summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormischa <mischa@rx.high5.nl>2019-03-30 13:09:25 +0100
committermischa <mischa@rx.high5.nl>2019-03-30 13:09:25 +0100
commit05c4fa866fe17fb1ffd32e2718ae216001c8cbb5 (patch)
tree65125f46a551e53aa1785c04b0f09caf2eab0add
parentf29ed984a0f92a1adff513dd5d439ae6012cc5bb (diff)
php72 support2.1.1-SP5
-rw-r--r--admin/backup.php7
-rw-r--r--admin/list-admin.php6
-rw-r--r--edit-alias.php4
-rw-r--r--functions.inc.php49
-rw-r--r--variables.inc.php6
-rw-r--r--viewlog.php2
6 files changed, 40 insertions, 34 deletions
diff --git a/admin/backup.php b/admin/backup.php
index 6b20ef3..7e1afd6 100644
--- a/admin/backup.php
+++ b/admin/backup.php
@@ -20,6 +20,7 @@
require ("../config.inc.php");
require ("../functions.inc.php");
include ("../languages/" . check_language () . ".lang");
+date_default_timezone_set('Europe/Amsterdam');
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
@@ -63,15 +64,15 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
{
while ($row = db_assoc ($result['result']))
{
- foreach ($row as $key=>$val)
+ foreach ($row as $key => $val)
{
$fields[] = $key;
$values[] = $val;
}
fwrite ($fh, "INSERT INTO ". $tables[$i] . " (". implode (',',$fields) . ") VALUES ('" . implode ('\',\'',$values) . "')\n");
- $fields = "";
- $values = "";
+ $fields = array();
+ $values = array();
}
}
}
diff --git a/admin/list-admin.php b/admin/list-admin.php
index f6c47e9..d3ca1da 100644
--- a/admin/list-admin.php
+++ b/admin/list-admin.php
@@ -23,9 +23,11 @@ require ("../functions.inc.php");
include ("../languages/" . check_language () . ".lang");
$list_admins = list_admins ();
-if ((is_array ($list_admins) and sizeof ($list_admins) > 0))
+
+if (!empty ($list_admins)) { $list_admins_count = count ($list_admins); }
+if ((is_array ($list_admins) and $list_admins_count > 0))
{
- for ($i = 0; $i < sizeof ($list_admins); $i++)
+ for ($i = 0; $i < $list_admins_count; $i++)
{
$admin_properties[$i] = get_admin_properties ($list_admins[$i]);
}
diff --git a/edit-alias.php b/edit-alias.php
index 374cae0..d8b43a6 100644
--- a/edit-alias.php
+++ b/edit-alias.php
@@ -82,7 +82,9 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
$goto = preg_replace ('/\,*$/', '', $goto);
$array = preg_split ('/,/', $goto);
- for ($i = 0; $i < sizeof ($array); $i++) {
+ if (!empty ($array)) { $array_count = count ($array); }
+
+ for ($i = 0; $i < $array_count; $i++) {
if (in_array ("$array[$i]", $CONF['default_aliases'])) continue;
if (empty ($array[$i])) continue;
if (!check_email ($array[$i]))
diff --git a/functions.inc.php b/functions.inc.php
index 833b793..918f567 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -9,13 +9,13 @@
//
//error_reporting (E_NOTICE | E_ERROR | E_WARNING | E_PARSE);
-if (ereg ("functions.inc.php", $_SERVER['PHP_SELF']))
+if (preg_match ("/functions.inc.php/", $_SERVER['PHP_SELF']))
{
header ("Location: login.php");
exit;
}
-$version = "2.1.0";
+$version = "2.1.1-SP5-20181227 (php7.2 support)";
//
// check_session
@@ -25,7 +25,7 @@ $version = "2.1.0";
function check_session ()
{
session_start ();
- if (!session_is_registered ("sessid"))
+ if (!$_SESSION['sessid']['username'])
{
header ("Location: login.php");
exit;
@@ -37,12 +37,12 @@ function check_session ()
function check_user_session ()
{
session_start ();
- if (!session_is_registered ("userid"))
+ if (!$_SESSION['sessid']['username'])
{
header ("Location: login.php");
exit;
}
- $USERID_USERNAME = $_SESSION['userid']['username'];
+ $USERID_USERNAME = $_SESSION['sessid']['username'];
return $USERID_USERNAME;
}
@@ -106,7 +106,7 @@ function check_string ($var)
//
function check_email ($email)
{
- if (preg_match ('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,4}$/i', trim ($email)))
+ if (preg_match ('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,10}$/i', trim ($email)))
{
return true;
}
@@ -126,16 +126,17 @@ function check_email ($email)
function escape_string ($string)
{
global $CONF;
- if (get_magic_quotes_gpc () == 0)
- {
- if ($CONF['database_type'] == "mysql") $escaped_string = mysql_real_escape_string ($string);
- if ($CONF['database_type'] == "mysqli") $escaped_string = mysqli_real_escape_string ($string);
- if ($CONF['database_type'] == "pgsql") $escaped_string = pg_escape_string ($string);
- }
- else
- {
+# mysql_real_escape changed in PHP 5.4, needs fixing!
+# if (get_magic_quotes_gpc () == 0)
+# {
+# if ($CONF['database_type'] == "mysql") $escaped_string = mysql_real_escape_string ($string);
+# if ($CONF['database_type'] == "mysqli") $escaped_string = mysqli_real_escape_string ($string);
+# if ($CONF['database_type'] == "pgsql") $escaped_string = pg_escape_string ($string);
+# }
+# else
+# {
$escaped_string = $string;
- }
+# }
return $escaped_string;
}
@@ -414,7 +415,7 @@ function domain_exist ($domain)
//
function list_admins ()
{
- $list = "";
+ $list = array();
$result = db_query ("SELECT * FROM admin ORDER BY username");
if ($result['rows'] > 0)
@@ -635,7 +636,7 @@ function pacrypt ($pw, $pw_db="")
if ($CONF['encrypt'] == 'system')
{
- if (ereg ("\$1\$", $pw_db))
+ if (preg_match ("/\$1\/$", $pw_db))
{
$split_salt = preg_split ('/\$/', $pw_db);
$salt = $split_salt[2];
@@ -676,7 +677,7 @@ function md5crypt ($pw, $salt="", $magic="")
$salt = substr ($salt, 0, 8);
$ctx = $pw . $magic . $salt;
- $final = hex2bin (md5 ($pw . $salt . $pw));
+ $final = convertHex2bin (md5 ($pw . $salt . $pw));
for ($i=strlen ($pw); $i>0; $i-=16)
{
@@ -697,7 +698,7 @@ function md5crypt ($pw, $salt="", $magic="")
else $ctx .= $pw[0];
$i = $i >> 1;
}
- $final = hex2bin (md5 ($ctx));
+ $final = convertHex2bin (md5 ($ctx));
for ($i=0;$i<1000;$i++)
{
@@ -720,7 +721,7 @@ function md5crypt ($pw, $salt="", $magic="")
{
$ctx1 .= $pw;
}
- $final = hex2bin (md5 ($ctx1));
+ $final = convertHex2bin (md5 ($ctx1));
}
$passwd = "";
$passwd .= to64 (((ord ($final[0]) << 16) | (ord ($final[6]) << 8) | (ord ($final[12]))), 4);
@@ -739,7 +740,7 @@ function create_salt ()
return $salt;
}
-function hex2bin ($str)
+function convertHex2bin ($str)
{
$len = strlen ($str);
$nstr = "";
@@ -902,7 +903,7 @@ function db_query ($query)
// database prefix workaround
if (!empty ($CONF['database_prefix']))
{
- if (eregi ("^SELECT", $query))
+ if (preg_match ("/^SELECT/i", $query))
{
$query = substr ($query, 0, 14) . $CONF['database_prefix'] . substr ($query, 14);
}
@@ -916,7 +917,7 @@ function db_query ($query)
if ($CONF['database_type'] == "mysqli") $result = @mysqli_query ($link, $query) or die ("<p />DEBUG INFORMATION:<br />Invalid query: " . mysqli_error() . "$DEBUG_TEXT");
if ($CONF['database_type'] == "pgsql")
{
- if (eregi ("LIMIT", $query))
+ if (preg_match ("/LIMIT/i", $query))
{
$search = "/LIMIT (\w+), (\w+)/";
$replace = "LIMIT \$2 OFFSET \$1";
@@ -925,7 +926,7 @@ function db_query ($query)
$result = @pg_query ($link, $query) or die ("<p />DEBUG INFORMATION:<br />Invalid query: " . pg_last_error() . "$DEBUG_TEXT");
}
- if (eregi ("^SELECT", $query))
+ if (preg_match ("/^SELECT/i", $query))
{
// if $query was a SELECT statement check the number of rows with [database_type]_num_rows ().
if ($CONF['database_type'] == "mysql") $number_rows = mysql_num_rows ($result);
diff --git a/variables.inc.php b/variables.inc.php
index 84ddc84..614ce96 100644
--- a/variables.inc.php
+++ b/variables.inc.php
@@ -7,7 +7,7 @@
//
// File: variables.inc.php
//
-if (ereg ("variables.inc.php", $_SERVER['PHP_SELF']))
+if (preg_match ("/variables.inc.php/", $_SERVER['PHP_SELF']))
{
header ("Location: login.php");
exit;
@@ -26,7 +26,7 @@ $fDelete = "";
$fDescription = "";
$fDomain = "";
$fDomains = "";
-$fDomains[0] = "";
+#$fDomains[0] = "";
$fGoto = "";
$fMail = "";
$fMailboxes = "";
@@ -58,7 +58,7 @@ $tDomain = "";
$tDomains = "";
$tFrom = "";
$tGoto = "";
-$tLog = "";
+$tLog = array();
$tMailbox = "";
$tMailboxes = "";
$tMaxquota = "";
diff --git a/viewlog.php b/viewlog.php
index 5a2920c..b39e5d0 100644
--- a/viewlog.php
+++ b/viewlog.php
@@ -28,7 +28,7 @@ $list_domains = list_domains_for_admin ($SESSID_USERNAME);
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
- if ((is_array ($list_domains) and sizeof ($list_domains) > 0)) $fDomain = $list_domains[0];
+ if ((is_array ($list_domains) and count ($list_domains) > 0)) $fDomain = $list_domains[0];
if (!check_owner ($SESSID_USERNAME, $fDomain))
{