} // END - if
// Load user's data
- //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):UID={$UID},template={$template},content[]=".gettype($content)."<br />");
+ //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):UID={$UID},template={$template},content[]=".gettype($content).'<br />');
if (($UID > 0) && (is_array($content))) {
// If nickname extension is installed, fetch nickname as well
if (isExtensionActive('nickname')) {
if (isFileReadable($FQFN)) {
// The local file does exists so we load it. :)
$GLOBALS['tpl_content'] = readFromFile($FQFN);
- $GLOBALS['tpl_content'] = SQL_ESCAPE($GLOBALS['tpl_content']);
// Run code
- $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileCode($GLOBALS['tpl_content'])."\");";
+ $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileCode(smartAddSlashes($GLOBALS['tpl_content']))."\");";
eval($GLOBALS['tpl_content']);
} elseif (!empty($template)) {
// Template file not found!
// Load email address
$result_email = SQL_QUERY_ESC("SELECT `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
array(bigintval($toEmail)), __FUNCTION__, __LINE__);
- //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):numRows=".SQL_NUMROWS($result_email)."<br />");
+ //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):numRows=".SQL_NUMROWS($result_email).'<br />');
// Does the user exist?
if (SQL_NUMROWS($result_email)) {
// Free result
SQL_FREERESULT($result_email);
}
- } elseif ($toEmail == 0) {
+ } elseif ($toEmail == '0') {
// Is the webmaster!
$toEmail = getConfig('WEBMASTER');
}
if (empty($isHtml)) $isHtml = 'N';
if (isDebugModeEnabled()) {
// In debug mode we want to display the mail instead of sending it away so we can debug this part
- outputHtml("<pre>
-".htmlentities(trim($mailHeader))."
-To : " . $toEmail."
-Subject : " . $subject."
-Message : " . $message."
-</pre>\n");
+ outputHtml('<pre>
+Headers : ' . str_replace('<', '<', str_replace('>', '>', htmlentities(trim($mailHeader)))) . '
+To : ' . $toEmail . '
+Subject : ' . $subject . '
+Message : ' . $message . '
+</pre>');
} elseif (($isHtml == 'Y') && (isExtensionActive('html_mail'))) {
// Send mail as HTML away
sendHtmlEmail($toEmail, $subject, $message, $mailHeader);
// Calculate number for generating the code
$a = $code + getConfig('_ADD') - 1;
- if (isConfigEntrySet('master_hash')) {
+ if (isConfigEntrySet('master_salt')) {
// Generate hash with master salt from modula of number with the prime number and other data
$saltedHash = generateHash(($a % getConfig('_PRIME')) . getConfig('ENCRYPT_SEPERATOR') . $server . getConfig('ENCRYPT_SEPERATOR') . $keys . getConfig('ENCRYPT_SEPERATOR') . $data . getConfig('ENCRYPT_SEPERATOR') . getConfig('DATE_KEY') . getConfig('ENCRYPT_SEPERATOR') . $a, getConfig('master_salt'));
$rcode = hexdec(substr($saltedHash, strlen(getConfig('master_salt')), 9)) / abs(getConfig('rand_no') - $a + sqrt(getConfig('_ADD'))) / pi();
} else {
// Generate hash with "hash of site key" from modula of number with the prime number and other data
- $saltedHash = generateHash(($a % getConfig('_PRIME')) . getConfig('ENCRYPT_SEPERATOR') . $server . getConfig('ENCRYPT_SEPERATOR') . $keys . getConfig('ENCRYPT_SEPERATOR') . $data . getConfig('ENCRYPT_SEPERATOR') . getConfig('DATE_KEY') . getConfig('ENCRYPT_SEPERATOR') . $a, substr(sha1(getConfig('SITE_KEY')), 0, 8));
+ $saltedHash = generateHash(($a % getConfig('_PRIME')) . getConfig('ENCRYPT_SEPERATOR') . $server . getConfig('ENCRYPT_SEPERATOR') . $keys . getConfig('ENCRYPT_SEPERATOR') . $data . getConfig('ENCRYPT_SEPERATOR') . getConfig('DATE_KEY') . getConfig('ENCRYPT_SEPERATOR') . $a, substr(sha1(getConfig('SITE_KEY')), 0, getConfig('salt_length')));
// Create number from hash
$rcode = hexdec(substr($saltedHash, 8, 9)) / abs(getConfig('rand_no') - $a + sqrt(getConfig('_ADD'))) / pi();
if (ereg('/', $host)) $host = substr($host, 0, strpos($host, '/'));
// Generate relative URL
- //* DEBUG: */ print("SCRIPT=" . $script."<br />");
+ //* DEBUG: */ print("SCRIPT=" . $script.'<br />');
if (substr(strtolower($script), 0, 7) == 'http://') {
// But only if http:// is in front!
$script = substr($script, (strlen($url) + 7));
$script = substr($script, (strlen($url) + 8));
}
- //* DEBUG: */ print("SCRIPT=" . $script."<br />");
+ //* DEBUG: */ print("SCRIPT=" . $script.'<br />');
if (substr($script, 0, 1) == '/') $script = substr($script, 1);
// Return host name
}
// Send a GET request
-function sendGetRequest ($script) {
+function sendGetRequest ($script, $data = array()) {
// Extract host name from script
$host = extractHostnameFromUrl($script);
+ // Add data
+ $scriptData = http_build_query($data, '', '&');
+
+ // Do we have a question-mark in the script?
+ if (strpos($script, '?') === false) {
+ // No, so first char must be question mark
+ $scriptData = '?' . $scriptData;
+ } else {
+ // Ok, add &
+ $scriptData = '&' . $scriptData;
+ }
+
+ // Add script data
+ $script .= $scriptData;
+
// Generate GET request header
$request = 'GET /' . trim($script) . ' HTTP/1.1' . getConfig('HTTP_EOL');
$request .= 'Host: ' . $host . getConfig('HTTP_EOL');
$host = extractHostnameFromUrl($script);
// Construct request
- $data = http_build_query($postData, '','&');
+ $data = http_build_query($postData, '', '&');
// Generate POST request header
$request = 'POST /' . trim($script) . ' HTTP/1.1' . getConfig('HTTP_EOL');
} // END - if
// Open connection
- //* DEBUG: */ die("SCRIPT=" . $script."<br />");
+ //* DEBUG: */ die("SCRIPT=" . $script.'<br />');
if ($useProxy === true) {
// Connect to host through proxy connection
$fp = @fsockopen(compileCode(getConfig('proxy_host')), bigintval(getConfig('proxy_port')), $errno, $errdesc, 30);
function isUrlValid ($URL, $compile=true) {
// Trim URL a little
$URL = trim(urldecode($URL));
- //* DEBUG: */ outputHtml($URL."<br />");
+ //* DEBUG: */ outputHtml($URL.'<br />');
// Compile some chars out...
if ($compile === true) $URL = compileUriCode($URL, false, false, false);
- //* DEBUG: */ outputHtml($URL."<br />");
+ //* DEBUG: */ outputHtml($URL.'<br />');
// Check for the extension filter
if (isExtensionActive('filter')) {
// Generate a hash for extra-security for all passwords
function generateHash ($plainText, $salt = '') {
// Is the required extension 'sql_patches' there and a salt is not given?
- if (((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionActive('sql_patches'))) && (empty($salt))) {
+ if (((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionActive('sql_patches')) || (!isExtensionInstalledAndNewer('other', '0.2.5'))) && (empty($salt))) {
// Extension sql_patches is missing/outdated so we hash the plain text with MD5
return md5($plainText);
} // END - if
//* DEBUG: */ outputHtml($salt." (".strlen($salt).")<br />");
} else {
// Use given salt
+ //* DEBUG: */ print 'salt=' . $salt . '<br />';
$salt = substr($salt, 0, getConfig('salt_length'));
- //* DEBUG: */ outputHtml("GIVEN={$salt}<br />");
+ //* DEBUG: */ print 'salt=' . $salt . '(' . strlen($salt) . '/' . getConfig('salt_length') . ')<br />';
+
+ // Sanity check on salt
+ if (strlen($salt) != getConfig('salt_length')) {
+ // Not the same!
+ debug_report_bug(__FUNCTION__.': salt length mismatch! ('.strlen($salt).'/'.getConfig('salt_length').')');
+ } // END - if
}
// Return hash
$ret = $passHash;
// Is a secret key and master salt already initialized?
- if ((isExtensionInstalled('sql_patches')) && (isConfigEntrySet('secret_key')) && (isConfigEntrySet('master_salt'))) {
+ if ((isExtensionInstalled('sql_patches')) && (isExtensionInstalledAndNewer('other', '0.2.5')) && (isConfigEntrySet('_PRIME')) && (isConfigEntrySet('secret_key')) && (isConfigEntrySet('master_salt'))) {
// Only calculate when the secret key is generated
$newHash = ''; $start = 9;
for ($idx = 0; $idx < 10; $idx++) {
} elseif ($part2 > $part1) {
$mod = dechex(sqrt(($part2 - $part1) * getConfig('_PRIME') / pi()));
}
- $mod = substr(round($mod), 0, 4);
- $mod = str_repeat(0, 4-strlen($mod)) . $mod;
- //* DEBUG: */ outputHtml("*" . $start.'=' . $mod."*<br />");
+ $mod = substr($mod, 0, 4);
+ //* DEBUG: */ outputHtml('part1='.$part1.'/part2='.$part2.'/mod=' . $mod . '('.strlen($mod).')<br />');
+ $mod = str_repeat(0, (4 - strlen($mod))) . $mod;
+ //* DEBUG: */ outputHtml('*' . $start . '=' . $mod . '*<br />');
$start += 4;
$newHash .= $mod;
} // END - for
- //* DEBUG: */ print($passHash."<br />" . $newHash." (".strlen($newHash).')');
+ //* DEBUG: */ print($passHash.'<br />' . $newHash." (".strlen($newHash).')<br />');
$ret = generateHash($newHash, getConfig('master_salt'));
- //* DEBUG: */ print($ret."<br />");
+ //* DEBUG: */ print('ret='.$ret.'<br />');
} else {
// Hash it simple
//* DEBUG: */ outputHtml("--" . $passHash."--<br />");
$ret = 'default';
// Load default theme if not empty from configuration
- if (getConfig('default_theme') != '') $ret = getConfig('default_theme');
+ if ((isConfigEntrySet('default_theme')) && (getConfig('default_theme') != '')) $ret = getConfig('default_theme');
if (!isSessionVariableSet('mxchange_theme')) {
// Set default theme
// Function to search for the last modifified file
function searchDirsRecursive ($dir, &$last_changed) {
// Get dir as array
- //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):dir=" . $dir."<br />");
+ //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):dir=" . $dir.'<br />');
// Does it match what we are looking for? (We skip a lot files already!)
// RegexPattern to exclude ., .., .revision, .svn, debug.log or .cache in the filenames
$excludePattern = '@(\.revision|debug\.log|\.cache|config\.php)$@';
$ds = getArrayFromDirectory($dir, '', true, false, array(), '.php', $excludePattern);
- //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):ds[]=".count($ds)."<br />");
+ //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):ds[]=".count($ds).'<br />');
// Walk through all entries
foreach ($ds as $d) {
// $FQFN is a directory so also crawl into this directory
$newDir = $d;
if (!empty($dir)) $newDir = $dir . '/'. $d;
- //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):DESCENT: " . $newDir."<br />");
+ //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):DESCENT: " . $newDir.'<br />');
searchDirsRecursive($newDir, $last_changed);
} elseif (isFileReadable($FQFN)) {
// $FQFN is a filename and no directory
// Output a debug backtrace to the user
function debug_report_bug ($message = '') {
+ // Is this already called?
+ if (isset($GLOBALS[__FUNCTION__])) {
+ // Other backtrace
+ print 'Message:'.$message.'<br />Backtrace:<pre>';
+ debug_print_backtrace();
+ die('</pre>');
+ } // END - if
+
+ // Set this function as called
+ $GLOBALS[__FUNCTION__] = true;
+
// Init message
$debug = '';
// @TODO Are these convertions still required?
$pat = str_replace('.', "\.", $pat);
$pat = str_replace('@', "\@", $pat);
- //* DEBUG: */ outputHtml($key."= " . $pat . "<br />");
+ //* DEBUG: */ outputHtml($key."= " . $pat . '<br />');
} // END - if
// Check if expression matches
}
// Set cookie when default refid > 0
- if (!isSessionVariableSet('refid') || (!empty($GLOBALS['refid'])) || ((getSession('refid') == 0) && (getConfig('def_refid') > 0))) {
+ if (!isSessionVariableSet('refid') || (!empty($GLOBALS['refid'])) || ((getSession('refid') == 0) && (isConfigEntrySet('def_refid')) && (getConfig('def_refid') > 0))) {
// Set cookie
setSession('refid', $GLOBALS['refid']);
} // END - if
// Exclude '.', '..' and entries in $excludeArray automatically
if (in_array($baseFile, $excludeArray, true)) {
// Exclude them
- //* DEBUG: */ outputHtml('excluded=' . $baseFile . "<br />");
+ //* DEBUG: */ outputHtml('excluded=' . $baseFile . '<br />');
continue;
} // END - if
// Check if the base filename matches an exclusion pattern and if the pattern is not empty
if ((!empty($excludePattern)) && (preg_match($excludePattern, $baseFile, $match))) {
// These Lines are only for debugging!!
- //* DEBUG: */ outputHtml('baseDir:' . $baseDir . "<br />");
- //* DEBUG: */ outputHtml('baseFile:' . $baseFile . "<br />");
- //* DEBUG: */ outputHtml('FQFN:' . $FQFN . "<br />");
+ //* DEBUG: */ outputHtml('baseDir:' . $baseDir . '<br />');
+ //* DEBUG: */ outputHtml('baseFile:' . $baseFile . '<br />');
+ //* DEBUG: */ outputHtml('FQFN:' . $FQFN . '<br />');
// Exclude this one
continue;
// Add SQL debug data to array for later output
function addSqlToDebug ($result, $sqlString, $timing, $F, $L) {
- // Don't execute anything here if we don't need
- if (getConfig('display_debug_sqls') != 'Y') return;
+ // Already executed?
+ if (isset($GLOBALS['debug_sqls'][$F][$L][$sqlString])) {
+ // Then abort here, we don't need to profile a query twice
+ return;
+ } // END - if
+
+ // Remeber this as profiled (or not, but we don't care here)
+ $GLOBALS['debug_sqls'][$F][$L][$sqlString] = true;
+
+ // Do we have cache?
+ if (!isset($GLOBALS['debug_sql_available'])) {
+ // Check it and cache it in $GLOBALS
+ $GLOBALS['debug_sql_available'] = ((isConfigurationLoaded()) && (isExtensionInstalledAndNewer('other', '0.2.2')) && (getConfig('display_debug_sqls') == 'Y'));
+ } // END - if
+
+ // Don't execute anything here if we don't need or ext-other is missing
+ if ($GLOBALS['debug_sql_available'] === false) {
+ return;
+ } // END - if
// Generate record
$record = array(
$GLOBALS['cache_instance'] = new CacheSystem();
if ($GLOBALS['cache_instance']->getStatus() != 'done') {
// Failed to initialize cache sustem
- addFatalMessage(__FILE__, __LINE__, "(<font color=\"#0000aa\">".__LINE__."</font>): ".getMessage('CACHE_CANNOT_INITIALIZE'));
+ addFatalMessage(__FILE__, __LINE__, '(<font color="#0000aa">' . __LINE__ . '</font>): ' . getMessage('CACHE_CANNOT_INITIALIZE'));
} // END - if
}
}
} // END - if
+if (!function_exists('http_build_query')) {
+ // Taken from documentation on www.php.net, credits to Marco K. (Germany)
+ function http_build_query($data, $prefix='', $sep='', $key='') {
+ $ret = array();
+ foreach ((array)$data as $k => $v) {
+ if (is_int($k) && $prefix != null) {
+ $k = urlencode($prefix . $k);
+ } // END - if
+
+ if ((!empty($key)) || ($key === 0)) $k = $key.'['.urlencode($k).']';
+
+ if (is_array($v) || is_object($v)) {
+ array_push($ret, http_build_query($v, '', $sep, $k));
+ } else {
+ array_push($ret, $k.'='.urlencode($v));
+ }
+ } // END - foreach
+
+ if (empty($sep)) $sep = ini_get('arg_separator.output');
+
+ return implode($sep, $ret);
+ }
+}// // END - if
+
// [EOF]
?>