Vergleich usercp.php - 1.8.11 - 1.8.30

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 10	Zeile 10
define("IN_MYBB", 1); define('THIS_SCRIPT', 'usercp.php');	define("IN_MYBB", 1); define('THIS_SCRIPT', 'usercp.php');
	define("ALLOWABLE_PAGE", "removesubscription,removesubscriptions");
$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon"; $templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";	$templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum,postbit_reputation_formatted,usercp_subscriptions_thread_icon"; $templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups,usercp_nav_attachments,usercp_options_style,usercp_warnings_warning_post";
Zeile 27	Zeile 28
$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms"; $templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format"; $templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";	$templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email,usercp_options_pms"; $templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format"; $templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_options_quick_reply";
	$templatelist .= ",usercp_addsubscription_thread,forumdisplay_password,forumdisplay_password_wrongpass,";
require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php";	require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php";
	require_once MYBB_ROOT."inc/functions_search.php";
require_once MYBB_ROOT."inc/functions_user.php"; require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser;	require_once MYBB_ROOT."inc/functions_user.php"; require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser;
Zeile 42	Zeile 45
error_no_permission(); }	error_no_permission(); }
if(!$mybb->user['pmfolders']) { $mybb->user['pmfolders'] = '1$%%$2$%%$3$%%$4'; $db->update_query('users', array('pmfolders' => $mybb->user['pmfolders']), "uid = {$mybb->user['uid']}"); } $errors = '';	$errors = '';
$mybb->input['action'] = $mybb->get_input('action');	$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();	usercp_menu();
	$server_http_referer = ''; if(isset($_SERVER['HTTP_REFERER'])) { $server_http_referer = htmlentities($_SERVER['HTTP_REFERER']); if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0) { if(my_strpos($server_http_referer, '/') === 0) { $server_http_referer = my_substr($server_http_referer, 1); } $url_segments = explode('/', $server_http_referer); $server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments); } }
$plugins->run_hooks("usercp_start"); if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")	$plugins->run_hooks("usercp_start"); if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
Zeile 140	Zeile 153
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$plugins->run_hooks("usercp_do_profile_start");	$plugins->run_hooks("usercp_do_profile_start");
Zeile 203	Zeile 218
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "postnum" => $mybb->user['postnum'], "usergroup" => $mybb->user['usergroup'],	"uid" => $mybb->user['uid'], "postnum" => $mybb->user['postnum'], "usergroup" => $mybb->user['usergroup'],
Zeile 212	Zeile 227
"birthdayprivacy" => $mybb->get_input('birthdayprivacy'), "away" => $away, "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)	"birthdayprivacy" => $mybb->get_input('birthdayprivacy'), "away" => $away, "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)
); foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)	)); foreach(array('icq', 'skype', 'google') as $cfield)
{ $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '')	{ $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '')
Zeile 229	Zeile 244
if($cfield == 'icq') { $user[$cfield] = $mybb->get_input($cfield, 1);	if($cfield == 'icq') { $user[$cfield] = $mybb->get_input($cfield, 1);
	if(my_strlen($user[$cfield]) > 10) { error($lang->contact_field_icqerror); }
} else { $user[$cfield] = $mybb->get_input($cfield);	} else { $user[$cfield] = $mybb->get_input($cfield);
	if(my_strlen($user[$cfield]) > 75) { error($lang->contact_field_error); }
} } if($mybb->usergroup['canchangewebsite'] == 1) { $user['website'] = $mybb->get_input('website');	} } if($mybb->usergroup['canchangewebsite'] == 1) { $user['website'] = $mybb->get_input('website');
}	}
if($mybb->usergroup['cancustomtitle'] == 1) { if($mybb->get_input('usertitle') != '') { $user['usertitle'] = $mybb->get_input('usertitle');	if($mybb->usergroup['cancustomtitle'] == 1) { if($mybb->get_input('usertitle') != '') { $user['usertitle'] = $mybb->get_input('usertitle');
} else if(!empty($mybb->input['reverttitle'])) {	} elseif(!empty($mybb->input['reverttitle'])) {
$user['usertitle'] = ''; } }	$user['usertitle'] = ''; } }
Zeile 257	Zeile 282
if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors();	if(!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors();
	$raw_errors = $userhandler->get_errors();

// Set allowed value otherwise select options disappear if(in_array($lang->userdata_invalid_birthday_privacy, $errors))	// Set to stored value if invalid if(array_key_exists("invalid_birthday_privacy", $raw_errors) \|\| array_key_exists("conflicted_birthday_privacy", $raw_errors))
{	{
$mybb->input['birthdayprivacy'] = 'none';	$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy']; $bday = explode("-", $mybb->user['birthday']); if(isset($bday[2])) { $mybb->input['bday3'] = $bday[2]; }
} $errors = inline_error($errors);	} $errors = inline_error($errors);
Zeile 294	Zeile 326
{ $bday[1] = 0; }	{ $bday[1] = 0; }
if(!isset($bday[2])) { $bday[2] = ''; }	} if(!isset($bday[2]) \|\| $bday[2] == 0) { $bday[2] = '';
} $plugins->run_hooks("usercp_profile_start");	} $plugins->run_hooks("usercp_profile_start");
Zeile 329	Zeile 361
{ $allselected = " selected=\"selected\""; }	{ $allselected = " selected=\"selected\""; }
else if($user['birthdayprivacy'] == 'none')	elseif($user['birthdayprivacy'] == 'none')
{ $noneselected = " selected=\"selected\""; }	{ $noneselected = " selected=\"selected\""; }
else if($user['birthdayprivacy'] == 'age')	elseif($user['birthdayprivacy'] == 'age')
{ $ageselected = " selected=\"selected\""; }	{ $ageselected = " selected=\"selected\""; }
Zeile 361	Zeile 393
{ $user['skype'] = htmlspecialchars_uni($user['skype']); $user['google'] = htmlspecialchars_uni($user['google']);	{ $user['skype'] = htmlspecialchars_uni($user['skype']); $user['google'] = htmlspecialchars_uni($user['google']);
$user['aim'] = htmlspecialchars_uni($user['aim']); $user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
} $contact_fields = array(); $contactfields = ''; $cfieldsshow = false;	} $contact_fields = array(); $contactfields = ''; $cfieldsshow = false;
foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield)	foreach(array('icq', 'skype', 'google') as $cfield)
{ $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field';	{ $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field';
Zeile 417	Zeile 447
$user['awayreason'] = htmlspecialchars_uni($mybb->get_input('awayreason')); } else	$user['awayreason'] = htmlspecialchars_uni($mybb->get_input('awayreason')); } else
{	{
$user['awayreason'] = htmlspecialchars_uni($user['awayreason']); if($mybb->user['away'] == 1) {	$user['awayreason'] = htmlspecialchars_uni($user['awayreason']); if($mybb->user['away'] == 1) {
Zeile 524	Zeile 554
foreach($useropts as $key => $val) { $val = htmlspecialchars_uni($val);	foreach($useropts as $key => $val) { $val = htmlspecialchars_uni($val);
$seloptions[$val] = $val; } } $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) { $val = trim($val); $val = str_replace("\n", "\\n", $val); $sel = ""; if(isset($seloptions[$val]) && $val == $seloptions[$val]) { $sel = " selected=\"selected\""; } eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); } if(!$profilefield['length']) {	$seloptions[$val] = $val; } } $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) { $val = trim($val); $val = str_replace("\n", "\\n", $val); $sel = ""; if(isset($seloptions[$val]) && $val == $seloptions[$val]) { $sel = " selected=\"selected\""; } eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); } if(!$profilefield['length']) {
$profilefield['length'] = 3; }	$profilefield['length'] = 3; }
Zeile 574	Zeile 604
} eval("\$code = \"".$templates->get("usercp_profile_profilefields_select")."\";");	} eval("\$code = \"".$templates->get("usercp_profile_profilefields_select")."\";");
}	}
} elseif($type == "radio") {	} elseif($type == "radio") {
	$userfield = htmlspecialchars_uni($userfield);
$expoptions = explode("\n", $options); if(is_array($expoptions)) {	$expoptions = explode("\n", $options); if(is_array($expoptions)) {
Zeile 595	Zeile 626
} elseif($type == "checkbox") {	} elseif($type == "checkbox") {
	$userfield = htmlspecialchars_uni($userfield);
if($errors)	if($errors)
{	{
$useropts = $userfield; } else	$useropts = $userfield; } else
Zeile 714	Zeile 746
} eval("\$customtitle = \"".$templates->get("usercp_profile_customtitle")."\";");	} eval("\$customtitle = \"".$templates->get("usercp_profile_customtitle")."\";");
} else {	} else {
$customtitle = ""; }	$customtitle = ""; }
Zeile 735	Zeile 767
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$plugins->run_hooks("usercp_do_options_start");	$plugins->run_hooks("usercp_do_options_start");
Zeile 742	Zeile 776
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "style" => $mybb->get_input('style', MyBB::INPUT_INT), "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),	"uid" => $mybb->user['uid'], "style" => $mybb->get_input('style', MyBB::INPUT_INT), "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),
Zeile 751	Zeile 785
"language" => $mybb->get_input('language'), 'usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $mybb->user['additionalgroups']	"language" => $mybb->get_input('language'), 'usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $mybb->user['additionalgroups']
);	));
$user['options'] = array( "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),	$user['options'] = array( "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),
Zeile 808	Zeile 842
if($mybb->input['action'] == "options") {	if($mybb->input['action'] == "options") {
$plugins->run_hooks("usercp_options_start");
if($errors != '')	if($errors != '')
{	{
$user = $mybb->input; } else { $user = $mybb->user; }	$user = $mybb->input; } else { $user = $mybb->user; }
	$plugins->run_hooks("usercp_options_start");
$languages = $lang->get_languages(); $board_language = $langoptions = '';	$languages = $lang->get_languages(); $board_language = $langoptions = '';
Zeile 849	Zeile 883
$allownoticescheck = ""; }	$allownoticescheck = ""; }
if(isset($user['invisible']) && $user['invisible'] == 1) { $invisiblecheck = "checked=\"checked\""; } else { $invisiblecheck = ""; }	$canbeinvisible = ''; // Check usergroup permission before showing invisible check box if($mybb->usergroup['canbeinvisible'] == 1) { if(isset($user['invisible']) && $user['invisible'] == 1) { $invisiblecheck = "checked=\"checked\""; } else { $invisiblecheck = ""; } eval('$canbeinvisible = "'.$templates->get("usercp_options_invisible")."\";"); }
if(isset($user['hideemail']) && $user['hideemail'] == 1) { $hideemailcheck = "checked=\"checked\"";	if(isset($user['hideemail']) && $user['hideemail'] == 1) { $hideemailcheck = "checked=\"checked\"";
} else {	} else {
$hideemailcheck = ""; } $no_auto_subscribe_selected = $instant_email_subscribe_selected = $instant_pm_subscribe_selected = $no_subscribe_selected = '';	$hideemailcheck = ""; } $no_auto_subscribe_selected = $instant_email_subscribe_selected = $instant_pm_subscribe_selected = $no_subscribe_selected = '';
if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 1) {	if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 1) {
$no_subscribe_selected = "selected=\"selected\""; }	$no_subscribe_selected = "selected=\"selected\""; }
else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)	elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 2)
{ $instant_email_subscribe_selected = "selected=\"selected\"";	{ $instant_email_subscribe_selected = "selected=\"selected\"";
} else if(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3) {	} elseif(isset($user['subscriptionmethod']) && $user['subscriptionmethod'] == 3) {
$instant_pm_subscribe_selected = "selected=\"selected\""; } else { $no_auto_subscribe_selected = "selected=\"selected\"";	$instant_pm_subscribe_selected = "selected=\"selected\""; } else { $no_auto_subscribe_selected = "selected=\"selected\"";
}	}
if(isset($user['showimages']) && $user['showimages'] == 1) { $showimagescheck = "checked=\"checked\"";	if(isset($user['showimages']) && $user['showimages'] == 1) { $showimagescheck = "checked=\"checked\"";
} else	} else
{ $showimagescheck = ""; } if(isset($user['showvideos']) && $user['showvideos'] == 1)	{ $showimagescheck = ""; } if(isset($user['showvideos']) && $user['showvideos'] == 1)
{	{
$showvideoscheck = "checked=\"checked\""; } else { $showvideoscheck = "";	$showvideoscheck = "checked=\"checked\""; } else { $showvideoscheck = "";
}	}
if(isset($user['showsigs']) && $user['showsigs'] == 1) {	if(isset($user['showsigs']) && $user['showsigs'] == 1) {
Zeile 915	Zeile 956
if(isset($user['showavatars']) && $user['showavatars'] == 1) { $showavatarscheck = "checked=\"checked\"";	if(isset($user['showavatars']) && $user['showavatars'] == 1) { $showavatarscheck = "checked=\"checked\"";
} else {	} else {
$showavatarscheck = ""; } if(isset($user['showquickreply']) && $user['showquickreply'] == 1) { $showquickreplycheck = "checked=\"checked\"";	$showavatarscheck = ""; } if(isset($user['showquickreply']) && $user['showquickreply'] == 1) { $showquickreplycheck = "checked=\"checked\"";
}	}
else { $showquickreplycheck = ""; } if(isset($user['receivepms']) && $user['receivepms'] == 1)	else { $showquickreplycheck = ""; } if(isset($user['receivepms']) && $user['receivepms'] == 1)
{	{
$receivepmscheck = "checked=\"checked\""; } else	$receivepmscheck = "checked=\"checked\""; } else
Zeile 946	Zeile 987
else { $receivefrombuddycheck = "";	else { $receivefrombuddycheck = "";
}	}
if(isset($user['pmnotice']) && $user['pmnotice'] >= 1) {	if(isset($user['pmnotice']) && $user['pmnotice'] >= 1) {
Zeile 961	Zeile 1002
if(isset($user['dstcorrection']) && $user['dstcorrection'] == 2) { $dst_auto_selected = "selected=\"selected\"";	if(isset($user['dstcorrection']) && $user['dstcorrection'] == 2) { $dst_auto_selected = "selected=\"selected\"";
} else if(isset($user['dstcorrection']) && $user['dstcorrection'] == 1) {	} elseif(isset($user['dstcorrection']) && $user['dstcorrection'] == 1) {
$dst_enabled_selected = "selected=\"selected\"";	$dst_enabled_selected = "selected=\"selected\"";
}	}
else { $dst_disabled_selected = "selected=\"selected\"";	else { $dst_disabled_selected = "selected=\"selected\"";
}	}
if(isset($user['showcodebuttons']) && $user['showcodebuttons'] == 1)	if(isset($user['showcodebuttons']) && $user['showcodebuttons'] == 1)
{	{
$showcodebuttonscheck = "checked=\"checked\"";	$showcodebuttonscheck = "checked=\"checked\"";
} else {	} else {
$showcodebuttonscheck = ""; } if(isset($user['sourceeditor']) && $user['sourceeditor'] == 1) { $sourcemodecheck = "checked=\"checked\"";	$showcodebuttonscheck = ""; } if(isset($user['sourceeditor']) && $user['sourceeditor'] == 1) { $sourcemodecheck = "checked=\"checked\"";
}	}
else	else
{	{
$sourcemodecheck = "";	$sourcemodecheck = "";
} if(isset($user['showredirect']) && $user['showredirect'] != 0) {	} if(isset($user['showredirect']) && $user['showredirect'] != 0) {
$showredirectcheck = "checked=\"checked\""; } else { $showredirectcheck = "";	$showredirectcheck = "checked=\"checked\""; } else { $showredirectcheck = "";
}	}
if(isset($user['pmnotify']) && $user['pmnotify'] != 0) { $pmnotifycheck = "checked=\"checked\"";	if(isset($user['pmnotify']) && $user['pmnotify'] != 0) { $pmnotifycheck = "checked=\"checked\"";
Zeile 1010	Zeile 1051
if(isset($user['buddyrequestspm']) && $user['buddyrequestspm'] != 0) { $buddyrequestspmcheck = "checked=\"checked\"";	if(isset($user['buddyrequestspm']) && $user['buddyrequestspm'] != 0) { $buddyrequestspmcheck = "checked=\"checked\"";
} else {	} else {
$buddyrequestspmcheck = '';	$buddyrequestspmcheck = '';
}	}
if(isset($user['buddyrequestsauto']) && $user['buddyrequestsauto'] != 0)	if(isset($user['buddyrequestsauto']) && $user['buddyrequestsauto'] != 0)
{	{
$buddyrequestsautocheck = "checked=\"checked\"";	$buddyrequestsautocheck = "checked=\"checked\"";
} else {	} else {
$buddyrequestsautocheck = ''; } if(!isset($user['threadmode']) \|\| ($user['threadmode'] != "threaded" && $user['threadmode'] != "linear")) { $user['threadmode'] = ''; // Leave blank to show default	$buddyrequestsautocheck = ''; } if(!isset($user['threadmode']) \|\| ($user['threadmode'] != "threaded" && $user['threadmode'] != "linear")) { $user['threadmode'] = ''; // Leave blank to show default
}	}
if(isset($user['classicpostbit']) && $user['classicpostbit'] != 0) {	if(isset($user['classicpostbit']) && $user['classicpostbit'] != 0) {
Zeile 1041	Zeile 1082
$date_format_options = $dateformat = ''; foreach($date_formats as $key => $format)	$date_format_options = $dateformat = ''; foreach($date_formats as $key => $format)
{	{
$selected = ''; if(isset($user['dateformat']) && $user['dateformat'] == $key)	$selected = ''; if(isset($user['dateformat']) && $user['dateformat'] == $key)
{ $selected = " selected=\"selected\""; }	{ $selected = " selected=\"selected\""; }
$dateformat = my_date($format, TIME_NOW, "", 0); eval("\$date_format_options .= \"".$templates->get("usercp_options_date_format")."\";"); }	$dateformat = my_date($format, TIME_NOW, "", 0); eval("\$date_format_options .= \"".$templates->get("usercp_options_date_format")."\";"); }
Zeile 1060	Zeile 1101
{ $selected = " selected=\"selected\""; }	{ $selected = " selected=\"selected\""; }

$timeformat = my_date($format, TIME_NOW, "", 0); eval("\$time_format_options .= \"".$templates->get("usercp_options_time_format")."\";"); }	$timeformat = my_date($format, TIME_NOW, "", 0); eval("\$time_format_options .= \"".$templates->get("usercp_options_time_format")."\";"); }
Zeile 1071	Zeile 1112
if($mybb->settings['allowbuddyonly'] == 1) { eval("\$pms_from_buddys = \"".$templates->get("usercp_options_pms_from_buddys")."\";");	if($mybb->settings['allowbuddyonly'] == 1) { eval("\$pms_from_buddys = \"".$templates->get("usercp_options_pms_from_buddys")."\";");
}	}
$pms = ''; if($mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] == 1) { eval("\$pms = \"".$templates->get("usercp_options_pms")."\";");	$pms = ''; if($mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] == 1) { eval("\$pms = \"".$templates->get("usercp_options_pms")."\";");
}	}
$quick_reply = ''; if($mybb->settings['quickreply'] == 1) { eval("\$quick_reply = \"".$templates->get("usercp_options_quick_reply")."\";");	$quick_reply = ''; if($mybb->settings['quickreply'] == 1) { eval("\$quick_reply = \"".$templates->get("usercp_options_quick_reply")."\";");
}	}
$threadview = array('linear' => '', 'threaded' => ''); if(isset($user['threadmode']) && is_scalar($user['threadmode'])) { $threadview[$user['threadmode']] = 'selected="selected"';	$threadview = array('linear' => '', 'threaded' => ''); if(isset($user['threadmode']) && is_scalar($user['threadmode'])) { $threadview[$user['threadmode']] = 'selected="selected"';
}	}
$daysprunesel = array(1 => '', 5 => '', 10 => '', 20 => '', 50 => '', 75 => '', 100 => '', 365 => '', 9999 => ''); if(isset($user['daysprune']) && is_numeric($user['daysprune'])) {	$daysprunesel = array(1 => '', 5 => '', 10 => '', 20 => '', 50 => '', 75 => '', 100 => '', 365 => '', 9999 => ''); if(isset($user['daysprune']) && is_numeric($user['daysprune'])) {
Zeile 1107	Zeile 1148
{ eval('$board_style = "'.$templates->get('usercp_options_style').'";'); }	{ eval('$board_style = "'.$templates->get('usercp_options_style').'";'); }

$tppselect = $pppselect = ''; if($mybb->settings['usertppoptions']) {	$tppselect = $pppselect = ''; if($mybb->settings['usertppoptions']) {
Zeile 1120	Zeile 1161
$val = trim($val); $selected = ""; if(isset($user['tpp']) && $user['tpp'] == $val)	$val = trim($val); $selected = ""; if(isset($user['tpp']) && $user['tpp'] == $val)
{ $selected = " selected=\"selected\""; }	{ $selected = " selected=\"selected\""; }
$tpp_option = $lang->sprintf($lang->tpp_option, $val); eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";"); }	$tpp_option = $lang->sprintf($lang->tpp_option, $val); eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";"); }
Zeile 1167	Zeile 1208
$errors = array(); $plugins->run_hooks("usercp_do_email_start");	$errors = array(); $plugins->run_hooks("usercp_do_email_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false) { $errors[] = $lang->error_invalidpassword; } else { // Set up user handler.	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false) { $errors[] = $lang->error_invalidpassword; } else { // Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");

$user = array( "uid" => $mybb->user['uid'], "email" => $mybb->get_input('email'), "email2" => $mybb->get_input('email2') );	$user = array( "uid" => $mybb->user['uid'], "email" => $mybb->get_input('email'), "email2" => $mybb->get_input('email2') );
$userhandler->set_data($user);	$userhandler->set_data($user);
if(!$userhandler->validate_user())	if(!$userhandler->validate_user())
{	{
$errors = $userhandler->get_friendly_errors(); } else {	$errors = $userhandler->get_friendly_errors(); } else {
if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != 1 && $mybb->settings['regtype'] != "verify")	$activation = false; // Checking for pending activations for non-activated accounts if($mybb->user['usergroup'] == 5 && ($mybb->settings['regtype'] == "verify" \|\| $mybb->settings['regtype'] == "both")) { $query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND (type='r' OR type='b')"); $activation = $db->fetch_array($query); } if($activation) { $userhandler->update_user(); $db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'"); // Send new activation mail for non-activated accounts $activationcode = random_str(); $activationarray = array( "uid" => $mybb->user['uid'], "dateline" => TIME_NOW, "code" => $activationcode, "type" => $activation['type'] ); $db->insert_query("awaitingactivation", $activationarray); $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); switch($mybb->settings['username_method']) { case 0: $emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; case 1: $emailmessage = $lang->sprintf($lang->email_activateaccount1, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; case 2: $emailmessage = $lang->sprintf($lang->email_activateaccount2, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; default: $emailmessage = $lang->sprintf($lang->email_activateaccount, $mybb->user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->user['uid'], $activationcode); break; } my_mail($mybb->user['email'], $emailsubject, $emailmessage); $plugins->run_hooks("usercp_do_email_changed"); redirect("usercp.php?action=email", $lang->redirect_emailupdated); } elseif($mybb->usergroup['cancp'] != 1 && ($mybb->settings['regtype'] == "verify" \|\| $mybb->settings['regtype'] == "both"))
{ $uid = $mybb->user['uid']; $username = $mybb->user['username'];	{ $uid = $mybb->user['uid']; $username = $mybb->user['username'];
Zeile 1260	Zeile 1344
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$errors = array();	$errors = array();

$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false) {	$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false) {
Zeile 1273	Zeile 1358
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "password" => $mybb->get_input('password'), "password2" => $mybb->get_input('password2')	"uid" => $mybb->user['uid'], "password" => $mybb->get_input('password'), "password2" => $mybb->get_input('password2')
);	));
$userhandler->set_data($user); if(!$userhandler->validate_user())	$userhandler->set_data($user); if(!$userhandler->validate_user())
{	{
$errors = $userhandler->get_friendly_errors(); } else { $userhandler->update_user();	$errors = $userhandler->get_friendly_errors(); } else { $userhandler->update_user();
my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true);	my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey'], null, true, "lax");
// Notify the user by email that their password has been changed $mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']); $lang->emailsubject_changepassword = $lang->sprintf($lang->emailsubject_changepassword, $mybb->settings['bbname']);	// Notify the user by email that their password has been changed $mail_message = $lang->sprintf($lang->email_changepassword, $mybb->user['username'], $mybb->user['email'], $mybb->settings['bbname'], $mybb->settings['bburl']); $lang->emailsubject_changepassword = $lang->sprintf($lang->emailsubject_changepassword, $mybb->settings['bbname']);
Zeile 1300	Zeile 1385
} } if(count($errors) > 0)	} } if(count($errors) > 0)
{	{
$mybb->input['action'] = "password"; $errors = inline_error($errors); }	$mybb->input['action'] = "password"; $errors = inline_error($errors); }
Zeile 1318	Zeile 1403
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_changename_start");	$errors = array();
if($mybb->usergroup['canchangename'] != 1) { error_no_permission(); }	if($mybb->usergroup['canchangename'] != 1) { error_no_permission(); }
	$user = array(); $plugins->run_hooks("usercp_do_changename_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false) {	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false) {
Zeile 1335	Zeile 1425
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "username" => $mybb->get_input('username')	"uid" => $mybb->user['uid'], "username" => $mybb->get_input('username')
);	));
$userhandler->set_data($user);	$userhandler->set_data($user);
Zeile 1351	Zeile 1441
$userhandler->update_user(); $plugins->run_hooks("usercp_do_changename_end"); redirect("usercp.php?action=changename", $lang->redirect_namechanged);	$userhandler->update_user(); $plugins->run_hooks("usercp_do_changename_end"); redirect("usercp.php?action=changename", $lang->redirect_namechanged);

} } if(count($errors) > 0) { $errors = inline_error($errors); $mybb->input['action'] = "changename";	} } if(count($errors) > 0) { $errors = inline_error($errors); $mybb->input['action'] = "changename";
}	}
} if($mybb->input['action'] == "changename")	} if($mybb->input['action'] == "changename")
Zeile 1367	Zeile 1456
if($mybb->usergroup['canchangename'] != 1) { error_no_permission();	if($mybb->usergroup['canchangename'] != 1) { error_no_permission();
	} // Coming back to this page after one or more errors were experienced, show field the user previously entered (with the exception of the password) if($errors) { $username = htmlspecialchars_uni($mybb->get_input('username')); } else { $username = '';
} $plugins->run_hooks("usercp_changename_end");	} $plugins->run_hooks("usercp_changename_end");
Zeile 1379	Zeile 1478
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_subscriptions_start");
if(!isset($mybb->input['check']) \|\| !is_array($mybb->input['check'])) { error($lang->no_subscriptions_selected);	if(!isset($mybb->input['check']) \|\| !is_array($mybb->input['check'])) { error($lang->no_subscriptions_selected);
}	} $plugins->run_hooks("usercp_do_subscriptions_start");
// Clean input - only accept integers thanks! $mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY)); $tids = implode(",", $mybb->input['check']);	// Clean input - only accept integers thanks! $mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY)); $tids = implode(",", $mybb->input['check']);
Zeile 1398	Zeile 1497
} // Changing subscription type else	} // Changing subscription type else
{	{
if($mybb->get_input('do') == "no_notification") { $new_notification = 0; }	if($mybb->get_input('do') == "no_notification") { $new_notification = 0; }
else if($mybb->get_input('do') == "email_notification")	elseif($mybb->get_input('do') == "email_notification")
{ $new_notification = 1; }	{ $new_notification = 1; }
else if($mybb->get_input('do') == "pm_notification")	elseif($mybb->get_input('do') == "pm_notification")
{ $new_notification = 2; }	{ $new_notification = 2; }
Zeile 1424	Zeile 1523
if($mybb->input['action'] == "subscriptions") { $plugins->run_hooks("usercp_subscriptions_start");	if($mybb->input['action'] == "subscriptions") { $plugins->run_hooks("usercp_subscriptions_start");

// Thread visiblity	// Thread visiblity
$visible = "AND t.visible != 0"; if(is_moderator() == true)	$where = array( "s.uid={$mybb->user['uid']}", get_visible_where('t') ); if($unviewable_forums = get_unviewable_forums(true)) { $where[] = "t.fid NOT IN ({$unviewable_forums})"; } if($inactive_forums = get_inactive_forums())
{	{
$visible = '';	$where[] = "t.fid NOT IN ({$inactive_forums})";
}	}
	$where = implode(' AND ', $where);
// Do Multi Pages $query = $db->query("	// Do Multi Pages $query = $db->query("
SELECT COUNT(ts.tid) as threads FROM ".TABLE_PREFIX."threadsubscriptions ts LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = ts.tid) WHERE ts.uid = '".$mybb->user['uid']."' AND t.visible >= 0 {$visible}	SELECT COUNT(s.tid) as threads FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = s.tid) WHERE {$where}
"); $threadcount = $db->fetch_field($query, "threads");	"); $threadcount = $db->fetch_field($query, "threads");
Zeile 1481	Zeile 1591
FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)	FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE s.uid='".$mybb->user['uid']."' and t.visible >= 0 {$visible}	WHERE {$where}
ORDER BY t.lastpost DESC LIMIT $start, $perpage ");	ORDER BY t.lastpost DESC LIMIT $start, $perpage ");
Zeile 1489	Zeile 1599
{ $forumpermissions = $fpermissions[$subscription['fid']];	{ $forumpermissions = $fpermissions[$subscription['fid']];
if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid']))	if(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid'])
{ // Hmm, you don't have permission to view this thread - unsubscribe! $del_subscriptions[] = $subscription['sid']; }	{ // Hmm, you don't have permission to view this thread - unsubscribe! $del_subscriptions[] = $subscription['sid']; }
else if($subscription['tid'])	elseif($subscription['tid'])
{ $subscriptions[$subscription['tid']] = $subscription; }	{ $subscriptions[$subscription['tid']] = $subscription; }
Zeile 1521	Zeile 1631
{ $tids = implode(",", array_keys($subscriptions)); $readforums = array();	{ $tids = implode(",", array_keys($subscriptions)); $readforums = array();

// Build a forum cache. $query = $db->query(" SELECT f.fid, fr.dateline AS lastread	// Build a forum cache. $query = $db->query(" SELECT f.fid, fr.dateline AS lastread
Zeile 1530	Zeile 1640
WHERE f.active != 0 ORDER BY pid, disporder ");	WHERE f.active != 0 ORDER BY pid, disporder ");

while($forum = $db->fetch_array($query)) { $readforums[$forum['fid']] = $forum['lastread'];	while($forum = $db->fetch_array($query)) { $readforums[$forum['fid']] = $forum['lastread'];
Zeile 1615	Zeile 1725
if($mybb->settings['threadreadcut'] > 0) {	if($mybb->settings['threadreadcut'] > 0) {
$forum_read = $readforums[$thread['fid']];
$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']6060*24;	$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']6060*24;
if($forum_read == 0 \|\| $forum_read < $read_cutoff)	if(empty($readforums[$thread['fid']]) \|\| $readforums[$thread['fid']] < $read_cutoff)
{ $forum_read = $read_cutoff;	{ $forum_read = $read_cutoff;
} }	} else { $forum_read = $readforums[$thread['fid']]; } }
$cutoff = 0; if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read)	$cutoff = 0; if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read)
{	{
$cutoff = TIME_NOW-$mybb->settings['threadreadcut']6060*24;	$cutoff = TIME_NOW-$mybb->settings['threadreadcut']6060*24;
}	}
if($thread['lastpost'] > $cutoff) {	if($thread['lastpost'] > $cutoff) {
if($thread['lastread'])	if(!empty($thread['lastread']))
{ $lastread = $thread['lastread']; }	{ $lastread = $thread['lastread']; }
Zeile 1643	Zeile 1755
} if(!$lastread)	} if(!$lastread)
{	{
$readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']); if($readcookie > $forum_read) {	$readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']); if($readcookie > $forum_read) {
Zeile 1677	Zeile 1789
} if($thread['closed'] == 1)	} if($thread['closed'] == 1)
{ $folder .= "lock"; $folder_label .= $lang->icon_lock; } $folder .= "folder";	{ $folder .= "close"; $folder_label .= $lang->icon_close; } $folder .= "folder";
if($thread['visible'] == 0) {	if($thread['visible'] == 0) {
Zeile 1691	Zeile 1803
// Build last post info $lastpostdate = my_date('relative', $thread['lastpost']);	// Build last post info $lastpostdate = my_date('relative', $thread['lastpost']);
$lastposter = htmlspecialchars_uni($thread['lastposter']);
$lastposteruid = $thread['lastposteruid'];	$lastposteruid = $thread['lastposteruid'];
	if(!$lastposteruid && !$thread['lastposter']) { $lastposter = htmlspecialchars_uni($lang->guest); } else { $lastposter = htmlspecialchars_uni($thread['lastposter']); }
// Don't link to guest's profiles (they have no profile). if($lastposteruid == 0) { $lastposterlink = $lastposter;	// Don't link to guest's profiles (they have no profile). if($lastposteruid == 0) { $lastposterlink = $lastposter;
}	}
else { $lastposterlink = build_profile_link($lastposter, $lastposteruid); } $thread['replies'] = my_number_format($thread['replies']);	else { $lastposterlink = build_profile_link($lastposter, $lastposteruid); } $thread['replies'] = my_number_format($thread['replies']);
$thread['views'] = my_number_format($thread['views']);	$thread['views'] = my_number_format($thread['views']);
// What kind of notification type do we have here? switch($thread['notification'])	// What kind of notification type do we have here? switch($thread['notification'])
Zeile 1794	Zeile 1913
$threads = my_number_format($forum['threads']); }	$threads = my_number_format($forum['threads']); }
if($forum['lastpost'] == 0 \|\| $forum['lastposter'] == "")	if($forum['lastpost'] == 0)
{ eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost_never")."\";"); }	{ eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost_never")."\";"); }
Zeile 1808	Zeile 1927
$forum['lastpostsubject'] = $parser->parse_badwords($forum['lastpostsubject']); $lastpost_date = my_date('relative', $forum['lastpost']); $lastposttid = $forum['lastposttid'];	$forum['lastpostsubject'] = $parser->parse_badwords($forum['lastpostsubject']); $lastpost_date = my_date('relative', $forum['lastpost']); $lastposttid = $forum['lastposttid'];
$lastposter = htmlspecialchars_uni($forum['lastposter']); $lastpost_profilelink = build_profile_link($lastposter, $forum['lastposteruid']);	if(!$forum['lastposteruid'] && !$forum['lastposter']) { $lastposter = htmlspecialchars_uni($lang->guest); } else { $lastposter = htmlspecialchars_uni($forum['lastposter']); } if($forum['lastposteruid'] == 0) { $lastpost_profilelink = $lastposter; } else { $lastpost_profilelink = build_profile_link($lastposter, $forum['lastposteruid']); }
$full_lastpost_subject = $lastpost_subject = htmlspecialchars_uni($forum['lastpostsubject']); if(my_strlen($lastpost_subject) > 25) {	$full_lastpost_subject = $lastpost_subject = htmlspecialchars_uni($forum['lastpostsubject']); if(my_strlen($lastpost_subject) > 25) {
Zeile 1817	Zeile 1950
} $lastpost_link = get_thread_link($forum['lastposttid'], 0, "lastpost"); eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost")."\";");	} $lastpost_link = get_thread_link($forum['lastposttid'], 0, "lastpost"); eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost")."\";");
}	}
if($mybb->settings['showdescriptions'] == 0) { $forum['description'] = ""; } eval("\$forums .= \"".$templates->get("usercp_forumsubscriptions_forum")."\";");	if($mybb->settings['showdescriptions'] == 0) { $forum['description'] = ""; } eval("\$forums .= \"".$templates->get("usercp_forumsubscriptions_forum")."\";");
}	}
if(!$forums) { eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";");	if(!$forums) { eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";");
} $plugins->run_hooks("usercp_forumsubscriptions_end");	} $plugins->run_hooks("usercp_forumsubscriptions_end");
eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";"); output_page($forumsubscriptions);	eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";"); output_page($forumsubscriptions);
	} if($mybb->input['action'] == "do_addsubscription" && $mybb->get_input('type') != "forum") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); $thread = get_thread($mybb->get_input('tid')); if(!$thread \|\| $thread['visible'] == -1) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread); } $forumpermissions = forum_permissions($thread['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission(); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_do_addsubscription"); add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT)); if($mybb->get_input('referrer')) { $mybb->input['referrer'] = $mybb->get_input('referrer'); if(my_strpos($mybb->input['referrer'], $mybb->settings['bburl'].'/') !== 0) { if(my_strpos($mybb->input['referrer'], '/') === 0) { $mybb->input['referrer'] = my_substr($mybb->input['url'], 1); } $url_segments = explode('/', $mybb->input['referrer']); $mybb->input['referrer'] = $mybb->settings['bburl'].'/'.end($url_segments); } $url = htmlspecialchars_uni($mybb->input['referrer']); } else { $url = get_thread_link($thread['tid']); } redirect($url, $lang->redirect_subscriptionadded); } if($mybb->input['action'] == "addsubscription") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum); } $forumpermissions = forum_permissions($forum['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0) { error_no_permission(); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_addsubscription_forum"); add_subscribed_forum($forum['fid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "index.php"; } redirect($url, $lang->redirect_forumsubscriptionadded); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread \|\| $thread['visible'] == -1) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread); } add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions"); add_breadcrumb($lang->nav_addsubscription); $forumpermissions = forum_permissions($thread['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission(); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); $referrer = ''; if($server_http_referer) { $referrer = $server_http_referer; } require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser; $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); $lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']); $notification_none_checked = $notification_email_checked = $notification_pm_checked = ''; if($mybb->user['subscriptionmethod'] == 1 \|\| $mybb->user['subscriptionmethod'] == 0) { $notification_none_checked = "checked=\"checked\""; } elseif($mybb->user['subscriptionmethod'] == 2) { $notification_email_checked = "checked=\"checked\""; } elseif($mybb->user['subscriptionmethod'] == 3) { $notification_pm_checked = "checked=\"checked\""; } // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_addsubscription_thread"); eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";"); output_page($add_subscription); exit; } } if($mybb->input['action'] == "removesubscription" && ($mybb->request_method == "post" \|\| verify_post_check($mybb->get_input('my_post_key'), true))) { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_forum"); remove_subscribed_forum($forum['fid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionremoved); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_thread"); remove_subscribed_thread($thread['tid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionremoved); } } // Show remove subscription form when GET method and without valid my_post_key if($mybb->input['action'] == "removesubscription") { $referrer = ''; if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum); } add_breadcrumb($lang->nav_forumsubscriptions, "usercp.php?action=forumsubscriptions"); add_breadcrumb($lang->nav_removesubscription); $forumpermissions = forum_permissions($forum['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0) { error_no_permission(); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']); $lang->unsubscribe_from_forum = $lang->sprintf($lang->unsubscribe_from_forum, $forum['name']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_display_forum"); eval("\$remove_forum_subscription = \"".$templates->get("usercp_removesubscription_forum")."\";"); output_page($remove_forum_subscription); exit; } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread \|\| $thread['visible'] == -1) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread); } add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions"); add_breadcrumb($lang->nav_removesubscription); $forumpermissions = forum_permissions($thread['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission(); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser; $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); $lang->unsubscribe_from_thread = $lang->sprintf($lang->unsubscribe_from_thread, $thread['subject']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_display_thread"); eval("\$remove_thread_subscription = \"".$templates->get("usercp_removesubscription_thread")."\";"); output_page($remove_thread_subscription); exit; } } if($mybb->input['action'] == "removesubscriptions") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->get_input('type') == "forum") { // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscriptions_forum"); $db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'"); if($server_http_referer) { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionsremoved); } else { // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscriptions_thread"); $db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'"); if($server_http_referer) { $url = $server_http_referer; } else { $url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionsremoved); }
} if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	} if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_editsig_start");
// User currently has a suspended signature if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) { error_no_permission(); }	// User currently has a suspended signature if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) { error_no_permission(); }
	$plugins->run_hooks("usercp_do_editsig_start");
if($mybb->get_input('updateposts') == "enable") {	if($mybb->get_input('updateposts') == "enable") {
Zeile 1909	Zeile 2380
// Usergroup has no permission to use this facility error_no_permission(); }	// Usergroup has no permission to use this facility error_no_permission(); }
else if($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])	elseif($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts'])
{ // Usergroup can use this facility, but only after x posts error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));	{ // Usergroup can use this facility, but only after x posts error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts']));
Zeile 1980	Zeile 2451
{ $sigimgcode = $lang->off; }	{ $sigimgcode = $lang->off; }
	if($mybb->settings['siglength'] == 0) { $siglength = $lang->unlimited; } else { $siglength = $mybb->settings['siglength']; }
$sig = htmlspecialchars_uni($sig);	$sig = htmlspecialchars_uni($sig);
$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);	$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $siglength);

if($mybb->settings['bbcodeinserter'] != 0 \|\| $mybb->user['showcodebuttons'] != 0)	if($mybb->settings['sigmycode'] != 0 && $mybb->settings['bbcodeinserter'] != 0 && $mybb->user['showcodebuttons'] != 0)
{ $codebuttons = build_mycode_inserter("signature"); }	{ $codebuttons = build_mycode_inserter("signature"); }

$plugins->run_hooks("usercp_editsig_end"); eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");	$plugins->run_hooks("usercp_editsig_end"); eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");
Zeile 2005	Zeile 2486
require_once MYBB_ROOT."inc/functions_upload.php"; $avatar_error = "";	require_once MYBB_ROOT."inc/functions_upload.php"; $avatar_error = "";

if(!empty($mybb->input['remove'])) // remove avatar { $updated_avatar = array(	if(!empty($mybb->input['remove'])) // remove avatar { $updated_avatar = array(
Zeile 2023	Zeile 2504
error_no_permission(); } $avatar = upload_avatar();	error_no_permission(); } $avatar = upload_avatar();
if($avatar['error'])	if(!empty($avatar['error']))
{ $avatar_error = $avatar['error']; }	{ $avatar_error = $avatar['error']; }
Zeile 2040	Zeile 2521
); $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); }	); $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); }
	} elseif(!$mybb->settings['allowremoteavatars'] && !$_FILES['avatarupload']['name']) // missing avatar image { $avatar_error = $lang->error_avatarimagemissing;
} elseif($mybb->settings['allowremoteavatars']) // remote avatar {	} elseif($mybb->settings['allowremoteavatars']) // remote avatar {
Zeile 2051	Zeile 2536
// If user image does not exist, or is a higher rating, use the mystery man $email = md5($mybb->input['avatarurl']);	// If user image does not exist, or is a higher rating, use the mystery man $email = md5($mybb->input['avatarurl']);

$s = ''; if(!$mybb->settings['maxavatardims']) {	$s = ''; if(!$mybb->settings['maxavatardims']) {
Zeile 2059	Zeile 2544
} // Because Gravatars are square, hijack the width	} // Because Gravatars are square, hijack the width
list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));	list($maxwidth, $maxheight) = preg_split('/[\|x]/', my_strtolower($mybb->settings['maxavatardims']));
$maxheight = (int)$maxwidth; // Rating?	$maxheight = (int)$maxwidth; // Rating?
Zeile 2067	Zeile 2552
$rating = $mybb->settings['useravatarrating']; if(!in_array($rating, $types))	$rating = $mybb->settings['useravatarrating']; if(!in_array($rating, $types))
{	{
$rating = 'g'; }	$rating = 'g'; }
Zeile 2109	Zeile 2594
if(!$type) { $avatar_error = $lang->error_invalidavatarurl;	if(!$type) { $avatar_error = $lang->error_invalidavatarurl;
}	}
} }	} }
Zeile 2117	Zeile 2602
{ if($width && $height && $mybb->settings['maxavatardims'] != "") {	{ if($width && $height && $mybb->settings['maxavatardims'] != "") {
list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));	list($maxwidth, $maxheight) = preg_split('/[\|x]/', my_strtolower($mybb->settings['maxavatardims']));
if(($maxwidth && $width > $maxwidth) \|\| ($maxheight && $height > $maxheight)) { $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $avatar_error = $lang->error_avatartoobig; } }	if(($maxwidth && $width > $maxwidth) \|\| ($maxheight && $height > $maxheight)) { $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $avatar_error = $lang->error_avatartoobig; } }
	} // Limiting URL string to stay within database limit if(strlen($mybb->input['avatarurl']) > 200) { $avatar_error = $lang->error_avatarurltoolong;
} if(empty($avatar_error))	} if(empty($avatar_error))
Zeile 2180	Zeile 2671
if($mybb->settings['maxavatardims'] != "") {	if($mybb->settings['maxavatardims'] != "") {
list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));	list($maxwidth, $maxheight) = preg_split('/[\|x]/', my_strtolower($mybb->settings['maxavatardims']));
$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight); }	$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight); }
Zeile 2188	Zeile 2679
{ $maxsize = get_friendly_size($mybb->settings['avatarsize']*1024); $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);	{ $maxsize = get_friendly_size($mybb->settings['avatarsize']*1024); $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);
}	}
$plugins->run_hooks("usercp_avatar_intermediate"); $auto_resize = '';	$plugins->run_hooks("usercp_avatar_intermediate"); $auto_resize = '';
Zeile 2197	Zeile 2688
{ eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";"); }	{ eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";"); }
else if($mybb->settings['avatarresizing'] == "user")	elseif($mybb->settings['avatarresizing'] == "user")
{ eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";"); }	{ eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";"); }
Zeile 2308	Zeile 2799
if(my_substr($new_list, -1) == ",") { $new_list = my_substr($new_list, 0, my_strlen($new_list)-2);	if(my_substr($new_list, -1) == ",") { $new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
}	}
$mybb->user['buddylist'] = $db->escape_string($new_list); $db->update_query("users", array('buddylist' => $mybb->user['buddylist']), "uid='".(int)$mybb->user['uid']."'");	$mybb->user['buddylist'] = $db->escape_string($new_list); $db->update_query("users", array('buddylist' => $mybb->user['buddylist']), "uid='".(int)$mybb->user['uid']."'");
Zeile 2323	Zeile 2814
); send_pm($pm, $mybb->user['uid'], true);	); send_pm($pm, $mybb->user['uid'], true);
$db->delete_query('buddyrequests', 'id='.(int)$request['id']); } else { error($lang->user_doesnt_exist); }	$db->delete_query('buddyrequests', 'id='.(int)$request['id']); } else { error($lang->user_doesnt_exist); }
$plugins->run_hooks("usercp_acceptrequest_end");	$plugins->run_hooks("usercp_acceptrequest_end");

redirect("usercp.php?action=editlists", $lang->buddyrequest_accepted); } elseif($mybb->input['action'] == "declinerequest")	redirect("usercp.php?action=editlists", $lang->buddyrequest_accepted); } elseif($mybb->input['action'] == "declinerequest")
{	{
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
Zeile 2367	Zeile 2858
} elseif($mybb->input['action'] == "cancelrequest")	} elseif($mybb->input['action'] == "cancelrequest")
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
// Validate request $query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND uid='.(int)$mybb->user['uid']);	// Validate request $query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND uid='.(int)$mybb->user['uid']);
Zeile 2488	Zeile 2979
while($user = $db->fetch_array($query)) { ++$found_users;	while($user = $db->fetch_array($query)) { ++$found_users;

// Make sure we're not adding a duplicate if(in_array($user['uid'], $existing_users) \|\| in_array($user['uid'], $selected_list)) { if($mybb->get_input('manage') == "ignored") { $error_message = "ignore";	// Make sure we're not adding a duplicate if(in_array($user['uid'], $existing_users) \|\| in_array($user['uid'], $selected_list)) { if($mybb->get_input('manage') == "ignored") { $error_message = "ignore";
}	}
else { $error_message = "buddy";	else { $error_message = "buddy";
Zeile 2509	Zeile 3000
} $error_message = $lang->$string;	} $error_message = $lang->$string;
array_pop($users); // To maintain a proper count when we call count($users)	array_pop($users); // To maintain a proper count when we call count($users)
continue; } if(isset($requests[$user['uid']]))	continue; } if(isset($requests[$user['uid']]))
{ if($mybb->get_input('manage') != "ignored") {	{ if($mybb->get_input('manage') != "ignored") {
$error_message = $lang->users_already_sent_request; } elseif($mybb->get_input('manage') == "ignored") { $error_message = $lang->users_already_sent_request_alt;	$error_message = $lang->users_already_sent_request; } elseif($mybb->get_input('manage') == "ignored") { $error_message = $lang->users_already_sent_request_alt;
}	}
array_pop($users); // To maintain a proper count when we call count($users) continue; }	array_pop($users); // To maintain a proper count when we call count($users) continue; }
Zeile 2545	Zeile 3036
// Do we have auto approval set to On? if($user['buddyrequestsauto'] == 1 && $mybb->get_input('manage') != "ignored")	// Do we have auto approval set to On? if($user['buddyrequestsauto'] == 1 && $mybb->get_input('manage') != "ignored")
{ $existing_users[] = $user['uid']; $pm = array(	{ $existing_users[] = $user['uid']; $pm = array(
'subject' => 'buddyrequest_new_buddy', 'message' => 'buddyrequest_new_buddy_message',	'subject' => 'buddyrequest_new_buddy', 'message' => 'buddyrequest_new_buddy_message',
'touid' => $user['uid'], 'receivepms' => (int)$user['buddyrequestspm'], 'language' => $user['language'], 'language_file' => 'usercp' );	'touid' => $user['uid'], 'receivepms' => (int)$user['buddyrequestspm'], 'language' => $user['language'], 'language_file' => 'usercp' );
send_pm($pm); } elseif($user['buddyrequestsauto'] != 1 && $mybb->get_input('manage') != "ignored") { // Send request $id = $db->insert_query('buddyrequests', array('uid' => (int)$mybb->user['uid'], 'touid' => (int)$user['uid'], 'date' => TIME_NOW));	send_pm($pm); } elseif($user['buddyrequestsauto'] != 1 && $mybb->get_input('manage') != "ignored") { // Send request $id = $db->insert_query('buddyrequests', array('uid' => (int)$mybb->user['uid'], 'touid' => (int)$user['uid'], 'date' => TIME_NOW));

$pm = array( 'subject' => 'buddyrequest_received', 'message' => 'buddyrequest_received_message',	$pm = array( 'subject' => 'buddyrequest_received', 'message' => 'buddyrequest_received_message',
Zeile 2592	Zeile 3083
} $error_message .= $lang->invalid_user_selected;	} $error_message .= $lang->invalid_user_selected;
}	}
if(($adding_self != true \|\| ($adding_self == true && count($users) > 0)) && ($error_message == "" \|\| count($users) > 1)) { if($mybb->get_input('manage') == "ignored")	if(($adding_self != true \|\| ($adding_self == true && count($users) > 0)) && ($error_message == "" \|\| count($users) > 1)) { if($mybb->get_input('manage') == "ignored")
Zeile 2607	Zeile 3098
} if($adding_self == true)	} if($adding_self == true)
{ if($mybb->get_input('manage') == "ignored")	{ if($mybb->get_input('manage') == "ignored")
{ $error_message = $lang->cant_add_self_to_ignore_list; }	{ $error_message = $lang->cant_add_self_to_ignore_list; }
Zeile 2621	Zeile 3112
if(count($existing_users) == 0) { $message = "";	if(count($existing_users) == 0) { $message = "";

if($sent === true) { $message = $lang->buddyrequests_sent_success;	if($sent === true) { $message = $lang->buddyrequests_sent_success;
Zeile 2630	Zeile 3121
} // Removing a user from this list	} // Removing a user from this list
else if($mybb->get_input('delete', MyBB::INPUT_INT))	elseif($mybb->get_input('delete', MyBB::INPUT_INT))
{ // Check if user exists on the list $key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);	{ // Check if user exists on the list $key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $existing_users);
Zeile 2644	Zeile 3135
if($user['buddylist'] != '') { $user['buddylist'] = explode(',', $user['buddylist']);	if($user['buddylist'] != '') { $user['buddylist'] = explode(',', $user['buddylist']);
}	}
else { $user['buddylist'] = array(); }	else { $user['buddylist'] = array(); }

$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $user['buddylist']); unset($user['buddylist'][$key]);	$key = array_search($mybb->get_input('delete', MyBB::INPUT_INT), $user['buddylist']); unset($user['buddylist'][$key]);

// Now we have the new list, so throw it all back together $new_list = implode(",", $user['buddylist']);	// Now we have the new list, so throw it all back together $new_list = implode(",", $user['buddylist']);

// And clean it up a little to ensure there is no possibility of bad values $new_list = preg_replace("#,{2,}#", ",", $new_list); $new_list = preg_replace("#[^0-9,]#", "", $new_list);	// And clean it up a little to ensure there is no possibility of bad values $new_list = preg_replace("#,{2,}#", ",", $new_list); $new_list = preg_replace("#[^0-9,]#", "", $new_list);

if(my_substr($new_list, 0, 1) == ",")	if(my_substr($new_list, 0, 1) == ",")
{	{
$new_list = my_substr($new_list, 1);	$new_list = my_substr($new_list, 1);
}	}
if(my_substr($new_list, -1) == ",") { $new_list = my_substr($new_list, 0, my_strlen($new_list)-2);	if(my_substr($new_list, -1) == ",") { $new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
} $user['buddylist'] = $db->escape_string($new_list);	} $user['buddylist'] = $db->escape_string($new_list);
$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'"); } if($mybb->get_input('manage') == "ignored") { $message = $lang->removed_from_ignore_list;	$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'"); } if($mybb->get_input('manage') == "ignored") { $message = $lang->removed_from_ignore_list;
}	}
else { $message = $lang->removed_from_buddy_list;	else { $message = $lang->removed_from_buddy_list;
Zeile 2699	Zeile 3190
$new_list = my_substr($new_list, 1); } if(my_substr($new_list, -1) == ",")	$new_list = my_substr($new_list, 1); } if(my_substr($new_list, -1) == ",")
{	{
$new_list = my_substr($new_list, 0, my_strlen($new_list)-2); } // And update $user = array(); if($mybb->get_input('manage') == "ignored")	$new_list = my_substr($new_list, 0, my_strlen($new_list)-2); } // And update $user = array(); if($mybb->get_input('manage') == "ignored")
{	{
$user['ignorelist'] = $db->escape_string($new_list); $mybb->user['ignorelist'] = $user['ignorelist']; }	$user['ignorelist'] = $db->escape_string($new_list); $mybb->user['ignorelist'] = $user['ignorelist']; }
Zeile 2726	Zeile 3217
if($mybb->get_input('manage') == "ignored") { $list = "ignore";	if($mybb->get_input('manage') == "ignored") { $list = "ignore";
} else {	} else {
$list = "buddy"; }	$list = "buddy"; }
Zeile 2736	Zeile 3227
if($message) { $message_js = "$.jGrowl('{$message}', {theme:'jgrowl_success'});";	if($message) { $message_js = "$.jGrowl('{$message}', {theme:'jgrowl_success'});";
}	}
if($error_message) {	if($error_message) {
Zeile 2750	Zeile 3241
if($new_list == "") { echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";	if($new_list == "") { echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";
	echo "\$(\"#buddylink\").remove();\n";
if($mybb->get_input('manage') == "ignored")	if($mybb->get_input('manage') == "ignored")
{	{
echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";	echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";
}	}
else { echo "\$(\"#buddy_list\").html(\"<li>{$lang->buddy_list_empty}</li>\");\n"; }	else { echo "\$(\"#buddy_list\").html(\"<li>{$lang->buddy_list_empty}</li>\");\n"; }
}	}
else { echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"".count(explode(",", $new_list))."\");\n";	else { echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"".count(explode(",", $new_list))."\");\n";
Zeile 2781	Zeile 3274
if($mybb->input['action'] == "editlists") { $plugins->run_hooks("usercp_editlists_start");	if($mybb->input['action'] == "editlists") { $plugins->run_hooks("usercp_editlists_start");

$timecut = TIME_NOW - $mybb->settings['wolcutoff']; // Fetch out buddies $buddy_count = 0; $buddy_list = ''; if($mybb->user['buddylist'])	$timecut = TIME_NOW - $mybb->settings['wolcutoff']; // Fetch out buddies $buddy_count = 0; $buddy_list = ''; if($mybb->user['buddylist'])
{	{
$type = "buddy"; $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array("order_by" => "username"));	$type = "buddy"; $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array("order_by" => "username"));
while($user = $db->fetch_array($query)) { $user['username'] = htmlspecialchars_uni($user['username']); $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); if($user['lastactive'] > $timecut && ($user['invisible'] == 0 \|\| $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive']) {	while($user = $db->fetch_array($query)) { $user['username'] = htmlspecialchars_uni($user['username']); $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); if($user['lastactive'] > $timecut && ($user['invisible'] == 0 \|\| $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive']) {
$status = "online"; } else	$status = "online"; } else
Zeile 2810	Zeile 3303
$lang->current_buddies = $lang->sprintf($lang->current_buddies, $buddy_count); if(!$buddy_list)	$lang->current_buddies = $lang->sprintf($lang->current_buddies, $buddy_count); if(!$buddy_list)
{ eval("\$buddy_list = \"".$templates->get("usercp_editlists_no_buddies")."\";");	{ eval("\$buddy_list = \"".$templates->get("usercp_editlists_no_buddies")."\";");
} // Fetch out ignore list users $ignore_count = 0; $ignore_list = '';	} // Fetch out ignore list users $ignore_count = 0; $ignore_list = '';
if($mybb->user['ignorelist']) {	if($mybb->user['ignorelist']) {
$type = "ignored"; $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['ignorelist']})", array("order_by" => "username")); while($user = $db->fetch_array($query))	$type = "ignored"; $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['ignorelist']})", array("order_by" => "username")); while($user = $db->fetch_array($query))
Zeile 2826	Zeile 3319
$user['username'] = htmlspecialchars_uni($user['username']); $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); if($user['lastactive'] > $timecut && ($user['invisible'] == 0 \|\| $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])	$user['username'] = htmlspecialchars_uni($user['username']); $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); if($user['lastactive'] > $timecut && ($user['invisible'] == 0 \|\| $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])
{	{
$status = "online"; } else	$status = "online"; } else
Zeile 2848	Zeile 3341
if($mybb->request_method == "post" && $mybb->input['ajax'] == 1) { if($mybb->input['manage'] == "ignored")	if($mybb->request_method == "post" && $mybb->input['ajax'] == 1) { if($mybb->input['manage'] == "ignored")
{	{
echo $ignore_list; echo "<script type=\"text/javascript\"> $(\"#ignored_count\").html(\"{$ignore_count}\"); {$message_js}</script>"; }	echo $ignore_list; echo "<script type=\"text/javascript\"> $(\"#ignored_count\").html(\"{$ignore_count}\"); {$message_js}</script>"; }
Zeile 2867	Zeile 3360
{ $bgcolor = alt_trow(); $request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);	{ $bgcolor = alt_trow(); $request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);
$request['date'] = my_date($mybb->settings['dateformat'], $request['date'])." ".my_date($mybb->settings['timeformat'], $request['date']);	$request['date'] = my_date('relative', $request['date']);
eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request", 1, 0)."\";"); }	eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request", 1, 0)."\";"); }
Zeile 2878	Zeile 3371
eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");	eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");
echo $sentrequests;
echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>"; } else	echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>"; } else
Zeile 2890	Zeile 3382
exit; }	exit; }
$received_rows = '';	$received_rows = $bgcolor = '';
$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r	$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r
Zeile 2901	Zeile 3393
{ $bgcolor = alt_trow(); $request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['uid']);	{ $bgcolor = alt_trow(); $request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['uid']);
$request['date'] = my_date($mybb->settings['dateformat'], $request['date'])." ".my_date($mybb->settings['timeformat'], $request['date']);	$request['date'] = my_date('relative', $request['date']);
eval("\$received_rows .= \"".$templates->get("usercp_editlists_received_request")."\";"); }	eval("\$received_rows .= \"".$templates->get("usercp_editlists_received_request")."\";"); }
Zeile 2912	Zeile 3404
eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");	eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");
$sent_rows = '';	$sent_rows = $bgcolor = '';
$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r	$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r
Zeile 2923	Zeile 3415
{ $bgcolor = alt_trow(); $request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);	{ $bgcolor = alt_trow(); $request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);
$request['date'] = my_date($mybb->settings['dateformat'], $request['date'])." ".my_date($mybb->settings['timeformat'], $request['date']);	$request['date'] = my_date('relative', $request['date']);
eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request")."\";"); }	eval("\$sent_rows .= \"".$templates->get("usercp_editlists_sent_request")."\";"); }
Zeile 2959	Zeile 3451
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid) WHERE p.uid = '{$mybb->user['uid']}' AND p.visible = '-2'	LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid) WHERE p.uid = '{$mybb->user['uid']}' AND p.visible = '-2'
ORDER BY p.dateline DESC	ORDER BY p.dateline DESC, p.pid DESC
"); while($draft = $db->fetch_array($query))	"); while($draft = $db->fetch_array($query))
Zeile 2974	Zeile 3466
$editurl = "newreply.php?action=editdraft&pid={$draft['pid']}"; $id = $draft['pid']; $type = "post";	$editurl = "newreply.php?action=editdraft&pid={$draft['pid']}"; $id = $draft['pid']; $type = "post";
}	}
elseif($draft['threadvisible'] == -2) // We're looking at a draft thread { $draft['forumlink'] = get_forum_link($draft['fid']);	elseif($draft['threadvisible'] == -2) // We're looking at a draft thread { $draft['forumlink'] = get_forum_link($draft['fid']);
Zeile 2988	Zeile 3480
$draft['subject'] = htmlspecialchars_uni($draft['subject']); $savedate = my_date('relative', $draft['dateline']); eval("\$drafts .= \"".$templates->get("usercp_drafts_draft")."\";");	$draft['subject'] = htmlspecialchars_uni($draft['subject']); $savedate = my_date('relative', $draft['dateline']); eval("\$drafts .= \"".$templates->get("usercp_drafts_draft")."\";");
} }	} }
else { $disable_delete_drafts = 'disabled="disabled"'; eval("\$drafts = \"".$templates->get("usercp_drafts_none")."\";");	else { $disable_delete_drafts = 'disabled="disabled"'; eval("\$drafts = \"".$templates->get("usercp_drafts_none")."\";");
}	}
$plugins->run_hooks("usercp_drafts_end"); eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";");	$plugins->run_hooks("usercp_drafts_end"); eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";");
Zeile 3007	Zeile 3499
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_drafts_start");
$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY); if(empty($mybb->input['deletedraft'])) { error($lang->no_drafts_selected); }	$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY); if(empty($mybb->input['deletedraft'])) { error($lang->no_drafts_selected); }
	$plugins->run_hooks("usercp_do_drafts_start");
$pidin = array(); $tidin = array();	$pidin = array(); $tidin = array();

foreach($mybb->input['deletedraft'] as $id => $val)	foreach($mybb->input['deletedraft'] as $id => $val)
{	{
if($val == "post") { $pidin[] = "'".(int)$id."'";	if($val == "post") { $pidin[] = "'".(int)$id."'";
Zeile 3031	Zeile 3526
$tidin = implode(",", $tidin); $db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'"); $tidinp = "OR tid IN ($tidin)";	$tidin = implode(",", $tidin); $db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'"); $tidinp = "OR tid IN ($tidin)";
	} else { $tidinp = '';
} if($pidin \|\| $tidinp) {	} if($pidin \|\| $tidinp) {
Zeile 3052	Zeile 3551
if($mybb->input['action'] == "usergroups") {	if($mybb->input['action'] == "usergroups") {
$plugins->run_hooks("usercp_usergroups_start");
$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].","; $usergroups = $mybb->cache->read('usergroups');	$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].","; $usergroups = $mybb->cache->read('usergroups');
	$plugins->run_hooks("usercp_usergroups_start");
// Changing our display group if($mybb->get_input('displaygroup', MyBB::INPUT_INT))	// Changing our display group if($mybb->get_input('displaygroup', MyBB::INPUT_INT))
{	{
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false) { error($lang->not_member_of_group);	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false) { error($lang->not_member_of_group);
}	}
$dispgroup = $usergroups[$mybb->get_input('displaygroup', MyBB::INPUT_INT)]; if($dispgroup['candisplaygroup'] != 1) {	$dispgroup = $usergroups[$mybb->get_input('displaygroup', MyBB::INPUT_INT)]; if($dispgroup['candisplaygroup'] != 1) {
Zeile 3084	Zeile 3584
if($mybb->get_input('leavegroup', MyBB::INPUT_INT)) { // Verify incoming POST request	if($mybb->get_input('leavegroup', MyBB::INPUT_INT)) { // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);	verify_post_check($mybb->get_input('my_post_key'));
if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false) {	if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false) {
Zeile 3145	Zeile 3645
$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'"); $joinrequest = $db->fetch_array($query);	$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'"); $joinrequest = $db->fetch_array($query);

if($joinrequest['rid'])	if($joinrequest['rid'])
{	{
error($lang->already_sent_join_request); }	error($lang->already_sent_join_request); }

if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4) {	if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4) {
	$reasonlength = my_strlen($mybb->get_input('reason')); if($reasonlength > 250) // Reason field is varchar(250) in database { error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250))); }
$now = TIME_NOW; $joinrequest = array( "uid" => $mybb->user['uid'],	$now = TIME_NOW; $joinrequest = array( "uid" => $mybb->user['uid'],
Zeile 3214	Zeile 3723
$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('acceptinvite', MyBB::INPUT_INT)."' AND invite='1'"); $joinrequest = $db->fetch_array($query); if($joinrequest['rid'])	$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('acceptinvite', MyBB::INPUT_INT)."' AND invite='1'"); $joinrequest = $db->fetch_array($query); if($joinrequest['rid'])
{	{
join_usergroup($mybb->user['uid'], $mybb->get_input('acceptinvite', MyBB::INPUT_INT)); $db->delete_query("joinrequests", "uid='{$mybb->user['uid']}' AND gid='".$mybb->get_input('acceptinvite', MyBB::INPUT_INT)."'"); $plugins->run_hooks("usercp_usergroups_accept_invite");	join_usergroup($mybb->user['uid'], $mybb->get_input('acceptinvite', MyBB::INPUT_INT)); $db->delete_query("joinrequests", "uid='{$mybb->user['uid']}' AND gid='".$mybb->get_input('acceptinvite', MyBB::INPUT_INT)."'"); $plugins->run_hooks("usercp_usergroups_accept_invite");
Zeile 3284	Zeile 3793
$usergroup = $usergroups[$mybb->user['usergroup']]; $usergroup['title'] = htmlspecialchars_uni($usergroup['title']); $usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);	$usergroup = $usergroups[$mybb->user['usergroup']]; $usergroup['title'] = htmlspecialchars_uni($usergroup['title']); $usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);
$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);	if($usergroup['description']) { $usergroup['description'] = htmlspecialchars_uni($usergroup['description']); eval("\$description = \"".$templates->get("usercp_usergroups_memberof_usergroup_description")."\";"); }
eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";"); $trow = alt_trow(); if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])	eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";"); $trow = alt_trow(); if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])
Zeile 3304	Zeile 3817
$showmemberof = false; if($mybb->user['additionalgroups']) {	$showmemberof = false; if($mybb->user['additionalgroups']) {
$query = $db->simple_select("usergroups", "*", "gid IN (".$mybb->user['additionalgroups'].") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title'));	$additionalgroups = implode( ',', array_map( 'intval', explode(',', $mybb->user['additionalgroups']) ) ); $query = $db->simple_select("usergroups", "*", "gid IN (".$additionalgroups.") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title'));
while($usergroup = $db->fetch_array($query)) { $showmemberof = true;	while($usergroup = $db->fetch_array($query)) { $showmemberof = true;
Zeile 3336	Zeile 3856
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";"); } elseif($usergroup['candisplaygroup'] == 1)	eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";"); } elseif($usergroup['candisplaygroup'] == 1)
{	{
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";"); } else	eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";"); } else
Zeile 3345	Zeile 3865
} eval("\$memberoflist .= \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";"); }	} eval("\$memberoflist .= \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";"); }
}	}
eval("\$membergroups = \"".$templates->get("usercp_usergroups_memberof")."\";");	eval("\$membergroups = \"".$templates->get("usercp_usergroups_memberof")."\";");

// List of groups this user has applied for but has not been accepted in to $query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'"); while($request = $db->fetch_array($query))	// List of groups this user has applied for but has not been accepted in to $query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'"); while($request = $db->fetch_array($query))
Zeile 3359	Zeile 3879
$existinggroups = $mybb->user['usergroup']; if($mybb->user['additionalgroups']) {	$existinggroups = $mybb->user['usergroup']; if($mybb->user['additionalgroups']) {
$existinggroups .= ",".$mybb->user['additionalgroups'];	$additionalgroups = implode( ',', array_map( 'intval', explode(',', $mybb->user['additionalgroups']) ) ); $existinggroups .= ",".$additionalgroups;
} $joinablegroups = $joinablegrouplist = '';	} $joinablegroups = $joinablegrouplist = '';
Zeile 3441	Zeile 3968
if($mybb->input['action'] == "attachments") {	if($mybb->input['action'] == "attachments") {
$plugins->run_hooks("usercp_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php"; if($mybb->settings['enableattachments'] == 0) { error($lang->attachments_disabled);	require_once MYBB_ROOT."inc/functions_upload.php"; if($mybb->settings['enableattachments'] == 0) { error($lang->attachments_disabled);
	} $plugins->run_hooks("usercp_attachments_start"); // Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(true); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";
} $attachments = '';	} $attachments = '';
Zeile 3455	Zeile 3996
if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1) { $mybb->settings['threadsperpage'] = 20;	if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1) { $mybb->settings['threadsperpage'] = 20;
}	}
$perpage = $mybb->settings['threadsperpage']; $page = $mybb->get_input('page', MyBB::INPUT_INT); if($page > 0) { $start = ($page-1) * $perpage;	$perpage = $mybb->settings['threadsperpage']; $page = $mybb->get_input('page', MyBB::INPUT_INT); if($page > 0) { $start = ($page-1) * $perpage;
}	}
else { $start = 0; $page = 1;	else { $start = 0; $page = 1;
}	}
$end = $start + $perpage; $lower = $start+1;	$end = $start + $perpage; $lower = $start+1;
Zeile 3478	Zeile 4019
FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)	FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE a.uid='".$mybb->user['uid']."' ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}	WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql} ORDER BY p.dateline DESC, p.pid DESC LIMIT {$start}, {$perpage}
");	");
$bandwidth = $totaldownloads = 0;	$bandwidth = $totaldownloads = $totalusage = $totalattachments = $processedattachments = 0;
while($attachment = $db->fetch_array($query)) { if($attachment['dateline'] && $attachment['tid'])	while($attachment = $db->fetch_array($query)) { if($attachment['dateline'] && $attachment['tid'])
Zeile 3491	Zeile 4032
$attachment['postlink'] = get_post_link($attachment['pid'], $attachment['tid']); $attachment['threadlink'] = get_thread_link($attachment['tid']); $attachment['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($attachment['threadsubject']));	$attachment['postlink'] = get_post_link($attachment['pid'], $attachment['tid']); $attachment['threadlink'] = get_thread_link($attachment['tid']); $attachment['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($attachment['threadsubject']));

$size = get_friendly_size($attachment['filesize']); $icon = get_attachment_icon(get_extension($attachment['filename'])); $attachment['filename'] = htmlspecialchars_uni($attachment['filename']);	$size = get_friendly_size($attachment['filesize']); $icon = get_attachment_icon(get_extension($attachment['filename'])); $attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
Zeile 3505	Zeile 4046
// Add to bandwidth total $bandwidth += ($attachment['filesize'] * $attachment['downloads']); $totaldownloads += $attachment['downloads'];	// Add to bandwidth total $bandwidth += ($attachment['filesize'] * $attachment['downloads']); $totaldownloads += $attachment['downloads'];
	$totalusage += $attachment['filesize']; ++$totalattachments;
} else { // This little thing delets attachments without a thread/post remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']); }	} else { // This little thing delets attachments without a thread/post remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']); }
	++$processedattachments; } $multipage = ''; if($processedattachments >= $perpage \|\| $page > 1) { $query = $db->query(" SELECT SUM(a.filesize) AS ausage, COUNT(a.aid) AS acount FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql} "); $usage = $db->fetch_array($query); $totalusage = $usage['ausage']; $totalattachments = $usage['acount']; $multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
}	}
$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'"); $usage = $db->fetch_array($query); $totalusage = $usage['ausage']; $totalattachments = $usage['acount']; $friendlyusage = get_friendly_size($totalusage);	$friendlyusage = get_friendly_size((int)$totalusage);
if($mybb->usergroup['attachquota']) {	if($mybb->usergroup['attachquota']) {
$percent = round(($totalusage/($mybb->usergroup['attachquota']1024))100)."%";	$percent = round(($totalusage/($mybb->usergroup['attachquota']1024))100); $friendlyusage .= $lang->sprintf($lang->attachments_usage_percent, $percent);
$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);	$attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024);
$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments);	$usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $totalattachments);
} else {	} else {
$percent = $lang->unlimited;
$attachquota = $lang->unlimited; $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments); }	$attachquota = $lang->unlimited; $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments); }
$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
$bandwidth = get_friendly_size($bandwidth);	$bandwidth = get_friendly_size($bandwidth);
	eval("\$delete_button = \"".$templates->get("delete_attachments_button")."\";");
if(!$attachments) { eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); $usagenote = '';	if(!$attachments) { eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); $usagenote = '';
}	$delete_button = ''; }
$plugins->run_hooks("usercp_attachments_end"); eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";"); output_page($manageattachments); }	$plugins->run_hooks("usercp_attachments_end"); eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";"); output_page($manageattachments); }

if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php"; if(!isset($mybb->input['attachments']) \|\| !is_array($mybb->input['attachments']))	require_once MYBB_ROOT."inc/functions_upload.php"; if(!isset($mybb->input['attachments']) \|\| !is_array($mybb->input['attachments']))
{	{
error($lang->no_attachments_selected); }	error($lang->no_attachments_selected); }
	$plugins->run_hooks("usercp_do_attachments_start"); // Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(true); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND p.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)"; }
$aids = implode(',', array_map('intval', $mybb->input['attachments']));	$aids = implode(',', array_map('intval', $mybb->input['attachments']));
$query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'");	$query = $db->query(" SELECT a.*, p.fid FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) WHERE aid IN ({$aids}) AND a.uid={$mybb->user['uid']} {$f_perm_sql} ");
while($attachment = $db->fetch_array($query)) { remove_attachment($attachment['pid'], '', $attachment['aid']);	while($attachment = $db->fetch_array($query)) { remove_attachment($attachment['pid'], '', $attachment['aid']);
Zeile 3708	Zeile 4289
elseif($warning['expired']) { $expires = $lang->already_expired;	elseif($warning['expired']) { $expires = $lang->already_expired;
}	}
elseif($warning['expires'] == 0)	elseif($warning['expires'] == 0)
{	{
$expires = $lang->never;	$expires = $lang->never;
}	}
else {	else {
$expires = my_date('relative', $warning['expires']);	$expires = nice_time($warning['expires']-TIME_NOW);
}	}

$alt_bg = alt_trow(); eval("\$warnings .= \"".$templates->get("usercp_warnings_warning")."\";"); }	$alt_bg = alt_trow(); eval("\$warnings .= \"".$templates->get("usercp_warnings_warning")."\";"); }
Zeile 3736	Zeile 4317
$mybb->user['posts'] = my_number_format($mybb->user['postnum']); // Build referral link	$mybb->user['posts'] = my_number_format($mybb->user['postnum']); // Build referral link
	$referral_info = '';
if($mybb->settings['usereferrals'] == 1) { $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);	if($mybb->settings['usereferrals'] == 1) { $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);
	$referral_count = (int) $mybb->user['referrals']; if($referral_count > 0) { $uid = (int) $mybb->user['uid']; eval("\$mybb->user['referrals'] = \"".$templates->get('member_referrals_link')."\";"); }
eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";"); }	eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";"); }
Zeile 3747	Zeile 4337
$mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']); eval("\$user_notepad = \"".$templates->get("usercp_notepad")."\";"); $plugins->run_hooks("usercp_notepad_end");	$mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']); eval("\$user_notepad = \"".$templates->get("usercp_notepad")."\";"); $plugins->run_hooks("usercp_notepad_end");

// Thread Subscriptions with New Posts $latest_subscribed = ''; $query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1)); if($db->num_rows($query)) {	// Thread Subscriptions with New Posts $latest_subscribed = ''; $query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1)); if($db->num_rows($query)) {
$visible = "AND t.visible != 0"; if(is_moderator() == true)	$where = array( "s.uid={$mybb->user['uid']}", "t.lastposteruid!={$mybb->user['uid']}", get_visible_where('t') ); if($unviewable_forums = get_unviewable_forums(true)) { $where[] = "t.fid NOT IN ({$unviewable_forums})"; } if($inactive_forums = get_inactive_forums())
{	{
$visible = '';	$where[] = "t.fid NOT IN ({$inactive_forums})";
}	}
	$where = implode(' AND ', $where);
$query = $db->query(" SELECT s., t., t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)	$query = $db->query(" SELECT s., t., t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE s.uid='".$mybb->user['uid']."' {$visible}	WHERE {$where}
ORDER BY t.lastpost DESC LIMIT 0, 10 ");	ORDER BY t.lastpost DESC LIMIT 0, 10 ");
	$subscriptions = array();
$fpermissions = forum_permissions();	$fpermissions = forum_permissions();

while($subscription = $db->fetch_array($query)) { $forumpermissions = $fpermissions[$subscription['fid']];	while($subscription = $db->fetch_array($query)) { $forumpermissions = $fpermissions[$subscription['fid']];
if($forumpermissions['canview'] != 0 && $forumpermissions['canviewthreads'] != 0 && ($forumpermissions['canonlyviewownthreads'] == 0 \|\| $subscription['uid'] == $mybb->user['uid'])) {	if($forumpermissions['canonlyviewownthreads'] == 0 \|\| $subscription['uid'] == $mybb->user['uid']) {
$subscriptions[$subscription['tid']] = $subscription; } }	$subscriptions[$subscription['tid']] = $subscription; } }
if(is_array($subscriptions))	if($subscriptions)
{ $tids = implode(",", array_keys($subscriptions));	{ $tids = implode(",", array_keys($subscriptions));
Zeile 3813	Zeile 4418
$icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes();	$icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes();
	$latest_subscribed_threads = '';
foreach($subscriptions as $thread) {	foreach($subscriptions as $thread) {
	$plugins->run_hooks("usercp_thread_subscriptions_thread");
$folder = ''; $folder_label = ''; $gotounread = '';	$folder = ''; $folder_label = ''; $gotounread = '';
Zeile 3852	Zeile 4459
$icon = " "; }	$icon = " "; }
if($thread['doticon'])	if(!isset($thread['doticon']))
{ $folder = "dot_"; $folder_label .= $lang->icon_dot; } // Check to see which icon we display	{ $folder = "dot_"; $folder_label .= $lang->icon_dot; } // Check to see which icon we display
if($thread['lastread'] && $thread['lastread'] < $thread['lastpost'])	if(!empty($thread['lastread']) && $thread['lastread'] < $thread['lastpost'])
{ $folder .= "new"; $folder_label .= $lang->icon_new;	{ $folder .= "new"; $folder_label .= $lang->icon_new;
Zeile 3881	Zeile 4488
} $lastpostdate = my_date('relative', $thread['lastpost']);	} $lastpostdate = my_date('relative', $thread['lastpost']);
$lastposter = htmlspecialchars_uni($thread['lastposter']);
$lastposteruid = $thread['lastposteruid'];	$lastposteruid = $thread['lastposteruid'];
	if(!$lastposteruid && !$thread['lastposter']) { $lastposter = htmlspecialchars_uni($lang->guest); } else { $lastposter = htmlspecialchars_uni($thread['lastposter']); }
if($lastposteruid == 0) {	if($lastposteruid == 0) {
Zeile 3907	Zeile 4521
} // User's Latest Threads	} // User's Latest Threads
// Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)"; } $visible = " AND t.visible != 0"; if(is_moderator() == true)	$where = array( "t.uid={$mybb->user['uid']}", get_visible_where('t') ); if($unviewable_forums = get_unviewable_forums(true)) { $where[] = "t.fid NOT IN ({$unviewable_forums})"; } if($inactive_forums = get_inactive_forums())
{	{
$visible = '';	$where[] = "t.fid NOT IN ({$inactive_forums})";
}	}
	$where = implode(' AND ', $where);
$query = $db->query(" SELECT t.*, t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threads t LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)	$query = $db->query(" SELECT t.*, t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threads t LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE t.uid='".$mybb->user['uid']."' AND t.firstpost != 0 AND t.visible >= 0 {$visible}{$f_perm_sql}	WHERE {$where}
ORDER BY t.lastpost DESC LIMIT 0, 5 ");	ORDER BY t.lastpost DESC LIMIT 0, 5 ");
Zeile 3941	Zeile 4552
$fpermissions = forum_permissions(); while($thread = $db->fetch_array($query)) {	$fpermissions = forum_permissions(); while($thread = $db->fetch_array($query)) {
// Moderated, and not moderator? if($thread['visible'] == 0 && is_moderator($thread['fid'], "canviewunapprove") === false) { continue; } $forumpermissions = $fpermissions[$thread['fid']]; if($forumpermissions['canview'] != 0 \|\| $forumpermissions['canviewthreads'] != 0) { $threadcache[$thread['tid']] = $thread; }	$threadcache[$thread['tid']] = $thread;
} $latest_threads = '';	} $latest_threads = '';
Zeile 3968	Zeile 4569
WHERE f.active != 0 ORDER BY pid, disporder ");	WHERE f.active != 0 ORDER BY pid, disporder ");

while($forum = $db->fetch_array($query)) { $readforums[$forum['fid']] = $forum['lastread'];	while($forum = $db->fetch_array($query)) { $readforums[$forum['fid']] = $forum['lastread'];
Zeile 4001	Zeile 4602
$latest_threads_threads = ''; foreach($threadcache as $thread) {	$latest_threads_threads = ''; foreach($threadcache as $thread) {
	$plugins->run_hooks("usercp_latest_threads_thread");
if($thread['tid']) { $bgcolor = alt_trow();	if($thread['tid']) { $bgcolor = alt_trow();
Zeile 4062	Zeile 4664
$cutoff = 0; if($thread['lastpost'] > $cutoff) {	$cutoff = 0; if($thread['lastpost'] > $cutoff) {
if($thread['lastread'])	if(!empty($thread['lastread']))
{ $lastread = $thread['lastread']; }	{ $lastread = $thread['lastread']; }
Zeile 4117	Zeile 4719
if($thread['closed'] == 1) {	if($thread['closed'] == 1) {
$folder .= "lock"; $folder_label .= $lang->icon_lock;	$folder .= "close"; $folder_label .= $lang->icon_close;
} $folder .= "folder";	} $folder .= "folder";