X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=eb36b77d60840cef80982cc30d907c83fb9cbdd9;hp=9cd97a5890e348df795c823a58f6095aad5697a6;hb=0cbe2bfe902d26f0e99be6005140a9d8c350f017;hpb=3c8df4406f9247182f4dbe4494d62ac229a7bd28 diff --git a/inc/functions.php b/inc/functions.php index 9cd97a5890..eb36b77d60 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -1,7 +1,7 @@ {--FATAL_ERROR--}: {--LANG_NO_RENDER_DIRECT--}'); break; } // END - switch - } elseif ((getPhpCaching() == 'on') && (isset($GLOBALS['footer_sent'])) && ($GLOBALS['footer_sent'] == 1)) { - // Headers already sent? - if (headers_sent()) { - // Log this error - logDebugMessage(__FUNCTION__, __LINE__, 'Headers already sent! We need debug backtrace here.'); - - // Trigger an user error - debug_report_bug('Headers are already sent!'); - } // END - if - + } elseif ((getPhpCaching() == 'on') && ((!isset($GLOBALS['header'])) || (count($GLOBALS['header']) == 0))) { // Output cached HTML code $GLOBALS['output'] = ob_get_contents(); @@ -100,72 +94,109 @@ function outputHtml ($htmlCode, $newLine = true) { clearOutputBuffer(); } // END - if - // Send HTTP header - sendHeader('HTTP/1.1 200'); - - // Used later - $now = gmdate('D, d M Y H:i:s') . ' GMT'; - - // General headers for no caching - sendHeader('Expired: ' . $now); // RFC2616 - Section 14.21 - sendHeader('Last-Modified: ' . $now); - sendHeader('Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0'); // HTTP/1.1 - sendHeader('Pragma: no-cache'); // HTTP/1.0 - sendHeader('Connection: Close'); - sendHeader('Content-Type: ' . getContentType() . '; charset=UTF-8'); - sendHeader('Content-language: ' . getLanguage()); - // Extension 'rewrite' installed? - if ((isExtensionActive('rewrite')) && (getOutputMode() != '1')) { + if ((isExtensionActive('rewrite')) && (getOutputMode() != 1)) { $GLOBALS['output'] = rewriteLinksInCode($GLOBALS['output']); } // END - if - // Init counter - $cnt = 0; + // Send all HTTP headers + sendHttpHeaders(); // Compile and run finished rendered HTML code - while (((strpos($GLOBALS['output'], '{--') > 0) || (strpos($GLOBALS['output'], '{!') > 0) || (strpos($GLOBALS['output'], '{?') > 0)) && ($cnt < 3)) { - // Prepare the content and eval() it... - $content = array(); - $newContent = ''; - - // Compile it - $eval = "\$newContent = \"".compileCode(smartAddSlashes($GLOBALS['output']))."\";"; - eval($eval); - - // Was that eval okay? - if (empty($newContent)) { - // Something went wrong! - debug_report_bug('Evaluation error:
' . linenumberCode($eval) . '
'); - } // END - if - $GLOBALS['output'] = $newContent; - - // Count round - $cnt++; - } // END - while + compileFinalOutput(); // Output code here, DO NOT REMOVE! ;-) outputRawCode($GLOBALS['output']); } elseif ((getConfig('OUTPUT_MODE') == 'render') && (!empty($GLOBALS['output']))) { // Rewrite links when rewrite extension is active - if ((isExtensionActive('rewrite')) && (getOutputMode() != '1')) { + if ((isExtensionActive('rewrite')) && (getOutputMode() != 1)) { $GLOBALS['output'] = rewriteLinksInCode($GLOBALS['output']); } // END - if + // Send all HTTP headers + sendHttpHeaders(); + // Compile and run finished rendered HTML code - while (strpos($GLOBALS['output'], '{!') > 0) { - eval("\$GLOBALS['output'] = \"".compileCode(smartAddSlashes($GLOBALS['output']))."\";"); - } // END - while + compileFinalOutput(); // Output code here, DO NOT REMOVE! ;-) outputRawCode($GLOBALS['output']); + } else { + // And flush all headers + flushHeaders(); + } +} + +// Sends out all headers required for HTTP/1.1 reply +function sendHttpHeaders () { + // Used later + $now = gmdate('D, d M Y H:i:s') . ' GMT'; + + // Send HTTP header + sendHeader('HTTP/1.1 200'); + + // General headers for no caching + sendHeader('Expires: ' . $now); // RFC2616 - Section 14.21 + sendHeader('Last-Modified: ' . $now); + sendHeader('Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0'); // HTTP/1.1 + sendHeader('Pragma: no-cache'); // HTTP/1.0 + sendHeader('Connection: Close'); + sendHeader('Content-Type: ' . getContentType() . '; charset=UTF-8'); + sendHeader('Content-Language: ' . getLanguage()); +} + +// Compiles the final output +function compileFinalOutput () { + // Init counter + $cnt = '0'; + + // Compile all out + while (((strpos($GLOBALS['output'], '{--') > 0) || (strpos($GLOBALS['output'], '{!') > 0) || (strpos($GLOBALS['output'], '{?') > 0)) && ($cnt < 3)) { + // Init common variables + $content = array(); + $newContent = ''; + + // Compile it + $eval = "\$newContent = \"".compileCode(escapeQuotes($GLOBALS['output']))."\";"; + eval($eval); + + // Was that eval okay? + if (empty($newContent)) { + // Something went wrong! + debug_report_bug('Evaluation error:
' . linenumberCode($eval) . '
', false); + } // END - if + $GLOBALS['output'] = $newContent; + + // Count round + $cnt++; + } // END - while + + // Compress it? + if (!empty($_SERVER['HTTP_ACCEPT_ENCODING']) && (strpos('gzip', $_SERVER['HTTP_ACCEPT_ENCODING']) !== null)) { + // Compress it for HTTP gzip + $GLOBALS['output'] = gzencode($GLOBALS['output'], 9, true); + + // Add header + sendHeader('Content-Encoding: gzip'); + } elseif (!empty($_SERVER['HTTP_ACCEPT_ENCODING']) && (strpos('deflate', $_SERVER['HTTP_ACCEPT_ENCODING']) !== null)) { + // Compress it for HTTP deflate + $GLOBALS['output'] = gzcompress($GLOBALS['output'], 9); + + // Add header + sendHeader('Content-Encoding: deflate'); } + + // Add final length + sendHeader('Content-Length: ' . strlen($GLOBALS['output'])); + + // Flush all headers + flushHeaders(); } // Output the raw HTML code function outputRawCode ($htmlCode) { // Output stripped HTML code to avoid broken JavaScript code, etc. - print(stripslashes(stripslashes($htmlCode))); + print(str_replace('{BACK}', "\\", $htmlCode)); // Flush the output if only getPhpCaching() is not 'on' if (getPhpCaching() != 'on') { @@ -185,7 +216,7 @@ function getFatalArray () { } // Add a fatal error message to the queue array -function addFatalMessage ($F, $L, $message, $extra='') { +function addFatalMessage ($F, $L, $message, $extra = '') { if (is_array($extra)) { // Multiple extras for a message with masks $message = call_user_func_array('sprintf', $extra); @@ -198,14 +229,13 @@ function addFatalMessage ($F, $L, $message, $extra='') { $GLOBALS['fatal_messages'][] = $message; // Log fatal messages away - debug_report_bug($message); - logDebugMessage($F, $L, " message={$message}"); + logDebugMessage($F, $L, 'Fatal error message: ' . $message); } // Getter for total fatal message count function getTotalFatalErrors () { // Init coun - $count = 0; + $count = '0'; // Do we have at least the first entry? if (!empty($GLOBALS['fatal_messages'][0])) { @@ -218,7 +248,7 @@ function getTotalFatalErrors () { } // Load a template file and return it's content (only it's name; do not use ' or ") -function loadTemplate ($template, $return=false, $content=array()) { +function loadTemplate ($template, $return = false, $content = array()) { // @TODO Remove this sanity-check if all is fine if (!is_bool($return)) debug_report_bug('return is not bool (' . gettype($return) . ')'); @@ -226,114 +256,28 @@ function loadTemplate ($template, $return=false, $content=array()) { global $DATA; // Do we have cache? - if (!isset($GLOBALS['template_eval'][$template])) { + if (isTemplateCached($template)) { + // Evaluate the cache + eval(readTemplateCache($template)); + } elseif (!isset($GLOBALS['template_eval'][$template])) { // Add more variables which you want to use in your template files $username = getUsername(); // Make all template names lowercase $template = strtolower($template); - // Count the template load - incrementConfigEntry('num_templates'); - // Init some data $ret = ''; - if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = 0; - - // Generate date/time string - $date_time = generateDateTime(time(), '1'); - - // Is content an array - if (is_array($content)) $content['date_time'] = $date_time; - - // @DEPRECATED Try to rewrite the if() condition - if ($template == 'member_support_form') { - // Support request of a member - $result = SQL_QUERY_ESC("SELECT `userid`, `gender`, `surname`, `family`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(getUserId()), __FUNCTION__, __LINE__); - - // Is content an array? - if (is_array($content)) { - // Merge data - $content = merge_array($content, SQL_FETCHARRAY($result)); - - // Translate gender - $content['gender'] = translateGender($content['gender']); - } else { - // @DEPRECATED - // @TODO Find all templates which are using these direct variables and rewrite them. - // @TODO After this step is done, this else-block is history - list($gender, $surname, $family, $email) = SQL_FETCHROW($result); - - // Translate gender - $gender = translateGender($gender); - logDebugMessage(__FUNCTION__, __LINE__, sprintf("DEPRECATION-WARNING: content is not array [%s], template=%s.", gettype($content), $template)); - } - - // Free result - SQL_FREERESULT($result); - } // END - if + if (empty($GLOBALS['refid'])) $GLOBALS['refid'] = '0'; // Base directory $basePath = sprintf("%stemplates/%s/html/", getConfig('PATH'), getLanguage()); - $mode = ''; - - // Check for admin/guest/member templates - if (substr($template, 0, 6) == 'admin_') { - // Admin template found - $mode = 'admin/'; - } elseif (substr($template, 0, 6) == 'guest_') { - // Guest template found - $mode = 'guest/'; - } elseif (substr($template, 0, 7) == 'member_') { - // Member template found - $mode = 'member/'; - } elseif (substr($template, 0, 8) == 'install_') { - // Installation template found - $mode = 'install/'; - } elseif (substr($template, 0, 4) == 'ext_') { - // Extension template found - $mode = 'ext/'; - } elseif (substr($template, 0, 3) == 'la_') { - // 'Logical-area' template found - $mode = 'la/'; - } elseif (substr($template, 0, 3) == 'js_') { - // JavaScript template found - $mode = 'js/'; - } elseif (substr($template, 0, 5) == 'menu_') { - // Menu template found - $mode = 'menu/'; - } else { - // Test for extension - $test = substr($template, 0, strpos($template, '_')); - - // Probe for valid extension name - if (isExtensionNameValid($test)) { - // Set extra path to extension's name - $mode = $test . '/'; - } // END - if - } + $extraPath = detectExtraTemplatePath($template);; //////////////////////// // Generate file name // //////////////////////// - $FQFN = $basePath . $mode . $template . '.tpl'; - - if ((isWhatSet()) && ((strpos($template, '_header') > 0) || (strpos($template, '_footer') > 0)) && (($mode == 'guest/') || ($mode == 'member/') || ($mode == 'admin/'))) { - // Select what depended header/footer template file for admin/guest/member area - $file2 = sprintf("%s%s%s_%s.tpl", - $basePath, - $mode, - $template, - getWhat() - ); - - // Probe for it... - if (isFileReadable($file2)) $FQFN = $file2; - - // Remove variable from memory - unset($file2); - } // END - if + $FQFN = $basePath . $extraPath . $template . '.tpl'; // Does the special template exists? if (!isFileReadable($FQFN)) { @@ -343,30 +287,33 @@ function loadTemplate ($template, $return=false, $content=array()) { // Now does the final template exists? if (isFileReadable($FQFN)) { + // Count the template load + incrementConfigEntry('num_templates'); + // The local file does exists so we load it. :) $GLOBALS['tpl_content'] = readFromFile($FQFN); - // Replace ' to our own chars to preventing them being quoted - while (strpos($GLOBALS['tpl_content'], "'") !== false) { $GLOBALS['tpl_content'] = str_replace("'", '{QUOT}', $GLOBALS['tpl_content']); } - // Do we have to compile the code? $ret = ''; if ((strpos($GLOBALS['tpl_content'], '$') !== false) || (strpos($GLOBALS['tpl_content'], '{--') !== false) || (strpos($GLOBALS['tpl_content'], '{!') !== false) || (strpos($GLOBALS['tpl_content'], '{?') !== false)) { // Normal HTML output? - if ($GLOBALS['output_mode'] == 0) { + if (getOutputMode() == '0') { // Add surrounding HTML comments to help finding bugs faster - $ret = "\n" . $GLOBALS['tpl_content'] . "\n"; + $ret = '\n" . $GLOBALS['tpl_content'] . '\n"; // Prepare eval() command - $eval = '$ret = "' . compileCode(smartAddSlashes($GLOBALS['tpl_content'])) . '";'; + $eval = '$ret = "' . compileCode(escapeQuotes($ret)) . '";'; + } elseif (substr($template, 0, 3) == 'js_') { + // JavaScripts don't like entities and timings + $eval = '$ret = decodeEntities("' . compileRawCode(escapeJavaScriptQuotes($GLOBALS['tpl_content'])) . '");'; } else { - // Prepare eval() command - $eval = '$ret = "' . compileCode(smartAddSlashes($GLOBALS['tpl_content'])) . '";'; + // Prepare eval() command, other output doesn't like entities, maybe + $eval = '$ret = decodeEntities("' . compileRawCode(escapeQuotes($GLOBALS['tpl_content'])) . '");'; } } else { // Add surrounding HTML comments to help finding bugs faster - $ret = "\n" . $GLOBALS['tpl_content'] . "\n"; - $eval = '$ret = "' . smartAddSlashes($ret) . '";'; + $ret = '\n" . $GLOBALS['tpl_content'] . '\n"; + $eval = '$ret = "' . compileRawCode(escapeQuotes($ret)) . '";'; } // END - if // Cache the eval() command here @@ -374,20 +321,20 @@ function loadTemplate ($template, $return=false, $content=array()) { // Eval the code eval($GLOBALS['template_eval'][$template]); - } else { - // No file! - $GLOBALS['template_eval'][$template] = '404'; - } - } elseif (((isAdmin()) || ((isInstalling()) && (!isInstalled()))) && ($GLOBALS['template_eval'][$template] == '404')) { - // Only admins shall see this warning or when installation mode is active - $ret = '
{--TEMPLATE_404--}
+ } elseif ((isAdmin()) || ((isInstalling()) && (!isInstalled()))) { + // Only admins shall see this warning or when installation mode is active + $ret = '
{--TEMPLATE_404--}
(' . $template . ')

{--TEMPLATE_CONTENT--} 
' . print_r($content, true) . '
{--TEMPLATE_DATA--} 
' . print_r($DATA, true) . '
-

\";'; +

'; + } else { + // No file! + $GLOBALS['template_eval'][$template] = '404'; + } } else { // Eval the code eval($GLOBALS['template_eval'][$template]); @@ -400,7 +347,7 @@ function loadTemplate ($template, $return=false, $content=array()) { // Return the HTML code return $ret; } else { - // Output direct + // Output directly outputHtml($ret); } } elseif (isDebugModeEnabled()) { @@ -409,77 +356,108 @@ function loadTemplate ($template, $return=false, $content=array()) { } } +// Detects the extra template path from given template name +function detectExtraTemplatePath ($template) { + // Default is empty + $extraPath = ''; + + // Do we have cache? + if (!isset($GLOBALS['extra_path'][$template])) { + // Check for admin/guest/member/etc. templates + if (substr($template, 0, 6) == 'admin_') { + // Admin template found + $extraPath = 'admin/'; + } elseif (substr($template, 0, 6) == 'guest_') { + // Guest template found + $extraPath = 'guest/'; + } elseif (substr($template, 0, 7) == 'member_') { + // Member template found + $extraPath = 'member/'; + } elseif (substr($template, 0, 7) == 'select_') { + // Selection template found + $extraPath = 'select/'; + } elseif (substr($template, 0, 8) == 'install_') { + // Installation template found + $extraPath = 'install/'; + } elseif (substr($template, 0, 4) == 'ext_') { + // Extension template found + $extraPath = 'ext/'; + } elseif (substr($template, 0, 3) == 'la_') { + // 'Logical-area' template found + $extraPath = 'la/'; + } elseif (substr($template, 0, 3) == 'js_') { + // JavaScript template found + $extraPath = 'js/'; + } elseif (substr($template, 0, 5) == 'menu_') { + // Menu template found + $extraPath = 'menu/'; + } else { + // Test for extension + $test = substr($template, 0, strpos($template, '_')); + + // Probe for valid extension name + if (isExtensionNameValid($test)) { + // Set extra path to extension's name + $extraPath = $test . '/'; + } // END - if + } + + // Store it in cache + $GLOBALS['extra_path'][$template] = $extraPath; + } // END - if + + // Return result + return $GLOBALS['extra_path'][$template]; +} + // Loads an email template and compiles it -function loadEmailTemplate ($template, $content = array(), $UID = '0') { +function loadEmailTemplate ($template, $content = array(), $userid = '0') { global $DATA; - // Our configuration is kept non-global here - $_CONFIG = getConfigArray(); - // Make sure all template names are lowercase! $template = strtolower($template); // Default 'nickname' if extension is not installed $nick = '---'; - // Prepare IP number and User Agent - $REMOTE_ADDR = detectRemoteAddr(); - $HTTP_USER_AGENT = detectUserAgent(); - - // Default admin - $ADMIN = getConfig('MAIN_TITLE'); - - // Is the admin logged in? - if (isAdmin()) { - // Get admin id - $adminId = getCurrentAdminId(); - - // Load Admin data - $ADMIN = getAdminEmail($adminId); - } // END - if - // Neutral email address is default $email = getConfig('WEBMASTER'); - // Expiration in a nice output format - // NOTE: Use $content[expiration] in your templates instead of $EXPIRATION - if (getConfig('auto_purge') == 0) { - // Will never expire! - $EXPIRATION = getMessage('MAIL_WILL_NEVER_EXPIRE'); - } else { - // Create nice date string - $EXPIRATION = createFancyTime(getConfig('auto_purge')); - } - // Is content an array? if (is_array($content)) { - // Add expiration to array, $EXPIRATION is now deprecated! - $content['expiration'] = $EXPIRATION; + // Add expiration to array + if ((isConfigEntrySet('auto_purge')) && (getConfig('auto_purge') == '0')) { + // Will never expire! + $content['expiration'] = getMessage('MAIL_WILL_NEVER_EXPIRE'); + } elseif (isConfigEntrySet('auto_purge')) { + // Create nice date string + $content['expiration'] = createFancyTime(getConfig('auto_purge')); + } else { + // Missing entry + $content['expiration'] = getMessage('MAIL_NO_CONFIG_AUTO_PURGE'); + } } // END - if // Load user's data - //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):UID={$UID},template={$template},content[]=".gettype($content)."
"); - if (($UID > 0) && (is_array($content))) { + //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):UID={$userid},template={$template},content[]=".gettype($content).'
'); + if (($userid > 0) && (is_array($content))) { // If nickname extension is installed, fetch nickname as well - if (isExtensionActive('nickname')) { + if ((isExtensionActive('nickname')) && (isNicknameUsed($userid))) { //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):NICKNAME!
"); - // Load nickname - $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `gender`, `email`, `nickname` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($UID)), __FUNCTION__, __LINE__); + // Load by nickname + fetchUserData($userid, 'nickname'); } else { //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):NO-NICK!
"); - /// Load normal data - $result = SQL_QUERY_ESC("SELECT `surname`, `family`, `gender`, `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($UID)), __FUNCTION__, __LINE__); + /// Load by userid + fetchUserData($userid); } - // Fetch and merge data + // Merge data if valid //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):content()=".count($content)." - PRE
"); - $content = merge_array($content, SQL_FETCHARRAY($result)); + if (isUserDataValid()) { + $content = merge_array($content, getUserDataArray()); + } // END - if //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):content()=".count($content)." - AFTER
"); - - // Free result - SQL_FREERESULT($result); } // END - if // Translate M to male or F to female if present @@ -489,37 +467,22 @@ function loadEmailTemplate ($template, $content = array(), $UID = '0') { if (isset($content['email'])) $email = $content['email']; // Store email for some functions in global data array + // @TODO Do only use $content, not $DATA or raw variables $DATA['email'] = $email; // Base directory $basePath = sprintf("%stemplates/%s/emails/", getConfig('PATH'), getLanguage()); - // Check for admin/guest/member templates - if (substr($template, 0, 6) == 'admin_') { - // Admin template found - $FQFN = $basePath.'admin/' . $template.'.tpl'; - } elseif (substr($template, 0, 6) == 'guest_') { - // Guest template found - $FQFN = $basePath.'guest/' . $template.'.tpl'; - } elseif (substr($template, 0, 7) == 'member_') { - // Member template found - $FQFN = $basePath.'member/' . $template.'.tpl'; - } else { - // Test for extension - $test = substr($template, 0, strpos($template, '_')); - if (isExtensionNameValid($test)) { - // Set extra path to extension's name - $FQFN = $basePath . $test.'/' . $template.'.tpl'; - } else { - // No special filename - $FQFN = $basePath . $template.'.tpl'; - } - } + // Detect extra path + $extraPath = detectExtraTemplatePath($template); + + // Generate full FQFN + $FQFN = $basePath . $extraPath . $template . '.tpl'; // Does the special template exists? if (!isFileReadable($FQFN)) { // Reset to default template - $FQFN = $basePath . $template.'.tpl'; + $FQFN = $basePath . $template . '.tpl'; } // END - if // Now does the final template exists? @@ -527,19 +490,18 @@ function loadEmailTemplate ($template, $content = array(), $UID = '0') { if (isFileReadable($FQFN)) { // The local file does exists so we load it. :) $GLOBALS['tpl_content'] = readFromFile($FQFN); - $GLOBALS['tpl_content'] = SQL_ESCAPE($GLOBALS['tpl_content']); // Run code - $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileCode($GLOBALS['tpl_content'])."\");"; + $GLOBALS['tpl_content'] = "\$newContent = decodeEntities(\"".compileRawCode(escapeQuotes($GLOBALS['tpl_content']))."\");"; eval($GLOBALS['tpl_content']); } elseif (!empty($template)) { // Template file not found! - $newContent = "{--TEMPLATE_404--}: " . $template."
+ $newContent = '{--TEMPLATE_404--}: ' . $template . '
{--TEMPLATE_CONTENT--} -
".print_r($content, true)."
+
' . print_r($content, true) . '
{--TEMPLATE_DATA--} -
".print_r($DATA, true)."
-

"; +
' . print_r($DATA, true) . '
+

'; // Debug mode not active? Then remove the HTML tags if (!isDebugModeEnabled()) $newContent = secureString($newContent); @@ -551,7 +513,8 @@ function loadEmailTemplate ($template, $content = array(), $UID = '0') { // Is there some content? if (empty($newContent)) { // Compiling failed - $newContent = "Compiler error for template {$template}!\nUncompiled content:\n" . $GLOBALS['tpl_content']; + $newContent = "Compiler error for template " . $template . " !\nUncompiled content:\n" . $GLOBALS['tpl_content']; + // Add last error if the required function exists if (function_exists('error_get_last')) $newContent .= "\n--------------------------------------\nDebug:\n".print_r(error_get_last(), true)."--------------------------------------\nPlease don't alter these informations!\nThanx."; } // END - if @@ -560,10 +523,6 @@ function loadEmailTemplate ($template, $content = array(), $UID = '0') { unset($content); unset($DATA); - // Compile the code and eval it - $eval = '$newContent = "' . compileCode(smartAddSlashes($newContent)) . '";'; - eval($eval); - // Return content return $newContent; } @@ -573,7 +532,7 @@ function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = ' //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):TO={$toEmail},SUBJECT={$subject}
"); // Compile subject line (for POINTS constant etc.) - eval("\$subject = decodeEntities(\"".compileCode(smartAddSlashes($subject))."\");"); + eval("\$subject = decodeEntities(\"".compileRawCode(escapeQuotes($subject))."\");"); // Set from header if ((!eregi('@', $toEmail)) && ($toEmail > 0)) { @@ -583,22 +542,14 @@ function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = ' ADD_MESSAGE_TO_BOX($toEmail, $subject, $message, $isHtml); return; } else { - // Load email address - $result_email = SQL_QUERY_ESC("SELECT `email` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `userid`=%s LIMIT 1", - array(bigintval($toEmail)), __FUNCTION__, __LINE__); - //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):numRows=".SQL_NUMROWS($result_email)."
"); - // Does the user exist? - if (SQL_NUMROWS($result_email)) { - // Load email address - list($toEmail) = SQL_FETCHROW($result_email); + if (fetchUserData($toEmail)) { + // Get the email + $toEmail = getUserData('email'); } else { // Set webmaster $toEmail = getConfig('WEBMASTER'); } - - // Free result - SQL_FREERESULT($result_email); } } elseif ($toEmail == '0') { // Is the webmaster! @@ -627,21 +578,21 @@ function sendEmail ($toEmail, $subject, $message, $isHtml = 'N', $mailHeader = ' } // Compile "TO" - eval("\$toEmail = \"".compileCode(smartAddSlashes($toEmail))."\";"); + eval("\$toEmail = \"".compileRawCode(escapeQuotes($toEmail))."\";"); // Compile "MSG" - eval("\$message = \"".compileCode(smartAddSlashes($message))."\";"); + eval("\$message = \"".str_replace('$', '$', compileRawCode(escapeQuotes($message)))."\";"); // Fix HTML parameter (default is no!) if (empty($isHtml)) $isHtml = 'N'; if (isDebugModeEnabled()) { // In debug mode we want to display the mail instead of sending it away so we can debug this part - outputHtml("
-".htmlentities(trim($mailHeader))."
-To      : " . $toEmail."
-Subject : " . $subject."
-Message : " . $message."
-
\n"); + outputHtml('
+Headers : ' . htmlentities(utf8_decode(trim($mailHeader))) . '
+To      : ' . htmlentities(utf8_decode($toEmail)) . '
+Subject : ' . htmlentities(utf8_decode($subject)) . '
+Message : ' . htmlentities(utf8_decode($message)) . '
+
'); } elseif (($isHtml == 'Y') && (isExtensionActive('html_mail'))) { // Send mail as HTML away sendHtmlEmail($toEmail, $subject, $message, $mailHeader); @@ -654,7 +605,7 @@ Message : " . $message." } } -// Check if legacy or PHPMailer command +// Check to use wether legacy mail() command or PHPMailer class // @TODO Rewrite this to an extension 'smtp' // @private function checkPhpMailerUsage() { @@ -663,6 +614,12 @@ function checkPhpMailerUsage() { // Send out a raw email with PHPMailer class or legacy mail() command function sendRawEmail ($toEmail, $subject, $message, $from) { + // Just compile all again, to put out all configs, etc. + eval('$toEmail = decodeEntities("' . compileRawCode(escapeQuotes($toEmail)) . '");'); + eval('$subject = decodeEntities("' . compileRawCode(escapeQuotes($subject)) . '");'); + eval('$message = decodeEntities("' . compileRawCode(escapeQuotes($message)) . '");'); + eval('$from = decodeEntities("' . compileRawCode(escapeQuotes($from)) . '");'); + // Shall we use PHPMailer class or legacy mode? if (checkPhpMailerUsage()) { // Use PHPMailer class with SMTP enabled @@ -671,6 +628,11 @@ function sendRawEmail ($toEmail, $subject, $message, $from) { // get new instance $mail = new PHPMailer(); + + // Set charset to UTF-8 + $mail->CharSet('UTF-8'); + + // Path for PHPMailer $mail->PluginDir = sprintf("%sinc/phpmailer/", getConfig('PATH')); $mail->IsSMTP(); @@ -706,16 +668,16 @@ function sendRawEmail ($toEmail, $subject, $message, $from) { } // Generate a password in a specified length or use default password length -function generatePassword ($length = 0) { +function generatePassword ($length = '0') { // Auto-fix invalid length of zero - if ($length == 0) $length = getConfig('pass_len'); + if ($length == '0') $length = getConfig('pass_len'); // Initialize array with all allowed chars $ABC = explode(',', 'a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9,-,+,_,/,.'); // Start creating password $PASS = ''; - for ($i = 0; $i < $length; $i++) { + for ($i = '0'; $i < $length; $i++) { $PASS .= $ABC[mt_rand(0, count($ABC) -1)]; } // END - for @@ -736,7 +698,7 @@ function generateDateTime ($time, $mode = '0') { $time = bigintval($time); // If the stamp is zero it mostly didn't "happen" - if ($time == 0) { + if ($time == '0') { // Never happend return getMessage('NEVER_HAPPENED'); } // END - if @@ -790,7 +752,7 @@ function translateYesNo ($yn) { // Translates the "pool type" into human-readable function translatePoolType ($type) { // Default?type is unknown - $translated = sprintf(getMessage('POOL_TYPE_UNKNOWN'), $type); + $translated = getMaskedMessage('POOL_TYPE_UNKNOWN', $type); // Generate constant $constName = sprintf("POOL_TYPE_%s", $type); @@ -806,9 +768,9 @@ function translatePoolType ($type) { } // Translates the american decimal dot into a german comma -function translateComma ($dotted, $cut = true, $max = 0) { +function translateComma ($dotted, $cut = true, $max = '0') { // Default is 3 you can change this in admin area "Misc -> Misc Options" - if (!isConfigEntrySet('max_comma')) setConfigEntry('max_comma', '3'); + if (!isConfigEntrySet('max_comma')) setConfigEntry('max_comma', 3); // Use from config is default $maxComma = getConfig('max_comma'); @@ -817,12 +779,12 @@ function translateComma ($dotted, $cut = true, $max = 0) { if ($max > 0) $maxComma = $max; // Cut zeros off? - if (($cut === true) && ($max == 0)) { + if (($cut === true) && ($max == '0')) { // Test for commata if in cut-mode $com = explode('.', $dotted); if (count($com) < 2) { // Don't display commatas even if there are none... ;-) - $maxComma = 0; + $maxComma = '0'; } } // END - if @@ -881,7 +843,7 @@ function translateUserStatus ($status) { default: logDebugMessage(__FUNCTION__, __LINE__, sprintf("Unknown status %s detected.", $status)); - $ret = sprintf(getMessage('UNKNOWN_STATUS'), $status); + $ret = getMaskedMessage('UNKNOWN_STATUS', $status); break; } // END - switch @@ -894,7 +856,7 @@ function generateDerefererUrl ($URL) { // Don't de-refer our own links! if (substr($URL, 0, strlen(getConfig('URL'))) != getConfig('URL')) { // De-refer this link - $URL = '{?URL?}/modules.php?module=loader&url=' . encodeString(compileUriCode($URL)); + $URL = '{%url=modules.php?module=loader&url=' . encodeString(compileUriCode($URL)) . '%}'; } // END - if // Return link @@ -904,7 +866,7 @@ function generateDerefererUrl ($URL) { // Generates an URL for the frametester function generateFrametesterUrl ($URL) { // Prepare frametester URL - $frametesterUrl = sprintf("{?URL?}/modules.php?module=frametester&url=%s", + $frametesterUrl = sprintf("{%%url=modules.php?module=frametester&url=%s%%}", encodeString(compileUriCode($URL)) ); @@ -921,7 +883,7 @@ function countSelection ($array) { } // END - if // Init count - $ret = 0; + $ret = '0'; // Count all entries foreach ($array as $key => $selected) { @@ -935,35 +897,31 @@ function countSelection ($array) { // Generate XHTML code for the CAPTCHA function generateCaptchaCode ($code, $type, $DATA, $userid) { - return 'Code'; + return 'Code ' . $code . ''; } // Generates a timestamp (some wrapper for mktime()) -function makeTime ($H, $M, $S, $stamp) { +function makeTime ($hours, $minutes, $seconds, $stamp) { // Extract day, month and year from given timestamp - $day = date('d', $stamp); - $month = date('m', $stamp); - $year = date('Y', $stamp); + $days = date('d', $stamp); + $months = date('m', $stamp); + $years = date('Y', $stamp); // Create timestamp for wished time which depends on extracted date - return mktime($H, $M, $S, $month, $day, $year); + return mktime( + $hours, + $minutes, + $seconds, + $months, + $days, + $years + ); } // Redirects to an URL and if neccessarry extends it with own base URL function redirectToUrl ($URL) { - // Compile out URI codes - $URL = compileUriCode($URL); - - // Check if http(s):// is there - if ((substr($URL, 0, 7) != 'http://') && (substr($URL, 0, 8) != 'https://')) { - // Make all URLs full-qualified - $URL = getConfig('URL') . '/' . $URL; - } // END - if - - // Three different debug ways... - //* DEBUG: */ debug_report_bug(sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL)); - //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $URL); - //* DEBUG: */ die($URL); + // Compile out codes + eval('$URL = "' . compileRawCode(encodeUrl($URL)) . '";'); // Default 'rel' value is external, nofollow is evil from Google and hurts the Internet $rel = ' rel="external"'; @@ -974,24 +932,23 @@ function redirectToUrl ($URL) { $rel = ''; } // END - if - // Get output buffer - $GLOBALS['output'] = ob_get_contents(); - - // Clear it only if there is content - if (!empty($GLOBALS['output'])) { - clearOutputBuffer(); - } // END - if + // Three different ways to debug... + //* DEBUG: */ debug_report_bug(sprintf("%s[%s:] URL=%s", __FUNCTION__, __LINE__, $URL)); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'URL=' . $URL); + //* DEBUG: */ die($URL); // Simple probe for bots/spiders from search engines - if ((strpos(detectUserAgent(), 'spider') !== false) || (strpos(detectUserAgent(), 'bot') !== false)) { + if (isSpider()) { // Secure the URL against bad things such als HTML insertions and so on... $URL = secureString($URL); // Output new location link as anchor outputHtml('' . $URL . ''); } elseif (!headers_sent()) { + // Clear own output buffer + $GLOBALS['output'] = ''; + // Load URL when headers are not sent - //* DEBUG: */ debug_report_bug("URL={$URL}"); sendHeader('Location: '.str_replace('&', '&', $URL)); } else { // Output error message @@ -1027,11 +984,36 @@ function compileCode ($code, $simple = false, $constants = true, $full = true) { return $code; } // END - if - // Init replacement-array with full security characters - $secChars = $GLOBALS['security_chars']; + // Start couting + $startCompile = microtime(true); + + // Comile the code + $code = compileRawCode($code, $simple, $constants, $full); + + // Get timing + $compiled = microtime(true); + + // Add timing + $code .= ''; + + // Return compiled code + return $code; +} + +// Compiles the code (use compileCode() only for HTML because of the comments) +// @TODO $simple is deprecated +function compileRawCode ($code, $simple = false, $constants = true, $full = true) { + // Is the code a string? + if (!is_string($code)) { + // Silently return it + return $code; + } // END - if - // Select smaller set of chars to replace when we e.g. want to compile URLs - if ($full === false) $secChars = $GLOBALS['url_chars']; + // Init replacement-array with smaller set of security characters + $secChars = $GLOBALS['url_chars']; + + // Select full set of chars to replace when we e.g. want to compile URLs + if ($full === true) $secChars = $GLOBALS['security_chars']; // Compile more through a filter $code = runFilterChain('compile_code', $code); @@ -1040,11 +1022,11 @@ function compileCode ($code, $simple = false, $constants = true, $full = true) { if ($constants === true) { // BEFORE 0.2.1 : Language and data constants // WITH 0.2.1+ : Only language constants - $code = str_replace('{--', "\".getMessage('", str_replace('--}', "').\"", $code)); + $code = str_replace('{--', "\" . getMessage('", str_replace('--}', "') . \"", $code)); // BEFORE 0.2.1 : Not used // WITH 0.2.1+ : Data constants - $code = str_replace('{!', "\".constant('", str_replace("!}", "').\"", $code)); + $code = str_replace('{!', "\" . constant('", str_replace('!}', "') . \"", $code)); } // END - if // Compile QUOT and other non-HTML codes @@ -1053,10 +1035,8 @@ function compileCode ($code, $simple = false, $constants = true, $full = true) { $code = str_replace($to, $secChars['from'][$k], $code); } // END - foreach - // But shall I keep simple quotes for later use? - if ($simple) $code = str_replace("'", '{QUOT}', $code); - // Find $content[bla][blub] entries + // @TODO Do only use $content and deprecate $GLOBALS and $DATA in templates preg_match_all('/\$(content|GLOBALS|DATA)((\[([a-zA-Z0-9-_]+)\])*)/', $code, $matches); // Are some matches found? @@ -1090,19 +1070,19 @@ function compileCode ($code, $simple = false, $constants = true, $full = true) { // Replace it in the code //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):key={$key},match={$match}
"); $newMatch = str_replace('[', "['", str_replace(']', "']", $match)); - $code = str_replace($match, "\"." . $newMatch.".\"", $code); + $code = str_replace($match, '".' . $newMatch . '."', $code); $matchesFound[$key . '_' . $matches[4][$key]] = 1; $matchesFound[$match] = 1; } elseif (!isset($matchesFound[$match])) { // Not yet replaced! //* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):match={$match}
"); - $code = str_replace($match, "\"." . $match.".\"", $code); + $code = str_replace($match, '".' . $match . '."', $code); $matchesFound[$match] = 1; } } // END - foreach } // END - if - // Return compiled code + // Return it return $code; } @@ -1122,7 +1102,7 @@ function compileCode ($code, $simple = false, $constants = true, $full = true) { * Sie, dass es doch nicht so schwer ist! :-) * * * ************************************************************************/ -function array_pk_sort (&$array, $a_sort, $primary_key = 0, $order = -1, $nums = false) { +function array_pk_sort (&$array, $a_sort, $primary_key = '0', $order = -1, $nums = false) { $dummy = $array; while ($primary_key < count($a_sort)) { foreach ($dummy[$a_sort[$primary_key]] as $key => $value) { @@ -1158,19 +1138,19 @@ function array_pk_sort (&$array, $a_sort, $primary_key = 0, $order = -1, $nums = } // -function addSelectionBox ($type, $default, $prefix = '', $id = '0') { +function addSelectionBox ($type, $default, $prefix = '', $id = '0', $class = 'register_select') { $OUT = ''; if ($type == 'yn') { // This is a yes/no selection only! if ($id > 0) $prefix .= "[" . $id."]"; - $OUT .= " \n"; } else { // Begin with regular selection box here if (!empty($prefix)) $prefix .= "_"; $type2 = $type; if ($id > 0) $type2 .= "[" . $id."]"; - $OUT .= " \n"; } switch ($type) { @@ -1242,7 +1222,7 @@ function addSelectionBox ($type, $default, $prefix = '', $id = '0') { case 'sec': case 'min': - for ($idx = 0; $idx < 60; $idx+=5) { + for ($idx = '0'; $idx < 60; $idx+=5) { if (strlen($idx) == 1) $idx = '0' . $idx; $OUT .= "