X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=73928d96981e3554f082e5b24f1428cacbf8afe1;hp=3ee5bdff81c5ef7e8ffa360d5047c56ca5987707;hb=b8a6f8012aa3509d8e0f8fd078e044f20e80707a;hpb=b4021b2ca326afc81c36b420ecfd247a00067bd1 diff --git a/inc/functions.php b/inc/functions.php index 3ee5bdff81..73928d9698 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -302,7 +302,7 @@ function loadTemplate ($template, $return = false, $content = array()) { } else { // Add surrounding HTML comments to help finding bugs faster $ret = '\n" . $GLOBALS['tpl_content'] . '\n"; - $eval = '$ret = "' . escapeQuotes($ret) . '";'; + $eval = '$ret = "' . compileRawCode(escapeQuotes($ret)) . '";'; } // END - if // Cache the eval() command here @@ -862,7 +862,7 @@ function generateDerefererUrl ($URL) { // Don't de-refer our own links! if (substr($URL, 0, strlen(getConfig('URL'))) != getConfig('URL')) { // De-refer this link - $URL = '{?URL?}/modules.php?module=loader&url=' . encodeString(compileUriCode($URL)); + $URL = '{%url=modules.php?module=loader&url=' . encodeString(compileUriCode($URL)) . '%}'; } // END - if // Return link @@ -872,7 +872,7 @@ function generateDerefererUrl ($URL) { // Generates an URL for the frametester function generateFrametesterUrl ($URL) { // Prepare frametester URL - $frametesterUrl = sprintf("{?URL?}/modules.php?module=frametester&url=%s", + $frametesterUrl = sprintf("{%%url=modules.php?module=frametester&url=%s%%}", encodeString(compileUriCode($URL)) ); @@ -903,7 +903,7 @@ function countSelection ($array) { // Generate XHTML code for the CAPTCHA function generateCaptchaCode ($code, $type, $DATA, $userid) { - return 'Code ' . $code . ''; + return 'Code ' . $code . ''; } // Generates a timestamp (some wrapper for mktime()) @@ -927,18 +927,7 @@ function makeTime ($hours, $minutes, $seconds, $stamp) { // Redirects to an URL and if neccessarry extends it with own base URL function redirectToUrl ($URL) { // Compile out codes - eval('$URL = "' . compileRawCode($URL) . '";'); - - // Check if http(s):// is there - if ((substr($URL, 0, 7) != 'http://') && (substr($URL, 0, 8) != 'https://')) { - // Make all URLs full-qualified - $URL = getConfig('URL') . '/' . $URL; - } // END - if - - // Three different debug ways... - //* DEBUG: */ debug_report_bug(sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL)); - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $URL); - //* DEBUG: */ die($URL); + eval('$URL = "' . compileRawCode(encodeUrl($URL)) . '";'); // Default 'rel' value is external, nofollow is evil from Google and hurts the Internet $rel = ' rel="external"'; @@ -957,6 +946,11 @@ function redirectToUrl ($URL) { clearOutputBuffer(); } // END - if + // Three different ways to debug... + //* DEBUG: */ debug_report_bug(sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL)); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $URL); + //* DEBUG: */ die($URL); + // Simple probe for bots/spiders from search engines if ((strpos(detectUserAgent(), 'spider') !== false) || (strpos(detectUserAgent(), 'bot') !== false)) { // Secure the URL against bad things such als HTML insertions and so on... @@ -1043,11 +1037,11 @@ function compileRawCode ($code, $simple = false, $constants = true, $full = true if ($constants === true) { // BEFORE 0.2.1 : Language and data constants // WITH 0.2.1+ : Only language constants - $code = str_replace('{--', "\".getMessage('", str_replace('--}', "').\"", $code)); + $code = str_replace('{--', "\" . getMessage('", str_replace('--}', "') . \"", $code)); // BEFORE 0.2.1 : Not used // WITH 0.2.1+ : Data constants - $code = str_replace('{!', "\".constant('", str_replace("!}", "').\"", $code)); + $code = str_replace('{!', "\" . constant('", str_replace('!}', "') . \"", $code)); } // END - if // Compile QUOT and other non-HTML codes @@ -1354,7 +1348,7 @@ function generateImageOrCode ($img_code, $headerSent = true) { debug_report_bug('img_code ' . $img_code .' has invalid length. img_code()=' . strlen($img_code) . ' code_length=' . getConfig('code_length')); } elseif ($headerSent === false) { // Return an HTML code here - return "\"Image\"\n"; + return "\"Image\"\n"; } // Load image @@ -1667,13 +1661,13 @@ function addEmailNavigation ($PAGES, $offset, $show_form, $colspan, $return=fals $NAV .= '-'; } else { // Open anchor tag and add base URL - $NAV .= ' 0)) $NAV .= '&userid=' . bigintval(getRequestElement('userid')); // Close open anchor tag - $NAV .= '">'; + $NAV .= '%}">'; } $NAV .= $page; if (($page == getRequestElement('page')) || ((!isGetRequestElementSet('page')) && ($page == 1))) { @@ -1976,7 +1970,7 @@ function generateMemberAdminActionLinks ($userid, $status = '') { $OUT = "[ "; foreach ($targetArray as $tar) { - $OUT .= ""); if (($tar == 'lock_user') && ($status == 'LOCKED')) { // Locked accounts shall be unlocked @@ -2635,8 +2629,7 @@ function getMessageFromErrorCode ($code) { case getCode('ID_LOCKED') : $message = getMessage('LOGIN_ID_LOCKED'); break; case getCode('ID_UNCONFIRMED') : $message = getMessage('LOGIN_ID_UNCONFIRMED'); break; case getCode('ID_GUEST') : $message = getMessage('LOGIN_ID_GUEST'); break; - case getCode('NO_COOKIES') : $message = getMessage('LOGIN_NO_COOKIES'); break; - case getCode('COOKIES_DISABLED') : $message = getMessage('LOGIN_NO_COOKIES'); break; + case getCode('COOKIES_DISABLED') : $message = getMessage('LOGIN_COOKIES_DISABLED'); break; case getCode('BEG_SAME_AS_OWN') : $message = getMessage('BEG_SAME_UID_AS_OWN'); break; case getCode('LOGIN_FAILED') : $message = getMessage('LOGIN_FAILED_GENERAL'); break; case getCode('MODULE_MEM_ONLY') : $message = sprintf(getMessage('MODULE_MEM_ONLY'), getRequestElement('mod')); break; @@ -3367,7 +3360,7 @@ function getArrayFromDirectory ($baseDir, $prefix, $fileIncludeDirs = false, $ad // Remove double slashes $FQFN = str_replace('//', '/', $FQFN); - // Check if the base filename matches an exclusion pattern and if the pattern is not empty + // Check if the base filenname matches an exclusion pattern and if the pattern is not empty if ((!empty($excludePattern)) && (preg_match($excludePattern, $baseFile, $match))) { // These Lines are only for debugging!! //* DEBUG: */ outputHtml('baseDir:' . $baseDir . '
'); @@ -3835,6 +3828,41 @@ function getModuleFromFileName ($file, $accessLevel) { return $modCheck; } +// Encodes an URL for adding session id, etc. +function encodeUrl ($url, $outputMode = '0') { + // Do we have already have a PHPSESSID inside? Then it is already converted... + if (strpos($url, session_name()) !== false) return $url; + + // Do we have a valid session? + if ((($GLOBALS['valid_session'] === false) || (!isset($_COOKIE[session_name()]))) && (isSpider() === false)) { + // Invalid session + // Determine right seperator + $seperator = '&'; + if (strpos($url, '?') === false) { + // No question mark + $seperator = '?'; + } elseif ((getOutputMode() != '0') || ($outputMode != '0')) { + // Non-HTML mode + $seperator = '&'; + } + + // Add it to URL + $url .= $seperator . session_name() . '=' . session_id(); + } // END - if + + // Add {?URL?} + $url = '{?URL?}/' . $url; + + // Return the URL + return $url; +} + +// Simple check for spider +function isSpider () { + // Is it a spider? + return ((strpos('spider', strtolower(detectUserAgent(true))) !== false) || (strpos('bot', strtolower(detectUserAgent(true))) !== false)); +} + ////////////////////////////////////////////////// // AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS // //////////////////////////////////////////////////