/**
* General functions library
*
- * @author Roland Haeder <webmaster@ship-simu.org>
+ * @author Roland Haeder <webmaster@shipsimu.org>
* @version 3.0.0
- * @copyright Copyright (c) 2009 - 2011 Cracker Tracker Team
+ * @copyright Copyright (c) 2009 - 2017 Cracker Tracker Team
* @license GNU GPL 3.0 or any newer version
- * @link http://www.ship-simu.org
+ * @link http://www.shipsimu.org
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-if (!function_exists('implode_r')) {
- // Implode recursive a multi-dimension array, taken from www.php.net
- function implode_r ($glue, $array, $array_name = NULL) {
- $return = array();
- while(list($key,$value) = @each($array)) {
- if(is_array($value)) {
- // Is an array again, so call recursive
- $return[] = implode_r($glue, $value, (string) $key);
+// Implode recursive a multi-dimension array, taken from www.php.net
+function implode_r (string $glue, array $array, string $array_name = NULL) {
+ $return = [];
+ while (list($key,$value) = @each($array)) {
+ if (is_array($value)) {
+ // Is an array again, so call recursive
+ $return[] = implode_r($glue, $value, (string) $key);
+ } else {
+ if ($array_name != NULL) {
+ $return[] = $array_name . '[' . (string) $key . ']=' . $value . "\n";
} else {
- if($array_name != NULL) {
- $return[] = $array_name . '[' . (string) $key . ']=' . $value . "\n";
- } else {
- $return[] = $key . '=' . $value."\n";
- }
+ $return[] = $key . '=' . $value."\n";
}
- } // END - while
-
- // Return resulting array
- return(implode($glue, $return));
- } // END - function
-} // END - if
-
-if (!function_exists('implode_secure')) {
- // Implode a simple array with a 'call-back' to our escaper function
- function implode_secure ($array) {
- // Return string
- $return = '';
-
- // Implode all data
- foreach ($array as $entry) {
- // Don't escape some
- if (in_array($entry, array('NOW()'))) {
- // Add it with non-string glue
- $return .= $entry . ',';
- } elseif (empty($entry)) {
- // Empty strings need no escaping
- $return .= '"",';
- } else {
- // Secure this string and add it
- $return .= '"' . crackerTrackerEscapeString($entry) . '",';
- }
- } // END - foreach
+ }
+ }
+
+ // Return resulting array
+ return implode($glue, $return);
+}
- // Remove last char
- $return = substr($return, 0, -1);
+// Implode a simple array with a 'call-back' to our escaper function
+function implode_secure (array $array) {
+ // Return string
+ $return = '';
+
+ // Implode all data
+ foreach ($array as $entry) {
+ // Don't escape some
+ if (in_array($entry, array('NOW()'))) {
+ // Add it with non-string glue
+ $return .= $entry . ',';
+ } elseif (empty($entry)) {
+ // Empty strings need no escaping
+ $return .= '"",';
+ } else {
+ // Secure this string and add it
+ $return .= '"' . crackerTrackerEscapeString($entry) . '",';
+ }
+ }
+
+ // Remove last char
+ $return = substr($return, 0, -1);
+
+ // Return this string
+ return $return;
+}
- // Return this string
- return $return;
- } // END - function
-} // END - if
+// Load configuration, if found
+function crackerTrackerLoadConfiguration () {
+ // FQFN
+ $fqfn = sprintf('%s/config/db_config.php', $GLOBALS['ctracker_base_path']);
+
+ // Is the file readable?
+ if (!isCrackerTrackerFileFound($fqfn)) {
+ // No config file found
+ die(__FUNCTION__.': No configuration file found.');
+ }
+
+ // Load it
+ require $fqfn;
+
+ // Load email header
+ $GLOBALS['ctracker_header'] = crackerTrackerLoadEmailTemplate('header');
+}
// Getter for ctracker_debug_enabled
function isCrackerTrackerDebug () {
// Is it set?
- return ((isset($GLOBALS['ctracker_debug_enabled'])) && ($GLOBALS['ctracker_debug_enabled'] === TRUE));
+ $result = ((isset($GLOBALS['ctracker_debug_enabled'])) && ($GLOBALS['ctracker_debug_enabled'] === true));
+
+ // Debug message
+ //* DEBUG: */ error_log('result=' . intval($result));
+
+ // Return it
+ return $result;
}
// Determines the real remote address
// Is a proxy in use?
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
// Proxy was used
- $address = $_SERVER['HTTP_X_FORWARDED_FOR'];
+ $address = trim($_SERVER['HTTP_X_FORWARDED_FOR']);
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
// Yet, another proxy
- $address = $_SERVER['HTTP_CLIENT_IP'];
+ $address = trim($_SERVER['HTTP_CLIENT_IP']);
} elseif (isset($_SERVER['REMOTE_ADDR'])) {
// The regular address when no proxy was used
- $address = getenv('REMOTE_ADDR');
+ $address = trim(getenv('REMOTE_ADDR'));
}
- // This strips out the real address from proxy output
- if (strstr($address, ',')) {
+ if ($address == 'unknown') {
+ // Invalid IP somehow given
+ $address = '0.0.0.0';
+ } elseif (strstr($address, ',')) {
+ // This strips out the real address from proxy output
$addressArray = explode(',', $address);
$address = $addressArray[0];
- } // END - if
+ }
// Return the result
return $address;
}
// Detects the user-agent string
-function crackerTrackerUserAgent () {
+function crackerTrackerUserAgent (bool $sanitize = false) {
// Default is 'unknown'
$ua = 'unknown';
// Is the entry there?
if (isset($_SERVER['HTTP_USER_AGENT'])) {
// Then use it securely
- $ua = crackerTrackerSecureString($_SERVER['HTTP_USER_AGENT']);
- } // END - if
+ $ua = crackerTrackerSecureString(urldecode($_SERVER['HTTP_USER_AGENT']));
+ }
+
+ // Sanitize it?
+ if ($sanitize === true) {
+ // Sanitize ...
+ $ua = crackerTrackerSanitize($ua);
+ }
// Return it
return $ua;
}
// Detects the script name
-function crackerTrackerScriptName () {
+function crackerTrackerScriptName (bool $sanitize = false) {
+ // Default is NULL
+ $scriptName = NULL;
+
// Is it there?
- if (!isset($_SERVER['SCRIPT_NAME'])) {
+ if (!empty($_SERVER['SCRIPT_NAME'])) {
// Return NULL
- return NULL;
- } // END - if
+ $scriptName = crackerTrackerSecureString($_SERVER['SCRIPT_NAME']);
+ }
- // Should always be there!
- return crackerTrackerSecureString($_SERVER['SCRIPT_NAME']);
+ // Sanitize it?
+ if ($sanitize === true) {
+ // Sanitize ...
+ $scriptName = crackerTrackerSanitize($scriptName);
+ }
+
+ // Return
+ return $scriptName;
}
// Detects the query string
-function crackerTrackerQueryString () {
+function crackerTrackerQueryString (bool $sanitize = false) {
+ // Default is NULL
+ $query = NULL;
+
// Is it there?
- if (!isset($_SERVER['QUERY_STRING'])) {
- // Return NULL
- return NULL;
- } // END - if
+ if (!empty($_SERVER['QUERY_STRING'])) {
+ // Get string escaped
+ $query = crackerTrackerEscapeString(urldecode($_SERVER['QUERY_STRING']));
+ } elseif (!empty($_SERVER['REQUEST_URI'])) {
+ // Get string escaped
+ $query = crackerTrackerEscapeString(urldecode($_SERVER['REQUEST_URI']));
+ }
- // Should always be there!
- return crackerTrackerEscapeString(urldecode($_SERVER['QUERY_STRING']));
+ // Sanitize it?
+ if ((!empty($query)) && ($sanitize === true)) {
+ // Sanitize ...
+ $query = crackerTrackerSanitize($query);
+ }
+
+ // Return it
+ return $query;
}
// Detects the server's name
-function crackerTrackerServerName () {
+function crackerTrackerServerName (bool $sanitize = false) {
+ // Default is NULL
+ $serverName = NULL;
+
// Is it there?
- if (!isset($_SERVER['SERVER_NAME'])) {
+ if (!empty($_SERVER['SERVER_NAME'])) {
// Return NULL
- return NULL;
- } // END - if
+ $serverName = crackerTrackerSecureString($_SERVER['SERVER_NAME']);
+ }
- // Should always be there!
- return crackerTrackerSecureString($_SERVER['SERVER_NAME']);
+ // Sanitize it?
+ if ($sanitize === true) {
+ // Sanitize ...
+ $serverName = crackerTrackerSanitize($serverName);
+ }
+
+ // Return it
+ return $serverName;
}
// Detects the referer
-function crackerTrackerReferer () {
+function crackerTrackerReferer (bool $sanitize = false) {
// Default is a dash
$referer = '-';
// Is it there?
- if (isset($_SERVER['HTTP_REFERER'])) {
+ if (!empty($_SERVER['HTTP_REFERER'])) {
// Then use it securely
$referer = crackerTrackerSecureString(urldecode($_SERVER['HTTP_REFERER']));
- } // END - if
+ }
+
+ // Sanitize it?
+ if ($sanitize === true) {
+ // Sanitize ...
+ $referer = crackerTrackerSanitize($referer);
+ }
// Return it
return $referer;
}
+// Detects request method
+function crackerTrackerRequestMethod () {
+ // Default is NULL
+ $method = NULL;
+
+ // Is it set?
+ if (!empty($_SERVER['REQUEST_METHOD'])) {
+ // Then use it
+ $method = $_SERVER['REQUEST_METHOD'];
+ }
+
+ // Return it
+ return $method;
+}
+
// Detects the scripts path
function crackerTrackerScriptPath () {
// Should always be there!
// Loads a given "template" (this is more an include file)
function crackerTrackerLoadTemplate ($template) {
// Create the full-qualified filename (FQFN)
- $FQFN = sprintf('%s/templates/%s.tpl.php',
- dirname(__FILE__),
+ $FQFN = sprintf('%s/libs/templates/%s.tpl.php',
+ $GLOBALS['ctracker_base_path'],
$template
);
// Loads a given "template" (this is more an include file)
function crackerTrackerLoadLocalizedTemplate ($template) {
// Create the full-qualified filename (FQFN)
- $FQFN = sprintf('%s/templates/%s/%s.tpl.php',
- dirname(__FILE__),
+ $FQFN = sprintf('%s/libs/templates/%s/%s.tpl.php',
+ $GLOBALS['ctracker_base_path'],
getCrackerTrackerLanguage(),
$template
);
// Use this language/weight instead
$GLOBALS['ctracker_language'] = $langArray[0];
$weight = $langArray[1];
- } // END - if
- } // END - foreach
- } // END - if
+ }
+ }
+ }
// Construct FQFN
- $FQFN = sprintf('%s/language/%s.php',
- dirname(__FILE__),
+ $FQFN = sprintf('%s/libs/language/%s.php',
+ $GLOBALS['ctracker_base_path'],
getCrackerTrackerLanguage()
);
$GLOBALS['ctracker_language'] = 'en';
// Construct FQFN again
- $FQFN = sprintf('%s/language/en.php', dirname(__FILE__));
- } // END - if
+ $FQFN = sprintf('%s/libs/language/en.php', $GLOBALS['ctracker_base_path']);
+ }
// Load the language file
require($FQFN);
}
// Loads a given email template and passes through $content
-function crackerTrackerLoadEmailTemplate ($template, array $content = array(), $language = NULL) {
+function crackerTrackerLoadEmailTemplate ($template, array $content = [], $language = NULL) {
// Init language
crackerTrackerLanguage();
// Generate the FQFN
- $FQFN = sprintf('%s/mails/%s/%s.tpl',
- dirname(__FILE__),
+ $FQFN = sprintf('%s/libs/mails/%s/%s.tpl',
+ $GLOBALS['ctracker_base_path'],
getCrackerTrackerLanguage($language),
$template
);
// So is the file there?
if (isCrackerTrackerFileFound($FQFN)) {
// Init result
- $result = 'No result from template ' . $template . '. Please report this at http://forum.ship-simu.org Thank you.';
+ $result = 'No result from template ' . $template . '. Please report this at http://forum.shipsimu.org Thank you.';
// Then load it
- eval('$result = "' . crackerTrackerCompileCode(file_get_contents($FQFN)) . '";');
+ //* DEBUG-DIE: */ die('<pre>$result = "' . crackerTrackerCompileCode(trim(file_get_contents($FQFN))) . '";</pre>');
+ eval('$result = "' . crackerTrackerCompileCode(trim(file_get_contents($FQFN))) . '";');
// Return the result
return $result;
if (isset($GLOBALS['ctracker_localized'][$message])) {
// Use this instead
$output = $GLOBALS['ctracker_localized'][$message];
- } // END - if
+ }
// Return it
return $output;
// $content
$code = str_replace($match, "\" . \$content['" . $matches[4][$key] . "'] . \"", $code);
}
- } // END - foreach
+ }
// Return it
return $code;
if (!is_null($lang)) {
// Then use this instead
$language = $lang;
- } // END - if
+ }
// Return it
return $language;
if (isset($GLOBALS['ctracker_last_ticket']['ctracker_ticket'])) {
// Then use it
$id = $GLOBALS['ctracker_last_ticket']['ctracker_ticket'];
- } // END - if
+ }
// Return the number
return $id;
function sendCrackerTrackerCookie () {
// Set the cookie
// @TODO Why can't domain be set to value from crackerTrackerServerName() ?
- setcookie('ctracker_ticket', getCrackerTrackerTicketId(), (time() + 60*60*24), '/', '', crackerTrackerSecured(), TRUE);
+ setcookie('ctracker_ticket', getCrackerTrackerTicketId(), (time() + 60*60*24), '/', '', crackerTrackerSecured(), true);
$_COOKIE['ctracker_ticket'] = getCrackerTrackerTicketId();
}
// Redirects to the same URL
function crackerTrackerRedirectSameUrl () {
- // Construct the url
- $url = '://' . crackerTrackerServerName() . crackerTrackerScriptName() . '?' . crackerTrackerQueryString();
-
- // Do we have SSL?
- if (crackerTrackerSecured()) {
- // HTTPS
- $url = 'https' . $url;
- } else {
- // HTTP
- $url = 'http' . $url;
- }
-
- // And redirect
- crackerTrackerSendRawRedirect($url);
+ // Construct and redirect to same URL
+ crackerTrackerSendRawRedirect(sprintf('%s://%s%s?%s',
+ (crackerTrackerSecured() ? 'https' : 'http'),
+ crackerTrackerServerName(),
+ crackerTrackerScriptName(),
+ crackerTrackerQueryString()
+ ));
}
/**
*
* @link http://support.microsoft.com/kb/q176113/
* @author Andreas Gohr <andi@splitbrain.org>
- * @access private
*/
function crackerTrackerSendRawRedirect ($url) {
// Better remove any data by ctracker
// check if running on IIS < 6 with CGI-PHP
if ((isset($_SERVER['SERVER_SOFTWARE'])) && (isset($_SERVER['GATEWAY_INTERFACE'])) &&
- (strpos($_SERVER['GATEWAY_INTERFACE'],'CGI') !== FALSE) &&
+ (strpos($_SERVER['GATEWAY_INTERFACE'],'CGI') !== false) &&
(preg_match('|^Microsoft-IIS/(\d)\.\d$|', trim($_SERVER['SERVER_SOFTWARE']), $matches)) &&
($matches[1] < 6)) {
// Send the IIS header
// Removes all ctracker-related data from global space
function unsetCtrackerData () {
+ // Debug message
+ //* DEBUG: */ error_log(__FUNCTION__ . ': CALLED!');
+
// Unset all ctracker data
foreach (array(
+ 'ctracker_base_path',
'ctracker_host',
'ctracker_dbname',
'ctracker_user',
'ctracker_post_blacklist',
'ctracker_header',
'ctracker_post_track',
- 'ctracker_checkworm',
- 'ctracker_check_post',
+ 'ctracker_checked_get',
+ 'ctracker_checked_post',
+ 'ctracker_checked_ua',
'ctracker_last_sql',
'ctracker_last_result',
'ctracker_config',
'ctracker_language',
'ctracker_localized',
'ctracker_link',
+ 'ctracker_blocked_methods',
) as $key) {
// Unset it
unset($GLOBALS[$key]);
- } // END - foreach
+ }
+}
+
+// Sanitizes string
+function crackerTrackerSanitize ($str) {
+ return str_replace(array('//', '/./'), array('/', '/'), $str);
+}
+
+function crackerTrackerIsConsole () {
+ return (php_sapi_name() == 'cli');
+}
+
+function ctrackerAntiSpamField () {
+ // Get all fields
+ $fields = ctrackerGetAntiSpamFields();
+
+ // Choose random
+ $fieldName = $fields[mt_rand(0, count($fields) - 1)];
+
+ // Return it
+ return $fieldName;
+}
+
+function ctrackerGetAntiSpamFields () {
+ return [
+ 'ctracker_url',
+ 'ctracker_aol',
+ 'ctracker_yahoo',
+ 'ctracker_icq',
+ 'ctracker_jabber',
+ ];
}
-// [EOF]
-?>
+function ifCtrackerTrackerAntiSpamFieldGiven () {
+ // Is request method POST?
+ if (crackerTrackerRequestMethod() != 'POST') {
+ // Cannot be given
+ return false;
+ }
+
+ // Walk through all fields
+ foreach (ctrackerGetAntiSpamFields() as $fieldName) {
+ // Is one found?
+ if (in_array($fieldName, $_POST) && !empty($_POST[$fieldName])) {
+ // Filled out!
+ return true;
+ }
+ }
+}