X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Ffunctions.php;h=cfbd66538429ce16230912500ad6b680bf9f6607;hb=1904897a38323335e3c93a71e6fe8c6fb82bcac4;hp=bfe60aa6e7b6439b30ec62198d4ea384d710b102;hpb=4ef4c88fc481335dc0631b223111c15a84cccb51;p=mailer.git diff --git a/inc/functions.php b/inc/functions.php index bfe60aa6e7..cfbd665384 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -32,18 +32,27 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); } // Check if our config file is writeable or not function is_INCWritable($inc) { - $fp = @fopen(PATH."inc/".$inc.".php", 'a'); + // Generate FQFN + $fqfn = sprintf("%sinc/%s.php", PATH, $inc); + + // Abort by simple test + if ((FILE_READABLE($fqfn)) && (!is_writeable($fqfn))) { + return false; + } // END - if + + // Test if we can append data + $fp = @fopen($fqfn, 'a'); if ($inc == "dummy") { // Remove dummy file @fclose($fp); - return @unlink(PATH."inc/dummy.php"); + return @unlink($fqfn); } else { // Close all other files return @fclose($fp); @@ -53,6 +62,7 @@ function is_INCWritable($inc) { // Open a table (you may want to add some header stuff here) function OPEN_TABLE($PERCENT = "", $CLASS = "", $ALIGN="left", $VALIGN="", $td_only=false) { global $table_cnt; + // Count tables so we can generate CSS classes for every table... :-) if (empty($CLASS)) { // Class is empty so count one up and create a class @@ -122,7 +132,8 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { default: // Huh, something goes wrong or maybe you have edited config.php ??? - die ("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); + DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid renderer %s detected.", OUTPUT_MODE)); + MXCHANGE_DIE("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); break; } } elseif ((_OB_CACHING == "on") && ($footer == 1)) { @@ -132,9 +143,23 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Clear output buffer for later output ob_end_clean(); - if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { + // Send HTTP header + header("HTTP/1.1 200"); + + // Used later + $now = gmdate('D, d M Y H:i:s') . ' GMT'; + + // General headers for no caching + header("Expired: " . $now); // RFC2616 - Section 14.21 + header("Last-Modified: " . $now); + header("Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0"); // HTTP/1.1 + header("Pragma: no-cache"); // HTTP/1.0 + header("Connection: Close"); + + // Extension "rewrite" installed? + if ((EXT_IS_ACTIVE("rewrite")) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); - } + } // END - if // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { @@ -143,26 +168,27 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { $eval = "\$newContent = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; @eval($eval); + // Was that eval okay? if (empty($newContent)) { // Something went wrong! die("Evaluation error:
".htmlentities($eval).""); - } + } // END - if $OUTPUT = $newContent; - } + } // END - while // Output code here, DO NOT REMOVE! ;-) OUTPUT_RAW($OUTPUT); } elseif ((OUTPUT_MODE == "render") && (!empty($OUTPUT))) { // Rewrite links when rewrite extension is active - if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { + if ((EXT_IS_ACTIVE("rewrite")) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); - } + } // END - if // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { $eval = "\$OUTPUT = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; eval($eval); - } + } // END - while // Output code here, DO NOT REMOVE! ;-) OUTPUT_RAW($OUTPUT); @@ -172,29 +198,34 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Output the raw HTML code function OUTPUT_RAW ($HTML) { // Output stripped HTML code to avoid broken JavaScript code, etc. - echo stripslashes($HTML); + echo stripslashes(stripslashes($HTML)); // Flush the output if only _OB_CACHING is not "on" if (_OB_CACHING != "on") { // Flush it flush(); - } + } // END - if } // Add a fatal error message to the queue array function ADD_FATAL ($message, $extra="") { global $FATAL; + if (empty($extra)) { // Regular text message to add to $FATAL $FATAL[] = $message; } else { // $message is text with a mask plus extras to insert into the text - $FATAL[] = sprintf($message, $extra); + $message = sprintf($message, $extra); + $FATAL[] = $message; } + + // Log fatal messages away + DEBUG_LOG(__FUNCTION__, __LINE__, " message={$message}"); } // Load a template file and return it's content (only it's name; do not use ' or ") -function LOAD_TEMPLATE($template, $return=false, $content="") { +function LOAD_TEMPLATE($template, $return=false, $content=array()) { // Add more variables which you want to use in your template files global $DATA, $_CONFIG, $username; @@ -206,21 +237,33 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { $_CONFIG['num_templates']++; // Init some data - $ACTION = SQL_ESCAPE($GLOBALS['action']); - $WHAT = SQL_ESCAPE($GLOBALS['what']); $ret = ""; if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0; - $REFID = $GLOBALS['refid']; - // DEPRECATED!!! + // @DEPRECATED Try to remove this if() block if ($template == "member_support_form") { // Support request of a member - $result = SQL_QUERY_ESC("SELECT sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); - list($sex, $surname, $family) = SQL_FETCHROW($result); + + // Is content an array? + if (is_array($content)) { + // Merge data + $content = array_merge($content, SQL_FETCHARRAY($result)); + + // Translate gender + $content['gender'] = TRANSLATE_GENDER($content['gender']); + } else { + // DEPRECATED: Load data in direct variables + list($gender, $surname, $family, $email) = SQL_FETCHROW($result); + + // Translate gender + $gender = TRANSLATE_GENDER($gender); + } + + // Free result SQL_FREERESULT($result); - $salut = TRANSLATE_SEX($sex); - } + } // END - if // Generate date/time string $date_time = MAKE_DATETIME(time(), "1"); @@ -311,12 +354,16 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { (".basename($file).")
".print_r($content, true)."+
".print_r($content, true)."".TEMPLATE_DATA." -
".print_r($DATA, true)."+
".print_r($DATA, true)."
+ echo "\n"; + + // Log the mail away + if (defined('DEBUG_MAIL')) DEBUG_LOG(__FUNCTION__, __LINE__, "to={$TO},subject={$SUBJECT},msg={$MSG}"); + } elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail"))) { // Send mail as HTML away SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM); } elseif (!empty($TO)) { - // Compile email - $TO = COMPILE_CODE($TO); - // Send Mail away - SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM); + SEND_RAW_EMAIL($TO, $SUBJECT, $MSG, $FROM); } elseif ($HTML == "N") { // Problem found! - SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM); + SEND_RAW_EMAIL(WEBMASTER, "[PROBLEM:]".$SUBJECT, $MSG, $FROM); } } @@ -439,7 +509,7 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { $mail->WordWrap = 70; $mail->IsHTML(true); } else { - $mail->Body = $msg; + $mail->Body = html_entity_decode($msg); } $mail->AddAddress($to, ""); $mail->AddReplyTo(WEBMASTER,MAIN_TITLE); @@ -448,7 +518,7 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { $mail->Send(); } else { // Use legacy mail() command - @mail($to, $subject, $msg, $from); + @mail($to, $subject, html_entity_decode($msg), $from); } } // @@ -468,13 +538,13 @@ function GEN_PASS($LEN = 0) { $PASS = ""; for ($i = 0; $i < $LEN; $i++) { $PASS .= $ABC[mt_rand(0, sizeof($ABC) -1)]; - } + } // END - for // When the size is below 40 we can also add additional security by scrambling it if (strlen($PASS) <= 40) { // Also scramble the password $PASS = scrambleString($PASS); - } + } // END - if // Return the password return $PASS; @@ -498,6 +568,9 @@ function MAKE_DATETIME ($time, $mode="0") case "1": $ret = strtolower(date("d.m.Y - H:i", $time)); break; case "2": $ret = date("d.m.Y|H:i", $time); break; case "3": $ret = date("d.m.Y", $time); break; + default: + DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); + break; } break; @@ -507,19 +580,27 @@ function MAKE_DATETIME ($time, $mode="0") case "1": $ret = date("Y-m-d - g:i A", $time); break; case "2": $ret = date("y-m-d|H:i", $time); break; case "3": $ret = date("y-m-d", $time); break; + default: + DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); + break; } } return $ret; } // Translates the american decimal dot into a german comma -function TRANSLATE_COMMA ($dotted, $cut=true) { +function TRANSLATE_COMMA ($dotted, $cut=true, $max=0) { global $_CONFIG; // Default is 3 you can change this in admin area "Misc -> Misc Options" if (empty($_CONFIG['max_comma'])) $_CONFIG['max_comma'] = "3"; + + // Use from config is default $maxComma = $_CONFIG['max_comma']; + // Use from parameter? + if ($max > 0) $maxComma = $max; + // Cut zeros off? if ($cut) { // Test for commata if in cut-mode @@ -527,8 +608,8 @@ function TRANSLATE_COMMA ($dotted, $cut=true) { if (count($com) > 1) { // Commata found, so only zeros? if ($com[1] == str_repeat("0", strlen($com[1]))) { - // Only zeros, so don't display them - $maxComma = 0; + // Only zeros, so display only one + $maxComma = 1; } // END - if } else { // Don't display commatas even if there are none... ;-) @@ -537,7 +618,7 @@ function TRANSLATE_COMMA ($dotted, $cut=true) { } // END - if // Debug log - //DEBUG_LOG(__FUNCTION__.":dotted={$dotted},maxComma={$maxComma}"); + //DEBUG_LOG(__FUNCTION__, __LINE__, "dotted={$dotted},maxComma={$maxComma}"); // Translate it now switch (GET_LANGUAGE()) { @@ -556,32 +637,24 @@ function TRANSLATE_COMMA ($dotted, $cut=true) { // function DEREFERER ($URL) { - $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL))); + // Don't de-refer our own links! + if (substr($URL, 0, strlen(URL)) != URL) { + // De-refer this link + $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL))); + } // END - if + + // Return link return $URL; } // -function TRANSLATE_SEX ($sex) { - switch ($sex) +function TRANSLATE_GENDER ($gender) { + switch ($gender) { - case "M": $ret = SEX_M; break; - case "F": $ret = SEX_F; break; - case "C": $ret = SEX_C; break; - default : $ret = $sex; break; - } - return $ret; -} -// -function GET_POOL_TYPE($PT) { - switch ($PT) - { - case "TEMP" : $ret = POOL_TEMP; break; - case "SEND" : $ret = POOL_SEND; break; - case "NEW" : $ret = POOL_NEW; break; - case "ADMIN" : $ret = POOL_ADMIN; break; - case "ACTIVE" : $ret = POOL_ACTIVE; break; - case "DELETED": $ret = POOL_DELETED; break; - default : $ret = POOL_UNKNOWN." (".$PT.")"; break; + case "M": $ret = GENDER_M; break; + case "F": $ret = GENDER_F; break; + case "C": $ret = GENDER_C; break; + default : $ret = $gender; break; } return $ret; } @@ -596,7 +669,7 @@ function FRAMETESTER($URL) { } // function SELECTION_COUNT($array) { - $ret = "0"; + $ret = 0; if (is_array($array)) { foreach ($array as $key => $sel) { if (!empty($sel)) $ret++; @@ -624,7 +697,13 @@ function TRANSLATE_STATUS($status) { $ret = ACCOUNT_LOCKED; break; + case "": + case null: + $ret = ACCOUNT_DELETED; + break; + default: + DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown status %s detected.", $status)); $ret = UNKNOWN_STATUS_1.$status.UNKNOWN_STATUS_2; break; } @@ -670,28 +749,36 @@ function SET_LANGUAGE($lang) { set_session("mx_lang", $lang); } // -function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { +function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") { global $DATA, $_CONFIG, $REPLACER; // Make sure all template names are lowercase! $template = strtolower($template); - // Keept for backward-compatiblity (please replace these variables against our new {--CONST--} syntax!) - $MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER; - $surname = ""; $family = ""; $nick = ""; $sex = "N"; + // Default "nickname" if extension is not installed + $nick = "---"; + + // Keept for backward-compatiblity (please replace these variables against our new {!CONST!} syntax!) + // No longer used: $MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER; // Prepare IP number and User Agent - $REMOTE_ADDR = getenv('REMOTE_ADDR'); - $HTTP_USER_AGENT = getenv('HTTP_USER_AGENT'); + $REMOTE_ADDR = GET_REMOTE_ADDR(); + $HTTP_USER_AGENT = GET_USER_AGENT(); + // Default admin $ADMIN = MAIN_TITLE; - if (isSessionVariableSet('admin_login')) { + + // Is the admin logged in? + if (IS_ADMIN()) { + // Get admin id + $aid = GET_ADMIN_ID(get_session('admin_login')); + // Load Admin data - $result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", - array(get_session('admin_login')), __FILE__, __LINE__); - list($ADMIN) = SQL_FETCHROW($result); - SQL_FREERESULT($result); - } + $ADMIN = GET_ADMIN_EMAIL($aid); + } // END - if + + // Neutral email address is default + $email = WEBMASTER; // Expiration in a nice output format if ($_CONFIG['auto_purge'] == 0) { @@ -705,124 +792,45 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { $EXPIRATION = round($_CONFIG['auto_purge']/60/60/24)." "._DAYS; } - // DEPRECATED switch! - switch ($template) - { - case "bonus-mail": // Load data for the bonus mail - $BONUSID = $DATA[0]; - $content = $DATA[2]; - $points = TRANSLATE_COMMA($DATA[4]); - $TIME = $DATA[5]; - $TARGET_URL = $DATA[8]; - $CATEGORY = GET_CATEGORY($DATA[9]); - $DATA[10] = $UID; - - // Replace variables - foreach ($REPLACER as $key=>$value) - { - if (isset($DATA[$key])) $content = str_replace($value, $DATA[$key], $content); - } - break; - - case "order-admin": - case "order-member": - $BLOCKS = $_CONFIG['max_send']; - $SUBJECT = $DATA[0]; - $content = $DATA[1]; - $PAYMENT = GET_PAYMENT($DATA[3]); - $TARGET_URL = $DATA[5]; - $CATEGORY = GET_CATEGORY($DATA[6]); - break; - - case "order-reject": - case "order-deleted": - case "order-accept": - $TARGET_URL = $DATA[0]; - $URL = $DATA[0]; - $SUBJECT = $DATA[1]; - break; - - case "new-pass": - $PASS = $DATA[0]; - $REMOTE = $DATA[1]; - break; - - case "confirm-member": - $points = $_CONFIG['points_register']; - break; - - case "confirm-referral": - $PERCENT = $DATA[0]; - $LEVEL = $DATA[1]; - $points = $DATA[2]; - $REFID = $DATA[3]; - break; - - case "normal-mail": - $SEND_UID = $DATA[1]; - $CATEGORY = GET_CATEGORY($DATA[9]); - $TIME = GET_PAY_POINTS($DATA[5], "time"); - $TARGET_URL = $DATA[7]; - $points = TRANSLATE_COMMA(GET_PAY_POINTS($DATA[5], "payment")); - // Warning! This ID has changed from 10 to 11! - $MAILID = $DATA[11]; - - // Replace variables - foreach ($REPLACER as $key=>$value) - { - if (isset($DATA[$key])) $content = str_replace($value, $DATA[$key], $content); - } - break; - - case "done-member": - case "done-admin": - $SEND_UID = $DATA[1]; - $CATEGORY = GET_CATEGORY($DATA[9]); - $TARGET_URL = $DATA[7]; - break; - - case "back-admin": - case "back-member": - $points = TRANSLATE_COMMA($DATA[10]); - break; - - case "add-points": - if (isset($_POST['points'])) { - $points = bigintval($_POST['points']); - } else { - $points = __POINTS_VALUE; - } - break; - - case "guest_request_confirm": - $HASH = $DATA[2]; - break; - } + // Is content an array? + if (is_array($content)) { + // Add expiration to array, $EXPIRATION is now deprecated! + $content['expiration'] = $EXPIRATION; + } // END - if // Load user's data + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):UID={$UID},template={$template}".htmlentities(trim($FROM))." To : ".$TO." Subject : ".$SUBJECT." Message : ".$MSG." -\n"; - } elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail", true))) { +
".print_r($content, true)."+
".print_r($content, true)."".TEMPLATE_DATA." -
".print_r($DATA, true)."+
".print_r($DATA, true)."