| Zeile 21 | Zeile 21 |
|---|
$contents = parse_page($contents);
$totaltime = $maintimer->stop();
|
$contents = parse_page($contents);
$totaltime = $maintimer->stop();
|
| | $contents = $plugins->run_hooks("pre_output_page", $contents);
|
if($mybb->usergroup['cancp'] == 1)
{
|
if($mybb->usergroup['cancp'] == 1)
{
|
| Zeile 33 | Zeile 34 |
|---|
{
$percentphp = number_format((($phptime/$maintimer->totaltime) * 100), 2);
$percentsql = number_format((($query_time/$maintimer->totaltime) * 100), 2);
|
{
$percentphp = number_format((($phptime/$maintimer->totaltime) * 100), 2);
$percentsql = number_format((($query_time/$maintimer->totaltime) * 100), 2);
|
}
| }
|
else
{
// if we've got a super fast script... all we can do is assume something
| else
{
// if we've got a super fast script... all we can do is assume something
|
| Zeile 57 | Zeile 58 |
|---|
if($mybb->settings['gzipoutput'] != 0)
{
$gzipen = "Enabled";
|
if($mybb->settings['gzipoutput'] != 0)
{
$gzipen = "Enabled";
|
}
else
| }
else
|
{
$gzipen = "Disabled";
|
{
$gzipen = "Disabled";
|
}
| }
|
$memory_usage = get_memory_usage();
|
$memory_usage = get_memory_usage();
|
| Zeile 70 | Zeile 71 |
|---|
$memory_usage = " / Memory Usage: ".get_friendly_size($memory_usage);
}
else
|
$memory_usage = " / Memory Usage: ".get_friendly_size($memory_usage);
}
else
|
{
| {
|
$memory_usage = '';
}
// MySQLi is still MySQL, so present it that way to the user
| $memory_usage = '';
}
// MySQLi is still MySQL, so present it that way to the user
|
| Zeile 92 | Zeile 93 |
|---|
}
$contents = str_replace("<debugstuff>", "", $contents);
|
}
$contents = str_replace("<debugstuff>", "", $contents);
|
$contents = $plugins->run_hooks("pre_output_page", $contents);
| |
if($mybb->settings['gzipoutput'] == 1)
|
if($mybb->settings['gzipoutput'] == 1)
|
{
| {
|
$contents = gzip_encode($contents, $mybb->settings['gziplevel']);
}
| $contents = gzip_encode($contents, $mybb->settings['gziplevel']);
}
|
| Zeile 120 | Zeile 120 |
|---|
if(!is_array($shutdown_functions))
{
$shutdown_functions = array();
|
if(!is_array($shutdown_functions))
{
$shutdown_functions = array();
|
}
| }
|
if(!is_array($arguments))
{
$arguments = array($arguments);
| if(!is_array($arguments))
{
$arguments = array($arguments);
|
| Zeile 520 | Zeile 520 |
|---|
else
{
return true;
|
else
{
return true;
|
}
}
| }
}
|
/**
* Return a parent list for the specified forum.
*
| /**
* Return a parent list for the specified forum.
*
|
| Zeile 720 | Zeile 720 |
|---|
foreach($errors as $error)
{
$errorlist .= "<li>".$error."</li>\n";
|
foreach($errors as $error)
{
$errorlist .= "<li>".$error."</li>\n";
|
}
eval("\$errors = \"".$templates->get("error_inline")."\";");
| }
eval("\$errors = \"".$templates->get("error_inline")."\";");
|
return $errors;
}
|
return $errors;
}
|
|
|
/**
* Presents the user with a "no permission" page
*/
function error_no_permission()
{
global $mybb, $theme, $templates, $db, $lang, $plugins, $session;
|
/**
* Presents the user with a "no permission" page
*/
function error_no_permission()
{
global $mybb, $theme, $templates, $db, $lang, $plugins, $session;
|
$time = TIME_NOW;
$plugins->run_hooks("no_permission");
|
$time = TIME_NOW;
$plugins->run_hooks("no_permission");
|
$noperm_array = array (
"nopermission" => '1',
"location1" => 0,
| $noperm_array = array (
"nopermission" => '1',
"location1" => 0,
|
| Zeile 772 | Zeile 772 |
|---|
switch($mybb->settings['username_method'])
{
case 0:
|
switch($mybb->settings['username_method'])
{
case 0:
|
$lang_username = $lang->username;
break;
| $lang_username = $lang->username;
break;
|
case 1:
$lang_username = $lang->username1;
|
case 1:
$lang_username = $lang->username1;
|
break;
| break;
|
case 2:
$lang_username = $lang->username2;
break;
| case 2:
$lang_username = $lang->username2;
break;
|
| Zeile 785 | Zeile 785 |
|---|
break;
}
eval("\$errorpage = \"".$templates->get("error_nopermission")."\";");
|
break;
}
eval("\$errorpage = \"".$templates->get("error_nopermission")."\";");
|
}
| }
|
error($errorpage);
}
| error($errorpage);
}
|
| Zeile 824 | Zeile 824 |
|---|
if(!$message)
{
$message = $lang->redirect;
|
if(!$message)
{
$message = $lang->redirect;
|
}
$time = TIME_NOW;
| }
$time = TIME_NOW;
|
$timenow = my_date($mybb->settings['dateformat'], $time) . " " . my_date($mybb->settings['timeformat'], $time);
if(!$title)
| $timenow = my_date($mybb->settings['dateformat'], $time) . " " . my_date($mybb->settings['timeformat'], $time);
if(!$title)
|
| Zeile 849 | Zeile 849 |
|---|
$url = str_replace(array("\n","\r",";"), "", $url);
run_shutdown();
|
$url = str_replace(array("\n","\r",";"), "", $url);
run_shutdown();
|
|
|
if(my_substr($url, 0, 7) !== 'http://' && my_substr($url, 0, 8) !== 'https://' && my_substr($url, 0, 1) !== '/')
{
header("Location: {$mybb->settings['bburl']}/{$url}");
| if(my_substr($url, 0, 7) !== 'http://' && my_substr($url, 0, 8) !== 'https://' && my_substr($url, 0, 1) !== '/')
{
header("Location: {$mybb->settings['bburl']}/{$url}");
|
| Zeile 883 | Zeile 883 |
|---|
$url = str_replace("&", "&", $url);
$url = htmlspecialchars_uni($url);
|
$url = str_replace("&", "&", $url);
$url = htmlspecialchars_uni($url);
|
|
|
$pages = ceil($count / $perpage);
$prevpage = '';
| $pages = ceil($count / $perpage);
$prevpage = '';
|
| Zeile 916 | Zeile 916 |
|---|
if($from <= 0)
{
$from = 1;
|
if($from <= 0)
{
$from = 1;
|
}
}
| }
}
|
if($to == 0)
{
$to = $pages;
| if($to == 0)
{
$to = $pages;
|
| Zeile 928 | Zeile 928 |
|---|
if($from > 1)
{
if($from-1 == 1)
|
if($from > 1)
{
if($from-1 == 1)
|
{
| {
|
$lang->multipage_link_start = '';
}
| $lang->multipage_link_start = '';
}
|
| Zeile 950 | Zeile 950 |
|---|
{
eval("\$mppage .= \"".$templates->get("multipage_page_current")."\";");
}
|
{
eval("\$mppage .= \"".$templates->get("multipage_page_current")."\";");
}
|
}
| }
|
else
{
eval("\$mppage .= \"".$templates->get("multipage_page")."\";");
| else
{
eval("\$mppage .= \"".$templates->get("multipage_page")."\";");
|
| Zeile 984 | Zeile 984 |
|---|
eval("\$multipage = \"".$templates->get("multipage_breadcrumb")."\";");
}
else
|
eval("\$multipage = \"".$templates->get("multipage_breadcrumb")."\";");
}
else
|
{
| {
|
eval("\$multipage = \"".$templates->get("multipage")."\";");
}
| eval("\$multipage = \"".$templates->get("multipage")."\";");
}
|
| Zeile 1006 | Zeile 1006 |
|---|
"&page={page}",
"{page}"
);
|
"&page={page}",
"{page}"
);
|
|
|
// Remove "Page 1" to the defacto URL
$url = str_replace($find, array("", "", $page), $url);
return $url;
| // Remove "Page 1" to the defacto URL
$url = str_replace($find, array("", "", $page), $url);
return $url;
|
| Zeile 1024 | Zeile 1024 |
|---|
}
$url .= "page=$page";
|
}
$url .= "page=$page";
|
}
else
{
| }
else
{
|
$url = str_replace("{page}", $page, $url);
}
| $url = str_replace("{page}", $page, $url);
}
|
| Zeile 1056 | Zeile 1056 |
|---|
if($user_cache[$uid]['permissions'])
{
return $user_cache[$uid]['permissions'];
|
if($user_cache[$uid]['permissions'])
{
return $user_cache[$uid]['permissions'];
|
}
| }
|
// This user was not already cached, fetch their user information.
if(!$user_cache[$uid])
{
| // This user was not already cached, fetch their user information.
if(!$user_cache[$uid])
{
|
| Zeile 1067 | Zeile 1067 |
|---|
// Collect group permissions.
$gid = $user_cache[$uid]['usergroup'].",".$user_cache[$uid]['additionalgroups'];
$groupperms = usergroup_permissions($gid);
|
// Collect group permissions.
$gid = $user_cache[$uid]['usergroup'].",".$user_cache[$uid]['additionalgroups'];
$groupperms = usergroup_permissions($gid);
|
|
|
// Store group permissions in user cache.
$user_cache[$uid]['permissions'] = $groupperms;
return $groupperms;
| // Store group permissions in user cache.
$user_cache[$uid]['permissions'] = $groupperms;
return $groupperms;
|
| Zeile 1088 | Zeile 1088 |
|---|
function usergroup_permissions($gid=0)
{
global $cache, $groupscache, $grouppermignore, $groupzerogreater;
|
function usergroup_permissions($gid=0)
{
global $cache, $groupscache, $grouppermignore, $groupzerogreater;
|
if(!is_array($groupscache))
{
$groupscache = $cache->read("usergroups");
}
$groups = explode(",", $gid);
if(count($groups) == 1)
|
if(!is_array($groupscache))
{
$groupscache = $cache->read("usergroups");
}
$groups = explode(",", $gid);
if(count($groups) == 1)
|
{
return $groupscache[$gid];
}
| {
return $groupscache[$gid];
}
|
| Zeile 1107 | Zeile 1107 |
|---|
if(trim($gid) == "" || !$groupscache[$gid])
{
continue;
|
if(trim($gid) == "" || !$groupscache[$gid])
{
continue;
|
}
| }
|
foreach($groupscache[$gid] as $perm => $access)
{
if(!in_array($perm, $grouppermignore))
| foreach($groupscache[$gid] as $perm => $access)
{
if(!in_array($perm, $grouppermignore))
|
| Zeile 1153 | Zeile 1153 |
|---|
if(!is_array($groupscache))
{
$groupscache = $cache->read("usergroups");
|
if(!is_array($groupscache))
{
$groupscache = $cache->read("usergroups");
|
}
| }
|
$displaygroup = array();
$group = $groupscache[$gid];
|
$displaygroup = array();
$group = $groupscache[$gid];
|
| Zeile 1186 | Zeile 1186 |
|---|
if(!$gid || $gid == 0) // If no group, we need to fetch it
{
if($uid != 0 && $uid != $mybb->user['uid'])
|
if(!$gid || $gid == 0) // If no group, we need to fetch it
{
if($uid != 0 && $uid != $mybb->user['uid'])
|
{
| {
|
if(!$usercache[$uid])
{
$query = $db->simple_select("users", "*", "uid='$uid'");
| if(!$usercache[$uid])
{
$query = $db->simple_select("users", "*", "uid='$uid'");
|
| Zeile 1220 | Zeile 1220 |
|---|
}
if(!is_array($fpermcache))
|
}
if(!is_array($fpermcache))
|
{
| {
|
$fpermcache = $cache->read("forumpermissions");
}
| $fpermcache = $cache->read("forumpermissions");
}
|
| Zeile 1231 | Zeile 1231 |
|---|
$cached_forum_permissions_permissions[$gid][$fid] = fetch_forum_permissions($fid, $gid, $groupperms);
}
return $cached_forum_permissions_permissions[$gid][$fid];
|
$cached_forum_permissions_permissions[$gid][$fid] = fetch_forum_permissions($fid, $gid, $groupperms);
}
return $cached_forum_permissions_permissions[$gid][$fid];
|
}
| }
|
else
{
if(!$cached_forum_permissions[$gid])
| else
{
if(!$cached_forum_permissions[$gid])
|
| Zeile 1276 | Zeile 1276 |
|---|
// If our permissions arn't inherited we need to figure them out
if(empty($level_permissions))
|
// If our permissions arn't inherited we need to figure them out
if(empty($level_permissions))
|
{
| {
|
$parents = explode(',', $forum_cache[$fid]['parentlist']);
rsort($parents);
if(!empty($parents))
| $parents = explode(',', $forum_cache[$fid]['parentlist']);
rsort($parents);
if(!empty($parents))
|
| Zeile 1466 | Zeile 1466 |
|---|
$mod_cache = $cache->read("moderators");
|
$mod_cache = $cache->read("moderators");
|
foreach($mod_cache as $fid => $forum)
| foreach($mod_cache as $forumid => $forum)
|
{
|
{
|
if(!is_array($forum) || !in_array($fid, $parentslist))
| if(!is_array($forum) || !in_array($forumid, $parentslist))
|
{
// No perms or we're not after this forum
continue;
| {
// No perms or we're not after this forum
continue;
|
| Zeile 1549 | Zeile 1549 |
|---|
$user_perms = user_permissions($uid);
if($user_perms['issupermod'] == 1)
{
|
$user_perms = user_permissions($uid);
if($user_perms['issupermod'] == 1)
{
|
| | if($fid)
{
$forumpermissions = forum_permissions($fid);
if($forumpermissions['canview'] && $forumpermissions['canviewthreads'] && !$forumpermissions['canonlyviewownthreads'])
{
return true;
}
return false;
}
|
return true;
}
else
| return true;
}
else
|
| Zeile 1986 | Zeile 1995 |
|---|
}
// Less than 0? That's bad
|
}
// Less than 0? That's bad
|
if(!$update_query[$counter])
| if($update_query[$counter] < 0)
|
{
$update_query[$counter] = 0;
}
|
{
$update_query[$counter] = 0;
}
|
}
}
| }
}
|
// Only update if we're actually doing something
if(count($update_query) > 0)
{
$db->update_query("forums", $update_query, "fid='".intval($fid)."'");
|
// Only update if we're actually doing something
if(count($update_query) > 0)
{
$db->update_query("forums", $update_query, "fid='".intval($fid)."'");
|
}
| }
|
// Guess we should update the statistics too?
|
// Guess we should update the statistics too?
|
if(isset($update_query['threads']) || isset($update_query['posts']) || isset($update_query['unapprovedthreads']) || isset($update_query['unapprovedposts']))
{
$new_stats = array();
if(array_key_exists('threads', $update_query))
{
$threads_diff = $update_query['threads'] - $forum['threads'];
if($threads_diff > -1)
{
$new_stats['numthreads'] = "+{$threads_diff}";
}
else
{
$new_stats['numthreads'] = "{$threads_diff}";
}
}
if(array_key_exists('unapprovedthreads', $update_query))
{
$unapprovedthreads_diff = $update_query['unapprovedthreads'] - $forum['unapprovedthreads'];
if($unapprovedthreads_diff > -1)
{
$new_stats['numunapprovedthreads'] = "+{$unapprovedthreads_diff}";
}
else
{
$new_stats['numunapprovedthreads'] = "{$unapprovedthreads_diff}";
}
}
| $new_stats = array();
if(array_key_exists('threads', $update_query))
{
$threads_diff = $update_query['threads'] - $forum['threads'];
if($threads_diff > -1)
{
$new_stats['numthreads'] = "+{$threads_diff}";
}
else
{
$new_stats['numthreads'] = "{$threads_diff}";
}
}
if(array_key_exists('unapprovedthreads', $update_query))
{
$unapprovedthreads_diff = $update_query['unapprovedthreads'] - $forum['unapprovedthreads'];
if($unapprovedthreads_diff > -1)
{
$new_stats['numunapprovedthreads'] = "+{$unapprovedthreads_diff}";
}
else
{
$new_stats['numunapprovedthreads'] = "{$unapprovedthreads_diff}";
}
}
if(array_key_exists('posts', $update_query))
{
$posts_diff = $update_query['posts'] - $forum['posts'];
if($posts_diff > -1)
{
$new_stats['numposts'] = "+{$posts_diff}";
}
else
{
$new_stats['numposts'] = "{$posts_diff}";
}
}
|
|
|
if(array_key_exists('posts', $update_query))
| if(array_key_exists('unapprovedposts', $update_query))
{
$unapprovedposts_diff = $update_query['unapprovedposts'] - $forum['unapprovedposts'];
if($unapprovedposts_diff > -1)
{
$new_stats['numunapprovedposts'] = "+{$unapprovedposts_diff}";
}
else
|
{
|
{
|
$posts_diff = $update_query['posts'] - $forum['posts'];
if($posts_diff > -1)
{
$new_stats['numposts'] = "+{$posts_diff}";
}
else
{
$new_stats['numposts'] = "{$posts_diff}";
}
| $new_stats['numunapprovedposts'] = "{$unapprovedposts_diff}";
|
}
|
}
|
| | }
|
|
|
if(array_key_exists('unapprovedposts', $update_query))
{
$unapprovedposts_diff = $update_query['unapprovedposts'] - $forum['unapprovedposts'];
if($unapprovedposts_diff > -1)
{
$new_stats['numunapprovedposts'] = "+{$unapprovedposts_diff}";
}
else
{
$new_stats['numunapprovedposts'] = "{$unapprovedposts_diff}";
}
}
| if(!empty($new_stats))
{
|
update_stats($new_stats);
}
| update_stats($new_stats);
}
|
| Zeile 2760 | Zeile 2770 |
|---|
}
$prefixselect = "";
|
}
$prefixselect = "";
|
$multipleselect = "";
| |
if($multiple != 0)
{
|
if($multiple != 0)
{
|
$multipleselect = " multiple=\"multiple\" size=\"5\"";
| $prefixselect = "<select name=\"threadprefix[]\" multiple=\"multiple\" size=\"5\">\n";
}
else
{
$prefixselect = "<select name=\"threadprefix\">\n";
|
}
|
}
|
$prefixselect = "<select name=\"threadprefix\"{$multipleselect}>\n";
| |
if($multiple == 1)
{
|
if($multiple == 1)
{
|
| Zeile 2986 | Zeile 2997 |
|---|
$ip = 0;
|
$ip = 0;
|
if(!preg_match("#^(10|172\.16|192\.168)\.#", $_SERVER['REMOTE_ADDR']))
| if(!preg_match("#^(10|172\.(1[6-9]|2[0-9]|3[0-1])|192\.168)\.#", $_SERVER['REMOTE_ADDR']))
|
{
$ip = $_SERVER['REMOTE_ADDR'];
}
| {
$ip = $_SERVER['REMOTE_ADDR'];
}
|
| Zeile 3006 | Zeile 3017 |
|---|
{
foreach($addresses[0] as $key => $val)
{
|
{
foreach($addresses[0] as $key => $val)
{
|
if(!preg_match("#^(10|172\.16|192\.168)\.#", $val))
| if(!preg_match("#^(10|172\.(1[6-9]|2[0-9]|3[0-1])|192\.168)\.#", $val))
|
{
$ip = $val;
break;
| {
$ip = $val;
break;
|
| Zeile 5692 | Zeile 5703 |
|---|
if(!empty($post_body))
{
$headers[] = $post_body;
|
if(!empty($post_body))
{
$headers[] = $post_body;
|
}
| }
|
else
{
// If we have no post body, we need to add an empty element to make sure we've got \r\n\r\n before the (non-existent) body starts
$headers[] = '';
|
else
{
// If we have no post body, we need to add an empty element to make sure we've got \r\n\r\n before the (non-existent) body starts
$headers[] = '';
|
}
| }
|
$headers = implode("\r\n", $headers);
if(!@fwrite($fp, $headers))
{
| $headers = implode("\r\n", $headers);
if(!@fwrite($fp, $headers))
{
|
| Zeile 5715 | Zeile 5726 |
|---|
else if(empty($post_data))
{
return @implode("", @file($url));
|
else if(empty($post_data))
{
return @implode("", @file($url));
|
}
| }
else
{
return false;
}
}
/**
* Checks if a particular user is a super administrator.
*
* @param int The user ID to check against the list of super admins
* @return boolean True if a super admin, false if not
*/
function is_super_admin($uid)
{
static $super_admins;
if(!isset($super_admins))
{
global $mybb;
$super_admins = str_replace(" ", "", $mybb->config['super_admins']);
}
if(my_strpos(",{$super_admins},", ",{$uid},") === false)
{
return false;
}
|
else
{
|
else
{
|
return false;
| return true;
|
}
}
|
}
}
|
|
|
/**
|
/**
|
* Checks if a particular user is a super administrator.
| * Prevents super administrators being selected in a SELECT.
|
*
|
*
|
* @param int The user ID to check against the list of super admins
* @return boolean True if a super admin, false if not
| * @param boolean Prefix with an AND?
* @param string The prefix to add to uid when used in a JOIN (e.g. SELECTing users u would mean using 'u' in this argument).
* @return string An addition to the WHERE statement
|
*/
|
*/
|
function is_super_admin($uid)
| function not_super_admins($use_and = false, $uid_prefix = '')
|
{
|
{
|
global $mybb;
$mybb->config['super_admins'] = str_replace(" ", "", $mybb->config['super_admins']);
if(my_strpos(",{$mybb->config['super_admins']},", ",{$uid},") === false)
{
return false;
| static $super_admins;
if(!isset($super_admins))
{
global $mybb, $db;
$super_admins = $db->escape_string(str_replace(" ", "", $mybb->config['super_admins']));
|
}
|
}
|
else
|
if($super_admins)
|
{
|
{
|
return true;
| $sql_where = '';
if($use_and)
{
$sql_where .= ' AND ';
}
if($uid_prefix != '')
{
$sql_where .= $uid_prefix.'.';
}
$sql_where .= "uid NOT IN({$super_admins})";
return $sql_where;
|
}
|
}
|
| | return '';
|
}
/**
| }
/**
|
| Zeile 5896 | Zeile 5949 |
|---|
* @param string The ban length string
* @param int The optional UNIX timestamp, if 0, current time is used.
* @return int The UNIX timestamp when the ban will be lifted
|
* @param string The ban length string
* @param int The optional UNIX timestamp, if 0, current time is used.
* @return int The UNIX timestamp when the ban will be lifted
|
*/
| */
|
function ban_date2timestamp($date, $stamp=0)
{
if($stamp == 0)
| function ban_date2timestamp($date, $stamp=0)
{
if($stamp == 0)
|
| Zeile 5919 | Zeile 5972 |
|---|
function expire_warnings()
{
global $db;
|
function expire_warnings()
{
global $db;
|
$users = array();
|
$users = array();
|
$query = $db->query("
SELECT w.wid, w.uid, w.points, u.warningpoints
|
$query = $db->query("
SELECT w.wid, w.uid, w.points, u.warningpoints
|
| Zeile 5932 | Zeile 5985 |
|---|
{
$updated_warning = array(
"expired" => 1
|
{
$updated_warning = array(
"expired" => 1
|
);
| );
|
$db->update_query("warnings", $updated_warning, "wid='{$warning['wid']}'");
|
$db->update_query("warnings", $updated_warning, "wid='{$warning['wid']}'");
|
|
|
if(array_key_exists($warning['uid'], $users))
|
if(array_key_exists($warning['uid'], $users))
|
{
| {
|
$users[$warning['uid']] -= $warning['points'];
|
$users[$warning['uid']] -= $warning['points'];
|
}
| }
|
else
{
$users[$warning['uid']] = $warning['warningpoints']-$warning['points'];
|
else
{
$users[$warning['uid']] = $warning['warningpoints']-$warning['points'];
|
}
}
| }
}
|
foreach($users as $uid => $warningpoints)
{
if($warningpoints < 0)
| foreach($users as $uid => $warningpoints)
{
if($warningpoints < 0)
|
| Zeile 5956 | Zeile 6009 |
|---|
"warningpoints" => intval($warningpoints)
);
$db->update_query("users", $updated_user, "uid='".intval($uid)."'");
|
"warningpoints" => intval($warningpoints)
);
$db->update_query("users", $updated_user, "uid='".intval($uid)."'");
|
}
}
| }
}
|
/**
* Custom chmod function to fix problems with hosts who's server configurations screw up umasks
|
/**
* Custom chmod function to fix problems with hosts who's server configurations screw up umasks
|
| Zeile 5969 | Zeile 6022 |
|---|
{
// Passing $mode as an octal number causes strlen and substr to return incorrect values. Instead pass as a string
if(substr($mode, 0, 1) != '0' || strlen($mode) !== 4)
|
{
// Passing $mode as an octal number causes strlen and substr to return incorrect values. Instead pass as a string
if(substr($mode, 0, 1) != '0' || strlen($mode) !== 4)
|
{
| {
|
return false;
}
$old_umask = umask(0);
| return false;
}
$old_umask = umask(0);
|
| Zeile 5994 | Zeile 6047 |
|---|
if(!isset($orig_dir))
{
$orig_dir = $path;
|
if(!isset($orig_dir))
{
$orig_dir = $path;
|
}
if(@is_dir($path) && !@is_link($path))
{
| }
if(@is_dir($path) && !@is_link($path))
{
|
if($dh = @opendir($path))
{
while(($file = @readdir($dh)) !== false)
| if($dh = @opendir($path))
{
while(($file = @readdir($dh)) !== false)
|
| Zeile 6196 | Zeile 6249 |
|---|
else
{
return "+$int";
|
else
{
return "+$int";
|
}
}
| }
}
|
/**
* Returns a securely generated seed for PHP's RNG (Random Number Generator)
*
| /**
* Returns a securely generated seed for PHP's RNG (Random Number Generator)
*
|
| Zeile 6208 | Zeile 6261 |
|---|
function secure_seed_rng($count=8)
{
$output = '';
|
function secure_seed_rng($count=8)
{
$output = '';
|
// Try the unix/linux method
if(@is_readable('/dev/urandom') && ($handle = @fopen('/dev/urandom', 'rb')))
| // DIRECTORY_SEPARATOR checks if running windows
if(DIRECTORY_SEPARATOR != '\\')
{
// Unix/Linux
// Use OpenSSL when available
if(function_exists('openssl_random_pseudo_bytes'))
{
$output = openssl_random_pseudo_bytes($count);
}
// Try mcrypt
elseif(function_exists('mcrypt_create_iv'))
{
$output = mcrypt_create_iv($count, MCRYPT_DEV_URANDOM);
}
// Try /dev/urandom
elseif(@is_readable('/dev/urandom') && ($handle = @fopen('/dev/urandom', 'rb')))
{
$output = @fread($handle, $count);
@fclose($handle);
}
}
else
|
{
|
{
|
$output = @fread($handle, $count);
@fclose($handle);
| // Windows
// Use OpenSSL when available
// PHP <5.3.4 had a bug which makes that function unusable on Windows
if(function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4', '>='))
{
$output = openssl_random_pseudo_bytes($count);
}
// Try mcrypt
elseif(function_exists('mcrypt_create_iv'))
{
$output = mcrypt_create_iv($count, MCRYPT_RAND);
}
// Try Windows CAPICOM before using our own generator
elseif(class_exists('COM'))
{
try
{
$CAPI_Util = new COM('CAPICOM.Utilities.1');
if(is_callable(array($CAPI_Util, 'GetRandom')))
{
$output = $CAPI_Util->GetRandom($count, 0);
}
} catch (Exception $e) {
}
}
|
}
// Didn't work? Do we still not have enough bytes? Use our own (less secure) rng generator
| }
// Didn't work? Do we still not have enough bytes? Use our own (less secure) rng generator
|
| Zeile 6469 | Zeile 6564 |
|---|
}
/**
|
}
/**
|
* Handles 4 byte UTF-8 characters.
| * Validates an UTF-8 string.
|
*
|
*
|
* This can be used to either reject strings which contain 4 byte UTF-8
* characters, or replace them with question marks. This is limited to UTF-8
* collated databases using MySQL.
*
* Original: http://www.avidheap.org/2013/a-quick-way-to-normalize-a-utf8-string-when-your-mysql-database-is-not-utf8mb4
*
* @param string The string to be checked.
* @param bool If false don't return the string, only the boolean result.
* @return mixed Return a string if the second parameter is true, boolean otherwise.
| * @param string The string to be checked
* @param boolean Allow 4 byte UTF-8 characters?
* @param boolean Return the cleaned string?
* @return string/boolean Cleaned string or boolean
|
*/
|
*/
|
function utf8_handle_4byte_string($input, $return=true)
| function validate_utf8_string($input, $allow_mb4=true, $return=true)
|
{
|
{
|
global $config;
if($config['database']['type'] != 'mysql' && $config['database']['type'] != 'mysqli')
{
if($return == true)
{
return $input;
}
return true;
}
$contains_4bytes = false;
if(!empty($input))
{
$utf8_2byte = 0xC0 /*1100 0000*/;
$utf8_2byte_bmask = 0xE0 /*1110 0000*/;
$utf8_3byte = 0xE0 /*1110 0000*/;
$utf8_3byte_bmask = 0XF0 /*1111 0000*/;
$utf8_4byte = 0xF0 /*1111 0000*/;
$utf8_4byte_bmask = 0xF8 /*1111 1000*/;
$sanitized = "";
| // Valid UTF-8 sequence?
if(!preg_match('##u', $input))
{
$string = '';
|
$len = strlen($input);
|
$len = strlen($input);
|
for($i = 0; $i < $len; ++$i)
{
$mb_char = $input[$i]; // Potentially a multibyte sequence
$byte = ord($mb_char);
if(($byte & $utf8_2byte_bmask) == $utf8_2byte)
| for($i = 0; $i < $len; $i++)
{
$c = ord($input[$i]);
if($c > 128)
|
{
|
{
|
$mb_char .= $input[++$i];
}
elseif(($byte & $utf8_3byte_bmask) == $utf8_3byte)
{
$mb_char .= $input[++$i];
$mb_char .= $input[++$i];
| if($c > 247 || $c <= 191)
{
if($return)
{
$string .= '?';
continue;
}
else
{
return false;
}
}
elseif($c > 239)
{
$bytes = 4;
}
elseif($c > 223)
{
$bytes = 3;
}
elseif($c > 191)
{
$bytes = 2;
}
if(($i + $bytes) > $len)
{
if($return)
{
$string .= '?';
break;
}
else
{
return false;
}
}
$valid = true;
$multibytes = $input[$i];
while($bytes > 1)
{
$i++;
$b = ord($input[$i]);
if($b < 128 || $b > 191)
{
if($return)
{
$valid = false;
$string .= '?';
break;
}
else
{
return false;
}
}
else
{
$multibytes .= $input[$i];
}
$bytes--;
}
if($valid)
{
$string .= $multibytes;
}
|
}
|
}
|
elseif(($byte & $utf8_4byte_bmask) == $utf8_4byte)
{
$contains_4bytes = true;
// Replace with ? to avoid MySQL exception
$mb_char = '?';
$i += 3;
| else
{
$string .= $input[$i];
|
}
|
}
|
$sanitized .= $mb_char;
if($contains_4bytes == true && $return == false)
{
return false;
}
}
$input = $sanitized;
| }
$input = $string;
}
if($return)
{
if($allow_mb4)
{
return $input;
}
else
{
return preg_replace("#[^\\x00-\\x7F][\\x80-\\xBF]{3,}#", '?', $input);
}
|
}
|
}
|
if($contains_4bytes == false && $return == false)
| else
|
{
|
{
|
return true;
| if($allow_mb4)
{
return true;
}
else
{
return !preg_match("#[^\\x00-\\x7F][\\x80-\\xBF]{3,}#", $input);
}
|
}
|
}
|
return $input;
| |
}
?>
| }
?>
|