' => '

')); } // This is long, but it makes things much easier and cleaner. if (!empty($possible['parameters'])) { $preg = array(); foreach ($possible['parameters'] as $p => $info) $preg[] = '(\s+' . $p . '=' . (empty($info['quoted']) ? '' : '"') . (isset($info['match']) ? $info['match'] : '(.+?)') . (empty($info['quoted']) ? '' : '"') . ')' . (empty($info['optional']) ? '' : '?'); // Okay, this may look ugly and it is, but it's not going to happen much and it is the best way of allowing any order of parameters but still parsing them right. $match = false; $orders = permute($preg); foreach ($orders as $p) if (preg_match('~^' . implode('', $p) . '\]~i', substr($message, $pos1 - 1), $matches) != 0) { $match = true; break; } // Didn't match our parameter list, try the next possible. if (!$match) continue; $params = array(); for ($i = 1, $n = count($matches); $i < $n; $i += 2) { $key = strtok(ltrim($matches[$i]), '='); if (isset($possible['parameters'][$key]['value'])) $params['{' . $key . '}'] = strtr($possible['parameters'][$key]['value'], array('$1' => $matches[$i + 1])); elseif (isset($possible['parameters'][$key]['validate'])) $params['{' . $key . '}'] = $possible['parameters'][$key]['validate']($matches[$i + 1]); else $params['{' . $key . '}'] = $matches[$i + 1]; // Just to make sure: replace any $ or { so they can't interpolate wrongly. $params['{' . $key . '}'] = strtr($params['{' . $key . '}'], array('$' => '$', '{' => '{')); } foreach ($possible['parameters'] as $p => $info) { if (!isset($params['{' . $p . '}'])) $params['{' . $p . '}'] = ''; } $tag = $possible; // Put the parameters into the string. if (isset($tag['before'])) $tag['before'] = strtr($tag['before'], $params); if (isset($tag['after'])) $tag['after'] = strtr($tag['after'], $params); if (isset($tag['content'])) $tag['content'] = strtr($tag['content'], $params); $pos1 += strlen($matches[0]) - 1; } else $tag = $possible; break; } // Item codes are complicated buggers... they are implicit [li]s and can make [list]s! if ($smileys !== false && $tag === null && isset($itemcodes[$message[$pos + 1]]) && $message[$pos + 2] == ']' && !isset($disabled['list']) && !isset($disabled['li'])) { if ($message[$pos + 1] == '0' && !in_array($message[$pos - 1], array(';', ' ', "\t", '>'))) continue; $tag = $itemcodes[$message[$pos + 1]]; // First let's set up the tree: it needs to be in a list, or after an li. if ($inside === null || ($inside['tag'] != 'list' && $inside['tag'] != 'li')) { $open_tags[] = array( 'tag' => 'list', 'after' => '', 'block_level' => true, 'require_children' => array('li'), 'disallow_children' => isset($inside['disallow_children']) ? $inside['disallow_children'] : null, ); $code = '

'; } // We're in a list item already: another itemcode? Close it first. elseif ($inside['tag'] == 'li') { array_pop($open_tags); $code = ''; } else $code = ''; // Now we open a new tag. $open_tags[] = array( 'tag' => 'li', 'after' => '', 'trim' => 'outside', 'block_level' => true, 'disallow_children' => isset($inside['disallow_children']) ? $inside['disallow_children'] : null, ); // First, open the tag... $code .= ''; $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos + 3); $pos += strlen($code) - 1 + 2; // Next, find the next break (if any.) If there's more itemcode after it, keep it going - otherwise close! $pos2 = strpos($message, '
', $pos); $pos3 = strpos($message, '[/', $pos); if ($pos2 !== false && ($pos2 <= $pos3 || $pos3 === false)) { preg_match('~^(
| |\s|\[)+~', substr($message, $pos2 + 6), $matches); $message = substr($message, 0, $pos2) . "\n" . (!empty($matches[0]) && substr($matches[0], -1) == '[' ? '[/li]' : '[/li][/list]') . "\n" . substr($message, $pos2); $open_tags[count($open_tags) - 2]['after'] = '

'; } // Tell the [list] that it needs to close specially. else { // Move the li over, because we're not sure what we'll hit. $open_tags[count($open_tags) - 1]['after'] = ''; $open_tags[count($open_tags) - 2]['after'] = ''; } continue; } // Implicitly close lists and tables if something other than what's required is in them. This is needed for itemcode. if ($tag === null && $inside !== null && !empty($inside['require_children'])) { array_pop($open_tags); $message = substr($message, 0, $pos) . "\n" . $inside['after'] . "\n" . substr($message, $pos); $pos += strlen($inside['after']) - 1 + 2; } // No tag? Keep looking, then. Silly people using brackets without actual tags. if ($tag === null) continue; // Propagate the list to the child (so wrapping the disallowed tag won't work either.) if (isset($inside['disallow_children'])) $tag['disallow_children'] = isset($tag['disallow_children']) ? array_unique(array_merge($tag['disallow_children'], $inside['disallow_children'])) : $inside['disallow_children']; // Is this tag disabled? if (isset($disabled[$tag['tag']])) { if (!isset($tag['disabled_before']) && !isset($tag['disabled_after']) && !isset($tag['disabled_content'])) { $tag['before'] = !empty($tag['block_level']) ? '

' : ''; $tag['after'] = !empty($tag['block_level']) ? '

' : ''; $tag['content'] = isset($tag['type']) && $tag['type'] == 'closed' ? '' : (!empty($tag['block_level']) ? '

$1

' : '$1'); } elseif (isset($tag['disabled_before']) || isset($tag['disabled_after'])) { $tag['before'] = isset($tag['disabled_before']) ? $tag['disabled_before'] : (!empty($tag['block_level']) ? '

' : ''); $tag['after'] = isset($tag['disabled_after']) ? $tag['disabled_after'] : (!empty($tag['block_level']) ? '

' : ''); } else $tag['content'] = $tag['disabled_content']; } // The only special case is 'html', which doesn't need to close things. if (!empty($tag['block_level']) && $tag['tag'] != 'html' && empty($inside['block_level'])) { $n = count($open_tags) - 1; while (empty($open_tags[$n]['block_level']) && $n >= 0) $n--; // Close all the non block level tags so this tag isn't surrounded by them. for ($i = count($open_tags) - 1; $i > $n; $i--) { $message = substr($message, 0, $pos) . "\n" . $open_tags[$i]['after'] . "\n" . substr($message, $pos); $pos += strlen($open_tags[$i]['after']) + 2; $pos1 += strlen($open_tags[$i]['after']) + 2; // Trim or eat trailing stuff... see comment at the end of the big loop. if (!empty($open_tags[$i]['block_level']) && substr($message, $pos, 6) == '
') $message = substr($message, 0, $pos) . substr($message, $pos + 6); if (!empty($open_tags[$i]['trim']) && $tag['trim'] != 'inside' && preg_match('~(
| |\s)*~', substr($message, $pos), $matches) != 0) $message = substr($message, 0, $pos) . substr($message, $pos + strlen($matches[0])); array_pop($open_tags); } } // No type means 'parsed_content'. if (!isset($tag['type'])) { // @todo Check for end tag first, so people can say "I like that [i] tag"? $open_tags[] = $tag; $message = substr($message, 0, $pos) . "\n" . $tag['before'] . "\n" . substr($message, $pos1); $pos += strlen($tag['before']) - 1 + 2; } // Don't parse the content, just skip it. elseif ($tag['type'] == 'unparsed_content') { $pos2 = stripos($message, '[/' . substr($message, $pos + 1, strlen($tag['tag'])) . ']', $pos1); if ($pos2 === false) continue; $data = substr($message, $pos1, $pos2 - $pos1); if (!empty($tag['block_level']) && substr($data, 0, 6) == '
') $data = substr($data, 6); if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); $code = strtr($tag['content'], array('$1' => $data)); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + 3 + strlen($tag['tag'])); $pos += strlen($code) - 1 + 2; $last_pos = $pos + 1; } // Don't parse the content, just skip it. elseif ($tag['type'] == 'unparsed_equals_content') { // The value may be quoted for some tags - check. if (isset($tag['quoted'])) { $quoted = substr($message, $pos1, 6) == '"'; if ($tag['quoted'] != 'optional' && !$quoted) continue; if ($quoted) $pos1 += 6; } else $quoted = false; $pos2 = strpos($message, $quoted == false ? ']' : '"]', $pos1); if ($pos2 === false) continue; $pos3 = stripos($message, '[/' . substr($message, $pos + 1, strlen($tag['tag'])) . ']', $pos2); if ($pos3 === false) continue; $data = array( substr($message, $pos2 + ($quoted == false ? 1 : 7), $pos3 - ($pos2 + ($quoted == false ? 1 : 7))), substr($message, $pos1, $pos2 - $pos1) ); if (!empty($tag['block_level']) && substr($data[0], 0, 6) == '
') $data[0] = substr($data[0], 6); // Validation for my parking, please! if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); $code = strtr($tag['content'], array('$1' => $data[0], '$2' => $data[1])); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos3 + 3 + strlen($tag['tag'])); $pos += strlen($code) - 1 + 2; } // A closed tag, with no content or value. elseif ($tag['type'] == 'closed') { $pos2 = strpos($message, ']', $pos); $message = substr($message, 0, $pos) . "\n" . $tag['content'] . "\n" . substr($message, $pos2 + 1); $pos += strlen($tag['content']) - 1 + 2; } // This one is sorta ugly... :/. Unfortunately, it's needed for flash. elseif ($tag['type'] == 'unparsed_commas_content') { $pos2 = strpos($message, ']', $pos1); if ($pos2 === false) continue; $pos3 = stripos($message, '[/' . substr($message, $pos + 1, strlen($tag['tag'])) . ']', $pos2); if ($pos3 === false) continue; // We want $1 to be the content, and the rest to be csv. $data = explode(',', ',' . substr($message, $pos1, $pos2 - $pos1)); $data[0] = substr($message, $pos2 + 1, $pos3 - $pos2 - 1); if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); $code = $tag['content']; foreach ($data as $k => $d) $code = strtr($code, array('$' . ($k + 1) => trim($d))); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos3 + 3 + strlen($tag['tag'])); $pos += strlen($code) - 1 + 2; } // This has parsed content, and a csv value which is unparsed. elseif ($tag['type'] == 'unparsed_commas') { $pos2 = strpos($message, ']', $pos1); if ($pos2 === false) continue; $data = explode(',', substr($message, $pos1, $pos2 - $pos1)); if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); // Fix after, for disabled code mainly. foreach ($data as $k => $d) $tag['after'] = strtr($tag['after'], array('$' . ($k + 1) => trim($d))); $open_tags[] = $tag; // Replace them out, $1, $2, $3, $4, etc. $code = $tag['before']; foreach ($data as $k => $d) $code = strtr($code, array('$' . ($k + 1) => trim($d))); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + 1); $pos += strlen($code) - 1 + 2; } // A tag set to a value, parsed or not. elseif ($tag['type'] == 'unparsed_equals' || $tag['type'] == 'parsed_equals') { // The value may be quoted for some tags - check. if (isset($tag['quoted'])) { $quoted = substr($message, $pos1, 6) == '"'; if ($tag['quoted'] != 'optional' && !$quoted) continue; if ($quoted) $pos1 += 6; } else $quoted = false; $pos2 = strpos($message, $quoted == false ? ']' : '"]', $pos1); if ($pos2 === false) continue; $data = substr($message, $pos1, $pos2 - $pos1); // Validation for my parking, please! if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); // For parsed content, we must recurse to avoid security problems. if ($tag['type'] != 'unparsed_equals') $data = parse_bbc($data, !empty($tag['parsed_tags_allowed']) ? false : true, '', !empty($tag['parsed_tags_allowed']) ? $tag['parsed_tags_allowed'] : array()); $tag['after'] = strtr($tag['after'], array('$1' => $data)); $open_tags[] = $tag; $code = strtr($tag['before'], array('$1' => $data)); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + ($quoted == false ? 1 : 7)); $pos += strlen($code) - 1 + 2; } // If this is block level, eat any breaks after it. if (!empty($tag['block_level']) && substr($message, $pos + 1, 6) == '
') $message = substr($message, 0, $pos + 1) . substr($message, $pos + 7); // Are we trimming outside this tag? if (!empty($tag['trim']) && $tag['trim'] != 'outside' && preg_match('~(
| |\s)*~', substr($message, $pos + 1), $matches) != 0) $message = substr($message, 0, $pos + 1) . substr($message, $pos + 1 + strlen($matches[0])); } // Close any remaining tags. while ($tag = array_pop($open_tags)) $message .= "\n" . $tag['after'] . "\n"; // Parse the smileys within the parts where it can be done safely. if ($smileys === true) { $message_parts = explode("\n", $message); for ($i = 0, $n = count($message_parts); $i < $n; $i += 2) parsesmileys($message_parts[$i]); $message = implode('', $message_parts); } // No smileys, just get rid of the markers. else $message = strtr($message, array("\n" => '')); if (substr($message, 0, 1) == ' ') $message = ' ' . substr($message, 1); // Cleanup whitespace. $message = strtr($message, array(' ' => '  ', "\r" => '', "\n" => '
', '
' => '
 ', ' ' => "\n")); // Allow mods access to what parse_bbc created call_integration_hook('integrate_post_parsebbc', array(&$message, &$smileys, &$cache_id, &$parse_tags)); // Cache the output if it took some time... if (isset($cache_key, $cache_t) && array_sum(explode(' ', microtime())) - array_sum(explode(' ', $cache_t)) > 0.05) cache_put_data($cache_key, $message, 240); // If this was a force parse revert if needed. if (!empty($parse_tags)) { if (empty($temp_bbc)) $bbc_codes = array(); else { $bbc_codes = $temp_bbc; unset($temp_bbc); } } return $message; } /** * Parse smileys in the passed message. * * The smiley parsing function which makes pretty faces appear :). * If custom smiley sets are turned off by smiley_enable, the default set of smileys will be used. * These are specifically not parsed in code tags [url=mailto:Dad@blah.com] * Caches the smileys from the database or array in memory. * Doesn't return anything, but rather modifies message directly. * * @param string &$message */ function parsesmileys(&$message) { global $modSettings, $txt, $user_info, $context, $smcFunc; static $smileyPregSearch = null, $smileyPregReplacements = array(); // No smiley set at all?! if ($user_info['smiley_set'] == 'none' || trim($message) == '') return; // If smileyPregSearch hasn't been set, do it now. if (empty($smileyPregSearch)) { // Use the default smileys if it is disabled. (better for "portability" of smileys.) if (empty($modSettings['smiley_enable'])) { $smileysfrom = array('>:D', ':D', '::)', '>:(', ':))', ':)', ';)', ';D', ':(', ':o', '8)', ':P', '???', ':-[', ':-X', ':-*', ':\'(', ':-\\', '^-^', 'O0', 'C:-)', '0:)'); $smileysto = array('evil.gif', 'cheesy.gif', 'rolleyes.gif', 'angry.gif', 'laugh.gif', 'smiley.gif', 'wink.gif', 'grin.gif', 'sad.gif', 'shocked.gif', 'cool.gif', 'tongue.gif', 'huh.gif', 'embarrassed.gif', 'lipsrsealed.gif', 'kiss.gif', 'cry.gif', 'undecided.gif', 'azn.gif', 'afro.gif', 'police.gif', 'angel.gif'); $smileysdescs = array('', $txt['icon_cheesy'], $txt['icon_rolleyes'], $txt['icon_angry'], '', $txt['icon_smiley'], $txt['icon_wink'], $txt['icon_grin'], $txt['icon_sad'], $txt['icon_shocked'], $txt['icon_cool'], $txt['icon_tongue'], $txt['icon_huh'], $txt['icon_embarrassed'], $txt['icon_lips'], $txt['icon_kiss'], $txt['icon_cry'], $txt['icon_undecided'], '', '', '', ''); } else { // Load the smileys in reverse order by length so they don't get parsed wrong. if (($temp = cache_get_data('parsing_smileys', 480)) == null) { $result = $smcFunc['db_query']('', ' SELECT code, filename, description FROM {db_prefix}smileys', array( ) ); $smileysfrom = array(); $smileysto = array(); $smileysdescs = array(); while ($row = $smcFunc['db_fetch_assoc']($result)) { $smileysfrom[] = $row['code']; $smileysto[] = $row['filename']; $smileysdescs[] = $row['description']; } $smcFunc['db_free_result']($result); cache_put_data('parsing_smileys', array($smileysfrom, $smileysto, $smileysdescs), 480); } else list ($smileysfrom, $smileysto, $smileysdescs) = $temp; } // The non-breaking-space is a complex thing... $non_breaking_space = $context['utf8'] ? '\x{A0}' : '\xA0'; // This smiley regex makes sure it doesn't parse smileys within code tags (so [url=mailto:David@bla.com] doesn't parse the :D smiley) $smileyPregReplacements = array(); $searchParts = array(); for ($i = 0, $n = count($smileysfrom); $i < $n; $i++) { $smileyCode = ''; $smileyPregReplacements[$smileysfrom[$i]] = $smileyCode; $searchParts[] = preg_quote($smileysfrom[$i], '~'); if ($smileysfrom[$i] != ($specialChars = htmlspecialchars($smileysfrom[$i], ENT_QUOTES))) { $smileyPregReplacements[$specialChars] = $smileyCode; $searchParts[] = preg_quote($specialChars, '~'); } } $smileyPregSearch = '~(?<=[>:\?\.\s' . $non_breaking_space . '[\]()*\\\;]|^)(' . implode('|', $searchParts) . ')(?=[^[:alpha:]0-9]|$)~e' . ($context['utf8'] ? 'u' : ''); } // Replace away! $message = preg_replace($smileyPregSearch, '$smileyPregReplacements[\'$1\']', $message); } /** * Highlight any code. * * Uses PHP's highlight_string() to highlight PHP syntax * does special handling to keep the tabs in the code available. * used to parse PHP code from inside [code] and [php] tags. * * @param string $code * @return string the code with highlighted HTML. */ function highlight_php_code($code) { global $context; // Remove special characters. $code = un_htmlspecialchars(strtr($code, array('
' => "\n", "\t" => 'SMF_TAB();', '[' => '['))); $oldlevel = error_reporting(0); $buffer = str_replace(array("\n", "\r"), '', @highlight_string($code, true)); error_reporting($oldlevel); // Yes, I know this is kludging it, but this is the best way to preserve tabs from PHP :P. $buffer = preg_replace('~SMF_TAB(?:<(?:font color|span style)="[^"]*?">)?\\(\\);~', '

' . "\t" . '

', $buffer); return strtr($buffer, array('\'' => ''', '' => '', '' => '')); } /** * Make sure the browser doesn't come back and repost the form data. * Should be used whenever anything is posted. * * @param string $setLocation = '' * @param bool $refresh = false */ function redirectexit($setLocation = '', $refresh = false) { global $scripturl, $context, $modSettings, $db_show_debug, $db_cache; // In case we have mail to send, better do that - as obExit doesn't always quite make it... if (!empty($context['flush_mail'])) // @todo this relies on 'flush_mail' being only set in AddMailQueue itself... :\ AddMailQueue(true); $add = preg_match('~^(ftp|http)[s]?://~', $setLocation) == 0 && substr($setLocation, 0, 6) != 'about:'; if (WIRELESS) { // Add the scripturl on if needed. if ($add) $setLocation = $scripturl . '?' . $setLocation; $char = strpos($setLocation, '?') === false ? '?' : ';'; if (strpos($setLocation, '#') !== false) $setLocation = strtr($setLocation, array('#' => $char . WIRELESS_PROTOCOL . '#')); else $setLocation .= $char . WIRELESS_PROTOCOL; } elseif ($add) $setLocation = $scripturl . ($setLocation != '' ? '?' . $setLocation : ''); // Put the session ID in. if (defined('SID') && SID != '') $setLocation = preg_replace('/^' . preg_quote($scripturl, '/') . '(?!\?' . preg_quote(SID, '/') . ')\\??/', $scripturl . '?' . SID . ';', $setLocation); // Keep that debug in their for template debugging! elseif (isset($_GET['debug'])) $setLocation = preg_replace('/^' . preg_quote($scripturl, '/') . '\\??/', $scripturl . '?debug;', $setLocation); if (!empty($modSettings['queryless_urls']) && (empty($context['server']['is_cgi']) || ini_get('cgi.fix_pathinfo') == 1 || @get_cfg_var('cgi.fix_pathinfo') == 1) && (!empty($context['server']['is_apache']) || !empty($context['server']['is_lighttpd']) || !empty($context['server']['is_litespeed']))) { if (defined('SID') && SID != '') $setLocation = preg_replace('/^' . preg_quote($scripturl, '/') . '\?(?:' . SID . '(?:;|&|&))((?:board|topic)=[^#]+?)(#[^"]*?)?$/e', "\$scripturl . '/' . strtr('\$1', '&;=', '//,') . '.html?' . SID . '\$2'", $setLocation); else $setLocation = preg_replace('/^' . preg_quote($scripturl, '/') . '\?((?:board|topic)=[^#"]+?)(#[^"]*?)?$/e', "\$scripturl . '/' . strtr('\$1', '&;=', '//,') . '.html\$2'", $setLocation); } // Maybe integrations want to change where we are heading? call_integration_hook('integrate_redirect', array(&$setLocation, &$refresh)); // We send a Refresh header only in special cases because Location looks better. (and is quicker...) if ($refresh && !WIRELESS) header('Refresh: 0; URL=' . strtr($setLocation, array(' ' => '%20'))); else header('Location: ' . str_replace(' ', '%20', $setLocation)); // Debugging. if (isset($db_show_debug) && $db_show_debug === true) $_SESSION['debug_redirect'] = $db_cache; obExit(false); } /** * Ends execution. Takes care of template loading and remembering the previous URL. * @param bool $header = null * @param bool $do_footer = null * @param bool $from_index = false * @param bool $from_fatal_error = false */ function obExit($header = null, $do_footer = null, $from_index = false, $from_fatal_error = false) { global $context, $settings, $modSettings, $txt, $smcFunc; static $header_done = false, $footer_done = false, $level = 0, $has_fatal_error = false; // Attempt to prevent a recursive loop. ++$level; if ($level > 1 && !$from_fatal_error && !$has_fatal_error) exit; if ($from_fatal_error) $has_fatal_error = true; // Clear out the stat cache. trackStats(); // If we have mail to send, send it. if (!empty($context['flush_mail'])) // @todo this relies on 'flush_mail' being only set in AddMailQueue itself... :\ AddMailQueue(true); $do_header = $header === null ? !$header_done : $header; if ($do_footer === null) $do_footer = $do_header; // Has the template/header been done yet? if ($do_header) { // Was the page title set last minute? Also update the HTML safe one. if (!empty($context['page_title']) && empty($context['page_title_html_safe'])) $context['page_title_html_safe'] = $smcFunc['htmlspecialchars'](un_htmlspecialchars($context['page_title'])) . (!empty($context['current_page']) ? ' - ' . $txt['page'] . ' ' . ($context['current_page'] + 1) : ''); // Start up the session URL fixer. ob_start('ob_sessrewrite'); if (!empty($settings['output_buffers']) && is_string($settings['output_buffers'])) $buffers = explode(',', $settings['output_buffers']); elseif (!empty($settings['output_buffers'])) $buffers = $settings['output_buffers']; else $buffers = array(); if (isset($modSettings['integrate_buffer'])) $buffers = array_merge(explode(',', $modSettings['integrate_buffer']), $buffers); if (!empty($buffers)) foreach ($buffers as $function) { $function = trim($function); $call = strpos($function, '::') !== false ? explode('::', $function) : $function; // Is it valid? if (is_callable($call)) ob_start($call); } // Display the screen in the logical order. template_header(); $header_done = true; } if ($do_footer) { if (WIRELESS && !isset($context['sub_template'])) fatal_lang_error('wireless_error_notyet', false); // Just show the footer, then. loadSubTemplate(isset($context['sub_template']) ? $context['sub_template'] : 'main'); // Anything special to put out? if (!empty($context['insert_after_template']) && !isset($_REQUEST['xml'])) echo $context['insert_after_template']; // Just so we don't get caught in an endless loop of errors from the footer... if (!$footer_done) { $footer_done = true; template_footer(); // (since this is just debugging... it's okay that it's after .) if (!isset($_REQUEST['xml'])) displayDebug(); } } // Remember this URL in case someone doesn't like sending HTTP_REFERER. if (strpos($_SERVER['REQUEST_URL'], 'action=dlattach') === false && strpos($_SERVER['REQUEST_URL'], 'action=viewsmfile') === false) $_SESSION['old_url'] = $_SERVER['REQUEST_URL']; // For session check verification.... don't switch browsers... $_SESSION['USER_AGENT'] = empty($_SERVER['HTTP_USER_AGENT']) ? '' : $_SERVER['HTTP_USER_AGENT']; if (!empty($settings['strict_doctype'])) { // The theme author wants to use the STRICT doctype (only God knows why). $temp = ob_get_contents(); ob_clean(); echo strtr($temp, array( 'var smf_iso_case_folding' => 'var target_blank = \'_blank\'; var smf_iso_case_folding', 'target="_blank"' => 'onclick="this.target=target_blank"')); } // Hand off the output to the portal, etc. we're integrated with. call_integration_hook('integrate_exit', array($do_footer && !WIRELESS)); // Don't exit if we're coming from index.php; that will pass through normally. if (!$from_index || WIRELESS) exit; } /** * Get the size of a specified image with better error handling. * @todo see if it's better in Subs-Graphics, but one step at the time. * Uses getimagesize() to determine the size of a file. * Attempts to connect to the server first so it won't time out. * * @param string $url * @return array or false, the image size as array (width, height), or false on failure */ function url_image_size($url) { global $sourcedir; // Make sure it is a proper URL. $url = str_replace(' ', '%20', $url); // Can we pull this from the cache... please please? if (($temp = cache_get_data('url_image_size-' . md5($url), 240)) !== null) return $temp; $t = microtime(); // Get the host to pester... preg_match('~^\w+://(.+?)/(.*)$~', $url, $match); // Can't figure it out, just try the image size. if ($url == '' || $url == 'http://' || $url == 'https://') { return false; } elseif (!isset($match[1])) { $size = @getimagesize($url); } else { // Try to connect to the server... give it half a second. $temp = 0; $fp = @fsockopen($match[1], 80, $temp, $temp, 0.5); // Successful? Continue... if ($fp != false) { // Send the HEAD request (since we don't have to worry about chunked, HTTP/1.1 is fine here.) fwrite($fp, 'HEAD /' . $match[2] . ' HTTP/1.1' . "\r\n" . 'Host: ' . $match[1] . "\r\n" . 'User-Agent: PHP/SMF' . "\r\n" . 'Connection: close' . "\r\n\r\n"); // Read in the HTTP/1.1 or whatever. $test = substr(fgets($fp, 11), -1); fclose($fp); // See if it returned a 404/403 or something. if ($test < 4) { $size = @getimagesize($url); // This probably means allow_url_fopen is off, let's try GD. if ($size === false && function_exists('imagecreatefromstring')) { include_once($sourcedir . '/Subs-Package.php'); // It's going to hate us for doing this, but another request... $image = @imagecreatefromstring(fetch_web_data($url)); if ($image !== false) { $size = array(imagesx($image), imagesy($image)); imagedestroy($image); } } } } } // If we didn't get it, we failed. if (!isset($size)) $size = false; // If this took a long time, we may never have to do it again, but then again we might... if (array_sum(explode(' ', microtime())) - array_sum(explode(' ', $t)) > 0.8) cache_put_data('url_image_size-' . md5($url), $size, 240); // Didn't work. return $size; } /** * Sets the class of the current topic based on is_very_hot, veryhot, hot, etc * * @param array &$topic_context */ function determineTopicClass(&$topic_context) { // Set topic class depending on locked status and number of replies. if ($topic_context['is_very_hot']) $topic_context['class'] = 'veryhot'; elseif ($topic_context['is_hot']) $topic_context['class'] = 'hot'; else $topic_context['class'] = 'normal'; $topic_context['class'] .= $topic_context['is_poll'] ? '_poll' : '_post'; if ($topic_context['is_locked']) $topic_context['class'] .= '_locked'; if ($topic_context['is_sticky']) $topic_context['class'] .= '_sticky'; // This is so old themes will still work. $topic_context['extended_class'] = &$topic_context['class']; } /** * Sets up the basic theme context stuff. * @param bool $forceload = false */ function setupThemeContext($forceload = false) { global $modSettings, $user_info, $scripturl, $context, $settings, $options, $txt, $maintenance; global $user_settings, $smcFunc; static $loaded = false; // Under SSI this function can be called more then once. That can cause some problems. // So only run the function once unless we are forced to run it again. if ($loaded && !$forceload) return; $loaded = true; $context['in_maintenance'] = !empty($maintenance); $context['current_time'] = timeformat(time(), false); $context['current_action'] = isset($_GET['action']) ? $_GET['action'] : ''; $context['show_quick_login'] = !empty($modSettings['enableVBStyleLogin']) && $user_info['is_guest']; // Get some news... $context['news_lines'] = explode("\n", str_replace("\r", '', trim(addslashes($modSettings['news'])))); $context['fader_news_lines'] = array(); for ($i = 0, $n = count($context['news_lines']); $i < $n; $i++) { if (trim($context['news_lines'][$i]) == '') continue; // Clean it up for presentation ;). $context['news_lines'][$i] = parse_bbc(stripslashes(trim($context['news_lines'][$i])), true, 'news' . $i); // Gotta be special for the javascript. $context['fader_news_lines'][$i] = strtr(addslashes($context['news_lines'][$i]), array('/' => '\/', ' (isset($_SESSION['unread_messages']) ? $_SESSION['unread_messages'] : 0)) $context['user']['popup_messages'] = true; else $context['user']['popup_messages'] = false; $_SESSION['unread_messages'] = $user_info['unread_messages']; if (allowedTo('moderate_forum')) $context['unapproved_members'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 2) || !empty($modSettings['approveAccountDeletion']) ? $modSettings['unapprovedMembers'] : 0; $context['show_open_reports'] = empty($user_settings['mod_prefs']) || $user_settings['mod_prefs'][0] == 1; $context['user']['avatar'] = array(); // Figure out the avatar... uploaded? if ($user_info['avatar']['url'] == '' && !empty($user_info['avatar']['id_attach'])) $context['user']['avatar']['href'] = $user_info['avatar']['custom_dir'] ? $modSettings['custom_avatar_url'] . '/' . $user_info['avatar']['filename'] : $scripturl . '?action=dlattach;attach=' . $user_info['avatar']['id_attach'] . ';type=avatar'; // Full URL? elseif (substr($user_info['avatar']['url'], 0, 7) == 'http://') { $context['user']['avatar']['href'] = $user_info['avatar']['url']; if ($modSettings['avatar_action_too_large'] == 'option_html_resize' || $modSettings['avatar_action_too_large'] == 'option_js_resize') { if (!empty($modSettings['avatar_max_width_external'])) $context['user']['avatar']['width'] = $modSettings['avatar_max_width_external']; if (!empty($modSettings['avatar_max_height_external'])) $context['user']['avatar']['height'] = $modSettings['avatar_max_height_external']; } } // Otherwise we assume it's server stored? elseif ($user_info['avatar']['url'] != '') $context['user']['avatar']['href'] = $modSettings['avatar_url'] . '/' . htmlspecialchars($user_info['avatar']['url']); if (!empty($context['user']['avatar'])) $context['user']['avatar']['image'] = ''; // Figure out how long they've been logged in. $context['user']['total_time_logged_in'] = array( 'days' => floor($user_info['total_time_logged_in'] / 86400), 'hours' => floor(($user_info['total_time_logged_in'] % 86400) / 3600), 'minutes' => floor(($user_info['total_time_logged_in'] % 3600) / 60) ); } else { $context['user']['messages'] = 0; $context['user']['unread_messages'] = 0; $context['user']['avatar'] = array(); $context['user']['total_time_logged_in'] = array('days' => 0, 'hours' => 0, 'minutes' => 0); $context['user']['popup_messages'] = false; if (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1) $txt['welcome_guest'] .= $txt['welcome_guest_activate']; // If we've upgraded recently, go easy on the passwords. if (!empty($modSettings['disableHashTime']) && ($modSettings['disableHashTime'] == 1 || time() < $modSettings['disableHashTime'])) $context['disable_login_hashing'] = true; } // Setup the main menu items. setupMenuContext(); if (empty($settings['theme_version'])) $context['show_vBlogin'] = $context['show_quick_login']; // This is here because old index templates might still use it. $context['show_news'] = !empty($settings['enable_news']); // This is done to allow theme authors to customize it as they want. $context['show_pm_popup'] = $context['user']['popup_messages'] && !empty($options['popup_messages']) && (!isset($_REQUEST['action']) || $_REQUEST['action'] != 'pm'); // 2.1+: Add the PM popup here instead. Theme authors can still override it simply by editing/removing the 'fPmPopup' in the array. if($context['show_pm_popup']) addInlineJavascript(' $(document).ready(function(){ new smc_Popup({ heading: ' . JavaScriptEscape($txt['show_personal_messages_heading']) . ', content: ' . JavaScriptEscape(sprintf($txt['show_personal_messages'], $context['user']['unread_messages'], $scripturl . '?action=pm')) . ', icon: smf_images_url + \'/im_sm_newmsg.png\' }); });'); // Resize avatars the fancy, but non-GD requiring way. if ($modSettings['avatar_action_too_large'] == 'option_js_resize' && (!empty($modSettings['avatar_max_width_external']) || !empty($modSettings['avatar_max_height_external']))) { // @todo Move this over to script.js? $context['html_headers'] .= ' '; } // This looks weird, but it's because BoardIndex.php references the variable. $context['common_stats']['latest_member'] = array( 'id' => $modSettings['latestMember'], 'name' => $modSettings['latestRealName'], 'href' => $scripturl . '?action=profile;u=' . $modSettings['latestMember'], 'link' => '' . $modSettings['latestRealName'] . '', ); $context['common_stats'] = array( 'total_posts' => comma_format($modSettings['totalMessages']), 'total_topics' => comma_format($modSettings['totalTopics']), 'total_members' => comma_format($modSettings['totalMembers']), 'latest_member' => $context['common_stats']['latest_member'], ); $context['common_stats']['boardindex_total_posts'] = sprintf($txt['boardindex_total_posts'], $context['common_stats']['total_posts'], $context['common_stats']['total_topics'], $context['common_stats']['total_members']); if (empty($settings['theme_version'])) $context['html_headers'] .= ' '; if (!isset($context['page_title'])) $context['page_title'] = ''; // Set some specific vars. $context['page_title_html_safe'] = $smcFunc['htmlspecialchars'](un_htmlspecialchars($context['page_title'])) . (!empty($context['current_page']) ? ' - ' . $txt['page'] . ' ' . ($context['current_page'] + 1) : ''); $context['meta_keywords'] = !empty($modSettings['meta_keywords']) ? $smcFunc['htmlspecialchars']($modSettings['meta_keywords']) : ''; } /** * Helper function to set the system memory to a needed value * - If the needed memory is greater than current, will attempt to get more * - if in_use is set to true, will also try to take the current memory usage in to account * * @param string $needed The amount of memory to request, if needed, like 256M * @param bool $in_use Set to true to account for current memory usage of the script * @return bool, true if we have at least the needed memory */ function setMemoryLimit($needed, $in_use = false) { // everything in bytes $memory_used = 0; $memory_current = memoryReturnBytes(ini_get('memory_limit')); $memory_needed = memoryReturnBytes($needed); // should we account for how much is currently being used? if ($in_use) $memory_needed += function_exists('memory_get_usage') ? memory_get_usage() : (2 * 1048576); // if more is needed, request it if ($memory_current < $memory_needed) { @ini_set('memory_limit', ceil($memory_needed / 1048576) . 'M'); $memory_current = memoryReturnBytes(ini_get('memory_limit')); } $memory_current = max($memory_current, memoryReturnBytes(get_cfg_var('memory_limit'))); // return success or not return (bool) ($memory_current >= $memory_needed); } /** * Helper function to convert memory string settings to bytes * * @param string $val The byte string, like 256M or 1G * @return integer The string converted to a proper integer in bytes */ function memoryReturnBytes($val) { if (is_integer($val)) return $val; // Separate the number from the designator $val = trim($val); $num = intval(substr($val, 0, strlen($val) - 1)); $last = strtolower(substr($val, -1)); // convert to bytes switch ($last) { case 'g': $num *= 1024; case 'm': $num *= 1024; case 'k': $num *= 1024; } return $num; } /** * This is the only template included in the sources. */ function template_rawdata() { global $context; echo $context['raw_data']; } /** * */ function template_header() { global $txt, $modSettings, $context, $settings, $user_info, $boarddir, $cachedir; setupThemeContext(); // Print stuff to prevent caching of pages (except on attachment errors, etc.) if (empty($context['no_last_modified'])) { header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); // Are we debugging the template/html content? if (!isset($_REQUEST['xml']) && isset($_GET['debug']) && !isBrowser('ie') && !WIRELESS) header('Content-Type: application/xhtml+xml'); elseif (!isset($_REQUEST['xml']) && !WIRELESS) header('Content-Type: text/html; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set'])); } header('Content-Type: text/' . (isset($_REQUEST['xml']) ? 'xml' : 'html') . '; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set'])); $checked_securityFiles = false; $showed_banned = false; foreach ($context['template_layers'] as $layer) { loadSubTemplate($layer . '_above', true); // May seem contrived, but this is done in case the body and main layer aren't there... if (in_array($layer, array('body', 'main')) && allowedTo('admin_forum') && !$user_info['is_guest'] && !$checked_securityFiles) { $checked_securityFiles = true; // @todo add a hook here $securityFiles = array('install.php', 'webinstall.php', 'upgrade.php', 'convert.php', 'repair_paths.php', 'repair_settings.php', 'Settings.php~', 'Settings_bak.php~'); foreach ($securityFiles as $i => $securityFile) { if (!file_exists($boarddir . '/' . $securityFile)) unset($securityFiles[$i]); } // We are already checking so many files...just few more doesn't make any difference! :P if (!empty($modSettings['currentAttachmentUploadDir'])) { if (!is_array($modSettings['attachmentUploadDir'])) $modSettings['attachmentUploadDir'] = @unserialize($modSettings['attachmentUploadDir']); $path = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']]; } else { $path = $modSettings['attachmentUploadDir']; $id_folder_thumb = 1; } secureDirectory($path, true); secureDirectory($cachedir); // If agreement is enabled, at least the english version shall exists if ($modSettings['requireAgreement']) $agreement = !file_exists($boarddir . '/agreement.txt'); if (!empty($securityFiles) || (!empty($modSettings['cache_enable']) && !is_writable($cachedir)) || !empty($agreement)) { echo '

!!

', empty($securityFiles) ? $txt['generic_warning'] : $txt['security_risk'], '

'; foreach ($securityFiles as $securityFile) { echo ' ', $txt['not_removed'], '', $securityFile, '!
'; if ($securityFile == 'Settings.php~' || $securityFile == 'Settings_bak.php~') echo ' ', sprintf($txt['not_removed_extra'], $securityFile, substr($securityFile, 0, -1)), '
'; } if (!empty($modSettings['cache_enable']) && !is_writable($cachedir)) echo ' ', $txt['cache_writable'], '
'; if (!empty($agreement)) echo ' ', $txt['agreement_missing'], '
'; echo '

'; } } // If the user is banned from posting inform them of it. elseif (in_array($layer, array('main', 'body')) && isset($_SESSION['ban']['cannot_post']) && !$showed_banned) { $showed_banned = true; echo '

', sprintf($txt['you_are_post_banned'], $user_info['is_guest'] ? $txt['guest_title'] : $user_info['name']); if (!empty($_SESSION['ban']['cannot_post']['reason'])) echo '

', $_SESSION['ban']['cannot_post']['reason'], '

'; if (!empty($_SESSION['ban']['expire_time'])) echo '

', sprintf($txt['your_ban_expires'], timeformat($_SESSION['ban']['expire_time'], false)), '

'; else echo '

', $txt['your_ban_expires_never'], '

'; echo '

'; } } if (isset($settings['use_default_images']) && $settings['use_default_images'] == 'defaults' && isset($settings['default_template'])) { $settings['theme_url'] = $settings['default_theme_url']; $settings['images_url'] = $settings['default_images_url']; $settings['theme_dir'] = $settings['default_theme_dir']; } } /** * Show the copyright. */ function theme_copyright() { global $forum_copyright, $context, $boardurl, $forum_version, $txt, $modSettings; // Don't display copyright for things like SSI. if (!isset($forum_version)) return; // Put in the version... $forum_copyright = sprintf($forum_copyright, $forum_version); echo ' ' . $forum_copyright . ' '; } /** * */ function template_footer() { global $context, $settings, $modSettings, $time_start, $db_count; // Show the load time? (only makes sense for the footer.) $context['show_load_time'] = !empty($modSettings['timeLoadPageEnable']); $context['load_time'] = round(array_sum(explode(' ', microtime())) - array_sum(explode(' ', $time_start)), 3); $context['load_queries'] = $db_count; if (isset($settings['use_default_images']) && $settings['use_default_images'] == 'defaults' && isset($settings['default_template'])) { $settings['theme_url'] = $settings['actual_theme_url']; $settings['images_url'] = $settings['actual_images_url']; $settings['theme_dir'] = $settings['actual_theme_dir']; } foreach (array_reverse($context['template_layers']) as $layer) loadSubTemplate($layer . '_below', true); } /** * Output the Javascript files * - tabbing in this function is to make the HTML source look good proper * - if defered is set function will output all JS (source & inline) set to load at page end * * @param bool $do_defered = false */ function template_javascript($do_defered = false) { global $context, $modSettings, $settings; // Use this hook to minify/optimize Javascript files and vars call_integration_hook('pre_javascript_output'); // Ouput the declared Javascript variables. if (!empty($context['javascript_vars']) && !$do_defered) { echo ' '; } // While we have Javascript files to place in the template foreach ($context['javascript_files'] as $id => $js_file) { if ((!$do_defered && empty($js_file['options']['defer'])) || ($do_defered && !empty($js_file['options']['defer']))) echo ' '; // If we are loading JQuery and we are set to 'auto' load, put in our remote success or load local check if ($id == 'jquery' && (!isset($modSettings['jquery_source']) || !in_array($modSettings['jquery_source'],array('local', 'cdn')))) echo ' '; } // Inline JavaScript - Actually useful some times! if (!empty($context['javascript_inline'])) { if (!empty($context['javascript_inline']['defer']) && $do_defered) { echo ' '; } if (!empty($context['javascript_inline']['standard']) && !$do_defered) { echo ' '; } } } /** * Output the CSS files */ function template_css() { global $context; // Use this hook to minify/optimize CSS files call_integration_hook('pre_css_output'); foreach ($context['css_files'] as $id => $file) echo ' '; } /** * Get an attachment's encrypted filename. If $new is true, won't check for file existence. * @todo this currently returns the hash if new, and the full filename otherwise. * Something messy like that. * @todo and of course everything relies on this behavior and work around it. :P. * Converters included. * * @param $filename * @param $attachment_id * @param $dir * @param $new * @param $file_hash */ function getAttachmentFilename($filename, $attachment_id, $dir = null, $new = false, $file_hash = '') { global $modSettings, $smcFunc; // Just make up a nice hash... if ($new) return sha1(md5($filename . time()) . mt_rand()); // Grab the file hash if it wasn't added. // @todo: Locate all places that don't call a hash and fix that. if ($file_hash === '') { $request = $smcFunc['db_query']('', ' SELECT file_hash FROM {db_prefix}attachments WHERE id_attach = {int:id_attach}', array( 'id_attach' => $attachment_id, )); if ($smcFunc['db_num_rows']($request) === 0) return false; list ($file_hash) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); } // In case of files from the old system, do a legacy call. if (empty($file_hash)) return getLegacyAttachmentFilename($filename, $attachment_id, $dir, $new); // Are we using multiple directories? if (!empty($modSettings['currentAttachmentUploadDir'])) { if (!is_array($modSettings['attachmentUploadDir'])) $modSettings['attachmentUploadDir'] = unserialize($modSettings['attachmentUploadDir']); $path = $modSettings['attachmentUploadDir'][$dir]; } else $path = $modSettings['attachmentUploadDir']; return $path . '/' . $attachment_id . '_' . $file_hash; } /** * Older attachments may still use this function. * * @param $filename * @param $attachment_id * @param $dir * @param $new */ function getLegacyAttachmentFilename($filename, $attachment_id, $dir = null, $new = false) { global $modSettings, $db_character_set; $clean_name = $filename; // Remove international characters (windows-1252) // These lines should never be needed again. Still, behave. if (empty($db_character_set) || $db_character_set != 'utf8') { $clean_name = strtr($filename, "\x8a\x8e\x9a\x9e\x9f\xc0\xc1\xc2\xc3\xc4\xc5\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd1\xd2\xd3\xd4\xd5\xd6\xd8\xd9\xda\xdb\xdc\xdd\xe0\xe1\xe2\xe3\xe4\xe5\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf1\xf2\xf3\xf4\xf5\xf6\xf8\xf9\xfa\xfb\xfc\xfd\xff", 'SZszYAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy'); $clean_name = strtr($clean_name, array("\xde" => 'TH', "\xfe" => 'th', "\xd0" => 'DH', "\xf0" => 'dh', "\xdf" => 'ss', "\x8c" => 'OE', // @todo My IDE is showing \c6 as a bad escape sequence. "\x9c" => 'oe', "\c6" => 'AE', "\xe6" => 'ae', "\xb5" => 'u')); } // Sorry, no spaces, dots, or anything else but letters allowed. $clean_name = preg_replace(array('/\s/', '/[^\w_\.\-]/'), array('_', ''), $clean_name); $enc_name = $attachment_id . '_' . strtr($clean_name, '.', '_') . md5($clean_name); $clean_name = preg_replace('~\.[\.]+~', '.', $clean_name); if ($attachment_id == false || ($new && empty($modSettings['attachmentEncryptFilenames']))) return $clean_name; elseif ($new) return $enc_name; // Are we using multiple directories? if (!empty($modSettings['currentAttachmentUploadDir'])) { if (!is_array($modSettings['attachmentUploadDir'])) $modSettings['attachmentUploadDir'] = unserialize($modSettings['attachmentUploadDir']); $path = $modSettings['attachmentUploadDir'][$dir]; } else $path = $modSettings['attachmentUploadDir']; if (file_exists($path . '/' . $enc_name)) $filename = $path . '/' . $enc_name; else $filename = $path . '/' . $clean_name; return $filename; } /** * Convert a single IP to a ranged IP. * internal function used to convert a user-readable format to a format suitable for the database. * * @param string $fullip * @return array|string 'unknown' if the ip in the input was '255.255.255.255' */ function ip2range($fullip) { // If its IPv6, validate it first. if (isValidIPv6($fullip) !== false) { $ip_parts = explode(':', expandIPv6($fullip, false)); $ip_array = array(); if (count($ip_parts) != 8) return array(); for ($i = 0; $i < 8; $i++) { if ($ip_parts[$i] == '*') $ip_array[$i] = array('low' => '0', 'high' => hexdec('ffff')); elseif (preg_match('/^([0-9A-Fa-f]{1,4})\-([0-9A-Fa-f]{1,4})$/', $ip_parts[$i], $range) == 1) $ip_array[$i] = array('low' => hexdec($range[1]), 'high' => hexdec($range[2])); elseif (is_numeric(hexdec($ip_parts[$i]))) $ip_array[$i] = array('low' => hexdec($ip_parts[$i]), 'high' => hexdec($ip_parts[$i])); } return $ip_array; } // Pretend that 'unknown' is 255.255.255.255. (since that can't be an IP anyway.) if ($fullip == 'unknown') $fullip = '255.255.255.255'; $ip_parts = explode('.', $fullip); $ip_array = array(); if (count($ip_parts) != 4) return array(); for ($i = 0; $i < 4; $i++) { if ($ip_parts[$i] == '*') $ip_array[$i] = array('low' => '0', 'high' => '255'); elseif (preg_match('/^(\d{1,3})\-(\d{1,3})$/', $ip_parts[$i], $range) == 1) $ip_array[$i] = array('low' => $range[1], 'high' => $range[2]); elseif (is_numeric($ip_parts[$i])) $ip_array[$i] = array('low' => $ip_parts[$i], 'high' => $ip_parts[$i]); } // Makes it simpiler to work with. $ip_array[4] = array('low' => 0, 'high' => 0); $ip_array[5] = array('low' => 0, 'high' => 0); $ip_array[6] = array('low' => 0, 'high' => 0); $ip_array[7] = array('low' => 0, 'high' => 0); return $ip_array; } /** * Lookup an IP; try shell_exec first because we can do a timeout on it. * * @param string $ip */ function host_from_ip($ip) { global $modSettings; if (($host = cache_get_data('hostlookup-' . $ip, 600)) !== null) return $host; $t = microtime(); // Try the Linux host command, perhaps? if (!isset($host) && (strpos(strtolower(PHP_OS), 'win') === false || strpos(strtolower(PHP_OS), 'darwin') !== false) && mt_rand(0, 1) == 1) { if (!isset($modSettings['host_to_dis'])) $test = @shell_exec('host -W 1 ' . @escapeshellarg($ip)); else $test = @shell_exec('host ' . @escapeshellarg($ip)); // Did host say it didn't find anything? if (strpos($test, 'not found') !== false) $host = ''; // Invalid server option? elseif ((strpos($test, 'invalid option') || strpos($test, 'Invalid query name 1')) && !isset($modSettings['host_to_dis'])) updateSettings(array('host_to_dis' => 1)); // Maybe it found something, after all? elseif (preg_match('~\s([^\s]+?)\.\s~', $test, $match) == 1) $host = $match[1]; } // This is nslookup; usually only Windows, but possibly some Unix? if (!isset($host) && stripos(PHP_OS, 'win') !== false && strpos(strtolower(PHP_OS), 'darwin') === false && mt_rand(0, 1) == 1) { $test = @shell_exec('nslookup -timeout=1 ' . @escapeshellarg($ip)); if (strpos($test, 'Non-existent domain') !== false) $host = ''; elseif (preg_match('~Name:\s+([^\s]+)~', $test, $match) == 1) $host = $match[1]; } // This is the last try :/. if (!isset($host) || $host === false) $host = @gethostbyaddr($ip); // It took a long time, so let's cache it! if (array_sum(explode(' ', microtime())) - array_sum(explode(' ', $t)) > 0.5) cache_put_data('hostlookup-' . $ip, $host, 600); return $host; } /** * Chops a string into words and prepares them to be inserted into (or searched from) the database. * * @param string $text * @param int $max_chars = 20 * @param bool $encrypt = false */ function text2words($text, $max_chars = 20, $encrypt = false) { global $smcFunc, $context; // Step 1: Remove entities/things we don't consider words: $words = preg_replace('~(?:[\x0B\0' . ($context['utf8'] ? '\x{A0}' : '\xA0') . '\t\r\s\n(){}\\[\\]<>!@$%^*.,:+=`\~\?/\\\\]+|&(?:amp|lt|gt|quot);)+~' . ($context['utf8'] ? 'u' : ''), ' ', strtr($text, array('
' => ' '))); // Step 2: Entities we left to letters, where applicable, lowercase. $words = un_htmlspecialchars($smcFunc['strtolower']($words)); // Step 3: Ready to split apart and index! $words = explode(' ', $words); if ($encrypt) { $possible_chars = array_flip(array_merge(range(46, 57), range(65, 90), range(97, 122))); $returned_ints = array(); foreach ($words as $word) { if (($word = trim($word, '-_\'')) !== '') { $encrypted = substr(crypt($word, 'uk'), 2, $max_chars); $total = 0; for ($i = 0; $i < $max_chars; $i++) $total += $possible_chars[ord($encrypted{$i})] * pow(63, $i); $returned_ints[] = $max_chars == 4 ? min($total, 16777215) : $total; } } return array_unique($returned_ints); } else { // Trim characters before and after and add slashes for database insertion. $returned_words = array(); foreach ($words as $word) if (($word = trim($word, '-_\'')) !== '') $returned_words[] = $max_chars === null ? $word : substr($word, 0, $max_chars); // Filter out all words that occur more than once. return array_unique($returned_words); } } /** * Creates an image/text button * * @param string $filename * @param string $alt * @param string $label = '' * @param bool $custom = '' * @param bool $force_use = false * @return string */ function create_button($name, $alt, $label = '', $custom = '', $force_use = false) { global $settings, $txt, $context; // Does the current loaded theme have this and we are not forcing the usage of this function? if (function_exists('template_create_button') && !$force_use) return template_create_button($name, $alt, $label = '', $custom = ''); if (!$settings['use_image_buttons']) return $txt[$alt]; elseif (!empty($settings['use_buttons'])) return '' . ($label != '' ? ' ' . $txt[$label] . '' : ''); else return ''; } /** * Empty out the cache in use as best it can * * It may only remove the files of a certain type (if the $type parameter is given) * Type can be user, data or left blank * - user clears out user data * - data clears out system / opcode data * - If no type is specified will perfom a complete cache clearing * For cache engines that do not distinguish on types, a full cache flush will be done * * @param string $type = '' */ function clean_cache($type = '') { global $cachedir, $sourcedir, $cache_accelerator, $modSettings, $memcached; switch ($cache_accelerator) { case 'memcached': if (function_exists('memcache_flush') || function_exists('memcached_flush') && isset($modSettings['cache_memcached']) && trim($modSettings['cache_memcached']) != '') { // Not connected yet? if (empty($memcached)) get_memcached_server(); if (!$memcached) return; // clear it out if (function_exists('memcache_flush')) memcache_flush($memcached); else memcached_flush($memcached); } break; case 'eaccelerator': if (function_exists('eaccelerator_clear') && function_exists('eaccelerator_clean') ) { // Clean out the already expired items @eaccelerator_clean(); // Remove all unused scripts and data from shared memory and disk cache, // e.g. all data that isn't used in the current requests. eaccelerator_clear(); } case 'mmcache': if (function_exists('mmcache_gc')) { // removes all expired keys from shared memory, this is not a complete cache flush :( // @todo there is no clear function, should we try to find all of the keys and delete those? with mmcache_rm mmcache_gc(); } break; case 'apc': if (function_exists('apc_clear_cache')) { // if passed a type, clear that type out if ($type === '' || $type === 'data') { apc_clear_cache('user'); apc_clear_cache('system'); } elseif ($type === 'user') apc_clear_cache('user'); } break; case 'zend': if (function_exists('zend_shm_cache_clear')) zend_shm_cache_clear('SMF'); break; case 'xcache': if (function_exists('xcache_clear_cache')) { // if ($type === '') { xcache_clear_cache(XC_TYPE_VAR, 0); xcache_clear_cache(XC_TYPE_PHP, 0); } if ($type === 'user') xcache_clear_cache(XC_TYPE_VAR, 0); if ($type === 'data') xcache_clear_cache(XC_TYPE_PHP, 0); } break; default: // No directory = no game. if (!is_dir($cachedir)) return; // Remove the files in SMF's own disk cache, if any $dh = opendir($cachedir); while ($file = readdir($dh)) { if ($file != '.' && $file != '..' && $file != 'index.php' && $file != '.htaccess' && (!$type || substr($file, 0, strlen($type)) == $type)) @unlink($cachedir . '/' . $file); } closedir($dh); break; } // Invalidate cache, to be sure! // ... as long as Load.php can be modified, anyway. @touch($sourcedir . '/' . 'Load.php'); clearstatcache(); } /** * Load classes that are both (E_STRICT) PHP 4 and PHP 5 compatible. * - removed php4 support * - left shell in place for mod compatablily * * @param string $filename * @todo remove this function since we are no longer supporting PHP < 5 */ function loadClassFile($filename) { global $sourcedir; if (!file_exists($sourcedir . '/' . $filename)) fatal_lang_error('error_bad_file', 'general', array($sourcedir . '/' . $filename)); require_once($sourcedir . '/' . $filename); } /** * */ function setupMenuContext() { global $context, $modSettings, $user_info, $txt, $scripturl; // Set up the menu privileges. $context['allow_search'] = !empty($modSettings['allow_guestAccess']) ? allowedTo('search_posts') : (!$user_info['is_guest'] && allowedTo('search_posts')); $context['allow_admin'] = allowedTo(array('admin_forum', 'manage_boards', 'manage_permissions', 'moderate_forum', 'manage_membergroups', 'manage_bans', 'send_mail', 'edit_news', 'manage_attachments', 'manage_smileys')); $context['allow_edit_profile'] = !$user_info['is_guest'] && allowedTo(array('profile_view_own', 'profile_view_any', 'profile_identity_own', 'profile_identity_any', 'profile_extra_own', 'profile_extra_any', 'profile_remove_own', 'profile_remove_any', 'moderate_forum', 'manage_membergroups', 'profile_title_own', 'profile_title_any')); $context['allow_memberlist'] = allowedTo('view_mlist'); $context['allow_calendar'] = allowedTo('calendar_view') && !empty($modSettings['cal_enabled']); $context['allow_moderation_center'] = $context['user']['can_mod']; $context['allow_pm'] = allowedTo('pm_read'); $cacheTime = $modSettings['lastActive'] * 60; // All the buttons we can possible want and then some, try pulling the final list of buttons from cache first. if (($menu_buttons = cache_get_data('menu_buttons-' . implode('_', $user_info['groups']) . '-' . $user_info['language'], $cacheTime)) === null || time() - $cacheTime <= $modSettings['settings_updated']) { $buttons = array( 'home' => array( 'title' => $txt['home'], 'href' => $scripturl, 'show' => true, 'sub_buttons' => array( ), 'is_last' => $context['right_to_left'], ), 'help' => array( 'title' => $txt['help'], 'href' => $scripturl . '?action=help', 'show' => true, 'sub_buttons' => array( ), ), 'search' => array( 'title' => $txt['search'], 'href' => $scripturl . '?action=search', 'show' => $context['allow_search'], 'sub_buttons' => array( ), ), 'admin' => array( 'title' => $txt['admin'], 'href' => $scripturl . '?action=admin', 'show' => $context['allow_admin'], 'sub_buttons' => array( 'featuresettings' => array( 'title' => $txt['modSettings_title'], 'href' => $scripturl . '?action=admin;area=featuresettings', 'show' => allowedTo('admin_forum'), ), 'packages' => array( 'title' => $txt['package'], 'href' => $scripturl . '?action=admin;area=packages', 'show' => allowedTo('admin_forum'), ), 'errorlog' => array( 'title' => $txt['errlog'], 'href' => $scripturl . '?action=admin;area=logs;sa=errorlog;desc', 'show' => allowedTo('admin_forum') && !empty($modSettings['enableErrorLogging']), ), 'permissions' => array( 'title' => $txt['edit_permissions'], 'href' => $scripturl . '?action=admin;area=permissions', 'show' => allowedTo('manage_permissions'), 'is_last' => true, ), ), ), 'moderate' => array( 'title' => $txt['moderate'], 'href' => $scripturl . '?action=moderate', 'show' => $context['allow_moderation_center'], 'sub_buttons' => array( 'modlog' => array( 'title' => $txt['modlog_view'], 'href' => $scripturl . '?action=moderate;area=modlog', 'show' => !empty($modSettings['modlog_enabled']) && !empty($user_info['mod_cache']) && $user_info['mod_cache']['bq'] != '0=1', ), 'poststopics' => array( 'title' => $txt['mc_unapproved_poststopics'], 'href' => $scripturl . '?action=moderate;area=postmod;sa=posts', 'show' => $modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']), ), 'attachments' => array( 'title' => $txt['mc_unapproved_attachments'], 'href' => $scripturl . '?action=moderate;area=attachmod;sa=attachments', 'show' => $modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']), ), 'reports' => array( 'title' => $txt['mc_reported_posts'], 'href' => $scripturl . '?action=moderate;area=reports', 'show' => !empty($user_info['mod_cache']) && $user_info['mod_cache']['bq'] != '0=1', 'is_last' => true, ), ), ), 'profile' => array( 'title' => $txt['profile'], 'href' => $scripturl . '?action=profile', 'show' => $context['allow_edit_profile'], 'sub_buttons' => array( 'account' => array( 'title' => $txt['account'], 'href' => $scripturl . '?action=profile;area=account', 'show' => allowedTo(array('profile_identity_any', 'profile_identity_own', 'manage_membergroups')), ), 'profile' => array( 'title' => $txt['forumprofile'], 'href' => $scripturl . '?action=profile;area=forumprofile', 'show' => allowedTo(array('profile_extra_any', 'profile_extra_own')), 'is_last' => true, ), 'theme' => array( 'title' => $txt['theme'], 'href' => $scripturl . '?action=profile;area=theme', 'show' => allowedTo(array('profile_extra_any', 'profile_extra_own', 'profile_extra_any')), ), ), ), 'pm' => array( 'title' => $txt['pm_short'], 'href' => $scripturl . '?action=pm', 'show' => $context['allow_pm'], 'sub_buttons' => array( 'pm_read' => array( 'title' => $txt['pm_menu_read'], 'href' => $scripturl . '?action=pm', 'show' => allowedTo('pm_read'), ), 'pm_send' => array( 'title' => $txt['pm_menu_send'], 'href' => $scripturl . '?action=pm;sa=send', 'show' => allowedTo('pm_send'), 'is_last' => true, ), ), ), 'calendar' => array( 'title' => $txt['calendar'], 'href' => $scripturl . '?action=calendar', 'show' => $context['allow_calendar'], 'sub_buttons' => array( 'view' => array( 'title' => $txt['calendar_menu'], 'href' => $scripturl . '?action=calendar', 'show' => allowedTo('calendar_post'), ), 'post' => array( 'title' => $txt['calendar_post_event'], 'href' => $scripturl . '?action=calendar;sa=post', 'show' => allowedTo('calendar_post'), 'is_last' => true, ), ), ), 'mlist' => array( 'title' => $txt['members_title'], 'href' => $scripturl . '?action=mlist', 'show' => $context['allow_memberlist'], 'sub_buttons' => array( 'mlist_view' => array( 'title' => $txt['mlist_menu_view'], 'href' => $scripturl . '?action=mlist', 'show' => true, ), 'mlist_search' => array( 'title' => $txt['mlist_search'], 'href' => $scripturl . '?action=mlist;sa=search', 'show' => true, 'is_last' => true, ), ), ), 'login' => array( 'title' => $txt['login'], 'href' => $scripturl . '?action=login', 'show' => $user_info['is_guest'], 'sub_buttons' => array( ), ), 'register' => array( 'title' => $txt['register'], 'href' => $scripturl . '?action=register', 'show' => $user_info['is_guest'] && $context['can_register'], 'sub_buttons' => array( ), 'is_last' => !$context['right_to_left'], ), 'logout' => array( 'title' => $txt['logout'], 'href' => $scripturl . '?action=logout;%1$s=%2$s', 'show' => !$user_info['is_guest'], 'sub_buttons' => array( ), 'is_last' => !$context['right_to_left'], ), ); // Allow editing menu buttons easily. call_integration_hook('integrate_menu_buttons', array(&$buttons)); // Now we put the buttons in the context so the theme can use them. $menu_buttons = array(); foreach ($buttons as $act => $button) if (!empty($button['show'])) { $button['active_button'] = false; // This button needs some action. if (isset($button['action_hook'])) $needs_action_hook = true; // Make sure the last button truely is the last button. if (!empty($button['is_last'])) { if (isset($last_button)) unset($menu_buttons[$last_button]['is_last']); $last_button = $act; } // Go through the sub buttons if there are any. if (!empty($button['sub_buttons'])) foreach ($button['sub_buttons'] as $key => $subbutton) { if (empty($subbutton['show'])) unset($button['sub_buttons'][$key]); // 2nd level sub buttons next... if (!empty($subbutton['sub_buttons'])) { foreach ($subbutton['sub_buttons'] as $key2 => $sub_button2) { if (empty($sub_button2['show'])) unset($button['sub_buttons'][$key]['sub_buttons'][$key2]); } } } $menu_buttons[$act] = $button; } if (!empty($modSettings['cache_enable']) && $modSettings['cache_enable'] >= 2) cache_put_data('menu_buttons-' . implode('_', $user_info['groups']) . '-' . $user_info['language'], $menu_buttons, $cacheTime); } $context['menu_buttons'] = $menu_buttons; // Logging out requires the session id in the url. if (isset($context['menu_buttons']['logout'])) $context['menu_buttons']['logout']['href'] = sprintf($context['menu_buttons']['logout']['href'], $context['session_var'], $context['session_id']); // Figure out which action we are doing so we can set the active tab. // Default to home. $current_action = 'home'; if (isset($context['menu_buttons'][$context['current_action']])) $current_action = $context['current_action']; elseif ($context['current_action'] == 'search2') $current_action = 'search'; elseif ($context['current_action'] == 'theme') $current_action = isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'pick' ? 'profile' : 'admin'; elseif ($context['current_action'] == 'register2') $current_action = 'register'; elseif ($context['current_action'] == 'login2' || ($user_info['is_guest'] && $context['current_action'] == 'reminder')) $current_action = 'login'; elseif ($context['current_action'] == 'groups' && $context['allow_moderation_center']) $current_action = 'moderate'; // Not all actions are simple. if (!empty($needs_action_hook)) call_integration_hook('integrate_current_action', array(&$current_action)); if (isset($context['menu_buttons'][$current_action])) $context['menu_buttons'][$current_action]['active_button'] = true; if (!$user_info['is_guest'] && $context['user']['unread_messages'] > 0 && isset($context['menu_buttons']['pm'])) { $context['menu_buttons']['pm']['alttitle'] = $context['menu_buttons']['pm']['title'] . ' [' . $context['user']['unread_messages'] . ']'; $context['menu_buttons']['pm']['title'] .= ' [' . $context['user']['unread_messages'] . ']'; } } /** * Generate a random seed and ensure it's stored in settings. */ function smf_seed_generator() { global $modSettings; // Never existed? if (empty($modSettings['rand_seed'])) { $modSettings['rand_seed'] = microtime() * 1000000; updateSettings(array('rand_seed' => $modSettings['rand_seed'])); } // Change the seed. updateSettings(array('rand_seed' => mt_rand())); } /** * Process functions of an integration hook. * calls all functions of the given hook. * supports static class method calls. * * @param string $hook * @param array $paramaters = array() * @return array the results of the functions */ function call_integration_hook($hook, $parameters = array()) { global $modSettings, $settings, $boarddir, $sourcedir, $db_show_debug, $context; if ($db_show_debug === true) $context['debug']['hooks'][] = $hook; $results = array(); if (empty($modSettings[$hook])) return $results; $functions = explode(',', $modSettings[$hook]); // Loop through each function. foreach ($functions as $function) { $function = trim($function); if (strpos($function, '::') !== false) { $call = explode('::', $function); if (strpos($call[1], ':') !== false) { list($func, $file) = explode(':', $call[1]); if (empty($settings['theme_dir'])) $absPath = strtr(trim($file), array('$boarddir' => $boarddir, '$sourcedir' => $sourcedir)); else $absPath = strtr(trim($file), array('$boarddir' => $boarddir, '$sourcedir' => $sourcedir, '$themedir' => $settings['theme_dir'])); if (file_exists($absPath)) require_once($absPath); $call = array($call[0], $func); } } else { $call = $function; if (strpos($function, ':') !== false) { list($func, $file) = explode(':', $function); if (empty($settings['theme_dir'])) $absPath = strtr(trim($file), array('$boarddir' => $boarddir, '$sourcedir' => $sourcedir)); else $absPath = strtr(trim($file), array('$boarddir' => $boarddir, '$sourcedir' => $sourcedir, '$themedir' => $settings['theme_dir'])); if (file_exists($absPath)) require_once($absPath); $call = $function; } } // Is it valid? if (is_callable($call)) $results[$function] = call_user_func_array($call, $parameters); } return $results; } /** * Add a function for integration hook. * does nothing if the function is already added. * * @param string $hook * @param string $function * @param string $file * @param bool $permanent = true if true, updates the value in settings table */ function add_integration_function($hook, $function, $file = '', $permanent = true) { global $smcFunc, $modSettings; $integration_call = (!empty($file) && $file !== true) ? $function . ':' . $file : $function; // Is it going to be permanent? if ($permanent) { $request = $smcFunc['db_query']('', ' SELECT value FROM {db_prefix}settings WHERE variable = {string:variable}', array( 'variable' => $hook, ) ); list($current_functions) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); if (!empty($current_functions)) { $current_functions = explode(',', $current_functions); if (in_array($integration_call, $current_functions)) return; $permanent_functions = array_merge($current_functions, array($integration_call)); } else $permanent_functions = array($integration_call); updateSettings(array($hook => implode(',', $permanent_functions))); } // Make current function list usable. $functions = empty($modSettings[$hook]) ? array() : explode(',', $modSettings[$hook]); // Do nothing, if it's already there. if (in_array($integration_call, $functions)) return; $functions[] = $integration_call; $modSettings[$hook] = implode(',', $functions); } /** * Remove an integration hook function. * Removes the given function from the given hook. * Does nothing if the function is not available. * * @param string $hook * @param string $function * @param string $file */ function remove_integration_function($hook, $function, $file = '') { global $smcFunc, $modSettings; $integration_call = (!empty($file)) ? $function . ':' . $file : $function; // Get the permanent functions. $request = $smcFunc['db_query']('', ' SELECT value FROM {db_prefix}settings WHERE variable = {string:variable}', array( 'variable' => $hook, ) ); list($current_functions) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); if (!empty($current_functions)) { $current_functions = explode(',', $current_functions); if (in_array($integration_call, $current_functions)) updateSettings(array($hook => implode(',', array_diff($current_functions, array($integration_call))))); } // Turn the function list into something usable. $functions = empty($modSettings[$hook]) ? array() : explode(',', $modSettings[$hook]); // You can only remove it if it's available. if (!in_array($integration_call, $functions)) return; $functions = array_diff($functions, array($integration_call)); $modSettings[$hook] = implode(',', $functions); } /** * Microsoft uses their own character set Code Page 1252 (CP1252), which is a * superset of ISO 8859-1, defining several characters between DEC 128 and 159 * that are not normally displayable. This converts the popular ones that * appear from a cut and paste from windows. * * @param string $string * @return string $string */ function sanitizeMSCutPaste($string) { global $context; if (empty($string)) return $string; // UTF-8 occurences of MS special characters $findchars_utf8 = array( "\xe2\80\x9a", // single low-9 quotation mark "\xe2\80\x9e", // double low-9 quotation mark "\xe2\80\xa6", // horizontal ellipsis "\xe2\x80\x98", // left single curly quote "\xe2\x80\x99", // right single curly quote "\xe2\x80\x9c", // left double curly quote "\xe2\x80\x9d", // right double curly quote "\xe2\x80\x93", // en dash "\xe2\x80\x94", // em dash ); // windows 1252 / iso equivalents $findchars_iso = array( chr(130), chr(132), chr(133), chr(145), chr(146), chr(147), chr(148), chr(150), chr(151), ); // safe replacements $replacechars = array( ',', // ‚ ',,', // „ '...', // … "'", // ‘ "'", // ’ '"', // “ '"', // ” '-', // – '--', // — ); if ($context['utf8']) $string = str_replace($findchars_utf8, $replacechars, $string); else $string = str_replace($findchars_iso, $replacechars, $string); return $string; } ?>