Vergleich usercp.php - 1.2.2 - 1.2.14

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 3Zeile 3
 * MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*

 * MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*

 * Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html

 *

 *

 * $Id: usercp.php 2458 2006-11-29 07:27:32Z chris $

 * $Id: usercp.php 3598 2008-01-20 20:42:43Z Tikitiki $

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

Zeile 52Zeile 52
		'allow_imgcode' => $mybb->settings['sigimgcode']
);
$parsed_sig = $parser->parse_message($mybb->input['signature'], $parser_options);

		'allow_imgcode' => $mybb->settings['sigimgcode']
);
$parsed_sig = $parser->parse_message($mybb->input['signature'], $parser_options);

	if(($mybb->settings['sigimgcode'] == "no" && substr_count($parsed_sig, "<img") > 0) || ($mybb->settings['sigimgcode'] == "yes" && substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages']))





	if((($mybb->settings['sigimgcode'] == "no" && $mybb->settings['sigsmilies'] != 'yes') &&
substr_count($parsed_sig, "<img") > 0) ||
(($mybb->settings['sigimgcode'] == "yes" || $mybb->settings['sigsmilies'] == 'yes') &&
substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages'])
)

	{
if($mybb->settings['sigimgcode'] == "yes")
{

	{
if($mybb->settings['sigimgcode'] == "yes")
{

Zeile 153Zeile 157

if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post")
{


if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post")
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$plugins->run_hooks("usercp_do_profile_start");

if($mybb->input['away'] == "yes" && $mybb->settings['allowaway'] != "no")
{
$awaydate = time();

	$plugins->run_hooks("usercp_do_profile_start");

if($mybb->input['away'] == "yes" && $mybb->settings['allowaway'] != "no")
{
$awaydate = time();

		if($mybb->input['awayday'] && $mybb->input['awaymonth'] && $mybb->input['awayyear'])

		if($mybb->input['awayday'])

		{

		{

 
			if(!$mybb->input['awaymonth'])
{
$mybb->input['awaymonth'] = my_date('n', $awaydate);
}

if(!$mybb->input['awayyear'])
{
$mybb->input['awayyear'] = my_date('Y', $awaydate);
}

if($mybb->input['awayyear'] >= 2038)
{
error($lang->error_usercp_return_date_2038);
}


			$returntimestamp = gmmktime(0, 0, 0, $mybb->input['awaymonth'], $mybb->input['awayday'], $mybb->input['awayyear']);
$awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));

			$returntimestamp = gmmktime(0, 0, 0, $mybb->input['awaymonth'], $mybb->input['awayday'], $mybb->input['awayyear']);
$awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));

			if ($returntimestamp < $awaytimestamp)

			if($returntimestamp < $awaytimestamp && $mybb->input['awayyear'] < my_date("Y"))

			{
error($lang->error_usercp_return_date_past);
}

			{
error($lang->error_usercp_return_date_past);
}

Zeile 276Zeile 298
		$user['website'] = "http://";
}
else

		$user['website'] = "http://";
}
else

	{

	{

		$user['website'] = htmlspecialchars_uni($user['website']);
}


		$user['website'] = htmlspecialchars_uni($user['website']);
}


Zeile 314Zeile 336
		}
else
{

		}
else
{



			$user['awayreason'] = htmlspecialchars_uni($user['awayreason']);

			if($mybb->user['away'] == "yes")
{
$awaydate = my_date($mybb->settings['dateformat'], $mybb->user['awaydate']);

			if($mybb->user['away'] == "yes")
{
$awaydate = my_date($mybb->settings['dateformat'], $mybb->user['awaydate']);

Zeile 397Zeile 419
						$sel = "selected=\"selected\"";
}
$select .= "<option value=\"$val\" $sel>$val</option>\n";

						$sel = "selected=\"selected\"";
}
$select .= "<option value=\"$val\" $sel>$val</option>\n";

				}

				}

				if(!$profilefield['length'])
{
$profilefield['length'] = 3;

				if(!$profilefield['length'])
{
$profilefield['length'] = 3;

Zeile 457Zeile 479
			if(is_array($useropts))
{
foreach($useropts as $key => $val)

			if(is_array($useropts))
{
foreach($useropts as $key => $val)

				{
$seloptions[$val] = $val;

				{
$seloptions[$val] = $val;

				}
}
$expoptions = explode("\n", $options);

				}
}
$expoptions = explode("\n", $options);

Zeile 476Zeile 498
			}
}
elseif($type == "textarea")

			}
}
elseif($type == "textarea")

		{
$value = htmlspecialchars_uni($userfield);

		{
$value = htmlspecialchars_uni($userfield);

			$code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>";
}
else

			$code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>";
}
else

		{

		{

			$value = htmlspecialchars_uni($userfield);
$code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"$profilefield[length]\" maxlength=\"$profilefield[maxlength]\" value=\"$value\" />";
}
if($profilefield['required'] == "yes")
{
eval("\$requiredfields .= \"".$templates->get("usercp_profile_customfield")."\";");

			$value = htmlspecialchars_uni($userfield);
$code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"$profilefield[length]\" maxlength=\"$profilefield[maxlength]\" value=\"$value\" />";
}
if($profilefield['required'] == "yes")
{
eval("\$requiredfields .= \"".$templates->get("usercp_profile_customfield")."\";");

		}

		}

		else
{
eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");

		else
{
eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");

		}

		}

		$altbg = alt_trow();
$code = "";
$select = "";

		$altbg = alt_trow();
$code = "";
$select = "";

Zeile 503Zeile 525
		$seloptions = "";
}
if($customfields)

		$seloptions = "";
}
if($customfields)

	{

	{

		eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";");
}


		eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";");
}


Zeile 518Zeile 540
		else
{
$defaulttitle = $mybb->usergroup['usertitle'];

		else
{
$defaulttitle = $mybb->usergroup['usertitle'];

		}

		}

		if(empty($user['usertitle']))
{
$lang->current_custom_usertitle = '';

		if(empty($user['usertitle']))
{
$lang->current_custom_usertitle = '';

		}

		}

		else
{
if($errors)

		else
{
if($errors)

Zeile 544Zeile 566

if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{


if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$plugins->run_hooks("usercp_do_options_start");

// Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

	$plugins->run_hooks("usercp_do_options_start");

// Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");





	$user = array(
"uid" => $mybb->user['uid'],
"style" => intval($mybb->input['style']),

	$user = array(
"uid" => $mybb->user['uid'],
"style" => intval($mybb->input['style']),

Zeile 557Zeile 582
		"timeformat" => intval($mybb->input['timeformat']),
"timezone" => $db->escape_string($mybb->input['timezoneoffset']),
"language" => $mybb->input['language']

		"timeformat" => intval($mybb->input['timeformat']),
"timezone" => $db->escape_string($mybb->input['timezoneoffset']),
"language" => $mybb->input['language']

	);

	);


$user['options'] = array(
"allownotices" => $mybb->input['allownotices'],


$user['options'] = array(
"allownotices" => $mybb->input['allownotices'],

Zeile 579Zeile 604
	);

if($mybb->settings['usertppoptions'])

	);

if($mybb->settings['usertppoptions'])

	{

	{

		$user['options']['tpp'] = intval($mybb->input['tpp']);
}

if($mybb->settings['userpppoptions'])
{
$user['options']['ppp'] = intval($mybb->input['ppp']);

		$user['options']['tpp'] = intval($mybb->input['tpp']);
}

if($mybb->settings['userpppoptions'])
{
$user['options']['ppp'] = intval($mybb->input['ppp']);

	}


	}


	$userhandler->set_data($user);



	$userhandler->set_data($user);



Zeile 609Zeile 634
			my_unsetcookie("mybbuser");
// Set the new one
if($mybb->input['remember'] == "yes")

			my_unsetcookie("mybbuser");
// Set the new one
if($mybb->input['remember'] == "yes")

			{

			{

				my_setcookie("mybbuser", $mybb->user['uid']."_".$mybb->user['loginkey'], null, true);
}
else

				my_setcookie("mybbuser", $mybb->user['uid']."_".$mybb->user['loginkey'], null, true);
}
else

Zeile 617Zeile 642
				my_setcookie("mybbuser", $mybb->user['uid']."_".$mybb->user['loginkey'], -1, true);
}
}

				my_setcookie("mybbuser", $mybb->user['uid']."_".$mybb->user['loginkey'], -1, true);
}
}





		$plugins->run_hooks("usercp_do_options_end");

redirect("usercp.php", $lang->redirect_optionsupdated);

		$plugins->run_hooks("usercp_do_options_end");

redirect("usercp.php", $lang->redirect_optionsupdated);

	}

	}

}

if($mybb->input['action'] == "options")

}

if($mybb->input['action'] == "options")

Zeile 639Zeile 664
	$languages = $lang->get_languages();
$langoptions = '';
foreach($languages as $lname => $language)

	$languages = $lang->get_languages();
$langoptions = '';
foreach($languages as $lname => $language)

	{

	{

		$sel = "";
if($user['language'] == $lname)
{
$sel = " selected=\"selected\"";
}
$langoptions .= "<option value=\"$lname\"$sel>$language</option>\n";

		$sel = "";
if($user['language'] == $lname)
{
$sel = " selected=\"selected\"";
}
$langoptions .= "<option value=\"$lname\"$sel>$language</option>\n";

	}


	}


	// Lets work out which options the user has selected and check the boxes
if($user['allownotices'] == "yes")
{

	// Lets work out which options the user has selected and check the boxes
if($user['allownotices'] == "yes")
{

Zeile 659Zeile 684
	}

if($user['invisible'] == "yes")

	}

if($user['invisible'] == "yes")

	{

	{

		$invisiblecheck = "checked=\"checked\"";
}
else

		$invisiblecheck = "checked=\"checked\"";
}
else

	{

	{

		$invisiblecheck = "";
}

if($user['hideemail'] == "yes")
{
$hideemailcheck = "checked=\"checked\"";

		$invisiblecheck = "";
}

if($user['hideemail'] == "yes")
{
$hideemailcheck = "checked=\"checked\"";

	}

	}

	else
{
$hideemailcheck = "";

	else
{
$hideemailcheck = "";

Zeile 729Zeile 754
	{
$receivepmscheck = "";
}

	{
$receivepmscheck = "";
}


if($user['pmpopup'] == "yes")
{
$pmpopupcheck = "checked=\"checked\"";
}
else


if($user['pmpopup'] == "yes")
{
$pmpopupcheck = "checked=\"checked\"";
}
else

	{
$pmpopupcheck = "";
}

	{
$pmpopupcheck = "";
}

Zeile 743Zeile 768
	{
$dstcheck = "checked=\"checked\"";
--$mybb->user['timezone'];

	{
$dstcheck = "checked=\"checked\"";
--$mybb->user['timezone'];

	}

	}

	else
{
$dstcheck = "";

	else
{
$dstcheck = "";

Zeile 760Zeile 785
	if($user['showredirect'] != "no")
{
$showredirectcheck = "checked=\"checked\"";

	if($user['showredirect'] != "no")
{
$showredirectcheck = "checked=\"checked\"";

	}
else

	}
else

	{
$showredirectcheck = "";

	{
$showredirectcheck = "";

	}


	}


	if($user['pmnotify'] != "no")
{
$pmnotifycheck = "checked=\"checked\"";

	if($user['pmnotify'] != "no")
{
$pmnotifycheck = "checked=\"checked\"";

	}

	}

	else
{
$pmnotifycheck = "";

	else
{
$pmnotifycheck = "";

	}

	}


if($user['threadmode'] != "threaded")
{


if($user['threadmode'] != "threaded")
{

Zeile 791Zeile 816
	$user['timezone'] = "";
$timenow = my_date($mybb->settings['timeformat'], time(), "-");
for($i = -12; $i <= 12; $i++)

	$user['timezone'] = "";
$timenow = my_date($mybb->settings['timeformat'], time(), "-");
for($i = -12; $i <= 12; $i++)

	{

	{

		if($i == 0)
{
$i2 = "-";

		if($i == 0)
{
$i2 = "-";

Zeile 864Zeile 889

if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")
{


if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$errors = array();

	$errors = array();





	$plugins->run_hooks("usercp_do_email_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false)
{

	$plugins->run_hooks("usercp_do_email_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false)
{

Zeile 876Zeile 904
		// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

		// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");





		$user = array(
"uid" => $mybb->user['uid'],
"email" => $mybb->input['email'],
"email2" => $mybb->input['email2']

		$user = array(
"uid" => $mybb->user['uid'],
"email" => $mybb->input['email'],
"email2" => $mybb->input['email2']

		);


		);


		$userhandler->set_data($user);

if(!$userhandler->validate_user())

		$userhandler->set_data($user);

if(!$userhandler->validate_user())

Zeile 950Zeile 978

if($mybb->input['action'] == "do_password" && $mybb->request_method == "post")
{


if($mybb->input['action'] == "do_password" && $mybb->request_method == "post")
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$errors = array();

$plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)

	$errors = array();

$plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)

	{

	{

		$errors[] = $lang->error_invalidpassword;
}
else

		$errors[] = $lang->error_invalidpassword;
}
else

Zeile 962Zeile 993
		// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

		// Set up user handler.
require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");





		$user = array(
"uid" => $mybb->user['uid'],
"password" => $mybb->input['password'],
"password2" => $mybb->input['password2']

		$user = array(
"uid" => $mybb->user['uid'],
"password" => $mybb->input['password'],
"password2" => $mybb->input['password2']

		);


		);


		$userhandler->set_data($user);

		$userhandler->set_data($user);





		if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

		if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

Zeile 985Zeile 1016
	}
if(count($errors) > 0)
{

	}
if(count($errors) > 0)
{

			$mybb->input['action'] = "password";
$errors = inline_error($errors);

		$mybb->input['action'] = "password";
$errors = inline_error($errors);

	}

	}

}

}


if($mybb->input['action'] == "password")
{
$plugins->run_hooks("usercp_password_start");
eval("\$editpassword = \"".$templates->get("usercp_password")."\";");
$plugins->run_hooks("usercp_password_end");


if($mybb->input['action'] == "password")
{
$plugins->run_hooks("usercp_password_start");
eval("\$editpassword = \"".$templates->get("usercp_password")."\";");
$plugins->run_hooks("usercp_password_end");

	output_page($editpassword);
}

if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post")

	output_page($editpassword);
}

if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post")

{

{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$plugins->run_hooks("usercp_do_changename_start");
if($mybb->usergroup['canchangename'] != "yes")
{
error_no_permission();

	$plugins->run_hooks("usercp_do_changename_start");
if($mybb->usergroup['canchangename'] != "yes")
{
error_no_permission();

	}


	}


	if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false)
{
$errors[] = $lang->error_invalidpassword;

	if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false)
{
$errors[] = $lang->error_invalidpassword;

Zeile 1020Zeile 1054
			"uid" => $mybb->user['uid'],
"username" => $mybb->input['username']
);

			"uid" => $mybb->user['uid'],
"username" => $mybb->input['username']
);





		$userhandler->set_data($user);

if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

		$userhandler->set_data($user);

if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

		}
else

		}
else

		{
$userhandler->update_user();
$plugins->run_hooks("usercp_do_changename_end");

		{
$userhandler->update_user();
$plugins->run_hooks("usercp_do_changename_end");

Zeile 1091Zeile 1125
		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE f.type='f' AND f.uid='".$mybb->user['uid']."'
ORDER BY t.lastpost DESC

		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE f.type='f' AND f.uid='".$mybb->user['uid']."'
ORDER BY t.lastpost DESC

 
		LIMIT {$start}, {$perpage}

	");
while($favorite = $db->fetch_array($query))
{

	");
while($favorite = $db->fetch_array($query))
{

Zeile 1116Zeile 1151
			if($favorite['icon'] > 0 && $icon_cache[$favorite['icon']])
{
$icon = $icon_cache[$favorite['icon']];

			if($favorite['icon'] > 0 && $icon_cache[$favorite['icon']])
{
$icon = $icon_cache[$favorite['icon']];

				$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" />";
}
else
{
$icon = "&nbsp;";
}
if($mybb->user['lastvisit'] == "0")
{
$folder = "new";
}

				$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" />";
}
else
{
$icon = "&nbsp;";
}
if($mybb->user['lastvisit'] == "0")
{
$folder = "new";
}

			if($favorite['lastpost'] > $mybb->user['lastvisit'])
{
$threadread = my_get_array_cookie("threadread", $favorite['tid']);

			if($favorite['lastpost'] > $mybb->user['lastvisit'])
{
$threadread = my_get_array_cookie("threadread", $favorite['tid']);

Zeile 1254Zeile 1289
	if(!$threads)
{
eval("\$threads = \"".$templates->get("usercp_subscriptions_none")."\";");

	if(!$threads)
{
eval("\$threads = \"".$templates->get("usercp_subscriptions_none")."\";");

	}

	}

	eval("\$subscriptions = \"".$templates->get("usercp_subscriptions")."\";");
$plugins->run_hooks("usercp_subscriptions_end");
output_page($subscriptions);

	eval("\$subscriptions = \"".$templates->get("usercp_subscriptions")."\";");
$plugins->run_hooks("usercp_subscriptions_end");
output_page($subscriptions);

Zeile 1332Zeile 1367

if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{


if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$plugins->run_hooks("usercp_do_editsig_start");
if($mybb->input['updateposts'] == "enable")
{

	$plugins->run_hooks("usercp_do_editsig_start");
if($mybb->input['updateposts'] == "enable")
{

Zeile 1419Zeile 1457
	$sig = htmlspecialchars_uni($sig);
$lang->edit_sig_note2 = sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);
eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");

	$sig = htmlspecialchars_uni($sig);
$lang->edit_sig_note2 = sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);
eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");

	$plugins->run_hooks("usercp_endsig_end");

	$plugins->run_hooks("usercp_editsig_end");

	output_page($editsig);
}


	output_page($editsig);
}


 	if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post") 
{
$plugins->run_hooks("usercp_do_avatar_start");
require_once MYBB_ROOT."inc/functions_upload.php";
if($mybb->input['remove']) // remove avatar
{
$updated_avatar = array(
"avatar" => "",
"avatardimensions" => "",
"avatartype" => ""
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);







































if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post") 
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("usercp_do_avatar_start");
require_once MYBB_ROOT."inc/functions_upload.php";
if($mybb->input['remove']) // remove avatar
{
$updated_avatar = array(
"avatar" => "",
"avatardimensions" => "",
"avatartype" => ""
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
}
elseif($mybb->input['gallery']) // Gallery avatar
{
if(empty($mybb->input['avatar']))
{
$avatar_error = $lang->error_noavatar;
}

if(empty($avatar_error))
{
if($mybb->input['gallery'] == "default")
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']);
}
else
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']);
}
if(file_exists($avatarpath))
{
$updated_avatar = array(
"avatar" => $avatarpath,
"avatardimensions" => "",
"avatartype" => "gallery"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
remove_avatars($mybb->user['uid']);
}
}
elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == "no")
{
error_no_permission();

		} 

		} 

		elseif($mybb->input['gallery']) // Gallery avatar 
{
if($mybb->input['gallery'] == "default")
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']);


































































		$avatar = upload_avatar(); 
if($avatar['error'])
{
$avatar_error = $avatar['error'];
}
else
{
if($avatar['width'] > 0 && $avatar['height'] > 0)
{
$avatar_dimensions = $avatar['width']."|".$avatar['height'];
}
$updated_avatar = array(
"avatar" => $avatar['avatar'],
"avatardimensions" => $avatar_dimensions,
"avatartype" => "upload"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
}
else // remote avatar
{
$mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']);
$mybb->input['avatarurl'] = htmlspecialchars($mybb->input['avatarurl']);
$ext = get_extension($mybb->input['avatarurl']);

// Copy the avatar to the local server (work around remote URL access disabled for getimagesize)
$file = fetch_remote_file($mybb->input['avatarurl']);
if(!$file)
{
$avatar_error = $lang->error_invalidavatarurl;
}
else
{
$tmp_name = $mybb->settings['avataruploadpath']."/remote_".md5(uniqid(rand(), true));
$fp = @fopen($tmp_name, "wb");
if(!$fp)
{
$avatar_error = $lang->error_invalidavatarurl;
}
else
{
fwrite($fp, $file);
fclose($fp);
list($width, $height, $type) = @getimagesize($tmp_name);
@unlink($tmp_name);
if(!$type)
{
$avatar_error = $lang->error_invalidavatarurl;
}
}
}

if(empty($avatar_error))
{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{
list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);
if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
$avatar_error = $lang->error_avatartoobig;
}
}
}

if(empty($avatar_error))
{
if($width > 0 && $height > 0)
{
$avatar_dimensions = intval($width)."|".intval($height);

			} 

			} 

            else 
{
$avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']);
}
if(file_exists($avatarpath))
{
$updated_avatar = array(
"avatar" => $avatarpath,
"avatardimensions" => "",
"avatartype" => "gallery"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
remove_avatars($mybb->user['uid']);
}
elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == "no")
{
error_no_permission();
}
$avatar = upload_avatar();
if($avatar['error'])
{
error($avatar['error']);
}
if($avatar['width'] > 0 && $avatar['height'] > 0)
{
$avatar_dimensions = $avatar['width']."|".$avatar['height'];
}
$updated_avatar = array(
"avatar" => $avatar['avatar'],
"avatardimensions" => $avatar_dimensions,
"avatartype" => "upload"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
}
else // remote avatar
{
$mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']);
$mybb->input['avatarurl'] = htmlspecialchars($mybb->input['avatarurl']);
$ext = get_extension($mybb->input['avatarurl']);
list($width, $height, $type) = @getimagesize($mybb->input['avatarurl']);

			$updated_avatar = array( 
"avatar" => $db->escape_string($mybb->input['avatarurl']),
"avatardimensions" => $avatar_dimensions,
"avatartype" => "remote"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
}
}







































            if(!$type) 
{
error($lang->error_invalidavatarurl);
}

if($width && $height && $mybb->settings['maxavatardims'] != "")
{
list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);
if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
error($lang->error_avatartoobig);
}
}
if($width > 0 && $height > 0)
{
$avatar_dimensions = intval($width)."|".intval($height);
}
$updated_avatar = array(
"avatar" => $db->escape_string($mybb->input['avatarurl']),
"avatardimensions" => $avatar_dimensions,
"avatartype" => "remote"
);
$db->update_query(TABLE_PREFIX."users", $updated_avatar, "uid='".$mybb->user['uid']."'");
remove_avatars($mybb->user['uid']);
}
$plugins->run_hooks("usercp_do_avatar_end");
redirect("usercp.php", $lang->redirect_avatarupdated);

	if(empty($avatar_error))
{
$plugins->run_hooks("usercp_do_avatar_end");
redirect("usercp.php", $lang->redirect_avatarupdated);
}
else
{
$mybb->input['action'] = "avatar";
$avatar_error = inline_error($avatar_error);
}



















} 

if($mybb->input['action'] == "avatar")

} 

if($mybb->input['action'] == "avatar")

Zeile 1526Zeile 1615
	while($dir = @readdir($avatardir))
{
if(is_dir($mybb->settings['avatardir']."/$dir") && substr($dir, 0, 1) != ".")

	while($dir = @readdir($avatardir))
{
if(is_dir($mybb->settings['avatardir']."/$dir") && substr($dir, 0, 1) != ".")

		{

		{

			$gallerylist[$dir] = str_replace("_", " ", $dir);
}
}

			$gallerylist[$dir] = str_replace("_", " ", $dir);
}
}

Zeile 1603Zeile 1692
			eval("\$avatarlist = \"".$templates->get("usercp_avatar_gallery_noavatars")."\";");
}
eval("\$gallery = \"".$templates->get("usercp_avatar_gallery")."\";");

			eval("\$avatarlist = \"".$templates->get("usercp_avatar_gallery_noavatars")."\";");
}
eval("\$gallery = \"".$templates->get("usercp_avatar_gallery")."\";");

		$plugins->run_hooks("usercp_avatar_end");

		$plugins->run_hooks("usercp_avatar_end");

		output_page($gallery);
}
// Show main avatar page

		output_page($gallery);
}
// Show main avatar page

Zeile 1662Zeile 1751
}
if($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post")
{

}
if($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post")
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$plugins->run_hooks("usercp_do_notepad_start");
$db->update_query(TABLE_PREFIX."users", array('notepad' => $db->escape_string($mybb->input['notepad'])), "uid='".$mybb->user['uid']."'");
$plugins->run_hooks("usercp_do_notepad_end");

	$plugins->run_hooks("usercp_do_notepad_start");
$db->update_query(TABLE_PREFIX."users", array('notepad' => $db->escape_string($mybb->input['notepad'])), "uid='".$mybb->user['uid']."'");
$plugins->run_hooks("usercp_do_notepad_end");

Zeile 1721Zeile 1813
}
if($mybb->input['action'] == "do_editlists" && $mybb->request_method == "post")
{

}
if($mybb->input['action'] == "do_editlists" && $mybb->request_method == "post")
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$plugins->run_hooks("usercp_do_editlists_start");
$comma = '';
$users = '';

	$plugins->run_hooks("usercp_do_editlists_start");
$comma = '';
$users = '';

Zeile 1748Zeile 1843
	else
{
$type = "buddylist";

	else
{
$type = "buddylist";

	}

	}

	$db->update_query(TABLE_PREFIX."users", array($type => $newlist), "uid='".$mybb->user['uid']."'");
$redirecttemplate = "redirect_".$mybb->input['list']."updated";
$plugins->run_hooks("usercp_do_editlists_end");

	$db->update_query(TABLE_PREFIX."users", array($type => $newlist), "uid='".$mybb->user['uid']."'");
$redirecttemplate = "redirect_".$mybb->input['list']."updated";
$plugins->run_hooks("usercp_do_editlists_end");

Zeile 1804Zeile 1899
}
if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post")
{

}
if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post")
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$plugins->run_hooks("usercp_do_drafts_start");
if(!$mybb->input['deletedraft'])
{

	$plugins->run_hooks("usercp_do_drafts_start");
if(!$mybb->input['deletedraft'])
{

Zeile 1816Zeile 1914
		if($val == "post")
{
$pidin[] = "'".intval($id)."'";

		if($val == "post")
{
$pidin[] = "'".intval($id)."'";

		}

		}

		elseif($val == "thread")
{
$tidin[] = "'".intval($id)."'";

		elseif($val == "thread")
{
$tidin[] = "'".intval($id)."'";

Zeile 1829Zeile 1927
		$tidinp = "OR tid IN ($tidin)";
}
if($pidin || $tidinp)

		$tidinp = "OR tid IN ($tidin)";
}
if($pidin || $tidinp)

	{

	{

		if($pidin)
{
$pidin = implode(",", $pidin);

		if($pidin)
{
$pidin = implode(",", $pidin);

Zeile 1852Zeile 1950
	// Changing our display group
if($mybb->input['displaygroup'])
{

	// Changing our display group
if($mybb->input['displaygroup'])
{

		if(!strstr($ingroups, ",".$mybb->input['displaygroup'].","))




		// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

if(strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)

		{
error($lang->not_member_of_group);
}

		{
error($lang->not_member_of_group);
}

Zeile 1871Zeile 1972
	// Leaving a group
if($mybb->input['leavegroup'])
{

	// Leaving a group
if($mybb->input['leavegroup'])
{

		if(!strstr($ingroups, ",".$mybb->input['leavegroup'].","))




		// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

if(strpos($ingroups, ",".$mybb->input['leavegroup'].",") === false)

		{
error($lang->not_member_of_group);
}

		{
error($lang->not_member_of_group);
}

Zeile 1888Zeile 1992
		leave_usergroup($mybb->user['uid'], $mybb->input['leavegroup']);
$plugins->run_hooks("usercp_usergroups_leave_group");
redirect("usercp.php?action=usergroups", $lang->left_group);

		leave_usergroup($mybb->user['uid'], $mybb->input['leavegroup']);
$plugins->run_hooks("usercp_usergroups_leave_group");
redirect("usercp.php?action=usergroups", $lang->left_group);

 
		exit;

	}

// Joining a group
if($mybb->input['joingroup'])
{

	}

// Joining a group
if($mybb->input['joingroup'])
{

 
		// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


		$mybb->input['joingroup'] = intval($mybb->input['joingroup']);
$query = $db->simple_select(TABLE_PREFIX."usergroups", "*", "gid='".intval($mybb->input['joingroup'])."'");
$usergroup = $db->fetch_array($query);

		$mybb->input['joingroup'] = intval($mybb->input['joingroup']);
$query = $db->simple_select(TABLE_PREFIX."usergroups", "*", "gid='".intval($mybb->input['joingroup'])."'");
$usergroup = $db->fetch_array($query);

Zeile 1902Zeile 2010
			error($lang->cannot_join_group);
}


			error($lang->cannot_join_group);
}


		if(strstr($ingroups, ",".intval($mybb->input['joingroup']).",") || $mybb->user['usergroup'] == $mybb->input['joingroup'] || $mybb->user['displaygroup'] == $mybb->input['joingroup'])

		if(strpos($ingroups, ",".intval($mybb->input['joingroup']).",") !== false)

		{
error($lang->already_member_of_group);
}

		{
error($lang->already_member_of_group);
}

Zeile 1934Zeile 2042
			$joingroup = $mybb->input['joingroup'];
eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";");
output_page($joinpage);

			$joingroup = $mybb->input['joingroup'];
eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";");
output_page($joinpage);

 
			exit();

		}
else
{
join_usergroup($mybb->user['uid'], $mybb->input['joingroup']);
$plugins->run_hooks("usercp_usergroups_join_group");
redirect("usercp.php?action=usergroups", $lang->joined_group);

		}
else
{
join_usergroup($mybb->user['uid'], $mybb->input['joingroup']);
$plugins->run_hooks("usercp_usergroups_join_group");
redirect("usercp.php?action=usergroups", $lang->joined_group);

		}

		}

	}
// Show listing of various group related things


	}
// Show listing of various group related things


Zeile 2001Zeile 2110
	elseif($usergroup['candisplaygroup'] == "yes")
{
$displaycode = "<input type=\"radio\" name=\"displaygroup\" value=\"$usergroup[gid]\" />";

	elseif($usergroup['candisplaygroup'] == "yes")
{
$displaycode = "<input type=\"radio\" name=\"displaygroup\" value=\"$usergroup[gid]\" />";

	}

	}

	else
{
$displaycode = '';

	else
{
$displaycode = '';

Zeile 2016Zeile 2125
		{
$showmemberof = true;
if($groupleader[$usergroup['gid']])

		{
$showmemberof = true;
if($groupleader[$usergroup['gid']])

			{

			{

				$leavelink = "<div style=\"text-align:center;\"><span class=\"smalltext\">$lang->usergroup_leave_leader</span></div>";
}

				$leavelink = "<div style=\"text-align:center;\"><span class=\"smalltext\">$lang->usergroup_leave_leader</span></div>";
}

			else
{
$leavelink = "<div align=\"center\"><a href=\"usercp.php?action=usergroups&leavegroup=".$usergroup['gid']."\">".$lang->usergroup_leave."</a></div>";
}

			else
{
$leavelink = "<div align=\"center\"><a href=\"usercp.php?action=usergroups&amp;leavegroup=".$usergroup['gid']."&amp;my_post_key={$mybb->post_code}\">".$lang->usergroup_leave."</a></div>";
}

			if($usergroup['description'])
{

			if($usergroup['description'])
{

				$description = "<br /><span class=\"smalltext\">".$usergroup['description']."</span>";

				$description = "<br /><span class=\"smalltext\">".$usergroup['description']."</span>";

			}
else
{
$description = '';
}
if(!$usergroup['usertitle'])

			}
else
{
$description = '';
}
if(!$usergroup['usertitle'])

			{

			{

				// fetch title here
}
$trow = alt_trow();

				// fetch title here
}
$trow = alt_trow();

Zeile 2092Zeile 2201
			$applydate = my_date($mybb->settings['dateformat'], $appliedjoin[$usergroup['gid']]);
$applytime = my_date($mybb->settings['timeformat'], $appliedjoin[$usergroup['gid']]);
$joinlink = sprintf($lang->join_group_applied, $applydate, $applytime);

			$applydate = my_date($mybb->settings['dateformat'], $appliedjoin[$usergroup['gid']]);
$applytime = my_date($mybb->settings['timeformat'], $appliedjoin[$usergroup['gid']]);
$joinlink = sprintf($lang->join_group_applied, $applydate, $applytime);

		}
else

		}
else

		{

		{

			$joinlink = "<a href=\"usercp.php?action=usergroups&amp;joingroup={$usergroup['gid']}\">{$lang->join_group}</a>";

			$joinlink = "<a href=\"usercp.php?action=usergroups&amp;joingroup={$usergroup['gid']}&amp;my_post_key={$mybb->post_code}\">{$lang->join_group}</a>";

		}
$usergroupleaders = '';
if($groupleaders[$usergroup['gid']])

		}
$usergroupleaders = '';
if($groupleaders[$usergroup['gid']])

Zeile 2166Zeile 2275
	$bandwidth = get_friendly_size($bandwidth);
if($mybb->usergroup['attachquota'])
{

	$bandwidth = get_friendly_size($bandwidth);
if($mybb->usergroup['attachquota'])
{

		$percent = round(($totalusage/($mybb->usergroup['attachquota']*1000))*100)."%";
$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1000);

		$percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100)."%";
$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);

		$usagenote = sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);
}
else

		$usagenote = sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);
}
else

Zeile 2187Zeile 2296
}
if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post")
{

}
if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post")
{

 
	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$plugins->run_hooks("usercp_do_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php";
if(!is_array($mybb->input['attachments']))

	$plugins->run_hooks("usercp_do_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php";
if(!is_array($mybb->input['attachments']))

Zeile 2213Zeile 2325
		$perday = $mybb->user['postnum'];
}


		$perday = $mybb->user['postnum'];
}


	$query = $db->simple_select(TABLE_PREFIX."posts", "COUNT(pid) AS posts", "visible > 0");
$posts = $db->fetch_field($query, "posts");

	$stats = $cache->read("stats");
$posts = $stats['numposts'];

	if($posts == 0)
{
$percent = "0";

	if($posts == 0)
{
$percent = "0";

Zeile 2251Zeile 2363
	}
// Make reputations row
$reputations = '';

	}
// Make reputations row
$reputations = '';

	if($mybb->usergroup['usereputationsystem'] == 'yes')

	if($mybb->usergroup['usereputationsystem'] == 'yes' && $mybb->settings['enablereputation'] == 'yes')

	{
$reputation_link = get_reputation($mybb->user['reputation']);
eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");

	{
$reputation_link = get_reputation($mybb->user['reputation']);
eval("\$reputation = \"".$templates->get("usercp_reputation")."\";");