Vergleich usercp.php - 1.2.1 - 1.2.10

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 3Zeile 3
 * MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*

 * MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*

 * Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html

 *

 *

 * $Id: usercp.php 2265 2006-09-26 14:49:36Z Tikitiki $

 * $Id: usercp.php 3478 2007-11-15 04:11:36Z Tikitiki $

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

Zeile 32Zeile 32

if(!$mybb->user['pmfolders'])
{


if(!$mybb->user['pmfolders'])
{

	$mybb->user['pmfolders'] = "1**Inbox$%%$2**Sent Items$%%$3**Drafts$%%$4**Trash Can";

	$mybb->user['pmfolders'] = "1**".$lang->folder_inbox."$%%$2**".$lang->folder_sent_items."$%%$3**".$lang->folder_drafts."$%%$4**".$lang->folder_trash;

	$db->update_query(TABLE_PREFIX."users", array('pmfolders' => $mybb->user['pmfolders']), "uid='".$mybb->user['uid']."'");
}


	$db->update_query(TABLE_PREFIX."users", array('pmfolders' => $mybb->user['pmfolders']), "uid='".$mybb->user['uid']."'");
}


Zeile 52Zeile 52
		'allow_imgcode' => $mybb->settings['sigimgcode']
);
$parsed_sig = $parser->parse_message($mybb->input['signature'], $parser_options);

		'allow_imgcode' => $mybb->settings['sigimgcode']
);
$parsed_sig = $parser->parse_message($mybb->input['signature'], $parser_options);

	if(($mybb->settings['sigimgcode'] == "no" && substr_count($parsed_sig, "<img") > 0) || ($mybb->settings['sigimgcode'] == "yes" && substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages']))





	if((($mybb->settings['sigimgcode'] == "no" && $mybb->settings['sigsmilies'] != 'yes') &&
substr_count($parsed_sig, "<img") > 0) ||
(($mybb->settings['sigimgcode'] == "yes" || $mybb->settings['sigsmilies'] == 'yes') &&
substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages'])
)

	{
if($mybb->settings['sigimgcode'] == "yes")
{

	{
if($mybb->settings['sigimgcode'] == "yes")
{

Zeile 158Zeile 162
	if($mybb->input['away'] == "yes" && $mybb->settings['allowaway'] != "no")
{
$awaydate = time();

	if($mybb->input['away'] == "yes" && $mybb->settings['allowaway'] != "no")
{
$awaydate = time();

		if($mybb->input['awayday'] && $mybb->input['awaymonth'] && $mybb->input['awayyear'])

		if($mybb->input['awayday'])

		{

		{

 
			if(!$mybb->input['awaymonth'])
{
$mybb->input['awaymonth'] = my_date('n', $awaydate);
}

if(!$mybb->input['awayyear'])
{
$mybb->input['awayyear'] = my_date('Y', $awaydate);
}

if($mybb->input['awayyear'] >= 2038)
{
error($lang->error_usercp_return_date_2038);
}


			$returntimestamp = gmmktime(0, 0, 0, $mybb->input['awaymonth'], $mybb->input['awayday'], $mybb->input['awayyear']);
$awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));

			$returntimestamp = gmmktime(0, 0, 0, $mybb->input['awaymonth'], $mybb->input['awayday'], $mybb->input['awayyear']);
$awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));

			if ($returntimestamp < $awaytimestamp)

			if($returntimestamp < $awaytimestamp && $mybb->input['awayyear'] < my_date("Y"))

			{
error($lang->error_usercp_return_date_past);
}

			{
error($lang->error_usercp_return_date_past);
}

Zeile 177Zeile 196
			"date" => $awaydate,
"returndate" => $returndate,
"awayreason" => $mybb->input['awayreason']

			"date" => $awaydate,
"returndate" => $returndate,
"awayreason" => $mybb->input['awayreason']

		);
}
else
{

		);
}
else
{

		$away = array(
"away" => "no",
"date" => '',

		$away = array(
"away" => "no",
"date" => '',

Zeile 218Zeile 237
			$user['usertitle'] = $mybb->input['usertitle'];
}
else if($mybb->input['reverttitle'])

			$user['usertitle'] = $mybb->input['usertitle'];
}
else if($mybb->input['reverttitle'])

		{

		{

			$user['usertitle'] = '';
}
}

			$user['usertitle'] = '';
}
}

Zeile 234Zeile 253
	{
$userhandler->update_user();


	{
$userhandler->update_user();


		$db->update_query(TABLE_PREFIX."users", $newprofile, "uid='".$mybb->user['uid']."'");

 
		$plugins->run_hooks("usercp_do_profile_end");
redirect("usercp.php", $lang->redirect_profileupdated);
}

		$plugins->run_hooks("usercp_do_profile_end");
redirect("usercp.php", $lang->redirect_profileupdated);
}

Zeile 277Zeile 295
		$user['website'] = "http://";
}
else

		$user['website'] = "http://";
}
else

	{

	{

		$user['website'] = htmlspecialchars_uni($user['website']);
}


		$user['website'] = htmlspecialchars_uni($user['website']);
}


Zeile 315Zeile 333
		}
else
{

		}
else
{



			$user['awayreason'] = htmlspecialchars_uni($user['awayreason']);

			if($mybb->user['away'] == "yes")
{
$awaydate = my_date($mybb->settings['dateformat'], $mybb->user['awaydate']);

			if($mybb->user['away'] == "yes")
{
$awaydate = my_date($mybb->settings['dateformat'], $mybb->user['awaydate']);

Zeile 353Zeile 371
	while($profilefield = $db->fetch_array($query))
{
$profilefield['type'] = htmlspecialchars_uni($profilefield['type']);

	while($profilefield = $db->fetch_array($query))
{
$profilefield['type'] = htmlspecialchars_uni($profilefield['type']);

 
		$profilefield['description'] = htmlspecialchars_uni($profilefield['description']);

		$thing = explode("\n", $profilefield['type'], "2");
$type = $thing[0];
$options = $thing[1];

		$thing = explode("\n", $profilefield['type'], "2");
$type = $thing[0];
$options = $thing[1];

Zeile 545Zeile 564
if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{
$plugins->run_hooks("usercp_do_options_start");

if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{
$plugins->run_hooks("usercp_do_options_start");





	// Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

	// Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

Zeile 573Zeile 592
		"receivepms" => $mybb->input['receivepms'],
"pmpopup" => $mybb->input['pmpopup'],
"daysprune" => $mybb->input['daysprune'],

		"receivepms" => $mybb->input['receivepms'],
"pmpopup" => $mybb->input['pmpopup'],
"daysprune" => $mybb->input['daysprune'],

		"showcodebuttons" => $mybb->input['showcodebuttons'],

		"showcodebuttons" => intval($mybb->input['showcodebuttons']),

		"pmnotify" => $mybb->input['pmnotify'],
"showredirect" => $mybb->input['showredirect']
);

		"pmnotify" => $mybb->input['pmnotify'],
"showredirect" => $mybb->input['showredirect']
);

Zeile 600Zeile 619
	else
{
$userhandler->update_user();

	else
{
$userhandler->update_user();


$db->update_query(TABLE_PREFIX."users", $updatedoptions, "uid='".$mybb->user['uid']."'");

 

// If the cookie settings are different, re-set the cookie
if($mybb->input['remember'] != $mybb->user['remember'])


// If the cookie settings are different, re-set the cookie
if($mybb->input['remember'] != $mybb->user['remember'])

Zeile 611Zeile 628
			my_unsetcookie("mybbuser");
// Set the new one
if($mybb->input['remember'] == "yes")

			my_unsetcookie("mybbuser");
// Set the new one
if($mybb->input['remember'] == "yes")

			{

			{

				my_setcookie("mybbuser", $mybb->user['uid']."_".$mybb->user['loginkey'], null, true);

				my_setcookie("mybbuser", $mybb->user['uid']."_".$mybb->user['loginkey'], null, true);

			}

			}

			else
{
my_setcookie("mybbuser", $mybb->user['uid']."_".$mybb->user['loginkey'], -1, true);
}

			else
{
my_setcookie("mybbuser", $mybb->user['uid']."_".$mybb->user['loginkey'], -1, true);
}

		}


		}


		$plugins->run_hooks("usercp_do_options_end");

redirect("usercp.php", $lang->redirect_optionsupdated);

		$plugins->run_hooks("usercp_do_options_end");

redirect("usercp.php", $lang->redirect_optionsupdated);

Zeile 667Zeile 684
	else
{
$invisiblecheck = "";

	else
{
$invisiblecheck = "";

	}

	}


if($user['hideemail'] == "yes")
{
$hideemailcheck = "checked=\"checked\"";


if($user['hideemail'] == "yes")
{
$hideemailcheck = "checked=\"checked\"";

	}

	}

	else
{
$hideemailcheck = "";

	else
{
$hideemailcheck = "";

Zeile 681Zeile 698
	if($user['emailnotify'] == "yes")
{
$emailnotifycheck = "checked=\"checked\"";

	if($user['emailnotify'] == "yes")
{
$emailnotifycheck = "checked=\"checked\"";

	}

	}

	else
{
$emailnotifycheck = "";

	else
{
$emailnotifycheck = "";

Zeile 690Zeile 707
	if($user['showsigs'] == "yes")
{
$showsigscheck = "checked=\"checked\"";;

	if($user['showsigs'] == "yes")
{
$showsigscheck = "checked=\"checked\"";;

	}
else

	}
else

	{
$showsigscheck = "";

	{
$showsigscheck = "";

	}

	}


if($user['showavatars'] == "yes")


if($user['showavatars'] == "yes")

	{

	{

		$showavatarscheck = "checked=\"checked\"";

		$showavatarscheck = "checked=\"checked\"";

	}
else

	}
else

	{
$showavatarscheck = "";

	{
$showavatarscheck = "";

	}

	}


if($user['showquickreply'] == "yes")


if($user['showquickreply'] == "yes")

	{

	{

		$showquickreplycheck = "checked=\"checked\"";
}
else

		$showquickreplycheck = "checked=\"checked\"";
}
else

Zeile 715Zeile 732
	}

if($user['remember'] == "yes")

	}

if($user['remember'] == "yes")

	{

	{

		$remembercheck = "checked=\"checked\"";

		$remembercheck = "checked=\"checked\"";

	}
else

	}
else

	{
$remembercheck = "";

	{
$remembercheck = "";

	}

	}


if($user['receivepms'] == "yes")


if($user['receivepms'] == "yes")

	{

	{

		$receivepmscheck = "checked=\"checked\"";

		$receivepmscheck = "checked=\"checked\"";

	}
else

	}
else

	{
$receivepmscheck = "";

	{
$receivepmscheck = "";

	}

	}


if($user['pmpopup'] == "yes")


if($user['pmpopup'] == "yes")

	{

	{

		$pmpopupcheck = "checked=\"checked\"";
}
else
{
$pmpopupcheck = "";

		$pmpopupcheck = "checked=\"checked\"";
}
else
{
$pmpopupcheck = "";

	}

	}


if($user['dst'] == "yes")
{
$dstcheck = "checked=\"checked\"";
--$mybb->user['timezone'];


if($user['dst'] == "yes")
{
$dstcheck = "checked=\"checked\"";
--$mybb->user['timezone'];

	}
else
{

	}
else
{

		$dstcheck = "";
}
if($user['showcodebuttons'] == 1)
{
$showcodebuttonscheck = "checked=\"checked\"";

		$dstcheck = "";
}
if($user['showcodebuttons'] == 1)
{
$showcodebuttonscheck = "checked=\"checked\"";

	}

	}

	else
{
$showcodebuttonscheck = "";

	else
{
$showcodebuttonscheck = "";

Zeile 762Zeile 779
	if($user['showredirect'] != "no")
{
$showredirectcheck = "checked=\"checked\"";

	if($user['showredirect'] != "no")
{
$showredirectcheck = "checked=\"checked\"";

	}
else

	}
else

	{
$showredirectcheck = "";
}

	{
$showredirectcheck = "";
}

Zeile 866Zeile 883

if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")
{


if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")
{

 
	$errors = array();


	$plugins->run_hooks("usercp_do_email_start");

	$plugins->run_hooks("usercp_do_email_start");

	
$user = validate_password_from_uid($mybb->user['uid'], $mybb->input['password']);
if(!$user['uid'])
{
error($lang->error_invalidpassword);
}
if($mybb->input['email'] != $mybb->input['email2'])
{
error($lang->error_emailmismatch);
}

//Email Banning Code
if($mybb->settings['emailkeep'] != "yes")
{
$bannedemails = explode(" ", $mybb->settings['emailban']);
if(is_array($bannedemails))
{
foreach($bannedemails as $key => $bannedemail)
{
$bannedemail = trim($bannedemail);
if($bannedemail != "")
{
if(strstr($mybb->input['email'], $bannedemail) != "")
{
error($lang->error_bannedemail);
}
}
}
}
}
if(!preg_match("/^(.+)@[a-zA-Z0-9-]+\.[a-zA-Z0-9.-]+$/si", $mybb->input['email']))
{
error($lang->error_invalidemail);
}
if(function_exists("emailChanged"))
{
emailChanged($mybb->user['uid'], $mybb->input['email']);
}

if($mybb->user['usergroup'] != "5")
{
$activationcode = random_str();
$now = time();
$db->delete_query(TABLE_PREFIX."awaitingactivation", "uid='".$mybb->user['uid']."'");
$newactivation = array(

	if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false)
{
$errors[] = $lang->error_invalidpassword;
}
else
{
// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

$user = array(



































			"uid" => $mybb->user['uid'],

			"uid" => $mybb->user['uid'],

			"dateline" => time(), 
"code" => $activationcode,
"type" => "e",
"oldgroup" => $mybb->user['usergroup'],
"misc" => $db->escape_string($mybb->input['email'])

			"email" => $mybb->input['email'],
"email2" => $mybb->input['email2']




		);

		);

 

$userhandler->set_data($user);

if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();
}
else
{
if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != "yes")
{
$activationcode = random_str();
$now = time();
$db->delete_query(TABLE_PREFIX."awaitingactivation", "uid='".$mybb->user['uid']."'");
$newactivation = array(
"uid" => $mybb->user['uid'],
"dateline" => time(),
"code" => $activationcode,
"type" => "e",
"oldgroup" => $mybb->user['usergroup'],
"misc" => $db->escape_string($mybb->input['email'])
);
$db->insert_query(TABLE_PREFIX."awaitingactivation", $newactivation);

		

		

		$db->insert_query(TABLE_PREFIX."awaitingactivation", $newactivation); 

$username = $mybb->user['username'];
$uid = $mybb->user['uid'];
$lang->emailsubject_changeemail = sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']);
$lang->email_changeemail = sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->input['email'], $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']);
my_mail($mybb->input['email'], $lang->emailsubject_changeemail, $lang->email_changeemail);
$plugins->run_hooks("usercp_do_email_verify");
error($lang->redirect_changeemail_activation);
}
else
{
$db->update_query(TABLE_PREFIX."users", array('email' => $db->escape_string($mybb->input['email'])), "uid='".$mybb->user['uid']."'");
$plugins->run_hooks("usercp_do_email_changed");
redirect("usercp.php", $lang->redirect_emailupdated);
}






				$username = $mybb->user['username'];
$uid = $mybb->user['uid'];
$lang->emailsubject_changeemail = sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']);
$lang->email_changeemail = sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->input['email'], $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']);
my_mail($mybb->input['email'], $lang->emailsubject_changeemail, $lang->email_changeemail);
$plugins->run_hooks("usercp_do_email_verify");
error($lang->redirect_changeemail_activation);
}
else
{
$userhandler->update_user();
$plugins->run_hooks("usercp_do_email_changed");
redirect("usercp.php", $lang->redirect_emailupdated);
}
}
}
if(count($errors) > 0)
{
$mybb->input['action'] = "email";
$errors = inline_error($errors);
}

}

if($mybb->input['action'] == "email")
{

}

if($mybb->input['action'] == "email")
{

 
	// Coming back to this page after one or more errors were experienced, show fields the user previously entered (with the exception of the password)
if($errors)
{
$email = htmlspecialchars_uni($mybb->input['email']);
$email2 = htmlspecialchars_uni($mybb->input['email2']);
}
else
{
$email = $email2 = '';
}


	$plugins->run_hooks("usercp_email_start");
eval("\$changemail = \"".$templates->get("usercp_email")."\";");
$plugins->run_hooks("usercp_email_end");

	$plugins->run_hooks("usercp_email_start");
eval("\$changemail = \"".$templates->get("usercp_email")."\";");
$plugins->run_hooks("usercp_email_end");

Zeile 948Zeile 969

if($mybb->input['action'] == "do_password" && $mybb->request_method == "post")
{


if($mybb->input['action'] == "do_password" && $mybb->request_method == "post")
{

 
	$errors = array();


	$plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)
{

	$plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)
{

        error($lang->error_invalidpassword); 
}
if($mybb->input['password'] == "")
{
error($lang->error_invalidnewpassword);
}
if($mybb->input['password'] != $mybb->input['password2'])
{
error($lang->error_passwordmismatch);
}
$plugins->run_hooks("usercp_do_password_process");
$logindetails = update_password($mybb->user['uid'], md5($mybb->input['password']), $mybb->user['salt']);

my_setcookie("mybbuser", $mybb->user['uid']."_".$logindetails['loginkey']);
$plugins->run_hooks("usercp_do_password_end");
redirect("usercp.php", $lang->redirect_passwordupdated);
}


















		$errors[] = $lang->error_invalidpassword;
}
else
{
// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

$user = array(
"uid" => $mybb->user['uid'],
"password" => $mybb->input['password'],
"password2" => $mybb->input['password2']
);

$userhandler->set_data($user);

if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();
}
else
{
$userhandler->update_user();
my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey']);
$plugins->run_hooks("usercp_do_password_end");
redirect("usercp.php", $lang->redirect_passwordupdated);
}
}
if(count($errors) > 0)
{
$mybb->input['action'] = "password";
$errors = inline_error($errors);
}
}


if($mybb->input['action'] == "password")
{


if($mybb->input['action'] == "password")
{

Zeile 976Zeile 1016
	$plugins->run_hooks("usercp_password_end");
output_page($editpassword);
}

	$plugins->run_hooks("usercp_password_end");
output_page($editpassword);
}





if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post")
{
$plugins->run_hooks("usercp_do_changename_start");

if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post")
{
$plugins->run_hooks("usercp_do_changename_start");

	if($mybb->usergroup['canchangename'] != "yes")
{
error_no_permission();
}

if(!trim($mybb->input['username']) || eregi("<|>|&", $mybb->input['username']))
{
error($lang->error_bannedusername);
}
$query = $db->simple_select(TABLE_PREFIX."users", "username", "LOWER(username)='".strtolower($mybb->input['username'])."'");

if($db->fetch_array($query))
{
error($lang->error_usernametaken);
}
$plugins->run_hooks("usercp_do_changename_process");
$db->update_query(TABLE_PREFIX."users", array('username' => $db->escape_string($mybb->input['username'])), "uid='".$mybb->user['uid']."'");
$db->update_query(TABLE_PREFIX."forums", array('lastposter' => $db->escape_string($mybb->input['username'])), "lastposter='".$mybb->user['username']."'");
$db->update_query(TABLE_PREFIX."threads", array('lastposter' => $db->escape_string($mybb->input['username'])), "lastposter='".$mybb->user['username']."'");
$plugins->run_hooks("usercp_do_changename_end");
redirect("usercp.php", $lang->redirect_namechanged);



















	if($mybb->usergroup['canchangename'] != "yes")
{
error_no_permission();
}

if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false)
{
$errors[] = $lang->error_invalidpassword;
}
else
{
// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

$user = array(
"uid" => $mybb->user['uid'],
"username" => $mybb->input['username']
);

$userhandler->set_data($user);

if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();
}
else
{
$userhandler->update_user();
$plugins->run_hooks("usercp_do_changename_end");
redirect("usercp.php", $lang->redirect_namechanged);

}
}
if(count($errors) > 0)
{
$errors = inline_error($errors);
$mybb->input['action'] = "changename";
}

}

if($mybb->input['action'] == "changename")

}

if($mybb->input['action'] == "changename")

Zeile 1052Zeile 1110
		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE f.type='f' AND f.uid='".$mybb->user['uid']."'
ORDER BY t.lastpost DESC

		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE f.type='f' AND f.uid='".$mybb->user['uid']."'
ORDER BY t.lastpost DESC

 
		LIMIT {$start}, {$perpage}

	");
while($favorite = $db->fetch_array($query))
{

	");
while($favorite = $db->fetch_array($query))
{

Zeile 1384Zeile 1443
	output_page($editsig);
}


	output_page($editsig);
}


 	if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post") 





if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post") 
{
$plugins->run_hooks("usercp_do_avatar_start");
require_once MYBB_ROOT."inc/functions_upload.php";
if($mybb->input['remove']) // remove avatar

	{ 

	{ 

		$plugins->run_hooks("usercp_do_avatar_start"); 
require_once MYBB_ROOT."inc/functions_upload.php";
if($mybb->input['remove']) // remove avatar
{
$updated_avatar = array(
"avatar" => "",
"avatardimensions" => "",
"avatartype" => ""
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
































		$updated_avatar = array( 
"avatar" => "",
"avatardimensions" => "",
"avatartype" => ""
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
}
elseif($mybb->input['gallery']) // Gallery avatar
{
if(empty($mybb->input['avatar']))
{
$avatar_error = $lang->error_noavatar;
}

if(empty($avatar_error))
{
if($mybb->input['gallery'] == "default")
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']);
}
else
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']);
}
if(file_exists($avatarpath))
{
$updated_avatar = array(
"avatar" => $avatarpath,
"avatardimensions" => "",
"avatartype" => "gallery"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
remove_avatars($mybb->user['uid']);
}
}
elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == "no")
{
error_no_permission();

		} 

		} 

		elseif($mybb->input['gallery']) // Gallery avatar 
{
if($mybb->input['gallery'] == "default")
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']);


































































		$avatar = upload_avatar(); 
if($avatar['error'])
{
$avatar_error = $avatar['error'];
}
else
{
if($avatar['width'] > 0 && $avatar['height'] > 0)
{
$avatar_dimensions = $avatar['width']."|".$avatar['height'];
}
$updated_avatar = array(
"avatar" => $avatar['avatar'],
"avatardimensions" => $avatar_dimensions,
"avatartype" => "upload"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
}
else // remote avatar
{
$mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']);
$mybb->input['avatarurl'] = htmlspecialchars($mybb->input['avatarurl']);
$ext = get_extension($mybb->input['avatarurl']);

// Copy the avatar to the local server (work around remote URL access disabled for getimagesize)
$file = fetch_remote_file($mybb->input['avatarurl']);
if(!$file)
{
$avatar_error = $lang->error_invalidavatarurl;
}
else
{
$tmp_name = $mybb->settings['avataruploadpath']."/remote_".md5(uniqid(rand(), true));
$fp = @fopen($tmp_name, "wb");
if(!$fp)
{
$avatar_error = $lang->error_invalidavatarurl;
}
else
{
fwrite($fp, $file);
fclose($fp);
list($width, $height, $type) = @getimagesize($tmp_name);
@unlink($tmp_name);
if(!$type)
{
$avatar_error = $lang->error_invalidavatarurl;
}
}
}

if(empty($avatar_error))
{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{
list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);
if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
$avatar_error = $lang->error_avatartoobig;
}
}
}

if(empty($avatar_error))
{
if($width > 0 && $height > 0)
{
$avatar_dimensions = intval($width)."|".intval($height);

			} 

			} 

            else 
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']);
}
if(file_exists($avatarpath))
{
$updated_avatar = array(
"avatar" => $avatarpath,
"avatardimensions" => "",
"avatartype" => "gallery"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
remove_avatars($mybb->user['uid']);
}
elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == "no")
{
error_no_permission();
}
$avatar = upload_avatar();
if($avatar['error'])
{
error($avatar['error']);
}
if($avatar['width'] > 0 && $avatar['height'] > 0)
{
$avatar_dimensions = $avatar['width']."|".$avatar['height'];
}
$updated_avatar = array(
"avatar" => $avatar['avatar'],
"avatardimensions" => $avatar_dimensions,
"avatartype" => "upload"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
else // remote avatar
{
$mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']);
$mybb->input['avatarurl'] = htmlspecialchars($mybb->input['avatarurl']);
$ext = get_extension($mybb->input['avatarurl']);
list($width, $height, $type) = @getimagesize($mybb->input['avatarurl']);

			$updated_avatar = array( 
"avatar" => $db->escape_string($mybb->input['avatarurl']),
"avatardimensions" => $avatar_dimensions,
"avatartype" => "remote"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
}
}







































            if(!$type) 
{
error($lang->error_invalidavatarurl);
}

if($width && $height && $mybb->settings['maxavatardims'] != "")
{
list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);
if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
error($lang->error_avatartoobig);
}
}
if($width > 0 && $height > 0)
{
$avatar_dimensions = intval($width)."|".intval($height);
}
$updated_avatar = array(
"avatar" => $db->escape_string($mybb->input['avatarurl']),
"avatardimensions" => $avatar_dimensions,
"avatartype" => "remote"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
}
$plugins->run_hooks("usercp_do_avatar_end");
redirect("usercp.php", $lang->redirect_avatarupdated);

	if(empty($avatar_error))
{
$plugins->run_hooks("usercp_do_avatar_end");
redirect("usercp.php", $lang->redirect_avatarupdated);
}
else
{
$mybb->input['action'] = "avatar";
$avatar_error = inline_error($avatar_error);
}



















} 

if($mybb->input['action'] == "avatar")

} 

if($mybb->input['action'] == "avatar")

Zeile 1562Zeile 1669
		else
{
eval("\$avatarlist = \"".$templates->get("usercp_avatar_gallery_noavatars")."\";");

		else
{
eval("\$avatarlist = \"".$templates->get("usercp_avatar_gallery_noavatars")."\";");

		}

		}

		eval("\$gallery = \"".$templates->get("usercp_avatar_gallery")."\";");
$plugins->run_hooks("usercp_avatar_end");
output_page($gallery);

		eval("\$gallery = \"".$templates->get("usercp_avatar_gallery")."\";");
$plugins->run_hooks("usercp_avatar_end");
output_page($gallery);

Zeile 1571Zeile 1678
	else
{
if($mybb->user['avatartype'] == "upload" || stristr($mybb->user['avatar'], $mybb->settings['avataruploadpath']))

	else
{
if($mybb->user['avatartype'] == "upload" || stristr($mybb->user['avatar'], $mybb->settings['avataruploadpath']))

		{

		{

			$avatarmsg = "<br /><strong>".$lang->already_uploaded_avatar."</strong>";
}
elseif($mybb->user['avatartype'] == "gallery" || stristr($mybb->user['avatar'], $mybb->settings['avatardir']))
{
$avatarmsg = "<br /><strong>".$lang->using_gallery_avatar."</strong>";

			$avatarmsg = "<br /><strong>".$lang->already_uploaded_avatar."</strong>";
}
elseif($mybb->user['avatartype'] == "gallery" || stristr($mybb->user['avatar'], $mybb->settings['avatardir']))
{
$avatarmsg = "<br /><strong>".$lang->using_gallery_avatar."</strong>";

		}

		}

		elseif($mybb->user['avatartype'] == "remote" || strstr(strtolower($mybb->user['avatar']), "http://") !== false)
{
$avatarmsg = "<br /><strong>".$lang->using_remote_avatar."</strong>";

		elseif($mybb->user['avatartype'] == "remote" || strstr(strtolower($mybb->user['avatar']), "http://") !== false)
{
$avatarmsg = "<br /><strong>".$lang->using_remote_avatar."</strong>";

Zeile 1585Zeile 1692
		}
$urltoavatar = htmlspecialchars_uni($mybb->user['avatar']);
if($mybb->user['avatar'])

		}
$urltoavatar = htmlspecialchars_uni($mybb->user['avatar']);
if($mybb->user['avatar'])

		{

		{

			$avatar_dimensions = explode("|", $mybb->user['avatardimensions']);
if($avatar_dimensions[0] && $avatar_dimensions[1])
{

			$avatar_dimensions = explode("|", $mybb->user['avatardimensions']);
if($avatar_dimensions[0] && $avatar_dimensions[1])
{

Zeile 1655Zeile 1762
	$ignorelist = '';
$ignorearray = explode(",", $mybb->user['ignorelist']);
if(is_array($ignorearray))

	$ignorelist = '';
$ignorearray = explode(",", $mybb->user['ignorelist']);
if(is_array($ignorearray))

	{

	{

		foreach($ignorearray as $key => $ignoreid)
{
$ignoresql .= "$comma2'$ignoreid'";

		foreach($ignorearray as $key => $ignoreid)
{
$ignoresql .= "$comma2'$ignoreid'";

Zeile 1679Zeile 1786
	eval("\$listpage = \"".$templates->get("usercp_editlists")."\";");
$plugins->run_hooks("usercp_editlists_end");
output_page($listpage);

	eval("\$listpage = \"".$templates->get("usercp_editlists")."\";");
$plugins->run_hooks("usercp_editlists_end");
output_page($listpage);

}

}

if($mybb->input['action'] == "do_editlists" && $mybb->request_method == "post")
{
$plugins->run_hooks("usercp_do_editlists_start");

if($mybb->input['action'] == "do_editlists" && $mybb->request_method == "post")
{
$plugins->run_hooks("usercp_do_editlists_start");

Zeile 1703Zeile 1810
		$comma2 = ",";
}
if($mybb->input['list'] == "ignore")

		$comma2 = ",";
}
if($mybb->input['list'] == "ignore")

	{

	{

		$type = "ignorelist";
}
else

		$type = "ignorelist";
}
else

Zeile 1751Zeile 1858
		eval("\$drafts .= \"".$templates->get("usercp_drafts_draft")."\";");
}
if(!$drafts)

		eval("\$drafts .= \"".$templates->get("usercp_drafts_draft")."\";");
}
if(!$drafts)

	{

	{

		eval("\$drafts = \"".$templates->get("usercp_drafts_none")."\";");
}
else
{
eval("\$draftsubmit = \"".$templates->get("usercp_drafts_submit")."\";");

		eval("\$drafts = \"".$templates->get("usercp_drafts_none")."\";");
}
else
{
eval("\$draftsubmit = \"".$templates->get("usercp_drafts_submit")."\";");

	}

	}

	eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";");
$plugins->run_hooks("usercp_drafts_end");
output_page($draftlist);

	eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";");
$plugins->run_hooks("usercp_drafts_end");
output_page($draftlist);

Zeile 1775Zeile 1882
	foreach($mybb->input['deletedraft'] as $id => $val)
{
if($val == "post")

	foreach($mybb->input['deletedraft'] as $id => $val)
{
if($val == "post")

		{

		{

			$pidin[] = "'".intval($id)."'";
}
elseif($val == "thread")
{
$tidin[] = "'".intval($id)."'";

			$pidin[] = "'".intval($id)."'";
}
elseif($val == "thread")
{
$tidin[] = "'".intval($id)."'";

		}

		}

	}
if($tidin)

	}
if($tidin)

	{

	{

		$tidin = implode(",", $tidin);
$db->delete_query(TABLE_PREFIX."threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'");
$tidinp = "OR tid IN ($tidin)";

		$tidin = implode(",", $tidin);
$db->delete_query(TABLE_PREFIX."threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'");
$tidinp = "OR tid IN ($tidin)";

Zeile 1799Zeile 1906
		else
{
$pidinq = "1=0";

		else
{
$pidinq = "1=0";

		}

		}

		$db->delete_query(TABLE_PREFIX."posts", "($pidinq $tidinp) AND visible='-2' AND uid='".$mybb->user['uid']."'");
}
$plugins->run_hooks("usercp_do_drafts_end");

		$db->delete_query(TABLE_PREFIX."posts", "($pidinq $tidinp) AND visible='-2' AND uid='".$mybb->user['uid']."'");
}
$plugins->run_hooks("usercp_do_drafts_end");

Zeile 1813Zeile 1920
	// Changing our display group
if($mybb->input['displaygroup'])
{

	// Changing our display group
if($mybb->input['displaygroup'])
{

		if(!strstr($ingroups, ",".$mybb->input['displaygroup'].","))

		if(strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)

		{
error($lang->not_member_of_group);
}

		{
error($lang->not_member_of_group);
}

Zeile 1832Zeile 1939
	// Leaving a group
if($mybb->input['leavegroup'])
{

	// Leaving a group
if($mybb->input['leavegroup'])
{

		if(!strstr($ingroups, ",".$mybb->input['leavegroup'].","))

		if(strpos($ingroups, ",".$mybb->input['leavegroup'].",") === false)

		{
error($lang->not_member_of_group);
}

		{
error($lang->not_member_of_group);
}

Zeile 1849Zeile 1956
		leave_usergroup($mybb->user['uid'], $mybb->input['leavegroup']);
$plugins->run_hooks("usercp_usergroups_leave_group");
redirect("usercp.php?action=usergroups", $lang->left_group);

		leave_usergroup($mybb->user['uid'], $mybb->input['leavegroup']);
$plugins->run_hooks("usercp_usergroups_leave_group");
redirect("usercp.php?action=usergroups", $lang->left_group);

 
		exit;

	}

// Joining a group

	}

// Joining a group

Zeile 1863Zeile 1971
			error($lang->cannot_join_group);
}


			error($lang->cannot_join_group);
}


		if(strstr($ingroups, ",".intval($mybb->input['joingroup']).",") || $mybb->user['usergroup'] == $mybb->input['joingroup'] || $mybb->user['displaygroup'] == $mybb->input['joingroup'])

		if(strpos($ingroups, ",".intval($mybb->input['joingroup']).",") !== false)

		{
error($lang->already_member_of_group);
}

		{
error($lang->already_member_of_group);
}

Zeile 1895Zeile 2003
			$joingroup = $mybb->input['joingroup'];
eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";");
output_page($joinpage);

			$joingroup = $mybb->input['joingroup'];
eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";");
output_page($joinpage);

 
			exit();

		}
else
{

		}
else
{

Zeile 2127Zeile 2236
	$bandwidth = get_friendly_size($bandwidth);
if($mybb->usergroup['attachquota'])
{

	$bandwidth = get_friendly_size($bandwidth);
if($mybb->usergroup['attachquota'])
{

		$percent = round(($totalusage/($mybb->usergroup['attachquota']*1000))*100)."%";
$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1000);

		$percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100)."%";
$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);

		$usagenote = sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);
}
else

		$usagenote = sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);
}
else

Zeile 2174Zeile 2283
		$perday = $mybb->user['postnum'];
}


		$perday = $mybb->user['postnum'];
}


	$query = $db->simple_select(TABLE_PREFIX."posts", "COUNT(pid) AS posts", "visible > 0");
$posts = $db->fetch_field($query, "posts");

	$stats = $cache->read("stats");
$posts = $stats['numposts'];

	if($posts == 0)
{
$percent = "0";

	if($posts == 0)
{
$percent = "0";

Zeile 2212Zeile 2321
	}
// Make reputations row
$reputations = '';

	}
// Make reputations row
$reputations = '';

	if($mybb->usergroup['usereputationsystem'] == 'yes')

	if($mybb->usergroup['usereputationsystem'] == 'yes' && $mybb->settings['enablereputation'] == 'yes')

	{
$reputation_link = get_reputation($mybb->user['reputation']);
eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");

	{
$reputation_link = get_reputation($mybb->user['reputation']);
eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");