3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the Revised BSD License.
6 This program is distributed in the hope that it will be useful,
7 but WITHOUT ANY WARRANTY; without even the implied warranty of
8 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 Revised BSD License for more details.
11 Copyright 2004-2017 iDB Support - http://idb.berlios.de/
12 Copyright 2004-2017 Game Maker 2k - http://gamemaker2k.org/
14 $FileInfo: functions.php - Last Update: 01/26/2017 SVN 810 - Author: cooldude2k $
16 $File3Name = basename($_SERVER['SCRIPT_NAME']);
17 if ($File3Name=="functions.php"||$File3Name=="/functions.php") {
20 // Check the file names
21 function CheckFile($FileName) {
22 $File3Name = basename($_SERVER['SCRIPT_NAME']);
23 if ($File3Name==$FileName||$File3Name=="/".$FileName) {
27 function CheckFiles($FileName) {
28 $File3Name = basename($_SERVER['SCRIPT_NAME']);
29 if ($File3Name==$FileName||$File3Name=="/".$FileName) {
31 CheckFile("functions.php");
32 require($SettDir['misc']."compression.php");
33 if($Settings['sqltype']=="mysql") {
34 if(!in_array("ini_set", $disfunc)) {
35 @ini_set("mysql.default_host",$Settings['sqlhost']);
36 @ini_set("mysql.default_user",$Settings['sqluser']);
37 @ini_set("mysql.default_password",$Settings['sqlpass']); }
38 require($SettDir['sql']."mysql.php"); }
39 if($Settings['sqltype']=="mysqli") {
40 if(!in_array("ini_set", $disfunc)) {
41 @ini_set("mysqli.default_host",$Settings['sqlhost']);
42 @ini_set("mysqli.default_user",$Settings['sqluser']);
43 @ini_set("mysqli.default_pw",$Settings['sqlpass']); }
44 require($SettDir['sql']."mysqli.php"); }
45 if($Settings['sqltype']=="pgsql") {
46 require($SettDir['sql']."pgsql.php"); }
47 if($Settings['sqltype']=="sqlite") {
48 require($SettDir['sql']."sqlite.php"); }
49 if($Settings['sqltype']=="cubrid") {
50 require($SettDir['sql']."cubrid.php"); }
51 require($SettDir['misc']."useragents.php");
53 if ($_GET['act']=="DeleteSession") { session_destroy(); }
54 if ($_GET['act']=="ResetSession") { session_unset(); }
55 if ($_GET['act']=="NewSessionID") { session_regenerate_id(); }
56 if ($_GET['act']=="PHPInfo") { phpinfo(); exit(); }
57 if ($_GET['act']=="phpinfo") { phpinfo(); exit(); }
58 if ($_GET['act']=="PHPCredits") { phpcredits(); exit(); }
59 if ($_GET['act']=="phpcredits") { phpcredits(); exit(); }
61 function header_protocol($header) {
62 if(isset($_SERVER['SERVER_PROTOCOL'])&&strstr($_SERVER['SERVER_PROTOCOL'],"/1.0")) {
63 return "HTTP/1.0 ".$header; }
65 return "HTTP/1.1 ".$header; } }
66 // Change the title and gzip page
67 function change_title($new_title,$use_gzip="off",$gzip_type="gzip") {
68 global $Settings,$urlstatus;
69 if(!isset($urlstatus)||!is_numeric($urlstatus)) { $urlstatus = 200; }
70 if($gzip_type!="gzip") { if($gzip_type!="deflate") { $gzip_type = "gzip"; } }
71 $output = trim(ob_get_clean());
72 $output = preg_replace("/<title>(.*?)<\/title>/i", "<title>".$new_title."</title>", $output);
73 /* Change Some PHP Settings Fix the &PHPSESSID to &PHPSESSID */
74 $SessName = session_name();
75 $output = preg_replace("/&PHPSESSID/", "&PHPSESSID", $output);
76 $qstrcode = htmlentities($Settings['qstr'], ENT_QUOTES, $Settings['charset']);
77 $output = str_replace($Settings['qstr'].$SessName, $qstrcode.$SessName, $output);
79 if($Settings['send_pagesize']=="on") {
80 @header("Content-Length: ".decoct(strlen($output)));
81 @header("Content-MD5: ".base64_encode(md5($output))); }
82 idb_log_maker($urlstatus,strlen($output));
85 if($gzip_type=="gzip") {
86 $goutput = gzencode($output); }
87 if($gzip_type=="deflate") {
88 $goutput = gzcompress($output); }
89 if($Settings['send_pagesize']=="on") {
90 @header("Content-Length: ".decoct(strlen($goutput)));
91 @header("Content-MD5: ".base64_encode(md5($goutput))); }
92 idb_log_maker($urlstatus,strlen($goutput));
94 // Fix amp => (&) to & and gzip page
95 function fix_amp($use_gzip="off",$gzip_type="gzip") {
96 global $Settings,$urlstatus;
97 if(!isset($urlstatus)||!is_numeric($urlstatus)) { $urlstatus = 200; }
98 if($gzip_type!="gzip") { if($gzip_type!="deflate") { $gzip_type = "gzip"; } }
99 $output = trim(ob_get_clean());
100 /* Change Some PHP Settings Fix the &PHPSESSID to &PHPSESSID */
101 $SessName = session_name();
102 $output = preg_replace("/&PHPSESSID/", "&PHPSESSID", $output);
103 $qstrcode = htmlentities($Settings['qstr'], ENT_QUOTES, $Settings['charset']);
104 $output = str_replace($Settings['qstr'].$SessName, $qstrcode.$SessName, $output);
105 if($use_gzip!="on") {
106 if($Settings['send_pagesize']=="on") {
107 @header("Content-Length: ".decoct(strlen($output)));
108 @header("Content-MD5: ".base64_encode(md5($output))); }
109 idb_log_maker($urlstatus,strlen($output));
111 if($use_gzip=="on") {
112 if($gzip_type=="gzip") {
113 $goutput = gzencode($output); }
114 if($gzip_type=="deflate") {
115 $goutput = gzcompress($output); }
116 if($Settings['send_pagesize']=="on") {
117 @header("Content-Length: ".decoct(strlen($goutput)));
118 @header("Content-MD5: ".base64_encode(md5($goutput))); }
119 idb_log_maker($urlstatus,strlen($goutput));
121 // GZip page for faster download
122 function gzip_page($use_gzip="off",$gzip_type="gzip") {
123 global $Settings,$urlstatus;
124 if(!isset($urlstatus)||!is_numeric($urlstatus)) { $urlstatus = 200; }
125 $output = trim(ob_get_clean());
126 if($gzip_type!="gzip") { if($gzip_type!="deflate") { $gzip_type = "gzip"; } }
127 if($use_gzip!="on") {
128 if($Settings['send_pagesize']=="on") {
129 @header("Content-Length: ".decoct(strlen($output)));
130 @header("Content-MD5: ".base64_encode(md5($output))); }
131 idb_log_maker($urlstatus,strlen($output));
133 if($use_gzip=="on") {
134 if($gzip_type=="gzip") {
135 $goutput = gzencode($output); }
136 if($gzip_type=="deflate") {
137 $goutput = gzcompress($output); }
138 if($Settings['send_pagesize']=="on") {
139 @header("Content-Length: ".decoct(strlen($goutput)));
140 @header("Content-MD5: ".base64_encode(md5($goutput))); }
141 idb_log_maker($urlstatus,strlen($goutput));
143 $foo="bar"; $$foo="foo";
144 // Kill bad vars for some functions
145 function killbadvars($varname) {
146 $badphp1 = array('$'); $badphp2 = array(null);
147 $varname = str_replace($badphp1, $badphp2, $varname);
148 $varname = preg_replace("/(_SERVER|_ENV|_COOKIE|_SESSION)/i", null, $varname);
149 $varname = preg_replace("/(_GET|_POST|_FILES|_REQUEST|GLOBALS)/i", null, $varname);
150 $varname = preg_replace("/(HTTP_SERVER_VARS|HTTP_ENV_VARS)/i", null, $varname);
151 $varname = preg_replace("/(HTTP_COOKIE_VARS|HTTP_SESSION_VARS)/i", null, $varname);
152 $varname = preg_replace("/(HTTP_GET_VARS|HTTP_POST_VARS|HTTP_POST_FILES)/i", null, $varname);
154 // Trying to fix this bug. ^_^
155 // http://xforce.iss.net/xforce/xfdb/49697
156 if(!isset($Settings['DefaultTheme'])) {
157 $Settings['DefaultTheme'] = "iDB"; }
158 // Change the text to icons(smileys)
159 function text2icons($Text,$sqlt,$link=null) {
161 if(!isset($link)) { $link = $SQLStat; }
162 $reneequery=sql_pre_query("SELECT * FROM \"".$sqlt."smileys\"", array(null));
163 $reneeresult=sql_query($reneequery,$link);
164 $reneenum=sql_num_rows($reneeresult);
166 while ($renees < $reneenum) {
167 $FileName=sql_result($reneeresult,$renees,"FileName");
168 $SmileName=sql_result($reneeresult,$renees,"SmileName");
169 $SmileText=sql_result($reneeresult,$renees,"SmileText");
170 $SmileDirectory=sql_result($reneeresult,$renees,"Directory");
171 $ShowSmile=sql_result($reneeresult,$renees,"Display");
172 $ReplaceType=sql_result($reneeresult,$renees,"ReplaceCI");
173 if($ReplaceType=="on") { $ReplaceType = "yes"; }
174 if($ReplaceType=="off") { $ReplaceType = "no"; }
175 if($ReplaceType!="yes"||$ReplaceType!="no") { $ReplaceType = "no"; }
176 $Smile1 = $SmileText;
177 $Smile2 = '<img src="'.$SmileDirectory.''.$FileName.'" style="vertical-align: middle; border: 0px;" title="'.$SmileName.'" alt="'.$SmileName.'" />';
178 if($ReplaceType=="no") {
179 $Text = str_replace($Smile1, $Smile2, $Text); }
180 if($ReplaceType=="yes") {
181 $Smile1 = preg_quote($SmileText,"/");
182 $Text = preg_replace("/".$Smile1."/i",$Smile2,$Text); }
183 ++$renees; } return $Text; }
184 // Removes the bad stuff
185 function remove_bad_entities($Text) {
186 //HTML Entities Dec Version
187 $Text = preg_replace("/‮/isU","",$Text);
188 $Text = preg_replace("/ /isU","",$Text);
189 $Text = preg_replace("/ /isU","",$Text);
190 $Text = preg_replace("/ /isU","",$Text);
191 $Text = preg_replace("/‌/isU","",$Text);
192 $Text = preg_replace("/‍/isU","",$Text);
193 $Text = preg_replace("/‎/isU","",$Text);
194 $Text = preg_replace("/‏/isU","",$Text);
195 //HTML Entities Hex Version
196 $Text = preg_replace("/‮/isU","",$Text);
197 $Text = preg_replace("/ /isU","",$Text);
198 $Text = preg_replace("/ /isU","",$Text);
199 $Text = preg_replace("/ /isU","",$Text);
200 $Text = preg_replace("/‌/isU","",$Text);
201 $Text = preg_replace("/‍/isU","",$Text);
202 $Text = preg_replace("/‎/isU","",$Text);
203 $Text = preg_replace("/‏/isU","",$Text);
204 //HTML Entities Name Version
205 $Text = preg_replace("/ /isU","",$Text);
206 $Text = preg_replace("/ /isU","",$Text);
207 $Text = preg_replace("/ /isU","",$Text);
208 $Text = preg_replace("/‌/isU","",$Text);
209 $Text = preg_replace("/‍/isU","",$Text);
210 $Text = preg_replace("/‎/isU","",$Text);
211 $Text = preg_replace("/‏/isU","",$Text);
213 // Remove the bad stuff
214 function remove_spaces($Text) {
215 $Text = preg_replace("/(^\t+|\t+$)/","",$Text);
216 $Text = preg_replace("/(^\n+|\n+$)/","",$Text);
217 $Text = preg_replace("/(^\r+|\r+$)/","",$Text);
218 $Text = preg_replace("/(\r|\n|\t)+/"," ",$Text);
219 $Text = preg_replace("/\s\s+/"," ",$Text);
220 $Text = preg_replace("/(^\s+|\s+$)/","",$Text);
221 $Text = trim($Text, "\x00..\x1F");
222 $Text = remove_bad_entities($Text);
225 function fixbamps($text) {
226 $fixamps1 = array("&copy;","&reg;","&trade;","&quot;","&amp;","&lt;","&gt;","&(a|e|i|o|u|y)acute;","&(a|e|i|o|u)grave;","&(a|e|i|o|u)circ;","&(a|e|i|o|u|y)uml;","&(a|o|n)tilde;","&aring;","&aelig;","&ccedil;","&eth;","&oslash;","&szlig;","&thorn;");
227 $fixamps2 = array("©","®","™",""","&","<",">","&\\1acute;","&\\1grave;","&\\1circ;","&\\1uml;","&\\1tilde;","å","æ","ç","ð","ø","ß","þ");
228 $ampnum = count($fixamps1); $ampi=0;
229 while ($ampi < $ampnum) {
230 $text = preg_replace("/".$fixamps1[$ampi]."/i", $fixamps2[$ampi], $text);
232 $text = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $text);
234 $utshour = $dayconv['hour'];
235 $utsminute = $dayconv['minute'];
236 // Change Time Stamp to a readable time
237 function GMTimeChange($format,$timestamp,$offset,$minoffset=null,$dst=null) {
238 global $utshour,$utsminute;
240 if(!is_numeric($minoffset)) { $minoffset = "00"; }
241 $ts_array = explode(":",$offset);
242 if(count($ts_array)!=2) {
243 if(!isset($ts_array[0])) { $ts_array[0] = "0"; }
244 if(!isset($ts_array[1])) { $ts_array[1] = "00"; }
245 $offset = $ts_array[0].":".$ts_array[1]; }
246 if(!is_numeric($ts_array[0])) { $ts_array[0] = "0"; }
247 if(!is_numeric($ts_array[1])) { $ts_array[1] = "00"; }
248 if($ts_array[1]<0) { $ts_array[1] = "00"; $offset = $ts_array[0].":".$ts_array[1]; }
249 $tsa = array("offset" => $offset, "hour" => $ts_array[0], "minute" => $ts_array[1]);
250 //$tsa['minute'] = $tsa['minute'] + $minoffset;
251 if($dst!="on"&&$dst!="off") { $dst = "off"; }
252 if($dst=="on") { if($dstake!="done") {
253 $dstake = "done"; $tsa['hour'] = $tsa['hour']+1; } }
254 $utimestamp = $tsa['hour'] * $utshour;
255 $utimestamp = $utimestamp + $tsa['minute'] * $utsminute;
256 $utimestamp = $utimestamp + $minoffset * $utsminute;
257 $timestamp = $timestamp + $utimestamp;
258 return date($format,$timestamp); }
259 // Change Time Stamp to a readable time
260 function TimeChange($format,$timestamp,$offset,$minoffset=null,$dst=null) {
261 return GMTimeChange($format,$timestamp,$offset,$minoffset,$dst); }
262 // Make a GMT Time Stamp
263 function GMTimeStamp() {
264 $GMTHour = gmdate("H");
265 $GMTMinute = gmdate("i");
266 $GMTSecond = gmdate("s");
267 $GMTMonth = gmdate("n");
268 $GMTDay = gmdate("d");
269 $GMTYear = gmdate("Y");
270 return mktime($GMTHour,$GMTMinute,$GMTSecond,$GMTMonth,$GMTDay,$GMTYear); }
271 // Make a GMT Time Stamp alt version
272 function GMTimeStampS() { return time() - date('Z', time()); }
274 function GMTimeGet($format,$offset,$minoffset=null,$dst=null,$taddon=null) {
275 if(!is_numeric($taddon)) { $taddon = null; }
277 return GMTimeChange($format,GMTimeStamp()+$taddon,$offset,$minoffset,$dst); }
279 return GMTimeChange($format,GMTimeStamp(),$offset,$minoffset,$dst); } }
280 // Get GMT Time alt version
281 function GMTimeGetS($format,$offset,$minoffset=null,$dst=null) {
282 global $utshour,$utsminute;
284 if(!is_numeric($offset)) { $offset = "0"; }
285 if(!is_numeric($minoffset)) { $minoffset = "00"; }
286 $ts_array = explode(":",$offset);
287 if(count($ts_array)!=2) {
288 if(!isset($ts_array[0])) { $ts_array[0] = "0"; }
289 if(!isset($ts_array[1])) { $ts_array[1] = "00"; }
290 $offset = $ts_array[0].":".$ts_array[1]; }
291 if(!is_numeric($ts_array[0])) { $ts_array[0] = "0"; }
292 if(!is_numeric($ts_array[1])) { $ts_array[1] = "00"; }
293 if($ts_array[1]<0) { $ts_array[1] = "00"; $offset = $ts_array[0].":".$ts_array[1]; }
294 $tsa = array("offset" => $offset, "hour" => $ts_array[0], "minute" => $ts_array[1]);
295 //$tsa['minute'] = $tsa['minute'] + $minoffset;
296 if($dst!="on"&&$dst!="off") { $dst = "off"; }
297 if($dst=="on") { if($dstake!="done") {
298 $dstake = "done"; $tsa['hour'] = $tsa['hour']+1; } }
299 $utimestamp = $tsa['hour'] * $utshour;
300 $utimestamp = $utimestamp + $tsa['minute'] * $utsminute;
301 $utimestamp = $utimestamp + $minoffset * $utsminute;
302 $timestamp = $timestamp + $utimestamp;
303 return date($format,mktime()+$timestamp); }
305 function GetSeverZone() {
306 $TestHour1 = date("H");
307 @putenv("OTZ=".getenv("TZ"));
309 $TestHour2 = date("H");
310 @putenv("TZ=".getenv("OTZ"));
311 $TestHour3 = $TestHour1-$TestHour2;
313 // Get Server offset alt version
314 function SeverOffSet() {
315 $TestHour1 = date("H");
316 $TestHour2 = gmdate("H");
317 $TestHour3 = $TestHour1-$TestHour2;
319 // Get Server offset new version
320 function SeverOffSetNew() {
321 return gmdate("g",mktime(0,date("Z"))); }
322 function gmtime() { return time() - (int) date('Z'); }
323 // Acts like highlight_file();
324 function file_get_source($filename,$return = FALSE) {
325 $phpsrc = file_get_contents($filename);
326 $phpsrcs = highlight_string($phpsrc,$return);
328 // Also acts like highlight_file(); but valid xhtml
329 function valid_get_source($filename) {
330 $phpsrcs = file_get_source($filename,TRUE);
331 // Change font tag to span tag for valid xhtml
332 $phpsrcs = preg_replace("/\<font color=\"(.*?)\"\>/i", "<span style=\"color: \\1;\">", $phpsrcs);
333 $phpsrcs = preg_replace("/\<\/font>/i", "</span>", $phpsrcs);
335 // Check to see if the user is hidden/shy/timid. >_> | ^_^ | <_<
336 function GetUserName($idu,$sqlt,$link=null) { $UsersName = null;
338 if(!isset($link)) { $link = $SQLStat; }
339 $gunquery = sql_pre_query("SELECT * FROM \"".$sqlt."members\" WHERE \"id\"=%i LIMIT 1", array($idu));
340 $gunresult=sql_query($gunquery,$link);
341 $gunnum=sql_num_rows($gunresult);
342 // I'm now hidden from you. ^_^ | <_< I cant find you.
343 $UsersHidden = "yes";
345 $UsersName=sql_result($gunresult,0,"Name");
346 // Am i still hidden. o_O <_< I can see you.
347 $UsersHidden=sql_result($gunresult,0,"HiddenMember"); }
348 sql_free_result($gunresult);
349 $UsersInfo['Name'] = $UsersName;
350 $UsersInfo['Hidden'] = $UsersHidden;
352 if(!function_exists('hash_hmac')) {
353 function hash_hmac($algo, $data, $key, $raw_output = false) {
355 if (strlen($key)>$blocksize) {
356 if (function_exists('hash')) {
357 $key=pack('H*',hash($hash, $key)); }
358 if (!function_exists('hash')) {
359 $key=pack('H*',$hash($key)); } }
360 $key=str_pad($key, $blocksize, chr(0x00));
361 $ipad=str_repeat(chr(0x36),$blocksize);
362 $opad=str_repeat(chr(0x5c),$blocksize);
363 return hash($algo, ($key^$opad).pack('H*',hash($algo, ($key^$ipad).$data))); } }
364 if(!function_exists('hash')) {
365 function hash($algo, $data, $raw_output = false) {
366 if($algo!="md5"&&$algo!="sha1") { $algo = "md5"; }
367 return $algo($data); } }
368 if(!function_exists('hash_algos')) {
369 function hash_algos() {
370 return array(0 => "md5", 1 => "sha1"); } }
371 // hmac hash function
372 function hmac($data,$key,$hash='sha1',$blocksize=64) {
373 if (!function_exists('hash_hmac')) {
374 if (strlen($key)>$blocksize) {
375 if (function_exists('hash')) {
376 $key=pack('H*',hash($hash, $key)); }
377 if (!function_exists('hash')) {
378 $key=pack('H*',$hash($key)); } }
379 $key=str_pad($key, $blocksize, chr(0x00));
380 $ipad=str_repeat(chr(0x36),$blocksize);
381 $opad=str_repeat(chr(0x5c),$blocksize);
382 if (function_exists('hash')) {
383 return hash($hash, ($key^$opad).pack('H*',hash($hash, ($key^$ipad).$data))); }
384 if (!function_exists('hash')) {
385 return $hash(($key^$opad).pack('H*',$hash(($key^$ipad).$data))); } }
386 if (function_exists('hash_hmac')) {
387 return hash_hmac($hash,$data,$key); } }
388 // b64hmac hash function
389 function b64e_hmac($data,$key,$extdata,$hash='sha1',$blocksize=64) {
390 $extdata2 = hexdec($extdata); $key = $key.$extdata2;
391 return base64_encode(hmac($data,$key,$hash,$blocksize).$extdata); }
392 // b64hmac rot13 hash function
393 function b64e_rot13_hmac($data,$key,$extdata,$hash='sha1',$blocksize=64) {
394 $data = str_rot13($data);
395 $extdata2 = hexdec($extdata); $key = $key.$extdata2;
396 return base64_encode(hmac($data,$key,$hash,$blocksize).$extdata); }
397 // salt hmac hash function
398 function salt_hmac($size1=6,$size2=12) {
399 $hprand = rand($size1,$size2); $i = 0; $hpass = "";
400 while ($i < $hprand) {
401 $hspsrand = rand(1,2);
402 if($hspsrand!=1&&$hspsrand!=2) { $hspsrand=1; }
403 if($hspsrand==1) { $hpass .= chr(rand(48,57)); }
404 /* if($hspsrand==2) { $hpass .= chr(rand(65,70)); } */
405 if($hspsrand==2) { $hpass .= chr(rand(97,102)); }
406 ++$i; } return $hpass; }
407 /* is_empty by M at http://us2.php.net/manual/en/function.empty.php#74093 */
408 function is_empty($var) {
409 if (((is_null($var) || rtrim($var) == "") &&
410 $var !== false) || (is_array($var) && empty($var))) {
411 return true; } else { return false; } }
412 // PHP 5 hash algorithms to functions :o
413 if(function_exists('hash')&&function_exists('hash_algos')) {
414 if(in_array("md2",hash_algos())&&!function_exists("md2")) {
415 function md2($data) { return hash("md2",$data); } }
416 if(in_array("md4",hash_algos())&&!function_exists("md4")) {
417 function md4($data) { return hash("md4",$data); } }
418 if(in_array("md5",hash_algos())&&!function_exists("md5")) {
419 function md5($data) { return hash("md5",$data); } }
420 if(in_array("sha1",hash_algos())&&!function_exists("sha1")) {
421 function sha1($data) { return hash("sha1",$data); } }
422 if(in_array("sha224",hash_algos())&&!function_exists("sha224")) {
423 function sha224($data) { return hash("sha224",$data); } }
424 if(in_array("sha256",hash_algos())&&!function_exists("sha256")) {
425 function sha256($data) { return hash("sha256",$data); } }
426 if(in_array("sha384",hash_algos())&&!function_exists("sha384")) {
427 function sha384($data) { return hash("sha384",$data); } }
428 if(in_array("sha512",hash_algos())&&!function_exists("sha512")) {
429 function sha512($data) { return hash("sha512",$data); } }
430 if(in_array("ripemd128",hash_algos())&&!function_exists("ripemd128")) {
431 function ripemd128($data) { return hash("ripemd128",$data); } }
432 if(in_array("ripemd160",hash_algos())&&!function_exists("ripemd160")) {
433 function ripemd160($data) { return hash("ripemd160",$data); } }
434 if(in_array("ripemd256",hash_algos())&&!function_exists("ripemd256")) {
435 function ripemd256($data) { return hash("ripemd256",$data); } }
436 if(in_array("ripemd512",hash_algos())&&!function_exists("ripemd512")) {
437 function ripemd320($data) { return hash("ripemd320",$data); } } }
438 // Try and convert IPB 2.0.0 style passwords to iDB style passwords
439 function hash2xkey($data,$key,$hash1='md5',$hash2='md5') {
440 return $hash1($hash2($key).$hash2($data)); }
441 // Hash two times with md5 and sha1 for DF2k
442 function PassHash2x($Text) {
446 // Hash two times with hmac-md5 and hmac-sha1
447 function PassHash2x2($data,$key,$extdata,$blocksize=64) {
448 $extdata2 = hexdec($extdata); $key = $key.$extdata2;
449 $Text = hmac($data,$key,"md5").$extdata;
450 $Text = hmac($Text,$key,"sha1").$extdata;
451 return base64_encode($Text); }
452 function cp($infile,$outfile,$mode="w") {
453 $contents = file_get_contents($infile);
454 $cpfp = fopen($outfile,$mode);
455 fwrite($cpfp, $contents);
460 * A Compatibility library with PHP 5.5's simplified password hashing API.
462 * @author Anthony Ferrara <ircmaxell@php.net>
463 * @license http://www.opensource.org/licenses/mit-license.html MIT License
464 * @copyright 2012 The Authors
468 https://github.com/ircmaxell/password_compat
473 if (!defined('PASSWORD_BCRYPT')) {
475 * PHPUnit Process isolation caches constants, but not function declarations.
476 * So we need to check if the constants are defined separately from
477 * the functions to enable supporting process isolation in userland
480 define('PASSWORD_BCRYPT', 1);
481 define('PASSWORD_DEFAULT', PASSWORD_BCRYPT);
482 define('PASSWORD_BCRYPT_DEFAULT_COST', 10);
485 if (!function_exists('password_hash')) {
488 * Hash the password using the specified algorithm
490 * @param string $password The password to hash
491 * @param int $algo The algorithm to use (Defined by PASSWORD_* constants)
492 * @param array $options The options for the algorithm to use
494 * @return string|false The hashed password, or false on error.
496 function password_hash($password, $algo, array $options = array()) {
497 if (!function_exists('crypt')) {
498 trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING);
501 if (is_null($password) || is_int($password)) {
502 $password = (string) $password;
504 if (!is_string($password)) {
505 trigger_error("password_hash(): Password must be a string", E_USER_WARNING);
508 if (!is_int($algo)) {
509 trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING);
514 case PASSWORD_BCRYPT:
515 $cost = PASSWORD_BCRYPT_DEFAULT_COST;
516 if (isset($options['cost'])) {
517 $cost = (int) $options['cost'];
518 if ($cost < 4 || $cost > 31) {
519 trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING);
523 // The length of salt to generate
525 // The length required in the final serialization
526 $required_salt_len = 22;
527 $hash_format = sprintf("$2y$%02d$", $cost);
528 // The expected length of the final crypt() output
532 trigger_error(sprintf("password_hash(): Unknown password hashing algorithm: %s", $algo), E_USER_WARNING);
535 $salt_req_encoding = false;
536 if (isset($options['salt'])) {
537 switch (gettype($options['salt'])) {
543 $salt = (string) $options['salt'];
546 if (method_exists($options['salt'], '__tostring')) {
547 $salt = (string) $options['salt'];
553 trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING);
556 if (PasswordCompat\binary\_strlen($salt) < $required_salt_len) {
557 trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", PasswordCompat\binary\_strlen($salt), $required_salt_len), E_USER_WARNING);
559 } elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) {
560 $salt_req_encoding = true;
564 $buffer_valid = false;
565 if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) {
566 $buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM);
568 $buffer_valid = true;
571 if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) {
573 $buffer = openssl_random_pseudo_bytes($raw_salt_len, $strong);
574 if ($buffer && $strong) {
575 $buffer_valid = true;
578 if (!$buffer_valid && @is_readable('/dev/urandom')) {
579 $file = fopen('/dev/urandom', 'r');
582 while ($read < $raw_salt_len) {
583 $local_buffer .= fread($file, $raw_salt_len - $read);
584 $read = PasswordCompat\binary\_strlen($local_buffer);
587 if ($read >= $raw_salt_len) {
588 $buffer_valid = true;
590 $buffer = str_pad($buffer, $raw_salt_len, "\0") ^ str_pad($local_buffer, $raw_salt_len, "\0");
592 if (!$buffer_valid || PasswordCompat\binary\_strlen($buffer) < $raw_salt_len) {
593 $buffer_length = PasswordCompat\binary\_strlen($buffer);
594 for ($i = 0; $i < $raw_salt_len; $i++) {
595 if ($i < $buffer_length) {
596 $buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255));
598 $buffer .= chr(mt_rand(0, 255));
603 $salt_req_encoding = true;
605 if ($salt_req_encoding) {
606 // encode string with the Base64 variant used by crypt
608 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
610 './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
612 $base64_string = base64_encode($salt);
613 $salt = strtr(rtrim($base64_string, '='), $base64_digits, $bcrypt64_digits);
615 $salt = PasswordCompat\binary\_substr($salt, 0, $required_salt_len);
617 $hash = $hash_format . $salt;
619 $ret = crypt($password, $hash);
621 if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != $resultLength) {
629 * Get information about the password hash. Returns an array of the information
630 * that was used to generate the password hash.
634 * 'algoName' => 'bcrypt',
635 * 'options' => array(
636 * 'cost' => PASSWORD_BCRYPT_DEFAULT_COST,
640 * @param string $hash The password hash to extract info from
642 * @return array The array of information about the hash.
644 function password_get_info($hash) {
647 'algoName' => 'unknown',
648 'options' => array(),
650 if (PasswordCompat\binary\_substr($hash, 0, 4) == '$2y$' && PasswordCompat\binary\_strlen($hash) == 60) {
651 $return['algo'] = PASSWORD_BCRYPT;
652 $return['algoName'] = 'bcrypt';
653 list($cost) = sscanf($hash, "$2y$%d$");
654 $return['options']['cost'] = $cost;
660 * Determine if the password hash needs to be rehashed according to the options provided
662 * If the answer is true, after validating the password using password_verify, rehash it.
664 * @param string $hash The hash to test
665 * @param int $algo The algorithm used for new password hashes
666 * @param array $options The options array passed to password_hash
668 * @return boolean True if the password needs to be rehashed.
670 function password_needs_rehash($hash, $algo, array $options = array()) {
671 $info = password_get_info($hash);
672 if ($info['algo'] !== (int) $algo) {
676 case PASSWORD_BCRYPT:
677 $cost = isset($options['cost']) ? (int) $options['cost'] : PASSWORD_BCRYPT_DEFAULT_COST;
678 if ($cost !== $info['options']['cost']) {
687 * Verify a password against a hash using a timing attack resistant approach
689 * @param string $password The password to verify
690 * @param string $hash The hash to verify against
692 * @return boolean If the password matches the hash
694 function password_verify($password, $hash) {
695 if (!function_exists('crypt')) {
696 trigger_error("Crypt must be loaded for password_verify to function", E_USER_WARNING);
699 $ret = crypt($password, $hash);
700 if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != PasswordCompat\binary\_strlen($hash) || PasswordCompat\binary\_strlen($ret) <= 13) {
705 for ($i = 0; $i < PasswordCompat\binary\_strlen($ret); $i++) {
706 $status |= (ord($ret[$i]) ^ ord($hash[$i]));
709 return $status === 0;
715 namespace PasswordCompat\binary {
717 if (!function_exists('PasswordCompat\\binary\\_strlen')) {
720 * Count the number of bytes in a string
722 * We cannot simply use strlen() for this, because it might be overwritten by the mbstring extension.
723 * In this case, strlen() will count the number of *characters* based on the internal encoding. A
724 * sequence of bytes might be regarded as a single multibyte character.
726 * @param string $binary_string The input string
729 * @return int The number of bytes
731 function _strlen($binary_string) {
732 if (function_exists('mb_strlen')) {
733 return mb_strlen($binary_string, '8bit');
735 return strlen($binary_string);
739 * Get a substring based on byte limits
743 * @param string $binary_string The input string
748 * @return string The substring
750 function _substr($binary_string, $start, $length) {
751 if (function_exists('mb_substr')) {
752 return mb_substr($binary_string, $start, $length, '8bit');
754 return substr($binary_string, $start, $length);
758 * Check if current PHP version is compatible with the library
760 * @return boolean the check result
765 if (is_null($pass)) {
766 if (function_exists('crypt')) {
767 $hash = '$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG';
768 $test = crypt("password", $hash);
769 $pass = $test == $hash;
780 // b64hmac hash function
781 function neo_b64e_hmac($data,$key,$extdata,$hash='sha1',$blocksize=64) {
782 $extdata2 = hexdec($extdata); $key = $key.$extdata2;
783 return base64_encode(password_hash($data.$extdata, PASSWORD_BCRYPT)); }
784 // b64hmac rot13 hash function
785 function neo_b64e_rot13_hmac($data,$key,$extdata,$hash='sha1',$blocksize=64) {
786 $data = str_rot13($data);
787 $extdata2 = hexdec($extdata); $key = $key.$extdata2;
788 return base64_encode(password_hash($data.$extdata, PASSWORD_BCRYPT)); }
790 if(!function_exists('password_hash')) {
791 function bcrypt($data) { return password_hash($data,PASSWORD_BCRYPT); }
793 /* str_ireplace for PHP below ver. 5 updated //
794 // by Kazuki Przyborowski - Cool Dude 2k //
795 // and upaded by Kazuki Przyborowski again */
796 if(!function_exists('str_ireplace')) {
797 function str_ireplace($search,$replace,$subject) {
798 if(!is_array($search)&&is_array($replace)) {
799 $search = array($search); }
800 if(is_array($search)&&!is_array($replace)) {
801 $replace = array($replace); }
802 if(is_array($search)&&is_array($replace)) {
803 $sc=count($search); $rc=count($replace); $sn=0;
804 if($sc!=$rc) { return false; }
806 $search[$sn] = preg_quote($search[$sn], "/");
807 $subject = preg_replace("/".$search[$sn]."/i", $replace[$sn], $subject);
809 if(!is_array($search)&&!is_array($replace)) {
810 $search = preg_quote($search, "/");
811 $subject = preg_replace("/".$search."/i", $replace, $subject); }
813 /* Adds httponly to PHP below Ver. 5.2.0 //
814 // by Kazuki Przyborowski - Cool Dude 2k */
815 function http_set_cookie($name,$value=null,$expire=null,$path=null,$domain=null,$secure=false,$httponly=false) {
816 $mkcookie = null; $expireGMT = null;
818 output_error("Error: You need to enter a name for cookie.",E_USER_ERROR);
820 if(!isset($expire)) {
821 output_error("Error: You need to enter a time for cookie to expire.",E_USER_ERROR);
823 $expireGMT = gmdate("D, d-M-Y H:i:s \G\M\T", $expire);
824 if(!isset($value)) { $value = null; }
825 if(!isset($httponly)||$httponly==false) {
826 setcookie($name, $value, $expire, $path, $domain, $secure); return true; }
827 if(version_compare(PHP_VERSION,"5.2.0",">=")&&$httponly==true) {
828 setcookie($name, $value, $expire, $path, $domain, $secure, $httponly); return true; }
829 if(version_compare(PHP_VERSION,"5.2.0","<")&&$httponly==true) {
830 $mkcookie = "Set-Cookie: ".rawurlencode($name)."=".rawurlencode($value);
831 $mkcookie = $mkcookie."; expires=".$expireGMT;
832 if(isset($path)&&$path!=null) { $mkcookie = $mkcookie."; path=".$path; }
833 if(isset($domain)&&$domain!=null) { $mkcookie = $mkcookie."; domain=".$domain; }
834 if(isset($secure)&&$secure===true) { $mkcookie = $mkcookie."; secure"; }
835 if(isset($httponly)&&$httponly===true) { $mkcookie = $mkcookie."; HttpOnly"; }
836 header($mkcookie, false); return true; } }
837 $foobar="fubar"; $$foobar="foobar";
839 function dump_included_files($type="var_dump") {
840 if(!isset($type)) { $type = "var_dump"; }
841 if($type=="print_r") { return print_r(get_included_files()); }
842 if($type=="var_dump") { return var_dump(get_included_files()); }
843 if($type=="var_export") { return var_export(get_included_files()); } }
844 function count_included_files() { return count(get_included_files()); }
845 function dump_extensions($type="var_dump") {
846 if(!isset($type)) { $type = "var_dump"; }
847 if($type=="print_r") { return print_r(get_loaded_extensions()); }
848 if($type=="var_dump") { return var_dump(get_loaded_extensions()); }
849 if($type=="var_export") { return var_export(get_loaded_extensions()); } }
850 function count_extensions() { return count(get_loaded_extensions()); }