break;
case "add-points":
- $points = bigintval($_POST['points']);
+ if (isset($_POST['points'])) {
+ $points = bigintval($_POST['points']);
+ } else {
+ $points = __POINTS_VALUE;
+ }
break;
case "guest_request_confirm":
return $return;
}
// Does only allow numbers
-function bigintval($num)
+function bigintval($num, $castValue = true)
{
- $ret = (int) preg_replace("/[^0123456789]/", "", $num);
+ // Filter all numbers out
+ $ret = preg_replace("/[^0123456789]/", "", $num);
+
+ // Cast the value?
+ if ($castValue) $ret = (int) $ret;
+
+ // Return result
return $ret;
}
// Insert the code in $img_code into jpeg or PNG image
return $EMAIL;
}
// Generate a hash for extra-security for all passwords
-function generateHash($plainText, $salt = "") {
+function generateHash ($plainText, $salt = "") {
global $_CONFIG, $_SERVER;
// Is the required extension "sql_patches" there?
if ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) {
- // Extension sql_patches is missing/outdated so we return only the regular SHA1 hash
- return sha1($plainText);
+ // Extension sql_patches is missing/outdated so we return the plain text
+ return $plainText;
}
// When the salt is empty build a new one, else use the first x configured characters as the salt
//* DEBUG: */ die($passHash."<br>".$newHash." (".strlen($newHash).")");
$ret = generateHash($newHash, $_CONFIG['master_salt']);
+ } else {
+ // Hash it simple
+ //* DEBUG: */ echo "--".$passHash."--<br />\n";
+ $ret = md5($passHash);
+ //* DEBUG: */ echo "++".$ret."++<br />\n";
}
// Return result
// Unset/set session variables
function set_session ($var, $value) {
global $CSS;
-
// Abort in CSS mode here
if ($CSS == 1) return true;
// Taken from user comments in PHP documentation for function constant()
function isBooleanConstantAndTrue($constname) { // : Boolean
$res = false;
- if (defined($constname)) {
- $res = (constant($constname) === true);
- }
+ if (defined($constname)) $res = (constant($constname) === true);
return($res);
}