Vergleich inc/functions_user.php - 1.6.5 - 1.6.15

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 6	Zeile 6
* Website: http://mybb.com * License: http://mybb.com/about/license *	* Website: http://mybb.com * License: http://mybb.com/about/license *
* $Id: functions_user.php 5616 2011-09-20 13:24:59Z Tomm $	* $Id$
/ /*	/ /*
Zeile 40	Zeile 40
{ global $db;	{ global $db;
$query = $db->simple_select("users", "COUNT(*) as user", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'", array('limit' => 1));	$username = $db->escape_string(my_strtolower($username)); $query = $db->simple_select("users", "COUNT(*) as user", "LOWER(username)='".$username."' OR LOWER(email)='".$username."'", array('limit' => 1));
if($db->fetch_field($query, 'user') == 1) {	if($db->fetch_field($query, 'user') == 1) {
Zeile 61	Zeile 62
*/ function validate_password_from_username($username, $password) {	*/ function validate_password_from_username($username, $password) {
global $db; $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$db->escape_string(my_strtolower($username))."'", array('limit' => 1));	global $db, $mybb; $username = $db->escape_string(my_strtolower($username)); switch($mybb->settings['username_method']) { case 0: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."'", array('limit' => 1)); break; case 1: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(email)='".$username."'", array('limit' => 1)); break; case 2: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."' OR LOWER(email)='".$username."'", array('limit' => 1)); break; default: $query = $db->simple_select("users", "uid,username,password,salt,loginkey,coppauser,usergroup", "LOWER(username)='".$username."'", array('limit' => 1)); break; }
$user = $db->fetch_array($query); if(!$user['uid'])	$user = $db->fetch_array($query); if(!$user['uid'])
{ return false; }	{ return false; }
else { return validate_password_from_uid($user['uid'], $password, $user);	else { return validate_password_from_uid($user['uid'], $password, $user);
Zeile 87	Zeile 103
function validate_password_from_uid($uid, $password, $user = array()) { global $db, $mybb;	function validate_password_from_uid($uid, $password, $user = array()) { global $db, $mybb;
if($mybb->user['uid'] == $uid)	if(isset($mybb->user['uid']) && $mybb->user['uid'] == $uid)
{ $user = $mybb->user; } if(!$user['password']) {	{ $user = $mybb->user; } if(!$user['password']) {
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'", array('limit' => 1));	$query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup", "uid='".intval($uid)."'");
$user = $db->fetch_array($query); } if(!$user['salt'])	$user = $db->fetch_array($query); } if(!$user['salt'])
Zeile 105	Zeile 121
"salt" => $user['salt'], "password" => $user['password'] );	"salt" => $user['salt'], "password" => $user['password'] );
$db->update_query("users", $sql_array, "uid='".$user['uid']."'", 1);	$db->update_query("users", $sql_array, "uid='".$user['uid']."'");
} if(!$user['loginkey'])	} if(!$user['loginkey'])
Zeile 114	Zeile 130
$sql_array = array( "loginkey" => $user['loginkey'] );	$sql_array = array( "loginkey" => $user['loginkey'] );
$db->update_query("users", $sql_array, "uid = ".$user['uid'], 1);	$db->update_query("users", $sql_array, "uid = ".$user['uid']);
} if(salt_password(md5($password), $user['salt']) == $user['password']) {	} if(salt_password(md5($password), $user['salt']) == $user['password']) {
Zeile 123	Zeile 139
else { return false;	else { return false;
}	}
} /** * Updates a user's password. * * @param int The user's id.	} /** * Updates a user's password. * * @param int The user's id.
* @param string The md5()'ed password.	* @param string The md5()'ed password.
* @param string (Optional) The salt of the user. * @return array The new password. */ function update_password($uid, $password, $salt="") { global $db, $plugins;	* @param string (Optional) The salt of the user. * @return array The new password. */ function update_password($uid, $password, $salt="") { global $db, $plugins;

$newpassword = array(); // If no salt was specified, check in database first, if still doesn't exist, create one if(!$salt) {	$newpassword = array(); // If no salt was specified, check in database first, if still doesn't exist, create one if(!$salt) {
$query = $db->simple_select("users", "salt", "uid='$uid'", array('limit' => 1));	$query = $db->simple_select("users", "salt", "uid='$uid'");
$user = $db->fetch_array($query); if($user['salt']) {	$user = $db->fetch_array($query); if($user['salt']) {
Zeile 165	Zeile 181
// Update password and login key in database $newpassword['password'] = $saltedpw; $newpassword['loginkey'] = $loginkey;	// Update password and login key in database $newpassword['password'] = $saltedpw; $newpassword['loginkey'] = $loginkey;
$db->update_query("users", $newpassword, "uid='$uid'", 1);	$db->update_query("users", $newpassword, "uid='$uid'");
$plugins->run_hooks("password_changed");	$plugins->run_hooks("password_changed");
Zeile 182	Zeile 198
function salt_password($password, $salt) { return md5(md5($salt).$password);	function salt_password($password, $salt) { return md5(md5($salt).$password);
}	}
/** * Generates a random salt * * @return string The salt.	/** * Generates a random salt * * @return string The salt.
*/	*/
function generate_salt() { return random_str(8);	function generate_salt() { return random_str(8);
Zeile 202	Zeile 218
function generate_loginkey() { return random_str(50);	function generate_loginkey() { return random_str(50);
}	}
/** * Updates a user's salt in the database (does not update a password). * * @param int The uid of the user to update. * @return string The new salt.	/** * Updates a user's salt in the database (does not update a password). * * @param int The uid of the user to update. * @return string The new salt.
*/	*/
function update_salt($uid) { global $db;	function update_salt($uid) { global $db;
Zeile 218	Zeile 234
$sql_array = array( "salt" => $salt );	$sql_array = array( "salt" => $salt );
$db->update_query("users", $sql_array, "uid='{$uid}'", 1);	$db->update_query("users", $sql_array, "uid='{$uid}'");
return $salt; }	return $salt; }
Zeile 237	Zeile 253
$sql_array = array( "loginkey" => $loginkey );	$sql_array = array( "loginkey" => $loginkey );
$db->update_query("users", $sql_array, "uid='{$uid}'", 1);	$db->update_query("users", $sql_array, "uid='{$uid}'");
return $loginkey;	return $loginkey;
} /**	} /**
* Adds a thread to a user's thread subscription list. * If no uid is supplied, the currently logged in user's id will be used. * * @param int The tid of the thread to add to the list. * @param int (Optional) The type of notification to receive for replies (0=none, 1=instant)	* Adds a thread to a user's thread subscription list. * If no uid is supplied, the currently logged in user's id will be used. * * @param int The tid of the thread to add to the list. * @param int (Optional) The type of notification to receive for replies (0=none, 1=instant)
* @param int (Optional) The uid of the user who's list to update. * @return boolean True when success, false when otherwise. */	* @param int (Optional) The uid of the user who's list to update. * @return boolean True when success, false when otherwise. */
function add_subscribed_thread($tid, $notification=1, $uid="") { global $mybb, $db;	function add_subscribed_thread($tid, $notification=1, $uid="") { global $mybb, $db;
Zeile 266	Zeile 282
return; }	return; }
$query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'", array('limit' => 1));	$query = $db->simple_select("threadsubscriptions", "*", "tid='".intval($tid)."' AND uid='".intval($uid)."'");
$subscription = $db->fetch_array($query); if(!$subscription['tid']) {	$subscription = $db->fetch_array($query); if(!$subscription['tid']) {
Zeile 300	Zeile 316
* @return boolean True when success, false when otherwise. */ function remove_subscribed_thread($tid, $uid="")	* @return boolean True when success, false when otherwise. */ function remove_subscribed_thread($tid, $uid="")
{ global $mybb, $db;	{ global $mybb, $db;
if(!$uid) { $uid = $mybb->user['uid'];	if(!$uid) { $uid = $mybb->user['uid'];
Zeile 418	Zeile 434
{ global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;	{ global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
	$usercp_nav_messenger = $templates->get("usercp_nav_messenger"); // Hide tracking link if no permission $tracking = ''; if($mybb->usergroup['cantrackpms']) { $tracking = $templates->get("usercp_nav_messenger_tracking"); } eval("\$ucp_nav_tracking = \"". $tracking ."\";"); $folderlinks = '';
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {
Zeile 439	Zeile 465
$folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n"; }	$folderlinks .= "<div><a href=\"private.php?fid=$folderinfo[0]\" class=\"usercp_nav_item {$class}\">$folderinfo[1]</a></div>\n"; }
eval("\$usercpmenu .= \"".$templates->get("usercp_nav_messenger")."\";");	eval("\$usercpmenu .= \"".$usercp_nav_messenger."\";");
} /**	} /**
Zeile 473	Zeile 499
function usercp_menu_misc() { global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;	function usercp_menu_misc() { global $db, $mybb, $templates, $theme, $usercpmenu, $lang, $collapsed, $collapsedimg;
	$draftstart = $draftend = $draftcount = '';
$query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); $count = $db->fetch_array($query); if($count['draftcount'] > 0)	$query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); $count = $db->fetch_array($query); if($count['draftcount'] > 0)
{	{
$draftstart = "<strong>"; $draftend = "</strong>"; $draftcount = "(".my_number_format($count['draftcount']).")";	$draftstart = "<strong>"; $draftend = "</strong>"; $draftcount = "(".my_number_format($count['draftcount']).")";
Zeile 486	Zeile 514
$profile_link = get_profile_link($mybb->user['uid']); eval("\$usercpmenu .= \"".$templates->get("usercp_nav_misc")."\";");	$profile_link = get_profile_link($mybb->user['uid']); eval("\$usercpmenu .= \"".$templates->get("usercp_nav_misc")."\";");
}	}
/** * Gets the usertitle for a specific uid. * * @param int The uid of the user to get the usertitle of. * @return string The usertitle of the user.	/** * Gets the usertitle for a specific uid. * * @param int The uid of the user to get the usertitle of. * @return string The usertitle of the user.
*/	*/
function get_usertitle($uid="") { global $db, $mybb;	function get_usertitle($uid="") { global $db, $mybb;
Zeile 506	Zeile 534
{ $query = $db->simple_select("users", "usertitle,postnum", "uid='$uid'", array('limit' => 1)); $user = $db->fetch_array($query);	{ $query = $db->simple_select("users", "usertitle,postnum", "uid='$uid'", array('limit' => 1)); $user = $db->fetch_array($query);
}	}
if($user['usertitle']) { return $user['usertitle'];	if($user['usertitle']) { return $user['usertitle'];
Zeile 537	Zeile 565
if(intval($uid) == 0) { $uid = $mybb->user['uid'];	if(intval($uid) == 0) { $uid = $mybb->user['uid'];
	} $uid = intval($uid); $pmcount = array(); if($uid == 0) { return $pmcount;
} // Update total number of messages.	} // Update total number of messages.
Zeile 555	Zeile 590
$pmcount['unreadpms'] = $unread['pms_unread']; }	$pmcount['unreadpms'] = $unread['pms_unread']; }
if(is_array($pmcount))	if(!empty($pmcount))
{	{
$db->update_query("users", $pmcount, "uid='".intval($uid)."'");	$db->update_query("users", $pmcount, "uid='".$uid."'");
} return $pmcount; }	} return $pmcount; }