| Zeile 1 | Zeile 1 |
|---|
<?php
/**
* MyBB 1.4
|
<?php
/**
* MyBB 1.4
|
* Copyright � 2008 MyBB Group, All Rights Reserved
| * Copyright © 2008 MyBB Group, All Rights Reserved
|
*
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
*
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*
|
* $Id: portal.php 4081 2008-08-08 01:47:02Z Tikitiki $
| * $Id: portal.php 4814 2010-03-17 10:36:31Z Huji $
|
*/
define("IN_MYBB", 1);
| */
define("IN_MYBB", 1);
|
| Zeile 32 | Zeile 32 |
|---|
}
}
|
}
}
|
$templatelist = "portal_welcome,portal_welcome_membertext,portal_stats,portal_search,portal_whosonline_memberbit,portal_whosonline,portal_latestthreads_thread_lastpost,portal_latestthreads_thread,portal_latestthreads,portal_announcement_numcomments_no,portal_announcement,portal_announcement_numcomments,portal";
| $templatelist = "portal_welcome,portal_welcome_membertext,portal_stats,portal_search,portal_whosonline_memberbit,portal_whosonline,portal_latestthreads_thread_lastpost,portal_latestthreads_thread,portal_latestthreads,portal_announcement_numcomments_no,portal_announcement,portal_announcement_numcomments,portal_pms,portal";
|
require_once $change_dir."/global.php";
require_once MYBB_ROOT."inc/functions_post.php";
|
require_once $change_dir."/global.php";
require_once MYBB_ROOT."inc/functions_post.php";
|
| Zeile 60 | Zeile 60 |
|---|
if(!username_exists($mybb->input['username']))
{
|
if(!username_exists($mybb->input['username']))
{
|
my_setcookie('loginattempts', $logins + 1);
$db->write_query("UPDATE ".TABLE_PREFIX."sessions SET loginattempts=loginattempts+1 WHERE sid = '{$session->sid}'");
if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}
| |
error($lang->error_invalidpworusername.$login_text);
}
$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if(!$user['uid'])
{
my_setcookie('loginattempts', $logins + 1);
|
error($lang->error_invalidpworusername.$login_text);
}
$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if(!$user['uid'])
{
my_setcookie('loginattempts', $logins + 1);
|
$db->write_query("UPDATE ".TABLE_PREFIX."sessions SET loginattempts=loginattempts+1 WHERE sid = '{$session->sid}'");
| $db->write_query("UPDATE ".TABLE_PREFIX."users SET loginattempts=loginattempts+1 WHERE username = '".$db->escape_string($mybb->input['username'])."'");
|
if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
| if($mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
|
| Zeile 84 | Zeile 78 |
|---|
$db->delete_query("sessions", "ip='".$db->escape_string($session->ipaddress)."' AND sid != '".$session->sid."'");
$newsession = array(
"uid" => $user['uid'],
|
$db->delete_query("sessions", "ip='".$db->escape_string($session->ipaddress)."' AND sid != '".$session->sid."'");
$newsession = array(
"uid" => $user['uid'],
|
"loginattempts" => 1,
| |
);
$db->update_query("sessions", $newsession, "sid='".$session->sid."'");
|
);
$db->update_query("sessions", $newsession, "sid='".$session->sid."'");
|
| |
$db->update_query("users", array("loginattempts" => 1), "uid='{$mybb->user['uid']}'");
|
// Temporarily set the cookie remember option for the login cookies
$mybb->user['remember'] = $user['remember'];
|
// Temporarily set the cookie remember option for the login cookies
$mybb->user['remember'] = $user['remember'];
|
| Zeile 108 | Zeile 103 |
|---|
// get forums user cannot view
|
// get forums user cannot view
|
$unviewable = get_unviewable_forums();
| $unviewable = get_unviewable_forums(true);
|
if($unviewable)
{
$unviewwhere = " AND fid NOT IN ($unviewable)";
| if($unviewable)
{
$unviewwhere = " AND fid NOT IN ($unviewable)";
|
| Zeile 119 | Zeile 114 |
|---|
if($mybb->user['uid'] != 0)
{
// Get number of new posts, threads, announcements
|
if($mybb->user['uid'] != 0)
{
// Get number of new posts, threads, announcements
|
$query = $db->simple_select("posts", "COUNT(pid) AS newposts", "dateline>'".$mybb->user['lastvisit']."' $unviewwhere");
| $query = $db->simple_select("posts", "COUNT(pid) AS newposts", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' $unviewwhere");
|
$newposts = $db->fetch_field($query, "newposts");
if($newposts)
{ // if there aren't any new posts, there is no point in wasting two more queries
|
$newposts = $db->fetch_field($query, "newposts");
if($newposts)
{ // if there aren't any new posts, there is no point in wasting two more queries
|
$query = $db->simple_select("threads", "COUNT(tid) AS newthreads", "dateline>'".$mybb->user['lastvisit']."' $unviewwhere");
| $query = $db->simple_select("threads", "COUNT(tid) AS newthreads", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' $unviewwhere");
|
$newthreads = $db->fetch_field($query, "newthreads");
|
$newthreads = $db->fetch_field($query, "newthreads");
|
$query = $db->simple_select("threads", "COUNT(tid) AS newann", "dateline>'".$mybb->user['lastvisit']."' AND fid IN (".$mybb->settings['portal_announcementsfid'].") $unviewwhere");
| $query = $db->simple_select("threads", "COUNT(tid) AS newann", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' AND fid IN (".$mybb->settings['portal_announcementsfid'].") $unviewwhere");
|
$newann = $db->fetch_field($query, "newann");
if(!$newthreads)
{
| $newann = $db->fetch_field($query, "newann");
if(!$newthreads)
{
|
| Zeile 197 | Zeile 192 |
|---|
$query = $db->simple_select("privatemessages", "COUNT(*) AS pms_total", "uid='".$mybb->user['uid']."'");
$messages['pms_total'] = $db->fetch_field($query, "pms_total");
|
$query = $db->simple_select("privatemessages", "COUNT(*) AS pms_total", "uid='".$mybb->user['uid']."'");
$messages['pms_total'] = $db->fetch_field($query, "pms_total");
|
$query = $db->simple_select("privatemessages", "SUM(*) AS pms_unread", "uid='".$mybb->user['uid']."' AND IF(status='0' AND folder='1','1','0')");
| $query = $db->simple_select("privatemessages", "COUNT(*) AS pms_unread", "uid='".$mybb->user['uid']."' AND CASE WHEN status = '0' AND folder = '0' THEN TRUE ELSE FALSE END");
|
$messages['pms_unread'] = $db->fetch_field($query, "pms_unread");
break;
default:
| $messages['pms_unread'] = $db->fetch_field($query, "pms_unread");
break;
default:
|
| Zeile 373 | Zeile 368 |
|---|
{
$thread['subject'] = my_substr($thread['subject'], 0, 25) . "...";
}
|
{
$thread['subject'] = my_substr($thread['subject'], 0, 25) . "...";
}
|
$thread['subject'] = htmlspecialchars_uni($thread['subject']);
| $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
|
$thread['threadlink'] = get_thread_link($thread['tid']);
eval("\$threadlist .= \"".$templates->get("portal_latestthreads_thread")."\";");
$altbg = alt_trow();
| $thread['threadlink'] = get_thread_link($thread['tid']);
eval("\$threadlist .= \"".$templates->get("portal_latestthreads_thread")."\";");
$altbg = alt_trow();
|
| Zeile 401 | Zeile 396 |
|---|
while($forumrow = $db->fetch_array($query))
{
$forum[$forumrow['fid']] = $forumrow;
|
while($forumrow = $db->fetch_array($query))
{
$forum[$forumrow['fid']] = $forumrow;
|
}
| }
|
$pids = '';
$tids = '';
$comma = '';
$query = $db->query("
|
$pids = '';
$tids = '';
$comma = '';
$query = $db->query("
|
SELECT p.pid, p.message, p.tid
| SELECT p.pid, p.message, p.tid, p.smilieoff
|
FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE t.fid IN (".$announcementsfids.") AND t.visible='1' AND t.closed NOT LIKE 'moved|%' AND t.firstpost=p.pid
| FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE t.fid IN (".$announcementsfids.") AND t.visible='1' AND t.closed NOT LIKE 'moved|%' AND t.firstpost=p.pid
|
| Zeile 415 | Zeile 410 |
|---|
LIMIT 0, ".$mybb->settings['portal_numannouncements']
);
while($getid = $db->fetch_array($query))
|
LIMIT 0, ".$mybb->settings['portal_numannouncements']
);
while($getid = $db->fetch_array($query))
|
{
| {
|
$pids .= ",'{$getid['pid']}'";
$tids .= ",'{$getid['tid']}'";
$posts[$getid['tid']] = $getid;
| $pids .= ",'{$getid['pid']}'";
$tids .= ",'{$getid['tid']}'";
$posts[$getid['tid']] = $getid;
|
| Zeile 426 | Zeile 421 |
|---|
while($attachment = $db->fetch_array($query))
{
$attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
|
while($attachment = $db->fetch_array($query))
{
$attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
|
}
| }
|
if(is_array($forum))
{
foreach($forum as $fid => $forumrow)
{
$forumpermissions[$fid] = forum_permissions($fid);
|
if(is_array($forum))
{
foreach($forum as $fid => $forumrow)
{
$forumpermissions[$fid] = forum_permissions($fid);
|
}
| }
|
}
$icon_cache = $cache->read("posticons");
$announcements = '';
$query = $db->query("
|
}
$icon_cache = $cache->read("posticons");
$announcements = '';
$query = $db->query("
|
SELECT t.*, t.username AS threadusername, u.username, u.avatar
| SELECT t.*, t.username AS threadusername, u.username, u.avatar, u.avatardimensions
|
FROM ".TABLE_PREFIX."threads t
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE t.fid IN (".$announcementsfids.") AND t.tid IN (0{$tids}) AND t.visible='1' AND t.closed NOT LIKE 'moved|%'
| FROM ".TABLE_PREFIX."threads t
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE t.fid IN (".$announcementsfids.") AND t.tid IN (0{$tids}) AND t.visible='1' AND t.closed NOT LIKE 'moved|%'
|
| Zeile 451 | Zeile 446 |
|---|
{
$announcement['message'] = $posts[$announcement['tid']]['message'];
$announcement['pid'] = $posts[$announcement['tid']]['pid'];
|
{
$announcement['message'] = $posts[$announcement['tid']]['message'];
$announcement['pid'] = $posts[$announcement['tid']]['pid'];
|
| | $announcement['smilieoff'] = $posts[$announcement['tid']]['smilieoff'];
|
$announcement['threadlink'] = get_thread_link($announcement['tid']);
|
$announcement['threadlink'] = get_thread_link($announcement['tid']);
|
$announcement['profilelink'] = get_profile_link($announcement['uid']);
|
if($announcement['uid'] == 0)
{
$profilelink = htmlspecialchars_uni($announcement['threadusername']);
}
else
{
$profilelink = build_profile_link($announcement['username'], $announcement['uid']);
}
|
if(!$announcement['username'])
{
$announcement['username'] = $announcement['threadusername'];
}
|
if(!$announcement['username'])
{
$announcement['username'] = $announcement['threadusername'];
}
|
$announcement['subject'] = htmlspecialchars_uni($announcement['subject']);
| $announcement['subject'] = htmlspecialchars_uni($parser->parse_badwords($announcement['subject']));
|
if($announcement['icon'] > 0 && $icon_cache[$announcement['icon']])
{
$icon = $icon_cache[$announcement['icon']];
| if($announcement['icon'] > 0 && $icon_cache[$announcement['icon']])
{
$icon = $icon_cache[$announcement['icon']];
|