function GetSafeFieldValue($s_fld, $b_text_subs = false, $s_array_sep = ";")
{
//
// for array values, insert the array separator after making
// the individual values HTML-safe
// The equivalent logic up to and including version 8.24 used
// htmlspecialchars not htmlentities.
// The use of htmlentities broke UTF-8 template processing,
// and this was reported in version 8.28.
// By specifying the character set, we trigger the use of htmlspecialchars
// so the logic is equivalent to the old logic.
//
if (isset($this->_aFields[$s_fld]) && is_array($this->_aFields[$s_fld])) {
$s_value = implode($this->_GetArraySep($s_array_sep), HTMLEntitiesArray($this->_aFields[$s_fld], false, GetMailOption("CharSet")));
} else {
if (!isset($this->_aFields[$s_fld])) {
if (($s_name = GetFileName($s_fld)) === false) {
$s_name = "";
}
$s_value = $s_name;
} else {
$s_value = (string) $this->_aFields[$s_fld];
}
if ($b_text_subs) {
list($s_value, $a_subs_data) = $this->_PrepareTextSubstitute($s_value);
}
$s_value = FixedHTMLEntities($s_value, GetMailOption("CharSet"));
if ($b_text_subs) {
$s_value = $this->_CompleteTextSubstitute($s_value, $a_subs_data);
}
}
return $s_value;
}
function GetMessage($i_msg_num, $a_params = array(), $b_show_mnum = true, $b_no_errors = false)
{
global $aMessages, $sLangID, $bShowMesgNumbers;
if (!isset($aMessages[$i_msg_num])) {
SendAlert("Unknown Message Number {$i_msg_num} was used", false, true);
$s_text = "<UNKNOWN MESSAGE NUMBER>";
} else {
$s_text = $aMessages[$i_msg_num];
}
$s_mno = $bShowMesgNumbers ? "[M{$i_msg_num}]" : "";
$s_orig_text = $s_text;
//
// substitute parameters; only works with PHP version 4.0.5 or later
//
if (strpos($s_text, '$') !== false) {
global $aGetMessageValues, $aGetMessageSubstituteErrors;
global $aGetMessageSubstituteFound, $bGetMessageSubstituteNoErrors;
$aGetMessageSubstituteErrors = array();
$aGetMessageSubstituteFound = array();
$aGetMessageValues = HTMLEntitiesArray($a_params);
$bGetMessageSubstituteNoErrors = $b_no_errors;
$aGetMessageValues["MNUM"] = $s_mno;
// add the message number
//
// search for words in this form:
// $word
// where word begins with an alphabetic character and
// consists of alphanumeric and underscore
//
$s_text = preg_replace_callback('/\\$([a-z][a-z0-9_]*)/i', 'GetMessageSubstituteParam', $s_text);
if (count($aGetMessageSubstituteErrors) > 0) {
SendAlert("Message Number {$i_msg_num} ('{$s_orig_text}') in language {$sLangID} " . "specified the following unsupported parameters: " . implode(',', $aGetMessageSubstituteErrors));
}
if (!in_array("MNUM", $aGetMessageSubstituteFound)) {
//
// append the message number
//
$s_text .= $b_show_mnum ? " {$s_mno}" : "";
}
} else {
//
// append the message number
//
$s_text .= $b_show_mnum ? " {$s_mno}" : "";
}
//
// replace '\n' sequences with new lines
//
return str_replace('\\n', "\n", $s_text);
}