| Zeile 3 | Zeile 3 |
|---|
* MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*
|
* MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*
|
* Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html
| * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html
|
*
|
*
|
* $Id: usercp.php 2265 2006-09-26 14:49:36Z Tikitiki $
| * $Id: usercp.php 3598 2008-01-20 20:42:43Z Tikitiki $
|
*/
define("IN_MYBB", 1);
| */
define("IN_MYBB", 1);
|
| Zeile 32 | Zeile 32 |
|---|
if(!$mybb->user['pmfolders'])
{
|
if(!$mybb->user['pmfolders'])
{
|
$mybb->user['pmfolders'] = "1**Inbox$%%$2**Sent Items$%%$3**Drafts$%%$4**Trash Can";
| $mybb->user['pmfolders'] = "1**".$lang->folder_inbox."$%%$2**".$lang->folder_sent_items."$%%$3**".$lang->folder_drafts."$%%$4**".$lang->folder_trash;
|
$db->update_query(TABLE_PREFIX."users", array('pmfolders' => $mybb->user['pmfolders']), "uid='".$mybb->user['uid']."'");
}
| $db->update_query(TABLE_PREFIX."users", array('pmfolders' => $mybb->user['pmfolders']), "uid='".$mybb->user['uid']."'");
}
|
| Zeile 52 | Zeile 52 |
|---|
'allow_imgcode' => $mybb->settings['sigimgcode']
);
$parsed_sig = $parser->parse_message($mybb->input['signature'], $parser_options);
|
'allow_imgcode' => $mybb->settings['sigimgcode']
);
$parsed_sig = $parser->parse_message($mybb->input['signature'], $parser_options);
|
if(($mybb->settings['sigimgcode'] == "no" && substr_count($parsed_sig, "<img") > 0) || ($mybb->settings['sigimgcode'] == "yes" && substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages']))
| if((($mybb->settings['sigimgcode'] == "no" && $mybb->settings['sigsmilies'] != 'yes') &&
substr_count($parsed_sig, "<img") > 0) ||
(($mybb->settings['sigimgcode'] == "yes" || $mybb->settings['sigsmilies'] == 'yes') &&
substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages'])
)
|
{
if($mybb->settings['sigimgcode'] == "yes")
{
| {
if($mybb->settings['sigimgcode'] == "yes")
{
|
| Zeile 153 | Zeile 157 |
|---|
if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post")
{
|
if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_profile_start");
if($mybb->input['away'] == "yes" && $mybb->settings['allowaway'] != "no")
{
$awaydate = time();
|
$plugins->run_hooks("usercp_do_profile_start");
if($mybb->input['away'] == "yes" && $mybb->settings['allowaway'] != "no")
{
$awaydate = time();
|
if($mybb->input['awayday'] && $mybb->input['awaymonth'] && $mybb->input['awayyear'])
| if($mybb->input['awayday'])
|
{
|
{
|
| | if(!$mybb->input['awaymonth'])
{
$mybb->input['awaymonth'] = my_date('n', $awaydate);
}
if(!$mybb->input['awayyear'])
{
$mybb->input['awayyear'] = my_date('Y', $awaydate);
}
if($mybb->input['awayyear'] >= 2038)
{
error($lang->error_usercp_return_date_2038);
}
|
$returntimestamp = gmmktime(0, 0, 0, $mybb->input['awaymonth'], $mybb->input['awayday'], $mybb->input['awayyear']);
$awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));
|
$returntimestamp = gmmktime(0, 0, 0, $mybb->input['awaymonth'], $mybb->input['awayday'], $mybb->input['awayyear']);
$awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));
|
if ($returntimestamp < $awaytimestamp)
| if($returntimestamp < $awaytimestamp && $mybb->input['awayyear'] < my_date("Y"))
|
{
error($lang->error_usercp_return_date_past);
}
| {
error($lang->error_usercp_return_date_past);
}
|
| Zeile 229 | Zeile 251 |
|---|
$errors = $userhandler->get_friendly_errors();
$errors = inline_error($errors);
$mybb->input['action'] = "profile";
|
$errors = $userhandler->get_friendly_errors();
$errors = inline_error($errors);
$mybb->input['action'] = "profile";
|
}
| }
|
else
{
$userhandler->update_user();
|
else
{
$userhandler->update_user();
|
$db->update_query(TABLE_PREFIX."users", $newprofile, "uid='".$mybb->user['uid']."'");
| |
$plugins->run_hooks("usercp_do_profile_end");
redirect("usercp.php", $lang->redirect_profileupdated);
}
| $plugins->run_hooks("usercp_do_profile_end");
redirect("usercp.php", $lang->redirect_profileupdated);
}
|
| Zeile 243 | Zeile 264 |
|---|
if($mybb->input['action'] == "profile")
{
if($errors)
|
if($mybb->input['action'] == "profile")
{
if($errors)
|
{
| {
|
$user = $mybb->input;
$bday = array();
$bday[0] = $mybb->input['bday1'];
| $user = $mybb->input;
$bday = array();
$bday[0] = $mybb->input['bday1'];
|
| Zeile 257 | Zeile 278 |
|---|
}
$plugins->run_hooks("usercp_profile_start");
|
}
$plugins->run_hooks("usercp_profile_start");
|
|
|
$bdaysel = '';
for($i = 1; $i <= 31; $i++)
|
$bdaysel = '';
for($i = 1; $i <= 31; $i++)
|
{
| {
|
if($bday[0] == $i)
{
$bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
| if($bday[0] == $i)
{
$bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
|
| Zeile 273 | Zeile 294 |
|---|
$bdaymonthsel[$bday[1]] = "selected";
if($user['website'] == "" || $user['website'] == "http://")
|
$bdaymonthsel[$bday[1]] = "selected";
if($user['website'] == "" || $user['website'] == "http://")
|
{
| {
|
$user['website'] = "http://";
}
else
|
$user['website'] = "http://";
}
else
|
{
| {
|
$user['website'] = htmlspecialchars_uni($user['website']);
}
if($user['icq'] != "0")
{
$user['icq'] = intval($user['icq']);
|
$user['website'] = htmlspecialchars_uni($user['website']);
}
if($user['icq'] != "0")
{
$user['icq'] = intval($user['icq']);
|
}
| }
|
if($user['icq'] == 0)
{
$user['icq'] = "";
| if($user['icq'] == 0)
{
$user['icq'] = "";
|
| Zeile 315 | Zeile 336 |
|---|
}
else
{
|
}
else
{
|
| $user['awayreason'] = htmlspecialchars_uni($user['awayreason']);
|
if($mybb->user['away'] == "yes")
|
if($mybb->user['away'] == "yes")
|
{
| {
|
$awaydate = my_date($mybb->settings['dateformat'], $mybb->user['awaydate']);
$awaycheck['yes'] = "checked";
$awaynotice = sprintf($lang->away_notice_away, $awaydate);
|
$awaydate = my_date($mybb->settings['dateformat'], $mybb->user['awaydate']);
$awaycheck['yes'] = "checked";
$awaynotice = sprintf($lang->away_notice_away, $awaydate);
|
}
else
{
| }
else
{
|
$awaynotice = $lang->away_notice;
$awaycheck['no'] = "checked";
|
$awaynotice = $lang->away_notice;
$awaycheck['no'] = "checked";
|
}
| }
|
$returndate = explode("-", $mybb->user['returndate']);
}
$returndatesel = '';
| $returndate = explode("-", $mybb->user['returndate']);
}
$returndatesel = '';
|
| Zeile 335 | Zeile 356 |
|---|
if($returndate[0] == $i)
{
$returndatesel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
|
if($returndate[0] == $i)
{
$returndatesel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
|
}
| }
|
else
{
$returndatesel .= "<option value=\"$i\">$i</option>\n";
|
else
{
$returndatesel .= "<option value=\"$i\">$i</option>\n";
|
}
| }
|
}
$returndatemonthsel[$returndate[1]] = "selected";
| }
$returndatemonthsel[$returndate[1]] = "selected";
|
| Zeile 353 | Zeile 374 |
|---|
while($profilefield = $db->fetch_array($query))
{
$profilefield['type'] = htmlspecialchars_uni($profilefield['type']);
|
while($profilefield = $db->fetch_array($query))
{
$profilefield['type'] = htmlspecialchars_uni($profilefield['type']);
|
| | $profilefield['description'] = htmlspecialchars_uni($profilefield['description']);
|
$thing = explode("\n", $profilefield['type'], "2");
$type = $thing[0];
$options = $thing[1];
| $thing = explode("\n", $profilefield['type'], "2");
$type = $thing[0];
$options = $thing[1];
|
| Zeile 363 | Zeile 385 |
|---|
$userfield = $mybb->input['profile_fields'][$field];
}
else
|
$userfield = $mybb->input['profile_fields'][$field];
}
else
|
{
| {
|
$userfield = $user[$field];
}
if($type == "multiselect")
|
$userfield = $user[$field];
}
if($type == "multiselect")
|
{
if($errors)
{
$useropts = $userfield;
}
else
{
$useropts = explode("\n", $userfield);
}
if(is_array($useropts))
{
foreach($useropts as $key => $val)
{
$seloptions[$val] = $val;
}
}
$expoptions = explode("\n", $options);
if(is_array($expoptions))
{
| {
if($errors)
{
$useropts = $userfield;
}
else
{
$useropts = explode("\n", $userfield);
}
if(is_array($useropts))
{
foreach($useropts as $key => $val)
{
$seloptions[$val] = $val;
}
}
$expoptions = explode("\n", $options);
if(is_array($expoptions))
{
|
foreach($expoptions as $key => $val)
{
$val = trim($val);
| foreach($expoptions as $key => $val)
{
$val = trim($val);
|
| Zeile 437 | Zeile 459 |
|---|
{
$checked = "";
if($val == $userfield)
|
{
$checked = "";
if($val == $userfield)
|
{
$checked = "checked=\"checked\"";
}
| {
$checked = "checked=\"checked\"";
}
|
$code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\" $checked /> <span class=\"smalltext\">$val</span><br />";
}
}
| $code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\" $checked /> <span class=\"smalltext\">$val</span><br />";
}
}
|
| Zeile 492 | Zeile 514 |
|---|
else
{
eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");
|
else
{
eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");
|
}
| }
|
$altbg = alt_trow();
$code = "";
$select = "";
| $altbg = alt_trow();
$code = "";
$select = "";
|
| Zeile 544 | Zeile 566 |
|---|
if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{
|
if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_options_start");
// Set up user handler.
| $plugins->run_hooks("usercp_do_options_start");
// Set up user handler.
|
| Zeile 573 | Zeile 598 |
|---|
"receivepms" => $mybb->input['receivepms'],
"pmpopup" => $mybb->input['pmpopup'],
"daysprune" => $mybb->input['daysprune'],
|
"receivepms" => $mybb->input['receivepms'],
"pmpopup" => $mybb->input['pmpopup'],
"daysprune" => $mybb->input['daysprune'],
|
"showcodebuttons" => $mybb->input['showcodebuttons'],
| "showcodebuttons" => intval($mybb->input['showcodebuttons']),
|
"pmnotify" => $mybb->input['pmnotify'],
"showredirect" => $mybb->input['showredirect']
);
| "pmnotify" => $mybb->input['pmnotify'],
"showredirect" => $mybb->input['showredirect']
);
|
| Zeile 600 | Zeile 625 |
|---|
else
{
$userhandler->update_user();
|
else
{
$userhandler->update_user();
|
$db->update_query(TABLE_PREFIX."users", $updatedoptions, "uid='".$mybb->user['uid']."'");
| |
// If the cookie settings are different, re-set the cookie
if($mybb->input['remember'] != $mybb->user['remember'])
|
// If the cookie settings are different, re-set the cookie
if($mybb->input['remember'] != $mybb->user['remember'])
|
| Zeile 845 | Zeile 868 |
|---|
$explodedppp = explode(",", $mybb->settings['userpppoptions']);
$pppoptions = '';
if(is_array($explodedppp))
|
$explodedppp = explode(",", $mybb->settings['userpppoptions']);
$pppoptions = '';
if(is_array($explodedppp))
|
{
| {
|
foreach($explodedppp as $key => $val)
{
$val = trim($val);
| foreach($explodedppp as $key => $val)
{
$val = trim($val);
|
| Zeile 866 | Zeile 889 |
|---|
if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")
{
|
if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")
{
|
$plugins->run_hooks("usercp_do_email_start");
| // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
|
|
$user = validate_password_from_uid($mybb->user['uid'], $mybb->input['password']);
if(!$user['uid'])
{
error($lang->error_invalidpassword);
}
if($mybb->input['email'] != $mybb->input['email2'])
{
error($lang->error_emailmismatch);
}
//Email Banning Code
if($mybb->settings['emailkeep'] != "yes")
{
$bannedemails = explode(" ", $mybb->settings['emailban']);
if(is_array($bannedemails))
{
foreach($bannedemails as $key => $bannedemail)
{
$bannedemail = trim($bannedemail);
if($bannedemail != "")
{
if(strstr($mybb->input['email'], $bannedemail) != "")
{
error($lang->error_bannedemail);
}
}
}
}
}
if(!preg_match("/^(.+)@[a-zA-Z0-9-]+\.[a-zA-Z0-9.-]+$/si", $mybb->input['email']))
{
error($lang->error_invalidemail);
}
if(function_exists("emailChanged"))
{
emailChanged($mybb->user['uid'], $mybb->input['email']);
}
if($mybb->user['usergroup'] != "5")
{
$activationcode = random_str();
$now = time();
$db->delete_query(TABLE_PREFIX."awaitingactivation", "uid='".$mybb->user['uid']."'");
$newactivation = array(
| $errors = array();
$plugins->run_hooks("usercp_do_email_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false)
{
$errors[] = $lang->error_invalidpassword;
}
else
{
// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");
$user = array(
|
"uid" => $mybb->user['uid'],
|
"uid" => $mybb->user['uid'],
|
"dateline" => time(),
"code" => $activationcode,
"type" => "e",
"oldgroup" => $mybb->user['usergroup'],
"misc" => $db->escape_string($mybb->input['email'])
| "email" => $mybb->input['email'],
"email2" => $mybb->input['email2']
|
);
|
);
|
| |
$userhandler->set_data($user);
if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();
}
else
{
if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != "yes")
{
$activationcode = random_str();
$now = time();
$db->delete_query(TABLE_PREFIX."awaitingactivation", "uid='".$mybb->user['uid']."'");
$newactivation = array(
"uid" => $mybb->user['uid'],
"dateline" => time(),
"code" => $activationcode,
"type" => "e",
"oldgroup" => $mybb->user['usergroup'],
"misc" => $db->escape_string($mybb->input['email'])
);
$db->insert_query(TABLE_PREFIX."awaitingactivation", $newactivation);
|
|
|
$db->insert_query(TABLE_PREFIX."awaitingactivation", $newactivation);
$username = $mybb->user['username'];
$uid = $mybb->user['uid'];
$lang->emailsubject_changeemail = sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']);
$lang->email_changeemail = sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->input['email'], $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']);
my_mail($mybb->input['email'], $lang->emailsubject_changeemail, $lang->email_changeemail);
$plugins->run_hooks("usercp_do_email_verify");
error($lang->redirect_changeemail_activation);
}
else
{
$db->update_query(TABLE_PREFIX."users", array('email' => $db->escape_string($mybb->input['email'])), "uid='".$mybb->user['uid']."'");
$plugins->run_hooks("usercp_do_email_changed");
redirect("usercp.php", $lang->redirect_emailupdated);
| $username = $mybb->user['username'];
$uid = $mybb->user['uid'];
$lang->emailsubject_changeemail = sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']);
$lang->email_changeemail = sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->input['email'], $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']);
my_mail($mybb->input['email'], $lang->emailsubject_changeemail, $lang->email_changeemail);
$plugins->run_hooks("usercp_do_email_verify");
error($lang->redirect_changeemail_activation);
}
else
{
$userhandler->update_user();
$plugins->run_hooks("usercp_do_email_changed");
redirect("usercp.php", $lang->redirect_emailupdated);
}
}
}
if(count($errors) > 0)
{
$mybb->input['action'] = "email";
$errors = inline_error($errors);
|
}
}
|
}
}
|
|
|
if($mybb->input['action'] == "email")
{
|
if($mybb->input['action'] == "email")
{
|
| | // Coming back to this page after one or more errors were experienced, show fields the user previously entered (with the exception of the password)
if($errors)
{
$email = htmlspecialchars_uni($mybb->input['email']);
$email2 = htmlspecialchars_uni($mybb->input['email2']);
}
else
{
$email = $email2 = '';
}
|
$plugins->run_hooks("usercp_email_start");
eval("\$changemail = \"".$templates->get("usercp_email")."\";");
$plugins->run_hooks("usercp_email_end");
output_page($changemail);
|
$plugins->run_hooks("usercp_email_start");
eval("\$changemail = \"".$templates->get("usercp_email")."\";");
$plugins->run_hooks("usercp_email_end");
output_page($changemail);
|
}
| }
|
if($mybb->input['action'] == "do_password" && $mybb->request_method == "post")
{
|
if($mybb->input['action'] == "do_password" && $mybb->request_method == "post")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
$errors = array();
|
$plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)
|
$plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)
|
{
error($lang->error_invalidpassword);
}
if($mybb->input['password'] == "")
{
error($lang->error_invalidnewpassword);
}
if($mybb->input['password'] != $mybb->input['password2'])
{
error($lang->error_passwordmismatch);
}
$plugins->run_hooks("usercp_do_password_process");
$logindetails = update_password($mybb->user['uid'], md5($mybb->input['password']), $mybb->user['salt']);
my_setcookie("mybbuser", $mybb->user['uid']."_".$logindetails['loginkey']);
$plugins->run_hooks("usercp_do_password_end");
redirect("usercp.php", $lang->redirect_passwordupdated);
}
| {
$errors[] = $lang->error_invalidpassword;
}
else
{
// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");
$user = array(
"uid" => $mybb->user['uid'],
"password" => $mybb->input['password'],
"password2" => $mybb->input['password2']
);
$userhandler->set_data($user);
if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();
}
else
{
$userhandler->update_user();
my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey']);
$plugins->run_hooks("usercp_do_password_end");
redirect("usercp.php", $lang->redirect_passwordupdated);
}
}
if(count($errors) > 0)
{
$mybb->input['action'] = "password";
$errors = inline_error($errors);
}
}
|
if($mybb->input['action'] == "password")
{
|
if($mybb->input['action'] == "password")
{
|
| Zeile 979 | Zeile 1031 |
|---|
if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post")
{
|
if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_changename_start");
if($mybb->usergroup['canchangename'] != "yes")
|
$plugins->run_hooks("usercp_do_changename_start");
if($mybb->usergroup['canchangename'] != "yes")
|
{
| {
|
error_no_permission();
|
error_no_permission();
|
}
| }
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false)
{
$errors[] = $lang->error_invalidpassword;
}
else
{
// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");
$user = array(
"uid" => $mybb->user['uid'],
"username" => $mybb->input['username']
);
$userhandler->set_data($user);
if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();
}
else
{
$userhandler->update_user();
$plugins->run_hooks("usercp_do_changename_end");
redirect("usercp.php", $lang->redirect_namechanged);
|
|
|
if(!trim($mybb->input['username']) || eregi("<|>|&", $mybb->input['username']))
{
error($lang->error_bannedusername);
}
$query = $db->simple_select(TABLE_PREFIX."users", "username", "LOWER(username)='".strtolower($mybb->input['username'])."'");
if($db->fetch_array($query))
{
error($lang->error_usernametaken);
}
$plugins->run_hooks("usercp_do_changename_process");
$db->update_query(TABLE_PREFIX."users", array('username' => $db->escape_string($mybb->input['username'])), "uid='".$mybb->user['uid']."'");
$db->update_query(TABLE_PREFIX."forums", array('lastposter' => $db->escape_string($mybb->input['username'])), "lastposter='".$mybb->user['username']."'");
$db->update_query(TABLE_PREFIX."threads", array('lastposter' => $db->escape_string($mybb->input['username'])), "lastposter='".$mybb->user['username']."'");
$plugins->run_hooks("usercp_do_changename_end");
redirect("usercp.php", $lang->redirect_namechanged);
| }
}
if(count($errors) > 0)
{
$errors = inline_error($errors);
$mybb->input['action'] = "changename";
}
|
}
if($mybb->input['action'] == "changename")
| }
if($mybb->input['action'] == "changename")
|
| Zeile 1052 | Zeile 1125 |
|---|
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE f.type='f' AND f.uid='".$mybb->user['uid']."'
ORDER BY t.lastpost DESC
|
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE f.type='f' AND f.uid='".$mybb->user['uid']."'
ORDER BY t.lastpost DESC
|
| | LIMIT {$start}, {$perpage}
|
");
while($favorite = $db->fetch_array($query))
{
| ");
while($favorite = $db->fetch_array($query))
{
|
| Zeile 1293 | Zeile 1367 |
|---|
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{
|
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_editsig_start");
if($mybb->input['updateposts'] == "enable")
{
| $plugins->run_hooks("usercp_do_editsig_start");
if($mybb->input['updateposts'] == "enable")
{
|
| Zeile 1302 | Zeile 1379 |
|---|
$db->update_query(TABLE_PREFIX."posts", $update_signature, "uid='".$mybb->user['uid']."'");
}
elseif($mybb->input['updateposts'] == "disable")
|
$db->update_query(TABLE_PREFIX."posts", $update_signature, "uid='".$mybb->user['uid']."'");
}
elseif($mybb->input['updateposts'] == "disable")
|
{
| {
|
$update_signature = array(
"includesig" => "no"
);
| $update_signature = array(
"includesig" => "no"
);
|
| Zeile 1330 | Zeile 1407 |
|---|
{
$sig = $mybb->user['signature'];
$template = "usercp_editsig_current";
|
{
$sig = $mybb->user['signature'];
$template = "usercp_editsig_current";
|
}
| }
|
if($sig)
{
|
if($sig)
{
|
| Zeile 1348 | Zeile 1425 |
|---|
if($mybb->settings['sigsmilies'] == "yes")
{
$sigsmilies = $lang->on;
|
if($mybb->settings['sigsmilies'] == "yes")
{
$sigsmilies = $lang->on;
|
}
else
| }
else
|
{
$sigsmilies = $lang->off;
}
| {
$sigsmilies = $lang->off;
}
|
| Zeile 1368 | Zeile 1445 |
|---|
else
{
$sightml = $lang->off;
|
else
{
$sightml = $lang->off;
|
}
| }
|
if($mybb->settings['sigimgcode'] == "yes")
{
$sigimgcode = $lang->on;
|
if($mybb->settings['sigimgcode'] == "yes")
{
$sigimgcode = $lang->on;
|
}
else
{
| }
else
{
|
$sigimgcode = $lang->off;
}
$sig = htmlspecialchars_uni($sig);
$lang->edit_sig_note2 = sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);
eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");
|
$sigimgcode = $lang->off;
}
$sig = htmlspecialchars_uni($sig);
$lang->edit_sig_note2 = sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);
eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");
|
$plugins->run_hooks("usercp_endsig_end");
| $plugins->run_hooks("usercp_editsig_end");
|
output_page($editsig);
}
|
output_page($editsig);
}
|
if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post")
{
$plugins->run_hooks("usercp_do_avatar_start");
require_once MYBB_ROOT."inc/functions_upload.php";
if($mybb->input['remove']) // remove avatar
{
$updated_avatar = array(
"avatar" => "",
"avatardimensions" => "",
"avatartype" => ""
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
|
if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
$plugins->run_hooks("usercp_do_avatar_start");
require_once MYBB_ROOT."inc/functions_upload.php";
if($mybb->input['remove']) // remove avatar
{
$updated_avatar = array(
"avatar" => "",
"avatardimensions" => "",
"avatartype" => ""
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
}
elseif($mybb->input['gallery']) // Gallery avatar
{
if(empty($mybb->input['avatar']))
{
$avatar_error = $lang->error_noavatar;
}
if(empty($avatar_error))
{
if($mybb->input['gallery'] == "default")
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']);
}
else
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']);
}
if(file_exists($avatarpath))
{
$updated_avatar = array(
"avatar" => $avatarpath,
"avatardimensions" => "",
"avatartype" => "gallery"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
remove_avatars($mybb->user['uid']);
}
}
elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == "no")
{
error_no_permission();
|
}
|
}
|
elseif($mybb->input['gallery']) // Gallery avatar
{
if($mybb->input['gallery'] == "default")
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']);
| $avatar = upload_avatar();
if($avatar['error'])
{
$avatar_error = $avatar['error'];
}
else
{
if($avatar['width'] > 0 && $avatar['height'] > 0)
{
$avatar_dimensions = $avatar['width']."|".$avatar['height'];
}
$updated_avatar = array(
"avatar" => $avatar['avatar'],
"avatardimensions" => $avatar_dimensions,
"avatartype" => "upload"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
}
else // remote avatar
{
$mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']);
$mybb->input['avatarurl'] = htmlspecialchars($mybb->input['avatarurl']);
$ext = get_extension($mybb->input['avatarurl']);
// Copy the avatar to the local server (work around remote URL access disabled for getimagesize)
$file = fetch_remote_file($mybb->input['avatarurl']);
if(!$file)
{
$avatar_error = $lang->error_invalidavatarurl;
}
else
{
$tmp_name = $mybb->settings['avataruploadpath']."/remote_".md5(uniqid(rand(), true));
$fp = @fopen($tmp_name, "wb");
if(!$fp)
{
$avatar_error = $lang->error_invalidavatarurl;
}
else
{
fwrite($fp, $file);
fclose($fp);
list($width, $height, $type) = @getimagesize($tmp_name);
@unlink($tmp_name);
if(!$type)
{
$avatar_error = $lang->error_invalidavatarurl;
}
}
}
if(empty($avatar_error))
{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{
list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);
if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
$avatar_error = $lang->error_avatartoobig;
}
}
}
if(empty($avatar_error))
{
if($width > 0 && $height > 0)
{
$avatar_dimensions = intval($width)."|".intval($height);
|
}
|
}
|
else
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']);
}
if(file_exists($avatarpath))
{
$updated_avatar = array(
"avatar" => $avatarpath,
"avatardimensions" => "",
"avatartype" => "gallery"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
remove_avatars($mybb->user['uid']);
}
elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == "no")
{
error_no_permission();
}
$avatar = upload_avatar();
if($avatar['error'])
{
error($avatar['error']);
}
if($avatar['width'] > 0 && $avatar['height'] > 0)
{
$avatar_dimensions = $avatar['width']."|".$avatar['height'];
}
$updated_avatar = array(
"avatar" => $avatar['avatar'],
"avatardimensions" => $avatar_dimensions,
"avatartype" => "upload"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
else // remote avatar
{
$mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']);
$mybb->input['avatarurl'] = htmlspecialchars($mybb->input['avatarurl']);
$ext = get_extension($mybb->input['avatarurl']);
list($width, $height, $type) = @getimagesize($mybb->input['avatarurl']);
| $updated_avatar = array(
"avatar" => $db->escape_string($mybb->input['avatarurl']),
"avatardimensions" => $avatar_dimensions,
"avatartype" => "remote"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
}
}
|
|
|
if(!$type)
{
error($lang->error_invalidavatarurl);
}
if($width && $height && $mybb->settings['maxavatardims'] != "")
{
list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);
if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
error($lang->error_avatartoobig);
}
}
if($width > 0 && $height > 0)
{
$avatar_dimensions = intval($width)."|".intval($height);
}
$updated_avatar = array(
"avatar" => $db->escape_string($mybb->input['avatarurl']),
"avatardimensions" => $avatar_dimensions,
"avatartype" => "remote"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
}
$plugins->run_hooks("usercp_do_avatar_end");
redirect("usercp.php", $lang->redirect_avatarupdated);
| if(empty($avatar_error))
{
$plugins->run_hooks("usercp_do_avatar_end");
redirect("usercp.php", $lang->redirect_avatarupdated);
}
else
{
$mybb->input['action'] = "avatar";
$avatar_error = inline_error($avatar_error);
}
|
}
if($mybb->input['action'] == "avatar")
| }
if($mybb->input['action'] == "avatar")
|
| Zeile 1623 | Zeile 1751 |
|---|
}
if($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post")
{
|
}
if($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_notepad_start");
$db->update_query(TABLE_PREFIX."users", array('notepad' => $db->escape_string($mybb->input['notepad'])), "uid='".$mybb->user['uid']."'");
$plugins->run_hooks("usercp_do_notepad_end");
| $plugins->run_hooks("usercp_do_notepad_start");
$db->update_query(TABLE_PREFIX."users", array('notepad' => $db->escape_string($mybb->input['notepad'])), "uid='".$mybb->user['uid']."'");
$plugins->run_hooks("usercp_do_notepad_end");
|
| Zeile 1682 | Zeile 1813 |
|---|
}
if($mybb->input['action'] == "do_editlists" && $mybb->request_method == "post")
{
|
}
if($mybb->input['action'] == "do_editlists" && $mybb->request_method == "post")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_editlists_start");
$comma = '';
$users = '';
| $plugins->run_hooks("usercp_do_editlists_start");
$comma = '';
$users = '';
|
| Zeile 1765 | Zeile 1899 |
|---|
}
if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post")
{
|
}
if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_drafts_start");
if(!$mybb->input['deletedraft'])
|
$plugins->run_hooks("usercp_do_drafts_start");
if(!$mybb->input['deletedraft'])
|
{
| {
|
error($lang->no_drafts_selected);
}
$pidin = array();
| error($lang->no_drafts_selected);
}
$pidin = array();
|
| Zeile 1775 | Zeile 1912 |
|---|
foreach($mybb->input['deletedraft'] as $id => $val)
{
if($val == "post")
|
foreach($mybb->input['deletedraft'] as $id => $val)
{
if($val == "post")
|
{
| {
|
$pidin[] = "'".intval($id)."'";
}
elseif($val == "thread")
| $pidin[] = "'".intval($id)."'";
}
elseif($val == "thread")
|
| Zeile 1797 | Zeile 1934 |
|---|
$pidinq = "pid IN ($pidin)";
}
else
|
$pidinq = "pid IN ($pidin)";
}
else
|
{
| {
|
$pidinq = "1=0";
}
$db->delete_query(TABLE_PREFIX."posts", "($pidinq $tidinp) AND visible='-2' AND uid='".$mybb->user['uid']."'");
| $pidinq = "1=0";
}
$db->delete_query(TABLE_PREFIX."posts", "($pidinq $tidinp) AND visible='-2' AND uid='".$mybb->user['uid']."'");
|
| Zeile 1813 | Zeile 1950 |
|---|
// Changing our display group
if($mybb->input['displaygroup'])
{
|
// Changing our display group
if($mybb->input['displaygroup'])
{
|
if(!strstr($ingroups, ",".$mybb->input['displaygroup'].","))
| // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
if(strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)
|
{
error($lang->not_member_of_group);
}
$query = $db->simple_select(TABLE_PREFIX."usergroups", "*", "gid='".intval($mybb->input['displaygroup'])."'");
$dispgroup = $db->fetch_array($query);
if($dispgroup['candisplaygroup'] != "yes")
|
{
error($lang->not_member_of_group);
}
$query = $db->simple_select(TABLE_PREFIX."usergroups", "*", "gid='".intval($mybb->input['displaygroup'])."'");
$dispgroup = $db->fetch_array($query);
if($dispgroup['candisplaygroup'] != "yes")
|
{
| {
|
error($lang->cannot_set_displaygroup);
}
$db->update_query(TABLE_PREFIX."users", array('displaygroup' => intval($mybb->input['displaygroup'])), "uid='".$mybb->user['uid']."'");
| error($lang->cannot_set_displaygroup);
}
$db->update_query(TABLE_PREFIX."users", array('displaygroup' => intval($mybb->input['displaygroup'])), "uid='".$mybb->user['uid']."'");
|
| Zeile 1831 | Zeile 1971 |
|---|
// Leaving a group
if($mybb->input['leavegroup'])
|
// Leaving a group
if($mybb->input['leavegroup'])
|
{
if(!strstr($ingroups, ",".$mybb->input['leavegroup'].","))
| {
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
if(strpos($ingroups, ",".$mybb->input['leavegroup'].",") === false)
|
{
error($lang->not_member_of_group);
}
| {
error($lang->not_member_of_group);
}
|
| Zeile 1849 | Zeile 1992 |
|---|
leave_usergroup($mybb->user['uid'], $mybb->input['leavegroup']);
$plugins->run_hooks("usercp_usergroups_leave_group");
redirect("usercp.php?action=usergroups", $lang->left_group);
|
leave_usergroup($mybb->user['uid'], $mybb->input['leavegroup']);
$plugins->run_hooks("usercp_usergroups_leave_group");
redirect("usercp.php?action=usergroups", $lang->left_group);
|
| | exit;
|
}
// Joining a group
if($mybb->input['joingroup'])
{
|
}
// Joining a group
if($mybb->input['joingroup'])
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
$mybb->input['joingroup'] = intval($mybb->input['joingroup']);
$query = $db->simple_select(TABLE_PREFIX."usergroups", "*", "gid='".intval($mybb->input['joingroup'])."'");
$usergroup = $db->fetch_array($query);
| $mybb->input['joingroup'] = intval($mybb->input['joingroup']);
$query = $db->simple_select(TABLE_PREFIX."usergroups", "*", "gid='".intval($mybb->input['joingroup'])."'");
$usergroup = $db->fetch_array($query);
|
| Zeile 1863 | Zeile 2010 |
|---|
error($lang->cannot_join_group);
}
|
error($lang->cannot_join_group);
}
|
if(strstr($ingroups, ",".intval($mybb->input['joingroup']).",") || $mybb->user['usergroup'] == $mybb->input['joingroup'] || $mybb->user['displaygroup'] == $mybb->input['joingroup'])
| if(strpos($ingroups, ",".intval($mybb->input['joingroup']).",") !== false)
|
{
error($lang->already_member_of_group);
}
| {
error($lang->already_member_of_group);
}
|
| Zeile 1895 | Zeile 2042 |
|---|
$joingroup = $mybb->input['joingroup'];
eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";");
output_page($joinpage);
|
$joingroup = $mybb->input['joingroup'];
eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";");
output_page($joinpage);
|
| | exit();
|
}
else
{
| }
else
{
|
| Zeile 1982 | Zeile 2130 |
|---|
}
else
{
|
}
else
{
|
$leavelink = "<div align=\"center\"><a href=\"usercp.php?action=usergroups&leavegroup=".$usergroup['gid']."\">".$lang->usergroup_leave."</a></div>";
| $leavelink = "<div align=\"center\"><a href=\"usercp.php?action=usergroups&leavegroup=".$usergroup['gid']."&my_post_key={$mybb->post_code}\">".$lang->usergroup_leave."</a></div>";
|
}
if($usergroup['description'])
{
| }
if($usergroup['description'])
{
|
| Zeile 2056 | Zeile 2204 |
|---|
}
else
{
|
}
else
{
|
$joinlink = "<a href=\"usercp.php?action=usergroups&joingroup={$usergroup['gid']}\">{$lang->join_group}</a>";
| $joinlink = "<a href=\"usercp.php?action=usergroups&joingroup={$usergroup['gid']}&my_post_key={$mybb->post_code}\">{$lang->join_group}</a>";
|
}
$usergroupleaders = '';
if($groupleaders[$usergroup['gid']])
| }
$usergroupleaders = '';
if($groupleaders[$usergroup['gid']])
|
| Zeile 2127 | Zeile 2275 |
|---|
$bandwidth = get_friendly_size($bandwidth);
if($mybb->usergroup['attachquota'])
{
|
$bandwidth = get_friendly_size($bandwidth);
if($mybb->usergroup['attachquota'])
{
|
$percent = round(($totalusage/($mybb->usergroup['attachquota']*1000))*100)."%";
$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1000);
| $percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100)."%";
$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
|
$usagenote = sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);
}
else
| $usagenote = sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);
}
else
|
| Zeile 2148 | Zeile 2296 |
|---|
}
if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post")
{
|
}
if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post")
{
|
| | // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);
|
$plugins->run_hooks("usercp_do_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php";
if(!is_array($mybb->input['attachments']))
| $plugins->run_hooks("usercp_do_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php";
if(!is_array($mybb->input['attachments']))
|
| Zeile 2174 | Zeile 2325 |
|---|
$perday = $mybb->user['postnum'];
}
|
$perday = $mybb->user['postnum'];
}
|
$query = $db->simple_select(TABLE_PREFIX."posts", "COUNT(pid) AS posts", "visible > 0");
$posts = $db->fetch_field($query, "posts");
| $stats = $cache->read("stats");
$posts = $stats['numposts'];
|
if($posts == 0)
{
$percent = "0";
| if($posts == 0)
{
$percent = "0";
|
| Zeile 2212 | Zeile 2363 |
|---|
}
// Make reputations row
$reputations = '';
|
}
// Make reputations row
$reputations = '';
|
if($mybb->usergroup['usereputationsystem'] == 'yes')
| if($mybb->usergroup['usereputationsystem'] == 'yes' && $mybb->settings['enablereputation'] == 'yes')
|
{
$reputation_link = get_reputation($mybb->user['reputation']);
eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");
| {
$reputation_link = get_reputation($mybb->user['reputation']);
eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");
|