Vergleich inc/datahandlers/user.php - 1.2.1 - 1.2.7

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 3Zeile 3
 * MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*

 * MyBB 1.2
* Copyright � 2006 MyBB Group, All Rights Reserved
*

 * Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html

 *

 *

 * $Id: user.php 2280 2006-09-27 12:21:17Z chris $

 * $Id: user.php 3006 2007-04-11 06:14:56Z Tikitiki $

 */

 */

 

// Disallow direct access to this file for security reasons
if(!defined("IN_MYBB"))
{
die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined.");
}


/**
* User handling class, provides common structure to handle user data.


/**
* User handling class, provides common structure to handle user data.

Zeile 63Zeile 69
		require_once MYBB_ROOT.'inc/functions_user.php';

// Fix bad characters

		require_once MYBB_ROOT.'inc/functions_user.php';

// Fix bad characters

		$username = str_replace(array(chr(160), chr(173)), array(" ", "-"), $username);

		$username = str_replace(array(chr(160), chr(173), chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237)), array(" ", "-", "", "", ""), $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);

Zeile 76Zeile 82
		}

// Check if the username belongs to the list of banned usernames.

		}

// Check if the username belongs to the list of banned usernames.

		$bannedusernames = get_banned_usernames();
if(in_array($username, $bannedusernames))

		if(is_banned_username($username))


		{
$this->set_error('banned_username');
return false;

		{
$this->set_error('banned_username');
return false;

Zeile 111Zeile 116

$username = &$this->data['username'];



$username = &$this->data['username'];


		$query = $db->simple_select(TABLE_PREFIX."users", "COUNT(uid) AS count", "username='".$db->escape_string($username)."'");

		$query = $db->simple_select(TABLE_PREFIX."users", "COUNT(uid) AS count", "LOWER(username)='".$db->escape_string(strtolower($username))."'");

		$user_count = $db->fetch_field($query, "count");
if($user_count > 0)
{

		$user_count = $db->fetch_field($query, "count");
if($user_count > 0)
{

Zeile 215Zeile 220
		}

// Check banned emails

		}

// Check banned emails

		$bannedemails = explode(" ", $mybb->settings['bannedemails']);
if(is_array($bannedemails))

		if(is_banned_email($user['email']))


		{

		{

			foreach($bannedemails as $bannedemail)
{
$bannedemail = strtolower(trim($bannedemail));
if($bannedemail != '')
{
if(strstr($user['email'], $bannedemail) != '')
{
$this->set_error('banned_email');
return false;
}
}
}

			$this->set_error('banned_email');
return false;











		}

// If we have an "email2", verify it matches the existing email

		}

// If we have an "email2", verify it matches the existing email

Zeile 237Zeile 231
		{
$this->set_error("emails_dont_match");
return false;

		{
$this->set_error("emails_dont_match");
return false;

		}

		}

	}

/**

	}

/**

Zeile 250Zeile 244
		$website = &$this->data['website'];

if($website == '' || $website == 'http://')

		$website = &$this->data['website'];

if($website == '' || $website == 'http://')

		{

		{

			$website = '';
return true;

			$website = '';
return true;

		}


		}


		// Does the website start with http://?
if(substr_count($website, 'http://') == 0)
{

		// Does the website start with http://?
if(substr_count($website, 'http://') == 0)
{

Zeile 263Zeile 257
			if(substr_count($website, 'http://') == 0)
{
$this->set_error('invalid_website');

			if(substr_count($website, 'http://') == 0)
{
$this->set_error('invalid_website');

				return false;
}
}

return true;
}

				return false;
}
}

return true;
}


/**
* Verifies if an ICQ number is valid or not.


/**
* Verifies if an ICQ number is valid or not.

Zeile 282Zeile 276
		if($icq != '' && !is_numeric($icq))
{
$this->set_error("invalid_icq_number");

		if($icq != '' && !is_numeric($icq))
{
$this->set_error("invalid_icq_number");

			return false;

			return false;

		}
$icq = intval($icq);
return true;

		}
$icq = intval($icq);
return true;

Zeile 296Zeile 290
	function verify_msn()
{
$msn = &$this->data['msn'];

	function verify_msn()
{
$msn = &$this->data['msn'];





		if($msn != '' && validate_email_format($msn) == false)
{
$this->set_error("invalid_msn_address");

		if($msn != '' && validate_email_format($msn) == false)
{
$this->set_error("invalid_msn_address");

Zeile 311Zeile 305
	* @return boolean True when valid, false when invalid.
*/
function verify_birthday()

	* @return boolean True when valid, false when invalid.
*/
function verify_birthday()

	{

	{

		$user = &$this->data;
$birthday = &$user['birthday'];


		$user = &$this->data;
$birthday = &$user['birthday'];


Zeile 359Zeile 353
		elseif($birthday['day'] && $birthday['month'])
{
// If only a day and month are specified, put together a d-m string

		elseif($birthday['day'] && $birthday['month'])
{
// If only a day and month are specified, put together a d-m string

			$user['bday'] = $birthday['day']."-".$birthday['month'];

			$user['bday'] = $birthday['day']."-".$birthday['month']."-";

		}
else
{

		}
else
{

Zeile 384Zeile 378
		// Loop through profile fields checking if they exist or not and are filled in.
$userfields = array();
$comma = '';

		// Loop through profile fields checking if they exist or not and are filled in.
$userfields = array();
$comma = '';

 
		$editable = '';

if(!$this->data['profile_fields_editable'])
{
$editable = "editable='yes'";
}


// Fetch all profile fields first.
$options = array(
'order_by' => 'disporder'
);


// Fetch all profile fields first.
$options = array(
'order_by' => 'disporder'
);

		$query = $db->simple_select(TABLE_PREFIX.'profilefields', 'name, type, fid, required', "editable='yes'", $options);

		$query = $db->simple_select(TABLE_PREFIX.'profilefields', 'name, type, fid, required', $editable, $options);


// Then loop through the profile fields.
while($profilefield = $db->fetch_array($query))


// Then loop through the profile fields.
while($profilefield = $db->fetch_array($query))

Zeile 400Zeile 400
			$field = "fid{$profilefield['fid']}";

// If the profile field is required, but not filled in, present error.

			$field = "fid{$profilefield['fid']}";

// If the profile field is required, but not filled in, present error.

			if(!$profile_fields[$field] && $profilefield['required'] == "yes" && !$proferror)

			if(trim($profile_fields[$field]) == "" && $profilefield['required'] == "yes" && !$proferror && !defined('IN_ADMINCP'))

			{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}

			{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}

Zeile 451Zeile 451
	*/
function verify_referrer()
{

	*/
function verify_referrer()
{

		global $db;


		global $db, $mybb;


		$user = &$this->data;

// Does the referrer exist or not?
if($mybb->settings['usereferrals'] == "yes" && $user['referrer'] != '')

		$user = &$this->data;

// Does the referrer exist or not?
if($mybb->settings['usereferrals'] == "yes" && $user['referrer'] != '')

		{

		{

			$options = array(
'limit' => 1
);

			$options = array(
'limit' => 1
);

Zeile 487Zeile 487
		$this->verify_yesno_option($options, 'allownotices', 'yes');
$this->verify_yesno_option($options, 'hideemail', 'no');
$this->verify_yesno_option($options, 'emailnotify', 'no');

		$this->verify_yesno_option($options, 'allownotices', 'yes');
$this->verify_yesno_option($options, 'hideemail', 'no');
$this->verify_yesno_option($options, 'emailnotify', 'no');

 
		$this->verify_yesno_option($options, 'emailpmnotify', 'no');

		$this->verify_yesno_option($options, 'receivepms', 'yes');
$this->verify_yesno_option($options, 'pmpopup', 'yes');
$this->verify_yesno_option($options, 'pmnotify', 'yes');

		$this->verify_yesno_option($options, 'receivepms', 'yes');
$this->verify_yesno_option($options, 'pmpopup', 'yes');
$this->verify_yesno_option($options, 'pmnotify', 'yes');

Zeile 498Zeile 499
		$this->verify_yesno_option($options, 'showquickreply', 'yes');
$this->verify_yesno_option($options, 'showredirect', 'yes');


		$this->verify_yesno_option($options, 'showquickreply', 'yes');
$this->verify_yesno_option($options, 'showredirect', 'yes');


		$options['showcodebuttons'] = intval($options['showcodebuttons']);
if($this->method == "insert" || (array_key_exists('showcodebuttons', $options) && $options['showcodebuttons'] != '0'))
{
$options['showcodebuttons'] = 1;
}









		if(isset($options['showcodebuttons']))
{
$options['showcodebuttons'] = intval($options['showcodebuttons']);
if($options['showcodebuttons'] != 0)
{
$options['showcodebuttons'] = 1;
}
}
else if($this->method == "insert")
{
$options['showcodebuttons'] = 1;
}


		if($this->method == "insert" || (isset($options['threadmode']) && $options['threadmode'] != "threaded"))
{
$options['threadmode'] = 'linear';

		if($this->method == "insert" || (isset($options['threadmode']) && $options['threadmode'] != "threaded"))
{
$options['threadmode'] = 'linear';

Zeile 675Zeile 684
			$old_user = get_user($user['uid']);
}


			$old_user = get_user($user['uid']);
}


		if($this->method == "insert" || array_key_exists('usernane', $user))

		if($this->method == "insert" || array_key_exists('username', $user))

		{
// If the username is the same - no need to verify
if(!$old_user['username'] || $user['username'] != $old_user['username'])

		{
// If the username is the same - no need to verify
if(!$old_user['username'] || $user['username'] != $old_user['username'])

Zeile 767Zeile 776
	* Inserts a user into the database.
*/
function insert_user()

	* Inserts a user into the database.
*/
function insert_user()

	{

	{

		global $db, $cache, $plugins;

// Yes, validating is required.

		global $db, $cache, $plugins;

// Yes, validating is required.

Zeile 826Zeile 835
			"daysprune" => intval($user['options']['daysprune']),
"dateformat" => $db->escape_string($user['dateformat']),
"timeformat" => $db->escape_string($user['timeformat']),

			"daysprune" => intval($user['options']['daysprune']),
"dateformat" => $db->escape_string($user['dateformat']),
"timeformat" => $db->escape_string($user['timeformat']),

			"regip" => $user['regip'],

			"regip" => $db->escape_string($user['regip']),

			"language" => $db->escape_string($user['language']),
"showcodebuttons" => $user['options']['showcodebuttons'],
"away" => $user['away']['away'],

			"language" => $db->escape_string($user['language']),
"showcodebuttons" => $user['options']['showcodebuttons'],
"away" => $user['away']['away'],

Zeile 834Zeile 843
			"returndate" => $user['away']['returndate'],
"awayreason" => $db->escape_string($user['away']['awayreason']),
"notepad" => $db->escape_string($user['notepad']),

			"returndate" => $user['away']['returndate'],
"awayreason" => $db->escape_string($user['away']['awayreason']),
"notepad" => $db->escape_string($user['notepad']),

			"referrer" => intval($user['referrer_uid'])





			"referrer" => intval($user['referrer_uid']),
"buddylist" => '',
"ignorelist" => '',
"pmfolders" => '',
"notepad" => ''

		);

$plugins->run_hooks_by_ref("datahandler_user_insert", $this);

		);

$plugins->run_hooks_by_ref("datahandler_user_insert", $this);

Zeile 843Zeile 856
		$this->uid = $db->insert_id();

$user['user_fields']['ufid'] = $this->uid;

		$this->uid = $db->insert_id();

$user['user_fields']['ufid'] = $this->uid;

 
		
$query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields");
while($field = $db->fetch_array($query))
{
if($field['Field'] == 'ufid' || array_key_exists($field['Field'], $user['user_fields']))
{
continue;
}
$user['user_fields'][$field['Field']] = '';
}


		$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']);

// Update forum stats

		$db->insert_query(TABLE_PREFIX."userfields", $user['user_fields']);

// Update forum stats

		$cache->updatestats();


		update_stats(array('numusers' => '+1'));


		return array(
"uid" => $this->uid,
"username" => $user['username'],

		return array(
"uid" => $this->uid,
"username" => $user['username'],

Zeile 864Zeile 888
	function update_user()
{
global $db, $plugins;

	function update_user()
{
global $db, $plugins;

 



// Yes, validating is required.
if(!$this->get_validated())


// Yes, validating is required.
if(!$this->get_validated())

Zeile 893Zeile 918
		if(isset($user['email']))
{
$this->user_update_data['email'] = $user['email'];

		if(isset($user['email']))
{
$this->user_update_data['email'] = $user['email'];

		}

		}

		if(isset($user['postnum']))
{
$this->user_update_data['postnum'] = intval($user['postnum']);

		if(isset($user['postnum']))
{
$this->user_update_data['postnum'] = intval($user['postnum']);

Zeile 924Zeile 949
			$this->user_update_data['regdate'] = intval($user['regdate']);
}
if(isset($user['lastactive']))

			$this->user_update_data['regdate'] = intval($user['regdate']);
}
if(isset($user['lastactive']))

		{

		{

			$this->user_update_data['lastactive'] = intval($user['lastactive']);

			$this->user_update_data['lastactive'] = intval($user['lastactive']);

		}

		}

		if(isset($user['lastvisit']))

		if(isset($user['lastvisit']))

		{

		{

			$this->user_update_data['lastvisit'] = intval($user['lastvisit']);

			$this->user_update_data['lastvisit'] = intval($user['lastvisit']);

		}

		}

		if(isset($user['signature']))

		if(isset($user['signature']))

		{

		{

			$this->user_update_data['signature'] = $db->escape_string($user['signature']);

			$this->user_update_data['signature'] = $db->escape_string($user['signature']);

		}

		}

		if(isset($user['website']))
{
$this->user_update_data['website'] = $db->escape_string(htmlspecialchars($user['website']));
}
if(isset($user['icq']))

		if(isset($user['website']))
{
$this->user_update_data['website'] = $db->escape_string(htmlspecialchars($user['website']));
}
if(isset($user['icq']))

		{

		{

			$this->user_update_data['icq'] = intval($user['icq']);
}
if(isset($user['aim']))

			$this->user_update_data['icq'] = intval($user['icq']);
}
if(isset($user['aim']))

Zeile 970Zeile 995
		if(isset($user['dateformat']))
{
$this->user_update_data['dateformat'] = $db->escape_string($user['dateformat']);

		if(isset($user['dateformat']))
{
$this->user_update_data['dateformat'] = $db->escape_string($user['dateformat']);

		}

		}

		if(isset($user['timeformat']))
{
$this->user_update_data['timeformat'] = $db->escape_string($user['timeformat']);

		if(isset($user['timeformat']))
{
$this->user_update_data['timeformat'] = $db->escape_string($user['timeformat']);

Zeile 1000Zeile 1025
			{
$this->user_update_data[$option] = $value;
}

			{
$this->user_update_data[$option] = $value;
}

		}


		}


		// First, grab the old user details for later use.
$old_user = get_user($user['uid']);

$plugins->run_hooks_by_ref("datahandler_user_update", $this);

		// First, grab the old user details for later use.
$old_user = get_user($user['uid']);

$plugins->run_hooks_by_ref("datahandler_user_update", $this);

 

if(count($this->user_update_data) < 1)
{
return false;
}


// Actual updating happens here.
$db->update_query(TABLE_PREFIX."users", $this->user_update_data, "uid='{$user['uid']}'");


// Actual updating happens here.
$db->update_query(TABLE_PREFIX."users", $this->user_update_data, "uid='{$user['uid']}'");





		// Maybe some userfields need to be updated?
if(is_array($user['user_fields']))
{

		// Maybe some userfields need to be updated?
if(is_array($user['user_fields']))
{

Zeile 1017Zeile 1047
			$fields = $db->fetch_array($query);
if(!$fields['ufid'])
{

			$fields = $db->fetch_array($query);
if(!$fields['ufid'])
{

				$db->insert_query(TABLE_PREFIX."userfields", array('ufid' => $user['uid']));














				$user_fields = array(
'ufid' => $user['uid']
);

$query = $db->query("SHOW FIELDS FROM ".TABLE_PREFIX."userfields");
while($field = $db->fetch_array($query))
{
if($field['Field'] == 'ufid')
{
continue;
}
$user_fields[$field['Field']] = '';
}
$db->insert_query(TABLE_PREFIX."userfields", $user_fields);

			}
$db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'");
}

			}
$db->update_query(TABLE_PREFIX."userfields", $user['user_fields'], "ufid='{$user['uid']}'");
}