X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=640ff9df0f317ec2310b2cfdb3b429cf48b0cd89;hp=2a9f001e7cf776493be8b6678a539f3d8013d2ea;hb=c47293f5523a4a9e8791f0922b138fa6865aefaf;hpb=19cd0d37b2bcbf9dd4f3c38a9cecd7f5011d6b66 diff --git a/inc/functions.php b/inc/functions.php index 2a9f001e7c..640ff9df0f 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -33,7 +33,7 @@ // Some security stuff... if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { - $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; + $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); } @@ -140,7 +140,7 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { while (strpos($OUTPUT, '{!') > 0) { // Prepare the content and eval() it... $newContent = ""; - $eval = "\$newContent = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";"; + $eval = "\$newContent = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; @eval($eval); if (empty($newContent)) { @@ -160,7 +160,7 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { - $eval = "\$OUTPUT = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";"; + $eval = "\$OUTPUT = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; eval($eval); } @@ -209,9 +209,10 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0; $REFID = $GLOBALS['refid']; + // DEPRECATED!!! if ($template == "member_support_form") { // Support request of a member - $result = SQL_QUERY_ESC("SELECT sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); list($sex, $surname, $family) = SQL_FETCHROW($result); SQL_FREERESULT($result); @@ -222,7 +223,7 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { $date_time = MAKE_DATETIME(time(), "1"); // Base directory - $BASE = PATH."templates/".GET_LANGUAGE()."/html/"; + $BASE = sprintf("%stemplates/%s/html/", PATH, GET_LANGUAGE()); $MODE = ""; // Check for admin/guest/member templates @@ -291,7 +292,7 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { // Do we have to compile the code? if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) { // Okay, compile it! - $tmpl_file = "\$ret=\"" . COMPILE_CODE(addslashes($tmpl_file)) . "\";"; + $tmpl_file = "\$ret=\"".COMPILE_CODE(addslashes($tmpl_file))."\";"; eval($tmpl_file); } else { // Simply return loaded code @@ -331,7 +332,7 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { // Send mail out to an email address function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML='N', $FROM="") { // Compile subject line (for POINTS constant etc.) - $eval = "\$SUBJECT = \"" . COMPILE_CODE(addslashes($SUBJECT)) . "\";"; + $eval = "\$SUBJECT = \"".COMPILE_CODE(addslashes($SUBJECT))."\";"; eval($eval); $SUBJECT = html_entity_decode($SUBJECT); @@ -342,7 +343,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML='N', $FROM="") { ADD_MESSAGE_TO_BOX($TO, $SUBJECT, $MSG, $HTML); return; } else { - $result_email = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); + $result_email = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); list($TO) = SQL_FETCHROW($result_email); SQL_FREERESULT($result_email); } @@ -410,7 +411,7 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { // get new instance $mail = new PHPMailer(); - $mail->PluginDir = PATH."inc/phpmailer/"; + $mail->PluginDir = sprintf("%sinc/phpmailer/", PATH); $mail->IsSMTP(); $mail->SMTPAuth = true; @@ -418,7 +419,11 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { $mail->Port = 25; $mail->Username = SMTP_USER; $mail->Password = SMTP_PASSWORD; - $mail->From = $from; + if (empty($from)) { + $mail->From = WEBMASTER; + } else { + $mail->From = $from; + } $mail->FromName = MAIN_TITLE; $mail->Subject = $subject; if ((EXT_IS_ACTIVE("html_mail")) && (strip_tags($msg) != $msg)) { @@ -503,8 +508,7 @@ function MAKE_DATETIME($time, $mode="0") } // Translates the american decimal dot into a german comma -function TRANSLATE_COMMA($dotted, $cut=true) -{ +function TRANSLATE_COMMA($dotted, $cut=true) { global $_CONFIG; // Default is 3 you can change this in admin area "Misc -> Misc Options" if (empty($_CONFIG['max_comma'])) $_CONFIG['max_comma'] = "3"; @@ -561,7 +565,7 @@ function TRANSLATE_COMMA($dotted, $cut=true) // function DEREFERER($URL) { - $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(COMPILE_CODE($URL))); + $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress(COMPILE_CODE($URL)))); return $URL; } @@ -595,7 +599,7 @@ function FRAMETESTER($URL) { // Prepare frametester URL $frametesterUrl = sprintf("%s/modules.php?module=frametester&url=%s", URL, - urlencode(base64_encode(COMPILE_CODE($URL))) + urlencode(base64_encode(gzcompress(COMPILE_CODE($URL)))) ); return $frametesterUrl; } @@ -707,6 +711,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { $EXPIRATION = round($_CONFIG['auto_purge']/60/60/24)." "._DAYS; } + // DEPRECATED switch! switch ($template) { case "bonus-mail": // Load data for the bonus mail @@ -804,13 +809,13 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { if ($UID > 0) { if (EXT_IS_ACTIVE("nickname")) { // Load nickname - $result = SQL_QUERY_ESC("SELECT surname, family, sex, email, nickname FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT surname, family, sex, email, nickname FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($UID)), __FILE__, __LINE__); list($surname, $family, $sex, $email, $nick) = SQL_FETCHROW($result); SQL_FREERESULT($result); } else { // Load normal data - $result = SQL_QUERY_ESC("SELECT surname, family, sex, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT surname, family, sex, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($UID)), __FILE__, __LINE__); list($surname, $family, $sex, $email) = SQL_FETCHROW($result); SQL_FREERESULT($result); @@ -829,7 +834,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { $DATA['email'] = $email; // Base directory - $BASE = PATH."templates/".GET_LANGUAGE()."/emails/"; + $BASE = sprintf("%stemplates/%s/emails/", PATH, GET_LANGUAGE()); // Check for admin/guest/member templates if (strpos($template, "admin_") > -1) { @@ -857,11 +862,10 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { if ((!@file_exists($file)) || (!is_readable($file))) { // Reset to default template $file = $BASE.$template.".tpl"; - } + } // END - if // Now does the final template exists? - if ((@file_exists($file)) && (is_readable($file))) - { + if ((@file_exists($file)) && (is_readable($file))) { // The local file does exists so we load it. :) $tmpl_file = @implode("", @file($file)); $tmpl_file = addslashes($tmpl_file); @@ -875,9 +879,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { // Replace HTML confirm chars $content = html_entity_decode($content); - } - elseif (!empty($template)) - { + } elseif (!empty($template)) { // Template file not found! $content = TEMPLATE_404.": ".$template."
".TEMPLATE_CONTENT." @@ -888,17 +890,16 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { // Debug mode not active? Then remove the HTML tags if (!DEBUG_MODE) $content = strip_tags($content); - } - else - { + } else { // No template name supplied! $content = NO_TEMPLATE_SUPPLIED; } + + // Return compiled content return COMPILE_CODE($content); } // -function MAKE_TIME($H, $M, $S, $stamp) -{ +function MAKE_TIME($H, $M, $S, $stamp) { // Extract day, month and year from given timestamp $DAY = date("d", $stamp); $MONTH = date("m", $stamp); @@ -938,6 +939,11 @@ function LOAD_URL($URL, $addUrlData=true) { OUTPUT_HTML("".$URL.""); } elseif (!headers_sent()) { // Load URL when headers are not sent + /* + print("
");
+		debug_print_backtrace();
+		die("
URL={$URL}"); + */ @header ("Location: ".str_replace("&", "&", $URL)); } else { // Output error message @@ -1238,20 +1244,15 @@ function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") { return $return; } // Does only allow numbers -function bigintval($num, $castValue = true) -{ +function bigintval($num, $castValue = true) { // Filter all numbers out $ret = preg_replace("/[^0123456789]/", "", $num); - // Cast the value? - if ($castValue) $ret = (int) $ret; - // Return result return $ret; } // Insert the code in $img_code into jpeg or PNG image -function GENERATE_IMAGE($img_code, $header=true) -{ +function GENERATE_IMAGE($img_code, $header=true) { global $_CONFIG; if ((strlen($img_code) > 6) || (empty($img_code)) || ($_CONFIG['code_length'] == 0)) { @@ -1268,14 +1269,11 @@ function GENERATE_IMAGE($img_code, $header=true) { case "jpg": // Loads JPEG image - $img = PATH."/theme/".GET_CURR_THEME()."/images/code_bg.jpg"; - if ((file_exists($img)) && (is_readable($img))) - { + $img = sprintf("%s/theme/%s/images/code_bg.jpg", PATH, GET_CURR_THEME()); + if ((file_exists($img)) && (is_readable($img))) { // Okay, load image and hide all errors $image = @imagecreatefromjpeg($img); - } - else - { + } else { // Exit function here return; } @@ -1283,14 +1281,11 @@ function GENERATE_IMAGE($img_code, $header=true) case "png": // Loads PNG image - $img = PATH."/theme/".GET_CURR_THEME()."/images/code_bg.png"; - if ((file_exists($img)) && (is_readable($img))) - { + $img = sprintf("%s/theme/%s/images/code_bg.png", PATH, GET_CURR_THEME()); + if ((file_exists($img)) && (is_readable($img))) { // Okay, load image and hide all errors $image = @imagecreatefrompng($img); - } - else - { + } else { // Exit function here return; } @@ -1307,8 +1302,7 @@ function GENERATE_IMAGE($img_code, $header=true) header ("Content-Type: image/".$_CONFIG['img_type']); // Output image with matching image factory - switch ($_CONFIG['img_type']) - { + switch ($_CONFIG['img_type']) { case "jpg": imagejpeg($image); break; case "png": imagepng($image); break; } @@ -1389,7 +1383,7 @@ function CREATE_TIME_SELECTIONS($timestamp, $prefix="", $display="", $align="cen } if (ereg("s", $display) || (empty($display))) { - $OUT .= " ".SECS."\n"; + $OUT .= " "._SECONDS."\n"; } $OUT .= "\n"; $OUT .= "\n"; @@ -1869,7 +1863,7 @@ function MEMBER_ACTION_LINKS($uid, $status="") { } // Finish navigation link - $eval = substr($eval, 0, -7) . "]\";"; + $eval = substr($eval, 0, -7)."]\";"; eval($eval); // Return string @@ -1913,6 +1907,14 @@ function generateHash ($plainText, $salt = "") { return $plainText; } // END - if + // Do we miss an arry element here? + if (!isset($_CONFIG['file_hash'])) { + // Stop here + print(__FUNCTION__.":
");
+		debug_print_backtrace();
+		die("
"); + } // END - if + // When the salt is empty build a new one, else use the first x configured characters as the salt if ($salt == "") { // Build server string @@ -1938,14 +1940,14 @@ function generateHash ($plainText, $salt = "") { // Generate the password salt string $salt = substr($sha1, 0, $_CONFIG['salt_length']); //* DEBUG: */ echo $salt." (".strlen($salt).")
"; - } - else - { + } else { + // Use given salt $salt = substr($salt, 0, $_CONFIG['salt_length']); + //* DEBUG: */ echo "GIVEN={$salt}
\n"; } // Return hash - return $salt . sha1($salt . $plainText); + return $salt.sha1($salt.$plainText); } // function scrambleString($str) { @@ -2067,7 +2069,7 @@ function ADD_URL_DATA($URL) // Add all together and return it return $URL.$ADD; } -// +// Generate an PGP-like encrypted hash of given hash for e.g. cookies function generatePassString($passHash) { global $_CONFIG; @@ -2092,10 +2094,11 @@ function generatePassString($passHash) { //* DEBUG: */ echo "*".$start."=".$mod."*
"; $start += 4; $newHash .= $mod; - } + } // END - for - //* DEBUG: */ die($passHash."
".$newHash." (".strlen($newHash).")"); + //* DEBUG: */ print($passHash."
".$newHash." (".strlen($newHash).")"); $ret = generateHash($newHash, $_CONFIG['master_salt']); + //* DEBUG: */ print($ret."
\n"); } else { // Hash it simple //* DEBUG: */ echo "--".$passHash."--
\n"; @@ -2188,6 +2191,9 @@ function set_session ($var, $value) { } elseif (!empty($value)) { // Update session $_SESSION[$var] = $value; + } else { + // Something bad happens! + return false; // Hope this doesn't make so much trouble??? } // Return always true if the session variable is already set. @@ -2233,7 +2239,27 @@ function SEND_ADMIN_NOTIFICATION($subject, $templateName, $content="", $uid="0") SEND_ADMIN_EMAILS($subject, $msg); } } - +// Destroy user session +function destroy_user_session () { + // Remove all user data from session + return ((set_session("userid", "")) && (set_session("u_hash", "")) && (set_session("lifetime", ""))); +} +// Merges an array together but only if both are arrays +function merge_array ($array1, $array2) { + // Are both an array? + if ((is_array($array1)) && (is_array($array2))) { + // Merge all together + return array_merge($array1, $array2); + } elseif (is_array($array1)) { + // Return left array + return $array1; + } + + // Something wired happened here... + print(__FUNCTION__.":
");
+	debug_print_backtrace();
+	die("
"); +} // ////////////////////////////////////////////////// // //