diff options
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 459 |
1 files changed, 298 insertions, 161 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index cd8447a2a3..32fff0d715 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -18,122 +18,62 @@ if (!defined('IN_PHPBB')) // Common global functions -/** -* set_var -* -* Set variable, used by {@link request_var the request_var function} -* -* @access private -*/ function set_var(&$result, $var, $type, $multibyte = false) { - settype($var, $type); - $result = $var; - - if ($type == 'string') - { - $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8')); - - if (!empty($result)) - { - // Make sure multibyte characters are wellformed - if ($multibyte) - { - if (!preg_match('/^./u', $result)) - { - $result = ''; - } - } - else - { - // no multibyte, allow only ASCII (0-127) - $result = preg_replace('/[\x80-\xFF]/', '?', $result); - } - } - - $result = (STRIP) ? stripslashes($result) : $result; - } + // no need for dependency injection here, if you have the object, call the method yourself! + $type_cast_helper = new phpbb_request_type_cast_helper(); + $type_cast_helper->set_var($result, $var, $type, $multibyte); } /** -* request_var +* Wrapper function of phpbb_request::variable which exists for backwards compatability. +* See {@link phpbb_request_interface::variable phpbb_request_interface::variable} for +* documentation of this function's use. +* +* @param mixed $var_name The form variable's name from which data shall be retrieved. +* If the value is an array this may be an array of indizes which will give +* direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a") +* then specifying array("var", 1) as the name will return "a". +* If you pass an instance of {@link phpbb_request_interface phpbb_request_interface} +* as this parameter it will overwrite the current request class instance. If you do +* not do so, it will create its own instance (but leave superglobals enabled). +* @param mixed $default A default value that is returned if the variable was not set. +* This function will always return a value of the same type as the default. +* @param bool $multibyte If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters +* Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks +* @param bool $cookie This param is mapped to phpbb_request_interface::COOKIE as the last param for +* phpbb_request_interface::variable for backwards compatability reasons. * -* Used to get passed variable +* @return mixed The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the +* the same as that of $default. If the variable is not set $default is returned. */ -function request_var($var_name, $default, $multibyte = false, $cookie = false) +function request_var($var_name, $default, $multibyte = false, $cookie = false, phpbb_request_interface $request = null) { - if (!$cookie && isset($_COOKIE[$var_name])) - { - if (!isset($_GET[$var_name]) && !isset($_POST[$var_name])) - { - return (is_array($default)) ? array() : $default; - } - $_REQUEST[$var_name] = isset($_POST[$var_name]) ? $_POST[$var_name] : $_GET[$var_name]; - } + // This is all just an ugly hack to add "Dependency Injection" to a function + // the only real code is the function call which maps this function to a method. + static $static_request = null; - $super_global = ($cookie) ? '_COOKIE' : '_REQUEST'; - if (!isset($GLOBALS[$super_global][$var_name]) || is_array($GLOBALS[$super_global][$var_name]) != is_array($default)) + if ($request instanceof phpbb_request_interface) { - return (is_array($default)) ? array() : $default; - } + $static_request = $request; - $var = $GLOBALS[$super_global][$var_name]; - if (!is_array($default)) - { - $type = gettype($default); - } - else - { - list($key_type, $type) = each($default); - $type = gettype($type); - $key_type = gettype($key_type); - if ($type == 'array') + if (empty($var_name)) { - reset($default); - $default = current($default); - list($sub_key_type, $sub_type) = each($default); - $sub_type = gettype($sub_type); - $sub_type = ($sub_type == 'array') ? 'NULL' : $sub_type; - $sub_key_type = gettype($sub_key_type); + return; } } - if (is_array($var)) - { - $_var = $var; - $var = array(); + $tmp_request = $static_request; - foreach ($_var as $k => $v) - { - set_var($k, $k, $key_type); - if ($type == 'array' && is_array($v)) - { - foreach ($v as $_k => $_v) - { - if (is_array($_v)) - { - $_v = null; - } - set_var($_k, $_k, $sub_key_type, $multibyte); - set_var($var[$k][$_k], $_v, $sub_type, $multibyte); - } - } - else - { - if ($type == 'array' || is_array($v)) - { - $v = null; - } - set_var($var[$k], $v, $type, $multibyte); - } - } - } - else + // no request class set, create a temporary one ourselves to keep backwards compatability + if ($tmp_request === null) { - set_var($var, $var, $type, $multibyte); + // false param: enable super globals, so the created request class does not + // make super globals inaccessible everywhere outside this function. + $tmp_request = new phpbb_request(new phpbb_request_type_cast_helper(), false); } - return $var; + return $tmp_request->variable($var_name, $default, $multibyte, ($cookie) ? phpbb_request_interface::COOKIE : phpbb_request_interface::REQUEST); } /** @@ -195,10 +135,27 @@ function set_config_count($config_name, $increment, $is_dynamic = false) /** * Generates an alphanumeric random string of given length +* +* @return string */ function gen_rand_string($num_chars = 8) { + // [a, z] + [0, 9] = 36 + return substr(strtoupper(base_convert(unique_id(), 16, 36)), 0, $num_chars); +} + +/** +* Generates a user-friendly alphanumeric random string of given length +* We remove 0 and O so users cannot confuse those in passwords etc. +* +* @return string +*/ +function gen_rand_string_friendly($num_chars = 8) +{ $rand_str = unique_id(); + + // Remove Z and Y from the base_convert(), replace 0 with Z and O with Y + // [a, z] + [0, 9] - {z, y} = [a, z] + [0, 9] - {0, o} = 34 $rand_str = str_replace(array('0', 'O'), array('Z', 'Y'), strtoupper(base_convert($rand_str, 16, 34))); return substr($rand_str, 0, $num_chars); @@ -701,7 +658,7 @@ function phpbb_chmod($filename, $perms = CHMOD_READ) clearstatcache(); - if (is_readable($filename) && is_writable($filename)) + if (is_readable($filename) && phpbb_is_writable($filename)) { break; } @@ -711,7 +668,7 @@ function phpbb_chmod($filename, $perms = CHMOD_READ) clearstatcache(); - if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || is_writable($filename))) + if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename))) { break; } @@ -721,7 +678,7 @@ function phpbb_chmod($filename, $perms = CHMOD_READ) clearstatcache(); - if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || is_writable($filename))) + if ((!($perms & CHMOD_READ) || is_readable($filename)) && (!($perms & CHMOD_WRITE) || phpbb_is_writable($filename))) { break; } @@ -1035,7 +992,7 @@ function phpbb_own_realpath($path) // @todo If the file exists fine and open_basedir only has one path we should be able to prepend it // because we must be inside that basedir, the question is where... // @internal The slash in is_dir() gets around an open_basedir restriction - if (!@file_exists($resolved) || (!is_dir($resolved . '/') && !is_file($resolved))) + if (!@file_exists($resolved) || (!@is_dir($resolved . '/') && !is_file($resolved))) { return false; } @@ -1191,6 +1148,7 @@ function tz_select($default = '', $truncate = false) function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $user_id = 0) { global $db, $user, $config; + global $request; if ($mode == 'all') { @@ -1205,7 +1163,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ } else if ($config['load_anon_lastread'] || $user->data['is_registered']) { - $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : ''; + $tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, phpbb_request_interface::COOKIE); $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); unset($tracking_topics['tf']); @@ -1214,7 +1172,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ $tracking_topics['l'] = base_convert(time() - $config['board_startdate'], 10, 36); $user->set_cookie('track', tracking_serialize($tracking_topics), time() + 31536000); - $_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking_topics)) : tracking_serialize($tracking_topics); + $request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking_topics), phpbb_request_interface::COOKIE); unset($tracking_topics); @@ -1284,7 +1242,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ } else if ($config['load_anon_lastread'] || $user->data['is_registered']) { - $tracking = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : ''; + $tracking = $request->variable($config['cookie_name'] . '_track', '', true, phpbb_request_interface::COOKIE); $tracking = ($tracking) ? tracking_unserialize($tracking) : array(); foreach ($forum_id as $f_id) @@ -1315,7 +1273,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ } $user->set_cookie('track', tracking_serialize($tracking), time() + 31536000); - $_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking)) : tracking_serialize($tracking); + $request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking), phpbb_request_interface::COOKIE); unset($tracking); } @@ -1356,7 +1314,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ } else if ($config['load_anon_lastread'] || $user->data['is_registered']) { - $tracking = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : ''; + $tracking = $request->variable($config['cookie_name'] . '_track', '', true, phpbb_request_interface::COOKIE); $tracking = ($tracking) ? tracking_unserialize($tracking) : array(); $topic_id36 = base_convert($topic_id, 10, 36); @@ -1371,7 +1329,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ // If the cookie grows larger than 10000 characters we will remove the smallest value // This can result in old topics being unread - but most of the time it should be accurate... - if (isset($_COOKIE[$config['cookie_name'] . '_track']) && strlen($_COOKIE[$config['cookie_name'] . '_track']) > 10000) + if (strlen($request->variable($config['cookie_name'] . '_track', '', true, phpbb_request_interface::COOKIE)) > 10000) { //echo 'Cookie grown too large' . print_r($tracking, true); @@ -1411,7 +1369,7 @@ function markread($mode, $forum_id = false, $topic_id = false, $post_time = 0, $ } $user->set_cookie('track', tracking_serialize($tracking), time() + 31536000); - $_COOKIE[$config['cookie_name'] . '_track'] = (STRIP) ? addslashes(tracking_serialize($tracking)) : tracking_serialize($tracking); + $request->overwrite($config['cookie_name'] . '_track', tracking_serialize($tracking), phpbb_request_interface::COOKIE); } return; @@ -1593,7 +1551,7 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis if (!isset($tracking_topics) || !sizeof($tracking_topics)) { - $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : ''; + $tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, phpbb_request_interface::COOKIE); $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); } @@ -1660,10 +1618,11 @@ function get_complete_topic_tracking($forum_id, $topic_ids, $global_announce_lis * @param string $sql_extra Extra WHERE SQL statement * @param string $sql_sort ORDER BY SQL sorting statement * @param string $sql_limit Limits the size of unread topics list, 0 for unlimited query +* @param string $sql_limit_offset Sets the offset of the first row to search, 0 to search from the start * * @return array[int][int] Topic ids as keys, mark_time of topic as value */ -function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001) +function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $sql_limit = 1001, $sql_limit_offset = 0) { global $config, $db, $user; @@ -1709,7 +1668,7 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s ); $sql = $db->sql_build_query('SELECT', $sql_array); - $result = $db->sql_query_limit($sql, $sql_limit); + $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset); while ($row = $db->sql_fetchrow($result)) { @@ -1742,7 +1701,7 @@ function get_unread_topics($user_id = false, $sql_extra = '', $sql_sort = '', $s WHERE t.topic_last_post_time > ' . $user_lastmark . " $sql_extra $sql_sort"; - $result = $db->sql_query_limit($sql, $sql_limit); + $result = $db->sql_query_limit($sql, $sql_limit, $sql_limit_offset); while ($row = $db->sql_fetchrow($result)) { @@ -1802,7 +1761,7 @@ function update_forum_tracking_info($forum_id, $forum_last_post_time, $f_mark_ti } else if ($config['load_anon_lastread'] || $user->data['is_registered']) { - $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : ''; + $tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, phpbb_request_interface::COOKIE); $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); if (!$user->data['is_registered']) @@ -2020,7 +1979,7 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add // Make sure $per_page is a valid value $per_page = ($per_page <= 0) ? 1 : $per_page; - $seperator = '<span class="page-sep">' . $user->lang['COMMA_SEPARATOR'] . '</span>'; + $separator = '<span class="page-sep">' . $user->lang['COMMA_SEPARATOR'] . '</span>'; $total_pages = ceil($num_items / $per_page); if ($total_pages == 1 || !$num_items) @@ -2038,29 +1997,29 @@ function generate_pagination($base_url, $num_items, $per_page, $start_item, $add $start_cnt = min(max(1, $on_page - 4), $total_pages - 5); $end_cnt = max(min($total_pages, $on_page + 4), 6); - $page_string .= ($start_cnt > 1) ? ' ... ' : $seperator; + $page_string .= ($start_cnt > 1) ? ' ... ' : $separator; for ($i = $start_cnt + 1; $i < $end_cnt; $i++) { $page_string .= ($i == $on_page) ? '<strong>' . $i . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($i - 1) * $per_page) . '">' . $i . '</a>'; if ($i < $end_cnt - 1) { - $page_string .= $seperator; + $page_string .= $separator; } } - $page_string .= ($end_cnt < $total_pages) ? ' ... ' : $seperator; + $page_string .= ($end_cnt < $total_pages) ? ' ... ' : $separator; } else { - $page_string .= $seperator; + $page_string .= $separator; for ($i = 2; $i < $total_pages; $i++) { $page_string .= ($i == $on_page) ? '<strong>' . $i . '</strong>' : '<a href="' . $base_url . "{$url_delim}start=" . (($i - 1) * $per_page) . '">' . $i . '</a>'; if ($i < $total_pages) { - $page_string .= $seperator; + $page_string .= $separator; } } } @@ -2335,12 +2294,12 @@ function redirect($url, $return = false, $disable_cd_check = false) // Relative uri $pathinfo = pathinfo($url); - if (!$disable_cd_check && !file_exists($pathinfo['dirname'])) + if (!$disable_cd_check && !file_exists($pathinfo['dirname'] . '/')) { $url = str_replace('../', '', $url); $pathinfo = pathinfo($url); - if (!file_exists($pathinfo['dirname'])) + if (!file_exists($pathinfo['dirname'] . '/')) { // fallback to "last known user page" // at least this way we know the user does not leave the phpBB root @@ -2518,6 +2477,11 @@ function build_url($strip_vars = false) $key = $arguments[0]; unset($arguments[0]); + if ($key === '') + { + continue; + } + $query[$key] = implode('=', $arguments); } @@ -2578,6 +2542,47 @@ function meta_refresh($time, $url, $disable_cd_check = false) return $url; } +/** +* Outputs correct status line header. +* +* Depending on php sapi one of the two following forms is used: +* +* Status: 404 Not Found +* +* HTTP/1.x 404 Not Found +* +* HTTP version is taken from HTTP_VERSION environment variable, +* and defaults to 1.0. +* +* Sample usage: +* +* send_status_line(404, 'Not Found'); +* +* @param int $code HTTP status code +* @param string $message Message for the status code +* @return void +*/ +function send_status_line($code, $message) +{ + if (substr(strtolower(@php_sapi_name()), 0, 3) === 'cgi') + { + // in theory, we shouldn't need that due to php doing it. Reality offers a differing opinion, though + header("Status: $code $message", true, $code); + } + else + { + if (isset($_SERVER['HTTP_VERSION'])) + { + $version = $_SERVER['HTTP_VERSION']; + } + else + { + $version = 'HTTP/1.0'; + } + header("$version $code $message", true, $code); + } +} + //Form validation @@ -2694,22 +2699,14 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_body.html', $u_action = '') { global $user, $template, $db; - global $phpEx, $phpbb_root_path; + global $phpEx, $phpbb_root_path, $request; if (isset($_POST['cancel'])) { return false; } - $confirm = false; - if (isset($_POST['confirm'])) - { - // language frontier - if ($_POST['confirm'] === $user->lang['YES']) - { - $confirm = true; - } - } + $confirm = ($user->lang['YES'] === $request->variable('confirm', '', true, phpbb_request_interface::POST)); if ($check && $confirm) { @@ -2797,8 +2794,9 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true) { global $db, $user, $template, $auth, $phpEx, $phpbb_root_path, $config; + global $request; - if (!class_exists('phpbb_captcha_factory')) + if (!class_exists('phpbb_captcha_factory', false)) { include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); } @@ -2847,8 +2845,8 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa } $username = request_var('username', '', true); - $autologin = (!empty($_POST['autologin'])) ? true : false; - $viewonline = (!empty($_POST['viewonline'])) ? 0 : 1; + $autologin = $request->is_set_post('autologin'); + $viewonline = (int) !$request->is_set_post('viewonline'); $admin = ($admin) ? 1 : 0; $viewonline = ($admin) ? $user->data['session_viewonline'] : $viewonline; @@ -3313,7 +3311,9 @@ function get_preg_expression($mode) switch ($mode) { case 'email': - return '(?:[a-z0-9\'\.\-_\+\|]++|&)+@[a-z0-9\-]+\.(?:[a-z0-9\-]+\.)*[a-z]+'; + // Regex written by James Watts and Francisco Jose Martin Moreno + // http://fightingforalostcause.net/misc/2006/compare-email-regex.php + return '([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*(?:[\w\!\#$\%\'\*\+\-\/\=\?\^\`{\|\}\~]|&)+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,6})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)'; break; case 'bbcode_htm': @@ -3396,26 +3396,110 @@ function short_ipv6($ip, $length) /** * Wrapper for php's checkdnsrr function. * -* The windows failover is from the php manual -* Please make sure to check the return value for === true and === false, since NULL could -* be returned too. +* @param string $host Fully-Qualified Domain Name +* @param string $type Resource record type to lookup +* Supported types are: MX (default), A, AAAA, NS, TXT, CNAME +* Other types may work or may not work * -* @return true if entry found, false if not, NULL if this function is not supported by this environment +* @return mixed true if entry found, +* false if entry not found, +* null if this function is not supported by this environment +* +* Since null can also be returned, you probably want to compare the result +* with === true or === false, +* +* @author bantu */ -function phpbb_checkdnsrr($host, $type = '') +function phpbb_checkdnsrr($host, $type = 'MX') { - $type = (!$type) ? 'MX' : $type; + // The dot indicates to search the DNS root (helps those having DNS prefixes on the same domain) + if (substr($host, -1) == '.') + { + $host_fqdn = $host; + $host = substr($host, 0, -1); + } + else + { + $host_fqdn = $host . '.'; + } + // $host has format some.host.example.com + // $host_fqdn has format some.host.example.com. - // Call checkdnsrr() if available. This is also the case on Windows with PHP 5.3 or later. - if (function_exists('checkdnsrr')) + // If we're looking for an A record we can use gethostbyname() + if ($type == 'A' && function_exists('gethostbyname')) { - // The dot indicates to search the DNS root (helps those having DNS prefixes on the same domain) - return checkdnsrr($host . '.', $type); + return (@gethostbyname($host_fqdn) == $host_fqdn) ? false : true; + } + + // checkdnsrr() is available on Windows since PHP 5.3, + // but until 5.3.3 it only works for MX records + // See: http://bugs.php.net/bug.php?id=51844 + + // Call checkdnsrr() if + // we're looking for an MX record or + // we're not on Windows or + // we're running a PHP version where #51844 has been fixed + + // checkdnsrr() supports AAAA since 5.0.0 + // checkdnsrr() supports TXT since 5.2.4 + if ( + ($type == 'MX' || DIRECTORY_SEPARATOR != '\\' || version_compare(PHP_VERSION, '5.3.3', '>=')) && + ($type != 'AAAA' || version_compare(PHP_VERSION, '5.0.0', '>=')) && + ($type != 'TXT' || version_compare(PHP_VERSION, '5.2.4', '>=')) && + function_exists('checkdnsrr') + ) + { + return checkdnsrr($host_fqdn, $type); + } + + // dns_get_record() is available since PHP 5; since PHP 5.3 also on Windows, + // but on Windows it does not work reliable for AAAA records before PHP 5.3.1 + + // Call dns_get_record() if + // we're not looking for an AAAA record or + // we're not on Windows or + // we're running a PHP version where AAAA lookups work reliable + if ( + ($type != 'AAAA' || DIRECTORY_SEPARATOR != '\\' || version_compare(PHP_VERSION, '5.3.1', '>=')) && + function_exists('dns_get_record') + ) + { + // dns_get_record() expects an integer as second parameter + // We have to convert the string $type to the corresponding integer constant. + $type_constant = 'DNS_' . $type; + $type_param = (defined($type_constant)) ? constant($type_constant) : DNS_ANY; + + // dns_get_record() might throw E_WARNING and return false for records that do not exist + $resultset = @dns_get_record($host_fqdn, $type_param); + + if (empty($resultset) || !is_array($resultset)) + { + return false; + } + else if ($type_param == DNS_ANY) + { + // $resultset is a non-empty array + return true; + } + + foreach ($resultset as $result) + { + if ( + isset($result['host']) && $result['host'] == $host && + isset($result['type']) && $result['type'] == $type + ) + { + return true; + } + } + + return false; } - else if (DIRECTORY_SEPARATOR == '\\' && function_exists('exec')) + + // If we're on Windows we can still try to call nslookup via exec() as a last resort + if (DIRECTORY_SEPARATOR == '\\' && function_exists('exec')) { - // @exec('nslookup -retry=1 -timout=1 -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host), $output); - @exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host) . '.', $output); + @exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host_fqdn), $output); // If output is empty, the nslookup failed if (empty($output)) @@ -3425,15 +3509,66 @@ function phpbb_checkdnsrr($host, $type = '') foreach ($output as $line) { - if (!trim($line)) + $line = trim($line); + + if (empty($line)) { continue; } - // Valid records begin with host name: - if (strpos($line, $host) === 0) + // Squash tabs and multiple whitespaces to a single whitespace. + $line = preg_replace('/\s+/', ' ', $line); + + switch ($type) { - return true; + case 'MX': + if (stripos($line, "$host MX") === 0) + { + return true; + } + break; + + case 'NS': + if (stripos($line, "$host nameserver") === 0) + { + return true; + } + break; + + case 'TXT': + if (stripos($line, "$host text") === 0) + { + return true; + } + break; + + case 'CNAME': + if (stripos($line, "$host canonical name") === 0) + { + return true; + } + + default: + case 'A': + case 'AAAA': + if (!empty($host_matches)) + { + // Second line + if (stripos($line, "Address: ") === 0) + { + return true; + } + else + { + $host_matches = false; + } + } + else if (stripos($line, "Name: $host") === 0) + { + // First line + $host_matches = true; + } + break; } } @@ -3552,7 +3687,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline) } // Do not send 200 OK, but service unavailable on errors - header('HTTP/1.1 503 Service Unavailable'); + send_status_line(503, 'Service Unavailable'); garbage_collection(); @@ -3621,9 +3756,9 @@ function msg_handler($errno, $msg_text, $errfile, $errline) $user->setup(); } - if ($msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER') + if ($msg_text == 'ERROR_NO_ATTACHMENT' || $msg_text == 'NO_FORUM' || $msg_text == 'NO_TOPIC' || $msg_text == 'NO_USER') { - header("HTTP/1.x 404 Not Found"); + send_status_line(404, 'Not Found'); } $msg_text = (!empty($user->lang[$msg_text])) ? $user->lang[$msg_text] : $msg_text; @@ -4022,7 +4157,8 @@ function phpbb_http_login($param) } else if ($auth_result['status'] == LOGIN_ERROR_ATTEMPTS) { - header('HTTP/1.0 401 Unauthorized'); + send_status_line(401, 'Unauthorized'); + trigger_error('NOT_AUTHORISED'); } } @@ -4034,7 +4170,7 @@ function phpbb_http_login($param) $param['auth_message'] = preg_replace('/[\x80-\xFF]/', '?', $param['auth_message']); header('WWW-Authenticate: Basic realm="' . $param['auth_message'] . '"'); - header('HTTP/1.0 401 Unauthorized'); + send_status_line(401, 'Unauthorized'); trigger_error('NOT_AUTHORISED'); } @@ -4264,6 +4400,8 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'S_ENABLE_FEEDS_TOPICS_ACTIVE' => ($config['feed_topics_active']) ? true : false, 'S_ENABLE_FEEDS_NEWS' => ($s_feed_news) ? true : false, + 'S_LOAD_UNREADS' => ($config['load_unreads_search'] && ($config['load_anon_lastread'] || $user->data['is_registered'])) ? true : false, + 'T_THEME_PATH' => "{$web_path}styles/" . $user->theme['theme_path'] . '/theme', 'T_TEMPLATE_PATH' => "{$web_path}styles/" . $user->theme['template_path'] . '/template', 'T_SUPER_TEMPLATE_PATH' => (isset($user->theme['template_inherit_path']) && $user->theme['template_inherit_path']) ? "{$web_path}styles/" . $user->theme['template_inherit_path'] . '/template' : "{$web_path}styles/" . $user->theme['template_path'] . '/template', @@ -4276,7 +4414,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 'T_ICONS_PATH' => "{$web_path}{$config['icons_path']}/", 'T_RANKS_PATH' => "{$web_path}{$config['ranks_path']}/", 'T_UPLOAD_PATH' => "{$web_path}{$config['upload_path']}/", - 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->data['user_lang'], true, $user->session_id), + 'T_STYLESHEET_LINK' => (!$user->theme['theme_storedb']) ? "{$web_path}styles/" . $user->theme['theme_path'] . '/theme/stylesheet.css' : append_sid("{$phpbb_root_path}style.$phpEx", 'id=' . $user->theme['style_id'] . '&lang=' . $user->data['user_lang']), 'T_STYLESHEET_NAME' => $user->theme['theme_name'], 'T_THEME_NAME' => $user->theme['theme_path'], @@ -4313,6 +4451,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0 function page_footer($run_cron = true) { global $db, $config, $template, $user, $auth, $cache, $starttime, $phpbb_root_path, $phpEx; + global $request; // Output page creation time if (defined('DEBUG')) @@ -4320,7 +4459,7 @@ function page_footer($run_cron = true) $mtime = explode(' ', microtime()); $totaltime = $mtime[0] + $mtime[1] - $starttime; - if (!empty($_REQUEST['explain']) && $auth->acl_get('a_') && defined('DEBUG_EXTRA') && method_exists($db, 'sql_report')) + if ($request->variable('explain', false) && $auth->acl_get('a_') && defined('DEBUG_EXTRA') && method_exists($db, 'sql_report')) { $db->sql_report('display'); } @@ -4481,5 +4620,3 @@ function phpbb_user_session_handler() return; } - -?>
\ No newline at end of file |