diff --git a/do.php b/do.php index d644674..fef97ff 100755 --- a/do.php +++ b/do.php @@ -417,7 +417,7 @@ elseif (ig('down') || ig('downf') || } } - if (! ($size = @kleeja_filesize($path_file))) + if (! ($size = @filesize($path_file))) { $size = $d_size; } diff --git a/includes/adm/g_users.php b/includes/adm/g_users.php index c2b2def..a2b5d2e 100755 --- a/includes/adm/g_users.php +++ b/includes/adm/g_users.php @@ -237,7 +237,7 @@ elseif (ip('newuser')) if (empty($ERRORS)) { $name = (string) $SQL->escape(trim(p('lname'))); - $user_salt = (string) substr(kleeja_base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); + $user_salt = (string) substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); $pass = (string) $usrcp->kleeja_hash_password($SQL->escape(trim(p('lpass'))) . $user_salt); $mail = (string) trim(strtolower(p('lmail'))); $clean_name = (string) $usrcp->cleanusername($name); @@ -349,7 +349,7 @@ if (ip('edituser')) } elseif (trim(p('l_pass')) != '') { - $user_salt = substr(kleeja_base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); + $user_salt = substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); $pass = "password = '" . $usrcp->kleeja_hash_password(trim(p('l_pass')) . $user_salt) . "', password_salt='" . $user_salt . "',"; } diff --git a/includes/auth_integration/api.php b/includes/auth_integration/api.php index 5122521..855c23a 100755 --- a/includes/auth_integration/api.php +++ b/includes/auth_integration/api.php @@ -37,7 +37,7 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = // @see file : docs/kleeja_(vb,mysmartbb,phpbb)_api.txt - $api_http_query = 'api_key=' . kleeja_base64_encode($script_api_key) . '&' . ($hashed ? 'userid' : 'username') . '=' . urlencode($name) . '&pass=' . kleeja_base64_encode($pass); + $api_http_query = 'api_key=' . base64_encode($script_api_key) . '&' . ($hashed ? 'userid' : 'username') . '=' . urlencode($name) . '&pass=' . base64_encode($pass); //if only username, let tell him in the query $api_http_query .= $return_username ? '&return_username=1' : ''; @@ -56,7 +56,7 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = //split the data , the first one is always 0 or 1 //0 : error //1: ok - $user_info = explode('%|%', kleeja_base64_decode($remote_data)); + $user_info = explode('%|%', base64_decode($remote_data)); //omg, it's 0 , 0 : error, lets die here if ((int) $user_info[0] == 0) @@ -88,7 +88,7 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = //and this must be filled with user data comming from url $userinfo = []; $userinfo['group_id'] = GROUP_ID; - $user_y = kleeja_base64_encode(serialize(['id'=>USER_ID, 'name'=>USER_NAME, 'mail'=>USER_MAIL, 'last_visit'=>time()])); + $user_y = base64_encode(serialize(['id'=>USER_ID, 'name'=>USER_NAME, 'mail'=>USER_MAIL, 'last_visit'=>time()])); //add cookies diff --git a/includes/auth_integration/phpbb.php b/includes/auth_integration/phpbb.php index 766741e..01ae9f8 100755 --- a/includes/auth_integration/phpbb.php +++ b/includes/auth_integration/phpbb.php @@ -112,7 +112,7 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = $result2 = $SQLBB->build($query2); while ($row=$SQLBB->fetch_array($result2)) { - $SQLBB->freeresult($result2); + $SQLBB->freeresult($result2); if ($return_name) { @@ -164,7 +164,7 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = $userinfo = $row; $userinfo['group_id'] = ($row[$row_leve] == $admin_level ? '1' : '3'); - $user_y = kleeja_base64_encode(serialize(['id'=>$row['user_id'], 'name'=>$row['username'], 'mail'=>$row['user_email'], 'last_visit'=>time()])); + $user_y = base64_encode(serialize(['id'=>$row['user_id'], 'name'=>$row['username'], 'mail'=>$row['user_email'], 'last_visit'=>time()])); if (! $hashed && ! $loginadm) { diff --git a/includes/auth_integration/vb.php b/includes/auth_integration/vb.php index 105a4cd..794482b 100755 --- a/includes/auth_integration/vb.php +++ b/includes/auth_integration/vb.php @@ -67,7 +67,7 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = $forum_srv .= ':' . $config['MasterServer']['port']; } - //some people change their db charset + //some people change their db charset if (isset($config['Mysqli']['charset'])) { $forum_db_charset = $config['Mysqli']['charset']; @@ -89,7 +89,7 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = $forum_pass = $script_pass; $forum_prefix = $script_prefix; - //some people change their db charset + //some people change their db charset if (isset($script_db_charset)) { $forum_db_charset = $script_db_charset; @@ -120,7 +120,7 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = $name = empty($script_cp1256) || ! $script_cp1256 || $hashed ? $name : $usrcp->kleeja_utf8($name, false); $query_salt = [ - 'SELECT' => $hashed ? '*' : ($isVB5 ? 'token' : 'salt'), + 'SELECT' => $hashed ? '*' : ($isVB5 ? 'token' : 'salt'), 'FROM' => "`{$forum_prefix}user`", ]; @@ -147,7 +147,7 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = if (! $hashed) { - $pass = ! $isVB5 + $pass = ! $isVB5 ? md5(md5($pass) . $row1['salt']) // without normal md5 : crypt(md5($pass), $row1['token']); @@ -176,18 +176,18 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = $userinfo = $row; $userinfo['group_id'] = ($row['usergroupid'] == 6 ? 1 : 3); - $user_y = kleeja_base64_encode(serialize(['id'=>$row['userid'], 'name'=>USER_NAME, 'mail'=>$row['email'], 'last_visit'=>time()])); + $user_y = base64_encode(serialize(['id'=>$row['userid'], 'name'=>USER_NAME, 'mail'=>$row['email'], 'last_visit'=>time()])); $hash_key_expire = sha1(md5($config['h_key'] . ($isVB5 ? $row['token'] : $row['password'])) . $expire); if (! $loginadm) { $usrcp->kleeja_set_cookie('ulogu', $usrcp->en_de_crypt( - $row['userid'] . '|' . - ($isVB5 ? $row['token'] : $row['password']) . '|' . - $expire . '|' . - $hash_key_expire . '|' . - ($row['usergroupid'] == 6 ? 1 : 3) . '|' . + $row['userid'] . '|' . + ($isVB5 ? $row['token'] : $row['password']) . '|' . + $expire . '|' . + $hash_key_expire . '|' . + ($row['usergroupid'] == 6 ? 1 : 3) . '|' . $user_y ), $expire); } @@ -217,7 +217,7 @@ function kleeja_auth_login ($name, $pass, $hashed = false, $expire, $loginadm = } }//whil1 - $SQLVB->freeresult($result_salt); + $SQLVB->freeresult($result_salt); unset($pass); $SQLVB->close(); diff --git a/includes/functions.php b/includes/functions.php index db69801..9e050be 100755 --- a/includes/functions.php +++ b/includes/functions.php @@ -216,7 +216,7 @@ function kleeja_get_page() */ function _sm_mk_utf8($text) { - return '=?UTF-8?B?' . kleeja_base64_encode($text) . '?='; + return '=?UTF-8?B?' . base64_encode($text) . '?='; } /** diff --git a/includes/functions_alternative.php b/includes/functions_alternative.php index e1381e4..d2babea 100755 --- a/includes/functions_alternative.php +++ b/includes/functions_alternative.php @@ -9,8 +9,8 @@ /** -* After a lot of work, we faced many hosts who use a old PHP version, or -* they disabled many general functions ... +* After a lot of work, we faced many hosts who use a old PHP version, or +* they disabled many general functions ... * so, this file contains those type of functions. */ @@ -21,207 +21,3 @@ if (! defined('IN_COMMON')) exit(); } - -if (! function_exists('htmlspecialchars_decode')) -{ - function htmlspecialchars_decode($string, $style=ENT_COMPAT) - { - $translation = array_flip(get_html_translation_table(HTML_SPECIALCHARS, $style)); - - if ($style === ENT_QUOTES) - { - $translation['''] = '\''; - } - return strtr($string, $translation); - } -} - -// -//http://us2.php.net/manual/en/function.str-split.php#84891 -if (! function_exists('str_split')) -{ - function str_split($string, $string_length=1) - { - if (strlen($string) > $string_length || ! $string_length) - { - do - { - $c = strlen($string); - $parts[] = substr($string, 0, $string_length); - $string = substr($string, $string_length); - } while ($string !== false); - } - else - { - $parts = [$string]; - } - return $parts; - } -} - -//Custom base64_* functions -function kleeja_base64_encode($str = '') -{ - return function_exists('base64_encode') ? base64_encode($str) : base64encode($str); -} -function kleeja_base64_decode($str = '') -{ - return function_exists('base64_decode') ? base64_decode($str) : base64decode($str); -} - -//http://www.php.net/manual/en/function.base64-encode.php#63270 -function base64encode($string = '') -{ - if (! function_exists('convert_binary_str')) - { - function convert_binary_str($string) - { - if (strlen($string) <= 0) - { - return; - } - - $tmp = decbin(ord($string[0])); - $tmp = str_repeat('0', 8-strlen($tmp)) . $tmp; - return $tmp . convert_binary_str(substr($string, 1)); - } - } - - $binval = convert_binary_str($string); - $final = ''; - $start = 0; - - while ($start < strlen($binval)) - { - if (strlen(substr($binval, $start)) < 6) - { - $binval .= str_repeat('0', 6-strlen(substr($binval, $start))); - } - $tmp = bindec(substr($binval, $start, 6)); - - if ($tmp < 26) - { - $final .= chr($tmp+65); - } - elseif ($tmp > 25 && $tmp < 52) - { - $final .= chr($tmp+71); - } - elseif ($tmp == 62) - { - $final .= '+'; - } - elseif ($tmp == 63) - { - $final .= '/'; - } - elseif (! $tmp) - { - $final .= 'A'; - } - else - { - $final .= chr($tmp-4); - } - $start += 6; - } - - if (strlen($final)%4>0) - { - $final .= str_repeat('=', 4-strlen($final)%4); - } - return $final; -} - - - -function base64decode($str) -{ - $len = strlen($str); - $ret = ''; - $b64 = []; - $base64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; - $len_base64 = strlen($base64); - - for ($i = 0; $i < 256; $i++) - { - $b64[$i] = 0; - } - - for ($i = 0; $i < $len_base64; $i++) - { - $b64[ord($base64[$i])] = $i; - } - - for ($j=0;$j<$len;$j+=4) - { - for ($i = 0; $i < 4; $i++) - { - $c = ord($str[$j+$i]); - $a[$i] = $c; - $b[$i] = $b64[$c]; - } - - $o[0] = ($b[0] << 2) | ($b[1] >> 4); - $o[1] = ($b[1] << 4) | ($b[2] >> 2); - $o[2] = ($b[2] << 6) | $b[3]; - - if ($a[2] == ord('=')) - { - $i = 1; - } - elseif ($a[3] == ord('=')) - { - $i = 2; - } - else - { - $i = 3; - } - - for ($k=0;$k<$i;$k++) - { - $ret .= chr((int) $o[$k] & 255); - } - - if ($i < 3) - { - break; - } - } - - return $ret; -} - -if (! function_exists('filesize')) -{ - function kleeja_filesize($filename) - { - $a = fopen($filename, 'r'); - fseek($a, 0, SEEK_END); - $filesize = ftell($a); - fclose($a); - return $filesize; - } -} -else -{ - function kleeja_filesize($filename) - { - return filesize($filename); - } -} - - -if (! function_exists('array_column')) -{ - function array_column($array, $column_name) - { - return array_map( - function($element) use ($column_name) { - return $element[$column_name]; - }, - array_values($array) - ); - } -} diff --git a/includes/up_helpers/others.php b/includes/up_helpers/others.php index 71a663a..86e23f2 100755 --- a/includes/up_helpers/others.php +++ b/includes/up_helpers/others.php @@ -17,7 +17,7 @@ if (! defined('IN_COMMON')) /** * checking the safety and validity of sub-extension of given file - * + * * @param mixed $filename */ function ext_check_safe($filename) @@ -256,7 +256,7 @@ function check_mime_type($given_file_mime, $file_ext, $file_path) //if normal checks failed! - if (@kleeja_filesize($file_path) > 6*(1000*1024)) + if (@filesize($file_path) > 6*(1000*1024)) { return true; } @@ -285,7 +285,7 @@ function check_mime_type($given_file_mime, $file_ext, $file_path) /** - * to prevent flooding at uploading + * to prevent flooding at uploading * @param mixed $user_id */ function user_is_flooding($user_id = '-1') @@ -307,9 +307,9 @@ function user_is_flooding($user_id = '-1') return false; } - //In my point of view I see 30 seconds is not bad rate to stop flooding .. - //even though this minimum rate sometime isn't enough to protect Kleeja from flooding attacks - $time = time() - ($user_id == '-1' ? $config['guestsectoupload'] : $config['usersectoupload']); + //In my point of view I see 30 seconds is not bad rate to stop flooding .. + //even though this minimum rate sometime isn't enough to protect Kleeja from flooding attacks + $time = time() - ($user_id == '-1' ? $config['guestsectoupload'] : $config['usersectoupload']); $query = [ 'SELECT' => 'f.time', diff --git a/includes/usr.php b/includes/usr.php index fdef041..9963e88 100755 --- a/includes/usr.php +++ b/includes/usr.php @@ -106,7 +106,7 @@ class usrcp if ($row['password'] == $passmd5) { ////new salt - $new_salt = substr(kleeja_base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); + $new_salt = substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); ////new password hash $new_password = $this->kleeja_hash_password(trim($pass) . $new_salt); @@ -145,7 +145,7 @@ class usrcp //all user fileds info $userinfo = $row; - $user_y = kleeja_base64_encode(serialize(['id'=>$row['id'], 'name'=>$row['name'], 'mail'=>$row['mail'], 'last_visit'=>$row['last_visit']])); + $user_y = base64_encode(serialize(['id'=>$row['id'], 'name'=>$row['name'], 'mail'=>$row['mail'], 'last_visit'=>$row['last_visit']])); if (! $hashed && ! $loginadm) { @@ -272,11 +272,6 @@ class usrcp //clean usernames public function cleanusername($uname) { - if (! function_exists('kleeja_base64_decode')) - { - include_once PATH . 'includes/functions_alternative.php'; - } - is_array($plugin_run_result = Plugins::getInstance()->run('cleanusername_func_usr_class', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook static $arabic_t = []; @@ -288,7 +283,7 @@ class usrcp if (empty($arabic_t)) { //Arabic chars must be stay in utf8 format, so we encoded them - $arabic_t = unserialize(kleeja_base64_decode('YToyOntpOjA7YToxMjp7aTowO3M6Mjoi2KMiO2k6MTtzOjI6ItilIjtpOjI7czoyOiLYpCI7aTozO3M6Mjoi2YAiO2k6NDtzOjI6Itm' . + $arabic_t = unserialize(base64_decode('YToyOntpOjA7YToxMjp7aTowO3M6Mjoi2KMiO2k6MTtzOjI6ItilIjtpOjI7czoyOiLYpCI7aTozO3M6Mjoi2YAiO2k6NDtzOjI6Itm' . 'LIjtpOjU7czoyOiLZjCI7aTo2O3M6Mjoi2Y8iO2k6NztzOjI6ItmOIjtpOjg7czoyOiLZkCI7aTo5O3M6Mjoi2ZIiO2k6MTA7czoyOiLYoiI7aToxMTtzOjI6ItimIjt9aToxO' . '2E6MTI6e2k6MDtzOjI6ItinIjtpOjE7czoyOiLYpyI7aToyO3M6Mjoi2YgiO2k6MztzOjA6IiI7aTo0O3M6MDoiIjtpOjU7czowOiIiO2k6NjtzOjA6IiI7aTo3O3M6MDoiIjt' . 'pOjg7czowOiIiO2k6OTtzOjA6IiI7aToxMDtzOjI6ItinIjtpOjExO3M6Mjoi2YkiO319')); @@ -381,7 +376,7 @@ class usrcp switch ($type) { case 1: - $data = str_replace('=', '_', kleeja_base64_encode($data)); + $data = str_replace('=', '_', base64_encode($data)); $data = strtr($data, $txt); break; @@ -390,7 +385,7 @@ class usrcp $txtx = array_flip($txt); $txtx = array_reverse($txtx, true); $data = strtr($data, $txtx); - $data = kleeja_base64_decode(str_replace('_', '=', $data)); + $data = base64_decode(str_replace('_', '=', $data)); break; } @@ -445,7 +440,7 @@ class usrcp { if (! empty($u_info)) { - $userinfo = unserialize(kleeja_base64_decode($u_info)); + $userinfo = unserialize(base64_decode($u_info)); $userinfo['group_id'] = $group_id; $userinfo['password'] = $hashed_password; diff --git a/install/install.php b/install/install.php index 74e99d0..e28ca37 100755 --- a/install/install.php +++ b/install/install.php @@ -208,7 +208,7 @@ case 'data' : include_once PATH . 'includes/functions_alternative.php'; $usrcp = new usrcp; - $user_salt = substr(kleeja_base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); + $user_salt = substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); $user_pass = $usrcp->kleeja_hash_password(p('password') . $user_salt); $user_name = $SQL->escape(p('username')); $user_mail = $SQL->escape(p('email')); diff --git a/install/quick.php b/install/quick.php index c3baa50..3477c43 100644 --- a/install/quick.php +++ b/install/quick.php @@ -83,7 +83,7 @@ include_once PATH . 'includes/functions_alternative.php'; $usrcp = new usrcp; $password = ! empty($cli_options['password']) ? $cli_options['password'] : mt_rand(); -$user_salt = substr(kleeja_base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); +$user_salt = substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); $user_pass = $usrcp->kleeja_hash_password($password . $user_salt); $user_name = $clean_name = 'admin'; $user_mail = $config_sitemail = 'admin@example.com'; diff --git a/ucp.php b/ucp.php index 3223fd1..6d74e41 100755 --- a/ucp.php +++ b/ucp.php @@ -232,7 +232,7 @@ switch (g('go')) if (empty($ERRORS)) { $name = (string) $SQL->escape(trim(p('lname'))); - $user_salt = (string) substr(kleeja_base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); + $user_salt = (string) substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); $pass = (string) $usrcp->kleeja_hash_password($SQL->escape(trim(p('lpass'))) . $user_salt); $mail = (string) strtolower(trim($SQL->escape(p('lmail')))); $session_id = (string) session_id(); @@ -701,7 +701,7 @@ switch (g('go')) //no errors , do it if (empty($ERRORS)) { - $user_salt = substr(kleeja_base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); + $user_salt = substr(base64_encode(pack('H*', sha1(mt_rand()))), 0, 7); $mail = $new_mail ? "mail='" . $SQL->escape(strtolower(trim(p('pmail')))) . "'" : ''; $showmyfile = p('show_my_filecp', 'int') != $show_my_filecp ? ($mail == '' ? '': ',') . "show_my_filecp='" . p('show_my_filecp', 'int') . "'" : ''; $pass = ! empty(p('ppass_new')) ? ($showmyfile != '' || $mail != '' ? ',' : '') . "password='" . $usrcp->kleeja_hash_password($SQL->escape(p('ppass_new')) . $user_salt) .