Vergleich inc/datahandlers/user.php - 1.6.0 - 1.6.10

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * $Id: user.php 5172 2010-08-02 23:13:03Z RyanGordon $

 * $Id$

 */

// Disallow direct access to this file for security reasons

 */

// Disallow direct access to this file for security reasons

Zeile 70Zeile 70

// Fix bad characters
$username = trim_blank_chrs($username);


// Fix bad characters
$username = trim_blank_chrs($username);

		$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);

		$username = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);

Zeile 183Zeile 183
			// First, see if there is one or more complex character(s) in the password.
if(!preg_match("/^.*(?=.{".$mybb->settings['minpasswordlength'].",})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $user['password']))
{

			// First, see if there is one or more complex character(s) in the password.
if(!preg_match("/^.*(?=.{".$mybb->settings['minpasswordlength'].",})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $user['password']))
{

				$this->set_error('no_complex_characters');

				$this->set_error('no_complex_characters', array($mybb->settings['minpasswordlength']));

				return false;
}
}

				return false;
}
}

Zeile 382Zeile 382
		else if($birthday['year'] == date("Y"))
{
// Error if birth date is in future

		else if($birthday['year'] == date("Y"))
{
// Error if birth date is in future

			if($birthday['month'] > date("m") || ($birthday['month'] == date("m") && $bithday['day'] > date("d")))

			if($birthday['month'] > date("m") || ($birthday['month'] == date("m") && $birthday['day'] > date("d")))

			{
$this->set_error("invalid_birthday");
return false;

			{
$this->set_error("invalid_birthday");
return false;

Zeile 395Zeile 395
			$this->set_error("invalid_birthday_coppa");
return false;
}

			$this->set_error("invalid_birthday_coppa");
return false;
}

		elseif(($mybb->settings['coppa'] == "deny" || $mybb->settings['coppa'] == "enabled") && $birthday['year'] > (date("Y")-13))

		elseif($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13))

		{
$this->set_error("invalid_birthday_coppa2");
return false;

		{
$this->set_error("invalid_birthday_coppa2");
return false;

Zeile 419Zeile 419
		}
return true;
}

		}
return true;
}

	























/**
* Verifies if the birthday privacy option is valid or not.
*
* @return boolean True when valid, false when invalid.
*/
function verify_birthday_privacy()
{
$birthdayprivacy = &$this->data['birthdayprivacy'];
$accepted = array(
'none',
'age',
'all');

if(!in_array($birthdayprivacy, $accepted))
{
$this->set_error("invalid_birthday_privacy");
return false;
}
return true;
}


	/**
* Verifies if the post count field is filled in correctly.
*

	/**
* Verifies if the post count field is filled in correctly.
*

Zeile 464Zeile 485
		$options = array(
'order_by' => 'disporder'
);

		$options = array(
'order_by' => 'disporder'
);

		$query = $db->simple_select('profilefields', 'name, type, fid, required', $editable, $options);

		$query = $db->simple_select('profilefields', 'name, type, fid, required, maxlength', $editable, $options);


// Then loop through the profile fields.
while($profilefield = $db->fetch_array($query))


// Then loop through the profile fields.
while($profilefield = $db->fetch_array($query))

Zeile 477Zeile 498
			// If the profile field is required, but not filled in, present error.
if($type != "multiselect" && $type != "checkbox")
{

			// If the profile field is required, but not filled in, present error.
if($type != "multiselect" && $type != "checkbox")
{

				if(trim($profile_fields[$field]) == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP'))

				if(trim($profile_fields[$field]) == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP') && THIS_SCRIPT != "modcp.php")

				{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}
}

				{
$this->set_error('missing_required_profile_field', array($profilefield['name']));
}
}

			elseif(($type == "multiselect" || $type == "checkbox") && $profile_fields[$field] == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP'))

			elseif(($type == "multiselect" || $type == "checkbox") && $profile_fields[$field] == "" && $profilefield['required'] == 1 && !defined('IN_ADMINCP') && THIS_SCRIPT != "modcp.php")

			{
$this->set_error('missing_required_profile_field', array($profilefield['name']));

			{
$this->set_error('missing_required_profile_field', array($profilefield['name']));

			}


			}


			// Sort out multiselect/checkbox profile fields.
$options = '';
if(($type == "multiselect" || $type == "checkbox") && is_array($profile_fields[$field]))

			// Sort out multiselect/checkbox profile fields.
$options = '';
if(($type == "multiselect" || $type == "checkbox") && is_array($profile_fields[$field]))

Zeile 526Zeile 547
				$options = $db->escape_string($profile_fields[$field]);
}
else

				$options = $db->escape_string($profile_fields[$field]);
}
else

			{
$options = $db->escape_string($profile_fields[$field]);






			{
if($profilefield['maxlength'] > 0 && my_strlen($profile_fields[$field]) > $profilefield['maxlength'])
{
$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
}

$options = $db->escape_string($profile_fields[$field]);

			}
$user['user_fields'][$field] = $options;
}

			}
$user['user_fields'][$field] = $options;
}

Zeile 835Zeile 861

// First, grab the old user details if this user exists
if($user['uid'])


// First, grab the old user details if this user exists
if($user['uid'])

		{

		{

			$old_user = get_user($user['uid']);
}


			$old_user = get_user($user['uid']);
}


Zeile 873Zeile 899
			$this->verify_website();
}
if($this->method == "insert" || array_key_exists('icq', $user))

			$this->verify_website();
}
if($this->method == "insert" || array_key_exists('icq', $user))

		{

		{

			$this->verify_icq();

			$this->verify_icq();

		}

		}

		if($this->method == "insert" || array_key_exists('msn', $user))

		if($this->method == "insert" || array_key_exists('msn', $user))

		{

		{

			$this->verify_msn();
}
if($this->method == "insert" || is_array($user['birthday']))

			$this->verify_msn();
}
if($this->method == "insert" || is_array($user['birthday']))

		{

		{

			$this->verify_birthday();
}
if($this->method == "insert" || array_key_exists('postnum', $user))

			$this->verify_birthday();
}
if($this->method == "insert" || array_key_exists('postnum', $user))

		{

		{

			$this->verify_postnum();
}
if($this->method == "insert" || array_key_exists('profile_fields', $user))

			$this->verify_postnum();
}
if($this->method == "insert" || array_key_exists('profile_fields', $user))

Zeile 911Zeile 937
		if($this->method == "insert" || array_key_exists('lastactive', $user))
{
$this->verify_lastactive();

		if($this->method == "insert" || array_key_exists('lastactive', $user))
{
$this->verify_lastactive();

		}

		}

		if($this->method == "insert" || array_key_exists('away', $user))

		if($this->method == "insert" || array_key_exists('away', $user))

		{

		{

			$this->verify_away();

			$this->verify_away();

		}

		}

		if($this->method == "insert" || array_key_exists('language', $user))
{
$this->verify_language();

		if($this->method == "insert" || array_key_exists('language', $user))
{
$this->verify_language();

		}

		}

		if($this->method == "insert" && array_key_exists('regcheck1', $user) && array_key_exists('regcheck2', $user))

		if($this->method == "insert" && array_key_exists('regcheck1', $user) && array_key_exists('regcheck2', $user))

		{

		{

			$this->verify_checkfields();

			$this->verify_checkfields();

 
		}
if(array_key_exists('birthdayprivacy', $user))
{
$this->verify_birthday_privacy();

		}


		}


		if(method_exists($plugins, "run_hooks_by_ref"))
{
$plugins->run_hooks_by_ref("datahandler_user_validate", $this);
}

		$plugins->run_hooks("datahandler_user_validate", $this);




		
// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)

		
// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)

		{

		{

			return false;

			return false;

		}

		}

		else
{
return true;

		else
{
return true;

		}
}


		}
}


	/**
* Inserts a user into the database.
*/

	/**
* Inserts a user into the database.
*/

Zeile 977Zeile 1004
			"regdate" => intval($user['regdate']),
"lastactive" => intval($user['lastactive']),
"lastvisit" => intval($user['lastvisit']),

			"regdate" => intval($user['regdate']),
"lastactive" => intval($user['lastactive']),
"lastvisit" => intval($user['lastvisit']),

			"website" => $db->escape_string(htmlspecialchars($user['website'])),

			"website" => $db->escape_string(htmlspecialchars_uni($user['website'])),

			"icq" => intval($user['icq']),

			"icq" => intval($user['icq']),

			"aim" => $db->escape_string(htmlspecialchars($user['aim'])),
"yahoo" => $db->escape_string(htmlspecialchars($user['yahoo'])),
"msn" => $db->escape_string(htmlspecialchars($user['msn'])),

			"aim" => $db->escape_string(htmlspecialchars_uni($user['aim'])),
"yahoo" => $db->escape_string(htmlspecialchars_uni($user['yahoo'])),
"msn" => $db->escape_string(htmlspecialchars_uni($user['msn'])),

			"birthday" => $user['bday'],
"signature" => $db->escape_string($user['signature']),
"allownotices" => $user['options']['allownotices'],

			"birthday" => $user['bday'],
"signature" => $db->escape_string($user['signature']),
"allownotices" => $user['options']['allownotices'],

Zeile 1039Zeile 1066
			$this->user_insert_data['dst'] = 0;
}


			$this->user_insert_data['dst'] = 0;
}


		if(method_exists($plugins, "run_hooks_by_ref"))
{
$plugins->run_hooks_by_ref("datahandler_user_insert", $this);
}


		$plugins->run_hooks("datahandler_user_insert", $this);





		$this->uid = $db->insert_query("users", $this->user_insert_data);

		$this->uid = $db->insert_query("users", $this->user_insert_data);

		

		

		$user['user_fields']['ufid'] = $this->uid;

$query = $db->simple_select("profilefields", "fid");
while($profile_field = $db->fetch_array($query))

		$user['user_fields']['ufid'] = $this->uid;

$query = $db->simple_select("profilefields", "fid");
while($profile_field = $db->fetch_array($query))

		{

		{

			if(array_key_exists("fid{$profile_field['fid']}", $user['user_fields']))
{
continue;

			if(array_key_exists("fid{$profile_field['fid']}", $user['user_fields']))
{
continue;

Zeile 1115Zeile 1139
			$this->user_update_data['loginkey'] = $user['loginkey'];
}
if(isset($user['email']))

			$this->user_update_data['loginkey'] = $user['loginkey'];
}
if(isset($user['email']))

		{

		{

			$this->user_update_data['email'] = $user['email'];

			$this->user_update_data['email'] = $user['email'];

		}

		}

		if(isset($user['postnum']))

		if(isset($user['postnum']))

		{

		{

			$this->user_update_data['postnum'] = intval($user['postnum']);
}
if(isset($user['avatar']))

			$this->user_update_data['postnum'] = intval($user['postnum']);
}
if(isset($user['avatar']))

Zeile 1128Zeile 1152
			$this->user_update_data['avatartype'] = $db->escape_string($user['avatartype']);
}
if(isset($user['usergroup']))

			$this->user_update_data['avatartype'] = $db->escape_string($user['avatartype']);
}
if(isset($user['usergroup']))

		{

		{

			$this->user_update_data['usergroup'] = intval($user['usergroup']);
}
if(isset($user['additionalgroups']))

			$this->user_update_data['usergroup'] = intval($user['usergroup']);
}
if(isset($user['additionalgroups']))

Zeile 1154Zeile 1178
		if(isset($user['lastvisit']))
{
$this->user_update_data['lastvisit'] = intval($user['lastvisit']);

		if(isset($user['lastvisit']))
{
$this->user_update_data['lastvisit'] = intval($user['lastvisit']);

		}

		}

		if(isset($user['signature']))
{
$this->user_update_data['signature'] = $db->escape_string($user['signature']);
}
if(isset($user['website']))
{

		if(isset($user['signature']))
{
$this->user_update_data['signature'] = $db->escape_string($user['signature']);
}
if(isset($user['website']))
{

			$this->user_update_data['website'] = $db->escape_string(htmlspecialchars($user['website']));

			$this->user_update_data['website'] = $db->escape_string(htmlspecialchars_uni($user['website']));

		}
if(isset($user['icq']))
{

		}
if(isset($user['icq']))
{

Zeile 1169Zeile 1193
		}
if(isset($user['aim']))
{

		}
if(isset($user['aim']))
{

			$this->user_update_data['aim'] = $db->escape_string(htmlspecialchars($user['aim']));

			$this->user_update_data['aim'] = $db->escape_string(htmlspecialchars_uni($user['aim']));

		}
if(isset($user['yahoo']))
{

		}
if(isset($user['yahoo']))
{

			$this->user_update_data['yahoo'] = $db->escape_string(htmlspecialchars($user['yahoo']));

			$this->user_update_data['yahoo'] = $db->escape_string(htmlspecialchars_uni($user['yahoo']));

		}
if(isset($user['msn']))
{

		}
if(isset($user['msn']))
{

			$this->user_update_data['msn'] = $db->escape_string(htmlspecialchars($user['msn']));

			$this->user_update_data['msn'] = $db->escape_string(htmlspecialchars_uni($user['msn']));

		}
if(isset($user['bday']))
{

		}
if(isset($user['bday']))
{

Zeile 1208Zeile 1232
			$this->user_update_data['regip'] = $db->escape_string($user['regip']);
}
if(isset($user['language']))

			$this->user_update_data['regip'] = $db->escape_string($user['regip']);
}
if(isset($user['language']))

		{

		{

			$this->user_update_data['language'] = $db->escape_string($user['language']);
}
if(isset($user['away']))

			$this->user_update_data['language'] = $db->escape_string($user['language']);
}
if(isset($user['away']))

		{

		{

			$this->user_update_data['away'] = $user['away']['away'];
$this->user_update_data['awaydate'] = $db->escape_string($user['away']['date']);
$this->user_update_data['returndate'] = $db->escape_string($user['away']['returndate']);
$this->user_update_data['awayreason'] = $db->escape_string($user['away']['awayreason']);

			$this->user_update_data['away'] = $user['away']['away'];
$this->user_update_data['awaydate'] = $db->escape_string($user['away']['date']);
$this->user_update_data['returndate'] = $db->escape_string($user['away']['returndate']);
$this->user_update_data['awayreason'] = $db->escape_string($user['away']['awayreason']);

		}

		}

		if(isset($user['notepad']))
{
$this->user_update_data['notepad'] = $db->escape_string($user['notepad']);

		if(isset($user['notepad']))
{
$this->user_update_data['notepad'] = $db->escape_string($user['notepad']);

		}

		}

		if(isset($user['usernotes']))
{
$this->user_update_data['usernotes'] = $db->escape_string($user['usernotes']);

		if(isset($user['usernotes']))
{
$this->user_update_data['usernotes'] = $db->escape_string($user['usernotes']);

Zeile 1246Zeile 1270
			unset($this->user_update_data['pmnotice']);
}


			unset($this->user_update_data['pmnotice']);
}


		if(method_exists($plugins, "run_hooks_by_ref"))
{
$plugins->run_hooks_by_ref("datahandler_user_update", $this);
}

		$plugins->run_hooks("datahandler_user_update", $this);




		
if(count($this->user_update_data) < 1 && empty($user['user_fields']))
{

		
if(count($this->user_update_data) < 1 && empty($user['user_fields']))
{

Zeile 1263Zeile 1284
		}

$cache->update_moderators();

		}

$cache->update_moderators();

		if(isset($user['bday']))

		if(isset($user['bday']) || isset($user['username']))

		{
$cache->update_birthdays();
}

		{
$cache->update_birthdays();
}