Statistik |
Beiträge: 144.530 (Täglich: 19,19 )
Themen: 16.700
Mitglieder: 13.209
Neuestes Mitglied: zitronentee.
Ausl. d. letzten Minute: 179%
Ausl. d. letzten 5 Minuten: 160%
Ausl. d. letzten 15 Minuten: 160%
Aktulle Uhrzeit: 11:04
Freier Webspace: 4.02 TB
PHP-Version: 7.4.33
|
|
|
keine Einträge in Usermap mehr möglich??? |
|
keine Einträge in Usermap mehr möglich??? |
|
Habe seit kurzem ein Problem mit meiner User Map. ist schon länger drauf und es haben sich schon ein paar eingetragen. Jodoch kann sich kein neues Mitglied mehr eintragen so wie schon eingetragen können ihren Wohnort auch nicht mehr ändern.
Brauche dringend Hilfe.
Danke im vorraus.
Daniel
|
|
25.07.2006 18:23 |
|
|
Viktor
Administrator
Zeige Viktor auf Karte
Dabei seit: 15.08.2003
Beiträge: 31.570
363 Filebase-Einträge
Alter: 66 Jahre
Herkunft: NRW wBB-Version: wBB2.3 PHP-Version: 7.4.33 MySQL-Version: 10.5.19-MariaDB Wo bist du gehostet?: eigener Server
Bewertung:
Level: 71 [?]
Erfahrungspunkte: 237.744.173
Nächster Level: 266.777.854
|
|
|
25.07.2006 19:24 |
|
|
janolaf
wBB2-User
Zeige janolaf auf Karte
Dabei seit: 23.05.2004
Beiträge: 1.918
2 Filebase-Einträge
Alter: 59 Jahre
Herkunft: nahe bei Kölle wBB-Version: wBB2.3 PHP-Version: 5.2.6 MySQL-Version: 5.0.26 Wo bist du gehostet?: selbst ist der Mann
Bewertung:
Level: 52 [?]
Erfahrungspunkte: 13.902.863
Nächster Level: 16.259.327
|
|
hallo Supercomp ,
wahrscheinlich hast du beim update die dateien alle überschrieben.
bitte kontrolliere den einbau laut anleitung nochmal.
gruß janolaf
__________________ wenn du total verliebt in zwei glänzende augen schaust, vergewissere dich ,
ob es nicht nur die sonne ist, die durch den hohlen schädel scheint.
|
|
26.07.2006 08:53 |
|
|
|
Habe die Usermap noch einmal komplett Installiert. Das Problem bleibt aber bestehen.
|
|
26.07.2006 18:23 |
|
|
Viktor
Administrator
Zeige Viktor auf Karte
Dabei seit: 15.08.2003
Beiträge: 31.570
363 Filebase-Einträge
Alter: 66 Jahre
Herkunft: NRW wBB-Version: wBB2.3 PHP-Version: 7.4.33 MySQL-Version: 10.5.19-MariaDB Wo bist du gehostet?: eigener Server
Bewertung:
Level: 71 [?]
Erfahrungspunkte: 237.744.173
Nächster Level: 266.777.854
|
|
|
26.07.2006 20:36 |
|
|
|
Habe den Fehler nicht gefunden. könntest du mal bitte nachschauen?
Das Problem ist, das die Eingabe nicht gespeichert wird.
|
|
|
|
Zitat: <?php
// ***************************************************************************
*********//
// * WoltLab Burning Board 2
// ***************************************************************************
*********//
// * Copyright (c) 2001-2004 WoltLab GmbH
// * Web http://www.woltlab.de/
// * License http://www.woltlab.de/products/burning_board/license_en.php
// * http://www.woltlab.de/products/burning_board/license.php
// ***************************************************************************
*********//
// * WoltLab Burning Board 2 is NOT free software.
// * You may not redistribute this package or any of it's files.
// ***************************************************************************
*********//
// * $Date: 2006-01-04 11:39:33 +0100 (Wed, 04 Jan 2006) $
// * $Author: Burntime $
// * $Rev: 1680 $
// ***************************************************************************
*********//
$filename = 'usercp.php';
require('./global.php');
$lang->load('USERCP');
if (!$wbbuserdata['userid']) access_error();
if (isset($_REQUEST['action'])) $action = $_REQUEST['action'];
else $action = '';
/**
* remove an element from a list
*
* @param string list
* @param string remove
*
* @return string new list
*/
function removeFromlist($list, $remove) {
$listelements = explode(' ', $list);
if (!in_array($remove, $listelements)) return - 1;
else {
$count = count($listelements);
for ($i = 0; $i < $count; $i++) {
if ($listelements[$i] == $remove) {
if ($i == $count - 1) array_pop($listelements);
else $listelements[$i] = array_pop($listelements);
break;
}
}
return implode(' ', $listelements);
}
}
$username = htmlconverter($wbbuserdata['username']);
$lang->items['LANG_USERCP_TITLE'] = $lang->get("LANG_USERCP_TITLE", array('$username' => $username));
/** no action defined => startpage **/
if (!$action) {
eval("\$tpl->output(\"".$tpl->get("usercp")."\");");
}
/** edit profile **/
if ($action == 'profile_edit') {
$lang->load('REGISTER,POSTINGS');
$usercp_error = '';
$gender = array(1 => '', 2 => '');
/** post data sent => verify and safe profile **/
if (isset($_POST['send'])) {
// profilefields
if (isset($_POST['field']) && is_array($_POST['field'])) $field = trim_array($_POST['field']);
else $field = array();
if (isset($_POST['dayfield']) && is_array($_POST['dayfield'])) $dayfield = trim_array($_POST['dayfield']);
else $dayfield = array();
if (isset($_POST['monthfield']) && is_array($_POST['monthfield'])) $monthfield = trim_array($_POST['monthfield']);
else $monthfield = array();
if (isset($_POST['yearfield']) && is_array($_POST['yearfield'])) $yearfield = trim_array($_POST['yearfield']);
else $yearfield = array();
// profiledata
if (isset($_POST['r_email'])) $r_email = wbb_trim($_POST['r_email']);
if (isset($_POST['r_homepage'])) $r_homepage = wbb_trim($_POST['r_homepage']);
if (isset($_POST['r_icq'])) $r_icq = str_replace("-", "", wbb_trim($_POST['r_icq']));
if (isset($_POST['r_aim'])) $r_aim = wbb_trim($_POST['r_aim']);
if (isset($_POST['r_yim'])) $r_yim = wbb_trim($_POST['r_yim']);
if (isset($_POST['r_msn'])) $r_msn = wbb_trim($_POST['r_msn']);
if (isset($_POST['r_skype'])) $r_skype = wbb_trim($_POST['r_skype']);
if (isset($_POST['r_day'])) $r_day = wbb_trim($_POST['r_day']);
if (isset($_POST['r_month'])) $r_month = wbb_trim($_POST['r_month']);
if (isset($_POST['r_year'])) $r_year = wbb_trim($_POST['r_year']);
if (isset($_POST['r_gender'])) $r_gender = wbb_trim($_POST['r_gender']);
if (isset($_POST['r_usertext'])) $r_usertext = wbb_trim($_POST['r_usertext']);
if (isset($_POST['r_title']) && $wbbuserdata['can_edit_title'] == 1) $r_title = wbb_trim($_POST['r_title']);
else $r_title = '';
$error = '';
$userfield_error = 0;
$fieldvalues = '';
/** verify required profilefields and build sql update query **/
$result = $db->unbuffered_query("SELECT profilefieldid,required,fieldtype,choicecount,fieldoptions FROM bb".$n."_profilefields ORDER BY profilefieldid ASC");
while ($row = $db->fetch_array($result)) {
// is required -> check content
if ($row['required'] == 1 && $row['fieldtype'] != "checkbox") {
// date
if ($row['fieldtype'] == "date") {
if (!$dayfield[$row['profilefieldid']] || !$monthfield[$row['profilefieldid']] || !$yearfield[$row['profilefieldid']]) {
$userfield_error = 1;
}
}
// select
else if ($row['fieldtype'] == "select") {
$temp = explode("\n", dos2unix($row['fieldoptions']));
$options = trim_array($temp);
if (!isset($field[$row['profilefieldid']]) || !in_array($field[$row['profilefieldid']], $options)) {
$userfield_error = 1;
}
}
// multiselect
else if ($row['fieldtype'] == "multiselect") {
$temp = explode("\n", dos2unix($row['fieldoptions']));
$options = trim_array();
if (!count($field[$row['profilefieldid']])) {
$userfield_error = 1;
}
else {
for ($i = 0, $j = count($field[$row['profilefieldid']]); $i < $j; $i++) {
if (!in_array($field[$row['profilefieldid']][$i], $options)) {
$userfield_error = 1;
}
}
}
}
// other
else {
if (!isset($field[$row['profilefieldid']]) || $field[$row['profilefieldid']] == '') {
$userfield_error = 1;
}
}
if ($userfield_error == 1) break;
}
if ($row['fieldtype'] == "multiselect") {
if (is_array($field[$row['profilefieldid']])) {
if ($row['choicecount'] && count($field[$row['profilefieldid']]) > $row['choicecount']) {
$max = count($field[$row['profilefieldid']]);
for ($i = $row['choicecount']; $i < $max; $i++) unset($field[$row['profilefieldid']][$i]);
}
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = '".addslashes(wbb_trim(implode("\n", $field[$row['profilefieldid']])))."'";
else $fieldvalues .= "field$row[profilefieldid] = '".addslashes(wbb_trim(implode("\n", $field[$row['profilefieldid']])))."'";
}
else {
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = ''";
else $fieldvalues .= "field$row[profilefieldid] = ''";
}
}
elseif ($row['fieldtype'] == "date") {
if ($dayfield[$row['profilefieldid']] && $monthfield[$row['profilefieldid']]) $datefield = ((wbb_strlen($yearfield[$row['profilefieldid']]) == 4) ? ($yearfield[$row['profilefieldid']]) : (((wbb_strlen($yearfield[$row['profilefieldid']]) == 2) ? ("19".$yearfield[$row['profilefieldid']]) : ("0000"))))."-".(($monthfield[$row['profilefieldid']] < 10) ? ("0".$monthfield[$row['profilefieldid']]) : ($monthfield[$row['profilefieldid']]))."-".(($dayfield[$row['profilefieldid
']] < 10) ? ("0".$dayfield[$row['profilefieldid']]) : ($dayfield[$row['profilefieldid']]));
else $datefield = "0000-00-00";
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = '".addslashes($datefield)."'";
else $fieldvalues = "field$row[profilefieldid] = '".addslashes($datefield)."'";
}
else {
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = '".addslashes($field[$row['profilefieldid']])."'";
else $fieldvalues = "field$row[profilefieldid] = '".addslashes($field[$row['profilefieldid']])."'";
}
}
/** verify input, build error messages **/
if ($userfield_error == 1) $error .= $lang->items['LANG_POSTINGS_ERROR1'];
if (wbb_strlen($r_usertext) > $wbbuserdata['max_usertext_length']) $error .= $lang->items['LANG_REGISTER_ERROR6'];
if ($error) eval("\$usercp_error = \"".$tpl->get("register_error")."\";");
/** input ok **/
else {
if ($r_homepage && !preg_match("/[a-zA-Z]:\/\//si", $r_homepage)) $r_homepage = "http://".$r_homepage;
if ($r_day && $r_month) {
$r_year = ((wbb_strlen($r_year) == 4) ? ($r_year) : (((wbb_strlen($r_year) == 2) ? ("19$r_year") : ("0000"))));
if (checkdate($r_month, $r_day, (($r_year != '0000') ? ($r_year) : (date('Y', time()))))) $birthday = $r_year."-".(($r_month < 10) ? ("0$r_month") : ($r_month))."-".(($r_day < 10) ? ("0$r_day") : ($r_day));
else $birthday = "0000-00-00";
}
else $birthday = "0000-00-00";
if ($wbbuserdata['can_edit_title'] == 1 && isset($r_title)) if (!verify_usertitle($r_title)) $r_title = '';
list($rankid) = $db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$wbbuserdata[rankgroupid]') AND needposts<='$wbbuserdata[userposts]' AND gender IN ('0','".intval($r_gender)."') ORDER BY needposts DESC, gender DESC", 1);
$db->unbuffered_query("UPDATE bb".$n."_users SET ".(($wbbuserdata['can_edit_title'] == 1 && isset($r_title)) ? ("title='".addslashes($r_title)."', ") : (""))."usertext='".addslashes($r_usertext)."', icq='".intval($r_icq)."', aim='".addslashes($r_aim)."', yim='".addslashes($r_yim)."', msn='".addslashes($r_msn)."', homepage='".addslashes($r_homepage)."', birthday='".addslashes($birthday)."', gender='".intval($r_gender)."'".(($rankid != $wbbuserdata['rankid']) ? (", rankid='$rankid'") : (""))."
, skype='".addslashes($r_skype)."' WHERE userid = '$wbbuserdata[userid]'", 1);
if ($fieldvalues) $db->unbuffered_query("UPDATE bb".$n."_userfields SET $fieldvalues WHERE userid = '$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=profile_edit".$SID_ARG_2ND_UN);
exit();
}
}
/** profile saved **/
/** no post data sent, get profile **/
else {
$r_homepage = $wbbuserdata['homepage'];
$r_icq = $wbbuserdata['icq'];
$r_aim = $wbbuserdata['aim'];
$r_yim = $wbbuserdata['yim'];
$r_msn = $wbbuserdata['msn'];
$r_skype = $wbbuserdata['skype'];
$birthday = explode("-", $wbbuserdata['birthday']);
$r_day = $birthday[2];
$r_month = $birthday[1];
$r_year = (($birthday[0]) ? ($birthday[0]) : (""));
$r_gender = $wbbuserdata['gender'];
$r_usertext = $wbbuserdata['usertext'];
$r_title = $wbbuserdata['title'];
$userfields = $db->query_first("SELECT * FROM bb".$n."_userfields WHERE userid='$wbbuserdata[userid]'");
}
/** now generate the html - form **/
$day_options = ''; $month_options = '';
for ($i = 1; $i <= 31; $i++) $day_options .= makeoption($i, $i, $r_day);
for ($i = 1; $i <= 12; $i++) $month_options .= makeoption($i, getmonth($i), $r_month);
if (isset($r_gender)) $gender[$r_gender] = ' selected="selected"';
$z = 0;
$y = 1;
$profilefields_required = '';
$profilefields = '';
/** get profilefields **/
$result = $db->unbuffered_query("SELECT * FROM bb".$n."_profilefields ORDER BY fieldorder ASC");
while ($row = $db->fetch_array($result)) {
$field_value = '';
$field_checked = '';
$dayfield_value = '';
$monthfield_value = '';
$yearfield_value = '';
$row_options = array();
$selected_options = array();
switch ($row['fieldtype']) {
case "text":
if (isset($_POST['send'])) $field_value = htmlconverter($field[$row['profilefieldid']]);
else $field_value = htmlconverter($userfields["field".$row['profilefieldid']]);
break;
case "select":
$row_options = explode("\n", $row['fieldoptions']);
$field_value = "<option value=\"\">".$lang->get("LANG_GLOBAL_PLEASE_SELECT")."</option>\n";
foreach ($row_options as $option) $field_value .= makeoption(htmlconverter(wbb_trim($option)), htmlconverter(wbb_trim($option)), ((isset($_POST['send'])) ? (htmlconverter(wbb_trim($field[$row['profilefieldid']]))) : (htmlconverter(wbb_trim($userfields["field".$row['profilefieldid']])))));
break;
case "multiselect":
$row_options = explode("\n", $row['fieldoptions']);
if (isset($_POST['send']) && is_array($field[$row['profilefieldid']]) && count($field[$row['profilefieldid']])) $selected_options = $field[$row['profilefieldid']];
else $selected_options = explode("\n", $userfields["field".$row['profilefieldid']]);
foreach ($row_options as $option) $field_value .= makeoption(htmlconverter(wbb_trim($option)), htmlconverter(wbb_trim($option)), ((in_array(wbb_trim($option), $selected_options)) ? (htmlconverter(wbb_trim($option))) : ("")));
break;
case "checkbox":
$field_value = htmlconverter($row['fieldoptions']);
$field_checked = (($row['fieldoptions'] == ((isset($_POST['send'])) ? ($field[$row['profilefieldid']]) : ($userfields["field".$row['profilefieldid']]))) ? (" checked=\"checked\"") : (""));
break;
case "date":
if (isset($_POST['send'])) {
$year_tmp = $yearfield[$row['profilefieldid']];
$month_tmp = $monthfield[$row['profilefieldid']];
$day_tmp = $dayfield[$row['profilefieldid']];
}
else list($year_tmp, $month_tmp, $day_tmp) = explode("-", $userfields["field".$row['profilefieldid']]);
for ($i = 1; $i <= 31; $i++) $dayfield_value .= makeoption($i, $i, $day_tmp);
for ($i = 1; $i <= 12; $i++) $monthfield_value .= makeoption($i, getmonth($i), $month_tmp);
if (intval($year_tmp)) $yearfield_value = $year_tmp;
else $yearfield_value = '';
break;
}
$row['title'] = getlangvar($row['title'], $lang);
$row['description'] = getlangvar($row['description'], $lang);
if ($row['required'] == 1) {
$tdclass = getone($y, "tablea", "tableb");
eval("\$profilefields_required .= \"".$tpl->get("register_userfield_$row[fieldtype]")."\";");
$y++;
}
else {
$tdclass = getone($z, "tablea", "tableb");
eval("\$profilefields .= \"".$tpl->get("register_userfield_$row[fieldtype]")."\";");
$z++;
}
}
$r_homepage = htmlconverter($r_homepage);
$r_icq = intval($r_icq);
$r_aim = htmlconverter($r_aim);
$r_yim = htmlconverter($r_yim);
$r_msn = htmlconverter($r_msn);
$r_skype = htmlconverter($r_skype);
$r_year = htmlconverter($r_year);
$r_gender = htmlconverter($r_gender);
$r_usertext = htmlconverter($r_usertext);
$r_title = htmlconverter($r_title);
if (!$r_icq) $r_icq = '';
if ($r_year == "0000") $r_year = '';
/** output html - form **/
eval("\$tpl->output(\"".$tpl->get("usercp_profile_edit")."\");");
}
/** edit signature **/
if ($action == 'signature_edit') {
$lang->load('REGISTER,POSTINGS');
require('./acp/lib/class_parse.php');
$preview_signature = '';
$old_signature = '';
$usercp_error = '';
if (isset($_POST['send'])) {
// post options
if (isset($_POST['disablesmilies'])) $disablesmilies = intval($_POST['disablesmilies']);
else $disablesmilies = 0;
if (isset($_POST['disablehtml'])) $disablehtml = intval($_POST['disablehtml']);
else $disablehtml = 0;
if (isset($_POST['disablebbcode'])) $disablebbcode = intval($_POST['disablebbcode']);
else $disablebbcode = 0;
if (isset($_POST['disableimages'])) $disableimages = intval($_POST['disableimages']);
else $disableimages = 0;
/* get message & strip crap */
$message = stripcrap(wbb_trim($_POST['message']));
/* posting feature rights:start */
if (!$wbbuserdata['can_use_sig_smilies'] || $disablesmilies == 1) $allowsmilies = 0;
else $allowsmilies = 1;
if (!$wbbuserdata['can_use_sig_html'] || $disablehtml == 1) $allowhtml = 0;
else $allowhtml = 1;
if (!$wbbuserdata['can_use_sig_bbcode'] || $disablebbcode == 1) $allowbbcode = 0;
else $allowbbcode = 1;
if (!$wbbuserdata['can_use_sig_images'] || $disableimages == 1) $allowimages = 0;
else $allowimages = 1;
/* posting feature rights:end */
if (!isset($_POST['preview']) && !$_POST['change_editor']) {
$error = '';
if (wbb_strlen($message) > $wbbuserdata['max_sig_length']) $error .= $lang->items['LANG_REGISTER_ERROR4'];
if ($wbbuserdata['max_sig_image'] != -1 && wbb_substr_count(wbb_strtolower($message), "[img]") > $wbbuserdata['max_sig_image']) $error .= $lang->items['LANG_REGISTER_ERROR5'];
if ($error) eval("\$usercp_error = \"".$tpl->get("register_error")."\";");
else {
$db->unbuffered_query("UPDATE bb".$n."_users SET signature='".addslashes($message)."', allowsigsmilies='$allowsmilies', allowsightml='$allowhtml', allowsigbbcode='$allowbbcode', allowsigimages='$allowimages' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=signature_edit".$SID_ARG_2ND_UN);
exit();
}
}
else if (!$_POST['change_editor']) {
$parse = &new parse($docensor, 75, $wbbuserdata['showimages'], "", $usecode);
$preview_signature = $parse->doparse($message, $allowsmilies, $allowhtml, $allowbbcode, $allowimages);
}
if ($disablesmilies == 1) $checked[0] = 'checked="checked"';
else $checked[0] = '';
if ($disablehtml == 1) $checked[1] = 'checked="checked"';
else $checked[1] = '';
if ($disablebbcode == 1) $checked[2] = 'checked="checked"';
else $checked[2] = '';
if ($disableimages == 1) $checked[3] = 'checked="checked"';
else $checked[3] = '';
}
else {
$message = $wbbuserdata['signature'];
$disablesmilies = 1 - $wbbuserdata['allowsigsmilies'];
$disablehtml = 1 - $wbbuserdata['allowsightml'];
$disablebbcode = 1 - $wbbuserdata['allowsigbbcode'];
$disableimages = 1 - $wbbuserdata['allowsigimages'];
if ($disablesmilies == 1) $checked[0] = 'checked="checked"';
else $checked[0] = '';
if ($disablehtml == 1) $checked[1] = 'checked="checked"';
else $checked[1] = '';
if ($disablebbcode == 1) $checked[2] = 'checked="checked"';
else $checked[2] = '';
if ($disableimages == 1) $checked[3] = 'checked="checked"';
else $checked[3] = '';
}
if ($wbbuserdata['signature']) {
if (!isset($parse)) $parse = &new parse($docensor, 75, $wbbuserdata['showimages'], "", $usecode);
$old_signature = $parse->doparse($wbbuserdata['signature'], $wbbuserdata['allowsigsmilies'], $wbbuserdata['allowsightml'], $wbbuserdata['allowsigbbcode'], $wbbuserdata['allowsigimages']);
}
if ($wbbuserdata['can_use_sig_bbcode'] == 1 && $wbbuserdata['usewysiwyg'] != 1) $bbcode_buttons = getcodebuttons();
if ($wbbuserdata['can_use_sig_smilies'] == 1) {
if ($wbbuserdata['usewysiwyg'] == 1) $smilies = getAppletSmilies();
$bbcode_smilies = getclickysmilies($smilie_table_cols, $smilie_table_rows);
}
$note = '';
if ($wbbuserdata['can_use_sig_html'] == 0) $note .= $lang->items['LANG_POSTINGS_HTML_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_HTML_ALLOW'];
if ($wbbuserdata['can_use_sig_bbcode'] == 0) $note .= $lang->items['LANG_POSTINGS_BBCODE_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_BBCODE_ALLOW'];
if ($wbbuserdata['can_use_sig_smilies'] == 0) $note .= $lang->items['LANG_POSTINGS_SMILIES_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_SMILIES_ALLOW'];
if ($wbbuserdata['can_use_sig_images'] == 0) $note .= $lang->items['LANG_POSTINGS_HTML_IMAGES_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_IMAGES_ALLOW'];
if (isset($message)) $message = htmlconverter($message);
$lang->items['LANG_POSTINGS_JS_MESSAGE_TOLONG'] = $lang->items['LANG_USERCP_SIGNATURE_TOLONG'];
$lang->items['LANG_POSTINGS_JS_MESSAGE_MAXLENGTH'] = $lang->items['LANG_USERCP_SIGNATURE_MAXLENGTH'];
$lang->items['LANG_POSTINGS_JS_MESSAGE_CHECKLENGTH'] = $lang->items['LANG_USERCP_SIGNATURE_CHECKLENGTH_TEXT'];
eval("\$headinclude .= \"".$tpl->get("bbcode_script")."\";");
eval("\$editor = \"".$tpl->get("editor")."\";");
eval("\$editor_switch = \"".$tpl->get("editor_switch")."\";");
eval("\$tpl->output(\"".$tpl->get("usercp_signature_edit")."\");");
}
/** change options **/
if ($action == 'options_change') {
$lang->load('REGISTER,POSTINGS');
if (isset($_POST['send'])) {
if (isset($_POST['r_invisible'])) $r_invisible = wbb_trim($_POST['r_invisible']);
if (isset($_POST['r_usecookies'])) $r_usecookies = wbb_trim($_POST['r_usecookies']);
if (isset($_POST['r_admincanemail'])) $r_admincanemail = wbb_trim($_POST['r_admincanemail']);
if (isset($_POST['r_showemail'])) $r_showemail = wbb_trim($_POST['r_showemail']);
if (isset($_POST['r_usercanemail'])) $r_usercanemail = wbb_trim($_POST['r_usercanemail']);
if (isset($_POST['r_emailnotify'])) $r_emailnotify = wbb_trim($_POST['r_emailnotify']);
if (isset($_POST['r_notificationperpm'])) $r_notificationperpm = wbb_trim($_POST['r_notificationperpm']);
if (isset($_POST['r_receivepm'])) $r_receivepm = wbb_trim($_POST['r_receivepm']);
if (isset($_POST['r_emailonpm'])) $r_emailonpm = wbb_trim($_POST['r_emailonpm']);
if (isset($_POST['r_pmpopup'])) $r_pmpopup = wbb_trim($_POST['r_pmpopup']);
if (isset($_POST['r_showsignatures'])) $r_showsignatures = wbb_trim($_POST['r_showsignatures']);
if (isset($_POST['r_showavatars'])) $r_showavatars = wbb_trim($_POST['r_showavatars']);
if (isset($_POST['r_showimages'])) $r_showimages = wbb_trim($_POST['r_showimages']);
if (isset($_POST['r_daysprune'])) $r_daysprune = wbb_trim($_POST['r_daysprune']);
if (isset($_POST['r_umaxposts'])) $r_umaxposts = wbb_trim($_POST['r_umaxposts']);
if (isset($_POST['r_threadview'])) $r_threadview = wbb_trim($_POST['r_threadview']);
if (isset($_POST['r_dateformat'])) $r_dateformat = wbb_trim($_POST['r_dateformat']);
if (isset($_POST['r_timeformat'])) $r_timeformat = wbb_trim($_POST['r_timeformat']);
if (isset($_POST['r_startweek'])) $r_startweek = wbb_trim($_POST['r_startweek']);
if (isset($_POST['r_timezoneoffset'])) $r_timezoneoffset = wbb_trim($_POST['r_timezoneoffset']);
if (isset($_POST['r_styleid'])) $r_styleid = wbb_trim($_POST['r_styleid']);
if (isset($_POST['r_langid'])) $r_langid = wbb_trim($_POST['r_langid']);
if (isset($_POST['r_emailonapplication'])) $r_emailonapplication = wbb_trim($_POST['r_emailonapplication']);
if (isset($_POST['r_usewysiwyg'])) $r_usewysiwyg = wbb_trim($_POST['r_usewysiwyg']);
if (!$r_dateformat) $r_dateformat = $dateformat;
if (!$r_timeformat) $r_timeformat = $timeformat;
$db->unbuffered_query("UPDATE bb".$n."_users SET showemail='".intval($r_showemail)."', admincanemail='".intval($r_admincanemail)."', usercanemail='".intval($r_usercanemail)."', invisible='".intval($r_invisible)."', usecookies='".intval($r_usecookies)."', styleid='".intval($r_styleid)."', daysprune='".intval($r_daysprune)."', timezoneoffset='".addslashes(htmlspecialchars($r_timezoneoffset))."', startweek='".intval($r_startweek)."', dateformat='".addslashes($r_dateformat)."', timeformat='".addslashes($r_timeformat)."', emailnotify='".intval($r_emailnotify)."', notificationperpm='".intval($r_notificationperpm)."', receivepm='".intval($r_receivepm)."', emailonpm='".intval($r_emailonpm)."', pmpopup='".intval($r_pmpopup)."', umaxposts='".intval($r_umaxposts)."', showsignatures='".intval($r_showsignatures)."', showavatars='".intval($r_showavatars)."', showimages='".intval($r_showimages)."', threadview='".intval($r_threadview)."', langid='".intval($r_langid)."'".(($wbbuserdata['isgroupleader'] == 1) ? (", emailonapplication='".intval($r_emailonapplication)."'") : ("")).", usewysiwyg='".intval($r_usewysiwyg)."' WHERE userid = '$wbbuserdata[userid]'", 1);
if ($r_styleid != $session['styleid'] || $r_langid != $session['langid']) $db->unbuffered_query("UPDATE bb".$n."_sessions SET styleid='".intval($r_styleid)."', langid='".intval($r_langid)."' WHERE sessionhash='$sid'", 1);
header("Location: usercp.php?action=options_change".$SID_ARG_2ND_UN);
exit();
}
/* Begin User-Map by Viktor */
$user_id = $wbbuserdata['userid'];
if(isSet($_POST['longitude'])) $longitude = (float)($_POST['longitude']);
if(isSet($_POST['latitude'])) $latitude = (float)($_POST['latitude']);
if(isSet($_POST['zipcode'])) $zipcode = $_POST['zipcode'];
if(isSet($_POST['place'])) $place = $_POST['place'];
if ($longitude != '') {
if ($latitude != '') {
if ($zipcode != '') {
if ($place != '') {
$result = $db->query("SELECT user_id FROM bb".$n."_map_mod_user WHERE user_id = '$wbbuserdata[userid]'");
$row = $db->fetch_array($result);
if(!$row['user_id']) {
$db->query("INSERT INTO bb".$n."_map_mod_user (user_id,longitude,latitude,zipcode,place) VALUES ('".$wbbuserdata[userid]."', '".(float)$longitude."', '".(float)$latitude."', '".$zipcode."', '".addslashes($place)."')");
} else {
$db->unbuffered_query("UPDATE bb".$n."_map_mod_user SET longitude='".(float)$longitude."', latitude='".(float)$latitude."', zipcode='".$zipcode."', place='".addslashes($place)."' WHERE user_id ='$wbbuserdata[userid]'",1);
}
}
}
}
}
/* End User-Map by Viktor */
else {
$r_invisible = $wbbuserdata['invisible'];
$r_usecookies = $wbbuserdata['usecookies'];
$r_admincanemail = $wbbuserdata['admincanemail'];
$r_showemail = $wbbuserdata['showemail'];
$r_usercanemail = $wbbuserdata['usercanemail'];
$r_emailnotify = $wbbuserdata['emailnotify'];
$r_notificationperpm = $wbbuserdata['notificationperpm'];
$r_receivepm = $wbbuserdata['receivepm'];
$r_emailonpm = $wbbuserdata['emailonpm'];
$r_pmpopup = $wbbuserdata['pmpopup'];
$r_showsignatures = $wbbuserdata['showsignatures'];
$r_showavatars = $wbbuserdata['showavatars'];
$r_showimages = $wbbuserdata['showimages'];
$r_daysprune = $wbbuserdata['daysprune'];
$r_umaxposts = $wbbuserdata['umaxposts'];
$r_dateformat = $wbbuserdata['dateformat'];
$r_timeformat = $wbbuserdata['timeformat'];
$r_startweek = $wbbuserdata['startweek'];
$r_timezoneoffset = $wbbuserdata['timezoneoffset'];
$r_styleid = $wbbuserdata['styleid'];
$r_langid = $wbbuserdata['langid'];
$r_threadview = $wbbuserdata['threadview'];
$r_emailonapplication = $wbbuserdata['emailonapplication'];
$r_usewysiwyg = $wbbuserdata['usewysiwyg'];
}
$startweek_options = '';
for ($i = 0; $i < 7; $i++) $startweek_options .= makeoption($i, getday($i), $r_startweek);
if (isset($r_invisible)) $invisible[$r_invisible] = " selected=\"selected\"";
if (isset($r_usecookies)) $usecookies[$r_usecookies] = " selected=\"selected\"";
if (isset($r_admincanemail)) $admincanemail[$r_admincanemail] = " selected=\"selected\"";
if (isset($r_showemail)) $showemail[$r_showemail] = " selected=\"selected\"";
if (isset($r_usercanemail)) $usercanemail[$r_usercanemail] = " selected=\"selected\"";
if (isset($r_emailnotify)) $emailnotify[$r_emailnotify] = " selected=\"selected\"";
if (isset($r_notificationperpm)) $notificationperpm[$r_notificationperpm] = " selected=\"selected\"";
if (isset($r_receivepm)) $receivepm[$r_receivepm] = " selected=\"selected\"";
if (isset($r_emailonpm)) $emailonpm[$r_emailonpm] = " selected=\"selected\"";
if (isset($r_pmpopup)) $spmpopup[$r_pmpopup] = " selected=\"selected\"";
if (isset($r_showsignatures)) $showsignatures[$r_showsignatures] = " selected=\"selected\"";
if (isset($r_showavatars)) $showavatars[$r_showavatars] = " selected=\"selected\"";
if (isset($r_showimages)) $showimages[$r_showimages] = " selected=\"selected\"";
if (isset($r_daysprune)) $sdaysprune[$r_daysprune] = " selected=\"selected\"";
if (isset($r_umaxposts)) $sumaxposts[$r_umaxposts] = " selected=\"selected\"";
if (isset($r_threadview)) $sthreadview[$r_threadview] = " selected=\"selected\"";
if (isset($r_emailonapplication)) $emailonapplication[$r_emailonapplication] = " selected=\"selected\"";
if (isset($r_usewysiwyg)) $usewysiwyg[$r_usewysiwyg] = " selected=\"selected\"";
$timezone_options = '';
$timezones = explode("\n", $lang->items['LANG_REGISTER_TIMEZONES']);
for ($i = 0; $i < count($timezones); $i++) {
$parts = explode("|", wbb_trim($timezones[$i]));
$timezone_options .= makeoption($parts[0], "(GMT".(($parts[1]) ? (" ".$parts[1]) : ("")).") $parts[2]", $r_timezoneoffset);
}
/* styles */
$style_options = '';
$result = $db->unbuffered_query("SELECT styleid, stylename FROM bb".$n."_styles ORDER BY stylename ASC");
while ($row = $db->fetch_array($result)) $style_options .= makeoption($row['styleid'], getlangvar($row['stylename'], $lang), $r_styleid);
/* language packs */
$lang_options = '';
$result = $db->unbuffered_query("SELECT languagepackid, languagepackname FROM bb".$n."_languagepacks ORDER BY languagepackname ASC");
while ($row = $db->fetch_array($result)) $lang_options .= makeoption($row['languagepackid'], getlangvar($row['languagepackname'], $lang), $r_langid);
$r_dateformat = htmlconverter($r_dateformat);
$r_timeformat = htmlconverter($r_timeformat);
/* Begin User-Map by Viktor */
$result = $db->query("SELECT * FROM bb".$n."_map_mod_user WHERE user_id='$wbbuserdata[userid]'");
$row = $db->fetch_array($result);
if ($row['longitude']) {
$longitude = $row['longitude'];
$latitude = $row['latitude'];
$zipcode = $row['zipcode'];
$place = $row['place'];
} else {
$longitude = 0;
$latitude = 0;
$zipcode = '';
$place = '';
}
/* End User-Map by Viktor */
eval("\$tpl->output(\"".$tpl->get("usercp_options_change")."\");");
}
/** change password **/
if ($action == 'password_change') {
$lang->load('REGISTER,POSTINGS');
if (isset($_POST['send'])) {
$new_password = $_POST['new_password'];
$confirm_new_password = $_POST['confirm_new_password'];
$authentification = false;
if ($allowloginencryption == 1 && $_POST['crypted'] == "true" && $wbbuserdata['sha1_password']) {
if (sha1(sha1($session['authentificationcode']).$wbbuserdata['sha1_password'])
== $_POST['authentificationcode']) $authentification = true;
else $authentification = false;
}
else {
if (md5($_POST['l_password']) == $wbbuserdata['password']) {
$authentification = true;
if (!$wbbuserdata['sha1_password']) {
$db->unbuffered_query("UPDATE bb".$n."_users SET sha1_password='".sha1($_POST['l_password'])."' WHERE userid='$wbbuserdata[userid]'");
}
}
else $authentification = false;
}
if (($_POST['crypted'] == "false" && !$_POST['l_password']) || !$new_password || !$confirm_new_password) error($lang->get("LANG_GLOBAL_ERROR1"));
elseif ($new_password != $confirm_new_password) error($lang->get("LANG_USERCP_PASSWORD_CHANGE_ERROR1"));
elseif ($authentification == false) error($lang->get("LANG_USERCP_PASSWORD_CHANGE_ERROR2"));
else {
$db->query("UPDATE bb".$n."_users SET password='".md5($new_password)."', sha1_password='".sha1($new_password)."' WHERE userid='$wbbuserdata[userid]'");
if ($wbbuserdata['usecookies'] == 1) bbcookie("userpassword", md5($new_password), time() + 3600 * 24 * 365);
redirect($lang->get("LANG_USERCP_PW_REDIRECT"), "usercp.php".$SID_ARG_1ST);
exit;
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_password_change")."\");");
}
/** change email **/
if ($action == 'email_change') {
$lang->load('REGISTER,POSTINGS');
if (isset($_POST['send'])) {
$new_email = wbb_trim($_POST['new_email']);
$confirm_new_email = wbb_trim($_POST['confirm_new_email']);
if ($new_email == $wbbuserdata['email']) {
header("Location: usercp.php".$SID_ARG_1ST);
exit();
}
$authentification = false;
if ($allowloginencryption == 1 && $_POST['crypted'] == "true" && $wbbuserdata['sha1_password']) {
if (sha1(sha1($session['authentificationcode']).$wbbuserdata['sha1_password'])
== $_POST['authentificationcode']) $authentification = true;
else $authentification = false;
}
else {
if (md5($_POST['l_password']) == $wbbuserdata['password']) {
$authentification = true;
if (!$wbbuserdata['sha1_password']) {
$db->unbuffered_query("UPDATE bb".$n."_users SET sha1_password='".sha1($_POST['l_password'])."' WHERE userid='$wbbuserdata[userid]'");
}
}
else $authentification = false;
}
if (($_POST['crypted'] == "false" && !$_POST['l_password']) || !$new_email || !$confirm_new_email) error($lang->get("LANG_GLOBAL_ERROR1"));
elseif ($authentification == false) error($lang->get("LANG_USERCP_PASSWORD_CHANGE_ERROR2"));
elseif ($new_email != $confirm_new_email) error($lang->get("LANG_USERCP_EC_ERROR1"));
elseif (!verify_email($new_email)) error($lang->get("LANG_USERCP_EC_ERROR2"));
else {
$db->query("UPDATE bb".$n."_users SET email='".addslashes($new_email)."' WHERE userid = '$wbbuserdata[userid]'");
if ($emailverifymode == 0) {
redirect($lang->get("LANG_USERCP_EC_REDIRECT0"), "usercp.php".$SID_ARG_1ST);
}
if ($emailverifymode == 3) {
$lang->load('MAIL');
$r_password = password_generate();
$db->query("UPDATE bb".$n."_users SET password='".md5($r_password)."', sha1_password='".sha1($r_password)."' WHERE userid = '$wbbuserdata[userid]'");
$db->query("UPDATE bb".$n."_sessions SET userid=0 WHERE sessionhash='$sid'");
$master_board_name_email = getlangvar($o_master_board_name, $lang, 0);
$subject = $lang->get("LANG_MAIL_EC3_SUBJECT", array('$master_board_name_email' => $master_board_name_email));
$content = $lang->get("LANG_MAIL_EC3_TEXT", array('$master_board_name_email' => $master_board_name_email, '$username' => $wbbuserdata['username'], '$r_password' => $r_password));
mailer($new_email, $subject, $content);
redirect($lang->get("LANG_USERCP_EC_REDIRECT3", array('$new_email' => $new_email)), "index.php".$SID_ARG_1ST, 20);
}
if ($emailverifymode == 1 || $emailverifymode == 2) {
$activation = code_generate();
list($groupid) = $db->query_first("SELECT groupid FROM bb".$n."_groups WHERE grouptype = 2");
if (!in_array($groupid, $wbbuserdata['groupids'])) {
$wbbuserdata['groupids'][] = $groupid;
sort($wbbuserdata['groupids']);
$db->unbuffered_query("UPDATE bb".$n."_users SET activation='$activation', groupcombinationid='".cachegroupcombinationdata(implode(",", $wbbuserdata['groupids']), 0)."' WHERE userid='".$wbbuserdata['userid']."'", 1);
}
else $db->query("UPDATE bb".$n."_users SET activation='$activation' WHERE userid = '$wbbuserdata[userid]'");
$db->query("INSERT IGNORE INTO bb".$n."_user2groups (userid,groupid) VALUES ('$wbbuserdata[userid]','$groupid')");
if ($emailverifymode == 1) {
$lang->load('MAIL');
$master_board_name_email = getlangvar($o_master_board_name, $lang, 0);
$subject = $lang->get("LANG_MAIL_EC1_SUBJECT", array('$master_board_name_email' => $master_board_name_email));
$content = $lang->get("LANG_MAIL_EC1_TEXT", array('$master_board_name_email' => $master_board_name_email, '$username' => $wbbuserdata['username'], '$url2board' => $url2board, '$userid' => $wbbuserdata['userid'], '$activation' => $activation, '$webmastermail' => $webmastermail));
mailer($new_email, $subject, $content);
redirect($lang->get("LANG_USERCP_EC_REDIRECT1", array('$new_email' => $new_email)), "usercp.php".$SID_ARG_1ST, 20);
}
else redirect($lang->get("LANG_USERCP_EC_REDIRECT2", array('$new_email' => $new_email)), "usercp.php".$SID_ARG_1ST, 20);
}
exit;
}
}
$wbbuserdata['email'] = htmlconverter($wbbuserdata['email']);
eval("\$tpl->output(\"".$tpl->get("usercp_email_change")."\");");
}
/** buddy list **/
if ($action == 'buddy_list') {
$lang->load('MEMBERS');
if (isset($_POST['send'])) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE username='".addslashes(wbb_trim($_POST['addtolist']))."'");
if (!$userid) error($lang->items['LANG_USERCP_ERROR1']);
elseif ($userid == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
$buddylist = add2list($wbbuserdata['buddylist'], $userid);
if ($buddylist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=buddy_list".$SID_ARG_2ND_UN);
exit();
}
}
$listbit = '';
$pmLink = '';
$buddyCount=0;
if ($wbbuserdata['buddylist'] != '') {
$result = $db->unbuffered_query("SELECT u.userid, u.username, IF(s.lastactivity>=".(time() - $useronlinetimeout * 60).(($wbbuserdata['a_can_view_ghosts'] == 1) ? ("") : (" AND u.invisible=0")).",1,0) AS online FROM bb".$n."_users u
LEFT JOIN bb".$n."_sessions s USING (userid)
WHERE u.userid IN ('".str_replace(" ", "','", $wbbuserdata[buddylist])."') ORDER BY online DESC, u.username ASC");
while ($row = $db->fetch_array($result)) {
$row['username'] = htmlconverter($row['username']);
$username = $row['username'];
if ($row['online']) $LANG_MEMBERS_USERONLINE = $lang->get("LANG_MEMBERS_USERONLINE", array('$username' => $username));
else $LANG_MEMBERS_USERONLINE = $lang->get("LANG_MEMBERS_USEROFFLINE", array('$username' => $username));
$pmLink .= "&userid[]=$row[userid]";
$buddyCount++;
eval("\$listbit .= \"".$tpl->get("usercp_buddy_listbit")."\";");
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_buddy_list")."\");");
}
/** ignore list **/
if ($action == 'ignore_list') {
if (isset($_POST['send'])) {
$result = getwbbuserdata(addslashes(wbb_trim($_POST['addtolist'])), "username");
if (!$result['userid']) error($lang->items['LANG_USERCP_ERROR1']);
elseif ($result['userid'] == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
if ($result['a_can_be_ignored'] !=1) {
$ignorelist = add2list($wbbuserdata['ignorelist'], $result['userid']);
if ($ignorelist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET ignorelist='$ignorelist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=ignore_list".$SID_ARG_2ND_UN);
exit();
}else {
error($lang->items['LANG_USERCP_ERROR3']);
}
}
}
$listbit = '';
if ($wbbuserdata['ignorelist'] != '') {
$result = $db->unbuffered_query("SELECT userid, username FROM bb".$n."_users WHERE userid IN ('".str_replace(" ", "','", $wbbuserdata['ignorelist'])."') ORDER BY username ASC");
while ($row = $db->fetch_array($result)) {
$row['username'] = htmlconverter($row['username']);
eval("\$listbit .= \"".$tpl->get("usercp_ignore_listbit")."\";");
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_ignore_list")."\");");
}
/** add / remove user to / from buddy list **/
if ($action == 'buddy') {
if ($_GET['remove']) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['remove'])."'");
if (!$userid) error($lang->items['LANG_GLOBAL_ERROR2']);
else {
$buddylist = removeFromlist($wbbuserdata['buddylist'], $userid);
if ($buddylist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=buddy_list".$SID_ARG_2ND_UN);
exit();
}
}
if ($_GET['add']) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['add'])."'");
if (!$userid) error($lang->items['LANG_GLOBAL_ERROR2']);
elseif ($userid == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
$buddylist = add2list($wbbuserdata['buddylist'], $userid);
if ($buddylist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=buddy_list".$SID_ARG_2ND_UN);
exit();
}
}
}
/** add / remove user to / from ignore list **/
if ($action == 'ignore') {
if ($_GET['remove']) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['remove'])."'");
if (!$userid) error($lang->items['LANG_GLOBAL_ERROR2']);
else {
$ignorelist = removeFromlist($wbbuserdata['ignorelist'], $userid);
if ($ignorelist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET ignorelist='$ignorelist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=ignore_list".$SID_ARG_2ND_UN);
exit();
}
}
if ($_GET['add']) {
$result = getwbbuserdata(intval($_GET['add'], "userid"));
if (!$result['userid']) error($lang->items['LANG_GLOBAL_ERROR2']);
elseif ($result['userid'] == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
if ($result['a_can_be_ignored'] !=1) {
$ignorelist = add2list($wbbuserdata['ignorelist'], $result['userid']);
if ($ignorelist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET ignorelist='$ignorelist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=ignore_list".$SID_ARG_2ND_UN);
exit();
}else {
error($lang->items['LANG_USERCP_ERROR3']);
}
}
}
}
/** avatars **/
if ($action == 'avatars') {
$lang->load('POSTINGS,REGISTER');
if (isset($_POST['send'])) {
if ($_POST['avatarid'] != 'useown') {
if ($_POST['avatarid'] != 0) {
if ($wbbuserdata['can_use_avatar'] == 0) access_error();
$result = $db->query_first("SELECT avatarid FROM bb".$n."_avatars WHERE groupid IN(0,".implode(",", $wbbuserdata['groupids']).") AND needposts <= '$wbbuserdata[userposts]' AND userid = 0 AND avatarid='".intval($_POST['avatarid'])."'");
if (!$result['avatarid']) access_error();
}
$oldavatar = $db->query_first("SELECT avatarid, avatarextension FROM bb".$n."_avatars WHERE userid = '$wbbuserdata[userid]'");
if ($oldavatar['avatarid']) {
@unlink("./images/avatars/avatar-".$oldavatar['avatarid'].".".$oldavata
r['avatarextension']);
$db->unbuffered_query("DELETE FROM bb".$n."_avatars WHERE avatarid = '$oldavatar[avatarid]'", 1);
}
$db->unbuffered_query("UPDATE bb".$n."_users SET avatarid = '".intval($_POST['avatarid'])."' WHERE userid = '$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=avatars&page=".intval($_POST['page']).$SID_ARG_2ND_UN);
exit();
}
else {
$uploaderror = 0;
if ($_FILES['avatar_file']['tmp_name'] && $_FILES['avatar_file']['tmp_name'] != "none") {
if ($wbbuserdata['can_use_avatar'] == 0 || $wbbuserdata['can_upload_avatar'] == 0) access_error();
$badavatar = 0;
$avatar_file_extension = wbb_strtolower(wbb_substr(strrchr($_FILES['avatar_file']['name'], "."), 1));
$avatar_file_name2 = wbb_substr($_FILES['avatar_file']['name'], 0, (intval(wbb_strlen($avatar_file_extension)) + 1) * -1);
$allowed_avatar_extensions = explode("\n", $wbbuserdata['allowed_avatar_extensions']);
if (in_array($avatar_file_extension, $allowed_avatar_extensions) && $_FILES['avatar_file']['size'] <= $wbbuserdata['max_avatar_size']) { /* && */
$db->query("INSERT INTO bb".$n."_avatars (avatarname,avatarextension,userid) VALUES ('".addslashes(htmlspecialchars($avatar_file_name2))."','".addslashes(htmls
pecialchars($avatar_file_extension))."','$wbbuserdata[userid]')");
$avatarid = $db->insert_id("bb".$n."_avatars", "avatarid");
if (move_uploaded_file($_FILES['avatar_file']['tmp_name'], "./images/avatars/avatar-".$avatarid.".".$avatar_file_extension)) {
@chmod ("./images/avatars/avatar-".$avatarid.".".$avatar_file_extension, 0777);
$imgsize = @getimagesize("./images/avatars/avatar-".$avatarid.".".$avatar_file_extensi
on);
$width = $imgsize[0];
$height = $imgsize[1];
if ($avatar_file_extension == "swf") {
if ($width > $wbbuserdata['max_avatar_width']) $width = $wbbuserdata['max_avatar_width'];
if ($height > $wbbuserdata['max_avatar_height']) $height = $wbbuserdata['max_avatar_height'];
}
if ($width > $wbbuserdata['max_avatar_width'] || $height > $wbbuserdata['max_avatar_height'] || !$width || !$height) $badavatar = 2;
if ($badavatar == 0) {
$oldavatar = $db->query_first("SELECT avatarid, avatarextension FROM bb".$n."_avatars WHERE userid = '$wbbuserdata[userid]' AND avatarid='$wbbuserdata[avatarid]'");
if ($oldavatar['avatarid']) {
@unlink("./images/avatars/avatar-".$oldavatar['avatarid'].".".$olda
vatar['avatarextension']);
$db->unbuffered_query("DELETE FROM bb".$n."_avatars WHERE avatarid = '$oldavatar[avatarid]'", 1);
}
$db->unbuffered_query("UPDATE bb".$n."_users SET avatarid='$avatarid' WHERE userid='$wbbuserdata[userid]'", 1);
$db->unbuffered_query("UPDATE bb".$n."_avatars SET width='$width', height='$height' WHERE avatarid='$avatarid'", 1);
header("Location: usercp.php?action=avatars&page=$page".$SID_ARG_2ND_UN);
exit();
}
}
else $badavatar = 1;
if ($badavatar != 0) {
if ($badavatar == 2) @unlink("./images/avatars/avatar-".$avatarid.".".$avatar_file_extension);
$db->query("DELETE FROM bb".$n."_avatars WHERE avatarid='$avatarid'");
$uploaderror = 1;
}
}
else $uploaderror = 1;
if ($uploaderror == 1) error($lang->items['LANG_USERCP_AVATAR_ERROR1']);
}
elseif (!$havatarid) error($lang->items['LANG_USERCP_AVATAR_ERROR1']);
}
}
if ($wbbuserdata['avatarid'] == 0 || ($wbbuserdata['can_use_avatar'] == 0 && $wbbuserdata['can_upload_avatar'] == 0)) $noavatar_checked = " checked=\"checked\"";
if ($wbbuserdata['can_use_avatar'] == 1) {
list($avatarcount) = $db->query_first("SELECT COUNT(*) FROM bb".$n."_avatars WHERE groupid IN(0,".implode(",", $wbbuserdata['groupids']).") AND needposts <= '$wbbuserdata[userposts]' AND userid = 0 ORDER BY needposts DESC");
if ($avatarcount) {
if (isset($_GET['page'])) {
$page = intval($_GET['page']);
if ($page == 0) $page = 1;
}
else $page = 1;
$pages = ceil($avatarcount / $avatarsperpage);
$result = $db->unbuffered_query("SELECT avatarid, avatarextension, width, height FROM bb".$n."_avatars WHERE groupid IN(0,".implode(",", $wbbuserdata['groupids']).") AND needposts <= '$wbbuserdata[userposts]' AND userid = 0 ORDER BY needposts DESC", 0, $avatarsperpage, $avatarsperpage * ($page - 1));
while ($row = $db->fetch_array($result)) {
$avatarname = "images/avatars/avatar-$row[avatarid].".htmlconverter($row['avatarextension
']);
$avatarwidth = $row['width'];
$avatarheight = $row['height'];
if ($row['avatarextension'] == "swf") eval("\$avatarchoice = \"".$tpl->get("avatar_flash")."\";");
else eval("\$avatarchoice = \"".$tpl->get("avatar_image")."\";");
if ($row['avatarid'] == $wbbuserdata['avatarid']) $checked = " checked=\"checked\"";
else $checked = '';
eval("\$avatarArray[] = \"".$tpl->get("usercp_avatarbit")."\";");
}
$tableRows = ceil(count($avatarArray) / 5);
$count = 0;
for ($i = 0; $i < $tableRows; $i++) {
$avatarbit_td = '';
for ($j = 0; $j < 5; $j++) {
if ($i == 0 && !$avatarArray[$count]) break;
eval("\$avatarbit_td .= \"".$tpl->get("usercp_avatarbit_td")."\";");
$count++;
}
eval("\$avatarbit_tr .= \"".$tpl->get("usercp_avatarbit_tr")."\";");
}
$countfrom = 1 + $avatarsperpage * ($page - 1);
$countto = $avatarsperpage * $page;
if ($countto > $avatarcount) $countto = $avatarcount;
if ($pages > 1) $pagelink = makepagelink("usercp.php?action=avatars".$SID_ARG_2ND, $page, $pages, $showpagelinks - 1);
$lang->items['LANG_USERCP_AVATAR_COUNT'] = $lang->get("LANG_USERCP_AVATAR_COUNT", array('$countfrom' => $countfrom, '$countto' => $countto, '$avatarcount' => $avatarcount));
}
}
if ($wbbuserdata['can_upload_avatar'] == 1) {
$ownavatar = $db->query_first("SELECT avatarid, avatarextension, width, height FROM bb".$n."_avatars WHERE userid = '$wbbuserdata[userid]'");
if ($ownavatar['avatarid']) {
$avatarname = "images/avatars/avatar-$ownavatar[avatarid].".htmlconverter($ownavatar['ava
tarextension']);
$avatarwidth = $ownavatar['width'];
$avatarheight = $ownavatar['height'];
$havatar = "<input type=\"hidden\" name=\"havatarid\" value=\"$ownavatar[avatarid]\" />";
if ($ownavatar['avatarextension'] == "swf") eval("\$ownavatar = \"".$tpl->get("avatar_flash")."\";");
else eval("\$ownavatar = \"".$tpl->get("avatar_image")."\";");
$ownavatar_checked = " checked=\"checked\"";
}
$lang->items['LANG_USERCP_USE_OWNAVATAR_NOTE'] = $lang->get("LANG_USERCP_USE_OWNAVATAR_NOTE", array('$allowed_avatar_extensions' => getAllowedExtensions($wbbuserdata['allowed_avatar_extensions']), '$max_avatar_width' => $wbbuserdata['max_avatar_width'], '$max_avatar_height' => $wbbuserdata['max_avatar_height'], '$max_avatar_size' => formatFilesize($wbbuserdata['max_avatar_size'])));
}
eval("\$tpl->output(\"".$tpl->get("usercp_avatars")."\");");
}
/** subscriptions **/
if ($action == 'addsubscription') {
if (isset($threadid)) {
$db->unbuffered_query("INSERT IGNORE INTO bb".$n."_subscribethreads (userid,threadid,emailnotify) VALUES ('$wbbuserdata[userid]','$threadid','1')", 1);
header("Location: thread.php?threadid=$threadid".$SID_ARG_2ND_UN);
}
else if (isset($boardid)) {
$db->unbuffered_query("INSERT IGNORE INTO bb".$n."_subscribeboards (userid,boardid,emailnotify) VALUES ('$wbbuserdata[userid]','$boardid','1')", 1);
header("Location: board.php?boardid=$boardid".$SID_ARG_2ND_UN);
}
exit();
}
if ($action == 'removesubscription') {
if (isset($threadid)) $db->unbuffered_query("DELETE FROM bb".$n."_subscribethreads WHERE userid='$wbbuserdata[userid]' AND threadid='$threadid'", 1);
else if (isset($boardid)) $db->unbuffered_query("DELETE FROM bb".$n."_subscribeboards WHERE userid='$wbbuserdata[userid]' AND boardid='$boardid'", 1);
header("Location: usercp.php?action=favorites".$SID_ARG_2ND_UN);
exit();
}
/** favorites **/
if ($action == 'favorites') {
$lang->load('START,BOARD');
include("./acp/lib/class_parse.php");
$favorites = true;
$depth = 2;
// read permissions
$permissioncache = getPermissions();
$badBoardIDs = '';
$badThreadIDs = '';
// visitcache
$result = $db->unbuffered_query("SELECT t.boardid, t.threadid, t.lastposttime".(($wbbuserdata['userid']) ? (", tv.lastvisit") : (""))." FROM bb".$n."_threads t".(($wbbuserdata['userid']) ? (" LEFT JOIN bb".$n."_threadvisit tv ON (tv.threadid=t.threadid AND tv.userid='".$wbbuserdata['userid']."')") : (""))." WHERE t.visible = 1 AND t.lastposttime > '$wbbuserdata[lastvisit]' AND t.closed <> 3");
while ($row = $db->fetch_array($result)) {
if ($row['lastposttime'] > $row['lastvisit']) $visitcache[$row['boardid']][$row['threadid']] = $row['lastposttime'];
}
/** boards **/
$result = $db->unbuffered_query("
SELECT
s.emailnotify, bv.lastvisit, b.*".(($showlastposttitle == 1) ? (", t.topic, i.*") : (""))."
FROM bb".$n."_subscribeboards s
LEFT JOIN bb".$n."_boards b USING(boardid)
".(($showlastposttitle == 1) ? ("LEFT JOIN bb".$n."_threads t ON (t.threadid=b.lastthreadid)
LEFT JOIN bb".$n."_icons i USING (iconid)") : (""))."
LEFT JOIN bb".$n."_boardvisit bv ON (bv.boardid=b.boardid AND bv.userid='".$wbbuserdata['userid']."')
WHERE s.userid='$wbbuserdata[userid]' AND b.isboard=1
ORDER by b.title ASC");
$boardbit = '';
while ($boards = $db->fetch_array($result)) {
if (!isset($permissioncache[$boards['boardid']]['can_enter_board']) || $permissioncache[$boards['boardid']]['can_enter_board'] == -1) $permissioncache[$boards['boardid']]['can_enter_board'] = $wbbuserdata['can_enter_board'];
if (!isset($permissioncache[$boards['boardid']]['can_view_board']) || $permissioncache[$boards['boardid']]['can_view_board'] == -1) $permissioncache[$boards['boardid']]['can_view_board'] = $wbbuserdata['can_enter_board'];
if (!$permissioncache[$boards['boardid']]['can_enter_board']) {
$badBoardIDs .= "," . $boards['boardid'];
continue;
}
if ($wbbuserdata['lastvisit'] > $boards['lastposttime'] || $boards['lastvisit'] > $boards['lastposttime']) $onoff = 'off';
else {
$onoff = 'off';
$tempids = explode(',', "$boards[boardid],$boards[childlist]");
$tempids_count = count($tempids);
for ($j = 0; $j < $tempids_count; $j++) {
if ($tempids[$j] == 0) continue;
if (is_array($visitcache[$tempids[$j]]) && count($visitcache[$tempids[$j]])) {
reset($visitcache[$tempids[$j]]);
while (list($threadid, $lastposttime) = each($visitcache[$tempids[$j]])) {
if ($lastposttime > $boardvisit[$tempids[$j]]) {
$onoff = 'on';
break 2;
} // end if
} // end while
} // end if
} // end for
} // end else
if ($boards['threadcount']) {
$lastpostdate = formatdate($wbbuserdata['dateformat'], $boards['lastposttime'], 1);
$lastposttime = formatdate($wbbuserdata['timeformat'], $boards['lastposttime']);
$boards['lastposter'] = htmlconverter($boards['lastposter']);
if ($showlastposttitle == 1) {
if (wbb_strlen($boards['topic']) > 30) $topic = wbb_substr($boards['topic'], 0, 30)."...";
else $topic = $boards['topic'];
$topic = htmlconverter($topic);
$boards['topic'] = htmlconverter($boards['topic']);
if (isset($boards['iconid'])) $ViewPosticon = makeimgtag($boards['iconpath'], $boards['icontitle']);
else $ViewPosticon = makeimgtag($style['imagefolder']."/icons/icon14.gif");
}
if ($boards['postcount'] >= 1000) $boards['postcount'] = number_format($boards['postcount'], 0, "", $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
if ($boards['threadcount'] >= 1000) $boards['threadcount'] = number_format($boards['threadcount'], 0, "", $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
}
$boards['title'] = getlangvar($boards['title'], $lang);
$boards['description'] = getlangvar($boards['description'], $lang, 0);
eval("\$boardbit .= \"".$tpl->get("index_boardbit")."\";");
}
/** threads **/
if ($wbbuserdata['umaxposts']) $postsperpage = $wbbuserdata['umaxposts'];
else $postsperpage = $default_postsperpage;
$board['hotthread_reply'] = $default_hotthread_reply;
$board['hotthread_view'] = $default_hotthread_view;
if (isset($_GET['daysprune'])) $daysprune = intval($_GET['daysprune']);
elseif ($wbbuserdata['daysprune'] != 0) $daysprune = $wbbuserdata['daysprune'];
else $daysprune = $default_daysprune;
$d_select[$daysprune] = "selected=\"selected\"";
if ($daysprune != 1000) {
if ($daysprune == 1500) $datecute = " AND lastposttime >= '".$wbbuserdata['lastvisit']."'";
else {
$tempdate = time() - ($daysprune * 86400);
$datecute = " AND t.lastposttime >= '".$tempdate."'";
}
}
else $datecute = '';
if ($showown == 1) {
$ownuserid = "DISTINCT p.userid,";
$ownjoin = "LEFT JOIN bb".$n."_posts p ON (t.threadid = p.threadid AND p.userid = '$wbbuserdata[userid]')";
}
else {
$ownuserid = '';
$ownjoin = '';
}
$threadids = '';
$result = $db->unbuffered_query("SELECT t.threadid FROM bb".$n."_subscribethreads s LEFT JOIN bb".$n."_threads t USING(threadid) WHERE s.userid='$wbbuserdata[userid]' AND t.visible = 1 $datecute ORDER BY t.lastposttime DESC");
while ($row = $db->fetch_array($result)) $threadids .= ",".$row['threadid'];
$result = $db->unbuffered_query("SELECT
$ownuserid
t.*,
i.*, bv.lastvisit AS boardlastvisit, tv.lastvisit AS threadlastvisit
FROM bb".$n."_threads t
LEFT JOIN bb".$n."_icons i USING (iconid)
LEFT JOIN bb".$n."_boards b ON (b.boardid=t.boardid)
LEFT JOIN bb".$n."_boardvisit bv ON (bv.boardid=b.boardid AND bv.userid='".$wbbuserdata['userid']."')
LEFT JOIN bb".$n."_threadvisit tv ON (tv.threadid=t.threadid AND tv.userid='".$wbbuserdata['userid']."')
$ownjoin
WHERE t.threadid IN (0$threadids)
ORDER BY t.lastposttime DESC");
$threadbit = '';
while ($threads = $db->fetch_array($result)) {
if (!isset($permissioncache[$threads['boardid']]['can_enter_board']) || $permissioncache[$threads['boardid']]['can_enter_board'] == -1) $permissioncache[$threads['boardid']]['can_enter_board'] = $wbbuserdata['can_enter_board'];
if (!$permissioncache[$threads['boardid']]['can_enter_board']) {
$badThreadIDs .= "," . $threads['threadid'];
continue;
}
$firstnew = 0;
$multipages = '';
$attachments = '';
$prefix = '';
if ($threads['boardlastvisit'] > $threads['threadlastvisit']) $threads['threadlastvisit'] = $threads['boardlastvisit'];
if ($wbbuserdata['lastvisit'] > $threads['threadlastvisit']) $threads['threadlastvisit'] = $wbbuserdata['lastvisit'];
$threads['topic'] = htmlconverter(textwrap($threads['topic']));
$threads['starter'] = htmlconverter(textwrap($threads['starter'], 25));
$threads['lastposter'] = htmlconverter(textwrap($threads['lastposter'], 25));
$threads['prefix'] = htmlconverter($threads['prefix']);
if ($threads['pollid'] != 0) $foldericon = "poll";
else $foldericon = (($threads['userid']) ? ("dot") : ("")).(($threads['lastposttime'] > $threads['threadlastvisit']) ? ("new") : ("")).(($threads['replycount'] >= $board['hotthread_reply'] || $threads['views'] >= $board['hotthread_view']) ? ("hot") : ("")).(($threads['closed'] != 0) ? ("lock") : (""))."folder";
if ($threads['lastposttime'] > $threads['threadlastvisit']) $firstnew = 1;
if ($threads['iconid']) $threadicon = makeimgtag($threads['iconpath'], $threads['icontitle']);
else $threadicon = " ";
$lastpostdate = formatdate($wbbuserdata['dateformat'], $threads['lastposttime'], 1);
$lastposttime = formatdate($wbbuserdata['timeformat'], $threads['lastposttime']);
if ($threads['replycount'] + 1 > $postsperpage && $showmultipages != 0) {
unset($multipage);
unset($multipages_lastpage);
$xpages = ceil(($threads['replycount'] + 1) / $postsperpage);
if ($xpages > $showmultipages) {
eval("\$multipages_lastpage = \"".$tpl->get("board_threadbit_multipages_lastpage")."\";");
$xpages = $showmultipages;
}
for ($i = 1; $i <= $xpages; $i++) $multipage .= " ".makehreftag("thread.php?threadid=".$threads['threadid']."&page=$i" . $SID_ARG_2ND, $i);
eval("\$multipages = \"".$tpl->get("board_threadbit_multipages")."\";");
}
if ($threads['replycount'] >= 1000) $threads['replycount'] = number_format($threads['replycount'], 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
if ($threads['views'] >= 1000) $threads['views'] = number_format($threads['views'], 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
eval("\$threadbit .= \"".$tpl->get("board_threadbit")."\";");
}
// delete bad threads & boards
if ($badThreadIDs != '') $db->query("DELETE FROM bb".$n."_subscribethreads WHERE threadid IN (0".$badThreadIDs.")");
if ($badBoardIDs != '') $db->query("DELETE FROM bb".$n."_subscribeboards WHERE boardid IN (0".$badBoardIDs.")");
if (!$threadbit) $lang->items['LANG_USERCP_FAVORITES_NO_NEWPOSTS'] = $lang->get("LANG_USERCP_FAVORITES_NO_NEWPOSTS", array('$daysprune' => $daysprune));
eval("\$tpl->output(\"".$tpl->get("usercp_favorites")."\");");
}
/** attachments **/
if ($action == 'attachments') {
$pmmaxrecipientlistsize = 10;
list($attachmentCount) = $db->query_first("SELECT COUNT(*) as attachmentCount FROM bb".$n."_attachments WHERE userid='$wbbuserdata[userid]' AND (postid <> 0 OR privatemessageid <> 0)");
list($total_attachment_filesize) = $db->query_first("SELECT (SUM(attachmentsize) + SUM(thumbnailsize)) as total_attachment_filesize FROM bb".$n."_attachments WHERE userid='$wbbuserdata[userid]' AND (postid <> 0 OR privatemessageid <> 0)");
$LANG_USERCP_ATTACHMENTS_STORAGE_USED = $lang->get('LANG_USERCP_ATTACHMENTS_STORAGE_USED', array('$attachmentCount' => number_format($attachmentCount, 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP")), '$total_attachment_filesize' => formatFilesize($total_attachment_filesize)));
if ($wbbuserdata['total_attachment_filesize_limit'] > 0) {
$temp = $total_attachment_filesize / $wbbuserdata['total_attachment_filesize_limit'];
if (($percent = round($temp * 100)) > 100) {
$percent = 100;
$temp = 1;
}
$percent2 = 100 - $percent;
$quota_free = formatFilesize(($wbbuserdata['total_attachment_filesize_limit'] > $total_attachment_filesize) ? ($wbbuserdata['total_attachment_filesize_limit'] - $total_attachment_filesize) : (0));
$LANG_USERCP_ATTACHMENTS_STORAGE_FREE = $lang->get('LANG_USERCP_ATTACHMENTS_STORAGE_FREE', array('$quota_free' => $quota_free));
}
else $LANG_USERCP_ATTACHMENTS_STORAGE_FREE = '';
if ($wbbuserdata['umaxposts']) $perpage = $wbbuserdata['umaxposts'];
else $perpage = $default_postsperpage;
if (isset($_REQUEST['page'])) $page = intval($_REQUEST['page']);
else $page = 1;
$pages = ceil($attachmentCount / $perpage);
if ($page < 1 || $page > $pages) $page = 1;
if ($pages > 1) $pagelink = makepagelink("usercp.php?action=attachments".$SID_ARG_2ND, $page, $pages, $showpagelinks - 1);
else $pagelink = '';
$moderatorInfos = array();
$result = $db->query("SELECT *, userid as moderatorid FROM bb".$n."_moderators WHERE userid='$wbbuserdata[userid]'");
while ($row = $db->fetch_array($result)) $moderatorInfos[$row['boardid']] = $row;
// user access
getPermissions();
$attachmentbit = '';
$result = $db->query("SELECT at.*, p.posttopic, p.posttime, t.boardid, t.threadid, t.topic, t.prefix, t.closed, b.title, ".
"pm.subject, pm.sendtime, pm.recipientlist, pm.recipientcount, pm.inoutbox ".
"FROM bb".$n."_attachments at ".
"LEFT JOIN bb".$n."_posts p USING (postid) ".
"LEFT JOIN bb".$n."_threads t USING (threadid) ".
"LEFT JOIN bb".$n."_boards b USING (boardid) ".
"LEFT JOIN bb".$n."_privatemessage pm ON (pm.privatemessageid=at.privatemessageid) ".
"WHERE at.userid='$wbbuserdata[userid]' AND (at.postid <> 0 OR at.privatemessageid <> 0) ".
"ORDER BY at.uploadtime DESC", $perpage, $perpage * ($page - 1));
while ($row = $db->fetch_array($result)) {
$undeleteable = $invisible = false;
$row['attachmentname'] = htmlconverter(textwrap($row['attachmentname']));
$row['attachmentextension'] = htmlconverter($row['attachmentextension']);
$row['prefix'] = htmlconverter($row['prefix']);
if ($row['postid']) {
$ismod = 0;
if (checkmodpermissions('m_can_post_edit', $moderatorInfos[$row['boardid']]) == 1) $ismod = 1;
if (!checkpermissions("can_enter_board", $wbbuserdata['permissions'][$row['boardid']])) $invisible = true;
if ($ismod == 0 && ($row['closed'] == 1 || !checkpermissions('can_edit_own_post', $wbbuserdata['permissions'][$row['boardid']]))) $undeleteable = true;
if ($ismod == 0 && ($wbbuserdata['edit_posttime_limit'] != -1 && (time() - $row['posttime']) > $wbbuserdata['edit_posttime_limit'] * 60)) $undeleteable = true;
$row['topic'] = htmlconverter($row['topic']);
$row['posttopic'] = $row['posttopic'] != '' ? htmlconverter($row['posttopic']) : $row['topic'];
$row['title'] = getlangvar($row['title'], $lang);
$postdate = formatdate($wbbuserdata['dateformat'], $row['posttime'], 1);
$posttime = formatdate($wbbuserdata['timeformat'], $row['posttime']);
}
else {
$undeleteable = true;
$row['subject'] = htmlconverter($row['subject']);
$row['recipientlist'] = unserialize($row['recipientlist']);
$recipients = '';
foreach ($row['recipientlist'] as $recipient) {
$recipient = htmlconverter($recipient);
if ($recipients != '') $recipients .= ', '.$recipient;
else $recipients = $recipient;
}
if ($row['recpientcount'] > $pmmaxrecipientlistsize) $recipients .= ', ...';
$senddate = formatdate($wbbuserdata['dateformat'], $row['sendtime'], 1);
$sendtime = formatdate($wbbuserdata['timeformat'], $row['sendtime']);
}
if (file_exists($style['imagefolder'].'/filetypes/'.$row['attachmentextension'
].'.gif')) $extensionimage = $row['attachmentextension'];
else $extensionimage = 'unknown';
$uploaddate = formatdate($wbbuserdata['dateformat'], $row['uploadtime'], 1);
$uploadtime = formatdate($wbbuserdata['timeformat'], $row['uploadtime']);
$attachmentsize = formatFilesize($row['attachmentsize']);
if ($row['counter'] >= 1000) $row['counter'] = number_format($row['counter'], 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
$LANG_USERCP_ATTACHMENTS_ATTACHMENTINFO = $lang->get('LANG_USERCP_ATTACHMENTS_ATTACHMENTINFO', array('$attachmentname' => $row['attachmentname'], '$attachmentextension' => $row['attachmentextension'], '$attachmentsize' => $attachmentsize, '$counter' => $row['counter']));
eval("\$attachmentbit .= \"".$tpl->get("usercp_attachmentbit")."\";");
}
eval("\$tpl->output(\"".$tpl->get("usercp_attachments")."\");");
}
/** delete attachments **/
if ($action == 'del_attachments') {
if (isset($_POST['attachmentids']) && is_array($_POST['attachmentids'])) $attachmentids = implode(',', intval_array($_POST['attachmentids']));
else $attachmentids = '';
if ($attachmentids != '') {
$moderatorInfos = array();
$result = $db->query("SELECT *, userid as moderatorid FROM bb".$n."_moderators WHERE userid='$wbbuserdata[userid]'");
while ($row = $db->fetch_array($result)) $moderatorInfos[$row['boardid']] = $row;
$result = $db->query("SELECT at.attachmentid, at.attachmentextension, at.thumbnailextension, ".
"t.threadid, t.boardid, t.closed ".
"FROM bb".$n."_attachments at ".
"LEFT JOIN bb".$n."_posts p USING (postid) ".
"LEFT JOIN bb".$n."_threads t USING (threadid) ".
"WHERE at.attachmentid IN ($attachmentids) AND at.userid='$wbbuserdata[userid]' AND at.privatemessageid='0'");
$attachmentids = '';
while ($row = $db->fetch_array($result)) {
$ismod = 0;
if (checkmodpermissions('m_can_post_edit', $moderatorInfos[$row['boardid']]) == 1) $ismod = 1;
if (!checkpermissions("can_enter_board", $wbbuserdata['permissions'][$row['boardid']])) continue;
if ($ismod == 0 && ($row['closed'] == 1 || !checkpermissions('can_edit_own_post', $wbbuserdata['permissions'][$row['boardid']]))) continue;
if ($ismod == 0 && ($wbbuserdata['edit_posttime_limit'] != -1 && (time() - $row['posttime']) > $wbbuserdata['edit_posttime_limit'] * 60)) continue;
$attachmentids .= ",$row[attachmentid]";
@unlink('./attachments/attachment-'.$row['attachmentid'].'.'.$row['attac
hmentextension']);
@unlink('./attachments/thumbnail-'.$row['attachmentid'].'.'.$row['thumbn
ailextension']);
}
$result = $db->unbuffered_query("DELETE FROM bb".$n."_attachments WHERE attachmentid IN (0$attachmentids) AND userid='$wbbuserdata[userid]' AND privatemessageid=0");
}
header("Location: usercp.php?action=attachments{$SID_ARG_2ND}");
exit;
}
?> |
|
|
|
|
|
Dieser Beitrag wurde 1 mal editiert, zum letzten Mal von Supercomp: 26.07.2006 21:44.
|
|
26.07.2006 21:42 |
|
|
|
Ich habe davon Gesprochen, dass die User so wie auch ich als Admin keinen Wohnorteintrag in die Usermap machen kann. Obwohl ich die rechte dazu gegeben habe. In der UserCP kann alles ausgewählt werden. jedoch wenn man auf Speichern drückt, wird nichts übernommen (abgespeichert).
|
|
|
|
Zitat: <?php
// ***************************************************************************
*********//
// * WoltLab Burning Board 2
// ***************************************************************************
*********//
// * Copyright (c) 2001-2004 WoltLab GmbH
// * Web http://www.woltlab.de/
// * License http://www.woltlab.de/products/burning_board/license_en.php
// * http://www.woltlab.de/products/burning_board/license.php
// ***************************************************************************
*********//
// * WoltLab Burning Board 2 is NOT free software.
// * You may not redistribute this package or any of it's files.
// ***************************************************************************
*********//
// * $Date: 2005-12-21 11:06:48 +0100 (Wed, 21 Dec 2005) $
// * $Author: Burntime $
// * $Rev: 1674 $
// ***************************************************************************
*********//
$filename = 'register.php';
require('./global.php');
$lang->load('REGISTER');
/* register activation */
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'activation') {
$action = $_REQUEST['action'];
if (isset($_REQUEST['usrid']) && isset($_REQUEST['a'])) {
$result = getwbbuserdata(intval($_REQUEST['usrid']));
if (!$result['userid']) error($lang->get("LANG_GLOBAL_ERROR2"));
if ($result['activation'] == 1) error($lang->get("LANG_REGISTER_ACTIVATION_ERROR1"));
if ($result['activation'] != intval($_REQUEST['a'])) error($lang->get("LANG_REGISTER_ACTIVATION_ERROR2"));
list($oldgroupid) = $db->query_first("SELECT groupid FROM bb".$n."_groups WHERE grouptype=2");
while (list($key, $val) = each($result['groupids'])) {
if ($val == $oldgroupid) {
unset($result['groupids'][$key]);
break;
}
}
$db->unbuffered_query("UPDATE bb".$n."_users SET activation=1, groupcombinationid='".cachegroupcombinationdata(implode(",", $result['groupids']), 0)."' WHERE userid='".$result['userid']."'", 1);
$db->unbuffered_query("DELETE FROM bb".$n."_user2groups WHERE userid='".$result['userid']."' AND groupid='".$oldgroupid."'", 1);
$result['username'] = htmlconverter($result['username']);
redirect($lang->get("LANG_REGISTER_ACTIVATION_REDIRECT1", array('$username' => $result['username'])), "index.php".$SID_ARG_1ST, 10);
}
else eval("\$tpl->output(\"".$tpl->get("register_activation")."\");");
exit;
}
if ($wbbuserdata['userid'] != 0) access_error();
if ($allowregister != 1) error($lang->get("LANG_REGISTER_ERROR_DISABLED"));
if ($showdisclaimer == 1 && (!isset($_POST['disclaimer']) || $_POST['disclaimer'] != "viewed")) {
$lang->items['LANG_REGISTER_DISCLAIMER'] = $lang->get("LANG_REGISTER_DISCLAIMER", array('$master_board_name' => $master_board_name));
eval("\$tpl->output(\"".$tpl->get("register_disclaimer")."\");");
exit;
}
else {
if (isset($_POST['disclaimer'])) $disclaimer = $_POST['disclaimer'];
$register_error = '';
$lang->load('POSTINGS');
$sdaysprune = array(0 => '', 1 => '', 2 => '', 5 => '', 10 => '', 20 => '', 30 => '', 45 => '', 60 => '', 75 => '', 100 => '', 365 => '', 1000 => '', 1500 => '');
$sumaxposts = array(0 => '', 5 => '', 10 => '', 20 => '', 30 => '', 40 => '');
$gender = array(0 => '', 1 => '', 2 => '');
$invisible = array(0 => '', 1 => '');
$usecookies = array(0 => '', 1 => '');
$admincanemail = array(0 => '', 1 => '');
$showemail = array(0 => '', 1 => '');
$usercanemail = array(0 => '', 1 => '');
$emailnotify = array(0 => '', 1 => '');
$receivepm = array(0 => '', 1 => '');
$emailonpm = array(0 => '', 1 => '');
$spmpopup = array(0 => '', 1 => '');
$showsignatures = array(0 => '', 1 => '');
$showavatars = array(0 => '', 1 => '');
$showimages = array(0 => '', 1 => '');
$sthreadview = array(0 => '', 1 => '');
$key_number = 0;
$key_string = '';
if (!function_exists('imageCreate') || !function_exists('imagettftext')) $reg_image = 0;
if ($emailverifymode == 1 || $emailverifymode == 2) {
$wbbuserdata = getwbbuserdata(2, "grouptype", 1);
list($groupid) = $db->query_first("SELECT groupid FROM bb".$n."_groups WHERE grouptype=4");
}
else {
$wbbuserdata = getwbbuserdata(4, "grouptype", 1);
$groupid = $wbbuserdata['groupid'];
}
if (isset($_POST['send'])) {
/* signature feature rights:start */
if (!$wbbuserdata['can_use_sig_smilies'] || (isset($_POST['disablesmilies']) && $_POST['disablesmilies'] == 1)) $allowsmilies = 0;
else $allowsmilies = 1;
if (!$wbbuserdata['can_use_sig_html'] || (isset($_POST['disablehtml']) && $_POST['disablehtml'] == 1)) $allowhtml = 0;
else $allowhtml = 1;
if (!$wbbuserdata['can_use_sig_bbcode'] || (isset($_POST['disablebbcode']) && $_POST['disablebbcode'] == 1)) $allowbbcode = 0;
else $allowbbcode = 1;
if (!$wbbuserdata['can_use_sig_images'] || (isset($_POST['disableimages']) && $_POST['disableimages'] == 1)) $allowimages = 0;
else $allowimages = 1;
/* signature feature rights:end */
$lang->load('MAIL');
if (isset($_POST['field']) && is_array($_POST['field'])) $field = trim_array($_POST['field']);
if (isset($_POST['dayfield']) && is_array($_POST['dayfield'])) $dayfield = trim_array($_POST['dayfield']);
if (isset($_POST['monthfield']) && is_array($_POST['monthfield'])) $monthfield = trim_array($_POST['monthfield']);
if (isset($_POST['yearfield']) && is_array($_POST['yearfield'])) $yearfield = trim_array($_POST['yearfield']);
if (isset($_POST['r_email'])) $r_email = wbb_trim($_POST['r_email']);
if (isset($_POST['r_homepage'])) $r_homepage = wbb_trim($_POST['r_homepage']);
if (isset($_POST['r_icq'])) $r_icq = str_replace("-", "", wbb_trim($_POST['r_icq']));
if (isset($_POST['r_aim'])) $r_aim = wbb_trim($_POST['r_aim']);
if (isset($_POST['r_yim'])) $r_yim = wbb_trim($_POST['r_yim']);
if (isset($_POST['r_msn'])) $r_msn = wbb_trim($_POST['r_msn']);
if (isset($_POST['r_skype'])) $r_skype = wbb_trim($_POST['r_skype']);
if (isset($_POST['r_day'])) $r_day = wbb_trim($_POST['r_day']);
if (isset($_POST['r_month'])) $r_month = wbb_trim($_POST['r_month']);
if (isset($_POST['r_year'])) $r_year = wbb_trim($_POST['r_year']);
if (isset($_POST['r_gender'])) $r_gender = wbb_trim($_POST['r_gender']);
if (isset($_POST['r_usertext'])) $r_usertext = wbb_trim($_POST['r_usertext']);
if (isset($_POST['r_username'])) $r_username = wbb_trim($_POST['r_username']);
if (isset($_POST['r_password'])) $r_password = wbb_trim($_POST['r_password']);
if (isset($_POST['r_confirmpassword'])) $r_confirmpassword = wbb_trim($_POST['r_confirmpassword']);
if (isset($_POST['r_signature'])) $r_signature = wbb_trim($_POST['r_signature']);
if (isset($_POST['r_invisible'])) $r_invisible = $_POST['r_invisible'];
if (isset($_POST['r_usecookies'])) $r_usecookies = $_POST['r_usecookies'];
if (isset($_POST['r_admincanemail'])) $r_admincanemail = $_POST['r_admincanemail'];
if (isset($_POST['r_showemail'])) $r_showemail = $_POST['r_showemail'];
if (isset($_POST['r_usercanemail'])) $r_usercanemail = $_POST['r_usercanemail'];
if (isset($_POST['r_emailnotify'])) $r_emailnotify = $_POST['r_emailnotify'];
if (isset($_POST['r_receivepm'])) $r_receivepm = $_POST['r_receivepm'];
if (isset($_POST['r_emailonpm'])) $r_emailonpm = $_POST['r_emailonpm'];
if (isset($_POST['r_pmpopup'])) $r_pmpopup = $_POST['r_pmpopup'];
if (isset($_POST['r_showsignatures'])) $r_showsignatures = $_POST['r_showsignatures'];
if (isset($_POST['r_showavatars'])) $r_showavatars = $_POST['r_showavatars'];
if (isset($_POST['r_showimages'])) $r_showimages = $_POST['r_showimages'];
if (isset($_POST['r_daysprune'])) $r_daysprune = $_POST['r_daysprune'];
if (isset($_POST['r_umaxposts'])) $r_umaxposts = $_POST['r_umaxposts'];
if (isset($_POST['r_threadview'])) $r_threadview = $_POST['r_threadview'];
if (isset($_POST['r_dateformat'])) $r_dateformat = wbb_trim($_POST['r_dateformat']);
if (isset($_POST['r_timeformat'])) $r_timeformat = wbb_trim($_POST['r_timeformat']);
if (isset($_POST['r_startweek'])) $r_startweek = $_POST['r_startweek'];
if (isset($_POST['r_timezoneoffset'])) $r_timezoneoffset = $_POST['r_timezoneoffset'];
if (isset($_POST['r_styleid'])) $r_styleid = $_POST['r_styleid'];
if (isset($_POST['r_langid'])) $r_langid = $_POST['r_langid'];
if (isset($_POST['r_usewysiwyg'])) $r_usewysiwyg = wbb_trim($_POST['r_usewysiwyg']);
if (isset($_POST['key_number'])) $key_number = intval($_POST['key_number']);
if (isset($_POST['key_string'])) $key_string = str_replace(' ', '', $_POST['key_string']);
$r_username = preg_replace("/\s{2,}/", " ", $r_username);
$error = '';
$userfield_error = 0;
$fieldvalues = '';
$fieldlist = '';
$result = $db->unbuffered_query("SELECT profilefieldid,required,fieldtype,choicecount,fieldoptions FROM bb".$n."_profilefields ORDER BY profilefieldid ASC");
while ($row = $db->fetch_array($result)) {
// is required -> check content
if ($row['required'] == 1 && $row['fieldtype'] != "checkbox") {
// date
if ($row['fieldtype'] == "date") {
if (!$dayfield[$row['profilefieldid']] || !$monthfield[$row['profilefieldid']] || !$yearfield[$row['profilefieldid']]) {
$userfield_error = 1;
}
}
// select
else if ($row['fieldtype'] == "select") {
$temp = explode("\n", dos2unix($row['fieldoptions']));
$options = trim_array($temp);
if (!isset($field[$row['profilefieldid']]) || !in_array($field[$row['profilefieldid']], $options)) {
$userfield_error = 1;
}
}
// multiselect
else if ($row['fieldtype'] == "multiselect") {
$temp = explode("\n", dos2unix($row['fieldoptions']));
$options = trim_array($temp);
if (!count($field[$row['profilefieldid']])) {
$userfield_error = 1;
}
else {
for ($i = 0, $j = count($field[$row['profilefieldid']]); $i < $j; $i++) {
if (!in_array($field[$row['profilefieldid']][$i], $options)) {
$userfield_error = 1;
}
}
}
}
// other
else {
if (!isset($field[$row['profilefieldid']]) || $field[$row['profilefieldid']] == '') {
$userfield_error = 1;
}
}
if ($userfield_error == 1) break;
}
$fieldlist .= ",field".$row['profilefieldid'];
if ($row['fieldtype'] == "multiselect") {
if (isset($field[$row['profilefieldid']]) && is_array($field[$row['profilefieldid']])) {
if ($row['choicecount'] && count($field[$row['profilefieldid']]) > $row['choicecount']) {
$max = count($field[$row['profilefieldid']]);
for ($i = $row['choicecount']; $i < $max; $i++) unset($field[$row['profilefieldid']][$i]);
}
$fieldvalues .= ",'".addslashes(wbb_trim(implode("\n", $field[$row['profilefieldid']])))."'";
}
else $fieldvalues .= ",''";
}
elseif ($row['fieldtype'] == "date") {
if ($dayfield[$row['profilefieldid']] && $monthfield[$row['profilefieldid']]) $datefield = ((wbb_strlen($yearfield[$row['profilefieldid']]) == 4) ? ($yearfield[$row['profilefieldid']]) : (((wbb_strlen($yearfield[$row['profilefieldid']]) == 2) ? ("19".$yearfield[$row['profilefieldid']]) : ("0000"))))."-".(($monthfield[$row['profilefieldid']] < 10) ? ("0".$monthfield[$row['profilefieldid']]) : ($monthfield[$row['profilefieldid']]))."-".(($dayfield[$row['profilefieldid
']] < 10) ? ("0".$dayfield[$row['profilefieldid']]) : ($dayfield[$row['profilefieldid']]));
else $datefield = "0000-00-00";
$fieldvalues .= ",'".addslashes($datefield)."'";
}
else $fieldvalues .= ",'".addslashes($field[$row['profilefieldid']])."'";
}
if ($userfield_error == 1 || !$r_username || !$r_email || ($emailverifymode != 3 && (!$r_password || !$r_confirmpassword))) $error .= $lang->items['LANG_POSTINGS_ERROR1'];
if ($emailverifymode != 3 && $r_password != $r_confirmpassword) $error .= $lang->items['LANG_REGISTER_ERROR1'];
if (!verify_username($r_username)) $error .= $lang->items['LANG_REGISTER_ERROR2'];
if (!verify_email($r_email)) $error .= $lang->items['LANG_REGISTER_ERROR3'];
if (wbb_strlen($r_signature) > $wbbuserdata['max_sig_length']) $error .= $lang->items['LANG_REGISTER_ERROR4'];
if ($wbbuserdata['max_sig_image'] != -1 && wbb_substr_count(wbb_strtolower($r_signature), "[img]") > $wbbuserdata['max_sig_image']) $error .= $lang->items['LANG_REGISTER_ERROR5'];
if (wbb_strlen($r_usertext) > $wbbuserdata['max_usertext_length']) $error .= $lang->items['LANG_REGISTER_ERROR6'];
if ($reg_image == 1) {
$result = $db->query_first("SELECT key_string FROM bb".$n."_register_keys WHERE key_number = " . $key_number);
if (!$result['key_string'] || $result['key_string'] != strtoupper($key_string)) $error .= $lang->items['LANG_REGISTER_ERROR7'];
}
if ($error) eval("\$register_error = \"".$tpl->get("register_error")."\";");
else {
if ($reg_ip_check > 0) {
$result = $db->query_first("SELECT COUNT(*) AS users FROM bb".$n."_users WHERE reg_ipaddress = '".addslashes($REMOTE_ADDR)."' AND regdate > " . (time() - $reg_ip_check));
if ($result['users']) access_error();
}
if ($reg_image == 1) {
$db->query("DELETE FROM bb".$n."_register_keys WHERE key_number = " . $key_number);
}
if ($emailverifymode == 3) $r_password = password_generate();
if ($emailverifymode == 1 || $emailverifymode == 2) $activation = code_generate();
else $activation = 1;
if ($r_homepage && !preg_match("/[a-zA-Z]:\/\//si", $r_homepage)) $r_homepage = "http://".$r_homepage;
if ($r_day && $r_month && $r_year) $birthday = ((wbb_strlen($r_year) == 4) ? ($r_year) : (((wbb_strlen($r_year) == 2) ? ("19$r_year") : ("0000"))))."-".(($r_month < 10) ? ("0$r_month") : ($r_month))."-".(($r_day < 10) ? ("0$r_day") : ($r_day));
else $birthday = "0000-00-00";
if ($emailverifymode == 1 || $emailverifymode == 2) {
if ($groupid > $wbbuserdata['groupid']) $groupids = $wbbuserdata['groupid'] . "," . $groupid;
else $groupids = $groupid . "," . $wbbuserdata['groupid'];
}
else $groupids = $wbbuserdata['groupid'];
$groupcombinationid = cachegroupcombinationdata($groupids, 0);
$rankid = $db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$groupid') AND needposts='0' AND gender IN ('0','".intval($r_gender)."') ORDER BY gender DESC", 1);
if (!$r_dateformat) $r_dateformat = $dateformat;
if (!$r_timeformat) $r_timeformat = $timeformat;
$db->query("INSERT INTO bb".$n."_users (username,password,sha1_password,email,groupcombinationid,rankid,regdate,la
stvisit,lastactivity,usertext,signature,icq,aim,yim,msn,homepage,birthday,g
ender,showemail,admincanemail,usercanemail,invisible,usecookies,styleid,act
ivation,daysprune,timezoneoffset,startweek,dateformat,timeformat,emailnotif
y,notificationperpm,receivepm,emailonpm,pmpopup,umaxposts,showsignatures,sh
owavatars,showimages,threadview,langid,rankgroupid,useronlinegroupid,allows
igsmilies,allowsightml,allowsigbbcode,allowsigimages,usewysiwyg,reg_ipaddre
ss,skype) ".
"VALUES ('".addslashes($r_username)."','".md5($r_password)."', '".sha1($r_password)."', '".addslashes($r_email)."','$groupcombinationid','$rankid[rankid]','".time(
)."','".time()."','".time()."','".addslashes($r_usertext)."','".addslashes(
$r_signature)."','".intval($r_icq)."','".addslashes($r_aim)."','".addslashe
s($r_yim)."','".addslashes($r_msn)."','".addslashes($r_homepage)."','".adds
lashes($birthday)."','".intval($r_gender)."','".intval($r_showemail)."','".
intval($r_admincanemail)."','".intval($r_usercanemail)."','".intval($r_invi
sible)."','".intval($r_usecookies)."','".intval($r_styleid)."','".intval($a
ctivation)."','".intval($r_daysprune)."','".addslashes($r_timezoneoffset)."
','".intval($r_startweek)."','".addslashes($r_dateformat)."','".addslashes(
$r_timeformat)."','".intval($r_emailnotify)."','".intval($r_notificationper
pm)."','".intval($r_receivepm)."','".intval($r_emailonpm)."','".intval($r_p
mpopup)."','".intval($r_umaxposts)."','".intval($r_showsignatures)."','".in
tval($r_showavatars)."','".intval($r_showimages)."','".intval($r_threadview
)."','".intval($r_langid)."','$groupid','$groupid','$allowsmilies','$allowh
tml','$allowbbcode','$allowimages','".intval($r_usewysiwyg)."', '".addslashes($REMOTE_ADDR)."','".addslashes($r_skype)."')");
$insertid = $db->insert_id();
$db->query("INSERT INTO bb".$n."_userfields (userid".$fieldlist.") VALUES (".$insertid.$fieldvalues.")");
$db->query("INSERT INTO bb".$n."_user2groups (userid,groupid) SELECT '$insertid' as userid,groupid FROM bb".$n."_groups WHERE grouptype='4'");
if ($emailverifymode == 1 || $emailverifymode == 2) $db->query("INSERT INTO bb".$n."_user2groups (userid,groupid) SELECT '$insertid' as userid,groupid FROM bb".$n."_groups WHERE grouptype='2'");
/* update global usercount & lastuserid */
$db->unbuffered_query("UPDATE bb".$n."_stats SET usercount=usercount+1, lastuserid='".$insertid."'", 1);
/* Begin User-Map by Viktor */
if(isSet($_POST['longitude'])) $longitude = (float)($_POST['longitude']);
if(isSet($_POST['latitude'])) $latitude = (float)($_POST['latitude']);
if(isSet($_POST['zipcode'])) $zipcode = $_POST['zipcode'];
if(isSet($_POST['place'])) $place = $_POST['place'];
if ($longitude != '') {
if ($latitude != '') {
if ($zipcode!='') {
if ($place!='') {
$db->query("INSERT INTO bb".$n."_map_mod_user (user_id,longitude,latitude,zipcode,place) VALUES ('".$insertid."', '".(float)$longitude."', '".(float)$latitude."', '".$zipcode."', '".addslashes($place)."')");
}
}
}
}
/* End User-Map by Viktor */
if ($regnotify == 1) {
if ($session['langid'] != 0) {
$adminLang = &new language(0);
$adminLang->load('OWN,MAIL');
}
else $adminLang =& $lang;
$master_board_name_email = getlangvar($o_master_board_name, $adminLang, 0);
$subject = $adminLang->get("LANG_MAIL_REGNOTIFY_SUBJECT", array('$master_board_name_email' => $master_board_name_email));
$content = $adminLang->get("LANG_MAIL_REGNOTIFY_TEXT", array('$master_board_name_email' => $master_board_name_email, '$r_username' => $r_username));
mailer($webmastermail, $subject, $content);
}
if ($emailverifymode == 0 || $emailverifymode == 1 || $emailverifymode == 2) {
if ($r_usecookies == 1) {
bbcookie("userid", "$insertid", time() + 3600 * 24 * 365);
bbcookie("userpassword", md5($r_password), time() + 3600 * 24 * 365);
}
$db->query("UPDATE bb".$n."_sessions SET userid = '".$insertid."', styleid='".intval($r_styleid)."', langid='".intval($r_langid)."' WHERE sessionhash = '$sid'");
if ($emailverifymode == 0) {
header("Location: index.php".$SID_ARG_1ST);
exit;
}
}
if ($emailverifymode == 1) {
$master_board_name_email = getlangvar($o_master_board_name, $lang, 0);
$subject = $lang->get("LANG_MAIL_REGISTER1_SUBJECT", array('$master_board_name_email' => $master_board_name_email));
$content = $lang->get("LANG_MAIL_REGISTER1_TEXT", array('$master_board_name_email' => $master_board_name_email, '$r_username' => $r_username, '$url2board' => $url2board, '$insertid' => $insertid, '$activation' => $activation, '$webmastermail' => $webmastermail));
mailer($r_email, $subject, $content);
$r_username = htmlconverter($r_username);
redirect($lang->get("LANG_REGISTER_REDIRECT1", array('$r_username' => $r_username, '$r_email' => $r_email)), "index.php".$SID_ARG_1ST, 20);
}
if ($emailverifymode == 2) {
$r_username = htmlconverter($r_username);
redirect($lang->get("LANG_REGISTER_REDIRECT2", array('$r_username' => $r_username)), "index.php".$SID_ARG_1ST, 20);
}
if ($emailverifymode == 3) {
$master_board_name_email = getlangvar($o_master_board_name, $lang, 0);
$subject = $lang->get("LANG_MAIL_REGISTER3_SUBJECT", array('$master_board_name_email' => $master_board_name_email));
$content = $lang->get("LANG_MAIL_REGISTER3_TEXT", array('$master_board_name_email' => $master_board_name_email, '$r_username' => $r_username, '$url2board' => $url2board, '$r_password' => $r_password, '$webmastermail' => $webmastermail));
mailer($r_email, $subject, $content);
$r_username = htmlconverter($r_username);
redirect($lang->get("LANG_REGISTER_REDIRECT3", array('$r_username' => $r_username, '$r_email' => $r_email)), "index.php".$SID_ARG_1ST, 20);
}
}
/* checkbox select */
if (isset($_POST['disablesmilies']) && $_POST['disablesmilies'] == 1) $checked[0] = "checked=\"checked\"";
else $checked[0] = '';
if (isset($_POST['disablehtml']) && $_POST['disablehtml'] == 1) $checked[1] = "checked=\"checked\"";
else $checked[1] = '';
if (isset($_POST['disablebbcode']) && $_POST['disablebbcode'] == 1) $checked[2] = "checked=\"checked\"";
else $checked[2] = '';
if (isset($_POST['disableimages']) && $_POST['disableimages'] == 1) $checked[3] = "checked=\"checked\"";
else $checked[3] = '';
}
else {
$r_invisible = $default_register_invisible;
$r_usecookies = $default_register_usecookies;
$r_admincanemail = $default_register_admincanemail;
$r_showemail = 1 - $default_register_showemail;
$r_usercanemail = $default_register_usercanemail;
$r_emailnotify = $default_register_emailnotify;
$r_notificationperpm = $default_register_notificationperpm;
$r_receivepm = $default_register_receivepm;
$r_emailonpm = $default_register_emailonpm;
$r_pmpopup = $default_register_pmpopup;
$r_showsignatures = $default_register_showsignatures;
$r_showavatars = $default_register_showavatars;
$r_showimages = $default_register_showimages;
$r_threadview = $default_register_threadview;
$r_timezoneoffset = $default_timezoneoffset;
$r_startweek = $default_startweek;
$r_dateformat = $dateformat;
$r_timeformat = $timeformat;
$r_day = 0;
$r_month = 0;
$r_password = '';
$r_confirmpassword = '';
$r_icq = '';
$r_year = 0;
$r_username = '';
$r_email = '';
$r_homepage = '';
$r_yim = '';
$r_aim = '';
$r_msn = '';
$r_skype = '';
$r_signature = '';
$r_usertext = '';
$r_styleid = 0;
$r_usewysiwyg = $default_register_usewysiwyg;
if (isset($session['langid'])) $r_langid = $session['langid'];
else $r_langid = 0;
/* Begin User-Map by Viktor */
$longitude = 0;
$latitude = 0;
$zipcode = " ";
$place = " ";
/* End User-Map by Viktor */
/* checkbox preselect */
if ($register_default_checked_0 == 1) $checked[0] = 'checked="checked"';
else $checked[0] = '';
if ($register_default_checked_1 == 1) $checked[1] = 'checked="checked"';
else $checked[1] = '';
if ($register_default_checked_2 == 1) $checked[2] = 'checked="checked"';
else $checked[2] = '';
if ($register_default_checked_3 == 1) $checked[3] = 'checked="checked"';
else $checked[3] = '';
}
// CAPTCHA
$stime = intval(wbb_substr(microtime(), 2,
);
mt_srand($stime);
$new_key_string = '';
$chain = 'ABCDEFGHIJKLMPRSTUVWXYZ';
for ($i = 0; $i < 6; $i++) {
$new_key_string .= $chain[mt_rand(0, wbb_strlen($chain) - 1)];
}
$db->query("INSERT INTO bb".$n."_register_keys (key_string, key_date) VALUES ('".$new_key_string."', ".time().")");
$key_number = $db->insert_id();
$day_options = '';
for ($i = 1; $i <= 31; $i++) $day_options .= makeoption($i, $i, $r_day);
$month_options = '';
for ($i = 1; $i <= 12; $i++) $month_options .= makeoption($i, getmonth($i), $r_month);
$startweek_options = '';
for ($i = 0; $i < 7; $i++) $startweek_options .= makeoption($i, getday($i), $r_startweek);
if (isset($r_gender)) $gender[$r_gender] = ' selected="selected"';
if (isset($r_invisible)) $invisible[$r_invisible] = ' selected="selected"';
if (isset($r_usecookies)) $usecookies[$r_usecookies] = ' selected="selected"';
if (isset($r_admincanemail)) $admincanemail[$r_admincanemail] = ' selected="selected"';
if (isset($r_showemail)) $showemail[$r_showemail] = ' selected="selected"';
if (isset($r_usercanemail)) $usercanemail[$r_usercanemail] = ' selected="selected"';
if (isset($r_emailnotify)) $emailnotify[$r_emailnotify] = ' selected="selected"';
if (isset($r_notificationperpm)) $notificationperpm[$r_notificationperpm] = ' selected="selected"';
if (isset($r_receivepm)) $receivepm[$r_receivepm] = ' selected="selected"';
if (isset($r_emailonpm)) $emailonpm[$r_emailonpm] = ' selected="selected"';
if (isset($r_pmpopup)) $spmpopup[$r_pmpopup] = ' selected="selected"';
if (isset($r_showsignatures)) $showsignatures[$r_showsignatures] = ' selected="selected"';
if (isset($r_showavatars)) $showavatars[$r_showavatars] = ' selected="selected"';
if (isset($r_showimages)) $showimages[$r_showimages] = ' selected="selected"';
if (isset($r_daysprune)) $sdaysprune[$r_daysprune] = ' selected="selected"';
if (isset($r_umaxposts)) $sumaxposts[$r_umaxposts] = ' selected="selected"';
if (isset($r_threadview)) $sthreadview[$r_threadview] = ' selected="selected"';
if (isset($r_usewysiwyg)) $usewysiwyg[$r_usewysiwyg] = ' selected="selected"';
/* timezones */
$timezone_options = '';
$timezones = explode("\n", $lang->items['LANG_REGISTER_TIMEZONES']);
for ($i = 0; $i < count($timezones); $i++) {
$parts = explode("|", wbb_trim($timezones[$i]));
$timezone_options .= makeoption($parts[0], "(GMT".(($parts[1]) ? (" ".$parts[1]) : ("")).") $parts[2]", $r_timezoneoffset);
}
$z = 1;
$y = (($emailverifymode != 3) ? (0) : (1));
$y += $reg_image;
/* profilefields */
$profilefields_required = '';
$profilefields = '';
$result = $db->unbuffered_query("SELECT * FROM bb".$n."_profilefields ORDER BY fieldorder ASC");
while ($row = $db->fetch_array($result)) {
$field_value = '';
$field_checked = '';
$dayfield_value = '';
$monthfield_value = '';
$yearfield_value = '';
if (!isset($field[$row['profilefieldid']])) $field[$row['profilefieldid']] = '';
switch ($row['fieldtype']) {
case "text":
$field_value = htmlconverter($field[$row['profilefieldid']]);
break;
case "select":
$row_options = explode("\n", $row['fieldoptions']);
$field_value = "<option value=\"\"></option>\n";
foreach ($row_options as $option) $field_value .= makeoption(wbb_trim($option), wbb_trim($option), $field[$row['profilefieldid']]);
break;
case "multiselect":
$row_options = explode("\n", $row['fieldoptions']);
if (isset($_POST['send']) && is_array($field[$row['profilefieldid']]) && count($field[$row['profilefieldid']])) $selected_options = $field[$row['profilefieldid']];
else $selected_options = array();
foreach ($row_options as $option) $field_value .= makeoption(wbb_trim($option), wbb_trim($option), ((in_array(wbb_trim($option), $selected_options)) ? (wbb_trim($option)) : ("")));
break;
case "checkbox":
$field_value = $row['fieldoptions'];
$field_checked = (($field_value == $field[$row['profilefieldid']]) ? (" checked=\"checked\"") : (""));
break;
case "date":
$year_tmp = $yearfield[$row['profilefieldid']];
$month_tmp = $monthfield[$row['profilefieldid']];
$day_tmp = $dayfield[$row['profilefieldid']];
for ($i = 1; $i <= 31; $i++) $dayfield_value .= makeoption($i, $i, $day_tmp);
for ($i = 1; $i <= 12; $i++) $monthfield_value .= makeoption($i, getmonth($i), $month_tmp);
if (intval($year_tmp)) $yearfield_value = $year_tmp;
else $yearfield_value = '';
break;
}
$row['title'] = getlangvar($row['title'], $lang);
$row['description'] = getlangvar($row['description'], $lang);
if ($row['required'] == 1) {
$tdclass = getone($y, "tablea", "tableb");
eval("\$profilefields_required .= \"".$tpl->get("register_userfield_$row[fieldtype]")."\";");
$y++;
}
else {
$tdclass = getone($z, "tablea", "tableb");
eval("\$profilefields .= \"".$tpl->get("register_userfield_$row[fieldtype]")."\";");
$z++;
}
}
/* styles */
$style_options = '';
$result = $db->unbuffered_query("SELECT styleid, stylename FROM bb".$n."_styles ORDER BY stylename ASC");
while ($row = $db->fetch_array($result)) $style_options .= makeoption($row['styleid'], getlangvar($row['stylename'], $lang), $r_styleid);
/* language packs */
$lang_options = '';
$result = $db->unbuffered_query("SELECT languagepackid, languagepackname FROM bb".$n."_languagepacks ORDER BY languagepackname ASC");
while ($row = $db->fetch_array($result)) $lang_options .= makeoption($row['languagepackid'], getlangvar($row['languagepackname'], $lang), $r_langid);
/* signature notes */
$note = '';
if ($wbbuserdata['can_use_sig_html'] == 0) $note .= $lang->items['LANG_POSTINGS_HTML_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_HTML_ALLOW'];
if ($wbbuserdata['can_use_sig_bbcode'] == 0) $note .= $lang->items['LANG_POSTINGS_BBCODE_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_BBCODE_ALLOW'];
if ($wbbuserdata['can_use_sig_smilies'] == 0) $note .= $lang->items['LANG_POSTINGS_SMILIES_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_SMILIES_ALLOW'];
if ($wbbuserdata['can_use_sig_images'] == 0) $note .= $lang->items['LANG_POSTINGS_HTML_IMAGES_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_IMAGES_ALLOW'];
$r_email = htmlconverter($r_email);
$r_homepage = htmlconverter($r_homepage);
$r_icq = intval($r_icq);
$r_aim = htmlconverter($r_aim);
$r_yim = htmlconverter($r_yim);
$r_msn = htmlconverter($r_msn);
$r_skype = htmlconverter($r_skype);
$r_year = htmlconverter($r_year);
$r_gender = htmlconverter($r_gender);
$r_usertext = htmlconverter($r_usertext);
$r_username = htmlconverter($r_username);
$r_password = htmlconverter($r_password);
$r_confirmpassword = htmlconverter($r_confirmpassword);
$r_signature = htmlconverter($r_signature);
$key_string = htmlconverter($key_string);
if (!$r_icq) $r_icq = '';
if ($r_year == "0000") $r_year = '';
eval("\$tpl->output(\"".$tpl->get("register")."\");");
}
?> |
|
|
|
|
|
Dieser Beitrag wurde 1 mal editiert, zum letzten Mal von Supercomp: 26.07.2006 22:31.
|
|
26.07.2006 22:29 |
|
|
Viktor
Administrator
Zeige Viktor auf Karte
Dabei seit: 15.08.2003
Beiträge: 31.570
363 Filebase-Einträge
Alter: 66 Jahre
Herkunft: NRW wBB-Version: wBB2.3 PHP-Version: 7.4.33 MySQL-Version: 10.5.19-MariaDB Wo bist du gehostet?: eigener Server
Bewertung:
Level: 71 [?]
Erfahrungspunkte: 237.744.173
Nächster Level: 266.777.854
|
|
Hallo,
jo sorry das ich es falsch verstanden habe.
In der Datei "usercp.php" war ein Einbaufehler drin.
code: |
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
290:
291:
292:
293:
294:
295:
296:
297:
298:
299:
300:
301:
302:
303:
304:
305:
306:
307:
308:
309:
310:
311:
312:
313:
314:
315:
316:
317:
318:
319:
320:
321:
322:
323:
324:
325:
326:
327:
328:
329:
330:
331:
332:
333:
334:
335:
336:
337:
338:
339:
340:
341:
342:
343:
344:
345:
346:
347:
348:
349:
350:
351:
352:
353:
354:
355:
356:
357:
358:
359:
360:
361:
362:
363:
364:
365:
366:
367:
368:
369:
370:
371:
372:
373:
374:
375:
376:
377:
378:
379:
380:
381:
382:
383:
384:
385:
386:
387:
388:
389:
390:
391:
392:
393:
394:
395:
396:
397:
398:
399:
400:
401:
402:
403:
404:
405:
406:
407:
408:
409:
410:
411:
412:
413:
414:
415:
416:
417:
418:
419:
420:
421:
422:
423:
424:
425:
426:
427:
428:
429:
430:
431:
432:
433:
434:
435:
436:
437:
438:
439:
440:
441:
442:
443:
444:
445:
446:
447:
448:
449:
450:
451:
452:
453:
454:
455:
456:
457:
458:
459:
460:
461:
462:
463:
464:
465:
466:
467:
468:
469:
470:
471:
472:
473:
474:
475:
476:
477:
478:
479:
480:
481:
482:
483:
484:
485:
486:
487:
488:
489:
490:
491:
492:
493:
494:
495:
496:
497:
498:
499:
500:
501:
502:
503:
504:
505:
506:
507:
508:
509:
510:
511:
512:
513:
514:
515:
516:
517:
518:
519:
520:
521:
522:
523:
524:
525:
526:
527:
528:
529:
530:
531:
532:
533:
534:
535:
536:
537:
538:
539:
540:
541:
542:
543:
544:
545:
546:
547:
548:
549:
550:
551:
552:
553:
554:
555:
556:
557:
558:
559:
560:
561:
562:
563:
564:
565:
566:
567:
568:
569:
570:
571:
572:
573:
574:
575:
576:
577:
578:
579:
580:
581:
582:
583:
584:
585:
586:
587:
588:
589:
590:
591:
592:
593:
594:
595:
596:
597:
598:
599:
600:
601:
602:
603:
604:
605:
606:
607:
608:
609:
610:
611:
612:
613:
614:
615:
616:
617:
618:
619:
620:
621:
622:
623:
624:
625:
626:
627:
628:
629:
630:
631:
632:
633:
634:
635:
636:
637:
638:
639:
640:
641:
642:
643:
644:
645:
646:
647:
648:
649:
650:
651:
652:
653:
654:
655:
656:
657:
658:
659:
660:
661:
662:
663:
664:
665:
666:
667:
668:
669:
670:
671:
672:
673:
674:
675:
676:
677:
678:
679:
680:
681:
682:
683:
684:
685:
686:
687:
688:
689:
690:
691:
692:
693:
694:
695:
696:
697:
698:
699:
700:
701:
702:
703:
704:
705:
706:
707:
708:
709:
710:
711:
712:
713:
714:
715:
716:
717:
718:
719:
720:
721:
722:
723:
724:
725:
726:
727:
728:
729:
730:
731:
732:
733:
734:
735:
736:
737:
738:
739:
740:
741:
742:
743:
744:
745:
746:
747:
748:
749:
750:
751:
752:
753:
754:
755:
756:
757:
758:
759:
760:
761:
762:
763:
764:
765:
766:
767:
768:
769:
770:
771:
772:
773:
774:
775:
776:
777:
778:
779:
780:
781:
782:
783:
784:
785:
786:
787:
788:
789:
790:
791:
792:
793:
794:
795:
796:
797:
798:
799:
800:
801:
802:
803:
804:
805:
806:
807:
808:
809:
810:
811:
812:
813:
814:
815:
816:
817:
818:
819:
820:
821:
822:
823:
824:
825:
826:
827:
828:
829:
830:
831:
832:
833:
834:
835:
836:
837:
838:
839:
840:
841:
842:
843:
844:
845:
846:
847:
848:
849:
850:
851:
852:
853:
854:
855:
856:
857:
858:
859:
860:
861:
862:
863:
864:
865:
866:
867:
868:
869:
870:
871:
872:
873:
874:
875:
876:
877:
878:
879:
880:
881:
882:
883:
884:
885:
886:
887:
888:
889:
890:
891:
892:
893:
894:
895:
896:
897:
898:
899:
900:
901:
902:
903:
904:
905:
906:
907:
908:
909:
910:
911:
912:
913:
914:
915:
916:
917:
918:
919:
920:
921:
922:
923:
924:
925:
926:
927:
928:
929:
930:
931:
932:
933:
934:
935:
936:
937:
938:
939:
940:
941:
942:
943:
944:
945:
946:
947:
948:
949:
950:
951:
952:
953:
954:
955:
956:
957:
958:
959:
960:
961:
962:
963:
964:
965:
966:
967:
968:
969:
970:
971:
972:
973:
974:
975:
976:
977:
978:
979:
980:
981:
982:
983:
984:
985:
986:
987:
988:
989:
990:
991:
992:
993:
994:
995:
996:
997:
998:
999:
1000:
1001:
1002:
1003:
1004:
1005:
1006:
1007:
1008:
1009:
1010:
1011:
1012:
1013:
1014:
1015:
1016:
1017:
1018:
1019:
1020:
1021:
1022:
1023:
1024:
1025:
1026:
1027:
1028:
1029:
1030:
1031:
1032:
1033:
1034:
1035:
1036:
1037:
1038:
1039:
1040:
1041:
1042:
1043:
1044:
1045:
1046:
1047:
1048:
1049:
1050:
1051:
1052:
1053:
1054:
1055:
1056:
1057:
1058:
1059:
1060:
1061:
1062:
1063:
1064:
1065:
1066:
1067:
1068:
1069:
1070:
1071:
1072:
1073:
1074:
1075:
1076:
1077:
1078:
1079:
1080:
1081:
1082:
1083:
1084:
1085:
1086:
1087:
1088:
1089:
1090:
1091:
1092:
1093:
1094:
1095:
1096:
1097:
1098:
1099:
1100:
1101:
1102:
1103:
1104:
1105:
1106:
1107:
1108:
1109:
1110:
1111:
1112:
1113:
1114:
1115:
1116:
1117:
1118:
1119:
1120:
1121:
1122:
1123:
1124:
1125:
1126:
1127:
1128:
1129:
1130:
1131:
1132:
1133:
1134:
1135:
1136:
1137:
1138:
1139:
1140:
1141:
1142:
1143:
1144:
1145:
1146:
1147:
1148:
1149:
1150:
1151:
1152:
1153:
1154:
1155:
1156:
1157:
1158:
1159:
1160:
1161:
1162:
1163:
1164:
1165:
1166:
1167:
1168:
1169:
1170:
1171:
1172:
1173:
1174:
1175:
1176:
1177:
1178:
1179:
1180:
1181:
1182:
1183:
1184:
1185:
1186:
1187:
1188:
1189:
1190:
1191:
1192:
1193:
1194:
1195:
1196:
1197:
1198:
1199:
1200:
1201:
1202:
1203:
1204:
1205:
1206:
1207:
1208:
1209:
1210:
1211:
1212:
1213:
1214:
1215:
1216:
1217:
1218:
1219:
1220:
1221:
1222:
1223:
1224:
1225:
1226:
1227:
1228:
1229:
1230:
1231:
1232:
1233:
1234:
1235:
1236:
1237:
1238:
1239:
1240:
1241:
1242:
1243:
1244:
1245:
1246:
1247:
1248:
1249:
1250:
1251:
1252:
1253:
1254:
1255:
1256:
1257:
1258:
1259:
1260:
1261:
1262:
1263:
1264:
1265:
1266:
1267:
1268:
1269:
1270:
1271:
1272:
1273:
1274:
1275:
1276:
1277:
1278:
1279:
1280:
1281:
1282:
1283:
1284:
1285:
1286:
1287:
1288:
1289:
1290:
1291:
1292:
1293:
1294:
1295:
1296:
1297:
1298:
1299:
1300:
1301:
1302:
1303:
1304:
1305:
1306:
1307:
1308:
1309:
1310:
1311:
1312:
1313:
1314:
1315:
1316:
1317:
1318:
1319:
1320:
1321:
1322:
1323:
1324:
1325:
1326:
1327:
1328:
1329:
1330:
1331:
1332:
1333:
1334:
1335:
1336:
1337:
1338:
1339:
1340:
1341:
1342:
1343:
1344:
1345:
1346:
1347:
1348:
1349:
1350:
1351:
1352:
1353:
1354:
1355:
1356:
1357:
1358:
1359:
1360:
1361:
1362:
1363:
1364:
1365:
1366:
1367:
1368:
|
<?php
// ***************************************************************************
*********//
// * WoltLab Burning Board 2
// ***************************************************************************
*********//
// * Copyright (c) 2001-2004 WoltLab GmbH
// * Web http://www.woltlab.de/
// * License http://www.woltlab.de/products/burning_board/license_en.php
// * http://www.woltlab.de/products/burning_board/license.php
// ***************************************************************************
*********//
// * WoltLab Burning Board 2 is NOT free software.
// * You may not redistribute this package or any of it's files.
// ***************************************************************************
*********//
// * $Date: 2006-01-04 11:39:33 +0100 (Wed, 04 Jan 2006) $
// * $Author: Burntime $
// * $Rev: 1680 $
// ***************************************************************************
*********//
$filename = 'usercp.php';
require('./global.php');
$lang->load('USERCP');
if (!$wbbuserdata['userid']) access_error();
if (isset($_REQUEST['action'])) $action = $_REQUEST['action'];
else $action = '';
/**
* remove an element from a list
*
* @param string list
* @param string remove
*
* @return string new list
*/
function removeFromlist($list, $remove) {
$listelements = explode(' ', $list);
if (!in_array($remove, $listelements)) return - 1;
else {
$count = count($listelements);
for ($i = 0; $i < $count; $i++) {
if ($listelements[$i] == $remove) {
if ($i == $count - 1) array_pop($listelements);
else $listelements[$i] = array_pop($listelements);
break;
}
}
return implode(' ', $listelements);
}
}
$username = htmlconverter($wbbuserdata['username']);
$lang->items['LANG_USERCP_TITLE'] = $lang->get("LANG_USERCP_TITLE", array('$username' => $username));
/** no action defined => startpage **/
if (!$action) {
eval("\$tpl->output(\"".$tpl->get("usercp")."\");");
}
/** edit profile **/
if ($action == 'profile_edit') {
$lang->load('REGISTER,POSTINGS');
$usercp_error = '';
$gender = array(1 => '', 2 => '');
/** post data sent => verify and safe profile **/
if (isset($_POST['send'])) {
// profilefields
if (isset($_POST['field']) && is_array($_POST['field'])) $field = trim_array($_POST['field']);
else $field = array();
if (isset($_POST['dayfield']) && is_array($_POST['dayfield'])) $dayfield = trim_array($_POST['dayfield']);
else $dayfield = array();
if (isset($_POST['monthfield']) && is_array($_POST['monthfield'])) $monthfield = trim_array($_POST['monthfield']);
else $monthfield = array();
if (isset($_POST['yearfield']) && is_array($_POST['yearfield'])) $yearfield = trim_array($_POST['yearfield']);
else $yearfield = array();
// profiledata
if (isset($_POST['r_email'])) $r_email = wbb_trim($_POST['r_email']);
if (isset($_POST['r_homepage'])) $r_homepage = wbb_trim($_POST['r_homepage']);
if (isset($_POST['r_icq'])) $r_icq = str_replace("-", "", wbb_trim($_POST['r_icq']));
if (isset($_POST['r_aim'])) $r_aim = wbb_trim($_POST['r_aim']);
if (isset($_POST['r_yim'])) $r_yim = wbb_trim($_POST['r_yim']);
if (isset($_POST['r_msn'])) $r_msn = wbb_trim($_POST['r_msn']);
if (isset($_POST['r_skype'])) $r_skype = wbb_trim($_POST['r_skype']);
if (isset($_POST['r_day'])) $r_day = wbb_trim($_POST['r_day']);
if (isset($_POST['r_month'])) $r_month = wbb_trim($_POST['r_month']);
if (isset($_POST['r_year'])) $r_year = wbb_trim($_POST['r_year']);
if (isset($_POST['r_gender'])) $r_gender = wbb_trim($_POST['r_gender']);
if (isset($_POST['r_usertext'])) $r_usertext = wbb_trim($_POST['r_usertext']);
if (isset($_POST['r_title']) && $wbbuserdata['can_edit_title'] == 1) $r_title = wbb_trim($_POST['r_title']);
else $r_title = '';
$error = '';
$userfield_error = 0;
$fieldvalues = '';
/** verify required profilefields and build sql update query **/
$result = $db->unbuffered_query("SELECT profilefieldid,required,fieldtype,choicecount,fieldoptions FROM bb".$n."_profilefields ORDER BY profilefieldid ASC");
while ($row = $db->fetch_array($result)) {
// is required -> check content
if ($row['required'] == 1 && $row['fieldtype'] != "checkbox") {
// date
if ($row['fieldtype'] == "date") {
if (!$dayfield[$row['profilefieldid']] || !$monthfield[$row['profilefieldid']] || !$yearfield[$row['profilefieldid']]) {
$userfield_error = 1;
}
}
// select
else if ($row['fieldtype'] == "select") {
$temp = explode("\n", dos2unix($row['fieldoptions']));
$options = trim_array($temp);
if (!isset($field[$row['profilefieldid']]) || !in_array($field[$row['profilefieldid']], $options)) {
$userfield_error = 1;
}
}
// multiselect
else if ($row['fieldtype'] == "multiselect") {
$temp = explode("\n", dos2unix($row['fieldoptions']));
$options = trim_array();
if (!count($field[$row['profilefieldid']])) {
$userfield_error = 1;
}
else {
for ($i = 0, $j = count($field[$row['profilefieldid']]); $i < $j; $i++) {
if (!in_array($field[$row['profilefieldid']][$i], $options)) {
$userfield_error = 1;
}
}
}
}
// other
else {
if (!isset($field[$row['profilefieldid']]) || $field[$row['profilefieldid']] == '') {
$userfield_error = 1;
}
}
if ($userfield_error == 1) break;
}
if ($row['fieldtype'] == "multiselect") {
if (is_array($field[$row['profilefieldid']])) {
if ($row['choicecount'] && count($field[$row['profilefieldid']]) > $row['choicecount']) {
$max = count($field[$row['profilefieldid']]);
for ($i = $row['choicecount']; $i < $max; $i++) unset($field[$row['profilefieldid']][$i]);
}
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = '".addslashes(wbb_trim(implode("\n", $field[$row['profilefieldid']])))."'";
else $fieldvalues .= "field$row[profilefieldid] = '".addslashes(wbb_trim(implode("\n", $field[$row['profilefieldid']])))."'";
}
else {
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = ''";
else $fieldvalues .= "field$row[profilefieldid] = ''";
}
}
elseif ($row['fieldtype'] == "date") {
if ($dayfield[$row['profilefieldid']] && $monthfield[$row['profilefieldid']]) $datefield = ((wbb_strlen($yearfield[$row['profilefieldid']]) == 4) ? ($yearfield[$row['profilefieldid']]) : (((wbb_strlen($yearfield[$row['profilefieldid']]) == 2) ? ("19".$yearfield[$row['profilefieldid']]) : ("0000"))))."-".(($monthfield[$row['profilefieldid']] < 10) ? ("0".$monthfield[$row['profilefieldid']]) : ($monthfield[$row['profilefieldid']]))."-".(($dayfield[$row['profilefieldid
']] < 10) ? ("0".$dayfield[$row['profilefieldid']]) : ($dayfield[$row['profilefieldid']]));
else $datefield = "0000-00-00";
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = '".addslashes($datefield)."'";
else $fieldvalues = "field$row[profilefieldid] = '".addslashes($datefield)."'";
}
else {
if ($fieldvalues) $fieldvalues .= ", field$row[profilefieldid] = '".addslashes($field[$row['profilefieldid']])."'";
else $fieldvalues = "field$row[profilefieldid] = '".addslashes($field[$row['profilefieldid']])."'";
}
}
/** verify input, build error messages **/
if ($userfield_error == 1) $error .= $lang->items['LANG_POSTINGS_ERROR1'];
if (wbb_strlen($r_usertext) > $wbbuserdata['max_usertext_length']) $error .= $lang->items['LANG_REGISTER_ERROR6'];
if ($error) eval("\$usercp_error = \"".$tpl->get("register_error")."\";");
/** input ok **/
else {
if ($r_homepage && !preg_match("/[a-zA-Z]:\/\//si", $r_homepage)) $r_homepage = "http://".$r_homepage;
if ($r_day && $r_month) {
$r_year = ((wbb_strlen($r_year) == 4) ? ($r_year) : (((wbb_strlen($r_year) == 2) ? ("19$r_year") : ("0000"))));
if (checkdate($r_month, $r_day, (($r_year != '0000') ? ($r_year) : (date('Y', time()))))) $birthday = $r_year."-".(($r_month < 10) ? ("0$r_month") : ($r_month))."-".(($r_day < 10) ? ("0$r_day") : ($r_day));
else $birthday = "0000-00-00";
}
else $birthday = "0000-00-00";
if ($wbbuserdata['can_edit_title'] == 1 && isset($r_title)) if (!verify_usertitle($r_title)) $r_title = '';
list($rankid) = $db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$wbbuserdata[rankgroupid]') AND needposts<='$wbbuserdata[userposts]' AND gender IN ('0','".intval($r_gender)."') ORDER BY needposts DESC, gender DESC", 1);
$db->unbuffered_query("UPDATE bb".$n."_users SET ".(($wbbuserdata['can_edit_title'] == 1 && isset($r_title)) ? ("title='".addslashes($r_title)."', ") : (""))."usertext='".addslashes($r_usertext)."', icq='".intval($r_icq)."', aim='".addslashes($r_aim)."', yim='".addslashes($r_yim)."', msn='".addslashes($r_msn)."', homepage='".addslashes($r_homepage)."', birthday='".addslashes($birthday)."', gender='".intval($r_gender)."'".(($rankid != $wbbuserdata['rankid']) ? (", rankid='$rankid'") : (""))."
, skype='".addslashes($r_skype)."' WHERE userid = '$wbbuserdata[userid]'", 1);
if ($fieldvalues) $db->unbuffered_query("UPDATE bb".$n."_userfields SET $fieldvalues WHERE userid = '$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=profile_edit".$SID_ARG_2ND_UN);
exit();
}
}
/** profile saved **/
/** no post data sent, get profile **/
else {
$r_homepage = $wbbuserdata['homepage'];
$r_icq = $wbbuserdata['icq'];
$r_aim = $wbbuserdata['aim'];
$r_yim = $wbbuserdata['yim'];
$r_msn = $wbbuserdata['msn'];
$r_skype = $wbbuserdata['skype'];
$birthday = explode("-", $wbbuserdata['birthday']);
$r_day = $birthday[2];
$r_month = $birthday[1];
$r_year = (($birthday[0]) ? ($birthday[0]) : (""));
$r_gender = $wbbuserdata['gender'];
$r_usertext = $wbbuserdata['usertext'];
$r_title = $wbbuserdata['title'];
$userfields = $db->query_first("SELECT * FROM bb".$n."_userfields WHERE userid='$wbbuserdata[userid]'");
}
/** now generate the html - form **/
$day_options = ''; $month_options = '';
for ($i = 1; $i <= 31; $i++) $day_options .= makeoption($i, $i, $r_day);
for ($i = 1; $i <= 12; $i++) $month_options .= makeoption($i, getmonth($i), $r_month);
if (isset($r_gender)) $gender[$r_gender] = ' selected="selected"';
$z = 0;
$y = 1;
$profilefields_required = '';
$profilefields = '';
/** get profilefields **/
$result = $db->unbuffered_query("SELECT * FROM bb".$n."_profilefields ORDER BY fieldorder ASC");
while ($row = $db->fetch_array($result)) {
$field_value = '';
$field_checked = '';
$dayfield_value = '';
$monthfield_value = '';
$yearfield_value = '';
$row_options = array();
$selected_options = array();
switch ($row['fieldtype']) {
case "text":
if (isset($_POST['send'])) $field_value = htmlconverter($field[$row['profilefieldid']]);
else $field_value = htmlconverter($userfields["field".$row['profilefieldid']]);
break;
case "select":
$row_options = explode("\n", $row['fieldoptions']);
$field_value = "<option value=\"\">".$lang->get("LANG_GLOBAL_PLEASE_SELECT")."</option>\n";
foreach ($row_options as $option) $field_value .= makeoption(htmlconverter(wbb_trim($option)), htmlconverter(wbb_trim($option)), ((isset($_POST['send'])) ? (htmlconverter(wbb_trim($field[$row['profilefieldid']]))) : (htmlconverter(wbb_trim($userfields["field".$row['profilefieldid']])))));
break;
case "multiselect":
$row_options = explode("\n", $row['fieldoptions']);
if (isset($_POST['send']) && is_array($field[$row['profilefieldid']]) && count($field[$row['profilefieldid']])) $selected_options = $field[$row['profilefieldid']];
else $selected_options = explode("\n", $userfields["field".$row['profilefieldid']]);
foreach ($row_options as $option) $field_value .= makeoption(htmlconverter(wbb_trim($option)), htmlconverter(wbb_trim($option)), ((in_array(wbb_trim($option), $selected_options)) ? (htmlconverter(wbb_trim($option))) : ("")));
break;
case "checkbox":
$field_value = htmlconverter($row['fieldoptions']);
$field_checked = (($row['fieldoptions'] == ((isset($_POST['send'])) ? ($field[$row['profilefieldid']]) : ($userfields["field".$row['profilefieldid']]))) ? (" checked=\"checked\"") : (""));
break;
case "date":
if (isset($_POST['send'])) {
$year_tmp = $yearfield[$row['profilefieldid']];
$month_tmp = $monthfield[$row['profilefieldid']];
$day_tmp = $dayfield[$row['profilefieldid']];
}
else list($year_tmp, $month_tmp, $day_tmp) = explode("-", $userfields["field".$row['profilefieldid']]);
for ($i = 1; $i <= 31; $i++) $dayfield_value .= makeoption($i, $i, $day_tmp);
for ($i = 1; $i <= 12; $i++) $monthfield_value .= makeoption($i, getmonth($i), $month_tmp);
if (intval($year_tmp)) $yearfield_value = $year_tmp;
else $yearfield_value = '';
break;
}
$row['title'] = getlangvar($row['title'], $lang);
$row['description'] = getlangvar($row['description'], $lang);
if ($row['required'] == 1) {
$tdclass = getone($y, "tablea", "tableb");
eval("\$profilefields_required .= \"".$tpl->get("register_userfield_$row[fieldtype]")."\";");
$y++;
}
else {
$tdclass = getone($z, "tablea", "tableb");
eval("\$profilefields .= \"".$tpl->get("register_userfield_$row[fieldtype]")."\";");
$z++;
}
}
$r_homepage = htmlconverter($r_homepage);
$r_icq = intval($r_icq);
$r_aim = htmlconverter($r_aim);
$r_yim = htmlconverter($r_yim);
$r_msn = htmlconverter($r_msn);
$r_skype = htmlconverter($r_skype);
$r_year = htmlconverter($r_year);
$r_gender = htmlconverter($r_gender);
$r_usertext = htmlconverter($r_usertext);
$r_title = htmlconverter($r_title);
if (!$r_icq) $r_icq = '';
if ($r_year == "0000") $r_year = '';
/** output html - form **/
eval("\$tpl->output(\"".$tpl->get("usercp_profile_edit")."\");");
}
/** edit signature **/
if ($action == 'signature_edit') {
$lang->load('REGISTER,POSTINGS');
require('./acp/lib/class_parse.php');
$preview_signature = '';
$old_signature = '';
$usercp_error = '';
if (isset($_POST['send'])) {
// post options
if (isset($_POST['disablesmilies'])) $disablesmilies = intval($_POST['disablesmilies']);
else $disablesmilies = 0;
if (isset($_POST['disablehtml'])) $disablehtml = intval($_POST['disablehtml']);
else $disablehtml = 0;
if (isset($_POST['disablebbcode'])) $disablebbcode = intval($_POST['disablebbcode']);
else $disablebbcode = 0;
if (isset($_POST['disableimages'])) $disableimages = intval($_POST['disableimages']);
else $disableimages = 0;
/* get message & strip crap */
$message = stripcrap(wbb_trim($_POST['message']));
/* posting feature rights:start */
if (!$wbbuserdata['can_use_sig_smilies'] || $disablesmilies == 1) $allowsmilies = 0;
else $allowsmilies = 1;
if (!$wbbuserdata['can_use_sig_html'] || $disablehtml == 1) $allowhtml = 0;
else $allowhtml = 1;
if (!$wbbuserdata['can_use_sig_bbcode'] || $disablebbcode == 1) $allowbbcode = 0;
else $allowbbcode = 1;
if (!$wbbuserdata['can_use_sig_images'] || $disableimages == 1) $allowimages = 0;
else $allowimages = 1;
/* posting feature rights:end */
if (!isset($_POST['preview']) && !$_POST['change_editor']) {
$error = '';
if (wbb_strlen($message) > $wbbuserdata['max_sig_length']) $error .= $lang->items['LANG_REGISTER_ERROR4'];
if ($wbbuserdata['max_sig_image'] != -1 && wbb_substr_count(wbb_strtolower($message), "[img]") > $wbbuserdata['max_sig_image']) $error .= $lang->items['LANG_REGISTER_ERROR5'];
if ($error) eval("\$usercp_error = \"".$tpl->get("register_error")."\";");
else {
$db->unbuffered_query("UPDATE bb".$n."_users SET signature='".addslashes($message)."', allowsigsmilies='$allowsmilies', allowsightml='$allowhtml', allowsigbbcode='$allowbbcode', allowsigimages='$allowimages' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=signature_edit".$SID_ARG_2ND_UN);
exit();
}
}
else if (!$_POST['change_editor']) {
$parse = &new parse($docensor, 75, $wbbuserdata['showimages'], "", $usecode);
$preview_signature = $parse->doparse($message, $allowsmilies, $allowhtml, $allowbbcode, $allowimages);
}
if ($disablesmilies == 1) $checked[0] = 'checked="checked"';
else $checked[0] = '';
if ($disablehtml == 1) $checked[1] = 'checked="checked"';
else $checked[1] = '';
if ($disablebbcode == 1) $checked[2] = 'checked="checked"';
else $checked[2] = '';
if ($disableimages == 1) $checked[3] = 'checked="checked"';
else $checked[3] = '';
}
else {
$message = $wbbuserdata['signature'];
$disablesmilies = 1 - $wbbuserdata['allowsigsmilies'];
$disablehtml = 1 - $wbbuserdata['allowsightml'];
$disablebbcode = 1 - $wbbuserdata['allowsigbbcode'];
$disableimages = 1 - $wbbuserdata['allowsigimages'];
if ($disablesmilies == 1) $checked[0] = 'checked="checked"';
else $checked[0] = '';
if ($disablehtml == 1) $checked[1] = 'checked="checked"';
else $checked[1] = '';
if ($disablebbcode == 1) $checked[2] = 'checked="checked"';
else $checked[2] = '';
if ($disableimages == 1) $checked[3] = 'checked="checked"';
else $checked[3] = '';
}
if ($wbbuserdata['signature']) {
if (!isset($parse)) $parse = &new parse($docensor, 75, $wbbuserdata['showimages'], "", $usecode);
$old_signature = $parse->doparse($wbbuserdata['signature'], $wbbuserdata['allowsigsmilies'], $wbbuserdata['allowsightml'], $wbbuserdata['allowsigbbcode'], $wbbuserdata['allowsigimages']);
}
if ($wbbuserdata['can_use_sig_bbcode'] == 1 && $wbbuserdata['usewysiwyg'] != 1) $bbcode_buttons = getcodebuttons();
if ($wbbuserdata['can_use_sig_smilies'] == 1) {
if ($wbbuserdata['usewysiwyg'] == 1) $smilies = getAppletSmilies();
$bbcode_smilies = getclickysmilies($smilie_table_cols, $smilie_table_rows);
}
$note = '';
if ($wbbuserdata['can_use_sig_html'] == 0) $note .= $lang->items['LANG_POSTINGS_HTML_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_HTML_ALLOW'];
if ($wbbuserdata['can_use_sig_bbcode'] == 0) $note .= $lang->items['LANG_POSTINGS_BBCODE_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_BBCODE_ALLOW'];
if ($wbbuserdata['can_use_sig_smilies'] == 0) $note .= $lang->items['LANG_POSTINGS_SMILIES_NOT_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_SMILIES_ALLOW'];
if ($wbbuserdata['can_use_sig_images'] == 0) $note .= $lang->items['LANG_POSTINGS_HTML_IMAGES_ALLOW'];
else $note .= $lang->items['LANG_POSTINGS_IMAGES_ALLOW'];
if (isset($message)) $message = htmlconverter($message);
$lang->items['LANG_POSTINGS_JS_MESSAGE_TOLONG'] = $lang->items['LANG_USERCP_SIGNATURE_TOLONG'];
$lang->items['LANG_POSTINGS_JS_MESSAGE_MAXLENGTH'] = $lang->items['LANG_USERCP_SIGNATURE_MAXLENGTH'];
$lang->items['LANG_POSTINGS_JS_MESSAGE_CHECKLENGTH'] = $lang->items['LANG_USERCP_SIGNATURE_CHECKLENGTH_TEXT'];
eval("\$headinclude .= \"".$tpl->get("bbcode_script")."\";");
eval("\$editor = \"".$tpl->get("editor")."\";");
eval("\$editor_switch = \"".$tpl->get("editor_switch")."\";");
eval("\$tpl->output(\"".$tpl->get("usercp_signature_edit")."\");");
}
/** change options **/
if ($action == 'options_change') {
$lang->load('REGISTER,POSTINGS');
if (isset($_POST['send'])) {
if (isset($_POST['r_invisible'])) $r_invisible = wbb_trim($_POST['r_invisible']);
if (isset($_POST['r_usecookies'])) $r_usecookies = wbb_trim($_POST['r_usecookies']);
if (isset($_POST['r_admincanemail'])) $r_admincanemail = wbb_trim($_POST['r_admincanemail']);
if (isset($_POST['r_showemail'])) $r_showemail = wbb_trim($_POST['r_showemail']);
if (isset($_POST['r_usercanemail'])) $r_usercanemail = wbb_trim($_POST['r_usercanemail']);
if (isset($_POST['r_emailnotify'])) $r_emailnotify = wbb_trim($_POST['r_emailnotify']);
if (isset($_POST['r_notificationperpm'])) $r_notificationperpm = wbb_trim($_POST['r_notificationperpm']);
if (isset($_POST['r_receivepm'])) $r_receivepm = wbb_trim($_POST['r_receivepm']);
if (isset($_POST['r_emailonpm'])) $r_emailonpm = wbb_trim($_POST['r_emailonpm']);
if (isset($_POST['r_pmpopup'])) $r_pmpopup = wbb_trim($_POST['r_pmpopup']);
if (isset($_POST['r_showsignatures'])) $r_showsignatures = wbb_trim($_POST['r_showsignatures']);
if (isset($_POST['r_showavatars'])) $r_showavatars = wbb_trim($_POST['r_showavatars']);
if (isset($_POST['r_showimages'])) $r_showimages = wbb_trim($_POST['r_showimages']);
if (isset($_POST['r_daysprune'])) $r_daysprune = wbb_trim($_POST['r_daysprune']);
if (isset($_POST['r_umaxposts'])) $r_umaxposts = wbb_trim($_POST['r_umaxposts']);
if (isset($_POST['r_threadview'])) $r_threadview = wbb_trim($_POST['r_threadview']);
if (isset($_POST['r_dateformat'])) $r_dateformat = wbb_trim($_POST['r_dateformat']);
if (isset($_POST['r_timeformat'])) $r_timeformat = wbb_trim($_POST['r_timeformat']);
if (isset($_POST['r_startweek'])) $r_startweek = wbb_trim($_POST['r_startweek']);
if (isset($_POST['r_timezoneoffset'])) $r_timezoneoffset = wbb_trim($_POST['r_timezoneoffset']);
if (isset($_POST['r_styleid'])) $r_styleid = wbb_trim($_POST['r_styleid']);
if (isset($_POST['r_langid'])) $r_langid = wbb_trim($_POST['r_langid']);
if (isset($_POST['r_emailonapplication'])) $r_emailonapplication = wbb_trim($_POST['r_emailonapplication']);
if (isset($_POST['r_usewysiwyg'])) $r_usewysiwyg = wbb_trim($_POST['r_usewysiwyg']);
if (!$r_dateformat) $r_dateformat = $dateformat;
if (!$r_timeformat) $r_timeformat = $timeformat;
$db->unbuffered_query("UPDATE bb".$n."_users SET showemail='".intval($r_showemail)."', admincanemail='".intval($r_admincanemail)."', usercanemail='".intval($r_usercanemail)."', invisible='".intval($r_invisible)."', usecookies='".intval($r_usecookies)."', styleid='".intval($r_styleid)."', daysprune='".intval($r_daysprune)."', timezoneoffset='".addslashes(htmlspecialchars($r_timezoneoffset))."', startweek='".intval($r_startweek)."', dateformat='".addslashes($r_dateformat)."', timeformat='".addslashes($r_timeformat)."', emailnotify='".intval($r_emailnotify)."', notificationperpm='".intval($r_notificationperpm)."', receivepm='".intval($r_receivepm)."', emailonpm='".intval($r_emailonpm)."', pmpopup='".intval($r_pmpopup)."', umaxposts='".intval($r_umaxposts)."', showsignatures='".intval($r_showsignatures)."', showavatars='".intval($r_showavatars)."', showimages='".intval($r_showimages)."', threadview='".intval($r_threadview)."', langid='".intval($r_langid)."'".(($wbbuserdata['isgroupleader'] == 1) ? (", emailonapplication='".intval($r_emailonapplication)."'") : ("")).", usewysiwyg='".intval($r_usewysiwyg)."' WHERE userid = '$wbbuserdata[userid]'", 1);
if ($r_styleid != $session['styleid'] || $r_langid != $session['langid']) $db->unbuffered_query("UPDATE bb".$n."_sessions SET styleid='".intval($r_styleid)."', langid='".intval($r_langid)."' WHERE sessionhash='$sid'", 1);
/* Begin User-Map by Viktor */
$user_id = $wbbuserdata['userid'];
if(isSet($_POST['longitude'])) $longitude = (float)($_POST['longitude']);
if(isSet($_POST['latitude'])) $latitude = (float)($_POST['latitude']);
if(isSet($_POST['zipcode'])) $zipcode = $_POST['zipcode'];
if(isSet($_POST['place'])) $place = $_POST['place'];
if ($longitude != '') {
if ($latitude != '') {
if ($zipcode != '') {
if ($place != '') {
$result = $db->query("SELECT user_id FROM bb".$n."_map_mod_user WHERE user_id = '$wbbuserdata[userid]'");
$row = $db->fetch_array($result);
if(!$row['user_id']) {
$db->query("INSERT INTO bb".$n."_map_mod_user (user_id,longitude,latitude,zipcode,place) VALUES ('".$wbbuserdata[userid]."', '".(float)$longitude."', '".(float)$latitude."', '".$zipcode."', '".addslashes($place)."')");
} else {
$db->unbuffered_query("UPDATE bb".$n."_map_mod_user SET longitude='".(float)$longitude."', latitude='".(float)$latitude."', zipcode='".$zipcode."', place='".addslashes($place)."' WHERE user_id ='$wbbuserdata[userid]'",1);
}
}
}
}
}
/* End User-Map by Viktor */
header("Location: usercp.php?action=options_change".$SID_ARG_2ND_UN);
exit();
}
else {
$r_invisible = $wbbuserdata['invisible'];
$r_usecookies = $wbbuserdata['usecookies'];
$r_admincanemail = $wbbuserdata['admincanemail'];
$r_showemail = $wbbuserdata['showemail'];
$r_usercanemail = $wbbuserdata['usercanemail'];
$r_emailnotify = $wbbuserdata['emailnotify'];
$r_notificationperpm = $wbbuserdata['notificationperpm'];
$r_receivepm = $wbbuserdata['receivepm'];
$r_emailonpm = $wbbuserdata['emailonpm'];
$r_pmpopup = $wbbuserdata['pmpopup'];
$r_showsignatures = $wbbuserdata['showsignatures'];
$r_showavatars = $wbbuserdata['showavatars'];
$r_showimages = $wbbuserdata['showimages'];
$r_daysprune = $wbbuserdata['daysprune'];
$r_umaxposts = $wbbuserdata['umaxposts'];
$r_dateformat = $wbbuserdata['dateformat'];
$r_timeformat = $wbbuserdata['timeformat'];
$r_startweek = $wbbuserdata['startweek'];
$r_timezoneoffset = $wbbuserdata['timezoneoffset'];
$r_styleid = $wbbuserdata['styleid'];
$r_langid = $wbbuserdata['langid'];
$r_threadview = $wbbuserdata['threadview'];
$r_emailonapplication = $wbbuserdata['emailonapplication'];
$r_usewysiwyg = $wbbuserdata['usewysiwyg'];
}
$startweek_options = '';
for ($i = 0; $i < 7; $i++) $startweek_options .= makeoption($i, getday($i), $r_startweek);
if (isset($r_invisible)) $invisible[$r_invisible] = " selected=\"selected\"";
if (isset($r_usecookies)) $usecookies[$r_usecookies] = " selected=\"selected\"";
if (isset($r_admincanemail)) $admincanemail[$r_admincanemail] = " selected=\"selected\"";
if (isset($r_showemail)) $showemail[$r_showemail] = " selected=\"selected\"";
if (isset($r_usercanemail)) $usercanemail[$r_usercanemail] = " selected=\"selected\"";
if (isset($r_emailnotify)) $emailnotify[$r_emailnotify] = " selected=\"selected\"";
if (isset($r_notificationperpm)) $notificationperpm[$r_notificationperpm] = " selected=\"selected\"";
if (isset($r_receivepm)) $receivepm[$r_receivepm] = " selected=\"selected\"";
if (isset($r_emailonpm)) $emailonpm[$r_emailonpm] = " selected=\"selected\"";
if (isset($r_pmpopup)) $spmpopup[$r_pmpopup] = " selected=\"selected\"";
if (isset($r_showsignatures)) $showsignatures[$r_showsignatures] = " selected=\"selected\"";
if (isset($r_showavatars)) $showavatars[$r_showavatars] = " selected=\"selected\"";
if (isset($r_showimages)) $showimages[$r_showimages] = " selected=\"selected\"";
if (isset($r_daysprune)) $sdaysprune[$r_daysprune] = " selected=\"selected\"";
if (isset($r_umaxposts)) $sumaxposts[$r_umaxposts] = " selected=\"selected\"";
if (isset($r_threadview)) $sthreadview[$r_threadview] = " selected=\"selected\"";
if (isset($r_emailonapplication)) $emailonapplication[$r_emailonapplication] = " selected=\"selected\"";
if (isset($r_usewysiwyg)) $usewysiwyg[$r_usewysiwyg] = " selected=\"selected\"";
$timezone_options = '';
$timezones = explode("\n", $lang->items['LANG_REGISTER_TIMEZONES']);
for ($i = 0; $i < count($timezones); $i++) {
$parts = explode("|", wbb_trim($timezones[$i]));
$timezone_options .= makeoption($parts[0], "(GMT".(($parts[1]) ? (" ".$parts[1]) : ("")).") $parts[2]", $r_timezoneoffset);
}
/* styles */
$style_options = '';
$result = $db->unbuffered_query("SELECT styleid, stylename FROM bb".$n."_styles ORDER BY stylename ASC");
while ($row = $db->fetch_array($result)) $style_options .= makeoption($row['styleid'], getlangvar($row['stylename'], $lang), $r_styleid);
/* language packs */
$lang_options = '';
$result = $db->unbuffered_query("SELECT languagepackid, languagepackname FROM bb".$n."_languagepacks ORDER BY languagepackname ASC");
while ($row = $db->fetch_array($result)) $lang_options .= makeoption($row['languagepackid'], getlangvar($row['languagepackname'], $lang), $r_langid);
$r_dateformat = htmlconverter($r_dateformat);
$r_timeformat = htmlconverter($r_timeformat);
/* Begin User-Map by Viktor */
$result = $db->query("SELECT * FROM bb".$n."_map_mod_user WHERE user_id='$wbbuserdata[userid]'");
$row = $db->fetch_array($result);
if ($row['longitude']) {
$longitude = $row['longitude'];
$latitude = $row['latitude'];
$zipcode = $row['zipcode'];
$place = $row['place'];
} else {
$longitude = 0;
$latitude = 0;
$zipcode = '';
$place = '';
}
/* End User-Map by Viktor */
eval("\$tpl->output(\"".$tpl->get("usercp_options_change")."\");");
}
/** change password **/
if ($action == 'password_change') {
$lang->load('REGISTER,POSTINGS');
if (isset($_POST['send'])) {
$new_password = $_POST['new_password'];
$confirm_new_password = $_POST['confirm_new_password'];
$authentification = false;
if ($allowloginencryption == 1 && $_POST['crypted'] == "true" && $wbbuserdata['sha1_password']) {
if (sha1(sha1($session['authentificationcode']).$wbbuserdata['sha1_password'])
== $_POST['authentificationcode']) $authentification = true;
else $authentification = false;
}
else {
if (md5($_POST['l_password']) == $wbbuserdata['password']) {
$authentification = true;
if (!$wbbuserdata['sha1_password']) {
$db->unbuffered_query("UPDATE bb".$n."_users SET sha1_password='".sha1($_POST['l_password'])."' WHERE userid='$wbbuserdata[userid]'");
}
}
else $authentification = false;
}
if (($_POST['crypted'] == "false" && !$_POST['l_password']) || !$new_password || !$confirm_new_password) error($lang->get("LANG_GLOBAL_ERROR1"));
elseif ($new_password != $confirm_new_password) error($lang->get("LANG_USERCP_PASSWORD_CHANGE_ERROR1"));
elseif ($authentification == false) error($lang->get("LANG_USERCP_PASSWORD_CHANGE_ERROR2"));
else {
$db->query("UPDATE bb".$n."_users SET password='".md5($new_password)."', sha1_password='".sha1($new_password)."' WHERE userid='$wbbuserdata[userid]'");
if ($wbbuserdata['usecookies'] == 1) bbcookie("userpassword", md5($new_password), time() + 3600 * 24 * 365);
redirect($lang->get("LANG_USERCP_PW_REDIRECT"), "usercp.php".$SID_ARG_1ST);
exit;
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_password_change")."\");");
}
/** change email **/
if ($action == 'email_change') {
$lang->load('REGISTER,POSTINGS');
if (isset($_POST['send'])) {
$new_email = wbb_trim($_POST['new_email']);
$confirm_new_email = wbb_trim($_POST['confirm_new_email']);
if ($new_email == $wbbuserdata['email']) {
header("Location: usercp.php".$SID_ARG_1ST);
exit();
}
$authentification = false;
if ($allowloginencryption == 1 && $_POST['crypted'] == "true" && $wbbuserdata['sha1_password']) {
if (sha1(sha1($session['authentificationcode']).$wbbuserdata['sha1_password'])
== $_POST['authentificationcode']) $authentification = true;
else $authentification = false;
}
else {
if (md5($_POST['l_password']) == $wbbuserdata['password']) {
$authentification = true;
if (!$wbbuserdata['sha1_password']) {
$db->unbuffered_query("UPDATE bb".$n."_users SET sha1_password='".sha1($_POST['l_password'])."' WHERE userid='$wbbuserdata[userid]'");
}
}
else $authentification = false;
}
if (($_POST['crypted'] == "false" && !$_POST['l_password']) || !$new_email || !$confirm_new_email) error($lang->get("LANG_GLOBAL_ERROR1"));
elseif ($authentification == false) error($lang->get("LANG_USERCP_PASSWORD_CHANGE_ERROR2"));
elseif ($new_email != $confirm_new_email) error($lang->get("LANG_USERCP_EC_ERROR1"));
elseif (!verify_email($new_email)) error($lang->get("LANG_USERCP_EC_ERROR2"));
else {
$db->query("UPDATE bb".$n."_users SET email='".addslashes($new_email)."' WHERE userid = '$wbbuserdata[userid]'");
if ($emailverifymode == 0) {
redirect($lang->get("LANG_USERCP_EC_REDIRECT0"), "usercp.php".$SID_ARG_1ST);
}
if ($emailverifymode == 3) {
$lang->load('MAIL');
$r_password = password_generate();
$db->query("UPDATE bb".$n."_users SET password='".md5($r_password)."', sha1_password='".sha1($r_password)."' WHERE userid = '$wbbuserdata[userid]'");
$db->query("UPDATE bb".$n."_sessions SET userid=0 WHERE sessionhash='$sid'");
$master_board_name_email = getlangvar($o_master_board_name, $lang, 0);
$subject = $lang->get("LANG_MAIL_EC3_SUBJECT", array('$master_board_name_email' => $master_board_name_email));
$content = $lang->get("LANG_MAIL_EC3_TEXT", array('$master_board_name_email' => $master_board_name_email, '$username' => $wbbuserdata['username'], '$r_password' => $r_password));
mailer($new_email, $subject, $content);
redirect($lang->get("LANG_USERCP_EC_REDIRECT3", array('$new_email' => $new_email)), "index.php".$SID_ARG_1ST, 20);
}
if ($emailverifymode == 1 || $emailverifymode == 2) {
$activation = code_generate();
list($groupid) = $db->query_first("SELECT groupid FROM bb".$n."_groups WHERE grouptype = 2");
if (!in_array($groupid, $wbbuserdata['groupids'])) {
$wbbuserdata['groupids'][] = $groupid;
sort($wbbuserdata['groupids']);
$db->unbuffered_query("UPDATE bb".$n."_users SET activation='$activation', groupcombinationid='".cachegroupcombinationdata(implode(",", $wbbuserdata['groupids']), 0)."' WHERE userid='".$wbbuserdata['userid']."'", 1);
}
else $db->query("UPDATE bb".$n."_users SET activation='$activation' WHERE userid = '$wbbuserdata[userid]'");
$db->query("INSERT IGNORE INTO bb".$n."_user2groups (userid,groupid) VALUES ('$wbbuserdata[userid]','$groupid')");
if ($emailverifymode == 1) {
$lang->load('MAIL');
$master_board_name_email = getlangvar($o_master_board_name, $lang, 0);
$subject = $lang->get("LANG_MAIL_EC1_SUBJECT", array('$master_board_name_email' => $master_board_name_email));
$content = $lang->get("LANG_MAIL_EC1_TEXT", array('$master_board_name_email' => $master_board_name_email, '$username' => $wbbuserdata['username'], '$url2board' => $url2board, '$userid' => $wbbuserdata['userid'], '$activation' => $activation, '$webmastermail' => $webmastermail));
mailer($new_email, $subject, $content);
redirect($lang->get("LANG_USERCP_EC_REDIRECT1", array('$new_email' => $new_email)), "usercp.php".$SID_ARG_1ST, 20);
}
else redirect($lang->get("LANG_USERCP_EC_REDIRECT2", array('$new_email' => $new_email)), "usercp.php".$SID_ARG_1ST, 20);
}
exit;
}
}
$wbbuserdata['email'] = htmlconverter($wbbuserdata['email']);
eval("\$tpl->output(\"".$tpl->get("usercp_email_change")."\");");
}
/** buddy list **/
if ($action == 'buddy_list') {
$lang->load('MEMBERS');
if (isset($_POST['send'])) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE username='".addslashes(wbb_trim($_POST['addtolist']))."'");
if (!$userid) error($lang->items['LANG_USERCP_ERROR1']);
elseif ($userid == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
$buddylist = add2list($wbbuserdata['buddylist'], $userid);
if ($buddylist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=buddy_list".$SID_ARG_2ND_UN);
exit();
}
}
$listbit = '';
$pmLink = '';
$buddyCount=0;
if ($wbbuserdata['buddylist'] != '') {
$result = $db->unbuffered_query("SELECT u.userid, u.username, IF(s.lastactivity>=".(time() - $useronlinetimeout * 60).(($wbbuserdata['a_can_view_ghosts'] == 1) ? ("") : (" AND u.invisible=0")).",1,0) AS online FROM bb".$n."_users u
LEFT JOIN bb".$n."_sessions s USING (userid)
WHERE u.userid IN ('".str_replace(" ", "','", $wbbuserdata[buddylist])."') ORDER BY online DESC, u.username ASC");
while ($row = $db->fetch_array($result)) {
$row['username'] = htmlconverter($row['username']);
$username = $row['username'];
if ($row['online']) $LANG_MEMBERS_USERONLINE = $lang->get("LANG_MEMBERS_USERONLINE", array('$username' => $username));
else $LANG_MEMBERS_USERONLINE = $lang->get("LANG_MEMBERS_USEROFFLINE", array('$username' => $username));
$pmLink .= "&userid[]=$row[userid]";
$buddyCount++;
eval("\$listbit .= \"".$tpl->get("usercp_buddy_listbit")."\";");
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_buddy_list")."\");");
}
/** ignore list **/
if ($action == 'ignore_list') {
if (isset($_POST['send'])) {
$result = getwbbuserdata(addslashes(wbb_trim($_POST['addtolist'])), "username");
if (!$result['userid']) error($lang->items['LANG_USERCP_ERROR1']);
elseif ($result['userid'] == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
if ($result['a_can_be_ignored'] !=1) {
$ignorelist = add2list($wbbuserdata['ignorelist'], $result['userid']);
if ($ignorelist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET ignorelist='$ignorelist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=ignore_list".$SID_ARG_2ND_UN);
exit();
}else {
error($lang->items['LANG_USERCP_ERROR3']);
}
}
}
$listbit = '';
if ($wbbuserdata['ignorelist'] != '') {
$result = $db->unbuffered_query("SELECT userid, username FROM bb".$n."_users WHERE userid IN ('".str_replace(" ", "','", $wbbuserdata['ignorelist'])."') ORDER BY username ASC");
while ($row = $db->fetch_array($result)) {
$row['username'] = htmlconverter($row['username']);
eval("\$listbit .= \"".$tpl->get("usercp_ignore_listbit")."\";");
}
}
eval("\$tpl->output(\"".$tpl->get("usercp_ignore_list")."\");");
}
/** add / remove user to / from buddy list **/
if ($action == 'buddy') {
if ($_GET['remove']) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['remove'])."'");
if (!$userid) error($lang->items['LANG_GLOBAL_ERROR2']);
else {
$buddylist = removeFromlist($wbbuserdata['buddylist'], $userid);
if ($buddylist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=buddy_list".$SID_ARG_2ND_UN);
exit();
}
}
if ($_GET['add']) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['add'])."'");
if (!$userid) error($lang->items['LANG_GLOBAL_ERROR2']);
elseif ($userid == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
$buddylist = add2list($wbbuserdata['buddylist'], $userid);
if ($buddylist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET buddylist='$buddylist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=buddy_list".$SID_ARG_2ND_UN);
exit();
}
}
}
/** add / remove user to / from ignore list **/
if ($action == 'ignore') {
if ($_GET['remove']) {
list($userid) = $db->query_first("SELECT userid FROM bb".$n."_users WHERE userid='".intval($_GET['remove'])."'");
if (!$userid) error($lang->items['LANG_GLOBAL_ERROR2']);
else {
$ignorelist = removeFromlist($wbbuserdata['ignorelist'], $userid);
if ($ignorelist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET ignorelist='$ignorelist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=ignore_list".$SID_ARG_2ND_UN);
exit();
}
}
if ($_GET['add']) {
$result = getwbbuserdata(intval($_GET['add'], "userid"));
if (!$result['userid']) error($lang->items['LANG_GLOBAL_ERROR2']);
elseif ($result['userid'] == $wbbuserdata['userid']) error($lang->items['LANG_USERCP_ERROR2']);
else {
if ($result['a_can_be_ignored'] !=1) {
$ignorelist = add2list($wbbuserdata['ignorelist'], $result['userid']);
if ($ignorelist != -1) $db->unbuffered_query("UPDATE bb".$n."_users SET ignorelist='$ignorelist' WHERE userid='$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=ignore_list".$SID_ARG_2ND_UN);
exit();
}else {
error($lang->items['LANG_USERCP_ERROR3']);
}
}
}
}
/** avatars **/
if ($action == 'avatars') {
$lang->load('POSTINGS,REGISTER');
if (isset($_POST['send'])) {
if ($_POST['avatarid'] != 'useown') {
if ($_POST['avatarid'] != 0) {
if ($wbbuserdata['can_use_avatar'] == 0) access_error();
$result = $db->query_first("SELECT avatarid FROM bb".$n."_avatars WHERE groupid IN(0,".implode(",", $wbbuserdata['groupids']).") AND needposts <= '$wbbuserdata[userposts]' AND userid = 0 AND avatarid='".intval($_POST['avatarid'])."'");
if (!$result['avatarid']) access_error();
}
$oldavatar = $db->query_first("SELECT avatarid, avatarextension FROM bb".$n."_avatars WHERE userid = '$wbbuserdata[userid]'");
if ($oldavatar['avatarid']) {
@unlink("./images/avatars/avatar-".$oldavatar['avatarid'].".".$oldavata
r['avatarextension']);
$db->unbuffered_query("DELETE FROM bb".$n."_avatars WHERE avatarid = '$oldavatar[avatarid]'", 1);
}
$db->unbuffered_query("UPDATE bb".$n."_users SET avatarid = '".intval($_POST['avatarid'])."' WHERE userid = '$wbbuserdata[userid]'", 1);
header("Location: usercp.php?action=avatars&page=".intval($_POST['page']).$SID_ARG_2ND_UN);
exit();
}
else {
$uploaderror = 0;
if ($_FILES['avatar_file']['tmp_name'] && $_FILES['avatar_file']['tmp_name'] != "none") {
if ($wbbuserdata['can_use_avatar'] == 0 || $wbbuserdata['can_upload_avatar'] == 0) access_error();
$badavatar = 0;
$avatar_file_extension = wbb_strtolower(wbb_substr(strrchr($_FILES['avatar_file']['name'], "."), 1));
$avatar_file_name2 = wbb_substr($_FILES['avatar_file']['name'], 0, (intval(wbb_strlen($avatar_file_extension)) + 1) * -1);
$allowed_avatar_extensions = explode("\n", $wbbuserdata['allowed_avatar_extensions']);
if (in_array($avatar_file_extension, $allowed_avatar_extensions) && $_FILES['avatar_file']['size'] <= $wbbuserdata['max_avatar_size']) { /* && */
$db->query("INSERT INTO bb".$n."_avatars (avatarname,avatarextension,userid) VALUES ('".addslashes(htmlspecialchars($avatar_file_name2))."','".addslashes(htmls
pecialchars($avatar_file_extension))."','$wbbuserdata[userid]')");
$avatarid = $db->insert_id("bb".$n."_avatars", "avatarid");
if (move_uploaded_file($_FILES['avatar_file']['tmp_name'], "./images/avatars/avatar-".$avatarid.".".$avatar_file_extension)) {
@chmod ("./images/avatars/avatar-".$avatarid.".".$avatar_file_extension, 0777);
$imgsize = @getimagesize("./images/avatars/avatar-".$avatarid.".".$avatar_file_extensi
on);
$width = $imgsize[0];
$height = $imgsize[1];
if ($avatar_file_extension == "swf") {
if ($width > $wbbuserdata['max_avatar_width']) $width = $wbbuserdata['max_avatar_width'];
if ($height > $wbbuserdata['max_avatar_height']) $height = $wbbuserdata['max_avatar_height'];
}
if ($width > $wbbuserdata['max_avatar_width'] || $height > $wbbuserdata['max_avatar_height'] || !$width || !$height) $badavatar = 2;
if ($badavatar == 0) {
$oldavatar = $db->query_first("SELECT avatarid, avatarextension FROM bb".$n."_avatars WHERE userid = '$wbbuserdata[userid]' AND avatarid='$wbbuserdata[avatarid]'");
if ($oldavatar['avatarid']) {
@unlink("./images/avatars/avatar-".$oldavatar['avatarid'].".".$olda
vatar['avatarextension']);
$db->unbuffered_query("DELETE FROM bb".$n."_avatars WHERE avatarid = '$oldavatar[avatarid]'", 1);
}
$db->unbuffered_query("UPDATE bb".$n."_users SET avatarid='$avatarid' WHERE userid='$wbbuserdata[userid]'", 1);
$db->unbuffered_query("UPDATE bb".$n."_avatars SET width='$width', height='$height' WHERE avatarid='$avatarid'", 1);
header("Location: usercp.php?action=avatars&page=$page".$SID_ARG_2ND_UN);
exit();
}
}
else $badavatar = 1;
if ($badavatar != 0) {
if ($badavatar == 2) @unlink("./images/avatars/avatar-".$avatarid.".".$avatar_file_extension);
$db->query("DELETE FROM bb".$n."_avatars WHERE avatarid='$avatarid'");
$uploaderror = 1;
}
}
else $uploaderror = 1;
if ($uploaderror == 1) error($lang->items['LANG_USERCP_AVATAR_ERROR1']);
}
elseif (!$havatarid) error($lang->items['LANG_USERCP_AVATAR_ERROR1']);
}
}
if ($wbbuserdata['avatarid'] == 0 || ($wbbuserdata['can_use_avatar'] == 0 && $wbbuserdata['can_upload_avatar'] == 0)) $noavatar_checked = " checked=\"checked\"";
if ($wbbuserdata['can_use_avatar'] == 1) {
list($avatarcount) = $db->query_first("SELECT COUNT(*) FROM bb".$n."_avatars WHERE groupid IN(0,".implode(",", $wbbuserdata['groupids']).") AND needposts <= '$wbbuserdata[userposts]' AND userid = 0 ORDER BY needposts DESC");
if ($avatarcount) {
if (isset($_GET['page'])) {
$page = intval($_GET['page']);
if ($page == 0) $page = 1;
}
else $page = 1;
$pages = ceil($avatarcount / $avatarsperpage);
$result = $db->unbuffered_query("SELECT avatarid, avatarextension, width, height FROM bb".$n."_avatars WHERE groupid IN(0,".implode(",", $wbbuserdata['groupids']).") AND needposts <= '$wbbuserdata[userposts]' AND userid = 0 ORDER BY needposts DESC", 0, $avatarsperpage, $avatarsperpage * ($page - 1));
while ($row = $db->fetch_array($result)) {
$avatarname = "images/avatars/avatar-$row[avatarid].".htmlconverter($row['avatarextension
']);
$avatarwidth = $row['width'];
$avatarheight = $row['height'];
if ($row['avatarextension'] == "swf") eval("\$avatarchoice = \"".$tpl->get("avatar_flash")."\";");
else eval("\$avatarchoice = \"".$tpl->get("avatar_image")."\";");
if ($row['avatarid'] == $wbbuserdata['avatarid']) $checked = " checked=\"checked\"";
else $checked = '';
eval("\$avatarArray[] = \"".$tpl->get("usercp_avatarbit")."\";");
}
$tableRows = ceil(count($avatarArray) / 5);
$count = 0;
for ($i = 0; $i < $tableRows; $i++) {
$avatarbit_td = '';
for ($j = 0; $j < 5; $j++) {
if ($i == 0 && !$avatarArray[$count]) break;
eval("\$avatarbit_td .= \"".$tpl->get("usercp_avatarbit_td")."\";");
$count++;
}
eval("\$avatarbit_tr .= \"".$tpl->get("usercp_avatarbit_tr")."\";");
}
$countfrom = 1 + $avatarsperpage * ($page - 1);
$countto = $avatarsperpage * $page;
if ($countto > $avatarcount) $countto = $avatarcount;
if ($pages > 1) $pagelink = makepagelink("usercp.php?action=avatars".$SID_ARG_2ND, $page, $pages, $showpagelinks - 1);
$lang->items['LANG_USERCP_AVATAR_COUNT'] = $lang->get("LANG_USERCP_AVATAR_COUNT", array('$countfrom' => $countfrom, '$countto' => $countto, '$avatarcount' => $avatarcount));
}
}
if ($wbbuserdata['can_upload_avatar'] == 1) {
$ownavatar = $db->query_first("SELECT avatarid, avatarextension, width, height FROM bb".$n."_avatars WHERE userid = '$wbbuserdata[userid]'");
if ($ownavatar['avatarid']) {
$avatarname = "images/avatars/avatar-$ownavatar[avatarid].".htmlconverter($ownavatar['ava
tarextension']);
$avatarwidth = $ownavatar['width'];
$avatarheight = $ownavatar['height'];
$havatar = "<input type=\"hidden\" name=\"havatarid\" value=\"$ownavatar[avatarid]\" />";
if ($ownavatar['avatarextension'] == "swf") eval("\$ownavatar = \"".$tpl->get("avatar_flash")."\";");
else eval("\$ownavatar = \"".$tpl->get("avatar_image")."\";");
$ownavatar_checked = " checked=\"checked\"";
}
$lang->items['LANG_USERCP_USE_OWNAVATAR_NOTE'] = $lang->get("LANG_USERCP_USE_OWNAVATAR_NOTE", array('$allowed_avatar_extensions' => getAllowedExtensions($wbbuserdata['allowed_avatar_extensions']), '$max_avatar_width' => $wbbuserdata['max_avatar_width'], '$max_avatar_height' => $wbbuserdata['max_avatar_height'], '$max_avatar_size' => formatFilesize($wbbuserdata['max_avatar_size'])));
}
eval("\$tpl->output(\"".$tpl->get("usercp_avatars")."\");");
}
/** subscriptions **/
if ($action == 'addsubscription') {
if (isset($threadid)) {
$db->unbuffered_query("INSERT IGNORE INTO bb".$n."_subscribethreads (userid,threadid,emailnotify) VALUES ('$wbbuserdata[userid]','$threadid','1')", 1);
header("Location: thread.php?threadid=$threadid".$SID_ARG_2ND_UN);
}
else if (isset($boardid)) {
$db->unbuffered_query("INSERT IGNORE INTO bb".$n."_subscribeboards (userid,boardid,emailnotify) VALUES ('$wbbuserdata[userid]','$boardid','1')", 1);
header("Location: board.php?boardid=$boardid".$SID_ARG_2ND_UN);
}
exit();
}
if ($action == 'removesubscription') {
if (isset($threadid)) $db->unbuffered_query("DELETE FROM bb".$n."_subscribethreads WHERE userid='$wbbuserdata[userid]' AND threadid='$threadid'", 1);
else if (isset($boardid)) $db->unbuffered_query("DELETE FROM bb".$n."_subscribeboards WHERE userid='$wbbuserdata[userid]' AND boardid='$boardid'", 1);
header("Location: usercp.php?action=favorites".$SID_ARG_2ND_UN);
exit();
}
/** favorites **/
if ($action == 'favorites') {
$lang->load('START,BOARD');
include("./acp/lib/class_parse.php");
$favorites = true;
$depth = 2;
// read permissions
$permissioncache = getPermissions();
$badBoardIDs = '';
$badThreadIDs = '';
// visitcache
$result = $db->unbuffered_query("SELECT t.boardid, t.threadid, t.lastposttime".(($wbbuserdata['userid']) ? (", tv.lastvisit") : (""))." FROM bb".$n."_threads t".(($wbbuserdata['userid']) ? (" LEFT JOIN bb".$n."_threadvisit tv ON (tv.threadid=t.threadid AND tv.userid='".$wbbuserdata['userid']."')") : (""))." WHERE t.visible = 1 AND t.lastposttime > '$wbbuserdata[lastvisit]' AND t.closed <> 3");
while ($row = $db->fetch_array($result)) {
if ($row['lastposttime'] > $row['lastvisit']) $visitcache[$row['boardid']][$row['threadid']] = $row['lastposttime'];
}
/** boards **/
$result = $db->unbuffered_query("
SELECT
s.emailnotify, bv.lastvisit, b.*".(($showlastposttitle == 1) ? (", t.topic, i.*") : (""))."
FROM bb".$n."_subscribeboards s
LEFT JOIN bb".$n."_boards b USING(boardid)
".(($showlastposttitle == 1) ? ("LEFT JOIN bb".$n."_threads t ON (t.threadid=b.lastthreadid)
LEFT JOIN bb".$n."_icons i USING (iconid)") : (""))."
LEFT JOIN bb".$n."_boardvisit bv ON (bv.boardid=b.boardid AND bv.userid='".$wbbuserdata['userid']."')
WHERE s.userid='$wbbuserdata[userid]' AND b.isboard=1
ORDER by b.title ASC");
$boardbit = '';
while ($boards = $db->fetch_array($result)) {
if (!isset($permissioncache[$boards['boardid']]['can_enter_board']) || $permissioncache[$boards['boardid']]['can_enter_board'] == -1) $permissioncache[$boards['boardid']]['can_enter_board'] = $wbbuserdata['can_enter_board'];
if (!isset($permissioncache[$boards['boardid']]['can_view_board']) || $permissioncache[$boards['boardid']]['can_view_board'] == -1) $permissioncache[$boards['boardid']]['can_view_board'] = $wbbuserdata['can_enter_board'];
if (!$permissioncache[$boards['boardid']]['can_enter_board']) {
$badBoardIDs .= "," . $boards['boardid'];
continue;
}
if ($wbbuserdata['lastvisit'] > $boards['lastposttime'] || $boards['lastvisit'] > $boards['lastposttime']) $onoff = 'off';
else {
$onoff = 'off';
$tempids = explode(',', "$boards[boardid],$boards[childlist]");
$tempids_count = count($tempids);
for ($j = 0; $j < $tempids_count; $j++) {
if ($tempids[$j] == 0) continue;
if (is_array($visitcache[$tempids[$j]]) && count($visitcache[$tempids[$j]])) {
reset($visitcache[$tempids[$j]]);
while (list($threadid, $lastposttime) = each($visitcache[$tempids[$j]])) {
if ($lastposttime > $boardvisit[$tempids[$j]]) {
$onoff = 'on';
break 2;
} // end if
} // end while
} // end if
} // end for
} // end else
if ($boards['threadcount']) {
$lastpostdate = formatdate($wbbuserdata['dateformat'], $boards['lastposttime'], 1);
$lastposttime = formatdate($wbbuserdata['timeformat'], $boards['lastposttime']);
$boards['lastposter'] = htmlconverter($boards['lastposter']);
if ($showlastposttitle == 1) {
if (wbb_strlen($boards['topic']) > 30) $topic = wbb_substr($boards['topic'], 0, 30)."...";
else $topic = $boards['topic'];
$topic = htmlconverter($topic);
$boards['topic'] = htmlconverter($boards['topic']);
if (isset($boards['iconid'])) $ViewPosticon = makeimgtag($boards['iconpath'], $boards['icontitle']);
else $ViewPosticon = makeimgtag($style['imagefolder']."/icons/icon14.gif");
}
if ($boards['postcount'] >= 1000) $boards['postcount'] = number_format($boards['postcount'], 0, "", $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
if ($boards['threadcount'] >= 1000) $boards['threadcount'] = number_format($boards['threadcount'], 0, "", $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
}
$boards['title'] = getlangvar($boards['title'], $lang);
$boards['description'] = getlangvar($boards['description'], $lang, 0);
eval("\$boardbit .= \"".$tpl->get("index_boardbit")."\";");
}
/** threads **/
if ($wbbuserdata['umaxposts']) $postsperpage = $wbbuserdata['umaxposts'];
else $postsperpage = $default_postsperpage;
$board['hotthread_reply'] = $default_hotthread_reply;
$board['hotthread_view'] = $default_hotthread_view;
if (isset($_GET['daysprune'])) $daysprune = intval($_GET['daysprune']);
elseif ($wbbuserdata['daysprune'] != 0) $daysprune = $wbbuserdata['daysprune'];
else $daysprune = $default_daysprune;
$d_select[$daysprune] = "selected=\"selected\"";
if ($daysprune != 1000) {
if ($daysprune == 1500) $datecute = " AND lastposttime >= '".$wbbuserdata['lastvisit']."'";
else {
$tempdate = time() - ($daysprune * 86400);
$datecute = " AND t.lastposttime >= '".$tempdate."'";
}
}
else $datecute = '';
if ($showown == 1) {
$ownuserid = "DISTINCT p.userid,";
$ownjoin = "LEFT JOIN bb".$n."_posts p ON (t.threadid = p.threadid AND p.userid = '$wbbuserdata[userid]')";
}
else {
$ownuserid = '';
$ownjoin = '';
}
$threadids = '';
$result = $db->unbuffered_query("SELECT t.threadid FROM bb".$n."_subscribethreads s LEFT JOIN bb".$n."_threads t USING(threadid) WHERE s.userid='$wbbuserdata[userid]' AND t.visible = 1 $datecute ORDER BY t.lastposttime DESC");
while ($row = $db->fetch_array($result)) $threadids .= ",".$row['threadid'];
$result = $db->unbuffered_query("SELECT
$ownuserid
t.*,
i.*, bv.lastvisit AS boardlastvisit, tv.lastvisit AS threadlastvisit
FROM bb".$n."_threads t
LEFT JOIN bb".$n."_icons i USING (iconid)
LEFT JOIN bb".$n."_boards b ON (b.boardid=t.boardid)
LEFT JOIN bb".$n."_boardvisit bv ON (bv.boardid=b.boardid AND bv.userid='".$wbbuserdata['userid']."')
LEFT JOIN bb".$n."_threadvisit tv ON (tv.threadid=t.threadid AND tv.userid='".$wbbuserdata['userid']."')
$ownjoin
WHERE t.threadid IN (0$threadids)
ORDER BY t.lastposttime DESC");
$threadbit = '';
while ($threads = $db->fetch_array($result)) {
if (!isset($permissioncache[$threads['boardid']]['can_enter_board']) || $permissioncache[$threads['boardid']]['can_enter_board'] == -1) $permissioncache[$threads['boardid']]['can_enter_board'] = $wbbuserdata['can_enter_board'];
if (!$permissioncache[$threads['boardid']]['can_enter_board']) {
$badThreadIDs .= "," . $threads['threadid'];
continue;
}
$firstnew = 0;
$multipages = '';
$attachments = '';
$prefix = '';
if ($threads['boardlastvisit'] > $threads['threadlastvisit']) $threads['threadlastvisit'] = $threads['boardlastvisit'];
if ($wbbuserdata['lastvisit'] > $threads['threadlastvisit']) $threads['threadlastvisit'] = $wbbuserdata['lastvisit'];
$threads['topic'] = htmlconverter(textwrap($threads['topic']));
$threads['starter'] = htmlconverter(textwrap($threads['starter'], 25));
$threads['lastposter'] = htmlconverter(textwrap($threads['lastposter'], 25));
$threads['prefix'] = htmlconverter($threads['prefix']);
if ($threads['pollid'] != 0) $foldericon = "poll";
else $foldericon = (($threads['userid']) ? ("dot") : ("")).(($threads['lastposttime'] > $threads['threadlastvisit']) ? ("new") : ("")).(($threads['replycount'] >= $board['hotthread_reply'] || $threads['views'] >= $board['hotthread_view']) ? ("hot") : ("")).(($threads['closed'] != 0) ? ("lock") : (""))."folder";
if ($threads['lastposttime'] > $threads['threadlastvisit']) $firstnew = 1;
if ($threads['iconid']) $threadicon = makeimgtag($threads['iconpath'], $threads['icontitle']);
else $threadicon = " ";
$lastpostdate = formatdate($wbbuserdata['dateformat'], $threads['lastposttime'], 1);
$lastposttime = formatdate($wbbuserdata['timeformat'], $threads['lastposttime']);
if ($threads['replycount'] + 1 > $postsperpage && $showmultipages != 0) {
unset($multipage);
unset($multipages_lastpage);
$xpages = ceil(($threads['replycount'] + 1) / $postsperpage);
if ($xpages > $showmultipages) {
eval("\$multipages_lastpage = \"".$tpl->get("board_threadbit_multipages_lastpage")."\";");
$xpages = $showmultipages;
}
for ($i = 1; $i <= $xpages; $i++) $multipage .= " ".makehreftag("thread.php?threadid=".$threads['threadid']."&page=$i" . $SID_ARG_2ND, $i);
eval("\$multipages = \"".$tpl->get("board_threadbit_multipages")."\";");
}
if ($threads['replycount'] >= 1000) $threads['replycount'] = number_format($threads['replycount'], 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
if ($threads['views'] >= 1000) $threads['views'] = number_format($threads['views'], 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
eval("\$threadbit .= \"".$tpl->get("board_threadbit")."\";");
}
// delete bad threads & boards
if ($badThreadIDs != '') $db->query("DELETE FROM bb".$n."_subscribethreads WHERE threadid IN (0".$badThreadIDs.")");
if ($badBoardIDs != '') $db->query("DELETE FROM bb".$n."_subscribeboards WHERE boardid IN (0".$badBoardIDs.")");
if (!$threadbit) $lang->items['LANG_USERCP_FAVORITES_NO_NEWPOSTS'] = $lang->get("LANG_USERCP_FAVORITES_NO_NEWPOSTS", array('$daysprune' => $daysprune));
eval("\$tpl->output(\"".$tpl->get("usercp_favorites")."\");");
}
/** attachments **/
if ($action == 'attachments') {
$pmmaxrecipientlistsize = 10;
list($attachmentCount) = $db->query_first("SELECT COUNT(*) as attachmentCount FROM bb".$n."_attachments WHERE userid='$wbbuserdata[userid]' AND (postid <> 0 OR privatemessageid <> 0)");
list($total_attachment_filesize) = $db->query_first("SELECT (SUM(attachmentsize) + SUM(thumbnailsize)) as total_attachment_filesize FROM bb".$n."_attachments WHERE userid='$wbbuserdata[userid]' AND (postid <> 0 OR privatemessageid <> 0)");
$LANG_USERCP_ATTACHMENTS_STORAGE_USED = $lang->get('LANG_USERCP_ATTACHMENTS_STORAGE_USED', array('$attachmentCount' => number_format($attachmentCount, 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP")), '$total_attachment_filesize' => formatFilesize($total_attachment_filesize)));
if ($wbbuserdata['total_attachment_filesize_limit'] > 0) {
$temp = $total_attachment_filesize / $wbbuserdata['total_attachment_filesize_limit'];
if (($percent = round($temp * 100)) > 100) {
$percent = 100;
$temp = 1;
}
$percent2 = 100 - $percent;
$quota_free = formatFilesize(($wbbuserdata['total_attachment_filesize_limit'] > $total_attachment_filesize) ? ($wbbuserdata['total_attachment_filesize_limit'] - $total_attachment_filesize) : (0));
$LANG_USERCP_ATTACHMENTS_STORAGE_FREE = $lang->get('LANG_USERCP_ATTACHMENTS_STORAGE_FREE', array('$quota_free' => $quota_free));
}
else $LANG_USERCP_ATTACHMENTS_STORAGE_FREE = '';
if ($wbbuserdata['umaxposts']) $perpage = $wbbuserdata['umaxposts'];
else $perpage = $default_postsperpage;
if (isset($_REQUEST['page'])) $page = intval($_REQUEST['page']);
else $page = 1;
$pages = ceil($attachmentCount / $perpage);
if ($page < 1 || $page > $pages) $page = 1;
if ($pages > 1) $pagelink = makepagelink("usercp.php?action=attachments".$SID_ARG_2ND, $page, $pages, $showpagelinks - 1);
else $pagelink = '';
$moderatorInfos = array();
$result = $db->query("SELECT *, userid as moderatorid FROM bb".$n."_moderators WHERE userid='$wbbuserdata[userid]'");
while ($row = $db->fetch_array($result)) $moderatorInfos[$row['boardid']] = $row;
// user access
getPermissions();
$attachmentbit = '';
$result = $db->query("SELECT at.*, p.posttopic, p.posttime, t.boardid, t.threadid, t.topic, t.prefix, t.closed, b.title, ".
"pm.subject, pm.sendtime, pm.recipientlist, pm.recipientcount, pm.inoutbox ".
"FROM bb".$n."_attachments at ".
"LEFT JOIN bb".$n."_posts p USING (postid) ".
"LEFT JOIN bb".$n."_threads t USING (threadid) ".
"LEFT JOIN bb".$n."_boards b USING (boardid) ".
"LEFT JOIN bb".$n."_privatemessage pm ON (pm.privatemessageid=at.privatemessageid) ".
"WHERE at.userid='$wbbuserdata[userid]' AND (at.postid <> 0 OR at.privatemessageid <> 0) ".
"ORDER BY at.uploadtime DESC", $perpage, $perpage * ($page - 1));
while ($row = $db->fetch_array($result)) {
$undeleteable = $invisible = false;
$row['attachmentname'] = htmlconverter(textwrap($row['attachmentname']));
$row['attachmentextension'] = htmlconverter($row['attachmentextension']);
$row['prefix'] = htmlconverter($row['prefix']);
if ($row['postid']) {
$ismod = 0;
if (checkmodpermissions('m_can_post_edit', $moderatorInfos[$row['boardid']]) == 1) $ismod = 1;
if (!checkpermissions("can_enter_board", $wbbuserdata['permissions'][$row['boardid']])) $invisible = true;
if ($ismod == 0 && ($row['closed'] == 1 || !checkpermissions('can_edit_own_post', $wbbuserdata['permissions'][$row['boardid']]))) $undeleteable = true;
if ($ismod == 0 && ($wbbuserdata['edit_posttime_limit'] != -1 && (time() - $row['posttime']) > $wbbuserdata['edit_posttime_limit'] * 60)) $undeleteable = true;
$row['topic'] = htmlconverter($row['topic']);
$row['posttopic'] = $row['posttopic'] != '' ? htmlconverter($row['posttopic']) : $row['topic'];
$row['title'] = getlangvar($row['title'], $lang);
$postdate = formatdate($wbbuserdata['dateformat'], $row['posttime'], 1);
$posttime = formatdate($wbbuserdata['timeformat'], $row['posttime']);
}
else {
$undeleteable = true;
$row['subject'] = htmlconverter($row['subject']);
$row['recipientlist'] = unserialize($row['recipientlist']);
$recipients = '';
foreach ($row['recipientlist'] as $recipient) {
$recipient = htmlconverter($recipient);
if ($recipients != '') $recipients .= ', '.$recipient;
else $recipients = $recipient;
}
if ($row['recpientcount'] > $pmmaxrecipientlistsize) $recipients .= ', ...';
$senddate = formatdate($wbbuserdata['dateformat'], $row['sendtime'], 1);
$sendtime = formatdate($wbbuserdata['timeformat'], $row['sendtime']);
}
if (file_exists($style['imagefolder'].'/filetypes/'.$row['attachmentextension'
].'.gif')) $extensionimage = $row['attachmentextension'];
else $extensionimage = 'unknown';
$uploaddate = formatdate($wbbuserdata['dateformat'], $row['uploadtime'], 1);
$uploadtime = formatdate($wbbuserdata['timeformat'], $row['uploadtime']);
$attachmentsize = formatFilesize($row['attachmentsize']);
if ($row['counter'] >= 1000) $row['counter'] = number_format($row['counter'], 0, '', $lang->get("LANG_GLOBAL_THOUSANDS_SEP"));
$LANG_USERCP_ATTACHMENTS_ATTACHMENTINFO = $lang->get('LANG_USERCP_ATTACHMENTS_ATTACHMENTINFO', array('$attachmentname' => $row['attachmentname'], '$attachmentextension' => $row['attachmentextension'], '$attachmentsize' => $attachmentsize, '$counter' => $row['counter']));
eval("\$attachmentbit .= \"".$tpl->get("usercp_attachmentbit")."\";");
}
eval("\$tpl->output(\"".$tpl->get("usercp_attachments")."\");");
}
/** delete attachments **/
if ($action == 'del_attachments') {
if (isset($_POST['attachmentids']) && is_array($_POST['attachmentids'])) $attachmentids = implode(',', intval_array($_POST['attachmentids']));
else $attachmentids = '';
if ($attachmentids != '') {
$moderatorInfos = array();
$result = $db->query("SELECT *, userid as moderatorid FROM bb".$n."_moderators WHERE userid='$wbbuserdata[userid]'");
while ($row = $db->fetch_array($result)) $moderatorInfos[$row['boardid']] = $row;
$result = $db->query("SELECT at.attachmentid, at.attachmentextension, at.thumbnailextension, ".
"t.threadid, t.boardid, t.closed ".
"FROM bb".$n."_attachments at ".
"LEFT JOIN bb".$n."_posts p USING (postid) ".
"LEFT JOIN bb".$n."_threads t USING (threadid) ".
"WHERE at.attachmentid IN ($attachmentids) AND at.userid='$wbbuserdata[userid]' AND at.privatemessageid='0'");
$attachmentids = '';
while ($row = $db->fetch_array($result)) {
$ismod = 0;
if (checkmodpermissions('m_can_post_edit', $moderatorInfos[$row['boardid']]) == 1) $ismod = 1;
if (!checkpermissions("can_enter_board", $wbbuserdata['permissions'][$row['boardid']])) continue;
if ($ismod == 0 && ($row['closed'] == 1 || !checkpermissions('can_edit_own_post', $wbbuserdata['permissions'][$row['boardid']]))) continue;
if ($ismod == 0 && ($wbbuserdata['edit_posttime_limit'] != -1 && (time() - $row['posttime']) > $wbbuserdata['edit_posttime_limit'] * 60)) continue;
$attachmentids .= ",$row[attachmentid]";
@unlink('./attachments/attachment-'.$row['attachmentid'].'.'.$row['attac
hmentextension']);
@unlink('./attachments/thumbnail-'.$row['attachmentid'].'.'.$row['thumbn
ailextension']);
}
$result = $db->unbuffered_query("DELETE FROM bb".$n."_attachments WHERE attachmentid IN (0$attachmentids) AND userid='$wbbuserdata[userid]' AND privatemessageid=0");
}
header("Location: usercp.php?action=attachments{$SID_ARG_2ND}");
exit;
}
?>
|
|
Gruß
Viktor
__________________
Ein kluger Mann widerspricht keiner Frau. Er wartet, bis sie es selbst tut.
... beim Käfer (WBB2) konnte man noch selber schrauben,
beim neuen Golf (WBB3) muß man fast schon in die Werkstatt wenn man das "Wischwasser" nachfüllen muss!
Da fast keiner mehr hier Postet gibt es ab sofort keinen Support mehr per PN.
|
|
26.07.2006 22:48 |
|
|
|
Habe meine Usercp damit ersetzt. Jedoch habe ich jetzt einen neuen Fehler. Wenn ich auf UserCP drücke. kommt die Fehlermeldung:
|
Zitat: Parse error: parse error, unexpected '*' in /home/www/web12/html/Forum/usercp.php on line 3 |
|
|
|
|
27.07.2006 12:31 |
|
|
janolaf
wBB2-User
Zeige janolaf auf Karte
Dabei seit: 23.05.2004
Beiträge: 1.918
2 Filebase-Einträge
Alter: 59 Jahre
Herkunft: nahe bei Kölle wBB-Version: wBB2.3 PHP-Version: 5.2.6 MySQL-Version: 5.0.26 Wo bist du gehostet?: selbst ist der Mann
Bewertung:
Level: 52 [?]
Erfahrungspunkte: 13.902.863
Nächster Level: 16.259.327
|
|
oh , da hatte sich wohl nen fehler eingeschlichen beim kopieren.
probier die datei im anhang mal aus, die sollte klappen.
gruß janolaf
Dateianhang: |
usercp.rar (12 KB, 2 mal heruntergeladen)
|
__________________ wenn du total verliebt in zwei glänzende augen schaust, vergewissere dich ,
ob es nicht nur die sonne ist, die durch den hohlen schädel scheint.
|
|
27.07.2006 12:53 |
|
|
|
Habe ich gemacht. Leider lautet der Fehler jetzt wie folgt.
|
Zitat: Parse error: parse error, unexpected T_STRING in /home/www/web12/html/Forum/usercp.php on line 871 |
|
|
|
|
27.07.2006 13:02 |
|
|
janolaf
wBB2-User
Zeige janolaf auf Karte
Dabei seit: 23.05.2004
Beiträge: 1.918
2 Filebase-Einträge
Alter: 59 Jahre
Herkunft: nahe bei Kölle wBB-Version: wBB2.3 PHP-Version: 5.2.6 MySQL-Version: 5.0.26 Wo bist du gehostet?: selbst ist der Mann
Bewertung:
Level: 52 [?]
Erfahrungspunkte: 13.902.863
Nächster Level: 16.259.327
|
|
ojee....
da haben sich (warum auch immer) nen paar zeilenumbrüche eingeschlichen.
das ist zwar nicht schön aber passiert schonmal.
ich hoffe, ich hab jetzt alle erwischt.
wenn nicht (anders geht's jetzt grade leider nicht) einfach die fehlermeldung posten, dann korrigiere ich das.
leider kann ich die datei grade selber nicht einbauen.
ich hier grad nix , wo ich das machen könnte.
also , sorry für die unannehmlickeiten ........
aber ich bin hier. wenn noch was ist, einfach posten.
datei anbei im anhang.
Dateianhang: |
usercp.rar (12 KB, 2 mal heruntergeladen)
|
__________________ wenn du total verliebt in zwei glänzende augen schaust, vergewissere dich ,
ob es nicht nur die sonne ist, die durch den hohlen schädel scheint.
|
|
27.07.2006 13:15 |
|
|
|
Ich bin froh das ihr mir helfen könnt. habe leider selbst nicht so sehr viel ahnung davon. Und wo gearbeitet wird passieren auch fehler.
Die neue Fehlermeldung lautet:
|
Zitat: Parse error: parse error, unexpected T_STRING in /home/www/web12/html/Forum/usercp.php on line 895 |
|
|
|
|
27.07.2006 13:19 |
|
|
janolaf
wBB2-User
Zeige janolaf auf Karte
Dabei seit: 23.05.2004
Beiträge: 1.918
2 Filebase-Einträge
Alter: 59 Jahre
Herkunft: nahe bei Kölle wBB-Version: wBB2.3 PHP-Version: 5.2.6 MySQL-Version: 5.0.26 Wo bist du gehostet?: selbst ist der Mann
Bewertung:
Level: 52 [?]
Erfahrungspunkte: 13.902.863
Nächster Level: 16.259.327
|
|
ok,
nächter versuch....
Dateianhang: |
usercp.rar (12 KB, 0 mal heruntergeladen)
|
__________________ wenn du total verliebt in zwei glänzende augen schaust, vergewissere dich ,
ob es nicht nur die sonne ist, die durch den hohlen schädel scheint.
|
|
27.07.2006 13:22 |
|
|
janolaf
wBB2-User
Zeige janolaf auf Karte
Dabei seit: 23.05.2004
Beiträge: 1.918
2 Filebase-Einträge
Alter: 59 Jahre
Herkunft: nahe bei Kölle wBB-Version: wBB2.3 PHP-Version: 5.2.6 MySQL-Version: 5.0.26 Wo bist du gehostet?: selbst ist der Mann
Bewertung:
Level: 52 [?]
Erfahrungspunkte: 13.902.863
Nächster Level: 16.259.327
|
|
hmm...
also ich seh bei dir auf der deutschlandkarte den (standard)eintrag von viktor ,
und auf der schweiz-karte den eintrag von dir.
was geht denn jetzt genau nicht ?
__________________ wenn du total verliebt in zwei glänzende augen schaust, vergewissere dich ,
ob es nicht nur die sonne ist, die durch den hohlen schädel scheint.
|
|
27.07.2006 13:31 |
|
|
|
nur auf der schweizkarte wir die Farbe der Fahne nicht richtig angezeigt.
|
|
27.07.2006 13:34 |
|
|
|
Konnte das problem schon beheben. Die PNG Karte musste ich durch eine andere auswechseln.
Jetzt funktioniert alles.
Danke euch allen für eure Hilfe.
Gruss Daniel
|
|
27.07.2006 13:40 |
|
|
|
|
|
|