Vergleich usercp.php - 1.8.22 - 1.8.39

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 32	Zeile 32
require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php";	require_once "./global.php"; require_once MYBB_ROOT."inc/functions_post.php";
	require_once MYBB_ROOT."inc/functions_search.php";
require_once MYBB_ROOT."inc/functions_user.php"; require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser;	require_once MYBB_ROOT."inc/functions_user.php"; require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser;
Zeile 44	Zeile 45
error_no_permission(); }	error_no_permission(); }
if(!$mybb->user['pmfolders']) { $mybb->user['pmfolders'] = '1$%%$2$%%$3$%%$4'; $db->update_query('users', array('pmfolders' => $mybb->user['pmfolders']), "uid = {$mybb->user['uid']}"); } $errors = '';	$errors = '';
$mybb->input['action'] = $mybb->get_input('action'); usercp_menu();	$mybb->input['action'] = $mybb->get_input('action'); usercp_menu();
$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']); if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0)	$server_http_referer = ''; if(isset($_SERVER['HTTP_REFERER']))
{	{
if(my_strpos($server_http_referer, '/') === 0)	$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']); if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0)
{	{
$server_http_referer = my_substr($server_http_referer, 1);	if(my_strpos($server_http_referer, '/') === 0) { $server_http_referer = my_substr($server_http_referer, 1); } $url_segments = explode('/', $server_http_referer); $server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments);
}	}
$url_segments = explode('/', $server_http_referer); $server_http_referer = $mybb->settings['bburl'].'/'.end($url_segments);
} $plugins->run_hooks("usercp_start");	} $plugins->run_hooks("usercp_start");
Zeile 154	Zeile 153
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$plugins->run_hooks("usercp_do_profile_start");	$plugins->run_hooks("usercp_do_profile_start");
Zeile 217	Zeile 218
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "postnum" => $mybb->user['postnum'], "usergroup" => $mybb->user['usergroup'],	"uid" => $mybb->user['uid'], "postnum" => $mybb->user['postnum'], "usergroup" => $mybb->user['usergroup'],
Zeile 226	Zeile 227
"birthdayprivacy" => $mybb->get_input('birthdayprivacy'), "away" => $away, "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)	"birthdayprivacy" => $mybb->get_input('birthdayprivacy'), "away" => $away, "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY)
); foreach(array('icq', 'skype', 'google') as $cfield)	)); foreach(array('skype', 'google') as $cfield)
{ $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '')	{ $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '')
{ continue; }	{ continue; }
if(!is_member($mybb->settings[$csetting])) { continue; }	if(!is_member($mybb->settings[$csetting])) { continue; }
if($cfield == 'icq')	$user[$cfield] = $mybb->get_input($cfield); if(my_strlen($user[$cfield]) > 75)
{	{
$user[$cfield] = $mybb->get_input($cfield, 1); } else { $user[$cfield] = $mybb->get_input($cfield);	error($lang->contact_field_error);
}	}
} if($mybb->usergroup['canchangewebsite'] == 1) { $user['website'] = $mybb->get_input('website');	} if($mybb->usergroup['canchangewebsite'] == 1) { $user['website'] = $mybb->get_input('website');
} if($mybb->usergroup['cancustomtitle'] == 1) { if($mybb->get_input('usertitle') != '')	} if($mybb->usergroup['cancustomtitle'] == 1) { if($mybb->get_input('usertitle') != '')
{	{
$user['usertitle'] = $mybb->get_input('usertitle'); } elseif(!empty($mybb->input['reverttitle']))	$user['usertitle'] = $mybb->get_input('usertitle'); } elseif(!empty($mybb->input['reverttitle']))
Zeile 274	Zeile 273
$raw_errors = $userhandler->get_errors(); // Set to stored value if invalid	$raw_errors = $userhandler->get_errors(); // Set to stored value if invalid
if(array_key_exists("invalid_birthday_privacy", $raw_errors)) {	if(array_key_exists("invalid_birthday_privacy", $raw_errors) \|\| array_key_exists("conflicted_birthday_privacy", $raw_errors)) {
$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];	$mybb->input['birthdayprivacy'] = $mybb->user['birthdayprivacy'];
	$bday = explode("-", $mybb->user['birthday']); if(isset($bday[2])) { $mybb->input['bday3'] = $bday[2]; }
} $errors = inline_error($errors); $mybb->input['action'] = "profile";	} $errors = inline_error($errors); $mybb->input['action'] = "profile";
} else {	} else {
$userhandler->update_user(); $plugins->run_hooks("usercp_do_profile_end");	$userhandler->update_user(); $plugins->run_hooks("usercp_do_profile_end");
Zeile 308	Zeile 313
if(!isset($bday[1])) { $bday[1] = 0;	if(!isset($bday[1])) { $bday[1] = 0;
} if(!isset($bday[2])) { $bday[2] = '';
} }	} }
	if(!isset($bday[2]) \|\| $bday[2] == 0) { $bday[2] = ''; }
$plugins->run_hooks("usercp_profile_start"); $bdaydaysel = '';	$plugins->run_hooks("usercp_profile_start"); $bdaydaysel = '';
for($day = 1; $day <= 31; ++$day) {	for($day = 1; $day <= 31; ++$day) {
if($bday[0] == $day)	if($bday[0] == $day)
{	{
$selected = "selected=\"selected\"";	$selected = "selected=\"selected\"";
}	}
else { $selected = '';	else { $selected = '';
}	}
eval("\$bdaydaysel .= \"".$templates->get("usercp_profile_day")."\";"); }	eval("\$bdaydaysel .= \"".$templates->get("usercp_profile_day")."\";"); }
Zeile 336	Zeile 341
foreach(range(1, 12) as $month) { $bdaymonthsel[$month] = '';	foreach(range(1, 12) as $month) { $bdaymonthsel[$month] = '';
}	}
$bdaymonthsel[$bday[1]] = 'selected="selected"'; $allselected = $noneselected = $ageselected = '';	$bdaymonthsel[$bday[1]] = 'selected="selected"'; $allselected = $noneselected = $ageselected = '';
Zeile 351	Zeile 356
elseif($user['birthdayprivacy'] == 'age') { $ageselected = " selected=\"selected\"";	elseif($user['birthdayprivacy'] == 'age') { $ageselected = " selected=\"selected\"";
}	}
if(!my_validate_url($user['website']))	if(!my_validate_url($user['website']))
{	{
$user['website'] = ''; } else { $user['website'] = htmlspecialchars_uni($user['website']);	$user['website'] = ''; } else { $user['website'] = htmlspecialchars_uni($user['website']);
} if($user['icq'] != "0") { $user['icq'] = (int)$user['icq']; } if($user['icq'] == 0) { $user['icq'] = ''; }	}
if($errors) {	if($errors) {
Zeile 382	Zeile 377
$contactfields = ''; $cfieldsshow = false;	$contactfields = ''; $cfieldsshow = false;
foreach(array('icq', 'skype', 'google') as $cfield)	foreach(array('skype', 'google') as $cfield)
{ $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '')	{ $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '')
{ continue; } if(!is_member($mybb->settings[$csetting]))	{ continue; } if(!is_member($mybb->settings[$csetting]))
{ continue; } $cfieldsshow = true;	{ continue; } $cfieldsshow = true;

$lang_string = 'contact_field_'.$cfield; $lang_string = $lang->{$lang_string}; $cfvalue = htmlspecialchars_uni($user[$cfield]);	$lang_string = 'contact_field_'.$cfield; $lang_string = $lang->{$lang_string}; $cfvalue = htmlspecialchars_uni($user[$cfield]);

eval('$contact_fields[$cfield] = "'.$templates->get('usercp_profile_contact_fields_field').'";');	eval('$contact_fields[$cfield] = "'.$templates->get('usercp_profile_contact_fields_field').'";');
}	}
if($cfieldsshow) { eval('$contactfields = "'.$templates->get('usercp_profile_contact_fields').'";'); }	if($cfieldsshow) { eval('$contactfields = "'.$templates->get('usercp_profile_contact_fields').'";'); }
	$awaysection = '';
if($mybb->settings['allowaway'] != 0) { $awaycheck = array('', ''); if($errors) { if($user['away'] == 1)	if($mybb->settings['allowaway'] != 0) { $awaycheck = array('', ''); if($errors) { if($user['away'] == 1)
{ $awaycheck[1] = "checked=\"checked\""; } else {	{ $awaycheck[1] = "checked=\"checked\""; } else {
$awaycheck[0] = "checked=\"checked\""; } $returndate = array();	$awaycheck[0] = "checked=\"checked\""; } $returndate = array();
Zeile 428	Zeile 424
$returndate[1] = $mybb->get_input('awaymonth', MyBB::INPUT_INT); $returndate[2] = $mybb->get_input('awayyear', MyBB::INPUT_INT); $user['awayreason'] = htmlspecialchars_uni($mybb->get_input('awayreason'));	$returndate[1] = $mybb->get_input('awaymonth', MyBB::INPUT_INT); $returndate[2] = $mybb->get_input('awayyear', MyBB::INPUT_INT); $user['awayreason'] = htmlspecialchars_uni($mybb->get_input('awayreason'));
}	}
else { $user['awayreason'] = htmlspecialchars_uni($user['awayreason']);	else { $user['awayreason'] = htmlspecialchars_uni($user['awayreason']);
Zeile 460	Zeile 456
if($returndate[0] == $day) { $selected = "selected=\"selected\"";	if($returndate[0] == $day) { $selected = "selected=\"selected\"";
}	}
else { $selected = ''; } eval("\$returndatesel .= \"".$templates->get("usercp_profile_day")."\";");	else { $selected = ''; } eval("\$returndatesel .= \"".$templates->get("usercp_profile_day")."\";");
}	}
$returndatemonthsel = array(); foreach(range(1, 12) as $month)	$returndatemonthsel = array(); foreach(range(1, 12) as $month)
Zeile 475	Zeile 471
$returndatemonthsel[$month] = ''; } $returndatemonthsel[$returndate[1]] = "selected";	$returndatemonthsel[$month] = ''; } $returndatemonthsel[$returndate[1]] = "selected";

eval("\$awaysection = \"".$templates->get("usercp_profile_away")."\";"); }	eval("\$awaysection = \"".$templates->get("usercp_profile_away")."\";"); }
Zeile 483	Zeile 479
$altbg = "trow1"; $requiredfields = $customfields = ''; $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);	$altbg = "trow1"; $requiredfields = $customfields = ''; $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);

$pfcache = $cache->read('profilefields'); if(is_array($pfcache))	$pfcache = $cache->read('profilefields'); if(is_array($pfcache))
Zeile 491	Zeile 487
foreach($pfcache as $profilefield) { if(!is_member($profilefield['editableby']) \|\| ($profilefield['postnum'] && $profilefield['postnum'] > $mybb->user['postnum']))	foreach($pfcache as $profilefield) { if(!is_member($profilefield['editableby']) \|\| ($profilefield['postnum'] && $profilefield['postnum'] > $mybb->user['postnum']))
{	{
continue; }	continue; }
	$userfield = $code = $select = $val = $options = $expoptions = $useropts = ''; $seloptions = array();
$profilefield['type'] = htmlspecialchars_uni($profilefield['type']); $profilefield['name'] = htmlspecialchars_uni($profilefield['name']); $profilefield['description'] = htmlspecialchars_uni($profilefield['description']);	$profilefield['type'] = htmlspecialchars_uni($profilefield['type']); $profilefield['name'] = htmlspecialchars_uni($profilefield['name']); $profilefield['description'] = htmlspecialchars_uni($profilefield['description']);
Zeile 507	Zeile 505
else { $options = array();	else { $options = array();
}	}
$field = "fid{$profilefield['fid']}";	$field = "fid{$profilefield['fid']}";
$select = '';
if($errors) { if(!isset($mybb->input['profile_fields'][$field]))	if($errors) { if(!isset($mybb->input['profile_fields'][$field]))
Zeile 525	Zeile 522
if($type == "multiselect") { if($errors)	if($type == "multiselect") { if($errors)
{	{
$useropts = $userfield;	$useropts = $userfield;
}	}
else	else
{	{
$useropts = explode("\n", $userfield); } if(is_array($useropts))	$useropts = explode("\n", $userfield); } if(is_array($useropts))
{	{
foreach($useropts as $key => $val) { $val = htmlspecialchars_uni($val); $seloptions[$val] = $val;	foreach($useropts as $key => $val) { $val = htmlspecialchars_uni($val); $seloptions[$val] = $val;
} } $expoptions = explode("\n", $options); if(is_array($expoptions))	} } $expoptions = explode("\n", $options); if(is_array($expoptions))
{ foreach($expoptions as $key => $val) {	{ foreach($expoptions as $key => $val) {
Zeile 550	Zeile 547
$sel = ""; if(isset($seloptions[$val]) && $val == $seloptions[$val])	$sel = ""; if(isset($seloptions[$val]) && $val == $seloptions[$val])
{ $sel = " selected=\"selected\""; } eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); } if(!$profilefield['length']) {	{ $sel = " selected=\"selected\""; } eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); } if(!$profilefield['length']) {
$profilefield['length'] = 3; }	$profilefield['length'] = 3; }
Zeile 565	Zeile 562
} } elseif($type == "select")	} } elseif($type == "select")
{	{
$expoptions = explode("\n", $options); if(is_array($expoptions)) {	$expoptions = explode("\n", $options); if(is_array($expoptions)) {
Zeile 580	Zeile 577
} eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");	} eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";");
} if(!$profilefield['length']) {	} if(!$profilefield['length']) {
$profilefield['length'] = 1; }	$profilefield['length'] = 1; }
Zeile 590	Zeile 587
} } elseif($type == "radio")	} } elseif($type == "radio")
{ $userfield = htmlspecialchars_uni($userfield); $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) {	{ $userfield = htmlspecialchars_uni($userfield); $expoptions = explode("\n", $options); if(is_array($expoptions)) { foreach($expoptions as $key => $val) {
$checked = ""; if($val == $userfield) {	$checked = ""; if($val == $userfield) {
Zeile 666	Zeile 663
eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";"); } $altbg = alt_trow();	eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";"); } $altbg = alt_trow();
$code = ""; $select = ""; $val = ""; $options = ""; $expoptions = ""; $useropts = ""; $seloptions = array();
} } if($customfields)	} } if($customfields)
Zeile 735	Zeile 725
$customtitle = ""; }	$customtitle = ""; }
	$website = '';
if($mybb->usergroup['canchangewebsite'] == 1) { eval("\$website = \"".$templates->get("usercp_profile_website")."\";");	if($mybb->usergroup['canchangewebsite'] == 1) { eval("\$website = \"".$templates->get("usercp_profile_website")."\";");
Zeile 750	Zeile 741
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
	$user = array();
$plugins->run_hooks("usercp_do_options_start");	$plugins->run_hooks("usercp_do_options_start");
Zeile 757	Zeile 750
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "style" => $mybb->get_input('style', MyBB::INPUT_INT), "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),	"uid" => $mybb->user['uid'], "style" => $mybb->get_input('style', MyBB::INPUT_INT), "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),
Zeile 766	Zeile 759
"language" => $mybb->get_input('language'), 'usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $mybb->user['additionalgroups']	"language" => $mybb->get_input('language'), 'usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $mybb->user['additionalgroups']
);	));
$user['options'] = array( "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),	$user['options'] = array( "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT),
Zeile 794	Zeile 787
); if($mybb->settings['usertppoptions'])	); if($mybb->settings['usertppoptions'])
{	{
$user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);	$user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);
}	}
if($mybb->settings['userpppoptions']) { $user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT);	if($mybb->settings['userpppoptions']) { $user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT);
}	}
$userhandler->set_data($user); if(!$userhandler->validate_user())	$userhandler->set_data($user); if(!$userhandler->validate_user())
Zeile 816	Zeile 809
$userhandler->update_user(); $plugins->run_hooks("usercp_do_options_end");	$userhandler->update_user(); $plugins->run_hooks("usercp_do_options_end");

redirect("usercp.php?action=options", $lang->redirect_optionsupdated); } }	redirect("usercp.php?action=options", $lang->redirect_optionsupdated); } }

if($mybb->input['action'] == "options") {	if($mybb->input['action'] == "options") {
$plugins->run_hooks("usercp_options_start");
if($errors != '') { $user = $mybb->input;	if($errors != '') { $user = $mybb->input;
Zeile 832	Zeile 823
else { $user = $mybb->user;	else { $user = $mybb->user;
}	} $plugins->run_hooks("usercp_options_start");
$languages = $lang->get_languages(); $board_language = $langoptions = '';	$languages = $lang->get_languages(); $board_language = $langoptions = '';
Zeile 862	Zeile 855
else { $allownoticescheck = "";	else { $allownoticescheck = "";
} if(isset($user['invisible']) && $user['invisible'] == 1) { $invisiblecheck = "checked=\"checked\""; } else { $invisiblecheck = ""; }	} $canbeinvisible = ''; // Check usergroup permission before showing invisible check box if($mybb->usergroup['canbeinvisible'] == 1) { if(isset($user['invisible']) && $user['invisible'] == 1) { $invisiblecheck = "checked=\"checked\""; } else { $invisiblecheck = ""; } eval('$canbeinvisible = "'.$templates->get("usercp_options_invisible")."\";"); }
if(isset($user['hideemail']) && $user['hideemail'] == 1) {	if(isset($user['hideemail']) && $user['hideemail'] == 1) {
Zeile 1135	Zeile 1135
$val = trim($val); $selected = ""; if(isset($user['tpp']) && $user['tpp'] == $val)	$val = trim($val); $selected = ""; if(isset($user['tpp']) && $user['tpp'] == $val)
{ $selected = " selected=\"selected\"";	{ $selected = " selected=\"selected\"";
} $tpp_option = $lang->sprintf($lang->tpp_option, $val); eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";");	} $tpp_option = $lang->sprintf($lang->tpp_option, $val); eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";");
} }	} }
eval("\$tppselect = \"".$templates->get("usercp_options_tppselect")."\";"); }	eval("\$tppselect = \"".$templates->get("usercp_options_tppselect")."\";"); }
Zeile 1182	Zeile 1182
$errors = array(); $plugins->run_hooks("usercp_do_email_start");	$errors = array(); $plugins->run_hooks("usercp_do_email_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)
{ $errors[] = $lang->error_invalidpassword; }	{ $errors[] = $lang->error_invalidpassword; }
Zeile 1314	Zeile 1314
} if($mybb->input['action'] == "do_password" && $mybb->request_method == "post")	} if($mybb->input['action'] == "do_password" && $mybb->request_method == "post")
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); $errors = array();	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); $user = array(); $errors = array();
$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false)	$plugins->run_hooks("usercp_do_password_start"); if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpassword')) == false)
Zeile 1331	Zeile 1332
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "password" => $mybb->get_input('password'), "password2" => $mybb->get_input('password2')	"uid" => $mybb->user['uid'], "password" => $mybb->get_input('password'), "password2" => $mybb->get_input('password2')
);	));
$userhandler->set_data($user);	$userhandler->set_data($user);
Zeile 1379	Zeile 1380
$errors = array();	$errors = array();
$plugins->run_hooks("usercp_do_changename_start");
if($mybb->usergroup['canchangename'] != 1)	if($mybb->usergroup['canchangename'] != 1)
{	{
error_no_permission();	error_no_permission();
}	} $user = array(); $plugins->run_hooks("usercp_do_changename_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)	if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('password')) == false)
{	{
$errors[] = $lang->error_invalidpassword; } else	$errors[] = $lang->error_invalidpassword; } else
Zeile 1395	Zeile 1399
require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");	require_once MYBB_ROOT."inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update");
$user = array(	$user = array_merge($user, array(
"uid" => $mybb->user['uid'], "username" => $mybb->get_input('username')	"uid" => $mybb->user['uid'], "username" => $mybb->get_input('username')
);	));
$userhandler->set_data($user);	$userhandler->set_data($user);
Zeile 1411	Zeile 1415
$userhandler->update_user(); $plugins->run_hooks("usercp_do_changename_end"); redirect("usercp.php?action=changename", $lang->redirect_namechanged);	$userhandler->update_user(); $plugins->run_hooks("usercp_do_changename_end"); redirect("usercp.php?action=changename", $lang->redirect_namechanged);

} } if(count($errors) > 0)	} } if(count($errors) > 0)
Zeile 1422	Zeile 1425
} if($mybb->input['action'] == "changename")	} if($mybb->input['action'] == "changename")
{	{
$plugins->run_hooks("usercp_changename_start"); if($mybb->usergroup['canchangename'] != 1) { error_no_permission();	$plugins->run_hooks("usercp_changename_start"); if($mybb->usergroup['canchangename'] != 1) { error_no_permission();
}	}
// Coming back to this page after one or more errors were experienced, show field the user previously entered (with the exception of the password) if($errors)	// Coming back to this page after one or more errors were experienced, show field the user previously entered (with the exception of the password) if($errors)
Zeile 1437	Zeile 1440
else { $username = '';	else { $username = '';
}	}
$plugins->run_hooks("usercp_changename_end");	$plugins->run_hooks("usercp_changename_end");
Zeile 1449	Zeile 1452
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_subscriptions_start");
if(!isset($mybb->input['check']) \|\| !is_array($mybb->input['check'])) { error($lang->no_subscriptions_selected);	if(!isset($mybb->input['check']) \|\| !is_array($mybb->input['check'])) { error($lang->no_subscriptions_selected);
}	} $plugins->run_hooks("usercp_do_subscriptions_start");
// Clean input - only accept integers thanks! $mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));	// Clean input - only accept integers thanks! $mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyBB::INPUT_ARRAY));
Zeile 1472	Zeile 1475
if($mybb->get_input('do') == "no_notification") { $new_notification = 0;	if($mybb->get_input('do') == "no_notification") { $new_notification = 0;
}	}
elseif($mybb->get_input('do') == "email_notification") { $new_notification = 1;	elseif($mybb->get_input('do') == "email_notification") { $new_notification = 1;
Zeile 1496	Zeile 1499
$plugins->run_hooks("usercp_subscriptions_start"); // Thread visiblity	$plugins->run_hooks("usercp_subscriptions_start"); // Thread visiblity
$visible = "AND t.visible != 0"; if(is_moderator() == true)	$where = array( "s.uid={$mybb->user['uid']}", get_visible_where('t') ); if($unviewable_forums = get_unviewable_forums(true)) { $where[] = "t.fid NOT IN ({$unviewable_forums})"; } if($inactive_forums = get_inactive_forums())
{	{
$visible = '';	$where[] = "t.fid NOT IN ({$inactive_forums})";
}	}
	$where = implode(' AND ', $where);
// Do Multi Pages $query = $db->query("	// Do Multi Pages $query = $db->query("
SELECT COUNT(ts.tid) as threads FROM ".TABLE_PREFIX."threadsubscriptions ts LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = ts.tid) WHERE ts.uid = '".$mybb->user['uid']."' AND t.visible >= 0 {$visible}	SELECT COUNT(s.tid) as threads FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = s.tid) WHERE {$where}
"); $threadcount = $db->fetch_field($query, "threads");	"); $threadcount = $db->fetch_field($query, "threads");
Zeile 1551	Zeile 1565
FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)	FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE s.uid='".$mybb->user['uid']."' and t.visible >= 0 {$visible}	WHERE {$where}
ORDER BY t.lastpost DESC LIMIT $start, $perpage ");	ORDER BY t.lastpost DESC LIMIT $start, $perpage ");
Zeile 1559	Zeile 1573
{ $forumpermissions = $fpermissions[$subscription['fid']];	{ $forumpermissions = $fpermissions[$subscription['fid']];
if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid']))	if(isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid'])
{ // Hmm, you don't have permission to view this thread - unsubscribe! $del_subscriptions[] = $subscription['sid'];	{ // Hmm, you don't have permission to view this thread - unsubscribe! $del_subscriptions[] = $subscription['sid'];
Zeile 1685	Zeile 1699
if($mybb->settings['threadreadcut'] > 0) {	if($mybb->settings['threadreadcut'] > 0) {
$forum_read = $readforums[$thread['fid']];
$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']6060*24;	$read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']6060*24;
if($forum_read == 0 \|\| $forum_read < $read_cutoff) {	if(empty($readforums[$thread['fid']]) \|\| $readforums[$thread['fid']] < $read_cutoff) {
$forum_read = $read_cutoff;	$forum_read = $read_cutoff;
} }	} else { $forum_read = $readforums[$thread['fid']]; } }
$cutoff = 0; if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read)	$cutoff = 0; if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read)
Zeile 1702	Zeile 1718
if($thread['lastpost'] > $cutoff) {	if($thread['lastpost'] > $cutoff) {
if($thread['lastread'])	if(!empty($thread['lastread']))
{ $lastread = $thread['lastread']; } else { $lastread = 1;	{ $lastread = $thread['lastread']; } else { $lastread = 1;
}	}
} if(!$lastread)	} if(!$lastread)
Zeile 1733	Zeile 1749
$thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost"); eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); $unreadpost = 1;	$thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost"); eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); $unreadpost = 1;
}	}
else	else
{	{
$folder_label .= $lang->icon_no_new; $new_class = "subject_old"; } if($thread['replies'] >= $mybb->settings['hottopic'] \|\| $thread['views'] >= $mybb->settings['hottopicviews'])	$folder_label .= $lang->icon_no_new; $new_class = "subject_old"; } if($thread['replies'] >= $mybb->settings['hottopic'] \|\| $thread['views'] >= $mybb->settings['hottopicviews'])
{	{
$folder .= "hot"; $folder_label .= $lang->icon_hot;	$folder .= "hot"; $folder_label .= $lang->icon_hot;
}	}
if($thread['closed'] == 1) { $folder .= "close"; $folder_label .= $lang->icon_close;	if($thread['closed'] == 1) { $folder .= "close"; $folder_label .= $lang->icon_close;
} $folder .= "folder";	} $folder .= "folder";
if($thread['visible'] == 0) { $bgcolor = "trow_shaded";	if($thread['visible'] == 0) { $bgcolor = "trow_shaded";
Zeile 1761	Zeile 1777
// Build last post info $lastpostdate = my_date('relative', $thread['lastpost']);	// Build last post info $lastpostdate = my_date('relative', $thread['lastpost']);
	$lastposteruid = $thread['lastposteruid'];
if(!$lastposteruid && !$thread['lastposter'])	if(!$lastposteruid && !$thread['lastposter'])
{	{
$lastposter = htmlspecialchars_uni($lang->guest);	$lastposter = htmlspecialchars_uni($lang->guest);
}	}
else { $lastposter = htmlspecialchars_uni($thread['lastposter']);	else { $lastposter = htmlspecialchars_uni($thread['lastposter']);
} $lastposteruid = $thread['lastposteruid'];	}
// Don't link to guest's profiles (they have no profile). if($lastposteruid == 0) {	// Don't link to guest's profiles (they have no profile). if($lastposteruid == 0) {
Zeile 1802	Zeile 1818
// Provide remove options eval("\$remove_options = \"".$templates->get("usercp_subscriptions_remove")."\";");	// Provide remove options eval("\$remove_options = \"".$templates->get("usercp_subscriptions_remove")."\";");
}	}
else { $remove_options = '';	else { $remove_options = '';
Zeile 1810	Zeile 1826
} $plugins->run_hooks("usercp_subscriptions_end");	} $plugins->run_hooks("usercp_subscriptions_end");

eval("\$subscriptions = \"".$templates->get("usercp_subscriptions")."\";"); output_page($subscriptions); }	eval("\$subscriptions = \"".$templates->get("usercp_subscriptions")."\";"); output_page($subscriptions); }
Zeile 1818	Zeile 1834
if($mybb->input['action'] == "forumsubscriptions") { $plugins->run_hooks("usercp_forumsubscriptions_start");	if($mybb->input['action'] == "forumsubscriptions") { $plugins->run_hooks("usercp_forumsubscriptions_start");

// Build a forum cache. $query = $db->query(" SELECT f.fid, fr.dateline AS lastread	// Build a forum cache. $query = $db->query(" SELECT f.fid, fr.dateline AS lastread
Zeile 1947	Zeile 1963
if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread);	if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread);
}	}
$forumpermissions = forum_permissions($thread['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission();	$forumpermissions = forum_permissions($thread['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission();
}	}
// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);	// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);

// Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_do_addsubscription"); add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));	// Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_do_addsubscription"); add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));

if($mybb->get_input('referrer')) { $mybb->input['referrer'] = $mybb->get_input('referrer');	if($mybb->get_input('referrer')) { $mybb->input['referrer'] = $mybb->get_input('referrer');
Zeile 1978	Zeile 1994
} $url = htmlspecialchars_uni($mybb->input['referrer']);	} $url = htmlspecialchars_uni($mybb->input['referrer']);
}	}
else { $url = get_thread_link($thread['tid']);	else { $url = get_thread_link($thread['tid']);
Zeile 2011	Zeile 2027
$plugins->run_hooks("usercp2_addsubscription_forum"); add_subscribed_forum($forum['fid']);	$plugins->run_hooks("usercp2_addsubscription_forum"); add_subscribed_forum($forum['fid']);
if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; }	if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; }
else { $url = "index.php";	else { $url = "index.php";
}	}
redirect($url, $lang->redirect_forumsubscriptionadded); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread \|\| $thread['visible'] == -1)	redirect($url, $lang->redirect_forumsubscriptionadded); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread \|\| $thread['visible'] == -1)
{ error($lang->error_invalidthread);	{ error($lang->error_invalidthread);
}	}

// Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true))	// Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true))
{	{
error($lang->error_invalidthread); }	error($lang->error_invalidthread); }
Zeile 2066	Zeile 2082
if($mybb->user['subscriptionmethod'] == 1 \|\| $mybb->user['subscriptionmethod'] == 0) { $notification_none_checked = "checked=\"checked\"";	if($mybb->user['subscriptionmethod'] == 1 \|\| $mybb->user['subscriptionmethod'] == 0) { $notification_none_checked = "checked=\"checked\"";
}	}
elseif($mybb->user['subscriptionmethod'] == 2)	elseif($mybb->user['subscriptionmethod'] == 2)
{	{
$notification_email_checked = "checked=\"checked\"";	$notification_email_checked = "checked=\"checked\"";
}	}
elseif($mybb->user['subscriptionmethod'] == 3) { $notification_pm_checked = "checked=\"checked\"";	elseif($mybb->user['subscriptionmethod'] == 3) { $notification_pm_checked = "checked=\"checked\"";
} // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_addsubscription_thread");	} // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_addsubscription_thread");
eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";"); output_page($add_subscription); exit; } }	eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";"); output_page($add_subscription); exit; } }
	if($mybb->input['action'] == "removesubscription" && ($mybb->request_method == "post" \|\| verify_post_check($mybb->get_input('my_post_key'), true))) { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_forum"); remove_subscribed_forum($forum['fid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionremoved); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? $ismod = is_moderator($thread['fid']); // Make sure we are looking at a real thread here. if(($thread['visible'] != 1 && $ismod == false) \|\| ($thread['visible'] > 1 && $ismod == true)) { error($lang->error_invalidthread); } // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_thread"); remove_subscribed_thread($thread['tid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionremoved); } } // Show remove subscription form when GET method and without valid my_post_key
if($mybb->input['action'] == "removesubscription") {	if($mybb->input['action'] == "removesubscription") {
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	$referrer = '';
if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum);	if($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if(!$forum) { error($lang->error_invalidforum);
	} add_breadcrumb($lang->nav_forumsubscriptions, "usercp.php?action=forumsubscriptions"); add_breadcrumb($lang->nav_removesubscription); $forumpermissions = forum_permissions($forum['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0) { error_no_permission();
} // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']);	} // check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($forum['fid']);
	$lang->unsubscribe_from_forum = $lang->sprintf($lang->unsubscribe_from_forum, $forum['name']);
// Naming of the hook retained for backward compatibility while dropping usercp2.php	// Naming of the hook retained for backward compatibility while dropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_forum"); remove_subscribed_forum($forum['fid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionremoved);	$plugins->run_hooks("usercp2_removesubscription_display_forum"); eval("\$remove_forum_subscription = \"".$templates->get("usercp_removesubscription_forum")."\";"); output_page($remove_forum_subscription); exit;
} else {	} else {
$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread) {	$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if(!$thread \|\| $thread['visible'] == -1) {
error($lang->error_invalidthread); }	error($lang->error_invalidthread); }
Zeile 2132	Zeile 2217
error($lang->error_invalidthread); }	error($lang->error_invalidthread); }
// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']);	add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions"); add_breadcrumb($lang->nav_removesubscription); $forumpermissions = forum_permissions($thread['fid']); if($forumpermissions['canview'] == 0 \|\| $forumpermissions['canviewthreads'] == 0 \|\| (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) { error_no_permission(); }

// Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_thread"); remove_subscribed_thread($thread['tid']); if($server_http_referer && $mybb->request_method != 'post') { $url = $server_http_referer; } else { $url = "usercp.php?action=subscriptions"; } redirect($url, $lang->redirect_subscriptionremoved);	// check if the forum requires a password to view. If so, we need to show a form to the user check_forum_password($thread['fid']); require_once MYBB_ROOT."inc/class_parser.php"; $parser = new postParser; $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); $lang->unsubscribe_from_thread = $lang->sprintf($lang->unsubscribe_from_thread, $thread['subject']); // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscription_display_thread"); eval("\$remove_thread_subscription = \"".$templates->get("usercp_removesubscription_thread")."\";"); output_page($remove_thread_subscription); exit;
} } if($mybb->input['action'] == "removesubscriptions")	} } if($mybb->input['action'] == "removesubscriptions")
{	{
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));

if($mybb->get_input('type') == "forum")	if($mybb->get_input('type') == "forum")
{ // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscriptions_forum");	{ // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscriptions_forum");
$db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'"); if($server_http_referer) {	$db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'"); if($server_http_referer) {
Zeile 2176	Zeile 2269
{ // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscriptions_thread");	{ // Naming of the hook retained for backward compatibility while dropping usercp2.php $plugins->run_hooks("usercp2_removesubscriptions_thread");

$db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'"); if($server_http_referer) {	$db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'"); if($server_http_referer) {
Zeile 2194	Zeile 2287
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_editsig_start");
// User currently has a suspended signature if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) { error_no_permission(); }	// User currently has a suspended signature if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) { error_no_permission(); }
	$plugins->run_hooks("usercp_do_editsig_start");
if($mybb->get_input('updateposts') == "enable") { $update_signature = array( "includesig" => 1	if($mybb->get_input('updateposts') == "enable") { $update_signature = array( "includesig" => 1
); $db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'");	); $db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'");
} elseif($mybb->get_input('updateposts') == "disable") {	} elseif($mybb->get_input('updateposts') == "disable") {
Zeile 2299	Zeile 2392
else { // User is allowed to edit their signature	else { // User is allowed to edit their signature
	$smilieinserter = '';
if($mybb->settings['sigsmilies'] == 1) { $sigsmilies = $lang->on;	if($mybb->settings['sigsmilies'] == 1) { $sigsmilies = $lang->on;
Zeile 2332	Zeile 2426
{ $sigimgcode = $lang->off; }	{ $sigimgcode = $lang->off; }
$sig = htmlspecialchars_uni($sig); $lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);

if($mybb->settings['bbcodeinserter'] != 0 \|\| $mybb->user['showcodebuttons'] != 0)	if($mybb->settings['siglength'] == 0) { $siglength = $lang->unlimited; } else { $siglength = $mybb->settings['siglength']; } $sig = htmlspecialchars_uni($sig); $lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $siglength); if($mybb->settings['sigmycode'] != 0 && $mybb->settings['bbcodeinserter'] != 0 && $mybb->user['showcodebuttons'] != 0)
{ $codebuttons = build_mycode_inserter("signature"); }	{ $codebuttons = build_mycode_inserter("signature"); }
Zeile 2343	Zeile 2447
$plugins->run_hooks("usercp_editsig_end"); eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");	$plugins->run_hooks("usercp_editsig_end"); eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");
}	}
output_page($editsig); }	output_page($editsig); }
Zeile 2355	Zeile 2459
$plugins->run_hooks("usercp_do_avatar_start"); require_once MYBB_ROOT."inc/functions_upload.php";	$plugins->run_hooks("usercp_do_avatar_start"); require_once MYBB_ROOT."inc/functions_upload.php";

$avatar_error = ""; if(!empty($mybb->input['remove'])) // remove avatar	$avatar_error = ""; if(!empty($mybb->input['remove'])) // remove avatar
Zeile 2367	Zeile 2471
); $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); remove_avatars($mybb->user['uid']);	); $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); remove_avatars($mybb->user['uid']);
}	}
elseif($_FILES['avatarupload']['name']) // upload avatar { if($mybb->usergroup['canuploadavatars'] == 0) { error_no_permission();	elseif($_FILES['avatarupload']['name']) // upload avatar { if($mybb->usergroup['canuploadavatars'] == 0) { error_no_permission();
}	}
$avatar = upload_avatar();	$avatar = upload_avatar();
if($avatar['error'])	if(!empty($avatar['error']))
{ $avatar_error = $avatar['error']; }	{ $avatar_error = $avatar['error']; }
Zeile 2392	Zeile 2496
); $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); }	); $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); }
	} elseif(!$mybb->settings['allowremoteavatars'] && !$_FILES['avatarupload']['name']) // missing avatar image { $avatar_error = $lang->error_avatarimagemissing;
} elseif($mybb->settings['allowremoteavatars']) // remote avatar {	} elseif($mybb->settings['allowremoteavatars']) // remote avatar {
Zeile 2475	Zeile 2583
$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $avatar_error = $lang->error_avatartoobig; }	$lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $avatar_error = $lang->error_avatartoobig; }
} }	} } // Limiting URL string to stay within database limit if(strlen($mybb->input['avatarurl']) > 200) { $avatar_error = $lang->error_avatarurltoolong; }
if(empty($avatar_error)) {	if(empty($avatar_error)) {
Zeile 2493	Zeile 2607
remove_avatars($mybb->user['uid']); } }	remove_avatars($mybb->user['uid']); } }
}	}
else // remote avatar, but remote avatars are not allowed { $avatar_error = $lang->error_remote_avatar_not_allowed;	else // remote avatar, but remote avatars are not allowed { $avatar_error = $lang->error_remote_avatar_not_allowed;
Zeile 2510	Zeile 2624
$avatar_error = inline_error($avatar_error); } }	$avatar_error = inline_error($avatar_error); } }

if($mybb->input['action'] == "avatar") { $plugins->run_hooks("usercp_avatar_start");	if($mybb->input['action'] == "avatar") { $plugins->run_hooks("usercp_avatar_start");

$avatarmsg = $avatarurl = ''; if($mybb->user['avatartype'] == "upload" \|\| stristr($mybb->user['avatar'], $mybb->settings['avataruploadpath']))	$avatarmsg = $avatarurl = ''; if($mybb->user['avatartype'] == "upload" \|\| stristr($mybb->user['avatar'], $mybb->settings['avataruploadpath']))
{	{
$avatarmsg = "<br /><strong>".$lang->already_uploaded_avatar."</strong>"; } elseif($mybb->user['avatartype'] == "remote" \|\| my_validate_url($mybb->user['avatar']))	$avatarmsg = "<br /><strong>".$lang->already_uploaded_avatar."</strong>"; } elseif($mybb->user['avatartype'] == "remote" \|\| my_validate_url($mybb->user['avatar']))
Zeile 2540	Zeile 2654
{ $maxsize = get_friendly_size($mybb->settings['avatarsize']*1024); $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);	{ $maxsize = get_friendly_size($mybb->settings['avatarsize']*1024); $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize);
} $plugins->run_hooks("usercp_avatar_intermediate");	} $plugins->run_hooks("usercp_avatar_intermediate");
$auto_resize = ''; if($mybb->settings['avatarresizing'] == "auto")	$auto_resize = ''; if($mybb->settings['avatarresizing'] == "auto")
{	{
eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";"); } elseif($mybb->settings['avatarresizing'] == "user") { eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");	eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_auto")."\";"); } elseif($mybb->settings['avatarresizing'] == "user") { eval("\$auto_resize = \"".$templates->get("usercp_avatar_auto_resize_user")."\";");
}	}
$avatarupload = ''; if($mybb->usergroup['canuploadavatars'] == 1)	$avatarupload = ''; if($mybb->usergroup['canuploadavatars'] == 1)
Zeile 2568	Zeile 2682
$removeavatar = ''; if(!empty($mybb->user['avatar']))	$removeavatar = ''; if(!empty($mybb->user['avatar']))
{	{
eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";"); }	eval("\$removeavatar = \"".$templates->get("usercp_avatar_remove")."\";"); }
Zeile 2609	Zeile 2723
else { $user['buddylist'] = array();	else { $user['buddylist'] = array();
}	}
$user['buddylist'][] = (int)$mybb->user['uid'];	$user['buddylist'][] = (int)$mybb->user['uid'];

// Now we have the new list, so throw it all back together $new_list = implode(",", $user['buddylist']);	// Now we have the new list, so throw it all back together $new_list = implode(",", $user['buddylist']);
// And clean it up a little to ensure there is no possibility of bad values $new_list = preg_replace("#,{2,}#", ",", $new_list); $new_list = preg_replace("#[^0-9,]#", "", $new_list); if(my_substr($new_list, 0, 1) == ",") { $new_list = my_substr($new_list, 1); } if(my_substr($new_list, -1) == ",") { $new_list = my_substr($new_list, 0, my_strlen($new_list)-2);	// And clean it up a little to ensure there is no possibility of bad values $new_list = preg_replace("#,{2,}#", ",", $new_list); $new_list = preg_replace("#[^0-9,]#", "", $new_list); if(my_substr($new_list, 0, 1) == ",") { $new_list = my_substr($new_list, 1); } if(my_substr($new_list, -1) == ",") { $new_list = my_substr($new_list, 0, my_strlen($new_list)-2);
} $user['buddylist'] = $db->escape_string($new_list);	} $user['buddylist'] = $db->escape_string($new_list);
Zeile 2642	Zeile 2756
else { $mybb->user['buddylist'] = array();	else { $mybb->user['buddylist'] = array();
}	}
$mybb->user['buddylist'][] = (int)$request['uid'];	$mybb->user['buddylist'][] = (int)$request['uid'];
Zeile 2675	Zeile 2789
); send_pm($pm, $mybb->user['uid'], true);	); send_pm($pm, $mybb->user['uid'], true);
$db->delete_query('buddyrequests', 'id='.(int)$request['id']); } else { error($lang->user_doesnt_exist); } $plugins->run_hooks("usercp_acceptrequest_end");	$db->delete_query('buddyrequests', 'id='.(int)$request['id']); } else { error($lang->user_doesnt_exist); } $plugins->run_hooks("usercp_acceptrequest_end");
redirect("usercp.php?action=editlists", $lang->buddyrequest_accepted); } elseif($mybb->input['action'] == "declinerequest")	redirect("usercp.php?action=editlists", $lang->buddyrequest_accepted); } elseif($mybb->input['action'] == "declinerequest")
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
// Validate request $query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);	// Validate request $query = $db->simple_select('buddyrequests', '*', 'id='.$mybb->get_input('id', MyBB::INPUT_INT).' AND touid='.(int)$mybb->user['uid']);
$request = $db->fetch_array($query); if(empty($request)) { error($lang->invalid_request); }	$request = $db->fetch_array($query); if(empty($request)) { error($lang->invalid_request); }
$plugins->run_hooks("usercp_declinerequest_start"); $user = get_user($request['uid']);	$plugins->run_hooks("usercp_declinerequest_start"); $user = get_user($request['uid']);
Zeile 2716	Zeile 2830
$plugins->run_hooks("usercp_declinerequest_end"); redirect("usercp.php?action=editlists", $lang->buddyrequest_declined);	$plugins->run_hooks("usercp_declinerequest_end"); redirect("usercp.php?action=editlists", $lang->buddyrequest_declined);
}	}
elseif($mybb->input['action'] == "cancelrequest") { // Verify incoming POST request	elseif($mybb->input['action'] == "cancelrequest") { // Verify incoming POST request
Zeile 2741	Zeile 2855
} if($mybb->input['action'] == "do_editlists")	} if($mybb->input['action'] == "do_editlists")
{	{
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
Zeile 2874	Zeile 2988
elseif($mybb->get_input('manage') == "ignored") { $error_message = $lang->users_already_sent_request_alt;	elseif($mybb->get_input('manage') == "ignored") { $error_message = $lang->users_already_sent_request_alt;
} array_pop($users); // To maintain a proper count when we call count($users) continue;	} array_pop($users); // To maintain a proper count when we call count($users) continue;
} if(isset($requests_rec[$user['uid']]))	} if(isset($requests_rec[$user['uid']]))
Zeile 2967	Zeile 3081
else { $error_message = $lang->cant_add_self_to_buddy_list;	else { $error_message = $lang->cant_add_self_to_buddy_list;
}	}
} if(count($existing_users) == 0)	} if(count($existing_users) == 0)
Zeile 3103	Zeile 3217
{ echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n"; echo "\$(\"#buddylink\").remove();\n";	{ echo "\$(\"#".$mybb->get_input('manage')."_count\").html(\"0\");\n"; echo "\$(\"#buddylink\").remove();\n";

if($mybb->get_input('manage') == "ignored") { echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";	if($mybb->get_input('manage') == "ignored") { echo "\$(\"#ignore_list\").html(\"<li>{$lang->ignore_list_empty}</li>\");\n";
Zeile 3232	Zeile 3346
eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");	eval("\$sent_requests = \"".$templates->get("usercp_editlists_sent_requests", 1, 0)."\";");
echo $sentrequests;
echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>"; } else	echo $sent_requests."<script type=\"text/javascript\">{$message_js}</script>"; } else
Zeile 3244	Zeile 3357
exit; }	exit; }
$received_rows = '';	$received_rows = $bgcolor = '';
$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r	$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r
Zeile 3266	Zeile 3379
eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");	eval("\$received_requests = \"".$templates->get("usercp_editlists_received_requests")."\";");
$sent_rows = '';	$sent_rows = $bgcolor = '';
$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r	$query = $db->query(" SELECT r.*, u.username FROM ".TABLE_PREFIX."buddyrequests r
Zeile 3313	Zeile 3426
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid) WHERE p.uid = '{$mybb->user['uid']}' AND p.visible = '-2'	LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid) WHERE p.uid = '{$mybb->user['uid']}' AND p.visible = '-2'
ORDER BY p.dateline DESC	ORDER BY p.dateline DESC, p.pid DESC
"); while($draft = $db->fetch_array($query))	"); while($draft = $db->fetch_array($query))
Zeile 3361	Zeile 3474
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_drafts_start");
$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY); if(empty($mybb->input['deletedraft'])) { error($lang->no_drafts_selected); }	$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT_ARRAY); if(empty($mybb->input['deletedraft'])) { error($lang->no_drafts_selected); }
	$plugins->run_hooks("usercp_do_drafts_start");
$pidin = array(); $tidin = array();	$pidin = array(); $tidin = array();

foreach($mybb->input['deletedraft'] as $id => $val) { if($val == "post") { $pidin[] = "'".(int)$id."'";	foreach($mybb->input['deletedraft'] as $id => $val) { if($val == "post") { $pidin[] = "'".(int)$id."'";
}	}
elseif($val == "thread") { $tidin[] = "'".(int)$id."'"; } } if($tidin)	elseif($val == "thread") { $tidin[] = "'".(int)$id."'"; } } if($tidin)
{	{
$tidin = implode(",", $tidin); $db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'"); $tidinp = "OR tid IN ($tidin)";	$tidin = implode(",", $tidin); $db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'"); $tidinp = "OR tid IN ($tidin)";
	} else { $tidinp = '';
} if($pidin \|\| $tidinp) {	} if($pidin \|\| $tidinp) {
Zeile 3406	Zeile 3526
if($mybb->input['action'] == "usergroups") {	if($mybb->input['action'] == "usergroups") {
$plugins->run_hooks("usercp_usergroups_start");
$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].","; $usergroups = $mybb->cache->read('usergroups');	$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].","; $usergroups = $mybb->cache->read('usergroups');
	$plugins->run_hooks("usercp_usergroups_start");
// Changing our display group if($mybb->get_input('displaygroup', MyBB::INPUT_INT))	// Changing our display group if($mybb->get_input('displaygroup', MyBB::INPUT_INT))
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false) { error($lang->not_member_of_group);	if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false) { error($lang->not_member_of_group);
Zeile 3438	Zeile 3559
if($mybb->get_input('leavegroup', MyBB::INPUT_INT)) { // Verify incoming POST request	if($mybb->get_input('leavegroup', MyBB::INPUT_INT)) { // Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);	verify_post_check($mybb->get_input('my_post_key'));
if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false) { error($lang->not_member_of_group); } if($mybb->user['usergroup'] == $mybb->get_input('leavegroup', MyBB::INPUT_INT))	if(my_strpos($ingroups, ",".$mybb->get_input('leavegroup', MyBB::INPUT_INT).",") === false) { error($lang->not_member_of_group); } if($mybb->user['usergroup'] == $mybb->get_input('leavegroup', MyBB::INPUT_INT))
{	{
error($lang->cannot_leave_primary_group); }	error($lang->cannot_leave_primary_group); }
Zeile 3459	Zeile 3580
redirect("usercp.php?action=usergroups", $lang->left_group); exit; }	redirect("usercp.php?action=usergroups", $lang->left_group); exit; }

$groupleaders = array(); // List of usergroup leaders	$groupleaders = array(); // List of usergroup leaders
Zeile 3472	Zeile 3593
while($leader = $db->fetch_array($query)) { $groupleaders[$leader['gid']][$leader['uid']] = $leader;	while($leader = $db->fetch_array($query)) { $groupleaders[$leader['gid']][$leader['uid']] = $leader;
}	}
// Joining a group if($mybb->get_input('joingroup', MyBB::INPUT_INT)) {	// Joining a group if($mybb->get_input('joingroup', MyBB::INPUT_INT)) {
Zeile 3500	Zeile 3621
$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'"); $joinrequest = $db->fetch_array($query);	$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('joingroup', MyBB::INPUT_INT)."'"); $joinrequest = $db->fetch_array($query);
if($joinrequest['rid'])	if($joinrequest)
{ error($lang->already_sent_join_request); }	{ error($lang->already_sent_join_request); }
Zeile 3508	Zeile 3629
if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4) { $reasonlength = my_strlen($mybb->get_input('reason'));	if($mybb->get_input('do') == "joingroup" && $usergroup['type'] == 4) { $reasonlength = my_strlen($mybb->get_input('reason'));

if($reasonlength > 250) // Reason field is varchar(250) in database	if($reasonlength > 250) // Reason field is varchar(250) in database
{	{
error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250))); }	error($lang->sprintf($lang->joinreason_too_long, ($reasonlength - 250))); }
Zeile 3531	Zeile 3652
// Load language $lang->set_language($leader['language']); $lang->load("messages");	// Load language $lang->set_language($leader['language']); $lang->load("messages");

$subject = $lang->sprintf($lang->emailsubject_newjoinrequest, $mybb->settings['bbname']); $message = $lang->sprintf($lang->email_groupleader_joinrequest, $leader['username'], $mybb->user['username'], $usergroup['title'], $mybb->settings['bbname'], $mybb->get_input('reason'), $mybb->settings['bburl'], $leader['gid']); my_mail($leader['email'], $subject, $message); } }	$subject = $lang->sprintf($lang->emailsubject_newjoinrequest, $mybb->settings['bbname']); $message = $lang->sprintf($lang->email_groupleader_joinrequest, $leader['username'], $mybb->user['username'], $usergroup['title'], $mybb->settings['bbname'], $mybb->get_input('reason'), $mybb->settings['bburl'], $leader['gid']); my_mail($leader['email'], $subject, $message); } }

// Load language $lang->set_language($mybb->user['language']); $lang->load("messages"); $plugins->run_hooks("usercp_usergroups_join_group_request"); redirect("usercp.php?action=usergroups", $lang->group_join_requestsent);	// Load language $lang->set_language($mybb->user['language']); $lang->load("messages"); $plugins->run_hooks("usercp_usergroups_join_group_request"); redirect("usercp.php?action=usergroups", $lang->group_join_requestsent);
exit;	exit;
} elseif($usergroup['type'] == 4) {	} elseif($usergroup['type'] == 4) {
Zeile 3557	Zeile 3678
{ join_usergroup($mybb->user['uid'], $mybb->get_input('joingroup', MyBB::INPUT_INT)); $plugins->run_hooks("usercp_usergroups_join_group");	{ join_usergroup($mybb->user['uid'], $mybb->get_input('joingroup', MyBB::INPUT_INT)); $plugins->run_hooks("usercp_usergroups_join_group");
redirect("usercp.php?action=usergroups", $lang->joined_group);	redirect("usercp.php?action=usergroups", $lang->joined_group);
} }	} }
Zeile 3576	Zeile 3697
$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('acceptinvite', MyBB::INPUT_INT)."' AND invite='1'"); $joinrequest = $db->fetch_array($query);	$query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".$mybb->get_input('acceptinvite', MyBB::INPUT_INT)."' AND invite='1'"); $joinrequest = $db->fetch_array($query);
if($joinrequest['rid'])	if($joinrequest)
{ join_usergroup($mybb->user['uid'], $mybb->get_input('acceptinvite', MyBB::INPUT_INT)); $db->delete_query("joinrequests", "uid='{$mybb->user['uid']}' AND gid='".$mybb->get_input('acceptinvite', MyBB::INPUT_INT)."'");	{ join_usergroup($mybb->user['uid'], $mybb->get_input('acceptinvite', MyBB::INPUT_INT)); $db->delete_query("joinrequests", "uid='{$mybb->user['uid']}' AND gid='".$mybb->get_input('acceptinvite', MyBB::INPUT_INT)."'");
Zeile 3586	Zeile 3707
else { error($lang->no_pending_invitation);	else { error($lang->no_pending_invitation);
} }	} }
// Show listing of various group related things // List of groups this user is a leader of	// Show listing of various group related things // List of groups this user is a leader of
Zeile 3647	Zeile 3768
$usergroup = $usergroups[$mybb->user['usergroup']]; $usergroup['title'] = htmlspecialchars_uni($usergroup['title']); $usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);	$usergroup = $usergroups[$mybb->user['usergroup']]; $usergroup['title'] = htmlspecialchars_uni($usergroup['title']); $usergroup['usertitle'] = htmlspecialchars_uni($usergroup['usertitle']);
$usergroup['description'] = htmlspecialchars_uni($usergroup['description']);	if($usergroup['description']) { $usergroup['description'] = htmlspecialchars_uni($usergroup['description']); eval("\$description = \"".$templates->get("usercp_usergroups_memberof_usergroup_description")."\";"); }
eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";"); $trow = alt_trow(); if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])	eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveprimary")."\";"); $trow = alt_trow(); if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])
Zeile 3667	Zeile 3792
$showmemberof = false; if($mybb->user['additionalgroups']) {	$showmemberof = false; if($mybb->user['additionalgroups']) {
$query = $db->simple_select("usergroups", "*", "gid IN (".$mybb->user['additionalgroups'].") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title'));	$additionalgroups = implode( ',', array_map( 'intval', explode(',', $mybb->user['additionalgroups']) ) ); $query = $db->simple_select("usergroups", "*", "gid IN (".$additionalgroups.") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title'));
while($usergroup = $db->fetch_array($query)) { $showmemberof = true;	while($usergroup = $db->fetch_array($query)) { $showmemberof = true;
Zeile 3675	Zeile 3807
if(isset($groupleader[$usergroup['gid']])) { eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveleader")."\";");	if(isset($groupleader[$usergroup['gid']])) { eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveleader")."\";");
}	}
elseif($usergroup['type'] != 4 && $usergroup['type'] != 3 && $usergroup['type'] != 5) { eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveother")."\";");	elseif($usergroup['type'] != 4 && $usergroup['type'] != 3 && $usergroup['type'] != 5) { eval("\$leavelink = \"".$templates->get("usercp_usergroups_memberof_usergroup_leaveother")."\";");
Zeile 3695	Zeile 3827
} $trow = alt_trow(); if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])	} $trow = alt_trow(); if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup'])
{	{
eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";"); } elseif($usergroup['candisplaygroup'] == 1) { eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");	eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_display")."\";"); } elseif($usergroup['candisplaygroup'] == 1) { eval("\$displaycode = \"".$templates->get("usercp_usergroups_memberof_usergroup_setdisplay")."\";");
}	}
else { $displaycode = '';	else { $displaycode = '';
Zeile 3714	Zeile 3846
// List of groups this user has applied for but has not been accepted in to $query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'"); while($request = $db->fetch_array($query))	// List of groups this user has applied for but has not been accepted in to $query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'"); while($request = $db->fetch_array($query))
{	{
$appliedjoin[$request['gid']] = $request['dateline']; }	$appliedjoin[$request['gid']] = $request['dateline']; }
Zeile 3722	Zeile 3854
$existinggroups = $mybb->user['usergroup']; if($mybb->user['additionalgroups']) {	$existinggroups = $mybb->user['usergroup']; if($mybb->user['additionalgroups']) {
$existinggroups .= ",".$mybb->user['additionalgroups'];	$additionalgroups = implode( ',', array_map( 'intval', explode(',', $mybb->user['additionalgroups']) ) ); $existinggroups .= ",".$additionalgroups;
} $joinablegroups = $joinablegrouplist = '';	} $joinablegroups = $joinablegrouplist = '';
Zeile 3804	Zeile 3943
if($mybb->input['action'] == "attachments") {	if($mybb->input['action'] == "attachments") {
$plugins->run_hooks("usercp_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php";	require_once MYBB_ROOT."inc/functions_upload.php";

if($mybb->settings['enableattachments'] == 0) { error($lang->attachments_disabled);	if($mybb->settings['enableattachments'] == 0) { error($lang->attachments_disabled);
} // Get unviewable forums $f_perm_sql = '';	} $plugins->run_hooks("usercp_attachments_start"); // Get unviewable forums $f_perm_sql = '';
$unviewable_forums = get_unviewable_forums(true); $inactiveforums = get_inactive_forums(); if($unviewable_forums)	$unviewable_forums = get_unviewable_forums(true); $inactiveforums = get_inactive_forums(); if($unviewable_forums)
Zeile 3826	Zeile 3966
} $attachments = '';	} $attachments = '';
$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'"); $usage = $db->fetch_array($query); $totalattachments = $usage['acount'];
// Pagination if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)	// Pagination if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)
{	{
$mybb->settings['threadsperpage'] = 20; }	$mybb->settings['threadsperpage'] = 20; }
Zeile 3843	Zeile 3979
if($page > 0) { $start = ($page-1) * $perpage;	if($page > 0) { $start = ($page-1) * $perpage;
$pages = ceil($totalattachments / $perpage); if($page > $pages) { $start = 0; $page = 1; }
} else {	} else {
Zeile 3865	Zeile 3995
LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}	LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}
ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}	ORDER BY p.dateline DESC, p.pid DESC LIMIT {$start}, {$perpage}
");	");
$bandwidth = $totaldownloads = 0;	$bandwidth = $totaldownloads = $totalusage = $totalattachments = $processedattachments = 0;
while($attachment = $db->fetch_array($query)) { if($attachment['dateline'] && $attachment['tid'])	while($attachment = $db->fetch_array($query)) { if($attachment['dateline'] && $attachment['tid'])
Zeile 3887	Zeile 4017
$altbg = alt_trow(); eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";");	$altbg = alt_trow(); eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";");

// Add to bandwidth total $bandwidth += ($attachment['filesize'] * $attachment['downloads']); $totaldownloads += $attachment['downloads'];	// Add to bandwidth total $bandwidth += ($attachment['filesize'] * $attachment['downloads']); $totaldownloads += $attachment['downloads'];
	$totalusage += $attachment['filesize']; ++$totalattachments;
} else { // This little thing delets attachments without a thread/post remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']); }	} else { // This little thing delets attachments without a thread/post remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']); }
	++$processedattachments; } $multipage = ''; if($processedattachments >= $perpage \|\| $page > 1) { $query = $db->query(" SELECT SUM(a.filesize) AS ausage, COUNT(a.aid) AS acount FROM ".TABLE_PREFIX."attachments a LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql} "); $usage = $db->fetch_array($query); $totalusage = $usage['ausage']; $totalattachments = $usage['acount']; $multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");
}	}
$totalusage = $usage['ausage'];
$friendlyusage = get_friendly_size((int)$totalusage); if($mybb->usergroup['attachquota']) {	$friendlyusage = get_friendly_size((int)$totalusage); if($mybb->usergroup['attachquota']) {
Zeile 3912	Zeile 4061
{ $attachquota = $lang->unlimited; $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);	{ $attachquota = $lang->unlimited; $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments);
} $multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments");	}
$bandwidth = get_friendly_size($bandwidth);	$bandwidth = get_friendly_size($bandwidth);
	eval("\$delete_button = \"".$templates->get("delete_attachments_button")."\";");
if(!$attachments) { eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); $usagenote = '';	if(!$attachments) { eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); $usagenote = '';
}	$delete_button = ''; }
$plugins->run_hooks("usercp_attachments_end"); eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";");	$plugins->run_hooks("usercp_attachments_end"); eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";");
Zeile 3934	Zeile 4085
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php"; if(!isset($mybb->input['attachments']) \|\| !is_array($mybb->input['attachments'])) { error($lang->no_attachments_selected);	require_once MYBB_ROOT."inc/functions_upload.php"; if(!isset($mybb->input['attachments']) \|\| !is_array($mybb->input['attachments'])) { error($lang->no_attachments_selected);
}	} $plugins->run_hooks("usercp_do_attachments_start");
// Get unviewable forums $f_perm_sql = '';	// Get unviewable forums $f_perm_sql = '';
Zeile 3952	Zeile 4104
if($inactiveforums) { $f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)";	if($inactiveforums) { $f_perm_sql .= " AND p.fid NOT IN ($inactiveforums)";
} $aids = implode(',', array_map('intval', $mybb->input['attachments']));	} $aids = implode(',', array_map('intval', $mybb->input['attachments']));
$query = $db->query(" SELECT a.*, p.fid FROM ".TABLE_PREFIX."attachments a	$query = $db->query(" SELECT a.*, p.fid FROM ".TABLE_PREFIX."attachments a
Zeile 4024	Zeile 4176
$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100'); $avatar_username = htmlspecialchars_uni($mybb->user['username']); eval("\$avatar = \"".$templates->get("usercp_currentavatar")."\";");	$useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100'); $avatar_username = htmlspecialchars_uni($mybb->user['username']); eval("\$avatar = \"".$templates->get("usercp_currentavatar")."\";");
	$mybb->user['email'] = htmlspecialchars_uni($mybb->user['email']);
$usergroup = htmlspecialchars_uni($groupscache[$mybb->user['usergroup']]['title']); if($mybb->user['usergroup'] == 5 && $mybb->settings['regtype'] != "admin")	$usergroup = htmlspecialchars_uni($groupscache[$mybb->user['usergroup']]['title']); if($mybb->user['usergroup'] == 5 && $mybb->settings['regtype'] != "admin")
Zeile 4031	Zeile 4185
eval("\$usergroup .= \"".$templates->get("usercp_resendactivation")."\";"); } // Make reputations row	eval("\$usergroup .= \"".$templates->get("usercp_resendactivation")."\";"); } // Make reputations row
$reputations = '';	$reputation = '';
if($mybb->usergroup['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) { $reputation_link = get_reputation($mybb->user['reputation']);	if($mybb->usergroup['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) { $reputation_link = get_reputation($mybb->user['reputation']);
Zeile 4140	Zeile 4294
$mybb->user['posts'] = my_number_format($mybb->user['postnum']); // Build referral link	$mybb->user['posts'] = my_number_format($mybb->user['postnum']); // Build referral link
	$referral_info = '';
if($mybb->settings['usereferrals'] == 1) { $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);	if($mybb->settings['usereferrals'] == 1) { $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']);
Zeile 4165	Zeile 4320
$query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1)); if($db->num_rows($query)) {	$query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1)); if($db->num_rows($query)) {
$visible = "AND t.visible != 0"; if(is_moderator() == true)	$where = array( "s.uid={$mybb->user['uid']}", "t.lastposteruid!={$mybb->user['uid']}", get_visible_where('t') ); if($unviewable_forums = get_unviewable_forums(true)) { $where[] = "t.fid NOT IN ({$unviewable_forums})"; } if($inactive_forums = get_inactive_forums())
{	{
$visible = '';	$where[] = "t.fid NOT IN ({$inactive_forums})";
}	}
	$where = implode(' AND ', $where);
$query = $db->query(" SELECT s., t., t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)	$query = $db->query(" SELECT s., t., t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threadsubscriptions s LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE s.uid='".$mybb->user['uid']."' {$visible}	WHERE {$where}
ORDER BY t.lastpost DESC LIMIT 0, 10 ");	ORDER BY t.lastpost DESC LIMIT 0, 10 ");
	$subscriptions = array();
$fpermissions = forum_permissions();	$fpermissions = forum_permissions();

while($subscription = $db->fetch_array($query)) { $forumpermissions = $fpermissions[$subscription['fid']];	while($subscription = $db->fetch_array($query)) { $forumpermissions = $fpermissions[$subscription['fid']];
if($forumpermissions['canview'] != 0 && $forumpermissions['canviewthreads'] != 0 && ($forumpermissions['canonlyviewownthreads'] == 0 \|\| $subscription['uid'] == $mybb->user['uid']))	if(!isset($forumpermissions['canonlyviewownthreads']) \|\| $forumpermissions['canonlyviewownthreads'] == 0 \|\| $subscription['uid'] == $mybb->user['uid'])
{ $subscriptions[$subscription['tid']] = $subscription; } }	{ $subscriptions[$subscription['tid']] = $subscription; } }
if(is_array($subscriptions))	if($subscriptions)
{ $tids = implode(",", array_keys($subscriptions));	{ $tids = implode(",", array_keys($subscriptions));
Zeile 4225	Zeile 4395
$icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes();	$icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes();
	$latest_subscribed_threads = '';
foreach($subscriptions as $thread) {	foreach($subscriptions as $thread) {
Zeile 4233	Zeile 4404
$folder_label = ''; $gotounread = '';	$folder_label = ''; $gotounread = '';
if($thread['tid'])	if(!empty($thread['tid']))
{ $bgcolor = alt_trow(); $thread['subject'] = $parser->parse_badwords($thread['subject']);	{ $bgcolor = alt_trow(); $thread['subject'] = $parser->parse_badwords($thread['subject']);
Zeile 4265	Zeile 4436
$icon = " "; }	$icon = " "; }
if($thread['doticon'])	if(!isset($thread['doticon']))
{ $folder = "dot_"; $folder_label .= $lang->icon_dot; } // Check to see which icon we display	{ $folder = "dot_"; $folder_label .= $lang->icon_dot; } // Check to see which icon we display
if($thread['lastread'] && $thread['lastread'] < $thread['lastpost'])	if(!empty($thread['lastread']) && $thread['lastread'] < $thread['lastpost'])
{ $folder .= "new"; $folder_label .= $lang->icon_new;	{ $folder .= "new"; $folder_label .= $lang->icon_new;
Zeile 4327	Zeile 4498
} // User's Latest Threads	} // User's Latest Threads
	$where = array( "t.uid={$mybb->user['uid']}", get_visible_where('t') ); if($unviewable_forums = get_unviewable_forums(true)) { $where[] = "t.fid NOT IN ({$unviewable_forums})"; } if($inactive_forums = get_inactive_forums()) { $where[] = "t.fid NOT IN ({$inactive_forums})"; } $where = implode(' AND ', $where);

// Get unviewable forums $f_perm_sql = ''; $unviewable_forums = get_unviewable_forums(); $inactiveforums = get_inactive_forums(); if($unviewable_forums) { $f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)"; } if($inactiveforums) { $f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)"; } $visible = " AND t.visible != 0"; if(is_moderator() == true) { $visible = ''; }
$query = $db->query(" SELECT t.*, t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threads t LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)	$query = $db->query(" SELECT t.*, t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threads t LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
WHERE t.uid='".$mybb->user['uid']."' AND t.firstpost != 0 AND t.visible >= 0 {$visible}{$f_perm_sql}	WHERE {$where}
ORDER BY t.lastpost DESC LIMIT 0, 5 ");	ORDER BY t.lastpost DESC LIMIT 0, 5 ");

// Figure out whether we can view these threads... $threadcache = array(); $fpermissions = forum_permissions(); while($thread = $db->fetch_array($query)) {	// Figure out whether we can view these threads... $threadcache = array(); $fpermissions = forum_permissions(); while($thread = $db->fetch_array($query)) {
// Moderated, and not moderator? if($thread['visible'] == 0 && is_moderator($thread['fid'], "canviewunapprove") === false) { continue; } $forumpermissions = $fpermissions[$thread['fid']]; if($forumpermissions['canview'] != 0 \|\| $forumpermissions['canviewthreads'] != 0) { $threadcache[$thread['tid']] = $thread; }	$threadcache[$thread['tid']] = $thread;
} $latest_threads = '';	} $latest_threads = '';
Zeile 4421	Zeile 4579
$latest_threads_threads = ''; foreach($threadcache as $thread) {	$latest_threads_threads = ''; foreach($threadcache as $thread) {
$plugins->run_hooks("usercp_latest_threads_thread"); if($thread['tid'])	$plugins->run_hooks("usercp_latest_threads_thread"); if(!empty($thread['tid']))
{ $bgcolor = alt_trow(); $folder = '';	{ $bgcolor = alt_trow(); $folder = '';
Zeile 4483	Zeile 4641
$cutoff = 0; if($thread['lastpost'] > $cutoff) {	$cutoff = 0; if($thread['lastpost'] > $cutoff) {
if($thread['lastread'])	if(!empty($thread['lastread']))
{ $lastread = $thread['lastread']; }	{ $lastread = $thread['lastread']; }
Zeile 4503	Zeile 4661
} // Folder Icons	} // Folder Icons
if($thread['doticon'])	if(!empty($thread['doticon']))
{ $folder = "dot_"; $folder_label .= $lang->icon_dot;	{ $folder = "dot_"; $folder_label .= $lang->icon_dot;