icon_cache[$thread['icon']];
$icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']);

 
							$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);

							eval("\$icon = \"".$templates->get("usercp_subscriptions_thread_icon")."\";");
}
else

							eval("\$icon = \"".$templates->get("usercp_subscriptions_thread_icon")."\";");
}
else

Zeile 3921Zeile 4294
						}

$lastpostdate = my_date('relative', $thread['lastpost']);

						}

$lastpostdate = my_date('relative', $thread['lastpost']);

						$lastposter = $thread['lastposter'];

 
						$lastposteruid = $thread['lastposteruid'];

						$lastposteruid = $thread['lastposteruid'];

 
						if(!$lastposteruid && !$thread['lastposter'])
{
$lastposter = htmlspecialchars_uni($lang->guest);
}
else
{
$lastposter = htmlspecialchars_uni($thread['lastposter']);
}


if($lastposteruid == 0)
{


if($lastposteruid == 0)
{

Zeile 3935Zeile 4315

$thread['replies'] = my_number_format($thread['replies']);
$thread['views'] = my_number_format($thread['views']);


$thread['replies'] = my_number_format($thread['replies']);
$thread['views'] = my_number_format($thread['views']);

 
						$thread['username'] = htmlspecialchars_uni($thread['username']);

						$thread['author'] = build_profile_link($thread['username'], $thread['uid']);

eval("\$latest_subscribed_threads .= \"".$templates->get("usercp_latest_subscribed_threads")."\";");

						$thread['author'] = build_profile_link($thread['username'], $thread['uid']);

eval("\$latest_subscribed_threads .= \"".$templates->get("usercp_latest_subscribed_threads")."\";");

Zeile 3953Zeile 4334
	$inactiveforums = get_inactive_forums();
if($unviewable_forums)
{

	$inactiveforums = get_inactive_forums();
if($unviewable_forums)
{

		$f_perm_sql = " AND t.fid NOT IN (".$unviewable_forums.")";

		$f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)";

	}
if($inactiveforums)
{

	}
if($inactiveforums)
{

		$f_perm_sql .= " AND t.fid NOT IN (".$inactiveforums.")";

		$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";

	}

$visible = " AND t.visible != 0";

	}

$visible = " AND t.visible != 0";

Zeile 3997Zeile 4378
	if(!empty($threadcache))
{
$tids = implode(",", array_keys($threadcache));

	if(!empty($threadcache))
{
$tids = implode(",", array_keys($threadcache));

 
		$readforums = array();


// Read Forums
$query = $db->query("


// Read Forums
$query = $db->query("

Zeile 4006Zeile 4388
			WHERE f.active != 0
ORDER BY pid, disporder
");

			WHERE f.active != 0
ORDER BY pid, disporder
");

 


		while($forum = $db->fetch_array($query))
{
$readforums[$forum['fid']] = $forum['lastread'];

		while($forum = $db->fetch_array($query))
{
$readforums[$forum['fid']] = $forum['lastread'];

Zeile 4038Zeile 4421
		$latest_threads_threads = '';
foreach($threadcache as $thread)
{

		$latest_threads_threads = '';
foreach($threadcache as $thread)
{

 
			$plugins->run_hooks("usercp_latest_threads_thread"); 

			if($thread['tid'])
{
$bgcolor = alt_trow();

			if($thread['tid'])
{
$bgcolor = alt_trow();

Zeile 4071Zeile 4455
				{
$icon = $icon_cache[$thread['icon']];
$icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']);

				{
$icon = $icon_cache[$thread['icon']];
$icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']);

 
					$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);

					eval("\$icon = \"".$templates->get("usercp_subscriptions_thread_icon")."\";");
}
else

					eval("\$icon = \"".$templates->get("usercp_subscriptions_thread_icon")."\";");
}
else

Zeile 4152Zeile 4538

if($thread['closed'] == 1)
{


if($thread['closed'] == 1)
{

					$folder .= "lock";
$folder_label .= $lang->icon_lock;

					$folder .= "close";
$folder_label .= $lang->icon_close;

				}

$folder .= "folder";

$lastpostdate = my_date('relative', $thread['lastpost']);

				}

$folder .= "folder";

$lastpostdate = my_date('relative', $thread['lastpost']);

				$lastposter = $thread['lastposter'];

				$lastposter = htmlspecialchars_uni($thread['lastposter']);

				$lastposteruid = $thread['lastposteruid'];

if($lastposteruid == 0)

				$lastposteruid = $thread['lastposteruid'];

if($lastposteruid == 0)

Zeile 4173Zeile 4559

$thread['replies'] = my_number_format($thread['replies']);
$thread['views'] = my_number_format($thread['views']);


$thread['replies'] = my_number_format($thread['replies']);
$thread['views'] = my_number_format($thread['views']);

 
				$thread['username'] = htmlspecialchars_uni($thread['username']);

				$thread['author'] = build_profile_link($thread['username'], $thread['uid']);

eval("\$latest_threads_threads .= \"".$templates->get("usercp_latest_threads_threads")."\";");

				$thread['author'] = build_profile_link($thread['username'], $thread['uid']);

eval("\$latest_threads_threads .= \"".$templates->get("usercp_latest_threads_threads")."\";");