Vergleich inc/functions.php - 1.8.13 - 1.8.22

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 18	Zeile 18
global $db, $lang, $theme, $templates, $plugins, $mybb; global $debug, $templatecache, $templatelist, $maintimer, $globaltime, $parsetime;	global $db, $lang, $theme, $templates, $plugins, $mybb; global $debug, $templatecache, $templatelist, $maintimer, $globaltime, $parsetime;
	$contents = $plugins->run_hooks("pre_parse_page", $contents);
$contents = parse_page($contents); $totaltime = format_time_duration($maintimer->stop()); $contents = $plugins->run_hooks("pre_output_page", $contents);	$contents = parse_page($contents); $totaltime = format_time_duration($maintimer->stop()); $contents = $plugins->run_hooks("pre_output_page", $contents);
Zeile 623	Zeile 624
// Guests get a special string else {	// Guests get a special string else {
return md5($session->useragent.$mybb->config['database']['username'].$mybb->settings['internal']['encryption_key']);	return md5($session->sid.$mybb->config['database']['username'].$mybb->settings['internal']['encryption_key']);
} }	} }
Zeile 868	Zeile 869
foreach($errors as $error) {	foreach($errors as $error) {
$errorlist .= "<li>".$error."</li>\n";	eval("\$errorlist .= \"".$templates->get("error_inline_item")."\";");
} eval("\$errors = \"".$templates->get("error_inline")."\";");	} eval("\$errors = \"".$templates->get("error_inline")."\";");
Zeile 1036	Zeile 1037
{ return ''; }	{ return ''; }
	$page = (int)$page;
$url = str_replace("&", "&", $url); $url = htmlspecialchars_uni($url);	$url = str_replace("&", "&", $url); $url = htmlspecialchars_uni($url);
Zeile 1066	Zeile 1069
} if($to > $pages)	} if($to > $pages)
{	{
$to = $pages; $from = $pages-$mybb->settings['maxmultipagelinks']+1; if($from <= 0)	$to = $pages; $from = $pages-$mybb->settings['maxmultipagelinks']+1; if($from <= 0)
Zeile 1110	Zeile 1113
else { eval("\$mppage .= \"".$templates->get("multipage_page")."\";");	else { eval("\$mppage .= \"".$templates->get("multipage_page")."\";");
} }	} }
$end = ''; if($to < $pages)	$end = ''; if($to < $pages)
Zeile 1139	Zeile 1142
// When the second parameter is set to 1, fetch_page_url thinks it's the first page and removes it from the URL as it's unnecessary $jump_url = fetch_page_url($url, 1); eval("\$jumptopage = \"".$templates->get("multipage_jump_page")."\";");	// When the second parameter is set to 1, fetch_page_url thinks it's the first page and removes it from the URL as it's unnecessary $jump_url = fetch_page_url($url, 1); eval("\$jumptopage = \"".$templates->get("multipage_jump_page")."\";");
} $lang->multipage_pages = $lang->sprintf($lang->multipage_pages, $pages);	} $multipage_pages = $lang->sprintf($lang->multipage_pages, $pages);
if($breadcrumb == true)	if($breadcrumb == true)
{	{
eval("\$multipage = \"".$templates->get("multipage_breadcrumb")."\";");	eval("\$multipage = \"".$templates->get("multipage_breadcrumb")."\";");
}	}
else { eval("\$multipage = \"".$templates->get("multipage")."\";");	else { eval("\$multipage = \"".$templates->get("multipage")."\";");
Zeile 1157	Zeile 1160
/** * Generate a page URL for use by the multipage function	/** * Generate a page URL for use by the multipage function
*	*
* @param string $url The URL being passed * @param int $page The page number * @return string	* @param string $url The URL being passed * @param int $page The page number * @return string
Zeile 1186	Zeile 1189
else { $url .= "&";	else { $url .= "&";
}	}
$url .= "page=$page";	$url .= "page=$page";
}	}
else { $url = str_replace("{page}", $page, $url); }	else { $url = str_replace("{page}", $page, $url); }

return $url; } /** * Fetch the permissions for a specific user *	return $url; } /** * Fetch the permissions for a specific user *
* @param int $uid The user ID	* @param int $uid The user ID, if no user ID is provided then current user's ID will be considered.
* @return array Array of user permissions for the specified user */	* @return array Array of user permissions for the specified user */
function user_permissions($uid=0)	function user_permissions($uid=null)
{ global $mybb, $cache, $groupscache, $user_cache; // If no user id is specified, assume it is the current user	{ global $mybb, $cache, $groupscache, $user_cache; // If no user id is specified, assume it is the current user
	if($uid === null) { $uid = $mybb->user['uid']; } // Its a guest. Return the group permissions directly from cache
if($uid == 0) {	if($uid == 0) {
$uid = $mybb->user['uid'];	return $groupscache[1];
} // User id does not match current user, fetch permissions	} // User id does not match current user, fetch permissions
Zeile 1278	Zeile 1287
} foreach($groupscache[$gid] as $perm => $access)	} foreach($groupscache[$gid] as $perm => $access)
{	{
if(!in_array($perm, $grouppermignore)) { if(isset($usergroup[$perm]))	if(!in_array($perm, $grouppermignore)) { if(isset($usergroup[$perm]))
Zeile 1758	Zeile 1767
if(isset($modusers['users'][$uid]) && $modusers['users'][$uid]['mid'] && (!$action \|\| !empty($modusers['users'][$uid][$action]))) { return true;	if(isset($modusers['users'][$uid]) && $modusers['users'][$uid]['mid'] && (!$action \|\| !empty($modusers['users'][$uid][$action]))) { return true;
}	}
$groups = explode(',', $user_perms['all_usergroups']); foreach($groups as $group)	$groups = explode(',', $user_perms['all_usergroups']); foreach($groups as $group)
Zeile 1772	Zeile 1781
} } return false;	} } return false;
} else	} else
{ $modperms = get_moderator_permissions($fid, $uid);	{ $modperms = get_moderator_permissions($fid, $uid);
Zeile 1813	Zeile 1822
$iconlist = ''; $no_icons_checked = " checked=\"checked\""; // read post icons from cache, and sort them accordingly	$iconlist = ''; $no_icons_checked = " checked=\"checked\""; // read post icons from cache, and sort them accordingly
$posticons_cache = $cache->read("posticons");	$posticons_cache = (array)$cache->read("posticons");
$posticons = array(); foreach($posticons_cache as $posticon) {	$posticons = array(); foreach($posticons_cache as $posticon) {
Zeile 1859	Zeile 1868
* @param string $value The cookie value. * @param int\|string $expires The timestamp of the expiry date. * @param boolean $httponly True if setting a HttpOnly cookie (supported by the majority of web browsers)	* @param string $value The cookie value. * @param int\|string $expires The timestamp of the expiry date. * @param boolean $httponly True if setting a HttpOnly cookie (supported by the majority of web browsers)
	* @param string $samesite The samesite attribute to prevent CSRF.
*/	*/
function my_setcookie($name, $value="", $expires="", $httponly=false)	function my_setcookie($name, $value="", $expires="", $httponly=false, $samesite="")
{ global $mybb; if(!$mybb->settings['cookiepath'])	{ global $mybb; if(!$mybb->settings['cookiepath'])
{	{
$mybb->settings['cookiepath'] = "/";	$mybb->settings['cookiepath'] = "/";
}	}
if($expires == -1) {	if($expires == -1) {
Zeile 1880	Zeile 1890
else { $expires = TIME_NOW + (int)$expires;	else { $expires = TIME_NOW + (int)$expires;
}	}
$mybb->settings['cookiepath'] = str_replace(array("\n","\r"), "", $mybb->settings['cookiepath']); $mybb->settings['cookiedomain'] = str_replace(array("\n","\r"), "", $mybb->settings['cookiedomain']);	$mybb->settings['cookiepath'] = str_replace(array("\n","\r"), "", $mybb->settings['cookiepath']); $mybb->settings['cookiedomain'] = str_replace(array("\n","\r"), "", $mybb->settings['cookiedomain']);
Zeile 1888	Zeile 1898
// Versions of PHP prior to 5.2 do not support HttpOnly cookies and IE is buggy when specifying a blank domain so set the cookie manually $cookie = "Set-Cookie: {$mybb->settings['cookieprefix']}{$name}=".urlencode($value);	// Versions of PHP prior to 5.2 do not support HttpOnly cookies and IE is buggy when specifying a blank domain so set the cookie manually $cookie = "Set-Cookie: {$mybb->settings['cookieprefix']}{$name}=".urlencode($value);

if($expires > 0) { $cookie .= "; expires=".@gmdate('D, d-M-Y H:i:s \\G\\M\\T', $expires); } if(!empty($mybb->settings['cookiepath']))	if($expires > 0) { $cookie .= "; expires=".@gmdate('D, d-M-Y H:i:s \\G\\M\\T', $expires); } if(!empty($mybb->settings['cookiepath']))
{	{
$cookie .= "; path={$mybb->settings['cookiepath']}";	$cookie .= "; path={$mybb->settings['cookiepath']}";
}	}
if(!empty($mybb->settings['cookiedomain'])) { $cookie .= "; domain={$mybb->settings['cookiedomain']}";	if(!empty($mybb->settings['cookiedomain'])) { $cookie .= "; domain={$mybb->settings['cookiedomain']}";
}	}
if($httponly == true)	if($httponly == true)
{	{
$cookie .= "; HttpOnly";	$cookie .= "; HttpOnly";
	} if($samesite != "" && $mybb->settings['cookiesamesiteflag']) { $samesite = strtolower($samesite); if($samesite == "lax" \|\| $samesite == "strict") { $cookie .= "; SameSite=".$samesite; }
} if($mybb->settings['cookiesecureflag'])	} if($mybb->settings['cookiesecureflag'])
{	{
$cookie .= "; Secure"; }	$cookie .= "; Secure"; }
Zeile 1925	Zeile 1945
* @param string $name The cookie identifier. */ function my_unsetcookie($name)	* @param string $name The cookie identifier. */ function my_unsetcookie($name)
{	{
global $mybb;	global $mybb;

$expires = -3600; my_setcookie($name, "", $expires);	$expires = -3600; my_setcookie($name, "", $expires);
Zeile 1940	Zeile 1960
* @param string $name The cookie identifier. * @param int $id The cookie content id. * @return array\|boolean The cookie id's content array or false when non-existent.	* @param string $name The cookie identifier. * @param int $id The cookie content id. * @return array\|boolean The cookie id's content array or false when non-existent.
*/	*/
function my_get_array_cookie($name, $id) { global $mybb;	function my_get_array_cookie($name, $id) { global $mybb;

if(!isset($mybb->cookies['mybb'][$name]))	if(!isset($mybb->cookies['mybb'][$name]))
{	{
return false;	return false;
} $cookie = my_unserialize($mybb->cookies['mybb'][$name]); if(is_array($cookie) && isset($cookie[$id])) { return $cookie[$id]; }	} $cookie = my_unserialize($mybb->cookies['mybb'][$name]); if(is_array($cookie) && isset($cookie[$id])) { return $cookie[$id]; }
else { return 0;	else { return 0;
Zeile 1998	Zeile 2018
define('MAX_SERIALIZED_INPUT_LENGTH', 10240); define('MAX_SERIALIZED_ARRAY_LENGTH', 256); define('MAX_SERIALIZED_ARRAY_DEPTH', 5);	define('MAX_SERIALIZED_INPUT_LENGTH', 10240); define('MAX_SERIALIZED_ARRAY_LENGTH', 256); define('MAX_SERIALIZED_ARRAY_DEPTH', 5);
/** * Credits go to https://github.com/piwik	/** * Credits go to https://github.com/piwik
* Safe unserialize() replacement * - accepts a strict subset of PHP's native my_serialized representation * - does not unserialize objects	* Safe unserialize() replacement * - accepts a strict subset of PHP's native my_serialized representation * - does not unserialize objects
Zeile 2022	Zeile 2042
return false; }	return false; }
$stack = array(); $expected = array();	$stack = $list = $expected = array();
/* * states:	/* * states:
Zeile 2702	Zeile 2721
if((int)$changes[$counter] != 0) { $update_query[$counter] = $thread[$counter] + $changes[$counter];	if((int)$changes[$counter] != 0) { $update_query[$counter] = $thread[$counter] + $changes[$counter];
} } else { $update_query[$counter] = $changes[$counter]; } // Less than 0? That's bad if(isset($update_query[$counter]) && $update_query[$counter] < 0) { $update_query[$counter] = 0; } } } $db->free_result($query); // Only update if we're actually doing something	} } else { $update_query[$counter] = $changes[$counter]; } // Less than 0? That's bad if(isset($update_query[$counter]) && $update_query[$counter] < 0) { $update_query[$counter] = 0; } } } $db->free_result($query); // Only update if we're actually doing something
if(count($update_query) > 0) { $db->update_query("threads", $update_query, "tid='{$tid}'");	if(count($update_query) > 0) { $db->update_query("threads", $update_query, "tid='{$tid}'");
Zeile 2959	Zeile 2978
{ $newdepth = $depth."--"; $forumjumpbits .= build_forum_jump($forum['fid'], $selitem, 0, $newdepth, $showextras, $showall);	{ $newdepth = $depth."--"; $forumjumpbits .= build_forum_jump($forum['fid'], $selitem, 0, $newdepth, $showextras, $showall);
} } } }	} } } }
} if($addselect)	} if($addselect)
Zeile 3000	Zeile 3019
function get_extension($file) { return my_strtolower(my_substr(strrchr($file, "."), 1));	function get_extension($file) { return my_strtolower(my_substr(strrchr($file, "."), 1));
}	}
/** * Generates a random string.	/** * Generates a random string.
Zeile 3013	Zeile 3032
{ $set = array_merge(range(0, 9), range('A', 'Z'), range('a', 'z')); $str = array();	{ $set = array_merge(range(0, 9), range('A', 'Z'), range('a', 'z')); $str = array();

// Complex strings have always at least 3 characters, even if $length < 3 if($complex == true) {	// Complex strings have always at least 3 characters, even if $length < 3 if($complex == true) {
Zeile 3050	Zeile 3069
*/ function format_name($username, $usergroup, $displaygroup=0) {	*/ function format_name($username, $usergroup, $displaygroup=0) {
global $groupscache, $cache; if(!is_array($groupscache))	global $groupscache, $cache, $plugins; static $formattednames = array(); if(!isset($formattednames[$username]))
{	{
$groupscache = $cache->read("usergroups"); } if($displaygroup != 0) { $usergroup = $displaygroup; }	if(!is_array($groupscache)) { $groupscache = $cache->read("usergroups"); } if($displaygroup != 0) { $usergroup = $displaygroup; } $format = "{username}"; if(isset($groupscache[$usergroup])) { $ugroup = $groupscache[$usergroup]; if(strpos($ugroup['namestyle'], "{username}") !== false) { $format = $ugroup['namestyle']; } } $format = stripslashes($format); $parameters = compact('username', 'usergroup', 'displaygroup', 'format'); $parameters = $plugins->run_hooks('format_name', $parameters);

$ugroup = $groupscache[$usergroup]; $format = $ugroup['namestyle']; $userin = substr_count($format, "{username}");	$format = $parameters['format'];

if($userin == 0) { $format = "{username}";	$formattednames[$username] = str_replace("{username}", $username, $format);
}	}
$format = stripslashes($format); return str_replace("{username}", $username, $format);	return $formattednames[$username];
} /**	} /**
Zeile 3138	Zeile 3173
if($dimensions) {	if($dimensions) {
$dimensions = explode("\|", $dimensions);	$dimensions = preg_split('/[\|x]/', $dimensions);
if($dimensions[0] && $dimensions[1]) {	if($dimensions[0] && $dimensions[1]) {
list($max_width, $max_height) = explode('x', $max_dimensions);	list($max_width, $max_height) = preg_split('/[\|x]/', $max_dimensions);
if(!empty($max_dimensions) && ($dimensions[0] > $max_width \|\| $dimensions[1] > $max_height)) {	if(!empty($max_dimensions) && ($dimensions[0] > $max_width \|\| $dimensions[1] > $max_height)) {
Zeile 3239	Zeile 3274
"editor_invalidyoutube" => "Invalid YouTube video", "editor_dailymotion" => "Dailymotion", "editor_metacafe" => "MetaCafe",	"editor_invalidyoutube" => "Invalid YouTube video", "editor_dailymotion" => "Dailymotion", "editor_metacafe" => "MetaCafe",
"editor_veoh" => "Veoh",	"editor_mixer" => "Mixer",
"editor_vimeo" => "Vimeo", "editor_youtube" => "Youtube", "editor_facebook" => "Facebook",	"editor_vimeo" => "Vimeo", "editor_youtube" => "Youtube", "editor_facebook" => "Facebook",
Zeile 3409	Zeile 3444
} return $codeinsert;	} return $codeinsert;
	} /** * @param int $tid * @param array $postoptions The options carried with form submit * * @return string Predefined / updated subscription method of the thread for the user */ function get_subscription_method($tid = 0, $postoptions = array()) { global $mybb; $subscription_methods = array('', 'none', 'email', 'pm'); // Define methods $subscription_method = (int)$mybb->user['subscriptionmethod']; // Set user default // If no user default method available then reset method if(!$subscription_method) { $subscription_method = 0; } // Return user default if no thread id available, in case if(!(int)$tid \|\| (int)$tid <= 0) { return $subscription_methods[$subscription_method]; } // If method not predefined set using data from database if(isset($postoptions['subscriptionmethod'])) { $method = trim($postoptions['subscriptionmethod']); return (in_array($method, $subscription_methods)) ? $method : $subscription_methods[0]; } else { global $db; $query = $db->simple_select("threadsubscriptions", "tid, notification", "tid='".(int)$tid."' AND uid='".$mybb->user['uid']."'", array('limit' => 1)); $subscription = $db->fetch_array($query); if($subscription['tid']) { $subscription_method = (int)$subscription['notification'] + 1; } } return $subscription_methods[$subscription_method];
} /**	} /**
Zeile 3573	Zeile 3655
* @param int\|string $selected_pid The selected prefix ID (integer ID or string any) * @param int $multiple Allow multiple prefix selection * @param int $previous_pid The previously selected prefix ID	* @param int\|string $selected_pid The selected prefix ID (integer ID or string any) * @param int $multiple Allow multiple prefix selection * @param int $previous_pid The previously selected prefix ID
* @return string The thread prefix selection menu */	* @return string The thread prefix selection menu */
function build_prefix_select($fid, $selected_pid=0, $multiple=0, $previous_pid=0) { global $cache, $db, $lang, $mybb, $templates;	function build_prefix_select($fid, $selected_pid=0, $multiple=0, $previous_pid=0) { global $cache, $db, $lang, $mybb, $templates;

if($fid != 'all')	if($fid != 'all')
{	{
$fid = (int)$fid;	$fid = (int)$fid;
} $prefix_cache = build_prefixes(0); if(empty($prefix_cache)) { // We've got no prefixes to show return ''; }	} $prefix_cache = build_prefixes(0); if(empty($prefix_cache)) { // We've got no prefixes to show return ''; }
// Go through each of our prefixes and decide which ones we can use $prefixes = array();	// Go through each of our prefixes and decide which ones we can use $prefixes = array();
Zeile 3634	Zeile 3716
if(((int)$selected_pid == 0) && $selected_pid != 'any') { $default_selected = " selected=\"selected\"";	if(((int)$selected_pid == 0) && $selected_pid != 'any') { $default_selected = " selected=\"selected\"";
}	}
foreach($prefixes as $prefix) {	foreach($prefixes as $prefix) {
Zeile 3649	Zeile 3731
} if($multiple != 0)	} if($multiple != 0)
{	{
eval("\$prefixselect = \"".$templates->get("post_prefixselect_multiple")."\";"); } else	eval("\$prefixselect = \"".$templates->get("post_prefixselect_multiple")."\";"); } else
Zeile 3679	Zeile 3761
// We've got no prefixes to show return ''; }	// We've got no prefixes to show return ''; }

// Go through each of our prefixes and decide which ones we can use $prefixes = array(); foreach($prefix_cache as $prefix)	// Go through each of our prefixes and decide which ones we can use $prefixes = array(); foreach($prefix_cache as $prefix)
Zeile 3693	Zeile 3775
{ // This forum can use this prefix! $prefixes[$prefix['pid']] = $prefix;	{ // This forum can use this prefix! $prefixes[$prefix['pid']] = $prefix;
} }	} }
else { // This prefix is for anybody to use... $prefixes[$prefix['pid']] = $prefix; }	else { // This prefix is for anybody to use... $prefixes[$prefix['pid']] = $prefix; }
}	}
if(empty($prefixes)) {	if(empty($prefixes)) {
Zeile 3709	Zeile 3791
$default_selected = array(); $selected_pid = (int)$selected_pid;	$default_selected = array(); $selected_pid = (int)$selected_pid;

if($selected_pid == 0)	if($selected_pid == 0)
{	{
$default_selected['all'] = ' selected="selected"';	$default_selected['all'] = ' selected="selected"';
}	}
else if($selected_pid == -1)	else if($selected_pid == -1)
{	{
$default_selected['none'] = ' selected="selected"';	$default_selected['none'] = ' selected="selected"';
}	}
else if($selected_pid == -2) { $default_selected['any'] = ' selected="selected"'; } foreach($prefixes as $prefix)	else if($selected_pid == -2) { $default_selected['any'] = ' selected="selected"'; } foreach($prefixes as $prefix)
{	{
$selected = ''; if($prefix['pid'] == $selected_pid) { $selected = ' selected="selected"'; }	$selected = ''; if($prefix['pid'] == $selected_pid) { $selected = ' selected="selected"'; }

$prefix['prefix'] = htmlspecialchars_uni($prefix['prefix']); eval('$prefixselect_prefix .= "'.$templates->get("forumdisplay_threadlist_prefixes_prefix").'";'); } eval('$prefixselect = "'.$templates->get("forumdisplay_threadlist_prefixes").'";'); return $prefixselect;	$prefix['prefix'] = htmlspecialchars_uni($prefix['prefix']); eval('$prefixselect_prefix .= "'.$templates->get("forumdisplay_threadlist_prefixes_prefix").'";'); } eval('$prefixselect = "'.$templates->get("forumdisplay_threadlist_prefixes").'";'); return $prefixselect;
} /**	} /**
* Gzip encodes text to a specified level * * @param string $contents The string to encode	* Gzip encodes text to a specified level * * @param string $contents The string to encode
Zeile 3813	Zeile 3895
{ $tid = (int)$data['tid']; unset($data['tid']);	{ $tid = (int)$data['tid']; unset($data['tid']);
}	}
$pid = 0; if(isset($data['pid'])) {	$pid = 0; if(isset($data['pid'])) {
Zeile 3857	Zeile 3939
} $db->insert_query_multiple("moderatorlog", $multiple_sql_array);	} $db->insert_query_multiple("moderatorlog", $multiple_sql_array);
} else {	} else {
$db->insert_query("moderatorlog", $sql_array); } }	$db->insert_query("moderatorlog", $sql_array); } }
Zeile 3874	Zeile 3956
function get_reputation($reputation, $uid=0) { global $theme, $templates;	function get_reputation($reputation, $uid=0) { global $theme, $templates;

$display_reputation = $reputation_class = ''; if($reputation < 0)	$display_reputation = $reputation_class = ''; if($reputation < 0)
{	{
$reputation_class = "reputation_negative"; } elseif($reputation > 0) { $reputation_class = "reputation_positive";	$reputation_class = "reputation_negative"; } elseif($reputation > 0) { $reputation_class = "reputation_positive";
}	}
else { $reputation_class = "reputation_neutral";	else { $reputation_class = "reputation_neutral";
} $reputation = my_number_format($reputation);	} $reputation = my_number_format($reputation);
if($uid != 0) {	if($uid != 0) {
Zeile 3919	Zeile 4001
$warning_class = "high_warning"; } else if($level >= 50)	$warning_class = "high_warning"; } else if($level >= 50)
{	{
$warning_class = "moderate_warning"; } else if($level >= 25) { $warning_class = "low_warning";	$warning_class = "moderate_warning"; } else if($level >= 25) { $warning_class = "low_warning";
}	}
else { $warning_class = "normal_warning";	else { $warning_class = "normal_warning";
Zeile 3933	Zeile 4015
eval("\$level = \"".$templates->get("postbit_warninglevel_formatted")."\";"); return $level;	eval("\$level = \"".$templates->get("postbit_warninglevel_formatted")."\";"); return $level;
}	}
/** * Fetch the IP address of the current user. *	/** * Fetch the IP address of the current user. *
Zeile 4172	Zeile 4254
function get_unviewable_forums($only_readable_threads=false) { global $forum_cache, $permissioncache, $mybb;	function get_unviewable_forums($only_readable_threads=false) { global $forum_cache, $permissioncache, $mybb;

if(!is_array($forum_cache)) { cache_forums();	if(!is_array($forum_cache)) { cache_forums();
Zeile 4246	Zeile 4328
return $format; }	return $format; }

/** * Build the breadcrumb navigation trail from the specified items *	/** * Build the breadcrumb navigation trail from the specified items *
Zeile 4276	Zeile 4358
{ $sep = ""; }	{ $sep = ""; }

$multipage = null; $multipage_dropdown = null; if(!empty($navbit['multipage'])) { if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)	$multipage = null; $multipage_dropdown = null; if(!empty($navbit['multipage'])) { if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)
{	{
$mybb->settings['threadsperpage'] = 20;	$mybb->settings['threadsperpage'] = 20;
}	}
$multipage = multipage($navbit['multipage']['num_threads'], $mybb->settings['threadsperpage'], $navbit['multipage']['current_page'], $navbit['multipage']['url'], true); if($multipage)	$multipage = multipage($navbit['multipage']['num_threads'], $mybb->settings['threadsperpage'], $navbit['multipage']['current_page'], $navbit['multipage']['url'], true); if($multipage)
Zeile 4292	Zeile 4374
++$i; eval("\$multipage_dropdown = \"".$templates->get("nav_dropdown")."\";"); $sep = $multipage_dropdown.$sep;	++$i; eval("\$multipage_dropdown = \"".$templates->get("nav_dropdown")."\";"); $sep = $multipage_dropdown.$sep;
}	}
}	}

// Replace page 1 URLs $navbit['url'] = str_replace("-page-1.html", ".html", $navbit['url']); $navbit['url'] = preg_replace("/&page=1$/", "", $navbit['url']);	// Replace page 1 URLs $navbit['url'] = str_replace("-page-1.html", ".html", $navbit['url']); $navbit['url'] = preg_replace("/&page=1$/", "", $navbit['url']);

eval("\$nav .= \"".$templates->get("nav_bit")."\";"); } }	eval("\$nav .= \"".$templates->get("nav_bit")."\";"); } }
	$navsize = count($navbits); $navbit = $navbits[$navsize-1];
}	}
$activesep = ''; $navsize = count($navbits); $navbit = $navbits[$navsize-1];
if($nav)	if($nav)
{ eval("\$activesep = \"".$templates->get("nav_sep_active")."\";"); }	{ eval("\$activesep = \"".$templates->get("nav_sep_active")."\";"); }
eval("\$activebit = \"".$templates->get("nav_bit_active")."\";"); eval("\$donenav = \"".$templates->get("nav")."\";");	eval("\$activebit = \"".$templates->get("nav_bit_active")."\";"); eval("\$donenav = \"".$templates->get("nav")."\";");

return $donenav; }	return $donenav; }
Zeile 4326	Zeile 4406
* @param string $url The URL of the item to add */ function add_breadcrumb($name, $url="")	* @param string $url The URL of the item to add */ function add_breadcrumb($name, $url="")
{	{
global $navbits; $navsize = count($navbits);	global $navbits; $navsize = count($navbits);
Zeile 4355	Zeile 4435
foreach($forum_cache as $key => $val) { $pforumcache[$val['fid']][$val['pid']] = $val;	foreach($forum_cache as $key => $val) { $pforumcache[$val['fid']][$val['pid']] = $val;
} }	} }
if(is_array($pforumcache[$fid])) {	if(is_array($pforumcache[$fid])) {
Zeile 4386	Zeile 4466
} } elseif(!empty($multipage))	} } elseif(!empty($multipage))
{	{
$navbits[$navsize]['url'] = get_forum_link($forumnav['fid'], $multipage['current_page']); $navbits[$navsize]['multipage'] = $multipage;	$navbits[$navsize]['url'] = get_forum_link($forumnav['fid'], $multipage['current_page']); $navbits[$navsize]['multipage'] = $multipage;
Zeile 4415	Zeile 4495
if(!empty($navbits[0]['options'])) { $newnav[0]['options'] = $navbits[0]['options'];	if(!empty($navbits[0]['options'])) { $newnav[0]['options'] = $navbits[0]['options'];
}	}
unset($GLOBALS['navbits']); $GLOBALS['navbits'] = $newnav;	unset($GLOBALS['navbits']); $GLOBALS['navbits'] = $newnav;
Zeile 4895	Zeile 4975
global $db, $mybb; if($uid == $mybb->user['uid'])	global $db, $mybb; if($uid == $mybb->user['uid'])
{	{
$user = $mybb->user;	$user = $mybb->user;
}	}
else { $query = $db->simple_select("users", "additionalgroups, usergroup", "uid='".(int)$uid."'"); $user = $db->fetch_array($query);	else { $query = $db->simple_select("users", "additionalgroups, usergroup", "uid='".(int)$uid."'"); $user = $db->fetch_array($query);
}	}
// Build the new list of additional groups for this user and make sure they're in the right format $usergroups = ""; $usergroups = $user['additionalgroups'].",".$joingroup; $groupslist = ""; $groups = explode(",", $usergroups);	// Build the new list of additional groups for this user and make sure they're in the right format $usergroups = ""; $usergroups = $user['additionalgroups'].",".$joingroup; $groupslist = ""; $groups = explode(",", $usergroups);
if(is_array($groups)) {	if(is_array($groups)) {
$comma = ''; foreach($groups as $gid) { if(trim($gid) != "" && $gid != $user['usergroup'] && !isset($donegroup[$gid]))	$comma = ''; foreach($groups as $gid) { if(trim($gid) != "" && $gid != $user['usergroup'] && !isset($donegroup[$gid]))
{ $groupslist .= $comma.$gid; $comma = ","; $donegroup[$gid] = 1; }	{ $groupslist .= $comma.$gid; $comma = ","; $donegroup[$gid] = 1; }
} }	} }
Zeile 4928	Zeile 5008
if($groupslist != $user['additionalgroups']) { $db->update_query("users", array('additionalgroups' => $groupslist), "uid='".(int)$uid."'");	if($groupslist != $user['additionalgroups']) { $db->update_query("users", array('additionalgroups' => $groupslist), "uid='".(int)$uid."'");
return true;	return true;
} else {	} else {
Zeile 4945	Zeile 5025
function leave_usergroup($uid, $leavegroup) { global $db, $mybb, $cache;	function leave_usergroup($uid, $leavegroup) { global $db, $mybb, $cache;

$user = get_user($uid); $groupslist = $comma = '';	$user = get_user($uid); $groupslist = $comma = '';
Zeile 4963	Zeile 5043
$groupslist .= $comma.$gid; $comma = ","; $donegroup[$gid] = 1;	$groupslist .= $comma.$gid; $comma = ","; $donegroup[$gid] = 1;
} } }	} } }
$dispupdate = ""; if($leavegroup == $user['displaygroup'])	$dispupdate = ""; if($leavegroup == $user['displaygroup'])
Zeile 5000	Zeile 5080
if(!empty($_SERVER['SCRIPT_NAME'])) { $location = htmlspecialchars_uni($_SERVER['SCRIPT_NAME']);	if(!empty($_SERVER['SCRIPT_NAME'])) { $location = htmlspecialchars_uni($_SERVER['SCRIPT_NAME']);
}	}
elseif(!empty($_SERVER['PHP_SELF'])) { $location = htmlspecialchars_uni($_SERVER['PHP_SELF']);	elseif(!empty($_SERVER['PHP_SELF'])) { $location = htmlspecialchars_uni($_SERVER['PHP_SELF']);
Zeile 5016	Zeile 5096
else { $location = htmlspecialchars_uni($_ENV['PATH_INFO']);	else { $location = htmlspecialchars_uni($_ENV['PATH_INFO']);
}	}
if($quick)	if($quick)
{	{
return $location; } if($fields == true) { global $mybb;	return $location; } if($fields == true) { global $mybb;

if(!is_array($ignore)) { $ignore = array($ignore);	if(!is_array($ignore)) { $ignore = array($ignore);
Zeile 5034	Zeile 5114
$form_html = ''; if(!empty($mybb->input))	$form_html = ''; if(!empty($mybb->input))
{	{
foreach($mybb->input as $name => $value) { if(in_array($name, $ignore) \|\| is_array($name) \|\| is_array($value))	foreach($mybb->input as $name => $value) { if(in_array($name, $ignore) \|\| is_array($name) \|\| is_array($value))
Zeile 5043	Zeile 5123
} $form_html .= "<input type=\"hidden\" name=\"".htmlspecialchars_uni($name)."\" value=\"".htmlspecialchars_uni($value)."\" />\n";	} $form_html .= "<input type=\"hidden\" name=\"".htmlspecialchars_uni($name)."\" value=\"".htmlspecialchars_uni($value)."\" />\n";
}	}
} return array('location' => $location, 'form_html' => $form_html, 'form_method' => $mybb->request_method);	} return array('location' => $location, 'form_html' => $form_html, 'form_method' => $mybb->request_method);
Zeile 5068	Zeile 5148
if(isset($_POST[$var])) { $addloc[] = urlencode($var).'='.urlencode($_POST[$var]);	if(isset($_POST[$var])) { $addloc[] = urlencode($var).'='.urlencode($_POST[$var]);
} }	} }
if(isset($addloc) && is_array($addloc)) {	if(isset($addloc) && is_array($addloc)) {
Zeile 5104	Zeile 5184
function build_theme_select($name, $selected=-1, $tid=0, $depth="", $usergroup_override=false, $footer=false, $count_override=false) { global $db, $themeselect, $tcache, $lang, $mybb, $limit, $templates, $num_themes, $themeselect_option;	function build_theme_select($name, $selected=-1, $tid=0, $depth="", $usergroup_override=false, $footer=false, $count_override=false) { global $db, $themeselect, $tcache, $lang, $mybb, $limit, $templates, $num_themes, $themeselect_option;

if($tid == 0) { $tid = 1;	if($tid == 0) { $tid = 1;
Zeile 5112	Zeile 5192
$themeselect_option = ''; if(!isset($lang->use_default))	$themeselect_option = ''; if(!isset($lang->use_default))
{	{
$lang->use_default = $lang->lang_select_default; } }	$lang->use_default = $lang->lang_select_default; } }

if(!is_array($tcache)) { $query = $db->simple_select('themes', 'tid, name, pid, allowedgroups', "pid!='0'");	if(!is_array($tcache)) { $query = $db->simple_select('themes', 'tid, name, pid, allowedgroups', "pid!='0'");

while($theme = $db->fetch_array($query)) { $tcache[$theme['pid']][$theme['tid']] = $theme;	while($theme = $db->fetch_array($query)) { $tcache[$theme['pid']][$theme['tid']] = $theme;
Zeile 5146	Zeile 5226
eval("\$themeselect_option .= \"".$templates->get("usercp_themeselector_option")."\";"); ++$num_themes; $depthit = $depth."--";	eval("\$themeselect_option .= \"".$templates->get("usercp_themeselector_option")."\";"); ++$num_themes; $depthit = $depth."--";
}	}
if(array_key_exists($theme['tid'], $tcache)) { build_theme_select($name, $selected, $theme['tid'], $depthit, $usergroup_override, $footer, $count_override); } }	if(array_key_exists($theme['tid'], $tcache)) { build_theme_select($name, $selected, $theme['tid'], $depthit, $usergroup_override, $footer, $count_override); } }
} }	} }
if($tid == 1 && ($num_themes > 1 \|\| $count_override == true)) {	if($tid == 1 && ($num_themes > 1 \|\| $count_override == true)) {
Zeile 5172	Zeile 5252
else { return false;	else { return false;
} }	} }
/** * Get the theme data of a theme id.	/** * Get the theme data of a theme id.
Zeile 5312	Zeile 5392
if($use_iconv) { return iconv($from_charset, $to_charset."//IGNORE", $str);	if($use_iconv) { return iconv($from_charset, $to_charset."//IGNORE", $str);
}	}
else { return @mb_convert_encoding($str, $to_charset, $from_charset);	else { return @mb_convert_encoding($str, $to_charset, $from_charset);
Zeile 5450	Zeile 5530
$lang->month_11, $lang->month_12 );	$lang->month_11, $lang->month_12 );

// This needs to be in this specific order $find = array(	// This needs to be in this specific order $find = array(
Zeile 6331	Zeile 6410
* @param bool $fatal (Optional) Stop execution if it finds an error with the login. Default is True * @return bool\|int Number of logins when success, false if failed. */	* @param bool $fatal (Optional) Stop execution if it finds an error with the login. Default is True * @return bool\|int Number of logins when success, false if failed. */
function login_attempt_check($fatal = true)	function login_attempt_check($uid = 0, $fatal = true)
{	{
global $mybb, $lang, $session, $db;	global $mybb, $lang, $db;

if($mybb->settings['failedlogincount'] == 0) { return 1; } // Note: Number of logins is defaulted to 1, because using 0 seems to clear cookie data. Not really a problem as long as we account for 1 being default. // Use cookie if possible, otherwise use session // Find better solution to prevent clearing cookies $loginattempts = 0; $failedlogin = 0; if(!empty($mybb->cookies['loginattempts'])) { $loginattempts = $mybb->cookies['loginattempts']; } if(!empty($mybb->cookies['failedlogin'])) { $failedlogin = $mybb->cookies['failedlogin']; } // Work out if the user has had more than the allowed number of login attempts if($loginattempts > $mybb->settings['failedlogincount']) { // If so, then we need to work out if they can try to login again // Some maths to work out how long they have left and display it to them $now = TIME_NOW; if(empty($mybb->cookies['failedlogin'])) { $failedtime = $now;	$attempts = array(); $uid = (int)$uid; $now = TIME_NOW; // Get this user's login attempts and eventual lockout, if a uid is provided if($uid > 0) { $query = $db->simple_select("users", "loginattempts, loginlockoutexpiry", "uid='{$uid}'", 1); $attempts = $db->fetch_array($query); if($attempts['loginattempts'] <= 0) { return 0; } } // This user has a cookie lockout, show waiting time elseif($mybb->cookies['lockoutexpiry'] && $mybb->cookies['lockoutexpiry'] > $now) { if($fatal) { $secsleft = (int)($mybb->cookies['lockoutexpiry'] - $now); $hoursleft = floor($secsleft / 3600); $minsleft = floor(($secsleft / 60) % 60); $secsleft = floor($secsleft % 60); error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft)); } return false; } if($mybb->settings['failedlogincount'] > 0 && $attempts['loginattempts'] >= $mybb->settings['failedlogincount']) { // Set the expiry dateline if not set yet if($attempts['loginlockoutexpiry'] == 0) { $attempts['loginlockoutexpiry'] = $now + ((int)$mybb->settings['failedlogintime'] * 60); // Add a cookie lockout. This is used to prevent access to the login page immediately. // A deep lockout is issued if he tries to login into a locked out account my_setcookie('lockoutexpiry', $attempts['loginlockoutexpiry']); $db->update_query("users", array( "loginlockoutexpiry" => $attempts['loginlockoutexpiry'] ), "uid='{$uid}'"); } if(empty($mybb->cookies['lockoutexpiry'])) { $failedtime = $attempts['loginlockoutexpiry'];
} else	} else
{ $failedtime = $mybb->cookies['failedlogin'];	{ $failedtime = $mybb->cookies['lockoutexpiry'];
}	}
$secondsleft = $mybb->settings['failedlogintime'] * 60 + $failedtime - $now; $hoursleft = floor($secondsleft / 3600); $minsleft = floor(($secondsleft / 60) % 60); $secsleft = floor($secondsleft % 60); // This value will be empty the first time the user doesn't login in, set it if(empty($failedlogin))	// Are we still locked out? if($attempts['loginlockoutexpiry'] > $now)
{	{
my_setcookie('failedlogin', $now);
if($fatal) {	if($fatal) {
	$secsleft = (int)($attempts['loginlockoutexpiry'] - $now); $hoursleft = floor($secsleft / 3600); $minsleft = floor(($secsleft / 60) % 60); $secsleft = floor($secsleft % 60);
error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft)); } return false; }	error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft)); } return false; }
	// Unlock if enough time has passed else {

// Work out if the user has waited long enough before letting them login again if($mybb->cookies['failedlogin'] < ($now - $mybb->settings['failedlogintime'] * 60)) { my_setcookie('loginattempts', 1); my_unsetcookie('failedlogin'); if($mybb->user['uid'] != 0) { $update_array = array( 'loginattempts' => 1 ); $db->update_query("users", $update_array, "uid = '{$mybb->user['uid']}'"); } return 1; } // Not waited long enough else if($mybb->cookies['failedlogin'] > ($now - $mybb->settings['failedlogintime'] * 60)) { if($fatal)	if($uid > 0)
{	{
error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft));	$db->update_query("users", array( "loginattempts" => 0, "loginlockoutexpiry" => 0 ), "uid='{$uid}'");
}	}
return false; }	// Wipe the cookie, no matter if a guest or a member my_unsetcookie('lockoutexpiry'); return 0; }
}	}

// User can attempt another login	// User can attempt another login
return $loginattempts;	return $attempts['loginattempts'];
} /**	} /**
Zeile 6424	Zeile 6512
* * @param string $email The string to check. * @return boolean True when valid, false when invalid.	* * @param string $email The string to check. * @return boolean True when valid, false when invalid.
*/	*/
function validate_email_format($email) {	function validate_email_format($email) {
if(strpos($email, ' ') !== false) { return false; } // Valid local characters for email addresses: http://www.remote.org/jochen/mail/info/chars.html return preg_match("/^[a-zA-Z0-9&+\-_.{}~^\?=\/]+@[a-zA-Z0-9-]+\.([a-zA-Z0-9-]+\.)[a-zA-Z0-9-]{2,}$/si", $email);	return filter_var($email, FILTER_VALIDATE_EMAIL) !== false;
} /**	} /**
Zeile 6452	Zeile 6535
$uid_string = " AND uid != '".(int)$uid."'"; } $query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");	$uid_string = " AND uid != '".(int)$uid."'"; } $query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");

if($db->fetch_field($query, "emails") > 0) { return true;	if($db->fetch_field($query, "emails") > 0) { return true;
Zeile 6478	Zeile 6561
while($setting = $db->fetch_array($query)) { $mybb->settings[$setting['name']] = $setting['value'];	while($setting = $db->fetch_array($query)) { $mybb->settings[$setting['name']] = $setting['value'];
	$setting['name'] = addcslashes($setting['name'], "\\'");
$setting['value'] = addcslashes($setting['value'], '\\"$'); $settings .= "\$settings['{$setting['name']}'] = \"{$setting['value']}\";\n"; }	$setting['value'] = addcslashes($setting['value'], '\\"$'); $settings .= "\$settings['{$setting['name']}'] = \"{$setting['value']}\";\n"; }
Zeile 7029	Zeile 7114
if(in_array(curl_getinfo($ch, CURLINFO_HTTP_CODE), array(301, 302))) {	if(in_array(curl_getinfo($ch, CURLINFO_HTTP_CODE), array(301, 302))) {
preg_match('/Location:(.*?)(?:\n\|$)/', $header, $matches);	preg_match('/^Location:(.*?)(?:\n\|$)/im', $header, $matches);
if($matches) {	if($matches) {
Zeile 7154	Zeile 7239
if($max_redirects > 0 && (strstr($status_line, ' 301 ') \|\| strstr($status_line, ' 302 '))) {	if($max_redirects > 0 && (strstr($status_line, ' 301 ') \|\| strstr($status_line, ' 302 '))) {
preg_match('/Location:(.*?)(?:\n\|$)/', $header, $matches);	preg_match('/^Location:(.*?)(?:\n\|$)/im', $header, $matches);
if($matches) {	if($matches) {
Zeile 7561	Zeile 7646
* @param array $array The array of forums * @return integer The number of sub forums */	* @param array $array The array of forums * @return integer The number of sub forums */
function subforums_count($array)	function subforums_count($array=array())
{ $count = 0; foreach($array as $array2)	{ $count = 0; foreach($array as $array2)
Zeile 7821	Zeile 7906
$chr = substr($ip_higher_bits, $i, 8); $chr = chr( bindec($chr) ); $ip_higher_pack .= $chr;	$chr = substr($ip_higher_bits, $i, 8); $chr = chr( bindec($chr) ); $ip_higher_pack .= $chr;
}	}
return array($ip_lower_pack, $ip_higher_pack); } // Just on IP address	return array($ip_lower_pack, $ip_higher_pack); } // Just on IP address
Zeile 7842	Zeile 7927
static $time_start; $time = microtime(true);	static $time_start; $time = microtime(true);

// Just starting timer, init and return if(!$time_start)	// Just starting timer, init and return if(!$time_start)
Zeile 7881	Zeile 7965
} if(!is_array($bad_verify_files))	} if(!is_array($bad_verify_files))
{	{
$bad_verify_files = array(); }	$bad_verify_files = array(); }
Zeile 7894	Zeile 7978
while(($file = @readdir($dh)) !== false) { if(in_array($file, $ignore) \|\| in_array(get_extension($file), $ignore_ext))	while(($file = @readdir($dh)) !== false) { if(in_array($file, $ignore) \|\| in_array(get_extension($file), $ignore_ext))
{ continue; }	{ continue; }
// Recurse through the directory tree if(is_dir($path."/".$file))	// Recurse through the directory tree if(is_dir($path."/".$file))
Zeile 7913	Zeile 7997
{ $filename = $path."/".$file; $handle = fopen($filename, "rb");	{ $filename = $path."/".$file; $handle = fopen($filename, "rb");
$contents = '';	$hashingContext = hash_init('sha512');
while(!feof($handle)) {	while(!feof($handle)) {
$contents .= fread($handle, 8192);	hash_update($hashingContext, fread($handle, 8192));
} fclose($handle);	} fclose($handle);
$md5 = md5($contents);	$checksum = hash_final($hashingContext);
// Does it match any of our hashes (unix/windows new lines taken into consideration with the hashes)	// Does it match any of our hashes (unix/windows new lines taken into consideration with the hashes)
if(!in_array($md5, $checksums[$file_path]))	if(!in_array($checksum, $checksums[$file_path]))
{ $bad_verify_files[] = array("status" => "changed", "path" => $file_path); }	{ $bad_verify_files[] = array("status" => "changed", "path" => $file_path); }
Zeile 7945	Zeile 8029
continue; } $bad_verify_files[] = array("status" => "missing", "path" => $file_path);	continue; } $bad_verify_files[] = array("status" => "missing", "path" => $file_path);
} }	} }
} // uh oh	} // uh oh
Zeile 7973	Zeile 8057
return "+$int"; } }	return "+$int"; } }

/** * Returns a securely generated seed *	/** * Returns a securely generated seed *
Zeile 7998	Zeile 8082
{ $output = @fread($handle, $bytes); @fclose($handle);	{ $output = @fread($handle, $bytes); @fclose($handle);
} } else {	} } else {
return $output; }	return $output; }
Zeile 8029	Zeile 8113
if(strlen($output) < $bytes) { if(function_exists('openssl_random_pseudo_bytes'))	if(strlen($output) < $bytes) { if(function_exists('openssl_random_pseudo_bytes'))
{	{
// PHP <5.3.4 had a bug which makes that function unusable on Windows if ((DIRECTORY_SEPARATOR == '/') \|\| version_compare(PHP_VERSION, '5.3.4', '>=')) {	// PHP <5.3.4 had a bug which makes that function unusable on Windows if ((DIRECTORY_SEPARATOR == '/') \|\| version_compare(PHP_VERSION, '5.3.4', '>=')) {
Zeile 8037	Zeile 8121
if ($crypto_strong == false) { $output = null;	if ($crypto_strong == false) { $output = null;
} } } } else { return $output; } if(strlen($output) < $bytes) {	} } } } else { return $output; } if(strlen($output) < $bytes) {
if(class_exists('COM')) { try	if(class_exists('COM')) { try
Zeile 8058	Zeile 8142
$output = $CAPI_Util->GetRandom($bytes, 0); } } catch (Exception $e) {	$output = $CAPI_Util->GetRandom($bytes, 0); } } catch (Exception $e) {
} } } else { return $output; } if(strlen($output) < $bytes)	} } } else { return $output; } if(strlen($output) < $bytes)
{ // Close to what PHP basically uses internally to seed, but not quite. $unique_state = microtime().@getmypid();	{ // Close to what PHP basically uses internally to seed, but not quite. $unique_state = microtime().@getmypid();
Zeile 8425	Zeile 8509
if($valid) { $string .= $multibytes;	if($valid) { $string .= $multibytes;
} }	} }
else { $string .= $input[$i]; }	else { $string .= $input[$i]; }
}	}
$input = $string; } if($return) { if($allow_mb4)	$input = $string; } if($return) { if($allow_mb4)
{	{
return $input;	return $input;
} else {	} else {
return preg_replace("#[^\\x00-\\x7F][\\x80-\\xBF]{3,}#", '?', $input); } }	return preg_replace("#[^\\x00-\\x7F][\\x80-\\xBF]{3,}#", '?', $input); } }
Zeile 8471	Zeile 8555
global $lang, $mybb, $db, $session; if($mybb->settings['enablepms'] == 0)	global $lang, $mybb, $db, $session; if($mybb->settings['enablepms'] == 0)
{ return false; }	{ return false; }
if(!is_array($pm)) {	if(!is_array($pm)) {
Zeile 8486	Zeile 8570
{ // Load user language $lang->set_language($pm['language']);	{ // Load user language $lang->set_language($pm['language']);
$lang->load($pm['language_file']);	$lang->load($pm['language_file']);
$revert = true; }	$revert = true; }
Zeile 8531	Zeile 8615
$subject = $pm['subject']; $message = $pm['message']; $toid = $pm['touid'];	$subject = $pm['subject']; $message = $pm['message']; $toid = $pm['touid'];

// Our recipients if(is_array($toid)) {	// Our recipients if(is_array($toid)) {
Zeile 8541	Zeile 8625
{ $recipients_to = array($toid); }	{ $recipients_to = array($toid); }

$recipients_bcc = array(); // Determine user ID if((int)$fromid == 0)	$recipients_bcc = array(); // Determine user ID if((int)$fromid == 0)
{	{
$fromid = (int)$mybb->user['uid']; } elseif((int)$fromid < 0)	$fromid = (int)$mybb->user['uid']; } elseif((int)$fromid < 0)
Zeile 8572	Zeile 8656
} $pm['options'] = array(	} $pm['options'] = array(
"signature" => 0,
"disablesmilies" => 0, "savecopy" => 0, "readreceipt" => 0	"disablesmilies" => 0, "savecopy" => 0, "readreceipt" => 0
); $pm['saveasdraft'] = 0;	); $pm['saveasdraft'] = 0;
// Admin override $pmhandler->admin_override = (int)$admin_override;	// Admin override $pmhandler->admin_override = (int)$admin_override;
$pmhandler->set_data($pm);	$pmhandler->set_data($pm);
if($pmhandler->validate_pm()) { $pmhandler->insert_pm(); return true;	if($pmhandler->validate_pm()) { $pmhandler->insert_pm(); return true;
}	}
return false; }	return false; }
Zeile 8634	Zeile 8717
* Copy a file to the CDN. * * @param string $file_path The path to the file to upload to the CDN.	* Copy a file to the CDN. * * @param string $file_path The path to the file to upload to the CDN.
*	*
* @param string $uploaded_path The path the file was uploaded to, reference parameter for when this may be needed. * * @return bool Whether the file was copied successfully.	* @param string $uploaded_path The path the file was uploaded to, reference parameter for when this may be needed. * * @return bool Whether the file was copied successfully.
Zeile 8664	Zeile 8747
if(substr($file_dir_path, 0, my_strlen(MYBB_ROOT)) == MYBB_ROOT) { $file_dir_path = str_replace(MYBB_ROOT, '', $file_dir_path);	if(substr($file_dir_path, 0, my_strlen(MYBB_ROOT)) == MYBB_ROOT) { $file_dir_path = str_replace(MYBB_ROOT, '', $file_dir_path);
} $cdn_upload_path = $cdn_path . DIRECTORY_SEPARATOR . $file_dir_path;	} $cdn_upload_path = $cdn_path . DIRECTORY_SEPARATOR . $file_dir_path;
if(!($dir_exists = is_dir($cdn_upload_path))) { $dir_exists = @mkdir($cdn_upload_path, 0777, true);	if(!($dir_exists = is_dir($cdn_upload_path))) { $dir_exists = @mkdir($cdn_upload_path, 0777, true);
Zeile 8712	Zeile 8795
* @param bool $allow_local Whether or not the url could be pointing to local networks. * * @return bool Whether this is a valid url.	* @param bool $allow_local Whether or not the url could be pointing to local networks. * * @return bool Whether this is a valid url.
*/	*/
function my_validate_url($url, $relative_path=false, $allow_local=false) { if($allow_local)	function my_validate_url($url, $relative_path=false, $allow_local=false) { if($allow_local)
{	{
$regex = '_^(?:(?:https?\|ftp)://)(?:\S+(?::\S)?@)?(?:(?:[1-9]\d?\|1\d\d\|2[01]\d\|22[0-3])(?:\.(?:1?\d{1,2}\|2[0-4]\d\|25[0-5])){2}(?:\.(?:[1-9]\d?\|1\d\d\|2[0-4]\d\|25[0-4]))\|(?:localhost\|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,}))\.?))(?::\d{2,5})?(?:[/?#]\S*)?$_iuS';	$regex = '_^(?:(?:https?\|ftp)://)(?:\S+(?::\S)?@)?(?:(?:[1-9]\d?\|1\d\d\|2[01]\d\|22[0-3])(?:\.(?:1?\d{1,2}\|2[0-4]\d\|25[0-5])){2}(?:\.(?:[1-9]\d?\|1\d\d\|2[0-4]\d\|25[0-4]))\|(?:localhost\|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,}))\.?))(?::\d{2,5})?(?:[/?#]\S*)?$_iuS';
}	}
else	else
{	{
$regex = '_^(?:(?:https?\|ftp)://)(?:\S+(?::\S)?@)?(?:(?!(?:10\|127)(?:\.\d{1,3}){3})(?!(?:169\.254\|192\.168)(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]\|2\d\|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?\|1\d\d\|2[01]\d\|22[0-3])(?:\.(?:1?\d{1,2}\|2[0-4]\d\|25[0-5])){2}(?:\.(?:[1-9]\d?\|1\d\d\|2[0-4]\d\|25[0-4]))\|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,}))\.?)(?::\d{2,5})?(?:[/?#]\S*)?$_iuS'; } if($relative_path && my_substr($url, 0, 1) == '/' \|\| preg_match($regex, $url)) { return true;	$regex = '_^(?:(?:https?\|ftp)://)(?:\S+(?::\S)?@)?(?:(?!(?:10\|127)(?:\.\d{1,3}){3})(?!(?:169\.254\|192\.168)(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]\|2\d\|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?\|1\d\d\|2[01]\d\|22[0-3])(?:\.(?:1?\d{1,2}\|2[0-4]\d\|25[0-5])){2}(?:\.(?:[1-9]\d?\|1\d\d\|2[0-4]\d\|25[0-4]))\|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]-)[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,}))\.?)(?::\d{2,5})?(?:[/?#]\S*)?$_iuS'; } if($relative_path && my_substr($url, 0, 1) == '/' \|\| preg_match($regex, $url)) { return true;
}	}
return false; } /** * Strip html tags from string, also removes <script> and <style> contents. *	return false; } /** * Strip html tags from string, also removes <script> and <style> contents. *
	* @deprecated
* @param string $string String to stripe * @param string $allowable_tags Allowed html tags *	* @param string $string String to stripe * @param string $allowable_tags Allowed html tags *
Zeile 8772	Zeile 8856
in_array($first_character, $active_content_triggers, true) \|\| in_array($first_character, $delimiters, true) )	in_array($first_character, $active_content_triggers, true) \|\| in_array($first_character, $delimiters, true) )
{	{
$string = "'".$string;	$string = "'".$string;
}	}
foreach($delimiters as $delimiter) {	foreach($delimiters as $delimiter) {
Zeile 8785	Zeile 8869
} }	} }
$string = str_replace('"', '""', $string); return $string;	$string = str_replace('"', '""', $string); return $string; } // Fallback function for 'array_column', PHP < 5.5.0 compatibility if(!function_exists('array_column')) { function array_column($input, $column_key) { $values = array(); if(!is_array($input)) { $input = array($input); } foreach($input as $val) { if(is_array($val) && isset($val[$column_key])) { $values[] = $val[$column_key]; } elseif(is_object($val) && isset($val->$column_key)) { $values[] = $val->$column_key; } } return $values; } } /** * Performs a timing attack safe string comparison. * * @param string $known_string The first string to be compared. * @param string $user_string The second, user-supplied string to be compared. * @return bool Result of the comparison. / function my_hash_equals($known_string, $user_string) { if(version_compare(PHP_VERSION, '5.6.0', '>=')) { return hash_equals($known_string, $user_string); } else { $known_string_length = my_strlen($known_string); $user_string_length = my_strlen($user_string); if($user_string_length != $known_string_length) { return false; } $result = 0; for($i = 0; $i < $known_string_length; $i++) { $result \|= ord($known_string[$i]) ^ ord($user_string[$i]); } return $result === 0; } } /* * Retrieves all referrals for a specified user * * @param int uid * @param int start position * @param int total entries * @param bool false (default) only return display info, true for all info * @return array / function get_user_referrals($uid, $start=0, $limit=0, $full=false) { global $db; $referrals = $query_options = array(); $uid = (int) $uid; if($uid === 0) { return $referrals; } if($start && $limit) { $query_options['limit_start'] = $start; } if($limit) { $query_options['limit'] = $limit; } $fields = 'uid, username, usergroup, displaygroup, regdate'; if($full === true) { $fields = ''; } $query = $db->simple_select('users', $fields, "referrer='{$uid}'", $query_options); while($referral = $db->fetch_array($query)) { $referrals[] = $referral; } return $referrals;
}	}