Vergleich inc/datahandlers/user.php - 1.6.10 - 1.6.12 - Doku

		}

		// Check for certain characters in username (<, >, &, commas and slashes)

		}

		// Check for certain characters in username (<, >, &, commas and slashes)

		{
			$this->set_error("bad_characters_username");
			return false;

		{
			$this->set_error("bad_characters_username");
			return false;


		return true;
	}


		return true;
	}

	/**
	 * Verifies if a username is already in use or not.
	 *

	/**
	 * Verifies if a username is already in use or not.
	 *


		$username = &$this->data['username'];


		$username = &$this->data['username'];

		if($this->data['uid'])
		{
			$uid_check = " AND uid!='{$this->data['uid']}'";
		}

		if($this->data['uid'])
		{
			$uid_check = " AND uid!='{$this->data['uid']}'";
		}

		$query = $db->simple_select("users", "COUNT(uid) AS count", "LOWER(username)='".$db->escape_string(strtolower(trim($username)))."'{$uid_check}");

		$query = $db->simple_select("users", "COUNT(uid) AS count", "LOWER(username)='".$db->escape_string(strtolower(trim($username)))."'{$uid_check}");

		$user_count = $db->fetch_field($query, "count");
		if($user_count > 0)

		$user_count = $db->fetch_field($query, "count");
		if($user_count > 0)

			$this->set_error("username_exists", array($username));
			return true;

			$this->set_error("username_exists", array($username));
			return true;

		else
		{
			return false;
		}
	}

		else
		{
			return false;
		}
	}

	/**
	* Verifies if a new password is valid or not.
	*
	* @return boolean True when valid, false when invalid.
	*/
	function verify_password()

	/**
	* Verifies if a new password is valid or not.
	*
	* @return boolean True when valid, false when invalid.
	*/
	function verify_password()

		$user = &$this->data;

		// Always check for the length of the password.
		if(my_strlen($user['password']) < $mybb->settings['minpasswordlength'] || my_strlen($user['password']) > $mybb->settings['maxpasswordlength'])

		$user = &$this->data;

		// Always check for the length of the password.
		if(my_strlen($user['password']) < $mybb->settings['minpasswordlength'] || my_strlen($user['password']) > $mybb->settings['maxpasswordlength'])

			$this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength']));
			return false;
		}

			$this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength']));
			return false;
		}

			if(!preg_match("/^.*(?=.{".$mybb->settings['minpasswordlength'].",})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $user['password']))
			{
				$this->set_error('no_complex_characters', array($mybb->settings['minpasswordlength']));

			if(!preg_match("/^.*(?=.{".$mybb->settings['minpasswordlength'].",})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/", $user['password']))
			{
				$this->set_error('no_complex_characters', array($mybb->settings['minpasswordlength']));

		}

		// If we have a "password2" check if they both match

		}

		// If we have a "password2" check if they both match

			$this->set_error("passwords_dont_match");
			return false;
		}

			$this->set_error("passwords_dont_match");
			return false;
		}

		// MD5 the password
		$user['md5password'] = md5($user['password']);

		// MD5 the password
		$user['md5password'] = md5($user['password']);

		// Generate our salt
		$user['salt'] = generate_salt();

		// Combine the password and salt
		$user['saltedpw'] = salt_password($user['md5password'], $user['salt']);

		// Generate our salt
		$user['salt'] = generate_salt();

		// Combine the password and salt
		$user['saltedpw'] = salt_password($user['md5password'], $user['salt']);

		// Generate the user login key
		$user['loginkey'] = generate_loginkey();

		// Generate the user login key
		$user['loginkey'] = generate_loginkey();


		// Check if this is a proper email address.
		if(!validate_email_format($user['email']))


		// Check if this is a proper email address.
		if(!validate_email_format($user['email']))

			$this->set_error('invalid_email_format');

			$this->set_error('invalid_email_format');

		// Check banned emails
		if(is_banned_email($user['email'], true))
		{
			$this->set_error('banned_email');
			return false;
		}

		// Check banned emails
		if(is_banned_email($user['email'], true))
		{
			$this->set_error('banned_email');
			return false;
		}

		// Check signed up emails
		// Ignore the ACP because the Merge System sometimes produces users with duplicate email addresses (Not A Bug)
		if($mybb->settings['allowmultipleemails'] == 0 && !defined("IN_ADMINCP"))

		// Check signed up emails
		// Ignore the ACP because the Merge System sometimes produces users with duplicate email addresses (Not A Bug)
		if($mybb->settings['allowmultipleemails'] == 0 && !defined("IN_ADMINCP"))


	/**
	* Verifies if a website is valid or not.


	/**
	* Verifies if a website is valid or not.

	function verify_website()
	{
		$website = &$this->data['website'];

	function verify_website()
	{
		$website = &$this->data['website'];

		if(empty($website) || my_strtolower($website) == 'http://' || my_strtolower($website) == 'https://')

		if(empty($website) || my_strtolower($website) == 'http://' || my_strtolower($website) == 'https://')

			$website = '';
			return true;

			$website = '';
			return true;


		// Does the website start with http(s)://?
		if(my_strtolower(substr($website, 0, 4)) != "http")
		{
			// Website does not start with http://, let's see if the user forgot.
			$website = "http://".$website;


		// Does the website start with http(s)://?
		if(my_strtolower(substr($website, 0, 4)) != "http")
		{
			// Website does not start with http://, let's see if the user forgot.
			$website = "http://".$website;


	/**
	 * Verifies if an ICQ number is valid or not.


	/**
	 * Verifies if an ICQ number is valid or not.

			return false;
		}
		$icq = intval($icq);

			return false;
		}
		$icq = intval($icq);

	 * Verifies if an MSN Messenger address is valid or not.
	 *
	 * @return boolean True when valid, false when invalid.

	 * Verifies if an MSN Messenger address is valid or not.
	 *
	 * @return boolean True when valid, false when invalid.

	function verify_msn()
	{
		$msn = &$this->data['msn'];

	function verify_msn()
	{
		$msn = &$this->data['msn'];

		if($msn != '' && validate_email_format($msn) == false)
		{
			$this->set_error("invalid_msn_address");

		if($msn != '' && validate_email_format($msn) == false)
		{
			$this->set_error("invalid_msn_address");

	* Verifies if a birthday is valid or not.
	*
	* @return boolean True when valid, false when invalid.

	* Verifies if a birthday is valid or not.
	*
	* @return boolean True when valid, false when invalid.

		// Check if the day actually exists.
		$months = get_bdays($birthday['year']);
		if($birthday['day'] > $months[$birthday['month']-1])

		// Check if the day actually exists.
		$months = get_bdays($birthday['year']);
		if($birthday['day'] > $months[$birthday['month']-1])

			return false;
		}

			return false;
		}

				$this->set_error("invalid_birthday");
				return false;
			}

				$this->set_error("invalid_birthday");
				return false;
			}

		// Error if COPPA is on, and the user hasn't verified their age / under 13
		if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 || !$birthday['year']))

		// Error if COPPA is on, and the user hasn't verified their age / under 13
		if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 || !$birthday['year']))

			$this->set_error("invalid_birthday_coppa");

			$this->set_error("invalid_birthday_coppa");

		}
		elseif($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13))
		{

		}
		elseif($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13))
		{

		{
			// If the year is specified, put together a d-m-y string
			$user['bday'] = $birthday['day']."-".$birthday['month']."-".$birthday['year'];

		{
			// If the year is specified, put together a d-m-y string
			$user['bday'] = $birthday['day']."-".$birthday['month']."-".$birthday['year'];

		elseif($birthday['day'] && $birthday['month'])
		{
			// If only a day and month are specified, put together a d-m string
			$user['bday'] = $birthday['day']."-".$birthday['month']."-";

		elseif($birthday['day'] && $birthday['month'])
		{
			// If only a day and month are specified, put together a d-m string
			$user['bday'] = $birthday['day']."-".$birthday['month']."-";

		else
		{
			// No field is specified, so return an empty string for an unknown birthday

		else
		{
			// No field is specified, so return an empty string for an unknown birthday


	/**
	 * Verifies if the birthday privacy option is valid or not.


	/**
	 * Verifies if the birthday privacy option is valid or not.

	function verify_birthday_privacy()
	{
		$birthdayprivacy = &$this->data['birthdayprivacy'];

	function verify_birthday_privacy()
	{
		$birthdayprivacy = &$this->data['birthdayprivacy'];

		if(!in_array($birthdayprivacy, $accepted))
		{
			$this->set_error("invalid_birthday_privacy");

		if(!in_array($birthdayprivacy, $accepted))
		{
			$this->set_error("invalid_birthday_privacy");

		}
		return true;
	}

		}
		return true;
	}

	* @return boolean True when valid, false when invalid.
	*/
	function verify_postnum()

	* @return boolean True when valid, false when invalid.
	*/
	function verify_postnum()

		if($user['postnum'] < 0)
		{
			$this->set_error("invalid_postnum");
			return false;
		}

		if($user['postnum'] < 0)
		{
			$this->set_error("invalid_postnum");
			return false;
		}

		return true;
	}

		return true;
	}

		$userfields = array();
		$comma = '';
		$editable = '';

		$userfields = array();
		$comma = '';
		$editable = '';

		if(!$this->data['profile_fields_editable'])
		{
			$editable = "editable=1";

		if(!$this->data['profile_fields_editable'])
		{
			$editable = "editable=1";

	function verify_options()
	{
		global $mybb;

	function verify_options()
	{
		global $mybb;

		$options = &$this->data['options'];

		// Verify yes/no options.

		$options = &$this->data['options'];

		// Verify yes/no options.

		$this->verify_yesno_option($options, 'showavatars', 1);
		$this->verify_yesno_option($options, 'showquickreply', 1);
		$this->verify_yesno_option($options, 'showredirect', 1);

		$this->verify_yesno_option($options, 'showavatars', 1);
		$this->verify_yesno_option($options, 'showquickreply', 1);
		$this->verify_yesno_option($options, 'showredirect', 1);

		if($mybb->settings['postlayout'] == 'classic')
		{
			$this->verify_yesno_option($options, 'classicpostbit', 1);

		if($mybb->settings['postlayout'] == 'classic')
		{
			$this->verify_yesno_option($options, 'classicpostbit', 1);

		{
			$this->verify_yesno_option($options, 'classicpostbit', 0);
		}

		{
			$this->verify_yesno_option($options, 'classicpostbit', 0);
		}

		if(array_key_exists('subscriptionmethod', $options))
		{
			// Value out of range

		if(array_key_exists('subscriptionmethod', $options))
		{
			// Value out of range

			if($options['subscriptionmethod'] < 0 || $options['subscriptionmethod'] > 2)
			{
				$options['subscriptionmethod'] = 0;

			if($options['subscriptionmethod'] < 0 || $options['subscriptionmethod'] > 2)
			{
				$options['subscriptionmethod'] = 0;


		if(array_key_exists('dstcorrection', $options))
		{


		if(array_key_exists('dstcorrection', $options))
		{

				$options['dstcorrection'] = 0;
			}
		}

				$options['dstcorrection'] = 0;
			}
		}

		if($options['dstcorrection'] == 1)
		{
			$options['dst'] = 1;

		if($options['dstcorrection'] == 1)
		{
			$options['dst'] = 1;

        {
            $options['showcodebuttons'] = 1;
        }

        {
            $options['showcodebuttons'] = 1;
        }

		if($this->method == "insert" || (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded"))
		{
			if($mybb->settings['threadusenetstyle'])

		if($this->method == "insert" || (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded"))
		{
			if($mybb->settings['threadusenetstyle'])

				$this->set_error("missing_returndate");
				return false;
			}

				$this->set_error("missing_returndate");
				return false;
			}

			// Validate the return date lengths
			$user['away']['returndate'] = substr($returnday, 0, 2).'-'.substr($returnmonth, 0, 2).'-'.substr($returnyear, 0, 4);

			// Validate the return date lengths
			$user['away']['returndate'] = substr($returnday, 0, 2).'-'.substr($returnmonth, 0, 2).'-'.substr($returnyear, 0, 4);


	/**
	 * Verifies if a langage is valid for this user or not.


	/**
	 * Verifies if a langage is valid for this user or not.

	 * @return boolean True when valid, false when invalid.
	 */
	function verify_language()

	 * @return boolean True when valid, false when invalid.
	 */
	function verify_language()

		global $lang;

		global $lang;

		// An invalid language has been specified?
		if($language != '' && !$lang->language_exists($language))
		{

		// An invalid language has been specified?
		if($language != '' && !$lang->language_exists($language))
		{

		}
		return true;
	}

		}
		return true;
	}

	/**
	 * Verifies if this is coming from a spam bot or not
	 *

	/**
	 * Verifies if this is coming from a spam bot or not
	 *

	function verify_checkfields()
	{
		$user = &$this->data;

	function verify_checkfields()
	{
		$user = &$this->data;

		// An invalid language has been specified?
		if($user['regcheck1'] !== "" || $user['regcheck2'] !== "true")
		{

		// An invalid language has been specified?
		if($user['regcheck1'] !== "" || $user['regcheck2'] !== "true")
		{

		{
			$this->verify_birthday_privacy();
		}

		{
			$this->verify_birthday_privacy();
		}

		$plugins->run_hooks("datahandler_user_validate", $this);

		$plugins->run_hooks("datahandler_user_validate", $this);

		// We are done validating, return.
		$this->set_validated(true);
		if(count($this->get_errors()) > 0)

		// We are done validating, return.
		$this->set_validated(true);
		if(count($this->get_errors()) > 0)

			"classicpostbit" => $user['options']['classicpostbit'],
			"usernotes" => ''
		);

			"classicpostbit" => $user['options']['classicpostbit'],
			"usernotes" => ''
		);

		if($user['options']['dstcorrection'] == 1)
		{
			$this->user_insert_data['dst'] = 1;
		}
		else if($user['options']['dstcorrection'] == 0)

		if($user['options']['dstcorrection'] == 1)
		{
			$this->user_insert_data['dst'] = 1;
		}
		else if($user['options']['dstcorrection'] == 0)

			$this->user_insert_data['dst'] = 0;

			$this->user_insert_data['dst'] = 0;

		$plugins->run_hooks("datahandler_user_insert", $this);

		$plugins->run_hooks("datahandler_user_insert", $this);

		$this->uid = $db->insert_query("users", $this->user_insert_data);

		$this->uid = $db->insert_query("users", $this->user_insert_data);

		$user['user_fields']['ufid'] = $this->uid;

		$user['user_fields']['ufid'] = $this->uid;

		$query = $db->simple_select("profilefields", "fid");
		while($profile_field = $db->fetch_array($query))
		{

		$query = $db->simple_select("profilefields", "fid");
		while($profile_field = $db->fetch_array($query))
		{

		}

		$db->insert_query("userfields", $user['user_fields'], false);

		}

		$db->insert_query("userfields", $user['user_fields'], false);

		if($this->user_insert_data['referrer'] != 0)
		{
			$db->write_query("

		if($this->user_insert_data['referrer'] != 0)
		{
			$db->write_query("

		{
			unset($this->user_update_data['pmnotice']);
		}

		{
			unset($this->user_update_data['pmnotice']);
		}

		$plugins->run_hooks("datahandler_user_update", $this);

		$plugins->run_hooks("datahandler_user_update", $this);

		if(count($this->user_update_data) < 1 && empty($user['user_fields']))

		if(count($this->user_update_data) < 1 && empty($user['user_fields']))


		if(count($this->user_update_data) > 0)
		{
			// Actual updating happens here.
			$db->update_query("users", $this->user_update_data, "uid='{$user['uid']}'");
		}


		if(count($this->user_update_data) > 0)
		{
			// Actual updating happens here.
			$db->update_query("users", $this->user_update_data, "uid='{$user['uid']}'");
		}

		$cache->update_moderators();
		if(isset($user['bday']) || isset($user['username']))
		{
			$cache->update_birthdays();

		$cache->update_moderators();
		if(isset($user['bday']) || isset($user['username']))
		{
			$cache->update_birthdays();

		// Maybe some userfields need to be updated?
		if(is_array($user['user_fields']))
		{

		// Maybe some userfields need to be updated?
		if(is_array($user['user_fields']))
		{

			$db->update_query("threads", $username_update, "uid='{$user['uid']}'");
			$db->update_query("threads", $lastposter_update, "lastposteruid='{$user['uid']}'");
			$db->update_query("forums", $lastposter_update, "lastposteruid='{$user['uid']}'");

			$db->update_query("threads", $username_update, "uid='{$user['uid']}'");
			$db->update_query("threads", $lastposter_update, "lastposteruid='{$user['uid']}'");
			$db->update_query("forums", $lastposter_update, "lastposteruid='{$user['uid']}'");

			$stats = $cache->read("stats");
			if($stats['lastuid'] == $user['uid'])
			{

			$stats = $cache->read("stats");
			if($stats['lastuid'] == $user['uid'])
			{

Zeile 90	Zeile 90
} // Check for certain characters in username (<, >, &, commas and slashes)	} // Check for certain characters in username (<, >, &, commas and slashes)
if(strpos($username, "<") !== false \|\| strpos($username, ">") !== false \|\| strpos($username, "&") !== false \|\| my_strpos($username, "\\") !== false \|\| strpos($username, ";") !== false \|\| strpos($username, ",") !== false)	if(strpos($username, "<") !== false \|\| strpos($username, ">") !== false \|\| strpos($username, "&") !== false \|\| my_strpos($username, "\\") !== false \|\| strpos($username, ";") !== false \|\| strpos($username, ",") !== false \|\| !validate_utf8_string($username, false, false))
{ $this->set_error("bad_characters_username"); return false;	{ $this->set_error("bad_characters_username"); return false;
Zeile 126	Zeile 126
return true; }	return true; }

/** * Verifies if a username is already in use or not. *	/** * Verifies if a username is already in use or not. *
Zeile 138	Zeile 138
$username = &$this->data['username'];	$username = &$this->data['username'];
$uid_check = "";	$uid_check = "";
if($this->data['uid']) { $uid_check = " AND uid!='{$this->data['uid']}'"; }	if($this->data['uid']) { $uid_check = " AND uid!='{$this->data['uid']}'"; }

$query = $db->simple_select("users", "COUNT(uid) AS count", "LOWER(username)='".$db->escape_string(strtolower(trim($username)))."'{$uid_check}");	$query = $db->simple_select("users", "COUNT(uid) AS count", "LOWER(username)='".$db->escape_string(strtolower(trim($username)))."'{$uid_check}");

$user_count = $db->fetch_field($query, "count"); if($user_count > 0)	$user_count = $db->fetch_field($query, "count"); if($user_count > 0)
{	{
$this->set_error("username_exists", array($username)); return true;	$this->set_error("username_exists", array($username)); return true;
}	}
else { return false; } }	else { return false; } }

/** * Verifies if a new password is valid or not. * * @return boolean True when valid, false when invalid. */ function verify_password()	/** * Verifies if a new password is valid or not. * * @return boolean True when valid, false when invalid. */ function verify_password()
{ global $mybb;	{ global $mybb;
$user = &$this->data; // Always check for the length of the password. if(my_strlen($user['password']) < $mybb->settings['minpasswordlength'] \|\| my_strlen($user['password']) > $mybb->settings['maxpasswordlength'])	$user = &$this->data; // Always check for the length of the password. if(my_strlen($user['password']) < $mybb->settings['minpasswordlength'] \|\| my_strlen($user['password']) > $mybb->settings['maxpasswordlength'])
{	{
$this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength'])); return false; }	$this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength'])); return false; }
Zeile 184	Zeile 184
if(!preg_match("/^.(?=.{".$mybb->settings['minpasswordlength'].",})(?=.\d)(?=.[a-z])(?=.[A-Z]).*$/", $user['password'])) { $this->set_error('no_complex_characters', array($mybb->settings['minpasswordlength']));	if(!preg_match("/^.(?=.{".$mybb->settings['minpasswordlength'].",})(?=.\d)(?=.[a-z])(?=.[A-Z]).*$/", $user['password'])) { $this->set_error('no_complex_characters', array($mybb->settings['minpasswordlength']));
return false; }	return false; }
} // If we have a "password2" check if they both match	} // If we have a "password2" check if they both match
Zeile 194	Zeile 194
$this->set_error("passwords_dont_match"); return false; }	$this->set_error("passwords_dont_match"); return false; }

// MD5 the password $user['md5password'] = md5($user['password']);	// MD5 the password $user['md5password'] = md5($user['password']);

// Generate our salt $user['salt'] = generate_salt(); // Combine the password and salt $user['saltedpw'] = salt_password($user['md5password'], $user['salt']);	// Generate our salt $user['salt'] = generate_salt(); // Combine the password and salt $user['saltedpw'] = salt_password($user['md5password'], $user['salt']);

// Generate the user login key $user['loginkey'] = generate_loginkey();	// Generate the user login key $user['loginkey'] = generate_loginkey();
Zeile 240	Zeile 240
// Check if this is a proper email address. if(!validate_email_format($user['email']))	// Check if this is a proper email address. if(!validate_email_format($user['email']))
{	{
$this->set_error('invalid_email_format');	$this->set_error('invalid_email_format');
return false; }	return false; }
// Check banned emails if(is_banned_email($user['email'], true)) { $this->set_error('banned_email'); return false; }	// Check banned emails if(is_banned_email($user['email'], true)) { $this->set_error('banned_email'); return false; }

// Check signed up emails // Ignore the ACP because the Merge System sometimes produces users with duplicate email addresses (Not A Bug) if($mybb->settings['allowmultipleemails'] == 0 && !defined("IN_ADMINCP"))	// Check signed up emails // Ignore the ACP because the Merge System sometimes produces users with duplicate email addresses (Not A Bug) if($mybb->settings['allowmultipleemails'] == 0 && !defined("IN_ADMINCP"))
Zeile 275	Zeile 275
/** * Verifies if a website is valid or not.	/** * Verifies if a website is valid or not.
* * @return boolean True when valid, false when invalid. */	* * @return boolean True when valid, false when invalid. */
function verify_website() { $website = &$this->data['website'];	function verify_website() { $website = &$this->data['website'];

if(empty($website) \|\| my_strtolower($website) == 'http://' \|\| my_strtolower($website) == 'https://')	if(empty($website) \|\| my_strtolower($website) == 'http://' \|\| my_strtolower($website) == 'https://')
{	{
$website = ''; return true;	$website = ''; return true;
}	}
// Does the website start with http(s)://? if(my_strtolower(substr($website, 0, 4)) != "http") { // Website does not start with http://, let's see if the user forgot. $website = "http://".$website;	// Does the website start with http(s)://? if(my_strtolower(substr($website, 0, 4)) != "http") { // Website does not start with http://, let's see if the user forgot. $website = "http://".$website;
} return true; }	} return true; }
/** * Verifies if an ICQ number is valid or not.	/** * Verifies if an ICQ number is valid or not.
Zeile 313	Zeile 313
return false; } $icq = intval($icq);	return false; } $icq = intval($icq);
return true; } /**	return true; } /**
* Verifies if an MSN Messenger address is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if an MSN Messenger address is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 324	Zeile 324
function verify_msn() { $msn = &$this->data['msn'];	function verify_msn() { $msn = &$this->data['msn'];

if($msn != '' && validate_email_format($msn) == false) { $this->set_error("invalid_msn_address");	if($msn != '' && validate_email_format($msn) == false) { $this->set_error("invalid_msn_address");
return false; } return true; } /**	return false; } return true; } /**
* Verifies if a birthday is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if a birthday is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 368	Zeile 368
// Check if the day actually exists. $months = get_bdays($birthday['year']); if($birthday['day'] > $months[$birthday['month']-1])	// Check if the day actually exists. $months = get_bdays($birthday['year']); if($birthday['day'] > $months[$birthday['month']-1])
{ $this->set_error("invalid_birthday");	{ $this->set_error("invalid_birthday");
return false; }	return false; }
Zeile 387	Zeile 387
$this->set_error("invalid_birthday"); return false; }	$this->set_error("invalid_birthday"); return false; }
}	}
// Error if COPPA is on, and the user hasn't verified their age / under 13 if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 \|\| !$birthday['year']))	// Error if COPPA is on, and the user hasn't verified their age / under 13 if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 \|\| !$birthday['year']))
{	{
$this->set_error("invalid_birthday_coppa");	$this->set_error("invalid_birthday_coppa");
return false;	return false;
} elseif($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) {	} elseif($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) {
Zeile 406	Zeile 406
{ // If the year is specified, put together a d-m-y string $user['bday'] = $birthday['day']."-".$birthday['month']."-".$birthday['year'];	{ // If the year is specified, put together a d-m-y string $user['bday'] = $birthday['day']."-".$birthday['month']."-".$birthday['year'];
}	}
elseif($birthday['day'] && $birthday['month']) { // If only a day and month are specified, put together a d-m string $user['bday'] = $birthday['day']."-".$birthday['month']."-";	elseif($birthday['day'] && $birthday['month']) { // If only a day and month are specified, put together a d-m string $user['bday'] = $birthday['day']."-".$birthday['month']."-";
}	}
else { // No field is specified, so return an empty string for an unknown birthday	else { // No field is specified, so return an empty string for an unknown birthday
Zeile 422	Zeile 422
/** * Verifies if the birthday privacy option is valid or not.	/** * Verifies if the birthday privacy option is valid or not.
* * @return boolean True when valid, false when invalid. */	* * @return boolean True when valid, false when invalid. */
function verify_birthday_privacy() { $birthdayprivacy = &$this->data['birthdayprivacy'];	function verify_birthday_privacy() { $birthdayprivacy = &$this->data['birthdayprivacy'];
Zeile 436	Zeile 436
if(!in_array($birthdayprivacy, $accepted)) { $this->set_error("invalid_birthday_privacy");	if(!in_array($birthdayprivacy, $accepted)) { $this->set_error("invalid_birthday_privacy");
return false;	return false;
} return true; }	} return true; }
Zeile 447	Zeile 447
* @return boolean True when valid, false when invalid. */ function verify_postnum()	* @return boolean True when valid, false when invalid. */ function verify_postnum()
{ $user = &$this->data;	{ $user = &$this->data;
if($user['postnum'] < 0) { $this->set_error("invalid_postnum"); return false; }	if($user['postnum'] < 0) { $this->set_error("invalid_postnum"); return false; }

return true; }	return true; }
Zeile 475	Zeile 475
$userfields = array(); $comma = ''; $editable = '';	$userfields = array(); $comma = ''; $editable = '';

if(!$this->data['profile_fields_editable']) { $editable = "editable=1";	if(!$this->data['profile_fields_editable']) { $editable = "editable=1";
Zeile 596	Zeile 596
function verify_options() { global $mybb;	function verify_options() { global $mybb;

$options = &$this->data['options']; // Verify yes/no options.	$options = &$this->data['options']; // Verify yes/no options.
Zeile 612	Zeile 612
$this->verify_yesno_option($options, 'showavatars', 1); $this->verify_yesno_option($options, 'showquickreply', 1); $this->verify_yesno_option($options, 'showredirect', 1);	$this->verify_yesno_option($options, 'showavatars', 1); $this->verify_yesno_option($options, 'showquickreply', 1); $this->verify_yesno_option($options, 'showredirect', 1);

if($mybb->settings['postlayout'] == 'classic') { $this->verify_yesno_option($options, 'classicpostbit', 1);	if($mybb->settings['postlayout'] == 'classic') { $this->verify_yesno_option($options, 'classicpostbit', 1);
Zeile 621	Zeile 621
{ $this->verify_yesno_option($options, 'classicpostbit', 0); }	{ $this->verify_yesno_option($options, 'classicpostbit', 0); }

if(array_key_exists('subscriptionmethod', $options)) { // Value out of range	if(array_key_exists('subscriptionmethod', $options)) { // Value out of range
Zeile 629	Zeile 629
if($options['subscriptionmethod'] < 0 \|\| $options['subscriptionmethod'] > 2) { $options['subscriptionmethod'] = 0;	if($options['subscriptionmethod'] < 0 \|\| $options['subscriptionmethod'] > 2) { $options['subscriptionmethod'] = 0;
} }	} }
if(array_key_exists('dstcorrection', $options)) {	if(array_key_exists('dstcorrection', $options)) {
Zeile 641	Zeile 641
$options['dstcorrection'] = 0; } }	$options['dstcorrection'] = 0; } }

if($options['dstcorrection'] == 1) { $options['dst'] = 1;	if($options['dstcorrection'] == 1) { $options['dst'] = 1;
Zeile 663	Zeile 663
{ $options['showcodebuttons'] = 1; }	{ $options['showcodebuttons'] = 1; }

if($this->method == "insert" \|\| (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded")) { if($mybb->settings['threadusenetstyle'])	if($this->method == "insert" \|\| (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded")) { if($mybb->settings['threadusenetstyle'])
Zeile 803	Zeile 803
$this->set_error("missing_returndate"); return false; }	$this->set_error("missing_returndate"); return false; }

// Validate the return date lengths $user['away']['returndate'] = substr($returnday, 0, 2).'-'.substr($returnmonth, 0, 2).'-'.substr($returnyear, 0, 4);	// Validate the return date lengths $user['away']['returndate'] = substr($returnday, 0, 2).'-'.substr($returnmonth, 0, 2).'-'.substr($returnyear, 0, 4);
} return true; }	} return true; }
/** * Verifies if a langage is valid for this user or not.	/** * Verifies if a langage is valid for this user or not.
*	*
* @return boolean True when valid, false when invalid. */ function verify_language()	* @return boolean True when valid, false when invalid. */ function verify_language()
{	{
global $lang;	global $lang;
$language = &$this->data['language'];	$language = &$this->data['language'];
// An invalid language has been specified? if($language != '' && !$lang->language_exists($language)) {	// An invalid language has been specified? if($language != '' && !$lang->language_exists($language)) {
Zeile 829	Zeile 829
} return true; }	} return true; }

/** * Verifies if this is coming from a spam bot or not *	/** * Verifies if this is coming from a spam bot or not *
Zeile 838	Zeile 838
function verify_checkfields() { $user = &$this->data;	function verify_checkfields() { $user = &$this->data;

// An invalid language has been specified? if($user['regcheck1'] !== "" \|\| $user['regcheck2'] !== "true") {	// An invalid language has been specified? if($user['regcheck1'] !== "" \|\| $user['regcheck2'] !== "true") {
Zeile 954	Zeile 954
{ $this->verify_birthday_privacy(); }	{ $this->verify_birthday_privacy(); }

$plugins->run_hooks("datahandler_user_validate", $this);	$plugins->run_hooks("datahandler_user_validate", $this);

// We are done validating, return. $this->set_validated(true); if(count($this->get_errors()) > 0)	// We are done validating, return. $this->set_validated(true); if(count($this->get_errors()) > 0)
Zeile 1056	Zeile 1056
"classicpostbit" => $user['options']['classicpostbit'], "usernotes" => '' );	"classicpostbit" => $user['options']['classicpostbit'], "usernotes" => '' );

if($user['options']['dstcorrection'] == 1) { $this->user_insert_data['dst'] = 1; } else if($user['options']['dstcorrection'] == 0)	if($user['options']['dstcorrection'] == 1) { $this->user_insert_data['dst'] = 1; } else if($user['options']['dstcorrection'] == 0)
{	{
$this->user_insert_data['dst'] = 0;	$this->user_insert_data['dst'] = 0;
}	}
$plugins->run_hooks("datahandler_user_insert", $this);	$plugins->run_hooks("datahandler_user_insert", $this);

$this->uid = $db->insert_query("users", $this->user_insert_data);	$this->uid = $db->insert_query("users", $this->user_insert_data);

$user['user_fields']['ufid'] = $this->uid;	$user['user_fields']['ufid'] = $this->uid;

$query = $db->simple_select("profilefields", "fid"); while($profile_field = $db->fetch_array($query)) {	$query = $db->simple_select("profilefields", "fid"); while($profile_field = $db->fetch_array($query)) {
Zeile 1083	Zeile 1083
} $db->insert_query("userfields", $user['user_fields'], false);	} $db->insert_query("userfields", $user['user_fields'], false);

if($this->user_insert_data['referrer'] != 0) { $db->write_query("	if($this->user_insert_data['referrer'] != 0) { $db->write_query("
Zeile 1269	Zeile 1269
{ unset($this->user_update_data['pmnotice']); }	{ unset($this->user_update_data['pmnotice']); }

$plugins->run_hooks("datahandler_user_update", $this);	$plugins->run_hooks("datahandler_user_update", $this);

if(count($this->user_update_data) < 1 && empty($user['user_fields']))	if(count($this->user_update_data) < 1 && empty($user['user_fields']))
{ return false; }	{ return false; }
if(count($this->user_update_data) > 0) { // Actual updating happens here. $db->update_query("users", $this->user_update_data, "uid='{$user['uid']}'"); }	if(count($this->user_update_data) > 0) { // Actual updating happens here. $db->update_query("users", $this->user_update_data, "uid='{$user['uid']}'"); }

$cache->update_moderators(); if(isset($user['bday']) \|\| isset($user['username'])) { $cache->update_birthdays();	$cache->update_moderators(); if(isset($user['bday']) \|\| isset($user['username'])) { $cache->update_birthdays();
}	}
// Maybe some userfields need to be updated? if(is_array($user['user_fields'])) {	// Maybe some userfields need to be updated? if(is_array($user['user_fields'])) {
Zeile 1328	Zeile 1328
$db->update_query("threads", $username_update, "uid='{$user['uid']}'"); $db->update_query("threads", $lastposter_update, "lastposteruid='{$user['uid']}'"); $db->update_query("forums", $lastposter_update, "lastposteruid='{$user['uid']}'");	$db->update_query("threads", $username_update, "uid='{$user['uid']}'"); $db->update_query("threads", $lastposter_update, "lastposteruid='{$user['uid']}'"); $db->update_query("forums", $lastposter_update, "lastposteruid='{$user['uid']}'");

$stats = $cache->read("stats"); if($stats['lastuid'] == $user['uid']) {	$stats = $cache->read("stats"); if($stats['lastuid'] == $user['uid']) {