[ Index ] |
PHP Cross Reference of MyBB 1.8.39 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define("IGNORE_CLEAN_VARS", "sid"); 13 define('THIS_SCRIPT', 'member.php'); 14 define("ALLOWABLE_PAGE", "register,do_register,login,do_login,logout,lostpw,do_lostpw,activate,resendactivation,do_resendactivation,resetpassword,viewnotes"); 15 16 $nosession['avatar'] = 1; 17 18 $templatelist = "member_register,member_register_hiddencaptcha,member_register_coppa,member_register_agreement_coppa,member_register_agreement,member_register_customfield,member_register_requiredfields,member_profile_findthreads"; 19 $templatelist .= ",member_loggedin_notice,member_profile_away,member_register_regimage,member_register_regimage_recaptcha_invisible,member_register_regimage_nocaptcha,post_captcha_hcaptcha_invisible,post_captcha_hcaptcha,post_captcha_hidden,post_captcha,member_register_referrer"; 20 $templatelist .= ",member_profile_email,member_profile_offline,member_profile_reputation,member_profile_warn,member_profile_warninglevel,member_profile_warninglevel_link,member_profile_customfields_field,member_profile_customfields,member_profile_adminoptions_manageban,member_profile_adminoptions,member_profile"; 21 $templatelist .= ",member_profile_signature,member_profile_avatar,member_profile_groupimage,member_referrals_link,member_profile_referrals,member_profile_website,member_profile_reputation_vote,member_activate,member_lostpw,member_register_additionalfields"; 22 $templatelist .= ",member_profile_modoptions_manageuser,member_profile_modoptions_editprofile,member_profile_modoptions_banuser,member_profile_modoptions_viewnotes,member_profile_modoptions_editnotes,member_profile_modoptions_purgespammer"; 23 $templatelist .= ",usercp_profile_profilefields_select_option,usercp_profile_profilefields_multiselect,usercp_profile_profilefields_select,usercp_profile_profilefields_textarea,usercp_profile_profilefields_radio,member_viewnotes"; 24 $templatelist .= ",member_register_question,member_register_question_refresh,usercp_options_timezone,usercp_options_timezone_option,usercp_options_language_option,member_profile_customfields_field_multi_item,member_profile_customfields_field_multi"; 25 $templatelist .= ",member_profile_contact_fields_google,member_profile_contact_fields_skype,member_profile_pm,member_profile_contact_details,member_profile_modoptions_manageban"; 26 $templatelist .= ",member_profile_banned_remaining,member_profile_addremove,member_emailuser_guest,member_register_day,usercp_options_tppselect_option,postbit_warninglevel_formatted,member_profile_userstar,member_profile_findposts"; 27 $templatelist .= ",usercp_options_tppselect,usercp_options_pppselect,member_resetpassword,member_login,member_profile_online,usercp_options_pppselect_option,postbit_reputation_formatted,member_emailuser,usercp_profile_profilefields_text"; 28 $templatelist .= ",member_profile_modoptions_ipaddress,member_profile_modoptions,member_profile_banned,member_register_language,member_resendactivation,usercp_profile_profilefields_checkbox,member_register_password,member_coppa_form"; 29 30 require_once "./global.php"; 31 require_once MYBB_ROOT."inc/functions_post.php"; 32 require_once MYBB_ROOT."inc/functions_user.php"; 33 require_once MYBB_ROOT."inc/class_parser.php"; 34 require_once MYBB_ROOT."inc/functions_modcp.php"; 35 $parser = new postParser; 36 37 // Load global language phrases 38 $lang->load("member"); 39 40 $mybb->input['action'] = $mybb->get_input('action'); 41 42 // Make navigation 43 switch($mybb->input['action']) 44 { 45 case "register": 46 case "do_register": 47 add_breadcrumb($lang->nav_register); 48 break; 49 case "activate": 50 add_breadcrumb($lang->nav_activate); 51 break; 52 case "resendactivation": 53 add_breadcrumb($lang->nav_resendactivation); 54 break; 55 case "lostpw": 56 add_breadcrumb($lang->nav_lostpw); 57 break; 58 case "resetpassword": 59 add_breadcrumb($lang->nav_resetpassword); 60 break; 61 case "login": 62 add_breadcrumb($lang->nav_login); 63 break; 64 case "emailuser": 65 add_breadcrumb($lang->nav_emailuser); 66 break; 67 } 68 69 if(($mybb->input['action'] == "register" || $mybb->input['action'] == "do_register") && $mybb->usergroup['cancp'] != 1) 70 { 71 if($mybb->settings['disableregs'] == 1) 72 { 73 error($lang->registrations_disabled); 74 } 75 if($mybb->user['uid'] != 0) 76 { 77 error($lang->error_alreadyregistered); 78 } 79 if($mybb->settings['betweenregstime'] && $mybb->settings['maxregsbetweentime']) 80 { 81 $time = TIME_NOW; 82 $datecut = $time-(60*60*$mybb->settings['betweenregstime']); 83 $query = $db->simple_select("users", "*", "regip=".$db->escape_binary($session->packedip)." AND regdate > '$datecut'"); 84 $regcount = $db->num_rows($query); 85 if($regcount >= $mybb->settings['maxregsbetweentime']) 86 { 87 $lang->error_alreadyregisteredtime = $lang->sprintf($lang->error_alreadyregisteredtime, $regcount, $mybb->settings['betweenregstime']); 88 error($lang->error_alreadyregisteredtime); 89 } 90 } 91 } 92 93 $fromreg = 0; 94 if($mybb->input['action'] == "do_register" && $mybb->request_method == "post") 95 { 96 $plugins->run_hooks("member_do_register_start"); 97 98 // Are checking how long it takes for users to register? 99 if($mybb->settings['regtime'] > 0) 100 { 101 // Is the field actually set? 102 if(isset($mybb->input['regtime'])) 103 { 104 // Check how long it took for this person to register 105 $timetook = TIME_NOW - $mybb->get_input('regtime', MyBB::INPUT_INT); 106 107 // See if they registered faster than normal 108 if($timetook < $mybb->settings['regtime']) 109 { 110 // This user registered pretty quickly, bot detected! 111 $lang->error_spam_deny_time = $lang->sprintf($lang->error_spam_deny_time, $mybb->settings['regtime'], $timetook); 112 error($lang->error_spam_deny_time); 113 } 114 } 115 else 116 { 117 error($lang->error_spam_deny); 118 } 119 } 120 121 // If we have hidden CATPCHA enabled and it's filled, deny registration 122 if($mybb->settings['hiddencaptchaimage']) 123 { 124 $string = $mybb->settings['hiddencaptchaimagefield']; 125 126 if(!empty($mybb->input[$string])) 127 { 128 error($lang->error_spam_deny); 129 } 130 } 131 132 if($mybb->settings['regtype'] == "randompass") 133 { 134 135 $password_length = (int)$mybb->settings['minpasswordlength']; 136 if($password_length < 8) 137 { 138 $password_length = min(8, (int)$mybb->settings['maxpasswordlength']); 139 } 140 141 $mybb->input['password'] = random_str($password_length, $mybb->settings['requirecomplexpasswords']); 142 $mybb->input['password2'] = $mybb->input['password']; 143 } 144 145 if($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "admin" || $mybb->settings['regtype'] == "both" || $mybb->get_input('coppa', MyBB::INPUT_INT) == 1) 146 { 147 $usergroup = 5; 148 } 149 else 150 { 151 $usergroup = 2; 152 } 153 154 // Set up user handler. 155 require_once MYBB_ROOT."inc/datahandlers/user.php"; 156 $userhandler = new UserDataHandler("insert"); 157 158 $coppauser = 0; 159 if(isset($mybb->cookies['coppauser'])) 160 { 161 $coppauser = (int)$mybb->cookies['coppauser']; 162 } 163 164 // Set the data for the new user. 165 $user = array( 166 "username" => $mybb->get_input('username'), 167 "password" => $mybb->get_input('password'), 168 "password2" => $mybb->get_input('password2'), 169 "email" => $mybb->get_input('email'), 170 "email2" => $mybb->get_input('email2'), 171 "usergroup" => $usergroup, 172 "referrer" => $mybb->get_input('referrername'), 173 "timezone" => $mybb->get_input('timezoneoffset'), 174 "language" => $mybb->get_input('language'), 175 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 176 "regip" => $session->packedip, 177 "coppa_user" => $coppauser, 178 "regcheck1" => $mybb->get_input('regcheck1'), 179 "regcheck2" => $mybb->get_input('regcheck2'), 180 "registration" => true 181 ); 182 183 // Do we have a saved COPPA DOB? 184 if(isset($mybb->cookies['coppadob'])) 185 { 186 list($dob_day, $dob_month, $dob_year) = explode("-", $mybb->cookies['coppadob']); 187 $user['birthday'] = array( 188 "day" => $dob_day, 189 "month" => $dob_month, 190 "year" => $dob_year 191 ); 192 } 193 194 $user['options'] = array( 195 "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT), 196 "hideemail" => $mybb->get_input('hideemail', MyBB::INPUT_INT), 197 "subscriptionmethod" => $mybb->get_input('subscriptionmethod', MyBB::INPUT_INT), 198 "receivepms" => $mybb->get_input('receivepms', MyBB::INPUT_INT), 199 "pmnotice" => $mybb->get_input('pmnotice', MyBB::INPUT_INT), 200 "pmnotify" => $mybb->get_input('pmnotify', MyBB::INPUT_INT), 201 "invisible" => $mybb->get_input('invisible', MyBB::INPUT_INT), 202 "dstcorrection" => $mybb->get_input('dstcorrection') 203 ); 204 205 $userhandler->set_data($user); 206 207 $errors = array(); 208 209 if(!$userhandler->validate_user()) 210 { 211 $errors = $userhandler->get_friendly_errors(); 212 } 213 214 if($mybb->settings['enablestopforumspam_on_register']) 215 { 216 require_once MYBB_ROOT . '/inc/class_stopforumspamchecker.php'; 217 218 $stop_forum_spam_checker = new StopForumSpamChecker( 219 $plugins, 220 $mybb->settings['stopforumspam_min_weighting_before_spam'], 221 $mybb->settings['stopforumspam_check_usernames'], 222 $mybb->settings['stopforumspam_check_emails'], 223 $mybb->settings['stopforumspam_check_ips'], 224 $mybb->settings['stopforumspam_log_blocks'] 225 ); 226 227 try { 228 if($stop_forum_spam_checker->is_user_a_spammer($user['username'], $user['email'], get_ip())) 229 { 230 error($lang->sprintf($lang->error_stop_forum_spam_spammer, 231 $stop_forum_spam_checker->getErrorText(array( 232 'stopforumspam_check_usernames', 233 'stopforumspam_check_emails', 234 'stopforumspam_check_ips' 235 )))); 236 } 237 } 238 catch (Exception $e) 239 { 240 if($mybb->settings['stopforumspam_block_on_error']) 241 { 242 error($lang->error_stop_forum_spam_fetching); 243 } 244 } 245 } 246 247 if($mybb->settings['captchaimage']) 248 { 249 require_once MYBB_ROOT.'inc/class_captcha.php'; 250 $captcha = new captcha; 251 252 if($captcha->validate_captcha() == false) 253 { 254 // CAPTCHA validation failed 255 foreach($captcha->get_errors() as $error) 256 { 257 $errors[] = $error; 258 } 259 } 260 } 261 262 // If we have a security question, check to see if answer is correct 263 if($mybb->settings['securityquestion']) 264 { 265 $question_id = $db->escape_string($mybb->get_input('question_id')); 266 $answer = $db->escape_string($mybb->get_input('answer')); 267 268 $query = $db->query(" 269 SELECT q.*, s.sid 270 FROM ".TABLE_PREFIX."questionsessions s 271 LEFT JOIN ".TABLE_PREFIX."questions q ON (q.qid=s.qid) 272 WHERE q.active='1' AND s.sid='{$question_id}' 273 "); 274 if($db->num_rows($query) > 0) 275 { 276 $question = $db->fetch_array($query); 277 $valid_answers = explode("\n", $question['answer']); 278 $validated = 0; 279 280 foreach($valid_answers as $answers) 281 { 282 if(my_strtolower($answers) == my_strtolower($answer)) 283 { 284 $validated = 1; 285 } 286 } 287 288 if($validated != 1) 289 { 290 $update_question = array( 291 "incorrect" => $question['incorrect'] + 1 292 ); 293 $db->update_query("questions", $update_question, "qid='{$question['qid']}'"); 294 295 $errors[] = $lang->error_question_wrong; 296 } 297 else 298 { 299 $update_question = array( 300 "correct" => $question['correct'] + 1 301 ); 302 $db->update_query("questions", $update_question, "qid='{$question['qid']}'"); 303 } 304 305 $db->delete_query("questionsessions", "sid='{$question_id}'"); 306 } 307 } 308 309 $regerrors = ''; 310 if(!empty($errors)) 311 { 312 $username = htmlspecialchars_uni($mybb->get_input('username')); 313 $email = htmlspecialchars_uni($mybb->get_input('email')); 314 $email2 = htmlspecialchars_uni($mybb->get_input('email2')); 315 $referrername = htmlspecialchars_uni($mybb->get_input('referrername')); 316 317 $allownoticescheck = $hideemailcheck = $no_auto_subscribe_selected = $instant_email_subscribe_selected = $instant_pm_subscribe_selected = $no_subscribe_selected = ''; 318 $receivepmscheck = $pmnoticecheck = $pmnotifycheck = $invisiblecheck = $dst_auto_selected = $dst_enabled_selected = $dst_disabled_selected = ''; 319 320 if($mybb->get_input('allownotices', MyBB::INPUT_INT) == 1) 321 { 322 $allownoticescheck = "checked=\"checked\""; 323 } 324 325 if($mybb->get_input('hideemail', MyBB::INPUT_INT) == 1) 326 { 327 $hideemailcheck = "checked=\"checked\""; 328 } 329 330 if($mybb->get_input('subscriptionmethod', MyBB::INPUT_INT) == 1) 331 { 332 $no_subscribe_selected = "selected=\"selected\""; 333 } 334 else if($mybb->get_input('subscriptionmethod', MyBB::INPUT_INT) == 2) 335 { 336 $instant_email_subscribe_selected = "selected=\"selected\""; 337 } 338 else if($mybb->get_input('subscriptionmethod', MyBB::INPUT_INT) == 3) 339 { 340 $instant_pm_subscribe_selected = "selected=\"selected\""; 341 } 342 else 343 { 344 $no_auto_subscribe_selected = "selected=\"selected\""; 345 } 346 347 if($mybb->get_input('receivepms', MyBB::INPUT_INT) == 1) 348 { 349 $receivepmscheck = "checked=\"checked\""; 350 } 351 352 if($mybb->get_input('pmnotice', MyBB::INPUT_INT) == 1) 353 { 354 $pmnoticecheck = " checked=\"checked\""; 355 } 356 357 if($mybb->get_input('pmnotify', MyBB::INPUT_INT) == 1) 358 { 359 $pmnotifycheck = "checked=\"checked\""; 360 } 361 362 if($mybb->get_input('invisible', MyBB::INPUT_INT) == 1) 363 { 364 $invisiblecheck = "checked=\"checked\""; 365 } 366 367 if($mybb->get_input('dstcorrection', MyBB::INPUT_INT) == 2) 368 { 369 $dst_auto_selected = "selected=\"selected\""; 370 } 371 else if($mybb->get_input('dstcorrection', MyBB::INPUT_INT) == 1) 372 { 373 $dst_enabled_selected = "selected=\"selected\""; 374 } 375 else 376 { 377 $dst_disabled_selected = "selected=\"selected\""; 378 } 379 380 $regerrors = inline_error($errors); 381 $mybb->input['action'] = "register"; 382 $fromreg = 1; 383 } 384 else 385 { 386 $user_info = $userhandler->insert_user(); 387 388 // Invalidate solved captcha 389 if($mybb->settings['captchaimage']) 390 { 391 $captcha->invalidate_captcha(); 392 } 393 394 if($mybb->settings['regtype'] != "randompass" && empty($mybb->cookies['coppauser'])) 395 { 396 // Log them in 397 my_setcookie("mybbuser", $user_info['uid']."_".$user_info['loginkey'], null, true, "lax"); 398 } 399 400 if(!empty($mybb->cookies['coppauser'])) 401 { 402 $lang->redirect_registered_coppa_activate = $lang->sprintf($lang->redirect_registered_coppa_activate, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 403 my_unsetcookie("coppauser"); 404 my_unsetcookie("coppadob"); 405 $plugins->run_hooks("member_do_register_end"); 406 error($lang->redirect_registered_coppa_activate); 407 } 408 else if($mybb->settings['regtype'] == "verify") 409 { 410 $activationcode = random_str(); 411 $now = TIME_NOW; 412 $activationarray = array( 413 "uid" => $user_info['uid'], 414 "dateline" => TIME_NOW, 415 "code" => $activationcode, 416 "type" => "r" 417 ); 418 $db->insert_query("awaitingactivation", $activationarray); 419 $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); 420 switch($mybb->settings['username_method']) 421 { 422 case 0: 423 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 424 break; 425 case 1: 426 $emailmessage = $lang->sprintf($lang->email_activateaccount1, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 427 break; 428 case 2: 429 $emailmessage = $lang->sprintf($lang->email_activateaccount2, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 430 break; 431 default: 432 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 433 break; 434 } 435 my_mail($user_info['email'], $emailsubject, $emailmessage); 436 437 $lang->redirect_registered_activation = $lang->sprintf($lang->redirect_registered_activation, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 438 439 $plugins->run_hooks("member_do_register_end"); 440 441 error($lang->redirect_registered_activation); 442 } 443 else if($mybb->settings['regtype'] == "randompass") 444 { 445 $emailsubject = $lang->sprintf($lang->emailsubject_randompassword, $mybb->settings['bbname']); 446 switch($mybb->settings['username_method']) 447 { 448 case 0: 449 $emailmessage = $lang->sprintf($lang->email_randompassword, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 450 break; 451 case 1: 452 $emailmessage = $lang->sprintf($lang->email_randompassword1, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 453 break; 454 case 2: 455 $emailmessage = $lang->sprintf($lang->email_randompassword2, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 456 break; 457 default: 458 $emailmessage = $lang->sprintf($lang->email_randompassword, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 459 break; 460 } 461 my_mail($user_info['email'], $emailsubject, $emailmessage); 462 463 $plugins->run_hooks("member_do_register_end"); 464 465 error($lang->redirect_registered_passwordsent); 466 } 467 else if($mybb->settings['regtype'] == "admin") 468 { 469 $groups = $cache->read("usergroups"); 470 $admingroups = array(); 471 if(!empty($groups)) // Shouldn't be... 472 { 473 foreach($groups as $group) 474 { 475 if($group['cancp'] == 1) 476 { 477 $admingroups[] = (int)$group['gid']; 478 } 479 } 480 } 481 482 if(!empty($admingroups)) 483 { 484 $sqlwhere = 'usergroup IN ('.implode(',', $admingroups).')'; 485 foreach($admingroups as $admingroup) 486 { 487 switch($db->type) 488 { 489 case 'pgsql': 490 case 'sqlite': 491 $sqlwhere .= " OR ','||additionalgroups||',' LIKE '%,{$admingroup},%'"; 492 break; 493 default: 494 $sqlwhere .= " OR CONCAT(',',additionalgroups,',') LIKE '%,{$admingroup},%'"; 495 break; 496 } 497 } 498 $q = $db->simple_select('users', 'uid,username,email,language', $sqlwhere); 499 while($recipient = $db->fetch_array($q)) 500 { 501 // First we check if the user's a super admin: if yes, we don't care about permissions 502 $is_super_admin = is_super_admin($recipient['uid']); 503 if(!$is_super_admin) 504 { 505 // Include admin functions 506 if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php")) 507 { 508 continue; 509 } 510 511 require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"; 512 513 // Verify if we have permissions to access user-users 514 require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/user/module_meta.php"; 515 if(function_exists("user_admin_permissions")) 516 { 517 // Get admin permissions 518 $adminperms = get_admin_permissions($recipient['uid']); 519 520 $permissions = user_admin_permissions(); 521 if(array_key_exists('users', $permissions['permissions']) && $adminperms['user']['users'] != 1) 522 { 523 continue; // No permissions 524 } 525 } 526 } 527 528 // Load language 529 if($recipient['language'] != $lang->language && $lang->language_exists($recipient['language'])) 530 { 531 $reset_lang = true; 532 $lang->set_language($recipient['language']); 533 $lang->load("member"); 534 } 535 536 $subject = $lang->sprintf($lang->newregistration_subject, $mybb->settings['bbname']); 537 $message = $lang->sprintf($lang->newregistration_message, $recipient['username'], $mybb->settings['bbname'], $user['username']); 538 my_mail($recipient['email'], $subject, $message); 539 } 540 541 // Reset language 542 if(isset($reset_lang)) 543 { 544 $lang->set_language($mybb->settings['bblanguage']); 545 $lang->load("member"); 546 } 547 } 548 549 $lang->redirect_registered_admin_activate = $lang->sprintf($lang->redirect_registered_admin_activate, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 550 551 $plugins->run_hooks("member_do_register_end"); 552 553 error($lang->redirect_registered_admin_activate); 554 } 555 else if($mybb->settings['regtype'] == "both") 556 { 557 $groups = $cache->read("usergroups"); 558 $admingroups = array(); 559 if(!empty($groups)) // Shouldn't be... 560 { 561 foreach($groups as $group) 562 { 563 if($group['cancp'] == 1) 564 { 565 $admingroups[] = (int)$group['gid']; 566 } 567 } 568 } 569 570 if(!empty($admingroups)) 571 { 572 $sqlwhere = 'usergroup IN ('.implode(',', $admingroups).')'; 573 foreach($admingroups as $admingroup) 574 { 575 switch($db->type) 576 { 577 case 'pgsql': 578 case 'sqlite': 579 $sqlwhere .= " OR ','||additionalgroups||',' LIKE '%,{$admingroup},%'"; 580 break; 581 default: 582 $sqlwhere .= " OR CONCAT(',',additionalgroups,',') LIKE '%,{$admingroup},%'"; 583 break; 584 } 585 } 586 $q = $db->simple_select('users', 'uid,username,email,language', $sqlwhere); 587 while($recipient = $db->fetch_array($q)) 588 { 589 // First we check if the user's a super admin: if yes, we don't care about permissions 590 $is_super_admin = is_super_admin($recipient['uid']); 591 if(!$is_super_admin) 592 { 593 // Include admin functions 594 if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php")) 595 { 596 continue; 597 } 598 599 require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"; 600 601 // Verify if we have permissions to access user-users 602 require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/user/module_meta.php"; 603 // Get admin permissions 604 $adminperms = get_admin_permissions($recipient['uid']); 605 if(empty($adminperms['user']['users']) || $adminperms['user']['users'] != 1) 606 { 607 continue; // No permissions 608 } 609 } 610 611 // Load language 612 if($recipient['language'] != $lang->language && $lang->language_exists($recipient['language'])) 613 { 614 $reset_lang = true; 615 $lang->set_language($recipient['language']); 616 $lang->load("member"); 617 } 618 619 $subject = $lang->sprintf($lang->newregistration_subject, $mybb->settings['bbname']); 620 $message = $lang->sprintf($lang->newregistration_message, $recipient['username'], $mybb->settings['bbname'], $user['username']); 621 my_mail($recipient['email'], $subject, $message); 622 } 623 624 // Reset language 625 if(isset($reset_lang)) 626 { 627 $lang->set_language($mybb->settings['bblanguage']); 628 $lang->load("member"); 629 } 630 } 631 632 $activationcode = random_str(); 633 $activationarray = array( 634 "uid" => $user_info['uid'], 635 "dateline" => TIME_NOW, 636 "code" => $activationcode, 637 "type" => "b" 638 ); 639 $db->insert_query("awaitingactivation", $activationarray); 640 $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); 641 switch($mybb->settings['username_method']) 642 { 643 case 0: 644 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 645 break; 646 case 1: 647 $emailmessage = $lang->sprintf($lang->email_activateaccount1, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 648 break; 649 case 2: 650 $emailmessage = $lang->sprintf($lang->email_activateaccount2, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 651 break; 652 default: 653 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 654 break; 655 } 656 my_mail($user_info['email'], $emailsubject, $emailmessage); 657 658 $lang->redirect_registered_activation = $lang->sprintf($lang->redirect_registered_activation, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 659 660 $plugins->run_hooks("member_do_register_end"); 661 662 error($lang->redirect_registered_activation); 663 } 664 else 665 { 666 $lang->redirect_registered = $lang->sprintf($lang->redirect_registered, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 667 668 $plugins->run_hooks("member_do_register_end"); 669 670 redirect("index.php", $lang->redirect_registered); 671 } 672 } 673 } 674 675 if($mybb->input['action'] == "coppa_form") 676 { 677 if(!$mybb->settings['faxno']) 678 { 679 $mybb->settings['faxno'] = " "; 680 } 681 682 $plugins->run_hooks("member_coppa_form"); 683 684 eval("\$coppa_form = \"".$templates->get("member_coppa_form")."\";"); 685 output_page($coppa_form); 686 } 687 688 if($mybb->input['action'] == "register") 689 { 690 $bdaysel = ''; 691 if($mybb->settings['coppa'] == "disabled") 692 { 693 $bdaysel = $bday2blank = ''; 694 } 695 $mybb->input['bday1'] = $mybb->get_input('bday1', MyBB::INPUT_INT); 696 for($day = 1; $day <= 31; ++$day) 697 { 698 $selected = ''; 699 if($mybb->input['bday1'] == $day) 700 { 701 $selected = " selected=\"selected\""; 702 } 703 704 eval("\$bdaysel .= \"".$templates->get("member_register_day")."\";"); 705 } 706 707 $mybb->input['bday2'] = $mybb->get_input('bday2', MyBB::INPUT_INT); 708 $bdaymonthsel = array(); 709 foreach(range(1, 12) as $number) 710 { 711 $bdaymonthsel[$number] = ''; 712 } 713 $bdaymonthsel[$mybb->input['bday2']] = "selected=\"selected\""; 714 $birthday_year = $mybb->get_input('bday3', MyBB::INPUT_INT); 715 716 if($birthday_year == 0) 717 { 718 $birthday_year = ''; 719 } 720 721 $under_thirteen = false; 722 723 // Is COPPA checking enabled? 724 if($mybb->settings['coppa'] != "disabled" && !isset($mybb->input['step'])) 725 { 726 // Just selected DOB, we check 727 if($mybb->input['bday1'] && $mybb->input['bday2'] && $birthday_year) 728 { 729 my_unsetcookie("coppauser"); 730 731 $months = get_bdays($birthday_year); 732 if($mybb->input['bday2'] < 1 || $mybb->input['bday2'] > 12 || $birthday_year < (date("Y")-100) || $birthday_year > date("Y") || $mybb->input['bday1'] > $months[$mybb->input['bday2']-1]) 733 { 734 error($lang->error_invalid_birthday); 735 } 736 737 $bdaytime = @mktime(0, 0, 0, $mybb->input['bday2'], $mybb->input['bday1'], $birthday_year); 738 739 // Store DOB in cookie so we can save it with the registration 740 my_setcookie("coppadob", "{$mybb->input['bday1']}-{$mybb->input['bday2']}-{$birthday_year}", -1); 741 742 // User is <= 13, we mark as a coppa user 743 if($bdaytime >= mktime(0, 0, 0, my_date('n'), my_date('d'), my_date('Y')-13)) 744 { 745 my_setcookie("coppauser", 1, -0); 746 $under_thirteen = true; 747 } 748 else 749 { 750 my_setcookie("coppauser", 0, -0); 751 } 752 $mybb->request_method = ""; 753 } 754 // Show DOB select form 755 else 756 { 757 $plugins->run_hooks("member_register_coppa"); 758 759 my_unsetcookie("coppauser"); 760 761 $coppa_desc = $mybb->settings['coppa'] == 'deny' ? $lang->coppa_desc_for_deny : $lang->coppa_desc; 762 eval("\$coppa = \"".$templates->get("member_register_coppa")."\";"); 763 output_page($coppa); 764 exit; 765 } 766 } 767 768 if((!isset($mybb->input['agree']) && !isset($mybb->input['regsubmit'])) && $fromreg == 0 || $mybb->request_method != "post") 769 { 770 $coppa_agreement = ''; 771 // Is this user a COPPA user? We need to show the COPPA agreement too 772 if($mybb->settings['coppa'] != "disabled" && (!empty($mybb->cookies['coppauser']) || $under_thirteen)) 773 { 774 if($mybb->settings['coppa'] == "deny") 775 { 776 error($lang->error_need_to_be_thirteen); 777 } 778 $lang->coppa_agreement_1 = $lang->sprintf($lang->coppa_agreement_1, $mybb->settings['bbname']); 779 eval("\$coppa_agreement = \"".$templates->get("member_register_agreement_coppa")."\";"); 780 } 781 782 $plugins->run_hooks("member_register_agreement"); 783 784 eval("\$agreement = \"".$templates->get("member_register_agreement")."\";"); 785 output_page($agreement); 786 } 787 else 788 { 789 $plugins->run_hooks("member_register_start"); 790 791 // JS validator extra 792 if($mybb->settings['maxnamelength'] > 0 && $mybb->settings['minnamelength'] > 0) 793 { 794 $lang->js_validator_username_length = $lang->sprintf($lang->js_validator_username_length, $mybb->settings['minnamelength'], $mybb->settings['maxnamelength']); 795 } 796 797 if(isset($mybb->input['timezoneoffset'])) 798 { 799 $timezoneoffset = $mybb->get_input('timezoneoffset'); 800 } 801 else 802 { 803 $timezoneoffset = $mybb->settings['timezoneoffset']; 804 } 805 $tzselect = build_timezone_select("timezoneoffset", $timezoneoffset, true); 806 807 $stylelist = build_theme_select("style"); 808 809 if($mybb->settings['usertppoptions']) 810 { 811 $tppoptions = ''; 812 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 813 if(is_array($explodedtpp)) 814 { 815 foreach($explodedtpp as $val) 816 { 817 $val = trim($val); 818 $tpp_option = $lang->sprintf($lang->tpp_option, $val); 819 eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";"); 820 } 821 } 822 eval("\$tppselect = \"".$templates->get("usercp_options_tppselect")."\";"); 823 } 824 if($mybb->settings['userpppoptions']) 825 { 826 $pppoptions = ''; 827 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 828 if(is_array($explodedppp)) 829 { 830 foreach($explodedppp as $val) 831 { 832 $val = trim($val); 833 $ppp_option = $lang->sprintf($lang->ppp_option, $val); 834 eval("\$pppoptions .= \"".$templates->get("usercp_options_pppselect_option")."\";"); 835 } 836 } 837 eval("\$pppselect = \"".$templates->get("usercp_options_pppselect")."\";"); 838 } 839 if($mybb->settings['usereferrals'] == 1 && !$mybb->user['uid']) 840 { 841 if(isset($mybb->cookies['mybb']['referrer'])) 842 { 843 $query = $db->simple_select("users", "uid,username", "uid='".(int)$mybb->cookies['mybb']['referrer']."'"); 844 $ref = $db->fetch_array($query); 845 $ref['username'] = htmlspecialchars_uni($ref['username']); 846 $referrername = $ref['username']; 847 } 848 elseif(!empty($referrer)) 849 { 850 $query = $db->simple_select("users", "username", "uid='".(int)$referrer['uid']."'"); 851 $ref = $db->fetch_array($query); 852 $ref['username'] = htmlspecialchars_uni($ref['username']); 853 $referrername = $ref['username']; 854 } 855 elseif(!empty($referrername)) 856 { 857 $ref = get_user_by_username($referrername); 858 if(!$ref) 859 { 860 $errors[] = $lang->error_badreferrer; 861 } 862 } 863 else 864 { 865 $referrername = ''; 866 } 867 if(isset($quickreg)) 868 { 869 $refbg = "trow1"; 870 } 871 else 872 { 873 $refbg = "trow2"; 874 } 875 eval("\$referrer = \"".$templates->get("member_register_referrer")."\";"); 876 } 877 else 878 { 879 $referrer = ''; 880 } 881 $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 882 // Custom profile fields baby! 883 $altbg = "trow1"; 884 $requiredfields = $customfields = ''; 885 886 if($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "admin" || $mybb->settings['regtype'] == "both" || $mybb->get_input('coppa', MyBB::INPUT_INT) == 1) 887 { 888 $usergroup = 5; 889 } 890 else 891 { 892 $usergroup = 2; 893 } 894 895 $pfcache = $cache->read('profilefields'); 896 897 if(is_array($pfcache)) 898 { 899 $jsvar_reqfields = array(); 900 foreach($pfcache as $profilefield) 901 { 902 if($profilefield['required'] != 1 && $profilefield['registration'] != 1 || !is_member($profilefield['editableby'], array('usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $usergroup))) 903 { 904 continue; 905 } 906 907 $code = $select = $val = $options = $expoptions = $useropts = ''; 908 $seloptions = array(); 909 $profilefield['type'] = htmlspecialchars_uni($profilefield['type']); 910 $thing = explode("\n", $profilefield['type'], 2); 911 $type = trim($thing[0]); 912 $options = isset($thing[1]) ? $thing[1] : null; 913 $select = ''; 914 $field = "fid{$profilefield['fid']}"; 915 $profilefield['description'] = htmlspecialchars_uni($profilefield['description']); 916 $profilefield['name'] = htmlspecialchars_uni($profilefield['name']); 917 if(!empty($errors) && isset($mybb->input['profile_fields'][$field])) 918 { 919 $userfield = $mybb->input['profile_fields'][$field]; 920 } 921 else 922 { 923 $userfield = ''; 924 } 925 if($type == "multiselect") 926 { 927 if(!empty($errors)) 928 { 929 $useropts = $userfield; 930 } 931 else 932 { 933 $useropts = explode("\n", $userfield); 934 } 935 if(is_array($useropts)) 936 { 937 foreach($useropts as $key => $val) 938 { 939 $seloptions[$val] = $val; 940 } 941 } 942 $expoptions = explode("\n", $options); 943 if(is_array($expoptions)) 944 { 945 foreach($expoptions as $key => $val) 946 { 947 $val = trim($val); 948 $val = str_replace("\n", "\\n", $val); 949 950 $sel = ""; 951 if(isset($seloptions[$val]) && $val == $seloptions[$val]) 952 { 953 $sel = ' selected="selected"'; 954 } 955 956 eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); 957 } 958 if(!$profilefield['length']) 959 { 960 $profilefield['length'] = 3; 961 } 962 963 eval("\$code = \"".$templates->get("usercp_profile_profilefields_multiselect")."\";"); 964 } 965 } 966 elseif($type == "select") 967 { 968 $expoptions = explode("\n", $options); 969 if(is_array($expoptions)) 970 { 971 foreach($expoptions as $key => $val) 972 { 973 $val = trim($val); 974 $val = str_replace("\n", "\\n", $val); 975 $sel = ""; 976 if($val == $userfield) 977 { 978 $sel = ' selected="selected"'; 979 } 980 981 eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); 982 } 983 if(!$profilefield['length']) 984 { 985 $profilefield['length'] = 1; 986 } 987 988 eval("\$code = \"".$templates->get("usercp_profile_profilefields_select")."\";"); 989 } 990 } 991 elseif($type == "radio") 992 { 993 $expoptions = explode("\n", $options); 994 if(is_array($expoptions)) 995 { 996 foreach($expoptions as $key => $val) 997 { 998 $checked = ""; 999 if($val == $userfield) 1000 { 1001 $checked = 'checked="checked"'; 1002 } 1003 1004 eval("\$code .= \"".$templates->get("usercp_profile_profilefields_radio")."\";"); 1005 } 1006 } 1007 } 1008 elseif($type == "checkbox") 1009 { 1010 if(!empty($errors)) 1011 { 1012 $useropts = $userfield; 1013 } 1014 else 1015 { 1016 $useropts = explode("\n", $userfield); 1017 } 1018 if(is_array($useropts)) 1019 { 1020 foreach($useropts as $key => $val) 1021 { 1022 $seloptions[$val] = $val; 1023 } 1024 } 1025 $expoptions = explode("\n", $options); 1026 if(is_array($expoptions)) 1027 { 1028 foreach($expoptions as $key => $val) 1029 { 1030 $checked = ""; 1031 if(isset($seloptions[$val]) && $val == $seloptions[$val]) 1032 { 1033 $checked = 'checked="checked"'; 1034 } 1035 1036 eval("\$code .= \"".$templates->get("usercp_profile_profilefields_checkbox")."\";"); 1037 } 1038 } 1039 } 1040 elseif($type == "textarea") 1041 { 1042 $value = htmlspecialchars_uni($userfield); 1043 eval("\$code = \"".$templates->get("usercp_profile_profilefields_textarea")."\";"); 1044 } 1045 else 1046 { 1047 $value = htmlspecialchars_uni($userfield); 1048 $maxlength = ""; 1049 if($profilefield['maxlength'] > 0) 1050 { 1051 $maxlength = " maxlength=\"{$profilefield['maxlength']}\""; 1052 } 1053 1054 eval("\$code = \"".$templates->get("usercp_profile_profilefields_text")."\";"); 1055 } 1056 1057 if($profilefield['required'] == 1) 1058 { 1059 // JS validator extra, choose correct selectors for everything except single select which always has value 1060 if($type != 'select') 1061 { 1062 $jsvar_reqfields[] = array( 1063 'type' => $type, 1064 'fid' => $field, 1065 ); 1066 } 1067 1068 eval("\$requiredfields .= \"".$templates->get("member_register_customfield")."\";"); 1069 } 1070 else 1071 { 1072 eval("\$customfields .= \"".$templates->get("member_register_customfield")."\";"); 1073 } 1074 } 1075 1076 if($requiredfields) 1077 { 1078 eval("\$requiredfields = \"".$templates->get("member_register_requiredfields")."\";"); 1079 } 1080 1081 if($customfields) 1082 { 1083 eval("\$customfields = \"".$templates->get("member_register_additionalfields")."\";"); 1084 } 1085 } 1086 1087 if(!isset($fromreg) || $fromreg == 0) 1088 { 1089 $allownoticescheck = "checked=\"checked\""; 1090 $hideemailcheck = ''; 1091 $receivepmscheck = "checked=\"checked\""; 1092 $pmnoticecheck = " checked=\"checked\""; 1093 $pmnotifycheck = ''; 1094 $invisiblecheck = ''; 1095 if($mybb->settings['dstcorrection'] == 1) 1096 { 1097 $enabledstcheck = "checked=\"checked\""; 1098 } 1099 $no_auto_subscribe_selected = $instant_email_subscribe_selected = $instant_pm_subscribe_selected = $no_subscribe_selected = ''; 1100 $dst_auto_selected = $dst_enabled_selected = $dst_disabled_selected = ''; 1101 $username = $email = $email2 = ''; 1102 $regerrors = ''; 1103 } 1104 // Spambot registration image thingy 1105 $captcha_html = 0; 1106 $regimage = ''; 1107 if($mybb->settings['captchaimage']) 1108 { 1109 require_once MYBB_ROOT.'inc/class_captcha.php'; 1110 $captcha = new captcha(true, "member_register_regimage"); 1111 1112 if($captcha->html) 1113 { 1114 $captcha_html = 1; 1115 $regimage = $captcha->html; 1116 } 1117 } 1118 1119 // Security Question 1120 $questionbox = ''; 1121 $question_exists = 0; 1122 if($mybb->settings['securityquestion']) 1123 { 1124 $sid = generate_question(); 1125 $query = $db->query(" 1126 SELECT q.question, s.sid 1127 FROM ".TABLE_PREFIX."questionsessions s 1128 LEFT JOIN ".TABLE_PREFIX."questions q ON (q.qid=s.qid) 1129 WHERE q.active='1' AND s.sid='{$sid}' 1130 "); 1131 if($db->num_rows($query) > 0) 1132 { 1133 $question_exists = 1; 1134 $question = $db->fetch_array($query); 1135 1136 //Set parser options for security question 1137 $parser_options = array( 1138 "allow_html" => 0, 1139 "allow_mycode" => 1, 1140 "allow_smilies" => 1, 1141 "allow_imgcode" => 1, 1142 "allow_videocode" => 1, 1143 "filter_badwords" => 1, 1144 "me_username" => 0, 1145 "shorten_urls" => 0, 1146 "highlight" => 0, 1147 ); 1148 1149 //Parse question 1150 $question['question'] = $parser->parse_message($question['question'], $parser_options); 1151 $question['sid'] = htmlspecialchars_uni($question['sid']); 1152 1153 $refresh = ''; 1154 // Total questions 1155 $q = $db->simple_select('questions', 'COUNT(qid) as num', 'active=1'); 1156 $num = $db->fetch_field($q, 'num'); 1157 if($num > 1) 1158 { 1159 eval("\$refresh = \"".$templates->get("member_register_question_refresh")."\";"); 1160 } 1161 1162 eval("\$questionbox = \"".$templates->get("member_register_question")."\";"); 1163 } 1164 } 1165 1166 $hiddencaptcha = ''; 1167 // Hidden CAPTCHA for Spambots 1168 if($mybb->settings['hiddencaptchaimage']) 1169 { 1170 $captcha_field = $mybb->settings['hiddencaptchaimagefield']; 1171 1172 eval("\$hiddencaptcha = \"".$templates->get("member_register_hiddencaptcha")."\";"); 1173 } 1174 if($mybb->settings['regtype'] != "randompass") 1175 { 1176 // JS validator extra 1177 $lang->js_validator_password_length = $lang->sprintf($lang->js_validator_password_length, $mybb->settings['minpasswordlength']); 1178 1179 // See if the board has "require complex passwords" enabled. 1180 if($mybb->settings['requirecomplexpasswords'] == 1) 1181 { 1182 $lang->password = $lang->complex_password = $lang->sprintf($lang->complex_password, $mybb->settings['minpasswordlength']); 1183 } 1184 eval("\$passboxes = \"".$templates->get("member_register_password")."\";"); 1185 } 1186 1187 $languages = $lang->get_languages(); 1188 $langoptions = $boardlanguage = ''; 1189 if(count($languages) > 1) 1190 { 1191 foreach($languages as $name => $language) 1192 { 1193 $language = htmlspecialchars_uni($language); 1194 1195 $sel = ''; 1196 if($mybb->get_input('language') == $name) 1197 { 1198 $sel = " selected=\"selected\""; 1199 } 1200 1201 eval('$langoptions .= "'.$templates->get('usercp_options_language_option').'";'); 1202 } 1203 1204 eval('$boardlanguage = "'.$templates->get('member_register_language').'";'); 1205 } 1206 1207 // Set the time so we can find automated signups 1208 $time = TIME_NOW; 1209 1210 $plugins->run_hooks("member_register_end"); 1211 1212 $jsvar_reqfields = json_encode($jsvar_reqfields); 1213 1214 $validator_javascript = "<script type=\"text/javascript\"> 1215 var regsettings = { 1216 requiredfields: '{$jsvar_reqfields}', 1217 minnamelength: '{$mybb->settings['minnamelength']}', 1218 maxnamelength: '{$mybb->settings['maxnamelength']}', 1219 minpasswordlength: '{$mybb->settings['minpasswordlength']}', 1220 captchaimage: '{$mybb->settings['captchaimage']}', 1221 captchahtml: '{$captcha_html}', 1222 securityquestion: '{$mybb->settings['securityquestion']}', 1223 questionexists: '{$question_exists}', 1224 requirecomplexpasswords: '{$mybb->settings['requirecomplexpasswords']}', 1225 regtype: '{$mybb->settings['regtype']}', 1226 hiddencaptchaimage: '{$mybb->settings['hiddencaptchaimage']}' 1227 }; 1228 1229 lang.js_validator_no_username = '{$lang->js_validator_no_username}'; 1230 lang.js_validator_username_length = '{$lang->js_validator_username_length}'; 1231 lang.js_validator_invalid_email = '{$lang->js_validator_invalid_email}'; 1232 lang.js_validator_email_match = '{$lang->js_validator_email_match}'; 1233 lang.js_validator_not_empty = '{$lang->js_validator_not_empty}'; 1234 lang.js_validator_password_length = '{$lang->js_validator_password_length}'; 1235 lang.js_validator_password_matches = '{$lang->js_validator_password_matches}'; 1236 lang.js_validator_no_image_text = '{$lang->js_validator_no_image_text}'; 1237 lang.js_validator_no_security_question = '{$lang->js_validator_no_security_question}'; 1238 lang.js_validator_bad_password_security = '{$lang->js_validator_bad_password_security}'; 1239 </script>\n"; 1240 1241 eval("\$registration = \"".$templates->get("member_register")."\";"); 1242 output_page($registration); 1243 } 1244 } 1245 1246 if($mybb->input['action'] == "activate") 1247 { 1248 $plugins->run_hooks("member_activate_start"); 1249 1250 if(isset($mybb->input['username'])) 1251 { 1252 $mybb->input['username'] = $mybb->get_input('username'); 1253 $options = array( 1254 'username_method' => $mybb->settings['username_method'], 1255 'fields' => '*', 1256 ); 1257 $user = get_user_by_username($mybb->input['username'], $options); 1258 if(!$user) 1259 { 1260 switch($mybb->settings['username_method']) 1261 { 1262 case 0: 1263 error($lang->error_invalidpworusername); 1264 break; 1265 case 1: 1266 error($lang->error_invalidpworusername1); 1267 break; 1268 case 2: 1269 error($lang->error_invalidpworusername2); 1270 break; 1271 default: 1272 error($lang->error_invalidpworusername); 1273 break; 1274 } 1275 } 1276 $uid = $user['uid']; 1277 } 1278 else 1279 { 1280 $user = get_user($mybb->get_input('uid', MyBB::INPUT_INT)); 1281 } 1282 if(isset($mybb->input['code']) && $user) 1283 { 1284 $query = $db->simple_select("awaitingactivation", "*", "uid='".$user['uid']."' AND (type='r' OR type='e' OR type='b')"); 1285 $activation = $db->fetch_array($query); 1286 if(!$activation) 1287 { 1288 error($lang->error_alreadyactivated); 1289 } 1290 if($activation['code'] !== $mybb->get_input('code')) 1291 { 1292 error($lang->error_badactivationcode); 1293 } 1294 1295 if($activation['type'] == "b" && $activation['validated'] == 1) 1296 { 1297 error($lang->error_alreadyvalidated); 1298 } 1299 1300 $db->delete_query("awaitingactivation", "uid='".$user['uid']."' AND (type='r' OR type='e')"); 1301 1302 if($user['usergroup'] == 5 && $activation['type'] != "e" && $activation['type'] != "b") 1303 { 1304 $db->update_query("users", array("usergroup" => 2), "uid='".$user['uid']."'"); 1305 1306 $cache->update_awaitingactivation(); 1307 } 1308 if($activation['type'] == "e") 1309 { 1310 $newemail = array( 1311 "email" => $db->escape_string($activation['misc']), 1312 ); 1313 $db->update_query("users", $newemail, "uid='".$user['uid']."'"); 1314 $plugins->run_hooks("member_activate_emailupdated"); 1315 1316 redirect("usercp.php", $lang->redirect_emailupdated); 1317 } 1318 elseif($activation['type'] == "b") 1319 { 1320 $update = array( 1321 "validated" => 1, 1322 ); 1323 $db->update_query("awaitingactivation", $update, "uid='".$user['uid']."' AND type='b'"); 1324 $plugins->run_hooks("member_activate_emailactivated"); 1325 1326 redirect("index.php", $lang->redirect_accountactivated_admin, "", true); 1327 } 1328 else 1329 { 1330 $plugins->run_hooks("member_activate_accountactivated"); 1331 1332 redirect("index.php", $lang->redirect_accountactivated); 1333 } 1334 } 1335 else 1336 { 1337 $plugins->run_hooks("member_activate_form"); 1338 1339 $code = htmlspecialchars_uni($mybb->get_input('code')); 1340 1341 if(!isset($user['username'])) 1342 { 1343 $user['username'] = ''; 1344 } 1345 $user['username'] = htmlspecialchars_uni($user['username']); 1346 1347 eval("\$activate = \"".$templates->get("member_activate")."\";"); 1348 output_page($activate); 1349 } 1350 } 1351 1352 if($mybb->input['action'] == "do_resendactivation" && $mybb->request_method == "post") 1353 { 1354 $plugins->run_hooks("member_do_resendactivation_start"); 1355 1356 if($mybb->settings['regtype'] == "admin") 1357 { 1358 error($lang->error_activated_by_admin); 1359 } 1360 1361 $errors = array(); 1362 1363 if($mybb->settings['captchaimage']) 1364 { 1365 require_once MYBB_ROOT.'inc/class_captcha.php'; 1366 $captcha = new captcha; 1367 1368 if($captcha->validate_captcha() == false) 1369 { 1370 // CAPTCHA validation failed 1371 foreach($captcha->get_errors() as $error) 1372 { 1373 $errors[] = $error; 1374 } 1375 } 1376 } 1377 1378 $query = $db->query(" 1379 SELECT u.uid, u.username, u.usergroup, u.email, a.code, a.type, a.validated 1380 FROM ".TABLE_PREFIX."users u 1381 LEFT JOIN ".TABLE_PREFIX."awaitingactivation a ON (a.uid=u.uid AND (a.type='r' OR a.type='b')) 1382 WHERE u.email='".$db->escape_string($mybb->get_input('email'))."' 1383 "); 1384 $numusers = $db->num_rows($query); 1385 if($numusers < 1) 1386 { 1387 error($lang->error_invalidemail); 1388 } 1389 else 1390 { 1391 if(count($errors) == 0) 1392 { 1393 while($user = $db->fetch_array($query)) 1394 { 1395 if($user['type'] == "b" && $user['validated'] == 1) 1396 { 1397 error($lang->error_activated_by_admin); 1398 } 1399 1400 if($user['usergroup'] == 5) 1401 { 1402 if(!$user['code']) 1403 { 1404 $user['code'] = random_str(); 1405 $uid = $user['uid']; 1406 $awaitingarray = array( 1407 "uid" => $uid, 1408 "dateline" => TIME_NOW, 1409 "code" => $user['code'], 1410 "type" => $user['type'] 1411 ); 1412 $db->insert_query("awaitingactivation", $awaitingarray); 1413 } 1414 $username = $user['username']; 1415 $email = $user['email']; 1416 $activationcode = $user['code']; 1417 $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); 1418 switch($mybb->settings['username_method']) 1419 { 1420 case 0: 1421 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1422 break; 1423 case 1: 1424 $emailmessage = $lang->sprintf($lang->email_activateaccount1, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1425 break; 1426 case 2: 1427 $emailmessage = $lang->sprintf($lang->email_activateaccount2, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1428 break; 1429 default: 1430 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1431 break; 1432 } 1433 my_mail($email, $emailsubject, $emailmessage); 1434 } 1435 } 1436 1437 $plugins->run_hooks("member_do_resendactivation_end"); 1438 1439 redirect("index.php", $lang->redirect_activationresent); 1440 } 1441 else 1442 { 1443 $mybb->input['action'] = "resendactivation"; 1444 } 1445 } 1446 } 1447 1448 if($mybb->input['action'] == "resendactivation") 1449 { 1450 $plugins->run_hooks("member_resendactivation"); 1451 1452 if($mybb->settings['regtype'] == "admin") 1453 { 1454 error($lang->error_activated_by_admin); 1455 } 1456 1457 if($mybb->user['uid'] && $mybb->user['usergroup'] != 5) 1458 { 1459 error($lang->error_alreadyactivated); 1460 } 1461 1462 $query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND type='b'"); 1463 $activation = $db->fetch_array($query); 1464 1465 if($activation && $activation['validated'] == 1) 1466 { 1467 error($lang->error_activated_by_admin); 1468 } 1469 1470 $captcha = ''; 1471 // Generate CAPTCHA? 1472 if($mybb->settings['captchaimage']) 1473 { 1474 require_once MYBB_ROOT.'inc/class_captcha.php'; 1475 $post_captcha = new captcha(true, "post_captcha"); 1476 1477 if($post_captcha->html) 1478 { 1479 $captcha = $post_captcha->html; 1480 } 1481 } 1482 1483 if(isset($errors) && count($errors) > 0) 1484 { 1485 $errors = inline_error($errors); 1486 $email = htmlspecialchars_uni($mybb->get_input('email')); 1487 } 1488 else 1489 { 1490 $errors = ''; 1491 $email = ''; 1492 } 1493 1494 $plugins->run_hooks("member_resendactivation_end"); 1495 1496 eval("\$activate = \"".$templates->get("member_resendactivation")."\";"); 1497 output_page($activate); 1498 } 1499 1500 if($mybb->input['action'] == "do_lostpw" && $mybb->request_method == "post") 1501 { 1502 $plugins->run_hooks("member_do_lostpw_start"); 1503 1504 $errors = array(); 1505 1506 if($mybb->settings['captchaimage']) 1507 { 1508 require_once MYBB_ROOT.'inc/class_captcha.php'; 1509 $captcha = new captcha; 1510 1511 if($captcha->validate_captcha() == false) 1512 { 1513 // CAPTCHA validation failed 1514 foreach($captcha->get_errors() as $error) 1515 { 1516 $errors[] = $error; 1517 } 1518 } 1519 } 1520 1521 $query = $db->simple_select("users", "*", "email='".$db->escape_string($mybb->get_input('email'))."'"); 1522 $numusers = $db->num_rows($query); 1523 if($numusers < 1) 1524 { 1525 error($lang->error_invalidemail); 1526 } 1527 else 1528 { 1529 if(count($errors) == 0) 1530 { 1531 while($user = $db->fetch_array($query)) 1532 { 1533 $db->delete_query("awaitingactivation", "uid='{$user['uid']}' AND type='p'"); 1534 $user['activationcode'] = random_str(30); 1535 $now = TIME_NOW; 1536 $uid = $user['uid']; 1537 $awaitingarray = array( 1538 "uid" => $user['uid'], 1539 "dateline" => TIME_NOW, 1540 "code" => $user['activationcode'], 1541 "type" => "p" 1542 ); 1543 $db->insert_query("awaitingactivation", $awaitingarray); 1544 $username = $user['username']; 1545 $email = $user['email']; 1546 $activationcode = $user['activationcode']; 1547 $emailsubject = $lang->sprintf($lang->emailsubject_lostpw, $mybb->settings['bbname']); 1548 switch($mybb->settings['username_method']) 1549 { 1550 case 0: 1551 $emailmessage = $lang->sprintf($lang->email_lostpw, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1552 break; 1553 case 1: 1554 $emailmessage = $lang->sprintf($lang->email_lostpw1, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1555 break; 1556 case 2: 1557 $emailmessage = $lang->sprintf($lang->email_lostpw2, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1558 break; 1559 default: 1560 $emailmessage = $lang->sprintf($lang->email_lostpw, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1561 break; 1562 } 1563 my_mail($email, $emailsubject, $emailmessage); 1564 } 1565 1566 $plugins->run_hooks("member_do_lostpw_end"); 1567 1568 redirect("index.php", $lang->redirect_lostpwsent, "", true); 1569 } 1570 else 1571 { 1572 $mybb->input['action'] = "lostpw"; 1573 } 1574 } 1575 } 1576 1577 if($mybb->input['action'] == "lostpw") 1578 { 1579 $plugins->run_hooks("member_lostpw"); 1580 1581 $captcha = ''; 1582 // Generate CAPTCHA? 1583 if($mybb->settings['captchaimage']) 1584 { 1585 require_once MYBB_ROOT.'inc/class_captcha.php'; 1586 $post_captcha = new captcha(true, "post_captcha"); 1587 1588 if($post_captcha->html) 1589 { 1590 $captcha = $post_captcha->html; 1591 } 1592 } 1593 1594 if(isset($errors) && count($errors) > 0) 1595 { 1596 $errors = inline_error($errors); 1597 $email = htmlspecialchars_uni($mybb->get_input('email')); 1598 } 1599 else 1600 { 1601 $errors = ''; 1602 $email = ''; 1603 } 1604 1605 eval("\$lostpw = \"".$templates->get("member_lostpw")."\";"); 1606 output_page($lostpw); 1607 } 1608 1609 if($mybb->input['action'] == "resetpassword") 1610 { 1611 $plugins->run_hooks("member_resetpassword_start"); 1612 1613 if(isset($mybb->input['username'])) 1614 { 1615 $mybb->input['username'] = $mybb->get_input('username'); 1616 $options = array( 1617 'username_method' => $mybb->settings['username_method'], 1618 'fields' => '*', 1619 ); 1620 $user = get_user_by_username($mybb->input['username'], $options); 1621 if(!$user) 1622 { 1623 switch($mybb->settings['username_method']) 1624 { 1625 case 0: 1626 error($lang->error_invalidpworusername); 1627 break; 1628 case 1: 1629 error($lang->error_invalidpworusername1); 1630 break; 1631 case 2: 1632 error($lang->error_invalidpworusername2); 1633 break; 1634 default: 1635 error($lang->error_invalidpworusername); 1636 break; 1637 } 1638 } 1639 } 1640 else 1641 { 1642 $user = get_user($mybb->get_input('uid', MyBB::INPUT_INT)); 1643 } 1644 1645 if(isset($mybb->input['code']) && $user) 1646 { 1647 $query = $db->simple_select("awaitingactivation", "code", "uid='".$user['uid']."' AND type='p'"); 1648 $activationcode = $db->fetch_field($query, 'code'); 1649 $now = TIME_NOW; 1650 if(!$activationcode || $activationcode !== $mybb->get_input('code')) 1651 { 1652 error($lang->error_badlostpwcode); 1653 } 1654 $db->delete_query("awaitingactivation", "uid='".$user['uid']."' AND type='p'"); 1655 $username = $user['username']; 1656 1657 // Generate a new password, then update it 1658 $password_length = (int)$mybb->settings['minpasswordlength']; 1659 1660 if($password_length < 8) 1661 { 1662 $password_length = min(8, (int)$mybb->settings['maxpasswordlength']); 1663 } 1664 1665 // Set up user handler. 1666 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 1667 $userhandler = new UserDataHandler('update'); 1668 1669 do 1670 { 1671 $password = random_str($password_length, $mybb->settings['requirecomplexpasswords']); 1672 1673 $userhandler->set_data(array( 1674 'uid' => $user['uid'], 1675 'username' => $user['username'], 1676 'email' => $user['email'], 1677 'password' => $password 1678 )); 1679 1680 $userhandler->set_validated(true); 1681 $userhandler->errors = array(); 1682 } while(!$userhandler->verify_password()); 1683 1684 $userhandler->update_user(); 1685 1686 $logindetails = array( 1687 'salt' => $userhandler->data['salt'], 1688 'password' => $userhandler->data['password'], 1689 'loginkey' => $userhandler->data['loginkey'], 1690 ); 1691 1692 $email = $user['email']; 1693 1694 $plugins->run_hooks("member_resetpassword_process"); 1695 1696 $emailsubject = $lang->sprintf($lang->emailsubject_passwordreset, $mybb->settings['bbname']); 1697 $emailmessage = $lang->sprintf($lang->email_passwordreset, $username, $mybb->settings['bbname'], $password); 1698 my_mail($email, $emailsubject, $emailmessage); 1699 1700 $plugins->run_hooks("member_resetpassword_reset"); 1701 1702 error($lang->redirect_passwordreset); 1703 } 1704 else 1705 { 1706 $plugins->run_hooks("member_resetpassword_form"); 1707 1708 switch($mybb->settings['username_method']) 1709 { 1710 case 0: 1711 $lang_username = $lang->username; 1712 break; 1713 case 1: 1714 $lang_username = $lang->username1; 1715 break; 1716 case 2: 1717 $lang_username = $lang->username2; 1718 break; 1719 default: 1720 $lang_username = $lang->username; 1721 break; 1722 } 1723 1724 $code = htmlspecialchars_uni($mybb->get_input('code')); 1725 1726 $input_username = htmlspecialchars_uni($mybb->get_input('username')); 1727 1728 eval("\$activate = \"".$templates->get("member_resetpassword")."\";"); 1729 output_page($activate); 1730 } 1731 } 1732 1733 $do_captcha = $correct = false; 1734 $inline_errors = ""; 1735 if($mybb->input['action'] == "do_login" && $mybb->request_method == "post") 1736 { 1737 verify_post_check($mybb->get_input('my_post_key')); 1738 1739 $errors = array(); 1740 1741 $plugins->run_hooks("member_do_login_start"); 1742 1743 require_once MYBB_ROOT."inc/datahandlers/login.php"; 1744 $loginhandler = new LoginDataHandler("get"); 1745 1746 if($mybb->get_input('quick_password') && $mybb->get_input('quick_username')) 1747 { 1748 $mybb->input['password'] = $mybb->get_input('quick_password'); 1749 $mybb->input['username'] = $mybb->get_input('quick_username'); 1750 $mybb->input['remember'] = $mybb->get_input('quick_remember'); 1751 } 1752 1753 $user = array( 1754 'username' => $mybb->get_input('username'), 1755 'password' => $mybb->get_input('password'), 1756 'remember' => $mybb->get_input('remember'), 1757 'imagestring' => $mybb->get_input('imagestring') 1758 ); 1759 1760 $options = array( 1761 'fields' => 'loginattempts', 1762 'username_method' => (int)$mybb->settings['username_method'], 1763 ); 1764 1765 $user_loginattempts = get_user_by_username($user['username'], $options); 1766 if(!empty($user_loginattempts)) 1767 { 1768 $user['loginattempts'] = (int)$user_loginattempts['loginattempts']; 1769 } 1770 1771 $loginhandler->set_data($user); 1772 $validated = $loginhandler->validate_login(); 1773 1774 if(!$validated) 1775 { 1776 $mybb->input['action'] = "login"; 1777 $mybb->request_method = "get"; 1778 1779 $login_user_uid = 0; 1780 if(!empty($loginhandler->login_data)) 1781 { 1782 $login_user_uid = (int)$loginhandler->login_data['uid']; 1783 $user['loginattempts'] = (int)$loginhandler->login_data['loginattempts']; 1784 } 1785 1786 // Is a fatal call if user has had too many tries 1787 $logins = login_attempt_check($login_user_uid); 1788 1789 $db->update_query("users", array('loginattempts' => 'loginattempts+1'), "uid='".$login_user_uid."'", 1, true); 1790 1791 $errors = $loginhandler->get_friendly_errors(); 1792 1793 // If we need a captcha set it here 1794 if( 1795 $mybb->settings['failedcaptchalogincount'] > 0 && 1796 ( 1797 ( 1798 isset($user['loginattempts']) && 1799 $user['loginattempts'] > $mybb->settings['failedcaptchalogincount'] 1800 ) || 1801 ( 1802 isset($mybb->cookies['loginattempts']) && 1803 (int)$mybb->cookies['loginattempts'] > $mybb->settings['failedcaptchalogincount'] 1804 ) 1805 ) 1806 ) 1807 { 1808 $do_captcha = true; 1809 $correct = $loginhandler->captcha_verified; 1810 } 1811 } 1812 else if($validated && $loginhandler->captcha_verified == true) 1813 { 1814 // Successful login 1815 if($loginhandler->login_data['coppauser']) 1816 { 1817 error($lang->error_awaitingcoppa); 1818 } 1819 1820 $loginhandler->complete_login(); 1821 1822 $plugins->run_hooks("member_do_login_end"); 1823 1824 $mybb->input['url'] = $mybb->get_input('url'); 1825 1826 if(!empty($mybb->input['url']) && my_strpos(basename($mybb->input['url']), 'member.php') === false && !preg_match('#^javascript:#i', $mybb->input['url'])) 1827 { 1828 if((my_strpos(basename($mybb->input['url']), 'newthread.php') !== false || my_strpos(basename($mybb->input['url']), 'newreply.php') !== false) && my_strpos($mybb->input['url'], '&processed=1') !== false) 1829 { 1830 $mybb->input['url'] = str_replace('&processed=1', '', $mybb->input['url']); 1831 } 1832 1833 $mybb->input['url'] = str_replace('&', '&', $mybb->input['url']); 1834 1835 if(my_strpos($mybb->input['url'], $mybb->settings['bburl'].'/') !== 0) 1836 { 1837 if(my_strpos($mybb->input['url'], '/') === 0) 1838 { 1839 $mybb->input['url'] = my_substr($mybb->input['url'], 1); 1840 } 1841 $url_segments = explode('/', $mybb->input['url']); 1842 $mybb->input['url'] = $mybb->settings['bburl'].'/'.end($url_segments); 1843 } 1844 1845 // Redirect to the URL if it is not member.php 1846 redirect($mybb->input['url'], $lang->redirect_loggedin); 1847 } 1848 else 1849 { 1850 1851 redirect("index.php", $lang->redirect_loggedin); 1852 } 1853 } 1854 1855 $plugins->run_hooks("member_do_login_end"); 1856 } 1857 1858 if($mybb->input['action'] == "login") 1859 { 1860 $plugins->run_hooks("member_login"); 1861 1862 $member_loggedin_notice = ""; 1863 if($mybb->user['uid'] != 0) 1864 { 1865 $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']); 1866 $lang->already_logged_in = $lang->sprintf($lang->already_logged_in, build_profile_link($mybb->user['username'], $mybb->user['uid'])); 1867 eval("\$member_loggedin_notice = \"".$templates->get("member_loggedin_notice")."\";"); 1868 } 1869 1870 // Checks to make sure the user can login; they haven't had too many tries at logging in. 1871 // Is a fatal call if user has had too many tries. This particular check uses cookies, as a uid is not set yet 1872 // and we can't check loginattempts in the db 1873 login_attempt_check(); 1874 1875 // Redirect to the page where the user came from, but not if that was the login page. 1876 if(isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], "action=login") === false) 1877 { 1878 $redirect_url = htmlentities($_SERVER['HTTP_REFERER']); 1879 } 1880 else 1881 { 1882 $redirect_url = ''; 1883 } 1884 1885 $captcha = ''; 1886 // Show captcha image for guests if enabled and only if we have to do 1887 if($mybb->settings['captchaimage'] && $do_captcha == true) 1888 { 1889 require_once MYBB_ROOT.'inc/class_captcha.php'; 1890 $login_captcha = new captcha(false, "post_captcha"); 1891 1892 if($login_captcha->type == captcha::DEFAULT_CAPTCHA) 1893 { 1894 if(!$correct) 1895 { 1896 $login_captcha->build_captcha(); 1897 } 1898 else 1899 { 1900 $captcha = $login_captcha->build_hidden_captcha(); 1901 } 1902 } 1903 elseif(in_array($login_captcha->type, array(captcha::NOCAPTCHA_RECAPTCHA, captcha::RECAPTCHA_INVISIBLE, captcha::RECAPTCHA_V3))) 1904 { 1905 $login_captcha->build_recaptcha(); 1906 } 1907 elseif(in_array($login_captcha->type, array(captcha::HCAPTCHA, captcha::HCAPTCHA_INVISIBLE))) 1908 { 1909 $login_captcha->build_hcaptcha(); 1910 } 1911 1912 if($login_captcha->html) 1913 { 1914 $captcha = $login_captcha->html; 1915 } 1916 } 1917 1918 $username = ""; 1919 $password = ""; 1920 if(isset($mybb->input['username']) && $mybb->request_method == "post") 1921 { 1922 $username = htmlspecialchars_uni($mybb->get_input('username')); 1923 } 1924 1925 if(isset($mybb->input['password']) && $mybb->request_method == "post") 1926 { 1927 $password = htmlspecialchars_uni($mybb->get_input('password')); 1928 } 1929 1930 if(!empty($errors)) 1931 { 1932 $mybb->input['action'] = "login"; 1933 $mybb->request_method = "get"; 1934 1935 $inline_errors = inline_error($errors); 1936 } 1937 1938 switch($mybb->settings['username_method']) 1939 { 1940 case 1: 1941 $lang->username = $lang->username1; 1942 break; 1943 case 2: 1944 $lang->username = $lang->username2; 1945 break; 1946 default: 1947 break; 1948 } 1949 1950 $plugins->run_hooks("member_login_end"); 1951 1952 eval("\$login = \"".$templates->get("member_login")."\";"); 1953 output_page($login); 1954 } 1955 1956 if($mybb->input['action'] == "logout") 1957 { 1958 $plugins->run_hooks("member_logout_start"); 1959 1960 if(!$mybb->user['uid']) 1961 { 1962 redirect("index.php", $lang->redirect_alreadyloggedout); 1963 } 1964 1965 // Check session ID if we have one 1966 if(isset($mybb->input['sid']) && $mybb->get_input('sid') !== $session->sid) 1967 { 1968 error($lang->error_notloggedout); 1969 } 1970 // Otherwise, check logoutkey 1971 else if(!isset($mybb->input['sid']) && $mybb->get_input('logoutkey') !== $mybb->user['logoutkey']) 1972 { 1973 error($lang->error_notloggedout); 1974 } 1975 1976 my_unsetcookie("mybbuser"); 1977 my_unsetcookie("sid"); 1978 1979 if($mybb->user['uid']) 1980 { 1981 $time = TIME_NOW; 1982 // Run this after the shutdown query from session system 1983 $db->shutdown_query("UPDATE ".TABLE_PREFIX."users SET lastvisit='{$time}', lastactive='{$time}' WHERE uid='{$mybb->user['uid']}'"); 1984 $db->delete_query("sessions", "sid = '{$session->sid}'"); 1985 } 1986 1987 $plugins->run_hooks("member_logout_end"); 1988 1989 redirect("index.php", $lang->redirect_loggedout); 1990 } 1991 1992 if($mybb->input['action'] == "viewnotes") 1993 { 1994 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 1995 $user = get_user($uid); 1996 1997 // Make sure we are looking at a real user here. 1998 if(!$user) 1999 { 2000 error($lang->error_nomember); 2001 } 2002 2003 if($mybb->user['uid'] == 0 || $mybb->usergroup['canmodcp'] != 1) 2004 { 2005 error_no_permission(); 2006 } 2007 2008 $user['username'] = htmlspecialchars_uni($user['username']); 2009 $lang->view_notes_for = $lang->sprintf($lang->view_notes_for, $user['username']); 2010 2011 $user['usernotes'] = nl2br(htmlspecialchars_uni($user['usernotes'])); 2012 2013 $plugins->run_hooks('member_viewnotes'); 2014 2015 eval("\$viewnotes = \"".$templates->get("member_viewnotes", 1, 0)."\";"); 2016 echo $viewnotes; 2017 exit; 2018 } 2019 2020 if($mybb->input['action'] == "profile") 2021 { 2022 if($mybb->usergroup['canviewprofiles'] == 0) 2023 { 2024 error_no_permission(); 2025 } 2026 2027 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 2028 if($uid) 2029 { 2030 $memprofile = get_user($uid); 2031 } 2032 elseif($mybb->user['uid']) 2033 { 2034 $memprofile = $mybb->user; 2035 } 2036 else 2037 { 2038 $memprofile = false; 2039 } 2040 2041 if(!$memprofile) 2042 { 2043 error($lang->error_nomember); 2044 } 2045 2046 $uid = $memprofile['uid']; 2047 2048 $plugins->run_hooks("member_profile_start"); 2049 2050 $me_username = $memprofile['username']; 2051 $memprofile['username'] = htmlspecialchars_uni($memprofile['username']); 2052 $lang->profile = $lang->sprintf($lang->profile, $memprofile['username']); 2053 2054 // Get member's permissions 2055 $memperms = user_permissions($memprofile['uid']); 2056 2057 // Set display group 2058 $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image"); 2059 2060 if(!$memprofile['displaygroup']) 2061 { 2062 $memprofile['displaygroup'] = $memprofile['usergroup']; 2063 } 2064 2065 $displaygroup = usergroup_displaygroup($memprofile['displaygroup']); 2066 if(is_array($displaygroup)) 2067 { 2068 $memperms = array_merge($memperms, $displaygroup); 2069 } 2070 2071 $lang->nav_profile = $lang->sprintf($lang->nav_profile, $memprofile['username']); 2072 add_breadcrumb($lang->nav_profile); 2073 2074 $lang->users_forum_info = $lang->sprintf($lang->users_forum_info, $memprofile['username']); 2075 $lang->users_contact_details = $lang->sprintf($lang->users_contact_details, $memprofile['username']); 2076 $lang->send_pm = $lang->sprintf($lang->send_pm, $memprofile['username']); 2077 $lang->away_note = $lang->sprintf($lang->away_note, $memprofile['username']); 2078 $lang->users_additional_info = $lang->sprintf($lang->users_additional_info, $memprofile['username']); 2079 $lang->users_signature = $lang->sprintf($lang->users_signature, $memprofile['username']); 2080 $lang->send_user_email = $lang->sprintf($lang->send_user_email, $memprofile['username']); 2081 2082 $useravatar = format_avatar($memprofile['avatar'], $memprofile['avatardimensions']); 2083 eval("\$avatar = \"".$templates->get("member_profile_avatar")."\";"); 2084 2085 $website = $sendemail = $sendpm = $contact_details = ''; 2086 2087 if(my_validate_url($memprofile['website']) && !is_member($mybb->settings['hidewebsite']) && $memperms['canchangewebsite'] == 1) 2088 { 2089 $memprofile['website'] = htmlspecialchars_uni($memprofile['website']); 2090 $bgcolor = alt_trow(); 2091 eval("\$website = \"".$templates->get("member_profile_website")."\";"); 2092 } 2093 2094 if($mybb->usergroup['cansendemail'] == 1 && $uid != $mybb->user['uid'] && $memprofile['hideemail'] != 1 && (my_strpos(",".$memprofile['ignorelist'].",", ",".$mybb->user['uid'].",") === false || $mybb->usergroup['cansendemailoverride'] != 0)) 2095 { 2096 $bgcolor = alt_trow(); 2097 eval("\$sendemail = \"".$templates->get("member_profile_email")."\";"); 2098 } 2099 2100 if($mybb->settings['enablepms'] != 0 && $uid != $mybb->user['uid'] && $mybb->usergroup['canusepms'] == 1 && (($memprofile['receivepms'] != 0 && $memperms['canusepms'] != 0 && my_strpos(",".$memprofile['ignorelist'].",", ",".$mybb->user['uid'].",") === false) || $mybb->usergroup['canoverridepm'] == 1)) 2101 { 2102 $bgcolor = alt_trow(); 2103 eval('$sendpm = "'.$templates->get("member_profile_pm").'";'); 2104 } 2105 2106 $contact_fields = array(); 2107 $any_contact_field = false; 2108 foreach(array('skype', 'google') as $field) 2109 { 2110 $contact_fields[$field] = ''; 2111 $settingkey = 'allow'.$field.'field'; 2112 2113 if(!empty($memprofile[$field]) && is_member($mybb->settings[$settingkey], array('usergroup' => $memprofile['usergroup'], 'additionalgroups' => $memprofile['additionalgroups']))) 2114 { 2115 $any_contact_field = true; 2116 $memprofile[$field] = htmlspecialchars_uni($memprofile[$field]); 2117 $tmpl = 'member_profile_contact_fields_'.$field; 2118 2119 $bgcolors[$field] = alt_trow(); 2120 eval('$contact_fields[\''.$field.'\'] = "'.$templates->get($tmpl).'";'); 2121 } 2122 } 2123 2124 if($any_contact_field || $sendemail || $sendpm || $website) 2125 { 2126 eval('$contact_details = "'.$templates->get("member_profile_contact_details").'";'); 2127 } 2128 2129 $signature = ''; 2130 if($memprofile['signature'] && ($memprofile['suspendsignature'] == 0 || $memprofile['suspendsigtime'] < TIME_NOW) && !is_member($mybb->settings['hidesignatures']) && $memperms['canusesig'] && $memperms['canusesigxposts'] <= $memprofile['postnum']) 2131 { 2132 $sig_parser = array( 2133 "allow_html" => $mybb->settings['sightml'], 2134 "allow_mycode" => $mybb->settings['sigmycode'], 2135 "allow_smilies" => $mybb->settings['sigsmilies'], 2136 "allow_imgcode" => $mybb->settings['sigimgcode'], 2137 "me_username" => $me_username, 2138 "filter_badwords" => 1 2139 ); 2140 2141 if($memperms['signofollow']) 2142 { 2143 $sig_parser['nofollow_on'] = 1; 2144 } 2145 2146 if($mybb->user['uid'] != 0 && $mybb->user['showimages'] != 1 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) 2147 { 2148 $sig_parser['allow_imgcode'] = 0; 2149 } 2150 2151 $memprofile['signature'] = $parser->parse_message($memprofile['signature'], $sig_parser); 2152 eval("\$signature = \"".$templates->get("member_profile_signature")."\";"); 2153 } 2154 2155 $daysreg = (TIME_NOW - $memprofile['regdate']) / (24*3600); 2156 2157 if($daysreg < 1) 2158 { 2159 $daysreg = 1; 2160 } 2161 2162 $stats = $cache->read("stats"); 2163 2164 // Format post count, per day count and percent of total 2165 $ppd = $memprofile['postnum'] / $daysreg; 2166 $ppd = round($ppd, 2); 2167 if($ppd > $memprofile['postnum']) 2168 { 2169 $ppd = $memprofile['postnum']; 2170 } 2171 2172 $numposts = $stats['numposts']; 2173 if($numposts == 0) 2174 { 2175 $post_percent = "0"; 2176 } 2177 else 2178 { 2179 $post_percent = $memprofile['postnum']*100/$numposts; 2180 $post_percent = round($post_percent, 2); 2181 } 2182 2183 if($post_percent > 100) 2184 { 2185 $post_percent = 100; 2186 } 2187 2188 // Format thread count, per day count and percent of total 2189 $tpd = $memprofile['threadnum'] / $daysreg; 2190 $tpd = round($tpd, 2); 2191 if($tpd > $memprofile['threadnum']) 2192 { 2193 $tpd = $memprofile['threadnum']; 2194 } 2195 2196 $numthreads = $stats['numthreads']; 2197 if($numthreads == 0) 2198 { 2199 $thread_percent = "0"; 2200 } 2201 else 2202 { 2203 $thread_percent = $memprofile['threadnum']*100/$numthreads; 2204 $thread_percent = round($thread_percent, 2); 2205 } 2206 2207 if($thread_percent > 100) 2208 { 2209 $thread_percent = 100; 2210 } 2211 2212 $findposts = $findthreads = ''; 2213 if($mybb->usergroup['cansearch'] == 1) 2214 { 2215 if(!empty($memprofile['postnum'])) 2216 { 2217 eval("\$findposts = \"".$templates->get("member_profile_findposts")."\";"); 2218 } 2219 if(!empty($memprofile['threadnum'])) 2220 { 2221 eval("\$findthreads = \"".$templates->get("member_profile_findthreads")."\";"); 2222 } 2223 } 2224 2225 $awaybit = ''; 2226 if($memprofile['away'] == 1 && $mybb->settings['allowaway'] != 0) 2227 { 2228 $lang->away_note = $lang->sprintf($lang->away_note, $memprofile['username']); 2229 $awaydate = my_date($mybb->settings['dateformat'], $memprofile['awaydate']); 2230 if(!empty($memprofile['awayreason'])) 2231 { 2232 $reason = $parser->parse_badwords($memprofile['awayreason']); 2233 $awayreason = htmlspecialchars_uni($reason); 2234 } 2235 else 2236 { 2237 $awayreason = $lang->away_no_reason; 2238 } 2239 if($memprofile['returndate'] == '') 2240 { 2241 $returndate = "$lang->unknown"; 2242 } 2243 else 2244 { 2245 $returnhome = explode("-", $memprofile['returndate']); 2246 2247 // PHP native date functions use integers so timestamps for years after 2038 will not work 2248 // Thus we use adodb_mktime 2249 if($returnhome[2] >= 2038) 2250 { 2251 require_once MYBB_ROOT."inc/functions_time.php"; 2252 $returnmkdate = adodb_mktime(0, 0, 0, $returnhome[1], $returnhome[0], $returnhome[2]); 2253 $returndate = my_date($mybb->settings['dateformat'], $returnmkdate, "", 1, true); 2254 } 2255 else 2256 { 2257 $returnmkdate = mktime(0, 0, 0, $returnhome[1], $returnhome[0], $returnhome[2]); 2258 $returndate = my_date($mybb->settings['dateformat'], $returnmkdate); 2259 } 2260 2261 // If our away time has expired already, we should be back, right? 2262 if($returnmkdate < TIME_NOW) 2263 { 2264 $db->update_query('users', array('away' => '0', 'awaydate' => '0', 'returndate' => '', 'awayreason' => ''), 'uid=\''.(int)$memprofile['uid'].'\''); 2265 2266 // Update our status to "not away" 2267 $memprofile['away'] = 0; 2268 } 2269 } 2270 2271 // Check if our away status is set to 1, it may have been updated already (see a few lines above) 2272 if($memprofile['away'] == 1) 2273 { 2274 eval("\$awaybit = \"".$templates->get("member_profile_away")."\";"); 2275 } 2276 } 2277 2278 $memprofile['timezone'] = (float)$memprofile['timezone']; 2279 2280 if($memprofile['dst'] == 1) 2281 { 2282 $memprofile['timezone']++; 2283 if(my_substr($memprofile['timezone'], 0, 1) != "-") 2284 { 2285 $memprofile['timezone'] = "+{$memprofile['timezone']}"; 2286 } 2287 } 2288 2289 $memregdate = my_date($mybb->settings['dateformat'], $memprofile['regdate']); 2290 $memlocaldate = gmdate($mybb->settings['dateformat'], TIME_NOW + ($memprofile['timezone'] * 3600)); 2291 $memlocaltime = gmdate($mybb->settings['timeformat'], TIME_NOW + ($memprofile['timezone'] * 3600)); 2292 2293 $localtime = $lang->sprintf($lang->local_time_format, $memlocaldate, $memlocaltime); 2294 2295 if($memprofile['birthday']) 2296 { 2297 $membday = explode("-", $memprofile['birthday']); 2298 2299 if($memprofile['birthdayprivacy'] != 'none') 2300 { 2301 if($membday[0] && $membday[1] && $membday[2]) 2302 { 2303 $lang->membdayage = $lang->sprintf($lang->membdayage, get_age($memprofile['birthday'])); 2304 2305 $bdayformat = fix_mktime($mybb->settings['dateformat'], $membday[2]); 2306 $membday = mktime(0, 0, 0, $membday[1], $membday[0], $membday[2]); 2307 $membday = date($bdayformat, $membday); 2308 2309 $membdayage = $lang->membdayage; 2310 } 2311 elseif($membday[2]) 2312 { 2313 $membday = mktime(0, 0, 0, 1, 1, $membday[2]); 2314 $membday = date("Y", $membday); 2315 $membdayage = ''; 2316 } 2317 else 2318 { 2319 $membday = mktime(0, 0, 0, $membday[1], $membday[0], 0); 2320 $membday = date("F j", $membday); 2321 $membdayage = ''; 2322 } 2323 } 2324 2325 if($memprofile['birthdayprivacy'] == 'age') 2326 { 2327 $membday = $lang->birthdayhidden; 2328 } 2329 else if($memprofile['birthdayprivacy'] == 'none') 2330 { 2331 $membday = $lang->birthdayhidden; 2332 $membdayage = ''; 2333 } 2334 } 2335 else 2336 { 2337 $membday = $lang->not_specified; 2338 $membdayage = ''; 2339 } 2340 2341 // Get the user title for this user 2342 unset($stars); 2343 $usertitle = ''; 2344 $starimage = ''; 2345 if(trim($memprofile['usertitle']) != '') 2346 { 2347 // User has custom user title 2348 $usertitle = $memprofile['usertitle']; 2349 } 2350 elseif(trim($memperms['usertitle']) != '') 2351 { 2352 // User has group title 2353 $usertitle = $memperms['usertitle']; 2354 } 2355 else 2356 { 2357 if(!isset($usertitles)) 2358 { 2359 $usertitles = $cache->read('usertitles'); 2360 } 2361 2362 // No usergroup title so get a default one 2363 if(is_array($usertitles)) 2364 { 2365 foreach($usertitles as $title) 2366 { 2367 if($memprofile['postnum'] >= $title['posts']) 2368 { 2369 $usertitle = $title['title']; 2370 $stars = $title['stars']; 2371 $starimage = $title['starimage']; 2372 2373 break; 2374 } 2375 } 2376 } 2377 } 2378 2379 $usertitle = htmlspecialchars_uni($usertitle); 2380 2381 if($memperms['stars'] || $memperms['usertitle']) 2382 { 2383 // Set the number of stars if display group has constant number of stars 2384 $stars = $memperms['stars']; 2385 } 2386 elseif(!isset($stars)) 2387 { 2388 if(!isset($usertitles)) 2389 { 2390 $usertitles = $cache->read('usertitles'); 2391 } 2392 2393 // This is for cases where the user has a title, but the group has no defined number of stars (use number of stars as per default usergroups) 2394 if(is_array($usertitles)) 2395 { 2396 foreach($usertitles as $title) 2397 { 2398 if($memprofile['postnum'] >= $title['posts']) 2399 { 2400 $stars = $title['stars']; 2401 $starimage = $title['starimage']; 2402 break; 2403 } 2404 } 2405 } 2406 2407 if(!isset($stars)) 2408 { 2409 $stars = 0; 2410 } 2411 } 2412 2413 $groupimage = ''; 2414 if(!empty($memperms['image'])) 2415 { 2416 if(!empty($mybb->user['language'])) 2417 { 2418 $language = $mybb->user['language']; 2419 } 2420 else 2421 { 2422 $language = $mybb->settings['bblanguage']; 2423 } 2424 $memperms['image'] = str_replace("{lang}", $language, $memperms['image']); 2425 $memperms['image'] = str_replace("{theme}", $theme['imgdir'], $memperms['image']); 2426 eval("\$groupimage = \"".$templates->get("member_profile_groupimage")."\";"); 2427 } 2428 2429 if(empty($starimage)) 2430 { 2431 $starimage = $memperms['starimage']; 2432 } 2433 2434 if(!empty($starimage)) 2435 { 2436 // Only display stars if we have an image to use... 2437 $starimage = str_replace("{theme}", $theme['imgdir'], $starimage); 2438 $userstars = ''; 2439 for($i = 0; $i < $stars; ++$i) 2440 { 2441 eval("\$userstars .= \"".$templates->get("member_profile_userstar", 1, 0)."\";"); 2442 } 2443 } 2444 2445 // User is currently online and this user has permissions to view the user on the WOL 2446 $timesearch = TIME_NOW - $mybb->settings['wolcutoffmins']*60; 2447 $query = $db->simple_select("sessions", "location,nopermission", "uid='$uid' AND time>'{$timesearch}'", array('order_by' => 'time', 'order_dir' => 'DESC', 'limit' => 1)); 2448 $session = $db->fetch_array($query); 2449 2450 $timeonline = $lang->none_registered; 2451 $memlastvisitdate = $lang->lastvisit_never; 2452 $last_seen = max(array($memprofile['lastactive'], $memprofile['lastvisit'])); 2453 if(!empty($last_seen)) 2454 { 2455 // We have some stamp here 2456 if($memprofile['invisible'] == 1 && $mybb->usergroup['canviewwolinvis'] != 1 && $memprofile['uid'] != $mybb->user['uid']) 2457 { 2458 $memlastvisitdate = $lang->lastvisit_hidden; 2459 $online_status = $timeonline = $lang->timeonline_hidden; 2460 } 2461 else 2462 { 2463 $memlastvisitdate = my_date('relative', $last_seen); 2464 2465 if($memprofile['timeonline'] > 0) 2466 { 2467 $timeonline = nice_time($memprofile['timeonline']); 2468 } 2469 2470 // Online? 2471 if(!empty($session)) 2472 { 2473 // Fetch their current location 2474 $lang->load("online"); 2475 require_once MYBB_ROOT."inc/functions_online.php"; 2476 $activity = fetch_wol_activity($session['location'], $session['nopermission']); 2477 $location = build_friendly_wol_location($activity); 2478 $location_time = my_date($mybb->settings['timeformat'], $last_seen); 2479 2480 eval("\$online_status = \"".$templates->get("member_profile_online")."\";"); 2481 } 2482 } 2483 } 2484 2485 if(!isset($online_status)) 2486 { 2487 eval("\$online_status = \"".$templates->get("member_profile_offline")."\";"); 2488 } 2489 2490 // Reset the background colours to keep it inline 2491 $alttrow = 'trow1'; 2492 2493 // Build Referral 2494 $referrals = ''; 2495 if($mybb->settings['usereferrals'] == 1) 2496 { 2497 $bg_color = alt_trow(); 2498 2499 $uid = (int) $memprofile['uid']; 2500 $referral_count = $memprofile['referrals']; 2501 if ($referral_count > 0) { 2502 eval("\$memprofile['referrals'] = \"".$templates->get('member_referrals_link')."\";"); 2503 } 2504 2505 eval("\$referrals = \"".$templates->get('member_profile_referrals')."\";"); 2506 } 2507 2508 // Fetch the reputation for this user 2509 $reputation = ''; 2510 if($memperms['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 2511 { 2512 $bg_color = alt_trow(); 2513 $reputation = get_reputation($memprofile['reputation']); 2514 2515 // If this user has permission to give reputations show the vote link 2516 $vote_link = ''; 2517 if($mybb->usergroup['cangivereputations'] == 1 && $memprofile['uid'] != $mybb->user['uid'] && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep'])) 2518 { 2519 eval("\$vote_link = \"".$templates->get("member_profile_reputation_vote")."\";"); 2520 } 2521 2522 eval("\$reputation = \"".$templates->get("member_profile_reputation")."\";"); 2523 } 2524 2525 $warning_level = ''; 2526 if($mybb->settings['enablewarningsystem'] != 0 && $memperms['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || ($mybb->user['uid'] == $memprofile['uid'] && $mybb->settings['canviewownwarning'] != 0))) 2527 { 2528 $bg_color = alt_trow(); 2529 2530 if($mybb->settings['maxwarningpoints'] < 1) 2531 { 2532 $mybb->settings['maxwarningpoints'] = 10; 2533 } 2534 2535 $warning_level = round($memprofile['warningpoints']/$mybb->settings['maxwarningpoints']*100); 2536 2537 if($warning_level > 100) 2538 { 2539 $warning_level = 100; 2540 } 2541 2542 $warning_level = get_colored_warning_level($warning_level); 2543 if($mybb->usergroup['canwarnusers'] != 0) 2544 { 2545 eval("\$warn_user = \"".$templates->get("member_profile_warn")."\";"); 2546 eval("\$warning_level = \"".$templates->get("member_profile_warninglevel_link")."\";"); 2547 } 2548 else 2549 { 2550 eval("\$warning_level = \"".$templates->get("member_profile_warninglevel")."\";"); 2551 } 2552 } 2553 2554 $bgcolor = $alttrow = 'trow1'; 2555 $customfields = $profilefields = ''; 2556 2557 $query = $db->simple_select("userfields", "*", "ufid = '{$uid}'"); 2558 $userfields = $db->fetch_array($query); 2559 2560 // If this user is an Administrator or a Moderator then we wish to show all profile fields 2561 $pfcache = $cache->read('profilefields'); 2562 2563 if(is_array($pfcache)) 2564 { 2565 foreach($pfcache as $customfield) 2566 { 2567 if($mybb->usergroup['cancp'] != 1 && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['canmodcp'] != 1 && !is_member($customfield['viewableby']) || !$customfield['profile']) 2568 { 2569 continue; 2570 } 2571 2572 $thing = explode("\n", $customfield['type'], "2"); 2573 $type = trim($thing[0]); 2574 2575 $customfieldval = $customfield_val = ''; 2576 $field = "fid{$customfield['fid']}"; 2577 2578 if(isset($userfields[$field])) 2579 { 2580 $useropts = explode("\n", $userfields[$field]); 2581 $customfieldval = $comma = ''; 2582 if(is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) 2583 { 2584 foreach($useropts as $val) 2585 { 2586 if($val != '') 2587 { 2588 eval("\$customfield_val .= \"".$templates->get("member_profile_customfields_field_multi_item")."\";"); 2589 } 2590 } 2591 if($customfield_val != '') 2592 { 2593 eval("\$customfieldval = \"".$templates->get("member_profile_customfields_field_multi")."\";"); 2594 } 2595 } 2596 else 2597 { 2598 $parser_options = array( 2599 "allow_html" => $customfield['allowhtml'], 2600 "allow_mycode" => $customfield['allowmycode'], 2601 "allow_smilies" => $customfield['allowsmilies'], 2602 "allow_imgcode" => $customfield['allowimgcode'], 2603 "allow_videocode" => $customfield['allowvideocode'], 2604 #"nofollow_on" => 1, 2605 "filter_badwords" => 1 2606 ); 2607 2608 if($customfield['type'] == "textarea") 2609 { 2610 $parser_options['me_username'] = $memprofile['username']; 2611 } 2612 else 2613 { 2614 $parser_options['nl2br'] = 0; 2615 } 2616 2617 if($mybb->user['uid'] != 0 && $mybb->user['showimages'] != 1 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) 2618 { 2619 $parser_options['allow_imgcode'] = 0; 2620 } 2621 2622 $customfieldval = $parser->parse_message($userfields[$field], $parser_options); 2623 } 2624 } 2625 2626 if($customfieldval) 2627 { 2628 $customfield['name'] = htmlspecialchars_uni($customfield['name']); 2629 eval("\$customfields .= \"".$templates->get("member_profile_customfields_field")."\";"); 2630 $bgcolor = alt_trow(); 2631 } 2632 } 2633 } 2634 2635 if($customfields) 2636 { 2637 eval("\$profilefields = \"".$templates->get("member_profile_customfields")."\";"); 2638 } 2639 2640 $memprofile['postnum'] = my_number_format($memprofile['postnum']); 2641 $lang->ppd_percent_total = $lang->sprintf($lang->ppd_percent_total, my_number_format($ppd), $post_percent); 2642 2643 $memprofile['threadnum'] = my_number_format($memprofile['threadnum']); 2644 $lang->tpd_percent_total = $lang->sprintf($lang->tpd_percent_total, my_number_format($tpd), $thread_percent); 2645 2646 $formattedname = format_name($memprofile['username'], $memprofile['usergroup'], $memprofile['displaygroup']); 2647 2648 $bannedbit = ''; 2649 if($memperms['isbannedgroup'] == 1 && $mybb->usergroup['canbanusers'] == 1) 2650 { 2651 // Fetch details on their ban 2652 $query = $db->simple_select('banned b LEFT JOIN '.TABLE_PREFIX.'users a ON (b.admin=a.uid)', 'b.*, a.username AS adminuser', "b.uid='{$uid}'", array('limit' => 1)); 2653 2654 if($db->num_rows($query)) 2655 { 2656 $memban = $db->fetch_array($query); 2657 2658 if($memban['reason']) 2659 { 2660 $memban['reason'] = htmlspecialchars_uni($parser->parse_badwords($memban['reason'])); 2661 } 2662 else 2663 { 2664 $memban['reason'] = $lang->na; 2665 } 2666 2667 if($memban['lifted'] == 'perm' || $memban['lifted'] == '' || $memban['bantime'] == 'perm' || $memban['bantime'] == '---') 2668 { 2669 $banlength = $lang->permanent; 2670 $timeremaining = $lang->na; 2671 $banned_class = "normal_banned"; 2672 } 2673 else 2674 { 2675 // Set up the array of ban times. 2676 $bantimes = fetch_ban_times(); 2677 2678 $banlength = $bantimes[$memban['bantime']]; 2679 $remaining = $memban['lifted']-TIME_NOW; 2680 2681 $timeremaining = nice_time($remaining, array('short' => 1, 'seconds' => false)).""; 2682 2683 $banned_class = ''; 2684 if($remaining < 3600) 2685 { 2686 $banned_class = "high_banned"; 2687 } 2688 else if($remaining < 86400) 2689 { 2690 $banned_class = "moderate_banned"; 2691 } 2692 else if($remaining < 604800) 2693 { 2694 $banned_class = "low_banned"; 2695 } 2696 else 2697 { 2698 $banned_class = "normal_banned"; 2699 } 2700 } 2701 eval('$timeremaining = "'.$templates->get('member_profile_banned_remaining').'";'); 2702 2703 $memban['adminuser'] = build_profile_link(htmlspecialchars_uni($memban['adminuser']), $memban['admin']); 2704 2705 // Display a nice warning to the user 2706 eval('$bannedbit = "'.$templates->get('member_profile_banned').'";'); 2707 } 2708 else 2709 { 2710 // TODO: more specific output for converted/merged boards where no ban record is merged. 2711 $bannedbit = ''; 2712 } 2713 } 2714 2715 $adminoptions = ''; 2716 if($mybb->usergroup['cancp'] == 1 && $mybb->config['hide_admin_links'] != 1) 2717 { 2718 if($memperms['isbannedgroup'] == 1) 2719 { 2720 eval("\$adminoptions = \"".$templates->get("member_profile_adminoptions_manageban")."\";"); 2721 } 2722 else 2723 { 2724 eval("\$adminoptions = \"".$templates->get("member_profile_adminoptions")."\";"); 2725 } 2726 } 2727 2728 $modoptions = $viewnotes = $editnotes = $editprofile = $banuser = $manageban = $manageuser = ''; 2729 $can_purge_spammer = purgespammer_show($memprofile['postnum'], $memprofile['usergroup'], $memprofile['uid']); 2730 if($mybb->usergroup['canmodcp'] == 1 || $can_purge_spammer) 2731 { 2732 if($mybb->usergroup['canuseipsearch'] == 1) 2733 { 2734 $memprofile['regip'] = my_inet_ntop($db->unescape_binary($memprofile['regip'])); 2735 $memprofile['lastip'] = my_inet_ntop($db->unescape_binary($memprofile['lastip'])); 2736 2737 eval("\$ipaddress = \"".$templates->get("member_profile_modoptions_ipaddress")."\";"); 2738 } 2739 2740 $memprofile['usernotes'] = nl2br(htmlspecialchars_uni($memprofile['usernotes'])); 2741 2742 if(!empty($memprofile['usernotes'])) 2743 { 2744 if(strlen($memprofile['usernotes']) > 100) 2745 { 2746 eval("\$viewnotes = \"".$templates->get("member_profile_modoptions_viewnotes")."\";"); 2747 $memprofile['usernotes'] = my_substr($memprofile['usernotes'], 0, 100)."... {$viewnotes}"; 2748 } 2749 } 2750 else 2751 { 2752 $memprofile['usernotes'] = $lang->no_usernotes; 2753 } 2754 2755 if($mybb->usergroup['caneditprofiles'] == 1 && modcp_can_manage_user($memprofile['uid'])) 2756 { 2757 eval("\$editprofile = \"".$templates->get("member_profile_modoptions_editprofile")."\";"); 2758 eval("\$editnotes = \"".$templates->get("member_profile_modoptions_editnotes")."\";"); 2759 } 2760 2761 if($memperms['isbannedgroup'] == 1 && $mybb->usergroup['canbanusers'] == 1 && modcp_can_manage_user($memprofile['uid'])) 2762 { 2763 eval("\$manageban = \"".$templates->get("member_profile_modoptions_manageban")."\";"); 2764 } 2765 elseif(modcp_can_manage_user($memprofile['uid']) && $mybb->usergroup['canbanusers'] == 1) 2766 { 2767 eval("\$banuser = \"".$templates->get("member_profile_modoptions_banuser")."\";"); 2768 } 2769 2770 $purgespammer = ''; 2771 if($can_purge_spammer) 2772 { 2773 eval("\$purgespammer = \"".$templates->get('member_profile_modoptions_purgespammer')."\";"); 2774 } 2775 2776 if(!empty($editprofile) || !empty($banuser) || !empty($manageban) || !empty($purgespammer)) 2777 { 2778 eval("\$manageuser = \"".$templates->get("member_profile_modoptions_manageuser")."\";"); 2779 } 2780 2781 eval("\$modoptions = \"".$templates->get("member_profile_modoptions")."\";"); 2782 } 2783 2784 $add_remove_options = array(); 2785 $buddy_options = $ignore_options = $report_options = ''; 2786 if($mybb->user['uid'] != $memprofile['uid'] && $mybb->user['uid'] != 0) 2787 { 2788 $buddy_list = explode(',', $mybb->user['buddylist']); 2789 $ignore_list = explode(',', $mybb->user['ignorelist']); 2790 2791 if(in_array($uid, $buddy_list)) 2792 { 2793 $add_remove_options = array('url' => "usercp.php?action=do_editlists&delete={$uid}&my_post_key={$mybb->post_code}", 'class' => 'remove_buddy_button', 'lang' => $lang->remove_from_buddy_list); 2794 } 2795 else 2796 { 2797 $add_remove_options = array('url' => "usercp.php?action=do_editlists&add_username=".urlencode($memprofile['username'])."&my_post_key={$mybb->post_code}", 'class' => 'add_buddy_button', 'lang' => $lang->add_to_buddy_list); 2798 } 2799 2800 if(!in_array($uid, $ignore_list)) 2801 { 2802 eval("\$buddy_options = \"".$templates->get("member_profile_addremove")."\";"); // Add/Remove Buddy 2803 } 2804 2805 if(in_array($uid, $ignore_list)) 2806 { 2807 $add_remove_options = array('url' => "usercp.php?action=do_editlists&manage=ignored&delete={$uid}&my_post_key={$mybb->post_code}", 'class' => 'remove_ignore_button', 'lang' => $lang->remove_from_ignore_list); 2808 } 2809 else 2810 { 2811 $add_remove_options = array('url' => "usercp.php?action=do_editlists&manage=ignored&add_username=".urlencode($memprofile['username'])."&my_post_key={$mybb->post_code}", 'class' => 'add_ignore_button', 'lang' => $lang->add_to_ignore_list); 2812 } 2813 2814 if(!in_array($uid, $buddy_list)) 2815 { 2816 eval("\$ignore_options = \"".$templates->get("member_profile_addremove")."\";"); // Add/Remove Ignore 2817 } 2818 2819 if(isset($memperms['canbereported']) && $memperms['canbereported'] == 1) 2820 { 2821 $reportable = true; 2822 $query = $db->simple_select("reportedcontent", "reporters", "reportstatus != '1' AND id = '{$memprofile['uid']}' AND type = 'profile'"); 2823 if($db->num_rows($query)) 2824 { 2825 $report = $db->fetch_array($query); 2826 $report['reporters'] = my_unserialize($report['reporters']); 2827 if(is_array($report['reporters']) && in_array($mybb->user['uid'], $report['reporters'])) 2828 { 2829 $reportable = false; 2830 } 2831 } 2832 if($reportable) 2833 { 2834 $add_remove_options = array('url' => "javascript:Report.reportUser({$memprofile['uid']});", 'class' => 'report_user_button', 'lang' => $lang->report_user); 2835 eval("\$report_options = \"".$templates->get("member_profile_addremove")."\";"); // Report User 2836 } 2837 } 2838 } 2839 2840 $plugins->run_hooks("member_profile_end"); 2841 2842 eval("\$profile = \"".$templates->get("member_profile")."\";"); 2843 output_page($profile); 2844 } 2845 2846 if($mybb->input['action'] == "do_emailuser" && $mybb->request_method == "post") 2847 { 2848 // Verify incoming POST request 2849 verify_post_check($mybb->get_input('my_post_key')); 2850 2851 $plugins->run_hooks("member_do_emailuser_start"); 2852 2853 // Guests or those without permission can't email other users 2854 if($mybb->usergroup['cansendemail'] == 0) 2855 { 2856 error_no_permission(); 2857 } 2858 2859 // Check group limits 2860 if($mybb->usergroup['maxemails'] > 0) 2861 { 2862 if($mybb->user['uid'] > 0) 2863 { 2864 $user_check = "fromuid='{$mybb->user['uid']}'"; 2865 } 2866 else 2867 { 2868 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 2869 } 2870 2871 $query = $db->simple_select("maillogs", "COUNT(*) AS sent_count", "{$user_check} AND dateline >= '".(TIME_NOW - (60*60*24))."'"); 2872 $sent_count = $db->fetch_field($query, "sent_count"); 2873 if($sent_count >= $mybb->usergroup['maxemails']) 2874 { 2875 $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']); 2876 error($lang->error_max_emails_day); 2877 } 2878 } 2879 2880 // Check email flood control 2881 if($mybb->usergroup['emailfloodtime'] > 0) 2882 { 2883 if($mybb->user['uid'] > 0) 2884 { 2885 $user_check = "fromuid='{$mybb->user['uid']}'"; 2886 } 2887 else 2888 { 2889 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 2890 } 2891 2892 $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60; 2893 2894 $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC")); 2895 $last_email = $db->fetch_array($query); 2896 2897 // Users last email was within the flood time, show the error 2898 if(isset($last_email['mid'])) 2899 { 2900 $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']); 2901 2902 if($remaining_time == 1) 2903 { 2904 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']); 2905 } 2906 elseif($remaining_time < 60) 2907 { 2908 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time); 2909 } 2910 elseif($remaining_time > 60 && $remaining_time < 120) 2911 { 2912 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']); 2913 } 2914 else 2915 { 2916 $remaining_time_minutes = ceil($remaining_time/60); 2917 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes); 2918 } 2919 2920 error($lang->error_emailflooding); 2921 } 2922 } 2923 2924 $query = $db->simple_select("users", "uid, username, email, hideemail", "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"); 2925 $to_user = $db->fetch_array($query); 2926 2927 if(!$to_user['username']) 2928 { 2929 error($lang->error_invalidusername); 2930 } 2931 2932 if($to_user['hideemail'] != 0) 2933 { 2934 error($lang->error_hideemail); 2935 } 2936 2937 $errors = array(); 2938 2939 if($mybb->user['uid']) 2940 { 2941 $mybb->input['fromemail'] = $mybb->user['email']; 2942 $mybb->input['fromname'] = $mybb->user['username']; 2943 } 2944 2945 if(!validate_email_format($mybb->input['fromemail'])) 2946 { 2947 $errors[] = $lang->error_invalidfromemail; 2948 } 2949 2950 if(empty($mybb->input['fromname'])) 2951 { 2952 $errors[] = $lang->error_noname; 2953 } 2954 2955 if(empty($mybb->input['subject'])) 2956 { 2957 $errors[] = $lang->error_no_email_subject; 2958 } 2959 2960 if(empty($mybb->input['message'])) 2961 { 2962 $errors[] = $lang->error_no_email_message; 2963 } 2964 2965 if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0) 2966 { 2967 require_once MYBB_ROOT.'inc/class_captcha.php'; 2968 $captcha = new captcha; 2969 2970 if($captcha->validate_captcha() == false) 2971 { 2972 // CAPTCHA validation failed 2973 foreach($captcha->get_errors() as $error) 2974 { 2975 $errors[] = $error; 2976 } 2977 } 2978 } 2979 2980 if(count($errors) == 0) 2981 { 2982 if($mybb->settings['mail_handler'] == 'smtp') 2983 { 2984 $from = $mybb->input['fromemail']; 2985 } 2986 else 2987 { 2988 $from = "{$mybb->input['fromname']} <{$mybb->input['fromemail']}>"; 2989 } 2990 2991 $message = $lang->sprintf($lang->email_emailuser, $to_user['username'], $mybb->input['fromname'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->get_input('message')); 2992 my_mail($to_user['email'], $mybb->get_input('subject'), $message, '', '', '', false, 'text', '', $from); 2993 2994 if($mybb->settings['mail_logging'] > 0) 2995 { 2996 // Log the message 2997 $log_entry = array( 2998 "subject" => $db->escape_string($mybb->get_input('subject')), 2999 "message" => $db->escape_string($mybb->get_input('message')), 3000 "dateline" => TIME_NOW, 3001 "fromuid" => $mybb->user['uid'], 3002 "fromemail" => $db->escape_string($mybb->input['fromemail']), 3003 "touid" => $to_user['uid'], 3004 "toemail" => $db->escape_string($to_user['email']), 3005 "tid" => 0, 3006 "ipaddress" => $db->escape_binary($session->packedip), 3007 "type" => 1 3008 ); 3009 $db->insert_query("maillogs", $log_entry); 3010 } 3011 3012 $plugins->run_hooks("member_do_emailuser_end"); 3013 3014 redirect(get_profile_link($to_user['uid']), $lang->redirect_emailsent); 3015 } 3016 else 3017 { 3018 $mybb->input['action'] = "emailuser"; 3019 } 3020 } 3021 3022 if($mybb->input['action'] == "emailuser") 3023 { 3024 $plugins->run_hooks("member_emailuser_start"); 3025 3026 // Guests or those without permission can't email other users 3027 if($mybb->usergroup['cansendemail'] == 0) 3028 { 3029 error_no_permission(); 3030 } 3031 3032 // Check group limits 3033 if($mybb->usergroup['maxemails'] > 0) 3034 { 3035 if($mybb->user['uid'] > 0) 3036 { 3037 $user_check = "fromuid='{$mybb->user['uid']}'"; 3038 } 3039 else 3040 { 3041 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 3042 } 3043 3044 $query = $db->simple_select("maillogs", "COUNT(*) AS sent_count", "{$user_check} AND dateline >= '".(TIME_NOW - (60*60*24))."'"); 3045 $sent_count = $db->fetch_field($query, "sent_count"); 3046 if($sent_count >= $mybb->usergroup['maxemails']) 3047 { 3048 $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']); 3049 error($lang->error_max_emails_day); 3050 } 3051 } 3052 3053 // Check email flood control 3054 if($mybb->usergroup['emailfloodtime'] > 0) 3055 { 3056 if($mybb->user['uid'] > 0) 3057 { 3058 $user_check = "fromuid='{$mybb->user['uid']}'"; 3059 } 3060 else 3061 { 3062 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 3063 } 3064 3065 $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60; 3066 3067 $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC")); 3068 $last_email = $db->fetch_array($query); 3069 3070 // Users last email was within the flood time, show the error 3071 if(isset($last_email['mid'])) 3072 { 3073 $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']); 3074 3075 if($remaining_time == 1) 3076 { 3077 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']); 3078 } 3079 elseif($remaining_time < 60) 3080 { 3081 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time); 3082 } 3083 elseif($remaining_time > 60 && $remaining_time < 120) 3084 { 3085 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']); 3086 } 3087 else 3088 { 3089 $remaining_time_minutes = ceil($remaining_time/60); 3090 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes); 3091 } 3092 3093 error($lang->error_emailflooding); 3094 } 3095 } 3096 3097 $query = $db->simple_select("users", "uid, username, email, hideemail, ignorelist", "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"); 3098 $to_user = $db->fetch_array($query); 3099 3100 $to_user['username'] = htmlspecialchars_uni($to_user['username']); 3101 $lang->email_user = $lang->sprintf($lang->email_user, $to_user['username']); 3102 3103 if(!$to_user['uid']) 3104 { 3105 error($lang->error_invaliduser); 3106 } 3107 3108 if($to_user['hideemail'] != 0) 3109 { 3110 error($lang->error_hideemail); 3111 } 3112 3113 if($to_user['ignorelist'] && (my_strpos(",".$to_user['ignorelist'].",", ",".$mybb->user['uid'].",") !== false && $mybb->usergroup['cansendemailoverride'] != 1)) 3114 { 3115 error_no_permission(); 3116 } 3117 3118 if(isset($errors) && count($errors) > 0) 3119 { 3120 $errors = inline_error($errors); 3121 $fromname = htmlspecialchars_uni($mybb->get_input('fromname')); 3122 $fromemail = htmlspecialchars_uni($mybb->get_input('fromemail')); 3123 $subject = htmlspecialchars_uni($mybb->get_input('subject')); 3124 $message = htmlspecialchars_uni($mybb->get_input('message')); 3125 } 3126 else 3127 { 3128 $errors = ''; 3129 $fromname = ''; 3130 $fromemail = ''; 3131 $subject = ''; 3132 $message = ''; 3133 } 3134 3135 // Generate CAPTCHA? 3136 if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0) 3137 { 3138 require_once MYBB_ROOT.'inc/class_captcha.php'; 3139 $post_captcha = new captcha(true, "post_captcha"); 3140 3141 if($post_captcha->html) 3142 { 3143 $captcha = $post_captcha->html; 3144 } 3145 } 3146 else 3147 { 3148 $captcha = ''; 3149 } 3150 3151 $from_email = ''; 3152 if($mybb->user['uid'] == 0) 3153 { 3154 eval("\$from_email = \"".$templates->get("member_emailuser_guest")."\";"); 3155 } 3156 3157 $plugins->run_hooks("member_emailuser_end"); 3158 3159 eval("\$emailuser = \"".$templates->get("member_emailuser")."\";"); 3160 output_page($emailuser); 3161 } 3162 3163 if($mybb->input['action'] == 'referrals') 3164 { 3165 $plugins->run_hooks('member_referrals_start'); 3166 3167 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 3168 if(!$uid) 3169 { 3170 error($lang->referrals_no_user_specified); 3171 } 3172 3173 $user = get_user($uid); 3174 if(!isset($user['uid'])) 3175 { 3176 error($lang->referrals_invalid_user); 3177 } 3178 3179 $lang->nav_referrals = $lang->sprintf($lang->nav_referrals, $user['username']); 3180 add_breadcrumb($lang->nav_referrals); 3181 3182 $query = $db->simple_select('users', 'COUNT(uid) AS total', "referrer='{$uid}'"); 3183 $referral_count = $db->fetch_field($query, 'total'); 3184 3185 $bg_color = 'trow1'; 3186 3187 if($referral_count == 0) 3188 { 3189 eval("\$referral_rows = \"".$templates->get('member_no_referrals')."\";"); 3190 } 3191 else 3192 { 3193 // Figure out if we need to display multiple pages. 3194 $perpage = 20; 3195 if ((int) $mybb->settings['referralsperpage']) { 3196 $perpage = (int) $mybb->settings['referralsperpage']; 3197 } 3198 3199 $page = 1; 3200 if($mybb->get_input('page', MyBB::INPUT_INT)) 3201 { 3202 $page = $mybb->get_input('page', MyBB::INPUT_INT); 3203 } 3204 3205 $pages = ceil($referral_count / $perpage); 3206 3207 if($page > $pages || $page <= 0) 3208 { 3209 $page = 1; 3210 } 3211 3212 if($page) 3213 { 3214 $start = ($page-1) * $perpage; 3215 } 3216 else 3217 { 3218 $start = 0; 3219 $page = 1; 3220 } 3221 3222 $multipage = multipage($referral_count, $perpage, $page, "member.php?action=referrals&uid={$uid}"); 3223 3224 $referral_rows = ''; 3225 foreach(get_user_referrals($uid, $start, $perpage) as $referral) 3226 { 3227 // Format user name link 3228 $username = htmlspecialchars_uni($referral['username']); 3229 $username = format_name($username, $referral['usergroup'], $referral['displaygroup']); 3230 $username = build_profile_link($username, $referral['uid']); 3231 3232 $regdate = my_date('normal', $referral['regdate']); 3233 3234 eval("\$referral_rows .= \"".$templates->get('member_referral_row')."\";"); 3235 3236 $bg_color = alt_trow(); 3237 } 3238 } 3239 3240 $plugins->run_hooks('member_referrals_end'); 3241 3242 eval("\$referrals = \"".$templates->get("member_referrals")."\";"); 3243 output_page($referrals); 3244 } 3245 3246 if(!$mybb->input['action']) 3247 { 3248 header("Location: index.php"); 3249 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |