Vergleich xmlhttp.php - 1.6.1 - 1.6.10

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * $Id: xmlhttp.php 5125 2010-07-27 07:28:03Z RyanGordon $

 * $Id$

 */

/**

 */

/**

Zeile 28Zeile 28

// Load MyBB core files
require_once dirname(__FILE__)."/inc/init.php";


// Load MyBB core files
require_once dirname(__FILE__)."/inc/init.php";

 

$templatelist = "postbit_editedby,xmlhttp_inline_post_editor,xmlhttp_buddyselect_online,xmlhttp_buddyselect_offline,xmlhttp_buddyselect";
$templates->cache($db->escape_string($templatelist));


$shutdown_queries = array();



$shutdown_queries = array();


Zeile 355Zeile 358
		if($thread['closed'] == 1)
{
xmlhttp_error($lang->thread_closed_edit_message);

		if($thread['closed'] == 1)
{
xmlhttp_error($lang->thread_closed_edit_message);

		}

		}

		// Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing.
else if($forum['open'] == 0 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0 || $mybb->user['suspendposting'] == 1)

		// Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing.
else if($forum['open'] == 0 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0 || $mybb->user['suspendposting'] == 1)

		{

		{

			xmlhttp_error($lang->no_permission_edit_post);

			xmlhttp_error($lang->no_permission_edit_post);

		}

		}

		// If we're past the edit time limit - don't allow editing.
else if($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < (TIME_NOW-($mybb->settings['edittimelimit']*60)))

		// If we're past the edit time limit - don't allow editing.
else if($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < (TIME_NOW-($mybb->settings['edittimelimit']*60)))

		{

		{

			$lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
xmlhttp_error($lang->edit_time_limit);

			$lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
xmlhttp_error($lang->edit_time_limit);

 
		}
// User can't edit unapproved post
if($post['visible'] == 0)
{
xmlhttp_error($lang->post_moderation);

		}
}


		}
}


Zeile 438Zeile 446
		{
$postinfo = $posthandler->update_post();
$visible = $postinfo['visible'];

		{
$postinfo = $posthandler->update_post();
$visible = $postinfo['visible'];

			if($visible == 0 && !is_moderator())

			if($visible == 0 && !is_moderator($post['fid']))

			{
echo "<p>\n";
echo $lang->post_moderation;

			{
echo "<p>\n";
echo $lang->post_moderation;

Zeile 491Zeile 499
		
// Send our headers.
header("Content-type: text/plain; charset={$charset}");

		
// Send our headers.
header("Content-type: text/plain; charset={$charset}");

		echo "<p>\n";
echo $post['message'];
echo "</p>\n";

		echo $post['message']."\n";



		if($editedmsg)
{
echo str_replace(array("\r", "\n"), "", "<editedmsg>{$editedmsg}</editedmsg>");

		if($editedmsg)
{
echo str_replace(array("\r", "\n"), "", "<editedmsg>{$editedmsg}</editedmsg>");

Zeile 556Zeile 562
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
WHERE {$from_tid}p.pid IN ($quoted_posts) {$unviewable_forums}

		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
WHERE {$from_tid}p.pid IN ($quoted_posts) {$unviewable_forums}

 
		ORDER BY p.dateline

	");
while($quoted_post = $db->fetch_array($query))
{

	");
while($quoted_post = $db->fetch_array($query))
{

Zeile 604Zeile 611
	if($db->num_rows($query) == 0)
{
echo "<fail>{$lang->captcha_valid_not_exists}</fail>";

	if($db->num_rows($query) == 0)
{
echo "<fail>{$lang->captcha_valid_not_exists}</fail>";

		exit;
}

		exit;
}

	$imagestring = $db->fetch_field($query, 'imagestring');

if(my_strtolower($imagestring) == my_strtolower($mybb->input['value']))

	$imagestring = $db->fetch_field($query, 'imagestring');

if(my_strtolower($imagestring) == my_strtolower($mybb->input['value']))

Zeile 616Zeile 623
	else
{
echo "<fail>{$lang->captcha_does_not_match}</fail>";

	else
{
echo "<fail>{$lang->captcha_does_not_match}</fail>";

		exit;

		exit;

	}
}
else if($mybb->input['action'] == "complex_password")
{
$password = trim($mybb->input['value']);

	}
}
else if($mybb->input['action'] == "complex_password")
{
$password = trim($mybb->input['value']);

	$password = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $password);

	$password = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $password);


header("Content-type: text/xml; charset={$charset}");
if(!preg_match("/^.*(?=.{".$mybb->settings['minpasswordlength'].",})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $password))


header("Content-type: text/xml; charset={$charset}");
if(!preg_match("/^.*(?=.{".$mybb->settings['minpasswordlength'].",})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $password))

Zeile 639Zeile 646
}
else if($mybb->input['action'] == "username_availability")
{

}
else if($mybb->input['action'] == "username_availability")
{

 
	if(!verify_post_check($mybb->input['my_post_key'], true))
{
xmlhttp_error($lang->invalid_post_code);
}


	require_once MYBB_ROOT."inc/functions_user.php";
$username = $mybb->input['value'];

	require_once MYBB_ROOT."inc/functions_user.php";
$username = $mybb->input['value'];





	// Fix bad characters
$username = trim($username);

	// Fix bad characters
$username = trim($username);

	$username = str_replace(array(unicode_chr(160), unicode_chr(173), unicode_chr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);

	$username = str_replace(array(unichr(160), unichr(173), unichr(0xCA), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);


// Remove multiple spaces from the username
$username = preg_replace("#\s{2,}#", " ", $username);





	header("Content-type: text/xml; charset={$charset}");

if(empty($username))

	header("Content-type: text/xml; charset={$charset}");

if(empty($username))

Zeile 678Zeile 690

if($user['uid'])
{


if($user['uid'])
{

		$lang->username_taken = $lang->sprintf($lang->username_taken, $username);

		$lang->username_taken = $lang->sprintf($lang->username_taken, htmlspecialchars_uni($username));

		echo "<fail>{$lang->username_taken}</fail>";
exit;
}
else
{

		echo "<fail>{$lang->username_taken}</fail>";
exit;
}
else
{

		$lang->username_available = $lang->sprintf($lang->username_available, $username);

		$lang->username_available = $lang->sprintf($lang->username_available, htmlspecialchars_uni($username));

		echo "<success>{$lang->username_available}</success>";
exit;
}
}
else if($mybb->input['action'] == "username_exists")
{

		echo "<success>{$lang->username_available}</success>";
exit;
}
}
else if($mybb->input['action'] == "username_exists")
{

 
	if(!verify_post_check($mybb->input['my_post_key'], true))
{
xmlhttp_error($lang->invalid_post_code);
}


	require_once MYBB_ROOT."inc/functions_user.php";
$username = $mybb->input['value'];


	require_once MYBB_ROOT."inc/functions_user.php";
$username = $mybb->input['value'];


Zeile 708Zeile 725

if($user['uid'])
{


if($user['uid'])
{

		$lang->valid_username = $lang->sprintf($lang->valid_username, $username);

		$lang->valid_username = $lang->sprintf($lang->valid_username, htmlspecialchars_uni($username));

		echo "<success>{$lang->valid_username}</success>";
exit;
}
else
{

		echo "<success>{$lang->valid_username}</success>";
exit;
}
else
{

		$lang->invalid_username = $lang->sprintf($lang->invalid_username, $username);

		$lang->invalid_username = htmlspecialchars_uni($lang->sprintf($lang->invalid_username, htmlspecialchars_uni($username)));

		echo "<fail>{$lang->invalid_username}</fail>";
exit;
}

		echo "<fail>{$lang->invalid_username}</fail>";
exit;
}