| Zeile 6 | Zeile 6 |
|---|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* $Id: member.php 5753 2012-03-09 14:53:07Z Tomm $
| * $Id$
|
*/
define("IN_MYBB", 1);
| */
define("IN_MYBB", 1);
|
| Zeile 1151 | Zeile 1151 |
|---|
break;
}
}
|
break;
}
}
|
|
|
$query = $db->simple_select("users", "loginattempts", "LOWER(username)='".$db->escape_string(my_strtolower($mybb->input['username']))."' OR LOWER(email)='".$db->escape_string(my_strtolower($mybb->input['username']))."'", array('limit' => 1));
$loginattempts = $db->fetch_field($query, "loginattempts");
|
$query = $db->simple_select("users", "loginattempts", "LOWER(username)='".$db->escape_string(my_strtolower($mybb->input['username']))."' OR LOWER(email)='".$db->escape_string(my_strtolower($mybb->input['username']))."'", array('limit' => 1));
$loginattempts = $db->fetch_field($query, "loginattempts");
|
|
|
$errors = array();
|
$errors = array();
|
$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if(!$user['uid'])
{
my_setcookie('loginattempts', $logins + 1);
$db->update_query("users", array('loginattempts' => 'loginattempts+1'), "LOWER(username) = '".$db->escape_string(my_strtolower($mybb->input['username']))."'", 1, true);
$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";
if($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}
switch($mybb->settings['username_method'])
{
case 0:
$errors[] = $lang->error_invalidpworusername.$login_text;
break;
case 1:
$errors[] = $lang->error_invalidpworusername1.$login_text;
break;
case 2:
$errors[] = $lang->error_invalidpworusername2.$login_text;
break;
default:
$errors[] = $lang->error_invalidpworusername.$login_text;
break;
}
}
else
| if($mybb->settings['failedcaptchalogincount'] > 0 && ($loginattempts > $mybb->settings['failedcaptchalogincount'] || intval($mybb->cookies['loginattempts']) > $mybb->settings['failedcaptchalogincount']))
|
{
|
{
|
$correct = true;
}
if($mybb->settings['failedcaptchalogincount'] > 0 && ($loginattempts > $mybb->settings['failedcaptchalogincount'] || intval($mybb->cookies['loginattempts']) > $mybb->settings['failedcaptchalogincount']))
{
| |
// Show captcha image if enabled
|
// Show captcha image if enabled
|
if($mybb->settings['captchaimage'] == 1 && function_exists("imagepng"))
{
| if($mybb->settings['captchaimage'])
{
$do_captcha = false;
|
// Check their current captcha input - if correct, hide the captcha input area
|
// Check their current captcha input - if correct, hide the captcha input area
|
if($mybb->input['imagestring'])
| require_once MYBB_ROOT.'inc/class_captcha.php';
$login_captcha = new captcha;
if($login_captcha->validate_captcha() == false)
|
{
|
{
|
$imagehash = $db->escape_string($mybb->input['imagehash']);
$imagestring = $db->escape_string($mybb->input['imagestring']);
$query = $db->simple_select("captcha", "*", "imagehash='{$imagehash}' AND imagestring='{$imagestring}'");
$imgcheck = $db->fetch_array($query);
if($imgcheck['dateline'] > 0)
| $correct = true;
$do_captcha = true;
// CAPTCHA validation failed
foreach($login_captcha->get_errors() as $error)
|
{
|
{
|
$correct = true;
}
else
{
$db->delete_query("captcha", "imagehash='{$imagehash}'");
$errors[] = $lang->error_regimageinvalid;
| $errors[] = $error;
|
}
}
|
}
}
|
else if($mybb->input['quick_login'] == 1 && $mybb->input['quick_password'] && $mybb->input['quick_username'])
{
$errors[] = $lang->error_regimagerequired;
}
else
{
$errors[] = $lang->error_regimagerequired;
}
| |
}
|
}
|
$do_captcha = true;
| |
}
|
}
|
|
// Don't check password when captcha isn't solved
if(empty($errors))
{
$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if(!$user['uid'])
{
my_setcookie('loginattempts', $logins + 1);
$db->update_query("users", array('loginattempts' => 'loginattempts+1'), "LOWER(username) = '".$db->escape_string(my_strtolower($mybb->input['username']))."'", 1, true);
$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";
if($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1)
{
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}
switch($mybb->settings['username_method'])
{
case 0:
$errors[] = $lang->error_invalidpworusername.$login_text;
break;
case 1:
$errors[] = $lang->error_invalidpworusername1.$login_text;
break;
case 2:
$errors[] = $lang->error_invalidpworusername2.$login_text;
break;
default:
$errors[] = $lang->error_invalidpworusername.$login_text;
break;
}
}
else
{
$correct = true;
}
}
|
if(!empty($errors))
{
$mybb->input['action'] = "login";
| if(!empty($errors))
{
$mybb->input['action'] = "login";
|
| Zeile 1268 | Zeile 1261 |
|---|
if((my_strpos(basename($mybb->input['url']), 'newthread.php') !== false || my_strpos(basename($mybb->input['url']), 'newreply.php') !== false) && my_strpos($mybb->input['url'], '&processed=1') !== false)
{
$mybb->input['url'] = str_replace('&processed=1', '', $mybb->input['url']);
|
if((my_strpos(basename($mybb->input['url']), 'newthread.php') !== false || my_strpos(basename($mybb->input['url']), 'newreply.php') !== false) && my_strpos($mybb->input['url'], '&processed=1') !== false)
{
$mybb->input['url'] = str_replace('&processed=1', '', $mybb->input['url']);
|
}
| }
|
$mybb->input['url'] = str_replace('&', '&', $mybb->input['url']);
// Redirect to the URL if it is not member.php
redirect(htmlentities($mybb->input['url']), $lang->redirect_loggedin);
|
$mybb->input['url'] = str_replace('&', '&', $mybb->input['url']);
// Redirect to the URL if it is not member.php
redirect(htmlentities($mybb->input['url']), $lang->redirect_loggedin);
|
}
else
| }
else
|
{
redirect("index.php", $lang->redirect_loggedin);
|
{
redirect("index.php", $lang->redirect_loggedin);
|
}
}
else
{
| }
}
else
{
|
$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";
}
$plugins->run_hooks("member_do_login_end");
}
|
$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";
}
$plugins->run_hooks("member_do_login_end");
}
|
|
|
if($mybb->input['action'] == "login")
{
$plugins->run_hooks("member_login");
| if($mybb->input['action'] == "login")
{
$plugins->run_hooks("member_login");
|
| Zeile 1312 | Zeile 1305 |
|---|
else
{
$redirect_url = '';
|
else
{
$redirect_url = '';
|
}
| }
|
$captcha = "";
// Show captcha image for guests if enabled
|
$captcha = "";
// Show captcha image for guests if enabled
|
if($mybb->settings['captchaimage'] == 1 && function_exists("imagepng") && $do_captcha == true)
| if($mybb->settings['captchaimage'])
|
{
|
{
|
$randomstr = random_str(5);
$imagehash = md5(random_str(12));
$imagearray = array(
"imagehash" => $imagehash,
"imagestring" => $randomstr,
"dateline" => TIME_NOW
);
$db->insert_query("captcha", $imagearray);
eval("\$captcha = \"".$templates->get("post_captcha")."\";");
| require_once MYBB_ROOT.'inc/class_captcha.php';
if($do_captcha == true)
{
$login_captcha = new captcha(true, "post_captcha");
if($login_captcha->html)
{
$captcha = $login_captcha->html;
}
}
else
{
$login_captcha = new captcha;
$captcha = $login_captcha->build_hidden_captcha();
}
|
}
|
}
|
$username = "";
$password = "";
|
$username = '';
$password = '';
|
if($mybb->input['username'] && $mybb->request_method == "post")
{
$username = htmlspecialchars_uni($mybb->input['username']);
| if($mybb->input['username'] && $mybb->request_method == "post")
{
$username = htmlspecialchars_uni($mybb->input['username']);
|
| Zeile 1467 | Zeile 1467 |
|---|
// Get member's permissions
$memperms = user_permissions($memprofile['uid']);
|
// Get member's permissions
$memperms = user_permissions($memprofile['uid']);
|
|
|
$lang->nav_profile = $lang->sprintf($lang->nav_profile, $memprofile['username']);
add_breadcrumb($lang->nav_profile);
| $lang->nav_profile = $lang->sprintf($lang->nav_profile, $memprofile['username']);
add_breadcrumb($lang->nav_profile);
|
| Zeile 1597 | Zeile 1597 |
|---|
$awaydate = my_date($mybb->settings['dateformat'], $memprofile['awaydate']);
if(!empty($memprofile['awayreason']))
{
|
$awaydate = my_date($mybb->settings['dateformat'], $memprofile['awaydate']);
if(!empty($memprofile['awayreason']))
{
|
$awayreason = htmlspecialchars_uni($memprofile['awayreason']);
| $reason = $parser->parse_badwords($memprofile['awayreason']);
$awayreason = htmlspecialchars_uni($reason);
|
}
else
{
| }
else
{
|
| Zeile 1626 | Zeile 1627 |
|---|
}
// If our away time has expired already, we should be back, right?
|
}
// If our away time has expired already, we should be back, right?
|
if ($returnmkdate < TIME_NOW)
| if($returnmkdate < TIME_NOW)
|
{
$db->update_query('users', array('away' => '0', 'awaydate' => '', 'returndate' => '', 'awayreason' => ''), 'uid=\''.intval($memprofile['uid']).'\'');
| {
$db->update_query('users', array('away' => '0', 'awaydate' => '', 'returndate' => '', 'awayreason' => ''), 'uid=\''.intval($memprofile['uid']).'\'');
|
| Zeile 1636 | Zeile 1637 |
|---|
}
// Check if our away status is set to 1, it may have been updated already (see a few lines above)
|
}
// Check if our away status is set to 1, it may have been updated already (see a few lines above)
|
if ($memprofile['away'] == 1)
| if($memprofile['away'] == 1)
|
{
eval("\$awaybit = \"".$templates->get("member_profile_away")."\";");
}
| {
eval("\$awaybit = \"".$templates->get("member_profile_away")."\";");
}
|
| Zeile 1846 | Zeile 1847 |
|---|
eval("\$online_status = \"".$templates->get("member_profile_online")."\";");
}
// User is offline
|
eval("\$online_status = \"".$templates->get("member_profile_online")."\";");
}
// User is offline
|
else
| else
|
{
eval("\$online_status = \"".$templates->get("member_profile_offline")."\";");
}
| {
eval("\$online_status = \"".$templates->get("member_profile_offline")."\";");
}
|
| Zeile 1858 | Zeile 1859 |
|---|
$bg_color = alt_trow(true);
eval("\$referrals = \"".$templates->get("member_profile_referrals")."\";");
|
$bg_color = alt_trow(true);
eval("\$referrals = \"".$templates->get("member_profile_referrals")."\";");
|
}
| }
|
else
|
else
|
{
| {
|
// Manually set to override colours...
$alttrow = 'trow2';
}
| // Manually set to override colours...
$alttrow = 'trow2';
}
|
| Zeile 1870 | Zeile 1871 |
|---|
{
$bg_color = alt_trow();
$reputation = get_reputation($memprofile['reputation']);
|
{
$bg_color = alt_trow();
$reputation = get_reputation($memprofile['reputation']);
|
|
|
// If this user has permission to give reputations show the vote link
if($mybb->usergroup['cangivereputations'] == 1 && $memprofile['uid'] != $mybb->user['uid'])
{
$vote_link = "[<a href=\"javascript:MyBB.reputation({$memprofile['uid']});\">{$lang->reputation_vote}</a>]";
}
|
// If this user has permission to give reputations show the vote link
if($mybb->usergroup['cangivereputations'] == 1 && $memprofile['uid'] != $mybb->user['uid'])
{
$vote_link = "[<a href=\"javascript:MyBB.reputation({$memprofile['uid']});\">{$lang->reputation_vote}</a>]";
}
|
|
|
eval("\$reputation = \"".$templates->get("member_profile_reputation")."\";");
}
if($mybb->settings['enablewarningsystem'] != 0 && $memperms['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || ($mybb->user['uid'] == $memprofile['uid'] && $mybb->settings['canviewownwarning'] != 0)))
|
eval("\$reputation = \"".$templates->get("member_profile_reputation")."\";");
}
if($mybb->settings['enablewarningsystem'] != 0 && $memperms['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || ($mybb->user['uid'] == $memprofile['uid'] && $mybb->settings['canviewownwarning'] != 0)))
|
{
| {
|
$bg_color = alt_trow();
$warning_level = round($memprofile['warningpoints']/$mybb->settings['maxwarningpoints']*100);
if($warning_level > 100)
| $bg_color = alt_trow();
$warning_level = round($memprofile['warningpoints']/$mybb->settings['maxwarningpoints']*100);
if($warning_level > 100)
|
| Zeile 1893 | Zeile 1894 |
|---|
{
eval("\$warn_user = \"".$templates->get("member_profile_warn")."\";");
$warning_link = "warnings.php?uid={$memprofile['uid']}";
|
{
eval("\$warn_user = \"".$templates->get("member_profile_warn")."\";");
$warning_link = "warnings.php?uid={$memprofile['uid']}";
|
}
| }
|
else
{
$warning_link = "usercp.php";
| else
{
$warning_link = "usercp.php";
|
| Zeile 1940 | Zeile 1941 |
|---|
}
else
{
|
}
else
{
|
| | $userfields[$field] = $parser->parse_badwords($userfields[$field]);
|
if($customfield['type'] == "textarea")
{
$customfieldval = nl2br(htmlspecialchars_uni($userfields[$field]));
| if($customfield['type'] == "textarea")
{
$customfieldval = nl2br(htmlspecialchars_uni($userfields[$field]));
|