Copyright 2004-2012 iDB Support - http://idb.berlios.de/
Copyright 2004-2012 Game Maker 2k - http://gamemaker2k.org/
- $FileInfo: function.php - Last Update: 12/29/2012 SVN 776 - Author: cooldude2k $
+ $FileInfo: function.php - Last Update: 01/01/2012 SVN 784 - Author: cooldude2k $
*/
$File3Name = basename($_SERVER['SCRIPT_NAME']);
if ($File3Name=="function.php"||$File3Name=="/function.php") {
$OldBoardQuery = preg_replace("/".$pregqstr."/isxS", $qstr, $_SERVER['QUERY_STRING']);
$BoardQuery = "?".$OldBoardQuery;
return $BoardQuery; }
+function log_fix_quotes($logtxt) {
+ $logtxt = str_replace("\"", "\\\"", $logtxt);
+ $logtxt = str_replace("'", "", $logtxt);
+ return $logtxt; }
function get_server_values($matches) {
$return_text = "-";
if(isset($_SERVER[$matches[1]])) { $return_text = $_SERVER[$matches[1]]; }
if(isset($Settings[$matches[1]])) { $return_text = $Settings[$matches[1]]; }
if(!isset($Settings[$matches[1]])) { $return_text = null; }
return $return_text; }
+function log_fix_get_server_values($matches) {
+ return log_fix_quotes(get_server_values($matches)); }
+function log_fix_get_cookie_values($matches) {
+ return log_fix_quotes(get_cookie_values($matches)); }
+function log_fix_get_env_values($matches) {
+ return log_fix_quotes(get_env_values($matches)); }
+function log_fix_get_setting_values($matches) {
+ return log_fix_quotes(get_setting_values($matches)); }
function get_time($matches) {
return date(convert_strftime($matches[1])); }
function convert_strftime($strftime) {
return $strftime; }
function apache_log_maker($logtxt,$logfile=null,$status=200,$contentsize="-",$headersize=0) {
global $Settings;
-if(!isset($_SERVER['HTTP_REFERER'])) { $URL_REFERER = "-"; }
-if(isset($_SERVER['HTTP_REFERER'])) { $URL_REFERER = $_SERVER['HTTP_REFERER']; }
-if(!isset($_SERVER['PHP_AUTH_USER'])) { $AUTH_USER = "-"; }
-if(isset($_SERVER['PHP_AUTH_USER'])) { $AUTH_USER = $_SERVER['PHP_AUTH_USER']; }
+if(!isset($_SERVER['HTTP_REFERER'])) { $LOG_URL_REFERER = "-"; }
+if(isset($_SERVER['HTTP_REFERER'])) { $LOG_URL_REFERER = $_SERVER['HTTP_REFERER']; }
+if($LOG_URL_REFERER==""||$LOG_URL_REFERER==null) { $LOG_URL_REFERER = "-"; }
+$LOG_URL_REFERER = log_fix_quotes($LOG_URL_REFERER);
+if(!isset($_SERVER['PHP_AUTH_USER'])) { $LOG_AUTH_USER = "-"; }
+if(isset($_SERVER['PHP_AUTH_USER'])) { $LOG_AUTH_USER = $_SERVER['PHP_AUTH_USER']; }
+if($LOG_AUTH_USER==""||$LOG_AUTH_USER==null) { $LOG_AUTH_USER = "-"; }
+$LOG_AUTH_USER = log_fix_quotes($LOG_AUTH_USER);
+if(!isset($_SERVER["HTTP_USER_AGENT"])) { $LOG_USER_AGENT = "-"; }
+if(isset($_SERVER["HTTP_USER_AGENT"])) { $LOG_USER_AGENT = $_SERVER["HTTP_USER_AGENT"]; }
+if($LOG_USER_AGENT==""||$LOG_USER_AGENT==null) { $LOG_USER_AGENT = "-"; }
+$LOG_USER_AGENT = log_fix_quotes($LOG_USER_AGENT);
$LogMemName = "-";
if(!isset($_SESSION['MemberName'])) {
$_SESSION['MemberName'] = null; }
$LogMemName = "-"; }
if(isset($_SESSION['MemberName'])&&$_SESSION['MemberName']!==null) {
$LogMemName = $_SESSION['MemberName']; }
+$LogMemName = log_fix_quotes($LogMemName);
$LogMemID = "-";
if(!isset($_SESSION['UserID'])) {
$_SESSION['UserID'] = 0; }
$LogMemID = "-"; }
if(isset($_SESSION['UserID'])&&$_SESSION['UserID']!==null&&$_SESSION['UserID']!==0) {
$LogMemID = $_SESSION['UserID']; }
+$LogMemID = log_fix_quotes($LogMemID);
$LogGroupName = "-";
if(!isset($_SESSION['UserGroup'])) {
$LogGroupName = "-"; }
$LogGroupName = "-"; }
if(isset($_SESSION['UserGroup'])&&$_SESSION['UserGroup']!==null) {
$LogGroupName = $_SESSION['UserGroup']; }
+$LogGroupName = log_fix_quotes($LogGroupName);
$LogGroupID = "-";
if(!isset($_SESSION['UserGroupID'])) {
$LogGroupID = "-"; }
$LogGroupID = "-"; }
if(isset($_SESSION['UserGroupID'])&&$_SESSION['UserGroupID']!==null) {
$LogGroupID = $_SESSION['UserGroupID']; }
+$LogGroupID = log_fix_quotes($LogGroupID);
$LOG_QUERY_STRING = "";
if($_SERVER["QUERY_STRING"]!=="") {
$LOG_QUERY_STRING = "?".$_SERVER["QUERY_STRING"]; }
+$LOG_QUERY_STRING = log_fix_quotes($LOG_QUERY_STRING);
$oldcontentsize = $contentsize;
if($oldcontentsize=="-") { $oldcontentsize = 0; }
if($contentsize===0) { $contentsize = "-"; }
if($contentsize!="-"&&$headersize!==0) { $fullsitesize = $contentsize + $headersize; }
if($status=="302") { $contentsize = "-"; }
$HTTP_REQUEST_LINE = $_SERVER["REQUEST_METHOD"]." ".$_SERVER["REQUEST_URI"]." ".$_SERVER["SERVER_PROTOCOL"];
+$HTTP_REQUEST_LINE = log_fix_quotes($HTTP_REQUEST_LINE);
$logtxt = preg_replace("/%%/s", "{percent}p", $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)a/s", $_SERVER['REMOTE_ADDR'], $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)A/s", $_SERVER["SERVER_ADDR"], $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)b/s", $contentsize, $logtxt);
$logtxt = preg_replace_callback("/%([\<\>]*?)\{([^\}]*)\}C/s", "get_cookie_values", $logtxt);
$logtxt = preg_replace_callback("/%([\<\>]*?)\{([^\}]*)\}e/s", "get_env_values", $logtxt);
-$logtxt = preg_replace("/%([\<\>]*?)f/s", $_SERVER["SCRIPT_FILENAME"], $logtxt);
+$logtxt = preg_replace("/%([\<\>]*?)f/s", log_fix_quotes($_SERVER["SCRIPT_FILENAME"]), $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)h/s", $_SERVER['REMOTE_ADDR'], $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)H/s", $_SERVER["SERVER_PROTOCOL"], $logtxt);
-$logtxt = preg_replace("/%([\<\>]*?)\{Referer\}i/s", $URL_REFERER, $logtxt);
-$logtxt = preg_replace("/%([\<\>]*?)\{User-Agent\}i/s", $_SERVER["HTTP_USER_AGENT"], $logtxt);
+$logtxt = preg_replace("/%([\<\>]*?)\{Referer\}i/s", $LOG_URL_REFERER, $logtxt);
+$logtxt = preg_replace("/%([\<\>]*?)\{User-Agent\}i/s", $LOG_USER_AGENT, $logtxt);
$logtxt = preg_replace_callback("/%([\<\>]*?)\{([^\}]*)\}i/s", "get_server_values", $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)l/s", "-", $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)m/s", $_SERVER["REQUEST_METHOD"], $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)s/s", $status, $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)t/s", "[".date("d/M/Y:H:i:s O")."]", $logtxt);
$logtxt = preg_replace_callback("/%([\<\>]*?)\{([^\}]*)\}t/s", "get_time", $logtxt);
-$logtxt = preg_replace("/%([\<\>]*?)u/s", $AUTH_USER, $logtxt);
-$logtxt = preg_replace("/%([\<\>]*?)U/s", $_SERVER["PHP_SELF"], $logtxt);
+$logtxt = preg_replace("/%([\<\>]*?)u/s", $LOG_AUTH_USER, $logtxt);
+$logtxt = preg_replace("/%([\<\>]*?)U/s", log_fix_quotes($_SERVER["PHP_SELF"]), $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)v/s", $_SERVER["SERVER_NAME"], $logtxt);
$logtxt = preg_replace("/%([\<\>]*?)V/s", $_SERVER["SERVER_NAME"], $logtxt);
// Not what it should be but PHP dose not have variable to get Apache ServerName config value. :(
Copyright 2004-2012 iDB Support - http://idb.berlios.de/
Copyright 2004-2012 Game Maker 2k - http://gamemaker2k.org/
- $FileInfo: members.php - Last Update: 12/30/2011 SVN 781 - Author: cooldude2k $
+ $FileInfo: members.php - Last Update: 01/01/2012 SVN 784 - Author: cooldude2k $
*/
$File3Name = basename($_SERVER['SCRIPT_NAME']);
if ($File3Name=="members.php"||$File3Name=="/members.php") {
?>
<tr id="Member<?php echo $i; ?>" class="TableRow3">
<td class="TableColumn3" style="text-align: center;"><?php echo $UserSessInfo['UserID']; ?></td>
-<td class="TableColumn3" style="text-align: center;"><a<?php if($GroupInfo['HasAdminCP']=="yes") { ?> title="<?php echo $session_user_agent; ?>"<?php } ?> href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$UserSessInfo['UserID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>"><?php echo $UserSessInfo['MemberName']; ?></a>
+<td class="TableColumn3" style="text-align: center;"><a<?php if($GroupInfo['HasAdminCP']=="yes") { ?> title="<?php echo htmlentities($session_user_agent, ENT_QUOTES, $Settings['charset']); ?>"<?php } ?> href="<?php echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$UserSessInfo['UserID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); ?>"><?php echo $UserSessInfo['MemberName']; ?></a>
<?php if($GroupInfo['CanViewIPAddress']=="yes") { ?> ( <a title="<?php echo $session_ip_address; ?>" onclick="window.open(this.href);return false;" href="<?php echo sprintf($IPCheckURL,$session_ip_address); ?>"><?php echo $session_ip_address; ?></a> )<?php } ?></td>
<td class="TableColumn3" style="text-align: center;"><?php echo $UserSessInfo['UserGroup']; ?></td>
<td class="TableColumn3" style="text-align: center;"><a href="<?php echo url_maker($PreFileName,"no+ext",$PreExpPage,$Settings['qstr'],$Settings['qsep'],null,null); ?>"><?php echo $UserSessInfo['PreViewingTitle']; ?> <?php echo $UserSessInfo['ViewingTitle']; ?></a></td>
?>
<tr id="Member<?php echo $i; ?>" class="TableRow3">
<td class="TableColumn3" style="text-align: center;"><?php echo $UserSessInfo['UserID']; ?></td>
-<td class="TableColumn3" style="text-align: center;"><span<?php if($GroupInfo['HasAdminCP']=="yes") { ?> title="<?php echo $session_user_agent; ?>"<?php } ?>><?php echo $UserSessInfo['GuestName']; ?></span>
+<td class="TableColumn3" style="text-align: center;"><span<?php if($GroupInfo['HasAdminCP']=="yes") { ?> title="<?php echo htmlentities($session_user_agent, ENT_QUOTES, $Settings['charset']); ?>"<?php } ?>><?php echo $UserSessInfo['GuestName']; ?></span>
<?php if($GroupInfo['CanViewIPAddress']=="yes") { ?> ( <a title="<?php echo $session_ip_address; ?>" onclick="window.open(this.href);return false;" href="<?php echo sprintf($IPCheckURL,$session_ip_address); ?>"><?php echo $session_ip_address; ?></a> )<?php } ?></td>
<td class="TableColumn3" style="text-align: center;"><?php echo $UserSessInfo['UserGroup']; ?></td>
<td class="TableColumn3" style="text-align: center;"><a href="<?php echo url_maker($PreFileName,"no+ext",$PreExpPage,$Settings['qstr'],$Settings['qsep'],null,null); ?>"><?php echo $UserSessInfo['PreViewingTitle']; ?> <?php echo $UserSessInfo['ViewingTitle']; ?></a></td>
Copyright 2004-2012 iDB Support - http://idb.berlios.de/
Copyright 2004-2012 Game Maker 2k - http://gamemaker2k.org/
- $FileInfo: stats.php - Last Update: 12/30/2011 SVN 781 - Author: cooldude2k $
+ $FileInfo: stats.php - Last Update: 01/01/2012 SVN 784 - Author: cooldude2k $
*/
$File3Name = basename($_SERVER['SCRIPT_NAME']);
if ($File3Name=="stats.php"||$File3Name=="/stats.php") {
if($olmbn>0) { $MembersOnline .= ", "; }
if($user_agent_check===false) {
$uatitleadd = null;
-if($GroupInfo['CanViewUserAgent']=="yes") { $uatitleadd = " title=\"".$session_user_agent."\""; }
+if($GroupInfo['CanViewUserAgent']=="yes") { $uatitleadd = " title=\"".htmlentities($session_user_agent, ENT_QUOTES, $Settings['charset'])."\""; }
$MembersOnline .= "<a".$uatitleadd." href=\"".url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$UserSessInfo['UserID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'])."\">".$UserSessInfo['MemberName']."</a>";
if($GroupInfo['CanViewIPAddress']=="yes") {
$MembersOnline .= " (<a title=\"".$session_ip_address."\" onclick=\"window.open(this.href);return false;\" href=\"".sprintf($IPCheckURL,$session_ip_address)."\">".$session_ip_address."</a>)"; }
++$olmn; ++$olmbn; }
if($user_agent_check!==false) {
$uatitleadd = null;
-if($GroupInfo['CanViewUserAgent']=="yes") { $uatitleadd = " title=\"".$session_user_agent."\""; }
+if($GroupInfo['CanViewUserAgent']=="yes") { $uatitleadd = " title=\"".htmlentities($session_user_agent, ENT_QUOTES, $Settings['charset'])."\""; }
$MembersOnline .= "<span".$uatitleadd.">".$user_agent_check."</span>";
if($GroupInfo['CanViewIPAddress']=="yes") {
$MembersOnline .= " (<a title=\"".$session_ip_address."\" onclick=\"window.open(this.href);return false;\" href=\"".sprintf($IPCheckURL,$session_ip_address)."\">".$session_ip_address."</a>)"; }
++$olan; } } }
if($UserSessInfo['UserGroup']==$Settings['GuestGroup']) {
/*$uatitleadd = null;
-if($GroupInfo['CanViewUserAgent']=="yes") { $uatitleadd = " title=\"".$session_user_agent."\""; }
+if($GroupInfo['CanViewUserAgent']=="yes") { $uatitleadd = " title=\"".htmlentities($session_user_agent, ENT_QUOTES, $Settings['charset'])."\""; }
$GuestsOnline .= "<a".$uatitleadd." href=\"".url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$MemList['ID'],$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member'])."\">".$MemList['Name']."</a>";
if($GroupInfo['CanViewIPAddress']=="yes") {
$GuestsOnline .= " (<a title=\"".$session_ip_address."\" onclick=\"window.open(this.href);return false;\" href=\"".sprintf($IPCheckURL,$session_ip_address)."\">".$session_ip_address."</a>)"; } */