');
-
- // This is always fine
- return true;
- } elseif (($isHtml == 'Y') && (isExtensionActive('html_mail'))) {
- // Send mail as HTML away
- return sendHtmlEmail($toEmail, $subject, $message, $mailHeader);
- } elseif (!empty($toEmail)) {
- // Send Mail away
- return sendRawEmail($toEmail, $subject, $message, $mailHeader);
- } elseif ($isHtml != 'Y') {
- // Problem found!
- return sendRawEmail(getConfig('WEBMASTER'), '[PROBLEM:]' . $subject, $message, $mailHeader);
- }
-
- // Why did we end up here? This should not happen
- debug_report_bug(__FUNCTION__, __LINE__, 'Ending up: template=' . $template);
-}
-
-// Check to use wether legacy mail() command or PHPMailer class
-// @TODO Rewrite this to an extension 'smtp'
-// @private
-function checkPhpMailerUsage() {
- return ((getConfig('SMTP_HOSTNAME') != '') && (getConfig('SMTP_USER') != ''));
-}
-
-// Send out a raw email with PHPMailer class or legacy mail() command
-function sendRawEmail ($toEmail, $subject, $message, $from) {
- // Just compile all again, to put out all configs, etc.
- eval('$toEmail = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($toEmail)), false) . '");');
- eval('$subject = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($subject)), false) . '");');
- eval('$message = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($message)), false) . '");');
- eval('$from = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($from)) , false) . '");');
-
- // Shall we use PHPMailer class or legacy mode?
- if (checkPhpMailerUsage()) {
- // Use PHPMailer class with SMTP enabled
- loadIncludeOnce('inc/phpmailer/class.phpmailer.php');
- loadIncludeOnce('inc/phpmailer/class.smtp.php');
-
- // get new instance
- $mail = new PHPMailer();
-
- // Set charset to UTF-8
- $mail->CharSet = 'UTF-8';
-
- // Path for PHPMailer
- $mail->PluginDir = sprintf("%sinc/phpmailer/", getPath());
-
- $mail->IsSMTP();
- $mail->SMTPAuth = true;
- $mail->Host = getConfig('SMTP_HOSTNAME');
- $mail->Port = 25;
- $mail->Username = getConfig('SMTP_USER');
- $mail->Password = getConfig('SMTP_PASSWORD');
- if (empty($from)) {
- $mail->From = getConfig('WEBMASTER');
- } else {
- $mail->From = $from;
- }
- $mail->FromName = getMainTitle();
- $mail->Subject = $subject;
- if ((isExtensionActive('html_mail')) && (secureString($message) != $message)) {
- $mail->Body = $message;
- $mail->AltBody = 'Your mail program required HTML support to read this mail!';
- $mail->WordWrap = 70;
- $mail->IsHTML(true);
- } else {
- $mail->Body = decodeEntities($message);
- }
- $mail->AddAddress($toEmail, '');
- $mail->AddReplyTo(getConfig('WEBMASTER'), getMainTitle());
- $mail->AddCustomHeader('Errors-To:' . getConfig('WEBMASTER'));
- $mail->AddCustomHeader('X-Loop:' . getConfig('WEBMASTER'));
- $mail->Send();
-
- // Has an error occured?
- if (!empty($mail->ErrorInfo)) {
- // Log message
- logDebugMessage(__FUNCTION__, __LINE__, 'Error while sending mail: ' . $mail->ErrorInfo);
-
- // Raise an error
- return false;
- } else {
- // All fine!
- return true;
- }
- } else {
- // Use legacy mail() command
- return mail($toEmail, $subject, decodeEntities($message), $from);
- }
-}
-
// Generate a password in a specified length or use default password length
-function generatePassword ($length = '0') {
+function generatePassword ($length = '0', $exclude = array()) {
// Auto-fix invalid length of zero
- if ($length == '0') $length = getConfig('pass_len');
+ if ($length == '0') {
+ $length = getMinPasswordLength();
+ } // END - if
+
+ // Exclude some entries
+ $localAbc = array_diff($GLOBALS['_abc'], $exclude);
- // Initialize array with all allowed chars
- $ABC = explode(',', 'a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9,-,+,_,/,.');
+ // $localAbc must have at least 10 entries
+ assert(count($localAbc) >= 10);
// Start creating password
- $PASS = '';
- for ($i = '0'; $i < $length; $i++) {
- $PASS .= $ABC[mt_rand(0, count($ABC) -1)];
- } // END - for
+ $password = '';
+ while (strlen($password) < $length) {
+ $password .= $localAbc[mt_rand(0, count($localAbc) -1)];
+ } // END - while
- // When the size is below 40 we can also add additional security by scrambling
- // it. Otherwise we may corrupt hashes
- if (strlen($PASS) <= 40) {
+ /*
+ * When the length of the password is below 40 characters additional
+ * security can be added by scrambling it. Otherwise the hash may
+ * corrupted.
+ */
+ if (strlen($password) <= 40) {
// Also scramble the password
- $PASS = scrambleString($PASS);
+ $password = scrambleString($password);
} // END - if
// Return the password
- return $PASS;
+ return $password;
}
// Generates a human-readable timestamp from the Uni* stamp
function generateDateTime ($time, $mode = '0') {
+ // Is there cache?
+ if (isset($GLOBALS[__FUNCTION__][$time][$mode])) {
+ // Return it instead
+ return $GLOBALS[__FUNCTION__][$time][$mode];
+ } // END - if
+
// If the stamp is zero it mostly didn't "happen"
- if ($time == '0') {
+ if (($time == '0') || (is_null($time))) {
// Never happend
return '{--NEVER_HAPPENED--}';
} // END - if
// Filter out numbers
- $time = bigintval($time);
-
- // Is it cached?
- if (isset($GLOBALS[__FUNCTION__][$time][$mode])) {
- // Then use it
- return $GLOBALS[__FUNCTION__][$time][$mode];
- } // END - if
+ $timeSecured = bigintval($time);
// Detect language
switch (getLanguage()) {
case 'de': // German date / time format
switch ($mode) {
- case '0': $ret = date("d.m.Y \u\m H:i \U\h\\r", $time); break;
- case '1': $ret = strtolower(date('d.m.Y - H:i', $time)); break;
- case '2': $ret = date('d.m.Y|H:i', $time); break;
- case '3': $ret = date('d.m.Y', $time); break;
- case '4': $ret = date('d.m.Y|H:i:s', $time); break;
- case '5': $ret = date('d-m-Y (l-F-T)', $time); break;
- case '6': $ret = date('Ymd', $time); break;
+ case '0': $ret = date("d.m.Y \u\m H:i \U\h\\r", $timeSecured); break;
+ case '1': $ret = strtolower(date('d.m.Y - H:i', $timeSecured)); break;
+ case '2': $ret = date('d.m.Y|H:i', $timeSecured); break;
+ case '3': $ret = date('d.m.Y', $timeSecured); break;
+ case '4': $ret = date('d.m.Y|H:i:s', $timeSecured); break;
+ case '5': $ret = date('d-m-Y (l-F-T)', $timeSecured); break;
+ case '6': $ret = date('Ymd', $timeSecured); break;
+ case '7': $ret = date('Y-m-d H:i:s', $timeSecured); break; // Compatible with MySQL TIMESTAMP
default:
- logDebugMessage(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode));
+ logDebugMessage(__FUNCTION__, __LINE__, sprintf('Invalid date mode %s detected.', $mode));
break;
- }
+ } // END - switch
break;
default: // Default is the US date / time format!
switch ($mode) {
- case '0': $ret = date('r', $time); break;
- case '1': $ret = strtolower(date('Y-m-d - g:i A', $time)); break;
- case '2': $ret = date('y-m-d|H:i', $time); break;
- case '3': $ret = date('y-m-d', $time); break;
- case '4': $ret = date('d.m.Y|H:i:s', $time); break;
- case '5': $ret = date('d-m-Y (l-F-T)', $time); break;
- case '6': $ret = date('Ymd', $time); break;
+ case '0': $ret = date('r', $timeSecured); break;
+ case '1': $ret = strtolower(date('Y-m-d - g:i A', $timeSecured)); break;
+ case '2': $ret = date('y-m-d|H:i', $timeSecured); break;
+ case '3': $ret = date('y-m-d', $timeSecured); break;
+ case '4': $ret = date('d.m.Y|H:i:s', $timeSecured); break;
+ case '5': $ret = date('d-m-Y (l-F-T)', $timeSecured); break;
+ case '6': $ret = date('Ymd', $timeSecured); break;
+ case '7': $ret = date('Y-m-d H:i:s', $timeSecured); break; // Compatible with MySQL TIMESTAMP
default:
- logDebugMessage(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode));
+ logDebugMessage(__FUNCTION__, __LINE__, sprintf('Invalid date mode %s detected.', $mode));
break;
} // END - switch
} // END - switch
@@ -336,11 +177,16 @@ function translateYesNo ($yn) {
// Default
$GLOBALS[__FUNCTION__][$yn] = '??? (' . $yn . ')';
switch ($yn) {
- case 'Y': $GLOBALS[__FUNCTION__][$yn] = '{--YES--}'; break;
- case 'N': $GLOBALS[__FUNCTION__][$yn] = '{--NO--}'; break;
- default:
- // Log unknown value
- logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown value %s. Expected Y/N!", $yn));
+ case 'Y': // Yes
+ $GLOBALS[__FUNCTION__][$yn] = '{--YES--}';
+ break;
+
+ case 'N': // No
+ $GLOBALS[__FUNCTION__][$yn] = '{--NO--}';
+ break;
+
+ default: // Log unknown value
+ logDebugMessage(__FUNCTION__, __LINE__, sprintf('Unknown value %s. Expected: Y/N', $yn));
break;
} // END - switch
} // END - if
@@ -349,30 +195,49 @@ function translateYesNo ($yn) {
return $GLOBALS[__FUNCTION__][$yn];
}
-// Translates the "pool type" into human-readable
-function translatePoolType ($type) {
- // Return "translation"
- return sprintf("{--POOL_TYPE_%s--}", $type);
+// "Translates" Y/N into "de-/active"
+function translateActivationStatus ($status) {
+ // Is it cached?
+ if (!isset($GLOBALS[__FUNCTION__][$status])) {
+ // Default
+ $GLOBALS[__FUNCTION__][$status] = '??? (' . $status . ')';
+ switch ($status) {
+ case 'Y': // Activated
+ $GLOBALS[__FUNCTION__][$status] = '{--ACTIVATED--}';
+ break;
+
+ case 'N': // Deactivated
+ $GLOBALS[__FUNCTION__][$status] = '{--DEACTIVATED--}';
+ break;
+
+ default: // Log unknown value
+ logDebugMessage(__FUNCTION__, __LINE__, sprintf('Unknown value %s. Expected: Y/N', $status));
+ break;
+ } // END - switch
+ } // END - if
+
+ // Return it
+ return $GLOBALS[__FUNCTION__][$status];
}
// Translates the american decimal dot into a german comma
-function translateComma ($dotted, $cut = true, $max = '0') {
+// OPPOMENT: convertCommaToDot()
+function translateComma ($dotted, $cut = TRUE, $max = '0') {
// First, cast all to double, due to PHP changes
- $dotted = (double) $dotted;
-
- // Default is 3 you can change this in admin area "Misc -> Misc Options"
- if (!isConfigEntrySet('max_comma')) setConfigEntry('max_comma', 3);
+ $double = (double) $dotted;
// Use from config is default
$maxComma = getConfig('max_comma');
// Use from parameter?
- if ($max > 0) $maxComma = $max;
+ if ($max > 0) {
+ $maxComma = $max;
+ } // END - if
// Cut zeros off?
- if (($cut === true) && ($max == '0')) {
+ if (($cut === TRUE) && ($max == '0')) {
// Test for commata if in cut-mode
- $com = explode('.', $dotted);
+ $com = explode('.', $double);
if (count($com) < 2) {
// Don't display commatas even if there are none... ;-)
$maxComma = '0';
@@ -382,19 +247,19 @@ function translateComma ($dotted, $cut = true, $max = '0') {
// Debug log
// Translate it now
- $translated = $dotted;
+ $translated = $double;
switch (getLanguage()) {
case 'de': // German language
- $translated = number_format($dotted, $maxComma, ',', '.');
+ $translated = number_format($double, $maxComma, ',', '.');
break;
default: // All others
- $translated = number_format($dotted, $maxComma, '.', ',');
+ $translated = number_format($double, $maxComma, '.', ',');
break;
} // END - switch
// Return translated value
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'dotted=' . $dotted . ',translated=' . $translated . ',maxComma=' . $maxComma);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'double=' . $double . ',translated=' . $translated . ',maxComma=' . $maxComma);
return $translated;
}
@@ -408,12 +273,13 @@ function translateGender ($gender) {
case 'M': // Male
case 'F': // Female
case 'C': // Company
- $ret = sprintf("{--GENDER_%s--}", $gender);
+ // Use generic function
+ $ret = translateGeneric('GENDER', $gender);
break;
default:
// Please report bugs on unknown genders
- debug_report_bug(__FUNCTION__, __LINE__, sprintf("Unknown gender %s detected.", $gender));
+ reportBug(__FUNCTION__, __LINE__, sprintf('Unknown gender %s detected.', $gender));
break;
} // END - switch
@@ -423,22 +289,25 @@ function translateGender ($gender) {
// "Translates" the user status
function translateUserStatus ($status) {
+ // Default status is unknown if something goes through
+ $ret = '{--ACCOUNT_STATUS_UNKNOWN--}';
+
// Generate message depending on status
switch ($status) {
case 'UNCONFIRMED':
case 'CONFIRMED':
case 'LOCKED':
- $ret = sprintf("{--ACCOUNT_STATUS_%s--}", $status);
+ // Use generic function for all "normal" cases
+ $ret = translateGeneric('ACCOUNT_STATUS', $status);
break;
- case '':
- case null:
+ case '': // Account deleted
+ case NULL: // Account deleted
$ret = '{--ACCOUNT_STATUS_DELETED--}';
break;
- default:
- // Please report all unknown status
- debug_report_bug(__FUNCTION__, __LINE__, sprintf("Unknown status %s(%s) detected.", $status, gettype($status)));
+ default: // Please report all unknown status
+ reportBug(__FUNCTION__, __LINE__, sprintf('Unknown status %s(%s) detected.', $status, gettype($status)));
break;
} // END - switch
@@ -448,25 +317,39 @@ function translateUserStatus ($status) {
// "Translates" 'visible' and 'locked' to a CSS class
function translateMenuVisibleLocked ($content, $prefix = '') {
+ // 1st parameter should be an array
+ assert(is_array($content));
+
+ // Default is 'menu_unknown'
+ $content['visible_css'] = $prefix . 'menu_unknown';
+
// Translate 'visible' and keep an eye on the prefix
switch ($content['visible']) {
- // Should be visible
- case 'Y': $content['visible_css'] = $prefix . 'menu_visible' ; break;
- case 'N': $content['visible_css'] = $prefix . 'menu_invisible'; break;
- default:
- // Please report this
- debug_report_bug(__FUNCTION__, __LINE__, 'Unsupported visible value detected. content=
' . print_r($content, true) . '
');
+ case 'Y': // Should be visible
+ $content['visible_css'] = $prefix . 'menu_visible';
+ break;
+
+ case 'N': // Is invisible
+ $content['visible_css'] = $prefix . 'menu_invisible';
+ break;
+
+ default: // Please report this
+ reportBug(__FUNCTION__, __LINE__, 'Unsupported visible value detected. content=
' . print_r($content, TRUE) . '
');
break;
} // END - switch
// Translate 'locked' and keep an eye on the prefix
switch ($content['locked']) {
- // Should be locked
- case 'Y': $content['locked_css'] = $prefix . 'menu_locked' ; break;
- case 'N': $content['locked_css'] = $prefix . 'menu_unlocked'; break;
- default:
- // Please report this
- debug_report_bug(__FUNCTION__, __LINE__, 'Unsupported locked value detected. content=
' . print_r($content, true) . '
');
+ case 'Y': // Should be locked, only admins can call this
+ $content['locked_css'] = $prefix . 'menu_locked';
+ break;
+
+ case 'N': // Is unlocked and visible to members/guests/sponsors
+ $content['locked_css'] = $prefix . 'menu_unlocked';
+ break;
+
+ default: // Please report this
+ reportBug(__FUNCTION__, __LINE__, 'Unsupported locked value detected. content=
' . print_r($content, TRUE) . '
');
break;
} // END - switch
@@ -475,22 +358,36 @@ function translateMenuVisibleLocked ($content, $prefix = '') {
}
// Generates an URL for the dereferer
-function generateDerefererUrl ($URL) {
+function generateDereferrerUrl ($url) {
// Don't de-refer our own links!
- if (substr($URL, 0, strlen(getUrl())) != getUrl()) {
- // De-refer this link
- $URL = '{%url=modules.php?module=loader&url=' . encodeString(compileUriCode($URL)) . '%}';
+ if ((!empty($url)) && (substr($url, 0, strlen(getUrl())) != getUrl())) {
+ // Encode URL
+ $encodedUrl = encodeString(compileUriCode($url));
+
+ // Generate hash
+ $hash = generateHash($url . getSiteKey() . getDateKey());
+
+ // Log plain URL and hash
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'url=' . $url . ',hash=' . $hash . '(' . strlen($hash) . ')');
+
+ // De-refer this URL
+ $url = sprintf(
+ '{%%url=modules.php?module=loader&url=%s&hash=%s&salt=%s%%}',
+ $encodedUrl,
+ encodeHashForCookie($hash),
+ substr($hash, 0, getSaltLength())
+ );
} // END - if
// Return link
- return $URL;
+ return $url;
}
// Generates an URL for the frametester
-function generateFrametesterUrl ($URL) {
+function generateFrametesterUrl ($url) {
// Prepare frametester URL
- $frametesterUrl = sprintf("{%%url=modules.php?module=frametester&url=%s%%}",
- encodeString(compileUriCode($URL))
+ $frametesterUrl = sprintf('{%%url=modules.php?module=frametester&url=%s%%}',
+ encodeString(compileUriCode($url))
);
// Return the new URL
@@ -502,16 +399,19 @@ function countSelection ($array) {
// Integrity check
if (!is_array($array)) {
// Not an array!
- debug_report_bug(__FUNCTION__, __LINE__, 'No array provided.');
+ reportBug(__FUNCTION__, __LINE__, 'No array provided.');
} // END - if
// Init count
$ret = '0';
// Count all entries
- foreach ($array as $key => $selected) {
+ foreach ($array as $selected) {
// Is it checked?
- if (!empty($selected)) $ret++;
+ if (!empty($selected)) {
+ // Yes, then count it
+ $ret++;
+ } // END - if
} // END - foreach
// Return counted selections
@@ -537,58 +437,58 @@ function makeTime ($hours, $minutes, $seconds, $stamp) {
}
// Redirects to an URL and if neccessarry extends it with own base URL
-function redirectToUrl ($URL, $allowSpider = true) {
+// @TODO $allowSpider is unused
+function redirectToUrl ($url, $allowSpider = TRUE, $compileCode = TRUE) {
+ // Is the output mode -2?
+ if (isAjaxOutputMode()) {
+ // This is always (!) an AJAX request and shall not be redirected
+ return;
+ } // END - if
+
// Remove {%url=
- if (substr($URL, 0, 6) == '{%url=') $URL = substr($URL, 6, -2);
+ if (substr($url, 0, 6) == '{%url=') {
+ $url = substr($url, 6, -2);
+ } // END - if
- // Compile out codes
- eval('$URL = "' . compileRawCode(encodeUrl($URL)) . '";');
+ // Compile codes out?
+ if ($compileCode === TRUE) {
+ // Compile out codes
+ eval('$url = "' . compileRawCode(encodeUrl($url)) . '";');
+ } // END - if
// Default 'rel' value is external, nofollow is evil from Google and hurts the Internet
$rel = ' rel="external"';
- // Do we have internal or external URL?
- if (substr($URL, 0, strlen(getUrl())) == getUrl()) {
+ // Is there internal or external URL?
+ if (substr($url, 0, strlen(getUrl())) == getUrl()) {
// Own (=internal) URL
$rel = '';
} // END - if
// Three different ways to debug...
- //* DEBUG: */ debug_report_bug(__FUNCTION__, __LINE__, sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL));
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $URL);
- //* DEBUG: */ die($URL);
-
- // Simple probe for bots/spiders from search engines
- if ((isSpider()) && ($allowSpider === true)) {
- // Set HTTP-Status
- setHttpStatus('200 OK');
-
- // Set content-type here to fix a missing array element
- setContentType('text/html');
-
- // Output new location link as anchor
- outputHtml('' . secureString($URL) . '');
- } elseif (!headers_sent()) {
- // Clear output buffer
- clearOutputBuffer();
-
- // Clear own output buffer
- $GLOBALS['output'] = '';
-
- // Set header
- setHttpStatus('302 Found');
+ //* DEBUG: */ reportBug(__FUNCTION__, __LINE__, 'URL=' . $url);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $url);
+ //* DEBUG-DIE: */ die(__METHOD__ . ':url=' . $url . ' compileCode=' . intval($compileCode));
+
+ // We should not sent a redirect if headers are already sent
+ if (!headers_sent()) {
+ // Compile again?
+ if ($compileCode === TRUE) {
+ // Do final compilation
+ $url = doFinalCompilation(str_replace('&', '&', $url), FALSE);
+ } // END - if
// Load URL when headers are not sent
- sendRawRedirect(doFinalCompilation(str_replace('&', '&', $URL), false));
+ sendRawRedirect($url);
} else {
// Output error message
- loadInclude('inc/header.php');
- loadTemplate('redirect_url', false, str_replace('&', '&', $URL));
- loadInclude('inc/footer.php');
+ loadPageHeader();
+ loadTemplate('redirect_url', FALSE, str_replace('&', '&', $url));
+ loadPageFooter();
}
// Shut the mailer down here
- shutdown();
+ doShutdown();
}
/************************************************************************
@@ -598,36 +498,36 @@ function redirectToUrl ($URL, $allowSpider = true) {
* *
* $array - Das 3-dimensionale Array, das paralell sortiert werden soll *
* $a_sort - Array, das die Sortiereihenfolge der ersten Elementeben *
- * $primary_key - Prim.rschl.ssel aus $a_sort, nach dem sortiert wird *
+ * $primary_key - Primaerschl.ssel aus $a_sort, nach dem sortiert wird *
* $order - Sortiereihenfolge: -1 = a-Z, 0 = keine, 1 = Z-a *
- * $nums - true = Als Zahlen sortieren, false = Als Zeichen sortieren *
+ * $nums - TRUE = Als Zahlen sortieren, FALSE = Als Zeichen sortieren *
* *
* $a_sort muss Elemente enthalten, deren Wert Schluessel von $array *
* sind... Klingt kompliziert, suchen Sie mal mein Beispiel, dann sehen *
* Sie, dass es doch nicht so schwer ist! :-) *
* *
************************************************************************/
-function array_pk_sort (&$array, $a_sort, $primary_key = '0', $order = -1, $nums = false) {
- $dummy = $array;
+function array_pk_sort (&$array, $a_sort, $primary_key = '0', $order = -1, $nums = FALSE) {
+ $temporaryArray = $array;
while ($primary_key < count($a_sort)) {
- foreach ($dummy[$a_sort[$primary_key]] as $key => $value) {
- foreach ($dummy[$a_sort[$primary_key]] as $key2 => $value2) {
- $match = false;
- if ($nums === false) {
+ foreach ($temporaryArray[$a_sort[$primary_key]] as $key => $value) {
+ foreach ($temporaryArray[$a_sort[$primary_key]] as $key2 => $value2) {
+ $match = FALSE;
+ if ($nums === FALSE) {
// Sort byte-by-byte (also numbers will be interpreted as chars! E.g.: "9" > "10")
- if (($key != $key2) && (strcmp(strtolower($dummy[$a_sort[$primary_key]][$key]), strtolower($dummy[$a_sort[$primary_key]][$key2])) == $order)) $match = true;
+ if (($key != $key2) && (strcmp(strtolower($temporaryArray[$a_sort[$primary_key]][$key]), strtolower($temporaryArray[$a_sort[$primary_key]][$key2])) == $order)) $match = TRUE;
} elseif ($key != $key2) {
// Sort numbers (E.g.: 9 < 10)
- if (($dummy[$a_sort[$primary_key]][$key] < $dummy[$a_sort[$primary_key]][$key2]) && ($order == -1)) $match = true;
- if (($dummy[$a_sort[$primary_key]][$key] > $dummy[$a_sort[$primary_key]][$key2]) && ($order == 1)) $match = true;
+ if (($temporaryArray[$a_sort[$primary_key]][$key] < $temporaryArray[$a_sort[$primary_key]][$key2]) && ($order == -1)) $match = TRUE;
+ if (($temporaryArray[$a_sort[$primary_key]][$key] > $temporaryArray[$a_sort[$primary_key]][$key2]) && ($order == 1)) $match = TRUE;
}
if ($match) {
// We have found two different values, so let's sort whole array
- foreach ($dummy as $sort_key => $sort_val) {
- $t = $dummy[$sort_key][$key];
- $dummy[$sort_key][$key] = $dummy[$sort_key][$key2];
- $dummy[$sort_key][$key2] = $t;
+ foreach ($temporaryArray as $sort_key => $sort_val) {
+ $t = $temporaryArray[$sort_key][$key];
+ $temporaryArray[$sort_key][$key] = $temporaryArray[$sort_key][$key2];
+ $temporaryArray[$sort_key][$key2] = $t;
unset($t);
} // END - foreach
} // END - if
@@ -639,102 +539,130 @@ function array_pk_sort (&$array, $a_sort, $primary_key = '0', $order = -1, $nums
} // END - while
// Write back sorted array
- $array = $dummy;
+ $array = $temporaryArray;
}
//
-// Deprecated : $length
-// Optional : $DATA
+// Deprecated : $length (still has one reference in this function)
+// Optional : $extraData
//
-function generateRandomCode ($length, $code, $userid, $DATA = '') {
+function generateRandomCode ($length, $code, $userid, $extraData = '') {
// Build server string
- $server = $_SERVER['PHP_SELF'] . getEncryptSeperator() . detectUserAgent() . getEncryptSeperator() . getenv('SERVER_SOFTWARE') . getEncryptSeperator() . detectRemoteAddr();
+ $server = $_SERVER['REQUEST_URI'] . getEncryptSeparator() . detectUserAgent() . getEncryptSeparator() . getenv('SERVER_SOFTWARE') . getEncryptSeparator() . detectRealIpAddress() . getEncryptSeparator() . detectRemoteAddr();
// Build key string
- $keys = getConfig('SITE_KEY') . getEncryptSeperator() . getConfig('DATE_KEY');
- if (isConfigEntrySet('secret_key')) $keys .= getEncryptSeperator().getSecretKey();
- if (isConfigEntrySet('file_hash')) $keys .= getEncryptSeperator().getFileHash();
- $keys .= getEncryptSeperator() . getDateFromPatchTime();
- if (isConfigEntrySet('master_salt')) $keys .= getEncryptSeperator().getMasterSalt();
+ $keys = getSiteKey() . getEncryptSeparator() . getDateKey();
+ if (isConfigEntrySet('secret_key')) {
+ $keys .= getEncryptSeparator() . getSecretKey();
+ } // END - if
+ if (isConfigEntrySet('file_hash')) {
+ $keys .= getEncryptSeparator() . getFileHash();
+ } // END - if
+
+ if (isConfigEntrySet('master_salt')) {
+ $keys .= getEncryptSeparator() . getMasterSalt();
+ } // END - if
// Build string from misc data
- $data = $code . getEncryptSeperator() . $userid . getEncryptSeperator() . $DATA;
+ $data = $code . getEncryptSeparator() . $userid . getEncryptSeparator() . $extraData;
// Add more additional data
- if (isSessionVariableSet('u_hash')) $data .= getEncryptSeperator() . getSession('u_hash');
+ if (isSessionVariableSet('u_hash')) {
+ $data .= getEncryptSeparator() . getSession('u_hash');
+ } // END - if
- // Add referal id, language, theme and userid
- $data .= getEncryptSeperator() . determineReferalId();
- $data .= getEncryptSeperator() . getLanguage();
- $data .= getEncryptSeperator() . getCurrentTheme();
- $data .= getEncryptSeperator() . getMemberId();
+ // Add referral id, language, theme and userid
+ $data .= getEncryptSeparator() . determineReferralId();
+ $data .= getEncryptSeparator() . getLanguage();
+ $data .= getEncryptSeparator() . getCurrentTheme();
+ $data .= getEncryptSeparator() . getMemberId();
// Calculate number for generating the code
$a = $code + getConfig('_ADD') - 1;
if (isConfigEntrySet('master_salt')) {
// Generate hash with master salt from modula of number with the prime number and other data
- $saltedHash = generateHash(($a % getPrime()) . getEncryptSeperator() . $server . getEncryptSeperator() . $keys . getEncryptSeperator() . $data . getEncryptSeperator() . getConfig('DATE_KEY') . getEncryptSeperator() . $a, getMasterSalt());
-
- // Create number from hash
- $rcode = hexdec(substr($saltedHash, strlen(getMasterSalt()), 9)) / abs(getConfig('rand_no') - $a + sqrt(getConfig('_ADD'))) / pi();
+ $saltedHash = generateHash(($a % getPrime()) . getEncryptSeparator() . $server . getEncryptSeparator() . $keys . getEncryptSeparator() . $data . getEncryptSeparator() . getDateKey() . getEncryptSeparator() . $a, getMasterSalt());
} else {
// Generate hash with "hash of site key" from modula of number with the prime number and other data
- $saltedHash = generateHash(($a % getPrime()) . getEncryptSeperator() . $server . getEncryptSeperator() . $keys . getEncryptSeperator() . $data . getEncryptSeperator() . getConfig('DATE_KEY') . getEncryptSeperator() . $a, substr(sha1(getConfig('SITE_KEY')), 0, getSaltLength()));
-
- // Create number from hash
- $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(getConfig('rand_no') - $a + sqrt(getConfig('_ADD'))) / pi();
+ $saltedHash = generateHash(($a % getPrime()) . getEncryptSeparator() . $server . getEncryptSeparator() . $keys . getEncryptSeparator() . $data . getEncryptSeparator() . getDateKey() . getEncryptSeparator() . $a, substr(sha1(getSiteKey()), 0, getSaltLength()));
}
+ // Create number from hash
+ $rcode = hexdec(substr($saltedHash, getSaltLength(), 9)) / abs(getRandNo() - $a + sqrt(getConfig('_ADD'))) / pi();
+
// At least 10 numbers shall be secure enought!
- $len = getConfig('code_length');
- if ($len == '0') $len = $length;
- if ($len == '0') $len = 10;
+ if (isExtensionActive('other')) {
+ $len = getCodeLength();
+ } else {
+ $len = $length;
+ } // END - if
+
+ // Smaller 1 is not okay
+ if ($len < 1) {
+ // Fix it to 10
+ $len = 10;
+ } // END - if
- // Cut off requested counts of number
- $return = substr(str_replace('.', '', $rcode), 0, $len);
+ // Cut off requested counts of number, but skip first digit (which is mostly a zero)
+ $return = substr($rcode, (strpos($rcode, '.') + 1), $len);
// Done building code
return $return;
}
// Does only allow numbers
-function bigintval ($num, $castValue = true, $abortOnMismatch = true) {
- // Filter all numbers out
+function bigintval ($num, $castValue = TRUE, $abortOnMismatch = TRUE) {
+ //* DEBUG: */ debugOutput('[' . __FUNCTION__ . ':' . __LINE__ . '] ' . 'num=' . $num . ',castValue=' . intval($castValue) . ',abortOnMismatch=' . intval($abortOnMismatch) . ' - ENTERED!');
+ // Filter all non-number chars out, so only number chars will remain
$ret = preg_replace('/[^0123456789]/', '', $num);
// Shall we cast?
- if ($castValue === true) $ret = (double)$ret;
+ if ($castValue === TRUE) {
+ // Cast to biggest numeric type
+ $ret = (double) $ret;
+ } // END - if
// Has the whole value changed?
- if (('' . $ret . '' != '' . $num . '') && ($abortOnMismatch === true)) {
+ if (('' . $ret . '' != '' . $num . '') && ($abortOnMismatch === TRUE) && (!is_null($num))) {
// Log the values
- debug_report_bug(__FUNCTION__, __LINE__, 'Problem with number found. ret=' . $ret . ', num='. $num);
+ reportBug(__FUNCTION__, __LINE__, 'Problem with number found. ret[' . gettype($ret) . ']=' . $ret . ', num[' . gettype($num) . ']='. $num);
} // END - if
// Return result
+ //* DEBUG: */ debugOutput('[' . __FUNCTION__ . ':' . __LINE__ . '] ' . 'num=' . $num . ',castValue=' . intval($castValue) . ',abortOnMismatch=' . intval($abortOnMismatch) . ',ret=' . $ret . ' - EXIT!');
return $ret;
}
// Creates a Uni* timestamp from given selection data and prefix
-function createTimestampFromSelections ($prefix, $postData) {
+function createEpocheTimeFromSelections ($prefix, $postData) {
+ // Assert on typical array element (maybe all?)
+ assert(isset($postData[$prefix . '_ye']));
+
// Initial return value
$ret = '0';
- // Do we have a leap year?
+ // Is there a leap year?
$SWITCH = '0';
- $TEST = getYear() / 4;
- $M1 = getMonth();
+ $TEST = getYear() / 4;
+ $M1 = getMonth();
// If so and if current time is before 02/29 and estimated time is after 02/29 then add 86400 seconds (one day)
- if ((floor($TEST) == $TEST) && ($M1 == '02') && ($postData[$prefix . '_mo'] > '02')) $SWITCH = getConfig('ONE_DAY');
+ // 01 2 2 1 1 1 123 4 43 3 32 233 4 43 3 3210
+ if ((floor($TEST) == $TEST) && ($M1 == '02') && (((isset($postData[$prefix . '_mo'])) && ($postData[$prefix . '_mo'] > '02')) || ((isset($postData[$prefix . '_mn'])) && ($postData[$prefix . '_mn'] > '02')))) {
+ $SWITCH = getOneDay();
+ } // END - if
// First add years...
$ret += $postData[$prefix . '_ye'] * (31536000 + $SWITCH);
// Next months...
- $ret += $postData[$prefix . '_mo'] * 2628000;
+ if (isset($postData[$prefix . '_mo'])) {
+ $ret += $postData[$prefix . '_mo'] * 2628000;
+ } elseif (isset($postData[$prefix . '_mn'])) {
+ $ret += $postData[$prefix . '_mn'] * 2628000;
+ }
// Next weeks
$ret += $postData[$prefix . '_we'] * 604800;
@@ -758,383 +686,88 @@ function createTimestampFromSelections ($prefix, $postData) {
// Creates a 'fancy' human-readable timestamp from a Uni* stamp
function createFancyTime ($stamp) {
// Get data array with years/months/weeks/days/...
- $data = createTimeSelections($stamp, '', '', '', true);
+ $data = createTimeSelections($stamp, '', '', '', TRUE);
$ret = '';
- foreach($data as $k => $v) {
+ foreach ($data as $k => $v) {
if ($v > 0) {
// Value is greater than 0 "eval" data to return string
- eval('$ret .= ", ".$v." {--_' . strtoupper($k) . '--}";');
+ $ret .= ', ' . $v . ' {%pipe,translateTimeUnit=' . $k . '%}';
break;
} // END - if
} // END - foreach
- // Do we have something there?
- if (strlen($ret) > 0) {
+ // Is something there?
+ if (!empty($ret)) {
// Remove leading commata and space
$ret = substr($ret, 2);
} else {
// Zero seconds
- $ret = '0 {--_SECONDS--}';
+ $ret = '0 {--TIME_UNIT_SECOND--}';
}
// Return fancy time string
return $ret;
}
-// Extract host from script name
-function extractHostnameFromUrl (&$script) {
- // Use default SERVER_URL by default... ;) So?
- $url = getServerUrl();
-
- // Is this URL valid?
- if (substr($script, 0, 7) == 'http://') {
- // Use the hostname from script URL as new hostname
- $url = substr($script, 7);
- $extract = explode('/', $url);
- $url = $extract[0];
- // Done extracting the URL :)
- } // END - if
-
- // Extract host name
- $host = str_replace('http://', '', $url);
- if (isInString('/', $host)) $host = substr($host, 0, strpos($host, '/'));
-
- // Generate relative URL
- //* DEBUG: */ debugOutput('SCRIPT=' . $script);
- if (substr(strtolower($script), 0, 7) == 'http://') {
- // But only if http:// is in front!
- $script = substr($script, (strlen($url) + 7));
- } elseif (substr(strtolower($script), 0, 8) == 'https://') {
- // Does this work?!
- $script = substr($script, (strlen($url) + 8));
- }
-
- //* DEBUG: */ debugOutput('SCRIPT=' . $script);
- if (substr($script, 0, 1) == '/') $script = substr($script, 1);
-
- // Return host name
- return $host;
-}
-
-// Send a GET request
-function sendGetRequest ($script, $data = array()) {
- // Extract host name from script
- $host = extractHostnameFromUrl($script);
-
- // Add data
- $body = http_build_query($data, '', '&');
-
- // Do we have a question-mark in the script?
- if (strpos($script, '?') === false) {
- // No, so first char must be question mark
- $body = '?' . $body;
- } else {
- // Ok, add &
- $body = '&' . $body;
- }
-
- // Add script data
- $script .= $body;
-
- // Remove trailed & to make it more conform
- if (substr($script, -1, 1) == '&') $script = substr($script, 0, -1);
-
- // Generate GET request header
- $request = 'GET /' . trim($script) . ' HTTP/1.1' . getConfig('HTTP_EOL');
- $request .= 'Host: ' . $host . getConfig('HTTP_EOL');
- $request .= 'Referer: ' . getUrl() . '/admin.php' . getConfig('HTTP_EOL');
- if (isConfigEntrySet('FULL_VERSION')) {
- $request .= 'User-Agent: ' . getTitle() . '/' . getFullVersion() . getConfig('HTTP_EOL');
- } else {
- $request .= 'User-Agent: ' . getTitle() . '/' . getConfig('VERSION') . getConfig('HTTP_EOL');
- }
- $request .= 'Accept: image/png,image/*;q=0.8,text/plain,text/html,*/*;q=0.5' . getConfig('HTTP_EOL');
- $request .= 'Accept-Charset: UTF-8,*' . getConfig('HTTP_EOL');
- $request .= 'Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0' . getConfig('HTTP_EOL');
- $request .= 'Connection: close' . getConfig('HTTP_EOL');
- $request .= getConfig('HTTP_EOL');
-
- // Send the raw request
- $response = sendRawRequest($host, $request);
-
- // Return the result to the caller function
- return $response;
-}
-
-// Send a POST request
-function sendPostRequest ($script, $postData) {
- // Is postData an array?
- if (!is_array($postData)) {
- // Abort here
- logDebugMessage(__FUNCTION__, __LINE__, sprintf("postData is not an array. Type: %s", gettype($postData)));
- return array('', '', '');
- } // END - if
-
- // Extract host name from script
- $host = extractHostnameFromUrl($script);
-
- // Construct request body
- $body = http_build_query($postData, '', '&');
-
- // Generate POST request header
- $request = 'POST /' . trim($script) . ' HTTP/1.0' . getConfig('HTTP_EOL');
- $request .= 'Host: ' . $host . getConfig('HTTP_EOL');
- $request .= 'Referer: ' . getUrl() . '/admin.php' . getConfig('HTTP_EOL');
- $request .= 'User-Agent: ' . getTitle() . '/' . getFullVersion() . getConfig('HTTP_EOL');
- $request .= 'Accept: text/plain;q=0.8' . getConfig('HTTP_EOL');
- $request .= 'Accept-Charset: UTF-8,*' . getConfig('HTTP_EOL');
- $request .= 'Cache-Control: no-cache' . getConfig('HTTP_EOL');
- $request .= 'Content-Type: application/x-www-form-urlencoded' . getConfig('HTTP_EOL');
- $request .= 'Content-Length: ' . strlen($body) . getConfig('HTTP_EOL');
- $request .= 'Connection: close' . getConfig('HTTP_EOL');
- $request .= getConfig('HTTP_EOL');
-
- // Add body
- $request .= $body;
-
- // Send the raw request
- $response = sendRawRequest($host, $request);
-
- // Return the result to the caller function
- return $response;
-}
-
-// Sends a raw request to another host
-function sendRawRequest ($host, $request) {
- // Init errno and errdesc with 'all fine' values
- $errno = '0'; $errdesc = '';
-
- // Initialize array
- $response = array('', '', '');
-
- // Default is not to use proxy
- $useProxy = false;
-
- // Are proxy settins set?
- if (isProxyUsed()) {
- // Then use it
- $useProxy = true;
- } // END - if
-
- // Load include
- loadIncludeOnce('inc/classes/resolver.class.php');
-
- // Get resolver instance
- $resolver = new HostnameResolver();
-
- // Open connection
- //* DEBUG: */ die('SCRIPT=' . $script);
- if ($useProxy === true) {
- // Resolve hostname into IP address
- $ip = $resolver->resolveHostname(compileRawCode(getConfig('proxy_host')));
-
- // Connect to host through proxy connection
- $fp = fsockopen($ip, bigintval(getConfig('proxy_port')), $errno, $errdesc, 30);
- } else {
- // Resolve hostname into IP address
- $ip = $resolver->resolveHostname($host);
-
- // Connect to host directly
- $fp = fsockopen($ip, 80, $errno, $errdesc, 30);
- }
-
- // Is there a link?
- if (!is_resource($fp)) {
- // Failed!
- logDebugMessage(__FUNCTION__, __LINE__, $errdesc . ' (' . $errno . ')');
- return $response;
- } elseif ((!stream_set_blocking($fp, 0)) || (!stream_set_timeout($fp, 1))) {
- // Cannot set non-blocking mode or timeout
- logDebugMessage(__FUNCTION__, __LINE__, socket_strerror(socket_last_error()));
- return $response;
- }
-
- // Do we use proxy?
- if ($useProxy === true) {
- // Setup proxy tunnel
- $response = setupProxyTunnel($host, $fp);
-
- // If the response is invalid, abort
- if ((count($response) == 3) && (empty($response[0])) && (empty($response[1])) && (empty($response[2]))) {
- // Invalid response!
- logDebugMessage(__FUNCTION__, __LINE__, 'Proxy tunnel not working?');
- return $response;
- } // END - if
- } // END - if
-
- // Write request
- fwrite($fp, $request);
-
- // Start counting
- $start = microtime(true);
-
- // Read response
- while (!feof($fp)) {
- // Get info from stream
- $info = stream_get_meta_data($fp);
-
- // Is it timed out? 15 seconds is a really patient...
- if (($info['timed_out'] == true) || (microtime(true) - $start) > 15) {
- // Timeout
- logDebugMessage(__FUNCTION__, __LINE__, 'Timed out to get data from host ' . $host);
-
- // Abort here
- break;
- } // END - if
-
- // Get line from stream
- $line = fgets($fp, 128);
-
- // Ignore empty lines because of non-blocking mode
- if (empty($line)) {
- // uslepp a little to avoid 100% CPU load
- usleep(10);
-
- // Skip this
- continue;
- } // END - if
-
- // Add it to response
- $response[] = trim($line);
- } // END - while
-
- // Close socket
- fclose($fp);
-
- // Time request if debug-mode is enabled
- if (isDebugModeEnabled()) {
- // Add debug message...
- logDebugMessage(__FUNCTION__, __LINE__, 'Request took ' . (microtime(true) - $start) . ' seconds and returned ' . count($response) . ' line(s).');
- } // END - if
-
- // Skip first empty lines
- $resp = $response;
- foreach ($resp as $idx => $line) {
- // Trim space away
- $line = trim($line);
-
- // Is this line empty?
- if (empty($line)) {
- // Then remove it
- array_shift($response);
- } else {
- // Abort on first non-empty line
- break;
- }
- } // END - foreach
-
- //* DEBUG: */ debugOutput('Request:
'.print_r($request, true).'
');
- //* DEBUG: */ debugOutput('Response:
'.print_r($response, true).'
');
-
- // Proxy agent found or something went wrong?
- if (!isset($response[0])) {
- // No response, maybe timeout
- $response = array('', '', '');
- logDebugMessage(__FUNCTION__, __LINE__, 'Invalid empty response array, maybe timed out?');
- } elseif ((substr(strtolower($response[0]), 0, 11) == 'proxy-agent') && ($useProxy === true)) {
- // Proxy header detected, so remove two lines
- array_shift($response);
- array_shift($response);
- } // END - if
-
- // Was the request successfull?
- if ((!isInStringIgnoreCase('200 OK', $response[0])) || (empty($response[0]))) {
- // Not found / access forbidden
- logDebugMessage(__FUNCTION__, __LINE__, 'Unexpected status code ' . $response[0] . ' detected. "200 OK" was expected.');
- $response = array('', '', '');
- } // END - if
-
- // Return response
- return $response;
-}
-
-// Sets up a proxy tunnel for given hostname and through resource
-function setupProxyTunnel ($host, $resource) {
- // Initialize array
- $response = array('', '', '');
-
- // Generate CONNECT request header
- $proxyTunnel = 'CONNECT ' . $host . ':80 HTTP/1.0' . getConfig('HTTP_EOL');
- $proxyTunnel .= 'Host: ' . $host . getConfig('HTTP_EOL');
-
- // Use login data to proxy? (username at least!)
- if (getConfig('proxy_username') != '') {
- // Add it as well
- $encodedAuth = base64_encode(compileRawCode(getConfig('proxy_username')) . ':' . compileRawCode(getConfig('proxy_password')));
- $proxyTunnel .= 'Proxy-Authorization: Basic ' . $encodedAuth . getConfig('HTTP_EOL');
- } // END - if
+// Taken from www.php.net isInStringIgnoreCase() user comments
+function isEmailValid ($email) {
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'email=' . $email . ' - ENTERED!');
- // Add last new-line
- $proxyTunnel .= getConfig('HTTP_EOL');
- //* DEBUG: */ debugOutput('proxyTunnel=
' . $proxyTunnel.'
');
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__][$email])) {
+ // Check first part of email address
+ $first = '[-a-z0-9!#$%&\'*+/=?^_<{|}~]+(\.[-a-zA-Z0-9!#$%&\'*+/=?^_<{|}~]+)*';
- // Write request
- fwrite($fp, $proxyTunnel);
+ // Check domain
+ $domain = '[a-z0-9-]+(\.[a-z0-9-]{2,5})+';
- // Got response?
- if (feof($fp)) {
- // No response received
- return $response;
- } // END - if
+ // Generate pattern
+ $regex = '@^' . $first . '\@' . $domain . '$@iU';
- // Read the first line
- $resp = trim(fgets($fp, 10240));
- $respArray = explode(' ', $resp);
- if ((strtolower($respArray[0]) !== 'http/1.0') || ($respArray[1] != '200')) {
- // Invalid response!
- return $response;
+ // Determine it
+ $GLOBALS[__FUNCTION__][$email] = (($email != getMessage('DEFAULT_WEBMASTER')) && (preg_match($regex, $email)));
} // END - if
- // All fine!
- return $respArray;
-}
-
-// Taken from www.php.net isInStringIgnoreCase() user comments
-function isEmailValid ($email) {
- // Check first part of email address
- $first = '[-a-z0-9!#$%&\'*+/=?^_<{|}~]+(\.[-a-zA-Z0-9!#$%&\'*+/=?^_<{|}~]+)*';
-
- // Check domain
- $domain = '[a-z0-9-]+(\.[a-z0-9-]{2,5})+';
-
- // Generate pattern
- $regex = '@^' . $first . '\@' . $domain . '$@iU';
-
// Return check result
- return preg_match($regex, $email);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'email=' . $email . ',isValid=' . intval($GLOBALS[__FUNCTION__][$email]) . ' - EXIT!');
+ return $GLOBALS[__FUNCTION__][$email];
}
// Function taken from user comments on www.php.net / function isInStringIgnoreCase()
-function isUrlValid ($URL, $compile=true) {
+function isUrlValid ($url, $compile = TRUE) {
// Trim URL a little
- $URL = trim(urldecode($URL));
- //* DEBUG: */ debugOutput($URL);
+ $url = trim(urldecode($url));
+ //* DEBUG: */ debugOutput($url);
// Compile some chars out...
- if ($compile === true) $URL = compileUriCode($URL, false, false, false);
- //* DEBUG: */ debugOutput($URL);
+ if ($compile === TRUE) {
+ $url = compileUriCode($url, FALSE, FALSE, FALSE);
+ } // END - if
+ //* DEBUG: */ debugOutput($url);
// Check for the extension filter
if (isExtensionActive('filter')) {
// Use the extension's filter set
- return FILTER_VALIDATE_URL($URL, false);
+ return FILTER_VALIDATE_URL($url, FALSE);
} // END - if
- // If not installed, perform a simple test. Just make it sure there is always a http:// or
- // https:// in front of the URLs
- return isUrlValidSimple($URL);
+ /*
+ * If not installed, perform a simple test. Just make it sure there is always a
+ * http:// or https:// in front of the URLs.
+ */
+ return isUrlValidSimple($url);
}
// Generate a hash for extra-security for all passwords
-function generateHash ($plainText, $salt = '', $hash = true) {
+function generateHash ($plainText, $salt = '', $hash = TRUE) {
// Debug output
- //* DEBUG: */ debugOutput('plainText('.strlen($plainText).')=' . $plainText . ',salt('.strlen($salt).')=' . $salt . ',hash=' . intval($hash));
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'plainText('.strlen($plainText).')=' . $plainText . ',salt('.strlen($salt).')=' . $salt . ',hash=' . intval($hash));
// Is the required extension 'sql_patches' there and a salt is not given?
// 123 4 43 3 4 432 2 3 32 2 3 32 2 3 3 21
if (((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) && (empty($salt))) || (!isExtensionActive('sql_patches')) || (!isExtensionInstalledAndNewer('other', '0.2.5')) || (strlen($salt) == 32)) {
- // Extension sql_patches is missing/outdated so we hash the plain text with MD5
- if ($hash === true) {
+ // Extension ext-sql_patches is missing/outdated so we hash the plain text with MD5
+ if ($hash === TRUE) {
// Is plain password
return md5($plainText);
} else {
@@ -1143,47 +776,53 @@ function generateHash ($plainText, $salt = '', $hash = true) {
}
} // END - if
- // Do we miss an arry element here?
+ // Is an arry element missing here?
if (!isConfigEntrySet('file_hash')) {
// Stop here
- debug_report_bug(__FUNCTION__, __LINE__, 'Missing file_hash in ' . __FUNCTION__ . '.');
+ reportBug(__FUNCTION__, __LINE__, 'Missing file_hash in ' . __FUNCTION__ . '.');
} // END - if
// When the salt is empty build a new one, else use the first x configured characters as the salt
if (empty($salt)) {
// Build server string for more entropy
- $server = $_SERVER['PHP_SELF'] . getEncryptSeperator() . detectUserAgent() . getEncryptSeperator() . getenv('SERVER_SOFTWARE') . getEncryptSeperator() . detectRemoteAddr();
+ $server = $_SERVER['REQUEST_URI'] . getEncryptSeparator() . detectUserAgent() . getEncryptSeparator() . getenv('SERVER_SOFTWARE') . getEncryptSeparator() . detectRealIpAddress() . getEncryptSeparator() . detectRemoteAddr();
// Build key string
- $keys = getConfig('SITE_KEY') . getEncryptSeperator() . getConfig('DATE_KEY') . getEncryptSeperator() . getSecretKey() . getEncryptSeperator() . getFileHash() . getEncryptSeperator() . getDateFromPatchTime() . getEncryptSeperator() . getMasterSalt();
+ $keys = getSiteKey() . getEncryptSeparator() . getDateKey() . getEncryptSeparator() . getFileHash() . getEncryptSeparator() . getMasterSalt();
+
+ // Is the secret_key config entry set?
+ if (isConfigEntrySet('secret_key')) {
+ // Add it
+ $keys .= getEncryptSeparator() . getSecretKey();
+ } // END - if
// Additional data
- $data = $plainText . getEncryptSeperator() . uniqid(mt_rand(), true) . getEncryptSeperator() . time();
+ $data = $plainText . getEncryptSeparator() . uniqid(mt_rand(), TRUE) . getEncryptSeparator() . time();
// Calculate number for generating the code
$a = time() + getConfig('_ADD') - 1;
// Generate SHA1 sum from modula of number and the prime number
- $sha1 = sha1(($a % getPrime()) . $server . getEncryptSeperator() . $keys . getEncryptSeperator() . $data . getEncryptSeperator() . getConfig('DATE_KEY') . getEncryptSeperator() . $a);
- //* DEBUG: */ debugOutput('SHA1=' . $sha1.' ('.strlen($sha1).') ');
+ $sha1 = sha1(($a % getPrime()) . $server . getEncryptSeparator() . $keys . getEncryptSeparator() . $data . getEncryptSeparator() . getDateKey() . getEncryptSeparator() . $a);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SHA1=' . $sha1.' ('.strlen($sha1).')');
$sha1 = scrambleString($sha1);
- //* DEBUG: */ debugOutput('Scrambled=' . $sha1.' ('.strlen($sha1).') ');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Scrambled=' . $sha1.' ('.strlen($sha1).')');
//* DEBUG: */ $sha1b = descrambleString($sha1);
- //* DEBUG: */ debugOutput('Descrambled=' . $sha1b.' ('.strlen($sha1b).') ');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Descrambled=' . $sha1b.' ('.strlen($sha1b).')');
// Generate the password salt string
$salt = substr($sha1, 0, getSaltLength());
- //* DEBUG: */ debugOutput($salt.' ('.strlen($salt).') ');
+ //* DEBUG: */ debugOutput($salt.' ('.strlen($salt).')');
} else {
// Use given salt
- //* DEBUG: */ debugOutput('salt=' . $salt);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'salt=' . $salt);
$salt = substr($salt, 0, getSaltLength());
- //* DEBUG: */ debugOutput('salt=' . $salt . '(' . strlen($salt) . '/' . getSaltLength() . ') ');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'salt=' . $salt . '(' . strlen($salt) . '/' . getSaltLength() . ')');
// Sanity check on salt
if (strlen($salt) != getSaltLength()) {
// Not the same!
- debug_report_bug(__FUNCTION__, __LINE__, 'salt length mismatch! ('.strlen($salt).'/'.getSaltLength().')');
+ reportBug(__FUNCTION__, __LINE__, 'salt length mismatch! (' . strlen($salt) . '/' . getSaltLength() . ')');
} // END - if
}
@@ -1191,7 +830,7 @@ function generateHash ($plainText, $salt = '', $hash = true) {
$finalHash = $salt . sha1($salt . $plainText);
// Debug output
- //* DEBUG: */ debugOutput('finalHash('.strlen($finalHash).')=' . $finalHash);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'finalHash('.strlen($finalHash).')=' . $finalHash);
// Return hash
return $finalHash;
@@ -1202,20 +841,23 @@ function scrambleString ($str) {
// Init
$scrambled = '';
- // Final check, in case of failture it will return unscrambled string
+ // Final check, in case of failure it will return unscrambled string
if (strlen($str) > 40) {
// The string is to long
return $str;
- } elseif (strlen($str) == 40) {
+ } elseif ((strlen($str) == 40) && (getPassScramble() != '')) {
// From database
- $scrambleNums = explode(':', getPassScramble());
+ $scramble = getPassScramble();
} else {
// Generate new numbers
- $scrambleNums = explode(':', genScrambleString(strlen($str)));
+ $scramble = genScrambleString(strlen($str));
}
- // Compare both lengths and abort if different
- if (strlen($str) != count($scrambleNums)) return $str;
+ // Convert it into an array
+ $scrambleNums = explode(':', $scramble);
+
+ // Assert on both lengths
+ assert(strlen($str) == count($scrambleNums));
// Scramble string here
//* DEBUG: */ debugOutput('***Original=' . $str.'*** ');
@@ -1235,13 +877,17 @@ function scrambleString ($str) {
// De-scramble a string scrambled by scrambleString()
function descrambleString ($str) {
// Scramble only 40 chars long strings
- if (strlen($str) != 40) return $str;
+ if (strlen($str) != 40) {
+ return $str;
+ } // END - if
// Load numbers from config
$scrambleNums = explode(':', getPassScramble());
// Validate numbers
- if (count($scrambleNums) != 40) return $str;
+ if (count($scrambleNums) != 40) {
+ return $str;
+ } // END - if
// Begin descrambling
$orig = str_repeat(' ', 40);
@@ -1264,11 +910,11 @@ function genScrambleString ($len) {
// First we need to setup randomized numbers from 0 to 31
for ($idx = 0; $idx < $len; $idx++) {
// Generate number
- $rand = mt_rand(0, ($len -1));
+ $rand = mt_rand(0, ($len - 1));
// Check for it by creating more numbers
while (array_key_exists($rand, $scrambleNumbers)) {
- $rand = mt_rand(0, ($len -1));
+ $rand = mt_rand(0, ($len - 1));
} // END - while
// Add number
@@ -1277,6 +923,8 @@ function genScrambleString ($len) {
// So let's create the string for storing it in database
$scrambleString = implode(':', $scrambleNumbers);
+
+ // Return it
return $scrambleString;
}
@@ -1292,32 +940,40 @@ function encodeHashForCookie ($passHash) {
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, strlen($passHash) . '/' . strlen(getSecretKey()));
if ((strlen($passHash) != 49) || (strlen(getSecretKey()) != 40)) {
// Both keys must have same length so return unencrypted
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, strlen($passHash) . '!=49/' . strlen(getSecretKey()) . '!=40');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, strlen($passHash) . '!=49/' . strlen(getSecretKey()) . '!=40 - EXIT!');
return $ret;
} // END - if
$newHash = ''; $start = 9;
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'passHash=' . $passHash . '(' . strlen($passHash) . ')');
for ($idx = 0; $idx < 20; $idx++) {
- $part1 = hexdec(substr($passHash, ($idx * 2) + (strlen($passHash) - strlen(getSecretKey())), 2));
+ // Get hash parts and convert them (00-FF) to matching ASCII value (0-255)
+ $part1 = hexdec(substr($passHash , $start, 2));
$part2 = hexdec(substr(getSecretKey(), $start, 2));
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'part1=' . $part1 . '/part2=' . $part2);
+
+ // Default is hexadecimal of index if both are same
$mod = dechex($idx);
+
+ // Is part1 larger or part2 than its counter part?
if ($part1 > $part2) {
+ // part1 is larger
$mod = dechex(sqrt(($part1 - $part2) * getPrime() / pi()));
} elseif ($part2 > $part1) {
+ // part2 is larger
$mod = dechex(sqrt(($part2 - $part1) * getPrime() / pi()));
}
+
$mod = substr($mod, 0, 2);
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'part1=' . $part1 . '/part2=' . $part2 . '/mod=' . $mod . '(' . strlen($mod) . ')');
- $mod = str_repeat(0, (2 - strlen($mod))) . $mod;
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'idx=' . $idx . ',part1=' . $part1 . '/part2=' . $part2 . '/mod=' . $mod . '(' . strlen($mod) . ')');
+ $mod = padLeftZero($mod, 2);
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'mod(' . ($idx * 2) . ')=' . $mod . '*');
$start += 2;
$newHash .= $mod;
} // END - for
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $passHash . ',' . $newHash . ' (' . strlen($newHash) . ')');
- $ret = generateHash($newHash, getMasterSalt());
+ // Just copy it over, as the master salt is not really helpful here
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $passHash . '(' . strlen($passHash) . '),' . $newHash . ' (' . strlen($newHash) . ')');
+ $ret = $newHash;
} // END - if
// Return result
@@ -1328,7 +984,7 @@ function encodeHashForCookie ($passHash) {
// Fix "deleted" cookies
function fixDeletedCookies ($cookies) {
// Is this an array with entries?
- if ((is_array($cookies)) && (count($cookies) > 0)) {
+ if (isFilledArray($cookies)) {
// Then check all cookies if they are marked as deleted!
foreach ($cookies as $cookieName) {
// Is the cookie set to "deleted"?
@@ -1350,11 +1006,20 @@ function getCurrentTheme () {
// The default theme is 'default'... ;-)
$ret = 'default';
- // Do we have ext-theme installed and active?
+ // Is there ext-theme installed and active or is 'theme' in URL or POST data?
if (isExtensionActive('theme')) {
// Call inner method
$ret = getActualTheme();
- } // END - if
+ } elseif ((isPostRequestElementSet('theme')) && (isThemeReadable(postRequestElement('theme')))) {
+ // Use value from POST data
+ $ret = postRequestElement('theme');
+ } elseif ((isGetRequestElementSet('theme')) && (isThemeReadable(getRequestElement('theme')))) {
+ // Use value from GET data
+ $ret = getRequestElement('theme');
+ } elseif ((isMailerThemeSet()) && (isThemeReadable(getMailerTheme()))) {
+ // Use value from GET data
+ $ret = getMailerTheme();
+ }
// Return theme value
return $ret;
@@ -1369,10 +1034,10 @@ function generateErrorCodeFromUserStatus ($status = '') {
} // END - if
// Default error code if unknown account status
- $errorCode = getCode('ACCOUNT_STATUS_UNKNOWN');
+ $errorCode = getCode('ACCOUNT_UNKNOWN');
// Generate constant name
- $codeName = sprintf("ACCOUNT_STATUS_%s", strtoupper($status));
+ $codeName = sprintf('ACCOUNT_%s', strtoupper($status));
// Is the constant there?
if (isCodeSet($codeName)) {
@@ -1380,7 +1045,7 @@ function generateErrorCodeFromUserStatus ($status = '') {
$errorCode = getCode($codeName);
} else {
// Unknown status
- logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown error status %s detected.", $status));
+ logDebugMessage(__FUNCTION__, __LINE__, sprintf('Unknown error status %s detected.', $status));
}
// Return error code
@@ -1398,7 +1063,7 @@ function debug_get_printable_backtrace () {
if (!isset($trace['file'])) $trace['file'] = __FUNCTION__;
if (!isset($trace['line'])) $trace['line'] = __LINE__;
if (!isset($trace['args'])) $trace['args'] = array();
- $backtrace .= '