Vergleich xmlhttp.php - 1.8.20 - 1.8.23

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 222Zeile 222
if($mybb->input['action'] == "get_users")
{
$mybb->input['query'] = ltrim($mybb->get_input('query'));

if($mybb->input['action'] == "get_users")
{
$mybb->input['query'] = ltrim($mybb->get_input('query'));

	$search_type = $mybb->get_input('search_type', MyBB::INPUT_INT); // 0: contains, 1: starts with, 2: ends with

	$search_type = $mybb->get_input('search_type', MyBB::INPUT_INT); // 0: starts with, 1: ends with, 2: contains


// If the string is less than 2 characters, quit.
if(my_strlen($mybb->input['query']) < 2)


// If the string is less than 2 characters, quit.
if(my_strlen($mybb->input['query']) < 2)

Zeile 254Zeile 254

$likestring = $db->escape_string_like($mybb->input['query']);
if($search_type == 1)


$likestring = $db->escape_string_like($mybb->input['query']);
if($search_type == 1)

	{
$likestring .= '%';
}
elseif($search_type == 2)

 
	{
$likestring = '%'.$likestring;

	{
$likestring = '%'.$likestring;

 
	}
elseif($search_type == 2)
{
$likestring = '%'.$likestring.'%';

	}
else
{

	}
else
{

		$likestring = '%'.$likestring.'%';

		$likestring .= '%';

	}

$query = $db->simple_select("users", "uid, username", "username LIKE '{$likestring}'", $query_options);

	}

$query = $db->simple_select("users", "uid, username", "username LIKE '{$likestring}'", $query_options);

Zeile 466Zeile 466

// If this user is not a moderator with "caneditposts" permissions.
if(!is_moderator($forum['fid'], "caneditposts"))


// If this user is not a moderator with "caneditposts" permissions.
if(!is_moderator($forum['fid'], "caneditposts"))

	{

	{

		// Thread is closed - no editing allowed.
if($thread['closed'] == 1)
{

		// Thread is closed - no editing allowed.
if($thread['closed'] == 1)
{

Zeile 782Zeile 782
		"imagehash" => $imagehash,
"imagestring" => $randomstr,
"dateline" => TIME_NOW

		"imagehash" => $imagehash,
"imagestring" => $randomstr,
"dateline" => TIME_NOW

	);


	);


	$plugins->run_hooks("xmlhttp_refresh_captcha");

$db->insert_query("captcha", $regimagearray);

	$plugins->run_hooks("xmlhttp_refresh_captcha");

$db->insert_query("captcha", $regimagearray);

Zeile 792Zeile 792
	exit;
}
else if($mybb->input['action'] == "validate_captcha")

	exit;
}
else if($mybb->input['action'] == "validate_captcha")

{

{

	header("Content-type: application/json; charset={$charset}");
$imagehash = $db->escape_string($mybb->get_input('imagehash'));
$query = $db->simple_select("captcha", "imagestring", "imagehash='$imagehash'");
if($db->num_rows($query) == 0)
{
echo json_encode($lang->captcha_valid_not_exists);

	header("Content-type: application/json; charset={$charset}");
$imagehash = $db->escape_string($mybb->get_input('imagehash'));
$query = $db->simple_select("captcha", "imagestring", "imagehash='$imagehash'");
if($db->num_rows($query) == 0)
{
echo json_encode($lang->captcha_valid_not_exists);

		exit;
}

		exit;
}

	$imagestring = $db->fetch_field($query, 'imagestring');

$plugins->run_hooks("xmlhttp_validate_captcha");

	$imagestring = $db->fetch_field($query, 'imagestring');

$plugins->run_hooks("xmlhttp_validate_captcha");

Zeile 824Zeile 824
	$sid = $db->escape_string($mybb->get_input('question_id'));
$query = $db->query("
SELECT q.qid, s.sid

	$sid = $db->escape_string($mybb->get_input('question_id'));
$query = $db->query("
SELECT q.qid, s.sid

		FROM ".TABLE_PREFIX."questionsessions s
LEFT JOIN ".TABLE_PREFIX."questions q ON (q.qid=s.qid)

		FROM ".TABLE_PREFIX."questionsessions s
LEFT JOIN ".TABLE_PREFIX."questions q ON (q.qid=s.qid)

		WHERE q.active='1' AND s.sid='{$sid}'
");


		WHERE q.active='1' AND s.sid='{$sid}'
");


Zeile 833Zeile 833
	{
xmlhttp_error($lang->answer_valid_not_exists);
}

	{
xmlhttp_error($lang->answer_valid_not_exists);
}





	$qsession = $db->fetch_array($query);

// Delete previous question session

	$qsession = $db->fetch_array($query);

// Delete previous question session

Zeile 850Zeile 850
	");

$plugins->run_hooks("xmlhttp_refresh_question");

	");

$plugins->run_hooks("xmlhttp_refresh_question");

 
	
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;

$parser_options = array(
"allow_html" => 0,
"allow_mycode" => 1,
"allow_smilies" => 1,
"allow_imgcode" => 1,
"allow_videocode" => 1,
"filter_badwords" => 1,
"me_username" => 0,
"shorten_urls" => 0,
"highlight" => 0,
);


if($db->num_rows($query) > 0)
{
$question = $db->fetch_array($query);



if($db->num_rows($query) > 0)
{
$question = $db->fetch_array($query);


		echo json_encode(array("question" => htmlspecialchars_uni($question['question']), 'sid' => htmlspecialchars_uni($question['sid'])));

		echo json_encode(array("question" => $parser->parse_message($question['question'], $parser_options), 'sid' => htmlspecialchars_uni($question['sid'])));

		exit;
}
else

		exit;
}
else

Zeile 995Zeile 1010
	if(!verify_post_check($mybb->get_input('my_post_key'), true))
{
xmlhttp_error($lang->invalid_post_code);

	if(!verify_post_check($mybb->get_input('my_post_key'), true))
{
xmlhttp_error($lang->invalid_post_code);

	}

	}


require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("insert");



require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("insert");


	$email = $mybb->get_input('email');


	$email = $mybb->get_input('email');


	header("Content-type: application/json; charset={$charset}");

$user = array(

	header("Content-type: application/json; charset={$charset}");

$user = array(

Zeile 1010Zeile 1025

$userhandler->set_data($user);



$userhandler->set_data($user);


	$errors = array();


	$errors = array();


	if(!$userhandler->verify_email())

	if(!$userhandler->verify_email())

	{

	{

		$errors = $userhandler->get_friendly_errors();
}

		$errors = $userhandler->get_friendly_errors();
}





	$plugins->run_hooks("xmlhttp_email_availability");

if(!empty($errors))
{
echo json_encode($errors[0]);

	$plugins->run_hooks("xmlhttp_email_availability");

if(!empty($errors))
{
echo json_encode($errors[0]);

		exit;

		exit;

	}
else
{

	}
else
{

Zeile 1091Zeile 1106
	} else {
foreach($referrals as $referral)
{

	} else {
foreach($referrals as $referral)
{

 
			$bg_color = alt_trow();

			// Format user name link
$username = htmlspecialchars_uni($referral['username']);
$username = format_name($username, $referral['usergroup'], $referral['displaygroup']);
$username = build_profile_link($username, $referral['uid']);

			// Format user name link
$username = htmlspecialchars_uni($referral['username']);
$username = format_name($username, $referral['usergroup'], $referral['displaygroup']);
$username = build_profile_link($username, $referral['uid']);





			$regdate = my_date('normal', $referral['regdate']);

			$regdate = my_date('normal', $referral['regdate']);





			eval("\$referral_rows .= \"".$templates->get('member_referral_row')."\";");

			eval("\$referral_rows .= \"".$templates->get('member_referral_row')."\";");


$bg_color = alt_trow();

 
		}
}


		}
}