Vergleich usercp.php - 1.8.18 - 1.8.27

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 32	Zeile 32
require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php";	require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php";
	require_once MYBB_ROOT."inc/functions_search.php";
require_once MYBB_ROOT."inc/functions_user.php"; require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser;	require_once MYBB_ROOT."inc/functions_user.php"; require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser;
Zeile 42	Zeile 43
if($mybb->user['uid'] == 0 \|\| $mybb->usergroup['canusercp'] == 0) { error_no_permission();	if($mybb->user['uid'] == 0 \|\| $mybb->usergroup['canusercp'] == 0) { error_no_permission();
} if(!$mybb->user['pmfolders']) { $mybb->user['pmfolders'] = '1$%%$2$%%$3$%%$4'; $db->update_query('users', array('pmfolders' => $mybb->user['pmfolders']), "uid = {$mybb->user['uid']}");
} $errors = '';	} $errors = '';
$mybb->input['action'] = $mybb->get_input('action');	$mybb->input['action'] = $mybb->get_input('action');
usercp_menu();	usercp_menu();

$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);	$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);
	if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0) { if(my_strpos($server_http_referer, '/') === 0) { $server_http_referer = my_substr($server_http_referer, 1); } $url_segments = explode('/', $server_http_referer); $server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments); }
$plugins->run_hooks("usercp_start"); if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")	$plugins->run_hooks("usercp_start"); if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
Zeile 144	Zeile 149
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$plugins->run_hooks("usercp_do_profile_start");	$plugins->run_hooks("usercp_do_profile_start");
Zeile 156	Zeile 163
if(!$mybb->get_input('awaymonth', MyBB::INPUT_INT)) { $mybb->input['awaymonth'] = my_date('n', $awaydate);	if(!$mybb->get_input('awaymonth', MyBB::INPUT_INT)) { $mybb->input['awaymonth'] = my_date('n', $awaydate);
}	}
if(!$mybb->get_input('awayyear', MyBB::INPUT_INT)) { $mybb->input['awayyear'] = my_date('Y', $awaydate);	if(!$mybb->get_input('awayyear', MyBB::INPUT_INT)) { $mybb->input['awayyear'] = my_date('Y', $awaydate);
}	}
$return_month = (int)substr($mybb->get_input('awaymonth'), 0, 2); $return_day = (int)substr($mybb->get_input('awayday'), 0, 2);	$return_month = (int)substr($mybb->get_input('awaymonth'), 0, 2); $return_day = (int)substr($mybb->get_input('awayday'), 0, 2);
Zeile 175	Zeile 182
} $returndate = "{$return_day}-{$return_month}-{$return_year}";	} $returndate = "{$return_day}-{$return_month}-{$return_year}";
} else	} else
{ $returndate = ""; }	{ $returndate = ""; }
Zeile 185	Zeile 192
"date" => $awaydate, "returndate" => $returndate, "awayreason" => $mybb->get_input('awayreason')	"date" => $awaydate, "returndate" => $returndate, "awayreason" => $mybb->get_input('awayreason')
);	);
} else {	} else {
Zeile 207	Zeile 214
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "postnum" => $mybb->user['postnum'], "usergroup" => $mybb->user['usergroup'],	"uid" => $mybb->user['uid'], "postnum" => $mybb->user['postnum'], "usergroup" => $mybb->user['usergroup'],
Zeile 216	Zeile 223
"birthdayprivacy" => $mybb->get_input('birthdayprivacy'), "away" => $away, "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)	"birthdayprivacy" => $mybb->get_input('birthdayprivacy'), "away" => $away, "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)
); foreach(array('icq', 'yahoo', 'skype', 'google') as $cfield)	)); foreach(array('icq', 'skype', 'google') as $cfield)
{ $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '')	{ $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '')
Zeile 233	Zeile 240
if($cfield == 'icq') { $user[$cfield] = $mybb->get_input($cfield, 1);	if($cfield == 'icq') { $user[$cfield] = $mybb->get_input($cfield, 1);
	if(my_strlen($user[$cfield]) > 10) { error($lang->contact_field_icqerror); }
} else { $user[$cfield] = $mybb->get_input($cfield);	} else { $user[$cfield] = $mybb->get_input($cfield);
	if(my_strlen($user[$cfield]) > 75) { error($lang->contact_field_error); }
} } if($mybb->usergroup['canchangewebsite'] == 1)	} } if($mybb->usergroup['canchangewebsite'] == 1)
{ $user['website'] = $mybb->get_input('website'); }	{ $user['website'] = $mybb->get_input('website'); }
if($mybb->usergroup['cancustomtitle'] == 1) { if($mybb->get_input('usertitle') != '') { $user['usertitle'] = $mybb->get_input('usertitle');	if($mybb->usergroup['cancustomtitle'] == 1) { if($mybb->get_input('usertitle') != '') { $user['usertitle'] = $mybb->get_input('usertitle');
}	}
elseif(!empty($mybb->input['reverttitle'])) { $user['usertitle'] = ''; } } $userhandler->set_data($user);	elseif(!empty($mybb->input['reverttitle'])) { $user['usertitle'] = ''; } } $userhandler->set_data($user);

if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); $raw_errors = $userhandler->get_errors(); // Set to stored value if invalid	if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); $raw_errors = $userhandler->get_errors(); // Set to stored value if invalid
if(array_key_exists("invalid_birthday_privacy", $raw_errors)) {	if(array_key_exists("invalid_birthday_privacy", $raw_errors) \|\| array_key_exists("conflicted_birthday_privacy", $raw_errors)) {
$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];	$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];
	$bday = explode("-", $mybb->user['birthday']); if(isset($bday[2])) { $mybb->input['bday3'] = $bday[2]; }
} $errors = inline_error($errors); $mybb->input['action'] = "profile";	} $errors = inline_error($errors); $mybb->input['action'] = "profile";
} else	} else
{ $userhandler->update_user();	{ $userhandler->update_user();
Zeile 299	Zeile 322
{ $bday[1] = 0; }	{ $bday[1] = 0; }
if(!isset($bday[2])) { $bday[2] = ''; }	} if(!isset($bday[2]) \|\| $bday[2] == 0) { $bday[2] = '';
} $plugins->run_hooks("usercp_profile_start");	} $plugins->run_hooks("usercp_profile_start");
Zeile 366	Zeile 389
{ $user['skype'] = htmlspecialchars_uni($user['skype']); $user['google'] = htmlspecialchars_uni($user['google']);	{ $user['skype'] = htmlspecialchars_uni($user['skype']); $user['google'] = htmlspecialchars_uni($user['google']);
$user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
} $contact_fields = array(); $contactfields = ''; $cfieldsshow = false;	} $contact_fields = array(); $contactfields = ''; $cfieldsshow = false;
foreach(array('icq', 'yahoo', 'skype', 'google') as $cfield)	foreach(array('icq', 'skype', 'google') as $cfield)
{ $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field';	{ $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field';
Zeile 442	Zeile 464
if(!isset($returndate[2])) { $returndate[2] = '';	if(!isset($returndate[2])) { $returndate[2] = '';
}	}
} $returndatesel = '';	} $returndatesel = '';
Zeile 571	Zeile 593
} eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");	} eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");
}	}
if(!$profilefield['length']) { $profilefield['length'] = 1;	if(!$profilefield['length']) { $profilefield['length'] = 1;
Zeile 582	Zeile 604
} elseif($type == "radio") {	} elseif($type == "radio") {
	$userfield = htmlspecialchars_uni($userfield);
$expoptions = explode("\n", $options); if(is_array($expoptions)) {	$expoptions = explode("\n", $options); if(is_array($expoptions)) {
Zeile 599	Zeile 622
} elseif($type == "checkbox") {	} elseif($type == "checkbox") {
	$userfield = htmlspecialchars_uni($userfield);
if($errors) { $useropts = $userfield;	if($errors) { $useropts = $userfield;
Zeile 641	Zeile 665
if($profilefield['maxlength'] > 0) { $maxlength = " maxlength=\"{$profilefield['maxlength']}\"";	if($profilefield['maxlength'] > 0) { $maxlength = " maxlength=\"{$profilefield['maxlength']}\"";
}	}
eval("\$code = \"".$templates->get("usercp_profile_profilefields_text")."\";"); }	eval("\$code = \"".$templates->get("usercp_profile_profilefields_text")."\";"); }
Zeile 739	Zeile 763
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$plugins->run_hooks("usercp_do_options_start");	$plugins->run_hooks("usercp_do_options_start");
Zeile 746	Zeile 772
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "style" => $mybb->get_input('style', MyBB::INPUT_INT), "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),	"uid" => $mybb->user['uid'], "style" => $mybb->get_input('style', MyBB::INPUT_INT), "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),
Zeile 755	Zeile 781
"language" => $mybb->get_input('language'), 'usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $mybb->user['additionalgroups']	"language" => $mybb->get_input('language'), 'usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $mybb->user['additionalgroups']
);	));
$user['options'] = array( "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),	$user['options'] = array( "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),
Zeile 785	Zeile 811
if($mybb->settings['usertppoptions']) { $user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);	if($mybb->settings['usertppoptions']) { $user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);
}	}
if($mybb->settings['userpppoptions']) {	if($mybb->settings['userpppoptions']) {
Zeile 793	Zeile 819
} $userhandler->set_data($user);	} $userhandler->set_data($user);

if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); $errors = inline_error($errors); $mybb->input['action'] = "options";	if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); $errors = inline_error($errors); $mybb->input['action'] = "options";
} else {	} else {
$userhandler->update_user(); $plugins->run_hooks("usercp_do_options_end");	$userhandler->update_user(); $plugins->run_hooks("usercp_do_options_end");
Zeile 812	Zeile 838
if($mybb->input['action'] == "options") {	if($mybb->input['action'] == "options") {
$plugins->run_hooks("usercp_options_start");
if($errors != '') { $user = $mybb->input;	if($errors != '') { $user = $mybb->input;
Zeile 821	Zeile 845
else { $user = $mybb->user;	else { $user = $mybb->user;
}	} $plugins->run_hooks("usercp_options_start");
$languages = $lang->get_languages(); $board_language = $langoptions = ''; if(count($languages) > 1)	$languages = $lang->get_languages(); $board_language = $langoptions = ''; if(count($languages) > 1)
{	{
foreach($languages as $name => $language) { $language = htmlspecialchars_uni($language);	foreach($languages as $name => $language) { $language = htmlspecialchars_uni($language);

$sel = ''; if(isset($user['language']) && $user['language'] == $name) {	$sel = ''; if(isset($user['language']) && $user['language'] == $name) {
Zeile 838	Zeile 864
} eval('$langoptions .= "'.$templates->get('usercp_options_language_option').'";');	} eval('$langoptions .= "'.$templates->get('usercp_options_language_option').'";');
}	}
eval('$board_language = "'.$templates->get('usercp_options_language').'";'); }	eval('$board_language = "'.$templates->get('usercp_options_language').'";'); }
Zeile 853	Zeile 879
$allownoticescheck = ""; }	$allownoticescheck = ""; }
if(isset($user['invisible']) && $user['invisible'] == 1)	$canbeinvisible = ''; // Check usergroup permission before showing invisible check box if($mybb->usergroup['canbeinvisible'] == 1)
{	{
$invisiblecheck = "checked=\"checked\""; } else { $invisiblecheck = "";	if(isset($user['invisible']) && $user['invisible'] == 1) { $invisiblecheck = "checked=\"checked\""; } else { $invisiblecheck = ""; } eval('$canbeinvisible = "'.$templates->get("usercp_options_invisible")."\";");
} if(isset($user['hideemail']) && $user['hideemail'] == 1)	} if(isset($user['hideemail']) && $user['hideemail'] == 1)
Zeile 1195	Zeile 1228
} else {	} else {
if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != 1 && $mybb->settings['regtype'] != "verify")	$activation = false; // Checking for pending activations for non-activated accounts if($mybb->user['usergroup'] == 5 && ($mybb->settings['regtype'] == "verify" \|\| $mybb->settings['regtype'] == "both")) { $query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND (type='r' OR type='b')"); $activation = $db->fetch_array($query); } if($activation) { $userhandler->update_user(); $db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'"); // Send new activation mail for non-activated accounts $activationcode = random_str(); $activationarray = array( "uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "code" => $activationcode, "type" => $activation['type'] ); $db->insert_query("awaitingactivation", $activationarray); $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); switch($mybb->settings['username_method']) { case 0: $emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; case 1: $emailmessage = $lang->sprintf($lang->email_activateaccount1, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; case 2: $emailmessage = $lang->sprintf($lang->email_activateaccount2, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; default: $emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; } my_mail($mybb->user['email'], $emailsubject, $emailmessage); $plugins->run_hooks("usercp_do_email_changed"); redirect("usercp.php?action=email", $lang->redirect_emailupdated); } elseif($mybb->usergroup['cancp'] != 1 && ($mybb->settings['regtype'] == "verify" \|\| $mybb->settings['regtype'] == "both"))
{ $uid = $mybb->user['uid']; $username = $mybb->user['username'];	{ $uid = $mybb->user['uid']; $username = $mybb->user['username'];
Zeile 1203	Zeile 1279
// Emails require verification $activationcode = random_str(); $db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'");	// Emails require verification $activationcode = random_str(); $db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'");

$newactivation = array( "uid" => $mybb->user['uid'], "dateline" => TIME_NOW,	$newactivation = array( "uid" => $mybb->user['uid'], "dateline" => TIME_NOW,
Zeile 1247	Zeile 1323
{ $email = htmlspecialchars_uni($mybb->get_input('email')); $email2 = htmlspecialchars_uni($mybb->get_input('email2'));	{ $email = htmlspecialchars_uni($mybb->get_input('email')); $email2 = htmlspecialchars_uni($mybb->get_input('email2'));
} else	} else
{ $email = $email2 = '';	{ $email = $email2 = '';
} $plugins->run_hooks("usercp_email");	} $plugins->run_hooks("usercp_email");
eval("\$changemail = \"".$templates->get("usercp_email")."\";"); output_page($changemail);	eval("\$changemail = \"".$templates->get("usercp_email")."\";"); output_page($changemail);
Zeile 1264	Zeile 1340
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$errors = array();	$errors = array();

$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false) {	$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false) {
Zeile 1277	Zeile 1354
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "password" => $mybb->get_input('password'), "password2" => $mybb->get_input('password2')	"uid" => $mybb->user['uid'], "password" => $mybb->get_input('password'), "password2" => $mybb->get_input('password2')
);	));
$userhandler->set_data($user);	$userhandler->set_data($user);
Zeile 1323	Zeile 1400
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_changename_start");	$errors = array();
if($mybb->usergroup['canchangename'] != 1)	if($mybb->usergroup['canchangename'] != 1)
{	{
error_no_permission();	error_no_permission();
}	} $user = array(); $plugins->run_hooks("usercp_do_changename_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)
{	{
$errors[] = $lang->error_invalidpassword; } else	$errors[] = $lang->error_invalidpassword; } else
Zeile 1339	Zeile 1421
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "username" => $mybb->get_input('username')	"uid" => $mybb->user['uid'], "username" => $mybb->get_input('username')
);	));
$userhandler->set_data($user);	$userhandler->set_data($user);
Zeile 1355	Zeile 1437
$userhandler->update_user(); $plugins->run_hooks("usercp_do_changename_end"); redirect("usercp.php?action=changename", $lang->redirect_namechanged);	$userhandler->update_user(); $plugins->run_hooks("usercp_do_changename_end"); redirect("usercp.php?action=changename", $lang->redirect_namechanged);

} } if(count($errors) > 0)	} } if(count($errors) > 0)
{	{
$errors = inline_error($errors); $mybb->input['action'] = "changename";	$errors = inline_error($errors); $mybb->input['action'] = "changename";
} }	} }
if($mybb->input['action'] == "changename") {	if($mybb->input['action'] == "changename") {
Zeile 1371	Zeile 1452
if($mybb->usergroup['canchangename'] != 1) { error_no_permission();	if($mybb->usergroup['canchangename'] != 1) { error_no_permission();
}	} // Coming back to this page after one or more errors were experienced, show field the user previously entered (with the exception of the password) if($errors) { $username = htmlspecialchars_uni($mybb->get_input('username')); } else { $username = ''; }
$plugins->run_hooks("usercp_changename_end"); eval("\$changename = \"".$templates->get("usercp_changename")."\";");	$plugins->run_hooks("usercp_changename_end"); eval("\$changename = \"".$templates->get("usercp_changename")."\";");
Zeile 1383	Zeile 1474
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_subscriptions_start");
if(!isset($mybb->input['check']) \|\| !is_array($mybb->input['check'])) { error($lang->no_subscriptions_selected); }	if(!isset($mybb->input['check']) \|\| !is_array($mybb->input['check'])) { error($lang->no_subscriptions_selected); }
	$plugins->run_hooks("usercp_do_subscriptions_start");
// Clean input - only accept integers thanks! $mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));	// Clean input - only accept integers thanks! $mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));
Zeile 1430	Zeile 1521
$plugins->run_hooks("usercp_subscriptions_start"); // Thread visiblity	$plugins->run_hooks("usercp_subscriptions_start"); // Thread visiblity
$visible = "AND t.visible != 0"; if(is_moderator() == true)	$where = array( "s.uid={$mybb->user['uid']}", get_visible_where('t') ); if($unviewable_forums = get_unviewable_forums(true)) { $where[] = "t.fid NOT IN ({$unviewable_forums})"; } if($inactive_forums = get_inactive_forums())
{	{
$visible = '';	$where[] = "t.fid NOT IN ({$inactive_forums})";
}	}
	$where = implode(' AND ', $where);
// Do Multi Pages $query = $db->query("	// Do Multi Pages $query = $db->query("
SELECT COUNT(ts.tid) as threads FROM ".TABLE_PREFIX."threadsubscriptions ts LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = ts.tid) WHERE ts.uid = '".$mybb->user['uid']."' AND t.visible >= 0 {$visible}	SELECT COUNT(s.tid) as threads FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = s.tid) WHERE {$where}
"); $threadcount = $db->fetch_field($query, "threads"); if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)	"); $threadcount = $db->fetch_field($query, "threads"); if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)
{	{
$mybb->settings['threadsperpage'] = 20; }	$mybb->settings['threadsperpage'] = 20; }
Zeile 1461	Zeile 1563
{ $start = 0; $page = 1;	{ $start = 0; $page = 1;
} }	} }
else { $start = 0;	else { $start = 0;
Zeile 1485	Zeile 1587
FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)	FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE s.uid='".$mybb->user['uid']."' and t.visible >= 0 {$visible}	WHERE {$where}
ORDER BY t.lastpost DESC LIMIT $start, $perpage ");	ORDER BY t.lastpost DESC LIMIT $start, $perpage ");
Zeile 1493	Zeile 1595
{ $forumpermissions = $fpermissions[$subscription['fid']];	{ $forumpermissions = $fpermissions[$subscription['fid']];
if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid']))	if(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid'])
{ // Hmm, you don't have permission to view this thread - unsubscribe! $del_subscriptions[] = $subscription['sid'];	{ // Hmm, you don't have permission to view this thread - unsubscribe! $del_subscriptions[] = $subscription['sid'];
}	}
elseif($subscription['tid']) { $subscriptions[$subscription['tid']] = $subscription; } }	elseif($subscription['tid']) { $subscriptions[$subscription['tid']] = $subscription; } }

if(!empty($del_subscriptions)) { $sids = implode(',', $del_subscriptions);	if(!empty($del_subscriptions)) { $sids = implode(',', $del_subscriptions);
Zeile 1516	Zeile 1618
$threadcount = $threadcount - count($del_subscriptions); if($threadcount < 0)	$threadcount = $threadcount - count($del_subscriptions); if($threadcount < 0)
{	{
$threadcount = 0; } }	$threadcount = 0; } }
Zeile 1616	Zeile 1718
$isnew = 0; $donenew = 0; $lastread = 0;	$isnew = 0; $donenew = 0; $lastread = 0;
if($mybb->settings['threadreadcut'] > 0) { $forum_read = $readforums[$thread['fid']];	if($mybb->settings['threadreadcut'] > 0) {
$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']6060*24;	$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']6060*24;
if($forum_read == 0 \|\| $forum_read < $read_cutoff) {	if(empty($readforums[$thread['fid']]) \|\| $readforums[$thread['fid']] < $read_cutoff) {
$forum_read = $read_cutoff;	$forum_read = $read_cutoff;
	} else { $forum_read = $readforums[$thread['fid']];
} }	} }
Zeile 1636	Zeile 1740
if($thread['lastpost'] > $cutoff) {	if($thread['lastpost'] > $cutoff) {
if($thread['lastread'])	if(!empty($thread['lastread']))
{ $lastread = $thread['lastread']; }	{ $lastread = $thread['lastread']; }
Zeile 1684	Zeile 1788
{ $folder .= "close"; $folder_label .= $lang->icon_close;	{ $folder .= "close"; $folder_label .= $lang->icon_close;
}	}
$folder .= "folder"; if($thread['visible'] == 0)	$folder .= "folder"; if($thread['visible'] == 0)
Zeile 1695	Zeile 1799
// Build last post info $lastpostdate = my_date('relative', $thread['lastpost']);	// Build last post info $lastpostdate = my_date('relative', $thread['lastpost']);
	$lastposteruid = $thread['lastposteruid'];
if(!$lastposteruid && !$thread['lastposter']) { $lastposter = htmlspecialchars_uni($lang->guest);	if(!$lastposteruid && !$thread['lastposter']) { $lastposter = htmlspecialchars_uni($lang->guest);
Zeile 1703	Zeile 1808
{ $lastposter = htmlspecialchars_uni($thread['lastposter']); }	{ $lastposter = htmlspecialchars_uni($thread['lastposter']); }
$lastposteruid = $thread['lastposteruid'];
// Don't link to guest's profiles (they have no profile). if($lastposteruid == 0) { $lastposterlink = $lastposter;	// Don't link to guest's profiles (they have no profile). if($lastposteruid == 0) { $lastposterlink = $lastposter;
}	}
else { $lastposterlink = build_profile_link($lastposter, $lastposteruid);	else { $lastposterlink = build_profile_link($lastposter, $lastposteruid);
Zeile 1747	Zeile 1851
eval("\$subscriptions = \"".$templates->get("usercp_subscriptions")."\";"); output_page($subscriptions);	eval("\$subscriptions = \"".$templates->get("usercp_subscriptions")."\";"); output_page($subscriptions);
}	}
if($mybb->input['action'] == "forumsubscriptions") {	if($mybb->input['action'] == "forumsubscriptions") {
Zeile 1870	Zeile 1974
$thread = get_thread($mybb->get_input('tid')); if(!$thread \|\| $thread['visible'] == -1)	$thread = get_thread($mybb->get_input('tid')); if(!$thread \|\| $thread['visible'] == -1)
{ error($lang->error_invalidthread); }	{ error($lang->error_invalidthread); }
// Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']);	// Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']);
Zeile 1887	Zeile 1991
if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission();	if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission();
}	}
// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);	// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);

// Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_do_addsubscription"); add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));	// Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_do_addsubscription"); add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));

if($mybb->get_input('referrer')) {	if($mybb->get_input('referrer')) {
$url = htmlspecialchars_uni($mybb->get_input('referrer'));	$mybb->input['referrer'] = $mybb->get_input('referrer'); if(my_strpos($mybb->input['referrer'], $mybb->settings['bburl'].'/') !== 0) { if(my_strpos($mybb->input['referrer'], '/') === 0) { $mybb->input['referrer'] = my_substr($mybb->input['url'], 1); } $url_segments = explode('/', $mybb->input['referrer']); $mybb->input['referrer'] = $mybb->settings['bburl'].'/'.end($url_segments); } $url = htmlspecialchars_uni($mybb->input['referrer']);
} else {	} else {
Zeile 1933	Zeile 2049
$plugins->run_hooks("usercp2_addsubscription_forum"); add_subscribed_forum($forum['fid']);	$plugins->run_hooks("usercp2_addsubscription_forum"); add_subscribed_forum($forum['fid']);
if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; }	if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; }
else { $url = "index.php";	else { $url = "index.php";
Zeile 1967	Zeile 2083
if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission();	if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission();
}	}
// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);	// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);
Zeile 1996	Zeile 2112
elseif($mybb->user['subscriptionmethod'] == 3) { $notification_pm_checked = "checked=\"checked\"";	elseif($mybb->user['subscriptionmethod'] == 3) { $notification_pm_checked = "checked=\"checked\"";
} // Naming of the hook retained for backward compatibility while dropping usercp2.php	} // Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_addsubscription_thread");	$plugins->run_hooks("usercp2_addsubscription_thread");

eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";"); output_page($add_subscription); exit; } }	eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";"); output_page($add_subscription); exit; } }
	if($mybb->input['action'] == "removesubscription" && ($mybb->request_method == "post" \|\| verify_post_check($mybb->get_input('my_post_key'), true))) { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_forum"); remove_subscribed_forum($forum['fid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionremoved); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_thread"); remove_subscribed_thread($thread['tid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionremoved); } } // Show remove subscription form when GET method and without valid my_post_key
if($mybb->input['action'] == "removesubscription") {	if($mybb->input['action'] == "removesubscription") {
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	$referrer = '';
if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum);	if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum);
} // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_forum"); remove_subscribed_forum($forum['fid']); if($server_http_referer && $mybb->request_method != 'post')	} add_breadcrumb($lang->nav_forumsubscriptions, "usercp.php?action=forumsubscriptions"); add_breadcrumb($lang->nav_removesubscription); $forumpermissions = forum_permissions($forum['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0)
{	{
$url = $server_http_referer;	error_no_permission();
}	}
else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionremoved);	// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']); $lang->unsubscribe_from_forum = $lang->sprintf($lang->unsubscribe_from_forum, $forum['name']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_display_forum"); eval("\$remove_forum_subscription = \"".$templates->get("usercp_removesubscription_forum")."\";"); output_page($remove_forum_subscription); exit;
} else {	} else {
$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread)	$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread \|\| $thread['visible'] == -1)
{ error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum?	{ error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);	$ismod = is_moderator($thread['fid']);
// Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true))	// Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true))
{	{
error($lang->error_invalidthread);	error($lang->error_invalidthread);
	} add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions"); add_breadcrumb($lang->nav_removesubscription); $forumpermissions = forum_permissions($thread['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission();
} // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);	} // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);
// Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_thread"); remove_subscribed_thread($thread['tid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionremoved);	require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser; $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); $lang->unsubscribe_from_thread = $lang->sprintf($lang->unsubscribe_from_thread, $thread['subject']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_display_thread"); eval("\$remove_thread_subscription = \"".$templates->get("usercp_removesubscription_thread")."\";"); output_page($remove_thread_subscription); exit;
} } if($mybb->input['action'] == "removesubscriptions")	} } if($mybb->input['action'] == "removesubscriptions")
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
if($mybb->get_input('type') == "forum") { // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscriptions_forum"); $db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");	if($mybb->get_input('type') == "forum") { // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscriptions_forum"); $db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");
if($server_http_referer) {	if($server_http_referer) {
$url = $server_http_referer; } else	$url = $server_http_referer; } else
Zeile 2116	Zeile 2309
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_editsig_start");
// User currently has a suspended signature if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) { error_no_permission(); }	// User currently has a suspended signature if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) { error_no_permission(); }
	$plugins->run_hooks("usercp_do_editsig_start");
if($mybb->get_input('updateposts') == "enable") {	if($mybb->get_input('updateposts') == "enable") {
Zeile 2254	Zeile 2447
{ $sigimgcode = $lang->off; }	{ $sigimgcode = $lang->off; }
	if($mybb->settings['siglength'] == 0) { $siglength = $lang->unlimited; } else { $siglength = $mybb->settings['siglength']; }
$sig = htmlspecialchars_uni($sig);	$sig = htmlspecialchars_uni($sig);
$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);	$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $siglength);

if($mybb->settings['bbcodeinserter'] != 0 \|\| $mybb->user['showcodebuttons'] != 0)	if($mybb->settings['sigmycode'] != 0 && $mybb->settings['bbcodeinserter'] != 0 && $mybb->user['showcodebuttons'] != 0)
{ $codebuttons = build_mycode_inserter("signature"); }	{ $codebuttons = build_mycode_inserter("signature"); }
Zeile 2281	Zeile 2484
$avatar_error = ""; if(!empty($mybb->input['remove'])) // remove avatar	$avatar_error = ""; if(!empty($mybb->input['remove'])) // remove avatar
{	{
$updated_avatar = array( "avatar" => "", "avatardimensions" => "",	$updated_avatar = array( "avatar" => "", "avatardimensions" => "",
Zeile 2297	Zeile 2500
error_no_permission(); } $avatar = upload_avatar();	error_no_permission(); } $avatar = upload_avatar();
if($avatar['error'])	if(!empty($avatar['error']))
{ $avatar_error = $avatar['error']; }	{ $avatar_error = $avatar['error']; }
Zeile 2306	Zeile 2509
if($avatar['width'] > 0 && $avatar['height'] > 0) { $avatar_dimensions = $avatar['width']."\|".$avatar['height'];	if($avatar['width'] > 0 && $avatar['height'] > 0) { $avatar_dimensions = $avatar['width']."\|".$avatar['height'];
} $updated_avatar = array(	} $updated_avatar = array(
"avatar" => $avatar['avatar'].'?dateline='.TIME_NOW, "avatardimensions" => $avatar_dimensions, "avatartype" => "upload" ); $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); }	"avatar" => $avatar['avatar'].'?dateline='.TIME_NOW, "avatardimensions" => $avatar_dimensions, "avatartype" => "upload" ); $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); }
	} elseif(!$mybb->settings['allowremoteavatars'] && !$_FILES['avatarupload']['name']) // missing avatar image { $avatar_error = $lang->error_avatarimagemissing;
} elseif($mybb->settings['allowremoteavatars']) // remote avatar {	} elseif($mybb->settings['allowremoteavatars']) // remote avatar {
Zeile 2398	Zeile 2605
$avatar_error = $lang->error_avatartoobig; } }	$avatar_error = $lang->error_avatartoobig; } }
	} // Limiting URL string to stay within database limit if(strlen($mybb->input['avatarurl']) > 200) { $avatar_error = $lang->error_avatarurltoolong;
} if(empty($avatar_error))	} if(empty($avatar_error))
Zeile 2459	Zeile 2672
} if($mybb->settings['avatarsize'])	} if($mybb->settings['avatarsize'])
{	{
$maxsize = get_friendly_size($mybb->settings['avatarsize']*1024); $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);	$maxsize = get_friendly_size($mybb->settings['avatarsize']*1024); $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);
} $plugins->run_hooks("usercp_avatar_intermediate");	} $plugins->run_hooks("usercp_avatar_intermediate");
$auto_resize = ''; if($mybb->settings['avatarresizing'] == "auto") { eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");	$auto_resize = ''; if($mybb->settings['avatarresizing'] == "auto") { eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");
}	}
elseif($mybb->settings['avatarresizing'] == "user") { eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");	elseif($mybb->settings['avatarresizing'] == "user") { eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
Zeile 2492	Zeile 2705
if(!empty($mybb->user['avatar'])) { eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";");	if(!empty($mybb->user['avatar'])) { eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";");
} $plugins->run_hooks("usercp_avatar_end");	} $plugins->run_hooks("usercp_avatar_end");
if(!isset($avatar_error)) { $avatar_error = ''; }	if(!isset($avatar_error)) { $avatar_error = ''; }

eval("\$avatar = \"".$templates->get("usercp_avatar")."\";"); output_page($avatar); }	eval("\$avatar = \"".$templates->get("usercp_avatar")."\";"); output_page($avatar); }

if($mybb->input['action'] == "acceptrequest")	if($mybb->input['action'] == "acceptrequest")
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); // Validate request	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); // Validate request
$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']); $request = $db->fetch_array($query); if(empty($request)) { error($lang->invalid_request); }	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']); $request = $db->fetch_array($query); if(empty($request)) { error($lang->invalid_request); }

$plugins->run_hooks("usercp_acceptrequest_start"); $user = get_user($request['uid']);	$plugins->run_hooks("usercp_acceptrequest_start"); $user = get_user($request['uid']);
Zeile 2529	Zeile 2742
$user['buddylist'] = explode(',', $user['buddylist']); } else	$user['buddylist'] = explode(',', $user['buddylist']); } else
{	{
$user['buddylist'] = array(); }	$user['buddylist'] = array(); }
Zeile 2555	Zeile 2768
$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");	$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");

// We want to add the user to our buddy list	// We want to add the user to our buddy list
if($mybb->user['buddylist'] != '') { $mybb->user['buddylist'] = explode(',', $mybb->user['buddylist']); }	if($mybb->user['buddylist'] != '') { $mybb->user['buddylist'] = explode(',', $mybb->user['buddylist']); }
else { $mybb->user['buddylist'] = array();	else { $mybb->user['buddylist'] = array();
} $mybb->user['buddylist'][] = (int)$request['uid'];	} $mybb->user['buddylist'][] = (int)$request['uid'];
// Now we have the new list, so throw it all back together $new_list = implode(",", $mybb->user['buddylist']);	// Now we have the new list, so throw it all back together $new_list = implode(",", $mybb->user['buddylist']);
Zeile 2599	Zeile 2812
send_pm($pm, $mybb->user['uid'], true); $db->delete_query('buddyrequests', 'id='.(int)$request['id']);	send_pm($pm, $mybb->user['uid'], true); $db->delete_query('buddyrequests', 'id='.(int)$request['id']);
}	}
else { error($lang->user_doesnt_exist);	else { error($lang->user_doesnt_exist);
Zeile 2611	Zeile 2824
} elseif($mybb->input['action'] == "declinerequest")	} elseif($mybb->input['action'] == "declinerequest")
{	{
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); // Validate request $query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); // Validate request $query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
$request = $db->fetch_array($query); if(empty($request))	$request = $db->fetch_array($query); if(empty($request)) { error($lang->invalid_request); } $plugins->run_hooks("usercp_declinerequest_start"); $user = get_user($request['uid']); if(!empty($user))
{	{
error($lang->invalid_request); } $plugins->run_hooks("usercp_declinerequest_start"); $user = get_user($request['uid']); if(!empty($user)) { $db->delete_query('buddyrequests', 'id='.(int)$request['id']);	$db->delete_query('buddyrequests', 'id='.(int)$request['id']);
} else { error($lang->user_doesnt_exist);	} else { error($lang->user_doesnt_exist);
} $plugins->run_hooks("usercp_declinerequest_end");	} $plugins->run_hooks("usercp_declinerequest_end");
redirect("usercp.php?action=editlists", $lang->buddyrequest_declined); }	redirect("usercp.php?action=editlists", $lang->buddyrequest_declined); }
Zeile 2660	Zeile 2873
$plugins->run_hooks("usercp_cancelrequest_end"); redirect("usercp.php?action=editlists", $lang->buddyrequest_cancelled);	$plugins->run_hooks("usercp_cancelrequest_end"); redirect("usercp.php?action=editlists", $lang->buddyrequest_cancelled);
}	}
if($mybb->input['action'] == "do_editlists") { // Verify incoming POST request	if($mybb->input['action'] == "do_editlists") { // Verify incoming POST request
Zeile 2676	Zeile 2889
if($mybb->user['ignorelist']) { $existing_users = explode(",", $mybb->user['ignorelist']);	if($mybb->user['ignorelist']) { $existing_users = explode(",", $mybb->user['ignorelist']);
} if($mybb->user['buddylist'])	} if($mybb->user['buddylist'])
{ // Create a list of buddies... $selected_list = explode(",", $mybb->user['buddylist']);	{ // Create a list of buddies... $selected_list = explode(",", $mybb->user['buddylist']);
Zeile 2725	Zeile 2938
continue; } $users[$key] = $db->escape_string($username);	continue; } $users[$key] = $db->escape_string($username);
}	}
// Get the requests we have sent that are still pending $query = $db->simple_select('buddyrequests', 'touid', 'uid='.(int)$mybb->user['uid']); $requests = array();	// Get the requests we have sent that are still pending $query = $db->simple_select('buddyrequests', 'touid', 'uid='.(int)$mybb->user['uid']); $requests = array();
Zeile 2854	Zeile 3067
elseif($mybb->get_input('manage') == "ignored") { $existing_users[] = $user['uid'];	elseif($mybb->get_input('manage') == "ignored") { $existing_users[] = $user['uid'];
} }	} }
} if($found_users < count($users)) { if($error_message)	} if($found_users < count($users)) { if($error_message)
{	{
$error_message .= "<br />"; }	$error_message .= "<br />"; }

$error_message .= $lang->invalid_user_selected; } if(($adding_self != true \|\| ($adding_self == true && count($users) > 0)) && ($error_message == "" \|\| count($users) > 1))	$error_message .= $lang->invalid_user_selected; } if(($adding_self != true \|\| ($adding_self == true && count($users) > 0)) && ($error_message == "" \|\| count($users) > 1))
{	{
if($mybb->get_input('manage') == "ignored")	if($mybb->get_input('manage') == "ignored")
{	{
$message = $lang->users_added_to_ignore_list;	$message = $lang->users_added_to_ignore_list;
}	}
else { $message = $lang->users_added_to_buddy_list;	else { $message = $lang->users_added_to_buddy_list;
}	}
} if($adding_self == true)	} if($adding_self == true)
Zeile 2885	Zeile 3098
if($mybb->get_input('manage') == "ignored") { $error_message = $lang->cant_add_self_to_ignore_list;	if($mybb->get_input('manage') == "ignored") { $error_message = $lang->cant_add_self_to_ignore_list;
}	}
else { $error_message = $lang->cant_add_self_to_buddy_list;	else { $error_message = $lang->cant_add_self_to_buddy_list;
Zeile 2893	Zeile 3106
} if(count($existing_users) == 0)	} if(count($existing_users) == 0)
{	{
$message = ""; if($sent === true)	$message = ""; if($sent === true)
Zeile 2918	Zeile 3131
if($user['buddylist'] != '') { $user['buddylist'] = explode(',', $user['buddylist']);	if($user['buddylist'] != '') { $user['buddylist'] = explode(',', $user['buddylist']);
} else {	} else {
$user['buddylist'] = array(); }	$user['buddylist'] = array(); }

$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $user['buddylist']); unset($user['buddylist'][$key]); // Now we have the new list, so throw it all back together $new_list = implode(",", $user['buddylist']);	$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $user['buddylist']); unset($user['buddylist'][$key]); // Now we have the new list, so throw it all back together $new_list = implode(",", $user['buddylist']);

// And clean it up a little to ensure there is no possibility of bad values $new_list = preg_replace("#,{2,}#", ",", $new_list); $new_list = preg_replace("#[^0-9,]#", "", $new_list);	// And clean it up a little to ensure there is no possibility of bad values $new_list = preg_replace("#,{2,}#", ",", $new_list); $new_list = preg_replace("#[^0-9,]#", "", $new_list);
Zeile 2937	Zeile 3150
if(my_substr($new_list, 0, 1) == ",") { $new_list = my_substr($new_list, 1);	if(my_substr($new_list, 0, 1) == ",") { $new_list = my_substr($new_list, 1);
}	}
if(my_substr($new_list, -1) == ",") { $new_list = my_substr($new_list, 0, my_strlen($new_list)-2);	if(my_substr($new_list, -1) == ",") { $new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
Zeile 2969	Zeile 3182
$new_list = preg_replace("#[^0-9,]#", "", $new_list); if(my_substr($new_list, 0, 1) == ",")	$new_list = preg_replace("#[^0-9,]#", "", $new_list); if(my_substr($new_list, 0, 1) == ",")
{	{
$new_list = my_substr($new_list, 1); } if(my_substr($new_list, -1) == ",")	$new_list = my_substr($new_list, 1); } if(my_substr($new_list, -1) == ",")
Zeile 2983	Zeile 3196
{ $user['ignorelist'] = $db->escape_string($new_list); $mybb->user['ignorelist'] = $user['ignorelist'];	{ $user['ignorelist'] = $db->escape_string($new_list); $mybb->user['ignorelist'] = $user['ignorelist'];
} else {	} else {
$user['buddylist'] = $db->escape_string($new_list); $mybb->user['buddylist'] = $user['buddylist']; }	$user['buddylist'] = $db->escape_string($new_list); $mybb->user['buddylist'] = $user['buddylist']; }

$db->update_query("users", $user, "uid='".$mybb->user['uid']."'"); $plugins->run_hooks("usercp_do_editlists_end");	$db->update_query("users", $user, "uid='".$mybb->user['uid']."'"); $plugins->run_hooks("usercp_do_editlists_end");

// Ajax based request, throw new list to browser if(!empty($mybb->input['ajax'])) {	// Ajax based request, throw new list to browser if(!empty($mybb->input['ajax'])) {
Zeile 3015	Zeile 3228
if($error_message) { $message_js .= " $.jGrowl('{$error_message}', {theme:'jgrowl_error'});";	if($error_message) { $message_js .= " $.jGrowl('{$error_message}', {theme:'jgrowl_error'});";
} if($mybb->get_input('delete', MyBB::INPUT_INT))	} if($mybb->get_input('delete', MyBB::INPUT_INT))
{ header("Content-type: text/javascript"); echo "$(\"#".$mybb->get_input('manage')."_".$mybb->get_input('delete', MyBB::INPUT_INT)."\").remove();\n"; if($new_list == "") { echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";	{ header("Content-type: text/javascript"); echo "$(\"#".$mybb->get_input('manage')."_".$mybb->get_input('delete', MyBB::INPUT_INT)."\").remove();\n"; if($new_list == "") { echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";
	echo "\$(\"#buddylink\").remove();\n";
if($mybb->get_input('manage') == "ignored")	if($mybb->get_input('manage') == "ignored")
{	{
echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n"; } else	echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n"; } else
Zeile 3049	Zeile 3264
$message .= "<br />".$error_message; } redirect("usercp.php?action=editlists#".$mybb->get_input('manage'), $message);	$message .= "<br />".$error_message; } redirect("usercp.php?action=editlists#".$mybb->get_input('manage'), $message);
}	}
} if($mybb->input['action'] == "editlists")	} if($mybb->input['action'] == "editlists")
Zeile 3065	Zeile 3280
{ $type = "buddy"; $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array("order_by" => "username"));	{ $type = "buddy"; $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array("order_by" => "username"));
while($user = $db->fetch_array($query)) { $user['username'] = htmlspecialchars_uni($user['username']); $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); if($user['lastactive'] > $timecut && ($user['invisible'] == 0 \|\| $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive']) { $status = "online"; } else {	while($user = $db->fetch_array($query)) { $user['username'] = htmlspecialchars_uni($user['username']); $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); if($user['lastactive'] > $timecut && ($user['invisible'] == 0 \|\| $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive']) { $status = "online"; } else {
$status = "offline"; } eval("\$buddy_list .= \"".$templates->get("usercp_editlists_user")."\";");	$status = "offline"; } eval("\$buddy_list .= \"".$templates->get("usercp_editlists_user")."\";");
Zeile 3114	Zeile 3329
$lang->current_ignored_users = $lang->sprintf($lang->current_ignored_users, $ignore_count); if(!$ignore_list)	$lang->current_ignored_users = $lang->sprintf($lang->current_ignored_users, $ignore_count); if(!$ignore_list)
{	{
eval("\$ignore_list = \"".$templates->get("usercp_editlists_no_ignored")."\";"); }	eval("\$ignore_list = \"".$templates->get("usercp_editlists_no_ignored")."\";"); }
Zeile 3122	Zeile 3337
if($mybb->request_method == "post" && $mybb->input['ajax'] == 1) { if($mybb->input['manage'] == "ignored")	if($mybb->request_method == "post" && $mybb->input['ajax'] == 1) { if($mybb->input['manage'] == "ignored")
{	{
echo $ignore_list; echo "<script type=\"text/javascript\"> $(\"#ignored_count\").html(\"{$ignore_count}\"); {$message_js}</script>"; }	echo $ignore_list; echo "<script type=\"text/javascript\"> $(\"#ignored_count\").html(\"{$ignore_count}\"); {$message_js}</script>"; }
Zeile 3138	Zeile 3353
WHERE r.uid=".(int)$mybb->user['uid']); while($request = $db->fetch_array($query))	WHERE r.uid=".(int)$mybb->user['uid']); while($request = $db->fetch_array($query))
{	{
$bgcolor = alt_trow(); $request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']); $request['date'] = my_date('relative', $request['date']);	$bgcolor = alt_trow(); $request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']); $request['date'] = my_date('relative', $request['date']);
Zeile 3152	Zeile 3367
eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");	eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");
echo $sentrequests;
echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>"; } else	echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>"; } else
Zeile 3162	Zeile 3376
} } exit;	} } exit;
} $received_rows = '';	} $received_rows = $bgcolor = '';
$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r	$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r
Zeile 3180	Zeile 3394
} if($received_rows == '')	} if($received_rows == '')
{	{
eval("\$received_rows = \"".$templates->get("usercp_editlists_no_requests")."\";"); } eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");	eval("\$received_rows = \"".$templates->get("usercp_editlists_no_requests")."\";"); } eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");
$sent_rows = '';	$sent_rows = $bgcolor = '';
$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r	$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r
Zeile 3233	Zeile 3447
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid) WHERE p.uid = '{$mybb->user['uid']}' AND p.visible = '-2'	LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid) WHERE p.uid = '{$mybb->user['uid']}' AND p.visible = '-2'
ORDER BY p.dateline DESC	ORDER BY p.dateline DESC, p.pid DESC
"); while($draft = $db->fetch_array($query))	"); while($draft = $db->fetch_array($query))
Zeile 3281	Zeile 3495
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_drafts_start");
$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY); if(empty($mybb->input['deletedraft'])) { error($lang->no_drafts_selected);	$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY); if(empty($mybb->input['deletedraft'])) { error($lang->no_drafts_selected);
}	} $plugins->run_hooks("usercp_do_drafts_start");
$pidin = array(); $tidin = array();	$pidin = array(); $tidin = array();

foreach($mybb->input['deletedraft'] as $id => $val) { if($val == "post")	foreach($mybb->input['deletedraft'] as $id => $val) { if($val == "post")
{	{
$pidin[] = "'".(int)$id."'"; } elseif($val == "thread")	$pidin[] = "'".(int)$id."'"; } elseif($val == "thread")
Zeile 3301	Zeile 3518
} } if($tidin)	} } if($tidin)
{	{
$tidin = implode(",", $tidin); $db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'"); $tidinp = "OR tid IN ($tidin)";	$tidin = implode(",", $tidin); $db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'"); $tidinp = "OR tid IN ($tidin)";
	} else { $tidinp = '';
} if($pidin \|\| $tidinp) {	} if($pidin \|\| $tidinp) {
Zeile 3326	Zeile 3547
if($mybb->input['action'] == "usergroups") {	if($mybb->input['action'] == "usergroups") {
$plugins->run_hooks("usercp_usergroups_start");
$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].",";	$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].",";

$usergroups = $mybb->cache->read('usergroups');	$usergroups = $mybb->cache->read('usergroups');
	$plugins->run_hooks("usercp_usergroups_start");
// Changing our display group if($mybb->get_input('displaygroup', MyBB::INPUT_INT))	// Changing our display group if($mybb->get_input('displaygroup', MyBB::INPUT_INT))
Zeile 3428	Zeile 3650
if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4) { $reasonlength = my_strlen($mybb->get_input('reason'));	if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4) { $reasonlength = my_strlen($mybb->get_input('reason'));

if($reasonlength > 250) // Reason field is varchar(250) in database { error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250)));	if($reasonlength > 250) // Reason field is varchar(250) in database { error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250)));
Zeile 3506	Zeile 3728
else { error($lang->no_pending_invitation);	else { error($lang->no_pending_invitation);
} }	} }
// Show listing of various group related things // List of groups this user is a leader of	// Show listing of various group related things // List of groups this user is a leader of
Zeile 3522	Zeile 3744
FROM ".TABLE_PREFIX."groupleaders l LEFT JOIN ".TABLE_PREFIX."usergroups g ON(g.gid=l.gid) LEFT JOIN ".TABLE_PREFIX."users u ON(((','\|\| u.additionalgroups\|\| ',' LIKE '%,'\|\| g.gid\|\| ',%') OR u.usergroup = g.gid))	FROM ".TABLE_PREFIX."groupleaders l LEFT JOIN ".TABLE_PREFIX."usergroups g ON(g.gid=l.gid) LEFT JOIN ".TABLE_PREFIX."users u ON(((','\|\| u.additionalgroups\|\| ',' LIKE '%,'\|\| g.gid\|\| ',%') OR u.usergroup = g.gid))
LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0)	LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0)
WHERE l.uid='".$mybb->user['uid']."' GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers ");	WHERE l.uid='".$mybb->user['uid']."' GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers ");
Zeile 3537	Zeile 3759
WHERE l.uid='".$mybb->user['uid']."' GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers ");	WHERE l.uid='".$mybb->user['uid']."' GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers ");
}	}
while($usergroup = $db->fetch_array($query)) {	while($usergroup = $db->fetch_array($query)) {
Zeile 3567	Zeile 3789
$usergroup = $usergroups[$mybb->user['usergroup']]; $usergroup['title'] = htmlspecialchars_uni($usergroup['title']); $usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);	$usergroup = $usergroups[$mybb->user['usergroup']]; $usergroup['title'] = htmlspecialchars_uni($usergroup['title']); $usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);
$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);	if($usergroup['description']) { $usergroup['description'] = htmlspecialchars_uni($usergroup['description']); eval("\$description = \"".$templates->get("usercp_usergroups_memberof_usergroup_description")."\";"); }
eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";"); $trow = alt_trow(); if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])	eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";"); $trow = alt_trow(); if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])
Zeile 3587	Zeile 3813
$showmemberof = false; if($mybb->user['additionalgroups']) {	$showmemberof = false; if($mybb->user['additionalgroups']) {
$query = $db->simple_select("usergroups", "*", "gid IN (".$mybb->user['additionalgroups'].") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title'));	$additionalgroups = implode( ',', array_map( 'intval', explode(',', $mybb->user['additionalgroups']) ) ); $query = $db->simple_select("usergroups", "*", "gid IN (".$additionalgroups.") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title'));
while($usergroup = $db->fetch_array($query)) { $showmemberof = true;	while($usergroup = $db->fetch_array($query)) { $showmemberof = true;
Zeile 3642	Zeile 3875
$existinggroups = $mybb->user['usergroup']; if($mybb->user['additionalgroups']) {	$existinggroups = $mybb->user['usergroup']; if($mybb->user['additionalgroups']) {
$existinggroups .= ",".$mybb->user['additionalgroups'];	$additionalgroups = implode( ',', array_map( 'intval', explode(',', $mybb->user['additionalgroups']) ) ); $existinggroups .= ",".$additionalgroups;
} $joinablegroups = $joinablegrouplist = '';	} $joinablegroups = $joinablegrouplist = '';
Zeile 3650	Zeile 3890
while($usergroup = $db->fetch_array($query)) { $trow = alt_trow();	while($usergroup = $db->fetch_array($query)) { $trow = alt_trow();

$description = ''; $usergroup['title'] = htmlspecialchars_uni($usergroup['title']); if($usergroup['description']) { $usergroup['description'] = htmlspecialchars_uni($usergroup['description']); eval("\$description = \"".$templates->get("usercp_usergroups_joinable_usergroup_description")."\";");	$description = ''; $usergroup['title'] = htmlspecialchars_uni($usergroup['title']); if($usergroup['description']) { $usergroup['description'] = htmlspecialchars_uni($usergroup['description']); eval("\$description = \"".$templates->get("usercp_usergroups_joinable_usergroup_description")."\";");
}	}
// Moderating join requests? if($usergroup['type'] == 4)	// Moderating join requests? if($usergroup['type'] == 4)
{	{
$conditions = $lang->usergroup_joins_moderated;	$conditions = $lang->usergroup_joins_moderated;
} elseif($usergroup['type'] == 5) {	} elseif($usergroup['type'] == 5) {
$conditions = $lang->usergroup_joins_invite; } else	$conditions = $lang->usergroup_joins_invite; } else
Zeile 3681	Zeile 3921
elseif(isset($appliedjoin[$usergroup['gid']]) && $usergroup['type'] == 5) { $joinlink = $lang->sprintf($lang->pending_invitation, $usergroup['gid'], $mybb->post_code);	elseif(isset($appliedjoin[$usergroup['gid']]) && $usergroup['type'] == 5) { $joinlink = $lang->sprintf($lang->pending_invitation, $usergroup['gid'], $mybb->post_code);
}	}
elseif($usergroup['type'] == 5) { $joinlink = "--";	elseif($usergroup['type'] == 5) { $joinlink = "--";
Zeile 3703	Zeile 3943
$comma = $lang->comma; } $usergroupleaders = $lang->usergroup_leaders." ".$usergroupleaders;	$comma = $lang->comma; } $usergroupleaders = $lang->usergroup_leaders." ".$usergroupleaders;
}	}
if(my_strpos($usergroupleaders, $mybb->user['username']) === false) {	if(my_strpos($usergroupleaders, $mybb->user['username']) === false) {
Zeile 3712	Zeile 3952
} } if($joinablegrouplist)	} } if($joinablegrouplist)
{	{
eval("\$joinablegroups = \"".$templates->get("usercp_usergroups_joinable")."\";"); }	eval("\$joinablegroups = \"".$templates->get("usercp_usergroups_joinable")."\";"); }
Zeile 3724	Zeile 3964
if($mybb->input['action'] == "attachments") {	if($mybb->input['action'] == "attachments") {
$plugins->run_hooks("usercp_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php"; if($mybb->settings['enableattachments'] == 0)	require_once MYBB_ROOT."inc/functions_upload.php"; if($mybb->settings['enableattachments'] == 0)
{	{
error($lang->attachments_disabled);	error($lang->attachments_disabled);
	} $plugins->run_hooks("usercp_attachments_start"); // Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(true); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";
} $attachments = '';	} $attachments = '';
$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'"); $usage = $db->fetch_array($query); $totalattachments = $usage['acount'];
// Pagination if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)	// Pagination if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)
Zeile 3750	Zeile 4000
if($page > 0) { $start = ($page-1) * $perpage;	if($page > 0) { $start = ($page-1) * $perpage;
$pages = ceil($totalattachments / $perpage); if($page > $pages) { $start = 0; $page = 1; }
} else {	} else {
Zeile 3771	Zeile 4015
FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)	FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE a.uid='".$mybb->user['uid']."' ORDER BY p.dateline DESC LIMIT {$start}, {$perpage} "); $bandwidth = $totaldownloads = 0; while($attachment = $db->fetch_array($query))	WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql} ORDER BY p.dateline DESC, p.pid DESC LIMIT {$start}, {$perpage} "); $bandwidth = $totaldownloads = $totalusage = $totalattachments = $processedattachments = 0; while($attachment = $db->fetch_array($query))
{ if($attachment['dateline'] && $attachment['tid']) {	{ if($attachment['dateline'] && $attachment['tid']) {
Zeile 3784	Zeile 4028
$attachment['postlink'] = get_post_link($attachment['pid'], $attachment['tid']); $attachment['threadlink'] = get_thread_link($attachment['tid']); $attachment['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($attachment['threadsubject']));	$attachment['postlink'] = get_post_link($attachment['pid'], $attachment['tid']); $attachment['threadlink'] = get_thread_link($attachment['tid']); $attachment['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($attachment['threadsubject']));

$size = get_friendly_size($attachment['filesize']); $icon = get_attachment_icon(get_extension($attachment['filename'])); $attachment['filename'] = htmlspecialchars_uni($attachment['filename']);	$size = get_friendly_size($attachment['filesize']); $icon = get_attachment_icon(get_extension($attachment['filename'])); $attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
Zeile 3792	Zeile 4036
$sizedownloads = $lang->sprintf($lang->attachment_size_downloads, $size, $attachment['downloads']); $attachdate = my_date('relative', $attachment['dateline']); $altbg = alt_trow();	$sizedownloads = $lang->sprintf($lang->attachment_size_downloads, $size, $attachment['downloads']); $attachdate = my_date('relative', $attachment['dateline']); $altbg = alt_trow();

eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";"); // Add to bandwidth total $bandwidth += ($attachment['filesize'] * $attachment['downloads']); $totaldownloads += $attachment['downloads'];	eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";"); // Add to bandwidth total $bandwidth += ($attachment['filesize'] * $attachment['downloads']); $totaldownloads += $attachment['downloads'];
	$totalusage += $attachment['filesize']; ++$totalattachments;
} else { // This little thing delets attachments without a thread/post remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']); }	} else { // This little thing delets attachments without a thread/post remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']); }
	++$processedattachments; } $multipage = ''; if($processedattachments >= $perpage \|\| $page > 1) { $query = $db->query(" SELECT SUM(a.filesize) AS ausage, COUNT(a.aid) AS acount FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql} "); $usage = $db->fetch_array($query); $totalusage = $usage['ausage']; $totalattachments = $usage['acount']; $multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
}	}
$totalusage = $usage['ausage'];
$friendlyusage = get_friendly_size((int)$totalusage); if($mybb->usergroup['attachquota'])	$friendlyusage = get_friendly_size((int)$totalusage); if($mybb->usergroup['attachquota'])
{	{
$percent = round(($totalusage/($mybb->usergroup['attachquota']1024))100); $friendlyusage .= $lang->sprintf($lang->attachments_usage_percent, $percent); $attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);	$percent = round(($totalusage/($mybb->usergroup['attachquota']1024))100); $friendlyusage .= $lang->sprintf($lang->attachments_usage_percent, $percent); $attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
Zeile 3821	Zeile 4084
$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments); }	$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments); }
$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
$bandwidth = get_friendly_size($bandwidth);	$bandwidth = get_friendly_size($bandwidth);
	eval("\$delete_button = \"".$templates->get("delete_attachments_button")."\";");
if(!$attachments) { eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); $usagenote = '';	if(!$attachments) { eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); $usagenote = '';
	$delete_button = '';
} $plugins->run_hooks("usercp_attachments_end");	} $plugins->run_hooks("usercp_attachments_end");
Zeile 3841	Zeile 4106
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php"; if(!isset($mybb->input['attachments']) \|\| !is_array($mybb->input['attachments'])) { error($lang->no_attachments_selected); }	require_once MYBB_ROOT."inc/functions_upload.php"; if(!isset($mybb->input['attachments']) \|\| !is_array($mybb->input['attachments'])) { error($lang->no_attachments_selected); }
	$plugins->run_hooks("usercp_do_attachments_start"); // Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(true); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND p.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)"; }
$aids = implode(',', array_map('intval', $mybb->input['attachments']));	$aids = implode(',', array_map('intval', $mybb->input['attachments']));
$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");	$query = $db->query(" SELECT a.*, p.fid FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) WHERE aid IN ({$aids}) AND a.uid={$mybb->user['uid']} {$f_perm_sql} ");
while($attachment = $db->fetch_array($query)) { remove_attachment($attachment['pid'], '', $attachment['aid']);	while($attachment = $db->fetch_array($query)) { remove_attachment($attachment['pid'], '', $attachment['aid']);
Zeile 4026	Zeile 4313
$mybb->user['posts'] = my_number_format($mybb->user['postnum']); // Build referral link	$mybb->user['posts'] = my_number_format($mybb->user['postnum']); // Build referral link
	$referral_info = '';
if($mybb->settings['usereferrals'] == 1) { $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);	if($mybb->settings['usereferrals'] == 1) { $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);
	$referral_count = (int) $mybb->user['referrals']; if($referral_count > 0) { $uid = (int) $mybb->user['uid']; eval("\$mybb->user['referrals'] = \"".$templates->get('member_referrals_link')."\";"); }
eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";"); }	eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";"); }
Zeile 4043	Zeile 4339
$query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1)); if($db->num_rows($query)) {	$query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1)); if($db->num_rows($query)) {
$visible = "AND t.visible != 0"; if(is_moderator() == true)	$where = array( "s.uid={$mybb->user['uid']}", "t.lastposteruid!={$mybb->user['uid']}", get_visible_where('t') ); if($unviewable_forums = get_unviewable_forums(true)) { $where[] = "t.fid NOT IN ({$unviewable_forums})"; } if($inactive_forums = get_inactive_forums())
{	{
$visible = '';	$where[] = "t.fid NOT IN ({$inactive_forums})";
}	}
	$where = implode(' AND ', $where);
$query = $db->query(" SELECT s., t., t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)	$query = $db->query(" SELECT s., t., t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE s.uid='".$mybb->user['uid']."' {$visible}	WHERE {$where}
ORDER BY t.lastpost DESC LIMIT 0, 10 ");	ORDER BY t.lastpost DESC LIMIT 0, 10 ");

$fpermissions = forum_permissions();	$fpermissions = forum_permissions();

while($subscription = $db->fetch_array($query)) { $forumpermissions = $fpermissions[$subscription['fid']];	while($subscription = $db->fetch_array($query)) { $forumpermissions = $fpermissions[$subscription['fid']];
if($forumpermissions['canview'] != 0 && $forumpermissions['canviewthreads'] != 0 && ($forumpermissions['canonlyviewownthreads'] == 0 \|\| $subscription['uid'] == $mybb->user['uid']))	if($forumpermissions['canonlyviewownthreads'] == 0 \|\| $subscription['uid'] == $mybb->user['uid'])
{ $subscriptions[$subscription['tid']] = $subscription; }	{ $subscriptions[$subscription['tid']] = $subscription; }
Zeile 4103	Zeile 4413
$icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes();	$icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes();
	$latest_subscribed_threads = '';
foreach($subscriptions as $thread) {	foreach($subscriptions as $thread) {
	$plugins->run_hooks("usercp_thread_subscriptions_thread");
$folder = ''; $folder_label = ''; $gotounread = '';	$folder = ''; $folder_label = ''; $gotounread = '';
Zeile 4142	Zeile 4454
$icon = " "; }	$icon = " "; }
if($thread['doticon'])	if(!isset($thread['doticon']))
{ $folder = "dot_"; $folder_label .= $lang->icon_dot; } // Check to see which icon we display	{ $folder = "dot_"; $folder_label .= $lang->icon_dot; } // Check to see which icon we display
if($thread['lastread'] && $thread['lastread'] < $thread['lastpost'])	if(!empty($thread['lastread']) && $thread['lastread'] < $thread['lastpost'])
{ $folder .= "new"; $folder_label .= $lang->icon_new;	{ $folder .= "new"; $folder_label .= $lang->icon_new;
Zeile 4204	Zeile 4516
} // User's Latest Threads	} // User's Latest Threads
	$where = array( "t.uid={$mybb->user['uid']}", get_visible_where('t') ); if($unviewable_forums = get_unviewable_forums(true)) { $where[] = "t.fid NOT IN ({$unviewable_forums})"; } if($inactive_forums = get_inactive_forums()) { $where[] = "t.fid NOT IN ({$inactive_forums})"; } $where = implode(' AND ', $where);

// Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)"; } $visible = " AND t.visible != 0"; if(is_moderator() == true) { $visible = ''; }
$query = $db->query(" SELECT t.*, t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threads t LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)	$query = $db->query(" SELECT t.*, t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threads t LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE t.uid='".$mybb->user['uid']."' AND t.firstpost != 0 AND t.visible >= 0 {$visible}{$f_perm_sql}	WHERE {$where}
ORDER BY t.lastpost DESC LIMIT 0, 5 ");	ORDER BY t.lastpost DESC LIMIT 0, 5 ");

// Figure out whether we can view these threads... $threadcache = array(); $fpermissions = forum_permissions(); while($thread = $db->fetch_array($query)) {	// Figure out whether we can view these threads... $threadcache = array(); $fpermissions = forum_permissions(); while($thread = $db->fetch_array($query)) {
// Moderated, and not moderator? if($thread['visible'] == 0 && is_moderator($thread['fid'], "canviewunapprove") === false) { continue; } $forumpermissions = $fpermissions[$thread['fid']]; if($forumpermissions['canview'] != 0 \|\| $forumpermissions['canviewthreads'] != 0) { $threadcache[$thread['tid']] = $thread; }	$threadcache[$thread['tid']] = $thread;
} $latest_threads = '';	} $latest_threads = '';
Zeile 4298	Zeile 4597
$latest_threads_threads = ''; foreach($threadcache as $thread) {	$latest_threads_threads = ''; foreach($threadcache as $thread) {
	$plugins->run_hooks("usercp_latest_threads_thread");
if($thread['tid']) { $bgcolor = alt_trow();	if($thread['tid']) { $bgcolor = alt_trow();
Zeile 4359	Zeile 4659
$cutoff = 0; if($thread['lastpost'] > $cutoff) {	$cutoff = 0; if($thread['lastpost'] > $cutoff) {
if($thread['lastread'])	if(!empty($thread['lastread']))
{ $lastread = $thread['lastread']; }	{ $lastread = $thread['lastread']; }
Zeile 4414	Zeile 4714
if($thread['closed'] == 1) {	if($thread['closed'] == 1) {
$folder .= "lock"; $folder_label .= $lang->icon_lock;	$folder .= "close"; $folder_label .= $lang->icon_close;
} $folder .= "folder";	} $folder .= "folder";