X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=inc%2Ffunctions.php;h=a31c402069ef86f8c151aa68bc481bbf26d62817;hb=3726c01129d404929701f1bf9e57dd269c601320;hp=0d11b7f068a7c2b06f0409adfcabe0e0710e16aa;hpb=aaf81b8f35512782d34f78c1a0dac8b42d745393;p=mailer.git diff --git a/inc/functions.php b/inc/functions.php index 0d11b7f068..a31c402069 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -1,7 +1,7 @@ \n" . $GLOBALS['tpl_content'] . "\n"; + $ret = '\n" . $GLOBALS['tpl_content'] . '\n"; // Prepare eval() command $eval = '$ret = "' . compileCode(escapeQuotes($ret)) . '";'; } elseif (substr($template, 0, 3) == 'js_') { // JavaScripts don't like entities and timings - $eval = '$ret = decodeEntities("' . compileRawCode(escapeQuotes($GLOBALS['tpl_content'])) . '");'; + $eval = '$ret = decodeEntities("' . compileRawCode(escapeJavaScriptQuotes($GLOBALS['tpl_content'])) . '");'; } else { - // Prepare eval() command - $eval = '$ret = "' . compileCode(escapeQuotes($GLOBALS['tpl_content'])) . '";'; + // Prepare eval() command, other output doesn't like entities, maybe + $eval = '$ret = decodeEntities("' . compileRawCode(escapeQuotes($GLOBALS['tpl_content'])) . '");'; } } else { // Add surrounding HTML comments to help finding bugs faster - $ret = "\n" . $GLOBALS['tpl_content'] . "\n"; + $ret = '\n" . $GLOBALS['tpl_content'] . '\n"; $eval = '$ret = "' . escapeQuotes($ret) . '";'; } // END - if @@ -312,7 +312,7 @@ function loadTemplate ($template, $return = false, $content = array()) { eval($GLOBALS['template_eval'][$template]); } elseif ((isAdmin()) || ((isInstalling()) && (!isInstalled()))) { // Only admins shall see this warning or when installation mode is active - $ret = '
{--TEMPLATE_404--}
+ $ret = '
{--TEMPLATE_404--}
(' . $template . ')

{--TEMPLATE_CONTENT--} @@ -350,44 +350,53 @@ function detectExtraTemplatePath ($template) { // Default is empty $extraPath = ''; - // Check for admin/guest/member templates - if (substr($template, 0, 6) == 'admin_') { - // Admin template found - $extraPath = 'admin/'; - } elseif (substr($template, 0, 6) == 'guest_') { - // Guest template found - $extraPath = 'guest/'; - } elseif (substr($template, 0, 7) == 'member_') { - // Member template found - $extraPath = 'member/'; - } elseif (substr($template, 0, 8) == 'install_') { - // Installation template found - $extraPath = 'install/'; - } elseif (substr($template, 0, 4) == 'ext_') { - // Extension template found - $extraPath = 'ext/'; - } elseif (substr($template, 0, 3) == 'la_') { - // 'Logical-area' template found - $extraPath = 'la/'; - } elseif (substr($template, 0, 3) == 'js_') { - // JavaScript template found - $extraPath = 'js/'; - } elseif (substr($template, 0, 5) == 'menu_') { - // Menu template found - $extraPath = 'menu/'; - } else { - // Test for extension - $test = substr($template, 0, strpos($template, '_')); + // Do we have cache? + if (!isset($GLOBALS['extra_path'][$template])) { + // Check for admin/guest/member/etc. templates + if (substr($template, 0, 6) == 'admin_') { + // Admin template found + $extraPath = 'admin/'; + } elseif (substr($template, 0, 6) == 'guest_') { + // Guest template found + $extraPath = 'guest/'; + } elseif (substr($template, 0, 7) == 'member_') { + // Member template found + $extraPath = 'member/'; + } elseif (substr($template, 0, 7) == 'select_') { + // Selection template found + $extraPath = 'select/'; + } elseif (substr($template, 0, 8) == 'install_') { + // Installation template found + $extraPath = 'install/'; + } elseif (substr($template, 0, 4) == 'ext_') { + // Extension template found + $extraPath = 'ext/'; + } elseif (substr($template, 0, 3) == 'la_') { + // 'Logical-area' template found + $extraPath = 'la/'; + } elseif (substr($template, 0, 3) == 'js_') { + // JavaScript template found + $extraPath = 'js/'; + } elseif (substr($template, 0, 5) == 'menu_') { + // Menu template found + $extraPath = 'menu/'; + } else { + // Test for extension + $test = substr($template, 0, strpos($template, '_')); - // Probe for valid extension name - if (isExtensionNameValid($test)) { - // Set extra path to extension's name - $extraPath = $test . '/'; - } // END - if - } + // Probe for valid extension name + if (isExtensionNameValid($test)) { + // Set extra path to extension's name + $extraPath = $test . '/'; + } // END - if + } + + // Store it in cache + $GLOBALS['extra_path'][$template] = $extraPath; + } // END - if // Return result - return $extraPath; + return $GLOBALS['extra_path'][$template]; } // Loads an email template and compiles it @@ -439,7 +448,7 @@ function loadEmailTemplate ($template, $content = array(), $UID = '0') { //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):UID={$UID},template={$template},content[]=".gettype($content).'
'); if (($UID > 0) && (is_array($content))) { // If nickname extension is installed, fetch nickname as well - if (isNicknameUsed($UID)) { + if ((isExtensionActive('nickname')) && (isNicknameUsed($UID))) { //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):NICKNAME!
"); // Load by nickname fetchUserData($UID, 'nickname'); @@ -602,7 +611,7 @@ Message : ' . $message . ' } } -// Check if legacy or PHPMailer command +// Check to use wether legacy mail() command or PHPMailer class // @TODO Rewrite this to an extension 'smtp' // @private function checkPhpMailerUsage() { @@ -611,6 +620,12 @@ function checkPhpMailerUsage() { // Send out a raw email with PHPMailer class or legacy mail() command function sendRawEmail ($toEmail, $subject, $message, $from) { + // Just compile all again, to put out all configs, etc. + eval('$toEmail = decodeEntities("' . compileRawCode(escapeQuotes($toEmail)) . '");'); + eval('$subject = decodeEntities("' . compileRawCode(escapeQuotes($subject)) . '");'); + eval('$message = decodeEntities("' . compileRawCode(escapeQuotes($message)) . '");'); + eval('$from = decodeEntities("' . compileRawCode(escapeQuotes($from)) . '");'); + // Shall we use PHPMailer class or legacy mode? if (checkPhpMailerUsage()) { // Use PHPMailer class with SMTP enabled @@ -991,16 +1006,16 @@ function compileCode ($code, $simple = false, $constants = true, $full = true) { } // END - if // Start couting - $startCompile = explode(' ', microtime()); + $startCompile = microtime(true); // Comile the code $code = compileRawCode($code, $simple, $constants, $full); // Get timing - $compiled = explode(' ', microtime()); + $compiled = microtime(true); // Add timing - $code .= ''; + $code .= ''; // Return compiled code return $code; @@ -1076,13 +1091,13 @@ function compileRawCode ($code, $simple = false, $constants = true, $full = true // Replace it in the code //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):key={$key},match={$match}
"); $newMatch = str_replace('[', "['", str_replace(']', "']", $match)); - $code = str_replace($match, "\"." . $newMatch.".\"", $code); + $code = str_replace($match, '".' . $newMatch . '."', $code); $matchesFound[$key . '_' . $matches[4][$key]] = 1; $matchesFound[$match] = 1; } elseif (!isset($matchesFound[$match])) { // Not yet replaced! //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):match={$match}
"); - $code = str_replace($match, "\"." . $match.".\"", $code); + $code = str_replace($match, '".' . $match . '."', $code); $matchesFound[$match] = 1; } } // END - foreach @@ -1448,35 +1463,35 @@ function createTimeSelections ($timestamp, $prefix = '', $display = '', $align = } else { // Generate table $OUT = "
\n"; - $OUT .= "\n"; + $OUT .= "
\n"; $OUT .= "\n"; if (ereg('Y', $display) || (empty($display))) { - $OUT .= " \n"; + $OUT .= " \n"; } if (ereg('M', $display) || (empty($display))) { - $OUT .= " \n"; + $OUT .= " \n"; } - if (ereg("W", $display) || (empty($display))) { - $OUT .= " \n"; + if (ereg('W', $display) || (empty($display))) { + $OUT .= " \n"; } - if (ereg("D", $display) || (empty($display))) { - $OUT .= " \n"; + if (ereg('D', $display) || (empty($display))) { + $OUT .= " \n"; } - if (ereg("h", $display) || (empty($display))) { - $OUT .= " \n"; + if (ereg('h', $display) || (empty($display))) { + $OUT .= " \n"; } if (ereg('m', $display) || (empty($display))) { - $OUT .= " \n"; + $OUT .= " \n"; } - if (ereg("s", $display) || (empty($display))) { - $OUT .= " \n"; + if (ereg('s', $display) || (empty($display))) { + $OUT .= " \n"; } $OUT .= "\n"; @@ -1492,7 +1507,7 @@ function createTimeSelections ($timestamp, $prefix = '', $display = '', $align = } $OUT .= " \n"; } else { - $OUT .= "\n"; + $OUT .= "\n"; } if (ereg('M', $display) || (empty($display))) { @@ -1506,10 +1521,10 @@ function createTimeSelections ($timestamp, $prefix = '', $display = '', $align = } $OUT .= " \n"; } else { - $OUT .= "\n"; + $OUT .= "\n"; } - if (ereg("W", $display) || (empty($display))) { + if (ereg('W', $display) || (empty($display))) { // Generate week selection $OUT .= " \n"; } else { - $OUT .= "\n"; + $OUT .= "\n"; } - if (ereg("D", $display) || (empty($display))) { + if (ereg('D', $display) || (empty($display))) { // Generate day selection $OUT .= " \n"; } else { - $OUT .= "\n"; + $OUT .= "\n"; } - if (ereg("h", $display) || (empty($display))) { + if (ereg('h', $display) || (empty($display))) { // Generate hour selection $OUT .= " \n"; } else { - $OUT .= "\n"; + $OUT .= "\n"; } if (ereg('m', $display) || (empty($display))) { @@ -1558,10 +1573,10 @@ function createTimeSelections ($timestamp, $prefix = '', $display = '', $align = } $OUT .= " \n"; } else { - $OUT .= "\n"; + $OUT .= "\n"; } - if (ereg("s", $display) || (empty($display))) { + if (ereg('s', $display) || (empty($display))) { // Generate second selection $OUT .= " \n"; } else { - $OUT .= "\n"; + $OUT .= "\n"; } $OUT .= "\n"; $OUT .= "
{--_YEARS--}
{--_YEARS--}
{--_MONTHS--}
{--_MONTHS--}
{--_WEEKS--}
{--_WEEKS--}
{--_DAYS--}
{--_DAYS--}
{--_HOURS--}
{--_HOURS--}
{--_MINUTES--}
{--_MINUTES--}
{--_SECONDS--}
{--_SECONDS--}
\n"; @@ -1640,7 +1655,7 @@ function createFancyTime ($stamp) { function addEmailNavigation ($PAGES, $offset, $show_form, $colspan, $return=false) { $SEP = ''; $TOP = ''; if ($show_form === false) { - $TOP = " top2"; + $TOP = " top"; $SEP = " "; } @@ -1714,7 +1729,7 @@ function extractHostnameFromUrl (&$script) { if (substr(strtolower($script), 0, 7) == 'http://') { // But only if http:// is in front! $script = substr($script, (strlen($url) + 7)); - } elseif (substr(strtolower($script), 0, 8) == "https://") { + } elseif (substr(strtolower($script), 0, 8) == 'https://') { // Does this work?! $script = substr($script, (strlen($url) + 8)); } @@ -2360,7 +2375,7 @@ function getThemeId ($name) { // Count up incrementStatsEntry('cache_hits'); - } elseif (getExtensionVersion('cache') != '0.1.8') { + } elseif (isExtensionInstalledAndNewer('cache', '0.1.8')) { // Check if current theme is already imported or not $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_themes` WHERE `theme_path`='%s' LIMIT 1", array($name), __FUNCTION__, __LINE__); @@ -2482,7 +2497,7 @@ function getActualVersion ($type = 'Revision') { $new = true; } else { // Generate fake cache entry - foreach ($mapper as $map=>$idx) { + foreach ($mapper as $map => $idx) { $GLOBALS['cache_array']['revision'][$map][0] = $ins_vers[$idx]; } // END - foreach @@ -2632,7 +2647,7 @@ function debug_report_bug ($message = '') { } // END - if // Add output - $debug .= "Please report this bug at bugs.mxchange.org and include the logfile from " . getConfig('CACHE_PATH') . "debug.log in your report (you can now attach files):
";
+	$debug .= "Please report this bug at bugs.mxchange.org and include the logfile from " . str_replace(getConfig('PATH'), '', getConfig('CACHE_PATH')) . "debug.log in your report (you can now attach files):
";
 	$debug .= debug_get_printable_backtrace();
 	$debug .= "
\nRequest-URI: " . getRequestUri()."
\n";
 	$debug .= "Thank you for finding bugs.";
@@ -2642,11 +2657,9 @@ function debug_report_bug ($message = '') {
 	die($debug);
 }
 
-// Generates a ***weak*** seed (taken from de.php.net/mt_srand)
+// Generates a ***weak*** seed
 function generateSeed () {
-	list($usec, $sec) = explode(' ', microtime());
-	$microTime = (((float)$sec + (float)$usec)) * 100000;
-	return $microTime;
+	return microtime(true) * 100000;
 }
 
 // Converts a message code to a human-readable message
@@ -3160,7 +3173,7 @@ function determineReferalId () {
 	} elseif ((isSessionVariableSet('refid')) && (getSession('refid') != 0)) {
 		// Set session refid als global
 		$GLOBALS['refid'] = bigintval(getSession('refid'));
-	} elseif ((isExtensionInstalledAndNewer('user', '0.3.4')) && (getConfig('select_user_zero_refid')) == 'Y') {
+	} elseif ((isExtensionInstalledAndNewer('user', '0.3.4')) && (getConfig('select_user_zero_refid') == 'Y')) {
 		// Select a random user which has confirmed enougth mails
 		$GLOBALS['refid'] = determineRandomReferalId();
 	} elseif ((isExtensionInstalled('sql_patches')) && (getConfig('def_refid') > 0)) {
@@ -3177,7 +3190,7 @@ function determineReferalId () {
 		$found = false;
 
 		// Do we have nickname or userid set?
-		if (isNicknameUsed($GLOBALS['refid'])) {
+		if ((isExtensionActive('nickname')) && (isNicknameUsed($GLOBALS['refid']))) {
 			// Nickname in URL, so load the id
 			$found = fetchUserData($GLOBALS['refid'], 'nickname');
 		} elseif ($GLOBALS['refid'] > 0) {
@@ -3186,7 +3199,7 @@ function determineReferalId () {
 		}
 
 		// Is the record valid?
-		if (($found === false) || (!isUserDataValid())) {
+		if ((($found === false) || (!isUserDataValid())) && (isConfigEntrySet('def_refid'))) {
 			// No, then reset referal id
 			$GLOBALS['refid'] = getConfig('def_refid');
 		} // END - if
@@ -3565,7 +3578,7 @@ function linenumberCode ($code)    {
 		$r .= '|';
 
 		// Add code
-		$r .= '' . secureString($c) . '
'; + $r .= '' . htmlentities($c) . ''; } return '
' . $r . '
'; @@ -3604,10 +3617,10 @@ function determinePageTitle () { $mode = ''; if (getModule() == 'login') $mode = 'member'; elseif (getModule() == 'index') $mode = 'guest'; - if ((!empty($mode)) && (getConfig('enable_what_title') == 'Y')) $TITLE .= " ".trim(getConfig('title_middle'))." ".getModuleDescription($mode, getWhat()); + if ((!empty($mode)) && (getConfig('enable_what_title') == 'Y')) $TITLE .= ' ' . trim(getConfig('title_middle')) . ' ' . getTitleFromMenu($mode, getWhat()); // Add title decorations? (right) - if ((getConfig('enable_title_deco') == 'Y') && (getConfig('title_right') != '')) $TITLE .= " ".trim(getConfig('title_right')); + if ((getConfig('enable_title_deco') == 'Y') && (getConfig('title_right') != '')) $TITLE .= ' ' . trim(getConfig('title_right')); // Remember title in constant for the template $pageTitle = $TITLE; @@ -3650,7 +3663,7 @@ function isTemplateCached ($template) { // Flushes non-flushed template cache to disk function flushTemplateCache ($template, $eval) { // Is this cache flushed? - if ((!isTemplateCached($template)) && ($eval != '404')) { + if ((isDebuggingTemplateCache() === false) && (isTemplateCached($template) === false) && ($eval != '404')) { // Generate FQFN $FQFN = sprintf("%s_compiled/templates/%s.tpl.cache", getConfig('CACHE_PATH'), $template); @@ -3665,7 +3678,7 @@ function flushTemplateCache ($template, $eval) { // Reads a template cache function readTemplateCache ($template) { // Check it again - if (isTemplateCached($template)) { + if ((isDebuggingTemplateCache() === false) && (isTemplateCached($template))) { // Generate FQFN $FQFN = sprintf("%s_compiled/templates/%s.tpl.cache", getConfig('CACHE_PATH'), $template); @@ -3684,14 +3697,185 @@ function escapeQuotes ($str, $single = false) { // Escape all (including null) $str = addslashes($str); } else { - // Escape only double-quotes - $str = str_replace('"', "\\\"", $str); + // Escape only double-quotes but prevent double-quoting + $str = str_replace("\\\\", "\\", str_replace('"', "\\\"", $str)); } // Return the escaped string return $str; } +// Escapes the JavaScript code, prevents \r and \n becoming char 10/13 +function escapeJavaScriptQuotes ($str) { + // Replace all double-quotes and secure back-ticks + $str = str_replace('"', '\"', str_replace("\\", '{BACK}', $str)); + + // Return it + return $str; +} + +// Send out mails depending on the 'mod/modes' combination +// @TODO Lame description for this function +function sendModeMails ($mod, $modes) { + // Load hash + if (fetchUserData(getMemberId())) { + // Extract salt from cookie + $salt = substr(getSession('u_hash'), 0, -40); + + // Now let's compare passwords + $hash = generatePassString(getUserData('password')); + + // Does the hash match or should we change it? + if (($hash == getSession('u_hash')) || (postRequestElement('pass1') == postRequestElement('pass2'))) { + // Load the data + $content = getUserDataArray(); + + // Translate gender + $content['gender'] = translateGender($content['gender']); + + // Clear/init the content variable + $content['message'] = ''; + + // Which mail? + // @TODO Move this in a filter + switch ($mod) { + case 'mydata': + foreach ($modes as $mode) { + switch ($mode) { + case 'normal': break; // Do not add any special lines + case 'email': // Email was changed! + $content['message'] = getMessage('MEMBER_CHANGED_EMAIL').": ".postRequestElement('old_email')."\n"; + break; + + case 'pass': // Password was changed + $content['message'] = getMessage('MEMBER_CHANGED_PASS')."\n"; + break; + + default: + logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown mode %s detected.", $mode)); + $content['message'] = getMessage('MEMBER_UNKNOWN_MODE') . ': ' . $mode . "\n\n"; + break; + } // END - switch + } // END - foreach + + if (isExtensionActive('country')) { + // Replace code with description + $content['country'] = generateCountryInfo(postRequestElement('country_code')); + } // END - if + + // Merge content with data from POST + $content = merge_array($content, postRequestArray()); + + // Load template + $message = loadEmailTemplate('member_mydata_notify', $content, getMemberId()); + + if (getConfig('admin_notify') == 'Y') { + // The admin needs to be notified about a profile change + $message_admin = 'admin_mydata_notify'; + $sub_adm = getMessage('ADMIN_CHANGED_DATA'); + } else { + // No mail to admin + $message_admin = ''; + $sub_adm = ''; + } + + // Set subject lines + $sub_mem = getMessage('MEMBER_CHANGED_DATA'); + + // Output success message + $content = "{--MYDATA_MAIL_SENT--}"; + break; + + default: // Unsupported module! + logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unsupported module %s detected.", $mod)); + $content = "{--UNKNOWN_MODULE--}"; + break; + } // END - switch + } else { + // Passwords mismatch + $content = "{--MEMBER_PASSWORD_ERROR--}"; + } + } else { + // Could not load profile + $content = "{--MEMBER_CANNOT_LOAD_PROFILE--}"; + } + + // Send email to user if required + if ((!empty($sub_mem)) && (!empty($message))) { + // Send member mail + sendEmail($content['email'], $sub_mem, $message); + } // END - if + + // Send only if no other error has occured + if (empty($content)) { + if ((!empty($sub_adm)) && (!empty($message_admin))) { + // Send admin mail + sendAdminNotification($sub_adm, $message_admin, $content, getMemberId()); + } elseif (getConfig('admin_notify') == 'Y') { + // Cannot send mails to admin! + $content = getMessage('CANNOT_SEND_ADMIN_MAILS'); + } else { + // No mail to admin + $content = "{--MYDATA_MAIL_SENT--}"; + } + } // END - if + + // Load template + loadTemplate('admin_settings_saved', false, $content); +} + +// Generates a 'selection box' from given array +function generateSelectionBoxFromArray ($options, $name, $optionValue, $optionContent) { + // Start the output + $OUT = ''; + + // Prepare output + $content = array( + 'selection_box' => $OUT, + 'module' => getModule(), + 'what' => getWhat() + ); + + // Load template and return it + return loadTemplate('select_' . $name . '_box', true, $content); +} + +// Get a module from filename and access level +function getModuleFromFileName ($file, $accessLevel) { + // Default is 'invalid'; + $modCheck = 'invalid'; + + // @TODO This is still very static, rewrite it somehow + switch ($accessLevel) { + case 'admin': + $modCheck = 'admin'; + break; + + case 'sponsor': + case 'guest': + case 'member': + $modCheck = getModule(); + break; + + default: // Unsupported file name / access level + debug_report_bug('Unsupported file name=' . basename($file) . '/access level=' . $accessLevel); + break; + } + + // Return result + return $modCheck; +} + ////////////////////////////////////////////////// // AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS // ////////////////////////////////////////////////// @@ -3707,7 +3891,7 @@ if (!function_exists('html_entity_decode')) { if (!function_exists('http_build_query')) { // Taken from documentation on www.php.net, credits to Marco K. (Germany) - function http_build_query($data, $prefix='', $sep='', $key='') { + function http_build_query($data, $prefix = '', $sep = '', $key = '') { $ret = array(); foreach ((array)$data as $k => $v) { if (is_int($k) && $prefix != null) { @@ -3727,7 +3911,7 @@ if (!function_exists('http_build_query')) { return implode($sep, $ret); } -}// // END - if +} // END - if // [EOF] ?>