Vergleich inc/datahandlers/user.php - 1.8.8 - 1.8.21

		}

		// Has the user tried to use their email address or username as a password?

		}

		// Has the user tried to use their email address or username as a password?

		{

		{

		}

		// See if the board has "require complex passwords" enabled.

		}

		// See if the board has "require complex passwords" enabled.

			$this->set_error("passwords_dont_match");
			return false;
		}

			$this->set_error("passwords_dont_match");
			return false;
		}

		// Generate the user login key
		$user['loginkey'] = generate_loginkey();

		// Generate the user login key
		$user['loginkey'] = generate_loginkey();

		return true;
	}

		return true;
	}

	/**

	/**

	*
	* @return boolean True when valid, false when invalid.
	*/

	*
	* @return boolean True when valid, false when invalid.
	*/

	{

	{

		$user = &$this->data;

		// Check if an email address has actually been entered.

		$user = &$this->data;

		// Check if an email address has actually been entered.

		if(isset($user['email2']) && $user['email'] != $user['email2'])
		{
			$this->set_error("emails_dont_match");

		if(isset($user['email2']) && $user['email'] != $user['email2'])
		{
			$this->set_error("emails_dont_match");

	* Verifies if a website is valid or not.
	*
	* @return boolean True when valid, false when invalid.

	* Verifies if a website is valid or not.
	*
	* @return boolean True when valid, false when invalid.

			$this->set_error("invalid_birthday");
			return false;
		}

			$this->set_error("invalid_birthday");
			return false;
		}

		{
			// Error if birth date is in future
			if($birthday['month'] > date("m") || ($birthday['month'] == date("m") && $birthday['day'] > date("d")))

		{
			// Error if birth date is in future
			if($birthday['month'] > date("m") || ($birthday['month'] == date("m") && $birthday['day'] > date("d")))

		if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 || !$birthday['year']))
		{
			$this->set_error("invalid_birthday_coppa");

		if($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 || !$birthday['year']))
		{
			$this->set_error("invalid_birthday_coppa");

		}
		elseif(($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) && !is_moderator())
		{

		}
		elseif(($mybb->settings['coppa'] == "deny" && $birthday['year'] > (date("Y")-13)) && !is_moderator())
		{

						$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
					}

						$this->set_error('max_limit_reached', array($profilefield['name'], $profilefield['maxlength']));
					}

					{
						$this->set_error('bad_profile_field_value', array($profilefield['name']));
					}

					{
						$this->set_error('bad_profile_field_value', array($profilefield['name']));
					}

		{
			$options['dst'] = 1;
		}

		{
			$options['dst'] = 1;
		}

		{
			$options['dst'] = 0;
		}

		{
			$options['dst'] = 0;
		}

			$user['away']['awayreason'] = '';
			return true;
		}

			$user['away']['awayreason'] = '';
			return true;
		}

		{

		{

			list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']);
			if(!$returnday || !$returnmonth || !$returnyear)
			{

			list($returnday, $returnmonth, $returnyear) = explode('-', $user['away']['returndate']);
			if(!$returnday || !$returnmonth || !$returnyear)
			{

	 * @return boolean True when valid, false when invalid.
	 */
	function verify_language()

	 * @return boolean True when valid, false when invalid.
	 */
	function verify_language()

		$language = &$this->data['language'];

		$language = &$this->data['language'];

		if($this->method == "insert" || array_key_exists('email', $user))
		{
			$this->verify_email();

		if($this->method == "insert" || array_key_exists('email', $user))
		{
			$this->verify_email();

		if($this->method == "insert" || array_key_exists('website', $user))
		{
			$this->verify_website();

		if($this->method == "insert" || array_key_exists('website', $user))
		{
			$this->verify_website();

		if($this->method == "insert" || array_key_exists('icq', $user))
		{
			$this->verify_icq();

		if($this->method == "insert" || array_key_exists('icq', $user))
		{
			$this->verify_icq();

		if($this->method == "insert" || (isset($user['birthday']) && is_array($user['birthday'])))

		if($this->method == "insert" || (isset($user['birthday']) && is_array($user['birthday'])))

			$this->verify_birthday();
		}
		if($this->method == "insert" || array_key_exists('postnum', $user))

			$this->verify_birthday();
		}
		if($this->method == "insert" || array_key_exists('postnum', $user))

		if($this->method == "insert" || array_key_exists('threadnum', $user))
		{
			$this->verify_threadnum();

		if($this->method == "insert" || array_key_exists('threadnum', $user))
		{
			$this->verify_threadnum();

		if($this->method == "insert" || array_key_exists('profile_fields', $user))
		{
			$this->verify_profile_fields();

		if($this->method == "insert" || array_key_exists('profile_fields', $user))
		{
			$this->verify_profile_fields();

		if(count($this->get_errors()) > 0)
		{
			die("The user is not valid.");

		if(count($this->get_errors()) > 0)
		{
			die("The user is not valid.");

		foreach($array as $value)
		{
			if(!isset($user[$value]))

		foreach($array as $value)
		{
			if(!isset($user[$value]))

		$this->user_insert_data = array(
			"username" => $db->escape_string($user['username']),

		$this->user_insert_data = array(
			"username" => $db->escape_string($user['username']),

			"salt" => $user['salt'],
			"loginkey" => $user['loginkey'],
			"email" => $db->escape_string($user['email']),

			"salt" => $user['salt'],
			"loginkey" => $user['loginkey'],
			"email" => $db->escape_string($user['email']),

			"lastvisit" => (int)$user['lastvisit'],
			"website" => $db->escape_string($user['website']),
			"icq" => (int)$user['icq'],

			"lastvisit" => (int)$user['lastvisit'],
			"website" => $db->escape_string($user['website']),
			"icq" => (int)$user['icq'],

			"yahoo" => $db->escape_string($user['yahoo']),
			"skype" => $db->escape_string($user['skype']),
			"google" => $db->escape_string($user['google']),

			"yahoo" => $db->escape_string($user['yahoo']),
			"skype" => $db->escape_string($user['skype']),
			"google" => $db->escape_string($user['google']),

		{
			$this->user_insert_data['dst'] = 1;
		}

		{
			$this->user_insert_data['dst'] = 1;
		}

		{
			$this->user_insert_data['dst'] = 0;
		}

		{
			$this->user_insert_data['dst'] = 0;
		}

		{
			$this->user_update_data['username'] = $db->escape_string($user['username']);
		}

		{
			$this->user_update_data['username'] = $db->escape_string($user['username']);
		}

		{

		{

			$this->user_update_data['salt'] = $user['salt'];

			$this->user_update_data['salt'] = $user['salt'];

			$this->user_update_data['loginkey'] = $user['loginkey'];
		}
		if(isset($user['email']))

			$this->user_update_data['loginkey'] = $user['loginkey'];
		}
		if(isset($user['email']))

		}
		if(isset($user['postnum']))
		{
			$this->user_update_data['postnum'] = (int)$user['postnum'];

		}
		if(isset($user['postnum']))
		{
			$this->user_update_data['postnum'] = (int)$user['postnum'];

		if(isset($user['threadnum']))
		{
			$this->user_update_data['threadnum'] = (int)$user['threadnum'];

		if(isset($user['threadnum']))
		{
			$this->user_update_data['threadnum'] = (int)$user['threadnum'];

		if(isset($user['avatar']))

		if(isset($user['avatar']))

			$this->user_update_data['avatar'] = $db->escape_string($user['avatar']);
			$this->user_update_data['avatartype'] = $db->escape_string($user['avatartype']);
		}

			$this->user_update_data['avatar'] = $db->escape_string($user['avatar']);
			$this->user_update_data['avatartype'] = $db->escape_string($user['avatartype']);
		}

		if(isset($user['displaygroup']))
		{
			$this->user_update_data['displaygroup'] = (int)$user['displaygroup'];

		if(isset($user['displaygroup']))
		{
			$this->user_update_data['displaygroup'] = (int)$user['displaygroup'];

		if(isset($user['usertitle']))

		if(isset($user['usertitle']))

			$this->user_update_data['usertitle'] = $db->escape_string($user['usertitle']);

			$this->user_update_data['usertitle'] = $db->escape_string($user['usertitle']);

		if(isset($user['regdate']))

		if(isset($user['regdate']))

			$this->user_update_data['regdate'] = (int)$user['regdate'];

			$this->user_update_data['regdate'] = (int)$user['regdate'];

		if(isset($user['lastactive']))
		{
			$this->user_update_data['lastactive'] = (int)$user['lastactive'];

		if(isset($user['lastactive']))
		{
			$this->user_update_data['lastactive'] = (int)$user['lastactive'];

			$this->user_update_data['lastvisit'] = (int)$user['lastvisit'];
		}
		if(isset($user['signature']))

			$this->user_update_data['lastvisit'] = (int)$user['lastvisit'];
		}
		if(isset($user['signature']))

			$this->user_update_data['signature'] = $db->escape_string($user['signature']);

			$this->user_update_data['signature'] = $db->escape_string($user['signature']);

		if(isset($user['website']))

		if(isset($user['website']))

			$this->user_update_data['website'] = $db->escape_string($user['website']);

			$this->user_update_data['website'] = $db->escape_string($user['website']);

		if(isset($user['icq']))

		if(isset($user['icq']))

			$this->user_update_data['icq'] = (int)$user['icq'];

			$this->user_update_data['icq'] = (int)$user['icq'];

		}
		if(isset($user['yahoo']))
		{

		}
		if(isset($user['yahoo']))
		{

			$this->user_update_data['regip'] = $db->escape_string($user['regip']);
		}
		if(isset($user['language']))

			$this->user_update_data['regip'] = $db->escape_string($user['regip']);
		}
		if(isset($user['language']))

			$this->user_update_data['language'] = $db->escape_string($user['language']);
		}
		if(isset($user['away']))

			$this->user_update_data['language'] = $db->escape_string($user['language']);
		}
		if(isset($user['away']))

		if($old_user['pmnotice'] == "2" && $this->user_update_data['pmnotice'] == 1)
		{
			unset($this->user_update_data['pmnotice']);

		if($old_user['pmnotice'] == "2" && $this->user_update_data['pmnotice'] == 1)
		{
			unset($this->user_update_data['pmnotice']);

		if(count($this->user_update_data) < 1 && empty($user['user_fields']))
		{

		if(count($this->user_update_data) < 1 && empty($user['user_fields']))
		{

					$user_fields[$field['Field']] = '';
				}
				$db->insert_query("userfields", $user_fields);

					$user_fields[$field['Field']] = '';
				}
				$db->insert_query("userfields", $user_fields);

			$db->update_query("userfields", $user['user_fields'], "ufid='{$user['uid']}'", false);
		}

			$db->update_query("userfields", $user['user_fields'], "ufid='{$user['uid']}'", false);
		}

			{
				// User was latest to register, update stats
				update_stats(array("numusers" => "+0"));

			{
				// User was latest to register, update stats
				update_stats(array("numusers" => "+0"));

		return true;
	}

		return true;
	}

	/**
	 * Provides a method to completely delete a user.
	 *

	/**
	 * Provides a method to completely delete a user.
	 *

		if(count($this->get_errors()) > 0)
		{
			die('The user is not valid.');

		if(count($this->get_errors()) > 0)
		{
			die('The user is not valid.');

		foreach($this->delete_uids as $key => $uid)
		{
			if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])

		foreach($this->delete_uids as $key => $uid)
		{
			if(!$uid || is_super_admin($uid) || $uid == $mybb->user['uid'])

				unset($this->delete_uids[$key]);
			}
		}

				unset($this->delete_uids[$key]);
			}
		}

		$plugins->run_hooks('datahandler_user_delete_start', $this);

		$this->delete_uids = implode(',', $this->delete_uids);

		$plugins->run_hooks('datahandler_user_delete_start', $this);

		$this->delete_uids = implode(',', $this->delete_uids);

			);

			return $this->return_values;

			);

			return $this->return_values;

		// Delete the user
		$query = $db->delete_query('users', "uid IN({$this->delete_uids})");

		// Delete the user
		$query = $db->delete_query('users', "uid IN({$this->delete_uids})");

		$db->update_query('privatemessages', array('fromid' => 0), "fromid IN({$this->delete_uids})");
		$db->update_query('users', array('referrer' => 0), "referrer IN({$this->delete_uids})");

		$db->update_query('privatemessages', array('fromid' => 0), "fromid IN({$this->delete_uids})");
		$db->update_query('users', array('referrer' => 0), "referrer IN({$this->delete_uids})");

		// Update thread ratings
		$query = $db->query("
			SELECT r.*, t.numratings, t.totalratings

		// Update thread ratings
		$query = $db->query("
			SELECT r.*, t.numratings, t.totalratings

		$cache->update_forumsdisplay();
		$cache->update_reportedcontent();
		$cache->update_awaitingactivation();

		$cache->update_forumsdisplay();
		$cache->update_reportedcontent();
		$cache->update_awaitingactivation();

		return $this->return_values;
	}

		return $this->return_values;
	}

	 * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)
	 */
	function delete_content($delete_uids=false)

	 * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)
	 */
	function delete_content($delete_uids=false)

					unset($this->delete_uids[$key]);
				}
			}

					unset($this->delete_uids[$key]);
				}
			}

		// Update the reports made by the deleted users by setting the uid to 0
		$db->update_query('reportedcontent', array('uid' => 0), "uid IN({$this->delete_uids})");

		// Update the reports made by the deleted users by setting the uid to 0
		$db->update_query('reportedcontent', array('uid' => 0), "uid IN({$this->delete_uids})");

	/**
	 * Provides a method to delete an users posts and threads
	 *
	 * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)
	 */
	function delete_posts($delete_uids=false)

	/**
	 * Provides a method to delete an users posts and threads
	 *
	 * @param array|bool $delete_uids Array of user ids, false if they're already set (eg when using the delete_user function)
	 */
	function delete_posts($delete_uids=false)

		require_once MYBB_ROOT.'inc/class_moderation.php';
		$moderation = new Moderation();

		require_once MYBB_ROOT.'inc/class_moderation.php';
		$moderation = new Moderation();

		$plugins->run_hooks('datahandler_user_delete_posts', $this);

		if(empty($this->delete_uids))
		{
			return;

		$plugins->run_hooks('datahandler_user_delete_posts', $this);

		if(empty($this->delete_uids))
		{
			return;

		// Threads
		$query = $db->simple_select('threads', 'tid', "uid IN({$this->delete_uids})");

		// Threads
		$query = $db->simple_select('threads', 'tid', "uid IN({$this->delete_uids})");

		while($pid = $db->fetch_field($query, 'pid'))
		{
			$moderation->delete_post($pid);

		while($pid = $db->fetch_field($query, 'pid'))
		{
			$moderation->delete_post($pid);

	/**
	 * Provides a method to clear an users profile

	/**
	 * Provides a method to clear an users profile

					unset($this->delete_uids[$key]);
				}
			}

					unset($this->delete_uids[$key]);
				}
			}

			$this->delete_uids = implode(',', $this->delete_uids);
		}

			$this->delete_uids = implode(',', $this->delete_uids);
		}

			"website" => "",
			"birthday" => "",
			"icq" => "",

			"website" => "",
			"birthday" => "",
			"icq" => "",

			"yahoo" => "",
			"skype" => "",
			"google" => "",

			"yahoo" => "",
			"skype" => "",
			"google" => "",

		);

		if($gid > 0)

		);

		if($gid > 0)

			$update["usergroup"] = (int)$gid;

			$update["usergroup"] = (int)$gid;

		if(empty($this->delete_uids))

		if(empty($this->delete_uids))

			return;

			return;

		$db->update_query("users", $update, "uid IN({$this->delete_uids})");
		$db->delete_query('userfields', "ufid IN({$this->delete_uids})");

		$db->update_query("users", $update, "uid IN({$this->delete_uids})");
		$db->delete_query('userfields', "ufid IN({$this->delete_uids})");

		// Remove any of the user(s) uploaded avatars
		require_once MYBB_ROOT.'inc/functions_upload.php';
		foreach(explode(',', $this->delete_uids) as $uid)

		// Remove any of the user(s) uploaded avatars
		require_once MYBB_ROOT.'inc/functions_upload.php';
		foreach(explode(',', $this->delete_uids) as $uid)

	public function verify_signature()
	{
		global $mybb, $parser;

	public function verify_signature()
	{
		global $mybb, $parser;

		if(!isset($parser))
		{
			require_once MYBB_ROOT."inc/class_parser.php";
			$parser = new postParser;
		}

		if(!isset($parser))
		{
			require_once MYBB_ROOT."inc/class_parser.php";
			$parser = new postParser;
		}

		$parser_options = array(
			'allow_html' => $mybb->settings['sightml'],
			'filter_badwords' => 1,

		$parser_options = array(
			'allow_html' => $mybb->settings['sightml'],
			'filter_badwords' => 1,

			'allow_imgcode' => $mybb->settings['sigimgcode'],
			"filter_badwords" => 1
		);

			'allow_imgcode' => $mybb->settings['sigimgcode'],
			"filter_badwords" => 1
		);

		$parsed_sig = $parser->parse_message($this->data['signature'], $parser_options);

		if((($mybb->settings['sigimgcode'] == 0 && $mybb->settings['sigsmilies'] != 1) &&

		$parsed_sig = $parser->parse_message($this->data['signature'], $parser_options);

		if((($mybb->settings['sigimgcode'] == 0 && $mybb->settings['sigsmilies'] != 1) &&

		)
		{
			$imgsallowed = 0;

		)
		{
			$imgsallowed = 0;

			if($mybb->settings['sigimgcode'] == 1)
			{
				$imgsallowed = $mybb->settings['maxsigimages'];

			if($mybb->settings['sigimgcode'] == 1)
			{
				$imgsallowed = $mybb->settings['maxsigimages'];

		if($mybb->settings['sigcountmycode'] == 0)
		{

		if($mybb->settings['sigcountmycode'] == 0)
		{

		}
		else
		{

		}
		else
		{