X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=e255045bb0f459f463401a1a8cc05877383636b2;hp=6472c604482a1bdffe92f20d6e89ded56d5ee194;hb=4bd12d7c844163f67cca3489aa0b6c9af61d8adb;hpb=5f8c1a333627cd0145f778a6eebdb251f5bb40b6 diff --git a/inc/functions.php b/inc/functions.php index 6472c60448..e255045bb0 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -38,7 +38,7 @@ if (!defined('__SECURITY')) { } // Check if our config file is writeable or not -function is_INCWritable($inc) { +function IS_INC_WRITEABLE($inc) { // Generate FQFN $fqfn = sprintf("%sinc/%s.php", PATH, $inc); @@ -132,7 +132,8 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { default: // Huh, something goes wrong or maybe you have edited config.php ??? - die ("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid renderer %s detected.", OUTPUT_MODE)); + MXCHANGE_DIE("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); break; } } elseif ((_OB_CACHING == "on") && ($footer == 1)) { @@ -142,6 +143,19 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Clear output buffer for later output ob_end_clean(); + // Send HTTP header + header("HTTP/1.1 200"); + + // Used later + $now = gmdate('D, d M Y H:i:s') . ' GMT'; + + // General headers for no caching + header("Expired: " . $now); // RFC2616 - Section 14.21 + header("Last-Modified: " . $now); + header("Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0"); // HTTP/1.1 + header("Pragma: no-cache"); // HTTP/1.0 + header("Connection: Close"); + // Extension "rewrite" installed? if ((EXT_IS_ACTIVE("rewrite")) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); @@ -219,23 +233,27 @@ function LOAD_TEMPLATE($template, $return=false, $content=array()) { $template = strtolower($template); // Count the template load - if (!isset($_CONFIG['num_templates'])) $_CONFIG['num_templates'] = 0; - $_CONFIG['num_templates']++; + incrementConfigEntry('num_templates'); + + // Prepare IP number and User Agent + $REMOTE_ADDR = GET_REMOTE_ADDR(); + if (!defined('REMOTE_ADDR')) define('REMOTE_ADDR', $REMOTE_ADDR); + $HTTP_USER_AGENT = GET_USER_AGENT(); // Init some data $ret = ""; if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0; - // @DEPRECATED Try to remove this if() block + // @DEPRECATED Try to rewrite the if() condition if ($template == "member_support_form") { // Support request of a member - $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array($GLOBALS['userid']), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT userid, gender, surname, family, email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", + array($GLOBALS['userid']), __FILE__, __LINE__); // Is content an array? if (is_array($content)) { // Merge data - $content = array_merge($content, SQL_FETCHARRAY($result)); + $content = merge_array($content, SQL_FETCHARRAY($result)); // Translate gender $content['gender'] = TRANSLATE_GENDER($content['gender']); @@ -245,6 +263,7 @@ function LOAD_TEMPLATE($template, $return=false, $content=array()) { // Translate gender $gender = TRANSLATE_GENDER($gender); + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("DEPRECATION-WARNING: content is not array (%s).", gettype($content))); } // Free result @@ -319,7 +338,7 @@ function LOAD_TEMPLATE($template, $return=false, $content=array()) { $tmpl_file = implode("", file($file)); // Replace ' to our own chars to preventing them being quoted - while (strpos($tmpl_file, "\'") !== false) { $tmpl_file = str_replace("\'", '{QUOT}', $tmpl_file); } + while (strpos($tmpl_file, "'") !== false) { $tmpl_file = str_replace("'", '{QUOT}', $tmpl_file); } // Do we have to compile the code? $ret = ""; @@ -382,7 +401,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") { return; } else { // Load email address - $result_email = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); + $result_email = SQL_QUERY_ESC("SELECT email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", array(bigintval($TO)), __FILE__, __LINE__); //* DEBUG: */ print __FUNCTION__."(".__LINE__."):numRows=".SQL_NUMROWS($result_email)."\n"; // Does the user exist? @@ -435,15 +454,12 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML = "N", $FROM = "") { if (empty($HTML)) $HTML = "N"; if (isBooleanConstantAndTrue('DEBUG_MODE')) { // In debug mode we want to display the mail instead of sending it away so we can debug this part - echo "
+ print(" ".htmlentities(trim($FROM))." To : ".$TO." Subject : ".$SUBJECT." Message : ".$MSG." -\n"; - - // Log the mail away - if (defined('DEBUG_MAIL')) DEBUG_LOG(__FUNCTION__, __LINE__, "to={$TO},subject={$SUBJECT},msg={$MSG}"); +
".htmlentities(trim($FROM))." To : ".$TO." Subject : ".$SUBJECT." Message : ".$MSG." -
"); + debug_print_backtrace(); + die("
"); debug_print_backtrace(); @@ -1999,10 +2033,10 @@ function generateHash ($plainText, $salt = "") { $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(PATH."inc/databases.php"); // Build key string - $keys = SITE_KEY.":".DATE_KEY.":".$_CONFIG['secret_key'].":".$_CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", bigintval($_CONFIG['patch_ctime'])).":".$_CONFIG['master_salt']; + $keys = SITE_KEY.":".DATE_KEY.":".getConfig('secret_key').":".getConfig('file_hash').":".date("d-m-Y (l-F-T)", bigintval(getConfig('patch_ctime'))).":".getConfig('master_salt'); // Additional data - $data = $plainText.":".uniqid(rand(), true).":".time(); + $data = $plainText.":".uniqid(mt_rand(), true).":".time(); // Calculate number for generating the code $a = time() + _ADD - 1; @@ -2016,11 +2050,11 @@ function generateHash ($plainText, $salt = "") { //* DEBUG: */ echo "Descrambled=".$sha1b." (".strlen($sha1b).")"; // Generate the password salt string - $salt = substr($sha1, 0, $_CONFIG['salt_length']); + $salt = substr($sha1, 0, getConfig('salt_length')); //* DEBUG: */ echo $salt." (".strlen($salt).")"; } else { // Use given salt - $salt = substr($salt, 0, $_CONFIG['salt_length']); + $salt = substr($salt, 0, getConfig('salt_length')); //* DEBUG: */ echo "GIVEN={$salt}\n"; } @@ -2029,8 +2063,6 @@ function generateHash ($plainText, $salt = "") { } // function scrambleString($str) { - global $_CONFIG; - // Init $scrambled = ""; @@ -2040,7 +2072,7 @@ function scrambleString($str) { return $str; } elseif (strlen($str) == 40) { // From database - $scrambleNums = explode(":", $_CONFIG['pass_scramble']); + $scrambleNums = explode(":", getConfig('pass_scramble')); } else { // Generate new numbers $scrambleNums = explode(":", genScrambleString(strlen($str))); @@ -2062,12 +2094,11 @@ function scrambleString($str) { } // function descrambleString($str) { - global $_CONFIG; // Scramble only 40 chars long strings if (strlen($str) != 40) return $str; // Load numbers from config - $scrambleNums = explode(":", $_CONFIG['pass_scramble']); + $scrambleNums = explode(":", getConfig('pass_scramble')); // Validate numbers if (count($scrambleNums) != 40) return $str; @@ -2110,8 +2141,8 @@ function genScrambleString($len) { } // Append data like session ID or referal ID to the given URL which would // normally be stored in cookies -function ADD_URL_DATA($URL) { - global $_CONFIG; +function ADD_URL_DATA ($URL) { + // Init add $ADD = ""; // Determine URL binder @@ -2123,9 +2154,9 @@ function ADD_URL_DATA($URL) { if ((!empty($_GET['refid'])) && (strpos($URL, "refid=") == 0)) { // Cookie found in URL $ADD .= $BIND."refid=".bigintval($_GET['refid']); - } elseif ((GET_EXT_VERSION("sql_patches") != '') && ($_CONFIG['def_refid'] > 0)) { + } elseif ((GET_EXT_VERSION("sql_patches") != '') && (getConfig('def_refid') > 0)) { // Not found! So let's set default here - $ADD .= $BIND."refid=".$_CONFIG['def_refid']; + $ADD .= $BIND."refid=".getConfig('def_refid'); } // Is there already added data? Then change the binder @@ -2146,18 +2177,16 @@ function ADD_URL_DATA($URL) { } // Generate an PGP-like encrypted hash of given hash for e.g. cookies function generatePassString($passHash) { - global $_CONFIG; - // Return vanilla password hash $ret = $passHash; // Is a secret key and master salt already initialized? - if ((!empty($_CONFIG['secret_key'])) && (!empty($_CONFIG['master_salt']))) { + if ((getConfig('secret_key') != "") && (getConfig('master_salt') != "")) { // Only calculate when the secret key is generated $newHash = ""; $start = 9; for ($idx = 0; $idx < 10; $idx++) { $part1 = hexdec(substr($passHash, $start, 4)); - $part2 = hexdec(substr($_CONFIG['secret_key'], $start, 4)); + $part2 = hexdec(substr(getConfig('secret_key'), $start, 4)); $mod = dechex($idx); if ($part1 > $part2) { $mod = dechex(sqrt(($part1 - $part2) * _PRIME / pi())); @@ -2172,7 +2201,7 @@ function generatePassString($passHash) { } // END - for //* DEBUG: */ print($passHash."".$newHash." (".strlen($newHash).")"); - $ret = generateHash($newHash, $_CONFIG['master_salt']); + $ret = generateHash($newHash, getConfig('master_salt')); //* DEBUG: */ print($ret."\n"); } else { // Hash it simple @@ -2215,14 +2244,14 @@ function mxchange_die ($msg) { // Display parsing time and number of SQL queries in footer function DISPLAY_PARSING_TIME_FOOTER() { - global $startTime, $_CONFIG; - $endTime = microtime(true); - // Is the timer started? if (!isset($GLOBALS['startTime'])) { // Abort here return false; - } + } // END - if + + // Get end time + $endTime = microtime(true); // "Explode" both times $start = explode(" ", $GLOBALS['startTime']); @@ -2234,8 +2263,8 @@ function DISPLAY_PARSING_TIME_FOOTER() { // Prepare output $content = array( 'runtime' => $runTime, - 'numSQLs' => ($_CONFIG['sql_count'] + 1), - 'numTemplates' => ($_CONFIG['num_templates'] + 1) + 'numSQLs' => (getConfig('sql_count') + 1), + 'numTemplates' => (getConfig('num_templates') + 1) ); // Load the template @@ -2278,23 +2307,23 @@ function set_session ($var, $value) { // Check wether a boolean constant is set // Taken from user comments in PHP documentation for function constant() function isBooleanConstantAndTrue($constName) { // : Boolean - global $constCache; + global $cacheArray; // Failed by default $res = false; // In cache? - if (isset($constCache[$constName])) { + if (isset($cacheArray['const'][$constName])) { // Use cache //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$constName."-CACHE!\n"; - $res = $constCache[$constName]; + $res = $cacheArray['const'][$constName]; } else { // Check constant //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$constName."-RESOLVE!\n"; if (defined($constName)) $res = (constant($constName) === true); // Set cache - $constCache[$constName] = $res; + $cacheArray['const'][$constName] = $res; } //* DEBUG: */ var_dump($res); @@ -2303,12 +2332,12 @@ function isBooleanConstantAndTrue($constName) { // : Boolean } // Check wether a session variable is set -function isSessionVariableSet($var) { +function isSessionVariableSet ($var) { //* DEBUG: */ print __FUNCTION__."(".__LINE__."):var={$var}\n"; return (isset($_SESSION[$var])); } // Returns wether the value of the session variable or NULL if not set -function get_session($var) { +function get_session ($var) { global $cacheArray; // Default is not found! ;-) @@ -2317,9 +2346,11 @@ function get_session($var) { // Is the variable there or cached values? if (isset($cacheArray['session'][$var])) { // Get cached value (skips a lot SQL_ESCAPE() calles! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$var."-CACHE!\n"; $value = $cacheArray['session'][$var]; } elseif (isSessionVariableSet($var)) { // Then get it secured! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$var."-RESOLVE!\n"; $value = SQL_ESCAPE($_SESSION[$var]); // Cache the value @@ -2362,12 +2393,12 @@ function merge_array ($array1, $array2) { die("
".print_r($cacheArray['themes'], true)."