break;
case "add-points":
- $points = bigintval($_POST['points']);
+ if (isset($_POST['points'])) {
+ $points = bigintval($_POST['points']);
+ } else {
+ $points = __POINTS_VALUE;
+ }
break;
case "guest_request_confirm":
// Compile out URI codes
$URL = COMPILE_CODE($URL);
+ // Get output buffer
+ $OUTPUT = ob_get_contents();
+
+ // Clear it
+ ob_end_clean();
+
// Add some data to URL if cookies are not accepted
if (((!defined('__COOKIES')) || (!__COOKIES)) && ($addUrlData)) $URL = ADD_URL_DATA($URL);
} else {
// Output error message
include(PATH."inc/header.php");
- LOAD_TEMPLATE("redirect_url", false, $URL);
+ LOAD_TEMPLATE("redirect_url", false, str_replace("&", "&", $URL));
include(PATH."inc/footer.php");
}
exit();
return $return;
}
// Does only allow numbers
-function bigintval($num)
+function bigintval($num, $castValue = true)
{
- $ret = (int) preg_replace("/[^0123456789]/", "", $num);
+ // Filter all numbers out
+ $ret = preg_replace("/[^0123456789]/", "", $num);
+
+ // Cast the value?
+ if ($castValue) $ret = (int) $ret;
+
+ // Return result
return $ret;
}
// Insert the code in $img_code into jpeg or PNG image
}
//
-function MXCHANGE_OPEN($script) {
+function MXCHANGE_OPEN ($script) {
+ //* DEBUG */ print("SCRIPT=".$script."<br />\n");
// Compile the script name
$script = COMPILE_CODE($script);
+ //* DEBUG */ print("SCRIPT=".$script."<br />\n");
// Use default SERVER_URL by default... ;) So?
$url = SERVER_URL;
if (ereg("/", $host)) $host = substr($host, 0, strpos($host, "/"));
// Generate relative URL
- $script = substr($script, (strlen($url) + 7));
+ //* DEBUG */ print("SCRIPT=".$script."<br />\n");
+ if (substr(strtolower($script), 0, 7) == "http://") {
+ // But only if http:// is in front!
+ $script = substr($script, (strlen($url) + 7));
+ } elseif (substr(strtolower($script), 0, 8) == "https://") {
+ // Does this work?!
+ $script = substr($script, (strlen($url) + 8));
+ }
+
+ //* DEBUG */ print("SCRIPT=".$script."<br />\n");
if (substr($script, 0, 1) == "/") $script = substr($script, 1);
// Open connection
+ //* DEBUG */ die("SCRIPT=".$script."<br />\n");
$fp = @fsockopen($host, 80, $errno, $errdesc, 30);
- if (!$fp)
- {
+ if (!$fp) {
// Failed!
return array("", "", "");
}
if ((EXT_IS_ACTIVE("admins")) && ($table == "admins")) {
// Create email link for contacting admin in guest area
$EMAIL = ADMINS_CREATE_EMAIL_LINK($email);
- } elseif ((GET_EXT_VERSION("user") >= "0.3.3") && ($table == "user_data")) {
+ } elseif ((EXT_IS_ACTIVE("user", true)) && (GET_EXT_VERSION("user") >= "0.3.3") && ($table == "user_data")) {
// Create email link for contacting a member within admin area (or later in other areas, too?)
$EMAIL = USER_CREATE_EMAIL_LINK($email);
} elseif ((EXT_IS_ACTIVE("sponsor")) && ($table == "sponsor_data")) {
return $EMAIL;
}
// Generate a hash for extra-security for all passwords
-function generateHash($plainText, $salt = "") {
+function generateHash ($plainText, $salt = "") {
global $_CONFIG, $_SERVER;
// Is the required extension "sql_patches" there?
//* DEBUG: */ die($passHash."<br>".$newHash." (".strlen($newHash).")");
$ret = generateHash($newHash, $_CONFIG['master_salt']);
+ } else {
+ // Hash it simple
+ //* DEBUG: */ echo "--".$passHash."--<br />\n";
+ $ret = md5($passHash);
+ //* DEBUG: */ echo "++".$ret."++<br />\n";
}
// Return result