************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
require($INC);
}
// Clear output buffer for later output
ob_end_clean();
+ // Extension "rewrite" installed?
if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) {
$OUTPUT = REWRITE_LINKS($OUTPUT);
- }
+ } // END - if
// Compile and run finished rendered HTML code
while (strpos($OUTPUT, '{!') > 0) {
$eval = "\$newContent = \"".COMPILE_CODE(addslashes($OUTPUT))."\";";
@eval($eval);
+ // Was that eval okay?
if (empty($newContent)) {
// Something went wrong!
die("Evaluation error:<pre>".htmlentities($eval)."</pre>");
- }
+ } // END - if
$OUTPUT = $newContent;
- }
+ } // END - while
// Output code here, DO NOT REMOVE! ;-)
OUTPUT_RAW($OUTPUT);
// Rewrite links when rewrite extension is active
if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) {
$OUTPUT = REWRITE_LINKS($OUTPUT);
- }
+ } // END - if
// Compile and run finished rendered HTML code
while (strpos($OUTPUT, '{!') > 0) {
$eval = "\$OUTPUT = \"".COMPILE_CODE(addslashes($OUTPUT))."\";";
eval($eval);
- }
+ } // END - while
// Output code here, DO NOT REMOVE! ;-)
OUTPUT_RAW($OUTPUT);
// Output the raw HTML code
function OUTPUT_RAW ($HTML) {
// Output stripped HTML code to avoid broken JavaScript code, etc.
- echo stripslashes($HTML);
+ echo stripslashes(stripslashes($HTML));
// Flush the output if only _OB_CACHING is not "on"
if (_OB_CACHING != "on") {
// Flush it
flush();
- }
+ } // END - if
}
// Add a fatal error message to the queue array
$_CONFIG['num_templates']++;
// Init some data
- $ACTION = SQL_ESCAPE($GLOBALS['action']);
- $WHAT = SQL_ESCAPE($GLOBALS['what']);
$ret = "";
if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0;
- $REFID = $GLOBALS['refid'];
- // DEPRECATED!!!
+ // @DEPRECATED Try to remove this if() block
if ($template == "member_support_form") {
// Support request of a member
$result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
+
+ // @TODO Merge this data into $content
list($gender, $surname, $family, $email) = SQL_FETCHROW($result);
// Translate gender
// Add surrounding HTML comments to help finding bugs faster
$ret = "<!-- Template ".$template." - Start -->\n".$ret."<!-- Template ".$template." - End -->\n";
- } elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!isBooleanConstantAndTrue('mxchange_installed')))) {
+ } elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!defined('mxchange_installed')))) {
// Only admins shall see this warning or when installation mode is active
$ret = "<br /><SPAN class=\"guest_failed\">".TEMPLATE_404."</SPAN><br />
(".basename($file).")<br />
}
// Send mail out to an email address
-function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML='N', $FROM="") {
+function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = 'N', $FROM = "") {
// Compile subject line (for POINTS constant etc.)
- $eval = "\$SUBJECT = \"".COMPILE_CODE(addslashes($SUBJECT))."\";";
+ $eval = "\$SUBJECT = html_entity_decode(\"".COMPILE_CODE(addslashes($SUBJECT))."\");";
eval($eval);
- $SUBJECT = html_entity_decode($SUBJECT);
// Set from header
if ((!eregi("@", $TO)) && ($TO > 0)) {
ADD_MESSAGE_TO_BOX($TO, $SUBJECT, $MSG, $HTML);
return;
} else {
+ // Load email address
$result_email = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__);
- list($TO) = SQL_FETCHROW($result_email);
+
+ // Does the user exist?
+ if (SQL_NUMROWS($result_email)) {
+ // Load email address
+ list($TO) = SQL_FETCHROW($result_email);
+ } else {
+ // Set webmaster
+ $TO = WEBMASTER;
+ }
+
+ // Free result
SQL_FREERESULT($result_email);
}
- } elseif ($TO == 0) {
+ } elseif ("$TO" == "0") {
// Is the webmaster!
$TO = WEBMASTER;
}
- // Not in PHPMailer-Mode
+ // Check for PHPMailer or debug-mode
if (!CHECK_PHPMAILER_USAGE()) {
+ // Not in PHPMailer-Mode
if (empty($FROM)) {
// Load email header template
$FROM = LOAD_EMAIL_TEMPLATE("header");
}
}
+ // Compile "TO"
+ $eval = "\$TO = \"".COMPILE_CODE(addslashes($TO))."\";";
+ eval($eval);
+
// Fix HTML parameter (default is no!)
if (empty($HTML)) $HTML = "N";
if (isBooleanConstantAndTrue('DEBUG_MODE')) {
// Send mail as HTML away
SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM);
} elseif (!empty($TO)) {
- // Compile email
- $TO = COMPILE_CODE($TO);
-
// Send Mail away
SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
} elseif ($HTML == "N") {
$content['expiration'] = $EXPIRATION;
} // END - if
- // @TODO Try to rewrite this part
- if ($template == "add-points") {
- if (isset($_POST['points'])) {
- $points = bigintval($_POST['points']);
- } else {
- $points = __POINTS_VALUE;
- }
- } // END - if
-
// Load user's data
if ($UID > 0) {
if (EXT_IS_ACTIVE("nickname")) {
// At least 10 numbers shall be secure enought!
$len = $_CONFIG['code_length'];
+ if ($len == 0) $len = $length;
if ($len == 0) $len = 10;
// Cut off requested counts of number
}
// Create selection box or array of splitted timestamp
function CREATE_TIME_SELECTIONS($timestamp, $prefix="", $display="", $align="center", $return_array=false) {
- // Calculate 15-seconds timestamp (15-seconds-steps shall be fine ;) )
- $stamp = round($timestamp / 15) * 15;
+ // Calculate 2-seconds timestamp
+ $stamp = round($timestamp / 2) * 2;
// Do we have a leap year?
$SWITCH = 0;
// Is seconds zero and time is < 60 seconds?
if (($s == 0) && ($stamp < 60)) {
// Fix seconds
- $s = $timestamp;
+ $s = round($timestamp);
} // END - if
//
// Load email template
$msg = LOAD_EMAIL_TEMPLATE($template, $content, $UID);
- if (GET_EXT_VERSION("admins") < "0.4.0") {
+ if (EXT_VERSION_IS_OLDER("admins", "0.4.0")) {
// Older version detected!
return SEND_ADMIN_EMAILS($subj, $msg);
- }
+ } // END - if
// Check which admin shall receive this mail
$result = SQL_QUERY_ESC("SELECT DISTINCT admin_id FROM "._MYSQL_PREFIX."_admins_mails WHERE mail_template='%s' ORDER BY admin_id",
} // END - if
} // END - foreach
- // Remove leading commata and space
- $ret = substr($ret, 2);
+ // Do we have something there?
+ if (strlen($ret) > 0) {
+ // Remove leading commata and space
+ $ret = substr($ret, 2);
+ } else {
+ // Zero seconds
+ $ret = "0 "._SECONDS;
+ }
// Return fancy time string
return $ret;
global $_CONFIG, $_SERVER;
// Is the required extension "sql_patches" there and a salt is not given?
- if (((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) && (empty($salt))) {
+ if (((EXT_VERSION_IS_OLDER("sql_patches", "0.3.6")) || (GET_EXT_VERSION("sql_patches") == "")) && (empty($salt))) {
// Extension sql_patches is missing/outdated so we return the plain text
return $plainText;
} // END - if
// Generate SHA1 sum from modula of number and the prime number
$sha1 = sha1(($a % _PRIME).$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a);
- //* DEBUG: */ echo "SHA1=".$sha1." (".strlen($sha1).")<br>";
+ //* DEBUG: */ echo "SHA1=".$sha1." (".strlen($sha1).")<br />";
$sha1 = scrambleString($sha1);
- //* DEBUG: */ echo "Scrambled=".$sha1." (".strlen($sha1).")<br>";
+ //* DEBUG: */ echo "Scrambled=".$sha1." (".strlen($sha1).")<br />";
//* DEBUG: */ $sha1b = descrambleString($sha1);
- //* DEBUG: */ echo "Descrambled=".$sha1b." (".strlen($sha1b).")<br>";
+ //* DEBUG: */ echo "Descrambled=".$sha1b." (".strlen($sha1b).")<br />";
// Generate the password salt string
$salt = substr($sha1, 0, $_CONFIG['salt_length']);
}
$mod = substr(round($mod), 0, 4);
$mod = str_repeat('0', 4-strlen($mod)).$mod;
- //* DEBUG: */ echo "*".$start."=".$mod."*<br>";
+ //* DEBUG: */ echo "*".$start."=".$mod."*<br />";
$start += 4;
$newHash .= $mod;
} // END - for
- //* DEBUG: */ print($passHash."<br>".$newHash." (".strlen($newHash).")");
+ //* DEBUG: */ print($passHash."<br />".$newHash." (".strlen($newHash).")");
$ret = generateHash($newHash, $_CONFIG['master_salt']);
//* DEBUG: */ print($ret."<br />\n");
} else {
return session_register($var);
} elseif (!empty($value)) {
// Update session
+ //* DEBUG: */ echo "UPDATE:".$var."=".$value."<br />\n";
$_SESSION[$var] = $value;
- } else {
- // Something bad happens!
- return false; // Hope this doesn't make so much trouble???
+ return true;
}
- // Return always true if the session variable is already set.
- // Keept me busy for a longer while...
+ // Ignored (but valid)
//* DEBUG: */ echo "IGNORED:".$var."=".$value."<br />\n";
return true;
}
// Check wether a boolean constant is set
// Taken from user comments in PHP documentation for function constant()
-function isBooleanConstantAndTrue($constname) { // : Boolean
+function isBooleanConstantAndTrue($constName) { // : Boolean
+ global $constCache;
+
+ // Failed by default
$res = false;
- if (defined($constname)) $res = (constant($constname) === true);
- return($res);
+
+ // In cache?
+ if (isset($constCache[$constName])) {
+ // Use cache
+ //* DEBUG: */ echo __FUNCTION__.": ".$constName."-CACHE!<br />\n";
+ $res = $constCache[$constName];
+ } else {
+ // Check constant
+ //* DEBUG: */ echo __FUNCTION__.": ".$constName."-RESOLVE!<br />\n";
+ if (defined($constName)) $res = (constant($constName) === true);
+
+ // Set cache
+ $constCache[$constName] = $res;
+ }
+ //* DEBUG: */ var_dump($res);
+
+ // Return value
+ return $res;
}
// Check wether a session variable is set
function isSessionVariableSet($var) {
+ //* DEBUG: */ echo __FUNCTION__.":var={$var}<br />\n";
return (isset($_SESSION[$var]));
}
// Returns wether the value of the session variable or NULL if not set
function get_session($var) {
+ global $cacheArray;
+
// Default is not found! ;-)
$value = null;
- // Is the variable there?
- if (isSessionVariableSet($var)) {
+ // Is the variable there or cached values?
+ if (isset($cacheArray['session'][$var])) {
+ // Get cached value (skips a lot SQL_ESCAPE() calles!
+ $value = $cacheArray['session'][$var];
+ } elseif (isSessionVariableSet($var)) {
// Then get it secured!
$value = SQL_ESCAPE($_SESSION[$var]);
+
+ // Cache the value
+ $cacheArray['session'][$var] = $value;
} // END - if
// Return the value
$file = $baseDir.$baseFile;
// Is this a valid reset file?
+ //* DEBUG: */ echo __FUNCTION__.":baseDir={$baseDir},prefix={$prefix},baseFile={$baseFile}<br />\n";
if ((is_file($file)) && (is_readable($file)) && (substr($baseFile, 0, strlen($prefix)) == $prefix) && (substr($baseFile, -4, 4) == ".php")) {
// Remove both for extension name
$extName = substr($baseFile, strlen($prefix), -4);
if (($extId > 0) && (EXT_IS_ACTIVE($extName))) {
// Then add this file
$INCs[] = $file;
+ } elseif ($extId == 0) {
+ // Add non-extension files as well
+ $INCs[] = $file;
}
} // END - if
} // END - while
global $_CONFIG;
// Is the reset set or old sql_patches?
- if ((!isBooleanConstantAndTrue('__DAILY_RESET')) || (GET_EXT_VERSION("sql_patches") < "0.4.5")) {
+ if ((!defined('__DAILY_RESET')) || (EXT_VERSION_IS_OLDER("sql_patches", "0.4.5"))) {
// Then abort here
- return;
+ return array();
} // END - if
// Get more daily reset scripts
}
// Reverts the german decimal comma into Computer decimal dot
function REVERT_COMMA ($str) {
- $float = (float)str_replace(",", ".", $str);
+ // Default float is not a float... ;-)
+ $float = false;
+
+ // Which language is selected?
+ switch (GET_LANGUAGE()) {
+ case "de": // German language
+ // Remove german thousand dots first
+ $str = str_replace(".", "", $str);
+
+ // Replace german commata with decimal dot and cast it
+ $float = (float)str_replace(",", ".", $str);
+ break;
+
+ default: // US and so on
+ // Remove thousand dots first and cast
+ $float = (float)str_replace(",", "", $str);
+ break;
+ }
+
+ // Return float
return $float;
}
+// Handle menu-depending failed logins and return the rendered content
+function HANDLE_LOGIN_FAILTURES ($accessLevel) {
+ // Default output is empty ;-)
+ $OUT = "";
+
+ // Is the session data set?
+ if ((isSessionVariableSet('mxchange_'.$accessLevel.'_failtures')) && (isSessionVariableSet('mxchange_'.$accessLevel.'_last_fail'))) {
+ // Ignore zero values
+ if (get_session('mxchange_'.$accessLevel.'_failtures') > 0) {
+ // Non-guest has login failtures found, get both data and prepare it for template
+ //* DEBUG: */ echo __FUNCTION__.":accessLevel={$accessLevel}<br />\n";
+ $content = array(
+ 'login_failtures' => get_session('mxchange_'.$accessLevel.'_failtures'),
+ 'last_failture' => MAKE_DATETIME(get_session('mxchange_'.$accessLevel.'_last_fail'), "2")
+ );
+
+ // Load template
+ $OUT = LOAD_TEMPLATE("login_failtures", true, $content);
+ } // END - if
+
+ // Reset session data
+ set_session('mxchange_'.$accessLevel.'_failtures', "");
+ set_session('mxchange_'.$accessLevel.'_last_fail', "");
+ } // END - if
+
+ // Return rendered content
+ return $OUT;
+}
+// Rebuild cache
+function REBUILD_CACHE ($cache, $inc="") {
+ global $cacheInstance;
+
+ // Shall I remove the cache file?
+ if ((EXT_IS_ACTIVE("cache")) && (is_object($cacheInstance))) {
+ // Rebuild cache
+ if ($cacheInstance->cache_file($cache, true)) {
+ // Destroy it
+ $cacheInstance->cache_destroy();
+
+ // Include file given?
+ if (!empty($inc)) {
+ // And rebuild it from scratch
+ require_once(PATH."inc/loader/load_cache-".$inc.".php");
+ } // END - if
+ } // END - if
+ } // END - if
+}
+// Purge admin menu cache
+function CACHE_PURGE_ADMIN_MENU ($id=0, $action="", $what="", $str="") {
+ global $_CONFIG, $cacheInstance;
+
+ // Is the cache extension enabled or no cache instance or admin menu cache disabled?
+ if (!EXT_IS_ACTIVE("cache")) {
+ // Cache extension not active
+ return false;
+ } elseif (!is_object($cacheInstance)) {
+ // No cache instance!
+ DEBUG_LOG(__FUNCTION__.": No cache instance found.");
+ return false;
+ } elseif ((!isset($_CONFIG['cache_admin_menu'])) || ($_CONFIG['cache_admin_menu'] == "N")) {
+ // Caching disabled (currently experiemental!)
+ return false;
+ }
+
+ // Experiemental feature!
+ trigger_error("You have to delete the admin_*.cache files by yourself at this point.");
+}
//
//////////////////////////////////////////////////
// //