Add slashes instead of SQL_ESCAPE()

[mailer.git] / inc / functions.php

diff --git a/inc/functions.php b/inc/functions.php
index d5f455592107ffc037656fec0abf166309df75fd..25610ef39c4263cbded07e7e7d4ddf3acc22c15c 100644 (file)
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -527,10 +527,9 @@ function loadEmailTemplate ($template, $content = array(), $UID = 0) {
        if (isFileReadable($FQFN)) {
                // The local file does exists so we load it. :)
                $GLOBALS['tpl_content'] = readFromFile($FQFN);
-               $GLOBALS['tpl_content'] = SQL_ESCAPE($GLOBALS['tpl_content']);
 
                // Run code
-               $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileCode($GLOBALS['tpl_content'])."\");";
+               $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileCode(smartAddSlashes($GLOBALS['tpl_content']))."\");";
                eval($GLOBALS['tpl_content']);
        } elseif (!empty($template)) {
                // Template file not found!
@@ -600,7 +599,7 @@ function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = '
                        // Free result
                        SQL_FREERESULT($result_email);
                }
-       } elseif ($toEmail == 0) {
+       } elseif ($toEmail == '0') {
                // Is the webmaster!
                $toEmail = getConfig('WEBMASTER');
        }
@@ -637,7 +636,7 @@ function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = '
        if (isDebugModeEnabled()) {
                // In debug mode we want to display the mail instead of sending it away so we can debug this part
                outputHtml('<pre>
-Headers : ' . htmlentities(trim($mailHeader)) . '
+Headers : ' . str_replace('<', '&lt', str_replace('>', '&gt;', htmlentities(trim($mailHeader)))) . '
 To      : ' . $toEmail . '
 Subject : ' . $subject . '
 Message : ' . $message . '
@@ -2036,7 +2035,7 @@ function generateEmailLink ($email, $table = 'admins') {
 // Generate a hash for extra-security for all passwords
 function generateHash ($plainText, $salt = '') {
        // Is the required extension 'sql_patches' there and a salt is not given?
-       if (((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionActive('sql_patches'))) && (empty($salt))) {
+       if (((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionActive('sql_patches')) || (!isExtensionInstalledAndNewer('other', '0.2.5'))) && (empty($salt))) {
                // Extension sql_patches is missing/outdated so we hash the plain text with MD5
                return md5($plainText);
        } // END - if
@@ -2168,7 +2167,7 @@ function generatePassString ($passHash) {
        $ret = $passHash;
 
        // Is a secret key and master salt already initialized?
-       if ((isExtensionInstalled('sql_patches')) && (isConfigEntrySet('secret_key')) && (isConfigEntrySet('master_salt'))) {
+       if ((isExtensionInstalled('sql_patches')) && (isConfigEntrySet('_PRIME')) && (isConfigEntrySet('secret_key')) && (isConfigEntrySet('master_salt'))) {
                // Only calculate when the secret key is generated
                $newHash = ''; $start = 9;
                for ($idx = 0; $idx < 10; $idx++) {