Vergleich usercp.php - 1.8.26 - 1.8.35

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 32Zeile 32

require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

 
require_once MYBB_ROOT."inc/functions_search.php";

require_once MYBB_ROOT."inc/functions_user.php";
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;

require_once MYBB_ROOT."inc/functions_user.php";
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;

Zeile 50Zeile 51

usercp_menu();



usercp_menu();


$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);

if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0)

$server_http_referer = '';
if(isset($_SERVER['HTTP_REFERER']))


{

{

	if(my_strpos($server_http_referer, '/') === 0)



	$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);

if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0)

	{

	{

		$server_http_referer = my_substr($server_http_referer, 1);






		if(my_strpos($server_http_referer, '/') === 0)
{
$server_http_referer = my_substr($server_http_referer, 1);
}
$url_segments = explode('/', $server_http_referer);
$server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments);

	}

	}

	$url_segments = explode('/', $server_http_referer);
$server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments);

 
}

$plugins->run_hooks("usercp_start");
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")

}

$plugins->run_hooks("usercp_start");
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")

{

{

	require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler();


	require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler();


Zeile 116Zeile 121
		break;
case "forumsubscriptions":
add_breadcrumb($lang->ucp_nav_forum_subscriptions);

		break;
case "forumsubscriptions":
add_breadcrumb($lang->ucp_nav_forum_subscriptions);

		break;

		break;

	case "editsig":
case "do_editsig":
add_breadcrumb($lang->nav_editsig);

	case "editsig":
case "do_editsig":
add_breadcrumb($lang->nav_editsig);

Zeile 124Zeile 129
	case "avatar":
case "do_avatar":
add_breadcrumb($lang->nav_avatar);

	case "avatar":
case "do_avatar":
add_breadcrumb($lang->nav_avatar);

		break;

		break;

	case "notepad":
case "do_notepad":
add_breadcrumb($lang->ucp_nav_notepad);

	case "notepad":
case "do_notepad":
add_breadcrumb($lang->ucp_nav_notepad);

		break;

		break;

	case "editlists":
case "do_editlists":
add_breadcrumb($lang->ucp_nav_editlists);

	case "editlists":
case "do_editlists":
add_breadcrumb($lang->ucp_nav_editlists);

		break;

		break;

	case "drafts":
add_breadcrumb($lang->ucp_nav_drafts);
break;

	case "drafts":
add_breadcrumb($lang->ucp_nav_drafts);
break;

Zeile 157Zeile 162
	{
$awaydate = TIME_NOW;
if(!empty($mybb->input['awayday']))

	{
$awaydate = TIME_NOW;
if(!empty($mybb->input['awayday']))

		{

		{

			// If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year
if(!$mybb->get_input('awaymonth', MyBB::INPUT_INT))
{

			// If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year
if(!$mybb->get_input('awaymonth', MyBB::INPUT_INT))
{

Zeile 191Zeile 196
			"date" => $awaydate,
"returndate" => $returndate,
"awayreason" => $mybb->get_input('awayreason')

			"date" => $awaydate,
"returndate" => $returndate,
"awayreason" => $mybb->get_input('awayreason')

		);
}

		);
}

	else
{
$away = array(

	else
{
$away = array(

Zeile 280Zeile 285
		$raw_errors = $userhandler->get_errors();

// Set to stored value if invalid

		$raw_errors = $userhandler->get_errors();

// Set to stored value if invalid

		if(array_key_exists("invalid_birthday_privacy", $raw_errors))

		if(array_key_exists("invalid_birthday_privacy", $raw_errors) || array_key_exists("conflicted_birthday_privacy", $raw_errors))

		{
$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];

		{
$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];

 
			$bday = explode("-", $mybb->user['birthday']);

if(isset($bday[2]))
{
$mybb->input['bday3'] = $bday[2];
}

		}

$errors = inline_error($errors);
$mybb->input['action'] = "profile";

		}

$errors = inline_error($errors);
$mybb->input['action'] = "profile";

	}

	}

	else
{
$userhandler->update_user();

	else
{
$userhandler->update_user();





		$plugins->run_hooks("usercp_do_profile_end");
redirect("usercp.php?action=profile", $lang->redirect_profileupdated);
}

		$plugins->run_hooks("usercp_do_profile_end");
redirect("usercp.php?action=profile", $lang->redirect_profileupdated);
}

Zeile 308Zeile 319
		$bday[2] = $mybb->get_input('bday3', MyBB::INPUT_INT);
}
else

		$bday[2] = $mybb->get_input('bday3', MyBB::INPUT_INT);
}
else

	{

	{

		$user = $mybb->user;
$bday = explode("-", $user['birthday']);
if(!isset($bday[1]))
{
$bday[1] = 0;
}

		$user = $mybb->user;
$bday = explode("-", $user['birthday']);
if(!isset($bday[1]))
{
$bday[1] = 0;
}

		if(!isset($bday[2]))
{
$bday[2] = '';
}

	}
if(!isset($bday[2]) || $bday[2] == 0)
{
$bday[2] = '';

	}

$plugins->run_hooks("usercp_profile_start");

	}

$plugins->run_hooks("usercp_profile_start");

Zeile 400Zeile 411
		if(!is_member($mybb->settings[$csetting]))
{
continue;

		if(!is_member($mybb->settings[$csetting]))
{
continue;

		}


		}


		$cfieldsshow = true;

$lang_string = 'contact_field_'.$cfield;

		$cfieldsshow = true;

$lang_string = 'contact_field_'.$cfield;

Zeile 501Zeile 512
				continue;
}


				continue;
}


 
			$userfield = $code = $select = $val = $options = $expoptions = $useropts = '';
$seloptions = array();

			$profilefield['type'] = htmlspecialchars_uni($profilefield['type']);
$profilefield['name'] = htmlspecialchars_uni($profilefield['name']);
$profilefield['description'] = htmlspecialchars_uni($profilefield['description']);

			$profilefield['type'] = htmlspecialchars_uni($profilefield['type']);
$profilefield['name'] = htmlspecialchars_uni($profilefield['name']);
$profilefield['description'] = htmlspecialchars_uni($profilefield['description']);

Zeile 509Zeile 522
			if(isset($thing[1]))
{
$options = $thing[1];

			if(isset($thing[1]))
{
$options = $thing[1];

			}
else

			}
else

			{
$options = array();
}
$field = "fid{$profilefield['fid']}";

			{
$options = array();
}
$field = "fid{$profilefield['fid']}";

			$select = '';

 
			if($errors)
{
if(!isset($mybb->input['profile_fields'][$field]))

			if($errors)
{
if(!isset($mybb->input['profile_fields'][$field]))

Zeile 525Zeile 537
				$userfield = $mybb->input['profile_fields'][$field];
}
else

				$userfield = $mybb->input['profile_fields'][$field];
}
else

			{

			{

				$userfield = $user[$field];
}
if($type == "multiselect")

				$userfield = $user[$field];
}
if($type == "multiselect")

Zeile 539Zeile 551
					$useropts = explode("\n", $userfield);
}
if(is_array($useropts))

					$useropts = explode("\n", $userfield);
}
if(is_array($useropts))

				{

				{

					foreach($useropts as $key => $val)
{
$val = htmlspecialchars_uni($val);
$seloptions[$val] = $val;

					foreach($useropts as $key => $val)
{
$val = htmlspecialchars_uni($val);
$seloptions[$val] = $val;

					}
}
$expoptions = explode("\n", $options);
if(is_array($expoptions))

					}
}
$expoptions = explode("\n", $options);
if(is_array($expoptions))

				{
foreach($expoptions as $key => $val)
{

				{
foreach($expoptions as $key => $val)
{

Zeile 556Zeile 568

$sel = "";
if(isset($seloptions[$val]) && $val == $seloptions[$val])


$sel = "";
if(isset($seloptions[$val]) && $val == $seloptions[$val])

						{
$sel = " selected=\"selected\"";
}

eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");
}
if(!$profilefield['length'])
{

						{
$sel = " selected=\"selected\"";
}

eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");
}
if(!$profilefield['length'])
{

						$profilefield['length'] = 3;
}


						$profilefield['length'] = 3;
}


Zeile 571Zeile 583
				}
}
elseif($type == "select")

				}
}
elseif($type == "select")

			{

			{

				$expoptions = explode("\n", $options);
if(is_array($expoptions))
{

				$expoptions = explode("\n", $options);
if(is_array($expoptions))
{

Zeile 605Zeile 617
					{
$checked = "";
if($val == $userfield)

					{
$checked = "";
if($val == $userfield)

						{
$checked = " checked=\"checked\"";
}

						{
$checked = " checked=\"checked\"";
}


eval("\$code .= \"".$templates->get("usercp_profile_profilefields_radio")."\";");
}


eval("\$code .= \"".$templates->get("usercp_profile_profilefields_radio")."\";");
}

Zeile 672Zeile 684
				eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");
}
$altbg = alt_trow();

				eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");
}
$altbg = alt_trow();

			$code = "";
$select = "";
$val = "";
$options = "";
$expoptions = "";
$useropts = "";
$seloptions = array();
}

		}








	}
if($customfields)

	}
if($customfields)

	{

	{

		eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";");
}


		eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";");
}


Zeile 701Zeile 706
					break;
}
}

					break;
}
}

		}
else

		}
else

		{
$defaulttitle = htmlspecialchars_uni($mybb->usergroup['usertitle']);
}

		{
$defaulttitle = htmlspecialchars_uni($mybb->usergroup['usertitle']);
}

Zeile 711Zeile 716
		if(trim($user['usertitle']) == '')
{
$lang->current_custom_usertitle = '';

		if(trim($user['usertitle']) == '')
{
$lang->current_custom_usertitle = '';

		}
else

		}
else

		{
if($errors)
{
$newtitle = htmlspecialchars_uni($user['usertitle']);
$user['usertitle'] = $mybb->user['usertitle'];

		{
if($errors)
{
$newtitle = htmlspecialchars_uni($user['usertitle']);
$user['usertitle'] = $mybb->user['usertitle'];

			}
}


			}
}


		$user['usertitle'] = htmlspecialchars_uni($user['usertitle']);

$currentcustom = $reverttitle = '';

		$user['usertitle'] = htmlspecialchars_uni($user['usertitle']);

$currentcustom = $reverttitle = '';

Zeile 744Zeile 749
	if($mybb->usergroup['canchangewebsite'] == 1)
{
eval("\$website = \"".$templates->get("usercp_profile_website")."\";");

	if($mybb->usergroup['canchangewebsite'] == 1)
{
eval("\$website = \"".$templates->get("usercp_profile_website")."\";");

	}

	}


$plugins->run_hooks("usercp_profile_end");



$plugins->run_hooks("usercp_profile_end");


Zeile 809Zeile 814
	if($mybb->settings['userpppoptions'])
{
$user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT);

	if($mybb->settings['userpppoptions'])
{
$user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT);

	}


	}


	$userhandler->set_data($user);

if(!$userhandler->validate_user())

	$userhandler->set_data($user);

if(!$userhandler->validate_user())

Zeile 872Zeile 877
		$allownoticescheck = "";
}


		$allownoticescheck = "";
}


	if(isset($user['invisible']) && $user['invisible'] == 1)




	$canbeinvisible = '';

// Check usergroup permission before showing invisible check box
if($mybb->usergroup['canbeinvisible'] == 1)

	{

	{

		$invisiblecheck = "checked=\"checked\"";
}
else
{
$invisiblecheck = "";





		if(isset($user['invisible']) && $user['invisible'] == 1)
{
$invisiblecheck = "checked=\"checked\"";
}
else
{
$invisiblecheck = "";
}
eval('$canbeinvisible = "'.$templates->get("usercp_options_invisible")."\";");

	}

if(isset($user['hideemail']) && $user['hideemail'] == 1)

	}

if(isset($user['hideemail']) && $user['hideemail'] == 1)

Zeile 1507Zeile 1519
	$plugins->run_hooks("usercp_subscriptions_start");

// Thread visiblity

	$plugins->run_hooks("usercp_subscriptions_start");

// Thread visiblity

	$visible = "AND t.visible != 0";
if(is_moderator() == true)










	$where = array(
"s.uid={$mybb->user['uid']}",
get_visible_where('t')
);

if($unviewable_forums = get_unviewable_forums(true))
{
$where[] = "t.fid NOT IN ({$unviewable_forums})";
}

if($inactive_forums = get_inactive_forums())

	{

	{

		$visible = '';

		$where[] = "t.fid NOT IN ({$inactive_forums})";

	}

	}

 

$where = implode(' AND ', $where);


// Do Multi Pages
$query = $db->query("


// Do Multi Pages
$query = $db->query("

		SELECT COUNT(ts.tid) as threads
FROM ".TABLE_PREFIX."threadsubscriptions ts
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = ts.tid)
WHERE ts.uid = '".$mybb->user['uid']."' AND t.visible >= 0 {$visible}

		SELECT COUNT(s.tid) as threads
FROM ".TABLE_PREFIX."threadsubscriptions s
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = s.tid)
WHERE {$where}

	");
$threadcount = $db->fetch_field($query, "threads");


	");
$threadcount = $db->fetch_field($query, "threads");


Zeile 1562Zeile 1585
		FROM ".TABLE_PREFIX."threadsubscriptions s
LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

		FROM ".TABLE_PREFIX."threadsubscriptions s
LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

		WHERE s.uid='".$mybb->user['uid']."' and t.visible >= 0 {$visible}

		WHERE {$where}

		ORDER BY t.lastpost DESC
LIMIT $start, $perpage
");

		ORDER BY t.lastpost DESC
LIMIT $start, $perpage
");

Zeile 1570Zeile 1593
	{
$forumpermissions = $fpermissions[$subscription['fid']];


	{
$forumpermissions = $fpermissions[$subscription['fid']];


		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid']))

		if(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid'])

		{
// Hmm, you don't have permission to view this thread - unsubscribe!
$del_subscriptions[] = $subscription['sid'];

		{
// Hmm, you don't have permission to view this thread - unsubscribe!
$del_subscriptions[] = $subscription['sid'];

Zeile 1584Zeile 1607
	if(!empty($del_subscriptions))
{
$sids = implode(',', $del_subscriptions);

	if(!empty($del_subscriptions))
{
$sids = implode(',', $del_subscriptions);





		if($sids)
{
$db->delete_query("threadsubscriptions", "sid IN ({$sids}) AND uid='{$mybb->user['uid']}'");

		if($sids)
{
$db->delete_query("threadsubscriptions", "sid IN ({$sids}) AND uid='{$mybb->user['uid']}'");

Zeile 1653Zeile 1676

// If this thread has a prefix, insert a space between prefix and subject
if($thread['prefix'] != 0 && !empty($threadprefixes[$thread['prefix']]))


// If this thread has a prefix, insert a space between prefix and subject
if($thread['prefix'] != 0 && !empty($threadprefixes[$thread['prefix']]))

			{

			{

				$thread['threadprefix'] = $threadprefixes[$thread['prefix']]['displaystyle'].' ';
}


				$thread['threadprefix'] = $threadprefixes[$thread['prefix']]['displaystyle'].' ';
}


Zeile 1696Zeile 1719

if($mybb->settings['threadreadcut'] > 0)
{


if($mybb->settings['threadreadcut'] > 0)
{

				$forum_read = $readforums[$thread['fid']];


 
				$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;

				$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;

				if($forum_read == 0 || $forum_read < $read_cutoff)
{

				if(empty($readforums[$thread['fid']]) || $readforums[$thread['fid']] < $read_cutoff)
{

					$forum_read = $read_cutoff;

					$forum_read = $read_cutoff;

 
				}
else
{
$forum_read = $readforums[$thread['fid']];

				}
}


				}
}


Zeile 1713Zeile 1738

if($thread['lastpost'] > $cutoff)
{


if($thread['lastpost'] > $cutoff)
{

				if($thread['lastread'])

				if(!empty($thread['lastread']))

				{
$lastread = $thread['lastread'];
}

				{
$lastread = $thread['lastread'];
}

Zeile 1772Zeile 1797

// Build last post info
$lastpostdate = my_date('relative', $thread['lastpost']);


// Build last post info
$lastpostdate = my_date('relative', $thread['lastpost']);

 
			$lastposteruid = $thread['lastposteruid'];

			if(!$lastposteruid && !$thread['lastposter'])

			if(!$lastposteruid && !$thread['lastposter'])

			{

			{

				$lastposter = htmlspecialchars_uni($lang->guest);
}
else
{
$lastposter = htmlspecialchars_uni($thread['lastposter']);

				$lastposter = htmlspecialchars_uni($lang->guest);
}
else
{
$lastposter = htmlspecialchars_uni($thread['lastposter']);

			}
$lastposteruid = $thread['lastposteruid'];

			}



// Don't link to guest's profiles (they have no profile).
if($lastposteruid == 0)


// Don't link to guest's profiles (they have no profile).
if($lastposteruid == 0)

Zeile 1810Zeile 1835

eval("\$threads .= \"".$templates->get("usercp_subscriptions_thread")."\";");
}


eval("\$threads .= \"".$templates->get("usercp_subscriptions_thread")."\";");
}





		// Provide remove options
eval("\$remove_options = \"".$templates->get("usercp_subscriptions_remove")."\";");
}

		// Provide remove options
eval("\$remove_options = \"".$templates->get("usercp_subscriptions_remove")."\";");
}

Zeile 1834Zeile 1859
	$query = $db->query("
SELECT f.fid, fr.dateline AS lastread
FROM ".TABLE_PREFIX."forums f

	$query = $db->query("
SELECT f.fid, fr.dateline AS lastread
FROM ".TABLE_PREFIX."forums f

		LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')

		LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')

		WHERE f.active != 0
ORDER BY pid, disporder
");

		WHERE f.active != 0
ORDER BY pid, disporder
");

Zeile 1958Zeile 1983
	if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);

	if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);

	}


	}


	$forumpermissions = forum_permissions($thread['fid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
{
error_no_permission();

	$forumpermissions = forum_permissions($thread['fid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
{
error_no_permission();

	}


	}


	// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);

	// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);





	// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_do_addsubscription");

add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));

	// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_do_addsubscription");

add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));





	if($mybb->get_input('referrer'))
{
$mybb->input['referrer'] = $mybb->get_input('referrer');

	if($mybb->get_input('referrer'))
{
$mybb->input['referrer'] = $mybb->get_input('referrer');

Zeile 1996Zeile 2021
	}
redirect($url, $lang->redirect_subscriptionadded);
}

	}
redirect($url, $lang->redirect_subscriptionadded);
}





if($mybb->input['action'] == "addsubscription")
{
// Verify incoming POST request

if($mybb->input['action'] == "addsubscription")
{
// Verify incoming POST request

Zeile 2020Zeile 2045

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_addsubscription_forum");


// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_addsubscription_forum");





		add_subscribed_forum($forum['fid']);
if($server_http_referer && $mybb->request_method != 'post')

		add_subscribed_forum($forum['fid']);
if($server_http_referer && $mybb->request_method != 'post')

		{

		{

			$url = $server_http_referer;
}
else

			$url = $server_http_referer;
}
else

		{

		{

			$url = "index.php";
}
redirect($url, $lang->redirect_forumsubscriptionadded);

			$url = "index.php";
}
redirect($url, $lang->redirect_forumsubscriptionadded);

Zeile 2042Zeile 2067

// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);


// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);





		// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{

		// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{

Zeile 2056Zeile 2081
		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
{
error_no_permission();

		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
{
error_no_permission();

		}

		}


// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);


// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);

Zeile 2079Zeile 2104
			$notification_none_checked = "checked=\"checked\"";
}
elseif($mybb->user['subscriptionmethod'] == 2)

			$notification_none_checked = "checked=\"checked\"";
}
elseif($mybb->user['subscriptionmethod'] == 2)

		{
$notification_email_checked = "checked=\"checked\"";
}
elseif($mybb->user['subscriptionmethod'] == 3)

		{
$notification_email_checked = "checked=\"checked\"";
}
elseif($mybb->user['subscriptionmethod'] == 3)

		{
$notification_pm_checked = "checked=\"checked\"";

		{
$notification_pm_checked = "checked=\"checked\"";

		}


		}


		// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_addsubscription_thread");


		// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_addsubscription_thread");


Zeile 2107Zeile 2132
		if(!$forum)
{
error($lang->error_invalidforum);

		if(!$forum)
{
error($lang->error_invalidforum);

		}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($forum['fid']);

		}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($forum['fid']);


// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_forum");


// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_forum");

Zeile 2129Zeile 2154
	else
{
$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));

	else
{
$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));

		if(!$thread)
{
error($lang->error_invalidthread);
}

// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);

// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);

		if(!$thread)
{
error($lang->error_invalidthread);
}

// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);

// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);


// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_thread");


// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_thread");

Zeile 2269Zeile 2294
		if($server_http_referer)
{
$url = $server_http_referer;

		if($server_http_referer)
{
$url = $server_http_referer;

		}
else
{

		}
else
{

			$url = "usercp.php?action=subscriptions";
}
redirect($url, $lang->redirect_subscriptionsremoved);

			$url = "usercp.php?action=subscriptions";
}
redirect($url, $lang->redirect_subscriptionsremoved);

Zeile 2387Zeile 2412
	else
{
// User is allowed to edit their signature

	else
{
// User is allowed to edit their signature

 
		$smilieinserter = '';

		if($mybb->settings['sigsmilies'] == 1)
{
$sigsmilies = $lang->on;

		if($mybb->settings['sigsmilies'] == 1)
{
$sigsmilies = $lang->on;

Zeile 2407Zeile 2433
		if($mybb->settings['sightml'] == 1)
{
$sightml = $lang->on;

		if($mybb->settings['sightml'] == 1)
{
$sightml = $lang->on;

		}
else
{

		}
else
{

			$sightml = $lang->off;

			$sightml = $lang->off;

		}
if($mybb->settings['sigimgcode'] == 1)

		}
if($mybb->settings['sigimgcode'] == 1)

		{
$sigimgcode = $lang->on;

		{
$sigimgcode = $lang->on;

		}
else
{

		}
else
{

			$sigimgcode = $lang->off;
}

			$sigimgcode = $lang->off;
}

 

if($mybb->settings['siglength'] == 0)
{
$siglength = $lang->unlimited;
}
else
{
$siglength = $mybb->settings['siglength'];
}


		$sig = htmlspecialchars_uni($sig);

		$sig = htmlspecialchars_uni($sig);

		$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);

		$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $siglength);


if($mybb->settings['sigmycode'] != 0 && $mybb->settings['bbcodeinserter'] != 0 && $mybb->user['showcodebuttons'] != 0)
{
$codebuttons = build_mycode_inserter("signature");


if($mybb->settings['sigmycode'] != 0 && $mybb->settings['bbcodeinserter'] != 0 && $mybb->user['showcodebuttons'] != 0)
{
$codebuttons = build_mycode_inserter("signature");

		}


		}


		$plugins->run_hooks("usercp_editsig_end");

		$plugins->run_hooks("usercp_editsig_end");





		eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");
}

output_page($editsig);
}

		eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");
}

output_page($editsig);
}





if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post")
{
// Verify incoming POST request

if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post")
{
// Verify incoming POST request

Zeile 2461Zeile 2497
		if($mybb->usergroup['canuploadavatars'] == 0)
{
error_no_permission();

		if($mybb->usergroup['canuploadavatars'] == 0)
{
error_no_permission();

		}

		}

		$avatar = upload_avatar();

		$avatar = upload_avatar();

		if($avatar['error'])

		if(!empty($avatar['error']))

		{
$avatar_error = $avatar['error'];
}

		{
$avatar_error = $avatar['error'];
}

Zeile 2479Zeile 2515
				"avatartype" => "upload"
);
$db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'");

				"avatartype" => "upload"
);
$db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'");

		}





		}
}
elseif(!$mybb->settings['allowremoteavatars'] && !$_FILES['avatarupload']['name']) // missing avatar image
{
$avatar_error = $lang->error_avatarimagemissing;

	}
elseif($mybb->settings['allowremoteavatars']) // remote avatar
{

	}
elseif($mybb->settings['allowremoteavatars']) // remote avatar
{

Zeile 2488Zeile 2528
		{
// Gravatar
$mybb->input['avatarurl'] = my_strtolower($mybb->input['avatarurl']);

		{
// Gravatar
$mybb->input['avatarurl'] = my_strtolower($mybb->input['avatarurl']);





			// If user image does not exist, or is a higher rating, use the mystery man
$email = md5($mybb->input['avatarurl']);


			// If user image does not exist, or is a higher rating, use the mystery man
$email = md5($mybb->input['avatarurl']);


Zeile 2496Zeile 2536
			if(!$mybb->settings['maxavatardims'])
{
$mybb->settings['maxavatardims'] = '100x100'; // Hard limit of 100 if there are no limits

			if(!$mybb->settings['maxavatardims'])
{
$mybb->settings['maxavatardims'] = '100x100'; // Hard limit of 100 if there are no limits

			}

			}


// Because Gravatars are square, hijack the width
list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));


// Because Gravatars are square, hijack the width
list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

Zeile 2505Zeile 2545
			// Rating?
$types = array('g', 'pg', 'r', 'x');
$rating = $mybb->settings['useravatarrating'];

			// Rating?
$types = array('g', 'pg', 'r', 'x');
$rating = $mybb->settings['useravatarrating'];





			if(!in_array($rating, $types))
{
$rating = 'g';

			if(!in_array($rating, $types))
{
$rating = 'g';

Zeile 2547Zeile 2587
					list($width, $height, $type) = @getimagesize($tmp_name);
@unlink($tmp_name);
if(!$type)

					list($width, $height, $type) = @getimagesize($tmp_name);
@unlink($tmp_name);
if(!$type)

					{

					{

						$avatar_error = $lang->error_invalidavatarurl;
}
}

						$avatar_error = $lang->error_invalidavatarurl;
}
}

Zeile 2556Zeile 2596
			if(empty($avatar_error))
{
if($width && $height && $mybb->settings['maxavatardims'] != "")

			if(empty($avatar_error))
{
if($width && $height && $mybb->settings['maxavatardims'] != "")

				{

				{

					list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
$avatar_error = $lang->error_avatartoobig;
}

					list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
$avatar_error = $lang->error_avatartoobig;
}

				}
}


				}
}


			// Limiting URL string to stay within database limit
if(strlen($mybb->input['avatarurl']) > 200)
{

			// Limiting URL string to stay within database limit
if(strlen($mybb->input['avatarurl']) > 200)
{

Zeile 2591Zeile 2631
	else // remote avatar, but remote avatars are not allowed
{
$avatar_error = $lang->error_remote_avatar_not_allowed;

	else // remote avatar, but remote avatars are not allowed
{
$avatar_error = $lang->error_remote_avatar_not_allowed;

	}

	}


if(empty($avatar_error))
{


if(empty($avatar_error))
{

Zeile 2599Zeile 2639
		redirect("usercp.php?action=avatar", $lang->redirect_avatarupdated);
}
else

		redirect("usercp.php?action=avatar", $lang->redirect_avatarupdated);
}
else

	{

	{

		$mybb->input['action'] = "avatar";
$avatar_error = inline_error($avatar_error);
}

		$mybb->input['action'] = "avatar";
$avatar_error = inline_error($avatar_error);
}

Zeile 2608Zeile 2648
if($mybb->input['action'] == "avatar")
{
$plugins->run_hooks("usercp_avatar_start");

if($mybb->input['action'] == "avatar")
{
$plugins->run_hooks("usercp_avatar_start");





	$avatarmsg = $avatarurl = '';

if($mybb->user['avatartype'] == "upload" || stristr($mybb->user['avatar'], $mybb->settings['avataruploadpath']))

	$avatarmsg = $avatarurl = '';

if($mybb->user['avatartype'] == "upload" || stristr($mybb->user['avatar'], $mybb->settings['avataruploadpath']))

Zeile 2616Zeile 2656
		$avatarmsg = "<br /><strong>".$lang->already_uploaded_avatar."</strong>";
}
elseif($mybb->user['avatartype'] == "remote" || my_validate_url($mybb->user['avatar']))

		$avatarmsg = "<br /><strong>".$lang->already_uploaded_avatar."</strong>";
}
elseif($mybb->user['avatartype'] == "remote" || my_validate_url($mybb->user['avatar']))

	{

	{

		$avatarmsg = "<br /><strong>".$lang->using_remote_avatar."</strong>";
$avatarurl = htmlspecialchars_uni($mybb->user['avatar']);
}

		$avatarmsg = "<br /><strong>".$lang->using_remote_avatar."</strong>";
$avatarurl = htmlspecialchars_uni($mybb->user['avatar']);
}





	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
eval("\$currentavatar = \"".$templates->get("usercp_avatar_current")."\";");

	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
eval("\$currentavatar = \"".$templates->get("usercp_avatar_current")."\";");





	if($mybb->settings['maxavatardims'] != "")

	if($mybb->settings['maxavatardims'] != "")

	{

	{

		list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
}

if($mybb->settings['avatarsize'])

		list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
}

if($mybb->settings['avatarsize'])

	{

	{

		$maxsize = get_friendly_size($mybb->settings['avatarsize']*1024);
$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);
}

		$maxsize = get_friendly_size($mybb->settings['avatarsize']*1024);
$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);
}

Zeile 2646Zeile 2686
	elseif($mybb->settings['avatarresizing'] == "user")
{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");

	elseif($mybb->settings['avatarresizing'] == "user")
{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");

	}

	}


$avatarupload = '';
if($mybb->usergroup['canuploadavatars'] == 1)


$avatarupload = '';
if($mybb->usergroup['canuploadavatars'] == 1)

Zeile 2662Zeile 2702

$removeavatar = '';
if(!empty($mybb->user['avatar']))


$removeavatar = '';
if(!empty($mybb->user['avatar']))

	{

	{

		eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";");
}


		eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";");
}


Zeile 2678Zeile 2718
}

if($mybb->input['action'] == "acceptrequest")

}

if($mybb->input['action'] == "acceptrequest")

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

// Validate request
$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
$request = $db->fetch_array($query);

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

// Validate request
$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
$request = $db->fetch_array($query);

	if(empty($request))
{
error($lang->invalid_request);

	if(empty($request))
{
error($lang->invalid_request);

Zeile 2821Zeile 2861
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND uid='.(int)$mybb->user['uid']);
$request = $db->fetch_array($query);
if(empty($request))

	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND uid='.(int)$mybb->user['uid']);
$request = $db->fetch_array($query);
if(empty($request))

	{

	{

		error($lang->invalid_request);
}

		error($lang->invalid_request);
}





	$plugins->run_hooks("usercp_cancelrequest_start");

	$plugins->run_hooks("usercp_cancelrequest_start");





	$db->delete_query('buddyrequests', 'id='.(int)$request['id']);

$plugins->run_hooks("usercp_cancelrequest_end");

	$db->delete_query('buddyrequests', 'id='.(int)$request['id']);

$plugins->run_hooks("usercp_cancelrequest_end");

Zeile 2838Zeile 2878
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));





	$plugins->run_hooks("usercp_do_editlists_start");

$existing_users = array();

	$plugins->run_hooks("usercp_do_editlists_start");

$existing_users = array();

Zeile 2848Zeile 2888
		if($mybb->user['ignorelist'])
{
$existing_users = explode(",", $mybb->user['ignorelist']);

		if($mybb->user['ignorelist'])
{
$existing_users = explode(",", $mybb->user['ignorelist']);

		}


		}


		if($mybb->user['buddylist'])
{
// Create a list of buddies...

		if($mybb->user['buddylist'])
{
// Create a list of buddies...

			$selected_list = explode(",", $mybb->user['buddylist']);
}
}

			$selected_list = explode(",", $mybb->user['buddylist']);
}
}

	else
{
if($mybb->user['buddylist'])
{
$existing_users = explode(",", $mybb->user['buddylist']);

	else
{
if($mybb->user['buddylist'])
{
$existing_users = explode(",", $mybb->user['buddylist']);

		}

		}


if($mybb->user['ignorelist'])
{
// Create a list of ignored users
$selected_list = explode(",", $mybb->user['ignorelist']);


if($mybb->user['ignorelist'])
{
// Create a list of ignored users
$selected_list = explode(",", $mybb->user['ignorelist']);

		}
}


		}
}


	$error_message = "";
$message = "";

	$error_message = "";
$message = "";





	// Adding one or more users to this list
if($mybb->get_input('add_username'))
{

	// Adding one or more users to this list
if($mybb->get_input('add_username'))
{

Zeile 2885Zeile 2925
		foreach($users as $key => $username)
{
if(empty($username))

		foreach($users as $key => $username)
{
if(empty($username))

			{
unset($users[$key]);
continue;
}


			{
unset($users[$key]);
continue;
}


			if(my_strtoupper($mybb->user['username']) == my_strtoupper($username))
{
$adding_self = true;

			if(my_strtoupper($mybb->user['username']) == my_strtoupper($username))
{
$adding_self = true;

Zeile 2913Zeile 2953
		while($req = $db->fetch_array($query))
{
$requests_rec[$req['uid']] = true;

		while($req = $db->fetch_array($query))
{
$requests_rec[$req['uid']] = true;

		}

$sent = false;

		}

$sent = false;


// Fetch out new users
if(count($users) > 0)
{
switch($db->type)


// Fetch out new users
if(count($users) > 0)
{
switch($db->type)

			{

			{

				case 'mysql':
case 'mysqli':
$field = 'username';

				case 'mysql':
case 'mysqli':
$field = 'username';

Zeile 2939Zeile 2979
				if(in_array($user['uid'], $existing_users) || in_array($user['uid'], $selected_list))
{
if($mybb->get_input('manage') == "ignored")

				if(in_array($user['uid'], $existing_users) || in_array($user['uid'], $selected_list))
{
if($mybb->get_input('manage') == "ignored")

					{

					{

						$error_message = "ignore";
}
else
{
$error_message = "buddy";

						$error_message = "ignore";
}
else
{
$error_message = "buddy";

					}

					}


// On another list?
$string = "users_already_on_".$error_message."_list";


// On another list?
$string = "users_already_on_".$error_message."_list";

Zeile 2960Zeile 3000
				}

if(isset($requests[$user['uid']]))

				}

if(isset($requests[$user['uid']]))

				{
if($mybb->get_input('manage') != "ignored")
{

				{
if($mybb->get_input('manage') != "ignored")
{

						$error_message = $lang->users_already_sent_request;
}
elseif($mybb->get_input('manage') == "ignored")
{
$error_message = $lang->users_already_sent_request_alt;

						$error_message = $lang->users_already_sent_request;
}
elseif($mybb->get_input('manage') == "ignored")
{
$error_message = $lang->users_already_sent_request_alt;

					}

					}


array_pop($users); // To maintain a proper count when we call count($users)
continue;


array_pop($users); // To maintain a proper count when we call count($users)
continue;

Zeile 3009Zeile 3049
				{
// Send request
$id = $db->insert_query('buddyrequests', array('uid' => (int)$mybb->user['uid'], 'touid' => (int)$user['uid'], 'date' => TIME_NOW));

				{
// Send request
$id = $db->insert_query('buddyrequests', array('uid' => (int)$mybb->user['uid'], 'touid' => (int)$user['uid'], 'date' => TIME_NOW));





					$pm = array(
'subject' => 'buddyrequest_received',
'message' => 'buddyrequest_received_message',

					$pm = array(
'subject' => 'buddyrequest_received',
'message' => 'buddyrequest_received_message',

Zeile 3197Zeile 3237
			{
echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";
echo "\$(\"#buddylink\").remove();\n";

			{
echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";
echo "\$(\"#buddylink\").remove();\n";

				



				if($mybb->get_input('manage') == "ignored")
{
echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";

				if($mybb->get_input('manage') == "ignored")
{
echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";

Zeile 3326Zeile 3366

eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");



eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");


				echo $sentrequests;

 
				echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>";
}
else

				echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>";
}
else

Zeile 3338Zeile 3377
		exit;
}


		exit;
}


	$received_rows = '';

	$received_rows = $bgcolor = '';

	$query = $db->query("
SELECT r.*, u.username
FROM ".TABLE_PREFIX."buddyrequests r

	$query = $db->query("
SELECT r.*, u.username
FROM ".TABLE_PREFIX."buddyrequests r

Zeile 3360Zeile 3399

eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");



eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");


	$sent_rows = '';

	$sent_rows = $bgcolor = '';

	$query = $db->query("
SELECT r.*, u.username
FROM ".TABLE_PREFIX."buddyrequests r

	$query = $db->query("
SELECT r.*, u.username
FROM ".TABLE_PREFIX."buddyrequests r

Zeile 3407Zeile 3446
			LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid)
WHERE p.uid = '{$mybb->user['uid']}' AND p.visible = '-2'

			LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid)
WHERE p.uid = '{$mybb->user['uid']}' AND p.visible = '-2'

			ORDER BY p.dateline DESC

			ORDER BY p.dateline DESC, p.pid DESC

		");

while($draft = $db->fetch_array($query))

		");

while($draft = $db->fetch_array($query))

Zeile 3482Zeile 3521
		$tidin = implode(",", $tidin);
$db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'");
$tidinp = "OR tid IN ($tidin)";

		$tidin = implode(",", $tidin);
$db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'");
$tidinp = "OR tid IN ($tidin)";

 
	}
else
{
$tidinp = '';

	}
if($pidin || $tidinp)
{

	}
if($pidin || $tidinp)
{

Zeile 3496Zeile 3539
			$pidinq = "1=0";
}
$db->delete_query("posts", "($pidinq $tidinp) AND visible='-2' AND uid='".$mybb->user['uid']."'");

			$pidinq = "1=0";
}
$db->delete_query("posts", "($pidinq $tidinp) AND visible='-2' AND uid='".$mybb->user['uid']."'");

	}

	}

	$plugins->run_hooks("usercp_do_drafts_end");
redirect("usercp.php?action=drafts", $lang->selected_drafts_deleted);
}

	$plugins->run_hooks("usercp_do_drafts_end");
redirect("usercp.php?action=drafts", $lang->selected_drafts_deleted);
}

Zeile 3516Zeile 3559
		verify_post_check($mybb->get_input('my_post_key'));

if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)

		verify_post_check($mybb->get_input('my_post_key'));

if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)

		{

		{

			error($lang->not_member_of_group);
}


			error($lang->not_member_of_group);
}


Zeile 3536Zeile 3579
	if($mybb->get_input('leavegroup', MyBB::INPUT_INT))
{
// Verify incoming POST request

	if($mybb->get_input('leavegroup', MyBB::INPUT_INT))
{
// Verify incoming POST request

		verify_post_check($mybb->input['my_post_key']);

		verify_post_check($mybb->get_input('my_post_key'));


if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false)
{


if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false)
{

Zeile 3593Zeile 3636
		if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false)
{
error($lang->already_member_of_group);

		if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false)
{
error($lang->already_member_of_group);

		}

		}


$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");
$joinrequest = $db->fetch_array($query);


$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");
$joinrequest = $db->fetch_array($query);


if($joinrequest['rid'])
{


if(!empty($joinrequest['rid']))
{

			error($lang->already_sent_join_request);
}

			error($lang->already_sent_join_request);
}





		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
{
$reasonlength = my_strlen($mybb->get_input('reason'));

		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
{
$reasonlength = my_strlen($mybb->get_input('reason'));

			



			if($reasonlength > 250) // Reason field is varchar(250) in database
{
error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250)));

			if($reasonlength > 250) // Reason field is varchar(250) in database
{
error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250)));

Zeile 3745Zeile 3788
	$usergroup = $usergroups[$mybb->user['usergroup']];
$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);
$usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);

	$usergroup = $usergroups[$mybb->user['usergroup']];
$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);
$usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);

	$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);





	if($usergroup['description'])
{
$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);
eval("\$description = \"".$templates->get("usercp_usergroups_memberof_usergroup_description")."\";");
}

	eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";");
$trow = alt_trow();
if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])

	eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";");
$trow = alt_trow();
if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])

	{

	{

		eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";");

		eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";");

	}

	}

	elseif($usergroup['candisplaygroup'] == 1)

	elseif($usergroup['candisplaygroup'] == 1)

	{

	{

		eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");
}
else
{
$displaycode = '';

		eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");
}
else
{
$displaycode = '';

	}


	}


	eval("\$memberoflist = \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";");
$showmemberof = false;
if($mybb->user['additionalgroups'])

	eval("\$memberoflist = \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";");
$showmemberof = false;
if($mybb->user['additionalgroups'])

Zeile 3788Zeile 3835
			else
{
eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leave")."\";");

			else
{
eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leave")."\";");

			}

			}


$description = '';
$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);


$description = '';
$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);

Zeile 3802Zeile 3849
			if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])
{
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";");

			if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])
{
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";");

			}

			}

			elseif($usergroup['candisplaygroup'] == 1)
{
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");

			elseif($usergroup['candisplaygroup'] == 1)
{
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");

Zeile 3815Zeile 3862
		}
}
eval("\$membergroups = \"".$templates->get("usercp_usergroups_memberof")."\";");

		}
}
eval("\$membergroups = \"".$templates->get("usercp_usergroups_memberof")."\";");





	// List of groups this user has applied for but has not been accepted in to
$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'");
while($request = $db->fetch_array($query))

	// List of groups this user has applied for but has not been accepted in to
$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'");
while($request = $db->fetch_array($query))

Zeile 3921Zeile 3968
	if($mybb->settings['enableattachments'] == 0)
{
error($lang->attachments_disabled);

	if($mybb->settings['enableattachments'] == 0)
{
error($lang->attachments_disabled);

	}

$plugins->run_hooks("usercp_attachments_start");


	}

$plugins->run_hooks("usercp_attachments_start");


	// Get unviewable forums
$f_perm_sql = '';
$unviewable_forums = get_unviewable_forums(true);

	// Get unviewable forums
$f_perm_sql = '';
$unviewable_forums = get_unviewable_forums(true);

Zeile 3968Zeile 4015
		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}

		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}

		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}

		ORDER BY p.dateline DESC, p.pid DESC LIMIT {$start}, {$perpage}

	");

$bandwidth = $totaldownloads = $totalusage = $totalattachments = $processedattachments = 0;

	");

$bandwidth = $totaldownloads = $totalusage = $totalattachments = $processedattachments = 0;

Zeile 4005Zeile 4052
		++$processedattachments;
}


		++$processedattachments;
}


 
	$multipage = '';

	if($processedattachments >= $perpage || $page > 1)
{
$query = $db->query("

	if($processedattachments >= $perpage || $page > 1)
{
$query = $db->query("

Zeile 4036Zeile 4084
	}

$bandwidth = get_friendly_size($bandwidth);

	}

$bandwidth = get_friendly_size($bandwidth);

 

eval("\$delete_button = \"".$templates->get("delete_attachments_button")."\";");


if(!$attachments)
{
eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";");
$usagenote = '';


if(!$attachments)
{
eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";");
$usagenote = '';

 
		$delete_button = '';

	}

$plugins->run_hooks("usercp_attachments_end");

	}

$plugins->run_hooks("usercp_attachments_end");

Zeile 4131Zeile 4182
	if($posts == 0)
{
$percent = "0";

	if($posts == 0)
{
$percent = "0";

	}

	}

	else
{
$percent = $mybb->user['postnum']*100/$posts;

	else
{
$percent = $mybb->user['postnum']*100/$posts;

Zeile 4141Zeile 4192
	$colspan = 2;
$lang->posts_day = $lang->sprintf($lang->posts_day, my_number_format($perday), $percent);
$regdate = my_date('relative', $mybb->user['regdate']);

	$colspan = 2;
$lang->posts_day = $lang->sprintf($lang->posts_day, my_number_format($perday), $percent);
$regdate = my_date('relative', $mybb->user['regdate']);





	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
$avatar_username = htmlspecialchars_uni($mybb->user['username']);
eval("\$avatar = \"".$templates->get("usercp_currentavatar")."\";");

	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
$avatar_username = htmlspecialchars_uni($mybb->user['username']);
eval("\$avatar = \"".$templates->get("usercp_currentavatar")."\";");

 

$mybb->user['email'] = htmlspecialchars_uni($mybb->user['email']);


$usergroup = htmlspecialchars_uni($groupscache[$mybb->user['usergroup']]['title']);
if($mybb->user['usergroup'] == 5 && $mybb->settings['regtype'] != "admin")


$usergroup = htmlspecialchars_uni($groupscache[$mybb->user['usergroup']]['title']);
if($mybb->user['usergroup'] == 5 && $mybb->settings['regtype'] != "admin")

Zeile 4152Zeile 4205
		eval("\$usergroup .= \"".$templates->get("usercp_resendactivation")."\";");
}
// Make reputations row

		eval("\$usergroup .= \"".$templates->get("usercp_resendactivation")."\";");
}
// Make reputations row

	$reputations = '';

	$reputation = '';

	if($mybb->usergroup['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1)
{
$reputation_link = get_reputation($mybb->user['reputation']);

	if($mybb->usergroup['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1)
{
$reputation_link = get_reputation($mybb->user['reputation']);

Zeile 4261Zeile 4314
	$mybb->user['posts'] = my_number_format($mybb->user['postnum']);

// Build referral link

	$mybb->user['posts'] = my_number_format($mybb->user['postnum']);

// Build referral link

 
	$referral_info = '';

	if($mybb->settings['usereferrals'] == 1)
{
$referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);

	if($mybb->settings['usereferrals'] == 1)
{
$referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);

Zeile 4286Zeile 4340
	$query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1));
if($db->num_rows($query))
{

	$query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1));
if($db->num_rows($query))
{

		$visible = "AND t.visible != 0";
if(is_moderator() == true)











		$where = array(
"s.uid={$mybb->user['uid']}",
"t.lastposteruid!={$mybb->user['uid']}",
get_visible_where('t')
);

if($unviewable_forums = get_unviewable_forums(true))
{
$where[] = "t.fid NOT IN ({$unviewable_forums})";
}

if($inactive_forums = get_inactive_forums())

		{

		{

			$visible = '';

			$where[] = "t.fid NOT IN ({$inactive_forums})";

		}

		}

 

$where = implode(' AND ', $where);


$query = $db->query("
SELECT s.*, t.*, t.username AS threadusername, u.username
FROM ".TABLE_PREFIX."threadsubscriptions s
LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)


$query = $db->query("
SELECT s.*, t.*, t.username AS threadusername, u.username
FROM ".TABLE_PREFIX."threadsubscriptions s
LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

			WHERE s.uid='".$mybb->user['uid']."' {$visible}

			WHERE {$where}

			ORDER BY t.lastpost DESC
LIMIT 0, 10
");


			ORDER BY t.lastpost DESC
LIMIT 0, 10
");


 
		$subscriptions = array();

		$fpermissions = forum_permissions();

		$fpermissions = forum_permissions();

 


		while($subscription = $db->fetch_array($query))
{
$forumpermissions = $fpermissions[$subscription['fid']];

		while($subscription = $db->fetch_array($query))
{
$forumpermissions = $fpermissions[$subscription['fid']];

			if($forumpermissions['canview'] != 0 && $forumpermissions['canviewthreads'] != 0 && ($forumpermissions['canonlyviewownthreads'] == 0 || $subscription['uid'] == $mybb->user['uid']))



if(!isset($forumpermissions['canonlyviewownthreads']) || $forumpermissions['canonlyviewownthreads'] == 0 || $subscription['uid'] == $mybb->user['uid'])

			{
$subscriptions[$subscription['tid']] = $subscription;
}
}


			{
$subscriptions[$subscription['tid']] = $subscription;
}
}


		if(is_array($subscriptions))

		if($subscriptions)

		{
$tids = implode(",", array_keys($subscriptions));


		{
$tids = implode(",", array_keys($subscriptions));


Zeile 4341Zeile 4410
					while($post = $db->fetch_array($query))
{
$subscriptions[$post['tid']]['doticon'] = 1;

					while($post = $db->fetch_array($query))
{
$subscriptions[$post['tid']]['doticon'] = 1;

					}
}


					}
}


				$icon_cache = $cache->read("posticons");
$threadprefixes = build_prefixes();

				$icon_cache = $cache->read("posticons");
$threadprefixes = build_prefixes();

 
				$latest_subscribed_threads = '';


foreach($subscriptions as $thread)
{


foreach($subscriptions as $thread)
{

Zeile 4354Zeile 4424
					$folder_label = '';
$gotounread = '';


					$folder_label = '';
$gotounread = '';


					if($thread['tid'])

					if(!empty($thread['tid']))

					{
$bgcolor = alt_trow();
$thread['subject'] = $parser->parse_badwords($thread['subject']);

					{
$bgcolor = alt_trow();
$thread['subject'] = $parser->parse_badwords($thread['subject']);

Zeile 4386Zeile 4456
							$icon = "&nbsp;";
}


							$icon = "&nbsp;";
}


						if($thread['doticon'])

						if(!isset($thread['doticon']))

						{
$folder = "dot_";
$folder_label .= $lang->icon_dot;
}

// Check to see which icon we display

						{
$folder = "dot_";
$folder_label .= $lang->icon_dot;
}

// Check to see which icon we display

						if($thread['lastread'] && $thread['lastread'] < $thread['lastpost'])

						if(!empty($thread['lastread']) && $thread['lastread'] < $thread['lastpost'])

						{
$folder .= "new";
$folder_label .= $lang->icon_new;

						{
$folder .= "new";
$folder_label .= $lang->icon_new;

Zeile 4448Zeile 4518
	}

// User's Latest Threads

	}

// User's Latest Threads

 
	$where = array(
"t.uid={$mybb->user['uid']}",
get_visible_where('t')
);

if($unviewable_forums = get_unviewable_forums(true))
{
$where[] = "t.fid NOT IN ({$unviewable_forums})";
}

if($inactive_forums = get_inactive_forums())
{
$where[] = "t.fid NOT IN ({$inactive_forums})";
}

$where = implode(' AND ', $where);





	// Get unviewable forums
$f_perm_sql = '';
$unviewable_forums = get_unviewable_forums();
$inactiveforums = get_inactive_forums();
if($unviewable_forums)
{
$f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)";
}
if($inactiveforums)
{
$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";
}

$visible = " AND t.visible != 0";
if(is_moderator() == true)
{
$visible = '';
}


 
	$query = $db->query("
SELECT t.*, t.username AS threadusername, u.username
FROM ".TABLE_PREFIX."threads t
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

	$query = $db->query("
SELECT t.*, t.username AS threadusername, u.username
FROM ".TABLE_PREFIX."threads t
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

		WHERE t.uid='".$mybb->user['uid']."' AND t.firstpost != 0 AND t.visible >= 0 {$visible}{$f_perm_sql}

		WHERE {$where}

		ORDER BY t.lastpost DESC
LIMIT 0, 5
");

		ORDER BY t.lastpost DESC
LIMIT 0, 5
");





	// Figure out whether we can view these threads...
$threadcache = array();
$fpermissions = forum_permissions();
while($thread = $db->fetch_array($query))
{

	// Figure out whether we can view these threads...
$threadcache = array();
$fpermissions = forum_permissions();
while($thread = $db->fetch_array($query))
{

		// Moderated, and not moderator?
if($thread['visible'] == 0 && is_moderator($thread['fid'], "canviewunapprove") === false)
{
continue;
}

$forumpermissions = $fpermissions[$thread['fid']];
if($forumpermissions['canview'] != 0 || $forumpermissions['canviewthreads'] != 0)
{
$threadcache[$thread['tid']] = $thread;
}

		$threadcache[$thread['tid']] = $thread;











	}

$latest_threads = '';

	}

$latest_threads = '';

Zeile 4542Zeile 4599
		$latest_threads_threads = '';
foreach($threadcache as $thread)
{

		$latest_threads_threads = '';
foreach($threadcache as $thread)
{

			$plugins->run_hooks("usercp_latest_threads_thread"); 

			$plugins->run_hooks("usercp_latest_threads_thread");

			if($thread['tid'])
{
$bgcolor = alt_trow();

			if($thread['tid'])
{
$bgcolor = alt_trow();

Zeile 4604Zeile 4661
				$cutoff = 0;
if($thread['lastpost'] > $cutoff)
{

				$cutoff = 0;
if($thread['lastpost'] > $cutoff)
{

					if($thread['lastread'])

					if(!empty($thread['lastread']))

					{
$lastread = $thread['lastread'];
}

					{
$lastread = $thread['lastread'];
}

Zeile 4624Zeile 4681
				}

// Folder Icons

				}

// Folder Icons

				if($thread['doticon'])

				if(!empty($thread['doticon']))

				{
$folder = "dot_";
$folder_label .= $lang->icon_dot;

				{
$folder = "dot_";
$folder_label .= $lang->icon_dot;