| Zeile 246 | Zeile 246 |
|---|
$password_fields = create_password($password, $user['salt'], $user);
return my_hash_equals($user['password'], $password_fields['password']);
|
$password_fields = create_password($password, $user['salt'], $user);
return my_hash_equals($user['password'], $password_fields['password']);
|
}
}
/**
* Performs a timing attack safe string comparison.
*
* @param string $known_string The first string to be compared.
* @param string $user_string The second, user-supplied string to be compared.
* @return bool Result of the comparison.
*/
function my_hash_equals($known_string, $user_string)
{
if(version_compare(PHP_VERSION, '5.6.0', '>='))
{
return hash_equals($known_string, $user_string);
}
else
{
$known_string_length = my_strlen($known_string);
$user_string_length = my_strlen($user_string);
if($user_string_length != $known_string_length)
{
return false;
}
$result = 0;
for($i = 0; $i < $known_string_length; $i++)
{
$result |= ord($known_string[$i]) ^ ord($user_string[$i]);
}
return $result === 0;
| |
}
}
| }
}
|
| Zeile 397 | Zeile 363 |
|---|
* @return boolean True when success, false when otherwise.
*/
function remove_subscribed_thread($tid, $uid=0)
|
* @return boolean True when success, false when otherwise.
*/
function remove_subscribed_thread($tid, $uid=0)
|
{
global $mybb, $db;
if(!$uid)
{
$uid = $mybb->user['uid'];
}
| {
global $mybb, $db;
if(!$uid)
{
$uid = $mybb->user['uid'];
}
|
if(!$uid)
{
return false;
}
$db->delete_query("threadsubscriptions", "tid='".$tid."' AND uid='{$uid}'");
|
if(!$uid)
{
return false;
}
$db->delete_query("threadsubscriptions", "tid='".$tid."' AND uid='{$uid}'");
|
return true;
|
return true;
|
}
/**
| }
/**
|
| Zeile 425 | Zeile 391 |
|---|
function add_subscribed_forum($fid, $uid=0)
{
global $mybb, $db;
|
function add_subscribed_forum($fid, $uid=0)
{
global $mybb, $db;
|
if(!$uid)
|
if(!$uid)
|
{
$uid = $mybb->user['uid'];
}
| {
$uid = $mybb->user['uid'];
}
|
| Zeile 462 | Zeile 428 |
|---|
* @return boolean True when success, false when otherwise.
*/
function remove_subscribed_forum($fid, $uid=0)
|
* @return boolean True when success, false when otherwise.
*/
function remove_subscribed_forum($fid, $uid=0)
|
{
| {
|
global $mybb, $db;
|
global $mybb, $db;
|
|
|
if(!$uid)
{
$uid = $mybb->user['uid'];
|
if(!$uid)
{
$uid = $mybb->user['uid'];
|
}
| }
|
if(!$uid)
{
return false;
| if(!$uid)
{
return false;
|
| Zeile 520 | Zeile 486 |
|---|
*
*/
function usercp_menu_messenger()
|
*
*/
function usercp_menu_messenger()
|
{
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapse, $collapsed, $collapsedimg;
| {
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapse, $collapsed, $collapsedimg;
|
$expaltext = (in_array("usercppms", $collapse)) ? "[+]" : "[-]";
$usercp_nav_messenger = $templates->get("usercp_nav_messenger");
// Hide tracking link if no permission
| $expaltext = (in_array("usercppms", $collapse)) ? "[+]" : "[-]";
$usercp_nav_messenger = $templates->get("usercp_nav_messenger");
// Hide tracking link if no permission
|
| Zeile 759 | Zeile 725 |
|---|
switch($fid)
{
|
switch($fid)
{
|
case 1:
| case 0:
|
return $lang->folder_inbox;
|
return $lang->folder_inbox;
|
| | break;
case 1:
return $lang->folder_unread;
|
break;
case 2:
return $lang->folder_sent_items;
| break;
case 2:
return $lang->folder_sent_items;
|