Vergleich inc/functions_user.php - 1.6.1 - 1.6.15

Zeile 6	Zeile 6
* Website: http://mybb.com * License: http://mybb.com/about/license *	* Website: http://mybb.com * License: http://mybb.com/about/license *
* $Id: functions_user.php 5219 2010-10-01 17:32:12Z Tomm $	* $Id$
/ /*	/ /*
Zeile 40	Zeile 40
{ global $db;	{ global $db;
$query = $db->simple_select("users", "COUNT(*) as user", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'", array('limit' => 1));	$username = $db->escape_string(my_strtolower($username)); $query = $db->simple_select("users", "COUNT(*) as user", "LOWER(username)='".$username."' OR LOWER(email)='".$username."'", array('limit' => 1));
if($db->fetch_field($query, 'user') == 1) {	if($db->fetch_field($query, 'user') == 1) {
Zeile 61	Zeile 62
*/ function validate_password_from_username($username, $password) {	*/ function validate_password_from_username($username, $password) {
global $db;	global $db, $mybb;

$query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'", array('limit' => 1));	$username = $db->escape_string(my_strtolower($username)); switch($mybb->settings['username_method']) { case 0: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."'", array('limit' => 1)); break; case 1: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(email)='".$username."'", array('limit' => 1)); break; case 2: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."' OR LOWER(email)='".$username."'", array('limit' => 1)); break; default: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."'", array('limit' => 1)); break; }
$user = $db->fetch_array($query); if(!$user['uid'])	$user = $db->fetch_array($query); if(!$user['uid'])
Zeile 87	Zeile 103
function validate_password_from_uid($uid, $password, $user = array()) { global $db, $mybb;	function validate_password_from_uid($uid, $password, $user = array()) { global $db, $mybb;
if($mybb->user['uid'] == $uid)	if(isset($mybb->user['uid']) && $mybb->user['uid'] == $uid)
{ $user = $mybb->user; } if(!$user['password']) {	{ $user = $mybb->user; } if(!$user['password']) {
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'", array('limit' => 1));	$query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'");
$user = $db->fetch_array($query); } if(!$user['salt'])	$user = $db->fetch_array($query); } if(!$user['salt'])
Zeile 105	Zeile 121
"salt" => $user['salt'], "password" => $user['password'] );	"salt" => $user['salt'], "password" => $user['password'] );
$db->update_query("users", $sql_array, "uid='".$user['uid']."'", 1);	$db->update_query("users", $sql_array, "uid='".$user['uid']."'");
} if(!$user['loginkey'])	} if(!$user['loginkey'])
Zeile 114	Zeile 130
$sql_array = array( "loginkey" => $user['loginkey'] );	$sql_array = array( "loginkey" => $user['loginkey'] );
$db->update_query("users", $sql_array, "uid = ".$user['uid'], 1);	$db->update_query("users", $sql_array, "uid = ".$user['uid']);
} if(salt_password(md5($password), $user['salt']) == $user['password']) {	} if(salt_password(md5($password), $user['salt']) == $user['password']) {
Zeile 143	Zeile 159
// If no salt was specified, check in database first, if still doesn't exist, create one if(!$salt) {	// If no salt was specified, check in database first, if still doesn't exist, create one if(!$salt) {
$query = $db->simple_select("users", "salt", "uid='$uid'", array('limit' => 1));	$query = $db->simple_select("users", "salt", "uid='$uid'");
$user = $db->fetch_array($query); if($user['salt']) {	$user = $db->fetch_array($query); if($user['salt']) {
Zeile 165	Zeile 181
// Update password and login key in database $newpassword['password'] = $saltedpw; $newpassword['loginkey'] = $loginkey;	// Update password and login key in database $newpassword['password'] = $saltedpw; $newpassword['loginkey'] = $loginkey;
$db->update_query("users", $newpassword, "uid='$uid'", 1);	$db->update_query("users", $newpassword, "uid='$uid'");
$plugins->run_hooks("password_changed");	$plugins->run_hooks("password_changed");
Zeile 182	Zeile 198
function salt_password($password, $salt) { return md5(md5($salt).$password);	function salt_password($password, $salt) { return md5(md5($salt).$password);
}	}
/** * Generates a random salt * * @return string The salt.	/** * Generates a random salt * * @return string The salt.
*/	*/
function generate_salt() { return random_str(8);	function generate_salt() { return random_str(8);
Zeile 202	Zeile 218
function generate_loginkey() { return random_str(50);	function generate_loginkey() { return random_str(50);
}	}
/** * Updates a user's salt in the database (does not update a password). * * @param int The uid of the user to update. * @return string The new salt.	/** * Updates a user's salt in the database (does not update a password). * * @param int The uid of the user to update. * @return string The new salt.
*/	*/
function update_salt($uid) { global $db;	function update_salt($uid) { global $db;
Zeile 218	Zeile 234
$sql_array = array( "salt" => $salt );	$sql_array = array( "salt" => $salt );
$db->update_query("users", $sql_array, "uid='{$uid}'", 1);	$db->update_query("users", $sql_array, "uid='{$uid}'");
return $salt; }	return $salt; }
Zeile 237	Zeile 253
$sql_array = array( "loginkey" => $loginkey );	$sql_array = array( "loginkey" => $loginkey );
$db->update_query("users", $sql_array, "uid='{$uid}'", 1);	$db->update_query("users", $sql_array, "uid='{$uid}'");
return $loginkey;	return $loginkey;
}	}
/** * Adds a thread to a user's thread subscription list. * If no uid is supplied, the currently logged in user's id will be used. * * @param int The tid of the thread to add to the list. * @param int (Optional) The type of notification to receive for replies (0=none, 1=instant)	/** * Adds a thread to a user's thread subscription list. * If no uid is supplied, the currently logged in user's id will be used. * * @param int The tid of the thread to add to the list. * @param int (Optional) The type of notification to receive for replies (0=none, 1=instant)
* @param int (Optional) The uid of the user who's list to update. * @return boolean True when success, false when otherwise.	* @param int (Optional) The uid of the user who's list to update. * @return boolean True when success, false when otherwise.
*/ function add_subscribed_thread($tid, $notification=1, $uid="") { global $mybb, $db;	*/ function add_subscribed_thread($tid, $notification=1, $uid="") { global $mybb, $db;
if(!$uid) {	if(!$uid) {
$uid = $mybb->user['uid']; } if(!$uid) { return;	$uid = $mybb->user['uid']; } if(!$uid) { return;
}	}

$query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'", array('limit' => 1));	$query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'");
$subscription = $db->fetch_array($query); if(!$subscription['tid']) {	$subscription = $db->fetch_array($query); if(!$subscription['tid']) {
Zeile 279	Zeile 295
); $db->insert_query("threadsubscriptions", $insert_array);	); $db->insert_query("threadsubscriptions", $insert_array);
}	}
else { // Subscription exists - simply update notification	else { // Subscription exists - simply update notification
Zeile 300	Zeile 316
* @return boolean True when success, false when otherwise. */ function remove_subscribed_thread($tid, $uid="")	* @return boolean True when success, false when otherwise. */ function remove_subscribed_thread($tid, $uid="")
{	{
global $mybb, $db; if(!$uid)	global $mybb, $db; if(!$uid)
Zeile 415	Zeile 431
* */ function usercp_menu_messenger()	* */ function usercp_menu_messenger()
{	{
global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;	global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
	$usercp_nav_messenger = $templates->get("usercp_nav_messenger"); // Hide tracking link if no permission $tracking = ''; if($mybb->usergroup['cantrackpms']) { $tracking = $templates->get("usercp_nav_messenger_tracking"); } eval("\$ucp_nav_tracking = \"". $tracking ."\";"); $folderlinks = '';
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {
Zeile 428	Zeile 454
$class = "usercp_nav_trash_pmfolder"; } else if($folderlinks)	$class = "usercp_nav_trash_pmfolder"; } else if($folderlinks)
{	{
$class = "usercp_nav_sub_pmfolder";	$class = "usercp_nav_sub_pmfolder";
}	}
else { $class = "usercp_nav_pmfolder";	else { $class = "usercp_nav_pmfolder";
}	}
$folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n"; }	$folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n"; }
eval("\$usercpmenu .= \"".$templates->get("usercp_nav_messenger")."\";"); } /**	eval("\$usercpmenu .= \"".$usercp_nav_messenger."\";"); } /**
* Constructs the usercp profile menu. * */ function usercp_menu_profile()	* Constructs the usercp profile menu. * */ function usercp_menu_profile()
{ global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;	{ global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
if($mybb->usergroup['canchangename'] != 0) { eval("\$changenameop = \"".$templates->get("usercp_nav_changename")."\";"); }	if($mybb->usergroup['canchangename'] != 0) { eval("\$changenameop = \"".$templates->get("usercp_nav_changename")."\";"); }
if($mybb->user['suspendsignature'] == 0 \|\| $mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > 0 && $mybb->user['suspendsigtime'] < TIME_NOW)	if($mybb->usergroup['canusesig'] == 1 && ($mybb->usergroup['canusesigxposts'] == 0 \|\| $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] > $mybb->usergroup['canusesigxposts']))
{	{
eval("\$changesigop = \"".$templates->get("usercp_nav_editsignature")."\";");	if($mybb->user['suspendsignature'] == 0 \|\| $mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > 0 && $mybb->user['suspendsigtime'] < TIME_NOW) { eval("\$changesigop = \"".$templates->get("usercp_nav_editsignature")."\";"); }
} eval("\$usercpmenu .= \"".$templates->get("usercp_nav_profile")."\";");	} eval("\$usercpmenu .= \"".$templates->get("usercp_nav_profile")."\";");
Zeile 470	Zeile 499
function usercp_menu_misc() { global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;	function usercp_menu_misc() { global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
	$draftstart = $draftend = $draftcount = '';
$query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); $count = $db->fetch_array($query);	$query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); $count = $db->fetch_array($query);
Zeile 534	Zeile 565
if(intval($uid) == 0) { $uid = $mybb->user['uid'];	if(intval($uid) == 0) { $uid = $mybb->user['uid'];
	} $uid = intval($uid); $pmcount = array(); if($uid == 0) { return $pmcount;
} // Update total number of messages.	} // Update total number of messages.
Zeile 552	Zeile 590
$pmcount['unreadpms'] = $unread['pms_unread']; }	$pmcount['unreadpms'] = $unread['pms_unread']; }
if(is_array($pmcount))	if(!empty($pmcount))
{	{
$db->update_query("users", $pmcount, "uid='".intval($uid)."'");	$db->update_query("users", $pmcount, "uid='".$uid."'");
} return $pmcount; }	} return $pmcount; }