| Zeile 588 | Zeile 588 |
|---|
}
}
|
}
}
|
$plugins->run_hooks('my_mailhandler_builtin_after_init', $my_mailhandler_builtin);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mailhandler_builtin_after_init', $my_mailhandler_builtin);
}
|
return $my_mailhandler_builtin;
}
|
return $my_mailhandler_builtin;
}
|
|
|
// If our mail handler doesn't exist, create it.
if(!is_object($my_mailhandler))
{
require_once MYBB_ROOT . "inc/class_mailhandler.php";
|
// If our mail handler doesn't exist, create it.
if(!is_object($my_mailhandler))
{
require_once MYBB_ROOT . "inc/class_mailhandler.php";
|
$plugins->run_hooks('my_mailhandler_init', $my_mailhandler);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mailhandler_init', $my_mailhandler);
}
|
// If no plugin has ever created the mail handler, resort to use the built-in one.
if(!is_object($my_mailhandler) || !($my_mailhandler instanceof MailHandler))
|
// If no plugin has ever created the mail handler, resort to use the built-in one.
if(!is_object($my_mailhandler) || !($my_mailhandler instanceof MailHandler))
|
| Zeile 663 | Zeile 669 |
|---|
'is_mail_sent' => &$is_mail_sent,
'continue_process' => &$continue_process,
);
|
'is_mail_sent' => &$is_mail_sent,
'continue_process' => &$continue_process,
);
|
$plugins->run_hooks('my_mail_pre_build_message', $my_mail_parameters);
|
if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mail_pre_build_message', $my_mail_parameters);
}
|
// Build the mail message.
$mail->build_message($to, $subject, $message, $from, $charset, $headers, $format, $message_text, $return_email);
|
// Build the mail message.
$mail->build_message($to, $subject, $message, $from, $charset, $headers, $format, $message_text, $return_email);
|
$plugins->run_hooks('my_mail_pre_send', $my_mail_parameters);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mail_pre_send', $my_mail_parameters);
}
|
// Check if the hooked plugins still suggest to send the mail.
if($continue_process)
|
// Check if the hooked plugins still suggest to send the mail.
if($continue_process)
|
{
| {
|
$is_mail_sent = $mail->send();
|
$is_mail_sent = $mail->send();
|
}
| }
|
|
|
$plugins->run_hooks('my_mail_post_send', $my_mail_parameters);
| if(isset($plugins) && is_object($plugins))
{
$plugins->run_hooks('my_mail_post_send', $my_mail_parameters);
}
|
return $is_mail_sent;
}
|
return $is_mail_sent;
}
|
| Zeile 856 | Zeile 871 |
|---|
{
$forum_cache = cache_forums();
foreach($forum_cache as $forum)
|
{
$forum_cache = cache_forums();
foreach($forum_cache as $forum)
|
{
| {
|
if($forum['active'] != 0)
{
$forums_by_parent[$forum['pid']][$forum['fid']] = $forum;
| if($forum['active'] != 0)
{
$forums_by_parent[$forum['pid']][$forum['fid']] = $forum;
|
| Zeile 905 | Zeile 920 |
|---|
// Send our headers.
@header("Content-type: application/json; charset={$lang->settings['charset']}");
echo json_encode(array("errors" => array($error)));
|
// Send our headers.
@header("Content-type: application/json; charset={$lang->settings['charset']}");
echo json_encode(array("errors" => array($error)));
|
exit;
}
| exit;
}
|
if(!$title)
{
$title = $mybb->settings['bbname'];
}
|
if(!$title)
{
$title = $mybb->settings['bbname'];
}
|
|
|
$timenow = my_date('relative', TIME_NOW);
reset_breadcrumb();
add_breadcrumb($lang->error);
|
$timenow = my_date('relative', TIME_NOW);
reset_breadcrumb();
add_breadcrumb($lang->error);
|
|
|
eval("\$errorpage = \"".$templates->get("error")."\";");
output_page($errorpage);
exit;
|
eval("\$errorpage = \"".$templates->get("error")."\";");
output_page($errorpage);
exit;
|
}
| }
|
/**
* Produce an error message for displaying inline on a page
*
| /**
* Produce an error message for displaying inline on a page
*
|
| Zeile 938 | Zeile 953 |
|---|
if(!$title)
{
$title = $lang->please_correct_errors;
|
if(!$title)
{
$title = $lang->please_correct_errors;
|
}
| }
|
if(!is_array($errors))
{
$errors = array($errors);
| if(!is_array($errors))
{
$errors = array($errors);
|
| Zeile 988 | Zeile 1003 |
|---|
"nopermission" => '1',
"location1" => 0,
"location2" => 0
|
"nopermission" => '1',
"location1" => 0,
"location2" => 0
|
);
| );
|
$db->update_query("sessions", $noperm_array, "sid='{$session->sid}'");
|
$db->update_query("sessions", $noperm_array, "sid='{$session->sid}'");
|
| Zeile 1384 | Zeile 1399 |
|---|
$usergroup = array();
$usergroup['all_usergroups'] = $gid;
|
$usergroup = array();
$usergroup['all_usergroups'] = $gid;
|
|
|
// Get those switch permissions from the first valid group.
$permswitches_usergroup = array();
$grouppermswitches = array();
| // Get those switch permissions from the first valid group.
$permswitches_usergroup = array();
$grouppermswitches = array();
|
| Zeile 1396 | Zeile 1411 |
|---|
{
$grouppermswitches[] = $perm;
}
|
{
$grouppermswitches[] = $perm;
}
|
}
| }
|
else
{
$grouppermswitches[] = $permvalue;
|
else
{
$grouppermswitches[] = $permvalue;
|
}
| }
|
}
$grouppermswitches = array_unique($grouppermswitches);
foreach($groups as $gid)
| }
$grouppermswitches = array_unique($grouppermswitches);
foreach($groups as $gid)
|
| Zeile 1449 | Zeile 1464 |
|---|
}
// Less is more for some numerical group permissions (i.e. post count required for using signature) so take that into account, too.
else if(in_array($perm, $groupzerolesser))
|
}
// Less is more for some numerical group permissions (i.e. post count required for using signature) so take that into account, too.
else if(in_array($perm, $groupzerolesser))
|
{
| {
|
// -1 means a `0 or lesser` permission. Value 0 means unlimited.
$perm_is_numerical = -1;
}
| // -1 means a `0 or lesser` permission. Value 0 means unlimited.
$perm_is_numerical = -1;
}
|
| Zeile 1498 | Zeile 1513 |
|---|
// Set this permission if not set yet.
if(!isset($usergroup[$perm]))
|
// Set this permission if not set yet.
if(!isset($usergroup[$perm]))
|
{
| {
|
$usergroup[$perm] = $access;
|
$usergroup[$perm] = $access;
|
}
| }
|
// If current group's setting enables the permission, we may need to update the user's permission.
if($group_current_perm_enabled)
|
// If current group's setting enables the permission, we may need to update the user's permission.
if($group_current_perm_enabled)
|
| Zeile 1515 | Zeile 1530 |
|---|
{
$usergroup[$perm] = $access;
}
|
{
$usergroup[$perm] = $access;
}
|
}
}
| }
}
|
// No switch controls this permission, or permission needs an update.
if($update_current_perm)
|
// No switch controls this permission, or permission needs an update.
if($update_current_perm)
|
| Zeile 1582 | Zeile 1597 |
|---|
$displaygroup = array();
$group = $groupscache[$gid];
|
$displaygroup = array();
$group = $groupscache[$gid];
|
|
|
foreach($displaygroupfields as $field)
{
$displaygroup[$field] = $group[$field];
| foreach($displaygroupfields as $field)
{
$displaygroup[$field] = $group[$field];
|
| Zeile 1631 | Zeile 1646 |
|---|
}
if(!is_array($forum_cache))
|
}
if(!is_array($forum_cache))
|
{
$forum_cache = cache_forums();
| {
$forum_cache = cache_forums();
|
if(!$forum_cache)
{
return false;
}
|
if(!$forum_cache)
{
return false;
}
|
}
| }
|
if(!is_array($fpermcache))
{
|
if(!is_array($fpermcache))
{
|
| Zeile 1648 | Zeile 1663 |
|---|
if($fid) // Fetch the permissions for a single forum
{
if(empty($cached_forum_permissions_permissions[$gid][$fid]))
|
if($fid) // Fetch the permissions for a single forum
{
if(empty($cached_forum_permissions_permissions[$gid][$fid]))
|
{
| {
|
$cached_forum_permissions_permissions[$gid][$fid] = fetch_forum_permissions($fid, $gid, $groupperms);
}
return $cached_forum_permissions_permissions[$gid][$fid];
| $cached_forum_permissions_permissions[$gid][$fid] = fetch_forum_permissions($fid, $gid, $groupperms);
}
return $cached_forum_permissions_permissions[$gid][$fid];
|
| Zeile 1679 | Zeile 1694 |
|---|
{
global $groupscache, $forum_cache, $fpermcache, $mybb, $fpermfields;
|
{
global $groupscache, $forum_cache, $fpermcache, $mybb, $fpermfields;
|
$groups = explode(",", $gid);
if(empty($fpermcache[$fid])) // This forum has no custom or inherited permissions so lets just return the group permissions
{
return $groupperms;
}
| if(isset($gid))
{
$groups = explode(",", $gid);
}
else
{
$groups = array();
}
|
$current_permissions = array();
$only_view_own_threads = 1;
$only_reply_own_threads = 1;
|
$current_permissions = array();
$only_view_own_threads = 1;
$only_reply_own_threads = 1;
|
foreach($groups as $gid)
{
if(!empty($groupscache[$gid]))
{
$level_permissions = array();
// If our permissions arn't inherited we need to figure them out
if(empty($fpermcache[$fid][$gid]))
{
$parents = explode(',', $forum_cache[$fid]['parentlist']);
rsort($parents);
if(!empty($parents))
{
foreach($parents as $parent_id)
{
if(!empty($fpermcache[$parent_id][$gid]))
{
$level_permissions = $fpermcache[$parent_id][$gid];
break;
}
}
}
|
if(empty($fpermcache[$fid])) // This forum has no custom or inherited permissions so lets just return the group permissions
{
$current_permissions = $groupperms;
}
else
{
foreach($groups as $gid)
{
// If this forum has custom or inherited permissions for the currently looped group.
if(!empty($fpermcache[$fid][$gid]))
{
$level_permissions = $fpermcache[$fid][$gid];
}
// Or, use the group permission instead, if available. Some forum permissions not existing here will be added back later.
else if(!empty($groupscache[$gid]))
{
$level_permissions = $groupscache[$gid];
|
}
|
}
|
| | // No permission is available for the currently looped group, probably we have bad data here.
|
else
{
|
else
{
|
$level_permissions = $fpermcache[$fid][$gid];
}
// If we STILL don't have forum permissions we use the usergroup itself
if(empty($level_permissions))
{
$level_permissions = $groupscache[$gid];
| continue;
|
}
foreach($level_permissions as $permission => $access)
| }
foreach($level_permissions as $permission => $access)
|
| Zeile 1740 | Zeile 1747 |
|---|
if($level_permissions["canpostreplys"] && empty($level_permissions["canonlyreplyownthreads"]))
{
$only_reply_own_threads = 0;
|
if($level_permissions["canpostreplys"] && empty($level_permissions["canonlyreplyownthreads"]))
{
$only_reply_own_threads = 0;
|
}
}
}
| }
}
if(count($current_permissions) == 0)
{
$current_permissions = $groupperms;
}
}
|
// Figure out if we can view more than our own threads
|
// Figure out if we can view more than our own threads
|
if($only_view_own_threads == 0)
{
| if($only_view_own_threads == 0 || !isset($current_permissions["canonlyviewownthreads"]))
{
|
$current_permissions["canonlyviewownthreads"] = 0;
|
$current_permissions["canonlyviewownthreads"] = 0;
|
}
| }
|
// Figure out if we can reply more than our own threads
|
// Figure out if we can reply more than our own threads
|
if($only_reply_own_threads == 0)
| if($only_reply_own_threads == 0 || !isset($current_permissions["canonlyreplyownthreads"]))
|
{
$current_permissions["canonlyreplyownthreads"] = 0;
}
|
{
$current_permissions["canonlyreplyownthreads"] = 0;
}
|
if(count($current_permissions) == 0)
{
$current_permissions = $groupperms;
}
| |
return $current_permissions;
}
|
return $current_permissions;
}
|
|
|
/**
* Check whether password for given forum was validated for the current user
*
| /**
* Check whether password for given forum was validated for the current user
*
|
| Zeile 1792 | Zeile 1800 |
|---|
foreach($parents as $parent_id)
{
if($parent_id != $forum['fid'] && !forum_password_validated($forum_cache[$parent_id], true))
|
foreach($parents as $parent_id)
{
if($parent_id != $forum['fid'] && !forum_password_validated($forum_cache[$parent_id], true))
|
{
return false;
}
}
| {
return false;
}
}
|
}
|
}
|
|
|
return ($ignore_empty && $forum['password'] === '') || (
isset($mybb->cookies['forumpass'][$forum['fid']]) &&
my_hash_equals(
| return ($ignore_empty && $forum['password'] === '') || (
isset($mybb->cookies['forumpass'][$forum['fid']]) &&
my_hash_equals(
|
| Zeile 1805 | Zeile 1813 |
|---|
$mybb->cookies['forumpass'][$forum['fid']]
)
);
|
$mybb->cookies['forumpass'][$forum['fid']]
)
);
|
}
/**
| }
/**
|
* Check the password given on a certain forum for validity
*
* @param int $fid The forum ID
| * Check the password given on a certain forum for validity
*
* @param int $fid The forum ID
|
| Zeile 1839 | Zeile 1847 |
|---|
if(!empty($parents))
{
foreach($parents as $parent_id)
|
if(!empty($parents))
{
foreach($parents as $parent_id)
|
{
| {
|
if($parent_id == $fid || $parent_id == $pid)
{
continue;
|
if($parent_id == $fid || $parent_id == $pid)
{
continue;
|
}
| }
|
if($forum_cache[$parent_id]['password'] !== "")
{
check_forum_password($parent_id, $fid);
| if($forum_cache[$parent_id]['password'] !== "")
{
check_forum_password($parent_id, $fid);
|
| Zeile 1855 | Zeile 1863 |
|---|
if($forum_cache[$fid]['password'] !== '')
{
if(isset($mybb->input['pwverify']) && $pid == 0)
|
if($forum_cache[$fid]['password'] !== '')
{
if(isset($mybb->input['pwverify']) && $pid == 0)
|
{
| {
|
if(my_hash_equals($forum_cache[$fid]['password'], $mybb->get_input('pwverify')))
{
my_setcookie("forumpass[$fid]", md5($mybb->user['uid'].$mybb->get_input('pwverify')), null, true);
| if(my_hash_equals($forum_cache[$fid]['password'], $mybb->get_input('pwverify')))
{
my_setcookie("forumpass[$fid]", md5($mybb->user['uid'].$mybb->get_input('pwverify')), null, true);
|
| Zeile 1887 | Zeile 1895 |
|---|
if($return)
{
return $showform;
|
if($return)
{
return $showform;
|
}
| }
|
if($showform)
{
|
if($showform)
{
|
| Zeile 1919 | Zeile 1927 |
|---|
static $modpermscache;
if($uid < 1)
|
static $modpermscache;
if($uid < 1)
|
{
$uid = $mybb->user['uid'];
}
if($uid == 0)
{
return false;
}
| {
$uid = $mybb->user['uid'];
}
if($uid == 0)
{
return false;
}
|
if(isset($modpermscache[$fid][$uid]))
{
return $modpermscache[$fid][$uid];
| if(isset($modpermscache[$fid][$uid]))
{
return $modpermscache[$fid][$uid];
|
| Zeile 2191 | Zeile 2199 |
|---|
global $mybb, $cache, $icon, $theme, $templates, $lang;
if(isset($mybb->input['icon']))
|
global $mybb, $cache, $icon, $theme, $templates, $lang;
if(isset($mybb->input['icon']))
|
{
| {
|
$icon = $mybb->get_input('icon');
|
$icon = $mybb->get_input('icon');
|
}
| }
|
$iconlist = '';
$no_icons_checked = " checked=\"checked\"";
|
$iconlist = '';
$no_icons_checked = " checked=\"checked\"";
|
| Zeile 2201 | Zeile 2209 |
|---|
$posticons_cache = (array)$cache->read("posticons");
$posticons = array();
foreach($posticons_cache as $posticon)
|
$posticons_cache = (array)$cache->read("posticons");
$posticons = array();
foreach($posticons_cache as $posticon)
|
{
| {
|
$posticons[$posticon['name']] = $posticon;
}
krsort($posticons);
foreach($posticons as $dbicon)
|
$posticons[$posticon['name']] = $posticon;
}
krsort($posticons);
foreach($posticons as $dbicon)
|
{
| {
|
$dbicon['path'] = str_replace("{theme}", $theme['imgdir'], $dbicon['path']);
$dbicon['path'] = htmlspecialchars_uni($mybb->get_asset_url($dbicon['path']));
$dbicon['name'] = htmlspecialchars_uni($dbicon['name']);
| $dbicon['path'] = str_replace("{theme}", $theme['imgdir'], $dbicon['path']);
$dbicon['path'] = htmlspecialchars_uni($mybb->get_asset_url($dbicon['path']));
$dbicon['name'] = htmlspecialchars_uni($dbicon['name']);
|
| Zeile 2216 | Zeile 2224 |
|---|
{
$checked = " checked=\"checked\"";
$no_icons_checked = '';
|
{
$checked = " checked=\"checked\"";
$no_icons_checked = '';
|
}
| }
|
else
{
$checked = '';
}
eval("\$iconlist .= \"".$templates->get("posticons_icon")."\";");
|
else
{
$checked = '';
}
eval("\$iconlist .= \"".$templates->get("posticons_icon")."\";");
|
}
| }
|
if(!empty($iconlist))
|
if(!empty($iconlist))
|
{
| {
|
eval("\$posticons = \"".$templates->get("posticons")."\";");
|
eval("\$posticons = \"".$templates->get("posticons")."\";");
|
}
| }
|
else
{
$posticons = '';
| else
{
$posticons = '';
|
| Zeile 2239 | Zeile 2247 |
|---|
/**
* MyBB setcookie() wrapper.
|
/**
* MyBB setcookie() wrapper.
|
*
| *
|
* @param string $name The cookie identifier.
* @param string $value The cookie value.
* @param int|string $expires The timestamp of the expiry date.
| * @param string $name The cookie identifier.
* @param string $value The cookie value.
* @param int|string $expires The timestamp of the expiry date.
|
| Zeile 2288 | Zeile 2296 |
|---|
if(!empty($mybb->settings['cookiedomain']))
{
$cookie .= "; domain={$mybb->settings['cookiedomain']}";
|
if(!empty($mybb->settings['cookiedomain']))
{
$cookie .= "; domain={$mybb->settings['cookiedomain']}";
|
}
| }
|
if($httponly == true)
|
if($httponly == true)
|
{
| {
|
$cookie .= "; HttpOnly";
|
$cookie .= "; HttpOnly";
|
}
| }
|
if($samesite != "" && $mybb->settings['cookiesamesiteflag'])
{
|
if($samesite != "" && $mybb->settings['cookiesamesiteflag'])
{
|
| Zeile 2303 | Zeile 2311 |
|---|
{
$cookie .= "; SameSite=".$samesite;
}
|
{
$cookie .= "; SameSite=".$samesite;
}
|
}
| }
|
if($mybb->settings['cookiesecureflag'])
{
$cookie .= "; Secure";
| if($mybb->settings['cookiesecureflag'])
{
$cookie .= "; Secure";
|
| Zeile 2314 | Zeile 2322 |
|---|
header($cookie, false);
}
|
header($cookie, false);
}
|
|
|
/**
* Unset a cookie set by MyBB.
*
* @param string $name The cookie identifier.
*/
function my_unsetcookie($name)
|
/**
* Unset a cookie set by MyBB.
*
* @param string $name The cookie identifier.
*/
function my_unsetcookie($name)
|
{
global $mybb;
| {
global $mybb;
|
$expires = -3600;
my_setcookie($name, "", $expires);
|
$expires = -3600;
my_setcookie($name, "", $expires);
|
|
|
unset($mybb->cookies[$name]);
}
| unset($mybb->cookies[$name]);
}
|
| Zeile 2338 | Zeile 2346 |
|---|
* @return array|boolean The cookie id's content array or false when non-existent.
*/
function my_get_array_cookie($name, $id)
|
* @return array|boolean The cookie id's content array or false when non-existent.
*/
function my_get_array_cookie($name, $id)
|
{
global $mybb;
| {
global $mybb;
|
if(!isset($mybb->cookies['mybb'][$name]))
|
if(!isset($mybb->cookies['mybb'][$name]))
|
{
| {
|
return false;
|
return false;
|
}
$cookie = my_unserialize($mybb->cookies['mybb'][$name]);
| }
$cookie = my_unserialize($mybb->cookies['mybb'][$name], false);
|
if(is_array($cookie) && isset($cookie[$id]))
|
if(is_array($cookie) && isset($cookie[$id]))
|
{
| {
|
return $cookie[$id];
}
else
{
return 0;
|
return $cookie[$id];
}
else
{
return 0;
|
}
}
| }
}
|
/**
* Set a serialised cookie array.
*
| /**
* Set a serialised cookie array.
*
|
| Zeile 2372 | Zeile 2380 |
|---|
if(isset($mybb->cookies['mybb'][$name]))
{
|
if(isset($mybb->cookies['mybb'][$name]))
{
|
$newcookie = my_unserialize($mybb->cookies['mybb'][$name]);
| $newcookie = my_unserialize($mybb->cookies['mybb'][$name], false);
|
}
else
|
}
else
|
{
| {
|
$newcookie = array();
|
$newcookie = array();
|
}
| }
|
$newcookie[$id] = $value;
$newcookie = my_serialize($newcookie);
|
$newcookie[$id] = $value;
$newcookie = my_serialize($newcookie);
|
| Zeile 2391 | Zeile 2399 |
|---|
// Make sure our current viarables are up-to-date as well
$mybb->cookies['mybb'][$name] = $newcookie;
}
|
// Make sure our current viarables are up-to-date as well
$mybb->cookies['mybb'][$name] = $newcookie;
}
|
|
|
/*
* Arbitrary limits for _safe_unserialize()
*/
| /*
* Arbitrary limits for _safe_unserialize()
*/
|
| Zeile 2406 | Zeile 2414 |
|---|
* - does not unserialize objects
*
* @param string $str
|
* - does not unserialize objects
*
* @param string $str
|
| | * @param bool $unlimited Whether to apply limits defined in MAX_SERIALIZED_* constants
|
* @return mixed
* @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects)
*/
|
* @return mixed
* @throw Exception if $str is malformed or contains unsupported types (e.g., resources, objects)
*/
|
function _safe_unserialize($str)
| function _safe_unserialize($str, $unlimited = true)
|
{
|
{
|
if(strlen($str) > MAX_SERIALIZED_INPUT_LENGTH)
| if(!$unlimited && strlen($str) > MAX_SERIALIZED_INPUT_LENGTH)
|
{
// input exceeds MAX_SERIALIZED_INPUT_LENGTH
return false;
| {
// input exceeds MAX_SERIALIZED_INPUT_LENGTH
return false;
|
| Zeile 2459 | Zeile 2468 |
|---|
{
$value = (float)$matches[1];
$str = $matches[3];
|
{
$value = (float)$matches[1];
$str = $matches[3];
|
}
| }
|
else if($type == 's' && preg_match('/^s:([0-9]+):"(.*)/s', $str, $matches) && substr($matches[2], (int)$matches[1], 2) == '";')
{
$value = substr($matches[2], 0, (int)$matches[1]);
$str = substr($matches[2], (int)$matches[1] + 2);
}
|
else if($type == 's' && preg_match('/^s:([0-9]+):"(.*)/s', $str, $matches) && substr($matches[2], (int)$matches[1], 2) == '";')
{
$value = substr($matches[2], 0, (int)$matches[1]);
$str = substr($matches[2], (int)$matches[1] + 2);
}
|
else if($type == 'a' && preg_match('/^a:([0-9]+):{(.*)/s', $str, $matches) && $matches[1] < MAX_SERIALIZED_ARRAY_LENGTH)
| else if(
$type == 'a' &&
preg_match('/^a:([0-9]+):{(.*)/s', $str, $matches) &&
($unlimited || $matches[1] < MAX_SERIALIZED_ARRAY_LENGTH)
)
|
{
$expectedLength = (int)$matches[1];
$str = $matches[2];
| {
$expectedLength = (int)$matches[1];
$str = $matches[2];
|
| Zeile 2481 | Zeile 2494 |
|---|
case 3: // in array, expecting value or another array
if($type == 'a')
{
|
case 3: // in array, expecting value or another array
if($type == 'a')
{
|
if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
| if(!$unlimited && count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
|
{
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
| {
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
|
| Zeile 2490 | Zeile 2503 |
|---|
$stack[] = &$list;
$list[$key] = array();
$list = &$list[$key];
|
$stack[] = &$list;
$list[$key] = array();
$list = &$list[$key];
|
$expected[] = $expectedLength;
$state = 2;
break;
}
if($type != '}')
| $expected[] = $expectedLength;
$state = 2;
break;
}
if($type != '}')
|
{
$list[$key] = $value;
$state = 2;
| {
$list[$key] = $value;
$state = 2;
|
| Zeile 2510 | Zeile 2523 |
|---|
if(count($list) < end($expected))
{
// array size less than expected
|
if(count($list) < end($expected))
{
// array size less than expected
|
return false;
}
| return false;
}
|
unset($list);
$list = &$stack[count($stack)-1];
|
unset($list);
$list = &$stack[count($stack)-1];
|
| Zeile 2526 | Zeile 2539 |
|---|
}
if($type == 'i' || $type == 's')
{
|
}
if($type == 'i' || $type == 's')
{
|
if(count($list) >= MAX_SERIALIZED_ARRAY_LENGTH)
| if(!$unlimited && count($list) >= MAX_SERIALIZED_ARRAY_LENGTH)
|
{
// array size exceeds MAX_SERIALIZED_ARRAY_LENGTH
return false;
| {
// array size exceeds MAX_SERIALIZED_ARRAY_LENGTH
return false;
|
| Zeile 2548 | Zeile 2561 |
|---|
case 0: // expecting array or value
if($type == 'a')
{
|
case 0: // expecting array or value
if($type == 'a')
{
|
if(count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
| if(!$unlimited && count($stack) >= MAX_SERIALIZED_ARRAY_DEPTH)
|
{
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
| {
// array nesting exceeds MAX_SERIALIZED_ARRAY_DEPTH
return false;
|
| Zeile 2578 | Zeile 2591 |
|---|
return false;
}
return $data;
|
return false;
}
return $data;
|
}
| }
|
/**
* Credits go to https://github.com/piwik
* Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue
|
/**
* Credits go to https://github.com/piwik
* Wrapper for _safe_unserialize() that handles exceptions and multibyte encoding issue
|
*
* @param string $str
* @return mixed
| *
* @param string $str
* @param bool $unlimited
* @return mixed
|
*/
|
*/
|
function my_unserialize($str)
| function my_unserialize($str, $unlimited = true)
|
{
// Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()
if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
| {
// Ensure we use the byte count for strings even when strlen() is overloaded by mb_strlen()
if(function_exists('mb_internal_encoding') && (((int)ini_get('mbstring.func_overload')) & 2))
|
| Zeile 2596 | Zeile 2610 |
|---|
mb_internal_encoding('ASCII');
}
|
mb_internal_encoding('ASCII');
}
|
$out = _safe_unserialize($str);
| $out = _safe_unserialize($str, $unlimited);
if(isset($mbIntEnc))
{
mb_internal_encoding($mbIntEnc);
}
return $out;
}
|
|
|
if(isset($mbIntEnc))
| /**
* Unserializes data using PHP's `unserialize()`, and its safety options if possible.
* This function should only be used for values from trusted sources.
*
* @param string $str
* @return mixed
*/
function native_unserialize($str)
{
if(version_compare(PHP_VERSION, '7.0.0', '>='))
{
return unserialize($str, array('allowed_classes' => false));
}
else
|
{
|
{
|
mb_internal_encoding($mbIntEnc);
| return unserialize($str);
|
}
|
}
|
return $out;
| |
}
/**
| }
/**
|
| Zeile 2647 | Zeile 2680 |
|---|
{
$out = '';
foreach($value as $k => $v)
|
{
$out = '';
foreach($value as $k => $v)
|
{
| {
|
$out .= _safe_serialize($k) . _safe_serialize($v);
}
| $out .= _safe_serialize($k) . _safe_serialize($v);
}
|
| Zeile 2701 | Zeile 2734 |
|---|
{
// sys_getloadavg() will return an array with [0] being load within the last minute.
$serverload = sys_getloadavg();
|
{
// sys_getloadavg() will return an array with [0] being load within the last minute.
$serverload = sys_getloadavg();
|
$serverload[0] = round($serverload[0], 4);
}
|
if(!is_array($serverload))
{
return $lang->unknown;
}
$serverload[0] = round($serverload[0], 4);
}
|
else if(@file_exists("/proc/loadavg") && $load = @file_get_contents("/proc/loadavg"))
|
else if(@file_exists("/proc/loadavg") && $load = @file_get_contents("/proc/loadavg"))
|
{
| {
|
$serverload = explode(" ", $load);
$serverload[0] = round($serverload[0], 4);
}
| $serverload = explode(" ", $load);
$serverload[0] = round($serverload[0], 4);
}
|
| Zeile 2713 | Zeile 2752 |
|---|
if($mybb->safemode)
{
return $lang->unknown;
|
if($mybb->safemode)
{
return $lang->unknown;
|
}
| }
|
// Suhosin likes to throw a warning if exec is disabled then die - weird
if($func_blacklist = @ini_get('suhosin.executor.func.blacklist'))
|
// Suhosin likes to throw a warning if exec is disabled then die - weird
if($func_blacklist = @ini_get('suhosin.executor.func.blacklist'))
|
{
if(strpos(",".$func_blacklist.",", 'exec') !== false)
{
| {
if(strpos(",".$func_blacklist.",", 'exec') !== false)
{
|
return $lang->unknown;
}
}
| return $lang->unknown;
}
}
|
| Zeile 2729 | Zeile 2768 |
|---|
if(strpos(",".$func_blacklist.",", 'exec') !== false)
{
return $lang->unknown;
|
if(strpos(",".$func_blacklist.",", 'exec') !== false)
{
return $lang->unknown;
|
}
| }
|
}
$load = @exec("uptime");
| }
$load = @exec("uptime");
|
| Zeile 2986 | Zeile 3025 |
|---|
if($posts_diff > -1)
{
$new_stats['numposts'] = "+{$posts_diff}";
|
if($posts_diff > -1)
{
$new_stats['numposts'] = "+{$posts_diff}";
|
}
else
{
$new_stats['numposts'] = "{$posts_diff}";
}
| }
else
{
$new_stats['numposts'] = "{$posts_diff}";
}
|
}
if(array_key_exists('unapprovedposts', $update_query))
{
$unapprovedposts_diff = $update_query['unapprovedposts'] - $forum['unapprovedposts'];
if($unapprovedposts_diff > -1)
|
}
if(array_key_exists('unapprovedposts', $update_query))
{
$unapprovedposts_diff = $update_query['unapprovedposts'] - $forum['unapprovedposts'];
if($unapprovedposts_diff > -1)
|
{
| {
|
$new_stats['numunapprovedposts'] = "+{$unapprovedposts_diff}";
}
|
$new_stats['numunapprovedposts'] = "+{$unapprovedposts_diff}";
}
|
else
{
$new_stats['numunapprovedposts'] = "{$unapprovedposts_diff}";
}
| else
{
$new_stats['numunapprovedposts'] = "{$unapprovedposts_diff}";
}
|
}
if(array_key_exists('deletedposts', $update_query))
| }
if(array_key_exists('deletedposts', $update_query))
|
| Zeile 3016 | Zeile 3055 |
|---|
else
{
$new_stats['numdeletedposts'] = "{$deletedposts_diff}";
|
else
{
$new_stats['numdeletedposts'] = "{$deletedposts_diff}";
|
}
}
| }
}
|
if(array_key_exists('deletedthreads', $update_query))
{
$deletedthreads_diff = $update_query['deletedthreads'] - $forum['deletedthreads'];
if($deletedthreads_diff > -1)
|
if(array_key_exists('deletedthreads', $update_query))
{
$deletedthreads_diff = $update_query['deletedthreads'] - $forum['deletedthreads'];
if($deletedthreads_diff > -1)
|
{
| {
|
$new_stats['numdeletedthreads'] = "+{$deletedthreads_diff}";
|
$new_stats['numdeletedthreads'] = "+{$deletedthreads_diff}";
|
}
| }
|
else
{
$new_stats['numdeletedthreads'] = "{$deletedthreads_diff}";
| else
{
$new_stats['numdeletedthreads'] = "{$deletedthreads_diff}";
|
| Zeile 3033 | Zeile 3072 |
|---|
}
if(!empty($new_stats))
|
}
if(!empty($new_stats))
|
{
| {
|
update_stats($new_stats);
}
}
| update_stats($new_stats);
}
}
|
| Zeile 3114 | Zeile 3153 |
|---|
if((int)$changes[$counter] != 0)
{
$update_query[$counter] = $thread[$counter] + $changes[$counter];
|
if((int)$changes[$counter] != 0)
{
$update_query[$counter] = $thread[$counter] + $changes[$counter];
|
}
}
else
{
$update_query[$counter] = $changes[$counter];
}
// Less than 0? That's bad
| }
}
else
{
$update_query[$counter] = $changes[$counter];
}
// Less than 0? That's bad
|
if(isset($update_query[$counter]) && $update_query[$counter] < 0)
{
$update_query[$counter] = 0;
| if(isset($update_query[$counter]) && $update_query[$counter] < 0)
{
$update_query[$counter] = 0;
|
| Zeile 3135 | Zeile 3174 |
|---|
if(count($update_query) > 0)
{
$db->update_query("threads", $update_query, "tid='{$tid}'");
|
if(count($update_query) > 0)
{
$db->update_query("threads", $update_query, "tid='{$tid}'");
|
}
}
| }
}
|
/**
* Update the first post and lastpost data for a specific thread
*
| /**
* Update the first post and lastpost data for a specific thread
*
|
| Zeile 3182 | Zeile 3221 |
|---|
if(empty($firstpost['username']))
{
$firstpost['username'] = $firstpost['postusername'];
|
if(empty($firstpost['username']))
{
$firstpost['username'] = $firstpost['postusername'];
|
}
| }
|
if(empty($lastpost['username']))
{
$lastpost['username'] = $lastpost['postusername'];
| if(empty($lastpost['username']))
{
$lastpost['username'] = $lastpost['postusername'];
|
| Zeile 3229 | Zeile 3268 |
|---|
// Fetch above counters for this user
$query = $db->simple_select("users", implode(",", $counters), "uid='{$uid}'");
$user = $db->fetch_array($query);
|
// Fetch above counters for this user
$query = $db->simple_select("users", implode(",", $counters), "uid='{$uid}'");
$user = $db->fetch_array($query);
|
foreach($counters as $counter)
|
if($user)
|
{
|
{
|
if(array_key_exists($counter, $changes))
| foreach($counters as $counter)
|
{
|
{
|
if(substr($changes[$counter], 0, 2) == "+-")
{
$changes[$counter] = substr($changes[$counter], 1);
}
// Adding or subtracting from previous value?
if(substr($changes[$counter], 0, 1) == "+" || substr($changes[$counter], 0, 1) == "-")
{
if((int)$changes[$counter] != 0)
| if(array_key_exists($counter, $changes))
{
if(substr($changes[$counter], 0, 2) == "+-")
|
{
|
{
|
$update_query[$counter] = $user[$counter] + $changes[$counter];
| $changes[$counter] = substr($changes[$counter], 1);
}
// Adding or subtracting from previous value?
if(substr($changes[$counter], 0, 1) == "+" || substr($changes[$counter], 0, 1) == "-")
{
if((int)$changes[$counter] != 0)
{
$update_query[$counter] = $user[$counter] + $changes[$counter];
}
}
else
{
$update_query[$counter] = $changes[$counter];
|
}
|
}
|
}
else
{
$update_query[$counter] = $changes[$counter];
}
| |
|
|
// Less than 0? That's bad
if(isset($update_query[$counter]) && $update_query[$counter] < 0)
{
$update_query[$counter] = 0;
| // Less than 0? That's bad
if(isset($update_query[$counter]) && $update_query[$counter] < 0)
{
$update_query[$counter] = 0;
}
|
}
}
}
| }
}
}
|
| Zeile 3390 | Zeile 3432 |
|---|
if(strpos(FORUM_URL, '.html') !== false)
{
$forum_link = "'".str_replace('{fid}', "'+option+'", FORUM_URL)."'";
|
if(strpos(FORUM_URL, '.html') !== false)
{
$forum_link = "'".str_replace('{fid}', "'+option+'", FORUM_URL)."'";
|
}
else
{
| }
else
{
|
$forum_link = "'".str_replace('{fid}', "'+option", FORUM_URL);
}
}
| $forum_link = "'".str_replace('{fid}', "'+option", FORUM_URL);
}
}
|
| Zeile 3425 | Zeile 3467 |
|---|
{
$set = array_merge(range(0, 9), range('A', 'Z'), range('a', 'z'));
$str = array();
|
{
$set = array_merge(range(0, 9), range('A', 'Z'), range('a', 'z'));
$str = array();
|
|
|
// Complex strings have always at least 3 characters, even if $length < 3
if($complex == true)
{
// At least one number
$str[] = $set[my_rand(0, 9)];
|
// Complex strings have always at least 3 characters, even if $length < 3
if($complex == true)
{
// At least one number
$str[] = $set[my_rand(0, 9)];
|
|
|
// At least one big letter
$str[] = $set[my_rand(10, 35)];
// At least one small letter
$str[] = $set[my_rand(36, 61)];
|
// At least one big letter
$str[] = $set[my_rand(10, 35)];
// At least one small letter
$str[] = $set[my_rand(36, 61)];
|
|
|
$length -= 3;
}
for($i = 0; $i < $length; ++$i)
|
$length -= 3;
}
for($i = 0; $i < $length; ++$i)
|
{
| {
|
$str[] = $set[my_rand(0, 61)];
}
| $str[] = $set[my_rand(0, 61)];
}
|
| Zeile 3474 | Zeile 3516 |
|---|
}
if($displaygroup != 0)
|
}
if($displaygroup != 0)
|
{
| {
|
$usergroup = $displaygroup;
|
$usergroup = $displaygroup;
|
}
$format = "{username}";
| }
$format = "{username}";
|
if(isset($groupscache[$usergroup]))
{
|
if(isset($groupscache[$usergroup]))
{
|
| Zeile 3491 | Zeile 3533 |
|---|
}
$format = stripslashes($format);
|
}
$format = stripslashes($format);
|
|
|
$parameters = compact('username', 'usergroup', 'displaygroup', 'format');
$parameters = $plugins->run_hooks('format_name', $parameters);
| $parameters = compact('username', 'usergroup', 'displaygroup', 'format');
$parameters = $plugins->run_hooks('format_name', $parameters);
|
| Zeile 3523 | Zeile 3565 |
|---|
}
if(my_strpos($avatar, '://') !== false && !$mybb->settings['allowremoteavatars'])
|
}
if(my_strpos($avatar, '://') !== false && !$mybb->settings['allowremoteavatars'])
|
{
| {
|
// Remote avatar, but remote avatars are disallowed.
$avatar = null;
}
| // Remote avatar, but remote avatars are disallowed.
$avatar = null;
}
|
| Zeile 3785 | Zeile 3827 |
|---|
if($mybb->settings['allowalignmycode'] == 1)
{
$align = "left,center,right,justify|";
|
if($mybb->settings['allowalignmycode'] == 1)
{
$align = "left,center,right,justify|";
|
}
| }
|
if($mybb->settings['allowfontmycode'] == 1)
{
|
if($mybb->settings['allowfontmycode'] == 1)
{
|
| Zeile 3877 | Zeile 3919 |
|---|
$query = $db->simple_select("threadsubscriptions", "tid, notification", "tid='".(int)$tid."' AND uid='".$mybb->user['uid']."'", array('limit' => 1));
$subscription = $db->fetch_array($query);
|
$query = $db->simple_select("threadsubscriptions", "tid, notification", "tid='".(int)$tid."' AND uid='".$mybb->user['uid']."'", array('limit' => 1));
$subscription = $db->fetch_array($query);
|
if(!empty($subscription) && $subscription['tid'])
| if($subscription)
|
{
$subscription_method = (int)$subscription['notification'] + 1;
}
| {
$subscription_method = (int)$subscription['notification'] + 1;
}
|
| Zeile 5707 | Zeile 5749 |
|---|
}
else
{
|
}
else
{
|
$parts = explode('.', $number);
| if(isset($number))
{
$parts = explode('.', $number);
}
else
{
$parts = array();
}
|
if(isset($parts[1]))
{
|
if(isset($parts[1]))
{
|
| Zeile 6094 | Zeile 6143 |
|---|
$string = preg_replace("#&\#([0-9]+);#", "-", $string);
|
$string = preg_replace("#&\#([0-9]+);#", "-", $string);
|
if(strtolower($lang->settings['charset']) == "utf-8")
| if(isset($lang->settings['charset']) && strtolower($lang->settings['charset']) == "utf-8")
|
{
// Get rid of any excess RTL and LTR override for they are the workings of the devil
$string = str_replace(dec_to_utf8(8238), "", $string);
| {
// Get rid of any excess RTL and LTR override for they are the workings of the devil
$string = str_replace(dec_to_utf8(8238), "", $string);
|
| Zeile 6953 | Zeile 7002 |
|---|
$query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");
if($db->fetch_field($query, "emails") > 0)
|
$query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");
if($db->fetch_field($query, "emails") > 0)
|
{
return true;
}
| {
return true;
}
|
return false;
}
|
return false;
}
|
| Zeile 7019 | Zeile 7068 |
|---|
"~"
);
$terms = str_replace($bad_characters, '', $terms);
|
"~"
);
$terms = str_replace($bad_characters, '', $terms);
|
| | $words = array();
|
// Check if this is a "series of words" - should be treated as an EXACT match
if(my_strpos($terms, "\"") !== false)
{
$inquote = false;
$terms = explode("\"", $terms);
|
// Check if this is a "series of words" - should be treated as an EXACT match
if(my_strpos($terms, "\"") !== false)
{
$inquote = false;
$terms = explode("\"", $terms);
|
$words = array();
| |
foreach($terms as $phrase)
{
$phrase = htmlspecialchars_uni($phrase);
| foreach($terms as $phrase)
{
$phrase = htmlspecialchars_uni($phrase);
|
| Zeile 7071 | Zeile 7120 |
|---|
$words[] = trim($word);
}
}
|
$words[] = trim($word);
}
}
|
}
if(!is_array($words))
{
return false;
| |
}
// Sort the word array by length. Largest terms go first and work their way down to the smallest term.
// This resolves problems like "test tes" where "tes" will be highlighted first, then "test" can't be highlighted because of the changed html
usort($words, 'build_highlight_array_sort');
|
}
// Sort the word array by length. Largest terms go first and work their way down to the smallest term.
// This resolves problems like "test tes" where "tes" will be highlighted first, then "test" can't be highlighted because of the changed html
usort($words, 'build_highlight_array_sort');
|
| |
$highlight_cache = array();
|
// Loop through our words to build the PREG compatible strings
foreach($words as $word)
|
// Loop through our words to build the PREG compatible strings
foreach($words as $word)
|
| Zeile 7231 | Zeile 7277 |
|---|
}
// Still here - good email
|
}
// Still here - good email
|
return false;
}
/**
| return false;
}
/**
|
* Checks if a specific IP address has been banned.
*
* @param string $ip_address The IP address.
| * Checks if a specific IP address has been banned.
*
* @param string $ip_address The IP address.
|
| Zeile 7372 | Zeile 7418 |
|---|
{
$label = $timezone;
if($timezone > 0)
|
{
$label = $timezone;
if($timezone > 0)
|
{
| {
|
$label = "+{$label}";
}
if(strpos($timezone, ".") !== false)
| $label = "+{$label}";
}
if(strpos($timezone, ".") !== false)
|
| Zeile 7511 | Zeile 7557 |
|---|
$curlopt[10203] = array(
$url_components['host'].':'.$url_components['port'].':'.$destination_address
);
|
$curlopt[10203] = array(
$url_components['host'].':'.$url_components['port'].':'.$destination_address
);
|
| | }
if(defined('CURLOPT_DISALLOW_USERNAME_IN_URL'))
{
$curlopt[CURLOPT_DISALLOW_USERNAME_IN_URL] = true;
|
}
if(!empty($post_body))
| }
if(!empty($post_body))
|
| Zeile 9024 | Zeile 9075 |
|---|
}
}
|
}
}
|
if(!$pm['subject'] ||!$pm['message'] || !$pm['touid'] || (!$pm['receivepms'] && !$admin_override))
| if(empty($pm['subject']) || empty($pm['message']) || empty($pm['touid']) || (empty($pm['receivepms']) && !$admin_override))
|
{
return false;
}
| {
return false;
}
|
| Zeile 9048 | Zeile 9099 |
|---|
}
$recipients_bcc = array();
|
}
$recipients_bcc = array();
|
| |
// Workaround for eliminating PHP warnings in PHP 8. Ref: https://github.com/mybb/mybb/issues/4630#issuecomment-1369144163
if(isset($pm['sender']['uid']) && $pm['sender']['uid'] === -1 && $fromid === -1)
{
$sender = array(
"uid" => 0,
"username" => ''
);
}
|
// Determine user ID
if((int)$fromid == 0)
|
// Determine user ID
if((int)$fromid == 0)
|
{
| {
|
$fromid = (int)$mybb->user['uid'];
}
elseif((int)$fromid < 0)
| $fromid = (int)$mybb->user['uid'];
}
elseif((int)$fromid < 0)
|
| Zeile 9070 | Zeile 9130 |
|---|
"do" => '',
"pmid" => ''
);
|
"do" => '',
"pmid" => ''
);
|
| |
// (continued) Workaround for eliminating PHP warnings in PHP 8. Ref: https://github.com/mybb/mybb/issues/4630#issuecomment-1369144163
if(isset($sender))
{
$pm['sender'] = $sender;
}
|
if(isset($session))
{
|
if(isset($session))
{
|