Vergleich xmlhttp.php - 1.6.0 - 1.6.8

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * $Id: xmlhttp.php 5125 2010-07-27 07:28:03Z RyanGordon $

 * $Id: xmlhttp.php 5641 2011-10-26 09:36:44Z Tomm $

 */

/**

 */

/**

Zeile 175Zeile 175
		$group['title'] = htmlspecialchars_uni($group['title']);
// Send the result to the browser for this usergroup.
echo "<div>\n";

		$group['title'] = htmlspecialchars_uni($group['title']);
// Send the result to the browser for this usergroup.
echo "<div>\n";

		echo "<span class=\"usergroup\">{$group['title']}</span>\n";

		echo "<span class=\"usergroup\">{$group['title']} ({$lang->usergroup} {$group['gid']})</span>\n";

		echo "</div>\n";
}
}

		echo "</div>\n";
}
}

Zeile 622Zeile 622
else if($mybb->input['action'] == "complex_password")
{
$password = trim($mybb->input['value']);

else if($mybb->input['action'] == "complex_password")
{
$password = trim($mybb->input['value']);

	$password = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $password);

	$password = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $password);


header("Content-type: text/xml; charset={$charset}");
if(!preg_match("/^.*(?=.{".$mybb->settings['minpasswordlength'].",})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $password))


header("Content-type: text/xml; charset={$charset}");
if(!preg_match("/^.*(?=.{".$mybb->settings['minpasswordlength'].",})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $password))

Zeile 639Zeile 639
}
else if($mybb->input['action'] == "username_availability")
{

}
else if($mybb->input['action'] == "username_availability")
{

 
	if(!verify_post_check($mybb->input['my_post_key'], true))
{
xmlhttp_error($lang->invalid_post_code);
}


	require_once MYBB_ROOT."inc/functions_user.php";
$username = $mybb->input['value'];

// Fix bad characters
$username = trim($username);

	require_once MYBB_ROOT."inc/functions_user.php";
$username = $mybb->input['value'];

// Fix bad characters
$username = trim($username);

	$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);

	$username = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);

Zeile 652Zeile 657
	header("Content-type: text/xml; charset={$charset}");

if(empty($username))

	header("Content-type: text/xml; charset={$charset}");

if(empty($username))

	{

	{

		echo "<fail>{$lang->banned_characters_username}</fail>";
exit;
}

		echo "<fail>{$lang->banned_characters_username}</fail>";
exit;
}

Zeile 662Zeile 667
	if($banned_username)
{
echo "<fail>{$lang->banned_username}</fail>";

	if($banned_username)
{
echo "<fail>{$lang->banned_username}</fail>";

		exit;
}


		exit;
}


	// Check for certain characters in username (<, >, &, and slashes)
if(strpos($username, "<") !== false || strpos($username, ">") !== false || strpos($username, "&") !== false || my_strpos($username, "\\") !== false || strpos($username, ";") !== false)
{
echo "<fail>{$lang->banned_characters_username}</fail>";

	// Check for certain characters in username (<, >, &, and slashes)
if(strpos($username, "<") !== false || strpos($username, ">") !== false || strpos($username, "&") !== false || my_strpos($username, "\\") !== false || strpos($username, ";") !== false)
{
echo "<fail>{$lang->banned_characters_username}</fail>";

		exit;
}

		exit;
}


// Check if the username is actually already in use
$query = $db->simple_select("users", "uid", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'");


// Check if the username is actually already in use
$query = $db->simple_select("users", "uid", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'");

Zeile 678Zeile 683

if($user['uid'])
{


if($user['uid'])
{

		$lang->username_taken = $lang->sprintf($lang->username_taken, $username);

		$lang->username_taken = $lang->sprintf($lang->username_taken, htmlspecialchars_uni($username));

		echo "<fail>{$lang->username_taken}</fail>";
exit;
}
else

		echo "<fail>{$lang->username_taken}</fail>";
exit;
}
else

	{
$lang->username_available = $lang->sprintf($lang->username_available, $username);

	{
$lang->username_available = $lang->sprintf($lang->username_available, htmlspecialchars_uni($username));

		echo "<success>{$lang->username_available}</success>";
exit;

		echo "<success>{$lang->username_available}</success>";
exit;

	}

	}

}
else if($mybb->input['action'] == "username_exists")
{

}
else if($mybb->input['action'] == "username_exists")
{

 
	if(!verify_post_check($mybb->input['my_post_key'], true))
{
xmlhttp_error($lang->invalid_post_code);
}


	require_once MYBB_ROOT."inc/functions_user.php";
$username = $mybb->input['value'];


	require_once MYBB_ROOT."inc/functions_user.php";
$username = $mybb->input['value'];


Zeile 708Zeile 718

if($user['uid'])
{


if($user['uid'])
{

		$lang->valid_username = $lang->sprintf($lang->valid_username, $username);

		$lang->valid_username = $lang->sprintf($lang->valid_username, htmlspecialchars_uni($username));

		echo "<success>{$lang->valid_username}</success>";
exit;
}
else
{

		echo "<success>{$lang->valid_username}</success>";
exit;
}
else
{

		$lang->invalid_username = $lang->sprintf($lang->invalid_username, $username);

		$lang->invalid_username = htmlspecialchars_uni($lang->sprintf($lang->invalid_username, htmlspecialchars_uni($username)));

		echo "<fail>{$lang->invalid_username}</fail>";
exit;
}

		echo "<fail>{$lang->invalid_username}</fail>";
exit;
}