Vergleich usercp.php - 1.8.13 - 1.8.22

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 10	Zeile 10
define("IN_MYBB", 1); define('THIS_SCRIPT', 'usercp.php');	define("IN_MYBB", 1); define('THIS_SCRIPT', 'usercp.php');
	define("ALLOWABLE_PAGE", "removesubscription,removesubscriptions");
$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon"; $templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";	$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon"; $templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";
Zeile 27	Zeile 28
$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms"; $templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format"; $templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";	$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms"; $templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format"; $templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";
	$templatelist .= ",usercp_addsubscription_thread,forumdisplay_password,forumdisplay_password_wrongpass,";
require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php";	require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php";
Zeile 53	Zeile 55
$mybb->input['action'] = $mybb->get_input('action'); usercp_menu();	$mybb->input['action'] = $mybb->get_input('action'); usercp_menu();
	$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']); if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0) { if(my_strpos($server_http_referer, '/') === 0) { $server_http_referer = my_substr($server_http_referer, 1); } $url_segments = explode('/', $server_http_referer); $server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments); }
$plugins->run_hooks("usercp_start"); if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")	$plugins->run_hooks("usercp_start"); if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
Zeile 213	Zeile 227
"away" => $away, "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY) );	"away" => $away, "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY) );
foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)	foreach(array('icq', 'skype', 'google') as $cfield)
{ $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '')	{ $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '')
Zeile 247	Zeile 261
{ $user['usertitle'] = $mybb->get_input('usertitle'); }	{ $user['usertitle'] = $mybb->get_input('usertitle'); }
else if(!empty($mybb->input['reverttitle']))	elseif(!empty($mybb->input['reverttitle']))
{ $user['usertitle'] = ''; }	{ $user['usertitle'] = ''; }
Zeile 257	Zeile 271
if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors();	if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors();
	$raw_errors = $userhandler->get_errors();

// Set allowed value otherwise select options disappear if(in_array($lang->userdata_invalid_birthday_privacy, $errors))	// Set to stored value if invalid if(array_key_exists("invalid_birthday_privacy", $raw_errors))
{	{
$mybb->input['birthdayprivacy'] = 'none';	$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];
} $errors = inline_error($errors);	} $errors = inline_error($errors);
Zeile 329	Zeile 344
{ $allselected = " selected=\"selected\""; }	{ $allselected = " selected=\"selected\""; }
else if($user['birthdayprivacy'] == 'none')	elseif($user['birthdayprivacy'] == 'none')
{ $noneselected = " selected=\"selected\""; }	{ $noneselected = " selected=\"selected\""; }
else if($user['birthdayprivacy'] == 'age')	elseif($user['birthdayprivacy'] == 'age')
{ $ageselected = " selected=\"selected\""; }	{ $ageselected = " selected=\"selected\""; }
Zeile 361	Zeile 376
{ $user['skype'] = htmlspecialchars_uni($user['skype']); $user['google'] = htmlspecialchars_uni($user['google']);	{ $user['skype'] = htmlspecialchars_uni($user['skype']); $user['google'] = htmlspecialchars_uni($user['google']);
$user['aim'] = htmlspecialchars_uni($user['aim']); $user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
} $contact_fields = array(); $contactfields = ''; $cfieldsshow = false;	} $contact_fields = array(); $contactfields = ''; $cfieldsshow = false;
foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)	foreach(array('icq', 'skype', 'google') as $cfield)
{ $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field';	{ $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field';
Zeile 578	Zeile 591
} elseif($type == "radio") {	} elseif($type == "radio") {
	$userfield = htmlspecialchars_uni($userfield);
$expoptions = explode("\n", $options); if(is_array($expoptions)) {	$expoptions = explode("\n", $options); if(is_array($expoptions)) {
Zeile 595	Zeile 609
} elseif($type == "checkbox") {	} elseif($type == "checkbox") {
	$userfield = htmlspecialchars_uni($userfield);
if($errors) { $useropts = $userfield;	if($errors) { $useropts = $userfield;
Zeile 872	Zeile 887
{ $no_subscribe_selected = "selected=\"selected\""; }	{ $no_subscribe_selected = "selected=\"selected\""; }
else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)
{ $instant_email_subscribe_selected = "selected=\"selected\""; }	{ $instant_email_subscribe_selected = "selected=\"selected\""; }
else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)
{ $instant_pm_subscribe_selected = "selected=\"selected\""; }	{ $instant_pm_subscribe_selected = "selected=\"selected\""; }
Zeile 962	Zeile 977
{ $dst_auto_selected = "selected=\"selected\""; }	{ $dst_auto_selected = "selected=\"selected\""; }
else if(isset($user['dstcorrection']) && $user['dstcorrection'] == 1)	elseif(isset($user['dstcorrection']) && $user['dstcorrection'] == 1)
{ $dst_enabled_selected = "selected=\"selected\""; }	{ $dst_enabled_selected = "selected=\"selected\""; }
Zeile 983	Zeile 998
if(isset($user['sourceeditor']) && $user['sourceeditor'] == 1) { $sourcemodecheck = "checked=\"checked\"";	if(isset($user['sourceeditor']) && $user['sourceeditor'] == 1) { $sourcemodecheck = "checked=\"checked\"";
} else {	} else {
$sourcemodecheck = ""; }	$sourcemodecheck = ""; }
Zeile 1157	Zeile 1172
eval("\$editprofile = \"".$templates->get("usercp_options")."\";"); output_page($editprofile);	eval("\$editprofile = \"".$templates->get("usercp_options")."\";"); output_page($editprofile);
}	}
if($mybb->input['action'] == "do_email" && $mybb->request_method == "post") { // Verify incoming POST request	if($mybb->input['action'] == "do_email" && $mybb->request_method == "post") { // Verify incoming POST request
Zeile 1182	Zeile 1197
"email" => $mybb->get_input('email'), "email2" => $mybb->get_input('email2') );	"email" => $mybb->get_input('email'), "email2" => $mybb->get_input('email2') );

$userhandler->set_data($user); if(!$userhandler->validate_user())	$userhandler->set_data($user); if(!$userhandler->validate_user())
{	{
$errors = $userhandler->get_friendly_errors(); } else {	$errors = $userhandler->get_friendly_errors(); } else {
if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != 1 && $mybb->settings['regtype'] != "verify")	$activation = false; // Checking for pending activations for non-activated accounts if($mybb->user['usergroup'] == 5 && ($mybb->settings['regtype'] == "verify" \|\| $mybb->settings['regtype'] == "both")) { $query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND (type='r' OR type='b')"); $activation = $db->fetch_array($query); } if($activation) { $userhandler->update_user(); $db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'"); // Send new activation mail for non-activated accounts $activationcode = random_str(); $activationarray = array( "uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "code" => $activationcode, "type" => $activation['type'] ); $db->insert_query("awaitingactivation", $activationarray); $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); switch($mybb->settings['username_method']) { case 0: $emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; case 1: $emailmessage = $lang->sprintf($lang->email_activateaccount1, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; case 2: $emailmessage = $lang->sprintf($lang->email_activateaccount2, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; default: $emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; } my_mail($mybb->user['email'], $emailsubject, $emailmessage); $plugins->run_hooks("usercp_do_email_changed"); redirect("usercp.php?action=email", $lang->redirect_emailupdated); } elseif($mybb->usergroup['cancp'] != 1 && ($mybb->settings['regtype'] == "verify" \|\| $mybb->settings['regtype'] == "both"))
{ $uid = $mybb->user['uid']; $username = $mybb->user['username'];	{ $uid = $mybb->user['uid']; $username = $mybb->user['username'];
Zeile 1264	Zeile 1322
$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false)	$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false)
{ $errors[] = $lang->error_invalidpassword; } else { // Set up user handler. require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update"); $user = array(	{ $errors[] = $lang->error_invalidpassword; } else { // Set up user handler. require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update"); $user = array(
"uid" => $mybb->user['uid'], "password" => $mybb->get_input('password'), "password2" => $mybb->get_input('password2')	"uid" => $mybb->user['uid'], "password" => $mybb->get_input('password'), "password2" => $mybb->get_input('password2')
Zeile 1284	Zeile 1342
if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors();	if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors();
}	}
else { $userhandler->update_user();	else { $userhandler->update_user();
my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true);	my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true, "lax");
// Notify the user by email that their password has been changed $mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']);	// Notify the user by email that their password has been changed $mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']);
Zeile 1307	Zeile 1365
} if($mybb->input['action'] == "password")	} if($mybb->input['action'] == "password")
{	{
$plugins->run_hooks("usercp_password"); eval("\$editpassword = \"".$templates->get("usercp_password")."\";");	$plugins->run_hooks("usercp_password"); eval("\$editpassword = \"".$templates->get("usercp_password")."\";");
Zeile 1318	Zeile 1376
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$errors = array();
$plugins->run_hooks("usercp_do_changename_start"); if($mybb->usergroup['canchangename'] != 1)	$plugins->run_hooks("usercp_do_changename_start"); if($mybb->usergroup['canchangename'] != 1)
Zeile 1367	Zeile 1427
if($mybb->usergroup['canchangename'] != 1) { error_no_permission();	if($mybb->usergroup['canchangename'] != 1) { error_no_permission();
	} // Coming back to this page after one or more errors were experienced, show field the user previously entered (with the exception of the password) if($errors) { $username = htmlspecialchars_uni($mybb->get_input('username')); } else { $username = '';
} $plugins->run_hooks("usercp_changename_end");	} $plugins->run_hooks("usercp_changename_end");
Zeile 1403	Zeile 1473
{ $new_notification = 0; }	{ $new_notification = 0; }
else if($mybb->get_input('do') == "email_notification")	elseif($mybb->get_input('do') == "email_notification")
{ $new_notification = 1; }	{ $new_notification = 1; }
else if($mybb->get_input('do') == "pm_notification")	elseif($mybb->get_input('do') == "pm_notification")
{ $new_notification = 2; }	{ $new_notification = 2; }
Zeile 1440	Zeile 1510
WHERE ts.uid = '".$mybb->user['uid']."' AND t.visible >= 0 {$visible} "); $threadcount = $db->fetch_field($query, "threads");	WHERE ts.uid = '".$mybb->user['uid']."' AND t.visible >= 0 {$visible} "); $threadcount = $db->fetch_field($query, "threads");
if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1) { $mybb->settings['threadsperpage'] = 20; } $perpage = $mybb->settings['threadsperpage']; $page = $mybb->get_input('page', MyBB::INPUT_INT); if($page > 0)	if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1) { $mybb->settings['threadsperpage'] = 20; } $perpage = $mybb->settings['threadsperpage']; $page = $mybb->get_input('page', MyBB::INPUT_INT); if($page > 0)
{ $start = ($page-1) * $perpage; $pages = $threadcount / $perpage;	{ $start = ($page-1) * $perpage; $pages = $threadcount / $perpage;
Zeile 1494	Zeile 1564
// Hmm, you don't have permission to view this thread - unsubscribe! $del_subscriptions[] = $subscription['sid']; }	// Hmm, you don't have permission to view this thread - unsubscribe! $del_subscriptions[] = $subscription['sid']; }
else if($subscription['tid'])	elseif($subscription['tid'])
{ $subscriptions[$subscription['tid']] = $subscription; }	{ $subscriptions[$subscription['tid']] = $subscription; }
Zeile 1551	Zeile 1621
{ $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while($readthread = $db->fetch_array($query))	{ $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while($readthread = $db->fetch_array($query))
{	{
$subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline']; } } $icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes();	$subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline']; } } $icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes();

$threads = ''; // Now we can build our subscription list	$threads = ''; // Now we can build our subscription list
Zeile 1583	Zeile 1653
// Build our links $thread['threadlink'] = get_thread_link($thread['tid']); $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost");	// Build our links $thread['threadlink'] = get_thread_link($thread['tid']); $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost");

// Fetch the thread icon if we have one if($thread['icon'] > 0 && $icon_cache[$thread['icon']]) {	// Fetch the thread icon if we have one if($thread['icon'] > 0 && $icon_cache[$thread['icon']]) {
Zeile 1601	Zeile 1671
// Determine the folder $folder = ''; $folder_label = '';	// Determine the folder $folder = ''; $folder_label = '';

if(isset($thread['doticon'])) { $folder = "dot_";	if(isset($thread['doticon'])) { $folder = "dot_";
Zeile 1678	Zeile 1748
if($thread['closed'] == 1) {	if($thread['closed'] == 1) {
$folder .= "lock"; $folder_label .= $lang->icon_lock;	$folder .= "close"; $folder_label .= $lang->icon_close;
} $folder .= "folder";	} $folder .= "folder";
Zeile 1705	Zeile 1775
if($lastposteruid == 0) { $lastposterlink = $lastposter;	if($lastposteruid == 0) { $lastposterlink = $lastposter;
}	}
else { $lastposterlink = build_profile_link($lastposter, $lastposteruid);	else { $lastposterlink = build_profile_link($lastposter, $lastposteruid);
Zeile 1857	Zeile 1927
eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";"); output_page($forumsubscriptions);	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";"); output_page($forumsubscriptions);
	} if($mybb->input['action'] == "do_addsubscription" && $mybb->get_input('type') != "forum") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); $thread = get_thread($mybb->get_input('tid')); if(!$thread \|\| $thread['visible'] == -1) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread); } $forumpermissions = forum_permissions($thread['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission(); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_do_addsubscription"); add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT)); if($mybb->get_input('referrer')) { $mybb->input['referrer'] = $mybb->get_input('referrer'); if(my_strpos($mybb->input['referrer'], $mybb->settings['bburl'].'/') !== 0) { if(my_strpos($mybb->input['referrer'], '/') === 0) { $mybb->input['referrer'] = my_substr($mybb->input['url'], 1); } $url_segments = explode('/', $mybb->input['referrer']); $mybb->input['referrer'] = $mybb->settings['bburl'].'/'.end($url_segments); } $url = htmlspecialchars_uni($mybb->input['referrer']); } else { $url = get_thread_link($thread['tid']); } redirect($url, $lang->redirect_subscriptionadded); } if($mybb->input['action'] == "addsubscription") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum); } $forumpermissions = forum_permissions($forum['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0) { error_no_permission(); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_addsubscription_forum"); add_subscribed_forum($forum['fid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "index.php"; } redirect($url, $lang->redirect_forumsubscriptionadded); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread \|\| $thread['visible'] == -1) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread); } add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions"); add_breadcrumb($lang->nav_addsubscription); $forumpermissions = forum_permissions($thread['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission(); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); $referrer = ''; if($server_http_referer) { $referrer = $server_http_referer; } require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser; $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); $lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']); $notification_none_checked = $notification_email_checked = $notification_pm_checked = ''; if($mybb->user['subscriptionmethod'] == 1 \|\| $mybb->user['subscriptionmethod'] == 0) { $notification_none_checked = "checked=\"checked\""; } elseif($mybb->user['subscriptionmethod'] == 2) { $notification_email_checked = "checked=\"checked\""; } elseif($mybb->user['subscriptionmethod'] == 3) { $notification_pm_checked = "checked=\"checked\""; } // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_addsubscription_thread"); eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";"); output_page($add_subscription); exit; } } if($mybb->input['action'] == "removesubscription") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_forum"); remove_subscribed_forum($forum['fid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionremoved); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_thread"); remove_subscribed_thread($thread['tid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionremoved); } } if($mybb->input['action'] == "removesubscriptions") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->get_input('type') == "forum") { // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscriptions_forum"); $db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'"); if($server_http_referer) { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionsremoved); } else { // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscriptions_thread"); $db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'"); if($server_http_referer) { $url = $server_http_referer; } else { $url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionsremoved); }
} if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")	} if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
Zeile 1930	Zeile 2261
// Usergroup has no permission to use this facility error_no_permission(); }	// Usergroup has no permission to use this facility error_no_permission(); }
else if($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])	elseif($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])
{ // Usergroup can use this facility, but only after x posts error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));	{ // Usergroup can use this facility, but only after x posts error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));
Zeile 2080	Zeile 2411
} // Because Gravatars are square, hijack the width	} // Because Gravatars are square, hijack the width
list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));	list($maxwidth, $maxheight) = preg_split('/[\|x]/', my_strtolower($mybb->settings['maxavatardims']));
$maxheight = (int)$maxwidth; // Rating?	$maxheight = (int)$maxwidth; // Rating?
Zeile 2138	Zeile 2469
{ if($width && $height && $mybb->settings['maxavatardims'] != "") {	{ if($width && $height && $mybb->settings['maxavatardims'] != "") {
list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));	list($maxwidth, $maxheight) = preg_split('/[\|x]/', my_strtolower($mybb->settings['maxavatardims']));
if(($maxwidth && $width > $maxwidth) \|\| ($maxheight && $height > $maxheight)) { $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);	if(($maxwidth && $width > $maxwidth) \|\| ($maxheight && $height > $maxheight)) { $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
Zeile 2201	Zeile 2532
if($mybb->settings['maxavatardims'] != "") {	if($mybb->settings['maxavatardims'] != "") {
list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));	list($maxwidth, $maxheight) = preg_split('/[\|x]/', my_strtolower($mybb->settings['maxavatardims']));
$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight); }	$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight); }
Zeile 2218	Zeile 2549
{ eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";"); }	{ eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";"); }
else if($mybb->settings['avatarresizing'] == "user")	elseif($mybb->settings['avatarresizing'] == "user")
{ eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";"); }	{ eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";"); }
Zeile 2374	Zeile 2705
$user = get_user($request['uid']); if(!empty($user))	$user = get_user($request['uid']); if(!empty($user))
{ $db->delete_query('buddyrequests', 'id='.(int)$request['id']);	{ $db->delete_query('buddyrequests', 'id='.(int)$request['id']);
} else {	} else {
Zeile 2651	Zeile 2982
} // Removing a user from this list	} // Removing a user from this list
else if($mybb->get_input('delete', MyBB::INPUT_INT))	elseif($mybb->get_input('delete', MyBB::INPUT_INT))
{ // Check if user exists on the list $key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);	{ // Check if user exists on the list $key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);
Zeile 2771	Zeile 3102
if($new_list == "") { echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";	if($new_list == "") { echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";
	echo "\$(\"#buddylink\").remove();\n";
if($mybb->get_input('manage') == "ignored") { echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";	if($mybb->get_input('manage') == "ignored") { echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";
Zeile 3166	Zeile 3499
$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'"); $joinrequest = $db->fetch_array($query);	$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'"); $joinrequest = $db->fetch_array($query);

if($joinrequest['rid'])	if($joinrequest['rid'])
{	{
error($lang->already_sent_join_request); }	error($lang->already_sent_join_request); }

if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4) {	if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4) {
	$reasonlength = my_strlen($mybb->get_input('reason')); if($reasonlength > 250) // Reason field is varchar(250) in database { error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250))); }
$now = TIME_NOW; $joinrequest = array( "uid" => $mybb->user['uid'],	$now = TIME_NOW; $joinrequest = array( "uid" => $mybb->user['uid'],
Zeile 3470	Zeile 3812
error($lang->attachments_disabled); }	error($lang->attachments_disabled); }
$attachments = '';	// Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(true); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)"; } $attachments = ''; $query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'"); $usage = $db->fetch_array($query); $totalattachments = $usage['acount'];
// Pagination if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)	// Pagination if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)
Zeile 3484	Zeile 3843
if($page > 0) { $start = ($page-1) * $perpage;	if($page > 0) { $start = ($page-1) * $perpage;
	$pages = ceil($totalattachments / $perpage); if($page > $pages) { $start = 0; $page = 1; }
} else {	} else {
Zeile 3499	Zeile 3864
FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)	FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE a.uid='".$mybb->user['uid']."'	WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}
ORDER BY p.dateline DESC LIMIT {$start}, {$perpage} ");	ORDER BY p.dateline DESC LIMIT {$start}, {$perpage} ");
Zeile 3534	Zeile 3899
} }	} }
$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'"); $usage = $db->fetch_array($query);
$totalusage = $usage['ausage'];	$totalusage = $usage['ausage'];
$totalattachments = $usage['acount']; $friendlyusage = get_friendly_size($totalusage);	$friendlyusage = get_friendly_size((int)$totalusage);
if($mybb->usergroup['attachquota']) {	if($mybb->usergroup['attachquota']) {
$percent = round(($totalusage/($mybb->usergroup['attachquota']1024))100)."%";	$percent = round(($totalusage/($mybb->usergroup['attachquota']1024))100); $friendlyusage .= $lang->sprintf($lang->attachments_usage_percent, $percent);
$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);	$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments); }	$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $totalattachments); }
else {	else {
$percent = $lang->unlimited;
$attachquota = $lang->unlimited; $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);	$attachquota = $lang->unlimited; $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);
}	}
$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments"); $bandwidth = get_friendly_size($bandwidth);	$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments"); $bandwidth = get_friendly_size($bandwidth);

if(!$attachments) { eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); $usagenote = '';	if(!$attachments) { eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); $usagenote = '';
} $plugins->run_hooks("usercp_attachments_end");	} $plugins->run_hooks("usercp_attachments_end");
eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";"); output_page($manageattachments); }	eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";"); output_page($manageattachments); }

if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post") { // Verify incoming POST request	if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post") { // Verify incoming POST request
Zeile 3578	Zeile 3940
{ error($lang->no_attachments_selected); }	{ error($lang->no_attachments_selected); }
	// Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(true); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND p.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)"; }
$aids = implode(',', array_map('intval', $mybb->input['attachments']));	$aids = implode(',', array_map('intval', $mybb->input['attachments']));
$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");	$query = $db->query(" SELECT a.*, p.fid FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) WHERE aid IN ({$aids}) AND a.uid={$mybb->user['uid']} {$f_perm_sql} ");
while($attachment = $db->fetch_array($query)) { remove_attachment($attachment['pid'], '', $attachment['aid']);	while($attachment = $db->fetch_array($query)) { remove_attachment($attachment['pid'], '', $attachment['aid']);
Zeile 3653	Zeile 4036
{ $reputation_link = get_reputation($mybb->user['reputation']); eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");	{ $reputation_link = get_reputation($mybb->user['reputation']); eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");
}	}
$latest_warnings = ''; if($mybb->settings['enablewarningsystem'] != 0 && $mybb->settings['canviewownwarning'] != 0)	$latest_warnings = ''; if($mybb->settings['enablewarningsystem'] != 0 && $mybb->settings['canviewownwarning'] != 0)
Zeile 3760	Zeile 4143
if($mybb->settings['usereferrals'] == 1) { $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);	if($mybb->settings['usereferrals'] == 1) { $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);
	$referral_count = (int) $mybb->user['referrals']; if($referral_count > 0) { $uid = (int) $mybb->user['uid']; eval("\$mybb->user['referrals'] = \"".$templates->get('member_referrals_link')."\";"); }
eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";"); }	eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";"); }
Zeile 3837	Zeile 4228
foreach($subscriptions as $thread) {	foreach($subscriptions as $thread) {
	$plugins->run_hooks("usercp_thread_subscriptions_thread");
$folder = ''; $folder_label = ''; $gotounread = '';	$folder = ''; $folder_label = ''; $gotounread = '';
Zeile 4029	Zeile 4421
$latest_threads_threads = ''; foreach($threadcache as $thread) {	$latest_threads_threads = ''; foreach($threadcache as $thread) {
	$plugins->run_hooks("usercp_latest_threads_thread");
if($thread['tid']) { $bgcolor = alt_trow();	if($thread['tid']) { $bgcolor = alt_trow();
Zeile 4145	Zeile 4538
if($thread['closed'] == 1) {	if($thread['closed'] == 1) {
$folder .= "lock"; $folder_label .= $lang->icon_lock;	$folder .= "close"; $folder_label .= $lang->icon_close;
} $folder .= "folder";	} $folder .= "folder";