\n");
+ } elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail"))) {
// Send mail as HTML away
SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM);
} elseif (!empty($TO)) {
- // Compile email
- $TO = COMPILE_CODE($TO);
-
// Send Mail away
- SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
+ SEND_RAW_EMAIL($TO, $SUBJECT, $MSG, $FROM);
} elseif ($HTML == "N") {
// Problem found!
- SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
+ SEND_RAW_EMAIL(WEBMASTER, "[PROBLEM:]".$SUBJECT, $MSG, $FROM);
}
}
@@ -454,7 +523,7 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) {
$mail->WordWrap = 70;
$mail->IsHTML(true);
} else {
- $mail->Body = $msg;
+ $mail->Body = html_entity_decode($msg);
}
$mail->AddAddress($to, "");
$mail->AddReplyTo(WEBMASTER,MAIN_TITLE);
@@ -463,15 +532,15 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) {
$mail->Send();
} else {
// Use legacy mail() command
- @mail($to, $subject, $msg, $from);
+ @mail($to, $subject, html_entity_decode($msg), $from);
}
}
//
// Generate a password in a specified length or use default password length
-function GEN_PASS($LEN = 0) {
- global $_CONFIG;
- if ($LEN == 0) $LEN = $_CONFIG['pass_len'];
+function GEN_PASS ($LEN = 0) {
+ // Auto-fix invalid length of zero
+ if ($LEN == 0) $LEN = getConfig('pass_len');
// Initialize array with all allowed chars
$ABC = explode(",", "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9,-,+,_,/");
@@ -483,13 +552,13 @@ function GEN_PASS($LEN = 0) {
$PASS = "";
for ($i = 0; $i < $LEN; $i++) {
$PASS .= $ABC[mt_rand(0, sizeof($ABC) -1)];
- }
+ } // END - for
// When the size is below 40 we can also add additional security by scrambling it
if (strlen($PASS) <= 40) {
// Also scramble the password
$PASS = scrambleString($PASS);
- }
+ } // END - if
// Return the password
return $PASS;
@@ -513,6 +582,9 @@ function MAKE_DATETIME ($time, $mode="0")
case "1": $ret = strtolower(date("d.m.Y - H:i", $time)); break;
case "2": $ret = date("d.m.Y|H:i", $time); break;
case "3": $ret = date("d.m.Y", $time); break;
+ default:
+ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode));
+ break;
}
break;
@@ -522,37 +594,39 @@ function MAKE_DATETIME ($time, $mode="0")
case "1": $ret = date("Y-m-d - g:i A", $time); break;
case "2": $ret = date("y-m-d|H:i", $time); break;
case "3": $ret = date("y-m-d", $time); break;
+ default:
+ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode));
+ break;
}
}
return $ret;
}
// Translates the american decimal dot into a german comma
-function TRANSLATE_COMMA ($dotted, $cut=true) {
+function TRANSLATE_COMMA ($dotted, $cut=true, $max=0) {
global $_CONFIG;
// Default is 3 you can change this in admin area "Misc -> Misc Options"
- if (empty($_CONFIG['max_comma'])) $_CONFIG['max_comma'] = "3";
- $maxComma = $_CONFIG['max_comma'];
+ if (getConfig('max_comma') == null) $_CONFIG['max_comma'] = "3";
+
+ // Use from config is default
+ $maxComma = getConfig('max_comma');
+
+ // Use from parameter?
+ if ($max > 0) $maxComma = $max;
// Cut zeros off?
- if ($cut) {
+ if (($cut) && ($max == 0)) {
// Test for commata if in cut-mode
$com = explode(".", $dotted);
- if (count($com) > 1) {
- // Commata found, so only zeros?
- if ($com[1] == str_repeat("0", strlen($com[1]))) {
- // Only zeros, so don't display them
- $maxComma = 0;
- } // END - if
- } else {
+ if (count($com) < 2) {
// Don't display commatas even if there are none... ;-)
$maxComma = 0;
}
} // END - if
// Debug log
- //DEBUG_LOG(__FUNCTION__.":dotted={$dotted},maxComma={$maxComma}");
+ //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, "dotted={$dotted},maxComma={$maxComma}");
// Translate it now
switch (GET_LANGUAGE()) {
@@ -571,7 +645,13 @@ function TRANSLATE_COMMA ($dotted, $cut=true) {
//
function DEREFERER ($URL) {
- $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL)));
+ // Don't de-refer our own links!
+ if (substr($URL, 0, strlen(URL)) != URL) {
+ // De-refer this link
+ $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL)));
+ } // END - if
+
+ // Return link
return $URL;
}
@@ -587,24 +667,6 @@ function TRANSLATE_GENDER ($gender) {
return $ret;
}
//
-function GET_POOL_TYPE($PT) {
- // Unknown pool type is default
- $ret = POOL_UNKNOWN." (".$PT.")";
-
- // Generate constant name
- $constantName = sprintf("POOL_%s", $PT);
-
- // Is the type known?
- if (defined($constantName)) {
- // Prepare eval command
- $eval = sprintf("\$ret = %s;", $constantName);
- eval($eval);
- } // END - if
-
- // Return result
- return $ret;
-}
-//
function FRAMETESTER($URL) {
// Prepare frametester URL
$frametesterUrl = sprintf("%s/modules.php?module=frametester&url=%s",
@@ -643,7 +705,13 @@ function TRANSLATE_STATUS($status) {
$ret = ACCOUNT_LOCKED;
break;
+ case "":
+ case null:
+ $ret = ACCOUNT_DELETED;
+ break;
+
default:
+ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status));
$ret = UNKNOWN_STATUS_1.$status.UNKNOWN_STATUS_2;
break;
}
@@ -651,19 +719,22 @@ function TRANSLATE_STATUS($status) {
}
//
function GET_LANGUAGE() {
- if (!empty($_GET['mx_lang'])) {
- // Accept only first 2 chars
- $lang = substr($_GET['mx_lang'], 0, 2);
- } else {
- // Do nothing
- $lang = "";
- }
+ global $cacheArray;
// Set default return value to default language from config
$ret = DEFAULT_LANG;
- // Check GET variable and cookie
- if (!empty($lang)) {
+ // Init variable
+ $lang = "";
+
+ // Is the variable set
+ if (!empty($_GET['mx_lang'])) {
+ // Accept only first 2 chars
+ $lang = substr($_GET['mx_lang'], 0, 2);
+ } elseif (isset($cacheArray['language'])) {
+ // Use cached
+ $ret = $cacheArray['language'];
+ } elseif (!empty($lang)) {
// Check if main language file does exist
if (FILE_READABLE(PATH."inc/language/".$lang.".php")) {
// Okay found, so let's update cookies
@@ -676,12 +747,15 @@ function GET_LANGUAGE() {
// Fixes a warning before the session has the mx_lang constant
if (empty($ret)) $ret = DEFAULT_LANG;
}
+
+ // Cache entry
+ $cacheArray['language'] = $ret;
+
+ // Return value
return $ret;
}
//
function SET_LANGUAGE($lang) {
- global $_CONFIG;
-
// Accept only first 2 chars!
$lang = substr(SQL_ESCAPE(strip_tags($lang)), 0, 2);
@@ -689,8 +763,8 @@ function SET_LANGUAGE($lang) {
set_session("mx_lang", $lang);
}
//
-function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") {
- global $DATA, $_CONFIG, $REPLACER;
+function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") {
+ global $DATA, $REPLACER, $_CONFIG;
// Make sure all template names are lowercase!
$template = strtolower($template);
@@ -701,35 +775,35 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") {
// Keept for backward-compatiblity (please replace these variables against our new {!CONST!} syntax!)
// No longer used: $MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER;
- // Init variables (DEPRECATED! Use $content[bla] instead.
- $surname = "";
- $family = "";
- $nick = "";
- $gender = "N";
-
// Prepare IP number and User Agent
- $REMOTE_ADDR = getenv('REMOTE_ADDR');
- $HTTP_USER_AGENT = getenv('HTTP_USER_AGENT');
+ $REMOTE_ADDR = GET_REMOTE_ADDR();
+ $HTTP_USER_AGENT = GET_USER_AGENT();
+ // Default admin
$ADMIN = MAIN_TITLE;
- if (isSessionVariableSet('admin_login')) {
+
+ // Is the admin logged in?
+ if (IS_ADMIN()) {
+ // Get admin id
+ $aid = GET_CURRENT_ADMIN_ID();
+
// Load Admin data
- $result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array(get_session('admin_login')), __FILE__, __LINE__);
- list($ADMIN) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
+ $ADMIN = GET_ADMIN_EMAIL($aid);
} // END - if
+ // Neutral email address is default
+ $email = WEBMASTER;
+
// Expiration in a nice output format
- if ($_CONFIG['auto_purge'] == 0) {
+ if (getConfig('auto_purge') == 0) {
// Will never expire!
$EXPIRATION = MAIL_WILL_NEVER_EXPIRE;
} elseif (function_exists('CREATE_FANCY_TIME')) {
// Create nice date string
- $EXPIRATION = CREATE_FANCY_TIME($_CONFIG['auto_purge']);
+ $EXPIRATION = CREATE_FANCY_TIME(getConfig('auto_purge'));
} else {
// Display days only
- $EXPIRATION = round($_CONFIG['auto_purge']/60/60/24)." "._DAYS;
+ $EXPIRATION = round(getConfig('auto_purge')/60/60/24)." "._DAYS;
}
// Is content an array?
@@ -738,50 +812,37 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") {
$content['expiration'] = $EXPIRATION;
} // END - if
- // @TODO Try to rewrite this part
- if ($template == "add-points") {
- if (isset($_POST['points'])) {
- $points = bigintval($_POST['points']);
- } else {
- $points = __POINTS_VALUE;
- }
- } // END - if
-
// Load user's data
- if ($UID > 0) {
+ //* DEBUG: */ print __FUNCTION__."(".__LINE__."):UID={$UID},template={$template},content[]=".gettype($content)." \n";
+ if (($UID > 0) && (is_array($content))) {
+ // If nickname extension is installed, fetch nickname as well
if (EXT_IS_ACTIVE("nickname")) {
+ //* DEBUG: */ print __FUNCTION__."(".__LINE__."):NICKNAME! \n";
// Load nickname
- $result = SQL_QUERY_ESC("SELECT surname, family, gender, email, nickname FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, gender, email, nickname FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array(bigintval($UID)), __FILE__, __LINE__);
- list($surname, $family, $gender, $email, $nick) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
} else {
- // Load normal data
- $result = SQL_QUERY_ESC("SELECT surname, family, gender, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ //* DEBUG: */ print __FUNCTION__."(".__LINE__."):NO-NICK! \n";
+ /// Load normal data
+ $result = SQL_QUERY_ESC("SELECT surname, family, gender, email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array(bigintval($UID)), __FILE__, __LINE__);
- list($surname, $family, $gender, $email) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);
}
- } else {
- // Neutral gender and email address is default
- $gender = "N";
- $email = WEBMASTER;
- }
- // Translate M to male or F to female
- $gender = TRANSLATE_GENDER($gender);
+ // Fetch and merge data
+ //* DEBUG: */ print __FUNCTION__."(".__LINE__."):content()=".count($content)." - PRE \n";
+ $content = merge_array($content, SQL_FETCHARRAY($result));
+ //* DEBUG: */ print __FUNCTION__."(".__LINE__."):content()=".count($content)." - AFTER \n";
- // Insert data if content is an array
- if (is_array($content)) {
- // Please do no longer use direct variable names, use $content[bla]
- // instead.
- $content['gender'] = $gender;
- $content['surname'] = $surname;
- $content['family'] = $family;
- $content['email'] = $email;
- $content['nick'] = $nick;
+ // Free result
+ SQL_FREERESULT($result);
} // END - if
+ // Translate M to male or F to female if present
+ if (isset($content['gender'])) $content['gender'] = TRANSLATE_GENDER($content['gender']);
+
+ // Overwrite email from data if present
+ if (isset($content['email'])) $email = $content['email'];
+
// Store email for some functions in global data array
$DATA['email'] = $email;
@@ -820,22 +881,19 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") {
$newContent = "";
if (FILE_READABLE($file)) {
// The local file does exists so we load it. :)
- $tmpl_file = @implode("", @file($file));
+ $tmpl_file = implode("", file($file));
$tmpl_file = addslashes($tmpl_file);
// Run code
- $tmpl_file = "\$newContent=\"".COMPILE_CODE($tmpl_file)."\";";
- eval($tmpl_file);
-
- // Replace HTML conform chars
- $newContent = html_entity_decode($newContent);
+ $tmpl_file = "\$newContent=html_entity_decode(\"".COMPILE_CODE($tmpl_file)."\");";
+ @eval($tmpl_file);
} elseif (!empty($template)) {
// Template file not found!
$newContent = TEMPLATE_404.": ".$template."
".TEMPLATE_CONTENT."
-
".print_r($newContent, true)."
+
".print_r($content, true)."
".TEMPLATE_DATA."
-
".print_r($DATA, true)."
+
".print_r($DATA, true)."
";
// Debug mode not active? Then remove the HTML tags
@@ -848,9 +906,14 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") {
// Is there some content?
if (empty($newContent)) {
// Compiling failed
- $newContent = "Compiler error for template {$template}!";
+ $newContent = "Compiler error for template {$template}!\nUncompiled content:\n".$tmpl_file;
+ if (function_exists('error_get_last')) $newContent .= "\n--------------------------------------\nDebug:\n".print_r(error_get_last(), true)."--------------------------------------\nPlease don't alter these informations!\nThanx.";
} // END - if
+ // Remove content and data
+ unset($content);
+ unset($DATA);
+
// Return compiled content
return COMPILE_CODE($newContent);
}
@@ -866,7 +929,10 @@ function MAKE_TIME($H, $M, $S, $stamp) {
}
//
function LOAD_URL($URL, $addUrlData=true) {
- global $CSS, $_CONFIG, $footer;
+ global $CSS, $footer;
+
+ // Compile out URI codes
+ $URL = COMPILE_CODE($URL);
// Check if http(s):// is there
if ((substr($URL, 0, 7) != "http://") && (substr($URL, 0, 8) != "https://")) {
@@ -874,20 +940,24 @@ function LOAD_URL($URL, $addUrlData=true) {
$URL = URL."/".$URL;
}
- // Compile out URI codes
- $URL = COMPILE_CODE($URL);
-
// Get output buffer
+ /*
+ print "
";
+ debug_print_backtrace();
+ die("
");
+ */
$OUTPUT = ob_get_contents();
- // Clear it
- ob_end_clean();
+ // Clear it only if there is content
+ if (!empty($OUTPUT)) {
+ ob_end_clean();
+ } // END - if
// Add some data to URL if cookies are not accepted
if (((!defined('__COOKIES')) || (!__COOKIES)) && ($addUrlData)) $URL = ADD_URL_DATA($URL);
// Probe for bot from search engine
- if ((eregi("spider", getenv('HTTP_USER_AGENT'))) || (eregi("bot", getenv('HTTP_USER_AGENT'))) || (eregi("spider", getenv('HTTP_USER_AGENT')))) {
+ if ((eregi("spider", GET_USER_AGENT())) || (eregi("bot", GET_USER_AGENT()))) {
// Search engine bot detected so let's rewrite many chars for the link
$URL = htmlentities(strip_tags($URL), ENT_QUOTES);
@@ -899,7 +969,7 @@ function LOAD_URL($URL, $addUrlData=true) {
print("
");
debug_print_backtrace();
die("
URL={$URL}");
- /**/
+ */
@header ("Location: ".str_replace("&", "&", $URL));
} else {
// Output error message
@@ -912,6 +982,12 @@ function LOAD_URL($URL, $addUrlData=true) {
//
function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) {
global $SEC_CHARS, $URL_CHARS;
+ // Is the code a string?
+ if (!is_string($code)) {
+ // Silently return it
+ return $code;
+ } // END - if
+
$ARRAY = $SEC_CHARS;
// Select smaller set of chars to replace when we e.g. want to compile URLs
@@ -921,21 +997,21 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) {
if ($constants) {
// BEFORE 0.2.1 : Language and data constants
// WITH 0.2.1+ : Only language constants
- $code = str_replace('{--', '".', str_replace('--}', '."', $code));
+ $code = str_replace('{--','".', str_replace('--}','."', $code));
// BEFORE 0.2.1 : Not used
// WITH 0.2.1+ : Data constants
- $code = str_replace('{!', '".', str_replace("!}", '."', $code));
- }
+ $code = str_replace('{!','".', str_replace("!}", '."', $code));
+ } // END - if
// Compile QUOT and other non-HTML codes
foreach ($ARRAY['to'] as $k => $to) {
// Do the reversed thing as in inc/libs/security_functions.php
$code = str_replace($to, $ARRAY['from'][$k], $code);
- }
+ } // END - foreach
// But shall I keep simple quotes for later use?
- if ($simple) $code = str_replace("\'", '{QUOT}', $code);
+ if ($simple) $code = str_replace("'", '{QUOT}', $code);
// Find $content[bla][blub] entries
@preg_match_all('/\$(content|DATA)((\[([a-zA-Z0-9-_]+)\])*)/', $code, $matches);
@@ -945,22 +1021,43 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) {
// Replace all matches
$matchesFound = array();
foreach ($matches[0] as $key => $match) {
- // Avoid replacing matches multiple times
- if (!isset($matchesFound[$match])) {
- // Not yet replaced!
- $code = str_replace($match, "\".".$match.".\"", $code);
- $matchesFound[$match] = 1;
- } // END - if
+ // Fuzzy look has failed by default
+ $fuzzyFound = false;
+
+ // Fuzzy look on match if already found
+ foreach ($matchesFound as $found => $set) {
+ // Get test part
+ $test = substr($found, 0, strlen($match));
+
+ // Does this entry exist?
+ //* DEBUG: */ print __FUNCTION__."(".__LINE__."):found={$found},match={$match},set={$set} \n";
+ if ($test == $match) {
+ // Match found!
+ //* DEBUG: */ print __FUNCTION__."(".__LINE__."):fuzzyFound! \n";
+ $fuzzyFound = true;
+ break;
+ } // END - if
+ } // END - foreach
+
+ // Skip this entry?
+ if ($fuzzyFound) continue;
// Take all string elements
- if ((is_string($matches[4][$key])) && (!isset($matchesFound[$key."_".$matches[4][$key]]))) {
+ if ((is_string($matches[4][$key])) && (!isset($matchesFound[$match])) && (!isset($matchesFound[$key."_".$matches[4][$key]]))) {
// Replace it in the code
+ //* DEBUG: */ print __FUNCTION__."(".__LINE__."):key={$key},match={$match} \n";
$newMatch = str_replace("[".$matches[4][$key]."]", "['".$matches[4][$key]."']", $match);
- $code = str_replace($match, $newMatch, $code);
+ $code = str_replace($match, "\".".$newMatch.".\"", $code);
$matchesFound[$key."_".$matches[4][$key]] = 1;
- } // END - if
- }
- }
+ $matchesFound[$match] = 1;
+ } elseif (!isset($matchesFound[$match])) {
+ // Not yet replaced!
+ //* DEBUG: */ print __FUNCTION__."(".__LINE__."):match={$match} \n";
+ $code = str_replace($match, "\".".$match.".\"", $code);
+ $matchesFound[$match] = 1;
+ }
+ } // END - foreach
+ } // END - if
// Return compiled code
return $code;
@@ -1018,76 +1115,86 @@ function array_pk_sort(&$array, $a_sort, $primary_key = 0, $order = -1, $nums =
$array = $dummy;
}
//
-function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0")
-{
- global $MONTH_DESCR; $OUT = "";
- if ($type == "yn")
- {
+function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0") {
+ global $MONTH_DESCR;
+ $OUT = "";
+
+ if ($type == "yn") {
// This is a yes/no selection only!
if ($id > 0) $prefix .= "[".$id."]";
$OUT .= "