Context Navigation

source: branches/1.1dev/lib/Utilities.inc.php @ 759

Last change on this file since 759 was 759, checked in by anonymous, 2 years ago
Minor
File size: 27.8 KB

Line
1	<?php
2	/**
3	* Utilities.inc.php
4	* Code by Strangecode :: www.strangecode.com :: This document contains copyrighted information
5	*/
6
7
8	/**
9	* Print variable dump.
10	*
11	* @param mixed $var The variable to dump.
12	* @param bool $display Print the dump in <pre> tags or hide it in html comments (non-CLI only).
13	* @param bool $dump_method Dump method. See SC_DUMP_* constants.
14	* @param string $file Value of __FILE__.
15	* @param string $line Value of __LINE__
16	*/
17	define('SC_DUMP_PRINT_R', 0);
18	define('SC_DUMP_VAR_DUMP', 1);
19	define('SC_DUMP_VAR_EXPORT', 2);
20	function dump($var, $display=false, $dump_method=SC_DUMP_PRINT_R, $file='', $line='')
21	{
22	if ('cli' === php_sapi_name() \|\| defined('_CLI')) {
23	echo "DUMP FROM: $file $line\n";
24	} else {
25	echo $display ? "\n<br />DUMP <strong>$file $line</strong><br /><pre>\n" : "\n<!-- DUMP $file $line\n";
26	}
27
28	switch ($dump_method) {
29	case SC_DUMP_PRINT_R:
30	default:
31	// Print human-readable descriptions of invisible types.
32	if (null === $var) {
33	echo '(null)';
34	} else if (true === $var) {
35	echo '(bool: true)';
36	} else if (false === $var) {
37	echo '(bool: false)';
38	} else if (is_scalar($var) && '' === $var) {
39	echo '(empty string)';
40	} else if (is_scalar($var) && preg_match('/^\s+$/', $var)) {
41	echo '(only white space)';
42	} else {
43	print_r($var);
44	}
45	break;
46
47	case SC_DUMP_VAR_DUMP:
48	var_dump($var);
49	break;
50
51	case SC_DUMP_VAR_EXPORT:
52	var_export($var);
53	break;
54	}
55
56	if ('cli' === php_sapi_name() \|\| defined('_CLI')) {
57	echo "\n";
58	} else {
59	echo $display ? "\n</pre><br />\n" : "\n-->\n";
60	}
61	}
62
63	/**
64	* Return dump as variable.
65	*
66	* @param mixed $var Variable to dump.
67	*
68	* @return string Dump of var.
69	*/
70	function getDump($var)
71	{
72	ob_start();
73	print_r($var);
74	$d = ob_get_contents();
75	ob_end_clean();
76	return $d;
77	}
78
79	/*
80	* Return dump as cleaned text. Useful for dumping data into emails or output from CLI scripts.
81	* To output tab-style lists set $indent to "\t" and $depth to 0;
82	* To output markdown-style lists set $indent to '- ' and $depth to 1;
83	* Also see yaml_emit() https://secure.php.net/manual/en/function.yaml-emit.php
84	*
85	* @param array $var Variable to dump.
86	* @param string $indent A string to prepend indented lines.
87	* @param string $depth Starting depth of this iteration of recursion (set to 0 to have no initial indentation).
88	* @return string Pretty dump of $var.
89	* @author Quinn Comendant <quinn@strangecode.com>
90	* @version 2.0
91	*/
92	function fancyDump($var, $indent='- ', $depth=1)
93	{
94	$indent_str = str_repeat($indent, $depth);
95	$output = '';
96	if (is_array($var)) {
97	foreach ($var as $k=>$v) {
98	$k = ucfirst(mb_strtolower(str_replace(array('_', ' '), ' ', $k)));
99	if (is_array($v)) {
100	$output .= sprintf("\n%s%s:\n%s\n", $indent_str, $k, fancyDump($v, $indent, $depth+1));
101	} else {
102	$output .= sprintf("%s%s: %s\n", $indent_str, $k, $v);
103	}
104	}
105	} else {
106	$output .= sprintf("%s%s\n", $indent_str, $var);
107	}
108	return preg_replace(['/^[ \t]+$/', '/\n\n+/', '/^(?:\S( ))?(?:\S( ))?(?:\S( ))?(?:\S( ))?(?:\S( ))?(?:\S( ))?(?:\S( ))?(?:\S( ))?(\S )/m'], ['', "\n", '$1$1$2$2$3$3$4$4$5$5$6$6$7$7$8$8$9'], $output);
109	}
110
111	/**
112	* Returns text with appropriate html translations.
113	*
114	* @param string $txt Text to clean.
115	* @param bool $preserve_html If set to true, oTxt will not translage <, >, ", or '
116	* characters into HTML entities. This allows HTML to pass
117	* through unmunged.
118	*
119	* @return string Cleaned text.
120	*/
121	function oTxt($txt, $preserve_html=false)
122	{
123	global $CFG;
124
125	$search = array();
126	$replace = array();
127
128	// Make converted ampersand entities into normal ampersands (they will be done manually later) to retain HTML entities.
129	$search['retain_ampersand'] = '/&/';
130	$replace['retain_ampersand'] = '&';
131
132	if ($preserve_html) {
133	// Convert characters that must remain non-entities for displaying HTML.
134	$search['retain_left_angle'] = '/</';
135	$replace['retain_left_angle'] = '<';
136
137	$search['retain_right_angle'] = '/>/';
138	$replace['retain_right_angle'] = '>';
139
140	$search['retain_single_quote'] = '/'/';
141	$replace['retain_single_quote'] = "'";
142
143	$search['retain_double_quote'] = '/"/';
144	$replace['retain_double_quote'] = '"';
145	}
146
147	// & becomes &
148	$search['ampersand'] = '/&((?![\w\d#]{1,10};))/';
149	$replace['ampersand'] = '&\\1';
150
151	return preg_replace($search, $replace, htmlentities($txt, ENT_QUOTES, $CFG->character_set));
152	}
153
154	/**
155	* Returns text with stylistic modifications.
156	*
157	* @param string $txt Text to clean.
158	*
159	* @return string Cleaned text.
160	*/
161	function fancyTxt($txt)
162	{
163	$search = array();
164	$replace = array();
165
166	// "double quoted text" becomes “double quoted text”
167	$search['double_quotes'] = '/(^\|[^\w=])(?:"\|"\|"\|"\|“)([^"]+?)(?:"\|"\|"\|"\|”)([^\w]\|$)/'; // " is the same as " and " and "
168	$replace['double_quotes'] = '\\1“\\2”\\3';
169
170	// text's apostrophes become text’s apostrophes
171	$search['apostrophe'] = '/(\w)(?:\'\|')(\w)/';
172	$replace['apostrophe'] = '\\1’\\2';
173
174	// "single quoted text" becomes ‘single quoted text’
175	$search['single_quotes'] = '/(^\|[^\w=])(?:\'\|'\|‘)([^\']+?)(?:\'\|'\|’)([^\w]\|$)/';
176	$replace['single_quotes'] = '\\1‘\\2’\\3';
177
178	// em--dashes become em—dashes
179	$search['em_dash'] = '/(\s[^!<-])--([^>-]\s)/';
180	$replace['em_dash'] = '\\1—\\2';
181
182	// & becomes &
183	$search['ampersand'] = '/&((?![\w\d#]{1,10};))/';
184	$replace['ampersand'] = '&\\1';
185
186	return preg_replace($search, $replace, $txt);
187	}
188
189	/*
190	* Finds all URLs in text and hyperlinks them.
191	*
192	* @access public
193	* @param string $text Text to search for URLs.
194	* @param bool $strict True to only include URLs starting with a scheme (http:// ftp:// im://), or false to include URLs starting with 'www.'.
195	* @param mixed $length Number of characters to truncate URL, or NULL to disable truncating.
196	* @param string $delim Delimiter to append, indicate truncation.
197	* @return string Same input text, but URLs hyperlinked.
198	* @author Quinn Comendant <quinn@strangecode.com>
199	* @version 2.1
200	* @since 22 Mar 2015 23:29:04
201	*/
202	function hyperlinkTxt($text, $strict=false, $length=null, $delim='âŠ')
203	{
204	// A list of schemes we allow at the beginning of a URL.
205	$schemes = 'mailto:\|tel:\|skype:\|callto:\|facetime:\|bitcoin:\|geo:\|magnet:\?\|sip:\|sms:\|xmpp:\|view-source:(?:https?://)?\|[\w-]{2,}://';
206
207	// Capture the full URL into the first match and only the first X characters into the second match.
208	// This will match URLs not preceded by " ' or = (URLs inside an attribute) or ` (Markdown quoted) or double-scheme (http://http://www.asdf.com)
209	// Valid URL characters: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~:/?#[]@!$&'()*+,;=
210	$regex = '@
211	\b # Start with a word-boundary.
212	(?<!"\|\'\|=\|>\|`\|\]\(\|[:/]/) # Negative look-behind to exclude URLs already in <a> tag, <tags>beween</tags>, `Markdown quoted`, [Markdown](link), and avoid broken:/ and doubled://schemes://
213	( # Begin match 1
214	( # Begin match 2
215	(?:%s) # URL starts with known scheme or www. if strict = false
216	[^\s/$.?#]+ # Any domain-valid characters
217	[^\s"`<>]{1,%s} # Match 2 is limited to a maximum of LENGTH valid URL characters
218	)
219	[^\s"`<>]* # Match 1 continues with any further valid URL characters
220	([^\P{Any}\sâŠ<>Â«Â»"ââ%s]) # Final character not a space or common end-of-sentence punctuation (.,:;?!, etc). Using double negation set, see http://stackoverflow.com/a/4786560/277303
221	)
222	@Suxi
223	';
224	$regex = sprintf($regex,
225	($strict ? $schemes : $schemes . '\|www\.'), // Strict=false adds "www." to the list of allowed start-of-URL.
226	($length ? $length : ''),
227	($strict ? '' : '?!.,:;)\'-') // Strict=false excludes some "URL-valid" characters from the last character of URL. (Hyphen must remain last character in this class.)
228	);
229
230	// Use a callback function to decide when to append the delim.
231	// Also encode special chars with oTxt().
232	return preg_replace_callback($regex, function ($m) use ($length, $delim) {
233	$url = $m[1];
234	$truncated_url = $m[2] . $m[3];
235	$absolute_url = preg_replace('!^www\.!', 'http://www.', $url);
236	if (is_null($length) \|\| $url == $truncated_url) {
237	// If not truncating, or URL was not truncated.
238	// Remove http schemas, and any single trailing / to make the display URL.
239	$display_url = preg_replace(['!^https?://!', '!^([^/]+)/$!'], ['', '$1'], $url);
240	return sprintf('<a href="%s">%s</a>', oTxt($absolute_url), $display_url);
241	} else {
242	// Truncated URL.
243	// Remove http schemas, and any single trailing / to make the display URL.
244	$display_url = preg_replace(['!^https?://!', '!^([^/]+)/$!'], ['', '$1'], trim($truncated_url));
245	return sprintf('<a href="%s">%s%s</a>', oTxt($absolute_url), $display_url, $delim);
246	}
247	}, $text);
248	}
249
250	/**
251	* Turns "a really long string" into "a rea...string"
252	*
253	* @access public
254	* @param string $str Input string
255	* @param int $len Maximum string length.
256	* @param string $where Where to cut the string. One of: 'start', 'middle', or 'end'.
257	* @return string Truncated output string
258	* @author Quinn Comendant <quinn@strangecode.com>
259	* @since 29 Mar 2006 13:48:49
260	*/
261	function truncate($str, $len=50, $where='end', $delim='âŠ')
262	{
263	$dlen = mb_strlen($delim);
264	if ($len <= $dlen \|\| mb_strlen($str) <= $dlen) {
265	return substr($str, 0, $len);
266	}
267	$part1 = floor(($len - $dlen) / 2);
268	$part2 = ceil(($len - $dlen) / 2);
269
270	if ($len > ini_get('pcre.backtrack_limit')) {
271	logMsg(sprintf('Asked to truncate string len of %s > pcre.backtrack_limit of %s', $len, ini_get('pcre.backtrack_limit')), LOG_DEBUG, __FILE__, __LINE__);
272	ini_set('pcre.backtrack_limit', $len);
273	}
274
275	switch ($where) {
276	case 'start' :
277	return preg_replace(array(sprintf('/^.{%s,}(.{%s})$/su', $dlen + 1, $part1 + $part2), sprintf('/\s%s{%s,}\s/su', preg_quote($delim), $dlen)), array($delim . '$1', $delim), $str);
278
279	case 'middle' :
280	return preg_replace(array(sprintf('/^(.{%s}).{%s,}(.{%s})$/su', $part1, $dlen + 1, $part2), sprintf('/\s%s{%s,}\s/su', preg_quote($delim), $dlen)), array('$1' . $delim . '$2', $delim), $str);
281
282	case 'end' :
283	default :
284	return preg_replace(array(sprintf('/^(.{%s}).{%s,}$/su', $part1 + $part2, $dlen + 1), sprintf('/\s%s{%s,}\s/su', preg_quote($delim), $dlen)), array('$1' . $delim, $delim), $str);
285	}
286	}
287
288	/**
289	* Generates a hexadecimal html color based on provided word.
290	*
291	* @access public
292	*
293	* @param string $text A string for which to convert to color.
294	* @param float $n Brightness value between 0-1.
295	* @return string A hexadecimal html color.
296	*/
297	function getTextColor($text, $method=1, $n=0.87)
298	{
299	$hash = md5($text);
300	$rgb = array(
301	substr($hash, 0, 1),
302	substr($hash, 1, 1),
303	substr($hash, 2, 1),
304	substr($hash, 3, 1),
305	substr($hash, 4, 1),
306	substr($hash, 5, 1),
307	);
308
309	switch ($method) {
310	case 1 :
311	default :
312	// Reduce all hex values slightly to avoid all white.
313	array_walk($rgb, function (&$v) use ($n) {
314	$v = dechex(round(hexdec($v) * $n));
315	});
316	break;
317	case 2 :
318	foreach ($rgb as $i => $v) {
319	if (hexdec($v) > hexdec('c')) {
320	$rgb[$i] = dechex(hexdec('f') - hexdec($v));
321	}
322	}
323	break;
324	}
325
326	return join('', $rgb);
327	}
328
329	/**
330	* Encodes a string into unicode values 128-255.
331	* Useful for hiding an email address from spambots.
332	*
333	* @access public
334	*
335	* @param string $text A line of text to encode.
336	*
337	* @return string Encoded text.
338	*/
339	function encodeAscii($text)
340	{
341	$ouput = '';
342	$num = strlen($text);
343	for ($i=0; $i<$num; $i++) {
344	$output .= sprintf('&#%03s', ord($text[$i]));
345	}
346	return $output;
347	}
348
349	/**
350	* Encodes an email into a user (at) domain (dot) com format.
351	*
352	* @access public
353	* @param string $email An email to encode.
354	* @param string $at Replaces the @.
355	* @param string $dot Replaces the ..
356	* @return string Encoded email.
357	*/
358	function encodeEmail($email, $at=' at ', $dot=' dot ')
359	{
360	$search = array('/@/', '/\./');
361	$replace = array($at, $dot);
362	return preg_replace($search, $replace, $email);
363	}
364
365	/*
366	* Converts a string into a URL-safe slug, removing spaces and non word characters.
367	*
368	* @access public
369	* @param string $str String to convert.
370	* @return string URL-safe slug.
371	* @author Quinn Comendant <quinn@strangecode.com>
372	* @version 1.0
373	* @since 18 Aug 2014 12:54:29
374	*/
375	function URLSlug($str)
376	{
377	$slug = preg_replace(array('/\W+/u', '/^-+\|-+$/'), array('-', ''), $str);
378	$slug = strtolower($slug);
379	return $slug;
380	}
381
382	/**
383	* Return a human readable filesize.
384	*
385	* @param int $size Size
386	* @param int $unit The maximum unit
387	* @param int $format The return string format
388	* @author Aidan Lister <aidan@php.net>
389	* @version 1.1.0
390	*/
391	function humanFileSize($size, $unit=null, $format='%01.2f %s')
392	{
393	// Units
394	$units = array('B', 'KB', 'MB', 'GB', 'TB');
395	$ii = count($units) - 1;
396
397	// Max unit
398	$unit = array_search((string) $unit, $units);
399	if ($unit === null \|\| $unit === false) {
400	$unit = $ii;
401	}
402
403	// Loop
404	$i = 0;
405	while ($unit != $i && $size >= 1024 && $i < $ii) {
406	$size /= 1024;
407	$i++;
408	}
409
410	return sprintf($format, $size, $units[$i]);
411	}
412
413	/**
414	* If $var is net set or null, set it to $default. Otherwise leave it alone.
415	* Returns the final value of $var. Use to find a default value of one is not avilable.
416	*
417	* @param mixed $var The variable that is being set.
418	* @param mixed $default What to set it to if $val is not currently set.
419	* @return mixed The resulting value of $var.
420	*/
421	function setDefault(&$var, $default='')
422	{
423	if (!isset($var)) {
424	$var = $default;
425	}
426	return $var;
427	}
428
429	/**
430	* Like preg_quote() except for arrays, it takes an array of strings and puts
431	* a backslash in front of every character that is part of the regular
432	* expression syntax.
433	*
434	* @param array $array input array
435	* @param array $delim optional character that will also be excaped.
436	*
437	* @return array an array with the same values as $array1 but shuffled
438	*/
439	function pregQuoteArray($array, $delim='/')
440	{
441	if (!empty($array)) {
442	if (is_array($array)) {
443	foreach ($array as $key=>$val) {
444	$quoted_array[$key] = preg_quote($val, $delim);
445	}
446	return $quoted_array;
447	} else {
448	return preg_quote($array, $delim);
449	}
450	}
451	}
452
453	/**
454	* Converts a PHP Array into encoded URL arguments and return them as an array.
455	*
456	* @param mixed $data An array to transverse recursively, or a string
457	* to use directly to create url arguments.
458	* @param string $prefix The name of the first dimension of the array.
459	* If not specified, the first keys of the array will be used.
460	*
461	* @return array URL with array elements as URL key=value arguments.
462	*/
463	function urlEncodeArray($data, $prefix='', $_return=true) {
464
465	// Data is stored in static variable.
466	static $args;
467
468	if (is_array($data)) {
469	foreach ($data as $key => $val) {
470	// If the prefix is empty, use the $key as the name of the first dimension of the "array".
471	// ...otherwise, append the key as a new dimension of the "array".
472	$new_prefix = ('' == $prefix) ? urlencode($key) : $prefix . '[' . urlencode($key) . ']';
473	// Enter recursion.
474	urlEncodeArray($val, $new_prefix, false);
475	}
476	} else {
477	// We've come to the last dimension of the array, save the "array" and it's value.
478	$args[$prefix] = urlencode($data);
479	}
480
481	if ($_return) {
482	// This is not a recursive execution. All recursion is complete.
483	// Reset static var and return the result.
484	$ret = $args;
485	$args = array();
486	return is_array($ret) ? $ret : array();
487	}
488	}
489
490	/**
491	* Converts a PHP Array into encoded URL arguments and return them in a string.
492	*
493	* @param mixed $data An array to transverse recursively, or a string
494	* to use directly to create url arguments.
495	* @param string $prefix The name of the first dimension of the array.
496	* If not specified, the first keys of the array will be used.
497	*
498	* @return string url A string ready to append to a url.
499	*/
500	function urlEncodeArrayToString($data, $prefix='') {
501
502	$array_args = urlEncodeArray($data, $prefix);
503	$url_args = '';
504	$delim = '';
505	foreach ($array_args as $key=>$val) {
506	$url_args .= $delim . $key . '=' . $val;
507	$delim = ini_get('arg_separator.output');
508	}
509	return $url_args;
510	}
511
512	/**
513	* An alternative to "shuffle()" that actually works.
514	*
515	* @param array $array1 input array
516	* @param array $array2 argument used internally through recursion
517	*
518	* @return array an array with the same values as $array1 but shuffled
519	*/
520	function arrayRand(&$array1, $array2 = array())
521	{
522	if (!sizeof($array1)) {
523	return array();
524	}
525
526	srand((double) microtime() * 10000000);
527	$rand = array_rand($array1);
528
529	$array2[] = $array1[$rand];
530	unset ($array1[$rand]);
531
532	return $array2 + arrayRand($array1, $array2);
533	}
534
535	/**
536	* Fills an arrray with the result from a multiple ereg search.
537	* Curtesy of Bruno - rbronosky@mac.com - 10-May-2001
538	* Blame him for the funky do...while loop.
539	*
540	* @param mixed $pattern regular expression needle
541	* @param mixed $string haystack
542	*
543	* @return array populated with each found result
544	*/
545	function eregAll($pattern, $string)
546	{
547	do {
548	if (!ereg($pattern, $string, $temp)) {
549	continue;
550	}
551	$string = str_replace($temp[0], '', $string);
552	$results[] = $temp;
553	} while (ereg($pattern, $string, $temp));
554	return $results;
555	}
556
557	/**
558	* Prints the word "checked" if a variable is set, and optionally matches
559	* the desired value, otherwise prints nothing,
560	* used for printing the word "checked" in a checkbox form input.
561	*
562	* @param mixed $var the variable to compare
563	* @param mixed $value optional, what to compare with if a specific value is required.
564	*/
565	function frmChecked($var, $value=null)
566	{
567	if (func_num_args() == 1 && $var) {
568	// 'Checked' if var is true.
569	echo ' checked="checked" ';
570	} else if (func_num_args() == 2 && $var == $value) {
571	// 'Checked' if var and value match.
572	echo ' checked="checked" ';
573	} else if (func_num_args() == 2 && is_array($var)) {
574	// 'Checked' if the value is in the key or the value of an array.
575	if (isset($var[$value])) {
576	echo ' checked="checked" ';
577	} else if (in_array($value, $var)) {
578	echo ' checked="checked" ';
579	}
580	}
581	}
582
583	/**
584	* prints the word "selected" if a variable is set, and optionally matches
585	* the desired value, otherwise prints nothing,
586	* otherwise prints nothing, used for printing the word "checked" in a
587	* select form input
588	*
589	* @param mixed $var the variable to compare
590	* @param mixed $value optional, what to compare with if a specific value is required.
591	*/
592	function frmSelected($var, $value=null)
593	{
594	if (func_num_args() == 1 && $var) {
595	// 'selected' if var is true.
596	echo ' selected="selected" ';
597	} else if (func_num_args() == 2 && $var == $value) {
598	// 'selected' if var and value match.
599	echo ' selected="selected" ';
600	} else if (func_num_args() == 2 && is_array($var)) {
601	// 'selected' if the value is in the key or the value of an array.
602	if (isset($var[$value])) {
603	echo ' selected="selected" ';
604	} else if (in_array($value, $var)) {
605	echo ' selected="selected" ';
606	}
607	}
608	}
609
610	/**
611	* Adds slashes to values of an array and converts the array to a
612	* comma delimited list. If value provided is not an array or is empty
613	* return nothing. This is useful for putting values coming in from
614	* posted checkboxes into a SET column of a database.
615	*
616	* @param array $array Array to convert.
617	* @return string Comma list of array values.
618	*/
619	function dbArrayToList($array)
620	{
621	if (is_array($array) && !empty($array)) {
622	return join(',', array_map('mysql_real_escape_string', array_keys($array)));
623	}
624	}
625
626	/**
627	* Converts a human string date into a SQL-safe date.
628	* Dates nearing infinity use the date 2038-01-01 so conversion to unix time
629	* format remain within valid range.
630	*
631	* @param array $date String date to convert.
632	* @param array $format Date format to pass to date().
633	* Default produces MySQL datetime: 0000-00-00 00:00:00.
634	*
635	* @return string SQL-safe date.
636	*/
637	function strToSQLDate($date, $format='Y-m-d H:i:s')
638	{
639	// Translate the human string date into SQL-safe date format.
640	if (empty($date) \|\| '0000-00-00' == $date \|\| strtotime($date) === -1) {
641	$sql_date = '0000-00-00';
642	} else {
643	$sql_date = date($format, strtotime($date));
644	}
645
646	return $sql_date;
647	}
648
649	/**
650	* If magic_quotes_gpc is in use, run stripslashes() on $var. If $var is an
651	* array, stripslashes is run on each value, recursively, and the stripped
652	* array is returned
653	*
654	* @param mixed $var The string or array to un-quote, if necessary.
655	* @return mixed $var, minus any magic quotes.
656	*/
657	function dispelMagicQuotes($var)
658	{
659	static $magic_quotes_gpc;
660
661	if (!isset($magic_quotes_gpc)) {
662	$magic_quotes_gpc = get_magic_quotes_gpc();
663	}
664
665	if ($magic_quotes_gpc) {
666	if (!is_array($var)) {
667	$var = stripslashes($var);
668	} else {
669	foreach ($var as $key=>$val) {
670	if (is_array($val)) {
671	$var[$key] = dispelMagicQuotes($val);
672	} else {
673	$var[$key] = stripslashes($val);
674	}
675	}
676	}
677	}
678	return $var;
679	}
680
681	/**
682	* Get a form variable from GET or POST data, stripped of magic
683	* quotes if necessary.
684	*
685	* @param string $var (optional) The name of the form variable to look for.
686	* @param string $default (optional) The value to return if the
687	* variable is not there.
688	*
689	* @return mixed A cleaned GET or POST if no $var specified.
690	* @return string A cleaned form $var if found, or $default.
691	*/
692	function getFormData($var=null, $default=null)
693	{
694	if ('POST' == $_SERVER['REQUEST_METHOD'] && is_null($var)) {
695	return dispelMagicQuotes($_POST);
696	} else if ('GET' == $_SERVER['REQUEST_METHOD'] && is_null($var)) {
697	return dispelMagicQuotes($_GET);
698	}
699	if (isset($_POST[$var])) {
700	return dispelMagicQuotes($_POST[$var]);
701	} else if (isset($_GET[$var])) {
702	return dispelMagicQuotes($_GET[$var]);
703	} else {
704	return $default;
705	}
706	}
707	function getPost($var=null, $default=null)
708	{
709	if (is_null($var)) {
710	return dispelMagicQuotes($_POST);
711	}
712	if (isset($_POST[$var])) {
713	return dispelMagicQuotes($_POST[$var]);
714	} else {
715	return $default;
716	}
717	}
718	function getGet($var=null, $default=null)
719	{
720	if (is_null($var)) {
721	return dispelMagicQuotes($_GET);
722	}
723	if (isset($_GET[$var])) {
724	return dispelMagicQuotes($_GET[$var]);
725	} else {
726	return $default;
727	}
728	}
729
730	/*
731	* Generates a base-65-encoded sha512 hash of $string truncated to $length.
732	*
733	* @access public
734	* @param string $string Input string to hash.
735	* @param int $length Length of output hash string.
736	* @return string String of hash.
737	* @author Quinn Comendant <quinn@strangecode.com>
738	* @version 1.0
739	* @since 03 Apr 2016 19:48:49
740	*/
741	function hash64($string, $length=18)
742	{
743	return mb_substr(preg_replace('/[^\w]/', '', base64_encode(hash('sha512', $string, true))), 0, $length);
744	}
745
746	/**
747	* Signs a value using md5 and a simple text key. In order for this
748	* function to be useful (i.e. secure) the salt must be kept secret, which
749	* means keeping it as safe as database credentials. Putting it into an
750	* environment variable set in httpd.conf is a good place.
751	*
752	* @access public
753	* @param string $val The string to sign.
754	* @param string $salt (Optional) A text key to use for computing the signature.
755	* @param string $length (Optional) The length of the added signature. Longer signatures are safer. Must match the length passed to verifySignature() for the signatures to match.
756	* @return string The original value with a signature appended.
757	*/
758	function addSignature($val, $salt=null, $length=18)
759	{
760	if ('' == trim($val)) {
761	logMsg(sprintf('Cannot add signature to an empty string.', null), LOG_INFO, __FILE__, __LINE__);
762	return '';
763	}
764
765	if (!isset($salt)) {
766	global $CFG;
767	$salt = $CFG->signing_key;
768	}
769
770	return $val . '-' . mb_substr(preg_replace('/[^\w]/', '', base64_encode(hash('sha512', $val . $salt, true))), 0, $length);
771	}
772
773	/**
774	* Strips off the signature appended by addSignature().
775	*
776	* @access public
777	* @param string $signed_val The string to sign.
778	* @return string The original value with a signature removed.
779	*/
780	function removeSignature($signed_val)
781	{
782	if (empty($signed_val) \|\| mb_strpos($signed_val, '-') === false) {
783	return '';
784	}
785	return mb_substr($signed_val, 0, mb_strrpos($signed_val, '-'));
786	}
787
788	/**
789	* Verifies a signature appended to a value by addSignature().
790	*
791	* @access public
792	* @param string $signed_val A value with appended signature.
793	* @param string $salt (Optional) A text key to use for computing the signature.
794	* @param string $length (Optional) The length of the added signature.
795	* @return bool True if the signature matches the var.
796	*/
797	function verifySignature($signed_val, $salt=null, $length=18)
798	{
799	// Strip the value from the signed value.
800	$val = removeSignature($signed_val);
801	// If the signed value matches the original signed value we consider the value safe.
802	if ('' != $signed_val && $signed_val == addSignature($val, $salt, $length)) {
803	// Signature verified.
804	return true;
805	} else {
806	logMsg(sprintf('Failed signature (%s should be %s)', $signed_val, addSignature($val, $salt, $length)), LOG_DEBUG, __FILE__, __LINE__);
807	return false;
808	}
809	}
810
811	/**
812	* Sends empty output to the browser and flushes the php buffer so the client
813	* will see data before the page is finished processing.
814	*/
815	function flushBuffer() {
816	echo str_repeat(' ', 205);
817	flush();
818	}
819
820	/**
821	* A stub for apps that still use this function.
822	*
823	* @access public
824	* @return void
825	*/
826	function mailmanAddMember($email, $list, $send_welcome_message=false)
827	{
828	logMsg(sprintf('mailmanAddMember called and ignored: %s, %s, %s', $email, $list, $send_welcome_message), LOG_WARNING, __FILE__, __LINE__);
829	}
830
831	/**
832	* A stub for apps that still use this function.
833	*
834	* @access public
835	* @return void
836	*/
837	function mailmanRemoveMember($email, $list, $send_user_ack=false)
838	{
839	logMsg(sprintf('mailmanRemoveMember called and ignored: %s, %s, %s', $email, $list, $send_user_ack), LOG_WARNING, __FILE__, __LINE__);
840	}
841

Note: See TracBrowser for help on using the repository browser.

Download in other formats: