$points = mt_rand((getConfig('beg_points') * 100000), (getConfig('beg_points_max') * 100000)) / 100000;
// Set nickname / userid for the template(s
- define('__BEG_UID' , SQL_ESCAPE(REQUEST_GET('uid')));
+ define('__BEG_UID' , REQUEST_GET(('uid')));
define('__BEG_CLICKS', ($clicks + 1));
define('__BEG_BANNER', LOAD_TEMPLATE("beg_banner", true));
define('__BEG_POINTS', TRANSLATE_COMMA($points));
// Is the script installed?
if (isBooleanConstantAndTrue('mxchange_installed')) {
// Probe for referal ID
- if (REQUEST_ISSET_GET(('refid'))) $GLOBALS['refid'] = SQL_ESCAPE(REQUEST_GET('refid'));
+ if (REQUEST_ISSET_GET(('refid'))) $GLOBALS['refid'] = REQUEST_GET(('refid'));
// Only check this if refid is provided!
if ($GLOBALS['refid'] > 0) {
} elseif (REQUEST_ISSET_GET(('tag'))) {
// Tag set so create the IFN (Include-FileName)
$INC = sprintf("inc/img/tag-%s.php",
- SQL_ESCAPE(REQUEST_GET('tag'))
+ REQUEST_GET(('tag'))
);
// Include is readable?
}
// Escape a string for the database
-function SQL_ESCAPE ($str, $secureString=true,$strip=true) {
+function SQL_ESCAPE ($str, $secureString=true, $strip=true) {
// Secure string first? (which is the default behaviour!)
if ($secureString) {
// Then do it here
// Check if given extension is active
function EXT_IS_ACTIVE ($ext_name) {
// Extensions are all inactive during installation
- if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isBooleanConstantAndTrue('mxchange_installing')) || (empty($ext_name))) return false;
+ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isInstalling()) || (empty($ext_name))) return false;
// Not active is the default
$active = "N";
$ext_ver = false;
// Extensions are all inactive during installation
- if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isBooleanConstantAndTrue('mxchange_installing'))) return "";
+ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isInstalling())) return "";
//* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, ": ext_name={$ext_name}");
// Is the cache written?
// Set unset variable
if (empty($check)) $check = "";
- if (isBooleanConstantAndTrue('mxchange_installing')) {
+ if (isInstalling()) {
// While we are installing ouput other header than while it is installed... :-)
$OUT = "";
foreach (getFatalArray() as $key => $value) {
$SQLs = array();
// Is a database link here and not in installation mode?
- if ((!SQL_IS_LINK_UP()) && (!isBooleanConstantAndTrue('mxchange_installing'))) {
+ if ((!SQL_IS_LINK_UP()) && (!isInstalling())) {
// Abort here
- addFatalMessage(getMessage('FILTER_FLUSH_FAILED_NO_DATABASE'), array($filterFunction, $filterName));
+ addFatalMessage(getMessage('FILTER_FLUSH_FAILED_NO_DATABASE'));
return false;
} // END - if
// Output cached HTML code
$OUTPUT = ob_get_contents();
- // Clear output buffer for later output
- clearOutputBuffer();
+ // Clear output buffer for later output if output is found
+ if (!empty($OUTPUT)) {
+ clearOutputBuffer();
+ } // END - if
// Send HTTP header
header("HTTP/1.1 200");
while (strpos($OUTPUT, '{!') > 0) {
// Prepare the content and eval() it...
$newContent = "";
- $eval = "\$newContent = \"".COMPILE_CODE(SQL_ESCAPE($OUTPUT))."\";";
- @eval($eval);
+ $eval = "\$newContent = \"".COMPILE_CODE(smartAddSlashes($OUTPUT, false, false))."\";";
+ eval($eval);
// Was that eval okay?
if (empty($newContent)) {
// Compile and run finished rendered HTML code
while (strpos($OUTPUT, '{!') > 0) {
- $eval = "\$OUTPUT = \"".COMPILE_CODE(SQL_ESCAPE($OUTPUT))."\";";
+ $eval = "\$OUTPUT = \"".COMPILE_CODE(smartAddSlashes($OUTPUT, false, false))."\";";
eval($eval);
} // END - while
$ret = "";
if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) {
// Okay, compile it!
- $tmpl_file = "\$ret=\"".COMPILE_CODE(SQL_ESCAPE($tmpl_file))."\";";
+ $tmpl_file = "\$ret=\"".COMPILE_CODE(smartAddSlashes($tmpl_file))."\";";
eval($tmpl_file);
} else {
// Simply return loaded code
// Add surrounding HTML comments to help finding bugs faster
$ret = "<!-- Template ".$template." - Start -->\n".$ret."<!-- Template ".$template." - End -->\n";
- } elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!isBooleanConstantAndTrue('mxchange_installed')))) {
+ } elseif ((IS_ADMIN()) || ((isInstalling()) && (!isBooleanConstantAndTrue('mxchange_installed')))) {
// Only admins shall see this warning or when installation mode is active
$ret = "<br /><span class=\"guest_failed\">".TEMPLATE_404."</span><br />
(".basename($FQFN).")<br />
//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):TO={$TO},SUBJECT={$SUBJECT}<br />\n";
// Compile subject line (for POINTS constant etc.)
- $eval = "\$SUBJECT = decodeEntities(\"".COMPILE_CODE(SQL_ESCAPE($SUBJECT))."\");";
+ $eval = "\$SUBJECT = decodeEntities(\"".COMPILE_CODE(smartAddSlashes($SUBJECT))."\");";
eval($eval);
// Set from header
}
// Compile "TO"
- $eval = "\$TO = \"".COMPILE_CODE(SQL_ESCAPE($TO))."\";";
+ $eval = "\$TO = \"".COMPILE_CODE(smartAddSlashes($TO))."\";";
eval($eval);
// Compile "MSG"
- $eval = "\$MSG = \"".COMPILE_CODE(SQL_ESCAPE($MSG))."\";";
+ $eval = "\$MSG = \"".COMPILE_CODE(smartAddSlashes($MSG))."\";";
eval($eval);
// Fix HTML parameter (default is no!)
// Run code
$tmpl_file = "\$newContent = decodeEntities(\"".COMPILE_CODE($tmpl_file)."\");";
- @eval($tmpl_file);
+ eval($tmpl_file);
} elseif (!empty($template)) {
// Template file not found!
$newContent = "{--TEMPLATE_404--}: ".$template."<br />
return COMPILE_CODE($newContent);
}
//
-function MAKE_TIME($H, $M, $S, $stamp) {
+function MAKE_TIME ($H, $M, $S, $stamp) {
// Extract day, month and year from given timestamp
$DAY = date("d", $stamp);
$MONTH = date("m", $stamp);
return mktime($H, $M, $S, $MONTH, $DAY, $YEAR);
}
//
-function LOAD_URL($URL, $addUrlData=true) {
+function LOAD_URL ($URL, $addUrlData=true) {
// Compile out URI codes
$URL = compileUriCode($URL);
}
// Get output buffer
- //* DEBUG: */ debug_report_bug();
+ /* DEBUG: */ debug_report_bug(sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL));
$OUTPUT = ob_get_contents();
// Clear it only if there is content
// Check wether a boolean constant is set
// Taken from user comments in PHP documentation for function constant()
-function isBooleanConstantAndTrue($constName) { // : Boolean
+function isBooleanConstantAndTrue ($constName) { // : Boolean
// Failed by default
$res = false;
if (isset($GLOBALS['cache_array']['const'][$constName])) {
// Use cache
//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ".$constName."-CACHE!<br />\n";
- $res = $GLOBALS['cache_array']['const'][$constName];
+ $res = ($GLOBALS['cache_array']['const'][$constName] === true);
} else {
// Check constant
//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ".$constName."-RESOLVE!<br />\n";
- if (defined($constName)) $res = (constant($constName) === true);
+ if (defined($constName)) {
+ // Found!
+ //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ".$constName."-FOUND!<br />\n";
+ $res = (constant($constName) === true);
+ } // END - if
// Set cache
$GLOBALS['cache_array']['const'][$constName] = $res;
// Fix it to default
$ret = "default";
} // END - if
- } elseif ((!isBooleanConstantAndTrue('mxchange_installed')) && ((isBooleanConstantAndTrue('mxchange_installing')) || ($GLOBALS['output_mode'] == true)) && ((REQUEST_ISSET_GET(('theme'))) || (REQUEST_ISSET_POST(('theme'))))) {
+ } elseif ((!isBooleanConstantAndTrue('mxchange_installed')) && ((isInstalling()) || ($GLOBALS['output_mode'] == true)) && ((REQUEST_ISSET_GET(('theme'))) || (REQUEST_ISSET_POST(('theme'))))) {
// Prepare FQFN for checking
- $theme = sprintf("%stheme/%s/theme.php", constant('PATH'), SQL_ESCAPE(REQUEST_GET('theme')));
+ $theme = sprintf("%stheme/%s/theme.php", constant('PATH'), REQUEST_GET(('theme')));
// Installation mode active
if ((REQUEST_ISSET_GET(('theme'))) && (FILE_READABLE($theme))) {
// Set cookie from URL data
- set_session('mxchange_theme', SQL_ESCAPE(REQUEST_GET('theme')));
+ set_session('mxchange_theme', REQUEST_GET(('theme')));
} elseif (FILE_READABLE(sprintf("%stheme/%s/theme.php", constant('PATH'), SQL_ESCAPE(REQUEST_POST('theme'))))) {
// Set cookie from posted data
set_session('mxchange_theme', SQL_ESCAPE(REQUEST_POST('theme')));
case constant('CODE_EXTENSION_PROBLEM'):
if (REQUEST_ISSET_GET(('ext'))) {
- $msg = sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), SQL_ESCAPE(REQUEST_GET('ext')));
+ $msg = sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), REQUEST_GET(('ext')));
} else {
$msg = getMessage('EXTENSION_PROBLEM_UNSET_EXT');
}
return $GLOBALS['refid'];
}
+// Check wether we are installing
+function isInstalling () {
+ return (isset($GLOBALS['mxchange_installing']));
+}
+
//////////////////////////////////////////////////
// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
//////////////////////////////////////////////////
// Remember title in constant for the template
define('__PAGE_TITLE', $TITLE);
} elseif ((!isBooleanConstantAndTrue('mxchange_installed')) || (!isBooleanConstantAndTrue('admin_registered'))) {
- // Load language file because it was missing in installation finalizer step... *sigh*
- $INC = sprintf("inc/language/install_%s.php",
- GET_LANGUAGE()
- );
- LOAD_INC_ONCE($INC);
-
// Installation mode
define('__PAGE_TITLE', getMessage('INSTALLATION_OF_MXCHANGE'));
} else {
if (SQL_IS_LINK_UP()) {
// Close link
SQL_CLOSE(__FILE__, __LINE__);
- } else {
+ } elseif (!isInstalling()) {
// No database link
- addFatalMessage(getMessage('NO_DB_LINK'));
+ addFatalMessage(getMessage('NO_DB_LINK_SHUTDOWN'));
}
}
LOAD_INC($INC);
// Check for installation mode
-if (isBooleanConstantAndTrue('mxchange_installing')) {
+if (isInstalling()) {
// Load matching language file
LOAD_INC("inc/language/install_".$mx_lang.".php");
}
define('MENU_IS_ACTIVE', "Menüpunkt ist aktiviert");
define('CREATE_ACTION_FIRST', "Bitte erstellen Sie zuerst die action-xxxxx.php Datei. Dann können Sie sie hier auswählen.");
define('IS_FIRST_MENU', "Ist das erste Hauptmenü");
-define('NO_DB_LINK', "Keine Verbindung zur Datenbank!");
+define('NO_DB_LINK', "Keine Verbindung zur Datenbank.");
+define('NO_DB_LINK_SHUTDOWN', "Keine Verbindung zur Datenbank beim Schliessen der Verbindung.");
define('MYSQL_DATA_MISSING', "Die Konfiguration Ihrer Datenbankverbindung ist unnvollständig. Bitte in inc/config.php mindestens den Hostnamen, Datenbanknamen und Login zur Datenbank eingeben.");
define('REGISTER_PERSONAL_DATA', "Persönliche Daten");
define('REGISTER_CATEGORIES', "Interessengebiete");
if (REQUEST_ISSET_GET(('frame'))) {
// Use the frame as a template name part... ;-)
$templateName = sprintf("surfbar_frame_%s",
- SQL_ESCAPE(REQUEST_GET('frame'))
+ REQUEST_GET(('frame'))
);
} // END - if
// Add links for selecting some users
function alpha ($sortby, $colspan, $return=false) {
if (!REQUEST_ISSET_GET(('offset'))) REQUEST_SET_GET('offset', 0);
- $ADD = "&page=".SQL_ESCAPE(REQUEST_GET('page'))."&offset=".SQL_ESCAPE(REQUEST_GET('offset'));
- if (REQUEST_ISSET_GET(('mode'))) $ADD .= "&mode=".SQL_ESCAPE(REQUEST_GET('mode'));
+ $ADD = "&page=".REQUEST_GET(('page'))."&offset=".REQUEST_GET(('offset'));
+ if (REQUEST_ISSET_GET(('mode'))) $ADD .= "&mode=".REQUEST_GET(('mode'));
/* Creates the list of letters and makes them a link. */
$alphabet = array(_ALL2,"A","B","C","D","E","F","G","H","I","J","K","L","M","N","O","P","Q","R","S","T","U","V","W","X","Y","Z",_OTHERS);
} else {
// Output link to letter
$OUT .= "<a href=\"{!URL!}/modules.php?module=admin&what=".$GLOBALS['what'];
- if (REQUEST_ISSET_GET(('mode'))) $OUT .= "&mode=".SQL_ESCAPE(REQUEST_GET('mode'));
+ if (REQUEST_ISSET_GET(('mode'))) $OUT .= "&mode=".REQUEST_GET(('mode'));
$OUT .= "&letter=".$ltr."&sortby=".$sortby.$ADD."\">".$ltr."</a>";
}
if (!REQUEST_ISSET_GET(('page'))) REQUEST_SET_GET('page' , 0);
// Add page and offset
- $ADD = "&page=".SQL_ESCAPE(REQUEST_GET('page'))."&offset=".SQL_ESCAPE(REQUEST_GET('offset'));
+ $ADD = "&page=".REQUEST_GET(('page'))."&offset=".REQUEST_GET(('offset'));
// Add status or mode
- if (REQUEST_ISSET_GET(('status'))) $ADD .= "&mode=".SQL_ESCAPE(REQUEST_GET('status'));
- elseif (REQUEST_ISSET_GET(('mode'))) $ADD .= "&mode=".SQL_ESCAPE(REQUEST_GET('mode'));
+ if (REQUEST_ISSET_GET(('status'))) $ADD .= "&mode=".REQUEST_GET(('status'));
+ elseif (REQUEST_ISSET_GET(('mode'))) $ADD .= "&mode=".REQUEST_GET(('mode'));
// Makes order by links..
if ($letter == "front") $letter = _ALL2;
$OUT .= "<a href=\"{!URL!}/modules.php?module=admin&what=".$GLOBALS['what'];
// Add status or mode
- if (REQUEST_ISSET_GET(('status'))) $OUT .= "&mode=".SQL_ESCAPE(REQUEST_GET('status'));
- elseif (REQUEST_ISSET_GET(('mode'))) $OUT .= "&mode=".SQL_ESCAPE(REQUEST_GET('mode'));
+ if (REQUEST_ISSET_GET(('status'))) $OUT .= "&mode=".REQUEST_GET(('status'));
+ elseif (REQUEST_ISSET_GET(('mode'))) $OUT .= "&mode=".REQUEST_GET(('mode'));
// Letter and so on
- $OUT .= "&letter=".SQL_ESCAPE(REQUEST_GET('letter'))."&sortby=".SQL_ESCAPE(REQUEST_GET('sortby'))."&page=".$page."&offset=".$offset."\">";
+ $OUT .= "&letter=".REQUEST_GET(('letter'))."&sortby=".REQUEST_GET(('sortby'))."&page=".$page."&offset=".$offset."\">";
}
$OUT .= $page;
$GLOBALS['cache_array'] = array();
// Skip loading extensions
-if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isBooleanConstantAndTrue('mxchange_installing'))) return;
+if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isInstalling())) {
+ // Init filter system here
+ INIT_FILTER_SYSTEM();
+
+ // Skip loading
+ return;
+} // END - if
// Initialize array for "always keep active extensions"
$GLOBALS['cache_array']['active_extensions'] = array();
// Load logout template
if (REQUEST_ISSET_GET(('register'))) {
// Secure input
- $register = SQL_ESCAPE(REQUEST_GET('register'));
+ $register = REQUEST_GET(('register'));
// Special logout redirect for installation of given extension
LOAD_TEMPLATE(sprintf("admin_logout_%s_install", $register));
} elseif (REQUEST_ISSET_GET(('remove'))) {
// Secure input
- $remove = SQL_ESCAPE(REQUEST_GET('remove'));
+ $remove = REQUEST_GET(('remove'));
// Special logout redirect for removal of given extension
LOAD_TEMPLATE(sprintf("admin_logout_%s_remove", $remove));
$area = "entrance";
// Check for similar URL variable
- if (REQUEST_ISSET_GET(('area'))) $area = SQL_ESCAPE(REQUEST_GET('area'));
+ if (REQUEST_ISSET_GET(('area'))) $area = REQUEST_GET(('area'));
// Load "logical-area menu-system" file
LOAD_INC_ONCE("inc/modules/admin/lasys-inc.php");
// Compile and run the code here. This inserts all constants into the
// HTML output. Costs me some time to figure this out... *sigh* Quix0r
- $eval = "\$OUT = \"".COMPILE_CODE(SQL_ESCAPE($OUT))."\";";
+ // @TODO Is this eval longer needed?
+ $eval = "\$OUT = \"".COMPILE_CODE(smartAddSlashes($OUT))."\";";
eval($eval);
// Is there a cache instance again?
$AND = "(`what` = '' OR `what` IS NULL)"; $SUB = "";
if (REQUEST_ISSET_GET(('sub')))
{
- $AND = sprintf("action='%s' AND `what` IS NOT NULL", SQL_ESCAPE(REQUEST_GET('sub')));
- $SUB = SQL_ESCAPE(REQUEST_GET('sub'));
+ $AND = sprintf("action='%s' AND `what` IS NOT NULL", REQUEST_GET(('sub')));
+ $SUB = REQUEST_GET(('sub'));
}
// Get count of (maybe) selected menu points
case "target": // Set which what-file will be placed in home-page (only modules.php?module=index)
if (REQUEST_ISSET_GET(('home'))) {
// Set new home
- UPDATE_CONFIG("index_home", SQL_ESCAPE(REQUEST_GET('home')));
+ UPDATE_CONFIG("index_home", REQUEST_GET(('home')));
} // END - if
// Load all what menu points
define('__INTERVAL' , CREATE_TIME_SELECTIONS($DATA['warning_interval'], "warning_interval", "MWDh"));
// Init variables here
- $TPL = sprintf("admin_edit_sponsor_%s", SQL_ESCAPE(REQUEST_GET('mode')));
+ $TPL = sprintf("admin_edit_sponsor_%s", REQUEST_GET(('mode')));
$SQLs = array();
// Sponsor was found
default: // Unknown mode
DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown mode %s detected.", REQUEST_GET('mode')));
- $MSG = sprintf(getMessage('ADMIN_SPONSOR_INVALID_MODE'), SQL_ESCAPE(REQUEST_GET('mode')));
+ $MSG = sprintf(getMessage('ADMIN_SPONSOR_INVALID_MODE'), REQUEST_GET(('mode')));
break;
}
LOAD_TEMPLATE($TPL);
} else {
// Template not found!
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_SPONSOR_MODUS_TPL_404'), SQL_ESCAPE(REQUEST_GET('mode'))));
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_SPONSOR_MODUS_TPL_404'), REQUEST_GET(('mode'))));
}
} else {
// Sponsor not found!
$AND = "(`what` = '' OR `what` IS NULL)"; $SUB = "";
if (REQUEST_ISSET_GET(('sub'))) {
- $AND = sprintf("action='%s' AND `what` IS NOT NULL", SQL_ESCAPE(REQUEST_GET('sub')));
- $SUB = SQL_ESCAPE(REQUEST_GET('sub'));
+ $AND = sprintf("action='%s' AND `what` IS NOT NULL", REQUEST_GET(('sub')));
+ $SUB = REQUEST_GET(('sub'));
} // END - if
// Get count of (maybe) selected menu points
$listHeader = getMessage('ADMIN_ALL_ACCOUNTS');
if (REQUEST_ISSET_GET(('status'))) {
// Set title according to the "status"
- $listHeader = getMessage(sprintf("ADMIN_LIST_STATUS_%s_ACCOUNTS", strtoupper(SQL_ESCAPE(REQUEST_GET('status')))));
+ $listHeader = getMessage(sprintf("ADMIN_LIST_STATUS_%s_ACCOUNTS", strtoupper(REQUEST_GET(('status')))));
} elseif (REQUEST_ISSET_GET(('mode'))) {
// Set title according to the "mode"
- $listHeader = getMessage(sprintf("ADMIN_LIST_MODE_%s_ACCOUNTS", strtoupper(SQL_ESCAPE(REQUEST_GET('mode')))));
+ $listHeader = getMessage(sprintf("ADMIN_LIST_MODE_%s_ACCOUNTS", strtoupper(REQUEST_GET(('mode')))));
}
// Remember it
break;
default: // Invalid list mode
- DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid list mode %s detected.", SQL_ESCAPE(REQUEST_GET('mode'))));
+ DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid list mode %s detected.", REQUEST_GET(('mode'))));
break;
}
} // END = if
// Prepare SQL and run it
- $SQL = "SELECT userid, gender, surname, family, email, REMOTE_ADDR, refid, status, emails_sent, mails_confirmed, emails_received".$MORE." FROM `{!_MYSQL_PREFIX!}_user_data`".$whereStatement." ORDER BY ".SQL_ESCAPE(REQUEST_GET('sortby'));
+ $SQL = "SELECT userid, gender, surname, family, email, REMOTE_ADDR, refid, status, emails_sent, mails_confirmed, emails_received".$MORE." FROM `{!_MYSQL_PREFIX!}_user_data`".$whereStatement." ORDER BY ".REQUEST_GET(('sortby'));
$result_master = SQL_QUERY($SQL, __FILE__, __LINE__);
// Calculate page count (0.5 fixes a bug with page count)
$AND = "(`what` = '' OR `what` IS NULL)"; $SUB = "";
if (REQUEST_ISSET_GET(('sub'))) {
- $AND = sprintf("action='%s' AND `what` IS NOT NULL", SQL_ESCAPE(REQUEST_GET('sub')));
- $SUB = SQL_ESCAPE(REQUEST_GET('sub'));
+ $AND = sprintf("action='%s' AND `what` IS NOT NULL", REQUEST_GET(('sub')));
+ $SUB = REQUEST_GET(('sub'));
}
// Get count of (maybe) selected menu points
define('__OPTION_LINES', ADD_CATEGORY_OPTIONS(REQUEST_GET('mode')));
// Store send mode
- define('__MODE', SQL_ESCAPE(REQUEST_GET('mode')));
+ define('__MODE', REQUEST_GET(('mode')));
if (EXT_IS_ACTIVE("html_mail")) {
// If HTML extension is active
if (empty($OUT)) $OUT = getMessage('ADMIN_THEME_NO_OUTPUT');
} elseif (REQUEST_ISSET_GET(('default_theme'))) {
// Escape string from input
- $POST['default_theme'] = SQL_ESCAPE(REQUEST_GET('default_theme'));
+ $POST['default_theme'] = REQUEST_GET(('default_theme'));
// Set session
set_session('mxchange_theme', $POST['default_theme']);
$FQFN = sprintf("%s%s/%s_usage_%s.png",
constant('PATH'),
getConfig('usage_base'),
- SQL_ESCAPE(REQUEST_GET('type')),
- SQL_ESCAPE(REQUEST_GET('image'))
+ REQUEST_GET(('type')),
+ REQUEST_GET(('image'))
);
}
$FQFN = sprintf("%s%s/usage_%s.html",
constant('PATH'),
getConfig('usage_base'),
- SQL_ESCAPE(REQUEST_GET('usage'))
+ REQUEST_GET(('usage'))
);
}
// Add missing element
$frame = "";
- if (REQUEST_ISSET_GET(('frame'))) $frame = SQL_ESCAPE(REQUEST_GET('frame'));
+ if (REQUEST_ISSET_GET(('frame'))) $frame = REQUEST_GET(('frame'));
switch ($frame)
{
case "":
// Login problems?
if (REQUEST_ISSET_GET(('login'))) {
// Use code from URL
- $ERROR = SQL_ESCAPE(REQUEST_GET('login'));
+ $ERROR = REQUEST_GET(('login'));
} // END - if
// Login problems?
$ext = "unknown";
// Is extension given?
- if (REQUEST_ISSET_GET(('ext'))) $ext = SQL_ESCAPE(REQUEST_GET('ext'));
+ if (REQUEST_ISSET_GET(('ext'))) $ext = REQUEST_GET(('ext'));
// Which message shall we output?
$msg = convertCodeToMessage(REQUEST_GET('msg'));
SQL_FREERESULT($result);
} else {
// Invalid mode!
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(PRIMERA_MEMBER_MODE_INVALID, SQL_ESCAPE(REQUEST_GET('mode'))));
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(PRIMERA_MEMBER_MODE_INVALID, REQUEST_GET(('mode'))));
return;
}
default: // Invalid mode!
DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid mode %s detected.", REQUEST_GET('mode')));
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(PRIMERA_MEMBER_MODE_INVALID, SQL_ESCAPE(REQUEST_GET('mode'))));
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(PRIMERA_MEMBER_MODE_INVALID, REQUEST_GET(('mode'))));
return;
}
} // END - if
// Prepare mode for template name
-$mode = sprintf("member_primera_mode_%s", SQL_ESCAPE(REQUEST_GET('mode')));
+$mode = sprintf("member_primera_mode_%s", REQUEST_GET(('mode')));
// Load the template
LOAD_TEMPLATE($mode, false, $content);
SQL_FREERESULT($result);
} else {
// Invalid mode!
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_MODE_INVALID, SQL_ESCAPE(REQUEST_GET('mode'))));
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_MODE_INVALID, REQUEST_GET(('mode'))));
return;
}
default: // Invalid mode!
DEBUG_LOG(__FILE__, __LINE__, sprintf("Invalid mode %s detected.", REQUEST_GET('mode')));
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_MODE_INVALID, SQL_ESCAPE(REQUEST_GET('mode'))));
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(WERNIS_MEMBER_MODE_INVALID, REQUEST_GET(('mode'))));
return;
}
}
} // END - if
// Prepare mode for template name
-$mode = sprintf("member_wernis_mode_%s", SQL_ESCAPE(REQUEST_GET('mode')));
+$mode = sprintf("member_wernis_mode_%s", REQUEST_GET(('mode')));
// Load the template
LOAD_TEMPLATE($mode, false, $content);
// Please run the installation script (maybe again)
mxchange_die("{--DIE_RUN_INSTALL_MYSQL--}");
}
-} elseif ((!isBooleanConstantAndTrue('mxchange_installing')) && (!REQUEST_ISSET_GET(('installing'))) && (empty($MySQL['password'])) && (isBooleanConstantAndTrue('warn_no_pass'))) {
+} elseif ((!isInstalling()) && (!REQUEST_ISSET_GET(('installing'))) && (empty($MySQL['password'])) && (isBooleanConstantAndTrue('warn_no_pass'))) {
// No database password entered!!!
OUTPUT_HTML("<div>{--LANG_WARNING--}:</div> {--WARN_NULL_PASSWORD--}");
}
initFatalMessages();
// Check if this file is writeable or read-only and warn the user
-if ((!isBooleanConstantAndTrue('mxchange_installing')) && (isBooleanConstantAndTrue('mxchange_installed'))) {
+if ((!isInstalling()) && (isBooleanConstantAndTrue('mxchange_installed'))) {
// Check for write-permission for config.php and inc directory
if (empty($GLOBALS['module'])) $GLOBALS['module'] = "index";
$ret = "major";
// Check if script is installed if not return a "done" to prevent some errors
- if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isBooleanConstantAndTrue('mxchange_installing')) || (!isBooleanConstantAndTrue('admin_registered'))) {
+ if ((!isBooleanConstantAndTrue('mxchange_installed')) || (isInstalling()) || (!isBooleanConstantAndTrue('admin_registered'))) {
// Not installed or no admin registered or in installation phase
return "done";
} // END - if
// By default no element is there
$value = null;
- // Is the element there?
- if (REQUEST_ISSET_GET($element)) {
- // Then use it
- $value = $_GET[$element];
+ // Is the element cached or there?
+ if (isset($GLOBALS['cache_array']['request_get'][$element])) {
+ // Then use the cache
+ $value = $GLOBALS['cache_array']['request_get'][$element];
+ } elseif (REQUEST_ISSET_GET($element)) {
+ // Then get it directly
+ $value = SQL_ESCAPE($_GET[$element]);
+
+ // Store it in cache
+ $GLOBALS['cache_array']['request_get'][$element] = $value;
} // END - if
// Return value
// Checks if an element in $_GET exists
function REQUEST_ISSET_GET ($element) {
- return (isset($_GET['element']));
+ return (isset($_GET[$element]));
}
// Removes an element from $_GET
// Checks if an element in $_POST exists
function REQUEST_ISSET_POST ($element) {
- return (isset($_POST['element']));
+ return (isset($_POST[$element]));
}
// Removes an element from $_POST
} // END - if
// Test session if index.php or modules.php is loaded
-if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_SELF']) == "modules.php") || (isBooleanConstantAndTrue('mxchange_installing'))) {
+if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_SELF']) == "modules.php") || (isInstalling())) {
if (count($_SESSION) > 0) {
// Session variables accepted!
define('__COOKIES', true);
} else {
// Now we load all CSS files from css.php!
OUTPUT_HTML("<link rel=\"stylesheet\" type=\"text/css\" href=\"{!URL!}/css.php", false);
- if (isBooleanConstantAndTrue('mxchange_installing')) {
+ if (isInstalling()) {
// Default theme first
$NEW_THEME = "default";
- if (REQUEST_ISSET_GET(('theme'))) $NEW_THEME = SQL_ESCAPE(REQUEST_GET('theme'));
+ if (REQUEST_ISSET_GET(('theme'))) $NEW_THEME = REQUEST_GET(('theme'));
if (REQUEST_ISSET_POST(('theme'))) $NEW_THEME = SQL_ESCAPE(REQUEST_POST('theme'));
OUTPUT_HTML("?theme=".$NEW_THEME."&installing=1", false);
} // END - if
************************************************************************/
// Tell every module / include file we are installing
-define('mxchange_installing', true);
+$GLOBALS['mxchange_installing'] = true;
// Load security system
require("inc/libs/security_functions.php");
LOAD_INC("inc/header.php");
// Reload page to page=welcome when it is not specified
-if (!REQUEST_ISSET_GET(('page'))) {
+if (!REQUEST_ISSET_GET('page')) {
LOAD_URL("install.php?page=welcome");
} // END - if
// Prepare include file for looking
$INC = sprintf("inc/js/tag-%s.php",
- SQL_ESCAPE(REQUEST_GET('tag'))
+ REQUEST_GET(('tag'))
);
// Is that file readable?
$URL = "modules.php?module=index";
} else {
// We have an refid here. So we simply add it
- $URL .= SQL_ESCAPE(REQUEST_GET('hash'));
+ $URL .= REQUEST_GET(('hash'));
}
// Load the URL
projects / mailer.git / commitdiff