X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Ffunctions.php;h=ab8907f080b92d09385757972d00a1a802c260ed;hb=64b24587e9e280798311c903cb11440c62f2844d;hp=f65fa16f4bb81e5c399c412460b3b0ce0eb28939;hpb=2e263e74cd6edb4041a2bd082de4b3cf3606b8e7;p=mailer.git
diff --git a/inc/functions.php b/inc/functions.php
index f65fa16f4b..ab8907f080 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -92,6 +92,9 @@ function generatePassword ($length = '0', $exclude = array()) {
// Exclude some entries
$localAbc = array_diff($GLOBALS['_abc'], $exclude);
+ // $localAbc must have at least 10 entries
+ assert(count($localAbc) >= 10);
+
// Start creating password
$password = '';
while (strlen($password) < $length) {
@@ -335,11 +338,14 @@ function generateDereferrerUrl ($url) {
// Encode URL
$encodedUrl = encodeString(compileUriCode($url));
- // Log plain URL
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'url=' . $url);
+ // Generate hash
+ $hash = generateHash($url . getSiteKey() . getDateKey());
+
+ // Log plain URL and hash
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'url=' . $url . ',hash=' . $hash . '(' . strlen($hash) . ')');
// De-refer this URL
- $url = '{%url=modules.php?module=loader&url=' . $encodedUrl . '&hash=' . encodeHashForCookie(generateHash($url . getSiteKey() . getDateKey())) . '%}';
+ $url = '{%url=modules.php?module=loader&url=' . $encodedUrl . '&hash=' . encodeHashForCookie($hash) . '&salt=' . substr($hash, 0, getSaltLength()) . '%}';
} // END - if
// Return link
@@ -706,7 +712,7 @@ function isUrlValid ($url, $compile = TRUE) {
// Generate a hash for extra-security for all passwords
function generateHash ($plainText, $salt = '', $hash = TRUE) {
// Debug output
- //* DEBUG: */ debugOutput('plainText('.strlen($plainText).')=' . $plainText . ',salt('.strlen($salt).')=' . $salt . ',hash=' . intval($hash));
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'plainText('.strlen($plainText).')=' . $plainText . ',salt('.strlen($salt).')=' . $salt . ',hash=' . intval($hash));
// Is the required extension 'sql_patches' there and a salt is not given?
// 123 4 43 3 4 432 2 3 32 2 3 32 2 3 3 21
@@ -743,20 +749,20 @@ function generateHash ($plainText, $salt = '', $hash = TRUE) {
// Generate SHA1 sum from modula of number and the prime number
$sha1 = sha1(($a % getPrime()) . $server . getEncryptSeparator() . $keys . getEncryptSeparator() . $data . getEncryptSeparator() . getDateKey() . getEncryptSeparator() . $a);
- //* DEBUG: */ debugOutput('SHA1=' . $sha1.' ('.strlen($sha1).')
');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SHA1=' . $sha1.' ('.strlen($sha1).')');
$sha1 = scrambleString($sha1);
- //* DEBUG: */ debugOutput('Scrambled=' . $sha1.' ('.strlen($sha1).')
');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Scrambled=' . $sha1.' ('.strlen($sha1).')');
//* DEBUG: */ $sha1b = descrambleString($sha1);
- //* DEBUG: */ debugOutput('Descrambled=' . $sha1b.' ('.strlen($sha1b).')
');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Descrambled=' . $sha1b.' ('.strlen($sha1b).')');
// Generate the password salt string
$salt = substr($sha1, 0, getSaltLength());
- //* DEBUG: */ debugOutput($salt.' ('.strlen($salt).')
');
+ //* DEBUG: */ debugOutput($salt.' ('.strlen($salt).')');
} else {
// Use given salt
- //* DEBUG: */ debugOutput('salt=' . $salt);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'salt=' . $salt);
$salt = substr($salt, 0, getSaltLength());
- //* DEBUG: */ debugOutput('salt=' . $salt . '(' . strlen($salt) . '/' . getSaltLength() . ')
');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'salt=' . $salt . '(' . strlen($salt) . '/' . getSaltLength() . ')');
// Sanity check on salt
if (strlen($salt) != getSaltLength()) {
@@ -769,7 +775,7 @@ function generateHash ($plainText, $salt = '', $hash = TRUE) {
$finalHash = $salt . sha1($salt . $plainText);
// Debug output
- //* DEBUG: */ debugOutput('finalHash('.strlen($finalHash).')=' . $finalHash);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'finalHash('.strlen($finalHash).')=' . $finalHash);
// Return hash
return $finalHash;
@@ -874,32 +880,38 @@ function encodeHashForCookie ($passHash) {
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, strlen($passHash) . '/' . strlen(getSecretKey()));
if ((strlen($passHash) != 49) || (strlen(getSecretKey()) != 40)) {
// Both keys must have same length so return unencrypted
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, strlen($passHash) . '!=49/' . strlen(getSecretKey()) . '!=40');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, strlen($passHash) . '!=49/' . strlen(getSecretKey()) . '!=40 - EXIT!');
return $ret;
} // END - if
$newHash = ''; $start = 9;
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'passHash=' . $passHash . '(' . strlen($passHash) . ')');
for ($idx = 0; $idx < 20; $idx++) {
- $part1 = hexdec(substr($passHash, ($idx * 2) + (strlen($passHash) - strlen(getSecretKey())), 2));
+ // Get hash parts and convert them (00-FF) to matching ASCII value (0-255)
+ $part1 = hexdec(substr($passHash , $start, 2));
$part2 = hexdec(substr(getSecretKey(), $start, 2));
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'part1=' . $part1 . '/part2=' . $part2);
+
+ // Default is hexadecimal of index if both are same
$mod = dechex($idx);
+ // Is part1 larger or part2 than its counter part?
if ($part1 > $part2) {
+ // part1 is larger
$mod = dechex(sqrt(($part1 - $part2) * getPrime() / pi()));
} elseif ($part2 > $part1) {
+ // part2 is larger
$mod = dechex(sqrt(($part2 - $part1) * getPrime() / pi()));
}
+
$mod = substr($mod, 0, 2);
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'part1=' . $part1 . '/part2=' . $part2 . '/mod=' . $mod . '(' . strlen($mod) . ')');
- $mod = str_repeat(0, (2 - strlen($mod))) . $mod;
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'idx=' . $idx . ',part1=' . $part1 . '/part2=' . $part2 . '/mod=' . $mod . '(' . strlen($mod) . ')');
+ $mod = str_repeat('0', (2 - strlen($mod))) . $mod;
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'mod(' . ($idx * 2) . ')=' . $mod . '*');
$start += 2;
$newHash .= $mod;
} // END - for
// Just copy it over, as the master salt is not really helpful here
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $passHash . ',' . $newHash . ' (' . strlen($newHash) . ')');
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $passHash . '(' . strlen($passHash) . '),' . $newHash . ' (' . strlen($newHash) . ')');
$ret = $newHash;
} // END - if
@@ -1233,7 +1245,7 @@ function changeDataInFile ($FQFN, $comment, $prefix, $suffix, $inserted, $seek=0
if ($next > -1) {
if ($next === $seek) {
$next = -1;
- $line = $prefix . $inserted . $suffix . chr(10);
+ $line = $prefix . $inserted . $suffix . PHP_EOL;
} else {
$next++;
}
@@ -1277,7 +1289,7 @@ function logDebugMessage ($funcFile, $line, $message, $force=true) {
// Is debug mode enabled?
if ((isDebugModeEnabled()) || ($force === TRUE)) {
// Remove CRLF
- $message = str_replace(array(chr(13), chr(10)), array('', ''), $message);
+ $message = str_replace(array(chr(13), PHP_EOL), array('', ''), $message);
// Log this message away
appendLineToFile(getPath() . getCachePath() . 'debug.log', generateDateTime(time(), '4') . '|' . getModule(FALSE) . '|' . basename($funcFile) . '|' . $line . '|' . $message);
@@ -1331,19 +1343,22 @@ function handleExtraValues ($filterFunction, $value, $extraValue) {
}
// Tries to determine if call-back functions and/or extra values shall be parsed
-function doHandleExtraValues ($filterFunctions, $extraValues, $key, $entries, $userIdColumn, $search) {
- // Debug message
- /* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'key=' . $key . ',entries=' . $entries . ',userIdColumn=' . $userIdColumn[0] . ',search=' . $search . ',filterFunctions=' . print_r($filterFunctions, TRUE) . ',extraValues=' . print_r($extraValues, TRUE));
+function doHandleExtraValues ($filterFunctions, $extraValues, $key, $entries, $userIdColumn, $search, $id = NULL) {
+ // Debug mode enabled?
+ if (isDebugModeEnabled()) {
+ // Debug message
+ /* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'key=' . $key . ',entries=' . $entries . ',userIdColumn=' . $userIdColumn[0] . ',search=' . $search . ',filterFunctions=' . print_r($filterFunctions, TRUE) . ',extraValues=' . print_r($extraValues, TRUE));
+ } // END - if
// Send data through the filter function if found
- if ($key == $userIdColumn[0]) {
+ if ($key === $userIdColumn[0]) {
// Is the userid, we have to process it with convertZeroToNull()
$entries = convertZeroToNull($entries);
} elseif ((!empty($filterFunctions[$key])) && (isset($extraValues[$key]))) {
// Debug mode enabled?
if (isDebugModeEnabled()) {
// Then log it
- /* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'search=' . $search . ',filterFunctions=' . $filterFunctions[$search] . ',extraValues=' . $extraValues[$key] . ',key=' . $key . ',id=' . $id . ',entries[' . gettype($entries) . ']=' . $entries . ' - BEFORE!');
+ /* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'search=' . $search . ',filterFunctions=' . $filterFunctions[$key] . ',extraValues=' . $extraValues[$key] . ',key=' . $key . ',id=' . $id . ',entries[' . gettype($entries) . ']=' . $entries . ' - BEFORE!');
} // END - if
// Filter function + extra value set
@@ -1352,8 +1367,26 @@ function doHandleExtraValues ($filterFunctions, $extraValues, $key, $entries, $u
// Debug mode enabled?
if (isDebugModeEnabled()) {
// Then log it
- /* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'search=' . $search . ',filterFunctions=' . $filterFunctions[$search] . ',extraValues=' . $extraValues[$key] . ',key=' . $key . ',id=' . $id . ',entries[' . gettype($entries) . ']=' . $entries . ' - AFTER!');
+ /* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'search=' . $search . ',filterFunctions=' . $filterFunctions[$key] . ',extraValues=' . $extraValues[$key] . ',key=' . $key . ',id=' . $id . ',entries[' . gettype($entries) . ']=' . $entries . ' - AFTER!');
} // END - if
+ } elseif ((!empty($filterFunctions[$search])) && (!empty($extraValues[$search]))) {
+ // Debug mode enabled?
+ if (isDebugModeEnabled()) {
+ // Then log it
+ /* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'search=' . $search . ',filterFunctions=' . $filterFunctions[$search] . ',key=' . $key . ',search=' . $search . ',entries[' . gettype($entries) . ']=' . $entries . ' - BEFORE!');
+ } // END - if
+
+ // Handle extra values
+ $entries = handleExtraValues($filterFunctions[$search], $entries, $extraValues[$search]);
+
+ // Debug mode enabled?
+ if (isDebugModeEnabled()) {
+ // Then log it
+ /* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'search=' . $search . ',filterFunctions=' . $filterFunctions[$search] . ',key=' . $key . ',search=' . $search . ',entries[' . gettype($entries) . ']=' . $entries . ' - AFTER!');
+ } // END - if
+
+ // Make sure entries is not bool, then something went wrong
+ assert(!is_bool($entries));
} elseif (!empty($filterFunctions[$search])) {
// Debug mode enabled?
if (isDebugModeEnabled()) {
@@ -1913,7 +1946,7 @@ function encodeUrl ($url, $outputMode = '0') {
} // END - if
// Is there a valid session?
- if (((!isset($GLOBALS['valid_session'])) || ($GLOBALS['valid_session'] === FALSE) || (!isset($_COOKIE[session_name()]))) && (isSpider() === FALSE)) {
+ if ((!isSessionValid()) && (!isSpider())) {
// Determine right separator
$separator = '&';
if (!isInString('?', $url)) {
@@ -1921,11 +1954,8 @@ function encodeUrl ($url, $outputMode = '0') {
$separator = '?';
} // END - if
- // Is the session id set?
- if (session_id() != '') {
- // Then add it to URL
- $url .= $separator . session_name() . '=' . session_id();
- } // END - if
+ // Then add it to URL
+ $url .= $separator . session_name() . '=' . session_id();
} // END - if
// Add {?URL?} ?
@@ -2048,13 +2078,10 @@ function convertZeroToNull ($number) {
// Converts a NULL to zero
function convertNullToZero ($number) {
// Is it a valid username?
- if ((!is_null($number)) && (!empty($number)) && ($number > 0)) {
- // Always secure it
- $number = bigintval($number);
- } else {
+ if ((is_null($number)) || (empty($number)) || ($number < 1)) {
// Is not valid or zero
$number = '0';
- }
+ } // END - if
// Return it
return $number;
@@ -2169,7 +2196,7 @@ function isHexadecimal ($hex) {
}
/**
- * Replace chr(13) with "[r]" and chr(10) with "[n]" and add a final new-line to make
+ * Replace chr(13) with "[r]" and PHP_EOL with "[n]" and add a final new-line to make
* them visible to the developer. Use this function to debug e.g. buggy HTTP
* response handler functions.
*
@@ -2177,7 +2204,7 @@ function isHexadecimal ($hex) {
* @return $str Overworked string
*/
function replaceReturnNewLine ($str) {
- return str_replace(array(chr(13), chr(10)), array('[r]', '[n]'), $str);
+ return str_replace(array(chr(13), PHP_EOL), array('[r]', '[n]'), $str);
}
// Converts a given string by splitting it up with given delimiter similar to
@@ -2289,7 +2316,7 @@ function convertStringToBoolean ($str) {
} // END - if
// Determine it
- $GLOBALS[__FUNCTION__][$str] = (($strTrimmed == 'true') ? true : false);
+ $GLOBALS[__FUNCTION__][$str] = ($strTrimmed == 'true');
} // END - if
// Return cache
@@ -2362,7 +2389,7 @@ function memberAddEntries ($tableName, $columns = array(), $filterFunctions = ar
}
// Edit rows by given id numbers
-function memberEditEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $timeColumns = array(), $editNow = array(FALSE), $idColumn = array('id'), $userIdColumn = array('userid'), $rawUserId = array('userid'), $cacheFiles = array()) {
+function memberEditEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $timeColumns = array(), $editNow = array(FALSE), $idColumn = array('id'), $userIdColumn = array('userid'), $rawUserId = array('userid'), $cacheFiles = array(), $content = array()) {
// $tableName must be an array
if ((!is_array($tableName)) || (count($tableName) != 1)) {
// No tableName specified
@@ -2396,12 +2423,12 @@ function memberEditEntriesConfirm ($tableName, $columns = array(), $filterFuncti
}
} else {
// List for editing
- memberListBuilder('edit', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn);
+ memberListBuilder('edit', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId, $content);
}
}
// Delete rows by given id numbers
-function memberDeleteEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $deleteNow = array(FALSE), $idColumn = array('id'), $userIdColumn = array('userid'), $rawUserId = array('userid'), $cacheFiles = array()) {
+function memberDeleteEntriesConfirm ($tableName, $columns = array(), $filterFunctions = array(), $extraValues = array(), $deleteNow = array(FALSE), $idColumn = array('id'), $userIdColumn = array('userid'), $rawUserId = array('userid'), $cacheFiles = array(), $content = array()) {
// Do this only for members
assert(isMember());
@@ -2438,17 +2465,18 @@ function memberDeleteEntriesConfirm ($tableName, $columns = array(), $filterFunc
}
} else {
// List for deletion confirmation
- memberListBuilder('delete', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn);
+ memberListBuilder('delete', $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUSerId, $content);
}
}
// Build a special template list
-function memberListBuilder ($listType, $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId = array('userid')) {
+// @TODO cacheFiles is not yet supported
+function memberListBuilder ($listType, $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId = array('userid'), $content = array()) {
// Do this only for logged in member
assert(isMember());
// Call inner (general) function
- doGenericListBuilder('member', $listType, $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId);
+ doGenericListBuilder('member', $listType, $tableName, $columns, $filterFunctions, $extraValues, $idColumn, $userIdColumn, $rawUserId, $content);
}
// Checks whether given address is IPv4