X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=e255045bb0f459f463401a1a8cc05877383636b2;hp=7857554a5ce86d1bb13e3072cc9062fc5f410941;hb=4bd12d7c844163f67cca3489aa0b6c9af61d8adb;hpb=f4ef7580792a9e424e5456369f40c75a29dbfead diff --git a/inc/functions.php b/inc/functions.php index 7857554a5c..e255045bb0 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -32,18 +32,27 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php"; require($INC); } // Check if our config file is writeable or not -function is_INCWritable($inc) { - $fp = @fopen(PATH."inc/".$inc.".php", 'a'); +function IS_INC_WRITEABLE($inc) { + // Generate FQFN + $fqfn = sprintf("%sinc/%s.php", PATH, $inc); + + // Abort by simple test + if ((FILE_READABLE($fqfn)) && (!is_writeable($fqfn))) { + return false; + } // END - if + + // Test if we can append data + $fp = @fopen($fqfn, 'a'); if ($inc == "dummy") { // Remove dummy file @fclose($fp); - return @unlink(PATH."inc/dummy.php"); + return @unlink($fqfn); } else { // Close all other files return @fclose($fp); @@ -123,7 +132,8 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { default: // Huh, something goes wrong or maybe you have edited config.php ??? - die ("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); + DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Invalid renderer %s detected.", OUTPUT_MODE)); + MXCHANGE_DIE("".FATAL_ERROR.": ".LANG_NO_RENDER_DIRECT); break; } } elseif ((_OB_CACHING == "on") && ($footer == 1)) { @@ -133,9 +143,23 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { // Clear output buffer for later output ob_end_clean(); - if ((EXT_IS_ACTIVE("rewrite", true)) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { + // Send HTTP header + header("HTTP/1.1 200"); + + // Used later + $now = gmdate('D, d M Y H:i:s') . ' GMT'; + + // General headers for no caching + header("Expired: " . $now); // RFC2616 - Section 14.21 + header("Last-Modified: " . $now); + header("Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0"); // HTTP/1.1 + header("Pragma: no-cache"); // HTTP/1.0 + header("Connection: Close"); + + // Extension "rewrite" installed? + if ((EXT_IS_ACTIVE("rewrite")) && (function_exists('REWRITE_LINKS')) && ($CSS != "1") && ($CSS != "-1")) { $OUTPUT = REWRITE_LINKS($OUTPUT); - } + } // END - if // Compile and run finished rendered HTML code while (strpos($OUTPUT, '{!') > 0) { @@ -144,26 +168,27 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) { $eval = "\$newContent = \"".COMPILE_CODE(addslashes($OUTPUT))."\";"; @eval($eval); + // Was that eval okay? if (empty($newContent)) { // Something went wrong! die("Evaluation error:
".htmlentities($eval)."
".print_r($content, true)."
".print_r($DATA, true)."
+ print(" ".htmlentities(trim($FROM))." To : ".$TO." Subject : ".$SUBJECT." Message : ".$MSG." -\n"; - } elseif (($HTML == "Y") && (EXT_IS_ACTIVE("html_mail", true))) { +
".htmlentities(trim($FROM))." To : ".$TO." Subject : ".$SUBJECT." Message : ".$MSG." -
".print_r($newContent, true)."
"); + debug_print_backtrace(); + die("
"); debug_print_backtrace(); @@ -1959,33 +2028,33 @@ function generateHash ($plainText, $salt = "") { } // END - if // When the salt is empty build a new one, else use the first x configured characters as the salt - if ($salt == "") { + if (empty($salt)) { // Build server string - $server = $_SERVER['PHP_SELF'].":".getenv('HTTP_USER_AGENT').":".getenv('SERVER_SOFTWARE').":".getenv('REMOTE_ADDR').":".":".filemtime(PATH."inc/databases.php"); + $server = $_SERVER['PHP_SELF'].":".GET_USER_AGENT().":".getenv('SERVER_SOFTWARE').":".GET_REMOTE_ADDR().":".":".filemtime(PATH."inc/databases.php"); // Build key string - $keys = SITE_KEY.":".DATE_KEY.":".$_CONFIG['secret_key'].":".$_CONFIG['file_hash'].":".date("d-m-Y (l-F-T)", bigintval($_CONFIG['patch_ctime'])).":".$_CONFIG['master_salt']; + $keys = SITE_KEY.":".DATE_KEY.":".getConfig('secret_key').":".getConfig('file_hash').":".date("d-m-Y (l-F-T)", bigintval(getConfig('patch_ctime'))).":".getConfig('master_salt'); // Additional data - $data = $plainText.":".uniqid(rand(), true).":".time(); + $data = $plainText.":".uniqid(mt_rand(), true).":".time(); // Calculate number for generating the code $a = time() + _ADD - 1; // Generate SHA1 sum from modula of number and the prime number $sha1 = sha1(($a % _PRIME).$server.":".$keys.":".$data.":".date("d-m-Y (l-F-T)", time()).":".$a); - //* DEBUG: */ echo "SHA1=".$sha1." (".strlen($sha1).")"; + //* DEBUG: */ echo "SHA1=".$sha1." (".strlen($sha1).")"; $sha1 = scrambleString($sha1); - //* DEBUG: */ echo "Scrambled=".$sha1." (".strlen($sha1).")"; + //* DEBUG: */ echo "Scrambled=".$sha1." (".strlen($sha1).")"; //* DEBUG: */ $sha1b = descrambleString($sha1); - //* DEBUG: */ echo "Descrambled=".$sha1b." (".strlen($sha1b).")"; + //* DEBUG: */ echo "Descrambled=".$sha1b." (".strlen($sha1b).")"; // Generate the password salt string - $salt = substr($sha1, 0, $_CONFIG['salt_length']); + $salt = substr($sha1, 0, getConfig('salt_length')); //* DEBUG: */ echo $salt." (".strlen($salt).")"; } else { // Use given salt - $salt = substr($salt, 0, $_CONFIG['salt_length']); + $salt = substr($salt, 0, getConfig('salt_length')); //* DEBUG: */ echo "GIVEN={$salt}\n"; } @@ -1994,8 +2063,6 @@ function generateHash ($plainText, $salt = "") { } // function scrambleString($str) { - global $_CONFIG; - // Init $scrambled = ""; @@ -2005,7 +2072,7 @@ function scrambleString($str) { return $str; } elseif (strlen($str) == 40) { // From database - $scrambleNums = explode(":", $_CONFIG['pass_scramble']); + $scrambleNums = explode(":", getConfig('pass_scramble')); } else { // Generate new numbers $scrambleNums = explode(":", genScrambleString(strlen($str))); @@ -2027,12 +2094,11 @@ function scrambleString($str) { } // function descrambleString($str) { - global $_CONFIG; // Scramble only 40 chars long strings if (strlen($str) != 40) return $str; // Load numbers from config - $scrambleNums = explode(":", $_CONFIG['pass_scramble']); + $scrambleNums = explode(":", getConfig('pass_scramble')); // Validate numbers if (count($scrambleNums) != 40) return $str; @@ -2073,10 +2139,10 @@ function genScrambleString($len) { $scrambleString = implode(":", $scrambleNumbers); return $scrambleString; } -// Append data like session ID referral ID to the given URL which would +// Append data like session ID or referal ID to the given URL which would // normally be stored in cookies -function ADD_URL_DATA($URL) { - global $_CONFIG; +function ADD_URL_DATA ($URL) { + // Init add $ADD = ""; // Determine URL binder @@ -2088,9 +2154,9 @@ function ADD_URL_DATA($URL) { if ((!empty($_GET['refid'])) && (strpos($URL, "refid=") == 0)) { // Cookie found in URL $ADD .= $BIND."refid=".bigintval($_GET['refid']); - } elseif ((GET_EXT_VERSION("sql_patches") != '') && ($_CONFIG['def_refid'] > 0)) { + } elseif ((GET_EXT_VERSION("sql_patches") != '') && (getConfig('def_refid') > 0)) { // Not found! So let's set default here - $ADD .= $BIND."refid=".$_CONFIG['def_refid']; + $ADD .= $BIND."refid=".getConfig('def_refid'); } // Is there already added data? Then change the binder @@ -2111,18 +2177,16 @@ function ADD_URL_DATA($URL) { } // Generate an PGP-like encrypted hash of given hash for e.g. cookies function generatePassString($passHash) { - global $_CONFIG; - // Return vanilla password hash $ret = $passHash; // Is a secret key and master salt already initialized? - if ((!empty($_CONFIG['secret_key'])) && (!empty($_CONFIG['master_salt']))) { + if ((getConfig('secret_key') != "") && (getConfig('master_salt') != "")) { // Only calculate when the secret key is generated $newHash = ""; $start = 9; for ($idx = 0; $idx < 10; $idx++) { $part1 = hexdec(substr($passHash, $start, 4)); - $part2 = hexdec(substr($_CONFIG['secret_key'], $start, 4)); + $part2 = hexdec(substr(getConfig('secret_key'), $start, 4)); $mod = dechex($idx); if ($part1 > $part2) { $mod = dechex(sqrt(($part1 - $part2) * _PRIME / pi())); @@ -2131,13 +2195,13 @@ function generatePassString($passHash) { } $mod = substr(round($mod), 0, 4); $mod = str_repeat('0', 4-strlen($mod)).$mod; - //* DEBUG: */ echo "*".$start."=".$mod."*"; + //* DEBUG: */ echo "*".$start."=".$mod."*"; $start += 4; $newHash .= $mod; } // END - for - //* DEBUG: */ print($passHash."".$newHash." (".strlen($newHash).")"); - $ret = generateHash($newHash, $_CONFIG['master_salt']); + //* DEBUG: */ print($passHash."".$newHash." (".strlen($newHash).")"); + $ret = generateHash($newHash, getConfig('master_salt')); //* DEBUG: */ print($ret."\n"); } else { // Hash it simple @@ -2180,14 +2244,14 @@ function mxchange_die ($msg) { // Display parsing time and number of SQL queries in footer function DISPLAY_PARSING_TIME_FOOTER() { - global $startTime, $_CONFIG; - $endTime = microtime(true); - // Is the timer started? if (!isset($GLOBALS['startTime'])) { // Abort here return false; - } + } // END - if + + // Get end time + $endTime = microtime(true); // "Explode" both times $start = explode(" ", $GLOBALS['startTime']); @@ -2199,8 +2263,8 @@ function DISPLAY_PARSING_TIME_FOOTER() { // Prepare output $content = array( 'runtime' => $runTime, - 'numSQLs' => ($_CONFIG['sql_count'] + 1), - 'numTemplates' => ($_CONFIG['num_templates'] + 1) + 'numSQLs' => (getConfig('sql_count') + 1), + 'numTemplates' => (getConfig('num_templates') + 1) ); // Load the template @@ -2230,46 +2294,74 @@ function set_session ($var, $value) { return session_register($var); } elseif (!empty($value)) { // Update session + //* DEBUG: */ echo "UPDATE:".$var."=".$value."\n"; $_SESSION[$var] = $value; - } else { - // Something bad happens! - return false; // Hope this doesn't make so much trouble??? + return true; } - // Return always true if the session variable is already set. - // Keept me busy for a longer while... + // Ignored (but valid) //* DEBUG: */ echo "IGNORED:".$var."=".$value."\n"; return true; } // Check wether a boolean constant is set // Taken from user comments in PHP documentation for function constant() -function isBooleanConstantAndTrue($constname) { // : Boolean +function isBooleanConstantAndTrue($constName) { // : Boolean + global $cacheArray; + + // Failed by default $res = false; - if (defined($constname)) $res = (constant($constname) === true); - return($res); + + // In cache? + if (isset($cacheArray['const'][$constName])) { + // Use cache + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$constName."-CACHE!\n"; + $res = $cacheArray['const'][$constName]; + } else { + // Check constant + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$constName."-RESOLVE!\n"; + if (defined($constName)) $res = (constant($constName) === true); + + // Set cache + $cacheArray['const'][$constName] = $res; + } + //* DEBUG: */ var_dump($res); + + // Return value + return $res; } // Check wether a session variable is set -function isSessionVariableSet($var) { +function isSessionVariableSet ($var) { + //* DEBUG: */ print __FUNCTION__."(".__LINE__."):var={$var}\n"; return (isset($_SESSION[$var])); } // Returns wether the value of the session variable or NULL if not set -function get_session($var) { +function get_session ($var) { + global $cacheArray; + // Default is not found! ;-) $value = null; - // Is the variable there? - if (isSessionVariableSet($var)) { + // Is the variable there or cached values? + if (isset($cacheArray['session'][$var])) { + // Get cached value (skips a lot SQL_ESCAPE() calles! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$var."-CACHE!\n"; + $value = $cacheArray['session'][$var]; + } elseif (isSessionVariableSet($var)) { // Then get it secured! + //* DEBUG: */ print __FUNCTION__."(".__LINE__."): ".$var."-RESOLVE!\n"; $value = SQL_ESCAPE($_SESSION[$var]); + + // Cache the value + $cacheArray['session'][$var] = $value; } // END - if // Return the value return $value; } // Send notification to admin -function SEND_ADMIN_NOTIFICATION($subject, $templateName, $content="", $uid="0") { +function SEND_ADMIN_NOTIFICATION($subject, $templateName, $content=array(), $uid="0") { if (GET_EXT_VERSION("admins") >= "0.4.1") { // Send new way SEND_ADMIN_EMAILS_PRO($subject, $templateName, $content, $uid); @@ -2301,12 +2393,12 @@ function merge_array ($array1, $array2) { die("
".print_r($cacheArray['themes'], true)."