| Zeile 624 | Zeile 624 |
|---|
// Guests get a special string
else
{
|
// Guests get a special string
else
{
|
return md5($session->useragent.$mybb->config['database']['username'].$mybb->settings['internal']['encryption_key']);
| return md5($session->sid.$mybb->config['database']['username'].$mybb->settings['internal']['encryption_key']);
|
}
}
| }
}
|
| Zeile 3456 | Zeile 3456 |
|---|
{
global $mybb;
|
{
global $mybb;
|
$subscription_methods = array('dont', 'none', 'email', 'pm'); // Define methods
| $subscription_methods = array('', 'none', 'email', 'pm'); // Define methods
|
$subscription_method = (int)$mybb->user['subscriptionmethod']; // Set user default
// If no user default method available then reset method
| $subscription_method = (int)$mybb->user['subscriptionmethod']; // Set user default
// If no user default method available then reset method
|
| Zeile 3489 | Zeile 3489 |
|---|
$subscription_method = (int)$subscription['notification'] + 1;
}
}
|
$subscription_method = (int)$subscription['notification'] + 1;
}
}
|
|
|
return $subscription_methods[$subscription_method];
}
| return $subscription_methods[$subscription_method];
}
|
| Zeile 4839 | Zeile 4839 |
|---|
{
$options = array_merge(array(
'minutes' => false,
|
{
$options = array_merge(array(
'minutes' => false,
|
'seconds' => false
), $options);
| 'seconds' => false
), $options);
|
}
elseif($days > 0)
{
| }
elseif($days > 0)
{
|
| Zeile 5008 | Zeile 5008 |
|---|
if($groupslist != $user['additionalgroups'])
{
$db->update_query("users", array('additionalgroups' => $groupslist), "uid='".(int)$uid."'");
|
if($groupslist != $user['additionalgroups'])
{
$db->update_query("users", array('additionalgroups' => $groupslist), "uid='".(int)$uid."'");
|
return true;
}
| return true;
}
|
else
{
return false;
| else
{
return false;
|
| Zeile 5018 | Zeile 5018 |
|---|
/**
* Remove a user from a specific additional user group
|
/**
* Remove a user from a specific additional user group
|
*
| *
|
* @param int $uid The user ID
* @param int $leavegroup The user group ID
*/
| * @param int $uid The user ID
* @param int $leavegroup The user group ID
*/
|
| Zeile 5049 | Zeile 5049 |
|---|
$dispupdate = "";
if($leavegroup == $user['displaygroup'])
|
$dispupdate = "";
if($leavegroup == $user['displaygroup'])
|
{
| {
|
$dispupdate = ", displaygroup=usergroup";
}
| $dispupdate = ", displaygroup=usergroup";
}
|
| Zeile 5092 | Zeile 5092 |
|---|
elseif(!empty($_SERVER['PATH_INFO']))
{
$location = htmlspecialchars_uni($_SERVER['PATH_INFO']);
|
elseif(!empty($_SERVER['PATH_INFO']))
{
$location = htmlspecialchars_uni($_SERVER['PATH_INFO']);
|
}
else
{
| }
else
{
|
$location = htmlspecialchars_uni($_ENV['PATH_INFO']);
}
| $location = htmlspecialchars_uni($_ENV['PATH_INFO']);
}
|
| Zeile 5262 | Zeile 5262 |
|---|
* @return boolean|array False if no valid theme, Array with the theme data otherwise
*/
function get_theme($tid)
|
* @return boolean|array False if no valid theme, Array with the theme data otherwise
*/
function get_theme($tid)
|
{
| {
|
global $tcache, $db;
if(!is_array($tcache))
| global $tcache, $db;
if(!is_array($tcache))
|
| Zeile 5514 | Zeile 5514 |
|---|
$lang->thursday,
$lang->friday,
$lang->saturday
|
$lang->thursday,
$lang->friday,
$lang->saturday
|
);
| );
|
$bmonth = array(
$lang->month_1,
$lang->month_2,
| $bmonth = array(
$lang->month_1,
$lang->month_2,
|
| Zeile 6431 | Zeile 6431 |
|---|
}
// This user has a cookie lockout, show waiting time
elseif($mybb->cookies['lockoutexpiry'] && $mybb->cookies['lockoutexpiry'] > $now)
|
}
// This user has a cookie lockout, show waiting time
elseif($mybb->cookies['lockoutexpiry'] && $mybb->cookies['lockoutexpiry'] > $now)
|
{
| {
|
if($fatal)
{
$secsleft = (int)($mybb->cookies['lockoutexpiry'] - $now);
$hoursleft = floor($secsleft / 3600);
$minsleft = floor(($secsleft / 60) % 60);
$secsleft = floor($secsleft % 60);
|
if($fatal)
{
$secsleft = (int)($mybb->cookies['lockoutexpiry'] - $now);
$hoursleft = floor($secsleft / 3600);
$minsleft = floor(($secsleft / 60) % 60);
$secsleft = floor($secsleft % 60);
|
|
|
error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft));
}
| error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft));
}
|
| Zeile 6459 | Zeile 6459 |
|---|
$db->update_query("users", array(
"loginlockoutexpiry" => $attempts['loginlockoutexpiry']
), "uid='{$uid}'");
|
$db->update_query("users", array(
"loginlockoutexpiry" => $attempts['loginlockoutexpiry']
), "uid='{$uid}'");
|
}
| }
|
if(empty($mybb->cookies['lockoutexpiry']))
{
$failedtime = $attempts['loginlockoutexpiry'];
}
else
|
if(empty($mybb->cookies['lockoutexpiry']))
{
$failedtime = $attempts['loginlockoutexpiry'];
}
else
|
{
| {
|
$failedtime = $mybb->cookies['lockoutexpiry'];
}
// Are we still locked out?
if($attempts['loginlockoutexpiry'] > $now)
|
$failedtime = $mybb->cookies['lockoutexpiry'];
}
// Are we still locked out?
if($attempts['loginlockoutexpiry'] > $now)
|
{
| {
|
if($fatal)
{
$secsleft = (int)($attempts['loginlockoutexpiry'] - $now);
| if($fatal)
{
$secsleft = (int)($attempts['loginlockoutexpiry'] - $now);
|
| Zeile 6487 | Zeile 6487 |
|---|
}
// Unlock if enough time has passed
else {
|
}
// Unlock if enough time has passed
else {
|
|
|
if($uid > 0)
{
$db->update_query("users", array(
| if($uid > 0)
{
$db->update_query("users", array(
|
| Zeile 6505 | Zeile 6505 |
|---|
// User can attempt another login
return $attempts['loginattempts'];
|
// User can attempt another login
return $attempts['loginattempts'];
|
}
| }
|
/**
* Validates the format of an email address.
*
* @param string $email The string to check.
* @return boolean True when valid, false when invalid.
|
/**
* Validates the format of an email address.
*
* @param string $email The string to check.
* @return boolean True when valid, false when invalid.
|
*/
| */
|
function validate_email_format($email)
{
return filter_var($email, FILTER_VALIDATE_EMAIL) !== false;
| function validate_email_format($email)
{
return filter_var($email, FILTER_VALIDATE_EMAIL) !== false;
|
| Zeile 6539 | Zeile 6539 |
|---|
if($db->fetch_field($query, "emails") > 0)
{
return true;
|
if($db->fetch_field($query, "emails") > 0)
{
return true;
|
}
return false;
| }
return false;
|
}
/**
| }
/**
|
| Zeile 6551 | Zeile 6551 |
|---|
function rebuild_settings()
{
global $db, $mybb;
|
function rebuild_settings()
{
global $db, $mybb;
|
|
|
$query = $db->simple_select("settings", "value, name", "", array(
'order_by' => 'title',
'order_dir' => 'ASC',
));
|
$query = $db->simple_select("settings", "value, name", "", array(
'order_by' => 'title',
'order_dir' => 'ASC',
));
|
|
|
$settings = '';
while($setting = $db->fetch_array($query))
{
$mybb->settings[$setting['name']] = $setting['value'];
|
$settings = '';
while($setting = $db->fetch_array($query))
{
$mybb->settings[$setting['name']] = $setting['value'];
|
| |
$setting['name'] = addcslashes($setting['name'], "\\'");
|
$setting['value'] = addcslashes($setting['value'], '\\"$');
$settings .= "\$settings['{$setting['name']}'] = \"{$setting['value']}\";\n";
}
| $setting['value'] = addcslashes($setting['value'], '\\"$');
$settings .= "\$settings['{$setting['name']}'] = \"{$setting['value']}\";\n";
}
|
| Zeile 6704 | Zeile 6706 |
|---|
*
* @param int $src Decimal value of a character reference
* @return string|bool
|
*
* @param int $src Decimal value of a character reference
* @return string|bool
|
*/
| */
|
function dec_to_utf8($src)
{
$dest = '';
| function dec_to_utf8($src)
{
$dest = '';
|
| Zeile 6867 | Zeile 6869 |
|---|
}
// Still here - good ip
|
}
// Still here - good ip
|
return false;
| return false;
|
}
/**
| }
/**
|
| Zeile 7112 | Zeile 7114 |
|---|
if(in_array(curl_getinfo($ch, CURLINFO_HTTP_CODE), array(301, 302)))
{
|
if(in_array(curl_getinfo($ch, CURLINFO_HTTP_CODE), array(301, 302)))
{
|
preg_match('/Location:(.*?)(?:\n|$)/', $header, $matches);
| preg_match('/^Location:(.*?)(?:\n|$)/im', $header, $matches);
|
if($matches)
{
|
if($matches)
{
|
| Zeile 7237 | Zeile 7239 |
|---|
if($max_redirects > 0 && (strstr($status_line, ' 301 ') || strstr($status_line, ' 302 ')))
{
|
if($max_redirects > 0 && (strstr($status_line, ' 301 ') || strstr($status_line, ' 302 ')))
{
|
preg_match('/Location:(.*?)(?:\n|$)/', $header, $matches);
| preg_match('/^Location:(.*?)(?:\n|$)/im', $header, $matches);
|
if($matches)
{
|
if($matches)
{
|
| Zeile 8895 | Zeile 8897 |
|---|
}
return $values;
}
|
}
return $values;
}
|
| | }
/**
* Performs a timing attack safe string comparison.
*
* @param string $known_string The first string to be compared.
* @param string $user_string The second, user-supplied string to be compared.
* @return bool Result of the comparison.
*/
function my_hash_equals($known_string, $user_string)
{
if(version_compare(PHP_VERSION, '5.6.0', '>='))
{
return hash_equals($known_string, $user_string);
}
else
{
$known_string_length = my_strlen($known_string);
$user_string_length = my_strlen($user_string);
if($user_string_length != $known_string_length)
{
return false;
}
$result = 0;
for($i = 0; $i < $known_string_length; $i++)
{
$result |= ord($known_string[$i]) ^ ord($user_string[$i]);
}
return $result === 0;
}
}
/**
* Retrieves all referrals for a specified user
*
* @param int uid
* @param int start position
* @param int total entries
* @param bool false (default) only return display info, true for all info
* @return array
*/
function get_user_referrals($uid, $start=0, $limit=0, $full=false)
{
global $db;
$referrals = $query_options = array();
$uid = (int) $uid;
if($uid === 0)
{
return $referrals;
}
if($start && $limit)
{
$query_options['limit_start'] = $start;
}
if($limit)
{
$query_options['limit'] = $limit;
}
$fields = 'uid, username, usergroup, displaygroup, regdate';
if($full === true)
{
$fields = '*';
}
$query = $db->simple_select('users', $fields, "referrer='{$uid}'", $query_options);
while($referral = $db->fetch_array($query))
{
$referrals[] = $referral;
}
return $referrals;
|
}
| }
|