X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=9a9ea0dfc89080b04fd6617f1cbed14bed1afa8b;hp=d675eca81b5abe6dba65c639bbfbf7f4d6f1f816;hb=f8a2f0c9d334d87fdaf8f010678ca5ad8b95211f;hpb=75ad748a68473ace540251427a74fb781b1145e9 diff --git a/inc/functions.php b/inc/functions.php index d675eca81b..9a9ea0dfc8 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -32,47 +32,34 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) -{ +if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } // Check if our config file is writeable or not -function is_INCWritable($inc) -{ +function is_INCWritable($inc) { $fp = @fopen(PATH."inc/".$inc.".php", 'a'); - if ($inc == "dummy") - { + if ($inc == "dummy") { // Remove dummy file @fclose($fp); return @unlink(PATH."inc/dummy.php"); - } - else - { + } else { // Close all other files return @fclose($fp); } } -// Check if we can write to an sql file -function is_SQLWriteable($sql) -{ - $fp = @fopen(PATH.$sql.".sql", 'a'); - return @fclose($fp); -} - // Open a table (you may want to add some header stuff here) -function OPEN_TABLE($PERCENT = "", $CLASS = "", $ALIGN="left", $VALIGN="", $td_only=false) -{ +function OPEN_TABLE($PERCENT = "", $CLASS = "", $ALIGN="left", $VALIGN="", $td_only=false) { global $table_cnt; // Count tables so we can generate CSS classes for every table... :-) - if (empty($CLASS)) - { + if (empty($CLASS)) { // Class is empty so count one up and create a class $table_cnt++; $CLASS = "class".$table_cnt; } $OUT = ""; - OUTPUT_HTML ($OUT); + OUTPUT_HTML($OUT); } + // Close a table (you may want to add some footer stuff here) -function CLOSE_TABLE($ADD="") -{ - OUTPUT_HTML (" +function CLOSE_TABLE($ADD="") { + OUTPUT_HTML(" "); - if (!empty($ADD)) OUTPUT_HTML ($ADD); - OUTPUT_HTML ("
"); + if (!empty($ADD)) OUTPUT_HTML($ADD); + OUTPUT_HTML(""); } // Output HTML code directly or "render" it. You addionally switch the new-line character off -function OUTPUT_HTML ($HTML, $NEW_LINE = true) { +function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Some global variables - global $OUTPUT, $FOOTER, $CSS; + global $OUTPUT, $footer, $CSS; // Do we have HTML-Code here? if (!empty($HTML)) { @@ -112,16 +99,13 @@ function OUTPUT_HTML ($HTML, $NEW_LINE = true) { { case "render": // That's why you don't need any \n at the end of your HTML code... :-) - if (_OB_CACHING == "on") - { + if (_OB_CACHING == "on") { // Output into PHP's internal buffer - echo stripslashes($HTML); + OUTPUT_RAW($HTML); // That's why you don't need any \n at the end of your HTML code... :-) if ($NEW_LINE) echo "\n"; - } - else - { + } else { // Render mode for old or lame servers... $OUTPUT .= $HTML; @@ -132,10 +116,10 @@ function OUTPUT_HTML ($HTML, $NEW_LINE = true) { case "direct": // If we are switching from render to direct output rendered code - if ((!empty($OUTPUT)) && (_OB_CACHING != "on")) { echo $OUTPUT; $OUTPUT = ""; } + if ((!empty($OUTPUT)) && (_OB_CACHING != "on")) { OUTPUT_RAW($OUTPUT); $OUTPUT = ""; } // The same as above... ^ - echo stripslashes($HTML); + OUTPUT_RAW($HTML); if ($NEW_LINE) echo "\n"; break; @@ -144,7 +128,7 @@ function OUTPUT_HTML ($HTML, $NEW_LINE = true) { die ("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); break; } - } elseif ((_OB_CACHING == "on") && ($FOOTER == 1)) { + } elseif ((_OB_CACHING == "on") && ($footer == 1)) { // Output cached HTML code $OUTPUT = ob_get_contents(); @@ -162,8 +146,7 @@ function OUTPUT_HTML ($HTML, $NEW_LINE = true) { } // Output code here, DO NOT REMOVE! ;-) - echo stripslashes($OUTPUT); - flush(); + OUTPUT_RAW($OUTPUT); } elseif ((OUTPUT_MODE == "render") && (!empty($OUTPUT))) { // Rewrite links when rewrite extension is active if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { @@ -177,11 +160,24 @@ function OUTPUT_HTML ($HTML, $NEW_LINE = true) { } // Output code here, DO NOT REMOVE! ;-) - echo stripslashes($OUTPUT); - flush(); + OUTPUT_RAW($OUTPUT); } } +// Output the raw HTML code +function OUTPUT_RAW ($HTML) { + if ((isBooleanConstantAndTrue('mxchange_installed')) && (basename($_SERVER['PHP_SELF']) != "install.php")) { + // Not in install-mode so strip slashes away + echo stripslashes($HTML); + } else { + // Output directly in install-mode + echo $HTML; + } + + // Flush the output + flush(); +} + // Add a fatal error message to the queue array function ADD_FATAL ($message, $extra="") { @@ -196,18 +192,22 @@ function ADD_FATAL ($message, $extra="") } // Load a template file and return it's content (only it's name; do not use ' or ") -function LOAD_TEMPLATE($template, $return=false, $content="") -{ +function LOAD_TEMPLATE($template, $return=false, $content="") { // Add more variables which you want to use in your template files - global $DATA, $username; + global $DATA, $_CONFIG, $username; + + // Count the template load + if (!isset($_CONFIG['num_templates'])) $_CONFIG['num_templates'] = 0; + $_CONFIG['num_templates']++; + + // Init some data $ACTION = SQL_ESCAPE($GLOBALS['action']); $WHAT = SQL_ESCAPE($GLOBALS['what']); $ret = ""; if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0; $REFID = $GLOBALS['refid']; - if ($template == "member_support_form") - { + if ($template == "member_support_form") { // Support request of a member $result = SQL_QUERY_ESC("SELECT sex, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); @@ -224,42 +224,28 @@ function LOAD_TEMPLATE($template, $return=false, $content="") $MODE = ""; // Check for admin/guest/member templates - if (strpos($template, "admin_") > -1) - { + if (strpos($template, "admin_") > -1) { // Admin template found $MODE = "admin/"; - } - elseif (strpos($template, "guest_") > -1) - { + } elseif (strpos($template, "guest_") > -1) { // Guest template found $MODE = "guest/"; - } - elseif (strpos($template, "member_") > -1) - { + } elseif (strpos($template, "member_") > -1) { // Member template found $MODE = "member/"; - } - elseif (strpos($template, "install_") > -1) - { + } elseif (strpos($template, "install_") > -1) { // Installation template found $MODE = "install/"; - } - elseif (strpos($template, "ext_") > -1) - { + } elseif (strpos($template, "ext_") > -1) { // Extension template found $MODE = "ext/"; - } - elseif (strpos($template, "la_") > -1) - { + } elseif (strpos($template, "la_") > -1) { // "Logical-area" template found $MODE = "la/"; - } - else - { + } else { // Test for extension $test = substr($template, 0, strpos($template, "_")); - if (EXT_IS_ACTIVE($test)) - { + if (EXT_IS_ACTIVE($test)) { // Set extra path to extension's name $MODE = $test."/"; } @@ -270,8 +256,7 @@ function LOAD_TEMPLATE($template, $return=false, $content="") //////////////////////// $file = $BASE.$MODE.$template.".tpl"; - if ((!empty($GLOBALS['what'])) && ((strpos($template, "_header") > 0) || (strpos($template, "_footer") > 0)) && (($MODE == "guest/") || ($MODE == "member/") || ($MODE == "admin/"))) - { + if ((!empty($GLOBALS['what'])) && ((strpos($template, "_header") > 0) || (strpos($template, "_footer") > 0)) && (($MODE == "guest/") || ($MODE == "member/") || ($MODE == "admin/"))) { // Select what depended header/footer template file for admin/guest/member area $file2 = sprintf("%s%s%s_%s.tpl", $BASE, @@ -288,15 +273,13 @@ function LOAD_TEMPLATE($template, $return=false, $content="") } // Does the special template exists? - if (!file_exists($file)) - { + if ((!file_exists($file)) || (!is_readable($file))) { // Reset to default template $file = $BASE.$template.".tpl"; } // Now does the final template exists? - if (file_exists($file)) - { + if ((file_exists($file)) && (is_readable($file))) { // The local file does exists so we load it. :) $tmpl_file = implode("", file($file)); @@ -304,73 +287,59 @@ function LOAD_TEMPLATE($template, $return=false, $content="") while (strpos($tmpl_file, "\'") !== false) { $tmpl_file = str_replace("\'", "{QUOT}", $tmpl_file); } // Do we have to compile the code? - if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) - { + if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) { // Okay, compile it! $tmpl_file = "\$ret=\"".COMPILE_CODE(addslashes($tmpl_file))."\";"; eval($tmpl_file); - } - else - { + } else { // Simply return loaded code $ret = $tmpl_file; } // Add surrounding HTML comments to help finding bugs faster $ret = "\n".$ret."\n"; - } - elseif ((IS_ADMIN()) || ((mxchange_installing) && (!mxchange_installed))) - { + } elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!isBooleanConstantAndTrue('mxchange_installed')))) { // Only admins shall see this warning or when installation mode is active - $ret = "
".TEMPLATE_404."
-(".basename($file).")
-
+ $ret = "
".TEMPLATE_404."
+(".basename($file).")
+
".TEMPLATE_CONTENT." 
".print_r($content, true)."
".TEMPLATE_DATA." 
".print_r($DATA, true)."
-

"; +

"; } - if (!empty($ret)) - { + + // Do we have some content to output or return? + if (!empty($ret)) { // Not empty so let's put it out! ;) - if ($return) - { + if ($return) { // Return the HTML code return $ret; - } - else - { + } else { // Output direct - OUTPUT_HTML ($ret); + OUTPUT_HTML($ret); } - } - elseif (DEBUG_MODE) - { + } elseif (isBooleanConstantAndTrue('DEBUG_MODE')) { // Warning, empty output! - return "E:".$template."
\n"; + return "E:".$template."
\n"; } } // Send mail out to an email address -function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML="N", $FROM="") -{ +function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML='N', $FROM="") { // Compile subject line (for POINTS constant etc.) $eval = "\$SUBJECT = \"".COMPILE_CODE(addslashes($SUBJECT))."\";"; eval($eval); $SUBJECT = html_entity_decode($SUBJECT); // Set from header - if (!eregi("@", $TO)) - { + if (!eregi("@", $TO)) { // Value detected, load email from database - if (EXT_IS_ACTIVE("msg")) - { + if (EXT_IS_ACTIVE("msg")) { ADD_MESSAGE_TO_BOX($TO, $SUBJECT, $MSG, $HTML); return; - } - else - { + } else { $result_email = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); list($TO) = SQL_FETCHROW($result_email); SQL_FREERESULT($result_email); @@ -386,7 +355,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML="N", $FROM="") // Append header $FROM .= LOAD_EMAIL_TEMPLATE("header"); } - } elseif (DEBUG_MODE) { + } elseif (isBooleanConstantAndTrue('DEBUG_MODE')) { if (empty($FROM)) { // Load email header template $FROM = LOAD_EMAIL_TEMPLATE("header"); @@ -397,9 +366,8 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML="N", $FROM="") } // Fix HTML parameter (default is no!) - if (empty($HTML)) $HTML = "N"; - if (DEBUG_MODE) - { + if (empty($HTML)) $HTML = 'N'; + if (isBooleanConstantAndTrue('DEBUG_MODE')) { // In debug mode we want to display the mail instead of sending it away so we can debug this part echo "
 ".htmlentities(trim($FROM))."
@@ -407,26 +375,21 @@ To      : ".$TO."
 Subject : ".$SUBJECT."
 Message : ".$MSG."
\n"; - } - elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail", true))) - { + } elseif (($HTML == 'Y') && (EXT_IS_ACTIVE("html_mail", true))) { // Send mail as HTML away SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM); - } - elseif (!empty($TO)) - { + } elseif (!empty($TO)) { // Compile email $TO = COMPILE_CODE($TO); // Send Mail away - SEND_RAW_EMAIL(stripslashes($TO), COMPILE_CODE($SUBJECT), stripslashes($MSG), $FROM); - } - elseif ($HTML == "N") - { + SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM); + } elseif ($HTML == 'N') { // Problem found! - SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), stripslashes($MSG), $FROM); + SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM); } } + // Check if legacy or PHPMailer command // @private function CHECK_PHPMAILER_USAGE() { @@ -478,8 +441,8 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { // Generate a password in a specified length or use default password length function GEN_PASS($LEN = 0) { - global $CONFIG; - if ($LEN == 0) $LEN = $CONFIG['pass_len']; + global $_CONFIG; + if ($LEN == 0) $LEN = $_CONFIG['pass_len']; // Initialize array with all allowed chars $ABC = explode(",", "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9,-,+,_,/"); @@ -536,87 +499,72 @@ function MAKE_DATETIME($time, $mode="0") } return $ret; } -// + +// Translates the american decimal dot into a german comma function TRANSLATE_COMMA($dotted, $cut=true) { - global $CONFIG; + global $_CONFIG; // Default is 3 you can change this in admin area "Misc -> Misc Options" - if (empty($CONFIG['max_comma'])) $CONFIG['max_comma'] = "3"; - if (!ereg("\.", $dotted)) $dotted .= ".".str_repeat("0", $CONFIG['max_comma']); - if ($cut) - { + if (empty($_CONFIG['max_comma'])) $_CONFIG['max_comma'] = "3"; + if (!ereg("\.", $dotted)) $dotted .= ".".str_repeat("0", $_CONFIG['max_comma']); + if ($cut) { // Remove trailing zeros $dot = str_replace(".", "x", $dotted); - while(substr($dot, -1, 1) == "0") - { + while(substr($dot, -1, 1) == "0") { $dot = substr($dot, 0, -1); } - if (substr($dot, -1, 1) == "x") - { + + if (substr($dot, -1, 1) == "x") { // Last char is the 'x' $dotted = substr($dot, 0, -1); - } - else - { + } else { // Last char is a number $dotted = str_replace("x", ".", $dot); } } - switch (GET_LANGUAGE()) - { + + // Translate it now + switch (GET_LANGUAGE()) { case "de": $pos = strpos($dotted, "."); - if ($pos > 0) - { - if ($cut) - { + if ($pos > 0) { + if ($cut) { // Cut x numbers behind comma - $dotted = str_replace(".", ",", substr($dotted, 0, ($pos + $CONFIG['max_comma'] + 1))); - } - else - { + $dotted = str_replace(".", ",", substr($dotted, 0, ($pos + $_CONFIG['max_comma'] + 1))); + } else { // Replace comma with dot $dotted = str_replace(".", ",", $dotted); } - } - elseif (!$cut) - { - if (empty($pos)) - { - $dotted = "0,".str_repeat("0", $CONFIG['max_comma']); - } - else - { - $dotted .= ",".str_repeat("0", $CONFIG['max_comma']); + } elseif (!$cut) { + if (empty($pos)) { + $dotted = "0,".str_repeat("0", $_CONFIG['max_comma']); + } else { + $dotted .= ",".str_repeat("0", $_CONFIG['max_comma']); } } break; default: - if (!$cut) - { - if ($pos > 0) - { - $dotted = substr($dotted, 0, ($pos + $CONFIG['max_comma'] + 1)); - } - else - { - $dotted .= ".".str_repeat("0", $CONFIG['max_comma']); + if (!$cut) { + if ($pos > 0) { + $dotted = substr($dotted, 0, ($pos + $_CONFIG['max_comma'] + 1)); + } else { + $dotted .= ".".str_repeat("0", $_CONFIG['max_comma']); } } break; } return $dotted; } + // -function DEREFERER($URL) -{ +function DEREFERER($URL) { $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(COMPILE_CODE($URL))); return $URL; } + // -function TRANSLATE_SEX($sex) -{ +function TRANSLATE_SEX($sex) { switch ($sex) { case "M": $ret = SEX_M; break; @@ -662,9 +610,9 @@ function SELECTION_COUNT($array) return $ret; } // -function IMG_CODE ($code, $TYPE, $DATA, $uid) +function IMG_CODE ($code, $type, $DATA, $uid) { - return "\"Code\""; + return "\"Code\""; } // function TRANSLATE_STATUS($status) @@ -690,17 +638,11 @@ function TRANSLATE_STATUS($status) return $ret; } // -function GET_LANGUAGE() -{ - global $_COOKIE, $_GET; - - if (!empty($_GET['mx_lang'])) - { +function GET_LANGUAGE() { + if (!empty($_GET['mx_lang'])) { // Accept only first 2 chars $lang = substr($_GET['mx_lang'], 0, 2); - } - else - { + } else { // Do nothing $lang = ""; } @@ -709,81 +651,67 @@ function GET_LANGUAGE() $ret = DEFAULT_LANG; // Check GET variable and cookie - if (!empty($lang)) - { + if (!empty($lang)) { // Check if main language file does exist - if (file_exists(PATH."inc/language/".$lang.".php")) - { + if (file_exists(PATH."inc/language/".$lang.".php")) { // Okay found, so let's update cookies SET_LANGUAGE($lang); } - } - elseif (!empty($_COOKIE['mx_lang'])) - { + } elseif (!isSessionVariableSet('mx_lang')) { // Return stored value from cookie - $ret = $_COOKIE['mx_lang']; + $ret = get_session('mx_lang'); } return $ret; } // -function SET_LANGUAGE($lang) -{ - global $CONFIG; +function SET_LANGUAGE($lang) { + global $_CONFIG; // Accept only first 2 chars! $lang = substr(SQL_ESCAPE(strip_tags($lang)), 0, 2); // Set cookie - @setcookie("mx_lang", $lang, (time() + $CONFIG['online_timeout']), COOKIE_PATH); - - // Set array - $_COOKIE['mx_lang'] = $lang; + set_session("mx_lang", $lang); } // -function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") -{ - global $DATA, $CONFIG, $REPLACER; +function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { + global $DATA, $_CONFIG, $REPLACER; // Keept for backward-compatiblity (please replace these variables against our new {--CONST--} syntax!) $MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER; - $surname = ""; $family = ""; $nick = ""; $sex = "N"; + $surname = ""; $family = ""; $nick = ""; $sex = 'N'; // Prepare IP number and User Agent $REMOTE_ADDR = getenv('REMOTE_ADDR'); $HTTP_USER_AGENT = getenv('HTTP_USER_AGENT'); $ADMIN = MAIN_TITLE; - if (!empty($_COOKIE['admin_login'])) - { + if (isSessionVariableSet('admin_login')) { // Load Admin data $result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", - array(SQL_ESCAPE($_COOKIE['admin_login'])), __FILE__, __LINE__); + array(SQL_ESCAPE(get_session('admin_login'))), __FILE__, __LINE__); list($ADMIN) = SQL_FETCHROW($result); SQL_FREERESULT($result); } // Expiration in a nice output format - if ($CONFIG['auto_purge'] == 0) - { + if ($_CONFIG['auto_purge'] == 0) { // Will never expire! $EXPIRATION = MAIL_WILL_NEVER_EXPIRE; - } - elseif (function_exists('CREATE_FANCY_TIME')) - { + } elseif (function_exists('CREATE_FANCY_TIME')) { // Create nice date string - $EXPIRATION = CREATE_FANCY_TIME($CONFIG['auto_purge']); - } - else - { + $EXPIRATION = CREATE_FANCY_TIME($_CONFIG['auto_purge']); + } else { // Display days only - $EXPIRATION = round($CONFIG['auto_purge']/60/60/24)." "._DAYS; + $EXPIRATION = round($_CONFIG['auto_purge']/60/60/24)." "._DAYS; } + switch ($template) { case "bonus-mail": // Load data for the bonus mail $BONUSID = $DATA[0]; $content = $DATA[2]; - $POINTS = TRANSLATE_COMMA($DATA[4]); + $points = TRANSLATE_COMMA($DATA[4]); $TIME = $DATA[5]; $TARGET_URL = $DATA[8]; $CATEGORY = GET_CATEGORY($DATA[9]); @@ -798,7 +726,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") case "order-admin": case "order-member": - $BLOCKS = $CONFIG['max_send']; + $BLOCKS = $_CONFIG['max_send']; $SUBJECT = $DATA[0]; $content = $DATA[1]; $PAYMENT = GET_PAYMENT($DATA[3]); @@ -820,13 +748,13 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") break; case "confirm-member": - $POINTS = $CONFIG['points_register']; + $points = $_CONFIG['points_register']; break; case "confirm-referral": $PERCENT = $DATA[0]; $LEVEL = $DATA[1]; - $POINTS = $DATA[2]; + $points = $DATA[2]; $REFID = $DATA[3]; break; @@ -835,7 +763,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") $CATEGORY = GET_CATEGORY($DATA[9]); $TIME = GET_PAY_POINTS($DATA[5], "time"); $TARGET_URL = $DATA[7]; - $POINTS = TRANSLATE_COMMA(GET_PAY_POINTS($DATA[5], "payment")); + $points = TRANSLATE_COMMA(GET_PAY_POINTS($DATA[5], "payment")); // Warning! This ID has changed from 10 to 11! $MAILID = $DATA[11]; @@ -855,11 +783,11 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") case "back-admin": case "back-member": - $POINTS = TRANSLATE_COMMA($DATA[10]); + $points = TRANSLATE_COMMA($DATA[10]); break; case "add-points": - $POINTS = $_POST['points']; + $points = bigintval($_POST['points']); break; case "guest_request_confirm": @@ -868,18 +796,14 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") } // Load user's data - if ($UID > 0) - { - if (EXT_IS_ACTIVE("nickname")) - { + if ($UID > 0) { + if (EXT_IS_ACTIVE("nickname")) { // Load nickname $result = SQL_QUERY_ESC("SELECT surname, family, sex, email, nickname FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($UID)), __FILE__, __LINE__); list($surname, $family, $sex, $email, $nick) = SQL_FETCHROW($result); SQL_FREERESULT($result); - } - else - { + } else { // Load normal data $result = SQL_QUERY_ESC("SELECT surname, family, sex, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", array(bigintval($UID)), __FILE__, __LINE__); @@ -887,11 +811,9 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") SQL_FREERESULT($result); $nick = "---"; } - } - else - { + } else { // Neutral sex and email address is default - $sex = "N"; + $sex = 'N'; $email = WEBMASTER; } @@ -905,40 +827,29 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") $BASE = PATH."templates/".GET_LANGUAGE()."/emails/"; // Check for admin/guest/member templates - if (strpos($template, "admin_") > -1) - { + if (strpos($template, "admin_") > -1) { // Admin template found $file = $BASE."admin/".$template.".tpl"; - } - elseif (strpos($template, "guest_") > -1) - { + } elseif (strpos($template, "guest_") > -1) { // Guest template found $file = $BASE."guest/".$template.".tpl"; - } - elseif (strpos($template, "member_") > -1) - { + } elseif (strpos($template, "member_") > -1) { // Member template found $file = $BASE."member/".$template.".tpl"; - } - else - { + } else { // Test for extension $test = substr($template, 0, strpos($template, "_")); - if (EXT_IS_ACTIVE($test)) - { + if (EXT_IS_ACTIVE($test)) { // Set extra path to extension's name $file = $BASE.$test."/".$template.".tpl"; - } - else - { + } else { // No special filename $file = $BASE.$template.".tpl"; } } // Does the special template exists? - if (!@file_exists($file)) - { + if ((!@file_exists($file)) || (!is_readable($file))) { // Reset to default template $file = $BASE.$template.".tpl"; } @@ -963,12 +874,12 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") elseif (!empty($template)) { // Template file not found! - $content = TEMPLATE_404.": ".$template."
+ $content = TEMPLATE_404.": ".$template."
".TEMPLATE_CONTENT." 
".print_r($content, true)."
".TEMPLATE_DATA." 
".print_r($DATA, true)."
-

"; +

"; // Debug mode not active? Then remove the HTML tags if (!DEBUG_MODE) $content = strip_tags($content); @@ -986,13 +897,21 @@ function MAKE_TIME($H, $M, $S, $stamp) // Extract day, month and year from given timestamp $DAY = date("d", $stamp); $MONTH = date("m", $stamp); - $YEAR = date("Y", $stamp); + $YEAR = date('Y', $stamp); // Create timestamp for wished time which depends on extracted date return mktime($H, $M, $S, $MONTH, $DAY, $YEAR); } // function LOAD_URL($URL, $addUrlData=true) { + global $CSS, $_CONFIG, $link, $db, $footer; + + // Check if http(s):// is there + if ((substr($URL, 0, 7) != "http://") && (substr($URL, 0, 8) != "https://")) { + // Make all URLs full-qualified + $URL = URL."/".$URL; + } + // Compile out URI codes $URL = COMPILE_CODE($URL); @@ -1005,14 +924,14 @@ function LOAD_URL($URL, $addUrlData=true) { $URL = htmlentities(strip_tags($URL), ENT_QUOTES); // Output new location link as anchor - OUTPUT_HTML ("".$URL."\n"); + OUTPUT_HTML("".$URL.""); } elseif (!headers_sent()) { // Load URL when headers are not sent @header ("Location: ".str_replace("&", "&", $URL)); } else { // Output error message include(PATH."inc/header.php"); - OUTPUT_HTML (LOAD_URL_ERROR_1.$URL.LOAD_URL_ERROR_2); + OUTPUT_HTML(LOAD_URL_ERROR_1.$URL.LOAD_URL_ERROR_2); include(PATH."inc/footer.php"); } exit(); @@ -1132,24 +1051,24 @@ function array_pk_sort(&$array, $a_sort, $primary_key = 0, $order = -1, $nums = $array = $dummy; } // -function ADD_SELECTION($TYPE, $DEFAULT, $PREFIX="", $id="0") +function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0") { global $MONTH_DESCR; $OUT = ""; - if ($TYPE == "yn") + if ($type == "yn") { // This is a yes/no selection only! - if ($id > 0) $PREFIX .= "[".$id."]"; - $OUT .= " \n"; } else { // Begin with regular selection box here - if (!empty($PREFIX)) $PREFIX .= "_"; - $TYPE2 = $TYPE; - if ($id > 0) $TYPE2 .= "[".$id."]"; - $OUT .= " \n"; } - switch ($TYPE) + switch ($type) { case "day": // Day for ($idx = 1; $idx < 32; $idx++) @@ -1171,7 +1090,7 @@ function ADD_SELECTION($TYPE, $DEFAULT, $PREFIX="", $id="0") case "year": // Year // Get current year - $YEAR = date("Y", time()); + $YEAR = date('Y', time()); // Check if the default value is larger than minimum and bigger than actual year if (($DEFAULT > 1930) && ($DEFAULT >= $YEAR)) @@ -1195,7 +1114,7 @@ function ADD_SELECTION($TYPE, $DEFAULT, $PREFIX="", $id="0") { // Get current year and subtract 16 (for erotic content) $OUT .= " \n"; - $YEAR = date("Y", time()) - 16; + $YEAR = date('Y', time()) - 16; for ($idx = 1930; $idx <= $YEAR; $idx++) { $OUT .= "