Vergleich member.php - 1.4.2 - 1.4.6

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * $Id: member.php 4154 2008-08-30 06:06:59Z Tikitiki $

 * $Id: member.php 4304 2009-01-02 01:11:56Z chris $

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

Zeile 14Zeile 14

$nosession['avatar'] = 1;
$templatelist = "member_register,error_nousername,error_nopassword,error_passwordmismatch,error_invalidemail,error_usernametaken,error_emailmismatch,error_noemail,redirect_registered";


$nosession['avatar'] = 1;
$templatelist = "member_register,error_nousername,error_nopassword,error_passwordmismatch,error_invalidemail,error_usernametaken,error_emailmismatch,error_noemail,redirect_registered";

$templatelist .= ",redirect_loggedout,login,redirect_loggedin,error_invalidusername,error_invalidpassword,member_profile_email,member_profile_offline,member_profile_reputation,member_profile_warn,member_profile_warninglevel,member_profile_customfields_field,member_profile_customfields,member_profile_adminoptions,member_profile,member_login,member_profile_online,member_profile_modoptions";

$templatelist .= ",redirect_loggedout,login,redirect_loggedin,error_invalidusername,error_invalidpassword,member_profile_email,member_profile_offline,member_profile_reputation,member_profile_warn,member_profile_warninglevel,member_profile_customfields_field,member_profile_customfields,member_profile_adminoptions,member_profile,member_login,member_profile_online,member_profile_modoptions,member_profile_signature,member_profile_groupimage";

require_once "./global.php";

require_once MYBB_ROOT."inc/functions_post.php";

require_once "./global.php";

require_once MYBB_ROOT."inc/functions_post.php";

Zeile 373Zeile 373
	if((!isset($mybb->input['agree']) && !isset($mybb->input['regsubmit'])) || $mybb->request_method != "post")
{
// Is this user a COPPA user? We need to show the COPPA agreement too

	if((!isset($mybb->input['agree']) && !isset($mybb->input['regsubmit'])) || $mybb->request_method != "post")
{
// Is this user a COPPA user? We need to show the COPPA agreement too

		if($mybb->setings['coppa'] != "disabled" && ($mybb->cookies['coppauser'] == 1 || $under_thirteen))

		if($mybb->settings['coppa'] != "disabled" && ($mybb->cookies['coppauser'] == 1 || $under_thirteen))

		{
if($mybb->settings['coppa'] == "deny")
{

		{
if($mybb->settings['coppa'] == "deny")
{

Zeile 610Zeile 610
			else
{
$value = htmlspecialchars_uni($userfield);

			else
{
$value = htmlspecialchars_uni($userfield);

				$code = "<input type=\"text\" name=\"profile_fields[$field]\" id=\"{$field}\" class=\"textbox\" size=\"{$profilefield['length']}\" maxlength=\"{$profilefield['maxlength']}\" value=\"$value\" />";






				$maxlength = "";
if($profilefield['maxlength'] > 0)
{
$maxlength = " maxlength=\"{$profilefield['maxlength']}\"";
}
$code = "<input type=\"text\" name=\"profile_fields[$field]\" id=\"{$field}\" class=\"textbox\" size=\"{$profilefield['length']}\"{$maxlength} value=\"$value\" />";

			}
if($profilefield['required'] == 1)
{

			}
if($profilefield['required'] == 1)
{

Zeile 638Zeile 643
		if($requiredfields)
{
eval("\$requiredfields = \"".$templates->get("member_register_requiredfields")."\";");

		if($requiredfields)
{
eval("\$requiredfields = \"".$templates->get("member_register_requiredfields")."\";");

		}

		}

		if(!$fromreg)
{
$allownoticescheck = "checked=\"checked\"";

		if(!$fromreg)
{
$allownoticescheck = "checked=\"checked\"";

Zeile 653Zeile 658
				$enabledstcheck = "checked=\"checked\"";
}


				$enabledstcheck = "checked=\"checked\"";
}


		}

		}

		// Spambot registration image thingy
if($mybb->settings['captchaimage'] == 1 && function_exists("imagecreatefrompng"))
{

		// Spambot registration image thingy
if($mybb->settings['captchaimage'] == 1 && function_exists("imagecreatefrompng"))
{

Zeile 728Zeile 733
			error($lang->error_invalidpworusername);
}
$uid = $user['uid'];

			error($lang->error_invalidpworusername);
}
$uid = $user['uid'];

	}
else
{
$query = $db->simple_select("users", "*", "uid='".intval($mybb->input['uid'])."'");
$user = $db->fetch_array($query);
}
if($mybb->input['code'] && $user['uid'])

	}
else
{
$query = $db->simple_select("users", "*", "uid='".intval($mybb->input['uid'])."'");
$user = $db->fetch_array($query);
}
if($mybb->input['code'] && $user['uid'])

	{
$mybb->settings['awaitingusergroup'] = "5";
$query = $db->simple_select("awaitingactivation", "*", "uid='".$user['uid']."' AND (type='r' OR type='e')");

	{
$mybb->settings['awaitingusergroup'] = "5";
$query = $db->simple_select("awaitingactivation", "*", "uid='".$user['uid']."' AND (type='r' OR type='e')");

Zeile 944Zeile 949
		eval("\$activate = \"".$templates->get("member_resetpassword")."\";");
output_page($activate);
}

		eval("\$activate = \"".$templates->get("member_resetpassword")."\";");
output_page($activate);
}

 
}

$do_captcha = $correct = false;
$inline_errors = "";
if($mybb->input['action'] == "do_login" && $mybb->request_method == "post")
{
$plugins->run_hooks("member_do_login_start");

// Checks to make sure the user can login; they haven't had too many tries at logging in.
// Is a fatal call if user has had too many tries
$logins = login_attempt_check();
$login_text = '';

// Did we come from the quick login form
if($mybb->input['quick_login'] == "1" && $mybb->input['quick_password'] && $mybb->input['quick_username'])
{
$mybb->input['password'] = $mybb->input['quick_password'];
$mybb->input['username'] = $mybb->input['quick_username'];
}

if(!username_exists($mybb->input['username']))
{
my_setcookie('loginattempts', $logins + 1);
error($lang->error_invalidpworusername.$login_text);
}

$query = $db->simple_select("users", "loginattempts", "LOWER(username)='".$db->escape_string(my_strtolower($mybb->input['username']))."'", array('limit' => 1));
$loginattempts = $db->fetch_field($query, "loginattempts");

$errors = array();

$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if(!$user['uid'])
{
my_setcookie('loginattempts', $logins + 1);
$db->write_query("UPDATE ".TABLE_PREFIX."users SET loginattempts=loginattempts+1 WHERE LOWER(username) = '".$db->escape_string(my_strtolower($mybb->input['username']))."'");

$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";

if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}

$errors[] = $lang->error_invalidpworusername.$login_text;
}
else
{
$correct = true;
}

if($loginattempts > 3 || intval($mybb->cookies['loginattempts']) > 3)
{
// Show captcha image for guests if enabled
if($mybb->settings['captchaimage'] == 1 && function_exists("imagepng") && !$mybb->user['uid'])
{
// If previewing a post - check their current captcha input - if correct, hide the captcha input area
if($mybb->input['imagestring'])
{
$imagehash = $db->escape_string($mybb->input['imagehash']);
$imagestring = $db->escape_string($mybb->input['imagestring']);
$query = $db->simple_select("captcha", "*", "imagehash='{$imagehash}' AND imagestring='{$imagestring}'");
$imgcheck = $db->fetch_array($query);
if($imgcheck['dateline'] > 0)
{
$correct = true;
}
else
{
$db->delete_query("captcha", "imagehash='{$imagehash}'");
$errors[] = $lang->error_regimageinvalid;
}
}
else if($mybb->input['quick_login'] == 1 && $mybb->input['quick_password'] && $mybb->input['quick_username'])
{
$errors[] = $lang->error_regimagerequired;
}
else
{
$errors[] = $lang->error_regimagerequired;
}
}

$do_captcha = true;
}

if(!empty($errors))
{
$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";

$inline_errors = inline_error($errors);
}
else if($correct)
{
if($user['coppauser'])
{
error($lang->error_awaitingcoppa);
}

my_setcookie('loginattempts', 1);
$db->delete_query("sessions", "ip='".$db->escape_string($session->ipaddress)."' AND sid != '".$session->sid."'");
$newsession = array(
"uid" => $user['uid'],
);
$db->update_query("sessions", $newsession, "sid='".$session->sid."'");

$db->update_query("users", array("loginattempts" => 1), "uid='{$user['uid']}'");

// Temporarily set the cookie remember option for the login cookies
$mybb->user['remember'] = $user['remember'];

my_setcookie("mybbuser", $user['uid']."_".$user['loginkey'], null, true);
my_setcookie("sid", $session->sid, -1, true);

$plugins->run_hooks("member_do_login_end");

if($mybb->input['url'] != "" && my_strpos(basename($mybb->input['url']), 'member.php') === false)
{
if((my_strpos(basename($mybb->input['url']), 'newthread.php') !== false || my_strpos(basename($mybb->input['url']), 'newreply.php') !== false) && my_strpos($mybb->input['url'], '&processed=1') !== false)
{
$mybb->input['url'] = str_replace('&processed=1', '', $mybb->input['url']);
}

$mybb->input['url'] = str_replace('&amp;', '&', $mybb->input['url']);

// Redirect to the URL if it is not member.php
redirect(htmlentities($mybb->input['url']), $lang->redirect_loggedin);
}
else
{
redirect("index.php", $lang->redirect_loggedin);
}
}
else
{
$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";
}

$plugins->run_hooks("member_do_login_end");

}

if($mybb->input['action'] == "login")

}

if($mybb->input['action'] == "login")

Zeile 955Zeile 1102
	{
$lang->already_logged_in = $lang->sprintf($lang->already_logged_in, build_profile_link($mybb->user['username'], $mybb->user['uid']));
eval("\$member_loggedin_notice = \"".$templates->get("member_loggedin_notice")."\";");

	{
$lang->already_logged_in = $lang->sprintf($lang->already_logged_in, build_profile_link($mybb->user['username'], $mybb->user['uid']));
eval("\$member_loggedin_notice = \"".$templates->get("member_loggedin_notice")."\";");

	}

	}


// Checks to make sure the user can login; they haven't had too many tries at logging in.
// Is a fatal call if user has had too many tries


// Checks to make sure the user can login; they haven't had too many tries at logging in.
// Is a fatal call if user has had too many tries

Zeile 969Zeile 1116
	elseif($_SERVER['HTTP_REFERER'])
{
$redirect_url = htmlentities($_SERVER['HTTP_REFERER']);

	elseif($_SERVER['HTTP_REFERER'])
{
$redirect_url = htmlentities($_SERVER['HTTP_REFERER']);

 
	}

$captcha = "";
// Show captcha image for guests if enabled
if($mybb->settings['captchaimage'] == 1 && function_exists("imagepng") && $do_captcha == true)
{
$randomstr = random_str(5);
$imagehash = md5(random_str(12));
$imagearray = array(
"imagehash" => $imagehash,
"imagestring" => $randomstr,
"dateline" => TIME_NOW
);
$db->insert_query("captcha", $imagearray);
eval("\$captcha = \"".$templates->get("post_captcha")."\";");
}

$username = "";
$password = "";
if($mybb->input['username'] && $mybb->request_method == "post")
{
$username = htmlspecialchars_uni($mybb->input['username']);
}

if($mybb->input['password'] && $mybb->request_method == "post")
{
$password = htmlspecialchars_uni($mybb->input['password']);

	}

eval("\$login = \"".$templates->get("member_login")."\";");
output_page($login);

	}

eval("\$login = \"".$templates->get("member_login")."\";");
output_page($login);

}

if($mybb->input['action'] == "do_login" && $mybb->request_method == "post")
{
$plugins->run_hooks("member_do_login_start");

// Checks to make sure the user can login; they haven't had too many tries at logging in.
// Is a fatal call if user has had too many tries
$logins = login_attempt_check();
$login_text = '';

// Did we come from the quick login form
if($mybb->input['quick_login'] == "1" && $mybb->input['quick_password'] && $mybb->input['quick_username'])
{
$mybb->input['password'] = $mybb->input['quick_password'];
$mybb->input['username'] = $mybb->input['quick_username'];
}

if(!username_exists($mybb->input['username']))
{
my_setcookie('loginattempts', $logins + 1);
$db->write_query("UPDATE ".TABLE_PREFIX."sessions SET loginattempts=loginattempts+1 WHERE sid = '{$session->sid}'");
if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}
error($lang->error_invalidpworusername.$login_text);
}
$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if(!$user['uid'])
{
my_setcookie('loginattempts', $logins + 1);
$db->write_query("UPDATE ".TABLE_PREFIX."sessions SET loginattempts=loginattempts+1 WHERE sid = '{$session->sid}'");
if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}
error($lang->error_invalidpassword.$login_text);
}

if($user['coppauser'])
{
error($lang->error_awaitingcoppa);
}

my_setcookie('loginattempts', 1);
$db->delete_query("sessions", "ip='".$db->escape_string($session->ipaddress)."' AND sid != '".$session->sid."'");
$newsession = array(
"uid" => $user['uid'],
"loginattempts" => 1,
);
$db->update_query("sessions", $newsession, "sid='".$session->sid."'");

// Temporarily set the cookie remember option for the login cookies
$mybb->user['remember'] = $user['remember'];

my_setcookie("mybbuser", $user['uid']."_".$user['loginkey'], null, true);
my_setcookie("sid", $session->sid, -1, true);

$plugins->run_hooks("member_do_login_end");

if($mybb->input['url'] != "" && my_strpos(basename($mybb->input['url']), 'member.php') === false)
{
if((my_strpos(basename($mybb->input['url']), 'newthread.php') !== false || my_strpos(basename($mybb->input['url']), 'newreply.php') !== false) && my_strpos($mybb->input['url'], '&processed=1') !== false)
{
$mybb->input['url'] = str_replace('&processed=1', '', $mybb->input['url']);
}

$mybb->input['url'] = str_replace('&amp;', '&', $mybb->input['url']);

// Redirect to the URL if it is not member.php
redirect(htmlentities($mybb->input['url']), $lang->redirect_loggedin);
}
else
{
redirect("index.php", $lang->redirect_loggedin);
}

 
}

if($mybb->input['action'] == "logout")

}

if($mybb->input['action'] == "logout")

Zeile 1250Zeile 1347
	{
$percent = $memprofile['postnum']*100/$numposts;
$percent = round($percent, 2);

	{
$percent = $memprofile['postnum']*100/$numposts;
$percent = round($percent, 2);

	}


	}


	if($percent > 100)

	if($percent > 100)

	{

	{

		$percent = 100;

		$percent = 100;

	}

	}


$query = $db->simple_select("users", "COUNT(uid) AS referrals", "referrer='{$memprofile['uid']}'");
$referrals = $db->fetch_field($query, "referrals");

if(!empty($memprofile['icq']))


$query = $db->simple_select("users", "COUNT(uid) AS referrals", "referrer='{$memprofile['uid']}'");
$referrals = $db->fetch_field($query, "referrals");

if(!empty($memprofile['icq']))

	{

	{

		$memprofile['icq'] = intval($memprofile['icq']);
}
else
{
$memprofile['icq'] = '';

		$memprofile['icq'] = intval($memprofile['icq']);
}
else
{
$memprofile['icq'] = '';

	}

	}


if($memprofile['away'] == 1 && $mybb->settings['allowaway'] != 0)
{


if($memprofile['away'] == 1 && $mybb->settings['allowaway'] != 0)
{

Zeile 1282Zeile 1379
			$awayreason = $lang->away_no_reason;
}
if($memprofile['returndate'] == '')

			$awayreason = $lang->away_no_reason;
}
if($memprofile['returndate'] == '')

		{

		{

			$returndate = "$lang->unknown";
}
else

			$returndate = "$lang->unknown";
}
else

Zeile 1298Zeile 1395
			{
$returnmkdate = mktime(0, 0, 0, $returnhome[1], $returnhome[0], $returnhome[2]);
$returndate = my_date($mybb->settings['dateformat'], $returnmkdate);

			{
$returnmkdate = mktime(0, 0, 0, $returnhome[1], $returnhome[0], $returnhome[2]);
$returndate = my_date($mybb->settings['dateformat'], $returnmkdate);

			}

			}

		}
eval("\$awaybit = \"".$templates->get("member_profile_away")."\";");
}

		}
eval("\$awaybit = \"".$templates->get("member_profile_away")."\";");
}

Zeile 1313Zeile 1410
	$memregdate = my_date($mybb->settings['dateformat'], $memprofile['regdate']);
$memlocaldate = gmdate($mybb->settings['dateformat'], TIME_NOW + ($memprofile['timezone'] * 3600));
$memlocaltime = gmdate($mybb->settings['timeformat'], TIME_NOW + ($memprofile['timezone'] * 3600));

	$memregdate = my_date($mybb->settings['dateformat'], $memprofile['regdate']);
$memlocaldate = gmdate($mybb->settings['dateformat'], TIME_NOW + ($memprofile['timezone'] * 3600));
$memlocaltime = gmdate($mybb->settings['timeformat'], TIME_NOW + ($memprofile['timezone'] * 3600));





	$localtime = $lang->sprintf($lang->local_time_format, $memlocaldate, $memlocaltime);

if($memprofile['lastactive'])

	$localtime = $lang->sprintf($lang->local_time_format, $memlocaldate, $memlocaltime);

if($memprofile['lastactive'])

Zeile 1374Zeile 1471
	{
$membday = $lang->not_specified;
$membdayage = '';

	{
$membday = $lang->not_specified;
$membdayage = '';

	}


	}


	if(!$memprofile['displaygroup'])
{
$memprofile['displaygroup'] = $memprofile['usergroup'];

	if(!$memprofile['displaygroup'])
{
$memprofile['displaygroup'] = $memprofile['usergroup'];

Zeile 1383Zeile 1480
	$displaygroup = usergroup_displaygroup($memprofile['displaygroup']);

// Get the user title for this user

	$displaygroup = usergroup_displaygroup($memprofile['displaygroup']);

// Get the user title for this user

 
	unset($usertitle);
unset($stars);

	if(trim($memprofile['usertitle']) != '')

	if(trim($memprofile['usertitle']) != '')

	{

	{

		// User has custom user title
$usertitle = $memprofile['usertitle'];
}
elseif(trim($displaygroup['usertitle']) != '')

		// User has custom user title
$usertitle = $memprofile['usertitle'];
}
elseif(trim($displaygroup['usertitle']) != '')

	{

	{

		// User has group title
$usertitle = $displaygroup['usertitle'];
}

		// User has group title
$usertitle = $displaygroup['usertitle'];
}

Zeile 1401Zeile 1500
		{
if($memprofile['postnum'] >= $title['posts'])
{

		{
if($memprofile['postnum'] >= $title['posts'])
{

				$usertitle = $title['title'];





















				$usertitle = $title['title'];
$stars = $title['stars'];
$starimage = $title['starimage'];
break;
}
}
}

if($displaygroup['stars'])
{
// Set the number of stars if display group has constant number of stars
$stars = $displaygroup['stars'];
}
elseif(!$stars)
{
// This is for cases where the user has a title, but the group has no defined number of stars (use number of stars as per default usergroups)
$query = $db->simple_select("usertitles", "*", "", array('order_by' => 'posts', 'order_dir' => 'DESC'));
while($title = $db->fetch_array($query))
{
if($memprofile['postnum'] >= $title['posts'])
{

				$stars = $title['stars'];
$starimage = $title['starimage'];
break;
}
}

				$stars = $title['stars'];
$starimage = $title['starimage'];
break;
}
}

	}

if($displaygroup['stars'])
{
$stars = $displaygroup['stars'];

 
	}

if(!empty($displaygroup['image']))

	}

if(!empty($displaygroup['image']))

Zeile 1442Zeile 1556
	
// User is currently online and this user has permissions to view the user on the WOL
$timesearch = TIME_NOW - $mybb->settings['wolcutoffmins']*60;

	
// User is currently online and this user has permissions to view the user on the WOL
$timesearch = TIME_NOW - $mybb->settings['wolcutoffmins']*60;

	$query = $db->simple_select("sessions", "location", "uid='$uid' AND time>'{$timesearch}'", array('order_by' => 'time', 'order_dir' => 'DESC', 'limit' => 1));
$location = $db->fetch_field($query, 'location');

	$query = $db->simple_select("sessions", "location,nopermission", "uid='$uid' AND time>'{$timesearch}'", array('order_by' => 'time', 'order_dir' => 'DESC', 'limit' => 1));
$session = $db->fetch_array($query);

	

	

	if(($memprofile['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1 || $memprofile['uid'] == $mybb->user['uid']) && $location)

	if(($memprofile['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1 || $memprofile['uid'] == $mybb->user['uid']) && !empty($session))

	{
// Fetch their current location
$lang->load("online");
require_once MYBB_ROOT."inc/functions_online.php";

	{
// Fetch their current location
$lang->load("online");
require_once MYBB_ROOT."inc/functions_online.php";

		$activity = fetch_wol_activity($location);

		$activity = fetch_wol_activity($session['location'], $session['nopermission']);

		$location = build_friendly_wol_location($activity);
$location_time = my_date($mybb->settings['timeformat'], $memprofile['lastactive']);


		$location = build_friendly_wol_location($activity);
$location_time = my_date($mybb->settings['timeformat'], $memprofile['lastactive']);


Zeile 1627Zeile 1741

if(count($errors) == 0)
{


if(count($errors) == 0)
{

		$from = "{$mybb->user['username']} <{$mybb->user['email']}>";








		if($mybb->settings['mail_handler'] == 'smtp')
{
$from = $mybb->user['email'];
}
else
{
$from = "{$mybb->user['username']} <{$mybb->user['email']}>";
}

		
$message = $lang->sprintf($lang->email_emailuser, $to_user['username'], $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->input['message']);

		
$message = $lang->sprintf($lang->email_emailuser, $to_user['username'], $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->input['message']);

		my_mail($to_user['email'], $mybb->input['subject'], $message, $from);

		my_mail($to_user['email'], $mybb->input['subject'], $message, $from, "", "", false, "text", "", $mybb->user['email']);

		
if($mybb->settings['mail_logging'] > 0)
{

		
if($mybb->settings['mail_logging'] > 0)
{