Changeset 580 for trunk/lib


Ignore:
Timestamp:
Feb 27, 2017 2:23:41 PM (7 years ago)
Author:
anonymous
Message:

Added base65() function. Made refererIsMe() smarter about ignoring hostnames containing IP address (which may occur if site is behine reverse-proxy and result in redirect loop). Added curl timeout to httpExists().

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/lib/Utilities.inc.php

    r560 r580  
    809809 * Converts a PHP Array into encoded URL arguments and return them in a string.
    810810 *
     811 * Todo: probably update to use the built-in http_build_query().
     812 *
    811813 * @param  mixed $data        An array to transverse recursively, or a string
    812814 *                            to use directly to create url arguments.
     
    10591061        break;
    10601062    }
     1063}
     1064
     1065/*
     1066* Generates a base-65-encoded sha512 hash of $string truncated to $length.
     1067*
     1068* @access   public
     1069* @param    string  $string Input string to hash.
     1070* @param    int     $length Length of output hash string.
     1071* @return   string          String of hash.
     1072* @author   Quinn Comendant <quinn@strangecode.com>
     1073* @version  1.0
     1074* @since    03 Apr 2016 19:48:49
     1075*/
     1076function hash64($string, $length=18)
     1077{
     1078    return mb_substr(preg_replace('/[^\w]/', '', base64_encode(hash('sha512', $string, true))), 0, $length);
    10611079}
    10621080
     
    13751393function refererIsMe($exclude_query=false)
    13761394{
     1395    $current_url = absoluteMe();
     1396    $referer_url = getenv('HTTP_REFERER');
     1397
     1398    // If one of the hostnames is an IP address, compare only the path of both.
     1399    if (preg_match('/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/', parse_url($current_url, PHP_URL_HOST)) || preg_match('/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/', parse_url($referrer_url, PHP_URL_HOST))) {
     1400        $current_url = preg_replace('@^https?://[^/]+@', '', $current_url);
     1401        $referer_url = preg_replace('@^https?://[^/]+@', '', $referer_url);
     1402    }
     1403
    13771404    if ($exclude_query) {
    1378         return (stripQuery(absoluteMe()) == stripQuery(getenv('HTTP_REFERER')));
    1379     } else {
    1380         return (absoluteMe() == getenv('HTTP_REFERER'));
     1405        return (stripQuery($current_url) == stripQuery($referer_url));
     1406    } else {
     1407        $app =& App::getInstance();
     1408        $app->logMsg(sprintf('refererIsMe comparison: %s == %s', $current_url, $referer_url), LOG_DEBUG, __FILE__, __LINE__);
     1409        return ($current_url == $referer_url);
    13811410    }
    13821411}
     
    13951424{
    13961425    $ch = curl_init($url);
     1426    curl_setopt($ch, CURLOPT_TIMEOUT, 2);
    13971427    curl_setopt($ch, CURLOPT_NOBODY, true);
    13981428    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
Note: See TracChangeset for help on using the changeset viewer.