X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=a1d9b344f625bbcb0694f77ce52c51c4464ce4df;hp=318af2c2262240efe73ee8b02eeda1682c680d58;hb=8454545089b9b77695498cd855cf50075151d957;hpb=e6e3183f794b385f5acc38b371c220cc35cdac38
diff --git a/inc/functions.php b/inc/functions.php
index 318af2c226..a1d9b344f6 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -38,12 +38,21 @@ if (!defined('__SECURITY')) {
}
// Check if our config file is writeable or not
-function is_INCWritable($inc) {
- $fp = @fopen(PATH."inc/".$inc.".php", 'a');
+function IS_INC_WRITEABLE($inc) {
+ // Generate FQFN
+ $fqfn = sprintf("%sinc/%s.php", PATH, $inc);
+
+ // Abort by simple test
+ if ((FILE_READABLE($fqfn)) && (!is_writeable($fqfn))) {
+ return false;
+ } // END - if
+
+ // Test if we can append data
+ $fp = @fopen($fqfn, 'a');
if ($inc == "dummy") {
// Remove dummy file
@fclose($fp);
- return @unlink(PATH."inc/dummy.php");
+ return @unlink($fqfn);
} else {
// Close all other files
return @fclose($fp);
@@ -123,7 +132,8 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) {
default:
// Huh, something goes wrong or maybe you have edited config.php ???
- die ("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT);
+ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid renderer %s detected.", OUTPUT_MODE));
+ MXCHANGE_DIE("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT);
break;
}
} elseif ((_OB_CACHING == "on") && ($footer == 1)) {
@@ -133,8 +143,21 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) {
// Clear output buffer for later output
ob_end_clean();
+ // Send HTTP header
+ header("HTTP/1.1 200");
+
+ // Used later
+ $now = gmdate('D, d M Y H:i:s') . ' GMT';
+
+ // General headers for no caching
+ header("Expired: " . $now); // RFC2616 - Section 14.21
+ header("Last-Modified: " . $now);
+ header("Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0"); // HTTP/1.1
+ header("Pragma: no-cache"); // HTTP/1.0
+ header("Connection: Close");
+
// Extension "rewrite" installed?
- if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) {
+ if ((EXT_IS_ACTIVE("rewrite")) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) {
$OUTPUT = REWRITE_LINKS($OUTPUT);
} // END - if
@@ -157,7 +180,7 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) {
OUTPUT_RAW($OUTPUT);
} elseif ((OUTPUT_MODE == "render") && (!empty($OUTPUT))) {
// Rewrite links when rewrite extension is active
- if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) {
+ if ((EXT_IS_ACTIVE("rewrite")) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) {
$OUTPUT = REWRITE_LINKS($OUTPUT);
} // END - if
@@ -187,17 +210,22 @@ function OUTPUT_RAW ($HTML) {
// Add a fatal error message to the queue array
function ADD_FATAL ($message, $extra="") {
global $FATAL;
+
if (empty($extra)) {
// Regular text message to add to $FATAL
$FATAL[] = $message;
} else {
// $message is text with a mask plus extras to insert into the text
- $FATAL[] = sprintf($message, $extra);
+ $message = sprintf($message, $extra);
+ $FATAL[] = $message;
}
+
+ // Log fatal messages away
+ DEBUG_LOG(__FUNCTION__, __LINE__, " message={$message}");
}
// Load a template file and return it's content (only it's name; do not use ' or ")
-function LOAD_TEMPLATE($template, $return=false, $content="") {
+function LOAD_TEMPLATE($template, $return=false, $content=array()) {
// Add more variables which you want to use in your template files
global $DATA, $_CONFIG, $username;
@@ -205,38 +233,46 @@ function LOAD_TEMPLATE($template, $return=false, $content="") {
$template = strtolower($template);
// Count the template load
- if (!isset($_CONFIG['num_templates'])) $_CONFIG['num_templates'] = 0;
- $_CONFIG['num_templates']++;
+ if (getConfig('num_templates') == null) {
+ $_CONFIG['num_templates'] = 1;
+ } else {
+ $_CONFIG['num_templates']++;
+ }
+
+ // Prepare IP number and User Agent
+ $REMOTE_ADDR = GET_REMOTE_ADDR();
+ if (!defined('REMOTE_ADDR')) define('REMOTE_ADDR', $REMOTE_ADDR);
+ $HTTP_USER_AGENT = GET_USER_AGENT();
// Init some data
$ret = "";
if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0;
- // @DEPRECATED Try to remove this if() block
+ // @DEPRECATED Try to rewrite the if() condition
if ($template == "member_support_form") {
// Support request of a member
- $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
- array($GLOBALS['userid']), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
+ array($GLOBALS['userid']), __FILE__, __LINE__);
- // @TODO Merge this data into $content
- list($gender, $surname, $family, $email) = SQL_FETCHROW($result);
+ // Is content an array?
+ if (is_array($content)) {
+ // Merge data
+ $content = merge_array($content, SQL_FETCHARRAY($result));
- // Translate gender
- $gender = TRANSLATE_GENDER($gender);
+ // Translate gender
+ $content['gender'] = TRANSLATE_GENDER($content['gender']);
+ } else {
+ // DEPRECATED: Load data in direct variables
+ list($gender, $surname, $family, $email) = SQL_FETCHROW($result);
- // Insert data if content is an array
- if (is_array($content)) {
- // Please switch to $content[bla] in all your templates! Direct
- // variables are deprecated as of 09/13/2008.
- $content['gender'] = $gender;
- $content['surname'] = $surname;
- $content['family'] = $family;
- $content['email'] = $email;
- } // END - if
+ // Translate gender
+ $gender = TRANSLATE_GENDER($gender);
+ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("DEPRECATION-WARNING: content is not array (%s).", gettype($content)));
+ }
// Free result
SQL_FREERESULT($result);
- }
+ } // END - if
// Generate date/time string
$date_time = MAKE_DATETIME(time(), "1");
@@ -321,18 +357,22 @@ function LOAD_TEMPLATE($template, $return=false, $content="") {
// Add surrounding HTML comments to help finding bugs faster
$ret = "\n".$ret."\n";
- } elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!defined('mxchange_installed')))) {
+ } elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!isBooleanConstantAndTrue('mxchange_installed')))) {
// Only admins shall see this warning or when installation mode is active
$ret = "
".TEMPLATE_404."
(".basename($file).")
".TEMPLATE_CONTENT."
-
".print_r($content, true)."+
".print_r($content, true)."".TEMPLATE_DATA." -
".print_r($DATA, true)."+
".print_r($DATA, true)."
+ echo "\n"; + + // Log the mail away + if (defined('DEBUG_MAIL')) DEBUG_LOG(__FUNCTION__, __LINE__, "to={$TO},subject={$SUBJECT},msg={$MSG}"); + } elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail"))) { // Send mail as HTML away SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM); } elseif (!empty($TO)) { // Send Mail away - SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM); + SEND_RAW_EMAIL($TO, $SUBJECT, $MSG, $FROM); } elseif ($HTML == "N") { // Problem found! - SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM); + SEND_RAW_EMAIL(WEBMASTER, "[PROBLEM:]".$SUBJECT, $MSG, $FROM); } } @@ -467,7 +518,7 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { $mail->WordWrap = 70; $mail->IsHTML(true); } else { - $mail->Body = $msg; + $mail->Body = html_entity_decode($msg); } $mail->AddAddress($to, ""); $mail->AddReplyTo(WEBMASTER,MAIN_TITLE); @@ -476,7 +527,7 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { $mail->Send(); } else { // Use legacy mail() command - @mail($to, $subject, $msg, $from); + @mail($to, $subject, html_entity_decode($msg), $from); } } // @@ -484,7 +535,7 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { // Generate a password in a specified length or use default password length function GEN_PASS($LEN = 0) { global $_CONFIG; - if ($LEN == 0) $LEN = $_CONFIG['pass_len']; + if ($LEN == 0) $LEN = getConfig('pass_len'); // Initialize array with all allowed chars $ABC = explode(",", "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9,-,+,_,/"); @@ -496,13 +547,13 @@ function GEN_PASS($LEN = 0) { $PASS = ""; for ($i = 0; $i < $LEN; $i++) { $PASS .= $ABC[mt_rand(0, sizeof($ABC) -1)]; - } + } // END - for // When the size is below 40 we can also add additional security by scrambling it if (strlen($PASS) <= 40) { // Also scramble the password $PASS = scrambleString($PASS); - } + } // END - if // Return the password return $PASS; @@ -526,6 +577,9 @@ function MAKE_DATETIME ($time, $mode="0") case "1": $ret = strtolower(date("d.m.Y - H:i", $time)); break; case "2": $ret = date("d.m.Y|H:i", $time); break; case "3": $ret = date("d.m.Y", $time); break; + default: + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); + break; } break; @@ -535,37 +589,39 @@ function MAKE_DATETIME ($time, $mode="0") case "1": $ret = date("Y-m-d - g:i A", $time); break; case "2": $ret = date("y-m-d|H:i", $time); break; case "3": $ret = date("y-m-d", $time); break; + default: + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); + break; } } return $ret; } // Translates the american decimal dot into a german comma -function TRANSLATE_COMMA ($dotted, $cut=true) { +function TRANSLATE_COMMA ($dotted, $cut=true, $max=0) { global $_CONFIG; // Default is 3 you can change this in admin area "Misc -> Misc Options" - if (empty($_CONFIG['max_comma'])) $_CONFIG['max_comma'] = "3"; - $maxComma = $_CONFIG['max_comma']; + if (getConfig('max_comma') == null) $_CONFIG['max_comma'] = "3"; + + // Use from config is default + $maxComma = getConfig('max_comma'); + + // Use from parameter? + if ($max > 0) $maxComma = $max; // Cut zeros off? - if ($cut) { + if (($cut) && ($max == 0)) { // Test for commata if in cut-mode $com = explode(".", $dotted); - if (count($com) > 1) { - // Commata found, so only zeros? - if ($com[1] == str_repeat("0", strlen($com[1]))) { - // Only zeros, so don't display them - $maxComma = 0; - } // END - if - } else { + if (count($com) < 2) { // Don't display commatas even if there are none... ;-) $maxComma = 0; } } // END - if // Debug log - //DEBUG_LOG(__FUNCTION__.":dotted={$dotted},maxComma={$maxComma}"); + //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, "dotted={$dotted},maxComma={$maxComma}"); // Translate it now switch (GET_LANGUAGE()) { @@ -584,7 +640,13 @@ function TRANSLATE_COMMA ($dotted, $cut=true) { // function DEREFERER ($URL) { - $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL))); + // Don't de-refer our own links! + if (substr($URL, 0, strlen(URL)) != URL) { + // De-refer this link + $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL))); + } // END - if + + // Return link return $URL; } @@ -600,24 +662,6 @@ function TRANSLATE_GENDER ($gender) { return $ret; } // -function GET_POOL_TYPE($PT) { - // Unknown pool type is default - $ret = POOL_UNKNOWN." (".$PT.")"; - - // Generate constant name - $constantName = sprintf("POOL_%s", $PT); - - // Is the type known? - if (defined($constantName)) { - // Prepare eval command - $eval = sprintf("\$ret = %s;", $constantName); - eval($eval); - } // END - if - - // Return result - return $ret; -} -// function FRAMETESTER($URL) { // Prepare frametester URL $frametesterUrl = sprintf("%s/modules.php?module=frametester&url=%s", @@ -656,7 +700,13 @@ function TRANSLATE_STATUS($status) { $ret = ACCOUNT_LOCKED; break; + case "": + case null: + $ret = ACCOUNT_DELETED; + break; + default: + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status)); $ret = UNKNOWN_STATUS_1.$status.UNKNOWN_STATUS_2; break; } @@ -664,19 +714,22 @@ function TRANSLATE_STATUS($status) { } // function GET_LANGUAGE() { - if (!empty($_GET['mx_lang'])) { - // Accept only first 2 chars - $lang = substr($_GET['mx_lang'], 0, 2); - } else { - // Do nothing - $lang = ""; - } + global $cacheArray; // Set default return value to default language from config $ret = DEFAULT_LANG; - // Check GET variable and cookie - if (!empty($lang)) { + // Init variable + $lang = ""; + + // Is the variable set + if (!empty($_GET['mx_lang'])) { + // Accept only first 2 chars + $lang = substr($_GET['mx_lang'], 0, 2); + } elseif (isset($cacheArray['language'])) { + // Use cached + $ret = $cacheArray['language']; + } elseif (!empty($lang)) { // Check if main language file does exist if (FILE_READABLE(PATH."inc/language/".$lang.".php")) { // Okay found, so let's update cookies @@ -689,6 +742,11 @@ function GET_LANGUAGE() { // Fixes a warning before the session has the mx_lang constant if (empty($ret)) $ret = DEFAULT_LANG; } + + // Cache entry + $cacheArray['language'] = $ret; + + // Return value return $ret; } // @@ -702,7 +760,7 @@ function SET_LANGUAGE($lang) { set_session("mx_lang", $lang); } // -function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { +function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") { global $DATA, $_CONFIG, $REPLACER; // Make sure all template names are lowercase! @@ -714,35 +772,35 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { // Keept for backward-compatiblity (please replace these variables against our new {!CONST!} syntax!) // No longer used: $MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER; - // Init variables (DEPRECATED! Use $content[bla] instead. - $surname = ""; - $family = ""; - $nick = ""; - $gender = "N"; - // Prepare IP number and User Agent - $REMOTE_ADDR = getenv('REMOTE_ADDR'); - $HTTP_USER_AGENT = getenv('HTTP_USER_AGENT'); + $REMOTE_ADDR = GET_REMOTE_ADDR(); + $HTTP_USER_AGENT = GET_USER_AGENT(); + // Default admin $ADMIN = MAIN_TITLE; - if (isSessionVariableSet('admin_login')) { + + // Is the admin logged in? + if (IS_ADMIN()) { + // Get admin id + $aid = GET_CURRENT_ADMIN_ID(); + // Load Admin data - $result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", - array(get_session('admin_login')), __FILE__, __LINE__); - list($ADMIN) = SQL_FETCHROW($result); - SQL_FREERESULT($result); + $ADMIN = GET_ADMIN_EMAIL($aid); } // END - if + // Neutral email address is default + $email = WEBMASTER; + // Expiration in a nice output format - if ($_CONFIG['auto_purge'] == 0) { + if (getConfig('auto_purge') == 0) { // Will never expire! $EXPIRATION = MAIL_WILL_NEVER_EXPIRE; } elseif (function_exists('CREATE_FANCY_TIME')) { // Create nice date string - $EXPIRATION = CREATE_FANCY_TIME($_CONFIG['auto_purge']); + $EXPIRATION = CREATE_FANCY_TIME(getConfig('auto_purge')); } else { // Display days only - $EXPIRATION = round($_CONFIG['auto_purge']/60/60/24)." "._DAYS; + $EXPIRATION = round(getConfig('auto_purge')/60/60/24)." "._DAYS; } // Is content an array? @@ -752,40 +810,36 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { } // END - if // Load user's data - if ($UID > 0) { + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):UID={$UID},template={$template},content[]=".gettype($content)."".htmlentities(trim($FROM))." To : ".$TO." Subject : ".$SUBJECT." Message : ".$MSG." -\n"; - } elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail", true))) { +
".print_r($newContent, true)."+
".print_r($content, true)."".TEMPLATE_DATA." -
".print_r($DATA, true)."+
".print_r($DATA, true)."
"); debug_print_backtrace(); die("URL={$URL}"); - /**/ + */ @header ("Location: ".str_replace("&", "&", $URL)); } else { // Output error message @@ -916,6 +974,12 @@ function LOAD_URL($URL, $addUrlData=true) { // function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { global $SEC_CHARS, $URL_CHARS; + // Is the code a string? + if (!is_string($code)) { + // Silently return it + return $code; + } // END - if + $ARRAY = $SEC_CHARS; // Select smaller set of chars to replace when we e.g. want to compile URLs @@ -925,18 +989,18 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { if ($constants) { // BEFORE 0.2.1 : Language and data constants // WITH 0.2.1+ : Only language constants - $code = str_replace('{--', '".', str_replace('--}', '."', $code)); + $code = str_replace('{--','".', str_replace('--}','."', $code)); // BEFORE 0.2.1 : Not used // WITH 0.2.1+ : Data constants - $code = str_replace('{!', '".', str_replace("!}", '."', $code)); - } + $code = str_replace('{!','".', str_replace("!}", '."', $code)); + } // END - if // Compile QUOT and other non-HTML codes foreach ($ARRAY['to'] as $k => $to) { // Do the reversed thing as in inc/libs/security_functions.php $code = str_replace($to, $ARRAY['from'][$k], $code); - } + } // END - foreach // But shall I keep simple quotes for later use? if ($simple) $code = str_replace("\'", '{QUOT}', $code); @@ -949,22 +1013,43 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { // Replace all matches $matchesFound = array(); foreach ($matches[0] as $key => $match) { - // Avoid replacing matches multiple times - if (!isset($matchesFound[$match])) { - // Not yet replaced! - $code = str_replace($match, "\".".$match.".\"", $code); - $matchesFound[$match] = 1; - } // END - if + // Fuzzy look has failed by default + $fuzzyFound = false; + + // Fuzzy look on match if already found + foreach ($matchesFound as $found => $set) { + // Get test part + $test = substr($found, 0, strlen($match)); + + // Does this entry exist? + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):found={$found},match={$match},set={$set}