From adc56b482bd482f88ae102d3aba6f2e2ad694b39 Mon Sep 17 00:00:00 2001
From: Jan Tojnar <jtojnar@gmail.com>
Date: Fri, 14 Jan 2022 03:34:46 +0100
Subject: [PATCH] Support modern PHP

---
 Skirogaining_2010/index.php |  16 +--
 imagelightnessat.func.php   |   2 +-
 index.php                   |  18 ++--
 load.lib.php                | 201 +++++++++++++++++++++---------------
 sboard.php                  |  52 +++++-----
 5 files changed, 166 insertions(+), 123 deletions(-)

diff --git a/Skirogaining_2010/index.php b/Skirogaining_2010/index.php
index f3025fe..43689b8 100644
--- a/Skirogaining_2010/index.php
+++ b/Skirogaining_2010/index.php
@@ -2,27 +2,31 @@
 session_start();
 $included = true;
 $lang = empty($_GET['lang']) ? 'cs' : $_GET['lang'];
-$page = htmlspecialchars($_GET['page']);
-$url = $_SERVER['REQUEST_URI'];
+if (!in_array($lang, ['cs', 'en', 'de'], true)) {
+    header('Location: /en/' . ($_GET['page'] ?? ''));
+    exit;
+}
+$page = htmlspecialchars($_GET['page'] ?? 'main');
+$url = $_SERVER['REQUEST_URI'] ?? '';
 $root = '/Skirogaining_2010';
 $pretitle = '1. Skirogaining 2010';
 $mainMail = 'tojnar@gmail.com';
-include $lang . '.php';
+require $lang . '.php';
 $CMS['%url%'] = 'http://skirogaining.tojnar.cz' . htmlspecialchars($url);
 $CMS['%root%'] = $root;
 $CMS['%lang%'] = $lang;
 $CMS['%unknownAuthor%'] = 'Jan Tojnar';
 $CMS['%headerLinkHref%'] = rplc('%root%/') . $lang;
 $CMS['%pretitle%'] = $pretitle;
-$CMS['%comefrom%'] = $_SERVER['HTTP_REFERER'];
+$CMS['%comefrom%'] = $_SERVER['HTTP_REFERER'] ?? 'n/a';
 $CMS['%dateFormat%'] = 'd.m.Y H:i';
 function rplc($string) {
     global $CMS;
 
     return str_replace(array_keys($CMS), $CMS, $string);
 }
-include __DIR__ . '/../sboard.php';
-include __DIR__ . '/../load.lib.php';
+require __DIR__ . '/../sboard.php';
+require __DIR__ . '/../load.lib.php';
 readPage($page);
 $CMS['%releasedate%'] = toDate($date);
 $CMS['%releasetime%'] = toTime($date);
diff --git a/imagelightnessat.func.php b/imagelightnessat.func.php
index 59e70e3..402c600 100644
--- a/imagelightnessat.func.php
+++ b/imagelightnessat.func.php
@@ -11,7 +11,7 @@
  * by Jed Smith <?php $u = "jed"; $d = "bz"; printf("<%s@%s.%s>", $u, $u, $d) ?>
  */
 function imagelightnessat($img, $x, $y) {
-    if (!is_resource($img)) {
+    if (!$img instanceof \GdImage && !is_resource($img)) {
         trigger_error('imagelightnessat(): supplied argument is not a valid '
             . 'Image resource', E_USER_WARNING);
 
diff --git a/index.php b/index.php
index aa7afa7..7c45d92 100644
--- a/index.php
+++ b/index.php
@@ -2,19 +2,23 @@
 session_start();
 $included = true;
 $lang = empty($_GET['lang']) ? 'cs' : $_GET['lang'];
-$page = htmlspecialchars($_GET['page']);
-$url = $_SERVER['REQUEST_URI'];
+if (!in_array($lang, ['cs', 'de'], true)) {
+    header('Location: /cs/' . ($_GET['page'] ?? ''));
+    exit;
+}
+$page = htmlspecialchars($_GET['page'] ?? 'main');
+$url = $_SERVER['REQUEST_URI'] ?? '';
 $root = '';
 $pretitle = '2. Skirogaining 2012';
 $mainMail = 'tojnar@gmail.com';
-include $lang . '.php';
+require $lang . '.php';
 $CMS['%url%'] = 'http://skirogaining.tojnar.cz' . htmlspecialchars($url);
 $CMS['%root%'] = $root;
 $CMS['%lang%'] = $lang;
 $CMS['%unknownAuthor%'] = 'Jan Tojnar';
 $CMS['%headerLinkHref%'] = rplc('%root%/') . $lang;
 $CMS['%pretitle%'] = $pretitle;
-$CMS['%comefrom%'] = $_SERVER['HTTP_REFERER'];
+$CMS['%comefrom%'] = $_SERVER['HTTP_REFERER'] ?? 'n/a';
 $CMS['%dateFormat%'] = 'd.m.Y H:i';
 if ($lang == 'cs') {
     $CMS['%old%'] = '<p class="old"><a href="http://skirogaining.tojnar.cz/Skirogaining_2010/">1. Skirogaining 2010</a> <a href="http://skirogaining.krk-litvinov.cz/">3. Skirogaining 2012</a></p>';
@@ -28,8 +32,8 @@ function rplc($string) {
 
     return str_replace(array_keys($CMS), $CMS, $string);
 }
-include 'sboard.php';
-include 'load.lib.php';
+require __DIR__ . '/sboard.php';
+require __DIR__ . '/load.lib.php';
 readPage($page);
 $CMS['%releasedate%'] = toDate($date);
 $CMS['%releasetime%'] = toTime($date);
@@ -72,4 +76,4 @@ ob_start(/*"ob_gzhandler"*/);
 include 'template.html';
 $buffer = ob_get_clean();
 echo rplc(rplc($buffer));
-?>
\ No newline at end of file
+?>
diff --git a/load.lib.php b/load.lib.php
index 702b576..76c0716 100644
--- a/load.lib.php
+++ b/load.lib.php
@@ -1,9 +1,15 @@
 <?php
 
-if ($included == true) {
-    // boolean readPage(string $page)
-function readPage($page) {//main function
-global $lang,$realPageType,$menuUrl,$article,$title,$author,$date,$time,$menu,$mainMail,$langPanel,$notreleased, $eu;
+if ($included !== true) {
+    header('HTTP/1.0 403 Forbidden');
+    header('Location: /en/error/403');
+    exit;
+}
+
+function readPage(string $page): bool {
+    //main function
+    $aliases = [];
+    global $lang,$realPageType,$menuUrl,$article,$title,$author,$date,$time,$menu,$mainMail,$langPanel,$notreleased, $eu;
     if (empty($page)) {//page specification
         $realPage = 'pages/' . $lang . '/main.pg';
     } else {
@@ -12,7 +18,7 @@ global $lang,$realPageType,$menuUrl,$article,$title,$author,$date,$time,$menu,$m
         } else {
             $realPage = 'pages/' . $lang . '/error/404.pg';
             $log404 = fopen('404.log', 'a+');
-            if (!ereg($page . "\n", file_get_contents('404.log'))) {
+            if (!preg_match('(' . preg_quote($page) . '\n)', file_get_contents('404.log'))) {
                 fwrite($log404, $page . "\n");
                 mail($mainMail, "Stranka nenalezena http://skirogaining.tojnar.cz/$page", rplc('Prichozi z: %comefrom%'));
             }
@@ -32,37 +38,64 @@ global $lang,$realPageType,$menuUrl,$article,$title,$author,$date,$time,$menu,$m
 
     $fileContent = rplc(file_get_contents($realPage));
     //echo($fileContent);
-    $fileContent = ereg_replace('<a([^>]*)hs="([1-9][0-9]?)"([^>]*)>', '<a\\1onclick="return hs.expand(this,{slideshowGroup:\\2})"\\3>', $fileContent);
+    $fileContent = preg_replace('(<a([^>]*)hs="([1-9][0-9]?)"([^>]*)>)', '<a\\1onclick="return hs.expand(this,{slideshowGroup:\\2})"\\3>', $fileContent);
     $sbContent = rplc(sboard_generate($realPage));
     $fileContent = str_replace('<board>', $sbContent, $fileContent);
 
-    ereg("<article>(.*)<\/article>", $fileContent, $article); //article body
-    $article = trim($article[1]);
+    if (preg_match('(<article>(.*)</article>)s', $fileContent, $article)) {
+        //article body
+        $article = trim($article[1]);
+    } else {
+        $article = '';
+    }
 
-    ereg("<title>(.*)<\/title>", $fileContent, $title); //article title
-    $title = trim($title[1]);
+    if (preg_match('(<title>(.*)</title>)s', $fileContent, $title)) {
+        //article title
+        $title = trim($title[1]);
+    } else {
+        $title = '';
+    }
 
-    ereg("<date>(.*)<\/date>", $fileContent, $date); //article title
-    $date = trim($date[1]);
+    if (preg_match('(<date>(.*)</date>)s', $fileContent, $date)) {
+        //article release time
+        $date = trim($date[1]);
+    } else {
+        $date = null;
+    }
 
-    ereg("<author>(.*)<\/author>", $fileContent, $author); //article title
-    $author = trim($author[1]);
+    if (preg_match('(<author>(.*)</author>)s', $fileContent, $author)) {
+        //article author
+        $author = trim($author[1]);
+    } else {
+        $author = null;
+    }
 
     $languages = ['cs', 'en', 'de'];
 
-    ereg('<alias([^>]*)cs="([^"]*)"([^>]*)>', $fileContent, $cs); //article czech version link
-    $aliases['cs'] = trim($cs[2]);
+    if (preg_match('(<alias([^>]*)cs="([^"]*)"([^>]*)>)', $fileContent, $cs)) {
+        //article czech version link
+        $aliases['cs'] = trim($cs[2]);
+    }
 
-    ereg('<alias([^>]*)en="([^"]*)"([^>]*)>', $fileContent, $en); //article english version link
-    $aliases['en'] = trim($en[2]);
+    if (preg_match('(<alias([^>]*)en="([^"]*)"([^>]*)>)', $fileContent, $en)) {
+        //article english version link
+        $aliases['en'] = trim($en[2]);
+    }
 
-    ereg('<alias([^>]*)de="([^"]*)"([^>]*)>', $fileContent, $de); //article german version link
-    $aliases['de'] = trim($de[2]);
+    if (preg_match('(<alias([^>]*)de="([^"]*)"([^>]*)>)', $fileContent, $de)) {
+        //article german version link
+        $aliases['de'] = trim($de[2]);
+    }
+
+    if (preg_match('(<menu url="([^"]*)">)', $fileContent, $menuUrl)) {
+        //article menu url
+        $menuUrl = trim($menuUrl[1]);
+    } else {
+        $menuUrl = null;
+    }
 
-    ereg('<menu url="([^"]*)">', $fileContent, $menuUrl); //article menu url
-    $menuUrl = trim($menuUrl[1]);
     foreach ($languages as $language) {//language box generator
-        if (!empty($aliases[$language]) and file_exists('pages/' . $language . '/' . $aliases[$language] . '.pg')) {
+        if (isset($aliases[$language]) && file_exists('pages/' . $language . '/' . $aliases[$language] . '.pg')) {
             $langPanel .= rplc('<a href="%root%/' . $language . '/' . ($aliases[$language] == 'main' ? '' : $aliases[$language]) . '"><img src="%root%/gpx/' . $language . 'flag.png" alt="' . $language . '"></a>');
         }
     }
@@ -75,15 +108,15 @@ global $lang,$realPageType,$menuUrl,$article,$title,$author,$date,$time,$menu,$m
     }
     }
     */
-    if (empty($menuUrl) or !file_exists($menuUrl)) {
+    if ($menuUrl === null || !file_exists($menuUrl)) {
         $menuUrl = 'main';
     }
     $menu = rplc(file_get_contents('pages/' . $lang . '/' . $menuUrl . '.mn'));
     $article = rplc($article);
-    if (ereg('<goto url="([^"]+)">', $fileContent, $gotoUrl)) {
+    if (preg_match('(<goto url="([^"]+)">)', $fileContent, $gotoUrl)) {
         if ($page == $gotoUrl[1]) {
             $logrecursive = fopen('syntax.log', 'a+');
-            if (!ereg($realPage . "\n", file_get_contents('recursive.log'))) {
+            if (!preg_match('(' . preg_quote($realPage) . '\n)', file_get_contents('recursive.log'))) {
                 fwrite($logrecursive, $realPage . "\n");
                 mail($mainMail, "Presmerovaci smycka http://skirogaining.tojnar.cz/$realPage", 'Stranka se presmerovava sama na sebe');
             }
@@ -100,33 +133,36 @@ global $lang,$realPageType,$menuUrl,$article,$title,$author,$date,$time,$menu,$m
         $eu = false;
     }
 
-    if (empty($title) and empty($article)) {
+    if (empty($title) && empty($article)) {
         $logsyntax = fopen('syntax.log', 'a+');
-        if (!ereg($realPage . "\n", file_get_contents('syntax.log'))) {
+        if (!preg_match('(' . preg_quote($realPage) . '\n)', file_get_contents('syntax.log'))) {
             fwrite($logsyntax, $realPage . "\n");
             mail($mainMail, "Chyba syntaxe http://skirogaining.tojnar.cz/$realPage", 'Nerozpoznan titulek a clanek');
         }
         fclose($logsyntax);
+        return false;
         readPage('error/syntax');
 
         return false;
     } elseif (empty($title)) {
         $logsyntax = fopen('syntax.log', 'a+');
-        if (!ereg($realPage . "\n", file_get_contents('syntax.log'))) {
+        if (!preg_match('(' . preg_quote($realPage) . '\n)', file_get_contents('syntax.log'))) {
             fwrite($logsyntax, $realPage . "\n");
             mail($mainMail, "Chyba syntaxe http://skirogaining.tojnar.cz/$realPage", 'Nerozpoznan titulek');
         }
         fclose($logsyntax);
+        return false;
         readPage('error/syntax');
 
         return false;
     } elseif (empty($article)) {
         $logsyntax = fopen('syntax.log', 'a+');
-        if (!ereg($realPage . "\n", file_get_contents('syntax.log'))) {
+        if (!preg_match('(' . preg_quote($realPage) . '\n)', file_get_contents('syntax.log'))) {
             fwrite($logsyntax, $realPage . "\n");
             mail($mainMail, "Chyba syntaxe http://skirogaining.tojnar.cz/$realPage", 'Nerozpoznan clanek');
         }
         fclose($logsyntax);
+        return false;
         readPage('error/syntax');
 
         return false;
@@ -135,56 +171,55 @@ global $lang,$realPageType,$menuUrl,$article,$title,$author,$date,$time,$menu,$m
     }
 }
 
-    // string|null author(string $author)
-    function author($author) {
-        global $realPageType;
-        if ($realPageType == 0) {
-            if (empty($author)) {
-                return rplc('%unknownAuthor%');
-            } else {
-                return $author;
-            }
+function author(string $author): ?string {
+    global $realPageType;
+    if ($realPageType == 0) {
+        if (empty($author)) {
+            return rplc('%unknownAuthor%');
         } else {
-            return null;
+            return $author;
         }
+    } else {
+        return null;
     }
+}
 
-    // string|null toDate(string $date)
-    function toDate($dateStr) {
-        if (!empty($dateStr)) {
-            $dateStr = explode(' ', $dateStr);
-            $dateStr = $dateStr[0];
-            $dateStr = explode('-', $dateStr);
-            $year = $dateStr[0];
-            $month = ltrim($dateStr[1], '0');
-            $day = ltrim($dateStr[2], '0');
-
-            return str_replace(['%y%', '%m%', '%d%'], [$year, $month, $day], rplc('%date%'));
-        } else {
-            return null;
-        }
-    }
-
-    function isReleased($dateStr) {
+function toDate(?string $dateStr): ?string {
+    if (!empty($dateStr)) {
         $dateStr = explode(' ', $dateStr);
         $dateStr = $dateStr[0];
         $dateStr = explode('-', $dateStr);
         $year = $dateStr[0];
         $month = ltrim($dateStr[1], '0');
         $day = ltrim($dateStr[2], '0');
-        $time = explode(' ', $dateStr);
-        $time = explode(':', $time[1]);
-        $hour = $time[0];
-        $minute = $time[1];
-        if (date('Y') >= $year) {
-            if (date('m') >= $month) {
-                if (date('d') >= $day) {
-                    if (date('H') >= $hour) {
-                        if (date('i') >= $minute) {
-                            return true;
-                        } else {
-                            return false;
-                        }
+
+        return str_replace(['%y%', '%m%', '%d%'], [$year, $month, $day], rplc('%date%'));
+    } else {
+        return null;
+    }
+}
+
+function isReleased(?string $datetimeStr): bool {
+    if ($datetimeStr === null || $datetimeStr === '') {
+        // Empty date = release immediately
+        return true;
+    }
+
+    $datetime = explode(' ', $datetimeStr);
+    if (!isset($datetime[1])) {
+        $datetime[1] = '00:00';
+    }
+
+    [$year, $month, $day] = explode('-', $datetime[0]);
+    $month = ltrim($month, '0');
+    $day = ltrim($day, '0');
+    [$hour, $minute] = explode(':', $datetime[1]);
+    if (date('Y') >= $year) {
+        if (date('m') >= $month) {
+            if (date('d') >= $day) {
+                if (date('H') >= $hour) {
+                    if (date('i') >= $minute) {
+                        return true;
                     } else {
                         return false;
                     }
@@ -197,20 +232,16 @@ global $lang,$realPageType,$menuUrl,$article,$title,$author,$date,$time,$menu,$m
         } else {
             return false;
         }
+    } else {
+        return false;
+    }
+}
+
+function toTime(?string $dateStr): ?string {
+    if (!empty($dateStr)) {
+        $time = explode(' ', $dateStr);
+        return $time[1] ?? null;
+    } else {
+        return null;
     }
-
-    // string|null toTime(string $date)
-    function toTime($dateStr) {
-        if (!empty($dateStr)) {
-            $time = explode(' ', $dateStr);
-            $time = $time[1];
-
-            return $time;
-        } else {
-            return null;
-        }
-    }
-} else {
-    header('HTTP/1.0 403 Forbidden');
-    header('Location: /en/error/403');
 }
diff --git a/sboard.php b/sboard.php
index f3f0236..c7e7e13 100644
--- a/sboard.php
+++ b/sboard.php
@@ -12,17 +12,17 @@ if (0 == 9) {
  * @copyright Jan Tojnar, http://jtojnar.php5.cz/
  */
 function bb2html($buffer) {
-    $buffer = ereg_replace("\[b\](.*)\[/b\]", '<span class="bold">\\1</span>', $buffer);
-    $buffer = ereg_replace("\[i\](.*)\[/i\]", '<span class="italic">\\1</span>', $buffer);
-    $buffer = ereg_replace("\[red\](.*)\[/red\]", '<span class="red">\\1</span>', $buffer);
-    $buffer = ereg_replace("\[green\](.*)\[/green\]", '<span class="green">\\1</span>', $buffer);
-    $buffer = ereg_replace("\[blue\](.*)\[/blue\]", '<span class="blue">\\1</span>', $buffer);
-    $buffer = ereg_replace("\[purple\](.*)\[/purple\]", '<span class="purple">\\1</span>', $buffer);
-    $buffer = ereg_replace("\[yellow\](.*)\[/yellow\]", '<span class="yellow">\\1</span>', $buffer);
-    $buffer = ereg_replace('%(.*)%', '&#37;\\1&#37;', $buffer);
-    $buffer = ereg_replace("\n", "<br>\n", $buffer);
-    $buffer = ereg_replace("\r\n", "<br>\n", $buffer);
-    $buffer = ereg_replace("\r", "<br>\n", $buffer);
+    $buffer = preg_replace('(\[b\](.*)\[/b\])s', '<span class="bold">\\1</span>', $buffer);
+    $buffer = preg_replace('(\[i\](.*)\[/i\])s', '<span class="italic">\\1</span>', $buffer);
+    $buffer = preg_replace('(\[red\](.*)\[/red\])s', '<span class="red">\\1</span>', $buffer);
+    $buffer = preg_replace('(\[green\](.*)\[/green\])s', '<span class="green">\\1</span>', $buffer);
+    $buffer = preg_replace('(\[blue\](.*)\[/blue\])s', '<span class="blue">\\1</span>', $buffer);
+    $buffer = preg_replace('(\[purple\](.*)\[/purple\])s', '<span class="purple">\\1</span>', $buffer);
+    $buffer = preg_replace('(\[yellow\](.*)\[/yellow\])s', '<span class="yellow">\\1</span>', $buffer);
+    $buffer = preg_replace('(%(.*)%)s', '&(37;\\1&)37;', $buffer);
+    $buffer = preg_replace('(\n)', "<br>\n", $buffer);
+    $buffer = preg_replace('(\r\n)', "<br>\n", $buffer);
+    $buffer = preg_replace('(\r)', "<br>\n", $buffer);
 
     return htmlspecialchars($buffer);
 }
@@ -37,7 +37,7 @@ function check_email($email) {
     $atom = '[-a-z0-9!#$%&\'*+/=?^_`{|}~]';
     $domain = '[a-z0-9]([-a-z0-9]{0,61}[a-z0-9])';
 
-    return eregi("^$atom+(\\.$atom+)*@($domain?\\.)+$domain\$", $email);
+    return preg_match("(^$atom+(\\.$atom+)*@($domain?\\.)+$domain\$)i", $email);
 }
 
 /** control www address
@@ -48,7 +48,7 @@ function check_email($email) {
  * @copyright Jan Tojnar, http://jtojnar.php5.cz
  */
 function check_url($url) {
-    return eregi("^http[s]?://[-a-z0-9]*\.[-a-z0-9]+\.[a-z]+$", $url);
+    return preg_match('(^http[s]?://[-a-z0-9]*\.[-a-z0-9]+\.[a-z]+$)i', $url);
 }
 
 /** returns text of shoutboard
@@ -59,23 +59,27 @@ function check_url($url) {
  * @copyright Jan Tojnar, http://jtojnar.php5.cz/
  */
 function sboard_generate($file) {
+    $sbnum = 0;
+    $sbError = '';
+    $email = null;
+    $hemail = null;
     ++$sbnum;
-    $name = htmlspecialchars($_POST['name']);
-    $www = htmlspecialchars($_POST['www']);
-    $post = htmlspecialchars($_POST['post']);
-    $ip = $_SERVER['REMOTE_ADDR'];
+    $name = htmlspecialchars($_POST['name'] ?? '');
+    $www = htmlspecialchars($_POST['www'] ?? '');
+    $post = htmlspecialchars($_POST['post'] ?? '');
+    $ip = $_SERVER['REMOTE_ADDR'] ?? '';
     $timestamp = date(rplc('%dateFormat%'));
-    $formCaptchaSum = sha1($_POST['captcha']);
-    $showmail = $_POST['showmail'];
+    $formCaptchaSum = sha1($_POST['captcha'] ?? '');
+    $showmail = $_POST['showmail'] ?? '';
     $checkedshowmailfalse = $showmail == 'false' ? ' checked="checked"' : '';
     $checkedshowmailtrue = empty($showmail) ? ' checked="checked"' : ($showmail == 'true' ? ' checked="checked"' : '');
     if ($showmail == 'true') {
-        $email = htmlspecialchars($_POST['email']);
+        $email = htmlspecialchars($_POST['email'] ?? '');
     } else {
-        $hemail = htmlspecialchars($_POST['email']);
+        $hemail = htmlspecialchars($_POST['email'] ?? '');
     }
-    $formCaptchaSumPre = $_POST['captchasum'];
-    $captcha = mt_rand(0, 9) . mt_rand(0, 9) . mt_rand(0, 9) . mt_rand(0, 9);
+    $formCaptchaSumPre = $_POST['captchasum'] ?? '';
+    $captcha = random_int(0, 9) . random_int(0, 9) . random_int(0, 9) . random_int(0, 9);
     $_SESSION['captcha'] = $captcha;
     $captchasum = sha1($captcha);
     //echo($timestamp);
@@ -124,7 +128,7 @@ EOT;
         }
     }
     if (file_exists($file . 'c' . $sbnum)) {
-        $comments = ereg_replace('<ip>([^<]+)</ip>', '', ereg_replace('<hemail>([^<]+)</hemail>', '', file_get_contents($file . 'c' . $sbnum)));
+        $comments = preg_replace('(<ip>([^<]+)</ip>)', '', preg_replace('(<hemail>([^<]+)</hemail>)', '', file_get_contents($file . 'c' . $sbnum)));
     } else {
         $comments = '';
     }