default:
// Huh, something goes wrong or maybe you have edited config.php ???
DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid renderer %s detected.", constant('OUTPUT_MODE')));
- mxchange_die("<strong>{!FATAL_ERROR!}:</strong> {!LANG_NO_RENDER_DIRECT!}");
+ mxchange_die("<strong>{--FATAL_ERROR--}:</strong> {--LANG_NO_RENDER_DIRECT--}");
break;
}
} elseif ((constant('_OB_CACHING') == "on") && ($footer == 1)) {
while (strpos($OUTPUT, '{!') > 0) {
// Prepare the content and eval() it...
$newContent = "";
- $eval = "\$newContent = \"".COMPILE_CODE(addslashes($OUTPUT))."\";";
+ $eval = "\$newContent = \"".COMPILE_CODE(SQL_ESCAPE($OUTPUT))."\";";
@eval($eval);
// Was that eval okay?
// Compile and run finished rendered HTML code
while (strpos($OUTPUT, '{!') > 0) {
- $eval = "\$OUTPUT = \"".COMPILE_CODE(addslashes($OUTPUT))."\";";
+ $eval = "\$OUTPUT = \"".COMPILE_CODE(SQL_ESCAPE($OUTPUT))."\";";
eval($eval);
} // END - while
function addFatalMessage ($message, $extra="") {
global $FATAL;
- if (empty($extra)) {
- // Regular text message to add to $FATAL
- $FATAL[] = $message;
- } else {
+ if (is_array($extra)) {
+ // Multiple extras for a message with masks
+ $message = call_user_func_array('sprintf', $extra);
+ } elseif (!empty($extra)) {
// $message is text with a mask plus extras to insert into the text
$message = sprintf($message, $extra);
- $FATAL[] = $message;
}
+ // Add message to $FATAL
+ $FATAL[] = $message;
+
// Log fatal messages away
DEBUG_LOG(__FUNCTION__, __LINE__, " message={$message}");
}
// Translate gender
$content['gender'] = TRANSLATE_GENDER($content['gender']);
} else {
- // DEPRECATED: Load data in direct variables
+ // @DEPRECATED
+ // @TODO Fine all templates which are using these direct variables and rewrite them.
+ // @TODO After this step is done, this else-block is history
list($gender, $surname, $family, $email) = SQL_FETCHROW($result);
// Translate gender
////////////////////////
// Generate file name //
////////////////////////
- $file = $BASE.$MODE.$template.".tpl";
+ $FQFN = $BASE.$MODE.$template.".tpl";
if ((!empty($GLOBALS['what'])) && ((strpos($template, "_header") > 0) || (strpos($template, "_footer") > 0)) && (($MODE == "guest/") || ($MODE == "member/") || ($MODE == "admin/"))) {
// Select what depended header/footer template file for admin/guest/member area
);
// Probe for it...
- if (FILE_READABLE($file2)) $file = $file2;
+ if (FILE_READABLE($file2)) $FQFN = $file2;
// Remove variable from memory
unset($file2);
}
// Does the special template exists?
- if (!FILE_READABLE($file)) {
+ if (!FILE_READABLE($FQFN)) {
// Reset to default template
- $file = $BASE.$template.".tpl";
+ $FQFN = $BASE.$template.".tpl";
} // END - if
// Now does the final template exists?
- if (FILE_READABLE($file)) {
+ if (FILE_READABLE($FQFN)) {
// The local file does exists so we load it. :)
- $tmpl_file = READ_FILE($file);
+ $tmpl_file = READ_FILE($FQFN);
// Replace ' to our own chars to preventing them being quoted
while (strpos($tmpl_file, "'") !== false) { $tmpl_file = str_replace("'", '{QUOT}', $tmpl_file); }
$ret = "";
if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) {
// Okay, compile it!
- $tmpl_file = "\$ret=\"".COMPILE_CODE(addslashes($tmpl_file))."\";";
+ $tmpl_file = "\$ret=\"".COMPILE_CODE(SQL_ESCAPE($tmpl_file))."\";";
eval($tmpl_file);
} else {
// Simply return loaded code
} elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!isBooleanConstantAndTrue('mxchange_installed')))) {
// Only admins shall see this warning or when installation mode is active
$ret = "<br /><span class=\"guest_failed\">".TEMPLATE_404."</span><br />
-(".basename($file).")<br />
+(".basename($FQFN).")<br />
<br />
".TEMPLATE_CONTENT."
<pre>".print_r($content, true)."</pre>
//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):TO={$TO},SUBJECT={$SUBJECT}<br />\n";
// Compile subject line (for POINTS constant etc.)
- $eval = "\$SUBJECT = html_entity_decode(\"".COMPILE_CODE(addslashes($SUBJECT))."\");";
+ $eval = "\$SUBJECT = decodeEntities(\"".COMPILE_CODE(SQL_ESCAPE($SUBJECT))."\");";
eval($eval);
// Set from header
}
// Compile "TO"
- $eval = "\$TO = \"".COMPILE_CODE(addslashes($TO))."\";";
+ $eval = "\$TO = \"".COMPILE_CODE(SQL_ESCAPE($TO))."\";";
eval($eval);
// Compile "MSG"
- $eval = "\$MSG = \"".COMPILE_CODE(addslashes($MSG))."\";";
+ $eval = "\$MSG = \"".COMPILE_CODE(SQL_ESCAPE($MSG))."\";";
eval($eval);
// Fix HTML parameter (default is no!)
$mail->WordWrap = 70;
$mail->IsHTML(true);
} else {
- $mail->Body = html_entity_decode($msg);
+ $mail->Body = decodeEntities($msg);
}
$mail->AddAddress($to, "");
$mail->AddReplyTo(constant('WEBMASTER'), constant('MAIN_TITLE'));
$mail->Send();
} else {
// Use legacy mail() command
- @mail($to, $subject, html_entity_decode($msg), $from);
+ @mail($to, $subject, decodeEntities($msg), $from);
}
}
//
// Don't de-refer our own links!
if (substr($URL, 0, strlen(URL)) != URL) {
// De-refer this link
- $URL = "modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL)));
+ $URL = "modules.php?module=loader&url=".encodeString(compileUriCode($URL));
} // END - if
// Return link
return $URL;
}
-//
+// Translate Uni*-like gender to human-readable
function TRANSLATE_GENDER ($gender) {
- switch ($gender)
- {
- case "M": $ret = GENDER_M; break;
- case "F": $ret = GENDER_F; break;
- case "C": $ret = GENDER_C; break;
- default : $ret = $gender; break;
+ // Default
+ $ret = "!{$gender}!";
+
+ // Male/female or company?
+ switch ($gender) {
+ case "M": $ret = getMessage('GENDER_M'); break;
+ case "F": $ret = getMessage('GENDER_F'); break;
+ case "C": $ret = getMessage('GENDER_C'); break;
+ default:
+ // Log unknown gender
+ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown gender %s detected.", $gender));
+ break;
}
+
+ // Return translated gender
return $ret;
}
+
//
-function FRAMETESTER($URL) {
+function FRAMETESTER ($URL) {
// Prepare frametester URL
$frametesterUrl = sprintf("%s/modules.php?module=frametester&url=%s",
URL,
- urlencode(base64_encode(gzcompress(COMPILE_CODE($URL))))
+ encodeString(compileUriCode($URL))
);
return $frametesterUrl;
}
+
//
-function SELECTION_COUNT($array) {
+function SELECTION_COUNT ($array) {
$ret = 0;
if (is_array($array)) {
foreach ($array as $key => $sel) {
return "<IMG border=\"0\" alt=\"Code\" src=\"{!URL!}/mailid_top.php?uid=".$uid."&".$type."=".$DATA."&mode=img&code=".$code."\">";
}
//
-function TRANSLATE_STATUS($status) {
+function TRANSLATE_STATUS ($status) {
switch ($status)
{
case "UNCONFIRMED":
- $ret = ACCOUNT_UNCONFIRMED;
- break;
-
case "CONFIRMED":
- $ret = ACCOUNT_CONFIRMED;
- break;
-
case "LOCKED":
- $ret = ACCOUNT_LOCKED;
+ $ret = getMessage(sprintf("ACCOUNT_%s", $status));
break;
case "":
case null:
- $ret = ACCOUNT_DELETED;
+ $ret = getMessage('ACCOUNT_DELETED');
break;
default:
DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status));
- $ret = UNKNOWN_STATUS_1.$status.UNKNOWN_STATUS_2;
+ $ret = sprintf(getMessage('UNKNOWN_STATUS"'), $status);
break;
}
+
+ // Return it
return $ret;
}
//
$ret = $cacheArray['language'];
} elseif (!empty($lang)) {
// Check if main language file does exist
- if (FILE_READABLE(PATH."inc/language/".$lang.".php")) {
+ if (FILE_READABLE(constant('PATH')."inc/language/".$lang.".php")) {
// Okay found, so let's update cookies
SET_LANGUAGE($lang);
}
// Expiration in a nice output format
if (getConfig('auto_purge') == 0) {
// Will never expire!
- $EXPIRATION = MAIL_WILL_NEVER_EXPIRE;
+ $EXPIRATION = getMessage('MAIL_WILL_NEVER_EXPIRE');
} else {
// Create nice date string
$EXPIRATION = CREATE_FANCY_TIME(getConfig('auto_purge'));
// Check for admin/guest/member templates
if (strpos($template, "admin_") > -1) {
// Admin template found
- $file = $BASE."admin/".$template.".tpl";
+ $FQFN = $BASE."admin/".$template.".tpl";
} elseif (strpos($template, "guest_") > -1) {
// Guest template found
- $file = $BASE."guest/".$template.".tpl";
+ $FQFN = $BASE."guest/".$template.".tpl";
} elseif (strpos($template, "member_") > -1) {
// Member template found
- $file = $BASE."member/".$template.".tpl";
+ $FQFN = $BASE."member/".$template.".tpl";
} else {
// Test for extension
$test = substr($template, 0, strpos($template, "_"));
if (EXT_IS_ACTIVE($test)) {
// Set extra path to extension's name
- $file = $BASE.$test."/".$template.".tpl";
+ $FQFN = $BASE.$test."/".$template.".tpl";
} else {
// No special filename
- $file = $BASE.$template.".tpl";
+ $FQFN = $BASE.$template.".tpl";
}
}
// Does the special template exists?
- if (!FILE_READABLE($file)) {
+ if (!FILE_READABLE($FQFN)) {
// Reset to default template
- $file = $BASE.$template.".tpl";
+ $FQFN = $BASE.$template.".tpl";
} // END - if
// Now does the final template exists?
$newContent = "";
- if (FILE_READABLE($file)) {
+ if (FILE_READABLE($FQFN)) {
// The local file does exists so we load it. :)
- $tmpl_file = READ_FILE($file);
- $tmpl_file = addslashes($tmpl_file);
+ $tmpl_file = READ_FILE($FQFN);
+ $tmpl_file = SQL_ESCAPE($tmpl_file);
// Run code
- $tmpl_file = "\$newContent = html_entity_decode(\"".COMPILE_CODE($tmpl_file)."\");";
+ $tmpl_file = "\$newContent = decodeEntities(\"".COMPILE_CODE($tmpl_file)."\");";
@eval($tmpl_file);
} elseif (!empty($template)) {
// Template file not found!
- $newContent = "{!TEMPLATE_404!}: ".$template."<br />
-{!TEMPLATE_CONTENT!}
+ $newContent = "{--TEMPLATE_404--}: ".$template."<br />
+{--TEMPLATE_CONTENT--}
<pre>".print_r($content, true)."</pre>
-{!TEMPLATE_DATA!}
+{--TEMPLATE_DATA--}
<pre>".print_r($DATA, true)."</pre>
<br /><br />";
global $CSS, $footer;
// Compile out URI codes
- $URL = COMPILE_CODE($URL);
+ $URL = compileUriCode($URL);
// Check if http(s):// is there
if ((substr($URL, 0, 7) != "http://") && (substr($URL, 0, 8) != "https://")) {
case "yn":
$OUT .= "<option value=\"Y\"";
if ($DEFAULT == "Y") $OUT .= " selected=\"selected\"";
- $OUT .= ">{!YES!}</option>\n<option value=\"N\"";
+ $OUT .= ">{--YES--}</option>\n<option value=\"N\"";
if ($DEFAULT == "N") $OUT .= " selected=\"selected\"";
- $OUT .= ">{!NO!}</option>\n";
+ $OUT .= ">{--NO--}</option>\n";
break;
}
$OUT .= " </select>\n";
//
function TRANSLATE_YESNO($yn)
{
- switch ($yn)
- {
- case "Y": $yn = YES; break;
- case "N": $yn = NO; break;
- default : $yn = "??? (".$yn.")"; break;
+ // Default
+ $yn = "??? (".$yn.")";
+ switch ($yn) {
+ case "Y": $yn = getMessage('YES'); break;
+ case "N": $yn = getMessage('NO'); break;
+ default:
+ // Log unknown value
+ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown value %s. Expected Y/N!", $yn));
+ break;
}
+
+ // Return it
return $yn;
}
//
// Deprecated : $length
// Optional : $DATA
//
-function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") {
+function GEN_RANDOM_CODE ($length, $code, $uid, $DATA="") {
// Fix missing _MAX constant
if (!defined('_MAX')) define('_MAX', 15235);
// Build server string
- $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(PATH."inc/databases.php");
+ $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(constant('PATH')."inc/databases.php");
// Build key string
- $keys = SITE_KEY.":".DATE_KEY;
- if (getConfig('secret_key') != null) $keys .= ":".getConfig('secret_key');
- if (getConfig('file_hash') != null) $keys .= ":".getConfig('file_hash');
+ $keys = constant('SITE_KEY').":".constant('DATE_KEY');
+ if (isConfigEntrySet('secret_key')) $keys .= ":".getConfig('secret_key');
+ if (isConfigEntrySet('file_hash')) $keys .= ":".getConfig('file_hash');
$keys .= ":".date("d-m-Y (l-F-T)", bigintval(getConfig('patch_ctime')));
- if (getConfig('master_salt') != null) $keys .= ":".getConfig('master_salt');
+ if (isConfigEntrySet('master_salt')) $keys .= ":".getConfig('master_salt');
// Build string from misc data
$data = $code.":".$uid.":".$DATA;
// Calculate number for generating the code
$a = $code + constant('_ADD') - 1;
- if (getConfig('master_hash') != null) {
+ if (isConfigEntrySet('master_hash')) {
// Generate hash with master salt from modula of number with the prime number and other data
$saltedHash = generateHash(($a % constant('_PRIME')).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, getConfig('master_salt'));
// Create number from hash
- $rcode = hexdec(substr($saltedHash, strlen(getConfig('master_salt')), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+ $rcode = hexdec(substr($saltedHash, strlen(getConfig('master_salt')), 9)) / abs(constant('_MAX') - $a + sqrt(constant('_ADD'))) / pi();
} else {
// Generate hash with "hash of site key" from modula of number with the prime number and other data
$saltedHash = generateHash(($a % constant('_PRIME')).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, substr(sha1(SITE_KEY), 0, 8));
// Create number from hash
- $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+ $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(constant('_MAX') - $a + sqrt(constant('_ADD'))) / pi();
}
// At least 10 numbers shall be secure enought!
// Done building code
return $return;
}
+
// Does only allow numbers
function bigintval($num, $castValue = true) {
// Filter all numbers out
// @TODO Remove this if() block if all is working fine
if ("".$ret."" != "".$num."") {
// Log the values
- debug_report_bug();
+ debug_report_bug("{$ret}<>{$num}");
} // END - if
// Return result
return $ret;
}
+
// Insert the code in $img_code into jpeg or PNG image
-function GENERATE_IMAGE($img_code, $header=true) {
+function GENERATE_IMAGE ($img_code, $header=true) {
if ((strlen($img_code) > 6) || (empty($img_code)) || (getConfig('code_length') == 0)) {
// Stop execution of function here because of over-sized code length
return;
} elseif (!$header) {
// Return in an HTML code code
- return "<IMG src=\"{!URL!}/img.php?code=".$img_code."\">\n";
+ return "<img src=\"{!URL!}/img.php?code=".$img_code."\" alt=\"Image\" />\n";
}
// Load image
}
} else {
// Exit function here
+ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("File for image type %s not found.", getConfig('img_type')));
return;
}
$OUT .= "<tr>\n";
if (ereg('Y', $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">"._YEARS."</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_YEARS--}</strong></td>\n";
}
if (ereg("M", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">"._MONTHS."</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_MONTHS--}</strong></td>\n";
}
if (ereg("W", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">"._WEEKS."</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_WEEKS--}</strong></td>\n";
}
if (ereg("D", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">"._DAYS."</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_DAYS--}</strong></td>\n";
}
if (ereg("h", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">"._HOURS."</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_HOURS--}</strong></td>\n";
}
if (ereg("m", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">"._MINUTES."</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_MINUTES--}</strong></td>\n";
}
if (ereg("s", $display) || (empty($display))) {
- $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">"._SECONDS."</strong></td>\n";
+ $OUT .= " <td align=\"center\" class=\"admin_title bottom\"><div class=\"tiny\">{--_SECONDS--}</strong></td>\n";
}
$OUT .= "</tr>\n";
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"".$prefix."_ye\" size=\"1\">\n";
for ($idx = 0; $idx <= 10; $idx++) {
$OUT .= " <option class=\"mini_select\" value=\"".$idx."\"";
- if ($idx == $Y) $OUT .= " selected default";
+ if ($idx == $Y) $OUT .= " selected=\"selected\"";
$OUT .= ">".$idx."</option>\n";
}
$OUT .= " </select></td>\n";
for ($idx = 0; $idx <= 11; $idx++)
{
$OUT .= " <option class=\"mini_select\" value=\"".$idx."\"";
- if ($idx == $M) $OUT .= " selected default";
+ if ($idx == $M) $OUT .= " selected=\"selected\"";
$OUT .= ">".$idx."</option>\n";
}
$OUT .= " </select></td>\n";
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"".$prefix."_we\" size=\"1\">\n";
for ($idx = 0; $idx <= 4; $idx++) {
$OUT .= " <option class=\"mini_select\" value=\"".$idx."\"";
- if ($idx == $W) $OUT .= " selected default";
+ if ($idx == $W) $OUT .= " selected=\"selected\"";
$OUT .= ">".$idx."</option>\n";
}
$OUT .= " </select></td>\n";
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"".$prefix."_da\" size=\"1\">\n";
for ($idx = 0; $idx <= 31; $idx++) {
$OUT .= " <option class=\"mini_select\" value=\"".$idx."\"";
- if ($idx == $D) $OUT .= " selected default";
+ if ($idx == $D) $OUT .= " selected=\"selected\"";
$OUT .= ">".$idx."</option>\n";
}
$OUT .= " </select></td>\n";
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"".$prefix."_ho\" size=\"1\">\n";
for ($idx = 0; $idx <= 23; $idx++) {
$OUT .= " <option class=\"mini_select\" value=\"".$idx."\"";
- if ($idx == $h) $OUT .= " selected default";
+ if ($idx == $h) $OUT .= " selected=\"selected\"";
$OUT .= ">".$idx."</option>\n";
}
$OUT .= " </select></td>\n";
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"".$prefix."_mi\" size=\"1\">\n";
for ($idx = 0; $idx <= 59; $idx++) {
$OUT .= " <option class=\"mini_select\" value=\"".$idx."\"";
- if ($idx == $m) $OUT .= " selected default";
+ if ($idx == $m) $OUT .= " selected=\"selected\"";
$OUT .= ">".$idx."</option>\n";
}
$OUT .= " </select></td>\n";
$OUT .= " <td align=\"center\"><select class=\"mini_select\" name=\"".$prefix."_se\" size=\"1\">\n";
for ($idx = 0; $idx <= 59; $idx++) {
$OUT .= " <option class=\"mini_select\" value=\"".$idx."\"";
- if ($idx == $s) $OUT .= " selected default";
+ if ($idx == $s) $OUT .= " selected=\"selected\"";
$OUT .= ">".$idx."</option>\n";
}
$OUT .= " </select></td>\n";
// Return calculated value
return $ret;
}
+
// Sends out mail to all administrators
// IMPORTANT: Please use SEND_ADMIN_NOTIFCATION() for now!
-function SEND_ADMIN_EMAILS_PRO($subj, $template, $content, $UID) {
+function SEND_ADMIN_EMAILS_PRO ($subj, $template, $content, $UID) {
// Trim template name
$template = trim($template);
$aids = array();
while (list($aid) = SQL_FETCHROW($result)) {
$aids[] = $aid;
- }
+ } // END - while
// Free memory
SQL_FREERESULT($result);
+ // Init result
+ $result = false;
+
// "implode" IDs and query string
$aid = implode(",", $aids);
if ($aid == "-1") {
- // Add line to userlog
- USERLOG_ADD_LINE($subj, $msg, $UID);
- return;
+ if (EXT_IS_ACTIVE("events")) {
+ // Add line to user events
+ EVENTS_ADD_LINE($subj, $msg, $UID);
+ } else {
+ // Log error for debug
+ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Extension 'events' missing: tpl=%s,subj=%s,UID=%s",
+ $template,
+ $subj,
+ $UID
+ ));
+ }
} elseif ($aid == "0") {
// Select all email adresses
$result = SQL_QUERY("SELECT email FROM `{!_MYSQL_PREFIX!}_admins` ORDER BY `id`", __FILE__, __LINE__);
// Load email addresses and send away
while (list($email) = SQL_FETCHROW($result)) {
SEND_EMAIL($email, $subj, $msg);
- }
+ } // END - while
// Free memory
SQL_FREERESULT($result);
foreach($data as $k => $v) {
if ($v > 0) {
// Value is greater than 0 "eval" data to return string
- $eval = "\$ret .= \", \".\$v.\" \"._".strtoupper($k).";";
+ $eval = "\$ret .= \", \".\$v.\" {--_".strtoupper($k)."--}\";";
eval($eval);
break;
} // END - if
$ret = substr($ret, 2);
} else {
// Zero seconds
- $ret = "0 "._SECONDS;
+ $ret = "0 {--_SECONDS--}";
}
// Return fancy time string
// Extract host from script name
function EXTRACT_HOST (&$script) {
// Use default SERVER_URL by default... ;) So?
- $url = SERVER_URL;
+ $url = constant('SERVER_URL');
// Is this URL valid?
if (substr($script, 0, 7) == "http://") {
// Generate GET request header
$request = "GET /" . trim($script) . " HTTP/1.1\r\n";
$request .= "Host: " . $host . "\r\n";
- $request .= "Referer: " . URL . "/admin.php\r\n";
- $request .= "User-Agent: " . TITLE . "/" . FULL_VERSION . "\r\n";
+ $request .= "Referer: " . constant('URL') . "/admin.php\r\n";
+ $request .= "User-Agent: " . constant('TITLE') . "/" . constant('FULL_VERSION') . "\r\n";
$request .= "Content-Type: text/plain\r\n";
$request .= "Cache-Control: no-cache\r\n";
$request .= "Connection: Close\r\n\r\n";
// Generate POST request header
$request = "POST /" . trim($script) . " HTTP/1.1\r\n";
$request .= "Host: " . $host . "\r\n";
- $request .= "Referer: " . URL . "/admin.php\r\n";
- $request .= "User-Agent: " . TITLE . "/" . FULL_VERSION . "\r\n";
+ $request .= "Referer: " . constant('URL') . "/admin.php\r\n";
+ $request .= "User-Agent: " . constant('TITLE') . "/" . constant('FULL_VERSION') . "\r\n";
$request .= "Content-type: application/x-www-form-urlencoded\r\n";
$request .= "Content-length: " . strlen($data) . "\r\n";
$request .= "Cache-Control: no-cache\r\n";
// Return check result
return eregi($regex, $email);
}
+
// Function taken from user comments on www.php.net / function eregi()
function VALIDATE_URL ($URL, $compile=true) {
// Trim URL a little
//* DEBUG: */ echo $URL."<br />";
// Compile some chars out...
- if ($compile) $URL = COMPILE_CODE($URL, false, false, false);
+ if ($compile) $URL = compileUriCode($URL, false, false, false);
//* DEBUG: */ echo $URL."<br />";
// Check for the extension filter
// If not installed, perform a simple test. Just make it sure there is always a http:// or
// https:// in front of the URLs
- return (((substr($URL, 0, 7) == "http://") || (substr($URL, 0, 8) == "https://")) && (strlen($URL) >= 12));
+ return isUrlValid($URL);
}
+
//
function MEMBER_ACTION_LINKS ($uid, $status = "") {
// Define all main targets
$eval = "\$OUT = \"[ ";
foreach ($TARGETS as $tar) {
- $eval .= "<span class=\\\"admin_user_link\\\"><a href=\\\"{!URL!}/modules.php?module=admin&what=".$tar."&u_id=".$uid."\\\" title=\\\"{!ADMIN_LINK_";
+ $eval .= "<span class=\\\"admin_user_link\\\"><a href=\\\"{!URL!}/modules.php?module=admin&what=".$tar."&u_id=".$uid."\\\" title=\\\"{--ADMIN_LINK_";
//* DEBUG: */ echo "*".$tar."/".$status."*<br />\n";
if (($tar == "lock_user") && ($status == "LOCKED")) {
// Locked accounts shall be unlocked
// All other status is fine
$eval .= strtoupper($tar);
}
- $eval .= "_TITLE!}\\\">{!ADMIN_";
+ $eval .= "_TITLE--}\\\">{--ADMIN_";
if (($tar == "lock_user") && ($status == "LOCKED")) {
// Locked accounts shall be unlocked
$eval .= "UNLOCK_USER";
// All other status is fine
$eval .= strtoupper($tar);
}
- $eval .= "!}</a></span> | ";
+ $eval .= "--}</a></span> | ";
}
// Finish navigation link
// Return string
return $OUT;
}
+
// Function for backward-compatiblity
-function ADD_CATEGORY_table ($MODE, $return=false) {
+// @TODO Can this function be deprecated?
+function ADD_CATEGORY_TABLE ($MODE, $return=false) {
// Load it from the register extension
- return REGISTER_ADD_CATEGORY_table ($MODE, $return);
+ return REGISTER_ADD_CATEGORY_TABLE ($MODE, $return);
}
+
// Generate an email link
function CREATE_EMAIL_LINK ($email, $table = "admins") {
// Default email link (INSECURE! Spammer can read this by harvester programs)
// When the salt is empty build a new one, else use the first x configured characters as the salt
if (empty($salt)) {
// Build server string
- $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(PATH."inc/databases.php");
+ $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(constant('PATH')."inc/databases.php");
// Build key string
$keys = constant('SITE_KEY').":".constant('DATE_KEY').":".getConfig('secret_key').":".getConfig('file_hash').":".date("d-m-Y (l-F-T)", bigintval(getConfig('patch_ctime'))).":".getConfig('master_salt');
}
// Both are not arrays
- debug_report_bug(__FUNCTION__.":");
+ debug_report_bug(__FUNCTION__.": No arrays provided!");
}
// Debug message logger
-function DEBUG_LOG ($file, $line, $message, $force=true) {
+function DEBUG_LOG ($funcFile, $line, $message, $force=true) {
// Is debug mode enabled?
- if ((isBooleanConstantAndTrue('DEBUG_MODE')) || ($force)) {
+ if ((isBooleanConstantAndTrue('DEBUG_MODE')) || ($force === true)) {
// Log this message away
- $fp = fopen(PATH."inc/cache/debug.log", 'a') or mxchange_die("Cannot write logfile debug.log!");
- fwrite($fp, date("d.m.Y|H:i:s", time())."|".basename($file)."|".$line."|".strip_tags($message)."\n");
+ $fp = fopen(constant('PATH')."inc/cache/debug.log", 'a') or mxchange_die("Cannot write logfile debug.log!");
+ fwrite($fp, date("d.m.Y|H:i:s", time())."|".basename($funcFile)."|".$line."|".strip_tags($message)."\n");
fclose($fp);
} // END - if
}
while ($baseFile = readdir($dirPointer)) {
// Load file only if extension is active
// Make full path
- $file = $baseDir.$baseFile;
+ $FQFN = $baseDir.$baseFile;
// Is this a valid reset file?
//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):baseDir={$baseDir},prefix={$prefix},baseFile={$baseFile}<br />\n";
- if ((FILE_READABLE($file)) && (substr($baseFile, 0, strlen($prefix)) == $prefix) && (substr($baseFile, -4, 4) == ".php")) {
+ if ((FILE_READABLE($FQFN)) && (substr($baseFile, 0, strlen($prefix)) == $prefix) && (substr($baseFile, -4, 4) == ".php")) {
// Remove both for extension name
$extName = substr($baseFile, strlen($prefix), -4);
// Is the extension valid and active?
if (($extId > 0) && (EXT_IS_ACTIVE($extName))) {
// Then add this file
- $INCs[] = $file;
+ $INCs[] = $FQFN;
} elseif ($extId == 0) {
// Add non-extension files as well
- $INCs[] = $file;
+ $INCs[] = $FQFN;
}
} // END - if
} // END - while
} // END - if
// Get more daily reset scripts
- $INC_POOL = GET_DIR_AS_ARRAY(PATH."inc/reset/", "reset_");
+ $INC_POOL = GET_DIR_AS_ARRAY(constant('PATH')."inc/reset/", "reset_");
// Update database
if (!defined('DEBUG_RESET')) UPDATE_CONFIG("last_update", time());
// Has it changed?
if (getConfig('last_week') != $currWeek) {
// Include weekly reset scripts
- $INC_POOL = merge_array($INC_POOL, GET_DIR_AS_ARRAY(PATH."inc/weekly/", "weekly_"));
+ $INC_POOL = merge_array($INC_POOL, GET_DIR_AS_ARRAY(constant('PATH')."inc/weekly/", "weekly_"));
// Update config
if (!defined('DEBUG_WEEKLY')) UPDATE_CONFIG("last_week", $currWeek);
// Has it changed?
if (getConfig('last_month') != $currMonth) {
// Include monthly reset scripts
- $INC_POOL = merge_array($INC_POOL, GET_DIR_AS_ARRAY(PATH."inc/monthly/", "monthly_"));
+ $INC_POOL = merge_array($INC_POOL, GET_DIR_AS_ARRAY(constant('PATH')."inc/monthly/", "monthly_"));
// Update config
if (!defined('DEBUG_MONTHLY')) UPDATE_CONFIG("last_month", $currMonth);
$INC = sprintf("inc/loader/load_cache-%s.php", $inc);
// Is the include there?
- if (FILE_READABLE($INC)) {
+ if (INCLUDE_READABLE($INC)) {
// And rebuild it from scratch
//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): inc={$inc} - LOADED!<br />\n";
LOAD_INC($INC);
// Does it exist?
if (defined($constName)) {
// Then use it
- $translated = constant($constName);
+ $translated = getMessage($constName);
} // END - if
// Return "translation"
return (((function_exists('apache_get_modules')) && (in_array($apacheModule, apache_get_modules()))) || (!function_exists('apache_get_modules')));
}
+// Merges $_CONFIG with data in given array
+function mergeConfig ($newConfig) {
+ global $_CONFIG;
+ $_CONFIG = merge_array($_CONFIG, $newConfig);
+}
+
// Getter for $_CONFIG entries
function getConfig ($entry) {
global $_CONFIG;
// Writes content to a file
function WRITE_FILE ($FQFN, $content) {
+ // Is the file writeable?
+ if (((FILE_READABLE($FQFN)) && (!is_writeable($FQFN))) && (!chmod($FQFN, 0644)) {
+ // Not writeable!
+ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("File %s not writeable.", basename($FQFN)));
+
+ // Failed! :(
+ return false;
+ } // END - if
+
+ // By default all is failed...
+ $return = false;
+
// Is the function there?
if (function_exists('file_put_contents')) {
// Write it directly
- file_put_contents($FQFN, $content);
+ $return = file_put_contents($FQFN, $content);
} else {
// Write it with fopen
$fp = fopen($FQFN, 'w') or mxchange_die("Cannot write file ".basename($FQFN)."!");
fclose($fp);
// Set CHMOD rights
- chmod($FQFN, 0644);
+ $return = chmod($FQFN, 0644);
}
+
+ // Return status
+ return $return;
}
// Generates an error code from given account status
}
// Generates a ***weak*** seed (taken from de.php.net/mt_srand)
-function make_seed () {
+function generateSeed () {
list($usec, $sec) = explode(" ", microtime());
return ((float)$sec + (float)$usec);
}
$msg = "";
switch ($code) {
case constant('CODE_LOGOUT_DONE') : $msg = getMessage('LOGOUT_DONE'); break;
- case constant('CODE_LOGOUT_FAILED') : $msg = "<span class=\"guest_failed\">{!LOGOUT_FAILED!}</span>"; break;
+ case constant('CODE_LOGOUT_FAILED') : $msg = "<span class=\"guest_failed\">{--LOGOUT_FAILED--}</span>"; break;
case constant('CODE_DATA_INVALID') : $msg = getMessage('MAIL_DATA_INVALID'); break;
case constant('CODE_POSSIBLE_INVALID') : $msg = getMessage('MAIL_POSSIBLE_INVALID'); break;
case constant('CODE_ACCOUNT_LOCKED') : $msg = getMessage('MEMBER_ACCOUNT_LOCKED_UNC'); break;
case constant('CODE_COOKIES_DISABLED') : $msg = getMessage('LOGIN_NO_COOKIES'); break;
case constant('CODE_BEG_SAME_AS_OWN') : $msg = getMessage('BEG_SAME_UID_AS_OWN'); break;
case constant('CODE_LOGIN_FAILED') : $msg = getMessage('LOGIN_FAILED_GENERAL'); break;
- default : $msg = UNKNOWN_MAILID_CODE_1.$code.UNKNOWN_MAILID_CODE_2; break;
+ default : $msg = sprintf(getMessage('UNKNOWN_MAILID_CODE'), $code); break;
} // END - switch
// Return the message
return $msg;
}
+// Checks wether the given extension is currently not installed
+// and redirects if so.
+function REDIRCT_ON_UNINSTALLED_EXTENSION ($ext_name) {
+ // Is the extension uninstalled/inactive?
+ if (!EXT_IS_ACTIVE($ext_name)) {
+ // Redirect to index
+ LOAD_URL("modules.php?module=index&msg=".constant('CODE_EXTENSION_PROBLEM')."&ext=".$ext_name);
+ } // END - if
+}
+
+// Generate a "link" for the given admin id (aid)
+function GENERATE_AID_LINK ($aid) {
+ // No assigned admin is default
+ $admin = "<div class=\"admin_note\">{--ADMIN_NO_ADMIN_ASSIGNED--}</div>";
+
+ // Zero? = Not assigned
+ if ($aid == "0") {
+ // Load admin's login
+ $login = GET_ADMIN_LOGIN($aid);
+ if ($login != "***") {
+ // Is the extension there?
+ if (EXT_IS_ACTIVE("admins")) {
+ // Admin found
+ $admin = "<a href=\"".ADMINS_CREATE_EMAIL_LINK(GET_ADMIN_EMAIL($aid))."\">".$login."</a>";
+ } else {
+ // Extension not found
+ $admin = sprintf(getMessage('EXTENSION_PROBLEM_NOT_INSTALLED'), "admins");
+ }
+ } else {
+ // Maybe deleted?
+ $admin = "<div class=\"admin_note\">".sprintf(getMessage('ADMIN_ID_404'), $aid)."</div>";
+ }
+ } // END - if
+
+ // Return result
+ return $admin;
+}
+
+// Checks wether an include file (non-FQFN better) is readable
+function INCLUDE_READABLE ($INC) {
+ // Construct FQFN
+ $FQFN = constant('PATH') . $INC;
+
+ // Is it readable?
+ return FILE_READABLE($FQFN);
+}
+
+// Encode strings
+// @TODO Implement $compress
+function encodeString ($str, $compress=true) {
+ $str = urlencode(base64_encode(compileUriCode($str)));
+ return $str;
+}
+
+// Decode strings encoded with encodeString()
+// @TODO Implement $decompress
+function decodeString ($str, $decompress=true) {
+ $str = compileUriCode(base64_decode(urldecode(compileUriCode($str))));
+ return $str;
+}
+
+// Compile characters which are allowed in URLs
+function compileUriCode ($code, $simple=true) {
+ // Compile constants
+ if (!$simple) $code = str_replace("{--", '".', str_replace("--}", '."', $code));
+
+ // Compile QUOT and other non-HTML codes
+ $code = str_replace("{DOT}", ".",
+ str_replace("{SLASH}", "/",
+ str_replace("{QUOT}", "'",
+ str_replace("{DOLLAR}", "$",
+ str_replace("{OPEN_ANCHOR}", "(",
+ str_replace("{CLOSE_ANCHOR}", ")",
+ str_replace("{OPEN_SQR}", "[",
+ str_replace("{CLOSE_SQR}", "]",
+ str_replace("{PER}", "%",
+ $code
+ )))))))));
+
+ // Return compiled code
+ return $code;
+}
+
+// Function taken from user comments on www.php.net / function eregi()
+function isUrlValid ($url) {
+ // Prepare URL
+ $url = strip_tags(str_replace("\\", "", compileUriCode(urldecode($url))));
+
+ // Allows http and https
+ $http = "(http|https)+(:\/\/)";
+ // Test domain
+ $domain1 = "([[:alnum:]]([-[:alnum:]])*\.)?([[:alnum:]][-[:alnum:]\.]*[[:alnum:]])(\.[[:alpha:]]{2,5})?";
+ // Test double-domains (e.g. .de.vu)
+ $domain2 = "([-[:alnum:]])?(\.[[:alnum:]][-[:alnum:]\.]*[[:alnum:]])(\.[[:alpha:]]{2,5})(\.[[:alpha:]]{2,5})?";
+ // Test IP number
+ $ip = "([[:digit:]]{1,3})\.([[:digit:]]{1,3})\.([[:digit:]]{1,3})\.([[:digit:]]{1,3})";
+ // ... directory
+ $dir = "((/)+([-_\.[:alnum:]])+)*";
+ // ... page
+ $page = "/([-_[:alnum:]][-\._[:alnum:]]*\.[[:alnum:]]{2,5})?";
+ // ... and the string after and including question character
+ $getstring1 = "([\?/]([[:alnum:]][-\._%[:alnum:]]*(=)?([-\@\._:%[:alnum:]])+)(&([[:alnum:]]([-_%[:alnum:]])*(=)?([-\@\[\._:%[:alnum:]])+(\])*))*)?";
+ // Pattern for URLs like http://url/dir/doc.html?var=value
+ $pattern['d1dpg1'] = $http.$domain1.$dir.$page.$getstring1;
+ $pattern['d2dpg1'] = $http.$domain2.$dir.$page.$getstring1;
+ $pattern['ipdpg1'] = $http.$ip.$dir.$page.$getstring1;
+ // Pattern for URLs like http://url/dir/?var=value
+ $pattern['d1dg1'] = $http.$domain1.$dir."/".$getstring1;
+ $pattern['d2dg1'] = $http.$domain2.$dir."/".$getstring1;
+ $pattern['ipdg1'] = $http.$ip.$dir."/".$getstring1;
+ // Pattern for URLs like http://url/dir/page.ext
+ $pattern['d1dp'] = $http.$domain1.$dir.$page;
+ $pattern['d1dp'] = $http.$domain2.$dir.$page;
+ $pattern['ipdp'] = $http.$ip.$dir.$page;
+ // Pattern for URLs like http://url/dir
+ $pattern['d1d'] = $http.$domain1.$dir;
+ $pattern['d2d'] = $http.$domain2.$dir;
+ $pattern['ipd'] = $http.$ip.$dir;
+ // Pattern for URLs like http://url/?var=value
+ $pattern['d1g1'] = $http.$domain1."/".$getstring1;
+ $pattern['d2g1'] = $http.$domain2."/".$getstring1;
+ $pattern['ipg1'] = $http.$ip."/".$getstring1;
+ // Pattern for URLs like http://url?var=value
+ $pattern['d1g12'] = $http.$domain1.$getstring1;
+ $pattern['d2g12'] = $http.$domain2.$getstring1;
+ $pattern['ipg12'] = $http.$ip.$getstring1;
+ // Test all patterns
+ $reg = false;
+ foreach ($pattern as $key=>$pat) {
+ // Debug regex?
+ if (defined('DEBUG_REGEX')) {
+ $pat = str_replace("[:alnum:]", "0-9a-zA-Z", $pat);
+ $pat = str_replace("[:alpha:]", "a-zA-Z", $pat);
+ $pat = str_replace("[:digit:]", "0-9", $pat);
+ $pat = str_replace(".", "\.", $pat);
+ $pat = str_replace("@", "\@", $pat);
+ echo $key."= ".$pat."<br />";
+ }
+
+ // Check if expression matches
+ $reg = ($reg || preg_match(("^".$pat."^"), $url));
+
+ // Does it match?
+ if ($reg === true) break;
+ }
+
+ // Return true/false
+ return $reg;
+}
+
+// Smartly adds slashes
+function smartAddSlashes ($unquoted) {
+ $unquoted = str_replace("\\", "", $unquoted);
+ return addslashes($unquoted);
+}
+
+// Decode entities in a nicer way
+function decodeEntities ($str) {
+ // @TODO We may want to switch over to UTF-8 here!
+ $decodedString = html_entity_decode($str, ENT_NOQUOTES, "ISO-8859-15");
+
+ // Return decoded string
+ return $decodedString;
+}
+
+// Wtites data to a config.php-style file
+// @TODO Rewrite this function to use READ_FILE() and WRITE_FILE()
+function changeDataInFile ($FQFN, $comment, $prefix, $suffix, $DATA, $seek=0) {
+ // Initialize some variables
+ $done = false;
+ $seek++;
+ $next = -1;
+ $found = false;
+
+ // Is the file there and read-/write-able?
+ if ((FILE_READABLE($FQFN)) && (is_writeable($FQFN))) {
+ $search = "CFG: ".$comment;
+ $tmp = $FQFN.".tmp";
+
+ // Open the source file
+ $fp = @fopen($FQFN, 'r') or OUTPUT_HTML("<strong>READ:</strong> ".$FQFN."<br />");
+
+ // Is the resource valid?
+ if (is_resource($fp)) {
+ // Open temporary file
+ $fp_tmp = @fopen($tmp, 'w') or OUTPUT_HTML("<strong>WRITE:</strong> ".$tmp."<br />");
+
+ // Is the resource again valid?
+ if (is_resource($fp_tmp)) {
+ while (!feof($fp)) {
+ // Read from source file
+ $line = fgets ($fp, 1024);
+
+ if (strpos($line, $search) > -1) { $next = 0; $found = true; }
+
+ if ($next > -1) {
+ if ($next === $seek) {
+ $next = -1;
+ $line = $prefix . $DATA . $suffix."\n";
+ } else {
+ $next++;
+ }
+ }
+
+ // Write to temp file
+ fputs($fp_tmp, $line);
+ }
+
+ // Close temp file
+ fclose($fp_tmp);
+
+ // Finished writing tmp file
+ $done = true;
+ }
+
+ // Close source file
+ fclose($fp);
+
+ if (($done) && ($found)) {
+ // Copy back tmp file and delete tmp :-)
+ @copy($tmp, $FQFN);
+ @unlink($tmp);
+ define('_FATAL', false);
+ } elseif (!$found) {
+ OUTPUT_HTML("<strong>CHANGE:</strong> 404!");
+ define('_FATAL', true);
+ } else {
+ OUTPUT_HTML("<strong>TMP:</strong> UNDONE!");
+ define('_FATAL', true);
+ }
+ }
+ } else {
+ // File not found, not readable or writeable
+ OUTPUT_HTML("<strong>404:</strong> ".$FQFN."<br />");
+ }
+}
+
//////////////////////////////////////////////////
// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
//////////////////////////////////////////////////
projects / mailer.git / blobdiff