// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // // // // You should have received a copy of the Phorum License // // along with this program. // //////////////////////////////////////////////////////////////////////////////// if (!defined("PHORUM")) { return; } // For phorum_check_ban_lists(). include_once "./include/profile_functions.php"; // Create a list of the bans that we want to check. $bans = array(); // Add checks for registered users. if ($PHORUM["DATA"]["LOGGEDIN"]) { $bans[] = array($PHORUM["user"]["username"], PHORUM_BAD_NAMES); $bans[] = array($PHORUM["user"]["email"], PHORUM_BAD_EMAILS); $bans[] = array($PHORUM["user"]["user_id"], PHORUM_BAD_USERID); } else { $bans[] = array($message["author"], PHORUM_BAD_NAMES); $bans[] = array($message["email"], PHORUM_BAD_EMAILS); } // Add check for IP-address bans. $bans[] = array(NULL, PHORUM_BAD_IPS); // Add check for Illegal Content (SPAM) bans. $bans[] = array($message["subject"], PHORUM_BAD_SPAM_WORDS); $bans[] = array($message["body"], PHORUM_BAD_SPAM_WORDS); // Run the checks. $msg = phorum_check_bans($bans); if (!is_null($msg)) { $PHORUM["DATA"]["ERROR"] = $msg; }
foreach ($_POST["recipients"] as $id => $dummy) { $user = phorum_api_user_get($id); if ($user && $user["active"] == 1) { $recipients[$id] = $user; } } } // init error var $error_msg = ""; // ------------------------------------------------------------------------ // Banlist checking // ------------------------------------------------------------------------ // Start editor Post message Post reply if ($page == 'send' || $action == 'post' || $action == 'list' && isset($pm_id)) { include_once "./include/profile_functions.php"; $error = phorum_check_bans(array(array($PHORUM["user"]["username"], PHORUM_BAD_NAMES), array($PHORUM["user"]["email"], PHORUM_BAD_EMAILS), array($user_id, PHORUM_BAD_USERID), array(NULL, PHORUM_BAD_IPS))); // Show an error in case we encountered a ban. if (!empty($error)) { $PHORUM["DATA"]["ERROR"] = $error; phorum_output("message"); return; } } // ------------------------------------------------------------------------ // Perform actions // ------------------------------------------------------------------------ // Initialize error and ok message. $error = ''; $okmsg = ''; // init folder list $pm_folders = phorum_db_pm_getfolders(NULL, true);
if (!isset($_POST["clubid"]) || empty($_POST["clubid"])) { $error = $PHORUM["DATA"]["LANG"]["ErrClubId"]; } if (!is_numeric($_POST["clubid"]) || intval($_POST["clubid"]) <= 0) { $error = $PHORUM["DATA"]["LANG"]["ErrClubIdInvalid"]; } // Check if the username and email address don't already exist. if (phorum_api_user_search("username", $_POST["username"])) { $error = $PHORUM["DATA"]["LANG"]["ErrRegisterdName"]; } if (phorum_api_user_search("email", $_POST["email"])) { $error = $PHORUM["DATA"]["LANG"]["ErrRegisterdEmail"]; } // Check banlists. if (empty($error)) { $error = phorum_check_bans(array(array($_POST["username"], PHORUM_BAD_NAMES), array($_POST["email"], PHORUM_BAD_EMAILS), array(NULL, PHORUM_BAD_IPS))); } // Create user if no errors have been encountered. if (empty($error)) { // Setup the default userdata to store. $userdata = array('username' => NULL, 'password' => NULL, 'email' => NULL, 'clubid' => NULL); // Add custom profile fields as acceptable fields. foreach ($PHORUM["PROFILE_FIELDS"] as $id => $field) { if ($id === 'num_fields' || !empty($field['deleted'])) { continue; } $userdata[$field["name"]] = NULL; } // Update userdata with $_POST information. foreach ($_POST as $key => $val) { if (array_key_exists($key, $userdata)) {