{--FATAL_ERROR--}: {--LANG_NO_RENDER_DIRECT--}"); break; } } elseif ((constant('_OB_CACHING') == 'on') && (isset($GLOBALS['footer_sent'])) && ($GLOBALS['footer_sent'] == 1)) { // Headers already sent? if (headers_sent()) { // Log this error DEBUG_LOG(__FUNCTION__, __LINE__, "Headers already sent! We need debug backtrace here."); // Trigger an user error debug_report_bug("Headers are already sent!"); } // END - if // Output cached HTML code $OUTPUT = ob_get_contents(); // Clear output buffer for later output if output is found if (!empty($OUTPUT)) { clearOutputBuffer(); } // END - if // Send HTTP header sendHeader('HTTP/1.1 200'); // Used later $now = gmdate('D, d M Y H:i:s') . ' GMT'; // General headers for no caching sendHeader('Expired: ' . $now); // RFC2616 - Section 14.21 sendHeader('Last-Modified: ' . $now); sendHeader('Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0'); // HTTP/1.1 sendHeader('Pragma: no-cache'); // HTTP/1.0 sendHeader('Connection: Close'); // Extension 'rewrite' installed? if ((EXT_IS_ACTIVE('rewrite')) && ($GLOBALS['output_mode'] != '1') && ($GLOBALS['output_mode'] != '-1')) { $OUTPUT = rewriteLinksInCode($OUTPUT); } // END - if // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { // Prepare the content and eval() it... $newContent = ''; $eval = "\$newContent = \"".COMPILE_CODE(smartAddSlashes($OUTPUT))."\";"; eval($eval); // Was that eval okay? if (empty($newContent)) { // Something went wrong! app_die(__FUNCTION__, __LINE__, "Evaluation error:
".htmlentities($eval).""); } // END - if $OUTPUT = $newContent; } // END - while // Output code here, DO NOT REMOVE! ;-) outputRawCode($OUTPUT); } elseif ((getConfig('OUTPUT_MODE') == 'render') && (!empty($OUTPUT))) { // Rewrite links when rewrite extension is active if ((EXT_IS_ACTIVE('rewrite')) && ($GLOBALS['output_mode'] != '1') && ($GLOBALS['output_mode'] != '-1')) { $OUTPUT = rewriteLinksInCode($OUTPUT); } // END - if // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { $eval = "\$OUTPUT = \"".COMPILE_CODE(smartAddSlashes($OUTPUT))."\";"; eval($eval); } // END - while // Output code here, DO NOT REMOVE! ;-) outputRawCode($OUTPUT); } } // Output the raw HTML code function outputRawCode ($HTML) { // Output stripped HTML code to avoid broken JavaScript code, etc. echo stripslashes(stripslashes($HTML)); // Flush the output if only constant('_OB_CACHING') is not 'on' if (constant('_OB_CACHING') != 'on') { // Flush it flush(); } // END - if } // Init fatal message array function initFatalMessages () { $GLOBALS['fatal_messages'] = array(); } // Getter for whole fatal error messages function getFatalArray () { return $GLOBALS['fatal_messages']; } // Add a fatal error message to the queue array function addFatalMessage ($F, $L, $message, $extra='') { if (is_array($extra)) { // Multiple extras for a message with masks $message = call_user_func_array('sprintf', $extra); } elseif (!empty($extra)) { // $message is text with a mask plus extras to insert into the text $message = sprintf($message, $extra); } // Add message to $GLOBALS['fatal_messages'] $GLOBALS['fatal_messages'][] = $message; // Log fatal messages away DEBUG_LOG($F, $L, " message={$message}"); } // Getter for total fatal message count function getTotalFatalErrors () { // Init coun $count = 0; // Do we have at least the first entry? if (!empty($GLOBALS['fatal_messages'][0])) { // Get total count $count = count($GLOBALS['fatal_messages']); } // END - if // Return value return $count; } // Load a template file and return it's content (only it's name; do not use ' or ") function LOAD_TEMPLATE ($template, $return=false, $content=array()) { // @TODO Remove this sanity-check if all is fine if (!is_bool($return)) debug_report_bug('return is not bool (' . gettype($return) . ')'); // Add more variables which you want to use in your template files global $DATA, $username; // Get whole config array $_CONFIG = getConfigArray(); // Make all template names lowercase $template = strtolower($template); // Count the template load incrementConfigEntry('num_templates'); // Prepare IP number and User Agent $REMOTE_ADDR = detectRemoteAddr(); if (!defined('REMOTE_ADDR')) define('REMOTE_ADDR', $REMOTE_ADDR); $HTTP_USER_AGENT = detectUserAgent(); // Init some data $ret = ''; if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0; // @DEPRECATED Try to rewrite the if() condition if ($template == 'member_support_form') { // Support request of a member $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array(getUserId()), __FUNCTION__, __LINE__); // Is content an array? if (is_array($content)) { // Merge data $content = merge_array($content, SQL_FETCHARRAY($result)); // Translate gender $content['gender'] = translateGender($content['gender']); } else { // @DEPRECATED // @TODO Fine all templates which are using these direct variables and rewrite them. // @TODO After this step is done, this else-block is history list($gender, $surname, $family, $email) = SQL_FETCHROW($result); // Translate gender $gender = translateGender($gender); DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("DEPRECATION-WARNING: content is not array (%s).", gettype($content))); } // Free result SQL_FREERESULT($result); } // END - if // Generate date/time string $date_time = generateDateTime(time(), '1'); // Base directory $basePath = sprintf("%stemplates/%s/html/", constant('PATH'), getLanguage()); $mode = ''; // Check for admin/guest/member templates if (strpos($template, 'admin_') > -1) { // Admin template found $mode = 'admin/'; } elseif (strpos($template, 'guest_') > -1) { // Guest template found $mode = 'guest/'; } elseif (strpos($template, 'member_') > -1) { // Member template found $mode = 'member/'; } elseif (strpos($template, 'install_') > -1) { // Installation template found $mode = 'install/'; } elseif (strpos($template, 'ext_') > -1) { // Extension template found $mode = 'ext/'; } elseif (strpos($template, 'la_') > -1) { // 'Logical-area' template found $mode = 'la/'; } else { // Test for extension $test = substr($template, 0, strpos($template, '_')); if (EXT_IS_ACTIVE($test)) { // Set extra path to extension's name $mode = $test.'/'; } } //////////////////////// // Generate file name // //////////////////////// $FQFN = $basePath . $mode . $template . '.tpl'; if ((!empty($GLOBALS['what'])) && ((strpos($template, '_header') > 0) || (strpos($template, '_footer') > 0)) && (($mode == 'guest/') || ($mode == 'member/') || ($mode == 'admin/'))) { // Select what depended header/footer template file for admin/guest/member area $file2 = sprintf("%s%s%s_%s.tpl", $basePath, $mode, $template, SQL_ESCAPE($GLOBALS['what']) ); // Probe for it... if (isFileReadable($file2)) $FQFN = $file2; // Remove variable from memory unset($file2); } // END - if // Does the special template exists? if (!isFileReadable($FQFN)) { // Reset to default template $FQFN = $basePath . $template . '.tpl'; } // END - if // Now does the final template exists? if (isFileReadable($FQFN)) { // The local file does exists so we load it. :) $tmpl_file = readFromFile($FQFN); // Replace ' to our own chars to preventing them being quoted while (strpos($tmpl_file, "'") !== false) { $tmpl_file = str_replace("'", '{QUOT}', $tmpl_file); } // Do we have to compile the code? $ret = ''; if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) { // Okay, compile it! $tmpl_file = "\$ret=\"".COMPILE_CODE(smartAddSlashes($tmpl_file))."\";"; eval($tmpl_file); } else { // Simply return loaded code $ret = $tmpl_file; } // Add surrounding HTML comments to help finding bugs faster $ret = "\n" . $ret . "\n"; } elseif ((IS_ADMIN()) || ((isInstalling()) && (!isInstalled()))) { // Only admins shall see this warning or when installation mode is active $ret = "
".print_r($content, true)."{--TEMPLATE_DATA--}
".print_r($DATA, true)."
".htmlentities(trim($mailHeader))." To : " . $toEmail." Subject : " . $subject." Message : " . $message."\n"); } elseif (($HTML == 'Y') && (EXT_IS_ACTIVE('html_mail'))) { // Send mail as HTML away sendHtmlEmail($toEmail, $subject, $message, $mailHeader); } elseif (!empty($toEmail)) { // Send Mail away sendRawEmail($toEmail, $subject, $message, $mailHeader); } elseif ($HTML == 'N') { // Problem found! sendRawEmail(constant('WEBMASTER'), '[PROBLEM:]' . $subject, $message, $mailHeader); } } // Check if legacy or PHPMailer command // @TODO Rewrite this to an extension 'smtp' // @private function checkPhpMailerUsage() { return ((getConfig('SMTP_HOSTNAME') != '') && (getConfig('SMTP_USER') != '')); } // Send out a raw email with PHPMailer class or legacy mail() command function sendRawEmail ($toEmail, $subject, $message, $from) { // Shall we use PHPMailer class or legacy mode? if (checkPhpMailerUsage()) { // Use PHPMailer class with SMTP enabled loadIncludeOnce('inc/phpmailer/class.phpmailer.php'); loadIncludeOnce('inc/phpmailer/class.smtp.php'); // get new instance $mail = new PHPMailer(); $mail->PluginDir = sprintf("%sinc/phpmailer/", constant('PATH')); $mail->IsSMTP(); $mail->SMTPAuth = true; $mail->Host = getConfig('SMTP_HOSTNAME'); $mail->Port = 25; $mail->Username = getConfig('SMTP_USER'); $mail->Password = getConfig('SMTP_PASSWORD'); if (empty($from)) { $mail->From = constant('WEBMASTER'); } else { $mail->From = $from; } $mail->FromName = constant('MAIN_TITLE'); $mail->Subject = $subject; if ((EXT_IS_ACTIVE('html_mail')) && (strip_tags($message) != $message)) { $mail->Body = $message; $mail->AltBody = 'Your mail program required HTML support to read this mail!'; $mail->WordWrap = 70; $mail->IsHTML(true); } else { $mail->Body = decodeEntities($message); } $mail->AddAddress($toEmail, ''); $mail->AddReplyTo(constant('WEBMASTER'), constant('MAIN_TITLE')); $mail->AddCustomHeader('Errors-To:' . constant('WEBMASTER')); $mail->AddCustomHeader('X-Loop:' . constant('WEBMASTER')); $mail->Send(); } else { // Use legacy mail() command mail($toEmail, $subject, decodeEntities($message), $from); } } // Generate a password in a specified length or use default password length function generatePassword ($LEN = 0) { // Auto-fix invalid length of zero if ($LEN == 0) $LEN = getConfig('pass_len'); // Initialize array with all allowed chars $ABC = explode(',', 'a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9,-,+,_,/'); // Start creating password $PASS = ''; for ($i = 0; $i < $LEN; $i++) { $PASS .= $ABC[mt_rand(0, count($ABC) -1)]; } // END - for // When the size is below 40 we can also add additional security by scrambling // it. Otherwise we may corrupt hashes if (strlen($PASS) <= 40) { // Also scramble the password $PASS = scrambleString($PASS); } // END - if // Return the password return $PASS; } // Generates a human-readable timestamp from the Uni* stamp function generateDateTime ($time, $mode = '0') { // Filter out numbers $time = bigintval($time); // If the stamp is zero it mostly didn't "happen" if ($time == 0) { // Never happend return getMessage('NEVER_HAPPENED'); } // END - if switch (getLanguage()) { case 'de': // German date / time format switch ($mode) { case '0': $ret = date("d.m.Y \u\m H:i \U\h\\r", $time); break; case '1': $ret = strtolower(date("d.m.Y - H:i", $time)); break; case '2': $ret = date("d.m.Y|H:i", $time); break; case '3': $ret = date("d.m.Y", $time); break; default: DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); break; } break; default: // Default is the US date / time format! switch ($mode) { case '0': $ret = date("r", $time); break; case '1': $ret = date("Y-m-d - g:i A", $time); break; case '2': $ret = date("y-m-d|H:i", $time); break; case '3': $ret = date("y-m-d", $time); break; default: DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); break; } } return $ret; } // Translates Y/N to yes/no function translateYesNo ($yn) { // Default $translated = "??? (" . $yn.')'; switch ($yn) { case 'Y': $translated = getMessage('YES'); break; case 'N': $translated = getMessage('NO'); break; default: // Log unknown value DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown value %s. Expected Y/N!", $yn)); break; } // Return it return $translated; } // Translates the "pool type" into human-readable function translatePoolType ($type) { // Default?type is unknown $translated = sprintf(getMessage('POOL_TYPE_UNKNOWN'), $type); // Generate constant $constName = sprintf("POOL_TYPE_%s", $type); // Does it exist? if (defined($constName)) { // Then use it $translated = getMessage($constName); } // END - if // Return "translation" return $translated; } // Translates the american decimal dot into a german comma function translateComma ($dotted, $cut = true, $max = 0) { // Default is 3 you can change this in admin area "Misc -> Misc Options" if (!isConfigEntrySet('max_comma')) setConfigEntry('max_comma', '3'); // Use from config is default $maxComma = getConfig('max_comma'); // Use from parameter? if ($max > 0) $maxComma = $max; // Cut zeros off? if (($cut) && ($max == 0)) { // Test for commata if in cut-mode $com = explode('.', $dotted); if (count($com) < 2) { // Don't display commatas even if there are none... ;-) $maxComma = 0; } } // END - if // Debug log //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, "dotted={$dotted},maxComma={$maxComma}"); // Translate it now switch (getLanguage()) { case 'de': $dotted = number_format($dotted, $maxComma, ',', '.'); break; default: $dotted = number_format($dotted, $maxComma, '.', ','); break; } // Return translated value return $dotted; } // Translate Uni*-like gender to human-readable function translateGender ($gender) { // Default $ret = '!' . $gender . '!'; // Male/female or company? switch ($gender) { case 'M': $ret = getMessage('GENDER_M'); break; case 'F': $ret = getMessage('GENDER_F'); break; case 'C': $ret = getMessage('GENDER_C'); break; default: // Log unknown gender DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown gender %s detected.", $gender)); break; } // Return translated gender return $ret; } // "Translates" the user status function translateUserStatus ($status) { switch ($status) { case 'UNCONFIRMED': case 'CONFIRMED': case 'LOCKED': $ret = getMessage(sprintf("ACCOUNT_%s", $status)); break; case '': case null: $ret = getMessage('ACCOUNT_DELETED'); break; default: DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status)); $ret = sprintf(getMessage('UNKNOWN_STATUS'), $status); break; } // Return it return $ret; } // Generates an URL for the dereferer function DEREFERER ($URL) { // Don't de-refer our own links! if (substr($URL, 0, strlen(constant('URL'))) != constant('URL')) { // De-refer this link $URL = 'modules.php?module=loader&url=' . encodeString(compileUriCode($URL)); } // END - if // Return link return $URL; } // Generates an URL for the frametester function FRAMETESTER ($URL) { // Prepare frametester URL $frametesterUrl = sprintf("{!URL!}/modules.php?module=frametester&url=%s", encodeString(compileUriCode($URL)) ); return $frametesterUrl; } // Count entries from e.g. a selection box function countSelection ($array) { $ret = 0; if (is_array($array)) { foreach ($array as $key => $selected) { if (!empty($selected)) $ret++; } } return $ret; } // Generate XHTML code for the CAPTCHA function generateCaptchaCode ($code, $type, $DATA, $uid) { return ''; } // Loads an email template and compiles it function LOAD_EMAIL_TEMPLATE ($template, $content = array(), $UID = '0') { global $DATA, $_CONFIG; // Make sure all template names are lowercase! $template = strtolower($template); // Default 'nickname' if extension is not installed $nick = '---'; // Prepare IP number and User Agent $REMOTE_ADDR = detectRemoteAddr(); $HTTP_USER_AGENT = detectUserAgent(); // Default admin $ADMIN = constant('MAIN_TITLE'); // Is the admin logged in? if (IS_ADMIN()) { // Get admin id $aid = getCurrentAdminId(); // Load Admin data $ADMIN = getAdminEmail($aid); } // END - if // Neutral email address is default $email = constant('WEBMASTER'); // Expiration in a nice output format // NOTE: Use $content[expiration] in your templates instead of $EXPIRATION if (getConfig('auto_purge') == 0) { // Will never expire! $EXPIRATION = getMessage('MAIL_WILL_NEVER_EXPIRE'); } else { // Create nice date string $EXPIRATION = createFancyTime(getConfig('auto_purge')); } // Is content an array? if (is_array($content)) { // Add expiration to array, $EXPIRATION is now deprecated! $content['expiration'] = $EXPIRATION; } // END - if // Load user's data //* DEBUG: */ print __FUNCTION__."(".__LINE__."):UID={$UID},template={$template},content[]=".gettype($content)."
".print_r($content, true)."{--TEMPLATE_DATA--}
".print_r($DATA, true)."