X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=a930b877d89aab98b24aa25f652c571dde683bad;hp=a0d62bc53d17c42b32bafde9c87568ae0eee3e0b;hb=1f507f190ba73b50dc005b6d5597422f239b3761;hpb=ee309e90a4fe02c44d668ac6c736c72b969339ab

diff --git a/inc/functions.php b/inc/functions.php
index a0d62bc53d..a930b877d8 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -114,8 +114,10 @@ function OUTPUT_HTML ($HTML, $newLine = true) {
 		// Output cached HTML code
 		$OUTPUT = ob_get_contents();
 
-		// Clear output buffer for later output
-		clearOutputBuffer();
+		// Clear output buffer for later output if output is found
+		if (!empty($OUTPUT)) {
+			clearOutputBuffer();
+		} // END - if
 
 		// Send HTTP header
 		header("HTTP/1.1 200");
@@ -139,8 +141,8 @@ function OUTPUT_HTML ($HTML, $newLine = true) {
 		while (strpos($OUTPUT, '{!') > 0) {
 			// Prepare the content and eval() it...
 			$newContent = "";
-			$eval = "\$newContent = \"".COMPILE_CODE(SQL_ESCAPE($OUTPUT))."\";";
-			@eval($eval);
+			$eval = "\$newContent = \"".COMPILE_CODE(smartAddSlashes($OUTPUT))."\";";
+			eval($eval);
 
 			// Was that eval okay?
 			if (empty($newContent)) {
@@ -160,7 +162,7 @@ function OUTPUT_HTML ($HTML, $newLine = true) {
 
 		// Compile and run finished rendered HTML code
 		while (strpos($OUTPUT, '{!') > 0) {
-			$eval = "\$OUTPUT = \"".COMPILE_CODE(SQL_ESCAPE($OUTPUT))."\";";
+			$eval = "\$OUTPUT = \"".COMPILE_CODE(smartAddSlashes($OUTPUT))."\";";
 			eval($eval);
 		} // END - while
 
@@ -345,7 +347,7 @@ function LOAD_TEMPLATE ($template, $return=false, $content=array()) {
 		$ret = "";
 		if ((strpos($tmpl_file, "\$") !== false) || (strpos($tmpl_file, '{--') !== false) || (strpos($tmpl_file, '--}') > 0)) {
 			// Okay, compile it!
-			$tmpl_file = "\$ret=\"".COMPILE_CODE(SQL_ESCAPE($tmpl_file))."\";";
+			$tmpl_file = "\$ret=\"".COMPILE_CODE(smartAddSlashes($tmpl_file))."\";";
 			eval($tmpl_file);
 		} else {
 			// Simply return loaded code
@@ -354,7 +356,7 @@ function LOAD_TEMPLATE ($template, $return=false, $content=array()) {
 
 		// Add surrounding HTML comments to help finding bugs faster
 		$ret = "<!-- Template ".$template." - Start -->\n".$ret."<!-- Template ".$template." - End -->\n";
-	} elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!isBooleanConstantAndTrue('mxchange_installed')))) {
+	} elseif ((IS_ADMIN()) || ((isInstalling()) && (!isBooleanConstantAndTrue('mxchange_installed')))) {
 		// Only admins shall see this warning or when installation mode is active
 		$ret = "<br /><span class=\"guest_failed\">".TEMPLATE_404."</span><br />
 (".basename($FQFN).")<br />
@@ -391,7 +393,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") {
 	//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):TO={$TO},SUBJECT={$SUBJECT}<br />\n";
 
 	// Compile subject line (for POINTS constant etc.)
-	$eval = "\$SUBJECT = decodeEntities(\"".COMPILE_CODE(SQL_ESCAPE($SUBJECT))."\");";
+	$eval = "\$SUBJECT = decodeEntities(\"".COMPILE_CODE(smartAddSlashes($SUBJECT))."\");";
 	eval($eval);
 
 	// Set from header
@@ -444,11 +446,11 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") {
 	}
 
 	// Compile "TO"
-	$eval = "\$TO = \"".COMPILE_CODE(SQL_ESCAPE($TO))."\";";
+	$eval = "\$TO = \"".COMPILE_CODE(smartAddSlashes($TO))."\";";
 	eval($eval);
 
 	// Compile "MSG"
-	$eval = "\$MSG = \"".COMPILE_CODE(SQL_ESCAPE($MSG))."\";";
+	$eval = "\$MSG = \"".COMPILE_CODE(smartAddSlashes($MSG))."\";";
 	eval($eval);
 
 	// Fix HTML parameter (default is no!)
@@ -868,7 +870,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") {
 
 		// Run code
 		$tmpl_file = "\$newContent = decodeEntities(\"".COMPILE_CODE($tmpl_file)."\");";
-		@eval($tmpl_file);
+		eval($tmpl_file);
 	} elseif (!empty($template)) {
 		// Template file not found!
 		$newContent = "{--TEMPLATE_404--}: ".$template."<br />
@@ -901,7 +903,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") {
 	return COMPILE_CODE($newContent);
 }
 //
-function MAKE_TIME($H, $M, $S, $stamp) {
+function MAKE_TIME ($H, $M, $S, $stamp) {
 	// Extract day, month and year from given timestamp
 	$DAY   = date("d", $stamp);
 	$MONTH = date("m", $stamp);
@@ -911,7 +913,7 @@ function MAKE_TIME($H, $M, $S, $stamp) {
 	return mktime($H, $M, $S, $MONTH, $DAY, $YEAR);
 }
 //
-function LOAD_URL($URL, $addUrlData=true) {
+function LOAD_URL ($URL, $addUrlData=true) {
 	// Compile out URI codes
 	$URL = compileUriCode($URL);
 
@@ -922,7 +924,7 @@ function LOAD_URL($URL, $addUrlData=true) {
 	}
 
 	// Get output buffer
-	//* DEBUG: */ debug_report_bug();
+	//* DEBUG: */ debug_report_bug(sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL));
 	$OUTPUT = ob_get_contents();
 
 	// Clear it only if there is content
@@ -2294,7 +2296,7 @@ function DISPLAY_PARSING_TIME_FOOTER() {
 
 // Check wether a boolean constant is set
 // Taken from user comments in PHP documentation for function constant()
-function isBooleanConstantAndTrue($constName) { // : Boolean
+function isBooleanConstantAndTrue ($constName) { // : Boolean
 	// Failed by default
 	$res = false;
 
@@ -2302,11 +2304,15 @@ function isBooleanConstantAndTrue($constName) { // : Boolean
 	if (isset($GLOBALS['cache_array']['const'][$constName])) {
 		// Use cache
 		//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ".$constName."-CACHE!<br />\n";
-		$res = $GLOBALS['cache_array']['const'][$constName];
+		$res = ($GLOBALS['cache_array']['const'][$constName] === true);
 	} else {
 		// Check constant
 		//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ".$constName."-RESOLVE!<br />\n";
-		if (defined($constName)) $res = (constant($constName) === true);
+		if (defined($constName)) {
+			// Found!
+			//* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ".$constName."-FOUND!<br />\n";
+			$res = (constant($constName) === true);
+		} // END - if
 
 		// Set cache
 		$GLOBALS['cache_array']['const'][$constName] = $res;
@@ -2371,14 +2377,14 @@ function GET_CURR_THEME() {
 			// Fix it to default
 			$ret = "default";
 		} // END - if
-	} elseif ((!isBooleanConstantAndTrue('mxchange_installed')) && ((isBooleanConstantAndTrue('mxchange_installing')) || ($GLOBALS['output_mode'] == true)) && ((REQUEST_ISSET_GET(('theme'))) || (REQUEST_ISSET_POST(('theme'))))) {
+	} elseif ((!isBooleanConstantAndTrue('mxchange_installed')) && ((isInstalling()) || ($GLOBALS['output_mode'] == true)) && ((REQUEST_ISSET_GET(('theme'))) || (REQUEST_ISSET_POST(('theme'))))) {
 		// Prepare FQFN for checking
-		$theme = sprintf("%stheme/%s/theme.php", constant('PATH'), SQL_ESCAPE(REQUEST_GET('theme')));
+		$theme = sprintf("%stheme/%s/theme.php", constant('PATH'), REQUEST_GET(('theme')));
 
 		// Installation mode active
 		if ((REQUEST_ISSET_GET(('theme'))) && (FILE_READABLE($theme))) {
 			// Set cookie from URL data
-			set_session('mxchange_theme', SQL_ESCAPE(REQUEST_GET('theme')));
+			set_session('mxchange_theme', REQUEST_GET(('theme')));
 		} elseif (FILE_READABLE(sprintf("%stheme/%s/theme.php", constant('PATH'), SQL_ESCAPE(REQUEST_POST('theme'))))) {
 			// Set cookie from posted data
 			set_session('mxchange_theme', SQL_ESCAPE(REQUEST_POST('theme')));
@@ -2679,7 +2685,7 @@ function convertCodeToMessage ($code) {
 
 		case constant('CODE_EXTENSION_PROBLEM'):
 			if (REQUEST_ISSET_GET(('ext'))) {
-				$msg = sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), SQL_ESCAPE(REQUEST_GET('ext')));
+				$msg = sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), REQUEST_GET(('ext')));
 			} else {
 				$msg = getMessage('EXTENSION_PROBLEM_UNSET_EXT');
 			}
@@ -3384,6 +3390,11 @@ function DETERMINE_REFID () {
 	return $GLOBALS['refid'];
 }
 
+// Check wether we are installing
+function isInstalling () {
+	return (isset($GLOBALS['mxchange_installing']));
+}
+
 //////////////////////////////////////////////////
 // AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
 //////////////////////////////////////////////////