$ret = '';
if ((strpos($GLOBALS['tpl_content'], '$') !== false) || (strpos($GLOBALS['tpl_content'], '{--') !== false) || (strpos($GLOBALS['tpl_content'], '{!') !== false) || (strpos($GLOBALS['tpl_content'], '{?') !== false)) {
// Normal HTML output?
- if ($GLOBALS['output_mode'] == 0) {
+ if (getOutputMode() == 0) {
// Add surrounding HTML comments to help finding bugs faster
$ret = "<!-- Template " . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . "<!-- Template " . $template . " - End -->\n";
} // END - if
// Load user's data
- //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):UID={$UID},template={$template},content[]=".gettype($content)."<br />");
+ //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):UID={$UID},template={$template},content[]=".gettype($content).'<br />');
if (($UID > 0) && (is_array($content))) {
// If nickname extension is installed, fetch nickname as well
if (isExtensionActive('nickname')) {
if (isFileReadable($FQFN)) {
// The local file does exists so we load it. :)
$GLOBALS['tpl_content'] = readFromFile($FQFN);
- $GLOBALS['tpl_content'] = SQL_ESCAPE($GLOBALS['tpl_content']);
// Run code
- $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileCode($GLOBALS['tpl_content'])."\");";
+ $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileCode(smartAddSlashes($GLOBALS['tpl_content']))."\");";
eval($GLOBALS['tpl_content']);
} elseif (!empty($template)) {
// Template file not found!
// Load email address
$result_email = SQL_QUERY_ESC("SELECT `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1",
array(bigintval($toEmail)), __FUNCTION__, __LINE__);
- //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):numRows=".SQL_NUMROWS($result_email)."<br />");
+ //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):numRows=".SQL_NUMROWS($result_email).'<br />');
// Does the user exist?
if (SQL_NUMROWS($result_email)) {
// Free result
SQL_FREERESULT($result_email);
}
- } elseif ($toEmail == 0) {
+ } elseif ($toEmail == '0') {
// Is the webmaster!
$toEmail = getConfig('WEBMASTER');
}
if (empty($isHtml)) $isHtml = 'N';
if (isDebugModeEnabled()) {
// In debug mode we want to display the mail instead of sending it away so we can debug this part
- outputHtml("<pre>
-".htmlentities(trim($mailHeader))."
-To : " . $toEmail."
-Subject : " . $subject."
-Message : " . $message."
-</pre>\n");
+ outputHtml('<pre>
+Headers : ' . str_replace('<', '<', str_replace('>', '>', htmlentities(trim($mailHeader)))) . '
+To : ' . $toEmail . '
+Subject : ' . $subject . '
+Message : ' . $message . '
+</pre>');
} elseif (($isHtml == 'Y') && (isExtensionActive('html_mail'))) {
// Send mail as HTML away
sendHtmlEmail($toEmail, $subject, $message, $mailHeader);
// get new instance
$mail = new PHPMailer();
+
+ // Set charset to UTF-8
+ $mail->CharSet('UTF-8');
+
+ // Path for PHPMailer
$mail->PluginDir = sprintf("%sinc/phpmailer/", getConfig('PATH'));
$mail->IsSMTP();
// Redirects to an URL and if neccessarry extends it with own base URL
function redirectToUrl ($URL) {
- // Compile out URI codes
- $URL = compileUriCode($URL);
+ // Compile out codes
+ eval('$URL = "' . compileCode($URL) . '";');
// Check if http(s):// is there
if ((substr($URL, 0, 7) != 'http://') && (substr($URL, 0, 8) != 'https://')) {
// Calculate number for generating the code
$a = $code + getConfig('_ADD') - 1;
- if (isConfigEntrySet('master_hash')) {
+ if (isConfigEntrySet('master_salt')) {
// Generate hash with master salt from modula of number with the prime number and other data
$saltedHash = generateHash(($a % getConfig('_PRIME')) . getConfig('ENCRYPT_SEPERATOR') . $server . getConfig('ENCRYPT_SEPERATOR') . $keys . getConfig('ENCRYPT_SEPERATOR') . $data . getConfig('ENCRYPT_SEPERATOR') . getConfig('DATE_KEY') . getConfig('ENCRYPT_SEPERATOR') . $a, getConfig('master_salt'));
$rcode = hexdec(substr($saltedHash, strlen(getConfig('master_salt')), 9)) / abs(getConfig('rand_no') - $a + sqrt(getConfig('_ADD'))) / pi();
} else {
// Generate hash with "hash of site key" from modula of number with the prime number and other data
- $saltedHash = generateHash(($a % getConfig('_PRIME')) . getConfig('ENCRYPT_SEPERATOR') . $server . getConfig('ENCRYPT_SEPERATOR') . $keys . getConfig('ENCRYPT_SEPERATOR') . $data . getConfig('ENCRYPT_SEPERATOR') . getConfig('DATE_KEY') . getConfig('ENCRYPT_SEPERATOR') . $a, substr(sha1(getConfig('SITE_KEY')), 0, 8));
+ $saltedHash = generateHash(($a % getConfig('_PRIME')) . getConfig('ENCRYPT_SEPERATOR') . $server . getConfig('ENCRYPT_SEPERATOR') . $keys . getConfig('ENCRYPT_SEPERATOR') . $data . getConfig('ENCRYPT_SEPERATOR') . getConfig('DATE_KEY') . getConfig('ENCRYPT_SEPERATOR') . $a, substr(sha1(getConfig('SITE_KEY')), 0, getConfig('salt_length')));
// Create number from hash
$rcode = hexdec(substr($saltedHash, 8, 9)) / abs(getConfig('rand_no') - $a + sqrt(getConfig('_ADD'))) / pi();
if (ereg('/', $host)) $host = substr($host, 0, strpos($host, '/'));
// Generate relative URL
- //* DEBUG: */ print("SCRIPT=" . $script."<br />");
+ //* DEBUG: */ print("SCRIPT=" . $script.'<br />');
if (substr(strtolower($script), 0, 7) == 'http://') {
// But only if http:// is in front!
$script = substr($script, (strlen($url) + 7));
$script = substr($script, (strlen($url) + 8));
}
- //* DEBUG: */ print("SCRIPT=" . $script."<br />");
+ //* DEBUG: */ print("SCRIPT=" . $script.'<br />');
if (substr($script, 0, 1) == '/') $script = substr($script, 1);
// Return host name
}
// Send a GET request
-function sendGetRequest ($script) {
+function sendGetRequest ($script, $data = array()) {
// Extract host name from script
$host = extractHostnameFromUrl($script);
+ // Add data
+ $scriptData = http_build_query($data, '', '&');
+
+ // Do we have a question-mark in the script?
+ if (strpos($script, '?') === false) {
+ // No, so first char must be question mark
+ $scriptData = '?' . $scriptData;
+ } else {
+ // Ok, add &
+ $scriptData = '&' . $scriptData;
+ }
+
+ // Add script data
+ $script .= $scriptData;
+
// Generate GET request header
$request = 'GET /' . trim($script) . ' HTTP/1.1' . getConfig('HTTP_EOL');
$request .= 'Host: ' . $host . getConfig('HTTP_EOL');
$host = extractHostnameFromUrl($script);
// Construct request
- $data = http_build_query($postData, '','&');
+ $data = http_build_query($postData, '', '&');
// Generate POST request header
$request = 'POST /' . trim($script) . ' HTTP/1.1' . getConfig('HTTP_EOL');
} // END - if
// Open connection
- //* DEBUG: */ die("SCRIPT=" . $script."<br />");
+ //* DEBUG: */ die("SCRIPT=" . $script.'<br />');
if ($useProxy === true) {
// Connect to host through proxy connection
$fp = @fsockopen(compileCode(getConfig('proxy_host')), bigintval(getConfig('proxy_port')), $errno, $errdesc, 30);
function isUrlValid ($URL, $compile=true) {
// Trim URL a little
$URL = trim(urldecode($URL));
- //* DEBUG: */ outputHtml($URL."<br />");
+ //* DEBUG: */ outputHtml($URL.'<br />');
// Compile some chars out...
if ($compile === true) $URL = compileUriCode($URL, false, false, false);
- //* DEBUG: */ outputHtml($URL."<br />");
+ //* DEBUG: */ outputHtml($URL.'<br />');
// Check for the extension filter
if (isExtensionActive('filter')) {
// Generate a hash for extra-security for all passwords
function generateHash ($plainText, $salt = '') {
// Is the required extension 'sql_patches' there and a salt is not given?
- if (((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionActive('sql_patches'))) && (empty($salt))) {
+ if (((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionActive('sql_patches')) || (!isExtensionInstalledAndNewer('other', '0.2.5'))) && (empty($salt))) {
// Extension sql_patches is missing/outdated so we hash the plain text with MD5
return md5($plainText);
} // END - if
//* DEBUG: */ outputHtml($salt." (".strlen($salt).")<br />");
} else {
// Use given salt
+ //* DEBUG: */ print 'salt=' . $salt . '<br />';
$salt = substr($salt, 0, getConfig('salt_length'));
- //* DEBUG: */ outputHtml("GIVEN={$salt}<br />");
+ //* DEBUG: */ print 'salt=' . $salt . '(' . strlen($salt) . '/' . getConfig('salt_length') . ')<br />';
+
+ // Sanity check on salt
+ if (strlen($salt) != getConfig('salt_length')) {
+ // Not the same!
+ debug_report_bug(__FUNCTION__.': salt length mismatch! ('.strlen($salt).'/'.getConfig('salt_length').')');
+ } // END - if
}
// Return hash
$ret = $passHash;
// Is a secret key and master salt already initialized?
- if ((isExtensionInstalled('sql_patches')) && (isConfigEntrySet('secret_key')) && (isConfigEntrySet('master_salt'))) {
+ if ((isExtensionInstalled('sql_patches')) && (isExtensionInstalledAndNewer('other', '0.2.5')) && (isConfigEntrySet('_PRIME')) && (isConfigEntrySet('secret_key')) && (isConfigEntrySet('master_salt'))) {
// Only calculate when the secret key is generated
$newHash = ''; $start = 9;
for ($idx = 0; $idx < 10; $idx++) {
} elseif ($part2 > $part1) {
$mod = dechex(sqrt(($part2 - $part1) * getConfig('_PRIME') / pi()));
}
- $mod = substr(round($mod), 0, 4);
- $mod = str_repeat(0, 4-strlen($mod)) . $mod;
- //* DEBUG: */ outputHtml("*" . $start.'=' . $mod."*<br />");
+ $mod = substr($mod, 0, 4);
+ //* DEBUG: */ outputHtml('part1='.$part1.'/part2='.$part2.'/mod=' . $mod . '('.strlen($mod).')<br />');
+ $mod = str_repeat(0, (4 - strlen($mod))) . $mod;
+ //* DEBUG: */ outputHtml('*' . $start . '=' . $mod . '*<br />');
$start += 4;
$newHash .= $mod;
} // END - for
- //* DEBUG: */ print($passHash."<br />" . $newHash." (".strlen($newHash).')');
+ //* DEBUG: */ print($passHash.'<br />' . $newHash." (".strlen($newHash).')<br />');
$ret = generateHash($newHash, getConfig('master_salt'));
- //* DEBUG: */ print($ret."<br />");
+ //* DEBUG: */ print('ret='.$ret.'<br />');
} else {
// Hash it simple
//* DEBUG: */ outputHtml("--" . $passHash."--<br />");
$ret = 'default';
// Load default theme if not empty from configuration
- if (getConfig('default_theme') != '') $ret = getConfig('default_theme');
+ if ((isConfigEntrySet('default_theme')) && (getConfig('default_theme') != '')) $ret = getConfig('default_theme');
if (!isSessionVariableSet('mxchange_theme')) {
// Set default theme
// Function to search for the last modifified file
function searchDirsRecursive ($dir, &$last_changed) {
// Get dir as array
- //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):dir=" . $dir."<br />");
+ //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):dir=" . $dir.'<br />');
// Does it match what we are looking for? (We skip a lot files already!)
// RegexPattern to exclude ., .., .revision, .svn, debug.log or .cache in the filenames
$excludePattern = '@(\.revision|debug\.log|\.cache|config\.php)$@';
$ds = getArrayFromDirectory($dir, '', true, false, array(), '.php', $excludePattern);
- //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):ds[]=".count($ds)."<br />");
+ //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):ds[]=".count($ds).'<br />');
// Walk through all entries
foreach ($ds as $d) {
// $FQFN is a directory so also crawl into this directory
$newDir = $d;
if (!empty($dir)) $newDir = $dir . '/'. $d;
- //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):DESCENT: " . $newDir."<br />");
+ //* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):DESCENT: " . $newDir.'<br />');
searchDirsRecursive($newDir, $last_changed);
} elseif (isFileReadable($FQFN)) {
// $FQFN is a filename and no directory
// Output a debug backtrace to the user
function debug_report_bug ($message = '') {
+ // Is this already called?
+ if (isset($GLOBALS[__FUNCTION__])) {
+ // Other backtrace
+ print 'Message:'.$message.'<br />Backtrace:<pre>';
+ debug_print_backtrace();
+ die('</pre>');
+ } // END - if
+
+ // Set this function as called
+ $GLOBALS[__FUNCTION__] = true;
+
// Init message
$debug = '';
// @TODO Are these convertions still required?
$pat = str_replace('.', "\.", $pat);
$pat = str_replace('@', "\@", $pat);
- //* DEBUG: */ outputHtml($key."= " . $pat . "<br />");
+ //* DEBUG: */ outputHtml($key."= " . $pat . '<br />');
} // END - if
// Check if expression matches
// Log this message away, we better don't call app_die() here to prevent an endless loop
$fp = fopen(getConfig('CACHE_PATH') . 'debug.log', 'a') or die(__FUNCTION__.'['.__LINE__.']: Cannot write logfile debug.log!');
- fwrite($fp, date('d.m.Y|H:i:s', time()) . '|' . getModule() . '|' . basename($funcFile) . '|' . $line . '|' . $message . "\n");
+ fwrite($fp, date('d.m.Y|H:i:s', time()) . '|' . getModule(false) . '|' . basename($funcFile) . '|' . $line . '|' . $message . "\n");
fclose($fp);
} // END - if
}
// Converts timestamp selections into a timestamp
function convertSelectionsToTimestamp (&$postData, &$DATA, &$id, &$skip) {
// Init test variable
+ $skip = false;
$test2 = '';
// Get last three chars
if ((isset($postData[$test.'_ye'])) && (isset($postData[$test.'_mo'])) && (isset($postData[$test.'_we'])) && (isset($postData[$test.'_da'])) && (isset($postData[$test.'_ho'])) && (isset($postData[$test.'_mi'])) && (isset($postData[$test.'_se'])) && ($test != $test2)) {
// Generate timestamp
$postData[$test] = createTimestampFromSelections($test, $postData);
- $DATA[] = sprintf("%s='%s'", $test, $postData[$test]);
+ $DATA[] = sprintf("`%s`='%s'", $test, $postData[$test]);
+ $GLOBALS['skip_config'][$test] = true;
// Remove data from array
foreach (array('ye', 'mo', 'we', 'da', 'ho', 'mi', 'se') as $rem) {
- unset($postData[$test.'_' . $rem]);
+ unset($postData[$test . '_' . $rem]);
} // END - foreach
// Skip adding
- unset($id); $skip = true; $test2 = $test;
+ unset($id);
+ $skip = true;
+ $test2 = $test;
} // END - if
- } else {
- // Process this entry
- $skip = false;
- $test2 = '';
- }
+ } // END - if
}
// Reverts the german decimal comma into Computer decimal dot
// Set default refid as refid in URL
$GLOBALS['refid'] = getConfig('def_refid');
} else {
- // No default ID when sql_patches is not installed or none set
+ // No default id when sql_patches is not installed or none set
$GLOBALS['refid'] = 0;
}
// Set cookie when default refid > 0
- if (!isSessionVariableSet('refid') || (!empty($GLOBALS['refid'])) || ((getSession('refid') == 0) && (getConfig('def_refid') > 0))) {
+ if (!isSessionVariableSet('refid') || (!empty($GLOBALS['refid'])) || ((getSession('refid') == 0) && (isConfigEntrySet('def_refid')) && (getConfig('def_refid') > 0))) {
// Set cookie
setSession('refid', $GLOBALS['refid']);
} // END - if
// Exclude '.', '..' and entries in $excludeArray automatically
if (in_array($baseFile, $excludeArray, true)) {
// Exclude them
- //* DEBUG: */ outputHtml('excluded=' . $baseFile . "<br />");
+ //* DEBUG: */ outputHtml('excluded=' . $baseFile . '<br />');
continue;
} // END - if
// Check if the base filename matches an exclusion pattern and if the pattern is not empty
if ((!empty($excludePattern)) && (preg_match($excludePattern, $baseFile, $match))) {
// These Lines are only for debugging!!
- //* DEBUG: */ outputHtml('baseDir:' . $baseDir . "<br />");
- //* DEBUG: */ outputHtml('baseFile:' . $baseFile . "<br />");
- //* DEBUG: */ outputHtml('FQFN:' . $FQFN . "<br />");
+ //* DEBUG: */ outputHtml('baseDir:' . $baseDir . '<br />');
+ //* DEBUG: */ outputHtml('baseFile:' . $baseFile . '<br />');
+ //* DEBUG: */ outputHtml('FQFN:' . $FQFN . '<br />');
// Exclude this one
continue;
// Add SQL debug data to array for later output
function addSqlToDebug ($result, $sqlString, $timing, $F, $L) {
- // Don't execute anything here if we don't need
- if (getConfig('display_debug_sqls') != 'Y') return;
+ // Already executed?
+ if (isset($GLOBALS['debug_sqls'][$F][$L][$sqlString])) {
+ // Then abort here, we don't need to profile a query twice
+ return;
+ } // END - if
+
+ // Remeber this as profiled (or not, but we don't care here)
+ $GLOBALS['debug_sqls'][$F][$L][$sqlString] = true;
+
+ // Do we have cache?
+ if (!isset($GLOBALS['debug_sql_available'])) {
+ // Check it and cache it in $GLOBALS
+ $GLOBALS['debug_sql_available'] = ((isConfigurationLoaded()) && (isExtensionInstalledAndNewer('other', '0.2.2')) && (getConfig('display_debug_sqls') == 'Y'));
+ } // END - if
+
+ // Don't execute anything here if we don't need or ext-other is missing
+ if ($GLOBALS['debug_sql_available'] === false) {
+ return;
+ } // END - if
// Generate record
$record = array(
$GLOBALS['cache_instance'] = new CacheSystem();
if ($GLOBALS['cache_instance']->getStatus() != 'done') {
// Failed to initialize cache sustem
- addFatalMessage(__FILE__, __LINE__, "(<font color=\"#0000aa\">".__LINE__."</font>): ".getMessage('CACHE_CANNOT_INITIALIZE'));
+ addFatalMessage(__FILE__, __LINE__, '(<font color="#0000aa">' . __LINE__ . '</font>): ' . getMessage('CACHE_CANNOT_INITIALIZE'));
} // END - if
}
return str_replace(';', ', ', $old);
}
+// Determines the right page title
+function determinePageTitle () {
+ // Config and database connection valid?
+ if ((isConfigLocalLoaded()) && (isConfigurationLoaded()) && (SQL_IS_LINK_UP()) && (isExtensionInstalledAndNewer('sql_patches', '0.1.6'))) {
+ // Init title
+ $TITLE = '';
+
+ // Title decoration enabled?
+ if ((getConfig('enable_title_deco') == 'Y') && (getConfig('title_left') != '')) $TITLE .= trim(getConfig('title_left'))." ";
+
+ // Do we have some extra title?
+ if (isExtraTitleSet()) {
+ // Then prepent it
+ $TITLE .= getExtraTitle() . ' by ';
+ } // END - if
+
+ // Add main title
+ $TITLE .= getConfig('MAIN_TITLE');
+
+ // Add title of module? (middle decoration will also be added!)
+ if ((getConfig('enable_mod_title') == 'Y') || ((!isWhatSet()) && (!isActionSet())) || (getModule() == 'admin')) {
+ $TITLE .= ' ' . trim(getConfig('title_middle')) . ' ' . getModuleTitle(getModule());
+ } // END - if
+
+ // Add title from what file
+ $mode = '';
+ if (getModule() == 'login') $mode = 'member';
+ elseif (getModule() == 'index') $mode = 'guest';
+ if ((!empty($mode)) && (getConfig('enable_what_title') == 'Y')) $TITLE .= " ".trim(getConfig('title_middle'))." ".getModuleDescription($mode, getWhat());
+
+ // Add title decorations? (right)
+ if ((getConfig('enable_title_deco') == 'Y') && (getConfig('title_right') != '')) $TITLE .= " ".trim(getConfig('title_right'));
+
+ // Remember title in constant for the template
+ $pageTitle = $TITLE;
+ } elseif ((isInstalled()) && (isAdminRegistered())) {
+ // Installed, admin registered but no ext-sql_patches
+ $pageTitle = '[-- ' . getConfig('MAIN_TITLE').' - '.getModuleTitle(getModule()) . ' --]';
+ } elseif ((isInstalled()) && (!isAdminRegistered())) {
+ // Installed but no admin registered
+ $pageTitle = sprintf(getMessage('SETUP_OF_MXCHANGE'), getConfig('MAIN_TITLE'));
+ } elseif ((!isInstalled()) || (!isAdminRegistered())) {
+ // Installation mode
+ $pageTitle = getMessage('INSTALLATION_OF_MXCHANGE');
+ } else {
+ // Configuration not found!
+ $pageTitle = getMessage('NO_CONFIG_FOUND_TITLE');
+
+ // Do not add the fatal message in installation mode
+ if ((!isInstalling()) && (!isConfigurationLoaded())) addFatalMessage(__FILE__, __LINE__, getMessage('NO_CONFIG_FOUND'));
+ }
+
+ // Return title
+ return $pageTitle;
+}
+
//////////////////////////////////////////////////
// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
//////////////////////////////////////////////////
}
} // END - if
+if (!function_exists('http_build_query')) {
+ // Taken from documentation on www.php.net, credits to Marco K. (Germany)
+ function http_build_query($data, $prefix='', $sep='', $key='') {
+ $ret = array();
+ foreach ((array)$data as $k => $v) {
+ if (is_int($k) && $prefix != null) {
+ $k = urlencode($prefix . $k);
+ } // END - if
+
+ if ((!empty($key)) || ($key === 0)) $k = $key.'['.urlencode($k).']';
+
+ if (is_array($v) || is_object($v)) {
+ array_push($ret, http_build_query($v, '', $sep, $k));
+ } else {
+ array_push($ret, $k.'='.urlencode($v));
+ }
+ } // END - foreach
+
+ if (empty($sep)) $sep = ini_get('arg_separator.output');
+
+ return implode($sep, $ret);
+ }
+}// // END - if
+
// [EOF]
?>