// Output the raw HTML code
function outputRawCode ($htmlCode) {
// Output stripped HTML code to avoid broken JavaScript code, etc.
- print($htmlCode);
+ print(str_replace('{BACK}', "\\", $htmlCode));
// Flush the output if only getPhpCaching() is not 'on'
if (getPhpCaching() != 'on') {
// Normal HTML output?
if (getOutputMode() == '0') {
// Add surrounding HTML comments to help finding bugs faster
- $ret = "<!-- Template " . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . "<!-- Template " . $template . " - End -->\n";
+ $ret = '<!-- Template ' . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . '<!-- Template ' . $template . " - End -->\n";
// Prepare eval() command
$eval = '$ret = "' . compileCode(escapeQuotes($ret)) . '";';
} elseif (substr($template, 0, 3) == 'js_') {
// JavaScripts don't like entities and timings
- $eval = '$ret = decodeEntities("' . compileRawCode(escapeQuotes($GLOBALS['tpl_content'])) . '");';
+ $eval = '$ret = decodeEntities("' . compileRawCode(escapeJavaScriptQuotes($GLOBALS['tpl_content'])) . '");';
} else {
- // Prepare eval() command
- $eval = '$ret = "' . compileCode(escapeQuotes($GLOBALS['tpl_content'])) . '";';
+ // Prepare eval() command, other output doesn't like entities, maybe
+ $eval = '$ret = decodeEntities("' . compileRawCode(escapeQuotes($GLOBALS['tpl_content'])) . '");';
}
} else {
// Add surrounding HTML comments to help finding bugs faster
- $ret = "<!-- Template " . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . "<!-- Template " . $template . " - End -->\n";
+ $ret = '<!-- Template ' . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . '<!-- Template ' . $template . " - End -->\n";
$eval = '$ret = "' . escapeQuotes($ret) . '";';
} // END - if
}
}
-// Check if legacy or PHPMailer command
+// Check to use wether legacy mail() command or PHPMailer class
// @TODO Rewrite this to an extension 'smtp'
// @private
function checkPhpMailerUsage() {
// Send out a raw email with PHPMailer class or legacy mail() command
function sendRawEmail ($toEmail, $subject, $message, $from) {
+ // Just compile all again, to put out all configs, etc.
+ eval('$toEmail = decodeEntities("' . compileRawCode(escapeQuotes($toEmail)) . '");');
+ eval('$subject = decodeEntities("' . compileRawCode(escapeQuotes($subject)) . '");');
+ eval('$message = decodeEntities("' . compileRawCode(escapeQuotes($message)) . '");');
+ eval('$from = decodeEntities("' . compileRawCode(escapeQuotes($from)) . '");');
+
// Shall we use PHPMailer class or legacy mode?
if (checkPhpMailerUsage()) {
// Use PHPMailer class with SMTP enabled
// Replace it in the code
//* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):key={$key},match={$match}<br />");
$newMatch = str_replace('[', "['", str_replace(']', "']", $match));
- $code = str_replace($match, "\"." . $newMatch.".\"", $code);
+ $code = str_replace($match, '".' . $newMatch . '."', $code);
$matchesFound[$key . '_' . $matches[4][$key]] = 1;
$matchesFound[$match] = 1;
} elseif (!isset($matchesFound[$match])) {
// Not yet replaced!
//* DEBUG: */ outputHtml(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):match={$match}<br />");
- $code = str_replace($match, "\"." . $match.".\"", $code);
+ $code = str_replace($match, '".' . $match . '."', $code);
$matchesFound[$match] = 1;
}
} // END - foreach
function generateImageOrCode ($img_code, $headerSent = true) {
// Is the code size oversized or shouldn't we display it?
if ((strlen($img_code) > 6) || (empty($img_code)) || (getConfig('code_length') == '0')) {
- // Stop execution of function here because of over-sized code length
+ // Stop2 execution of function here because of over-sized code length
debug_report_bug('img_code ' . $img_code .' has invalid length. img_code()=' . strlen($img_code) . ' code_length=' . getConfig('code_length'));
} elseif ($headerSent === false) {
// Return an HTML code here
} else {
// Generate table
$OUT = "<div align=\"" . $align."\">\n";
- $OUT .= "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_table dashed\">\n";
+ $OUT .= "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"timebox_table dashed\">\n";
$OUT .= "<tr>\n";
if (ereg('Y', $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_YEARS--}</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom2\"><div class=\"tiny\">{--_YEARS--}</strong></td>\n";
}
if (ereg('M', $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_MONTHS--}</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom2\"><div class=\"tiny\">{--_MONTHS--}</strong></td>\n";
}
- if (ereg("W", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_WEEKS--}</strong></td>\n";
+ if (ereg('W', $display) || (empty($display))) {
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom2\"><div class=\"tiny\">{--_WEEKS--}</strong></td>\n";
}
- if (ereg("D", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_DAYS--}</strong></td>\n";
+ if (ereg('D', $display) || (empty($display))) {
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom2\"><div class=\"tiny\">{--_DAYS--}</strong></td>\n";
}
- if (ereg("h", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_HOURS--}</strong></td>\n";
+ if (ereg('h', $display) || (empty($display))) {
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom2\"><div class=\"tiny\">{--_HOURS--}</strong></td>\n";
}
if (ereg('m', $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_MINUTES--}</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom2\"><div class=\"tiny\">{--_MINUTES--}</strong></td>\n";
}
- if (ereg("s", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_SECONDS--}</strong></td>\n";
+ if (ereg('s', $display) || (empty($display))) {
+ $OUT .= " <td align=\"center\" class=\"timebox_column bottom2\"><div class=\"tiny\">{--_SECONDS--}</strong></td>\n";
}
$OUT .= "</tr>\n";
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_ye\" value=\"0\" />\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_ye\" value=\"0\" />\n";
}
if (ereg('M', $display) || (empty($display))) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_mo\" value=\"0\" />\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_mo\" value=\"0\" />\n";
}
- if (ereg("W", $display) || (empty($display))) {
+ if (ereg('W', $display) || (empty($display))) {
// Generate week selection
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"" . $prefix."_we\" size=\"1\">\n";
for ($idx = '0'; $idx <= 4; $idx++) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_we\" value=\"0\" />\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_we\" value=\"0\" />\n";
}
- if (ereg("D", $display) || (empty($display))) {
+ if (ereg('D', $display) || (empty($display))) {
// Generate day selection
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"" . $prefix."_da\" size=\"1\">\n";
for ($idx = '0'; $idx <= 31; $idx++) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_da\" value=\"0\">\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_da\" value=\"0\" />\n";
}
- if (ereg("h", $display) || (empty($display))) {
+ if (ereg('h', $display) || (empty($display))) {
// Generate hour selection
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"" . $prefix."_ho\" size=\"1\">\n";
for ($idx = '0'; $idx <= 23; $idx++) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_ho\" value=\"0\">\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_ho\" value=\"0\" />\n";
}
if (ereg('m', $display) || (empty($display))) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_mi\" value=\"0\">\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_mi\" value=\"0\" />\n";
}
- if (ereg("s", $display) || (empty($display))) {
+ if (ereg('s', $display) || (empty($display))) {
// Generate second selection
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"" . $prefix."_se\" size=\"1\">\n";
for ($idx = '0'; $idx <= 59; $idx++) {
}
$OUT .= " </select></td>\n";
} else {
- $OUT .= "<INPUT type=\"hidden\" name=\"" . $prefix."_se\" value=\"0\">\n";
+ $OUT .= "<input type=\"hidden\" name=\"" . $prefix."_se\" value=\"0\" />\n";
}
$OUT .= "</tr>\n";
$OUT .= "</table>\n";
// Do we miss an arry element here?
if (!isConfigEntrySet('file_hash')) {
- // Stop here
+ // Stop2 here
debug_report_bug('Missing file_hash in ' . __FUNCTION__ . '.');
} // END - if
// Count up
incrementStatsEntry('cache_hits');
- } elseif (getExtensionVersion('cache') != '0.1.8') {
+ } elseif (isExtensionInstalledAndNewer('cache', '0.1.8')) {
// Check if current theme is already imported or not
$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_themes` WHERE `theme_path`='%s' LIMIT 1",
array($name), __FUNCTION__, __LINE__);
}
// Is the record valid?
- if (($found === false) || (!isUserDataValid())) {
+ if ((($found === false) || (!isUserDataValid())) && (isConfigEntrySet('def_refid'))) {
// No, then reset referal id
$GLOBALS['refid'] = getConfig('def_refid');
} // END - if
addFatalMessage(__FILE__, __LINE__, getMessage('NO_DB_LINK_SHUTDOWN'));
}
- // Stop executing here
+ // Stop2 executing here
exit;
}
$r .= '</span>|';
// Add code
- $r .= '<span class="linetext">' . secureString($c) . '</span></div>';
+ $r .= '<span class="linetext">' . htmlentities($c) . '</span></div>';
}
return '<div class="code">' . $r . '</div>';
// Flushes non-flushed template cache to disk
function flushTemplateCache ($template, $eval) {
// Is this cache flushed?
- if ((!isTemplateCached($template)) && ($eval != '404')) {
+ if ((isDebuggingTemplateCache() === false) && (isTemplateCached($template) === false) && ($eval != '404')) {
// Generate FQFN
$FQFN = sprintf("%s_compiled/templates/%s.tpl.cache", getConfig('CACHE_PATH'), $template);
// Reads a template cache
function readTemplateCache ($template) {
// Check it again
- if (isTemplateCached($template)) {
+ if ((isDebuggingTemplateCache() === false) && (isTemplateCached($template))) {
// Generate FQFN
$FQFN = sprintf("%s_compiled/templates/%s.tpl.cache", getConfig('CACHE_PATH'), $template);
// Escape all (including null)
$str = addslashes($str);
} else {
- // Escape only double-quotes
- $str = str_replace('"', "\\\"", $str);
+ // Escape only double-quotes but prevent double-quoting
+ $str = str_replace("\\\\", "\\", str_replace('"', "\\\"", $str));
}
// Return the escaped string
return $str;
}
+// Escapes the JavaScript code, prevents \r and \n becoming char 10/13
+function escapeJavaScriptQuotes ($str) {
+ // Replace all double-quotes and secure back-ticks
+ $str = str_replace('"', '\"', str_replace("\\", '{BACK}', $str));
+
+ // Return it
+ return $str;
+}
+
//////////////////////////////////////////////////
// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
//////////////////////////////////////////////////
if (!function_exists('http_build_query')) {
// Taken from documentation on www.php.net, credits to Marco K. (Germany)
- function http_build_query($data, $prefix='', $sep='', $key='') {
+ function http_build_query($data, $prefix = '', $sep = '', $key = '') {
$ret = array();
foreach ((array)$data as $k => $v) {
if (is_int($k) && $prefix != null) {
return implode($sep, $ret);
}
-}// // END - if
+} // END - if
// [EOF]
?>