// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // // // // You should have received a copy of the Phorum License // // along with this program. // // // //////////////////////////////////////////////////////////////////////////////// if (!defined("PHORUM")) { return; } require_once PHORUM_PATH . '/include/api/ban.php'; // Create a list of the bans that we want to check. $bans = array(); // Add checks for registered users. if ($PHORUM["DATA"]["LOGGEDIN"]) { $bans[] = array($PHORUM["user"]["username"], PHORUM_BAD_NAMES); $bans[] = array($PHORUM["user"]["email"], PHORUM_BAD_EMAILS); $bans[] = array($PHORUM["user"]["user_id"], PHORUM_BAD_USERID); } else { $bans[] = array($message["author"], PHORUM_BAD_NAMES); $bans[] = array($message["email"], PHORUM_BAD_EMAILS); } // Add check for IP-address bans. $bans[] = array(NULL, PHORUM_BAD_IPS); // Add check for Illegal Content (SPAM) bans. $bans[] = array($message["subject"], PHORUM_BAD_SPAM_WORDS); $bans[] = array($message["body"], PHORUM_BAD_SPAM_WORDS); // Run the checks. $msg = phorum_api_ban_check_multi($bans); if (!is_null($msg)) { $PHORUM["DATA"]["ERROR"] = $msg; }
if (isset($_POST["recipients"]) && is_array($_POST["recipients"])) { foreach ($_POST["recipients"] as $id => $dummy) { $user = phorum_api_user_get($id); if ($user && $user["active"] == 1) { $recipients[$id] = $user; } } } // init error var $error_msg = ""; // ------------------------------------------------------------------------ // Banlist checking // ------------------------------------------------------------------------ // Start editor Post message Post reply if ($page == 'send' || $action == 'post' || $action == 'list' && isset($pm_id)) { $error = phorum_api_ban_check_multi(array(array($PHORUM["user"]["username"], PHORUM_BAD_NAMES), array($PHORUM["user"]["email"], PHORUM_BAD_EMAILS), array($user_id, PHORUM_BAD_USERID), array(NULL, PHORUM_BAD_IPS))); // Show an error in case we encountered a ban. if (!empty($error)) { $PHORUM["DATA"]["ERROR"] = $error; phorum_api_output("message"); return; } } // ------------------------------------------------------------------------ // Perform actions // ------------------------------------------------------------------------ // Initialize error and ok message. $error = ''; $okmsg = ''; // init folder list $pm_folders = $PHORUM['DB']->pm_getfolders(NULL, true);
} // Check if all required fields are filled and valid. if ($todo_checks['username_empty'] && (!isset($_POST["username"]) || empty($_POST['username']))) { $error = $PHORUM["DATA"]["LANG"]["ErrUsername"]; } elseif ($todo_checks['email_valid'] && !isset($_POST["email"]) || !phorum_api_mail_check_address($_POST["email"])) { $error = $PHORUM["DATA"]["LANG"]["ErrEmail"]; } elseif ($todo_checks['password'] && (empty($_POST["password"]) || $_POST["password"] != $_POST["password2"])) { $error = $PHORUM["DATA"]["LANG"]["ErrPassword"]; } elseif ($todo_checks['username_unique'] && phorum_api_user_search("username", $_POST["username"])) { $error = $PHORUM["DATA"]["LANG"]["ErrRegisterdName"]; } elseif ($todo_checks['email_unique'] && phorum_api_user_search("email", $_POST["email"])) { $error = $PHORUM["DATA"]["LANG"]["ErrRegisterdEmail"]; } // Check banlists. if ($todo_checks['banlists'] && empty($error)) { $error = phorum_api_ban_check_multi(array(array($_POST["username"], PHORUM_BAD_NAMES), array($_POST["email"], PHORUM_BAD_EMAILS), array(NULL, PHORUM_BAD_IPS))); } // Create user if no errors have been encountered. if (empty($error)) { // Setup the default userdata to store. $userdata = array('username' => NULL, 'password' => NULL, 'email' => NULL, 'real_name' => NULL); // Add custom profile fields as acceptable fields. foreach ($PHORUM["CUSTOM_FIELDS"][PHORUM_CUSTOM_FIELD_USER] as $id => $field) { if ($id === 'num_fields' || !empty($field['deleted'])) { continue; } $userdata[$field["name"]] = NULL; } // Update userdata with $_POST information. foreach ($_POST as $key => $val) { if (array_key_exists($key, $userdata)) {