Vergleich usercp.php - 1.8.12 - 1.8.19

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 10Zeile 10

define("IN_MYBB", 1);
define('THIS_SCRIPT', 'usercp.php');

 

define("IN_MYBB", 1);
define('THIS_SCRIPT', 'usercp.php');

 
define("ALLOWABLE_PAGE", "removesubscription,removesubscriptions");


$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";


$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";

Zeile 27Zeile 28
$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms";
$templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format";
$templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";

 
$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms";
$templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format";
$templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";

 
$templatelist .= ",usercp_addsubscription_thread,forumdisplay_password,forumdisplay_password_wrongpass,";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

Zeile 53Zeile 55
$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();

 
$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();

 

$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);


$plugins->run_hooks("usercp_start");
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")


$plugins->run_hooks("usercp_start");
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")

Zeile 168Zeile 172
			if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate)))
			{
				error($lang->error_usercp_return_date_past);

 
			if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate)))
			{
				error($lang->error_usercp_return_date_past);

			}

			}


			$returndate = "{$return_day}-{$return_month}-{$return_year}";

 

			$returndate = "{$return_day}-{$return_month}-{$return_year}";

		}

		}

		else
		{
			$returndate = "";

 
		else
		{
			$returndate = "";

		}

		}

		$away = array(
			"away" => 1,
			"date" => $awaydate,
			"returndate" => $returndate,
			"awayreason" => $mybb->get_input('awayreason')

 
		$away = array(
			"away" => 1,
			"date" => $awaydate,
			"returndate" => $returndate,
			"awayreason" => $mybb->get_input('awayreason')

		);
	}

		);
	}

	else
	{
		$away = array(

	else
	{
		$away = array(

Zeile 213Zeile 217
		"away" => $away,
		"profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)
	);

 
		"away" => $away,
		"profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)
	);

	foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)

	foreach(array('icq', 'yahoo', 'skype', 'google') as $cfield)

	{
		$csetting = 'allow'.$cfield.'field';
		if($mybb->settings[$csetting] == '')

 
	{
		$csetting = 'allow'.$cfield.'field';
		if($mybb->settings[$csetting] == '')

		{
			continue;
		}


		{
			continue;
		}


		if(!is_member($mybb->settings[$csetting]))

 
		if(!is_member($mybb->settings[$csetting]))

		{

		{

			continue;
		}

		if($cfield == 'icq')

 
			continue;
		}

		if($cfield == 'icq')

		{

		{

			$user[$cfield] = $mybb->get_input($cfield, 1);
		}
		else

			$user[$cfield] = $mybb->get_input($cfield, 1);
		}
		else

Zeile 247Zeile 251
		{
			$user['usertitle'] = $mybb->get_input('usertitle');
		}

 
		{
			$user['usertitle'] = $mybb->get_input('usertitle');
		}

		else if(!empty($mybb->input['reverttitle']))

		elseif(!empty($mybb->input['reverttitle']))

		{
			$user['usertitle'] = '';
		}

		{
			$user['usertitle'] = '';
		}

Zeile 257Zeile 261
	if(!$userhandler->validate_user())
	{
		$errors = $userhandler->get_friendly_errors();

 
	if(!$userhandler->validate_user())
	{
		$errors = $userhandler->get_friendly_errors();

 
		$raw_errors = $userhandler->get_errors();



 


		// Set allowed value otherwise select options disappear
		if(in_array($lang->userdata_invalid_birthday_privacy, $errors))

		// Set to stored value if invalid
		if(array_key_exists("invalid_birthday_privacy", $raw_errors))

		{

 
		{

			$mybb->input['birthdayprivacy'] = 'none';

			$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];

		}

		$errors = inline_error($errors);

		}

		$errors = inline_error($errors);

Zeile 329Zeile 334
	{
		$allselected = " selected=\"selected\"";
	}

 
	{
		$allselected = " selected=\"selected\"";
	}

	else if($user['birthdayprivacy'] == 'none')

	elseif($user['birthdayprivacy'] == 'none')

	{
		$noneselected = " selected=\"selected\"";
	}

 
	{
		$noneselected = " selected=\"selected\"";
	}

	else if($user['birthdayprivacy'] == 'age')

	elseif($user['birthdayprivacy'] == 'age')

	{
		$ageselected = " selected=\"selected\"";
	}

	{
		$ageselected = " selected=\"selected\"";
	}

Zeile 348Zeile 353
	}

	if($user['icq'] != "0")

 
	}

	if($user['icq'] != "0")

	{

	{

		$user['icq'] = (int)$user['icq'];
	}


		$user['icq'] = (int)$user['icq'];
	}


Zeile 361Zeile 366
	{
		$user['skype'] = htmlspecialchars_uni($user['skype']);
		$user['google'] = htmlspecialchars_uni($user['google']);

 
	{
		$user['skype'] = htmlspecialchars_uni($user['skype']);
		$user['google'] = htmlspecialchars_uni($user['google']);

		$user['aim'] = htmlspecialchars_uni($user['aim']);

 
		$user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
	}

	$contact_fields = array();
	$contactfields = '';
	$cfieldsshow = false;

 
		$user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
	}

	$contact_fields = array();
	$contactfields = '';
	$cfieldsshow = false;


	foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)


	foreach(array('icq', 'yahoo', 'skype', 'google') as $cfield)

	{
		$contact_fields[$cfield] = '';
		$csetting = 'allow'.$cfield.'field';
		if($mybb->settings[$csetting] == '')

 
	{
		$contact_fields[$cfield] = '';
		$csetting = 'allow'.$cfield.'field';
		if($mybb->settings[$csetting] == '')

		{
			continue;
		}

		{
			continue;
		}


		if(!is_member($mybb->settings[$csetting]))
		{


		if(!is_member($mybb->settings[$csetting]))
		{

Zeile 403Zeile 407
		if($errors)
		{
			if($user['away'] == 1)

 
		if($errors)
		{
			if($user['away'] == 1)

			{
				$awaycheck[1] = "checked=\"checked\"";
			}
			else
			{
				$awaycheck[0] = "checked=\"checked\"";

			{
				$awaycheck[1] = "checked=\"checked\"";
			}
			else
			{
				$awaycheck[0] = "checked=\"checked\"";

			}
			$returndate = array();
			$returndate[0] = $mybb->get_input('awayday', MyBB::INPUT_INT);

			}
			$returndate = array();
			$returndate[0] = $mybb->get_input('awayday', MyBB::INPUT_INT);

Zeile 524Zeile 528
					foreach($useropts as $key => $val)
					{
						$val = htmlspecialchars_uni($val);

 
					foreach($useropts as $key => $val)
					{
						$val = htmlspecialchars_uni($val);

						$seloptions[$val] = $val;
					}
				}
				$expoptions = explode("\n", $options);
				if(is_array($expoptions))
				{
					foreach($expoptions as $key => $val)
					{
						$val = trim($val);
						$val = str_replace("\n", "\\n", $val);

						$sel = "";
						if(isset($seloptions[$val]) && $val == $seloptions[$val])
						{
							$sel = " selected=\"selected\"";
						}

						eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");
					}
					if(!$profilefield['length'])
					{
						$profilefield['length'] = 3;
					}

						$seloptions[$val] = $val;
					}
				}
				$expoptions = explode("\n", $options);
				if(is_array($expoptions))
				{
					foreach($expoptions as $key => $val)
					{
						$val = trim($val);
						$val = str_replace("\n", "\\n", $val);

						$sel = "";
						if(isset($seloptions[$val]) && $val == $seloptions[$val])
						{
							$sel = " selected=\"selected\"";
						}

						eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");
					}
					if(!$profilefield['length'])
					{
						$profilefield['length'] = 3;
					}


					eval("\$code = \"".$templates->get("usercp_profile_profilefields_multiselect")."\";");
				}
			}
			elseif($type == "select")

 

					eval("\$code = \"".$templates->get("usercp_profile_profilefields_multiselect")."\";");
				}
			}
			elseif($type == "select")

			{
				$expoptions = explode("\n", $options);
				if(is_array($expoptions))

			{
				$expoptions = explode("\n", $options);
				if(is_array($expoptions))

				{
					foreach($expoptions as $key => $val)
					{

				{
					foreach($expoptions as $key => $val)
					{

Zeile 562Zeile 566
						$val = str_replace("\n", "\\n", $val);
						$sel = "";
						if($val == htmlspecialchars_uni($userfield))

 
						$val = str_replace("\n", "\\n", $val);
						$sel = "";
						if($val == htmlspecialchars_uni($userfield))

						{

						{

							$sel = " selected=\"selected\"";
						}

						eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");
					}
					if(!$profilefield['length'])

 
							$sel = " selected=\"selected\"";
						}

						eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");
					}
					if(!$profilefield['length'])

					{

					{

						$profilefield['length'] = 1;
					}


						$profilefield['length'] = 1;
					}


Zeile 577Zeile 581
				}
			}
			elseif($type == "radio")

 
				}
			}
			elseif($type == "radio")

			{


			{
				$userfield = htmlspecialchars_uni($userfield);

				$expoptions = explode("\n", $options);
				if(is_array($expoptions))
				{

				$expoptions = explode("\n", $options);
				if(is_array($expoptions))
				{

Zeile 595Zeile 600
			}
			elseif($type == "checkbox")
			{

 
			}
			elseif($type == "checkbox")
			{

 
				$userfield = htmlspecialchars_uni($userfield);

				if($errors)
				{
					$useropts = $userfield;
				}
				else

 
				if($errors)
				{
					$useropts = $userfield;
				}
				else

				{

				{

					$useropts = explode("\n", $userfield);
				}
				if(is_array($useropts))
				{
					foreach($useropts as $key => $val)

 
					$useropts = explode("\n", $userfield);
				}
				if(is_array($useropts))
				{
					foreach($useropts as $key => $val)

					{
						$seloptions[$val] = $val;

					{
						$seloptions[$val] = $val;

					}
				}
				$expoptions = explode("\n", $options);

					}
				}
				$expoptions = explode("\n", $options);

Zeile 786Zeile 792
	if($mybb->settings['userpppoptions'])
	{
		$user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT);

 
	if($mybb->settings['userpppoptions'])
	{
		$user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT);

	}

	$userhandler->set_data($user);

	}

	$userhandler->set_data($user);


	if(!$userhandler->validate_user())
	{


	if(!$userhandler->validate_user())
	{

Zeile 872Zeile 878
	{
		$no_subscribe_selected = "selected=\"selected\"";
	}

 
	{
		$no_subscribe_selected = "selected=\"selected\"";
	}

	else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)

	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)

	{
		$instant_email_subscribe_selected = "selected=\"selected\"";
	}

 
	{
		$instant_email_subscribe_selected = "selected=\"selected\"";
	}

	else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)

	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)

	{
		$instant_pm_subscribe_selected = "selected=\"selected\"";
	}

	{
		$instant_pm_subscribe_selected = "selected=\"selected\"";
	}

Zeile 910Zeile 916
	else
	{
		$showsigscheck = "";

 
	else
	{
		$showsigscheck = "";

	}


	}


	if(isset($user['showavatars']) && $user['showavatars'] == 1)
	{
		$showavatarscheck = "checked=\"checked\"";

	if(isset($user['showavatars']) && $user['showavatars'] == 1)
	{
		$showavatarscheck = "checked=\"checked\"";

Zeile 962Zeile 968
	{
		$dst_auto_selected = "selected=\"selected\"";
	}

 
	{
		$dst_auto_selected = "selected=\"selected\"";
	}

	else if(isset($user['dstcorrection']) && $user['dstcorrection'] == 1)

	elseif(isset($user['dstcorrection']) && $user['dstcorrection'] == 1)

	{
		$dst_enabled_selected = "selected=\"selected\"";
	}

	{
		$dst_enabled_selected = "selected=\"selected\"";
	}

Zeile 1033Zeile 1039
	if(isset($user['classicpostbit']) && $user['classicpostbit'] != 0)
	{
		$classicpostbitcheck = "checked=\"checked\"";

 
	if(isset($user['classicpostbit']) && $user['classicpostbit'] != 0)
	{
		$classicpostbitcheck = "checked=\"checked\"";

	}

	}

	else
	{
		$classicpostbitcheck = '';

	else
	{
		$classicpostbitcheck = '';

Zeile 1041Zeile 1047

	$date_format_options = $dateformat = '';
	foreach($date_formats as $key => $format)

 

	$date_format_options = $dateformat = '';
	foreach($date_formats as $key => $format)

	{

	{

		$selected = '';
		if(isset($user['dateformat']) && $user['dateformat'] == $key)
		{

		$selected = '';
		if(isset($user['dateformat']) && $user['dateformat'] == $key)
		{

Zeile 1063Zeile 1069

		$timeformat = my_date($format, TIME_NOW, "", 0);
		eval("\$time_format_options .= \"".$templates->get("usercp_options_time_format")."\";");

 

		$timeformat = my_date($format, TIME_NOW, "", 0);
		eval("\$time_format_options .= \"".$templates->get("usercp_options_time_format")."\";");

	}


	}


	$tzselect = build_timezone_select("timezoneoffset", $mybb->user['timezone'], true);

	$pms_from_buddys = '';
	if($mybb->settings['allowbuddyonly'] == 1)
	{
		eval("\$pms_from_buddys = \"".$templates->get("usercp_options_pms_from_buddys")."\";");

 
	$tzselect = build_timezone_select("timezoneoffset", $mybb->user['timezone'], true);

	$pms_from_buddys = '';
	if($mybb->settings['allowbuddyonly'] == 1)
	{
		eval("\$pms_from_buddys = \"".$templates->get("usercp_options_pms_from_buddys")."\";");

	}


	}


	$pms = '';
	if($mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] == 1)
	{

	$pms = '';
	if($mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] == 1)
	{

Zeile 1087Zeile 1093

	$threadview = array('linear' => '', 'threaded' => '');
	if(isset($user['threadmode']) && is_scalar($user['threadmode']))

 

	$threadview = array('linear' => '', 'threaded' => '');
	if(isset($user['threadmode']) && is_scalar($user['threadmode']))

	{

	{

		$threadview[$user['threadmode']] = 'selected="selected"';
	}
	$daysprunesel = array(1 => '', 5 => '', 10 => '', 20 => '', 50 => '', 75 => '', 100 => '', 365 => '', 9999 => '');
	if(isset($user['daysprune']) && is_numeric($user['daysprune']))
	{
		$daysprunesel[$user['daysprune']] = 'selected="selected"';

 
		$threadview[$user['threadmode']] = 'selected="selected"';
	}
	$daysprunesel = array(1 => '', 5 => '', 10 => '', 20 => '', 50 => '', 75 => '', 100 => '', 365 => '', 9999 => '');
	if(isset($user['daysprune']) && is_numeric($user['daysprune']))
	{
		$daysprunesel[$user['daysprune']] = 'selected="selected"';

	}

	}

	if(!isset($user['style']))
	{
		$user['style'] = '';

	if(!isset($user['style']))
	{
		$user['style'] = '';

Zeile 1120Zeile 1126
				$val = trim($val);
				$selected = "";
				if(isset($user['tpp']) && $user['tpp'] == $val)

 
				$val = trim($val);
				$selected = "";
				if(isset($user['tpp']) && $user['tpp'] == $val)

				{
					$selected = " selected=\"selected\"";
				}

				{
					$selected = " selected=\"selected\"";
				}


				$tpp_option = $lang->sprintf($lang->tpp_option, $val);
				eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";");
			}
		}
		eval("\$tppselect = \"".$templates->get("usercp_options_tppselect")."\";");

 

				$tpp_option = $lang->sprintf($lang->tpp_option, $val);
				eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";");
			}
		}
		eval("\$tppselect = \"".$templates->get("usercp_options_tppselect")."\";");

	}

	}


	if($mybb->settings['userpppoptions'])
	{


	if($mybb->settings['userpppoptions'])
	{

Zeile 1151Zeile 1157
			}
		}
		eval("\$pppselect = \"".$templates->get("usercp_options_pppselect")."\";");

 
			}
		}
		eval("\$pppselect = \"".$templates->get("usercp_options_pppselect")."\";");

	}

	$plugins->run_hooks("usercp_options_end");


	}

	$plugins->run_hooks("usercp_options_end");


	eval("\$editprofile = \"".$templates->get("usercp_options")."\";");
	output_page($editprofile);
}

	eval("\$editprofile = \"".$templates->get("usercp_options")."\";");
	output_page($editprofile);
}

Zeile 1163Zeile 1169
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));





	$errors = array();

	$plugins->run_hooks("usercp_do_email_start");
	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)

 
	$errors = array();

	$plugins->run_hooks("usercp_do_email_start");
	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)

	{

	{

		$errors[] = $lang->error_invalidpassword;
	}
	else

		$errors[] = $lang->error_invalidpassword;
	}
	else

Zeile 1186Zeile 1192
		$userhandler->set_data($user);

		if(!$userhandler->validate_user())

 
		$userhandler->set_data($user);

		if(!$userhandler->validate_user())

		{

		{

			$errors = $userhandler->get_friendly_errors();
		}
		else
		{

 
			$errors = $userhandler->get_friendly_errors();
		}
		else
		{

			if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != 1 && $mybb->settings['regtype'] != "verify")












































			$activation = false;
			// Checking for pending activations for non-activated accounts
			if($mybb->user['usergroup'] == 5 && ($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "both"))
			{
				$query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND (type='r' OR type='b')");
				$activation = $db->fetch_array($query);
			}
			if($activation)
			{
				$userhandler->update_user();

				$db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'");

				// Send new activation mail for non-activated accounts
				$activationcode = random_str();
				$activationarray = array(
					"uid" => $mybb->user['uid'],
					"dateline" => TIME_NOW,
					"code" => $activationcode,
					"type" => $activation['type']
				);
				$db->insert_query("awaitingactivation", $activationarray);
				$emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']);
				switch($mybb->settings['username_method'])
				{
					case 0:
						$emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
						break;
					case 1:
						$emailmessage = $lang->sprintf($lang->email_activateaccount1, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
						break;
					case 2:
						$emailmessage = $lang->sprintf($lang->email_activateaccount2, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
						break;
					default:
						$emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
						break;
				}
				my_mail($mybb->user['email'], $emailsubject, $emailmessage);

				$plugins->run_hooks("usercp_do_email_changed");
				redirect("usercp.php?action=email", $lang->redirect_emailupdated);
			}
			elseif($mybb->usergroup['cancp'] != 1 && ($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "both"))

			{
				$uid = $mybb->user['uid'];
				$username = $mybb->user['username'];

			{
				$uid = $mybb->user['uid'];
				$username = $mybb->user['username'];

Zeile 1288Zeile 1337
		else
		{
			$userhandler->update_user();

 
		else
		{
			$userhandler->update_user();

			my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true);

			my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true, "lax");


			// Notify the user by email that their password has been changed
			$mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']);


			// Notify the user by email that their password has been changed
			$mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']);

Zeile 1338Zeile 1387
		$user = array(
			"uid" => $mybb->user['uid'],
			"username" => $mybb->get_input('username')

 
		$user = array(
			"uid" => $mybb->user['uid'],
			"username" => $mybb->get_input('username')

		);


		);


		$userhandler->set_data($user);

		if(!$userhandler->validate_user())
		{
			$errors = $userhandler->get_friendly_errors();

 
		$userhandler->set_data($user);

		if(!$userhandler->validate_user())
		{
			$errors = $userhandler->get_friendly_errors();

		}

		}

		else
		{
			$userhandler->update_user();

		else
		{
			$userhandler->update_user();

Zeile 1358Zeile 1407
	{
		$errors = inline_error($errors);
		$mybb->input['action'] = "changename";

 
	{
		$errors = inline_error($errors);
		$mybb->input['action'] = "changename";

	}
}


	}
}


if($mybb->input['action'] == "changename")
{
	$plugins->run_hooks("usercp_changename_start");
	if($mybb->usergroup['canchangename'] != 1)
	{
		error_no_permission();

 
if($mybb->input['action'] == "changename")
{
	$plugins->run_hooks("usercp_changename_start");
	if($mybb->usergroup['canchangename'] != 1)
	{
		error_no_permission();

	}


	}


	$plugins->run_hooks("usercp_changename_end");

 
	$plugins->run_hooks("usercp_changename_end");





	eval("\$changename = \"".$templates->get("usercp_changename")."\";");
	output_page($changename);
}

 
	eval("\$changename = \"".$templates->get("usercp_changename")."\";");
	output_page($changename);
}





if($mybb->input['action'] == "do_subscriptions")
{
	// Verify incoming POST request

if($mybb->input['action'] == "do_subscriptions")
{
	// Verify incoming POST request

Zeile 1397Zeile 1446
		$db->delete_query("threadsubscriptions", "tid IN ($tids) AND uid='{$mybb->user['uid']}'");
	}
	// Changing subscription type

 
		$db->delete_query("threadsubscriptions", "tid IN ($tids) AND uid='{$mybb->user['uid']}'");
	}
	// Changing subscription type

	else
	{

	else
	{

		if($mybb->get_input('do') == "no_notification")
		{
			$new_notification = 0;
		}

 
		if($mybb->get_input('do') == "no_notification")
		{
			$new_notification = 0;
		}

		else if($mybb->get_input('do') == "email_notification")

		elseif($mybb->get_input('do') == "email_notification")

		{
			$new_notification = 1;
		}

 
		{
			$new_notification = 1;
		}

		else if($mybb->get_input('do') == "pm_notification")

		elseif($mybb->get_input('do') == "pm_notification")

		{
			$new_notification = 2;
		}

		{
			$new_notification = 2;
		}

Zeile 1494Zeile 1543
			// Hmm, you don't have permission to view this thread - unsubscribe!
			$del_subscriptions[] = $subscription['sid'];
		}

 
			// Hmm, you don't have permission to view this thread - unsubscribe!
			$del_subscriptions[] = $subscription['sid'];
		}

		else if($subscription['tid'])

		elseif($subscription['tid'])

		{
			$subscriptions[$subscription['tid']] = $subscription;
		}

		{
			$subscriptions[$subscription['tid']] = $subscription;
		}

Zeile 1521Zeile 1570
	{
		$tids = implode(",", array_keys($subscriptions));
		$readforums = array();

 
	{
		$tids = implode(",", array_keys($subscriptions));
		$readforums = array();

		



		// Build a forum cache.

 
		// Build a forum cache.

		$query = $db->query("

		$query = $db->query("

			SELECT f.fid, fr.dateline AS lastread
			FROM ".TABLE_PREFIX."forums f
			LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')
			WHERE f.active != 0
			ORDER BY pid, disporder
		");

 
			SELECT f.fid, fr.dateline AS lastread
			FROM ".TABLE_PREFIX."forums f
			LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')
			WHERE f.active != 0
			ORDER BY pid, disporder
		");

		



		while($forum = $db->fetch_array($query))
		{
			$readforums[$forum['fid']] = $forum['lastread'];

		while($forum = $db->fetch_array($query))
		{
			$readforums[$forum['fid']] = $forum['lastread'];

Zeile 1678Zeile 1727

			if($thread['closed'] == 1)
			{

 

			if($thread['closed'] == 1)
			{

				$folder .= "lock";
				$folder_label .= $lang->icon_lock;

				$folder .= "close";
				$folder_label .= $lang->icon_close;

			}

			$folder .= "folder";

			}

			$folder .= "folder";

Zeile 1691Zeile 1740

			// Build last post info
			$lastpostdate = my_date('relative', $thread['lastpost']);

 

			// Build last post info
			$lastpostdate = my_date('relative', $thread['lastpost']);

			$lastposter = htmlspecialchars_uni($thread['lastposter']);








			if(!$lastposteruid && !$thread['lastposter'])
			{
				$lastposter = htmlspecialchars_uni($lang->guest);
			}
			else
			{
				$lastposter = htmlspecialchars_uni($thread['lastposter']);
			}

			$lastposteruid = $thread['lastposteruid'];

			// Don't link to guest's profiles (they have no profile).
			if($lastposteruid == 0)

 
			$lastposteruid = $thread['lastposteruid'];

			// Don't link to guest's profiles (they have no profile).
			if($lastposteruid == 0)

			{

			{

				$lastposterlink = $lastposter;

 
				$lastposterlink = $lastposter;

			}

			}

			else
			{
				$lastposterlink = build_profile_link($lastposter, $lastposteruid);
			}

 
			else
			{
				$lastposterlink = build_profile_link($lastposter, $lastposteruid);
			}





			$thread['replies'] = my_number_format($thread['replies']);
			$thread['views'] = my_number_format($thread['views']);

			// What kind of notification type do we have here?
			switch($thread['notification'])

 
			$thread['replies'] = my_number_format($thread['replies']);
			$thread['views'] = my_number_format($thread['views']);

			// What kind of notification type do we have here?
			switch($thread['notification'])

			{

			{

				case "2": // PM
					$notification_type = $lang->pm_notification;
					break;

				case "2": // PM
					$notification_type = $lang->pm_notification;
					break;

Zeile 1794Zeile 1850
			$threads = my_number_format($forum['threads']);
		}


 
			$threads = my_number_format($forum['threads']);
		}


		if($forum['lastpost'] == 0 || $forum['lastposter'] == "")

		if($forum['lastpost'] == 0)

		{
			eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost_never")."\";");
		}

		{
			eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost_never")."\";");
		}

Zeile 1808Zeile 1864
			$forum['lastpostsubject'] = $parser->parse_badwords($forum['lastpostsubject']);
			$lastpost_date = my_date('relative', $forum['lastpost']);
			$lastposttid = $forum['lastposttid'];

 
			$forum['lastpostsubject'] = $parser->parse_badwords($forum['lastpostsubject']);
			$lastpost_date = my_date('relative', $forum['lastpost']);
			$lastposttid = $forum['lastposttid'];

			$lastposter = htmlspecialchars_uni($forum['lastposter']);
			$lastpost_profilelink = build_profile_link($lastposter, $forum['lastposteruid']);















			if(!$forum['lastposteruid'] && !$forum['lastposter'])
			{
				$lastposter = htmlspecialchars_uni($lang->guest);
			}
			else
			{
				$lastposter = htmlspecialchars_uni($forum['lastposter']);
			}
			if($forum['lastposteruid'] == 0)
			{
				$lastpost_profilelink = $lastposter;
			}
			else
			{
				$lastpost_profilelink = build_profile_link($lastposter, $forum['lastposteruid']);
			}

			$full_lastpost_subject = $lastpost_subject = htmlspecialchars_uni($forum['lastpostsubject']);
			if(my_strlen($lastpost_subject) > 25)
			{

			$full_lastpost_subject = $lastpost_subject = htmlspecialchars_uni($forum['lastpostsubject']);
			if(my_strlen($lastpost_subject) > 25)
			{

Zeile 1817Zeile 1887
			}
			$lastpost_link = get_thread_link($forum['lastposttid'], 0, "lastpost");
			eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost")."\";");

 
			}
			$lastpost_link = get_thread_link($forum['lastposttid'], 0, "lastpost");
			eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost")."\";");

		}


		}


		if($mybb->settings['showdescriptions'] == 0)
		{
			$forum['description'] = "";

		if($mybb->settings['showdescriptions'] == 0)
		{
			$forum['description'] = "";

Zeile 1830Zeile 1900
	if(!$forums)
	{
		eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";");

 
	if(!$forums)
	{
		eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";");

	}

	$plugins->run_hooks("usercp_forumsubscriptions_end");


	}

	$plugins->run_hooks("usercp_forumsubscriptions_end");


	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";");
	output_page($forumsubscriptions);

 
	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";");
	output_page($forumsubscriptions);

 
}

if($mybb->input['action'] == "do_addsubscription" && $mybb->get_input('type') != "forum")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	$thread = get_thread($mybb->get_input('tid'));
	if(!$thread || $thread['visible'] == -1)
	{
		error($lang->error_invalidthread);
	}

	// Is the currently logged in user a moderator of this forum?
	$ismod = is_moderator($thread['fid']);

	// Make sure we are looking at a real thread here.
	if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
	{
		error($lang->error_invalidthread);
	}

	$forumpermissions = forum_permissions($thread['fid']);
	if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
	{
		error_no_permission();
	}

	// check if the forum requires a password to view. If so, we need to show a form to the user
	check_forum_password($thread['fid']);

	// Naming of the hook retained for backward compatibility while dropping usercp2.php
	$plugins->run_hooks("usercp2_do_addsubscription");

	add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));

	if($mybb->get_input('referrer'))
	{
		$url = htmlspecialchars_uni($mybb->get_input('referrer'));
	}
	else
	{
		$url = get_thread_link($thread['tid']);
	}
	redirect($url, $lang->redirect_subscriptionadded);
}

if($mybb->input['action'] == "addsubscription")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	if($mybb->get_input('type') == "forum")
	{
		$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
		if(!$forum)
		{
			error($lang->error_invalidforum);
		}
		$forumpermissions = forum_permissions($forum['fid']);
		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
		{
			error_no_permission();
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($forum['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_addsubscription_forum");

		add_subscribed_forum($forum['fid']);
		if($server_http_referer && $mybb->request_method != 'post')
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "index.php";
		}
		redirect($url, $lang->redirect_forumsubscriptionadded);
	}
	else
	{
		$thread  = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread || $thread['visible'] == -1)
		{
			error($lang->error_invalidthread);
		}

		// Is the currently logged in user a moderator of this forum?
		$ismod = is_moderator($thread['fid']);

		// Make sure we are looking at a real thread here.
		if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
		{
			error($lang->error_invalidthread);
		}

		add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions");
		add_breadcrumb($lang->nav_addsubscription);

		$forumpermissions = forum_permissions($thread['fid']);
		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
		{
			error_no_permission();
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($thread['fid']);

		$referrer = '';
		if($server_http_referer)
		{
			$referrer = $server_http_referer;
		}

		require_once MYBB_ROOT."inc/class_parser.php";
		$parser = new postParser;
		$thread['subject'] = $parser->parse_badwords($thread['subject']);
		$thread['subject'] = htmlspecialchars_uni($thread['subject']);
		$lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']);

		$notification_none_checked = $notification_email_checked = $notification_pm_checked = '';
		if($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0)
		{
			$notification_none_checked = "checked=\"checked\"";
		}
		elseif($mybb->user['subscriptionmethod'] == 2)
		{
			$notification_email_checked = "checked=\"checked\"";
		}
		elseif($mybb->user['subscriptionmethod'] == 3)
		{
			$notification_pm_checked = "checked=\"checked\"";
		}

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_addsubscription_thread");

		eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";");
		output_page($add_subscription);
		exit;
	}
}

if($mybb->input['action'] == "removesubscription")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	if($mybb->get_input('type') == "forum")
	{
		$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
		if(!$forum)
		{
			error($lang->error_invalidforum);
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($forum['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_forum");

		remove_subscribed_forum($forum['fid']);
		if($server_http_referer && $mybb->request_method != 'post')
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=forumsubscriptions";
		}
		redirect($url, $lang->redirect_forumsubscriptionremoved);
	}
	else
	{
		$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread)
		{
			error($lang->error_invalidthread);
		}

		// Is the currently logged in user a moderator of this forum?
		$ismod = is_moderator($thread['fid']);

		// Make sure we are looking at a real thread here.
		if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
		{
			error($lang->error_invalidthread);
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($thread['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_thread");

		remove_subscribed_thread($thread['tid']);
		if($server_http_referer && $mybb->request_method != 'post')
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=subscriptions";
		}
		redirect($url, $lang->redirect_subscriptionremoved);
	}
}

if($mybb->input['action'] == "removesubscriptions")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	if($mybb->get_input('type') == "forum")
	{
		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscriptions_forum");

		$db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");
		if($server_http_referer)
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=forumsubscriptions";
		}
		redirect($url, $lang->redirect_forumsubscriptionsremoved);
	}
	else
	{
		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscriptions_thread");

		$db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'");
		if($server_http_referer)
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=subscriptions";
		}
		redirect($url, $lang->redirect_subscriptionsremoved);
	}

}

if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")

}

if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")

Zeile 1909Zeile 2228
		// Usergroup has no permission to use this facility
		error_no_permission();
	}

 
		// Usergroup has no permission to use this facility
		error_no_permission();
	}

	else if($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])

	elseif($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])

	{
		// Usergroup can use this facility, but only after x posts
		error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));

	{
		// Usergroup can use this facility, but only after x posts
		error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));

Zeile 1955Zeile 2274
		else
		{
			$sigsmilies = $lang->off;

 
		else
		{
			$sigsmilies = $lang->off;

		}

		}

		if($mybb->settings['sigmycode'] == 1)

 
		if($mybb->settings['sigmycode'] == 1)

		{

		{

			$sigmycode = $lang->on;
		}
		else
		{
			$sigmycode = $lang->off;

 
			$sigmycode = $lang->on;
		}
		else
		{
			$sigmycode = $lang->off;

		}

		}

		if($mybb->settings['sightml'] == 1)
		{
			$sightml = $lang->on;

		if($mybb->settings['sightml'] == 1)
		{
			$sightml = $lang->on;

Zeile 2000Zeile 2319
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));





	$plugins->run_hooks("usercp_do_avatar_start");
	require_once MYBB_ROOT."inc/functions_upload.php";


	$plugins->run_hooks("usercp_do_avatar_start");
	require_once MYBB_ROOT."inc/functions_upload.php";


Zeile 2015Zeile 2334
		);
		$db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'");
		remove_avatars($mybb->user['uid']);

 
		);
		$db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'");
		remove_avatars($mybb->user['uid']);

	}

	}

	elseif($_FILES['avatarupload']['name']) // upload avatar
	{
		if($mybb->usergroup['canuploadavatars'] == 0)

	elseif($_FILES['avatarupload']['name']) // upload avatar
	{
		if($mybb->usergroup['canuploadavatars'] == 0)

Zeile 2059Zeile 2378
			}

			// Because Gravatars are square, hijack the width

 
			}

			// Because Gravatars are square, hijack the width

			list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

			list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

			$maxheight = (int)$maxwidth;

			// Rating?

			$maxheight = (int)$maxwidth;

			// Rating?

Zeile 2117Zeile 2436
			{
				if($width && $height && $mybb->settings['maxavatardims'] != "")
				{

 
			{
				if($width && $height && $mybb->settings['maxavatardims'] != "")
				{

					list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

					list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

					if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
					{
						$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);

					if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
					{
						$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);

Zeile 2180Zeile 2499

	if($mybb->settings['maxavatardims'] != "")
	{

 

	if($mybb->settings['maxavatardims'] != "")
	{

		list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

		list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
	}


		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
	}


Zeile 2197Zeile 2516
	{
		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");
	}

 
	{
		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");
	}

	else if($mybb->settings['avatarresizing'] == "user")

	elseif($mybb->settings['avatarresizing'] == "user")

	{
		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
	}

	{
		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
	}

Zeile 2630Zeile 2949
	}

	// Removing a user from this list

 
	}

	// Removing a user from this list

	else if($mybb->get_input('delete', MyBB::INPUT_INT))

	elseif($mybb->get_input('delete', MyBB::INPUT_INT))

	{
		// Check if user exists on the list
		$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);

	{
		// Check if user exists on the list
		$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);

Zeile 2867Zeile 3186
				{
					$bgcolor = alt_trow();
					$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);

 
				{
					$bgcolor = alt_trow();
					$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);

					$request['date'] = my_date($mybb->settings['dateformat'], $request['date'])." ".my_date($mybb->settings['timeformat'], $request['date']);

					$request['date'] = my_date('relative', $request['date']);

					eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request", 1, 0)."\";");
				}


					eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request", 1, 0)."\";");
				}


Zeile 2901Zeile 3220
	{
		$bgcolor = alt_trow();
		$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['uid']);

 
	{
		$bgcolor = alt_trow();
		$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['uid']);

		$request['date'] = my_date($mybb->settings['dateformat'], $request['date'])." ".my_date($mybb->settings['timeformat'], $request['date']);

		$request['date'] = my_date('relative', $request['date']);

		eval("\$received_rows .= \"".$templates->get("usercp_editlists_received_request")."\";");
	}


		eval("\$received_rows .= \"".$templates->get("usercp_editlists_received_request")."\";");
	}


Zeile 2923Zeile 3242
	{
		$bgcolor = alt_trow();
		$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);

 
	{
		$bgcolor = alt_trow();
		$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);

		$request['date'] = my_date($mybb->settings['dateformat'], $request['date'])." ".my_date($mybb->settings['timeformat'], $request['date']);

		$request['date'] = my_date('relative', $request['date']);

		eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request")."\";");
	}


		eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request")."\";");
	}


Zeile 2988Zeile 3307
			$draft['subject'] = htmlspecialchars_uni($draft['subject']);
			$savedate = my_date('relative', $draft['dateline']);
			eval("\$drafts .= \"".$templates->get("usercp_drafts_draft")."\";");

 
			$draft['subject'] = htmlspecialchars_uni($draft['subject']);
			$savedate = my_date('relative', $draft['dateline']);
			eval("\$drafts .= \"".$templates->get("usercp_drafts_draft")."\";");

		}
	}
	else
	{

		}
	}
	else
	{

		$disable_delete_drafts = 'disabled="disabled"';
		eval("\$drafts = \"".$templates->get("usercp_drafts_none")."\";");
	}

		$disable_delete_drafts = 'disabled="disabled"';
		eval("\$drafts = \"".$templates->get("usercp_drafts_none")."\";");
	}

Zeile 3145Zeile 3464

		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");
		$joinrequest = $db->fetch_array($query);

 

		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");
		$joinrequest = $db->fetch_array($query);

 


		if($joinrequest['rid'])
		{
			error($lang->already_sent_join_request);
		}

 
		if($joinrequest['rid'])
		{
			error($lang->already_sent_join_request);
		}

 


		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
		{

 
		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
		{

 
			$reasonlength = my_strlen($mybb->get_input('reason'));
			
			if($reasonlength > 250) // Reason field is varchar(250) in database
			{
				error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250)));
			}


			$now = TIME_NOW;
			$joinrequest = array(
				"uid" => $mybb->user['uid'],

			$now = TIME_NOW;
			$joinrequest = array(
				"uid" => $mybb->user['uid'],

Zeile 3173Zeile 3501
					$message = $lang->sprintf($lang->email_groupleader_joinrequest, $leader['username'], $mybb->user['username'], $usergroup['title'], $mybb->settings['bbname'], $mybb->get_input('reason'), $mybb->settings['bburl'], $leader['gid']);
					my_mail($leader['email'], $subject, $message);
				}

 
					$message = $lang->sprintf($lang->email_groupleader_joinrequest, $leader['username'], $mybb->user['username'], $usergroup['title'], $mybb->settings['bbname'], $mybb->get_input('reason'), $mybb->settings['bburl'], $leader['gid']);
					my_mail($leader['email'], $subject, $message);
				}

			}

			}


			// Load language
			$lang->set_language($mybb->user['language']);


			// Load language
			$lang->set_language($mybb->user['language']);

Zeile 3294Zeile 3622
	elseif($usergroup['candisplaygroup'] == 1)
	{
		eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");

 
	elseif($usergroup['candisplaygroup'] == 1)
	{
		eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");

	}

	}

	else
	{
		$displaycode = '';

	else
	{
		$displaycode = '';

Zeile 3308Zeile 3636
		while($usergroup = $db->fetch_array($query))
		{
			$showmemberof = true;

 
		while($usergroup = $db->fetch_array($query))
		{
			$showmemberof = true;





			if(isset($groupleader[$usergroup['gid']]))

 
			if(isset($groupleader[$usergroup['gid']]))

			{

			{

				eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveleader")."\";");

 
				eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveleader")."\";");

			}

			}

			elseif($usergroup['type'] != 4 && $usergroup['type'] != 3 && $usergroup['type'] != 5)
			{
				eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveother")."\";");

 
			elseif($usergroup['type'] != 4 && $usergroup['type'] != 3 && $usergroup['type'] != 5)
			{
				eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveother")."\";");

			}

			}

			else
			{
				eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leave")."\";");

			else
			{
				eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leave")."\";");

Zeile 3338Zeile 3666
			elseif($usergroup['candisplaygroup'] == 1)
			{
				eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");

 
			elseif($usergroup['candisplaygroup'] == 1)
			{
				eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");

			}

			}

			else
			{
				$displaycode = '';
			}
			eval("\$memberoflist .= \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";");
		}

 
			else
			{
				$displaycode = '';
			}
			eval("\$memberoflist .= \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";");
		}

	}

	}

	eval("\$membergroups = \"".$templates->get("usercp_usergroups_memberof")."\";");

 
	eval("\$membergroups = \"".$templates->get("usercp_usergroups_memberof")."\";");





	// List of groups this user has applied for but has not been accepted in to
	$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'");
	while($request = $db->fetch_array($query))
	{
		$appliedjoin[$request['gid']] = $request['dateline'];

 
	// List of groups this user has applied for but has not been accepted in to
	$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'");
	while($request = $db->fetch_array($query))
	{
		$appliedjoin[$request['gid']] = $request['dateline'];

	}


	}


	// Fetch list of groups the member can join
	$existinggroups = $mybb->user['usergroup'];
	if($mybb->user['additionalgroups'])

	// Fetch list of groups the member can join
	$existinggroups = $mybb->user['usergroup'];
	if($mybb->user['additionalgroups'])

Zeile 3447Zeile 3775
	if($mybb->settings['enableattachments'] == 0)
	{
		error($lang->attachments_disabled);

 
	if($mybb->settings['enableattachments'] == 0)
	{
		error($lang->attachments_disabled);

 
	}

	// Get unviewable forums
	$f_perm_sql = '';
	$unviewable_forums = get_unviewable_forums(true);
	$inactiveforums = get_inactive_forums();
	if($unviewable_forums)
	{
		$f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)";
	}
	if($inactiveforums)
	{
		$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";

	}

	$attachments = '';

 
	}

	$attachments = '';

 

	$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'");
	$usage = $db->fetch_array($query);
	$totalattachments = $usage['acount'];


	// Pagination
	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
	{
		$mybb->settings['threadsperpage'] = 20;

 

	// Pagination
	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
	{
		$mybb->settings['threadsperpage'] = 20;

	}

	}


	$perpage = $mybb->settings['threadsperpage'];
	$page = $mybb->get_input('page', MyBB::INPUT_INT);

 

	$perpage = $mybb->settings['threadsperpage'];
	$page = $mybb->get_input('page', MyBB::INPUT_INT);





	if($page > 0)
	{
		$start = ($page-1) * $perpage;

 
	if($page > 0)
	{
		$start = ($page-1) * $perpage;

 
		$pages = ceil($totalattachments / $perpage);
		if($page > $pages)
		{
			$start = 0;
			$page = 1;
		}

	}
	else
	{
		$start = 0;
		$page = 1;
	}

 
	}
	else
	{
		$start = 0;
		$page = 1;
	}





	$end = $start + $perpage;
	$lower = $start+1;

	$query = $db->query("
		SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubject

 
	$end = $start + $perpage;
	$lower = $start+1;

	$query = $db->query("
		SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubject

		FROM ".TABLE_PREFIX."attachments a

		FROM ".TABLE_PREFIX."attachments a

		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)

 
		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)

		WHERE a.uid='".$mybb->user['uid']."'

		WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}

		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
	");


		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
	");


Zeile 3513Zeile 3864
		}
	}


 
		}
	}


	$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'");
	$usage = $db->fetch_array($query);

 
	$totalusage = $usage['ausage'];

 
	$totalusage = $usage['ausage'];

	$totalattachments = $usage['acount'];
	$friendlyusage = get_friendly_size($totalusage);

	$friendlyusage = get_friendly_size((int)$totalusage);


	if($mybb->usergroup['attachquota'])
	{

 
	if($mybb->usergroup['attachquota'])
	{

		$percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100)."%";


		$percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100);
		$friendlyusage .= $lang->sprintf($lang->attachments_usage_percent, $percent);

		$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);

 
		$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);

		$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);
	}

		$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $totalattachments);
	}

	else
	{

 
	else
	{

		$percent = $lang->unlimited;

 
		$attachquota = $lang->unlimited;
		$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);
	}

		$attachquota = $lang->unlimited;
		$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);
	}

Zeile 3538Zeile 3886
	{
		eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";");
		$usagenote = '';

 
	{
		eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";");
		$usagenote = '';

	}

	$plugins->run_hooks("usercp_attachments_end");


	}

	$plugins->run_hooks("usercp_attachments_end");


	eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";");
	output_page($manageattachments);
}

 
	eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";");
	output_page($manageattachments);
}





if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post")
{
	// Verify incoming POST request

if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post")
{
	// Verify incoming POST request

Zeile 3557Zeile 3905
	{
		error($lang->no_attachments_selected);
	}

 
	{
		error($lang->no_attachments_selected);
	}

 

	// Get unviewable forums
	$f_perm_sql = '';
	$unviewable_forums = get_unviewable_forums(true);
	$inactiveforums = get_inactive_forums();
	if($unviewable_forums)
	{
		$f_perm_sql = " AND p.fid NOT IN ($unviewable_forums)";
	}
	if($inactiveforums)
	{
		$f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)";
	}


	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

 
	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");









	$query = $db->query("
		SELECT a.*, p.fid
		FROM ".TABLE_PREFIX."attachments a
		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
		WHERE aid IN ({$aids}) AND a.uid={$mybb->user['uid']} {$f_perm_sql}
	");


	while($attachment = $db->fetch_array($query))
	{
		remove_attachment($attachment['pid'], '', $attachment['aid']);

	while($attachment = $db->fetch_array($query))
	{
		remove_attachment($attachment['pid'], '', $attachment['aid']);

Zeile 3715Zeile 4084
				}
				else
				{

 
				}
				else
				{

					$expires = my_date('relative', $warning['expires']);

					$expires = nice_time($warning['expires']-TIME_NOW);

				}

				$alt_bg = alt_trow();

				}

				$alt_bg = alt_trow();

Zeile 3724Zeile 4093
			if($warnings)
			{
				eval("\$latest_warnings = \"".$templates->get("usercp_warnings")."\";");

 
			if($warnings)
			{
				eval("\$latest_warnings = \"".$templates->get("usercp_warnings")."\";");

			}

			}

		}
	}


		}
	}


Zeile 3747Zeile 4116
	$mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']);
	eval("\$user_notepad = \"".$templates->get("usercp_notepad")."\";");
	$plugins->run_hooks("usercp_notepad_end");

 
	$mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']);
	eval("\$user_notepad = \"".$templates->get("usercp_notepad")."\";");
	$plugins->run_hooks("usercp_notepad_end");





	// Thread Subscriptions with New Posts
	$latest_subscribed = '';
	$query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1));

	// Thread Subscriptions with New Posts
	$latest_subscribed = '';
	$query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1));

Zeile 3755Zeile 4124
	{
		$visible = "AND t.visible != 0";
		if(is_moderator() == true)

 
	{
		$visible = "AND t.visible != 0";
		if(is_moderator() == true)

		{

		{

			$visible = '';
		}


			$visible = '';
		}


Zeile 3778Zeile 4147
				$subscriptions[$subscription['tid']] = $subscription;
			}
		}

 
				$subscriptions[$subscription['tid']] = $subscription;
			}
		}





		if(is_array($subscriptions))
		{
			$tids = implode(",", array_keys($subscriptions));

			// Checking read
			if($mybb->settings['threadreadcut'] > 0)

 
		if(is_array($subscriptions))
		{
			$tids = implode(",", array_keys($subscriptions));

			// Checking read
			if($mybb->settings['threadreadcut'] > 0)

			{

			{

				$query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})");
				while($readthread = $db->fetch_array($query))
				{

				$query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})");
				while($readthread = $db->fetch_array($query))
				{

Zeile 3881Zeile 4250
						}

						$lastpostdate = my_date('relative', $thread['lastpost']);

 
						}

						$lastpostdate = my_date('relative', $thread['lastpost']);

						$lastposter = htmlspecialchars_uni($thread['lastposter']);

 
						$lastposteruid = $thread['lastposteruid'];

 
						$lastposteruid = $thread['lastposteruid'];

 
						if(!$lastposteruid && !$thread['lastposter'])
						{
							$lastposter = htmlspecialchars_uni($lang->guest);
						}
						else
						{
							$lastposter = htmlspecialchars_uni($thread['lastposter']);
						}


						if($lastposteruid == 0)
						{


						if($lastposteruid == 0)
						{

Zeile 3892Zeile 4268
						{
							$lastposterlink = build_profile_link($lastposter, $lastposteruid);
						}

 
						{
							$lastposterlink = build_profile_link($lastposter, $lastposteruid);
						}





						$thread['replies'] = my_number_format($thread['replies']);
						$thread['views'] = my_number_format($thread['views']);
						$thread['username'] = htmlspecialchars_uni($thread['username']);

						$thread['replies'] = my_number_format($thread['replies']);
						$thread['views'] = my_number_format($thread['views']);
						$thread['username'] = htmlspecialchars_uni($thread['username']);

Zeile 3903Zeile 4279
				}
				eval("\$latest_subscribed = \"".$templates->get("usercp_latest_subscribed")."\";");
			}

 
				}
				eval("\$latest_subscribed = \"".$templates->get("usercp_latest_subscribed")."\";");
			}

		}
	}

	// User's Latest Threads


		}
	}

	// User's Latest Threads


	// Get unviewable forums
	$f_perm_sql = '';
	$unviewable_forums = get_unviewable_forums();

	// Get unviewable forums
	$f_perm_sql = '';
	$unviewable_forums = get_unviewable_forums();

Zeile 3915Zeile 4291
	if($unviewable_forums)
	{
		$f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)";

 
	if($unviewable_forums)
	{
		$f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)";

	}

	}

	if($inactiveforums)
	{
		$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";

	if($inactiveforums)
	{
		$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";

Zeile 3945Zeile 4321
		if($thread['visible'] == 0 && is_moderator($thread['fid'], "canviewunapprove") === false)
		{
			continue;

 
		if($thread['visible'] == 0 && is_moderator($thread['fid'], "canviewunapprove") === false)
		{
			continue;

		}

		}


		$forumpermissions = $fpermissions[$thread['fid']];
		if($forumpermissions['canview'] != 0 || $forumpermissions['canviewthreads'] != 0)


		$forumpermissions = $fpermissions[$thread['fid']];
		if($forumpermissions['canview'] != 0 || $forumpermissions['canviewthreads'] != 0)

Zeile 3968Zeile 4344
			WHERE f.active != 0
			ORDER BY pid, disporder
		");

 
			WHERE f.active != 0
			ORDER BY pid, disporder
		");

		



		while($forum = $db->fetch_array($query))
		{
			$readforums[$forum['fid']] = $forum['lastread'];

		while($forum = $db->fetch_array($query))
		{
			$readforums[$forum['fid']] = $forum['lastread'];