X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Ffunctions.php;h=892f983c6b68cf48f9f2efaf2f0ea13bd039c959;hb=59bd8a9805c51c895a92cc12825f4cbdfd792597;hp=161c73c35ddfcfc3d13ea97a30b85670b6587434;hpb=33a744d80e9c5ec1c13e8f643143146166975e9b;p=mailer.git diff --git a/inc/functions.php b/inc/functions.php index 161c73c35d..a292a5b1bc 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -32,234 +32,269 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) -{ - $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; +if (!defined('__SECURITY')) { + $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); } // Check if our config file is writeable or not -function is_INCWritable($inc) -{ - $fp = @fopen(PATH."inc/".$inc.".php", 'a'); - if ($inc == "dummy") - { +function IS_INC_WRITEABLE($inc) { + // Generate FQFN + $fqfn = sprintf("%sinc/%s.php", constant('PATH'), $inc); + + // Abort by simple test + if ((FILE_READABLE($fqfn)) && (!is_writeable($fqfn))) { + return false; + } // END - if + + // Test if we can append data + $fp = @fopen($fqfn, 'a'); + if ($inc == "dummy") { // Remove dummy file - @fclose($fp); - return @unlink(PATH."inc/dummy.php"); - } - else - { + fclose($fp); + return unlink($fqfn); + } else { // Close all other files - return @fclose($fp); + return fclose($fp); } } -// Check if we can write to an sql file -function is_SQLWriteable($sql) -{ - $fp = @fopen(PATH.$sql.".sql", 'a'); - return @fclose($fp); -} - -// Open a table (you may want to add some header stuff here) -function OPEN_TABLE($PERCENT = "", $CLASS = "", $ALIGN="left", $VALIGN="", $td_only=false) -{ - global $table_cnt; - // Count tables so we can generate CSS classes for every table... :-) - if (empty($CLASS)) - { - // Class is empty so count one up and create a class - $table_cnt++; $CLASS = "class".$table_cnt; - } - $OUT = ""; - OUTPUT_HTML ($OUT); -} -// Close a table (you may want to add some footer stuff here) -function CLOSE_TABLE($ADD="") -{ - OUTPUT_HTML (" -"); - if (!empty($ADD)) OUTPUT_HTML ($ADD); - OUTPUT_HTML ("
"); -} - // Output HTML code directly or "render" it. You addionally switch the new-line character off -function OUTPUT_HTML ($HTML, $NEW_LINE = true) { +function OUTPUT_HTML ($HTML, $newLine = true) { // Some global variables - global $OUTPUT, $FOOTER, $CSS; + global $OUTPUT; // Do we have HTML-Code here? if (!empty($HTML)) { // Yes, so we handle it as you have configured - switch (OUTPUT_MODE) + switch (constant('OUTPUT_MODE')) { case "render": // That's why you don't need any \n at the end of your HTML code... :-) - if (_OB_CACHING == "on") - { + if (constant('_OB_CACHING') == "on") { // Output into PHP's internal buffer - echo stripslashes($HTML); + OUTPUT_RAW($HTML); // That's why you don't need any \n at the end of your HTML code... :-) - if ($NEW_LINE) echo "\n"; - } - else - { + if ($newLine) echo "\n"; + } else { // Render mode for old or lame servers... $OUTPUT .= $HTML; // That's why you don't need any \n at the end of your HTML code... :-) - if ($NEW_LINE) $OUTPUT .= "\n"; + if ($newLine) $OUTPUT .= "\n"; } break; case "direct": // If we are switching from render to direct output rendered code - if ((!empty($OUTPUT)) && (_OB_CACHING != "on")) { echo $OUTPUT; $OUTPUT = ""; } + if ((!empty($OUTPUT)) && (constant('_OB_CACHING') != "on")) { OUTPUT_RAW($OUTPUT); $OUTPUT = ""; } // The same as above... ^ - echo stripslashes($HTML); - if ($NEW_LINE) echo "\n"; + OUTPUT_RAW($HTML); + if ($newLine) echo "\n"; break; default: // Huh, something goes wrong or maybe you have edited config.php ??? - die ("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid renderer %s detected.", constant('OUTPUT_MODE'))); + mxchange_die("{--FATAL_ERROR--}: {--LANG_NO_RENDER_DIRECT--}"); break; } - } elseif ((_OB_CACHING == "on") && ($FOOTER == 1)) { + } elseif ((constant('_OB_CACHING') == "on") && ($GLOBALS['footer_sent'] == 1)) { + // Headers already sent? + if (headers_sent()) { + // Log this error + DEBUG_LOG(__FUNCTION__, __LINE__, "Headers already sent! We need debug backtrace here."); + + // Trigger an user error + debug_report_bug("Headers are already sent!"); + } // END - if + // Output cached HTML code $OUTPUT = ob_get_contents(); // Clear output buffer for later output - ob_end_clean(); + clearOutputBuffer(); + + // Send HTTP header + header("HTTP/1.1 200"); - if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { + // Used later + $now = gmdate('D, d M Y H:i:s') . ' GMT'; + + // General headers for no caching + header("Expired: " . $now); // RFC2616 - Section 14.21 + header("Last-Modified: " . $now); + header("Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0"); // HTTP/1.1 + header("Pragma: no-cache"); // HTTP/1.0 + header("Connection: Close"); + + // Extension "rewrite" installed? + if ((EXT_IS_ACTIVE("rewrite")) && ($GLOBALS['output_mode'] != "1") && ($GLOBALS['output_mode'] != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); - } + } // END - if // Compile and run finished rendered HTML code - while (strpos($OUTPUT, "{!") > 0) { - $eval = "\$OUTPUT = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";"; + while (strpos($OUTPUT, '{!') > 0) { + // Prepare the content and eval() it... + $newContent = ""; + $eval = "\$newContent = \"".COMPILE_CODE(SQL_ESCAPE($OUTPUT))."\";"; @eval($eval); - } + + // Was that eval okay? + if (empty($newContent)) { + // Something went wrong! + mxchange_die("Evaluation error:
".htmlentities($eval)."
"); + } // END - if + $OUTPUT = $newContent; + } // END - while // Output code here, DO NOT REMOVE! ;-) - echo stripslashes($OUTPUT); - flush(); - } elseif ((OUTPUT_MODE == "render") && (!empty($OUTPUT))) { + OUTPUT_RAW($OUTPUT); + } elseif ((constant('OUTPUT_MODE') == "render") && (!empty($OUTPUT))) { // Rewrite links when rewrite extension is active - if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { + if ((EXT_IS_ACTIVE("rewrite")) && ($GLOBALS['output_mode'] != "1") && ($GLOBALS['output_mode'] != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); - } + } // END - if // Compile and run finished rendered HTML code - while (strpos($OUTPUT, "{!") > 0) { - $eval = "\$OUTPUT = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";"; - @eval($eval); - } + while (strpos($OUTPUT, '{!') > 0) { + $eval = "\$OUTPUT = \"".COMPILE_CODE(SQL_ESCAPE($OUTPUT))."\";"; + eval($eval); + } // END - while // Output code here, DO NOT REMOVE! ;-) - echo stripslashes($OUTPUT); - flush(); + OUTPUT_RAW($OUTPUT); } } +// Output the raw HTML code +function OUTPUT_RAW ($HTML) { + // Output stripped HTML code to avoid broken JavaScript code, etc. + echo stripslashes(stripslashes($HTML)); + + // Flush the output if only constant('_OB_CACHING') is not "on" + if (constant('_OB_CACHING') != "on") { + // Flush it + flush(); + } // END - if +} + // Add a fatal error message to the queue array -function ADD_FATAL ($message, $extra="") -{ +function addFatalMessage ($message, $extra="") { global $FATAL; - if (empty($extra)) { - // Regular text message to add to $FATAL - $FATAL[] = $message; - } else { + + if (is_array($extra)) { + // Multiple extras for a message with masks + $message = call_user_func_array('sprintf', $extra); + } elseif (!empty($extra)) { // $message is text with a mask plus extras to insert into the text - $FATAL[] = sprintf($message, $extra); + $message = sprintf($message, $extra); } + + // Add message to $FATAL + $FATAL[] = $message; + + // Log fatal messages away + DEBUG_LOG(__FUNCTION__, __LINE__, " message={$message}"); +} + +// Getter for total fatal message count +function getTotalFatalErrors () { + global $FATAL; + + // Init coun + $count = 0; + + // Do we have at least the first entry? + if (!empty($FATAL[0])) { + // Get total count + $count = count($FATAL); + } // END - if + + // Return value + return $count; } // Load a template file and return it's content (only it's name; do not use ' or ") -function LOAD_TEMPLATE($template, $return=false, $content="") -{ +function LOAD_TEMPLATE ($template, $return=false, $content=array()) { // Add more variables which you want to use in your template files - global $DATA, $username; - $ACTION = SQL_ESCAPE($GLOBALS['action']); - $WHAT = SQL_ESCAPE($GLOBALS['what']); + global $DATA, $_CONFIG, $username; + + // Make all template names lowercase + $template = strtolower($template); + + // Count the template load + incrementConfigEntry('num_templates'); + + // Prepare IP number and User Agent + $REMOTE_ADDR = GET_REMOTE_ADDR(); + if (!defined('REMOTE_ADDR')) define('REMOTE_ADDR', $REMOTE_ADDR); + $HTTP_USER_AGENT = GET_USER_AGENT(); + + // Init some data $ret = ""; if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0; - $REFID = $GLOBALS['refid']; - if ($template == "member_support_form") - { + // @DEPRECATED Try to rewrite the if() condition + if ($template == "member_support_form") { // Support request of a member - $result = SQL_QUERY_ESC("SELECT sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", - array($GLOBALS['userid']), __FILE__, __LINE__); - list($sex, $surname, $family) = SQL_FETCHROW($result); + $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array($GLOBALS['userid']), __FILE__, __LINE__); + + // Is content an array? + if (is_array($content)) { + // Merge data + $content = merge_array($content, SQL_FETCHARRAY($result)); + + // Translate gender + $content['gender'] = TRANSLATE_GENDER($content['gender']); + } else { + // @DEPRECATED + // @TODO Fine all templates which are using these direct variables and rewrite them. + // @TODO After this step is done, this else-block is history + list($gender, $surname, $family, $email) = SQL_FETCHROW($result); + + // Translate gender + $gender = TRANSLATE_GENDER($gender); + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("DEPRECATION-WARNING: content is not array (%s).", gettype($content))); + } + + // Free result SQL_FREERESULT($result); - $salut = TRANSLATE_SEX($sex); - } + } // END - if // Generate date/time string $date_time = MAKE_DATETIME(time(), "1"); // Base directory - $BASE = PATH."templates/".GET_LANGUAGE()."/html/"; + $BASE = sprintf("%stemplates/%s/html/", constant('PATH'), GET_LANGUAGE()); $MODE = ""; // Check for admin/guest/member templates - if (strpos($template, "admin_") > -1) - { + if (strpos($template, "admin_") > -1) { // Admin template found $MODE = "admin/"; - } - elseif (strpos($template, "guest_") > -1) - { + } elseif (strpos($template, "guest_") > -1) { // Guest template found $MODE = "guest/"; - } - elseif (strpos($template, "member_") > -1) - { + } elseif (strpos($template, "member_") > -1) { // Member template found $MODE = "member/"; - } - elseif (strpos($template, "install_") > -1) - { + } elseif (strpos($template, "install_") > -1) { // Installation template found $MODE = "install/"; - } - elseif (strpos($template, "ext_") > -1) - { + } elseif (strpos($template, "ext_") > -1) { // Extension template found $MODE = "ext/"; - } - elseif (strpos($template, "la_") > -1) - { + } elseif (strpos($template, "la_") > -1) { // "Logical-area" template found $MODE = "la/"; - } - else - { + } else { // Test for extension $test = substr($template, 0, strpos($template, "_")); - if (EXT_IS_ACTIVE($test)) - { + if (EXT_IS_ACTIVE($test)) { // Set extra path to extension's name $MODE = $test."/"; } @@ -268,10 +303,9 @@ function LOAD_TEMPLATE($template, $return=false, $content="") //////////////////////// // Generate file name // //////////////////////// - $file = $BASE.$MODE.$template.".tpl"; + $FQFN = $BASE.$MODE.$template.".tpl"; - if ((!empty($GLOBALS['what'])) && ((strpos($template, "_header") > 0) || (strpos($template, "_footer") > 0)) && (($MODE == "guest/") || ($MODE == "member/") || ($MODE == "admin/"))) - { + if ((!empty($GLOBALS['what'])) && ((strpos($template, "_header") > 0) || (strpos($template, "_footer") > 0)) && (($MODE == "guest/") || ($MODE == "member/") || ($MODE == "admin/"))) { // Select what depended header/footer template file for admin/guest/member area $file2 = sprintf("%s%s%s_%s.tpl", $BASE, @@ -281,104 +315,111 @@ function LOAD_TEMPLATE($template, $return=false, $content="") ); // Probe for it... - if (file_exists($file2)) $file = $file2; + if (FILE_READABLE($file2)) $FQFN = $file2; // Remove variable from memory unset($file2); } // Does the special template exists? - if (!file_exists($file)) - { + if (!FILE_READABLE($FQFN)) { // Reset to default template - $file = $BASE.$template.".tpl"; - } + $FQFN = $BASE.$template.".tpl"; + } // END - if // Now does the final template exists? - if (file_exists($file)) - { + if (FILE_READABLE($FQFN)) { // The local file does exists so we load it. :) - $tmpl_file = implode("", file($file)); + $tmpl_file = READ_FILE($FQFN); // Replace ' to our own chars to preventing them being quoted - while (strpos($tmpl_file, "\'") !== false) { $tmpl_file = str_replace("\'", "{QUOT}", $tmpl_file); } + while (strpos($tmpl_file, "'") !== false) { $tmpl_file = str_replace("'", '{QUOT}', $tmpl_file); } // Do we have to compile the code? - if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) - { + $ret = ""; + if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) { // Okay, compile it! - $tmpl_file = "\$ret=\"".COMPILE_CODE(addslashes($tmpl_file))."\";"; + $tmpl_file = "\$ret=\"".COMPILE_CODE(SQL_ESCAPE($tmpl_file))."\";"; eval($tmpl_file); - } - else - { + } else { // Simply return loaded code $ret = $tmpl_file; } // Add surrounding HTML comments to help finding bugs faster $ret = "\n".$ret."\n"; - } - elseif ((IS_ADMIN()) || ((mxchange_installing) && (!mxchange_installed))) - { + } elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!isBooleanConstantAndTrue('mxchange_installed')))) { // Only admins shall see this warning or when installation mode is active - $ret = "
".TEMPLATE_404."
-(".basename($file).")
-
+ $ret = "
".TEMPLATE_404."
+(".basename($FQFN).")
+
".TEMPLATE_CONTENT." -
".print_r($content, true)."
+
".print_r($content, true)."
".TEMPLATE_DATA." -
".print_r($DATA, true)."
-

"; +
".print_r($DATA, true)."
+

"; } - if (!empty($ret)) - { + + // Remove content and data + unset($content); + unset($DATA); + + // Do we have some content to output or return? + if (!empty($ret)) { // Not empty so let's put it out! ;) - if ($return) - { + if ($return) { // Return the HTML code return $ret; - } - else - { + } else { // Output direct - OUTPUT_HTML ($ret); + OUTPUT_HTML($ret); } - } - elseif (DEBUG_MODE) - { + } elseif (isBooleanConstantAndTrue('DEBUG_MODE')) { // Warning, empty output! - return "E:".$template."
\n"; + return "E:".$template."
\n"; } } // Send mail out to an email address -function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML="N", $FROM="") -{ +function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") { + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):TO={$TO},SUBJECT={$SUBJECT}
\n"; + // Compile subject line (for POINTS constant etc.) - $eval = "\$SUBJECT = \"".COMPILE_CODE(addslashes($SUBJECT))."\";"; + $eval = "\$SUBJECT = decodeEntities(\"".COMPILE_CODE(SQL_ESCAPE($SUBJECT))."\");"; eval($eval); - $SUBJECT = html_entity_decode($SUBJECT); // Set from header - if (!eregi("@", $TO)) - { - // Value detected, load email from database - if (EXT_IS_ACTIVE("msg")) - { + if ((!eregi("@", $TO)) && ($TO > 0)) { + // Value detected, is the message extension installed? + if (EXT_IS_ACTIVE("msg")) { ADD_MESSAGE_TO_BOX($TO, $SUBJECT, $MSG, $HTML); return; - } - else - { - $result_email = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); - list($TO) = SQL_FETCHROW($result_email); + } else { + // Load email address + $result_email = SQL_QUERY_ESC("SELECT email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):numRows=".SQL_NUMROWS($result_email)."
\n"; + + // Does the user exist? + if (SQL_NUMROWS($result_email)) { + // Load email address + list($TO) = SQL_FETCHROW($result_email); + } else { + // Set webmaster + $TO = constant('WEBMASTER'); + } + + // Free result SQL_FREERESULT($result_email); } + } elseif ("$TO" == "0") { + // Is the webmaster! + $TO = constant('WEBMASTER'); } + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):TO={$TO}
\n"; - // Not in PHPMailer-Mode + // Check for PHPMailer or debug-mode if (!CHECK_PHPMAILER_USAGE()) { + // Not in PHPMailer-Mode if (empty($FROM)) { // Load email header template $FROM = LOAD_EMAIL_TEMPLATE("header"); @@ -386,7 +427,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML="N", $FROM="") // Append header $FROM .= LOAD_EMAIL_TEMPLATE("header"); } - } elseif (DEBUG_MODE) { + } elseif (isBooleanConstantAndTrue('DEBUG_MODE')) { if (empty($FROM)) { // Load email header template $FROM = LOAD_EMAIL_TEMPLATE("header"); @@ -396,37 +437,36 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML="N", $FROM="") } } + // Compile "TO" + $eval = "\$TO = \"".COMPILE_CODE(SQL_ESCAPE($TO))."\";"; + eval($eval); + + // Compile "MSG" + $eval = "\$MSG = \"".COMPILE_CODE(SQL_ESCAPE($MSG))."\";"; + eval($eval); + // Fix HTML parameter (default is no!) if (empty($HTML)) $HTML = "N"; - if (DEBUG_MODE) - { + if (isBooleanConstantAndTrue('DEBUG_MODE')) { // In debug mode we want to display the mail instead of sending it away so we can debug this part - echo "
+		print("
 ".htmlentities(trim($FROM))."
 To      : ".$TO."
 Subject : ".$SUBJECT."
 Message : ".$MSG."
-
\n";
-	}
-	 elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail", true)))
-	{
+
\n"); + } elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail"))) { // Send mail as HTML away SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM); - } - elseif (!empty($TO)) - { - // Compile email - $TO = COMPILE_CODE($TO); - + } elseif (!empty($TO)) { // Send Mail away - SEND_RAW_EMAIL(stripslashes($TO), COMPILE_CODE($SUBJECT), stripslashes($MSG), $FROM); - } - elseif ($HTML == "N") - { + SEND_RAW_EMAIL($TO, $SUBJECT, $MSG, $FROM); + } elseif ($HTML == "N") { // Problem found! - SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), stripslashes($MSG), $FROM); + SEND_RAW_EMAIL(constant('WEBMASTER'), "[PROBLEM:]".$SUBJECT, $MSG, $FROM); } } + // Check if legacy or PHPMailer command // @private function CHECK_PHPMAILER_USAGE() { @@ -440,21 +480,25 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { // Shall we use PHPMailer class or legacy mode? if (CHECK_PHPMAILER_USAGE()) { // Use PHPMailer class with SMTP enabled - require_once(PATH."inc/phpmailer/class.phpmailer.php"); - require_once(PATH."inc/phpmailer/class.smtp.php"); + LOAD_INC_ONCE("inc/phpmailer/class.phpmailer.php"); + LOAD_INC_ONCE("inc/phpmailer/class.smtp.php"); // get new instance $mail = new PHPMailer(); - $mail->PluginDir = PATH."inc/phpmailer/"; + $mail->PluginDir = sprintf("%sinc/phpmailer/", constant('PATH')); $mail->IsSMTP(); $mail->SMTPAuth = true; - $mail->Host = SMTP_HOSTNAME; + $mail->Host = constant('SMTP_HOSTNAME'); $mail->Port = 25; - $mail->Username = SMTP_USER; - $mail->Password = SMTP_PASSWORD; - $mail->From = $from; - $mail->FromName = MAIN_TITLE; + $mail->Username = constant('SMTP_USER'); + $mail->Password = constant('SMTP_PASSWORD'); + if (empty($from)) { + $mail->From = constant('WEBMASTER'); + } else { + $mail->From = $from; + } + $mail->FromName = constant('MAIN_TITLE'); $mail->Subject = $subject; if ((EXT_IS_ACTIVE("html_mail")) && (strip_tags($msg) != $msg)) { $mail->Body = $msg; @@ -462,48 +506,45 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { $mail->WordWrap = 70; $mail->IsHTML(true); } else { - $mail->Body = $msg; + $mail->Body = decodeEntities($msg); } $mail->AddAddress($to, ""); - $mail->AddReplyTo(WEBMASTER,MAIN_TITLE); - $mail->AddCustomHeader("Errors-To:".WEBMASTER); - $mail->AddCustomHeader("X-Loop:".WEBMASTER); + $mail->AddReplyTo(constant('WEBMASTER'), constant('MAIN_TITLE')); + $mail->AddCustomHeader("Errors-To:".constant('WEBMASTER')); + $mail->AddCustomHeader("X-Loop:".constant('WEBMASTER')); $mail->Send(); } else { // Use legacy mail() command - @mail($to, $subject, $msg, $from); + @mail($to, $subject, decodeEntities($msg), $from); } } // // Generate a password in a specified length or use default password length -function GEN_PASS($LEN = 0) { - global $CONFIG; - if ($LEN == 0) $LEN = $CONFIG['pass_len']; +function GEN_PASS ($LEN = 0) { + // Auto-fix invalid length of zero + if ($LEN == 0) $LEN = getConfig('pass_len'); // Initialize array with all allowed chars $ABC = explode(",", "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9,-,+,_,/"); - // Initialize randomizer - mt_srand((double) microtime() * 1000000); - // Start creating password $PASS = ""; for ($i = 0; $i < $LEN; $i++) { $PASS .= $ABC[mt_rand(0, sizeof($ABC) -1)]; - } + } // END - for // When the size is below 40 we can also add additional security by scrambling it if (strlen($PASS) <= 40) { // Also scramble the password $PASS = scrambleString($PASS); - } + } // END - if // Return the password return $PASS; } // -function MAKE_DATETIME($time, $mode="0") +function MAKE_DATETIME ($time, $mode="0") { if ($time == 0) { // Never happend @@ -516,477 +557,349 @@ function MAKE_DATETIME($time, $mode="0") switch (GET_LANGUAGE()) { case "de": // German date / time format - switch ($mode) - { + switch ($mode) { case "0": $ret = date("d.m.Y \u\m H:i \U\h\\r", $time); break; case "1": $ret = strtolower(date("d.m.Y - H:i", $time)); break; case "2": $ret = date("d.m.Y|H:i", $time); break; case "3": $ret = date("d.m.Y", $time); break; + default: + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); + break; } break; default: // Default is the US date / time format! - switch ($mode) - { + switch ($mode) { case "0": $ret = date("r", $time); break; case "1": $ret = date("Y-m-d - g:i A", $time); break; case "2": $ret = date("y-m-d|H:i", $time); break; case "3": $ret = date("y-m-d", $time); break; + default: + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); + break; } } return $ret; } -// -function TRANSLATE_COMMA($dotted, $cut=true) -{ - global $CONFIG; + +// Translates the american decimal dot into a german comma +function TRANSLATE_COMMA ($dotted, $cut=true, $max=0) { // Default is 3 you can change this in admin area "Misc -> Misc Options" - if (empty($CONFIG['max_comma'])) $CONFIG['max_comma'] = "3"; - if (!ereg("\.", $dotted)) $dotted .= ".".str_repeat("0", $CONFIG['max_comma']); - if ($cut) - { - // Remove trailing zeros - $dot = str_replace(".", "x", $dotted); - while(substr($dot, -1, 1) == "0") - { - $dot = substr($dot, 0, -1); - } - if (substr($dot, -1, 1) == "x") - { - // Last char is the 'x' - $dotted = substr($dot, 0, -1); - } - else - { - // Last char is a number - $dotted = str_replace("x", ".", $dot); + if (!isConfigEntrySet('max_comma')) setConfigEntry('max_comma', "3"); + + // Use from config is default + $maxComma = getConfig('max_comma'); + + // Use from parameter? + if ($max > 0) $maxComma = $max; + + // Cut zeros off? + if (($cut) && ($max == 0)) { + // Test for commata if in cut-mode + $com = explode(".", $dotted); + if (count($com) < 2) { + // Don't display commatas even if there are none... ;-) + $maxComma = 0; } - } - switch (GET_LANGUAGE()) - { + } // END - if + + // Debug log + //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, "dotted={$dotted},maxComma={$maxComma}"); + + // Translate it now + switch (GET_LANGUAGE()) { case "de": - $pos = strpos($dotted, "."); - if ($pos > 0) - { - if ($cut) - { - // Cut x numbers behind comma - $dotted = str_replace(".", ",", substr($dotted, 0, ($pos + $CONFIG['max_comma'] + 1))); - } - else - { - // Replace comma with dot - $dotted = str_replace(".", ",", $dotted); - } - } - elseif (!$cut) - { - if (empty($pos)) - { - $dotted = "0,".str_repeat("0", $CONFIG['max_comma']); - } - else - { - $dotted .= ",".str_repeat("0", $CONFIG['max_comma']); - } - } + $dotted = number_format($dotted, $maxComma, ",", "."); break; default: - if (!$cut) - { - if ($pos > 0) - { - $dotted = substr($dotted, 0, ($pos + $CONFIG['max_comma'] + 1)); - } - else - { - $dotted .= ".".str_repeat("0", $CONFIG['max_comma']); - } - } + $dotted = number_format($dotted, $maxComma, ".", ","); break; } + + // Return translated value return $dotted; } + // -function DEREFERER($URL) -{ - $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(COMPILE_CODE($URL))); +function DEREFERER ($URL) { + // Don't de-refer our own links! + if (substr($URL, 0, strlen(URL)) != URL) { + // De-refer this link + $URL = "modules.php?module=loader&url=".encodeString(compileUriCode($URL)); + } // END - if + + // Return link return $URL; } -// -function TRANSLATE_SEX($sex) -{ - switch ($sex) - { - case "M": $ret = SEX_M; break; - case "F": $ret = SEX_F; break; - case "C": $ret = SEX_C; break; - default : $ret = $sex; break; - } - return $ret; -} -// -function GET_POOL_TYPE($PT) -{ - switch ($PT) - { - case "TEMP" : $ret = POOL_TEMP; break; - case "SEND" : $ret = POOL_SEND; break; - case "NEW" : $ret = POOL_NEW; break; - case "ADMIN" : $ret = POOL_ADMIN; break; - case "ACTIVE" : $ret = POOL_ACTIVE; break; - case "DELETED": $ret = POOL_DELETED; break; - default : $ret = POOL_UNKNOWN." (".$PT.")"; break; + +// Translate Uni*-like gender to human-readable +function TRANSLATE_GENDER ($gender) { + // Default + $ret = "!{$gender}!"; + + // Male/female or company? + switch ($gender) { + case "M": $ret = getMessage('GENDER_M'); break; + case "F": $ret = getMessage('GENDER_F'); break; + case "C": $ret = getMessage('GENDER_C'); break; + default: + // Log unknown gender + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown gender %s detected.", $gender)); + break; } + + // Return translated gender return $ret; } + // -function FRAMETESTER($URL) -{ - global $_SERVER; - $URL = URL."/modules.php?module=frametester&url=".urlencode(base64_encode(COMPILE_CODE($URL))); - return $URL; +function FRAMETESTER ($URL) { + // Prepare frametester URL + $frametesterUrl = sprintf("%s/modules.php?module=frametester&url=%s", + URL, + encodeString(compileUriCode($URL)) + ); + return $frametesterUrl; } + // -function SELECTION_COUNT($array) -{ - $ret = "0"; - if (is_array($array)) - { - foreach ($array as $key=>$sel) - { +function SELECTION_COUNT ($array) { + $ret = 0; + if (is_array($array)) { + foreach ($array as $key => $sel) { if (!empty($sel)) $ret++; } } return $ret; } // -function IMG_CODE ($code, $TYPE, $DATA, $uid) -{ - return "\"Code\""; +function IMG_CODE ($code, $type, $DATA, $uid) { + return "\"Code\""; } // -function TRANSLATE_STATUS($status) -{ +function TRANSLATE_STATUS ($status) { switch ($status) { case "UNCONFIRMED": - $ret = ACCOUNT_UNCONFIRMED; - break; - case "CONFIRMED": - $ret = ACCOUNT_CONFIRMED; + case "LOCKED": + $ret = getMessage(sprintf("ACCOUNT_%s", $status)); break; - case "LOCKED": - $ret = ACCOUNT_LOCKED; + case "": + case null: + $ret = getMessage('ACCOUNT_DELETED'); break; default: - $ret = UNKNOWN_STATUS_1.$status.UNKNOWN_STATUS_2; + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status)); + $ret = sprintf(getMessage('UNKNOWN_STATUS"'), $status); break; } + + // Return it return $ret; } // -function GET_LANGUAGE() -{ - global $_COOKIE, $_GET; +function GET_LANGUAGE() { + // Set default return value to default language from config + $ret = constant('DEFAULT_LANG'); - if (!empty($_GET['mx_lang'])) - { + // Init variable + $lang = ""; + + // Is the variable set + if (!empty($_GET['mx_lang'])) { // Accept only first 2 chars $lang = substr($_GET['mx_lang'], 0, 2); - } - else - { - // Do nothing - $lang = ""; - } - - // Set default return value to default language from config - $ret = DEFAULT_LANG; - - // Check GET variable and cookie - if (!empty($lang)) - { + } elseif (isset($GLOBALS['cache_array']['language'])) { + // Use cached + $ret = $GLOBALS['cache_array']['language']; + } elseif (!empty($lang)) { // Check if main language file does exist - if (file_exists(PATH."inc/language/".$lang.".php")) - { + if (FILE_READABLE(constant('PATH')."inc/language/".$lang.".php")) { // Okay found, so let's update cookies SET_LANGUAGE($lang); } - } - elseif (!empty($_COOKIE['mx_lang'])) - { + } elseif (!isSessionVariableSet('mx_lang')) { // Return stored value from cookie - $ret = $_COOKIE['mx_lang']; + $ret = get_session('mx_lang'); + + // Fixes a warning before the session has the mx_lang constant + if (empty($ret)) $ret = constant('DEFAULT_LANG'); } + + // Cache entry + $GLOBALS['cache_array']['language'] = $ret; + + // Return value return $ret; } // -function SET_LANGUAGE($lang) -{ - global $CONFIG; - +function SET_LANGUAGE ($lang) { // Accept only first 2 chars! $lang = substr(SQL_ESCAPE(strip_tags($lang)), 0, 2); // Set cookie - @setcookie("mx_lang", $lang, (time() + $CONFIG['online_timeout']), COOKIE_PATH); - - // Set array - $_COOKIE['mx_lang'] = $lang; + set_session('mx_lang', $lang); } // -function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") -{ - global $DATA, $CONFIG, $REPLACER; +function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") { + global $DATA, $REPLACER, $_CONFIG; - // Keept for backward-compatiblity (please replace these variables against our new {--CONST--} syntax!) - $MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER; - $surname = ""; $family = ""; $nick = ""; $sex = "N"; + // Make sure all template names are lowercase! + $template = strtolower($template); + + // Default "nickname" if extension is not installed + $nick = "---"; // Prepare IP number and User Agent - $REMOTE_ADDR = getenv('REMOTE_ADDR'); - $HTTP_USER_AGENT = getenv('HTTP_USER_AGENT'); + $REMOTE_ADDR = GET_REMOTE_ADDR(); + $HTTP_USER_AGENT = GET_USER_AGENT(); + + // Default admin + $ADMIN = constant('MAIN_TITLE'); + + // Is the admin logged in? + if (IS_ADMIN()) { + // Get admin id + $aid = GET_CURRENT_ADMIN_ID(); - $ADMIN = MAIN_TITLE; - if (!empty($_COOKIE['admin_login'])) - { // Load Admin data - $result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", - array(SQL_ESCAPE($_COOKIE['admin_login'])), __FILE__, __LINE__); - list($ADMIN) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - } + $ADMIN = GET_ADMIN_EMAIL($aid); + } // END - if + + // Neutral email address is default + $email = constant('WEBMASTER'); // Expiration in a nice output format - if ($CONFIG['auto_purge'] == 0) - { + if (getConfig('auto_purge') == 0) { // Will never expire! - $EXPIRATION = MAIL_WILL_NEVER_EXPIRE; - } - elseif (function_exists('CREATE_FANCY_TIME')) - { + $EXPIRATION = getMessage('MAIL_WILL_NEVER_EXPIRE'); + } else { // Create nice date string - $EXPIRATION = CREATE_FANCY_TIME($CONFIG['auto_purge']); - } - else - { - // Display days only - $EXPIRATION = round($CONFIG['auto_purge']/60/60/24)." "._DAYS; + $EXPIRATION = CREATE_FANCY_TIME(getConfig('auto_purge')); } - switch ($template) - { - case "bonus-mail": // Load data for the bonus mail - $BONUSID = $DATA[0]; - $content = $DATA[2]; - $POINTS = TRANSLATE_COMMA($DATA[4]); - $TIME = $DATA[5]; - $TARGET_URL = $DATA[8]; - $CATEGORY = GET_CATEGORY($DATA[9]); - $DATA[10] = $UID; - - // Replace variables - foreach ($REPLACER as $key=>$value) - { - if (isset($DATA[$key])) $content = str_replace($value, $DATA[$key], $content); - } - break; - - case "order-admin": - case "order-member": - $BLOCKS = $CONFIG['max_send']; - $SUBJECT = $DATA[0]; - $content = $DATA[1]; - $PAYMENT = GET_PAYMENT($DATA[3]); - $TARGET_URL = $DATA[5]; - $CATEGORY = GET_CATEGORY($DATA[6]); - break; - - case "order-reject": - case "order-deleted": - case "order-accept": - $TARGET_URL = $DATA[0]; - $URL = $DATA[0]; - $SUBJECT = $DATA[1]; - break; - case "new-pass": - $PASS = $DATA[0]; - $REMOTE = $DATA[1]; - break; + // Is content an array? + if (is_array($content)) { + // Add expiration to array, $EXPIRATION is now deprecated! + $content['expiration'] = $EXPIRATION; + } // END - if - case "confirm-member": - $POINTS = $CONFIG['points_register']; - break; + // Load user's data + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):UID={$UID},template={$template},content[]=".gettype($content)."
\n"; + if (($UID > 0) && (is_array($content))) { + // If nickname extension is installed, fetch nickname as well + if (EXT_IS_ACTIVE("nickname")) { + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):NICKNAME!
\n"; + // Load nickname + $result = SQL_QUERY_ESC("SELECT surname, family, gender, email, nickname FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array(bigintval($UID)), __FILE__, __LINE__); + } else { + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):NO-NICK!
\n"; + /// Load normal data + $result = SQL_QUERY_ESC("SELECT surname, family, gender, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array(bigintval($UID)), __FILE__, __LINE__); + } - case "confirm-referral": - $PERCENT = $DATA[0]; - $LEVEL = $DATA[1]; - $POINTS = $DATA[2]; - $REFID = $DATA[3]; - break; + // Fetch and merge data + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):content()=".count($content)." - PRE
\n"; + $content = merge_array($content, SQL_FETCHARRAY($result)); + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):content()=".count($content)." - AFTER
\n"; - case "normal-mail": - $SEND_UID = $DATA[1]; - $CATEGORY = GET_CATEGORY($DATA[9]); - $TIME = GET_PAY_POINTS($DATA[5], "time"); - $TARGET_URL = $DATA[7]; - $POINTS = TRANSLATE_COMMA(GET_PAY_POINTS($DATA[5], "payment")); - // Warning! This ID has changed from 10 to 11! - $MAILID = $DATA[11]; - - // Replace variables - foreach ($REPLACER as $key=>$value) - { - if (isset($DATA[$key])) $content = str_replace($value, $DATA[$key], $content); - } - break; + // Free result + SQL_FREERESULT($result); + } // END - if - case "done-member": - case "done-admin": - $SEND_UID = $DATA[1]; - $CATEGORY = GET_CATEGORY($DATA[9]); - $TARGET_URL = $DATA[7]; - break; + // Translate M to male or F to female if present + if (isset($content['gender'])) $content['gender'] = TRANSLATE_GENDER($content['gender']); - case "back-admin": - case "back-member": - $POINTS = TRANSLATE_COMMA($DATA[10]); - break; + // Overwrite email from data if present + if (isset($content['email'])) $email = $content['email']; - case "add-points": - $POINTS = $_POST['points']; - break; + // Store email for some functions in global data array + $DATA['email'] = $email; - case "guest_request_confirm": - $HASH = $DATA[2]; - break; - } - - // Load user's data - if ($UID > 0) - { - if (EXT_IS_ACTIVE("nickname")) - { - // Load nickname - $result = SQL_QUERY_ESC("SELECT surname, family, sex, email, nickname FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", - array(bigintval($UID)), __FILE__, __LINE__); - list($surname, $family, $sex, $email, $nick) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - } - else - { - // Load normal data - $result = SQL_QUERY_ESC("SELECT surname, family, sex, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", - array(bigintval($UID)), __FILE__, __LINE__); - list($surname, $family, $sex, $email) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - $nick = "---"; - } - } - else - { - // Neutral sex and email address is default - $sex = "N"; - $email = WEBMASTER; - } - - // Translate M to male or F to female - $salut = TRANSLATE_SEX($sex); - - // Store email for some functions in global data array - $DATA['email'] = $email; - - // Base directory - $BASE = PATH."templates/".GET_LANGUAGE()."/emails/"; + // Base directory + $BASE = sprintf("%stemplates/%s/emails/", constant('PATH'), GET_LANGUAGE()); // Check for admin/guest/member templates - if (strpos($template, "admin_") > -1) - { + if (strpos($template, "admin_") > -1) { // Admin template found - $file = $BASE."admin/".$template.".tpl"; - } - elseif (strpos($template, "guest_") > -1) - { + $FQFN = $BASE."admin/".$template.".tpl"; + } elseif (strpos($template, "guest_") > -1) { // Guest template found - $file = $BASE."guest/".$template.".tpl"; - } - elseif (strpos($template, "member_") > -1) - { + $FQFN = $BASE."guest/".$template.".tpl"; + } elseif (strpos($template, "member_") > -1) { // Member template found - $file = $BASE."member/".$template.".tpl"; - } - else - { + $FQFN = $BASE."member/".$template.".tpl"; + } else { // Test for extension $test = substr($template, 0, strpos($template, "_")); - if (EXT_IS_ACTIVE($test)) - { + if (EXT_IS_ACTIVE($test)) { // Set extra path to extension's name - $file = $BASE.$test."/".$template.".tpl"; - } - else - { + $FQFN = $BASE.$test."/".$template.".tpl"; + } else { // No special filename - $file = $BASE.$template.".tpl"; + $FQFN = $BASE.$template.".tpl"; } } // Does the special template exists? - if (!@file_exists($file)) - { + if (!FILE_READABLE($FQFN)) { // Reset to default template - $file = $BASE.$template.".tpl"; - } + $FQFN = $BASE.$template.".tpl"; + } // END - if // Now does the final template exists? - if ((@file_exists($file)) && (is_readable($file))) - { + $newContent = ""; + if (FILE_READABLE($FQFN)) { // The local file does exists so we load it. :) - $tmpl_file = @implode("", @file($file)); - $tmpl_file = addslashes($tmpl_file); - - // Compile code - $tmpl_file = COMPILE_CODE($tmpl_file); + $tmpl_file = READ_FILE($FQFN); + $tmpl_file = SQL_ESCAPE($tmpl_file); // Run code - $tmpl_file = "\$content=\"".$tmpl_file."\";"; - eval($tmpl_file); - - // Replace HTML confirm chars - $content = html_entity_decode($content); - } - elseif (!empty($template)) - { + $tmpl_file = "\$newContent = decodeEntities(\"".COMPILE_CODE($tmpl_file)."\");"; + @eval($tmpl_file); + } elseif (!empty($template)) { // Template file not found! - $content = TEMPLATE_404.": ".$template."
-".TEMPLATE_CONTENT." -
".print_r($content, true)."
-".TEMPLATE_DATA." -
".print_r($DATA, true)."
-

"; + $newContent = "{--TEMPLATE_404--}: ".$template."
+{--TEMPLATE_CONTENT--} +
".print_r($content, true)."
+{--TEMPLATE_DATA--} +
".print_r($DATA, true)."
+

"; // Debug mode not active? Then remove the HTML tags - if (!DEBUG_MODE) $content = strip_tags($content); - } - else - { + if (!isBooleanConstantAndTrue('DEBUG_MODE')) $newContent = strip_tags($newContent); + } else { // No template name supplied! - $content = NO_TEMPLATE_SUPPLIED; + $newContent = getMessage('NO_TEMPLATE_SUPPLIED'); } - return COMPILE_CODE($content); + + // Is there some content? + if (empty($newContent)) { + // Compiling failed + $newContent = "Compiler error for template {$template}!\nUncompiled content:\n".$tmpl_file; + // Add last error if the required function exists + if (function_exists('error_get_last')) $newContent .= "\n--------------------------------------\nDebug:\n".print_r(error_get_last(), true)."--------------------------------------\nPlease don't alter these informations!\nThanx."; + } // END - if + + // Remove content and data + unset($content); + unset($DATA); + + // Return compiled content + return COMPILE_CODE($newContent); } // -function MAKE_TIME($H, $M, $S, $stamp) -{ +function MAKE_TIME($H, $M, $S, $stamp) { // Extract day, month and year from given timestamp $DAY = date("d", $stamp); $MONTH = date("m", $stamp); - $YEAR = date("Y", $stamp); + $YEAR = date('Y', $stamp); // Create timestamp for wished time which depends on extracted date return mktime($H, $M, $S, $MONTH, $DAY, $YEAR); @@ -994,32 +907,70 @@ function MAKE_TIME($H, $M, $S, $stamp) // function LOAD_URL($URL, $addUrlData=true) { // Compile out URI codes - $URL = COMPILE_CODE($URL); + $URL = compileUriCode($URL); + + // Check if http(s):// is there + if ((substr($URL, 0, 7) != "http://") && (substr($URL, 0, 8) != "https://")) { + // Make all URLs full-qualified + $URL = "".$URL; + } + + // Get output buffer + //* DEBUG: */ debug_report_bug(); + $OUTPUT = ob_get_contents(); + + // Clear it only if there is content + if (!empty($OUTPUT)) { + clearOutputBuffer(); + } // END - if // Add some data to URL if cookies are not accepted if (((!defined('__COOKIES')) || (!__COOKIES)) && ($addUrlData)) $URL = ADD_URL_DATA($URL); // Probe for bot from search engine - if ((eregi("spider", getenv('HTTP_USER_AGENT'))) || (eregi("bot", getenv('HTTP_USER_AGENT'))) || (eregi("spider", getenv('HTTP_USER_AGENT')))) { + if ((eregi("spider", GET_USER_AGENT())) || (eregi("bot", GET_USER_AGENT()))) { // Search engine bot detected so let's rewrite many chars for the link $URL = htmlentities(strip_tags($URL), ENT_QUOTES); // Output new location link as anchor - OUTPUT_HTML ("".$URL."\n"); + OUTPUT_HTML("".$URL.""); } elseif (!headers_sent()) { // Load URL when headers are not sent - @header ("Location: ".str_replace("&", "&", $URL)); + //* DEBUG: */ debug_report_bug("URL={$URL}"); + header ("Location: ".str_replace("&", "&", $URL)); } else { // Output error message - include(PATH."inc/header.php"); - OUTPUT_HTML (LOAD_URL_ERROR_1.$URL.LOAD_URL_ERROR_2); - include(PATH."inc/footer.php"); + LOAD_INC("inc/header.php"); + LOAD_TEMPLATE("redirect_url", false, str_replace("&", "&", $URL)); + LOAD_INC("inc/footer.php"); } exit(); } + +// Wrapper for LOAD_URL but URL comes from a configuration entry +function LOAD_CONFIGURED_URL ($configEntry) { + // Get the URL + $URL = getConfig($configEntry); + + // Is this URL set? + if (is_null($URL)) { + // Then abort here + trigger_error(sprintf("Configuration entry %s is not set!", $configEntry)); + } // END - if + + // Load the URL + LOAD_URL($URL); +} + // function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { global $SEC_CHARS, $URL_CHARS; + // Is the code a string? + if (!is_string($code)) { + // Silently return it + return $code; + } // END - if + $ARRAY = $SEC_CHARS; // Select smaller set of chars to replace when we e.g. want to compile URLs @@ -1029,21 +980,21 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { if ($constants) { // BEFORE 0.2.1 : Language and data constants // WITH 0.2.1+ : Only language constants - $code = str_replace("{--", '".', str_replace("--}", '."', $code)); + $code = str_replace('{--','".', str_replace('--}','."', $code)); // BEFORE 0.2.1 : Not used // WITH 0.2.1+ : Data constants - $code = str_replace("{!", '".', str_replace("!}", '."', $code)); - } + $code = str_replace('{!','".', str_replace("!}", '."', $code)); + } // END - if // Compile QUOT and other non-HTML codes foreach ($ARRAY['to'] as $k => $to) { // Do the reversed thing as in inc/libs/security_functions.php $code = str_replace($to, $ARRAY['from'][$k], $code); - } + } // END - foreach // But shall I keep simple quotes for later use? - if ($simple) $code = str_replace("\'", "{QUOT}", $code); + if ($simple) $code = str_replace("'", '{QUOT}', $code); // Find $content[bla][blub] entries @preg_match_all('/\$(content|DATA)((\[([a-zA-Z0-9-_]+)\])*)/', $code, $matches); @@ -1052,22 +1003,44 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { if ((count($matches) > 0) && (count($matches[0]) > 0)) { // Replace all matches $matchesFound = array(); - foreach ($matches[0] as $key=>$match) { - // Avoid replacing matches multiple times - if (!isset($matchesFound[$match])) { - // Not yet replaced! - $code = str_replace($match, "\".".$match.".\"", $code); - $matchesFound[$match] = 1; - } + foreach ($matches[0] as $key => $match) { + // Fuzzy look has failed by default + $fuzzyFound = false; + + // Fuzzy look on match if already found + foreach ($matchesFound as $found => $set) { + // Get test part + $test = substr($found, 0, strlen($match)); + + // Does this entry exist? + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):found={$found},match={$match},set={$set}
\n"; + if ($test == $match) { + // Match found! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):fuzzyFound!
\n"; + $fuzzyFound = true; + break; + } // END - if + } // END - foreach + + // Skip this entry? + if ($fuzzyFound) continue; // Take all string elements - if (("".bigintval($matches[4][$key])."" != $matches[4][$key]) && (!isset($matchesFound[$key."_".$matches[4][$key]]))) { + if ((is_string($matches[4][$key])) && (!isset($matchesFound[$match])) && (!isset($matchesFound[$key."_".$matches[4][$key]]))) { // Replace it in the code - $code = str_replace("[".$matches[4][$key]."]", "['".$matches[4][$key]."']", $code); + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):key={$key},match={$match}
\n"; + $newMatch = str_replace("[".$matches[4][$key]."]", "['".$matches[4][$key]."']", $match); + $code = str_replace($match, "\".".$newMatch.".\"", $code); $matchesFound[$key."_".$matches[4][$key]] = 1; + $matchesFound[$match] = 1; + } elseif (!isset($matchesFound[$match])) { + // Not yet replaced! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):match={$match}
\n"; + $code = str_replace($match, "\".".$match.".\"", $code); + $matchesFound[$match] = 1; } - } - } + } // END - foreach + } // END - if // Return compiled code return $code; @@ -1081,7 +1054,7 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { * $array - Das 3-dimensionale Array, das paralell sortiert werden soll * * $a_sort - Array, das die Sortiereihenfolge der ersten Elementeben * * $primary_key - Prim.rschl.ssel aus $a_sort, nach dem sortiert wird * - * $order - Sortiereihenfolge: -1 = A-Z, 0 = keine, 1 = Z-A * + * $order - Sortiereihenfolge: -1 = a-Z, 0 = keine, 1 = Z-a * * $nums - true = Als Zahlen sortieren, false = Als Zeichen sortieren * * * * $a_sort muss Elemente enthalten, deren Wert Schluessel von $array * @@ -1092,259 +1065,275 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { function array_pk_sort(&$array, $a_sort, $primary_key = 0, $order = -1, $nums = false) { $dummy = $array; - while ($primary_key < count($a_sort)) - { - foreach ($dummy[$a_sort[$primary_key]] as $key=>$value) - { - foreach ($dummy[$a_sort[$primary_key]] as $key2=>$value2) - { + while ($primary_key < count($a_sort)) { + foreach ($dummy[$a_sort[$primary_key]] as $key => $value) { + foreach ($dummy[$a_sort[$primary_key]] as $key2 => $value2) { $match = false; - if (!$nums) - { + if (!$nums) { // Sort byte-by-byte (also numbers will be interpreted as chars! E.g.: "9" > "10") if (($key != $key2) && (strcmp(strtolower($dummy[$a_sort[$primary_key]][$key]), strtolower($dummy[$a_sort[$primary_key]][$key2])) == $order)) $match = true; - } - elseif ($key != $key2) - { + } elseif ($key != $key2) { // Sort numbers (E.g.: 9 < 10) if (($dummy[$a_sort[$primary_key]][$key] < $dummy[$a_sort[$primary_key]][$key2]) && ($order == -1)) $match = true; if (($dummy[$a_sort[$primary_key]][$key] > $dummy[$a_sort[$primary_key]][$key2]) && ($order == 1)) $match = true; } - if ($match) - { + + if ($match) { // We have found two different values, so let's sort whole array - foreach ($dummy as $sort_key=>$sort_val) - { + foreach ($dummy as $sort_key => $sort_val) { $t = $dummy[$sort_key][$key]; $dummy[$sort_key][$key] = $dummy[$sort_key][$key2]; $dummy[$sort_key][$key2] = $t; unset($t); - } - } - } - } + } // END - foreach + } // END - if + } // END - foreach + } // END - foreach // Count one up $primary_key++; - } + } // END - while // Write back sorted array $array = $dummy; } // -function ADD_SELECTION($TYPE, $DEFAULT, $PREFIX="", $id="0") -{ - global $MONTH_DESCR; $OUT = ""; - if ($TYPE == "yn") - { +function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0") { + global $MONTH_DESCR; + $OUT = ""; + + if ($type == "yn") { // This is a yes/no selection only! - if ($id > 0) $PREFIX .= "[".$id."]"; - $OUT .= " \n"; + } else { // Begin with regular selection box here - if (!empty($PREFIX)) $PREFIX .= "_"; - $TYPE2 = $TYPE; - if ($id > 0) $TYPE2 .= "[".$id."]"; - $OUT .= " \n"; } - switch ($TYPE) - { + + switch ($type) { case "day": // Day - for ($idx = 1; $idx < 32; $idx++) - { - $OUT .= " \n"; + } // END - for break; case "month": // Month - foreach ($MONTH_DESCR as $month=>$descr) - { - $OUT .= " \n"; + } // END - for break; case "year": // Year // Get current year - $YEAR = date("Y", time()); + $YEAR = date('Y', time()); + + // Use configured min age or fixed? + if (GET_EXT_VERSION("other") >= "0.2.1") { + // Configured + $startYear = $YEAR - getConfig('min_age'); + } else { + // Fixed 16 years + $startYear = $YEAR - 16; + } + + // Calculate earliest year (100 years old people can still enter Internet???) + $minYear = $YEAR - 100; // Check if the default value is larger than minimum and bigger than actual year - if (($DEFAULT > 1930) && ($DEFAULT >= $YEAR)) - { - for ($idx = $YEAR; $idx < ($YEAR + 11); $idx++) - { - $OUT .= " \n"; + } // END - for + } elseif ($DEFAULT == -1) { // Current year minus 1 - for ($idx = 2003; $idx <= ($YEAR + 1); $idx++) + for ($idx = $startYear; $idx <= ($YEAR + 1); $idx++) { - $OUT .= " \n"; + $OUT .= "\n"; } - } - else - { - // Get current year and subtract 16 (for erotic content) - $OUT .= " \n"; - $YEAR = date("Y", time()) - 16; - for ($idx = 1930; $idx <= $YEAR; $idx++) - { - $OUT .= " \n"; + // Calculate earliest year depending on extension version + if (GET_EXT_VERSION("other") >= "0.2.1") { + // Use configured minimum age + $YEAR = date('Y', time()) - getConfig('min_age'); + } else { + // Use fixed 16 years age + $YEAR = date('Y', time()) - 16; } + + // Construct year selection list + for ($idx = $minYear; $idx <= $YEAR; $idx++) { + $OUT .= "\n"; + } // END - for break; case "hour": - for ($idx = 0; $idx < 24; $idx++) - { + for ($idx = 0; $idx < 24; $idx++) { if (strlen($idx) == 1) $idx = "0".$idx; - $OUT .= " \n"; + } // END - for break; case "yn": - $OUT .= " \n"; break; } - $OUT .= " \n"; + $OUT .= " \n"; return $OUT; } // function TRANSLATE_YESNO($yn) { - switch ($yn) - { - case "Y": $yn = YES; break; - case "N": $yn = NO; break; - default : $yn = "??? (".$yn.")"; break; + // Default + $yn = "??? (".$yn.")"; + switch ($yn) { + case "Y": $yn = getMessage('YES'); break; + case "N": $yn = getMessage('NO'); break; + default: + // Log unknown value + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown value %s. Expected Y/N!", $yn)); + break; } + + // Return it return $yn; } // // Deprecated : $length // Optional : $DATA // -function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") -{ - global $CONFIG; +function GEN_RANDOM_CODE ($length, $code, $uid, $DATA="") { + // Fix missing _MAX constant + if (!defined('_MAX')) define('_MAX', 15235); // Build server string - $server = $_SERVER['PHP_SELF'].":".getenv('HTTP_USER_AGENT').":".getenv('SERVER_SOFTWARE').":".getenv('REMOTE_ADDR').":".":".filemtime(PATH."inc/databases.php"); + $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(constant('PATH')."inc/databases.php"); // Build key string - $keys = SITE_KEY.":".DATE_KEY.":".$CONFIG['secret_key'].":".$CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", $CONFIG['patch_ctime']).":".$CONFIG['master_salt']; + $keys = constant('SITE_KEY').":".constant('DATE_KEY'); + if (isConfigEntrySet('secret_key')) $keys .= ":".getConfig('secret_key'); + if (isConfigEntrySet('file_hash')) $keys .= ":".getConfig('file_hash'); + $keys .= ":".date("d-m-Y (l-F-T)", bigintval(getConfig('patch_ctime'))); + if (isConfigEntrySet('master_salt')) $keys .= ":".getConfig('master_salt'); // Build string from misc data $data = $code.":".$uid.":".$DATA; // Add more additional data - if (isset($_COOKIE['u_hash'])) $data .= ":".$_COOKIE['u_hash']; - if (isset($GLOBALS['userid'])) $data .= ":".$GLOBALS['userid']; - if (isset($_COOKIE['lifetime'])) $data .= ":".$_COOKIE['lifetime']; - if (isset($_COOKIE['mxchange_theme'])) $data .= ":".$_COOKIE['mxchange_theme']; - if (isset($_COOKIE['mx_lang'])) $data .= ":".$_COOKIE['mx_lang']; - if (isset($GLOBALS['refid'])) $data .= ":".$GLOBALS['refid']; + if (isSessionVariableSet('u_hash')) $data .= ":".get_session('u_hash'); + if (isset($GLOBALS['userid'])) $data .= ":".$GLOBALS['userid']; + if (isSessionVariableSet('mxchange_theme')) $data .= ":".get_session('mxchange_theme'); + if (isSessionVariableSet('mx_lang')) $data .= ":".GET_LANGUAGE(); + if (isset($GLOBALS['refid'])) $data .= ":".$GLOBALS['refid']; // Calculate number for generating the code - $a = $code + _ADD - 1; + $a = $code + constant('_ADD') - 1; - // Generate hash with master salt from modula of number with the prime number and other data - $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $CONFIG['master_salt']); + if (isConfigEntrySet('master_hash')) { + // Generate hash with master salt from modula of number with the prime number and other data + $saltedHash = generateHash(($a % constant('_PRIME')).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, getConfig('master_salt')); + + // Create number from hash + $rcode = hexdec(substr($saltedHash, strlen(getConfig('master_salt')), 9)) / abs(constant('_MAX') - $a + sqrt(constant('_ADD'))) / pi(); + } else { + // Generate hash with "hash of site key" from modula of number with the prime number and other data + $saltedHash = generateHash(($a % constant('_PRIME')).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, substr(sha1(SITE_KEY), 0, 8)); - // Create number from hash - $rcode = hexdec(substr($saltedHash, strlen($CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi(); + // Create number from hash + $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(constant('_MAX') - $a + sqrt(constant('_ADD'))) / pi(); + } // At least 10 numbers shall be secure enought! - $len = $CONFIG['code_length']; + $len = getConfig('code_length'); + if ($len == 0) $len = $length; if ($len == 0) $len = 10; // Cut off requested counts of number - $return = substr(str_replace('.', '', $rcode), 0, $len); + $return = substr(str_replace('.', "", $rcode), 0, $len); // Done building code return $return; } + // Does only allow numbers -function bigintval($num) -{ - $ret = (int) preg_replace("/[^0123456789]/", "", $num); +function bigintval($num, $castValue = true) { + // Filter all numbers out + $ret = preg_replace("/[^0123456789]/", "", $num); + + // Shall we cast? + if ($castValue) $ret = (double)$ret; + + // Has the whole value changed? + // @TODO Remove this if() block if all is working fine + if ("".$ret."" != "".$num."") { + // Log the values + debug_report_bug("{$ret}<>{$num}"); + } // END - if + + // Return result return $ret; } + // Insert the code in $img_code into jpeg or PNG image -function GENERATE_IMAGE($img_code, $header=true) -{ - global $CONFIG; - if ((strlen($img_code) > 6) || (empty($img_code)) || ($CONFIG['code_length'] == 0)) - { +function GENERATE_IMAGE ($img_code, $headerSent=true) { + if ((strlen($img_code) > 6) || (empty($img_code)) || (getConfig('code_length') == 0)) { // Stop execution of function here because of over-sized code length return; - } - elseif (!$header) - { + } elseif (!$headerSent) { // Return in an HTML code code - return "\n"; + return "\"Image\"\n"; } - switch ($CONFIG['img_type']) - { - case "jpg": - // Loads JPEG image - $img = PATH."/theme/".GET_CURR_THEME()."/images/code_bg.jpg"; - if ((file_exists($img)) && (is_readable($img))) + // Load image + $img = sprintf("%s/theme/%s/images/code_bg.%s", constant('PATH'), GET_CURR_THEME(), getConfig('img_type')); + if (FILE_READABLE($img)) { + // Switch image type + switch (getConfig('img_type')) { + case "jpg": // Okay, load image and hide all errors $image = @imagecreatefromjpeg($img); - } - else - { - // Exit function here - return; - } - break; + break; - case "png": - // Loads PNG image - $img = PATH."/theme/".GET_CURR_THEME()."/images/code_bg.png"; - if ((file_exists($img)) && (is_readable($img))) - { + case "png": // Okay, load image and hide all errors $image = @imagecreatefrompng($img); + break; } - else - { - // Exit function here - return; - } - break; + } else { + // Exit function here + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("File for image type %s not found.", getConfig('img_type'))); + return; } // Generate text color (red/green/blue; 0 = dark, 255 = bright) @@ -1354,11 +1343,10 @@ function GENERATE_IMAGE($img_code, $header=true) imagestring($image, 5, 14, 2, $img_code, $text_color); // Return to browser - header ("Content-Type: image/".$CONFIG['img_type']); + header ("Content-Type: image/".getConfig('img_type')); // Output image with matching image factory - switch ($CONFIG['img_type']) - { + switch (getConfig('img_type')) { case "jpg": imagejpeg($image); break; case "png": imagepng($image); break; } @@ -1366,36 +1354,53 @@ function GENERATE_IMAGE($img_code, $header=true) // Remove image from memory imagedestroy($image); } -function CREATE_TIME_SELECTIONS($timestamp, $prefix="", $display="", $align="center", $return_array=false) -{ - // Calculate 15-seconds timestamp (15-seconds-steps shall be fine ;) ) - $timestamp = round($timestamp / 15) * 15; +// Create selection box or array of splitted timestamp +function CREATE_TIME_SELECTIONS ($timestamp, $prefix="", $display="", $align="center", $return_array=false) { + // Calculate 2-seconds timestamp + $stamp = round($timestamp); + //* DEBUG: */ print("*".$stamp."/".$timestamp."*
"); + // Do we have a leap year? $SWITCH = 0; - $TEST = date("Y", time()) / 4; + $TEST = date('Y', time()) / 4; $M1 = date("m", time()); $M2 = date("m", (time() + $timestamp)); + // If so and if current time is before 02/29 and estimated time is after 02/29 then add 86400 seconds (one day) - if ((floor($TEST) == $TEST) && ($M1 == "02") && ($M2 > "02")) $SWITCH = ONE_DAY; + if ((floor($TEST) == $TEST) && ($M1 == "02") && ($M2 > "02")) $SWITCH = getConfig('one_day'); + // First of all years... $Y = abs(floor($timestamp / (31536000 + $SWITCH))); + //* DEBUG: */ print("Y={$Y}
\n"); // Next months... $M = abs(floor($timestamp / 2628000 - $Y * 12)); + //* DEBUG: */ print("M={$M}
\n"); // Next weeks - $W = abs(floor($timestamp / 604800 - $Y * ((365 + $SWITCH / ONE_DAY) / 7) - ($M / 12 * (365 + $SWITCH / ONE_DAY) / 7))); + $W = abs(floor($timestamp / 604800 - $Y * ((365 + $SWITCH / getConfig('one_day')) / 7) - ($M / 12 * (365 + $SWITCH / getConfig('one_day')) / 7))); + //* DEBUG: */ print("W={$W}
\n"); // Next days... - $D = abs(floor($timestamp / 86400 - $Y * (365 + $SWITCH / ONE_DAY) - ($M / 12 * (365 + $SWITCH / ONE_DAY)) - $W * 7)); + $D = abs(floor($timestamp / 86400 - $Y * (365 + $SWITCH / getConfig('one_day')) - ($M / 12 * (365 + $SWITCH / getConfig('one_day'))) - $W * 7)); + //* DEBUG: */ print("D={$D}
\n"); // Next hours... - $h = abs(floor($timestamp / 3600 - $Y * (365 + $SWITCH / ONE_DAY) * 24 - ($M / 12 * (365 + $SWITCH / ONE_DAY) * 24) - $W * 7 * 24 - $D * 24)); + $h = abs(floor($timestamp / 3600 - $Y * (365 + $SWITCH / getConfig('one_day')) * 24 - ($M / 12 * (365 + $SWITCH / getConfig('one_day')) * 24) - $W * 7 * 24 - $D * 24)); + //* DEBUG: */ print("h={$h}
\n"); // Next minutes.. - $m = abs(floor($timestamp / 60 - $Y * (365 + $SWITCH / ONE_DAY) * 24 * 60 - ($M / 12 * (365 + $SWITCH / ONE_DAY) * 24 * 60) - $W * 7 * 24 * 60 - $D * 24 * 60 - $h * 60)); + $m = abs(floor($timestamp / 60 - $Y * (365 + $SWITCH / getConfig('one_day')) * 24 * 60 - ($M / 12 * (365 + $SWITCH / getConfig('one_day')) * 24 * 60) - $W * 7 * 24 * 60 - $D * 24 * 60 - $h * 60)); + //* DEBUG: */ print("m={$m}
\n"); // And at last seconds... - $s = abs(floor($timestamp - $Y * (365 + $SWITCH / ONE_DAY) * 24 * 3600 - ($M / 12 * (365 + $SWITCH / ONE_DAY) * 24 * 3600) - $W * 7 * 24 * 3600 - $D * 24 * 3600 - $h * 3600 - $m * 60)); + $s = abs(floor($timestamp - $Y * (365 + $SWITCH / getConfig('one_day')) * 24 * 3600 - ($M / 12 * (365 + $SWITCH / getConfig('one_day')) * 24 * 3600) - $W * 7 * 24 * 3600 - $D * 24 * 3600 - $h * 3600 - $m * 60)); + //* DEBUG: */ print("s={$s}
\n"); + + // Is seconds zero and time is < 60 seconds? + if (($s == 0) && ($timestamp < 60)) { + // Fix seconds + $s = round($timestamp); + } // END - if + // // Now we convert them in seconds... // - if ($return_array) - { + if ($return_array) { // Just put all data in an array for later use $OUT = array( 'YEARS' => $Y, @@ -1406,171 +1411,152 @@ function CREATE_TIME_SELECTIONS($timestamp, $prefix="", $display="", $align="cen 'MINUTES' => $m, 'SECONDS' => $s ); - } - else - { + } else { // Generate table - $OUT = "
\n"; - $OUT .= "\n"; - $OUT .= "\n"; - if (ereg("Y", $display) || (empty($display))) - { - $OUT .= " \n"; + $OUT = "
\n"; + $OUT .= "
"._YEARS."
\n"; + $OUT .= "\n"; + + if (ereg('Y', $display) || (empty($display))) { + $OUT .= " \n"; } - if (ereg("M", $display) || (empty($display))) - { - $OUT .= " \n"; + + if (ereg("M", $display) || (empty($display))) { + $OUT .= " \n"; } - if (ereg("W", $display) || (empty($display))) - { - $OUT .= " \n"; + + if (ereg("W", $display) || (empty($display))) { + $OUT .= " \n"; } - if (ereg("D", $display) || (empty($display))) - { - $OUT .= " \n"; + + if (ereg("D", $display) || (empty($display))) { + $OUT .= " \n"; } - if (ereg("h", $display) || (empty($display))) - { - $OUT .= " \n"; + + if (ereg("h", $display) || (empty($display))) { + $OUT .= " \n"; } - if (ereg("m", $display) || (empty($display))) - { - $OUT .= " \n"; + + if (ereg("m", $display) || (empty($display))) { + $OUT .= " \n"; } - if (ereg("s", $display) || (empty($display))) - { - $OUT .= " \n"; + + if (ereg("s", $display) || (empty($display))) { + $OUT .= " \n"; } - $OUT .= "\n"; - $OUT .= "\n"; - if (ereg("Y", $display) || (empty($display))) - { + + $OUT .= "\n"; + $OUT .= "\n"; + + if (ereg('Y', $display) || (empty($display))) { // Generate year selection - $OUT .= " \n"; - } - else - { - $OUT .= "\n"; + $OUT .= " \n"; + } else { + $OUT .= "\n"; } - if (ereg("M", $display) || (empty($display))) - { + + if (ereg("M", $display) || (empty($display))) { // Generate month selection - $OUT .= " \n"; - } - else - { - $OUT .= "\n"; + $OUT .= " \n"; + } else { + $OUT .= "\n"; } - if (ereg("W", $display) || (empty($display))) - { + + if (ereg("W", $display) || (empty($display))) { // Generate week selection - $OUT .= " \n"; - } - else - { - $OUT .= "\n"; + $OUT .= " \n"; + } else { + $OUT .= "\n"; } - if (ereg("D", $display) || (empty($display))) - { + + if (ereg("D", $display) || (empty($display))) { // Generate day selection - $OUT .= " \n"; - } - else - { + $OUT .= " \n"; + } else { $OUT .= "\n"; } - if (ereg("h", $display) || (empty($display))) - { + + if (ereg("h", $display) || (empty($display))) { // Generate hour selection - $OUT .= " \n"; - } - else - { + $OUT .= " \n"; + } else { $OUT .= "\n"; } - if (ereg("m", $display) || (empty($display))) - { + + if (ereg("m", $display) || (empty($display))) { // Generate minute selection - $OUT .= " \n"; - } - else - { + $OUT .= " \n"; + } else { $OUT .= "\n"; } - if (ereg("s", $display) || (empty($display))) - { + + if (ereg("s", $display) || (empty($display))) { // Generate second selection - $OUT .= " \n"; - } - else - { + $OUT .= " \n"; + } else { $OUT .= "\n"; } - $OUT .= "\n"; - $OUT .= "
{--_YEARS--}
"._MONTHS."
{--_MONTHS--}
"._WEEKS."
{--_WEEKS--}
"._DAYS."
{--_DAYS--}
"._HOURS."
{--_HOURS--}
"._MINUTES."
{--_MINUTES--}
".SECS."
{--_SECONDS--}
\n"; - $OUT .= "
\n"; + $OUT .= "\n"; + $OUT .= "\n"; + $OUT .= "\n"; // Return generated HTML code } return $OUT; } // -function CREATE_TIMESTAMP_FROM_SELECTIONS($prefix, $POST) { - $ret = "0"; +function CREATE_TIMESTAMP_FROM_SELECTIONS ($prefix, $POST) { + // Initial return value + $ret = 0; + // Do we have a leap year? $SWITCH = 0; - $TEST = date("Y", time()) / 4; + $TEST = date('Y', time()) / 4; $M1 = date("m", time()); // If so and if current time is before 02/29 and estimated time is after 02/29 then add 86400 seconds (one day) - if ((floor($TEST) == $TEST) && ($M1 == "02") && ($POST[$prefix."_mo"] > "02")) $SWITCH = ONE_DAY; + if ((floor($TEST) == $TEST) && ($M1 == "02") && ($POST[$prefix."_mo"] > "02")) $SWITCH = getConfig('one_day'); // First add years... $ret += $POST[$prefix."_ye"] * (31536000 + $SWITCH); // Next months... @@ -1588,75 +1574,96 @@ function CREATE_TIMESTAMP_FROM_SELECTIONS($prefix, $POST) { // Return calculated value return $ret; } + // Sends out mail to all administrators -function SEND_ADMIN_EMAILS_PRO($subj, $template, $content="", $UID="0") { +// IMPORTANT: Please use SEND_ADMIN_NOTIFCATION() for now! +function SEND_ADMIN_EMAILS_PRO ($subj, $template, $content, $UID) { // Trim template name $template = trim($template); // Load email template $msg = LOAD_EMAIL_TEMPLATE($template, $content, $UID); - if (GET_EXT_VERSION("admins") < "0.4.0") { + if (EXT_VERSION_IS_OLDER("admins", "0.4.0")) { // Older version detected! return SEND_ADMIN_EMAILS($subj, $msg); - } + } // END - if // Check which admin shall receive this mail - $result = SQL_QUERY_ESC("SELECT DISTINCT admin_id FROM "._MYSQL_PREFIX."_admins_mails WHERE mail_template='%s' ORDER BY admin_id", - array($template), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT DISTINCT admin_id FROM `{!_MYSQL_PREFIX!}_admins_mails` WHERE mail_template='%s' ORDER BY admin_id", + array($template), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 0) { // Create new entry (to all admins) - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins_mails (admin_id, mail_template) VALUES (0, '%s')", - array($template), __FILE__, __LINE__); + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins_mails` (admin_id, mail_template) VALUES (0, '%s')", + array($template), __FILE__, __LINE__); } else { // Load admin IDs... $aids = array(); - while(list($aid) = SQL_FETCHROW($result)) { + while (list($aid) = SQL_FETCHROW($result)) { $aids[] = $aid; - } + } // END - while // Free memory SQL_FREERESULT($result); + // Init result + $result = false; + // "implode" IDs and query string $aid = implode(",", $aids); if ($aid == "-1") { - // Add line to userlog - USERLOG_ADD_LINE($subj, $msg, $UID); - return; + if (EXT_IS_ACTIVE("events")) { + // Add line to user events + EVENTS_ADD_LINE($subj, $msg, $UID); + } else { + // Log error for debug + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Extension 'events' missing: tpl=%s,subj=%s,UID=%s", + $template, + $subj, + $UID + )); + } } elseif ($aid == "0") { // Select all email adresses - $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT email FROM `{!_MYSQL_PREFIX!}_admins` ORDER BY `id`", __FILE__, __LINE__); } else { // If Admin-ID is not "to-all" select - $result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE id IN (%s) ORDER BY id", array($aid), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT email FROM `{!_MYSQL_PREFIX!}_admins` WHERE id IN (%s) ORDER BY `id`", array($aid), __FILE__, __LINE__); } } // Load email addresses and send away while (list($email) = SQL_FETCHROW($result)) { SEND_EMAIL($email, $subj, $msg); - } + } // END - while // Free memory SQL_FREERESULT($result); } // -function CREATE_FANCY_TIME($stamp) { +function CREATE_FANCY_TIME ($stamp) { // Get data array with years/months/weeks/days/... $data = CREATE_TIME_SELECTIONS($stamp, "", "", "", true); $ret = ""; - foreach($data as $k=>$v) { + foreach($data as $k => $v) { if ($v > 0) { // Value is greater than 0 "eval" data to return string - $eval = "\$ret .= \", \".\$v.\" \"._".strtoupper($k).";"; + $eval = "\$ret .= \", \".\$v.\" {--_".strtoupper($k)."--}\";"; eval($eval); break; - } + } // END - if + } // END - foreach + + // Do we have something there? + if (strlen($ret) > 0) { + // Remove leading commata and space + $ret = substr($ret, 2); + } else { + // Zero seconds + $ret = "0 {--_SECONDS--}"; } - // Remove first "comma,null" string - $ret = substr($ret, 2); + // Return fancy time string return $ret; } // @@ -1664,7 +1671,7 @@ function ADD_EMAIL_NAV($PAGES, $offset, $show_form, $colspan, $return=false) { $SEP = ""; $TOP = ""; if (!$show_form) { $TOP = " top2"; - $SEP = " "; + $SEP = " "; } $NAV = ""; @@ -1672,10 +1679,10 @@ function ADD_EMAIL_NAV($PAGES, $offset, $show_form, $colspan, $return=false) { // Is the page currently selected or shall we generate a link to it? if (($page == $_GET['page']) || ((empty($_GET['page'])) && ($page == "1"))) { // Is currently selected, so only highlight it - $NAV .= "-"; + $NAV .= "-"; } else { // Open anchor tag and add base URL - $NAV .= " 0)) $NAV .= "&u_id=".bigintval($_GET['u_id']); @@ -1686,10 +1693,10 @@ function ADD_EMAIL_NAV($PAGES, $offset, $show_form, $colspan, $return=false) { $NAV .= $page; if (($page == $_GET['page']) || ((empty($_GET['page'])) && ($page == "1"))) { // Is currently selected, so only highlight it - $NAV .= "-"; + $NAV .= "-"; } else { // Close anchor tag - $NAV .= ""; + $NAV .= ""; } // Add seperator if we have not yet reached total pages @@ -1716,76 +1723,219 @@ function ADD_EMAIL_NAV($PAGES, $offset, $show_form, $colspan, $return=false) { } } -// -function MXCHANGE_OPEN($script) { - // Compile the script name - $script = COMPILE_CODE($script); - +// Extract host from script name +function EXTRACT_HOST (&$script) { // Use default SERVER_URL by default... ;) So? - $url = SERVER_URL; + $url = constant('SERVER_URL'); + + // Is this URL valid? if (substr($script, 0, 7) == "http://") { // Use the hostname from script URL as new hostname $url = substr($script, 7); $extract = explode("/", $url); $url = $extract[0]; // Done extracting the URL :) - } + } // END - if // Extract host name $host = str_replace("http://", "", $url); if (ereg("/", $host)) $host = substr($host, 0, strpos($host, "/")); // Generate relative URL - $script = substr($script, (strlen($url) + 7)); - if (substr($script, 0, 1) == "/") $script = substr($script, 1); - - // Open connection - $fp = @fsockopen($host, 80, $errno, $errdesc, 30); - if (!$fp) - { - // Failed! - return array("", "", ""); + //* DEBUG: */ print("SCRIPT=".$script."
\n"); + if (substr(strtolower($script), 0, 7) == "http://") { + // But only if http:// is in front! + $script = substr($script, (strlen($url) + 7)); + } elseif (substr(strtolower($script), 0, 8) == "https://") { + // Does this work?! + $script = substr($script, (strlen($url) + 8)); } - // Generate request header - $request = "GET /".trim($script)." HTTP/1.0\r\n"; - $request .= "Host: ".$host."\r\n"; - $request .= "Referer: ".URL."/admin.php\r\n"; - $request .= "User-Agent: ".TITLE."/".FULL_VERSION."\r\n\r\n"; + //* DEBUG: */ print("SCRIPT=".$script."
\n"); + if (substr($script, 0, 1) == "/") $script = substr($script, 1); - // Initialize array - $response = array(); + // Return host name + return $host; +} - // Write request - fputs($fp, $request); +// Send a GET request +function GET_URL ($script) { + // Compile the script name + $script = COMPILE_CODE($script); - // Read response - while(!feof($fp)) { - $response[] = fgets($fp, 1024); - } + // Extract host name from script + $host = EXTRACT_HOST($script); - // Close socket - fclose($fp); + // Generate GET request header + $request = "GET /" . trim($script) . " HTTP/1.1\r\n"; + $request .= "Host: " . $host . "\r\n"; + $request .= "Referer: " . constant('URL') . "/admin.php\r\n"; + $request .= "User-Agent: " . constant('TITLE') . "/" . constant('FULL_VERSION') . "\r\n"; + $request .= "Content-Type: text/plain\r\n"; + $request .= "Cache-Control: no-cache\r\n"; + $request .= "Connection: Close\r\n\r\n"; - // Was the request successfull? - if ((!ereg("200 OK", $response[0])) && (empty($response[0]))) { - // Not found / access forbidden - $response = array("", "", ""); - } + // Send the raw request + $response = SEND_RAW_REQUEST($host, $request); - // Return response + // Return the result to the caller function return $response; } -// Taken from www.php.net eregi() user comments -function VALIDATE_EMAIL($email) { - // Compile email - $email = COMPILE_CODE($email); - - // Check first part of email address - $first = "[-a-z0-9!#$%&\'*+/=?^_<{|}~]+(\.[-a-zA-Z0-9!#$%&\'*+/=?^_<{|}~]+)*"; - // Check domain - $domain = "[a-z0-9-]+(\.[a-z0-9-]{2,5})+"; +// Send a POST request +function POST_URL ($script, $postData) { + // Is postData an array? + if (!is_array($postData)) { + // Abort here + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("postData is not an array. Type: %s", gettype($postData))); + return array("", "", ""); + } // END - if + + // Compile the script name + $script = COMPILE_CODE($script); + + // Extract host name from script + $host = EXTRACT_HOST($script); + + // Construct request + $data = http_build_query($postData, '','&'); + + // Generate POST request header + $request = "POST /" . trim($script) . " HTTP/1.1\r\n"; + $request .= "Host: " . $host . "\r\n"; + $request .= "Referer: " . constant('URL') . "/admin.php\r\n"; + $request .= "User-Agent: " . constant('TITLE') . "/" . constant('FULL_VERSION') . "\r\n"; + $request .= "Content-type: application/x-www-form-urlencoded\r\n"; + $request .= "Content-length: " . strlen($data) . "\r\n"; + $request .= "Cache-Control: no-cache\r\n"; + $request .= "Connection: Close\r\n\r\n"; + $request .= $data; + + // Send the raw request + $response = SEND_RAW_REQUEST($host, $request); + + // Return the result to the caller function + return $response; +} + +// Sends a raw request to another host +function SEND_RAW_REQUEST ($host, $request) { + // Initialize array + $response = array("", "", ""); + + // Default is not to use proxy + $useProxy = false; + + // Are proxy settins set? + if ((getConfig('proxy_host') != "") && (getConfig('proxy_port') > 0)) { + // Then use it + $useProxy = true; + } // END - if + + // Open connection + //* DEBUG: */ die("SCRIPT=".$script."
\n"); + if ($useProxy) { + $fp = @fsockopen(COMPILE_CODE(getConfig('proxy_host')), getConfig('proxy_port'), $errno, $errdesc, 30); + } else { + $fp = @fsockopen($host, 80, $errno, $errdesc, 30); + } + + // Is there a link? + if (!is_resource($fp)) { + // Failed! + return $response; + } // END - if + + // Do we use proxy? + if ($useProxy) { + // Generate CONNECT request header + $proxyTunnel = "CONNECT ".$host.":80 HTTP/1.1\r\n"; + $proxyTunnel .= "Host: ".$host."\r\n"; + + // Use login data to proxy? (username at least!) + if (getConfig('proxy_username') != "") { + // Add it as well + $encodedAuth = base64_encode(COMPILE_CODE(getConfig('proxy_username')).":".COMPILE_CODE(getConfig('proxy_password'))); + $proxyTunnel .= "Proxy-Authorization: Basic ".$encodedAuth."\r\n"; + } // END - if + + // Add last new-line + $proxyTunnel .= "\r\n"; + //* DEBUG: */ print("proxyTunnel=
".$proxyTunnel."
"); + + // Write request + fputs($fp, $proxyTunnel); + + // Got response? + if (feof($fp)) { + // No response received + return $response; + } // END - if + + // Read the first line + $resp = trim(fgets($fp, 10240)); + $respArray = explode(" ", $resp); + if ((strtolower($respArray[0]) !== "http/1.0") || ($respArray[1] != "200")) { + // Invalid response! + return $response; + } // END - if + } // END - if + + // Write request + fputs($fp, $request); + + // Read response + while(!feof($fp)) { + $response[] = trim(fgets($fp, 1024)); + } // END - while + + // Close socket + fclose($fp); + + // Skip first empty lines + $resp = $response; + foreach ($resp as $idx => $line) { + // Trim space away + $line = trim($line); + + // Is this line empty? + if (empty($line)) { + // Then remove it + array_shift($response); + } else { + // Abort on first non-empty line + break; + } + } // END - foreach + + //* DEBUG: */ print("Response:
".print_r($response, true)."
"); + + // Proxy agent found? + if ((substr(strtolower($response[0]), 0, 11) == "proxy-agent") && ($useProxy)) { + // Proxy header detected, so remove two lines + array_shift($response); + array_shift($response); + } // END - if + + // Was the request successfull? + if ((!eregi("200 OK", $response[0])) || (empty($response[0]))) { + // Not found / access forbidden + $response = array("", "", ""); + } // END - if + + // Return response + return $response; +} +// Taken from www.php.net eregi() user comments +function VALIDATE_EMAIL($email) { + // Compile email + $email = COMPILE_CODE($email); + + // Check first part of email address + $first = "[-a-z0-9!#$%&\'*+/=?^_<{|}~]+(\.[-a-zA-Z0-9!#$%&\'*+/=?^_<{|}~]+)*"; + + // Check domain + $domain = "[a-z0-9-]+(\.[a-z0-9-]{2,5})+"; // Generate pattern $regex = "^".$first."@".$domain."$"; @@ -1793,15 +1943,16 @@ function VALIDATE_EMAIL($email) { // Return check result return eregi($regex, $email); } + // Function taken from user comments on www.php.net / function eregi() function VALIDATE_URL ($URL, $compile=true) { // Trim URL a little $URL = trim(urldecode($URL)); - //* DEBUG: */ echo $URL."
"; + //* DEBUG: */ echo $URL."
"; // Compile some chars out... - if ($compile) $URL = COMPILE_CODE($URL, false, false, false); - //* DEBUG: */ echo $URL."
"; + if ($compile) $URL = compileUriCode($URL, false, false, false); + //* DEBUG: */ echo $URL."
"; // Check for the extension filter if (EXT_IS_ACTIVE("filter")) { @@ -1811,10 +1962,11 @@ function VALIDATE_URL ($URL, $compile=true) { // If not installed, perform a simple test. Just make it sure there is always a http:// or // https:// in front of the URLs - return (((substr($URL, 0, 7) == "http://") || (substr($URL, 0, 8) == "https://")) && (strlen($URL) >= 12)); + return isUrlValid($URL); } + // -function MEMBER_ACTION_LINKS($uid, $status="") { +function MEMBER_ACTION_LINKS ($uid, $status = "") { // Define all main targets $TARGETS = array("del_user", "edit_user", "lock_user", "add_points", "sub_points"); @@ -1822,7 +1974,7 @@ function MEMBER_ACTION_LINKS($uid, $status="") { $eval = "\$OUT = \"[ "; foreach ($TARGETS as $tar) { - $eval .= "\n"; if (($tar == "lock_user") && ($status == "LOCKED")) { // Locked accounts shall be unlocked @@ -1831,7 +1983,7 @@ function MEMBER_ACTION_LINKS($uid, $status="") { // All other status is fine $eval .= strtoupper($tar); } - $eval .= "_TITLE.\"\\\">\".ADMIN_"; + $eval .= "_TITLE--}\\\">{--ADMIN_"; if (($tar == "lock_user") && ($status == "LOCKED")) { // Locked accounts shall be unlocked $eval .= "UNLOCK_USER"; @@ -1839,23 +1991,26 @@ function MEMBER_ACTION_LINKS($uid, $status="") { // All other status is fine $eval .= strtoupper($tar); } - $eval .= ".\" | "; + $eval .= "--} | "; } // Finish navigation link - $eval = substr($eval, 0, -7) . "]\";"; + $eval = substr($eval, 0, -7)."]\";"; eval($eval); // Return string return $OUT; } + // Function for backward-compatiblity +// @TODO Can this function be deprecated? function ADD_CATEGORY_TABLE ($MODE, $return=false) { // Load it from the register extension return REGISTER_ADD_CATEGORY_TABLE ($MODE, $return); } + // Generate an email link -function CREATE_EMAIL_LINK($email, $table="admins") { +function CREATE_EMAIL_LINK ($email, $table = "admins") { // Default email link (INSECURE! Spammer can read this by harvester programs) $EMAIL = "mailto:".$email; @@ -1863,7 +2018,7 @@ function CREATE_EMAIL_LINK($email, $table="admins") { if ((EXT_IS_ACTIVE("admins")) && ($table == "admins")) { // Create email link for contacting admin in guest area $EMAIL = ADMINS_CREATE_EMAIL_LINK($email); - } elseif ((GET_EXT_VERSION("user") >= "0.3.3") && ($table == "user_data")) { + } elseif ((EXT_IS_ACTIVE("user")) && (GET_EXT_VERSION("user") >= "0.3.3") && ($table == "user_data")) { // Create email link for contacting a member within admin area (or later in other areas, too?) $EMAIL = USER_CREATE_EMAIL_LINK($email); } elseif ((EXT_IS_ACTIVE("sponsor")) && ($table == "sponsor_data")) { @@ -1878,53 +2033,57 @@ function CREATE_EMAIL_LINK($email, $table="admins") { return $EMAIL; } // Generate a hash for extra-security for all passwords -function generateHash($plainText, $salt = "") { - global $CONFIG, $_SERVER; +function generateHash ($plainText, $salt = "") { + global $_SERVER; - // Is the required extension "sql_patches" there? - if ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) { - // Extension sql_patches is missing/outdated so we return the plain text - return $plainText; - } + // Is the required extension "sql_patches" there and a salt is not given? + if (((EXT_VERSION_IS_OLDER("sql_patches", "0.3.6")) || (!EXT_IS_ACTIVE("sql_patches"))) && (empty($salt))) { + // Extension sql_patches is missing/outdated so we hash the plain text with MD5 + return md5($plainText); + } // END - if + + // Do we miss an arry element here? + if (!isConfigEntrySet('file_hash')) { + // Stop here + debug_report_bug("Missing file_hash in ".__FUNCTION__."."); + } // END - if // When the salt is empty build a new one, else use the first x configured characters as the salt - if ($salt == "") { + if (empty($salt)) { // Build server string - $server = $_SERVER['PHP_SELF'].":".getenv('HTTP_USER_AGENT').":".getenv('SERVER_SOFTWARE').":".getenv('REMOTE_ADDR').":".":".filemtime(PATH."inc/databases.php"); + $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(constant('PATH')."inc/databases.php"); // Build key string - $keys = SITE_KEY.":".DATE_KEY.":".$CONFIG['secret_key'].":".$CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", $CONFIG['patch_ctime']).":".$CONFIG['master_salt']; + $keys = constant('SITE_KEY').":".constant('DATE_KEY').":".getConfig('secret_key').":".getConfig('file_hash').":".date("d-m-Y (l-F-T)", bigintval(getConfig('patch_ctime'))).":".getConfig('master_salt'); // Additional data - $data = $plainText.":".uniqid(rand(), true).":".time(); + $data = $plainText.":".uniqid(mt_rand(), true).":".time(); // Calculate number for generating the code - $a = time() + _ADD - 1; + $a = time() + constant('_ADD') - 1; // Generate SHA1 sum from modula of number and the prime number - $sha1 = sha1(($a % _PRIME).$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a); - //* DEBUG: */ echo "SHA1=".$sha1." (".strlen($sha1).")
"; + $sha1 = sha1(($a % constant('_PRIME')).$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a); + //* DEBUG: */ echo "SHA1=".$sha1." (".strlen($sha1).")
"; $sha1 = scrambleString($sha1); - //* DEBUG: */ echo "Scrambled=".$sha1." (".strlen($sha1).")
"; + //* DEBUG: */ echo "Scrambled=".$sha1." (".strlen($sha1).")
"; //* DEBUG: */ $sha1b = descrambleString($sha1); - //* DEBUG: */ echo "Descrambled=".$sha1b." (".strlen($sha1b).")
"; + //* DEBUG: */ echo "Descrambled=".$sha1b." (".strlen($sha1b).")
"; // Generate the password salt string - $salt = substr($sha1, 0, $CONFIG['salt_length']); - //* DEBUG: */ echo $salt." (".strlen($salt).")
"; - } - else - { - $salt = substr($salt, 0, $CONFIG['salt_length']); + $salt = substr($sha1, 0, getConfig('salt_length')); + //* DEBUG: */ echo $salt." (".strlen($salt).")
"; + } else { + // Use given salt + $salt = substr($salt, 0, getConfig('salt_length')); + //* DEBUG: */ echo "GIVEN={$salt}
\n"; } // Return hash - return $salt . sha1($salt . $plainText); + return $salt.sha1($salt.$plainText); } // function scrambleString($str) { - global $CONFIG; - // Init $scrambled = ""; @@ -1934,56 +2093,52 @@ function scrambleString($str) { return $str; } elseif (strlen($str) == 40) { // From database - $scrambleNums = explode(":", $CONFIG['pass_scramble']); + $scrambleNums = explode(":", getConfig('pass_scramble')); } else { // Generate new numbers $scrambleNums = explode(":", genScrambleString(strlen($str))); } // Scramble string here - //* DEBUG: */ echo "***Original=".$str."***
"; + //* DEBUG: */ echo "***Original=".$str."***
"; for ($idx = 0; $idx < strlen($str); $idx++) { // Get char on scrambled position $char = substr($str, $scrambleNums[$idx], 1); // Add it to final output string $scrambled .= $char; - } + } // END - for // Return scrambled string - //* DEBUG: */ echo "***Scrambled=".$scrambled."***
"; + //* DEBUG: */ echo "***Scrambled=".$scrambled."***
"; return $scrambled; } // -function descrambleString($str) -{ - global $CONFIG; +function descrambleString($str) { // Scramble only 40 chars long strings if (strlen($str) != 40) return $str; // Load numbers from config - $scrambleNums = explode(":", $CONFIG['pass_scramble']); + $scrambleNums = explode(":", getConfig('pass_scramble')); // Validate numbers if (count($scrambleNums) != 40) return $str; // Begin descrambling $orig = str_repeat(" ", 40); - //* DEBUG: */ echo "+++Scrambled=".$str."+++
"; - for ($idx = 0; $idx < 40; $idx++) - { + //* DEBUG: */ echo "+++Scrambled=".$str."+++
"; + for ($idx = 0; $idx < 40; $idx++) { $char = substr($str, $idx, 1); $orig = substr_replace($orig, $char, $scrambleNums[$idx], 1); - } + } // END - for // Return scrambled string - //* DEBUG: */ echo "+++Original=".$orig."+++
"; + //* DEBUG: */ echo "+++Original=".$orig."+++
"; return $orig; } // -function genScrambleString($len) { - // Prepare randomizer and array for the numbers - mt_srand((double) microtime() * 1000000); +function genScrambleString ($len) { + // Prepare array for the numbers $scrambleNumbers = array(); // First we need to setup randomized numbers from 0 to 31 @@ -1994,84 +2149,81 @@ function genScrambleString($len) { // Check for it by creating more numbers while (array_key_exists($rand, $scrambleNumbers)) { $rand = mt_rand(0, ($len -1)); - } + } // END - while // Add number $scrambleNumbers[$rand] = $rand; - } + } // END - for // So let's create the string for storing it in database $scrambleString = implode(":", $scrambleNumbers); return $scrambleString; } -// Append data like session ID referral ID to the given URL which would + +// Append data like session ID or referal ID to the given URL which would // normally be stored in cookies -function ADD_URL_DATA($URL) -{ - global $_GET, $CONFIG; +function ADD_URL_DATA ($URL) { + // Init add $ADD = ""; // Determine URL binder $BIND = "?"; - if (strpos($URL, "?") !== false) $BIND = "&"; + if (strpos($URL, "?") !== false) $BIND = "&"; if ((!defined('__COOKIES')) || ((!__COOKIES))) { // Cookies are not accepted if ((!empty($_GET['refid'])) && (strpos($URL, "refid=") == 0)) { // Cookie found in URL $ADD .= $BIND."refid=".bigintval($_GET['refid']); - } elseif ((GET_EXT_VERSION("sql_patches") != "") && ($CONFIG['def_refid'] > 0)) { + } elseif ((GET_EXT_VERSION("sql_patches") != '') && (getConfig('def_refid') > 0)) { // Not found! So let's set default here - $ADD .= $BIND."refid=".$CONFIG['def_refid']; - } - - // Is there already added data? Then change the binder - if (!empty($ADD)) $BIND = "&"; - - // Add session ID - if ((!empty($_GET['PHPSESSID'])) && (strpos($URL, "PHPSESSID=") == 0)) { - // Add session from URL - $ADD .= $BIND."PHPSESSID=".SQL_ESCAPE(strip_tags($_GET['PHPSESSID'])); - } else { - // Add current session - $ADD .= $BIND."PHPSESSID=".session_id(); + $ADD .= $BIND."refid=".getConfig('def_refid'); } - } + } // END - if // Add all together and return it - return $URL.$ADD; + return $URL . $ADD; } -// -function generatePassString($passHash) { - global $CONFIG; - $ret = "*FAILED*"; + +// Generate an PGP-like encrypted hash of given hash for e.g. cookies +function generatePassString ($passHash) { + // Return vanilla password hash + $ret = $passHash; // Is a secret key and master salt already initialized? - if ((!empty($CONFIG['secret_key'])) && (!empty($CONFIG['master_salt']))) { + if ((getConfig('secret_key') != "") && (getConfig('master_salt') != "")) { // Only calculate when the secret key is generated $newHash = ""; $start = 9; for ($idx = 0; $idx < 10; $idx++) { $part1 = hexdec(substr($passHash, $start, 4)); - $part2 = hexdec(substr($CONFIG['secret_key'], $start, 4)); + $part2 = hexdec(substr(getConfig('secret_key'), $start, 4)); $mod = dechex($idx); if ($part1 > $part2) { - $mod = dechex(sqrt(($part1 - $part2) * _PRIME / pi())); + $mod = dechex(sqrt(($part1 - $part2) * constant('_PRIME') / pi())); } elseif ($part2 > $part1) { - $mod = dechex(sqrt(($part2 - $part1) * _PRIME / pi())); + $mod = dechex(sqrt(($part2 - $part1) * constant('_PRIME') / pi())); } $mod = substr(round($mod), 0, 4); $mod = str_repeat('0', 4-strlen($mod)).$mod; - //* DEBUG: */ echo "*".$start."=".$mod."*
"; + //* DEBUG: */ echo "*".$start."=".$mod."*
"; $start += 4; $newHash .= $mod; - } - //* DEBUG: */ die($passHash."
".$newHash." (".strlen($newHash).")"); - $ret = generateHash($newHash, $CONFIG['master_salt']); + } // END - for + + //* DEBUG: */ print($passHash."
".$newHash." (".strlen($newHash).")"); + $ret = generateHash($newHash, getConfig('master_salt')); + //* DEBUG: */ print($ret."
\n"); + } else { + // Hash it simple + //* DEBUG: */ echo "--".$passHash."--
\n"; + $ret = md5($passHash); + //* DEBUG: */ echo "++".$ret."++
\n"; } // Return result return $ret; } + // Fix "deleted" cookies function FIX_DELETED_COOKIES ($cookies) { // Is this an array with entries? @@ -2079,41 +2231,1291 @@ function FIX_DELETED_COOKIES ($cookies) { // Then check all cookies if they are marked as deleted! foreach ($cookies as $cookieName) { // Is the cookie set to "deleted"? - if ((isset($_COOKIE[$cookieName])) && ($_COOKIE[$cookieName] == "deleted")) { - unset($_COOKIE[$cookieName]); + if (get_session($cookieName) == "deleted") { + set_session($cookieName, ""); } - } - } + } // END - foreach + } // END - if } + // Output error messages in a fasioned way and die... function mxchange_die ($msg) { - global $FOOTER; + // Load header + LOAD_INC_ONCE("inc/header.php"); // Load the message template LOAD_TEMPLATE("admin_settings_saved", false, $msg); // Load footer - include(PATH."inc/footer.php"); + LOAD_INC_ONCE("inc/footer.php"); // Exit explicitly exit; } + +// Display parsing time and number of SQL queries in footer +function DISPLAY_PARSING_TIME_FOOTER() { + // Is the timer started? + if (!isset($GLOBALS['startTime'])) { + // Abort here + return false; + } // END - if + + // Get end time + $endTime = microtime(true); + + // "Explode" both times + $start = explode(" ", $GLOBALS['startTime']); + $end = explode(" ", $endTime); + $runTime = $end[0] - $start[0]; + if ($runTime < 0) $runTime = 0; + $runTime = TRANSLATE_COMMA($runTime); + + // Prepare output + $content = array( + 'runtime' => $runTime, + 'numSQLs' => (getConfig('sql_count') + 1), + 'numTemplates' => (getConfig('num_templates') + 1) + ); + + // Load the template + LOAD_TEMPLATE("show_timings", false, $content); +} + +// Unset/set session variables +function set_session ($var, $value) { + // Abort in CSS mode here + if ($GLOBALS['output_mode'] == 1) return true; + + // Trim value and session variable + $var = trim(SQL_ESCAPE($var)); $value = trim($value); + + // Is the session variable set? + if (("".$value."" == "") && (isSessionVariableSet($var))) { + // Remove the session + //* DEBUG: */ echo "UNSET:".$var."=".get_session($var)."
\n"; + unset($_SESSION[$var]); + return session_unregister($var); + } elseif (("".$value."" != '') && (!isSessionVariableSet($var))) { + // Set session + //* DEBUG: */ echo "SET:".$var."=".$value."
\n"; + $_SESSION[$var] = $value; + return session_register($var); + } elseif (!empty($value)) { + // Update session + //* DEBUG: */ echo "UPDATE:".$var."=".$value."
\n"; + $_SESSION[$var] = $value; + return true; + } + + // Ignored (but valid) + //* DEBUG: */ echo "IGNORED:".$var."=".$value."
\n"; + return true; +} + +// Check wether a boolean constant is set +// Taken from user comments in PHP documentation for function constant() +function isBooleanConstantAndTrue($constName) { // : Boolean + // Failed by default + $res = false; + + // In cache? + if (isset($GLOBALS['cache_array']['const'][$constName])) { + // Use cache + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$constName."-CACHE!
\n"; + $res = $GLOBALS['cache_array']['const'][$constName]; + } else { + // Check constant + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$constName."-RESOLVE!
\n"; + if (defined($constName)) $res = (constant($constName) === true); + + // Set cache + $GLOBALS['cache_array']['const'][$constName] = $res; + } + //* DEBUG: */ var_dump($res); + + // Return value + return $res; +} + +// Check wether a session variable is set +function isSessionVariableSet ($var) { + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):var={$var}
\n"; + return (isset($_SESSION[$var])); +} +// Returns wether the value of the session variable or NULL if not set +function get_session ($var) { + // Default is not found! ;-) + $value = null; + + // Is the variable there or cached values? + if (isset($GLOBALS['cache_array']['session'][$var])) { + // Get cached value (skips a lot SQL_ESCAPE() calles! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$var."-CACHE!
\n"; + $value = $GLOBALS['cache_array']['session'][$var]; + } elseif (isSessionVariableSet($var)) { + // Then get it secured! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$var."-RESOLVE!
\n"; + $value = SQL_ESCAPE($_SESSION[$var]); + + // Cache the value + $GLOBALS['cache_array']['session'][$var] = $value; + } // END - if + + // Return the value + return $value; +} + +// Send notification to admin +function SEND_ADMIN_NOTIFICATION($subject, $templateName, $content=array(), $uid="0") { + if (GET_EXT_VERSION("admins") >= "0.4.1") { + // Send new way + SEND_ADMIN_EMAILS_PRO($subject, $templateName, $content, $uid); + } else { + // Send outdated way + $msg = LOAD_EMAIL_TEMPLATE($templateName, $content, $uid); + SEND_ADMIN_EMAILS($subject, $msg); + } +} + +// Destroy user session +function destroy_user_session () { + // Reset userid + $GLOBALS['userid'] = 0; + + // Remove all user data from session + return ((set_session('userid', "")) && (set_session('u_hash', ""))); +} + +// Merges an array together but only if both are arrays +function merge_array ($array1, $array2) { + // Are both an array? + if ((is_array($array1)) && (is_array($array2))) { + // Merge all together + return array_merge($array1, $array2); + } elseif (is_array($array1)) { + // Return left array + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("array2 is not an array. array != %s", gettype($array2))); + return $array1; + } elseif (is_array($array2)) { + // Return right array + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("array1 is not an array. array != %s", gettype($array1))); + return $array2; + } + + // Both are not arrays + debug_report_bug(__FUNCTION__.": No arrays provided!"); +} + +// Debug message logger +function DEBUG_LOG ($funcFile, $line, $message, $force=true) { + // Is debug mode enabled? + if ((isBooleanConstantAndTrue('DEBUG_MODE')) || ($force === true)) { + // Log this message away + $fp = fopen(constant('PATH')."inc/cache/debug.log", 'a') or mxchange_die("Cannot write logfile debug.log!"); + fwrite($fp, date("d.m.Y|H:i:s", time())."|".basename($funcFile)."|".$line."|".strip_tags($message)."\n"); + fclose($fp); + } // END - if +} + +// Reads a directory with PHP files in and gets only files back +function GET_DIR_AS_ARRAY ($baseDir, $prefix) { + $INCs = array(); + + // Open directory + $dirPointer = opendir($baseDir) or mxchange_die("Cannot read ".basename($baseDir)." path!"); + + // Read all entries + while ($baseFile = readdir($dirPointer)) { + // Load file only if extension is active + // Make full path + $FQFN = $baseDir.$baseFile; + + // Is this a valid reset file? + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):baseDir={$baseDir},prefix={$prefix},baseFile={$baseFile}
\n"; + if ((FILE_READABLE($FQFN)) && (substr($baseFile, 0, strlen($prefix)) == $prefix) && (substr($baseFile, -4, 4) == ".php")) { + // Remove both for extension name + $extName = substr($baseFile, strlen($prefix), -4); + + // Try to find it + $extId = GET_EXT_ID($extName); + + // Is the extension valid and active? + if (($extId > 0) && (EXT_IS_ACTIVE($extName))) { + // Then add this file + $INCs[] = $FQFN; + } elseif ($extId == 0) { + // Add non-extension files as well + $INCs[] = $FQFN; + } + } // END - if + } // END - while + + // Close directory + closedir($dirPointer); + + // Sort array + asort($INCs); + + // Return array with include files + return $INCs; +} +// Load more reset scripts +function RESET_ADD_INCLUDES () { + // Is the reset set or old sql_patches? + if ((!defined('__DAILY_RESET')) || (EXT_VERSION_IS_OLDER("sql_patches", "0.4.5"))) { + // Then abort here + return array(); + } // END - if + + // Get more daily reset scripts + $INC_POOL = GET_DIR_AS_ARRAY(constant('PATH')."inc/reset/", "reset_"); + + // Update database + if (!defined('DEBUG_RESET')) UPDATE_CONFIG("last_update", time()); + + // Create current week mark + $currWeek = date("W", time()); + + // Has it changed? + if (getConfig('last_week') != $currWeek) { + // Include weekly reset scripts + $INC_POOL = merge_array($INC_POOL, GET_DIR_AS_ARRAY(constant('PATH')."inc/weekly/", "weekly_")); + + // Update config + if (!defined('DEBUG_WEEKLY')) UPDATE_CONFIG("last_week", $currWeek); + } // END - if + + // Create current month mark + $currMonth = date("m", time()); + + // Has it changed? + if (getConfig('last_month') != $currMonth) { + // Include monthly reset scripts + $INC_POOL = merge_array($INC_POOL, GET_DIR_AS_ARRAY(constant('PATH')."inc/monthly/", "monthly_")); + + // Update config + if (!defined('DEBUG_MONTHLY')) UPDATE_CONFIG("last_month", $currMonth); + } // END - if + + // Return array + return $INC_POOL; +} +// Handle extra values +function HANDLE_EXTRA_VALUES ($filterFunction, $value, $extraValue) { + // Default is the value itself + $ret = $value; + + // Do we have a special filter function? + if (!empty($filterFunction)) { + // Does the filter function exist? + if (function_exists($filterFunction)) { + // Do we have extra parameters here? + if (!empty($extraValue)) { + // Put both parameters in one new array by default + $args = array($value, $extraValue); + + // If we have an array simply use it and pre-extend it with our value + if (is_array($extraValue)) { + // Make the new args array + $args = merge_array(array($value), $extraValue); + } // END - if + + // Call the multi-parameter call-back + $ret = call_user_func_array($filterFunction, $args); + } else { + // One parameter call + $ret = call_user_func($filterFunction, $value); + } + } // END - if + } // END - if + + // Return the value + return $ret; +} +// Check if given FQFN is a readable file +function FILE_READABLE($fqfn) { + // Check all... + return ((file_exists($fqfn)) && (is_file($fqfn)) && (is_readable($fqfn))); +} +// Converts timestamp selections into a timestamp +function CONVERT_SELECTIONS_TO_TIMESTAMP(&$POST, &$DATA, &$id, &$skip) { + // Init test variable + $test2 = ""; + + // Get last three chars + $test = substr($id, -3); + + // Improved way of checking! :-) + if (in_array($test, array("_ye", "_mo", "_we", "_da", "_ho", "_mi", "_se"))) { + // Found a multi-selection for timings? + $test = substr($id, 0, -3); + if ((isset($POST[$test."_ye"])) && (isset($POST[$test."_mo"])) && (isset($POST[$test."_we"])) && (isset($POST[$test."_da"])) && (isset($POST[$test."_ho"])) && (isset($POST[$test."_mi"])) && (isset($POST[$test."_se"])) && ($test != $test2)) { + // Generate timestamp + $POST[$test] = CREATE_TIMESTAMP_FROM_SELECTIONS($test, $POST); + $DATA[] = sprintf("%s='%s'", $test, $POST[$test]); + + // Remove data from array + foreach (array("ye", "mo", "we", "da", "ho", "mi", "se") as $rem) { + unset($POST[$test."_".$rem]); + } // END - foreach + + // Skip adding + unset($id); $skip = true; $test2 = $test; + } // END - if + } else { + // Process this entry + $skip = false; $test2 = ""; + } +} +// Reverts the german decimal comma into Computer decimal dot +function REVERT_COMMA ($str) { + // Default float is not a float... ;-) + $float = false; + + // Which language is selected? + switch (GET_LANGUAGE()) { + case "de": // German language + // Remove german thousand dots first + $str = str_replace(".", "", $str); + + // Replace german commata with decimal dot and cast it + $float = (float)str_replace(",", ".", $str); + break; + + default: // US and so on + // Remove thousand dots first and cast + $float = (float)str_replace(",", "", $str); + break; + } + + // Return float + return $float; +} + +// Handle menu-depending failed logins and return the rendered content +function HANDLE_LOGIN_FAILTURES ($accessLevel) { + // Default output is empty ;-) + $OUT = ""; + + // Is the session data set? + if ((isSessionVariableSet('mxchange_'.$accessLevel.'_failures')) && (isSessionVariableSet('mxchange_'.$accessLevel.'_last_fail'))) { + // Ignore zero values + if (get_session('mxchange_'.$accessLevel.'_failures') > 0) { + // Non-guest has login failures found, get both data and prepare it for template + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):accessLevel={$accessLevel}
\n"; + $content = array( + 'login_failures' => get_session('mxchange_'.$accessLevel.'_failures'), + 'last_failure' => MAKE_DATETIME(get_session('mxchange_'.$accessLevel.'_last_fail'), "2") + ); + + // Load template + $OUT = LOAD_TEMPLATE("login_failures", true, $content); + } // END - if + + // Reset session data + set_session('mxchange_'.$accessLevel.'_failures', ""); + set_session('mxchange_'.$accessLevel.'_last_fail', ""); + } // END - if + + // Return rendered content + return $OUT; +} + +// Rebuild cache +function REBUILD_CACHE ($cache, $inc="") { + // Shall I remove the cache file? + if ((EXT_IS_ACTIVE("cache")) && (is_object($GLOBALS['cache_instance']))) { + // Rebuild cache + if ($GLOBALS['cache_instance']->loadCacheFile($cache)) { + // Destroy it + $GLOBALS['cache_instance']->destroyCacheFile(); + } // END - if + + // Include file given? + if (!empty($inc)) { + // Construct FQFN + $INC = sprintf("inc/loader/load_cache-%s.php", $inc); + + // Is the include there? + if (INCLUDE_READABLE($INC)) { + // And rebuild it from scratch + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): inc={$inc} - LOADED!
\n"; + LOAD_INC($INC); + } else { + // Include not found! + DEBUG_LOG(__FUNCTION__, __LINE__, "Include {$inc} not found. cache={$cache}"); + } + } // END - if + } // END - if +} + +// Purge admin menu cache +function CACHE_PURGE_ADMIN_MENU ($id=0, $action="", $what="", $str="") { + // Is the cache extension enabled or no cache instance or admin menu cache disabled? + if (!EXT_IS_ACTIVE("cache")) { + // Cache extension not active + return false; + } elseif (!is_object($GLOBALS['cache_instance'])) { + // No cache instance! + DEBUG_LOG(__FUNCTION__, __LINE__, " No cache instance found."); + return false; + } elseif ((!isConfigEntrySet('cache_admin_menu')) || (getConfig('cache_admin_menu') != "Y")) { + // Caching disabled (currently experiemental!) + return false; + } + + // Experiemental feature! + debug_report_bug("Experimental feature: You have to delete the admin_*.cache files by yourself at this point."); +} + +// Translates the "pool type" into human-readable +function TRANSLATE_POOL_TYPE ($type) { + // Default type is unknown + $translated = sprintf(getMessage('POOL_TYPE_UNKNOWN'), $type); + + // Generate constant + $constName = sprintf("POOL_TYPE_%s", $type); + + // Does it exist? + if (defined($constName)) { + // Then use it + $translated = getMessage($constName); + } // END - if + + // Return "translation" + return $translated; +} + +// "Getter" for remote IP number +function GET_REMOTE_ADDR () { + // Get remote ip from environment + $remoteAddr = getenv('REMOTE_ADDR'); + + // Is removeip installed? + if (EXT_IS_ACTIVE("removeip")) { + // Then anonymize it + $remoteAddr = GET_ANONYMOUS_REMOTE_ADDR($remoteAddr); + } // END - if + + // Return it + return $remoteAddr; +} +// "Getter" for remote hostname +function GET_REMOTE_HOST () { + // Get remote ip from environment + $remoteHost = getenv('REMOTE_HOST'); + + // Is removeip installed? + if (EXT_IS_ACTIVE("removeip")) { + // Then anonymize it + $remoteHost = GET_ANONYMOUS_REMOTE_HOST($remoteHost); + } // END - if + + // Return it + return $remoteHost; +} +// "Getter" for user agent +function GET_USER_AGENT () { + // Get remote ip from environment + $userAgent = getenv('HTTP_USER_AGENT'); + + // Is removeip installed? + if (EXT_IS_ACTIVE("removeip")) { + // Then anonymize it + $userAgent = GET_ANONYMOUS_USER_AGENT($userAgent); + } // END - if + + // Return it + return $userAgent; +} +// "Getter" for referer +function GET_REFERER () { + // Get remote ip from environment + $referer = getenv('HTTP_REFERER'); + + // Is removeip installed? + if (EXT_IS_ACTIVE("removeip")) { + // Then anonymize it + $referer = GET_ANONYMOUS_REFERER($referer); + } // END - if + + // Return it + return $referer; +} + +// Adds a bonus mail to the queue +// This is a high-level function! +function ADD_NEW_BONUS_MAIL ($data, $mode="", $output=true) { + // Use mode from data if not set and availble ;-) + if ((empty($mode)) && (isset($data['mode']))) $mode = $data['mode']; + + // Generate receiver list + $RECEIVER = GENERATE_RECEIVER_LIST($data['cat'], $data['receiver'], $mode); + + // Receivers added? + if (!empty($RECEIVER)) { + // Add bonus mail to queue + ADD_BONUS_MAIL_TO_QUEUE( + $data['subject'], + $data['text'], + $RECEIVER, + $data['points'], + $data['seconds'], + $data['url'], + $data['cat'], + $mode, + $data['receiver'] + ); + + // Mail inserted into bonus pool + if ($output) LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_BONUS_SEND')); + } elseif ($output) { + // More entered than can be reached! + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_MORE_SELECTED')); + } else { + // Debug log + DEBUG_LOG(__FUNCTION__, __LINE__, " cat={$data['cat']},receiver={$data['receiver']},data=".base64_encode(serialize($data))." More selected, than available!"); + } +} + +// Determines referal id and sets it +function DETERMINE_REFID () { + global $CLICK, $_SERVER; + + // Check if refid is set + if ((!empty($_GET['user'])) && ($CLICK == 1) && (basename($_SERVER['PHP_SELF']) == "click.php")) { + // The variable user comes from the click-counter script click.php and we only accept this here + $GLOBALS['refid'] = bigintval($_GET['user']); + } elseif (!empty($_POST['refid'])) { + // Get referal id from variable refid (so I hope this makes my script more compatible to other scripts) + $GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_POST['refid'])); + } elseif (!empty($_GET['refid'])) { + // Get referal id from variable refid (so I hope this makes my script more compatible to other scripts) + $GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_GET['refid'])); + } elseif (!empty($_GET['ref'])) { + // Set refid=ref (the referal link uses such variable) + $GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_GET['ref'])); + } elseif ((isSessionVariableSet('refid')) && (get_session('refid') != 0)) { + // Set session refid als global + $GLOBALS['refid'] = bigintval(get_session('refid')); + } elseif ((GET_EXT_VERSION("sql_patches") != "") && (getConfig('def_refid') > 0)) { + // Set default refid as refid in URL + $GLOBALS['refid'] = bigintval(getConfig('def_refid')); + } elseif ((GET_EXT_VERSION("user") >= "0.3.4") && (getConfig('select_user_zero_refid')) == "Y") { + // Select a random user which has confirmed enougth mails + $GLOBALS['refid'] = SELECT_RANDOM_REFID(); + } else { + // No default ID when sql_patches is not installed or none set + $GLOBALS['refid'] = 0; + } + + // Set cookie when default refid > 0 + if (!isSessionVariableSet('refid') || (!empty($GLOBALS['refid'])) || ((get_session('refid') == "0") && (getConfig('def_refid') > 0))) { + // Set cookie + set_session('refid', $GLOBALS['refid']); + } // END - if + + // Return determined refid + return $GLOBALS['refid']; +} + +// Destroys the admin session +function destroyAdminSession ($destroy = true) { + // Kill maybe existing session variables including array elements + set_session('admin_login', ""); + set_session('admin_md5' , ""); + set_session('admin_last' , ""); + set_session('admin_to' , ""); + + // Destroy session and return status + if ($destroy) { + return session_destroy(); + } // END - if + + // All fine if we shall not really destroy the session + return true; +} + +// Checks if a given apache module is loaded +function IF_APACHE_MODULE_LOADED ($apacheModule) { + // Check it and return result + return (((function_exists('apache_get_modules')) && (in_array($apacheModule, apache_get_modules()))) || (!function_exists('apache_get_modules'))); +} + +// Merges $_CONFIG with data in given array +function mergeConfig ($newConfig) { + global $_CONFIG; + $_CONFIG = merge_array($_CONFIG, $newConfig); +} + +// Getter for $_CONFIG entries +function getConfig ($entry) { + global $_CONFIG; + + // Default value + $value = null; + + // Is the entry there? + if (isConfigEntrySet($entry)) { + // Then use it + $value = $_CONFIG[$entry]; + } // END - if + + // Return it + return $value; +} + +// Setter for $_CONFIG entries +function setConfigEntry ($entry, $value) { + global $_CONFIG; + + // Secure the entry name + $entry = SQL_ESCAPE($entry); + + // And set it + $_CONFIG[$entry] = $value; +} + +// Checks wether the given config entry is set +function isConfigEntrySet ($entry) { + global $_CONFIG; + return (isset($_CONFIG[$entry])); +} + +// Increment or init with given value or 1 as default the given config entry +function incrementConfigEntry ($configEntry, $value=1) { + global $_CONFIG; + + // Increment it if set or init it with 1 + if (getConfig($configEntry) > 0) { + $_CONFIG[$configEntry] += $value; + } else { + $_CONFIG[$configEntry] = $value; + } +} + +// "Getter" for language strings +// @TODO Rewrite all language constants to this function. +function getMessage ($messageId) { + // Default is not found! + $return = "!".$messageId."!"; + + // Is the language string found? + if (isset($GLOBALS['msg'][strtolower($messageId)])) { + // Language array element found in small_letters + $return = $GLOBALS['msg'][$messageId]; + } elseif (isset($GLOBALS['msg'][strtoupper($messageId)])) { + // @DEPRECATED Language array element found in BIG_LETTERS + $return = $GLOBALS['msg'][$messageId]; + } elseif (defined($messageId)) { + // @DEPRECATED Deprecated constant found + $return = constant($messageId); + } else { + // Missing language constant + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Missing message string %s detected.", $messageId)); + } + + // Return the string + return $return; +} + +// Get current theme name +function GET_CURR_THEME() { + global $INC_POOL; + + // The default theme is 'default'... ;-) + $ret = "default"; + + // Load default theme if not empty from configuration + if (getConfig('default_theme') != "") $ret = getConfig('default_theme'); + + if (!isSessionVariableSet('mxchange_theme')) { + // Set default theme + set_session('mxchange_theme', $ret); + } elseif ((isSessionVariableSet('mxchange_theme')) && (GET_EXT_VERSION("sql_patches") >= "0.1.4")) { + //die("
".print_r($GLOBALS['cache_array']['themes'], true)."
"); + // Get theme from cookie + $ret = get_session('mxchange_theme'); + + // Is it valid? + if (THEME_GET_ID($ret) == 0) { + // Fix it to default + $ret = "default"; + } // END - if + } elseif ((!isBooleanConstantAndTrue('mxchange_installed')) && ((isBooleanConstantAndTrue('mxchange_installing')) || ($GLOBALS['output_mode'] == true)) && ((!empty($_GET['theme'])) || (!empty($_POST['theme'])))) { + // Prepare FQFN for checking + $theme = sprintf("%stheme/%s/theme.php", constant('PATH'), SQL_ESCAPE($_GET['theme'])); + + // Installation mode active + if ((!empty($_GET['theme'])) && (FILE_READABLE($theme))) { + // Set cookie from URL data + set_session('mxchange_theme', SQL_ESCAPE($_GET['theme'])); + } elseif (FILE_READABLE(sprintf("%stheme/%s/theme.php", constant('PATH'), SQL_ESCAPE($_POST['theme'])))) { + // Set cookie from posted data + set_session('mxchange_theme', SQL_ESCAPE($_POST['theme'])); + } + + // Set return value + $ret = get_session('mxchange_theme'); + } else { + // Invalid design, reset cookie + set_session('mxchange_theme', $ret); + } + + // Add (maybe) found theme.php file to inclusion list + $theme = sprintf("%stheme/%s/theme.php", constant('PATH'), SQL_ESCAPE($ret)); + + // Try to load the requested include file + if (FILE_READABLE($theme)) $INC_POOL[] = $theme; + + // Return theme value + return $ret; +} + +// Get id from theme +function THEME_GET_ID ($name) { + // Is the extension "theme" installed? + if (!EXT_IS_ACTIVE("theme")) { + // Then abort here + return 0; + } // END - if + + // Default id + $id = 0; + + // Is the cache entry there? + if (isset($GLOBALS['cache_array']['themes']['id'][$name])) { + // Get the version from cache + $id = $GLOBALS['cache_array']['themes']['id'][$name]; + + // Count up + incrementConfigEntry('cache_hits'); + } elseif (GET_EXT_VERSION("cache") != "0.1.8") { + // Check if current theme is already imported or not + $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_themes` WHERE theme_path='%s' LIMIT 1", + array($name), __FILE__, __LINE__); + + // Entry found? + if (SQL_NUMROWS($result) == 1) { + // Fetch data + list($id) = SQL_FETCHROW($result); + } // END - if + + // Free result + SQL_FREERESULT($result); + } + + // Return id + return $id; +} + +// Read a given file +function READ_FILE ($FQFN, $sqlPrepare = false) { + // Load the file + if (function_exists('file_get_contents')) { + // Use new function + $content = file_get_contents($FQFN); + } else { + // Fall-back to implode-file chain + $content = implode("", file($FQFN)); + } + + // Prepare SQL queries? + if ($sqlPrepare === true) { + // Remove some unwanted chars + $content = str_replace("\r", "", $content); + $content = str_replace("\n\n", "\n", $content); + } // END - if + + // Return the content + return $content; +} + +// Writes content to a file +function WRITE_FILE ($FQFN, $content) { + // Is the file writeable? + if ((FILE_READABLE($FQFN)) && (!is_writeable($FQFN)) && (!chmod($FQFN, 0644))) { + // Not writeable! + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("File %s not writeable.", basename($FQFN))); + + // Failed! :( + return false; + } // END - if + + // By default all is failed... + $return = false; + + // Is the function there? + if (function_exists('file_put_contents')) { + // Write it directly + $return = file_put_contents($FQFN, $content); + } else { + // Write it with fopen + $fp = fopen($FQFN, 'w') or mxchange_die("Cannot write file ".basename($FQFN)."!"); + fwrite($fp, $content); + fclose($fp); + + // Set CHMOD rights + $return = chmod($FQFN, 0644); + } + + // Return status + return $return; +} + +// Generates an error code from given account status +function GEN_ERROR_CODE_FROM_ACCOUNT_STATUS ($status) { + // Default error code if unknown account status + $ERROR = constant('CODE_UNKNOWN_STATUS'); + + // Generate constant name + $constantName = sprintf("CODE_ID_%s", $status); + + // Is the constant there? + if (defined($constantName)) { + // Then get it! + $ERROR = constant($constantName); + } else { + // Unknown status + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown error status %s detected.", $status)); + } + + // Return error code + return $ERROR; +} + +// Clears the output buffer. This function does *NOT* backup sent content. +function clearOutputBuffer () { + // Trigger an error on failure + if (!ob_end_clean()) { + // Failed! + debug_report_bug(__FUNCTION__.": Failed to clean output buffer."); + } // END - if +} + +// "Getter" for revision/version data +function getActualVersion ($type = 0) { + // By default nothing is new... ;-) + $new = false; + + // FQFN of revision file + $FQFN = sprintf("%sinc/cache/.revision", constant('PATH')); + + // Check for revision file + if (!FILE_READABLE($FQFN)) { + // Not found, so we need to create it + $new = true; + } else { + // Revision file found + $ins_vers = explode("\n", READ_FILE($FQFN)); + + // Is the content valid? + if ((!is_array($ins_vers)) || (count($ins_vers) <= 0) || (!isset($ins_vers[$type])) || ($ins_vers[0]) == "new") { + // File needs update! + $new = true; + } else { + // Revision-File has valid Data and isn't 'new' so return the Rev-Number + return trim($ins_vers[$type]); + } + } + + // Has it been updated? + if ($new === true) { + // No Revision-File or has no valid Data so read the Revision from the Server. + $version = GET_URL("check-updates3.php"); + + // Prepare content + $akt_vers[] = trim($version[10]); + $akt_vers[] = trim($version[9]); + $akt_vers[] = trim($version[8]); + + // Write file + WRITE_FILE($FQFN, implode("\n", $akt_vers)); + + // Return requested content + return trim($akt_vers[$type]); + } +} + +// Loads an include file and logs any missing files for debug purposes +function LOAD_INC ($INC) { + // Get constant path + $PATH = constant('PATH'); + + // Use the include file name directly + // @TODO Try to find all locations where an FQFN is given to these two + // @TODO functions and avoid it. + $FQFN = $INC; + + // Check if PATH is in $INC + if (substr($INC, 0, $PATH) != $PATH) { + // Add it. This is why we need a trailing slash in config.php + $FQFN = $PATH . $INC; + } // END - if + + // Is the include file there? + if (!FILE_READABLE($FQFN)) { + // Not there so log it + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Include file %s not found.", basename($INC))); + return false; + } // END - if + + // Try to load it + require($FQFN); +} + +// Loads an include file once +function LOAD_INC_ONCE ($INC) { + // Is it not loaded? + if (!isset($GLOBALS['cache_array']['load_once'][$INC])) { + // Then try to load it + LOAD_INC($INC); + + // And mark it as loaded + $GLOBALS['cache_array']['load_once'][$INC] = true; + } // END - if +} + +// Back-ported from the new ship-simu engine. :-) +function debug_get_printable_backtrace () { + // Init variable + $backtrace = "
    \n"; + + // Get and prepare backtrace for output + $backtraceArray = debug_backtrace(); + foreach ($backtraceArray as $key => $trace) { + if (!isset($trace['file'])) $trace['file'] = __FILE__; + if (!isset($trace['line'])) $trace['line'] = __LINE__; + if (!isset($trace['args'])) $trace['args'] = array(); + $backtrace .= "
  1. ".basename($trace['file']).":".$trace['line'].", ".$trace['function']."(".count($trace['args']).")
    2. \n"; + } // END - foreach + + // Close it + $backtrace .= "
\n"; + + // Return the backtrace + return $backtrace; +} + +// Output a debug backtrace to the user +function debug_report_bug ($message = "") { + // Init message + $debug = ""; + // Is the optional message set? + if (!empty($message)) { + // Use and log it + $debug = sprintf("Note: %s
\n", + $message + ); + + // @TODO Add a little more infos here + DEBUG_LOG(__FUNCTION__, __LINE__, $message); + } // END - if + + // Add output + $debug .= ("Please report this error at bugs.mxchange.org:
");
+	$debug .= (debug_get_printable_backtrace());
+	$debug .= ("
Thank you for your help finding bugs."); + + // And abort here + die($debug); +} + +// Generates a ***weak*** seed (taken from de.php.net/mt_srand) +function generateSeed () { + list($usec, $sec) = explode(" ", microtime()); + return ((float)$sec + (float)$usec); +} + +// Converts a message code to a human-readable message +function convertCodeToMessage ($code) { + $msg = ""; + switch ($code) { + case constant('CODE_LOGOUT_DONE') : $msg = getMessage('LOGOUT_DONE'); break; + case constant('CODE_LOGOUT_FAILED') : $msg = "{--LOGOUT_FAILED--}"; break; + case constant('CODE_DATA_INVALID') : $msg = getMessage('MAIL_DATA_INVALID'); break; + case constant('CODE_POSSIBLE_INVALID') : $msg = getMessage('MAIL_POSSIBLE_INVALID'); break; + case constant('CODE_ACCOUNT_LOCKED') : $msg = getMessage('MEMBER_ACCOUNT_LOCKED_UNC'); break; + case constant('CODE_USER_404') : $msg = getMessage('USER_NOT_FOUND'); break; + case constant('CODE_STATS_404') : $msg = getMessage('MAIL_STATS_404'); break; + case constant('CODE_ALREADY_CONFIRMED'): $msg = getMessage('MAIL_ALREADY_CONFIRMED'); break; + + case constant('CODE_ERROR_MAILID'): + if (EXT_IS_ACTIVE($ext, true)) { + $msg = getMessage('ERROR_CONFIRMING_MAIL'); + } else { + $msg = sprintf(getMessage('EXTENSION_PROBLEM_NOT_INSTALLED'), "mailid"); + } + break; + + case constant('CODE_EXTENSION_PROBLEM'): + if (isset($_GET['ext'])) { + $msg = sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), SQL_ESCAPE($_GET['ext'])); + } else { + $msg = getMessage('EXTENSION_PROBLEM_UNSET_EXT'); + } + break; + + case constant('CODE_COOKIES_DISABLED') : $msg = getMessage('LOGIN_NO_COOKIES'); break; + case constant('CODE_BEG_SAME_AS_OWN') : $msg = getMessage('BEG_SAME_UID_AS_OWN'); break; + case constant('CODE_LOGIN_FAILED') : $msg = getMessage('LOGIN_FAILED_GENERAL'); break; + default : $msg = sprintf(getMessage('UNKNOWN_MAILID_CODE'), $code); break; + } // END - switch + + // Return the message + return $msg; +} + +// Checks wether the given extension is currently not installed +// and redirects if so. +function REDIRCT_ON_UNINSTALLED_EXTENSION ($ext_name) { + // Is the extension uninstalled/inactive? + if (!EXT_IS_ACTIVE($ext_name)) { + // Redirect to index + LOAD_URL("modules.php?module=index&msg=".constant('CODE_EXTENSION_PROBLEM')."&ext=".$ext_name); + } // END - if +} + +// Generate a "link" for the given admin id (aid) +function GENERATE_AID_LINK ($aid) { + // No assigned admin is default + $admin = "
{--ADMIN_NO_ADMIN_ASSIGNED--}
"; + + // Zero? = Not assigned + if ($aid == "0") { + // Load admin's login + $login = GET_ADMIN_LOGIN($aid); + if ($login != "***") { + // Is the extension there? + if (EXT_IS_ACTIVE("admins")) { + // Admin found + $admin = "".$login.""; + } else { + // Extension not found + $admin = sprintf(getMessage('EXTENSION_PROBLEM_NOT_INSTALLED'), "admins"); + } + } else { + // Maybe deleted? + $admin = "
".sprintf(getMessage('ADMIN_ID_404'), $aid)."
"; + } + } // END - if + + // Return result + return $admin; +} + +// Checks wether an include file (non-FQFN better) is readable +function INCLUDE_READABLE ($INC) { + // Construct FQFN + $FQFN = constant('PATH') . $INC; + + // Is it readable? + return FILE_READABLE($FQFN); +} + +// Encode strings +// @TODO Implement $compress +function encodeString ($str, $compress=true) { + $str = urlencode(base64_encode(compileUriCode($str))); + return $str; +} + +// Decode strings encoded with encodeString() +// @TODO Implement $decompress +function decodeString ($str, $decompress=true) { + $str = compileUriCode(base64_decode(urldecode(compileUriCode($str)))); + return $str; +} + +// Compile characters which are allowed in URLs +function compileUriCode ($code, $simple=true) { + // Compile constants + if (!$simple) $code = str_replace("{--", '".', str_replace("--}", '."', $code)); + + // Compile QUOT and other non-HTML codes + $code = str_replace("{DOT}", ".", + str_replace("{SLASH}", "/", + str_replace("{QUOT}", "'", + str_replace("{DOLLAR}", "$", + str_replace("{OPEN_ANCHOR}", "(", + str_replace("{CLOSE_ANCHOR}", ")", + str_replace("{OPEN_SQR}", "[", + str_replace("{CLOSE_SQR}", "]", + str_replace("{PER}", "%", + $code + ))))))))); + + // Return compiled code + return $code; +} + +// Function taken from user comments on www.php.net / function eregi() +function isUrlValid ($url) { + // Prepare URL + $url = strip_tags(str_replace("\\", "", compileUriCode(urldecode($url)))); + + // Allows http and https + $http = "(http|https)+(:\/\/)"; + // Test domain + $domain1 = "([[:alnum:]]([-[:alnum:]])*\.)?([[:alnum:]][-[:alnum:]\.]*[[:alnum:]])(\.[[:alpha:]]{2,5})?"; + // Test double-domains (e.g. .de.vu) + $domain2 = "([-[:alnum:]])?(\.[[:alnum:]][-[:alnum:]\.]*[[:alnum:]])(\.[[:alpha:]]{2,5})(\.[[:alpha:]]{2,5})?"; + // Test IP number + $ip = "([[:digit:]]{1,3})\.([[:digit:]]{1,3})\.([[:digit:]]{1,3})\.([[:digit:]]{1,3})"; + // ... directory + $dir = "((/)+([-_\.[:alnum:]])+)*"; + // ... page + $page = "/([-_[:alnum:]][-\._[:alnum:]]*\.[[:alnum:]]{2,5})?"; + // ... and the string after and including question character + $getstring1 = "([\?/]([[:alnum:]][-\._%[:alnum:]]*(=)?([-\@\._:%[:alnum:]])+)(&([[:alnum:]]([-_%[:alnum:]])*(=)?([-\@\[\._:%[:alnum:]])+(\])*))*)?"; + // Pattern for URLs like http://url/dir/doc.html?var=value + $pattern['d1dpg1'] = $http.$domain1.$dir.$page.$getstring1; + $pattern['d2dpg1'] = $http.$domain2.$dir.$page.$getstring1; + $pattern['ipdpg1'] = $http.$ip.$dir.$page.$getstring1; + // Pattern for URLs like http://url/dir/?var=value + $pattern['d1dg1'] = $http.$domain1.$dir."/".$getstring1; + $pattern['d2dg1'] = $http.$domain2.$dir."/".$getstring1; + $pattern['ipdg1'] = $http.$ip.$dir."/".$getstring1; + // Pattern for URLs like http://url/dir/page.ext + $pattern['d1dp'] = $http.$domain1.$dir.$page; + $pattern['d1dp'] = $http.$domain2.$dir.$page; + $pattern['ipdp'] = $http.$ip.$dir.$page; + // Pattern for URLs like http://url/dir + $pattern['d1d'] = $http.$domain1.$dir; + $pattern['d2d'] = $http.$domain2.$dir; + $pattern['ipd'] = $http.$ip.$dir; + // Pattern for URLs like http://url/?var=value + $pattern['d1g1'] = $http.$domain1."/".$getstring1; + $pattern['d2g1'] = $http.$domain2."/".$getstring1; + $pattern['ipg1'] = $http.$ip."/".$getstring1; + // Pattern for URLs like http://url?var=value + $pattern['d1g12'] = $http.$domain1.$getstring1; + $pattern['d2g12'] = $http.$domain2.$getstring1; + $pattern['ipg12'] = $http.$ip.$getstring1; + // Test all patterns + $reg = false; + foreach ($pattern as $key=>$pat) { + // Debug regex? + if (defined('DEBUG_REGEX')) { + $pat = str_replace("[:alnum:]", "0-9a-zA-Z", $pat); + $pat = str_replace("[:alpha:]", "a-zA-Z", $pat); + $pat = str_replace("[:digit:]", "0-9", $pat); + $pat = str_replace(".", "\.", $pat); + $pat = str_replace("@", "\@", $pat); + echo $key."= ".$pat."
"; + } + + // Check if expression matches + $reg = ($reg || preg_match(("^".$pat."^"), $url)); + + // Does it match? + if ($reg === true) break; + } + + // Return true/false + return $reg; +} + +// Smartly adds slashes +function smartAddSlashes ($unquoted) { + $unquoted = str_replace("\\", "", $unquoted); + return addslashes($unquoted); +} + +// Decode entities in a nicer way +function decodeEntities ($str) { + // @TODO We may want to switch over to UTF-8 here! + $decodedString = html_entity_decode($str, ENT_NOQUOTES, "ISO-8859-15"); + + // Return decoded string + return $decodedString; +} + +// Wtites data to a config.php-style file +// @TODO Rewrite this function to use READ_FILE() and WRITE_FILE() +function changeDataInFile ($FQFN, $comment, $prefix, $suffix, $DATA, $seek=0) { + // Initialize some variables + $done = false; + $seek++; + $next = -1; + $found = false; + + // Is the file there and read-/write-able? + if ((FILE_READABLE($FQFN)) && (is_writeable($FQFN))) { + $search = "CFG: ".$comment; + $tmp = $FQFN.".tmp"; + + // Open the source file + $fp = @fopen($FQFN, 'r') or OUTPUT_HTML("READ: ".$FQFN."
"); + + // Is the resource valid? + if (is_resource($fp)) { + // Open temporary file + $fp_tmp = @fopen($tmp, 'w') or OUTPUT_HTML("WRITE: ".$tmp."
"); + + // Is the resource again valid? + if (is_resource($fp_tmp)) { + while (!feof($fp)) { + // Read from source file + $line = fgets ($fp, 1024); + + if (strpos($line, $search) > -1) { $next = 0; $found = true; } + + if ($next > -1) { + if ($next === $seek) { + $next = -1; + $line = $prefix . $DATA . $suffix."\n"; + } else { + $next++; + } + } + + // Write to temp file + fputs($fp_tmp, $line); + } + + // Close temp file + fclose($fp_tmp); + + // Finished writing tmp file + $done = true; + } + + // Close source file + fclose($fp); + + if (($done) && ($found)) { + // Copy back tmp file and delete tmp :-) + @copy($tmp, $FQFN); + @unlink($tmp); + define('_FATAL', false); + } elseif (!$found) { + OUTPUT_HTML("CHANGE: 404!"); + define('_FATAL', true); + } else { + OUTPUT_HTML("TMP: UNDONE!"); + define('_FATAL', true); + } + } + } else { + // File not found, not readable or writeable + OUTPUT_HTML("404: ".$FQFN."
"); + } +} + +////////////////////////////////////////////////// +// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS // +////////////////////////////////////////////////// // -////////////////////////////////////////////// -// // -// AUTOMATICALLY RE-GNERATED FUNCTIONS ONLY // -// // -////////////////////////////////////////////// -// -if (!function_exists('html_entity_decode')) -{ +if (!function_exists('html_entity_decode')) { // Taken from documentation on www.php.net - function html_entity_decode($string) - { + function html_entity_decode ($string) { $trans_tbl = get_html_translation_table(HTML_ENTITIES); $trans_tbl = array_flip($trans_tbl); return strtr($string, $trans_tbl); } -} -// +} // END - if + +// [EOF] ?>