| Zeile 588 | Zeile 588 |
|---|
}
}
|
}
}
|
$plugins->run_hooks('my_mailhandler_builtin_after_init', $my_mailhandler_builtin);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mailhandler_builtin_after_init', $my_mailhandler_builtin);
}
|
return $my_mailhandler_builtin;
}
|
return $my_mailhandler_builtin;
}
|
|
|
// If our mail handler doesn't exist, create it.
if(!is_object($my_mailhandler))
{
require_once MYBB_ROOT . "inc/class_mailhandler.php";
|
// If our mail handler doesn't exist, create it.
if(!is_object($my_mailhandler))
{
require_once MYBB_ROOT . "inc/class_mailhandler.php";
|
$plugins->run_hooks('my_mailhandler_init', $my_mailhandler);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mailhandler_init', $my_mailhandler);
}
|
// If no plugin has ever created the mail handler, resort to use the built-in one.
if(!is_object($my_mailhandler) || !($my_mailhandler instanceof MailHandler))
|
// If no plugin has ever created the mail handler, resort to use the built-in one.
if(!is_object($my_mailhandler) || !($my_mailhandler instanceof MailHandler))
|
| Zeile 663 | Zeile 669 |
|---|
'is_mail_sent' => &$is_mail_sent,
'continue_process' => &$continue_process,
);
|
'is_mail_sent' => &$is_mail_sent,
'continue_process' => &$continue_process,
);
|
$plugins->run_hooks('my_mail_pre_build_message', $my_mail_parameters);
|
if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mail_pre_build_message', $my_mail_parameters);
}
|
// Build the mail message.
$mail->build_message($to, $subject, $message, $from, $charset, $headers, $format, $message_text, $return_email);
|
// Build the mail message.
$mail->build_message($to, $subject, $message, $from, $charset, $headers, $format, $message_text, $return_email);
|
$plugins->run_hooks('my_mail_pre_send', $my_mail_parameters);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mail_pre_send', $my_mail_parameters);
}
|
// Check if the hooked plugins still suggest to send the mail.
if($continue_process)
|
// Check if the hooked plugins still suggest to send the mail.
if($continue_process)
|
{
| {
|
$is_mail_sent = $mail->send();
|
$is_mail_sent = $mail->send();
|
}
| }
|
|
|
$plugins->run_hooks('my_mail_post_send', $my_mail_parameters);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mail_post_send', $my_mail_parameters);
}
|
return $is_mail_sent;
}
|
return $is_mail_sent;
}
|
| Zeile 1680 | Zeile 1695 |
|---|
global $groupscache, $forum_cache, $fpermcache, $mybb, $fpermfields;
$groups = explode(",", $gid);
|
global $groupscache, $forum_cache, $fpermcache, $mybb, $fpermfields;
$groups = explode(",", $gid);
|
if(empty($fpermcache[$fid])) // This forum has no custom or inherited permissions so lets just return the group permissions
{
return $groupperms;
}
| |
$current_permissions = array();
$only_view_own_threads = 1;
$only_reply_own_threads = 1;
|
$current_permissions = array();
$only_view_own_threads = 1;
$only_reply_own_threads = 1;
|
foreach($groups as $gid)
|
if(empty($fpermcache[$fid])) // This forum has no custom or inherited permissions so lets just return the group permissions
{
$current_permissions = $groupperms;
}
else
|
{
|
{
|
if(!empty($groupscache[$gid]))
| foreach($groups as $gid)
|
{
|
{
|
$level_permissions = array();
// If our permissions arn't inherited we need to figure them out
if(empty($fpermcache[$fid][$gid]))
{
$parents = explode(',', $forum_cache[$fid]['parentlist']);
rsort($parents);
if(!empty($parents))
{
foreach($parents as $parent_id)
{
if(!empty($fpermcache[$parent_id][$gid]))
{
$level_permissions = $fpermcache[$parent_id][$gid];
break;
}
}
}
}
else
| // If this forum has custom or inherited permissions for the currently looped group.
if(!empty($fpermcache[$fid][$gid]))
|
{
$level_permissions = $fpermcache[$fid][$gid];
|
{
$level_permissions = $fpermcache[$fid][$gid];
|
}
// If we STILL don't have forum permissions we use the usergroup itself
if(empty($level_permissions))
{
| }
// Or, use the group permission instead, if available. Some forum permissions not existing here will be added back later.
else if(!empty($groupscache[$gid]))
{
|
$level_permissions = $groupscache[$gid];
|
$level_permissions = $groupscache[$gid];
|
}
| }
// No permission is available for the currently looped group, probably we have bad data here.
else
{
continue;
}
|
foreach($level_permissions as $permission => $access)
{
|
foreach($level_permissions as $permission => $access)
{
|
| Zeile 1735 | Zeile 1735 |
|---|
if($level_permissions["canview"] && empty($level_permissions["canonlyviewownthreads"]))
{
$only_view_own_threads = 0;
|
if($level_permissions["canview"] && empty($level_permissions["canonlyviewownthreads"]))
{
$only_view_own_threads = 0;
|
}
| }
|
if($level_permissions["canpostreplys"] && empty($level_permissions["canonlyreplyownthreads"]))
{
$only_reply_own_threads = 0;
}
}
|
if($level_permissions["canpostreplys"] && empty($level_permissions["canonlyreplyownthreads"]))
{
$only_reply_own_threads = 0;
}
}
|
}
|
if(count($current_permissions) == 0)
{
$current_permissions = $groupperms;
}
}
|
// Figure out if we can view more than our own threads
|
// Figure out if we can view more than our own threads
|
if($only_view_own_threads == 0)
| if($only_view_own_threads == 0 || !isset($current_permissions["canonlyviewownthreads"]))
|
{
$current_permissions["canonlyviewownthreads"] = 0;
|
{
$current_permissions["canonlyviewownthreads"] = 0;
|
}
| }
|
// Figure out if we can reply more than our own threads
|
// Figure out if we can reply more than our own threads
|
if($only_reply_own_threads == 0)
{
| if($only_reply_own_threads == 0 || !isset($current_permissions["canonlyreplyownthreads"]))
{
|
$current_permissions["canonlyreplyownthreads"] = 0;
|
$current_permissions["canonlyreplyownthreads"] = 0;
|
}
| }
|
|
|
if(count($current_permissions) == 0)
{
$current_permissions = $groupperms;
}
| |
return $current_permissions;
}
| return $current_permissions;
}
|
| Zeile 1951 | Zeile 1952 |
|---|
foreach($extra_groups as $extra_group)
{
$groups[] = $extra_group;
|
foreach($extra_groups as $extra_group)
{
$groups[] = $extra_group;
|
}
}
| }
}
|
$mod_cache = $cache->read("moderators");
|
$mod_cache = $cache->read("moderators");
|
| Zeile 2336 | Zeile 2337 |
|---|
* @param string $name The cookie identifier.
* @param int $id The cookie content id.
* @return array|boolean The cookie id's content array or false when non-existent.
|
* @param string $name The cookie identifier.
* @param int $id The cookie content id.
* @return array|boolean The cookie id's content array or false when non-existent.
|
*/
| */
|
function my_get_array_cookie($name, $id)
{
global $mybb;
if(!isset($mybb->cookies['mybb'][$name]))
|
function my_get_array_cookie($name, $id)
{
global $mybb;
if(!isset($mybb->cookies['mybb'][$name]))
|
{
| {
|
return false;
|
return false;
|
}
$cookie = my_unserialize($mybb->cookies['mybb'][$name]);
| }
$cookie = my_unserialize($mybb->cookies['mybb'][$name], false);
|
if(is_array($cookie) && isset($cookie[$id]))
|
if(is_array($cookie) && isset($cookie[$id]))
|
{
| {
|
return $cookie[$id];
|
return $cookie[$id];
|
}
else
{
| }
else
{
|
return 0;
}
}
| return 0;
}
}
|
| Zeile 2369 | Zeile 2370 |
|---|
function my_set_array_cookie($name, $id, $value, $expires="")
{
global $mybb;
|
function my_set_array_cookie($name, $id, $value, $expires="")
{
global $mybb;
|
|
|
if(isset($mybb->cookies['mybb'][$name]))
|
if(isset($mybb->cookies['mybb'][$name]))
|
{
$newcookie = my_unserialize($mybb->cookies['mybb'][$name]);
| {
$newcookie = my_unserialize($mybb->cookies['mybb'][$name], false);
|
}
else
{
$newcookie = array();
}
|
}
else
{
$newcookie = array();
}
|
|
|
$newcookie[$id] = $value;
$newcookie = my_serialize($newcookie);
my_setcookie("mybb[$name]", addslashes($newcookie), $expires);
| $newcookie[$id] = $value;
$newcookie = my_serialize($newcookie);
my_setcookie("mybb[$name]", addslashes($newcookie), $expires);
|
| Zeile 2386 | Zeile 2387 |
|---|
if(isset($mybb->cookies['mybb']) && !is_array($mybb->cookies['mybb']))
{
$mybb->cookies['mybb'] = array();
|
if(isset($mybb->cookies['mybb']) && !is_array($mybb->cookies['mybb']))
{
$mybb->cookies['mybb'] = array();
|
}
| }
|
// Make sure our current viarables are up-to-date as well
$mybb->cookies['mybb'][$name] = $newcookie;
|
// Make sure our current viarables are up-to-date as well
$mybb->cookies['mybb'][$name] = $newcookie;
|
| Zeile 2406 | Zeile 2407 |
|---|
* - does not unserialize objects
*
* @param string $str
|
* - does not unserialize objects
*
* @param string $str
|
| | * @param bool $unlimited Whether to apply limits defined in MAX_SERIALIZED_* constants
|
* @return mixed
* @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects)
*/
|
* @return mixed
* @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects)
*/
|
function _safe_unserialize($str)
| function _safe_unserialize($str, $unlimited = true)
|
{
|
{
|
if(strlen($str) > MAX_SERIALIZED_INPUT_LENGTH)
| if(!$unlimited && strlen($str) > MAX_SERIALIZED_INPUT_LENGTH)
|
{
// input exceeds MAX_SERIALIZED_INPUT_LENGTH
return false;
| {
// input exceeds MAX_SERIALIZED_INPUT_LENGTH
return false;
|
| Zeile 2465 | Zeile 2467 |
|---|
$value = substr($matches[2], 0, (int)$matches[1]);
$str = substr($matches[2], (int)$matches[1] + 2);
}
|
$value = substr($matches[2], 0, (int)$matches[1]);
$str = substr($matches[2], (int)$matches[1] + 2);
}
|
else if($type == 'a' && preg_match('/^a:([0-9]+):{(.*)/s', $str, $matches) && $matches[1] < MAX_SERIALIZED_ARRAY_LENGTH)
| else if(
$type == 'a' &&
preg_match('/^a:([0-9]+):{(.*)/s', $str, $matches) &&
($unlimited || $matches[1] < MAX_SERIALIZED_ARRAY_LENGTH)
)
|
{
$expectedLength = (int)$matches[1];
$str = $matches[2];
|
{
$expectedLength = (int)$matches[1];
$str = $matches[2];
|
}
| }
|
else
|
else
|
{
| {
|
// object or unknown/malformed type
return false;
}
|
// object or unknown/malformed type
return false;
}
|
|
|
switch($state)
{
case 3: // in array, expecting value or another array
|
switch($state)
{
case 3: // in array, expecting value or another array
|
if($type == 'a')
{
if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
{
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
}
| if($type == 'a')
{
if(!$unlimited && count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
{
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
}
|
$stack[] = &$list;
$list[$key] = array();
$list = &$list[$key];
$expected[] = $expectedLength;
|
$stack[] = &$list;
$list[$key] = array();
$list = &$list[$key];
$expected[] = $expectedLength;
|
$state = 2;
break;
| $state = 2;
break;
|
}
if($type != '}')
{
| }
if($type != '}')
{
|
| Zeile 2502 | Zeile 2508 |
|---|
}
// missing array value
|
}
// missing array value
|
return false;
| return false;
|
case 2: // in array, expecting end of array or a key
if($type == '}')
|
case 2: // in array, expecting end of array or a key
if($type == '}')
|
| Zeile 2526 | Zeile 2532 |
|---|
}
if($type == 'i' || $type == 's')
{
|
}
if($type == 'i' || $type == 's')
{
|
if(count($list) >= MAX_SERIALIZED_ARRAY_LENGTH)
| if(!$unlimited && count($list) >= MAX_SERIALIZED_ARRAY_LENGTH)
|
{
// array size exceeds MAX_SERIALIZED_ARRAY_LENGTH
return false;
| {
// array size exceeds MAX_SERIALIZED_ARRAY_LENGTH
return false;
|
| Zeile 2534 | Zeile 2540 |
|---|
if(count($list) >= end($expected))
{
// array size exceeds expected length
|
if(count($list) >= end($expected))
{
// array size exceeds expected length
|
return false;
}
| return false;
}
|
$key = $value;
$state = 3;
|
$key = $value;
$state = 3;
|
| Zeile 2548 | Zeile 2554 |
|---|
case 0: // expecting array or value
if($type == 'a')
{
|
case 0: // expecting array or value
if($type == 'a')
{
|
if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
| if(!$unlimited && count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
|
{
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
| {
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
|
| Zeile 2583 | Zeile 2589 |
|---|
/**
* Credits go to https://github.com/piwik
* Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue
|
/**
* Credits go to https://github.com/piwik
* Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue
|
*
* @param string $str
| *
* @param string $str
* @param bool $unlimited
|
* @return mixed
*/
|
* @return mixed
*/
|
function my_unserialize($str)
| function my_unserialize($str, $unlimited = true)
|
{
// Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()
if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
|
{
// Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()
if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
|
{
| {
|
$mbIntEnc = mb_internal_encoding();
mb_internal_encoding('ASCII');
|
$mbIntEnc = mb_internal_encoding();
mb_internal_encoding('ASCII');
|
}
$out = _safe_unserialize($str);
| }
$out = _safe_unserialize($str, $unlimited);
|
if(isset($mbIntEnc))
{
mb_internal_encoding($mbIntEnc);
}
|
if(isset($mbIntEnc))
{
mb_internal_encoding($mbIntEnc);
}
|
return $out;
| return $out;
}
/**
* Unserializes data using PHP's `unserialize()`, and its safety options if possible.
* This function should only be used for values from trusted sources.
*
* @param string $str
* @return mixed
*/
function native_unserialize($str)
{
if(version_compare(PHP_VERSION, '7.0.0', '>='))
{
return unserialize($str, array('allowed_classes' => false));
}
else
{
return unserialize($str);
}
|
}
/**
| }
/**
|
| Zeile 2634 | Zeile 2660 |
|---|
}
if(is_float($value))
|
}
if(is_float($value))
|
{
| {
|
return 'd:'.str_replace(',', '.', $value).';';
|
return 'd:'.str_replace(',', '.', $value).';';
|
}
| }
|
if(is_string($value))
|
if(is_string($value))
|
{
| {
|
return 's:'.strlen($value).':"'.$value.'";';
}
| return 's:'.strlen($value).':"'.$value.'";';
}
|
| Zeile 2649 | Zeile 2675 |
|---|
foreach($value as $k => $v)
{
$out .= _safe_serialize($k) . _safe_serialize($v);
|
foreach($value as $k => $v)
{
$out .= _safe_serialize($k) . _safe_serialize($v);
|
}
| }
|
return 'a:'.count($value).':{'.$out.'}';
}
| return 'a:'.count($value).':{'.$out.'}';
}
|
| Zeile 2666 | Zeile 2692 |
|---|
* @return string
*/
function my_serialize($value)
|
* @return string
*/
function my_serialize($value)
|
{
| {
|
// ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()
if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
{
$mbIntEnc = mb_internal_encoding();
mb_internal_encoding('ASCII');
|
// ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()
if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
{
$mbIntEnc = mb_internal_encoding();
mb_internal_encoding('ASCII');
|
}
| }
|
$out = _safe_serialize($value);
if(isset($mbIntEnc))
|
$out = _safe_serialize($value);
if(isset($mbIntEnc))
|
| Zeile 2682 | Zeile 2708 |
|---|
return $out;
}
|
return $out;
}
|
|
|
/**
* Returns the serverload of the system.
*
| /**
* Returns the serverload of the system.
*
|
| Zeile 2698 | Zeile 2724 |
|---|
if(DIRECTORY_SEPARATOR != '\\')
{
if(function_exists("sys_getloadavg"))
|
if(DIRECTORY_SEPARATOR != '\\')
{
if(function_exists("sys_getloadavg"))
|
{
| {
|
// sys_getloadavg() will return an array with [0] being load within the last minute.
$serverload = sys_getloadavg();
$serverload[0] = round($serverload[0], 4);
| // sys_getloadavg() will return an array with [0] being load within the last minute.
$serverload = sys_getloadavg();
$serverload[0] = round($serverload[0], 4);
|
| Zeile 2729 | Zeile 2755 |
|---|
if(strpos(",".$func_blacklist.",", 'exec') !== false)
{
return $lang->unknown;
|
if(strpos(",".$func_blacklist.",", 'exec') !== false)
{
return $lang->unknown;
|
}
}
| }
}
|
$load = @exec("uptime");
$load = explode("load average: ", $load);
|
$load = @exec("uptime");
$load = explode("load average: ", $load);
|
| Zeile 4843 | Zeile 4869 |
|---|
$navsize = count($navbits);
// Convert & to &
$navbits[$navsize]['name'] = preg_replace("#&(?!\#[0-9]+;)#si", "&", $forumnav['name']);
|
$navsize = count($navbits);
// Convert & to &
$navbits[$navsize]['name'] = preg_replace("#&(?!\#[0-9]+;)#si", "&", $forumnav['name']);
|
|
|
if(defined("IN_ARCHIVE"))
{
// Set up link to forum in breadcrumb.
| if(defined("IN_ARCHIVE"))
{
// Set up link to forum in breadcrumb.
|
| Zeile 6953 | Zeile 6979 |
|---|
$query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");
if($db->fetch_field($query, "emails") > 0)
|
$query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");
if($db->fetch_field($query, "emails") > 0)
|
{
return true;
}
| {
return true;
}
|
return false;
}
| return false;
}
|
| Zeile 9024 | Zeile 9050 |
|---|
}
}
|
}
}
|
if(!$pm['subject'] ||!$pm['message'] || !$pm['touid'] || (!$pm['receivepms'] && !$admin_override))
| if(empty($pm['subject']) || empty($pm['message']) || empty($pm['touid']) || (empty($pm['receivepms']) && !$admin_override))
|
{
return false;
}
| {
return false;
}
|
| Zeile 9048 | Zeile 9074 |
|---|
}
$recipients_bcc = array();
|
}
$recipients_bcc = array();
|
| |
// Workaround for eliminating PHP warnings in PHP 8. Ref: https://github.com/mybb/mybb/issues/4630#issuecomment-1369144163
if(isset($pm['sender']['uid']) && $pm['sender']['uid'] === -1 && $fromid === -1)
{
$sender = array(
"uid" => 0,
"username" => ''
);
}
|
// Determine user ID
if((int)$fromid == 0)
|
// Determine user ID
if((int)$fromid == 0)
|
{
| {
|
$fromid = (int)$mybb->user['uid'];
}
elseif((int)$fromid < 0)
| $fromid = (int)$mybb->user['uid'];
}
elseif((int)$fromid < 0)
|
| Zeile 9070 | Zeile 9105 |
|---|
"do" => '',
"pmid" => ''
);
|
"do" => '',
"pmid" => ''
);
|
| |
// (continued) Workaround for eliminating PHP warnings in PHP 8. Ref: https://github.com/mybb/mybb/issues/4630#issuecomment-1369144163
if(isset($sender))
{
$pm['sender'] = $sender;
}
|
if(isset($session))
{
|
if(isset($session))
{
|