This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php |
||||||
2 | |||||||
3 | namespace XoopsModules\About\Common; |
||||||
4 | |||||||
5 | /* |
||||||
6 | Utility Class Definition |
||||||
7 | |||||||
8 | You may not change or alter any portion of this comment or credits of |
||||||
9 | supporting developers from this source code or any supporting source code |
||||||
10 | which is considered copyrighted (c) material of the original comment or credit |
||||||
11 | authors. |
||||||
12 | |||||||
13 | This program is distributed in the hope that it will be useful, but |
||||||
14 | WITHOUT ANY WARRANTY; without even the implied warranty of |
||||||
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||||||
16 | */ |
||||||
17 | |||||||
18 | /** |
||||||
19 | * |
||||||
20 | * @license https://www.fsf.org/copyleft/gpl.html GNU public license |
||||||
21 | * @copyright https://xoops.org 2000-2020 © XOOPS Project |
||||||
22 | * @author ZySpec <[email protected]> |
||||||
23 | * @author Mamba <[email protected]> |
||||||
24 | */ |
||||||
25 | |||||||
26 | use MyTextSanitizer; |
||||||
27 | use XoopsFormDhtmlTextArea; |
||||||
28 | use XoopsFormEditor; |
||||||
29 | use XoopsFormTextArea; |
||||||
30 | use XoopsModules\About; |
||||||
31 | use XoopsModules\About\Helper; |
||||||
32 | |||||||
33 | |||||||
34 | |||||||
35 | /** |
||||||
36 | * Class SysUtility |
||||||
37 | */ |
||||||
38 | class SysUtility |
||||||
39 | { |
||||||
40 | use VersionChecks; |
||||||
0 ignored issues
–
show
introduced
by
Loading history...
|
|||||||
41 | |||||||
42 | //checkVerXoops, checkVerPhp Traits |
||||||
43 | |||||||
44 | use ServerStats; |
||||||
45 | |||||||
46 | // getServerStats Trait |
||||||
47 | |||||||
48 | use FilesManagement; |
||||||
49 | |||||||
50 | // Files Management Trait |
||||||
51 | |||||||
52 | /** |
||||||
53 | * truncateHtml can truncate a string up to a number of characters while preserving whole words and HTML tags |
||||||
54 | * www.gsdesign.ro/blog/cut-html-string-without-breaking-the-tags |
||||||
55 | * www.cakephp.org |
||||||
56 | * |
||||||
57 | * @param string $text String to truncate. |
||||||
58 | * @param int $length Length of returned string, including ellipsis. |
||||||
59 | * @param string $ending Ending to be appended to the trimmed string. |
||||||
60 | * @param bool $exact If false, $text will not be cut mid-word |
||||||
61 | * @param bool $considerHtml If true, HTML tags would be handled correctly |
||||||
62 | * |
||||||
63 | * @return string Trimmed string. |
||||||
64 | */ |
||||||
65 | public static function truncateHtml($text, $length = 100, $ending = '...', $exact = false, $considerHtml = true) |
||||||
66 | { |
||||||
67 | if ($considerHtml) { |
||||||
68 | // if the plain text is shorter than the maximum length, return the whole text |
||||||
69 | if (mb_strlen(\preg_replace('/<.*?' . '>/', '', $text)) <= $length) { |
||||||
70 | return $text; |
||||||
71 | } |
||||||
72 | // splits all html-tags to scanable lines |
||||||
73 | \preg_match_all('/(<.+?' . '>)?([^<>]*)/s', $text, $lines, \PREG_SET_ORDER); |
||||||
74 | $total_length = mb_strlen($ending); |
||||||
75 | $open_tags = []; |
||||||
76 | $truncate = ''; |
||||||
77 | foreach ($lines as $line_matchings) { |
||||||
78 | // if there is any html-tag in this line, handle it and add it (uncounted) to the output |
||||||
79 | if (!empty($line_matchings[1])) { |
||||||
80 | // if it's an "empty element" with or without xhtml-conform closing slash |
||||||
81 | if (\preg_match('/^<(\s*.+?\/\s*|\s*(img|br|input|hr|area|base|basefont|col|frame|isindex|link|meta|param)(\s.+?)?)>$/is', $line_matchings[1])) { |
||||||
82 | // do nothing |
||||||
83 | // if tag is a closing tag |
||||||
84 | } elseif (\preg_match('/^<\s*\/(\S+?)\s*>$/s', $line_matchings[1], $tag_matchings)) { |
||||||
85 | // delete tag from $open_tags list |
||||||
86 | $pos = \array_search($tag_matchings[1], $open_tags, true); |
||||||
87 | if (false !== $pos) { |
||||||
88 | unset($open_tags[$pos]); |
||||||
89 | } |
||||||
90 | // if tag is an opening tag |
||||||
91 | } elseif (\preg_match('/^<\s*([^\s>!]+).*?' . '>$/s', $line_matchings[1], $tag_matchings)) { |
||||||
92 | // add tag to the beginning of $open_tags list |
||||||
93 | \array_unshift($open_tags, mb_strtolower($tag_matchings[1])); |
||||||
94 | } |
||||||
95 | // add html-tag to $truncate'd text |
||||||
96 | $truncate .= $line_matchings[1]; |
||||||
97 | } |
||||||
98 | // calculate the length of the plain text part of the line; handle entities as one character |
||||||
99 | $content_length = mb_strlen(\preg_replace('/&[0-9a-z]{2,8};|&#\d{1,7};|[0-9a-f]{1,6};/i', ' ', $line_matchings[2])); |
||||||
100 | if ($total_length + $content_length > $length) { |
||||||
101 | // the number of characters which are left |
||||||
102 | $left = $length - $total_length; |
||||||
103 | $entities_length = 0; |
||||||
104 | // search for html entities |
||||||
105 | if (\preg_match_all('/&[0-9a-z]{2,8};|&#\d{1,7};|[0-9a-f]{1,6};/i', $line_matchings[2], $entities, PREG_OFFSET_CAPTURE)) { |
||||||
106 | // calculate the real length of all entities in the legal range |
||||||
107 | foreach ($entities[0] as $entity) { |
||||||
108 | if ($left >= $entity[1] + 1 - $entities_length) { |
||||||
109 | $left--; |
||||||
110 | $entities_length += mb_strlen($entity[0]); |
||||||
111 | } else { |
||||||
112 | // no more characters left |
||||||
113 | break; |
||||||
114 | } |
||||||
115 | } |
||||||
116 | } |
||||||
117 | $truncate .= mb_substr($line_matchings[2], 0, $left + $entities_length); |
||||||
118 | // maximum lenght is reached, so get off the loop |
||||||
119 | break; |
||||||
120 | } |
||||||
121 | $truncate .= $line_matchings[2]; |
||||||
122 | $total_length += $content_length; |
||||||
123 | |||||||
124 | // if the maximum length is reached, get off the loop |
||||||
125 | if ($total_length >= $length) { |
||||||
126 | break; |
||||||
127 | } |
||||||
128 | } |
||||||
129 | } else { |
||||||
130 | if (mb_strlen($text) <= $length) { |
||||||
131 | return $text; |
||||||
132 | } |
||||||
133 | $truncate = mb_substr($text, 0, $length - mb_strlen($ending)); |
||||||
134 | } |
||||||
135 | // if the words shouldn't be cut in the middle... |
||||||
136 | if (!$exact) { |
||||||
137 | // ...search the last occurance of a space... |
||||||
138 | $spacepos = mb_strrpos($truncate, ' '); |
||||||
139 | if (isset($spacepos)) { |
||||||
140 | // ...and cut the text in this position |
||||||
141 | $truncate = mb_substr($truncate, 0, $spacepos); |
||||||
142 | } |
||||||
143 | } |
||||||
144 | // add the defined ending to the text |
||||||
145 | $truncate .= $ending; |
||||||
146 | if ($considerHtml) { |
||||||
147 | // close all unclosed html-tags |
||||||
148 | foreach ($open_tags as $tag) { |
||||||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
|
|||||||
149 | $truncate .= '</' . $tag . '>'; |
||||||
150 | } |
||||||
151 | } |
||||||
152 | |||||||
153 | return $truncate; |
||||||
154 | } |
||||||
155 | |||||||
156 | /** |
||||||
157 | * @param \Xmf\Module\Helper $helper |
||||||
158 | * @param array|null $options |
||||||
159 | * @return \XoopsFormDhtmlTextArea|\XoopsFormEditor |
||||||
160 | */ |
||||||
161 | public static function getEditor($helper = null, $options = null) |
||||||
162 | { |
||||||
163 | /** @var Helper $helper */ |
||||||
164 | if (null === $options) { |
||||||
165 | $options = []; |
||||||
166 | $options['name'] = 'Editor'; |
||||||
167 | $options['value'] = 'Editor'; |
||||||
168 | $options['rows'] = 10; |
||||||
169 | $options['cols'] = '100%'; |
||||||
170 | $options['width'] = '100%'; |
||||||
171 | $options['height'] = '400px'; |
||||||
172 | } |
||||||
173 | |||||||
174 | if (null === $helper) { |
||||||
175 | $helper = Helper::getInstance(); |
||||||
176 | } |
||||||
177 | |||||||
178 | $isAdmin = $helper->isUserAdmin(); |
||||||
179 | |||||||
180 | if (\class_exists('XoopsFormEditor')) { |
||||||
181 | if ($isAdmin) { |
||||||
182 | $descEditor = new \XoopsFormEditor(\ucfirst($options['name']), $helper->getConfig('editorAdmin'), $options, $nohtml = false, $onfailure = 'textarea'); |
||||||
183 | } else { |
||||||
184 | $descEditor = new \XoopsFormEditor(\ucfirst($options['name']), $helper->getConfig('editorUser'), $options, $nohtml = false, $onfailure = 'textarea'); |
||||||
185 | } |
||||||
186 | } else { |
||||||
187 | $descEditor = new \XoopsFormDhtmlTextArea(\ucfirst($options['name']), $options['name'], $options['value'], '100%', '100%'); |
||||||
0 ignored issues
–
show
'100%' of type string is incompatible with the type integer expected by parameter $cols of XoopsFormDhtmlTextArea::__construct() .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
'100%' of type string is incompatible with the type integer expected by parameter $rows of XoopsFormDhtmlTextArea::__construct() .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
188 | } |
||||||
189 | |||||||
190 | // $form->addElement($descEditor); |
||||||
191 | |||||||
192 | return $descEditor; |
||||||
193 | } |
||||||
194 | |||||||
195 | /** |
||||||
196 | * @param $fieldname |
||||||
197 | * @param $table |
||||||
198 | * |
||||||
199 | * @return bool |
||||||
200 | */ |
||||||
201 | public function fieldExists($fieldname, $table) |
||||||
202 | { |
||||||
203 | global $xoopsDB; |
||||||
204 | $result = $xoopsDB->queryF("SHOW COLUMNS FROM $table LIKE '$fieldname'"); |
||||||
205 | |||||||
206 | return ($xoopsDB->getRowsNum($result) > 0); |
||||||
207 | } |
||||||
208 | |||||||
209 | /** |
||||||
210 | * @param array|string $tableName |
||||||
211 | * @param int $id_field |
||||||
212 | * @param int $id |
||||||
213 | * |
||||||
214 | * @return mixed |
||||||
215 | */ |
||||||
216 | public static function cloneRecord($tableName, $id_field, $id) |
||||||
217 | { |
||||||
218 | $new_id = false; |
||||||
219 | $table = $GLOBALS['xoopsDB']->prefix($tableName); |
||||||
220 | // copy content of the record you wish to clone |
||||||
221 | $tempTable = $GLOBALS['xoopsDB']->fetchArray($GLOBALS['xoopsDB']->query("SELECT * FROM $table WHERE $id_field='$id' "), MYSQLI_ASSOC) or exit('Could not select record'); |
||||||
0 ignored issues
–
show
|
|||||||
222 | // set the auto-incremented id's value to blank. |
||||||
223 | unset($tempTable[$id_field]); |
||||||
224 | // insert cloned copy of the original record |
||||||
225 | $result = $GLOBALS['xoopsDB']->queryF("INSERT INTO $table (" . implode(', ', array_keys($tempTable)) . ") VALUES ('" . implode("', '", $tempTable) . "')") or exit ($GLOBALS['xoopsDB']->error()); |
||||||
0 ignored issues
–
show
|
|||||||
226 | |||||||
227 | if ($result) { |
||||||
228 | // Return the new id |
||||||
229 | $new_id = $GLOBALS['xoopsDB']->getInsertId(); |
||||||
230 | } |
||||||
231 | return $new_id; |
||||||
232 | } |
||||||
233 | } |
||||||
234 |