DOCUMENT_ROOT and _SERVER added (avoid these things please)

[ctracker.git] / libs / lib_general.php

diff --git a/libs/lib_general.php b/libs/lib_general.php
index 3e14cb1c2c5c276cfedf1acf9433d01e362cbb41..abc177842cf068ddb12d3eb8fa647cf3e5cee961 100644 (file)
--- a/libs/lib_general.php
+++ b/libs/lib_general.php
@@ -4,7 +4,7 @@
  *
  * @author             Roland Haeder <webmaster@ship-simu.org>
  * @version            3.0.0
- * @copyright  Copyright (c) 2009, 2010 Cracker Tracker Team
+ * @copyright  Copyright (c) 2009 - 2011 Cracker Tracker Team
  * @license            GNU GPL 3.0 or any newer version
  * @link               http://www.ship-simu.org
  *
@@ -73,10 +73,10 @@ if (!function_exists('implode_secure')) {
        } // END - function
 } // END - if
 
-// Getter for ctracker_debug
+// Getter for ctracker_debug_enabled
 function isCrackerTrackerDebug () {
        // Is it set?
-       return ((isset($GLOBALS['ctracker_debug'])) && ($GLOBALS['ctracker_debug'] === true));
+       return ((isset($GLOBALS['ctracker_debug_enabled'])) && ($GLOBALS['ctracker_debug_enabled'] === true));
 }
 
 // Determines the real remote address
@@ -119,8 +119,8 @@ function crackerTrackerUserAgent () {
 
        // Is the entry there?
        if (isset($_SERVER['HTTP_USER_AGENT'])) {
-               // Then use it
-               $ua = $_SERVER['HTTP_USER_AGENT'];
+               // Then use it securely
+               $ua = crackerTrackerSecureString($_SERVER['HTTP_USER_AGENT']);
        } // END - if
 
        // Return it
@@ -280,7 +280,7 @@ function crackerTrackerLanguage () {
 }
 
 // Loads a given email template and passes through $content
-function crackerTrackerLoadEmailTemplate ($template, array $content = array(), $language) {
+function crackerTrackerLoadEmailTemplate ($template, array $content = array(), $language = null) {
        // Init language
        crackerTrackerLanguage();
 
@@ -331,12 +331,21 @@ function crackerTrackerOutputLocalized ($message) {
 // Compiles the given code
 function crackerTrackerCompileCode ($code) {
        // Find all $content[foo]
-       preg_match_all('/\$content((\[([a-zA-Z0-9-_]+)\])*)/', $code, $matches);
+       preg_match_all('/\$(content|GLOBALS)((\[([a-zA-Z0-9-_]+)\])*)/', $code, $matches);
+
+       // Replace " with {QUOTE}
+       $code = str_replace('"', '{QUOTE}', $code);
 
        // Replace all
        foreach ($matches[0] as $key=>$match) {
                // Replace it
-               $code = str_replace($match, "\" . \$content['" . $matches[3][$key] . "'] . \"", $code);
+               if (substr($match, 0, 8) == '$GLOBALS') {
+                       // $GLOBALS
+                       $code = str_replace($match, "\" . \$GLOBALS['" . $matches[4][$key] . "'] . \"", $code);
+               } elseif (substr($match, 0, 8) == '$content') {
+                       // $content
+                       $code = str_replace($match, "\" . \$content['" . $matches[4][$key] . "'] . \"", $code);
+               }
        } // END - foreach
 
        // Return it
@@ -402,24 +411,20 @@ function crackerTrackerRedirectSameUrl () {
        }
 
        // And redirect
-       sendRawRedirect($url);
+       crackerTrackerSendRawRedirect($url);
 }
 
 /**
- * Send a HTTP redirect to the browser. This function wass taken from DokuWiki
+ * Send a HTTP redirect to the browser. This function was taken from DokuWiki
  * (GNU GPL 2; http://www.dokuwiki.org) and modified to fit into this script.
  *
- * ----------------------------------------------------------------------------
- * If you want to redirect, please use redirectToUrl(); instead
- * ----------------------------------------------------------------------------
- *
  * Works arround Microsoft IIS cookie sending bug. Does exit the script.
  *
  * @link    http://support.microsoft.com/kb/q176113/
  * @author  Andreas Gohr <andi@splitbrain.org>
  * @access  private
  */
-function sendRawRedirect ($url) {
+function crackerTrackerSendRawRedirect ($url) {
        // always close the session
        session_write_close();