"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "Upload/usercp.php" between
mybb_1822.zip and mybb_1823.zip

About: MyBB is a multilingual, standards-compliant and free forum (discussion board) software.

usercp.php  (mybb_1822):usercp.php  (mybb_1823)
skipping to change at line 47 skipping to change at line 47
$parser = new postParser; $parser = new postParser;
// Load global language phrases // Load global language phrases
$lang->load("usercp"); $lang->load("usercp");
if($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0) if($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0)
{ {
error_no_permission(); error_no_permission();
} }
if(!$mybb->user['pmfolders'])
{
$mybb->user['pmfolders'] = '1**$%%$2**$%%$3**$%%$4**';
$db->update_query('users', array('pmfolders' => $mybb->user['pmfolders'])
, "uid = {$mybb->user['uid']}");
}
$errors = ''; $errors = '';
$mybb->input['action'] = $mybb->get_input('action'); $mybb->input['action'] = $mybb->get_input('action');
usercp_menu(); usercp_menu();
$server_http_referer = htmlentities($_SERVER['HTTP_REFERER']); $server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);
if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0) if(my_strpos($server_http_referer, $mybb->settings['bburl'].'/') !== 0)
{ {
skipping to change at line 158 skipping to change at line 152
case "attachments": case "attachments":
add_breadcrumb($lang->ucp_nav_attachments); add_breadcrumb($lang->ucp_nav_attachments);
break; break;
} }
if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post") if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post")
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
$user = array();
$plugins->run_hooks("usercp_do_profile_start"); $plugins->run_hooks("usercp_do_profile_start");
if($mybb->get_input('away', MyBB::INPUT_INT) == 1 && $mybb->settings['all owaway'] != 0) if($mybb->get_input('away', MyBB::INPUT_INT) == 1 && $mybb->settings['all owaway'] != 0)
{ {
$awaydate = TIME_NOW; $awaydate = TIME_NOW;
if(!empty($mybb->input['awayday'])) if(!empty($mybb->input['awayday']))
{ {
// If the user has indicated that they will return on a s pecific day, but not month or year, assume it is current month and year // If the user has indicated that they will return on a s pecific day, but not month or year, assume it is current month and year
if(!$mybb->get_input('awaymonth', MyBB::INPUT_INT)) if(!$mybb->get_input('awaymonth', MyBB::INPUT_INT))
{ {
skipping to change at line 220 skipping to change at line 216
$bday = array( $bday = array(
"day" => $mybb->get_input('bday1', MyBB::INPUT_INT), "day" => $mybb->get_input('bday1', MyBB::INPUT_INT),
"month" => $mybb->get_input('bday2', MyBB::INPUT_INT), "month" => $mybb->get_input('bday2', MyBB::INPUT_INT),
"year" => $mybb->get_input('bday3', MyBB::INPUT_INT) "year" => $mybb->get_input('bday3', MyBB::INPUT_INT)
); );
// Set up user handler. // Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php"; require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update"); $userhandler = new UserDataHandler("update");
$user = array( $user = array_merge($user, array(
"uid" => $mybb->user['uid'], "uid" => $mybb->user['uid'],
"postnum" => $mybb->user['postnum'], "postnum" => $mybb->user['postnum'],
"usergroup" => $mybb->user['usergroup'], "usergroup" => $mybb->user['usergroup'],
"additionalgroups" => $mybb->user['additionalgroups'], "additionalgroups" => $mybb->user['additionalgroups'],
"birthday" => $bday, "birthday" => $bday,
"birthdayprivacy" => $mybb->get_input('birthdayprivacy'), "birthdayprivacy" => $mybb->get_input('birthdayprivacy'),
"away" => $away, "away" => $away,
"profile_fields" => $mybb->get_input('profile_fields', MyBB::INPU T_ARRAY) "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPU T_ARRAY)
); ));
foreach(array('icq', 'skype', 'google') as $cfield) foreach(array('icq', 'skype', 'google') as $cfield)
{ {
$csetting = 'allow'.$cfield.'field'; $csetting = 'allow'.$cfield.'field';
if($mybb->settings[$csetting] == '') if($mybb->settings[$csetting] == '')
{ {
continue; continue;
} }
if(!is_member($mybb->settings[$csetting])) if(!is_member($mybb->settings[$csetting]))
{ {
continue; continue;
} }
if($cfield == 'icq') if($cfield == 'icq')
{ {
$user[$cfield] = $mybb->get_input($cfield, 1); $user[$cfield] = $mybb->get_input($cfield, 1);
if(my_strlen($user[$cfield]) > 10)
{
error($lang->contact_field_icqerror);
}
} }
else else
{ {
$user[$cfield] = $mybb->get_input($cfield); $user[$cfield] = $mybb->get_input($cfield);
if(my_strlen($user[$cfield]) > 75)
{
error($lang->contact_field_error);
}
} }
} }
if($mybb->usergroup['canchangewebsite'] == 1) if($mybb->usergroup['canchangewebsite'] == 1)
{ {
$user['website'] = $mybb->get_input('website'); $user['website'] = $mybb->get_input('website');
} }
if($mybb->usergroup['cancustomtitle'] == 1) if($mybb->usergroup['cancustomtitle'] == 1)
{ {
skipping to change at line 754 skipping to change at line 760
eval("\$editprofile = \"".$templates->get("usercp_profile")."\";"); eval("\$editprofile = \"".$templates->get("usercp_profile")."\";");
output_page($editprofile); output_page($editprofile);
} }
if($mybb->input['action'] == "do_options" && $mybb->request_method == "post") if($mybb->input['action'] == "do_options" && $mybb->request_method == "post")
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
$user = array();
$plugins->run_hooks("usercp_do_options_start"); $plugins->run_hooks("usercp_do_options_start");
// Set up user handler. // Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php"; require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update"); $userhandler = new UserDataHandler("update");
$user = array( $user = array_merge($user, array(
"uid" => $mybb->user['uid'], "uid" => $mybb->user['uid'],
"style" => $mybb->get_input('style', MyBB::INPUT_INT), "style" => $mybb->get_input('style', MyBB::INPUT_INT),
"dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT), "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),
"timeformat" => $mybb->get_input('timeformat', MyBB::INPUT_INT), "timeformat" => $mybb->get_input('timeformat', MyBB::INPUT_INT),
"timezone" => $db->escape_string($mybb->get_input('timezoneoffset ')), "timezone" => $db->escape_string($mybb->get_input('timezoneoffset ')),
"language" => $mybb->get_input('language'), "language" => $mybb->get_input('language'),
'usergroup' => $mybb->user['usergroup'], 'usergroup' => $mybb->user['usergroup'],
'additionalgroups' => $mybb->user['additionalgroups'] 'additionalgroups' => $mybb->user['additionalgroups']
); ));
$user['options'] = array( $user['options'] = array(
"allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_IN T), "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_IN T),
"hideemail" => $mybb->get_input('hideemail', MyBB::INPUT_INT), "hideemail" => $mybb->get_input('hideemail', MyBB::INPUT_INT),
"subscriptionmethod" => $mybb->get_input('subscriptionmethod', My BB::INPUT_INT), "subscriptionmethod" => $mybb->get_input('subscriptionmethod', My BB::INPUT_INT),
"invisible" => $mybb->get_input('invisible', MyBB::INPUT_INT), "invisible" => $mybb->get_input('invisible', MyBB::INPUT_INT),
"dstcorrection" => $mybb->get_input('dstcorrection', MyBB::INPUT_ INT), "dstcorrection" => $mybb->get_input('dstcorrection', MyBB::INPUT_ INT),
"threadmode" => $mybb->get_input('threadmode'), "threadmode" => $mybb->get_input('threadmode'),
"showimages" => $mybb->get_input('showimages', MyBB::INPUT_INT), "showimages" => $mybb->get_input('showimages', MyBB::INPUT_INT),
"showvideos" => $mybb->get_input('showvideos', MyBB::INPUT_INT), "showvideos" => $mybb->get_input('showvideos', MyBB::INPUT_INT),
skipping to change at line 826 skipping to change at line 834
$userhandler->update_user(); $userhandler->update_user();
$plugins->run_hooks("usercp_do_options_end"); $plugins->run_hooks("usercp_do_options_end");
redirect("usercp.php?action=options", $lang->redirect_optionsupda ted); redirect("usercp.php?action=options", $lang->redirect_optionsupda ted);
} }
} }
if($mybb->input['action'] == "options") if($mybb->input['action'] == "options")
{ {
$plugins->run_hooks("usercp_options_start");
if($errors != '') if($errors != '')
{ {
$user = $mybb->input; $user = $mybb->input;
} }
else else
{ {
$user = $mybb->user; $user = $mybb->user;
} }
$plugins->run_hooks("usercp_options_start");
$languages = $lang->get_languages(); $languages = $lang->get_languages();
$board_language = $langoptions = ''; $board_language = $langoptions = '';
if(count($languages) > 1) if(count($languages) > 1)
{ {
foreach($languages as $name => $language) foreach($languages as $name => $language)
{ {
$language = htmlspecialchars_uni($language); $language = htmlspecialchars_uni($language);
$sel = ''; $sel = '';
if(isset($user['language']) && $user['language'] == $name ) if(isset($user['language']) && $user['language'] == $name )
skipping to change at line 1321 skipping to change at line 1329
eval("\$changemail = \"".$templates->get("usercp_email")."\";"); eval("\$changemail = \"".$templates->get("usercp_email")."\";");
output_page($changemail); output_page($changemail);
} }
if($mybb->input['action'] == "do_password" && $mybb->request_method == "post") if($mybb->input['action'] == "do_password" && $mybb->request_method == "post")
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
$user = array();
$errors = array(); $errors = array();
$plugins->run_hooks("usercp_do_password_start"); $plugins->run_hooks("usercp_do_password_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpa ssword')) == false) if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('oldpa ssword')) == false)
{ {
$errors[] = $lang->error_invalidpassword; $errors[] = $lang->error_invalidpassword;
} }
else else
{ {
// Set up user handler. // Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php"; require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update"); $userhandler = new UserDataHandler("update");
$user = array( $user = array_merge($user, array(
"uid" => $mybb->user['uid'], "uid" => $mybb->user['uid'],
"password" => $mybb->get_input('password'), "password" => $mybb->get_input('password'),
"password2" => $mybb->get_input('password2') "password2" => $mybb->get_input('password2')
); ));
$userhandler->set_data($user); $userhandler->set_data($user);
if(!$userhandler->validate_user()) if(!$userhandler->validate_user())
{ {
$errors = $userhandler->get_friendly_errors(); $errors = $userhandler->get_friendly_errors();
} }
else else
{ {
$userhandler->update_user(); $userhandler->update_user();
skipping to change at line 1382 skipping to change at line 1391
output_page($editpassword); output_page($editpassword);
} }
if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post") if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post")
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
$errors = array(); $errors = array();
$plugins->run_hooks("usercp_do_changename_start");
if($mybb->usergroup['canchangename'] != 1) if($mybb->usergroup['canchangename'] != 1)
{ {
error_no_permission(); error_no_permission();
} }
$user = array();
$plugins->run_hooks("usercp_do_changename_start");
if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('passw ord')) == false) if(validate_password_from_uid($mybb->user['uid'], $mybb->get_input('passw ord')) == false)
{ {
$errors[] = $lang->error_invalidpassword; $errors[] = $lang->error_invalidpassword;
} }
else else
{ {
// Set up user handler. // Set up user handler.
require_once MYBB_ROOT."inc/datahandlers/user.php"; require_once MYBB_ROOT."inc/datahandlers/user.php";
$userhandler = new UserDataHandler("update"); $userhandler = new UserDataHandler("update");
$user = array( $user = array_merge($user, array(
"uid" => $mybb->user['uid'], "uid" => $mybb->user['uid'],
"username" => $mybb->get_input('username') "username" => $mybb->get_input('username')
); ));
$userhandler->set_data($user); $userhandler->set_data($user);
if(!$userhandler->validate_user()) if(!$userhandler->validate_user())
{ {
$errors = $userhandler->get_friendly_errors(); $errors = $userhandler->get_friendly_errors();
} }
else else
{ {
$userhandler->update_user(); $userhandler->update_user();
$plugins->run_hooks("usercp_do_changename_end"); $plugins->run_hooks("usercp_do_changename_end");
redirect("usercp.php?action=changename", $lang->redirect_ namechanged); redirect("usercp.php?action=changename", $lang->redirect_ namechanged);
} }
} }
if(count($errors) > 0) if(count($errors) > 0)
{ {
$errors = inline_error($errors); $errors = inline_error($errors);
$mybb->input['action'] = "changename"; $mybb->input['action'] = "changename";
} }
} }
if($mybb->input['action'] == "changename") if($mybb->input['action'] == "changename")
skipping to change at line 1453 skipping to change at line 1464
eval("\$changename = \"".$templates->get("usercp_changename")."\";"); eval("\$changename = \"".$templates->get("usercp_changename")."\";");
output_page($changename); output_page($changename);
} }
if($mybb->input['action'] == "do_subscriptions") if($mybb->input['action'] == "do_subscriptions")
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_subscriptions_start");
if(!isset($mybb->input['check']) || !is_array($mybb->input['check'])) if(!isset($mybb->input['check']) || !is_array($mybb->input['check']))
{ {
error($lang->no_subscriptions_selected); error($lang->no_subscriptions_selected);
} }
$plugins->run_hooks("usercp_do_subscriptions_start");
// Clean input - only accept integers thanks! // Clean input - only accept integers thanks!
$mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyB B::INPUT_ARRAY)); $mybb->input['check'] = array_map('intval', $mybb->get_input('check', MyB B::INPUT_ARRAY));
$tids = implode(",", $mybb->input['check']); $tids = implode(",", $mybb->input['check']);
// Deleting these subscriptions? // Deleting these subscriptions?
if($mybb->get_input('do') == "delete") if($mybb->get_input('do') == "delete")
{ {
$db->delete_query("threadsubscriptions", "tid IN ($tids) AND uid= '{$mybb->user['uid']}'"); $db->delete_query("threadsubscriptions", "tid IN ($tids) AND uid= '{$mybb->user['uid']}'");
} }
// Changing subscription type // Changing subscription type
skipping to change at line 2088 skipping to change at line 2099
// Naming of the hook retained for backward compatibility while d ropping usercp2.php // Naming of the hook retained for backward compatibility while d ropping usercp2.php
$plugins->run_hooks("usercp2_addsubscription_thread"); $plugins->run_hooks("usercp2_addsubscription_thread");
eval("\$add_subscription = \"".$templates->get("usercp_addsubscri ption_thread")."\";"); eval("\$add_subscription = \"".$templates->get("usercp_addsubscri ption_thread")."\";");
output_page($add_subscription); output_page($add_subscription);
exit; exit;
} }
} }
if($mybb->input['action'] == "removesubscription") if($mybb->input['action'] == "removesubscription" && ($mybb->request_method == " post" || verify_post_check($mybb->get_input('my_post_key'), true)))
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
if($mybb->get_input('type') == "forum") if($mybb->get_input('type') == "forum")
{ {
$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
if(!$forum) if(!$forum)
{ {
error($lang->error_invalidforum); error($lang->error_invalidforum);
skipping to change at line 2154 skipping to change at line 2165
$url = $server_http_referer; $url = $server_http_referer;
} }
else else
{ {
$url = "usercp.php?action=subscriptions"; $url = "usercp.php?action=subscriptions";
} }
redirect($url, $lang->redirect_subscriptionremoved); redirect($url, $lang->redirect_subscriptionremoved);
} }
} }
// Show remove subscription form when GET method and without valid my_post_key
if($mybb->input['action'] == "removesubscription")
{
$referrer = '';
if($mybb->get_input('type') == "forum")
{
$forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
if(!$forum)
{
error($lang->error_invalidforum);
}
add_breadcrumb($lang->nav_forumsubscriptions, "usercp.php?action=
forumsubscriptions");
add_breadcrumb($lang->nav_removesubscription);
$forumpermissions = forum_permissions($forum['fid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canvie
wthreads'] == 0)
{
error_no_permission();
}
// check if the forum requires a password to view. If so, we need
to show a form to the user
check_forum_password($forum['fid']);
$lang->unsubscribe_from_forum = $lang->sprintf($lang->unsubscribe
_from_forum, $forum['name']);
// Naming of the hook retained for backward compatibility while d
ropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_display_forum");
eval("\$remove_forum_subscription = \"".$templates->get("usercp_r
emovesubscription_forum")."\";");
output_page($remove_forum_subscription);
exit;
}
else
{
$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if(!$thread || $thread['visible'] == -1)
{
error($lang->error_invalidthread);
}
// Is the currently logged in user a moderator of this forum?
$ismod = is_moderator($thread['fid']);
// Make sure we are looking at a real thread here.
if(($thread['visible'] != 1 && $ismod == false) || ($thread['visi
ble'] > 1 && $ismod == true))
{
error($lang->error_invalidthread);
}
add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscrip
tions");
add_breadcrumb($lang->nav_removesubscription);
$forumpermissions = forum_permissions($thread['fid']);
if($forumpermissions['canview'] == 0 || $forumpermissions['canvie
wthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forump
ermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']
))
{
error_no_permission();
}
// check if the forum requires a password to view. If so, we need
to show a form to the user
check_forum_password($thread['fid']);
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;
$thread['subject'] = $parser->parse_badwords($thread['subject']);
$thread['subject'] = htmlspecialchars_uni($thread['subject']);
$lang->unsubscribe_from_thread = $lang->sprintf($lang->unsubscrib
e_from_thread, $thread['subject']);
// Naming of the hook retained for backward compatibility while d
ropping usercp2.php
$plugins->run_hooks("usercp2_removesubscription_display_thread");
eval("\$remove_thread_subscription = \"".$templates->get("usercp_
removesubscription_thread")."\";");
output_page($remove_thread_subscription);
exit;
}
}
if($mybb->input['action'] == "removesubscriptions") if($mybb->input['action'] == "removesubscriptions")
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
if($mybb->get_input('type') == "forum") if($mybb->get_input('type') == "forum")
{ {
// Naming of the hook retained for backward compatibility while d ropping usercp2.php // Naming of the hook retained for backward compatibility while d ropping usercp2.php
$plugins->run_hooks("usercp2_removesubscriptions_forum"); $plugins->run_hooks("usercp2_removesubscriptions_forum");
skipping to change at line 2198 skipping to change at line 2286
} }
redirect($url, $lang->redirect_subscriptionsremoved); redirect($url, $lang->redirect_subscriptionsremoved);
} }
} }
if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post")
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_editsig_start");
// User currently has a suspended signature // User currently has a suspended signature
if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW)
{ {
error_no_permission(); error_no_permission();
} }
$plugins->run_hooks("usercp_do_editsig_start");
if($mybb->get_input('updateposts') == "enable") if($mybb->get_input('updateposts') == "enable")
{ {
$update_signature = array( $update_signature = array(
"includesig" => 1 "includesig" => 1
); );
$db->update_query("posts", $update_signature, "uid='".$mybb->user ['uid']."'"); $db->update_query("posts", $update_signature, "uid='".$mybb->user ['uid']."'");
} }
elseif($mybb->get_input('updateposts') == "disable") elseif($mybb->get_input('updateposts') == "disable")
{ {
$update_signature = array( $update_signature = array(
skipping to change at line 2338 skipping to change at line 2426
{ {
$sigimgcode = $lang->on; $sigimgcode = $lang->on;
} }
else else
{ {
$sigimgcode = $lang->off; $sigimgcode = $lang->off;
} }
$sig = htmlspecialchars_uni($sig); $sig = htmlspecialchars_uni($sig);
$lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $si gsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']); $lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $si gsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']);
if($mybb->settings['bbcodeinserter'] != 0 || $mybb->user['showcod ebuttons'] != 0) if($mybb->settings['sigmycode'] != 0 && $mybb->settings['bbcodein serter'] != 0 && $mybb->user['showcodebuttons'] != 0)
{ {
$codebuttons = build_mycode_inserter("signature"); $codebuttons = build_mycode_inserter("signature");
} }
$plugins->run_hooks("usercp_editsig_end"); $plugins->run_hooks("usercp_editsig_end");
eval("\$editsig = \"".$templates->get("usercp_editsig")."\";"); eval("\$editsig = \"".$templates->get("usercp_editsig")."\";");
} }
output_page($editsig); output_page($editsig);
skipping to change at line 2481 skipping to change at line 2569
{ {
list($maxwidth, $maxheight) = preg_split( '/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); list($maxwidth, $maxheight) = preg_split( '/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
if(($maxwidth && $width > $maxwidth) || ( $maxheight && $height > $maxheight)) if(($maxwidth && $width > $maxwidth) || ( $maxheight && $height > $maxheight))
{ {
$lang->error_avatartoobig = $lang ->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $lang->error_avatartoobig = $lang ->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
$avatar_error = $lang->error_avat artoobig; $avatar_error = $lang->error_avat artoobig;
} }
} }
} }
// Limiting URL string to stay within database limit
if(strlen($mybb->input['avatarurl']) > 200)
{
$avatar_error = $lang->error_avatarurltoolong;
}
if(empty($avatar_error)) if(empty($avatar_error))
{ {
if($width > 0 && $height > 0) if($width > 0 && $height > 0)
{ {
$avatar_dimensions = (int)$width."|".(int )$height; $avatar_dimensions = (int)$width."|".(int )$height;
} }
$updated_avatar = array( $updated_avatar = array(
"avatar" => $db->escape_string($mybb->inp ut['avatarurl'].'?dateline='.TIME_NOW), "avatar" => $db->escape_string($mybb->inp ut['avatarurl'].'?dateline='.TIME_NOW),
"avatardimensions" => $avatar_dimensions, "avatardimensions" => $avatar_dimensions,
"avatartype" => "remote" "avatartype" => "remote"
skipping to change at line 3363 skipping to change at line 3457
eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";"); eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";");
output_page($draftlist); output_page($draftlist);
} }
if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post") if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post")
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_drafts_start");
$mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT _ARRAY); $mybb->input['deletedraft'] = $mybb->get_input('deletedraft', MyBB::INPUT _ARRAY);
if(empty($mybb->input['deletedraft'])) if(empty($mybb->input['deletedraft']))
{ {
error($lang->no_drafts_selected); error($lang->no_drafts_selected);
} }
$plugins->run_hooks("usercp_do_drafts_start");
$pidin = array(); $pidin = array();
$tidin = array(); $tidin = array();
foreach($mybb->input['deletedraft'] as $id => $val) foreach($mybb->input['deletedraft'] as $id => $val)
{ {
if($val == "post") if($val == "post")
{ {
$pidin[] = "'".(int)$id."'"; $pidin[] = "'".(int)$id."'";
} }
elseif($val == "thread") elseif($val == "thread")
{ {
$tidin[] = "'".(int)$id."'"; $tidin[] = "'".(int)$id."'";
} }
skipping to change at line 3408 skipping to change at line 3505
$pidinq = "1=0"; $pidinq = "1=0";
} }
$db->delete_query("posts", "($pidinq $tidinp) AND visible='-2' AN D uid='".$mybb->user['uid']."'"); $db->delete_query("posts", "($pidinq $tidinp) AND visible='-2' AN D uid='".$mybb->user['uid']."'");
} }
$plugins->run_hooks("usercp_do_drafts_end"); $plugins->run_hooks("usercp_do_drafts_end");
redirect("usercp.php?action=drafts", $lang->selected_drafts_deleted); redirect("usercp.php?action=drafts", $lang->selected_drafts_deleted);
} }
if($mybb->input['action'] == "usergroups") if($mybb->input['action'] == "usergroups")
{ {
$plugins->run_hooks("usercp_usergroups_start");
$ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroup s'].",".$mybb->user['displaygroup'].","; $ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroup s'].",".$mybb->user['displaygroup'].",";
$usergroups = $mybb->cache->read('usergroups'); $usergroups = $mybb->cache->read('usergroups');
$plugins->run_hooks("usercp_usergroups_start");
// Changing our display group // Changing our display group
if($mybb->get_input('displaygroup', MyBB::INPUT_INT)) if($mybb->get_input('displaygroup', MyBB::INPUT_INT))
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false) if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false)
{ {
error($lang->not_member_of_group); error($lang->not_member_of_group);
} }
skipping to change at line 3806 skipping to change at line 3904
} }
$plugins->run_hooks("usercp_usergroups_end"); $plugins->run_hooks("usercp_usergroups_end");
eval("\$groupmemberships = \"".$templates->get("usercp_usergroups")."\";" ); eval("\$groupmemberships = \"".$templates->get("usercp_usergroups")."\";" );
output_page($groupmemberships); output_page($groupmemberships);
} }
if($mybb->input['action'] == "attachments") if($mybb->input['action'] == "attachments")
{ {
$plugins->run_hooks("usercp_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php"; require_once MYBB_ROOT."inc/functions_upload.php";
if($mybb->settings['enableattachments'] == 0) if($mybb->settings['enableattachments'] == 0)
{ {
error($lang->attachments_disabled); error($lang->attachments_disabled);
} }
$plugins->run_hooks("usercp_attachments_start");
// Get unviewable forums // Get unviewable forums
$f_perm_sql = ''; $f_perm_sql = '';
$unviewable_forums = get_unviewable_forums(true); $unviewable_forums = get_unviewable_forums(true);
$inactiveforums = get_inactive_forums(); $inactiveforums = get_inactive_forums();
if($unviewable_forums) if($unviewable_forums)
{ {
$f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)"; $f_perm_sql = " AND t.fid NOT IN ($unviewable_forums)";
} }
if($inactiveforums) if($inactiveforums)
{ {
$f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)"; $f_perm_sql .= " AND t.fid NOT IN ($inactiveforums)";
} }
$attachments = ''; $attachments = '';
$query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUN
T(aid) AS acount", "uid='".$mybb->user['uid']."'");
$usage = $db->fetch_array($query);
$totalattachments = $usage['acount'];
// Pagination // Pagination
if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsper page'] < 1) if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsper page'] < 1)
{ {
$mybb->settings['threadsperpage'] = 20; $mybb->settings['threadsperpage'] = 20;
} }
$perpage = $mybb->settings['threadsperpage']; $perpage = $mybb->settings['threadsperpage'];
$page = $mybb->get_input('page', MyBB::INPUT_INT); $page = $mybb->get_input('page', MyBB::INPUT_INT);
if($page > 0) if($page > 0)
{ {
$start = ($page-1) * $perpage; $start = ($page-1) * $perpage;
$pages = ceil($totalattachments / $perpage);
if($page > $pages)
{
$start = 0;
$page = 1;
}
} }
else else
{ {
$start = 0; $start = 0;
$page = 1; $page = 1;
} }
$end = $start + $perpage; $end = $start + $perpage;
$lower = $start+1; $lower = $start+1;
$query = $db->query(" $query = $db->query("
SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubj ect SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubj ect
FROM ".TABLE_PREFIX."attachments a FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql} WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}
ORDER BY p.dateline DESC LIMIT {$start}, {$perpage} ORDER BY p.dateline DESC LIMIT {$start}, {$perpage}
"); ");
$bandwidth = $totaldownloads = 0; $bandwidth = $totaldownloads = $totalusage = $totalattachments = $process edattachments = 0;
while($attachment = $db->fetch_array($query)) while($attachment = $db->fetch_array($query))
{ {
if($attachment['dateline'] && $attachment['tid']) if($attachment['dateline'] && $attachment['tid'])
{ {
$attachment['subject'] = htmlspecialchars_uni($parser->pa rse_badwords($attachment['subject'])); $attachment['subject'] = htmlspecialchars_uni($parser->pa rse_badwords($attachment['subject']));
$attachment['postlink'] = get_post_link($attachment['pid' ], $attachment['tid']); $attachment['postlink'] = get_post_link($attachment['pid' ], $attachment['tid']);
$attachment['threadlink'] = get_thread_link($attachment[' tid']); $attachment['threadlink'] = get_thread_link($attachment[' tid']);
$attachment['threadsubject'] = htmlspecialchars_uni($pars er->parse_badwords($attachment['threadsubject'])); $attachment['threadsubject'] = htmlspecialchars_uni($pars er->parse_badwords($attachment['threadsubject']));
$size = get_friendly_size($attachment['filesize']); $size = get_friendly_size($attachment['filesize']);
skipping to change at line 3893 skipping to change at line 3982
$sizedownloads = $lang->sprintf($lang->attachment_size_do wnloads, $size, $attachment['downloads']); $sizedownloads = $lang->sprintf($lang->attachment_size_do wnloads, $size, $attachment['downloads']);
$attachdate = my_date('relative', $attachment['dateline'] ); $attachdate = my_date('relative', $attachment['dateline'] );
$altbg = alt_trow(); $altbg = alt_trow();
eval("\$attachments .= \"".$templates->get("usercp_attach ments_attachment")."\";"); eval("\$attachments .= \"".$templates->get("usercp_attach ments_attachment")."\";");
// Add to bandwidth total // Add to bandwidth total
$bandwidth += ($attachment['filesize'] * $attachment['dow nloads']); $bandwidth += ($attachment['filesize'] * $attachment['dow nloads']);
$totaldownloads += $attachment['downloads']; $totaldownloads += $attachment['downloads'];
$totalusage += $attachment['filesize'];
++$totalattachments;
} }
else else
{ {
// This little thing delets attachments without a thread/ post // This little thing delets attachments without a thread/ post
remove_attachment($attachment['pid'], $attachment['postha sh'], $attachment['aid']); remove_attachment($attachment['pid'], $attachment['postha sh'], $attachment['aid']);
} }
++$processedattachments;
}
if($processedattachments >= $perpage || $page > 1)
{
$query = $db->query("
SELECT SUM(a.filesize) AS ausage, COUNT(a.aid) AS acount
FROM ".TABLE_PREFIX."attachments a
LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid)
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
WHERE a.uid='".$mybb->user['uid']."' {$f_perm_sql}
");
$usage = $db->fetch_array($query);
$totalusage = $usage['ausage'];
$totalattachments = $usage['acount'];
$multipage = multipage($totalattachments, $perpage, $page, "userc
p.php?action=attachments");
} }
$totalusage = $usage['ausage'];
$friendlyusage = get_friendly_size((int)$totalusage); $friendlyusage = get_friendly_size((int)$totalusage);
if($mybb->usergroup['attachquota']) if($mybb->usergroup['attachquota'])
{ {
$percent = round(($totalusage/($mybb->usergroup['attachquota']*10 24))*100); $percent = round(($totalusage/($mybb->usergroup['attachquota']*10 24))*100);
$friendlyusage .= $lang->sprintf($lang->attachments_usage_percent , $percent); $friendlyusage .= $lang->sprintf($lang->attachments_usage_percent , $percent);
$attachquota = get_friendly_size($mybb->usergroup['attachquota']* 1024); $attachquota = get_friendly_size($mybb->usergroup['attachquota']* 1024);
$usagenote = $lang->sprintf($lang->attachments_usage_quota, $frie ndlyusage, $attachquota, $totalattachments); $usagenote = $lang->sprintf($lang->attachments_usage_quota, $frie ndlyusage, $attachquota, $totalattachments);
} }
else else
{ {
$attachquota = $lang->unlimited; $attachquota = $lang->unlimited;
$usagenote = $lang->sprintf($lang->attachments_usage, $friendlyus age, $totalattachments); $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyus age, $totalattachments);
} }
$multipage = multipage($totalattachments, $perpage, $page, "usercp.php?ac tion=attachments");
$bandwidth = get_friendly_size($bandwidth); $bandwidth = get_friendly_size($bandwidth);
if(!$attachments) if(!$attachments)
{ {
eval("\$attachments = \"".$templates->get("usercp_attachments_non e")."\";"); eval("\$attachments = \"".$templates->get("usercp_attachments_non e")."\";");
$usagenote = ''; $usagenote = '';
} }
$plugins->run_hooks("usercp_attachments_end"); $plugins->run_hooks("usercp_attachments_end");
eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\" ;"); eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\" ;");
output_page($manageattachments); output_page($manageattachments);
} }
if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post" ) if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post" )
{ {
// Verify incoming POST request // Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key')); verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("usercp_do_attachments_start");
require_once MYBB_ROOT."inc/functions_upload.php"; require_once MYBB_ROOT."inc/functions_upload.php";
if(!isset($mybb->input['attachments']) || !is_array($mybb->input['attachm ents'])) if(!isset($mybb->input['attachments']) || !is_array($mybb->input['attachm ents']))
{ {
error($lang->no_attachments_selected); error($lang->no_attachments_selected);
} }
$plugins->run_hooks("usercp_do_attachments_start");
// Get unviewable forums // Get unviewable forums
$f_perm_sql = ''; $f_perm_sql = '';
$unviewable_forums = get_unviewable_forums(true); $unviewable_forums = get_unviewable_forums(true);
$inactiveforums = get_inactive_forums(); $inactiveforums = get_inactive_forums();
if($unviewable_forums) if($unviewable_forums)
{ {
$f_perm_sql = " AND p.fid NOT IN ($unviewable_forums)"; $f_perm_sql = " AND p.fid NOT IN ($unviewable_forums)";
} }
if($inactiveforums) if($inactiveforums)
{ {
 End of changes. 43 change blocks. 
43 lines changed or deleted 164 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)