function print_diagnostic_test_result($status, $reasons = array(), $exit = 1)
{
// $status values = -1: indeterminate; 0: failed; 1: passed
// $reasons a list of reasons why the test passed/failed
// $exit values = 0: continue execution; 1: stop here
global $vbphrase;
print_form_header('', '');
print_table_header($vbphrase['results']);
if (is_array($reasons))
{
foreach ($reasons AS $reason)
{
print_description_row($reason);
}
}
else if (!empty($reasons))
{
print_description_row($reasons);
}
print_table_footer();
if ($exit == 1)
{
print_cp_footer();
}
}
function kbank_print_cp_footer()
{
if (VB_AREA == 'AdminCP') {
//back-end
print_cp_footer();
} else {
//font-end
//do nothing
}
}
echo '<tr>
<td class="tfoot">' . ($bookmarksite_count ? '<input type="submit" class="button" accesskey="s" value="' . $vbphrase['save'] . '" /> <input type="reset" class="button" accesskey="r" value="' . $vbphrase['reset'] . '" />' : ' ') . '</td>
<td class="tfoot" align="' . $stylevar['right'] . '" colspan="2"><input type="button" class="button" value="' . $vbphrase['add_new_social_bookmarking_site'] . '" onclick="window.location=\'bookmarksite.php?' . $vbulletin->session->vars['sessionurl'] . 'do=add\';" /></td>
</tr>';
print_table_footer();
?>
<script type="text/javascript">
<!--
function toggle_all_active(e)
{
for (var i = 0; i < this.form.elements.length; i++)
{
if (this.form.elements[i].type == "checkbox" && this.form.elements[i].name.substr(0, 6) == "active")
{
this.form.elements[i].checked = this.checked;
}
}
}
YAHOO.util.Event.on("allbox", "click", toggle_all_active);
//-->
</script>
<?php
}
print_cp_footer();
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 12:39, Wed May 30th 2012
|| # CVS: $RCSfile$ - $Revision: 39862 $
|| ####################################################################
\*======================================================================*/
/**
* Processes a raw template for conditionals, phrases etc into PHP code for eval()
*
* @param string Template
*
* @return string
*/
function compile_template($template)
{
$orig_template = $template;
$template = addslashes($template);
$template = process_template_conditionals($template);
$template = process_template_phrases('phrase', $template, 'parse_phrase_tag');
if (!function_exists('replace_template_variables')) {
require_once DIR . '/includes/functions_misc.php';
}
$template = replace_template_variables($template, false);
($hook = vBulletinHook::fetch_hook('template_compile')) ? eval($hook) : false;
$template = str_replace('\\\\$', '\\$', $template);
if (function_exists('token_get_all')) {
$tokens = @token_get_all('<?php $var = "' . $template . '"; ?>');
foreach ($tokens as $token) {
if (is_array($token)) {
switch ($token[0]) {
case T_INCLUDE:
case T_INCLUDE_ONCE:
case T_REQUIRE:
case T_REQUIRE_ONCE:
global $vbphrase;
echo "<p> </p><p> </p>";
print_form_header('', '', 0, 1, '', '65%');
print_table_header($vbphrase['vbulletin_message']);
print_description_row($vbphrase['file_inclusion_not_permitted']);
print_table_footer(2, construct_button_code($vbphrase['go_back'], 'javascript:history.back(1)'));
print_cp_footer();
exit;
}
}
}
}
if (function_exists('verify_demo_template')) {
verify_demo_template($template);
}
return $template;
}
/**
* Halts execution and shows the specified message
*
* @param string Message to display
* @param mixed If specified, a redirect will be performed to the URL in this parameter
* @param integer If redirect is specified, this is the time in seconds to delay before redirect
* @param string If specified, will provide a specific URL for "Go Back". If empty, no button will be displayed!
* @param bool If true along with redirect, 'CONTINUE' button will be used instead of automatic redirect
*/
function print_cp_message($text = '', $redirect = NULL, $delay = 1, $backurl = NULL, $continue = false)
{
global $vbulletin, $vbphrase;
if ($redirect and $vbulletin->session->vars['sessionurl']) {
if (strpos($redirect, '?') === false) {
$redirect .= '?';
}
$redirect .= '&' . $vbulletin->session->vars['sessionurl'];
}
if (!defined('DONE_CPHEADER')) {
print_cp_header($vbphrase['vbulletin_message']);
}
echo '<p> </p><p> </p>';
print_form_header('', '', 0, 1, 'messageform', '65%');
print_table_header($vbphrase['vbulletin_message']);
print_description_row("<blockquote><br />{$text}<br /><br /></blockquote>");
if ($redirect and $redirect !== NULL) {
// redirect to the new page
if ($continue) {
$continueurl = str_replace('&', '&', $redirect);
print_table_footer(2, construct_button_code($vbphrase['continue'], create_full_url($continueurl)));
} else {
print_table_footer();
$redirect_click = create_full_url($redirect);
$redirect_click = str_replace('"', '', $redirect_click);
echo '<p align="center" class="smallfont">' . construct_phrase($vbphrase['if_you_are_not_automatically_redirected_click_here_x'], $redirect_click) . "</p>\n";
print_cp_redirect($redirect, $delay);
}
} else {
// end the table and halt
if ($backurl === NULL) {
$backurl = 'javascript:history.back(1)';
}
if (strpos($backurl, 'history.back(') !== false) {
//if we are attempting to run a history.back(1), check we have a history to go back to, otherwise attempt to close the window.
$back_button = '
<input type="button" id="backbutton" class="button" value="' . $vbphrase['go_back'] . '" title="" tabindex="1" onclick="if (history.length) { history.back(1); } else { self.close(); }"/>
<script type="text/javascript">
<!--
if (history.length < 1 || ((is_saf || is_moz) && history.length <= 1)) // safari + gecko start at 1
{
document.getElementById("backbutton").parentNode.removeChild(document.getElementById("backbutton"));
}
//-->
</script>';
} else {
if ($backurl !== '') {
// regular window.location=url call
$backurl = create_full_url($backurl);
$backurl = str_replace(array('"', "'"), '', $backurl);
$back_button = '<input type="button" class="button" value="' . $vbphrase['go_back'] . '" title="" tabindex="1" onclick="window.location=\'' . $backurl . '\';"/>';
} else {
$back_button = '';
}
}
print_table_footer(2, $back_button);
}
// and now terminate the script
print_cp_footer();
}
function updatetemplate_print_error_page($template_un, $error)
{
global $vbulletin, $vbphrase;
print_form_header('template', 'updatetemplate', 0, 1, '', '75%');
construct_hidden_code('confirmerrors', 1);
construct_hidden_code('title', $vbulletin->GPC['title']);
construct_hidden_code('template', $template_un);
construct_hidden_code('templateid', $vbulletin->GPC['templateid']);
construct_hidden_code('group', $vbulletin->GPC['group']);
construct_hidden_code('searchstring', $vbulletin->GPC['searchstring']);
construct_hidden_code('dostyleid', $vbulletin->GPC['dostyleid']);
construct_hidden_code('product', $vbulletin->GPC['product']);
construct_hidden_code('savehistory', intval($vbulletin->GPC['savehistory']));
construct_hidden_code('histcomment', $vbulletin->GPC['histcomment']);
print_table_header($vbphrase['vbulletin_message']);
print_description_row($error);
print_submit_row($vbphrase['continue'], 0, 2, $vbphrase['go_back']);
print_cp_footer();
}
function print_upgrade_footer()
{
global $vbulletin;
unset($vbulletin->debug);
print_cp_footer();
}
/**
* Processes a raw template for conditionals, phrases etc into PHP code for eval()
*
* @param string Template
*
* @return string
*/
function compile_template($template, &$errors = array())
{
$orig_template = $template;
$template = preg_replace('#[\\x00-\\x08\\x0B\\x0C\\x0E-\\x1F]#', '', $template);
$new_syntax = (strpos($template, '<vb:') !== false OR strpos($template, '{vb:') !== false);
$old_syntax = (strpos($template, '<if') !== false OR strpos($template, '<phrase') !== false);
$maybe_old_syntax = preg_match('/(^|[^{])\$[a-z0-9_]+\[?/si', $template);
if (!$new_syntax AND ($old_syntax OR $maybe_old_syntax))
{
$template = addslashes($template);
$template = process_template_conditionals($template);
$template = process_template_phrases('phrase', $template, 'parse_phrase_tag');
$template = process_seo_urls($template);
if (!function_exists('replace_template_variables') OR !function_exists('validate_string_for_interpolation'))
{
require_once(DIR . '/includes/functions_misc.php');
}
//only check the old style syntax, the new style doesn't use string interpolation and isn't affected
//by this exploit. The new syntax doesn't 100% pass this check.
if(!validate_string_for_interpolation($template))
{
global $vbphrase;
echo "<p> </p><p> </p>";
print_form_header('', '', 0, 1, '', '65%');
print_table_header($vbphrase['vbulletin_message']);
print_description_row($vbphrase['template_text_not_safe']);
print_table_footer(2, construct_button_code($vbphrase['go_back'], 'javascript:history.back(1)'));
print_cp_footer();
exit;
}
$template = replace_template_variables($template, false);
$template = str_replace('\\\\$', '\\$', $template);
if (function_exists('token_get_all'))
{
$tokens = @token_get_all('<?php $var = "' . $template . '"; ?>');
foreach ($tokens AS $token)
{
if (is_array($token))
{
switch ($token[0])
{
case T_INCLUDE:
case T_INCLUDE_ONCE:
case T_REQUIRE:
case T_REQUIRE_ONCE:
{
global $vbphrase;
echo "<p> </p><p> </p>";
print_form_header('', '', 0, 1, '', '65%');
print_table_header($vbphrase['vbulletin_message']);
print_description_row($vbphrase['file_inclusion_not_permitted']);
print_table_footer(2, construct_button_code($vbphrase['go_back'], 'javascript:history.back(1)'));
print_cp_footer();
exit;
}
}
}
}
}
}
else
{
require_once(DIR . '/includes/class_template_parser.php');
$parser = new vB_TemplateParser($orig_template);
try
{
$parser->validate($errors);
}
catch (vB_Exception_TemplateFatalError $e)
{
global $vbphrase;
echo "<p> </p><p> </p>";
print_form_header('', '', 0, 1, '', '65%');
print_table_header($vbphrase['vbulletin_message']);
print_description_row($vbphrase[$e->getMessage()]);
print_table_footer(2, construct_button_code($vbphrase['go_back'], 'javascript:history.back(1)'));
print_cp_footer();
exit;
}
$template = $parser->compile();
// TODO: Reimplement these - if done, $session[], $bbuserinfo[], $vboptions will parse in the template without using {vb:raw, which isn't what we
// necessarily want to happen
/*
if (!function_exists('replace_template_variables'))
{
require_once(DIR . '/includes/functions_misc.php');
}
$template = replace_template_variables($template, false);
*/
}
if (function_exists('verify_demo_template'))
{
verify_demo_template($template);
}
($hook = vBulletinHook::fetch_hook('template_compile')) ? eval($hook) : false;
return $template;
}
function handle_vbulletin_copyright_removal($gpc, $page)
{
global $vbphrase;
if ($gpc['title'] == 'footer' and !$gpc['confirmremoval']) {
if (strpos($gpc['template'], '{vb:rawphrase powered_by_vbulletin') === false and strpos($gpc['template'], '{vb:phrase powered_by_vbulletin') === false) {
print_form_header('template', $page, 0, 1, '', '75%');
construct_hidden_code('confirmremoval', 1);
construct_hidden_code('title', $gpc['title']);
construct_hidden_code('template', $gpc['template']);
if (!empty($gpc['templateid'])) {
construct_hidden_code('templateid', $gpc['templateid']);
}
construct_hidden_code('group', $gpc['group']);
construct_hidden_code('searchstring', $gpc['searchstring']);
construct_hidden_code('dostyleid', $gpc['dostyleid']);
construct_hidden_code('savehistory', intval($gpc['savehistory']));
construct_hidden_code('histcomment', $gpc['histcomment']);
construct_hidden_code('product', $gpc['product']);
print_table_header($vbphrase['confirm_removal_of_copyright_notice']);
print_description_row($vbphrase['it_appears_you_are_removing_vbulletin_copyright']);
print_submit_row($vbphrase['yes'], 0, 2, $vbphrase['no']);
print_cp_footer();
exit;
}
}
}
function print_upgrade_footer()
{
unset($GLOBALS['DEVDEBUG']);
//echo '</div>';
print_cp_footer();
}
function rpm_print_stop_back($text = 'error')
{
global $vbphrase;
if (!defined('DONE_CPHEADER')) {
print_cp_header($vbphrase['vbulletin_message']);
}
echo '<p> </p><p> </p>';
print_form_header('', '', 0, 1, 'messageform', '65%');
print_table_header($vbphrase['vbulletin_message']);
print_description_row("<blockquote><br />{$text}<br /><br /></blockquote>");
print_table_footer(2, construct_button_code($vbphrase['go_back'], 'javascript:history.back(1)'));
rpm_print_footer();
print_cp_footer();
}
/**
* Halts execution and shows the specified message
*
* @param string Message to display
* @param mixed If specified, a redirect will be performed to the URL in this parameter
* @param integer If redirect is specified, this is the time in seconds to delay before redirect
* @param string If specified, will provide a specific URL for "Go Back". If empty, no button will be displayed!
* @param bool If true along with redirect, 'CONTINUE' button will be used instead of automatic redirect
*/
function print_cp_message($text = '', $redirect = NULL, $delay = 1, $backurl = NULL, $continue = false)
{
global $vbulletin, $vbphrase;
if ($vbulletin->GPC['ajax']) {
require_once DIR . '/includes/class_xml.php';
$xml = new vB_XML_Builder_Ajax('text/xml');
$xml->add_tag('error', $text);
$xml->print_xml();
exit;
}
if ($redirect) {
if (($hashpos = strpos($redirect, '#')) !== false or ($hashpos = strpos($redirect, '%23')) !== false) {
$hashsize = strpos($redirect, '#') !== false ? 1 : 3;
$hash = substr($redirect, $hashpos + $hashsize);
$redirect = substr($redirect, 0, $hashpos);
}
if ($session = vB::getCurrentSession()->get('sessionurl')) {
if (strpos($redirect, $session) !== false) {
if (strpos($redirect, '?') === false) {
$redirect .= '?' . $session;
} else {
$redirect .= '&' . $session;
}
}
}
}
if (!defined('DONE_CPHEADER')) {
print_cp_header($vbphrase['vbulletin_message']);
}
print_form_header('', '', 0, 1, 'messageform', '65%');
print_table_header(new vB_Phrase('global', 'vbulletin_message'));
print_description_row("<blockquote><br />{$text}<br /><br /></blockquote>");
if ($redirect) {
// redirect to the new page
if ($continue) {
$continueurl = create_full_url(str_replace('&', '&', $redirect));
if (!empty($hash)) {
$continueurl .= '#' . $hash;
}
print_table_footer(2, construct_button_code(new vB_Phrase('global', 'continue'), $continueurl));
} else {
print_table_footer();
$redirect_click = create_full_url($redirect);
if (!empty($hash)) {
$redirect_click .= '#' . $hash;
$redirect .= '#' . $hash;
}
$redirect_click = str_replace('"', '', $redirect_click);
echo '<p align="center" class="smallfont">' . construct_phrase($vbphrase['if_you_are_not_automatically_redirected_click_here_x'], $redirect_click) . "</p>\n";
print_cp_redirect($redirect, $delay);
}
} else {
// end the table and halt
if ($backurl === NULL) {
$backurl = 'javascript:history.back(1)';
}
if (strpos($backurl, 'history.back(') !== false) {
//if we are attempting to run a history.back(1), check we have a history to go back to, otherwise attempt to close the window.
$back_button = '
<input type="button" id="backbutton" class="button" value="' . $vbphrase['go_back'] . '" title="" tabindex="1" onclick="if (history.length) { history.back(1); } else { self.close(); }"/>
<script type="text/javascript">
<!--
if (history.length < 1 || ((is_saf || is_moz) && history.length <= 1)) // safari + gecko start at 1
{
document.getElementById("backbutton").parentNode.removeChild(document.getElementById("backbutton"));
}
//-->
</script>';
// remove the back button if it leads back to the login redirect page
if (strpos($vbulletin->url, 'login.php?do=login') !== false) {
$back_button = '';
}
} else {
if ($backurl !== '') {
// regular window.location=url call
$backurl = create_full_url($backurl);
$backurl = str_replace(array('"', "'"), '', $backurl);
$back_button = '<input type="button" class="button" value="' . new vB_Phrase('global', 'go_back') . '" title="" tabindex="1" onclick="window.location=\'' . $backurl . '\';"/>';
} else {
$back_button = '';
}
}
print_table_footer(2, $back_button);
}
// and now terminate the script
print_cp_footer();
}