Vergleich usercp.php - 1.8.17 - 1.8.19

			}
			elseif($type == "radio")
			{

			}
			elseif($type == "radio")
			{

				$expoptions = explode("\n", $options);
				if(is_array($expoptions))
				{

				$expoptions = explode("\n", $options);
				if(is_array($expoptions))
				{

			}
			elseif($type == "checkbox")
			{

			}
			elseif($type == "checkbox")
			{

				if($errors)
				{
					$useropts = $userfield;

				if($errors)
				{
					$useropts = $userfield;

		}
		else
		{

		}
		else
		{

			{
				$uid = $mybb->user['uid'];
				$username = $mybb->user['username'];

			{
				$uid = $mybb->user['uid'];
				$username = $mybb->user['username'];

	if(!$forums)
	{
		eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";");

	if(!$forums)
	{
		eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";");

	$plugins->run_hooks("usercp_forumsubscriptions_end");

	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";");

	$plugins->run_hooks("usercp_forumsubscriptions_end");

	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";");

	verify_post_check($mybb->get_input('my_post_key'));

	$thread = get_thread($mybb->get_input('tid'));

	verify_post_check($mybb->get_input('my_post_key'));

	$thread = get_thread($mybb->get_input('tid'));

	{
		error($lang->error_invalidthread);
	}

	{
		error($lang->error_invalidthread);
	}

		else
		{
			$url = "index.php";

		else
		{
			$url = "index.php";

		redirect($url, $lang->redirect_forumsubscriptionadded);
	}
	else
	{
		$thread  = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));

		redirect($url, $lang->redirect_forumsubscriptionadded);
	}
	else
	{
		$thread  = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));

		{
			error($lang->error_invalidthread);
		}

		{
			error($lang->error_invalidthread);
		}

		if(!$forum)
		{
			error($lang->error_invalidforum);

		if(!$forum)
		{
			error($lang->error_invalidforum);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_forum");

		remove_subscribed_forum($forum['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_forum");

		remove_subscribed_forum($forum['fid']);

			$url = $server_http_referer;
		}
		else

			$url = $server_http_referer;
		}
		else

	{
		$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread)

	{
		$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread)

		// Is the currently logged in user a moderator of this forum?
		$ismod = is_moderator($thread['fid']);

		// Is the currently logged in user a moderator of this forum?
		$ismod = is_moderator($thread['fid']);

		remove_subscribed_thread($thread['tid']);
		if($server_http_referer && $mybb->request_method != 'post')

		remove_subscribed_thread($thread['tid']);
		if($server_http_referer && $mybb->request_method != 'post')

		else
		{
			$url = "usercp.php?action=subscriptions";

		else
		{
			$url = "usercp.php?action=subscriptions";

	{
		// Usergroup can use this facility, but only after x posts
		error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));

	{
		// Usergroup can use this facility, but only after x posts
		error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));

	$signature = '';
	if($sig && $template)

	$signature = '';
	if($sig && $template)

		{
			$sigsmilies = $lang->on;
			$smilieinserter = build_clickable_smilies();

		{
			$sigsmilies = $lang->on;
			$smilieinserter = build_clickable_smilies();

		{
			$sigsmilies = $lang->off;
		}
		if($mybb->settings['sigmycode'] == 1)

		{
			$sigsmilies = $lang->off;
		}
		if($mybb->settings['sigmycode'] == 1)

			$sigmycode = $lang->on;
		}
		else

			$sigmycode = $lang->on;
		}
		else

		if($mybb->settings['sightml'] == 1)
		{
			$sightml = $lang->on;

		if($mybb->settings['sightml'] == 1)
		{
			$sightml = $lang->on;

		else
		{
			$sightml = $lang->off;

		else
		{
			$sightml = $lang->off;

			$sigimgcode = $lang->on;
		}
		else

			$sigimgcode = $lang->on;
		}
		else

			$sigimgcode = $lang->off;
		}
		$sig = htmlspecialchars_uni($sig);
		$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);

			$sigimgcode = $lang->off;
		}
		$sig = htmlspecialchars_uni($sig);
		$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);

		if($mybb->settings['bbcodeinserter'] != 0 || $mybb->user['showcodebuttons'] != 0)
		{
			$codebuttons = build_mycode_inserter("signature");
		}

		if($mybb->settings['bbcodeinserter'] != 0 || $mybb->user['showcodebuttons'] != 0)
		{
			$codebuttons = build_mycode_inserter("signature");
		}

		$plugins->run_hooks("usercp_editsig_end");

		eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");

		$plugins->run_hooks("usercp_editsig_end");

		eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");

	output_page($editsig);
}

	output_page($editsig);
}

			}

			// Because Gravatars are square, hijack the width

			}

			// Because Gravatars are square, hijack the width

			$maxheight = (int)$maxwidth;

			// Rating?

			$maxheight = (int)$maxwidth;

			// Rating?

			if(!in_array($rating, $types))
			{
				$rating = 'g';

			if(!in_array($rating, $types))
			{
				$rating = 'g';

			$updated_avatar = array(
				"avatar" => "https://www.gravatar.com/avatar/{$email}{$s}",
				"avatardimensions" => "{$maxheight}|{$maxheight}",
				"avatartype" => "gravatar"
			);

			$updated_avatar = array(
				"avatar" => "https://www.gravatar.com/avatar/{$email}{$s}",
				"avatardimensions" => "{$maxheight}|{$maxheight}",
				"avatartype" => "gravatar"
			);

			$db->update_query("users", $updated_avatar, "uid = '{$mybb->user['uid']}'");
		}
		else

			$db->update_query("users", $updated_avatar, "uid = '{$mybb->user['uid']}'");
		}
		else

					if(!$type)
					{
						$avatar_error = $lang->error_invalidavatarurl;

					if(!$type)
					{
						$avatar_error = $lang->error_invalidavatarurl;

			if(empty($avatar_error))
			{
				if($width && $height && $mybb->settings['maxavatardims'] != "")

			if(empty($avatar_error))
			{
				if($width && $height && $mybb->settings['maxavatardims'] != "")

					if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
					{
						$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);

					if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
					{
						$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);

	{
		$plugins->run_hooks("usercp_do_avatar_end");
		redirect("usercp.php?action=avatar", $lang->redirect_avatarupdated);

	{
		$plugins->run_hooks("usercp_do_avatar_end");
		redirect("usercp.php?action=avatar", $lang->redirect_avatarupdated);

	else
	{
		$mybb->input['action'] = "avatar";

	else
	{
		$mybb->input['action'] = "avatar";

	if($mybb->settings['maxavatardims'] != "")
	{

	if($mybb->settings['maxavatardims'] != "")
	{

		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
	}

		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight);
	}

}

if($mybb->input['action'] == "acceptrequest")

}

if($mybb->input['action'] == "acceptrequest")

	if(!empty($user))
	{
		// We want to add us to this user's buddy list

	if(!empty($user))
	{
		// We want to add us to this user's buddy list

		else
		{
			$user['buddylist'] = array();

		else
		{
			$user['buddylist'] = array();

		$user['buddylist'][] = (int)$mybb->user['uid'];

		$user['buddylist'][] = (int)$mybb->user['uid'];

		// And clean it up a little to ensure there is no possibility of bad values
		$new_list = preg_replace("#,{2,}#", ",", $new_list);
		$new_list = preg_replace("#[^0-9,]#", "", $new_list);

		// And clean it up a little to ensure there is no possibility of bad values
		$new_list = preg_replace("#,{2,}#", ",", $new_list);
		$new_list = preg_replace("#[^0-9,]#", "", $new_list);

		if(my_substr($new_list, 0, 1) == ",")
		{
			$new_list = my_substr($new_list, 1);

		if(my_substr($new_list, 0, 1) == ",")
		{
			$new_list = my_substr($new_list, 1);

		}

		$user['buddylist'] = $db->escape_string($new_list);

		}

		$user['buddylist'] = $db->escape_string($new_list);

		$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");


		// We want to add the user to our buddy list
		if($mybb->user['buddylist'] != '')

		$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");


		// We want to add the user to our buddy list
		if($mybb->user['buddylist'] != '')

		// Now we have the new list, so throw it all back together
		$new_list = implode(",", $mybb->user['buddylist']);

		// Now we have the new list, so throw it all back together
		$new_list = implode(",", $mybb->user['buddylist']);

		$mybb->user['buddylist'] = $db->escape_string($new_list);

		$db->update_query("users", array('buddylist' => $mybb->user['buddylist']), "uid='".(int)$mybb->user['uid']."'");

		$mybb->user['buddylist'] = $db->escape_string($new_list);

		$db->update_query("users", array('buddylist' => $mybb->user['buddylist']), "uid='".(int)$mybb->user['uid']."'");

		$pm = array(
			'subject' => 'buddyrequest_accepted_request',
			'message' => 'buddyrequest_accepted_request_message',

		$pm = array(
			'subject' => 'buddyrequest_accepted_request',
			'message' => 'buddyrequest_accepted_request_message',

		send_pm($pm, $mybb->user['uid'], true);

		send_pm($pm, $mybb->user['uid'], true);

	$plugins->run_hooks("usercp_acceptrequest_end");

	redirect("usercp.php?action=editlists", $lang->buddyrequest_accepted);

	$plugins->run_hooks("usercp_acceptrequest_end");

	redirect("usercp.php?action=editlists", $lang->buddyrequest_accepted);

elseif($mybb->input['action'] == "declinerequest")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

elseif($mybb->input['action'] == "declinerequest")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
	$request = $db->fetch_array($query);
	if(empty($request))

	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
	$request = $db->fetch_array($query);
	if(empty($request))

		error($lang->invalid_request);

		error($lang->invalid_request);

	$user = get_user($request['uid']);
	if(!empty($user))
	{
		$db->delete_query('buddyrequests', 'id='.(int)$request['id']);

	$user = get_user($request['uid']);
	if(!empty($user))
	{
		$db->delete_query('buddyrequests', 'id='.(int)$request['id']);

	else
	{
		error($lang->user_doesnt_exist);
	}

	else
	{
		error($lang->user_doesnt_exist);
	}

	$plugins->run_hooks("usercp_declinerequest_end");

	redirect("usercp.php?action=editlists", $lang->buddyrequest_declined);
}

elseif($mybb->input['action'] == "cancelrequest")

	$plugins->run_hooks("usercp_declinerequest_end");

	redirect("usercp.php?action=editlists", $lang->buddyrequest_declined);
}

elseif($mybb->input['action'] == "cancelrequest")

	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND uid='.(int)$mybb->user['uid']);
	$request = $db->fetch_array($query);

	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND uid='.(int)$mybb->user['uid']);
	$request = $db->fetch_array($query);

		}
	}
	else

		}
	}
	else

		if($mybb->user['buddylist'])
		{
			$existing_users = explode(",", $mybb->user['buddylist']);

		if($mybb->user['buddylist'])
		{
			$existing_users = explode(",", $mybb->user['buddylist']);

					send_pm($pm);

					$sent = true;

					send_pm($pm);

					$sent = true;

				elseif($mybb->get_input('manage') == "ignored")
				{
					$existing_users[] = $user['uid'];

				elseif($mybb->get_input('manage') == "ignored")
				{
					$existing_users[] = $user['uid'];

				// And clean it up a little to ensure there is no possibility of bad values
				$new_list = preg_replace("#,{2,}#", ",", $new_list);
				$new_list = preg_replace("#[^0-9,]#", "", $new_list);

				// And clean it up a little to ensure there is no possibility of bad values
				$new_list = preg_replace("#,{2,}#", ",", $new_list);
				$new_list = preg_replace("#[^0-9,]#", "", $new_list);

				if(my_substr($new_list, 0, 1) == ",")
				{
					$new_list = my_substr($new_list, 1);

				if(my_substr($new_list, 0, 1) == ",")
				{
					$new_list = my_substr($new_list, 1);

		if($error_message)
		{
			$message_js .= " $.jGrowl('{$error_message}', {theme:'jgrowl_error'});";

		if($error_message)
		{
			$message_js .= " $.jGrowl('{$error_message}', {theme:'jgrowl_error'});";

		if($mybb->get_input('delete', MyBB::INPUT_INT))
		{

		if($mybb->get_input('delete', MyBB::INPUT_INT))
		{

	$plugins->run_hooks("usercp_editlists_start");

	$timecut = TIME_NOW - $mybb->settings['wolcutoff'];

	$plugins->run_hooks("usercp_editlists_start");

	$timecut = TIME_NOW - $mybb->settings['wolcutoff'];

	// Fetch out buddies
	$buddy_count = 0;
	$buddy_list = '';

	// Fetch out buddies
	$buddy_count = 0;
	$buddy_list = '';

	}

	if($received_rows == '')

	}

	if($received_rows == '')

		eval("\$received_rows = \"".$templates->get("usercp_editlists_no_requests")."\";");
	}

		eval("\$received_rows = \"".$templates->get("usercp_editlists_no_requests")."\";");
	}

	if($mybb->settings['enableattachments'] == 0)
	{
		error($lang->attachments_disabled);

	if($mybb->settings['enableattachments'] == 0)
	{
		error($lang->attachments_disabled);

	}

	$attachments = '';

	}

	$attachments = '';

	// Pagination
	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

	// Pagination
	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

	if($page > 0)
	{
		$start = ($page-1) * $perpage;

	if($page > 0)
	{
		$start = ($page-1) * $perpage;

	}
	else
	{
		$start = 0;
		$page = 1;
	}

	}
	else
	{
		$start = 0;
		$page = 1;
	}

	$end = $start + $perpage;
	$lower = $start+1;

	$query = $db->query("
		SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubject

	$end = $start + $perpage;
	$lower = $start+1;

	$query = $db->query("
		SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubject

		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)

		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)

		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
	");

		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
	");

		}
	}

		}
	}

	$totalusage = $usage['ausage'];

	$totalusage = $usage['ausage'];

	$friendlyusage = get_friendly_size((int)$totalusage);
	if($mybb->usergroup['attachquota'])
	{

	$friendlyusage = get_friendly_size((int)$totalusage);
	if($mybb->usergroup['attachquota'])
	{

	{
		$attachquota = $lang->unlimited;
		$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);

	{
		$attachquota = $lang->unlimited;
		$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);

	$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
	$bandwidth = get_friendly_size($bandwidth);

	$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
	$bandwidth = get_friendly_size($bandwidth);

	{
		error($lang->no_attachments_selected);
	}

	{
		error($lang->no_attachments_selected);
	}

	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	while($attachment = $db->fetch_array($query))
	{
		remove_attachment($attachment['pid'], '', $attachment['aid']);

	while($attachment = $db->fetch_array($query))
	{
		remove_attachment($attachment['pid'], '', $attachment['aid']);