Vergleich xmlhttp.php - 1.4.7 - 1.4.16

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://www.mybboard.net
 * License: http://www.mybboard.net/about/license
 *

 
 * Website: http://www.mybboard.net
 * License: http://www.mybboard.net/about/license
 *

 * $Id: xmlhttp.php 4273 2008-11-17 00:36:29Z Tikitiki $

 * $Id: xmlhttp.php 5379 2011-02-21 11:06:42Z Tomm $

 */

/**

 */

/**

Zeile 335Zeile 335
			xmlhttp_error($lang->edit_time_limit);
		}
	}

 
			xmlhttp_error($lang->edit_time_limit);
		}
	}

 

	// Forum is closed - no editing allowed (for anyone)
	if($forum['open'] == 0)
	{
		xmlhttp_error($lang->no_permission_edit_post);
	}


	if($mybb->input['do'] == "get_post")
	{
		// Send our headers.

	if($mybb->input['do'] == "get_post")
	{
		// Send our headers.

Zeile 356Zeile 363
			xmlhttp_error($lang->invalid_post_code);
		}


 
			xmlhttp_error($lang->invalid_post_code);
		}


		$message = strval($_POST['value']);

		$message = strval($mybb->input['value']);

		if(my_strtolower($charset) != "utf-8")
		{
			if(function_exists("iconv"))

		if(my_strtolower($charset) != "utf-8")
		{
			if(function_exists("iconv"))

Zeile 560Zeile 567
	$db->insert_query("captcha", $regimagearray);
	header("Content-type: text/plain; charset={$charset}");
	echo $imagehash;

 
	$db->insert_query("captcha", $regimagearray);
	header("Content-type: text/plain; charset={$charset}");
	echo $imagehash;

}

}

else if($mybb->input['action'] == "validate_captcha")
{
	header("Content-type: text/xml; charset={$charset}");

else if($mybb->input['action'] == "validate_captcha")
{
	header("Content-type: text/xml; charset={$charset}");

Zeile 569Zeile 576
	if($db->num_rows($query) == 0)
	{
		echo "<fail>{$lang->captcha_valid_not_exists}</fail>";

 
	if($db->num_rows($query) == 0)
	{
		echo "<fail>{$lang->captcha_valid_not_exists}</fail>";

		exit;
	}

		exit;
	}

	$imagestring = $db->fetch_field($query, 'imagestring');

	if(my_strtolower($imagestring) == my_strtolower($mybb->input['value']))

 
	$imagestring = $db->fetch_field($query, 'imagestring');

	if(my_strtolower($imagestring) == my_strtolower($mybb->input['value']))

	{

	{

		echo "<success>{$lang->captcha_matches}</success>";
		exit;
	}
	else

 
		echo "<success>{$lang->captcha_matches}</success>";
		exit;
	}
	else

	{

	{

		echo "<fail>{$lang->captcha_does_not_match}</fail>";
		exit;
	}
}
else if($mybb->input['action'] == "username_availability")
{

 
		echo "<fail>{$lang->captcha_does_not_match}</fail>";
		exit;
	}
}
else if($mybb->input['action'] == "username_availability")
{

 
	if(!verify_post_check($mybb->input['my_post_key'], true))
	{
		xmlhttp_error($lang->invalid_post_code);
	}


	require_once MYBB_ROOT."inc/functions_user.php";
	$username = $mybb->input['value'];

 
	require_once MYBB_ROOT."inc/functions_user.php";
	$username = $mybb->input['value'];





	// Fix bad characters
	$username = trim($username);

 
	// Fix bad characters
	$username = trim($username);

	$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237)), array(" ", "-", "", "", ""), $username);

	$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);


	// Remove multiple spaces from the username
	$username = preg_replace("#\s{2,}#", " ", $username);
	
	if(empty($username))

 

	// Remove multiple spaces from the username
	$username = preg_replace("#\s{2,}#", " ", $username);
	
	if(empty($username))

	{
		echo "<fail>{$lang->banned_characters_username}</fail>";
		exit;
	}

	header("Content-type: text/xml; charset={$charset}");


	{
		echo "<fail>{$lang->banned_characters_username}</fail>";
		exit;
	}

	header("Content-type: text/xml; charset={$charset}");


	// Check if the username belongs to the list of banned usernames.
	$banned_username = is_banned_username($username, true);
	if($banned_username)

	// Check if the username belongs to the list of banned usernames.
	$banned_username = is_banned_username($username, true);
	if($banned_username)

Zeile 616Zeile 628
	if(strpos($username, "<") !== false || strpos($username, ">") !== false || strpos($username, "&") !== false || my_strpos($username, "\\") !== false || strpos($username, ";") !== false)
	{
		echo "<fail>{$lang->banned_characters_username}</fail>";

 
	if(strpos($username, "<") !== false || strpos($username, ">") !== false || strpos($username, "&") !== false || my_strpos($username, "\\") !== false || strpos($username, ";") !== false)
	{
		echo "<fail>{$lang->banned_characters_username}</fail>";

		exit;
	}

		exit;
	}


	// Check if the username is actually already in use
	$query = $db->simple_select("users", "uid", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'");
	$user = $db->fetch_array($query);

 

	// Check if the username is actually already in use
	$query = $db->simple_select("users", "uid", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'");
	$user = $db->fetch_array($query);





	if($user['uid'])
	{

 
	if($user['uid'])
	{

		$lang->username_taken = $lang->sprintf($lang->username_taken, $username);

		$lang->username_taken = $lang->sprintf($lang->username_taken, htmlspecialchars_uni($username));

		echo "<fail>{$lang->username_taken}</fail>";
		exit;		
	}
	else
	{

 
		echo "<fail>{$lang->username_taken}</fail>";
		exit;		
	}
	else
	{

		$lang->username_available = $lang->sprintf($lang->username_available, $username);

		$lang->username_available = $lang->sprintf($lang->username_available, htmlspecialchars_uni($username));

		echo "<success>{$lang->username_available}</success>";
		exit;
	}
}
else if($mybb->input['action'] == "username_exists")
{

 
		echo "<success>{$lang->username_available}</success>";
		exit;
	}
}
else if($mybb->input['action'] == "username_exists")
{

 
	if(!verify_post_check($mybb->input['my_post_key'], true))
	{
		xmlhttp_error($lang->invalid_post_code);
	}


	require_once MYBB_ROOT."inc/functions_user.php";
	$username = $mybb->input['value'];


	require_once MYBB_ROOT."inc/functions_user.php";
	$username = $mybb->input['value'];


Zeile 655Zeile 672

	if($user['uid'])
	{

 

	if($user['uid'])
	{

		$lang->valid_username = $lang->sprintf($lang->valid_username, $username);

		$lang->valid_username = $lang->sprintf($lang->valid_username, htmlspecialchars_uni($username));

		echo "<success>{$lang->valid_username}</success>";
		exit;
	}
	else
	{

 
		echo "<success>{$lang->valid_username}</success>";
		exit;
	}
	else
	{

		$lang->invalid_username = $lang->sprintf($lang->invalid_username, $username);

		$lang->invalid_username = $lang->sprintf($lang->invalid_username, htmlspecialchars_uni($username));

		echo "<fail>{$lang->invalid_username}</fail>";
		exit;
	}

		echo "<fail>{$lang->invalid_username}</fail>";
		exit;
	}