diff --git a/class2.php b/class2.php index 06bcf1803..ed656b6c5 100644 --- a/class2.php +++ b/class2.php @@ -9,9 +9,9 @@ * General purpose file * * $Source: /cvs_backup/e107_0.8/class2.php,v $ -* $Revision: 1.121 $ -* $Date: 2009-08-06 22:39:36 $ -* $Author: secretr $ +* $Revision: 1.122 $ +* $Date: 2009-08-08 23:09:08 $ +* $Author: marj_nl_fr $ * */ // @@ -1316,24 +1316,25 @@ function check_class($var, $userclass = USERCLASS_LIST, $uid = 0) if ($userclass == '') { - return false; + return FALSE; } $class_array = explode(',', $userclass); - $varList = explode(',', trim($var)); + $varList = explode(',', $var); $latchedAccess = FALSE; foreach($varList as $v) { + $v = trim($v); $invert = FALSE; - if(!is_numeric($v)) //value to test is a userclass name (or garbage, of course), go get the id + //value to test is a userclass name (or garbage, of course), go get the id + if( ! is_numeric($v)) { - $v = trim($v); - if (substr($v,0,1) == '-') + if (substr($v, 0, 1) == '-') { $invert = TRUE; - $v = substr($v,1); + $v = substr($v, 1); } $v = $e107->user_class->ucGetClassIDFromName($v); } @@ -1343,8 +1344,9 @@ function check_class($var, $userclass = USERCLASS_LIST, $uid = 0) $v = -$v; } if ($v !== FALSE) - { // Ignore non-valid userclass names - if ((in_array($v, $class_array) || (ctype_digit($v) && ($v == 0)))) + { + // Ignore non-valid userclass names + if (in_array($v, $class_array) || ($v === '0') || ($v === 0)) { if ($invert) { @@ -1354,7 +1356,8 @@ function check_class($var, $userclass = USERCLASS_LIST, $uid = 0) } elseif ($invert && count($varList) == 1) { - $latchedAccess = TRUE; // Handle scenario where only an 'exclude' class is passed + // Handle scenario where only an 'exclude' class is passed + $latchedAccess = TRUE; } } } diff --git a/e107_handlers/plugin_class.php b/e107_handlers/plugin_class.php index c51129daf..26cffa1fc 100644 --- a/e107_handlers/plugin_class.php +++ b/e107_handlers/plugin_class.php @@ -11,9 +11,9 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/e107_handlers/plugin_class.php,v $ -| $Revision: 1.72 $ -| $Date: 2009-08-06 22:29:34 $ -| $Author: e107coders $ +| $Revision: 1.73 $ +| $Date: 2009-08-08 23:09:08 $ +| $Author: marj_nl_fr $ +----------------------------------------------------------------------------+ */ @@ -442,11 +442,11 @@ class e107plugin - function manage_link($action, $link_url, $link_name, $link_class=0) + function manage_link($action, $link_url, $link_name, $link_class = 0) { global $sql, $tp; - - if(!ctype_digit($link_class)) + + if( ! is_numeric($link_class)) { $link_class = strtolower($link_class); $plug_perm['everyone'] = e_UC_PUBLIC; diff --git a/e107_handlers/user_handler.php b/e107_handlers/user_handler.php index a220aa61a..cef22ffd2 100644 --- a/e107_handlers/user_handler.php +++ b/e107_handlers/user_handler.php @@ -9,9 +9,9 @@ * Handler - user-related functions * * $Source: /cvs_backup/e107_0.8/e107_handlers/user_handler.php,v $ - * $Revision: 1.10 $ - * $Date: 2009-06-12 20:41:34 $ - * $Author: e107steved $ + * $Revision: 1.11 $ + * $Date: 2009-08-08 23:09:08 $ + * $Author: marj_nl_fr $ * */ @@ -277,50 +277,83 @@ class UserHandler // * - an alphanumeric character // ^ - next character from seed // alphanumerics are included 'as is' - function generateRandomString($pattern, $seed='') + function generateRandomString($pattern, $seed = '') { - if (strlen($pattern) < 6) $pattern = '##....'; - $newname = ''; - $seed_ptr = 0; // Next character of seed (if used) - for ($i = 0; $i < strlen($pattern); $i++) - { - $c = $pattern[$i]; - switch ($c) + if (strlen($pattern) < 6) + $pattern = '##....'; + + $newname = ''; + + // Create alpha [A-Z][a-z] + $alpha = ''; + for($i = 65; $i < 91; $i++) { - case '#' : // Alpha only (upper and lower case) - do - { - $t = chr(rand(65,122)); - } while (!ctype_alpha($t)); - $newname .= $t; - break; - case '.' : // Numeric only - do - { - $t = chr(rand(48,57)); - } while (!ctype_digit($t)); - $newname .= $t; - break; - case '*' : // Alphanumeric - do - { - $t = chr(rand(48,122)); - } while (!ctype_alnum($t)); - $newname .= $t; - break; - case '^' : // Next character from seed - if ($seed_ptr < strlen($seed)) - { - $newname .= $seed[$seed_ptr]; - $seed_ptr++; - } - break; - default : - if (ctype_alnum($c)) $newname .= $c; - // (else just ignore other characters in pattern) + $alpha .= chr($i).chr($i+32); } - } - return $newname; + $alphaLength = strlen($alpha) - 1; + + // Create digit [0-9] + $digit = ''; + for($i = 48; $i < 57; $i++) + { + $digit .= chr($i); + } + $digitLength = strlen($digit) - 1; + + // Create alpha numeric [A-Z][a-z] + $alphaNum = $alpha.$digit; + $alphaNumLength = strlen($alphaNum) - 1; + + // Next character of seed (if used) + $seed_ptr = 0; + for ($i = 0, $patternLength = strlen($pattern); $i < $patternLength; $i++) + { + $c = $pattern[$i]; + switch ($c) + { + // Alpha only (upper and lower case) + case '#' : + $t = rand(0, $alphaLength); + $newname .= $alpha[$t]; + break; + + // Numeric only - [0-9] + case '.' : + $t = rand(0, $digitLength); + $newname .= $digit[$t]; + break; + + // Alphanumeric + case '*' : + $t = rand(0, $alphaNumLength); + $newname .= $alphaNum[$t]; + break; + + // Next character from seed + case '^' : + if ($seed_ptr < strlen($seed)) + { + $newname .= $seed[$seed_ptr]; + $seed_ptr++; + } + break; + + // (else just ignore other characters in pattern) + default : + if (strrpos($alphaNum, $c) !== FALSE) + { + $newname .= $c; + } +/* + else + { + $t = rand(0, $alphaNumLength); + $newname .= $alphaNum[$t]; + } +*/ + } + } + return $newname; } diff --git a/e107_handlers/validator_class.php b/e107_handlers/validator_class.php index e0521dc8b..c61153540 100644 --- a/e107_handlers/validator_class.php +++ b/e107_handlers/validator_class.php @@ -9,9 +9,9 @@ * Handler - general purpose validation functions * * $Source: /cvs_backup/e107_0.8/e107_handlers/validator_class.php,v $ - * $Revision: 1.8 $ - * $Date: 2009-07-31 16:14:51 $ - * $Author: secretr $ + * $Revision: 1.9 $ + * $Date: 2009-08-08 23:09:08 $ + * $Author: marj_nl_fr $ * */ @@ -175,15 +175,19 @@ class validatorClass { switch ($defs['dataType']) { - case 1 : // Assumes we're passed an array variable to be turned into a comma-separated list of integers + case 1 : // Assumes we've passed an array variable to be turned into a comma-separated list of integers if (is_array($value)) { $temp = array(); foreach ($value as $v) { - if (ctype_digit(trim($v))) { $temp[] = intval($v); } + $v = trim($v); + if (is_numeric($v)) + { + $temp[] = intval($v); + } } - $value = implode(',',array_unique($temp)); + $value = implode(',', array_unique($temp)); } else { diff --git a/e107_plugins/calendar_menu/ec_pf_page.php b/e107_plugins/calendar_menu/ec_pf_page.php index 3c214d821..75131db54 100644 --- a/e107_plugins/calendar_menu/ec_pf_page.php +++ b/e107_plugins/calendar_menu/ec_pf_page.php @@ -11,9 +11,9 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/e107_plugins/calendar_menu/ec_pf_page.php,v $ -| $Revision: 1.2 $ -| $Date: 2007-12-26 18:30:13 $ -| $Author: e107steved $ +| $Revision: 1.3 $ +| $Date: 2009-08-08 23:09:08 $ +| $Author: marj_nl_fr $ | | Generate a printer-friendly page of calendar events | Query is: ec_pf_page.php?ssssss.eeeeee[[[.cat].template].output] @@ -333,59 +333,73 @@ switch ($ec_output_type) } -function decode_date($date_string,$last_day = FALSE) +// We're assuming $date_string is a string of digits +// Which could begin with 'now' or 'now+' +function decode_date($date_string, $last_day = FALSE) { // Decode a date string - if (strpos($date_string,'now') === 0) - { // decode special dates - $today = getdate(); - $date_string = trim(substr($date_string,3)); // Knock off the 'now' - if (($date_string != '') && ($date_string[0] == '+')) + if (strpos($date_string, 'now') === 0) { - $date_string = trim(substr($date_string,1)); // Knock off the '+' - if (is_numeric($date_string) && ($date_string >= 0) && ($date_string <= 12)) - { - $today['mon'] += $date_string; - if ($today['mon'] > 12) + // decode special dates + $today = getdate(); + // Knock off the 'now' + $date_string = trim(substr($date_string, 3)); + if (($date_string != '') && ($date_string[0] == '+')) { - $today['mon'] -= 12; - $today['year'] += 1; + // Knock off the '+' + $date_string = trim(substr($date_string, 1)); + if (is_numeric($date_string) && ($date_string >= 0) && ($date_string <= 12)) + { + $today['mon'] += $date_string; + if ($today['mon'] > 12) + { + $today['mon'] -= 12; + $today['year'] += 1; + } + } + else + { + return EC_LAN_149; + } } - } - else - { - return EC_LAN_149; - } + $date_string = $today['year'].$today['mon']; + } + + // Here, $date_string is a string of 5, 6 or 8 digits + // use preg_match() + if(preg_match('/^\d{5,8}$/D', $date_string)) + { + $month = 0; + $day = 1; + if (strlen($date_string) == 5) + $date_string = substr_replace($date_string, '0', -1, 0); + if (strlen($date_string) == 8) + { + $day = substr($date_string, -2, 2); + if ($last_day) + $day += 1; + } + elseif (strlen($date_string) == 6) + { + if ($last_day) + $month = 1; + } + else + { + // Error + return EC_LAN_149; + } + $month += substr($date_string, 4, 2); + $year = substr($date_string, 0, 4); + $temp = mktime(0, 0, 0, $month, $day, $year); + // Always do this to get whole of last day + if ($last_day) + $temp -= 1; + return $temp; + } + else + { // Error + return EC_LAN_149; } - $date_string = $today['year'].$today['mon']; - } - if (ctype_digit($date_string)) - { - $month = 0; - $day = 1; - if (strlen($date_string) == 5) $date_string = substr_replace($date_string,'0',-1,0); - if (strlen($date_string) == 8) - { - $day = substr($date_string,-2,2); - if ($last_day) $day += 1; - } - elseif (strlen($date_string) == 6) - { - if ($last_day) $month = 1; - } - else - { // Error - return EC_LAN_149; - } - $month += substr($date_string,4,2); - $year = substr($date_string,0,4); - $temp = mktime(0,0,0,$month,$day,$year); - if ($last_day) $temp -= 1; // Always do this to get whole of last day - return $temp; - } - else - { // Error - return EC_LAN_149; - } }