summaryrefslogtreecommitdiff
path: root/includes/general.php
diff options
context:
space:
mode:
Diffstat (limited to 'includes/general.php')
-rw-r--r--includes/general.php32
1 files changed, 19 insertions, 13 deletions
diff --git a/includes/general.php b/includes/general.php
index 95ed64a..7887370 100644
--- a/includes/general.php
+++ b/includes/general.php
@@ -28,6 +28,12 @@
// if($_SESSION['profile']['id'] > 0)
// session_regenerate_id();
+ //cf. http://stackoverflow.com/a/14532168
+ if(!defined('ENT_HTML401')) define('ENT_HTML401', 0);
+ if(!defined('ENT_XML1')) define('ENT_XML1', 16);
+ if(!defined('ENT_XHTML')) define('ENT_XHTML', 32);
+ if(!defined('ENT_HTML5')) define('ENT_HTML5', (32|16));
+
$pageLoadTime_Start = microtime(true);
$junk = array(_("Face to Face Meeting"), _("Trusted Third Parties"), _("Thawte Points Transfer"), _("Administrative Increase"),
@@ -57,7 +63,7 @@
exit;
}
- if(array_key_exists('HTTP_HOST',$_SERVER) &&
+ if(array_key_exists('HTTP_HOST',$_SERVER) &&
($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] ||
$_SERVER['HTTP_HOST'] == $_SESSION['_config']['tverify']))
{
@@ -82,7 +88,7 @@
$locked = mysql_fetch_assoc(mysql_query("select `locked` from `users` where `id`='".$_SESSION['profile']['id']."'"));
if($locked['locked'] == 0)
{
- $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
+ $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' and `deleted` = 0 group by `to`";
$res = mysql_query($query);
$row = mysql_fetch_assoc($res);
$_SESSION['profile']['points'] = $row['total'];
@@ -169,19 +175,19 @@
$points++;
//echo "Points due to length and charset: $points<br/>";
-
+
// check for historical password proposal
if ($pwd === "Fr3d Sm|7h") {
return 0;
}
-
+
return $points;
}
function checkpw($pwd, $email, $fname, $mname, $lname, $suffix)
{
$points = checkpwlight($pwd);
-
+
if(@strstr(strtolower($pwd), strtolower($email)))
$points--;
@@ -219,7 +225,7 @@
//echo "Points due to name matches: $points<br/>";
$shellpwd = escapeshellarg($pwd);
- $do = `grep $shellpwd /usr/share/dict/american-english`;
+ $do = `grep -F -- $shellpwd /usr/share/dict/american-english`;
if($do)
$points--;
@@ -232,7 +238,7 @@
{
$bits = explode(": ", $_SESSION['_config']['subject'], 2);
$bits = str_replace(", ", "|", str_replace("/", "|", array_key_exists('1',$bits)?$bits['1']:""));
- $bits = explode("|", $bits);
+ $bits = explode("|", $bits);
$_SESSION['_config']['cnc'] = $_SESSION['_config']['subaltc'] = 0;
$_SESSION['_config']['OU'] = "";
@@ -477,7 +483,7 @@
if($id <= 0)
$id = $_SESSION['profile']['id'];
- $query = "select sum(`points`) as `points` from `notary` where `to`='$id' group by `to`";
+ $query = "select sum(`points`) as `points` from `notary` where `to`='$id' and `deleted` = 0 group by `to`";
$row = mysql_fetch_assoc(mysql_query($query));
$points = $row['points'];
@@ -557,7 +563,7 @@
$fp = @fsockopen($domain,25,$errno,$errstr,5);
if($fp)
{
-
+
$line = fgets($fp, 4096);
while(substr($line, 0, 4) == "220-")
$line = fgets($fp, 4096);
@@ -581,7 +587,7 @@
$line = mysql_real_escape_string(trim(strip_tags($line)));
$query = "insert into `pinglog` set `when`=NOW(), `email`='$myemail', `result`='$line'";
- if(is_array($_SESSION['profile'])) $query.=", `uid`='".$_SESSION['profile']['id']."'";
+ if(isset($_SESSION['profile']) && is_array($_SESSION['profile']) && isset($_SESSION['profile']['id'])) $query.=", `uid`='".$_SESSION['profile']['id']."'";
mysql_query($query);
if(substr($line, 0, 3) != "250")
@@ -662,7 +668,7 @@
return $ticket;
}
- function sanitizeHTML($input)
+ function sanitizeHTML($input)
{
return htmlentities(strip_tags($input), ENT_QUOTES);
//In case of problems, please use the following line again:
@@ -732,7 +738,7 @@
$text=preg_replace("/[^\w-.@]/","",$text);
return($text);
}
-
+
// returns text message to be shown to the user given the result of is_no_assurer
function no_assurer_text($Status)
@@ -775,7 +781,7 @@
$name="../$type/$kind/".intval($id/1000)."/$kind-".intval($id).".$type";
if (!is_dir("../csr")) { mkdir("../csr",0777); }
if (!is_dir("../crt")) { mkdir("../crt",0777); }
-
+
if (!is_dir("../csr/$kind")) { mkdir("../csr/$kind",0777); }
if (!is_dir("../crt/$kind")) { mkdir("../crt/$kind",0777); }
if (!is_dir("../csr/$kind/".intval($id/1000))) { mkdir("../csr/$kind/".intval($id/1000)); }