'; if (isset($GLOBALS['OC_displayTop']) && !empty($GLOBALS['OC_displayTop'])) { print $GLOBALS['OC_displayTop']; } print '
' . safeHTMLstr($what) . '
'; } // Displays page footer function printFooter() { global $pfx; print ''; $OC_translate = true; $OC_db = NULL; // Init arrays $OC_hooksAR = array(); $OC_cssAR = array(); $OC_jsAR = array(); $OC_extraHeaderAR = array(); $OC_onloadAR = array(); $OC_configAR = array(); $OC_statusAR = array(); $OC_modulesAR = array(); $OC_activeModulesAR = array(); $OC_languageAR = array(); // sanitize PHP_SELF $_SERVER['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF']); // Baseline version - set for install, updated from db below once installed $GLOBALS['OC_configAR']['OC_version'] = '6.x'; ### // Check whether it's home page or a subdir we're in if (basename($_SERVER['PHP_SELF']) == "openconf.php") { $pfx = ""; $basepath = dirname($_SERVER['PHP_SELF']); } else { $pfx = "../"; $basepath = dirname(dirname($_SERVER['PHP_SELF'])); } define('OCC_BASE_URL', 'http' . ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on')) ? 's' : '') . '://' . safeHTMLstr($_SERVER['SERVER_NAME']) . (ctype_digit($_SERVER['SERVER_PORT']) && (($_SERVER['SERVER_PORT'] != '80')) ? (':' . $_SERVER['SERVER_PORT']) : '') . $basepath . '/'); define('OCC_LIB_DIR', $pfx . 'lib/'); // lib dir define('OCC_PLUGINS_DIR', $pfx . 'plugins/'); // plugins dir define('OCC_CONFIG_FILE', $pfx . 'config.php'); // config file location define('OCC_FORM_INC_FILE', $pfx . 'include-forms.inc'); // forms include file location define('OCC_SUBMISSION_INC_FILE', $pfx . 'author/submission.inc'); // submission include file define('OCC_REVIEW_INC_FILE', $pfx . 'review/review.inc'); // review include file define('OCC_COMMITTEE_INC_FILE', $pfx . 'review/committee.inc'); // review include file define('OCC_ZONE_FILE', OCC_LIB_DIR . 'zones/zones.php'); // time zone file location define('OCC_MIME_FILE', OCC_LIB_DIR . 'mime.php'); // mime types file location define('OCC_UTF8CASECONV_FILE', OCC_LIB_DIR . 'UTF8CaseConv.php'); // UTF8CaseConv file location /* DO NOT MODIFY THIS LINE OR OTHERWISE FALSELY DEFINE OR MAKE UP OCC_LICENSE */ (file_exists($pfx . 'license.php') ? require_once($pfx . 'license.php') : define('OCC_LICENSE', 'Public')); // License type /* DO NOT MODIFY THIS LINE */ // Set OC_formatAR with mime types - moved to OCC_MIME_FILE in 4.00 require_once OCC_MIME_FILE; // Row Array - used for toggling row style $rowAR = array(); $rowAR[1] = 2; $rowAR[2] = 1; // Yes/No Array $yesNoAR = array( 1 => 'Yes', 0 => 'No' ); // Status Array $OC_statusValueAR = array( 1 => 'Open', 0 => 'Closed', ); // Context $OC_context = stream_context_create(array('http'=>array('timeout'=>20))); // Strip slashes if magic_gpc enabled function fix_magic_gpc(&$var) { if (is_array($var)) { array_walk($var, 'fix_magic_gpc'); } else { $var = stripslashes($var); } } if (ini_get('magic_quotes_gpc') || ini_get('magic_quotes_runtime')) { array_walk($_GET, 'fix_magic_gpc'); array_walk($_POST, 'fix_magic_gpc'); array_walk($_REQUEST, 'fix_magic_gpc'); // cookies & files are skipped as no relevant data \'d } // i18n routines function oc_($s, $d='') { // s|ource d|omain if ($s == '') { return(''); } if (($GLOBALS['OC_locale'] == 'en') || (!$GLOBALS['OC_translate'])) { if ( (defined('OCC_WORD_AUTHOR') && (OCC_WORD_AUTHOR != 'Author')) || (defined('OCC_WORD_CHAIR') && (OCC_WORD_CHAIR != 'Chair')) ) { return(preg_replace(array('/Author/', '/author/', '/Chair/'), array(OCC_WORD_AUTHOR, oc_strtolower(OCC_WORD_AUTHOR), OCC_WORD_CHAIR), $s)); } else { return($s); } } elseif (function_exists('gettext')) { if (!empty($d)) { return(dgettext($d, $s)); } else { return(_($s)); } } else { return($s); } /* elseif (empty($t)) { return(T_($s)); } else { return(T_dgettext($domain, $s)); } */ } function oc_n($s, $p, $c, $d='') { // s|ource p|lural c|ount d|omain if ($s == '') { return(''); } if (function_exists('ngettext')) { if (!empty($d)) { return(dngettext($d, $s, $p, $c)); } else { return(ngettext($s, $p, $c)); } } elseif ($c > 1) { return $p; } else { return $s; } /* elseif (empty($d)) { return(T_ngettext($s, $p, $c)); } else { return(T_dngettext($d, $s, $p, $c)); } */ } // Returns a string with double-quotes (only) slashes function slashQuote($s) { return(preg_replace('/"/','\\"',$s)); } // Checks whether the script is close to timing out function oc_checkTimeout() { if (($GLOBALS['OC_timeStamp'] > 0) && ((time() - $GLOBALS['OC_timeStamp']) > ($GLOBALS['OC_maxRunTime'] - 5)) // timeout if within 5 seconds ) { return TRUE; } return FALSE; } // Returns a string containing define statements with an updated constant value function replaceConstantValue($constName, $newValue, &$string) { $string = preg_replace('/(define\("' . $constName . '",\s?"?).*?("?\);)/', '${1}' . slashQuote(stripslashes($newValue)) . '${2}', $string); } // Returns true/false on whether a named hook is set function oc_hookSet($hook) { if (isset($GLOBALS['OC_hooksAR'][$hook]) && !empty($GLOBALS['OC_hooksAR'][$hook])) { return true; } else { return false; } } // Adds a hook for additional functionality; typically used with modules function oc_addHook($name, $value) { if (!isset($GLOBALS['OC_hooksAR'][$name])) { // init if first hook for name $GLOBALS['OC_hooksAR'][$name] = array($value); } elseif (!in_array($value, $GLOBALS['OC_hooksAR'][$name])) { // add only if not duplicate $GLOBALS['OC_hooksAR'][$name][] = $value; } } // Add CSS file to be read in by header function oc_addCSS($file,$moduleId='') { if (!empty($moduleId)) { $GLOBALS['OC_cssAR'][] = 'modules/' . $moduleId . '/' . $file; } else { $GLOBALS['OC_cssAR'][] = $file; } } // Add JS file to be read in by header function oc_addJS($file,$moduleId='') { if (!empty($moduleId)) { $GLOBALS['OC_jsAR'][] = 'modules/' . $moduleId . '/' . $file; } else { $GLOBALS['OC_jsAR'][] = $file; } } // Add body onLoad to be included in header function oc_addOnLoad($js) { $GLOBALS['OC_onloadAR'][] = $js; } // Add extra headers function oc_addHeader($hdr) { $GLOBALS['OC_extraHeaderAR'][] = $hdr; } // Returns an array of database tables function getTables() { $constAR = get_defined_constants(); preg_match_all("/(OCC_TABLE_\w+)/",implode('\0',array_keys($constAR)),$tAR); foreach ($tAR[0] as $t) { $tableAR[] = constant($t); } return($tableAR); } // oc_password_hash - hashes password function oc_password_hash($pw) { if (PHP_VERSION_ID >= 50307) { // new school if (!function_exists('password_hash')) { // use library for compatibility between PHP >= 5.3.7, < 5.5-DEV require_once OCC_LIB_DIR . 'password_compat.php'; } return(password_hash($pw, PASSWORD_DEFAULT)); } else { // old school $salt = substr(md5(uniqid(rand(),TRUE)), 0, 10); return $salt . sha1($salt . $pw); } } // oc_password_needs_rehash - checks whether password hash is outdated & new format available function oc_password_needs_rehash($hash) { if (PHP_VERSION_ID >= 50307) { if (!preg_match("/^\\$/", $hash)) { // old school return(true); } else { if (!function_exists('password_hash')) { require_once OCC_LIB_DIR . 'password_compat.php'; } return(password_needs_rehash($hash, PASSWORD_DEFAULT)); } } else { // leave it alone return(false); } } // oc_password_verify - verifies password and updates hash if needed function oc_password_verify($pw, $hash, $type=null, $id=null) { $verified = false; if (oc_hookSet('password-verify')) { foreach ($GLOBALS['OC_hooksAR']['password-verify'] as $hook) { require_once $hook; } } else { // verify hash if (preg_match("/^\\$/", $hash)) { // new school if (!function_exists('password_hash')) { // library for compatibility between PHP >= 5.3.7, < 5.5-DEV require_once OCC_LIB_DIR . 'password_compat.php'; } if (password_verify($pw, $hash)) { $verified = true; } } else { // old school $salt = substr($hash, 0, 10); if ($hash == ($salt . sha1($salt . $pw))) { $verified = true; } } // update hash? if ($verified && preg_match("/^\w+$/", $type) && oc_password_needs_rehash($hash)) { if (($type == 'submission') && preg_match("/^\d+$/", $id)) { ocsql_query("UPDATE `" . OCC_TABLE_PAPER . "` SET `password`='" . safeSQLstr(oc_password_hash($pw)) . "' WHERE `paperid`='" . safeSQLstr($id) . "'"); } elseif (($type == 'committee') && preg_match("/^\d+$/", $id)) { ocsql_query("UPDATE `" . OCC_TABLE_REVIEWER . "` SET `password`='" . safeSQLstr(oc_password_hash($pw)) . "' WHERE `reviewerid`='" . safeSQLstr($id) . "'"); } elseif ($type == 'chair') { updateConfigSetting('OC_chair_pwd', oc_password_hash($pw)); } } } return($verified); } // oc_password_generate - creates and returns a new random password function oc_password_generate() { $validChars = 'bcdfghjkmnpqrtvwxyzBCDFGHJKLMNPQRTVWXYZ2346789'; // available chars for pwd $cmax = strlen($validChars); $ctot = rand(10, 14); // pwd length $p = ''; // pwd $c = 0; // number of chars in pwd while ($c < $ctot) { $p .= substr($validChars, mt_rand(0, ($cmax - 1)), 1); $c++; } return($p); } // Format number // $n = number of bytes function oc_formatNumber($n) { if ($n > 1048576) { // > 1 MB return(number_format(($n/1048576),1) . "MB"); } else { return(number_format(($n/1024),0) . "KB"); } } // Convert units function toMB($n) { if (preg_match("/^(\d+)(\w?)[bB]?$/",$n,$matches)) { switch (strtoupper($matches[2])) { case '': case 'B': return((($matches[1] >= 105000) ? (number_format(($matches[1]/1048576),1) . "MB") : (number_format(($matches[1]/1024),1) . "KB"))); break; case 'K': return((($matches[1] >= 103) ? (number_format(($matches[1]/1024),1) . "MB") : (number_format($matches[1],1) . "KB"))); break; case 'M': return($matches[1] . "MB"); break; } } return($n); } // Returns the value of a var if it exists in the specified array, or a default value // if safe=true and array value exists, it's returned safeHTMLstr() function varValue($varName, &$ar, $default='', $safe=false) { if (isset($ar[$varName])) { if ($safe) { return(safeHTMLstr($ar[$varName])); } else { return($ar[$varName]); } } return($default); } // Displays page header function printHeader($what, $function="0") { require_once $GLOBALS['pfx'] . (isset($GLOBALS['OC_configAR']['OC_headerFile']) ? $GLOBALS['OC_configAR']['OC_headerFile'] : 'header.php'); print '
' . safeHTMLstr($what) . '
'; } // Displays page footer function printFooter() { global $pfx; print '