Vergleich inc/datahandlers/user.php - 1.8.15 - 1.8.26

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 187	Zeile 187
} // Has the user tried to use their email address or username as a password?	} // Has the user tried to use their email address or username as a password?
if($user['email'] === $user['password'] \|\| $user['username'] === $user['password'] \|\| strpos($user['password'], $user['email']) !== false \|\| strpos($user['password'], $user['username']) !== false \|\| strpos($user['email'], $user['password']) !== false \|\| strpos($user['username'], $user['password']) !== false)	if(!empty($user['email']) && !empty($user['username']))
{	{
$this->set_error('bad_password_security'); return false;	if($user['email'] === $user['password'] \|\| $user['username'] === $user['password'] \|\| strpos($user['password'], $user['email']) !== false \|\| strpos($user['password'], $user['username']) !== false \|\| strpos($user['email'], $user['password']) !== false \|\| strpos($user['username'], $user['password']) !== false) { $this->set_error('bad_password_security'); return false; }
} // See if the board has "require complex passwords" enabled.	} // See if the board has "require complex passwords" enabled.
Zeile 220	Zeile 223
// Combine the password and salt $password_fields = create_password($user['password'], false, $user); $user = array_merge($user, $password_fields);	// Combine the password and salt $password_fields = create_password($user['password'], false, $user); $user = array_merge($user, $password_fields);
return true; } /**	return true; } /**
* Verifies usergroup selections and other group details.	* Verifies usergroup selections and other group details.
* * @return boolean True when valid, false when invalid.	* * @return boolean True when valid, false when invalid.
*/ function verify_usergroup() {	*/ function verify_usergroup() {
Zeile 241	Zeile 244
function verify_email() { global $mybb;	function verify_email() { global $mybb;
$user = &$this->data;	$user = &$this->data;
// Check if an email address has actually been entered. if(trim_blank_chrs($user['email']) == '')	// Check if an email address has actually been entered. if(trim_blank_chrs($user['email']) == '')
Zeile 308	Zeile 311
if(!empty($website) && !my_validate_url($website)) { $this->set_error('invalid_website');	if(!empty($website) && !my_validate_url($website)) { $this->set_error('invalid_website');
return false; } return true; } /**	return false; } return true; } /**
* Verifies if an ICQ number is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if an ICQ number is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 322	Zeile 325
function verify_icq() { $icq = &$this->data['icq'];	function verify_icq() { $icq = &$this->data['icq'];

if($icq != '' && !is_numeric($icq)) { $this->set_error("invalid_icq_number"); return false; } $icq = (int)$icq;	if($icq != '' && !is_numeric($icq)) { $this->set_error("invalid_icq_number"); return false; } $icq = (int)$icq;
return true; } /**	return true; } /**
* Verifies if a birthday is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if a birthday is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 358	Zeile 361
if($birthday['day'] != 0 \|\| $birthday['month'] != 0) { if($birthday['day'] < 1 \|\| $birthday['day'] > 31 \|\| $birthday['month'] < 1 \|\| $birthday['month'] > 12 \|\| ($birthday['month'] == 2 && $birthday['day'] > 29))	if($birthday['day'] != 0 \|\| $birthday['month'] != 0) { if($birthday['day'] < 1 \|\| $birthday['day'] > 31 \|\| $birthday['month'] < 1 \|\| $birthday['month'] > 12 \|\| ($birthday['month'] == 2 && $birthday['day'] > 29))
{ $this->set_error("invalid_birthday"); return false; } }	{ $this->set_error("invalid_birthday"); return false; } }
// Check if the day actually exists. $months = get_bdays($birthday['year']); if($birthday['month'] != 0 && $birthday['day'] > $months[$birthday['month']-1])	// Check if the day actually exists. $months = get_bdays($birthday['year']); if($birthday['month'] != 0 && $birthday['day'] > $months[$birthday['month']-1])
Zeile 378	Zeile 381
$this->set_error("invalid_birthday"); return false; }	$this->set_error("invalid_birthday"); return false; }
else if($birthday['year'] == date("Y"))	elseif($birthday['year'] == date("Y"))
{ // Error if birth date is in future if($birthday['month'] > date("m") \|\| ($birthday['month'] == date("m") && $birthday['day'] > date("d")))	{ // Error if birth date is in future if($birthday['month'] > date("m") \|\| ($birthday['month'] == date("m") && $birthday['day'] > date("d")))
Zeile 397	Zeile 400
elseif(($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) && !is_moderator()) { $this->set_error("invalid_birthday_coppa2");	elseif(($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) && !is_moderator()) { $this->set_error("invalid_birthday_coppa2");
return false; }	return false; }
// Make the user's birthday field if($birthday['year'] != 0) { // If the year is specified, put together a d-m-y string $user['bday'] = $birthday['day']."-".$birthday['month']."-".$birthday['year'];	// Make the user's birthday field if($birthday['year'] != 0) { // If the year is specified, put together a d-m-y string $user['bday'] = $birthday['day']."-".$birthday['month']."-".$birthday['year'];
}	}
elseif($birthday['day'] && $birthday['month']) { // If only a day and month are specified, put together a d-m string $user['bday'] = $birthday['day']."-".$birthday['month']."-";	elseif($birthday['day'] && $birthday['month']) { // If only a day and month are specified, put together a d-m string $user['bday'] = $birthday['day']."-".$birthday['month']."-";
}	}
else { // No field is specified, so return an empty string for an unknown birthday $user['bday'] = '';	else { // No field is specified, so return an empty string for an unknown birthday $user['bday'] = '';
} return true; }	} return true; }
/** * Verifies if the birthday privacy option is valid or not.	/** * Verifies if the birthday privacy option is valid or not.
Zeile 452	Zeile 455
if(isset($user['postnum']) && $user['postnum'] < 0) { $this->set_error("invalid_postnum");	if(isset($user['postnum']) && $user['postnum'] < 0) { $this->set_error("invalid_postnum");
return false; } return true; }	return false; } return true; }
/** * Verifies if the thread count field is filled in correctly. *	/** * Verifies if the thread count field is filled in correctly. *
Zeile 470	Zeile 473
if(isset($user['threadnum']) && $user['threadnum'] < 0) { $this->set_error("invalid_threadnum");	if(isset($user['threadnum']) && $user['threadnum'] < 0) { $this->set_error("invalid_threadnum");
return false; } return true; }	return false; } return true; }
/** * Verifies if a profile fields are filled in correctly.	/** * Verifies if a profile fields are filled in correctly.
Zeile 492	Zeile 495
// Fetch all profile fields first. $pfcache = $cache->read('profilefields');	// Fetch all profile fields first. $pfcache = $cache->read('profilefields');

if(is_array($pfcache)) { // Then loop through the profile fields.	if(is_array($pfcache)) { // Then loop through the profile fields.
Zeile 527	Zeile 530
// If the profile field is required, but not filled in, present error. if($type != "multiselect" && $type != "checkbox")	// If the profile field is required, but not filled in, present error. if($type != "multiselect" && $type != "checkbox")
{	{
if(trim($profile_fields[$field]) == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP') && THIS_SCRIPT != "modcp.php") { $this->set_error('missing_required_profile_field', array($profilefield['name']));	if(trim($profile_fields[$field]) == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP') && THIS_SCRIPT != "modcp.php") { $this->set_error('missing_required_profile_field', array($profilefield['name']));
Zeile 562	Zeile 565
$expoptions = explode("\n", $thing[1]); $expoptions = array_map('trim', $expoptions); if(!in_array(htmlspecialchars_uni($profile_fields[$field]), $expoptions) && trim($profile_fields[$field]) != "")	$expoptions = explode("\n", $thing[1]); $expoptions = array_map('trim', $expoptions); if(!in_array(htmlspecialchars_uni($profile_fields[$field]), $expoptions) && trim($profile_fields[$field]) != "")
{	{
$this->set_error('bad_profile_field_values', array($profilefield['name'])); } $options = $db->escape_string($profile_fields[$field]);	$this->set_error('bad_profile_field_values', array($profilefield['name'])); } $options = $db->escape_string($profile_fields[$field]);
Zeile 612	Zeile 615
$user['referrer_uid'] = $referrer['uid']; }	$user['referrer_uid'] = $referrer['uid']; }
else { $user['referrer_uid'] = 0; }	else { $user['referrer_uid'] = 0; }
return true; }	return true; }
Zeile 628	Zeile 631
function verify_options() { global $mybb;	function verify_options() { global $mybb;

$options = &$this->data['options']; // Verify yes/no options.	$options = &$this->data['options']; // Verify yes/no options.
Zeile 683	Zeile 686
{ $options['dst'] = 1; }	{ $options['dst'] = 1; }
else if($options['dstcorrection'] == 0)	elseif($options['dstcorrection'] == 0)
{ $options['dst'] = 0; }	{ $options['dst'] = 0; }
if($this->method == "insert" \|\| (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded"))	if($this->method == "insert" \|\| (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded" && $options['threadmode'] != ''))
{	{
if($mybb->settings['threadusenetstyle']) { $options['threadmode'] = 'threaded'; } else { $options['threadmode'] = 'linear'; }	$options['threadmode'] = '';
} // Verify the "threads per page" option.	} // Verify the "threads per page" option.
Zeile 706	Zeile 702
if(!isset($options['tpp'])) { $options['tpp'] = 0;	if(!isset($options['tpp'])) { $options['tpp'] = 0;
}	}
$explodedtpp = explode(",", $mybb->settings['usertppoptions']); if(is_array($explodedtpp)) {	$explodedtpp = explode(",", $mybb->settings['usertppoptions']); if(is_array($explodedtpp)) {
Zeile 758	Zeile 754
/** * Verifies if a registration date is valid or not.	/** * Verifies if a registration date is valid or not.
* * @return boolean True when valid, false when invalid. */	* * @return boolean True when valid, false when invalid. */
function verify_regdate() { $regdate = &$this->data['regdate'];	function verify_regdate() { $regdate = &$this->data['regdate'];
Zeile 776	Zeile 772
/** * Verifies if a last visit date is valid or not.	/** * Verifies if a last visit date is valid or not.
* * @return boolean True when valid, false when invalid. */	* * @return boolean True when valid, false when invalid. */
function verify_lastvisit() { $lastvisit = &$this->data['lastvisit'];	function verify_lastvisit() { $lastvisit = &$this->data['lastvisit'];
Zeile 790	Zeile 786
$lastvisit = TIME_NOW; } return true;	$lastvisit = TIME_NOW; } return true;

} /** * Verifies if a last active date is valid or not.	} /** * Verifies if a last active date is valid or not.
* * @return boolean True when valid, false when invalid.	* * @return boolean True when valid, false when invalid.
*/ function verify_lastactive() {	*/ function verify_lastactive() {
Zeile 830	Zeile 826
$user['away']['returndate'] = 0; $user['away']['awayreason'] = ''; return true;	$user['away']['returndate'] = 0; $user['away']['awayreason'] = ''; return true;
} else if($user['away']['returndate']) {	} elseif($user['away']['returndate']) { // Validate the awayreason length, since the db holds 200 chars for this field $reasonlength = my_strlen($user['away']['awayreason']); if($reasonlength > 200) { $this->set_error("away_too_long", array($reasonlength - 200)); return false; }
list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']); if(!$returnday \|\| !$returnmonth \|\| !$returnyear) { $this->set_error("missing_returndate"); return false; }	list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']); if(!$returnday \|\| !$returnmonth \|\| !$returnyear) { $this->set_error("missing_returndate"); return false; }

// Validate the return date lengths $user['away']['returndate'] = substr($returnday, 0, 2).'-'.substr($returnmonth, 0, 2).'-'.substr($returnyear, 0, 4); }	// Validate the return date lengths $user['away']['returndate'] = substr($returnday, 0, 2).'-'.substr($returnmonth, 0, 2).'-'.substr($returnyear, 0, 4); }
Zeile 848	Zeile 852
/** * Verifies if a language is valid for this user or not.	/** * Verifies if a language is valid for this user or not.
* * @return boolean True when valid, false when invalid. */	* * @return boolean True when valid, false when invalid. */
function verify_language() { global $lang;	function verify_language() { global $lang;
Zeile 902	Zeile 906
// An invalid language has been specified? if($user['regcheck1'] !== "" \|\| $user['regcheck2'] !== "true")	// An invalid language has been specified? if($user['regcheck1'] !== "" \|\| $user['regcheck2'] !== "true")
{	{
$this->set_error("invalid_checkfield"); return false; } return true; }	$this->set_error("invalid_checkfield"); return false; } return true; }

/** * Verifies if the user timezone is valid. * If the timezone is invalid, the board default is used.	/** * Verifies if the user timezone is valid. * If the timezone is invalid, the board default is used.
Zeile 917	Zeile 921
*/ function verify_timezone() {	*/ function verify_timezone() {
	global $mybb;
$user = &$this->data; $timezones = get_supported_timezones();	$user = &$this->data; $timezones = get_supported_timezones();
Zeile 1084	Zeile 1090
$user = &$this->data;	$user = &$this->data;
$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'aim', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');	$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');
foreach($array as $value) { if(!isset($user[$value])) { $user[$value] = ''; }	foreach($array as $value) { if(!isset($user[$value])) { $user[$value] = ''; }
	} // If user is being created from ACP, there is no last visit or last active if(defined('IN_ADMINCP')) { $user['lastvisit'] = $user['lastactive'] = 0;
} $this->user_insert_data = array(	} $this->user_insert_data = array(
Zeile 1112	Zeile 1124
"lastvisit" => (int)$user['lastvisit'], "website" => $db->escape_string($user['website']), "icq" => (int)$user['icq'],	"lastvisit" => (int)$user['lastvisit'], "website" => $db->escape_string($user['website']), "icq" => (int)$user['icq'],
"aim" => $db->escape_string($user['aim']), "yahoo" => $db->escape_string($user['yahoo']),
"skype" => $db->escape_string($user['skype']), "google" => $db->escape_string($user['google']), "birthday" => $user['bday'],	"skype" => $db->escape_string($user['skype']), "google" => $db->escape_string($user['google']), "birthday" => $user['bday'],
Zeile 1156	Zeile 1166
"referrals" => 0, "buddylist" => '', "ignorelist" => '',	"referrals" => 0, "buddylist" => '', "ignorelist" => '',
"pmfolders" => '',	"pmfolders" => "0$%%$1$%%$2$%%$3$%%$4**",
"notepad" => '', "warningpoints" => 0, "moderateposts" => 0,	"notepad" => '', "warningpoints" => 0, "moderateposts" => 0,
Zeile 1172	Zeile 1182
{ $this->user_insert_data['dst'] = 1; }	{ $this->user_insert_data['dst'] = 1; }
else if($user['options']['dstcorrection'] == 0)	elseif($user['options']['dstcorrection'] == 0)
{ $this->user_insert_data['dst'] = 0; }	{ $this->user_insert_data['dst'] = 0; }
Zeile 1272	Zeile 1282
} if(isset($user['email'])) {	} if(isset($user['email'])) {
$this->user_update_data['email'] = $user['email'];	$this->user_update_data['email'] = $db->escape_string($user['email']);
} if(isset($user['postnum'])) {	} if(isset($user['postnum'])) {
Zeile 1326	Zeile 1336
if(isset($user['icq'])) { $this->user_update_data['icq'] = (int)$user['icq'];	if(isset($user['icq'])) { $this->user_update_data['icq'] = (int)$user['icq'];
} if(isset($user['aim'])) { $this->user_update_data['aim'] = $db->escape_string($user['aim']); } if(isset($user['yahoo'])) { $this->user_update_data['yahoo'] = $db->escape_string($user['yahoo']);
} if(isset($user['skype'])) {	} if(isset($user['skype'])) {
Zeile 1584	Zeile 1586
$plugins->run_hooks("datahandler_user_delete_end", $this); // Update cache	$plugins->run_hooks("datahandler_user_delete_end", $this); // Update cache
$cache->update_banned();
$cache->update_moderators(); $cache->update_forumsdisplay(); $cache->update_reportedcontent();	$cache->update_moderators(); $cache->update_forumsdisplay(); $cache->update_reportedcontent();
Zeile 1744	Zeile 1745
"website" => "", "birthday" => "", "icq" => "",	"website" => "", "birthday" => "", "icq" => "",
"aim" => "", "yahoo" => "",
"skype" => "", "google" => "", "usertitle" => "",	"skype" => "", "google" => "", "usertitle" => "",
Zeile 1796	Zeile 1795
$parser_options = array( 'allow_html' => $mybb->settings['sightml'],	$parser_options = array( 'allow_html' => $mybb->settings['sightml'],
'filter_badwords' => 1,
'allow_mycode' => $mybb->settings['sigmycode'], 'allow_smilies' => $mybb->settings['sigsmilies'], 'allow_imgcode' => $mybb->settings['sigimgcode'],	'allow_mycode' => $mybb->settings['sigmycode'], 'allow_smilies' => $mybb->settings['sigsmilies'], 'allow_imgcode' => $mybb->settings['sigimgcode'],
Zeile 1823	Zeile 1821
if($mybb->settings['sigcountmycode'] == 0) {	if($mybb->settings['sigcountmycode'] == 0) {
$parsed_sig = $parser->text_parse_message($this->data['signature']);	$parsed_sig = $parser->text_parse_message($this->data['signature'], array('signature_parse' => '1'));
} else {	} else {