function init()
{
global $MayBeDuplicate;
if (get_magic_quotes_gpc()) {
bw_error("The software is not meant to work with PHP magic_quotes_gpc = On. Please turn it Off (probably in php.ini).");
}
$phpexts = get_loaded_extensions();
if (!in_array("gd", $phpexts)) {
bw_error("Install GD module in PHP before going on.");
}
if (isset($_SERVER["SERVERNAME"])) {
// This is only to be done for interactive session (typically mailbot.php, run by a cron gives an error for this)
$apacheexts = apache_get_modules();
if (!in_array("mod_rewrite", $apacheexts)) {
bw_error("Install mod_rewrite module in Apache before going on.");
}
}
if (version_compare(phpversion(), "5.0.0") < 0) {
bw_error("PHP version is lower than 5.0.0. Please update. ");
}
SetupSession();
DBConnect();
// a duplicate use by several users has been detected
if (!empty($MayBeDuplicate)) {
LogStr($MayBeDuplicate);
}
LanguageChangeTest();
// evaluate the events (messages received, keep uptodate whoisonline ...)
EvaluateMyEvents();
// Check if the navigation of the user must be logged
if (HasFlag("RecordLogs")) {
$url = $_SERVER['PHP_SELF'];
if (!empty($_SERVER['QUERY_STRING'])) {
$url .= "?" . $_SERVER['QUERY_STRING'];
}
LogStr("url=" . $url, "RecordLogs");
}
}
/**
*
* Thumbnail creator. (by markus5, Markus Hutzler 25.02.2007)
* tested with GD Version: bundled (2.0.28 compatible)
* with GIF Read Support: Enabled
* with JPG Support: Enabled
* with PNG Support: Enabled
*
* this function creates a thumbnail of a JPEG, GIF or PNG image
* file: path (with /)!!!
* max_x / max_y delimit the maximal size. default = 100 (it keeps the ratio)
* the quality can be set. default = 85
* this function returns the thumb filename or null
*
* modified by Fake51
* $mode specifies if the new image is based on a cropped and resized version of the old, or just a resized
* $mode = "square" means a cropped version
* $mode = "ratio" means merely resized
*/
private static function _getThumb($file, $max_x, $max_y, $quality = 85, $thumbdir = 'thumbs', $mode = 'square')
{
// TODO: analyze MIME-TYPE of the input file (not try / catch)
// TODO: error analysis of wrong paths
// TODO: dynamic prefix (now: /th/)
// method appears to work in old memberphotos folder, so I'm disabling it for now
/* if($file == "") */
return null;
$filename = basename($file);
$filename_noext = substr($filename, 0, strrpos($filename, '.'));
$filepath = getcwd() . "/bw/memberphotos";
$wwwpath = PVars::getObj('env')->baseuri . "bw/memberphotos";
$avatarDir = new PDataDir('user/avatars');
$thumbfile = $filename_noext . '.' . $mode . '.' . $max_x . 'x' . $max_y . '.jpg';
if (is_file("{$filepath}/{$thumbdir}/{$thumbfile}")) {
return "{$wwwpath}/{$thumbdir}/{$thumbfile}";
}
// look if original file exists
if (!is_file($filepath . '/' . $filename)) {
return 'bw/';
}
// TODO: bw_error("get_thumb: no file found");
// look if thumbnail directory exists
if (!is_dir("{$filepath}/{$thumbdir}")) {
return 'bw/';
}
// TODO: bw_error("get_thumb: no directory found");
ini_set("memory_limit", '64M');
//jeanyves increasing the memory these functions need a lot
// read image - try different image types
$image = false;
if (!$image) {
$image = @imagecreatefromjpeg("{$filepath}/{$filename}");
}
if (!$image) {
$image = @imagecreatefrompng("{$filepath}/{$filename}");
}
if (!$image) {
$image = @imagecreatefromgif("{$filepath}/{$filename}");
}
// look if reading the image was successful
if ($image == false) {
return null;
}
// calculate ratio
$size_x = imagesx($image);
$size_y = imagesy($image);
if ($size_x == 0 or $size_y == 0) {
bw_error("bad image size (0)");
}
switch ($mode) {
case "ratio":
if ($max_x / $size_x >= $max_y / $size_y) {
$ratio = $max_y / $size_y;
} else {
$ratio = $max_x / $size_x;
}
$startx = 0;
$starty = 0;
break;
default:
if ($size_x >= $size_y) {
$startx = ($size_x - $size_y) / 2;
$starty = 0;
$size_x = $size_y;
} else {
$starty = ($size_y - $size_x) / 2;
$startx = 0;
$size_y = $size_x;
}
if ($max_x >= $max_y) {
$ratio = $max_y / $size_y;
} else {
$ratio = $max_x / $size_x;
}
break;
}
$th_size_x = $size_x * $ratio;
$th_size_y = $size_y * $ratio;
// creating thumb
$thumb = imagecreatetruecolor($th_size_x, $th_size_y);
imagecopyresampled($thumb, $image, 0, 0, $startx, $starty, $th_size_x, $th_size_y, $size_x, $size_y);
// try to write the new image
imagejpeg($thumb, "{$filepath}/{$thumbdir}/{$thumbfile}", $quality);
return "{$wwwpath}/{$thumbdir}/{$thumbfile}";
}
function DBUpdateCheck()
{
$updates = array();
/*
* to make new DB update just add a line like this:
* $updates[xxx] = "SQL string...";
* empty means that update has to be done manually:
* $updates[69] = ""; // this update has to be done manually
*/
$updates[1] = "CREATE TABLE `dbversion` (`version` INT NOT NULL DEFAULT '0',PRIMARY KEY ( `version` )) ENGINE = MYISAM COMMENT = 'stores the DB version';";
$updates[2] = "INSERT into `dbversion` values(1)";
$updates[3] = "CREATE TABLE `guestsonline` (" . "`IpGuest` int(11) NOT NULL COMMENT 'ip address of the user who is online'," . "`updated` timestamp NOT NULL default CURRENT_TIMESTAMP on update " . "CURRENT_TIMESTAMP COMMENT 'last time the member was active'," . "`appearance` varchar(256) NOT NULL COMMENT 'What to show about the member this can be a html thing'," . "`lastactivity` varchar(256) NOT NULL COMMENT 'Last url the member call'," . "`Status` varchar(32) NOT NULL default 'Active' " . "COMMENT 'a copy of the status of the member (sometime he can be ActiveHidden)'," . "PRIMARY KEY (`IpGuest`)) ENGINE=MEMORY DEFAULT CHARSET=utf8 " . "COMMENT='Table of last guest online, it is purged periodically ';";
$updates[4] = "UPDATE words " . "SET Sentence = 'Bitte überprüfe die Stadt. Die angegebene Stadt konnte nicht gefunden werden.' " . "WHERE code='SignupErrorProvideCity' and ShortCode='de';";
$updates[5] = "UPDATE words " . "SET Sentence = 'Please check the city. The city could not be found.' " . "WHERE code='SignupErrorProvideCity' and ShortCode='en';";
$updates[6] = "";
// This is empty on purpose, this forces manual DB update
$updates[7] = "DROP TABLE tantable";
$updates[8] = "DROP TABLE userfrombewelcome";
$updates[9] = "ALTER TABLE `guestsonline` MODIFY `appearance` varchar(255)";
$updates[10] = "ALTER TABLE `guestsonline` MODIFY `lastactivity` varchar(255)";
$updates[11] = "ALTER TABLE `cryptedfields` ADD `temporary_uncrypted_buffer` TEXT";
$updates[12] = "ALTER TABLE `cryptedfields` CHANGE `temporary_uncrypted_buffer` `temporary_uncrypted_buffer` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NULL COMMENT 'This is used when no encryption is use'";
$updates[13] = "ALTER TABLE `words` ADD `created` TIMESTAMP NOT NULL";
$updates[14] = "ALTER TABLE `members` CHANGE `TypicOffer` `TypicOffer` SET('guidedtour','dinner','CanHostWeelChair') CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL COMMENT 'Other typical offer that a member can choose to propose'";
$updates[15] = "ALTER TABLE `members` CHANGE `Accomodation` `Accomodation` " . "ENUM('anytime', 'yesicanhost', 'dependonrequest', 'cannotfornow', 'neverask')";
$updates[16] = "ALTER TABLE `members` CHANGE `Accomodation` `Accomodation` " . "ENUM('anytime', 'dependonrequest', 'neverask')";
$updates[17] = "CREATE TABLE IF NOT EXISTS broadcast (" . "id int(11) NOT NULL auto_increment COMMENT 'primary key'," . "IdCreator int(11) NOT NULL COMMENT 'Id of the member who created the massmail'," . "`Name` text collate utf8_unicode_ci NOT NULL COMMENT 'Name of the mass mail'," . "created timestamp NOT NULL default CURRENT_TIMESTAMP COMMENT 'creation date'," . "`Status` enum('Created','Triggered') collate utf8_unicode_ci NOT NULL default 'Created'," . "`Type` enum('Normal') collate utf8_unicode_ci NOT NULL default 'Normal'," . "PRIMARY KEY (id)" . ") ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='This table is for massmail used by adminmassmails'";
$updates[18] = "CREATE TABLE IF NOT EXISTS `broadcastmessages` (" . "`IdBroadcast` int(11) NOT NULL COMMENT 'id of the broadcast entry'," . "`IdReceiver` int(11) NOT NULL COMMENT 'Id of the receiver'," . "`IdEnqueuer` int(11) NOT NULL COMMENT 'Id of the volunteer who enqueue the message'," . "`Status` enum('ToApprove','ToSend','Sent') collate utf8_unicode_ci NOT NULL default 'ToApprove' COMMENT 'Status of the message'," . "`updated` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP COMMENT 'last update'," . "PRIMARY KEY (`IdBroadcast`,`IdReceiver`)" . ") ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='This is the table with the list of members to broad cast'";
$updates[19] = "ALTER TABLE `words` CHANGE `ShortCode` `ShortCode` CHAR( 4 ) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL DEFAULT 'en'";
$updates[20] = "delete from user where lastlogin is null";
$updates[21] = "ALTER TABLE `user` DROP INDEX `handle`";
$updates[22] = "ALTER TABLE `user` ADD UNIQUE ( `handle`)";
$updates[23] = "ALTER TABLE `user` DROP INDEX `handle`";
// correct 22, DROPs UNIQUE CONSTRAINT
$updates[24] = "ALTER TABLE `user` ADD INDEX (`handle`)";
// correct 21
$updates[] = 'UPDATE languages SET Name = "English" WHERE id = 0';
$updates[] = 'UPDATE languages SET EnglishName = CONCAT(UPPER(SUBSTR(EnglishName, 1, 1)), (SUBSTR(EnglishName, 2)))';
// $updates[20] = "blahblah"
$res = mysql_query("SELECT version FROM dbversion");
if (empty($res)) {
$version = 0;
} else {
$row = mysql_fetch_assoc($res);
if (!empty($row)) {
$version = (int) $row['version'];
} else {
bw_error("Error: Could not retrieve DB version.", true);
}
}
assert(isset($version));
while (isset($updates[$version + 1])) {
print "updating DB to version " . ($version + 1) . "\n<br>";
if (empty($updates[$version + 1])) {
bw_error("The database needs update but it cannot be done automatically. Do the changes manually or get the latest DB from the repository (<a href=\"https://www.bewelcome.org/svn/develstuff/trunk/testdb/\">https://www.bewelcome.org/svn/develstuff/trunk/testdb/</a>).", true);
}
$qry = sql_query($updates[$version + 1]);
$qry = sql_query("UPDATE dbversion SET version=version+1");
$version++;
}
}
private function getthumb($file = "", $max_x, $max_y, $quality = 85, $thumbdir = 'thumbs', $mode = 'square')
{
// TODO: analyze MIME-TYPE of the input file (not try / catch)
// TODO: error analysis of wrong paths
// TODO: dynamic prefix (now: /th/)
if ($file == "") {
return null;
}
$filename = basename($file);
$filename_noext = substr($filename, 0, strrpos($filename, '.'));
$filepath = getcwd() . "/bw/memberphotos";
if ($_SERVER['HTTP_HOST'] == 'localhost') {
$wwwpath = "http://" . $_SERVER['HTTP_HOST'] . "/bw/htdocs/bw/memberphotos";
} else {
$wwwpath = "http://" . $_SERVER['HTTP_HOST'] . "/bw/memberphotos";
}
$thumbfile = $filename_noext . '.' . $mode . '.' . $max_x . 'x' . $max_y . '.jpg';
if (is_file("{$filepath}/{$thumbdir}/{$thumbfile}")) {
return "{$wwwpath}/{$thumbdir}/{$thumbfile}";
}
// locate file
if (!is_file("{$filepath}/{$filename}")) {
return null;
}
// TODO: bw_error("get_thumb: no file found");
if (!is_dir("{$filepath}/{$thumbdir}")) {
return null;
}
// TODO: bw_error("get_thumb: no directory found");
ini_set("memory_limit", '64M');
//jeanyves increasing the memory these functions need a lot
// read image
$image = false;
if (!$image) {
$image = @imagecreatefromjpeg("{$filepath}/{$filename}");
}
if (!$image) {
$image = @imagecreatefrompng("{$filepath}/{$filename}");
}
if (!$image) {
$image = @imagecreatefromgif("{$filepath}/{$filename}");
}
if ($image == false) {
return null;
}
// calculate ratio
$size_x = imagesx($image);
$size_y = imagesy($image);
if ($size_x == 0 or $size_y == 0) {
bw_error("bad image size (0)");
}
switch ($mode) {
case "ratio":
if ($max_x / $size_x >= $max_y / $size_y) {
$ratio = $max_y / $size_y;
} else {
$ratio = $max_x / $size_x;
}
$startx = 0;
$starty = 0;
break;
default:
if ($size_x >= $size_y) {
$startx = ($size_x - $size_y) / 2;
$starty = 0;
$size_x = $size_y;
} else {
$starty = ($size_y - $size_x) / 2;
$startx = 0;
$size_y = $size_x;
}
if ($max_x >= $max_y) {
$ratio = $max_y / $size_y;
} else {
$ratio = $max_x / $size_x;
}
break;
}
$th_size_x = $size_x * $ratio;
$th_size_y = $size_y * $ratio;
// creating thumb
$thumb = imagecreatetruecolor($th_size_x, $th_size_y);
imagecopyresampled($thumb, $image, 0, 0, $startx, $starty, $th_size_x, $th_size_y, $size_x, $size_y);
// try to write the new image
imagejpeg($thumb, "{$filepath}/{$thumbdir}/{$thumbfile}", $quality);
return "{$wwwpath}/{$thumbdir}/{$thumbfile}";
}
function sql_query($ss_sql)
{
if (isset($_SESSION['sql_query']) && $_SESSION['sql_query'] == "AlreadyIn") {
// die ("<br>recursive sql_query<br>".$ss_sql);
}
$_SESSION['sql_query'] = "AlreadyIn";
$qry = mysql_query($ss_sql . " /* " . $_SERVER["PHP_SELF"] . " */");
if ($qry) {
$_SESSION['sql_query'] = "";
return $qry;
}
$error = mysql_error();
if (HasRight("Debug") or $_SERVER['SERVER_NAME'] == 'localhost') {
$_SESSION['sql_query'] = "";
bw_error(debug("<br>query problem with<br><font color=red> {$ss_sql} mysql_error: " . $error . "</font><br>"));
} else {
error_log(debug("\nquery problem with\n {$ss_sql} mysql_error: " . $error . "\n"));
LogStr("Pb with <b>" . $ss_sql . "</b>", "sql_query");
die("query problem " . $_SERVER['REMOTE_ADDR'] . " " . date("F j, Y, g:i a"));
}
}
function ww($code, $p1 = NULL, $p2 = NULL, $p3 = NULL, $p4 = NULL, $p5 = NULL, $p6 = NULL, $p7 = NULL, $p8 = NULL, $p9 = NULL, $pp10 = NULL, $pp11 = NULL, $pp12 = NULL, $pp13 = NULL)
{
global $Params;
// If no language set default language
if (!isset($_SESSION['IdLanguage'])) {
SwitchToNewLang();
}
if (!isset($_SESSION['IdLanguage'])) {
bw_error("Lang select internal failure");
}
return wwinlang($code, $_SESSION['IdLanguage'], $p1, $p2, $p3, $p4, $p5, $p6, $p7, $p8, $p9, $pp10, $pp11, $pp12, $pp13);
}
/**
* GetCryptM
*
* @param string
* @returns the crypted value of $ss according to member cryptation algorithm
*/
private function GetCryptM($ss, $IsCrypted = "crypted")
{
switch ($IsCrypted) {
case "crypted":
case "always":
if (strstr($ss, "<membercrypted>") !== false) {
return $ss;
}
// TODO: Add a test for a specific right
return "<membercrypted>" . self::enc('CryptM', $ss) . "</membercrypted>";
break;
case "not crypted":
return strip_tags($ss);
break;
default:
// we should never come here
$strlog = "function MOD_crypt::GetCryptM() Problem to crypt " . $ss . " IsCrypted=[" . $IsCrypted . "]";
if (function_exists(LogStr)) {
LogStr($strlog, "Bug");
}
if (function_exists(bw_error)) {
bw_error($strlog);
} else {
error_log($strlog);
}
die("Major problem with crypting issue");
}
}
function getthumb($file, $max_x, $max_y, $quality = 85, $thumbdir = 'thumbs', $mode = 'square')
{
// TODO: analyze MIME-TYPE of the input file (not try / catch)
// TODO: error analysis of wrong paths
// TODO: dynamic prefix (now: /th/)
if (empty($file)) {
return null;
}
$file = str_replace("\\", "/", $file);
// seperating the filename and path
$slash_pos = strrpos($file, '/');
if ($slash_pos === false) {
$filename = $file;
$path = '.';
} else {
$filename = substr($file, $slash_pos + 1);
$path = substr($file, 0, $slash_pos);
}
$prefix = "{$path}/{$thumbdir}/";
// seperating the filename and extension
$dot_pos = strrpos($filename, '.');
if ($dot_pos === false) {
return null;
} else {
$filename_noext = substr($filename, 0, $dot_pos);
}
// locate file
if (!is_file($file)) {
return null;
}
// TODO: bw_error("get_thumb: no $file found");
if (!is_dir($prefix)) {
bw_error("no folder {$prefix}!");
}
$thumbfile = $prefix . $filename_noext . '.' . $mode . '.' . $max_x . 'x' . $max_y . '.jpg';
if (is_file($thumbfile)) {
return $thumbfile;
}
ini_set("memory_limit", '64M');
//jeanyves increasing the memory these functions need a lot
// read image
$image = false;
if (!$image) {
$image = @imagecreatefromjpeg($file);
}
if (!$image) {
$image = @imagecreatefrompng($file);
}
if (!$image) {
$image = @imagecreatefromgif($file);
}
if ($image == false) {
return null;
}
// calculate ratio
$size_x = imagesx($image);
$size_y = imagesy($image);
if ($size_x == 0 or $size_y == 0) {
bw_error("bad image size (0)");
}
switch ($mode) {
case "ratio":
if ($max_x / $size_x >= $max_y / $size_y) {
$ratio = $max_y / $size_y;
} else {
$ratio = $max_x / $size_x;
}
$startx = 0;
$starty = 0;
break;
default:
if ($size_x >= $size_y) {
$startx = ($size_x - $size_y) / 2;
$starty = 0;
$size_x = $size_y;
} else {
$starty = ($size_y - $size_x) / 2;
$startx = 0;
$size_y = $size_x;
}
if ($max_x >= $max_y) {
$ratio = $max_y / $size_y;
} else {
$ratio = $max_x / $size_x;
}
break;
}
$th_size_x = $size_x * $ratio;
$th_size_y = $size_y * $ratio;
// creating thumb
$thumb = imagecreatetruecolor($th_size_x, $th_size_y);
imagecopyresampled($thumb, $image, 0, 0, $startx, $starty, $th_size_x, $th_size_y, $size_x, $size_y);
// try to write the new image
imagejpeg($thumb, $thumbfile, $quality);
return $thumbfile;
}
function HasRight($RightName, $_Scope = "", $OptionalIdMember = 0)
{
global $_SYSHCVOL;
if (!IsLoggedIn()) {
return 0;
}
// No need to search for right if no member logged
if ($OptionalIdMember != 0) {
$IdMember = $OptionalIdMember;
} else {
$IdMember = $_SESSION['IdMember'];
}
$Scope = $_Scope;
if ($Scope != "") {
if ($Scope[0] != "\"") {
$Scope = "\"" . $Scope . "\"";
}
// add the " " if they are missing
}
if (!isset($_SESSION['Right_' . $RightName]) or $_SESSION['Param']->ReloadRightsAndFlags == 'Yes' or $OptionalIdMember != 0) {
$str = "SELECT SQL_CACHE Scope,Level FROM rightsvolunteers,rights WHERE IdMember={$IdMember} AND rights.id=rightsvolunteers.IdRight AND rights.Name='{$RightName}'";
$qry = mysql_query($str) or bw_error("function HasRight");
$right = mysql_fetch_object(mysql_query($str));
// LoadRow not possible because of recusivity
if (!isset($right->Level)) {
return 0;
}
// Return false if the Right does'nt exist for this member in the DB
$rlevel = $right->Level;
$rscope = $right->Scope;
if ($OptionalIdMember == 0) {
// if its current member cache for next research
$_SESSION['RightLevel_' . $RightName] = $rlevel;
$_SESSION['RightScope_' . $RightName] = $rscope;
}
}
if ($Scope != "") {
// if a specific scope is asked
if ($rscope == "\"All\"") {
if ($_SESSION["IdMember"] == 1) {
return 10;
}
// Admin has all rights at level 10
return $rlevel;
} else {
if (!(strpos($rscope, $Scope) === false) or $Scope == $rscope) {
return $rlevel;
} else {
return 0;
}
}
} else {
if ($_SESSION["IdMember"] == 1) {
return 10;
}
// Admin has all rights at level 10
return $rlevel;
}
}
function GetCryptM($ss, $IsCrypted = "crypted")
{
// LogStr(" entering GetCryptM(\"".addslashes($ss)."\",\"".$IsCrypted."\")","JYH") ;
switch ($IsCrypted) {
case "crypted":
case "always":
if (strstr($ss, "<membercrypted>") !== false) {
return $ss;
}
// todo add right test
return "<membercrypted>" . CryptM($ss) . "</membercrypted>";
break;
case "not crypted":
return strip_tags($ss);
break;
default:
// we should never come here
$strlog = "FunctionsCrypt.php:: function GetCryptM() Problem to encrypt " . $ss . " IsCrypted=[" . $IsCrypted . "]";
if (function_exists(LogStr)) {
LogStr($strlog, "Bug");
}
if (function_exists(bw_error)) {
bw_error($strlog);
} else {
error_log($strlog);
}
die("Major problem with crypting issue");
}
// end of switch
}