function login_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $mobiquo_config, $user, $register; $lang->load("member"); $input = Tapatalk_Input::filterXmlInput(array('username' => Tapatalk_Input::STRING, 'password' => Tapatalk_Input::STRING, 'anonymous' => Tapatalk_Input::INT, 'push' => Tapatalk_Input::STRING), $xmlrpc_params); $logins = login_attempt_check(1); $login_text = ''; if (!username_exists($input['username'])) { my_setcookie('loginattempts', $logins + 1); $status = 2; $response = new xmlrpcval(array('result' => new xmlrpcval(0, 'boolean'), 'result_text' => new xmlrpcval(strip_tags($lang->error_invalidpworusername), 'base64'), 'status' => new xmlrpcval($status, 'string')), 'struct'); return new xmlrpcresp($response); } $query = $db->simple_select("users", "loginattempts", "LOWER(username)='" . my_strtolower($input['username_esc']) . "'", array('limit' => 1)); $loginattempts = $db->fetch_field($query, "loginattempts"); $errors = array(); $user = validate_password_from_username($input['username'], $input['password']); $correct = false; if (!$user['uid']) { if (validate_email_format($input['username'])) { $mybb->settings['username_method'] = 1; $user = validate_password_from_username($input['username'], $input['password']); } if (!$user['uid']) { my_setcookie('loginattempts', $logins + 1); $db->update_query("users", array('loginattempts' => 'loginattempts+1'), "LOWER(username) = '" . my_strtolower($input['username_esc']) . "'", 1, true); if ($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1) { $login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins); } $errors[] = $lang->error_invalidpworusername . $login_text; } else { $correct = true; } } else { $correct = true; } if (!empty($errors)) { return xmlrespfalse(implode(" :: ", $errors)); } else { if ($correct) { $register = 0; return tt_login_success(); } } return xmlrespfalse("Invalid login details"); }
public function set_activity() { return my_setcookie('inferno_wait', TIME_NOW + $this->settings['inferno_shoutbox_flood']); }
$loginhandler = new LoginDataHandler("get"); if ($mybb->get_input('quick_password') && $mybb->get_input('quick_username')) { $mybb->input['password'] = $mybb->get_input('quick_password'); $mybb->input['username'] = $mybb->get_input('quick_username'); $mybb->input['remember'] = $mybb->get_input('quick_remember'); } $user = array('username' => $mybb->get_input('username'), 'password' => $mybb->get_input('password'), 'remember' => $mybb->get_input('remember'), 'imagestring' => $mybb->get_input('imagestring')); $options = array('fields' => 'loginattempts', 'username_method' => (int) $mybb->settings['username_method']); $user_loginattempts = get_user_by_username($user['username'], $options); $user['loginattempts'] = (int) $user_loginattempts['loginattempts']; $loginhandler->set_data($user); $validated = $loginhandler->validate_login(); if (!$validated) { $mybb->input['action'] = "login"; $mybb->request_method = "get"; my_setcookie('loginattempts', $logins + 1); $db->update_query("users", array('loginattempts' => 'loginattempts+1'), "uid='" . (int) $loginhandler->login_data['uid'] . "'", 1, true); $errors = $loginhandler->get_friendly_errors(); $user['loginattempts'] = (int) $loginhandler->login_data['loginattempts']; // If we need a captcha set it here if ($mybb->settings['failedcaptchalogincount'] > 0 && ($user['loginattempts'] > $mybb->settings['failedcaptchalogincount'] || (int) $mybb->cookies['loginattempts'] > $mybb->settings['failedcaptchalogincount'])) { $do_captcha = true; $correct = $loginhandler->captcha_verified; } } else { if ($validated && $loginhandler->captcha_verified == true) { // Successful login if ($loginhandler->login_data['coppauser']) { error($lang->error_awaitingcoppa); } $loginhandler->complete_login();
$db->update_query("adminoptions", array("recovery_codes" => $db->escape_string(my_serialize($ncodes))), "uid='{$mybb->user['uid']}'"); if (count($ncodes) == 0) { flash_message($lang->my2fa_no_codes, "error"); } } // Validate the code require_once MYBB_ROOT . "inc/3rdparty/2fa/GoogleAuthenticator.php"; $auth = new PHPGangsta_GoogleAuthenticator(); $test = $auth->verifyCode($admin_options['authsecret'], $mybb->get_input('code')); // Either the code was okay or it was a recovery code if ($test === true || $recovery === true) { // Correct code -> session authenticated $db->update_query("adminsessions", array("authenticated" => 1), "sid='" . $db->escape_string($mybb->cookies['adminsid']) . "'"); $admin_session['authenticated'] = 1; $db->update_query("adminoptions", array("loginattempts" => 0, "loginlockoutexpiry" => 0), "uid='{$mybb->user['uid']}'"); my_setcookie('acploginattempts', 0); // post would result in an authorization code mismatch error $mybb->request_method = "get"; } else { // Wrong code -> close session (aka logout) $db->delete_query("adminsessions", "sid='" . $db->escape_string($mybb->cookies['adminsid']) . "'"); my_unsetcookie('adminsid'); // Now test whether we need to lock this guy completly $db->update_query("adminoptions", array("loginattempts" => "loginattempts+1"), "uid='{$mybb->user['uid']}'", '', true); $loginattempts = login_attempt_check_acp($mybb->user['uid'], true); // Have we attempted too many times? if ($loginattempts['loginattempts'] > 0) { // Have we set an expiry yet? if ($loginattempts['loginlockoutexpiry'] == 0) { $db->update_query("adminoptions", array("loginlockoutexpiry" => TIME_NOW + (int) $mybb->settings['loginattemptstimeout'] * 60), "uid='{$mybb->user['uid']}'"); }
} } } if (count($errors) > 0) { error($errors[0]); } } if ($mybb->input['action'] == "do_password" && $mybb->request_method == "post") { $errors = array(); $plugins->run_hooks("usercp_do_password_start"); if (!$verify_result && !validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword'])) { $errors[] = $lang->error_invalidpassword; } else { // Set up user handler. require_once "inc/datahandlers/user.php"; $userhandler = new UserDataHandler("update"); $user = array("uid" => $mybb->user['uid'], "password" => $mybb->input['password'], "password2" => $mybb->input['password2']); $userhandler->set_data($user); if (!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); } else { $userhandler->update_user(); my_setcookie("mybbuser", $mybb->user['uid'] . "_" . $userhandler->data['loginkey']); $plugins->run_hooks("usercp_do_password_end"); $verify_result = true; } } if (count($errors) > 0) { error($errors[0]); } }
if ($mybb->get_input('quoted_ids') == "all") { my_unsetcookie("multiquote"); } else { $quoted_ids = explode("|", $mybb->get_input('quoted_ids')); $multiquote = explode("|", $mybb->cookies['multiquote']); if (is_array($multiquote) && is_array($quoted_ids)) { foreach ($multiquote as $key => $quoteid) { // If this ID was quoted, remove it from the multiquote list if (in_array($quoteid, $quoted_ids)) { unset($multiquote[$key]); } } // Still have an array - set the new cookie if (is_array($multiquote)) { $new_multiquote = implode(",", $multiquote); my_setcookie("multiquote", $new_multiquote); } else { my_unsetcookie("multiquote"); } } } } $plugins->run_hooks("newreply_do_newreply_end"); // This was a post made via the ajax quick reply - we need to do some special things here if ($mybb->get_input('ajax', MyBB::INPUT_INT)) { // Visible post if ($visible == 1) { // Set post counter $postcounter = $thread['replies'] + 1; if (is_moderator($fid, "canviewunapprove")) { $postcounter += $thread['unapprovedposts'];
function extendinline($id, $type) { global $mybb; my_setcookie("inlinemod_{$type}{$id}", '', TIME_NOW + 3600); my_setcookie("inlinemod_{$type}{$id_removed}", '', TIME_NOW + 3600); }
// Load Limiting if ($mybb->usergroup['cancp'] != 1 && $mybb->settings['load'] > 0 && ($load = get_server_load()) && $load != $lang->unknown && $load > $mybb->settings['load']) { // User is not an administrator and the load limit is higher than the limit, show an error error($lang->error_loadlimit); } // If there is a valid referrer in the URL, cookie it if (!$mybb->user['uid'] && $mybb->settings['usereferrals'] == 1 && (isset($mybb->input['referrer']) || isset($mybb->input['referrername']))) { if (isset($mybb->input['referrername'])) { $condition = "username='******'referrername']) . "'"; } else { $condition = "uid='" . intval($mybb->input['referrer']) . "'"; } $query = $db->simple_select("users", "uid", $condition, array('limit' => 1)); $referrer = $db->fetch_array($query); if ($referrer['uid']) { my_setcookie("mybb[referrer]", $referrer['uid']); } } if ($mybb->usergroup['canview'] != 1) { // Check pages allowable even when not allowed to view board $allowable_actions = array("member.php" => array("register", "do_register", "login", "do_login", "logout", "lostpw", "do_lostpw", "activate", "resendactivation", "do_resendactivation", "resetpassword"), "usercp2.php" => array("removesubscription", "removesubscriptions")); if (!($current_page == "member.php" && in_array($mybb->input['action'], $allowable_actions['member.php'])) && !($current_page == "usercp2.php" && in_array($mybb->input['action'], $allowable_actions['usercp2.php'])) && $current_page != "captcha.php") { error_no_permission(); } unset($allowable_actions); } // work out which items the user has collapsed $colcookie = $mybb->cookies['collapsed']; // set up collapsable items (to automatically show them us expanded) if ($colcookie) { $col = explode("|", $colcookie);
/** * Logins an user by adding a cookie into his browser and updating his session */ public function login($user = '') { global $mybb, $session, $db; if (!$user) { $user = $mybb->user; } if (!$user['uid'] or !$user['loginkey'] or !$session) { return false; } // Delete all the old sessions $db->delete_query("sessions", "ip='" . $db->escape_string($session->ipaddress) . "' and sid != '" . $session->sid . "'"); // Create a new session $db->update_query("sessions", array("uid" => $user['uid']), "sid='" . $session->sid . "'"); // Set up the login cookies my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true); my_setcookie("sid", $session->sid, -1, true); return true; }
$modann = ''; } $plugins->run_hooks("forumdisplay_announcement"); eval("\$announcements .= \"" . $templates->get("forumdisplay_announcements_announcement") . "\";"); $bgcolor = alt_trow(); } if ($announcements) { eval("\$announcementlist = \"" . $templates->get("forumdisplay_announcements") . "\";"); $shownormalsep = true; } if (empty($cookie)) { // Clean up cookie crumbs my_setcookie('mybb[announcements]', 0, TIME_NOW - 60 * 60 * 24 * 365); } else { if (!empty($cookie)) { my_setcookie("mybb[announcements]", addslashes(my_serialize($cookie)), -1); } } } else { $announcementlist = ''; } $tids = $threadcache = array(); $icon_cache = $cache->read("posticons"); if ($fpermissions['canviewthreads'] != 0) { $plugins->run_hooks("forumdisplay_get_threads"); // Start Getting Threads $query = $db->query("\n\t\tSELECT t.*, {$ratingadd}t.username AS threadusername, u.username\n\t\tFROM " . TABLE_PREFIX . "threads t\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid = t.uid)\n\t\tWHERE t.fid='{$fid}' {$tuseronly} {$tvisibleonly} {$datecutsql2} {$prefixsql2}\n\t\tORDER BY t.sticky DESC, {$t}{$sortfield} {$sortordernow} {$sortfield2}\n\t\tLIMIT {$start}, {$perpage}\n\t"); $ratings = false; $moved_threads = array(); while ($thread = $db->fetch_array($query)) { $threadcache[$thread['tid']] = $thread;
function gomobile_switch_version() { global $db, $lang, $mybb; if ($mybb->input['action'] != "switch_version") { return false; } $url = "index.php"; if (isset($_SERVER['HTTP_REFERER'])) { $url = htmlentities($_SERVER['HTTP_REFERER']); } if (md5($mybb->post_code) != $mybb->input['my_post_key']) { redirect($url, $lang->invalid_post_code); } if ($mybb->input['do'] == "full") { // Disable the mobile theme my_setcookie("gomobile", "disabled", -1); } elseif ($mybb->input['do'] == "clear") { // Clear the mobile theme cookie my_setcookie("gomobile", "nothing", -1); } else { // Assume we're wanting to switch to the mobile version my_setcookie("gomobile", "force", -1); } $lang->load("gomobile"); redirect($url, $lang->gomobile_switched_version); }
/** * Log the user into MyBB with their MC credentials. * Must be authenticated with authenticate() first! * * @access public * @param $username * @return bool */ public function login($username) { global $mybb, $db, $session; if (!isset($username)) { $username = $this->getUsername(); } $q = $db->simple_select('users', 'uid,loginkey', "mcc_username = '******'"); if ($db->num_rows($q) == 1) { $user = $db->fetch_array($q); if (!$user['uid']) { return false; } // Delete all the old sessions from user's IP address $db->delete_query('sessions', "ip='" . $db->escape_string($session->ipaddress) . "' AND sid != '{$session->sid}'"); // Create a new session $db->update_query('sessions', array('uid' => $user['uid']), "sid='{$session->sid}'"); // Set login cookies my_setcookie('mybbuser', $user['uid'] . '_' . $user['loginkey'], null, true); my_setcookie('sid', $session->sid, -1, true); return true; } return false; }
/** * @return bool true */ function complete_login() { global $plugins, $db, $mybb, $session; $user =& $this->login_data; $plugins->run_hooks('datahandler_login_complete_start', $this); // Login to MyBB my_setcookie('loginattempts', 1); my_setcookie("sid", $session->sid, -1, true); $ip_address = $db->escape_binary($session->packedip); $db->delete_query("sessions", "ip = {$ip_address} AND sid != '{$session->sid}'"); $newsession = array("uid" => $user['uid']); $db->update_query("sessions", $newsession, "sid = '{$session->sid}'"); $db->update_query("users", array("loginattempts" => 1), "uid = '{$user['uid']}'"); $remember = null; if (!isset($mybb->input['remember']) || $mybb->input['remember'] != "yes") { $remember = -1; } my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], $remember, true); if ($this->captcha !== false) { $this->captcha->invalidate_captcha(); } $plugins->run_hooks('datahandler_login_complete_end', $this); return true; }
function loginconvert_convert() { global $mybb, $db, $lang, $session, $plugins, $inline_errors, $errors; if ($mybb->input['action'] != "do_login" || $mybb->request_method != "post") { return; } // Checks to make sure the user can login; they haven't had too many tries at logging in. // Is a fatal call if user has had too many tries $logins = login_attempt_check(); $login_text = ''; // Did we come from the quick login form? if ($mybb->input['quick_login'] == "1" && $mybb->input['quick_password'] && $mybb->input['quick_username']) { $mybb->input['password'] = $mybb->input['quick_password']; $mybb->input['username'] = $mybb->input['quick_username']; } if (!username_exists($mybb->input['username'])) { my_setcookie('loginattempts', $logins + 1); error($lang->error_invalidpworusername . $login_text); } $query = $db->simple_select("users", "loginattempts", "LOWER(username)='" . $db->escape_string(my_strtolower($mybb->input['username'])) . "'", array('limit' => 1)); $loginattempts = $db->fetch_field($query, "loginattempts"); $errors = array(); $user = loginconvert_validate_password_from_username($mybb->input['username'], $mybb->input['password']); if (!$user['uid']) { my_setcookie('loginattempts', $logins + 1); $db->write_query("UPDATE " . TABLE_PREFIX . "users SET loginattempts=loginattempts+1 WHERE LOWER(username) = '" . $db->escape_string(my_strtolower($mybb->input['username'])) . "'"); $mybb->input['action'] = "login"; $mybb->input['request_method'] = "get"; if ($mybb->settings['failedlogintext'] == 1) { $login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins); } $errors[] = $lang->error_invalidpworusername . $login_text; } else { $correct = true; } if ($loginattempts > 3 || intval($mybb->cookies['loginattempts']) > 3) { // Show captcha image for guests if enabled if ($mybb->settings['captchaimage'] == 1 && function_exists("imagepng") && !$mybb->user['uid']) { // If previewing a post - check their current captcha input - if correct, hide the captcha input area if ($mybb->input['imagestring']) { $imagehash = $db->escape_string($mybb->input['imagehash']); $imagestring = $db->escape_string($mybb->input['imagestring']); $query = $db->simple_select("captcha", "*", "imagehash='{$imagehash}' AND imagestring='{$imagestring}'"); $imgcheck = $db->fetch_array($query); if ($imgcheck['dateline'] > 0) { $correct = true; } else { $db->delete_query("captcha", "imagehash='{$imagehash}'"); $errors[] = $lang->error_regimageinvalid; } } else { if ($mybb->input['quick_login'] == 1 && $mybb->input['quick_password'] && $mybb->input['quick_username']) { $errors[] = $lang->error_regimagerequired; } else { $errors[] = $lang->error_regimagerequired; } } } $do_captcha = true; } if (!empty($errors)) { $mybb->input['action'] = "login"; $mybb->input['request_method'] = "get"; $inline_errors = inline_error($errors); } else { if ($correct) { if ($user['coppauser']) { error($lang->error_awaitingcoppa); } my_setcookie('loginattempts', 1); $db->delete_query("sessions", "ip='" . $db->escape_string($session->ipaddress) . "' AND sid != '" . $session->sid . "'"); $newsession = array("uid" => $user['uid']); $db->update_query("sessions", $newsession, "sid='" . $session->sid . "'"); $db->update_query("users", array("loginattempts" => 1), "uid='{$user['uid']}'"); my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true); my_setcookie("sid", $session->sid, -1, true); $plugins->run_hooks("member_do_login_end"); if ($mybb->input['url'] != "" && my_strpos(basename($mybb->input['url']), 'member.php') === false) { if ((my_strpos(basename($mybb->input['url']), 'newthread.php') !== false || my_strpos(basename($mybb->input['url']), 'newreply.php') !== false) && my_strpos($mybb->input['url'], '&processed=1') !== false) { $mybb->input['url'] = str_replace('&processed=1', '', $mybb->input['url']); } $mybb->input['url'] = str_replace('&', '&', $mybb->input['url']); // Redirect to the URL if it is not member.php redirect(htmlentities($mybb->input['url']), $lang->redirect_loggedin); } else { redirect("index.php", $lang->redirect_loggedin); } } else { $mybb->input['action'] = "login"; $mybb->input['request_method'] = "get"; } } }
$vote_options = array(); if ($mybb->user['uid']) { $query = $db->simple_select("pollvotes", "vid,voteoption", "uid='" . $mybb->user['uid'] . "' AND pid='" . $poll['pid'] . "'"); while ($voteoption = $db->fetch_array($query)) { $vote_options[$voteoption['vid']] = $voteoption['voteoption']; } } elseif (isset($mybb->cookies['pollvotes'][$poll['pid']])) { // for Guests, we simply see if they've got the cookie $vote_options = explode(',', $mybb->cookies['pollvotes'][$poll['pid']]); } if (empty($vote_options)) { error($lang->error_notvoted); } else { if (!$mybb->user['uid']) { // clear cookie for Guests my_setcookie("pollvotes[{$poll['pid']}]", ""); } } // Note, this is not thread safe! $votesarray = explode("||~|~||", $poll['votes']); if (count($votesarray) > $poll['numoptions']) { $votesarray = array_slice(0, $poll['numoptions']); } if ($poll['multiple'] == 1) { foreach ($vote_options as $vote) { if (isset($votesarray[$vote - 1])) { --$votesarray[$vote - 1]; --$poll['numvotes']; } } } else {
} $query = $db->simple_select("threadratings", "*", "{$whereclause} AND tid='{$tid}'"); $ratecheck = $db->fetch_array($query); if ($ratecheck['rid'] || $mybb->cookies['mybbratethread'][$tid]) { error($lang->error_alreadyratedthread); } else { $plugins->run_hooks("ratethread_process"); $db->write_query("\r\n\t\tUPDATE " . TABLE_PREFIX . "threads\r\n\t\tSET numratings=numratings+1, totalratings=totalratings+'{$mybb->input['rating']}'\r\n\t\tWHERE tid='{$tid}'\r\n\t"); if ($mybb->user['uid'] != 0) { $insertarray = array('tid' => $tid, 'uid' => $mybb->user['uid'], 'rating' => $mybb->input['rating'], 'ipaddress' => $db->escape_string($session->ipaddress)); $db->insert_query("threadratings", $insertarray); } else { $insertarray = array('tid' => $tid, 'rating' => $mybb->input['rating'], 'ipaddress' => $db->escape_string($session->ipaddress)); $db->insert_query("threadratings", $insertarray); $time = TIME_NOW; my_setcookie("mybbratethread[{$tid}]", $mybb->input['rating']); } } $plugins->run_hooks("ratethread_end"); if ($mybb->input['ajax']) { echo "<success>{$lang->rating_added}</success>\n"; $query = $db->simple_select("threads", "totalratings, numratings", "tid='{$tid}'", array('limit' => 1)); $fetch = $db->fetch_array($query); $width = 0; if ($fetch['numratings'] >= 0) { $averagerating = floatval(round($fetch['totalratings'] / $fetch['numratings'], 2)); $width = intval(round($averagerating)) * 20; $fetch['numratings'] = intval($fetch['numratings']); $ratingvotesav = $lang->sprintf($lang->rating_votes_average, $fetch['numratings'], $averagerating); echo "<average>{$ratingvotesav}</average>\n"; }
// Load Limiting if ($mybb->usergroup['cancp'] != 1 && $mybb->settings['load'] > 0 && ($load = get_server_load()) && $load != $lang->unknown && $load > $mybb->settings['load']) { // User is not an administrator and the load limit is higher than the limit, show an error error($lang->error_loadlimit); } // If there is a valid referrer in the URL, cookie it if (!$mybb->user['uid'] && $mybb->settings['usereferrals'] == 1 && (isset($mybb->input['referrer']) || isset($mybb->input['referrername']))) { if (isset($mybb->input['referrername'])) { $condition = "username = '******'referrername')) . "'"; } else { $condition = "uid = '" . $mybb->get_input('referrer', MyBB::INPUT_INT) . "'"; } $query = $db->simple_select('users', 'uid', $condition, array('limit' => 1)); $referrer = $db->fetch_array($query); if ($referrer['uid']) { my_setcookie('mybb[referrer]', $referrer['uid']); } } if ($mybb->usergroup['canview'] != 1) { // Check pages allowable even when not allowed to view board if (defined('ALLOWABLE_PAGE')) { if (is_string(ALLOWABLE_PAGE)) { $allowable_actions = explode(',', ALLOWABLE_PAGE); if (!in_array($mybb->get_input('action'), $allowable_actions)) { error_no_permission(); } unset($allowable_actions); } else { if (ALLOWABLE_PAGE !== 1) { error_no_permission(); }
/** * Checks to make sure a user has not tried to login more times than permitted * Will stop execution with call to error() unless * * @param bool (Optional) The function will stop execution if it finds an error with the login. Default is True * @return bool Number of logins when success, false if failed. */ function login_attempt_check($fatal = true) { global $mybb, $lang, $session, $db; if ($mybb->settings['failedlogincount'] == 0) { return 1; } // Note: Number of logins is defaulted to 1, because using 0 seems to clear cookie data. Not really a problem as long as we account for 1 being default. // Use cookie if possible, otherwise use session // Find better solution to prevent clearing cookies $loginattempts = 0; $failedlogin = 0; if (!empty($mybb->cookies['loginattempts'])) { $loginattempts = $mybb->cookies['loginattempts']; } if (!empty($mybb->cookies['failedlogin'])) { $failedlogin = $mybb->cookies['failedlogin']; } // Work out if the user has had more than the allowed number of login attempts if ($loginattempts > $mybb->settings['failedlogincount']) { // If so, then we need to work out if they can try to login again // Some maths to work out how long they have left and display it to them $now = TIME_NOW; if (empty($mybb->cookies['failedlogin'])) { $failedtime = $now; } else { $failedtime = $mybb->cookies['failedlogin']; } $secondsleft = $mybb->settings['failedlogintime'] * 60 + $failedtime - $now; $hoursleft = floor($secondsleft / 3600); $minsleft = floor($secondsleft / 60 % 60); $secsleft = floor($secondsleft % 60); // This value will be empty the first time the user doesn't login in, set it if (empty($failedlogin)) { my_setcookie('failedlogin', $now); if ($fatal) { error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft)); } return false; } // Work out if the user has waited long enough before letting them login again if ($mybb->cookies['failedlogin'] < $now - $mybb->settings['failedlogintime'] * 60) { my_setcookie('loginattempts', 1); my_unsetcookie('failedlogin'); if ($mybb->user['uid'] != 0) { $update_array = array('loginattempts' => 1); $db->update_query("users", $update_array, "uid = '{$mybb->user['uid']}'"); } return 1; } else { if ($mybb->cookies['failedlogin'] > $now - $mybb->settings['failedlogintime'] * 60) { if ($fatal) { error($lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft)); } return false; } } } // User can attempt another login return $loginattempts; }
$user = $db->fetch_array($query); if (!$user['uid']) { $output->print_error("Wpisany login jest niepoprawny."); } else { $user = validate_password_from_uid($user['uid'], $mybb->input['password'], $user); if (!$user['uid']) { $output->print_error("Wpisane hasło jest nieprawidłowe. Jeżeli nie pamiętasz swojego hasła, kliknij <a href=\"../member.php?action=lostpw\">tutaj</a>, aby je odzyskać i spróbuj ponownie."); } } $db->delete_query("sessions", "ip='" . $db->escape_string($session->ipaddress) . "' AND sid != '" . $session->sid . "'"); $newsession = array("uid" => $user['uid']); $db->update_query("sessions", $newsession, "sid='" . $session->sid . "'"); // Temporarily set the cookie remember option for the login cookies $mybb->user['remember'] = $user['remember']; my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true); my_setcookie("sid", $session->sid, -1, true); header("Location: ./upgrade.php"); } } $output->steps = array($lang->upgrade); if ($mybb->user['uid'] == 0) { $output->print_header("Wymagane zalogowanie", "errormsg", 0, 1); $output->print_contents('<p>Podaj swój login i hasło, aby rozpocząć proces aktualizacji. Musisz mieć uprawnienia administratora, aby uruchomić ten proces.</p> <form action="upgrade.php" method="post"> <div class="border_wrapper"> <table class="general" cellspacing="0"> <thead> <tr> <th colspan="2" class="first last">Logowanie</th> </tr> </thead>
eval("\$syndication = \"" . $templates->get("misc_syndication") . "\";"); output_page($syndication); } if ($mybb->input['action'] == "clearcookies") { $plugins->run_hooks("misc_clearcookies"); if ($mybb->input['key'] != $mybb->user['logoutkey']) { error($lang->error_invalidkey); } $remove_cookies = array('mybb', 'mybbuser', 'mybb[password]', 'mybb[lastvisit]', 'mybb[lastactive]', 'collapsed', 'mybb[forumread]', 'mybb[threadsread]', 'mybbadmin'); if ($mybb->settings['cookiedomain']) { foreach ($remove_cookies as $name) { @my_setcookie($name, '', TIME_NOW - 1, $mybb->settings['cookiepath'], $mybb->settings['cookiedomain']); } } else { foreach ($remove_cookies as $name) { @my_setcookie($name, '', TIME_NOW - 1, $mybb->settings['cookiepath']); } } redirect("index.php", $lang->redirect_cookiescleared); } function makesyndicateforums($pid = "0", $selitem = "", $addselect = "1", $depth = "", $permissions = "") { global $db, $forumcache, $permissioncache, $mybb, $selecteddone, $forumlist, $forumlistbits, $theme, $templates, $flist, $lang, $unviewable; static $unviewableforums; $pid = intval($pid); if (!$permissions) { $permissions = $mybb->usergroup; } if (!is_array($forumcache)) { // Get Forums $query = $db->simple_select("forums", "*", "linkto = '' AND active!=0", array('order_by' => 'pid, disporder'));
function tt_login_success() { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $mobiquo_config, $user, $register; if ($user['coppauser']) { error($lang->error_awaitingcoppa); } my_setcookie('loginattempts', 1); $db->delete_query("sessions", "ip='" . $db->escape_string($session->ipaddress) . "' AND sid != '" . $session->sid . "'"); $newsession = array("uid" => $user['uid']); $db->update_query("sessions", $newsession, "sid='" . $session->sid . "'"); $db->update_query("users", array("loginattempts" => 1), "uid='{$user['uid']}'"); my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true); my_setcookie("sid", $session->sid, -1, true); $mybb->cookies['sid'] = $session->sid; $session = new session(); $session->init(); $mybbgroups = $mybb->user['usergroup']; if ($mybb->user['additionalgroups']) { $mybbgroups .= ',' . $mybb->user['additionalgroups']; } $groups = explode(",", $mybbgroups); $xmlgroups = array(); foreach ($groups as $group) { $xmlgroups[] = new xmlrpcval($group, "string"); } tt_update_push(); if ($settings['maxattachments'] == 0) { $settings['maxattachments'] = 100; } $userPushType = array('pm' => 1, 'newtopic' => 1, 'sub' => 1, 'tag' => 1, 'quote' => 1); $push_type = array(); foreach ($userPushType as $name => $value) { $push_type[] = new xmlrpcval(array('name' => new xmlrpcval($name, 'string'), 'value' => new xmlrpcval($value, 'boolean')), 'struct'); } if ($mybb->settings['postfloodsecs'] && !is_moderator(0, "", $mybb->user['uid'])) { $flood_interval = $mybb->settings['postfloodsecs']; } $result = array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'user_id' => new xmlrpcval($mybb->user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($mybb->user['username']), 'base64'), 'login_name' => new xmlrpcval(basic_clean($mybb->user['username']), 'base64'), 'user_type' => check_return_user_type($mybb->user['username']), 'email' => new xmlrpcval(basic_clean($mybb->user['email']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($mybb->user['avatar']), 'string'), 'post_count' => new xmlrpcval(intval($mybb->user['postnum']), 'int'), 'usergroup_id' => new xmlrpcval($xmlgroups, 'array'), 'ignored_uids' => new xmlrpcval($mybb->user['ignorelist'], 'string'), 'max_png_size' => new xmlrpcval(10000000, "int"), 'max_jpg_size' => new xmlrpcval(10000000, "int"), 'max_attachment' => new xmlrpcval($mybb->usergroup['canpostattachments'] == 1 ? $settings['maxattachments'] : 0, "int"), 'can_upload_avatar' => new xmlrpcval($mybb->usergroup['canuploadavatars'] == 1, "boolean"), 'can_pm' => new xmlrpcval($mybb->usergroup['canusepms'] == 1 && !$mobiquo_config['disable_pm'], "boolean"), 'can_send_pm' => new xmlrpcval($mybb->usergroup['cansendpms'] == 1 && !$mobiquo_config['disable_pm'], "boolean"), 'can_moderate' => new xmlrpcval($mybb->usergroup['canmodcp'] == 1, "boolean"), 'can_search' => new xmlrpcval($mybb->usergroup['cansearch'] == 1, "boolean"), 'can_whosonline' => new xmlrpcval($mybb->usergroup['canviewonline'] == 1, "boolean"), 'register' => new xmlrpcval($register, "boolean"), 'push_type' => new xmlrpcval($push_type, 'array'), 'post_countdown' => new xmlrpcval($flood_interval, 'int')); if ($mybb->usergroup['isbannedgroup'] == 1) { // Fetch details on their ban $query = $db->simple_select("banned", "*", "uid='{$mybb->user['uid']}'", array('limit' => 1)); $ban = $db->fetch_array($query); if ($ban['uid']) { // Format their ban lift date and reason appropriately if ($ban['lifted'] > 0) { $banlift = my_date($mybb->settings['dateformat'], $ban['lifted']) . ", " . my_date($mybb->settings['timeformat'], $ban['lifted']); } else { $banlift = $lang->banned_lifted_never; } $reason = htmlspecialchars_uni($ban['reason']); } if (empty($reason)) { $reason = $lang->unknown; } if (empty($banlift)) { $banlift = $lang->unknown; } $result_text = $lang->banned_warning . $lang->banned_warning2 . ": " . $reason . "\n" . $lang->banned_warning3 . ": " . $banlift; $result['result_text'] = new xmlrpcval($result_text, 'base64'); } return new xmlrpcresp(new xmlrpcval($result, 'struct')); }
if ($mybb->input['action'] == "do_login" && $mybb->request_method == "post") { require_once MYBB_ROOT . "inc/functions_user.php"; if (!username_exists($mybb->get_input('username'))) { $output->print_error("The username you have entered appears to be invalid."); } $options = array('fields' => array('username', 'password', 'salt', 'loginkey')); $user = get_user_by_username($mybb->get_input('username'), $options); if (!$user['uid']) { $output->print_error("The username you have entered appears to be invalid."); } else { $user = validate_password_from_uid($user['uid'], $mybb->get_input('password'), $user); if (!$user['uid']) { $output->print_error("The password you entered is incorrect. If you have forgotten your password, click <a href=\"../member.php?action=lostpw\">here</a>. Otherwise, go back and try again."); } } my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true); header("Location: ./upgrade.php"); } } $output->steps = array($lang->upgrade); if ($mybb->user['uid'] == 0) { $output->print_header($lang->please_login, "errormsg", 0, 1); $output->print_contents('<p>' . $lang->login_desc . '</p> <form action="upgrade.php" method="post"> <div class="border_wrapper"> <table class="general" cellspacing="0"> <thead> <tr> <th colspan="2" class="first last">' . $lang->login . '</th> </tr> </thead>
/** * Load a guest user. * */ function load_guest() { global $mybb, $time, $db, $lang; // Set up some defaults $time = TIME_NOW; $mybb->user['usergroup'] = 1; $mybb->user['username'] = ''; $mybb->user['uid'] = 0; $mybbgroups = 1; $mybb->user['displaygroup'] = 1; // Has this user visited before? Lastvisit need updating? if (isset($mybb->cookies['mybb']['lastvisit'])) { if (!isset($mybb->cookies['mybb']['lastactive'])) { $mybb->user['lastactive'] = $time; $mybb->cookies['mybb']['lastactive'] = $mybb->user['lastactive']; } else { $mybb->user['lastactive'] = intval($mybb->cookies['mybb']['lastactive']); } if ($time - $mybb->cookies['mybb']['lastactive'] > 900) { my_setcookie("mybb[lastvisit]", $mybb->user['lastactive']); $mybb->user['lastvisit'] = $mybb->user['lastactive']; } else { $mybb->user['lastvisit'] = intval($mybb->cookies['mybb']['lastactive']); } } else { my_setcookie("mybb[lastvisit]", $time); $mybb->user['lastvisit'] = $time; } // Update last active cookie. my_setcookie("mybb[lastactive]", $time); // Gather a full permission set for this guest $mybb->usergroup = usergroup_permissions($mybbgroups); $mydisplaygroup = usergroup_displaygroup($mybb->user['displaygroup']); $mybb->usergroup = array_merge($mybb->usergroup, $mydisplaygroup); // Update the online data. if (!defined("NO_ONLINE")) { if (!empty($this->sid)) { $this->update_session($this->sid); } else { $this->create_session(); } } }
function get_announcement_list($foruminfo, $fid) { // Gather forum stats global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $time, $mybbgroups, $cache; $has_announcements = $has_modtools = false; $forum_stats = $cache->read("forumsdisplay"); $parser = new postParser(); if (is_array($forum_stats)) { if (!empty($forum_stats[-1]['modtools']) || !empty($forum_stats[$fid]['modtools'])) { // Mod tools are specific to forums, not parents $has_modtools = true; } if (!empty($forum_stats[-1]['announcements']) || !empty($forum_stats[$fid]['announcements'])) { // Global or forum-specific announcements $has_announcements = true; } } $parentlist = $foruminfo['parentlist']; $parentlistexploded = explode(",", $parentlist); foreach ($parentlistexploded as $mfid) { if (!empty($forum_stats[$mfid]['announcements'])) { $has_announcements = true; } } $announcementlist = $topic_list = array(); if ($has_announcements == true) { $limit = ''; $announcements = ''; if ($mybb->settings['announcementlimit']) { $limit = "LIMIT 0, " . $mybb->settings['announcementlimit']; } $sql = build_parent_list($fid, "fid", "OR", $parentlist); $time = TIME_NOW; $query = $db->query("\n\t\t\tSELECT a.*, u.username\n\t\t\tFROM " . TABLE_PREFIX . "announcements a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=a.uid)\n\t\t\tWHERE a.startdate<='{$time}' AND (a.enddate>='{$time}' OR a.enddate='0') AND ({$sql} OR fid='-1')\n\t\t\tORDER BY a.startdate DESC {$limit}\n\t\t"); // See if this announcement has been read in our announcement array $cookie = array(); if (isset($mybb->cookies['mybb']['announcements'])) { $cookie = my_unserialize(stripslashes($mybb->cookies['mybb']['announcements'])); } $announcementlist = ''; $bgcolor = alt_trow(true); // Reset the trow colors while ($announcement = $db->fetch_array($query)) { if ($announcement['startdate'] > $mybb->user['lastvisit'] && !$cookie[$announcement['aid']]) { $new_class = ' class="subject_new"'; $folder = "newfolder"; } else { $new_class = ' class="subject_old"'; $folder = "folder"; } // Mmm, eat those announcement cookies if they're older than our last visit if (isset($cookie[$announcement['aid']]) && $cookie[$announcement['aid']] < $mybb->user['lastvisit']) { unset($cookie[$announcement['aid']]); } $announcement['announcementlink'] = get_announcement_link($announcement['aid']); $announcement['subject'] = $parser->parse_badwords($announcement['subject']); $announcement['subject'] = htmlspecialchars_uni($announcement['subject']); $postdate = my_date('relative', $announcement['startdate']); $announcement['profilelink'] = build_profile_link($announcement['username'], $announcement['uid']); $announcementlist[] = $announcement; } if (empty($cookie)) { // Clean up cookie crumbs my_setcookie('mybb[announcements]', 0, TIME_NOW - 60 * 60 * 24 * 365); } else { if (!empty($cookie)) { my_setcookie("mybb[announcements]", addslashes(serialize($cookie)), -1); } } foreach ($announcementlist as $announce) { $user_info = get_user($announce['uid']); $icon_url = absolute_url($user_info['avatar']); $xmlrpc_topic = new xmlrpcval(array('forum_id' => new xmlrpcval($fid, 'string'), 'topic_id' => new xmlrpcval('ann_' . $announce['aid'], 'string'), 'topic_title' => new xmlrpcval(basic_clean($announce['subject']), 'base64'), 'topic_author_id' => new xmlrpcval($announce['uid'], 'string'), 'topic_author_name' => new xmlrpcval(basic_clean($announce['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($icon_url), 'string'), 'reply_number' => new xmlrpcval(0, 'int'), 'view_number' => new xmlrpcval(0, 'int'), 'short_content' => new xmlrpcval(process_short_content($announce['message'], $parser), 'base64')), 'struct'); $topic_list[] = $xmlrpc_topic; } } $response = new xmlrpcval(array('total_topic_num' => new xmlrpcval(count($announcementlist), 'int'), 'forum_id' => new xmlrpcval($fid), 'forum_name' => new xmlrpcval(basic_clean($foruminfo['name']), 'base64'), 'can_post' => new xmlrpcval(false, 'boolean'), 'can_upload' => new xmlrpcval(false, 'boolean'), 'topics' => new xmlrpcval($topic_list, 'array')), 'struct'); return new xmlrpcresp($response); }
/** * Marks all forums as read. * */ function mark_all_forums_read() { global $mybb, $db, $cache; // Can only do "true" tracking for registered users if ($mybb->user['uid'] > 0) { $db->update_query("users", array('lastvisit' => TIME_NOW), "uid='" . $mybb->user['uid'] . "'"); require_once MYBB_ROOT . "inc/functions_user.php"; update_pm_count('', 2); if ($mybb->settings['threadreadcut'] > 0) { // Need to loop through all forums and mark them as read $forums = $cache->read('forums'); $update_count = ceil(count($forums) / 20); if ($update_count < 15) { $update_count = 15; } $mark_query = ''; $done = 0; foreach (array_keys($forums) as $fid) { switch ($db->type) { case "pgsql": case "sqlite": $mark_query[] = array('fid' => $fid, 'uid' => $mybb->user['uid'], 'dateline' => TIME_NOW); break; default: if ($mark_query != '') { $mark_query .= ','; } $mark_query .= "('{$fid}', '{$mybb->user['uid']}', '" . TIME_NOW . "')"; } ++$done; // Only do this in loops of $update_count, save query time if ($done % $update_count) { switch ($db->type) { case "pgsql": case "sqlite": foreach ($mark_query as $replace_query) { add_shutdown(array($db, "replace_query"), array("forumsread", $replace_query, array("fid", "uid"))); } $mark_query = array(); break; default: $db->shutdown_query("\n\t\t\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "forumsread (fid, uid, dateline)\n\t\t\t\t\t\t\t\tVALUES {$mark_query}\n\t\t\t\t\t\t\t"); $mark_query = ''; } } } if ($mark_query != '') { switch ($db->type) { case "pgsql": case "sqlite": foreach ($mark_query as $replace_query) { add_shutdown(array($db, "replace_query"), array("forumsread", $replace_query, array("fid", "uid"))); } break; default: $db->shutdown_query("\n\t\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "forumsread (fid, uid, dateline)\n\t\t\t\t\t\t\tVALUES {$mark_query}\n\t\t\t\t\t\t"); } } } } else { my_setcookie("mybb[readallforums]", 1); my_setcookie("mybb[lastvisit]", TIME_NOW); my_unsetcookie("mybb[threadread]"); my_unsetcookie("mybb[forumread]"); } }
/** * Perform a vote in a poll * * @param integer $poll_id ID of Poll * @param integer $user_id ID of User * @param integer|array Vote option (basically what you vote!) - if multiple, you can define more options in an array */ function vote($poll_id, $user_id = 0, $option = NULL) { // Load the Language Phrases $this->lang->load('polls'); // A bit sanitizing... $poll_id = (int) $poll_id; $user_id = (int) $user_id; // Let's fetch infos of the poll $query = $this->db->simple_select("polls", "*", "pid='" . intval($poll_id) . "'"); $poll = $this->db->fetch_array($query); $poll['timeout'] = $poll['timeout'] * 60 * 60 * 24; $this->plugins->run_hooks("polls_vote_start"); // Does the poll exist? if (!$poll['pid']) { return $this->lang->error_invalidpoll; } // Does the poll exist in a valid thread? $query = $this->db->simple_select("threads", "*", "poll='" . $poll['pid'] . "'"); $thread = $this->db->fetch_array($query); if (!$thread['tid']) { return $this->lang->error_invalidthread; } // Do we have the permissino to vote? $fid = $thread['fid']; $forumpermissions = forum_permissions($fid); if ($forumpermissions['canvotepolls'] == 0) { return false; } // Has the poll expired? $expiretime = $poll['dateline'] + $poll['timeout']; if ($poll['closed'] == 1 || $thread['closed'] == 1 || $expiretime < TIME_NOW && $poll['timeout']) { return $this->lang->error_pollclosed; } // Did we pass an option to vote for? if (empty($option)) { return $this->lang->error_nopolloptions; } // Check if the user has voted before... if ($user_id > 0) { $query = $this->db->simple_select("pollvotes", "*", "uid='" . $user_id . "' AND pid='" . $poll['pid'] . "'"); $votecheck = $this->db->fetch_array($query); } if ($votecheck['vid'] || $this->mybb->cookies['pollvotes'][$poll['pid']]) { return $this->lang->error_alreadyvoted; } elseif ($user_id == 0) { // Give a cookie to guests to inhibit revotes my_setcookie("pollvotes[{$poll['pid']}]", '1'); } $votesql = ''; $votesarray = explode("||~|~||", $poll['votes']); $numvotes = $poll['numvotes']; if ($poll['multiple'] == 1) { foreach ($option as $voteoption => $vote) { if ($vote == 1 && isset($votesarray[$voteoption - 1])) { if ($votesql) { $votesql .= ","; } $votesql .= "('" . $poll['pid'] . "','" . $user_id . "','" . $this->db->escape_string($voteoption) . "', " . TIME_NOW . ")"; $votesarray[$voteoption - 1]++; $numvotes = $numvotes + 1; } } } else { if (!isset($votesarray[$option - 1])) { return $this->lang->error_nopolloptions; } $votesql = "('" . $poll['pid'] . "','" . $user_id . "','" . $this->db->escape_string($option) . "', " . TIME_NOW . ")"; $votesarray[$option - 1]++; $numvotes = $numvotes + 1; } // Save the fact that we voted $this->db->write_query("\n\t\t\tINSERT INTO \n\t\t\t" . TABLE_PREFIX . "pollvotes (pid,uid,voteoption,dateline) \n\t\t\tVALUES {$votesql}\n\t\t"); $voteslist = ''; for ($i = 1; $i <= $poll['numoptions']; ++$i) { if ($i > 1) { $voteslist .= "||~|~||"; } $voteslist .= $votesarray[$i - 1]; } $updatedpoll = array("votes" => $this->db->escape_string($voteslist), "numvotes" => intval($numvotes)); $this->plugins->run_hooks("polls_vote_process"); $this->db->update_query("polls", $updatedpoll, "pid='" . $poll['pid'] . "'"); $this->plugins->run_hooks("polls_vote_end"); return true; }
/** * Installation is finished */ function install_done() { global $output, $db, $mybb, $errors, $cache, $lang; if (empty($mybb->input['adminuser'])) { $errors[] = $lang->admin_step_error_nouser; } if (empty($mybb->input['adminpass'])) { $errors[] = $lang->admin_step_error_nopassword; } if ($mybb->get_input('adminpass') != $mybb->get_input('adminpass2')) { $errors[] = $lang->admin_step_error_nomatch; } if (empty($mybb->input['adminemail'])) { $errors[] = $lang->admin_step_error_noemail; } if (is_array($errors)) { create_admin_user(); } require MYBB_ROOT . 'inc/config.php'; $db = db_connection($config); require MYBB_ROOT . 'inc/settings.php'; $mybb->settings =& $settings; ob_start(); $output->print_header($lang->finish_setup, 'finish'); echo $lang->done_step_usergroupsinserted; // Insert all of our user groups from the XML file $usergroup_settings = file_get_contents(INSTALL_ROOT . 'resources/usergroups.xml'); $parser = new XMLParser($usergroup_settings); $parser->collapse_dups = 0; $tree = $parser->get_tree(); $admin_gid = ''; $group_count = 0; foreach ($tree['usergroups'][0]['usergroup'] as $usergroup) { // usergroup[cancp][0][value] $new_group = array(); foreach ($usergroup as $key => $value) { if (!is_array($value)) { continue; } $new_group[$key] = $db->escape_string($value[0]['value']); } $db->insert_query("usergroups", $new_group, false); // If this group can access the admin CP and we haven't established the admin group - set it (just in case we ever change IDs) if ($new_group['cancp'] == 1 && !$admin_gid) { $admin_gid = $usergroup['gid'][0]['value']; } $group_count++; } // Restart usergroup sequence with correct # of groups if ($config['database']['type'] == "pgsql") { $db->query("SELECT setval('{$config['database']['table_prefix']}usergroups_gid_seq', (SELECT max(gid) FROM {$config['database']['table_prefix']}usergroups));"); } echo $lang->done . '</p>'; echo $lang->done_step_admincreated; $now = TIME_NOW; $salt = random_str(); $loginkey = generate_loginkey(); $saltedpw = md5(md5($salt) . md5($mybb->get_input('adminpass'))); $newuser = array('username' => $db->escape_string($mybb->get_input('adminuser')), 'password' => $saltedpw, 'salt' => $salt, 'loginkey' => $loginkey, 'email' => $db->escape_string($mybb->get_input('adminemail')), 'usergroup' => $admin_gid, 'regdate' => $now, 'lastactive' => $now, 'lastvisit' => $now, 'website' => '', 'icq' => '', 'aim' => '', 'yahoo' => '', 'skype' => '', 'google' => '', 'birthday' => '', 'signature' => '', 'allownotices' => 1, 'hideemail' => 0, 'subscriptionmethod' => '0', 'receivepms' => 1, 'pmnotice' => 1, 'pmnotify' => 1, 'buddyrequestspm' => 1, 'buddyrequestsauto' => 0, 'showimages' => 1, 'showvideos' => 1, 'showsigs' => 1, 'showavatars' => 1, 'showquickreply' => 1, 'invisible' => 0, 'style' => '0', 'timezone' => 0, 'dst' => 0, 'threadmode' => '', 'daysprune' => 0, 'regip' => $db->escape_binary(my_inet_pton(get_ip())), 'language' => '', 'showcodebuttons' => 1, 'tpp' => 0, 'ppp' => 0, 'referrer' => 0, 'buddylist' => '', 'ignorelist' => '', 'pmfolders' => '', 'notepad' => '', 'showredirect' => 1, 'usernotes' => ''); $db->insert_query('users', $newuser); echo $lang->done . '</p>'; echo $lang->done_step_adminoptions; $adminoptions = file_get_contents(INSTALL_ROOT . 'resources/adminoptions.xml'); $parser = new XMLParser($adminoptions); $parser->collapse_dups = 0; $tree = $parser->get_tree(); $insertmodule = array(); $db->delete_query("adminoptions"); // Insert all the admin permissions foreach ($tree['adminoptions'][0]['user'] as $users) { $uid = $users['attributes']['uid']; foreach ($users['permissions'][0]['module'] as $module) { foreach ($module['permission'] as $permission) { $insertmodule[$module['attributes']['name']][$permission['attributes']['name']] = $permission['value']; } } $defaultviews = array(); foreach ($users['defaultviews'][0]['view'] as $view) { $defaultviews[$view['attributes']['type']] = $view['value']; } $adminoptiondata = array('uid' => (int) $uid, 'cpstyle' => '', 'notes' => '', 'permissions' => $db->escape_string(my_serialize($insertmodule)), 'defaultviews' => $db->escape_string(my_serialize($defaultviews))); $insertmodule = array(); $db->insert_query('adminoptions', $adminoptiondata); } echo $lang->done . '</p>'; // Automatic Login my_unsetcookie("sid"); my_unsetcookie("mybbuser"); my_setcookie('mybbuser', $uid . '_' . $loginkey, null, true); ob_end_flush(); // Make fulltext columns if supported if ($db->supports_fulltext('threads')) { $db->create_fulltext_index('threads', 'subject'); } if ($db->supports_fulltext_boolean('posts')) { $db->create_fulltext_index('posts', 'message'); } echo $lang->done_step_cachebuilding; require_once MYBB_ROOT . 'inc/class_datacache.php'; $cache = new datacache(); $cache->update_version(); $cache->update_attachtypes(); $cache->update_smilies(); $cache->update_badwords(); $cache->update_usergroups(); $cache->update_forumpermissions(); $cache->update_stats(); $cache->update_statistics(); $cache->update_forums(); $cache->update_moderators(); $cache->update_usertitles(); $cache->update_reportedcontent(); $cache->update_awaitingactivation(); $cache->update_mycode(); $cache->update_profilefields(); $cache->update_posticons(); $cache->update_spiders(); $cache->update_bannedips(); $cache->update_banned(); $cache->update_bannedemails(); $cache->update_birthdays(); $cache->update_groupleaders(); $cache->update_threadprefixes(); $cache->update_forumsdisplay(); $cache->update("plugins", array()); $cache->update("internal_settings", array('encryption_key' => random_str(32))); $cache->update_default_theme(); $version_history = array(); $dh = opendir(INSTALL_ROOT . "resources"); while (($file = readdir($dh)) !== false) { if (preg_match("#upgrade([0-9]+).php\$#i", $file, $match)) { $version_history[$match[1]] = $match[1]; } } sort($version_history, SORT_NUMERIC); $cache->update("version_history", $version_history); // Schedule an update check so it occurs an hour ago. Gotta stay up to date! $update['nextrun'] = TIME_NOW - 3600; $db->update_query("tasks", $update, "tid='12'"); $cache->update_update_check(); $cache->update_tasks(); echo $lang->done . '</p>'; echo $lang->done_step_success; $written = 0; if (is_writable('./')) { $lock = @fopen('./lock', 'w'); $written = @fwrite($lock, '1'); @fclose($lock); if ($written) { echo $lang->done_step_locked; } } if (!$written) { echo $lang->done_step_dirdelete; } echo $lang->done_whats_next; $output->print_footer(''); }
} } // If the delayedthreadviews setting was changed, enable or disable the tasks for it. if (isset($mybb->input['upsetting']['delayedthreadviews']) && $mybb->settings['delayedthreadviews'] != $mybb->input['upsetting']['delayedthreadviews']) { if ($mybb->input['upsetting']['delayedthreadviews'] == 0) { $updated_task = array("enabled" => 0); } else { $updated_task = array("enabled" => 1); } $db->update_query("tasks", $updated_task, "file='threadviews'"); } // Have we changed our cookie prefix? If so, update our adminsid so we're not logged out if ($mybb->input['upsetting']['cookieprefix'] && $mybb->input['upsetting']['cookieprefix'] != $mybb->settings['cookieprefix']) { my_unsetcookie("adminsid"); $mybb->settings['cookieprefix'] = $mybb->input['upsetting']['cookieprefix']; my_setcookie("adminsid", $admin_session['sid'], '', true); } // Have we opted for a reCAPTCHA and not set a public/private key? if ($mybb->input['upsetting']['captchaimage'] == 2 && !$mybb->input['upsetting']['captchaprivatekey'] && !$mybb->input['upsetting']['captchapublickey']) { $db->update_query("settings", array("value" => 1), "name = 'captchaimage'"); } rebuild_settings(); $plugins->run_hooks("admin_config_settings_change_commit"); // If we have changed our report reasons recache them if (isset($mybb->input['upsetting']['reportreasons'])) { $cache->update_reportedposts(); } // Log admin action log_admin_action(); flash_message($lang->success_settings_updated, 'success'); admin_redirect("index.php?module=config-settings");
$form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->input['sortby'], array('id' => 'sortby')) . " {$lang->in} " . $form->generate_select_box('order', $sort_directions, $mybb->input['order'], array('id' => 'order')), 'sortby'); $form_container->output_row($lang->results_per_page, "", $form->generate_text_box('perpage', $mybb->input['perpage'], array('id' => 'perpage')), 'perpage'); $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => $mybb->input['displayas'] != "card" ? true : false)) . "<br />" . $form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => $mybb->input['displayas'] == "card" ? true : false))); $form_container->end(); $buttons[] = $form->generate_submit_button($lang->find_users); $form->output_submit_wrapper($buttons); $form->end(); $page->output_footer(); } if ($mybb->input['action'] == "inline_edit") { $plugins->run_hooks("admin_user_users_inline"); if ($mybb->input['vid'] || $mybb->cookies['acp_view']) { // We have a custom view if (!$mybb->cookies['acp_view']) { // Set a cookie my_setcookie("acp_view", $mybb->input['vid'], 60); } elseif ($mybb->cookies['acp_view']) { // We already have a cookie, so let's use it... $mybb->input['vid'] = $mybb->cookies['acp_view']; } $vid_url = "&vid=" . $mybb->input['vid']; } // First, collect the user IDs that we're performing the moderation on $ids = explode("|", $mybb->cookies['inlinemod_useracp']); foreach ($ids as $id) { if ($id != '') { $selected[] = intval($id); } } // If there isn't anything to select, then output an error if (!is_array($selected)) {
public function member_profile_end() { global $templates, $theme, $memprofile, $settings, $db, $mybb, $lang, $myprofile_visitors, $theme; if ($settings["mpvisitorsenabled"] != "1") { return; } MyProfileUtils::lang_load_myprofile(); // we don't care if I'm a guest, or I'm visiting my own profile if (isset($mybb->user["uid"]) && $mybb->user["uid"] > 0 && $mybb->user["uid"] != $memprofile["uid"]) { $query = $db->simple_select("myprofilevisitors", "*", "uid='{$memprofile['uid']}' AND vuid='{$mybb->user['uid']}'"); if ($db->num_rows($query) > 0) { // update $update_array = array("time" => TIME_NOW); $db->update_query("myprofilevisitors", $update_array, "uid='{$memprofile['uid']}' AND vuid='{$mybb->user['uid']}'"); } else { // insert $insert_array = array("uid" => $db->escape_string($memprofile['uid']), "vuid" => $db->escape_string($mybb->user['uid']), "time" => TIME_NOW); $db->insert_query("myprofilevisitors", $insert_array); } } if ($mybb->settings['mpprofileviewsenabled']) { // Check if a cookie exists so they can't refresh constantly to increment the counter $cookiekey = "profile" . $memprofile['uid']; if (!isset($mybb->cookies[$cookiekey]) && $memprofile['uid'] != $mybb->user['uid']) { // update the view count $visitcount = $memprofile['viewcount'] + 1; $db->write_query("UPDATE " . TABLE_PREFIX . "users SET viewcount={$visitcount} WHERE uid=" . $memprofile['uid']); } my_setcookie($cookiekey, 1, 300); // 5 minute delay should be adequate eval("\$profilevisits = \"" . $templates->get("myprofile_visitor_count") . "\";"); } $query = $db->simple_select("myprofilevisitors", "*", "uid='{$memprofile['uid']}'", array("limit" => isset($settings["mpvisitorsrecord"]) && is_numeric($settings["mpvisitorsrecord"]) ? $settings["mpvisitorsrecord"] : "10", "order_by" => "time", "order_dir" => "DESC")); if ($db->num_rows($query) == 0) { $lastvisitors = $lang->mp_profile_visitors_no_visit; } else { $lastvisitors_array = array(); while ($visit = $db->fetch_array($query)) { $visitor = get_user($visit["vuid"]); if (!empty($visitor)) { $date = my_date($settings["dateformat"], $visit["time"]); $time = my_date($settings["timeformat"], $visit["time"]); $username = build_profile_link(format_name(htmlspecialchars_uni($visitor["username"]), $visitor["usergroup"], $visitor["displaygroup"]), $visitor["uid"]); $lastvisitors_array[] = $username . " ({$date} - {$time})"; } } $lastvisitors = implode($lang->comma, $lastvisitors_array); } eval("\$myprofile_visitors .= \"" . $templates->get('myprofile_visitors') . "\";"); }