X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Ffunctions.php;h=2a0e1d0530f888ed03b95fc828ec02d2c8a3d761;hb=b4df691a2d9cabc94a6def5bd1ee3d4945d5efd4;hp=944d0281ee1c328c72142c28e21758554711eb7c;hpb=2e04164985cae54359663633a8796567d71082a7;p=mailer.git
diff --git a/inc/functions.php b/inc/functions.php
index 944d0281ee..2a0e1d0530 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -6,19 +6,17 @@
* -------------------------------------------------------------------- *
* File : functions.php *
* -------------------------------------------------------------------- *
- * Short description : Many non-MySQL functions (also file access) *
+ * Short description : Many non-database functions (also file access) *
* -------------------------------------------------------------------- *
- * Kurzbeschreibung : Viele Nicht-MySQL-Funktionen (auch Dateizugriff) *
+ * Kurzbeschreibung : Viele Nicht-Datenbank-Funktionen *
* -------------------------------------------------------------------- *
* $Revision:: $ *
* $Date:: $ *
* $Tag:: 0.2.1-FINAL $ *
* $Author:: $ *
- * Needs to be in all Files and every File needs "svn propset *
- * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
* -------------------------------------------------------------------- *
* Copyright (c) 2003 - 2009 by Roland Haeder *
- * Copyright (c) 2009, 2010 by Mailer Developer Team *
+ * Copyright (c) 2009 - 2011 by Mailer Developer Team *
* For more information visit: http://www.mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
@@ -42,24 +40,6 @@ if (!defined('__SECURITY')) {
die();
} // END - if
-// Sends out all headers required for HTTP/1.1 reply
-function sendHttpHeaders () {
- // Used later
- $now = gmdate('D, d M Y H:i:s') . ' GMT';
-
- // Send HTTP header
- sendHeader('HTTP/1.1 ' . getHttpStatus());
-
- // General headers for no caching
- sendHeader('Expires: ' . $now); // RFC2616 - Section 14.21
- sendHeader('Last-Modified: ' . $now);
- sendHeader('Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0'); // HTTP/1.1
- sendHeader('Pragma: no-cache'); // HTTP/1.0
- sendHeader('Connection: Close');
- sendHeader('Content-Type: ' . getContentType() . '; charset=UTF-8');
- sendHeader('Content-Language: ' . getLanguage());
-}
-
// Init fatal message array
function initFatalMessages () {
$GLOBALS['fatal_messages'] = array();
@@ -104,10 +84,7 @@ function getTotalFatalErrors () {
// Send mail out to an email address
function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = '') {
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "TO={$toEmail},SUBJECT={$subject}
");
-
- // Compile subject line (for POINTS constant etc.)
- eval('$subject = decodeEntities("' . compileRawCode(escapeQuotes($subject)) . '");');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'toEmail=' . $toEmail . ',subject=' . $subject . ',isHtml=' . $isHtml);
// Set from header
if ((!isInStringIgnoreCase('@', $toEmail)) && ($toEmail > 0)) {
@@ -123,51 +100,59 @@ function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = '
$toEmail = getUserData('email');
} else {
// Set webmaster
- $toEmail = getConfig('WEBMASTER');
+ $toEmail = getWebmaster();
}
}
} elseif ($toEmail == '0') {
// Is the webmaster!
- $toEmail = getConfig('WEBMASTER');
+ $toEmail = getWebmaster();
}
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "TO={$toEmail}
");
// Check for PHPMailer or debug-mode
if ((!checkPhpMailerUsage()) || (isDebugModeEnabled())) {
+ // Prefix is '' for text mails
+ $prefix = '';
+
+ // Is HTML?
+ if ($isHtml == 'Y') {
+ // Set prefix
+ $prefix = 'html_';
+ } // END - if
+
// Not in PHPMailer-Mode
if (empty($mailHeader)) {
// Load email header template
- $mailHeader = loadEmailTemplate('header');
+ $mailHeader = loadEmailTemplate($prefix . 'header');
} else {
// Append header
- $mailHeader .= loadEmailTemplate('header');
+ $mailHeader .= loadEmailTemplate($prefix . 'header');
}
} // END - if
// Fix HTML parameter (default is no!)
- if (empty($isHtml)) $isHtml = 'N';
+ if (empty($isHtml)) {
+ $isHtml = 'N';
+ } // END - if
// Debug mode enabled?
if (isDebugModeEnabled()) {
// In debug mode we want to display the mail instead of sending it away so we can debug this part
outputHtml('
-Headers : ' . encodeEntities(utf8_decode(trim($mailHeader))) . ' -To : ' . encodeEntities(utf8_decode($toEmail)) . ' -Subject : ' . encodeEntities(utf8_decode($subject)) . ' -Message : ' . encodeEntities(utf8_decode($message)) . ' +Headers : ' . htmlentities(utf8_decode(trim($mailHeader))) . ' +To : ' . htmlentities(utf8_decode($toEmail)) . ' +Subject : ' . htmlentities(utf8_decode($subject)) . ' +Message : ' . htmlentities(utf8_decode($message)) . ''); // This is always fine return true; - } elseif (($isHtml == 'Y') && (isExtensionActive('html_mail'))) { - // Send mail as HTML away - return sendHtmlEmail($toEmail, $subject, $message, $mailHeader); } elseif (!empty($toEmail)) { // Send Mail away return sendRawEmail($toEmail, $subject, $message, $mailHeader); } elseif ($isHtml != 'Y') { - // Problem found! - return sendRawEmail(getConfig('WEBMASTER'), '[PROBLEM:]' . $subject, $message, $mailHeader); + // Problem detected while sending a mail, forward it to admin + return sendRawEmail(getWebmaster(), '[PROBLEM:]' . $subject, $message, $mailHeader); } // Why did we end up here? This should not happen @@ -182,12 +167,17 @@ function checkPhpMailerUsage() { } // Send out a raw email with PHPMailer class or legacy mail() command -function sendRawEmail ($toEmail, $subject, $message, $from) { - // Just compile all again, to put out all configs, etc. - eval('$toEmail = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($toEmail)), false) . '");'); - eval('$subject = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($subject)), false) . '");'); - eval('$message = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($message)), false) . '");'); - eval('$from = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($from)) , false) . '");'); +function sendRawEmail ($toEmail, $subject, $message, $headers) { + // Just compile all to put out all configs, etc. + $eval = '$toEmail = decodeEntities("' . escapeQuotes(doFinalCompilation(compileRawCode($toEmail), false)) . '"); '; + $eval .= '$subject = decodeEntities("' . escapeQuotes(doFinalCompilation(compileRawCode($subject), false)) . '"); '; + $eval .= '$headers = decodeEntities("' . escapeQuotes(doFinalCompilation(compileRawCode($headers), false)) . '"); '; + + // Do not decode entities in the message because we also send HTML mails through this function + $eval .= '$message = "' . escapeQuotes(doFinalCompilation(compileRawCode($message), false)) . '";'; + + // Run the final eval() command + eval($eval); // Shall we use PHPMailer class or legacy mode? if (checkPhpMailerUsage()) { @@ -210,10 +200,10 @@ function sendRawEmail ($toEmail, $subject, $message, $from) { $mail->Port = 25; $mail->Username = getConfig('SMTP_USER'); $mail->Password = getConfig('SMTP_PASSWORD'); - if (empty($from)) { - $mail->From = getConfig('WEBMASTER'); + if (empty($headers)) { + $mail->From = getWebmaster(); } else { - $mail->From = $from; + $mail->From = $headers; } $mail->FromName = getMainTitle(); $mail->Subject = $subject; @@ -225,10 +215,12 @@ function sendRawEmail ($toEmail, $subject, $message, $from) { } else { $mail->Body = decodeEntities($message); } + $mail->AddAddress($toEmail, ''); - $mail->AddReplyTo(getConfig('WEBMASTER'), getMainTitle()); - $mail->AddCustomHeader('Errors-To:' . getConfig('WEBMASTER')); - $mail->AddCustomHeader('X-Loop:' . getConfig('WEBMASTER')); + $mail->AddReplyTo(getWebmaster(), getMainTitle()); + $mail->AddCustomHeader('Errors-To:' . getWebmaster()); + $mail->AddCustomHeader('X-Loop:' . getWebmaster()); + $mail->AddCustomHeader('Bounces-To:' . getWebmaster()); $mail->Send(); // Has an error occured? @@ -244,18 +236,23 @@ function sendRawEmail ($toEmail, $subject, $message, $from) { } } else { // Use legacy mail() command - return mail($toEmail, $subject, decodeEntities($message), $from); + return mail($toEmail, $subject, decodeEntities($message), $headers); } } // Generate a password in a specified length or use default password length -function generatePassword ($length = '0') { +function generatePassword ($length = '0', $exclude = array()) { // Auto-fix invalid length of zero - if ($length == '0') $length = getConfig('pass_len'); + if ($length == '0') { + $length = getPassLen(); + } // END - if // Initialize array with all allowed chars $ABC = explode(',', 'a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9,-,+,_,/,.'); + // Exclude some entries + $ABC = array_diff($ABC, $exclude); + // Start creating password $PASS = ''; for ($i = '0'; $i < $length; $i++) { @@ -301,6 +298,7 @@ function generateDateTime ($time, $mode = '0') { case '4': $ret = date('d.m.Y|H:i:s', $time); break; case '5': $ret = date('d-m-Y (l-F-T)', $time); break; case '6': $ret = date('Ymd', $time); break; + case '7': $ret = date('Y-m-d H:i:s', $time); break; // Compatible with MySQL TIMESTAMP default: logDebugMessage(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); break; @@ -316,6 +314,7 @@ function generateDateTime ($time, $mode = '0') { case '4': $ret = date('d.m.Y|H:i:s', $time); break; case '5': $ret = date('d-m-Y (l-F-T)', $time); break; case '6': $ret = date('Ymd', $time); break; + case '7': $ret = date('Y-m-d H:i:s', $time); break; // Compatible with MySQL TIMESTAMP default: logDebugMessage(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); break; @@ -349,25 +348,23 @@ function translateYesNo ($yn) { return $GLOBALS[__FUNCTION__][$yn]; } -// Translates the "pool type" into human-readable -function translatePoolType ($type) { - // Return "translation" - return sprintf("{--POOL_TYPE_%s--}", $type); -} - // Translates the american decimal dot into a german comma function translateComma ($dotted, $cut = true, $max = '0') { // First, cast all to double, due to PHP changes $dotted = (double) $dotted; - // Default is 3 you can change this in admin area "Misc -> Misc Options" - if (!isConfigEntrySet('max_comma')) setConfigEntry('max_comma', 3); + // Default is 3 you can change this in admin area "Settings -> Misc Options" + if (!isConfigEntrySet('max_comma')) { + setConfigEntry('max_comma', 3); + } // END - if // Use from config is default $maxComma = getConfig('max_comma'); // Use from parameter? - if ($max > 0) $maxComma = $max; + if ($max > 0) { + $maxComma = $max; + } // END - if // Cut zeros off? if (($cut === true) && ($max == '0')) { @@ -423,6 +420,9 @@ function translateGender ($gender) { // "Translates" the user status function translateUserStatus ($status) { + // Default status is unknown if something goes through + $ret = '{--ACCOUNT_STATUS_UNKNOWN--}'; + // Generate message depending on status switch ($status) { case 'UNCONFIRMED': @@ -448,6 +448,9 @@ function translateUserStatus ($status) { // "Translates" 'visible' and 'locked' to a CSS class function translateMenuVisibleLocked ($content, $prefix = '') { + // Default is 'menu_unknown' + $content['visible_css'] = $prefix . 'menu_unknown'; + // Translate 'visible' and keep an eye on the prefix switch ($content['visible']) { // Should be visible @@ -475,22 +478,22 @@ function translateMenuVisibleLocked ($content, $prefix = '') { } // Generates an URL for the dereferer -function generateDerefererUrl ($URL) { +function generateDerefererUrl ($url) { // Don't de-refer our own links! - if (substr($URL, 0, strlen(getUrl())) != getUrl()) { + if (substr($url, 0, strlen(getUrl())) != getUrl()) { // De-refer this link - $URL = '{%url=modules.php?module=loader&url=' . encodeString(compileUriCode($URL)) . '%}'; + $url = '{%url=modules.php?module=loader&url=' . encodeString(compileUriCode($url)) . '%}'; } // END - if // Return link - return $URL; + return $url; } // Generates an URL for the frametester -function generateFrametesterUrl ($URL) { +function generateFrametesterUrl ($url) { // Prepare frametester URL $frametesterUrl = sprintf("{%%url=modules.php?module=frametester&url=%s%%}", - encodeString(compileUriCode($URL)) + encodeString(compileUriCode($url)) ); // Return the new URL @@ -537,53 +540,43 @@ function makeTime ($hours, $minutes, $seconds, $stamp) { } // Redirects to an URL and if neccessarry extends it with own base URL -function redirectToUrl ($URL, $allowSpider = true) { +function redirectToUrl ($url, $allowSpider = true) { // Remove {%url= - if (substr($URL, 0, 6) == '{%url=') $URL = substr($URL, 6, -2); + if (substr($url, 0, 6) == '{%url=') { + $url = substr($url, 6, -2); + } // END - if // Compile out codes - eval('$URL = "' . compileRawCode(encodeUrl($URL)) . '";'); + eval('$url = "' . compileRawCode(encodeUrl($url)) . '";'); // Default 'rel' value is external, nofollow is evil from Google and hurts the Internet $rel = ' rel="external"'; // Do we have internal or external URL? - if (substr($URL, 0, strlen(getUrl())) == getUrl()) { + if (substr($url, 0, strlen(getUrl())) == getUrl()) { // Own (=internal) URL $rel = ''; } // END - if // Three different ways to debug... - //* DEBUG: */ debug_report_bug(__FUNCTION__, __LINE__, sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL)); - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $URL); - //* DEBUG: */ die($URL); - - // Simple probe for bots/spiders from search engines - if ((isSpider()) && ($allowSpider === true)) { - // Set HTTP-Status - setHttpStatus('200 OK'); + //* DEBUG: */ debug_report_bug(__FUNCTION__, __LINE__, 'URL=' . $url); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $url); + //* DEBUG: */ die($url); - // Set content-type here to fix a missing array element - setContentType('text/html'); - - // Output new location link as anchor - outputHtml('' . secureString($URL) . ''); - } elseif (!headers_sent()) { + // We should not sent a redirect if headers are already sent + if (!headers_sent()) { // Clear output buffer clearOutputBuffer(); // Clear own output buffer $GLOBALS['output'] = ''; - // Set header - setHttpStatus('302 Found'); - // Load URL when headers are not sent - sendRawRedirect(doFinalCompilation(str_replace('&', '&', $URL), false)); + sendRawRedirect(doFinalCompilation(str_replace('&', '&', $url), false)); } else { // Output error message loadInclude('inc/header.php'); - loadTemplate('redirect_url', false, str_replace('&', '&', $URL)); + loadTemplate('redirect_url', false, str_replace('&', '&', $url)); loadInclude('inc/footer.php'); } @@ -644,25 +637,33 @@ function array_pk_sort (&$array, $a_sort, $primary_key = '0', $order = -1, $nums // -// Deprecated : $length -// Optional : $DATA +// Deprecated : $length (still has one reference in this function) +// Optional : $extraData // -function generateRandomCode ($length, $code, $userid, $DATA = '') { +function generateRandomCode ($length, $code, $userid, $extraData = '') { // Build server string - $server = $_SERVER['PHP_SELF'] . getEncryptSeperator() . detectUserAgent() . getEncryptSeperator() . getenv('SERVER_SOFTWARE') . getEncryptSeperator() . detectRemoteAddr(); + $server = $_SERVER['PHP_SELF'] . getEncryptSeperator() . detectUserAgent() . getEncryptSeperator() . getenv('SERVER_SOFTWARE') . getEncryptSeperator() . detectRealIpAddress() . getEncryptSeperator() . detectRemoteAddr(); // Build key string - $keys = getConfig('SITE_KEY') . getEncryptSeperator() . getConfig('DATE_KEY'); - if (isConfigEntrySet('secret_key')) $keys .= getEncryptSeperator().getSecretKey(); - if (isConfigEntrySet('file_hash')) $keys .= getEncryptSeperator().getFileHash(); + $keys = getSiteKey() . getEncryptSeperator() . getDateKey(); + if (isConfigEntrySet('secret_key')) { + $keys .= getEncryptSeperator().getSecretKey(); + } // END - if + if (isConfigEntrySet('file_hash')) { + $keys .= getEncryptSeperator().getFileHash(); + } // END - if $keys .= getEncryptSeperator() . getDateFromPatchTime(); - if (isConfigEntrySet('master_salt')) $keys .= getEncryptSeperator().getMasterSalt(); + if (isConfigEntrySet('master_salt')) { + $keys .= getEncryptSeperator().getMasterSalt(); + } // END - if // Build string from misc data - $data = $code . getEncryptSeperator() . $userid . getEncryptSeperator() . $DATA; + $data = $code . getEncryptSeperator() . $userid . getEncryptSeperator() . $extraData; // Add more additional data - if (isSessionVariableSet('u_hash')) $data .= getEncryptSeperator() . getSession('u_hash'); + if (isSessionVariableSet('u_hash')) { + $data .= getEncryptSeperator() . getSession('u_hash'); + } // END - if // Add referal id, language, theme and userid $data .= getEncryptSeperator() . determineReferalId(); @@ -675,22 +676,26 @@ function generateRandomCode ($length, $code, $userid, $DATA = '') { if (isConfigEntrySet('master_salt')) { // Generate hash with master salt from modula of number with the prime number and other data - $saltedHash = generateHash(($a % getPrime()) . getEncryptSeperator() . $server . getEncryptSeperator() . $keys . getEncryptSeperator() . $data . getEncryptSeperator() . getConfig('DATE_KEY') . getEncryptSeperator() . $a, getMasterSalt()); + $saltedHash = generateHash(($a % getPrime()) . getEncryptSeperator() . $server . getEncryptSeperator() . $keys . getEncryptSeperator() . $data . getEncryptSeperator() . getDateKey() . getEncryptSeperator() . $a, getMasterSalt()); // Create number from hash - $rcode = hexdec(substr($saltedHash, strlen(getMasterSalt()), 9)) / abs(getConfig('rand_no') - $a + sqrt(getConfig('_ADD'))) / pi(); + $rcode = hexdec(substr($saltedHash, strlen(getMasterSalt()), 9)) / abs(getRandNo() - $a + sqrt(getConfig('_ADD'))) / pi(); } else { // Generate hash with "hash of site key" from modula of number with the prime number and other data - $saltedHash = generateHash(($a % getPrime()) . getEncryptSeperator() . $server . getEncryptSeperator() . $keys . getEncryptSeperator() . $data . getEncryptSeperator() . getConfig('DATE_KEY') . getEncryptSeperator() . $a, substr(sha1(getConfig('SITE_KEY')), 0, getSaltLength())); + $saltedHash = generateHash(($a % getPrime()) . getEncryptSeperator() . $server . getEncryptSeperator() . $keys . getEncryptSeperator() . $data . getEncryptSeperator() . getDateKey() . getEncryptSeperator() . $a, substr(sha1(getSiteKey()), 0, getSaltLength())); // Create number from hash - $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(getConfig('rand_no') - $a + sqrt(getConfig('_ADD'))) / pi(); + $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(getRandNo() - $a + sqrt(getConfig('_ADD'))) / pi(); } // At least 10 numbers shall be secure enought! - $len = getConfig('code_length'); - if ($len == '0') $len = $length; - if ($len == '0') $len = 10; + $len = getCodeLength(); + if ($len == '0') { + $len = $length; + } // END - if + if ($len == '0') { + $len = 10; + } // END - if // Cut off requested counts of number $return = substr(str_replace('.', '', $rcode), 0, $len); @@ -705,12 +710,15 @@ function bigintval ($num, $castValue = true, $abortOnMismatch = true) { $ret = preg_replace('/[^0123456789]/', '', $num); // Shall we cast? - if ($castValue === true) $ret = (double)$ret; + if ($castValue === true) { + // Cast to biggest numeric type + $ret = (double) $ret; + } // END - if // Has the whole value changed? - if (('' . $ret . '' != '' . $num . '') && ($abortOnMismatch === true)) { + if (('' . $ret . '' != '' . $num . '') && ($abortOnMismatch === true) && (!is_null($num))) { // Log the values - debug_report_bug(__FUNCTION__, __LINE__, 'Problem with number found. ret=' . $ret . ', num='. $num); + debug_report_bug(__FUNCTION__, __LINE__, 'Problem with number found. ret[' . gettype($ret) . ']=' . $ret . ', num[' . gettype($num) . ']='. $num); } // END - if // Return result @@ -718,7 +726,7 @@ function bigintval ($num, $castValue = true, $abortOnMismatch = true) { } // Creates a Uni* timestamp from given selection data and prefix -function createTimestampFromSelections ($prefix, $postData) { +function createEpocheTimeFromSelections ($prefix, $postData) { // Initial return value $ret = '0'; @@ -728,7 +736,9 @@ function createTimestampFromSelections ($prefix, $postData) { $M1 = getMonth(); // If so and if current time is before 02/29 and estimated time is after 02/29 then add 86400 seconds (one day) - if ((floor($TEST) == $TEST) && ($M1 == '02') && ($postData[$prefix . '_mo'] > '02')) $SWITCH = getConfig('ONE_DAY'); + if ((floor($TEST) == $TEST) && ($M1 == '02') && ($postData[$prefix . '_mo'] > '02')) { + $SWITCH = getOneDay(); + } // END - if // First add years... $ret += $postData[$prefix . '_ye'] * (31536000 + $SWITCH); @@ -760,10 +770,10 @@ function createFancyTime ($stamp) { // Get data array with years/months/weeks/days/... $data = createTimeSelections($stamp, '', '', '', true); $ret = ''; - foreach($data as $k => $v) { + foreach ($data as $k => $v) { if ($v > 0) { // Value is greater than 0 "eval" data to return string - eval('$ret .= ", ".$v." {--_' . strtoupper($k) . '--}";'); + $ret .= ', ' . $v . ' {--_' . strtoupper($k) . '--}'; break; } // END - if } // END - foreach @@ -797,7 +807,9 @@ function extractHostnameFromUrl (&$script) { // Extract host name $host = str_replace('http://', '', $url); - if (isInString('/', $host)) $host = substr($host, 0, strpos($host, '/')); + if (isInString('/', $host)) { + $host = substr($host, 0, strpos($host, '/')); + } // END - if // Generate relative URL //* DEBUG: */ debugOutput('SCRIPT=' . $script); @@ -810,285 +822,14 @@ function extractHostnameFromUrl (&$script) { } //* DEBUG: */ debugOutput('SCRIPT=' . $script); - if (substr($script, 0, 1) == '/') $script = substr($script, 1); + if (substr($script, 0, 1) == '/') { + $script = substr($script, 1); + } // END - if // Return host name return $host; } -// Send a GET request -function sendGetRequest ($script, $data = array()) { - // Extract host name from script - $host = extractHostnameFromUrl($script); - - // Add data - $body = http_build_query($data, '', '&'); - - // Do we have a question-mark in the script? - if (strpos($script, '?') === false) { - // No, so first char must be question mark - $body = '?' . $body; - } else { - // Ok, add & - $body = '&' . $body; - } - - // Add script data - $script .= $body; - - // Remove trailed & to make it more conform - if (substr($script, -1, 1) == '&') $script = substr($script, 0, -1); - - // Generate GET request header - $request = 'GET /' . trim($script) . ' HTTP/1.1' . getConfig('HTTP_EOL'); - $request .= 'Host: ' . $host . getConfig('HTTP_EOL'); - $request .= 'Referer: ' . getUrl() . '/admin.php' . getConfig('HTTP_EOL'); - if (isConfigEntrySet('FULL_VERSION')) { - $request .= 'User-Agent: ' . getTitle() . '/' . getFullVersion() . getConfig('HTTP_EOL'); - } else { - $request .= 'User-Agent: ' . getTitle() . '/' . getConfig('VERSION') . getConfig('HTTP_EOL'); - } - $request .= 'Accept: image/png,image/*;q=0.8,text/plain,text/html,*/*;q=0.5' . getConfig('HTTP_EOL'); - $request .= 'Accept-Charset: UTF-8,*' . getConfig('HTTP_EOL'); - $request .= 'Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0' . getConfig('HTTP_EOL'); - $request .= 'Connection: close' . getConfig('HTTP_EOL'); - $request .= getConfig('HTTP_EOL'); - - // Send the raw request - $response = sendRawRequest($host, $request); - - // Return the result to the caller function - return $response; -} - -// Send a POST request -function sendPostRequest ($script, $postData) { - // Is postData an array? - if (!is_array($postData)) { - // Abort here - logDebugMessage(__FUNCTION__, __LINE__, sprintf("postData is not an array. Type: %s", gettype($postData))); - return array('', '', ''); - } // END - if - - // Extract host name from script - $host = extractHostnameFromUrl($script); - - // Construct request body - $body = http_build_query($postData, '', '&'); - - // Generate POST request header - $request = 'POST /' . trim($script) . ' HTTP/1.0' . getConfig('HTTP_EOL'); - $request .= 'Host: ' . $host . getConfig('HTTP_EOL'); - $request .= 'Referer: ' . getUrl() . '/admin.php' . getConfig('HTTP_EOL'); - $request .= 'User-Agent: ' . getTitle() . '/' . getFullVersion() . getConfig('HTTP_EOL'); - $request .= 'Accept: text/plain;q=0.8' . getConfig('HTTP_EOL'); - $request .= 'Accept-Charset: UTF-8,*' . getConfig('HTTP_EOL'); - $request .= 'Cache-Control: no-cache' . getConfig('HTTP_EOL'); - $request .= 'Content-Type: application/x-www-form-urlencoded' . getConfig('HTTP_EOL'); - $request .= 'Content-Length: ' . strlen($body) . getConfig('HTTP_EOL'); - $request .= 'Connection: close' . getConfig('HTTP_EOL'); - $request .= getConfig('HTTP_EOL'); - - // Add body - $request .= $body; - - // Send the raw request - $response = sendRawRequest($host, $request); - - // Return the result to the caller function - return $response; -} - -// Sends a raw request to another host -function sendRawRequest ($host, $request) { - // Init errno and errdesc with 'all fine' values - $errno = '0'; $errdesc = ''; - - // Initialize array - $response = array('', '', ''); - - // Default is not to use proxy - $useProxy = false; - - // Are proxy settins set? - if (isProxyUsed()) { - // Then use it - $useProxy = true; - } // END - if - - // Load include - loadIncludeOnce('inc/classes/resolver.class.php'); - - // Get resolver instance - $resolver = new HostnameResolver(); - - // Open connection - //* DEBUG: */ die('SCRIPT=' . $script); - if ($useProxy === true) { - // Resolve hostname into IP address - $ip = $resolver->resolveHostname(compileRawCode(getConfig('proxy_host'))); - - // Connect to host through proxy connection - $fp = fsockopen($ip, bigintval(getConfig('proxy_port')), $errno, $errdesc, 30); - } else { - // Resolve hostname into IP address - $ip = $resolver->resolveHostname($host); - - // Connect to host directly - $fp = fsockopen($ip, 80, $errno, $errdesc, 30); - } - - // Is there a link? - if (!is_resource($fp)) { - // Failed! - logDebugMessage(__FUNCTION__, __LINE__, $errdesc . ' (' . $errno . ')'); - return $response; - } elseif ((!stream_set_blocking($fp, 0)) || (!stream_set_timeout($fp, 1))) { - // Cannot set non-blocking mode or timeout - logDebugMessage(__FUNCTION__, __LINE__, socket_strerror(socket_last_error())); - return $response; - } - - // Do we use proxy? - if ($useProxy === true) { - // Setup proxy tunnel - $response = setupProxyTunnel($host, $fp); - - // If the response is invalid, abort - if ((count($response) == 3) && (empty($response[0])) && (empty($response[1])) && (empty($response[2]))) { - // Invalid response! - logDebugMessage(__FUNCTION__, __LINE__, 'Proxy tunnel not working?'); - return $response; - } // END - if - } // END - if - - // Write request - fwrite($fp, $request); - - // Start counting - $start = microtime(true); - - // Read response - while (!feof($fp)) { - // Get info from stream - $info = stream_get_meta_data($fp); - - // Is it timed out? 15 seconds is a really patient... - if (($info['timed_out'] == true) || (microtime(true) - $start) > 15) { - // Timeout - logDebugMessage(__FUNCTION__, __LINE__, 'Timed out to get data from host ' . $host); - - // Abort here - break; - } // END - if - - // Get line from stream - $line = fgets($fp, 128); - - // Ignore empty lines because of non-blocking mode - if (empty($line)) { - // uslepp a little to avoid 100% CPU load - usleep(10); - - // Skip this - continue; - } // END - if - - // Add it to response - $response[] = trim($line); - } // END - while - - // Close socket - fclose($fp); - - // Time request if debug-mode is enabled - if (isDebugModeEnabled()) { - // Add debug message... - logDebugMessage(__FUNCTION__, __LINE__, 'Request took ' . (microtime(true) - $start) . ' seconds and returned ' . count($response) . ' line(s).'); - } // END - if - - // Skip first empty lines - $resp = $response; - foreach ($resp as $idx => $line) { - // Trim space away - $line = trim($line); - - // Is this line empty? - if (empty($line)) { - // Then remove it - array_shift($response); - } else { - // Abort on first non-empty line - break; - } - } // END - foreach - - //* DEBUG: */ debugOutput('Request:
'.print_r($request, true).''); - //* DEBUG: */ debugOutput('Response:
'.print_r($response, true).''); - - // Proxy agent found or something went wrong? - if (!isset($response[0])) { - // No response, maybe timeout - $response = array('', '', ''); - logDebugMessage(__FUNCTION__, __LINE__, 'Invalid empty response array, maybe timed out?'); - } elseif ((substr(strtolower($response[0]), 0, 11) == 'proxy-agent') && ($useProxy === true)) { - // Proxy header detected, so remove two lines - array_shift($response); - array_shift($response); - } // END - if - - // Was the request successfull? - if ((!isInStringIgnoreCase('200 OK', $response[0])) || (empty($response[0]))) { - // Not found / access forbidden - logDebugMessage(__FUNCTION__, __LINE__, 'Unexpected status code ' . $response[0] . ' detected. "200 OK" was expected.'); - $response = array('', '', ''); - } // END - if - - // Return response - return $response; -} - -// Sets up a proxy tunnel for given hostname and through resource -function setupProxyTunnel ($host, $resource) { - // Initialize array - $response = array('', '', ''); - - // Generate CONNECT request header - $proxyTunnel = 'CONNECT ' . $host . ':80 HTTP/1.0' . getConfig('HTTP_EOL'); - $proxyTunnel .= 'Host: ' . $host . getConfig('HTTP_EOL'); - - // Use login data to proxy? (username at least!) - if (getConfig('proxy_username') != '') { - // Add it as well - $encodedAuth = base64_encode(compileRawCode(getConfig('proxy_username')) . ':' . compileRawCode(getConfig('proxy_password'))); - $proxyTunnel .= 'Proxy-Authorization: Basic ' . $encodedAuth . getConfig('HTTP_EOL'); - } // END - if - - // Add last new-line - $proxyTunnel .= getConfig('HTTP_EOL'); - //* DEBUG: */ debugOutput('proxyTunnel=
' . $proxyTunnel.''); - - // Write request - fwrite($fp, $proxyTunnel); - - // Got response? - if (feof($fp)) { - // No response received - return $response; - } // END - if - - // Read the first line - $resp = trim(fgets($fp, 10240)); - $respArray = explode(' ', $resp); - if ((strtolower($respArray[0]) !== 'http/1.0') || ($respArray[1] != '200')) { - // Invalid response! - return $response; - } // END - if - - // All fine! - return $respArray; -} - // Taken from www.php.net isInStringIgnoreCase() user comments function isEmailValid ($email) { // Check first part of email address @@ -1105,24 +846,26 @@ function isEmailValid ($email) { } // Function taken from user comments on www.php.net / function isInStringIgnoreCase() -function isUrlValid ($URL, $compile=true) { +function isUrlValid ($url, $compile=true) { // Trim URL a little - $URL = trim(urldecode($URL)); - //* DEBUG: */ debugOutput($URL); + $url = trim(urldecode($url)); + //* DEBUG: */ debugOutput($url); // Compile some chars out... - if ($compile === true) $URL = compileUriCode($URL, false, false, false); - //* DEBUG: */ debugOutput($URL); + if ($compile === true) { + $url = compileUriCode($url, false, false, false); + } // END - if + //* DEBUG: */ debugOutput($url); // Check for the extension filter if (isExtensionActive('filter')) { // Use the extension's filter set - return FILTER_VALIDATE_URL($URL, false); + return FILTER_VALIDATE_URL($url, false); } // END - if // If not installed, perform a simple test. Just make it sure there is always a http:// or // https:// in front of the URLs - return isUrlValidSimple($URL); + return isUrlValidSimple($url); } // Generate a hash for extra-security for all passwords @@ -1152,10 +895,10 @@ function generateHash ($plainText, $salt = '', $hash = true) { // When the salt is empty build a new one, else use the first x configured characters as the salt if (empty($salt)) { // Build server string for more entropy - $server = $_SERVER['PHP_SELF'] . getEncryptSeperator() . detectUserAgent() . getEncryptSeperator() . getenv('SERVER_SOFTWARE') . getEncryptSeperator() . detectRemoteAddr(); + $server = $_SERVER['PHP_SELF'] . getEncryptSeperator() . detectUserAgent() . getEncryptSeperator() . getenv('SERVER_SOFTWARE') . getEncryptSeperator() . detectRealIpAddress() . getEncryptSeperator() . detectRemoteAddr(); // Build key string - $keys = getConfig('SITE_KEY') . getEncryptSeperator() . getConfig('DATE_KEY') . getEncryptSeperator() . getSecretKey() . getEncryptSeperator() . getFileHash() . getEncryptSeperator() . getDateFromPatchTime() . getEncryptSeperator() . getMasterSalt(); + $keys = getSiteKey() . getEncryptSeperator() . getDateKey() . getEncryptSeperator() . getSecretKey() . getEncryptSeperator() . getFileHash() . getEncryptSeperator() . getDateFromPatchTime() . getEncryptSeperator() . getMasterSalt(); // Additional data $data = $plainText . getEncryptSeperator() . uniqid(mt_rand(), true) . getEncryptSeperator() . time(); @@ -1164,7 +907,7 @@ function generateHash ($plainText, $salt = '', $hash = true) { $a = time() + getConfig('_ADD') - 1; // Generate SHA1 sum from modula of number and the prime number - $sha1 = sha1(($a % getPrime()) . $server . getEncryptSeperator() . $keys . getEncryptSeperator() . $data . getEncryptSeperator() . getConfig('DATE_KEY') . getEncryptSeperator() . $a); + $sha1 = sha1(($a % getPrime()) . $server . getEncryptSeperator() . $keys . getEncryptSeperator() . $data . getEncryptSeperator() . getDateKey() . getEncryptSeperator() . $a); //* DEBUG: */ debugOutput('SHA1=' . $sha1.' ('.strlen($sha1).')
'.print_r($content, true).''); + } // END - if + + // Free result + SQL_FREERESULT($result); + } // END - if + + // Return generated HTML code + return $OUT; +} + + +/** + * determine if a string can represent a number in hexadecimal + * + * @param $hex A string to check if it is hex-encoded + * @return $foo True if the string is a hex, otherwise false + * @author Marques Johansson + * @link http://php.net/manual/en/function.http-chunked-decode.php#89786 + */ +function isHexadecimal ($hex) { + // Make it lowercase + $hex = strtolower(trim(ltrim($hex, '0'))); + + // Fix empty strings to zero + if (empty($hex)) { + $hex = 0; + } // END - if + + // Simply compare decode->encode result with original + return ($hex == dechex(hexdec($hex))); +} + +// Replace "\r" with "[r]" and "\n" with "[n]" and add a final new-line to make +// them visible to the developer. Use this function to debug e.g. buggy HTTP +// response handler functions. +function replaceReturnNewLine ($str) { + return str_replace("\r", '[r]', str_replace("\n", '[n] +', $str)); +} + +// Converts a given string by splitting it up with given delimiter similar to +// explode(), but appending the delimiter again +function stringToArray ($delimiter, $string) { + // Init array + $strArray = array(); + + // "Walk" through all entries + foreach (explode($delimiter, $string) as $split) { + // Append the delimiter and add it to the array + $strArray[] = $split . $delimiter; + } // END - foreach + + // Return array + return $strArray; +} + +// Detects the prefix 'mb_' if a multi-byte string is given +function detectMultiBytePrefix ($str) { + // Default is without multi-byte + $mbPrefix = ''; + + // Detect multi-byte (strictly) + if (mb_detect_encoding($str, 'auto', true) !== false) { + // With multi-byte encoded string + $mbPrefix = 'mb_'; + } // END - if + + // Return the prefix + return $mbPrefix; +} + +// Searches the given array for a sub-string match and returns all found keys in an array +function getArrayKeysFromSubStrArray ($heystack, array $needles, $offset = 0) { + // Init array for all found keys + $keys = array(); + + // Now check all entries + foreach ($needles as $key => $needle) { + // Do we have found a partial string? + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'heystack='.$heystack.',key='.$key.',needle='.$needle.',offset='.$offset); + if (strpos($heystack, $needle, $offset) !== false) { + // Add the found key + $keys[] = $key; + } // END - if + } // END - foreach + + // Return the array + return $keys; +} + +// Determines database column name from given subject and locked +function determinePointsColumnFromSubjectLocked ($subject, $locked) { + // Default is 'normal' points + $pointsColumn = 'points'; + + // Which points, locked or normal? + if ($locked === true) { + $pointsColumn = 'locked_points'; + } // END - if + + // Prepare array for filter + $filterData = array( + 'subject' => $subject, + 'locked' => $locked, + 'column' => $pointsColumn + ); + + // Run the filter + $filterData = runFilterChain('determine_points_column_name', $filterData); + + // Extract column name from array + $pointsColumn = $filterData['column']; + + // Return it + return $pointsColumn; +} + +// Setter for referal id (no bigintval, or nicknames will fail!) +function setReferalId ($refid) { + $GLOBALS['refid'] = $refid; +} + +// Checks if 'refid' is valid +function isReferalIdValid () { + return ((isset($GLOBALS['refid'])) && (getReferalId() !== NULL) && (getReferalId() > 0)); +} + +// Getter for referal id +function getReferalId () { + return $GLOBALS['refid']; +} + +//----------------------------------------------------------------------------- +// Automatically re-created functions, all taken from user comments on www.php.net +//----------------------------------------------------------------------------- if (!function_exists('html_entity_decode')) { // Taken from documentation on www.php.net function html_entity_decode ($string) { @@ -2399,29 +2379,5 @@ if (!function_exists('html_entity_decode')) { } } // END - if -if (!function_exists('http_build_query')) { - // Taken from documentation on www.php.net, credits to Marco K. (Germany) and some light mods by R.Haeder - function http_build_query($data, $prefix = '', $sep = '', $key = '') { - $ret = array(); - foreach ((array)$data as $k => $v) { - if (is_int($k) && $prefix != null) { - $k = urlencode($prefix . $k); - } // END - if - - if ((!empty($key)) || ($key === 0)) $k = $key . '[' . urlencode($k) . ']'; - - if (is_array($v) || is_object($v)) { - array_push($ret, http_build_query($v, '', $sep, $k)); - } else { - array_push($ret, $k.'='.urlencode($v)); - } - } // END - foreach - - if (empty($sep)) $sep = ini_get('arg_separator.output'); - - return implode($sep, $ret); - } -} // END - if - // [EOF] ?>