X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=d94a0336fee24b04d53de9fb23c67cc9fd9ece54;hp=f2806f6b648279ee09bbe01fa3165063fd4b8e6b;hb=307a4e11763f0914e73dc756b219356e1c29ab25;hpb=7ec9a232162634c199cc28ba050be9b4f8214e7f

diff --git a/inc/functions.php b/inc/functions.php
index f2806f6b64..d94a0336fe 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -138,8 +138,16 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) {
 
 		// Compile and run finished rendered HTML code
 		while (strpos($OUTPUT, '{!') > 0) {
-			$eval = "\$OUTPUT = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";";
-			eval($eval);
+			// Prepare the content and eval() it...
+			$newContent = "";
+			$eval = "\$newContent = \"" . COMPILE_CODE(addslashes($OUTPUT)) . "\";";
+			@eval($eval);
+
+			if (empty($newContent)) {
+				// Something went wrong!
+				die("Evaluation error:<pre>".htmlentities($eval)."</pre>");
+			}
+			$OUTPUT = $newContent;
 		}
 
 		// Output code here, DO NOT REMOVE! ;-)
@@ -360,7 +368,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML='N', $FROM="") {
 	}
 
 	// Fix HTML parameter (default is no!)
-	if (empty($HTML)) $HTML = 'N';
+	if (empty($HTML)) $HTML = "N";
 	if (isBooleanConstantAndTrue('DEBUG_MODE')) {
 		// In debug mode we want to display the mail instead of sending it away so we can debug this part
 		echo "<PRE>
@@ -369,7 +377,7 @@ To      : ".$TO."
 Subject : ".$SUBJECT."
 Message : ".$MSG."
 </PRE>\n";
-	} elseif (($HTML == 'Y') && (EXT_IS_ACTIVE("html_mail", true))) {
+	} elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail", true))) {
 		// Send mail as HTML away
 		SEND_HTML_EMAIL($TO, $SUBJECT, $MSG, $FROM);
 	} elseif (!empty($TO)) {
@@ -378,7 +386,7 @@ Message : ".$MSG."
 
 		// Send Mail away
 		SEND_RAW_EMAIL($TO, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
-	} elseif ($HTML == 'N') {
+	} elseif ($HTML == "N") {
 		// Problem found!
 		SEND_RAW_EMAIL(WEBMASTER, COMPILE_CODE($SUBJECT), COMPILE_CODE($MSG), $FROM);
 	}
@@ -676,7 +684,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") {
 
 	// Keept for backward-compatiblity (please replace these variables against our new {--CONST--} syntax!)
 	$MAIN_TITLE = MAIN_TITLE; $URL = URL; $WEBMASTER = WEBMASTER;
-	$surname = ""; $family = ""; $nick = ""; $sex = 'N';
+	$surname = ""; $family = ""; $nick = ""; $sex = "N";
 
 	// Prepare IP number and User Agent
 	$REMOTE_ADDR = getenv('REMOTE_ADDR');
@@ -814,7 +822,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") {
 		}
 	} else {
 		// Neutral sex and email address is default
-		$sex = 'N';
+		$sex = "N";
 		$email = WEBMASTER;
 	}
 
@@ -1154,10 +1162,10 @@ function ADD_SELECTION($type, $DEFAULT, $prefix="", $id="0")
 
 	case "yn":
 		$OUT .= "      <OPTION value=\"Y\"";
-		if ($DEFAULT == 'Y') $OUT .= " selected=\"selected\"";
+		if ($DEFAULT == "Y") $OUT .= " selected=\"selected\"";
 		$OUT .= ">".YES."</OPTION>
 			<OPTION value=\"N\"";
-		if ($DEFAULT == 'N') $OUT .= " selected=\"selected\"";
+		if ($DEFAULT == "N") $OUT .= " selected=\"selected\"";
 		$OUT .= ">".NO."</OPTION>\n";
 		break;
 	}
@@ -1179,15 +1187,21 @@ function TRANSLATE_YESNO($yn)
 // Deprecated : $length
 // Optional   : $DATA
 //
-function GEN_RANDOM_CODE($length, $code, $uid, $DATA="")
-{
+function GEN_RANDOM_CODE($length, $code, $uid, $DATA="") {
 	global $_CONFIG;
 
+	// Fix missing _MAX constant
+	if (!defined('_MAX')) define('_MAX', 15235);
+
 	// Build server string
 	$server = $_SERVER['PHP_SELF'].":".getenv('HTTP_USER_AGENT').":".getenv('SERVER_SOFTWARE').":".getenv('REMOTE_ADDR').":".":".filemtime(PATH."inc/databases.php");
 
 	// Build key string
-	$keys   = SITE_KEY.":".DATE_KEY.":".$_CONFIG['secret_key'].":".$_CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", $_CONFIG['patch_ctime']).":".$_CONFIG['master_salt'];
+	$keys   = SITE_KEY.":".DATE_KEY;
+	if (isset($_CONFIG['secret_key']))  $keys .= ":".$_CONFIG['secret_key'];
+	if (isset($_CONFIG['file_hash']))   $keys .= ":".$_CONFIG['file_hash'];
+	$keys .= ":".date("d-m-Y (l-F-T)", $_CONFIG['patch_ctime']);
+	if (isset($_CONFIG['master_salt'])) $keys .= ":".$_CONFIG['master_salt'];
 
 	// Build string from misc data
 	$data   = $code.":".$uid.":".$DATA;
@@ -1203,11 +1217,19 @@ function GEN_RANDOM_CODE($length, $code, $uid, $DATA="")
 	// Calculate number for generating the code
 	$a = $code + _ADD - 1;
 
-	// Generate hash with master salt from modula of number with the prime number and other data
-	$saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $_CONFIG['master_salt']);
+	if (isset($_CONFIG['master_hash'])) {
+		// Generate hash with master salt from modula of number with the prime number and other data
+		$saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, $_CONFIG['master_salt']);
+
+		// Create number from hash
+		$rcode = hexdec(substr($saltedHash, strlen($_CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+	} else {
+		// Generate hash with "hash of site key" from modula of number with the prime number and other data
+		$saltedHash = generateHash(($a % _PRIME).":".$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a, substr(sha1(SITE_KEY), 0, 8));
 
-	// Create number from hash
-	$rcode = hexdec(substr($saltedHash, strlen($_CONFIG['master_salt']), 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+		// Create number from hash
+		$rcode = hexdec(substr($saltedHash, 8, 9)) / abs(_MAX - $a + sqrt(_ADD)) / pi();
+	}
 
 	// At least 10 numbers shall be secure enought!
 	$len = $_CONFIG['code_length'];
@@ -1650,6 +1672,16 @@ function ADD_EMAIL_NAV($PAGES, $offset, $show_form, $colspan, $return=false) {
 
 //
 function MXCHANGE_OPEN ($script) {
+	global $_CONFIG;
+	// Default is not to use proxy
+	$useProxy = true;
+
+	// Are proxy settins set?
+	if ((!empty($_CONFIG['proxy_host'])) && ($_CONFIG['proxy_port'] > 0)) {
+		// Then use it
+		$useProxy = true;
+	}
+
 	//* DEBUG */ print("SCRIPT=".$script."<br />\n");
 	// Compile the script name
 	$script = COMPILE_CODE($script);
@@ -1663,7 +1695,7 @@ function MXCHANGE_OPEN ($script) {
 		$extract = explode("/", $url);
 		$url = $extract[0];
 		// Done extracting the URL :)
-	}
+	} // END - if
 
 	// Extract host name
 	$host = str_replace("http://", "", $url);
@@ -1684,17 +1716,62 @@ function MXCHANGE_OPEN ($script) {
 
 	// Open connection
 	//* DEBUG */ die("SCRIPT=".$script."<br />\n");
-	$fp = @fsockopen($host, 80, $errno, $errdesc, 30);
-	if (!$fp) {
-		// Failed!
-		return array("", "", "");
+	if ($useProxy) {
+		$fp = @fsockopen(COMPILE_CODE($_CONFIG['proxy_host']), $_CONFIG['proxy_port'], $errno, $errdesc, 30);
+	} else {
+		$fp = @fsockopen($host, 80, $errno, $errdesc, 30);
 	}
 
-	// Generate request header
-	$request  = "GET /".trim($script)." HTTP/1.0\r\n";
+	// Is there a link?
+	if (!is_resource($fp)) {
+		// Failed!
+		return array("", "", "");
+	} // END - if
+
+	// Do we use proxy?
+	if ($useProxy) {
+		// Generate CONNECT request header
+		$request  = "CONNECT ".$host.":80 HTTP/1.1\r\n";
+		$request .= "Host: ".$host."\r\n";
+
+		// Use login data to proxy? (username at least!)
+		if (!empty($_CONFIG['proxy_username'])) {
+			// Add it as well
+			$encodedAuth = base64_encode(COMPILE_CODE($_CONFIG['proxy_username']).":".COMPILE_CODE($_CONFIG['proxy_password']));
+			$request .= "Proxy-Authorization: Basic ".$encodedAuth."\r\n";
+		} // END - if
+
+		// Add last new-line
+		$request .= "\r\n";
+		//* DEBUG: */ print("<strong>Request:</strong><pre>".$request."</pre>");
+
+		// Write request
+		fputs($fp, $request);
+
+		// Got response?
+		if (feof($fp)) {
+			// No response received
+			return array("", "", "");
+		} // END - if
+
+		// Read the first line
+		$resp = trim(fgets($fp, 10240));
+		$respArray = explode(" ", $resp);
+		if ((strtolower($respArray[0]) !== "http/1.0") || ($respArray[1] != "200")) {
+			// Invalid response!
+			return array("", "", "");
+		} // END - if
+	} // END - if
+	
+	// Generate GET request header
+	$request  = "GET /".trim($script)." HTTP/1.1\r\n";
 	$request .= "Host: ".$host."\r\n";
 	$request .= "Referer: ".URL."/admin.php\r\n";
-	$request .= "User-Agent: ".TITLE."/".FULL_VERSION."\r\n\r\n";
+	$request .= "User-Agent: ".TITLE."/".FULL_VERSION."\r\n";
+	$request .= "Content-Type: text/plain\r\n";
+	$request .= "Cache-Control: no-cache\r\n";
+	$request .= "Connection: Close\r\n\r\n";
+	//* DEBUG: */ print("<strong>Request:</strong><pre>".$request."</pre>");
 
 	// Initialize array
 	$response = array();
@@ -1705,16 +1782,25 @@ function MXCHANGE_OPEN ($script) {
 	// Read response
 	while(!feof($fp)) {
 		$response[] = trim(fgets($fp, 1024));
-	}
+	} // END - while
 
 	// Close socket
 	fclose($fp);
 
+	//* DEBUG: */ print("<strong>Response:</strong><pre>".print_r($response, true)."</pre>");
+
+	// Proxy agent found?
+	if ((substr(strtolower($response[0]), 0, 11) == "proxy-agent") && ($useProxy)) {
+		// Proxy header detected, so remove two lines
+		array_shift($response);
+		array_shift($response);
+	} // END - if
+
 	// Was the request successfull?
-	if ((!ereg("200 OK", $response[0])) && (empty($response[0]))) {
+	if ((!eregi("200 OK", $response[0])) || (empty($response[0]))) {
 		// Not found / access forbidden
 		$response = array("", "", "");
-	}
+	} // END - if
 
 	// Return response
 	return $response;
@@ -1824,11 +1910,11 @@ function CREATE_EMAIL_LINK($email, $table="admins") {
 function generateHash ($plainText, $salt = "") {
 	global $_CONFIG, $_SERVER;
 
-	// Is the required extension "sql_patches" there?
-	if ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) {
+	// Is the required extension "sql_patches" there and a salt is not given?
+	if (((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) && (empty($salt))) {
 		// Extension sql_patches is missing/outdated so we return the plain text
 		return $plainText;
-	}
+	} // END - if
 
 	// When the salt is empty build a new one, else use the first x configured characters as the salt
 	if ($salt == "") {
@@ -2082,6 +2168,7 @@ function DISPLAY_PARSING_TIME_FOOTER() {
 // Unset/set session variables
 function set_session ($var, $value) {
 	global $CSS;
+
 	// Abort in CSS mode here
 	if ($CSS == 1) return true;
 
@@ -2099,6 +2186,9 @@ function set_session ($var, $value) {
 		//* DEBUG: */ echo "SET:".$var."=".$value."<br />\n";
 		$_SESSION[$var] =  $value;
 		return session_register($var);
+	} elseif (!empty($value)) {
+		// Update session
+		$_SESSION[$var] = $value;
 	}
 
 	// Return always true if the session variable is already set.
@@ -2121,8 +2211,6 @@ function isSessionVariableSet($var) {
 
 // Returns wether the value of the session variable or NULL if not set
 function get_session($var) {
-	if (!isset($_SESSION)) session_start();
-
 	// Default is not found! ;-)
 	$value = null;
 
@@ -2137,21 +2225,20 @@ function get_session($var) {
 }
 
 //
-//////////////////////////////////////////////
-//                                          //
-// AUTOMATICALLY RE-GNERATED FUNCTIONS ONLY //
-//                                          //
-//////////////////////////////////////////////
+//////////////////////////////////////////////////
+//                                              //
+// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
+//                                              //
+//////////////////////////////////////////////////
 //
-if (!function_exists('html_entity_decode'))
-{
+if (!function_exists('html_entity_decode')) {
 	// Taken from documentation on www.php.net
-	function html_entity_decode($string)
-	{
+	function html_entity_decode($string) {
 		$trans_tbl = get_html_translation_table(HTML_ENTITIES);
 		$trans_tbl = array_flip($trans_tbl);
 		return strtr($string, $trans_tbl);
 	}
 }
+
 //
 ?>