Vergleich xmlhttp.php - 1.8.20 - 1.8.24

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 222Zeile 222
if($mybb->input['action'] == "get_users")
{
	$mybb->input['query'] = ltrim($mybb->get_input('query'));

 
if($mybb->input['action'] == "get_users")
{
	$mybb->input['query'] = ltrim($mybb->get_input('query'));

	$search_type = $mybb->get_input('search_type', MyBB::INPUT_INT); // 0: contains, 1: starts with, 2: ends with

	$search_type = $mybb->get_input('search_type', MyBB::INPUT_INT); // 0: starts with, 1: ends with, 2: contains


	// If the string is less than 2 characters, quit.
	if(my_strlen($mybb->input['query']) < 2)


	// If the string is less than 2 characters, quit.
	if(my_strlen($mybb->input['query']) < 2)

Zeile 254Zeile 254

	$likestring = $db->escape_string_like($mybb->input['query']);
	if($search_type == 1)

 

	$likestring = $db->escape_string_like($mybb->input['query']);
	if($search_type == 1)

	{
		$likestring .= '%';
	}
	elseif($search_type == 2)

 
	{
		$likestring = '%'.$likestring;

 
	{
		$likestring = '%'.$likestring;

 
	}
	elseif($search_type == 2)
	{
		$likestring = '%'.$likestring.'%';

	}
	else
	{

 
	}
	else
	{

		$likestring = '%'.$likestring.'%';

		$likestring .= '%';

	}

	$query = $db->simple_select("users", "uid, username", "username LIKE '{$likestring}'", $query_options);

	}

	$query = $db->simple_select("users", "uid, username", "username LIKE '{$likestring}'", $query_options);

Zeile 466Zeile 466

	// If this user is not a moderator with "caneditposts" permissions.
	if(!is_moderator($forum['fid'], "caneditposts"))

 

	// If this user is not a moderator with "caneditposts" permissions.
	if(!is_moderator($forum['fid'], "caneditposts"))

	{

	{

		// Thread is closed - no editing allowed.
		if($thread['closed'] == 1)
		{

		// Thread is closed - no editing allowed.
		if($thread['closed'] == 1)
		{

Zeile 782Zeile 782
		"imagehash" => $imagehash,
		"imagestring" => $randomstr,
		"dateline" => TIME_NOW

 
		"imagehash" => $imagehash,
		"imagestring" => $randomstr,
		"dateline" => TIME_NOW

	);


	);


	$plugins->run_hooks("xmlhttp_refresh_captcha");

	$db->insert_query("captcha", $regimagearray);

	$plugins->run_hooks("xmlhttp_refresh_captcha");

	$db->insert_query("captcha", $regimagearray);

Zeile 792Zeile 792
	exit;
}
else if($mybb->input['action'] == "validate_captcha")

 
	exit;
}
else if($mybb->input['action'] == "validate_captcha")

{

{

	header("Content-type: application/json; charset={$charset}");
	$imagehash = $db->escape_string($mybb->get_input('imagehash'));
	$query = $db->simple_select("captcha", "imagestring", "imagehash='$imagehash'");
	if($db->num_rows($query) == 0)
	{
		echo json_encode($lang->captcha_valid_not_exists);

 
	header("Content-type: application/json; charset={$charset}");
	$imagehash = $db->escape_string($mybb->get_input('imagehash'));
	$query = $db->simple_select("captcha", "imagestring", "imagehash='$imagehash'");
	if($db->num_rows($query) == 0)
	{
		echo json_encode($lang->captcha_valid_not_exists);

		exit;
	}

		exit;
	}

	$imagestring = $db->fetch_field($query, 'imagestring');

	$plugins->run_hooks("xmlhttp_validate_captcha");

	$imagestring = $db->fetch_field($query, 'imagestring');

	$plugins->run_hooks("xmlhttp_validate_captcha");

Zeile 824Zeile 824
	$sid = $db->escape_string($mybb->get_input('question_id'));
	$query = $db->query("
		SELECT q.qid, s.sid

 
	$sid = $db->escape_string($mybb->get_input('question_id'));
	$query = $db->query("
		SELECT q.qid, s.sid

		FROM ".TABLE_PREFIX."questionsessions s
		LEFT JOIN ".TABLE_PREFIX."questions q ON (q.qid=s.qid)

		FROM ".TABLE_PREFIX."questionsessions s
		LEFT JOIN ".TABLE_PREFIX."questions q ON (q.qid=s.qid)

		WHERE q.active='1' AND s.sid='{$sid}'
	");


		WHERE q.active='1' AND s.sid='{$sid}'
	");


Zeile 833Zeile 833
	{
		xmlhttp_error($lang->answer_valid_not_exists);
	}

 
	{
		xmlhttp_error($lang->answer_valid_not_exists);
	}





	$qsession = $db->fetch_array($query);

	// Delete previous question session

	$qsession = $db->fetch_array($query);

	// Delete previous question session

Zeile 850Zeile 850
	");

	$plugins->run_hooks("xmlhttp_refresh_question");

 
	");

	$plugins->run_hooks("xmlhttp_refresh_question");

 
	
	require_once MYBB_ROOT."inc/class_parser.php";
	$parser = new postParser;
	
	$parser_options = array(
		"allow_html" => 0,
		"allow_mycode" => 1,
		"allow_smilies" => 1,
		"allow_imgcode" => 1,
		"allow_videocode" => 1,
		"filter_badwords" => 1,
		"me_username" => 0,
		"shorten_urls" => 0,
		"highlight" => 0,
	);	


	if($db->num_rows($query) > 0)
	{
		$question = $db->fetch_array($query);


 

	if($db->num_rows($query) > 0)
	{
		$question = $db->fetch_array($query);


		echo json_encode(array("question" => htmlspecialchars_uni($question['question']), 'sid' => htmlspecialchars_uni($question['sid'])));

		echo json_encode(array("question" => $parser->parse_message($question['question'], $parser_options), 'sid' => htmlspecialchars_uni($question['sid'])));

		exit;
	}
	else

		exit;
	}
	else

Zeile 995Zeile 1010
	if(!verify_post_check($mybb->get_input('my_post_key'), true))
	{
		xmlhttp_error($lang->invalid_post_code);

 
	if(!verify_post_check($mybb->get_input('my_post_key'), true))
	{
		xmlhttp_error($lang->invalid_post_code);

	}

	}


	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler("insert");


 

	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler("insert");


	$email = $mybb->get_input('email');


	$email = $mybb->get_input('email');


	header("Content-type: application/json; charset={$charset}");

	$user = array(

	header("Content-type: application/json; charset={$charset}");

	$user = array(

Zeile 1010Zeile 1025

	$userhandler->set_data($user);


 

	$userhandler->set_data($user);


	$errors = array();


	$errors = array();


	if(!$userhandler->verify_email())

 
	if(!$userhandler->verify_email())

	{

	{

		$errors = $userhandler->get_friendly_errors();
	}

 
		$errors = $userhandler->get_friendly_errors();
	}





	$plugins->run_hooks("xmlhttp_email_availability");

	if(!empty($errors))
	{
		echo json_encode($errors[0]);

 
	$plugins->run_hooks("xmlhttp_email_availability");

	if(!empty($errors))
	{
		echo json_encode($errors[0]);

		exit;

		exit;

	}
	else
	{

	}
	else
	{

Zeile 1091Zeile 1106
	} else {
		foreach($referrals as $referral)
		{

 
	} else {
		foreach($referrals as $referral)
		{

 
			$bg_color = alt_trow();

			// Format user name link
			$username = htmlspecialchars_uni($referral['username']);
			$username = format_name($username, $referral['usergroup'], $referral['displaygroup']);
			$username = build_profile_link($username, $referral['uid']);

 
			// Format user name link
			$username = htmlspecialchars_uni($referral['username']);
			$username = format_name($username, $referral['usergroup'], $referral['displaygroup']);
			$username = build_profile_link($username, $referral['uid']);





			$regdate = my_date('normal', $referral['regdate']);

 
			$regdate = my_date('normal', $referral['regdate']);





			eval("\$referral_rows .= \"".$templates->get('member_referral_row')."\";");

 
			eval("\$referral_rows .= \"".$templates->get('member_referral_row')."\";");


			$bg_color = alt_trow();

 
		}
	}


		}
	}