X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Ffunctions.php;h=25ae3c78fcf6b8b0d8802f7b8e76672512ffb727;hb=5db786e2dbbd927449a5ca95bfb277f851b678b6;hp=bfa97b999a9e7d533114e74becb3e1bbf73ceb4d;hpb=dbef43c3a859518367f9ee0dde8e895ec677af23;p=mailer.git diff --git a/inc/functions.php b/inc/functions.php index bfa97b999a..25ae3c78fc 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -138,8 +138,16 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { - $eval = "\$OUTPUT = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";"; - eval($eval); + // Prepare the content and eval() it... + $newContent = ""; + $eval = "\$newContent = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";"; + @eval($eval); + + if (empty($newContent)) { + // Something went wrong! + die("Evaluation error:
".htmlentities($eval).""); + } + $OUTPUT = $newContent; } // Output code here, DO NOT REMOVE! ;-) @@ -163,16 +171,14 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Output the raw HTML code function OUTPUT_RAW ($HTML) { - if ((isBooleanConstantAndTrue('mxchange_installed')) && (basename($_SERVER['PHP_SELF']) != "install.php")) { - // Not in install-mode so strip slashes away - echo stripslashes($HTML); - } else { - // Output directly in install-mode - echo $HTML; - } + // Output stripped HTML code to avoid broken JavaScript code, etc. + echo stripslashes($HTML); - // Flush the output - flush(); + // Flush the output if only _OB_CACHING is not "on" + if (_OB_CACHING != "on") { + // Flush it + flush(); + } } // Add a fatal error message to the queue array @@ -918,6 +924,12 @@ function LOAD_URL($URL, $addUrlData=true) { // Compile out URI codes $URL = COMPILE_CODE($URL); + // Get output buffer + $OUTPUT = ob_get_contents(); + + // Clear it + ob_end_clean(); + // Add some data to URL if cookies are not accepted if (((!defined('__COOKIES')) || (!__COOKIES)) && ($addUrlData)) $URL = ADD_URL_DATA($URL); @@ -1175,15 +1187,21 @@ function TRANSLATE_YESNO($yn) // Deprecated : $length // Optional : $DATA // -function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") -{ +function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") { global $_CONFIG; + // Fix missing _MAX constant + if (!defined('_MAX')) define('_MAX', 15235); + // Build server string $server = $_SERVER['PHP_SELF'].":".getenv('HTTP_USER_AGENT').":".getenv('SERVER_SOFTWARE').":".getenv('REMOTE_ADDR').":".":".filemtime(PATH."inc/databases.php"); // Build key string - $keys = SITE_KEY.":".DATE_KEY.":".$_CONFIG['secret_key'].":".$_CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", $_CONFIG['patch_ctime']).":".$_CONFIG['master_salt']; + $keys = SITE_KEY.":".DATE_KEY; + if (isset($_CONFIG['secret_key'])) $keys .= ":".$_CONFIG['secret_key']; + if (isset($_CONFIG['file_hash'])) $keys .= ":".$_CONFIG['file_hash']; + $keys .= ":".date("d-m-Y (l-F-T)", $_CONFIG['patch_ctime']); + if (isset($_CONFIG['master_salt'])) $keys .= ":".$_CONFIG['master_salt']; // Build string from misc data $data = $code.":".$uid.":".$DATA; @@ -1199,11 +1217,19 @@ function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") // Calculate number for generating the code $a = $code + _ADD - 1; - // Generate hash with master salt from modula of number with the prime number and other data - $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $_CONFIG['master_salt']); + if (isset($_CONFIG['master_hash'])) { + // Generate hash with master salt from modula of number with the prime number and other data + $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $_CONFIG['master_salt']); + + // Create number from hash + $rcode = hexdec(substr($saltedHash, strlen($_CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi(); + } else { + // Generate hash with "hash of site key" from modula of number with the prime number and other data + $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, substr(sha1(SITE_KEY), 0, 8)); - // Create number from hash - $rcode = hexdec(substr($saltedHash, strlen($_CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi(); + // Create number from hash + $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi(); + } // At least 10 numbers shall be secure enought! $len = $_CONFIG['code_length']; @@ -1646,8 +1672,20 @@ function ADD_EMAIL_NAV($PAGES, $offset, $show_form, $colspan, $return=false) { // function MXCHANGE_OPEN ($script) { + global $_CONFIG; + // Default is not to use proxy + $useProxy = true; + + // Are proxy settins set? + if ((!empty($_CONFIG['proxy_host'])) && ($_CONFIG['proxy_port'] > 0)) { + // Then use it + $useProxy = true; + } + + //* DEBUG */ print("SCRIPT=".$script."
".$request.""); + + // Write request + fputs($fp, $request); + + // Got response? + if (feof($fp)) { + // No response received + return array("", "", ""); + } // END - if + + // Read the first line + $resp = trim(fgets($fp, 10240)); + $respArray = explode(" ", $resp); + if ((strtolower($respArray[0]) !== "http/1.0") || ($respArray[1] != "200")) { + // Invalid response! + return array("", "", ""); + } // END - if + } // END - if + + // Generate GET request header + $request = "GET /".trim($script)." HTTP/1.1\r\n"; $request .= "Host: ".$host."\r\n"; $request .= "Referer: ".URL."/admin.php\r\n"; - $request .= "User-Agent: ".TITLE."/".FULL_VERSION."\r\n\r\n"; + $request .= "User-Agent: ".TITLE."/".FULL_VERSION."\r\n"; + $request .= "Content-Type: text/plain\r\n"; + $request .= "Cache-Control: no-cache\r\n"; + $request .= "Connection: Close\r\n\r\n"; + //* DEBUG: */ print("Request:
".$request.""); // Initialize array $response = array(); @@ -1689,16 +1782,25 @@ function MXCHANGE_OPEN ($script) { // Read response while(!feof($fp)) { $response[] = trim(fgets($fp, 1024)); - } + } // END - while // Close socket fclose($fp); + //* DEBUG: */ print("Response:
".print_r($response, true).""); + + // Proxy agent found? + if ((substr(strtolower($response[0]), 0, 11) == "proxy-agent") && ($useProxy)) { + // Proxy header detected, so remove two lines + array_shift($response); + array_shift($response); + } // END - if + // Was the request successfull? - if ((!ereg("200 OK", $response[0])) && (empty($response[0]))) { + if ((!ereg("200 OK", $response[0])) || (empty($response[0]))) { // Not found / access forbidden $response = array("", "", ""); - } + } // END - if // Return response return $response; @@ -1790,7 +1892,7 @@ function CREATE_EMAIL_LINK($email, $table="admins") { if ((EXT_IS_ACTIVE("admins")) && ($table == "admins")) { // Create email link for contacting admin in guest area $EMAIL = ADMINS_CREATE_EMAIL_LINK($email); - } elseif ((GET_EXT_VERSION("user") >= "0.3.3") && ($table == "user_data")) { + } elseif ((EXT_IS_ACTIVE("user", true)) && (GET_EXT_VERSION("user") >= "0.3.3") && ($table == "user_data")) { // Create email link for contacting a member within admin area (or later in other areas, too?) $EMAIL = USER_CREATE_EMAIL_LINK($email); } elseif ((EXT_IS_ACTIVE("sponsor")) && ($table == "sponsor_data")) { @@ -2066,6 +2168,7 @@ function DISPLAY_PARSING_TIME_FOOTER() { // Unset/set session variables function set_session ($var, $value) { global $CSS; + // Abort in CSS mode here if ($CSS == 1) return true; @@ -2083,6 +2186,9 @@ function set_session ($var, $value) { //* DEBUG: */ echo "SET:".$var."=".$value."