$p->delete($permission, 'temp'); //get the destination_uuid if (strlen($destination_response['uuid']) > 0) { $destination_uuid = $destination_response['uuid']; } //redirect the user if ($action == "add") { $_SESSION["message"] = $text['message-add']; // billing if (file_exists($_SERVER['DOCUMENT_ROOT'] . PROJECT_PATH . "/app/billing/app_config.php")) { $db2 = new database(); $db2->sql = "select currency, billing_uuid, balance from v_billings where type_value='{$destination_accountcode}'"; $db2->result = $db2->execute(); $default_currency = strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'; $billing_currency = strlen($db2->result[0]['currency']) ? $db2->result[0]['currency'] : $default_currency; $destination_sell_current_currency = currency_convert($destination_sell, $billing_currency, $currency); $billing_uuid = $db2->result[0]['billing_uuid']; $balance = $db2->result[0]['balance']; unset($db2->sql, $db2->result); $balance -= $destination_sell_current_currency; $db2->sql = "update v_billings set balance = {$balance}, old_balance = {$balance} where type_value='{$destination_accountcode}'"; $db2->result = $db2->execute(); unset($db2->sql, $db2->result); $billing_invoice_uuid = uuid(); $user_uuid = check_str($_SESSION['user_uuid']); $settled = 1; $mc_gross = -1 * $destination_sell_current_currency; $post_payload = serialize($_POST); $db2->sql = "insert into v_billing_invoices (billing_invoice_uuid, billing_uuid, payer_uuid, billing_payment_date, settled, amount, debt, post_payload,plugin_used, domain_uuid) values ('{$billing_invoice_uuid}', '{$billing_uuid}', '{$user_uuid}', NOW(), {$settled}, {$mc_gross}, {$balance}, '{$post_payload}', 'DID {$destination_number} Assigment', '" . $domain_uuid . "' )"; $db2->result = $db2->execute(); unset($db2->sql, $db2->result);
function process_xml_cdr($db, $leg, $xml_string) { //set global variable global $debug; //fix the xml by escaping the contents of <sip_full_XXX> $xml_string = preg_replace_callback("/<([^><]+)>(.*?[><].*?)<\\/\\g1>/", function ($matches) { var_dump($matches); return '<' . $matches[1] . '>' . str_replace(">", ">", str_replace("<", "<", $matches[2])) . '</' . $matches[1] . '>'; }, $xml_string); //parse the xml to get the call detail record info try { xml_cdr_log($xml_string); $xml = simplexml_load_string($xml_string); xml_cdr_log("\nxml load done\n"); } catch (Exception $e) { echo $e->getMessage(); xml_cdr_log("\nfail loadxml: " . $e->getMessage() . "\n"); } //prepare the database object require_once "resources/classes/database.php"; $database = new database(); $database->table = "v_xml_cdr"; //misc $uuid = check_str(urldecode($xml->variables->uuid)); $database->fields['uuid'] = $uuid; $database->fields['accountcode'] = check_str(urldecode($xml->variables->accountcode)); $database->fields['default_language'] = check_str(urldecode($xml->variables->default_language)); $database->fields['bridge_uuid'] = check_str(urldecode($xml->variables->bridge_uuid)); //$database->fields['digits_dialed'] = check_str(urldecode($xml->variables->digits_dialed)); $database->fields['sip_hangup_disposition'] = check_str(urldecode($xml->variables->sip_hangup_disposition)); $database->fields['pin_number'] = check_str(urldecode($xml->variables->pin_number)); //time $database->fields['start_epoch'] = check_str(urldecode($xml->variables->start_epoch)); $start_stamp = check_str(urldecode($xml->variables->start_stamp)); $database->fields['start_stamp'] = $start_stamp; $database->fields['answer_stamp'] = check_str(urldecode($xml->variables->answer_stamp)); $database->fields['answer_epoch'] = check_str(urldecode($xml->variables->answer_epoch)); $database->fields['end_epoch'] = check_str(urldecode($xml->variables->end_epoch)); $database->fields['end_stamp'] = check_str(urldecode($xml->variables->end_stamp)); $database->fields['duration'] = check_str(urldecode($xml->variables->duration)); $database->fields['mduration'] = check_str(urldecode($xml->variables->mduration)); $database->fields['billsec'] = check_str(urldecode($xml->variables->billsec)); $database->fields['billmsec'] = check_str(urldecode($xml->variables->billmsec)); //codecs $database->fields['read_codec'] = check_str(urldecode($xml->variables->read_codec)); $database->fields['read_rate'] = check_str(urldecode($xml->variables->read_rate)); $database->fields['write_codec'] = check_str(urldecode($xml->variables->write_codec)); $database->fields['write_rate'] = check_str(urldecode($xml->variables->write_rate)); $database->fields['remote_media_ip'] = check_str(urldecode($xml->variables->remote_media_ip)); $database->fields['hangup_cause'] = check_str(urldecode($xml->variables->hangup_cause)); $database->fields['hangup_cause_q850'] = check_str(urldecode($xml->variables->hangup_cause_q850)); //call center $database->fields['cc_side'] = check_str(urldecode($xml->variables->cc_side)); $database->fields['cc_member_uuid'] = check_str(urldecode($xml->variables->cc_member_uuid)); $database->fields['cc_queue_joined_epoch'] = check_str(urldecode($xml->variables->cc_queue_joined_epoch)); $database->fields['cc_queue'] = check_str(urldecode($xml->variables->cc_queue)); $database->fields['cc_member_session_uuid'] = check_str(urldecode($xml->variables->cc_member_session_uuid)); $database->fields['cc_agent'] = check_str(urldecode($xml->variables->cc_agent)); $database->fields['cc_agent_type'] = check_str(urldecode($xml->variables->cc_agent_type)); $database->fields['waitsec'] = check_str(urldecode($xml->variables->waitsec)); //app info $database->fields['last_app'] = check_str(urldecode($xml->variables->last_app)); $database->fields['last_arg'] = check_str(urldecode($xml->variables->last_arg)); //conference $database->fields['conference_name'] = check_str(urldecode($xml->variables->conference_name)); $database->fields['conference_uuid'] = check_str(urldecode($xml->variables->conference_uuid)); $database->fields['conference_member_id'] = check_str(urldecode($xml->variables->conference_member_id)); //call quality $rtp_audio_in_mos = check_str(urldecode($xml->variables->rtp_audio_in_mos)); if (strlen($rtp_audio_in_mos) > 0) { $database->fields['rtp_audio_in_mos'] = $rtp_audio_in_mos; } //get the values from the callflow. $x = 0; foreach ($xml->callflow as $row) { if ($x == 0) { $context = check_str(urldecode($row->caller_profile->context)); $database->fields['destination_number'] = check_str(urldecode($row->caller_profile->destination_number)); $database->fields['context'] = $context; $database->fields['network_addr'] = check_str(urldecode($row->caller_profile->network_addr)); } $database->fields['caller_id_name'] = check_str(urldecode($row->caller_profile->caller_id_name)); $database->fields['caller_id_number'] = check_str(urldecode($row->caller_profile->caller_id_number)); $x++; } unset($x); //store the call leg $database->fields['leg'] = $leg; //store the call direction $database->fields['direction'] = check_str(urldecode($xml->variables->call_direction)); //store post dial delay, in milliseconds $database->fields['pdd_ms'] = check_str(urldecode($xml->variables->progress_mediamsec) + urldecode($xml->variables->progressmsec)); //get break down the date to year, month and day $tmp_time = strtotime($start_stamp); $tmp_year = date("Y", $tmp_time); $tmp_month = date("M", $tmp_time); $tmp_day = date("d", $tmp_time); //get the domain values from the xml $domain_name = check_str(urldecode($xml->variables->domain_name)); $domain_uuid = check_str(urldecode($xml->variables->domain_uuid)); xml_cdr_log("\ndomain_name is `{$domain_name}`; domain_uuid is '{$domain_uuid}'\n"); //get the domain_uuid with the domain_name if (strlen($domain_uuid) == 0) { $sql = "select domain_uuid from v_domains "; if (strlen($domain_name) == 0 && $context != 'public' && $context != 'default') { $sql .= "where domain_name = '" . $context . "' "; } else { $sql .= "where domain_name = '" . $domain_name . "' "; } $row = $db->query($sql)->fetch(); $domain_uuid = $row['domain_uuid']; if (strlen($domain_uuid) == 0) { $sql = "select domain_name, domain_uuid from v_domains "; $row = $db->query($sql)->fetch(); $domain_uuid = $row['domain_uuid']; if (strlen($domain_name) == 0) { $domain_name = $row['domain_name']; } } } //set values in the database $database->domain_uuid = $domain_uuid; $database->fields['domain_uuid'] = $domain_uuid; $database->fields['domain_name'] = $domain_name; //check whether a recording exists $recording_relative_path = '/archive/' . $tmp_year . '/' . $tmp_month . '/' . $tmp_day; if (file_exists($_SESSION['switch']['recordings']['dir'] . $recording_relative_path . '/' . $uuid . '.wav')) { $recording_file = $recording_relative_path . '/' . $uuid . '.wav'; } elseif (file_exists($_SESSION['switch']['recordings']['dir'] . $recording_relative_path . '/' . $uuid . '.mp3')) { $recording_file = $recording_relative_path . '/' . $uuid . '.mp3'; } if (isset($recording_file) && !empty($recording_file)) { $database->fields['recording_file'] = $recording_file; } //save to the database in xml format if ($_SESSION['cdr']['format']['text'] == "xml" && $_SESSION['cdr']['storage']['text'] == "db") { $database->fields['xml'] = check_str($xml_string); } //save to the database in json format if ($_SESSION['cdr']['format']['text'] == "json" && $_SESSION['cdr']['storage']['text'] == "db") { $database->fields['json'] = check_str(json_encode($xml)); } //insert the check_str($extension_uuid) if (strlen($xml->variables->extension_uuid) > 0) { $database->fields['extension_uuid'] = check_str(urldecode($xml->variables->extension_uuid)); } //billing information if (file_exists($_SERVER['DOCUMENT_ROOT'] . PROJECT_PATH . "/app/billing/app_config.php")) { $db2 = new database(); $lcr_currency = strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'; $accountcode = strlen(urldecode($xml->variables->accountcode)) ? check_str(urldecode($xml->variables->accountcode)) : $domain_name; switch (check_str(urldecode($xml->variables->call_direction))) { case "outbound": $destination_number = check_str(urldecode($xml->variables->lcr_query_digits)); $destination_number_serie = number_series($destination_number); $database->fields['carrier_name'] = check_str(urldecode($xml->variables->lcr_carrier)); $sql_rate = "SELECT v_lcr.connect_increment, v_lcr.talk_increment, v_lcr.currency FROM v_lcr, v_carriers WHERE v_carriers.carrier_name = '" . $xml->variables->lcr_carrier . "' AND v_lcr.rate=" . $xml->variables->lcr_rate . " AND v_lcr.lcr_direction = '" . check_str(urldecode($xml->variables->call_direction)) . "' AND digits IN ({$destination_number_serie}) AND v_lcr.carrier_uuid = v_carriers.carrier_uuid ORDER BY digits DESC, rate ASC limit 1"; $sql_user_rate = "SELECT v_lcr.currency, connect_increment, talk_increment FROM v_lcr JOIN v_billings ON v_billings.type_value='{$accountcode}' WHERE v_lcr.carrier_uuid IS NULL AND v_lcr.lcr_direction = '" . check_str(urldecode($xml->variables->call_direction)) . "' AND v_lcr.lcr_profile=v_billings.lcr_profile AND NOW() >= v_lcr.date_start AND NOW() < v_lcr.date_end AND digits IN ({$destination_number_serie}) ORDER BY digits DESC, rate ASC, date_start DESC LIMIT 1"; if ($debug) { echo "sql_rate: {$sql_rate}\n"; echo "sql_user_rate: {$sql_user_rate}\n"; } $db2->sql = $sql_rate; $db2->result = $db2->execute(); // print_r($db2->result); $lcr_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); $lcr_rate = strlen($xml->variables->lcr_rate) ? $xml->variables->lcr_rate : 0; $lcr_first_increment = strlen($db2->result[0]['connect_increment']) ? check_str($db2->result[0]['connect_increment']) : 60; $lcr_second_increment = strlen($db2->result[0]['talk_increment']) ? check_str($db2->result[0]['talk_increment']) : 60; unset($db2->sql); unset($db2->result); $db2->sql = $sql_user_rate; $db2->result = $db2->execute(); $lcr_user_rate = strlen($xml->variables->lcr_user_rate) ? $xml->variables->lcr_user_rate : 0.01; $lcr_user_first_increment = strlen($db2->result[0]['connect_increment']) ? check_str($db2->result[0]['connect_increment']) : 60; $lcr_user_second_increment = strlen($db2->result[0]['talk_increment']) ? check_str($db2->result[0]['talk_increment']) : 60; $lcr_user_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); unset($db2->sql); unset($db2->result); break; case "inbound": $callee_number = check_str(urldecode($row->caller_profile->destination_number)); $callee_number_serie = number_series($callee_number); $sql_user_rate = "SELECT v_lcr.currency, v_lcr.rate, v_lcr.connect_increment, v_lcr.talk_increment FROM v_lcr JOIN v_billings ON v_billings.type_value='{$accountcode}' WHERE v_lcr.carrier_uuid IS NULL AND v_lcr.lcr_direction = '" . check_str(urldecode($xml->variables->call_direction)) . "' AND v_lcr.lcr_profile=v_billings.lcr_profile AND NOW() >= v_lcr.date_start AND NOW() < v_lcr.date_end AND digits IN ({$destination_number_serie}) ORDER BY digits DESC, rate ASC, date_start DESC LIMIT 1"; if ($debug) { echo "sql_user_rate: {$sql_user_rate}\n"; } $db2->sql = $sql_user_rate; $db2->result = $db2->execute(); // If selling rate is found, then we fill with data, otherwise rate will be 0 $lcr_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); $lcr_user_rate = strlen($db2->result[0]['rate']) ? $db2->result[0]['rate'] : 0; $lcr_user_first_increment = strlen($db2->result[0]['connect_increment']) ? $db2->result[0]['connect_increment'] : 60; $lcr_user_second_increment = strlen($db2->result[0]['talk_increment']) ? $db2->result[0]['talk_increment'] : 60; $lcr_user_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); // Actually, there is no way to detect what carrier is the calling comming from using current information $lcr_rate = 0; $lcr_first_increment = 0; $lcr_second_increment = 0; unset($db2->sql); unset($db2->result); break; case "local": $destination_number = check_str(urldecode($xml->variables->lcr_query_digits)); $destination_number_serie = number_series($destination_number); $sql_user_rate = "SELECT v_lcr.currency, connect_increment, talk_increment FROM v_lcr JOIN v_billings ON v_billings.type_value='{$accountcode}' WHERE v_lcr.carrier_uuid IS NULL AND v_lcr.lcr_direction = '" . check_str(urldecode($xml->variables->call_direction)) . "' AND v_lcr.lcr_profile=v_billings.lcr_profile AND NOW() >= v_lcr.date_start AND NOW() < v_lcr.date_end AND digits IN ({$destination_number_serie}) ORDER BY digits DESC, rate ASC, date_start DESC LIMIT 1"; if ($debug) { echo "sql_user_rate: {$sql_user_rate}\n"; } $db2->sql = $sql_user_rate; $db2->result = $db2->execute(); // If selling rate is found, then we fill with data, otherwise rate will be 0 $lcr_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); $lcr_user_rate = strlen($db2->result[0]['rate']) ? ${$db2}->result[0]['rate'] : 0; $lcr_user_first_increment = strlen($db2->result[0]['connect_increment']) ? $db2->result[0]['connect_increment'] : 60; $lcr_user_second_increment = strlen($db2->result[0]['talk_increment']) ? $db2->result[0]['talk_increment'] : 60; $lcr_user_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); // Actually, internal calls have 0 cost $lcr_rate = 0; $lcr_first_increment = 0; $lcr_second_increment = 0; unset($db2->sql); unset($db2->result); break; } // Please note that we save values using LCR currency, but we discount balance in billing currency $time = check_str(urldecode($xml->variables->billsec)); $call_buy = call_cost($lcr_rate, $lcr_first_increment, $lcr_second_increment, $time); $call_sell = call_cost($lcr_user_rate, $lcr_user_first_increment, $lcr_user_second_increment, $time); // Costs/Sell call are in original LCR currency, they need to be converted $database->fields['call_buy'] = check_str($call_buy); $database->fields['call_sell'] = check_str($call_sell); $db2->table = "v_xml_cdr"; $db2->sql = "SELECT currency FROM v_billings WHERE type_value='{$accountcode}' LIMIT 1"; $db2->result = $db2->execute(); $actual_currency = strlen($lcr_currency) ? $lcr_currency : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); $billing_currency = strlen($db2->result[0]['currency']) ? $db2->result[0]['currency'] : $default_currency; if ($debug) { echo "sql: " . $db2->sql . "\n"; echo "c " . $database->fields['carrier_name'] . "\n"; echo "t {$time}\n"; echo "b r:{$lcr_rate} - {$lcr_first_increment} - {$lcr_first_increment} = {$call_buy}\n"; echo "s r:{$lcr_user_rate} - {$lcr_user_first_increment} - {$lcr_user_second_increment} = {$call_sell}\n"; echo "lcr currency {$lcr_currency}\n"; echo "actual currency {$actual_currency}\n"; echo "user currency {$lcr_user_currency}\n"; echo "billing currency {$billing_currency}\n"; } unset($database->sql); unset($database->result); $sql_balance = "SELECT balance, old_balance FROM v_billings WHERE type_value='" . check_str(urldecode($xml->variables->accountcode)) . "'"; $db2->sql = $sql_balance; $db2->result = $db2->execute(); $balance = $db2->result[0]['balance']; $old_balance = $db2->result[0]['old_balance']; if ($debug) { echo "sql_balance: {$sql_balance}\n"; echo "bal: {$balance}\n"; echo "old bal: {$old_balance}\n"; } // Lets convert rate from lcr_currency to billing_currency $billing_call_sell = currency_convert($call_sell, $billing_currency, $lcr_user_currency); if ($debug) { echo "bcs: {$billing_call_sell} {$billing_currency}\n"; } // Remember that old_balance is using billing_currency $updated_balance = (double) $old_balance - (double) $billing_call_sell; unset($db2->sql); unset($db2->result); $sql_update_balance = "UPDATE v_billings SET balance={$updated_balance}, old_balance={$updated_balance} WHERE type_value='" . check_str(urldecode($xml->variables->accountcode)) . "'"; if ($debug) { echo "sql_update_balance: {$sql_update_balance}\n"; } $db2->sql = $sql_update_balance; $db2->result = $db2->execute(); unset($db2->sql); unset($db2->result); } //insert xml_cdr into the db if (strlen($start_stamp) > 0) { $database->add(); if ($debug) { echo $database->sql . "\n"; } } //insert the values if (strlen($uuid) > 0) { if ($debug) { $time5_insert = microtime(true); //echo $sql."<br />\n"; } try { $error = "false"; //$db->exec(check_sql($sql)); } catch (PDOException $e) { $tmp_dir = $_SESSION['switch']['log']['dir'] . '/xml_cdr/failed/'; if (!file_exists($tmp_dir)) { mkdir($tmp_dir, 0777, true); } if ($_SESSION['cdr']['format']['text'] == "xml") { $tmp_file = $uuid . '.xml'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, $xml_string); } else { $tmp_file = $uuid . '.json'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, json_encode($xml)); } fclose($fh); if ($debug) { echo $e->getMessage(); } $error = "true"; } if ($_SESSION['cdr']['storage']['text'] == "dir" && $error != "true") { if (strlen($uuid) > 0) { $tmp_time = strtotime($start_stamp); $tmp_year = date("Y", $tmp_time); $tmp_month = date("M", $tmp_time); $tmp_day = date("d", $tmp_time); $tmp_dir = $_SESSION['switch']['log']['dir'] . '/xml_cdr/archive/' . $tmp_year . '/' . $tmp_month . '/' . $tmp_day; if (!file_exists($tmp_dir)) { mkdir($tmp_dir, 0777, true); } if ($_SESSION['cdr']['format']['text'] == "xml") { $tmp_file = $uuid . '.xml'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, $xml_string); } else { $tmp_file = $uuid . '.json'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, json_encode($xml)); } fclose($fh); } } unset($error); if ($debug) { global $insert_time, $insert_count; $insert_time += microtime(true) - $time5_insert; //add this current query. $insert_count++; } } unset($sql); }
//increment the extension number $extension++; } if ($billing_app_exists) { // Let's bill $j has the number of extensions to bill $db2 = new database(); $db2->sql = "SELECT currency, billing_uuid, balance FROM v_billings WHERE type_value='{$destination_accountcode}'"; $db2->result = $db2->execute(); $default_currency = strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'; $billing_currency = strlen($db2->result[0]['currency']) ? $db2->result[0]['currency'] : $default_currency; $billing_uuid = $db2->result[0]['billing_uuid']; $balance = $db2->result[0]['balance']; unset($db2->sql, $db2->result); $default_extension_pricing = strlen($_SESSION['billing']['extension.pricing']['numeric']) ? $_SESSION['billing']['extension.pricing']['numeric'] : '0'; $total_price = $default_extension_pricing * $j; $total_price_current_currency = currency_convert($total_price, $billing_currency, $default_currency); $balance -= $total_price_current_currency; $db2->sql = "UPDATE v_billings SET balance = {$balance}, old_balance = {$balance} WHERE type_value='{$destination_accountcode}'"; $db2->result = $db2->execute(); unset($db2->sql, $db2->result); $billing_invoice_uuid = uuid(); $user_uuid = check_str($_SESSION['user_uuid']); $settled = 1; $mc_gross = -1 * $total_price_current_currency; $post_payload = serialize($_POST); $db2->sql = "INSERT INTO v_billing_invoices (billing_invoice_uuid, billing_uuid, payer_uuid, billing_payment_date, settled, amount, debt, post_payload,plugin_used, domain_uuid) VALUES ('{$billing_invoice_uuid}', '{$billing_uuid}', '{$user_uuid}', NOW(), {$settled}, {$mc_gross}, {$balance}, '{$post_payload}', '{$j} extension(s) created', '" . $_SESSION['domain_uuid'] . "' )"; $db2->result = $db2->execute(); unset($db2->sql, $db2->result); } } //if ($action == "add")
$array = json_decode(json_encode((array) simplexml_load_string($xml_string)), true); } } catch (Exception $e) { echo $e->getMessage(); } $n = $lcr_direction == "inbound" ? check_str(urldecode($array["caller_profile"]["caller_id_number"])) : check_str(urldecode($array["variables"]["lcr_query_digits"])); $database->table = "v_lcr"; $database->sql = "SELECT currency FROM v_lcr WHERE v_lcr.carrier_uuid IS NULL AND v_lcr.enabled='true' AND v_lcr.lcr_direction='{$lcr_direction}' AND v_lcr.digits IN (" . number_series($n) . ") ORDER BY digits DESC, rate ASC, date_start DESC LIMIT 1"; $database->result = $database->execute(); // print "<pre>"; print $database->sql . ":";print "[".$database->result[0]['currency']."]"; print_r($array); print "</pre>"; $lcr_currency = is_string($database->result[0]['currency']) && strlen($database->result[0]['currency']) ? $database->result[0]['currency'] : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); //billed currency unset($database->sql); unset($database->result); if ($sell_price) { $price = currency_convert($sell_price, $billing_currency, $lcr_currency); } else { $price = 0; } echo "\t<td valign='top' class='" . $row_style[$c] . "'>" . number_format($price, 6) . " {$billing_currency}</td>\n"; unset($sell_price, $price); } if (permission_exists("xml_cdr_pdd")) { echo "\t<td valign='top' class='" . $row_style[$c] . "' style='text-align: right;'>" . number_format($row['pdd_ms'] / 1000, 2) . "s</td>\n"; } if (permission_exists("xml_cdr_mos")) { echo "\t<td valign='top' class='" . $row_style[$c] . "' " . (strlen($row['rtp_audio_in_mos']) > 0 ? "title='" . $row['rtp_audio_in_mos'] / 5 * 100 . "%'" : null) . " style='text-align: center;'>" . (strlen($row['rtp_audio_in_mos']) > 0 ? $row['rtp_audio_in_mos'] : " ") . "</td>\n"; } echo "\t<td valign='top' class='" . $row_style[$c] . "' nowrap='nowrap'>"; if (if_group("admin") || if_group("superadmin") || if_group("cdr")) { echo "<a {$tr_link}>" . $hangup_cause . "</a>";
unset($set); switch ($add_comand) { case 'prod_off': $set = 'enabled = 0'; break; case 'prod_on': $set = 'enabled = 1'; break; case 'set_currency': $from = (int) $v['currencyID']; $list_price = (int) $v['list_price']; $to = (int) $_POST['currencyID']; if ($from != $to) { $set = 'currencyID = ' . $to; $set .= ',Price = "' . currency_convert($price, $from, $to) . '"'; $set .= ',list_price = "' . currency_convert($list_price, $from, $to) . '"'; } break; case 'prod_move': $set = 'categoryID = ' . (int) $_POST['prod_categoryID']; break; case 'prod_dell': if (!DeleteProduct($k)) { Redirect(_getUrlToSubmit() . '&couldntToDelete = 1'); } break; } if (!empty($set)) { $sql = ' UPDATE ' . PRODUCTS_TABLE . ' SET ' . $set . '
/** * Choose product step. * * @param tempcode The page title. * @return tempcode The result of execution. */ function choose($title) { breadcrumb_set_self(do_lang_tempcode('PURCHASING')); /*if (is_guest()) { $register=$GLOBALS['FORUM_DRIVER']->join_url(); if (is_object($register)) $register=$register->evaluate(); $_redirect=build_url(array('page'=>'_SELF','type'=>'misc'),'_SELF'); $redirect=$_redirect->evaluate(); $_login=build_url(array('page'=>'login','redirect'=>$redirect)); $login=$_login->evaluate(); return $this->wrap(do_template('PURCHASE_WIZARD_STAGE_GUEST',array('_GUID'=>'accf475a1457f73d7280b14d774acc6e','TITLE'=>$title,'TEXT'=>do_lang_tempcode('PURCHASE_NOT_LOGGED_IN_2',escape_html($register),escape_html($login)))),$title,NULL); }*/ $url = build_url(array('page' => '_SELF', 'type' => 'message', 'id' => get_param_integer('id', -1)), '_SELF', NULL, true, true); require_code('form_templates'); $list = new ocp_tempcode(); $filter = get_param('filter', ''); $products = find_all_products(); foreach ($products as $product => $details) { if ($filter != '') { if (!is_string($product) || substr($product, 0, strlen($filter)) != $filter) { continue; } } if (($details[0] == PRODUCT_PURCHASE_WIZARD || $details[0] == PRODUCT_SUBSCRIPTION || $details[0] == PRODUCT_CATALOGUE) && method_exists($details[count($details) - 1], 'is_available') && $details[count($details) - 1]->is_available($product, get_member())) { require_code('currency'); $currency = get_option('currency'); $price = currency_convert(floatval($details[1]), $currency, NULL, true); $description = $details[4]; if (strpos($details[4], strpos($details[4], '.') === false ? preg_replace('#\\.00($|[^\\d])#', '', $price) : $price) === false) { $description .= ' (' . $price . ')'; } $list->attach(form_input_list_entry($product, false, protect_from_escaping($description))); } } if ($list->is_empty()) { inform_exit(do_lang_tempcode('NO_CATEGORIES')); } $fields = form_input_list(do_lang_tempcode('PRODUCT'), '', 'product', $list, NULL, true); return $this->wrap(do_template('PURCHASE_WIZARD_STAGE_CHOOSE', array('_GUID' => '47c22d48313ff50e6323f05a78342eae', 'FIELDS' => $fields, 'TITLE' => $title)), $title, $url, true); }
/** * Get transaction summaries. * * @param TIME Start of time range * @param TIME End of time range * @param boolean Whether to count unpaid invoices into this. This means any invoicing in transactions will be ignored, and instead invoicing will be read directly. * @return array A template-ready list of maps of summary for multiple transaction types. */ function get_types($from, $to, $unpaid_invoices_count = false) { $types = array('OPENING' => array('TYPE' => do_lang_tempcode('OPENING_BALANCE'), 'AMOUNT' => 0, 'SPECIAL' => true), 'INTEREST_PLUS' => array('TYPE' => do_lang_tempcode('M_INTEREST_PLUS'), 'AMOUNT' => 0, 'SPECIAL' => false)); $products = find_all_products(); foreach ($products as $product => $details) { $types[$product] = array('TYPE' => $details[4], 'AMOUNT' => 0, 'SPECIAL' => false); } $types += array('COST' => array('TYPE' => do_lang_tempcode('EXPENSES'), 'AMOUNT' => 0, 'SPECIAL' => false), 'TRANS' => array('TYPE' => do_lang_tempcode('TRANSACTION_FEES'), 'AMOUNT' => 0, 'SPECIAL' => false), 'WAGE' => array('TYPE' => do_lang_tempcode('WAGES'), 'AMOUNT' => 0, 'SPECIAL' => false), 'INTEREST_MINUS' => array('TYPE' => do_lang_tempcode('M_INTEREST_MINUS'), 'AMOUNT' => 0, 'SPECIAL' => false), 'TAX' => array('TYPE' => do_lang_tempcode('TAX_GENERAL'), 'AMOUNT' => 0, 'SPECIAL' => false), 'CLOSING' => array('TYPE' => do_lang_tempcode('CLOSING_BALANCE'), 'AMOUNT' => 0, 'SPECIAL' => true), 'PROFIT' => array('TYPE' => do_lang_tempcode('NET_PROFIT'), 'AMOUNT' => 0, 'SPECIAL' => true)); require_code('currency'); $transactions = $GLOBALS['SITE_DB']->query('SELECT * FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'transactions WHERE t_time<' . strval((int) $to) . ' AND ' . db_string_equal_to('status', 'Completed') . ' ORDER BY t_time'); foreach ($transactions as $transaction) { if ($transaction['t_time'] > $from) { $types['TRANS']['AMOUNT'] += get_transaction_fee($transaction['amount'], $transaction['t_via']); } if ($unpaid_invoices_count) { foreach ($products as $product => $details) { if ($transaction['item'] == $product && $details[0] == PRODUCT_INVOICE) { continue 2; } } } $product = $transaction['item']; $transaction['amount'] = currency_convert($transaction['amount'], $transaction['t_currency'], get_option('currency')); $types['CLOSING']['AMOUNT'] += $transaction['amount']; if ($transaction['t_time'] < $from) { $types['OPENING']['AMOUNT'] += $transaction['amount'] - get_transaction_fee($transaction['amount'], $transaction['t_via']); continue; } if ($transaction['item'] == 'OTHER' && $transaction['amount'] < 0) { $types['COST']['AMOUNT'] += $transaction['amount']; } elseif ($transaction['item'] == 'TAX') { $types['TAX']['AMOUNT'] += $transaction['amount']; } elseif ($transaction['item'] == 'INTEREST') { $types[$product][$transaction['amount'] < 0 ? 'INTEREST_MINUS' : 'INTEREST_PLUS']['AMOUNT'] += $transaction['amount']; } elseif ($transaction['item'] == 'WAGE') { $types['WAGE']['AMOUNT'] += $transaction['amount']; } else { if (!array_key_exists($product, $types)) { $types[$product] = array('TYPE' => $product, 'AMOUNT' => 0, 'SPECIAL' => false); } // In case product no longer exists $types[$product]['AMOUNT'] += $transaction['amount']; } } if ($unpaid_invoices_count) { $invoices = $GLOBALS['SITE_DB']->query('SELECT * FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'invoices WHERE ' . db_string_equal_to('i_state', 'new') . ' AND i_time<' . strval((int) $to) . ' ORDER BY i_time'); foreach ($invoices as $invoice) { $product = $invoice['i_type_code']; $types['CLOSING']['AMOUNT'] += intval($invoice['i_amount']); if ($invoice['i_time'] < $from) { $types['OPENING']['AMOUNT'] += intval($invoice['i_amount']); continue; } $types[$product]['AMOUNT'] += intval($invoice['i_amount']); } } // $types['PROFIT_GROSS'] is not calculated $types['PROFIT']['AMOUNT'] = $types['CLOSING']['AMOUNT'] - $types['OPENING']['AMOUNT'] + $types['TAX']['AMOUNT']; // $types['PROFIT_NET_TAXED'] is not calculated foreach ($types as $item => $details) { $types[$item]['AMOUNT'] = float_to_raw_string($types[$item]['AMOUNT']); } foreach ($types as $i => $t) { if (is_float($t['AMOUNT'])) { $types[$i]['AMOUNT'] = float_to_raw_string($t['AMOUNT']); } elseif (is_integer($t['AMOUNT'])) { $types[$i]['AMOUNT'] = strval($t['AMOUNT']); } } return $types; }
function UpdateProduct($productID, $categoryID, $name, $Price, $description, $in_stock, $customers_rating, $brief_description, $list_price, $product_code, $sort_order, $ProductIsProgram, $eproduct_filename, $eproduct_available_days, $eproduct_download_times, $weight, $meta_description, $meta_keywords, $free_shipping, $min_order_amount, $shipping_freight, $classID, $currencyID, $opt_margin, $sef, $title, $updateGCV = 1) { if ($min_order_amount == 0) { $min_order_amount = 1; } if (!$ProductIsProgram) { $eproduct_filename = ""; } if (!$free_shipping) { $free_shipping = 0; } else { $free_shipping = 1; } $sql = ' SELECT eproduct_filename FROM ' . PRODUCTS_TABLE . ' WHERE productID=' . (int) $productID; $q = db_query($sql); $old_file_name = db_fetch_row($q); $old_file_name = $old_file_name[0]; if ($classID == null) { $classID = 'NULL'; } if ($eproduct_filename != "" && $ProductIsProgram) { if (trim($_FILES[$eproduct_filename]["name"]) != "") { if (trim($old_file_name) != "" && file_exists("core/files/" . $old_file_name)) { unlink("core/files/{$old_file_name}"); } if ($_FILES[$eproduct_filename]["size"] != 0) { $r = move_uploaded_file($_FILES[$eproduct_filename]["tmp_name"], "core/files/" . $_FILES[$eproduct_filename]["name"]); } $eproduct_filename = trim($_FILES[$eproduct_filename]["name"]); SetRightsToUploadedFile("core/files/" . $eproduct_filename); } else { $eproduct_filename = $old_file_name; } } elseif ($old_file_name != "") { unlink("core/files/" . $old_file_name); } if (isset($_POST['from_currencyID'])) { $from = (int) $_POST['from_currencyID']; $to = $currencyID; if ($from != $to && !empty($from)) { $Price = currency_convert($Price, $from, $to); $list_price = currency_convert($list_price, $from, $to); } } $sql = ' UPDATE ' . PRODUCTS_TABLE . ' SET categoryID = ' . (int) $categoryID . ', name = "' . xToText(trim($name)) . '", Price = "' . number_format($Price, 2, '.', '') . '", description = "' . xEscSQL($description) . '", in_stock = ' . (int) $in_stock . ', customers_rating = "' . (double) $customers_rating . '", brief_description = "' . xEscSQL($brief_description) . '", list_price = "' . number_format($list_price, 2, '.', '') . '", product_code = "' . xToText(trim($product_code)) . '", sort_order = ' . (int) $sort_order . ', date_modified = "' . xEscSQL(get_current_time()) . '", eproduct_filename = "' . xEscSQL($eproduct_filename) . '", eproduct_available_days = ' . (int) $eproduct_available_days . ', eproduct_download_times = ' . (int) $eproduct_download_times . ', weight = "' . (double) $weight . '", meta_description = "' . xToText(trim($meta_description)) . '", meta_keywords = "' . xToText(trim($meta_keywords)) . '", free_shipping = ' . (int) $free_shipping . ', min_order_amount = ' . (int) $min_order_amount . ', shipping_freight = "' . number_format($shipping_freight, 2, '.', '') . '", classID = "' . $classID . '", currencyID = ' . (int) $currencyID . ', opt_margin = ' . (int) $opt_margin . ', sef = "' . xToText(trim($sef)) . '", title = "' . xToText(trim($title)) . '" WHERE productID = ' . (int) $productID; db_query($sql); db_query('DELETE FROM ' . CATEGORIY_PRODUCT_TABLE . ' WHERE productID = ' . (int) $productID . ' AND categoryID = ' . (int) $categoryID); if ($updateGCV == 1 && CONF_UPDATE_GCV == '1') { //update goods count values for categories in case of regular file editing. do not update during import from excel update_psCount(1); } }
/** * Evaluate a conventional tempcode variable, handling escaping * * @param LANGUAGE_NAME The language to evaluate this symbol in (some symbols refer to language elements) * @param array Array of escaping operations * @param integer The type of symbol this is (TC_SYMBOL, TC_LANGUAGE_REFERENCE) * @set 0 2 * @param ID_TEXT The name of the symbol * @param array Parameters to the symbol. For all but directive it is an array of strings. For directives it is an array of Tempcode objects. Actually there may be template-style parameters in here, as an influence of singular_bind and these may be Tempcode, but we ignore them. * @return mixed The result. Either tempcode, or a string. */ function ecv($lang, $escaped, $type, $name, $param) { global $TEMPCODE_SETGET, $CYCLES, $PREPROCESSABLE_SYMBOLS, $DISPLAYED_TITLE; //echo '<!--'.$name.'-->'."\n"; if ($type == TC_SYMBOL) { $escaped_codes = $name . ($escaped == array() ? '' : serialize($escaped)); $cacheable = $param == array() && !isset($GLOBALS['NON_CACHEABLE_SYMBOLS'][$name]); if ($cacheable) { global $SYMBOL_CACHE; if (isset($SYMBOL_CACHE[$escaped_codes])) { return $SYMBOL_CACHE[$escaped_codes]; } } $value = ''; if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($value); } $temp_array = array(); if (isset($PREPROCESSABLE_SYMBOLS[$name]) && $name != 'PAGE_LINK') { handle_symbol_preprocessing(array($escaped, $type, $name, $param), $temp_array); } // Late preprocessing. Should not be needed in case of full screen output (as this was properly preprocessed), but is in other cases switch ($name) { case 'PAGE_LINK': if (isset($param[0])) { list($zone, $map, $hash) = page_link_decode(is_object($param[0]) ? $param[0]->evaluate() : $param[0]); $skip = NULL; if (isset($param[4])) { $skip = array_flip(explode('|', $param[4])); } $avoid_remap = isset($param[1]) && $param[1] == '1'; $skip_keep = isset($param[2]) && $param[2] == '1'; $keep_all = isset($param[3]) && $param[3] == '1'; foreach ($map as $key => $val) { if (is_object($val)) { $map[$key] = $val->evaluate(); } } $value = _build_url($map, $zone, $skip, $keep_all, $avoid_remap, $skip_keep, $hash); } else { $value = get_zone_name() . ':' . get_page_name(); foreach ($_GET as $key => $val) { if ($key == 'page') { continue; } if (is_array($val)) { continue; } if (substr($key, 0, 5) == 'keep_' && !skippable_keep($key, $val)) { continue; } $value .= ':' . $key . '=' . $val; } } break; case 'SET': if (isset($param[1])) { if (isset($param[1]) && is_object($param[1])) { $TEMPCODE_SETGET[$param[0]] = $param[1]; } else { $param_copy = $param; unset($param_copy[0]); $TEMPCODE_SETGET[$param[0]] = implode(',', $param_copy); } } break; case 'GET': if (isset($param[0])) { if (isset($TEMPCODE_SETGET[$param[0]])) { if (is_object($TEMPCODE_SETGET[$param[0]])) { $TEMPCODE_SETGET[$param[0]] = $TEMPCODE_SETGET[$param[0]]->evaluate(); } $value = $TEMPCODE_SETGET[$param[0]]; } } break; case 'EQ': if (isset($param[1])) { $first = array_shift($param); $count = 0; foreach ($param as $test) { if ($first == $test) { $count++; break; } } $value = $count != 0 ? '1' : '0'; } break; case 'NEQ': if (isset($param[1])) { $first = array_shift($param); $count = 0; foreach ($param as $test) { if ($first == $test) { $count++; } } $value = $count == 0 ? '1' : '0'; } break; case 'NOT': if (isset($param[0])) { $value = $param[0] == '1' || $param[0] == '1' ? '0' : '1'; } break; case 'OR': $count = 0; foreach ($param as $test) { if ($test == '1' || $test == '1') { $count++; } } $value = $count > 0 ? '1' : '0'; break; case 'AND': $count = 0; foreach ($param as $test) { if ($test == '1' || $test == '1') { $count++; } } $value = $count == count($param) ? '1' : '0'; break; case 'HAS_ACTUAL_PAGE_ACCESS': if (isset($param[0])) { $value = has_actual_page_access($param !== NULL && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], isset($param[1]) ? $param[1] : NULL) ? '1' : '0'; } break; case '?': if (isset($param[1])) { $value = $param[0] == '1' || $param[0] == '1' ? $param[1] : (isset($param[2]) ? $param[2] : $value); } break; case 'IMG': if (isset($param[0]) && isset($GLOBALS['SITE_DB']) && function_exists('find_theme_image') && $GLOBALS['IN_MINIKERNEL_VERSION'] == 0) { $value = find_theme_image($param[0], isset($param[3]) && $param[3] == '1', false, array_key_exists(2, $param) && $param[2] != '' ? $param[2] : NULL, NULL, isset($param[1]) && $param[1] == '1' ? $GLOBALS['FORUM_DB'] : $GLOBALS['SITE_DB']); } break; case '': break; case 'META_DATA': if (isset($param[0])) { global $META_DATA; if (isset($param[1])) { $matches = array(); if ($param[0] == 'image' && preg_match('#^' . preg_quote(find_script('attachment'), '#') . '\\?id=(\\d+)#', $param[1], $matches) != 0) { require_code('attachments'); if (!has_attachment_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), intval($matches[1]))) { break; } } $META_DATA[$param[0]] = $param[1]; } else { $value = isset($META_DATA[$param[0]]) ? strip_comcode($META_DATA[$param[0]]) : ''; if ($value === NULL) { $value = ''; } } } break; case 'SPECIAL_CLICK_TO_EDIT': $_value = do_lang_tempcode('SPECIAL_CLICK_TO_EDIT'); $value = $_value->evaluate(); break; case 'KEEP': // What needs preserving in the URL $value = keep_symbol($param); break; case 'BROWSER': if (isset($param[1])) { $q = false; foreach (explode('|', $param[0]) as $browser) { $q = browser_matches($browser); if ($q) { break; } } $value = $q ? $param[1] : (isset($param[2]) ? $param[2] : ''); if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($value); } } break; case 'JAVASCRIPT_INCLUDE': if (isset($param[0])) { require_javascript($param[0]); /*// Has to do this inline, as you're not allowed to reference scripts outside head if (!array_key_exists($param[0],$GLOBALS['JAVASCRIPTS'])) { $GLOBALS['JAVASCRIPTS'][$param[0]]=1; $file=javascript_enforce($param[0]); $_value=do_template('JAVASCRIPT_NEED_INLINE',array('_GUID'=>'d6c907e26c5a8dd8c65f1d36a1a674a9','CODE'=>file_get_contents($file,FILE_TEXT))); $value=$_value->evaluate(); }*/ } break; case 'FACILITATE_AJAX_BLOCK_CALL': if (isset($param[0])) { require_javascript('javascript_ajax'); require_code('blocks'); $_block_constraints = block_params_to_block_signature(block_params_str_to_arr($param[0])); if (array_key_exists(1, $param)) { $_block_constraints = array_merge($_block_constraints, block_params_str_to_arr($param[1])); ksort($_block_constraints); } $block_constraints = block_params_arr_to_str($_block_constraints); // Store permissions $_auth_key = $GLOBALS['SITE_DB']->query_select('temp_block_permissions', array('id', 'p_time'), array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints), '', 1); if (!array_key_exists(0, $_auth_key)) { $auth_key = $GLOBALS['SITE_DB']->query_insert('temp_block_permissions', array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints, 'p_time' => time()), true); } else { $auth_key = $_auth_key[0]['id']; if (time() - $_auth_key[0]['p_time'] > 100) { $GLOBALS['SITE_DB']->query_update('temp_block_permissions', array('p_time' => time()), array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints), '', 1); } } $keep = symbol_tempcode('KEEP'); $value = find_script('snippet') . '?snippet=block&auth_key=' . urlencode(strval($auth_key)) . '&block_map=' . urlencode($param[0]) . $keep->evaluate(); } break; case 'LANG': $value = user_lang(); break; case '_GET': if (isset($param[0])) { $value = get_param($param[0], isset($param[1]) ? $param[1] : '', true); } break; case 'QUERY_STRING': $value = ocp_srv('QUERY_STRING'); break; case 'USER_AGENT': $value = ocp_srv('HTTP_USER_AGENT'); break; case 'STRIP_TAGS': if (isset($param[0])) { if (isset($param[1]) && $param[1] == '1') { $value = strip_tags(str_replace('))', ')', str_replace('((', '(', str_replace('<em>', '(', str_replace('</em>', ')', $param[0]))))); } else { $value = strip_tags($param[0], array_key_exists(2, $param) ? $param[2] : ''); } if (isset($param[1]) && $param[1] == '1') { $value = @html_entity_decode($value, ENT_QUOTES, get_charset()); } } break; case 'CONFIG_OPTION': if (isset($param[0])) { if (!isset($GLOBALS['OPTIONS'])) { $value = '0'; } else { $value = get_option($param[0], true); if ($value === NULL) { $value = ''; } } } break; case 'TRUNCATE_LEFT': // Truncate the left length of a string. 0: text to truncate, 1: the truncate length, 2: whether to use a tooltip mouse-over if it is truncated, 3: whether it is encoded as HTML (0=no [default, plain-text], 1=yes) $value = symbol_truncator($param, 'left'); break; case 'TRUNCATE_RIGHT': $value = symbol_truncator($param, 'right'); break; case 'TRUNCATE_SPREAD': $value = symbol_truncator($param, 'spread'); break; case 'TRUNCATE_EXPAND': $value = symbol_truncator($param, 'expand'); break; case 'THEME': if (isset($GLOBALS['FORUM_DRIVER'])) { $value = $GLOBALS['FORUM_DRIVER']->get_theme(); } else { $value = 'default'; } break; case 'REVERSE': if (isset($param[0])) { $value = implode(',', array_reverse(explode(',', $param[0]))); } break; case 'COMMA_LIST_GET': if (isset($param[1])) { require_code('blocks'); $values = block_params_str_to_arr($param[0]); $value = isset($values[$param[1]]) ? $values[$param[1]] : ''; } break; case 'COMMA_LIST_SET': if (isset($param[2])) { require_code('blocks'); $values = block_params_str_to_arr($param[0]); $values[$param[1]] = $param[2]; $value = block_params_arr_to_str($values); } break; case 'IS_EMPTY': if (isset($param[0])) { $value = $param[0] == '' ? '1' : '0'; } break; case 'IS_NON_EMPTY': if (isset($param[0])) { $value = $param[0] != '' ? '1' : '0'; } break; case 'CUSTOM_BASE_URL': $value = get_custom_base_url(isset($param[0]) && $param[0] != '' ? $param[0] == '1' : NULL); if (isset($param[1]) && $param[1] == '1') { $value = cdn_filter($value); } break; case 'LOAD_PANEL': foreach ($param as $i => $p) { if (is_object($p)) { $param[$i] = $p->evaluate(); } } global $LOADED_PANELS; if (strpos($param[0], ':') !== false) { $param = array_reverse(explode(':', $param[0], 2)); } if (substr($param[0], 0, 6) == 'panel_') { $param[0] = substr($param[0], 6); } $sr = serialize($param); $value = array_key_exists($sr, $LOADED_PANELS) ? $LOADED_PANELS[$sr] : ''; break; case 'HAS_JS': case 'JS_ON': if (isset($param[1])) { $value = has_js() ? $param[0] : $param[1]; } else { $value = has_js() ? '1' : '0'; } break; case 'BASE_URL_NOHTTP': $value = preg_replace('#^https?://[^/]+#', '', get_base_url()); if (substr($value, 0, 2) == '//') { $value = substr($value, 1); } if (!$GLOBALS['DEBUG_MODE']) { break; } // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on... // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on... case 'CUSTOM_BASE_URL_NOHTTP': $value = preg_replace('#^https?://[^/]+/#', '/', get_custom_base_url()); if (substr($value, 0, 2) == '//') { $value = substr($value, 1); } if (!$GLOBALS['DEBUG_MODE']) { break; } // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on... // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on... case 'BASE_URL': $value = get_base_url(isset($param[0]) ? $param[0] == '1' : NULL); break; case 'ZONE': $value = get_zone_name(); break; case 'PAGE': $value = get_page_name(); break; case 'SITE_NAME': $value = get_site_name(); break; case 'HEADER_TEXT': global $ZONE; $value = $ZONE['zone_header_text_trans']; break; case 'PANEL_WIDTH': if (isset($TEMPCODE_SETGET['PANEL_WIDTH']) && $TEMPCODE_SETGET['PANEL_WIDTH'] != '') { $value = $TEMPCODE_SETGET['PANEL_WIDTH']; } else { $value = get_option('panel_width', true); if ($value === NULL) { $value = '13.3em'; } } break; case 'PANEL_WIDTH_SPACED': if (isset($TEMPCODE_SETGET['PANEL_WIDTH_SPACED']) && $TEMPCODE_SETGET['PANEL_WIDTH_SPACED'] != '') { $value = $TEMPCODE_SETGET['PANEL_WIDTH_SPACED']; } else { $value = get_option('panel_width_spaced', true); if (is_null($value)) { $value = '14.3em'; } } break; case 'TRIM': if (isset($param[0])) { $value = preg_replace(array('#^\\s+#', '#^(<br\\s*/?' . '>\\s*)+#', '#^( )+#', '#\\s+$#', '#(<br\\s*/?' . '>\\s*)+$#', '#( )+$#'), array('', '', '', '', '', ''), $param[0]); } break; case 'CPF_VALUE': if (isset($param[0])) { if (is_numeric($param[0])) { require_code('ocf_members'); $fields = ocf_get_custom_fields_member(isset($param[1]) ? intval($param[1]) : get_member()); if (array_key_exists(intval($param[0]), $fields)) { $_value = $fields[intval($param[0])]; } } elseif (substr($param[0], 0, 2) == 'm_' && strpos(strtolower($param[0]), 'hash') === false && strpos(strtolower($param[0]), 'salt') === false) { $_value = $GLOBALS['FORUM_DRIVER']->get_member_row_field(isset($param[1]) ? intval($param[1]) : get_member(), $param[0]); } else { $_value = get_ocp_cpf($param[0], isset($param[1]) ? intval($param[1]) : NULL); } if (!is_string($_value)) { $value = is_null($_value) ? '' : strval($_value); } else { $value = $_value; } } break; case 'BANNER': if (addon_installed('banners')) { global $SITE_INFO; $is_on_banners = get_option('is_on_banners') == '1' && (!has_specific_permission(get_member(), 'banner_free') || $GLOBALS['FORUM_DRIVER']->is_super_admin(get_member()) && get_option('admin_banners') == '1' || !is_null($GLOBALS['CURRENT_SHARE_USER'])); if (array_key_exists('throttle_bandwidth_registered', $SITE_INFO)) { $views_till_now = intval(get_value('page_views')); $bandwidth_allowed = $SITE_INFO['throttle_bandwidth_registered']; $total_bandwidth = intval(get_value('download_bandwidth')); if ($bandwidth_allowed * 1024 * 1024 >= $total_bandwidth) { $is_on_banners = false; } } if ($is_on_banners && !is_page_https(get_zone_name(), get_page_name())) { require_code('banners'); $b_type = isset($param[0]) ? $param[0] : ''; $internal_only = isset($param[1]) ? intval($param[1]) : ($b_type == '' ? 0 : 1); if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) { $_value = banners_script(true, '', '', $b_type, $internal_only, ''); $value = $_value->evaluate(); } else { $value = 'Banner goes here'; } } } break; case 'AVATAR': $value = $GLOBALS['FORUM_DRIVER']->get_member_avatar_url(isset($param[0]) ? intval($param[0]) : get_member()); if (url_is_local($value) && $value != '') { $value = get_custom_base_url() . '/' . $value; } break; case 'IS_GUEST': if (isset($param[0])) { $value = is_guest(intval($param[0])) ? '1' : '0'; } else { $value = is_guest() ? '1' : '0'; } break; case 'MEMBER': $value = strval(get_member()); break; case 'USER': if (!isset($param[0])) { $value = strval(get_member()); } else { $member_id = $GLOBALS['FORUM_DRIVER']->get_member_from_username($param[0]); $value = is_null($member_id) ? '' : strval($member_id); } break; case 'CSS_INCLUDE': if (isset($param[0])) { require_css($param[0]); /*// Has to do this inline, as you're not allowed to reference sheets outside head if (!array_key_exists($param[0],$GLOBALS['CSSS'])) { $GLOBALS['CSSS'][$param[0]]=1; $file=css_enforce($param[0]); $_value=do_template('CSS_NEED_INLINE',array('_GUID'=>'9de994d2f6d47a622d49347feb7ebe96','CSS'=>str_replace('../../../../',get_base_url().'/',file_get_contents($file,FILE_TEXT)))); $value=$_value->evaluate(); }*/ } break; case 'USER_OVERIDE': $value = get_param('id', ''); if (!is_numeric($value) || $value == '') { $value = strval(get_member()); } break; case 'IS_HTTPAUTH_LOGIN': $value = is_httpauth_login() ? '1' : '0'; break; case 'MEMBER_PROFILE_LINK': $value = $GLOBALS['FORUM_DRIVER']->member_profile_url(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member(), false, true); if (is_null($value)) { $value = ''; } break; case 'USERNAME': $value = $GLOBALS['FORUM_DRIVER']->get_username(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member()); if (is_null($value)) { $value = do_lang('UNKNOWN'); } break; case 'CYCLE': if (isset($param[0])) { if (!isset($CYCLES[$param[0]])) { $CYCLES[$param[0]] = 0; } if (!isset($param[1])) { $value = strval($CYCLES[$param[0]]); } else { if (count($param) == 2) { $param = array_merge(array($param[0]), explode(',', $param[1])); } ++$CYCLES[$param[0]]; if (!array_key_exists($CYCLES[$param[0]], $param)) { $CYCLES[$param[0]] = 1; } $value = $param[$CYCLES[$param[0]]]; } } break; case 'THUMBNAIL': require_code('images'); $value = _symbol_thumbnail($param); break; case 'IMAGE_WIDTH': require_code('images'); list($value, ) = _symbol_image_dims($param); break; case 'IMAGE_HEIGHT': require_code('images'); list(, $value) = _symbol_image_dims($param); break; case 'IS_IN_GROUP': if (isset($param[0])) { if (in_array($param[count($param) - 1], array('', 'primary', 'secondary'))) { $last_param = $param[count($param) - 1]; unset($param[count($param) - 1]); } else { $last_param = ''; } $member_id = get_member(); $new_param = ''; $param_2 = array(); foreach ($param as $group) { if (substr($group, 0, 1) == '!' && is_numeric(substr($group, 1))) { $member_id = intval(substr($group, 1)); } else { $param_2 = array_merge($param_2, explode(',', $group)); } } foreach ($param_2 as $group) { if ($new_param != '') { $new_param .= ','; } $new_param .= $group; } if ($last_param == 'primary') { $member_row = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id); $real_group_list = array($GLOBALS['FORUM_DRIVER']->pname_group($member_row)); } elseif ($last_param == 'secondary') { $real_group_list = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id); $member_row = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id); $real_group_list = array_diff($real_group_list, array($GLOBALS['FORUM_DRIVER']->pname_group($member_row))); } else { $real_group_list = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id); } require_code('ocfiltering'); $value = count(array_intersect(ocfilter_to_idlist_using_memory($new_param, $GLOBALS['FORUM_DRIVER']->get_usergroup_list()), $real_group_list)) != 0 ? '1' : '0'; } break; case 'IS_STAFF': if (isset($GLOBALS['FORUM_DRIVER'])) { $value = $GLOBALS['FORUM_DRIVER']->is_staff(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member()) ? '1' : '0'; } else { $value = '0'; } break; case 'IS_SUPER_ADMIN': if (isset($GLOBALS['FORUM_DRIVER'])) { $value = $GLOBALS['FORUM_DRIVER']->is_super_admin(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member()) ? '1' : '0'; } else { $value = '0'; } break; case 'PHOTO': if (isset($param[0])) { $value = $GLOBALS['FORUM_DRIVER']->get_member_photo_url(intval($param[0])); if (url_is_local($value) && $value != '') { $value = get_custom_base_url() . '/' . $value; } } break; case 'OCF_RANK_IMAGE': if (addon_installed('ocf_forum')) { require_code('ocf_groups'); $rank_images = new ocp_tempcode(); $member_id = isset($param[0]) ? intval($param[0]) : get_member(); $posters_groups = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id, true); foreach ($posters_groups as $group) { $rank_image = ocf_get_group_property($group, 'rank_image'); $group_leader = ocf_get_group_property($group, 'group_leader'); $group_name = ocf_get_group_name($group); $rank_image_pri_only = ocf_get_group_property($group, 'rank_image_pri_only'); if ($rank_image != '' && ($rank_image_pri_only == 0 || $group == $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_primary_group'))) { $rank_images->attach(do_template('OCF_RANK_IMAGE', array('USERNAME' => $GLOBALS['FORUM_DRIVER']->get_username($member_id), 'GROUP_NAME' => $group_name, 'IMG' => $rank_image, 'IS_LEADER' => $group_leader == $member_id))); } } $value = $rank_images->evaluate(); } break; case 'TOTAL_POINTS': if (addon_installed('points')) { require_code('points'); $value = strval(total_points(isset($param[0]) ? intval($param[0]) : get_member())); } break; case 'POINTS_USED': if (addon_installed('points')) { require_code('points'); $value = strval(points_used(isset($param[0]) ? intval($param[0]) : get_member())); } break; case 'AVAILABLE_POINTS': if (addon_installed('points')) { require_code('points'); $value = strval(available_points(isset($param[0]) ? intval($param[0]) : get_member())); } break; case 'URL_FOR_GET_FORM': if (isset($param[0])) { $url_bits = parse_url($param[0]); if (array_key_exists('scheme', $url_bits)) { $value = $url_bits['scheme'] . '://' . (array_key_exists('host', $url_bits) ? $url_bits['host'] : 'localhost'); if (array_key_exists('port', $url_bits) && $url_bits['port'] != 80) { $value .= ':' . strval($url_bits['port']); } } if (array_key_exists('path', $url_bits)) { $value .= $url_bits['path']; } } break; case 'HIDDENS_FOR_GET_FORM': $_value = new ocp_tempcode(); $url_bits = parse_url($param[0]); if (array_key_exists('query', $url_bits) && $url_bits['query'] != '') { foreach (explode('&', $url_bits['query']) as $exp) { $parts = explode('=', $exp, 2); if (count($parts) == 2) { if (!in_array($parts[0], $param)) { $_value->attach(form_input_hidden($parts[0], urldecode($parts[1]))); } } } } $value = $_value->evaluate(); break; case 'NOTIFICATIONS_ENABLED': $value = ''; if (array_key_exists(0, $param)) { require_code('notifications'); $value = notifications_enabled(array_key_exists(1, $param) ? $param[1] : get_page_name(), $param[0]) ? '1' : '0'; } break; case 'DOCUMENT_HELP': global $DOCUMENT_HELP, $HELPER_PANEL_TUTORIAL; $value = $DOCUMENT_HELP; if ($value == '' && $HELPER_PANEL_TUTORIAL != '') { $value = brand_base_url() . '/docs' . strval(ocp_version()) . '/pg/' . $HELPER_PANEL_TUTORIAL; } break; case 'HTTP_STATUS_CODE': global $HTTP_STATUS_CODE; $value = $HTTP_STATUS_CODE; break; case 'TEMPCODE': if (isset($param[0])) { require_code('tempcode_compiler'); $_value = template_to_tempcode($param[0]); $value = $_value->evaluate(); } break; case 'COMCODE': if (isset($param[0])) { $_value = comcode_to_tempcode($param[0], NULL, true); $value = $_value->evaluate(); } break; case 'FLAGRANT': $_value = get_flagrant(); $value = $_value->evaluate(); break; case 'IMG_WIDTH': case 'IMG_HEIGHT': if (isset($param[0]) && isset($GLOBALS['SITE_DB']) && function_exists('find_theme_image') && $GLOBALS['IN_MINIKERNEL_VERSION'] == 0) { global $THEME_IMG_DIMS_CACHE; if (!isset($THEME_IMG_DIMS_CACHE)) { $THEME_IMG_DIMS_CACHE = function_exists('persistant_cache_get') ? persistant_cache_get('THEME_IMG_DIMS') : array(); } if (isset($THEME_IMG_DIMS_CACHE[$param[0]])) { list($width, $height) = $THEME_IMG_DIMS_CACHE[$param[0]]; $value = $name == 'IMG_WIDTH' ? $width : $height; } else { if (strpos($param[0], '://') === false) { $img_url = find_theme_image($param[0], false, false, array_key_exists(2, $param) ? $param[2] : NULL, NULL, isset($param[1]) && $param[1] == '1' ? $GLOBALS['FORUM_DB'] : $GLOBALS['SITE_DB']); } else { $img_url = $param[0]; } require_code('images'); list($width, $height) = _symbol_image_dims(array($img_url)); $value = $name == 'IMG_WIDTH' ? $width : $height; $THEME_IMG_DIMS_CACHE[$param[0]] = array($width, $height); if (function_exists('persistant_cache_set')) { persistant_cache_set('THEME_IMG_DIMS', $THEME_IMG_DIMS_CACHE); } } } break; case 'CLEAN_FILE_SIZE': if (isset($param[0])) { $bytes = is_numeric($param[0]) ? intval($param[0]) : NULL; require_code('files'); $value = clean_file_size($bytes); } break; case 'TIME_PERIOD': if (isset($param[0])) { $value = display_time_period(intval($param[0])); } break; case 'MAKE_RELATIVE_DATE': if (isset($param[0])) { if (get_option('use_contextual_dates') == '0' && (!array_key_exists(1, $param) || $param[1] != '1')) { $value = get_timezoned_date(intval($param[0])); } else { $value = display_time_period(time() - intval($param[0])); } } break; case 'TIMEZONE': $value = make_nice_timezone_name(get_site_timezone()); break; case 'LOAD_PAGE': foreach ($param as $i => $p) { if (is_object($p)) { $param[$i] = $p->evaluate(); } } global $LOADED_PAGES; if (strpos($param[0], ':') !== false) { $param = array_reverse(explode(':', $param[0], 2)); } $_value = $LOADED_PAGES[serialize($param)]; $value = $_value->evaluate(); break; case 'RUNNING_SCRIPT': if (isset($param[0])) { $value = running_script($param[0]) ? '1' : '0'; } break; case 'MATCH_KEY_MATCH': $value = '0'; foreach ($param as $match_key) { if ($match_key == '1' || $match_key == '0' || $match_key == '') { continue; } if (match_key_match($match_key, isset($param[1]) && $match_key == '1')) { $value = '1'; } } break; case 'VERSION': $value = strval(ocp_version()); break; case 'PREVIEW_VALIDATION': $value = get_option('is_on_preview_validation') == '1' ? '1' : '0'; break; case 'BLOCK': if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) { foreach ($param as $i => $p) { if (is_object($p)) { $param[$i] = $p->evaluate(); } } if (count($param) == 1 && strpos($param[0], ',') !== false) { $param = preg_split('#((?<!\\\\)|(?<=\\\\\\\\)|(?<=^)),#', $param[0]); foreach ($param as $key => $val) { $param[$key] = str_replace('\\,', ',', $val); } } global $LOADED_BLOCKS; if (isset($LOADED_BLOCKS[serialize($param)])) { // Will always be set $value = $LOADED_BLOCKS[serialize($param)]->evaluate(); } } break; case 'CURRENCY': if (addon_installed('ecommerce')) { if (isset($param[0])) { require_code('currency'); $value = currency_convert(floatval(str_replace(',', '', $param[0])), isset($param[1]) && $param[1] != '' ? $param[1] : get_option('currency'), isset($param[2]) && $param[2] != '' ? $param[2] : NULL, isset($param[3]) && $param[3] == '1'); if (is_null($value)) { $value = do_lang('INTERNAL_ERROR'); } } else { $value = get_option('currency'); } } break; case 'CURRENCY_SYMBOL': if (addon_installed('ecommerce')) { require_code('ecommerce'); $value = ecommerce_get_currency_symbol(); } break; case 'GEOLOCATE': $value = geolocate_ip(isset($param[0]) ? $param[0] : NULL); break; case 'NO_SAFE_MODE': $value = str_replace(array('on', 'true', 'yes'), array('1', '1', '1'), strtolower(ini_get('safe_mode'))) == '1' ? '0' : '1'; break; case 'FORCE_PREVIEWS': if (get_option('forced_preview_option') == '1') { if (get_forum_type() == 'ocf') { if (is_guest() && get_option('default_preview_guests') == '0') { $value = '0'; } else { $value = $GLOBALS['FORUM_DRIVER']->get_member_row_field(get_member(), 'm_preview_posts') == 1 ? '1' : '0'; } } else { $value = get_option('default_preview_guests') == '0' ? '0' : '1'; } } else { $value = '0'; } break; case 'PREVIEW_URL': $value = find_script('preview'); $value .= '?page=' . get_page_name(); $value .= '&type=' . get_param('type', '', true); break; case 'ADDON_INSTALLED': if (isset($param[0]) && !running_script('install')) { $value = addon_installed($param[0]) ? '1' : '0'; } break; case 'VALUE_OPTION': if (isset($param[0])) { $value = function_exists('get_value') ? get_value($param[0]) : ''; if (is_null($value)) { $value = function_exists('get_long_value') ? get_long_value($param[0]) : ''; if (is_null($value)) { $value = isset($param[1]) ? $param[1] : ''; if ($param[0] == 'textmate' && (ocp_srv('HTTP_HOST') == 'localhost' && strpos(ocp_srv('HTTP_USER_AGENT'), 'Macintosh') !== false)) { $value = '1'; } } } } break; case 'KEEP_INDEX': // What needs preserving in the URL $value = 'index.php'; if (count($_GET) > 0) { foreach ($_GET as $key => $val) { if (is_array($val)) { continue; } if (get_magic_quotes_gpc()) { $val = stripslashes($val); } if (substr($key, 0, 5) == 'keep_' && !skippable_keep($key, $val) && strpos($key, '_expand_') === false) { $value .= ($value == 'index.php' ? '?' : '&') . urlencode($key) . '=' . ocp_url_encode($val); } } } break; case 'HIDE_HELP_PANEL': $value = array_key_exists('hide_help_panel', $_COOKIE) && $_COOKIE['hide_help_panel'] == '1' ? '1' : '0'; break; case 'URLISE_LANG': if (isset($param[1])) { $_value = urlise_lang($param[0], $param[1], isset($param[2]) ? $param[2] : '', isset($param[3]) ? $param[3] == '1' : false); $value = $_value->evaluate(); } break; case 'FIND_SCRIPT_NOHTTP': if (isset($param[0]) && function_exists('find_script')) { $value = preg_replace('#^https?://[^/]+#', '', find_script($param[0], false, isset($param[1]) ? intval($param[1]) : 0)); } if (!$GLOBALS['DEBUG_MODE']) { break; } // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on... // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on... case 'FIND_SCRIPT': if (isset($param[0]) && function_exists('find_script')) { $value = find_script($param[0], false, isset($param[1]) ? intval($param[1]) : 0); } break; case 'MOBILE': $value = is_mobile(NULL, array_key_exists(0, $param) ? $param[0] == '1' : false) ? '1' : '0'; break; case 'VALID_FILE_TYPES': $value = get_option('valid_types'); $types = array_flip(explode(',', $value)); $value = ''; ksort($types); foreach (array_flip($types) as $val) { $value .= $val . ','; } $value = substr($value, 0, strlen($value) - 1); break; case 'BROWSER_UA': $browser = get_browser_string(); $value = $browser; break; case 'OS': $os = get_os_string(); if (is_null($os)) { $os = ''; } $value = $os; break; case 'ANCHOR': if (isset($param[0])) { $_value = do_template('ANCHOR', array('_GUID' => '8795c70c9dd7c6217bb765264ac24092', 'NAME' => $param[0])); $value = $_value->evaluate(); } break; case 'CSS_TEMPCODE': $_value = css_tempcode(); $value = $_value->evaluate(); break; case 'JS_TEMPCODE': $_value = javascript_tempcode(isset($param[0]) ? $param[0] : NULL); $value = $_value->evaluate(); break; case 'PAD_LEFT': if (array_key_exists(1, $param)) { $value = str_pad($param[0], intval($param[1]), array_key_exists(2, $param) ? $param[2] : '', STR_PAD_LEFT); } break; case 'PAD_RIGHT': if (array_key_exists(1, $param)) { $value = str_pad($param[0], intval($param[1]), array_key_exists(2, $param) ? $param[2] : '', STR_PAD_RIGHT); } break; case 'PAGE_TITLE': $value = is_null($DISPLAYED_TITLE) ? '' : $DISPLAYED_TITLE->evaluate(); break; case 'SET_TITLE': if (array_key_exists(0, $param)) { get_page_title($param[0], false); } break; case 'EXTRA_HEAD': $_value = $GLOBALS['EXTRA_HEAD']; if ($_value === NULL) { $_value = new ocp_tempcode(); } $value = $_value->evaluate(); break; case 'EXTRA_FOOT': if ($GLOBALS['EXTRA_FOOT'] === NULL) { $GLOBALS['EXTRA_FOOT'] = new ocp_tempcode(); } $_value = $GLOBALS['EXTRA_FOOT']; if (array_key_exists(0, $param)) { $GLOBALS['EXTRA_FOOT']->attach($param[0]); } else { $value = $_value->evaluate(); } break; case 'RAND': if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['RAND'])) { $GLOBALS['NO_EVAL_CACHE'] = true; $value = strval(mt_rand(0, 32000)); } else { $value = '4'; } break; case 'SET_RAND': if (isset($param[0])) { if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) { $GLOBALS['NO_EVAL_CACHE'] = true; $value = $param[mt_rand(0, count($param) - 1)]; } else { $value = $param[0]; } } break; case 'COPYRIGHT': $value = str_replace('$CURRENT_YEAR', date('Y'), get_option('copyright')); break; case 'KEYWORDS_SPACED': $value = str_replace(',', ' ', get_option('keywords')); break; case 'STAFF_ADDRESS_PURE': $value = get_option('staff_address'); break; case 'STAFF_ADDRESS': require_code('obfuscate'); $value = obfuscate_email_address(get_option('staff_address')); break; case 'DOMAIN': $value = get_domain(); break; case 'BRAND_NAME': $value = function_exists('get_value') ? get_value('rebrand_name') : NULL; if (is_null($value)) { $value = 'ocPortal'; } break; case 'BRAND_BASE_URL': $value = brand_base_url(); break; case 'SHOW_DOCS': $value = get_option('show_docs') === '0' ? '0' : '1'; break; case 'MEMBER_EMAIL': $value = $GLOBALS['FORUM_DRIVER']->get_member_email_address(isset($param[0]) ? intval($param[0]) : get_member()); break; case 'OCF_MEMBER_HTML': if (get_forum_type() == 'ocf') { require_code('ocf_members'); require_code('ocf_members2'); $_value = ocf_show_member_box(isset($param[0]) ? intval($param[0]) : get_member()); $value = $_value->evaluate(); } break; case 'HAS_SPECIFIC_PERMISSION': if (isset($param[0])) { $value = has_specific_permission(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0'; } break; case 'HAS_ZONE_ACCESS': if (isset($param[0])) { $value = has_zone_access(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0'; } break; case 'HAS_PAGE_ACCESS': if (isset($param[0]) && isset($param[1])) { $value = has_page_access(!is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], $param[1], !is_null($param) && isset($param[3]) ? $param[3] == '1' : false) ? '1' : '0'; } break; case 'HAS_CATEGORY_ACCESS': if (isset($param[0])) { $value = has_category_access(!is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], $param[1]) ? '1' : '0'; } break; case 'HAS_ATTACHMENT_ACCESS': if (isset($param[0])) { require_code('attachments'); $value = has_attachment_access(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0'; } break; case 'HAS_SUBMIT_PERMISSION': if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high')) { $value = has_submit_permission(strtolower($param[0]), !is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), !is_null($param) && isset($param[2]) ? $param[2] : get_ip_address(), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0'; } break; case 'HAS_DELETE_PERMISSION': if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high') && isset($param[1])) { $value = has_delete_permission(strtolower($param[0]), !is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), intval($param[1]), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0'; } break; case 'HAS_EDIT_PERMISSION': if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high') && isset($param[1])) { $value = has_edit_permission(strtolower($param[0]), !is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), intval($param[1]), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0'; } break; case 'ENTITY_DECODE': if (isset($param[0])) { $value = @html_entity_decode($param[0], ENT_QUOTES, get_charset()); } break; case 'RESET_CYCLE': if (isset($param[0])) { $CYCLES[$param[0]] = 0; } break; case 'SITE_SCOPE': $value = get_option('site_scope'); break; case 'LAST_VISIT_TIME': if (get_forum_type() == 'ocf') { $member_info = ocf_read_in_member_profile(get_member(), true); $value = strval($member_info['last_visit_time']); } break; case 'NUM_NEW_TOPICS': if (get_forum_type() == 'ocf') { $member_info = ocf_read_in_member_profile(get_member(), true); $_new_topics = $GLOBALS['FORUM_DB']->query('SELECT COUNT(*) AS mycnt FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_topics WHERE NOT t_forum_id IS NULL AND t_cache_first_time>' . strval((int) $member_info['last_visit_time'])); $new_topics = $_new_topics[0]['mycnt']; $value = strval($new_topics); } break; case 'NUM_NEW_POSTS': if (get_forum_type() == 'ocf') { $member_info = ocf_read_in_member_profile(get_member(), true); $_new_posts = $GLOBALS['FORUM_DB']->query('SELECT COUNT(*) AS mycnt FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_posts WHERE NOT p_cache_forum_id IS NULL AND p_time>' . strval((int) $member_info['last_visit_time'])); $new_posts = $_new_posts[0]['mycnt']; $value = strval($new_posts); } break; case 'HAS_FORUM': $value = has_no_forum() ? '0' : '1'; break; case 'OCF': $value = get_forum_type() == 'ocf' ? '1' : '0'; break; case 'BOARD_PREFIX': $value = get_forum_base_url(); break; case 'DATE_AND_TIME': $use_contextual_dates = isset($param[0]) && $param[0] == '1'; $verbose = isset($param[1]) && $param[1] == '1'; $server_time = isset($param[2]) && $param[2] == '1'; $time = isset($param[3]) ? intval($param[3]) : time(); $value = get_timezoned_date($time, true, $verbose, $server_time, !$use_contextual_dates); break; case 'DATE': $use_contextual_dates = isset($param[0]) && $param[0] == '1'; $verbose = isset($param[1]) && $param[1] == '1'; $server_time = isset($param[2]) && $param[2] == '1'; $time = isset($param[3]) ? intval($param[3]) : time(); $value = get_timezoned_date($time, false, $verbose, $server_time, !$use_contextual_dates); break; case 'TIME': $time = isset($param[0]) ? intval($param[0]) : time(); $value = get_timezoned_time($time); break; case 'SECONDS_PERIOD': if (array_key_exists(0, $param)) { $value = display_seconds_period(intval($param[0])); } break; case 'FROM_TIMESTAMP': if (isset($param[0])) { $timestamp = isset($param[1]) ? intval($param[1]) : time(); if (!array_key_exists(2, $param) || $param[2] == '1') { $timestamp = utctime_to_usertime($timestamp); } $value = locale_filter(my_strftime($param[0], $timestamp)); if ($value == $param[0]) { // If no conversion happened then the syntax must have been for 'date' not 'strftime' $value = date($param[0], $timestamp); } } else { $timestamp = time(); $value = strval($timestamp); } break; case 'TO_TIMESTAMP': if (isset($param[0])) { $value = strval(strtotime($param[0])); if (array_key_exists(1, $param) && $param[1] == '1') { $value = strval(usertime_to_utctime(intval($value))); } // '1' means date was in user-time so needs converting to a UTC timestamp } else { $value = strval(time()); } break; case 'SESSION_HASHED': $value = md5(strval(get_session_id())); break; case 'SESSION': $value = strval(get_session_id()); break; case 'IN_ARRAY': if (isset($param[1])) { $array = array_slice($param, 1); $value = in_array($param[0], $array) ? '1' : '0'; } break; case 'MULT': if (isset($param[1])) { $value = float_to_raw_string(floatval($param[0]) * floatval($param[1]), 2, true); } break; case 'ROUND': if (isset($param[0])) { $amount = isset($param[1]) ? intval($param[1]) : 0; if ($amount > 0) { $value = float_format(floatval($param[0]), $amount); } else { $value = strval(intval(round(floatval($param[0]), $amount))); } } break; case 'DEV_MODE': $value = $GLOBALS['DEBUG_MODE'] ? '1' : '0'; break; case 'BROWSER_MATCHES': if (isset($param[0])) { $q = false; foreach (explode('|', $param[0]) as $browser) { $q = browser_matches($browser); if ($q) { break; } } $value = $q ? '1' : '0'; } break; case 'ISSET': if (isset($param[0])) { $value = isset($TEMPCODE_SETGET[$param[0]]) ? '1' : '0'; } break; case 'INIT': if (isset($param[1])) { if (!isset($TEMPCODE_SETGET[$param[0]])) { $TEMPCODE_SETGET[$param[0]] = $param[1]; } } break; case 'INC': if (isset($param[0])) { if (!isset($TEMPCODE_SETGET[$param[0]])) { $TEMPCODE_SETGET[$param[0]] = '0'; } $TEMPCODE_SETGET[$param[0]] = strval(intval($TEMPCODE_SETGET[$param[0]]) + 1); } break; case 'DEC': if (isset($param[0])) { if (!isset($TEMPCODE_SETGET[$param[0]])) { $TEMPCODE_SETGET[$param[0]] = '0'; } $TEMPCODE_SETGET[$param[0]] = strval(intval($TEMPCODE_SETGET[$param[0]]) - 1); } break; case 'PREG_MATCH': if (isset($param[1])) { $value = preg_match('#' . str_replace('#', '\\#', $param[0]) . '#' . (isset($param[2]) ? str_replace('e', '', $param[2]) : ''), $param[1]) != 0 ? '1' : '0'; } break; case 'PREG_REPLACE': if (isset($param[2])) { $value = preg_replace('#' . str_replace('#', '\\#', $param[0]) . '#' . (isset($param[3]) ? str_replace('e', '', $param[3]) : ''), $param[1], $param[2]); } break; case 'MAX': if (isset($param[0])) { $value = strval(max(intval($param[0]), intval($param[1]))); } break; case 'MIN': if (isset($param[0])) { $value = strval(min(intval($param[0]), intval($param[1]))); } break; case 'MOD': if (isset($param[0])) { $value = strval(max(intval($param[0]), -intval($param[0]))); } break; case 'REM': if (isset($param[1])) { $value = strval(intval($param[0]) % intval($param[1])); } break; case 'DIV_FLOAT': if (isset($param[1])) { $value = float_to_raw_string(floatval($param[0]) / floatval($param[1]), 2, true); } break; case 'DIV': if (isset($param[1])) { $value = strval(intval(floor(floatval($param[0]) / floatval($param[1])))); } break; case 'SUBTRACT': if (isset($param[1])) { $value = float_to_raw_string(floatval(str_replace(',', '', $param[0])) - floatval(str_replace(',', '', $param[1])), 2, true); } break; case 'ADD': if (isset($param[1])) { $value = float_to_raw_string(floatval(str_replace(',', '', $param[0])) + floatval(str_replace(',', '', $param[1])), 2, true); } break; case 'WCASE': if (isset($param[0])) { $value = ucwords($param[0]); } break; case 'LCASE': if (isset($param[0])) { $value = ocp_mb_strtolower($param[0]); } break; case 'UCASE': if (isset($param[0])) { $value = ocp_mb_strtoupper($param[0]); } break; case '_POST': if (isset($param[0])) { $value = post_param($param[0], isset($param[1]) ? $param[1] : ''); } break; case 'REPLACE': if (isset($param[2])) { $value = str_replace($param[0], $param[1], $param[2]); if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) { ocp_mark_as_escaped($value); } } break; case 'AT': if (isset($param[1])) { $value = ocp_mb_substr($param[0], intval($param[1]), 1); } break; case 'STRPOS': if (isset($param[1])) { $t_value = strpos($param[0], $param[1]); $value = $t_value === false ? '0' : strval($t_value); } break; case 'IN_STR': if (isset($param[1])) { if ($param[1] == '') { $value = '0'; } else { $value = '0'; foreach ($param as $i => $check) { if (is_integer($i) && $i != 0 && $check != '') { if (strpos($param[0], $check) !== false) { $value = '1'; break; } } } } } break; case 'SUBSTR_COUNT': if (isset($param[1])) { $value = strval(substr_count($param[0], $param[1])); } break; case 'SUBSTR': if (isset($param[1])) { $value = ocp_mb_substr($param[0], intval($param[1]), isset($param[2]) ? intval($param[2]) : strlen($param[0])); } break; case 'LENGTH': if (isset($param[0])) { $value = strval(ocp_mb_strlen($param[0])); } break; case 'WORDWRAP': if (isset($param[1])) { $cut = isset($param[3]) && $param[3] == '1'; $value = wordwrap($param[0], intval($param[1]), isset($param[2]) ? $param[2] : '<br />', $cut); if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) { ocp_mark_as_escaped($value); } } break; case 'ALTERNATOR_TRUNCATED': // Alternate values according to whether some given text WOULD have been truncated. 0: text to check against, 1: the truncate length, 2:IF would not be do this, 3: if it would be do this, 4: whether given text is encoded as HTML (0=no [default, plain-text], 1=yes) if (isset($param[3])) { $amount = intval($param[1]); $is_html = isset($param[4]) && $param[4] == '1'; if (strlen($is_html ? strip_tags($param[0]) : $param[0]) > $amount) { $value = $param[3]; } else { $value = $param[2]; } } break; case 'ESCAPE': if (isset($param[0])) { $d_escaping = array(isset($param[1]) ? constant($param[1]) : ENTITY_ESCAPED); if (is_string($param[0])) { apply_tempcode_escaping($d_escaping, $param[0]); } $value = $param[0]; } break; case 'COOKIE_PATH': $value = function_exists('get_cookie_path') ? get_cookie_path() : '/'; break; case 'COOKIE_DOMAIN': $s_value = function_exists('get_cookie_domain') ? get_cookie_domain() : ''; $value = is_null($s_value) ? '' : $s_value; break; case 'IS_A_COOKIE_LOGIN': global $IS_A_COOKIE_LOGIN; $value = $IS_A_COOKIE_LOGIN && ini_get('suhosin.cookie.max_name_length') !== '64' ? '1' : '0'; break; case 'GROUP_ID': if (isset($param[0])) { $groups = $GLOBALS['FORUM_DRIVER']->get_members_groups(isset($param[1]) ? intval($param[1]) : get_member()); $value = array_key_exists(intval($param[0]), $groups) ? strval($groups[intval($param[0])]) : ''; } break; case 'GROUP_NAME': if (isset($param[0])) { $groups = $GLOBALS['FORUM_DRIVER']->get_members_groups(isset($param[1]) ? intval($param[1]) : get_member()); if (array_key_exists(intval($param[0]), $groups)) { $all_usergroups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list(); $value = $all_usergroups[$groups[intval($param[0])]]; } if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) { ocp_mark_as_escaped($value); } } break; case 'NEGATE': if (isset($param[0])) { $value = strval(-intval($param[0])); } break; case 'XOR': $count = 0; foreach ($param as $test) { if ($test == '1' || $test == '1') { $count++; } } $value = $count == 1 ? '1' : '0'; break; case 'NOR': $count = 0; foreach ($param as $test) { if ($test == '1' || $test == '1') { $count++; } } $value = $count > 0 ? '0' : '1'; break; case 'NAND': $count = 0; foreach ($param as $test) { if ($test == '1' || $test == '1') { $count++; } } $value = $count == count($param) ? '0' : '1'; break; case 'LT': if (isset($param[1])) { $value = intval($param[0]) < intval($param[1]) ? '1' : '0'; } break; case 'GT': if (isset($param[1])) { $value = intval($param[0]) > intval($param[1]) ? '1' : '0'; } break; case 'COPPA_ON': $value = get_option('is_on_coppa') == '1' ? '1' : '0'; break; case 'OBFUSCATE': if (isset($param[0])) { require_code('obfuscate'); $value = obfuscate_entities($param[0]); } break; case 'FIX_ID': if (isset($param[0])) { $value = fix_id($param[0]); if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($value); } } break; case 'MAILTO': require_code('obfuscate'); $value = mailto_obfuscated(); break; case 'INLINE_STATS': $value = get_option('show_inline_stats') == '1' ? '1' : '0'; break; case 'ATTACHMENT_DOWNLOADS': if (isset($param[0])) { $db = $GLOBALS['SITE_DB']; if (isset($param[1]) && $param[1] == '1') { $db = $GLOBALS['FORUM_DB']; } $_value = $db->query_value_null_ok('attachments', 'a_num_downloads', array('id' => intval($param[0]))); $value = is_null($_value) ? '?' : strval($_value); } break; case 'CSS_DIMENSION_REDUCE': if (isset($param[1])) { $value = $param[0]; if (substr($value, -2) == 'px') { $b = $param[1]; $value = strval(intval(substr($value, 0, -2)) - intval($b)) . 'px'; } if ($value == '') { $value = '0px'; } } break; case 'COMMENT_COUNT': if (isset($param[1])) { if (get_option('is_on_comments') == '1') { $count = 0; $_comments = $GLOBALS['FORUM_DRIVER']->get_forum_topic_posts($GLOBALS['FORUM_DRIVER']->find_topic_id_for_topic_identifier(get_option('comments_forum_name'), $param[0] . '_' . $param[1]), $count, 0, 0, false); $_value = do_lang_tempcode('_COMMENTS', integer_format(0)); if (is_array($_comments)) { $_value = do_lang_tempcode('_COMMENTS', escape_html(integer_format($count))); } $value = $_value->evaluate(); } else { $value = do_lang('VIEW'); } } break; case 'CAN_SPELLCHECK': $value = function_exists('pspell_check') ? '1' : '0'; break; case 'AWARD_ID': if (array_key_exists(0, $param)) { $value = $GLOBALS['SITE_DB']->query_value_null_ok('award_archive', 'content_id', array('a_type_id' => intval($param[0])), 'ORDER BY date_and_time DESC'); if (is_null($value)) { $value = ''; } } break; case 'SELF_PAGE_LINK': $value = ''; if (running_script('index') || running_script('iframe')) { $value = get_zone_name() . ':' . get_page_name(); foreach ($_GET as $key => $val) { if ($key == 'page') { continue; } if (is_array($val)) { continue; } if (substr($key, 0, 5) == 'keep_') { continue; } $value .= ':' . $key . '=' . $val; } } break; case 'SET_TUTORIAL_LINK': $value = ''; if (array_key_exists(1, $param) && $param[1] != '' && $param[1][0] != '#') { set_tutorial_link($param[0], $param[1]); } break; case 'DISPLAY_CONCEPT': $value = ''; if (array_key_exists(0, $param)) { $key = $param[0]; $page_link = get_tutorial_link('concept___' . preg_replace('#[^\\w_]#', '_', $key)); if (is_null($page_link)) { $temp_tpl = make_string_tempcode($key); } else { list($zone, $attributes, $hash) = page_link_decode($page_link); $_url = build_url($attributes, $zone, NULL, false, false, false, $hash); $temp_tpl = do_template('COMCODE_CONCEPT', array('_GUID' => 'ee0cd05f87329923f05145180004d8a8', 'TEXT' => $key, 'URL' => $_url)); } $value = $temp_tpl->evaluate(); } break; case 'SELF_URL': $extra_params = NULL; if (isset($param[3])) { $extra_params = array(); $i = 3; while (isset($param[$i])) { $bits = explode('=', $param[$i], 2); if ($bits[1] == '<null>') { $bits[1] = NULL; } $extra_params[$bits[0]] = $bits[1]; $i++; } } $value = get_self_url(true, isset($param[0]) && $param[0] == '1', $extra_params, isset($param[1]) && $param[1] == '1', isset($param[2]) && $param[2] == '1'); break; case 'SHIFT_DECODE': if (isset($param[0])) { global $SHIFT_VARIABLES; $key = $param[0]; $value = isset($SHIFT_VARIABLES[$key]) ? $SHIFT_VARIABLES[$key]->evaluate() : ''; } break; case 'NUMBER_FORMAT': if (isset($param[0])) { $value = integer_format(intval($param[0])); } break; case 'FLOAT_FORMAT': if (isset($param[0])) { $value = float_format(floatval($param[0])); } break; case 'CURRENTLY_INVISIBLE': $value = is_invisible() ? '1' : '0'; break; case 'IS_FRIEND': if (isset($param[0])) { $test = $GLOBALS['SITE_DB']->query_value_null_ok('chat_buddies', 'member_likes', array('member_likes' => isset($param[1]) ? intval($param[1]) : get_member(), 'member_liked' => intval($param[0]))); $value = is_null($test) ? '0' : '1'; } break; case 'SSW': $value = get_option('ssw') == '1' ? '1' : '0'; break; case 'RATING': if (isset($param[1])) { require_code('feedback'); $rating = get_rating_simple_array(array_key_exists(3, $param) ? $param[3] : get_self_url(true), array_key_exists(4, $param) ? $param[4] : (is_null($DISPLAYED_TITLE) ? '' : $DISPLAYED_TITLE->evaluate()), $param[0], $param[1], array_key_exists(5, $param) ? $param[5] : 'RATING_FORM', array_key_exists(2, $param) ? $param[2] : NULL); if ($rating !== NULL) { if (!array_key_exists(2, $param) || $param[2] == '0') { $value = isset($rating['ALL_RATING_CRITERIA'][0]['RATING']) ? $rating['ALL_RATING_CRITERIA'][0]['RATING'] : ''; } else { $value = do_template('RATING_INLINE_STATIC', $rating); } if (is_object($value)) { $value = $value->evaluate(); } } } break; case 'VIEWS': if (isset($param[2])) { $id_field = 'id'; // Not allowed for security reasons if (preg_match('#^\\w*views\\w*$#', $param[1]) != 0) { $test = $GLOBALS['SITE_DB']->query_value_null_ok($param[0], $param[1], array($id_field => $param[2])); if (!is_null($test)) { $value = integer_format($test); } } } break; default: global $EXTRA_SYMBOLS; if (is_null($EXTRA_SYMBOLS)) { $EXTRA_SYMBOLS = array(); $hooks = find_all_hooks('systems', 'symbols'); foreach (array_keys($hooks) as $hook) { $EXTRA_SYMBOLS[$hook] = array(); } } if (array_key_exists($name, $EXTRA_SYMBOLS)) { if (!array_key_exists('ob', $EXTRA_SYMBOLS[$name])) { require_code('hooks/systems/symbols/' . filter_naughty_harsh($name)); $EXTRA_SYMBOLS[$name]['ob'] = object_factory('Hook_symbol_' . filter_naughty_harsh($name)); } $value = $EXTRA_SYMBOLS[$name]['ob']->run($param); break; } if (defined($name)) { $value = @strval(constant($name)); break; } $value = ''; require_code('site'); attach_message(do_lang_tempcode('MISSING_SYMBOL', escape_html($name)), 'warn'); } if ($escaped != array()) { if (is_object($value)) { $value = $value->evaluate(); } apply_tempcode_escaping($escaped, $value); } if ($cacheable) { $SYMBOL_CACHE[$escaped_codes] = $value; } return $value; } // Is it a directive? if ($type == TC_DIRECTIVE) { $value = ''; if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($value); } // In our param we should have a map of bubbled template parameters (under 'vars') and our numbered directive parameters if ($param === NULL) { $param = array(); } // Closure-based Tempcode parser may send in strings, so we need to adapt... foreach ($param as $key => $val) { if (is_string($val)) { $param[$key] = make_string_tempcode($val); } } if (!isset($param['vars'])) { $param['vars'] = array(); } switch ($name) { case 'SHIFT_ENCODE': break; case 'PARAM_INFO': $_value = do_template('PARAM_INFO', array('MAP' => $param['vars'])); $value = $_value->evaluate(); break; case 'CSS_INHERIT': // e.g. {+START,CSS_INHERIT,global,default,#886aa9}{+END} if (isset($param[0])) { require_code('css_and_js'); $css_file = $param[0]->evaluate(); $theme = isset($param[1]) ? $param[1]->evaluate() : 'default'; $seed = isset($param[2]) ? $param[2]->evaluate() : NULL; if ($seed == '') { $seed = NULL; } $dark = isset($param[3]) ? $param[3]->evaluate() == '1' : false; $algorithm = isset($param[4]) ? $param[4]->evaluate() : 'equations'; $value = css_inherit($css_file, $theme, $GLOBALS['FORUM_DRIVER']->get_theme(), $seed, $dark, $algorithm); } break; case 'FRACTIONAL_EDITABLE': foreach (array_keys($param) as $key) { if (!is_numeric($key)) { unset($param[$key]); } } if (isset($param[3])) { $edit_text = $param[0]->evaluate(); $edit_param_name = $param[1]->evaluate(); $edit_pagelink = $param[2]->evaluate(); $supports_comcode = (isset($param[4]) ? $param[3]->evaluate() : '0') == '1'; list($zone, $attributes, ) = page_link_decode($edit_pagelink); if ($zone == '_SEARCH') { $zone = get_module_zone($attributes['page']); } if (has_actual_page_access(get_member(), $attributes['page'], $zone) && has_zone_access(get_member(), 'adminzone')) { $keep = symbol_tempcode('KEEP'); $url = find_script('fractional_edit') . '?edit_param_name=' . urlencode($edit_param_name) . '&supports_comcode=' . ($supports_comcode ? '1' : '0') . '&zone=' . urlencode($zone) . $keep->evaluate(); foreach ($attributes as $key => $val) { $url .= '&' . $key . '=' . urlencode($val); } $_value = $param[count($param) - 1]; $_value = do_template('FRACTIONAL_EDIT', array('_GUID' => '075ac126c427d28b309004bc67b32b08', 'VALUE' => $_value, 'URL' => $url, 'EDIT_TEXT' => $edit_text, 'EDIT_PARAM_NAME' => $edit_param_name)); $value = $_value->evaluate(); } else { $value = $param[count($param) - 1]->evaluate(); } } break; case 'SET': if (isset($param[1])) { $var = $param[0]->evaluate(); $set_val = ''; $i = 1; while (isset($param[$i])) { if ($i != 1) { $set_val .= ','; } $set_val .= $param[1]->evaluate(); $i++; } $TEMPCODE_SETGET[$var] = $set_val; } break; case 'IN_ARRAY': if (isset($param[1])) { $key = $param[1]->evaluate(); $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array(); $value = in_array($param[0]->evaluate(), $array) ? '1' : '0'; } break; case 'NOT_IN_ARRAY': if (isset($param[1])) { $key = $param[1]->evaluate(); $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array(); $value = in_array($param[0]->evaluate(), $array) ? '0' : '1'; } break; case 'IF_IN_ARRAY': if (isset($param[2])) { $key = $param[1]->evaluate(); $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array(); $value = in_array($param[0]->evaluate(), $array) ? $param[2]->evaluate() : ''; } break; case 'IF_NOT_IN_ARRAY': if (isset($param[2])) { $key = $param[1]->evaluate(); $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array(); $value = in_array($param[0]->evaluate(), $array) ? '' : $param[2]->evaluate(); } break; case 'IMPLODE': if (isset($param[1])) { $key = $param[1]->evaluate(); $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array(); if (isset($param[2]) && $param[2]->evaluate() == '1') { $delim = $param[0]->evaluate(); foreach ($array as $key => $val) { if ($value != '') { $value .= $delim; } $value .= (is_integer($key) ? integer_format($key) : $key) . ' = ' . $val; } } else { $value = implode($param[0]->evaluate(), $array); } } break; case 'COUNT': if (isset($param[0])) { $key = $param[0]->evaluate(); $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array(); $value = strval(count($array)); } break; case 'BOX': unset($param['vars']); $title = isset($param[1]) ? $param[0]->evaluate() : ''; $dimensions = isset($param[2]) ? $param[1]->evaluate() : '100%'; if ($dimensions == '') { $dimensions = '100%'; } $box_type = isset($param[3]) ? $param[2]->evaluate() : 'classic'; $options = isset($param[4]) ? $param[3]->evaluate() : ''; $meta = isset($param[5]) ? $param[4]->evaluate() : ''; $links = isset($param[6]) ? $param[5]->evaluate() : ''; $expand = isset($param[7]) ? $param[6]->evaluate() == '1' : false; $toplink = isset($param[8]) ? $param[7]->evaluate() : ''; $tmp = put_in_standard_box(array_pop($param), $title, $dimensions, $box_type, $options, $meta, $links, $expand, $toplink); $value = $tmp->evaluate(); break; case 'IF_NON_EMPTY': if (isset($param[1])) { if (!$param[0]->is_really_empty()) { $value = $param[1]->evaluate(); } } break; case 'IF_PASSED': if (isset($param[1])) { $t = $param[0]->evaluate(); if (isset($param['vars'][$t])) { $value = $param[1]->evaluate(); } } break; case 'IF_NON_PASSED': if (isset($param[1])) { $t = $param[0]->evaluate(); if (!isset($param['vars'][$t])) { $value = $param[1]->evaluate(); } } break; case 'IF_EMPTY': if (isset($param[1])) { if ($param[0]->is_really_empty()) { $value = $param[1]->evaluate(); } } break; case 'IF_ARRAY_EMPTY': if (isset($param[0])) { $looking_at = $param[0]->evaluate(); if (array_key_exists($looking_at, $param['vars'])) { if (count($param['vars'][$looking_at]) == 0) { $value = $param[1]->evaluate(); } } } break; case 'IF_ARRAY_NON_EMPTY': if (isset($param[0])) { $looking_at = $param[0]->evaluate(); if (array_key_exists($looking_at, $param['vars'])) { if (count($param['vars'][$looking_at]) != 0) { $value = $param[1]->evaluate(); } } } break; case 'OF': if (isset($param[1])) { $key = $param[0]->evaluate(); $x = $param[1]->evaluate(); $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array(); $x2 = is_numeric($x) ? intval($x) : $x; if (is_integer($x2)) { if ($x2 < 0) { $x2 = count($array) - 1; } elseif ($x2 >= count($array)) { $x2 -= count($array); } } $value = array_key_exists($x2, $array) ? $array[$x2] : ''; if (is_object($value)) { $value = $value->evaluate(); } } break; case 'INCLUDE': if (isset($param[1])) { $tpl_params = $param['vars']; $explode = explode(chr(10), $param[1]->evaluate()); foreach ($explode as $val) { $bits = explode('=', $val, 2); if (count($bits) == 2) { $tpl_params[ltrim($bits[0])] = $bits[1]; } } $td = isset($param[3]) ? $param[2]->evaluate() : ''; if ($td == '') { $td = 'templates'; } $ex = isset($param[2]) ? $param[1]->evaluate() : ''; if ($ex == '') { $ex = '.tpl'; } $_value = do_template($param[0]->evaluate(), $tpl_params, NULL, false, NULL, $ex, $td); $value = $_value->evaluate(); } break; case 'WHILE': if (isset($param[1])) { $_p = $param[0]->evaluate(); if ($_p == '1' || $_p == '1') { $value = ''; $value .= $param[1]->evaluate(); $value .= ecv($lang, $escaped, $type, $name, $param); } } break; case 'IF': if (isset($param[1])) { $_p = $param[0]->evaluate(); if ($_p == '1' || $_p == '1') { $value = $param[1]->evaluate(); } } break; case 'LOOP': if (isset($param[0])) { if (!array_key_exists($param[0]->evaluate(), $param['vars'])) { require_code('site'); attach_message(do_lang_tempcode('MISSING_TEMPLATE_PARAMETER', $param[0]->evaluate(), '???'), 'warn'); return ''; } $array_key = $param[0]->evaluate(); if (is_numeric($array_key) || strpos($array_key, ',') !== false) { $array = explode(',', $array_key); } else { $array = array_key_exists($array_key, $param['vars']) ? $param['vars'][$array_key] : array(); if (!is_array($array)) { $array = array(); } } $value = ''; if (array_key_exists(1 + 1, $param)) { $columns = $param[1]->evaluate(); $row_starter = array_key_exists(2 + 1, $param) ? $param[2]->evaluate() : '<tr>'; $row_terminator = array_key_exists(3 + 1, $param) ? $param[3]->evaluate() : '</tr>'; $value .= $row_starter; // Sorting if (array_key_exists(4 + 1, $param)) { $sort_key = $param[4]->evaluate(); $rev = array_key_exists(5 + 1, $param) && $param[5]->evaluate() == 'DESC'; if ($sort_key != '') { global $M_SORT_KEY; $M_SORT_KEY = $sort_key; uasort($array, 'multi_sort'); } if ($rev) { $array = array_reverse($array); } } } $last = count($param) - 2; $col = 0; $first = true; foreach ($array as $go_key => $go) { if (!is_array($go)) { $go = array('_loop_key' => make_string_tempcode(is_integer($go_key) ? strval($go_key) : $go_key), '_loop_var' => make_string_tempcode($go)); } // In case it's not a list of maps, but just a list if (isset($param[2]) && $col % $columns == 0 && $col != 0) { $value .= $row_starter; } $ps = $go + $param['vars'] + array('_loop_key' => make_string_tempcode(is_integer($go_key) ? strval($go_key) : $go_key), '_i' => strval($col), '_first' => $first, '_last' => $col == count($array) - 1); $bound = $param[$last]->bind($ps, ''); $value .= $bound->evaluate(); ++$col; if (isset($param[3]) && $col % $columns == 0) { $value .= $row_terminator; } $first = false; } if (isset($param[2]) && $col % $columns != 0) { $value .= $row_terminator; } } break; default: require_code('site'); attach_message(do_lang_tempcode('UNKNOWN_DIRECTIVE', escape_html($name)), 'warn'); } if ($escaped != array()) { apply_tempcode_escaping($escaped, $value); } return $value; } // By elimination, it's language $a = isset($param[0]) ? is_object($param[0]) ? $param[0]->evaluate() : $param[0] : NULL; $b = isset($param[1]) ? is_object($param[1]) ? $param[1]->evaluate() : $param[1] : NULL; $c = isset($param[2]) ? array_splice($param, 2) : NULL; if ($c !== NULL) { foreach ($c as $i => $cc) { if (is_object($cc)) { $c[$i] = $cc->evaluate(); } } } static $dle = false; if (!$dle) { $dle = function_exists('do_lang'); } $ret = $dle ? do_lang($name, $a, $b, $c, $lang, false) : escape_html($name . ':' . (!is_null($a) ? $a : '') . ',' . (!is_null($b) ? $b : '')); if ($ret === NULL) { if ($type != TC_PARAMETER) { require_code('site'); attach_message(do_lang_tempcode('MISSING_LANG_ENTRY', escape_html($name)), 'warn'); } $value = ''; if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($value); } return $value; } if ($escaped != array() && $escaped != array(ENTITY_ESCAPED)) { apply_tempcode_escaping(array_diff($escaped, array(ENTITY_ESCAPED)), $ret); } // Escape but without ENTITY_ESCAPED because we don't do that on lang strings return $ret; }