<?php
/************************************************************************
- * MXChange v0.2.1 Start: 08/25/2003 *
- * =============== Last change: 11/29/2005 *
+ * Mailer v0.2.1-FINAL Start: 08/25/2003 *
+ * =================== Last change: 11/29/2005 *
* *
* -------------------------------------------------------------------- *
* File : functions.php *
clearOutputBuffer();
} // END - if
- // Send HTTP header
- sendHeader('HTTP/1.1 200');
-
- // Used later
- $now = gmdate('D, d M Y H:i:s') . ' GMT';
-
- // General headers for no caching
- sendHeader('Expired: ' . $now); // RFC2616 - Section 14.21
- sendHeader('Last-Modified: ' . $now);
- sendHeader('Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0'); // HTTP/1.1
- sendHeader('Pragma: no-cache'); // HTTP/1.0
- sendHeader('Connection: Close');
- sendHeader('Content-Type: ' . getContentType() . '; charset=UTF-8');
- sendHeader('Content-language: ' . getLanguage());
-
// Extension 'rewrite' installed?
if ((isExtensionActive('rewrite')) && (getOutputMode() != 1)) {
$GLOBALS['output'] = rewriteLinksInCode($GLOBALS['output']);
} // END - if
- // Init counter
- $cnt = '0';
-
// Compile and run finished rendered HTML code
- while (((strpos($GLOBALS['output'], '{--') > 0) || (strpos($GLOBALS['output'], '{!') > 0) || (strpos($GLOBALS['output'], '{?') > 0)) && ($cnt < 3)) {
- // Prepare the content and eval() it...
- $content = array();
- $newContent = '';
-
- // Compile it
- $eval = "\$newContent = \"".compileCode(smartAddSlashes($GLOBALS['output']))."\";";
- eval($eval);
-
- // Was that eval okay?
- if (empty($newContent)) {
- // Something went wrong!
- debug_report_bug('Evaluation error:<pre>' . linenumberCode($eval) . '</pre>');
- } // END - if
- $GLOBALS['output'] = $newContent;
+ compileFinalOutput();
- // Count round
- $cnt++;
- } // END - while
+ // Send all HTTP headers
+ sendHttpHeaders();
// Output code here, DO NOT REMOVE! ;-)
outputRawCode($GLOBALS['output']);
} // END - if
// Compile and run finished rendered HTML code
- while (strpos($GLOBALS['output'], '{!') > 0) {
- eval("\$GLOBALS['output'] = \"".compileCode(smartAddSlashes($GLOBALS['output']))."\";");
- } // END - while
+ compileFinalOutput();
+
+ // Send all HTTP headers
+ sendHttpHeaders();
// Output code here, DO NOT REMOVE! ;-)
outputRawCode($GLOBALS['output']);
}
}
+// Sends out all headers required for HTTP/1.1 reply
+function sendHttpHeaders () {
+ // Used later
+ $now = gmdate('D, d M Y H:i:s') . ' GMT';
+
+ // Send HTTP header
+ sendHeader('HTTP/1.1 200');
+
+ // General headers for no caching
+ sendHeader('Expired: ' . $now); // RFC2616 - Section 14.21
+ sendHeader('Last-Modified: ' . $now);
+ sendHeader('Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0'); // HTTP/1.1
+ sendHeader('Pragma: no-cache'); // HTTP/1.0
+ sendHeader('Connection: Close');
+ sendHeader('Content-Type: ' . getContentType() . '; charset=UTF-8');
+ sendHeader('Content-Language: ' . getLanguage());
+}
+
+// Compiles the final output
+function compileFinalOutput () {
+ // Init counter
+ $cnt = '0';
+
+ // Compile all out
+ while (((strpos($GLOBALS['output'], '{--') > 0) || (strpos($GLOBALS['output'], '{!') > 0) || (strpos($GLOBALS['output'], '{?') > 0)) && ($cnt < 3)) {
+ // Init common variables
+ $content = array();
+ $newContent = '';
+
+ // Compile it
+ $eval = "\$newContent = \"".compileCode(escapeQuotes($GLOBALS['output']))."\";";
+ eval($eval);
+
+ // Was that eval okay?
+ if (empty($newContent)) {
+ // Something went wrong!
+ debug_report_bug('Evaluation error:<pre>' . linenumberCode($eval) . '</pre>');
+ } // END - if
+ $GLOBALS['output'] = $newContent;
+
+ // Count round
+ $cnt++;
+ } // END - while
+
+ // Add final length
+ sendHeader('Content-Length: ' . strlen($GLOBALS['output']));
+}
+
// Output the raw HTML code
function outputRawCode ($htmlCode) {
// Output stripped HTML code to avoid broken JavaScript code, etc.
- print(stripslashes(stripslashes($htmlCode)));
+ print(str_replace('{BACK}', "\\", $htmlCode));
// Flush the output if only getPhpCaching() is not 'on'
if (getPhpCaching() != 'on') {
}
// Add a fatal error message to the queue array
-function addFatalMessage ($F, $L, $message, $extra='') {
+function addFatalMessage ($F, $L, $message, $extra = '') {
if (is_array($extra)) {
// Multiple extras for a message with masks
$message = call_user_func_array('sprintf', $extra);
// Log fatal messages away
debug_report_bug($message);
- logDebugMessage($F, $L, " message={$message}");
+ logDebugMessage($F, $L, 'Fatal error message: ' . $message);
}
// Getter for total fatal message count
}
// Load a template file and return it's content (only it's name; do not use ' or ")
-function loadTemplate ($template, $return=false, $content=array()) {
+function loadTemplate ($template, $return = false, $content = array()) {
// @TODO Remove this sanity-check if all is fine
if (!is_bool($return)) debug_report_bug('return is not bool (' . gettype($return) . ')');
// Make all template names lowercase
$template = strtolower($template);
- // Count the template load
- incrementConfigEntry('num_templates');
-
// Init some data
$ret = '';
if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = '0';
// Base directory
$basePath = sprintf("%stemplates/%s/html/", getConfig('PATH'), getLanguage());
- $mode = '';
-
- // Check for admin/guest/member templates
- if (substr($template, 0, 6) == 'admin_') {
- // Admin template found
- $mode = 'admin/';
- } elseif (substr($template, 0, 6) == 'guest_') {
- // Guest template found
- $mode = 'guest/';
- } elseif (substr($template, 0, 7) == 'member_') {
- // Member template found
- $mode = 'member/';
- } elseif (substr($template, 0, 8) == 'install_') {
- // Installation template found
- $mode = 'install/';
- } elseif (substr($template, 0, 4) == 'ext_') {
- // Extension template found
- $mode = 'ext/';
- } elseif (substr($template, 0, 3) == 'la_') {
- // 'Logical-area' template found
- $mode = 'la/';
- } elseif (substr($template, 0, 3) == 'js_') {
- // JavaScript template found
- $mode = 'js/';
- } elseif (substr($template, 0, 5) == 'menu_') {
- // Menu template found
- $mode = 'menu/';
- } else {
- // Test for extension
- $test = substr($template, 0, strpos($template, '_'));
-
- // Probe for valid extension name
- if (isExtensionNameValid($test)) {
- // Set extra path to extension's name
- $mode = $test . '/';
- } // END - if
- }
+ $extraPath = detectExtraTemplatePath($template);;
////////////////////////
// Generate file name //
////////////////////////
- $FQFN = $basePath . $mode . $template . '.tpl';
-
- if ((isWhatSet()) && ((strpos($template, '_header') > 0) || (strpos($template, '_footer') > 0)) && (($mode == 'guest/') || ($mode == 'member/') || ($mode == 'admin/'))) {
- // Select what depended header/footer template file for admin/guest/member area
- $file2 = sprintf("%s%s%s_%s.tpl",
- $basePath,
- $mode,
- $template,
- getWhat()
- );
-
- // Probe for it...
- if (isFileReadable($file2)) $FQFN = $file2;
-
- // Remove variable from memory
- unset($file2);
- } // END - if
+ $FQFN = $basePath . $extraPath . $template . '.tpl';
// Does the special template exists?
if (!isFileReadable($FQFN)) {
// Now does the final template exists?
if (isFileReadable($FQFN)) {
+ // Count the template load
+ incrementConfigEntry('num_templates');
+
// The local file does exists so we load it. :)
$GLOBALS['tpl_content'] = readFromFile($FQFN);
- // Replace ' to our own chars to preventing them being quoted
- while (strpos($GLOBALS['tpl_content'], "'") !== false) { $GLOBALS['tpl_content'] = str_replace("'", '{QUOT}', $GLOBALS['tpl_content']); }
-
// Do we have to compile the code?
$ret = '';
if ((strpos($GLOBALS['tpl_content'], '$') !== false) || (strpos($GLOBALS['tpl_content'], '{--') !== false) || (strpos($GLOBALS['tpl_content'], '{!') !== false) || (strpos($GLOBALS['tpl_content'], '{?') !== false)) {
// Normal HTML output?
if (getOutputMode() == '0') {
// Add surrounding HTML comments to help finding bugs faster
- $ret = "<!-- Template " . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . "<!-- Template " . $template . " - End -->\n";
+ $ret = '<!-- Template ' . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . '<!-- Template ' . $template . " - End -->\n";
// Prepare eval() command
- $eval = '$ret = "' . compileCode(smartAddSlashes($ret)) . '";';
+ $eval = '$ret = "' . compileCode(escapeQuotes($ret)) . '";';
} elseif (substr($template, 0, 3) == 'js_') {
- // JavaScripts don't like entities
- $eval = '$ret = decodeEntities("' . compileCode(smartAddSlashes($GLOBALS['tpl_content'])) . '");';
+ // JavaScripts don't like entities and timings
+ $eval = '$ret = decodeEntities("' . compileRawCode(escapeJavaScriptQuotes($GLOBALS['tpl_content'])) . '");';
} else {
- // Prepare eval() command
- $eval = '$ret = "' . compileCode(smartAddSlashes($GLOBALS['tpl_content'])) . '";';
+ // Prepare eval() command, other output doesn't like entities, maybe
+ $eval = '$ret = decodeEntities("' . compileRawCode(escapeQuotes($GLOBALS['tpl_content'])) . '");';
}
} else {
// Add surrounding HTML comments to help finding bugs faster
- $ret = "<!-- Template " . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . "<!-- Template " . $template . " - End -->\n";
- $eval = '$ret = "' . smartAddSlashes($ret) . '";';
+ $ret = '<!-- Template ' . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . '<!-- Template ' . $template . " - End -->\n";
+ $eval = '$ret = "' . escapeQuotes($ret) . '";';
} // END - if
// Cache the eval() command here
eval($GLOBALS['template_eval'][$template]);
} elseif ((isAdmin()) || ((isInstalling()) && (!isInstalled()))) {
// Only admins shall see this warning or when installation mode is active
- $ret = '<br /><span class=\\"guest_failed\\">{--TEMPLATE_404--}</span><br />
+ $ret = '<br /><span class="guest_failed">{--TEMPLATE_404--}</span><br />
(' . $template . ')<br />
<br />
{--TEMPLATE_CONTENT--}
}
}
+// Detects the extra template path from given template name
+function detectExtraTemplatePath ($template) {
+ // Default is empty
+ $extraPath = '';
+
+ // Do we have cache?
+ if (!isset($GLOBALS['extra_path'][$template])) {
+ // Check for admin/guest/member/etc. templates
+ if (substr($template, 0, 6) == 'admin_') {
+ // Admin template found
+ $extraPath = 'admin/';
+ } elseif (substr($template, 0, 6) == 'guest_') {
+ // Guest template found
+ $extraPath = 'guest/';
+ } elseif (substr($template, 0, 7) == 'member_') {
+ // Member template found
+ $extraPath = 'member/';
+ } elseif (substr($template, 0, 7) == 'select_') {
+ // Selection template found
+ $extraPath = 'select/';
+ } elseif (substr($template, 0, 8) == 'install_') {
+ // Installation template found
+ $extraPath = 'install/';
+ } elseif (substr($template, 0, 4) == 'ext_') {
+ // Extension template found
+ $extraPath = 'ext/';
+ } elseif (substr($template, 0, 3) == 'la_') {
+ // 'Logical-area' template found
+ $extraPath = 'la/';
+ } elseif (substr($template, 0, 3) == 'js_') {
+ // JavaScript template found
+ $extraPath = 'js/';
+ } elseif (substr($template, 0, 5) == 'menu_') {
+ // Menu template found
+ $extraPath = 'menu/';
+ } else {
+ // Test for extension
+ $test = substr($template, 0, strpos($template, '_'));
+
+ // Probe for valid extension name
+ if (isExtensionNameValid($test)) {
+ // Set extra path to extension's name
+ $extraPath = $test . '/';
+ } // END - if
+ }
+
+ // Store it in cache
+ $GLOBALS['extra_path'][$template] = $extraPath;
+ } // END - if
+
+ // Return result
+ return $GLOBALS['extra_path'][$template];
+}
+
// Loads an email template and compiles it
function loadEmailTemplate ($template, $content = array(), $UID = '0') {
global $DATA;
//* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):UID={$UID},template={$template},content[]=".gettype($content).'<br />');
if (($UID > 0) && (is_array($content))) {
// If nickname extension is installed, fetch nickname as well
- if (isNicknameUsed($UID)) {
+ if ((isExtensionActive('nickname')) && (isNicknameUsed($UID))) {
//* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):NICKNAME!<br />");
// Load by nickname
fetchUserData($UID, 'nickname');
if (isset($content['email'])) $email = $content['email'];
// Store email for some functions in global data array
+ // @TODO Do only use $contentn, not $DATA or raw variables
$DATA['email'] = $email;
// Base directory
$basePath = sprintf("%stemplates/%s/emails/", getConfig('PATH'), getLanguage());
- // Check for admin/guest/member templates
- if (substr($template, 0, 6) == 'admin_') {
- // Admin template found
- $FQFN = $basePath.'admin/' . $template.'.tpl';
- } elseif (substr($template, 0, 6) == 'guest_') {
- // Guest template found
- $FQFN = $basePath.'guest/' . $template.'.tpl';
- } elseif (substr($template, 0, 7) == 'member_') {
- // Member template found
- $FQFN = $basePath.'member/' . $template.'.tpl';
- } else {
- // Test for extension
- $test = substr($template, 0, strpos($template, '_'));
- if (isExtensionNameValid($test)) {
- // Set extra path to extension's name
- $FQFN = $basePath . $test.'/' . $template.'.tpl';
- } else {
- // No special filename
- $FQFN = $basePath . $template.'.tpl';
- }
- }
+ // Detect extra path
+ $extraPath = detectExtraTemplatePath($template);
+
+ // Generate full FQFN
+ $FQFN = $basePath . $extraPath . $template . '.tpl';
// Does the special template exists?
if (!isFileReadable($FQFN)) {
// Reset to default template
- $FQFN = $basePath . $template.'.tpl';
+ $FQFN = $basePath . $template . '.tpl';
} // END - if
// Now does the final template exists?
$GLOBALS['tpl_content'] = readFromFile($FQFN);
// Run code
- $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileCode(smartAddSlashes($GLOBALS['tpl_content']))."\");";
+ $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileRawCode(escapeQuotes($GLOBALS['tpl_content']))."\");";
eval($GLOBALS['tpl_content']);
} elseif (!empty($template)) {
// Template file not found!
- $newContent = "{--TEMPLATE_404--}: " . $template."<br />
+ $newContent = '{--TEMPLATE_404--}: ' . $template . '<br />
{--TEMPLATE_CONTENT--}
-<pre>".print_r($content, true)."</pre>
+<pre>' . print_r($content, true) . '</pre>
{--TEMPLATE_DATA--}
-<pre>".print_r($DATA, true)."</pre>
-<br /><br />";
+<pre>' . print_r($DATA, true) . '</pre>
+<br /><br />';
// Debug mode not active? Then remove the HTML tags
if (!isDebugModeEnabled()) $newContent = secureString($newContent);
if (empty($newContent)) {
// Compiling failed
$newContent = "Compiler error for template {$template}!\nUncompiled content:\n" . $GLOBALS['tpl_content'];
+
// Add last error if the required function exists
if (function_exists('error_get_last')) $newContent .= "\n--------------------------------------\nDebug:\n".print_r(error_get_last(), true)."--------------------------------------\nPlease don't alter these informations!\nThanx.";
} // END - if
unset($content);
unset($DATA);
- // Compile the code and eval it
- $eval = '$newContent = "' . compileRawCode(smartAddSlashes($newContent)) . '";';
- eval($eval);
-
// Return content
return $newContent;
}
//* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):TO={$toEmail},SUBJECT={$subject}<br />");
// Compile subject line (for POINTS constant etc.)
- eval("\$subject = decodeEntities(\"".compileRawCode(smartAddSlashes($subject))."\");");
+ eval("\$subject = decodeEntities(\"".compileRawCode(escapeQuotes($subject))."\");");
// Set from header
if ((!eregi('@', $toEmail)) && ($toEmail > 0)) {
}
// Compile "TO"
- eval("\$toEmail = \"".compileRawCode(smartAddSlashes($toEmail))."\";");
+ eval("\$toEmail = \"".compileRawCode(escapeQuotes($toEmail))."\";");
// Compile "MSG"
- eval("\$message = \"".compileRawCode(smartAddSlashes($message))."\";");
+ eval("\$message = \"".compileRawCode(escapeQuotes($message))."\";");
// Fix HTML parameter (default is no!)
if (empty($isHtml)) $isHtml = 'N';
if (isDebugModeEnabled()) {
// In debug mode we want to display the mail instead of sending it away so we can debug this part
outputHtml('<pre>
-Headers : ' . str_replace('<', '<', str_replace('>', '>', htmlentities(trim($mailHeader)))) . '
+Headers : ' . str_replace('<', '<', str_replace('>', '>', secureString(trim($mailHeader)))) . '
To : ' . $toEmail . '
Subject : ' . $subject . '
Message : ' . $message . '
}
}
-// Check if legacy or PHPMailer command
+// Check to use wether legacy mail() command or PHPMailer class
// @TODO Rewrite this to an extension 'smtp'
// @private
function checkPhpMailerUsage() {
// Send out a raw email with PHPMailer class or legacy mail() command
function sendRawEmail ($toEmail, $subject, $message, $from) {
+ // Just compile all again, to put out all configs, etc.
+ eval('$toEmail = decodeEntities("' . compileRawCode(escapeQuotes($toEmail)) . '");');
+ eval('$subject = decodeEntities("' . compileRawCode(escapeQuotes($subject)) . '");');
+ eval('$message = decodeEntities("' . compileRawCode(escapeQuotes($message)) . '");');
+ eval('$from = decodeEntities("' . compileRawCode(escapeQuotes($from)) . '");');
+
// Shall we use PHPMailer class or legacy mode?
if (checkPhpMailerUsage()) {
// Use PHPMailer class with SMTP enabled
switch (getLanguage()) {
case 'de': // German date / time format
switch ($mode) {
- case 0: $ret = date("d.m.Y \u\m H:i \U\h\\r", $time); break;
- case 1: $ret = strtolower(date('d.m.Y - H:i', $time)); break;
- case 2: $ret = date('d.m.Y|H:i', $time); break;
- case 3: $ret = date('d.m.Y', $time); break;
+ case '0': $ret = date("d.m.Y \u\m H:i \U\h\\r", $time); break;
+ case '1': $ret = strtolower(date('d.m.Y - H:i', $time)); break;
+ case '2': $ret = date('d.m.Y|H:i', $time); break;
+ case '3': $ret = date('d.m.Y', $time); break;
default:
logDebugMessage(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode));
break;
default: // Default is the US date / time format!
switch ($mode) {
- case 0: $ret = date('r', $time); break;
- case 1: $ret = date('Y-m-d - g:i A', $time); break;
- case 2: $ret = date('y-m-d|H:i', $time); break;
- case 3: $ret = date('y-m-d', $time); break;
+ case '0': $ret = date('r', $time); break;
+ case '1': $ret = date('Y-m-d - g:i A', $time); break;
+ case '2': $ret = date('y-m-d|H:i', $time); break;
+ case '3': $ret = date('y-m-d', $time); break;
default:
logDebugMessage(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode));
break;
// Output new location link as anchor
outputHtml('<a href="' . $URL . '"' . $rel . '>' . $URL . '</a>');
} elseif (!headers_sent()) {
- // Load URL when headers are not sent
//* DEBUG: */ debug_report_bug("URL={$URL}");
+ // Clear own output buffer
+ $GLOBALS['output'] = '';
+
+ // Load URL when headers are not sent
sendHeader('Location: '.str_replace('&', '&', $URL));
} else {
// Output error message
} // END - if
// Start couting
- $startCompile = explode(' ', microtime());
+ $startCompile = microtime(true);
// Comile the code
$code = compileRawCode($code, $simple, $constants, $full);
// Get timing
- $compiled = explode(' ', microtime());
+ $compiled = microtime(true);
// Add timing
- $code .= '<!-- Compilation time: ' . ((($compiled[1] + $compiled[0]) - ($startCompile[1] + $startCompile[0])) * 1000). 'ms //-->';
+ $code .= '<!-- Compilation time: ' . (($compiled - $startCompile) * 1000). 'ms //-->';
// Return compiled code
return $code;
}
// Compiles the code (use compileCode() only for HTML because of the comments)
+// @TODO $simple is deprecated
function compileRawCode ($code, $simple = false, $constants = true, $full = true) {
// Is the code a string?
if (!is_string($code)) {
return $code;
} // END - if
- // Init replacement-array with full security characters
- $secChars = $GLOBALS['security_chars'];
+ // Init replacement-array with smaller set of security characters
+ $secChars = $GLOBALS['url_chars'];
- // Select smaller set of chars to replace when we e.g. want to compile URLs
- if ($full === false) $secChars = $GLOBALS['url_chars'];
+ // Select full set of chars to replace when we e.g. want to compile URLs
+ if ($full === true) $secChars = $GLOBALS['security_chars'];
// Compile more through a filter
$code = runFilterChain('compile_code', $code);
$code = str_replace($to, $secChars['from'][$k], $code);
} // END - foreach
- // But shall I keep simple quotes for later use?
- if ($simple) $code = str_replace("'", '{QUOT}', $code);
-
// Find $content[bla][blub] entries
+ // @TODO Do only use $content and deprecate $GLOBALS and $DATA in templates
preg_match_all('/\$(content|GLOBALS|DATA)((\[([a-zA-Z0-9-_]+)\])*)/', $code, $matches);
// Are some matches found?
// Replace it in the code
//* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):key={$key},match={$match}<br />");
$newMatch = str_replace('[', "['", str_replace(']', "']", $match));
- $code = str_replace($match, "\"." . $newMatch.".\"", $code);
+ $code = str_replace($match, '".' . $newMatch . '."', $code);
$matchesFound[$key . '_' . $matches[4][$key]] = 1;
$matchesFound[$match] = 1;
} elseif (!isset($matchesFound[$match])) {
// Not yet replaced!
//* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):match={$match}<br />");
- $code = str_replace($match, "\"." . $match.".\"", $code);
+ $code = str_replace($match, '".' . $match . '."', $code);
$matchesFound[$match] = 1;
}
} // END - foreach
} else {
// Generate table
$OUT = "<div align=\"" . $align."\">\n";
- $OUT .= "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_table dashed\">\n";
+ $OUT .= "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"timebox_table dashed\">\n";
$OUT .= "<tr>\n";
if (ereg('Y', $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_YEARS--}</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom\"><div class=\"tiny\">{--_YEARS--}</strong></td>\n";
}
if (ereg('M', $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_MONTHS--}</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom\"><div class=\"tiny\">{--_MONTHS--}</strong></td>\n";
}
- if (ereg("W", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_WEEKS--}</strong></td>\n";
+ if (ereg('W', $display) || (empty($display))) {
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom\"><div class=\"tiny\">{--_WEEKS--}</strong></td>\n";
}
- if (ereg("D", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_DAYS--}</strong></td>\n";
+ if (ereg('D', $display) || (empty($display))) {
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom\"><div class=\"tiny\">{--_DAYS--}</strong></td>\n";
}
- if (ereg("h", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_HOURS--}</strong></td>\n";
+ if (ereg('h', $display) || (empty($display))) {
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom\"><div class=\"tiny\">{--_HOURS--}</strong></td>\n";
}
if (ereg('m', $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_MINUTES--}</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom\"><div class=\"tiny\">{--_MINUTES--}</strong></td>\n";
}
- if (ereg("s", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_SECONDS--}</strong></td>\n";
+ if (ereg('s', $display) || (empty($display))) {
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom\"><div class=\"tiny\">{--_SECONDS--}</strong></td>\n";
}
$OUT .= "</tr>\n";
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_ye\" value=\"0\" />\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_ye\" value=\"0\" />\n";
}
if (ereg('M', $display) || (empty($display))) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_mo\" value=\"0\" />\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_mo\" value=\"0\" />\n";
}
- if (ereg("W", $display) || (empty($display))) {
+ if (ereg('W', $display) || (empty($display))) {
// Generate week selection
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"" . $prefix."_we\" size=\"1\">\n";
for ($idx = '0'; $idx <= 4; $idx++) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_we\" value=\"0\" />\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_we\" value=\"0\" />\n";
}
- if (ereg("D", $display) || (empty($display))) {
+ if (ereg('D', $display) || (empty($display))) {
// Generate day selection
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"" . $prefix."_da\" size=\"1\">\n";
for ($idx = '0'; $idx <= 31; $idx++) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_da\" value=\"0\">\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_da\" value=\"0\" />\n";
}
- if (ereg("h", $display) || (empty($display))) {
+ if (ereg('h', $display) || (empty($display))) {
// Generate hour selection
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"" . $prefix."_ho\" size=\"1\">\n";
for ($idx = '0'; $idx <= 23; $idx++) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_ho\" value=\"0\">\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_ho\" value=\"0\" />\n";
}
if (ereg('m', $display) || (empty($display))) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_mi\" value=\"0\">\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_mi\" value=\"0\" />\n";
}
- if (ereg("s", $display) || (empty($display))) {
+ if (ereg('s', $display) || (empty($display))) {
// Generate second selection
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"" . $prefix."_se\" size=\"1\">\n";
for ($idx = '0'; $idx <= 59; $idx++) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_se\" value=\"0\">\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_se\" value=\"0\" />\n";
}
$OUT .= "</tr>\n";
$OUT .= "</table>\n";
function addEmailNavigation ($PAGES, $offset, $show_form, $colspan, $return=false) {
$SEP = ''; $TOP = '';
if ($show_form === false) {
- $TOP = " top2";
+ $TOP = " top";
$SEP = "<tr><td colspan=\"" . $colspan."\" class=\"seperator\"> </td></tr>";
}
if (substr(strtolower($script), 0, 7) == 'http://') {
// But only if http:// is in front!
$script = substr($script, (strlen($url) + 7));
- } elseif (substr(strtolower($script), 0, 8) == "https://") {
+ } elseif (substr(strtolower($script), 0, 8) == 'https://') {
// Does this work?!
$script = substr($script, (strlen($url) + 8));
}
if ((isGetRequestElementSet('theme')) && (isFileReadable($theme))) {
// Set cookie from URL data
setTheme(getRequestElement('theme'));
- } elseif (isFileReadable(sprintf("%stheme/%s/theme.php", getConfig('PATH'), SQL_ESCAPE(postRequestElement('theme'))))) {
+ } elseif (isFileReadable(sprintf("%stheme/%s/theme.php", getConfig('PATH'), secureString(postRequestElement('theme'))))) {
// Set cookie from posted data
- setTheme(SQL_ESCAPE(postRequestElement('theme')));
+ setTheme(secureString(postRequestElement('theme')));
}
// Set return value
// Count up
incrementStatsEntry('cache_hits');
- } elseif (getExtensionVersion('cache') != '0.1.8') {
+ } elseif (isExtensionInstalledAndNewer('cache', '0.1.8')) {
// Check if current theme is already imported or not
$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_themes` WHERE `theme_path`='%s' LIMIT 1",
array($name), __FUNCTION__, __LINE__);
$new = true;
} else {
// Generate fake cache entry
- foreach ($mapper as $map=>$idx) {
+ foreach ($mapper as $map => $idx) {
$GLOBALS['cache_array']['revision'][$map][0] = $ins_vers[$idx];
} // END - foreach
} // END - if
// Add output
- $debug .= "Please report this bug at <a title=\"Direct link to the bug-tracker\" href=\"http://bugs.mxchange.org\" rel=\"external\" target=\"_blank\">bugs.mxchange.org</a> and include the logfile from <strong>" . getConfig('CACHE_PATH') . "debug.log</strong> in your report (you can now attach files):<pre>";
+ $debug .= "Please report this bug at <a title=\"Direct link to the bug-tracker\" href=\"http://bugs.mxchange.org\" rel=\"external\" target=\"_blank\">bugs.mxchange.org</a> and include the logfile from <strong>" . str_replace(getConfig('PATH'), '', getConfig('CACHE_PATH')) . "debug.log</strong> in your report (you can now attach files):<pre>";
$debug .= debug_get_printable_backtrace();
$debug .= "</pre>\nRequest-URI: " . getRequestUri()."<br />\n";
$debug .= "Thank you for finding bugs.";
die($debug);
}
-// Generates a ***weak*** seed (taken from de.php.net/mt_srand)
+// Generates a ***weak*** seed
function generateSeed () {
- list($usec, $sec) = explode(' ', microtime());
- $microTime = (((float)$sec + (float)$usec)) * 100000;
- return $microTime;
+ return microtime(true) * 100000;
}
// Converts a message code to a human-readable message
} elseif ((isSessionVariableSet('refid')) && (getSession('refid') != 0)) {
// Set session refid als global
$GLOBALS['refid'] = bigintval(getSession('refid'));
- } elseif ((isExtensionInstalledAndNewer('user', '0.3.4')) && (getConfig('select_user_zero_refid')) == 'Y') {
+ } elseif ((isExtensionInstalledAndNewer('user', '0.3.4')) && (getConfig('select_user_zero_refid') == 'Y')) {
// Select a random user which has confirmed enougth mails
$GLOBALS['refid'] = determineRandomReferalId();
} elseif ((isExtensionInstalled('sql_patches')) && (getConfig('def_refid') > 0)) {
// Default is not found
$found = false;
- // Set current userid here if no member
- if (!isMember()) setCurrentUserId($GLOBALS['refid']);
-
// Do we have nickname or userid set?
- if (isNicknameUsed($GLOBALS['refid'])) {
+ if ((isExtensionActive('nickname')) && (isNicknameUsed($GLOBALS['refid']))) {
// Nickname in URL, so load the id
$found = fetchUserData($GLOBALS['refid'], 'nickname');
} elseif ($GLOBALS['refid'] > 0) {
}
// Is the record valid?
- if (($found === false) || (!isUserDataValid())) {
+ if ((($found === false) || (!isUserDataValid())) && (isConfigEntrySet('def_refid'))) {
// No, then reset referal id
$GLOBALS['refid'] = getConfig('def_refid');
} // END - if
$mode = '';
if (getModule() == 'login') $mode = 'member';
elseif (getModule() == 'index') $mode = 'guest';
- if ((!empty($mode)) && (getConfig('enable_what_title') == 'Y')) $TITLE .= " ".trim(getConfig('title_middle'))." ".getModuleDescription($mode, getWhat());
+ if ((!empty($mode)) && (getConfig('enable_what_title') == 'Y')) $TITLE .= ' ' . trim(getConfig('title_middle')) . ' ' . getTitleFromMenu($mode, getWhat());
// Add title decorations? (right)
- if ((getConfig('enable_title_deco') == 'Y') && (getConfig('title_right') != '')) $TITLE .= " ".trim(getConfig('title_right'));
+ if ((getConfig('enable_title_deco') == 'Y') && (getConfig('title_right') != '')) $TITLE .= ' ' . trim(getConfig('title_right'));
// Remember title in constant for the template
$pageTitle = $TITLE;
// Flushes non-flushed template cache to disk
function flushTemplateCache ($template, $eval) {
// Is this cache flushed?
- if ((!isTemplateCached($template)) && ($eval != '404')) {
+ if ((isDebuggingTemplateCache() === false) && (isTemplateCached($template) === false) && ($eval != '404')) {
// Generate FQFN
$FQFN = sprintf("%s_compiled/templates/%s.tpl.cache", getConfig('CACHE_PATH'), $template);
// Reads a template cache
function readTemplateCache ($template) {
// Check it again
- if (isTemplateCached($template)) {
+ if ((isDebuggingTemplateCache() === false) && (isTemplateCached($template))) {
// Generate FQFN
$FQFN = sprintf("%s_compiled/templates/%s.tpl.cache", getConfig('CACHE_PATH'), $template);
return $GLOBALS['template_eval'][$template];
}
+// Escapes quotes (default is only double-quotes)
+function escapeQuotes ($str, $single = false) {
+ // Should we escape all?
+ if ($single === true) {
+ // Escape all (including null)
+ $str = addslashes($str);
+ } else {
+ // Escape only double-quotes but prevent double-quoting
+ $str = str_replace("\\\\", "\\", str_replace('"', "\\\"", $str));
+ }
+
+ // Return the escaped string
+ return $str;
+}
+
+// Escapes the JavaScript code, prevents \r and \n becoming char 10/13
+function escapeJavaScriptQuotes ($str) {
+ // Replace all double-quotes and secure back-ticks
+ $str = str_replace('"', '\"', str_replace("\\", '{BACK}', $str));
+
+ // Return it
+ return $str;
+}
+
+// Send out mails depending on the 'mod/modes' combination
+// @TODO Lame description for this function
+function sendModeMails ($mod, $modes) {
+ // Load hash
+ if (fetchUserData(getMemberId())) {
+ // Extract salt from cookie
+ $salt = substr(getSession('u_hash'), 0, -40);
+
+ // Now let's compare passwords
+ $hash = generatePassString(getUserData('password'));
+
+ // Does the hash match or should we change it?
+ if (($hash == getSession('u_hash')) || (postRequestElement('pass1') == postRequestElement('pass2'))) {
+ // Load the data
+ $content = getUserDataArray();
+
+ // Translate gender
+ $content['gender'] = translateGender($content['gender']);
+
+ // Clear/init the content variable
+ $content['message'] = '';
+
+ // Which mail?
+ // @TODO Move this in a filter
+ switch ($mod) {
+ case 'mydata':
+ foreach ($modes as $mode) {
+ switch ($mode) {
+ case 'normal': break; // Do not add any special lines
+ case 'email': // Email was changed!
+ $content['message'] = getMessage('MEMBER_CHANGED_EMAIL').": ".postRequestElement('old_email')."\n";
+ break;
+
+ case 'pass': // Password was changed
+ $content['message'] = getMessage('MEMBER_CHANGED_PASS')."\n";
+ break;
+
+ default:
+ logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown mode %s detected.", $mode));
+ $content['message'] = getMessage('MEMBER_UNKNOWN_MODE') . ': ' . $mode . "\n\n";
+ break;
+ } // END - switch
+ } // END - foreach
+
+ if (isExtensionActive('country')) {
+ // Replace code with description
+ $content['country'] = generateCountryInfo(postRequestElement('country_code'));
+ } // END - if
+
+ // Merge content with data from POST
+ $content = merge_array($content, postRequestArray());
+
+ // Load template
+ $message = loadEmailTemplate('member_mydata_notify', $content, getMemberId());
+
+ if (getConfig('admin_notify') == 'Y') {
+ // The admin needs to be notified about a profile change
+ $message_admin = 'admin_mydata_notify';
+ $sub_adm = getMessage('ADMIN_CHANGED_DATA');
+ } else {
+ // No mail to admin
+ $message_admin = '';
+ $sub_adm = '';
+ }
+
+ // Set subject lines
+ $sub_mem = getMessage('MEMBER_CHANGED_DATA');
+
+ // Output success message
+ $content = "<span class=\"member_done\">{--MYDATA_MAIL_SENT--}</span>";
+ break;
+
+ default: // Unsupported module!
+ logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unsupported module %s detected.", $mod));
+ $content = "<span class=\"member_failed\">{--UNKNOWN_MODULE--}</span>";
+ break;
+ } // END - switch
+ } else {
+ // Passwords mismatch
+ $content = "<span class=\"member_failed\">{--MEMBER_PASSWORD_ERROR--}</span>";
+ }
+ } else {
+ // Could not load profile
+ $content = "<span class=\"member_failed\">{--MEMBER_CANNOT_LOAD_PROFILE--}</span>";
+ }
+
+ // Send email to user if required
+ if ((!empty($sub_mem)) && (!empty($message))) {
+ // Send member mail
+ sendEmail($content['email'], $sub_mem, $message);
+ } // END - if
+
+ // Send only if no other error has occured
+ if (empty($content)) {
+ if ((!empty($sub_adm)) && (!empty($message_admin))) {
+ // Send admin mail
+ sendAdminNotification($sub_adm, $message_admin, $content, getMemberId());
+ } elseif (getConfig('admin_notify') == 'Y') {
+ // Cannot send mails to admin!
+ $content = getMessage('CANNOT_SEND_ADMIN_MAILS');
+ } else {
+ // No mail to admin
+ $content = "<span class=\"member_done\">{--MYDATA_MAIL_SENT--}</span>";
+ }
+ } // END - if
+
+ // Load template
+ loadTemplate('admin_settings_saved', false, $content);
+}
+
+// Generates a 'selection box' from given array
+function generateSelectionBoxFromArray ($options, $name, $optionValue, $optionContent) {
+ // Start the output
+ $OUT = '<select name="' . $name . '" size="1" class="admin_select">
+<option value="X" disabled="disabled">{--PLEASE_SELECT--}</option>';
+
+ // Walk through all options
+ foreach ($options as $option) {
+ // Add the <option> entry
+ $OUT .= '<option value="' . $option[$optionValue] . '">' . $option[$optionContent] . '</option>';
+ } // END - foreach
+
+ // Finish selection box
+ $OUT .= '</select>';
+
+ // Prepare output
+ $content = array(
+ 'selection_box' => $OUT,
+ 'module' => getModule(),
+ 'what' => getWhat()
+ );
+
+ // Load template and return it
+ return loadTemplate('select_' . $name . '_box', true, $content);
+}
+
+// Get a module from filename and access level
+function getModuleFromFileName ($file, $accessLevel) {
+ // Default is 'invalid';
+ $modCheck = 'invalid';
+
+ // @TODO This is still very static, rewrite it somehow
+ switch ($accessLevel) {
+ case 'admin':
+ $modCheck = 'admin';
+ break;
+
+ case 'sponsor':
+ case 'guest':
+ case 'member':
+ $modCheck = getModule();
+ break;
+
+ default: // Unsupported file name / access level
+ debug_report_bug('Unsupported file name=' . basename($file) . '/access level=' . $accessLevel);
+ break;
+ }
+
+ // Return result
+ return $modCheck;
+}
+
//////////////////////////////////////////////////
// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
//////////////////////////////////////////////////
if (!function_exists('http_build_query')) {
// Taken from documentation on www.php.net, credits to Marco K. (Germany)
- function http_build_query($data, $prefix='', $sep='', $key='') {
+ function http_build_query($data, $prefix = '', $sep = '', $key = '') {
$ret = array();
foreach ((array)$data as $k => $v) {
if (is_int($k) && $prefix != null) {
return implode($sep, $ret);
}
-}// // END - if
+} // END - if
// [EOF]
?>