// Compile and run finished rendered HTML code
while (strpos($OUTPUT, '{!') > 0) {
- $eval = "\$OUTPUT = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";";
- eval($eval);
+ // Prepare the content and eval() it...
+ $newContent = "";
+ $eval = "\$newContent = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";";
+ @eval($eval);
+
+ if (empty($newContent)) {
+ // Something went wrong!
+ die("Evaluation error:<pre>".htmlentities($eval)."</pre>");
+ }
+ $OUTPUT = $newContent;
}
// Output code here, DO NOT REMOVE! ;-)
// Output the raw HTML code
function OUTPUT_RAW ($HTML) {
- if ((isBooleanConstantAndTrue('mxchange_installed')) && (basename($_SERVER['PHP_SELF']) != "install.php")) {
- // Not in install-mode so strip slashes away
- echo stripslashes($HTML);
- } else {
- // Output directly in install-mode
- echo $HTML;
- }
+ // Output stripped HTML code to avoid broken JavaScript code, etc.
+ echo stripslashes($HTML);
- // Flush the output
- flush();
+ // Flush the output if only _OB_CACHING is not "on"
+ if (_OB_CACHING != "on") {
+ // Flush it
+ flush();
+ }
}
// Add a fatal error message to the queue array
}
// Fix HTML parameter (default is no!)
- if (empty($HTML)) $HTML = 'N';
+ if (empty($HTML)) $HTML = "N";
if (isBooleanConstantAndTrue('DEBUG_MODE')) {
// In debug mode we want to display the mail instead of sending it away so we can debug this part
echo "<PRE>
Subject : ".$SUBJECT."
Message : ".$MSG."
</PRE>\n";
- } elseif (($HTML == 'Y') && (EXT_IS_ACTIVE("html_mail", true))) {
+ } elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail", true))) {
// Send mail as HTML away
SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM);
} elseif (!empty($TO)) {
// Send Mail away
SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
- } elseif ($HTML == 'N') {
+ } elseif ($HTML == "N") {
// Problem found!
SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
}
// Keept for backward-compatiblity (please replace these variables against our new {--CONST--} syntax!)
$MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER;
- $surname = ""; $family = ""; $nick = ""; $sex = 'N';
+ $surname = ""; $family = ""; $nick = ""; $sex = "N";
// Prepare IP number and User Agent
$REMOTE_ADDR = getenv('REMOTE_ADDR');
break;
case "add-points":
- $points = bigintval($_POST['points']);
+ if (isset($_POST['points'])) {
+ $points = bigintval($_POST['points']);
+ } else {
+ $points = __POINTS_VALUE;
+ }
break;
case "guest_request_confirm":
}
} else {
// Neutral sex and email address is default
- $sex = 'N';
+ $sex = "N";
$email = WEBMASTER;
}
// Compile out URI codes
$URL = COMPILE_CODE($URL);
+ // Get output buffer
+ $OUTPUT = ob_get_contents();
+
+ // Clear it
+ ob_end_clean();
+
// Add some data to URL if cookies are not accepted
if (((!defined('__COOKIES')) || (!__COOKIES)) && ($addUrlData)) $URL = ADD_URL_DATA($URL);
case "yn":
$OUT .= " <OPTION value=\"Y\"";
- if ($DEFAULT == 'Y') $OUT .= " selected=\"selected\"";
+ if ($DEFAULT == "Y") $OUT .= " selected=\"selected\"";
$OUT .= ">".YES."</OPTION>
<OPTION value=\"N\"";
- if ($DEFAULT == 'N') $OUT .= " selected=\"selected\"";
+ if ($DEFAULT == "N") $OUT .= " selected=\"selected\"";
$OUT .= ">".NO."</OPTION>\n";
break;
}
// Deprecated : $length
// Optional : $DATA
//
-function GEN_RANDOM_CODE($length, $code, $uid, $DATA="")
-{
+function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") {
global $_CONFIG;
+ // Fix missing _MAX constant
+ if (!defined('_MAX')) define('_MAX', 15235);
+
// Build server string
$server = $_SERVER['PHP_SELF'].":".getenv('HTTP_USER_AGENT').":".getenv('SERVER_SOFTWARE').":".getenv('REMOTE_ADDR').":".":".filemtime(PATH."inc/databases.php");
// Build key string
- $keys = SITE_KEY.":".DATE_KEY.":".$_CONFIG['secret_key'].":".$_CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", $_CONFIG['patch_ctime']).":".$_CONFIG['master_salt'];
+ $keys = SITE_KEY.":".DATE_KEY;
+ if (isset($_CONFIG['secret_key'])) $keys .= ":".$_CONFIG['secret_key'];
+ if (isset($_CONFIG['file_hash'])) $keys .= ":".$_CONFIG['file_hash'];
+ $keys .= ":".date("d-m-Y (l-F-T)", $_CONFIG['patch_ctime']);
+ if (isset($_CONFIG['master_salt'])) $keys .= ":".$_CONFIG['master_salt'];
// Build string from misc data
$data = $code.":".$uid.":".$DATA;
// Calculate number for generating the code
$a = $code + _ADD - 1;
- // Generate hash with master salt from modula of number with the prime number and other data
- $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $_CONFIG['master_salt']);
+ if (isset($_CONFIG['master_hash'])) {
+ // Generate hash with master salt from modula of number with the prime number and other data
+ $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $_CONFIG['master_salt']);
- // Create number from hash
- $rcode = hexdec(substr($saltedHash, strlen($_CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+ // Create number from hash
+ $rcode = hexdec(substr($saltedHash, strlen($_CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+ } else {
+ // Generate hash with "hash of site key" from modula of number with the prime number and other data
+ $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, substr(sha1(SITE_KEY), 0, 8));
+
+ // Create number from hash
+ $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+ }
// At least 10 numbers shall be secure enought!
$len = $_CONFIG['code_length'];
return $return;
}
// Does only allow numbers
-function bigintval($num)
+function bigintval($num, $castValue = true)
{
- $ret = (int) preg_replace("/[^0123456789]/", "", $num);
+ // Filter all numbers out
+ $ret = preg_replace("/[^0123456789]/", "", $num);
+
+ // Cast the value?
+ if ($castValue) $ret = (int) $ret;
+
+ // Return result
return $ret;
}
// Insert the code in $img_code into jpeg or PNG image
//
function MXCHANGE_OPEN ($script) {
+ global $_CONFIG;
+ // Default is not to use proxy
+ $useProxy = true;
+
+ // Are proxy settins set?
+ if ((!empty($_CONFIG['proxy_host'])) && ($_CONFIG['proxy_port'] > 0)) {
+ // Then use it
+ $useProxy = true;
+ }
+
+ //* DEBUG */ print("SCRIPT=".$script."<br />\n");
// Compile the script name
$script = COMPILE_CODE($script);
+ //* DEBUG */ print("SCRIPT=".$script."<br />\n");
// Use default SERVER_URL by default... ;) So?
$url = SERVER_URL;
$extract = explode("/", $url);
$url = $extract[0];
// Done extracting the URL :)
- }
+ } // END - if
// Extract host name
$host = str_replace("http://", "", $url);
if (ereg("/", $host)) $host = substr($host, 0, strpos($host, "/"));
// Generate relative URL
- $script = substr($script, (strlen($url) + 7));
+ //* DEBUG */ print("SCRIPT=".$script."<br />\n");
+ if (substr(strtolower($script), 0, 7) == "http://") {
+ // But only if http:// is in front!
+ $script = substr($script, (strlen($url) + 7));
+ } elseif (substr(strtolower($script), 0, 8) == "https://") {
+ // Does this work?!
+ $script = substr($script, (strlen($url) + 8));
+ }
+
+ //* DEBUG */ print("SCRIPT=".$script."<br />\n");
if (substr($script, 0, 1) == "/") $script = substr($script, 1);
// Open connection
- $fp = @fsockopen($host, 80, $errno, $errdesc, 30);
- if (!$fp) {
- // Failed!
- return array("", "", "");
+ //* DEBUG */ die("SCRIPT=".$script."<br />\n");
+ if ($useProxy) {
+ $fp = @fsockopen(COMPILE_CODE($_CONFIG['proxy_host']), $_CONFIG['proxy_port'], $errno, $errdesc, 30);
+ } else {
+ $fp = @fsockopen($host, 80, $errno, $errdesc, 30);
}
- // Generate request header
- $request = "GET /".trim($script)." HTTP/1.0\r\n";
+ // Is there a link?
+ if (!is_resource($fp)) {
+ // Failed!
+ return array("", "", "");
+ } // END - if
+
+ // Do we use proxy?
+ if ($useProxy) {
+ // Generate CONNECT request header
+ $request = "CONNECT ".$host.":80 HTTP/1.1\r\n";
+ $request .= "Host: ".$host."\r\n";
+
+ // Use login data to proxy? (username at least!)
+ if (!empty($_CONFIG['proxy_username'])) {
+ // Add it as well
+ $encodedAuth = base64_encode(COMPILE_CODE($_CONFIG['proxy_username']).":".COMPILE_CODE($_CONFIG['proxy_password']));
+ $request .= "Proxy-Authorization: Basic ".$encodedAuth."\r\n";
+ } // END - if
+
+ // Add last new-line
+ $request .= "\r\n";
+ //* DEBUG: */ print("<strong>Request:</strong><pre>".$request."</pre>");
+
+ // Write request
+ fputs($fp, $request);
+
+ // Got response?
+ if (feof($fp)) {
+ // No response received
+ return array("", "", "");
+ } // END - if
+
+ // Read the first line
+ $resp = trim(fgets($fp, 10240));
+ $respArray = explode(" ", $resp);
+ if ((strtolower($respArray[0]) !== "http/1.0") || ($respArray[1] != "200")) {
+ // Invalid response!
+ return array("", "", "");
+ } // END - if
+ } // END - if
+
+ // Generate GET request header
+ $request = "GET /".trim($script)." HTTP/1.1\r\n";
$request .= "Host: ".$host."\r\n";
$request .= "Referer: ".URL."/admin.php\r\n";
- $request .= "User-Agent: ".TITLE."/".FULL_VERSION."\r\n\r\n";
+ $request .= "User-Agent: ".TITLE."/".FULL_VERSION."\r\n";
+ $request .= "Content-Type: text/plain\r\n";
+ $request .= "Cache-Control: no-cache\r\n";
+ $request .= "Connection: Close\r\n\r\n";
+ //* DEBUG: */ print("<strong>Request:</strong><pre>".$request."</pre>");
// Initialize array
$response = array();
// Read response
while(!feof($fp)) {
$response[] = trim(fgets($fp, 1024));
- }
+ } // END - while
// Close socket
fclose($fp);
+ //* DEBUG: */ print("<strong>Response:</strong><pre>".print_r($response, true)."</pre>");
+
+ // Proxy agent found?
+ if ((substr(strtolower($response[0]), 0, 11) == "proxy-agent") && ($useProxy)) {
+ // Proxy header detected, so remove two lines
+ array_shift($response);
+ array_shift($response);
+ } // END - if
+
// Was the request successfull?
- if ((!ereg("200 OK", $response[0])) && (empty($response[0]))) {
+ if ((!eregi("200 OK", $response[0])) || (empty($response[0]))) {
// Not found / access forbidden
$response = array("", "", "");
- }
+ } // END - if
// Return response
return $response;
if ((EXT_IS_ACTIVE("admins")) && ($table == "admins")) {
// Create email link for contacting admin in guest area
$EMAIL = ADMINS_CREATE_EMAIL_LINK($email);
- } elseif ((GET_EXT_VERSION("user") >= "0.3.3") && ($table == "user_data")) {
+ } elseif ((EXT_IS_ACTIVE("user", true)) && (GET_EXT_VERSION("user") >= "0.3.3") && ($table == "user_data")) {
// Create email link for contacting a member within admin area (or later in other areas, too?)
$EMAIL = USER_CREATE_EMAIL_LINK($email);
} elseif ((EXT_IS_ACTIVE("sponsor")) && ($table == "sponsor_data")) {
return $EMAIL;
}
// Generate a hash for extra-security for all passwords
-function generateHash($plainText, $salt = "") {
+function generateHash ($plainText, $salt = "") {
global $_CONFIG, $_SERVER;
- // Is the required extension "sql_patches" there?
- if ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) {
- // Extension sql_patches is missing/outdated so we return only the regular SHA1 hash
- return sha1($plainText);
- }
+ // Is the required extension "sql_patches" there and a salt is not given?
+ if (((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) && (empty($salt))) {
+ // Extension sql_patches is missing/outdated so we return the plain text
+ return $plainText;
+ } // END - if
// When the salt is empty build a new one, else use the first x configured characters as the salt
if ($salt == "") {
//* DEBUG: */ die($passHash."<br>".$newHash." (".strlen($newHash).")");
$ret = generateHash($newHash, $_CONFIG['master_salt']);
+ } else {
+ // Hash it simple
+ //* DEBUG: */ echo "--".$passHash."--<br />\n";
+ $ret = md5($passHash);
+ //* DEBUG: */ echo "++".$ret."++<br />\n";
}
// Return result
//* DEBUG: */ echo "SET:".$var."=".$value."<br />\n";
$_SESSION[$var] = $value;
return session_register($var);
+ } elseif (!empty($value)) {
+ // Update session
+ $_SESSION[$var] = $value;
}
// Return always true if the session variable is already set.
// Taken from user comments in PHP documentation for function constant()
function isBooleanConstantAndTrue($constname) { // : Boolean
$res = false;
- if (defined($constname)) {
- $res = (constant($constname) === true);
- }
+ if (defined($constname)) $res = (constant($constname) === true);
return($res);
}
// Returns wether the value of the session variable or NULL if not set
function get_session($var) {
- if (!isset($_SESSION)) session_start();
-
// Default is not found! ;-)
$value = null;
}
//
-//////////////////////////////////////////////
-// //
-// AUTOMATICALLY RE-GNERATED FUNCTIONS ONLY //
-// //
-//////////////////////////////////////////////
+//////////////////////////////////////////////////
+// //
+// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
+// //
+//////////////////////////////////////////////////
//
-if (!function_exists('html_entity_decode'))
-{
+if (!function_exists('html_entity_decode')) {
// Taken from documentation on www.php.net
- function html_entity_decode($string)
- {
+ function html_entity_decode($string) {
$trans_tbl = get_html_translation_table(HTML_ENTITIES);
$trans_tbl = array_flip($trans_tbl);
return strtr($string, $trans_tbl);
}
}
+
//
?>
projects / mailer.git / blobdiff