From ec572865e457cf5e06e61d8664ca987b1d5196aa Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Tue, 27 Jul 2010 22:44:26 +0000 Subject: [PATCH] Total eval() commands slightly reduced, still there are some left --- inc/config-functions.php | 4 ++-- inc/functions.php | 32 ++++++++++++++++++-------------- inc/libs/primera_functions.php | 4 ++-- inc/libs/wernis_functions.php | 20 ++++++++++++-------- inc/modules/admin/what-usage.php | 17 +++++++++-------- inc/wrapper-functions.php | 2 +- 6 files changed, 44 insertions(+), 35 deletions(-) diff --git a/inc/config-functions.php b/inc/config-functions.php index d2cd10c46f..e86c97ac6e 100644 --- a/inc/config-functions.php +++ b/inc/config-functions.php @@ -154,7 +154,7 @@ function updateOldConfigFile () { '_TABLE_TYPE' => '_TABLE_TYPE', '_DB_TYPE' => '_DB_TYPE', 'SMTP_HOSTNAME' => 'SMTP_HOSTNAME', - 'SMTP_USER' => 'SMTP_USER', + 'SMTP_USER' => 'SMTP_USER', 'SMTP_PASSWORD' => 'SMTP_PASSWORD', 'ENABLE_BACKLINK' => 'ENABLE_BACKLINK', 'MAIN_TITLE' => 'MAIN_TITLE', @@ -243,7 +243,7 @@ function updateOldConfigFile () { $line = trim($line); // Is the $MySQL found? - if (substr($line, 0, 6) == "\$MySQL") { + if (substr($line, 0, 6) == '$MySQL') { // Okay found! $found = true; } elseif ($found === true) { diff --git a/inc/functions.php b/inc/functions.php index bccca8bca0..eef935d62e 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -106,9 +106,6 @@ function getTotalFatalErrors () { function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = '') { //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'toEmail=' . $toEmail . ',subject=' . $subject . ',isHtml=' . $isHtml); - // Compile subject line (for POINTS constant etc.) - eval('$subject = decodeEntities("' . compileRawCode(escapeQuotes($subject)) . '");'); - // Set from header if ((!isInStringIgnoreCase('@', $toEmail)) && ($toEmail > 0)) { // Value detected, is the message extension installed? @@ -182,12 +179,17 @@ function checkPhpMailerUsage() { } // Send out a raw email with PHPMailer class or legacy mail() command -function sendRawEmail ($toEmail, $subject, $message, $from) { - // Just compile all again, to put out all configs, etc. - eval('$toEmail = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($toEmail)), false) . '");'); - eval('$subject = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($subject)), false) . '");'); - eval('$message = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($message)), false) . '");'); - eval('$from = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($from)) , false) . '");'); +function sendRawEmail ($toEmail, $subject, $message, $headers) { + // Just compile all to put out all configs, etc. + $eval = '$toEmail = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($toEmail)), false) . '"); '; + $eval .= '$subject = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($subject)), false) . '"); '; + $eval .= '$headers = decodeEntities("' . doFinalCompilation(compileRawCode(escapeQuotes($headers)), false) . '"); '; + + // Do not decode entities in the message because we also send HTML mails through this function + $eval .= '$message = "' . doFinalCompilation(compileRawCode(escapeQuotes($message)), false) . '";'; + + // Run the final eval() command + eval($eval); // Shall we use PHPMailer class or legacy mode? if (checkPhpMailerUsage()) { @@ -210,10 +212,10 @@ function sendRawEmail ($toEmail, $subject, $message, $from) { $mail->Port = 25; $mail->Username = getConfig('SMTP_USER'); $mail->Password = getConfig('SMTP_PASSWORD'); - if (empty($from)) { + if (empty($headers)) { $mail->From = getConfig('WEBMASTER'); } else { - $mail->From = $from; + $mail->From = $headers; } $mail->FromName = getMainTitle(); $mail->Subject = $subject; @@ -225,10 +227,12 @@ function sendRawEmail ($toEmail, $subject, $message, $from) { } else { $mail->Body = decodeEntities($message); } + $mail->AddAddress($toEmail, ''); $mail->AddReplyTo(getConfig('WEBMASTER'), getMainTitle()); $mail->AddCustomHeader('Errors-To:' . getConfig('WEBMASTER')); $mail->AddCustomHeader('X-Loop:' . getConfig('WEBMASTER')); + $mail->AddCustomHeader('Bounces-To:' . getConfig('WEBMASTER')); $mail->Send(); // Has an error occured? @@ -244,7 +248,7 @@ function sendRawEmail ($toEmail, $subject, $message, $from) { } } else { // Use legacy mail() command - return mail($toEmail, $subject, decodeEntities($message), $from); + return mail($toEmail, $subject, decodeEntities($message), $headers); } } @@ -554,7 +558,7 @@ function redirectToUrl ($URL, $allowSpider = true) { } // END - if // Three different ways to debug... - //* DEBUG: */ debug_report_bug(__FUNCTION__, __LINE__, sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL)); + //* DEBUG: */ debug_report_bug(__FUNCTION__, __LINE__, 'URL=' . $URL); //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $URL); //* DEBUG: */ die($URL); @@ -763,7 +767,7 @@ function createFancyTime ($stamp) { foreach($data as $k => $v) { if ($v > 0) { // Value is greater than 0 "eval" data to return string - eval('$ret .= ", ".$v." {--_' . strtoupper($k) . '--}";'); + $ret .= ', ' . $v . ' {--_' . strtoupper($k) . '--}'; break; } // END - if } // END - foreach diff --git a/inc/libs/primera_functions.php b/inc/libs/primera_functions.php index baf88c8796..9653804725 100644 --- a/inc/libs/primera_functions.php +++ b/inc/libs/primera_functions.php @@ -258,7 +258,7 @@ function executePrimeraWithdraw ($primusNick, $userMd5, $amount) { $api = new PrimeraApi($primusNick, $userMd5); // Prepare purpose - eval('$purpose = "' . preCompileCode(getMaskedMessage('PRIMERA_API_PURPOSE_WITHDRAW', getSession('sponsorid'))) . '";'); + eval('$purpose = "' . doFinalCompilation(getMaskedMessage('PRIMERA_API_PURPOSE_WITHDRAW', getSession('sponsorid')), true) . '";'); // Pay the Primera return $api->payPrimera($primusNick, $amount, $purpose); @@ -270,7 +270,7 @@ function executePrimeraPayout ($primusNick, $userMd5, $amount) { $api = new PrimeraApi(getConfig('primera_api_name'), getConfig('primera_api_md5')); // Prepare purpose - eval('$purpose = "' . preCompileCode(getMaskedMessage('PRIMERA_API_PURPOSE_PAYOUT', getMemberId())) . '";'); + eval('$purpose = "' . doFinalCompilation(getMaskedMessage('PRIMERA_API_PURPOSE_PAYOUT', getMemberId()), true) . '";'); // Pay the Primera return $api->payPrimera($primusNick, $amount, $purpose); diff --git a/inc/libs/wernis_functions.php b/inc/libs/wernis_functions.php index ffc792f40f..df3a61d2e1 100644 --- a/inc/libs/wernis_functions.php +++ b/inc/libs/wernis_functions.php @@ -97,6 +97,15 @@ function WERNIS_SEND_REQUEST ($scriptName, $requestData = array()) { $requestData['api_id'] = getConfig('wernis_api_id'); $requestData['api_key'] = getConfig('wernis_api_md5'); + // Is a purpose there? + if (isset($requestData['purpose'])) { + // Eval the purpose + eval('$purpose = "' . doFinalCompilation($requestData['purpose'], false) . '";'); + + // Prepare the purpose, it needs encoding + $requestData['purpose'] = encodeString($purpose); + } // END - if + // Construct the request string $requestString = getConfig('wernis_api_url') . $scriptName; @@ -210,6 +219,7 @@ function WERNIS_TEST_API () { // Return the result from the lower functions $return = WERNIS_SEND_REQUEST('balance.php'); + // Did it went smoothly? if ($return['status'] == 'OK') { // All fine! $result = true; @@ -238,9 +248,6 @@ function WERNIS_EXECUTE_WITHDRAW ($wdsId, $userMd5, $amount) { // Default is failed attempt $result = false; - // Prepare the purpose - eval('$purpose = "' . preCompileCode(getMaskedMessage('WERNIS_API_PURPOSE_WITHDRAW', getMemberId())) . '";'); - // Prepare the request data $requestData = array( 'sub_request' => 'receive', @@ -248,7 +255,7 @@ function WERNIS_EXECUTE_WITHDRAW ($wdsId, $userMd5, $amount) { 't_md5' => $userMd5, 'r_uid' => getConfig('wernis_refid'), 'amount' => bigintval($amount), - 'purpose' => encodeString($purpose, false) + 'purpose' => getMaskedMessage('WERNIS_API_PURPOSE_WITHDRAW', getMemberId()) ); // Return the result from the lower functions @@ -278,9 +285,6 @@ function WERNIS_EXECUTE_PAYOUT ($wdsId, $amount) { // Default is failed attempt $result = false; - // Prepare the purpose - eval('$purpose = "' . preCompileCode(getMaskedMessage('WERNIS_API_PURPOSE_PAYOUT', getMemberId())) . '";'); - // Prepare the request data $requestData = array( 'sub_request' => 'send', @@ -288,7 +292,7 @@ function WERNIS_EXECUTE_PAYOUT ($wdsId, $amount) { 't_md5' => getConfig('wernis_pass_md5'), 'r_uid' => bigintval($wdsId), 'amount' => bigintval($amount), - 'purpose' => encodeString($purpose, false) + 'purpose' => getMaskedMessage('WERNIS_API_PURPOSE_PAYOUT', getMemberId()) ); // Return the result from the lower functions diff --git a/inc/modules/admin/what-usage.php b/inc/modules/admin/what-usage.php index 1ff86f45f9..a4ed0b2622 100644 --- a/inc/modules/admin/what-usage.php +++ b/inc/modules/admin/what-usage.php @@ -40,7 +40,7 @@ // Some security stuff... if ((!defined('__SECURITY')) || (!isAdmin())) { die(); -} +} // END - if // Add description as navigation point addMenuDescription('admin', __FILE__); @@ -48,6 +48,12 @@ addMenuDescription('admin', __FILE__); // Base directory (should be moved to database) $usage = getConfig('usage_base') . '/'; +// Init FQFN +$FQFN = sprintf("%s%s/index.html", + getPath(), + getConfig('usage_base') +); + if (isGetRequestParameterSet('image')) { if (getRequestParameter('type') == 'usage') { $FQFN = sprintf("%s%s/usage.png", @@ -71,12 +77,7 @@ if (isGetRequestParameterSet('image')) { imagedestroy($image); } shutdown(); -} elseif (!isGetRequestParameterSet('usage')) { - $FQFN = sprintf("%s%s/index.html", - getPath(), - getConfig('usage_base') - ); -} else { +} elseif (isGetRequestParameterSet('usage')) { $FQFN = sprintf("%s%s/usage_%s.html", getPath(), getConfig('usage_base'), @@ -94,7 +95,7 @@ if ((!empty($FQFN)) && (isFileReadable($FQFN))) { $content = str_replace('daily_usage_' , '{?URL?}/modules.php?module=admin&what=' . getWhat() . '&type=daily&image=' , $content); $content = str_replace('hourly_usage_', '{?URL?}/modules.php?module=admin&what=' . getWhat() . '&type=hourly&image=' , $content); $content = str_replace('ctry_usage_' , '{?URL?}/modules.php?module=admin&what=' . getWhat() . '&type=ctry&image=' , $content); - $content = str_replace('usage_' , '{?URL?}/modules.php?module=admin&what=' . getWhat() . '&usage=' , str_replace('.html', '', $content)); + $content = str_replace('usage_' , '{?URL?}/modules.php?module=admin&what=' . getWhat() . '&usage=' , str_replace('.html', '', $content)); $test = strtolower($content); // Do we need to strip out above and including plus trailing tag? diff --git a/inc/wrapper-functions.php b/inc/wrapper-functions.php index a4fc62e3bb..df15ededa2 100644 --- a/inc/wrapper-functions.php +++ b/inc/wrapper-functions.php @@ -963,7 +963,7 @@ function sendRawRedirect ($url) { // check if running on IIS < 6 with CGI-PHP if ((isset($_SERVER['SERVER_SOFTWARE'])) && (isset($_SERVER['GATEWAY_INTERFACE'])) && - (strpos($_SERVER['GATEWAY_INTERFACE'],'CGI') !== false) && + (strpos($_SERVER['GATEWAY_INTERFACE'], 'CGI') !== false) && (preg_match('|^Microsoft-IIS/(\d)\.\d$|', trim($_SERVER['SERVER_SOFTWARE']), $matches)) && ($matches[1] < 6)) { // Send the IIS header -- 2.39.5