Vergleich inc/datahandlers/user.php - 1.6.1 - 1.6.8

Zeile 6	Zeile 6
* Website: http://mybb.com * License: http://mybb.com/about/license *	* Website: http://mybb.com * License: http://mybb.com/about/license *
* $Id: user.php 5172 2010-08-02 23:13:03Z RyanGordon $	* $Id: user.php 5828 2012-05-08 16:06:16Z Tomm $
*/ // Disallow direct access to this file for security reasons	*/ // Disallow direct access to this file for security reasons
Zeile 70	Zeile 70
// Fix bad characters $username = trim_blank_chrs($username);	// Fix bad characters $username = trim_blank_chrs($username);
$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);	$username = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);
// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);	// Remove multiple spaces from the username $username = preg_replace("#\s{2,}#", " ", $username);
Zeile 395	Zeile 395
$this->set_error("invalid_birthday_coppa"); return false; }	$this->set_error("invalid_birthday_coppa"); return false; }
elseif(($mybb->settings['coppa'] == "deny" \|\| $mybb->settings['coppa'] == "enabled") && $birthday['year'] > (date("Y")-13))	elseif($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13))
{ $this->set_error("invalid_birthday_coppa2"); return false;	{ $this->set_error("invalid_birthday_coppa2"); return false;
Zeile 446	Zeile 446
function verify_profile_fields() { global $db;	function verify_profile_fields() { global $db;
if($this->admin_override == true) { return true; }
$user = &$this->data; $profile_fields = &$this->data['profile_fields'];	$user = &$this->data; $profile_fields = &$this->data['profile_fields'];
Zeile 469	Zeile 464
$options = array( 'order_by' => 'disporder' );	$options = array( 'order_by' => 'disporder' );
$query = $db->simple_select('profilefields', 'name, type, fid, required', $editable, $options);	$query = $db->simple_select('profilefields', 'name, type, fid, required, maxlength', $editable, $options);
// Then loop through the profile fields. while($profilefield = $db->fetch_array($query))	// Then loop through the profile fields. while($profilefield = $db->fetch_array($query))
Zeile 482	Zeile 477
// If the profile field is required, but not filled in, present error. if($type != "multiselect" && $type != "checkbox") {	// If the profile field is required, but not filled in, present error. if($type != "multiselect" && $type != "checkbox") {
if(trim($profile_fields[$field]) == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP'))	if(trim($profile_fields[$field]) == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP') && THIS_SCRIPT != "modcp.php")
{ $this->set_error('missing_required_profile_field', array($profilefield['name']));	{ $this->set_error('missing_required_profile_field', array($profilefield['name']));
} } elseif(($type == "multiselect" \|\| $type == "checkbox") && $profile_fields[$field] == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP'))	} } elseif(($type == "multiselect" \|\| $type == "checkbox") && $profile_fields[$field] == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP') && THIS_SCRIPT != "modcp.php")
{ $this->set_error('missing_required_profile_field', array($profilefield['name'])); }	{ $this->set_error('missing_required_profile_field', array($profilefield['name'])); }
Zeile 499	Zeile 494
$expoptions = explode("\n", $thing[1]); $expoptions = array_map('trim', $expoptions); foreach($profile_fields[$field] as $value)	$expoptions = explode("\n", $thing[1]); $expoptions = array_map('trim', $expoptions); foreach($profile_fields[$field] as $value)
{	{
if(!in_array(htmlspecialchars_uni($value), $expoptions)) { $this->set_error('bad_profile_field_values', array($profilefield['name']));	if(!in_array(htmlspecialchars_uni($value), $expoptions)) { $this->set_error('bad_profile_field_values', array($profilefield['name']));
Zeile 528	Zeile 523
$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength'])); }	$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength'])); }
$options = $db->escape_string($profile_fields[$field]); } else {	$options = $db->escape_string($profile_fields[$field]); } else { if($profilefield['maxlength'] > 0 && my_strlen($profile_fields[$field]) > $profilefield['maxlength']) { $this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength'])); }
$options = $db->escape_string($profile_fields[$field]); } $user['user_fields'][$field] = $options;	$options = $db->escape_string($profile_fields[$field]); } $user['user_fields'][$field] = $options;
Zeile 548	Zeile 548
function verify_referrer() { global $db, $mybb;	function verify_referrer() { global $db, $mybb;
$user = &$this->data;	$user = &$this->data;
// Does the referrer exist or not? if($mybb->settings['usereferrals'] == 1 && $user['referrer'] != '') {	// Does the referrer exist or not? if($mybb->settings['usereferrals'] == 1 && $user['referrer'] != '') {
Zeile 750	Zeile 750
if($lastactive <= 0) { $lastactive = TIME_NOW;	if($lastactive <= 0) { $lastactive = TIME_NOW;
} return true;	} return true;
} /**	} /**
Zeile 930	Zeile 930
$this->verify_checkfields(); }	$this->verify_checkfields(); }
if(method_exists($plugins, "run_hooks_by_ref")) { $plugins->run_hooks_by_ref("datahandler_user_validate", $this); }	$plugins->run_hooks("datahandler_user_validate", $this);
// We are done validating, return. $this->set_validated(true);	// We are done validating, return. $this->set_validated(true);
Zeile 942	Zeile 939
return false; } else	return false; } else
{	{
return true; } }	return true; } }
Zeile 953	Zeile 950
function insert_user() { global $db, $cache, $plugins;	function insert_user() { global $db, $cache, $plugins;
// Yes, validating is required. if(!$this->get_validated()) { die("The user needs to be validated before inserting it into the DB.");	// Yes, validating is required. if(!$this->get_validated()) { die("The user needs to be validated before inserting it into the DB.");
} if(count($this->get_errors()) > 0) {	} if(count($this->get_errors()) > 0) {
Zeile 1044	Zeile 1041
$this->user_insert_data['dst'] = 0; }	$this->user_insert_data['dst'] = 0; }
if(method_exists($plugins, "run_hooks_by_ref")) { $plugins->run_hooks_by_ref("datahandler_user_insert", $this); }	$plugins->run_hooks("datahandler_user_insert", $this);
$this->uid = $db->insert_query("users", $this->user_insert_data);	$this->uid = $db->insert_query("users", $this->user_insert_data);

$user['user_fields']['ufid'] = $this->uid; $query = $db->simple_select("profilefields", "fid");	$user['user_fields']['ufid'] = $this->uid; $query = $db->simple_select("profilefields", "fid");
Zeile 1061	Zeile 1055
continue; } $user['user_fields']["fid{$profile_field['fid']}"] = '';	continue; } $user['user_fields']["fid{$profile_field['fid']}"] = '';
}	}
$db->insert_query("userfields", $user['user_fields'], false); if($this->user_insert_data['referrer'] != 0)	$db->insert_query("userfields", $user['user_fields'], false); if($this->user_insert_data['referrer'] != 0)
Zeile 1100	Zeile 1094
die("The user needs to be validated before inserting it into the DB."); } if(count($this->get_errors()) > 0)	die("The user needs to be validated before inserting it into the DB."); } if(count($this->get_errors()) > 0)
{	{
die("The user is not valid."); }	die("The user is not valid."); }
Zeile 1126	Zeile 1120
if(isset($user['postnum'])) { $this->user_update_data['postnum'] = intval($user['postnum']);	if(isset($user['postnum'])) { $this->user_update_data['postnum'] = intval($user['postnum']);
}	}
if(isset($user['avatar'])) { $this->user_update_data['avatar'] = $db->escape_string($user['avatar']);	if(isset($user['avatar'])) { $this->user_update_data['avatar'] = $db->escape_string($user['avatar']);
Zeile 1151	Zeile 1145
if(isset($user['regdate'])) { $this->user_update_data['regdate'] = intval($user['regdate']);	if(isset($user['regdate'])) { $this->user_update_data['regdate'] = intval($user['regdate']);
}	}
if(isset($user['lastactive']))	if(isset($user['lastactive']))
{	{
$this->user_update_data['lastactive'] = intval($user['lastactive']);	$this->user_update_data['lastactive'] = intval($user['lastactive']);
}	}
if(isset($user['lastvisit'])) { $this->user_update_data['lastvisit'] = intval($user['lastvisit']);	if(isset($user['lastvisit'])) { $this->user_update_data['lastvisit'] = intval($user['lastvisit']);
}	}
if(isset($user['signature'])) { $this->user_update_data['signature'] = $db->escape_string($user['signature']);	if(isset($user['signature'])) { $this->user_update_data['signature'] = $db->escape_string($user['signature']);
}	}
if(isset($user['website'])) { $this->user_update_data['website'] = $db->escape_string(htmlspecialchars($user['website']));	if(isset($user['website'])) { $this->user_update_data['website'] = $db->escape_string(htmlspecialchars($user['website']));
Zeile 1201	Zeile 1195
$this->user_update_data['timezone'] = $db->escape_string($user['timezone']); } if(isset($user['dateformat']))	$this->user_update_data['timezone'] = $db->escape_string($user['timezone']); } if(isset($user['dateformat']))
{	{
$this->user_update_data['dateformat'] = $db->escape_string($user['dateformat']);	$this->user_update_data['dateformat'] = $db->escape_string($user['dateformat']);
}	}
if(isset($user['timeformat']))	if(isset($user['timeformat']))
{	{
$this->user_update_data['timeformat'] = $db->escape_string($user['timeformat']); } if(isset($user['regip']))	$this->user_update_data['timeformat'] = $db->escape_string($user['timeformat']); } if(isset($user['regip']))
{	{
$this->user_update_data['regip'] = $db->escape_string($user['regip']); } if(isset($user['language']))	$this->user_update_data['regip'] = $db->escape_string($user['regip']); } if(isset($user['language']))
{	{
$this->user_update_data['language'] = $db->escape_string($user['language']); } if(isset($user['away']))	$this->user_update_data['language'] = $db->escape_string($user['language']); } if(isset($user['away']))
{	{
$this->user_update_data['away'] = $user['away']['away']; $this->user_update_data['awaydate'] = $db->escape_string($user['away']['date']); $this->user_update_data['returndate'] = $db->escape_string($user['away']['returndate']); $this->user_update_data['awayreason'] = $db->escape_string($user['away']['awayreason']);	$this->user_update_data['away'] = $user['away']['away']; $this->user_update_data['awaydate'] = $db->escape_string($user['away']['date']); $this->user_update_data['returndate'] = $db->escape_string($user['away']['returndate']); $this->user_update_data['awayreason'] = $db->escape_string($user['away']['awayreason']);
}	}
if(isset($user['notepad'])) { $this->user_update_data['notepad'] = $db->escape_string($user['notepad']);	if(isset($user['notepad'])) { $this->user_update_data['notepad'] = $db->escape_string($user['notepad']);
}	}
if(isset($user['usernotes'])) { $this->user_update_data['usernotes'] = $db->escape_string($user['usernotes']);	if(isset($user['usernotes'])) { $this->user_update_data['usernotes'] = $db->escape_string($user['usernotes']);
Zeile 1251	Zeile 1245
unset($this->user_update_data['pmnotice']); }	unset($this->user_update_data['pmnotice']); }
if(method_exists($plugins, "run_hooks_by_ref")) { $plugins->run_hooks_by_ref("datahandler_user_update", $this); }	$plugins->run_hooks("datahandler_user_update", $this);
if(count($this->user_update_data) < 1 && empty($user['user_fields'])) {	if(count($this->user_update_data) < 1 && empty($user['user_fields'])) {
Zeile 1268	Zeile 1259
} $cache->update_moderators();	} $cache->update_moderators();
if(isset($user['bday']))	if(isset($user['bday']) \|\| isset($user['username']))
{ $cache->update_birthdays(); }	{ $cache->update_birthdays(); }