} else {
// Add surrounding HTML comments to help finding bugs faster
$ret = '<!-- Template ' . $template . " - Start -->\n" . $GLOBALS['tpl_content'] . '<!-- Template ' . $template . " - End -->\n";
- $eval = '$ret = "' . escapeQuotes($ret) . '";';
+ $eval = '$ret = "' . compileRawCode(escapeQuotes($ret)) . '";';
} // END - if
// Cache the eval() command here
// Don't de-refer our own links!
if (substr($URL, 0, strlen(getConfig('URL'))) != getConfig('URL')) {
// De-refer this link
- $URL = '{?URL?}/modules.php?module=loader&url=' . encodeString(compileUriCode($URL));
+ $URL = '{%url=modules.php?module=loader&url=' . encodeString(compileUriCode($URL)) . '%}';
} // END - if
// Return link
// Generates an URL for the frametester
function generateFrametesterUrl ($URL) {
// Prepare frametester URL
- $frametesterUrl = sprintf("{?URL?}/modules.php?module=frametester&url=%s",
+ $frametesterUrl = sprintf("{%%url=modules.php?module=frametester&url=%s%%}",
encodeString(compileUriCode($URL))
);
// Generate XHTML code for the CAPTCHA
function generateCaptchaCode ($code, $type, $DATA, $userid) {
- return '<img border="0" alt="Code ' . $code . '" src="{?URL?}/mailid_top.php?userid=' . $userid . '&' . $type . '=' . $DATA . '&mode=img&code=' . $code . '" />';
+ return '<img border="0" alt="Code ' . $code . '" src="{%url=mailid_top.php?userid=' . $userid . '&' . $type . '=' . $DATA . '&mode=img&code=' . $code . '%}" />';
}
// Generates a timestamp (some wrapper for mktime())
// Redirects to an URL and if neccessarry extends it with own base URL
function redirectToUrl ($URL) {
// Compile out codes
- eval('$URL = "' . compileRawCode($URL) . '";');
-
- // Check if http(s):// is there
- if ((substr($URL, 0, 7) != 'http://') && (substr($URL, 0, 8) != 'https://')) {
- // Make all URLs full-qualified
- $URL = getConfig('URL') . '/' . $URL;
- } // END - if
-
- // Three different debug ways...
- //* DEBUG: */ debug_report_bug(sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL));
- //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $URL);
- //* DEBUG: */ die($URL);
+ eval('$URL = "' . compileRawCode(encodeUrl($URL)) . '";');
// Default 'rel' value is external, nofollow is evil from Google and hurts the Internet
$rel = ' rel="external"';
clearOutputBuffer();
} // END - if
+ // Three different ways to debug...
+ //* DEBUG: */ debug_report_bug(sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL));
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $URL);
+ //* DEBUG: */ die($URL);
+
// Simple probe for bots/spiders from search engines
if ((strpos(detectUserAgent(), 'spider') !== false) || (strpos(detectUserAgent(), 'bot') !== false)) {
// Secure the URL against bad things such als HTML insertions and so on...
if ($constants === true) {
// BEFORE 0.2.1 : Language and data constants
// WITH 0.2.1+ : Only language constants
- $code = str_replace('{--', "\".getMessage('", str_replace('--}', "').\"", $code));
+ $code = str_replace('{--', "\" . getMessage('", str_replace('--}', "') . \"", $code));
// BEFORE 0.2.1 : Not used
// WITH 0.2.1+ : Data constants
- $code = str_replace('{!', "\".constant('", str_replace("!}", "').\"", $code));
+ $code = str_replace('{!', "\" . constant('", str_replace('!}', "') . \"", $code));
} // END - if
// Compile QUOT and other non-HTML codes
debug_report_bug('img_code ' . $img_code .' has invalid length. img_code()=' . strlen($img_code) . ' code_length=' . getConfig('code_length'));
} elseif ($headerSent === false) {
// Return an HTML code here
- return "<img src=\"{?URL?}/img.php?code=" . $img_code."\" alt=\"Image\" />\n";
+ return "<img src=\"{%url=img.php?code=" . $img_code."%}\" alt=\"Image\" />\n";
}
// Load image
$NAV .= '<strong>-';
} else {
// Open anchor tag and add base URL
- $NAV .= '<a href="{?URL?}/modules.php?module=admin&what=' . getWhat() . '&page=' . $page . '&offset=' . $offset;
+ $NAV .= '<a href="{%url=modules.php?module=admin&what=' . getWhat() . '&page=' . $page . '&offset=' . $offset;
// Add userid when we shall show all mails from a single member
if ((isGetRequestElementSet('userid')) && (bigintval(getRequestElement('userid')) > 0)) $NAV .= '&userid=' . bigintval(getRequestElement('userid'));
// Close open anchor tag
- $NAV .= '">';
+ $NAV .= '%}">';
}
$NAV .= $page;
if (($page == getRequestElement('page')) || ((!isGetRequestElementSet('page')) && ($page == 1))) {
$OUT = "[ ";
foreach ($targetArray as $tar) {
- $OUT .= "<span class=\"admin_user_link\"><a href=\"{?URL?}/modules.php?module=admin&what=" . $tar . "&userid=" . $userid . "\" title=\"{--ADMIN_LINK_";
+ $OUT .= "<span class=\"admin_user_link\"><a href=\"{%url=modules.php?module=admin&what=" . $tar . "&userid=" . $userid . "%}\" title=\"{--ADMIN_LINK_";
//* DEBUG: */ outputHtml("*" . $tar.'/' . $status."*<br />");
if (($tar == 'lock_user') && ($status == 'LOCKED')) {
// Locked accounts shall be unlocked
case getCode('ID_LOCKED') : $message = getMessage('LOGIN_ID_LOCKED'); break;
case getCode('ID_UNCONFIRMED') : $message = getMessage('LOGIN_ID_UNCONFIRMED'); break;
case getCode('ID_GUEST') : $message = getMessage('LOGIN_ID_GUEST'); break;
- case getCode('NO_COOKIES') : $message = getMessage('LOGIN_NO_COOKIES'); break;
- case getCode('COOKIES_DISABLED') : $message = getMessage('LOGIN_NO_COOKIES'); break;
+ case getCode('COOKIES_DISABLED') : $message = getMessage('LOGIN_COOKIES_DISABLED'); break;
case getCode('BEG_SAME_AS_OWN') : $message = getMessage('BEG_SAME_UID_AS_OWN'); break;
case getCode('LOGIN_FAILED') : $message = getMessage('LOGIN_FAILED_GENERAL'); break;
case getCode('MODULE_MEM_ONLY') : $message = sprintf(getMessage('MODULE_MEM_ONLY'), getRequestElement('mod')); break;
// Remove double slashes
$FQFN = str_replace('//', '/', $FQFN);
- // Check if the base filename matches an exclusion pattern and if the pattern is not empty
+ // Check if the base filenname matches an exclusion pattern and if the pattern is not empty
if ((!empty($excludePattern)) && (preg_match($excludePattern, $baseFile, $match))) {
// These Lines are only for debugging!!
//* DEBUG: */ outputHtml('baseDir:' . $baseDir . '<br />');
return $modCheck;
}
+// Encodes an URL for adding session id, etc.
+function encodeUrl ($url, $outputMode = '0') {
+ // Do we have already have a PHPSESSID inside? Then it is already converted...
+ if (strpos($url, session_name()) !== false) return $url;
+
+ // Do we have a valid session?
+ if ((($GLOBALS['valid_session'] === false) || (!isset($_COOKIE[session_name()]))) && (isSpider() === false)) {
+ // Invalid session
+ // Determine right seperator
+ $seperator = '&';
+ if (strpos($url, '?') === false) {
+ // No question mark
+ $seperator = '?';
+ } elseif ((getOutputMode() != '0') || ($outputMode != '0')) {
+ // Non-HTML mode
+ $seperator = '&';
+ }
+
+ // Add it to URL
+ $url .= $seperator . session_name() . '=' . session_id();
+ } // END - if
+
+ // Add {?URL?}
+ $url = '{?URL?}/' . $url;
+
+ // Return the URL
+ return $url;
+}
+
+// Simple check for spider
+function isSpider () {
+ // Is it a spider?
+ return ((strpos('spider', strtolower(detectUserAgent(true))) !== false) || (strpos('bot', strtolower(detectUserAgent(true))) !== false));
+}
+
//////////////////////////////////////////////////
// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
//////////////////////////////////////////////////