X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=a55dda49c181db6def6913bd2a896880de657fb4;hp=b2a538bc9ba381acf6542c88cc895750cb95ab84;hb=9741be1a19dd09fe6a5b4f7c92e2b2d57399bd21;hpb=e71e9e1380d65ccd06beef6fbc594bec10371f5f diff --git a/inc/functions.php b/inc/functions.php index b2a538bc9b..a55dda49c1 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -40,7 +40,7 @@ if (!defined('__SECURITY')) { // Check if our config file is writeable or not function IS_INC_WRITEABLE($inc) { // Generate FQFN - $fqfn = sprintf("%sinc/%s.php", PATH, $inc); + $fqfn = sprintf("%sinc/%s.php", constant('PATH'), $inc); // Abort by simple test if ((FILE_READABLE($fqfn)) && (!is_writeable($fqfn))) { @@ -59,103 +59,63 @@ function IS_INC_WRITEABLE($inc) { } } -// Open a table (you may want to add some header stuff here) -// @DEPRECATED -function OPEN_TABLE ($PERCENT = "", $CLASS = "", $ALIGN="left", $VALIGN="", $td_only=false) { - global $table_cnt; - - // Count tables so we can generate CSS classes for every table... :-) - if (empty($CLASS)) { - // Class is empty so count one up and create a class - $table_cnt++; $CLASS = "class".$table_cnt; - } - $OUT = ""; - OUTPUT_HTML($OUT); -} - -// Close a table (you may want to add some footer stuff here) -// @DEPRECATED -function CLOSE_TABLE( $ADD="") { - OUTPUT_HTML(" \n"); - if (!empty($ADD)) OUTPUT_HTML($ADD); - OUTPUT_HTML("
"); -} - // Output HTML code directly or "render" it. You addionally switch the new-line character off -function OUTPUT_HTML ($HTML, $NEW_LINE = true) { +function OUTPUT_HTML ($HTML, $newLine = true) { // Some global variables global $OUTPUT, $footer, $CSS; // Do we have HTML-Code here? if (!empty($HTML)) { // Yes, so we handle it as you have configured - switch (OUTPUT_MODE) + switch (constant('OUTPUT_MODE')) { case "render": // That's why you don't need any \n at the end of your HTML code... :-) - if (_OB_CACHING == "on") { + if (constant('_OB_CACHING') == "on") { // Output into PHP's internal buffer OUTPUT_RAW($HTML); // That's why you don't need any \n at the end of your HTML code... :-) - if ($NEW_LINE) echo "\n"; + if ($newLine) echo "\n"; } else { // Render mode for old or lame servers... $OUTPUT .= $HTML; // That's why you don't need any \n at the end of your HTML code... :-) - if ($NEW_LINE) $OUTPUT .= "\n"; + if ($newLine) $OUTPUT .= "\n"; } break; case "direct": // If we are switching from render to direct output rendered code - if ((!empty($OUTPUT)) && (_OB_CACHING != "on")) { OUTPUT_RAW($OUTPUT); $OUTPUT = ""; } + if ((!empty($OUTPUT)) && (constant('_OB_CACHING') != "on")) { OUTPUT_RAW($OUTPUT); $OUTPUT = ""; } // The same as above... ^ OUTPUT_RAW($HTML); - if ($NEW_LINE) echo "\n"; + if ($newLine) echo "\n"; break; default: // Huh, something goes wrong or maybe you have edited config.php ??? - DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid renderer %s detected.", OUTPUT_MODE)); - MXCHANGE_DIE("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid renderer %s detected.", constant('OUTPUT_MODE'))); + mxchange_die("{--FATAL_ERROR--}: {--LANG_NO_RENDER_DIRECT--}"); break; } - } elseif ((_OB_CACHING == "on") && ($footer == 1)) { + } elseif ((constant('_OB_CACHING') == "on") && ($footer == 1)) { // Headers already sent? if (headers_sent()) { // Log this error DEBUG_LOG(__FUNCTION__, __LINE__, "Headers already sent! We need debug backtrace here."); - // Output debug trace - print("Headers are already sent!
\n"); - print("Please report this error at bugs.mxchange.org:
");
-			debug_print_backtrace();
-			die("
Thank you for your help finding bugs."); + // Trigger an user error + debug_report_bug("Headers are already sent!"); } // END - if // Output cached HTML code $OUTPUT = ob_get_contents(); // Clear output buffer for later output - ob_end_clean(); + clearOutputBuffer(); // Send HTTP header header("HTTP/1.1 200"); @@ -171,7 +131,7 @@ function OUTPUT_HTML ($HTML, $NEW_LINE = true) { header("Connection: Close"); // Extension "rewrite" installed? - if ((EXT_IS_ACTIVE("rewrite")) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { + if ((EXT_IS_ACTIVE("rewrite")) && ($CSS != "1") && ($CSS != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); } // END - if @@ -179,28 +139,28 @@ function OUTPUT_HTML ($HTML, $NEW_LINE = true) { while (strpos($OUTPUT, '{!') > 0) { // Prepare the content and eval() it... $newContent = ""; - $eval = "\$newContent = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; + $eval = "\$newContent = \"".COMPILE_CODE(SQL_ESCAPE($OUTPUT))."\";"; @eval($eval); // Was that eval okay? if (empty($newContent)) { // Something went wrong! - die("Evaluation error:
".htmlentities($eval)."
"); + mxchange_die("Evaluation error:
".htmlentities($eval)."
"); } // END - if $OUTPUT = $newContent; } // END - while // Output code here, DO NOT REMOVE! ;-) OUTPUT_RAW($OUTPUT); - } elseif ((OUTPUT_MODE == "render") && (!empty($OUTPUT))) { + } elseif ((constant('OUTPUT_MODE') == "render") && (!empty($OUTPUT))) { // Rewrite links when rewrite extension is active - if ((EXT_IS_ACTIVE("rewrite")) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { + if ((EXT_IS_ACTIVE("rewrite")) && ($CSS != "1") && ($CSS != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); } // END - if // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { - $eval = "\$OUTPUT = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; + $eval = "\$OUTPUT = \"".COMPILE_CODE(SQL_ESCAPE($OUTPUT))."\";"; eval($eval); } // END - while @@ -214,32 +174,51 @@ function OUTPUT_RAW ($HTML) { // Output stripped HTML code to avoid broken JavaScript code, etc. echo stripslashes(stripslashes($HTML)); - // Flush the output if only _OB_CACHING is not "on" - if (_OB_CACHING != "on") { + // Flush the output if only constant('_OB_CACHING') is not "on" + if (constant('_OB_CACHING') != "on") { // Flush it flush(); } // END - if } // Add a fatal error message to the queue array -function ADD_FATAL ($message, $extra="") { +function addFatalMessage ($message, $extra="") { global $FATAL; - if (empty($extra)) { - // Regular text message to add to $FATAL - $FATAL[] = $message; - } else { + if (is_array($extra)) { + // Multiple extras for a message with masks + $message = call_user_func_array('sprintf', $extra); + } elseif (!empty($extra)) { // $message is text with a mask plus extras to insert into the text $message = sprintf($message, $extra); - $FATAL[] = $message; } + // Add message to $FATAL + $FATAL[] = $message; + // Log fatal messages away DEBUG_LOG(__FUNCTION__, __LINE__, " message={$message}"); } +// Getter for total fatal message count +function getTotalFatalErrors () { + global $FATAL; + + // Init coun + $count = 0; + + // Do we have at least the first entry? + if (!empty($FATAL[0])) { + // Get total count + $count = count($FATAL); + } // END - if + + // Return value + return $count; +} + // Load a template file and return it's content (only it's name; do not use ' or ") -function LOAD_TEMPLATE($template, $return=false, $content=array()) { +function LOAD_TEMPLATE ($template, $return=false, $content=array()) { // Add more variables which you want to use in your template files global $DATA, $_CONFIG, $username; @@ -261,7 +240,7 @@ function LOAD_TEMPLATE($template, $return=false, $content=array()) { // @DEPRECATED Try to rewrite the if() condition if ($template == "member_support_form") { // Support request of a member - $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); // Is content an array? @@ -272,7 +251,9 @@ function LOAD_TEMPLATE($template, $return=false, $content=array()) { // Translate gender $content['gender'] = TRANSLATE_GENDER($content['gender']); } else { - // DEPRECATED: Load data in direct variables + // @DEPRECATED + // @TODO Fine all templates which are using these direct variables and rewrite them. + // @TODO After this step is done, this else-block is history list($gender, $surname, $family, $email) = SQL_FETCHROW($result); // Translate gender @@ -288,7 +269,7 @@ function LOAD_TEMPLATE($template, $return=false, $content=array()) { $date_time = MAKE_DATETIME(time(), "1"); // Base directory - $BASE = sprintf("%stemplates/%s/html/", PATH, GET_LANGUAGE()); + $BASE = sprintf("%stemplates/%s/html/", constant('PATH'), GET_LANGUAGE()); $MODE = ""; // Check for admin/guest/member templates @@ -322,7 +303,7 @@ function LOAD_TEMPLATE($template, $return=false, $content=array()) { //////////////////////// // Generate file name // //////////////////////// - $file = $BASE.$MODE.$template.".tpl"; + $FQFN = $BASE.$MODE.$template.".tpl"; if ((!empty($GLOBALS['what'])) && ((strpos($template, "_header") > 0) || (strpos($template, "_footer") > 0)) && (($MODE == "guest/") || ($MODE == "member/") || ($MODE == "admin/"))) { // Select what depended header/footer template file for admin/guest/member area @@ -334,22 +315,22 @@ function LOAD_TEMPLATE($template, $return=false, $content=array()) { ); // Probe for it... - if (FILE_READABLE($file2)) $file = $file2; + if (FILE_READABLE($file2)) $FQFN = $file2; // Remove variable from memory unset($file2); } // Does the special template exists? - if (!FILE_READABLE($file)) { + if (!FILE_READABLE($FQFN)) { // Reset to default template - $file = $BASE.$template.".tpl"; + $FQFN = $BASE.$template.".tpl"; } // END - if // Now does the final template exists? - if (FILE_READABLE($file)) { + if (FILE_READABLE($FQFN)) { // The local file does exists so we load it. :) - $tmpl_file = READ_FILE($file); + $tmpl_file = READ_FILE($FQFN); // Replace ' to our own chars to preventing them being quoted while (strpos($tmpl_file, "'") !== false) { $tmpl_file = str_replace("'", '{QUOT}', $tmpl_file); } @@ -358,7 +339,7 @@ function LOAD_TEMPLATE($template, $return=false, $content=array()) { $ret = ""; if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) { // Okay, compile it! - $tmpl_file = "\$ret=\"".COMPILE_CODE(addslashes($tmpl_file))."\";"; + $tmpl_file = "\$ret=\"".COMPILE_CODE(SQL_ESCAPE($tmpl_file))."\";"; eval($tmpl_file); } else { // Simply return loaded code @@ -369,8 +350,8 @@ function LOAD_TEMPLATE($template, $return=false, $content=array()) { $ret = "\n".$ret."\n"; } elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!isBooleanConstantAndTrue('mxchange_installed')))) { // Only admins shall see this warning or when installation mode is active - $ret = "
".TEMPLATE_404."
-(".basename($file).")
+ $ret = "
".TEMPLATE_404."
+(".basename($FQFN).")

".TEMPLATE_CONTENT." 
".print_r($content, true)."
@@ -404,7 +385,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") { //* DEBUG: */ print __FUNCTION__."(".__LINE__."):TO={$TO},SUBJECT={$SUBJECT}
\n"; // Compile subject line (for POINTS constant etc.) - $eval = "\$SUBJECT = html_entity_decode(\"".COMPILE_CODE(addslashes($SUBJECT))."\");"; + $eval = "\$SUBJECT = decodeEntities(\"".COMPILE_CODE(SQL_ESCAPE($SUBJECT))."\");"; eval($eval); // Set from header @@ -415,7 +396,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") { return; } else { // Load email address - $result_email = SQL_QUERY_ESC("SELECT email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); + $result_email = SQL_QUERY_ESC("SELECT email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); //* DEBUG: */ print __FUNCTION__."(".__LINE__."):numRows=".SQL_NUMROWS($result_email)."
\n"; // Does the user exist? @@ -424,7 +405,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") { list($TO) = SQL_FETCHROW($result_email); } else { // Set webmaster - $TO = WEBMASTER; + $TO = constant('WEBMASTER'); } // Free result @@ -432,7 +413,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") { } } elseif ("$TO" == "0") { // Is the webmaster! - $TO = WEBMASTER; + $TO = constant('WEBMASTER'); } //* DEBUG: */ print __FUNCTION__."(".__LINE__."):TO={$TO}
\n"; @@ -457,11 +438,11 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") { } // Compile "TO" - $eval = "\$TO = \"".COMPILE_CODE(addslashes($TO))."\";"; + $eval = "\$TO = \"".COMPILE_CODE(SQL_ESCAPE($TO))."\";"; eval($eval); // Compile "MSG" - $eval = "\$MSG = \"".COMPILE_CODE(addslashes($MSG))."\";"; + $eval = "\$MSG = \"".COMPILE_CODE(SQL_ESCAPE($MSG))."\";"; eval($eval); // Fix HTML parameter (default is no!) @@ -482,7 +463,7 @@ Message : ".$MSG." SEND_RAW_EMAIL($TO, $SUBJECT, $MSG, $FROM); } elseif ($HTML == "N") { // Problem found! - SEND_RAW_EMAIL(WEBMASTER, "[PROBLEM:]".$SUBJECT, $MSG, $FROM); + SEND_RAW_EMAIL(constant('WEBMASTER'), "[PROBLEM:]".$SUBJECT, $MSG, $FROM); } } @@ -499,25 +480,25 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { // Shall we use PHPMailer class or legacy mode? if (CHECK_PHPMAILER_USAGE()) { // Use PHPMailer class with SMTP enabled - require_once(PATH."inc/phpmailer/class.phpmailer.php"); - require_once(PATH."inc/phpmailer/class.smtp.php"); + LOAD_INC_ONCE("inc/phpmailer/class.phpmailer.php"); + LOAD_INC_ONCE("inc/phpmailer/class.smtp.php"); // get new instance $mail = new PHPMailer(); - $mail->PluginDir = sprintf("%sinc/phpmailer/", PATH); + $mail->PluginDir = sprintf("%sinc/phpmailer/", constant('PATH')); $mail->IsSMTP(); $mail->SMTPAuth = true; - $mail->Host = SMTP_HOSTNAME; + $mail->Host = constant('SMTP_HOSTNAME'); $mail->Port = 25; - $mail->Username = SMTP_USER; - $mail->Password = SMTP_PASSWORD; + $mail->Username = constant('SMTP_USER'); + $mail->Password = constant('SMTP_PASSWORD'); if (empty($from)) { - $mail->From = WEBMASTER; + $mail->From = constant('WEBMASTER'); } else { $mail->From = $from; } - $mail->FromName = MAIN_TITLE; + $mail->FromName = constant('MAIN_TITLE'); $mail->Subject = $subject; if ((EXT_IS_ACTIVE("html_mail")) && (strip_tags($msg) != $msg)) { $mail->Body = $msg; @@ -525,16 +506,16 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { $mail->WordWrap = 70; $mail->IsHTML(true); } else { - $mail->Body = html_entity_decode($msg); + $mail->Body = decodeEntities($msg); } $mail->AddAddress($to, ""); - $mail->AddReplyTo(WEBMASTER,MAIN_TITLE); - $mail->AddCustomHeader("Errors-To:".WEBMASTER); - $mail->AddCustomHeader("X-Loop:".WEBMASTER); + $mail->AddReplyTo(constant('WEBMASTER'), constant('MAIN_TITLE')); + $mail->AddCustomHeader("Errors-To:".constant('WEBMASTER')); + $mail->AddCustomHeader("X-Loop:".constant('WEBMASTER')); $mail->Send(); } else { // Use legacy mail() command - @mail($to, $subject, html_entity_decode($msg), $from); + @mail($to, $subject, decodeEntities($msg), $from); } } // @@ -547,9 +528,6 @@ function GEN_PASS ($LEN = 0) { // Initialize array with all allowed chars $ABC = explode(",", "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9,-,+,_,/"); - // Initialize randomizer - mt_srand((double) microtime() * 1000000); - // Start creating password $PASS = ""; for ($i = 0; $i < $LEN; $i++) { @@ -606,10 +584,8 @@ function MAKE_DATETIME ($time, $mode="0") // Translates the american decimal dot into a german comma function TRANSLATE_COMMA ($dotted, $cut=true, $max=0) { - global $_CONFIG; - // Default is 3 you can change this in admin area "Misc -> Misc Options" - if (getConfig('max_comma') == null) $_CONFIG['max_comma'] = "3"; + if (!isConfigEntrySet('max_comma')) setConfigEntry('max_comma', "3"); // Use from config is default $maxComma = getConfig('max_comma'); @@ -650,35 +626,45 @@ function DEREFERER ($URL) { // Don't de-refer our own links! if (substr($URL, 0, strlen(URL)) != URL) { // De-refer this link - $URL = "modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL))); + $URL = "modules.php?module=loader&url=".encodeString(compileUriCode($URL)); } // END - if // Return link return $URL; } -// +// Translate Uni*-like gender to human-readable function TRANSLATE_GENDER ($gender) { - switch ($gender) - { - case "M": $ret = GENDER_M; break; - case "F": $ret = GENDER_F; break; - case "C": $ret = GENDER_C; break; - default : $ret = $gender; break; + // Default + $ret = "!{$gender}!"; + + // Male/female or company? + switch ($gender) { + case "M": $ret = getMessage('GENDER_M'); break; + case "F": $ret = getMessage('GENDER_F'); break; + case "C": $ret = getMessage('GENDER_C'); break; + default: + // Log unknown gender + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown gender %s detected.", $gender)); + break; } + + // Return translated gender return $ret; } + // -function FRAMETESTER($URL) { +function FRAMETESTER ($URL) { // Prepare frametester URL $frametesterUrl = sprintf("%s/modules.php?module=frametester&url=%s", URL, - urlencode(base64_encode(gzcompress(COMPILE_CODE($URL)))) + encodeString(compileUriCode($URL)) ); return $frametesterUrl; } + // -function SELECTION_COUNT($array) { +function SELECTION_COUNT ($array) { $ret = 0; if (is_array($array)) { foreach ($array as $key => $sel) { @@ -689,34 +675,30 @@ function SELECTION_COUNT($array) { } // function IMG_CODE ($code, $type, $DATA, $uid) { - return "\"Code\""; + return "\"Code\""; } // -function TRANSLATE_STATUS($status) { +function TRANSLATE_STATUS ($status) { switch ($status) { case "UNCONFIRMED": - $ret = ACCOUNT_UNCONFIRMED; - break; - case "CONFIRMED": - $ret = ACCOUNT_CONFIRMED; - break; - case "LOCKED": - $ret = ACCOUNT_LOCKED; + $ret = getMessage(sprintf("ACCOUNT_%s", $status)); break; case "": case null: - $ret = ACCOUNT_DELETED; + $ret = getMessage('ACCOUNT_DELETED'); break; default: DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status)); - $ret = UNKNOWN_STATUS_1.$status.UNKNOWN_STATUS_2; + $ret = sprintf(getMessage('UNKNOWN_STATUS"'), $status); break; } + + // Return it return $ret; } // @@ -724,7 +706,7 @@ function GET_LANGUAGE() { global $cacheArray; // Set default return value to default language from config - $ret = DEFAULT_LANG; + $ret = constant('DEFAULT_LANG'); // Init variable $lang = ""; @@ -738,7 +720,7 @@ function GET_LANGUAGE() { $ret = $cacheArray['language']; } elseif (!empty($lang)) { // Check if main language file does exist - if (FILE_READABLE(PATH."inc/language/".$lang.".php")) { + if (FILE_READABLE(constant('PATH')."inc/language/".$lang.".php")) { // Okay found, so let's update cookies SET_LANGUAGE($lang); } @@ -747,7 +729,7 @@ function GET_LANGUAGE() { $ret = get_session('mx_lang'); // Fixes a warning before the session has the mx_lang constant - if (empty($ret)) $ret = DEFAULT_LANG; + if (empty($ret)) $ret = constant('DEFAULT_LANG'); } // Cache entry @@ -774,15 +756,12 @@ function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") { // Default "nickname" if extension is not installed $nick = "---"; - // Keept for backward-compatiblity (please replace these variables against our new {!CONST!} syntax!) - // No longer used: $MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER; - // Prepare IP number and User Agent $REMOTE_ADDR = GET_REMOTE_ADDR(); $HTTP_USER_AGENT = GET_USER_AGENT(); // Default admin - $ADMIN = MAIN_TITLE; + $ADMIN = constant('MAIN_TITLE'); // Is the admin logged in? if (IS_ADMIN()) { @@ -794,18 +773,15 @@ function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") { } // END - if // Neutral email address is default - $email = WEBMASTER; + $email = constant('WEBMASTER'); // Expiration in a nice output format if (getConfig('auto_purge') == 0) { // Will never expire! - $EXPIRATION = MAIL_WILL_NEVER_EXPIRE; - } elseif (function_exists('CREATE_FANCY_TIME')) { + $EXPIRATION = getMessage('MAIL_WILL_NEVER_EXPIRE'); + } else { // Create nice date string $EXPIRATION = CREATE_FANCY_TIME(getConfig('auto_purge')); - } else { - // Display days only - $EXPIRATION = round(getConfig('auto_purge')/60/60/24)." "._DAYS; } // Is content an array? @@ -821,12 +797,12 @@ function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") { if (EXT_IS_ACTIVE("nickname")) { //* DEBUG: */ print __FUNCTION__."(".__LINE__."):NICKNAME!
\n"; // Load nickname - $result = SQL_QUERY_ESC("SELECT surname, family, gender, email, nickname FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT surname, family, gender, email, nickname FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array(bigintval($UID)), __FILE__, __LINE__); } else { //* DEBUG: */ print __FUNCTION__."(".__LINE__."):NO-NICK!
\n"; /// Load normal data - $result = SQL_QUERY_ESC("SELECT surname, family, gender, email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT surname, family, gender, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", array(bigintval($UID)), __FILE__, __LINE__); } @@ -849,66 +825,67 @@ function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") { $DATA['email'] = $email; // Base directory - $BASE = sprintf("%stemplates/%s/emails/", PATH, GET_LANGUAGE()); + $BASE = sprintf("%stemplates/%s/emails/", constant('PATH'), GET_LANGUAGE()); // Check for admin/guest/member templates if (strpos($template, "admin_") > -1) { // Admin template found - $file = $BASE."admin/".$template.".tpl"; + $FQFN = $BASE."admin/".$template.".tpl"; } elseif (strpos($template, "guest_") > -1) { // Guest template found - $file = $BASE."guest/".$template.".tpl"; + $FQFN = $BASE."guest/".$template.".tpl"; } elseif (strpos($template, "member_") > -1) { // Member template found - $file = $BASE."member/".$template.".tpl"; + $FQFN = $BASE."member/".$template.".tpl"; } else { // Test for extension $test = substr($template, 0, strpos($template, "_")); if (EXT_IS_ACTIVE($test)) { // Set extra path to extension's name - $file = $BASE.$test."/".$template.".tpl"; + $FQFN = $BASE.$test."/".$template.".tpl"; } else { // No special filename - $file = $BASE.$template.".tpl"; + $FQFN = $BASE.$template.".tpl"; } } // Does the special template exists? - if (!FILE_READABLE($file)) { + if (!FILE_READABLE($FQFN)) { // Reset to default template - $file = $BASE.$template.".tpl"; + $FQFN = $BASE.$template.".tpl"; } // END - if // Now does the final template exists? $newContent = ""; - if (FILE_READABLE($file)) { + if (FILE_READABLE($FQFN)) { // The local file does exists so we load it. :) - $tmpl_file = READ_FILE($file); - $tmpl_file = addslashes($tmpl_file); + $tmpl_file = READ_FILE($FQFN); + $tmpl_file = SQL_ESCAPE($tmpl_file); // Run code - $tmpl_file = "\$newContent=html_entity_decode(\"".COMPILE_CODE($tmpl_file)."\");"; + $tmpl_file = "\$newContent = decodeEntities(\"".COMPILE_CODE($tmpl_file)."\");"; @eval($tmpl_file); } elseif (!empty($template)) { // Template file not found! - $newContent = TEMPLATE_404.": ".$template."
-".TEMPLATE_CONTENT." + $newContent = "{--TEMPLATE_404--}: ".$template."
+{--TEMPLATE_CONTENT--} 
".print_r($content, true)."
-".TEMPLATE_DATA." +{--TEMPLATE_DATA--} 
".print_r($DATA, true)."


"; // Debug mode not active? Then remove the HTML tags - if (!DEBUG_MODE) $newContent = strip_tags($newContent); + if (!isBooleanConstantAndTrue('DEBUG_MODE')) $newContent = strip_tags($newContent); } else { // No template name supplied! - $newContent = NO_TEMPLATE_SUPPLIED; + $newContent = getMessage('NO_TEMPLATE_SUPPLIED'); } // Is there some content? if (empty($newContent)) { // Compiling failed $newContent = "Compiler error for template {$template}!\nUncompiled content:\n".$tmpl_file; + // Add last error if the required function exists if (function_exists('error_get_last')) $newContent .= "\n--------------------------------------\nDebug:\n".print_r(error_get_last(), true)."--------------------------------------\nPlease don't alter these informations!\nThanx."; } // END - if @@ -934,7 +911,7 @@ function LOAD_URL($URL, $addUrlData=true) { global $CSS, $footer; // Compile out URI codes - $URL = COMPILE_CODE($URL); + $URL = compileUriCode($URL); // Check if http(s):// is there if ((substr($URL, 0, 7) != "http://") && (substr($URL, 0, 8) != "https://")) { @@ -943,16 +920,12 @@ function LOAD_URL($URL, $addUrlData=true) { } // Get output buffer - /* - print "
";
-	debug_print_backtrace();
-	die("
"); - */ + //* DEBUG: */ debug_report_bug(); $OUTPUT = ob_get_contents(); // Clear it only if there is content if (!empty($OUTPUT)) { - ob_end_clean(); + clearOutputBuffer(); } // END - if // Add some data to URL if cookies are not accepted @@ -964,23 +937,35 @@ function LOAD_URL($URL, $addUrlData=true) { $URL = htmlentities(strip_tags($URL), ENT_QUOTES); // Output new location link as anchor - OUTPUT_HTML("".$URL.""); + OUTPUT_HTML("".$URL.""); } elseif (!headers_sent()) { // Load URL when headers are not sent - /* - print("
");
-		debug_print_backtrace();
-		die("
URL={$URL}"); - */ - @header ("Location: ".str_replace("&", "&", $URL)); + //* DEBUG: */ debug_report_bug("URL={$URL}"); + header ("Location: ".str_replace("&", "&", $URL)); } else { // Output error message - include(PATH."inc/header.php"); + LOAD_INC("inc/header.php"); LOAD_TEMPLATE("redirect_url", false, str_replace("&", "&", $URL)); - include(PATH."inc/footer.php"); + LOAD_INC("inc/footer.php"); } exit(); } + +// Wrapper for LOAD_URL but URL comes from a configuration entry +function LOAD_CONFIGURED_URL ($configEntry) { + // Get the URL + $URL = getConfig($configEntry); + + // Is this URL set? + if (is_null($URL)) { + // Then abort here + trigger_error(sprintf("Configuration entry %s is not set!", $configEntry)); + } // END - if + + // Load the URL + LOAD_URL($URL); +} + // function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { global $SEC_CHARS, $URL_CHARS; @@ -1073,7 +1058,7 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { * $array - Das 3-dimensionale Array, das paralell sortiert werden soll * * $a_sort - Array, das die Sortiereihenfolge der ersten Elementeben * * $primary_key - Prim.rschl.ssel aus $a_sort, nach dem sortiert wird * - * $order - Sortiereihenfolge: -1 = A-Z, 0 = keine, 1 = Z-A * + * $order - Sortiereihenfolge: -1 = a-Z, 0 = keine, 1 = Z-a * * $nums - true = Als Zahlen sortieren, false = Als Zeichen sortieren * * * * $a_sort muss Elemente enthalten, deren Wert Schluessel von $array * @@ -1124,29 +1109,29 @@ function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0") { if ($type == "yn") { // This is a yes/no selection only! if ($id > 0) $prefix .= "[".$id."]"; - $OUT .= " \n"; } else { // Begin with regular selection box here if (!empty($prefix)) $prefix .= "_"; $type2 = $type; if ($id > 0) $type2 .= "[".$id."]"; - $OUT .= " \n"; } switch ($type) { case "day": // Day for ($idx = 1; $idx < 32; $idx++) { - $OUT .= "\n"; } // END - for break; case "month": // Month foreach ($MONTH_DESCR as $month => $descr) { - $OUT .= "\n"; } // END - for break; @@ -1169,19 +1154,19 @@ function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0") { // Check if the default value is larger than minimum and bigger than actual year if (($DEFAULT > $minYear) && ($DEFAULT >= $YEAR)) { for ($idx = $YEAR; $idx < ($YEAR + 11); $idx++) { - $OUT .= "\n"; } // END - for } elseif ($DEFAULT == -1) { // Current year minus 1 for ($idx = $startYear; $idx <= ($YEAR + 1); $idx++) { - $OUT .= "\n"; + $OUT .= "\n"; } } else { // Get current year and subtract the configured minimum age - $OUT .= "\n"; + $OUT .= "\n"; // Calculate earliest year depending on extension version if (GET_EXT_VERSION("other") >= "0.2.1") { // Use configured minimum age @@ -1193,9 +1178,9 @@ function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0") { // Construct year selection list for ($idx = $minYear; $idx <= $YEAR; $idx++) { - $OUT .= "\n"; } // END - for } break; @@ -1204,60 +1189,66 @@ function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0") { case "min": for ($idx = 0; $idx < 60; $idx+=5) { if (strlen($idx) == 1) $idx = "0".$idx; - $OUT .= "\n"; } // END - for break; case "hour": for ($idx = 0; $idx < 24; $idx++) { if (strlen($idx) == 1) $idx = "0".$idx; - $OUT .= "\n"; } // END - for break; case "yn": - $OUT .= "\n"; break; } - $OUT .= " \n"; + $OUT .= " \n"; return $OUT; } // function TRANSLATE_YESNO($yn) { - switch ($yn) - { - case "Y": $yn = YES; break; - case "N": $yn = NO; break; - default : $yn = "??? (".$yn.")"; break; + // Default + $yn = "??? (".$yn.")"; + switch ($yn) { + case "Y": $yn = getMessage('YES'); break; + case "N": $yn = getMessage('NO'); break; + default: + // Log unknown value + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown value %s. Expected Y/N!", $yn)); + break; } + + // Return it return $yn; } // // Deprecated : $length // Optional : $DATA // -function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") { +function GEN_RANDOM_CODE ($length, $code, $uid, $DATA="") { // Fix missing _MAX constant if (!defined('_MAX')) define('_MAX', 15235); // Build server string - $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(PATH."inc/databases.php"); + $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(constant('PATH')."inc/databases.php"); // Build key string - $keys = SITE_KEY.":".DATE_KEY; - if (getConfig('secret_key') != null) $keys .= ":".getConfig('secret_key'); - if (getConfig('file_hash') != null) $keys .= ":".getConfig('file_hash'); + $keys = constant('SITE_KEY').":".constant('DATE_KEY'); + if (isConfigEntrySet('secret_key')) $keys .= ":".getConfig('secret_key'); + if (isConfigEntrySet('file_hash')) $keys .= ":".getConfig('file_hash'); $keys .= ":".date("d-m-Y (l-F-T)", bigintval(getConfig('patch_ctime'))); - if (getConfig('master_salt') != null) $keys .= ":".getConfig('master_salt'); + if (isConfigEntrySet('master_salt')) $keys .= ":".getConfig('master_salt'); // Build string from misc data $data = $code.":".$uid.":".$DATA; @@ -1270,20 +1261,20 @@ function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") { if (isset($GLOBALS['refid'])) $data .= ":".$GLOBALS['refid']; // Calculate number for generating the code - $a = $code + _ADD - 1; + $a = $code + constant('_ADD') - 1; - if (getConfig('master_hash') != null) { + if (isConfigEntrySet('master_hash')) { // Generate hash with master salt from modula of number with the prime number and other data - $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, getConfig('master_salt')); + $saltedHash = generateHash(($a % constant('_PRIME')).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, getConfig('master_salt')); // Create number from hash - $rcode = hexdec(substr($saltedHash, strlen(getConfig('master_salt')), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi(); + $rcode = hexdec(substr($saltedHash, strlen(getConfig('master_salt')), 9)) / abs(constant('_MAX') - $a + sqrt(constant('_ADD'))) / pi(); } else { // Generate hash with "hash of site key" from modula of number with the prime number and other data - $saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, substr(sha1(SITE_KEY), 0, 8)); + $saltedHash = generateHash(($a % constant('_PRIME')).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, substr(sha1(SITE_KEY), 0, 8)); // Create number from hash - $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi(); + $rcode = hexdec(substr($saltedHash, 8, 9)) / abs(constant('_MAX') - $a + sqrt(constant('_ADD'))) / pi(); } // At least 10 numbers shall be secure enought! @@ -1297,6 +1288,7 @@ function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") { // Done building code return $return; } + // Does only allow numbers function bigintval($num, $castValue = true) { // Filter all numbers out @@ -1306,29 +1298,28 @@ function bigintval($num, $castValue = true) { if ($castValue) $ret = (double)$ret; // Has the whole value changed? + // @TODO Remove this if() block if all is working fine if ("".$ret."" != "".$num."") { // Log the values - print("
");
-		debug_print_backtrace();
-		die("
"); - DEBUG_LOG(__FUNCTION__, __LINE__, " num={$num},ret={$ret}"); + debug_report_bug("{$ret}<>{$num}"); } // END - if // Return result return $ret; } + // Insert the code in $img_code into jpeg or PNG image -function GENERATE_IMAGE($img_code, $header=true) { +function GENERATE_IMAGE ($img_code, $header=true) { if ((strlen($img_code) > 6) || (empty($img_code)) || (getConfig('code_length') == 0)) { // Stop execution of function here because of over-sized code length return; } elseif (!$header) { // Return in an HTML code code - return "\n"; + return "\"Image\"\n"; } // Load image - $img = sprintf("%s/theme/%s/images/code_bg.%s", PATH, GET_CURR_THEME(), getConfig('img_type')); + $img = sprintf("%s/theme/%s/images/code_bg.%s", constant('PATH'), GET_CURR_THEME(), getConfig('img_type')); if (FILE_READABLE($img)) { // Switch image type switch (getConfig('img_type')) @@ -1345,6 +1336,7 @@ function GENERATE_IMAGE($img_code, $header=true) { } } else { // Exit function here + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("File for image type %s not found.", getConfig('img_type'))); return; } @@ -1425,135 +1417,135 @@ function CREATE_TIME_SELECTIONS ($timestamp, $prefix="", $display="", $align="ce ); } else { // Generate table - $OUT = "
\n"; - $OUT .= "\n"; - $OUT .= "\n"; + $OUT = "
\n"; + $OUT .= "
\n"; + $OUT .= "\n"; if (ereg('Y', $display) || (empty($display))) { - $OUT .= " \n"; + $OUT .= " \n"; } if (ereg("M", $display) || (empty($display))) { - $OUT .= " \n"; + $OUT .= " \n"; } if (ereg("W", $display) || (empty($display))) { - $OUT .= " \n"; + $OUT .= " \n"; } if (ereg("D", $display) || (empty($display))) { - $OUT .= " \n"; + $OUT .= " \n"; } if (ereg("h", $display) || (empty($display))) { - $OUT .= " \n"; + $OUT .= " \n"; } if (ereg("m", $display) || (empty($display))) { - $OUT .= " \n"; + $OUT .= " \n"; } if (ereg("s", $display) || (empty($display))) { - $OUT .= " \n"; + $OUT .= " \n"; } - $OUT .= "\n"; - $OUT .= "\n"; + $OUT .= "\n"; + $OUT .= "\n"; if (ereg('Y', $display) || (empty($display))) { // Generate year selection - $OUT .= " \n"; + $OUT .= " \n"; } else { - $OUT .= "\n"; + $OUT .= "\n"; } if (ereg("M", $display) || (empty($display))) { // Generate month selection - $OUT .= " \n"; + $OUT .= " \n"; } else { - $OUT .= "\n"; + $OUT .= "\n"; } if (ereg("W", $display) || (empty($display))) { // Generate week selection - $OUT .= " \n"; + $OUT .= " \n"; } else { - $OUT .= "\n"; + $OUT .= "\n"; } if (ereg("D", $display) || (empty($display))) { // Generate day selection - $OUT .= " \n"; + $OUT .= " \n"; } else { $OUT .= "\n"; } if (ereg("h", $display) || (empty($display))) { // Generate hour selection - $OUT .= " \n"; + $OUT .= " \n"; } else { $OUT .= "\n"; } if (ereg("m", $display) || (empty($display))) { // Generate minute selection - $OUT .= " \n"; + $OUT .= " \n"; } else { $OUT .= "\n"; } if (ereg("s", $display) || (empty($display))) { // Generate second selection - $OUT .= " \n"; + $OUT .= " \n"; } else { $OUT .= "\n"; } - $OUT .= "\n"; - $OUT .= "
"._YEARS."
{--_YEARS--}
"._MONTHS."
{--_MONTHS--}
"._WEEKS."
{--_WEEKS--}
"._DAYS."
{--_DAYS--}
"._HOURS."
{--_HOURS--}
"._MINUTES."
{--_MINUTES--}
"._SECONDS."
{--_SECONDS--}
\n"; - $OUT .= "
\n"; + $OUT .= "\n"; + $OUT .= "\n"; + $OUT .= "\n"; // Return generated HTML code } return $OUT; @@ -1586,9 +1578,10 @@ function CREATE_TIMESTAMP_FROM_SELECTIONS ($prefix, $POST) { // Return calculated value return $ret; } + // Sends out mail to all administrators // IMPORTANT: Please use SEND_ADMIN_NOTIFCATION() for now! -function SEND_ADMIN_EMAILS_PRO($subj, $template, $content, $UID) { +function SEND_ADMIN_EMAILS_PRO ($subj, $template, $content, $UID) { // Trim template name $template = trim($template); @@ -1601,41 +1594,52 @@ function SEND_ADMIN_EMAILS_PRO($subj, $template, $content, $UID) { } // END - if // Check which admin shall receive this mail - $result = SQL_QUERY_ESC("SELECT DISTINCT admin_id FROM "._MYSQL_PREFIX."_admins_mails WHERE mail_template='%s' ORDER BY admin_id", + $result = SQL_QUERY_ESC("SELECT DISTINCT admin_id FROM `{!_MYSQL_PREFIX!}_admins_mails` WHERE mail_template='%s' ORDER BY admin_id", array($template), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 0) { // Create new entry (to all admins) - SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins_mails (admin_id, mail_template) VALUES (0, '%s')", + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admins_mails` (admin_id, mail_template) VALUES (0, '%s')", array($template), __FILE__, __LINE__); } else { // Load admin IDs... $aids = array(); - while(list($aid) = SQL_FETCHROW($result)) { + while (list($aid) = SQL_FETCHROW($result)) { $aids[] = $aid; - } + } // END - while // Free memory SQL_FREERESULT($result); + // Init result + $result = false; + // "implode" IDs and query string $aid = implode(",", $aids); if ($aid == "-1") { - // Add line to userlog - USERLOG_ADD_LINE($subj, $msg, $UID); - return; + if (EXT_IS_ACTIVE("events")) { + // Add line to user events + EVENTS_ADD_LINE($subj, $msg, $UID); + } else { + // Log error for debug + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Extension 'events' missing: tpl=%s,subj=%s,UID=%s", + $template, + $subj, + $UID + )); + } } elseif ($aid == "0") { // Select all email adresses - $result = SQL_QUERY("SELECT email FROM "._MYSQL_PREFIX."_admins ORDER BY id", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT email FROM `{!_MYSQL_PREFIX!}_admins` ORDER BY `id`", __FILE__, __LINE__); } else { // If Admin-ID is not "to-all" select - $result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE id IN (%s) ORDER BY id", array($aid), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT email FROM `{!_MYSQL_PREFIX!}_admins` WHERE id IN (%s) ORDER BY `id`", array($aid), __FILE__, __LINE__); } } // Load email addresses and send away while (list($email) = SQL_FETCHROW($result)) { SEND_EMAIL($email, $subj, $msg); - } + } // END - while // Free memory SQL_FREERESULT($result); @@ -1648,7 +1652,7 @@ function CREATE_FANCY_TIME ($stamp) { foreach($data as $k => $v) { if ($v > 0) { // Value is greater than 0 "eval" data to return string - $eval = "\$ret .= \", \".\$v.\" \"._".strtoupper($k).";"; + $eval = "\$ret .= \", \".\$v.\" {--_".strtoupper($k)."--}\";"; eval($eval); break; } // END - if @@ -1660,7 +1664,7 @@ function CREATE_FANCY_TIME ($stamp) { $ret = substr($ret, 2); } else { // Zero seconds - $ret = "0 "._SECONDS; + $ret = "0 {--_SECONDS--}"; } // Return fancy time string @@ -1671,7 +1675,7 @@ function ADD_EMAIL_NAV($PAGES, $offset, $show_form, $colspan, $return=false) { $SEP = ""; $TOP = ""; if (!$show_form) { $TOP = " top2"; - $SEP = " "; + $SEP = " "; } $NAV = ""; @@ -1679,10 +1683,10 @@ function ADD_EMAIL_NAV($PAGES, $offset, $show_form, $colspan, $return=false) { // Is the page currently selected or shall we generate a link to it? if (($page == $_GET['page']) || ((empty($_GET['page'])) && ($page == "1"))) { // Is currently selected, so only highlight it - $NAV .= "-"; + $NAV .= "-"; } else { // Open anchor tag and add base URL - $NAV .= " 0)) $NAV .= "&u_id=".bigintval($_GET['u_id']); @@ -1693,10 +1697,10 @@ function ADD_EMAIL_NAV($PAGES, $offset, $show_form, $colspan, $return=false) { $NAV .= $page; if (($page == $_GET['page']) || ((empty($_GET['page'])) && ($page == "1"))) { // Is currently selected, so only highlight it - $NAV .= "-"; + $NAV .= "-"; } else { // Close anchor tag - $NAV .= ""; + $NAV .= ""; } // Add seperator if we have not yet reached total pages @@ -1726,7 +1730,7 @@ function ADD_EMAIL_NAV($PAGES, $offset, $show_form, $colspan, $return=false) { // Extract host from script name function EXTRACT_HOST (&$script) { // Use default SERVER_URL by default... ;) So? - $url = SERVER_URL; + $url = constant('SERVER_URL'); // Is this URL valid? if (substr($script, 0, 7) == "http://") { @@ -1769,8 +1773,8 @@ function GET_URL ($script) { // Generate GET request header $request = "GET /" . trim($script) . " HTTP/1.1\r\n"; $request .= "Host: " . $host . "\r\n"; - $request .= "Referer: " . URL . "/admin.php\r\n"; - $request .= "User-Agent: " . TITLE . "/" . FULL_VERSION . "\r\n"; + $request .= "Referer: " . constant('URL') . "/admin.php\r\n"; + $request .= "User-Agent: " . constant('TITLE') . "/" . constant('FULL_VERSION') . "\r\n"; $request .= "Content-Type: text/plain\r\n"; $request .= "Cache-Control: no-cache\r\n"; $request .= "Connection: Close\r\n\r\n"; @@ -1803,8 +1807,8 @@ function POST_URL ($script, $postData) { // Generate POST request header $request = "POST /" . trim($script) . " HTTP/1.1\r\n"; $request .= "Host: " . $host . "\r\n"; - $request .= "Referer: " . URL . "/admin.php\r\n"; - $request .= "User-Agent: " . TITLE . "/" . FULL_VERSION . "\r\n"; + $request .= "Referer: " . constant('URL') . "/admin.php\r\n"; + $request .= "User-Agent: " . constant('TITLE') . "/" . constant('FULL_VERSION') . "\r\n"; $request .= "Content-type: application/x-www-form-urlencoded\r\n"; $request .= "Content-length: " . strlen($data) . "\r\n"; $request .= "Cache-Control: no-cache\r\n"; @@ -1943,6 +1947,7 @@ function VALIDATE_EMAIL($email) { // Return check result return eregi($regex, $email); } + // Function taken from user comments on www.php.net / function eregi() function VALIDATE_URL ($URL, $compile=true) { // Trim URL a little @@ -1950,7 +1955,7 @@ function VALIDATE_URL ($URL, $compile=true) { //* DEBUG: */ echo $URL."
"; // Compile some chars out... - if ($compile) $URL = COMPILE_CODE($URL, false, false, false); + if ($compile) $URL = compileUriCode($URL, false, false, false); //* DEBUG: */ echo $URL."
"; // Check for the extension filter @@ -1961,10 +1966,11 @@ function VALIDATE_URL ($URL, $compile=true) { // If not installed, perform a simple test. Just make it sure there is always a http:// or // https:// in front of the URLs - return (((substr($URL, 0, 7) == "http://") || (substr($URL, 0, 8) == "https://")) && (strlen($URL) >= 12)); + return isUrlValid($URL); } + // -function MEMBER_ACTION_LINKS($uid, $status="") { +function MEMBER_ACTION_LINKS ($uid, $status = "") { // Define all main targets $TARGETS = array("del_user", "edit_user", "lock_user", "add_points", "sub_points"); @@ -1972,7 +1978,7 @@ function MEMBER_ACTION_LINKS($uid, $status="") { $eval = "\$OUT = \"[ "; foreach ($TARGETS as $tar) { - $eval .= "\n"; if (($tar == "lock_user") && ($status == "LOCKED")) { // Locked accounts shall be unlocked @@ -1981,7 +1987,7 @@ function MEMBER_ACTION_LINKS($uid, $status="") { // All other status is fine $eval .= strtoupper($tar); } - $eval .= "_TITLE.\"\\\">\".ADMIN_"; + $eval .= "_TITLE--}\\\">{--ADMIN_"; if (($tar == "lock_user") && ($status == "LOCKED")) { // Locked accounts shall be unlocked $eval .= "UNLOCK_USER"; @@ -1989,7 +1995,7 @@ function MEMBER_ACTION_LINKS($uid, $status="") { // All other status is fine $eval .= strtoupper($tar); } - $eval .= ".\" | "; + $eval .= "--} | "; } // Finish navigation link @@ -1999,11 +2005,14 @@ function MEMBER_ACTION_LINKS($uid, $status="") { // Return string return $OUT; } + // Function for backward-compatiblity +// @TODO Can this function be deprecated? function ADD_CATEGORY_TABLE ($MODE, $return=false) { // Load it from the register extension return REGISTER_ADD_CATEGORY_TABLE ($MODE, $return); } + // Generate an email link function CREATE_EMAIL_LINK ($email, $table = "admins") { // Default email link (INSECURE! Spammer can read this by harvester programs) @@ -2038,29 +2047,27 @@ function generateHash ($plainText, $salt = "") { } // END - if // Do we miss an arry element here? - if (getConfig('file_hash') == null) { + if (!isConfigEntrySet('file_hash')) { // Stop here - print("Missing file_hash in ".__FUNCTION__.". Backtrace:
");
-		debug_print_backtrace();
-		die("
"); + debug_report_bug("Missing file_hash in ".__FUNCTION__."."); } // END - if // When the salt is empty build a new one, else use the first x configured characters as the salt if (empty($salt)) { // Build server string - $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(PATH."inc/databases.php"); + $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(constant('PATH')."inc/databases.php"); // Build key string - $keys = SITE_KEY.":".DATE_KEY.":".getConfig('secret_key').":".getConfig('file_hash').":".date("d-m-Y (l-F-T)", bigintval(getConfig('patch_ctime'))).":".getConfig('master_salt'); + $keys = constant('SITE_KEY').":".constant('DATE_KEY').":".getConfig('secret_key').":".getConfig('file_hash').":".date("d-m-Y (l-F-T)", bigintval(getConfig('patch_ctime'))).":".getConfig('master_salt'); // Additional data $data = $plainText.":".uniqid(mt_rand(), true).":".time(); // Calculate number for generating the code - $a = time() + _ADD - 1; + $a = time() + constant('_ADD') - 1; // Generate SHA1 sum from modula of number and the prime number - $sha1 = sha1(($a % _PRIME).$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a); + $sha1 = sha1(($a % constant('_PRIME')).$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a); //* DEBUG: */ echo "SHA1=".$sha1." (".strlen($sha1).")
"; $sha1 = scrambleString($sha1); //* DEBUG: */ echo "Scrambled=".$sha1." (".strlen($sha1).")
"; @@ -2134,9 +2141,8 @@ function descrambleString($str) { return $orig; } // -function genScrambleString($len) { - // Prepare randomizer and array for the numbers - mt_srand((double) microtime() * 1000000); +function genScrambleString ($len) { + // Prepare array for the numbers $scrambleNumbers = array(); // First we need to setup randomized numbers from 0 to 31 @@ -2157,6 +2163,7 @@ function genScrambleString($len) { $scrambleString = implode(":", $scrambleNumbers); return $scrambleString; } + // Append data like session ID or referal ID to the given URL which would // normally be stored in cookies function ADD_URL_DATA ($URL) { @@ -2165,7 +2172,7 @@ function ADD_URL_DATA ($URL) { // Determine URL binder $BIND = "?"; - if (strpos($URL, "?") !== false) $BIND = "&"; + if (strpos($URL, "?") !== false) $BIND = "&"; if ((!defined('__COOKIES')) || ((!__COOKIES))) { // Cookies are not accepted @@ -2176,25 +2183,14 @@ function ADD_URL_DATA ($URL) { // Not found! So let's set default here $ADD .= $BIND."refid=".getConfig('def_refid'); } - - // Is there already added data? Then change the binder - if (!empty($ADD)) $BIND = "&"; - - // Add session ID - if ((!empty($_GET['PHPSESSID'])) && (strpos($URL, "PHPSESSID=") == 0)) { - // Add session from URL - $ADD .= $BIND."PHPSESSID=".SQL_ESCAPE(strip_tags($_GET['PHPSESSID'])); - } else { - // Add current session - $ADD .= $BIND."PHPSESSID=".session_id(); - } } // END - if // Add all together and return it - return $URL.$ADD; + return $URL . $ADD; } + // Generate an PGP-like encrypted hash of given hash for e.g. cookies -function generatePassString($passHash) { +function generatePassString ($passHash) { // Return vanilla password hash $ret = $passHash; @@ -2207,9 +2203,9 @@ function generatePassString($passHash) { $part2 = hexdec(substr(getConfig('secret_key'), $start, 4)); $mod = dechex($idx); if ($part1 > $part2) { - $mod = dechex(sqrt(($part1 - $part2) * _PRIME / pi())); + $mod = dechex(sqrt(($part1 - $part2) * constant('_PRIME') / pi())); } elseif ($part2 > $part1) { - $mod = dechex(sqrt(($part2 - $part1) * _PRIME / pi())); + $mod = dechex(sqrt(($part2 - $part1) * constant('_PRIME') / pi())); } $mod = substr(round($mod), 0, 4); $mod = str_repeat('0', 4-strlen($mod)).$mod; @@ -2248,13 +2244,14 @@ function FIX_DELETED_COOKIES ($cookies) { // Output error messages in a fasioned way and die... function mxchange_die ($msg) { - global $footer; + // Load header + LOAD_INC_ONCE("inc/header.php"); // Load the message template LOAD_TEMPLATE("admin_settings_saved", false, $msg); // Load footer - include(PATH."inc/footer.php"); + LOAD_INC_ONCE("inc/footer.php"); // Exit explicitly exit; @@ -2408,22 +2405,25 @@ function merge_array ($array1, $array2) { return array_merge($array1, $array2); } elseif (is_array($array1)) { // Return left array + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("array2 is not an array. array != %s", gettype($array2))); return $array1; + } elseif (is_array($array2)) { + // Return right array + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("array1 is not an array. array != %s", gettype($array1))); + return $array2; } - // Something wired happened here... - print(__FUNCTION__.":
");
-	debug_print_backtrace();
-	die("
"); + // Both are not arrays + debug_report_bug(__FUNCTION__.": No arrays provided!"); } // Debug message logger -function DEBUG_LOG ($file, $line, $message, $force=true) { +function DEBUG_LOG ($funcFile, $line, $message, $force=true) { // Is debug mode enabled? - if ((isBooleanConstantAndTrue('DEBUG_MODE')) || ($force)) { + if ((isBooleanConstantAndTrue('DEBUG_MODE')) || ($force === true)) { // Log this message away - $fp = fopen(PATH."inc/cache/debug.log", 'a') or mxchange_die("Cannot write logfile debug.log!"); - fwrite($fp, date("d.m.Y|H:i:s", time())."|".basename($file)."|".$line."|".strip_tags($message)."\n"); + $fp = fopen(constant('PATH')."inc/cache/debug.log", 'a') or mxchange_die("Cannot write logfile debug.log!"); + fwrite($fp, date("d.m.Y|H:i:s", time())."|".basename($funcFile)."|".$line."|".strip_tags($message)."\n"); fclose($fp); } // END - if } @@ -2439,11 +2439,11 @@ function GET_DIR_AS_ARRAY ($baseDir, $prefix) { while ($baseFile = readdir($dirPointer)) { // Load file only if extension is active // Make full path - $file = $baseDir.$baseFile; + $FQFN = $baseDir.$baseFile; // Is this a valid reset file? //* DEBUG: */ print __FUNCTION__."(".__LINE__."):baseDir={$baseDir},prefix={$prefix},baseFile={$baseFile}
\n"; - if ((FILE_READABLE($file)) && (substr($baseFile, 0, strlen($prefix)) == $prefix) && (substr($baseFile, -4, 4) == ".php")) { + if ((FILE_READABLE($FQFN)) && (substr($baseFile, 0, strlen($prefix)) == $prefix) && (substr($baseFile, -4, 4) == ".php")) { // Remove both for extension name $extName = substr($baseFile, strlen($prefix), -4); @@ -2453,10 +2453,10 @@ function GET_DIR_AS_ARRAY ($baseDir, $prefix) { // Is the extension valid and active? if (($extId > 0) && (EXT_IS_ACTIVE($extName))) { // Then add this file - $INCs[] = $file; + $INCs[] = $FQFN; } elseif ($extId == 0) { // Add non-extension files as well - $INCs[] = $file; + $INCs[] = $FQFN; } } // END - if } // END - while @@ -2479,7 +2479,7 @@ function RESET_ADD_INCLUDES () { } // END - if // Get more daily reset scripts - $INC_POOL = GET_DIR_AS_ARRAY(PATH."inc/reset/", "reset_"); + $INC_POOL = GET_DIR_AS_ARRAY(constant('PATH')."inc/reset/", "reset_"); // Update database if (!defined('DEBUG_RESET')) UPDATE_CONFIG("last_update", time()); @@ -2490,7 +2490,7 @@ function RESET_ADD_INCLUDES () { // Has it changed? if (getConfig('last_week') != $currWeek) { // Include weekly reset scripts - $INC_POOL = merge_array($INC_POOL, GET_DIR_AS_ARRAY(PATH."inc/weekly/", "weekly_")); + $INC_POOL = merge_array($INC_POOL, GET_DIR_AS_ARRAY(constant('PATH')."inc/weekly/", "weekly_")); // Update config if (!defined('DEBUG_WEEKLY')) UPDATE_CONFIG("last_week", $currWeek); @@ -2502,7 +2502,7 @@ function RESET_ADD_INCLUDES () { // Has it changed? if (getConfig('last_month') != $currMonth) { // Include monthly reset scripts - $INC_POOL = merge_array($INC_POOL, GET_DIR_AS_ARRAY(PATH."inc/monthly/", "monthly_")); + $INC_POOL = merge_array($INC_POOL, GET_DIR_AS_ARRAY(constant('PATH')."inc/monthly/", "monthly_")); // Update config if (!defined('DEBUG_MONTHLY')) UPDATE_CONFIG("last_month", $currMonth); @@ -2609,22 +2609,22 @@ function HANDLE_LOGIN_FAILTURES ($accessLevel) { $OUT = ""; // Is the session data set? - if ((isSessionVariableSet('mxchange_'.$accessLevel.'_failtures')) && (isSessionVariableSet('mxchange_'.$accessLevel.'_last_fail'))) { + if ((isSessionVariableSet('mxchange_'.$accessLevel.'_failures')) && (isSessionVariableSet('mxchange_'.$accessLevel.'_last_fail'))) { // Ignore zero values - if (get_session('mxchange_'.$accessLevel.'_failtures') > 0) { - // Non-guest has login failtures found, get both data and prepare it for template + if (get_session('mxchange_'.$accessLevel.'_failures') > 0) { + // Non-guest has login failures found, get both data and prepare it for template //* DEBUG: */ print __FUNCTION__."(".__LINE__."):accessLevel={$accessLevel}
\n"; $content = array( - 'login_failtures' => get_session('mxchange_'.$accessLevel.'_failtures'), - 'last_failture' => MAKE_DATETIME(get_session('mxchange_'.$accessLevel.'_last_fail'), "2") + 'login_failures' => get_session('mxchange_'.$accessLevel.'_failures'), + 'last_failure' => MAKE_DATETIME(get_session('mxchange_'.$accessLevel.'_last_fail'), "2") ); // Load template - $OUT = LOAD_TEMPLATE("login_failtures", true, $content); + $OUT = LOAD_TEMPLATE("login_failures", true, $content); } // END - if // Reset session data - set_session('mxchange_'.$accessLevel.'_failtures', ""); + set_session('mxchange_'.$accessLevel.'_failures', ""); set_session('mxchange_'.$accessLevel.'_last_fail', ""); } // END - if @@ -2647,13 +2647,13 @@ function REBUILD_CACHE ($cache, $inc="") { // Include file given? if (!empty($inc)) { // Construct FQFN - $fqfn = sprintf("%sinc/loader/load_cache-%s.php", PATH, $inc); + $INC = sprintf("inc/loader/load_cache-%s.php", $inc); // Is the include there? - if (FILE_READABLE($fqfn)) { + if (INCLUDE_READABLE($INC)) { // And rebuild it from scratch //* DEBUG: */ print __FUNCTION__."(".__LINE__."): inc={$inc} - LOADED!
\n"; - require($fqfn); + LOAD_INC($INC); } else { // Include not found! DEBUG_LOG(__FUNCTION__, __LINE__, "Include {$inc} not found. cache={$cache}"); @@ -2674,19 +2674,19 @@ function CACHE_PURGE_ADMIN_MENU ($id=0, $action="", $what="", $str="") { // No cache instance! DEBUG_LOG(__FUNCTION__, __LINE__, " No cache instance found."); return false; - } elseif ((getConfig('cache_admin_menu') == null) || (getConfig('cache_admin_menu') == "N")) { + } elseif ((!isConfigEntrySet('cache_admin_menu')) || (getConfig('cache_admin_menu') != "Y")) { // Caching disabled (currently experiemental!) return false; } // Experiemental feature! - trigger_error("Experimental feature: You have to delete the admin_*.cache files by yourself at this point."); + debug_report_bug("Experimental feature: You have to delete the admin_*.cache files by yourself at this point."); } // Translates the "pool type" into human-readable function TRANSLATE_POOL_TYPE ($type) { - // Default type is unknown - $translated = sprintf(POOL_TYPE_UNKNOWN, $type); + // Default type is unknown + $translated = sprintf(getMessage('POOL_TYPE_UNKNOWN'), $type); // Generate constant $constName = sprintf("POOL_TYPE_%s", $type); @@ -2694,7 +2694,7 @@ function TRANSLATE_POOL_TYPE ($type) { // Does it exist? if (defined($constName)) { // Then use it - $translated = constant($constName); + $translated = getMessage($constName); } // END - if // Return "translation" @@ -2783,15 +2783,16 @@ function ADD_NEW_BONUS_MAIL ($data, $mode="", $output=true) { ); // Mail inserted into bonus pool - if ($output) LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_BONUS_SEND); + if ($output) LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_BONUS_SEND')); } elseif ($output) { // More entered than can be reached! - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_MORE_SELECTED); + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_MORE_SELECTED')); } else { // Debug log DEBUG_LOG(__FUNCTION__, __LINE__, " cat={$data['cat']},receiver={$data['receiver']},data=".base64_encode(serialize($data))." More selected, than available!"); } } + // Determines referal id and sets it function DETERMINE_REFID () { global $CLICK, $_SERVER; @@ -2834,7 +2835,7 @@ function DETERMINE_REFID () { } // Destroys the admin session -function DESTROY_ADMIN_SESSION ($destroy = true) { +function destroyAdminSession ($destroy = true) { // Kill maybe existing session variables including array elements set_session('admin_login', ""); set_session('admin_md5' , ""); @@ -2843,7 +2844,7 @@ function DESTROY_ADMIN_SESSION ($destroy = true) { // Destroy session and return status if ($destroy) { - return @session_destroy(); + return session_destroy(); } // END - if // All fine if we shall not really destroy the session @@ -2856,6 +2857,12 @@ function IF_APACHE_MODULE_LOADED ($apacheModule) { return (((function_exists('apache_get_modules')) && (in_array($apacheModule, apache_get_modules()))) || (!function_exists('apache_get_modules'))); } +// Merges $_CONFIG with data in given array +function mergeConfig ($newConfig) { + global $_CONFIG; + $_CONFIG = merge_array($_CONFIG, $newConfig); +} + // Getter for $_CONFIG entries function getConfig ($entry) { global $_CONFIG; @@ -2864,7 +2871,7 @@ function getConfig ($entry) { $value = null; // Is the entry there? - if (isset($_CONFIG[$entry])) { + if (isConfigEntrySet($entry)) { // Then use it $value = $_CONFIG[$entry]; } // END - if @@ -2873,15 +2880,47 @@ function getConfig ($entry) { return $value; } -// @TODO Rewrite all language constants to the function getLanguage(). +// Setter for $_CONFIG entries +function setConfigEntry ($entry, $value) { + global $_CONFIG; + + // Secure the entry name + $entry = SQL_ESCAPE($entry); + + // And set it + $_CONFIG[$entry] = $value; +} + +// Checks wether the given config entry is set +function isConfigEntrySet ($entry) { + global $_CONFIG; + return (isset($_CONFIG[$entry])); +} + +// Increment or init with given value or 1 as default the given config entry +function incrementConfigEntry ($configEntry, $value=1) { + global $_CONFIG; + + // Increment it if set or init it with 1 + if (getConfig($configEntry) > 0) { + $_CONFIG[$configEntry] += $value; + } else { + $_CONFIG[$configEntry] = $value; + } +} + // "Getter" for language strings +// @TODO Rewrite all language constants to this function. function getMessage ($messageId) { // Default is not found! $return = "!".$messageId."!"; // Is the language string found? - if (isset($GLOBALS['msg'][$messageId])) { - // Language array element found + if (isset($GLOBALS['msg'][strtolower($messageId)])) { + // Language array element found in small_letters + $return = $GLOBALS['msg'][$messageId]; + } elseif (isset($GLOBALS['msg'][strtoupper($messageId)])) { + // @DEPRECATED Language array element found in BIG_LETTERS $return = $GLOBALS['msg'][$messageId]; } elseif (defined($messageId)) { // @DEPRECATED Deprecated constant found @@ -2920,13 +2959,13 @@ function GET_CURR_THEME() { } // END - if } elseif ((!isBooleanConstantAndTrue('mxchange_installed')) && ((isBooleanConstantAndTrue('mxchange_installing')) || ($CSS == true)) && ((!empty($_GET['theme'])) || (!empty($_POST['theme'])))) { // Prepare FQFN for checking - $theme = sprintf("%stheme/%s/theme.php", PATH, SQL_ESCAPE($_GET['theme'])); + $theme = sprintf("%stheme/%s/theme.php", constant('PATH'), SQL_ESCAPE($_GET['theme'])); // Installation mode active if ((!empty($_GET['theme'])) && (FILE_READABLE($theme))) { // Set cookie from URL data set_session('mxchange_theme', SQL_ESCAPE($_GET['theme'])); - } elseif (FILE_READABLE(sprintf("%stheme/%s/theme.php", PATH, SQL_ESCAPE($_POST['theme'])))) { + } elseif (FILE_READABLE(sprintf("%stheme/%s/theme.php", constant('PATH'), SQL_ESCAPE($_POST['theme'])))) { // Set cookie from posted data set_session('mxchange_theme', SQL_ESCAPE($_POST['theme'])); } @@ -2939,7 +2978,7 @@ function GET_CURR_THEME() { } // Add (maybe) found theme.php file to inclusion list - $theme = sprintf("%stheme/%s/theme.php", PATH, SQL_ESCAPE($ret)); + $theme = sprintf("%stheme/%s/theme.php", constant('PATH'), SQL_ESCAPE($ret)); // Try to load the requested include file if (FILE_READABLE($theme)) $INC_POOL[] = $theme; @@ -2970,7 +3009,7 @@ function THEME_GET_ID ($name) { incrementConfigEntry('cache_hits'); } elseif (GET_EXT_VERSION("cache") != "0.1.8") { // Check if current theme is already imported or not - $result = SQL_QUERY_ESC("SELECT id FROM `"._MYSQL_PREFIX."_themes` WHERE theme_path='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_themes` WHERE theme_path='%s' LIMIT 1", array($name), __FILE__, __LINE__); // Entry found? @@ -2987,18 +3026,6 @@ function THEME_GET_ID ($name) { return $id; } -// Increment or init with given value or 1 as default the given config entry -function incrementConfigEntry ($configEntry, $value=1) { - global $_CONFIG; - - // Increment it if set or init it with 1 - if (getConfig($configEntry) > 0) { - $_CONFIG[$configEntry] += $value; - } else { - $_CONFIG[$configEntry] = $value; - } -} - // Read a given file function READ_FILE ($FQFN, $sqlPrepare = false) { // Load the file @@ -3011,7 +3038,7 @@ function READ_FILE ($FQFN, $sqlPrepare = false) { } // Prepare SQL queries? - if ($sqlPreppare === true) { + if ($sqlPrepare === true) { // Remove some unwanted chars $content = str_replace("\r", "", $content); $content = str_replace("\n\n", "\n", $content); @@ -3021,10 +3048,42 @@ function READ_FILE ($FQFN, $sqlPrepare = false) { return $content; } +// Writes content to a file +function WRITE_FILE ($FQFN, $content) { + // Is the file writeable? + if (((FILE_READABLE($FQFN)) && (!is_writeable($FQFN))) && (!chmod($FQFN, 0644)) { + // Not writeable! + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("File %s not writeable.", basename($FQFN))); + + // Failed! :( + return false; + } // END - if + + // By default all is failed... + $return = false; + + // Is the function there? + if (function_exists('file_put_contents')) { + // Write it directly + $return = file_put_contents($FQFN, $content); + } else { + // Write it with fopen + $fp = fopen($FQFN, 'w') or mxchange_die("Cannot write file ".basename($FQFN)."!"); + fwrite($fp, $content); + fclose($fp); + + // Set CHMOD rights + $return = chmod($FQFN, 0644); + } + + // Return status + return $return; +} + // Generates an error code from given account status function GEN_ERROR_CODE_FROM_ACCOUNT_STATUS ($status) { // Default error code if unknown account status - $ERROR = CODE_UNKNOWN_STATUS; + $ERROR = constant('CODE_UNKNOWN_STATUS'); // Generate constant name $constantName = sprintf("CODE_ID_%s", $status); @@ -3042,6 +3101,427 @@ function GEN_ERROR_CODE_FROM_ACCOUNT_STATUS ($status) { return $ERROR; } +// Clears the output buffer. This function does *NOT* backup sent content. +function clearOutputBuffer () { + // Trigger an error on failure + if (!ob_end_clean()) { + // Failed! + debug_report_bug(__FUNCTION__.": Failed to clean output buffer."); + } // END - if +} + +// "Getter" for revision/version data +function getActualVersion ($type = 0) { + // By default nothing is new... ;-) + $new = false; + + // FQFN of revision file + $FQFN = sprintf("%sinc/cache/.revision", constant('PATH')); + + // Check for revision file + if (!FILE_READABLE($FQFN)) { + // Not found, so we need to create it + $new = true; + } else { + // Revision file found + $ins_vers = explode("\n", READ_FILE($FQFN)); + + // Is the content valid? + if ((!is_array($ins_vers)) || (count($ins_vers) <= 0) || (!isset($ins_vers[$type])) || ($ins_vers[0]) == "new") { + // File needs update! + $new = true; + } else { + // Revision-File has valid Data and isn't 'new' so return the Rev-Number + return trim($ins_vers[$type]); + } + } + + // Has it been updated? + if ($new === true) { + // No Revision-File or has no valid Data so read the Revision from the Server. + $version = GET_URL("check-updates3.php"); + + // Prepare content + $akt_vers[] = trim($version[10]); + $akt_vers[] = trim($version[9]); + $akt_vers[] = trim($version[8]); + + // Write file + WRITE_FILE($FQFN, implode("\n", $akt_vers)); + + // Return requested content + return trim($akt_vers[$type]); + } +} + +// Loads an include file and logs any missing files for debug purposes +function LOAD_INC ($INC) { + // Get constant path + $PATH = constant('PATH'); + + // Use the include file name directly + // @TODO Try to find all locations where an FQFN is given to these two + // @TODO functions and avoid it. + $FQFN = $INC; + + // Check if PATH is in $INC + if (substr($INC, 0, $PATH) != $PATH) { + // Add it. This is why we need a trailing slash in config.php + $FQFN = $PATH . $INC; + } // END - if + + // Is the include file there? + if (!FILE_READABLE($FQFN)) { + // Not there so log it + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Include file %s not found.", basename($INC))); + return false; + } // END - if + + // Try to load it + require($FQFN); +} + +// Loads an include file once +function LOAD_INC_ONCE ($INC) { + global $cacheArray; + + // Is it not loaded? + if (!isset($cacheArray['load_once'][$INC])) { + // Then try to load it + LOAD_INC($INC); + + // And mark it as loaded + $cacheArray['load_once'][$INC] = true; + } // END - if +} + +// Back-ported from the new ship-simu engine. :-) +function debug_get_printable_backtrace () { + // Init variable + $backtrace = "
    \n"; + + // Get and prepare backtrace for output + $backtraceArray = debug_backtrace(); + foreach ($backtraceArray as $key => $trace) { + if (!isset($trace['file'])) $trace['file'] = __FILE__; + if (!isset($trace['line'])) $trace['line'] = __LINE__; + if (!isset($trace['args'])) $trace['args'] = array(); + $backtrace .= "
  1. ".basename($trace['file']).":".$trace['line'].", ".$trace['function']."(".count($trace['args']).")
    2. \n"; + } // END - foreach + + // Close it + $backtrace .= "
\n"; + + // Return the backtrace + return $backtrace; +} + +// Output a debug backtrace to the user +function debug_report_bug ($message = "") { + // Init message + $debug = ""; + // Is the optional message set? + if (!empty($message)) { + // Use and log it + $debug = sprintf("Note: %s
\n", + $message + ); + + // @TODO Add a little more infos here + DEBUG_LOG(__FUNCTION__, __LINE__, $message); + } // END - if + + // Add output + $debug .= ("Please report this error at bugs.mxchange.org:
");
+	$debug .= (debug_get_printable_backtrace());
+	$debug .= ("
Thank you for your help finding bugs."); + + // And abort here + die($debug); +} + +// Generates a ***weak*** seed (taken from de.php.net/mt_srand) +function generateSeed () { + list($usec, $sec) = explode(" ", microtime()); + return ((float)$sec + (float)$usec); +} + +// Converts a message code to a human-readable message +function convertCodeToMessage ($code) { + $msg = ""; + switch ($code) { + case constant('CODE_LOGOUT_DONE') : $msg = getMessage('LOGOUT_DONE'); break; + case constant('CODE_LOGOUT_FAILED') : $msg = "{--LOGOUT_FAILED--}"; break; + case constant('CODE_DATA_INVALID') : $msg = getMessage('MAIL_DATA_INVALID'); break; + case constant('CODE_POSSIBLE_INVALID') : $msg = getMessage('MAIL_POSSIBLE_INVALID'); break; + case constant('CODE_ACCOUNT_LOCKED') : $msg = getMessage('MEMBER_ACCOUNT_LOCKED_UNC'); break; + case constant('CODE_USER_404') : $msg = getMessage('USER_NOT_FOUND'); break; + case constant('CODE_STATS_404') : $msg = getMessage('MAIL_STATS_404'); break; + case constant('CODE_ALREADY_CONFIRMED'): $msg = getMessage('MAIL_ALREADY_CONFIRMED'); break; + + case constant('CODE_ERROR_MAILID'): + if (EXT_IS_ACTIVE($ext, true)) { + $msg = getMessage('ERROR_CONFIRMING_MAIL'); + } else { + $msg = sprintf(getMessage('EXTENSION_PROBLEM_NOT_INSTALLED'), "mailid"); + } + break; + + case constant('CODE_EXTENSION_PROBLEM'): + if (isset($_GET['ext'])) { + $msg = sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), SQL_ESCAPE($_GET['ext'])); + } else { + $msg = getMessage('EXTENSION_PROBLEM_UNSET_EXT'); + } + break; + + case constant('CODE_COOKIES_DISABLED') : $msg = getMessage('LOGIN_NO_COOKIES'); break; + case constant('CODE_BEG_SAME_AS_OWN') : $msg = getMessage('BEG_SAME_UID_AS_OWN'); break; + case constant('CODE_LOGIN_FAILED') : $msg = getMessage('LOGIN_FAILED_GENERAL'); break; + default : $msg = sprintf(getMessage('UNKNOWN_MAILID_CODE'), $code); break; + } // END - switch + + // Return the message + return $msg; +} + +// Checks wether the given extension is currently not installed +// and redirects if so. +function REDIRCT_ON_UNINSTALLED_EXTENSION ($ext_name) { + // Is the extension uninstalled/inactive? + if (!EXT_IS_ACTIVE($ext_name)) { + // Redirect to index + LOAD_URL("modules.php?module=index&msg=".constant('CODE_EXTENSION_PROBLEM')."&ext=".$ext_name); + } // END - if +} + +// Generate a "link" for the given admin id (aid) +function GENERATE_AID_LINK ($aid) { + // No assigned admin is default + $admin = "
{--ADMIN_NO_ADMIN_ASSIGNED--}
"; + + // Zero? = Not assigned + if ($aid == "0") { + // Load admin's login + $login = GET_ADMIN_LOGIN($aid); + if ($login != "***") { + // Is the extension there? + if (EXT_IS_ACTIVE("admins")) { + // Admin found + $admin = "".$login.""; + } else { + // Extension not found + $admin = sprintf(getMessage('EXTENSION_PROBLEM_NOT_INSTALLED'), "admins"); + } + } else { + // Maybe deleted? + $admin = "
".sprintf(getMessage('ADMIN_ID_404'), $aid)."
"; + } + } // END - if + + // Return result + return $admin; +} + +// Checks wether an include file (non-FQFN better) is readable +function INCLUDE_READABLE ($INC) { + // Construct FQFN + $FQFN = constant('PATH') . $INC; + + // Is it readable? + return FILE_READABLE($FQFN); +} + +// Encode strings +// @TODO Implement $compress +function encodeString ($str, $compress=true) { + $str = urlencode(base64_encode(compileUriCode($str))); + return $str; +} + +// Decode strings encoded with encodeString() +// @TODO Implement $decompress +function decodeString ($str, $decompress=true) { + $str = compileUriCode(base64_decode(urldecode(compileUriCode($str)))); + return $str; +} + +// Compile characters which are allowed in URLs +function compileUriCode ($code, $simple=true) { + // Compile constants + if (!$simple) $code = str_replace("{--", '".', str_replace("--}", '."', $code)); + + // Compile QUOT and other non-HTML codes + $code = str_replace("{DOT}", ".", + str_replace("{SLASH}", "/", + str_replace("{QUOT}", "'", + str_replace("{DOLLAR}", "$", + str_replace("{OPEN_ANCHOR}", "(", + str_replace("{CLOSE_ANCHOR}", ")", + str_replace("{OPEN_SQR}", "[", + str_replace("{CLOSE_SQR}", "]", + str_replace("{PER}", "%", + $code + ))))))))); + + // Return compiled code + return $code; +} + +// Function taken from user comments on www.php.net / function eregi() +function isUrlValid ($url) { + // Prepare URL + $url = strip_tags(str_replace("\\", "", compileUriCode(urldecode($url)))); + + // Allows http and https + $http = "(http|https)+(:\/\/)"; + // Test domain + $domain1 = "([[:alnum:]]([-[:alnum:]])*\.)?([[:alnum:]][-[:alnum:]\.]*[[:alnum:]])(\.[[:alpha:]]{2,5})?"; + // Test double-domains (e.g. .de.vu) + $domain2 = "([-[:alnum:]])?(\.[[:alnum:]][-[:alnum:]\.]*[[:alnum:]])(\.[[:alpha:]]{2,5})(\.[[:alpha:]]{2,5})?"; + // Test IP number + $ip = "([[:digit:]]{1,3})\.([[:digit:]]{1,3})\.([[:digit:]]{1,3})\.([[:digit:]]{1,3})"; + // ... directory + $dir = "((/)+([-_\.[:alnum:]])+)*"; + // ... page + $page = "/([-_[:alnum:]][-\._[:alnum:]]*\.[[:alnum:]]{2,5})?"; + // ... and the string after and including question character + $getstring1 = "([\?/]([[:alnum:]][-\._%[:alnum:]]*(=)?([-\@\._:%[:alnum:]])+)(&([[:alnum:]]([-_%[:alnum:]])*(=)?([-\@\[\._:%[:alnum:]])+(\])*))*)?"; + // Pattern for URLs like http://url/dir/doc.html?var=value + $pattern['d1dpg1'] = $http.$domain1.$dir.$page.$getstring1; + $pattern['d2dpg1'] = $http.$domain2.$dir.$page.$getstring1; + $pattern['ipdpg1'] = $http.$ip.$dir.$page.$getstring1; + // Pattern for URLs like http://url/dir/?var=value + $pattern['d1dg1'] = $http.$domain1.$dir."/".$getstring1; + $pattern['d2dg1'] = $http.$domain2.$dir."/".$getstring1; + $pattern['ipdg1'] = $http.$ip.$dir."/".$getstring1; + // Pattern for URLs like http://url/dir/page.ext + $pattern['d1dp'] = $http.$domain1.$dir.$page; + $pattern['d1dp'] = $http.$domain2.$dir.$page; + $pattern['ipdp'] = $http.$ip.$dir.$page; + // Pattern for URLs like http://url/dir + $pattern['d1d'] = $http.$domain1.$dir; + $pattern['d2d'] = $http.$domain2.$dir; + $pattern['ipd'] = $http.$ip.$dir; + // Pattern for URLs like http://url/?var=value + $pattern['d1g1'] = $http.$domain1."/".$getstring1; + $pattern['d2g1'] = $http.$domain2."/".$getstring1; + $pattern['ipg1'] = $http.$ip."/".$getstring1; + // Pattern for URLs like http://url?var=value + $pattern['d1g12'] = $http.$domain1.$getstring1; + $pattern['d2g12'] = $http.$domain2.$getstring1; + $pattern['ipg12'] = $http.$ip.$getstring1; + // Test all patterns + $reg = false; + foreach ($pattern as $key=>$pat) { + // Debug regex? + if (defined('DEBUG_REGEX')) { + $pat = str_replace("[:alnum:]", "0-9a-zA-Z", $pat); + $pat = str_replace("[:alpha:]", "a-zA-Z", $pat); + $pat = str_replace("[:digit:]", "0-9", $pat); + $pat = str_replace(".", "\.", $pat); + $pat = str_replace("@", "\@", $pat); + echo $key."= ".$pat."
"; + } + + // Check if expression matches + $reg = ($reg || preg_match(("^".$pat."^"), $url)); + + // Does it match? + if ($reg === true) break; + } + + // Return true/false + return $reg; +} + +// Smartly adds slashes +function smartAddSlashes ($unquoted) { + $unquoted = str_replace("\\", "", $unquoted); + return addslashes($unquoted); +} + +// Decode entities in a nicer way +function decodeEntities ($str) { + // @TODO We may want to switch over to UTF-8 here! + $decodedString = html_entity_decode($str, ENT_NOQUOTES, "ISO-8859-15"); + + // Return decoded string + return $decodedString; +} + +// Wtites data to a config.php-style file +// @TODO Rewrite this function to use READ_FILE() and WRITE_FILE() +function changeDataInFile ($FQFN, $comment, $prefix, $suffix, $DATA, $seek=0) { + // Initialize some variables + $done = false; + $seek++; + $next = -1; + $found = false; + + // Is the file there and read-/write-able? + if ((FILE_READABLE($FQFN)) && (is_writeable($FQFN))) { + $search = "CFG: ".$comment; + $tmp = $FQFN.".tmp"; + + // Open the source file + $fp = @fopen($FQFN, 'r') or OUTPUT_HTML("READ: ".$FQFN."
"); + + // Is the resource valid? + if (is_resource($fp)) { + // Open temporary file + $fp_tmp = @fopen($tmp, 'w') or OUTPUT_HTML("WRITE: ".$tmp."
"); + + // Is the resource again valid? + if (is_resource($fp_tmp)) { + while (!feof($fp)) { + // Read from source file + $line = fgets ($fp, 1024); + + if (strpos($line, $search) > -1) { $next = 0; $found = true; } + + if ($next > -1) { + if ($next === $seek) { + $next = -1; + $line = $prefix . $DATA . $suffix."\n"; + } else { + $next++; + } + } + + // Write to temp file + fputs($fp_tmp, $line); + } + + // Close temp file + fclose($fp_tmp); + + // Finished writing tmp file + $done = true; + } + + // Close source file + fclose($fp); + + if (($done) && ($found)) { + // Copy back tmp file and delete tmp :-) + @copy($tmp, $FQFN); + @unlink($tmp); + define('_FATAL', false); + } elseif (!$found) { + OUTPUT_HTML("CHANGE: 404!"); + define('_FATAL', true); + } else { + OUTPUT_HTML("TMP: UNDONE!"); + define('_FATAL', true); + } + } + } else { + // File not found, not readable or writeable + OUTPUT_HTML("404: ".$FQFN."
"); + } +} + ////////////////////////////////////////////////// // AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS // //////////////////////////////////////////////////