X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=d5a4f20347509cd0f2b2833ad90ad51290228827;hp=0e6812343dd13ad168e9a40de97110632a002f35;hb=6586600d8020147192e5f28ca2a3a0153f774d3c;hpb=9958d6a82e0f13377b855f386bd2b1f13c75f22b diff --git a/inc/functions.php b/inc/functions.php index 0e6812343d..d5a4f20347 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -39,11 +39,20 @@ if (!defined('__SECURITY')) { // Check if our config file is writeable or not function is_INCWritable($inc) { - $fp = @fopen(PATH."inc/".$inc.".php", 'a'); + // Generate FQFN + $fqfn = sprintf("%sinc/%s.php", PATH, $inc); + + // Abort by simple test + if ((FILE_READABLE($fqfn)) && (!is_writeable($fqfn))) { + return false; + } // END - if + + // Test if we can append data + $fp = @fopen($fqfn, 'a'); if ($inc == "dummy") { // Remove dummy file @fclose($fp); - return @unlink(PATH."inc/dummy.php"); + return @unlink($fqfn); } else { // Close all other files return @fclose($fp); @@ -123,7 +132,8 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { default: // Huh, something goes wrong or maybe you have edited config.php ??? - die ("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid renderer %s detected.", OUTPUT_MODE)); + MXCHANGE_DIE("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); break; } } elseif ((_OB_CACHING == "on") && ($footer == 1)) { @@ -133,9 +143,23 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Clear output buffer for later output ob_end_clean(); - if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { + // Send HTTP header + header("HTTP/1.1 200"); + + // Used later + $now = gmdate('D, d M Y H:i:s') . ' GMT'; + + // General headers for no caching + header("Expired: " . $now); // RFC2616 - Section 14.21 + header("Last-Modified: " . $now); + header("Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0"); // HTTP/1.1 + header("Pragma: no-cache"); // HTTP/1.0 + header("Connection: Close"); + + // Extension "rewrite" installed? + if ((EXT_IS_ACTIVE("rewrite")) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); - } + } // END - if // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { @@ -144,26 +168,27 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { $eval = "\$newContent = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; @eval($eval); + // Was that eval okay? if (empty($newContent)) { // Something went wrong! die("Evaluation error:
".htmlentities($eval)."
"); - } + } // END - if $OUTPUT = $newContent; - } + } // END - while // Output code here, DO NOT REMOVE! ;-) OUTPUT_RAW($OUTPUT); } elseif ((OUTPUT_MODE == "render") && (!empty($OUTPUT))) { // Rewrite links when rewrite extension is active - if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { + if ((EXT_IS_ACTIVE("rewrite")) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); - } + } // END - if // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { $eval = "\$OUTPUT = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; eval($eval); - } + } // END - while // Output code here, DO NOT REMOVE! ;-) OUTPUT_RAW($OUTPUT); @@ -173,29 +198,34 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Output the raw HTML code function OUTPUT_RAW ($HTML) { // Output stripped HTML code to avoid broken JavaScript code, etc. - echo stripslashes($HTML); + echo stripslashes(stripslashes($HTML)); // Flush the output if only _OB_CACHING is not "on" if (_OB_CACHING != "on") { // Flush it flush(); - } + } // END - if } // Add a fatal error message to the queue array function ADD_FATAL ($message, $extra="") { global $FATAL; + if (empty($extra)) { // Regular text message to add to $FATAL $FATAL[] = $message; } else { // $message is text with a mask plus extras to insert into the text - $FATAL[] = sprintf($message, $extra); + $message = sprintf($message, $extra); + $FATAL[] = $message; } + + // Log fatal messages away + DEBUG_LOG(__FUNCTION__, __LINE__, " message={$message}"); } // Load a template file and return it's content (only it's name; do not use ' or ") -function LOAD_TEMPLATE($template, $return=false, $content="") { +function LOAD_TEMPLATE($template, $return=false, $content=array()) { // Add more variables which you want to use in your template files global $DATA, $_CONFIG, $username; @@ -210,31 +240,31 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { $ret = ""; if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0; - // @DEPRECATED Try to remove this if() block + // @DEPRECATED Try to rewrite the if() condition if ($template == "member_support_form") { // Support request of a member - $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array($GLOBALS['userid']), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", + array($GLOBALS['userid']), __FILE__, __LINE__); - // @TODO Merge this data into $content - list($gender, $surname, $family, $email) = SQL_FETCHROW($result); + // Is content an array? + if (is_array($content)) { + // Merge data + $content = array_merge($content, SQL_FETCHARRAY($result)); - // Translate gender - $gender = TRANSLATE_GENDER($gender); + // Translate gender + $content['gender'] = TRANSLATE_GENDER($content['gender']); + } else { + // DEPRECATED: Load data in direct variables + list($gender, $surname, $family, $email) = SQL_FETCHROW($result); - // Insert data if content is an array - if (is_array($content)) { - // Please switch to $content[bla] in all your templates! Direct - // variables are deprecated as of 09/13/2008. - $content['gender'] = $gender; - $content['surname'] = $surname; - $content['family'] = $family; - $content['email'] = $email; - } // END - if + // Translate gender + $gender = TRANSLATE_GENDER($gender); + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("DEPRECATION-WARNING: content is not array (%s).", gettype($content))); + } // Free result SQL_FREERESULT($result); - } + } // END - if // Generate date/time string $date_time = MAKE_DATETIME(time(), "1"); @@ -325,12 +355,16 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { (".basename($file).")

".TEMPLATE_CONTENT." -
".print_r($content, true)."
+
".print_r($content, true)."
".TEMPLATE_DATA." -
".print_r($DATA, true)."
+
".print_r($DATA, true)."


"; } + // Remove content and data + unset($content); + unset($DATA); + // Do we have some content to output or return? if (!empty($ret)) { // Not empty so let's put it out! ;) @@ -348,20 +382,23 @@ function LOAD_TEMPLATE($template, $return=false, $content="") { } // Send mail out to an email address -function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = 'N', $FROM = "") { +function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") { + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):TO={$TO},SUBJECT={$SUBJECT}
\n"; + // Compile subject line (for POINTS constant etc.) $eval = "\$SUBJECT = html_entity_decode(\"".COMPILE_CODE(addslashes($SUBJECT))."\");"; eval($eval); // Set from header if ((!eregi("@", $TO)) && ($TO > 0)) { - // Value detected, load email from database + // Value detected, is the message extension installed? if (EXT_IS_ACTIVE("msg")) { ADD_MESSAGE_TO_BOX($TO, $SUBJECT, $MSG, $HTML); return; } else { // Load email address $result_email = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):numRows=".SQL_NUMROWS($result_email)."
\n"; // Does the user exist? if (SQL_NUMROWS($result_email)) { @@ -379,6 +416,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = 'N', $FROM = "") { // Is the webmaster! $TO = WEBMASTER; } + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):TO={$TO}
\n"; // Check for PHPMailer or debug-mode if (!CHECK_PHPMAILER_USAGE()) { @@ -404,25 +442,32 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = 'N', $FROM = "") { $eval = "\$TO = \"".COMPILE_CODE(addslashes($TO))."\";"; eval($eval); + // Compile "MSG" + $eval = "\$MSG = \"".COMPILE_CODE(addslashes($MSG))."\";"; + eval($eval); + // Fix HTML parameter (default is no!) if (empty($HTML)) $HTML = "N"; if (isBooleanConstantAndTrue('DEBUG_MODE')) { // In debug mode we want to display the mail instead of sending it away so we can debug this part - echo "
+		echo "
 ".htmlentities(trim($FROM))."
 To      : ".$TO."
 Subject : ".$SUBJECT."
 Message : ".$MSG."
-
\n";
-	} elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail", true))) {
+
\n"; + + // Log the mail away + if (defined('DEBUG_MAIL')) DEBUG_LOG(__FUNCTION__, __LINE__, "to={$TO},subject={$SUBJECT},msg={$MSG}"); + } elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail"))) { // Send mail as HTML away SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM); } elseif (!empty($TO)) { // Send Mail away - SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM); + SEND_RAW_EMAIL($TO, $SUBJECT, $MSG, $FROM); } elseif ($HTML == "N") { // Problem found! - SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM); + SEND_RAW_EMAIL(WEBMASTER, "[PROBLEM:]".$SUBJECT, $MSG, $FROM); } } @@ -465,7 +510,7 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { $mail->WordWrap = 70; $mail->IsHTML(true); } else { - $mail->Body = $msg; + $mail->Body = html_entity_decode($msg); } $mail->AddAddress($to, ""); $mail->AddReplyTo(WEBMASTER,MAIN_TITLE); @@ -474,7 +519,7 @@ function SEND_RAW_EMAIL ($to, $subject, $msg, $from) { $mail->Send(); } else { // Use legacy mail() command - @mail($to, $subject, $msg, $from); + @mail($to, $subject, html_entity_decode($msg), $from); } } // @@ -494,13 +539,13 @@ function GEN_PASS($LEN = 0) { $PASS = ""; for ($i = 0; $i < $LEN; $i++) { $PASS .= $ABC[mt_rand(0, sizeof($ABC) -1)]; - } + } // END - for // When the size is below 40 we can also add additional security by scrambling it if (strlen($PASS) <= 40) { // Also scramble the password $PASS = scrambleString($PASS); - } + } // END - if // Return the password return $PASS; @@ -524,6 +569,9 @@ function MAKE_DATETIME ($time, $mode="0") case "1": $ret = strtolower(date("d.m.Y - H:i", $time)); break; case "2": $ret = date("d.m.Y|H:i", $time); break; case "3": $ret = date("d.m.Y", $time); break; + default: + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); + break; } break; @@ -533,37 +581,39 @@ function MAKE_DATETIME ($time, $mode="0") case "1": $ret = date("Y-m-d - g:i A", $time); break; case "2": $ret = date("y-m-d|H:i", $time); break; case "3": $ret = date("y-m-d", $time); break; + default: + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid date mode %s detected.", $mode)); + break; } } return $ret; } // Translates the american decimal dot into a german comma -function TRANSLATE_COMMA ($dotted, $cut=true) { +function TRANSLATE_COMMA ($dotted, $cut=true, $max=0) { global $_CONFIG; // Default is 3 you can change this in admin area "Misc -> Misc Options" if (empty($_CONFIG['max_comma'])) $_CONFIG['max_comma'] = "3"; + + // Use from config is default $maxComma = $_CONFIG['max_comma']; + // Use from parameter? + if ($max > 0) $maxComma = $max; + // Cut zeros off? - if ($cut) { + if (($cut) && ($max == 0)) { // Test for commata if in cut-mode $com = explode(".", $dotted); - if (count($com) > 1) { - // Commata found, so only zeros? - if ($com[1] == str_repeat("0", strlen($com[1]))) { - // Only zeros, so don't display them - $maxComma = 0; - } // END - if - } else { + if (count($com) < 2) { // Don't display commatas even if there are none... ;-) $maxComma = 0; } } // END - if // Debug log - //DEBUG_LOG(__FUNCTION__.":dotted={$dotted},maxComma={$maxComma}"); + //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, "dotted={$dotted},maxComma={$maxComma}"); // Translate it now switch (GET_LANGUAGE()) { @@ -582,7 +632,13 @@ function TRANSLATE_COMMA ($dotted, $cut=true) { // function DEREFERER ($URL) { - $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL))); + // Don't de-refer our own links! + if (substr($URL, 0, strlen(URL)) != URL) { + // De-refer this link + $URL = URL."/modules.php?module=loader&url=".urlencode(base64_encode(gzcompress($URL))); + } // END - if + + // Return link return $URL; } @@ -598,24 +654,6 @@ function TRANSLATE_GENDER ($gender) { return $ret; } // -function GET_POOL_TYPE($PT) { - // Unknown pool type is default - $ret = POOL_UNKNOWN." (".$PT.")"; - - // Generate constant name - $constantName = sprintf("POOL_%s", $PT); - - // Is the type known? - if (defined($constantName)) { - // Prepare eval command - $eval = sprintf("\$ret = %s;", $constantName); - eval($eval); - } // END - if - - // Return result - return $ret; -} -// function FRAMETESTER($URL) { // Prepare frametester URL $frametesterUrl = sprintf("%s/modules.php?module=frametester&url=%s", @@ -654,7 +692,13 @@ function TRANSLATE_STATUS($status) { $ret = ACCOUNT_LOCKED; break; + case "": + case null: + $ret = ACCOUNT_DELETED; + break; + default: + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status)); $ret = UNKNOWN_STATUS_1.$status.UNKNOWN_STATUS_2; break; } @@ -662,19 +706,22 @@ function TRANSLATE_STATUS($status) { } // function GET_LANGUAGE() { - if (!empty($_GET['mx_lang'])) { - // Accept only first 2 chars - $lang = substr($_GET['mx_lang'], 0, 2); - } else { - // Do nothing - $lang = ""; - } + global $cacheArray; // Set default return value to default language from config $ret = DEFAULT_LANG; - // Check GET variable and cookie - if (!empty($lang)) { + // Init variable + $lang = ""; + + // Is the variable set + if (!empty($_GET['mx_lang'])) { + // Accept only first 2 chars + $lang = substr($_GET['mx_lang'], 0, 2); + } elseif (isset($cacheArray['language'])) { + // Use cached + $ret = $cacheArray['language']; + } elseif (!empty($lang)) { // Check if main language file does exist if (FILE_READABLE(PATH."inc/language/".$lang.".php")) { // Okay found, so let's update cookies @@ -687,6 +734,11 @@ function GET_LANGUAGE() { // Fixes a warning before the session has the mx_lang constant if (empty($ret)) $ret = DEFAULT_LANG; } + + // Cache entry + $cacheArray['language'] = $ret; + + // Return value return $ret; } // @@ -700,7 +752,7 @@ function SET_LANGUAGE($lang) { set_session("mx_lang", $lang); } // -function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { +function LOAD_EMAIL_TEMPLATE($template, $content=array(), $UID="0") { global $DATA, $_CONFIG, $REPLACER; // Make sure all template names are lowercase! @@ -712,25 +764,25 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { // Keept for backward-compatiblity (please replace these variables against our new {!CONST!} syntax!) // No longer used: $MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER; - // Init variables (DEPRECATED! Use $content[bla] instead. - $surname = ""; - $family = ""; - $nick = ""; - $gender = "N"; - // Prepare IP number and User Agent - $REMOTE_ADDR = getenv('REMOTE_ADDR'); - $HTTP_USER_AGENT = getenv('HTTP_USER_AGENT'); + $REMOTE_ADDR = GET_REMOTE_ADDR(); + $HTTP_USER_AGENT = GET_USER_AGENT(); + // Default admin $ADMIN = MAIN_TITLE; - if (isSessionVariableSet('admin_login')) { + + // Is the admin logged in? + if (IS_ADMIN()) { + // Get admin id + $aid = GET_ADMIN_ID(get_session('admin_login')); + // Load Admin data - $result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1", - array(get_session('admin_login')), __FILE__, __LINE__); - list($ADMIN) = SQL_FETCHROW($result); - SQL_FREERESULT($result); + $ADMIN = GET_ADMIN_EMAIL($aid); } // END - if + // Neutral email address is default + $email = WEBMASTER; + // Expiration in a nice output format if ($_CONFIG['auto_purge'] == 0) { // Will never expire! @@ -749,50 +801,40 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { $content['expiration'] = $EXPIRATION; } // END - if - // @TODO Try to rewrite this part - if ($template == "add-points") { - if (isset($_POST['points'])) { - $points = bigintval($_POST['points']); - } else { - $points = __POINTS_VALUE; - } - } // END - if - // Load user's data + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):UID={$UID},template={$template}
\n"; if ($UID > 0) { if (EXT_IS_ACTIVE("nickname")) { + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):NICKNAME!
\n"; // Load nickname $result = SQL_QUERY_ESC("SELECT surname, family, gender, email, nickname FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($UID)), __FILE__, __LINE__); - list($surname, $family, $gender, $email, $nick) = SQL_FETCHROW($result); - SQL_FREERESULT($result); } else { - // Load normal data + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):NO-NICK!
\n"; + /// Load normal data $result = SQL_QUERY_ESC("SELECT surname, family, gender, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($UID)), __FILE__, __LINE__); - list($surname, $family, $gender, $email) = SQL_FETCHROW($result); - SQL_FREERESULT($result); } - } else { - // Neutral gender and email address is default - $gender = "N"; - $email = WEBMASTER; - } - // Translate M to male or F to female - $gender = TRANSLATE_GENDER($gender); + // Is content an array? + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):content[]=".gettype($content)."
\n"; + if (is_array($content)) { + // Fetch and migrate data + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):content()=".count($content)." - PRE
\n"; + $content = array_merge($content, SQL_FETCHARRAY($result)); + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):content()=".count($content)." - AFTER
\n"; + } // END - if - // Insert data if content is an array - if (is_array($content)) { - // Please do no longer use direct variable names, use $content[bla] - // instead. - $content['gender'] = $gender; - $content['surname'] = $surname; - $content['family'] = $family; - $content['email'] = $email; - $content['nick'] = $nick; + // Free result + SQL_FREERESULT($result); } // END - if + // Translate M to male or F to female if present + if (isset($content['gender'])) $content['gender'] = TRANSLATE_GENDER($content['gender']); + + // Overwrite email from data if present + if (isset($content['email'])) $email = $content['email']; + // Store email for some functions in global data array $DATA['email'] = $email; @@ -831,22 +873,19 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { $newContent = ""; if (FILE_READABLE($file)) { // The local file does exists so we load it. :) - $tmpl_file = @implode("", @file($file)); + $tmpl_file = implode("", file($file)); $tmpl_file = addslashes($tmpl_file); // Run code - $tmpl_file = "\$newContent=\"".COMPILE_CODE($tmpl_file)."\";"; - eval($tmpl_file); - - // Replace HTML conform chars - $newContent = html_entity_decode($newContent); + $tmpl_file = "\$newContent=html_entity_decode(\"".COMPILE_CODE($tmpl_file)."\");"; + @eval($tmpl_file); } elseif (!empty($template)) { // Template file not found! $newContent = TEMPLATE_404.": ".$template."
".TEMPLATE_CONTENT." -
".print_r($newContent, true)."
+
".print_r($content, true)."
".TEMPLATE_DATA." -
".print_r($DATA, true)."
+
".print_r($DATA, true)."


"; // Debug mode not active? Then remove the HTML tags @@ -859,9 +898,14 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") { // Is there some content? if (empty($newContent)) { // Compiling failed - $newContent = "Compiler error for template {$template}!"; + $newContent = "Compiler error for template {$template}!\nUncompiled content:\n".$tmpl_file; + if (function_exists('error_get_last')) $newContent .= "\n--------------------------------------\nDebug:\n".print_r(error_get_last(), true)."--------------------------------------\nPlease don't alter these informations!\nThanx."; } // END - if + // Remove content and data + unset($content); + unset($DATA); + // Return compiled content return COMPILE_CODE($newContent); } @@ -879,26 +923,28 @@ function MAKE_TIME($H, $M, $S, $stamp) { function LOAD_URL($URL, $addUrlData=true) { global $CSS, $_CONFIG, $footer; + // Compile out URI codes + $URL = COMPILE_CODE($URL); + // Check if http(s):// is there if ((substr($URL, 0, 7) != "http://") && (substr($URL, 0, 8) != "https://")) { // Make all URLs full-qualified $URL = URL."/".$URL; } - // Compile out URI codes - $URL = COMPILE_CODE($URL); - // Get output buffer $OUTPUT = ob_get_contents(); - // Clear it - ob_end_clean(); + // Clear it only if there is content + if (!empty($OUTPUT)) { + ob_end_clean(); + } // END - if // Add some data to URL if cookies are not accepted if (((!defined('__COOKIES')) || (!__COOKIES)) && ($addUrlData)) $URL = ADD_URL_DATA($URL); // Probe for bot from search engine - if ((eregi("spider", getenv('HTTP_USER_AGENT'))) || (eregi("bot", getenv('HTTP_USER_AGENT'))) || (eregi("spider", getenv('HTTP_USER_AGENT')))) { + if ((eregi("spider", GET_USER_AGENT())) || (eregi("bot", GET_USER_AGENT())) || (eregi("spider", GET_USER_AGENT()))) { // Search engine bot detected so let's rewrite many chars for the link $URL = htmlentities(strip_tags($URL), ENT_QUOTES); @@ -910,7 +956,7 @@ function LOAD_URL($URL, $addUrlData=true) { print("
");
 		debug_print_backtrace();
 		die("
URL={$URL}"); - /**/ + */ @header ("Location: ".str_replace("&", "&", $URL)); } else { // Output error message @@ -923,6 +969,12 @@ function LOAD_URL($URL, $addUrlData=true) { // function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { global $SEC_CHARS, $URL_CHARS; + // Is the code a string? + if (!is_string($code)) { + // Silently return it + return $code; + } // END - if + $ARRAY = $SEC_CHARS; // Select smaller set of chars to replace when we e.g. want to compile URLs @@ -932,18 +984,18 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { if ($constants) { // BEFORE 0.2.1 : Language and data constants // WITH 0.2.1+ : Only language constants - $code = str_replace('{--', '".', str_replace('--}', '."', $code)); + $code = str_replace('{--','".', str_replace('--}','."', $code)); // BEFORE 0.2.1 : Not used // WITH 0.2.1+ : Data constants - $code = str_replace('{!', '".', str_replace("!}", '."', $code)); - } + $code = str_replace('{!','".', str_replace("!}", '."', $code)); + } // END - if // Compile QUOT and other non-HTML codes foreach ($ARRAY['to'] as $k => $to) { // Do the reversed thing as in inc/libs/security_functions.php $code = str_replace($to, $ARRAY['from'][$k], $code); - } + } // END - foreach // But shall I keep simple quotes for later use? if ($simple) $code = str_replace("\'", '{QUOT}', $code); @@ -956,22 +1008,43 @@ function COMPILE_CODE($code, $simple = false, $constants = true, $full = true) { // Replace all matches $matchesFound = array(); foreach ($matches[0] as $key => $match) { - // Avoid replacing matches multiple times - if (!isset($matchesFound[$match])) { - // Not yet replaced! - $code = str_replace($match, "\".".$match.".\"", $code); - $matchesFound[$match] = 1; - } // END - if + // Fuzzy look has failed by default + $fuzzyFound = false; + + // Fuzzy look on match if already found + foreach ($matchesFound as $found => $set) { + // Get test part + $test = substr($found, 0, strlen($match)); + + // Does this entry exist? + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):found={$found},match={$match},set={$set}
\n"; + if ($test == $match) { + // Match found! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):fuzzyFound!
\n"; + $fuzzyFound = true; + break; + } // END - if + } // END - foreach + + // Skip this entry? + if ($fuzzyFound) continue; // Take all string elements - if ((is_string($matches[4][$key])) && (!isset($matchesFound[$key."_".$matches[4][$key]]))) { + if ((is_string($matches[4][$key])) && (!isset($matchesFound[$match])) && (!isset($matchesFound[$key."_".$matches[4][$key]]))) { // Replace it in the code + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):key={$key},match={$match}
\n"; $newMatch = str_replace("[".$matches[4][$key]."]", "['".$matches[4][$key]."']", $match); - $code = str_replace($match, $newMatch, $code); + $code = str_replace($match, "\".".$newMatch.".\"", $code); $matchesFound[$key."_".$matches[4][$key]] = 1; - } // END - if - } - } + $matchesFound[$match] = 1; + } elseif (!isset($matchesFound[$match])) { + // Not yet replaced! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):match={$match}
\n"; + $code = str_replace($match, "\".".$match.".\"", $code); + $matchesFound[$match] = 1; + } + } // END - foreach + } // END - if // Return compiled code return $code; @@ -1029,76 +1102,86 @@ function array_pk_sort(&$array, $a_sort, $primary_key = 0, $order = -1, $nums = $array = $dummy; } // -function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0") -{ - global $MONTH_DESCR; $OUT = ""; - if ($type == "yn") - { +function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0") { + global $MONTH_DESCR, $_CONFIG; + $OUT = ""; + + if ($type == "yn") { // This is a yes/no selection only! if ($id > 0) $prefix .= "[".$id."]"; $OUT .= " \n"; } - switch ($type) - { + + switch ($type) { case "day": // Day - for ($idx = 1; $idx < 32; $idx++) - { + for ($idx = 1; $idx < 32; $idx++) { $OUT .= "\n"; } - } - else - { - // Get current year and subtract 16 (for erotic content) - $OUT .= "\n"; - $YEAR = date('Y', time()) - 16; - for ($idx = 1930; $idx <= $YEAR; $idx++) - { + } else { + // Get current year and subtract the configured minimum age + $OUT .= "\n"; + // Calculate earliest year depending on extension version + if (GET_EXT_VERSION("other") >= "0.2.1") { + // Use configured minimum age + $YEAR = date('Y', time()) - $_CONFIG['min_age']; + } else { + // Use fixed 16 years age + $YEAR = date('Y', time()) - 16; + } + + // Construct year selection list + for ($idx = $minYear; $idx <= $YEAR; $idx++) { $OUT .= "