Vergleich usercp.php - 1.4.0 - 1.4.10

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 1Zeile 1
<?php
/**
* MyBB 1.4

<?php
/**
* MyBB 1.4

 * Copyright � 2008 MyBB Group, All Rights Reserved

 * Copyright � 2008 MyBB Group, All Rights Reserved

 *
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 *
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * $Id: usercp.php 4038 2008-07-25 08:50:26Z dennis $

 * $Id: usercp.php 4620 2009-12-20 07:29:15Z dennis $

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

 
define('THIS_SCRIPT', 'usercp.php');


$templatelist = "usercp,usercp_home,usercp_nav,usercp_profile,error_nopermission,buddy_online,buddy_offline,usercp_changename,usercp_nav_changename";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups";


$templatelist = "usercp,usercp_home,usercp_nav,usercp_profile,error_nopermission,buddy_online,buddy_offline,usercp_changename,usercp_nav_changename";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups";

Zeile 72Zeile 73
	}
else if($mybb->settings['siglength'] > 0)
{

	}
else if($mybb->settings['siglength'] > 0)
{

		if($mybb->settings['sigcountmycode'] == 1)

		if($mybb->settings['sigcountmycode'] == 0)

		{
$parsed_sig = $parser->text_parse_message($mybb->input['signature']);
}

		{
$parsed_sig = $parser->text_parse_message($mybb->input['signature']);
}

Zeile 172Zeile 173
		$awaydate = TIME_NOW;
if($mybb->input['awayday'])
{

		$awaydate = TIME_NOW;
if($mybb->input['awayday'])
{

 
			// If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year

			if(!$mybb->input['awaymonth'])
{
$mybb->input['awaymonth'] = my_date('n', $awaydate);
}

			if(!$mybb->input['awaymonth'])
{
$mybb->input['awaymonth'] = my_date('n', $awaydate);
}



 
			if(!$mybb->input['awayyear'])
{
$mybb->input['awayyear'] = my_date('Y', $awaydate);
}

			if(!$mybb->input['awayyear'])
{
$mybb->input['awayyear'] = my_date('Y', $awaydate);
}

 
			
$return_month = intval(substr($mybb->input['awaymonth'], 0, 2));
$return_day = intval(substr($mybb->input['awayday'], 0, 2));
$return_year = intval(substr($mybb->input['awayyear'], 0, 4));





			$returntimestamp = gmmktime(0, 0, 0, $mybb->input['awaymonth'], $mybb->input['awayday'], $mybb->input['awayyear']);


			// Check if return date is after the away date.
$returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year);

			$awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));

			$awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));

			if ($returntimestamp < $awaytimestamp && $mybb->input['awayyear'] < my_date("Y"))

			if ($returntimestamp < $awaytimestamp)

			{
error($lang->error_usercp_return_date_past);
}

			{
error($lang->error_usercp_return_date_past);
}

			$returndate = intval($mybb->input['awayday'])."-".intval($mybb->input['awaymonth'])."-".intval($mybb->input['awayyear']);


			
$returndate = "{$return_day}-{$return_month}-{$return_year}";

		}
else
{

		}
else
{

Zeile 284Zeile 291
	for($i = 1; $i <= 31; ++$i)
{
if($bday[0] == $i)

	for($i = 1; $i <= 31; ++$i)
{
if($bday[0] == $i)

		{

		{

			$bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
}
else

			$bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n";
}
else

Zeile 458Zeile 465
					$val = trim($val);
$val = str_replace("\n", "\\n", $val);
$sel = "";

					$val = trim($val);
$val = str_replace("\n", "\\n", $val);
$sel = "";

					if($val == $userfield)
{
$sel = " selected=\"selected\"";

					if($val == $userfield)
{
$sel = " selected=\"selected\"";

					}
$select .= "<option value=\"$val\"$sel>$val</option>";

					}
$select .= "<option value=\"$val\"$sel>$val</option>";

				}

				}

				if(!$profilefield['length'])
{
$profilefield['length'] = 1;
}
$code = "<select name=\"profile_fields[$field]\" size=\"{$profilefield['length']}\">$select</select>";

				if(!$profilefield['length'])
{
$profilefield['length'] = 1;
}
$code = "<select name=\"profile_fields[$field]\" size=\"{$profilefield['length']}\">$select</select>";

			}

			}

		}
elseif($type == "radio")

		}
elseif($type == "radio")

		{
$expoptions = explode("\n", $options);
if(is_array($expoptions))
{
foreach($expoptions as $key => $val)
{

		{
$expoptions = explode("\n", $options);
if(is_array($expoptions))
{
foreach($expoptions as $key => $val)
{

					$checked = "";
if($val == $userfield)
{
$checked = " checked=\"checked\"";
}
$code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />";

					$checked = "";
if($val == $userfield)
{
$checked = " checked=\"checked\"";
}
$code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />";

				}
}

				}
}

		}
elseif($type == "checkbox")
{
if($errors)
{
$useropts = $userfield;

		}
elseif($type == "checkbox")
{
if($errors)
{
$useropts = $userfield;

			}
else
{

			}
else
{

				$useropts = explode("\n", $userfield);
}
if(is_array($useropts))
{
foreach($useropts as $key => $val)

				$useropts = explode("\n", $userfield);
}
if(is_array($useropts))
{
foreach($useropts as $key => $val)

				{
$seloptions[$val] = $val;

				{
$seloptions[$val] = $val;

				}
}
$expoptions = explode("\n", $options);

				}
}
$expoptions = explode("\n", $options);

Zeile 516Zeile 523
					}
$code .= "<input type=\"checkbox\" class=\"checkbox\" name=\"profile_fields[$field][]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />";
}

					}
$code .= "<input type=\"checkbox\" class=\"checkbox\" name=\"profile_fields[$field][]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />";
}

			}
}

			}
}

		elseif($type == "textarea")

		elseif($type == "textarea")

		{
$value = htmlspecialchars_uni($userfield);

		{
$value = htmlspecialchars_uni($userfield);

			$code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>";
}
else
{
$value = htmlspecialchars_uni($userfield);

			$code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>";
}
else
{
$value = htmlspecialchars_uni($userfield);

			$code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"{$profilefield['length']}\" maxlength=\"{$profilefield['maxlength']}\" value=\"$value\" />";






			$maxlength = "";
if($profilefield['maxlength'] > 0)
{
$maxlength = " maxlength=\"{$profilefield['maxlength']}\"";
}
$code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"{$profilefield['length']}\"{$maxlength} value=\"$value\" />";

		}
if($profilefield['required'] == 1)
{

		}
if($profilefield['required'] == 1)
{

Zeile 1019Zeile 1031

$plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)


$plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false)

	{
$errors[] = $lang->error_invalidpassword;
}
else
{
// Set up user handler.

	{
$errors[] = $lang->error_invalidpassword;
}
else
{
// Set up user handler.

		require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");


		require_once "inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");


Zeile 1135Zeile 1147
	}

// Clean input - only accept integers thanks!

	}

// Clean input - only accept integers thanks!

	array_walk($mybb->input['check'], 'intval');

	$mybb->input['check'] = array_map('intval', $mybb->input['check']);

	$tids = implode(",", $mybb->input['check']);

// Deleting these subscriptions?

	$tids = implode(",", $mybb->input['check']);

// Deleting these subscriptions?

Zeile 1235Zeile 1247
	if(is_array($subscriptions))
{
$tids = implode(",", array_keys($subscriptions));

	if(is_array($subscriptions))
{
$tids = implode(",", array_keys($subscriptions));

 
		
if($mybb->user['uid'] == 0)
{
// Build a forum cache.
$query = $db->query("
SELECT fid
FROM ".TABLE_PREFIX."forums
WHERE active != 0
ORDER BY pid, disporder
");

$forumsread = unserialize($mybb->cookies['mybb']['forumread']);
}
else
{
// Build a forum cache.
$query = $db->query("
SELECT f.fid, fr.dateline AS lastread
FROM ".TABLE_PREFIX."forums f
LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')
WHERE f.active != 0
ORDER BY pid, disporder
");
}
while($forum = $db->fetch_array($query))
{
if($mybb->user['uid'] == 0)
{
if($forumsread[$forum['fid']])
{
$forum['lastread'] = $forumsread[$forum['fid']];
}
}
$readforums[$forum['fid']] = $forum['lastread'];
}


// Check participation by the current user in any of these threads - for 'dot' folder icons
if($mybb->settings['dotfolders'] != 0)


// Check participation by the current user in any of these threads - for 'dot' folder icons
if($mybb->settings['dotfolders'] != 0)

		{

		{

			$query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})");
while($post = $db->fetch_array($query))
{

			$query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})");
while($post = $db->fetch_array($query))
{

Zeile 1256Zeile 1303
			}
}


			}
}





		$icon_cache = $cache->read("posticons");


		// Now we can build our subscription list
foreach($subscriptions as $thread)
{

		// Now we can build our subscription list
foreach($subscriptions as $thread)
{

Zeile 1264Zeile 1312

$folder = '';
$prefix = '';


$folder = '';
$prefix = '';





			// Sanitize
$thread['subject'] = $parser->parse_badwords($thread['subject']);
$thread['subject'] = htmlspecialchars_uni($thread['subject']);

			// Sanitize
$thread['subject'] = $parser->parse_badwords($thread['subject']);
$thread['subject'] = htmlspecialchars_uni($thread['subject']);

Zeile 1299Zeile 1347
			$donenew = 0;
$lastread = 0;


			$donenew = 0;
$lastread = 0;


			$forumread = my_get_array_cookie("forumread", $thread['fid']);
if($mybb->user['lastvisit'] > $forumread)










			if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid'])
{
$forum_read = $readforums[$thread['fid']];

$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;
if($forum_read == 0 || $forum_read < $read_cutoff)
{
$forum_read = $read_cutoff;
}
}
else

			{

			{

				$forumread = $mybb->user['lastvisit'];

				$forum_read = $forumsread[$thread['fid']];

			}


			}


			if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forumread)

			if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read)

			{
$cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;
}

			{
$cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;
}

Zeile 1316Zeile 1373
				{
if($thread['lastread'])
{

				{
if($thread['lastread'])
{

							$lastread = $thread['lastread'];

						$lastread = $thread['lastread'];

					}
else
{

					}
else
{

							$lastread = 1;

						$lastread = 1;

					}
}
}

					}
}
}

Zeile 1328Zeile 1385
			if(!$lastread)
{
$readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']);

			if(!$lastread)
{
$readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']);

				if($readcookie > $forumread)

				if($readcookie > $forum_read)

				{
$lastread = $readcookie;
}
else
{

				{
$lastread = $readcookie;
}
else
{

					$lastread = $forumread;

					$lastread = $forum_read;

				}
}


				}
}


Zeile 1411Zeile 1468
if($mybb->input['action'] == "forumsubscriptions")
{
$plugins->run_hooks("usercp_forumsubscriptions_start");

if($mybb->input['action'] == "forumsubscriptions")
{
$plugins->run_hooks("usercp_forumsubscriptions_start");

	$query = $db->query("
SELECT *
FROM ".TABLE_PREFIX."forumpermissions
WHERE gid='".$mybb->user['usergroup']."'
");

	$query = $db->simple_select("forumpermissions", "*", "gid='".$db->escape_string($mybb->user['usergroup'])."'");





	while($permissions = $db->fetch_array($query))

	while($permissions = $db->fetch_array($query))

	{

	{

		$permissioncache[$permissions['gid']][$permissions['fid']] = $permissions;
}

		$permissioncache[$permissions['gid']][$permissions['fid']] = $permissions;
}

 
	
if($mybb->user['uid'] == 0)
{
// Build a forum cache.
$query = $db->query("
SELECT fid
FROM ".TABLE_PREFIX."forums
WHERE active != 0
ORDER BY pid, disporder
");

$forumsread = unserialize($mybb->cookies['mybb']['forumread']);
}
else
{
// Build a forum cache.
$query = $db->query("
SELECT f.fid, fr.dateline AS lastread
FROM ".TABLE_PREFIX."forums f
LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')
WHERE f.active != 0
ORDER BY pid, disporder
");
}
while($forum = $db->fetch_array($query))
{
if($mybb->user['uid'] == 0)
{
if($forumsread[$forum['fid']])
{
$forum['lastread'] = $forumsread[$forum['fid']];
}
}
$readforums[$forum['fid']] = $forum['lastread'];
}


	$fpermissions = forum_permissions();
$query = $db->query("
SELECT fs.*, f.*, t.subject AS lastpostsubject

	$fpermissions = forum_permissions();
$query = $db->query("
SELECT fs.*, f.*, t.subject AS lastpostsubject

Zeile 1436Zeile 1525
		$forumpermissions = $fpermissions[$forum['fid']];
if($forumpermissions['canview'] != 0)
{

		$forumpermissions = $fpermissions[$forum['fid']];
if($forumpermissions['canview'] != 0)
{

			if(($forum['lastpost'] > $mybb->user['lastvisit'] || $mybbforumread[$forum['fid']] > $mybb->user['lastvisit']) && $forum['lastpost'] != 0)

			if(($forum['lastpost'] > $mybb->user['lastvisit'] || $readforums[$forum['fid']] > $mybb->user['lastvisit']) && $forum['lastpost'] != 0)

			{
$folder = "on";
}

			{
$folder = "on";
}

Zeile 1483Zeile 1572

if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{


if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{

	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

	// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


$plugins->run_hooks("usercp_do_editsig_start");
if($mybb->input['updateposts'] == "enable")


$plugins->run_hooks("usercp_do_editsig_start");
if($mybb->input['updateposts'] == "enable")

Zeile 1527Zeile 1616
	else if($error)
{
$sig = $mybb->input['signature'];

	else if($error)
{
$sig = $mybb->input['signature'];

 
		$template = false;

	}

if($sig && $template)

	}

if($sig && $template)

	{

	{

		$sig_parser = array(
"allow_html" => $mybb->settings['sightml'],
"allow_mycode" => $mybb->settings['sigmycode'],

		$sig_parser = array(
"allow_html" => $mybb->settings['sightml'],
"allow_mycode" => $mybb->settings['sigmycode'],

Zeile 1599Zeile 1689
	$avatar_error = "";

if($mybb->input['remove']) // remove avatar

	$avatar_error = "";

if($mybb->input['remove']) // remove avatar

	{

	{

		$updated_avatar = array(
"avatar" => "",
"avatardimensions" => "",

		$updated_avatar = array(
"avatar" => "",
"avatardimensions" => "",

Zeile 1701Zeile 1791
		{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{

		{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{

				list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);

				list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

				if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
$avatar_error = $lang->error_avatartoobig;

				if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
$avatar_error = $lang->error_avatartoobig;

				}

				}

			}
}


			}
}


Zeile 1812Zeile 1902
				eval("\$avatarlist .= \"".$templates->get("usercp_avatar_gallery_avatar")."\";");
}
if($count != 0)

				eval("\$avatarlist .= \"".$templates->get("usercp_avatar_gallery_avatar")."\";");
}
if($count != 0)

			{

			{

				for($i = $count; $i <= 5; ++$i)
{
eval("\$avatarlist .= \"".$templates->get("usercp_avatar_gallery_blankblock")."\";");

				for($i = $count; $i <= 5; ++$i)
{
eval("\$avatarlist .= \"".$templates->get("usercp_avatar_gallery_blankblock")."\";");

Zeile 1860Zeile 1950
		}
if($mybb->settings['maxavatardims'] != "")
{

		}
if($mybb->settings['maxavatardims'] != "")
{

			list($maxwidth, $maxheight) = explode("x", $mybb->settings['maxavatardims']);

			list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

			$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
}
if($mybb->settings['avatarsize'])

			$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
}
if($mybb->settings['avatarsize'])

Zeile 1883Zeile 1973
	}
}
if($mybb->input['action'] == "notepad")

	}
}
if($mybb->input['action'] == "notepad")

{

{

	$plugins->run_hooks("usercp_notepad_start");
$mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']);
eval("\$notepad = \"".$templates->get("usercp_notepad")."\";");

	$plugins->run_hooks("usercp_notepad_start");
$mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']);
eval("\$notepad = \"".$templates->get("usercp_notepad")."\";");

Zeile 2146Zeile 2236
		while($user = $db->fetch_array($query))
{
$profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);

		while($user = $db->fetch_array($query))
{
$profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);

			if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->user['usergroup'] == 4) && $user['lastvisit'] != $user['lastactive'])

			if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])

			{
$status = "online";
}

			{
$status = "online";
}

Zeile 2174Zeile 2264
		while($user = $db->fetch_array($query))
{
$profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);

		while($user = $db->fetch_array($query))
{
$profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']);

			if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->user['usergroup'] == 4) && $user['lastvisit'] != $user['lastactive'])

			if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])

			{
$status = "online";
}

			{
$status = "online";
}

Zeile 2447Zeile 2537
				LEFT JOIN ".TABLE_PREFIX."users u ON(((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid))
LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid)
WHERE l.uid='".$mybb->user['uid']."'

				LEFT JOIN ".TABLE_PREFIX."users u ON(((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid))
LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid)
WHERE l.uid='".$mybb->user['uid']."'

				GROUP BY l.gid

				GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers

			");
break;
default:

			");
break;
default:

Zeile 2521Zeile 2611
			}
else
{

			}
else
{

				$leavelink = "<div style=\"text-align: center;\"><a href=\"usercp.php?action=usergroups&leavegroup=".$usergroup['gid']."&amp;my_post_key={$mybb->post_code}\">".$lang->usergroup_leave."</a></div>";

				$leavelink = "<div style=\"text-align: center;\"><a href=\"usercp.php?action=usergroups&amp;leavegroup=".$usergroup['gid']."&amp;my_post_key={$mybb->post_code}\">".$lang->usergroup_leave."</a></div>";

			}
if($usergroup['description'])
{

			}
if($usergroup['description'])
{

Zeile 2730Zeile 2820
	{
error($lang->no_attachments_selected);
}

	{
error($lang->no_attachments_selected);
}

	$aids = $db->escape_string(implode(",", $mybb->input['attachments']));

	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");
while($attachment = $db->fetch_array($query))
{

	$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");
while($attachment = $db->fetch_array($query))
{