Vergleich usercp.php - 1.8.22 - 1.8.34

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 32Zeile 32

require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

 

require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

 
require_once MYBB_ROOT."inc/functions_search.php";

require_once MYBB_ROOT."inc/functions_user.php";
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;

require_once MYBB_ROOT."inc/functions_user.php";
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;

Zeile 44Zeile 45
	error_no_permission();
}


 
	error_no_permission();
}


if(!$mybb->user['pmfolders'])
{
	$mybb->user['pmfolders'] = '1**$%%$2**$%%$3**$%%$4**';
	$db->update_query('users', array('pmfolders' => $mybb->user['pmfolders']), "uid = {$mybb->user['uid']}");
}

$errors = '';

$errors = '';








$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();


 

$mybb->input['action'] = $mybb->get_input('action');

usercp_menu();


$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);

if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0)

$server_http_referer = '';
if(isset($_SERVER['HTTP_REFERER']))


{

 
{

	if(my_strpos($server_http_referer, '/') === 0)



	$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);

	if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0)

	{

 
	{

		$server_http_referer = my_substr($server_http_referer, 1);






		if(my_strpos($server_http_referer, '/') === 0)
		{
			$server_http_referer = my_substr($server_http_referer, 1);
		}
		$url_segments = explode('/', $server_http_referer);
		$server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments);

	}

 
	}

	$url_segments = explode('/', $server_http_referer);
	$server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments);

 
}

$plugins->run_hooks("usercp_start");

}

$plugins->run_hooks("usercp_start");

Zeile 154Zeile 153
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 

	$user = array();


	$plugins->run_hooks("usercp_do_profile_start");



	$plugins->run_hooks("usercp_do_profile_start");


Zeile 217Zeile 218
	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler("update");


 
	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler("update");


	$user = array(

	$user = array_merge($user, array(

		"uid" => $mybb->user['uid'],
		"postnum" => $mybb->user['postnum'],
		"usergroup" => $mybb->user['usergroup'],

		"uid" => $mybb->user['uid'],
		"postnum" => $mybb->user['postnum'],
		"usergroup" => $mybb->user['usergroup'],

Zeile 226Zeile 227
		"birthdayprivacy" => $mybb->get_input('birthdayprivacy'),
		"away" => $away,
		"profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)

 
		"birthdayprivacy" => $mybb->get_input('birthdayprivacy'),
		"away" => $away,
		"profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)

	);

	));

	foreach(array('icq', 'skype', 'google') as $cfield)
	{
		$csetting = 'allow'.$cfield.'field';
		if($mybb->settings[$csetting] == '')

 
	foreach(array('icq', 'skype', 'google') as $cfield)
	{
		$csetting = 'allow'.$cfield.'field';
		if($mybb->settings[$csetting] == '')

		{

		{

			continue;
		}


			continue;
		}


Zeile 243Zeile 244
		if($cfield == 'icq')
		{
			$user[$cfield] = $mybb->get_input($cfield, 1);

 
		if($cfield == 'icq')
		{
			$user[$cfield] = $mybb->get_input($cfield, 1);

		}







			if(my_strlen($user[$cfield]) > 10)
			{
				error($lang->contact_field_icqerror);
			}
		}

		else
		{
			$user[$cfield] = $mybb->get_input($cfield);

 
		else
		{
			$user[$cfield] = $mybb->get_input($cfield);

		}
	}








			if(my_strlen($user[$cfield]) > 75)
			{
				error($lang->contact_field_error);
			}
		}
	}


	if($mybb->usergroup['canchangewebsite'] == 1)
	{
		$user['website'] = $mybb->get_input('website');

	if($mybb->usergroup['canchangewebsite'] == 1)
	{
		$user['website'] = $mybb->get_input('website');

Zeile 272Zeile 283
	{
		$errors = $userhandler->get_friendly_errors();
		$raw_errors = $userhandler->get_errors();

 
	{
		$errors = $userhandler->get_friendly_errors();
		$raw_errors = $userhandler->get_errors();





		// Set to stored value if invalid

 
		// Set to stored value if invalid

		if(array_key_exists("invalid_birthday_privacy", $raw_errors))

		if(array_key_exists("invalid_birthday_privacy", $raw_errors) || array_key_exists("conflicted_birthday_privacy", $raw_errors))

		{
			$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];

 
		{
			$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];

 
			$bday = explode("-", $mybb->user['birthday']);

			if(isset($bday[2]))
			{
				$mybb->input['bday3'] = $bday[2];
			}

		}

		$errors = inline_error($errors);

		}

		$errors = inline_error($errors);

Zeile 294Zeile 311
if($mybb->input['action'] == "profile")
{
	if($errors)

 
if($mybb->input['action'] == "profile")
{
	if($errors)

	{

	{

		$user = $mybb->input;
		$bday = array();
		$bday[0] = $mybb->get_input('bday1', MyBB::INPUT_INT);

		$user = $mybb->input;
		$bday = array();
		$bday[0] = $mybb->get_input('bday1', MyBB::INPUT_INT);

Zeile 309Zeile 326
		{
			$bday[1] = 0;
		}

 
		{
			$bday[1] = 0;
		}

		if(!isset($bday[2]))
		{
			$bday[2] = '';
		}

	}
	if(!isset($bday[2]) || $bday[2] == 0)
	{
		$bday[2] = '';

	}

	$plugins->run_hooks("usercp_profile_start");

	}

	$plugins->run_hooks("usercp_profile_start");

Zeile 330Zeile 347
		}

		eval("\$bdaydaysel .= \"".$templates->get("usercp_profile_day")."\";");

 
		}

		eval("\$bdaydaysel .= \"".$templates->get("usercp_profile_day")."\";");

	}

	}


	$bdaymonthsel = array();
	foreach(range(1, 12) as $month)


	$bdaymonthsel = array();
	foreach(range(1, 12) as $month)

Zeile 495Zeile 512
				continue;
			}


 
				continue;
			}


 
			$userfield = $code = $select = $val = $options = $expoptions = $useropts = '';
			$seloptions = array();

			$profilefield['type'] = htmlspecialchars_uni($profilefield['type']);
			$profilefield['name'] = htmlspecialchars_uni($profilefield['name']);
			$profilefield['description'] = htmlspecialchars_uni($profilefield['description']);

			$profilefield['type'] = htmlspecialchars_uni($profilefield['type']);
			$profilefield['name'] = htmlspecialchars_uni($profilefield['name']);
			$profilefield['description'] = htmlspecialchars_uni($profilefield['description']);

Zeile 509Zeile 528
				$options = array();
			}
			$field = "fid{$profilefield['fid']}";

 
				$options = array();
			}
			$field = "fid{$profilefield['fid']}";

			$select = '';

 
			if($errors)
			{
				if(!isset($mybb->input['profile_fields'][$field]))

			if($errors)
			{
				if(!isset($mybb->input['profile_fields'][$field]))

Zeile 666Zeile 684
				eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");
			}
			$altbg = alt_trow();

 
				eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";");
			}
			$altbg = alt_trow();

			$code = "";
			$select = "";
			$val = "";
			$options = "";
			$expoptions = "";
			$useropts = "";
			$seloptions = array();

 
		}
	}
	if($customfields)

		}
	}
	if($customfields)

Zeile 694Zeile 705
					$defaulttitle = htmlspecialchars_uni($title['title']);
					break;
				}

 
					$defaulttitle = htmlspecialchars_uni($title['title']);
					break;
				}

			}
		}
		else

			}
		}
		else

		{
			$defaulttitle = htmlspecialchars_uni($mybb->usergroup['usertitle']);
		}

		{
			$defaulttitle = htmlspecialchars_uni($mybb->usergroup['usertitle']);
		}

Zeile 744Zeile 755

	eval("\$editprofile = \"".$templates->get("usercp_profile")."\";");
	output_page($editprofile);

 

	eval("\$editprofile = \"".$templates->get("usercp_profile")."\";");
	output_page($editprofile);

}


}


if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));






	$user = array();


	$plugins->run_hooks("usercp_do_options_start");

	// Set up user handler.
	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler("update");


 
	$plugins->run_hooks("usercp_do_options_start");

	// Set up user handler.
	require_once MYBB_ROOT."inc/datahandlers/user.php";
	$userhandler = new UserDataHandler("update");


	$user = array(

	$user = array_merge($user, array(

		"uid" => $mybb->user['uid'],
		"style" => $mybb->get_input('style', MyBB::INPUT_INT),
		"dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),

		"uid" => $mybb->user['uid'],
		"style" => $mybb->get_input('style', MyBB::INPUT_INT),
		"dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),

Zeile 766Zeile 779
		"language" => $mybb->get_input('language'),
		'usergroup'	=> $mybb->user['usergroup'],
		'additionalgroups'	=> $mybb->user['additionalgroups']

 
		"language" => $mybb->get_input('language'),
		'usergroup'	=> $mybb->user['usergroup'],
		'additionalgroups'	=> $mybb->user['additionalgroups']

	);

	));


	$user['options'] = array(
		"allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),


	$user['options'] = array(
		"allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),

Zeile 794Zeile 807
	);

	if($mybb->settings['usertppoptions'])

 
	);

	if($mybb->settings['usertppoptions'])

	{

	{

		$user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);
	}


		$user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);
	}


Zeile 823Zeile 836

if($mybb->input['action'] == "options")
{

 

if($mybb->input['action'] == "options")
{

	$plugins->run_hooks("usercp_options_start");


 
	if($errors != '')

 
	if($errors != '')

	{

	{

		$user = $mybb->input;
	}
	else
	{
		$user = $mybb->user;
	}

 
		$user = $mybb->input;
	}
	else
	{
		$user = $mybb->user;
	}

 

	$plugins->run_hooks("usercp_options_start");


	$languages = $lang->get_languages();
	$board_language = $langoptions = '';


	$languages = $lang->get_languages();
	$board_language = $langoptions = '';

Zeile 864Zeile 877
		$allownoticescheck = "";
	}


 
		$allownoticescheck = "";
	}


	if(isset($user['invisible']) && $user['invisible'] == 1)




	$canbeinvisible = '';

	// Check usergroup permission before showing invisible check box
	if($mybb->usergroup['canbeinvisible'] == 1)

	{

 
	{

		$invisiblecheck = "checked=\"checked\"";
	}
	else
	{
		$invisiblecheck = "";





		if(isset($user['invisible']) && $user['invisible'] == 1)
		{
			$invisiblecheck = "checked=\"checked\"";
		}
		else
		{
			$invisiblecheck = "";
		}
		eval('$canbeinvisible = "'.$templates->get("usercp_options_invisible")."\";");

	}

	if(isset($user['hideemail']) && $user['hideemail'] == 1)

	}

	if(isset($user['hideemail']) && $user['hideemail'] == 1)

Zeile 1318Zeile 1338
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


 
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


 
	$user = array();

	$errors = array();

 
	$errors = array();





	$plugins->run_hooks("usercp_do_password_start");
	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false)
	{

	$plugins->run_hooks("usercp_do_password_start");
	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false)
	{

Zeile 1331Zeile 1352
		require_once MYBB_ROOT."inc/datahandlers/user.php";
		$userhandler = new UserDataHandler("update");


 
		require_once MYBB_ROOT."inc/datahandlers/user.php";
		$userhandler = new UserDataHandler("update");


		$user = array(

		$user = array_merge($user, array(

			"uid" => $mybb->user['uid'],
			"password" => $mybb->get_input('password'),
			"password2" => $mybb->get_input('password2')

 
			"uid" => $mybb->user['uid'],
			"password" => $mybb->get_input('password'),
			"password2" => $mybb->get_input('password2')

		);

		$userhandler->set_data($user);

		if(!$userhandler->validate_user())
		{

		));

		$userhandler->set_data($user);

		if(!$userhandler->validate_user())
		{

			$errors = $userhandler->get_friendly_errors();
		}
		else

			$errors = $userhandler->get_friendly_errors();
		}
		else

Zeile 1361Zeile 1382
	{
			$mybb->input['action'] = "password";
			$errors = inline_error($errors);

 
	{
			$mybb->input['action'] = "password";
			$errors = inline_error($errors);

	}
}


	}
}


if($mybb->input['action'] == "password")
{
	$plugins->run_hooks("usercp_password");

if($mybb->input['action'] == "password")
{
	$plugins->run_hooks("usercp_password");

Zeile 1378Zeile 1399
	verify_post_check($mybb->get_input('my_post_key'));

	$errors = array();

 
	verify_post_check($mybb->get_input('my_post_key'));

	$errors = array();


	$plugins->run_hooks("usercp_do_changename_start");




	if($mybb->usergroup['canchangename'] != 1)
	{
		error_no_permission();
	}

 
	if($mybb->usergroup['canchangename'] != 1)
	{
		error_no_permission();
	}

 

	$user = array();

	$plugins->run_hooks("usercp_do_changename_start");


	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)

 

	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)

	{

	{

		$errors[] = $lang->error_invalidpassword;
	}
	else

		$errors[] = $lang->error_invalidpassword;
	}
	else

Zeile 1395Zeile 1419
		require_once MYBB_ROOT."inc/datahandlers/user.php";
		$userhandler = new UserDataHandler("update");


 
		require_once MYBB_ROOT."inc/datahandlers/user.php";
		$userhandler = new UserDataHandler("update");


		$user = array(

		$user = array_merge($user, array(

			"uid" => $mybb->user['uid'],
			"username" => $mybb->get_input('username')

 
			"uid" => $mybb->user['uid'],
			"username" => $mybb->get_input('username')

		);

		));


		$userhandler->set_data($user);



		$userhandler->set_data($user);


Zeile 1411Zeile 1435
			$userhandler->update_user();
			$plugins->run_hooks("usercp_do_changename_end");
			redirect("usercp.php?action=changename", $lang->redirect_namechanged);

 
			$userhandler->update_user();
			$plugins->run_hooks("usercp_do_changename_end");
			redirect("usercp.php?action=changename", $lang->redirect_namechanged);



 
		}
	}
	if(count($errors) > 0)

		}
	}
	if(count($errors) > 0)

Zeile 1449Zeile 1472
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


	$plugins->run_hooks("usercp_do_subscriptions_start");

 

	if(!isset($mybb->input['check']) || !is_array($mybb->input['check']))
	{
		error($lang->no_subscriptions_selected);

 

	if(!isset($mybb->input['check']) || !is_array($mybb->input['check']))
	{
		error($lang->no_subscriptions_selected);

	}



	}

	$plugins->run_hooks("usercp_do_subscriptions_start");


	// Clean input - only accept integers thanks!
	$mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));


	// Clean input - only accept integers thanks!
	$mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));

Zeile 1496Zeile 1519
	$plugins->run_hooks("usercp_subscriptions_start");

	// Thread visiblity

 
	$plugins->run_hooks("usercp_subscriptions_start");

	// Thread visiblity

	$visible = "AND t.visible != 0";
	if(is_moderator() == true)










	$where = array(
		"s.uid={$mybb->user['uid']}",
		get_visible_where('t')
	);

	if($unviewable_forums = get_unviewable_forums(true))
	{
		$where[] = "t.fid NOT IN ({$unviewable_forums})";
	}

	if($inactive_forums = get_inactive_forums())

	{

 
	{

		$visible = '';

		$where[] = "t.fid NOT IN ({$inactive_forums})";

	}

 
	}

 

	$where = implode(' AND ', $where);


	// Do Multi Pages
	$query = $db->query("

 

	// Do Multi Pages
	$query = $db->query("

		SELECT COUNT(ts.tid) as threads
		FROM ".TABLE_PREFIX."threadsubscriptions ts
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = ts.tid)
		WHERE ts.uid = '".$mybb->user['uid']."' AND t.visible >= 0 {$visible}

		SELECT COUNT(s.tid) as threads
		FROM ".TABLE_PREFIX."threadsubscriptions s
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = s.tid)
		WHERE {$where}

	");
	$threadcount = $db->fetch_field($query, "threads");


	");
	$threadcount = $db->fetch_field($query, "threads");


Zeile 1551Zeile 1585
		FROM ".TABLE_PREFIX."threadsubscriptions s
		LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid)
		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

 
		FROM ".TABLE_PREFIX."threadsubscriptions s
		LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid)
		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

		WHERE s.uid='".$mybb->user['uid']."' and t.visible >= 0 {$visible}

		WHERE {$where}

		ORDER BY t.lastpost DESC
		LIMIT $start, $perpage
	");

		ORDER BY t.lastpost DESC
		LIMIT $start, $perpage
	");

Zeile 1559Zeile 1593
	{
		$forumpermissions = $fpermissions[$subscription['fid']];


 
	{
		$forumpermissions = $fpermissions[$subscription['fid']];


		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid']))

		if(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid'])

		{
			// Hmm, you don't have permission to view this thread - unsubscribe!
			$del_subscriptions[] = $subscription['sid'];

		{
			// Hmm, you don't have permission to view this thread - unsubscribe!
			$del_subscriptions[] = $subscription['sid'];

Zeile 1685Zeile 1719

			if($mybb->settings['threadreadcut'] > 0)
			{

 

			if($mybb->settings['threadreadcut'] > 0)
			{

				$forum_read = $readforums[$thread['fid']];


 
				$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;

 
				$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24;

				if($forum_read == 0 || $forum_read < $read_cutoff)
				{

				if(empty($readforums[$thread['fid']]) || $readforums[$thread['fid']] < $read_cutoff)
				{

					$forum_read = $read_cutoff;

 
					$forum_read = $read_cutoff;

 
				}
				else
				{
					$forum_read = $readforums[$thread['fid']];

				}
			}


				}
			}


Zeile 1702Zeile 1738

			if($thread['lastpost'] > $cutoff)
			{

 

			if($thread['lastpost'] > $cutoff)
			{

				if($thread['lastread'])

				if(!empty($thread['lastread']))

				{
					$lastread = $thread['lastread'];
				}

				{
					$lastread = $thread['lastread'];
				}

Zeile 1750Zeile 1786
			{
				$folder .= "close";
				$folder_label .= $lang->icon_close;

 
			{
				$folder .= "close";
				$folder_label .= $lang->icon_close;

			}

			$folder .= "folder";

			}

			$folder .= "folder";


			if($thread['visible'] == 0)

 

			if($thread['visible'] == 0)

			{

			{

				$bgcolor = "trow_shaded";

 
				$bgcolor = "trow_shaded";

			}

			}


			// Build last post info
			$lastpostdate = my_date('relative', $thread['lastpost']);

 

			// Build last post info
			$lastpostdate = my_date('relative', $thread['lastpost']);

 
			$lastposteruid = $thread['lastposteruid'];

			if(!$lastposteruid && !$thread['lastposter'])
			{
				$lastposter = htmlspecialchars_uni($lang->guest);

			if(!$lastposteruid && !$thread['lastposter'])
			{
				$lastposter = htmlspecialchars_uni($lang->guest);

Zeile 1769Zeile 1806
			{
				$lastposter = htmlspecialchars_uni($thread['lastposter']);
			}

 
			{
				$lastposter = htmlspecialchars_uni($thread['lastposter']);
			}

			$lastposteruid = $thread['lastposteruid'];

 

			// Don't link to guest's profiles (they have no profile).
			if($lastposteruid == 0)


			// Don't link to guest's profiles (they have no profile).
			if($lastposteruid == 0)

Zeile 1879Zeile 1915
		elseif(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $forum['lastposteruid'] != $mybb->user['uid'])
		{
			eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost_hidden")."\";");

 
		elseif(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $forum['lastposteruid'] != $mybb->user['uid'])
		{
			eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost_hidden")."\";");

		}
		else
		{

		}
		else
		{

			$forum['lastpostsubject'] = $parser->parse_badwords($forum['lastpostsubject']);
			$lastpost_date = my_date('relative', $forum['lastpost']);
			$lastposttid = $forum['lastposttid'];

			$forum['lastpostsubject'] = $parser->parse_badwords($forum['lastpostsubject']);
			$lastpost_date = my_date('relative', $forum['lastpost']);
			$lastposttid = $forum['lastposttid'];

Zeile 2011Zeile 2047
		$plugins->run_hooks("usercp2_addsubscription_forum");

		add_subscribed_forum($forum['fid']);

 
		$plugins->run_hooks("usercp2_addsubscription_forum");

		add_subscribed_forum($forum['fid']);

		if($server_http_referer && $mybb->request_method != 'post')
		{

		if($server_http_referer && $mybb->request_method != 'post')
		{

			$url = $server_http_referer;

 
			$url = $server_http_referer;

		}

		}

		else
		{
			$url = "index.php";

 
		else
		{
			$url = "index.php";

		}

		}

		redirect($url, $lang->redirect_forumsubscriptionadded);
	}
	else
	{
		$thread  = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread || $thread['visible'] == -1)

 
		redirect($url, $lang->redirect_forumsubscriptionadded);
	}
	else
	{
		$thread  = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread || $thread['visible'] == -1)

		{
			error($lang->error_invalidthread);

		{
			error($lang->error_invalidthread);

		}

 
		}





		// Is the currently logged in user a moderator of this forum?
		$ismod = is_moderator($thread['fid']);

		// Make sure we are looking at a real thread here.
		if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))

 
		// Is the currently logged in user a moderator of this forum?
		$ismod = is_moderator($thread['fid']);

		// Make sure we are looking at a real thread here.
		if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))

		{

		{

			error($lang->error_invalidthread);
		}


			error($lang->error_invalidthread);
		}


Zeile 2066Zeile 2102
		if($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0)
		{
			$notification_none_checked = "checked=\"checked\"";

 
		if($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0)
		{
			$notification_none_checked = "checked=\"checked\"";

		}

		}

		elseif($mybb->user['subscriptionmethod'] == 2)

 
		elseif($mybb->user['subscriptionmethod'] == 2)

		{

		{

			$notification_email_checked = "checked=\"checked\"";

 
			$notification_email_checked = "checked=\"checked\"";

		}

		}

		elseif($mybb->user['subscriptionmethod'] == 3)
		{
			$notification_pm_checked = "checked=\"checked\"";

 
		elseif($mybb->user['subscriptionmethod'] == 3)
		{
			$notification_pm_checked = "checked=\"checked\"";

		}


		}


		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_addsubscription_thread");

 
		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_addsubscription_thread");





		eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";");
		output_page($add_subscription);
		exit;
	}
}

 
		eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";");
		output_page($add_subscription);
		exit;
	}
}







































































if($mybb->input['action'] == "removesubscription" && ($mybb->request_method == "post" || verify_post_check($mybb->get_input('my_post_key'), true)))
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	if($mybb->get_input('type') == "forum")
	{
		$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
		if(!$forum)
		{
			error($lang->error_invalidforum);
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($forum['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_forum");

		remove_subscribed_forum($forum['fid']);
		if($server_http_referer && $mybb->request_method != 'post')
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=forumsubscriptions";
		}
		redirect($url, $lang->redirect_forumsubscriptionremoved);
	}
	else
	{
		$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread)
		{
			error($lang->error_invalidthread);
		}

		// Is the currently logged in user a moderator of this forum?
		$ismod = is_moderator($thread['fid']);

		// Make sure we are looking at a real thread here.
		if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
		{
			error($lang->error_invalidthread);
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($thread['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_thread");

		remove_subscribed_thread($thread['tid']);
		if($server_http_referer && $mybb->request_method != 'post')
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=subscriptions";
		}
		redirect($url, $lang->redirect_subscriptionremoved);
	}
}

// Show remove subscription form when GET method and without valid my_post_key

if($mybb->input['action'] == "removesubscription")
{

 
if($mybb->input['action'] == "removesubscription")
{

	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


	$referrer = '';



	if($mybb->get_input('type') == "forum")
	{
		$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
		if(!$forum)
		{
			error($lang->error_invalidforum);

 
	if($mybb->get_input('type') == "forum")
	{
		$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
		if(!$forum)
		{
			error($lang->error_invalidforum);

		}

		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($forum['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_forum");

		remove_subscribed_forum($forum['fid']);
		if($server_http_referer && $mybb->request_method != 'post')

		}

		add_breadcrumb($lang->nav_forumsubscriptions, "usercp.php?action=forumsubscriptions");
		add_breadcrumb($lang->nav_removesubscription);

		$forumpermissions = forum_permissions($forum['fid']);
		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)




		{

 
		{

			$url = $server_http_referer;

			error_no_permission();

		}

 
		}

		else
		{
			$url = "usercp.php?action=forumsubscriptions";
		}
		redirect($url, $lang->redirect_forumsubscriptionremoved);









		// check if the forum requires a password to view. If so, we need to show a form to the user
		check_forum_password($forum['fid']);

		$lang->unsubscribe_from_forum = $lang->sprintf($lang->unsubscribe_from_forum, $forum['name']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_display_forum");

		eval("\$remove_forum_subscription = \"".$templates->get("usercp_removesubscription_forum")."\";");
		output_page($remove_forum_subscription);
		exit;

	}
	else
	{

 
	}
	else
	{

		$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread)

		$thread  = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
		if(!$thread || $thread['visible'] == -1)

		{
			error($lang->error_invalidthread);
		}

		// Is the currently logged in user a moderator of this forum?

 
		{
			error($lang->error_invalidthread);
		}

		// Is the currently logged in user a moderator of this forum?

		$ismod = is_moderator($thread['fid']);


		$ismod = is_moderator($thread['fid']);


		// Make sure we are looking at a real thread here.
		if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))

 
		// Make sure we are looking at a real thread here.
		if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))

		{

		{

			error($lang->error_invalidthread);

 
			error($lang->error_invalidthread);

 
		}

		add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions");
		add_breadcrumb($lang->nav_removesubscription);

		$forumpermissions = forum_permissions($thread['fid']);
		if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
		{
			error_no_permission();

		}

		// check if the forum requires a password to view. If so, we need to show a form to the user

 
		}

		// check if the forum requires a password to view. If so, we need to show a form to the user

		check_forum_password($thread['fid']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_thread");

		remove_subscribed_thread($thread['tid']);
		if($server_http_referer && $mybb->request_method != 'post')
		{
			$url = $server_http_referer;
		}
		else
		{
			$url = "usercp.php?action=subscriptions";
		}
		redirect($url, $lang->redirect_subscriptionremoved);
	}

		check_forum_password($thread['fid']);

		require_once MYBB_ROOT."inc/class_parser.php";
		$parser = new postParser;
		$thread['subject'] = $parser->parse_badwords($thread['subject']);
		$thread['subject'] = htmlspecialchars_uni($thread['subject']);
		$lang->unsubscribe_from_thread = $lang->sprintf($lang->unsubscribe_from_thread, $thread['subject']);

		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscription_display_thread");

		eval("\$remove_thread_subscription = \"".$templates->get("usercp_removesubscription_thread")."\";");
		output_page($remove_thread_subscription);
		exit;
	}


}

if($mybb->input['action'] == "removesubscriptions")

}

if($mybb->input['action'] == "removesubscriptions")

Zeile 2162Zeile 2275
		$plugins->run_hooks("usercp2_removesubscriptions_forum");

		$db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");

 
		$plugins->run_hooks("usercp2_removesubscriptions_forum");

		$db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");

		if($server_http_referer)
		{
			$url = $server_http_referer;
		}

		if($server_http_referer)
		{
			$url = $server_http_referer;
		}

		else
		{
			$url = "usercp.php?action=forumsubscriptions";
		}
		redirect($url, $lang->redirect_forumsubscriptionsremoved);

 
		else
		{
			$url = "usercp.php?action=forumsubscriptions";
		}
		redirect($url, $lang->redirect_forumsubscriptionsremoved);

	}
	else

	}
	else

	{
		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscriptions_thread");

	{
		// Naming of the hook retained for backward compatibility while dropping usercp2.php
		$plugins->run_hooks("usercp2_removesubscriptions_thread");

Zeile 2194Zeile 2307
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


	$plugins->run_hooks("usercp_do_editsig_start");






	// User currently has a suspended signature
	if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW)
	{
		error_no_permission();
	}

 
	// User currently has a suspended signature
	if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW)
	{
		error_no_permission();
	}

 

	$plugins->run_hooks("usercp_do_editsig_start");


	if($mybb->get_input('updateposts') == "enable")

 

	if($mybb->get_input('updateposts') == "enable")

	{

	{

		$update_signature = array(
			"includesig" => 1
		);

		$update_signature = array(
			"includesig" => 1
		);

Zeile 2299Zeile 2412
	else
	{
		// User is allowed to edit their signature

 
	else
	{
		// User is allowed to edit their signature

 
		$smilieinserter = '';

		if($mybb->settings['sigsmilies'] == 1)
		{
			$sigsmilies = $lang->on;

		if($mybb->settings['sigsmilies'] == 1)
		{
			$sigsmilies = $lang->on;

Zeile 2332Zeile 2446
		{
			$sigimgcode = $lang->off;
		}

 
		{
			$sigimgcode = $lang->off;
		}

 

		if($mybb->settings['siglength'] == 0)
		{
			$siglength = $lang->unlimited;
		}
		else
		{
			$siglength = $mybb->settings['siglength'];
		}


		$sig = htmlspecialchars_uni($sig);

 
		$sig = htmlspecialchars_uni($sig);

		$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);

		$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $siglength);



 


		if($mybb->settings['bbcodeinserter'] != 0 || $mybb->user['showcodebuttons'] != 0)

		if($mybb->settings['sigmycode'] != 0 && $mybb->settings['bbcodeinserter'] != 0 && $mybb->user['showcodebuttons'] != 0)

		{
			$codebuttons = build_mycode_inserter("signature");

 
		{
			$codebuttons = build_mycode_inserter("signature");

		}


		}


		$plugins->run_hooks("usercp_editsig_end");

		eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");

		$plugins->run_hooks("usercp_editsig_end");

		eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");

Zeile 2352Zeile 2476
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

 
{
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));





	$plugins->run_hooks("usercp_do_avatar_start");
	require_once MYBB_ROOT."inc/functions_upload.php";

 
	$plugins->run_hooks("usercp_do_avatar_start");
	require_once MYBB_ROOT."inc/functions_upload.php";





	$avatar_error = "";

	if(!empty($mybb->input['remove'])) // remove avatar

 
	$avatar_error = "";

	if(!empty($mybb->input['remove'])) // remove avatar

	{

	{

		$updated_avatar = array(
			"avatar" => "",
			"avatardimensions" => "",

		$updated_avatar = array(
			"avatar" => "",
			"avatardimensions" => "",

Zeile 2371Zeile 2495
	elseif($_FILES['avatarupload']['name']) // upload avatar
	{
		if($mybb->usergroup['canuploadavatars'] == 0)

 
	elseif($_FILES['avatarupload']['name']) // upload avatar
	{
		if($mybb->usergroup['canuploadavatars'] == 0)

		{

		{

			error_no_permission();
		}
		$avatar = upload_avatar();

 
			error_no_permission();
		}
		$avatar = upload_avatar();

		if($avatar['error'])

		if(!empty($avatar['error']))

		{
			$avatar_error = $avatar['error'];
		}

		{
			$avatar_error = $avatar['error'];
		}

Zeile 2392Zeile 2516
			);
			$db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'");
		}

 
			);
			$db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'");
		}

 
	}
	elseif(!$mybb->settings['allowremoteavatars'] && !$_FILES['avatarupload']['name']) // missing avatar image
	{
		$avatar_error = $lang->error_avatarimagemissing;

	}
	elseif($mybb->settings['allowremoteavatars']) // remote avatar
	{

	}
	elseif($mybb->settings['allowremoteavatars']) // remote avatar
	{

Zeile 2476Zeile 2604
						$avatar_error = $lang->error_avatartoobig;
					}
				}

 
						$avatar_error = $lang->error_avatartoobig;
					}
				}

 
			}

			// Limiting URL string to stay within database limit
			if(strlen($mybb->input['avatarurl']) > 200)
			{
				$avatar_error = $lang->error_avatarurltoolong;

			}

			if(empty($avatar_error))

			}

			if(empty($avatar_error))

Zeile 2493Zeile 2627
				remove_avatars($mybb->user['uid']);
			}
		}

 
				remove_avatars($mybb->user['uid']);
			}
		}

	}

	}

	else // remote avatar, but remote avatars are not allowed
	{
		$avatar_error = $lang->error_remote_avatar_not_allowed;

	else // remote avatar, but remote avatars are not allowed
	{
		$avatar_error = $lang->error_remote_avatar_not_allowed;

Zeile 2525Zeile 2659
	{
		$avatarmsg = "<br /><strong>".$lang->using_remote_avatar."</strong>";
		$avatarurl = htmlspecialchars_uni($mybb->user['avatar']);

 
	{
		$avatarmsg = "<br /><strong>".$lang->using_remote_avatar."</strong>";
		$avatarurl = htmlspecialchars_uni($mybb->user['avatar']);

	}

	}


	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
	eval("\$currentavatar = \"".$templates->get("usercp_avatar_current")."\";");


	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
	eval("\$currentavatar = \"".$templates->get("usercp_avatar_current")."\";");

Zeile 2540Zeile 2674
	{
		$maxsize = get_friendly_size($mybb->settings['avatarsize']*1024);
		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);

 
	{
		$maxsize = get_friendly_size($mybb->settings['avatarsize']*1024);
		$lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);

	}


	}


	$plugins->run_hooks("usercp_avatar_intermediate");

	$auto_resize = '';
	if($mybb->settings['avatarresizing'] == "auto")
	{
		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");

 
	$plugins->run_hooks("usercp_avatar_intermediate");

	$auto_resize = '';
	if($mybb->settings['avatarresizing'] == "auto")
	{
		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";");

	}

	}

	elseif($mybb->settings['avatarresizing'] == "user")

 
	elseif($mybb->settings['avatarresizing'] == "user")

	{

	{

		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
	}

	$avatarupload = '';
	if($mybb->usergroup['canuploadavatars'] == 1)

 
		eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
	}

	$avatarupload = '';
	if($mybb->usergroup['canuploadavatars'] == 1)

	{

	{

		eval("\$avatarupload = \"".$templates->get("usercp_avatar_upload")."\";");

 
		eval("\$avatarupload = \"".$templates->get("usercp_avatar_upload")."\";");

	}

	}


	$avatar_remote = '';
	if($mybb->settings['allowremoteavatars'] == 1)
	{
		eval("\$avatar_remote = \"".$templates->get("usercp_avatar_remote")."\";");

 

	$avatar_remote = '';
	if($mybb->settings['allowremoteavatars'] == 1)
	{
		eval("\$avatar_remote = \"".$templates->get("usercp_avatar_remote")."\";");

	}


	}


	$removeavatar = '';
	if(!empty($mybb->user['avatar']))
	{
		eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";");

 
	$removeavatar = '';
	if(!empty($mybb->user['avatar']))
	{
		eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";");

	}

	$plugins->run_hooks("usercp_avatar_end");

	}

	$plugins->run_hooks("usercp_avatar_end");


	if(!isset($avatar_error))
	{


	if(!isset($avatar_error))
	{

Zeile 2605Zeile 2739
		if($user['buddylist'] != '')
		{
			$user['buddylist'] = explode(',', $user['buddylist']);

 
		if($user['buddylist'] != '')
		{
			$user['buddylist'] = explode(',', $user['buddylist']);

		}
		else

		}
		else

		{
			$user['buddylist'] = array();
		}

 
		{
			$user['buddylist'] = array();
		}





		$user['buddylist'][] = (int)$mybb->user['uid'];

		// Now we have the new list, so throw it all back together
		$new_list = implode(",", $user['buddylist']);

 
		$user['buddylist'][] = (int)$mybb->user['uid'];

		// Now we have the new list, so throw it all back together
		$new_list = implode(",", $user['buddylist']);


		// And clean it up a little to ensure there is no possibility of bad values
		$new_list = preg_replace("#,{2,}#", ",", $new_list);
		$new_list = preg_replace("#[^0-9,]#", "", $new_list);

		if(my_substr($new_list, 0, 1) == ",")
		{
			$new_list = my_substr($new_list, 1);
		}


		// And clean it up a little to ensure there is no possibility of bad values
		$new_list = preg_replace("#,{2,}#", ",", $new_list);
		$new_list = preg_replace("#[^0-9,]#", "", $new_list);

		if(my_substr($new_list, 0, 1) == ",")
		{
			$new_list = my_substr($new_list, 1);
		}

		if(my_substr($new_list, -1) == ",")
		{
			$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
		}

 
		if(my_substr($new_list, -1) == ",")
		{
			$new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
		}





		$user['buddylist'] = $db->escape_string($new_list);

		$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");


 
		$user['buddylist'] = $db->escape_string($new_list);

		$db->update_query("users", array('buddylist' => $user['buddylist']), "uid='".(int)$user['uid']."'");






		// We want to add the user to our buddy list
		if($mybb->user['buddylist'] != '')
		{
			$mybb->user['buddylist'] = explode(',', $mybb->user['buddylist']);
		}
		else

 
		// We want to add the user to our buddy list
		if($mybb->user['buddylist'] != '')
		{
			$mybb->user['buddylist'] = explode(',', $mybb->user['buddylist']);
		}
		else

		{

		{

			$mybb->user['buddylist'] = array();
		}

 
			$mybb->user['buddylist'] = array();
		}





		$mybb->user['buddylist'][] = (int)$request['uid'];

 
		$mybb->user['buddylist'][] = (int)$request['uid'];





		// Now we have the new list, so throw it all back together

 
		// Now we have the new list, so throw it all back together

		$new_list = implode(",", $mybb->user['buddylist']);


		$new_list = implode(",", $mybb->user['buddylist']);


		// And clean it up a little to ensure there is no possibility of bad values
		$new_list = preg_replace("#,{2,}#", ",", $new_list);
		$new_list = preg_replace("#[^0-9,]#", "", $new_list);

		// And clean it up a little to ensure there is no possibility of bad values
		$new_list = preg_replace("#,{2,}#", ",", $new_list);
		$new_list = preg_replace("#[^0-9,]#", "", $new_list);

Zeile 2673Zeile 2807
			'language' => $user['language'],
			'language_file' => 'usercp'
		);

 
			'language' => $user['language'],
			'language_file' => 'usercp'
		);





		send_pm($pm, $mybb->user['uid'], true);

 
		send_pm($pm, $mybb->user['uid'], true);


		$db->delete_query('buddyrequests', 'id='.(int)$request['id']);
	}
	else
	{
		error($lang->user_doesnt_exist);
	}


		$db->delete_query('buddyrequests', 'id='.(int)$request['id']);
	}
	else
	{
		error($lang->user_doesnt_exist);
	}


	$plugins->run_hooks("usercp_acceptrequest_end");

 

	$plugins->run_hooks("usercp_acceptrequest_end");





	redirect("usercp.php?action=editlists", $lang->buddyrequest_accepted);
}

elseif($mybb->input['action'] == "declinerequest")

 
	redirect("usercp.php?action=editlists", $lang->buddyrequest_accepted);
}

elseif($mybb->input['action'] == "declinerequest")

{

{

	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);

 
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);

	$request = $db->fetch_array($query);
	if(empty($request))
	{

	$request = $db->fetch_array($query);
	if(empty($request))
	{

		error($lang->invalid_request);
	}

 
		error($lang->invalid_request);
	}





	$plugins->run_hooks("usercp_declinerequest_start");

	$user = get_user($request['uid']);

 
	$plugins->run_hooks("usercp_declinerequest_start");

	$user = get_user($request['uid']);

	if(!empty($user))
	{

	if(!empty($user))
	{

		$db->delete_query('buddyrequests', 'id='.(int)$request['id']);

 
		$db->delete_query('buddyrequests', 'id='.(int)$request['id']);

	}

	}

	else
	{
		error($lang->user_doesnt_exist);

 
	else
	{
		error($lang->user_doesnt_exist);

	}

	$plugins->run_hooks("usercp_declinerequest_end");


	}

	$plugins->run_hooks("usercp_declinerequest_end");


	redirect("usercp.php?action=editlists", $lang->buddyrequest_declined);
}

elseif($mybb->input['action'] == "cancelrequest")
{
	// Verify incoming POST request

 
	redirect("usercp.php?action=editlists", $lang->buddyrequest_declined);
}

elseif($mybb->input['action'] == "cancelrequest")
{
	// Verify incoming POST request

	verify_post_check($mybb->get_input('my_post_key'));

	verify_post_check($mybb->get_input('my_post_key'));


	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND uid='.(int)$mybb->user['uid']);


	// Validate request
	$query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND uid='.(int)$mybb->user['uid']);

Zeile 2738Zeile 2872
	$plugins->run_hooks("usercp_cancelrequest_end");

	redirect("usercp.php?action=editlists", $lang->buddyrequest_cancelled);

 
	$plugins->run_hooks("usercp_cancelrequest_end");

	redirect("usercp.php?action=editlists", $lang->buddyrequest_cancelled);

}


}


if($mybb->input['action'] == "do_editlists")
{
	// Verify incoming POST request

if($mybb->input['action'] == "do_editlists")
{
	// Verify incoming POST request

Zeile 2870Zeile 3004
					if($mybb->get_input('manage') != "ignored")
					{
						$error_message = $lang->users_already_sent_request;

 
					if($mybb->get_input('manage') != "ignored")
					{
						$error_message = $lang->users_already_sent_request;

					}
					elseif($mybb->get_input('manage') == "ignored")
					{

					}
					elseif($mybb->get_input('manage') == "ignored")
					{

						$error_message = $lang->users_already_sent_request_alt;
					}

 
						$error_message = $lang->users_already_sent_request_alt;
					}





					array_pop($users); // To maintain a proper count when we call count($users)
					continue;
				}

				if(isset($requests_rec[$user['uid']]))

 
					array_pop($users); // To maintain a proper count when we call count($users)
					continue;
				}

				if(isset($requests_rec[$user['uid']]))

				{

				{

					if($mybb->get_input('manage') != "ignored")
					{
						$error_message = $lang->users_already_rec_request;

					if($mybb->get_input('manage') != "ignored")
					{
						$error_message = $lang->users_already_rec_request;

Zeile 2897Zeile 3031

				// Do we have auto approval set to On?
				if($user['buddyrequestsauto'] == 1 && $mybb->get_input('manage') != "ignored")

 

				// Do we have auto approval set to On?
				if($user['buddyrequestsauto'] == 1 && $mybb->get_input('manage') != "ignored")

				{
					$existing_users[] = $user['uid'];

				{
					$existing_users[] = $user['uid'];


					$pm = array(
						'subject' => 'buddyrequest_new_buddy',
						'message' => 'buddyrequest_new_buddy_message',

 

					$pm = array(
						'subject' => 'buddyrequest_new_buddy',
						'message' => 'buddyrequest_new_buddy_message',

						'touid' => $user['uid'],
						'receivepms' => (int)$user['buddyrequestspm'],
						'language' => $user['language'],
						'language_file' => 'usercp'

						'touid' => $user['uid'],
						'receivepms' => (int)$user['buddyrequestspm'],
						'language' => $user['language'],
						'language_file' => 'usercp'

					);

					send_pm($pm);

					);

					send_pm($pm);

Zeile 2939Zeile 3073
		if($found_users < count($users))
		{
			if($error_message)

 
		if($found_users < count($users))
		{
			if($error_message)

			{

			{

				$error_message .= "<br />";
			}


				$error_message .= "<br />";
			}


Zeile 3071Zeile 3205
	$db->update_query("users", $user, "uid='".$mybb->user['uid']."'");

	$plugins->run_hooks("usercp_do_editlists_end");

 
	$db->update_query("users", $user, "uid='".$mybb->user['uid']."'");

	$plugins->run_hooks("usercp_do_editlists_end");





	// Ajax based request, throw new list to browser
	if(!empty($mybb->input['ajax']))
	{

	// Ajax based request, throw new list to browser
	if(!empty($mybb->input['ajax']))
	{

Zeile 3082Zeile 3216
		else
		{
			$list = "buddy";

 
		else
		{
			$list = "buddy";

		}


		}


		$message_js = '';
		if($message)
		{

		$message_js = '';
		if($message)
		{

Zeile 3091Zeile 3225
		}

		if($error_message)

 
		}

		if($error_message)

		{

		{

			$message_js .= " $.jGrowl('{$error_message}', {theme:'jgrowl_error'});";
		}


			$message_js .= " $.jGrowl('{$error_message}', {theme:'jgrowl_error'});";
		}


Zeile 3103Zeile 3237
			{
				echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";
				echo "\$(\"#buddylink\").remove();\n";

 
			{
				echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n";
				echo "\$(\"#buddylink\").remove();\n";

				



				if($mybb->get_input('manage') == "ignored")
				{
					echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";

				if($mybb->get_input('manage') == "ignored")
				{
					echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";

Zeile 3205Zeile 3339
		{
			echo $ignore_list;
			echo "<script type=\"text/javascript\"> $(\"#ignored_count\").html(\"{$ignore_count}\"); {$message_js}</script>";

 
		{
			echo $ignore_list;
			echo "<script type=\"text/javascript\"> $(\"#ignored_count\").html(\"{$ignore_count}\"); {$message_js}</script>";

		}

		}

		else
		{
			if(isset($sent) && $sent === true)

		else
		{
			if(isset($sent) && $sent === true)

Zeile 3232Zeile 3366

				eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");


 

				eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");


				echo $sentrequests;

 
				echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>";
			}
			else

				echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>";
			}
			else

Zeile 3242Zeile 3375
			}
		}
		exit;

 
			}
		}
		exit;

	}

	$received_rows = '';
	$query = $db->query("
		SELECT r.*, u.username

	}

	$received_rows = $bgcolor = '';
	$query = $db->query("
		SELECT r.*, u.username

		FROM ".TABLE_PREFIX."buddyrequests r
		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.uid)
		WHERE r.touid=".(int)$mybb->user['uid']);

		FROM ".TABLE_PREFIX."buddyrequests r
		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.uid)
		WHERE r.touid=".(int)$mybb->user['uid']);

Zeile 3266Zeile 3399

	eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");


 

	eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");


	$sent_rows = '';

	$sent_rows = $bgcolor = '';

	$query = $db->query("
		SELECT r.*, u.username
		FROM ".TABLE_PREFIX."buddyrequests r
		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.touid)
		WHERE r.uid=".(int)$mybb->user['uid']);

 
	$query = $db->query("
		SELECT r.*, u.username
		FROM ".TABLE_PREFIX."buddyrequests r
		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=r.touid)
		WHERE r.uid=".(int)$mybb->user['uid']);


	while($request = $db->fetch_array($query))
	{


	while($request = $db->fetch_array($query))
	{

		$bgcolor = alt_trow();
		$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);
		$request['date'] = my_date('relative', $request['date']);

		$bgcolor = alt_trow();
		$request['username'] = build_profile_link(htmlspecialchars_uni($request['username']), (int)$request['touid']);
		$request['date'] = my_date('relative', $request['date']);

Zeile 3300Zeile 3433

	$query = $db->simple_select("posts", "COUNT(pid) AS draftcount", "visible='-2' AND uid='{$mybb->user['uid']}'");
	$draftcount = $db->fetch_field($query, 'draftcount');

 

	$query = $db->simple_select("posts", "COUNT(pid) AS draftcount", "visible='-2' AND uid='{$mybb->user['uid']}'");
	$draftcount = $db->fetch_field($query, 'draftcount');





	$drafts = $disable_delete_drafts = '';
	$lang->drafts_count = $lang->sprintf($lang->drafts_count, my_number_format($draftcount));


	$drafts = $disable_delete_drafts = '';
	$lang->drafts_count = $lang->sprintf($lang->drafts_count, my_number_format($draftcount));


Zeile 3313Zeile 3446
			LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
			LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid)
			WHERE p.uid = '{$mybb->user['uid']}' AND p.visible = '-2'

 
			LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
			LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid)
			WHERE p.uid = '{$mybb->user['uid']}' AND p.visible = '-2'

			ORDER BY p.dateline DESC

			ORDER BY p.dateline DESC, p.pid DESC

		");

		while($draft = $db->fetch_array($query))

		");

		while($draft = $db->fetch_array($query))

Zeile 3342Zeile 3475
			$draft['subject'] = htmlspecialchars_uni($draft['subject']);
			$savedate = my_date('relative', $draft['dateline']);
			eval("\$drafts .= \"".$templates->get("usercp_drafts_draft")."\";");

 
			$draft['subject'] = htmlspecialchars_uni($draft['subject']);
			$savedate = my_date('relative', $draft['dateline']);
			eval("\$drafts .= \"".$templates->get("usercp_drafts_draft")."\";");

		}
	}

		}
	}

	else
	{
		$disable_delete_drafts = 'disabled="disabled"';
		eval("\$drafts = \"".$templates->get("usercp_drafts_none")."\";");

 
	else
	{
		$disable_delete_drafts = 'disabled="disabled"';
		eval("\$drafts = \"".$templates->get("usercp_drafts_none")."\";");

	}

	$plugins->run_hooks("usercp_drafts_end");


	}

	$plugins->run_hooks("usercp_drafts_end");


	eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";");
	output_page($draftlist);
}

	eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";");
	output_page($draftlist);
}

Zeile 3361Zeile 3494
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


 
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


	$plugins->run_hooks("usercp_do_drafts_start");

 
	$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY);
	if(empty($mybb->input['deletedraft']))
	{
		error($lang->no_drafts_selected);
	}

 
	$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY);
	if(empty($mybb->input['deletedraft']))
	{
		error($lang->no_drafts_selected);
	}

 

	$plugins->run_hooks("usercp_do_drafts_start");


	$pidin = array();
	$tidin = array();

 
	$pidin = array();
	$tidin = array();

 


	foreach($mybb->input['deletedraft'] as $id => $val)
	{
		if($val == "post")

	foreach($mybb->input['deletedraft'] as $id => $val)
	{
		if($val == "post")

Zeile 3385Zeile 3521
		$tidin = implode(",", $tidin);
		$db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'");
		$tidinp = "OR tid IN ($tidin)";

 
		$tidin = implode(",", $tidin);
		$db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'");
		$tidinp = "OR tid IN ($tidin)";

 
	}
	else
	{
		$tidinp = '';

	}
	if($pidin || $tidinp)
	{

	}
	if($pidin || $tidinp)
	{

Zeile 3406Zeile 3546

if($mybb->input['action'] == "usergroups")
{

 

if($mybb->input['action'] == "usergroups")
{

	$plugins->run_hooks("usercp_usergroups_start");

 
	$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].",";

 
	$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].",";





	$usergroups = $mybb->cache->read('usergroups');

 
	$usergroups = $mybb->cache->read('usergroups');

 

	$plugins->run_hooks("usercp_usergroups_start");


	// Changing our display group
	if($mybb->get_input('displaygroup', MyBB::INPUT_INT))


	// Changing our display group
	if($mybb->get_input('displaygroup', MyBB::INPUT_INT))

Zeile 3438Zeile 3579
	if($mybb->get_input('leavegroup', MyBB::INPUT_INT))
	{
		// Verify incoming POST request

 
	if($mybb->get_input('leavegroup', MyBB::INPUT_INT))
	{
		// Verify incoming POST request

		verify_post_check($mybb->input['my_post_key']);

		verify_post_check($mybb->get_input('my_post_key'));


		if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false)
		{
			error($lang->not_member_of_group);

 

		if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false)
		{
			error($lang->not_member_of_group);

		}

		}

		if($mybb->user['usergroup'] == $mybb->get_input('leavegroup', MyBB::INPUT_INT))
		{
			error($lang->cannot_leave_primary_group);

		if($mybb->user['usergroup'] == $mybb->get_input('leavegroup', MyBB::INPUT_INT))
		{
			error($lang->cannot_leave_primary_group);

Zeile 3458Zeile 3599
		$plugins->run_hooks("usercp_usergroups_leave_group");
		redirect("usercp.php?action=usergroups", $lang->left_group);
		exit;

 
		$plugins->run_hooks("usercp_usergroups_leave_group");
		redirect("usercp.php?action=usergroups", $lang->left_group);
		exit;

	}

	$groupleaders = array();

	}

	$groupleaders = array();


	// List of usergroup leaders
	$query = $db->query("


	// List of usergroup leaders
	$query = $db->query("

Zeile 3476Zeile 3617

	// Joining a group
	if($mybb->get_input('joingroup', MyBB::INPUT_INT))

 

	// Joining a group
	if($mybb->get_input('joingroup', MyBB::INPUT_INT))

	{

	{

		// Verify incoming POST request
		verify_post_check($mybb->get_input('my_post_key'));


		// Verify incoming POST request
		verify_post_check($mybb->get_input('my_post_key'));


Zeile 3488Zeile 3629
		}

		if(($usergroup['type'] != 4 && $usergroup['type'] != 3) || !$usergroup['gid'])

 
		}

		if(($usergroup['type'] != 4 && $usergroup['type'] != 3) || !$usergroup['gid'])

		{

		{

			error($lang->cannot_join_group);
		}

		if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false)
		{
			error($lang->already_member_of_group);

 
			error($lang->cannot_join_group);
		}

		if(my_strpos($ingroups, ",".$mybb->get_input('joingroup', MyBB::INPUT_INT).",") !== false)
		{
			error($lang->already_member_of_group);

		}


		}


		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");
		$joinrequest = $db->fetch_array($query);

 
		$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'");
		$joinrequest = $db->fetch_array($query);


		if($joinrequest['rid'])


		if(!empty($joinrequest['rid']))

		{
			error($lang->already_sent_join_request);
		}

 
		{
			error($lang->already_sent_join_request);
		}





		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
		{
			$reasonlength = my_strlen($mybb->get_input('reason'));

 
		if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4)
		{
			$reasonlength = my_strlen($mybb->get_input('reason'));

			



			if($reasonlength > 250) // Reason field is varchar(250) in database
			{
				error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250)));

			if($reasonlength > 250) // Reason field is varchar(250) in database
			{
				error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250)));

Zeile 3647Zeile 3788
	$usergroup = $usergroups[$mybb->user['usergroup']];
	$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);
	$usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);

 
	$usergroup = $usergroups[$mybb->user['usergroup']];
	$usergroup['title'] = htmlspecialchars_uni($usergroup['title']);
	$usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);

	$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);





	if($usergroup['description'])
	{
		$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);
		eval("\$description = \"".$templates->get("usercp_usergroups_memberof_usergroup_description")."\";");
	}

	eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";");
	$trow = alt_trow();
	if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])

	eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";");
	$trow = alt_trow();
	if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])

Zeile 3655Zeile 3800
		eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";");
	}
	elseif($usergroup['candisplaygroup'] == 1)

 
		eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";");
	}
	elseif($usergroup['candisplaygroup'] == 1)

	{

	{

		eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");

 
		eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");

	}

	}

	else

 
	else

	{

	{

		$displaycode = '';
	}


		$displaycode = '';
	}


Zeile 3667Zeile 3812
	$showmemberof = false;
	if($mybb->user['additionalgroups'])
	{

 
	$showmemberof = false;
	if($mybb->user['additionalgroups'])
	{

		$query = $db->simple_select("usergroups", "*", "gid IN (".$mybb->user['additionalgroups'].") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title'));








		$additionalgroups = implode(
			',',
			array_map(
				'intval',
				explode(',', $mybb->user['additionalgroups'])
			)
		);
		$query = $db->simple_select("usergroups", "*", "gid IN (".$additionalgroups.") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title'));

		while($usergroup = $db->fetch_array($query))
		{
			$showmemberof = true;

		while($usergroup = $db->fetch_array($query))
		{
			$showmemberof = true;

Zeile 3722Zeile 3874
	$existinggroups = $mybb->user['usergroup'];
	if($mybb->user['additionalgroups'])
	{

 
	$existinggroups = $mybb->user['usergroup'];
	if($mybb->user['additionalgroups'])
	{

		$existinggroups .= ",".$mybb->user['additionalgroups'];








		$additionalgroups = implode(
			',',
			array_map(
				'intval',
				explode(',', $mybb->user['additionalgroups'])
			)
		);
		$existinggroups .= ",".$additionalgroups;

	}

 
	}





	$joinablegroups = $joinablegrouplist = '';
	$query = $db->simple_select("usergroups", "*", "(type='3' OR type='4' OR type='5') AND gid NOT IN ($existinggroups)", array('order_by' => 'title'));
	while($usergroup = $db->fetch_array($query))

	$joinablegroups = $joinablegrouplist = '';
	$query = $db->simple_select("usergroups", "*", "(type='3' OR type='4' OR type='5') AND gid NOT IN ($existinggroups)", array('order_by' => 'title'));
	while($usergroup = $db->fetch_array($query))

Zeile 3737Zeile 3896
		{
			$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);
			eval("\$description = \"".$templates->get("usercp_usergroups_joinable_usergroup_description")."\";");

 
		{
			$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);
			eval("\$description = \"".$templates->get("usercp_usergroups_joinable_usergroup_description")."\";");

		}

		}


		// Moderating join requests?
		if($usergroup['type'] == 4)
		{
			$conditions = $lang->usergroup_joins_moderated;
		}

 

		// Moderating join requests?
		if($usergroup['type'] == 4)
		{
			$conditions = $lang->usergroup_joins_moderated;
		}

		elseif($usergroup['type'] == 5)
		{
			$conditions = $lang->usergroup_joins_invite;
		}

		elseif($usergroup['type'] == 5)
		{
			$conditions = $lang->usergroup_joins_invite;
		}

		else
		{
			$conditions = $lang->usergroup_joins_anyone;
		}

		if(isset($appliedjoin[$usergroup['gid']]) && $usergroup['type'] != 5)

 
		else
		{
			$conditions = $lang->usergroup_joins_anyone;
		}

		if(isset($appliedjoin[$usergroup['gid']]) && $usergroup['type'] != 5)

		{

		{

			$applydate = my_date('relative', $appliedjoin[$usergroup['gid']]);
			$joinlink = $lang->sprintf($lang->join_group_applied, $applydate);
		}

			$applydate = my_date('relative', $appliedjoin[$usergroup['gid']]);
			$joinlink = $lang->sprintf($lang->join_group_applied, $applydate);
		}

Zeile 3769Zeile 3928
		else
		{
			eval("\$joinlink = \"".$templates->get("usercp_usergroups_joinable_usergroup_join")."\";");

 
		else
		{
			eval("\$joinlink = \"".$templates->get("usercp_usergroups_joinable_usergroup_join")."\";");

		}


		}


		$usergroupleaders = '';
		if(!empty($groupleaders[$usergroup['gid']]))
		{

		$usergroupleaders = '';
		if(!empty($groupleaders[$usergroup['gid']]))
		{

Zeile 3795Zeile 3954
	{
		eval("\$joinablegroups = \"".$templates->get("usercp_usergroups_joinable")."\";");
	}

 
	{
		eval("\$joinablegroups = \"".$templates->get("usercp_usergroups_joinable")."\";");
	}





	$plugins->run_hooks("usercp_usergroups_end");

	eval("\$groupmemberships = \"".$templates->get("usercp_usergroups")."\";");

	$plugins->run_hooks("usercp_usergroups_end");

	eval("\$groupmemberships = \"".$templates->get("usercp_usergroups")."\";");

Zeile 3804Zeile 3963

if($mybb->input['action'] == "attachments")
{

 

if($mybb->input['action'] == "attachments")
{

	$plugins->run_hooks("usercp_attachments_start");

 
	require_once MYBB_ROOT."inc/functions_upload.php";

 
	require_once MYBB_ROOT."inc/functions_upload.php";





	if($mybb->settings['enableattachments'] == 0)
	{
		error($lang->attachments_disabled);

 
	if($mybb->settings['enableattachments'] == 0)
	{
		error($lang->attachments_disabled);

	}




	}

	$plugins->run_hooks("usercp_attachments_start");


	// Get unviewable forums
	$f_perm_sql = '';
	$unviewable_forums = get_unviewable_forums(true);

	// Get unviewable forums
	$f_perm_sql = '';
	$unviewable_forums = get_unviewable_forums(true);

Zeile 3823Zeile 3983
	if($inactiveforums)
	{
		$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";

 
	if($inactiveforums)
	{
		$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";

	}


	}


	$attachments = '';

 
	$attachments = '';


	$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'");
	$usage = $db->fetch_array($query);
	$totalattachments = $usage['acount'];

 

	// Pagination
	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
	{
		$mybb->settings['threadsperpage'] = 20;

 

	// Pagination
	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
	{
		$mybb->settings['threadsperpage'] = 20;

	}


	}


	$perpage = $mybb->settings['threadsperpage'];
	$page = $mybb->get_input('page', MyBB::INPUT_INT);

	if($page > 0)
	{
		$start = ($page-1) * $perpage;

 
	$perpage = $mybb->settings['threadsperpage'];
	$page = $mybb->get_input('page', MyBB::INPUT_INT);

	if($page > 0)
	{
		$start = ($page-1) * $perpage;

		$pages = ceil($totalattachments / $perpage);
		if($page > $pages)
		{
			$start = 0;
			$page = 1;
		}

 
	}
	else
	{

	}
	else
	{

Zeile 3858Zeile 4008

	$end = $start + $perpage;
	$lower = $start+1;

 

	$end = $start + $perpage;
	$lower = $start+1;





	$query = $db->query("
		SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubject
		FROM ".TABLE_PREFIX."attachments a
		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
		WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}

 
	$query = $db->query("
		SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubject
		FROM ".TABLE_PREFIX."attachments a
		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
		LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
		WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}

		ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}

		ORDER BY p.dateline DESC, p.pid DESC LIMIT {$start}, {$perpage}

	");

 
	");


	$bandwidth = $totaldownloads = 0;


	$bandwidth = $totaldownloads = $totalusage = $totalattachments = $processedattachments = 0;

	while($attachment = $db->fetch_array($query))
	{
		if($attachment['dateline'] && $attachment['tid'])

	while($attachment = $db->fetch_array($query))
	{
		if($attachment['dateline'] && $attachment['tid'])

Zeile 3885Zeile 4035
			$sizedownloads = $lang->sprintf($lang->attachment_size_downloads, $size, $attachment['downloads']);
			$attachdate = my_date('relative', $attachment['dateline']);
			$altbg = alt_trow();

 
			$sizedownloads = $lang->sprintf($lang->attachment_size_downloads, $size, $attachment['downloads']);
			$attachdate = my_date('relative', $attachment['dateline']);
			$altbg = alt_trow();





			eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";");

			// Add to bandwidth total
			$bandwidth += ($attachment['filesize'] * $attachment['downloads']);
			$totaldownloads += $attachment['downloads'];

 
			eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";");

			// Add to bandwidth total
			$bandwidth += ($attachment['filesize'] * $attachment['downloads']);
			$totaldownloads += $attachment['downloads'];

 
			$totalusage += $attachment['filesize'];
			++$totalattachments;

		}
		else
		{
			// This little thing delets attachments without a thread/post
			remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']);
		}

 
		}
		else
		{
			// This little thing delets attachments without a thread/post
			remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']);
		}

 
		++$processedattachments;
	}

	$multipage = '';
	if($processedattachments >= $perpage || $page > 1)
	{
		$query = $db->query("
			SELECT SUM(a.filesize) AS ausage, COUNT(a.aid) AS acount
			FROM ".TABLE_PREFIX."attachments a
			LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
			LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
			WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}
		");
		$usage = $db->fetch_array($query);
		$totalusage = $usage['ausage'];
		$totalattachments = $usage['acount'];

		$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");

	}


 
	}


	$totalusage = $usage['ausage'];

 
	$friendlyusage = get_friendly_size((int)$totalusage);
	if($mybb->usergroup['attachquota'])
	{

	$friendlyusage = get_friendly_size((int)$totalusage);
	if($mybb->usergroup['attachquota'])
	{

Zeile 3914Zeile 4083
		$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);
	}


 
		$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);
	}


	$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");

 
	$bandwidth = get_friendly_size($bandwidth);

 
	$bandwidth = get_friendly_size($bandwidth);

 

	eval("\$delete_button = \"".$templates->get("delete_attachments_button")."\";");


	if(!$attachments)
	{
		eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";");
		$usagenote = '';

 

	if(!$attachments)
	{
		eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";");
		$usagenote = '';

 
		$delete_button = '';

	}

	$plugins->run_hooks("usercp_attachments_end");

	}

	$plugins->run_hooks("usercp_attachments_end");

Zeile 3934Zeile 4105
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


 
	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));


	$plugins->run_hooks("usercp_do_attachments_start");

 
	require_once MYBB_ROOT."inc/functions_upload.php";
	if(!isset($mybb->input['attachments']) || !is_array($mybb->input['attachments']))

 
	require_once MYBB_ROOT."inc/functions_upload.php";
	if(!isset($mybb->input['attachments']) || !is_array($mybb->input['attachments']))

	{

	{

		error($lang->no_attachments_selected);
	}

 
		error($lang->no_attachments_selected);
	}

 

	$plugins->run_hooks("usercp_do_attachments_start");


	// Get unviewable forums
	$f_perm_sql = '';


	// Get unviewable forums
	$f_perm_sql = '';

Zeile 3952Zeile 4124
	if($inactiveforums)
	{
		$f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)";

 
	if($inactiveforums)
	{
		$f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)";

	}


	}


	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$query = $db->query("

	$aids = implode(',', array_map('intval', $mybb->input['attachments']));

	$query = $db->query("

Zeile 3962Zeile 4134
		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
		WHERE aid IN ({$aids}) AND a.uid={$mybb->user['uid']} {$f_perm_sql}
	");

 
		LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
		WHERE aid IN ({$aids}) AND a.uid={$mybb->user['uid']} {$f_perm_sql}
	");





	while($attachment = $db->fetch_array($query))
	{
		remove_attachment($attachment['pid'], '', $attachment['aid']);
	}
	$plugins->run_hooks("usercp_do_attachments_end");
	redirect("usercp.php?action=attachments", $lang->attachments_deleted);

 
	while($attachment = $db->fetch_array($query))
	{
		remove_attachment($attachment['pid'], '', $attachment['aid']);
	}
	$plugins->run_hooks("usercp_do_attachments_end");
	redirect("usercp.php?action=attachments", $lang->attachments_deleted);

}


}


if($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post")
{
	// Verify incoming POST request

if($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post")
{
	// Verify incoming POST request

Zeile 3987Zeile 4159
	$plugins->run_hooks("usercp_do_notepad_end");
	redirect("usercp.php", $lang->redirect_notepadupdated);
}

 
	$plugins->run_hooks("usercp_do_notepad_end");
	redirect("usercp.php", $lang->redirect_notepadupdated);
}





if(!$mybb->input['action'])
{
	// Get posts per day

if(!$mybb->input['action'])
{
	// Get posts per day

Zeile 4003Zeile 4175
	if($perday > $mybb->user['postnum'])
	{
		$perday = $mybb->user['postnum'];

 
	if($perday > $mybb->user['postnum'])
	{
		$perday = $mybb->user['postnum'];

	}


	}


	$stats = $cache->read("stats");
	$posts = $stats['numposts'];
	if($posts == 0)

	$stats = $cache->read("stats");
	$posts = $stats['numposts'];
	if($posts == 0)

Zeile 4020Zeile 4192
	$colspan = 2;
	$lang->posts_day = $lang->sprintf($lang->posts_day, my_number_format($perday), $percent);
	$regdate = my_date('relative', $mybb->user['regdate']);

 
	$colspan = 2;
	$lang->posts_day = $lang->sprintf($lang->posts_day, my_number_format($perday), $percent);
	$regdate = my_date('relative', $mybb->user['regdate']);





	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
	$avatar_username = htmlspecialchars_uni($mybb->user['username']);
	eval("\$avatar = \"".$templates->get("usercp_currentavatar")."\";");

 
	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100');
	$avatar_username = htmlspecialchars_uni($mybb->user['username']);
	eval("\$avatar = \"".$templates->get("usercp_currentavatar")."\";");

 

	$mybb->user['email'] = htmlspecialchars_uni($mybb->user['email']);


	$usergroup = htmlspecialchars_uni($groupscache[$mybb->user['usergroup']]['title']);
	if($mybb->user['usergroup'] == 5 && $mybb->settings['regtype'] != "admin")


	$usergroup = htmlspecialchars_uni($groupscache[$mybb->user['usergroup']]['title']);
	if($mybb->user['usergroup'] == 5 && $mybb->settings['regtype'] != "admin")

Zeile 4031Zeile 4205
		eval("\$usergroup .= \"".$templates->get("usercp_resendactivation")."\";");
	}
	// Make reputations row

 
		eval("\$usergroup .= \"".$templates->get("usercp_resendactivation")."\";");
	}
	// Make reputations row

	$reputations = '';

	$reputation = '';

	if($mybb->usergroup['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1)
	{
		$reputation_link = get_reputation($mybb->user['reputation']);

	if($mybb->usergroup['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1)
	{
		$reputation_link = get_reputation($mybb->user['reputation']);

Zeile 4140Zeile 4314
	$mybb->user['posts'] = my_number_format($mybb->user['postnum']);

	// Build referral link

 
	$mybb->user['posts'] = my_number_format($mybb->user['postnum']);

	// Build referral link

 
	$referral_info = '';

	if($mybb->settings['usereferrals'] == 1)
	{
		$referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);

	if($mybb->settings['usereferrals'] == 1)
	{
		$referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);

Zeile 4152Zeile 4327
		}

		eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";");

 
		}

		eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";");

	}


	}


	// User Notepad
	$plugins->run_hooks("usercp_notepad_start");
	$mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']);

	// User Notepad
	$plugins->run_hooks("usercp_notepad_start");
	$mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']);

Zeile 4165Zeile 4340
	$query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1));
	if($db->num_rows($query))
	{

 
	$query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1));
	if($db->num_rows($query))
	{

		$visible = "AND t.visible != 0";
		if(is_moderator() == true)











		$where = array(
			"s.uid={$mybb->user['uid']}",
			"t.lastposteruid!={$mybb->user['uid']}",
			get_visible_where('t')
		);

		if($unviewable_forums = get_unviewable_forums(true))
		{
			$where[] = "t.fid NOT IN ({$unviewable_forums})";
		}
	
		if($inactive_forums = get_inactive_forums())

		{

 
		{

			$visible = '';

			$where[] = "t.fid NOT IN ({$inactive_forums})";

		}

 
		}






		$where = implode(' AND ', $where);


		$query = $db->query("
			SELECT s.*, t.*, t.username AS threadusername, u.username
			FROM ".TABLE_PREFIX."threadsubscriptions s
			LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid)
			LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

 
		$query = $db->query("
			SELECT s.*, t.*, t.username AS threadusername, u.username
			FROM ".TABLE_PREFIX."threadsubscriptions s
			LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid)
			LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

			WHERE s.uid='".$mybb->user['uid']."' {$visible}

			WHERE {$where}

			ORDER BY t.lastpost DESC
			LIMIT 0, 10
		");


 
			ORDER BY t.lastpost DESC
			LIMIT 0, 10
		");


 
		$subscriptions = array();

		$fpermissions = forum_permissions();

 
		$fpermissions = forum_permissions();

 


		while($subscription = $db->fetch_array($query))
		{
			$forumpermissions = $fpermissions[$subscription['fid']];

 
		while($subscription = $db->fetch_array($query))
		{
			$forumpermissions = $fpermissions[$subscription['fid']];

			if($forumpermissions['canview'] != 0 && $forumpermissions['canviewthreads'] != 0 && ($forumpermissions['canonlyviewownthreads'] == 0 || $subscription['uid'] == $mybb->user['uid']))



			if(!isset($forumpermissions['canonlyviewownthreads']) || $forumpermissions['canonlyviewownthreads'] == 0 || $subscription['uid'] == $mybb->user['uid'])

			{
				$subscriptions[$subscription['tid']] = $subscription;
			}
		}


 
			{
				$subscriptions[$subscription['tid']] = $subscription;
			}
		}


		if(is_array($subscriptions))

		if($subscriptions)

		{
			$tids = implode(",", array_keys($subscriptions));


		{
			$tids = implode(",", array_keys($subscriptions));


Zeile 4225Zeile 4415

				$icon_cache = $cache->read("posticons");
				$threadprefixes = build_prefixes();

 

				$icon_cache = $cache->read("posticons");
				$threadprefixes = build_prefixes();

 
				$latest_subscribed_threads = '';


				foreach($subscriptions as $thread)
				{


				foreach($subscriptions as $thread)
				{

Zeile 4233Zeile 4424
					$folder_label = '';
					$gotounread = '';


 
					$folder_label = '';
					$gotounread = '';


					if($thread['tid'])

					if(!empty($thread['tid']))

					{
						$bgcolor = alt_trow();
						$thread['subject'] = $parser->parse_badwords($thread['subject']);

					{
						$bgcolor = alt_trow();
						$thread['subject'] = $parser->parse_badwords($thread['subject']);

Zeile 4265Zeile 4456
							$icon = "&nbsp;";
						}


 
							$icon = "&nbsp;";
						}


						if($thread['doticon'])

						if(!isset($thread['doticon']))

						{
							$folder = "dot_";
							$folder_label .= $lang->icon_dot;
						}

						// Check to see which icon we display

 
						{
							$folder = "dot_";
							$folder_label .= $lang->icon_dot;
						}

						// Check to see which icon we display

						if($thread['lastread'] && $thread['lastread'] < $thread['lastpost'])

						if(!empty($thread['lastread']) && $thread['lastread'] < $thread['lastpost'])

						{
							$folder .= "new";
							$folder_label .= $lang->icon_new;

						{
							$folder .= "new";
							$folder_label .= $lang->icon_new;

Zeile 4327Zeile 4518
	}

	// User's Latest Threads

 
	}

	// User's Latest Threads

 
	$where = array(
		"t.uid={$mybb->user['uid']}",
		get_visible_where('t')
	);

	if($unviewable_forums = get_unviewable_forums(true))
	{
		$where[] = "t.fid NOT IN ({$unviewable_forums})";
	}

	if($inactive_forums = get_inactive_forums())
	{
		$where[] = "t.fid NOT IN ({$inactive_forums})";
	}

	$where = implode(' AND ', $where);



 


	// Get unviewable forums
	$f_perm_sql = '';
	$unviewable_forums = get_unviewable_forums();
	$inactiveforums = get_inactive_forums();
	if($unviewable_forums)
	{
		$f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)";
	}
	if($inactiveforums)
	{
		$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";
	}

	$visible = " AND t.visible != 0";
	if(is_moderator() == true)
	{
		$visible = '';
	}


 
	$query = $db->query("
		SELECT t.*, t.username AS threadusername, u.username
		FROM ".TABLE_PREFIX."threads t
		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

 
	$query = $db->query("
		SELECT t.*, t.username AS threadusername, u.username
		FROM ".TABLE_PREFIX."threads t
		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)

		WHERE t.uid='".$mybb->user['uid']."' AND t.firstpost != 0 AND t.visible >= 0 {$visible}{$f_perm_sql}

		WHERE {$where}

		ORDER BY t.lastpost DESC
		LIMIT 0, 5
	");

 
		ORDER BY t.lastpost DESC
		LIMIT 0, 5
	");





	// Figure out whether we can view these threads...
	$threadcache = array();
	$fpermissions = forum_permissions();
	while($thread = $db->fetch_array($query))
	{

 
	// Figure out whether we can view these threads...
	$threadcache = array();
	$fpermissions = forum_permissions();
	while($thread = $db->fetch_array($query))
	{

		// Moderated, and not moderator?
		if($thread['visible'] == 0 && is_moderator($thread['fid'], "canviewunapprove") === false)
		{
			continue;
		}

		$forumpermissions = $fpermissions[$thread['fid']];
		if($forumpermissions['canview'] != 0 || $forumpermissions['canviewthreads'] != 0)
		{
			$threadcache[$thread['tid']] = $thread;
		}

		$threadcache[$thread['tid']] = $thread;











	}

	$latest_threads = '';

	}

	$latest_threads = '';

Zeile 4421Zeile 4599
		$latest_threads_threads = '';
		foreach($threadcache as $thread)
		{

 
		$latest_threads_threads = '';
		foreach($threadcache as $thread)
		{

			$plugins->run_hooks("usercp_latest_threads_thread"); 

			$plugins->run_hooks("usercp_latest_threads_thread");

			if($thread['tid'])
			{
				$bgcolor = alt_trow();

			if($thread['tid'])
			{
				$bgcolor = alt_trow();

Zeile 4483Zeile 4661
				$cutoff = 0;
				if($thread['lastpost'] > $cutoff)
				{

 
				$cutoff = 0;
				if($thread['lastpost'] > $cutoff)
				{

					if($thread['lastread'])

					if(!empty($thread['lastread']))

					{
						$lastread = $thread['lastread'];
					}

					{
						$lastread = $thread['lastread'];
					}

Zeile 4503Zeile 4681
				}

				// Folder Icons

 
				}

				// Folder Icons

				if($thread['doticon'])

				if(!empty($thread['doticon']))

				{
					$folder = "dot_";
					$folder_label .= $lang->icon_dot;

				{
					$folder = "dot_";
					$folder_label .= $lang->icon_dot;