From 54db9031ebf8ebd046611e6af5d61e9f2da12b71 Mon Sep 17 00:00:00 2001
From: finke <Surf-finke@gmx.de>
Date: Sun, 30 Jun 2013 15:40:55 +0200
Subject: [PATCH 1/2] =?UTF-8?q?=EF=BB=BFMehrere=20kleine=20Korrekturen:=20?=
 =?UTF-8?q?-=20Design=20Fehler=20in=20der=20install.php=20-=20Fehler=20mit?=
 =?UTF-8?q?=20der=20spl=5Fautoload=20in=20der=20loader.php=20(=20http://ww?=
 =?UTF-8?q?w.ilch.de/forum-showposts-49899.html=20)=20-=20Die=20Seite=20f?=
 =?UTF-8?q?=C3=BCr=20das=20bearbeiten=20des=20eigenen=20Profils=20immer=20?=
 =?UTF-8?q?freigegeben=20in=20der=20menu.php?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 include/includes/class/menu.php | 4 +++-
 include/includes/func/user.php  | 8 ++++----
 include/includes/loader.php     | 4 +++-
 install/install.php             | 2 +-
 4 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/include/includes/class/menu.php b/include/includes/class/menu.php
index 0e94755..78dbbcf 100644
--- a/include/includes/class/menu.php
+++ b/include/includes/class/menu.php
@@ -193,7 +193,9 @@ public function get_url($w = '') {
             'remind',
             '13',
             '3',
-            'logout'
+            'logout',
+            '8',             //Profil
+            'profil'
             );
         if ($exit === true AND $this->get(0) == 'user' AND in_array($this->get(1), $alwaysallowed)) {
             $exit = false;
diff --git a/include/includes/func/user.php b/include/includes/func/user.php
index 98269ee..dab25d3 100644
--- a/include/includes/func/user.php
+++ b/include/includes/func/user.php
@@ -143,7 +143,7 @@ function user_login_check($auto = false)
         } else {
             $lower = get_lower($_POST['email']);
             $value = escape($lower, 'string');
-            $term = "name_clean = '" . $value . "'";
+            $term = "name_clean = BINARY '" . $value . "'";
             debug('Login mit Nickname: ' . $value);
         }
         if ($lower != $value) {
@@ -431,7 +431,7 @@ function user_regist($name, $mail, $pass)
 
     $crypt = new PwCrypt();
 
-    $name_clean = get_lower($name);
+    $name_clean = escape(get_lower($name), 'string');
     $erg = db_query("SELECT `id` FROM `prefix_user` WHERE `name_clean` = BINARY '" . $name_clean . "'");
     if (db_num_rows($erg) > 0) {
         return (false);
@@ -442,9 +442,9 @@ function user_regist($name, $mail, $pass)
     if (db_num_rows($erg) > 0) {
         return (false);
     }
-	
+	
     if ($allgAr[ 'forum_regist_user_pass' ] == 0) {
-        $new_pass = PwCrypt::getRndString(8, PwCrypt::LETTERS| PwCrypt::NUMBERS | PwCrypt::SPECIAL_CHARACTERS);
+        $new_pass = PwCrypt::getRndString(8, PwCrypt::LETTERS| PwCrypt::NUMBERS | PwCrypt::SPECIAL_CHARACTERS);
     } else {
         $new_pass = $pass;
     }
diff --git a/include/includes/loader.php b/include/includes/loader.php
index 5757825..3cb83a3 100644
--- a/include/includes/loader.php
+++ b/include/includes/loader.php
@@ -16,8 +16,10 @@
 
     if(file_exists($filePath)) {
         require_once $filePath;
+        return true;
     } else {
-        throw new InvalidArgumentException('the file "'.$filePath.'" does not exist');
+        //throw new InvalidArgumentException('the file "'.$filePath.'" does not exist');
+        return false        
     }
 });
 
diff --git a/install/install.php b/install/install.php
index d6f950a..755275c 100644
--- a/install/install.php
+++ b/install/install.php
@@ -27,7 +27,7 @@ function getInstallprofileComment($file) {
         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
         <title>... ::: [ I n s t a l l a t i o n &nbsp; f &uuml; r &nbsp; C l a n s c r i p t &nbsp; v o n &nbsp; i l c h ] ::: ...</title>
         <link rel="stylesheet" href="../include/designs/ilchClan12/style.css" type="text/css">
-        <link rel="stylesheet" href="../include/includes/css/jquery/templates/redmond/jquery-ui-1.8.21.custom.css" type="text/css">
+        <link rel="stylesheet" href="../include/includes/css/jquery/templates/redmond/jquery.ui.theme.css" type="text/css"> 
         <style type="text/css">.hide { display:none; }</style>
 
     </head>

From a02f9b2b9c1f6deab71c7dea2810090dd58a1cab Mon Sep 17 00:00:00 2001
From: finke <Surf-finke@gmx.de>
Date: Sun, 30 Jun 2013 16:22:16 +0200
Subject: [PATCH 2/2] =?UTF-8?q?=EF=BB=BF-=20Fehler=20beseitigt,=20der=20en?=
 =?UTF-8?q?tsteht=20wenn=20User=20=C3=BCber=20das=20Admin=20men=C3=BC=20fr?=
 =?UTF-8?q?eigeschaltet=20werden.=20(#65)=20-=20Fehlendes=20escapen=20der?=
 =?UTF-8?q?=20E-Mail=20bei=20der=20registrierung=20eingef=C3=BCgt?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 include/admin/puser.php        | 1 +
 include/includes/func/user.php | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/admin/puser.php b/include/admin/puser.php
index 5eb13ae..70b327e 100644
--- a/include/admin/puser.php
+++ b/include/admin/puser.php
@@ -16,6 +16,7 @@
     $erg = db_query("SELECT * FROM `prefix_usercheck` WHERE `check` = '" . escape($_GET[ 'check' ], 'string') . "'");
     if (db_num_rows($erg) == 1) {
         $row = db_fetch_assoc($erg);
+        $row[ 'name_clean' ] = escape(get_lower($row[ 'name' ]), 'string');
         switch ($row[ 'ak' ]) {
             // confirm regist
             case 1:
diff --git a/include/includes/func/user.php b/include/includes/func/user.php
index dab25d3..5e9c5c8 100644
--- a/include/includes/func/user.php
+++ b/include/includes/func/user.php
@@ -437,7 +437,7 @@ function user_regist($name, $mail, $pass)
         return (false);
     }
 
-    $mail = get_lower($mail);
+    $mail = get_lower(escape_for_email($mail));
     $erg = db_query("SELECT `id` FROM `prefix_user` WHERE `email` = BINARY '" . $mail . "'");
     if (db_num_rows($erg) > 0) {
         return (false);