// Compile and run finished rendered HTML code
while (strpos($OUTPUT, '{!') > 0) {
- $eval = "\$OUTPUT = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";";
- eval($eval);
+ // Prepare the content and eval() it...
+ $newContent = "";
+ $eval = "\$newContent = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";";
+ @eval($eval);
+
+ if (empty($newContent)) {
+ // Something went wrong!
+ die("Evaluation error:<pre>".htmlentities($eval)."</pre>");
+ }
+ $OUTPUT = $newContent;
}
// Output code here, DO NOT REMOVE! ;-)
}
// Fix HTML parameter (default is no!)
- if (empty($HTML)) $HTML = 'N';
+ if (empty($HTML)) $HTML = "N";
if (isBooleanConstantAndTrue('DEBUG_MODE')) {
// In debug mode we want to display the mail instead of sending it away so we can debug this part
echo "<PRE>
Subject : ".$SUBJECT."
Message : ".$MSG."
</PRE>\n";
- } elseif (($HTML == 'Y') && (EXT_IS_ACTIVE("html_mail", true))) {
+ } elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail", true))) {
// Send mail as HTML away
SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM);
} elseif (!empty($TO)) {
// Send Mail away
SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
- } elseif ($HTML == 'N') {
+ } elseif ($HTML == "N") {
// Problem found!
SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
}
// Keept for backward-compatiblity (please replace these variables against our new {--CONST--} syntax!)
$MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER;
- $surname = ""; $family = ""; $nick = ""; $sex = 'N';
+ $surname = ""; $family = ""; $nick = ""; $sex = "N";
// Prepare IP number and User Agent
$REMOTE_ADDR = getenv('REMOTE_ADDR');
}
} else {
// Neutral sex and email address is default
- $sex = 'N';
+ $sex = "N";
$email = WEBMASTER;
}
case "yn":
$OUT .= " <OPTION value=\"Y\"";
- if ($DEFAULT == 'Y') $OUT .= " selected=\"selected\"";
+ if ($DEFAULT == "Y") $OUT .= " selected=\"selected\"";
$OUT .= ">".YES."</OPTION>
<OPTION value=\"N\"";
- if ($DEFAULT == 'N') $OUT .= " selected=\"selected\"";
+ if ($DEFAULT == "N") $OUT .= " selected=\"selected\"";
$OUT .= ">".NO."</OPTION>\n";
break;
}
// Deprecated : $length
// Optional : $DATA
//
-function GEN_RANDOM_CODE($length, $code, $uid, $DATA="")
-{
+function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") {
global $_CONFIG;
+ // Fix missing _MAX constant
+ if (!defined('_MAX')) define('_MAX', 15235);
+
// Build server string
$server = $_SERVER['PHP_SELF'].":".getenv('HTTP_USER_AGENT').":".getenv('SERVER_SOFTWARE').":".getenv('REMOTE_ADDR').":".":".filemtime(PATH."inc/databases.php");
// Build key string
- $keys = SITE_KEY.":".DATE_KEY.":".$_CONFIG['secret_key'].":".$_CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", $_CONFIG['patch_ctime']).":".$_CONFIG['master_salt'];
+ $keys = SITE_KEY.":".DATE_KEY;
+ if (isset($_CONFIG['secret_key'])) $keys .= ":".$_CONFIG['secret_key'];
+ if (isset($_CONFIG['file_hash'])) $keys .= ":".$_CONFIG['file_hash'];
+ $keys .= ":".date("d-m-Y (l-F-T)", $_CONFIG['patch_ctime']);
+ if (isset($_CONFIG['master_salt'])) $keys .= ":".$_CONFIG['master_salt'];
// Build string from misc data
$data = $code.":".$uid.":".$DATA;
// Calculate number for generating the code
$a = $code + _ADD - 1;
- // Generate hash with master salt from modula of number with the prime number and other data
- $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $_CONFIG['master_salt']);
+ if (isset($_CONFIG['master_hash'])) {
+ // Generate hash with master salt from modula of number with the prime number and other data
+ $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $_CONFIG['master_salt']);
+
+ // Create number from hash
+ $rcode = hexdec(substr($saltedHash, strlen($_CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+ } else {
+ // Generate hash with "hash of site key" from modula of number with the prime number and other data
+ $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, substr(sha1(SITE_KEY), 0, 8));
- // Create number from hash
- $rcode = hexdec(substr($saltedHash, strlen($_CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+ // Create number from hash
+ $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+ }
// At least 10 numbers shall be secure enought!
$len = $_CONFIG['code_length'];
//
function MXCHANGE_OPEN ($script) {
+ global $_CONFIG;
+ // Default is not to use proxy
+ $useProxy = true;
+
+ // Are proxy settins set?
+ if ((!empty($_CONFIG['proxy_host'])) && ($_CONFIG['proxy_port'] > 0)) {
+ // Then use it
+ $useProxy = true;
+ }
+
//* DEBUG */ print("SCRIPT=".$script."<br />\n");
// Compile the script name
$script = COMPILE_CODE($script);
$extract = explode("/", $url);
$url = $extract[0];
// Done extracting the URL :)
- }
+ } // END - if
// Extract host name
$host = str_replace("http://", "", $url);
// Open connection
//* DEBUG */ die("SCRIPT=".$script."<br />\n");
- $fp = @fsockopen($host, 80, $errno, $errdesc, 30);
- if (!$fp) {
- // Failed!
- return array("", "", "");
+ if ($useProxy) {
+ $fp = @fsockopen(COMPILE_CODE($_CONFIG['proxy_host']), $_CONFIG['proxy_port'], $errno, $errdesc, 30);
+ } else {
+ $fp = @fsockopen($host, 80, $errno, $errdesc, 30);
}
- // Generate request header
- $request = "GET /".trim($script)." HTTP/1.0\r\n";
+ // Is there a link?
+ if (!is_resource($fp)) {
+ // Failed!
+ return array("", "", "");
+ } // END - if
+
+ // Do we use proxy?
+ if ($useProxy) {
+ // Generate CONNECT request header
+ $request = "CONNECT ".$host.":80 HTTP/1.1\r\n";
+ $request .= "Host: ".$host."\r\n";
+
+ // Use login data to proxy? (username at least!)
+ if (!empty($_CONFIG['proxy_username'])) {
+ // Add it as well
+ $encodedAuth = base64_encode(COMPILE_CODE($_CONFIG['proxy_username']).":".COMPILE_CODE($_CONFIG['proxy_password']));
+ $request .= "Proxy-Authorization: Basic ".$encodedAuth."\r\n";
+ } // END - if
+
+ // Add last new-line
+ $request .= "\r\n";
+ //* DEBUG: */ print("<strong>Request:</strong><pre>".$request."</pre>");
+
+ // Write request
+ fputs($fp, $request);
+
+ // Got response?
+ if (feof($fp)) {
+ // No response received
+ return array("", "", "");
+ } // END - if
+
+ // Read the first line
+ $resp = trim(fgets($fp, 10240));
+ $respArray = explode(" ", $resp);
+ if ((strtolower($respArray[0]) !== "http/1.0") || ($respArray[1] != "200")) {
+ // Invalid response!
+ return array("", "", "");
+ } // END - if
+ } // END - if
+
+ // Generate GET request header
+ $request = "GET /".trim($script)." HTTP/1.1\r\n";
$request .= "Host: ".$host."\r\n";
$request .= "Referer: ".URL."/admin.php\r\n";
- $request .= "User-Agent: ".TITLE."/".FULL_VERSION."\r\n\r\n";
+ $request .= "User-Agent: ".TITLE."/".FULL_VERSION."\r\n";
+ $request .= "Content-Type: text/plain\r\n";
+ $request .= "Cache-Control: no-cache\r\n";
+ $request .= "Connection: Close\r\n\r\n";
+ //* DEBUG: */ print("<strong>Request:</strong><pre>".$request."</pre>");
// Initialize array
$response = array();
// Read response
while(!feof($fp)) {
$response[] = trim(fgets($fp, 1024));
- }
+ } // END - while
// Close socket
fclose($fp);
+ //* DEBUG: */ print("<strong>Response:</strong><pre>".print_r($response, true)."</pre>");
+
+ // Proxy agent found?
+ if ((substr(strtolower($response[0]), 0, 11) == "proxy-agent") && ($useProxy)) {
+ // Proxy header detected, so remove two lines
+ array_shift($response);
+ array_shift($response);
+ } // END - if
+
// Was the request successfull?
- if ((!ereg("200 OK", $response[0])) && (empty($response[0]))) {
+ if ((!eregi("200 OK", $response[0])) || (empty($response[0]))) {
// Not found / access forbidden
$response = array("", "", "");
- }
+ } // END - if
// Return response
return $response;
function generateHash ($plainText, $salt = "") {
global $_CONFIG, $_SERVER;
- // Is the required extension "sql_patches" there?
- if ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) {
+ // Is the required extension "sql_patches" there and a salt is not given?
+ if (((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) && (empty($salt))) {
// Extension sql_patches is missing/outdated so we return the plain text
return $plainText;
- }
+ } // END - if
// When the salt is empty build a new one, else use the first x configured characters as the salt
if ($salt == "") {
// Unset/set session variables
function set_session ($var, $value) {
global $CSS;
+
// Abort in CSS mode here
if ($CSS == 1) return true;
//* DEBUG: */ echo "SET:".$var."=".$value."<br />\n";
$_SESSION[$var] = $value;
return session_register($var);
+ } elseif (!empty($value)) {
+ // Update session
+ $_SESSION[$var] = $value;
}
// Return always true if the session variable is already set.
// Returns wether the value of the session variable or NULL if not set
function get_session($var) {
- if (!isset($_SESSION)) session_start();
-
// Default is not found! ;-)
$value = null;
}
//
-//////////////////////////////////////////////
-// //
-// AUTOMATICALLY RE-GNERATED FUNCTIONS ONLY //
-// //
-//////////////////////////////////////////////
+//////////////////////////////////////////////////
+// //
+// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
+// //
+//////////////////////////////////////////////////
//
-if (!function_exists('html_entity_decode'))
-{
+if (!function_exists('html_entity_decode')) {
// Taken from documentation on www.php.net
- function html_entity_decode($string)
- {
+ function html_entity_decode($string) {
$trans_tbl = get_html_translation_table(HTML_ENTITIES);
$trans_tbl = array_flip($trans_tbl);
return strtr($string, $trans_tbl);
}
}
+
//
?>