This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php |
||
2 | |||
3 | namespace XoopsModules\Lexikon\Common; |
||
4 | |||
5 | /* |
||
6 | Utility Class Definition |
||
7 | |||
8 | You may not change or alter any portion of this comment or credits of |
||
9 | supporting developers from this source code or any supporting source code |
||
10 | which is considered copyrighted (c) material of the original comment or credit |
||
11 | authors. |
||
12 | |||
13 | This program is distributed in the hope that it will be useful, but |
||
14 | WITHOUT ANY WARRANTY; without even the implied warranty of |
||
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||
16 | */ |
||
17 | |||
18 | /** |
||
19 | * |
||
20 | * @license https://www.fsf.org/copyleft/gpl.html GNU public license |
||
21 | * @copyright https://xoops.org 2000-2020 © XOOPS Project |
||
22 | * @author ZySpec <[email protected]> |
||
23 | * @author Mamba <[email protected]> |
||
24 | */ |
||
25 | |||
26 | use MyTextSanitizer; |
||
27 | use XoopsFormDhtmlTextArea; |
||
28 | use XoopsFormEditor; |
||
29 | use XoopsFormTextArea; |
||
30 | use XoopsModules\Lexikon\Helper; |
||
31 | |||
32 | |||
33 | |||
34 | /** |
||
35 | * Class SysUtility |
||
36 | */ |
||
37 | class SysUtility |
||
38 | { |
||
39 | use VersionChecks; |
||
0 ignored issues
–
show
introduced
by
Loading history...
|
|||
40 | |||
41 | //checkVerXoops, checkVerPhp Traits |
||
42 | |||
43 | use ServerStats; |
||
44 | |||
45 | // getServerStats Trait |
||
46 | |||
47 | use FilesManagement; |
||
48 | |||
49 | // Files Management Trait |
||
50 | |||
51 | /** |
||
52 | * truncateHtml can truncate a string up to a number of characters while preserving whole words and HTML tags |
||
53 | * www.gsdesign.ro/blog/cut-html-string-without-breaking-the-tags |
||
54 | * www.cakephp.org |
||
55 | * |
||
56 | * @param string $text String to truncate. |
||
57 | * @param int $length Length of returned string, including ellipsis. |
||
58 | * @param string $ending Ending to be appended to the trimmed string. |
||
59 | * @param bool $exact If false, $text will not be cut mid-word |
||
60 | * @param bool $considerHtml If true, HTML tags would be handled correctly |
||
61 | * |
||
62 | * @return string Trimmed string. |
||
63 | */ |
||
64 | public static function truncateHtml($text, $length = 100, $ending = '...', $exact = false, $considerHtml = true) |
||
65 | { |
||
66 | if ($considerHtml) { |
||
67 | // if the plain text is shorter than the maximum length, return the whole text |
||
68 | if (mb_strlen(\preg_replace('/<.*?' . '>/', '', $text)) <= $length) { |
||
69 | return $text; |
||
70 | } |
||
71 | // splits all html-tags to scanable lines |
||
72 | \preg_match_all('/(<.+?' . '>)?([^<>]*)/s', $text, $lines, \PREG_SET_ORDER); |
||
73 | $total_length = mb_strlen($ending); |
||
74 | $open_tags = []; |
||
75 | $truncate = ''; |
||
76 | foreach ($lines as $line_matchings) { |
||
77 | // if there is any html-tag in this line, handle it and add it (uncounted) to the output |
||
78 | if (!empty($line_matchings[1])) { |
||
79 | // if it's an "empty element" with or without xhtml-conform closing slash |
||
80 | if (\preg_match('/^<(\s*.+?\/\s*|\s*(img|br|input|hr|area|base|basefont|col|frame|isindex|link|meta|param)(\s.+?)?)>$/is', $line_matchings[1])) { |
||
81 | // do nothing |
||
82 | // if tag is a closing tag |
||
83 | } elseif (\preg_match('/^<\s*\/(\S+?)\s*>$/s', $line_matchings[1], $tag_matchings)) { |
||
84 | // delete tag from $open_tags list |
||
85 | $pos = \array_search($tag_matchings[1], $open_tags, true); |
||
86 | if (false !== $pos) { |
||
87 | unset($open_tags[$pos]); |
||
88 | } |
||
89 | // if tag is an opening tag |
||
90 | } elseif (\preg_match('/^<\s*([^\s>!]+).*?' . '>$/s', $line_matchings[1], $tag_matchings)) { |
||
91 | // add tag to the beginning of $open_tags list |
||
92 | \array_unshift($open_tags, mb_strtolower($tag_matchings[1])); |
||
93 | } |
||
94 | // add html-tag to $truncate'd text |
||
95 | $truncate .= $line_matchings[1]; |
||
96 | } |
||
97 | // calculate the length of the plain text part of the line; handle entities as one character |
||
98 | $content_length = mb_strlen(\preg_replace('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|[0-9a-f]{1,6};/i', ' ', $line_matchings[2])); |
||
99 | if ($total_length + $content_length > $length) { |
||
100 | // the number of characters which are left |
||
101 | $left = $length - $total_length; |
||
102 | $entities_length = 0; |
||
103 | // search for html entities |
||
104 | if (\preg_match_all('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|[0-9a-f]{1,6};/i', $line_matchings[2], $entities, \PREG_OFFSET_CAPTURE)) { |
||
105 | // calculate the real length of all entities in the legal range |
||
106 | foreach ($entities[0] as $entity) { |
||
107 | if ($left >= $entity[1] + 1 - $entities_length) { |
||
108 | $left--; |
||
109 | $entities_length += mb_strlen($entity[0]); |
||
110 | } else { |
||
111 | // no more characters left |
||
112 | break; |
||
113 | } |
||
114 | } |
||
115 | } |
||
116 | $truncate .= mb_substr($line_matchings[2], 0, $left + $entities_length); |
||
117 | // maximum lenght is reached, so get off the loop |
||
118 | break; |
||
119 | } |
||
120 | $truncate .= $line_matchings[2]; |
||
121 | $total_length += $content_length; |
||
122 | |||
123 | // if the maximum length is reached, get off the loop |
||
124 | if ($total_length >= $length) { |
||
125 | break; |
||
126 | } |
||
127 | } |
||
128 | } else { |
||
129 | if (mb_strlen($text) <= $length) { |
||
130 | return $text; |
||
131 | } |
||
132 | $truncate = mb_substr($text, 0, $length - mb_strlen($ending)); |
||
133 | } |
||
134 | // if the words shouldn't be cut in the middle... |
||
135 | if (!$exact) { |
||
136 | // ...search the last occurance of a space... |
||
137 | $spacepos = mb_strrpos($truncate, ' '); |
||
138 | if (isset($spacepos)) { |
||
139 | // ...and cut the text in this position |
||
140 | $truncate = mb_substr($truncate, 0, $spacepos); |
||
141 | } |
||
142 | } |
||
143 | // add the defined ending to the text |
||
144 | $truncate .= $ending; |
||
145 | if ($considerHtml) { |
||
146 | // close all unclosed html-tags |
||
147 | foreach ($open_tags as $tag) { |
||
148 | $truncate .= '</' . $tag . '>'; |
||
149 | } |
||
150 | } |
||
151 | |||
152 | return $truncate; |
||
153 | } |
||
154 | |||
155 | /** |
||
156 | * @param \Xmf\Module\Helper $helper |
||
157 | * @param array|null $options |
||
158 | * @return \XoopsFormDhtmlTextArea|\XoopsFormEditor |
||
159 | */ |
||
160 | public static function getEditor($helper = null, $options = null) |
||
161 | { |
||
162 | /** @var Helper $helper */ |
||
163 | if (null === $options) { |
||
164 | $options = []; |
||
165 | $options['name'] = 'Editor'; |
||
166 | $options['value'] = 'Editor'; |
||
167 | $options['rows'] = 10; |
||
168 | $options['cols'] = '100%'; |
||
169 | $options['width'] = '100%'; |
||
170 | $options['height'] = '400px'; |
||
171 | } |
||
172 | |||
173 | if (null === $helper) { |
||
174 | $helper = Helper::getInstance(); |
||
175 | } |
||
176 | |||
177 | $isAdmin = $helper->isUserAdmin(); |
||
178 | |||
179 | if (\class_exists('XoopsFormEditor')) { |
||
180 | if ($isAdmin) { |
||
181 | $descEditor = new XoopsFormEditor(\ucfirst($options['name']), $helper->getConfig('editorAdmin'), $options, $nohtml = false, $onfailure = 'textarea'); |
||
182 | } else { |
||
183 | $descEditor = new XoopsFormEditor(\ucfirst($options['name']), $helper->getConfig('editorUser'), $options, $nohtml = false, $onfailure = 'textarea'); |
||
184 | } |
||
185 | } else { |
||
186 | $descEditor = new \XoopsFormDhtmlTextArea(\ucfirst($options['name']), $options['name'], $options['value'], '100%', '100%'); |
||
187 | } |
||
188 | |||
189 | // $form->addElement($descEditor); |
||
190 | |||
191 | return $descEditor; |
||
192 | } |
||
193 | |||
194 | /** |
||
195 | * @param $fieldname |
||
196 | * @param $table |
||
197 | * |
||
198 | * @return bool |
||
199 | */ |
||
200 | public static function fieldExists($fieldname, $table) |
||
201 | { |
||
202 | global $xoopsDB; |
||
203 | $result = $xoopsDB->queryF("SHOW COLUMNS FROM $table LIKE '$fieldname'"); |
||
204 | |||
205 | return ($xoopsDB->getRowsNum($result) > 0); |
||
206 | } |
||
207 | |||
208 | /** |
||
209 | * @param array|string $tableName |
||
210 | * @param int $id_field |
||
211 | * @param int $id |
||
212 | * |
||
213 | * @return false|void |
||
214 | */ |
||
215 | public static function cloneRecord($tableName, $id_field, $id) |
||
216 | { |
||
217 | $new_id = false; |
||
218 | $table = $GLOBALS['xoopsDB']->prefix($tableName); |
||
219 | // copy content of the record you wish to clone |
||
220 | $sql = "SELECT * FROM $table WHERE $id_field='$id' "; |
||
221 | $tempTable = $GLOBALS['xoopsDB']->fetchArray($GLOBALS['xoopsDB']->query($sql), \MYSQLI_ASSOC); |
||
222 | if (!$tempTable) { |
||
223 | exit($GLOBALS['xoopsDB']->error()); |
||
224 | } |
||
225 | // set the auto-incremented id's value to blank. |
||
226 | unset($tempTable[$id_field]); |
||
227 | // insert cloned copy of the original record |
||
228 | $sql = "INSERT INTO $table (" . \implode(', ', \array_keys($tempTable)) . ") VALUES ('" . \implode("', '", $tempTable) . "')"; |
||
229 | $result = $GLOBALS['xoopsDB']->queryF($sql); |
||
230 | if (!$result) { |
||
231 | exit($GLOBALS['xoopsDB']->error()); |
||
232 | } |
||
233 | // Return the new id |
||
234 | $new_id = $GLOBALS['xoopsDB']->getInsertId(); |
||
235 | |||
236 | return $new_id; |
||
237 | } |
||
238 | |||
239 | /** |
||
240 | * @param string $tablename |
||
241 | * |
||
242 | * @return bool |
||
243 | */ |
||
244 | public static function tableExists($tablename) |
||
245 | { |
||
246 | $result = $GLOBALS['xoopsDB']->queryF("SHOW TABLES LIKE '$tablename'"); |
||
247 | |||
248 | return $GLOBALS['xoopsDB']->getRowsNum($result) > 0; |
||
249 | } |
||
250 | } |
||
251 |