Vergleich inc/datahandlers/user.php - 1.8.8 - 1.8.17

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 187	Zeile 187
} // Has the user tried to use their email address or username as a password?	} // Has the user tried to use their email address or username as a password?
if($user['email'] === $user['password'] \|\| $user['username'] === $user['password'])	if(!empty($user['email']) && !empty($user['username']))
{	{
$this->set_error('bad_password_security'); return false;	if($user['email'] === $user['password'] \|\| $user['username'] === $user['password'] \|\| strpos($user['password'], $user['email']) !== false \|\| strpos($user['password'], $user['username']) !== false \|\| strpos($user['email'], $user['password']) !== false \|\| strpos($user['username'], $user['password']) !== false) { $this->set_error('bad_password_security'); return false; }
} // See if the board has "require complex passwords" enabled.	} // See if the board has "require complex passwords" enabled.
Zeile 211	Zeile 216
$this->set_error("passwords_dont_match"); return false; }	$this->set_error("passwords_dont_match"); return false; }
// MD5 the password $user['md5password'] = md5($user['password']); // Generate our salt $user['salt'] = generate_salt(); // Combine the password and salt $user['saltedpw'] = salt_password($user['md5password'], $user['salt']);
// Generate the user login key $user['loginkey'] = generate_loginkey();	// Generate the user login key $user['loginkey'] = generate_loginkey();
	// Combine the password and salt $password_fields = create_password($user['password'], false, $user); $user = array_merge($user, $password_fields); return true; } /** * Verifies usergroup selections and other group details. * * @return boolean True when valid, false when invalid. */ function verify_usergroup() {
return true; }	return true; }

/**	/**
* Verifies usergroup selections and other group details.	* Verifies if an email address is valid or not.
* * @return boolean True when valid, false when invalid. */	* * @return boolean True when valid, false when invalid. */
function verify_usergroup()	function verify_email()
{	{
return true; } /** * Verifies if an email address is valid or not. * * @return boolean True when valid, false when invalid. */ function verify_email() { global $mybb;	global $mybb;
$user = &$this->data; // Check if an email address has actually been entered.	$user = &$this->data; // Check if an email address has actually been entered.
Zeile 288	Zeile 288
if(isset($user['email2']) && $user['email'] != $user['email2']) { $this->set_error("emails_dont_match");	if(isset($user['email2']) && $user['email'] != $user['email2']) { $this->set_error("emails_dont_match");
return false; } return true; } /**	return false; } return true; } /**
* Verifies if a website is valid or not. * * @return boolean True when valid, false when invalid.	* Verifies if a website is valid or not. * * @return boolean True when valid, false when invalid.
Zeile 381	Zeile 381
$this->set_error("invalid_birthday"); return false; }	$this->set_error("invalid_birthday"); return false; }
else if($birthday['year'] == date("Y"))	elseif($birthday['year'] == date("Y"))
{ // Error if birth date is in future if($birthday['month'] > date("m") \|\| ($birthday['month'] == date("m") && $birthday['day'] > date("d")))	{ // Error if birth date is in future if($birthday['month'] > date("m") \|\| ($birthday['month'] == date("m") && $birthday['day'] > date("d")))
Zeile 395	Zeile 395
if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 \|\| !$birthday['year'])) { $this->set_error("invalid_birthday_coppa");	if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 \|\| !$birthday['year'])) { $this->set_error("invalid_birthday_coppa");
return false;	return false;
} elseif(($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) && !is_moderator()) {	} elseif(($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) && !is_moderator()) {
Zeile 577	Zeile 577
$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength'])); }	$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength'])); }
if(!empty($profilefield['regex']) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))	if(!empty($profilefield['regex']) && !empty($profile_fields[$field]) && !preg_match("#".$profilefield['regex']."#i", $profile_fields[$field]))
{ $this->set_error('bad_profile_field_value', array($profilefield['name'])); }	{ $this->set_error('bad_profile_field_value', array($profilefield['name'])); }
Zeile 686	Zeile 686
{ $options['dst'] = 1; }	{ $options['dst'] = 1; }
else if($options['dstcorrection'] == 0)	elseif($options['dstcorrection'] == 0)
{ $options['dst'] = 0; }	{ $options['dst'] = 0; }
Zeile 834	Zeile 834
$user['away']['awayreason'] = ''; return true; }	$user['away']['awayreason'] = ''; return true; }
else if($user['away']['returndate'])	elseif($user['away']['returndate'])
{	{
	// Validate the awayreason length, since the db holds 200 chars for this field $reasonlength = my_strlen($user['away']['awayreason']); if($reasonlength > 200) { $this->set_error("away_too_long", array($reasonlength - 200)); return false; }
list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']); if(!$returnday \|\| !$returnmonth \|\| !$returnyear) {	list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']); if(!$returnday \|\| !$returnmonth \|\| !$returnyear) {
Zeile 855	Zeile 863
* @return boolean True when valid, false when invalid. */ function verify_language()	* @return boolean True when valid, false when invalid. */ function verify_language()
{ global $lang;	{ global $lang;
$language = &$this->data['language'];	$language = &$this->data['language'];
Zeile 978	Zeile 986
if($this->method == "insert" \|\| array_key_exists('email', $user)) { $this->verify_email();	if($this->method == "insert" \|\| array_key_exists('email', $user)) { $this->verify_email();
}	}
if($this->method == "insert" \|\| array_key_exists('website', $user)) { $this->verify_website();	if($this->method == "insert" \|\| array_key_exists('website', $user)) { $this->verify_website();
Zeile 986	Zeile 994
if($this->method == "insert" \|\| array_key_exists('icq', $user)) { $this->verify_icq();	if($this->method == "insert" \|\| array_key_exists('icq', $user)) { $this->verify_icq();
}	}
if($this->method == "insert" \|\| (isset($user['birthday']) && is_array($user['birthday'])))	if($this->method == "insert" \|\| (isset($user['birthday']) && is_array($user['birthday'])))
{	{
$this->verify_birthday(); } if($this->method == "insert" \|\| array_key_exists('postnum', $user))	$this->verify_birthday(); } if($this->method == "insert" \|\| array_key_exists('postnum', $user))
Zeile 998	Zeile 1006
if($this->method == "insert" \|\| array_key_exists('threadnum', $user)) { $this->verify_threadnum();	if($this->method == "insert" \|\| array_key_exists('threadnum', $user)) { $this->verify_threadnum();
}	}
if($this->method == "insert" \|\| array_key_exists('profile_fields', $user)) { $this->verify_profile_fields();	if($this->method == "insert" \|\| array_key_exists('profile_fields', $user)) { $this->verify_profile_fields();
Zeile 1083	Zeile 1091
if(count($this->get_errors()) > 0) { die("The user is not valid.");	if(count($this->get_errors()) > 0) { die("The user is not valid.");
} $user = &$this->data;	}

$array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'aim', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');	$user = &$this->data; $array = array('postnum', 'threadnum', 'avatar', 'avatartype', 'additionalgroups', 'displaygroup', 'icq', 'yahoo', 'skype', 'google', 'bday', 'signature', 'style', 'dateformat', 'timeformat', 'notepad');
foreach($array as $value) { if(!isset($user[$value]))	foreach($array as $value) { if(!isset($user[$value]))
Zeile 1098	Zeile 1106
$this->user_insert_data = array( "username" => $db->escape_string($user['username']),	$this->user_insert_data = array( "username" => $db->escape_string($user['username']),
"password" => $user['saltedpw'],	"password" => $user['password'],
"salt" => $user['salt'], "loginkey" => $user['loginkey'], "email" => $db->escape_string($user['email']),	"salt" => $user['salt'], "loginkey" => $user['loginkey'], "email" => $db->escape_string($user['email']),
Zeile 1115	Zeile 1123
"lastvisit" => (int)$user['lastvisit'], "website" => $db->escape_string($user['website']), "icq" => (int)$user['icq'],	"lastvisit" => (int)$user['lastvisit'], "website" => $db->escape_string($user['website']), "icq" => (int)$user['icq'],
"aim" => $db->escape_string($user['aim']),
"yahoo" => $db->escape_string($user['yahoo']), "skype" => $db->escape_string($user['skype']), "google" => $db->escape_string($user['google']),	"yahoo" => $db->escape_string($user['yahoo']), "skype" => $db->escape_string($user['skype']), "google" => $db->escape_string($user['google']),
Zeile 1175	Zeile 1182
{ $this->user_insert_data['dst'] = 1; }	{ $this->user_insert_data['dst'] = 1; }
else if($user['options']['dstcorrection'] == 0)	elseif($user['options']['dstcorrection'] == 0)
{ $this->user_insert_data['dst'] = 0; }	{ $this->user_insert_data['dst'] = 0; }
Zeile 1261	Zeile 1268
{ $this->user_update_data['username'] = $db->escape_string($user['username']); }	{ $this->user_update_data['username'] = $db->escape_string($user['username']); }
if(isset($user['saltedpw']))	if(isset($user['password'])) { $this->user_update_data['password'] = $user['password']; } if(isset($user['salt']))
{	{
$this->user_update_data['password'] = $user['saltedpw'];
$this->user_update_data['salt'] = $user['salt'];	$this->user_update_data['salt'] = $user['salt'];
	} if(isset($user['loginkey'])) {
$this->user_update_data['loginkey'] = $user['loginkey']; } if(isset($user['email']))	$this->user_update_data['loginkey'] = $user['loginkey']; } if(isset($user['email']))
Zeile 1299	Zeile 1312
if(isset($user['usertitle'])) { $this->user_update_data['usertitle'] = $db->escape_string($user['usertitle']);	if(isset($user['usertitle'])) { $this->user_update_data['usertitle'] = $db->escape_string($user['usertitle']);
}	}
if(isset($user['regdate'])) { $this->user_update_data['regdate'] = (int)$user['regdate'];	if(isset($user['regdate'])) { $this->user_update_data['regdate'] = (int)$user['regdate'];
Zeile 1323	Zeile 1336
if(isset($user['icq'])) { $this->user_update_data['icq'] = (int)$user['icq'];	if(isset($user['icq'])) { $this->user_update_data['icq'] = (int)$user['icq'];
} if(isset($user['aim'])) { $this->user_update_data['aim'] = $db->escape_string($user['aim']);
} if(isset($user['yahoo'])) {	} if(isset($user['yahoo'])) {
Zeile 1371	Zeile 1380
if(isset($user['language'])) { $this->user_update_data['language'] = $db->escape_string($user['language']);	if(isset($user['language'])) { $this->user_update_data['language'] = $db->escape_string($user['language']);
}	}
if(isset($user['away'])) { $this->user_update_data['away'] = (int)$user['away']['away'];	if(isset($user['away'])) { $this->user_update_data['away'] = (int)$user['away']['away'];
Zeile 1405	Zeile 1414
if($old_user['pmnotice'] == "2" && $this->user_update_data['pmnotice'] == 1) { unset($this->user_update_data['pmnotice']);	if($old_user['pmnotice'] == "2" && $this->user_update_data['pmnotice'] == 1) { unset($this->user_update_data['pmnotice']);
}	}
$plugins->run_hooks("datahandler_user_update", $this); if(count($this->user_update_data) < 1 && empty($user['user_fields']))	$plugins->run_hooks("datahandler_user_update", $this); if(count($this->user_update_data) < 1 && empty($user['user_fields']))
Zeile 1452	Zeile 1461
$user_fields[$field['Field']] = ''; } $db->insert_query("userfields", $user_fields);	$user_fields[$field['Field']] = ''; } $db->insert_query("userfields", $user_fields);
}	}
$db->update_query("userfields", $user['user_fields'], "ufid='{$user['uid']}'", false); }	$db->update_query("userfields", $user['user_fields'], "ufid='{$user['uid']}'", false); }
Zeile 1476	Zeile 1485
{ // User was latest to register, update stats update_stats(array("numusers" => "+0"));	{ // User was latest to register, update stats update_stats(array("numusers" => "+0"));
} }	} }
return true; }	return true; }

/** * Provides a method to completely delete a user. *	/** * Provides a method to completely delete a user. *
Zeile 1497	Zeile 1506
if(count($this->get_errors()) > 0) { die('The user is not valid.');	if(count($this->get_errors()) > 0) { die('The user is not valid.');
} $this->delete_uids = array_map('intval', (array)$delete_uids);	} $this->delete_uids = array_map('intval', (array)$delete_uids);
foreach($this->delete_uids as $key => $uid) { if(!$uid \|\| is_super_admin($uid) \|\| $uid == $mybb->user['uid'])	foreach($this->delete_uids as $key => $uid) { if(!$uid \|\| is_super_admin($uid) \|\| $uid == $mybb->user['uid'])
Zeile 1509	Zeile 1518
unset($this->delete_uids[$key]); } }	unset($this->delete_uids[$key]); } }

$plugins->run_hooks('datahandler_user_delete_start', $this); $this->delete_uids = implode(',', $this->delete_uids);	$plugins->run_hooks('datahandler_user_delete_start', $this); $this->delete_uids = implode(',', $this->delete_uids);
Zeile 1522	Zeile 1531
); return $this->return_values;	); return $this->return_values;
} $this->delete_content();	} $this->delete_content();
// Delete the user $query = $db->delete_query('users', "uid IN({$this->delete_uids})");	// Delete the user $query = $db->delete_query('users', "uid IN({$this->delete_uids})");
Zeile 1548	Zeile 1557
$db->update_query('privatemessages', array('fromid' => 0), "fromid IN({$this->delete_uids})"); $db->update_query('users', array('referrer' => 0), "referrer IN({$this->delete_uids})");	$db->update_query('privatemessages', array('fromid' => 0), "fromid IN({$this->delete_uids})"); $db->update_query('users', array('referrer' => 0), "referrer IN({$this->delete_uids})");

// Update thread ratings $query = $db->query(" SELECT r.*, t.numratings, t.totalratings	// Update thread ratings $query = $db->query(" SELECT r.*, t.numratings, t.totalratings
Zeile 1586	Zeile 1595
$cache->update_forumsdisplay(); $cache->update_reportedcontent(); $cache->update_awaitingactivation();	$cache->update_forumsdisplay(); $cache->update_reportedcontent(); $cache->update_awaitingactivation();
	$cache->update_birthdays();
return $this->return_values; }	return $this->return_values; }
Zeile 1596	Zeile 1606
* @param array\|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function) */ function delete_content($delete_uids=false)	* @param array\|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function) */ function delete_content($delete_uids=false)
{ global $db, $plugins, $mybb; if($delete_uids != false) { $this->delete_uids = array_map('intval', (array)$delete_uids); foreach($this->delete_uids as $key => $uid) { if(!$uid \|\| is_super_admin($uid) \|\| $uid == $mybb->user['uid']) {	{ global $db, $plugins, $mybb; if($delete_uids != false) { $this->delete_uids = array_map('intval', (array)$delete_uids); foreach($this->delete_uids as $key => $uid) { if(!$uid \|\| is_super_admin($uid) \|\| $uid == $mybb->user['uid']) {
// Remove super admins unset($this->delete_uids[$key]); }	// Remove super admins unset($this->delete_uids[$key]); }
Zeile 1650	Zeile 1660
// Update the reports made by the deleted users by setting the uid to 0 $db->update_query('reportedcontent', array('uid' => 0), "uid IN({$this->delete_uids})");	// Update the reports made by the deleted users by setting the uid to 0 $db->update_query('reportedcontent', array('uid' => 0), "uid IN({$this->delete_uids})");
// Remove any of the user(s) uploaded avatars require_once MYBB_ROOT.'inc/functions_upload.php'; foreach(explode(',', $this->delete_uids) as $uid) { remove_avatars($uid); }	// Remove any of the user(s) uploaded avatars require_once MYBB_ROOT.'inc/functions_upload.php'; foreach(explode(',', $this->delete_uids) as $uid) { remove_avatars($uid); }
} /**	} /**
Zeile 1665	Zeile 1675
* @param array\|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function) */ function delete_posts($delete_uids=false)	* @param array\|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function) */ function delete_posts($delete_uids=false)
{ global $db, $plugins, $mybb; if($delete_uids != false) { $this->delete_uids = array_map('intval', (array)$delete_uids); foreach($this->delete_uids as $key => $uid) { if(!$uid \|\| is_super_admin($uid) \|\| $uid == $mybb->user['uid']) { // Remove super admins unset($this->delete_uids[$key]); } } $this->delete_uids = implode(',', $this->delete_uids);	{ global $db, $plugins, $mybb; if($delete_uids != false) { $this->delete_uids = array_map('intval', (array)$delete_uids); foreach($this->delete_uids as $key => $uid) { if(!$uid \|\| is_super_admin($uid) \|\| $uid == $mybb->user['uid']) { // Remove super admins unset($this->delete_uids[$key]); } } $this->delete_uids = implode(',', $this->delete_uids);
} require_once MYBB_ROOT.'inc/class_moderation.php'; $moderation = new Moderation(); $plugins->run_hooks('datahandler_user_delete_posts', $this);	} require_once MYBB_ROOT.'inc/class_moderation.php'; $moderation = new Moderation(); $plugins->run_hooks('datahandler_user_delete_posts', $this);

if(empty($this->delete_uids)) { return;	if(empty($this->delete_uids)) { return;
Zeile 1697	Zeile 1707
// Threads $query = $db->simple_select('threads', 'tid', "uid IN({$this->delete_uids})"); while($tid = $db->fetch_field($query, 'tid'))	// Threads $query = $db->simple_select('threads', 'tid', "uid IN({$this->delete_uids})"); while($tid = $db->fetch_field($query, 'tid'))
{	{
$moderation->delete_thread($tid); }	$moderation->delete_thread($tid); }
Zeile 1706	Zeile 1716
while($pid = $db->fetch_field($query, 'pid')) { $moderation->delete_post($pid);	while($pid = $db->fetch_field($query, 'pid')) { $moderation->delete_post($pid);
}	}
} /**	} /**
Zeile 1740	Zeile 1750
"website" => "", "birthday" => "", "icq" => "",	"website" => "", "birthday" => "", "icq" => "",
"aim" => "",
"yahoo" => "", "skype" => "", "google" => "",	"yahoo" => "", "skype" => "", "google" => "",
Zeile 1808	Zeile 1817
) { $imgsallowed = 0;	) { $imgsallowed = 0;

if($mybb->settings['sigimgcode'] == 1) { $imgsallowed = $mybb->settings['maxsigimages'];	if($mybb->settings['sigimgcode'] == 1) { $imgsallowed = $mybb->settings['maxsigimages'];