Vergleich usercp.php - 1.8.13 - 1.8.19

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 10Zeile 10

define("IN_MYBB", 1);
define('THIS_SCRIPT', 'usercp.php');


define("IN_MYBB", 1);
define('THIS_SCRIPT', 'usercp.php');

 
define("ALLOWABLE_PAGE", "removesubscription,removesubscriptions");


$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";


$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon";
$templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";

Zeile 27Zeile 28
$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms";
$templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format";
$templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";

$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms";
$templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format";
$templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";

 
$templatelist .= ",usercp_addsubscription_thread,forumdisplay_password,forumdisplay_password_wrongpass,";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

Zeile 53Zeile 55
$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();

$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();

 

$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);


$plugins->run_hooks("usercp_start");
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")


$plugins->run_hooks("usercp_start");
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")

Zeile 213Zeile 217
		"away" => $away,
"profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)
);

		"away" => $away,
"profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)
);

	foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)

	foreach(array('icq', 'yahoo', 'skype', 'google') as $cfield)

	{
$csetting = 'allow'.$cfield.'field';
if($mybb->settings[$csetting] == '')

	{
$csetting = 'allow'.$cfield.'field';
if($mybb->settings[$csetting] == '')

Zeile 247Zeile 251
		{
$user['usertitle'] = $mybb->get_input('usertitle');
}

		{
$user['usertitle'] = $mybb->get_input('usertitle');
}

		else if(!empty($mybb->input['reverttitle']))

		elseif(!empty($mybb->input['reverttitle']))

		{
$user['usertitle'] = '';
}

		{
$user['usertitle'] = '';
}

Zeile 257Zeile 261
	if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

	if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

 
		$raw_errors = $userhandler->get_errors();





		// Set allowed value otherwise select options disappear
if(in_array($lang->userdata_invalid_birthday_privacy, $errors))

		// Set to stored value if invalid
if(array_key_exists("invalid_birthday_privacy", $raw_errors))

		{

		{

			$mybb->input['birthdayprivacy'] = 'none';

			$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];

		}

$errors = inline_error($errors);

		}

$errors = inline_error($errors);

Zeile 329Zeile 334
	{
$allselected = " selected=\"selected\"";
}

	{
$allselected = " selected=\"selected\"";
}

	else if($user['birthdayprivacy'] == 'none')

	elseif($user['birthdayprivacy'] == 'none')

	{
$noneselected = " selected=\"selected\"";
}

	{
$noneselected = " selected=\"selected\"";
}

	else if($user['birthdayprivacy'] == 'age')

	elseif($user['birthdayprivacy'] == 'age')

	{
$ageselected = " selected=\"selected\"";
}

	{
$ageselected = " selected=\"selected\"";
}

Zeile 361Zeile 366
	{
$user['skype'] = htmlspecialchars_uni($user['skype']);
$user['google'] = htmlspecialchars_uni($user['google']);

	{
$user['skype'] = htmlspecialchars_uni($user['skype']);
$user['google'] = htmlspecialchars_uni($user['google']);

		$user['aim'] = htmlspecialchars_uni($user['aim']);

 
		$user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
}


		$user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
}


Zeile 369Zeile 373
	$contactfields = '';
$cfieldsshow = false;


	$contactfields = '';
$cfieldsshow = false;


	foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)

	foreach(array('icq', 'yahoo', 'skype', 'google') as $cfield)

	{
$contact_fields[$cfield] = '';
$csetting = 'allow'.$cfield.'field';

	{
$contact_fields[$cfield] = '';
$csetting = 'allow'.$cfield.'field';

Zeile 578Zeile 582
			}
elseif($type == "radio")
{

			}
elseif($type == "radio")
{

 
				$userfield = htmlspecialchars_uni($userfield);

				$expoptions = explode("\n", $options);
if(is_array($expoptions))
{

				$expoptions = explode("\n", $options);
if(is_array($expoptions))
{

Zeile 595Zeile 600
			}
elseif($type == "checkbox")
{

			}
elseif($type == "checkbox")
{

 
				$userfield = htmlspecialchars_uni($userfield);

				if($errors)
{
$useropts = $userfield;

				if($errors)
{
$useropts = $userfield;

Zeile 872Zeile 878
	{
$no_subscribe_selected = "selected=\"selected\"";
}

	{
$no_subscribe_selected = "selected=\"selected\"";
}

	else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)

	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)

	{
$instant_email_subscribe_selected = "selected=\"selected\"";
}

	{
$instant_email_subscribe_selected = "selected=\"selected\"";
}

	else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)

	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)

	{
$instant_pm_subscribe_selected = "selected=\"selected\"";
}

	{
$instant_pm_subscribe_selected = "selected=\"selected\"";
}

Zeile 937Zeile 943
	else
{
$receivepmscheck = "";

	else
{
$receivepmscheck = "";

	}


	}


	if(isset($user['receivefrombuddy']) && $user['receivefrombuddy'] == 1)
{
$receivefrombuddycheck = "checked=\"checked\"";

	if(isset($user['receivefrombuddy']) && $user['receivefrombuddy'] == 1)
{
$receivefrombuddycheck = "checked=\"checked\"";

	}
else

	}
else

	{
$receivefrombuddycheck = "";
}

	{
$receivefrombuddycheck = "";
}

Zeile 962Zeile 968
	{
$dst_auto_selected = "selected=\"selected\"";
}

	{
$dst_auto_selected = "selected=\"selected\"";
}

	else if(isset($user['dstcorrection']) && $user['dstcorrection'] == 1)

	elseif(isset($user['dstcorrection']) && $user['dstcorrection'] == 1)

	{
$dst_enabled_selected = "selected=\"selected\"";
}
else
{
$dst_disabled_selected = "selected=\"selected\"";

	{
$dst_enabled_selected = "selected=\"selected\"";
}
else
{
$dst_disabled_selected = "selected=\"selected\"";

	}

if(isset($user['showcodebuttons']) && $user['showcodebuttons'] == 1)
{

	}

if(isset($user['showcodebuttons']) && $user['showcodebuttons'] == 1)
{

		$showcodebuttonscheck = "checked=\"checked\"";
}
else
{
$showcodebuttonscheck = "";

		$showcodebuttonscheck = "checked=\"checked\"";
}
else
{
$showcodebuttonscheck = "";

	}

	}


if(isset($user['sourceeditor']) && $user['sourceeditor'] == 1)


if(isset($user['sourceeditor']) && $user['sourceeditor'] == 1)

	{

	{

		$sourcemodecheck = "checked=\"checked\"";

		$sourcemodecheck = "checked=\"checked\"";

	}
else
{

	}
else
{

		$sourcemodecheck = "";

		$sourcemodecheck = "";

	}

	}


if(isset($user['showredirect']) && $user['showredirect'] != 0)


if(isset($user['showredirect']) && $user['showredirect'] != 0)

	{

	{

		$showredirectcheck = "checked=\"checked\"";

		$showredirectcheck = "checked=\"checked\"";

	}
else
{

	}
else
{

		$showredirectcheck = "";
}


		$showredirectcheck = "";
}


Zeile 1157Zeile 1163

eval("\$editprofile = \"".$templates->get("usercp_options")."\";");
output_page($editprofile);


eval("\$editprofile = \"".$templates->get("usercp_options")."\";");
output_page($editprofile);

}


}


if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

$errors = array();

if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

$errors = array();





	$plugins->run_hooks("usercp_do_email_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)
{

	$plugins->run_hooks("usercp_do_email_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)
{

Zeile 1186Zeile 1192
		$userhandler->set_data($user);

if(!$userhandler->validate_user())

		$userhandler->set_data($user);

if(!$userhandler->validate_user())

		{

		{

			$errors = $userhandler->get_friendly_errors();
}
else
{

			$errors = $userhandler->get_friendly_errors();
}
else
{

			if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != 1 && $mybb->settings['regtype'] != "verify")












































			$activation = false;
// Checking for pending activations for non-activated accounts
if($mybb->user['usergroup'] == 5 && ($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "both"))
{
$query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND (type='r' OR type='b')");
$activation = $db->fetch_array($query);
}
if($activation)
{
$userhandler->update_user();

$db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'");

// Send new activation mail for non-activated accounts
$activationcode = random_str();
$activationarray = array(
"uid" => $mybb->user['uid'],
"dateline" => TIME_NOW,
"code" => $activationcode,
"type" => $activation['type']
);
$db->insert_query("awaitingactivation", $activationarray);
$emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']);
switch($mybb->settings['username_method'])
{
case 0:
$emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
break;
case 1:
$emailmessage = $lang->sprintf($lang->email_activateaccount1, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
break;
case 2:
$emailmessage = $lang->sprintf($lang->email_activateaccount2, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
break;
default:
$emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode);
break;
}
my_mail($mybb->user['email'], $emailsubject, $emailmessage);

$plugins->run_hooks("usercp_do_email_changed");
redirect("usercp.php?action=email", $lang->redirect_emailupdated);
}
elseif($mybb->usergroup['cancp'] != 1 && ($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "both"))

			{
$uid = $mybb->user['uid'];
$username = $mybb->user['username'];

			{
$uid = $mybb->user['uid'];
$username = $mybb->user['username'];

Zeile 1213Zeile 1262
				$mail_message = $lang->sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->get_input('email'), $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']);

$lang->emailsubject_changeemail = $lang->sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']);

				$mail_message = $lang->sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->get_input('email'), $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']);

$lang->emailsubject_changeemail = $lang->sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']);

				my_mail($mybb->get_input('email'), $lang->emailsubject_changeemail, $mail_message);


				my_mail($mybb->get_input('email'), $lang->emailsubject_changeemail, $mail_message);


				$plugins->run_hooks("usercp_do_email_verify");
error($lang->redirect_changeemail_activation);
}

				$plugins->run_hooks("usercp_do_email_verify");
error($lang->redirect_changeemail_activation);
}

Zeile 1243Zeile 1292
	{
$email = htmlspecialchars_uni($mybb->get_input('email'));
$email2 = htmlspecialchars_uni($mybb->get_input('email2'));

	{
$email = htmlspecialchars_uni($mybb->get_input('email'));
$email2 = htmlspecialchars_uni($mybb->get_input('email2'));

	}
else

	}
else

	{
$email = $email2 = '';
}

	{
$email = $email2 = '';
}

Zeile 1264Zeile 1313

$plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false)


$plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false)

	{
$errors[] = $lang->error_invalidpassword;
}
else
{

	{
$errors[] = $lang->error_invalidpassword;
}
else
{

		// Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

		// Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update");

Zeile 1282Zeile 1331
		$userhandler->set_data($user);

if(!$userhandler->validate_user())

		$userhandler->set_data($user);

if(!$userhandler->validate_user())

		{

		{

			$errors = $userhandler->get_friendly_errors();
}
else
{
$userhandler->update_user();

			$errors = $userhandler->get_friendly_errors();
}
else
{
$userhandler->update_user();

			my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true);

			my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true, "lax");


// Notify the user by email that their password has been changed
$mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']);


// Notify the user by email that their password has been changed
$mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']);

Zeile 1304Zeile 1353
			$mybb->input['action'] = "password";
$errors = inline_error($errors);
}

			$mybb->input['action'] = "password";
$errors = inline_error($errors);
}

}

}


if($mybb->input['action'] == "password")
{


if($mybb->input['action'] == "password")
{

Zeile 1320Zeile 1369
	verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("usercp_do_changename_start");

	verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("usercp_do_changename_start");

	if($mybb->usergroup['canchangename'] != 1)
{
error_no_permission();
}


	if($mybb->usergroup['canchangename'] != 1)
{
error_no_permission();
}


	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)
{
$errors[] = $lang->error_invalidpassword;

	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)
{
$errors[] = $lang->error_invalidpassword;

Zeile 1345Zeile 1394
		if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

		if(!$userhandler->validate_user())
{
$errors = $userhandler->get_friendly_errors();

		}

		}

		else
{
$userhandler->update_user();
$plugins->run_hooks("usercp_do_changename_end");
redirect("usercp.php?action=changename", $lang->redirect_namechanged);

		else
{
$userhandler->update_user();
$plugins->run_hooks("usercp_do_changename_end");
redirect("usercp.php?action=changename", $lang->redirect_namechanged);





		}
}
if(count($errors) > 0)
{
$errors = inline_error($errors);
$mybb->input['action'] = "changename";

		}
}
if(count($errors) > 0)
{
$errors = inline_error($errors);
$mybb->input['action'] = "changename";

	}

	}

}

if($mybb->input['action'] == "changename")

}

if($mybb->input['action'] == "changename")

Zeile 1376Zeile 1425
}

if($mybb->input['action'] == "do_subscriptions")

}

if($mybb->input['action'] == "do_subscriptions")

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


$plugins->run_hooks("usercp_do_subscriptions_start");



$plugins->run_hooks("usercp_do_subscriptions_start");


Zeile 1403Zeile 1452
		{
$new_notification = 0;
}

		{
$new_notification = 0;
}

		else if($mybb->get_input('do') == "email_notification")

		elseif($mybb->get_input('do') == "email_notification")

		{
$new_notification = 1;
}

		{
$new_notification = 1;
}

		else if($mybb->get_input('do') == "pm_notification")

		elseif($mybb->get_input('do') == "pm_notification")

		{
$new_notification = 2;
}

		{
$new_notification = 2;
}

Zeile 1490Zeile 1539
		$forumpermissions = $fpermissions[$subscription['fid']];

if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid']))

		$forumpermissions = $fpermissions[$subscription['fid']];

if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid']))

		{

		{

			// Hmm, you don't have permission to view this thread - unsubscribe!
$del_subscriptions[] = $subscription['sid'];

			// Hmm, you don't have permission to view this thread - unsubscribe!
$del_subscriptions[] = $subscription['sid'];

		}
else if($subscription['tid'])

		}
elseif($subscription['tid'])

		{
$subscriptions[$subscription['tid']] = $subscription;

		{
$subscriptions[$subscription['tid']] = $subscription;

		}

		}

	}

	}





	if(!empty($del_subscriptions))
{
$sids = implode(',', $del_subscriptions);

	if(!empty($del_subscriptions))
{
$sids = implode(',', $del_subscriptions);





		if($sids)
{
$db->delete_query("threadsubscriptions", "sid IN ({$sids}) AND uid='{$mybb->user['uid']}'");

		if($sids)
{
$db->delete_query("threadsubscriptions", "sid IN ({$sids}) AND uid='{$mybb->user['uid']}'");

		}

$threadcount = $threadcount - count($del_subscriptions);


		}

$threadcount = $threadcount - count($del_subscriptions);


		if($threadcount < 0)
{
$threadcount = 0;
}
}

		if($threadcount < 0)
{
$threadcount = 0;
}
}





	if(!empty($subscriptions))
{
$tids = implode(",", array_keys($subscriptions));

	if(!empty($subscriptions))
{
$tids = implode(",", array_keys($subscriptions));

Zeile 1543Zeile 1592
			while($post = $db->fetch_array($query))
{
$subscriptions[$post['tid']]['doticon'] = 1;

			while($post = $db->fetch_array($query))
{
$subscriptions[$post['tid']]['doticon'] = 1;

			}
}


			}
}


		// Read threads
if($mybb->settings['threadreadcut'] > 0)
{

		// Read threads
if($mybb->settings['threadreadcut'] > 0)
{

Zeile 1678Zeile 1727

if($thread['closed'] == 1)
{


if($thread['closed'] == 1)
{

				$folder .= "lock";
$folder_label .= $lang->icon_lock;

				$folder .= "close";
$folder_label .= $lang->icon_close;

			}

$folder .= "folder";

			}

$folder .= "folder";

Zeile 1818Zeile 1867
			if(!$forum['lastposteruid'] && !$forum['lastposter'])
{
$lastposter = htmlspecialchars_uni($lang->guest);

			if(!$forum['lastposteruid'] && !$forum['lastposter'])
{
$lastposter = htmlspecialchars_uni($lang->guest);

			}
else
{

			}
else
{

				$lastposter = htmlspecialchars_uni($forum['lastposter']);
}
if($forum['lastposteruid'] == 0)

				$lastposter = htmlspecialchars_uni($forum['lastposter']);
}
if($forum['lastposteruid'] == 0)

Zeile 1838Zeile 1887
			}
$lastpost_link = get_thread_link($forum['lastposttid'], 0, "lastpost");
eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost")."\";");

			}
$lastpost_link = get_thread_link($forum['lastposttid'], 0, "lastpost");
eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost")."\";");

		}

		}


if($mybb->settings['showdescriptions'] == 0)
{
$forum['description'] = "";


if($mybb->settings['showdescriptions'] == 0)
{
$forum['description'] = "";

		}


		}


		eval("\$forums .= \"".$templates->get("usercp_forumsubscriptions_forum")."\";");

		eval("\$forums .= \"".$templates->get("usercp_forumsubscriptions_forum")."\";");

	}


	}


	if(!$forums)
{
eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";");

	if(!$forums)
{
eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";");

	}


	}


	$plugins->run_hooks("usercp_forumsubscriptions_end");

	$plugins->run_hooks("usercp_forumsubscriptions_end");





	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";");
output_page($forumsubscriptions);

	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";");
output_page($forumsubscriptions);

 
}

if($mybb->input['action'] == "do_addsubscription" && $mybb->get_input('type') != "forum")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

$thread = get_thread($mybb->get_input('tid'));
if(!$thread || $thread['visible'] == -1)
{
error($lang->error_invalidthread);
}

// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);

// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);
}

$forumpermissions = forum_permissions($thread['fid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
{
error_no_permission();
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_do_addsubscription");

add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));

if($mybb->get_input('referrer'))
{
$url = htmlspecialchars_uni($mybb->get_input('referrer'));
}
else
{
$url = get_thread_link($thread['tid']);
}
redirect($url, $lang->redirect_subscriptionadded);
}

if($mybb->input['action'] == "addsubscription")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

if($mybb->get_input('type') == "forum")
{
$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
if(!$forum)
{
error($lang->error_invalidforum);
}
$forumpermissions = forum_permissions($forum['fid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
{
error_no_permission();
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($forum['fid']);

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_addsubscription_forum");

add_subscribed_forum($forum['fid']);
if($server_http_referer && $mybb->request_method != 'post')
{
$url = $server_http_referer;
}
else
{
$url = "index.php";
}
redirect($url, $lang->redirect_forumsubscriptionadded);
}
else
{
$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(!$thread || $thread['visible'] == -1)
{
error($lang->error_invalidthread);
}

// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);

// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);
}

add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions");
add_breadcrumb($lang->nav_addsubscription);

$forumpermissions = forum_permissions($thread['fid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
{
error_no_permission();
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);

$referrer = '';
if($server_http_referer)
{
$referrer = $server_http_referer;
}

require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;
$thread['subject'] = $parser->parse_badwords($thread['subject']);
$thread['subject'] = htmlspecialchars_uni($thread['subject']);
$lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']);

$notification_none_checked = $notification_email_checked = $notification_pm_checked = '';
if($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0)
{
$notification_none_checked = "checked=\"checked\"";
}
elseif($mybb->user['subscriptionmethod'] == 2)
{
$notification_email_checked = "checked=\"checked\"";
}
elseif($mybb->user['subscriptionmethod'] == 3)
{
$notification_pm_checked = "checked=\"checked\"";
}

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_addsubscription_thread");

eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";");
output_page($add_subscription);
exit;
}
}

if($mybb->input['action'] == "removesubscription")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

if($mybb->get_input('type') == "forum")
{
$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
if(!$forum)
{
error($lang->error_invalidforum);
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($forum['fid']);

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_forum");

remove_subscribed_forum($forum['fid']);
if($server_http_referer && $mybb->request_method != 'post')
{
$url = $server_http_referer;
}
else
{
$url = "usercp.php?action=forumsubscriptions";
}
redirect($url, $lang->redirect_forumsubscriptionremoved);
}
else
{
$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(!$thread)
{
error($lang->error_invalidthread);
}

// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);

// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);
}

// check if the forum requires a password to view. If so, we need to show a form to the user
check_forum_password($thread['fid']);

// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_thread");

remove_subscribed_thread($thread['tid']);
if($server_http_referer && $mybb->request_method != 'post')
{
$url = $server_http_referer;
}
else
{
$url = "usercp.php?action=subscriptions";
}
redirect($url, $lang->redirect_subscriptionremoved);
}
}

if($mybb->input['action'] == "removesubscriptions")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

if($mybb->get_input('type') == "forum")
{
// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscriptions_forum");

$db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");
if($server_http_referer)
{
$url = $server_http_referer;
}
else
{
$url = "usercp.php?action=forumsubscriptions";
}
redirect($url, $lang->redirect_forumsubscriptionsremoved);
}
else
{
// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscriptions_thread");

$db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'");
if($server_http_referer)
{
$url = $server_http_referer;
}
else
{
$url = "usercp.php?action=subscriptions";
}
redirect($url, $lang->redirect_subscriptionsremoved);
}

}

if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")

}

if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")

Zeile 1929Zeile 2227
	{
// Usergroup has no permission to use this facility
error_no_permission();

	{
// Usergroup has no permission to use this facility
error_no_permission();

	}
else if($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])
{

	}
elseif($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])
{

		// Usergroup can use this facility, but only after x posts
error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));
}

		// Usergroup can use this facility, but only after x posts
error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));
}

Zeile 2040Zeile 2338
	elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == 0)

	elseif($_FILES['avatarupload']['name']) // upload avatar
{
if($mybb->usergroup['canuploadavatars'] == 0)

		{

		{

			error_no_permission();
}
$avatar = upload_avatar();

			error_no_permission();
}
$avatar = upload_avatar();

Zeile 2080Zeile 2378
			}

// Because Gravatars are square, hijack the width

			}

// Because Gravatars are square, hijack the width

			list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

			list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

			$maxheight = (int)$maxwidth;

// Rating?

			$maxheight = (int)$maxwidth;

// Rating?

Zeile 2138Zeile 2436
			{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{

			{
if($width && $height && $mybb->settings['maxavatardims'] != "")
{

					list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

					list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

					if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);

					if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
{
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);

Zeile 2201Zeile 2499

if($mybb->settings['maxavatardims'] != "")
{


if($mybb->settings['maxavatardims'] != "")
{

		list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));

		list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));

		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
}


		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
}


Zeile 2218Zeile 2516
	{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");
}

	{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");
}

	else if($mybb->settings['avatarresizing'] == "user")

	elseif($mybb->settings['avatarresizing'] == "user")

	{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
}

	{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
}

Zeile 2253Zeile 2551
}

if($mybb->input['action'] == "acceptrequest")

}

if($mybb->input['action'] == "acceptrequest")

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

// Validate request
$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
$request = $db->fetch_array($query);
if(empty($request))
{
error($lang->invalid_request);

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

// Validate request
$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
$request = $db->fetch_array($query);
if(empty($request))
{
error($lang->invalid_request);

	}

$plugins->run_hooks("usercp_acceptrequest_start");

	}

$plugins->run_hooks("usercp_acceptrequest_start");

Zeile 2274Zeile 2572
		if($user['buddylist'] != '')
{
$user['buddylist'] = explode(',', $user['buddylist']);

		if($user['buddylist'] != '')
{
$user['buddylist'] = explode(',', $user['buddylist']);

		}
else
{

		}
else
{

			$user['buddylist'] = array();
}


			$user['buddylist'] = array();
}


Zeile 2290Zeile 2588
		$new_list = preg_replace("#[^0-9,]#", "", $new_list);

if(my_substr($new_list, 0, 1) == ",")

		$new_list = preg_replace("#[^0-9,]#", "", $new_list);

if(my_substr($new_list, 0, 1) == ",")

		{

		{

			$new_list = my_substr($new_list, 1);

			$new_list = my_substr($new_list, 1);

		}

		}

		if(my_substr($new_list, -1) == ",")
{
$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);

		if(my_substr($new_list, -1) == ",")
{
$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);

		}


		}


		$user['buddylist'] = $db->escape_string($new_list);

$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");

		$user['buddylist'] = $db->escape_string($new_list);

$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");

Zeile 2317Zeile 2615

// Now we have the new list, so throw it all back together
$new_list = implode(",", $mybb->user['buddylist']);


// Now we have the new list, so throw it all back together
$new_list = implode(",", $mybb->user['buddylist']);





		// And clean it up a little to ensure there is no possibility of bad values
$new_list = preg_replace("#,{2,}#", ",", $new_list);
$new_list = preg_replace("#[^0-9,]#", "", $new_list);

		// And clean it up a little to ensure there is no possibility of bad values
$new_list = preg_replace("#,{2,}#", ",", $new_list);
$new_list = preg_replace("#[^0-9,]#", "", $new_list);

Zeile 2423Zeile 2721
		if($mybb->user['ignorelist'])
{
$existing_users = explode(",", $mybb->user['ignorelist']);

		if($mybb->user['ignorelist'])
{
$existing_users = explode(",", $mybb->user['ignorelist']);

		}

if($mybb->user['buddylist'])
{

		}

if($mybb->user['buddylist'])
{

			// Create a list of buddies...
$selected_list = explode(",", $mybb->user['buddylist']);
}

			// Create a list of buddies...
$selected_list = explode(",", $mybb->user['buddylist']);
}

Zeile 2447Zeile 2745

$error_message = "";
$message = "";


$error_message = "";
$message = "";





	// Adding one or more users to this list
if($mybb->get_input('add_username'))
{

	// Adding one or more users to this list
if($mybb->get_input('add_username'))
{

Zeile 2460Zeile 2758
		foreach($users as $key => $username)
{
if(empty($username))

		foreach($users as $key => $username)
{
if(empty($username))

			{
unset($users[$key]);

			{
unset($users[$key]);

				continue;
}


				continue;
}


Zeile 2480Zeile 2778
		while($req = $db->fetch_array($query))
{
$requests[$req['touid']] = true;

		while($req = $db->fetch_array($query))
{
$requests[$req['touid']] = true;

		}


		}


		// Get the requests we have received that are still pending
$query = $db->simple_select('buddyrequests', 'uid', 'touid='.(int)$mybb->user['uid']);
$requests_rec = array();

		// Get the requests we have received that are still pending
$query = $db->simple_select('buddyrequests', 'uid', 'touid='.(int)$mybb->user['uid']);
$requests_rec = array();

Zeile 2509Zeile 2807
			while($user = $db->fetch_array($query))
{
++$found_users;

			while($user = $db->fetch_array($query))
{
++$found_users;





				// Make sure we're not adding a duplicate
if(in_array($user['uid'], $existing_users) || in_array($user['uid'], $selected_list))
{
if($mybb->get_input('manage') == "ignored")
{
$error_message = "ignore";

				// Make sure we're not adding a duplicate
if(in_array($user['uid'], $existing_users) || in_array($user['uid'], $selected_list))
{
if($mybb->get_input('manage') == "ignored")
{
$error_message = "ignore";

					}

					}

					else
{
$error_message = "buddy";

					else
{
$error_message = "buddy";

Zeile 2535Zeile 2833
				}

if(isset($requests[$user['uid']]))

				}

if(isset($requests[$user['uid']]))

				{
if($mybb->get_input('manage') != "ignored")

				{
if($mybb->get_input('manage') != "ignored")

					{
$error_message = $lang->users_already_sent_request;
}

					{
$error_message = $lang->users_already_sent_request;
}

Zeile 2651Zeile 2949
	}

// Removing a user from this list

	}

// Removing a user from this list

	else if($mybb->get_input('delete', MyBB::INPUT_INT))

	elseif($mybb->get_input('delete', MyBB::INPUT_INT))

	{
// Check if user exists on the list
$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);

	{
// Check if user exists on the list
$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);

Zeile 2698Zeile 2996
			if($mybb->get_input('manage') == "ignored")
{
$message = $lang->removed_from_ignore_list;

			if($mybb->get_input('manage') == "ignored")
{
$message = $lang->removed_from_ignore_list;

			}
else
{

			}
else
{

				$message = $lang->removed_from_buddy_list;
}
$user['username'] = htmlspecialchars_uni($user['username']);
$message = $lang->sprintf($message, $user['username']);

				$message = $lang->removed_from_buddy_list;
}
$user['username'] = htmlspecialchars_uni($user['username']);
$message = $lang->sprintf($message, $user['username']);

		}
}


		}
}


	// Now we have the new list, so throw it all back together
$new_list = implode(",", $existing_users);

// And clean it up a little to ensure there is no possibility of bad values
$new_list = preg_replace("#,{2,}#", ",", $new_list);
$new_list = preg_replace("#[^0-9,]#", "", $new_list);

	// Now we have the new list, so throw it all back together
$new_list = implode(",", $existing_users);

// And clean it up a little to ensure there is no possibility of bad values
$new_list = preg_replace("#,{2,}#", ",", $new_list);
$new_list = preg_replace("#[^0-9,]#", "", $new_list);





	if(my_substr($new_list, 0, 1) == ",")
{
$new_list = my_substr($new_list, 1);

	if(my_substr($new_list, 0, 1) == ",")
{
$new_list = my_substr($new_list, 1);

Zeile 2755Zeile 3053

$message_js = '';
if($message)


$message_js = '';
if($message)

		{

		{

			$message_js = "$.jGrowl('{$message}', {theme:'jgrowl_success'});";
}


			$message_js = "$.jGrowl('{$message}', {theme:'jgrowl_success'});";
}


Zeile 2863Zeile 3161
	if(!$ignore_list)
{
eval("\$ignore_list = \"".$templates->get("usercp_editlists_no_ignored")."\";");

	if(!$ignore_list)
{
eval("\$ignore_list = \"".$templates->get("usercp_editlists_no_ignored")."\";");

	}


	}


	// If an AJAX request from buddy management, echo out whatever the new list is.
if($mybb->request_method == "post" && $mybb->input['ajax'] == 1)
{
if($mybb->input['manage'] == "ignored")

	// If an AJAX request from buddy management, echo out whatever the new list is.
if($mybb->request_method == "post" && $mybb->input['ajax'] == 1)
{
if($mybb->input['manage'] == "ignored")

		{

		{

			echo $ignore_list;
echo "<script type=\"text/javascript\"> $(\"#ignored_count\").html(\"{$ignore_count}\"); {$message_js}</script>";
}
else
{
if(isset($sent) && $sent === true)

			echo $ignore_list;
echo "<script type=\"text/javascript\"> $(\"#ignored_count\").html(\"{$ignore_count}\"); {$message_js}</script>";
}
else
{
if(isset($sent) && $sent === true)

			{

			{

				$sent_rows = '';
$query = $db->query("
SELECT r.*, u.username

				$sent_rows = '';
$query = $db->query("
SELECT r.*, u.username

Zeile 2896Zeile 3194
				{
eval("\$sent_rows = \"".$templates->get("usercp_editlists_no_requests", 1, 0)."\";");
}

				{
eval("\$sent_rows = \"".$templates->get("usercp_editlists_no_requests", 1, 0)."\";");
}





				eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");

echo $sentrequests;

				eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");

echo $sentrequests;

Zeile 2916Zeile 3214
		SELECT r.*, u.username
FROM ".TABLE_PREFIX."buddyrequests r
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.uid)

		SELECT r.*, u.username
FROM ".TABLE_PREFIX."buddyrequests r
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.uid)

		WHERE r.touid=".(int)$mybb->user['uid']);

while($request = $db->fetch_array($query))
{

		WHERE r.touid=".(int)$mybb->user['uid']);

while($request = $db->fetch_array($query))
{

		$bgcolor = alt_trow();
$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['uid']);
$request['date'] = my_date('relative', $request['date']);

		$bgcolor = alt_trow();
$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['uid']);
$request['date'] = my_date('relative', $request['date']);

Zeile 3083Zeile 3381
	{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

	{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));





		if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)
{
error($lang->not_member_of_group);

		if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)
{
error($lang->not_member_of_group);

Zeile 3110Zeile 3408
		if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false)
{
error($lang->not_member_of_group);

		if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false)
{
error($lang->not_member_of_group);

		}

		}

		if($mybb->user['usergroup'] == $mybb->get_input('leavegroup', MyBB::INPUT_INT))
{
error($lang->cannot_leave_primary_group);

		if($mybb->user['usergroup'] == $mybb->get_input('leavegroup', MyBB::INPUT_INT))
{
error($lang->cannot_leave_primary_group);

Zeile 3137Zeile 3435
		ORDER BY u.username ASC
");
while($leader = $db->fetch_array($query))

		ORDER BY u.username ASC
");
while($leader = $db->fetch_array($query))

	{

	{

		$groupleaders[$leader['gid']][$leader['uid']] = $leader;
}


		$groupleaders[$leader['gid']][$leader['uid']] = $leader;
}


Zeile 3146Zeile 3444
	{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

	{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));





		$usergroup = $usergroups[$mybb->get_input('joingroup', MyBB::INPUT_INT)];

if($usergroup['type'] == 5)

		$usergroup = $usergroups[$mybb->get_input('joingroup', MyBB::INPUT_INT)];

if($usergroup['type'] == 5)

		{

		{

			error($lang->cannot_join_invite_group);
}


			error($lang->cannot_join_invite_group);
}


Zeile 3162Zeile 3460
		if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false)
{
error($lang->already_member_of_group);

		if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false)
{
error($lang->already_member_of_group);

		}


		}


		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");
$joinrequest = $db->fetch_array($query);

		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");
$joinrequest = $db->fetch_array($query);

 


		if($joinrequest['rid'])

		if($joinrequest['rid'])

		{

		{

			error($lang->already_sent_join_request);
}

			error($lang->already_sent_join_request);
}

 


		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
{

		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
{

 
			$reasonlength = my_strlen($mybb->get_input('reason'));

if($reasonlength > 250) // Reason field is varchar(250) in database
{
error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250)));
}


			$now = TIME_NOW;
$joinrequest = array(
"uid" => $mybb->user['uid'],

			$now = TIME_NOW;
$joinrequest = array(
"uid" => $mybb->user['uid'],

Zeile 3355Zeile 3662
			if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])
{
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";");

			if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])
{
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";");

			}

			}

			elseif($usergroup['candisplaygroup'] == 1)
{
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");

			elseif($usergroup['candisplaygroup'] == 1)
{
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");

Zeile 3368Zeile 3675
		}
}
eval("\$membergroups = \"".$templates->get("usercp_usergroups_memberof")."\";");

		}
}
eval("\$membergroups = \"".$templates->get("usercp_usergroups_memberof")."\";");





	// List of groups this user has applied for but has not been accepted in to
$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'");
while($request = $db->fetch_array($query))
{
$appliedjoin[$request['gid']] = $request['dateline'];

	// List of groups this user has applied for but has not been accepted in to
$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'");
while($request = $db->fetch_array($query))
{
$appliedjoin[$request['gid']] = $request['dateline'];

	}


	}


	// Fetch list of groups the member can join
$existinggroups = $mybb->user['usergroup'];
if($mybb->user['additionalgroups'])

	// Fetch list of groups the member can join
$existinggroups = $mybb->user['usergroup'];
if($mybb->user['additionalgroups'])

Zeile 3388Zeile 3695
	while($usergroup = $db->fetch_array($query))
{
$trow = alt_trow();

	while($usergroup = $db->fetch_array($query))
{
$trow = alt_trow();





		$description = '';
$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);
if($usergroup['description'])
{
$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);
eval("\$description = \"".$templates->get("usercp_usergroups_joinable_usergroup_description")."\";");

		$description = '';
$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);
if($usergroup['description'])
{
$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);
eval("\$description = \"".$templates->get("usercp_usergroups_joinable_usergroup_description")."\";");

		}

		}


// Moderating join requests?
if($usergroup['type'] == 4)


// Moderating join requests?
if($usergroup['type'] == 4)

Zeile 3409Zeile 3716
		else
{
$conditions = $lang->usergroup_joins_anyone;

		else
{
$conditions = $lang->usergroup_joins_anyone;

		}


		}


		if(isset($appliedjoin[$usergroup['gid']]) && $usergroup['type'] != 5)
{
$applydate = my_date('relative', $appliedjoin[$usergroup['gid']]);
$joinlink = $lang->sprintf($lang->join_group_applied, $applydate);
}
elseif(isset($appliedjoin[$usergroup['gid']]) && $usergroup['type'] == 5)

		if(isset($appliedjoin[$usergroup['gid']]) && $usergroup['type'] != 5)
{
$applydate = my_date('relative', $appliedjoin[$usergroup['gid']]);
$joinlink = $lang->sprintf($lang->join_group_applied, $applydate);
}
elseif(isset($appliedjoin[$usergroup['gid']]) && $usergroup['type'] == 5)

		{

		{

			$joinlink = $lang->sprintf($lang->pending_invitation, $usergroup['gid'], $mybb->post_code);
}
elseif($usergroup['type'] == 5)

			$joinlink = $lang->sprintf($lang->pending_invitation, $usergroup['gid'], $mybb->post_code);
}
elseif($usergroup['type'] == 5)

Zeile 3431Zeile 3738

$usergroupleaders = '';
if(!empty($groupleaders[$usergroup['gid']]))


$usergroupleaders = '';
if(!empty($groupleaders[$usergroup['gid']]))

		{

		{

			$comma = '';
$usergroupleaders = '';
foreach($groupleaders[$usergroup['gid']] as $leader)

			$comma = '';
$usergroupleaders = '';
foreach($groupleaders[$usergroup['gid']] as $leader)

Zeile 3463Zeile 3770
if($mybb->input['action'] == "attachments")
{
$plugins->run_hooks("usercp_attachments_start");

if($mybb->input['action'] == "attachments")
{
$plugins->run_hooks("usercp_attachments_start");

	require_once MYBB_ROOT."inc/functions_upload.php";


	require_once MYBB_ROOT."inc/functions_upload.php";


	if($mybb->settings['enableattachments'] == 0)
{
error($lang->attachments_disabled);

	if($mybb->settings['enableattachments'] == 0)
{
error($lang->attachments_disabled);

	}

$attachments = '';



















	}

// Get unviewable forums
$f_perm_sql = '';
$unviewable_forums = get_unviewable_forums(true);
$inactiveforums = get_inactive_forums();
if($unviewable_forums)
{
$f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)";
}
if($inactiveforums)
{
$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";
}

$attachments = '';

$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'");
$usage = $db->fetch_array($query);
$totalattachments = $usage['acount'];


	// Pagination
if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{

	// Pagination
if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{

Zeile 3484Zeile 3808
	if($page > 0)
{
$start = ($page-1) * $perpage;

	if($page > 0)
{
$start = ($page-1) * $perpage;

 
		$pages = ceil($totalattachments / $perpage);
if($page > $pages)
{
$start = 0;
$page = 1;
}

	}
else
{

	}
else
{

Zeile 3499Zeile 3829
		FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)

		FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)

		WHERE a.uid='".$mybb->user['uid']."'

		WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}

		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
");


		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
");


Zeile 3520Zeile 3850
			$sizedownloads = $lang->sprintf($lang->attachment_size_downloads, $size, $attachment['downloads']);
$attachdate = my_date('relative', $attachment['dateline']);
$altbg = alt_trow();

			$sizedownloads = $lang->sprintf($lang->attachment_size_downloads, $size, $attachment['downloads']);
$attachdate = my_date('relative', $attachment['dateline']);
$altbg = alt_trow();





			eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";");

// Add to bandwidth total

			eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";");

// Add to bandwidth total

Zeile 3532Zeile 3862
			// This little thing delets attachments without a thread/post
remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']);
}

			// This little thing delets attachments without a thread/post
remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']);
}

	}

$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'");
$usage = $db->fetch_array($query);

	}




	$totalusage = $usage['ausage'];

	$totalusage = $usage['ausage'];

	$totalattachments = $usage['acount'];
$friendlyusage = get_friendly_size($totalusage);

	$friendlyusage = get_friendly_size((int)$totalusage);


	if($mybb->usergroup['attachquota'])
{

	if($mybb->usergroup['attachquota'])
{

		$percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100)."%";


		$percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100);
$friendlyusage .= $lang->sprintf($lang->attachments_usage_percent, $percent);

		$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);

		$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);

		$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);
}

		$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $totalattachments);
}

	else
{

	else
{

		$percent = $lang->unlimited;

 
		$attachquota = $lang->unlimited;
$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);

		$attachquota = $lang->unlimited;
$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);

	}


	}


	$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
$bandwidth = get_friendly_size($bandwidth);


	$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
$bandwidth = get_friendly_size($bandwidth);


Zeile 3578Zeile 3905
	{
error($lang->no_attachments_selected);
}

	{
error($lang->no_attachments_selected);
}

 

// Get unviewable forums
$f_perm_sql = '';
$unviewable_forums = get_unviewable_forums(true);
$inactiveforums = get_inactive_forums();
if($unviewable_forums)
{
$f_perm_sql = " AND p.fid NOT IN ($unviewable_forums)";
}
if($inactiveforums)
{
$f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)";
}


	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");









$query = $db->query("
SELECT a.*, p.fid
FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
WHERE aid IN ({$aids}) AND a.uid={$mybb->user['uid']} {$f_perm_sql}
");


	while($attachment = $db->fetch_array($query))
{
remove_attachment($attachment['pid'], '', $attachment['aid']);

	while($attachment = $db->fetch_array($query))
{
remove_attachment($attachment['pid'], '', $attachment['aid']);