Vergleich inc/functions.php - 1.8.21 - 1.8.23

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 224	Zeile 224
// Loop through and run them all foreach($shutdown_queries as $query) {	// Loop through and run them all foreach($shutdown_queries as $query) {
$db->query($query);	$db->write_query($query);
} }	} }
Zeile 610	Zeile 610
} /**	} /**
* Generates a unique code for POST requests to prevent XSS/CSRF attacks	* Generates a code for POST requests to prevent XSS/CSRF attacks. * Unique for each user or guest session and rotated every 6 hours.
*	*
	* @param int $rotation_shift Adjustment of the rotation number to generate a past/future code
* @return string The generated code */	* @return string The generated code */
function generate_post_check()	function generate_post_check($rotation_shift=0)
{ global $mybb, $session;	{ global $mybb, $session;
	$rotation_interval = 6 * 3600; $rotation = floor(TIME_NOW / $rotation_interval) + $rotation_shift; $seed = $rotation;
if($mybb->user['uid'])	if($mybb->user['uid'])
{ return md5($mybb->user['loginkey'].$mybb->user['salt'].$mybb->user['regdate']); } // Guests get a special string	{ $seed .= $mybb->user['loginkey'].$mybb->user['salt'].$mybb->user['regdate']; }
else {	else {
return md5($session->sid.$mybb->config['database']['username'].$mybb->settings['internal']['encryption_key']);	$seed .= $session->sid;
}	}
	$seed .= $mybb->settings['internal']['encryption_key']; return md5($seed);
} /**	} /**
* Verifies a POST check code is valid, if not shows an error (silently returns false on silent parameter)	* Verifies a POST check code is valid (i.e. generated using a rotation number from the past 24 hours)
* * @param string $code The incoming POST check code	* * @param string $code The incoming POST check code
* @param boolean $silent Silent mode or not (silent mode will not show the error to the user but returns false) * @return bool	* @param boolean $silent Don't show an error to the user * @return bool\|void Result boolean if $silent is true, otherwise shows an error to the user
*/ function verify_post_check($code, $silent=false) { global $lang;	*/ function verify_post_check($code, $silent=false) { global $lang;
if(generate_post_check() !== $code)	if( generate_post_check() !== $code && generate_post_check(-1) !== $code && generate_post_check(-2) !== $code && generate_post_check(-3) !== $code )
{ if($silent == true) {	{ if($silent == true) {
Zeile 664	Zeile 680
/** * Return a parent list for the specified forum.	/** * Return a parent list for the specified forum.
*	*
* @param int $fid The forum id to get the parent list for. * @return string The comma-separated parent list. */	* @param int $fid The forum id to get the parent list for. * @return string The comma-separated parent list. */
Zeile 678	Zeile 694
return $forumarraycache[$fid]['parentlist']; } elseif($forum_cache[$fid])	return $forumarraycache[$fid]['parentlist']; } elseif($forum_cache[$fid])
{	{
return $forum_cache[$fid]['parentlist']; } else	return $forum_cache[$fid]['parentlist']; } else
Zeile 733	Zeile 749
{ $forum_cache = $cache->read("forums", 1); return $forum_cache;	{ $forum_cache = $cache->read("forums", 1); return $forum_cache;
}	}
if(!$forum_cache) { $forum_cache = $cache->read("forums");	if(!$forum_cache) { $forum_cache = $cache->read("forums");
Zeile 745	Zeile 761
} } return $forum_cache;	} } return $forum_cache;
} /**	} /**
* Generate an array of all child and descendant forums for a specific forum. * * @param int $fid The forum ID	* Generate an array of all child and descendant forums for a specific forum. * * @param int $fid The forum ID
Zeile 775	Zeile 791
} foreach($forums_by_parent[$fid] as $forum)	} foreach($forums_by_parent[$fid] as $forum)
{ $forums[] = $forum['fid'];	{ $forums[] = (int)$forum['fid'];
$children = get_child_list($forum['fid']); if(is_array($children)) {	$children = get_child_list($forum['fid']); if(is_array($children)) {
Zeile 844	Zeile 860
} if(!is_array($errors))	} if(!is_array($errors))
{	{
$errors = array($errors); }	$errors = array($errors); }
Zeile 870	Zeile 886
foreach($errors as $error) { eval("\$errorlist .= \"".$templates->get("error_inline_item")."\";");	foreach($errors as $error) { eval("\$errorlist .= \"".$templates->get("error_inline_item")."\";");
} eval("\$errors = \"".$templates->get("error_inline")."\";");	} eval("\$errors = \"".$templates->get("error_inline")."\";");
return $errors; }	return $errors; }

/** * Presents the user with a "no permission" page */	/** * Presents the user with a "no permission" page */
Zeile 886	Zeile 902
$time = TIME_NOW; $plugins->run_hooks("no_permission");	$time = TIME_NOW; $plugins->run_hooks("no_permission");

$noperm_array = array ( "nopermission" => '1', "location1" => 0,	$noperm_array = array ( "nopermission" => '1', "location1" => 0,
Zeile 955	Zeile 971
$redirect_args = array('url' => &$url, 'message' => &$message, 'title' => &$title); $plugins->run_hooks("redirect", $redirect_args);	$redirect_args = array('url' => &$url, 'message' => &$message, 'title' => &$title); $plugins->run_hooks("redirect", $redirect_args);

if($mybb->get_input('ajax', MyBB::INPUT_INT)) { // Send our headers.	if($mybb->get_input('ajax', MyBB::INPUT_INT)) { // Send our headers.
Zeile 1031	Zeile 1047
*/ function multipage($count, $perpage, $page, $url, $breadcrumb=false) {	*/ function multipage($count, $perpage, $page, $url, $breadcrumb=false) {
global $theme, $templates, $lang, $mybb;	global $theme, $templates, $lang, $mybb, $plugins;
if($count <= $perpage) { return '';	if($count <= $perpage) { return '';
} $page = (int)$page;	} $args = array( 'count' => &$count, 'perpage' => &$perpage, 'page' => &$page, 'url' => &$url, 'breadcrumb' => &$breadcrumb, ); $plugins->run_hooks('multipage', $args); $page = (int)$page;
$url = str_replace("&", "&", $url); $url = htmlspecialchars_uni($url);	$url = str_replace("&", "&", $url); $url = htmlspecialchars_uni($url);
Zeile 1066	Zeile 1091
{ $from = 1; $to = $from+$mybb->settings['maxmultipagelinks']-1;	{ $from = 1; $to = $from+$mybb->settings['maxmultipagelinks']-1;
}	}
if($to > $pages) {	if($to > $pages) {
Zeile 1287	Zeile 1312
} foreach($groupscache[$gid] as $perm => $access)	} foreach($groupscache[$gid] as $perm => $access)
{	{
if(!in_array($perm, $grouppermignore)) { if(isset($usergroup[$perm]))	if(!in_array($perm, $grouppermignore)) { if(isset($usergroup[$perm]))
{	{
$permbit = $usergroup[$perm];	$permbit = $usergroup[$perm];
}	}
else { $permbit = "";	else { $permbit = "";
Zeile 1301	Zeile 1326
// 0 represents unlimited for numerical group permissions (i.e. private message limit) so take that into account. if(in_array($perm, $groupzerogreater) && ($access == 0 \|\| $permbit === 0))	// 0 represents unlimited for numerical group permissions (i.e. private message limit) so take that into account. if(in_array($perm, $groupzerogreater) && ($access == 0 \|\| $permbit === 0))
{	{
$usergroup[$perm] = 0; continue;	$usergroup[$perm] = 0; continue;
}	}
if($access > $permbit \|\| ($access == "yes" && $permbit == "no") \|\| !$permbit) // Keep yes/no for compatibility? { $usergroup[$perm] = $access;	if($access > $permbit \|\| ($access == "yes" && $permbit == "no") \|\| !$permbit) // Keep yes/no for compatibility? { $usergroup[$perm] = $access;
Zeile 1315	Zeile 1340
} return $usergroup;	} return $usergroup;
}	}
/** * Fetch the display group properties for a specific display group	/** * Fetch the display group properties for a specific display group
Zeile 1383	Zeile 1408
} if(!is_array($forum_cache))	} if(!is_array($forum_cache))
{ $forum_cache = cache_forums();	{ $forum_cache = cache_forums();
if(!$forum_cache) { return false; }	if(!$forum_cache) { return false; }
}	}
if(!is_array($fpermcache)) {	if(!is_array($fpermcache)) {
Zeile 1398	Zeile 1423
} if($fid) // Fetch the permissions for a single forum	} if($fid) // Fetch the permissions for a single forum
{	{
if(empty($cached_forum_permissions_permissions[$gid][$fid]))	if(empty($cached_forum_permissions_permissions[$gid][$fid]))
{	{
$cached_forum_permissions_permissions[$gid][$fid] = fetch_forum_permissions($fid, $gid, $groupperms); } return $cached_forum_permissions_permissions[$gid][$fid];	$cached_forum_permissions_permissions[$gid][$fid] = fetch_forum_permissions($fid, $gid, $groupperms); } return $cached_forum_permissions_permissions[$gid][$fid];
Zeile 1412	Zeile 1437
foreach($forum_cache as $forum) { $cached_forum_permissions[$gid][$forum['fid']] = fetch_forum_permissions($forum['fid'], $gid, $groupperms);	foreach($forum_cache as $forum) { $cached_forum_permissions[$gid][$forum['fid']] = fetch_forum_permissions($forum['fid'], $gid, $groupperms);
}	}
} return $cached_forum_permissions[$gid]; }	} return $cached_forum_permissions[$gid]; }
Zeile 1481	Zeile 1506
} if($level_permissions["canview"] && empty($level_permissions["canonlyviewownthreads"]))	} if($level_permissions["canview"] && empty($level_permissions["canonlyviewownthreads"]))
{	{
$only_view_own_threads = 0; }	$only_view_own_threads = 0; }
Zeile 1509	Zeile 1534
$current_permissions = $groupperms; } return $current_permissions;	$current_permissions = $groupperms; } return $current_permissions;
	} /** * Check whether password for given forum was validated for the current user * * @param array $forum The forum data * @param bool $ignore_empty Whether to treat forum password configured as an empty string as validated * @param bool $check_parents Whether to check parent forums using `parentlist` * @return bool */ function forum_password_validated($forum, $ignore_empty=false, $check_parents=false) { global $mybb, $forum_cache; if($check_parents && isset($forum['parentlist'])) { if(!is_array($forum_cache)) { $forum_cache = cache_forums(); if(!$forum_cache) { return false; } } $parents = explode(',', $forum['parentlist']); rsort($parents); foreach($parents as $parent_id) { if($parent_id != $forum['fid'] && !forum_password_validated($forum_cache[$parent_id], true)) { return false; } } } return ($ignore_empty && $forum['password'] === '') \|\| ( isset($mybb->cookies['forumpass'][$forum['fid']]) && my_hash_equals( md5($mybb->user['uid'].$forum['password']), $mybb->cookies['forumpass'][$forum['fid']] ) );
} /**	} /**
Zeile 1549	Zeile 1618
continue; }	continue; }
if($forum_cache[$parent_id]['password'] != "")	if($forum_cache[$parent_id]['password'] !== "")
{ check_forum_password($parent_id, $fid); } } }	{ check_forum_password($parent_id, $fid); } } }
if(!empty($forum_cache[$fid]['password']))	if($forum_cache[$fid]['password'] !== '')
{	{
$password = $forum_cache[$fid]['password'];
if(isset($mybb->input['pwverify']) && $pid == 0) {	if(isset($mybb->input['pwverify']) && $pid == 0) {
if($password === $mybb->get_input('pwverify'))	if(my_hash_equals($forum_cache[$fid]['password'], $mybb->get_input('pwverify')))
{ my_setcookie("forumpass[$fid]", md5($mybb->user['uid'].$mybb->get_input('pwverify')), null, true); $showform = false;	{ my_setcookie("forumpass[$fid]", md5($mybb->user['uid'].$mybb->get_input('pwverify')), null, true); $showform = false;
Zeile 1574	Zeile 1642
} else {	} else {
if(!$mybb->cookies['forumpass'][$fid] \|\| ($mybb->cookies['forumpass'][$fid] && md5($mybb->user['uid'].$password) !== $mybb->cookies['forumpass'][$fid]))	if(!forum_password_validated($forum_cache[$fid]))
{ $showform = true; }	{ $showform = true; }
Zeile 1803	Zeile 1871
} } }	} } }
	} /** * Get an array of fids that the forum moderator has access to. * Do not use for administraotrs or global moderators as they moderate any forum and the function will return false. * * @param int $uid The user ID (0 assumes current user) * @return array\|bool an array of the fids the user has moderator access to or bool if called incorrectly. */ function get_moderated_fids($uid=0) { global $mybb, $cache; if($uid == 0) { $uid = $mybb->user['uid']; } if($uid == 0) { return array(); } $user_perms = user_permissions($uid); if($user_perms['issupermod'] == 1) { return false; } $fids = array(); $modcache = $cache->read('moderators'); if(!empty($modcache)) { $groups = explode(',', $user_perms['all_usergroups']); foreach($modcache as $fid => $forum) { if(isset($forum['users'][$uid]) && $forum['users'][$uid]['mid']) { $fids[] = $fid; continue; } foreach($groups as $group) { if(trim($group) != '' && isset($forum['usergroups'][$group])) { $fids[] = $fid; } } } } return $fids;
} /**	} /**
Zeile 2122	Zeile 2246
} // missing array value	} // missing array value
return false;	return false;
case 2: // in array, expecting end of array or a key if($type == '}')	case 2: // in array, expecting end of array or a key if($type == '}')
Zeile 2331	Zeile 2455
if(!is_numeric($serverload[0])) { if($mybb->safemode)	if(!is_numeric($serverload[0])) { if($mybb->safemode)
{ return $lang->unknown; }	{ return $lang->unknown; }
// Suhosin likes to throw a warning if exec is disabled then die - weird if($func_blacklist = @ini_get('suhosin.executor.func.blacklist')) {	// Suhosin likes to throw a warning if exec is disabled then die - weird if($func_blacklist = @ini_get('suhosin.executor.func.blacklist')) {
Zeile 2359	Zeile 2483
{ return $lang->unknown; }	{ return $lang->unknown; }
} } else	} } else
{ return $lang->unknown; }	{ return $lang->unknown; }
Zeile 2438	Zeile 2562
$new_stats = array(); $counters = array('numthreads', 'numunapprovedthreads', 'numposts', 'numunapprovedposts', 'numusers', 'numdeletedposts', 'numdeletedthreads');	$new_stats = array(); $counters = array('numthreads', 'numunapprovedthreads', 'numposts', 'numunapprovedposts', 'numusers', 'numdeletedposts', 'numdeletedthreads');
foreach($counters as $counter) {	foreach($counters as $counter) {
if(array_key_exists($counter, $changes)) { if(substr($changes[$counter], 0, 2) == "+-")	if(array_key_exists($counter, $changes)) { if(substr($changes[$counter], 0, 2) == "+-")
Zeile 2649	Zeile 2773
else { $new_stats['numdeletedthreads'] = "{$deletedthreads_diff}";	else { $new_stats['numdeletedthreads'] = "{$deletedthreads_diff}";
} }	} }
if(!empty($new_stats)) {	if(!empty($new_stats)) {
Zeile 2901	Zeile 3025
* @return bool */ function delete_post($pid)	* @return bool */ function delete_post($pid)
{	{
global $moderation; if(!is_object($moderation))	global $moderation; if(!is_object($moderation))
Zeile 2995	Zeile 3119
$template = "advanced"; if(strpos(FORUM_URL, '.html') !== false)	$template = "advanced"; if(strpos(FORUM_URL, '.html') !== false)
{	{
$forum_link = "'".str_replace('{fid}', "'+option+'", FORUM_URL)."'"; } else	$forum_link = "'".str_replace('{fid}', "'+option+'", FORUM_URL)."'"; } else
Zeile 3027	Zeile 3151
* @param int $length The length of the string to generate. * @param bool $complex Whether to return complex string. Defaults to false * @return string The random string.	* @param int $length The length of the string to generate. * @param bool $complex Whether to return complex string. Defaults to false * @return string The random string.
*/	*/
function random_str($length=8, $complex=false) { $set = array_merge(range(0, 9), range('A', 'Z'), range('a', 'z'));	function random_str($length=8, $complex=false) { $set = array_merge(range(0, 9), range('A', 'Z'), range('a', 'z'));
Zeile 3405	Zeile 3529
} if($mybb->settings['allowcolormycode'] == 1)	} if($mybb->settings['allowcolormycode'] == 1)
{	{
$color = "color,";	$color = "color,";
}	}
if($mybb->settings['allowfontmycode'] == 1 \|\| $mybb->settings['allowsizemycode'] == 1 \|\| $mybb->settings['allowcolormycode'] == 1) { $removeformat = "removeformat\|";	if($mybb->settings['allowfontmycode'] == 1 \|\| $mybb->settings['allowsizemycode'] == 1 \|\| $mybb->settings['allowcolormycode'] == 1) { $removeformat = "removeformat\|";
}	}
if($mybb->settings['allowemailmycode'] == 1) {	if($mybb->settings['allowemailmycode'] == 1) {
Zeile 3420	Zeile 3544
} if($mybb->settings['allowlinkmycode'] == 1)	} if($mybb->settings['allowlinkmycode'] == 1)
{	{
$link = "link,unlink"; }	$link = "link,unlink"; }
Zeile 3467	Zeile 3591
// Return user default if no thread id available, in case if(!(int)$tid \|\| (int)$tid <= 0)	// Return user default if no thread id available, in case if(!(int)$tid \|\| (int)$tid <= 0)
{	{
return $subscription_methods[$subscription_method];	return $subscription_methods[$subscription_method];
}	}
// If method not predefined set using data from database if(isset($postoptions['subscriptionmethod']))	// If method not predefined set using data from database if(isset($postoptions['subscriptionmethod']))
{	{
$method = trim($postoptions['subscriptionmethod']); return (in_array($method, $subscription_methods)) ? $method : $subscription_methods[0]; }	$method = trim($postoptions['subscriptionmethod']); return (in_array($method, $subscription_methods)) ? $method : $subscription_methods[0]; }
Zeile 3483	Zeile 3607
$query = $db->simple_select("threadsubscriptions", "tid, notification", "tid='".(int)$tid."' AND uid='".$mybb->user['uid']."'", array('limit' => 1)); $subscription = $db->fetch_array($query);	$query = $db->simple_select("threadsubscriptions", "tid, notification", "tid='".(int)$tid."' AND uid='".$mybb->user['uid']."'", array('limit' => 1)); $subscription = $db->fetch_array($query);

if($subscription['tid']) { $subscription_method = (int)$subscription['notification'] + 1;	if($subscription['tid']) { $subscription_method = (int)$subscription['notification'] + 1;
Zeile 3515	Zeile 3639
if(!is_array($smilie_cache)) { $smilie_cache = $cache->read("smilies");	if(!is_array($smilie_cache)) { $smilie_cache = $cache->read("smilies");
}	}
foreach($smilie_cache as $smilie)	foreach($smilie_cache as $smilie)
{	{
$smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); $smiliecache[$smilie['sid']] = $smilie; }	$smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); $smiliecache[$smilie['sid']] = $smilie; }
Zeile 3531	Zeile 3655
$getmore = ''; if($mybb->settings['smilieinsertertot'] >= $smiliecount)	$getmore = ''; if($mybb->settings['smilieinsertertot'] >= $smiliecount)
{	{
$mybb->settings['smilieinsertertot'] = $smiliecount; } else if($mybb->settings['smilieinsertertot'] < $smiliecount)	$mybb->settings['smilieinsertertot'] = $smiliecount; } else if($mybb->settings['smilieinsertertot'] < $smiliecount)
Zeile 3594	Zeile 3718
} return $clickablesmilies;	} return $clickablesmilies;
}	}
/** * Builds thread prefixes and returns a selected prefix (or all) *	/** * Builds thread prefixes and returns a selected prefix (or all) *
Zeile 3610	Zeile 3734
if(is_array($prefixes_cache)) { if($pid > 0 && is_array($prefixes_cache[$pid]))	if(is_array($prefixes_cache)) { if($pid > 0 && is_array($prefixes_cache[$pid]))
{	{
return $prefixes_cache[$pid]; }	return $prefixes_cache[$pid]; }
Zeile 3658	Zeile 3782
* @return string The thread prefix selection menu */ function build_prefix_select($fid, $selected_pid=0, $multiple=0, $previous_pid=0)	* @return string The thread prefix selection menu */ function build_prefix_select($fid, $selected_pid=0, $multiple=0, $previous_pid=0)
{ global $cache, $db, $lang, $mybb, $templates;	{ global $cache, $db, $lang, $mybb, $templates;
if($fid != 'all')	if($fid != 'all')
{	{
$fid = (int)$fid; }	$fid = (int)$fid; }
Zeile 3670	Zeile 3794
if(empty($prefix_cache)) { // We've got no prefixes to show	if(empty($prefix_cache)) { // We've got no prefixes to show
return '';	return '';
} // Go through each of our prefixes and decide which ones we can use	} // Go through each of our prefixes and decide which ones we can use
Zeile 3690	Zeile 3814
} if(is_member($prefix['groups']) \|\| $prefix['pid'] == $previous_pid)	} if(is_member($prefix['groups']) \|\| $prefix['pid'] == $previous_pid)
{	{
// The current user can use this prefix $prefixes[$prefix['pid']] = $prefix; }	// The current user can use this prefix $prefixes[$prefix['pid']] = $prefix; }
}	}
if(empty($prefixes)) { return '';	if(empty($prefixes)) { return '';
}	}
$prefixselect = $prefixselect_prefix = ''; if($multiple == 1)	$prefixselect = $prefixselect_prefix = ''; if($multiple == 1)
Zeile 3709	Zeile 3833
if($selected_pid == 'any') { $any_selected = " selected=\"selected\"";	if($selected_pid == 'any') { $any_selected = " selected=\"selected\"";
} }	} }
$default_selected = ""; if(((int)$selected_pid == 0) && $selected_pid != 'any')	$default_selected = ""; if(((int)$selected_pid == 0) && $selected_pid != 'any')
Zeile 3737	Zeile 3861
else { eval("\$prefixselect = \"".$templates->get("post_prefixselect_single")."\";");	else { eval("\$prefixselect = \"".$templates->get("post_prefixselect_single")."\";");
} return $prefixselect;	} return $prefixselect;
} /**	} /**
Zeile 4050	Zeile 4174
if(my_inet_ntop(my_inet_pton($val)) == $val && !preg_match("#^(10\.\|172\.(1[6-9]\|2[0-9]\|3[0-1])\.\|192\.168\.\|fe80:\|fe[c-f][0-f]:\|f[c-d][0-f]{2}:)#", $val)) { $ip = $val;	if(my_inet_ntop(my_inet_pton($val)) == $val && !preg_match("#^(10\.\|172\.(1[6-9]\|2[0-9]\|3[0-1])\.\|192\.168\.\|fe80:\|fe[c-f][0-f]:\|f[c-d][0-f]{2}:)#", $val)) { $ip = $val;
break; } } } }	break; } } } }
if(!$ip) {	if(!$ip) {
Zeile 4084	Zeile 4208
global $lang; if(!is_numeric($size))	global $lang; if(!is_numeric($size))
{	{
return $lang->na; }	return $lang->na; }
Zeile 4131	Zeile 4255
elseif($size == 0) { $size = "0 ".$lang->size_bytes;	elseif($size == 0) { $size = "0 ".$lang->size_bytes;
} else {	} else {
$size = my_number_format($size)." ".$lang->size_bytes; }	$size = my_number_format($size)." ".$lang->size_bytes; }
Zeile 4265	Zeile 4389
$permissioncache = forum_permissions(); }	$permissioncache = forum_permissions(); }
$password_forums = $unviewable = array();	$unviewable = array();
foreach($forum_cache as $fid => $forum) { if($permissioncache[$forum['fid']])	foreach($forum_cache as $fid => $forum) { if($permissioncache[$forum['fid']])
Zeile 4279	Zeile 4403
$pwverified = 1;	$pwverified = 1;
if($forum['password'] != "")	if(!forum_password_validated($forum, true))
{	{
if($mybb->cookies['forumpass'][$forum['fid']] !== md5($mybb->user['uid'].$forum['password'])) { $pwverified = 0; } $password_forums[$forum['fid']] = $forum['password'];	$pwverified = 0;
} else {	} else {
Zeile 4294	Zeile 4414
$parents = explode(",", $forum['parentlist']); foreach($parents as $parent) {	$parents = explode(",", $forum['parentlist']); foreach($parents as $parent) {
if(isset($password_forums[$parent]) && $mybb->cookies['forumpass'][$parent] !== md5($mybb->user['uid'].$password_forums[$parent]))	if(!forum_password_validated($forum_cache[$parent], true))
{ $pwverified = 0;	{ $pwverified = 0;
	break;
} } }	} } }
Zeile 4696	Zeile 4817
if($mybb->settings['nocacheheaders'] == 1) {	if($mybb->settings['nocacheheaders'] == 1) {
header("Expires: Sat, 1 Jan 2000 01:00:00 GMT"); header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache");	header("Cache-Control: no-cache, private");
} }	} }
Zeile 5027	Zeile 5145
global $db, $mybb, $cache; $user = get_user($uid);	global $db, $mybb, $cache; $user = get_user($uid);
	if($user['usergroup'] == $leavegroup) { return false; }
$groupslist = $comma = ''; $usergroups = $user['additionalgroups'].","; $donegroup = array();	$groupslist = $comma = ''; $usergroups = $user['additionalgroups'].","; $donegroup = array();

$groups = explode(",", $user['additionalgroups']); if(is_array($groups))	$groups = explode(",", $user['additionalgroups']); if(is_array($groups))
Zeile 5043	Zeile 5166
$groupslist .= $comma.$gid; $comma = ","; $donegroup[$gid] = 1;	$groupslist .= $comma.$gid; $comma = ","; $donegroup[$gid] = 1;
}	}
}	}
}	}
$dispupdate = ""; if($leavegroup == $user['displaygroup'])	$dispupdate = ""; if($leavegroup == $user['displaygroup'])
Zeile 5058	Zeile 5181
SET additionalgroups='$groupslist' $dispupdate WHERE uid='".(int)$uid."' ");	SET additionalgroups='$groupslist' $dispupdate WHERE uid='".(int)$uid."' ");

$cache->update_moderators(); }	$cache->update_moderators(); }
Zeile 5066	Zeile 5189
* Get the current location taking in to account different web serves and systems * * @param boolean $fields True to return as "hidden" fields	* Get the current location taking in to account different web serves and systems * * @param boolean $fields True to return as "hidden" fields
* @param array $ignore Array of fields to ignore if first argument is true	* @param array $ignore Array of fields to ignore for returning "hidden" fields or URL being accessed
* @param boolean $quick True to skip all inputs and return only the file path part of the URL	* @param boolean $quick True to skip all inputs and return only the file path part of the URL
* @return string The current URL being accessed	* @return string\|array The current URL being accessed or form data if $fields is true
*/ function get_current_location($fields=false, $ignore=array(), $quick=false) {	*/ function get_current_location($fields=false, $ignore=array(), $quick=false) {
	global $mybb;
if(defined("MYBB_LOCATION")) { return MYBB_LOCATION;	if(defined("MYBB_LOCATION")) { return MYBB_LOCATION;
}	}
if(!empty($_SERVER['SCRIPT_NAME'])) {	if(!empty($_SERVER['SCRIPT_NAME'])) {
Zeile 5090	Zeile 5215
$location = htmlspecialchars_uni($_ENV['PHP_SELF']); } elseif(!empty($_SERVER['PATH_INFO']))	$location = htmlspecialchars_uni($_ENV['PHP_SELF']); } elseif(!empty($_SERVER['PATH_INFO']))
{	{
$location = htmlspecialchars_uni($_SERVER['PATH_INFO']);	$location = htmlspecialchars_uni($_SERVER['PATH_INFO']);
}	}
else	else
{	{
$location = htmlspecialchars_uni($_ENV['PATH_INFO']);	$location = htmlspecialchars_uni($_ENV['PATH_INFO']);
}	}
if($quick) { return $location;	if($quick) { return $location;
	} if(!is_array($ignore)) { $ignore = array($ignore);
} if($fields == true)	} if($fields == true)
{ global $mybb; if(!is_array($ignore)) { $ignore = array($ignore); }	{
$form_html = ''; if(!empty($mybb->input))	$form_html = ''; if(!empty($mybb->input))
Zeile 5130	Zeile 5254
} else {	} else {
	$parameters = array();
if(isset($_SERVER['QUERY_STRING']))	if(isset($_SERVER['QUERY_STRING']))
{ $location .= "?".htmlspecialchars_uni($_SERVER['QUERY_STRING']); }	{ $current_query_string = $_SERVER['QUERY_STRING']; }
else if(isset($_ENV['QUERY_STRING']))	else if(isset($_ENV['QUERY_STRING']))
{ $location .= "?".htmlspecialchars_uni($_ENV['QUERY_STRING']); } if((isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == "POST") \|\| (isset($_ENV['REQUEST_METHOD']) && $_ENV['REQUEST_METHOD'] == "POST")) { $post_array = array('action', 'fid', 'pid', 'tid', 'uid', 'eid');	{ $current_query_string = $_ENV['QUERY_STRING']; } else { $current_query_string = ''; } parse_str($current_query_string, $current_parameters); foreach($current_parameters as $name => $value) { if(!in_array($name, $ignore)) { $parameters[$name] = $value; } } if($mybb->request_method === 'post') { $post_array = array('action', 'fid', 'pid', 'tid', 'uid', 'eid');
foreach($post_array as $var) {	foreach($post_array as $var) {
if(isset($_POST[$var]))	if(isset($_POST[$var]) && !in_array($var, $ignore))
{	{
$addloc[] = urlencode($var).'='.urlencode($_POST[$var]);	$parameters[$var] = $_POST[$var];
} }	} }
	}

if(isset($addloc) && is_array($addloc)) { if(strpos($location, "?") === false) { $location .= "?"; } else { $location .= "&"; } $location .= implode("&", $addloc); }	if(!empty($parameters)) { $location .= '?'.http_build_query($parameters, '', '&');
} return $location;	} return $location;
Zeile 5796	Zeile 5927
} return $string;	} return $string;
	} /** * Finds a needle in a haystack and returns it position, mb strings accounted for, case insensitive * * @param string $haystack String to look in (haystack) * @param string $needle What to look for (needle) * @param int $offset (optional) How much to offset * @return int\|bool false on needle not found, integer position if found */ function my_stripos($haystack, $needle, $offset=0) { if($needle == '') { return false; } if(function_exists("mb_stripos")) { $position = mb_stripos($haystack, $needle, $offset); } else { $position = stripos($haystack, $needle, $offset); } return $position;
} /**	} /**
Zeile 5834	Zeile 5992
function my_strtoupper($string) { if(function_exists("mb_strtoupper"))	function my_strtoupper($string) { if(function_exists("mb_strtoupper"))
{	{
$string = mb_strtoupper($string); } else	$string = mb_strtoupper($string); } else
Zeile 5890	Zeile 6048
return chr(0xF0 \| $c >> 18) . chr(0x80 \| $c >> 12 & 0x3F) . chr(0x80 \| $c >> 6 & 0x3F) . chr(0x80 \| $c & 0x3F);	return chr(0xF0 \| $c >> 18) . chr(0x80 \| $c >> 12 & 0x3F) . chr(0x80 \| $c >> 6 & 0x3F) . chr(0x80 \| $c & 0x3F);
} else { return false; }	} else { return false; }
} /**	} /**
Zeile 6269	Zeile 6427
global $cache; static $forum_cache;	global $cache; static $forum_cache;
if(!isset($forum_cache) \|\| is_array($forum_cache))	if(!isset($forum_cache) \|\| !is_array($forum_cache))
{ $forum_cache = $cache->read("forums"); } if(empty($forum_cache[$fid]))	{ $forum_cache = $cache->read("forums"); } if(empty($forum_cache[$fid]))
{	{
return false; }	return false; }
Zeile 6299	Zeile 6457
/** * Get the thread of a thread id.	/** * Get the thread of a thread id.
*	*
* @param int $tid The thread id of the thread. * @param boolean $recache Whether or not to recache the thread. * @return array\|bool The database row of the thread. False on failure	* @param int $tid The thread id of the thread. * @param boolean $recache Whether or not to recache the thread. * @return array\|bool The database row of the thread. False on failure
Zeile 6347	Zeile 6505
$pid = (int)$pid; if(isset($post_cache[$pid]))	$pid = (int)$pid; if(isset($post_cache[$pid]))
{	{
return $post_cache[$pid]; } else	return $post_cache[$pid]; } else
Zeile 6359	Zeile 6517
{ $post_cache[$pid] = $post; return $post;	{ $post_cache[$pid] = $post; return $post;
}	}
else { $post_cache[$pid] = false;	else { $post_cache[$pid] = false;
Zeile 6370	Zeile 6528
/** * Get inactivate forums.	/** * Get inactivate forums.
*	*
* @return string The comma separated values of the inactivate forum. */ function get_inactive_forums()	* @return string The comma separated values of the inactivate forum. */ function get_inactive_forums()
Zeile 6561	Zeile 6719
while($setting = $db->fetch_array($query)) { $mybb->settings[$setting['name']] = $setting['value'];	while($setting = $db->fetch_array($query)) { $mybb->settings[$setting['name']] = $setting['value'];
	$setting['name'] = addcslashes($setting['name'], "\\'");
$setting['value'] = addcslashes($setting['value'], '\\"$'); $settings .= "\$settings['{$setting['name']}'] = \"{$setting['value']}\";\n"; }	$setting['value'] = addcslashes($setting['value'], '\\"$'); $settings .= "\$settings['{$setting['name']}'] = \"{$setting['value']}\";\n"; }
Zeile 7112	Zeile 7272
if(in_array(curl_getinfo($ch, CURLINFO_HTTP_CODE), array(301, 302))) {	if(in_array(curl_getinfo($ch, CURLINFO_HTTP_CODE), array(301, 302))) {
preg_match('/Location:(.*?)(?:\n\|$)/', $header, $matches);	preg_match('/^Location:(.*?)(?:\n\|$)/im', $header, $matches);
if($matches) {	if($matches) {
Zeile 7173	Zeile 7333
'ssl' => array( 'verify_peer' => false, 'verify_peer_name' => false,	'ssl' => array( 'verify_peer' => false, 'verify_peer_name' => false,
	'peer_name' => $url_components['host'],
), )); } $fp = @stream_socket_client($scheme.$destination_address.':'.(int)$url_components['port'], $error_no, $error, 10, STREAM_CLIENT_CONNECT, $context);	), )); } $fp = @stream_socket_client($scheme.$destination_address.':'.(int)$url_components['port'], $error_no, $error, 10, STREAM_CLIENT_CONNECT, $context);
} else {	} else {
$fp = @fsockopen($scheme.$url_components['host'], (int)$url_components['port'], $error_no, $error, 10); }	$fp = @fsockopen($scheme.$url_components['host'], (int)$url_components['port'], $error_no, $error, 10); }
Zeile 7195	Zeile 7356
$headers[] = "POST {$url_components['path']} HTTP/1.0"; $headers[] = "Content-Length: ".strlen($post_body); $headers[] = "Content-Type: application/x-www-form-urlencoded";	$headers[] = "POST {$url_components['path']} HTTP/1.0"; $headers[] = "Content-Length: ".strlen($post_body); $headers[] = "Content-Type: application/x-www-form-urlencoded";
} else {	} else {
$headers[] = "GET {$url_components['path']} HTTP/1.0"; }	$headers[] = "GET {$url_components['path']} HTTP/1.0"; }

$headers[] = "Host: {$url_components['host']}"; $headers[] = "Connection: Close"; $headers[] = ''; if(!empty($post_body))	$headers[] = "Host: {$url_components['host']}"; $headers[] = "Connection: Close"; $headers[] = ''; if(!empty($post_body))
{	{
$headers[] = $post_body; } else	$headers[] = $post_body; } else
Zeile 7237	Zeile 7398
if($max_redirects > 0 && (strstr($status_line, ' 301 ') \|\| strstr($status_line, ' 302 '))) {	if($max_redirects > 0 && (strstr($status_line, ' 301 ') \|\| strstr($status_line, ' 302 '))) {
preg_match('/Location:(.*?)(?:\n\|$)/', $header, $matches);	preg_match('/^Location:(.*?)(?:\n\|$)/im', $header, $matches);
if($matches) { $data = fetch_remote_file(trim(array_pop($matches)), $post_data, --$max_redirects);	if($matches) { $data = fetch_remote_file(trim(array_pop($matches)), $post_data, --$max_redirects);
} }	} }
else { $data = $body;	else { $data = $body;
Zeile 7252	Zeile 7413
return $data; } else	return $data; } else
{	{
return false; } }	return false; } }
Zeile 7312	Zeile 7473
function is_super_admin($uid) { static $super_admins;	function is_super_admin($uid) { static $super_admins;

if(!isset($super_admins)) { global $mybb;	if(!isset($super_admins)) { global $mybb;
Zeile 7727	Zeile 7888
* @license LGPL - http://www.gnu.org/licenses/lgpl.html * @copyright 2004-2007 Aidan Lister <aidan@php.net>, Arpad Ray <arpad@php.net> * @link http://php.net/inet_pton	* @license LGPL - http://www.gnu.org/licenses/lgpl.html * @copyright 2004-2007 Aidan Lister <aidan@php.net>, Arpad Ray <arpad@php.net> * @link http://php.net/inet_pton
* @author Arpad Ray <arpad@php.net>	* @author Arpad Ray <arpad@php.net>
* @version $Revision: 269597 $ */ $r = ip2long($ip);	* @version $Revision: 269597 $ */ $r = ip2long($ip);
Zeile 8101	Zeile 8262
} $output = @mcrypt_create_iv($bytes, $source);	} $output = @mcrypt_create_iv($bytes, $source);
} } else { return $output; }	} } else { return $output; }
if(strlen($output) < $bytes) {	if(strlen($output) < $bytes) {
Zeile 8119	Zeile 8280
if ($crypto_strong == false) { $output = null;	if ($crypto_strong == false) { $output = null;
} } } }	} } } }
else { return $output;	else { return $output;
Zeile 8152	Zeile 8313
{ // Close to what PHP basically uses internally to seed, but not quite. $unique_state = microtime().@getmypid();	{ // Close to what PHP basically uses internally to seed, but not quite. $unique_state = microtime().@getmypid();
$rounds = ceil($bytes / 16);	$rounds = ceil($bytes / 16);
for($i = 0; $i < $rounds; $i++) { $unique_state = md5(microtime().$unique_state);	for($i = 0; $i < $rounds; $i++) { $unique_state = md5(microtime().$unique_state);
Zeile 8183	Zeile 8344
$bytes = PHP_INT_SIZE; do	$bytes = PHP_INT_SIZE; do
{ $output = secure_binary_seed_rng($bytes);	{ $output = secure_binary_seed_rng($bytes);
// convert binary data to a decimal number if ($bytes == 4)	// convert binary data to a decimal number if ($bytes == 4)
Zeile 8230	Zeile 8391
if(isset($result)) { return $result;	if(isset($result)) { return $result;
} }	} }
$seed = secure_seed_rng(); $distance = $max - $min;	$seed = secure_seed_rng(); $distance = $max - $min;
Zeile 8738	Zeile 8899
if(file_exists($file_path)) {	if(file_exists($file_path)) {
	if(is_object($plugins)) { $hook_args = array( 'file_path' => &$file_path, 'real_file_path' => &$real_file_path, 'file_name' => &$file_name, 'file_dir_path' => &$file_dir_path ); $plugins->run_hooks('copy_file_to_cdn_start', $hook_args); }
if($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath'])) { $cdn_path = rtrim($mybb->settings['cdnpath'], '/\\');	if($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath'])) { $cdn_path = rtrim($mybb->settings['cdnpath'], '/\\');