Vergleich usercp.php - 1.8.13 - 1.8.25

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 10Zeile 10

define("IN_MYBB", 1);
define('THIS_SCRIPT', 'usercp.php');

 

define("IN_MYBB", 1);
define('THIS_SCRIPT', 'usercp.php');

 
define("ALLOWABLE_PAGE", "removesubscription,removesubscriptions");


$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";


$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";

Zeile 27Zeile 28
$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms";
$templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format";
$templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";

 
$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms";
$templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format";
$templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";

 
$templatelist .= ",usercp_addsubscription_thread,forumdisplay_password,forumdisplay_password_wrongpass,";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

Zeile 40Zeile 42
if($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0)
{
	error_no_permission();

 
if($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0)
{
	error_no_permission();

}

if(!$mybb->user['pmfolders'])
{
	$mybb->user['pmfolders'] = '1**$%%$2**$%%$3**$%%$4**';
	$db->update_query('users', array('pmfolders' => $mybb->user['pmfolders']), "uid = {$mybb->user['uid']}");

 
}

$errors = '';

}

$errors = '';

Zeile 53Zeile 49
$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();

 
$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();

 

$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);

if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0)
{
	if(my_strpos($server_http_referer, '/') === 0)
	{
		$server_http_referer = my_substr($server_http_referer, 1);
	}
	$url_segments = explode('/', $server_http_referer);
	$server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments);
}


$plugins->run_hooks("usercp_start");
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{
	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler();

 

$plugins->run_hooks("usercp_start");
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{
	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler();





	$data = array(
		'uid' => $mybb->user['uid'],
		'signature' => $mybb->get_input('signature'),
	);

	$userhandler->set_data($data);

 
	$data = array(
		'uid' => $mybb->user['uid'],
		'signature' => $mybb->get_input('signature'),
	);

	$userhandler->set_data($data);





	if(!$userhandler->verify_signature())
	{
		$error = inline_error($userhandler->get_friendly_errors());

	if(!$userhandler->verify_signature())
	{
		$error = inline_error($userhandler->get_friendly_errors());

Zeile 102Zeile 110
	case "changename":
	case "do_changename":
		add_breadcrumb($lang->nav_changename);

 
	case "changename":
	case "do_changename":
		add_breadcrumb($lang->nav_changename);

		break;

		break;

	case "subscriptions":
		add_breadcrumb($lang->ucp_nav_subscribed_threads);
		break;

	case "subscriptions":
		add_breadcrumb($lang->ucp_nav_subscribed_threads);
		break;

Zeile 112Zeile 120
	case "editsig":
	case "do_editsig":
		add_breadcrumb($lang->nav_editsig);

 
	case "editsig":
	case "do_editsig":
		add_breadcrumb($lang->nav_editsig);

		break;

		break;

	case "avatar":
	case "do_avatar":
		add_breadcrumb($lang->nav_avatar);

 
	case "avatar":
	case "do_avatar":
		add_breadcrumb($lang->nav_avatar);

		break;

		break;

	case "notepad":
	case "do_notepad":
		add_breadcrumb($lang->ucp_nav_notepad);

	case "notepad":
	case "do_notepad":
		add_breadcrumb($lang->ucp_nav_notepad);

Zeile 130Zeile 138
		break;
	case "usergroups":
		add_breadcrumb($lang->ucp_nav_usergroups);

 
		break;
	case "usergroups":
		add_breadcrumb($lang->ucp_nav_usergroups);

		break;

		break;

	case "attachments":
		add_breadcrumb($lang->ucp_nav_attachments);
		break;
}

 
	case "attachments":
		add_breadcrumb($lang->ucp_nav_attachments);
		break;
}





if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 

	$user = array();


	$plugins->run_hooks("usercp_do_profile_start");



	$plugins->run_hooks("usercp_do_profile_start");


Zeile 203Zeile 213
	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler("update");


 
	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler("update");


	$user = array(

	$user = array_merge($user, array(

		"uid" => $mybb->user['uid'],
		"postnum" => $mybb->user['postnum'],
		"usergroup" => $mybb->user['usergroup'],

		"uid" => $mybb->user['uid'],
		"postnum" => $mybb->user['postnum'],
		"usergroup" => $mybb->user['usergroup'],

Zeile 212Zeile 222
		"birthdayprivacy" => $mybb->get_input('birthdayprivacy'),
		"away" => $away,
		"profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)

 
		"birthdayprivacy" => $mybb->get_input('birthdayprivacy'),
		"away" => $away,
		"profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)

	);
	foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)
	{
		$csetting = 'allow'.$cfield.'field';
		if($mybb->settings[$csetting] == '')
		{
			continue;
		}

	));
	foreach(array('icq', 'skype', 'google') as $cfield)
	{
		$csetting = 'allow'.$cfield.'field';
		if($mybb->settings[$csetting] == '')
		{
			continue;
		}


		if(!is_member($mybb->settings[$csetting]))
		{
			continue;

 

		if(!is_member($mybb->settings[$csetting]))
		{
			continue;

		}

		}


		if($cfield == 'icq')
		{
			$user[$cfield] = $mybb->get_input($cfield, 1);

 

		if($cfield == 'icq')
		{
			$user[$cfield] = $mybb->get_input($cfield, 1);

 

			if(my_strlen($user[$cfield]) > 10)
			{
				error($lang->contact_field_icqerror);
			}

		}
		else
		{
			$user[$cfield] = $mybb->get_input($cfield);

 
		}
		else
		{
			$user[$cfield] = $mybb->get_input($cfield);

 

			if(my_strlen($user[$cfield]) > 75)
			{
				error($lang->contact_field_error);
			}

		}
	}


		}
	}


Zeile 247Zeile 267
		{
			$user['usertitle'] = $mybb->get_input('usertitle');
		}

 
		{
			$user['usertitle'] = $mybb->get_input('usertitle');
		}

		else if(!empty($mybb->input['reverttitle']))

		elseif(!empty($mybb->input['reverttitle']))

		{
			$user['usertitle'] = '';
		}

		{
			$user['usertitle'] = '';
		}

Zeile 257Zeile 277
	if(!$userhandler->validate_user())
	{
		$errors = $userhandler->get_friendly_errors();

 
	if(!$userhandler->validate_user())
	{
		$errors = $userhandler->get_friendly_errors();

 
		$raw_errors = $userhandler->get_errors();



 


		// Set allowed value otherwise select options disappear
		if(in_array($lang->userdata_invalid_birthday_privacy, $errors))

		// Set to stored value if invalid
		if(array_key_exists("invalid_birthday_privacy", $raw_errors))

		{

 
		{

			$mybb->input['birthdayprivacy'] = 'none';

			$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];

		}

		$errors = inline_error($errors);

		}

		$errors = inline_error($errors);

Zeile 329Zeile 350
	{
		$allselected = " selected=\"selected\"";
	}

 
	{
		$allselected = " selected=\"selected\"";
	}

	else if($user['birthdayprivacy'] == 'none')

	elseif($user['birthdayprivacy'] == 'none')

	{
		$noneselected = " selected=\"selected\"";
	}

 
	{
		$noneselected = " selected=\"selected\"";
	}

	else if($user['birthdayprivacy'] == 'age')

	elseif($user['birthdayprivacy'] == 'age')

	{
		$ageselected = " selected=\"selected\"";
	}

	{
		$ageselected = " selected=\"selected\"";
	}

Zeile 361Zeile 382
	{
		$user['skype'] = htmlspecialchars_uni($user['skype']);
		$user['google'] = htmlspecialchars_uni($user['google']);

 
	{
		$user['skype'] = htmlspecialchars_uni($user['skype']);
		$user['google'] = htmlspecialchars_uni($user['google']);

		$user['aim'] = htmlspecialchars_uni($user['aim']);
		$user['yahoo'] = htmlspecialchars_uni($user['yahoo']);

 
	}

	$contact_fields = array();
	$contactfields = '';
	$cfieldsshow = false;


 
	}

	$contact_fields = array();
	$contactfields = '';
	$cfieldsshow = false;


	foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)

	foreach(array('icq', 'skype', 'google') as $cfield)

	{
		$contact_fields[$cfield] = '';
		$csetting = 'allow'.$cfield.'field';

	{
		$contact_fields[$cfield] = '';
		$csetting = 'allow'.$cfield.'field';

Zeile 458Zeile 477

		$returndatemonthsel = array();
		foreach(range(1, 12) as $month)

 

		$returndatemonthsel = array();
		foreach(range(1, 12) as $month)

		{

		{

			$returndatemonthsel[$month] = '';
		}
		$returndatemonthsel[$returndate[1]] = "selected";

			$returndatemonthsel[$month] = '';
		}
		$returndatemonthsel[$returndate[1]] = "selected";

Zeile 470Zeile 489
	$altbg = "trow1";
	$requiredfields = $customfields = '';
	$mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);

 
	$altbg = "trow1";
	$requiredfields = $customfields = '';
	$mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);





	$pfcache = $cache->read('profilefields');

	if(is_array($pfcache))

	$pfcache = $cache->read('profilefields');

	if(is_array($pfcache))

Zeile 490Zeile 509
			if(isset($thing[1]))
			{
				$options = $thing[1];

 
			if(isset($thing[1]))
			{
				$options = $thing[1];

			}

			}

			else
			{
				$options = array();

			else
			{
				$options = array();

Zeile 510Zeile 529
				$userfield = $user[$field];
			}
			if($type == "multiselect")

 
				$userfield = $user[$field];
			}
			if($type == "multiselect")

			{
				if($errors)
				{
					$useropts = $userfield;
				}
				else

			{
				if($errors)
				{
					$useropts = $userfield;
				}
				else

				{
					$useropts = explode("\n", $userfield);
				}

				{
					$useropts = explode("\n", $userfield);
				}

Zeile 578Zeile 597
			}
			elseif($type == "radio")
			{

 
			}
			elseif($type == "radio")
			{

 
				$userfield = htmlspecialchars_uni($userfield);

				$expoptions = explode("\n", $options);
				if(is_array($expoptions))
				{

				$expoptions = explode("\n", $options);
				if(is_array($expoptions))
				{

Zeile 595Zeile 615
			}
			elseif($type == "checkbox")
			{

 
			}
			elseif($type == "checkbox")
			{

 
				$userfield = htmlspecialchars_uni($userfield);

				if($errors)
				{
					$useropts = $userfield;

				if($errors)
				{
					$useropts = $userfield;

Zeile 629Zeile 650
			{
				$value = htmlspecialchars_uni($userfield);
				eval("\$code = \"".$templates->get("usercp_profile_profilefields_textarea")."\";");

 
			{
				$value = htmlspecialchars_uni($userfield);
				eval("\$code = \"".$templates->get("usercp_profile_profilefields_textarea")."\";");

			}
			else

			}
			else

			{
				$value = htmlspecialchars_uni($userfield);
				$maxlength = "";
				if($profilefield['maxlength'] > 0)
				{
					$maxlength = " maxlength=\"{$profilefield['maxlength']}\"";

 
			{
				$value = htmlspecialchars_uni($userfield);
				$maxlength = "";
				if($profilefield['maxlength'] > 0)
				{
					$maxlength = " maxlength=\"{$profilefield['maxlength']}\"";

				}


				}


				eval("\$code = \"".$templates->get("usercp_profile_profilefields_text")."\";");
			}

			if($profilefield['required'] == 1)
			{
				eval("\$requiredfields .= \"".$templates->get("usercp_profile_customfield")."\";");

 
				eval("\$code = \"".$templates->get("usercp_profile_profilefields_text")."\";");
			}

			if($profilefield['required'] == 1)
			{
				eval("\$requiredfields .= \"".$templates->get("usercp_profile_customfield")."\";");

			}

			}

			else
			{
				eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");

			else
			{
				eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");

Zeile 658Zeile 679
			$expoptions = "";
			$useropts = "";
			$seloptions = array();

 
			$expoptions = "";
			$useropts = "";
			$seloptions = array();

		}
	}

		}
	}

	if($customfields)
	{
		eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";");

	if($customfields)
	{
		eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";");

Zeile 688Zeile 709

		$newtitle = '';
		if(trim($user['usertitle']) == '')

 

		$newtitle = '';
		if(trim($user['usertitle']) == '')

		{

		{

			$lang->current_custom_usertitle = '';
		}
		else
		{
			if($errors)

 
			$lang->current_custom_usertitle = '';
		}
		else
		{
			if($errors)

			{

			{

				$newtitle = htmlspecialchars_uni($user['usertitle']);
				$user['usertitle'] = $mybb->user['usertitle'];

 
				$newtitle = htmlspecialchars_uni($user['usertitle']);
				$user['usertitle'] = $mybb->user['usertitle'];

			}
		}

		$user['usertitle'] = htmlspecialchars_uni($user['usertitle']);

			}
		}

		$user['usertitle'] = htmlspecialchars_uni($user['usertitle']);


		$currentcustom = $reverttitle = '';
		if(!empty($mybb->user['usertitle']))
		{
			eval("\$currentcustom = \"".$templates->get("usercp_profile_customtitle_currentcustom")."\";");

 

		$currentcustom = $reverttitle = '';
		if(!empty($mybb->user['usertitle']))
		{
			eval("\$currentcustom = \"".$templates->get("usercp_profile_customtitle_currentcustom")."\";");





			if($mybb->user['usertitle'] != $mybb->usergroup['usertitle'])
			{
				eval("\$reverttitle = \"".$templates->get("usercp_profile_customtitle_reverttitle")."\";");

			if($mybb->user['usertitle'] != $mybb->usergroup['usertitle'])
			{
				eval("\$reverttitle = \"".$templates->get("usercp_profile_customtitle_reverttitle")."\";");

Zeile 735Zeile 756
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 

	$user = array();


	$plugins->run_hooks("usercp_do_options_start");



	$plugins->run_hooks("usercp_do_options_start");


Zeile 742Zeile 765
	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler("update");


 
	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler("update");


	$user = array(

	$user = array_merge($user, array(

		"uid" => $mybb->user['uid'],
		"style" => $mybb->get_input('style', MyBB::INPUT_INT),
		"dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),

		"uid" => $mybb->user['uid'],
		"style" => $mybb->get_input('style', MyBB::INPUT_INT),
		"dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),

Zeile 751Zeile 774
		"language" => $mybb->get_input('language'),
		'usergroup'	=> $mybb->user['usergroup'],
		'additionalgroups'	=> $mybb->user['additionalgroups']

 
		"language" => $mybb->get_input('language'),
		'usergroup'	=> $mybb->user['usergroup'],
		'additionalgroups'	=> $mybb->user['additionalgroups']

	);

	));


	$user['options'] = array(
		"allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),


	$user['options'] = array(
		"allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),

Zeile 777Zeile 800
		"showredirect" => $mybb->get_input('showredirect', MyBB::INPUT_INT),
		"classicpostbit" => $mybb->get_input('classicpostbit', MyBB::INPUT_INT)
	);

 
		"showredirect" => $mybb->get_input('showredirect', MyBB::INPUT_INT),
		"classicpostbit" => $mybb->get_input('classicpostbit', MyBB::INPUT_INT)
	);





	if($mybb->settings['usertppoptions'])
	{
		$user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);

	if($mybb->settings['usertppoptions'])
	{
		$user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);

Zeile 803Zeile 826
		$plugins->run_hooks("usercp_do_options_end");

		redirect("usercp.php?action=options", $lang->redirect_optionsupdated);

 
		$plugins->run_hooks("usercp_do_options_end");

		redirect("usercp.php?action=options", $lang->redirect_optionsupdated);

	}

	}

}

 
}





if($mybb->input['action'] == "options")
{

 
if($mybb->input['action'] == "options")
{

	$plugins->run_hooks("usercp_options_start");


 
	if($errors != '')

 
	if($errors != '')

	{

	{

		$user = $mybb->input;

 
		$user = $mybb->input;

	}

	}

	else
	{
		$user = $mybb->user;

 
	else
	{
		$user = $mybb->user;

	}




	}

	$plugins->run_hooks("usercp_options_start");


	$languages = $lang->get_languages();
	$board_language = $langoptions = '';
	if(count($languages) > 1)

	$languages = $lang->get_languages();
	$board_language = $langoptions = '';
	if(count($languages) > 1)

Zeile 832Zeile 855
			{
				$sel = " selected=\"selected\"";
			}

 
			{
				$sel = " selected=\"selected\"";
			}





			eval('$langoptions .= "'.$templates->get('usercp_options_language_option').'";');
		}


			eval('$langoptions .= "'.$templates->get('usercp_options_language_option').'";');
		}


Zeile 847Zeile 870
	else
	{
		$allownoticescheck = "";

 
	else
	{
		$allownoticescheck = "";

	}

	}


	if(isset($user['invisible']) && $user['invisible'] == 1)
	{
		$invisiblecheck = "checked=\"checked\"";
	}
	else

 

	if(isset($user['invisible']) && $user['invisible'] == 1)
	{
		$invisiblecheck = "checked=\"checked\"";
	}
	else

	{

	{

		$invisiblecheck = "";
	}

	if(isset($user['hideemail']) && $user['hideemail'] == 1)
	{
		$hideemailcheck = "checked=\"checked\"";

 
		$invisiblecheck = "";
	}

	if(isset($user['hideemail']) && $user['hideemail'] == 1)
	{
		$hideemailcheck = "checked=\"checked\"";

	}

	}

	else
	{
		$hideemailcheck = "";

	else
	{
		$hideemailcheck = "";

Zeile 872Zeile 895
	{
		$no_subscribe_selected = "selected=\"selected\"";
	}

 
	{
		$no_subscribe_selected = "selected=\"selected\"";
	}

	else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)

	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)

	{
		$instant_email_subscribe_selected = "selected=\"selected\"";

 
	{
		$instant_email_subscribe_selected = "selected=\"selected\"";

	}
	else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)
	{

	}
	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)
	{

		$instant_pm_subscribe_selected = "selected=\"selected\"";

 
		$instant_pm_subscribe_selected = "selected=\"selected\"";

	}

	}

	else
	{
		$no_auto_subscribe_selected = "selected=\"selected\"";

 
	else
	{
		$no_auto_subscribe_selected = "selected=\"selected\"";

	}

	}


	if(isset($user['showimages']) && $user['showimages'] == 1)

 

	if(isset($user['showimages']) && $user['showimages'] == 1)

	{

	{

		$showimagescheck = "checked=\"checked\"";

 
		$showimagescheck = "checked=\"checked\"";

	}
	else
	{

	}
	else
	{

		$showimagescheck = "";
	}

	if(isset($user['showvideos']) && $user['showvideos'] == 1)
	{
		$showvideoscheck = "checked=\"checked\"";

 
		$showimagescheck = "";
	}

	if(isset($user['showvideos']) && $user['showvideos'] == 1)
	{
		$showvideoscheck = "checked=\"checked\"";

	}

	}

	else

 
	else

	{

	{

		$showvideoscheck = "";
	}

	if(isset($user['showsigs']) && $user['showsigs'] == 1)

 
		$showvideoscheck = "";
	}

	if(isset($user['showsigs']) && $user['showsigs'] == 1)

	{

	{

		$showsigscheck = "checked=\"checked\"";

 
		$showsigscheck = "checked=\"checked\"";

	}

	}

	else
	{
		$showsigscheck = "";

 
	else
	{
		$showsigscheck = "";

	}


	}


	if(isset($user['showavatars']) && $user['showavatars'] == 1)

 
	if(isset($user['showavatars']) && $user['showavatars'] == 1)

	{

	{

		$showavatarscheck = "checked=\"checked\"";

 
		$showavatarscheck = "checked=\"checked\"";

	}

	}

	else
	{
		$showavatarscheck = "";

 
	else
	{
		$showavatarscheck = "";

	}


	}


	if(isset($user['showquickreply']) && $user['showquickreply'] == 1)

 
	if(isset($user['showquickreply']) && $user['showquickreply'] == 1)

	{

	{

		$showquickreplycheck = "checked=\"checked\"";
	}
	else
	{
		$showquickreplycheck = "";

 
		$showquickreplycheck = "checked=\"checked\"";
	}
	else
	{
		$showquickreplycheck = "";

	}

	}


	if(isset($user['receivepms']) && $user['receivepms'] == 1)

 

	if(isset($user['receivepms']) && $user['receivepms'] == 1)

	{

	{

		$receivepmscheck = "checked=\"checked\"";

 
		$receivepmscheck = "checked=\"checked\"";

	}
	else
	{

	}
	else
	{

		$receivepmscheck = "";
	}

	if(isset($user['receivefrombuddy']) && $user['receivefrombuddy'] == 1)
	{
		$receivefrombuddycheck = "checked=\"checked\"";

 
		$receivepmscheck = "";
	}

	if(isset($user['receivefrombuddy']) && $user['receivefrombuddy'] == 1)
	{
		$receivefrombuddycheck = "checked=\"checked\"";

	}

	}

	else

 
	else

	{

	{

		$receivefrombuddycheck = "";

 
		$receivefrombuddycheck = "";

	}

	if(isset($user['pmnotice']) && $user['pmnotice'] >= 1)
	{

	}

	if(isset($user['pmnotice']) && $user['pmnotice'] >= 1)
	{

		$pmnoticecheck = " checked=\"checked\"";
	}
	else
	{
		$pmnoticecheck = "";

 
		$pmnoticecheck = " checked=\"checked\"";
	}
	else
	{
		$pmnoticecheck = "";

	}


	}


	$dst_auto_selected = $dst_enabled_selected = $dst_disabled_selected = '';
	if(isset($user['dstcorrection']) && $user['dstcorrection'] == 2)
	{
		$dst_auto_selected = "selected=\"selected\"";
	}

 
	$dst_auto_selected = $dst_enabled_selected = $dst_disabled_selected = '';
	if(isset($user['dstcorrection']) && $user['dstcorrection'] == 2)
	{
		$dst_auto_selected = "selected=\"selected\"";
	}

	else if(isset($user['dstcorrection']) && $user['dstcorrection'] == 1)

	elseif(isset($user['dstcorrection']) && $user['dstcorrection'] == 1)

	{
		$dst_enabled_selected = "selected=\"selected\"";
	}

	{
		$dst_enabled_selected = "selected=\"selected\"";
	}

Zeile 978Zeile 1001
	else
	{
		$showcodebuttonscheck = "";

 
	else
	{
		$showcodebuttonscheck = "";

	}

	}


	if(isset($user['sourceeditor']) && $user['sourceeditor'] == 1)
	{


	if(isset($user['sourceeditor']) && $user['sourceeditor'] == 1)
	{

Zeile 1151Zeile 1174
			}
		}
		eval("\$pppselect = \"".$templates->get("usercp_options_pppselect")."\";");

 
			}
		}
		eval("\$pppselect = \"".$templates->get("usercp_options_pppselect")."\";");

	}

	}


	$plugins->run_hooks("usercp_options_end");



	$plugins->run_hooks("usercp_options_end");


Zeile 1191Zeile 1214
		}
		else
		{

 
		}
		else
		{

			if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != 1 && $mybb->settings['regtype'] != "verify")












































			$activation = false;
			// Checking for pending activations for non-activated accounts
			if($mybb->user['usergroup'] == 5 && ($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "both"))
			{
				$query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND (type='r' OR type='b')");
				$activation = $db->fetch_array($query);
			}
			if($activation)
			{
				$userhandler->update_user();

				$db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'");

				// Send new activation mail for non-activated accounts
				$activationcode = random_str();
				$activationarray = array(
					"uid" => $mybb->user['uid'],
					"dateline" => TIME_NOW,
					"code" => $activationcode,
					"type" => $activation['type']
				);
				$db->insert_query("awaitingactivation", $activationarray);
				$emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']);
				switch($mybb->settings['username_method'])
				{
					case 0:
						$emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
						break;
					case 1:
						$emailmessage = $lang->sprintf($lang->email_activateaccount1, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
						break;
					case 2:
						$emailmessage = $lang->sprintf($lang->email_activateaccount2, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
						break;
					default:
						$emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
						break;
				}
				my_mail($mybb->user['email'], $emailsubject, $emailmessage);

				$plugins->run_hooks("usercp_do_email_changed");
				redirect("usercp.php?action=email", $lang->redirect_emailupdated);
			}
			elseif($mybb->usergroup['cancp'] != 1 && ($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "both"))

			{
				$uid = $mybb->user['uid'];
				$username = $mybb->user['username'];

 
			{
				$uid = $mybb->user['uid'];
				$username = $mybb->user['username'];





				// Emails require verification
				$activationcode = random_str();
				$db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'");

				// Emails require verification
				$activationcode = random_str();
				$db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'");

Zeile 1209Zeile 1275
				);

				$db->insert_query("awaitingactivation", $newactivation);

 
				);

				$db->insert_query("awaitingactivation", $newactivation);





				$mail_message = $lang->sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->get_input('email'), $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']);

				$lang->emailsubject_changeemail = $lang->sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']);

				$mail_message = $lang->sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->get_input('email'), $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']);

				$lang->emailsubject_changeemail = $lang->sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']);

Zeile 1243Zeile 1309
	{
		$email = htmlspecialchars_uni($mybb->get_input('email'));
		$email2 = htmlspecialchars_uni($mybb->get_input('email2'));

 
	{
		$email = htmlspecialchars_uni($mybb->get_input('email'));
		$email2 = htmlspecialchars_uni($mybb->get_input('email2'));

	}

	}

	else
	{
		$email = $email2 = '';
	}

 
	else
	{
		$email = $email2 = '';
	}





	$plugins->run_hooks("usercp_email");

 
	$plugins->run_hooks("usercp_email");





	eval("\$changemail = \"".$templates->get("usercp_email")."\";");
	output_page($changemail);
}

	eval("\$changemail = \"".$templates->get("usercp_email")."\";");
	output_page($changemail);
}

Zeile 1260Zeile 1326
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


 
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


 
	$user = array();

	$errors = array();

	$plugins->run_hooks("usercp_do_password_start");
	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false)

 
	$errors = array();

	$plugins->run_hooks("usercp_do_password_start");
	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false)

	{
		$errors[] = $lang->error_invalidpassword;
	}

	{
		$errors[] = $lang->error_invalidpassword;
	}

	else
	{
		// Set up user handler.
		require_once MYBB_ROOT."inc/datahandlers/user.php";
		$userhandler = new UserDataHandler("update");

 
	else
	{
		// Set up user handler.
		require_once MYBB_ROOT."inc/datahandlers/user.php";
		$userhandler = new UserDataHandler("update");


		$user = array(


		$user = array_merge($user, array(

			"uid" => $mybb->user['uid'],
			"password" => $mybb->get_input('password'),
			"password2" => $mybb->get_input('password2')

 
			"uid" => $mybb->user['uid'],
			"password" => $mybb->get_input('password'),
			"password2" => $mybb->get_input('password2')

		);


		));


		$userhandler->set_data($user);

 
		$userhandler->set_data($user);





		if(!$userhandler->validate_user())
		{
			$errors = $userhandler->get_friendly_errors();

		if(!$userhandler->validate_user())
		{
			$errors = $userhandler->get_friendly_errors();

Zeile 1288Zeile 1355
		else
		{
			$userhandler->update_user();

 
		else
		{
			$userhandler->update_user();

			my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true);

			my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true, "lax");


			// Notify the user by email that their password has been changed
			$mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']);


			// Notify the user by email that their password has been changed
			$mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']);

Zeile 1309Zeile 1376
if($mybb->input['action'] == "password")
{
	$plugins->run_hooks("usercp_password");

 
if($mybb->input['action'] == "password")
{
	$plugins->run_hooks("usercp_password");





	eval("\$editpassword = \"".$templates->get("usercp_password")."\";");
	output_page($editpassword);
}

	eval("\$editpassword = \"".$templates->get("usercp_password")."\";");
	output_page($editpassword);
}

Zeile 1319Zeile 1386
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


 
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


	$plugins->run_hooks("usercp_do_changename_start");


	$errors = array();


	if($mybb->usergroup['canchangename'] != 1)
	{
		error_no_permission();
	}

 
	if($mybb->usergroup['canchangename'] != 1)
	{
		error_no_permission();
	}

 

	$user = array();

	$plugins->run_hooks("usercp_do_changename_start");


	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)
	{


	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)
	{

Zeile 1335Zeile 1407
		require_once MYBB_ROOT."inc/datahandlers/user.php";
		$userhandler = new UserDataHandler("update");


 
		require_once MYBB_ROOT."inc/datahandlers/user.php";
		$userhandler = new UserDataHandler("update");


		$user = array(

		$user = array_merge($user, array(

			"uid" => $mybb->user['uid'],
			"username" => $mybb->get_input('username')

 
			"uid" => $mybb->user['uid'],
			"username" => $mybb->get_input('username')

		);

		));


		$userhandler->set_data($user);



		$userhandler->set_data($user);


Zeile 1351Zeile 1423
			$userhandler->update_user();
			$plugins->run_hooks("usercp_do_changename_end");
			redirect("usercp.php?action=changename", $lang->redirect_namechanged);

 
			$userhandler->update_user();
			$plugins->run_hooks("usercp_do_changename_end");
			redirect("usercp.php?action=changename", $lang->redirect_namechanged);



 
		}
	}
	if(count($errors) > 0)

		}
	}
	if(count($errors) > 0)

Zeile 1367Zeile 1438
	if($mybb->usergroup['canchangename'] != 1)
	{
		error_no_permission();

 
	if($mybb->usergroup['canchangename'] != 1)
	{
		error_no_permission();

 
	}

	// Coming back to this page after one or more errors were experienced, show field the user previously entered (with the exception of the password)
	if($errors)
	{
		$username = htmlspecialchars_uni($mybb->get_input('username'));
	}
	else
	{
		$username = '';

	}

	$plugins->run_hooks("usercp_changename_end");

	}

	$plugins->run_hooks("usercp_changename_end");

Zeile 1379Zeile 1460
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


	$plugins->run_hooks("usercp_do_subscriptions_start");

 

	if(!isset($mybb->input['check']) || !is_array($mybb->input['check']))
	{
		error($lang->no_subscriptions_selected);
	}

 

	if(!isset($mybb->input['check']) || !is_array($mybb->input['check']))
	{
		error($lang->no_subscriptions_selected);
	}

 

	$plugins->run_hooks("usercp_do_subscriptions_start");


	// Clean input - only accept integers thanks!
	$mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));


	// Clean input - only accept integers thanks!
	$mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));

Zeile 1393Zeile 1474

	// Deleting these subscriptions?
	if($mybb->get_input('do') == "delete")

 

	// Deleting these subscriptions?
	if($mybb->get_input('do') == "delete")

	{

	{

		$db->delete_query("threadsubscriptions", "tid IN ($tids) AND uid='{$mybb->user['uid']}'");
	}
	// Changing subscription type
	else
	{
		if($mybb->get_input('do') == "no_notification")

 
		$db->delete_query("threadsubscriptions", "tid IN ($tids) AND uid='{$mybb->user['uid']}'");
	}
	// Changing subscription type
	else
	{
		if($mybb->get_input('do') == "no_notification")

		{

		{

			$new_notification = 0;
		}

 
			$new_notification = 0;
		}

		else if($mybb->get_input('do') == "email_notification")

		elseif($mybb->get_input('do') == "email_notification")

		{
			$new_notification = 1;
		}

 
		{
			$new_notification = 1;
		}

		else if($mybb->get_input('do') == "pm_notification")

		elseif($mybb->get_input('do') == "pm_notification")

		{
			$new_notification = 2;
		}

		{
			$new_notification = 2;
		}

Zeile 1415Zeile 1496
		// Update
		$update_array = array("notification" => $new_notification);
		$db->update_query("threadsubscriptions", $update_array, "tid IN ($tids) AND uid='{$mybb->user['uid']}'");

 
		// Update
		$update_array = array("notification" => $new_notification);
		$db->update_query("threadsubscriptions", $update_array, "tid IN ($tids) AND uid='{$mybb->user['uid']}'");

	}

	}


	// Done, redirect
	redirect("usercp.php?action=subscriptions", $lang->redirect_subscriptions_updated);


	// Done, redirect
	redirect("usercp.php?action=subscriptions", $lang->redirect_subscriptions_updated);

Zeile 1440Zeile 1521
		WHERE ts.uid = '".$mybb->user['uid']."' AND t.visible >= 0 {$visible}
	");
	$threadcount = $db->fetch_field($query, "threads");

 
		WHERE ts.uid = '".$mybb->user['uid']."' AND t.visible >= 0 {$visible}
	");
	$threadcount = $db->fetch_field($query, "threads");


	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)


	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

	{
		$mybb->settings['threadsperpage'] = 20;
	}

	{
		$mybb->settings['threadsperpage'] = 20;
	}

Zeile 1494Zeile 1575
			// Hmm, you don't have permission to view this thread - unsubscribe!
			$del_subscriptions[] = $subscription['sid'];
		}

 
			// Hmm, you don't have permission to view this thread - unsubscribe!
			$del_subscriptions[] = $subscription['sid'];
		}

		else if($subscription['tid'])

		elseif($subscription['tid'])

		{
			$subscriptions[$subscription['tid']] = $subscription;
		}

		{
			$subscriptions[$subscription['tid']] = $subscription;
		}

Zeile 1678Zeile 1759

			if($thread['closed'] == 1)
			{

 

			if($thread['closed'] == 1)
			{

				$folder .= "lock";
				$folder_label .= $lang->icon_lock;

				$folder .= "close";
				$folder_label .= $lang->icon_close;

			}

			$folder .= "folder";

			}

			$folder .= "folder";

Zeile 1764Zeile 1845
	}

	$fpermissions = forum_permissions();

 
	}

	$fpermissions = forum_permissions();

	require_once MYBB_ROOT."inc/functions_forumlist.php";

	require_once MYBB_ROOT."inc/functions_forumlist.php";


	$query = $db->query("
		SELECT fs.*, f.*, t.subject AS lastpostsubject, fr.dateline AS lastread


	$query = $db->query("
		SELECT fs.*, f.*, t.subject AS lastpostsubject, fr.dateline AS lastread

Zeile 1857Zeile 1938

	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";");
	output_page($forumsubscriptions);

 

	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";");
	output_page($forumsubscriptions);

 
}

if($mybb->input['action'] == "do_addsubscription" && $mybb->get_input('type') != "forum")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	$thread = get_thread($mybb->get_input('tid'));
	if(!$thread || $thread['visible'] == -1)
	{
		error($lang->error_invalidthread);
	}

	// Is the currently logged in user a moderator of this forum?
	$ismod = is_moderator($thread['fid']);

	// Make sure we are looking at a real thread here.
	if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
	{
		error($lang->error_invalidthread);
	}

	$forumpermissions = forum_permissions($thread['fid']);
	if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
	{
		error_no_permission();
	}

	// check if the forum requires a password to view. If so, we need to show a form to the user
	check_forum_password($thread['fid']);

	// Naming of the hook retained for backward compatibility while dropping usercp2.php
	$plugins->run_hooks("usercp2_do_addsubscription");

	add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));

	if($mybb->get_input('referrer'))
	{
		$mybb->input['referrer'] = $mybb->get_input('referrer');

		if(my_strpos($mybb->input['referrer'], $mybb->settings['bburl'].'/') !== 0)
		{
			if(my_strpos($mybb->input['referrer'], '/') === 0)
			{
				$mybb->input['referrer'] = my_substr($mybb->input['url'], 1);
			}
			$url_segments = explode('/', $mybb->input['referrer']);
			$mybb->input['referrer'] = $mybb->settings['bburl'].'/'.end($url_segments);
		}

		$url = htmlspecialchars_uni($mybb->input['referrer']);
	}
	else
	{
		$url = get_thread_link($thread['tid']);
	}
	redirect($url, $lang->redirect_subscriptionadded);
}

if($mybb->input['action'] == "addsubscription")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	if($mybb->get_input('type') == "forum")
	{
		$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
		if(!$forum)
		{
			error($lang->error_invalidforum);
		}
		$forumpermissions = forum_permissions($forum['fid']);
		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
		{
			error_no_permission();
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($forum['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_addsubscription_forum");

		add_subscribed_forum($forum['fid']);
		if($server_http_referer && $mybb->request_method != 'post')
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "index.php";
		}
		redirect($url, $lang->redirect_forumsubscriptionadded);
	}
	else
	{
		$thread  = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread || $thread['visible'] == -1)
		{
			error($lang->error_invalidthread);
		}

		// Is the currently logged in user a moderator of this forum?
		$ismod = is_moderator($thread['fid']);

		// Make sure we are looking at a real thread here.
		if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
		{
			error($lang->error_invalidthread);
		}

		add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions");
		add_breadcrumb($lang->nav_addsubscription);

		$forumpermissions = forum_permissions($thread['fid']);
		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
		{
			error_no_permission();
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($thread['fid']);

		$referrer = '';
		if($server_http_referer)
		{
			$referrer = $server_http_referer;
		}

		require_once MYBB_ROOT."inc/class_parser.php";
		$parser = new postParser;
		$thread['subject'] = $parser->parse_badwords($thread['subject']);
		$thread['subject'] = htmlspecialchars_uni($thread['subject']);
		$lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']);

		$notification_none_checked = $notification_email_checked = $notification_pm_checked = '';
		if($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0)
		{
			$notification_none_checked = "checked=\"checked\"";
		}
		elseif($mybb->user['subscriptionmethod'] == 2)
		{
			$notification_email_checked = "checked=\"checked\"";
		}
		elseif($mybb->user['subscriptionmethod'] == 3)
		{
			$notification_pm_checked = "checked=\"checked\"";
		}

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_addsubscription_thread");

		eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";");
		output_page($add_subscription);
		exit;
	}
}

if($mybb->input['action'] == "removesubscription" && ($mybb->request_method == "post" || verify_post_check($mybb->get_input('my_post_key'), true)))
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	if($mybb->get_input('type') == "forum")
	{
		$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
		if(!$forum)
		{
			error($lang->error_invalidforum);
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($forum['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_forum");

		remove_subscribed_forum($forum['fid']);
		if($server_http_referer && $mybb->request_method != 'post')
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=forumsubscriptions";
		}
		redirect($url, $lang->redirect_forumsubscriptionremoved);
	}
	else
	{
		$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread)
		{
			error($lang->error_invalidthread);
		}

		// Is the currently logged in user a moderator of this forum?
		$ismod = is_moderator($thread['fid']);

		// Make sure we are looking at a real thread here.
		if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
		{
			error($lang->error_invalidthread);
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($thread['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_thread");

		remove_subscribed_thread($thread['tid']);
		if($server_http_referer && $mybb->request_method != 'post')
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=subscriptions";
		}
		redirect($url, $lang->redirect_subscriptionremoved);
	}
}

// Show remove subscription form when GET method and without valid my_post_key
if($mybb->input['action'] == "removesubscription")
{
	$referrer = '';
	if($mybb->get_input('type') == "forum")
	{
		$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
		if(!$forum)
		{
			error($lang->error_invalidforum);
		}

		add_breadcrumb($lang->nav_forumsubscriptions, "usercp.php?action=forumsubscriptions");
		add_breadcrumb($lang->nav_removesubscription);

		$forumpermissions = forum_permissions($forum['fid']);
		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
		{
			error_no_permission();
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($forum['fid']);

		$lang->unsubscribe_from_forum = $lang->sprintf($lang->unsubscribe_from_forum, $forum['name']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_display_forum");

		eval("\$remove_forum_subscription = \"".$templates->get("usercp_removesubscription_forum")."\";");
		output_page($remove_forum_subscription);
		exit;
	}
	else
	{
		$thread  = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread || $thread['visible'] == -1)
		{
			error($lang->error_invalidthread);
		}

		// Is the currently logged in user a moderator of this forum?
		$ismod = is_moderator($thread['fid']);

		// Make sure we are looking at a real thread here.
		if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
		{
			error($lang->error_invalidthread);
		}

		add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions");
		add_breadcrumb($lang->nav_removesubscription);

		$forumpermissions = forum_permissions($thread['fid']);
		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
		{
			error_no_permission();
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($thread['fid']);

		require_once MYBB_ROOT."inc/class_parser.php";
		$parser = new postParser;
		$thread['subject'] = $parser->parse_badwords($thread['subject']);
		$thread['subject'] = htmlspecialchars_uni($thread['subject']);
		$lang->unsubscribe_from_thread = $lang->sprintf($lang->unsubscribe_from_thread, $thread['subject']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_display_thread");

		eval("\$remove_thread_subscription = \"".$templates->get("usercp_removesubscription_thread")."\";");
		output_page($remove_thread_subscription);
		exit;
	}
}

if($mybb->input['action'] == "removesubscriptions")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	if($mybb->get_input('type') == "forum")
	{
		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscriptions_forum");

		$db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");
		if($server_http_referer)
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=forumsubscriptions";
		}
		redirect($url, $lang->redirect_forumsubscriptionsremoved);
	}
	else
	{
		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscriptions_thread");

		$db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'");
		if($server_http_referer)
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=subscriptions";
		}
		redirect($url, $lang->redirect_subscriptionsremoved);
	}

}

if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
}

if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


	$plugins->run_hooks("usercp_do_editsig_start");

 

	// User currently has a suspended signature
	if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW)
	{
		error_no_permission();
	}

 

	// User currently has a suspended signature
	if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW)
	{
		error_no_permission();
	}

 

	$plugins->run_hooks("usercp_do_editsig_start");


	if($mybb->get_input('updateposts') == "enable")
	{


	if($mybb->get_input('updateposts') == "enable")
	{

Zeile 1930Zeile 2349
		// Usergroup has no permission to use this facility
		error_no_permission();
	}

 
		// Usergroup has no permission to use this facility
		error_no_permission();
	}

	else if($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])

	elseif($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])

	{
		// Usergroup can use this facility, but only after x posts
		error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));

	{
		// Usergroup can use this facility, but only after x posts
		error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));

Zeile 2004Zeile 2423
		$sig = htmlspecialchars_uni($sig);
		$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);


 
		$sig = htmlspecialchars_uni($sig);
		$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);


		if($mybb->settings['bbcodeinserter'] != 0 || $mybb->user['showcodebuttons'] != 0)

		if($mybb->settings['sigmycode'] != 0 && $mybb->settings['bbcodeinserter'] != 0 && $mybb->user['showcodebuttons'] != 0)

		{
			$codebuttons = build_mycode_inserter("signature");
		}

		{
			$codebuttons = build_mycode_inserter("signature");
		}

Zeile 2080Zeile 2499
			}

			// Because Gravatars are square, hijack the width

 
			}

			// Because Gravatars are square, hijack the width

			list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

			list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

			$maxheight = (int)$maxwidth;

			// Rating?

			$maxheight = (int)$maxwidth;

			// Rating?

Zeile 2138Zeile 2557
			{
				if($width && $height && $mybb->settings['maxavatardims'] != "")
				{

 
			{
				if($width && $height && $mybb->settings['maxavatardims'] != "")
				{

					list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

					list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

					if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
					{
						$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
						$avatar_error = $lang->error_avatartoobig;
					}
				}

 
					if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
					{
						$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
						$avatar_error = $lang->error_avatartoobig;
					}
				}

 
			}

			// Limiting URL string to stay within database limit
			if(strlen($mybb->input['avatarurl']) > 200)
			{
				$avatar_error = $lang->error_avatarurltoolong;

			}

			if(empty($avatar_error))

			}

			if(empty($avatar_error))

Zeile 2198Zeile 2623

	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
	eval("\$currentavatar = \"".$templates->get("usercp_avatar_current")."\";");

 

	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
	eval("\$currentavatar = \"".$templates->get("usercp_avatar_current")."\";");





	if($mybb->settings['maxavatardims'] != "")
	{

 
	if($mybb->settings['maxavatardims'] != "")
	{

		list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

		list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
	}


		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
	}


Zeile 2209Zeile 2634
	{
		$maxsize = get_friendly_size($mybb->settings['avatarsize']*1024);
		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);

 
	{
		$maxsize = get_friendly_size($mybb->settings['avatarsize']*1024);
		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);

	}

	}


	$plugins->run_hooks("usercp_avatar_intermediate");

 

	$plugins->run_hooks("usercp_avatar_intermediate");





	$auto_resize = '';
	if($mybb->settings['avatarresizing'] == "auto")

 
	$auto_resize = '';
	if($mybb->settings['avatarresizing'] == "auto")

	{

	{

		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");
	}

 
		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");
	}

	else if($mybb->settings['avatarresizing'] == "user")

	elseif($mybb->settings['avatarresizing'] == "user")

	{
		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
	}

	{
		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
	}

Zeile 2227Zeile 2652
	if($mybb->usergroup['canuploadavatars'] == 1)
	{
		eval("\$avatarupload = \"".$templates->get("usercp_avatar_upload")."\";");

 
	if($mybb->usergroup['canuploadavatars'] == 1)
	{
		eval("\$avatarupload = \"".$templates->get("usercp_avatar_upload")."\";");

	}

	}


	$avatar_remote = '';
	if($mybb->settings['allowremoteavatars'] == 1)
	{
		eval("\$avatar_remote = \"".$templates->get("usercp_avatar_remote")."\";");

 

	$avatar_remote = '';
	if($mybb->settings['allowremoteavatars'] == 1)
	{
		eval("\$avatar_remote = \"".$templates->get("usercp_avatar_remote")."\";");

	}

	}


	$removeavatar = '';
	if(!empty($mybb->user['avatar']))
	{
		eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";");

 

	$removeavatar = '';
	if(!empty($mybb->user['avatar']))
	{
		eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";");

	}

	}


	$plugins->run_hooks("usercp_avatar_end");



	$plugins->run_hooks("usercp_avatar_end");


Zeile 2253Zeile 2678
}

if($mybb->input['action'] == "acceptrequest")

 
}

if($mybb->input['action'] == "acceptrequest")

{
	// Verify incoming POST request

{
	// Verify incoming POST request

	verify_post_check($mybb->get_input('my_post_key'));

 
	verify_post_check($mybb->get_input('my_post_key'));





	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
	$request = $db->fetch_array($query);

	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
	$request = $db->fetch_array($query);

Zeile 2274Zeile 2699
		if($user['buddylist'] != '')
		{
			$user['buddylist'] = explode(',', $user['buddylist']);

 
		if($user['buddylist'] != '')
		{
			$user['buddylist'] = explode(',', $user['buddylist']);

		}

		}

		else
		{
			$user['buddylist'] = array();

 
		else
		{
			$user['buddylist'] = array();

		}

		$user['buddylist'][] = (int)$mybb->user['uid'];

		// Now we have the new list, so throw it all back together

		}

		$user['buddylist'][] = (int)$mybb->user['uid'];

		// Now we have the new list, so throw it all back together

		$new_list = implode(",", $user['buddylist']);

		// And clean it up a little to ensure there is no possibility of bad values

		$new_list = implode(",", $user['buddylist']);

		// And clean it up a little to ensure there is no possibility of bad values

Zeile 2296Zeile 2721
		if(my_substr($new_list, -1) == ",")
		{
			$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);

 
		if(my_substr($new_list, -1) == ",")
		{
			$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);

		}


		}


		$user['buddylist'] = $db->escape_string($new_list);

 
		$user['buddylist'] = $db->escape_string($new_list);





		$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");



		$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");



Zeile 2309Zeile 2734
			$mybb->user['buddylist'] = explode(',', $mybb->user['buddylist']);
		}
		else

 
			$mybb->user['buddylist'] = explode(',', $mybb->user['buddylist']);
		}
		else

		{

		{

			$mybb->user['buddylist'] = array();
		}


			$mybb->user['buddylist'] = array();
		}


Zeile 2364Zeile 2789

	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);

 

	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);

	$request = $db->fetch_array($query);
	if(empty($request))
	{
		error($lang->invalid_request);
	}


	$request = $db->fetch_array($query);
	if(empty($request))
	{
		error($lang->invalid_request);
	}


	$plugins->run_hooks("usercp_declinerequest_start");

	$user = get_user($request['uid']);

	$plugins->run_hooks("usercp_declinerequest_start");

	$user = get_user($request['uid']);

Zeile 2651Zeile 3076
	}

	// Removing a user from this list

 
	}

	// Removing a user from this list

	else if($mybb->get_input('delete', MyBB::INPUT_INT))

	elseif($mybb->get_input('delete', MyBB::INPUT_INT))

	{
		// Check if user exists on the list
		$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);

	{
		// Check if user exists on the list
		$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);

Zeile 2771Zeile 3196
			if($new_list == "")
			{
				echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";

 
			if($new_list == "")
			{
				echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";

 
				echo "\$(\"#buddylink\").remove();\n";
				

				if($mybb->get_input('manage') == "ignored")
				{
					echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";

				if($mybb->get_input('manage') == "ignored")
				{
					echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";

Zeile 3028Zeile 3455
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


 
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


	$plugins->run_hooks("usercp_do_drafts_start");

 
	$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY);
	if(empty($mybb->input['deletedraft']))
	{
		error($lang->no_drafts_selected);
	}

 
	$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY);
	if(empty($mybb->input['deletedraft']))
	{
		error($lang->no_drafts_selected);
	}

 

	$plugins->run_hooks("usercp_do_drafts_start");


	$pidin = array();
	$tidin = array();

 
	$pidin = array();
	$tidin = array();

 


	foreach($mybb->input['deletedraft'] as $id => $val)
	{
		if($val == "post")

 
	foreach($mybb->input['deletedraft'] as $id => $val)
	{
		if($val == "post")

		{

		{

			$pidin[] = "'".(int)$id."'";
		}
		elseif($val == "thread")
		{
			$tidin[] = "'".(int)$id."'";

 
			$pidin[] = "'".(int)$id."'";
		}
		elseif($val == "thread")
		{
			$tidin[] = "'".(int)$id."'";

		}

		}

	}
	if($tidin)
	{

	}
	if($tidin)
	{

Zeile 3073Zeile 3503

if($mybb->input['action'] == "usergroups")
{

 

if($mybb->input['action'] == "usergroups")
{

	$plugins->run_hooks("usercp_usergroups_start");

 
	$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].",";

 
	$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].",";





	$usergroups = $mybb->cache->read('usergroups');

 
	$usergroups = $mybb->cache->read('usergroups');

 

	$plugins->run_hooks("usercp_usergroups_start");


	// Changing our display group
	if($mybb->get_input('displaygroup', MyBB::INPUT_INT))

 

	// Changing our display group
	if($mybb->get_input('displaygroup', MyBB::INPUT_INT))

	{
		// Verify incoming POST request

	{
		// Verify incoming POST request

		verify_post_check($mybb->get_input('my_post_key'));

		if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)

		verify_post_check($mybb->get_input('my_post_key'));

		if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)

Zeile 3098Zeile 3529
		$cache->update_moderators();
		$plugins->run_hooks("usercp_usergroups_change_displaygroup");
		redirect("usercp.php?action=usergroups", $lang->display_group_changed);

 
		$cache->update_moderators();
		$plugins->run_hooks("usercp_usergroups_change_displaygroup");
		redirect("usercp.php?action=usergroups", $lang->display_group_changed);

		exit;
	}

		exit;
	}


	// Leaving a group
	if($mybb->get_input('leavegroup', MyBB::INPUT_INT))


	// Leaving a group
	if($mybb->get_input('leavegroup', MyBB::INPUT_INT))

Zeile 3152Zeile 3583
		if($usergroup['type'] == 5)
		{
			error($lang->cannot_join_invite_group);

 
		if($usergroup['type'] == 5)
		{
			error($lang->cannot_join_invite_group);

		}


		}


		if(($usergroup['type'] != 4 && $usergroup['type'] != 3) || !$usergroup['gid'])
		{
			error($lang->cannot_join_group);

 
		if(($usergroup['type'] != 4 && $usergroup['type'] != 3) || !$usergroup['gid'])
		{
			error($lang->cannot_join_group);

		}


		}


		if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false)

 
		if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false)

		{

		{

			error($lang->already_member_of_group);

 
			error($lang->already_member_of_group);

		}

		}


		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");
		$joinrequest = $db->fetch_array($query);

 

		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");
		$joinrequest = $db->fetch_array($query);

 


		if($joinrequest['rid'])

 
		if($joinrequest['rid'])

		{

		{

			error($lang->already_sent_join_request);
		}

 
			error($lang->already_sent_join_request);
		}

 


		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
		{

 
		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
		{

 
			$reasonlength = my_strlen($mybb->get_input('reason'));
			
			if($reasonlength > 250) // Reason field is varchar(250) in database
			{
				error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250)));
			}


			$now = TIME_NOW;
			$joinrequest = array(
				"uid" => $mybb->user['uid'],

			$now = TIME_NOW;
			$joinrequest = array(
				"uid" => $mybb->user['uid'],

Zeile 3462Zeile 3902

if($mybb->input['action'] == "attachments")
{

 

if($mybb->input['action'] == "attachments")
{

	$plugins->run_hooks("usercp_attachments_start");

 
	require_once MYBB_ROOT."inc/functions_upload.php";

	if($mybb->settings['enableattachments'] == 0)

 
	require_once MYBB_ROOT."inc/functions_upload.php";

	if($mybb->settings['enableattachments'] == 0)

	{

	{

		error($lang->attachments_disabled);

 
		error($lang->attachments_disabled);

	}

	$attachments = '';
















	}

	$plugins->run_hooks("usercp_attachments_start");

	// Get unviewable forums
	$f_perm_sql = '';
	$unviewable_forums = get_unviewable_forums(true);
	$inactiveforums = get_inactive_forums();
	if($unviewable_forums)
	{
		$f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)";
	}
	if($inactiveforums)
	{
		$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";
	}

	$attachments = '';


	// Pagination
	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)


	// Pagination
	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

Zeile 3484Zeile 3938
	if($page > 0)
	{
		$start = ($page-1) * $perpage;

 
	if($page > 0)
	{
		$start = ($page-1) * $perpage;

	}

	}

	else
	{
		$start = 0;

	else
	{
		$start = 0;

Zeile 3496Zeile 3950

	$query = $db->query("
		SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubject

 

	$query = $db->query("
		SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubject

		FROM ".TABLE_PREFIX."attachments a
		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)

		FROM ".TABLE_PREFIX."attachments a
		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)

		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)

 
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)

		WHERE a.uid='".$mybb->user['uid']."'

		WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}

		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
	");


 
		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
	");


	$bandwidth = $totaldownloads = 0;

	$bandwidth = $totaldownloads = $totalusage = $totalattachments = $processedattachments = 0;

	while($attachment = $db->fetch_array($query))
	{
		if($attachment['dateline'] && $attachment['tid'])

	while($attachment = $db->fetch_array($query))
	{
		if($attachment['dateline'] && $attachment['tid'])

Zeile 3522Zeile 3976
			$altbg = alt_trow();

			eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";");

 
			$altbg = alt_trow();

			eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";");





			// Add to bandwidth total
			$bandwidth += ($attachment['filesize'] * $attachment['downloads']);
			$totaldownloads += $attachment['downloads'];

 
			// Add to bandwidth total
			$bandwidth += ($attachment['filesize'] * $attachment['downloads']);
			$totaldownloads += $attachment['downloads'];

		}



			$totalusage += $attachment['filesize'];
			++$totalattachments;
		}

		else
		{
			// This little thing delets attachments without a thread/post
			remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']);
		}

 
		else
		{
			// This little thing delets attachments without a thread/post
			remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']);
		}

 
		++$processedattachments;

	}


 
	}


	$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'");
	$usage = $db->fetch_array($query);
	$totalusage = $usage['ausage'];
	$totalattachments = $usage['acount'];
	$friendlyusage = get_friendly_size($totalusage);
	if($mybb->usergroup['attachquota'])

	if($processedattachments >= $perpage || $page > 1)






	{

 
	{

		$percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100)."%";



















		$query = $db->query("
			SELECT SUM(a.filesize) AS ausage, COUNT(a.aid) AS acount
			FROM ".TABLE_PREFIX."attachments a
			LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
			LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
			WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}
		");
		$usage = $db->fetch_array($query);
		$totalusage = $usage['ausage'];
		$totalattachments = $usage['acount'];

		$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
	}

	$friendlyusage = get_friendly_size((int)$totalusage);
	if($mybb->usergroup['attachquota'])
	{
		$percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100);
		$friendlyusage .= $lang->sprintf($lang->attachments_usage_percent, $percent);

		$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);

 
		$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);

		$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);

		$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $totalattachments);

	}
	else
	{

 
	}
	else
	{

		$percent = $lang->unlimited;

 
		$attachquota = $lang->unlimited;
		$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);

 
		$attachquota = $lang->unlimited;
		$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);

	}

	$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
	$bandwidth = get_friendly_size($bandwidth);

	}

	$bandwidth = get_friendly_size($bandwidth);



	if(!$attachments)
	{
		eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";");
		$usagenote = '';

 

	if(!$attachments)
	{
		eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";");
		$usagenote = '';

	}

	$plugins->run_hooks("usercp_attachments_end");


	}

	$plugins->run_hooks("usercp_attachments_end");


	eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";");
	output_page($manageattachments);
}

	eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";");
	output_page($manageattachments);
}

Zeile 3571Zeile 4039
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


	$plugins->run_hooks("usercp_do_attachments_start");




	require_once MYBB_ROOT."inc/functions_upload.php";
	if(!isset($mybb->input['attachments']) || !is_array($mybb->input['attachments']))
	{
		error($lang->no_attachments_selected);
	}

 
	require_once MYBB_ROOT."inc/functions_upload.php";
	if(!isset($mybb->input['attachments']) || !is_array($mybb->input['attachments']))
	{
		error($lang->no_attachments_selected);
	}

 

	$plugins->run_hooks("usercp_do_attachments_start");

	// Get unviewable forums
	$f_perm_sql = '';
	$unviewable_forums = get_unviewable_forums(true);
	$inactiveforums = get_inactive_forums();
	if($unviewable_forums)
	{
		$f_perm_sql = " AND p.fid NOT IN ($unviewable_forums)";
	}
	if($inactiveforums)
	{
		$f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)";
	}


	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

 
	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");









	$query = $db->query("
		SELECT a.*, p.fid
		FROM ".TABLE_PREFIX."attachments a
		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
		WHERE aid IN ({$aids}) AND a.uid={$mybb->user['uid']} {$f_perm_sql}
	");


	while($attachment = $db->fetch_array($query))

 
	while($attachment = $db->fetch_array($query))

	{

	{

		remove_attachment($attachment['pid'], '', $attachment['aid']);
	}
	$plugins->run_hooks("usercp_do_attachments_end");

		remove_attachment($attachment['pid'], '', $attachment['aid']);
	}
	$plugins->run_hooks("usercp_do_attachments_end");

Zeile 3760Zeile 4250
	if($mybb->settings['usereferrals'] == 1)
	{
		$referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);

 
	if($mybb->settings['usereferrals'] == 1)
	{
		$referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);

 

		$referral_count = (int) $mybb->user['referrals'];
		if($referral_count > 0)
		{
			$uid = (int) $mybb->user['uid'];
			eval("\$mybb->user['referrals'] = \"".$templates->get('member_referrals_link')."\";");
		}


		eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";");
	}


		eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";");
	}


Zeile 3837Zeile 4335

				foreach($subscriptions as $thread)
				{

 

				foreach($subscriptions as $thread)
				{

 
					$plugins->run_hooks("usercp_thread_subscriptions_thread");

					$folder = '';
					$folder_label = '';
					$gotounread = '';

					$folder = '';
					$folder_label = '';
					$gotounread = '';

Zeile 4029Zeile 4528
		$latest_threads_threads = '';
		foreach($threadcache as $thread)
		{

 
		$latest_threads_threads = '';
		foreach($threadcache as $thread)
		{

 
			$plugins->run_hooks("usercp_latest_threads_thread"); 

			if($thread['tid'])
			{
				$bgcolor = alt_trow();

			if($thread['tid'])
			{
				$bgcolor = alt_trow();

Zeile 4145Zeile 4645

				if($thread['closed'] == 1)
				{

 

				if($thread['closed'] == 1)
				{

					$folder .= "lock";
					$folder_label .= $lang->icon_lock;

					$folder .= "close";
					$folder_label .= $lang->icon_close;

				}

				$folder .= "folder";

				}

				$folder .= "folder";