From 427719103e37ed2e27803b833dc5db5841e4dec9 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Sat, 11 Oct 2008 22:50:23 +0000 Subject: [PATCH] A lot eval() commands rewritten to constant() function --- inc/databases.php | 2 +- inc/libs/admins_functions.php | 12 +++----- inc/libs/register_functions.php | 12 ++++---- inc/libs/surfbar_functions.php | 12 ++++---- inc/mails/beg_mails.php | 3 +- inc/mails/bonus_mails.php | 5 ++-- inc/modules/admin/admin-inc.php | 6 ++-- inc/modules/admin/overview-inc.php | 18 +++++++----- inc/modules/admin/what-config_admins.php | 10 ++++--- inc/modules/admin/what-config_register.php | 5 ++-- inc/modules/admin/what-list_payouts.php | 17 ++++-------- inc/modules/admin/what-list_task.php | 9 +++--- inc/modules/admin/what-list_user.php | 3 +- inc/modules/admin/what-optimize.php | 21 +++++++------- inc/modules/admin/what-updates.php | 32 ---------------------- inc/modules/guest/what-sponsor_login.php | 3 +- inc/modules/member/what-payout.php | 3 +- 17 files changed, 65 insertions(+), 108 deletions(-) diff --git a/inc/databases.php b/inc/databases.php index c9e37c8d86..95ca1709d2 100644 --- a/inc/databases.php +++ b/inc/databases.php @@ -113,7 +113,7 @@ define('USAGE_BASE', "usage"); define('SERVER_URL', "http://www.mxchange.org"); // This current patch level -define('CURR_SVN_REVISION', "491"); +define('CURR_SVN_REVISION', "492"); // Take a prime number which is long (if you know a longer one please try it out!) define('_PRIME', 591623); diff --git a/inc/libs/admins_functions.php b/inc/libs/admins_functions.php index 8bb7c27ad4..550b8a69bc 100644 --- a/inc/libs/admins_functions.php +++ b/inc/libs/admins_functions.php @@ -328,10 +328,8 @@ function ADMINS_DELETE_ADMIN_ACCOUNTS ($POST) { // Entry found $content = SQL_FETCHARRAY($result); SQL_FREERESULT($result); - $eval = "\$content['mode'] = ADMINS_".strtoupper($content['mode'])."_MODE;"; - eval($eval); - $eval = "\$content['la_mode'] = ADMINS_".strtoupper($content['la_mode'])."_LA_SETTING;"; - eval($eval); + $content['mode'] = constant('ADMINS_'.strtoupper($content['mode']).'_MODE'); + $content['la_mode'] = constant('ADMINS_'.strtoupper($content['la_mode']).'_LA_SETTING'); // Prepare some more data $content['sw'] = $SW; @@ -389,10 +387,8 @@ function ADMINS_LIST_ADMIN_ACCOUNTS() { $SW = 2; $OUT = ""; while ($content = SQL_FETCHARRAY($result)) { // Compile some variables - $eval = "\$content['mode'] = ADMINS_".strtoupper($content['mode'])."_MODE;"; - eval($eval); - $eval = "\$content['la_mode'] = ADMINS_".strtoupper($content['la_mode'])."_LA_SETTING;"; - eval($eval); + $content['mode'] = constant('ADMINS_'.strtoupper($content['mode']).'_MODE'); + $content['la_mode'] = constant('ADMINS_'.strtoupper($content['la_mode']).'_LA_SETTING'); // Prepare some more data $content['sw'] = $SW; diff --git a/inc/libs/register_functions.php b/inc/libs/register_functions.php index 7a74af6a32..f90e1b8d30 100644 --- a/inc/libs/register_functions.php +++ b/inc/libs/register_functions.php @@ -41,13 +41,12 @@ if (!defined('__SECURITY')) { function REGISTER_FILL_MUST_CONSTANTS() { $result = SQL_QUERY("SELECT field_name, field_required FROM "._MYSQL_PREFIX."_must_register ORDER BY id", __FILE__, __LINE__); - while(list($name, $required) = SQL_FETCHROW($result)) - { + while(list($name, $required) = SQL_FETCHROW($result)) { $value = ""; if ($required == "Y") $value = " (*)"; $eval = "define('MUST_".strtoupper($name)."', \"".$value."\");"; eval($eval); - } + } // END - while // Free memory SQL_FREERESULT($result); @@ -91,12 +90,10 @@ function REGISTER_OUTPUT_REQUIRE_CHECK(&$array) $result = SQL_QUERY("SELECT field_name, field_required FROM "._MYSQL_PREFIX."_must_register ORDER BY id", __FILE__, __LINE__); while(list($name, $required) = SQL_FETCHROW($result)) { - if (($array[$name] == "!") && ($required == "Y")) - { + if (($array[$name] == "!") && ($required == "Y")) { // Empty entry found $array[$name] = ""; - $eval = "\$OUT = REGISTER_".strtoupper($name)."_REQUIRED;"; - eval($eval); + $OUT = constant('REGISTER_'.strtoupper($name).'_REQUIRED'); OUTPUT_HTML("".$OUT."

"); } } @@ -113,6 +110,7 @@ function REGISTER_ADD_CATEGORY_TABLE ($MODE, $return=false) // Guests are mostly not interested in how many members has // choosen an individual category $AND = "WHERE visible='Y' "; + // Admins are allowed to see every category... if (IS_ADMIN()) $AND = ""; $result = SQL_QUERY("SELECT id, cat, visible FROM "._MYSQL_PREFIX."_cats ".$AND." ORDER BY sort", __FILE__, __LINE__); diff --git a/inc/libs/surfbar_functions.php b/inc/libs/surfbar_functions.php index e9c14d7f09..a5f121de43 100644 --- a/inc/libs/surfbar_functions.php +++ b/inc/libs/surfbar_functions.php @@ -488,10 +488,9 @@ function SURFBAR_NOTIFY_ADMIN ($messageType, $content) { $subject = ADMIN_SURFBAR_NOTIFY_DEFAULT_SUBJECT; // Prepare subject - $eval = sprintf("\$subject = ADMIN_SURFBAR_NOTIFY_%s_SUBJECT;", + $subject = constant(sprintf("ADMIN_SURFBAR_NOTIFY_%s_SUBJECT", strtoupper($messageType) - ); - @eval($eval); + )); // Send the notification out return SEND_ADMIN_NOTIFICATION($subject, $templateName, $content, $content['uid']); @@ -510,10 +509,9 @@ function SURFBAR_NOTIFY_USER ($messageType, $content) { $subject = MEMBER_SURFBAR_NOTIFY_DEFAULT_SUBJECT; // Prepare subject - $eval = sprintf("\$subject = MEMBER_SURFBAR_NOTIFY_%s_SUBJECT;", + $subject = constant(sprintf("MEMBER_SURFBAR_NOTIFY_%s_SUBJECT", strtoupper($messageType) - ); - @eval($eval); + )); // Load template $mailText = LOAD_EMAIL_TEMPLATE($templateName, $content, $content['uid']); @@ -783,6 +781,8 @@ function SURFBAR_GENERATE_VALIDATION_CODE ($urlId, $salt="") { // Finally encrypt it PGP-like and return it $valHashedCode = generatePassString($hashedCode); + + // Return hashed value //DEBUG_LOG(__FUNCTION__.":finalValCode={$valHashedCode}"); return $valHashedCode; } diff --git a/inc/mails/beg_mails.php b/inc/mails/beg_mails.php index 545b552a69..37272d712e 100644 --- a/inc/mails/beg_mails.php +++ b/inc/mails/beg_mails.php @@ -108,8 +108,7 @@ if (!empty($SQL)) $MAIL_MODE = (($_CONFIG['beg_notify_bonus'] > 0) && ($MODE == "en") && (EXT_IS_ACTIVE("bonus"))); // Generate subject line - $eval = "\$SUBJECT = BEG_RALLYE_".strtoupper($MODE)."_NOTIFY;"; - eval($eval); + $SUBJECT = constant('BEG_RALLYE_'.strtoupper($MODE).'_NOTIFY'); // Load message body for bonus mails $MSG = LOAD_EMAIL_TEMPLATE("beg_en_notify_body", "", "{PER}uid{PER}"); diff --git a/inc/mails/bonus_mails.php b/inc/mails/bonus_mails.php index ad84a3454d..0e4e19224b 100644 --- a/inc/mails/bonus_mails.php +++ b/inc/mails/bonus_mails.php @@ -82,8 +82,7 @@ if (!empty($SQL)) { $MAIL_MODE = (($_CONFIG['bonus_notify_points'] > 0) && ($MODE == "en") && (EXT_IS_ACTIVE("bonus"))); // Generate subject line - $eval = "\$SUBJECT = BONUS_RALLYE_".strtoupper($MODE)."_NOTIFY;"; - eval($eval); + $SUBJECT = constant('BONUS_RALLYE_'.strtoupper($MODE).'_NOTIFY'); // Load message body for bonus mails $MSG = LOAD_EMAIL_TEMPLATE("bonus_en_notify_body", "", "{PER}uid{PER}"); @@ -108,7 +107,7 @@ SET bonus_ral_notify='%s', bonus_ral_%s_notify='%s' WHERE userid=%s LIMIT 1", $MSG = LOAD_EMAIL_TEMPLATE("bonus_".$MODE."_notify", array(), $uid); SEND_EMAIL($uid, $SUBJECT, $MSG); } - } + } // END - if // Shall I send out bonus mails? if ($MAIL_MODE) { diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php index de735f5f5c..51c43c1bd8 100644 --- a/inc/modules/admin/admin-inc.php +++ b/inc/modules/admin/admin-inc.php @@ -847,8 +847,7 @@ function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="") // Is the raw userid set? if ($_POST['uid_raw'][$id] > 0) { // Generate subject - $eval = "\$subjectLine = MEMBER_".$subject."_".strtoupper($table)."_SUBJECT;"; - eval($eval); + $subjectLine = constant('MEMBER_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT'); // Load email template if (!empty($subjectPart)) { @@ -862,8 +861,7 @@ function ADMIN_SEND_BUILD_MAILS ($mode, $table, $content, $id, $subjectPart="") } // END - if // Generate subject - $eval = "\$subjectLine = ADMIN_".$subject."_".strtoupper($table)."_SUBJECT;"; - eval($eval); + $subjectLine = constant('ADMIN_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT'); // Send admin notification out if (!empty($subjectPart)) { diff --git a/inc/modules/admin/overview-inc.php b/inc/modules/admin/overview-inc.php index 23501fea99..f77e1e00fe 100644 --- a/inc/modules/admin/overview-inc.php +++ b/inc/modules/admin/overview-inc.php @@ -410,8 +410,10 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { $admin = "".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2.""; } } - $evl = "\$type_out = ADMIN_TASK_IS_".strtoupper($type).";"; - eval($evl); + + // Get task type + $type_out = constant('ADMIN_TASK_IS_'.strtoupper($type).''); + $type2 = substr($text, 0, strpos($text, ":")); // Generate infos switch ($type) @@ -421,16 +423,15 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { $infos = substr($subj, 1, strpos($subj, ":") - 1); break; } - if ($uid > 0) - { + + if ($uid > 0) { // Member found otherwise it's a system task $uid = ADMIN_USER_PROFILE_LINK($uid); - } - else - { + } else { $uid = "".ADMIN_IS_SYSTEM_TASK.""; } + // Prepare content $content = array( 'sw' => $SW, 'id' => $id, @@ -441,7 +442,10 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { 'created' => MAKE_DATETIME($created, "2") ); + // Load row template LOAD_TEMPLATE("admin_overview_list_rows", false, $content); + + // Switch color $SW = 3 - $SW; } // Free memory diff --git a/inc/modules/admin/what-config_admins.php b/inc/modules/admin/what-config_admins.php index 5bd3d2cc85..d88a2821f1 100644 --- a/inc/modules/admin/what-config_admins.php +++ b/inc/modules/admin/what-config_admins.php @@ -110,8 +110,9 @@ if ((isset($_POST['edit'])) && ($SEL > 0)) { // Prepare variables if (empty($act)) $act = "---"; if (empty($wht)) $wht = "---"; - $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;"; - eval($eval); + + // Get admin mode + $mode = constant('ADMINS_'.strtoupper($mode).'_MODE'); // Load admin's data $login = GET_ADMIN_LOGIN($admin); @@ -225,8 +226,9 @@ VALUES ('%s','%s','%s','%s')", // Prepare variables if (empty($act)) $act = "---"; if (empty($wht)) $wht = "---"; - $eval = "\$mode = ADMINS_".strtoupper($mode)."_MODE;"; - eval($eval); + + // Get mode + $mode = constant('ADMINS_'.strtoupper($mode).'_MODE'); // Load admin's data $login = GET_ADMIN_LOGIN($admin); diff --git a/inc/modules/admin/what-config_register.php b/inc/modules/admin/what-config_register.php index f4b0a39b97..dbc53e62f7 100644 --- a/inc/modules/admin/what-config_register.php +++ b/inc/modules/admin/what-config_register.php @@ -53,8 +53,9 @@ if (isset($_POST['ok'])) { $result = SQL_QUERY("SELECT id, field_name, field_required FROM "._MYSQL_PREFIX."_must_register ORDER BY id", __FILE__, __LINE__); $SW = 2; $OUT = ""; while (list($id, $name, $required) = SQL_FETCHROW($result)) { - $eval = "\$name = ".strtoupper($name).";"; - eval($eval); + // Get constant value + $name = constant(strtoupper($name)); + $OUT .= " ".$id."   ".$name." diff --git a/inc/modules/admin/what-list_payouts.php b/inc/modules/admin/what-list_payouts.php index 7054963825..289dd508ed 100644 --- a/inc/modules/admin/what-list_payouts.php +++ b/inc/modules/admin/what-list_payouts.php @@ -243,17 +243,14 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__); else { // Translate status - $evl = "\$status = PAYOUT_STATUS_".strtoupper($status).";"; - eval($evl); + $status = constant('PAYOUT_STATUS_'.strtoupper($status).''); $status = "".$status.""; } // Nothing entered must be secured in member/what-payputs.php ! - if ($allow == "Y") - { + if ($allow == "Y") { // Banner/Textlink views/clicks request - if (!empty($banner)) - { + if (!empty($banner)) { // Prepare array for the banner $content = array( 'banner' => $banner, @@ -263,9 +260,7 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__); // Load template for the banner $account = LOAD_TEMPLATE("admin_list_payouts_banner", true, $content); - } - else - { + } else { // Textlink $content = array( 'txt_link' => $alt, @@ -276,9 +271,7 @@ ORDER BY p.payout_timestamp DESC", __FILE__, __LINE__); // Admins can addionally test the URL for framekillers $bank = "".CLICK_HERE.""; - } - else - { + } else { // e-currency payout request if (empty($account)) $account = "---"; if (empty($bank)) $bank = "---"; diff --git a/inc/modules/admin/what-list_task.php b/inc/modules/admin/what-list_task.php index 65ed9bc004..c00272e287 100644 --- a/inc/modules/admin/what-list_task.php +++ b/inc/modules/admin/what-list_task.php @@ -119,8 +119,7 @@ ORDER BY userid DESC, task_type DESC, subject, task_created DESC", __FILE__, __L } // There are uncompleted jobs! - $eval = "\$type = ADMIN_OVERVIEW_TASK_".strtoupper($_GET['type'])."_TYPE;"; - eval($eval); + $type = constant('ADMIN_OVERVIEW_TASK_'.strtoupper($_GET['type']).'_TYPE'); LOAD_TEMPLATE("admin_overview_header_task", false, array( 'message' => $type, 'type' => $_GET['type'] @@ -149,8 +148,10 @@ ORDER BY userid DESC, task_type DESC, subject, task_created DESC", __FILE__, __L $admin = "".ADMIN_ID_404_1.$admin.ADMIN_ID_404_2.""; } } - $evl = "\$type_out = ADMIN_TASK_IS_".strtoupper($type).";"; - eval($evl); + + // Get admin task + $type_out = constant('ADMIN_TASK_IS_'.strtoupper($type).''); + $type2 = substr($text, 0, strpos($text, ":")); // Generate infos switch ($type) diff --git a/inc/modules/admin/what-list_user.php b/inc/modules/admin/what-list_user.php index 58c2147f0a..ce84588bad 100644 --- a/inc/modules/admin/what-list_user.php +++ b/inc/modules/admin/what-list_user.php @@ -48,8 +48,7 @@ ADD_DESCR("admin", __FILE__); $listHeader = ADMIN_ALL_ACCOUNTS; if (!empty($_GET['mode'])) { // Set title according to the "mode" - $eval = sprintf("\$listHeader = ADMIN_LIST_%s_ACCOUNTS;", strtoupper(SQL_ESCAPE($_GET['mode']))); - eval($eval); + $listHeader = constant(sprintf("ADMIN_LIST_%s_ACCOUNTS", strtoupper(SQL_ESCAPE($_GET['mode'])))); } // END - if // Remember it diff --git a/inc/modules/admin/what-optimize.php b/inc/modules/admin/what-optimize.php index e225f6f298..0bb91c5709 100644 --- a/inc/modules/admin/what-optimize.php +++ b/inc/modules/admin/what-optimize.php @@ -47,22 +47,23 @@ $DATA = REPAIR_OPTIMIZE_DB(); $SW = 2; $gain_tabs = 0; $OUT = ""; foreach ($DATA['tables'] as $row_array) { + // Init variables + $B1 = ""; $B2 = ""; + // Fixes a bug which causes a parser error on eval'd code if (empty($row_array[1])) $row_array[1] = "NONE"; - $eval = "\$REP = OPTIMIZE_STATUS_".strtoupper($row_array[1]).";"; - eval($eval); $B1 = ""; $B2 = ""; + + // Get optimization status + $REP = constant('OPTIMIZE_STATUS_'.strtoupper($row_array[1]).''); + $OPT = OPTIMIZE_STATUS_UNSUPPORTED; - if ($row_array[4] > 0) - { + + if ($row_array[4] > 0) { $OPT = OPTIMIZE_STATUS_OPTIMIZED; $B1 = ""; $B2 = ""; $gain_tabs++; - } - elseif (count(explode(" ", $row_array[2])) == 0) - { - $eval = "\$OPT = OPTIMIZE_STATUS_".strtoupper($row_array[2]).";"; - die($eval); - eval($eval); + } elseif (count(explode(" ", $row_array[2])) == 0) { + $OPT = constant('OPTIMIZE_STATUS_'.strtoupper($row_array[2]).''); } // Prepare data for the row template diff --git a/inc/modules/admin/what-updates.php b/inc/modules/admin/what-updates.php index 28fb4d5a57..cd689af7ad 100644 --- a/inc/modules/admin/what-updates.php +++ b/inc/modules/admin/what-updates.php @@ -132,38 +132,6 @@ if (empty($ONLINE['version'])) { // Load template LOAD_TEMPLATE("admin_update_download"); -/* - * DEACTIVATED ON 09/11/2008,02:47 AM - * -} elseif (sizeof($PATCHES['fname']) > 0) { - // Some patches are available - $OUT = ""; $SW = "2"; - foreach ($PATCHES['fname'] as $idx => $file) { - $SIZE = TRANSLATE_COMMA(round($PATCHES['fsize'][$idx]/102.4)/10); - $content = array( - 'sw' => $SW, - 'patch_url' => SERVER_URL."/patches/".$file, - 'patch_title' => str_replace("_", " ", str_replace(".zip", "", $file)), - 'patch_ctime' => MAKE_DATETIME($PATCHES['ctime'][$idx], "2"), - 'patch_size' => $SIZE, - 'patch_desc' => COMPILE_CODE($PATCHES['descr'][$idx]), - ); - // Evaluate descrition code - $eval = "\$content['patch_desc'] = \"".$content['patch_desc']."\";"; - eval($eval); - - // Load template, switch color and count total size up - $OUT .= LOAD_TEMPLATE("admin_patches_row", true, $content); - $SW = 3 - $SW; - } - define('__PATCH_ROWS', $OUT); - - // Total size - define('__TOTAL_SIZE', TRANSLATE_COMMA($TOTAL_SIZE / 1024)); - - // Load main template - LOAD_TEMPLATE("admin_patches"); -*/ } else { // You have the latest version! LOAD_TEMPLATE("admin_settings_saved", false, NO_UPDATES_AVAILABLE); diff --git a/inc/modules/guest/what-sponsor_login.php b/inc/modules/guest/what-sponsor_login.php index cf6f8bd7fd..d224bc3672 100644 --- a/inc/modules/guest/what-sponsor_login.php +++ b/inc/modules/guest/what-sponsor_login.php @@ -281,8 +281,7 @@ WHERE id='%s' AND password='%s' LIMIT 1", else { // Status is not fine - $eval = "\$content = SPONSOR_LOGIN_FAILED_".strtoupper($status).";"; - eval($eval); + $content = constant('SPONSOR_LOGIN_FAILED_'.strtoupper($status).''); LOAD_TEMPLATE("admin_settings_saved", false, $content); OUTPUT_HTML("
"); diff --git a/inc/modules/member/what-payout.php b/inc/modules/member/what-payout.php index ad7cbd3ee9..a62131dcc2 100644 --- a/inc/modules/member/what-payout.php +++ b/inc/modules/member/what-payout.php @@ -102,8 +102,7 @@ ORDER BY p.payout_timestamp DESC", while (list($pid, $total, $account, $bank, $type, $tstamp, $status, $allow, $url, $alt, $banner) = SQL_FETCHROW($result_payouts)) { // Translate status - $evl = "\$status = PAYOUT_MEMBER_STATUS_".strtoupper($status).";"; - eval($evl); + $status = constant('PAYOUT_MEMBER_STATUS_'.strtoupper($status).''); $status = "".$status.""; // Nothing entered must be secured in member/what-payputs.php ! -- 2.39.5