' => '

')); } // This is long, but it makes things much easier and cleaner. if (!empty($possible['parameters'])) { $preg = array(); foreach ($possible['parameters'] as $p => $info) $preg[] = '(\s+' . $p . '=' . (empty($info['quoted']) ? '' : '"') . (isset($info['match']) ? $info['match'] : '(.+?)') . (empty($info['quoted']) ? '' : '"') . ')' . (empty($info['optional']) ? '' : '?'); // Okay, this may look ugly and it is, but it's not going to happen much and it is the best way of allowing any order of parameters but still parsing them right. $match = false; $orders = permute($preg); foreach ($orders as $p) if (preg_match('~^' . implode('', $p) . '\]~i', substr($message, $pos1 - 1), $matches) != 0) { $match = true; break; } // Didn't match our parameter list, try the next possible. if (!$match) continue; $params = array(); for ($i = 1, $n = count($matches); $i < $n; $i += 2) { $key = strtok(ltrim($matches[$i]), '='); if (isset($possible['parameters'][$key]['value'])) $params['{' . $key . '}'] = strtr($possible['parameters'][$key]['value'], array('$1' => $matches[$i + 1])); elseif (isset($possible['parameters'][$key]['validate'])) $params['{' . $key . '}'] = $possible['parameters'][$key]['validate']($matches[$i + 1]); else $params['{' . $key . '}'] = $matches[$i + 1]; // Just to make sure: replace any $ or { so they can't interpolate wrongly. $params['{' . $key . '}'] = strtr($params['{' . $key . '}'], array('$' => '$', '{' => '{')); } foreach ($possible['parameters'] as $p => $info) { if (!isset($params['{' . $p . '}'])) $params['{' . $p . '}'] = ''; } $tag = $possible; // Put the parameters into the string. if (isset($tag['before'])) $tag['before'] = strtr($tag['before'], $params); if (isset($tag['after'])) $tag['after'] = strtr($tag['after'], $params); if (isset($tag['content'])) $tag['content'] = strtr($tag['content'], $params); $pos1 += strlen($matches[0]) - 1; } else $tag = $possible; break; } // Item codes are complicated buggers... they are implicit [li]s and can make [list]s! if ($smileys !== false && $tag === null && isset($itemcodes[$message[$pos + 1]]) && $message[$pos + 2] == ']' && !isset($disabled['list']) && !isset($disabled['li'])) { if ($message[$pos + 1] == '0' && !in_array($message[$pos - 1], array(';', ' ', "\t", "\n", '>'))) continue; $tag = $itemcodes[$message[$pos + 1]]; // First let's set up the tree: it needs to be in a list, or after an li. if ($inside === null || ($inside['tag'] != 'list' && $inside['tag'] != 'li')) { $open_tags[] = array( 'tag' => 'list', 'after' => '', 'block_level' => true, 'require_children' => array('li'), 'disallow_children' => isset($inside['disallow_children']) ? $inside['disallow_children'] : null, ); $code = '

'; } // We're in a list item already: another itemcode? Close it first. elseif ($inside['tag'] == 'li') { array_pop($open_tags); $code = ''; } else $code = ''; // Now we open a new tag. $open_tags[] = array( 'tag' => 'li', 'after' => '', 'trim' => 'outside', 'block_level' => true, 'disallow_children' => isset($inside['disallow_children']) ? $inside['disallow_children'] : null, ); // First, open the tag... $code .= ''; $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos + 3); $pos += strlen($code) - 1 + 2; // Next, find the next break (if any.) If there's more itemcode after it, keep it going - otherwise close! $pos2 = strpos($message, '
', $pos); $pos3 = strpos($message, '[/', $pos); if ($pos2 !== false && ($pos2 <= $pos3 || $pos3 === false)) { preg_match('~^(
| |\s|\[)+~', substr($message, $pos2 + 6), $matches); $message = substr($message, 0, $pos2) . (!empty($matches[0]) && substr($matches[0], -1) == '[' ? '[/li]' : '[/li][/list]') . substr($message, $pos2); $open_tags[count($open_tags) - 2]['after'] = '

'; } // Tell the [list] that it needs to close specially. else { // Move the li over, because we're not sure what we'll hit. $open_tags[count($open_tags) - 1]['after'] = ''; $open_tags[count($open_tags) - 2]['after'] = ''; } continue; } // Implicitly close lists and tables if something other than what's required is in them. This is needed for itemcode. if ($tag === null && $inside !== null && !empty($inside['require_children'])) { array_pop($open_tags); $message = substr($message, 0, $pos) . "\n" . $inside['after'] . "\n" . substr($message, $pos); $pos += strlen($inside['after']) - 1 + 2; } // No tag? Keep looking, then. Silly people using brackets without actual tags. if ($tag === null) continue; // Propagate the list to the child (so wrapping the disallowed tag won't work either.) if (isset($inside['disallow_children'])) $tag['disallow_children'] = isset($tag['disallow_children']) ? array_unique(array_merge($tag['disallow_children'], $inside['disallow_children'])) : $inside['disallow_children']; // Is this tag disabled? if (isset($disabled[$tag['tag']])) { if (!isset($tag['disabled_before']) && !isset($tag['disabled_after']) && !isset($tag['disabled_content'])) { $tag['before'] = !empty($tag['block_level']) ? '

' : ''; $tag['after'] = !empty($tag['block_level']) ? '

' : ''; $tag['content'] = isset($tag['type']) && $tag['type'] == 'closed' ? '' : (!empty($tag['block_level']) ? '

$1

' : '$1'); } elseif (isset($tag['disabled_before']) || isset($tag['disabled_after'])) { $tag['before'] = isset($tag['disabled_before']) ? $tag['disabled_before'] : (!empty($tag['block_level']) ? '

' : ''); $tag['after'] = isset($tag['disabled_after']) ? $tag['disabled_after'] : (!empty($tag['block_level']) ? '

' : ''); } else $tag['content'] = $tag['disabled_content']; } // we use this alot $tag_strlen = strlen($tag['tag']); // The only special case is 'html', which doesn't need to close things. if (!empty($tag['block_level']) && $tag['tag'] != 'html' && empty($inside['block_level'])) { $n = count($open_tags) - 1; while (empty($open_tags[$n]['block_level']) && $n >= 0) $n--; // Close all the non block level tags so this tag isn't surrounded by them. for ($i = count($open_tags) - 1; $i > $n; $i--) { $message = substr($message, 0, $pos) . "\n" . $open_tags[$i]['after'] . "\n" . substr($message, $pos); $ot_strlen = strlen($open_tags[$i]['after']); $pos += $ot_strlen + 2; $pos1 += $ot_strlen + 2; // Trim or eat trailing stuff... see comment at the end of the big loop. if (!empty($open_tags[$i]['block_level']) && substr($message, $pos, 6) == '
') $message = substr($message, 0, $pos) . substr($message, $pos + 6); if (!empty($open_tags[$i]['trim']) && $tag['trim'] != 'inside' && preg_match('~(
| |\s)*~', substr($message, $pos), $matches) != 0) $message = substr($message, 0, $pos) . substr($message, $pos + strlen($matches[0])); array_pop($open_tags); } } // No type means 'parsed_content'. if (!isset($tag['type'])) { // @todo Check for end tag first, so people can say "I like that [i] tag"? $open_tags[] = $tag; $message = substr($message, 0, $pos) . "\n" . $tag['before'] . "\n" . substr($message, $pos1); $pos += strlen($tag['before']) - 1 + 2; } // Don't parse the content, just skip it. elseif ($tag['type'] == 'unparsed_content') { $pos2 = stripos($message, '[/' . substr($message, $pos + 1, $tag_strlen) . ']', $pos1); if ($pos2 === false) continue; $data = substr($message, $pos1, $pos2 - $pos1); if (!empty($tag['block_level']) && substr($data, 0, 6) == '
') $data = substr($data, 6); if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); $code = strtr($tag['content'], array('$1' => $data)); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + 3 + $tag_strlen); $pos += strlen($code) - 1 + 2; $last_pos = $pos + 1; } // Don't parse the content, just skip it. elseif ($tag['type'] == 'unparsed_equals_content') { // The value may be quoted for some tags - check. if (isset($tag['quoted'])) { $quoted = substr($message, $pos1, 6) == '"'; if ($tag['quoted'] != 'optional' && !$quoted) continue; if ($quoted) $pos1 += 6; } else $quoted = false; $pos2 = strpos($message, $quoted == false ? ']' : '"]', $pos1); if ($pos2 === false) continue; $pos3 = stripos($message, '[/' . substr($message, $pos + 1, $tag_strlen) . ']', $pos2); if ($pos3 === false) continue; $data = array( substr($message, $pos2 + ($quoted == false ? 1 : 7), $pos3 - ($pos2 + ($quoted == false ? 1 : 7))), substr($message, $pos1, $pos2 - $pos1) ); if (!empty($tag['block_level']) && substr($data[0], 0, 6) == '
') $data[0] = substr($data[0], 6); // Validation for my parking, please! if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); $code = strtr($tag['content'], array('$1' => $data[0], '$2' => $data[1])); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos3 + 3 + $tag_strlen); $pos += strlen($code) - 1 + 2; } // A closed tag, with no content or value. elseif ($tag['type'] == 'closed') { $pos2 = strpos($message, ']', $pos); $message = substr($message, 0, $pos) . "\n" . $tag['content'] . "\n" . substr($message, $pos2 + 1); $pos += strlen($tag['content']) - 1 + 2; } // This one is sorta ugly... :/. Unfortunately, it's needed for flash. elseif ($tag['type'] == 'unparsed_commas_content') { $pos2 = strpos($message, ']', $pos1); if ($pos2 === false) continue; $pos3 = stripos($message, '[/' . substr($message, $pos + 1, $tag_strlen) . ']', $pos2); if ($pos3 === false) continue; // We want $1 to be the content, and the rest to be csv. $data = explode(',', ',' . substr($message, $pos1, $pos2 - $pos1)); $data[0] = substr($message, $pos2 + 1, $pos3 - $pos2 - 1); if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); $code = $tag['content']; foreach ($data as $k => $d) $code = strtr($code, array('$' . ($k + 1) => trim($d))); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos3 + 3 + $tag_strlen); $pos += strlen($code) - 1 + 2; } // This has parsed content, and a csv value which is unparsed. elseif ($tag['type'] == 'unparsed_commas') { $pos2 = strpos($message, ']', $pos1); if ($pos2 === false) continue; $data = explode(',', substr($message, $pos1, $pos2 - $pos1)); if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); // Fix after, for disabled code mainly. foreach ($data as $k => $d) $tag['after'] = strtr($tag['after'], array('$' . ($k + 1) => trim($d))); $open_tags[] = $tag; // Replace them out, $1, $2, $3, $4, etc. $code = $tag['before']; foreach ($data as $k => $d) $code = strtr($code, array('$' . ($k + 1) => trim($d))); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + 1); $pos += strlen($code) - 1 + 2; } // A tag set to a value, parsed or not. elseif ($tag['type'] == 'unparsed_equals' || $tag['type'] == 'parsed_equals') { // The value may be quoted for some tags - check. if (isset($tag['quoted'])) { $quoted = substr($message, $pos1, 6) == '"'; if ($tag['quoted'] != 'optional' && !$quoted) continue; if ($quoted) $pos1 += 6; } else $quoted = false; $pos2 = strpos($message, $quoted == false ? ']' : '"]', $pos1); if ($pos2 === false) continue; $data = substr($message, $pos1, $pos2 - $pos1); // Validation for my parking, please! if (isset($tag['validate'])) $tag['validate']($tag, $data, $disabled); // For parsed content, we must recurse to avoid security problems. if ($tag['type'] != 'unparsed_equals') $data = parse_bbc($data, !empty($tag['parsed_tags_allowed']) ? false : true, '', !empty($tag['parsed_tags_allowed']) ? $tag['parsed_tags_allowed'] : array()); $tag['after'] = strtr($tag['after'], array('$1' => $data)); $open_tags[] = $tag; $code = strtr($tag['before'], array('$1' => $data)); $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + ($quoted == false ? 1 : 7)); $pos += strlen($code) - 1 + 2; } // If this is block level, eat any breaks after it. if (!empty($tag['block_level']) && substr($message, $pos + 1, 6) == '
') $message = substr($message, 0, $pos + 1) . substr($message, $pos + 7); // Are we trimming outside this tag? if (!empty($tag['trim']) && $tag['trim'] != 'outside' && preg_match('~(
| |\s)*~', substr($message, $pos + 1), $matches) != 0) $message = substr($message, 0, $pos + 1) . substr($message, $pos + 1 + strlen($matches[0])); } // Close any remaining tags. while ($tag = array_pop($open_tags)) $message .= "\n" . $tag['after'] . "\n"; // Parse the smileys within the parts where it can be done safely. if ($smileys === true) { $message_parts = explode("\n", $message); for ($i = 0, $n = count($message_parts); $i < $n; $i += 2) parsesmileys($message_parts[$i]); $message = implode('', $message_parts); } // No smileys, just get rid of the markers. else $message = strtr($message, array("\n" => '')); if ($message[0] === ' ') $message = ' ' . substr($message, 1); // Cleanup whitespace. $message = strtr($message, array(' ' => '  ', "\r" => '', "\n" => '
', '
' => '
 ', ' ' => "\n")); // Allow mods access to what parse_bbc created call_integration_hook('integrate_post_parsebbc', array(&$message, &$smileys, &$cache_id, &$parse_tags)); // Cache the output if it took some time... if (isset($cache_key, $cache_t) && array_sum(explode(' ', microtime())) - array_sum(explode(' ', $cache_t)) > 0.05) cache_put_data($cache_key, $message, 240); // If this was a force parse revert if needed. if (!empty($parse_tags)) { if (empty($temp_bbc)) $bbc_codes = array(); else { $bbc_codes = $temp_bbc; unset($temp_bbc); } } return $message; } /** * Parse smileys in the passed message. * * The smiley parsing function which makes pretty faces appear :). * If custom smiley sets are turned off by smiley_enable, the default set of smileys will be used. * These are specifically not parsed in code tags [url=mailto:Dad@blah.com] * Caches the smileys from the database or array in memory. * Doesn't return anything, but rather modifies message directly. * * @param string &$message */ function parsesmileys(&$message) { global $modSettings, $txt, $user_info, $context, $smcFunc; static $smileyPregSearch = null, $smileyPregReplacements = array(); // No smiley set at all?! if ($user_info['smiley_set'] == 'none' || trim($message) == '') return; // If smileyPregSearch hasn't been set, do it now. if (empty($smileyPregSearch)) { // Use the default smileys if it is disabled. (better for "portability" of smileys.) if (empty($modSettings['smiley_enable'])) { $smileysfrom = array('>:D', ':D', '::)', '>:(', ':))', ':)', ';)', ';D', ':(', ':o', '8)', ':P', '???', ':-[', ':-X', ':-*', ':\'(', ':-\\', '^-^', 'O0', 'C:-)', '0:)'); $smileysto = array('evil.gif', 'cheesy.gif', 'rolleyes.gif', 'angry.gif', 'laugh.gif', 'smiley.gif', 'wink.gif', 'grin.gif', 'sad.gif', 'shocked.gif', 'cool.gif', 'tongue.gif', 'huh.gif', 'embarrassed.gif', 'lipsrsealed.gif', 'kiss.gif', 'cry.gif', 'undecided.gif', 'azn.gif', 'afro.gif', 'police.gif', 'angel.gif'); $smileysdescs = array('', $txt['icon_cheesy'], $txt['icon_rolleyes'], $txt['icon_angry'], '', $txt['icon_smiley'], $txt['icon_wink'], $txt['icon_grin'], $txt['icon_sad'], $txt['icon_shocked'], $txt['icon_cool'], $txt['icon_tongue'], $txt['icon_huh'], $txt['icon_embarrassed'], $txt['icon_lips'], $txt['icon_kiss'], $txt['icon_cry'], $txt['icon_undecided'], '', '', '', ''); } else { // Load the smileys in reverse order by length so they don't get parsed wrong. if (($temp = cache_get_data('parsing_smileys', 480)) == null) { $result = $smcFunc['db_query']('', ' SELECT code, filename, description FROM {db_prefix}smileys ORDER BY LENGTH(code) DESC', array( ) ); $smileysfrom = array(); $smileysto = array(); $smileysdescs = array(); while ($row = $smcFunc['db_fetch_assoc']($result)) { $smileysfrom[] = $row['code']; $smileysto[] = $smcFunc['htmlspecialchars']($row['filename']); $smileysdescs[] = $row['description']; } $smcFunc['db_free_result']($result); cache_put_data('parsing_smileys', array($smileysfrom, $smileysto, $smileysdescs), 480); } else list ($smileysfrom, $smileysto, $smileysdescs) = $temp; } // The non-breaking-space is a complex thing... $non_breaking_space = $context['utf8'] ? '\x{A0}' : '\xA0'; // This smiley regex makes sure it doesn't parse smileys within code tags (so [url=mailto:David@bla.com] doesn't parse the :D smiley) $smileyPregReplacements = array(); $searchParts = array(); $smileys_path = $smcFunc['htmlspecialchars']($modSettings['smileys_url'] . '/' . $user_info['smiley_set'] . '/'); for ($i = 0, $n = count($smileysfrom); $i < $n; $i++) { $specialChars = $smcFunc['htmlspecialchars']($smileysfrom[$i], ENT_QUOTES); $smileyCode = ''; $smileyPregReplacements[$smileysfrom[$i]] = $smileyCode; $searchParts[] = preg_quote($smileysfrom[$i], '~'); if ($smileysfrom[$i] != $specialChars) { $smileyPregReplacements[$specialChars] = $smileyCode; $searchParts[] = preg_quote($specialChars, '~'); } } $smileyPregSearch = '~(?<=[>:\?\.\s' . $non_breaking_space . '[\]()*\\\;]|^)(' . implode('|', $searchParts) . ')(?=[^[:alpha:]0-9]|$)~' . ($context['utf8'] ? 'u' : ''); } // Replace away! /* * TODO: When SMF supports only PHP 5.3+, we can change this to "uses" keyword and simpifly this. */ $callback = pregReplaceCurry('smielyPregReplaceCallback', 2); $message = preg_replace_callback($smileyPregSearch, $callback($smileyPregReplacements), $message); } /** * Preg Replacment Curry. * * This allows use to do delayed argument binding and bring in * the replacement variables for some preg replacments. * * Original code from: http://php.net/manual/en/function.preg-replace-callback.php#88013 * This is needed until SMF only supports PHP 5.3+ and we change to "use" * * @param string $func * @param string $arity * @return function a lambda function bound to $func. */ function pregReplaceCurry($func, $arity) { return create_function('', " \$args = func_get_args(); if(count(\$args) >= $arity) return call_user_func_array('$func', \$args); \$args = var_export(\$args, 1); return create_function('',' \$a = func_get_args(); \$z = ' . \$args . '; \$a = array_merge(\$z,\$a); return call_user_func_array(\'$func\', \$a); '); "); } /** * Smiely Replacment Callback. * * Our callback that does the actual smiley replacments. * * Original code from: http://php.net/manual/en/function.preg-replace-callback.php#88013 * This is needed until SMF only supports PHP 5.3+ and we change to "use" * * @param string $replacements * @param string $matches * @return string the replaced results. */ function smielyPregReplaceCallback($replacements, $matches) { return $replacements[$matches[1]]; } /** * Highlight any code. * * Uses PHP's highlight_string() to highlight PHP syntax * does special handling to keep the tabs in the code available. * used to parse PHP code from inside [code] and [php] tags. * * @param string $code * @return string the code with highlighted HTML. */ function highlight_php_code($code) { global $context; // Remove special characters. $code = un_htmlspecialchars(strtr($code, array('
' => "\n", '
' => "\n", "\t" => 'SMF_TAB();', '[' => '['))); $oldlevel = error_reporting(0); $buffer = str_replace(array("\n", "\r"), '', @highlight_string($code, true)); error_reporting($oldlevel); // Yes, I know this is kludging it, but this is the best way to preserve tabs from PHP :P. $buffer = preg_replace('~SMF_TAB(?:<(?:font color|span style)="[^"]*?">)?\\(\\);~', '

' . "\t" . '

', $buffer); return strtr($buffer, array('\'' => ''', '' => '', '' => '')); } /** * Make sure the browser doesn't come back and repost the form data. * Should be used whenever anything is posted. * * @param string $setLocation = '' * @param bool $refresh = false */ function redirectexit($setLocation = '', $refresh = false) { global $scripturl, $context, $modSettings, $db_show_debug, $db_cache; // In case we have mail to send, better do that - as obExit doesn't always quite make it... if (!empty($context['flush_mail'])) // @todo this relies on 'flush_mail' being only set in AddMailQueue itself... :\ AddMailQueue(true); $add = preg_match('~^(ftp|http)[s]?://~', $setLocation) == 0 && substr($setLocation, 0, 6) != 'about:'; if (WIRELESS) { // Add the scripturl on if needed. if ($add) $setLocation = $scripturl . '?' . $setLocation; $char = strpos($setLocation, '?') === false ? '?' : ';'; if (strpos($setLocation, '#') !== false) $setLocation = strtr($setLocation, array('#' => $char . WIRELESS_PROTOCOL . '#')); else $setLocation .= $char . WIRELESS_PROTOCOL; } elseif ($add) $setLocation = $scripturl . ($setLocation != '' ? '?' . $setLocation : ''); // Put the session ID in. if (defined('SID') && SID != '') $setLocation = preg_replace('/^' . preg_quote($scripturl, '/') . '(?!\?' . preg_quote(SID, '/') . ')\\??/', $scripturl . '?' . SID . ';', $setLocation); // Keep that debug in their for template debugging! elseif (isset($_GET['debug'])) $setLocation = preg_replace('/^' . preg_quote($scripturl, '/') . '\\??/', $scripturl . '?debug;', $setLocation); if (!empty($modSettings['queryless_urls']) && (empty($context['server']['is_cgi']) || ini_get('cgi.fix_pathinfo') == 1 || @get_cfg_var('cgi.fix_pathinfo') == 1) && (!empty($context['server']['is_apache']) || !empty($context['server']['is_lighttpd']) || !empty($context['server']['is_litespeed']))) { if (defined('SID') && SID != '') $setLocation = preg_replace_callback('~^' . preg_quote($scripturl, '/') . '\?(?:' . SID . '(?:;|&|&))((?:board|topic)=[^#]+?)(#[^"]*?)?$~', create_function('$m', 'global $scripturl; return $scripturl . \'/\' . strtr("$m[1]", \'&;=\', \'//,\') . \'.html?\' . SID. (isset($m[2]) ? "$m[2]" : "");'), $setLocation); else $setLocation = preg_replace_callback('~^' . preg_quote($scripturl, '/') . '\?((?:board|topic)=[^#"]+?)(#[^"]*?)?$~', create_function('$m', 'global $scripturl; return $scripturl . \'/\' . strtr("$m[1]", \'&;=\', \'//,\') . \'.html\' . (isset($m[2]) ? "$m[2]" : "");'), $setLocation); } // Maybe integrations want to change where we are heading? call_integration_hook('integrate_redirect', array(&$setLocation, &$refresh)); // We send a Refresh header only in special cases because Location looks better. (and is quicker...) if ($refresh && !WIRELESS) header('Refresh: 0; URL=' . strtr($setLocation, array(' ' => '%20'))); else header('Location: ' . str_replace(' ', '%20', $setLocation)); // Debugging. if (isset($db_show_debug) && $db_show_debug === true) $_SESSION['debug_redirect'] = $db_cache; obExit(false); } /** * Ends execution. Takes care of template loading and remembering the previous URL. * @param bool $header = null * @param bool $do_footer = null * @param bool $from_index = false * @param bool $from_fatal_error = false */ function obExit($header = null, $do_footer = null, $from_index = false, $from_fatal_error = false) { global $context, $settings, $modSettings, $txt, $smcFunc; static $header_done = false, $footer_done = false, $level = 0, $has_fatal_error = false; // Attempt to prevent a recursive loop. ++$level; if ($level > 1 && !$from_fatal_error && !$has_fatal_error) exit; if ($from_fatal_error) $has_fatal_error = true; // Clear out the stat cache. trackStats(); // If we have mail to send, send it. if (!empty($context['flush_mail'])) // @todo this relies on 'flush_mail' being only set in AddMailQueue itself... :\ AddMailQueue(true); $do_header = $header === null ? !$header_done : $header; if ($do_footer === null) $do_footer = $do_header; // Has the template/header been done yet? if ($do_header) { // Was the page title set last minute? Also update the HTML safe one. if (!empty($context['page_title']) && empty($context['page_title_html_safe'])) $context['page_title_html_safe'] = $smcFunc['htmlspecialchars'](un_htmlspecialchars($context['page_title'])) . (!empty($context['current_page']) ? ' - ' . $txt['page'] . ' ' . ($context['current_page'] + 1) : ''); // Start up the session URL fixer. ob_start('ob_sessrewrite'); if (!empty($settings['output_buffers']) && is_string($settings['output_buffers'])) $buffers = explode(',', $settings['output_buffers']); elseif (!empty($settings['output_buffers'])) $buffers = $settings['output_buffers']; else $buffers = array(); if (isset($modSettings['integrate_buffer'])) $buffers = array_merge(explode(',', $modSettings['integrate_buffer']), $buffers); if (!empty($buffers)) foreach ($buffers as $function) { $function = trim($function); $call = strpos($function, '::') !== false ? explode('::', $function) : $function; // Is it valid? if (is_callable($call)) ob_start($call); } // Display the screen in the logical order. template_header(); $header_done = true; } if ($do_footer) { if (WIRELESS && !isset($context['sub_template'])) fatal_lang_error('wireless_error_notyet', false); // Just show the footer, then. loadSubTemplate(isset($context['sub_template']) ? $context['sub_template'] : 'main'); // Anything special to put out? if (!empty($context['insert_after_template']) && !isset($_REQUEST['xml'])) echo $context['insert_after_template']; // Just so we don't get caught in an endless loop of errors from the footer... if (!$footer_done) { $footer_done = true; template_footer(); // (since this is just debugging... it's okay that it's after .) if (!isset($_REQUEST['xml'])) displayDebug(); } } // Remember this URL in case someone doesn't like sending HTTP_REFERER. if (strpos($_SERVER['REQUEST_URL'], 'action=dlattach') === false && strpos($_SERVER['REQUEST_URL'], 'action=viewsmfile') === false) $_SESSION['old_url'] = $_SERVER['REQUEST_URL']; // For session check verification.... don't switch browsers... $_SESSION['USER_AGENT'] = empty($_SERVER['HTTP_USER_AGENT']) ? '' : $_SERVER['HTTP_USER_AGENT']; // Hand off the output to the portal, etc. we're integrated with. call_integration_hook('integrate_exit', array($do_footer && !WIRELESS)); // Don't exit if we're coming from index.php; that will pass through normally. if (!$from_index || WIRELESS) exit; } /** * Get the size of a specified image with better error handling. * @todo see if it's better in Subs-Graphics, but one step at the time. * Uses getimagesize() to determine the size of a file. * Attempts to connect to the server first so it won't time out. * * @param string $url * @return array or false, the image size as array (width, height), or false on failure */ function url_image_size($url) { global $sourcedir; // Make sure it is a proper URL. $url = str_replace(' ', '%20', $url); // Can we pull this from the cache... please please? if (($temp = cache_get_data('url_image_size-' . md5($url), 240)) !== null) return $temp; $t = microtime(); // Get the host to pester... preg_match('~^\w+://(.+?)/(.*)$~', $url, $match); // Can't figure it out, just try the image size. if ($url == '' || $url == 'http://' || $url == 'https://') { return false; } elseif (!isset($match[1])) { $size = @getimagesize($url); } else { // Try to connect to the server... give it half a second. $temp = 0; $fp = @fsockopen($match[1], 80, $temp, $temp, 0.5); // Successful? Continue... if ($fp != false) { // Send the HEAD request (since we don't have to worry about chunked, HTTP/1.1 is fine here.) fwrite($fp, 'HEAD /' . $match[2] . ' HTTP/1.1' . "\r\n" . 'Host: ' . $match[1] . "\r\n" . 'User-Agent: PHP/SMF' . "\r\n" . 'Connection: close' . "\r\n\r\n"); // Read in the HTTP/1.1 or whatever. $test = substr(fgets($fp, 11), -1); fclose($fp); // See if it returned a 404/403 or something. if ($test < 4) { $size = @getimagesize($url); // This probably means allow_url_fopen is off, let's try GD. if ($size === false && function_exists('imagecreatefromstring')) { include_once($sourcedir . '/Subs-Package.php'); // It's going to hate us for doing this, but another request... $image = @imagecreatefromstring(fetch_web_data($url)); if ($image !== false) { $size = array(imagesx($image), imagesy($image)); imagedestroy($image); } } } } } // If we didn't get it, we failed. if (!isset($size)) $size = false; // If this took a long time, we may never have to do it again, but then again we might... if (array_sum(explode(' ', microtime())) - array_sum(explode(' ', $t)) > 0.8) cache_put_data('url_image_size-' . md5($url), $size, 240); // Didn't work. return $size; } /** * Sets the class of the current topic based on, normal, sticky, locked, etc * * @param array &$topic_context */ function determineTopicClass(&$topic_context) { // Set topic class depending on locked status and number of replies. $topic_context['class'] = 'normal'; $topic_context['class'] .= $topic_context['is_poll'] ? '_poll' : '_post'; if ($topic_context['is_locked']) $topic_context['class'] .= '_locked'; if ($topic_context['is_sticky']) $topic_context['class'] .= '_sticky'; // This is so old themes will still work. $topic_context['extended_class'] = &$topic_context['class']; } /** * Sets up the basic theme context stuff. * @param bool $forceload = false */ function setupThemeContext($forceload = false) { global $modSettings, $user_info, $scripturl, $context, $settings, $options, $txt, $maintenance; global $user_settings, $smcFunc; static $loaded = false; // Under SSI this function can be called more then once. That can cause some problems. // So only run the function once unless we are forced to run it again. if ($loaded && !$forceload) return; $loaded = true; $context['in_maintenance'] = !empty($maintenance); $context['current_time'] = timeformat(time(), false); $context['current_action'] = isset($_GET['action']) ? $smcFunc['htmlspecialchars']($_GET['action']) : ''; // Get some news... $context['news_lines'] = array_filter(explode("\n", str_replace("\r", '', trim(addslashes($modSettings['news']))))); for ($i = 0, $n = count($context['news_lines']); $i < $n; $i++) { if (trim($context['news_lines'][$i]) == '') continue; // Clean it up for presentation ;). $context['news_lines'][$i] = parse_bbc(stripslashes(trim($context['news_lines'][$i])), true, 'news' . $i); } if (!empty($context['news_lines'])) $context['random_news_line'] = $context['news_lines'][mt_rand(0, count($context['news_lines']) - 1)]; if (!$user_info['is_guest']) { $context['user']['messages'] = &$user_info['messages']; $context['user']['unread_messages'] = &$user_info['unread_messages']; $context['user']['alerts'] = &$user_info['alerts']; // Personal message popup... if ($user_info['unread_messages'] > (isset($_SESSION['unread_messages']) ? $_SESSION['unread_messages'] : 0)) $context['user']['popup_messages'] = true; else $context['user']['popup_messages'] = false; $_SESSION['unread_messages'] = $user_info['unread_messages']; if (allowedTo('moderate_forum')) $context['unapproved_members'] = (!empty($modSettings['registration_method']) && ($modSettings['registration_method'] == 2 || (!empty($modSettings['coppaType']) && $modSettings['coppaType'] == 2))) || !empty($modSettings['approveAccountDeletion']) ? $modSettings['unapprovedMembers'] : 0; $context['user']['avatar'] = array(); // Figure out the avatar... uploaded? if ($user_info['avatar']['url'] == '' && !empty($user_info['avatar']['id_attach'])) $context['user']['avatar']['href'] = $user_info['avatar']['custom_dir'] ? $modSettings['custom_avatar_url'] . '/' . $user_info['avatar']['filename'] : $scripturl . '?action=dlattach;attach=' . $user_info['avatar']['id_attach'] . ';type=avatar'; // Full URL? elseif (strpos($user_info['avatar']['url'], 'http://') === 0 || strpos($user_info['avatar']['url'], 'https://') === 0) $context['user']['avatar']['href'] = $user_info['avatar']['url']; // Otherwise we assume it's server stored? elseif ($user_info['avatar']['url'] != '') $context['user']['avatar']['href'] = $modSettings['avatar_url'] . '/' . $smcFunc['htmlspecialchars']($user_info['avatar']['url']); if (!empty($context['user']['avatar'])) $context['user']['avatar']['image'] = ''; // Figure out how long they've been logged in. $context['user']['total_time_logged_in'] = array( 'days' => floor($user_info['total_time_logged_in'] / 86400), 'hours' => floor(($user_info['total_time_logged_in'] % 86400) / 3600), 'minutes' => floor(($user_info['total_time_logged_in'] % 3600) / 60) ); } else { $context['user']['messages'] = 0; $context['user']['unread_messages'] = 0; $context['user']['avatar'] = array(); $context['user']['total_time_logged_in'] = array('days' => 0, 'hours' => 0, 'minutes' => 0); $context['user']['popup_messages'] = false; if (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1) $txt['welcome_guest'] .= $txt['welcome_guest_activate']; // If we've upgraded recently, go easy on the passwords. if (!empty($modSettings['disableHashTime']) && ($modSettings['disableHashTime'] == 1 || time() < $modSettings['disableHashTime'])) $context['disable_login_hashing'] = true; } // Setup the main menu items. setupMenuContext(); // This is here because old index templates might still use it. $context['show_news'] = !empty($settings['enable_news']); // This is done to allow theme authors to customize it as they want. $context['show_pm_popup'] = $context['user']['popup_messages'] && !empty($options['popup_messages']) && (!isset($_REQUEST['action']) || $_REQUEST['action'] != 'pm'); // 2.1+: Add the PM popup here instead. Theme authors can still override it simply by editing/removing the 'fPmPopup' in the array. if ($context['show_pm_popup']) addInlineJavascript(' jQuery(document).ready(function($) { new smc_Popup({ heading: ' . JavaScriptEscape($txt['show_personal_messages_heading']) . ', content: ' . JavaScriptEscape(sprintf($txt['show_personal_messages'], $context['user']['unread_messages'], $scripturl . '?action=pm')) . ', icon_class: \'generic_icons mail_new\' }); });'); // Now add the capping code for avatars. if (!empty($modSettings['avatar_max_width_external']) && !empty($modSettings['avatar_max_height_external']) && !empty($modSettings['avatar_action_too_large']) && $modSettings['avatar_action_too_large'] == 'option_css_resize') { if (!isset($context['css_header'])) $context['css_header'] = ''; $context['css_header'] .= ' img.avatar { max-width: ' . $modSettings['avatar_max_width_external'] . 'px; max-height: ' . $modSettings['avatar_max_height_external'] . 'px; }'; } // This looks weird, but it's because BoardIndex.php references the variable. $context['common_stats']['latest_member'] = array( 'id' => $modSettings['latestMember'], 'name' => $modSettings['latestRealName'], 'href' => $scripturl . '?action=profile;u=' . $modSettings['latestMember'], 'link' => '' . $modSettings['latestRealName'] . '', ); $context['common_stats'] = array( 'total_posts' => comma_format($modSettings['totalMessages']), 'total_topics' => comma_format($modSettings['totalTopics']), 'total_members' => comma_format($modSettings['totalMembers']), 'latest_member' => $context['common_stats']['latest_member'], ); $context['common_stats']['boardindex_total_posts'] = sprintf($txt['boardindex_total_posts'], $context['common_stats']['total_posts'], $context['common_stats']['total_topics'], $context['common_stats']['total_members']); if (empty($settings['theme_version'])) addJavascriptVar('smf_scripturl', $scripturl); if (!isset($context['page_title'])) $context['page_title'] = ''; // Set some specific vars. $context['page_title_html_safe'] = $smcFunc['htmlspecialchars'](un_htmlspecialchars($context['page_title'])) . (!empty($context['current_page']) ? ' - ' . $txt['page'] . ' ' . ($context['current_page'] + 1) : ''); $context['meta_keywords'] = !empty($modSettings['meta_keywords']) ? $smcFunc['htmlspecialchars']($modSettings['meta_keywords']) : ''; } /** * Helper function to set the system memory to a needed value * - If the needed memory is greater than current, will attempt to get more * - if in_use is set to true, will also try to take the current memory usage in to account * * @param string $needed The amount of memory to request, if needed, like 256M * @param bool $in_use Set to true to account for current memory usage of the script * @return boolean, true if we have at least the needed memory */ function setMemoryLimit($needed, $in_use = false) { // everything in bytes $memory_used = 0; $memory_current = memoryReturnBytes(ini_get('memory_limit')); $memory_needed = memoryReturnBytes($needed); // should we account for how much is currently being used? if ($in_use) $memory_needed += function_exists('memory_get_usage') ? memory_get_usage() : (2 * 1048576); // if more is needed, request it if ($memory_current < $memory_needed) { @ini_set('memory_limit', ceil($memory_needed / 1048576) . 'M'); $memory_current = memoryReturnBytes(ini_get('memory_limit')); } $memory_current = max($memory_current, memoryReturnBytes(get_cfg_var('memory_limit'))); // return success or not return (bool) ($memory_current >= $memory_needed); } /** * Helper function to convert memory string settings to bytes * * @param string $val The byte string, like 256M or 1G * @return integer The string converted to a proper integer in bytes */ function memoryReturnBytes($val) { if (is_integer($val)) return $val; // Separate the number from the designator $val = trim($val); $num = intval(substr($val, 0, strlen($val) - 1)); $last = strtolower(substr($val, -1)); // convert to bytes switch ($last) { case 'g': $num *= 1024; case 'm': $num *= 1024; case 'k': $num *= 1024; } return $num; } /** * This is the only template included in the sources. */ function template_rawdata() { global $context; echo $context['raw_data']; } /** * The header template */ function template_header() { global $txt, $modSettings, $context, $settings, $user_info, $boarddir, $cachedir; setupThemeContext(); // Print stuff to prevent caching of pages (except on attachment errors, etc.) if (empty($context['no_last_modified'])) { header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); // Are we debugging the template/html content? if (!isset($_REQUEST['xml']) && isset($_GET['debug']) && !isBrowser('ie') && !WIRELESS) header('Content-Type: application/xhtml+xml'); elseif (!isset($_REQUEST['xml']) && !WIRELESS) header('Content-Type: text/html; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set'])); } if (!WIRELESS || WIRELESS_PROTOCOL != 'wap') header('Content-Type: text/' . (isset($_REQUEST['xml']) ? 'xml' : 'html') . '; charset=' . (empty($context['character_set']) ? 'ISO-8859-1' : $context['character_set'])); // We need to splice this in after the body layer, or after the main layer for older stuff. if ($context['in_maintenance'] && $context['user']['is_admin']) { $position = array_search('body', $context['template_layers']); if ($position === false) $position = array_search('main', $context['template_layers']); if ($position !== false) { $before = array_slice($context['template_layers'], 0, $position + 1); $after = array_slice($context['template_layers'], $position + 1); $context['template_layers'] = array_merge($before, array('maint_warning'), $after); } } $checked_securityFiles = false; $showed_banned = false; foreach ($context['template_layers'] as $layer) { loadSubTemplate($layer . '_above', true); // May seem contrived, but this is done in case the body and main layer aren't there... if (in_array($layer, array('body', 'main')) && allowedTo('admin_forum') && !$user_info['is_guest'] && !$checked_securityFiles) { $checked_securityFiles = true; $securityFiles = array('install.php', 'webinstall.php', 'upgrade.php', 'convert.php', 'repair_paths.php', 'repair_settings.php', 'Settings.php~', 'Settings_bak.php~'); // Add your own files. call_integration_hook('integrate_security_files', array(&$securityFiles)); foreach ($securityFiles as $i => $securityFile) { if (!file_exists($boarddir . '/' . $securityFile)) unset($securityFiles[$i]); } // We are already checking so many files...just few more doesn't make any difference! :P if (!empty($modSettings['currentAttachmentUploadDir'])) { if (!is_array($modSettings['attachmentUploadDir'])) $modSettings['attachmentUploadDir'] = @unserialize($modSettings['attachmentUploadDir']); $path = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']]; } else { $path = $modSettings['attachmentUploadDir']; $id_folder_thumb = 1; } secureDirectory($path, true); secureDirectory($cachedir); // If agreement is enabled, at least the english version shall exists if ($modSettings['requireAgreement']) $agreement = !file_exists($boarddir . '/agreement.txt'); if (!empty($securityFiles) || (!empty($modSettings['cache_enable']) && !is_writable($cachedir)) || !empty($agreement)) { echo '

!!

', empty($securityFiles) ? $txt['generic_warning'] : $txt['security_risk'], '

'; foreach ($securityFiles as $securityFile) { echo ' ', $txt['not_removed'], '', $securityFile, '!
'; if ($securityFile == 'Settings.php~' || $securityFile == 'Settings_bak.php~') echo ' ', sprintf($txt['not_removed_extra'], $securityFile, substr($securityFile, 0, -1)), '
'; } if (!empty($modSettings['cache_enable']) && !is_writable($cachedir)) echo ' ', $txt['cache_writable'], '
'; if (!empty($agreement)) echo ' ', $txt['agreement_missing'], '
'; echo '

'; } } // If the user is banned from posting inform them of it. elseif (in_array($layer, array('main', 'body')) && isset($_SESSION['ban']['cannot_post']) && !$showed_banned) { $showed_banned = true; echo '

', sprintf($txt['you_are_post_banned'], $user_info['is_guest'] ? $txt['guest_title'] : $user_info['name']); if (!empty($_SESSION['ban']['cannot_post']['reason'])) echo '

', $_SESSION['ban']['cannot_post']['reason'], '

'; if (!empty($_SESSION['ban']['expire_time'])) echo '

', sprintf($txt['your_ban_expires'], timeformat($_SESSION['ban']['expire_time'], false)), '

'; else echo '

', $txt['your_ban_expires_never'], '

'; echo '

'; } } if (isset($settings['use_default_images']) && $settings['use_default_images'] == 'defaults' && isset($settings['default_template'])) { $settings['theme_url'] = $settings['default_theme_url']; $settings['images_url'] = $settings['default_images_url']; $settings['theme_dir'] = $settings['default_theme_dir']; } } /** * Show the copyright. */ function theme_copyright() { global $forum_copyright, $software_year, $forum_version; // Don't display copyright for things like SSI. if (!isset($forum_version) || !isset($software_year)) return; // Put in the version... $forum_copyright = sprintf($forum_copyright, $forum_version, $software_year); echo ' ' . $forum_copyright . ' '; } /** * The template footer */ function template_footer() { global $context, $settings, $modSettings, $time_start, $db_count; // Show the load time? (only makes sense for the footer.) $context['show_load_time'] = !empty($modSettings['timeLoadPageEnable']); $context['load_time'] = comma_format(round(array_sum(explode(' ', microtime())) - array_sum(explode(' ', $time_start)), 3)); $context['load_queries'] = $db_count; if (isset($settings['use_default_images']) && $settings['use_default_images'] == 'defaults' && isset($settings['default_template'])) { $settings['theme_url'] = $settings['actual_theme_url']; $settings['images_url'] = $settings['actual_images_url']; $settings['theme_dir'] = $settings['actual_theme_dir']; } foreach (array_reverse($context['template_layers']) as $layer) loadSubTemplate($layer . '_below', true); } /** * Output the Javascript files * - tabbing in this function is to make the HTML source look good proper * - if defered is set function will output all JS (source & inline) set to load at page end * * @param bool $do_defered = false */ function template_javascript($do_defered = false) { global $context, $modSettings, $settings; // Use this hook to minify/optimize Javascript files and vars call_integration_hook('integrate_pre_javascript_output'); // Ouput the declared Javascript variables. if (!empty($context['javascript_vars']) && !$do_defered) { echo ' '; } // While we have Javascript files to place in the template foreach ($context['javascript_files'] as $id => $js_file) { if ((!$do_defered && empty($js_file['options']['defer'])) || ($do_defered && !empty($js_file['options']['defer']))) echo ' '; // If we are loading JQuery and we are set to 'auto' load, put in our remote success or load local check if ($id == 'jquery' && (!isset($modSettings['jquery_source']) || !in_array($modSettings['jquery_source'], array('local', 'cdn')))) echo ' '; } // Inline JavaScript - Actually useful some times! if (!empty($context['javascript_inline'])) { if (!empty($context['javascript_inline']['defer']) && $do_defered) { echo ' '; } if (!empty($context['javascript_inline']['standard']) && !$do_defered) { echo ' '; } } } /** * Output the CSS files */ function template_css() { global $context, $db_show_debug, $boardurl; // Use this hook to minify/optimize CSS files call_integration_hook('integrate_pre_css_output'); foreach ($context['css_files'] as $id => $file) echo ' '; if ($db_show_debug === true) { // Try to keep only what's useful. $repl = array($boardurl . '/Themes/' => '', $boardurl . '/' => ''); foreach ($context['css_files'] as $file) $context['debug']['sheets'][] = strtr($file['filename'], $repl); } if (!empty($context['css_header'])) echo ' '; } /** * Get an attachment's encrypted filename. If $new is true, won't check for file existence. * @todo this currently returns the hash if new, and the full filename otherwise. * Something messy like that. * @todo and of course everything relies on this behavior and work around it. :P. * Converters included. * * @param $filename * @param $attachment_id * @param $dir * @param $new * @param $file_hash */ function getAttachmentFilename($filename, $attachment_id, $dir = null, $new = false, $file_hash = '') { global $modSettings, $smcFunc; // Just make up a nice hash... if ($new) return sha1(md5($filename . time()) . mt_rand()); // Grab the file hash if it wasn't added. // Left this for legacy. if ($file_hash === '') { $request = $smcFunc['db_query']('', ' SELECT file_hash FROM {db_prefix}attachments WHERE id_attach = {int:id_attach}', array( 'id_attach' => $attachment_id, )); if ($smcFunc['db_num_rows']($request) === 0) return false; list ($file_hash) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); } // Still no hash? mmm... if (empty($file_hash)) $file_hash = sha1(md5($filename . time()) . mt_rand()); // Are we using multiple directories? if (!empty($modSettings['currentAttachmentUploadDir'])) { if (!is_array($modSettings['attachmentUploadDir'])) $modSettings['attachmentUploadDir'] = unserialize($modSettings['attachmentUploadDir']); $path = $modSettings['attachmentUploadDir'][$dir]; } else $path = $modSettings['attachmentUploadDir']; return $path . '/' . $attachment_id . '_' . $file_hash .'.dat'; } /** * Convert a single IP to a ranged IP. * internal function used to convert a user-readable format to a format suitable for the database. * * @param string $fullip * @return array|string 'unknown' if the ip in the input was '255.255.255.255' */ function ip2range($fullip) { // If its IPv6, validate it first. if (isValidIPv6($fullip) !== false) { $ip_parts = explode(':', expandIPv6($fullip, false)); $ip_array = array(); if (count($ip_parts) != 8) return array(); for ($i = 0; $i < 8; $i++) { if ($ip_parts[$i] == '*') $ip_array[$i] = array('low' => '0', 'high' => hexdec('ffff')); elseif (preg_match('/^([0-9A-Fa-f]{1,4})\-([0-9A-Fa-f]{1,4})$/', $ip_parts[$i], $range) == 1) $ip_array[$i] = array('low' => hexdec($range[1]), 'high' => hexdec($range[2])); elseif (is_numeric(hexdec($ip_parts[$i]))) $ip_array[$i] = array('low' => hexdec($ip_parts[$i]), 'high' => hexdec($ip_parts[$i])); } return $ip_array; } // Pretend that 'unknown' is 255.255.255.255. (since that can't be an IP anyway.) if ($fullip == 'unknown') $fullip = '255.255.255.255'; $ip_parts = explode('.', $fullip); $ip_array = array(); if (count($ip_parts) != 4) return array(); for ($i = 0; $i < 4; $i++) { if ($ip_parts[$i] == '*') $ip_array[$i] = array('low' => '0', 'high' => '255'); elseif (preg_match('/^(\d{1,3})\-(\d{1,3})$/', $ip_parts[$i], $range) == 1) $ip_array[$i] = array('low' => $range[1], 'high' => $range[2]); elseif (is_numeric($ip_parts[$i])) $ip_array[$i] = array('low' => $ip_parts[$i], 'high' => $ip_parts[$i]); } // Makes it simpiler to work with. $ip_array[4] = array('low' => 0, 'high' => 0); $ip_array[5] = array('low' => 0, 'high' => 0); $ip_array[6] = array('low' => 0, 'high' => 0); $ip_array[7] = array('low' => 0, 'high' => 0); return $ip_array; } /** * Lookup an IP; try shell_exec first because we can do a timeout on it. * * @param string $ip */ function host_from_ip($ip) { global $modSettings; if (($host = cache_get_data('hostlookup-' . $ip, 600)) !== null) return $host; $t = microtime(); // Try the Linux host command, perhaps? if (!isset($host) && (strpos(strtolower(PHP_OS), 'win') === false || strpos(strtolower(PHP_OS), 'darwin') !== false) && mt_rand(0, 1) == 1) { if (!isset($modSettings['host_to_dis'])) $test = @shell_exec('host -W 1 ' . @escapeshellarg($ip)); else $test = @shell_exec('host ' . @escapeshellarg($ip)); // Did host say it didn't find anything? if (strpos($test, 'not found') !== false) $host = ''; // Invalid server option? elseif ((strpos($test, 'invalid option') || strpos($test, 'Invalid query name 1')) && !isset($modSettings['host_to_dis'])) updateSettings(array('host_to_dis' => 1)); // Maybe it found something, after all? elseif (preg_match('~\s([^\s]+?)\.\s~', $test, $match) == 1) $host = $match[1]; } // This is nslookup; usually only Windows, but possibly some Unix? if (!isset($host) && stripos(PHP_OS, 'win') !== false && strpos(strtolower(PHP_OS), 'darwin') === false && mt_rand(0, 1) == 1) { $test = @shell_exec('nslookup -timeout=1 ' . @escapeshellarg($ip)); if (strpos($test, 'Non-existent domain') !== false) $host = ''; elseif (preg_match('~Name:\s+([^\s]+)~', $test, $match) == 1) $host = $match[1]; } // This is the last try :/. if (!isset($host) || $host === false) $host = @gethostbyaddr($ip); // It took a long time, so let's cache it! if (array_sum(explode(' ', microtime())) - array_sum(explode(' ', $t)) > 0.5) cache_put_data('hostlookup-' . $ip, $host, 600); return $host; } /** * Chops a string into words and prepares them to be inserted into (or searched from) the database. * * @param string $text * @param int $max_chars = 20 * @param bool $encrypt = false */ function text2words($text, $max_chars = 20, $encrypt = false) { global $smcFunc, $context; // Step 1: Remove entities/things we don't consider words: $words = preg_replace('~(?:[\x0B\0' . ($context['utf8'] ? '\x{A0}' : '\xA0') . '\t\r\s\n(){}\\[\\]<>!@$%^*.,:+=`\~\?/\\\\]+|&(?:amp|lt|gt|quot);)+~' . ($context['utf8'] ? 'u' : ''), ' ', strtr($text, array('
' => ' '))); // Step 2: Entities we left to letters, where applicable, lowercase. $words = un_htmlspecialchars($smcFunc['strtolower']($words)); // Step 3: Ready to split apart and index! $words = explode(' ', $words); if ($encrypt) { $possible_chars = array_flip(array_merge(range(46, 57), range(65, 90), range(97, 122))); $returned_ints = array(); foreach ($words as $word) { if (($word = trim($word, '-_\'')) !== '') { $encrypted = substr(crypt($word, 'uk'), 2, $max_chars); $total = 0; for ($i = 0; $i < $max_chars; $i++) $total += $possible_chars[ord($encrypted{$i})] * pow(63, $i); $returned_ints[] = $max_chars == 4 ? min($total, 16777215) : $total; } } return array_unique($returned_ints); } else { // Trim characters before and after and add slashes for database insertion. $returned_words = array(); foreach ($words as $word) if (($word = trim($word, '-_\'')) !== '') $returned_words[] = $max_chars === null ? $word : substr($word, 0, $max_chars); // Filter out all words that occur more than once. return array_unique($returned_words); } } /** * Creates an image/text button * * @param string $name * @param string $alt * @param string $label = '' * @param boolean $custom = '' * @param boolean $force_use = false * @return string */ function create_button($name, $alt, $label = '', $custom = '', $force_use = false) { global $settings, $txt, $context; // Does the current loaded theme have this and we are not forcing the usage of this function? if (function_exists('template_create_button') && !$force_use) return template_create_button($name, $alt, $label = '', $custom = ''); if (!$settings['use_image_buttons']) return $txt[$alt]; elseif (!empty($settings['use_buttons'])) return '' . ($label != '' ? ' ' . $txt[$label] . '' : ''); else return ''; } /** * Empty out the cache in use as best it can * * It may only remove the files of a certain type (if the $type parameter is given) * Type can be user, data or left blank * - user clears out user data * - data clears out system / opcode data * - If no type is specified will perfom a complete cache clearing * For cache engines that do not distinguish on types, a full cache flush will be done * * @param string $type = '' */ function clean_cache($type = '') { global $cachedir, $sourcedir, $cache_accelerator, $modSettings, $memcached; switch ($cache_accelerator) { case 'memcached': if (function_exists('memcache_flush') || function_exists('memcached_flush') && isset($modSettings['cache_memcached']) && trim($modSettings['cache_memcached']) != '') { // Not connected yet? if (empty($memcached)) get_memcached_server(); if (!$memcached) return; // clear it out if (function_exists('memcache_flush')) memcache_flush($memcached); else memcached_flush($memcached); } break; case 'apc': if (function_exists('apc_clear_cache')) { // if passed a type, clear that type out if ($type === '' || $type === 'data') { apc_clear_cache('user'); apc_clear_cache('system'); } elseif ($type === 'user') apc_clear_cache('user'); } break; case 'zend': if (function_exists('zend_shm_cache_clear')) zend_shm_cache_clear('SMF'); break; case 'xcache': if (function_exists('xcache_clear_cache')) { // if ($type === '') { xcache_clear_cache(XC_TYPE_VAR, 0); xcache_clear_cache(XC_TYPE_PHP, 0); } if ($type === 'user') xcache_clear_cache(XC_TYPE_VAR, 0); if ($type === 'data') xcache_clear_cache(XC_TYPE_PHP, 0); } break; default: // No directory = no game. if (!is_dir($cachedir)) return; // Remove the files in SMF's own disk cache, if any $dh = opendir($cachedir); while ($file = readdir($dh)) { if ($file != '.' && $file != '..' && $file != 'index.php' && $file != '.htaccess' && (!$type || substr($file, 0, strlen($type)) == $type)) @unlink($cachedir . '/' . $file); } closedir($dh); break; } // Invalidate cache, to be sure! // ... as long as Load.php can be modified, anyway. @touch($sourcedir . '/' . 'Load.php'); call_integration_hook('integrate_clean_cache'); clearstatcache(); } /** * Sets up all of the top menu buttons * Saves them in the cache if it is available and on * Places the results in $context * */ function setupMenuContext() { global $context, $modSettings, $user_info, $txt, $scripturl; // Set up the menu privileges. $context['allow_search'] = !empty($modSettings['allow_guestAccess']) ? allowedTo('search_posts') : (!$user_info['is_guest'] && allowedTo('search_posts')); $context['allow_admin'] = allowedTo(array('admin_forum', 'manage_boards', 'manage_permissions', 'moderate_forum', 'manage_membergroups', 'manage_bans', 'send_mail', 'edit_news', 'manage_attachments', 'manage_smileys')); $context['allow_memberlist'] = allowedTo('view_mlist'); $context['allow_calendar'] = allowedTo('calendar_view') && !empty($modSettings['cal_enabled']); $context['allow_moderation_center'] = $context['user']['can_mod']; $context['allow_pm'] = allowedTo('pm_read'); $cacheTime = $modSettings['lastActive'] * 60; // Initial "can you post an event in the calendar" option - but this might have been set in the calendar already. if (!isset($context['allow_calendar_event'])) { $context['allow_calendar_event'] = $context['allow_calendar'] && allowedTo('calendar_post'); // If you don't allow events not linked to posts and you're not an admin, we have more work to do... if ($context['allow_calendar'] && $context['allow_calendar_event'] && empty($modSettings['cal_allow_unlinked']) && !$user_info['is_admin']) { $boards_can_post = boardsAllowedTo('post_new'); $context['allow_calendar_event'] &= !empty($boards_can_post); } } // There is some menu stuff we need to do if we're coming at this from a non-guest perspective. if (!$context['user']['is_guest']) { addInlineJavascript(' var user_menus = new smc_PopupMenu(); user_menus.add("profile", "' . $scripturl . '?action=profile;area=popup"); user_menus.add("alerts", "' . $scripturl . '?action=profile;area=alerts_popup");', true); if ($context['allow_pm']) addInlineJavascript(' user_menus.add("pm", "' . $scripturl . '?action=pm;sa=popup");', true); } // All the buttons we can possible want and then some, try pulling the final list of buttons from cache first. if (($menu_buttons = cache_get_data('menu_buttons-' . implode('_', $user_info['groups']) . '-' . $user_info['language'], $cacheTime)) === null || time() - $cacheTime <= $modSettings['settings_updated']) { $buttons = array( 'home' => array( 'title' => $txt['home'], 'href' => $scripturl, 'show' => true, 'sub_buttons' => array( ), 'is_last' => $context['right_to_left'], ), 'search' => array( 'title' => $txt['search'], 'href' => $scripturl . '?action=search', 'show' => $context['allow_search'], 'sub_buttons' => array( ), ), 'admin' => array( 'title' => $txt['admin'], 'href' => $scripturl . '?action=admin', 'show' => $context['allow_admin'], 'sub_buttons' => array( 'featuresettings' => array( 'title' => $txt['modSettings_title'], 'href' => $scripturl . '?action=admin;area=featuresettings', 'show' => allowedTo('admin_forum'), ), 'packages' => array( 'title' => $txt['package'], 'href' => $scripturl . '?action=admin;area=packages', 'show' => allowedTo('admin_forum'), ), 'errorlog' => array( 'title' => $txt['errlog'], 'href' => $scripturl . '?action=admin;area=logs;sa=errorlog;desc', 'show' => allowedTo('admin_forum') && !empty($modSettings['enableErrorLogging']), ), 'permissions' => array( 'title' => $txt['edit_permissions'], 'href' => $scripturl . '?action=admin;area=permissions', 'show' => allowedTo('manage_permissions'), ), 'memberapprove' => array( 'title' => $txt['approve_members_waiting'], 'href' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=approve', 'show' => !empty($context['unapproved_members']), 'is_last' => true, ), ), ), 'moderate' => array( 'title' => $txt['moderate'], 'href' => $scripturl . '?action=moderate', 'show' => $context['allow_moderation_center'], 'sub_buttons' => array( 'modlog' => array( 'title' => $txt['modlog_view'], 'href' => $scripturl . '?action=moderate;area=modlog', 'show' => !empty($modSettings['modlog_enabled']) && !empty($user_info['mod_cache']) && $user_info['mod_cache']['bq'] != '0=1', ), 'poststopics' => array( 'title' => $txt['mc_unapproved_poststopics'], 'href' => $scripturl . '?action=moderate;area=postmod;sa=posts', 'show' => $modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']), ), 'attachments' => array( 'title' => $txt['mc_unapproved_attachments'], 'href' => $scripturl . '?action=moderate;area=attachmod;sa=attachments', 'show' => $modSettings['postmod_active'] && !empty($user_info['mod_cache']['ap']), ), 'reports' => array( 'title' => $txt['mc_reported_posts'], 'href' => $scripturl . '?action=moderate;area=reportedposts', 'show' => !empty($user_info['mod_cache']) && $user_info['mod_cache']['bq'] != '0=1', ), 'reported_members' => array( 'title' => $txt['mc_reported_members'], 'href' => $scripturl . '?action=moderate;area=reportedmembers', 'show' => allowedTo('moderate_forum'), 'is_last' => true, ) ), ), 'calendar' => array( 'title' => $txt['calendar'], 'href' => $scripturl . '?action=calendar', 'show' => $context['allow_calendar'], 'sub_buttons' => array( 'view' => array( 'title' => $txt['calendar_menu'], 'href' => $scripturl . '?action=calendar', 'show' => $context['allow_calendar_event'], ), 'post' => array( 'title' => $txt['calendar_post_event'], 'href' => $scripturl . '?action=calendar;sa=post', 'show' => $context['allow_calendar_event'], 'is_last' => true, ), ), ), 'mlist' => array( 'title' => $txt['members_title'], 'href' => $scripturl . '?action=mlist', 'show' => $context['allow_memberlist'], 'sub_buttons' => array( 'mlist_view' => array( 'title' => $txt['mlist_menu_view'], 'href' => $scripturl . '?action=mlist', 'show' => true, ), 'mlist_search' => array( 'title' => $txt['mlist_search'], 'href' => $scripturl . '?action=mlist;sa=search', 'show' => true, 'is_last' => true, ), ), ), 'register' => array( 'title' => $txt['register'], 'href' => $scripturl . '?action=register', 'show' => $user_info['is_guest'] && $context['can_register'], 'sub_buttons' => array( ), 'is_last' => !$context['right_to_left'], ), 'logout' => array( 'title' => $txt['logout'], 'href' => $scripturl . '?action=logout;%1$s=%2$s', 'show' => !$user_info['is_guest'], 'sub_buttons' => array( ), 'is_last' => !$context['right_to_left'], ), ); // Allow editing menu buttons easily. call_integration_hook('integrate_menu_buttons', array(&$buttons)); // Now we put the buttons in the context so the theme can use them. $menu_buttons = array(); foreach ($buttons as $act => $button) if (!empty($button['show'])) { $button['active_button'] = false; // This button needs some action. if (isset($button['action_hook'])) $needs_action_hook = true; // Make sure the last button truely is the last button. if (!empty($button['is_last'])) { if (isset($last_button)) unset($menu_buttons[$last_button]['is_last']); $last_button = $act; } // Go through the sub buttons if there are any. if (!empty($button['sub_buttons'])) foreach ($button['sub_buttons'] as $key => $subbutton) { if (empty($subbutton['show'])) unset($button['sub_buttons'][$key]); // 2nd level sub buttons next... if (!empty($subbutton['sub_buttons'])) { foreach ($subbutton['sub_buttons'] as $key2 => $sub_button2) { if (empty($sub_button2['show'])) unset($button['sub_buttons'][$key]['sub_buttons'][$key2]); } } } $menu_buttons[$act] = $button; } if (!empty($modSettings['cache_enable']) && $modSettings['cache_enable'] >= 2) cache_put_data('menu_buttons-' . implode('_', $user_info['groups']) . '-' . $user_info['language'], $menu_buttons, $cacheTime); } $context['menu_buttons'] = $menu_buttons; // Logging out requires the session id in the url. if (isset($context['menu_buttons']['logout'])) $context['menu_buttons']['logout']['href'] = sprintf($context['menu_buttons']['logout']['href'], $context['session_var'], $context['session_id']); // Figure out which action we are doing so we can set the active tab. // Default to home. $current_action = 'home'; if (isset($context['menu_buttons'][$context['current_action']])) $current_action = $context['current_action']; elseif ($context['current_action'] == 'search2') $current_action = 'search'; elseif ($context['current_action'] == 'theme') $current_action = isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'pick' ? 'profile' : 'admin'; elseif ($context['current_action'] == 'register2') $current_action = 'register'; elseif ($context['current_action'] == 'login2' || ($user_info['is_guest'] && $context['current_action'] == 'reminder')) $current_action = 'login'; elseif ($context['current_action'] == 'groups' && $context['allow_moderation_center']) $current_action = 'moderate'; // There are certain exceptions to the above where we don't want anything on the menu highlighted. if ($context['current_action'] == 'profile' && !empty($context['user']['is_owner'])) { $current_action = !empty($_GET['area']) && $_GET['area'] == 'alerts_popup' ? 'self_alerts' : 'self_profile'; $context[$current_action] = true; } elseif ($context['current_action'] == 'pm') { $current_action = 'self_pm'; $context['self_pm'] = true; } // Not all actions are simple. if (!empty($needs_action_hook)) call_integration_hook('integrate_current_action', array(&$current_action)); if (isset($context['menu_buttons'][$current_action])) $context['menu_buttons'][$current_action]['active_button'] = true; $total_mod_reports = 0; if (!empty($user_info['mod_cache']) && $user_info['mod_cache']['bq'] != '0=1' && !empty($context['open_mod_reports'])) { $total_mod_reports = $context['open_mod_reports']; $context['menu_buttons']['moderate']['sub_buttons']['reports']['title'] .= ' ' . $context['open_mod_reports'] . ''; } /** * @todo For some reason, $context['open_member_reports'] isn't getting set */ if (allowedTo('moderate_forum') && !empty($context['open_member_reports'])) { $total_mod_reports += $context['open_member_reports']; $context['menu_buttons']['moderate']['sub_buttons']['reported_members']['title'] .= ' ' . $context['open_member_reports'] . ''; } if (!empty($context['unapproved_members'])) { $context['menu_buttons']['admin']['sub_buttons']['memberapprove']['title'] .= ' ' . $context['unapproved_members'] . ''; $context['menu_buttons']['admin']['title'] .= ' ' . $context['unapproved_members'] . ''; } // Do we have any open reports? if ($total_mod_reports > 0) { $context['menu_buttons']['moderate']['title'] .= ' ' . $total_mod_reports . ''; } } /** * Generate a random seed and ensure it's stored in settings. */ function smf_seed_generator() { global $modSettings; // Never existed? if (empty($modSettings['rand_seed'])) { $modSettings['rand_seed'] = microtime() * 1000000; updateSettings(array('rand_seed' => $modSettings['rand_seed'])); } // Change the seed. updateSettings(array('rand_seed' => mt_rand())); } /** * Process functions of an integration hook. * calls all functions of the given hook. * supports static class method calls. * * @param string $hook * @param array $parameters = array() * @return array the results of the functions */ function call_integration_hook($hook, $parameters = array()) { global $modSettings, $settings, $boarddir, $sourcedir, $db_show_debug; global $context, $txt; if ($db_show_debug === true) $context['debug']['hooks'][] = $hook; // Need to have some control. if (!isset($context['instances'])) $context['instances'] = array(); $results = array(); if (empty($modSettings[$hook])) return $results; $functions = explode(',', $modSettings[$hook]); // Loop through each function. foreach ($functions as $function) { $function = trim($function); // Found a call to a method. if (strpos($function, '::') !== false) { $call = explode('::', $function); // Get the file and the class::method. if (strpos($call[1], ':') !== false) { list($func, $file) = explode(':', $call[1]); // Need to temp delete the # if (strpos($file, '#') !== false) $file = str_replace('#', '', $file); // Match the wildcards to their regular vars. if (empty($settings['theme_dir'])) $absPath = strtr(trim($file), array('$boarddir' => $boarddir, '$sourcedir' => $sourcedir)); else $absPath = strtr(trim($file), array('$boarddir' => $boarddir, '$sourcedir' => $sourcedir, '$themedir' => $settings['theme_dir'])); // Load the file if it can be loaded. if (file_exists($absPath)) require_once($absPath); // No? tell the admin about it. else { loadLanguage('Errors'); log_error(sprintf($txt['hook_fail_loading_file'], $absPath), 'general'); } // Check if a new object will be created. if (strpos($call[1], '#') !== false) { // Don't need to create a new instance for every method. if (empty($context['instances'][$call[0]]) || !($context['instances'][$call[0]] instanceof $call[0])) { $context['instances'][$call[0]] = new $call[0]; // Add another one to the list. if ($db_show_debug === true) $context['debug']['instances'][$call[0]] = $hook; } $call = array($context['instances'][$call[0]], $func); } // Right then, this is a call to a static method. else $call = array($call[0], $func); } } else { $call = $function; if (strpos($function, ':') !== false) { list($func, $file) = explode(':', $function); if (empty($settings['theme_dir'])) $absPath = strtr(trim($file), array('$boarddir' => $boarddir, '$sourcedir' => $sourcedir)); else $absPath = strtr(trim($file), array('$boarddir' => $boarddir, '$sourcedir' => $sourcedir, '$themedir' => $settings['theme_dir'])); if (file_exists($absPath)) require_once($absPath); $call = $func; } } // Is it valid? if (is_callable($call)) $results[$function] = call_user_func_array($call, $parameters); // Whatever it was suppose to call, it failed :( elseif (!empty($func) && !empty($absPath)) { loadLanguage('Errors'); log_error(sprintf($txt['hook_fail_call_to'], $func, $absPath), 'general'); } } return $results; } /** * Add a function for integration hook. * does nothing if the function is already added. * * @param string $hook The complete hook name. * @param string $function Function name, can be a call to a method via Class::method. * @param string $file Must include one of the following wildcards: $boarddir, $sourcedir, $themedir, example: $sourcedir/Test.php * @param bool $object Boolean Indicates if your class will be instantiated when its respective hook is called, your function must be a method. * @param bool $permanent = true if true, updates the value in settings table. */ function add_integration_function($hook, $function, $file = '', $object = false, $permanent = true) { global $smcFunc, $modSettings; $integration_call = (!empty($file) && $file !== true) ? ($function . ':' . $file . ($object ? '#' : '')) : $function; // Is it going to be permanent? if ($permanent) { $request = $smcFunc['db_query']('', ' SELECT value FROM {db_prefix}settings WHERE variable = {string:variable}', array( 'variable' => $hook, ) ); list($current_functions) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); if (!empty($current_functions)) { $current_functions = explode(',', $current_functions); if (in_array($integration_call, $current_functions)) return; $permanent_functions = array_merge($current_functions, array($integration_call)); } else $permanent_functions = array($integration_call); updateSettings(array($hook => implode(',', $permanent_functions))); } // Make current function list usable. $functions = empty($modSettings[$hook]) ? array() : explode(',', $modSettings[$hook]); // Do nothing, if it's already there. if (in_array($integration_call, $functions)) return; $functions[] = $integration_call; $modSettings[$hook] = implode(',', $functions); } /** * Remove an integration hook function. * Removes the given function from the given hook. * Does nothing if the function is not available. * * @param string $hook * @param string $function * @param string $file */ function remove_integration_function($hook, $function, $file = '', $object = false) { global $smcFunc, $modSettings; $integration_call = (!empty($file)) ? $function . ':' . $file .($object ? '#' : '') : $function; // Get the permanent functions. $request = $smcFunc['db_query']('', ' SELECT value FROM {db_prefix}settings WHERE variable = {string:variable}', array( 'variable' => $hook, ) ); list($current_functions) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); if (!empty($current_functions)) { $current_functions = explode(',', $current_functions); if (in_array($integration_call, $current_functions)) updateSettings(array($hook => implode(',', array_diff($current_functions, array($integration_call))))); } // Turn the function list into something usable. $functions = empty($modSettings[$hook]) ? array() : explode(',', $modSettings[$hook]); // You can only remove it if it's available. if (!in_array($integration_call, $functions)) return; $functions = array_diff($functions, array($integration_call)); $modSettings[$hook] = implode(',', $functions); } /** * Microsoft uses their own character set Code Page 1252 (CP1252), which is a * superset of ISO 8859-1, defining several characters between DEC 128 and 159 * that are not normally displayable. This converts the popular ones that * appear from a cut and paste from windows. * * @param string $string * @return string $string */ function sanitizeMSCutPaste($string) { global $context; if (empty($string)) return $string; // UTF-8 occurences of MS special characters $findchars_utf8 = array( "\xe2\80\x9a", // single low-9 quotation mark "\xe2\80\x9e", // double low-9 quotation mark "\xe2\80\xa6", // horizontal ellipsis "\xe2\x80\x98", // left single curly quote "\xe2\x80\x99", // right single curly quote "\xe2\x80\x9c", // left double curly quote "\xe2\x80\x9d", // right double curly quote "\xe2\x80\x93", // en dash "\xe2\x80\x94", // em dash ); // windows 1252 / iso equivalents $findchars_iso = array( chr(130), chr(132), chr(133), chr(145), chr(146), chr(147), chr(148), chr(150), chr(151), ); // safe replacements $replacechars = array( ',', // ‚ ',,', // „ '...', // … "'", // ‘ "'", // ’ '"', // “ '"', // ” '-', // – '--', // — ); if ($context['utf8']) $string = str_replace($findchars_utf8, $replacechars, $string); else $string = str_replace($findchars_iso, $replacechars, $string); return $string; } /** * Decode numeric html entities to their ascii or UTF8 equivalent character. * * Callback function for preg_replace_callback in subs-members * Uses capture group 2 in the supplied array * Does basic scan to ensure characters are inside a valid range * * @param array $matches * @return string $string */ function replaceEntities__callback($matches) { global $context; if (!isset($matches[2])) return ''; $num = $matches[2][0] === 'x' ? hexdec(substr($matches[2], 1)) : (int) $matches[2]; // remove left to right / right to left overrides if ($num === 0x202D || $num === 0x202E) return ''; // Quote, Ampersand, Apostrophe, Less/Greater Than get html replaced if (in_array($num, array(0x22, 0x26, 0x27, 0x3C, 0x3E))) return '&#' . $num . ';'; if (empty($context['utf8'])) { // no control characters if ($num < 0x20) return ''; // text is text elseif ($num < 0x80) return chr($num); // all others get html-ised else return '&#' . $matches[2] . ';'; } else { // <0x20 are control characters, 0x20 is a space, > 0x10FFFF is past the end of the utf8 character set // 0xD800 >= $num <= 0xDFFF are surrogate markers (not valid for utf8 text) if ($num < 0x20 || $num > 0x10FFFF || ($num >= 0xD800 && $num <= 0xDFFF)) return ''; // <0x80 (or less than 128) are standard ascii characters a-z A-Z 0-9 and puncuation elseif ($num < 0x80) return chr($num); // <0x800 (2048) elseif ($num < 0x800) return chr(($num >> 6) + 192) . chr(($num & 63) + 128); // < 0x10000 (65536) elseif ($num < 0x10000) return chr(($num >> 12) + 224) . chr((($num >> 6) & 63) + 128) . chr(($num & 63) + 128); // <= 0x10FFFF (1114111) else return chr(($num >> 18) + 240) . chr((($num >> 12) & 63) + 128) . chr((($num >> 6) & 63) + 128) . chr(($num & 63) + 128); } } /** * Converts html entities to utf8 equivalents * * Callback function for preg_replace_callback * Uses capture group 1 in the supplied array * Does basic checks to keep characters inside a viewable range. * * @param array $matches * @return string $string */ function fixchar__callback($matches) { if (!isset($matches[1])) return ''; $num = $matches[1][0] === 'x' ? hexdec(substr($matches[1], 1)) : (int) $matches[1]; // <0x20 are control characters, > 0x10FFFF is past the end of the utf8 character set // 0xD800 >= $num <= 0xDFFF are surrogate markers (not valid for utf8 text), 0x202D-E are left to right overrides if ($num < 0x20 || $num > 0x10FFFF || ($num >= 0xD800 && $num <= 0xDFFF) || $num === 0x202D || $num === 0x202E) return ''; // <0x80 (or less than 128) are standard ascii characters a-z A-Z 0-9 and puncuation elseif ($num < 0x80) return chr($num); // <0x800 (2048) elseif ($num < 0x800) return chr(($num >> 6) + 192) . chr(($num & 63) + 128); // < 0x10000 (65536) elseif ($num < 0x10000) return chr(($num >> 12) + 224) . chr((($num >> 6) & 63) + 128) . chr(($num & 63) + 128); // <= 0x10FFFF (1114111) else return chr(($num >> 18) + 240) . chr((($num >> 12) & 63) + 128) . chr((($num >> 6) & 63) + 128) . chr(($num & 63) + 128); } /** * Strips out invalid html entities, replaces others with html style { codes * * Callback function used of preg_replace_callback in smcFunc $ent_checks, for example * strpos, strlen, substr etc * * @param array $matches * @return string $string */ function entity_fix__callback($matches) { if (!isset($matches[2])) return ''; $num = $matches[2][0] === 'x' ? hexdec(substr($matches[2], 1)) : (int) $matches[2]; // we don't allow control characters, characters out of range, byte markers, etc if ($num < 0x20 || $num > 0x10FFFF || ($num >= 0xD800 && $num <= 0xDFFF) || $num == 0x202D || $num == 0x202E) return ''; else return '&#' . $num . ';'; } ?>