X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=libs%2Flib_general.php;h=fa4643de30088e24b74c1d3721fe76b79a18265b;hb=3f5cd5b92d3ea339f3d099c3fa8e65b0bc0f1533;hp=21cd6ab0df3d5bfa4d3ce4856d9d953b6297fe3c;hpb=4ebfc6d0240b77dbe6bd6a73a0c5e322e49739f1;p=ctracker.git

diff --git a/libs/lib_general.php b/libs/lib_general.php
index 21cd6ab..fa4643d 100644
--- a/libs/lib_general.php
+++ b/libs/lib_general.php
@@ -2,11 +2,11 @@
 /**
  * General functions library
  *
- * @author		Roland Haeder <webmaster@ship-simu.org>
+ * @author		Roland Haeder <webmaster@shipsimu.org>
  * @version		3.0.0
- * @copyright	Copyright (c) 2009 - 2011 Cracker Tracker Team
+ * @copyright	Copyright (c) 2009 - 2017 Cracker Tracker Team
  * @license		GNU GPL 3.0 or any newer version
- * @link		http://www.ship-simu.org
+ * @link		http://www.shipsimu.org
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -25,13 +25,13 @@
 if (!function_exists('implode_r')) {
 	// Implode recursive a multi-dimension array, taken from www.php.net
 	function implode_r ($glue, $array, $array_name = NULL) {
-		$return = array();
-		while(list($key,$value) = @each($array)) {
-			if(is_array($value)) {
+		$return = [];
+		while (list($key,$value) = @each($array)) {
+			if (is_array($value)) {
 				// Is an array again, so call recursive
 				$return[] = implode_r($glue, $value, (string) $key);
 			} else {
-				if($array_name != NULL) {
+				if ($array_name != NULL) {
 					$return[] = $array_name . '[' . (string) $key . ']=' . $value . "\n";
 				} else {
 					$return[] = $key . '=' . $value."\n";
@@ -40,13 +40,13 @@ if (!function_exists('implode_r')) {
 		} // END - while
 
 		// Return resulting array
-		return(implode($glue, $return));
+		return implode($glue, $return);
 	} // END - function
 } // END - if
 
 if (!function_exists('implode_secure')) {
 	// Implode a simple array with a 'call-back' to our escaper function
-	function implode_secure ($array) {
+	function implode_secure (array $array) {
 		// Return string
 		$return = '';
 
@@ -73,10 +73,34 @@ if (!function_exists('implode_secure')) {
 	} // END - function
 } // END - if
 
+// Load configuration, if found
+function crackerTrackerLoadConfiguration () {
+	// FQFN
+	$fqfn = sprintf('%s/config/db_config.php', $GLOBALS['ctracker_base_path']);
+
+	// Is the file readable?
+	if (!isCrackerTrackerFileFound($fqfn)) {
+		// No config file found
+		die(__FUNCTION__.': No configuration file found.');
+	} // END - if
+
+	// Load it
+	require $fqfn;
+
+	// Load email header
+	$GLOBALS['ctracker_header'] = crackerTrackerLoadEmailTemplate('header');
+}
+
 // Getter for ctracker_debug_enabled
 function isCrackerTrackerDebug () {
 	// Is it set?
-	return ((isset($GLOBALS['ctracker_debug_enabled'])) && ($GLOBALS['ctracker_debug_enabled'] === TRUE));
+	$result = ((isset($GLOBALS['ctracker_debug_enabled'])) && ($GLOBALS['ctracker_debug_enabled'] === TRUE));
+
+	// Debug message
+	//* DEBUG: */ error_log('result=' . intval($result));
+
+	// Return it
+	return $result;
 }
 
 // Determines the real remote address
@@ -119,14 +143,20 @@ function isCrackerTrackerProxyUsed () {
 }
 
 // Detects the user-agent string
-function crackerTrackerUserAgent () {
+function crackerTrackerUserAgent ($sanitize = FALSE) {
 	// Default is 'unknown'
 	$ua = 'unknown';
 
 	// Is the entry there?
 	if (isset($_SERVER['HTTP_USER_AGENT'])) {
 		// Then use it securely
-		$ua = crackerTrackerSecureString($_SERVER['HTTP_USER_AGENT']);
+		$ua = crackerTrackerSecureString(urldecode($_SERVER['HTTP_USER_AGENT']));
+	} // END - if
+
+	// Sanitize it?
+	if ($sanitize === TRUE) {
+		// Sanitize ...
+		$ua = crackerTrackerSanitize($ua);
 	} // END - if
 
 	// Return it
@@ -134,56 +164,107 @@ function crackerTrackerUserAgent () {
 }
 
 // Detects the script name
-function crackerTrackerScriptName () {
+function crackerTrackerScriptName ($sanitize = FALSE) {
+	// Default is NULL
+	$scriptName = NULL;
+
 	// Is it there?
-	if (!isset($_SERVER['SCRIPT_NAME'])) {
+	if (!empty($_SERVER['SCRIPT_NAME'])) {
 		// Return NULL
-		return NULL;
+		$scriptName = crackerTrackerSecureString($_SERVER['SCRIPT_NAME']);
 	} // END - if
 
-	// Should always be there!
-	return crackerTrackerSecureString($_SERVER['SCRIPT_NAME']);
+	// Sanitize it?
+	if ($sanitize === TRUE) {
+		// Sanitize ...
+		$scriptName = crackerTrackerSanitize($scriptName);
+	} // END - if
+
+	// Return
+	return $scriptName;
 }
 
 // Detects the query string
-function crackerTrackerQueryString () {
+function crackerTrackerQueryString ($sanitize = FALSE) {
+	// Default is NULL
+	$query = NULL;
+
 	// Is it there?
-	if (!isset($_SERVER['QUERY_STRING'])) {
-		// Return NULL
-		return NULL;
+	if (!empty($_SERVER['QUERY_STRING'])) {
+		// Get string escaped
+		$query = crackerTrackerEscapeString(urldecode($_SERVER['QUERY_STRING']));
+	} elseif (!empty($_SERVER['REQUEST_URI'])) {
+		// Get string escaped
+		$query = crackerTrackerEscapeString(urldecode($_SERVER['REQUEST_URI']));
+	}
+
+	// Sanitize it?
+	if ((!empty($query)) && ($sanitize === TRUE)) {
+		// Sanitize ...
+		$query = crackerTrackerSanitize($query);
 	} // END - if
 
-	// Should always be there!
-	return crackerTrackerEscapeString(urldecode($_SERVER['QUERY_STRING']));
+	// Return it
+	return $query;
 }
 
 // Detects the server's name
-function crackerTrackerServerName () {
+function crackerTrackerServerName ($sanitize = FALSE) {
+	// Default is NULL
+	$serverName = NULL;
+
 	// Is it there?
-	if (!isset($_SERVER['SERVER_NAME'])) {
+	if (!empty($_SERVER['SERVER_NAME'])) {
 		// Return NULL
-		return NULL;
+		$serverName = crackerTrackerSecureString($_SERVER['SERVER_NAME']);
 	} // END - if
 
-	// Should always be there!
-	return crackerTrackerSecureString($_SERVER['SERVER_NAME']);
+	// Sanitize it?
+	if ($sanitize === TRUE) {
+		// Sanitize ...
+		$serverName = crackerTrackerSanitize($serverName);
+	} // END - if
+
+	// Return it
+	return $serverName;
 }
 
 // Detects the referer
-function crackerTrackerReferer () {
+function crackerTrackerReferer ($sanitize = FALSE) {
 	// Default is a dash
 	$referer = '-';
 
 	// Is it there?
-	if (isset($_SERVER['HTTP_REFERER'])) {
+	if (!empty($_SERVER['HTTP_REFERER'])) {
 		// Then use it securely
 		$referer = crackerTrackerSecureString(urldecode($_SERVER['HTTP_REFERER']));
 	} // END - if
 
+	// Sanitize it?
+	if ($sanitize === TRUE) {
+		// Sanitize ...
+		$referer = crackerTrackerSanitize($referer);
+	} // END - if
+
 	// Return it
 	return $referer;
 }
 
+// Detects request method
+function crackerTrackerRequestMethod () {
+	// Default is NULL
+	$method = NULL;
+
+	// Is it set?
+	if (!empty($_SERVER['REQUEST_METHOD'])) {
+		// Then use it
+		$method = $_SERVER['REQUEST_METHOD'];
+	} // END - if
+
+	// Return it
+	return $method;
+}
+
 // Detects the scripts path
 function crackerTrackerScriptPath () {
 	// Should always be there!
@@ -223,8 +304,8 @@ function isCrackerTrackerFileFound ($FQFN) {
 // Loads a given "template" (this is more an include file)
 function crackerTrackerLoadTemplate ($template) {
 	// Create the full-qualified filename (FQFN)
-	$FQFN = sprintf('%s/templates/%s.tpl.php',
-		dirname(__FILE__),
+	$FQFN = sprintf('%s/libs/templates/%s.tpl.php',
+		$GLOBALS['ctracker_base_path'],
 		$template
 	);
 
@@ -244,8 +325,8 @@ function crackerTrackerLoadTemplate ($template) {
 // Loads a given "template" (this is more an include file)
 function crackerTrackerLoadLocalizedTemplate ($template) {
 	// Create the full-qualified filename (FQFN)
-	$FQFN = sprintf('%s/templates/%s/%s.tpl.php',
-		dirname(__FILE__),
+	$FQFN = sprintf('%s/libs/templates/%s/%s.tpl.php',
+		$GLOBALS['ctracker_base_path'],
 		getCrackerTrackerLanguage(),
 		$template
 	);
@@ -283,8 +364,8 @@ function crackerTrackerLanguage () {
 	} // END - if
 
 	// Construct FQFN
-	$FQFN = sprintf('%s/language/%s.php',
-		dirname(__FILE__),
+	$FQFN = sprintf('%s/libs/language/%s.php',
+		$GLOBALS['ctracker_base_path'],
 		getCrackerTrackerLanguage()
 	);
 
@@ -294,7 +375,7 @@ function crackerTrackerLanguage () {
 		$GLOBALS['ctracker_language'] = 'en';
 
 		// Construct FQFN again
-		$FQFN = sprintf('%s/language/en.php', dirname(__FILE__));
+		$FQFN = sprintf('%s/libs/language/en.php', $GLOBALS['ctracker_base_path']);
 	} // END - if
 
 	// Load the language file
@@ -302,13 +383,13 @@ function crackerTrackerLanguage () {
 }
 
 // Loads a given email template and passes through $content
-function crackerTrackerLoadEmailTemplate ($template, array $content = array(), $language = NULL) {
+function crackerTrackerLoadEmailTemplate ($template, array $content = [], $language = NULL) {
 	// Init language
 	crackerTrackerLanguage();
 
 	// Generate the FQFN
-	$FQFN = sprintf('%s/mails/%s/%s.tpl',
-		dirname(__FILE__),
+	$FQFN = sprintf('%s/libs/mails/%s/%s.tpl',
+		$GLOBALS['ctracker_base_path'],
 		getCrackerTrackerLanguage($language),
 		$template
 	);
@@ -316,10 +397,11 @@ function crackerTrackerLoadEmailTemplate ($template, array $content = array(), $
 	// So is the file there?
 	if (isCrackerTrackerFileFound($FQFN)) {
 		// Init result
-		$result = 'No result from template ' . $template . '. Please report this at http://forum.ship-simu.org Thank you.';
+		$result = 'No result from template ' . $template . '. Please report this at http://forum.shipsimu.org Thank you.';
 
 		// Then load it
-		eval('$result = "' . crackerTrackerCompileCode(file_get_contents($FQFN)) . '";');
+		//* DEBUG-DIE: */ die('<pre>$result = "' . crackerTrackerCompileCode(trim(file_get_contents($FQFN))) . '";</pre>');
+		eval('$result = "' . crackerTrackerCompileCode(trim(file_get_contents($FQFN))) . '";');
 
 		// Return the result
 		return $result;
@@ -472,8 +554,12 @@ function crackerTrackerSendRawRedirect ($url) {
 
 // Removes all ctracker-related data from global space
 function unsetCtrackerData () {
+	// Debug message
+	//* DEBUG: */ error_log(__FUNCTION__ . ': CALLED!');
+
 	// Unset all ctracker data
 	foreach (array(
+			'ctracker_base_path',
 			'ctracker_host',
 			'ctracker_dbname',
 			'ctracker_user',
@@ -485,8 +571,9 @@ function unsetCtrackerData () {
 			'ctracker_post_blacklist',
 			'ctracker_header',
 			'ctracker_post_track',
-			'ctracker_checkworm',
-			'ctracker_check_post',
+			'ctracker_checked_get',
+			'ctracker_checked_post',
+			'ctracker_checked_ua',
 			'ctracker_last_sql',
 			'ctracker_last_result',
 			'ctracker_config',
@@ -494,11 +581,14 @@ function unsetCtrackerData () {
 			'ctracker_language',
 			'ctracker_localized',
 			'ctracker_link',
+			'ctracker_blocked_methods',
 		) as $key) {
 			// Unset it
 			unset($GLOBALS[$key]);
 	} // END - foreach
 }
 
-// [EOF]
-?>
+// Sanitizes string
+function crackerTrackerSanitize ($str) {
+	return str_replace(array('//', '/./'), array('/', '/'), $str);
+}