function init()
{
global $MayBeDuplicate;
if (get_magic_quotes_gpc()) {
bw_error("The software is not meant to work with PHP magic_quotes_gpc = On. Please turn it Off (probably in php.ini).");
}
$phpexts = get_loaded_extensions();
if (!in_array("gd", $phpexts)) {
bw_error("Install GD module in PHP before going on.");
}
if (isset($_SERVER["SERVERNAME"])) {
// This is only to be done for interactive session (typically mailbot.php, run by a cron gives an error for this)
$apacheexts = apache_get_modules();
if (!in_array("mod_rewrite", $apacheexts)) {
bw_error("Install mod_rewrite module in Apache before going on.");
}
}
if (version_compare(phpversion(), "5.0.0") < 0) {
bw_error("PHP version is lower than 5.0.0. Please update. ");
}
SetupSession();
DBConnect();
// a duplicate use by several users has been detected
if (!empty($MayBeDuplicate)) {
LogStr($MayBeDuplicate);
}
LanguageChangeTest();
// evaluate the events (messages received, keep uptodate whoisonline ...)
EvaluateMyEvents();
// Check if the navigation of the user must be logged
if (HasFlag("RecordLogs")) {
$url = $_SERVER['PHP_SELF'];
if (!empty($_SERVER['QUERY_STRING'])) {
$url .= "?" . $_SERVER['QUERY_STRING'];
}
LogStr("url=" . $url, "RecordLogs");
}
}
function sql_query($ss_sql)
{
if (isset($_SESSION['sql_query']) && $_SESSION['sql_query'] == "AlreadyIn") {
// die ("<br>recursive sql_query<br>".$ss_sql);
}
$_SESSION['sql_query'] = "AlreadyIn";
$qry = mysql_query($ss_sql . " /* " . $_SERVER["PHP_SELF"] . " */");
if ($qry) {
$_SESSION['sql_query'] = "";
return $qry;
}
$error = mysql_error();
if (HasRight("Debug") or $_SERVER['SERVER_NAME'] == 'localhost') {
$_SESSION['sql_query'] = "";
bw_error(debug("<br>query problem with<br><font color=red> {$ss_sql} mysql_error: " . $error . "</font><br>"));
} else {
error_log(debug("\nquery problem with\n {$ss_sql} mysql_error: " . $error . "\n"));
LogStr("Pb with <b>" . $ss_sql . "</b>", "sql_query");
die("query problem " . $_SERVER['REMOTE_ADDR'] . " " . date("F j, Y, g:i a"));
}
}
function bw_sendmail($to, $_mail_subject, $text, $textinhtml = "", $extra_headers = "", $_FromParam = "", $IdLanguage = 0, $PreferenceHtmlEmail = "yes", $LogInfo = "", $replyto = "", $ParamGreetings = "")
{
global $_SYSHCVOL;
$mail_subject = $_mail_subject;
// This is aimed to produce an additional information in the subject of the mail when it is not sent via www.bewelcome.org
if (isset($_SERVER['SERVER_NAME']) and $_SERVER['SERVER_NAME'] != "www.bewelcome.org") {
$mail_subject = "[via " . $_SERVER['SERVER_NAME'] . "]" . $_mail_subject;
}
if (isset($_SESSION['verbose'])) {
$verbose = $_SESSION['verbose'];
} else {
$verbose = false;
}
$FromParam = $_FromParam;
if ($_FromParam == "") {
$FromParam = $_SYSHCVOL['MessageSenderMail'];
}
// Is sender in format "name" <email@address>?
if (strpos($FromParam, '" <')) {
$parts = explode('" <', $FromParam);
$From = array(substr($parts[1], 0, -1) => substr($parts[0], 1));
} else {
$From = $FromParam;
}
$text = str_replace("<br />", "", $text);
$text = str_replace("\r\n", "\n", $text);
// solving the century-bug: NO MORE DAMN TOO MANY BLANK LINES!!!
$use_html = $PreferenceHtmlEmail;
if ($use_html == "html") {
$use_html = "yes";
}
if ($verbose) {
echo "<br />use_html=[" . $use_html . "] mail to " . $to . "<br />\n\$_SERVER['SERVER_NAME']=", $_SERVER['SERVER_NAME'], "<br />\n";
}
if (stristr($text, ";&#") != false) {
// if there is any non ascii char, force html
if ($verbose) {
echo "<br />1 <br />\n";
}
if ($use_html != "yes") {
if ($verbose) {
echo "<br /> no html 2<br />\n";
}
$use_html = "yes";
if ($LogInfo == "") {
LogStr("Forcing HTML for message to " . $to, "hcvol_mail");
} else {
LogStr("Forcing HTML <b>{$LogInfo}</b>", "hcvol_mail");
}
}
}
$headers = $extra_headers;
if (!strstr($headers, "From:") and $From != "") {
$headers = $headers . "From:" . utf8_encode($FromParam) . "\n";
}
if ($use_html == "yes" or strpos($text, "<html>") !== false) {
// if html is forced or text is in html then add the MIME header
if ($verbose) {
echo "<br />3<br />";
}
$use_html = "yes";
}
if ($replyto != "") {
$headers = $headers . "Reply-To:" . utf8_encode($replyto);
//replyto stays the same
}
if (!strstr($headers, "Reply-To:") and $From != "") {
$headers = $headers . "Reply-To:" . utf8_encode($FromParam);
$replyto = $From;
} elseif (!strstr($headers, "Reply-To:")) {
$headers = $headers . "Reply-To:" . utf8_encode($_SYSHCVOL['MessageSenderMail']);
$replyto = $_SYSHCVOL['MessageSenderMail'];
}
$headers .= "\nX-Mailer:PHP";
// mail of client
$Greetings = $ParamGreetings;
if ($use_html == "yes") {
if ($verbose) {
echo "<br/ >4<br />\n";
}
if ($textinhtml != "") {
if ($verbose) {
echo "<br>5 will use text in html paramameter<br>";
}
$texttosend = $textinhtml;
} else {
if ($verbose) {
echo "<br>6<br>\n";
}
$texttosend = $text;
}
if (strpos($texttosend, "<html>") === false) {
// If not allready html
if ($verbose) {
echo "<br>7<br>";
}
$html_text = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\n" . "<html>\n<head>\n<title>" . $mail_subject . "</title>\n</head>\n<body bgcolor='#ffffcc'>\n" . str_replace("\n", "<br>", $texttosend);
$html_text .= "<br>" . $Greetings;
$html_text .= "\n</body>\n</html>";
} else {
if ($verbose) {
echo "<br>8<br>\n";
}
$html_text = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\n" . str_replace("\n", "<br>\n", $texttosend);
// In this case, its already in html, \n are to replace by <br>
}
}
if ($verbose) {
echo "<br>9 <br>\n";
}
$plain_text = $text . "\n" . $Greetings;
$plain_text = str_replace("<br>", "\n", $plain_text);
$plain_text = str_replace("</td>", "</td>\n", $plain_text);
if ($verbose) {
echo "<br>10 " . nl2br($html_text) . "<br>\n";
}
if ($verbose) {
echo "<br>12 " . $html_text . "<br>\n";
}
// Debugging trick
if ($verbose) {
echo "<table bgcolor='#ffff99' cellspacing=3 cellpadding=3 border=2><tr><td>";
echo "\$From:<font color=#6633ff>{$From}</font> \$To:<font color=#6633ff>{$to}</font><br />";
echo "\$mail_subject:<font color=#6633ff><b>", $mail_subject, "</b></font></td>";
$ss = $headers;
echo "<tr><td>\$headers=<font color=#ff9933>";
for ($ii = 0; $ii < strlen($ss); $ii++) {
$jj = ord($ss[$ii]);
if ($jj == 10) {
echo "\\n<br>";
} elseif ($jj == 13) {
echo "\\r";
} else {
echo chr($jj);
}
}
echo "</font></td>";
echo "<tr><td><font color=#6633ff>", htmlentities($html_text), "</font></td>";
if ($use_html == "yes") {
echo "<tr><td>{$html_text}</td>";
}
echo "</table><br />";
}
// end of for $ii
// end of debugging trick
// remove new line in $mail_subject because it is not accepted
if ($verbose) {
echo "<br>13 removing extra \\n from \$mail_subject<br>\n";
}
//CZ_070619: Removing the newlines
$mail_subject = str_replace("\n", "", $mail_subject);
$mail_subject = str_replace("\r", "", $mail_subject);
//CZ_070702: Let's check if the string isnt already in utf8
if (!mb_check_encoding($mail_subject, "UTF-8")) {
//CZ_070619: now encoding the subject
$mail_subject = utf8_encode($mail_subject);
}
if (!is_object($From) && !is_array($From) && !mb_check_encoding($From, "UTF-8")) {
$From = utf8_encode($From);
}
//Create the message
$message = Swift_Message::newInstance()->setSubject($mail_subject)->setFrom($From)->setTo($to);
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.SerializerPath', SCRIPT_BASE . 'data');
$config->set('HTML.Allowed', 'a[href]');
$purifier = new HTMLPurifier($config);
$plain_text = $purifier->purify($plain_text);
$message->setBody($plain_text);
$message->addPart($plain_text, 'text/plain', 'utf-8');
//attach the html if used.
if ($use_html) {
$message->addPart($html_text, 'text/html', 'utf-8');
}
// Create transport
$transport = Swift_SmtpTransport::newInstance('localhost', 25, false);
// Create mailer using transport
$mailer = Swift_Mailer::newInstance($transport);
//send the message to the list of member in the mail
$tolist = explode(";", $to);
$ret = "";
foreach ($tolist as $email) {
$ret = $ret . $mailer->send($message);
}
if ($verbose) {
echo "<br />14 <br />\n";
echo "headers:\n";
print_r($headers);
echo "\n<br />to=", $to, "<br />\n";
echo "subj=", $mail_subject, "<br />";
echo "text :<i>", htmlentities($html_text), "</i><br />\n";
echo " \$ret=", $ret, "<br />\n";
}
return $ret;
}
die("Sorry your query [" . $sQuery . "] has failed #IdQuery=<b>" . $IdQuery . "</b>");
DisplayMyResults(array(), array(), array(), null, "Sorry your query [" . $sQuery . "] has failed #IdQuery=<b>" . $IdQuery . "</b>", $TList);
break;
}
if (stripos($sQuery, "--") === 0 or stripos($sQuery, "//") === 0) {
// Proceed with comments
$_TResult[] = $sQuery;
$_TTitle[] = $sQuery;
} elseif (stripos($sQuery, "delete") === 0 or stripos($sQuery, "update") === 0 or stripos($sQuery, "truncate") === 0 or stripos($sQuery, "replace") === 0 or stripos($sQuery, "insert") === 0) {
if (!$qry) {
$Message = $sQuery . "<br><b>" . mysql_error() . "</b>";
} else {
$AffectedRows = mysql_affected_rows();
$Message = $AffectedRows . " affected rows<br />";
$iCount = 0;
LogStr($AffectedRows . " affected rows by query IdQuery=#" . $IdQuery . " /#" . $jj, "adminquery");
$TTitle[] = "Affected rows";
$TResult[] = sprintf("%d", $AffectedRows);
$_TResult[] = $TResult;
$_TTitle[] = $TTitle;
}
} else {
$AffectedRows = 0;
$iCount = mysql_num_fields($qry);
for ($ii = 0; $ii < $iCount; $ii++) {
$TTitle[$ii] = mysql_field_name($qry, $ii);
}
while ($rr = mysql_fetch_array($qry)) {
array_push($TResult, $rr);
}
$_TResult[] = $TResult;
if (array_key_exists('switchtrans', $_SESSION) and $_SESSION['switchtrans'] == 'on') {
// echo "<a href=\"",$langurl,"switchtrans=off\"><img border=0 height=10 src=\"images/showtransarray.gif\" alt=\"remove translation mode\" width=16></a> ";
$pagetotranslate = $_SERVER['PHP_SELF'];
if ($pagetotranslate[0] == "/") {
$pagetotranslate[0] = "_";
}
echo " <a href=\"" . bwlink("admin/adminwords.php?showtransarray=1&pagetotranslate=" . $pagetotranslate) . "\" target=\"_blank\"><img height=\"11px\" width=\"16px\" src=\"" . bwlink("images/switchtrans.gif") . "\" alt=\"go to current translation list for " . $_SERVER['PHP_SELF'] . "\" title=\"go to current translation list for " . $_SERVER['PHP_SELF'] . "\" /></a>\n";
}
echo " </div>\n";
echo " <p> </p>\n";
echo "\t<p class=\"center\">";
echo "\t\t<a href=\"../about\">" . ww("AboutUsPage") . "</a>|";
echo " <a href=\"../terms\">" . ww('TermsOfUse') . "</a>|";
echo " <a href=\"../privacy\">" . ww('Privacy') . "</a>|";
echo "\t\t<a href=\"../impressum\">" . ww("Impressum") . "</a>|";
echo "\t\t<a href=\"" . bwlink("faq.php") . "\">" . "faq" . "</a>|";
echo "\t\t<a href=\"" . bwlink("feedback.php") . "\">" . ww("Contact") . "</a>";
echo "\t</p>";
echo " <p class=\"center\">©2007-2008 <strong>BeWelcome</strong> - " . ww("TheHospitalityNetwork") . "</p>\n";
echo " </div> <!-- footer --> \n";
echo " </div> <!-- page --> \n";
echo "</div> <!-- page_margins --> \n";
echo "</body>\n";
echo "</html>\n";
// This will log the delay if a $started_time=time() was issued in config.inc.php and if the delay exceed one second
// in config.inc.php it must also be declared as global
global $started_time;
if (isset($started_time) and $started_time > 0) {
$started_time = $started_time - time();
LogStr("Delay for the page according to footer " . $started_time . " second [" . $_SERVER['PHP_SELF'] . "]", "DebugDelay");
}
function ComputeSpamCheck($IdMess)
{
$Mes = LoadRow("select * from messages where id=" . $IdMess);
if (isset($Mes->id)) {
$CheckerComment = $Mes->CheckerComment;
// Case NeverCheckSendMail
if (HasFlag("NeverCheckSendMail", "", $Mes->IdSender)) {
$Status = 'ToSend';
$SpamInfo = "NotSpam";
$CheckerComment .= "Sent by member with NeverCheckSendMail \n";
$str = "update messages set Status='" . $Status . "',CheckerComment='" . $CheckerComment . "',SpamInfo='" . $SpamInfo . "' where id=" . $Mes->id . " and Status!='Sent'";
sql_query($str);
LogStr("NeverCheckSendMail for message #" . $IdMess . " from <b>" . fUsername($Mes->IdSender) . "</b> to <b>" . fUsername($Mes->IdReceiver) . "</b>", "AutoSpamCheck");
return $Status;
}
// Test what the Spam mark should be
$SpamInfo = "NotSpam";
// By default its not a Spam
$tt = explode(";", wwinlang("MessageBlackWord", 0));
$max = count($tt);
for ($ii = 0; $ii < $max; $ii++) {
if (strstr($Mes->Message, $tt[$ii]) != "" and $tt[$ii] != "") {
$SpamInfo = "SpamBlkWord";
$CheckerComment .= "Has BlackWord <b>" . $tt[$ii] . "</b>\n";
}
}
$tt = explode(";", wwinlang("MessageBlackWord", GetDefaultLanguage($Mes->IdSender)));
$max = count($tt);
for ($ii = 0; $ii < $max; $ii++) {
if (strstr($Mes->Message, $tt[$ii]) != "" and $tt[$ii] != "") {
$SpamInfo = "SpamBlkWord";
$CheckerComment .= "Has BlackWord (in sender language)<b>" . $tt[$ii] . "</b>\n";
}
}
// End of Test what the Spam mark should be
// Case AlwayCheckSendMail
if (HasFlag("AlwayCheckSendMail", "", $Mes->IdSender)) {
$Status = 'ToCheck';
$CheckerComment .= "Sent by member with AlwayCheckSendMail \n";
$str = "update messages set Status='" . $Status . "',CheckerComment='" . $CheckerComment . "',SpamInfo='" . $SpamInfo . "' where id=" . $Mes->id . " and Status!='Sent'";
sql_query($str);
LogStr("AlwayCheckSendMail for message #" . $IdMess . " from <b>" . fUsername($Mes->IdSender) . "</b> to <b>" . fUsername($Mes->IdReceiver) . "</b>", "AutoSpamCheck");
return $Status;
}
// Case if receiver has preference PreferenceCheckMyMail set to "Yes" : mail is always set to toCheck
$rPrefCheckMyMail = LoadRow("select * from memberspreferences where IdMember=" . $Mes->IdReceiver . " and IdPreference=4");
// PreferenceCheckMyMail --> IdPref=4
if (isset($rPrefCheckMyMail->Value) and $rPrefCheckMyMail->Value == 'Yes') {
// if member has choosen CheckMyMail
$Status = 'ToCheck';
$CheckerComment .= "Member has asked for checking\n";
$str = "update messages set Status='" . $Status . "',CheckerComment='" . $CheckerComment . "',SpamInfo='" . $SpamInfo . "' where id=" . $Mes->id . " and Status!='Sent'";
sql_query($str);
LogStr("PreferenceCheckMyMail for message #" . $IdMess . " from <b>" . fUsername($Mes->IdSender) . "</b> to <b>" . fUsername($Mes->IdReceiver) . "</b>", "AutoSpamCheck");
return $Status;
}
// Default case
$Status = 'ToSend';
$str = "update messages set Status='" . $Status . "',CheckerComment='" . $CheckerComment . "',SpamInfo='" . $SpamInfo . "' where id=" . $Mes->id . " and Status!='Sent'";
sql_query($str);
return $Status;
}
}
function GetCryptM($ss, $IsCrypted = "crypted")
{
// LogStr(" entering GetCryptM(\"".addslashes($ss)."\",\"".$IsCrypted."\")","JYH") ;
switch ($IsCrypted) {
case "crypted":
case "always":
if (strstr($ss, "<membercrypted>") !== false) {
return $ss;
}
// todo add right test
return "<membercrypted>" . CryptM($ss) . "</membercrypted>";
break;
case "not crypted":
return strip_tags($ss);
break;
default:
// we should never come here
$strlog = "FunctionsCrypt.php:: function GetCryptM() Problem to encrypt " . $ss . " IsCrypted=[" . $IsCrypted . "]";
if (function_exists(LogStr)) {
LogStr($strlog, "Bug");
}
if (function_exists(bw_error)) {
bw_error($strlog);
} else {
error_log($strlog);
}
die("Major problem with crypting issue");
}
// end of switch
}
switch (GetParam("action")) {
case "del":
$str = "delete from intermembertranslations where IdTranslator=" . GetParam("IdTranslator") . " and IdMember=" . $IdMember;
sql_query($str);
LogStr("Removing translator <b>" . fUserName(GetParam("IdTranslator")) . "</b>", "mytranslators");
break;
case "add":
// todo
$IdTranslator = IdMember(GetParam("Username"), 0);
$IdLanguage = Getparam("IdLanguage");
$rr = LoadRow("select id from intermembertranslations where IdTranslator=" . $IdTranslator . " and IdMember=" . $IdMember . " and IdLanguage=" . $IdLanguage);
if (!isset($rr->id) and $IdTranslator != 0) {
// if not allready exists
$str = "insert into intermembertranslations(IdTranslator,IdMember,IdLanguage) values(" . $IdTranslator . "," . $IdMember . "," . $IdLanguage . ")";
sql_query($str);
LogStr("Adding translator <b>" . fUserName(GetParam("IdTranslator")) . "</b> for language", "mytranslators");
}
break;
}
$TData = array();
$str = "select intermembertranslations.*,members.Username,members.ProfileSummary,cities.Name as cityname,regions.Name as regionname,countries.Name as countryname,membersphotos.FilePath as photo,membersphotos.Comment";
$str .= " from intermembertranslations,cities,countries,regions,recentvisits,members left join membersphotos on membersphotos.IdMember=members.id and membersphotos.SortOrder=0 where cities.IdRegion=regions.id and countries.id=cities.IdCountry and cities.id=members.IdCity and status='Active' and members.id=intermembertranslations.IdTranslator and intermembertranslations.IdMember=" . $IdMember . " and members.status='Active' GROUP BY members.id order by intermembertranslations.updated desc";
$qry = sql_query($str);
while ($rr = mysql_fetch_object($qry)) {
if ($rr->ProfileSummary > 0) {
$rr->ProfileSummary = FindTrad($rr->ProfileSummary);
} else {
$rr->ProfileSummary = "";
}
array_push($TData, $rr);
}
function toggleAction($act, $newValue)
{
$str = "UPDATE comments SET {$act} = {$newValue} WHERE id=" . Getparam("IdComment");
sql_query($str);
LogStr(" Toggling <b>hide</b> for IdComment #" . Getparam("IdComment"), "AdminComment");
}
function SwitchToNewLang($para_newlang = "")
{
//echo $_SERVER["HTTP_ACCEPT_LANGUAGE"],"\$para_newlang=",$para_newlang;
$newlang = $para_newlang;
if (empty($newlang)) {
if (!empty($_COOKIE['LastLang'])) {
// If there is already a cookie ide set, we are going try it as language
$newlang = $_COOKIE['LastLang'];
} else {
$newlang = CV_def_lang;
// use the default one
if (isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])) {
// To avoid a notice error
// Try to look in the default browser settings
$TLang = explode(",", $_SERVER["HTTP_ACCEPT_LANGUAGE"]);
for ($ii = 0; $ii < count($TLang); $ii++) {
$rr = LoadRow("SELECT languages.id AS id FROM languages,words WHERE languages.ShortCode='" . $TLang[$ii] . "' and languages.id=words.Idlanguage and words.code='WelcomeToSignup'");
if (isset($rr->id)) {
// if valid language found
$newlang = $TLang[$ii];
break;
}
}
}
// end Try to look in the default browser settings
}
}
if (!isset($_SESSION['lang']) || $_SESSION['lang'] != $newlang || !isset($_SESSION['IdLanguage'])) {
// Update lang if url lang has changed
$RowLanguage = LoadRow("SELECT SQL_CACHE id,ShortCode FROM languages WHERE ShortCode='" . $newlang . "'");
if (isset($RowLanguage->id)) {
if (isset($_SESSION['IdMember'])) {
LogStr("change to language from [" . $_SESSION['lang'] . "] to [" . $newlang . "]", "SwitchLanguage");
}
$_SESSION['lang'] = $RowLanguage->ShortCode;
$_SESSION['IdLanguage'] = $RowLanguage->id;
} else {
LogStr("problem : " . $newlang . " not found after SwitchLanguage", "Bug");
$_SESSION['lang'] = CV_def_lang;
$_SESSION['IdLanguage'] = 0;
}
setcookie('LastLang', $_SESSION['lang'], time() + 3600 * 24 * 300);
// store it as a cookie for 300 days
}
if (IsLoggedIn()) {
// if member is logged in set language preference
$rPrefLanguage = LoadRow("SELECT * FROM memberspreferences WHERE IdMember=" . $_SESSION['IdMember'] . " and IdPreference=1");
if (isset($rPrefLanguage->id)) {
$str = "UPDATE memberspreferences SET Value='" . $_SESSION['IdLanguage'] . "' WHERE id=" . $rPrefLanguage->id;
} else {
$str = "INSERT INTO memberspreferences(IdPreference,IdMember,Value,created) VALUES(1," . $_SESSION['IdMember'] . ",'" . $_SESSION['IdLanguage'] . "',now() )";
}
sql_query($str);
}
// end if Is Logged in
if (!isset($_SESSION['IdLanguage'])) {
bw_error("SwitchToNewLang internal failure. IdLanguage still not set.");
}
}
/**
* GetCryptM
*
* @param string
* @returns the crypted value of $ss according to member cryptation algorithm
*/
private function GetCryptM($ss, $IsCrypted = "crypted")
{
switch ($IsCrypted) {
case "crypted":
case "always":
if (strstr($ss, "<membercrypted>") !== false) {
return $ss;
}
// TODO: Add a test for a specific right
return "<membercrypted>" . self::enc('CryptM', $ss) . "</membercrypted>";
break;
case "not crypted":
return strip_tags($ss);
break;
default:
// we should never come here
$strlog = "function MOD_crypt::GetCryptM() Problem to crypt " . $ss . " IsCrypted=[" . $IsCrypted . "]";
if (function_exists(LogStr)) {
LogStr($strlog, "Bug");
}
if (function_exists(bw_error)) {
bw_error($strlog);
} else {
error_log($strlog);
}
die("Major problem with crypting issue");
}
}
function LanguageName($IdLanguage)
{
$ss = "select SQL_CACHE EnglishName,ShortCode from languages where id=" . $IdLanguage;
$rr = LoadRow($ss);
if (!isset($rr->EnglishName)) {
if (HasRight("Debug")) {
echo " in FunctionsTools::LanguageName failed for " . $ss;
} else {
LogStr(" in FunctionsTools::LanguageName failed for " . $ss, "Debug");
}
}
return $rr->EnglishName;
}
/**
* check if the user is a logged in member
* @$ExtraAllowedStatus allows for a list, comma separated of extra status which can
* be allowed for members in addition to the basic Active and ActiveHidden members.Status
* this means that in the default case :
* (IsLoggedIn()) will return true only if the member has a session
* with an IdMember and a Status like Active or ActiveHidden
* in the extended cases
* (IsLoggedIn("Pending")) will also return true if the member has a
* a status set to Pending, this allow to give specific access to
* other members than the one with Active or ActiveHiddend Status
*
* @return boolean
*/
function IsLoggedIn($ExtraAllowedStatus = "")
{
if (empty($_SESSION['IdMember'])) {
return false;
}
if (empty($_SESSION['MemberCryptKey'])) {
// LogStr("IsLoggedIn() : Anomaly with MemberCryptKey","Bug");
return false;
}
if ($_SESSION['LogCheck'] != Crc32($_SESSION['MemberCryptKey'] . $_SESSION['IdMember'])) {
LogStr("Anomaly with Log Check", "Hacking");
APP_User::get()->logout();
header("Location: " . PVars::getObj('env')->baseuri);
exit(0);
}
if (empty($_SESSION["MemberStatus"])) {
$strerror = "Members with IdMember=" . $_SESSION["IdMember"] . " has no \$_SESSION[\"MemberStatus\"]";
error_log($strerror);
LogStr($strerror, "Debug");
die($strerror);
}
if ($_SESSION["MemberStatus"] == 'Active') {
return true;
}
if ($_SESSION["MemberStatus"] == 'ActiveHidden') {
return true;
}
if (!empty($ExtraAllowedStatus)) {
// are there allowed exception ?
if (!isset($_SESSION["MemberStatus"])) {
$ret = print_r($_SESSION, true);
die("no \$_SESSION[\"MemberStatus\"] in IsLoggedIn() " . "<br />\n" . $ret);
}
$tt = explode(",", str_replace(";", ",", $ExtraAllowedStatus));
if (count($tt) > 0 and in_array($_SESSION["MemberStatus"], $tt)) {
return true;
}
}
return false;
}
LogStr($Message, "AdminPannel");
if (!($ff = fopen($sysvol_filename, "w"))) {
echo "failed to open ", $sysvol_filename;
exit(0);
}
$ss = "<?php\n";
fwrite($ff, $ss);
$ss = "// Generated using Admin Panel at " . date("F j, Y, g:i a");
// echo $ss,"<br>\n";
fwrite($ff, $ss);
$str = "select * from hcvol_config";
$qry = sql_query($str);
while ($rr = mysql_fetch_object($qry)) {
$ss = "";
$ss = $rr->syskey;
if ($rr->value != "") {
$ss .= "=" . $rr->value;
}
if ($rr->comment != "") {
$ss .= " //" . $rr->comment;
}
fwrite($ff, $ss);
}
$ss = "?>";
fwrite($ff, $ss);
fclose($ff);
LogStr($Message . " done", "AdminPannel");
DisplayPannel(LoadingData("FromFile"), $Message);
// call the layout
break;
}
case "LoadFromDB":
if (!HasRight('Pannel', $action)) {
// Check the rights
echo "For this you need the scope <b>" . $action . "</b> within <b>Pannel</b> rights<br>";
exit(0);
}
$Message = "Loading content in Database";
LogStr("Loading file from base", "AdminPannel");
DisplayPannel(LoadingData("FromBase"), $Message);
// call the layout
break;
case "LoadFromFile":
if (!HasRight('Pannel', $action)) {
// Check the rights
echo "For this you need the scope <b>" . $action . "</b> within <b>Pannel</b> rights<br>";
exit(0);
}
$Message = "Loading content from file";
LogStr("Loading file from base", "AdminPannel");
DisplayPannel(LoadingData("FromFile"), $Message);
// call the layout
exit(0);
break;
case "Generate":
if (!HasRight('Pannel', $action)) {
// Check the rights
echo "For this you need the scope <b>" . $action . "</b> within <b>Pannel</b> rights<br>";
exit(0);
}
break;
}
}
// reload for case it was just inserted before
$rwq = LoadRow("SELECT * FROM words WHERE code='" . "FaqQ_" . GetStrParam("QandA") . "' and IdLanguage=0");
$rwa = LoadRow("SELECT * FROM words WHERE code='" . "FaqA_" . GetStrParam("QandA") . "' and IdLanguage=0");
if (GetStrParam('changetype') == 'major') {
$majorupdate = ',majorupdate = NOW() ';
} else {
$majorupdate = '';
}
$str = "UPDATE words SET Description='" . addslashes($rwq->Description) . "',Sentence='" . GetStrParam("Question") . "' {$majorupdate} WHERE id=" . $rwq->id;
sql_query($str);
$str = "UPDATE words SET Description='" . addslashes($rwa->Description) . "',Sentence='" . GetStrParam("Answer") . "' {$majorupdate} WHERE id=" . $rwa->id;
sql_query($str);
$str = "UPDATE faq SET IdCategory=" . GetParam("IdCategory") . ",QandA='" . GetParam("QandA") . "',Active='" . GetStrParam("Status") . "',SortOrder=" . GetParam("SortOrder") . " WHERE id=" . $Faq->id;
sql_query($str);
LogStr("updating Faq #" . $Faq->id, "Update Faq");
break;
}
// prepare the list
if (GetParam("IdCategory")) {
$FilterCategory = " AND IdCategory=" . GetParam("IdCategory");
} else {
$FilterCategory = "";
}
if ($IdFaq != 0) {
// if one specific Faq is chosen
$str = "SELECT faq.*,faqcategories.Description AS CategoryName,PageTitle FROM faq,faqcategories WHERE faq.id=" . $IdFaq . " and faqcategories.id=faq.IdCategory " . $FilterCategory . $FilterActive . " ORDER BY faqcategories.SortOrder,faq.SortOrder";
} else {
$str = "SELECT faq.*,faqcategories.Description AS CategoryName,PageTitle FROM faq,faqcategories WHERE faqcategories.id=faq.IdCategory " . $FilterCategory . $FilterActive . " ORDER BY faqcategories.SortOrder,faq.SortOrder";
}
$qry = sql_query($str);
}
// If there is a Scope limit logs to the type in this Scope (unless it his own logs)
if (!HasRight('Logs', "\"All\"")) {
$scope = RightScope("Logs");
str_replace($scope, "\"", "'");
$where .= " AND (Type IN (" . $scope . ") OR IdMember=" . $_SESSION["IdMember"] . ") ";
}
switch (GetParam("action")) {
case "del":
// case a delete is requested
break;
}
$tData = array();
if (empty($where) and $start_rec == 0) {
// In this case we will avoid the FOUND_ROW which is a performance killer
$str = "SELECT logs.*,Username " . "FROM " . $_SYSHCVOL['ARCH_DB'] . ".logs LEFT JOIN members ON members.id=logs.IdMember " . "ORDER BY " . $_SYSHCVOL['ARCH_DB'] . ".logs.id DESC LIMIT {$start_rec}," . $limitcount;
$qry = sql_query($str);
$rCount = LoadRow("SELECT count(*) AS cnt from " . $_SYSHCVOL['ARCH_DB'] . ".logs");
} else {
$str = "SELECT SQL_CALC_FOUND_ROWS logs.*,Username " . "FROM " . $_SYSHCVOL['ARCH_DB'] . ".logs LEFT JOIN members ON members.id=logs.IdMember " . "WHERE 1=1 " . $where . " " . "ORDER BY " . $_SYSHCVOL['ARCH_DB'] . ".logs.id DESC LIMIT {$start_rec}," . $limitcount;
$qry = sql_query($str);
$rCount = LoadRow("SELECT FOUND_ROWS() AS cnt");
}
while ($rr = mysql_fetch_object($qry)) {
array_push($tData, $rr);
}
if ($username != "0") {
// Usage of adminlog is logged
LogStr("Is using adminlog on profile <b>" . $username . "</b>", "adminlog");
}
DisplayAdminLogs($tData, $username, $type, $ip, $andS1, $andS2, $notAndS1, $notAndS2, $rCount->cnt);
function FindTrad($IdTrad, $ReplaceWithBr = false)
{
$AllowedTags = "<b><i><br>";
if ($IdTrad == "") {
return "";
}
if (isset($_SESSION['IdLanguage'])) {
$IdLanguage = $_SESSION['IdLanguage'];
} else {
$IdLanguage = 0;
// by default laguange 0
}
// Try default language
$row = self::get()->dao->query("select SQL_CACHE Sentence from memberstrads where IdTrad=" . $IdTrad . " and IdLanguage=" . $IdLanguage)->fetch(PDB::FETCH_OBJ);
if (isset($row->Sentence)) {
if (isset($row->Sentence) == "") {
LogStr("Blank Sentence for language " . $IdLanguage . " with MembersTrads.IdTrad=" . $IdTrad, "Bug");
} else {
return strip_tags($row->Sentence, $AllowedTags);
}
}
// Try default eng
$row = self::get()->dao->query("select SQL_CACHE Sentence from memberstrads where IdTrad=" . $IdTrad . " and IdLanguage=0")->fetch(PDB::FETCH_OBJ);
if (isset($row->Sentence)) {
if (isset($row->Sentence) == "") {
LogStr("Blank Sentence for language 1 (eng) with memberstrads.IdTrad=" . $IdTrad, "Bug");
} else {
return strip_tags($row->Sentence, $AllowedTags);
}
}
// Try first language available
$row = self::get()->dao->query("select SQL_CACHE Sentence from memberstrads where IdTrad=" . $IdTrad . " order by id asc limit 1")->fetch(PDB::FETCH_OBJ);
if (isset($row->Sentence)) {
if (isset($row->Sentence) == "") {
LogStr("Blank Sentence (any language) memberstrads.IdTrad=" . $IdTrad, "Bug");
} else {
return strip_tags($row->Sentence, $AllowedTags);
}
}
return "";
}
// echo "str=$str","<br>";
sql_query($str);
}
if (GetStrParam("Freeze_" . $ii) == "on") {
$count++;
$str = "update messages set IdChecker=" . $_SESSION['IdMember'] . ",Status='Freeze'" . $SpamChange . " where id=" . $rr->id;
// echo "str=$str","<br>";
sql_query($str);
}
}
// end of If this message is in the list of checked message
$ii++;
}
$sResult = $count . " Message processed";
if ($count > 0) {
LogStr($sResult, "checking");
}
// Log the number of checked message if any
// end of Load the Message list
viewSpamSayMember($sResult);
break;
case "viewSpamSayMember":
viewSpamSayMember($sResult);
break;
case "update":
break;
}
// Load the Message list
$str = "select messages.*,messages.Status as MessageStatus,mSender.Username as Username_sender,mReceiver.Username as Username_receiver from messages,members as mSender,members as mReceiver where (messages.Status='ToCheck' and messages.WhenFirstRead='0000-00-00 00:00:00') and mSender.id=IdSender and mReceiver.id=IdReceiver order by messages.Status,messages.id desc limit 20";
if (IsAdmin()) {
echo "{$str}<br>";
