Vergleich usercp.php - 1.8.18 - 1.8.25

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 42	Zeile 42
if($mybb->user['uid'] == 0 \|\| $mybb->usergroup['canusercp'] == 0) { error_no_permission();	if($mybb->user['uid'] == 0 \|\| $mybb->usergroup['canusercp'] == 0) { error_no_permission();
} if(!$mybb->user['pmfolders']) { $mybb->user['pmfolders'] = '1$%%$2$%%$3$%%$4'; $db->update_query('users', array('pmfolders' => $mybb->user['pmfolders']), "uid = {$mybb->user['uid']}");
} $errors = '';	} $errors = '';
$mybb->input['action'] = $mybb->get_input('action');	$mybb->input['action'] = $mybb->get_input('action');
usercp_menu();	usercp_menu();

$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);	$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);
	if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0) { if(my_strpos($server_http_referer, '/') === 0) { $server_http_referer = my_substr($server_http_referer, 1); } $url_segments = explode('/', $server_http_referer); $server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments); }
$plugins->run_hooks("usercp_start"); if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")	$plugins->run_hooks("usercp_start"); if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
Zeile 144	Zeile 148
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$plugins->run_hooks("usercp_do_profile_start");	$plugins->run_hooks("usercp_do_profile_start");
Zeile 207	Zeile 213
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "postnum" => $mybb->user['postnum'], "usergroup" => $mybb->user['usergroup'],	"uid" => $mybb->user['uid'], "postnum" => $mybb->user['postnum'], "usergroup" => $mybb->user['usergroup'],
Zeile 216	Zeile 222
"birthdayprivacy" => $mybb->get_input('birthdayprivacy'), "away" => $away, "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)	"birthdayprivacy" => $mybb->get_input('birthdayprivacy'), "away" => $away, "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)
); foreach(array('icq', 'yahoo', 'skype', 'google') as $cfield) { $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '') { continue; } if(!is_member($mybb->settings[$csetting])) { continue; }	)); foreach(array('icq', 'skype', 'google') as $cfield) { $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '') { continue; } if(!is_member($mybb->settings[$csetting])) { continue; }
if($cfield == 'icq') { $user[$cfield] = $mybb->get_input($cfield, 1);	if($cfield == 'icq') { $user[$cfield] = $mybb->get_input($cfield, 1);
	if(my_strlen($user[$cfield]) > 10) { error($lang->contact_field_icqerror); }
} else { $user[$cfield] = $mybb->get_input($cfield);	} else { $user[$cfield] = $mybb->get_input($cfield);
	if(my_strlen($user[$cfield]) > 75) { error($lang->contact_field_error); }
} }	} }
Zeile 366	Zeile 382
{ $user['skype'] = htmlspecialchars_uni($user['skype']); $user['google'] = htmlspecialchars_uni($user['google']);	{ $user['skype'] = htmlspecialchars_uni($user['skype']); $user['google'] = htmlspecialchars_uni($user['google']);
$user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
} $contact_fields = array(); $contactfields = ''; $cfieldsshow = false;	} $contact_fields = array(); $contactfields = ''; $cfieldsshow = false;
foreach(array('icq', 'yahoo', 'skype', 'google') as $cfield)	foreach(array('icq', 'skype', 'google') as $cfield)
{ $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field';	{ $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field';
Zeile 528	Zeile 543
foreach($useropts as $key => $val) { $val = htmlspecialchars_uni($val);	foreach($useropts as $key => $val) { $val = htmlspecialchars_uni($val);
$seloptions[$val] = $val; } } $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) { $val = trim($val); $val = str_replace("\n", "\\n", $val); $sel = ""; if(isset($seloptions[$val]) && $val == $seloptions[$val]) { $sel = " selected=\"selected\""; } eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); }	$seloptions[$val] = $val; } } $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) { $val = trim($val); $val = str_replace("\n", "\\n", $val); $sel = ""; if(isset($seloptions[$val]) && $val == $seloptions[$val]) { $sel = " selected=\"selected\""; } eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); }
if(!$profilefield['length']) { $profilefield['length'] = 3; } eval("\$code = \"".$templates->get("usercp_profile_profilefields_multiselect")."\";");	if(!$profilefield['length']) { $profilefield['length'] = 3; } eval("\$code = \"".$templates->get("usercp_profile_profilefields_multiselect")."\";");
} }	} }
elseif($type == "select") { $expoptions = explode("\n", $options);	elseif($type == "select") { $expoptions = explode("\n", $options);
Zeile 582	Zeile 597
} elseif($type == "radio") {	} elseif($type == "radio") {
	$userfield = htmlspecialchars_uni($userfield);
$expoptions = explode("\n", $options); if(is_array($expoptions)) {	$expoptions = explode("\n", $options); if(is_array($expoptions)) {
Zeile 599	Zeile 615
} elseif($type == "checkbox") {	} elseif($type == "checkbox") {
	$userfield = htmlspecialchars_uni($userfield);
if($errors) { $useropts = $userfield;	if($errors) { $useropts = $userfield;
Zeile 608	Zeile 625
$useropts = explode("\n", $userfield); } if(is_array($useropts))	$useropts = explode("\n", $userfield); } if(is_array($useropts))
{	{
foreach($useropts as $key => $val) { $seloptions[$val] = $val;	foreach($useropts as $key => $val) { $seloptions[$val] = $val;
Zeile 616	Zeile 633
} $expoptions = explode("\n", $options); if(is_array($expoptions))	} $expoptions = explode("\n", $options); if(is_array($expoptions))
{	{
foreach($expoptions as $key => $val) { $checked = "";	foreach($expoptions as $key => $val) { $checked = "";
Zeile 624	Zeile 641
{ $checked = " checked=\"checked\""; }	{ $checked = " checked=\"checked\""; }

eval("\$code .= \"".$templates->get("usercp_profile_profilefields_checkbox")."\";"); } }	eval("\$code .= \"".$templates->get("usercp_profile_profilefields_checkbox")."\";"); } }
Zeile 647	Zeile 664
} if($profilefield['required'] == 1)	} if($profilefield['required'] == 1)
{	{
eval("\$requiredfields .= \"".$templates->get("usercp_profile_customfield")."\";"); } else	eval("\$requiredfields .= \"".$templates->get("usercp_profile_customfield")."\";"); } else
Zeile 663	Zeile 680
$useropts = ""; $seloptions = array(); }	$useropts = ""; $seloptions = array(); }
}	}
if($customfields) { eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";"); } if($mybb->usergroup['cancustomtitle'] == 1)	if($customfields) { eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";"); } if($mybb->usergroup['cancustomtitle'] == 1)
{	{
if($mybb->usergroup['usertitle'] == "") { $defaulttitle = '';	if($mybb->usergroup['usertitle'] == "") { $defaulttitle = '';
Zeile 739	Zeile 756
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$plugins->run_hooks("usercp_do_options_start");	$plugins->run_hooks("usercp_do_options_start");
Zeile 746	Zeile 765
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "style" => $mybb->get_input('style', MyBB::INPUT_INT), "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),	"uid" => $mybb->user['uid'], "style" => $mybb->get_input('style', MyBB::INPUT_INT), "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),
Zeile 755	Zeile 774
"language" => $mybb->get_input('language'), 'usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $mybb->user['additionalgroups']	"language" => $mybb->get_input('language'), 'usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $mybb->user['additionalgroups']
);	));
$user['options'] = array( "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),	$user['options'] = array( "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),
Zeile 795	Zeile 814
$userhandler->set_data($user); if(!$userhandler->validate_user())	$userhandler->set_data($user); if(!$userhandler->validate_user())
{	{
$errors = $userhandler->get_friendly_errors(); $errors = inline_error($errors); $mybb->input['action'] = "options";	$errors = $userhandler->get_friendly_errors(); $errors = inline_error($errors); $mybb->input['action'] = "options";
Zeile 812	Zeile 831
if($mybb->input['action'] == "options") {	if($mybb->input['action'] == "options") {
$plugins->run_hooks("usercp_options_start");
if($errors != '')	if($errors != '')
{	{
$user = $mybb->input;	$user = $mybb->input;
} else {	} else {
$user = $mybb->user; }	$user = $mybb->user; }
	$plugins->run_hooks("usercp_options_start");
$languages = $lang->get_languages(); $board_language = $langoptions = '';	$languages = $lang->get_languages(); $board_language = $langoptions = '';
Zeile 847	Zeile 866
if(isset($user['allownotices']) && $user['allownotices'] == 1) { $allownoticescheck = "checked=\"checked\"";	if(isset($user['allownotices']) && $user['allownotices'] == 1) { $allownoticescheck = "checked=\"checked\"";
} else {	} else {
$allownoticescheck = "";	$allownoticescheck = "";
}	}
if(isset($user['invisible']) && $user['invisible'] == 1) { $invisiblecheck = "checked=\"checked\"";	if(isset($user['invisible']) && $user['invisible'] == 1) { $invisiblecheck = "checked=\"checked\"";
} else {	} else {
$invisiblecheck = ""; } if(isset($user['hideemail']) && $user['hideemail'] == 1) { $hideemailcheck = "checked=\"checked\"";	$invisiblecheck = ""; } if(isset($user['hideemail']) && $user['hideemail'] == 1) { $hideemailcheck = "checked=\"checked\"";
}	}
else { $hideemailcheck = "";	else { $hideemailcheck = "";
Zeile 873	Zeile 892
$no_auto_subscribe_selected = $instant_email_subscribe_selected = $instant_pm_subscribe_selected = $no_subscribe_selected = ''; if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 1)	$no_auto_subscribe_selected = $instant_email_subscribe_selected = $instant_pm_subscribe_selected = $no_subscribe_selected = ''; if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 1)
{	{
$no_subscribe_selected = "selected=\"selected\"";	$no_subscribe_selected = "selected=\"selected\"";
}	}
elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2) { $instant_email_subscribe_selected = "selected=\"selected\""; } elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2) { $instant_email_subscribe_selected = "selected=\"selected\""; } elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3)
{	{
$instant_pm_subscribe_selected = "selected=\"selected\"";	$instant_pm_subscribe_selected = "selected=\"selected\"";
}	}
else { $no_auto_subscribe_selected = "selected=\"selected\"";	else { $no_auto_subscribe_selected = "selected=\"selected\"";
}	}
if(isset($user['showimages']) && $user['showimages'] == 1)	if(isset($user['showimages']) && $user['showimages'] == 1)
{	{
$showimagescheck = "checked=\"checked\""; } else { $showimagescheck = "";	$showimagescheck = "checked=\"checked\""; } else { $showimagescheck = "";
}	}
if(isset($user['showvideos']) && $user['showvideos'] == 1) {	if(isset($user['showvideos']) && $user['showvideos'] == 1) {
Zeile 912	Zeile 931
$showsigscheck = "checked=\"checked\""; } else	$showsigscheck = "checked=\"checked\""; } else
{	{
$showsigscheck = ""; } if(isset($user['showavatars']) && $user['showavatars'] == 1) { $showavatarscheck = "checked=\"checked\"";	$showsigscheck = ""; } if(isset($user['showavatars']) && $user['showavatars'] == 1) { $showavatarscheck = "checked=\"checked\"";
}	}
else { $showavatarscheck = "";	else { $showavatarscheck = "";
Zeile 1041	Zeile 1060
else { $classicpostbitcheck = '';	else { $classicpostbitcheck = '';
}	}
$date_format_options = $dateformat = ''; foreach($date_formats as $key => $format) {	$date_format_options = $dateformat = ''; foreach($date_formats as $key => $format) {
Zeile 1164	Zeile 1183
} if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")	} if($mybb->input['action'] == "do_email" && $mybb->request_method == "post")
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$errors = array();	$errors = array();
Zeile 1180	Zeile 1199
// Set up user handler. require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	// Set up user handler. require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");

$user = array( "uid" => $mybb->user['uid'], "email" => $mybb->get_input('email'),	$user = array( "uid" => $mybb->user['uid'], "email" => $mybb->get_input('email'),
Zeile 1195	Zeile 1214
} else {	} else {
if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != 1 && $mybb->settings['regtype'] != "verify")	$activation = false; // Checking for pending activations for non-activated accounts if($mybb->user['usergroup'] == 5 && ($mybb->settings['regtype'] == "verify" \|\| $mybb->settings['regtype'] == "both")) { $query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND (type='r' OR type='b')"); $activation = $db->fetch_array($query); } if($activation) { $userhandler->update_user(); $db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'"); // Send new activation mail for non-activated accounts $activationcode = random_str(); $activationarray = array( "uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "code" => $activationcode, "type" => $activation['type'] ); $db->insert_query("awaitingactivation", $activationarray); $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); switch($mybb->settings['username_method']) { case 0: $emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; case 1: $emailmessage = $lang->sprintf($lang->email_activateaccount1, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; case 2: $emailmessage = $lang->sprintf($lang->email_activateaccount2, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; default: $emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; } my_mail($mybb->user['email'], $emailsubject, $emailmessage); $plugins->run_hooks("usercp_do_email_changed"); redirect("usercp.php?action=email", $lang->redirect_emailupdated); } elseif($mybb->usergroup['cancp'] != 1 && ($mybb->settings['regtype'] == "verify" \|\| $mybb->settings['regtype'] == "both"))
{ $uid = $mybb->user['uid']; $username = $mybb->user['username'];	{ $uid = $mybb->user['uid']; $username = $mybb->user['username'];
Zeile 1264	Zeile 1326
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$errors = array();	$errors = array();

$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false) {	$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false) {
Zeile 1277	Zeile 1340
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "password" => $mybb->get_input('password'), "password2" => $mybb->get_input('password2')	"uid" => $mybb->user['uid'], "password" => $mybb->get_input('password'), "password2" => $mybb->get_input('password2')
); $userhandler->set_data($user); if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); } else { $userhandler->update_user();	)); $userhandler->set_data($user); if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); } else { $userhandler->update_user();
my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true, "lax"); // Notify the user by email that their password has been changed $mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']); $lang->emailsubject_changepassword = $lang->sprintf($lang->emailsubject_changepassword, $mybb->settings['bbname']); my_mail($mybb->user['email'], $lang->emailsubject_changepassword, $mail_message);	my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true, "lax"); // Notify the user by email that their password has been changed $mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']); $lang->emailsubject_changepassword = $lang->sprintf($lang->emailsubject_changepassword, $mybb->settings['bbname']); my_mail($mybb->user['email'], $lang->emailsubject_changepassword, $mail_message);

$plugins->run_hooks("usercp_do_password_end"); redirect("usercp.php?action=password", $lang->redirect_passwordupdated); } } if(count($errors) > 0)	$plugins->run_hooks("usercp_do_password_end"); redirect("usercp.php?action=password", $lang->redirect_passwordupdated); } } if(count($errors) > 0)
{	{
$mybb->input['action'] = "password"; $errors = inline_error($errors); } } if($mybb->input['action'] == "password")	$mybb->input['action'] = "password"; $errors = inline_error($errors); } } if($mybb->input['action'] == "password")
{	{
$plugins->run_hooks("usercp_password"); eval("\$editpassword = \"".$templates->get("usercp_password")."\";"); output_page($editpassword); }	$plugins->run_hooks("usercp_password"); eval("\$editpassword = \"".$templates->get("usercp_password")."\";"); output_page($editpassword); }

if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_changename_start");	$errors = array();
if($mybb->usergroup['canchangename'] != 1) { error_no_permission(); }	if($mybb->usergroup['canchangename'] != 1) { error_no_permission(); }
	$user = array(); $plugins->run_hooks("usercp_do_changename_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)
{	{
$errors[] = $lang->error_invalidpassword; } else	$errors[] = $lang->error_invalidpassword; } else
Zeile 1339	Zeile 1407
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "username" => $mybb->get_input('username')	"uid" => $mybb->user['uid'], "username" => $mybb->get_input('username')
);	));
$userhandler->set_data($user);	$userhandler->set_data($user);
Zeile 1355	Zeile 1423
$userhandler->update_user(); $plugins->run_hooks("usercp_do_changename_end"); redirect("usercp.php?action=changename", $lang->redirect_namechanged);	$userhandler->update_user(); $plugins->run_hooks("usercp_do_changename_end"); redirect("usercp.php?action=changename", $lang->redirect_namechanged);

}	}
}	}
if(count($errors) > 0) { $errors = inline_error($errors); $mybb->input['action'] = "changename";	if(count($errors) > 0) { $errors = inline_error($errors); $mybb->input['action'] = "changename";
}	}
} if($mybb->input['action'] == "changename")	} if($mybb->input['action'] == "changename")
Zeile 1371	Zeile 1438
if($mybb->usergroup['canchangename'] != 1) { error_no_permission();	if($mybb->usergroup['canchangename'] != 1) { error_no_permission();
	} // Coming back to this page after one or more errors were experienced, show field the user previously entered (with the exception of the password) if($errors) { $username = htmlspecialchars_uni($mybb->get_input('username')); } else { $username = '';
} $plugins->run_hooks("usercp_changename_end");	} $plugins->run_hooks("usercp_changename_end");
Zeile 1383	Zeile 1460
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_subscriptions_start");
if(!isset($mybb->input['check']) \|\| !is_array($mybb->input['check'])) { error($lang->no_subscriptions_selected); }	if(!isset($mybb->input['check']) \|\| !is_array($mybb->input['check'])) { error($lang->no_subscriptions_selected); }
	$plugins->run_hooks("usercp_do_subscriptions_start");
// Clean input - only accept integers thanks! $mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));	// Clean input - only accept integers thanks! $mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));
Zeile 1408	Zeile 1485
$new_notification = 0; } elseif($mybb->get_input('do') == "email_notification")	$new_notification = 0; } elseif($mybb->get_input('do') == "email_notification")
{	{
$new_notification = 1;	$new_notification = 1;
}	}
elseif($mybb->get_input('do') == "pm_notification") { $new_notification = 2;	elseif($mybb->get_input('do') == "pm_notification") { $new_notification = 2;
}	}
// Update $update_array = array("notification" => $new_notification); $db->update_query("threadsubscriptions", $update_array, "tid IN ($tids) AND uid='{$mybb->user['uid']}'");	// Update $update_array = array("notification" => $new_notification); $db->update_query("threadsubscriptions", $update_array, "tid IN ($tids) AND uid='{$mybb->user['uid']}'");
Zeile 1538	Zeile 1615
while($forum = $db->fetch_array($query)) { $readforums[$forum['fid']] = $forum['lastread'];	while($forum = $db->fetch_array($query)) { $readforums[$forum['fid']] = $forum['lastread'];
}	}
// Check participation by the current user in any of these threads - for 'dot' folder icons if($mybb->settings['dotfolders'] != 0) { $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while($post = $db->fetch_array($query))	// Check participation by the current user in any of these threads - for 'dot' folder icons if($mybb->settings['dotfolders'] != 0) { $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while($post = $db->fetch_array($query))
{	{
$subscriptions[$post['tid']]['doticon'] = 1; } } // Read threads if($mybb->settings['threadreadcut'] > 0)	$subscriptions[$post['tid']]['doticon'] = 1; } } // Read threads if($mybb->settings['threadreadcut'] > 0)
{	{
$query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while($readthread = $db->fetch_array($query)) { $subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline']; } }	$query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while($readthread = $db->fetch_array($query)) { $subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline']; } }

$icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes();	$icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes();
Zeile 1596	Zeile 1673
$icon['path'] = htmlspecialchars_uni($icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); eval("\$icon = \"".$templates->get("usercp_subscriptions_thread_icon")."\";");	$icon['path'] = htmlspecialchars_uni($icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); eval("\$icon = \"".$templates->get("usercp_subscriptions_thread_icon")."\";");
} else {	} else {
$icon = " "; }	$icon = " "; }
Zeile 1899	Zeile 1976
if($mybb->get_input('referrer')) {	if($mybb->get_input('referrer')) {
$url = htmlspecialchars_uni($mybb->get_input('referrer'));	$mybb->input['referrer'] = $mybb->get_input('referrer'); if(my_strpos($mybb->input['referrer'], $mybb->settings['bburl'].'/') !== 0) { if(my_strpos($mybb->input['referrer'], '/') === 0) { $mybb->input['referrer'] = my_substr($mybb->input['url'], 1); } $url_segments = explode('/', $mybb->input['referrer']); $mybb->input['referrer'] = $mybb->settings['bburl'].'/'.end($url_segments); } $url = htmlspecialchars_uni($mybb->input['referrer']);
} else {	} else {
Zeile 1912	Zeile 2001
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));

if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));	if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
Zeile 1924	Zeile 2013
if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0) { error_no_permission();	if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0) { error_no_permission();
}	}
// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']);	// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']);
Zeile 1947	Zeile 2036
{ $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread \|\| $thread['visible'] == -1)	{ $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread \|\| $thread['visible'] == -1)
{ error($lang->error_invalidthread); }	{ error($lang->error_invalidthread); }
// Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']);	// Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']);
Zeile 1971	Zeile 2060
// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);	// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);

$referrer = ''; if($server_http_referer) {	$referrer = ''; if($server_http_referer) {
Zeile 1986	Zeile 2075
$notification_none_checked = $notification_email_checked = $notification_pm_checked = ''; if($mybb->user['subscriptionmethod'] == 1 \|\| $mybb->user['subscriptionmethod'] == 0)	$notification_none_checked = $notification_email_checked = $notification_pm_checked = ''; if($mybb->user['subscriptionmethod'] == 1 \|\| $mybb->user['subscriptionmethod'] == 0)
{	{
$notification_none_checked = "checked=\"checked\""; } elseif($mybb->user['subscriptionmethod'] == 2)	$notification_none_checked = "checked=\"checked\""; } elseif($mybb->user['subscriptionmethod'] == 2)
Zeile 2000	Zeile 2089
// Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_addsubscription_thread");	// Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_addsubscription_thread");

eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";"); output_page($add_subscription); exit; } }	eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";"); output_page($add_subscription); exit; } }
if($mybb->input['action'] == "removesubscription")	if($mybb->input['action'] == "removesubscription" && ($mybb->request_method == "post" \|\| verify_post_check($mybb->get_input('my_post_key'), true)))
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
Zeile 2070	Zeile 2159
$url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionremoved);	$url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionremoved);
	} } // Show remove subscription form when GET method and without valid my_post_key if($mybb->input['action'] == "removesubscription") { $referrer = ''; if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum); } add_breadcrumb($lang->nav_forumsubscriptions, "usercp.php?action=forumsubscriptions"); add_breadcrumb($lang->nav_removesubscription); $forumpermissions = forum_permissions($forum['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0) { error_no_permission(); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']); $lang->unsubscribe_from_forum = $lang->sprintf($lang->unsubscribe_from_forum, $forum['name']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_display_forum"); eval("\$remove_forum_subscription = \"".$templates->get("usercp_removesubscription_forum")."\";"); output_page($remove_forum_subscription); exit; } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread \|\| $thread['visible'] == -1) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread); } add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions"); add_breadcrumb($lang->nav_removesubscription); $forumpermissions = forum_permissions($thread['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission(); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser; $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); $lang->unsubscribe_from_thread = $lang->sprintf($lang->unsubscribe_from_thread, $thread['subject']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_display_thread"); eval("\$remove_thread_subscription = \"".$templates->get("usercp_removesubscription_thread")."\";"); output_page($remove_thread_subscription); exit;
} }	} }
Zeile 2079	Zeile 2245
verify_post_check($mybb->get_input('my_post_key')); if($mybb->get_input('type') == "forum")	verify_post_check($mybb->get_input('my_post_key')); if($mybb->get_input('type') == "forum")
{ // Naming of the hook retained for backward compatibility while dropping usercp2.php	{ // Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscriptions_forum"); $db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");	$plugins->run_hooks("usercp2_removesubscriptions_forum"); $db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");
if($server_http_referer) { $url = $server_http_referer; }	if($server_http_referer) { $url = $server_http_referer; }
else { $url = "usercp.php?action=forumsubscriptions";	else { $url = "usercp.php?action=forumsubscriptions";
Zeile 2101	Zeile 2267
$db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'"); if($server_http_referer)	$db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'"); if($server_http_referer)
{	{
$url = $server_http_referer;	$url = $server_http_referer;
}	}
else { $url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionsremoved);	else { $url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionsremoved);
}	}
} if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	} if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_editsig_start");
// User currently has a suspended signature if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) { error_no_permission(); }	// User currently has a suspended signature if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) { error_no_permission(); }
	$plugins->run_hooks("usercp_do_editsig_start");
if($mybb->get_input('updateposts') == "enable") { $update_signature = array( "includesig" => 1	if($mybb->get_input('updateposts') == "enable") { $update_signature = array( "includesig" => 1
); $db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'");	); $db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'");
} elseif($mybb->get_input('updateposts') == "disable") {	} elseif($mybb->get_input('updateposts') == "disable") {
Zeile 2138	Zeile 2304
"includesig" => 0 ); $db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'");	"includesig" => 0 ); $db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'");
}	}
$new_signature = array( "signature" => $db->escape_string($mybb->get_input('signature')) );	$new_signature = array( "signature" => $db->escape_string($mybb->get_input('signature')) );
Zeile 2152	Zeile 2318
{ $plugins->run_hooks("usercp_editsig_start"); if(!empty($mybb->input['preview']) && empty($error))	{ $plugins->run_hooks("usercp_editsig_start"); if(!empty($mybb->input['preview']) && empty($error))
{	{
$sig = $mybb->get_input('signature'); $template = "usercp_editsig_preview"; }	$sig = $mybb->get_input('signature'); $template = "usercp_editsig_preview"; }
Zeile 2165	Zeile 2331
{ $sig = $mybb->get_input('signature'); $template = false;	{ $sig = $mybb->get_input('signature'); $template = false;
}	}
if(!isset($error)) { $error = ''; } if($mybb->user['suspendsignature'] && ($mybb->user['suspendsigtime'] == 0 \|\| $mybb->user['suspendsigtime'] > 0 && $mybb->user['suspendsigtime'] > TIME_NOW))	if(!isset($error)) { $error = ''; } if($mybb->user['suspendsignature'] && ($mybb->user['suspendsigtime'] == 0 \|\| $mybb->user['suspendsigtime'] > 0 && $mybb->user['suspendsigtime'] > TIME_NOW))
{	{
// User currently has no signature and they're suspended error($lang->sig_suspended); }	// User currently has no signature and they're suspended error($lang->sig_suspended); }
Zeile 2187	Zeile 2353
{ // Usergroup can use this facility, but only after x posts error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));	{ // Usergroup can use this facility, but only after x posts error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));
}	}
$signature = ''; if($sig && $template)	$signature = ''; if($sig && $template)
Zeile 2202	Zeile 2368
); if($mybb->user['showimages'] != 1)	); if($mybb->user['showimages'] != 1)
{	{
$sig_parser['allow_imgcode'] = 0; }	$sig_parser['allow_imgcode'] = 0; }

$sigpreview = $parser->parse_message($sig, $sig_parser); eval("\$signature = \"".$templates->get($template)."\";");	$sigpreview = $parser->parse_message($sig, $sig_parser); eval("\$signature = \"".$templates->get($template)."\";");
}	}
// User has a current signature, so let's display it (but show an error message) if($mybb->user['suspendsignature'] && $mybb->user['suspendsigtime'] > TIME_NOW) {	// User has a current signature, so let's display it (but show an error message) if($mybb->user['suspendsignature'] && $mybb->user['suspendsigtime'] > TIME_NOW) {
Zeile 2229	Zeile 2395
else { $sigsmilies = $lang->off;	else { $sigsmilies = $lang->off;
} if($mybb->settings['sigmycode'] == 1) {	} if($mybb->settings['sigmycode'] == 1) {
$sigmycode = $lang->on; } else { $sigmycode = $lang->off;	$sigmycode = $lang->on; } else { $sigmycode = $lang->off;
} if($mybb->settings['sightml'] == 1) {	} if($mybb->settings['sightml'] == 1) {
$sightml = $lang->on; } else { $sightml = $lang->off;	$sightml = $lang->on; } else { $sightml = $lang->off;
}	}
if($mybb->settings['sigimgcode'] == 1) { $sigimgcode = $lang->on;	if($mybb->settings['sigimgcode'] == 1) { $sigimgcode = $lang->on;
Zeile 2257	Zeile 2423
$sig = htmlspecialchars_uni($sig); $lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);	$sig = htmlspecialchars_uni($sig); $lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);
if($mybb->settings['bbcodeinserter'] != 0 \|\| $mybb->user['showcodebuttons'] != 0)	if($mybb->settings['sigmycode'] != 0 && $mybb->settings['bbcodeinserter'] != 0 && $mybb->user['showcodebuttons'] != 0)
{ $codebuttons = build_mycode_inserter("signature"); }	{ $codebuttons = build_mycode_inserter("signature"); }
Zeile 2398	Zeile 2564
$avatar_error = $lang->error_avatartoobig; } }	$avatar_error = $lang->error_avatartoobig; } }
	} // Limiting URL string to stay within database limit if(strlen($mybb->input['avatarurl']) > 200) { $avatar_error = $lang->error_avatarurltoolong;
} if(empty($avatar_error))	} if(empty($avatar_error))
Zeile 2474	Zeile 2646
elseif($mybb->settings['avatarresizing'] == "user") { eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");	elseif($mybb->settings['avatarresizing'] == "user") { eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
}	}
$avatarupload = ''; if($mybb->usergroup['canuploadavatars'] == 1) { eval("\$avatarupload = \"".$templates->get("usercp_avatar_upload")."\";");	$avatarupload = ''; if($mybb->usergroup['canuploadavatars'] == 1) { eval("\$avatarupload = \"".$templates->get("usercp_avatar_upload")."\";");
}	}
$avatar_remote = ''; if($mybb->settings['allowremoteavatars'] == 1) { eval("\$avatar_remote = \"".$templates->get("usercp_avatar_remote")."\";");	$avatar_remote = ''; if($mybb->settings['allowremoteavatars'] == 1) { eval("\$avatar_remote = \"".$templates->get("usercp_avatar_remote")."\";");
}	}
$removeavatar = ''; if(!empty($mybb->user['avatar'])) { eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";");	$removeavatar = ''; if(!empty($mybb->user['avatar'])) { eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";");
} $plugins->run_hooks("usercp_avatar_end");	} $plugins->run_hooks("usercp_avatar_end");
if(!isset($avatar_error)) { $avatar_error = '';	if(!isset($avatar_error)) { $avatar_error = '';
}	}
eval("\$avatar = \"".$templates->get("usercp_avatar")."\";"); output_page($avatar); }	eval("\$avatar = \"".$templates->get("usercp_avatar")."\";"); output_page($avatar); }
Zeile 2527	Zeile 2699
if($user['buddylist'] != '') { $user['buddylist'] = explode(',', $user['buddylist']);	if($user['buddylist'] != '') { $user['buddylist'] = explode(',', $user['buddylist']);
} else { $user['buddylist'] = array(); }	} else { $user['buddylist'] = array(); }
$user['buddylist'][] = (int)$mybb->user['uid']; // Now we have the new list, so throw it all back together	$user['buddylist'][] = (int)$mybb->user['uid']; // Now we have the new list, so throw it all back together
Zeile 2656	Zeile 2828
$plugins->run_hooks("usercp_cancelrequest_start"); $db->delete_query('buddyrequests', 'id='.(int)$request['id']);	$plugins->run_hooks("usercp_cancelrequest_start"); $db->delete_query('buddyrequests', 'id='.(int)$request['id']);

$plugins->run_hooks("usercp_cancelrequest_end"); redirect("usercp.php?action=editlists", $lang->buddyrequest_cancelled);	$plugins->run_hooks("usercp_cancelrequest_end"); redirect("usercp.php?action=editlists", $lang->buddyrequest_cancelled);
Zeile 2780	Zeile 2952
if(in_array($user['uid'], $selected_list)) { $string .= "_alt";	if(in_array($user['uid'], $selected_list)) { $string .= "_alt";
}	}
$error_message = $lang->$string; array_pop($users); // To maintain a proper count when we call count($users)	$error_message = $lang->$string; array_pop($users); // To maintain a proper count when we call count($users)
Zeile 3024	Zeile 3196
if($new_list == "") { echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";	if($new_list == "") { echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";
	echo "\$(\"#buddylink\").remove();\n";
if($mybb->get_input('manage') == "ignored") { echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";	if($mybb->get_input('manage') == "ignored") { echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";
}	}
else { echo "\$(\"#buddy_list\").html(\"<li>{$lang->buddy_list_empty}</li>\");\n";	else { echo "\$(\"#buddy_list\").html(\"<li>{$lang->buddy_list_empty}</li>\");\n";
Zeile 3148	Zeile 3322
if($sent_rows == '') { eval("\$sent_rows = \"".$templates->get("usercp_editlists_no_requests", 1, 0)."\";");	if($sent_rows == '') { eval("\$sent_rows = \"".$templates->get("usercp_editlists_no_requests", 1, 0)."\";");
} eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");	} eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");
echo $sentrequests; echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>"; }	echo $sentrequests; echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>"; }
Zeile 3165	Zeile 3339
} $received_rows = '';	} $received_rows = '';
$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r	$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.uid) WHERE r.touid=".(int)$mybb->user['uid']);	LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.uid) WHERE r.touid=".(int)$mybb->user['uid']);
Zeile 3175	Zeile 3349
{ $bgcolor = alt_trow(); $request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['uid']);	{ $bgcolor = alt_trow(); $request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['uid']);
$request['date'] = my_date('relative', $request['date']);	$request['date'] = my_date('relative', $request['date']);
eval("\$received_rows .= \"".$templates->get("usercp_editlists_received_request")."\";"); } if($received_rows == '') { eval("\$received_rows = \"".$templates->get("usercp_editlists_no_requests")."\";");	eval("\$received_rows .= \"".$templates->get("usercp_editlists_received_request")."\";"); } if($received_rows == '') { eval("\$received_rows = \"".$templates->get("usercp_editlists_no_requests")."\";");
}	}
eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");	eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");
Zeile 3212	Zeile 3386
eval("\$listpage = \"".$templates->get("usercp_editlists")."\";"); output_page($listpage);	eval("\$listpage = \"".$templates->get("usercp_editlists")."\";"); output_page($listpage);
}	}
if($mybb->input['action'] == "drafts") { $plugins->run_hooks("usercp_drafts_start");	if($mybb->input['action'] == "drafts") { $plugins->run_hooks("usercp_drafts_start");
Zeile 3274	Zeile 3448
eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";"); output_page($draftlist);	eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";"); output_page($draftlist);
}	}
if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_drafts_start");
$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY); if(empty($mybb->input['deletedraft'])) { error($lang->no_drafts_selected); }	$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY); if(empty($mybb->input['deletedraft'])) { error($lang->no_drafts_selected); }
	$plugins->run_hooks("usercp_do_drafts_start");
$pidin = array(); $tidin = array();	$pidin = array(); $tidin = array();

foreach($mybb->input['deletedraft'] as $id => $val) { if($val == "post")	foreach($mybb->input['deletedraft'] as $id => $val) { if($val == "post")
Zeile 3296	Zeile 3473
$pidin[] = "'".(int)$id."'"; } elseif($val == "thread")	$pidin[] = "'".(int)$id."'"; } elseif($val == "thread")
{	{
$tidin[] = "'".(int)$id."'"; } }	$tidin[] = "'".(int)$id."'"; } }
Zeile 3323	Zeile 3500
$plugins->run_hooks("usercp_do_drafts_end"); redirect("usercp.php?action=drafts", $lang->selected_drafts_deleted); }	$plugins->run_hooks("usercp_do_drafts_end"); redirect("usercp.php?action=drafts", $lang->selected_drafts_deleted); }

if($mybb->input['action'] == "usergroups") {	if($mybb->input['action'] == "usergroups") {
$plugins->run_hooks("usercp_usergroups_start");
$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].",";	$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].",";

$usergroups = $mybb->cache->read('usergroups');	$usergroups = $mybb->cache->read('usergroups');
	$plugins->run_hooks("usercp_usergroups_start");
// Changing our display group if($mybb->get_input('displaygroup', MyBB::INPUT_INT))	// Changing our display group if($mybb->get_input('displaygroup', MyBB::INPUT_INT))
Zeile 3396	Zeile 3574
// Joining a group if($mybb->get_input('joingroup', MyBB::INPUT_INT))	// Joining a group if($mybb->get_input('joingroup', MyBB::INPUT_INT))
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$usergroup = $usergroups[$mybb->get_input('joingroup', MyBB::INPUT_INT)]; if($usergroup['type'] == 5)	$usergroup = $usergroups[$mybb->get_input('joingroup', MyBB::INPUT_INT)]; if($usergroup['type'] == 5)
Zeile 3415	Zeile 3593
if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false) { error($lang->already_member_of_group);	if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false) { error($lang->already_member_of_group);
}	}
$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'"); $joinrequest = $db->fetch_array($query);	$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'"); $joinrequest = $db->fetch_array($query);
Zeile 3430	Zeile 3608
$reasonlength = my_strlen($mybb->get_input('reason')); if($reasonlength > 250) // Reason field is varchar(250) in database	$reasonlength = my_strlen($mybb->get_input('reason')); if($reasonlength > 250) // Reason field is varchar(250) in database
{	{
error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250))); }	error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250))); }
Zeile 3461	Zeile 3639
// Load language $lang->set_language($mybb->user['language']); $lang->load("messages");	// Load language $lang->set_language($mybb->user['language']); $lang->load("messages");

$plugins->run_hooks("usercp_usergroups_join_group_request"); redirect("usercp.php?action=usergroups", $lang->group_join_requestsent); exit;	$plugins->run_hooks("usercp_usergroups_join_group_request"); redirect("usercp.php?action=usergroups", $lang->group_join_requestsent); exit;
Zeile 3483	Zeile 3661
// Accepting invitation if($mybb->get_input('acceptinvite', MyBB::INPUT_INT))	// Accepting invitation if($mybb->get_input('acceptinvite', MyBB::INPUT_INT))
{	{
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
Zeile 3522	Zeile 3700
FROM ".TABLE_PREFIX."groupleaders l LEFT JOIN ".TABLE_PREFIX."usergroups g ON(g.gid=l.gid) LEFT JOIN ".TABLE_PREFIX."users u ON(((','\|\| u.additionalgroups\|\| ',' LIKE '%,'\|\| g.gid\|\| ',%') OR u.usergroup = g.gid))	FROM ".TABLE_PREFIX."groupleaders l LEFT JOIN ".TABLE_PREFIX."usergroups g ON(g.gid=l.gid) LEFT JOIN ".TABLE_PREFIX."users u ON(((','\|\| u.additionalgroups\|\| ',' LIKE '%,'\|\| g.gid\|\| ',%') OR u.usergroup = g.gid))
LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0) WHERE l.uid='".$mybb->user['uid']."'	LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0) WHERE l.uid='".$mybb->user['uid']."'
GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers "); break;	GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers, l.caninvitemembers "); break;
Zeile 3547	Zeile 3725
if($usergroup['type'] != 4) { $usergroup['joinrequests'] = '--';	if($usergroup['type'] != 4) { $usergroup['joinrequests'] = '--';
}	}
if($usergroup['joinrequests'] > 0 && $usergroup['canmanagerequests'] == 1) { eval("\$moderaterequestslink = \"".$templates->get("usercp_usergroups_leader_usergroup_moderaterequests")."\";");	if($usergroup['joinrequests'] > 0 && $usergroup['canmanagerequests'] == 1) { eval("\$moderaterequestslink = \"".$templates->get("usercp_usergroups_leader_usergroup_moderaterequests")."\";");
Zeile 3585	Zeile 3763
eval("\$memberoflist = \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";"); $showmemberof = false;	eval("\$memberoflist = \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";"); $showmemberof = false;
if($mybb->user['additionalgroups'])	if($mybb->user['additionalgroups'])
{ $query = $db->simple_select("usergroups", "*", "gid IN (".$mybb->user['additionalgroups'].") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title')); while($usergroup = $db->fetch_array($query))	{ $query = $db->simple_select("usergroups", "*", "gid IN (".$mybb->user['additionalgroups'].") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title')); while($usergroup = $db->fetch_array($query))
Zeile 3709	Zeile 3887
{ // User is already a leader of the group, so don't show as a "Join Group" eval("\$joinablegrouplist .= \"".$templates->get("usercp_usergroups_joinable_usergroup")."\";");	{ // User is already a leader of the group, so don't show as a "Join Group" eval("\$joinablegrouplist .= \"".$templates->get("usercp_usergroups_joinable_usergroup")."\";");
} }	} }
if($joinablegrouplist) { eval("\$joinablegroups = \"".$templates->get("usercp_usergroups_joinable")."\";");	if($joinablegrouplist) { eval("\$joinablegroups = \"".$templates->get("usercp_usergroups_joinable")."\";");
}	}
$plugins->run_hooks("usercp_usergroups_end"); eval("\$groupmemberships = \"".$templates->get("usercp_usergroups")."\";");	$plugins->run_hooks("usercp_usergroups_end"); eval("\$groupmemberships = \"".$templates->get("usercp_usergroups")."\";");
Zeile 3724	Zeile 3902
if($mybb->input['action'] == "attachments") {	if($mybb->input['action'] == "attachments") {
$plugins->run_hooks("usercp_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php"; if($mybb->settings['enableattachments'] == 0) { error($lang->attachments_disabled);	require_once MYBB_ROOT."inc/functions_upload.php"; if($mybb->settings['enableattachments'] == 0) { error($lang->attachments_disabled);
}	} $plugins->run_hooks("usercp_attachments_start"); // Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(true); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)"; }
$attachments = '';	$attachments = '';
$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'"); $usage = $db->fetch_array($query); $totalattachments = $usage['acount'];
// Pagination if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1) { $mybb->settings['threadsperpage'] = 20; }	// Pagination if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1) { $mybb->settings['threadsperpage'] = 20; }

$perpage = $mybb->settings['threadsperpage']; $page = $mybb->get_input('page', MyBB::INPUT_INT); if($page > 0) { $start = ($page-1) * $perpage;	$perpage = $mybb->settings['threadsperpage']; $page = $mybb->get_input('page', MyBB::INPUT_INT); if($page > 0) { $start = ($page-1) * $perpage;
$pages = ceil($totalattachments / $perpage); if($page > $pages) { $start = 0; $page = 1; }
} else {	} else {
Zeile 3771	Zeile 3953
FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)	FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE a.uid='".$mybb->user['uid']."'	WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}
ORDER BY p.dateline DESC LIMIT {$start}, {$perpage} ");	ORDER BY p.dateline DESC LIMIT {$start}, {$perpage} ");
$bandwidth = $totaldownloads = 0;	$bandwidth = $totaldownloads = $totalusage = $totalattachments = $processedattachments = 0;
while($attachment = $db->fetch_array($query)) { if($attachment['dateline'] && $attachment['tid'])	while($attachment = $db->fetch_array($query)) { if($attachment['dateline'] && $attachment['tid'])
Zeile 3798	Zeile 3980
// Add to bandwidth total $bandwidth += ($attachment['filesize'] * $attachment['downloads']); $totaldownloads += $attachment['downloads'];	// Add to bandwidth total $bandwidth += ($attachment['filesize'] * $attachment['downloads']); $totaldownloads += $attachment['downloads'];
	$totalusage += $attachment['filesize']; ++$totalattachments;
} else { // This little thing delets attachments without a thread/post remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']); }	} else { // This little thing delets attachments without a thread/post remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']); }
	++$processedattachments; } if($processedattachments >= $perpage \|\| $page > 1) { $query = $db->query(" SELECT SUM(a.filesize) AS ausage, COUNT(a.aid) AS acount FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql} "); $usage = $db->fetch_array($query); $totalusage = $usage['ausage']; $totalattachments = $usage['acount']; $multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
}	}
$totalusage = $usage['ausage'];
$friendlyusage = get_friendly_size((int)$totalusage); if($mybb->usergroup['attachquota']) {	$friendlyusage = get_friendly_size((int)$totalusage); if($mybb->usergroup['attachquota']) {
Zeile 3819	Zeile 4019
{ $attachquota = $lang->unlimited; $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);	{ $attachquota = $lang->unlimited; $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);
}	}

$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
$bandwidth = get_friendly_size($bandwidth); if(!$attachments)	$bandwidth = get_friendly_size($bandwidth); if(!$attachments)
Zeile 3829	Zeile 4028
eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); $usagenote = ''; }	eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); $usagenote = ''; }

$plugins->run_hooks("usercp_attachments_end"); eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";");	$plugins->run_hooks("usercp_attachments_end"); eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";");
Zeile 3841	Zeile 4040
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php"; if(!isset($mybb->input['attachments']) \|\| !is_array($mybb->input['attachments'])) { error($lang->no_attachments_selected); }	require_once MYBB_ROOT."inc/functions_upload.php"; if(!isset($mybb->input['attachments']) \|\| !is_array($mybb->input['attachments'])) { error($lang->no_attachments_selected); }
	$plugins->run_hooks("usercp_do_attachments_start"); // Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(true); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND p.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)"; }
$aids = implode(',', array_map('intval', $mybb->input['attachments']));	$aids = implode(',', array_map('intval', $mybb->input['attachments']));
$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");	$query = $db->query(" SELECT a.*, p.fid FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) WHERE aid IN ({$aids}) AND a.uid={$mybb->user['uid']} {$f_perm_sql} ");
while($attachment = $db->fetch_array($query)) { remove_attachment($attachment['pid'], '', $attachment['aid']);	while($attachment = $db->fetch_array($query)) { remove_attachment($attachment['pid'], '', $attachment['aid']);
Zeile 4029	Zeile 4250
if($mybb->settings['usereferrals'] == 1) { $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);	if($mybb->settings['usereferrals'] == 1) { $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);
	$referral_count = (int) $mybb->user['referrals']; if($referral_count > 0) { $uid = (int) $mybb->user['uid']; eval("\$mybb->user['referrals'] = \"".$templates->get('member_referrals_link')."\";"); }
eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";"); }	eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";"); }
Zeile 4106	Zeile 4335
foreach($subscriptions as $thread) {	foreach($subscriptions as $thread) {
	$plugins->run_hooks("usercp_thread_subscriptions_thread");
$folder = ''; $folder_label = ''; $gotounread = '';	$folder = ''; $folder_label = ''; $gotounread = '';
Zeile 4298	Zeile 4528
$latest_threads_threads = ''; foreach($threadcache as $thread) {	$latest_threads_threads = ''; foreach($threadcache as $thread) {
	$plugins->run_hooks("usercp_latest_threads_thread");
if($thread['tid']) { $bgcolor = alt_trow();	if($thread['tid']) { $bgcolor = alt_trow();
Zeile 4414	Zeile 4645
if($thread['closed'] == 1) {	if($thread['closed'] == 1) {
$folder .= "lock"; $folder_label .= $lang->icon_lock;	$folder .= "close"; $folder_label .= $lang->icon_close;
} $folder .= "folder";	} $folder .= "folder";