Vergleich inc/datahandlers/user.php - 1.8.9 - 1.8.15

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 187Zeile 187
		}

// Has the user tried to use their email address or username as a password?

		}

// Has the user tried to use their email address or username as a password?

		if($user['email'] === $user['password'] || $user['username'] === $user['password'])



		if($user['email'] === $user['password'] || $user['username'] === $user['password']
|| strpos($user['password'], $user['email']) !== false || strpos($user['password'], $user['username']) !== false
|| strpos($user['email'], $user['password']) !== false || strpos($user['username'], $user['password']) !== false)

		{
$this->set_error('bad_password_security');
return false;

		{
$this->set_error('bad_password_security');
return false;

Zeile 211Zeile 213
			$this->set_error("passwords_dont_match");
return false;
}

			$this->set_error("passwords_dont_match");
return false;
}


// Generate our salt
$user['salt'] = generate_salt();

// Combine the password and salt
$user['saltedpw'] = create_password_hash($user['password'], $user['salt'], $user);

 

// Generate the user login key
$user['loginkey'] = generate_loginkey();



// Generate the user login key
$user['loginkey'] = generate_loginkey();


		return true;
}






		// Combine the password and salt
$password_fields = create_password($user['password'], false, $user);
$user = array_merge($user, $password_fields);

return true;
}


	/**
* Verifies usergroup selections and other group details.
*
* @return boolean True when valid, false when invalid.
*/
function verify_usergroup()

	/**
* Verifies usergroup selections and other group details.
*
* @return boolean True when valid, false when invalid.
*/
function verify_usergroup()

	{
return true;
}

	{
return true;
}

	/**
* Verifies if an email address is valid or not.
*

	/**
* Verifies if an email address is valid or not.
*

Zeile 248Zeile 248
		if(trim_blank_chrs($user['email']) == '')
{
$this->set_error('missing_email');

		if(trim_blank_chrs($user['email']) == '')
{
$this->set_error('missing_email');

			return false;
}

			return false;
}


// Check if this is a proper email address.
if(!validate_email_format($user['email']))


// Check if this is a proper email address.
if(!validate_email_format($user['email']))

		{

		{

			$this->set_error('invalid_email_format');

			$this->set_error('invalid_email_format');

			return false;
}

			return false;
}


// Check banned emails
if(is_banned_email($user['email'], true))
{
$this->set_error('banned_email');


// Check banned emails
if(is_banned_email($user['email'], true))
{
$this->set_error('banned_email');

			return false;
}


			return false;
}


		// Check signed up emails
// Ignore the ACP because the Merge System sometimes produces users with duplicate email addresses (Not A Bug)
if($mybb->settings['allowmultipleemails'] == 0 && !defined("IN_ADMINCP"))

		// Check signed up emails
// Ignore the ACP because the Merge System sometimes produces users with duplicate email addresses (Not A Bug)
if($mybb->settings['allowmultipleemails'] == 0 && !defined("IN_ADMINCP"))

Zeile 279Zeile 279
				$this->set_error('email_already_in_use');
return false;
}

				$this->set_error('email_already_in_use');
return false;
}

		}


		}


		// If we have an "email2", verify it matches the existing email
if(isset($user['email2']) && $user['email'] != $user['email2'])
{

		// If we have an "email2", verify it matches the existing email
if(isset($user['email2']) && $user['email'] != $user['email2'])
{

Zeile 308Zeile 308
		if(!empty($website) && !my_validate_url($website))
{
$this->set_error('invalid_website');

		if(!empty($website) && !my_validate_url($website))
{
$this->set_error('invalid_website');

			return false;
}

return true;
}

			return false;
}

return true;
}


/**
* Verifies if an ICQ number is valid or not.


/**
* Verifies if an ICQ number is valid or not.

Zeile 345Zeile 345
		$birthday = &$user['birthday'];

if(!is_array($birthday))

		$birthday = &$user['birthday'];

if(!is_array($birthday))

		{

		{

			return true;
}

			return true;
}





		// Sanitize any input we have
$birthday['day'] = (int)$birthday['day'];
$birthday['month'] = (int)$birthday['month'];

		// Sanitize any input we have
$birthday['day'] = (int)$birthday['day'];
$birthday['month'] = (int)$birthday['month'];

Zeile 358Zeile 358
		if($birthday['day'] != 0 || $birthday['month'] != 0)
{
if($birthday['day'] < 1 || $birthday['day'] > 31 || $birthday['month'] < 1 || $birthday['month'] > 12 || ($birthday['month'] == 2 && $birthday['day'] > 29))

		if($birthday['day'] != 0 || $birthday['month'] != 0)
{
if($birthday['day'] < 1 || $birthday['day'] > 31 || $birthday['month'] < 1 || $birthday['month'] > 12 || ($birthday['month'] == 2 && $birthday['day'] > 29))

			{
$this->set_error("invalid_birthday");
return false;

			{
$this->set_error("invalid_birthday");
return false;

			}

			}

		}

		}


// Check if the day actually exists.
$months = get_bdays($birthday['year']);
if($birthday['month'] != 0 && $birthday['day'] > $months[$birthday['month']-1])


// Check if the day actually exists.
$months = get_bdays($birthday['year']);
if($birthday['month'] != 0 && $birthday['day'] > $months[$birthday['month']-1])

		{
$this->set_error("invalid_birthday");

		{
$this->set_error("invalid_birthday");

			return false;
}


			return false;
}


Zeile 376Zeile 376
		if($birthday['year'] != 0 && ($birthday['year'] < (date("Y")-100)) || $birthday['year'] > date("Y"))
{
$this->set_error("invalid_birthday");

		if($birthday['year'] != 0 && ($birthday['year'] < (date("Y")-100)) || $birthday['year'] > date("Y"))
{
$this->set_error("invalid_birthday");

			return false;

			return false;

		}
else if($birthday['year'] == date("Y"))
{

		}
else if($birthday['year'] == date("Y"))
{

Zeile 407Zeile 407
			$user['bday'] = $birthday['day']."-".$birthday['month']."-".$birthday['year'];
}
elseif($birthday['day'] && $birthday['month'])

			$user['bday'] = $birthday['day']."-".$birthday['month']."-".$birthday['year'];
}
elseif($birthday['day'] && $birthday['month'])

		{

		{

			// If only a day and month are specified, put together a d-m string
$user['bday'] = $birthday['day']."-".$birthday['month']."-";
}

			// If only a day and month are specified, put together a d-m string
$user['bday'] = $birthday['day']."-".$birthday['month']."-";
}

Zeile 435Zeile 435
		if(!in_array($birthdayprivacy, $accepted))
{
$this->set_error("invalid_birthday_privacy");

		if(!in_array($birthdayprivacy, $accepted))
{
$this->set_error("invalid_birthday_privacy");

			return false;
}
return true;
}

			return false;
}
return true;
}


/**
* Verifies if the post count field is filled in correctly.


/**
* Verifies if the post count field is filled in correctly.

Zeile 452Zeile 452
		if(isset($user['postnum']) && $user['postnum'] < 0)
{
$this->set_error("invalid_postnum");

		if(isset($user['postnum']) && $user['postnum'] < 0)
{
$this->set_error("invalid_postnum");

			return false;
}

return true;
}

			return false;
}

return true;
}


/**
* Verifies if the thread count field is filled in correctly.


/**
* Verifies if the thread count field is filled in correctly.

Zeile 466Zeile 466
	function verify_threadnum()
{
$user = &$this->data;

	function verify_threadnum()
{
$user = &$this->data;





		if(isset($user['threadnum']) && $user['threadnum'] < 0)
{
$this->set_error("invalid_threadnum");

		if(isset($user['threadnum']) && $user['threadnum'] < 0)
{
$this->set_error("invalid_threadnum");

			return false;
}

return true;
}


			return false;
}

return true;
}


	/**
* Verifies if a profile fields are filled in correctly.
*

	/**
* Verifies if a profile fields are filled in correctly.
*

Zeile 484Zeile 484
	function verify_profile_fields()
{
global $db, $cache;

	function verify_profile_fields()
{
global $db, $cache;





		$user = &$this->data;
$profile_fields = &$this->data['profile_fields'];


		$user = &$this->data;
$profile_fields = &$this->data['profile_fields'];


Zeile 492Zeile 492

// Fetch all profile fields first.
$pfcache = $cache->read('profilefields');


// Fetch all profile fields first.
$pfcache = $cache->read('profilefields');





		if(is_array($pfcache))
{
// Then loop through the profile fields.

		if(is_array($pfcache))
{
// Then loop through the profile fields.

Zeile 541Zeile 541
				// Sort out multiselect/checkbox profile fields.
$options = '';
if(($type == "multiselect" || $type == "checkbox") && is_array($profile_fields[$field]))

				// Sort out multiselect/checkbox profile fields.
$options = '';
if(($type == "multiselect" || $type == "checkbox") && is_array($profile_fields[$field]))

				{

				{

					$expoptions = explode("\n", $thing[1]);
$expoptions = array_map('trim', $expoptions);
foreach($profile_fields[$field] as $value)

					$expoptions = explode("\n", $thing[1]);
$expoptions = array_map('trim', $expoptions);
foreach($profile_fields[$field] as $value)

Zeile 574Zeile 574
						$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
}


						$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
}


					if(!empty($profilefield['regex']) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))

					if(!empty($profilefield['regex']) && !empty($profile_fields[$field]) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))

					{
$this->set_error('bad_profile_field_value', array($profilefield['name']));
}

					{
$this->set_error('bad_profile_field_value', array($profilefield['name']));
}

Zeile 607Zeile 607
			if(empty($referrer['uid']))
{
$this->set_error('invalid_referrer', array($user['referrer']));

			if(empty($referrer['uid']))
{
$this->set_error('invalid_referrer', array($user['referrer']));

				return false;

				return false;

			}

$user['referrer_uid'] = $referrer['uid'];

			}

$user['referrer_uid'] = $referrer['uid'];

Zeile 655Zeile 655
			$this->verify_yesno_option($options, 'classicpostbit', 1);
}
else

			$this->verify_yesno_option($options, 'classicpostbit', 1);
}
else

		{

		{

			$this->verify_yesno_option($options, 'classicpostbit', 0);
}


			$this->verify_yesno_option($options, 'classicpostbit', 0);
}


Zeile 686Zeile 686
		else if($options['dstcorrection'] == 0)
{
$options['dst'] = 0;

		else if($options['dstcorrection'] == 0)
{
$options['dst'] = 0;

		}


		}


		if($this->method == "insert" || (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded"))
{
if($mybb->settings['threadusenetstyle'])

		if($this->method == "insert" || (isset($options['threadmode']) && $options['threadmode'] != "linear" && $options['threadmode'] != "threaded"))
{
if($mybb->settings['threadusenetstyle'])

Zeile 736Zeile 736
				if($options['ppp'] > $biggest)
{
$options['ppp'] = $biggest;

				if($options['ppp'] > $biggest)
{
$options['ppp'] = $biggest;

				}
}

				}
}

			$options['ppp'] = (int)$options['ppp'];
}
// Is our selected "days prune" option valid or not?

			$options['ppp'] = (int)$options['ppp'];
}
// Is our selected "days prune" option valid or not?

Zeile 1095Zeile 1095

$this->user_insert_data = array(
"username" => $db->escape_string($user['username']),


$this->user_insert_data = array(
"username" => $db->escape_string($user['username']),

			"password" => $user['saltedpw'],

			"password" => $user['password'],

			"salt" => $user['salt'],
"loginkey" => $user['loginkey'],
"email" => $db->escape_string($user['email']),

			"salt" => $user['salt'],
"loginkey" => $user['loginkey'],
"email" => $db->escape_string($user['email']),

Zeile 1258Zeile 1258
		{
$this->user_update_data['username'] = $db->escape_string($user['username']);
}

		{
$this->user_update_data['username'] = $db->escape_string($user['username']);
}

		if(isset($user['saltedpw']))





		if(isset($user['password']))
{
$this->user_update_data['password'] = $user['password'];
}
if(isset($user['salt']))

		{

		{

			$this->user_update_data['password'] = $user['saltedpw'];

 
			$this->user_update_data['salt'] = $user['salt'];

			$this->user_update_data['salt'] = $user['salt'];

 
		}
if(isset($user['loginkey']))
{

			$this->user_update_data['loginkey'] = $user['loginkey'];
}
if(isset($user['email']))

			$this->user_update_data['loginkey'] = $user['loginkey'];
}
if(isset($user['email']))

Zeile 1583Zeile 1589
		$cache->update_forumsdisplay();
$cache->update_reportedcontent();
$cache->update_awaitingactivation();

		$cache->update_forumsdisplay();
$cache->update_reportedcontent();
$cache->update_awaitingactivation();

 
		$cache->update_birthdays();


return $this->return_values;
}


return $this->return_values;
}