Vergleich inc/functions.php - 1.8.30 - 1.8.33

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 581	Zeile 581
{ require_once MYBB_ROOT . "inc/mailhandlers/php.php"; $my_mailhandler_builtin = new PhpMail();	{ require_once MYBB_ROOT . "inc/mailhandlers/php.php"; $my_mailhandler_builtin = new PhpMail();
if(!empty($mybb->settings['mail_parameters']))	if(!empty($mybb->config['mail_parameters']))
{	{
$my_mailhandler_builtin->additional_parameters = $mybb->settings['mail_parameters'];	$my_mailhandler_builtin->additional_parameters = $mybb->config['mail_parameters'];
} } }	} } }
Zeile 2346	Zeile 2346
return false; }	return false; }
$cookie = my_unserialize($mybb->cookies['mybb'][$name]);	$cookie = my_unserialize($mybb->cookies['mybb'][$name], false);
if(is_array($cookie) && isset($cookie[$id])) {	if(is_array($cookie) && isset($cookie[$id])) {
Zeile 2372	Zeile 2372
if(isset($mybb->cookies['mybb'][$name])) {	if(isset($mybb->cookies['mybb'][$name])) {
$newcookie = my_unserialize($mybb->cookies['mybb'][$name]);	$newcookie = my_unserialize($mybb->cookies['mybb'][$name], false);
} else {	} else {
Zeile 2382	Zeile 2382
$newcookie[$id] = $value; $newcookie = my_serialize($newcookie); my_setcookie("mybb[$name]", addslashes($newcookie), $expires);	$newcookie[$id] = $value; $newcookie = my_serialize($newcookie); my_setcookie("mybb[$name]", addslashes($newcookie), $expires);
	if(isset($mybb->cookies['mybb']) && !is_array($mybb->cookies['mybb'])) { $mybb->cookies['mybb'] = array(); }
// Make sure our current viarables are up-to-date as well $mybb->cookies['mybb'][$name] = $newcookie;	// Make sure our current viarables are up-to-date as well $mybb->cookies['mybb'][$name] = $newcookie;
Zeile 2401	Zeile 2406
* - does not unserialize objects * * @param string $str	* - does not unserialize objects * * @param string $str
	* @param bool $unlimited Whether to apply limits defined in MAX_SERIALIZED_* constants
* @return mixed * @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects) */	* @return mixed * @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects) */
function _safe_unserialize($str)	function _safe_unserialize($str, $unlimited = true)
{	{
if(strlen($str) > MAX_SERIALIZED_INPUT_LENGTH)	if(!$unlimited && strlen($str) > MAX_SERIALIZED_INPUT_LENGTH)
{ // input exceeds MAX_SERIALIZED_INPUT_LENGTH return false; } if(empty($str) \|\| !is_string($str))	{ // input exceeds MAX_SERIALIZED_INPUT_LENGTH return false; } if(empty($str) \|\| !is_string($str))
{	{
return false; }	return false; }
Zeile 2441	Zeile 2447
$str = substr($str, 2); } else if($type == 'b' && preg_match('/^b:([01]);/', $str, $matches))	$str = substr($str, 2); } else if($type == 'b' && preg_match('/^b:([01]);/', $str, $matches))
{	{
$value = $matches[1] == '1' ? true : false; $str = substr($str, 4); }	$value = $matches[1] == '1' ? true : false; $str = substr($str, 4); }
Zeile 2460	Zeile 2466
$value = substr($matches[2], 0, (int)$matches[1]); $str = substr($matches[2], (int)$matches[1] + 2); }	$value = substr($matches[2], 0, (int)$matches[1]); $str = substr($matches[2], (int)$matches[1] + 2); }
else if($type == 'a' && preg_match('/^a:([0-9]+):{(.*)/s', $str, $matches) && $matches[1] < MAX_SERIALIZED_ARRAY_LENGTH)	else if( $type == 'a' && preg_match('/^a:([0-9]+):{(.*)/s', $str, $matches) && ($unlimited \|\| $matches[1] < MAX_SERIALIZED_ARRAY_LENGTH) )
{ $expectedLength = (int)$matches[1]; $str = $matches[2];	{ $expectedLength = (int)$matches[1]; $str = $matches[2];
Zeile 2476	Zeile 2486
case 3: // in array, expecting value or another array if($type == 'a') {	case 3: // in array, expecting value or another array if($type == 'a') {
if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)	if(!$unlimited && count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
{ // array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH return false;	{ // array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH return false;
Zeile 2521	Zeile 2531
} if($type == 'i' \|\| $type == 's') {	} if($type == 'i' \|\| $type == 's') {
if(count($list) >= MAX_SERIALIZED_ARRAY_LENGTH)	if(!$unlimited && count($list) >= MAX_SERIALIZED_ARRAY_LENGTH)
{ // array size exceeds MAX_SERIALIZED_ARRAY_LENGTH return false;	{ // array size exceeds MAX_SERIALIZED_ARRAY_LENGTH return false;
Zeile 2543	Zeile 2553
case 0: // expecting array or value if($type == 'a') {	case 0: // expecting array or value if($type == 'a') {
if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)	if(!$unlimited && count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
{ // array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH return false;	{ // array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH return false;
Zeile 2580	Zeile 2590
* Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue * * @param string $str	* Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue * * @param string $str
	* @param bool $unlimited
* @return mixed */	* @return mixed */
function my_unserialize($str)	function my_unserialize($str, $unlimited = true)
{ // Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen() if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))	{ // Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen() if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
Zeile 2591	Zeile 2602
mb_internal_encoding('ASCII'); }	mb_internal_encoding('ASCII'); }
$out = _safe_unserialize($str);	$out = _safe_unserialize($str, $unlimited);
if(isset($mbIntEnc)) {	if(isset($mbIntEnc)) {
Zeile 7091	Zeile 7102
} // Now make PREG compatible	} // Now make PREG compatible
$find = "#(?!<.?)(".preg_quote($word, "#").")(?![^<>]?>)#ui"; $replacement = "<span class=\"highlight\" style=\"padding-left: 0px; padding-right: 0px;\">$1</span>";	$find = "/(?<!&\|&#)\b([[:alnum:]])(".preg_quote($word, "/").")(?![^<>]?>)/ui"; $replacement = "$1<span class=\"highlight\" style=\"padding-left: 0px; padding-right: 0px;\">$2</span>";
$highlight_cache[$find] = $replacement; }	$highlight_cache[$find] = $replacement; }