************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
// Check if our config file is writeable or not
-function is_INCWritable($inc)
-{
+function is_INCWritable($inc) {
$fp = @fopen(PATH."inc/".$inc.".php", 'a');
- if ($inc == "dummy")
- {
+ if ($inc == "dummy") {
// Remove dummy file
@fclose($fp);
return @unlink(PATH."inc/dummy.php");
- }
- else
- {
+ } else {
// Close all other files
return @fclose($fp);
}
}
-// Check if we can write to an sql file
-function is_SQLWriteable($sql)
-{
- $fp = @fopen(PATH.$sql.".sql", 'a');
- return @fclose($fp);
-}
-
// Open a table (you may want to add some header stuff here)
-function OPEN_TABLE($PERCENT = "", $CLASS = "", $ALIGN="left", $VALIGN="", $td_only=false)
-{
+function OPEN_TABLE($PERCENT = "", $CLASS = "", $ALIGN="left", $VALIGN="", $td_only=false) {
global $table_cnt;
// Count tables so we can generate CSS classes for every table... :-)
- if (empty($CLASS))
- {
+ if (empty($CLASS)) {
// Class is empty so count one up and create a class
$table_cnt++; $CLASS = "class".$table_cnt;
}
$OUT = "<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\"";
+
// Shall I add the classes to TABLE and TD or only to TD?
if (!$td_only) $OUT .= " class=\"".$CLASS."\"";
<TD";
if (!empty($ALIGN)) $OUT .=" align=\"".$ALIGN."\"";
$OUT .= " class=\"".$CLASS."\">";
- OUTPUT_HTML ($OUT);
+ OUTPUT_HTML($OUT);
}
+
// Close a table (you may want to add some footer stuff here)
-function CLOSE_TABLE($ADD="")
-{
- OUTPUT_HTML (" </TD>
+function CLOSE_TABLE($ADD="") {
+ OUTPUT_HTML(" </TD>
</TR>");
- if (!empty($ADD)) OUTPUT_HTML ($ADD);
- OUTPUT_HTML ("</TABLE>");
+ if (!empty($ADD)) OUTPUT_HTML($ADD);
+ OUTPUT_HTML("</TABLE>");
}
// Output HTML code directly or "render" it. You addionally switch the new-line character off
-function OUTPUT_HTML ($HTML, $NEW_LINE = true) {
+function OUTPUT_HTML($HTML, $NEW_LINE = true) {
// Some global variables
- global $OUTPUT, $FOOTER, $CSS;
+ global $OUTPUT, $footer, $CSS;
// Do we have HTML-Code here?
if (!empty($HTML)) {
{
case "render":
// That's why you don't need any \n at the end of your HTML code... :-)
- if (_OB_CACHING == "on")
- {
+ if (_OB_CACHING == "on") {
// Output into PHP's internal buffer
- echo stripslashes($HTML);
+ OUTPUT_RAW($HTML);
// That's why you don't need any \n at the end of your HTML code... :-)
if ($NEW_LINE) echo "\n";
- }
- else
- {
+ } else {
// Render mode for old or lame servers...
$OUTPUT .= $HTML;
case "direct":
// If we are switching from render to direct output rendered code
- if ((!empty($OUTPUT)) && (_OB_CACHING != "on")) { echo $OUTPUT; $OUTPUT = ""; }
+ if ((!empty($OUTPUT)) && (_OB_CACHING != "on")) { OUTPUT_RAW($OUTPUT); $OUTPUT = ""; }
// The same as above... ^
- echo stripslashes($HTML);
+ OUTPUT_RAW($HTML);
if ($NEW_LINE) echo "\n";
break;
die ("<STRONG>".FATAL_ERROR.":</STRONG> ".LANG_NO_RENDER_DIRECT);
break;
}
- } elseif ((_OB_CACHING == "on") && ($FOOTER == 1)) {
+ } elseif ((_OB_CACHING == "on") && ($footer == 1)) {
// Output cached HTML code
$OUTPUT = ob_get_contents();
}
// Output code here, DO NOT REMOVE! ;-)
- echo stripslashes($OUTPUT);
- flush();
+ OUTPUT_RAW($OUTPUT);
} elseif ((OUTPUT_MODE == "render") && (!empty($OUTPUT))) {
// Rewrite links when rewrite extension is active
if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) {
}
// Output code here, DO NOT REMOVE! ;-)
- echo stripslashes($OUTPUT);
- flush();
+ OUTPUT_RAW($OUTPUT);
}
}
+// Output the raw HTML code
+function OUTPUT_RAW ($HTML) {
+ if ((isBooleanConstantAndTrue('mxchange_installed')) && (basename($_SERVER['PHP_SELF']) != "install.php")) {
+ // Not in install-mode so strip slashes away
+ echo stripslashes($HTML);
+ } else {
+ // Output directly in install-mode
+ echo $HTML;
+ }
+
+ // Flush the output
+ flush();
+}
+
// Add a fatal error message to the queue array
function ADD_FATAL ($message, $extra="")
{
}
// Load a template file and return it's content (only it's name; do not use ' or ")
-function LOAD_TEMPLATE($template, $return=false, $content="")
-{
+function LOAD_TEMPLATE($template, $return=false, $content="") {
// Add more variables which you want to use in your template files
- global $DATA, $username;
+ global $DATA, $_CONFIG, $username;
+
+ // Count the template load
+ if (!isset($_CONFIG['num_templates'])) $_CONFIG['num_templates'] = 0;
+ $_CONFIG['num_templates']++;
+
+ // Init some data
$ACTION = SQL_ESCAPE($GLOBALS['action']);
$WHAT = SQL_ESCAPE($GLOBALS['what']);
$ret = "";
if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0;
$REFID = $GLOBALS['refid'];
- if ($template == "member_support_form")
- {
+ if ($template == "member_support_form") {
// Support request of a member
$result = SQL_QUERY_ESC("SELECT sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
$MODE = "";
// Check for admin/guest/member templates
- if (strpos($template, "admin_") > -1)
- {
+ if (strpos($template, "admin_") > -1) {
// Admin template found
$MODE = "admin/";
- }
- elseif (strpos($template, "guest_") > -1)
- {
+ } elseif (strpos($template, "guest_") > -1) {
// Guest template found
$MODE = "guest/";
- }
- elseif (strpos($template, "member_") > -1)
- {
+ } elseif (strpos($template, "member_") > -1) {
// Member template found
$MODE = "member/";
- }
- elseif (strpos($template, "install_") > -1)
- {
+ } elseif (strpos($template, "install_") > -1) {
// Installation template found
$MODE = "install/";
- }
- elseif (strpos($template, "ext_") > -1)
- {
+ } elseif (strpos($template, "ext_") > -1) {
// Extension template found
$MODE = "ext/";
- }
- elseif (strpos($template, "la_") > -1)
- {
+ } elseif (strpos($template, "la_") > -1) {
// "Logical-area" template found
$MODE = "la/";
- }
- else
- {
+ } else {
// Test for extension
$test = substr($template, 0, strpos($template, "_"));
- if (EXT_IS_ACTIVE($test))
- {
+ if (EXT_IS_ACTIVE($test)) {
// Set extra path to extension's name
$MODE = $test."/";
}
////////////////////////
$file = $BASE.$MODE.$template.".tpl";
- if ((!empty($GLOBALS['what'])) && ((strpos($template, "_header") > 0) || (strpos($template, "_footer") > 0)) && (($MODE == "guest/") || ($MODE == "member/") || ($MODE == "admin/")))
- {
+ if ((!empty($GLOBALS['what'])) && ((strpos($template, "_header") > 0) || (strpos($template, "_footer") > 0)) && (($MODE == "guest/") || ($MODE == "member/") || ($MODE == "admin/"))) {
// Select what depended header/footer template file for admin/guest/member area
$file2 = sprintf("%s%s%s_%s.tpl",
$BASE,
}
// Does the special template exists?
- if (!file_exists($file))
- {
+ if ((!file_exists($file)) || (!is_readable($file))) {
// Reset to default template
$file = $BASE.$template.".tpl";
}
// Now does the final template exists?
- if (file_exists($file))
- {
+ if ((file_exists($file)) && (is_readable($file))) {
// The local file does exists so we load it. :)
$tmpl_file = implode("", file($file));
while (strpos($tmpl_file, "\'") !== false) { $tmpl_file = str_replace("\'", "{QUOT}", $tmpl_file); }
// Do we have to compile the code?
- if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0))
- {
+ if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) {
// Okay, compile it!
$tmpl_file = "\$ret=\"".COMPILE_CODE(addslashes($tmpl_file))."\";";
eval($tmpl_file);
- }
- else
- {
+ } else {
// Simply return loaded code
$ret = $tmpl_file;
}
// Add surrounding HTML comments to help finding bugs faster
$ret = "<!-- Template ".$template." - Start -->\n".$ret."<!-- Template ".$template." - End -->\n";
- }
- elseif ((IS_ADMIN()) || ((mxchange_installing) && (!mxchange_installed)))
- {
+ } elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!isBooleanConstantAndTrue('mxchange_installed')))) {
// Only admins shall see this warning or when installation mode is active
- $ret = "<BR><SPAN class=\"guest_failed\">".TEMPLATE_404."</SPAN><BR>
-(".basename($file).")<BR>
-<BR>
+ $ret = "<br /><SPAN class=\"guest_failed\">".TEMPLATE_404."</SPAN><br />
+(".basename($file).")<br />
+<br />
".TEMPLATE_CONTENT."
<PRE>".print_r($content, true)."</PRE>
".TEMPLATE_DATA."
<PRE>".print_r($DATA, true)."</PRE>
-<BR><BR>";
+<br /><br />";
}
- if (!empty($ret))
- {
+
+ // Do we have some content to output or return?
+ if (!empty($ret)) {
// Not empty so let's put it out! ;)
- if ($return)
- {
+ if ($return) {
// Return the HTML code
return $ret;
- }
- else
- {
+ } else {
// Output direct
- OUTPUT_HTML ($ret);
+ OUTPUT_HTML($ret);
}
- }
- elseif (DEBUG_MODE)
- {
+ } elseif (isBooleanConstantAndTrue('DEBUG_MODE')) {
// Warning, empty output!
- return "E:".$template."<BR>\n";
+ return "E:".$template."<br />\n";
}
}
// Send mail out to an email address
-function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML="N", $FROM="")
-{
+function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML='N', $FROM="") {
// Compile subject line (for POINTS constant etc.)
$eval = "\$SUBJECT = \"".COMPILE_CODE(addslashes($SUBJECT))."\";";
eval($eval);
$SUBJECT = html_entity_decode($SUBJECT);
// Set from header
- if (!eregi("@", $TO))
- {
+ if (!eregi("@", $TO)) {
// Value detected, load email from database
- if (EXT_IS_ACTIVE("msg"))
- {
+ if (EXT_IS_ACTIVE("msg")) {
ADD_MESSAGE_TO_BOX($TO, $SUBJECT, $MSG, $HTML);
return;
- }
- else
- {
+ } else {
$result_email = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__);
list($TO) = SQL_FETCHROW($result_email);
SQL_FREERESULT($result_email);
// Append header
$FROM .= LOAD_EMAIL_TEMPLATE("header");
}
- } elseif (DEBUG_MODE) {
+ } elseif (isBooleanConstantAndTrue('DEBUG_MODE')) {
if (empty($FROM)) {
// Load email header template
$FROM = LOAD_EMAIL_TEMPLATE("header");
}
// Fix HTML parameter (default is no!)
- if (empty($HTML)) $HTML = "N";
- if (DEBUG_MODE)
- {
+ if (empty($HTML)) $HTML = 'N';
+ if (isBooleanConstantAndTrue('DEBUG_MODE')) {
// In debug mode we want to display the mail instead of sending it away so we can debug this part
echo "<PRE>
".htmlentities(trim($FROM))."
Subject : ".$SUBJECT."
Message : ".$MSG."
</PRE>\n";
- }
- elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail", true)))
- {
+ } elseif (($HTML == 'Y') && (EXT_IS_ACTIVE("html_mail", true))) {
// Send mail as HTML away
SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM);
- }
- elseif (!empty($TO))
- {
+ } elseif (!empty($TO)) {
// Compile email
$TO = COMPILE_CODE($TO);
// Send Mail away
- SEND_RAW_EMAIL(stripslashes($TO), COMPILE_CODE($SUBJECT), stripslashes($MSG), $FROM);
- }
- elseif ($HTML == "N")
- {
+ SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
+ } elseif ($HTML == 'N') {
// Problem found!
- SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), stripslashes($MSG), $FROM);
+ SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
}
}
+
// Check if legacy or PHPMailer command
// @private
function CHECK_PHPMAILER_USAGE() {
// Generate a password in a specified length or use default password length
function GEN_PASS($LEN = 0) {
- global $CONFIG;
- if ($LEN == 0) $LEN = $CONFIG['pass_len'];
+ global $_CONFIG;
+ if ($LEN == 0) $LEN = $_CONFIG['pass_len'];
// Initialize array with all allowed chars
$ABC = explode(",", "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9,-,+,_,/");
}
return $ret;
}
-//
+
+// Translates the american decimal dot into a german comma
function TRANSLATE_COMMA($dotted, $cut=true)
{
- global $CONFIG;
+ global $_CONFIG;
// Default is 3 you can change this in admin area "Misc -> Misc Options"
- if (empty($CONFIG['max_comma'])) $CONFIG['max_comma'] = "3";
- if (!ereg("\.", $dotted)) $dotted .= ".".str_repeat("0", $CONFIG['max_comma']);
- if ($cut)
- {
+ if (empty($_CONFIG['max_comma'])) $_CONFIG['max_comma'] = "3";
+ if (!ereg("\.", $dotted)) $dotted .= ".".str_repeat("0", $_CONFIG['max_comma']);
+ if ($cut) {
// Remove trailing zeros
$dot = str_replace(".", "x", $dotted);
- while(substr($dot, -1, 1) == "0")
- {
+ while(substr($dot, -1, 1) == "0") {
$dot = substr($dot, 0, -1);
}
- if (substr($dot, -1, 1) == "x")
- {
+
+ if (substr($dot, -1, 1) == "x") {
// Last char is the 'x'
$dotted = substr($dot, 0, -1);
- }
- else
- {
+ } else {
// Last char is a number
$dotted = str_replace("x", ".", $dot);
}
}
- switch (GET_LANGUAGE())
- {
+
+ // Translate it now
+ switch (GET_LANGUAGE()) {
case "de":
$pos = strpos($dotted, ".");
- if ($pos > 0)
- {
- if ($cut)
- {
+ if ($pos > 0) {
+ if ($cut) {
// Cut x numbers behind comma
- $dotted = str_replace(".", ",", substr($dotted, 0, ($pos + $CONFIG['max_comma'] + 1)));
- }
- else
- {
+ $dotted = str_replace(".", ",", substr($dotted, 0, ($pos + $_CONFIG['max_comma'] + 1)));
+ } else {
// Replace comma with dot
$dotted = str_replace(".", ",", $dotted);
}
- }
- elseif (!$cut)
- {
- if (empty($pos))
- {
- $dotted = "0,".str_repeat("0", $CONFIG['max_comma']);
- }
- else
- {
- $dotted .= ",".str_repeat("0", $CONFIG['max_comma']);
+ } elseif (!$cut) {
+ if (empty($pos)) {
+ $dotted = "0,".str_repeat("0", $_CONFIG['max_comma']);
+ } else {
+ $dotted .= ",".str_repeat("0", $_CONFIG['max_comma']);
}
}
break;
default:
- if (!$cut)
- {
- if ($pos > 0)
- {
- $dotted = substr($dotted, 0, ($pos + $CONFIG['max_comma'] + 1));
- }
- else
- {
- $dotted .= ".".str_repeat("0", $CONFIG['max_comma']);
+ if (!$cut) {
+ if ($pos > 0) {
+ $dotted = substr($dotted, 0, ($pos + $_CONFIG['max_comma'] + 1));
+ } else {
+ $dotted .= ".".str_repeat("0", $_CONFIG['max_comma']);
}
}
break;
}
return $dotted;
}
+
//
-function DEREFERER($URL)
-{
+function DEREFERER($URL) {
$URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(COMPILE_CODE($URL)));
return $URL;
}
+
//
-function TRANSLATE_SEX($sex)
-{
+function TRANSLATE_SEX($sex) {
switch ($sex)
{
case "M": $ret = SEX_M; break;
return $ret;
}
//
-function IMG_CODE ($code, $TYPE, $DATA, $uid)
+function IMG_CODE ($code, $type, $DATA, $uid)
{
- return "<IMG border=\"0\" alt=\"Code\" src=\"".URL."/mailid_top.php?uid=".$uid."&".$TYPE."=".$DATA."&mode=img&code=".$code."\">";
+ return "<IMG border=\"0\" alt=\"Code\" src=\"".URL."/mailid_top.php?uid=".$uid."&".$type."=".$DATA."&mode=img&code=".$code."\">";
}
//
function TRANSLATE_STATUS($status)
return $ret;
}
//
-function GET_LANGUAGE()
-{
- global $_COOKIE, $_GET;
-
- if (!empty($_GET['mx_lang']))
- {
+function GET_LANGUAGE() {
+ if (!empty($_GET['mx_lang'])) {
// Accept only first 2 chars
$lang = substr($_GET['mx_lang'], 0, 2);
- }
- else
- {
+ } else {
// Do nothing
$lang = "";
}
$ret = DEFAULT_LANG;
// Check GET variable and cookie
- if (!empty($lang))
- {
+ if (!empty($lang)) {
// Check if main language file does exist
- if (file_exists(PATH."inc/language/".$lang.".php"))
- {
+ if (file_exists(PATH."inc/language/".$lang.".php")) {
// Okay found, so let's update cookies
SET_LANGUAGE($lang);
}
- }
- elseif (!empty($_COOKIE['mx_lang']))
- {
+ } elseif (!isSessionVariableSet('mx_lang')) {
// Return stored value from cookie
- $ret = $_COOKIE['mx_lang'];
+ $ret = get_session('mx_lang');
}
return $ret;
}
//
-function SET_LANGUAGE($lang)
-{
- global $CONFIG;
+function SET_LANGUAGE($lang) {
+ global $_CONFIG;
// Accept only first 2 chars!
$lang = substr(SQL_ESCAPE(strip_tags($lang)), 0, 2);
// Set cookie
- @setcookie("mx_lang", $lang, (time() + $CONFIG['online_timeout']), COOKIE_PATH);
-
- // Set array
- $_COOKIE['mx_lang'] = $lang;
+ set_session("mx_lang", $lang);
}
//
-function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0")
-{
- global $DATA, $CONFIG, $REPLACER;
+function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") {
+ global $DATA, $_CONFIG, $REPLACER;
// Keept for backward-compatiblity (please replace these variables against our new {--CONST--} syntax!)
$MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER;
- $surname = ""; $family = ""; $nick = ""; $sex = "N";
+ $surname = ""; $family = ""; $nick = ""; $sex = 'N';
// Prepare IP number and User Agent
$REMOTE_ADDR = getenv('REMOTE_ADDR');
$HTTP_USER_AGENT = getenv('HTTP_USER_AGENT');
$ADMIN = MAIN_TITLE;
- if (!empty($_COOKIE['admin_login']))
- {
+ if (isSessionVariableSet('admin_login')) {
// Load Admin data
$result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array(SQL_ESCAPE($_COOKIE['admin_login'])), __FILE__, __LINE__);
+ array(SQL_ESCAPE(get_session('admin_login'))), __FILE__, __LINE__);
list($ADMIN) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
}
// Expiration in a nice output format
- if ($CONFIG['auto_purge'] == 0)
- {
+ if ($_CONFIG['auto_purge'] == 0) {
// Will never expire!
$EXPIRATION = MAIL_WILL_NEVER_EXPIRE;
- }
- elseif (function_exists('CREATE_FANCY_TIME'))
- {
+ } elseif (function_exists('CREATE_FANCY_TIME')) {
// Create nice date string
- $EXPIRATION = CREATE_FANCY_TIME($CONFIG['auto_purge']);
- }
- else
- {
+ $EXPIRATION = CREATE_FANCY_TIME($_CONFIG['auto_purge']);
+ } else {
// Display days only
- $EXPIRATION = round($CONFIG['auto_purge']/60/60/24)." "._DAYS;
+ $EXPIRATION = round($_CONFIG['auto_purge']/60/60/24)." "._DAYS;
}
+
switch ($template)
{
case "bonus-mail": // Load data for the bonus mail
$BONUSID = $DATA[0];
$content = $DATA[2];
- $POINTS = TRANSLATE_COMMA($DATA[4]);
+ $points = TRANSLATE_COMMA($DATA[4]);
$TIME = $DATA[5];
$TARGET_URL = $DATA[8];
$CATEGORY = GET_CATEGORY($DATA[9]);
case "order-admin":
case "order-member":
- $BLOCKS = $CONFIG['max_send'];
+ $BLOCKS = $_CONFIG['max_send'];
$SUBJECT = $DATA[0];
$content = $DATA[1];
$PAYMENT = GET_PAYMENT($DATA[3]);
break;
case "confirm-member":
- $POINTS = $CONFIG['points_register'];
+ $points = $_CONFIG['points_register'];
break;
case "confirm-referral":
$PERCENT = $DATA[0];
$LEVEL = $DATA[1];
- $POINTS = $DATA[2];
+ $points = $DATA[2];
$REFID = $DATA[3];
break;
$CATEGORY = GET_CATEGORY($DATA[9]);
$TIME = GET_PAY_POINTS($DATA[5], "time");
$TARGET_URL = $DATA[7];
- $POINTS = TRANSLATE_COMMA(GET_PAY_POINTS($DATA[5], "payment"));
+ $points = TRANSLATE_COMMA(GET_PAY_POINTS($DATA[5], "payment"));
// Warning! This ID has changed from 10 to 11!
$MAILID = $DATA[11];
case "back-admin":
case "back-member":
- $POINTS = TRANSLATE_COMMA($DATA[10]);
+ $points = TRANSLATE_COMMA($DATA[10]);
break;
case "add-points":
- $POINTS = $_POST['points'];
+ $points = bigintval($_POST['points']);
break;
case "guest_request_confirm":
}
// Load user's data
- if ($UID > 0)
- {
- if (EXT_IS_ACTIVE("nickname"))
- {
+ if ($UID > 0) {
+ if (EXT_IS_ACTIVE("nickname")) {
// Load nickname
$result = SQL_QUERY_ESC("SELECT surname, family, sex, email, nickname FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
array(bigintval($UID)), __FILE__, __LINE__);
list($surname, $family, $sex, $email, $nick) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- }
- else
- {
+ } else {
// Load normal data
$result = SQL_QUERY_ESC("SELECT surname, family, sex, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
array(bigintval($UID)), __FILE__, __LINE__);
SQL_FREERESULT($result);
$nick = "---";
}
- }
- else
- {
+ } else {
// Neutral sex and email address is default
- $sex = "N";
+ $sex = 'N';
$email = WEBMASTER;
}
$BASE = PATH."templates/".GET_LANGUAGE()."/emails/";
// Check for admin/guest/member templates
- if (strpos($template, "admin_") > -1)
- {
+ if (strpos($template, "admin_") > -1) {
// Admin template found
$file = $BASE."admin/".$template.".tpl";
- }
- elseif (strpos($template, "guest_") > -1)
- {
+ } elseif (strpos($template, "guest_") > -1) {
// Guest template found
$file = $BASE."guest/".$template.".tpl";
- }
- elseif (strpos($template, "member_") > -1)
- {
+ } elseif (strpos($template, "member_") > -1) {
// Member template found
$file = $BASE."member/".$template.".tpl";
- }
- else
- {
+ } else {
// Test for extension
$test = substr($template, 0, strpos($template, "_"));
- if (EXT_IS_ACTIVE($test))
- {
+ if (EXT_IS_ACTIVE($test)) {
// Set extra path to extension's name
$file = $BASE.$test."/".$template.".tpl";
- }
- else
- {
+ } else {
// No special filename
$file = $BASE.$template.".tpl";
}
}
// Does the special template exists?
- if (!@file_exists($file))
- {
+ if ((!@file_exists($file)) || (!is_readable($file))) {
// Reset to default template
$file = $BASE.$template.".tpl";
}
elseif (!empty($template))
{
// Template file not found!
- $content = TEMPLATE_404.": ".$template."<BR>
+ $content = TEMPLATE_404.": ".$template."<br />
".TEMPLATE_CONTENT."
<PRE>".print_r($content, true)."</PRE>
".TEMPLATE_DATA."
<PRE>".print_r($DATA, true)."</PRE>
-<BR><BR>";
+<br /><br />";
// Debug mode not active? Then remove the HTML tags
if (!DEBUG_MODE) $content = strip_tags($content);
// Extract day, month and year from given timestamp
$DAY = date("d", $stamp);
$MONTH = date("m", $stamp);
- $YEAR = date("Y", $stamp);
+ $YEAR = date('Y', $stamp);
// Create timestamp for wished time which depends on extracted date
return mktime($H, $M, $S, $MONTH, $DAY, $YEAR);
}
//
function LOAD_URL($URL, $addUrlData=true) {
+ global $CSS, $_CONFIG, $link, $db, $footer;
+
+ // Check if http(s):// is there
+ if ((substr($URL, 0, 7) != "http://") && (substr($URL, 0, 8) != "https://")) {
+ // Make all URLs full-qualified
+ $URL = URL."/".$URL;
+ }
+
// Compile out URI codes
$URL = COMPILE_CODE($URL);
$URL = htmlentities(strip_tags($URL), ENT_QUOTES);
// Output new location link as anchor
- OUTPUT_HTML ("<A href=\"".$URL."\">".$URL."</A>\n");
+ OUTPUT_HTML("<A href=\"".$URL."\">".$URL."</A>");
} elseif (!headers_sent()) {
// Load URL when headers are not sent
@header ("Location: ".str_replace("&", "&", $URL));
} else {
// Output error message
include(PATH."inc/header.php");
- OUTPUT_HTML (LOAD_URL_ERROR_1.$URL.LOAD_URL_ERROR_2);
+ OUTPUT_HTML(LOAD_URL_ERROR_1.$URL.LOAD_URL_ERROR_2);
include(PATH."inc/footer.php");
}
exit();
$array = $dummy;
}
//
-function ADD_SELECTION($TYPE, $DEFAULT, $PREFIX="", $id="0")
+function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0")
{
global $MONTH_DESCR; $OUT = "";
- if ($TYPE == "yn")
+ if ($type == "yn")
{
// This is a yes/no selection only!
- if ($id > 0) $PREFIX .= "[".$id."]";
- $OUT .= " <SELECT name=\"".$PREFIX."\" class=\"register_select\" size=\"1\">\n";
+ if ($id > 0) $prefix .= "[".$id."]";
+ $OUT .= " <SELECT name=\"".$prefix."\" class=\"register_select\" size=\"1\">\n";
}
else
{
// Begin with regular selection box here
- if (!empty($PREFIX)) $PREFIX .= "_";
- $TYPE2 = $TYPE;
- if ($id > 0) $TYPE2 .= "[".$id."]";
- $OUT .= " <SELECT name=\"".strtolower($PREFIX.$TYPE2)."\" class=\"register_select\" size=\"1\">\n";
+ if (!empty($prefix)) $prefix .= "_";
+ $type2 = $type;
+ if ($id > 0) $type2 .= "[".$id."]";
+ $OUT .= " <SELECT name=\"".strtolower($prefix.$type2)."\" class=\"register_select\" size=\"1\">\n";
}
- switch ($TYPE)
+ switch ($type)
{
case "day": // Day
for ($idx = 1; $idx < 32; $idx++)
case "year": // Year
// Get current year
- $YEAR = date("Y", time());
+ $YEAR = date('Y', time());
// Check if the default value is larger than minimum and bigger than actual year
if (($DEFAULT > 1930) && ($DEFAULT >= $YEAR))
{
// Get current year and subtract 16 (for erotic content)
$OUT .= " <OPTION value=\"1929\"><1930</OPTION>\n";
- $YEAR = date("Y", time()) - 16;
+ $YEAR = date('Y', time()) - 16;
for ($idx = 1930; $idx <= $YEAR; $idx++)
{
$OUT .= " <OPTION value=\"".$idx."\"";
case "yn":
$OUT .= " <OPTION value=\"Y\"";
- if ($DEFAULT == "Y") $OUT .= " selected=\"selected\"";
+ if ($DEFAULT == 'Y') $OUT .= " selected=\"selected\"";
$OUT .= ">".YES."</OPTION>
<OPTION value=\"N\"";
- if ($DEFAULT == "N") $OUT .= " selected=\"selected\"";
+ if ($DEFAULT == 'N') $OUT .= " selected=\"selected\"";
$OUT .= ">".NO."</OPTION>\n";
break;
}
{
switch ($yn)
{
- case "Y": $yn = YES; break;
- case "N": $yn = NO; break;
+ case 'Y': $yn = YES; break;
+ case 'N': $yn = NO; break;
default : $yn = "??? (".$yn.")"; break;
}
return $yn;
//
function GEN_RANDOM_CODE($length, $code, $uid, $DATA="")
{
- global $CONFIG;
+ global $_CONFIG;
// Build server string
$server = $_SERVER['PHP_SELF'].":".getenv('HTTP_USER_AGENT').":".getenv('SERVER_SOFTWARE').":".getenv('REMOTE_ADDR').":".":".filemtime(PATH."inc/databases.php");
// Build key string
- $keys = SITE_KEY.":".DATE_KEY.":".$CONFIG['secret_key'].":".$CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", $CONFIG['patch_ctime']).":".$CONFIG['master_salt'];
+ $keys = SITE_KEY.":".DATE_KEY.":".$_CONFIG['secret_key'].":".$_CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", $_CONFIG['patch_ctime']).":".$_CONFIG['master_salt'];
// Build string from misc data
$data = $code.":".$uid.":".$DATA;
// Add more additional data
- if (isset($_COOKIE['u_hash'])) $data .= ":".$_COOKIE['u_hash'];
- if (isset($GLOBALS['userid'])) $data .= ":".$GLOBALS['userid'];
- if (isset($_COOKIE['lifetime'])) $data .= ":".$_COOKIE['lifetime'];
- if (isset($_COOKIE['mxchange_theme'])) $data .= ":".$_COOKIE['mxchange_theme'];
- if (isset($_COOKIE['mx_lang'])) $data .= ":".$_COOKIE['mx_lang'];
- if (isset($GLOBALS['refid'])) $data .= ":".$GLOBALS['refid'];
+ if (isSessionVariableSet('u_hash')) $data .= ":".get_session('u_hash');
+ if (isset($GLOBALS['userid'])) $data .= ":".$GLOBALS['userid'];
+ if (isSessionVariableSet('lifetime')) $data .= ":".get_session('lifetime');
+ if (isSessionVariableSet('mxchange_theme')) $data .= ":".get_session('mxchange_theme');
+ if (isSessionVariableSet('mx_lang')) $data .= ":".GET_LANGUAGE();
+ if (isset($GLOBALS['refid'])) $data .= ":".$GLOBALS['refid'];
// Calculate number for generating the code
$a = $code + _ADD - 1;
// Generate hash with master salt from modula of number with the prime number and other data
- $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $CONFIG['master_salt']);
+ $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $_CONFIG['master_salt']);
// Create number from hash
- $rcode = hexdec(substr($saltedHash, strlen($CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+ $rcode = hexdec(substr($saltedHash, strlen($_CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
// At least 10 numbers shall be secure enought!
- $len = $CONFIG['code_length'];
+ $len = $_CONFIG['code_length'];
if ($len == 0) $len = 10;
// Cut off requested counts of number
// Insert the code in $img_code into jpeg or PNG image
function GENERATE_IMAGE($img_code, $header=true)
{
- global $CONFIG;
- if ((strlen($img_code) > 6) || (empty($img_code)) || ($CONFIG['code_length'] == 0))
+ global $_CONFIG;
+ if ((strlen($img_code) > 6) || (empty($img_code)) || ($_CONFIG['code_length'] == 0))
{
// Stop execution of function here because of over-sized code length
return;
return "<IMG src=\"".URL."/img.php?code=".$img_code."\">\n";
}
- switch ($CONFIG['img_type'])
+ switch ($_CONFIG['img_type'])
{
case "jpg":
// Loads JPEG image
imagestring($image, 5, 14, 2, $img_code, $text_color);
// Return to browser
- header ("Content-Type: image/".$CONFIG['img_type']);
+ header ("Content-Type: image/".$_CONFIG['img_type']);
// Output image with matching image factory
- switch ($CONFIG['img_type'])
+ switch ($_CONFIG['img_type'])
{
case "jpg": imagejpeg($image); break;
case "png": imagepng($image); break;
$timestamp = round($timestamp / 15) * 15;
// Do we have a leap year?
$SWITCH = 0;
- $TEST = date("Y", time()) / 4;
+ $TEST = date('Y', time()) / 4;
$M1 = date("m", time());
$M2 = date("m", (time() + $timestamp));
// If so and if current time is before 02/29 and estimated time is after 02/29 then add 86400 seconds (one day)
$OUT = "<DIV align=\"".$align."\">\n";
$OUT .= "<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"admin_table dashed\">\n";
$OUT .= "<TR>\n";
- if (ereg("Y", $display) || (empty($display)))
+ if (ereg('Y', $display) || (empty($display)))
{
$OUT .= " <TD align=\"center\" class=\"admin_title bottom\"><STRONG class=\"tiny\">"._YEARS."</STRONG></TD>\n";
}
}
$OUT .= "</TR>\n";
$OUT .= "<TR>\n";
- if (ereg("Y", $display) || (empty($display)))
+ if (ereg('Y', $display) || (empty($display)))
{
// Generate year selection
$OUT .= " <TD align=\"center\"><SELECT class=\"mini_select\" name=\"".$prefix."_ye\" size=\"1\">\n";
$ret = "0";
// Do we have a leap year?
$SWITCH = 0;
- $TEST = date("Y", time()) / 4;
+ $TEST = date('Y', time()) / 4;
$M1 = date("m", time());
// If so and if current time is before 02/29 and estimated time is after 02/29 then add 86400 seconds (one day)
if ((floor($TEST) == $TEST) && ($M1 == "02") && ($POST[$prefix."_mo"] > "02")) $SWITCH = ONE_DAY;
//
function MXCHANGE_OPEN($script) {
+ // Compile the script name
+ $script = COMPILE_CODE($script);
+
+ // Use default SERVER_URL by default... ;) So?
+ $url = SERVER_URL;
+ if (substr($script, 0, 7) == "http://") {
+ // Use the hostname from script URL as new hostname
+ $url = substr($script, 7);
+ $extract = explode("/", $url);
+ $url = $extract[0];
+ // Done extracting the URL :)
+ }
+
// Extract host name
- $host = str_replace("http://", "", SERVER_URL);
+ $host = str_replace("http://", "", $url);
if (ereg("/", $host)) $host = substr($host, 0, strpos($host, "/"));
// Generate relative URL
- $script = substr(SERVER_URL, (strpos(SERVER_URL, $host) + strlen($host)))."/".basename($script);
+ $script = substr($script, (strlen($url) + 7));
if (substr($script, 0, 1) == "/") $script = substr($script, 1);
// Open connection
function VALIDATE_URL ($URL, $compile=true) {
// Trim URL a little
$URL = trim(urldecode($URL));
- //* DEBUG: */ echo $URL."<BR>";
+ //* DEBUG: */ echo $URL."<br />";
// Compile some chars out...
if ($compile) $URL = COMPILE_CODE($URL, false, false, false);
- //* DEBUG: */ echo $URL."<BR>";
+ //* DEBUG: */ echo $URL."<br />";
// Check for the extension filter
if (EXT_IS_ACTIVE("filter")) {
}
// Generate a hash for extra-security for all passwords
function generateHash($plainText, $salt = "") {
- global $CONFIG, $_SERVER;
+ global $_CONFIG, $_SERVER;
// Is the required extension "sql_patches" there?
if ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) {
$server = $_SERVER['PHP_SELF'].":".getenv('HTTP_USER_AGENT').":".getenv('SERVER_SOFTWARE').":".getenv('REMOTE_ADDR').":".":".filemtime(PATH."inc/databases.php");
// Build key string
- $keys = SITE_KEY.":".DATE_KEY.":".$CONFIG['secret_key'].":".$CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", $CONFIG['patch_ctime']).":".$CONFIG['master_salt'];
+ $keys = SITE_KEY.":".DATE_KEY.":".$_CONFIG['secret_key'].":".$_CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", $_CONFIG['patch_ctime']).":".$_CONFIG['master_salt'];
// Additional data
$data = $plainText.":".uniqid(rand(), true).":".time();
//* DEBUG: */ echo "Descrambled=".$sha1b." (".strlen($sha1b).")<br>";
// Generate the password salt string
- $salt = substr($sha1, 0, $CONFIG['salt_length']);
- //* DEBUG: */ echo $salt." (".strlen($salt).")<BR>";
+ $salt = substr($sha1, 0, $_CONFIG['salt_length']);
+ //* DEBUG: */ echo $salt." (".strlen($salt).")<br />";
}
else
{
- $salt = substr($salt, 0, $CONFIG['salt_length']);
+ $salt = substr($salt, 0, $_CONFIG['salt_length']);
}
// Return hash
}
//
function scrambleString($str) {
- global $CONFIG;
+ global $_CONFIG;
// Init
$scrambled = "";
return $str;
} elseif (strlen($str) == 40) {
// From database
- $scrambleNums = explode(":", $CONFIG['pass_scramble']);
+ $scrambleNums = explode(":", $_CONFIG['pass_scramble']);
} else {
// Generate new numbers
$scrambleNums = explode(":", genScrambleString(strlen($str)));
}
// Scramble string here
- //* DEBUG: */ echo "***Original=".$str."***<BR>";
+ //* DEBUG: */ echo "***Original=".$str."***<br />";
for ($idx = 0; $idx < strlen($str); $idx++) {
// Get char on scrambled position
$char = substr($str, $scrambleNums[$idx], 1);
}
// Return scrambled string
- //* DEBUG: */ echo "***Scrambled=".$scrambled."***<BR>";
+ //* DEBUG: */ echo "***Scrambled=".$scrambled."***<br />";
return $scrambled;
}
//
function descrambleString($str)
{
- global $CONFIG;
+ global $_CONFIG;
// Scramble only 40 chars long strings
if (strlen($str) != 40) return $str;
// Load numbers from config
- $scrambleNums = explode(":", $CONFIG['pass_scramble']);
+ $scrambleNums = explode(":", $_CONFIG['pass_scramble']);
// Validate numbers
if (count($scrambleNums) != 40) return $str;
// Begin descrambling
$orig = str_repeat(" ", 40);
- //* DEBUG: */ echo "+++Scrambled=".$str."+++<BR>";
+ //* DEBUG: */ echo "+++Scrambled=".$str."+++<br />";
for ($idx = 0; $idx < 40; $idx++)
{
$char = substr($str, $idx, 1);
}
// Return scrambled string
- //* DEBUG: */ echo "+++Original=".$orig."+++<BR>";
+ //* DEBUG: */ echo "+++Original=".$orig."+++<br />";
return $orig;
}
//
// normally be stored in cookies
function ADD_URL_DATA($URL)
{
- global $_GET, $CONFIG;
+ global $_CONFIG;
$ADD = "";
// Determine URL binder
if ((!empty($_GET['refid'])) && (strpos($URL, "refid=") == 0)) {
// Cookie found in URL
$ADD .= $BIND."refid=".bigintval($_GET['refid']);
- } elseif ((GET_EXT_VERSION("sql_patches") != "") && ($CONFIG['def_refid'] > 0)) {
+ } elseif ((GET_EXT_VERSION("sql_patches") != "") && ($_CONFIG['def_refid'] > 0)) {
// Not found! So let's set default here
- $ADD .= $BIND."refid=".$CONFIG['def_refid'];
+ $ADD .= $BIND."refid=".$_CONFIG['def_refid'];
}
// Is there already added data? Then change the binder
}
//
function generatePassString($passHash) {
- global $CONFIG;
- $ret = "*FAILED*";
+ global $_CONFIG;
+
+ // Return vanilla password hash
+ $ret = $passHash;
// Is a secret key and master salt already initialized?
- if ((!empty($CONFIG['secret_key'])) && (!empty($CONFIG['master_salt']))) {
+ if ((!empty($_CONFIG['secret_key'])) && (!empty($_CONFIG['master_salt']))) {
// Only calculate when the secret key is generated
$newHash = ""; $start = 9;
for ($idx = 0; $idx < 10; $idx++) {
$part1 = hexdec(substr($passHash, $start, 4));
- $part2 = hexdec(substr($CONFIG['secret_key'], $start, 4));
+ $part2 = hexdec(substr($_CONFIG['secret_key'], $start, 4));
$mod = dechex($idx);
if ($part1 > $part2) {
$mod = dechex(sqrt(($part1 - $part2) * _PRIME / pi()));
$start += 4;
$newHash .= $mod;
}
+
//* DEBUG: */ die($passHash."<br>".$newHash." (".strlen($newHash).")");
- $ret = generateHash($newHash, $CONFIG['master_salt']);
+ $ret = generateHash($newHash, $_CONFIG['master_salt']);
}
// Return result
// Then check all cookies if they are marked as deleted!
foreach ($cookies as $cookieName) {
// Is the cookie set to "deleted"?
- if ((isset($_COOKIE[$cookieName])) && ($_COOKIE[$cookieName] == "deleted")) {
- unset($_COOKIE[$cookieName]);
+ if (get_session($cookieName) == "deleted") {
+ set_session($cookieName, "");
}
}
}
}
// Output error messages in a fasioned way and die...
function mxchange_die ($msg) {
- global $FOOTER;
+ global $footer;
// Load the message template
LOAD_TEMPLATE("admin_settings_saved", false, $msg);
// Exit explicitly
exit;
}
+
+// Display parsing time and number of SQL queries in footer
+function DISPLAY_PARSING_TIME_FOOTER() {
+ global $startTime, $_CONFIG;
+ $endTime = microtime(true);
+
+ // Is the timer started?
+ if (!isset($GLOBALS['startTime'])) {
+ // Abort here
+ return false;
+ }
+
+ // "Explode" both times
+ $start = explode(" ", $GLOBALS['startTime']);
+ $end = explode(" ", $endTime);
+ $runTime = $end[0] - $start[0];
+ if ($runTime < 0) $runTime = 0;
+ $runTime = TRANSLATE_COMMA($runTime);
+
+ // Prepare output
+ $content = array(
+ 'runtime' => $runTime,
+ 'numSQLs' => ($_CONFIG['sql_count'] + 1),
+ 'numTemplates' => ($_CONFIG['num_templates'] + 1)
+ );
+
+ // Load the template
+ LOAD_TEMPLATE("footer_stats", false, $content);
+}
+
+// Unset/set session variables
+function set_session ($var, $value) {
+ global $CSS;
+ // Abort in CSS mode here
+ if ($CSS == 1) return true;
+
+ // Trim value and session variable
+ $var = trim(SQL_ESCAPE($var)); $value = trim($value);
+
+ // Is the session variable set?
+ if (("".$value."" == "") && (isSessionVariableSet($var))) {
+ // Remove the session
+ //* DEBUG: */ echo "UNSET:".$var."=".get_session($var)."<br />\n";
+ unset($_SESSION[$var]);
+ return session_unregister($var);
+ } elseif (("".$value."" != "") && (!isSessionVariableSet($var))) {
+ // Set session
+ //* DEBUG: */ echo "SET:".$var."=".$value."<br />\n";
+ $_SESSION[$var] = $value;
+ return session_register($var);
+ }
+
+ // Return always true if the session variable is already set.
+ // Keept me busy for a longer while...
+ //* DEBUG: */ echo "IGNORED:".$var."=".$value."<br />\n";
+ return true;
+}
+// Check wether a boolean constant is set
+// Taken from user comments in PHP documentation for function constant()
+function isBooleanConstantAndTrue($constname) { // : Boolean
+ $res = false;
+ if (defined($constname)) $res = (constant($constname) === true);
+ return($res);
+}
+
+// Check wether a session variable is set
+function isSessionVariableSet($var) {
+ return (isset($_SESSION[$var]));
+}
+
+// Returns wether the value of the session variable or NULL if not set
+function get_session($var) {
+ if (!isset($_SESSION)) session_start();
+
+ // Default is not found! ;-)
+ $value = null;
+
+ // Is the variable there?
+ if (isSessionVariableSet($var)) {
+ // Then get it secured!
+ $value = SQL_ESCAPE($_SESSION[$var]);
+ }
+
+ // Return the value
+ return $value;
+}
+
//
//////////////////////////////////////////////
// //
projects / mailer.git / blobdiff