| Zeile 581 | Zeile 581 |
|---|
{
require_once MYBB_ROOT . "inc/mailhandlers/php.php";
$my_mailhandler_builtin = new PhpMail();
|
{
require_once MYBB_ROOT . "inc/mailhandlers/php.php";
$my_mailhandler_builtin = new PhpMail();
|
if(!empty($mybb->settings['mail_parameters']))
| if(!empty($mybb->config['mail_parameters']))
|
{
|
{
|
$my_mailhandler_builtin->additional_parameters = $mybb->settings['mail_parameters'];
| $my_mailhandler_builtin->additional_parameters = $mybb->config['mail_parameters'];
|
}
}
}
|
}
}
}
|
$plugins->run_hooks('my_mailhandler_builtin_after_init', $my_mailhandler_builtin);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mailhandler_builtin_after_init', $my_mailhandler_builtin);
}
|
return $my_mailhandler_builtin;
}
|
return $my_mailhandler_builtin;
}
|
|
|
// If our mail handler doesn't exist, create it.
if(!is_object($my_mailhandler))
{
require_once MYBB_ROOT . "inc/class_mailhandler.php";
|
// If our mail handler doesn't exist, create it.
if(!is_object($my_mailhandler))
{
require_once MYBB_ROOT . "inc/class_mailhandler.php";
|
$plugins->run_hooks('my_mailhandler_init', $my_mailhandler);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mailhandler_init', $my_mailhandler);
}
|
// If no plugin has ever created the mail handler, resort to use the built-in one.
if(!is_object($my_mailhandler) || !($my_mailhandler instanceof MailHandler))
|
// If no plugin has ever created the mail handler, resort to use the built-in one.
if(!is_object($my_mailhandler) || !($my_mailhandler instanceof MailHandler))
|
| Zeile 663 | Zeile 669 |
|---|
'is_mail_sent' => &$is_mail_sent,
'continue_process' => &$continue_process,
);
|
'is_mail_sent' => &$is_mail_sent,
'continue_process' => &$continue_process,
);
|
$plugins->run_hooks('my_mail_pre_build_message', $my_mail_parameters);
|
if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mail_pre_build_message', $my_mail_parameters);
}
|
// Build the mail message.
$mail->build_message($to, $subject, $message, $from, $charset, $headers, $format, $message_text, $return_email);
|
// Build the mail message.
$mail->build_message($to, $subject, $message, $from, $charset, $headers, $format, $message_text, $return_email);
|
$plugins->run_hooks('my_mail_pre_send', $my_mail_parameters);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mail_pre_send', $my_mail_parameters);
}
|
// Check if the hooked plugins still suggest to send the mail.
if($continue_process)
|
// Check if the hooked plugins still suggest to send the mail.
if($continue_process)
|
{
| {
|
$is_mail_sent = $mail->send();
|
$is_mail_sent = $mail->send();
|
}
| }
|
|
|
$plugins->run_hooks('my_mail_post_send', $my_mail_parameters);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mail_post_send', $my_mail_parameters);
}
|
return $is_mail_sent;
}
|
return $is_mail_sent;
}
|
| Zeile 856 | Zeile 871 |
|---|
{
$forum_cache = cache_forums();
foreach($forum_cache as $forum)
|
{
$forum_cache = cache_forums();
foreach($forum_cache as $forum)
|
{
| {
|
if($forum['active'] != 0)
{
$forums_by_parent[$forum['pid']][$forum['fid']] = $forum;
| if($forum['active'] != 0)
{
$forums_by_parent[$forum['pid']][$forum['fid']] = $forum;
|
| Zeile 905 | Zeile 920 |
|---|
// Send our headers.
@header("Content-type: application/json; charset={$lang->settings['charset']}");
echo json_encode(array("errors" => array($error)));
|
// Send our headers.
@header("Content-type: application/json; charset={$lang->settings['charset']}");
echo json_encode(array("errors" => array($error)));
|
exit;
}
| exit;
}
|
if(!$title)
{
$title = $mybb->settings['bbname'];
}
|
if(!$title)
{
$title = $mybb->settings['bbname'];
}
|
|
|
$timenow = my_date('relative', TIME_NOW);
reset_breadcrumb();
add_breadcrumb($lang->error);
|
$timenow = my_date('relative', TIME_NOW);
reset_breadcrumb();
add_breadcrumb($lang->error);
|
|
|
eval("\$errorpage = \"".$templates->get("error")."\";");
output_page($errorpage);
exit;
|
eval("\$errorpage = \"".$templates->get("error")."\";");
output_page($errorpage);
exit;
|
}
| }
|
/**
* Produce an error message for displaying inline on a page
*
| /**
* Produce an error message for displaying inline on a page
*
|
| Zeile 938 | Zeile 953 |
|---|
if(!$title)
{
$title = $lang->please_correct_errors;
|
if(!$title)
{
$title = $lang->please_correct_errors;
|
}
| }
|
if(!is_array($errors))
{
$errors = array($errors);
| if(!is_array($errors))
{
$errors = array($errors);
|
| Zeile 988 | Zeile 1003 |
|---|
"nopermission" => '1',
"location1" => 0,
"location2" => 0
|
"nopermission" => '1',
"location1" => 0,
"location2" => 0
|
);
| );
|
$db->update_query("sessions", $noperm_array, "sid='{$session->sid}'");
|
$db->update_query("sessions", $noperm_array, "sid='{$session->sid}'");
|
| Zeile 1248 | Zeile 1263 |
|---|
// When the second parameter is set to 1, fetch_page_url thinks it's the first page and removes it from the URL as it's unnecessary
$jump_url = fetch_page_url($url, 1);
eval("\$jumptopage = \"".$templates->get("multipage_jump_page")."\";");
|
// When the second parameter is set to 1, fetch_page_url thinks it's the first page and removes it from the URL as it's unnecessary
$jump_url = fetch_page_url($url, 1);
eval("\$jumptopage = \"".$templates->get("multipage_jump_page")."\";");
|
}
$multipage_pages = $lang->sprintf($lang->multipage_pages, $pages);
| }
$multipage_pages = $lang->sprintf($lang->multipage_pages, $pages);
|
if($breadcrumb == true)
{
eval("\$multipage = \"".$templates->get("multipage_breadcrumb")."\";");
| if($breadcrumb == true)
{
eval("\$multipage = \"".$templates->get("multipage_breadcrumb")."\";");
|
| Zeile 1515 | Zeile 1530 |
|---|
{
$usergroup[$perm] = $access;
}
|
{
$usergroup[$perm] = $access;
}
|
}
| }
|
}
// No switch controls this permission, or permission needs an update.
| }
// No switch controls this permission, or permission needs an update.
|
| Zeile 1578 | Zeile 1593 |
|---|
if(!is_array($groupscache))
{
$groupscache = $cache->read("usergroups");
|
if(!is_array($groupscache))
{
$groupscache = $cache->read("usergroups");
|
}
| }
|
$displaygroup = array();
$group = $groupscache[$gid];
|
$displaygroup = array();
$group = $groupscache[$gid];
|
| Zeile 1643 | Zeile 1658 |
|---|
if(!is_array($fpermcache))
{
$fpermcache = $cache->read("forumpermissions");
|
if(!is_array($fpermcache))
{
$fpermcache = $cache->read("forumpermissions");
|
}
if($fid) // Fetch the permissions for a single forum
{
| }
if($fid) // Fetch the permissions for a single forum
{
|
if(empty($cached_forum_permissions_permissions[$gid][$fid]))
{
$cached_forum_permissions_permissions[$gid][$fid] = fetch_forum_permissions($fid, $gid, $groupperms);
| if(empty($cached_forum_permissions_permissions[$gid][$fid]))
{
$cached_forum_permissions_permissions[$gid][$fid] = fetch_forum_permissions($fid, $gid, $groupperms);
|
| Zeile 1654 | Zeile 1669 |
|---|
return $cached_forum_permissions_permissions[$gid][$fid];
}
else
|
return $cached_forum_permissions_permissions[$gid][$fid];
}
else
|
{
| {
|
if(empty($cached_forum_permissions[$gid]))
{
foreach($forum_cache as $forum)
| if(empty($cached_forum_permissions[$gid]))
{
foreach($forum_cache as $forum)
|
| Zeile 1680 | Zeile 1695 |
|---|
global $groupscache, $forum_cache, $fpermcache, $mybb, $fpermfields;
$groups = explode(",", $gid);
|
global $groupscache, $forum_cache, $fpermcache, $mybb, $fpermfields;
$groups = explode(",", $gid);
|
if(empty($fpermcache[$fid])) // This forum has no custom or inherited permissions so lets just return the group permissions
{
return $groupperms;
}
| |
$current_permissions = array();
$only_view_own_threads = 1;
$only_reply_own_threads = 1;
|
$current_permissions = array();
$only_view_own_threads = 1;
$only_reply_own_threads = 1;
|
foreach($groups as $gid)
|
if(empty($fpermcache[$fid])) // This forum has no custom or inherited permissions so lets just return the group permissions
{
$current_permissions = $groupperms;
}
else
|
{
|
{
|
if(!empty($groupscache[$gid]))
| foreach($groups as $gid)
|
{
|
{
|
// If our permissions arn't inherited we need to figure them out
if(empty($fpermcache[$fid][$gid]))
{
$parents = explode(',', $forum_cache[$fid]['parentlist']);
rsort($parents);
if(!empty($parents))
{
foreach($parents as $parent_id)
{
if(!empty($fpermcache[$parent_id][$gid]))
{
$level_permissions = $fpermcache[$parent_id][$gid];
break;
}
}
}
}
else
{
| // If this forum has custom or inherited permissions for the currently looped group.
if(!empty($fpermcache[$fid][$gid]))
{
|
$level_permissions = $fpermcache[$fid][$gid];
}
|
$level_permissions = $fpermcache[$fid][$gid];
}
|
// If we STILL don't have forum permissions we use the usergroup itself
if(empty($level_permissions))
| // Or, use the group permission instead, if available. Some forum permissions not existing here will be added back later.
else if(!empty($groupscache[$gid]))
|
{
$level_permissions = $groupscache[$gid];
|
{
$level_permissions = $groupscache[$gid];
|
}
| }
// No permission is available for the currently looped group, probably we have bad data here.
else
{
continue;
}
|
foreach($level_permissions as $permission => $access)
{
if(empty($current_permissions[$permission]) || $access >= $current_permissions[$permission] || ($access == "yes" && $current_permissions[$permission] == "no"))
| foreach($level_permissions as $permission => $access)
{
if(empty($current_permissions[$permission]) || $access >= $current_permissions[$permission] || ($access == "yes" && $current_permissions[$permission] == "no"))
|
| Zeile 1731 | Zeile 1733 |
|---|
}
if($level_permissions["canview"] && empty($level_permissions["canonlyviewownthreads"]))
|
}
if($level_permissions["canview"] && empty($level_permissions["canonlyviewownthreads"]))
|
{
| {
|
$only_view_own_threads = 0;
|
$only_view_own_threads = 0;
|
}
| }
|
if($level_permissions["canpostreplys"] && empty($level_permissions["canonlyreplyownthreads"]))
{
$only_reply_own_threads = 0;
}
}
|
if($level_permissions["canpostreplys"] && empty($level_permissions["canonlyreplyownthreads"]))
{
$only_reply_own_threads = 0;
}
}
|
}
|
if(count($current_permissions) == 0)
{
$current_permissions = $groupperms;
}
}
|
// Figure out if we can view more than our own threads
|
// Figure out if we can view more than our own threads
|
if($only_view_own_threads == 0)
{
| if($only_view_own_threads == 0 || !isset($current_permissions["canonlyviewownthreads"]))
{
|
$current_permissions["canonlyviewownthreads"] = 0;
|
$current_permissions["canonlyviewownthreads"] = 0;
|
}
| }
|
// Figure out if we can reply more than our own threads
|
// Figure out if we can reply more than our own threads
|
if($only_reply_own_threads == 0)
| if($only_reply_own_threads == 0 || !isset($current_permissions["canonlyreplyownthreads"]))
|
{
$current_permissions["canonlyreplyownthreads"] = 0;
|
{
$current_permissions["canonlyreplyownthreads"] = 0;
|
}
| }
|
|
|
if(count($current_permissions) == 0)
{
$current_permissions = $groupperms;
}
| |
return $current_permissions;
}
| return $current_permissions;
}
|
| Zeile 1888 | Zeile 1891 |
|---|
}
if($showform)
|
}
if($showform)
|
{
if($pid)
| {
if($pid)
|
{
header("Location: ".$mybb->settings['bburl']."/".get_forum_link($fid));
|
{
header("Location: ".$mybb->settings['bburl']."/".get_forum_link($fid));
|
}
| }
|
else
{
$_SERVER['REQUEST_URI'] = htmlspecialchars_uni($_SERVER['REQUEST_URI']);
| else
{
$_SERVER['REQUEST_URI'] = htmlspecialchars_uni($_SERVER['REQUEST_URI']);
|
| Zeile 1902 | Zeile 1905 |
|---|
exit;
}
}
|
exit;
}
}
|
|
|
/**
* Return the permissions for a moderator in a specific forum
*
| /**
* Return the permissions for a moderator in a specific forum
*
|
| Zeile 1929 | Zeile 1932 |
|---|
if(isset($modpermscache[$fid][$uid]))
{
return $modpermscache[$fid][$uid];
|
if(isset($modpermscache[$fid][$uid]))
{
return $modpermscache[$fid][$uid];
|
}
| }
|
if(!$parentslist)
{
$parentslist = explode(',', get_parent_list($fid));
| if(!$parentslist)
{
$parentslist = explode(',', get_parent_list($fid));
|
| Zeile 1966 | Zeile 1969 |
|---|
if(!empty($forum['users'][$uid]))
{
$perm = $forum['users'][$uid];
|
if(!empty($forum['users'][$uid]))
{
$perm = $forum['users'][$uid];
|
foreach($perm as $action => $value)
{
if(strpos($action, "can") === false)
{
continue;
}
// Figure out the user permissions
if($value == 0)
| foreach($perm as $action => $value)
{
if(strpos($action, "can") === false)
{
continue;
}
if(!isset($perms[$action]))
{
$perms[$action] = $value;
}
// Figure out the user permissions
else if($value == 0)
|
{
// The user doesn't have permission to set this action
$perms[$action] = 0;
|
{
// The user doesn't have permission to set this action
$perms[$action] = 0;
|
}
| }
|
else
{
$perms[$action] = max($perm[$action], $perms[$action]);
}
|
else
{
$perms[$action] = max($perm[$action], $perms[$action]);
}
|
}
}
| }
}
|
foreach($groups as $group)
{
if(empty($forum['usergroups'][$group]) || !is_array($forum['usergroups'][$group]))
|
foreach($groups as $group)
{
if(empty($forum['usergroups'][$group]) || !is_array($forum['usergroups'][$group]))
|
{
| {
|
// There are no permissions set for this group
continue;
|
// There are no permissions set for this group
continue;
|
}
| }
|
$perm = $forum['usergroups'][$group];
foreach($perm as $action => $value)
|
$perm = $forum['usergroups'][$group];
foreach($perm as $action => $value)
|
| Zeile 2000 | Zeile 2007 |
|---|
if(strpos($action, "can") === false)
{
continue;
|
if(strpos($action, "can") === false)
{
continue;
|
}
$perms[$action] = max($perm[$action], $perms[$action]);
}
}
}
| }
if(!isset($perms[$action]))
{
$perms[$action] = $value;
}
else
{
$perms[$action] = max($perm[$action], $perms[$action]);
}
}
}
}
|
$modpermscache[$fid][$uid] = $perms;
|
$modpermscache[$fid][$uid] = $perms;
|
| Zeile 2333 | Zeile 2347 |
|---|
return false;
}
|
return false;
}
|
$cookie = my_unserialize($mybb->cookies['mybb'][$name]);
| $cookie = my_unserialize($mybb->cookies['mybb'][$name], false);
|
if(is_array($cookie) && isset($cookie[$id]))
{
|
if(is_array($cookie) && isset($cookie[$id]))
{
|
| Zeile 2359 | Zeile 2373 |
|---|
if(isset($mybb->cookies['mybb'][$name]))
{
|
if(isset($mybb->cookies['mybb'][$name]))
{
|
$newcookie = my_unserialize($mybb->cookies['mybb'][$name]);
| $newcookie = my_unserialize($mybb->cookies['mybb'][$name], false);
|
}
else
{
| }
else
{
|
| Zeile 2369 | Zeile 2383 |
|---|
$newcookie[$id] = $value;
$newcookie = my_serialize($newcookie);
my_setcookie("mybb[$name]", addslashes($newcookie), $expires);
|
$newcookie[$id] = $value;
$newcookie = my_serialize($newcookie);
my_setcookie("mybb[$name]", addslashes($newcookie), $expires);
|
| |
if(isset($mybb->cookies['mybb']) && !is_array($mybb->cookies['mybb']))
{
$mybb->cookies['mybb'] = array();
}
|
// Make sure our current viarables are up-to-date as well
$mybb->cookies['mybb'][$name] = $newcookie;
|
// Make sure our current viarables are up-to-date as well
$mybb->cookies['mybb'][$name] = $newcookie;
|
| Zeile 2388 | Zeile 2407 |
|---|
* - does not unserialize objects
*
* @param string $str
|
* - does not unserialize objects
*
* @param string $str
|
| | * @param bool $unlimited Whether to apply limits defined in MAX_SERIALIZED_* constants
|
* @return mixed
* @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects)
*/
|
* @return mixed
* @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects)
*/
|
function _safe_unserialize($str)
| function _safe_unserialize($str, $unlimited = true)
|
{
|
{
|
if(strlen($str) > MAX_SERIALIZED_INPUT_LENGTH)
| if(!$unlimited && strlen($str) > MAX_SERIALIZED_INPUT_LENGTH)
|
{
// input exceeds MAX_SERIALIZED_INPUT_LENGTH
return false;
| {
// input exceeds MAX_SERIALIZED_INPUT_LENGTH
return false;
|
| Zeile 2403 | Zeile 2423 |
|---|
{
return false;
}
|
{
return false;
}
|
|
|
$stack = $list = $expected = array();
/*
| $stack = $list = $expected = array();
/*
|
| Zeile 2426 | Zeile 2446 |
|---|
{
$value = null;
$str = substr($str, 2);
|
{
$value = null;
$str = substr($str, 2);
|
}
| }
|
else if($type == 'b' && preg_match('/^b:([01]);/', $str, $matches))
{
$value = $matches[1] == '1' ? true : false;
| else if($type == 'b' && preg_match('/^b:([01]);/', $str, $matches))
{
$value = $matches[1] == '1' ? true : false;
|
| Zeile 2447 | Zeile 2467 |
|---|
$value = substr($matches[2], 0, (int)$matches[1]);
$str = substr($matches[2], (int)$matches[1] + 2);
}
|
$value = substr($matches[2], 0, (int)$matches[1]);
$str = substr($matches[2], (int)$matches[1] + 2);
}
|
else if($type == 'a' && preg_match('/^a:([0-9]+):{(.*)/s', $str, $matches) && $matches[1] < MAX_SERIALIZED_ARRAY_LENGTH)
| else if(
$type == 'a' &&
preg_match('/^a:([0-9]+):{(.*)/s', $str, $matches) &&
($unlimited || $matches[1] < MAX_SERIALIZED_ARRAY_LENGTH)
)
|
{
$expectedLength = (int)$matches[1];
$str = $matches[2];
| {
$expectedLength = (int)$matches[1];
$str = $matches[2];
|
| Zeile 2461 | Zeile 2485 |
|---|
switch($state)
{
case 3: // in array, expecting value or another array
|
switch($state)
{
case 3: // in array, expecting value or another array
|
if($type == 'a')
{
if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
{
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
}
| if($type == 'a')
{
if(!$unlimited && count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
{
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
}
|
$stack[] = &$list;
$list[$key] = array();
$list = &$list[$key];
$expected[] = $expectedLength;
|
$stack[] = &$list;
$list[$key] = array();
$list = &$list[$key];
$expected[] = $expectedLength;
|
$state = 2;
| $state = 2;
|
break;
}
if($type != '}')
{
$list[$key] = $value;
$state = 2;
|
break;
}
if($type != '}')
{
$list[$key] = $value;
$state = 2;
|
break;
}
| break;
}
|
// missing array value
return false;
| // missing array value
return false;
|
| Zeile 2508 | Zeile 2532 |
|---|
}
if($type == 'i' || $type == 's')
{
|
}
if($type == 'i' || $type == 's')
{
|
if(count($list) >= MAX_SERIALIZED_ARRAY_LENGTH)
| if(!$unlimited && count($list) >= MAX_SERIALIZED_ARRAY_LENGTH)
|
{
// array size exceeds MAX_SERIALIZED_ARRAY_LENGTH
|
{
// array size exceeds MAX_SERIALIZED_ARRAY_LENGTH
|
return false;
| return false;
|
}
if(count($list) >= end($expected))
{
// array size exceeds expected length
return false;
}
|
}
if(count($list) >= end($expected))
{
// array size exceeds expected length
return false;
}
|
|
|
$key = $value;
$state = 3;
break;
}
// illegal array index type
|
$key = $value;
$state = 3;
break;
}
// illegal array index type
|
return false;
| return false;
|
case 0: // expecting array or value
if($type == 'a')
{
|
case 0: // expecting array or value
if($type == 'a')
{
|
if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
| if(!$unlimited && count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
|
{
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
| {
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
|
| Zeile 2540 | Zeile 2564 |
|---|
$list = &$data;
$expected[] = $expectedLength;
$state = 2;
|
$list = &$data;
$expected[] = $expectedLength;
$state = 2;
|
break;
}
| break;
}
|
if($type != '}')
{
$data = $value;
$state = 1;
break;
}
|
if($type != '}')
{
$data = $value;
$state = 1;
break;
}
|
|
|
// not in array
return false;
}
}
if(!empty($str))
|
// not in array
return false;
}
}
if(!empty($str))
|
{
| {
|
// trailing data in input
return false;
|
// trailing data in input
return false;
|
}
| }
|
return $data;
}
/**
|
return $data;
}
/**
|
* Credits go to https://github.com/piwik
* Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue
| * Credits go to https://github.com/piwik
* Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue
*
* @param string $str
* @param bool $unlimited
* @return mixed
*/
function my_unserialize($str, $unlimited = true)
{
// Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()
if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
{
$mbIntEnc = mb_internal_encoding();
mb_internal_encoding('ASCII');
}
$out = _safe_unserialize($str, $unlimited);
if(isset($mbIntEnc))
{
mb_internal_encoding($mbIntEnc);
}
return $out;
}
/**
* Unserializes data using PHP's `unserialize()`, and its safety options if possible.
* This function should only be used for values from trusted sources.
|
*
* @param string $str
* @return mixed
*/
|
*
* @param string $str
* @return mixed
*/
|
function my_unserialize($str)
| function native_unserialize($str)
|
{
|
{
|
// Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()
if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
{
$mbIntEnc = mb_internal_encoding();
mb_internal_encoding('ASCII');
}
$out = _safe_unserialize($str);
if(isset($mbIntEnc))
| if(version_compare(PHP_VERSION, '7.0.0', '>='))
|
{
|
{
|
mb_internal_encoding($mbIntEnc);
| return unserialize($str, array('allowed_classes' => false));
}
else
{
return unserialize($str);
|
}
|
}
|
return $out;
| |
}
/**
| }
/**
|
| Zeile 3777 | Zeile 3821 |
|---|
if($mybb->settings['allowsizemycode'] == 1)
{
$size = "size,";
|
if($mybb->settings['allowsizemycode'] == 1)
{
$size = "size,";
|
}
| }
|
if($mybb->settings['allowcolormycode'] == 1)
{
$color = "color,";
| if($mybb->settings['allowcolormycode'] == 1)
{
$color = "color,";
|
| Zeile 6026 | Zeile 6070 |
|---|
LIMIT 1"
);
$lastpost = $db->fetch_array($query);
|
LIMIT 1"
);
$lastpost = $db->fetch_array($query);
|
| |
if(!$lastpost)
{
return false;
}
|
if(empty($lastpost['username']))
{
|
if(empty($lastpost['username']))
{
|
| Zeile 6702 | Zeile 6751 |
|---|
if(isset($thread_cache[$tid]) && !$recache)
{
return $thread_cache[$tid];
|
if(isset($thread_cache[$tid]) && !$recache)
{
return $thread_cache[$tid];
|
}
else
| }
else
|
{
$query = $db->simple_select("threads", "*", "tid = '{$tid}'");
$thread = $db->fetch_array($query);
| {
$query = $db->simple_select("threads", "*", "tid = '{$tid}'");
$thread = $db->fetch_array($query);
|
| Zeile 6771 | Zeile 6820 |
|---|
}
$inactive = array();
|
}
$inactive = array();
|
|
|
foreach($forum_cache as $fid => $forum)
{
if($forum['active'] == 0)
| foreach($forum_cache as $fid => $forum)
{
if($forum['active'] == 0)
|
| Zeile 6784 | Zeile 6833 |
|---|
$inactive[] = $fid1;
}
}
|
$inactive[] = $fid1;
}
}
|
}
}
| }
}
|
$inactiveforums = implode(",", $inactive);
|
$inactiveforums = implode(",", $inactive);
|
| Zeile 6813 | Zeile 6862 |
|---|
$attempts = $db->fetch_array($query);
if($attempts['loginattempts'] <= 0)
|
$attempts = $db->fetch_array($query);
if($attempts['loginattempts'] <= 0)
|
{
return 0;
}
}
| {
return 0;
}
}
|
// This user has a cookie lockout, show waiting time
elseif(!empty($mybb->cookies['lockoutexpiry']) && $mybb->cookies['lockoutexpiry'] > $now)
{
| // This user has a cookie lockout, show waiting time
elseif(!empty($mybb->cookies['lockoutexpiry']) && $mybb->cookies['lockoutexpiry'] > $now)
{
|
| Zeile 6826 | Zeile 6875 |
|---|
$hoursleft = floor($secsleft / 3600);
$minsleft = floor(($secsleft / 60) % 60);
$secsleft = floor($secsleft % 60);
|
$hoursleft = floor($secsleft / 3600);
$minsleft = floor(($secsleft / 60) % 60);
$secsleft = floor($secsleft % 60);
|
|
|
error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft));
}
return false;
|
error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft));
}
return false;
|
}
| }
|
if($mybb->settings['failedlogincount'] > 0 && isset($attempts['loginattempts']) && $attempts['loginattempts'] >= $mybb->settings['failedlogincount'])
{
|
if($mybb->settings['failedlogincount'] > 0 && isset($attempts['loginattempts']) && $attempts['loginattempts'] >= $mybb->settings['failedlogincount'])
{
|
| Zeile 6930 | Zeile 6979 |
|---|
$query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");
if($db->fetch_field($query, "emails") > 0)
|
$query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");
if($db->fetch_field($query, "emails") > 0)
|
{
return true;
}
return false;
}
/**
| {
return true;
}
return false;
}
/**
|
* Rebuilds settings.php
*
*/
function rebuild_settings()
{
global $db, $mybb;
|
* Rebuilds settings.php
*
*/
function rebuild_settings()
{
global $db, $mybb;
|
|
|
$query = $db->simple_select("settings", "value, name", "", array(
'order_by' => 'title',
'order_dir' => 'ASC',
| $query = $db->simple_select("settings", "value, name", "", array(
'order_by' => 'title',
'order_dir' => 'ASC',
|
| Zeile 6954 | Zeile 7003 |
|---|
while($setting = $db->fetch_array($query))
{
$mybb->settings[$setting['name']] = $setting['value'];
|
while($setting = $db->fetch_array($query))
{
$mybb->settings[$setting['name']] = $setting['value'];
|
|
|
$setting['name'] = addcslashes($setting['name'], "\\'");
$setting['value'] = addcslashes($setting['value'], '\\"$');
$settings .= "\$settings['{$setting['name']}'] = \"{$setting['value']}\";\n";
| $setting['name'] = addcslashes($setting['name'], "\\'");
$setting['value'] = addcslashes($setting['value'], '\\"$');
$settings .= "\$settings['{$setting['name']}'] = \"{$setting['value']}\";\n";
|
| Zeile 7068 | Zeile 7117 |
|---|
// Special boolean operators should be stripped
if($word == "" || $word == "or" || $word == "not" || $word == "and")
|
// Special boolean operators should be stripped
if($word == "" || $word == "or" || $word == "not" || $word == "and")
|
{
continue;
| {
continue;
|
}
// Now make PREG compatible
|
}
// Now make PREG compatible
|
$find = "#(?!<.*?)(".preg_quote($word, "#").")(?![^<>]*?>)#ui";
$replacement = "<span class=\"highlight\" style=\"padding-left: 0px; padding-right: 0px;\">$1</span>";
| $find = "/(?<!&|&#)\b([[:alnum:]]*)(".preg_quote($word, "/").")(?![^<>]*?>)/ui";
$replacement = "$1<span class=\"highlight\" style=\"padding-left: 0px; padding-right: 0px;\">$2</span>";
|
$highlight_cache[$find] = $replacement;
}
| $highlight_cache[$find] = $replacement;
}
|
| Zeile 7137 | Zeile 7186 |
|---|
}
return $dest;
|
}
return $dest;
|
}
| }
|
/**
* Checks if a username has been disallowed for registration/use.
|
/**
* Checks if a username has been disallowed for registration/use.
|
| Zeile 7187 | Zeile 7236 |
|---|
$cache->update_bannedemails();
$banned_cache = $cache->read("bannedemails");
}
|
$cache->update_bannedemails();
$banned_cache = $cache->read("bannedemails");
}
|
|
|
if(is_array($banned_cache) && !empty($banned_cache))
{
foreach($banned_cache as $banned_email)
| if(is_array($banned_cache) && !empty($banned_cache))
{
foreach($banned_cache as $banned_email)
|
| Zeile 7203 | Zeile 7252 |
|---|
$db->update_query("banfilters", array("lastuse" => TIME_NOW), "fid='{$banned_email['fid']}'");
}
return true;
|
$db->update_query("banfilters", array("lastuse" => TIME_NOW), "fid='{$banned_email['fid']}'");
}
return true;
|
}
| }
|
}
}
| }
}
|
| Zeile 7466 | Zeile 7515 |
|---|
{
$curlopt[CURLOPT_SSL_VERIFYPEER] = 1;
$curlopt[CURLOPT_CAINFO] = $ca_bundle_path;
|
{
$curlopt[CURLOPT_SSL_VERIFYPEER] = 1;
$curlopt[CURLOPT_CAINFO] = $ca_bundle_path;
|
}
| }
|
else
{
$curlopt[CURLOPT_SSL_VERIFYPEER] = 0;
| else
{
$curlopt[CURLOPT_SSL_VERIFYPEER] = 0;
|
| Zeile 7861 | Zeile 7910 |
|---|
}
if(strpos($ip, ".*") === false)
|
}
if(strpos($ip, ".*") === false)
|
{
| {
|
$ip = str_replace("*", "", $ip);
if(count($ip_bits) == 4)
{
| $ip = str_replace("*", "", $ip);
if(count($ip_bits) == 4)
{
|
| Zeile 7891 | Zeile 7940 |
|---|
$sep = ".";
}
return array(ip2long($ip_string1), ip2long($ip_string2));
|
$sep = ".";
}
return array(ip2long($ip_string1), ip2long($ip_string2));
|
}
}
| }
}
|
/**
* Fetch a list of ban times for a user account.
*
| /**
* Fetch a list of ban times for a user account.
*
|
| Zeile 7925 | Zeile 7974 |
|---|
);
$ban_times = $plugins->run_hooks("functions_fetch_ban_times", $ban_times);
|
);
$ban_times = $plugins->run_hooks("functions_fetch_ban_times", $ban_times);
|
|
|
$ban_times['---'] = $lang->permanent;
return $ban_times;
}
| $ban_times['---'] = $lang->permanent;
return $ban_times;
}
|
| Zeile 7942 | Zeile 7991 |
|---|
if($stamp == 0)
{
$stamp = TIME_NOW;
|
if($stamp == 0)
{
$stamp = TIME_NOW;
|
}
| }
|
$d = explode('-', $date);
$nowdate = date("H-j-n-Y", $stamp);
$n = explode('-', $nowdate);
| $d = explode('-', $date);
$nowdate = date("H-j-n-Y", $stamp);
$n = explode('-', $nowdate);
|
| Zeile 7958 | Zeile 8007 |
|---|
* @return bool
*/
function expire_warnings()
|
* @return bool
*/
function expire_warnings()
|
{
| {
|
global $warningshandler;
if(!is_object($warningshandler))
| global $warningshandler;
if(!is_object($warningshandler))
|
| Zeile 7991 | Zeile 8040 |
|---|
$result = chmod($file, octdec($mode));
umask($old_umask);
return $result;
|
$result = chmod($file, octdec($mode));
umask($old_umask);
return $result;
|
}
| }
|
/**
* Custom rmdir function to loop through an entire directory and delete all files/folders within
*
| /**
* Custom rmdir function to loop through an entire directory and delete all files/folders within
*
|
| Zeile 8025 | Zeile 8074 |
|---|
// Are we done? Don't delete the main folder too and return true
if($path == $orig_dir)
|
// Are we done? Don't delete the main folder too and return true
if($path == $orig_dir)
|
{
| {
|
return true;
}
|
return true;
}
|
|
|
return @rmdir($path);
}
| return @rmdir($path);
}
|
| Zeile 8042 | Zeile 8091 |
|---|
* @return integer The number of sub forums
*/
function subforums_count($array=array())
|
* @return integer The number of sub forums
*/
function subforums_count($array=array())
|
{
| {
|
$count = 0;
foreach($array as $array2)
{
$count += count($array2);
}
|
$count = 0;
foreach($array as $array2)
{
$count += count($array2);
}
|
|
|
return $count;
}
| return $count;
}
|
| Zeile 8056 | Zeile 8105 |
|---|
* DEPRECATED! Please use IPv6 compatible my_inet_pton!
* Fix for PHP's ip2long to guarantee a 32-bit signed integer value is produced (this is aimed
* at 64-bit versions of PHP)
|
* DEPRECATED! Please use IPv6 compatible my_inet_pton!
* Fix for PHP's ip2long to guarantee a 32-bit signed integer value is produced (this is aimed
* at 64-bit versions of PHP)
|
*
* @deprecated
* @param string $ip The IP to convert
| *
* @deprecated
* @param string $ip The IP to convert
|
* @return integer IP in 32-bit signed format
*/
function my_ip2long($ip)
| * @return integer IP in 32-bit signed format
*/
function my_ip2long($ip)
|
| Zeile 8124 | Zeile 8173 |
|---|
* @license LGPL - http://www.gnu.org/licenses/lgpl.html
* @copyright 2004-2007 Aidan Lister <aidan@php.net>, Arpad Ray <arpad@php.net>
* @link http://php.net/inet_pton
|
* @license LGPL - http://www.gnu.org/licenses/lgpl.html
* @copyright 2004-2007 Aidan Lister <aidan@php.net>, Arpad Ray <arpad@php.net>
* @link http://php.net/inet_pton
|
* @author Arpad Ray <arpad@php.net>
| * @author Arpad Ray <arpad@php.net>
|
* @version $Revision: 269597 $
*/
$r = ip2long($ip);
| * @version $Revision: 269597 $
*/
$r = ip2long($ip);
|
| Zeile 8255 | Zeile 8304 |
|---|
{
// Invalid IP address
return false;
|
{
// Invalid IP address
return false;
|
}
}
| }
}
|
/**
* Taken from: https://github.com/NewEraCracker/php_work/blob/master/ipRangeCalculate.php
|
/**
* Taken from: https://github.com/NewEraCracker/php_work/blob/master/ipRangeCalculate.php
|
| Zeile 8516 | Zeile 8565 |
|---|
if ($crypto_strong == false)
{
$output = null;
|
if ($crypto_strong == false)
{
$output = null;
|
}
}
}
}
| }
}
}
}
|
else
{
return $output;
| else
{
return $output;
|
| Zeile 8548 | Zeile 8597 |
|---|
if(strlen($output) < $bytes)
{
// Close to what PHP basically uses internally to seed, but not quite.
|
if(strlen($output) < $bytes)
{
// Close to what PHP basically uses internally to seed, but not quite.
|
$unique_state = microtime().@getmypid();
| $unique_state = microtime().@getmypid();
|
$rounds = ceil($bytes / 16);
|
$rounds = ceil($bytes / 16);
|
| Zeile 8565 | Zeile 8614 |
|---|
return $output;
}
else
|
return $output;
}
else
|
{
| {
|
return $output;
}
}
| return $output;
}
}
|
| Zeile 8578 | Zeile 8627 |
|---|
function secure_seed_rng()
{
$bytes = PHP_INT_SIZE;
|
function secure_seed_rng()
{
$bytes = PHP_INT_SIZE;
|
|
|
do
|
do
|
{
| {
|
$output = secure_binary_seed_rng($bytes);
|
$output = secure_binary_seed_rng($bytes);
|
|
|
// convert binary data to a decimal number
if ($bytes == 4)
|
// convert binary data to a decimal number
if ($bytes == 4)
|
{
| {
|
$elements = unpack('i', $output);
$output = abs($elements[1]);
}
| $elements = unpack('i', $output);
$output = abs($elements[1]);
}
|
| Zeile 8594 | Zeile 8643 |
|---|
{
$elements = unpack('N2', $output);
$output = abs($elements[1] << 32 | $elements[2]);
|
{
$elements = unpack('N2', $output);
$output = abs($elements[1] << 32 | $elements[2]);
|
}
} while($output > PHP_INT_MAX);
| }
} while($output > PHP_INT_MAX);
|
return $output;
}
| return $output;
}
|
| Zeile 8614 | Zeile 8663 |
|---|
{
$min = 0;
$max = PHP_INT_MAX;
|
{
$min = 0;
$max = PHP_INT_MAX;
|
}
| }
|
if(version_compare(PHP_VERSION, '7.0', '>='))
{
|
if(version_compare(PHP_VERSION, '7.0', '>='))
{
|
| Zeile 8647 | Zeile 8696 |
|---|
function trim_blank_chrs($string, $charlist="")
{
$hex_chrs = array(
|
function trim_blank_chrs($string, $charlist="")
{
$hex_chrs = array(
|
0x09 => 1, // \x{0009}
0x0A => 1, // \x{000A}
0x0B => 1, // \x{000B}
0x0D => 1, // \x{000D}
0x20 => 1, // \x{0020}
| 0x09 => 1, // \x{0009}
0x0A => 1, // \x{000A}
0x0B => 1, // \x{000B}
0x0D => 1, // \x{000D}
0x20 => 1, // \x{0020}
|
0xC2 => array(0x81 => 1, 0x8D => 1, 0x90 => 1, 0x9D => 1, 0xA0 => 1, 0xAD => 1), // \x{0081}, \x{008D}, \x{0090}, \x{009D}, \x{00A0}, \x{00AD}
0xCC => array(0xB7 => 1, 0xB8 => 1), // \x{0337}, \x{0338}
0xE1 => array(0x85 => array(0x9F => 1, 0xA0 => 1), 0x9A => array(0x80 => 1), 0xA0 => array(0x8E => 1)), // \x{115F}, \x{1160}, \x{1680}, \x{180E}
| 0xC2 => array(0x81 => 1, 0x8D => 1, 0x90 => 1, 0x9D => 1, 0xA0 => 1, 0xAD => 1), // \x{0081}, \x{008D}, \x{0090}, \x{009D}, \x{00A0}, \x{00AD}
0xCC => array(0xB7 => 1, 0xB8 => 1), // \x{0337}, \x{0338}
0xE1 => array(0x85 => array(0x9F => 1, 0xA0 => 1), 0x9A => array(0x80 => 1), 0xA0 => array(0x8E => 1)), // \x{115F}, \x{1160}, \x{1680}, \x{180E}
|
| Zeile 8714 | Zeile 8763 |
|---|
{
// Check to see if we have matched a first character in our utf-8 array
$offset = match_sequence($string, $hex_chrs);
|
{
// Check to see if we have matched a first character in our utf-8 array
$offset = match_sequence($string, $hex_chrs);
|
if(!$offset)
{
// If not, then we must have a "good" character and we don't need to do anymore processing
break;
| if(!$offset)
{
// If not, then we must have a "good" character and we don't need to do anymore processing
break;
|
}
$string = substr($string, $offset);
}
| }
$string = substr($string, $offset);
}
|
| Zeile 8766 | Zeile 8815 |
|---|
if($string === "")
{
return 0;
|
if($string === "")
{
return 0;
|
}
| }
|
$ord = ord($string[$i]);
if(array_key_exists($ord, $array))
|
$ord = ord($string[$i]);
if(array_key_exists($ord, $array))
|
| Zeile 8782 | Zeile 8831 |
|---|
}
return 0;
|
}
return 0;
|
}
| }
|
/**
* Obtain the version of GD installed.
|
/**
* Obtain the version of GD installed.
|
| Zeile 9001 | Zeile 9050 |
|---|
}
}
|
}
}
|
if(!$pm['subject'] ||!$pm['message'] || !$pm['touid'] || (!$pm['receivepms'] && !$admin_override))
| if(empty($pm['subject']) || empty($pm['message']) || empty($pm['touid']) || (empty($pm['receivepms']) && !$admin_override))
|
{
return false;
}
| {
return false;
}
|
| Zeile 9025 | Zeile 9074 |
|---|
}
$recipients_bcc = array();
|
}
$recipients_bcc = array();
|
| |
// Workaround for eliminating PHP warnings in PHP 8. Ref: https://github.com/mybb/mybb/issues/4630#issuecomment-1369144163
if(isset($pm['sender']['uid']) && $pm['sender']['uid'] === -1 && $fromid === -1)
{
$sender = array(
"uid" => 0,
"username" => ''
);
}
|
// Determine user ID
if((int)$fromid == 0)
|
// Determine user ID
if((int)$fromid == 0)
|
{
| {
|
$fromid = (int)$mybb->user['uid'];
}
elseif((int)$fromid < 0)
| $fromid = (int)$mybb->user['uid'];
}
elseif((int)$fromid < 0)
|
| Zeile 9047 | Zeile 9105 |
|---|
"do" => '',
"pmid" => ''
);
|
"do" => '',
"pmid" => ''
);
|
| |
// (continued) Workaround for eliminating PHP warnings in PHP 8. Ref: https://github.com/mybb/mybb/issues/4630#issuecomment-1369144163
if(isset($sender))
{
$pm['sender'] = $sender;
}
|
if(isset($session))
{
|
if(isset($session))
{
|