Dragonfly CMS logo Server sponsored and hosted by
DedicatedNOW
CVS logo  
.:: Home :: Dev. Resources :: Forums ::.
Dragonfly CMS CVS Repository
 Location: / cvs / html / includes / cmsinit.inc
This is a web interface to the Dragonfly CMS CVS tree. You can browse the file hierarchy by picking directories. If you pick a file, you will see the revision history for that file.
Selecting a revision number will show that revision of the file. There are links at each revision to display diffs, annotate and download.
Note: Info about CVS and our commits can be found at our CVS Info Forum
File name: html/includes/cmsinit.inc
Revision : 10.25 (2 years 1 months 1 days 9 hours 16 minutes 13 seconds ago) by djmaze
Changed : +6 -2 lines
Comment: Block requests that contain <(script|iframe|object)


# Author Rev Line
1 djmaze 1.1 <?php
2 djmaze 1.1 /*********************************************
3 djmaze 9.16 CPG Dragonfly™ CMS
4 djmaze 1.1 ********************************************
5 nanocaio 9.118 Copyright © 2004 - 2007 by CPG-Nuke Dev Team
6 djmaze 9.58 http://dragonflycms.org
7 djmaze 1.1  
8 djmaze 9.16 Dragonfly is released under the terms and conditions
9 djmaze 8.10 of the GNU GPL version 2 or any later version
10 djmaze 1.1  
11 djmaze 9.17 $Source: /cvs/html/includes/cmsinit.inc,v $
12 djmaze 10.25 $Revision: 10.24 $
13 djmaze 10.22 $Author: djmaze $
14 djmaze 10.25 $Date: 2012/03/18 01:50:46 $
15 djmaze 9.16 **********************************************/
16 nanocaio 10.13 if (!defined('CPG_NUKE') || !defined('CORE_PATH')) { exit; }
17 nanocaio 10.13  
18 nanocaio 10.13  
19 nanocaio 10.6 if (!defined('SKIP_GZIP')) define('SKIP_GZIP', 0);
20 nanocaio 10.6 if (!defined('SKIP_BUFFERING')) define('SKIP_BUFFERING', 0);
21 nanocaio 10.7 if (!defined('STOP_AT')) define('STOP_AT', 0);
22 akamu 9.66  
23 djmaze 9.82 # Are we allowed to modify php.ini on the fly ?
24 nanocaio 10.6 define('CAN_MOD_INI', PHP::$can_set);
25 djmaze 9.82 # http://bugs.php.net/bug.php?id=31849
26 djmaze 9.136 if (WINDOWS || !function_exists('posix_getpwuid')) {
27 djmaze 9.87 define('_DRAGONLY_OWNER', 'N/A');
28 djmaze 9.87 define('_PROCESS_UID', '0');
29 djmaze 9.87 define('_PROCESS_OWNER', 'nobody');
30 djmaze 9.87 } else {
31 djmaze 9.87 define('_DRAGONLY_OWNER', get_current_user());
32 djmaze 9.87 define('_PROCESS_UID', posix_geteuid());
33 djmaze 9.87 $processUser = posix_getpwuid(_PROCESS_UID);
34 djmaze 9.87 define('_PROCESS_OWNER', $processUser['name']);
35 djmaze 9.87 }
36 akamu 9.66  
37 nanocaio 10.6 //header('Content-Type: text/html;charset=utf-8');
38 nanocaio 10.6 //header('Content-language: '._LANGCODE);
39 djmaze 1.1  
40 nanocaio 10.6 define('GZIP_ACTIVE', (ini_get('zlib.output_compression') && ob_start()) || !SKIP_GZIP && GZIP_OUT && ob_start('ob_gzhandler'));
41 djmaze 9.80  
42 nanocaio 10.6 # we will always try to buffer the output
43 nanocaio 10.6 # note: defining SKIP_BUFFERING within your application will also turn on implicit flushings
44 nanocaio 10.6 # ONLY if no output bufferings are active, eg: ini_set(zlib.output_compression, 0) fails
45 nanocaio 10.6 ob_implicit_flush(SKIP_BUFFERING && !GZIP_ACTIVE);
46 djmaze 9.176  
47 nanocaio 10.11 /* Notify state change */
48 nanocaio 10.11 $DF->setState(DF::BOOT_BASE);
49 nanocaio 10.11  
50 djmaze 10.22 require_once(CORE_PATH.'poodle/bootstrap.php'); // already loaded through index.php
51 djmaze 10.22  
52 djmaze 10.22 Poodle::$DEBUG = DF_MODE_DEVELOPER ? Poodle::DBG_ALL : 0;
53 djmaze 10.21 Poodle::loadKernel('dragonfly', array('dragonfly'=>array(
54 djmaze 10.21 'cache_uri' => 'file://'.CACHE_PATH,
55 djmaze 10.21  
56 djmaze 10.21 /**
57 djmaze 10.21 * When set to true, a cached template file date is compared to the
58 djmaze 10.21 * original file. If the cache file is older it will be recompiled.
59 djmaze 10.21 */
60 djmaze 10.21 'design_mode' => true,
61 djmaze 10.21  
62 djmaze 10.21 /**
63 djmaze 10.21 * Database Management System configuration
64 djmaze 10.21 * For database replication copy ['dbms']['master'] as ['dbms']['slave']
65 djmaze 10.21 */
66 djmaze 10.21 'dbms' => array(
67 djmaze 10.21 'adapter' => 'mysqli',
68 djmaze 10.21 'tbl_prefix' => $prefix.'_',
69 djmaze 10.21 'master' => array(
70 djmaze 10.21 'host' => $dbhost,
71 djmaze 10.21 'username' => $dbuname,
72 djmaze 10.21 'password' => $dbpass,
73 djmaze 10.21 'database' => $dbname,
74 djmaze 10.21 'charset' => DB_CHARSET,
75 djmaze 10.21 ),
76 djmaze 10.21 ),
77 djmaze 10.21 )));
78 djmaze 9.176 define('SQL_ASSOC', Poodle_SQL::ASSOC);
79 djmaze 9.176 define('SQL_NUM', Poodle_SQL::NUM);
80 djmaze 9.176 define('SQL_BOTH', Poodle_SQL::BOTH);
81 djmaze 9.176 if (!defined('INSTALL')) {
82 djmaze 9.176 try {
83 djmaze 10.21 $db = Poodle::getKernel()->SQL;
84 djmaze 9.176 } catch (Exception $e) {
85 djmaze 9.176 cpg_error('<b>'.NO_DB.', sorry for the inconvenience<br /><br />We should be back shortly</b>');
86 djmaze 9.176 }
87 djmaze 10.4 // $db->debug = Poodle::DBG_SQL | Poodle::DBG_SQL_QUERIES;
88 djmaze 9.176 // $db->debug = Poodle::$DEBUG & Poodle::DBG_SQL | Poodle::$DEBUG & Poodle::DBG_SQL_QUERIES;
89 djmaze 9.176 }
90 djmaze 9.176  
91 nanocaio 10.15 require_once(CLASS_PATH.'cpg_cache.php');
92 djmaze 9.84 require_once(CORE_PATH.'functions/linking.php');
93 djmaze 9.84  
94 phoenix 9.173 if (defined('INSTALL')) return;
95 phoenix 9.173  
96 nanocaio 10.15 require_once(CLASS_PATH.'time.php');
97 nanocaio 10.15 require_once(CLASS_PATH.'url.php');
98 nanocaio 10.15 require_once(CLASS_PATH.'net.php');
99 phoenix 9.173 if (!defined('XMLFEED')) {
100 phoenix 9.173 require_once(CORE_PATH.'functions/display.php');
101 nanocaio 10.15 require_once(CLASS_PATH.'cpg_member.php');
102 nanocaio 10.15 require_once(CLASS_PATH.'session.php');
103 nanocaio 10.15 require_once(CLASS_PATH.'template.php');
104 phoenix 9.173 }
105 phoenix 9.173  
106 djmaze 10.23 $MAIN_CFG = Poodle::getKernel()->CFG;
107 djmaze 9.172  
108 djmaze 10.21 if (!CPG_DEBUG) {
109 nanocaio 10.18 $cpgdebugger->error_level = (int) $MAIN_CFG['debug']['error_level'];
110 nanocaio 10.18 $cpgdebugger->log_level = (int) $MAIN_CFG['debug']['log_level'];
111 nanocaio 10.18 }
112 nanocaio 10.9  
113 djmaze 9.50 if (version_compare($MAIN_CFG['global']['Version_Num'], CPG_NUKE, '<')) {
114 trevor 9.60 cpg_error('<strong>We are currently upgrading our website.<br />Please be patient; we should be back shortly.</strong>', 'Maintenance');
115 djmaze 9.50 }
116 djmaze 10.22 Poodle_PHP_INI::set('sendmail_from', $MAIN_CFG['global']['adminmail']);
117 nanocaio 10.13 trigger_error('sendmail_from: '.ini_get('sendmail_from'), E_USER_NOTICE);
118 nanocaio 10.12 if (preg_match('#^(localhost|127.0.0.1|192.168|10\.|172.(1[6-9]|2[0-9]|3[0-1])\.)#', $_SERVER['HTTP_HOST'])) { $MAIN_CFG['cookie']['domain'] = NULL; }
119 djmaze 8.23 else if ($MAIN_CFG['cookie']['server']) {
120 djmaze 9.77 $MAIN_CFG['cookie']['domain'] = $MAIN_CFG['server']['domain'] = str_replace('www.', '', $_SERVER['SERVER_NAME']);
121 djmaze 8.23 }
122 djmaze 9.52 $MAIN_CFG['global']['nukeurl'] = 'http://'.$MAIN_CFG['server']['domain'].substr($MAIN_CFG['server']['path'], 0, -1);
123 djmaze 9.77 $MAIN_CFG['server']['domain'] = preg_replace('#[a-z]+://#i', '', $MAIN_CFG['server']['domain']);
124 djmaze 9.52 if (!extension_loaded('gd')) { $MAIN_CFG['global']['sec_code'] = 0; }
125 djmaze 9.52 if ($MAIN_CFG['global']['admingraphic'] < 1) $MAIN_CFG['global']['admingraphic'] = 3;
126 djmaze 1.49 if (empty($MAIN_CFG['cookie']['member'])) $MAIN_CFG['cookie']['member'] = 'member';
127 djmaze 1.49 if (empty($MAIN_CFG['cookie']['admin'])) $MAIN_CFG['cookie']['admin'] = 'admin';
128 djmaze 1.52 $BASEHREF = ($_SERVER['SERVER_PORT'] != 443 ? 'http' : 'https') . '://';
129 djmaze 1.52 $BASEHREF .= (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $MAIN_CFG['server']['domain']);
130 djmaze 1.52 $BASEHREF .= $MAIN_CFG['server']['path'];
131 djmaze 10.23 extract($MAIN_CFG['global']->getArrayCopy(), EXTR_OVERWRITE | EXTR_REFS);
132 djmaze 1.1  
133 djmaze 9.64 if (defined('XMLFEED')) return; # no need to load everything if it's a feed
134 djmaze 1.1  
135 djmaze 9.21 /******************************************************************************
136 djmaze 9.21 Set default metatags
137 djmaze 9.21 *******************************************************************************/
138 djmaze 9.21 $METATAGS['description'] = $slogan;
139 djmaze 9.21 $METATAGS['keywords'] = '';
140 djmaze 9.21 $METATAGS['resource-type'] = 'document';
141 djmaze 9.21 $METATAGS['distribution'] = 'global';
142 djmaze 9.21 $METATAGS['author'] = $sitename;
143 djmaze 9.21 $METATAGS['copyright'] = 'Copyright (c) '.date('Y').' by '.$sitename;
144 djmaze 9.21 $METATAGS['robots'] = 'index, follow';
145 djmaze 9.21 $METATAGS['rating'] = 'general';
146 djmaze 9.58 $METATAGS['generator'] = 'CPG Dragonfly CMS: Copyright (c) 2003-'.date('Y').' by CPG-Nuke Development Team, http://dragonflycms.org';
147 djmaze 9.21 //$METATAGS['revisit-after'] = '1 days';
148 djmaze 9.21  
149 djmaze 9.21 /******************************************************************************
150 djmaze 9.21 Start the session
151 djmaze 9.21 *******************************************************************************/
152 djmaze 9.80 $CPG_SESS = array();
153 nanocaio 9.145 $SESS = new cpg_session();
154 djmaze 9.21  
155 nanocaio 9.101 /******************************************************************************
156 nanocaio 9.169 Are we requesting the security code ?
157 nanocaio 9.169 *******************************************************************************/
158 nanocaio 10.7 //if (isset($_GET['name']) && ($_GET['name'] == 'gfx' || (isset($_GET['op']) && $_GET['name'] == 'Your_Account' && $_GET['op'] == 'gfx'))) {
159 nanocaio 10.7 // require(BASEDIR.'includes/gfxchk.php');
160 nanocaio 10.7 //}
161 nanocaio 10.7 if (STOP_AT) return;
162 nanocaio 9.169 /******************************************************************************
163 nanocaio 9.101 Include language to detect languages from browser setting and user preferences
164 nanocaio 9.125 Join our language initiative (NLI) http://dragonflycms.org
165 nanocaio 9.101 *******************************************************************************/
166 nanocaio 10.11 $DF->setState(DF::BOOT_ETH);
167 nanocaio 9.169 define('_JS_ALERT', '<script type="text/javascript">alert("%s");</script>');
168 nanocaio 9.101 require_once(CORE_PATH.'functions/language.php');
169 djmaze 9.80 require_once(CORE_PATH.'classes/security.php');
170 djmaze 9.80 Security::init();
171 djmaze 9.80  
172 djmaze 9.16 /******************************************************************************
173 djmaze 9.91 Load member/visitor details
174 djmaze 9.21 *******************************************************************************/
175 nanocaio 9.145 $CLASS['member'] = new cpg_member();
176 djmaze 9.44 $userinfo =& $_SESSION['CPG_USER'];
177 djmaze 9.80  
178 nanocaio 9.111 /******************************************************************************
179 nanocaio 9.111 Load the administrator and if no admin turn of error reports
180 nanocaio 9.111 *******************************************************************************/
181 nanocaio 9.111 if (!$CLASS['member']->loadadmin()) error_reporting(0);
182 nanocaio 9.111  
183 nanocaio 9.111 /******************************************************************************
184 nanocaio 9.158 Do second security check with session/member related settings
185 nanocaio 9.158 *******************************************************************************/
186 nanocaio 9.158 if (!is_admin()) Security::check();
187 nanocaio 9.158  
188 nanocaio 9.158 /******************************************************************************
189 djmaze 9.72 Check if the <form> POST is comming from this server
190 djmaze 9.72 *******************************************************************************/
191 djmaze 9.72 if (!is_user() && $_SERVER['REQUEST_METHOD'] == 'POST' && empty($CPG_SESS['user']['uri'])) {
192 nanocaio 9.145 trigger_error('<pre>'.print_r($CPG_SESS, true).'</pre>', E_USER_WARNING);
193 djmaze 9.72 cpg_error('Please enable cookies to post on this site. If you feel that you have reached this message in error please go back to the preceding page and post again');
194 djmaze 9.72 }
195 djmaze 9.72  
196 djmaze 9.72 /******************************************************************************
197 djmaze 9.21 Check if maintenance is turned on
198 djmaze 9.21 *******************************************************************************/
199 trevor 1.50 if ($MAIN_CFG['global']['maintenance'] && !is_admin() && !defined('ADMIN_PAGES') && !defined('INSTALL')) {
200 djmaze 9.16 cpg_error('<strong>'.$MAIN_CFG['global']['maintenance_text'].'</strong>', 'Maintenance');
201 djmaze 1.1 }
202 djmaze 9.21  
203 djmaze 9.16 /******************************************************************************
204 djmaze 9.80 Load the theme template system
205 djmaze 9.16 *******************************************************************************/
206 nanocaio 10.11 $DF->setState(DF::BOOT_USER);
207 djmaze 9.64 # Load template handler
208 nanocaio 9.145 $cpgtpl = new cpg_template();
209 djmaze 9.70 $template =& $cpgtpl;
210 nanocaio 10.11 $ThemeSel = $cpgtpl->theme;
211 nanocaio 9.131  
212 djmaze 9.80 $pagetitle = $modheader = '';
213 djmaze 1.7  
214 nanocaio 9.131  
215 djmaze 9.22 $SESS->init_info();
216 nanocaio 10.15 require_once(CLASS_PATH.'client.php');
217 nanocaio 10.15 require_once(CLASS_PATH.'css.php');
218 nanocaio 10.15 require_once(CLASS_PATH.'js.php');
219 nanocaio 10.15 require_once(CLASS_PATH.'module.php');
220 nanocaio 10.15 require_once(CLASS_PATH.'blocks.php');
221 nanocaio 10.15 require_once(CLASS_PATH.'menu.php');
222 djmaze 9.22  
223 nanocaio 9.110 define('USERS', 'YToxOntzOjQ6Im51a2UiO3M6MzMwOiIkY29wcGVybWluZT0nVGhpcyB3ZWJzaXRlIGVuZ2luZSBDb3B5cmlnaHQgJmNvcHk7IDIwMDMgLSAnLmRhdGUoJ1knKS4nIGJ5IENQRy1OdWtlIERldiBUZWFtPGJyIC8+RnJlZSBTb2Z0d2FyZSByZWxlYXNlZCB1bmRlciB0aGUgPGEgaHJlZj0iaHR0cDovL2RyYW'
224 nanocaio 9.110 .'dvbmZseWNtcy5vcmcvR05VR1BMLmh0bWwiIHRhcmdldD0iX2JsYW5rIj5HTlUgR1BMPC9hPjsgZWl0aGVyIHZlcnNpb24gMiBvZiB0aGUgTGljZW5zZSwgb3IgKGF0IHlvdXIgb3B0aW9uKSBhbnkgbGF0ZXIgdmVyc2lvbi4gTm8gd2FycmFudHkgaXMgZ2l2ZW4gb3IgaW1wbGllZC4nO3JldHVybiAkY29wcGVybWluZTsiO30=', true);
225 djmaze 1.3  
226 djmaze 9.172 function get_microtime() {return microtime(true);}
227 djmaze 8.8  
228 djmaze 9.64 # Function which removes \015\012 which causes linebreaks in SMTP email
229 djmaze 1.1 function removecrlf($str) {
230 djmaze 9.16 return strtr($str, "\015\012", ' ');
231 djmaze 1.1 }
232 djmaze 9.16 /******************************************************************************
233 djmaze 1.1  
234 djmaze 9.16 Sends a email thru PHP or SMTP using plain text or html formatted
235 djmaze 9.16 bool send_mail(
236 djmaze 9.16 &$mailer_message: returns info about the send mail or the error message
237 djmaze 9.16 $message : the message that you want to send
238 djmaze 9.16 $html : send message as html or text 1 = html, 0 = text(default)
239 djmaze 9.16 $subject : the subject of the message, default = _FEEDBACK
240 djmaze 9.16 $to : emailaddress of person to send to, default = admin mailaddress
241 djmaze 9.16 $to_name : name of person to send to, default = sitename
242 djmaze 9.16 $from : emailaddress of person who sends the message, default = admin mailaddress
243 djmaze 9.16 $from_name: name of person who sends the message, default = sitename
244 djmaze 9.42 $custom_headers: array of custom mail headers
245 djmaze 9.16 )
246 djmaze 1.1  
247 djmaze 9.16 *******************************************************************************/
248 djmaze 9.42 function send_mail(&$mailer_message, $message, $html=0, $subject='', $to='', $to_name='', $from='', $from_name='', $custom_headers=false) {
249 djmaze 9.16 global $MAIN_CFG, $module_name, $PHPMAILER_LANG, $CLASS;
250 alexm 1.14  
251 djmaze 9.16 if ($module_name != 'Contact' && function_exists('get_lang')) { get_lang('Contact'); }
252 djmaze 9.43 if (empty($to)) $to = $MAIN_CFG['global']['adminmail'];
253 djmaze 9.16 if ($from == '') $from = $MAIN_CFG['global']['adminmail'];
254 djmaze 9.16 if (isset($CLASS['member']) && $CLASS['member']->demo && $to != $MAIN_CFG['global']['adminmail']) {
255 djmaze 9.16 $mailer_message = 'The mail system has been disabled in the administration demo';
256 djmaze 9.16 return false;
257 djmaze 9.16 }
258 djmaze 9.16 if (is_email($from) < 1) {
259 djmaze 9.16 $mailer_message = $PHPMAILER_LANG['from_failed'].$from;
260 djmaze 9.16 return false;
261 djmaze 9.16 }
262 djmaze 9.16 if (!function_exists('get_lang')) {
263 djmaze 9.16 global $PHPMAILER_LANG;
264 djmaze 9.16 include_once(BASEDIR.'language/english/main.php');
265 djmaze 9.16 }
266 djmaze 9.54 require_once(CORE_PATH.'classes/phpmailer.php');
267 djmaze 9.16 $CLASS['mail']->ClearAll();
268 djmaze 9.16 $CLASS['mail']->SetLanguage();
269 djmaze 9.16 if ($MAIN_CFG['email']['smtp_on']) {
270 djmaze 9.64 $CLASS['mail']->IsSMTP(); # set mailer to use SMTP
271 djmaze 9.16 $CLASS['mail']->Host = $MAIN_CFG['email']['smtphost'];
272 djmaze 9.16 if ($MAIN_CFG['email']['smtp_auth']) {
273 djmaze 9.64 $CLASS['mail']->SMTPAuth = true; # turn on SMTP authentication
274 djmaze 9.64 $CLASS['mail']->Username = $MAIN_CFG['email']['smtp_uname']; # SMTP username
275 djmaze 9.64 $CLASS['mail']->Password = $MAIN_CFG['email']['smtp_pass']; # SMTP password
276 djmaze 9.16 }
277 djmaze 9.16 } else {
278 djmaze 9.16 $CLASS['mail']->IsMail();
279 djmaze 9.16 }
280 djmaze 9.16 $CLASS['mail']->From = removecrlf($from);
281 djmaze 9.16 $CLASS['mail']->FromName = ($from_name!='') ? removecrlf($from_name) : $MAIN_CFG['global']['sitename'];
282 djmaze 9.16 if (is_array($to)) {
283 djmaze 9.16 foreach ($to as $to_email => $to_name) {
284 djmaze 9.16 if (is_email($to_email) < 1) {
285 nanocaio 9.141 trigger_error($PHPMAILER_LANG['recipients_failed'].$to, E_USER_WARNING);
286 nanocaio 9.141 unset($to[$to_email]);
287 nanocaio 9.141 continue;
288 nanocaio 9.141 } else {
289 nanocaio 9.141 $CLASS['mail']->AddBCC(removecrlf($to_email), removecrlf($to_name));
290 djmaze 9.16 }
291 nanocaio 9.141 }
292 nanocaio 9.141 if (empty($to)) {
293 nanocaio 9.141 $CLASS['mail']->ClearAll();
294 nanocaio 9.141 return false;
295 djmaze 9.16 }
296 djmaze 9.16 } elseif (is_email($to) < 1) {
297 djmaze 9.16 $mailer_message = $PHPMAILER_LANG['recipients_failed'].$to;
298 djmaze 9.16 return false;
299 djmaze 9.16 } elseif ($to_name != '') {
300 djmaze 9.16 $CLASS['mail']->AddAddress(removecrlf($to), removecrlf($to_name));
301 djmaze 9.16 } else {
302 djmaze 9.16 $CLASS['mail']->AddAddress(removecrlf($to));
303 djmaze 9.16 }
304 djmaze 9.42  
305 djmaze 9.42 if (is_array($custom_headers) && count($custom_headers)) {
306 djmaze 9.42 foreach ($custom_headers as $header) {
307 djmaze 9.42 $CLASS['mail']->AddCustomHeader($header);
308 djmaze 9.42 }
309 djmaze 9.42 }
310 djmaze 9.42  
311 djmaze 9.16 $CLASS['mail']->Priority = 3;
312 djmaze 9.16 $CLASS['mail']->Encoding = '8bit';
313 nanocaio 9.108 $CLASS['mail']->CharSet = 'utf-8';
314 djmaze 9.16 $CLASS['mail']->Subject = ($subject!='') ? removecrlf($subject) : _FEEDBACK;
315 nanocaio 9.145 if (false === stripos($message, '<br')) $message = nl2br($message);
316 djmaze 9.16 if ($html && ($MAIN_CFG['email']['allow_html_email'] || is_admin())) {
317 djmaze 9.16 if (function_exists('get_lang')) {
318 djmaze 9.16 require_once(BASEDIR.'includes/nbbcode.php');
319 djmaze 9.16 $message = decode_bbcode($message, 0, true);
320 djmaze 9.16 }
321 djmaze 9.16 $CLASS['mail']->IsHTML(true);
322 djmaze 9.16 $CLASS['mail']->AltBody = strip_tags($message);
323 djmaze 9.16 $CLASS['mail']->Body = $message;
324 djmaze 9.16 } else {
325 djmaze 9.16 $CLASS['mail']->IsHTML(false);
326 djmaze 9.16 $CLASS['mail']->Body = strip_tags($message);
327 djmaze 9.16 }
328 djmaze 9.16 $mailer_message = '';
329 djmaze 9.16 if (!$CLASS['mail']->Send()) {
330 djmaze 9.16 $mailer_message .= 'Message could not be sent.<p>';
331 djmaze 9.16 $mailer_message .= 'Mailer Error: ' . $CLASS['mail']->ErrorInfo;
332 djmaze 9.16 return false;
333 djmaze 9.16 } else {
334 phoenix 9.143 $mailer_message .= '<p style="text-align:center;">'._SUCCESS_MESSAGE_SENT.'<br />';
335 djmaze 9.16 $mailer_message .= "<code>$message</code><br />";
336 phoenix 9.143 $mailer_message .= '<p style="text-align:center;">'._MAHALO.'</p>';
337 djmaze 9.16 return true;
338 djmaze 9.16 }
339 djmaze 9.16 //return $mailer_message;
340 djmaze 1.1 }
341 djmaze 1.1  
342 djmaze 9.16 /******************************************************************************
343 djmaze 1.1 Returns if the emailaddress is valid or not
344 djmaze 9.16 *******************************************************************************/
345 djmaze 1.1 function is_email(&$email) {
346 djmaze 9.91 $ret = Security::check_email($email);
347 djmaze 9.91 if ($ret == -2) { $email = $email[0]; }
348 djmaze 9.91 return $ret;
349 djmaze 1.1 }
350 djmaze 1.1  
351 djmaze 9.16 /******************************************************************************
352 djmaze 1.1 Returns admin name if the user is an administrator, otherwise false
353 djmaze 9.16 *******************************************************************************/
354 djmaze 1.1 function is_admin() {
355 djmaze 9.16 global $CLASS;
356 djmaze 9.16 return (isset($CLASS['member']) && is_object($CLASS['member'])) ? $CLASS['member']->admin_id : false;
357 djmaze 1.1 }
358 djmaze 8.5 function can_admin($module='super') {
359 djmaze 9.16 global $CLASS;
360 djmaze 9.16 $module = strtolower($module);
361 djmaze 9.16 $adminfo =& $CLASS['member']->admin;
362 djmaze 9.16 return (is_array($adminfo) && isset($adminfo['radmin'.$module]) && ($adminfo['radminsuper'] || $adminfo['radmin'.$module])) ? true : false;
363 djmaze 1.1 }
364 djmaze 9.16 /******************************************************************************
365 djmaze 1.1 Returns member ID if the user is an registered member, otherwise false
366 djmaze 9.16 *******************************************************************************/
367 djmaze 1.1 function is_user() {
368 djmaze 9.16 global $CLASS;
369 djmaze 9.16 return ($CLASS['member']->user_id > 1) ? $CLASS['member']->user_id : false;
370 djmaze 1.1 }
371 djmaze 9.16 /******************************************************************************
372 djmaze 1.36 Returns groupname if visitor is in the group, otherwise false
373 djmaze 9.16 *******************************************************************************/
374 djmaze 1.36 function in_group($id) {
375 djmaze 9.16 global $userinfo;
376 djmaze 9.16 if (isset($userinfo['_mem_of_groups'][$id])) {
377 djmaze 9.16 return $userinfo['_mem_of_groups'][$id];
378 djmaze 9.16 } else {
379 djmaze 9.16 return false;
380 djmaze 9.16 }
381 djmaze 1.1 }
382 djmaze 9.16 /******************************************************************************
383 djmaze 1.1 See includes/classes/cpg_member -> getmemdata() for details
384 djmaze 9.16 *******************************************************************************/
385 djmaze 1.1 function getusrdata($user, $data='*') {
386 djmaze 9.16 global $CLASS;
387 djmaze 9.16 return $CLASS['member']->getmemdata($user, $data);
388 djmaze 1.1 }
389 djmaze 1.1  
390 djmaze 1.1 function is_active($module) {
391 djmaze 9.16 global $prefix, $db, $active_modules;
392 djmaze 9.64 static $save; # Added by steven111
393 djmaze 9.16 if (is_array($save)) {
394 djmaze 9.16 if (isset($save[$module])) return ($save[$module]);
395 djmaze 9.16 return 0;
396 djmaze 9.16 }
397 djmaze 9.16 if (!Cache::array_load('active_modules')) {
398 djmaze 9.56 $result = $db->sql_query('SELECT title, version FROM '.$prefix.'_modules WHERE active=1');
399 djmaze 9.56 while ($row = $db->sql_fetchrow($result, SQL_NUM)) {
400 djmaze 9.56 $active_modules[$row[0]] = (intval($row[1]) > 0) ? $row[1] : 1;
401 djmaze 9.16 }
402 djmaze 9.16 $db->sql_freeresult($result);
403 djmaze 9.16 Cache::array_save('active_modules');
404 djmaze 9.16 }
405 djmaze 9.16 $save = $active_modules;
406 djmaze 9.16 if (isset($save[$module])) return ($save[$module]);
407 djmaze 9.16 return 0;
408 djmaze 1.1 }
409 djmaze 1.46  
410 djmaze 9.61 function strip_javascript($text, $events=true) {
411 djmaze 9.61 $patterns[] = '/<\s*script[^>]*?>.*?<\/\s*script\s*>/i';
412 djmaze 9.61 $patterns[] = '/href\s*=\s*\'\s*javascript.*\'/i';
413 djmaze 9.61 $patterns[] = '/href\s*=\s*"\s*javascript.*"/i';
414 djmaze 9.61 if ($events) {
415 djmaze 9.61 $events = 'blur|click|dblclick|focus|load|unload|select|change'
416 djmaze 9.61 .'|submit|abort|error|reset|dragdrop|keydown|keypress|keyup'
417 djmaze 9.61 .'|mouseout|mouseover|mousedown|mousemove|mouseup|move|resize';
418 djmaze 9.62 $patterns[] = '/on('.$events.')\s*=\s*\'.*?\'/i';
419 djmaze 9.62 $patterns[] = '/on('.$events.')\s*=\s*".*?"/i';
420 djmaze 9.61 }
421 djmaze 9.61 return preg_replace($patterns,'',$text);
422 djmaze 9.61 }
423 djmaze 9.61  
424 djmaze 1.46 function htmlprepare($str, $nl2br=false, $spchar=ENT_QUOTES, $nohtml=false) {
425 djmaze 9.64 if ($nohtml) { $str = strip_tags($str, $nohtml); } # $nohtml : <a><br><b><i><img><li><ol><p><strong><u><ul>
426 nanocaio 10.9 $str = htmlspecialchars($str,$spchar,'UTF-8'); # convert only everyday web programming chars
427 nanocaio 10.9 if ($nl2br) { $str = nl2br($str); } # \r\n, \n\r, \n and \r to <br />
428 djmaze 9.16 return trim($str);
429 djmaze 1.46 }
430 djmaze 8.1 function htmlunprepare($str, $nl2br=false) {
431 djmaze 9.16 $unhtml_specialchars_match = array('#&gt;#', '#&lt;#', '#&quot;#', '#&\#039;#', '#&amp;#');
432 djmaze 9.16 $unhtml_specialchars_replace = array('>', '<', '"', '\'', '&');
433 djmaze 9.16 if ($nl2br) {
434 djmaze 9.16 $unhtml_specialchars_match[] = "#<br />\n#";
435 djmaze 9.16 $unhtml_specialchars_replace[] = "\n";
436 djmaze 9.16 }
437 djmaze 9.16 return preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $str);
438 djmaze 8.1 }
439 djmaze 1.47 function html2bb($text) {
440 nanocaio 9.145 $text = str_replace('<', ' <', $text);
441 djmaze 9.16 $text = preg_replace('/<ol type="([a1])">/si', '/\[list=\\1\]', $text);
442 djmaze 9.16 $text = preg_replace('/<(b|u|i|hr)>/sie', "'['.strtolower(\\1).']'", $text);
443 djmaze 9.16 $text = preg_replace('/<\/(b|u|i|hr)>/sie', "'[/'.strtolower(\\1).']'", $text);
444 djmaze 9.16 $text = preg_replace('#<img(.*?)src="(.*?)\.(gif|png|jpg|jpeg)"(.*?)>#si', '[img]\\2.\\3[/img]', $text);
445 djmaze 9.16 $text = str_replace('<ul>', '[list]', $text);
446 djmaze 9.16 $text = str_replace('<li>', '[*]', $text);
447 djmaze 9.16 $text = str_replace('</ul>', '[/list:u]', $text);
448 djmaze 9.16 $text = str_replace('</ol>', '[/list:o]', $text);
449 djmaze 9.16 $text = strip_tags($text, '<br><p><strong>');
450 djmaze 9.16 return trim($text);
451 djmaze 9.16 }
452 djmaze 1.1  
453 djmaze 1.45 function Fix_Quotes($str, $nohtml=false, $spchar=false) {
454 djmaze 9.16 global $db;
455 djmaze 9.16 if ($nohtml) { $str = strip_tags($str); }
456 djmaze 9.16 if ($spchar) { $str = htmlspecialchars($str,ENT_NOQUOTES,'UTF-8'); }
457 djmaze 10.21 return $db->escape_string(trim($str));
458 djmaze 1.1 }
459 djmaze 1.1  
460 djmaze 9.64 # Text Filtering
461 djmaze 1.1 function check_words(&$Message) {
462 djmaze 9.16 global $CensorList, $CensorReplace, $CensorMode;
463 nanocaio 9.145 if (is_array($CensorList)) {
464 nanocaio 9.145 switch($CensorMode)
465 nanocaio 9.145 {
466 nanocaio 9.145 case 1:
467 nanocaio 9.145 return preg_replace('#('.implode('|', $CensorList).')([^a-zA-Z0-9])#i', "$CensorReplace\$2", $Message);
468 nanocaio 9.145 case 2:
469 nanocaio 9.145 return preg_replace('#(^|[^[:alnum:]])('.implode('|', $CensorList).')#i', "\$1$CensorReplace", $Message);
470 nanocaio 9.145 case 3:
471 nanocaio 9.145 return preg_replace('#'.implode('|', $CensorList).'#i', $CensorReplace, $Message);
472 djmaze 9.16 }
473 djmaze 9.16 }
474 djmaze 9.16 return $Message;
475 djmaze 1.1 }
476 djmaze 1.1  
477 djmaze 9.64 # Deprecated Functions
478 djmaze 9.78 if (CPG_DEBUG) { include(CORE_PATH.'removed.php'); }
479 nanocaio 9.145 function gmtime() {
480 nanocaio 9.145 $backtrace = debug_backtrace();
481 nanocaio 9.145 trigger_error("DEPRECATED call to <a href=\"http://dragonflycms.org/gmtime\">gmtime</a>() by {$backtrace[0]['file']} on line {$backtrace[0]['line']}.", E_USER_WARNING);
482 nanocaio 9.145 return time();
483 nanocaio 9.145 }
484 nanocaio 9.145 function encode_ip($ip) {
485 nanocaio 9.145 $backtrace = debug_backtrace();
486 nanocaio 9.145 trigger_error("DEPRECATED call to <a href=\"http://dragonflycms.org/encode_ip\">encode_ip</a>() by {$backtrace[0]['file']} on line {$backtrace[0]['line']}.", E_USER_WARNING);
487 nanocaio 9.145 return inet_pton($ip);
488 nanocaio 9.145 }
489 djmaze 1.1  
490 djmaze 9.64 # Time Formatting
491 djmaze 1.1 function formatDateTime($time, $format) {
492 djmaze 9.16 global $userinfo;
493 djmaze 9.23 return L10NTime::strftime($format, $time, $userinfo['user_dst'], $userinfo['user_timezone']);
494 djmaze 1.1 }
495 djmaze 1.1  
496 djmaze 9.64 # IP Handling
497 nanocaio 9.135 function ip2long32($ip, $unsigned=false) {
498 nanocaio 9.170 $backtrace = debug_backtrace();
499 nanocaio 9.170 trigger_error("DEPRECATED call to ip2long32() by {$backtrace[0]['file']} on line {$backtrace[0]['line']}.", E_USER_WARNING);
500 nanocaio 10.6 return Net::ip2long($ip);
501 nanocaio 9.135 }
502 nanocaio 9.135  
503 djmaze 9.89 function decode_ip($ip) {
504 nanocaio 9.170 $backtrace = debug_backtrace();
505 nanocaio 9.170 trigger_error("DEPRECATED call to ip2long32() by {$backtrace[0]['file']} on line {$backtrace[0]['line']}.", E_USER_WARNING);
506 nanocaio 10.6 return Net::decode_ip($ip);
507 djmaze 1.1 }
508 djmaze 1.1  
509 djmaze 9.64 # Caching
510 djmaze 8.22 function cache_save_array($name, $module_name='config', $array=false) {
511 djmaze 9.16 Cache::array_save($name, $module_name, $array);
512 djmaze 1.1 }
513 djmaze 8.22 function cache_load_array($name, $module_name='config', $global=true) {
514 djmaze 9.16 return Cache::array_load($name, $module_name, $global);
515 djmaze 1.1 }
516 djmaze 8.12 function cache_delete_array($name, $module_name='config') {
517 djmaze 9.16 Cache::array_delete($name, $module_name);
518 djmaze 1.51 }
519 djmaze 8.23 function file_write($filename, &$content, $mode='wb') {
520 djmaze 9.16 if (!$fp = fopen($filename, $mode)) {
521 djmaze 9.16 return false;
522 djmaze 9.16 }
523 djmaze 9.16 flock($fp, LOCK_EX);
524 djmaze 9.80 $bytes_written = fwrite($fp, $content);
525 djmaze 9.16 flock($fp, LOCK_UN);
526 djmaze 9.80 fclose($fp);
527 djmaze 9.80 if ($bytes_written === FALSE) {
528 djmaze 9.80 trigger_error("Couldn't write to file ($filename)", E_USER_WARNING);
529 djmaze 9.16 return false;
530 djmaze 9.16 }
531 djmaze 9.16 if (!defined('PHP_AS_NOBODY')) { define_nobody($filename); }
532 djmaze 9.16 chmod($filename, (PHP_AS_NOBODY ? 0666 : 0644));
533 djmaze 9.16 return true;
534 djmaze 8.23 }
535 djmaze 9.8  
536 djmaze 9.88 function filesize_to_human($size, $precision=2) {
537 nanocaio 9.140 if ($size<1) return '0 Bytes';
538 djmaze 9.88 $sizename = array('Bytes', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');
539 nanocaio 9.145 $i = floor(log($size, 1024));
540 djmaze 9.115 if ($i>0) { $size /= pow(1024, $i); }
541 djmaze 9.115 return round($size, $precision).' '.$sizename[$i];
542 djmaze 9.88 }
543 djmaze 9.88  
544 djmaze 9.8 function define_nobody($file) {
545 djmaze 9.16 if (!defined('PHP_AS_NOBODY')) {
546 djmaze 9.87 define('PHP_AS_NOBODY', (_PROCESS_OWNER == 'nobody' || getmyuid() != fileowner($file)));
547 djmaze 9.16 }
548 djmaze 9.8 }
549 djmaze 9.78  
550 djmaze 9.78 # stops the page creation and shows an error page
551 djmaze 9.78 function cpg_error($message, $title='ERROR', $redirect=false) {
552 nanocaio 10.19 $message = str_replace(BASEDIR, '', $message);
553 nanocaio 10.16 $report = is_admin() ? E_ALL : 0;
554 nanocaio 10.16 error_reporting($report);
555 nanocaio 10.17 global $cpgtpl, $SESS, $MAIN_CFG, $LNG, $DF;
556 nanocaio 9.153 if ($redirect) { URL::refresh($redirect); }
557 djmaze 9.81 if ($title == 301 || ($title >= 400 && $title <= 503) || ($title >= 800 && $title <= 803)) {
558 djmaze 9.81 $status = array(
559 djmaze 9.81 301 => 'Moved Permanently',
560 djmaze 9.81 400 => 'Bad Request',
561 djmaze 9.81 401 => 'Unauthorized',
562 djmaze 9.81 403 => 'Forbidden',
563 djmaze 9.81 404 => 'Not Found',
564 djmaze 9.81 500 => 'Internal Server Error',
565 djmaze 9.81 503 => 'Service Unavailable' # may have Retry-After header
566 djmaze 9.81 );
567 djmaze 9.81 $code = $title;
568 djmaze 9.81 if ($code >= 800) { $code = 403; }
569 djmaze 9.81 header("$_SERVER[SERVER_PROTOCOL] $code ".$status[$code]);
570 djmaze 9.97 if (function_exists('get_lang')) { get_lang('errors'); }
571 djmaze 9.97 else { include('language/english/errors.php'); }
572 nanocaio 10.17 $message = $LNG['_SECURITY_MSG'][$title].'<br />'.$message;
573 djmaze 9.81 $title = $LNG['_SECURITY_STATUS'][$title];
574 djmaze 9.78 }
575 nanocaio 10.16  
576 nanocaio 10.16 $xhr = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && 'XMLHttpRequest' === $_SERVER['HTTP_X_REQUESTED_WITH'];
577 nanocaio 10.16 if (is_object($cpgtpl)) {
578 nanocaio 10.15 $cpgtpl->destroy();
579 nanocaio 10.16 if (!$xhr) {
580 nanocaio 10.19 global $pagetitle, $showblocks, $home, $modheader, $mainindex, $CPG_SESS, $Module;
581 nanocaio 10.19 $home = $showblocks = $Module->sides = Blocks::NONE;
582 nanocaio 10.16 $pagetitle = $title;
583 nanocaio 10.16 $modheader .= '<meta name="robots" content="noindex,follow" />'.DF_EOL.'<meta name="robots" content="noarchive" />'.DF_EOL;
584 nanocaio 10.16 if (!defined('HEADER_OPEN')) { require_once(BASEDIR.'header.php'); }
585 nanocaio 9.155 OpenTable();
586 nanocaio 10.16 echo '<center>'.$message.'<br /><br />';
587 nanocaio 10.16 $link = ($redirect) ? '<a href="'.$redirect.'">'._GO.'</a>' : '[ <a href="'.$mainindex.'">'._HOME.'</a> ] '._GOBACK.'</center>';
588 nanocaio 10.16 echo $link;
589 nanocaio 9.155 CloseTable();
590 nanocaio 10.16 if (is_admin() && $MAIN_CFG['debug']['session'] && !empty($CPG_SESS)) {
591 nanocaio 10.16 OpenTable();
592 nanocaio 10.16 echo '<pre>'.print_r($CPG_SESS, true).'</pre>';
593 nanocaio 10.16 CloseTable();
594 nanocaio 10.16 }
595 nanocaio 10.16 require_once(BASEDIR.'footer.php');
596 nanocaio 10.16 } else {
597 nanocaio 10.16 if (isset($SESS)) $SESS->write_close();
598 nanocaio 10.16 $report ? exit($message) : exit();
599 nanocaio 9.155 }
600 nanocaio 9.155 } else {
601 nanocaio 10.16 if (!$xhr) {
602 nanocaio 10.16 require_once(BASEDIR.'includes/cpg_page.php');
603 nanocaio 10.16 $errorpage = cpg_header($title);
604 nanocaio 10.16 $errorpage .= "<center>$message</center>";
605 nanocaio 10.16 if (is_admin() || (defined('CPG_DEBUG') && CPG_DEBUG)) {
606 nanocaio 10.16 global $cpgdebugger, $CPG_SESS;
607 nanocaio 10.16 $errorpage .= '<div style="text-align:left"';
608 nanocaio 10.16 if (is_object($cpgdebugger)) {
609 nanocaio 10.16 if ($MAIN_CFG['debug']['database']) {
610 nanocaio 10.16 $errorpage .= $cpgdebugger->get_report('sql');
611 nanocaio 10.16 }
612 nanocaio 10.16 $errorpage .= $cpgdebugger->get_report('php');
613 nanocaio 9.155 }
614 nanocaio 10.16 if (is_admin() && $MAIN_CFG['debug']['session'] && !empty($CPG_SESS)) {
615 nanocaio 10.16 $errorpage .= '<br /><strong>Session debug:</strong><pre>'.print_r($CPG_SESS, true).'</pre>';
616 nanocaio 10.16 }
617 nanocaio 10.16 $errorpage .= '</div>';
618 nanocaio 9.155 }
619 nanocaio 10.16 $errorpage .= cpg_footer();
620 nanocaio 10.16 echo $errorpage;
621 nanocaio 10.16 } else {
622 nanocaio 10.16 if ($report) echo $message;
623 djmaze 9.78 }
624 nanocaio 9.155 if (isset($SESS)) $SESS->write_close();
625 djmaze 9.78 }
626 nanocaio 10.16 exit;
627 nanocaio 9.131 }
628 djmaze 10.25  
629 djmaze 10.25 if (preg_match('#<(script|iframe|object)#i',$_SERVER['QUERY_STRING'])) {
630 djmaze 10.25 cpg_error(sprintf(_ERROR_BAD_CHAR, ''), _SEC_ERROR);
631 djmaze 10.25 }


Code Credits - Privacy Policy