<?php
/*-------------------------------------------------------+
| Guestbook Infusion 4.12
| Author: Sebastian Schüssler (slaughter)
| Download:
| http://basti2web.de
+--------------------------------------------------------+
| Filename: functions.php
| Version: 4.12
| Author: Sebastian Schüssler (slaughter)
+--------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2008 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (!defined("IN_FUSION")) { die("Access Denied"); }
// PHP-Fusion version check
require_once INFUSIONS."guest_book/includes/check_version.php";
// Settings
$gb_config = dbarray(dbquery("SELECT * FROM ".DB_GB_SETTINGS));
// Delete old captcha
$result = dbquery("DELETE FROM ".DB_GB_CAPTCHA." WHERE captcha_datestamp < '".(time()-360)."'");
// Admin Rights & BB-Code
switch(UCC_PHPF_VER) {
case 6:
define("GB_ADMIN", iADMIN ? 1 : 0);
require_once INFUSIONS."guest_book/includes/bbcode_include_v6.php";
break;
case "BSF":
define("GB_ADMIN", iADMIN ? 1 : 0);
require_once INFUSIONS."guest_book/includes/bbcode_include_v6.php";
break;
case 7:
define("GB_ADMIN", checkrights("GB") ? 1 : 0);
require_once INFUSIONS."guest_book/includes/bbcode_include_v7.php";
break;
default:
redirect("error.php?id=3");
}
// Functions
// Guestbook captcha routines
function gb_make_captcha() {
global $gb_config;
$captcha_string = ""; $captcha_encode = "";
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
for ($i = 0; $i < 5; $i++) {
$captcha_string .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
for ($i = 0; $i < 31; $i++) {
$captcha_encode .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
$result = mysql_query("INSERT INTO ".DB_GB_CAPTCHA." (captcha_datestamp, captcha_ip, captcha_encode, captcha_string) VALUES('".time()."', '".USER_IP."', '$captcha_encode', '$captcha_string')");
if ($gb_config['gb_captcha_type'] == "2") {
return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."' /><img src='".INFUSIONS."guest_book/includes/captcha_include.php?captcha_code=".$captcha_encode."' alt='' />\n";
} else {
return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."' /><strong>".$captcha_string."</strong>\n";
}
}
function gb_check_captcha($captchs_encode, $captcha_string) {
if (preg_match("/^[0-9A-Za-z]+$/", $captchs_encode) && preg_match("/^[0-9A-Za-z]+$/", $captcha_string)) {
$result = dbquery("SELECT * FROM ".DB_GB_CAPTCHA." WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'");
if (dbrows($result)) {
$result = dbquery("DELETE FROM ".DB_GB_CAPTCHA." WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'");
return true;
} else {
return false;
}
} else {
return false;
}
}
function gb_get_user($ss)
{
$result = dbquery("SELECT user_name FROM ".DB_USERS." WHERE user_id = '".(int)$ss."' LIMIT 1");
if(!dbrows($result)) {
return "-";
}
return "<a href='".BASEDIR."profile.php?lookup=".$ss."'>".dbresult($result, 0)."</a>";
}
function gb_control_spam($text) {
global $gb_config;
if ($gb_config['gb_spam_words'] != "" ) {
$word_list = explode("\r\n", $gb_config['gb_spam_words']);
for ($i=0;$i < count($word_list);$i++) {
if ($word_list[$i] != "") {
if (preg_match("/".$word_list[$i]."/si", $text)){ return true; }
}
}
}
return false;
}
function gb_control_flood($ip) {
global $gb_config;
$flood = time() - $gb_config['gb_flood_time'];
$result = dbquery("SELECT gb_id FROM ".DB_GB_ENTRY." WHERE gb_ip='".$ip."' AND gb_datestamp>='".$flood."'");
if(dbrows($result) > 0 ){ return true; } else { return false; }
}
function gb_loged($type, $name, $email, $url, $msg, $titel) {
global $userdata, $gb_config;
$tomuch = dbrows(dbquery("SELECT * FROM ".DB_GB_LOG." WHERE gb_log_ip='".USER_IP."' AND gb_log_type='flood' AND gb_log_datestamp>='".(time()-10)."'"));
if ($tomuch == 0) {
$msg = substr($msg,0,3000).(strlen($msg)>3000 ? "..." : "");
$msg = wordwrap($msg, 100, "<br />", 1);
$user_id = iMEMBER ? $userdata["user_id"] : "";
$result=dbquery("INSERT INTO ".DB_GB_LOG." (gb_log_type, gb_log_userid, gb_log_ip, gb_log_name, gb_log_email, gb_log_url, gb_log_urltitel, gb_log_message, gb_log_datestamp) VALUES ('".$type."', '".$user_id."','".USER_IP."', '".$name."', '".$email."', '".$url."', '".$titel."', '".$msg."','".time()."')");
}
}
function gb_notify_select($lvl) {
$result = dbquery("SELECT * FROM ".DB_USERS." WHERE user_level >= '".$lvl."'");
return $result;
}
function gb_floodtime($flood) {
global $locale;
if ($flood == 1) { $time = $flood." ".$locale['gb_140']; }
elseif ($flood < 60) { $time = $flood." ".$locale['gb_141']; }
elseif ($flood == 60) { $time = "1 ".$locale['gb_142']; }
elseif ($flood > 60 && $flood < 3600) { $time = round($flood / 60)." ".$locale['gb_143']; }
elseif ($flood == 3600) { $time = round($flood / 3600)." ".$locale['gb_144']; }
elseif ($flood > 3600 && $flood < 86400) { $time = round($flood / 3600)." ".$locale['gb_145']; }
elseif ($flood == 86400) { $time = round($flood / 86400)." ".$locale['gb_146']; }
elseif ($flood > 86400) { $time = round($flood / 86400)." ".$locale['gb_147']; }
return $time;
}
function latest_gb_version()
{
$url = "http://basti2web.de/version/phpfusion_gb.txt";
$url_p = @parse_url($url);
$host = $url_p['host'];
$port = isset($url_p['port']) ? $url_p['port'] : 80;
$fp = @fsockopen($url_p['host'], $port, $errno, $errstr, 5);
if(!$fp) return false;
@fputs($fp, 'GET '.$url_p['path'].' HTTP/1.1'.chr(10));
@fputs($fp, 'HOST: '.$url_p['host'].chr(10));
@fputs($fp, 'Connection: close'.chr(10).chr(10));
$response = @fgets($fp, 1024);
$content = @fread($fp,1024);
$content = preg_replace("#(.*?)text/plain(.*?)$#is","$2",$content);
@fclose ($fp);
$content = preg_replace("/X-Pad: avoid browser bug/si", "", $content);
if(preg_match("#404#",$response)) return false;
else return trim($content);
}
// Javascript email encoder by Tyler Akins
// http://rumkin.com/tools/mailto_encoder/
// modified by basti2web.de
function gb_hide_email($email, $title = "", $subject = "") {
if (strpos($email, "@")) {
$parts = explode("@", $email);
$MailLink = "<a href='mailto:".$parts[0]."@".$parts[1];
if ($subject != "") { $MailLink .= "?subject=".urlencode($subject); }
$MailLink .= "'>".($title?$title:$parts[0]."@".$parts[1])."</a>";
$MailLetters = "";
for ($i = 0; $i < strlen($MailLink); $i++) {
$l = substr($MailLink, $i, 1);
if (strpos($MailLetters, $l) === false) {
$p = rand(0, strlen($MailLetters));
$MailLetters = substr($MailLetters, 0, $p).$l.substr($MailLetters, $p, strlen($MailLetters));
}
}
$MailLettersEnc = str_replace("\\", "\\\\", $MailLetters);
$MailLettersEnc = str_replace("\"", "\\\"", $MailLettersEnc);
$MailIndexes = "";
for ($i = 0; $i < strlen($MailLink); $i ++) {
$index = strpos($MailLetters, substr($MailLink, $i, 1));
$index += 48;
$MailIndexes .= chr($index);
}
$MailIndexes = str_replace("\\", "\\\\", $MailIndexes);
$MailIndexes = str_replace("\"", "\\\"", $MailIndexes);
$res = "<script type='text/javascript'>";
$res .= "ML=\"".str_replace("<", "xxxx", $MailLettersEnc)."\";";
$res .= "MI=\"".str_replace("<", "xxxx", $MailIndexes)."\";";
$res .= "ML=ML.replace(/xxxx/g, '<');";
$res .= "MI=MI.replace(/xxxx/g, '<');"; $res .= "OT=\"\";";
$res .= "for(j=0;j < MI.length;j++){";
$res .= "OT+=ML.charAt(MI.charCodeAt(j)-48);";
$res .= "}document.write(OT);";
$res .= "</script>";
return $res;
} else {
return $title;
}
}
// Funktion by Christian Kruse - http://wwwtech.de/
function gb_check_email($email) {
// RegEx begin
$nonascii = "\x80-\xff"; # Non-ASCII-Chars are not allowed
$nqtext = "[^\\\\$nonascii\015\012\"]";
$qchar = "\\\\[^$nonascii]";
$protocol = '(?:mailto:)';
$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
$quotedstring = "\"(?:$nqtext|$qchar)+\"";
$user_part = "(?:$normuser|$quotedstring)";
$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\\.';
$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\\.)*';
$dom_tldpart = '[a-zA-Z]{2,6}';
$domain_part = "$dom_subpart$dom_mainpart$dom_tldpart";
$regex = "$protocol?$user_part\@$domain_part";
// RegEx end
return preg_match("/^$regex$/",$email);
}
?>