X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Ffunctions.php;h=a71c939e3713fe52ba65f8435cb164b1ec9f954e;hb=51d65692668408a44920ce069a37c5fa4f5ba257;hp=8875dc134d41276bbe3eadd43b56c92eea7db455;hpb=c45b1827a16928c65ecc1aea6a9d7a504c4874d4;p=mailer.git diff --git a/inc/functions.php b/inc/functions.php index 8875dc134d..a71c939e37 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -32,7 +32,7 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); } @@ -53,6 +53,7 @@ function is_INCWritable($inc) { // Open a table (you may want to add some header stuff here) function OPEN_TABLE($PERCENT = "", $CLASS = "", $ALIGN="left", $VALIGN="", $td_only=false) { global $table_cnt; + // Count tables so we can generate CSS classes for every table... :-) if (empty($CLASS)) { // Class is empty so count one up and create a class @@ -132,9 +133,10 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Clear output buffer for later output ob_end_clean(); + // Extension "rewrite" installed? if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); - } + } // END - if // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { @@ -143,12 +145,13 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { $eval = "\$newContent = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; @eval($eval); + // Was that eval okay? if (empty($newContent)) { // Something went wrong! die("Evaluation error:
".htmlentities($eval).""); - } + } // END - if $OUTPUT = $newContent; - } + } // END - while // Output code here, DO NOT REMOVE! ;-) OUTPUT_RAW($OUTPUT); @@ -156,13 +159,13 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Rewrite links when rewrite extension is active if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); - } + } // END - if // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { $eval = "\$OUTPUT = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; eval($eval); - } + } // END - while // Output code here, DO NOT REMOVE! ;-) OUTPUT_RAW($OUTPUT); @@ -172,13 +175,13 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Output the raw HTML code function OUTPUT_RAW ($HTML) { // Output stripped HTML code to avoid broken JavaScript code, etc. - echo stripslashes($HTML); + echo stripslashes(stripslashes($HTML)); // Flush the output if only _OB_CACHING is not "on" if (_OB_CACHING != "on") { // Flush it flush(); - } + } // END - if } // Add a fatal error message to the queue array @@ -198,25 +201,41 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { // Add more variables which you want to use in your template files global $DATA, $_CONFIG, $username; + // Make all template names lowercase + $template = strtolower($template); + // Count the template load if (!isset($_CONFIG['num_templates'])) $_CONFIG['num_templates'] = 0; $_CONFIG['num_templates']++; // Init some data - $ACTION = SQL_ESCAPE($GLOBALS['action']); - $WHAT = SQL_ESCAPE($GLOBALS['what']); $ret = ""; if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0; - $REFID = $GLOBALS['refid']; - // DEPRECATED!!! + // @DEPRECATED Try to remove this if() block if ($template == "member_support_form") { // Support request of a member - $result = SQL_QUERY_ESC("SELECT sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); - list($sex, $surname, $family) = SQL_FETCHROW($result); + + // @TODO Merge this data into $content + list($gender, $surname, $family, $email) = SQL_FETCHROW($result); + + // Translate gender + $gender = TRANSLATE_GENDER($gender); + + // Insert data if content is an array + if (is_array($content)) { + // Please switch to $content[bla] in all your templates! Direct + // variables are deprecated as of 09/13/2008. + $content['gender'] = $gender; + $content['surname'] = $surname; + $content['family'] = $family; + $content['email'] = $email; + } // END - if + + // Free result SQL_FREERESULT($result); - $salut = TRANSLATE_SEX($sex); } // Generate date/time string @@ -269,20 +288,20 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { ); // Probe for it... - if (file_exists($file2)) $file = $file2; + if (FILE_READABLE($file2)) $file = $file2; // Remove variable from memory unset($file2); } // Does the special template exists? - if ((!file_exists($file)) || (!is_readable($file))) { + if (!FILE_READABLE($file)) { // Reset to default template $file = $BASE.$template.".tpl"; - } + } // END - if // Now does the final template exists? - if ((file_exists($file)) && (is_readable($file))) { + if (FILE_READABLE($file)) { // The local file does exists so we load it. :) $tmpl_file = implode("", file($file)); @@ -331,27 +350,41 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { } // Send mail out to an email address -function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML='N', $FROM="") { +function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = 'N', $FROM = "") { // Compile subject line (for POINTS constant etc.) - $eval = "\$SUBJECT = \"".COMPILE_CODE(addslashes($SUBJECT))."\";"; + $eval = "\$SUBJECT = html_entity_decode(\"".COMPILE_CODE(addslashes($SUBJECT))."\");"; eval($eval); - $SUBJECT = html_entity_decode($SUBJECT); // Set from header - if (!eregi("@", $TO)) { + if ((!eregi("@", $TO)) && ($TO > 0)) { // Value detected, load email from database if (EXT_IS_ACTIVE("msg")) { ADD_MESSAGE_TO_BOX($TO, $SUBJECT, $MSG, $HTML); return; } else { + // Load email address $result_email = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); - list($TO) = SQL_FETCHROW($result_email); + + // Does the user exist? + if (SQL_NUMROWS($result_email)) { + // Load email address + list($TO) = SQL_FETCHROW($result_email); + } else { + // Set webmaster + $TO = WEBMASTER; + } + + // Free result SQL_FREERESULT($result_email); } + } elseif ("$TO" == "0") { + // Is the webmaster! + $TO = WEBMASTER; } - // Not in PHPMailer-Mode + // Check for PHPMailer or debug-mode if (!CHECK_PHPMAILER_USAGE()) { + // Not in PHPMailer-Mode if (empty($FROM)) { // Load email header template $FROM = LOAD_EMAIL_TEMPLATE("header"); @@ -369,6 +402,10 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML='N', $FROM="") { } } + // Compile "TO" + $eval = "\$TO = \"".COMPILE_CODE(addslashes($TO))."\";"; + eval($eval); + // Fix HTML parameter (default is no!) if (empty($HTML)) $HTML = "N"; if (isBooleanConstantAndTrue('DEBUG_MODE')) { @@ -383,9 +420,6 @@ Message : ".$MSG." // Send mail as HTML away SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM); } elseif (!empty($TO)) { - // Compile email - $TO = COMPILE_CODE($TO); - // Send Mail away SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM); } elseif ($HTML == "N") { @@ -550,33 +584,37 @@ function TRANSLATE_COMMA ($dotted, $cut=true) { // function DEREFERER ($URL) { - $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress(COMPILE_CODE($URL)))); + $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL))); return $URL; } // -function TRANSLATE_SEX ($sex) { - switch ($sex) +function TRANSLATE_GENDER ($gender) { + switch ($gender) { - case "M": $ret = SEX_M; break; - case "F": $ret = SEX_F; break; - case "C": $ret = SEX_C; break; - default : $ret = $sex; break; + case "M": $ret = GENDER_M; break; + case "F": $ret = GENDER_F; break; + case "C": $ret = GENDER_C; break; + default : $ret = $gender; break; } return $ret; } // function GET_POOL_TYPE($PT) { - switch ($PT) - { - case "TEMP" : $ret = POOL_TEMP; break; - case "SEND" : $ret = POOL_SEND; break; - case "NEW" : $ret = POOL_NEW; break; - case "ADMIN" : $ret = POOL_ADMIN; break; - case "ACTIVE" : $ret = POOL_ACTIVE; break; - case "DELETED": $ret = POOL_DELETED; break; - default : $ret = POOL_UNKNOWN." (".$PT.")"; break; - } + // Unknown pool type is default + $ret = POOL_UNKNOWN." (".$PT.")"; + + // Generate constant name + $constantName = sprintf("POOL_%s", $PT); + + // Is the type known? + if (defined($constantName)) { + // Prepare eval command + $eval = sprintf("\$ret = %s;", $constantName); + eval($eval); + } // END - if + + // Return result return $ret; } // @@ -590,7 +628,7 @@ function FRAMETESTER($URL) { } // function SELECTION_COUNT($array) { - $ret = "0"; + $ret = 0; if (is_array($array)) { foreach ($array as $key => $sel) { if (!empty($sel)) $ret++; @@ -640,7 +678,7 @@ function GET_LANGUAGE() { // Check GET variable and cookie if (!empty($lang)) { // Check if main language file does exist - if (file_exists(PATH."inc/language/".$lang.".php")) { + if (FILE_READABLE(PATH."inc/language/".$lang.".php")) { // Okay found, so let's update cookies SET_LANGUAGE($lang); } @@ -667,13 +705,24 @@ function SET_LANGUAGE($lang) { function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { global $DATA, $_CONFIG, $REPLACER; - // Keept for backward-compatiblity (please replace these variables against our new {--CONST--} syntax!) - $MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER; - $surname = ""; $family = ""; $nick = ""; $sex = "N"; + // Make sure all template names are lowercase! + $template = strtolower($template); + + // Default "nickname" if extension is not installed + $nick = "---"; + + // Keept for backward-compatiblity (please replace these variables against our new {!CONST!} syntax!) + // No longer used: $MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER; + + // Init variables (DEPRECATED! Use $content[bla] instead. + $surname = ""; + $family = ""; + $nick = ""; + $gender = "N"; // Prepare IP number and User Agent - $REMOTE_ADDR = getenv('REMOTE_ADDR'); - $HTTP_USER_AGENT = getenv('HTTP_USER_AGENT'); + $REMOTE_ADDR = getenv('REMOTE_ADDR'); + $HTTP_USER_AGENT = getenv('HTTP_USER_AGENT'); $ADMIN = MAIN_TITLE; if (isSessionVariableSet('admin_login')) { @@ -682,7 +731,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { array(get_session('admin_login')), __FILE__, __LINE__); list($ADMIN) = SQL_FETCHROW($result); SQL_FREERESULT($result); - } + } // END - if // Expiration in a nice output format if ($_CONFIG['auto_purge'] == 0) { @@ -696,124 +745,46 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { $EXPIRATION = round($_CONFIG['auto_purge']/60/60/24)." "._DAYS; } - // DEPRECATED switch! - switch ($template) - { - case "bonus-mail": // Load data for the bonus mail - $BONUSID = $DATA[0]; - $content = $DATA[2]; - $points = TRANSLATE_COMMA($DATA[4]); - $TIME = $DATA[5]; - $TARGET_URL = $DATA[8]; - $CATEGORY = GET_CATEGORY($DATA[9]); - $DATA[10] = $UID; - - // Replace variables - foreach ($REPLACER as $key=>$value) - { - if (isset($DATA[$key])) $content = str_replace($value, $DATA[$key], $content); - } - break; - - case "order-admin": - case "order-member": - $BLOCKS = $_CONFIG['max_send']; - $SUBJECT = $DATA[0]; - $content = $DATA[1]; - $PAYMENT = GET_PAYMENT($DATA[3]); - $TARGET_URL = $DATA[5]; - $CATEGORY = GET_CATEGORY($DATA[6]); - break; - - case "order-reject": - case "order-deleted": - case "order-accept": - $TARGET_URL = $DATA[0]; - $URL = $DATA[0]; - $SUBJECT = $DATA[1]; - break; - - case "new-pass": - $PASS = $DATA[0]; - $REMOTE = $DATA[1]; - break; - - case "confirm-member": - $points = $_CONFIG['points_register']; - break; - - case "confirm-referral": - $PERCENT = $DATA[0]; - $LEVEL = $DATA[1]; - $points = $DATA[2]; - $REFID = $DATA[3]; - break; - - case "normal-mail": - $SEND_UID = $DATA[1]; - $CATEGORY = GET_CATEGORY($DATA[9]); - $TIME = GET_PAY_POINTS($DATA[5], "time"); - $TARGET_URL = $DATA[7]; - $points = TRANSLATE_COMMA(GET_PAY_POINTS($DATA[5], "payment")); - // Warning! This ID has changed from 10 to 11! - $MAILID = $DATA[11]; - - // Replace variables - foreach ($REPLACER as $key=>$value) - { - if (isset($DATA[$key])) $content = str_replace($value, $DATA[$key], $content); - } - break; - - case "done-member": - case "done-admin": - $SEND_UID = $DATA[1]; - $CATEGORY = GET_CATEGORY($DATA[9]); - $TARGET_URL = $DATA[7]; - break; - - case "back-admin": - case "back-member": - $points = TRANSLATE_COMMA($DATA[10]); - break; - - case "add-points": - if (isset($_POST['points'])) { - $points = bigintval($_POST['points']); - } else { - $points = __POINTS_VALUE; - } - break; - - case "guest_request_confirm": - $HASH = $DATA[2]; - break; - } + // Is content an array? + if (is_array($content)) { + // Add expiration to array, $EXPIRATION is now deprecated! + $content['expiration'] = $EXPIRATION; + } // END - if // Load user's data if ($UID > 0) { if (EXT_IS_ACTIVE("nickname")) { // Load nickname - $result = SQL_QUERY_ESC("SELECT surname, family, sex, email, nickname FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(bigintval($UID)), __FILE__, __LINE__); - list($surname, $family, $sex, $email, $nick) = SQL_FETCHROW($result); + $result = SQL_QUERY_ESC("SELECT surname, family, gender, email, nickname FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", + array(bigintval($UID)), __FILE__, __LINE__); + list($surname, $family, $gender, $email, $nick) = SQL_FETCHROW($result); SQL_FREERESULT($result); } else { // Load normal data - $result = SQL_QUERY_ESC("SELECT surname, family, sex, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(bigintval($UID)), __FILE__, __LINE__); - list($surname, $family, $sex, $email) = SQL_FETCHROW($result); + $result = SQL_QUERY_ESC("SELECT surname, family, gender, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", + array(bigintval($UID)), __FILE__, __LINE__); + list($surname, $family, $gender, $email) = SQL_FETCHROW($result); SQL_FREERESULT($result); - $nick = "---"; } } else { - // Neutral sex and email address is default - $sex = "N"; + // Neutral gender and email address is default + $gender = "N"; $email = WEBMASTER; } // Translate M to male or F to female - $salut = TRANSLATE_SEX($sex); + $gender = TRANSLATE_GENDER($gender); + + // Insert data if content is an array + if (is_array($content)) { + // Please do no longer use direct variable names, use $content[bla] + // instead. + $content['gender'] = $gender; + $content['surname'] = $surname; + $content['family'] = $family; + $content['email'] = $email; + $content['nick'] = $nick; + } // END - if // Store email for some functions in global data array $DATA['email'] = $email; @@ -844,29 +815,27 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { } // Does the special template exists? - if ((!@file_exists($file)) || (!is_readable($file))) { + if (!FILE_READABLE($file)) { // Reset to default template $file = $BASE.$template.".tpl"; } // END - if // Now does the final template exists? - if ((@file_exists($file)) && (is_readable($file))) { + $newContent = ""; + if (FILE_READABLE($file)) { // The local file does exists so we load it. :) $tmpl_file = @implode("", @file($file)); $tmpl_file = addslashes($tmpl_file); - // Compile code - $tmpl_file = COMPILE_CODE($tmpl_file); - // Run code - $tmpl_file = "\$content=\"".$tmpl_file."\";"; + $tmpl_file = "\$newContent=\"".COMPILE_CODE($tmpl_file)."\";"; eval($tmpl_file); - // Replace HTML confirm chars - $content = html_entity_decode($content); + // Replace HTML conform chars + $newContent = html_entity_decode($newContent); } elseif (!empty($template)) { // Template file not found! - $content = TEMPLATE_404.": ".$template."
".print_r($content, true)."".TEMPLATE_DATA." @@ -874,14 +843,20 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") {