chamilo /
chamilo-lms
@@ -300,7 +300,7 @@ discard block |
||
| 300 | 300 | $class = new $class_name($this); |
| 301 | 301 | |
| 302 | 302 | try { |
| 303 | - $this->option_analyze and $class->Analyze(); |
|
| 303 | + $this->option_analyze and $class->Analyze(); |
|
| 304 | 304 | } |
| 305 | 305 | catch (getid3_exception $e) { |
| 306 | 306 | throw $e; |
@@ -383,7 +383,7 @@ discard block |
||
| 383 | 383 | // CalculateReplayGain() { |
| 384 | 384 | if (@$this->info['replay_gain']) { |
| 385 | 385 | if (!@$this->info['replay_gain']['reference_volume']) { |
| 386 | - $this->info['replay_gain']['reference_volume'] = 89; |
|
| 386 | + $this->info['replay_gain']['reference_volume'] = 89; |
|
| 387 | 387 | } |
| 388 | 388 | if (isset($this->info['replay_gain']['track']['adjustment'])) { |
| 389 | 389 | $this->info['replay_gain']['track']['volume'] = $this->info['replay_gain']['reference_volume'] - $this->info['replay_gain']['track']['adjustment']; |
@@ -403,7 +403,7 @@ discard block |
||
| 403 | 403 | |
| 404 | 404 | // ProcessAudioStreams() { |
| 405 | 405 | if (@!$this->info['audio']['streams'] && (@$this->info['audio']['bitrate'] || @$this->info['audio']['channels'] || @$this->info['audio']['sample_rate'])) { |
| 406 | - foreach ($this->info['audio'] as $key => $value) { |
|
| 406 | + foreach ($this->info['audio'] as $key => $value) { |
|
| 407 | 407 | if ($key != 'streams') { |
| 408 | 408 | $this->info['audio']['streams'][0][$key] = $value; |
| 409 | 409 | } |
@@ -544,7 +544,7 @@ discard block |
||
| 544 | 544 | 'group' => 'audio', |
| 545 | 545 | 'module' => 'ac3', |
| 546 | 546 | 'mime_type' => 'audio/ac3', |
| 547 | - ), |
|
| 547 | + ), |
|
| 548 | 548 | |
| 549 | 549 | // AAC - audio - Advanced Audio Coding (AAC) - ADIF format |
| 550 | 550 | 'adif' => array ( |
@@ -553,7 +553,7 @@ discard block |
||
| 553 | 553 | 'module' => 'aac_adif', |
| 554 | 554 | 'mime_type' => 'application/octet-stream', |
| 555 | 555 | 'fail_ape' => 'WARNING', |
| 556 | - ), |
|
| 556 | + ), |
|
| 557 | 557 | |
| 558 | 558 | |
| 559 | 559 | // AAC - audio - Advanced Audio Coding (AAC) - ADTS format (very similar to MP3) |
@@ -563,7 +563,7 @@ discard block |
||
| 563 | 563 | 'module' => 'aac_adts', |
| 564 | 564 | 'mime_type' => 'application/octet-stream', |
| 565 | 565 | 'fail_ape' => 'WARNING', |
| 566 | - ), |
|
| 566 | + ), |
|
| 567 | 567 | |
| 568 | 568 | |
| 569 | 569 | // AU - audio - NeXT/Sun AUdio (AU) |
@@ -572,7 +572,7 @@ discard block |
||
| 572 | 572 | 'group' => 'audio', |
| 573 | 573 | 'module' => 'au', |
| 574 | 574 | 'mime_type' => 'audio/basic', |
| 575 | - ), |
|
| 575 | + ), |
|
| 576 | 576 | |
| 577 | 577 | // AVR - audio - Audio Visual Research |
| 578 | 578 | 'avr' => array ( |
@@ -580,7 +580,7 @@ discard block |
||
| 580 | 580 | 'group' => 'audio', |
| 581 | 581 | 'module' => 'avr', |
| 582 | 582 | 'mime_type' => 'application/octet-stream', |
| 583 | - ), |
|
| 583 | + ), |
|
| 584 | 584 | |
| 585 | 585 | // BONK - audio - Bonk v0.9+ |
| 586 | 586 | 'bonk' => array ( |
@@ -588,15 +588,15 @@ discard block |
||
| 588 | 588 | 'group' => 'audio', |
| 589 | 589 | 'module' => 'bonk', |
| 590 | 590 | 'mime_type' => 'audio/xmms-bonk', |
| 591 | - ), |
|
| 591 | + ), |
|
| 592 | 592 | |
| 593 | 593 | // DTS - audio - Dolby Theatre System |
| 594 | - 'dts' => array( |
|
| 595 | - 'pattern' => '^\x7F\xFE\x80\x01', |
|
| 596 | - 'group' => 'audio', |
|
| 597 | - 'module' => 'dts', |
|
| 598 | - 'mime_type' => 'audio/dts', |
|
| 599 | - ), |
|
| 594 | + 'dts' => array( |
|
| 595 | + 'pattern' => '^\x7F\xFE\x80\x01', |
|
| 596 | + 'group' => 'audio', |
|
| 597 | + 'module' => 'dts', |
|
| 598 | + 'mime_type' => 'audio/dts', |
|
| 599 | + ), |
|
| 600 | 600 | |
| 601 | 601 | // FLAC - audio - Free Lossless Audio Codec |
| 602 | 602 | 'flac' => array ( |
@@ -604,7 +604,7 @@ discard block |
||
| 604 | 604 | 'group' => 'audio', |
| 605 | 605 | 'module' => 'xiph', |
| 606 | 606 | 'mime_type' => 'audio/x-flac', |
| 607 | - ), |
|
| 607 | + ), |
|
| 608 | 608 | |
| 609 | 609 | // LA - audio - Lossless Audio (LA) |
| 610 | 610 | 'la' => array ( |
@@ -612,7 +612,7 @@ discard block |
||
| 612 | 612 | 'group' => 'audio', |
| 613 | 613 | 'module' => 'la', |
| 614 | 614 | 'mime_type' => 'application/octet-stream', |
| 615 | - ), |
|
| 615 | + ), |
|
| 616 | 616 | |
| 617 | 617 | // LPAC - audio - Lossless Predictive Audio Compression (LPAC) |
| 618 | 618 | 'lpac' => array ( |
@@ -620,7 +620,7 @@ discard block |
||
| 620 | 620 | 'group' => 'audio', |
| 621 | 621 | 'module' => 'lpac', |
| 622 | 622 | 'mime_type' => 'application/octet-stream', |
| 623 | - ), |
|
| 623 | + ), |
|
| 624 | 624 | |
| 625 | 625 | // MIDI - audio - MIDI (Musical Instrument Digital Interface) |
| 626 | 626 | 'midi' => array ( |
@@ -628,7 +628,7 @@ discard block |
||
| 628 | 628 | 'group' => 'audio', |
| 629 | 629 | 'module' => 'midi', |
| 630 | 630 | 'mime_type' => 'audio/midi', |
| 631 | - ), |
|
| 631 | + ), |
|
| 632 | 632 | |
| 633 | 633 | // MAC - audio - Monkey's Audio Compressor |
| 634 | 634 | 'mac' => array ( |
@@ -636,31 +636,31 @@ discard block |
||
| 636 | 636 | 'group' => 'audio', |
| 637 | 637 | 'module' => 'monkey', |
| 638 | 638 | 'mime_type' => 'application/octet-stream', |
| 639 | - ), |
|
| 639 | + ), |
|
| 640 | 640 | |
| 641 | 641 | // MOD - audio - MODule (assorted sub-formats) |
| 642 | 642 | 'mod' => array ( |
| 643 | 643 | 'pattern' => '^.{1080}(M.K.|[5-9]CHN|[1-3][0-9]CH)', |
| 644 | 644 | 'mime_type' => 'audio/mod', |
| 645 | - ), |
|
| 645 | + ), |
|
| 646 | 646 | |
| 647 | 647 | // MOD - audio - MODule (Impulse Tracker) |
| 648 | 648 | 'it' => array ( |
| 649 | 649 | 'pattern' => '^IMPM', |
| 650 | 650 | 'mime_type' => 'audio/it', |
| 651 | - ), |
|
| 651 | + ), |
|
| 652 | 652 | |
| 653 | 653 | // MOD - audio - MODule (eXtended Module, various sub-formats) |
| 654 | 654 | 'xm' => array ( |
| 655 | 655 | 'pattern' => '^Extended Module', |
| 656 | 656 | 'mime_type' => 'audio/xm', |
| 657 | - ), |
|
| 657 | + ), |
|
| 658 | 658 | |
| 659 | 659 | // MOD - audio - MODule (ScreamTracker) |
| 660 | 660 | 's3m' => array ( |
| 661 | 661 | 'pattern' => '^.{44}SCRM', |
| 662 | 662 | 'mime_type' => 'audio/s3m', |
| 663 | - ), |
|
| 663 | + ), |
|
| 664 | 664 | |
| 665 | 665 | // MPC - audio - Musepack / MPEGplus SV7+ |
| 666 | 666 | 'mpc' => array ( |
@@ -668,7 +668,7 @@ discard block |
||
| 668 | 668 | 'group' => 'audio', |
| 669 | 669 | 'module' => 'mpc', |
| 670 | 670 | 'mime_type' => 'audio/x-musepack', |
| 671 | - ), |
|
| 671 | + ), |
|
| 672 | 672 | |
| 673 | 673 | // MPC - audio - Musepack / MPEGplus SV4-6 |
| 674 | 674 | 'mpc_old' => array ( |
@@ -676,7 +676,7 @@ discard block |
||
| 676 | 676 | 'group' => 'audio', |
| 677 | 677 | 'module' => 'mpc_old', |
| 678 | 678 | 'mime_type' => 'application/octet-stream', |
| 679 | - ), |
|
| 679 | + ), |
|
| 680 | 680 | |
| 681 | 681 | |
| 682 | 682 | // MP3 - audio - MPEG-audio Layer 3 (very similar to AAC-ADTS) |
@@ -685,7 +685,7 @@ discard block |
||
| 685 | 685 | 'group' => 'audio', |
| 686 | 686 | 'module' => 'mp3', |
| 687 | 687 | 'mime_type' => 'audio/mpeg', |
| 688 | - ), |
|
| 688 | + ), |
|
| 689 | 689 | |
| 690 | 690 | // OFR - audio - OptimFROG |
| 691 | 691 | 'ofr' => array ( |
@@ -693,7 +693,7 @@ discard block |
||
| 693 | 693 | 'group' => 'audio', |
| 694 | 694 | 'module' => 'optimfrog', |
| 695 | 695 | 'mime_type' => 'application/octet-stream', |
| 696 | - ), |
|
| 696 | + ), |
|
| 697 | 697 | |
| 698 | 698 | // RKAU - audio - RKive AUdio compressor |
| 699 | 699 | 'rkau' => array ( |
@@ -701,7 +701,7 @@ discard block |
||
| 701 | 701 | 'group' => 'audio', |
| 702 | 702 | 'module' => 'rkau', |
| 703 | 703 | 'mime_type' => 'application/octet-stream', |
| 704 | - ), |
|
| 704 | + ), |
|
| 705 | 705 | |
| 706 | 706 | // SHN - audio - Shorten |
| 707 | 707 | 'shn' => array ( |
@@ -711,7 +711,7 @@ discard block |
||
| 711 | 711 | 'mime_type' => 'audio/xmms-shn', |
| 712 | 712 | 'fail_id3' => 'ERROR', |
| 713 | 713 | 'fail_ape' => 'ERROR', |
| 714 | - ), |
|
| 714 | + ), |
|
| 715 | 715 | |
| 716 | 716 | // TTA - audio - TTA Lossless Audio Compressor (http://tta.corecodec.org) |
| 717 | 717 | 'tta' => array ( |
@@ -719,7 +719,7 @@ discard block |
||
| 719 | 719 | 'group' => 'audio', |
| 720 | 720 | 'module' => 'tta', |
| 721 | 721 | 'mime_type' => 'application/octet-stream', |
| 722 | - ), |
|
| 722 | + ), |
|
| 723 | 723 | |
| 724 | 724 | // VOC - audio - Creative Voice (VOC) |
| 725 | 725 | 'voc' => array ( |
@@ -727,7 +727,7 @@ discard block |
||
| 727 | 727 | 'group' => 'audio', |
| 728 | 728 | 'module' => 'voc', |
| 729 | 729 | 'mime_type' => 'audio/voc', |
| 730 | - ), |
|
| 730 | + ), |
|
| 731 | 731 | |
| 732 | 732 | // VQF - audio - transform-domain weighted interleave Vector Quantization Format (VQF) |
| 733 | 733 | 'vqf' => array ( |
@@ -735,7 +735,7 @@ discard block |
||
| 735 | 735 | 'group' => 'audio', |
| 736 | 736 | 'module' => 'vqf', |
| 737 | 737 | 'mime_type' => 'application/octet-stream', |
| 738 | - ), |
|
| 738 | + ), |
|
| 739 | 739 | |
| 740 | 740 | // WV - audio - WavPack (v4.0+) |
| 741 | 741 | 'vw' => array( |
@@ -743,7 +743,7 @@ discard block |
||
| 743 | 743 | 'group' => 'audio', |
| 744 | 744 | 'module' => 'wavpack', |
| 745 | 745 | 'mime_type' => 'application/octet-stream', |
| 746 | - ), |
|
| 746 | + ), |
|
| 747 | 747 | |
| 748 | 748 | |
| 749 | 749 | // Audio-Video formats |
@@ -754,13 +754,13 @@ discard block |
||
| 754 | 754 | 'group' => 'audio-video', |
| 755 | 755 | 'module' => 'asf', |
| 756 | 756 | 'mime_type' => 'video/x-ms-asf', |
| 757 | - ), |
|
| 757 | + ), |
|
| 758 | 758 | |
| 759 | 759 | // BINK - audio/video - Bink / Smacker |
| 760 | 760 | 'bink' => array( |
| 761 | 761 | 'pattern' => '^(BIK|SMK)', |
| 762 | 762 | 'mime_type' => 'application/octet-stream', |
| 763 | - ), |
|
| 763 | + ), |
|
| 764 | 764 | |
| 765 | 765 | // FLV - audio/video - FLash Video |
| 766 | 766 | 'flv' => array( |
@@ -768,13 +768,13 @@ discard block |
||
| 768 | 768 | 'group' => 'audio-video', |
| 769 | 769 | 'module' => 'flv', |
| 770 | 770 | 'mime_type' => 'video/x-flv', |
| 771 | - ), |
|
| 771 | + ), |
|
| 772 | 772 | |
| 773 | 773 | // MKAV - audio/video - Mastroka |
| 774 | 774 | 'matroska' => array ( |
| 775 | 775 | 'pattern' => '^\x1A\x45\xDF\xA3', |
| 776 | 776 | 'mime_type' => 'application/octet-stream', |
| 777 | - ), |
|
| 777 | + ), |
|
| 778 | 778 | |
| 779 | 779 | // MPEG - audio/video - MPEG (Moving Pictures Experts Group) |
| 780 | 780 | 'mpeg' => array ( |
@@ -782,7 +782,7 @@ discard block |
||
| 782 | 782 | 'group' => 'audio-video', |
| 783 | 783 | 'module' => 'mpeg', |
| 784 | 784 | 'mime_type' => 'video/mpeg', |
| 785 | - ), |
|
| 785 | + ), |
|
| 786 | 786 | |
| 787 | 787 | // NSV - audio/video - Nullsoft Streaming Video (NSV) |
| 788 | 788 | 'nsv' => array ( |
@@ -790,7 +790,7 @@ discard block |
||
| 790 | 790 | 'group' => 'audio-video', |
| 791 | 791 | 'module' => 'nsv', |
| 792 | 792 | 'mime_type' => 'application/octet-stream', |
| 793 | - ), |
|
| 793 | + ), |
|
| 794 | 794 | |
| 795 | 795 | // Ogg - audio/video - Ogg (Ogg Vorbis, OggFLAC, Speex, Ogg Theora(*), Ogg Tarkin(*)) |
| 796 | 796 | 'ogg' => array ( |
@@ -800,7 +800,7 @@ discard block |
||
| 800 | 800 | 'mime_type' => 'application/ogg', |
| 801 | 801 | 'fail_id3' => 'WARNING', |
| 802 | 802 | 'fail_ape' => 'WARNING', |
| 803 | - ), |
|
| 803 | + ), |
|
| 804 | 804 | |
| 805 | 805 | // QT - audio/video - Quicktime |
| 806 | 806 | 'quicktime' => array ( |
@@ -808,7 +808,7 @@ discard block |
||
| 808 | 808 | 'group' => 'audio-video', |
| 809 | 809 | 'module' => 'quicktime', |
| 810 | 810 | 'mime_type' => 'video/quicktime', |
| 811 | - ), |
|
| 811 | + ), |
|
| 812 | 812 | |
| 813 | 813 | // RIFF - audio/video - Resource Interchange File Format (RIFF) / WAV / AVI / CD-audio / SDSS = renamed variant used by SmartSound QuickTracks (www.smartsound.com) / FORM = Audio Interchange File Format (AIFF) |
| 814 | 814 | 'riff' => array ( |
@@ -817,7 +817,7 @@ discard block |
||
| 817 | 817 | 'module' => 'riff', |
| 818 | 818 | 'mime_type' => 'audio/x-wave', |
| 819 | 819 | 'fail_ape' => 'WARNING', |
| 820 | - ), |
|
| 820 | + ), |
|
| 821 | 821 | |
| 822 | 822 | // Real - audio/video - RealAudio, RealVideo |
| 823 | 823 | 'real' => array ( |
@@ -825,7 +825,7 @@ discard block |
||
| 825 | 825 | 'group' => 'audio-video', |
| 826 | 826 | 'module' => 'real', |
| 827 | 827 | 'mime_type' => 'audio/x-realaudio', |
| 828 | - ), |
|
| 828 | + ), |
|
| 829 | 829 | |
| 830 | 830 | // SWF - audio/video - ShockWave Flash |
| 831 | 831 | 'swf' => array ( |
@@ -833,7 +833,7 @@ discard block |
||
| 833 | 833 | 'group' => 'audio-video', |
| 834 | 834 | 'module' => 'swf', |
| 835 | 835 | 'mime_type' => 'application/x-shockwave-flash', |
| 836 | - ), |
|
| 836 | + ), |
|
| 837 | 837 | |
| 838 | 838 | |
| 839 | 839 | // Still-Image formats |
@@ -846,7 +846,7 @@ discard block |
||
| 846 | 846 | 'mime_type' => 'image/bmp', |
| 847 | 847 | 'fail_id3' => 'ERROR', |
| 848 | 848 | 'fail_ape' => 'ERROR', |
| 849 | - ), |
|
| 849 | + ), |
|
| 850 | 850 | |
| 851 | 851 | // GIF - still image - Graphics Interchange Format |
| 852 | 852 | 'gif' => array ( |
@@ -856,7 +856,7 @@ discard block |
||
| 856 | 856 | 'mime_type' => 'image/gif', |
| 857 | 857 | 'fail_id3' => 'ERROR', |
| 858 | 858 | 'fail_ape' => 'ERROR', |
| 859 | - ), |
|
| 859 | + ), |
|
| 860 | 860 | |
| 861 | 861 | // JPEG - still image - Joint Photographic Experts Group (JPEG) |
| 862 | 862 | 'jpeg' => array ( |
@@ -866,7 +866,7 @@ discard block |
||
| 866 | 866 | 'mime_type' => 'image/jpeg', |
| 867 | 867 | 'fail_id3' => 'ERROR', |
| 868 | 868 | 'fail_ape' => 'ERROR', |
| 869 | - ), |
|
| 869 | + ), |
|
| 870 | 870 | |
| 871 | 871 | // PCD - still image - Kodak Photo CD |
| 872 | 872 | 'pcd' => array ( |
@@ -876,7 +876,7 @@ discard block |
||
| 876 | 876 | 'mime_type' => 'image/x-photo-cd', |
| 877 | 877 | 'fail_id3' => 'ERROR', |
| 878 | 878 | 'fail_ape' => 'ERROR', |
| 879 | - ), |
|
| 879 | + ), |
|
| 880 | 880 | |
| 881 | 881 | |
| 882 | 882 | // PNG - still image - Portable Network Graphics (PNG) |
@@ -887,16 +887,16 @@ discard block |
||
| 887 | 887 | 'mime_type' => 'image/png', |
| 888 | 888 | 'fail_id3' => 'ERROR', |
| 889 | 889 | 'fail_ape' => 'ERROR', |
| 890 | - ), |
|
| 890 | + ), |
|
| 891 | 891 | |
| 892 | 892 | |
| 893 | 893 | // SVG - still image - Scalable Vector Graphics (SVG) |
| 894 | - 'svg' => array( |
|
| 895 | - 'pattern' => '<!DOCTYPE svg PUBLIC ', |
|
| 896 | - 'mime_type' => 'image/svg+xml', |
|
| 897 | - 'fail_id3' => 'ERROR', |
|
| 898 | - 'fail_ape' => 'ERROR', |
|
| 899 | - ), |
|
| 894 | + 'svg' => array( |
|
| 895 | + 'pattern' => '<!DOCTYPE svg PUBLIC ', |
|
| 896 | + 'mime_type' => 'image/svg+xml', |
|
| 897 | + 'fail_id3' => 'ERROR', |
|
| 898 | + 'fail_ape' => 'ERROR', |
|
| 899 | + ), |
|
| 900 | 900 | |
| 901 | 901 | |
| 902 | 902 | // TIFF - still image - Tagged Information File Format (TIFF) |
@@ -907,7 +907,7 @@ discard block |
||
| 907 | 907 | 'mime_type' => 'image/tiff', |
| 908 | 908 | 'fail_id3' => 'ERROR', |
| 909 | 909 | 'fail_ape' => 'ERROR', |
| 910 | - ), |
|
| 910 | + ), |
|
| 911 | 911 | |
| 912 | 912 | |
| 913 | 913 | // Data formats |
@@ -917,7 +917,7 @@ discard block |
||
| 917 | 917 | 'mime_type' => 'application/octet-stream', |
| 918 | 918 | 'fail_id3' => 'ERROR', |
| 919 | 919 | 'fail_ape' => 'ERROR', |
| 920 | - ), |
|
| 920 | + ), |
|
| 921 | 921 | |
| 922 | 922 | // ISO - data - International Standards Organization (ISO) CD-ROM Image |
| 923 | 923 | 'iso' => array ( |
@@ -927,7 +927,7 @@ discard block |
||
| 927 | 927 | 'mime_type' => 'application/octet-stream', |
| 928 | 928 | 'fail_id3' => 'ERROR', |
| 929 | 929 | 'fail_ape' => 'ERROR', |
| 930 | - ), |
|
| 930 | + ), |
|
| 931 | 931 | |
| 932 | 932 | // RAR - data - RAR compressed data |
| 933 | 933 | 'rar' => array( |
@@ -935,7 +935,7 @@ discard block |
||
| 935 | 935 | 'mime_type' => 'application/octet-stream', |
| 936 | 936 | 'fail_id3' => 'ERROR', |
| 937 | 937 | 'fail_ape' => 'ERROR', |
| 938 | - ), |
|
| 938 | + ), |
|
| 939 | 939 | |
| 940 | 940 | // SZIP - audio - SZIP compressed data |
| 941 | 941 | 'szip' => array ( |
@@ -945,7 +945,7 @@ discard block |
||
| 945 | 945 | 'mime_type' => 'application/octet-stream', |
| 946 | 946 | 'fail_id3' => 'ERROR', |
| 947 | 947 | 'fail_ape' => 'ERROR', |
| 948 | - ), |
|
| 948 | + ), |
|
| 949 | 949 | |
| 950 | 950 | // TAR - data - TAR compressed data |
| 951 | 951 | 'tar' => array( |
@@ -955,7 +955,7 @@ discard block |
||
| 955 | 955 | 'mime_type' => 'application/x-tar', |
| 956 | 956 | 'fail_id3' => 'ERROR', |
| 957 | 957 | 'fail_ape' => 'ERROR', |
| 958 | - ), |
|
| 958 | + ), |
|
| 959 | 959 | |
| 960 | 960 | // GZIP - data - GZIP compressed data |
| 961 | 961 | 'gz' => array( |
@@ -965,7 +965,7 @@ discard block |
||
| 965 | 965 | 'mime_type' => 'application/x-gzip', |
| 966 | 966 | 'fail_id3' => 'ERROR', |
| 967 | 967 | 'fail_ape' => 'ERROR', |
| 968 | - ), |
|
| 968 | + ), |
|
| 969 | 969 | |
| 970 | 970 | |
| 971 | 971 | // ZIP - data - ZIP compressed data |
@@ -976,33 +976,33 @@ discard block |
||
| 976 | 976 | 'mime_type' => 'application/zip', |
| 977 | 977 | 'fail_id3' => 'ERROR', |
| 978 | 978 | 'fail_ape' => 'ERROR', |
| 979 | - ), |
|
| 979 | + ), |
|
| 980 | 980 | |
| 981 | 981 | |
| 982 | 982 | // PAR2 - data - Parity Volume Set Specification 2.0 |
| 983 | 983 | 'par2' => array ( |
| 984 | - 'pattern' => '^PAR2\x00PKT', |
|
| 985 | - 'mime_type' => 'application/octet-stream', |
|
| 986 | - 'fail_id3' => 'ERROR', |
|
| 987 | - 'fail_ape' => 'ERROR', |
|
| 988 | - ), |
|
| 984 | + 'pattern' => '^PAR2\x00PKT', |
|
| 985 | + 'mime_type' => 'application/octet-stream', |
|
| 986 | + 'fail_id3' => 'ERROR', |
|
| 987 | + 'fail_ape' => 'ERROR', |
|
| 988 | + ), |
|
| 989 | 989 | |
| 990 | 990 | |
| 991 | - // PDF - data - Portable Document Format |
|
| 992 | - 'pdf' => array( |
|
| 991 | + // PDF - data - Portable Document Format |
|
| 992 | + 'pdf' => array( |
|
| 993 | 993 | 'pattern' => '^\x25PDF', |
| 994 | 994 | 'mime_type' => 'application/pdf', |
| 995 | 995 | 'fail_id3' => 'ERROR', |
| 996 | 996 | 'fail_ape' => 'ERROR', |
| 997 | - ), |
|
| 997 | + ), |
|
| 998 | 998 | |
| 999 | - // DOC - data - Microsoft Word |
|
| 1000 | - 'msoffice' => array( |
|
| 999 | + // DOC - data - Microsoft Word |
|
| 1000 | + 'msoffice' => array( |
|
| 1001 | 1001 | 'pattern' => '^\xD0\xCF\x11\xE0', // D0CF11E == DOCFILE == Microsoft Office Document |
| 1002 | 1002 | 'mime_type' => 'application/octet-stream', |
| 1003 | 1003 | 'fail_id3' => 'ERROR', |
| 1004 | 1004 | 'fail_ape' => 'ERROR', |
| 1005 | - ), |
|
| 1005 | + ), |
|
| 1006 | 1006 | ); |
| 1007 | 1007 | |
| 1008 | 1008 | return $format_info; |
@@ -1393,99 +1393,99 @@ discard block |
||
| 1393 | 1393 | |
| 1394 | 1394 | public static function BigEndian2Float($byte_word) { |
| 1395 | 1395 | |
| 1396 | - // ANSI/IEEE Standard 754-1985, Standard for Binary Floating Point Arithmetic |
|
| 1397 | - // http://www.psc.edu/general/software/packages/ieee/ieee.html |
|
| 1398 | - // http://www.scri.fsu.edu/~jac/MAD3401/Backgrnd/ieee.html |
|
| 1396 | + // ANSI/IEEE Standard 754-1985, Standard for Binary Floating Point Arithmetic |
|
| 1397 | + // http://www.psc.edu/general/software/packages/ieee/ieee.html |
|
| 1398 | + // http://www.scri.fsu.edu/~jac/MAD3401/Backgrnd/ieee.html |
|
| 1399 | 1399 | |
| 1400 | - $bit_word = getid3_lib::BigEndian2Bin($byte_word); |
|
| 1401 | - if (!$bit_word) { |
|
| 1400 | + $bit_word = getid3_lib::BigEndian2Bin($byte_word); |
|
| 1401 | + if (!$bit_word) { |
|
| 1402 | 1402 | return 0; |
| 1403 | 1403 | } |
| 1404 | - $sign_bit = $bit_word{0}; |
|
| 1405 | - |
|
| 1406 | - switch (strlen($byte_word) * 8) { |
|
| 1407 | - case 32: |
|
| 1408 | - $exponent_bits = 8; |
|
| 1409 | - $fraction_bits = 23; |
|
| 1410 | - break; |
|
| 1411 | - |
|
| 1412 | - case 64: |
|
| 1413 | - $exponent_bits = 11; |
|
| 1414 | - $fraction_bits = 52; |
|
| 1415 | - break; |
|
| 1416 | - |
|
| 1417 | - case 80: |
|
| 1418 | - // 80-bit Apple SANE format |
|
| 1419 | - // http://www.mactech.com/articles/mactech/Vol.06/06.01/SANENormalized/ |
|
| 1420 | - $exponent_string = substr($bit_word, 1, 15); |
|
| 1421 | - $is_normalized = intval($bit_word{16}); |
|
| 1422 | - $fraction_string = substr($bit_word, 17, 63); |
|
| 1423 | - $exponent = pow(2, getid3_lib::Bin2Dec($exponent_string) - 16383); |
|
| 1424 | - $fraction = $is_normalized + getid3_lib::DecimalBinary2Float($fraction_string); |
|
| 1425 | - $float_value = $exponent * $fraction; |
|
| 1426 | - if ($sign_bit == '1') { |
|
| 1427 | - $float_value *= -1; |
|
| 1428 | - } |
|
| 1429 | - return $float_value; |
|
| 1430 | - break; |
|
| 1431 | - |
|
| 1432 | - default: |
|
| 1433 | - return false; |
|
| 1434 | - break; |
|
| 1435 | - } |
|
| 1436 | - $exponent_string = substr($bit_word, 1, $exponent_bits); |
|
| 1437 | - $fraction_string = substr($bit_word, $exponent_bits + 1, $fraction_bits); |
|
| 1438 | - $exponent = bindec($exponent_string); |
|
| 1439 | - $fraction = bindec($fraction_string); |
|
| 1440 | - |
|
| 1441 | - if (($exponent == (pow(2, $exponent_bits) - 1)) && ($fraction != 0)) { |
|
| 1442 | - // Not a Number |
|
| 1443 | - $float_value = false; |
|
| 1444 | - } elseif (($exponent == (pow(2, $exponent_bits) - 1)) && ($fraction == 0)) { |
|
| 1445 | - if ($sign_bit == '1') { |
|
| 1446 | - $float_value = '-infinity'; |
|
| 1447 | - } else { |
|
| 1448 | - $float_value = '+infinity'; |
|
| 1449 | - } |
|
| 1450 | - } elseif (($exponent == 0) && ($fraction == 0)) { |
|
| 1451 | - if ($sign_bit == '1') { |
|
| 1452 | - $float_value = -0; |
|
| 1453 | - } else { |
|
| 1454 | - $float_value = 0; |
|
| 1455 | - } |
|
| 1456 | - $float_value = ($sign_bit ? 0 : -0); |
|
| 1457 | - } elseif (($exponent == 0) && ($fraction != 0)) { |
|
| 1458 | - // These are 'unnormalized' values |
|
| 1459 | - $float_value = pow(2, (-1 * (pow(2, $exponent_bits - 1) - 2))) * getid3_lib::DecimalBinary2Float($fraction_string); |
|
| 1460 | - if ($sign_bit == '1') { |
|
| 1461 | - $float_value *= -1; |
|
| 1462 | - } |
|
| 1463 | - } elseif ($exponent != 0) { |
|
| 1464 | - $float_value = pow(2, ($exponent - (pow(2, $exponent_bits - 1) - 1))) * (1 + getid3_lib::DecimalBinary2Float($fraction_string)); |
|
| 1465 | - if ($sign_bit == '1') { |
|
| 1466 | - $float_value *= -1; |
|
| 1467 | - } |
|
| 1468 | - } |
|
| 1469 | - return (float) $float_value; |
|
| 1470 | - } |
|
| 1471 | - |
|
| 1472 | - |
|
| 1473 | - |
|
| 1474 | - public static function LittleEndian2Float($byte_word) { |
|
| 1475 | - |
|
| 1476 | - return getid3_lib::BigEndian2Float(strrev($byte_word)); |
|
| 1477 | - } |
|
| 1478 | - |
|
| 1479 | - |
|
| 1480 | - |
|
| 1481 | - public static function DecimalBinary2Float($binary_numerator) { |
|
| 1482 | - $numerator = bindec($binary_numerator); |
|
| 1483 | - $denominator = bindec('1'.str_repeat('0', strlen($binary_numerator))); |
|
| 1484 | - return ($numerator / $denominator); |
|
| 1485 | - } |
|
| 1486 | - |
|
| 1487 | - |
|
| 1488 | - public static function PrintHexBytes($string, $hex=true, $spaces=true, $html_safe=true) { |
|
| 1404 | + $sign_bit = $bit_word{0}; |
|
| 1405 | + |
|
| 1406 | + switch (strlen($byte_word) * 8) { |
|
| 1407 | + case 32: |
|
| 1408 | + $exponent_bits = 8; |
|
| 1409 | + $fraction_bits = 23; |
|
| 1410 | + break; |
|
| 1411 | + |
|
| 1412 | + case 64: |
|
| 1413 | + $exponent_bits = 11; |
|
| 1414 | + $fraction_bits = 52; |
|
| 1415 | + break; |
|
| 1416 | + |
|
| 1417 | + case 80: |
|
| 1418 | + // 80-bit Apple SANE format |
|
| 1419 | + // http://www.mactech.com/articles/mactech/Vol.06/06.01/SANENormalized/ |
|
| 1420 | + $exponent_string = substr($bit_word, 1, 15); |
|
| 1421 | + $is_normalized = intval($bit_word{16}); |
|
| 1422 | + $fraction_string = substr($bit_word, 17, 63); |
|
| 1423 | + $exponent = pow(2, getid3_lib::Bin2Dec($exponent_string) - 16383); |
|
| 1424 | + $fraction = $is_normalized + getid3_lib::DecimalBinary2Float($fraction_string); |
|
| 1425 | + $float_value = $exponent * $fraction; |
|
| 1426 | + if ($sign_bit == '1') { |
|
| 1427 | + $float_value *= -1; |
|
| 1428 | + } |
|
| 1429 | + return $float_value; |
|
| 1430 | + break; |
|
| 1431 | + |
|
| 1432 | + default: |
|
| 1433 | + return false; |
|
| 1434 | + break; |
|
| 1435 | + } |
|
| 1436 | + $exponent_string = substr($bit_word, 1, $exponent_bits); |
|
| 1437 | + $fraction_string = substr($bit_word, $exponent_bits + 1, $fraction_bits); |
|
| 1438 | + $exponent = bindec($exponent_string); |
|
| 1439 | + $fraction = bindec($fraction_string); |
|
| 1440 | + |
|
| 1441 | + if (($exponent == (pow(2, $exponent_bits) - 1)) && ($fraction != 0)) { |
|
| 1442 | + // Not a Number |
|
| 1443 | + $float_value = false; |
|
| 1444 | + } elseif (($exponent == (pow(2, $exponent_bits) - 1)) && ($fraction == 0)) { |
|
| 1445 | + if ($sign_bit == '1') { |
|
| 1446 | + $float_value = '-infinity'; |
|
| 1447 | + } else { |
|
| 1448 | + $float_value = '+infinity'; |
|
| 1449 | + } |
|
| 1450 | + } elseif (($exponent == 0) && ($fraction == 0)) { |
|
| 1451 | + if ($sign_bit == '1') { |
|
| 1452 | + $float_value = -0; |
|
| 1453 | + } else { |
|
| 1454 | + $float_value = 0; |
|
| 1455 | + } |
|
| 1456 | + $float_value = ($sign_bit ? 0 : -0); |
|
| 1457 | + } elseif (($exponent == 0) && ($fraction != 0)) { |
|
| 1458 | + // These are 'unnormalized' values |
|
| 1459 | + $float_value = pow(2, (-1 * (pow(2, $exponent_bits - 1) - 2))) * getid3_lib::DecimalBinary2Float($fraction_string); |
|
| 1460 | + if ($sign_bit == '1') { |
|
| 1461 | + $float_value *= -1; |
|
| 1462 | + } |
|
| 1463 | + } elseif ($exponent != 0) { |
|
| 1464 | + $float_value = pow(2, ($exponent - (pow(2, $exponent_bits - 1) - 1))) * (1 + getid3_lib::DecimalBinary2Float($fraction_string)); |
|
| 1465 | + if ($sign_bit == '1') { |
|
| 1466 | + $float_value *= -1; |
|
| 1467 | + } |
|
| 1468 | + } |
|
| 1469 | + return (float) $float_value; |
|
| 1470 | + } |
|
| 1471 | + |
|
| 1472 | + |
|
| 1473 | + |
|
| 1474 | + public static function LittleEndian2Float($byte_word) { |
|
| 1475 | + |
|
| 1476 | + return getid3_lib::BigEndian2Float(strrev($byte_word)); |
|
| 1477 | + } |
|
| 1478 | + |
|
| 1479 | + |
|
| 1480 | + |
|
| 1481 | + public static function DecimalBinary2Float($binary_numerator) { |
|
| 1482 | + $numerator = bindec($binary_numerator); |
|
| 1483 | + $denominator = bindec('1'.str_repeat('0', strlen($binary_numerator))); |
|
| 1484 | + return ($numerator / $denominator); |
|
| 1485 | + } |
|
| 1486 | + |
|
| 1487 | + |
|
| 1488 | + public static function PrintHexBytes($string, $hex=true, $spaces=true, $html_safe=true) { |
|
| 1489 | 1489 | |
| 1490 | 1490 | $return_string = ''; |
| 1491 | 1491 | for ($i = 0; $i < strlen($string); $i++) { |
@@ -36,81 +36,81 @@ discard block |
||
| 36 | 36 | *************************************************/ |
| 37 | 37 | |
| 38 | 38 | class Snoopy { |
| 39 | - /**** Public variables ****/ |
|
| 39 | + /**** Public variables ****/ |
|
| 40 | 40 | |
| 41 | - /* user definable vars */ |
|
| 42 | - |
|
| 43 | - public $host = "www.php.net"; // host name we are connecting to |
|
| 44 | - public $port = 80; // port we are connecting to |
|
| 45 | - public $proxy_host = ""; // proxy host to use |
|
| 46 | - public $proxy_port = ""; // proxy port to use |
|
| 47 | - public $agent = "Snoopy v1.0"; // agent we masquerade as |
|
| 48 | - public $referer = ""; // referer info to pass |
|
| 49 | - public $cookies = array(); // array of cookies to pass |
|
| 50 | - // $cookies["username"]="joe"; |
|
| 51 | - public $rawheaders = array(); // array of raw headers to send |
|
| 52 | - // $rawheaders["Content-type"]="text/html"; |
|
| 53 | - |
|
| 54 | - public $maxredirs = 5; // http redirection depth maximum. 0 = disallow |
|
| 55 | - public $lastredirectaddr = ""; // contains address of last redirected address |
|
| 56 | - public $offsiteok = true; // allows redirection off-site |
|
| 57 | - public $maxframes = 0; // frame content depth maximum. 0 = disallow |
|
| 58 | - public $expandlinks = true; // expand links to fully qualified URLs. |
|
| 59 | - // this only applies to fetchlinks() |
|
| 60 | - // or submitlinks() |
|
| 61 | - public $passcookies = true; // pass set cookies back through redirects |
|
| 62 | - // NOTE: this currently does not respect |
|
| 63 | - // dates, domains or paths. |
|
| 41 | + /* user definable vars */ |
|
| 42 | + |
|
| 43 | + public $host = "www.php.net"; // host name we are connecting to |
|
| 44 | + public $port = 80; // port we are connecting to |
|
| 45 | + public $proxy_host = ""; // proxy host to use |
|
| 46 | + public $proxy_port = ""; // proxy port to use |
|
| 47 | + public $agent = "Snoopy v1.0"; // agent we masquerade as |
|
| 48 | + public $referer = ""; // referer info to pass |
|
| 49 | + public $cookies = array(); // array of cookies to pass |
|
| 50 | + // $cookies["username"]="joe"; |
|
| 51 | + public $rawheaders = array(); // array of raw headers to send |
|
| 52 | + // $rawheaders["Content-type"]="text/html"; |
|
| 53 | + |
|
| 54 | + public $maxredirs = 5; // http redirection depth maximum. 0 = disallow |
|
| 55 | + public $lastredirectaddr = ""; // contains address of last redirected address |
|
| 56 | + public $offsiteok = true; // allows redirection off-site |
|
| 57 | + public $maxframes = 0; // frame content depth maximum. 0 = disallow |
|
| 58 | + public $expandlinks = true; // expand links to fully qualified URLs. |
|
| 59 | + // this only applies to fetchlinks() |
|
| 60 | + // or submitlinks() |
|
| 61 | + public $passcookies = true; // pass set cookies back through redirects |
|
| 62 | + // NOTE: this currently does not respect |
|
| 63 | + // dates, domains or paths. |
|
| 64 | 64 | |
| 65 | - public $user = ""; // user for http authentication |
|
| 66 | - public $pass = ""; // password for http authentication |
|
| 65 | + public $user = ""; // user for http authentication |
|
| 66 | + public $pass = ""; // password for http authentication |
|
| 67 | 67 | |
| 68 | - // http accept types |
|
| 69 | - public $accept = "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*"; |
|
| 68 | + // http accept types |
|
| 69 | + public $accept = "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*"; |
|
| 70 | 70 | |
| 71 | - public $results = ""; // where the content is put |
|
| 71 | + public $results = ""; // where the content is put |
|
| 72 | 72 | |
| 73 | - public $error = ""; // error messages sent here |
|
| 74 | - public $response_code = ""; // response code returned from server |
|
| 75 | - public $headers = array(); // headers returned from server sent here |
|
| 76 | - public $maxlength = 500000; // max return data length (body) |
|
| 77 | - public $read_timeout = 0; // timeout on read operations, in seconds |
|
| 78 | - // supported only since PHP 4 Beta 4 |
|
| 79 | - // set to 0 to disallow timeouts |
|
| 80 | - public $timed_out = false; // if a read operation timed out |
|
| 81 | - public $status = 0; // http request status |
|
| 73 | + public $error = ""; // error messages sent here |
|
| 74 | + public $response_code = ""; // response code returned from server |
|
| 75 | + public $headers = array(); // headers returned from server sent here |
|
| 76 | + public $maxlength = 500000; // max return data length (body) |
|
| 77 | + public $read_timeout = 0; // timeout on read operations, in seconds |
|
| 78 | + // supported only since PHP 4 Beta 4 |
|
| 79 | + // set to 0 to disallow timeouts |
|
| 80 | + public $timed_out = false; // if a read operation timed out |
|
| 81 | + public $status = 0; // http request status |
|
| 82 | 82 | |
| 83 | - public $curl_path = "/usr/bin/curl"; |
|
| 84 | - // Snoopy will use cURL for fetching |
|
| 85 | - // SSL content if a full system path to |
|
| 86 | - // the cURL binary is supplied here. |
|
| 87 | - // set to false if you do not have |
|
| 88 | - // cURL installed. See http://curl.haxx.se |
|
| 89 | - // for details on installing cURL. |
|
| 90 | - // Snoopy does *not* use the cURL |
|
| 91 | - // library functions built into php, |
|
| 92 | - // as these functions are not stable |
|
| 93 | - // as of this Snoopy release. |
|
| 83 | + public $curl_path = "/usr/bin/curl"; |
|
| 84 | + // Snoopy will use cURL for fetching |
|
| 85 | + // SSL content if a full system path to |
|
| 86 | + // the cURL binary is supplied here. |
|
| 87 | + // set to false if you do not have |
|
| 88 | + // cURL installed. See http://curl.haxx.se |
|
| 89 | + // for details on installing cURL. |
|
| 90 | + // Snoopy does *not* use the cURL |
|
| 91 | + // library functions built into php, |
|
| 92 | + // as these functions are not stable |
|
| 93 | + // as of this Snoopy release. |
|
| 94 | 94 | |
| 95 | - // send Accept-encoding: gzip? |
|
| 96 | - public $use_gzip = true; |
|
| 95 | + // send Accept-encoding: gzip? |
|
| 96 | + public $use_gzip = true; |
|
| 97 | 97 | |
| 98 | - /**** Private variables ****/ |
|
| 98 | + /**** Private variables ****/ |
|
| 99 | 99 | |
| 100 | - private $_maxlinelen = 4096; // max line length (headers) |
|
| 100 | + private $_maxlinelen = 4096; // max line length (headers) |
|
| 101 | 101 | |
| 102 | - private $_httpmethod = "GET"; // default http request method |
|
| 103 | - private $_httpversion = "HTTP/1.0"; // default http request version |
|
| 104 | - private $_submit_method = "POST"; // default submit method |
|
| 105 | - private $_submit_type = "application/x-www-form-urlencoded"; // default submit type |
|
| 106 | - private $_mime_boundary = ""; // MIME boundary for multipart/form-data submit type |
|
| 107 | - private $_redirectaddr = false; // will be set if page fetched is a redirect |
|
| 108 | - private $_redirectdepth = 0; // increments on an http redirect |
|
| 109 | - private $_frameurls = array(); // frame src urls |
|
| 110 | - private $_framedepth = 0; // increments on frame depth |
|
| 102 | + private $_httpmethod = "GET"; // default http request method |
|
| 103 | + private $_httpversion = "HTTP/1.0"; // default http request version |
|
| 104 | + private $_submit_method = "POST"; // default submit method |
|
| 105 | + private $_submit_type = "application/x-www-form-urlencoded"; // default submit type |
|
| 106 | + private $_mime_boundary = ""; // MIME boundary for multipart/form-data submit type |
|
| 107 | + private $_redirectaddr = false; // will be set if page fetched is a redirect |
|
| 108 | + private $_redirectdepth = 0; // increments on an http redirect |
|
| 109 | + private $_frameurls = array(); // frame src urls |
|
| 110 | + private $_framedepth = 0; // increments on frame depth |
|
| 111 | 111 | |
| 112 | - private $_isproxy = false; // set if using a proxy server |
|
| 113 | - private $_fp_timeout = 30; // timeout for socket connection |
|
| 112 | + private $_isproxy = false; // set if using a proxy server |
|
| 113 | + private $_fp_timeout = 30; // timeout for socket connection |
|
| 114 | 114 | |
| 115 | 115 | /*======================================================================*\ |
| 116 | 116 | Function: fetch |
@@ -121,136 +121,136 @@ discard block |
||
| 121 | 121 | Output: $this->results the output text from the fetch |
| 122 | 122 | \*======================================================================*/ |
| 123 | 123 | |
| 124 | - public function fetch($URI) { |
|
| 125 | - //preg_match("|^([^:]+)://([^:/]+)(:[\d]+)*(.*)|",$URI,$URI_PARTS); |
|
| 126 | - $URI_PARTS = parse_url($URI); |
|
| 127 | - if (!empty($URI_PARTS["user"])) |
|
| 128 | - $this->user = $URI_PARTS["user"]; |
|
| 129 | - if (!empty($URI_PARTS["pass"])) |
|
| 130 | - $this->pass = $URI_PARTS["pass"]; |
|
| 131 | - if (!isset($fp)) { $fp = false; } |
|
| 132 | - switch ($URI_PARTS["scheme"]) { |
|
| 133 | - case "http": |
|
| 134 | - $this->host = $URI_PARTS["host"]; |
|
| 135 | - if(!empty($URI_PARTS["port"])) |
|
| 136 | - $this->port = $URI_PARTS["port"]; |
|
| 137 | - if($this->_connect($fp)) |
|
| 138 | - { |
|
| 139 | - if($this->_isproxy) |
|
| 140 | - { |
|
| 141 | - // using proxy, send entire URI |
|
| 142 | - $this->_httprequest($URI,$fp,$URI,$this->_httpmethod); |
|
| 143 | - } |
|
| 144 | - else |
|
| 145 | - { |
|
| 146 | - $path = $URI_PARTS["path"].(isset($URI_PARTS["query"]) ? "?".$URI_PARTS["query"] : ""); |
|
| 147 | - // no proxy, send only the path |
|
| 148 | - $this->_httprequest($path, $fp, $URI, $this->_httpmethod); |
|
| 149 | - } |
|
| 124 | + public function fetch($URI) { |
|
| 125 | + //preg_match("|^([^:]+)://([^:/]+)(:[\d]+)*(.*)|",$URI,$URI_PARTS); |
|
| 126 | + $URI_PARTS = parse_url($URI); |
|
| 127 | + if (!empty($URI_PARTS["user"])) |
|
| 128 | + $this->user = $URI_PARTS["user"]; |
|
| 129 | + if (!empty($URI_PARTS["pass"])) |
|
| 130 | + $this->pass = $URI_PARTS["pass"]; |
|
| 131 | + if (!isset($fp)) { $fp = false; } |
|
| 132 | + switch ($URI_PARTS["scheme"]) { |
|
| 133 | + case "http": |
|
| 134 | + $this->host = $URI_PARTS["host"]; |
|
| 135 | + if(!empty($URI_PARTS["port"])) |
|
| 136 | + $this->port = $URI_PARTS["port"]; |
|
| 137 | + if($this->_connect($fp)) |
|
| 138 | + { |
|
| 139 | + if($this->_isproxy) |
|
| 140 | + { |
|
| 141 | + // using proxy, send entire URI |
|
| 142 | + $this->_httprequest($URI,$fp,$URI,$this->_httpmethod); |
|
| 143 | + } |
|
| 144 | + else |
|
| 145 | + { |
|
| 146 | + $path = $URI_PARTS["path"].(isset($URI_PARTS["query"]) ? "?".$URI_PARTS["query"] : ""); |
|
| 147 | + // no proxy, send only the path |
|
| 148 | + $this->_httprequest($path, $fp, $URI, $this->_httpmethod); |
|
| 149 | + } |
|
| 150 | 150 | |
| 151 | - $this->_disconnect($fp); |
|
| 152 | - |
|
| 153 | - if($this->_redirectaddr) |
|
| 154 | - { |
|
| 155 | - /* url was redirected, check if we've hit the max depth */ |
|
| 156 | - if($this->maxredirs > $this->_redirectdepth) |
|
| 157 | - { |
|
| 158 | - // only follow redirect if it's on this site, or offsiteok is true |
|
| 159 | - if(preg_match("|^http://".preg_quote($this->host)."|i",$this->_redirectaddr) || $this->offsiteok) |
|
| 160 | - { |
|
| 161 | - /* follow the redirect */ |
|
| 162 | - $this->_redirectdepth++; |
|
| 163 | - $this->lastredirectaddr=$this->_redirectaddr; |
|
| 164 | - $this->fetch($this->_redirectaddr); |
|
| 165 | - } |
|
| 166 | - } |
|
| 167 | - } |
|
| 168 | - |
|
| 169 | - if($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) |
|
| 170 | - { |
|
| 171 | - $frameurls = $this->_frameurls; |
|
| 172 | - $this->_frameurls = array(); |
|
| 151 | + $this->_disconnect($fp); |
|
| 152 | + |
|
| 153 | + if($this->_redirectaddr) |
|
| 154 | + { |
|
| 155 | + /* url was redirected, check if we've hit the max depth */ |
|
| 156 | + if($this->maxredirs > $this->_redirectdepth) |
|
| 157 | + { |
|
| 158 | + // only follow redirect if it's on this site, or offsiteok is true |
|
| 159 | + if(preg_match("|^http://".preg_quote($this->host)."|i",$this->_redirectaddr) || $this->offsiteok) |
|
| 160 | + { |
|
| 161 | + /* follow the redirect */ |
|
| 162 | + $this->_redirectdepth++; |
|
| 163 | + $this->lastredirectaddr=$this->_redirectaddr; |
|
| 164 | + $this->fetch($this->_redirectaddr); |
|
| 165 | + } |
|
| 166 | + } |
|
| 167 | + } |
|
| 168 | + |
|
| 169 | + if($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) |
|
| 170 | + { |
|
| 171 | + $frameurls = $this->_frameurls; |
|
| 172 | + $this->_frameurls = array(); |
|
| 173 | 173 | |
| 174 | - while(list(,$frameurl) = each($frameurls)) |
|
| 175 | - { |
|
| 176 | - if($this->_framedepth < $this->maxframes) |
|
| 177 | - { |
|
| 178 | - $this->fetch($frameurl); |
|
| 179 | - $this->_framedepth++; |
|
| 180 | - } |
|
| 181 | - else |
|
| 182 | - break; |
|
| 183 | - } |
|
| 184 | - } |
|
| 185 | - } |
|
| 186 | - else |
|
| 187 | - { |
|
| 188 | - return false; |
|
| 189 | - } |
|
| 190 | - return true; |
|
| 191 | - break; |
|
| 192 | - case "https": |
|
| 193 | - if(!$this->curl_path || (!is_executable($this->curl_path))) { |
|
| 194 | - $this->error = "Bad curl ($this->curl_path), can't fetch HTTPS \n"; |
|
| 195 | - return false; |
|
| 196 | - } |
|
| 197 | - $this->host = $URI_PARTS["host"]; |
|
| 198 | - if(!empty($URI_PARTS["port"])) |
|
| 199 | - $this->port = $URI_PARTS["port"]; |
|
| 200 | - if($this->_isproxy) |
|
| 201 | - { |
|
| 202 | - // using proxy, send entire URI |
|
| 203 | - $this->_httpsrequest($URI,$URI,$this->_httpmethod); |
|
| 204 | - } |
|
| 205 | - else |
|
| 206 | - { |
|
| 207 | - $path = $URI_PARTS["path"].($URI_PARTS["query"] ? "?".$URI_PARTS["query"] : ""); |
|
| 208 | - // no proxy, send only the path |
|
| 209 | - $this->_httpsrequest($path, $URI, $this->_httpmethod); |
|
| 210 | - } |
|
| 211 | - |
|
| 212 | - if($this->_redirectaddr) |
|
| 213 | - { |
|
| 214 | - /* url was redirected, check if we've hit the max depth */ |
|
| 215 | - if($this->maxredirs > $this->_redirectdepth) |
|
| 216 | - { |
|
| 217 | - // only follow redirect if it's on this site, or offsiteok is true |
|
| 218 | - if(preg_match("|^http://".preg_quote($this->host)."|i",$this->_redirectaddr) || $this->offsiteok) |
|
| 219 | - { |
|
| 220 | - /* follow the redirect */ |
|
| 221 | - $this->_redirectdepth++; |
|
| 222 | - $this->lastredirectaddr=$this->_redirectaddr; |
|
| 223 | - $this->fetch($this->_redirectaddr); |
|
| 224 | - } |
|
| 225 | - } |
|
| 226 | - } |
|
| 227 | - |
|
| 228 | - if($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) |
|
| 229 | - { |
|
| 230 | - $frameurls = $this->_frameurls; |
|
| 231 | - $this->_frameurls = array(); |
|
| 232 | - |
|
| 233 | - while(list(,$frameurl) = each($frameurls)) |
|
| 234 | - { |
|
| 235 | - if($this->_framedepth < $this->maxframes) |
|
| 236 | - { |
|
| 237 | - $this->fetch($frameurl); |
|
| 238 | - $this->_framedepth++; |
|
| 239 | - } |
|
| 240 | - else |
|
| 241 | - break; |
|
| 242 | - } |
|
| 243 | - } |
|
| 244 | - return true; |
|
| 245 | - break; |
|
| 246 | - default: |
|
| 247 | - // not a valid protocol |
|
| 248 | - $this->error = 'Invalid protocol "'.$URI_PARTS["scheme"].'"\n'; |
|
| 249 | - return false; |
|
| 250 | - break; |
|
| 251 | - } |
|
| 252 | - return true; |
|
| 253 | - } |
|
| 174 | + while(list(,$frameurl) = each($frameurls)) |
|
| 175 | + { |
|
| 176 | + if($this->_framedepth < $this->maxframes) |
|
| 177 | + { |
|
| 178 | + $this->fetch($frameurl); |
|
| 179 | + $this->_framedepth++; |
|
| 180 | + } |
|
| 181 | + else |
|
| 182 | + break; |
|
| 183 | + } |
|
| 184 | + } |
|
| 185 | + } |
|
| 186 | + else |
|
| 187 | + { |
|
| 188 | + return false; |
|
| 189 | + } |
|
| 190 | + return true; |
|
| 191 | + break; |
|
| 192 | + case "https": |
|
| 193 | + if(!$this->curl_path || (!is_executable($this->curl_path))) { |
|
| 194 | + $this->error = "Bad curl ($this->curl_path), can't fetch HTTPS \n"; |
|
| 195 | + return false; |
|
| 196 | + } |
|
| 197 | + $this->host = $URI_PARTS["host"]; |
|
| 198 | + if(!empty($URI_PARTS["port"])) |
|
| 199 | + $this->port = $URI_PARTS["port"]; |
|
| 200 | + if($this->_isproxy) |
|
| 201 | + { |
|
| 202 | + // using proxy, send entire URI |
|
| 203 | + $this->_httpsrequest($URI,$URI,$this->_httpmethod); |
|
| 204 | + } |
|
| 205 | + else |
|
| 206 | + { |
|
| 207 | + $path = $URI_PARTS["path"].($URI_PARTS["query"] ? "?".$URI_PARTS["query"] : ""); |
|
| 208 | + // no proxy, send only the path |
|
| 209 | + $this->_httpsrequest($path, $URI, $this->_httpmethod); |
|
| 210 | + } |
|
| 211 | + |
|
| 212 | + if($this->_redirectaddr) |
|
| 213 | + { |
|
| 214 | + /* url was redirected, check if we've hit the max depth */ |
|
| 215 | + if($this->maxredirs > $this->_redirectdepth) |
|
| 216 | + { |
|
| 217 | + // only follow redirect if it's on this site, or offsiteok is true |
|
| 218 | + if(preg_match("|^http://".preg_quote($this->host)."|i",$this->_redirectaddr) || $this->offsiteok) |
|
| 219 | + { |
|
| 220 | + /* follow the redirect */ |
|
| 221 | + $this->_redirectdepth++; |
|
| 222 | + $this->lastredirectaddr=$this->_redirectaddr; |
|
| 223 | + $this->fetch($this->_redirectaddr); |
|
| 224 | + } |
|
| 225 | + } |
|
| 226 | + } |
|
| 227 | + |
|
| 228 | + if($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) |
|
| 229 | + { |
|
| 230 | + $frameurls = $this->_frameurls; |
|
| 231 | + $this->_frameurls = array(); |
|
| 232 | + |
|
| 233 | + while(list(,$frameurl) = each($frameurls)) |
|
| 234 | + { |
|
| 235 | + if($this->_framedepth < $this->maxframes) |
|
| 236 | + { |
|
| 237 | + $this->fetch($frameurl); |
|
| 238 | + $this->_framedepth++; |
|
| 239 | + } |
|
| 240 | + else |
|
| 241 | + break; |
|
| 242 | + } |
|
| 243 | + } |
|
| 244 | + return true; |
|
| 245 | + break; |
|
| 246 | + default: |
|
| 247 | + // not a valid protocol |
|
| 248 | + $this->error = 'Invalid protocol "'.$URI_PARTS["scheme"].'"\n'; |
|
| 249 | + return false; |
|
| 250 | + break; |
|
| 251 | + } |
|
| 252 | + return true; |
|
| 253 | + } |
|
| 254 | 254 | |
| 255 | 255 | |
| 256 | 256 | |
@@ -266,32 +266,32 @@ discard block |
||
| 266 | 266 | Output: $match an array of the links |
| 267 | 267 | \*======================================================================*/ |
| 268 | 268 | |
| 269 | - private function _striplinks($document) |
|
| 270 | - { |
|
| 271 | - preg_match_all("'<\s*a\s+.*href\s*=\s* # find <a href= |
|
| 269 | + private function _striplinks($document) |
|
| 270 | + { |
|
| 271 | + preg_match_all("'<\s*a\s+.*href\s*=\s* # find <a href= |
|
| 272 | 272 | ([\"\'])? # find single or double quote |
| 273 | 273 | (?(1) (.*?)\\1 | ([^\s\>]+)) # if quote found, match up to next matching |
| 274 | 274 | # quote, otherwise match up to next space |
| 275 | 275 | 'isx",$document,$links); |
| 276 | 276 | |
| 277 | 277 | |
| 278 | - // catenate the non-empty matches from the conditional subpattern |
|
| 278 | + // catenate the non-empty matches from the conditional subpattern |
|
| 279 | 279 | |
| 280 | - while(list($key,$val) = each($links[2])) |
|
| 281 | - { |
|
| 282 | - if(!empty($val)) |
|
| 283 | - $match[] = $val; |
|
| 284 | - } |
|
| 280 | + while(list($key,$val) = each($links[2])) |
|
| 281 | + { |
|
| 282 | + if(!empty($val)) |
|
| 283 | + $match[] = $val; |
|
| 284 | + } |
|
| 285 | 285 | |
| 286 | - while(list($key,$val) = each($links[3])) |
|
| 287 | - { |
|
| 288 | - if(!empty($val)) |
|
| 289 | - $match[] = $val; |
|
| 290 | - } |
|
| 286 | + while(list($key,$val) = each($links[3])) |
|
| 287 | + { |
|
| 288 | + if(!empty($val)) |
|
| 289 | + $match[] = $val; |
|
| 290 | + } |
|
| 291 | 291 | |
| 292 | - // return the links |
|
| 293 | - return $match; |
|
| 294 | - } |
|
| 292 | + // return the links |
|
| 293 | + return $match; |
|
| 294 | + } |
|
| 295 | 295 | |
| 296 | 296 | /*======================================================================*\ |
| 297 | 297 | Function: _stripform |
@@ -300,16 +300,16 @@ discard block |
||
| 300 | 300 | Output: $match an array of the links |
| 301 | 301 | \*======================================================================*/ |
| 302 | 302 | |
| 303 | - private function _stripform($document) |
|
| 304 | - { |
|
| 305 | - preg_match_all("'<\/?(FORM|INPUT|SELECT|TEXTAREA|(OPTION))[^<>]*>(?(2)(.*(?=<\/?(option|select)[^<>]*>[\r\n]*)|(?=[\r\n]*))|(?=[\r\n]*))'Usi",$document,$elements); |
|
| 303 | + private function _stripform($document) |
|
| 304 | + { |
|
| 305 | + preg_match_all("'<\/?(FORM|INPUT|SELECT|TEXTAREA|(OPTION))[^<>]*>(?(2)(.*(?=<\/?(option|select)[^<>]*>[\r\n]*)|(?=[\r\n]*))|(?=[\r\n]*))'Usi",$document,$elements); |
|
| 306 | 306 | |
| 307 | - // catenate the matches |
|
| 308 | - $match = implode("\r\n",$elements[0]); |
|
| 307 | + // catenate the matches |
|
| 308 | + $match = implode("\r\n",$elements[0]); |
|
| 309 | 309 | |
| 310 | - // return the links |
|
| 311 | - return $match; |
|
| 312 | - } |
|
| 310 | + // return the links |
|
| 311 | + return $match; |
|
| 312 | + } |
|
| 313 | 313 | |
| 314 | 314 | |
| 315 | 315 | |
@@ -320,43 +320,43 @@ discard block |
||
| 320 | 320 | Output: $text the resulting text |
| 321 | 321 | \*======================================================================*/ |
| 322 | 322 | |
| 323 | - private function _striptext($document) |
|
| 324 | - { |
|
| 323 | + private function _striptext($document) |
|
| 324 | + { |
|
| 325 | 325 | |
| 326 | - // I didn't use preg eval (//e) since that is only available in PHP 4.0. |
|
| 327 | - // so, list your entities one by one here. I included some of the |
|
| 328 | - // more common ones. |
|
| 326 | + // I didn't use preg eval (//e) since that is only available in PHP 4.0. |
|
| 327 | + // so, list your entities one by one here. I included some of the |
|
| 328 | + // more common ones. |
|
| 329 | 329 | |
| 330 | - $search = array("'<script[^>]*?>.*?</script>'si", // strip out javascript |
|
| 331 | - "'<[\/\!]*?[^<>]*?>'si", // strip out html tags |
|
| 332 | - "'([\r\n])[\s]+'", // strip out white space |
|
| 333 | - "'&(quote|#34);'i", // replace html entities |
|
| 334 | - "'&(amp|#38);'i", |
|
| 335 | - "'&(lt|#60);'i", |
|
| 336 | - "'&(gt|#62);'i", |
|
| 337 | - "'&(nbsp|#160);'i", |
|
| 338 | - "'&(iexcl|#161);'i", |
|
| 339 | - "'&(cent|#162);'i", |
|
| 340 | - "'&(pound|#163);'i", |
|
| 341 | - "'&(copy|#169);'i" |
|
| 342 | - ); |
|
| 343 | - $replace = array( "", |
|
| 344 | - "", |
|
| 345 | - "\\1", |
|
| 346 | - "\"", |
|
| 347 | - "&", |
|
| 348 | - "<", |
|
| 349 | - ">", |
|
| 350 | - " ", |
|
| 351 | - chr(161), |
|
| 352 | - chr(162), |
|
| 353 | - chr(163), |
|
| 354 | - chr(169)); |
|
| 330 | + $search = array("'<script[^>]*?>.*?</script>'si", // strip out javascript |
|
| 331 | + "'<[\/\!]*?[^<>]*?>'si", // strip out html tags |
|
| 332 | + "'([\r\n])[\s]+'", // strip out white space |
|
| 333 | + "'&(quote|#34);'i", // replace html entities |
|
| 334 | + "'&(amp|#38);'i", |
|
| 335 | + "'&(lt|#60);'i", |
|
| 336 | + "'&(gt|#62);'i", |
|
| 337 | + "'&(nbsp|#160);'i", |
|
| 338 | + "'&(iexcl|#161);'i", |
|
| 339 | + "'&(cent|#162);'i", |
|
| 340 | + "'&(pound|#163);'i", |
|
| 341 | + "'&(copy|#169);'i" |
|
| 342 | + ); |
|
| 343 | + $replace = array( "", |
|
| 344 | + "", |
|
| 345 | + "\\1", |
|
| 346 | + "\"", |
|
| 347 | + "&", |
|
| 348 | + "<", |
|
| 349 | + ">", |
|
| 350 | + " ", |
|
| 351 | + chr(161), |
|
| 352 | + chr(162), |
|
| 353 | + chr(163), |
|
| 354 | + chr(169)); |
|
| 355 | 355 | |
| 356 | - $text = preg_replace($search,$replace,$document); |
|
| 356 | + $text = preg_replace($search,$replace,$document); |
|
| 357 | 357 | |
| 358 | - return $text; |
|
| 359 | - } |
|
| 358 | + return $text; |
|
| 359 | + } |
|
| 360 | 360 | |
| 361 | 361 | /*======================================================================*\ |
| 362 | 362 | Function: _expandlinks |
@@ -366,29 +366,29 @@ discard block |
||
| 366 | 366 | Output: $expandedLinks the expanded links |
| 367 | 367 | \*======================================================================*/ |
| 368 | 368 | |
| 369 | - private function _expandlinks($links,$URI) |
|
| 370 | - { |
|
| 369 | + private function _expandlinks($links,$URI) |
|
| 370 | + { |
|
| 371 | 371 | |
| 372 | - preg_match("/^[^\?]+/",$URI,$match); |
|
| 372 | + preg_match("/^[^\?]+/",$URI,$match); |
|
| 373 | 373 | |
| 374 | - $match = preg_replace("|/[^\/\.]+\.[^\/\.]+$|","",$match[0]); |
|
| 374 | + $match = preg_replace("|/[^\/\.]+\.[^\/\.]+$|","",$match[0]); |
|
| 375 | 375 | |
| 376 | - $search = array( "|^http://".preg_quote($this->host)."|i", |
|
| 377 | - "|^(?!http://)(\/)?(?!mailto:)|i", |
|
| 378 | - "|/\./|", |
|
| 379 | - "|/[^\/]+/\.\./|" |
|
| 380 | - ); |
|
| 376 | + $search = array( "|^http://".preg_quote($this->host)."|i", |
|
| 377 | + "|^(?!http://)(\/)?(?!mailto:)|i", |
|
| 378 | + "|/\./|", |
|
| 379 | + "|/[^\/]+/\.\./|" |
|
| 380 | + ); |
|
| 381 | 381 | |
| 382 | - $replace = array( "", |
|
| 383 | - $match."/", |
|
| 384 | - "/", |
|
| 385 | - "/" |
|
| 386 | - ); |
|
| 382 | + $replace = array( "", |
|
| 383 | + $match."/", |
|
| 384 | + "/", |
|
| 385 | + "/" |
|
| 386 | + ); |
|
| 387 | 387 | |
| 388 | - $expandedLinks = preg_replace($search,$replace,$links); |
|
| 388 | + $expandedLinks = preg_replace($search,$replace,$links); |
|
| 389 | 389 | |
| 390 | - return $expandedLinks; |
|
| 391 | - } |
|
| 390 | + return $expandedLinks; |
|
| 391 | + } |
|
| 392 | 392 | |
| 393 | 393 | /*======================================================================*\ |
| 394 | 394 | Function: _httprequest |
@@ -400,179 +400,179 @@ discard block |
||
| 400 | 400 | Output: |
| 401 | 401 | \*======================================================================*/ |
| 402 | 402 | |
| 403 | - private function _httprequest($url,$fp,$URI,$http_method,$content_type="",$body="") |
|
| 404 | - { |
|
| 405 | - if($this->passcookies && $this->_redirectaddr) |
|
| 406 | - $this->setcookies(); |
|
| 403 | + private function _httprequest($url,$fp,$URI,$http_method,$content_type="",$body="") |
|
| 404 | + { |
|
| 405 | + if($this->passcookies && $this->_redirectaddr) |
|
| 406 | + $this->setcookies(); |
|
| 407 | 407 | |
| 408 | - $URI_PARTS = parse_url($URI); |
|
| 409 | - if(empty($url)) |
|
| 410 | - $url = "/"; |
|
| 411 | - $headers = $http_method." ".$url." ".$this->_httpversion."\r\n"; |
|
| 412 | - if(!empty($this->agent)) |
|
| 413 | - $headers .= "User-Agent: ".$this->agent."\r\n"; |
|
| 414 | - if(!empty($this->host) && !isset($this->rawheaders['Host'])) |
|
| 415 | - $headers .= "Host: ".$this->host."\r\n"; |
|
| 416 | - if(!empty($this->accept)) |
|
| 417 | - $headers .= "Accept: ".$this->accept."\r\n"; |
|
| 408 | + $URI_PARTS = parse_url($URI); |
|
| 409 | + if(empty($url)) |
|
| 410 | + $url = "/"; |
|
| 411 | + $headers = $http_method." ".$url." ".$this->_httpversion."\r\n"; |
|
| 412 | + if(!empty($this->agent)) |
|
| 413 | + $headers .= "User-Agent: ".$this->agent."\r\n"; |
|
| 414 | + if(!empty($this->host) && !isset($this->rawheaders['Host'])) |
|
| 415 | + $headers .= "Host: ".$this->host."\r\n"; |
|
| 416 | + if(!empty($this->accept)) |
|
| 417 | + $headers .= "Accept: ".$this->accept."\r\n"; |
|
| 418 | 418 | |
| 419 | - if($this->use_gzip) { |
|
| 420 | - // make sure PHP was built with --with-zlib |
|
| 421 | - // and we can handle gzipp'ed data |
|
| 422 | - if ( function_exists(gzinflate) ) { |
|
| 423 | - $headers .= "Accept-encoding: gzip\r\n"; |
|
| 424 | - } |
|
| 425 | - else { |
|
| 426 | - trigger_error( |
|
| 427 | - "use_gzip is on, but PHP was built without zlib support.". |
|
| 428 | - " Requesting file(s) without gzip encoding.", |
|
| 429 | - E_USER_NOTICE); |
|
| 430 | - } |
|
| 431 | - } |
|
| 419 | + if($this->use_gzip) { |
|
| 420 | + // make sure PHP was built with --with-zlib |
|
| 421 | + // and we can handle gzipp'ed data |
|
| 422 | + if ( function_exists(gzinflate) ) { |
|
| 423 | + $headers .= "Accept-encoding: gzip\r\n"; |
|
| 424 | + } |
|
| 425 | + else { |
|
| 426 | + trigger_error( |
|
| 427 | + "use_gzip is on, but PHP was built without zlib support.". |
|
| 428 | + " Requesting file(s) without gzip encoding.", |
|
| 429 | + E_USER_NOTICE); |
|
| 430 | + } |
|
| 431 | + } |
|
| 432 | 432 | |
| 433 | - if(!empty($this->referer)) |
|
| 434 | - $headers .= "Referer: ".$this->referer."\r\n"; |
|
| 435 | - if(!empty($this->cookies)) |
|
| 436 | - { |
|
| 437 | - if(!is_array($this->cookies)) |
|
| 438 | - $this->cookies = (array)$this->cookies; |
|
| 433 | + if(!empty($this->referer)) |
|
| 434 | + $headers .= "Referer: ".$this->referer."\r\n"; |
|
| 435 | + if(!empty($this->cookies)) |
|
| 436 | + { |
|
| 437 | + if(!is_array($this->cookies)) |
|
| 438 | + $this->cookies = (array)$this->cookies; |
|
| 439 | 439 | |
| 440 | - reset($this->cookies); |
|
| 441 | - if ( count($this->cookies) > 0 ) { |
|
| 442 | - $cookie_headers .= 'Cookie: '; |
|
| 443 | - foreach ( $this->cookies as $cookieKey => $cookieVal ) { |
|
| 444 | - $cookie_headers .= $cookieKey."=".urlencode($cookieVal)."; "; |
|
| 445 | - } |
|
| 446 | - $headers .= substr($cookie_headers,0,-2) . "\r\n"; |
|
| 447 | - } |
|
| 448 | - } |
|
| 449 | - if(!empty($this->rawheaders)) |
|
| 450 | - { |
|
| 451 | - if(!is_array($this->rawheaders)) |
|
| 452 | - $this->rawheaders = (array)$this->rawheaders; |
|
| 453 | - while(list($headerKey,$headerVal) = each($this->rawheaders)) |
|
| 454 | - $headers .= $headerKey.": ".$headerVal."\r\n"; |
|
| 455 | - } |
|
| 456 | - if(!empty($content_type)) { |
|
| 457 | - $headers .= "Content-type: $content_type"; |
|
| 458 | - if ($content_type == "multipart/form-data") |
|
| 459 | - $headers .= "; boundary=".$this->_mime_boundary; |
|
| 460 | - $headers .= "\r\n"; |
|
| 461 | - } |
|
| 462 | - if(!empty($body)) |
|
| 463 | - $headers .= "Content-length: ".strlen($body)."\r\n"; |
|
| 464 | - if(!empty($this->user) || !empty($this->pass)) |
|
| 465 | - $headers .= "Authorization: BASIC ".base64_encode($this->user.":".$this->pass)."\r\n"; |
|
| 466 | - |
|
| 467 | - $headers .= "\r\n"; |
|
| 440 | + reset($this->cookies); |
|
| 441 | + if ( count($this->cookies) > 0 ) { |
|
| 442 | + $cookie_headers .= 'Cookie: '; |
|
| 443 | + foreach ( $this->cookies as $cookieKey => $cookieVal ) { |
|
| 444 | + $cookie_headers .= $cookieKey."=".urlencode($cookieVal)."; "; |
|
| 445 | + } |
|
| 446 | + $headers .= substr($cookie_headers,0,-2) . "\r\n"; |
|
| 447 | + } |
|
| 448 | + } |
|
| 449 | + if(!empty($this->rawheaders)) |
|
| 450 | + { |
|
| 451 | + if(!is_array($this->rawheaders)) |
|
| 452 | + $this->rawheaders = (array)$this->rawheaders; |
|
| 453 | + while(list($headerKey,$headerVal) = each($this->rawheaders)) |
|
| 454 | + $headers .= $headerKey.": ".$headerVal."\r\n"; |
|
| 455 | + } |
|
| 456 | + if(!empty($content_type)) { |
|
| 457 | + $headers .= "Content-type: $content_type"; |
|
| 458 | + if ($content_type == "multipart/form-data") |
|
| 459 | + $headers .= "; boundary=".$this->_mime_boundary; |
|
| 460 | + $headers .= "\r\n"; |
|
| 461 | + } |
|
| 462 | + if(!empty($body)) |
|
| 463 | + $headers .= "Content-length: ".strlen($body)."\r\n"; |
|
| 464 | + if(!empty($this->user) || !empty($this->pass)) |
|
| 465 | + $headers .= "Authorization: BASIC ".base64_encode($this->user.":".$this->pass)."\r\n"; |
|
| 466 | + |
|
| 467 | + $headers .= "\r\n"; |
|
| 468 | 468 | |
| 469 | - // set the read timeout if needed |
|
| 470 | - if ($this->read_timeout > 0) |
|
| 471 | - socket_set_timeout($fp, $this->read_timeout); |
|
| 472 | - $this->timed_out = false; |
|
| 469 | + // set the read timeout if needed |
|
| 470 | + if ($this->read_timeout > 0) |
|
| 471 | + socket_set_timeout($fp, $this->read_timeout); |
|
| 472 | + $this->timed_out = false; |
|
| 473 | 473 | |
| 474 | - fwrite($fp,$headers.$body,strlen($headers.$body)); |
|
| 474 | + fwrite($fp,$headers.$body,strlen($headers.$body)); |
|
| 475 | 475 | |
| 476 | - $this->_redirectaddr = false; |
|
| 477 | - unset($this->headers); |
|
| 476 | + $this->_redirectaddr = false; |
|
| 477 | + unset($this->headers); |
|
| 478 | 478 | |
| 479 | - // content was returned gzip encoded? |
|
| 480 | - $is_gzipped = false; |
|
| 479 | + // content was returned gzip encoded? |
|
| 480 | + $is_gzipped = false; |
|
| 481 | 481 | |
| 482 | - while($currentHeader = fgets($fp,$this->_maxlinelen)) |
|
| 483 | - { |
|
| 484 | - if ($this->read_timeout > 0 && $this->_check_timeout($fp)) |
|
| 485 | - { |
|
| 486 | - $this->status=-100; |
|
| 487 | - return false; |
|
| 488 | - } |
|
| 482 | + while($currentHeader = fgets($fp,$this->_maxlinelen)) |
|
| 483 | + { |
|
| 484 | + if ($this->read_timeout > 0 && $this->_check_timeout($fp)) |
|
| 485 | + { |
|
| 486 | + $this->status=-100; |
|
| 487 | + return false; |
|
| 488 | + } |
|
| 489 | 489 | |
| 490 | - // if($currentHeader == "\r\n") |
|
| 491 | - if(preg_match("/^\r?\n$/", $currentHeader) ) |
|
| 492 | - break; |
|
| 490 | + // if($currentHeader == "\r\n") |
|
| 491 | + if(preg_match("/^\r?\n$/", $currentHeader) ) |
|
| 492 | + break; |
|
| 493 | 493 | |
| 494 | - // if a header begins with Location: or URI:, set the redirect |
|
| 495 | - if(preg_match("/^(Location:|URI:)/i",$currentHeader)) |
|
| 496 | - { |
|
| 497 | - // get URL portion of the redirect |
|
| 498 | - preg_match("/^(Location:|URI:)\s+(.*)/",chop($currentHeader),$matches); |
|
| 499 | - // look for :// in the Location header to see if hostname is included |
|
| 500 | - if(!preg_match("|\:\/\/|",$matches[2])) |
|
| 501 | - { |
|
| 502 | - // no host in the path, so prepend |
|
| 503 | - $this->_redirectaddr = $URI_PARTS["scheme"]."://".$this->host.":".$this->port; |
|
| 504 | - // eliminate double slash |
|
| 505 | - if(!preg_match("|^/|",$matches[2])) |
|
| 506 | - $this->_redirectaddr .= "/".$matches[2]; |
|
| 507 | - else |
|
| 508 | - $this->_redirectaddr .= $matches[2]; |
|
| 509 | - } |
|
| 510 | - else |
|
| 511 | - $this->_redirectaddr = $matches[2]; |
|
| 512 | - } |
|
| 494 | + // if a header begins with Location: or URI:, set the redirect |
|
| 495 | + if(preg_match("/^(Location:|URI:)/i",$currentHeader)) |
|
| 496 | + { |
|
| 497 | + // get URL portion of the redirect |
|
| 498 | + preg_match("/^(Location:|URI:)\s+(.*)/",chop($currentHeader),$matches); |
|
| 499 | + // look for :// in the Location header to see if hostname is included |
|
| 500 | + if(!preg_match("|\:\/\/|",$matches[2])) |
|
| 501 | + { |
|
| 502 | + // no host in the path, so prepend |
|
| 503 | + $this->_redirectaddr = $URI_PARTS["scheme"]."://".$this->host.":".$this->port; |
|
| 504 | + // eliminate double slash |
|
| 505 | + if(!preg_match("|^/|",$matches[2])) |
|
| 506 | + $this->_redirectaddr .= "/".$matches[2]; |
|
| 507 | + else |
|
| 508 | + $this->_redirectaddr .= $matches[2]; |
|
| 509 | + } |
|
| 510 | + else |
|
| 511 | + $this->_redirectaddr = $matches[2]; |
|
| 512 | + } |
|
| 513 | 513 | |
| 514 | - if(preg_match("|^HTTP/|",$currentHeader)) |
|
| 515 | - { |
|
| 514 | + if(preg_match("|^HTTP/|",$currentHeader)) |
|
| 515 | + { |
|
| 516 | 516 | if(preg_match("|^HTTP/[^\s]*\s(.*?)\s|",$currentHeader, $status)) |
| 517 | - { |
|
| 518 | - $this->status= $status[1]; |
|
| 517 | + { |
|
| 518 | + $this->status= $status[1]; |
|
| 519 | 519 | } |
| 520 | - $this->response_code = $currentHeader; |
|
| 521 | - } |
|
| 520 | + $this->response_code = $currentHeader; |
|
| 521 | + } |
|
| 522 | 522 | |
| 523 | - if (preg_match("/Content-Encoding: gzip/", $currentHeader) ) { |
|
| 524 | - $is_gzipped = true; |
|
| 525 | - } |
|
| 523 | + if (preg_match("/Content-Encoding: gzip/", $currentHeader) ) { |
|
| 524 | + $is_gzipped = true; |
|
| 525 | + } |
|
| 526 | 526 | |
| 527 | - $this->headers[] = $currentHeader; |
|
| 528 | - } |
|
| 529 | - |
|
| 530 | - # $results = fread($fp, $this->maxlength); |
|
| 531 | - $results = ""; |
|
| 532 | - while ( $data = fread($fp, $this->maxlength) ) { |
|
| 533 | - $results .= $data; |
|
| 534 | - if ( |
|
| 535 | - strlen($results) > $this->maxlength ) { |
|
| 536 | - break; |
|
| 537 | - } |
|
| 538 | - } |
|
| 527 | + $this->headers[] = $currentHeader; |
|
| 528 | + } |
|
| 529 | + |
|
| 530 | + # $results = fread($fp, $this->maxlength); |
|
| 531 | + $results = ""; |
|
| 532 | + while ( $data = fread($fp, $this->maxlength) ) { |
|
| 533 | + $results .= $data; |
|
| 534 | + if ( |
|
| 535 | + strlen($results) > $this->maxlength ) { |
|
| 536 | + break; |
|
| 537 | + } |
|
| 538 | + } |
|
| 539 | 539 | |
| 540 | - // gunzip |
|
| 541 | - if ( $is_gzipped ) { |
|
| 542 | - // per http://www.php.net/manual/en/function.gzencode.php |
|
| 543 | - $results = substr($results, 10); |
|
| 544 | - $results = gzinflate($results); |
|
| 545 | - } |
|
| 540 | + // gunzip |
|
| 541 | + if ( $is_gzipped ) { |
|
| 542 | + // per http://www.php.net/manual/en/function.gzencode.php |
|
| 543 | + $results = substr($results, 10); |
|
| 544 | + $results = gzinflate($results); |
|
| 545 | + } |
|
| 546 | 546 | |
| 547 | - if ($this->read_timeout > 0 && $this->_check_timeout($fp)) |
|
| 548 | - { |
|
| 549 | - $this->status=-100; |
|
| 550 | - return false; |
|
| 551 | - } |
|
| 547 | + if ($this->read_timeout > 0 && $this->_check_timeout($fp)) |
|
| 548 | + { |
|
| 549 | + $this->status=-100; |
|
| 550 | + return false; |
|
| 551 | + } |
|
| 552 | 552 | |
| 553 | - // check if there is a a redirect meta tag |
|
| 553 | + // check if there is a a redirect meta tag |
|
| 554 | 554 | |
| 555 | - if(preg_match("'<meta[\s]*http-equiv[^>]*?content[\s]*=[\s]*[\"\']?\d+;[\s]+URL[\s]*=[\s]*([^\"\']*?)[\"\']?>'i",$results,$match)) |
|
| 556 | - { |
|
| 557 | - $this->_redirectaddr = $this->_expandlinks($match[1],$URI); |
|
| 558 | - } |
|
| 559 | - |
|
| 560 | - // have we hit our frame depth and is there frame src to fetch? |
|
| 561 | - if(($this->_framedepth < $this->maxframes) && preg_match_all("'<frame\s+.*src[\s]*=[\'\"]?([^\'\"\>]+)'i",$results,$match)) |
|
| 562 | - { |
|
| 563 | - $this->results[] = $results; |
|
| 564 | - for($x=0; $x<count($match[1]); $x++) |
|
| 565 | - $this->_frameurls[] = $this->_expandlinks($match[1][$x],$URI_PARTS["scheme"]."://".$this->host); |
|
| 566 | - } |
|
| 567 | - // have we already fetched framed content? |
|
| 568 | - elseif(is_array($this->results)) |
|
| 569 | - $this->results[] = $results; |
|
| 570 | - // no framed content |
|
| 571 | - else |
|
| 572 | - $this->results = $results; |
|
| 555 | + if(preg_match("'<meta[\s]*http-equiv[^>]*?content[\s]*=[\s]*[\"\']?\d+;[\s]+URL[\s]*=[\s]*([^\"\']*?)[\"\']?>'i",$results,$match)) |
|
| 556 | + { |
|
| 557 | + $this->_redirectaddr = $this->_expandlinks($match[1],$URI); |
|
| 558 | + } |
|
| 559 | + |
|
| 560 | + // have we hit our frame depth and is there frame src to fetch? |
|
| 561 | + if(($this->_framedepth < $this->maxframes) && preg_match_all("'<frame\s+.*src[\s]*=[\'\"]?([^\'\"\>]+)'i",$results,$match)) |
|
| 562 | + { |
|
| 563 | + $this->results[] = $results; |
|
| 564 | + for($x=0; $x<count($match[1]); $x++) |
|
| 565 | + $this->_frameurls[] = $this->_expandlinks($match[1][$x],$URI_PARTS["scheme"]."://".$this->host); |
|
| 566 | + } |
|
| 567 | + // have we already fetched framed content? |
|
| 568 | + elseif(is_array($this->results)) |
|
| 569 | + $this->results[] = $results; |
|
| 570 | + // no framed content |
|
| 571 | + else |
|
| 572 | + $this->results = $results; |
|
| 573 | 573 | |
| 574 | - return true; |
|
| 575 | - } |
|
| 574 | + return true; |
|
| 575 | + } |
|
| 576 | 576 | |
| 577 | 577 | /*======================================================================*\ |
| 578 | 578 | Function: _httpsrequest |
@@ -583,163 +583,163 @@ discard block |
||
| 583 | 583 | Output: |
| 584 | 584 | \*======================================================================*/ |
| 585 | 585 | |
| 586 | - private function _httpsrequest($url,$URI,$http_method,$content_type="",$body="") |
|
| 587 | - { |
|
| 588 | - if($this->passcookies && $this->_redirectaddr) |
|
| 589 | - $this->setcookies(); |
|
| 586 | + private function _httpsrequest($url,$URI,$http_method,$content_type="",$body="") |
|
| 587 | + { |
|
| 588 | + if($this->passcookies && $this->_redirectaddr) |
|
| 589 | + $this->setcookies(); |
|
| 590 | 590 | |
| 591 | - $headers = array(); |
|
| 591 | + $headers = array(); |
|
| 592 | 592 | |
| 593 | - $URI_PARTS = parse_url($URI); |
|
| 594 | - if(empty($url)) |
|
| 595 | - $url = "/"; |
|
| 596 | - // GET ... header not needed for curl |
|
| 597 | - //$headers[] = $http_method." ".$url." ".$this->_httpversion; |
|
| 598 | - if(!empty($this->agent)) |
|
| 599 | - $headers[] = "User-Agent: ".$this->agent; |
|
| 600 | - if(!empty($this->host)) |
|
| 601 | - $headers[] = "Host: ".$this->host; |
|
| 602 | - if(!empty($this->accept)) |
|
| 603 | - $headers[] = "Accept: ".$this->accept; |
|
| 604 | - if(!empty($this->referer)) |
|
| 605 | - $headers[] = "Referer: ".$this->referer; |
|
| 606 | - if(!empty($this->cookies)) |
|
| 607 | - { |
|
| 608 | - if(!is_array($this->cookies)) |
|
| 609 | - $this->cookies = (array)$this->cookies; |
|
| 593 | + $URI_PARTS = parse_url($URI); |
|
| 594 | + if(empty($url)) |
|
| 595 | + $url = "/"; |
|
| 596 | + // GET ... header not needed for curl |
|
| 597 | + //$headers[] = $http_method." ".$url." ".$this->_httpversion; |
|
| 598 | + if(!empty($this->agent)) |
|
| 599 | + $headers[] = "User-Agent: ".$this->agent; |
|
| 600 | + if(!empty($this->host)) |
|
| 601 | + $headers[] = "Host: ".$this->host; |
|
| 602 | + if(!empty($this->accept)) |
|
| 603 | + $headers[] = "Accept: ".$this->accept; |
|
| 604 | + if(!empty($this->referer)) |
|
| 605 | + $headers[] = "Referer: ".$this->referer; |
|
| 606 | + if(!empty($this->cookies)) |
|
| 607 | + { |
|
| 608 | + if(!is_array($this->cookies)) |
|
| 609 | + $this->cookies = (array)$this->cookies; |
|
| 610 | 610 | |
| 611 | - reset($this->cookies); |
|
| 612 | - if ( count($this->cookies) > 0 ) { |
|
| 613 | - $cookie_str = 'Cookie: '; |
|
| 614 | - foreach ( $this->cookies as $cookieKey => $cookieVal ) { |
|
| 615 | - $cookie_str .= $cookieKey."=".urlencode($cookieVal)."; "; |
|
| 616 | - } |
|
| 617 | - $headers[] = substr($cookie_str,0,-2); |
|
| 618 | - } |
|
| 619 | - } |
|
| 620 | - if(!empty($this->rawheaders)) |
|
| 621 | - { |
|
| 622 | - if(!is_array($this->rawheaders)) |
|
| 623 | - $this->rawheaders = (array)$this->rawheaders; |
|
| 624 | - while(list($headerKey,$headerVal) = each($this->rawheaders)) |
|
| 625 | - $headers[] = $headerKey.": ".$headerVal; |
|
| 626 | - } |
|
| 627 | - if(!empty($content_type)) { |
|
| 628 | - if ($content_type == "multipart/form-data") |
|
| 629 | - $headers[] = "Content-type: $content_type; boundary=".$this->_mime_boundary; |
|
| 630 | - else |
|
| 631 | - $headers[] = "Content-type: $content_type"; |
|
| 632 | - } |
|
| 633 | - if(!empty($body)) |
|
| 634 | - $headers[] = "Content-length: ".strlen($body); |
|
| 635 | - if(!empty($this->user) || !empty($this->pass)) |
|
| 636 | - $headers[] = "Authorization: BASIC ".base64_encode($this->user.":".$this->pass); |
|
| 611 | + reset($this->cookies); |
|
| 612 | + if ( count($this->cookies) > 0 ) { |
|
| 613 | + $cookie_str = 'Cookie: '; |
|
| 614 | + foreach ( $this->cookies as $cookieKey => $cookieVal ) { |
|
| 615 | + $cookie_str .= $cookieKey."=".urlencode($cookieVal)."; "; |
|
| 616 | + } |
|
| 617 | + $headers[] = substr($cookie_str,0,-2); |
|
| 618 | + } |
|
| 619 | + } |
|
| 620 | + if(!empty($this->rawheaders)) |
|
| 621 | + { |
|
| 622 | + if(!is_array($this->rawheaders)) |
|
| 623 | + $this->rawheaders = (array)$this->rawheaders; |
|
| 624 | + while(list($headerKey,$headerVal) = each($this->rawheaders)) |
|
| 625 | + $headers[] = $headerKey.": ".$headerVal; |
|
| 626 | + } |
|
| 627 | + if(!empty($content_type)) { |
|
| 628 | + if ($content_type == "multipart/form-data") |
|
| 629 | + $headers[] = "Content-type: $content_type; boundary=".$this->_mime_boundary; |
|
| 630 | + else |
|
| 631 | + $headers[] = "Content-type: $content_type"; |
|
| 632 | + } |
|
| 633 | + if(!empty($body)) |
|
| 634 | + $headers[] = "Content-length: ".strlen($body); |
|
| 635 | + if(!empty($this->user) || !empty($this->pass)) |
|
| 636 | + $headers[] = "Authorization: BASIC ".base64_encode($this->user.":".$this->pass); |
|
| 637 | 637 | |
| 638 | - for($curr_header = 0; $curr_header < count($headers); $curr_header++) { |
|
| 639 | - $cmdline_params .= " -H \"".$headers[$curr_header]."\""; |
|
| 640 | - } |
|
| 638 | + for($curr_header = 0; $curr_header < count($headers); $curr_header++) { |
|
| 639 | + $cmdline_params .= " -H \"".$headers[$curr_header]."\""; |
|
| 640 | + } |
|
| 641 | 641 | |
| 642 | - if(!empty($body)) |
|
| 643 | - $cmdline_params .= " -d \"$body\""; |
|
| 642 | + if(!empty($body)) |
|
| 643 | + $cmdline_params .= " -d \"$body\""; |
|
| 644 | 644 | |
| 645 | - if($this->read_timeout > 0) |
|
| 646 | - $cmdline_params .= " -m ".$this->read_timeout; |
|
| 645 | + if($this->read_timeout > 0) |
|
| 646 | + $cmdline_params .= " -m ".$this->read_timeout; |
|
| 647 | 647 | |
| 648 | - $headerfile = uniqid(time()); |
|
| 648 | + $headerfile = uniqid(time()); |
|
| 649 | 649 | |
| 650 | - # accept self-signed certs |
|
| 651 | - $cmdline_params .= " -k"; |
|
| 650 | + # accept self-signed certs |
|
| 651 | + $cmdline_params .= " -k"; |
|
| 652 | 652 | $results = array(); |
| 653 | 653 | $return = 0; |
| 654 | - exec($this->curl_path." -D \"/tmp/$headerfile\"".escapeshellcmd($cmdline_params)." ".escapeshellcmd($URI),$results,$return); |
|
| 654 | + exec($this->curl_path." -D \"/tmp/$headerfile\"".escapeshellcmd($cmdline_params)." ".escapeshellcmd($URI),$results,$return); |
|
| 655 | 655 | |
| 656 | - if($return) |
|
| 657 | - { |
|
| 658 | - $this->error = "Error: cURL could not retrieve the document, error $return."; |
|
| 659 | - return false; |
|
| 660 | - } |
|
| 656 | + if($return) |
|
| 657 | + { |
|
| 658 | + $this->error = "Error: cURL could not retrieve the document, error $return."; |
|
| 659 | + return false; |
|
| 660 | + } |
|
| 661 | 661 | |
| 662 | 662 | |
| 663 | - $results = implode("\r\n",$results); |
|
| 663 | + $results = implode("\r\n",$results); |
|
| 664 | 664 | |
| 665 | - $result_headers = file("/tmp/$headerfile"); |
|
| 665 | + $result_headers = file("/tmp/$headerfile"); |
|
| 666 | 666 | |
| 667 | - $this->_redirectaddr = false; |
|
| 668 | - unset($this->headers); |
|
| 667 | + $this->_redirectaddr = false; |
|
| 668 | + unset($this->headers); |
|
| 669 | 669 | |
| 670 | - for($currentHeader = 0; $currentHeader < count($result_headers); $currentHeader++) |
|
| 671 | - { |
|
| 670 | + for($currentHeader = 0; $currentHeader < count($result_headers); $currentHeader++) |
|
| 671 | + { |
|
| 672 | 672 | |
| 673 | - // if a header begins with Location: or URI:, set the redirect |
|
| 674 | - if(preg_match("/^(Location: |URI: )/i",$result_headers[$currentHeader])) |
|
| 675 | - { |
|
| 676 | - // get URL portion of the redirect |
|
| 677 | - preg_match("/^(Location: |URI:)(.*)/",chop($result_headers[$currentHeader]),$matches); |
|
| 678 | - // look for :// in the Location header to see if hostname is included |
|
| 679 | - if(!preg_match("|\:\/\/|",$matches[2])) |
|
| 680 | - { |
|
| 681 | - // no host in the path, so prepend |
|
| 682 | - $this->_redirectaddr = $URI_PARTS["scheme"]."://".$this->host.":".$this->port; |
|
| 683 | - // eliminate double slash |
|
| 684 | - if(!preg_match("|^/|",$matches[2])) |
|
| 685 | - $this->_redirectaddr .= "/".$matches[2]; |
|
| 686 | - else |
|
| 687 | - $this->_redirectaddr .= $matches[2]; |
|
| 688 | - } |
|
| 689 | - else |
|
| 690 | - $this->_redirectaddr = $matches[2]; |
|
| 691 | - } |
|
| 673 | + // if a header begins with Location: or URI:, set the redirect |
|
| 674 | + if(preg_match("/^(Location: |URI: )/i",$result_headers[$currentHeader])) |
|
| 675 | + { |
|
| 676 | + // get URL portion of the redirect |
|
| 677 | + preg_match("/^(Location: |URI:)(.*)/",chop($result_headers[$currentHeader]),$matches); |
|
| 678 | + // look for :// in the Location header to see if hostname is included |
|
| 679 | + if(!preg_match("|\:\/\/|",$matches[2])) |
|
| 680 | + { |
|
| 681 | + // no host in the path, so prepend |
|
| 682 | + $this->_redirectaddr = $URI_PARTS["scheme"]."://".$this->host.":".$this->port; |
|
| 683 | + // eliminate double slash |
|
| 684 | + if(!preg_match("|^/|",$matches[2])) |
|
| 685 | + $this->_redirectaddr .= "/".$matches[2]; |
|
| 686 | + else |
|
| 687 | + $this->_redirectaddr .= $matches[2]; |
|
| 688 | + } |
|
| 689 | + else |
|
| 690 | + $this->_redirectaddr = $matches[2]; |
|
| 691 | + } |
|
| 692 | 692 | |
| 693 | - if(preg_match("|^HTTP/|",$result_headers[$currentHeader])) |
|
| 694 | - { |
|
| 695 | - $this->response_code = $result_headers[$currentHeader]; |
|
| 696 | - if(preg_match("|^HTTP/[^\s]*\s(.*?)\s|",$this->response_code, $match)) |
|
| 697 | - { |
|
| 698 | - $this->status= $match[1]; |
|
| 699 | - } |
|
| 700 | - } |
|
| 701 | - $this->headers[] = $result_headers[$currentHeader]; |
|
| 702 | - } |
|
| 703 | - |
|
| 704 | - // check if there is a a redirect meta tag |
|
| 693 | + if(preg_match("|^HTTP/|",$result_headers[$currentHeader])) |
|
| 694 | + { |
|
| 695 | + $this->response_code = $result_headers[$currentHeader]; |
|
| 696 | + if(preg_match("|^HTTP/[^\s]*\s(.*?)\s|",$this->response_code, $match)) |
|
| 697 | + { |
|
| 698 | + $this->status= $match[1]; |
|
| 699 | + } |
|
| 700 | + } |
|
| 701 | + $this->headers[] = $result_headers[$currentHeader]; |
|
| 702 | + } |
|
| 703 | + |
|
| 704 | + // check if there is a a redirect meta tag |
|
| 705 | 705 | |
| 706 | - if(preg_match("'<meta[\s]*http-equiv[^>]*?content[\s]*=[\s]*[\"\']?\d+;[\s]+URL[\s]*=[\s]*([^\"\']*?)[\"\']?>'i",$results,$match)) |
|
| 707 | - { |
|
| 708 | - $this->_redirectaddr = $this->_expandlinks($match[1],$URI); |
|
| 709 | - } |
|
| 710 | - |
|
| 711 | - // have we hit our frame depth and is there frame src to fetch? |
|
| 712 | - if(($this->_framedepth < $this->maxframes) && preg_match_all("'<frame\s+.*src[\s]*=[\'\"]?([^\'\"\>]+)'i",$results,$match)) |
|
| 713 | - { |
|
| 714 | - $this->results[] = $results; |
|
| 715 | - for($x=0; $x<count($match[1]); $x++) |
|
| 716 | - $this->_frameurls[] = $this->_expandlinks($match[1][$x],$URI_PARTS["scheme"]."://".$this->host); |
|
| 717 | - } |
|
| 718 | - // have we already fetched framed content? |
|
| 719 | - elseif(is_array($this->results)) |
|
| 720 | - $this->results[] = $results; |
|
| 721 | - // no framed content |
|
| 722 | - else |
|
| 723 | - $this->results = $results; |
|
| 724 | - |
|
| 725 | - unlink("/tmp/$headerfile"); |
|
| 706 | + if(preg_match("'<meta[\s]*http-equiv[^>]*?content[\s]*=[\s]*[\"\']?\d+;[\s]+URL[\s]*=[\s]*([^\"\']*?)[\"\']?>'i",$results,$match)) |
|
| 707 | + { |
|
| 708 | + $this->_redirectaddr = $this->_expandlinks($match[1],$URI); |
|
| 709 | + } |
|
| 710 | + |
|
| 711 | + // have we hit our frame depth and is there frame src to fetch? |
|
| 712 | + if(($this->_framedepth < $this->maxframes) && preg_match_all("'<frame\s+.*src[\s]*=[\'\"]?([^\'\"\>]+)'i",$results,$match)) |
|
| 713 | + { |
|
| 714 | + $this->results[] = $results; |
|
| 715 | + for($x=0; $x<count($match[1]); $x++) |
|
| 716 | + $this->_frameurls[] = $this->_expandlinks($match[1][$x],$URI_PARTS["scheme"]."://".$this->host); |
|
| 717 | + } |
|
| 718 | + // have we already fetched framed content? |
|
| 719 | + elseif(is_array($this->results)) |
|
| 720 | + $this->results[] = $results; |
|
| 721 | + // no framed content |
|
| 722 | + else |
|
| 723 | + $this->results = $results; |
|
| 724 | + |
|
| 725 | + unlink("/tmp/$headerfile"); |
|
| 726 | 726 | |
| 727 | - return true; |
|
| 728 | - } |
|
| 727 | + return true; |
|
| 728 | + } |
|
| 729 | 729 | |
| 730 | 730 | /*======================================================================*\ |
| 731 | 731 | Function: setcookies() |
| 732 | 732 | Purpose: set cookies for a redirection |
| 733 | 733 | \*======================================================================*/ |
| 734 | 734 | |
| 735 | - public function setcookies() |
|
| 736 | - { |
|
| 737 | - for($x=0; $x<count($this->headers); $x++) |
|
| 738 | - { |
|
| 739 | - if(preg_match("/^set-cookie:[\s]+([^=]+)=([^;]+)/i", $this->headers[$x],$match)) |
|
| 740 | - $this->cookies[$match[1]] = $match[2]; |
|
| 741 | - } |
|
| 742 | - } |
|
| 735 | + public function setcookies() |
|
| 736 | + { |
|
| 737 | + for($x=0; $x<count($this->headers); $x++) |
|
| 738 | + { |
|
| 739 | + if(preg_match("/^set-cookie:[\s]+([^=]+)=([^;]+)/i", $this->headers[$x],$match)) |
|
| 740 | + $this->cookies[$match[1]] = $match[2]; |
|
| 741 | + } |
|
| 742 | + } |
|
| 743 | 743 | |
| 744 | 744 | |
| 745 | 745 | /*======================================================================*\ |
@@ -748,17 +748,17 @@ discard block |
||
| 748 | 748 | Input: $fp file pointer |
| 749 | 749 | \*======================================================================*/ |
| 750 | 750 | |
| 751 | - private function _check_timeout($fp) |
|
| 752 | - { |
|
| 753 | - if ($this->read_timeout > 0) { |
|
| 754 | - $fp_status = socket_get_status($fp); |
|
| 755 | - if ($fp_status["timed_out"]) { |
|
| 756 | - $this->timed_out = true; |
|
| 757 | - return true; |
|
| 758 | - } |
|
| 759 | - } |
|
| 760 | - return false; |
|
| 761 | - } |
|
| 751 | + private function _check_timeout($fp) |
|
| 752 | + { |
|
| 753 | + if ($this->read_timeout > 0) { |
|
| 754 | + $fp_status = socket_get_status($fp); |
|
| 755 | + if ($fp_status["timed_out"]) { |
|
| 756 | + $this->timed_out = true; |
|
| 757 | + return true; |
|
| 758 | + } |
|
| 759 | + } |
|
| 760 | + return false; |
|
| 761 | + } |
|
| 762 | 762 | |
| 763 | 763 | /*======================================================================*\ |
| 764 | 764 | Function: _connect |
@@ -766,62 +766,62 @@ discard block |
||
| 766 | 766 | Input: $fp file pointer |
| 767 | 767 | \*======================================================================*/ |
| 768 | 768 | |
| 769 | - private function _connect(&$fp) |
|
| 770 | - { |
|
| 771 | - if(!empty($this->proxy_host) && !empty($this->proxy_port)) |
|
| 772 | - { |
|
| 773 | - $this->_isproxy = true; |
|
| 774 | - $host = $this->proxy_host; |
|
| 775 | - $port = $this->proxy_port; |
|
| 776 | - } |
|
| 777 | - else |
|
| 778 | - { |
|
| 779 | - $host = $this->host; |
|
| 780 | - $port = $this->port; |
|
| 781 | - } |
|
| 769 | + private function _connect(&$fp) |
|
| 770 | + { |
|
| 771 | + if(!empty($this->proxy_host) && !empty($this->proxy_port)) |
|
| 772 | + { |
|
| 773 | + $this->_isproxy = true; |
|
| 774 | + $host = $this->proxy_host; |
|
| 775 | + $port = $this->proxy_port; |
|
| 776 | + } |
|
| 777 | + else |
|
| 778 | + { |
|
| 779 | + $host = $this->host; |
|
| 780 | + $port = $this->port; |
|
| 781 | + } |
|
| 782 | 782 | |
| 783 | - $this->status = 0; |
|
| 783 | + $this->status = 0; |
|
| 784 | 784 | |
| 785 | - if($fp = fsockopen( |
|
| 786 | - $host, |
|
| 787 | - $port, |
|
| 788 | - $errno, |
|
| 789 | - $errstr, |
|
| 790 | - $this->_fp_timeout |
|
| 791 | - )) |
|
| 792 | - { |
|
| 793 | - // socket connection succeeded |
|
| 794 | - |
|
| 795 | - return true; |
|
| 796 | - } |
|
| 797 | - else |
|
| 798 | - { |
|
| 799 | - // socket connection failed |
|
| 800 | - $this->status = $errno; |
|
| 801 | - switch($errno) |
|
| 802 | - { |
|
| 803 | - case -3: |
|
| 804 | - $this->error="socket creation failed (-3)"; |
|
| 805 | - case -4: |
|
| 806 | - $this->error="dns lookup failure (-4)"; |
|
| 807 | - case -5: |
|
| 808 | - $this->error="connection refused or timed out (-5)"; |
|
| 809 | - default: |
|
| 810 | - $this->error="connection failed (".$errno.")"; |
|
| 811 | - } |
|
| 812 | - return false; |
|
| 813 | - } |
|
| 814 | - } |
|
| 785 | + if($fp = fsockopen( |
|
| 786 | + $host, |
|
| 787 | + $port, |
|
| 788 | + $errno, |
|
| 789 | + $errstr, |
|
| 790 | + $this->_fp_timeout |
|
| 791 | + )) |
|
| 792 | + { |
|
| 793 | + // socket connection succeeded |
|
| 794 | + |
|
| 795 | + return true; |
|
| 796 | + } |
|
| 797 | + else |
|
| 798 | + { |
|
| 799 | + // socket connection failed |
|
| 800 | + $this->status = $errno; |
|
| 801 | + switch($errno) |
|
| 802 | + { |
|
| 803 | + case -3: |
|
| 804 | + $this->error="socket creation failed (-3)"; |
|
| 805 | + case -4: |
|
| 806 | + $this->error="dns lookup failure (-4)"; |
|
| 807 | + case -5: |
|
| 808 | + $this->error="connection refused or timed out (-5)"; |
|
| 809 | + default: |
|
| 810 | + $this->error="connection failed (".$errno.")"; |
|
| 811 | + } |
|
| 812 | + return false; |
|
| 813 | + } |
|
| 814 | + } |
|
| 815 | 815 | /*======================================================================*\ |
| 816 | 816 | Function: _disconnect |
| 817 | 817 | Purpose: disconnect a socket connection |
| 818 | 818 | Input: $fp file pointer |
| 819 | 819 | \*======================================================================*/ |
| 820 | 820 | |
| 821 | - private function _disconnect($fp) |
|
| 822 | - { |
|
| 823 | - return(fclose($fp)); |
|
| 824 | - } |
|
| 821 | + private function _disconnect($fp) |
|
| 822 | + { |
|
| 823 | + return(fclose($fp)); |
|
| 824 | + } |
|
| 825 | 825 | |
| 826 | 826 | |
| 827 | 827 | /*======================================================================*\ |
@@ -832,65 +832,65 @@ discard block |
||
| 832 | 832 | Output: post body |
| 833 | 833 | \*======================================================================*/ |
| 834 | 834 | |
| 835 | - private function _prepare_post_body($formvars, $formfiles) |
|
| 836 | - { |
|
| 837 | - settype($formvars, "array"); |
|
| 838 | - settype($formfiles, "array"); |
|
| 835 | + private function _prepare_post_body($formvars, $formfiles) |
|
| 836 | + { |
|
| 837 | + settype($formvars, "array"); |
|
| 838 | + settype($formfiles, "array"); |
|
| 839 | 839 | |
| 840 | - if (count($formvars) == 0 && count($formfiles) == 0) |
|
| 841 | - return; |
|
| 840 | + if (count($formvars) == 0 && count($formfiles) == 0) |
|
| 841 | + return; |
|
| 842 | 842 | |
| 843 | - switch ($this->_submit_type) { |
|
| 844 | - case "application/x-www-form-urlencoded": |
|
| 845 | - reset($formvars); |
|
| 846 | - while(list($key,$val) = each($formvars)) { |
|
| 847 | - if (is_array($val) || is_object($val)) { |
|
| 848 | - while (list($cur_key, $cur_val) = each($val)) { |
|
| 849 | - $postdata .= urlencode($key)."[]=".urlencode($cur_val)."&"; |
|
| 850 | - } |
|
| 851 | - } else |
|
| 852 | - $postdata .= urlencode($key)."=".urlencode($val)."&"; |
|
| 853 | - } |
|
| 854 | - break; |
|
| 855 | - |
|
| 856 | - case "multipart/form-data": |
|
| 857 | - $this->_mime_boundary = "Snoopy".md5(uniqid(microtime())); |
|
| 843 | + switch ($this->_submit_type) { |
|
| 844 | + case "application/x-www-form-urlencoded": |
|
| 845 | + reset($formvars); |
|
| 846 | + while(list($key,$val) = each($formvars)) { |
|
| 847 | + if (is_array($val) || is_object($val)) { |
|
| 848 | + while (list($cur_key, $cur_val) = each($val)) { |
|
| 849 | + $postdata .= urlencode($key)."[]=".urlencode($cur_val)."&"; |
|
| 850 | + } |
|
| 851 | + } else |
|
| 852 | + $postdata .= urlencode($key)."=".urlencode($val)."&"; |
|
| 853 | + } |
|
| 854 | + break; |
|
| 855 | + |
|
| 856 | + case "multipart/form-data": |
|
| 857 | + $this->_mime_boundary = "Snoopy".md5(uniqid(microtime())); |
|
| 858 | 858 | |
| 859 | - reset($formvars); |
|
| 860 | - while(list($key,$val) = each($formvars)) { |
|
| 861 | - if (is_array($val) || is_object($val)) { |
|
| 862 | - while (list($cur_key, $cur_val) = each($val)) { |
|
| 863 | - $postdata .= "--".$this->_mime_boundary."\r\n"; |
|
| 864 | - $postdata .= "Content-Disposition: form-data; name=\"$key\[\]\"\r\n\r\n"; |
|
| 865 | - $postdata .= "$cur_val\r\n"; |
|
| 866 | - } |
|
| 867 | - } else { |
|
| 868 | - $postdata .= "--".$this->_mime_boundary."\r\n"; |
|
| 869 | - $postdata .= "Content-Disposition: form-data; name=\"$key\"\r\n\r\n"; |
|
| 870 | - $postdata .= "$val\r\n"; |
|
| 871 | - } |
|
| 872 | - } |
|
| 859 | + reset($formvars); |
|
| 860 | + while(list($key,$val) = each($formvars)) { |
|
| 861 | + if (is_array($val) || is_object($val)) { |
|
| 862 | + while (list($cur_key, $cur_val) = each($val)) { |
|
| 863 | + $postdata .= "--".$this->_mime_boundary."\r\n"; |
|
| 864 | + $postdata .= "Content-Disposition: form-data; name=\"$key\[\]\"\r\n\r\n"; |
|
| 865 | + $postdata .= "$cur_val\r\n"; |
|
| 866 | + } |
|
| 867 | + } else { |
|
| 868 | + $postdata .= "--".$this->_mime_boundary."\r\n"; |
|
| 869 | + $postdata .= "Content-Disposition: form-data; name=\"$key\"\r\n\r\n"; |
|
| 870 | + $postdata .= "$val\r\n"; |
|
| 871 | + } |
|
| 872 | + } |
|
| 873 | 873 | |
| 874 | - reset($formfiles); |
|
| 875 | - while (list($field_name, $file_names) = each($formfiles)) { |
|
| 876 | - settype($file_names, "array"); |
|
| 877 | - while (list(, $file_name) = each($file_names)) { |
|
| 878 | - if (!is_readable($file_name)) continue; |
|
| 879 | - |
|
| 880 | - $fp = fopen($file_name, "r"); |
|
| 881 | - $file_content = fread($fp, filesize($file_name)); |
|
| 882 | - fclose($fp); |
|
| 883 | - $base_name = basename($file_name); |
|
| 884 | - |
|
| 885 | - $postdata .= "--".$this->_mime_boundary."\r\n"; |
|
| 886 | - $postdata .= "Content-Disposition: form-data; name=\"$field_name\"; filename=\"$base_name\"\r\n\r\n"; |
|
| 887 | - $postdata .= "$file_content\r\n"; |
|
| 888 | - } |
|
| 889 | - } |
|
| 890 | - $postdata .= "--".$this->_mime_boundary."--\r\n"; |
|
| 891 | - break; |
|
| 892 | - } |
|
| 893 | - |
|
| 894 | - return $postdata; |
|
| 895 | - } |
|
| 874 | + reset($formfiles); |
|
| 875 | + while (list($field_name, $file_names) = each($formfiles)) { |
|
| 876 | + settype($file_names, "array"); |
|
| 877 | + while (list(, $file_name) = each($file_names)) { |
|
| 878 | + if (!is_readable($file_name)) continue; |
|
| 879 | + |
|
| 880 | + $fp = fopen($file_name, "r"); |
|
| 881 | + $file_content = fread($fp, filesize($file_name)); |
|
| 882 | + fclose($fp); |
|
| 883 | + $base_name = basename($file_name); |
|
| 884 | + |
|
| 885 | + $postdata .= "--".$this->_mime_boundary."\r\n"; |
|
| 886 | + $postdata .= "Content-Disposition: form-data; name=\"$field_name\"; filename=\"$base_name\"\r\n\r\n"; |
|
| 887 | + $postdata .= "$file_content\r\n"; |
|
| 888 | + } |
|
| 889 | + } |
|
| 890 | + $postdata .= "--".$this->_mime_boundary."--\r\n"; |
|
| 891 | + break; |
|
| 892 | + } |
|
| 893 | + |
|
| 894 | + return $postdata; |
|
| 895 | + } |
|
| 896 | 896 | } |
| 897 | 897 | \ No newline at end of file |
@@ -42,20 +42,20 @@ discard block |
||
| 42 | 42 | $navigation['myprofile']['url'] = api_get_path(WEB_CODE_PATH).'auth/profile.php'.(!empty($_course['path']) ? '?coursePath='.$_course['path'].'&courseCode='.$_course['official_code'] : '' ); |
| 43 | 43 | $navigation['myprofile']['title'] = get_lang('ModifyProfile'); |
| 44 | 44 | $navigation['myprofile']['key'] = 'profile'; |
| 45 | - // Link to my agenda |
|
| 45 | + // Link to my agenda |
|
| 46 | 46 | $navigation['myagenda']['url'] = api_get_path(WEB_CODE_PATH).'calendar/agenda_js.php?type=personal'; |
| 47 | 47 | $navigation['myagenda']['title'] = get_lang('MyAgenda'); |
| 48 | 48 | $navigation['myagenda']['key'] = 'agenda'; |
| 49 | 49 | |
| 50 | - // Gradebook |
|
| 51 | - if (api_get_setting('gradebook_enable') == 'true') { |
|
| 50 | + // Gradebook |
|
| 51 | + if (api_get_setting('gradebook_enable') == 'true') { |
|
| 52 | 52 | $navigation['mygradebook']['url'] = api_get_path(WEB_CODE_PATH).'gradebook/gradebook.php'.(!empty($_course['path']) ? '?coursePath='.$_course['path'].'&courseCode='.$_course['official_code'] : '' ); |
| 53 | 53 | $navigation['mygradebook']['title'] = get_lang('MyGradebook'); |
| 54 | 54 | $navigation['mygradebook']['key'] = 'gradebook'; |
| 55 | - } |
|
| 55 | + } |
|
| 56 | 56 | |
| 57 | - // Reporting |
|
| 58 | - if (api_is_allowed_to_create_course() || api_is_drh() || api_is_session_admin()) { |
|
| 57 | + // Reporting |
|
| 58 | + if (api_is_allowed_to_create_course() || api_is_drh() || api_is_session_admin()) { |
|
| 59 | 59 | // Link to my space |
| 60 | 60 | $navigation['session_my_space']['url'] = api_get_path(WEB_CODE_PATH).'mySpace/'.(api_is_drh()?'session.php':''); |
| 61 | 61 | $navigation['session_my_space']['title'] = get_lang('MySpace'); |
@@ -79,21 +79,21 @@ discard block |
||
| 79 | 79 | $navigation['session_my_progress']['key'] = 'my-progress'; |
| 80 | 80 | } |
| 81 | 81 | |
| 82 | - // Social |
|
| 83 | - if (api_get_setting('allow_social_tool')=='true') { |
|
| 82 | + // Social |
|
| 83 | + if (api_get_setting('allow_social_tool')=='true') { |
|
| 84 | 84 | $navigation['social']['url'] = api_get_path(WEB_CODE_PATH).'social/home.php'; |
| 85 | 85 | $navigation['social']['title'] = get_lang('SocialNetwork'); |
| 86 | 86 | $navigation['social']['key'] = 'social-network'; |
| 87 | - } |
|
| 87 | + } |
|
| 88 | 88 | |
| 89 | - // Dashboard |
|
| 90 | - if (api_is_platform_admin() || api_is_drh() || api_is_session_admin()) { |
|
| 89 | + // Dashboard |
|
| 90 | + if (api_is_platform_admin() || api_is_drh() || api_is_session_admin()) { |
|
| 91 | 91 | $navigation['dashboard']['url'] = api_get_path(WEB_CODE_PATH).'dashboard/index.php'; |
| 92 | 92 | $navigation['dashboard']['title'] = get_lang('Dashboard'); |
| 93 | 93 | $navigation['dashboard']['key'] = 'dashboard'; |
| 94 | - } |
|
| 94 | + } |
|
| 95 | 95 | |
| 96 | - // Reports |
|
| 96 | + // Reports |
|
| 97 | 97 | /* |
| 98 | 98 | if (api_is_platform_admin() || api_is_drh() || api_is_session_admin()) { |
| 99 | 99 | $navigation['reports']['url'] = api_get_path(WEB_CODE_PATH).'reports/index.php'; |
@@ -116,14 +116,14 @@ discard block |
||
| 116 | 116 | } |
| 117 | 117 | // End Custom Tabs |
| 118 | 118 | |
| 119 | - // Platform administration |
|
| 120 | - if (api_is_platform_admin(true)) { |
|
| 119 | + // Platform administration |
|
| 120 | + if (api_is_platform_admin(true)) { |
|
| 121 | 121 | $navigation['platform_admin']['url'] = api_get_path(WEB_CODE_PATH).'admin/'; |
| 122 | 122 | $navigation['platform_admin']['title'] = get_lang('PlatformAdmin'); |
| 123 | 123 | $navigation['platform_admin']['key'] = 'admin'; |
| 124 | - } |
|
| 124 | + } |
|
| 125 | 125 | |
| 126 | - return $navigation; |
|
| 126 | + return $navigation; |
|
| 127 | 127 | } |
| 128 | 128 | |
| 129 | 129 | /** |
@@ -351,7 +351,7 @@ discard block |
||
| 351 | 351 | } |
| 352 | 352 | } |
| 353 | 353 | |
| 354 | - // Reports |
|
| 354 | + // Reports |
|
| 355 | 355 | if (!empty($possible_tabs['reports'])) { |
| 356 | 356 | if (api_get_setting('show_tabs', 'reports') == 'true') { |
| 357 | 357 | if ((api_is_platform_admin() || api_is_drh() || api_is_session_admin()) && Rights::hasRight('show_tabs:reports')) { |
@@ -492,7 +492,7 @@ discard block |
||
| 492 | 492 | |
| 493 | 493 | $menu = null; |
| 494 | 494 | if (!empty($lis)) { |
| 495 | - $menu .= $lis; |
|
| 495 | + $menu .= $lis; |
|
| 496 | 496 | } |
| 497 | 497 | return $menu; |
| 498 | 498 | } |
@@ -548,7 +548,7 @@ discard block |
||
| 548 | 548 | $navigation_item_my_courses['title'] = get_lang('MyCourses'); |
| 549 | 549 | $navigation_item_my_courses['url'] = api_get_path(WEB_PATH).'user_portal.php'; |
| 550 | 550 | $navigation[] = $navigation_item_my_courses; |
| 551 | - */ |
|
| 551 | + */ |
|
| 552 | 552 | $navigation[] = $navigation_item; |
| 553 | 553 | } |
| 554 | 554 | |
@@ -47,7 +47,7 @@ discard block |
||
| 47 | 47 | if ($height >= $max_size_for_picture) { |
| 48 | 48 | // scale width |
| 49 | 49 | $new_width = round($width * ($max_size_for_picture / $height)); |
| 50 | - $this->image_wrapper->resize($new_width, $max_size_for_picture, 0); |
|
| 50 | + $this->image_wrapper->resize($new_width, $max_size_for_picture, 0); |
|
| 51 | 51 | } |
| 52 | 52 | } |
| 53 | 53 | } |
@@ -149,7 +149,7 @@ discard block |
||
| 149 | 149 | |
| 150 | 150 | public function __construct($path) |
| 151 | 151 | { |
| 152 | - parent::__construct($path); |
|
| 152 | + parent::__construct($path); |
|
| 153 | 153 | } |
| 154 | 154 | |
| 155 | 155 | public function set_image_wrapper() |
@@ -184,19 +184,19 @@ discard block |
||
| 184 | 184 | } |
| 185 | 185 | } |
| 186 | 186 | |
| 187 | - public function get_image_size() |
|
| 187 | + public function get_image_size() |
|
| 188 | 188 | { |
| 189 | - $imagesize = array('width'=>0,'height'=>0); |
|
| 190 | - if ($this->image_validated) { |
|
| 189 | + $imagesize = array('width'=>0,'height'=>0); |
|
| 190 | + if ($this->image_validated) { |
|
| 191 | 191 | $imagesize = $this->image->getImageGeometry(); |
| 192 | - } |
|
| 193 | - return $imagesize; |
|
| 194 | - } |
|
| 192 | + } |
|
| 193 | + return $imagesize; |
|
| 194 | + } |
|
| 195 | 195 | |
| 196 | - //@todo implement border logic case for Imagick |
|
| 197 | - public function resize($thumbw, $thumbh, $border, $specific_size = false) |
|
| 196 | + //@todo implement border logic case for Imagick |
|
| 197 | + public function resize($thumbw, $thumbh, $border, $specific_size = false) |
|
| 198 | 198 | { |
| 199 | - if (!$this->image_validated) return false; |
|
| 199 | + if (!$this->image_validated) return false; |
|
| 200 | 200 | |
| 201 | 201 | if ($specific_size) { |
| 202 | 202 | $width = $thumbw; |
@@ -206,10 +206,10 @@ discard block |
||
| 206 | 206 | $width = (int)($this->width * $scale); |
| 207 | 207 | $height = (int)($this->height * $scale); |
| 208 | 208 | } |
| 209 | - $result = $this->image->resizeImage($width, $height, $this->filter, 1); |
|
| 210 | - $this->width = $thumbw; |
|
| 211 | - $this->height = $thumbh; |
|
| 212 | - } |
|
| 209 | + $result = $this->image->resizeImage($width, $height, $this->filter, 1); |
|
| 210 | + $this->width = $thumbw; |
|
| 211 | + $this->height = $thumbh; |
|
| 212 | + } |
|
| 213 | 213 | |
| 214 | 214 | /** |
| 215 | 215 | * @author José Loguercio <[email protected]> |
@@ -224,8 +224,8 @@ discard block |
||
| 224 | 224 | public function crop($x, $y, $width, $height, $src_width, $src_height) { |
| 225 | 225 | if (!$this->image_validated) return false; |
| 226 | 226 | $this->image->cropimage($width, $height, $x, $y); |
| 227 | - $this->width = $width; |
|
| 228 | - $this->height = $height; |
|
| 227 | + $this->width = $width; |
|
| 228 | + $this->height = $height; |
|
| 229 | 229 | } |
| 230 | 230 | |
| 231 | 231 | public function send_image($file = '', $compress = -1, $convert_file_to = null) |
@@ -235,35 +235,35 @@ discard block |
||
| 235 | 235 | if (!empty($convert_file_to) && in_array($convert_file_to, $this->allowed_extensions)) { |
| 236 | 236 | $type = $convert_file_to; |
| 237 | 237 | } |
| 238 | - switch ($type) { |
|
| 239 | - case 'jpeg': |
|
| 240 | - case 'jpg': |
|
| 241 | - if (!$file) header("Content-type: image/jpeg"); |
|
| 242 | - break; |
|
| 243 | - case 'png': |
|
| 244 | - if (!$file) header("Content-type: image/png"); |
|
| 245 | - break; |
|
| 246 | - case 'gif': |
|
| 247 | - if (!$file) header("Content-type: image/gif"); |
|
| 248 | - break; |
|
| 249 | - } |
|
| 250 | - $result = false; |
|
| 251 | - try { |
|
| 252 | - $result = $this->image->writeImage($file); |
|
| 253 | - } catch(ImagickException $e) { |
|
| 238 | + switch ($type) { |
|
| 239 | + case 'jpeg': |
|
| 240 | + case 'jpg': |
|
| 241 | + if (!$file) header("Content-type: image/jpeg"); |
|
| 242 | + break; |
|
| 243 | + case 'png': |
|
| 244 | + if (!$file) header("Content-type: image/png"); |
|
| 245 | + break; |
|
| 246 | + case 'gif': |
|
| 247 | + if (!$file) header("Content-type: image/gif"); |
|
| 248 | + break; |
|
| 249 | + } |
|
| 250 | + $result = false; |
|
| 251 | + try { |
|
| 252 | + $result = $this->image->writeImage($file); |
|
| 253 | + } catch(ImagickException $e) { |
|
| 254 | 254 | if ($this->debug) error_log($e->getMessage()); |
| 255 | 255 | } |
| 256 | 256 | |
| 257 | - if (!$file) { |
|
| 258 | - echo $this->image; |
|
| 259 | - $this->image->clear(); |
|
| 257 | + if (!$file) { |
|
| 258 | + echo $this->image; |
|
| 259 | + $this->image->clear(); |
|
| 260 | 260 | $this->image->destroy(); |
| 261 | - } else { |
|
| 262 | - $this->image->clear(); |
|
| 261 | + } else { |
|
| 262 | + $this->image->clear(); |
|
| 263 | 263 | $this->image->destroy(); |
| 264 | - return $result; |
|
| 265 | - } |
|
| 266 | - } |
|
| 264 | + return $result; |
|
| 265 | + } |
|
| 266 | + } |
|
| 267 | 267 | |
| 268 | 268 | } |
| 269 | 269 | |
@@ -285,21 +285,21 @@ discard block |
||
| 285 | 285 | $this->fill_image_info(); |
| 286 | 286 | |
| 287 | 287 | switch ($this->type) { |
| 288 | - case 0: |
|
| 289 | - $handler = false; |
|
| 290 | - break; |
|
| 291 | - case 1 : |
|
| 288 | + case 0: |
|
| 289 | + $handler = false; |
|
| 290 | + break; |
|
| 291 | + case 1 : |
|
| 292 | 292 | $handler = @imagecreatefromgif($this->path); |
| 293 | 293 | $this->type = 'gif'; |
| 294 | 294 | break; |
| 295 | - case 2 : |
|
| 295 | + case 2 : |
|
| 296 | 296 | $handler = @imagecreatefromjpeg($this->path); |
| 297 | 297 | $this->type = 'jpg'; |
| 298 | 298 | break; |
| 299 | - case 3 : |
|
| 300 | - $handler = @imagecreatefrompng($this->path); |
|
| 301 | - $this->type = 'png'; |
|
| 302 | - break; |
|
| 299 | + case 3 : |
|
| 300 | + $handler = @imagecreatefrompng($this->path); |
|
| 301 | + $this->type = 'png'; |
|
| 302 | + break; |
|
| 303 | 303 | } |
| 304 | 304 | if ($handler) { |
| 305 | 305 | $this->image_validated = true; |
@@ -313,29 +313,29 @@ discard block |
||
| 313 | 313 | { |
| 314 | 314 | $return_array = array('width'=>0,'height'=>0); |
| 315 | 315 | if ($this->image_validated) { |
| 316 | - $return_array = array('width'=>$this->width,'height'=>$this->height); |
|
| 316 | + $return_array = array('width'=>$this->width,'height'=>$this->height); |
|
| 317 | 317 | } |
| 318 | 318 | return $return_array; |
| 319 | - } |
|
| 319 | + } |
|
| 320 | 320 | |
| 321 | 321 | public function fill_image_info() |
| 322 | 322 | { |
| 323 | - if (file_exists($this->path)) { |
|
| 324 | - $image_info = getimagesize($this->path); |
|
| 325 | - $this->width = $image_info[0]; |
|
| 326 | - $this->height = $image_info[1]; |
|
| 327 | - $this->type = $image_info[2]; |
|
| 328 | - } else { |
|
| 329 | - $this->width = 0; |
|
| 330 | - $this->height = 0; |
|
| 331 | - $this->type = 0; |
|
| 332 | - } |
|
| 323 | + if (file_exists($this->path)) { |
|
| 324 | + $image_info = getimagesize($this->path); |
|
| 325 | + $this->width = $image_info[0]; |
|
| 326 | + $this->height = $image_info[1]; |
|
| 327 | + $this->type = $image_info[2]; |
|
| 328 | + } else { |
|
| 329 | + $this->width = 0; |
|
| 330 | + $this->height = 0; |
|
| 331 | + $this->type = 0; |
|
| 332 | + } |
|
| 333 | 333 | } |
| 334 | 334 | |
| 335 | 335 | public function resize($thumbw, $thumbh, $border, $specific_size = false) |
| 336 | 336 | { |
| 337 | 337 | if (!$this->image_validated) return false; |
| 338 | - if ($border == 1) { |
|
| 338 | + if ($border == 1) { |
|
| 339 | 339 | if ($specific_size) { |
| 340 | 340 | $width = $thumbw; |
| 341 | 341 | $height = $thumbh; |
@@ -344,17 +344,17 @@ discard block |
||
| 344 | 344 | $width = (int)($this->width * $scale); |
| 345 | 345 | $height = (int)($this->height * $scale); |
| 346 | 346 | } |
| 347 | - $deltaw = (int)(($thumbw - $width) / 2); |
|
| 348 | - $deltah = (int)(($thumbh - $height) / 2); |
|
| 349 | - $dst_img = @ImageCreateTrueColor($thumbw, $thumbh); |
|
| 350 | - @imagealphablending($dst_img, false); |
|
| 351 | - @imagesavealpha($dst_img, true); |
|
| 352 | - if (!empty($this->color)) { |
|
| 353 | - @imagefill($dst_img, 0, 0, $this->color); |
|
| 354 | - } |
|
| 355 | - $this->width = $thumbw; |
|
| 356 | - $this->height = $thumbh; |
|
| 357 | - } elseif ($border == 0) { |
|
| 347 | + $deltaw = (int)(($thumbw - $width) / 2); |
|
| 348 | + $deltah = (int)(($thumbh - $height) / 2); |
|
| 349 | + $dst_img = @ImageCreateTrueColor($thumbw, $thumbh); |
|
| 350 | + @imagealphablending($dst_img, false); |
|
| 351 | + @imagesavealpha($dst_img, true); |
|
| 352 | + if (!empty($this->color)) { |
|
| 353 | + @imagefill($dst_img, 0, 0, $this->color); |
|
| 354 | + } |
|
| 355 | + $this->width = $thumbw; |
|
| 356 | + $this->height = $thumbh; |
|
| 357 | + } elseif ($border == 0) { |
|
| 358 | 358 | if ($specific_size) { |
| 359 | 359 | $width = $thumbw; |
| 360 | 360 | $height = $thumbh; |
@@ -363,19 +363,19 @@ discard block |
||
| 363 | 363 | $width = (int)($this->width * $scale); |
| 364 | 364 | $height = (int)($this->height * $scale); |
| 365 | 365 | } |
| 366 | - $deltaw = 0; |
|
| 367 | - $deltah = 0; |
|
| 368 | - $dst_img = @ImageCreateTrueColor($width, $height); |
|
| 369 | - @imagealphablending($dst_img, false); |
|
| 370 | - @imagesavealpha($dst_img, true); |
|
| 371 | - $this->width = $width; |
|
| 372 | - $this->height = $height; |
|
| 373 | - } |
|
| 374 | - $src_img = $this->bg; |
|
| 375 | - @ImageCopyResampled($dst_img, $src_img, $deltaw, $deltah, 0, 0, $width, $height, ImageSX($src_img), ImageSY($src_img)); |
|
| 376 | - $this->bg = $dst_img; |
|
| 377 | - @imagedestroy($src_img); |
|
| 378 | - } |
|
| 366 | + $deltaw = 0; |
|
| 367 | + $deltah = 0; |
|
| 368 | + $dst_img = @ImageCreateTrueColor($width, $height); |
|
| 369 | + @imagealphablending($dst_img, false); |
|
| 370 | + @imagesavealpha($dst_img, true); |
|
| 371 | + $this->width = $width; |
|
| 372 | + $this->height = $height; |
|
| 373 | + } |
|
| 374 | + $src_img = $this->bg; |
|
| 375 | + @ImageCopyResampled($dst_img, $src_img, $deltaw, $deltah, 0, 0, $width, $height, ImageSX($src_img), ImageSY($src_img)); |
|
| 376 | + $this->bg = $dst_img; |
|
| 377 | + @imagedestroy($src_img); |
|
| 378 | + } |
|
| 379 | 379 | |
| 380 | 380 | /** |
| 381 | 381 | * @author José Loguercio <[email protected]> |
@@ -389,7 +389,7 @@ discard block |
||
| 389 | 389 | public function crop($x, $y, $width, $height, $src_width, $src_height) { |
| 390 | 390 | if (!$this->image_validated) return false; |
| 391 | 391 | $this->width = $width; |
| 392 | - $this->height = $height; |
|
| 392 | + $this->height = $height; |
|
| 393 | 393 | $src = null; |
| 394 | 394 | $dest = @imagecreatetruecolor($width, $height); |
| 395 | 395 | $type = $this->type; |
@@ -400,56 +400,56 @@ discard block |
||
| 400 | 400 | @imagecopy($dest, $src, 0, 0, $x, $y, $src_width, $src_height); |
| 401 | 401 | @imagejpeg($dest, $this->path); |
| 402 | 402 | break; |
| 403 | - case 'png' : |
|
| 403 | + case 'png' : |
|
| 404 | 404 | $src = @imagecreatefrompng($this->path); |
| 405 | 405 | @imagecopy($dest, $src, 0, 0, $x, $y, $src_width, $src_height); |
| 406 | 406 | @imagepng($dest, $this->path); |
| 407 | 407 | break; |
| 408 | - case 'gif' : |
|
| 409 | - $src = @imagecreatefromgif($this->path); |
|
| 408 | + case 'gif' : |
|
| 409 | + $src = @imagecreatefromgif($this->path); |
|
| 410 | 410 | @imagecopy($dest, $src, 0, 0, $x, $y, $src_width, $src_height); |
| 411 | 411 | @imagegif($dest, $this->path); |
| 412 | - break; |
|
| 412 | + break; |
|
| 413 | 413 | default: return 0; |
| 414 | 414 | } |
| 415 | 415 | @imagedestroy($dest); |
| 416 | 416 | @imagedestroy($src); |
| 417 | 417 | } |
| 418 | 418 | |
| 419 | - public function send_image($file = '', $compress = -1, $convert_file_to = null) |
|
| 419 | + public function send_image($file = '', $compress = -1, $convert_file_to = null) |
|
| 420 | 420 | { |
| 421 | - if (!$this->image_validated) return false; |
|
| 421 | + if (!$this->image_validated) return false; |
|
| 422 | 422 | $compress = (int)$compress; |
| 423 | 423 | $type = $this->type; |
| 424 | 424 | if (!empty($convert_file_to) && in_array($convert_file_to, $this->allowed_extensions)) { |
| 425 | 425 | $type = $convert_file_to; |
| 426 | 426 | } |
| 427 | - switch ($type) { |
|
| 428 | - case 'jpeg': |
|
| 429 | - case 'jpg': |
|
| 430 | - if (!$file) header("Content-type: image/jpeg"); |
|
| 431 | - if ($compress == -1) $compress = 100; |
|
| 432 | - return imagejpeg($this->bg, $file, $compress); |
|
| 433 | - break; |
|
| 434 | - case 'png': |
|
| 435 | - if (!$file) header("Content-type: image/png"); |
|
| 436 | - if ($compress != -1) { |
|
| 437 | - @imagetruecolortopalette($this->bg, true, $compress); |
|
| 438 | - } |
|
| 439 | - return imagepng($this->bg, $file, $compress); |
|
| 440 | - break; |
|
| 441 | - case 'gif': |
|
| 442 | - if (!$file) header("Content-type: image/gif"); |
|
| 443 | - if ($compress != -1) { |
|
| 444 | - @imagetruecolortopalette($this->bg, true, $compress); |
|
| 445 | - } |
|
| 446 | - return imagegif($this->bg, $file, $compress); |
|
| 447 | - break; |
|
| 448 | - default: return 0; |
|
| 449 | - } |
|
| 450 | - // TODO: Occupied memory is not released, because the following fragment of code is actually dead. |
|
| 451 | - @imagedestroy($this->bg); |
|
| 452 | - } |
|
| 427 | + switch ($type) { |
|
| 428 | + case 'jpeg': |
|
| 429 | + case 'jpg': |
|
| 430 | + if (!$file) header("Content-type: image/jpeg"); |
|
| 431 | + if ($compress == -1) $compress = 100; |
|
| 432 | + return imagejpeg($this->bg, $file, $compress); |
|
| 433 | + break; |
|
| 434 | + case 'png': |
|
| 435 | + if (!$file) header("Content-type: image/png"); |
|
| 436 | + if ($compress != -1) { |
|
| 437 | + @imagetruecolortopalette($this->bg, true, $compress); |
|
| 438 | + } |
|
| 439 | + return imagepng($this->bg, $file, $compress); |
|
| 440 | + break; |
|
| 441 | + case 'gif': |
|
| 442 | + if (!$file) header("Content-type: image/gif"); |
|
| 443 | + if ($compress != -1) { |
|
| 444 | + @imagetruecolortopalette($this->bg, true, $compress); |
|
| 445 | + } |
|
| 446 | + return imagegif($this->bg, $file, $compress); |
|
| 447 | + break; |
|
| 448 | + default: return 0; |
|
| 449 | + } |
|
| 450 | + // TODO: Occupied memory is not released, because the following fragment of code is actually dead. |
|
| 451 | + @imagedestroy($this->bg); |
|
| 452 | + } |
|
| 453 | 453 | |
| 454 | 454 | /** |
| 455 | 455 | * Convert image to black & white |
@@ -25,10 +25,10 @@ discard block |
||
| 25 | 25 | ); |
| 26 | 26 | public $is_course_model = true; |
| 27 | 27 | |
| 28 | - public function __construct() |
|
| 28 | + public function __construct() |
|
| 29 | 29 | { |
| 30 | 30 | $this->table = Database::get_course_table(TABLE_TIMELINE); |
| 31 | - } |
|
| 31 | + } |
|
| 32 | 32 | |
| 33 | 33 | /** |
| 34 | 34 | * Get the count of elements |
@@ -52,16 +52,16 @@ discard block |
||
| 52 | 52 | /** |
| 53 | 53 | * Displays the title + grid |
| 54 | 54 | */ |
| 55 | - public function listing() |
|
| 55 | + public function listing() |
|
| 56 | 56 | { |
| 57 | - // action links |
|
| 58 | - $html = '<div class="actions">'; |
|
| 57 | + // action links |
|
| 58 | + $html = '<div class="actions">'; |
|
| 59 | 59 | //$html .= '<a href="career_dashboard.php">'.Display::return_icon('back.png',get_lang('Back'),'','32').'</a>'; |
| 60 | - $html .= '<a href="'.api_get_self().'?action=add">'.Display::return_icon('add.png', get_lang('Add'),'','32').'</a>'; |
|
| 61 | - $html .= '</div>'; |
|
| 60 | + $html .= '<a href="'.api_get_self().'?action=add">'.Display::return_icon('add.png', get_lang('Add'),'','32').'</a>'; |
|
| 61 | + $html .= '</div>'; |
|
| 62 | 62 | $html .= Display::grid_html('timelines'); |
| 63 | 63 | return $html; |
| 64 | - } |
|
| 64 | + } |
|
| 65 | 65 | |
| 66 | 66 | public function get_status_list() |
| 67 | 67 | { |
@@ -89,7 +89,7 @@ discard block |
||
| 89 | 89 | |
| 90 | 90 | $form->addElement('text', 'headline', get_lang('Name'), array('size' => '70')); |
| 91 | 91 | //$form->addHtmlEditor('description', get_lang('Description'), false, false, array('ToolbarSet' => 'Careers','Width' => '100%', 'Height' => '250')); |
| 92 | - $status_list = $this->get_status_list(); |
|
| 92 | + $status_list = $this->get_status_list(); |
|
| 93 | 93 | $form->addElement('select', 'status', get_lang('Status'), $status_list); |
| 94 | 94 | if ($action == 'edit') { |
| 95 | 95 | //$form->addElement('text', 'created_at', get_lang('CreatedAt')); |
@@ -173,7 +173,7 @@ discard block |
||
| 173 | 173 | |
| 174 | 174 | // Setting the rules |
| 175 | 175 | $form->addRule('headline', get_lang('ThisFieldIsRequired'), 'required'); |
| 176 | - return $form; |
|
| 176 | + return $form; |
|
| 177 | 177 | |
| 178 | 178 | } |
| 179 | 179 | |
@@ -184,11 +184,11 @@ discard block |
||
| 184 | 184 | public function save_item($params) |
| 185 | 185 | { |
| 186 | 186 | $params['c_id'] = api_get_course_int_id(); |
| 187 | - $id = parent::save($params); |
|
| 188 | - if (!empty($id)) { |
|
| 189 | - //event_system(LOG_CAREER_CREATE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id()); |
|
| 190 | - } |
|
| 191 | - return $id; |
|
| 187 | + $id = parent::save($params); |
|
| 188 | + if (!empty($id)) { |
|
| 189 | + //event_system(LOG_CAREER_CREATE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id()); |
|
| 190 | + } |
|
| 191 | + return $id; |
|
| 192 | 192 | } |
| 193 | 193 | |
| 194 | 194 | /** |
@@ -199,16 +199,16 @@ discard block |
||
| 199 | 199 | $params['c_id'] = api_get_course_int_id(); |
| 200 | 200 | $params['parent_id'] = '0'; |
| 201 | 201 | $params['type'] = 'default'; |
| 202 | - $id = parent::save($params); |
|
| 203 | - if (!empty($id)) { |
|
| 204 | - //event_system(LOG_CAREER_CREATE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id()); |
|
| 205 | - } |
|
| 206 | - return $id; |
|
| 202 | + $id = parent::save($params); |
|
| 203 | + if (!empty($id)) { |
|
| 204 | + //event_system(LOG_CAREER_CREATE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id()); |
|
| 205 | + } |
|
| 206 | + return $id; |
|
| 207 | 207 | } |
| 208 | 208 | |
| 209 | 209 | public function delete($id) { |
| 210 | - parent::delete($id); |
|
| 211 | - //event_system(LOG_CAREER_DELETE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id()); |
|
| 210 | + parent::delete($id); |
|
| 211 | + //event_system(LOG_CAREER_DELETE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id()); |
|
| 212 | 212 | } |
| 213 | 213 | |
| 214 | 214 | public function get_url($id) { |
@@ -247,7 +247,7 @@ discard block |
||
| 247 | 247 | $item['asset'] = array( 'media' => $item['media'], |
| 248 | 248 | 'credit' => $item['media_credit'], |
| 249 | 249 | 'caption' => $item['media_caption'], |
| 250 | - ); |
|
| 250 | + ); |
|
| 251 | 251 | |
| 252 | 252 | //Cleaning items |
| 253 | 253 | unset($item['id']); |
@@ -11,15 +11,15 @@ discard block |
||
| 11 | 11 | class UrlManager |
| 12 | 12 | { |
| 13 | 13 | /** |
| 14 | - * Creates a new url access |
|
| 15 | - * |
|
| 16 | - * @author Julio Montoya <[email protected]>, |
|
| 17 | - * |
|
| 18 | - * @param string $url The URL of the site |
|
| 19 | - * @param string $description The description of the site |
|
| 20 | - * @param int $active is active or not |
|
| 21 | - * @return boolean if success |
|
| 22 | - */ |
|
| 14 | + * Creates a new url access |
|
| 15 | + * |
|
| 16 | + * @author Julio Montoya <[email protected]>, |
|
| 17 | + * |
|
| 18 | + * @param string $url The URL of the site |
|
| 19 | + * @param string $description The description of the site |
|
| 20 | + * @param int $active is active or not |
|
| 21 | + * @return boolean if success |
|
| 22 | + */ |
|
| 23 | 23 | public static function add($url, $description, $active) |
| 24 | 24 | { |
| 25 | 25 | $tms = time(); |
@@ -36,15 +36,15 @@ discard block |
||
| 36 | 36 | } |
| 37 | 37 | |
| 38 | 38 | /** |
| 39 | - * Updates an URL access |
|
| 40 | - * @author Julio Montoya <[email protected]>, |
|
| 41 | - * |
|
| 42 | - * @param int $url_id The url id |
|
| 43 | - * @param string $url |
|
| 44 | - * @param string $description The description of the site |
|
| 45 | - * @param int $active is active or not |
|
| 46 | - * @return boolean if success |
|
| 47 | - */ |
|
| 39 | + * Updates an URL access |
|
| 40 | + * @author Julio Montoya <[email protected]>, |
|
| 41 | + * |
|
| 42 | + * @param int $url_id The url id |
|
| 43 | + * @param string $url |
|
| 44 | + * @param string $description The description of the site |
|
| 45 | + * @param int $active is active or not |
|
| 46 | + * @return boolean if success |
|
| 47 | + */ |
|
| 48 | 48 | public static function update($url_id, $url, $description, $active) |
| 49 | 49 | { |
| 50 | 50 | $url_id = intval($url_id); |
@@ -63,12 +63,12 @@ discard block |
||
| 63 | 63 | } |
| 64 | 64 | |
| 65 | 65 | /** |
| 66 | - * Deletes an url |
|
| 67 | - * @author Julio Montoya |
|
| 68 | - * @param int $id url id |
|
| 66 | + * Deletes an url |
|
| 67 | + * @author Julio Montoya |
|
| 68 | + * @param int $id url id |
|
| 69 | 69 | * |
| 70 | - * @return boolean true if success |
|
| 71 | - * */ |
|
| 70 | + * @return boolean true if success |
|
| 71 | + * */ |
|
| 72 | 72 | public static function delete($id) |
| 73 | 73 | { |
| 74 | 74 | $id = intval($id); |
@@ -200,12 +200,12 @@ discard block |
||
| 200 | 200 | } |
| 201 | 201 | |
| 202 | 202 | /** |
| 203 | - * Gets the inner join of access_url and the course table |
|
| 204 | - * |
|
| 205 | - * @author Julio Montoya |
|
| 206 | - * @param int access url id |
|
| 207 | - * @return array Database::store_result of the result |
|
| 208 | - **/ |
|
| 203 | + * Gets the inner join of access_url and the course table |
|
| 204 | + * |
|
| 205 | + * @author Julio Montoya |
|
| 206 | + * @param int access url id |
|
| 207 | + * @return array Database::store_result of the result |
|
| 208 | + **/ |
|
| 209 | 209 | public static function get_url_rel_course_data($access_url_id = null) |
| 210 | 210 | { |
| 211 | 211 | $where = ''; |
@@ -362,12 +362,12 @@ discard block |
||
| 362 | 362 | } |
| 363 | 363 | |
| 364 | 364 | /** |
| 365 | - * Checks the relationship between an URL and a User (return the num_rows) |
|
| 366 | - * @author Julio Montoya |
|
| 367 | - * @param int user id |
|
| 368 | - * @param int url id |
|
| 369 | - * @return boolean true if success |
|
| 370 | - * */ |
|
| 365 | + * Checks the relationship between an URL and a User (return the num_rows) |
|
| 366 | + * @author Julio Montoya |
|
| 367 | + * @param int user id |
|
| 368 | + * @param int url id |
|
| 369 | + * @return boolean true if success |
|
| 370 | + * */ |
|
| 371 | 371 | public static function relation_url_user_exist($user_id, $url_id) |
| 372 | 372 | { |
| 373 | 373 | $table = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); |
@@ -377,15 +377,15 @@ discard block |
||
| 377 | 377 | $num = Database::num_rows($result); |
| 378 | 378 | |
| 379 | 379 | return $num; |
| 380 | - } |
|
| 380 | + } |
|
| 381 | 381 | |
| 382 | 382 | /** |
| 383 | - * Checks the relationship between an URL and a Course (return the num_rows) |
|
| 384 | - * @author Julio Montoya |
|
| 385 | - * @param int $courseId |
|
| 386 | - * @param int $urlId |
|
| 387 | - * @return boolean true if success |
|
| 388 | - * */ |
|
| 383 | + * Checks the relationship between an URL and a Course (return the num_rows) |
|
| 384 | + * @author Julio Montoya |
|
| 385 | + * @param int $courseId |
|
| 386 | + * @param int $urlId |
|
| 387 | + * @return boolean true if success |
|
| 388 | + * */ |
|
| 389 | 389 | public static function relation_url_course_exist($courseId, $urlId) |
| 390 | 390 | { |
| 391 | 391 | $table_url_rel_course = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE); |
@@ -420,12 +420,12 @@ discard block |
||
| 420 | 420 | } |
| 421 | 421 | |
| 422 | 422 | /** |
| 423 | - * Checks the relationship between an URL and a Session (return the num_rows) |
|
| 424 | - * @author Julio Montoya |
|
| 425 | - * @param int user id |
|
| 426 | - * @param int url id |
|
| 427 | - * @return boolean true if success |
|
| 428 | - * */ |
|
| 423 | + * Checks the relationship between an URL and a Session (return the num_rows) |
|
| 424 | + * @author Julio Montoya |
|
| 425 | + * @param int user id |
|
| 426 | + * @param int url id |
|
| 427 | + * @return boolean true if success |
|
| 428 | + * */ |
|
| 429 | 429 | public static function relation_url_session_exist($session_id, $url_id) |
| 430 | 430 | { |
| 431 | 431 | $table_url_rel_session= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION); |
@@ -737,13 +737,13 @@ discard block |
||
| 737 | 737 | } |
| 738 | 738 | |
| 739 | 739 | /** |
| 740 | - * Deletes an url and user relationship |
|
| 741 | - * @author Julio Montoya |
|
| 742 | - * @param int user id |
|
| 743 | - * @param int url id |
|
| 740 | + * Deletes an url and user relationship |
|
| 741 | + * @author Julio Montoya |
|
| 742 | + * @param int user id |
|
| 743 | + * @param int url id |
|
| 744 | 744 | * |
| 745 | - * @return boolean true if success |
|
| 746 | - * */ |
|
| 745 | + * @return boolean true if success |
|
| 746 | + * */ |
|
| 747 | 747 | public static function delete_url_rel_user($user_id, $url_id) |
| 748 | 748 | { |
| 749 | 749 | $table_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); |
@@ -758,13 +758,13 @@ discard block |
||
| 758 | 758 | } |
| 759 | 759 | |
| 760 | 760 | /** |
| 761 | - * Deletes an url and course relationship |
|
| 762 | - * @author Julio Montoya |
|
| 763 | - * @param int $courseId |
|
| 764 | - * @param int $urlId |
|
| 761 | + * Deletes an url and course relationship |
|
| 762 | + * @author Julio Montoya |
|
| 763 | + * @param int $courseId |
|
| 764 | + * @param int $urlId |
|
| 765 | 765 | * |
| 766 | - * @return boolean true if success |
|
| 767 | - * */ |
|
| 766 | + * @return boolean true if success |
|
| 767 | + * */ |
|
| 768 | 768 | public static function delete_url_rel_course($courseId, $urlId) |
| 769 | 769 | { |
| 770 | 770 | $table_url_rel_course= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE); |
@@ -814,13 +814,13 @@ discard block |
||
| 814 | 814 | } |
| 815 | 815 | |
| 816 | 816 | /** |
| 817 | - * Deletes an url and session relationship |
|
| 818 | - * @author Julio Montoya |
|
| 819 | - * @param char course code |
|
| 820 | - * @param int url id |
|
| 817 | + * Deletes an url and session relationship |
|
| 818 | + * @author Julio Montoya |
|
| 819 | + * @param char course code |
|
| 820 | + * @param int url id |
|
| 821 | 821 | * |
| 822 | - * @return boolean true if success |
|
| 823 | - * */ |
|
| 822 | + * @return boolean true if success |
|
| 823 | + * */ |
|
| 824 | 824 | public static function delete_url_rel_session($session_id, $url_id) |
| 825 | 825 | { |
| 826 | 826 | $table_url_rel_session = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION); |
@@ -31,8 +31,8 @@ discard block |
||
| 31 | 31 | |
| 32 | 32 | |
| 33 | 33 | function kses($string, $allowed_html, $allowed_protocols = |
| 34 | - array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', |
|
| 35 | - 'gopher', 'mailto')) |
|
| 34 | + array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', |
|
| 35 | + 'gopher', 'mailto')) |
|
| 36 | 36 | ############################################################################### |
| 37 | 37 | # This function makes sure that only the allowed HTML element names, attribute |
| 38 | 38 | # names and attribute values plus only sane HTML entities will occur in |
@@ -40,12 +40,12 @@ discard block |
||
| 40 | 40 | # call this function. |
| 41 | 41 | ############################################################################### |
| 42 | 42 | { |
| 43 | - $string = kses_no_null($string); |
|
| 44 | - $string = kses_js_entities($string); |
|
| 45 | - $string = kses_normalize_entities($string); |
|
| 46 | - $string = kses_hook($string); |
|
| 47 | - $allowed_html_fixed = kses_array_lc($allowed_html); |
|
| 48 | - return kses_split($string, $allowed_html_fixed, $allowed_protocols); |
|
| 43 | + $string = kses_no_null($string); |
|
| 44 | + $string = kses_js_entities($string); |
|
| 45 | + $string = kses_normalize_entities($string); |
|
| 46 | + $string = kses_hook($string); |
|
| 47 | + $allowed_html_fixed = kses_array_lc($allowed_html); |
|
| 48 | + return kses_split($string, $allowed_html_fixed, $allowed_protocols); |
|
| 49 | 49 | } # function kses |
| 50 | 50 | |
| 51 | 51 | |
@@ -54,7 +54,7 @@ discard block |
||
| 54 | 54 | # You add any kses hooks here. |
| 55 | 55 | ############################################################################### |
| 56 | 56 | { |
| 57 | - return $string; |
|
| 57 | + return $string; |
|
| 58 | 58 | } # function kses_hook |
| 59 | 59 | |
| 60 | 60 | |
@@ -63,7 +63,7 @@ discard block |
||
| 63 | 63 | # This function returns kses' version number. |
| 64 | 64 | ############################################################################### |
| 65 | 65 | { |
| 66 | - return '0.2.2'; |
|
| 66 | + return '0.2.2'; |
|
| 67 | 67 | } # function kses_version |
| 68 | 68 | |
| 69 | 69 | |
@@ -73,13 +73,13 @@ discard block |
||
| 73 | 73 | # matches stray ">" characters. |
| 74 | 74 | ############################################################################### |
| 75 | 75 | { |
| 76 | - return preg_replace('%(<'. # EITHER: < |
|
| 77 | - '[^>]*'. # things that aren't > |
|
| 78 | - '(>|$)'. # > or end of string |
|
| 79 | - '|>)%e', # OR: just a > |
|
| 80 | - "kses_split2('\\1', \$allowed_html, ". |
|
| 81 | - '$allowed_protocols)', |
|
| 82 | - $string); |
|
| 76 | + return preg_replace('%(<'. # EITHER: < |
|
| 77 | + '[^>]*'. # things that aren't > |
|
| 78 | + '(>|$)'. # > or end of string |
|
| 79 | + '|>)%e', # OR: just a > |
|
| 80 | + "kses_split2('\\1', \$allowed_html, ". |
|
| 81 | + '$allowed_protocols)', |
|
| 82 | + $string); |
|
| 83 | 83 | } # function kses_split |
| 84 | 84 | |
| 85 | 85 | |
@@ -91,30 +91,30 @@ discard block |
||
| 91 | 91 | # attribute list. |
| 92 | 92 | ############################################################################### |
| 93 | 93 | { |
| 94 | - $string = kses_stripslashes($string); |
|
| 94 | + $string = kses_stripslashes($string); |
|
| 95 | 95 | |
| 96 | - if (substr($string, 0, 1) != '<') |
|
| 96 | + if (substr($string, 0, 1) != '<') |
|
| 97 | 97 | return '>'; |
| 98 | 98 | # It matched a ">" character |
| 99 | 99 | |
| 100 | - if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) |
|
| 100 | + if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) |
|
| 101 | 101 | return ''; |
| 102 | 102 | # It's seriously malformed |
| 103 | 103 | |
| 104 | - $slash = trim($matches[1]); |
|
| 105 | - $elem = $matches[2]; |
|
| 106 | - $attrlist = $matches[3]; |
|
| 104 | + $slash = trim($matches[1]); |
|
| 105 | + $elem = $matches[2]; |
|
| 106 | + $attrlist = $matches[3]; |
|
| 107 | 107 | |
| 108 | - if (!@isset($allowed_html[strtolower($elem)])) |
|
| 108 | + if (!@isset($allowed_html[strtolower($elem)])) |
|
| 109 | 109 | return ''; |
| 110 | 110 | # They are using a not allowed HTML element |
| 111 | 111 | |
| 112 | - if ($slash != '') |
|
| 112 | + if ($slash != '') |
|
| 113 | 113 | return "<$slash$elem>"; |
| 114 | - # No attributes are allowed for closing elements |
|
| 114 | + # No attributes are allowed for closing elements |
|
| 115 | 115 | |
| 116 | - return kses_attr("$slash$elem", $attrlist, $allowed_html, |
|
| 117 | - $allowed_protocols); |
|
| 116 | + return kses_attr("$slash$elem", $attrlist, $allowed_html, |
|
| 117 | + $allowed_protocols); |
|
| 118 | 118 | } # function kses_split2 |
| 119 | 119 | |
| 120 | 120 | |
@@ -130,56 +130,56 @@ discard block |
||
| 130 | 130 | { |
| 131 | 131 | # Is there a closing XHTML slash at the end of the attributes? |
| 132 | 132 | |
| 133 | - $xhtml_slash = ''; |
|
| 134 | - if (preg_match('%\s/\s*$%', $attr)) |
|
| 133 | + $xhtml_slash = ''; |
|
| 134 | + if (preg_match('%\s/\s*$%', $attr)) |
|
| 135 | 135 | $xhtml_slash = ' /'; |
| 136 | 136 | |
| 137 | 137 | # Are any attributes allowed at all for this element? |
| 138 | 138 | |
| 139 | - if (@count($allowed_html[strtolower($element)]) == 0) |
|
| 139 | + if (@count($allowed_html[strtolower($element)]) == 0) |
|
| 140 | 140 | return "<$element$xhtml_slash>"; |
| 141 | 141 | |
| 142 | 142 | # Split it |
| 143 | 143 | |
| 144 | - $attrarr = kses_hair($attr, $allowed_protocols); |
|
| 144 | + $attrarr = kses_hair($attr, $allowed_protocols); |
|
| 145 | 145 | |
| 146 | 146 | # Go through $attrarr, and save the allowed attributes for this element |
| 147 | 147 | # in $attr2 |
| 148 | 148 | |
| 149 | - $attr2 = ''; |
|
| 149 | + $attr2 = ''; |
|
| 150 | 150 | |
| 151 | - foreach ($attrarr as $arreach) |
|
| 152 | - { |
|
| 151 | + foreach ($attrarr as $arreach) |
|
| 152 | + { |
|
| 153 | 153 | if (!@isset($allowed_html[strtolower($element)] |
| 154 | 154 | [strtolower($arreach['name'])])) |
| 155 | - continue; # the attribute is not allowed |
|
| 155 | + continue; # the attribute is not allowed |
|
| 156 | 156 | |
| 157 | 157 | $current = $allowed_html[strtolower($element)] |
| 158 | 158 | [strtolower($arreach['name'])]; |
| 159 | 159 | |
| 160 | 160 | if (!is_array($current)) |
| 161 | - $attr2 .= ' '.$arreach['whole']; |
|
| 161 | + $attr2 .= ' '.$arreach['whole']; |
|
| 162 | 162 | # there are no checks |
| 163 | 163 | |
| 164 | 164 | else |
| 165 | 165 | { |
| 166 | 166 | # there are some checks |
| 167 | - $ok = true; |
|
| 168 | - foreach ($current as $currkey => $currval) |
|
| 167 | + $ok = true; |
|
| 168 | + foreach ($current as $currkey => $currval) |
|
| 169 | 169 | if (!kses_check_attr_val($arreach['value'], $arreach['vless'], |
| 170 | - $currkey, $currval)) |
|
| 170 | + $currkey, $currval)) |
|
| 171 | 171 | { $ok = false; break; } |
| 172 | 172 | |
| 173 | - if ($ok) |
|
| 173 | + if ($ok) |
|
| 174 | 174 | $attr2 .= ' '.$arreach['whole']; # it passed them |
| 175 | 175 | } # if !is_array($current) |
| 176 | - } # foreach |
|
| 176 | + } # foreach |
|
| 177 | 177 | |
| 178 | 178 | # Remove any "<" or ">" characters |
| 179 | 179 | |
| 180 | - $attr2 = preg_replace('/[<>]/', '', $attr2); |
|
| 180 | + $attr2 = preg_replace('/[<>]/', '', $attr2); |
|
| 181 | 181 | |
| 182 | - return "<$element$attr2$xhtml_slash>"; |
|
| 182 | + return "<$element$attr2$xhtml_slash>"; |
|
| 183 | 183 | } # function kses_attr |
| 184 | 184 | |
| 185 | 185 | |
@@ -193,96 +193,96 @@ discard block |
||
| 193 | 193 | # from attribute values. |
| 194 | 194 | ############################################################################### |
| 195 | 195 | { |
| 196 | - $attrarr = array(); |
|
| 197 | - $mode = 0; |
|
| 198 | - $attrname = ''; |
|
| 196 | + $attrarr = array(); |
|
| 197 | + $mode = 0; |
|
| 198 | + $attrname = ''; |
|
| 199 | 199 | |
| 200 | 200 | # Loop through the whole attribute list |
| 201 | 201 | |
| 202 | - while (strlen($attr) != 0) |
|
| 203 | - { |
|
| 202 | + while (strlen($attr) != 0) |
|
| 203 | + { |
|
| 204 | 204 | $working = 0; # Was the last operation successful? |
| 205 | 205 | |
| 206 | 206 | switch ($mode) |
| 207 | 207 | { |
| 208 | - case 0: # attribute name, href for instance |
|
| 208 | + case 0: # attribute name, href for instance |
|
| 209 | 209 | |
| 210 | 210 | if (preg_match('/^([-a-zA-Z]+)/', $attr, $match)) |
| 211 | 211 | { |
| 212 | - $attrname = $match[1]; |
|
| 213 | - $working = $mode = 1; |
|
| 214 | - $attr = preg_replace('/^[-a-zA-Z]+/', '', $attr); |
|
| 212 | + $attrname = $match[1]; |
|
| 213 | + $working = $mode = 1; |
|
| 214 | + $attr = preg_replace('/^[-a-zA-Z]+/', '', $attr); |
|
| 215 | 215 | } |
| 216 | 216 | |
| 217 | 217 | break; |
| 218 | 218 | |
| 219 | - case 1: # equals sign or valueless ("selected") |
|
| 219 | + case 1: # equals sign or valueless ("selected") |
|
| 220 | 220 | |
| 221 | 221 | if (preg_match('/^\s*=\s*/', $attr)) # equals sign |
| 222 | 222 | { |
| 223 | - $working = 1; $mode = 2; |
|
| 224 | - $attr = preg_replace('/^\s*=\s*/', '', $attr); |
|
| 225 | - break; |
|
| 223 | + $working = 1; $mode = 2; |
|
| 224 | + $attr = preg_replace('/^\s*=\s*/', '', $attr); |
|
| 225 | + break; |
|
| 226 | 226 | } |
| 227 | 227 | |
| 228 | 228 | if (preg_match('/^\s+/', $attr)) # valueless |
| 229 | 229 | { |
| 230 | - $working = 1; $mode = 0; |
|
| 231 | - $attrarr[] = array |
|
| 230 | + $working = 1; $mode = 0; |
|
| 231 | + $attrarr[] = array |
|
| 232 | 232 | ('name' => $attrname, |
| 233 | - 'value' => '', |
|
| 234 | - 'whole' => $attrname, |
|
| 235 | - 'vless' => 'y'); |
|
| 236 | - $attr = preg_replace('/^\s+/', '', $attr); |
|
| 233 | + 'value' => '', |
|
| 234 | + 'whole' => $attrname, |
|
| 235 | + 'vless' => 'y'); |
|
| 236 | + $attr = preg_replace('/^\s+/', '', $attr); |
|
| 237 | 237 | } |
| 238 | 238 | |
| 239 | 239 | break; |
| 240 | 240 | |
| 241 | - case 2: # attribute value, a URL after href= for instance |
|
| 241 | + case 2: # attribute value, a URL after href= for instance |
|
| 242 | 242 | |
| 243 | 243 | if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) |
| 244 | - # "value" |
|
| 244 | + # "value" |
|
| 245 | 245 | { |
| 246 | - $thisval = kses_bad_protocol($match[1], $allowed_protocols); |
|
| 246 | + $thisval = kses_bad_protocol($match[1], $allowed_protocols); |
|
| 247 | 247 | |
| 248 | - $attrarr[] = array |
|
| 248 | + $attrarr[] = array |
|
| 249 | 249 | ('name' => $attrname, |
| 250 | - 'value' => $thisval, |
|
| 251 | - 'whole' => "$attrname=\"$thisval\"", |
|
| 252 | - 'vless' => 'n'); |
|
| 253 | - $working = 1; $mode = 0; |
|
| 254 | - $attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr); |
|
| 255 | - break; |
|
| 250 | + 'value' => $thisval, |
|
| 251 | + 'whole' => "$attrname=\"$thisval\"", |
|
| 252 | + 'vless' => 'n'); |
|
| 253 | + $working = 1; $mode = 0; |
|
| 254 | + $attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr); |
|
| 255 | + break; |
|
| 256 | 256 | } |
| 257 | 257 | |
| 258 | 258 | if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) |
| 259 | - # 'value' |
|
| 259 | + # 'value' |
|
| 260 | 260 | { |
| 261 | - $thisval = kses_bad_protocol($match[1], $allowed_protocols); |
|
| 261 | + $thisval = kses_bad_protocol($match[1], $allowed_protocols); |
|
| 262 | 262 | |
| 263 | - $attrarr[] = array |
|
| 263 | + $attrarr[] = array |
|
| 264 | 264 | ('name' => $attrname, |
| 265 | - 'value' => $thisval, |
|
| 266 | - 'whole' => "$attrname='$thisval'", |
|
| 267 | - 'vless' => 'n'); |
|
| 268 | - $working = 1; $mode = 0; |
|
| 269 | - $attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr); |
|
| 270 | - break; |
|
| 265 | + 'value' => $thisval, |
|
| 266 | + 'whole' => "$attrname='$thisval'", |
|
| 267 | + 'vless' => 'n'); |
|
| 268 | + $working = 1; $mode = 0; |
|
| 269 | + $attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr); |
|
| 270 | + break; |
|
| 271 | 271 | } |
| 272 | 272 | |
| 273 | 273 | if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) |
| 274 | - # value |
|
| 274 | + # value |
|
| 275 | 275 | { |
| 276 | - $thisval = kses_bad_protocol($match[1], $allowed_protocols); |
|
| 276 | + $thisval = kses_bad_protocol($match[1], $allowed_protocols); |
|
| 277 | 277 | |
| 278 | - $attrarr[] = array |
|
| 278 | + $attrarr[] = array |
|
| 279 | 279 | ('name' => $attrname, |
| 280 | - 'value' => $thisval, |
|
| 281 | - 'whole' => "$attrname=\"$thisval\"", |
|
| 282 | - 'vless' => 'n'); |
|
| 283 | - # We add quotes to conform to W3C's HTML spec. |
|
| 284 | - $working = 1; $mode = 0; |
|
| 285 | - $attr = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr); |
|
| 280 | + 'value' => $thisval, |
|
| 281 | + 'whole' => "$attrname=\"$thisval\"", |
|
| 282 | + 'vless' => 'n'); |
|
| 283 | + # We add quotes to conform to W3C's HTML spec. |
|
| 284 | + $working = 1; $mode = 0; |
|
| 285 | + $attr = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr); |
|
| 286 | 286 | } |
| 287 | 287 | |
| 288 | 288 | break; |
@@ -290,21 +290,21 @@ discard block |
||
| 290 | 290 | |
| 291 | 291 | if ($working == 0) # not well formed, remove and try again |
| 292 | 292 | { |
| 293 | - $attr = kses_html_error($attr); |
|
| 294 | - $mode = 0; |
|
| 293 | + $attr = kses_html_error($attr); |
|
| 294 | + $mode = 0; |
|
| 295 | 295 | } |
| 296 | - } # while |
|
| 296 | + } # while |
|
| 297 | 297 | |
| 298 | - if ($mode == 1) |
|
| 299 | - # special case, for when the attribute list ends with a valueless |
|
| 300 | - # attribute like "selected" |
|
| 298 | + if ($mode == 1) |
|
| 299 | + # special case, for when the attribute list ends with a valueless |
|
| 300 | + # attribute like "selected" |
|
| 301 | 301 | $attrarr[] = array |
| 302 | - ('name' => $attrname, |
|
| 303 | - 'value' => '', |
|
| 304 | - 'whole' => $attrname, |
|
| 305 | - 'vless' => 'y'); |
|
| 302 | + ('name' => $attrname, |
|
| 303 | + 'value' => '', |
|
| 304 | + 'whole' => $attrname, |
|
| 305 | + 'vless' => 'y'); |
|
| 306 | 306 | |
| 307 | - return $attrarr; |
|
| 307 | + return $attrarr; |
|
| 308 | 308 | } # function kses_hair |
| 309 | 309 | |
| 310 | 310 | |
@@ -315,10 +315,10 @@ discard block |
||
| 315 | 315 | # with even more checks to come soon. |
| 316 | 316 | ############################################################################### |
| 317 | 317 | { |
| 318 | - $ok = true; |
|
| 318 | + $ok = true; |
|
| 319 | 319 | |
| 320 | - switch (strtolower($checkname)) |
|
| 321 | - { |
|
| 320 | + switch (strtolower($checkname)) |
|
| 321 | + { |
|
| 322 | 322 | case 'maxlen': |
| 323 | 323 | # The maxlen check makes sure that the attribute value has a length not |
| 324 | 324 | # greater than the given value. This can be used to avoid Buffer Overflows |
@@ -326,7 +326,7 @@ discard block |
||
| 326 | 326 | |
| 327 | 327 | if (strlen($value) > $checkvalue) |
| 328 | 328 | $ok = false; |
| 329 | - break; |
|
| 329 | + break; |
|
| 330 | 330 | |
| 331 | 331 | case 'minlen': |
| 332 | 332 | # The minlen check makes sure that the attribute value has a length not |
@@ -334,7 +334,7 @@ discard block |
||
| 334 | 334 | |
| 335 | 335 | if (strlen($value) < $checkvalue) |
| 336 | 336 | $ok = false; |
| 337 | - break; |
|
| 337 | + break; |
|
| 338 | 338 | |
| 339 | 339 | case 'maxval': |
| 340 | 340 | # The maxval check does two things: it checks that the attribute value is |
@@ -345,9 +345,9 @@ discard block |
||
| 345 | 345 | |
| 346 | 346 | if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
| 347 | 347 | $ok = false; |
| 348 | - if ($value > $checkvalue) |
|
| 348 | + if ($value > $checkvalue) |
|
| 349 | 349 | $ok = false; |
| 350 | - break; |
|
| 350 | + break; |
|
| 351 | 351 | |
| 352 | 352 | case 'minval': |
| 353 | 353 | # The minval check checks that the attribute value is a positive integer, |
@@ -355,9 +355,9 @@ discard block |
||
| 355 | 355 | |
| 356 | 356 | if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
| 357 | 357 | $ok = false; |
| 358 | - if ($value < $checkvalue) |
|
| 358 | + if ($value < $checkvalue) |
|
| 359 | 359 | $ok = false; |
| 360 | - break; |
|
| 360 | + break; |
|
| 361 | 361 | |
| 362 | 362 | case 'valueless': |
| 363 | 363 | # The valueless check checks if the attribute has a value |
@@ -367,10 +367,10 @@ discard block |
||
| 367 | 367 | |
| 368 | 368 | if (strtolower($checkvalue) != $vless) |
| 369 | 369 | $ok = false; |
| 370 | - break; |
|
| 371 | - } # switch |
|
| 370 | + break; |
|
| 371 | + } # switch |
|
| 372 | 372 | |
| 373 | - return $ok; |
|
| 373 | + return $ok; |
|
| 374 | 374 | } # function kses_check_attr_val |
| 375 | 375 | |
| 376 | 376 | |
@@ -382,17 +382,17 @@ discard block |
||
| 382 | 382 | # fooled by a string like "javascript:javascript:alert(57)". |
| 383 | 383 | ############################################################################### |
| 384 | 384 | { |
| 385 | - $string = kses_no_null($string); |
|
| 386 | - $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature" |
|
| 387 | - $string2 = $string.'a'; |
|
| 385 | + $string = kses_no_null($string); |
|
| 386 | + $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature" |
|
| 387 | + $string2 = $string.'a'; |
|
| 388 | 388 | |
| 389 | - while ($string != $string2) |
|
| 390 | - { |
|
| 389 | + while ($string != $string2) |
|
| 390 | + { |
|
| 391 | 391 | $string2 = $string; |
| 392 | 392 | $string = kses_bad_protocol_once($string, $allowed_protocols); |
| 393 | - } # while |
|
| 393 | + } # while |
|
| 394 | 394 | |
| 395 | - return $string; |
|
| 395 | + return $string; |
|
| 396 | 396 | } # function kses_bad_protocol |
| 397 | 397 | |
| 398 | 398 | |
@@ -401,10 +401,10 @@ discard block |
||
| 401 | 401 | # This function removes any NULL characters in $string. |
| 402 | 402 | ############################################################################### |
| 403 | 403 | { |
| 404 | - $string = preg_replace('/\0+/', '', $string); |
|
| 405 | - $string = preg_replace('/(\\\\0)+/', '', $string); |
|
| 404 | + $string = preg_replace('/\0+/', '', $string); |
|
| 405 | + $string = preg_replace('/(\\\\0)+/', '', $string); |
|
| 406 | 406 | |
| 407 | - return $string; |
|
| 407 | + return $string; |
|
| 408 | 408 | } # function kses_no_null |
| 409 | 409 | |
| 410 | 410 | |
@@ -415,7 +415,7 @@ discard block |
||
| 415 | 415 | # preg_replace(//e) seems to require this. |
| 416 | 416 | ############################################################################### |
| 417 | 417 | { |
| 418 | - return preg_replace('%\\\\"%', '"', $string); |
|
| 418 | + return preg_replace('%\\\\"%', '"', $string); |
|
| 419 | 419 | } # function kses_stripslashes |
| 420 | 420 | |
| 421 | 421 | |
@@ -424,21 +424,21 @@ discard block |
||
| 424 | 424 | # This function goes through an array, and changes the keys to all lower case. |
| 425 | 425 | ############################################################################### |
| 426 | 426 | { |
| 427 | - $outarray = array(); |
|
| 427 | + $outarray = array(); |
|
| 428 | 428 | |
| 429 | - foreach ($inarray as $inkey => $inval) |
|
| 430 | - { |
|
| 429 | + foreach ($inarray as $inkey => $inval) |
|
| 430 | + { |
|
| 431 | 431 | $outkey = strtolower($inkey); |
| 432 | 432 | $outarray[$outkey] = array(); |
| 433 | 433 | |
| 434 | 434 | foreach ($inval as $inkey2 => $inval2) |
| 435 | 435 | { |
| 436 | - $outkey2 = strtolower($inkey2); |
|
| 437 | - $outarray[$outkey][$outkey2] = $inval2; |
|
| 436 | + $outkey2 = strtolower($inkey2); |
|
| 437 | + $outarray[$outkey][$outkey2] = $inval2; |
|
| 438 | 438 | } # foreach $inval |
| 439 | - } # foreach $inarray |
|
| 439 | + } # foreach $inarray |
|
| 440 | 440 | |
| 441 | - return $outarray; |
|
| 441 | + return $outarray; |
|
| 442 | 442 | } # function kses_array_lc |
| 443 | 443 | |
| 444 | 444 | |
@@ -448,7 +448,7 @@ discard block |
||
| 448 | 448 | # Netscape 4. |
| 449 | 449 | ############################################################################### |
| 450 | 450 | { |
| 451 | - return preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string); |
|
| 451 | + return preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string); |
|
| 452 | 452 | } # function kses_js_entities |
| 453 | 453 | |
| 454 | 454 | |
@@ -459,7 +459,7 @@ discard block |
||
| 459 | 459 | # quotes and apostrophes as well. |
| 460 | 460 | ############################################################################### |
| 461 | 461 | { |
| 462 | - return preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $string); |
|
| 462 | + return preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $string); |
|
| 463 | 463 | } # function kses_html_error |
| 464 | 464 | |
| 465 | 465 | |
@@ -469,12 +469,12 @@ discard block |
||
| 469 | 469 | # handling whitespace and HTML entities. |
| 470 | 470 | ############################################################################### |
| 471 | 471 | { |
| 472 | - $string2 = preg_split('/:|:|:/i', $string, 2); |
|
| 473 | - if(isset($string2[1]) && !preg_match('%/\?%',$string2[0])) |
|
| 474 | - { |
|
| 475 | - $string = kses_bad_protocol_once2($string2[0],$allowed_protocols).trim($string2[1]); |
|
| 476 | - } |
|
| 477 | - return $string; |
|
| 472 | + $string2 = preg_split('/:|:|:/i', $string, 2); |
|
| 473 | + if(isset($string2[1]) && !preg_match('%/\?%',$string2[0])) |
|
| 474 | + { |
|
| 475 | + $string = kses_bad_protocol_once2($string2[0],$allowed_protocols).trim($string2[1]); |
|
| 476 | + } |
|
| 477 | + return $string; |
|
| 478 | 478 | } # function kses_bad_protocol_once |
| 479 | 479 | |
| 480 | 480 | |
@@ -484,24 +484,24 @@ discard block |
||
| 484 | 484 | # list or not, and returns different data depending on the answer. |
| 485 | 485 | ############################################################################### |
| 486 | 486 | { |
| 487 | - $string2 = kses_decode_entities($string); |
|
| 488 | - $string2 = preg_replace('/\s/', '', $string2); |
|
| 489 | - $string2 = kses_no_null($string2); |
|
| 490 | - $string2 = preg_replace('/\xad+/', '', $string2); |
|
| 491 | - # deals with Opera "feature" |
|
| 492 | - $string2 = strtolower($string2); |
|
| 493 | - |
|
| 494 | - $allowed = false; |
|
| 495 | - foreach ($allowed_protocols as $one_protocol) |
|
| 487 | + $string2 = kses_decode_entities($string); |
|
| 488 | + $string2 = preg_replace('/\s/', '', $string2); |
|
| 489 | + $string2 = kses_no_null($string2); |
|
| 490 | + $string2 = preg_replace('/\xad+/', '', $string2); |
|
| 491 | + # deals with Opera "feature" |
|
| 492 | + $string2 = strtolower($string2); |
|
| 493 | + |
|
| 494 | + $allowed = false; |
|
| 495 | + foreach ($allowed_protocols as $one_protocol) |
|
| 496 | 496 | if (strtolower($one_protocol) == $string2) |
| 497 | 497 | { |
| 498 | - $allowed = true; |
|
| 499 | - break; |
|
| 498 | + $allowed = true; |
|
| 499 | + break; |
|
| 500 | 500 | } |
| 501 | 501 | |
| 502 | - if ($allowed) |
|
| 502 | + if ($allowed) |
|
| 503 | 503 | return "$string2:"; |
| 504 | - else |
|
| 504 | + else |
|
| 505 | 505 | return ''; |
| 506 | 506 | } # function kses_bad_protocol_once2 |
| 507 | 507 | |
@@ -514,18 +514,18 @@ discard block |
||
| 514 | 514 | { |
| 515 | 515 | # Disarm all entities by converting & to & |
| 516 | 516 | |
| 517 | - $string = str_replace('&', '&', $string); |
|
| 517 | + $string = str_replace('&', '&', $string); |
|
| 518 | 518 | |
| 519 | 519 | # Change back the allowed entities in our entity whitelist |
| 520 | 520 | |
| 521 | - $string = preg_replace('/&([A-Za-z][A-Za-z0-9]{0,19});/', |
|
| 522 | - '&\\1;', $string); |
|
| 523 | - $string = preg_replace('/&#0*([0-9]{1,5});/e', |
|
| 524 | - 'kses_normalize_entities2("\\1")', $string); |
|
| 525 | - $string = preg_replace('/&#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', |
|
| 526 | - '&#\\1\\2;', $string); |
|
| 521 | + $string = preg_replace('/&([A-Za-z][A-Za-z0-9]{0,19});/', |
|
| 522 | + '&\\1;', $string); |
|
| 523 | + $string = preg_replace('/&#0*([0-9]{1,5});/e', |
|
| 524 | + 'kses_normalize_entities2("\\1")', $string); |
|
| 525 | + $string = preg_replace('/&#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', |
|
| 526 | + '&#\\1\\2;', $string); |
|
| 527 | 527 | |
| 528 | - return $string; |
|
| 528 | + return $string; |
|
| 529 | 529 | } # function kses_normalize_entities |
| 530 | 530 | |
| 531 | 531 | |
@@ -535,7 +535,7 @@ discard block |
||
| 535 | 535 | # and nothing more for &#number; entities. |
| 536 | 536 | ############################################################################### |
| 537 | 537 | { |
| 538 | - return (($i > 65535) ? "&#$i;" : "&#$i;"); |
|
| 538 | + return (($i > 65535) ? "&#$i;" : "&#$i;"); |
|
| 539 | 539 | } # function kses_normalize_entities2 |
| 540 | 540 | |
| 541 | 541 | |
@@ -546,11 +546,11 @@ discard block |
||
| 546 | 546 | # URL protocol whitelisting system anyway. |
| 547 | 547 | ############################################################################### |
| 548 | 548 | { |
| 549 | - $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string); |
|
| 550 | - $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', |
|
| 551 | - $string); |
|
| 549 | + $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string); |
|
| 550 | + $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', |
|
| 551 | + $string); |
|
| 552 | 552 | |
| 553 | - return $string; |
|
| 553 | + return $string; |
|
| 554 | 554 | } # function kses_decode_entities |
| 555 | 555 | |
| 556 | 556 | ?> |
@@ -97,8 +97,8 @@ discard block |
||
| 97 | 97 | * @return string |
| 98 | 98 | */ |
| 99 | 99 | function kses($string, $allowed_html, $allowed_protocols = |
| 100 | - array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', |
|
| 101 | - 'gopher', 'mailto')) |
|
| 100 | + array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', |
|
| 101 | + 'gopher', 'mailto')) |
|
| 102 | 102 | { |
| 103 | 103 | $string = kses_no_null($string); |
| 104 | 104 | $string = kses_js_entities($string); |
@@ -218,7 +218,7 @@ discard block |
||
| 218 | 218 | // No attributes are allowed for closing elements |
| 219 | 219 | |
| 220 | 220 | return kses_attr("$slash$elem", $attrlist, $allowed_html, |
| 221 | - $allowed_protocols); |
|
| 221 | + $allowed_protocols); |
|
| 222 | 222 | } |
| 223 | 223 | |
| 224 | 224 | /** |
@@ -261,11 +261,11 @@ discard block |
||
| 261 | 261 | foreach ($attrarr as $arreach) |
| 262 | 262 | { |
| 263 | 263 | if (!@isset($allowed_html[strtolower($element)] |
| 264 | - [strtolower($arreach['name'])])) |
|
| 264 | + [strtolower($arreach['name'])])) |
|
| 265 | 265 | continue; // the attribute is not allowed |
| 266 | 266 | |
| 267 | 267 | $current = $allowed_html[strtolower($element)] |
| 268 | - [strtolower($arreach['name'])]; |
|
| 268 | + [strtolower($arreach['name'])]; |
|
| 269 | 269 | if ($current == '') |
| 270 | 270 | continue; // the attribute is not allowed |
| 271 | 271 | |
@@ -279,7 +279,7 @@ discard block |
||
| 279 | 279 | $ok = true; |
| 280 | 280 | foreach ($current as $currkey => $currval) |
| 281 | 281 | if (!kses_check_attr_val($arreach['value'], $arreach['vless'], |
| 282 | - $currkey, $currval)) |
|
| 282 | + $currkey, $currval)) |
|
| 283 | 283 | { $ok = false; break; } |
| 284 | 284 | |
| 285 | 285 | if ( strtolower($arreach['name']) == 'style' ) { |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | - /* |
|
| 3 | + /* |
|
| 4 | 4 | * ========================================================================================== |
| 5 | 5 | * |
| 6 | 6 | * This program is free software and open source software; you can redistribute |
@@ -21,1146 +21,1146 @@ discard block |
||
| 21 | 21 | * ========================================================================================== |
| 22 | 22 | */ |
| 23 | 23 | |
| 24 | - /** |
|
| 25 | - * Class file for PHP5 OOP version of kses |
|
| 26 | - * |
|
| 27 | - * This is an updated version of kses to work with PHP5 that works under E_STRICT. |
|
| 28 | - * |
|
| 29 | - * This version is a bit of a rewrite to match my own coding style and use some of the |
|
| 30 | - * capabilities allowed in PHP5. Since this was a significant rewrite, but it still |
|
| 31 | - * maintains backward compatibility syntax-wise, the version number is now 1.0.0. Any |
|
| 32 | - * minor changes that do not break compatibility will be indicated in the second or third |
|
| 33 | - * digits. Anything that breaks compatibility will change the major version number. |
|
| 34 | - * |
|
| 35 | - * PHP5 specific changes: |
|
| 36 | - * + Private methods are now in place |
|
| 37 | - * + __construct() is now used rather then the standard class name 'kses()' |
|
| 38 | - * + Kses will not load in any version less that PHP5 |
|
| 39 | - * Other modifications: |
|
| 40 | - * + PHPdoc style documentation has been added to the class. See http://www.phpdoc.org/ for more info. |
|
| 41 | - * + Method names have been changed to reflect status as verbs |
|
| 42 | - * + One line methods have been folded into the code |
|
| 43 | - * + Some methods are now deprecated due to nomenclature style change. See method documentation for specifics. |
|
| 44 | - * + Kses5 now works in E_STRICT |
|
| 45 | - * + Version number is 1.0.0 to reflect serious code changes |
|
| 46 | - * + Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols() |
|
| 47 | - * + Deprecated _hook(), Protocols() |
|
| 48 | - * |
|
| 49 | - * @package kses |
|
| 50 | - * @subpackage kses5 |
|
| 51 | - */ |
|
| 52 | - |
|
| 53 | - if(substr(phpversion(), 0, 1) < 5) |
|
| 54 | - { |
|
| 55 | - die("Class kses requires PHP 5 or higher."); |
|
| 56 | - } |
|
| 57 | - |
|
| 58 | - /** |
|
| 59 | - * Only install KSES5 once |
|
| 60 | - */ |
|
| 61 | - if(!defined('KSES_CLASS_PHP5')) |
|
| 62 | - { |
|
| 63 | - define('KSES_CLASS_PHP5', true); |
|
| 64 | - |
|
| 65 | - /** |
|
| 66 | - * Kses strips evil scripts! |
|
| 67 | - * |
|
| 68 | - * This class provides the capability for removing unwanted HTML/XHTML, attributes from |
|
| 69 | - * tags, and protocols contained in links. The net result is a much more powerful tool |
|
| 70 | - * than the PHP internal strip_tags() |
|
| 71 | - * |
|
| 72 | - * This is a fork of a slick piece of procedural code called 'kses' written by Ulf Harnhammar. |
|
| 73 | - * |
|
| 74 | - * The original class for PHP4 was basically a wrapper around all of the functions in |
|
| 75 | - * the procedural code written by Ulf, and was released 7/25/2003. |
|
| 76 | - * |
|
| 77 | - * This version is a bit of a rewrite to match my own coding style and use some of the |
|
| 78 | - * capabilities allowed in PHP5. Since this was a significant rewrite, but it still |
|
| 79 | - * maintains backward compatibility syntax-wise, the version number is now 1.0.0. Any |
|
| 80 | - * minor changes that do not break compatibility will be indicated in the second or third |
|
| 81 | - * digits. Anything that breaks compatibility will change the major version number. |
|
| 82 | - * |
|
| 83 | - * PHP5 specific changes: |
|
| 84 | - * + Private methods are now in place |
|
| 85 | - * + __construct() is now used rather then the standard class name 'kses()' |
|
| 86 | - * + Kses5 will not load in any version less that PHP5 |
|
| 87 | - * Other modifications: |
|
| 88 | - * + PHPdoc style documentation has been added to the class. See http://www.phpdoc.org/ for more info. |
|
| 89 | - * + Method names have been changed to reflect status as verbs |
|
| 90 | - * + One line methods have been folded into the code |
|
| 91 | - * + Some methods are now deprecated due to nomenclature style change. See method documentation for specifics. |
|
| 92 | - * + Kses now works in E_STRICT |
|
| 93 | - * + Initial Version number set to 1.0.0 to reflect serious code changes |
|
| 94 | - * + Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols() |
|
| 95 | - * + Deprecated _hook(), Protocols() |
|
| 96 | - * + Integrated code from kses 0.2.2 into class. |
|
| 97 | - * + Added methods DumpProtocols(), DumpMethods() |
|
| 98 | - * |
|
| 99 | - * @author Richard R. V�squez, Jr. (Original procedural code by Ulf H�rnhammar) |
|
| 100 | - * @link http://sourceforge.net/projects/kses/ Home Page for Kses |
|
| 101 | - * @link http://chaos.org/contact/ Contact page with current email address for Richard Vasquez |
|
| 102 | - * @copyright Richard R. V�squez, Jr. 2005 |
|
| 103 | - * @version PHP5 OOP 1.0.2 |
|
| 104 | - * @license http://www.gnu.org/licenses/gpl.html GNU Public License |
|
| 105 | - * @package kses |
|
| 106 | - */ |
|
| 107 | - class kses5 |
|
| 108 | - { |
|
| 109 | - /**#@+ |
|
| 24 | + /** |
|
| 25 | + * Class file for PHP5 OOP version of kses |
|
| 26 | + * |
|
| 27 | + * This is an updated version of kses to work with PHP5 that works under E_STRICT. |
|
| 28 | + * |
|
| 29 | + * This version is a bit of a rewrite to match my own coding style and use some of the |
|
| 30 | + * capabilities allowed in PHP5. Since this was a significant rewrite, but it still |
|
| 31 | + * maintains backward compatibility syntax-wise, the version number is now 1.0.0. Any |
|
| 32 | + * minor changes that do not break compatibility will be indicated in the second or third |
|
| 33 | + * digits. Anything that breaks compatibility will change the major version number. |
|
| 34 | + * |
|
| 35 | + * PHP5 specific changes: |
|
| 36 | + * + Private methods are now in place |
|
| 37 | + * + __construct() is now used rather then the standard class name 'kses()' |
|
| 38 | + * + Kses will not load in any version less that PHP5 |
|
| 39 | + * Other modifications: |
|
| 40 | + * + PHPdoc style documentation has been added to the class. See http://www.phpdoc.org/ for more info. |
|
| 41 | + * + Method names have been changed to reflect status as verbs |
|
| 42 | + * + One line methods have been folded into the code |
|
| 43 | + * + Some methods are now deprecated due to nomenclature style change. See method documentation for specifics. |
|
| 44 | + * + Kses5 now works in E_STRICT |
|
| 45 | + * + Version number is 1.0.0 to reflect serious code changes |
|
| 46 | + * + Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols() |
|
| 47 | + * + Deprecated _hook(), Protocols() |
|
| 48 | + * |
|
| 49 | + * @package kses |
|
| 50 | + * @subpackage kses5 |
|
| 51 | + */ |
|
| 52 | + |
|
| 53 | + if(substr(phpversion(), 0, 1) < 5) |
|
| 54 | + { |
|
| 55 | + die("Class kses requires PHP 5 or higher."); |
|
| 56 | + } |
|
| 57 | + |
|
| 58 | + /** |
|
| 59 | + * Only install KSES5 once |
|
| 60 | + */ |
|
| 61 | + if(!defined('KSES_CLASS_PHP5')) |
|
| 62 | + { |
|
| 63 | + define('KSES_CLASS_PHP5', true); |
|
| 64 | + |
|
| 65 | + /** |
|
| 66 | + * Kses strips evil scripts! |
|
| 67 | + * |
|
| 68 | + * This class provides the capability for removing unwanted HTML/XHTML, attributes from |
|
| 69 | + * tags, and protocols contained in links. The net result is a much more powerful tool |
|
| 70 | + * than the PHP internal strip_tags() |
|
| 71 | + * |
|
| 72 | + * This is a fork of a slick piece of procedural code called 'kses' written by Ulf Harnhammar. |
|
| 73 | + * |
|
| 74 | + * The original class for PHP4 was basically a wrapper around all of the functions in |
|
| 75 | + * the procedural code written by Ulf, and was released 7/25/2003. |
|
| 76 | + * |
|
| 77 | + * This version is a bit of a rewrite to match my own coding style and use some of the |
|
| 78 | + * capabilities allowed in PHP5. Since this was a significant rewrite, but it still |
|
| 79 | + * maintains backward compatibility syntax-wise, the version number is now 1.0.0. Any |
|
| 80 | + * minor changes that do not break compatibility will be indicated in the second or third |
|
| 81 | + * digits. Anything that breaks compatibility will change the major version number. |
|
| 82 | + * |
|
| 83 | + * PHP5 specific changes: |
|
| 84 | + * + Private methods are now in place |
|
| 85 | + * + __construct() is now used rather then the standard class name 'kses()' |
|
| 86 | + * + Kses5 will not load in any version less that PHP5 |
|
| 87 | + * Other modifications: |
|
| 88 | + * + PHPdoc style documentation has been added to the class. See http://www.phpdoc.org/ for more info. |
|
| 89 | + * + Method names have been changed to reflect status as verbs |
|
| 90 | + * + One line methods have been folded into the code |
|
| 91 | + * + Some methods are now deprecated due to nomenclature style change. See method documentation for specifics. |
|
| 92 | + * + Kses now works in E_STRICT |
|
| 93 | + * + Initial Version number set to 1.0.0 to reflect serious code changes |
|
| 94 | + * + Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols() |
|
| 95 | + * + Deprecated _hook(), Protocols() |
|
| 96 | + * + Integrated code from kses 0.2.2 into class. |
|
| 97 | + * + Added methods DumpProtocols(), DumpMethods() |
|
| 98 | + * |
|
| 99 | + * @author Richard R. V�squez, Jr. (Original procedural code by Ulf H�rnhammar) |
|
| 100 | + * @link http://sourceforge.net/projects/kses/ Home Page for Kses |
|
| 101 | + * @link http://chaos.org/contact/ Contact page with current email address for Richard Vasquez |
|
| 102 | + * @copyright Richard R. V�squez, Jr. 2005 |
|
| 103 | + * @version PHP5 OOP 1.0.2 |
|
| 104 | + * @license http://www.gnu.org/licenses/gpl.html GNU Public License |
|
| 105 | + * @package kses |
|
| 106 | + */ |
|
| 107 | + class kses5 |
|
| 108 | + { |
|
| 109 | + /**#@+ |
|
| 110 | 110 | * @access private |
| 111 | 111 | * @var array |
| 112 | 112 | */ |
| 113 | - private $allowed_protocols; |
|
| 114 | - private $allowed_html; |
|
| 115 | - /**#@-*/ |
|
| 116 | - |
|
| 117 | - /** |
|
| 118 | - * Constructor for kses. |
|
| 119 | - * |
|
| 120 | - * This sets a default collection of protocols allowed in links, and creates an |
|
| 121 | - * empty set of allowed HTML tags. |
|
| 122 | - * @since PHP5 OOP 1.0.0 |
|
| 123 | - */ |
|
| 124 | - public function __construct() |
|
| 125 | - { |
|
| 126 | - /** |
|
| 127 | - * You could add protocols such as ftp, new, gopher, mailto, irc, etc. |
|
| 128 | - * |
|
| 129 | - * The base values the original kses provided were: |
|
| 130 | - * 'http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto' |
|
| 131 | - */ |
|
| 132 | - $this->allowed_protocols = array('http', 'ftp', 'mailto'); |
|
| 133 | - $this->allowed_html = array(); |
|
| 134 | - } |
|
| 135 | - |
|
| 136 | - /** |
|
| 137 | - * Basic task of kses - parses $string and strips it as required. |
|
| 138 | - * |
|
| 139 | - * This method strips all the disallowed (X)HTML tags, attributes |
|
| 140 | - * and protocols from the input $string. |
|
| 141 | - * |
|
| 142 | - * @access public |
|
| 143 | - * @param string $string String to be stripped of 'evil scripts' |
|
| 144 | - * @return string The stripped string |
|
| 145 | - * @since PHP4 OOP 0.0.1 |
|
| 146 | - */ |
|
| 147 | - public function Parse($string = "") |
|
| 148 | - { |
|
| 149 | - if (get_magic_quotes_gpc()) |
|
| 150 | - { |
|
| 151 | - $string = stripslashes($string); |
|
| 152 | - } |
|
| 153 | - $string = $this->removeNulls($string); |
|
| 154 | - // Remove JavaScript entities from early Netscape 4 versions |
|
| 155 | - $string = preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string); |
|
| 156 | - $string = $this->normalizeEntities($string); |
|
| 157 | - $string = $this->filterKsesTextHook($string); |
|
| 158 | - $string = preg_replace('%(<' . '[^>]*' . '(>|$)' . '|>)%e', "\$this->stripTags('\\1')", $string); |
|
| 159 | - return $string; |
|
| 160 | - } |
|
| 161 | - |
|
| 162 | - /** |
|
| 163 | - * Allows for single/batch addition of protocols |
|
| 164 | - * |
|
| 165 | - * This method accepts one argument that can be either a string |
|
| 166 | - * or an array of strings. Invalid data will be ignored. |
|
| 167 | - * |
|
| 168 | - * The argument will be processed, and each string will be added |
|
| 169 | - * via AddProtocol(). |
|
| 170 | - * |
|
| 171 | - * @access public |
|
| 172 | - * @param mixed , A string or array of protocols that will be added to the internal list of allowed protocols. |
|
| 173 | - * @return bool Status of adding valid protocols. |
|
| 174 | - * @see AddProtocol() |
|
| 175 | - * @since PHP5 OOP 1.0.0 |
|
| 176 | - */ |
|
| 177 | - public function AddProtocols() |
|
| 178 | - { |
|
| 179 | - $c_args = func_num_args(); |
|
| 180 | - if($c_args != 1) |
|
| 181 | - { |
|
| 182 | - trigger_error("kses5::AddProtocols() did not receive an argument.", E_USER_WARNING); |
|
| 183 | - return false; |
|
| 184 | - } |
|
| 185 | - |
|
| 186 | - $protocol_data = func_get_arg(0); |
|
| 187 | - |
|
| 188 | - if(is_array($protocol_data) && count($protocol_data) > 0) |
|
| 189 | - { |
|
| 190 | - foreach($protocol_data as $protocol) |
|
| 191 | - { |
|
| 192 | - $this->AddProtocol($protocol); |
|
| 193 | - } |
|
| 194 | - return true; |
|
| 195 | - } |
|
| 196 | - elseif(is_string($protocol_data)) |
|
| 197 | - { |
|
| 198 | - $this->AddProtocol($protocol_data); |
|
| 199 | - return true; |
|
| 200 | - } |
|
| 201 | - else |
|
| 202 | - { |
|
| 203 | - trigger_error("kses5::AddProtocols() did not receive a string or an array.", E_USER_WARNING); |
|
| 204 | - return false; |
|
| 205 | - } |
|
| 206 | - } |
|
| 207 | - |
|
| 208 | - /** |
|
| 209 | - * Allows for single/batch addition of protocols |
|
| 210 | - * |
|
| 211 | - * @deprecated Use AddProtocols() |
|
| 212 | - * @see AddProtocols() |
|
| 213 | - * @return bool |
|
| 214 | - * @since PHP4 OOP 0.0.1 |
|
| 215 | - */ |
|
| 216 | - public function Protocols() |
|
| 217 | - { |
|
| 218 | - $c_args = func_num_args(); |
|
| 219 | - if($c_args != 1) |
|
| 220 | - { |
|
| 221 | - trigger_error("kses5::Protocols() did not receive an argument.", E_USER_WARNING); |
|
| 222 | - return false; |
|
| 223 | - } |
|
| 224 | - |
|
| 225 | - return $this->AddProtocols(func_get_arg(0)); |
|
| 226 | - } |
|
| 227 | - |
|
| 228 | - /** |
|
| 229 | - * Adds a single protocol to $this->allowed_protocols. |
|
| 230 | - * |
|
| 231 | - * This method accepts a string argument and adds it to |
|
| 232 | - * the list of allowed protocols to keep when performing |
|
| 233 | - * Parse(). |
|
| 234 | - * |
|
| 235 | - * @access public |
|
| 236 | - * @param string $protocol The name of the protocol to be added. |
|
| 237 | - * @return bool Status of adding valid protocol. |
|
| 238 | - * @since PHP4 OOP 0.0.1 |
|
| 239 | - */ |
|
| 240 | - public function AddProtocol($protocol = "") |
|
| 241 | - { |
|
| 242 | - if(!is_string($protocol)) |
|
| 243 | - { |
|
| 244 | - trigger_error("kses5::AddProtocol() requires a string.", E_USER_WARNING); |
|
| 245 | - return false; |
|
| 246 | - } |
|
| 247 | - |
|
| 248 | - // Remove any inadvertent ':' at the end of the protocol. |
|
| 249 | - if(substr($protocol, strlen($protocol) - 1, 1) == ":") |
|
| 250 | - { |
|
| 251 | - $protocol = substr($protocol, 0, strlen($protocol) - 1); |
|
| 252 | - } |
|
| 253 | - |
|
| 254 | - $protocol = strtolower(trim($protocol)); |
|
| 255 | - if($protocol == "") |
|
| 256 | - { |
|
| 257 | - trigger_error("kses5::AddProtocol() tried to add an empty/NULL protocol.", E_USER_WARNING); |
|
| 258 | - return false; |
|
| 259 | - } |
|
| 260 | - |
|
| 261 | - // prevent duplicate protocols from being added. |
|
| 262 | - if(!in_array($protocol, $this->allowed_protocols)) |
|
| 263 | - { |
|
| 264 | - array_push($this->allowed_protocols, $protocol); |
|
| 265 | - sort($this->allowed_protocols); |
|
| 266 | - } |
|
| 267 | - return true; |
|
| 268 | - } |
|
| 269 | - |
|
| 270 | - /** |
|
| 271 | - * Removes a single protocol from $this->allowed_protocols. |
|
| 272 | - * |
|
| 273 | - * This method accepts a string argument and removes it from |
|
| 274 | - * the list of allowed protocols to keep when performing |
|
| 275 | - * Parse(). |
|
| 276 | - * |
|
| 277 | - * @access public |
|
| 278 | - * @param string $protocol The name of the protocol to be removed. |
|
| 279 | - * @return bool Status of removing valid protocol. |
|
| 280 | - * @since PHP5 OOP 1.0.0 |
|
| 281 | - */ |
|
| 282 | - public function RemoveProtocol($protocol = "") |
|
| 283 | - { |
|
| 284 | - if(!is_string($protocol)) |
|
| 285 | - { |
|
| 286 | - trigger_error("kses5::RemoveProtocol() requires a string.", E_USER_WARNING); |
|
| 287 | - return false; |
|
| 288 | - } |
|
| 289 | - |
|
| 290 | - // Remove any inadvertent ':' at the end of the protocol. |
|
| 291 | - if(substr($protocol, strlen($protocol) - 1, 1) == ":") |
|
| 292 | - { |
|
| 293 | - $protocol = substr($protocol, 0, strlen($protocol) - 1); |
|
| 294 | - } |
|
| 295 | - |
|
| 296 | - $protocol = strtolower(trim($protocol)); |
|
| 297 | - if($protocol == "") |
|
| 298 | - { |
|
| 299 | - trigger_error("kses5::RemoveProtocol() tried to remove an empty/NULL protocol.", E_USER_WARNING); |
|
| 300 | - return false; |
|
| 301 | - } |
|
| 302 | - |
|
| 303 | - // Ensures that the protocol exists before removing it. |
|
| 304 | - if(in_array($protocol, $this->allowed_protocols)) |
|
| 305 | - { |
|
| 306 | - $this->allowed_protocols = array_diff($this->allowed_protocols, array($protocol)); |
|
| 307 | - sort($this->allowed_protocols); |
|
| 308 | - } |
|
| 309 | - |
|
| 310 | - return true; |
|
| 311 | - } |
|
| 312 | - |
|
| 313 | - /** |
|
| 314 | - * Allows for single/batch removal of protocols |
|
| 315 | - * |
|
| 316 | - * This method accepts one argument that can be either a string |
|
| 317 | - * or an array of strings. Invalid data will be ignored. |
|
| 318 | - * |
|
| 319 | - * The argument will be processed, and each string will be removed |
|
| 320 | - * via RemoveProtocol(). |
|
| 321 | - * |
|
| 322 | - * @access public |
|
| 323 | - * @param mixed , A string or array of protocols that will be removed from the internal list of allowed protocols. |
|
| 324 | - * @return bool Status of removing valid protocols. |
|
| 325 | - * @see RemoveProtocol() |
|
| 326 | - * @since PHP5 OOP 1.0.0 |
|
| 327 | - */ |
|
| 328 | - public function RemoveProtocols() |
|
| 329 | - { |
|
| 330 | - $c_args = func_num_args(); |
|
| 331 | - if($c_args != 1) |
|
| 332 | - { |
|
| 333 | - return false; |
|
| 334 | - } |
|
| 335 | - |
|
| 336 | - $protocol_data = func_get_arg(0); |
|
| 337 | - |
|
| 338 | - if(is_array($protocol_data) && count($protocol_data) > 0) |
|
| 339 | - { |
|
| 340 | - foreach($protocol_data as $protocol) |
|
| 341 | - { |
|
| 342 | - $this->RemoveProtocol($protocol); |
|
| 343 | - } |
|
| 344 | - } |
|
| 345 | - elseif(is_string($protocol_data)) |
|
| 346 | - { |
|
| 347 | - $this->RemoveProtocol($protocol_data); |
|
| 348 | - return true; |
|
| 349 | - } |
|
| 350 | - else |
|
| 351 | - { |
|
| 352 | - trigger_error("kses5::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING); |
|
| 353 | - return false; |
|
| 354 | - } |
|
| 355 | - } |
|
| 356 | - |
|
| 357 | - /** |
|
| 358 | - * Allows for single/batch replacement of protocols |
|
| 359 | - * |
|
| 360 | - * This method accepts one argument that can be either a string |
|
| 361 | - * or an array of strings. Invalid data will be ignored. |
|
| 362 | - * |
|
| 363 | - * Existing protocols will be removed, then the argument will be |
|
| 364 | - * processed, and each string will be added via AddProtocol(). |
|
| 365 | - * |
|
| 366 | - * @access public |
|
| 367 | - * @param mixed , A string or array of protocols that will be the new internal list of allowed protocols. |
|
| 368 | - * @return bool Status of replacing valid protocols. |
|
| 369 | - * @since PHP5 OOP 1.0.1 |
|
| 370 | - * @see AddProtocol() |
|
| 371 | - */ |
|
| 372 | - public function SetProtocols() |
|
| 373 | - { |
|
| 374 | - $c_args = func_num_args(); |
|
| 375 | - if($c_args != 1) |
|
| 376 | - { |
|
| 377 | - trigger_error("kses5::SetProtocols() did not receive an argument.", E_USER_WARNING); |
|
| 378 | - return false; |
|
| 379 | - } |
|
| 380 | - |
|
| 381 | - $protocol_data = func_get_arg(0); |
|
| 382 | - |
|
| 383 | - if(is_array($protocol_data) && count($protocol_data) > 0) |
|
| 384 | - { |
|
| 385 | - $this->allowed_protocols = array(); |
|
| 386 | - foreach($protocol_data as $protocol) |
|
| 387 | - { |
|
| 388 | - $this->AddProtocol($protocol); |
|
| 389 | - } |
|
| 390 | - return true; |
|
| 391 | - } |
|
| 392 | - elseif(is_string($protocol_data)) |
|
| 393 | - { |
|
| 394 | - $this->allowed_protocols = array(); |
|
| 395 | - $this->AddProtocol($protocol_data); |
|
| 396 | - return true; |
|
| 397 | - } |
|
| 398 | - else |
|
| 399 | - { |
|
| 400 | - trigger_error("kses5::SetProtocols() did not receive a string or an array.", E_USER_WARNING); |
|
| 401 | - return false; |
|
| 402 | - } |
|
| 403 | - } |
|
| 404 | - |
|
| 405 | - /** |
|
| 406 | - * Raw dump of allowed protocols |
|
| 407 | - * |
|
| 408 | - * This returns an indexed array of allowed protocols for a particular KSES |
|
| 409 | - * instantiation. |
|
| 410 | - * |
|
| 411 | - * @access public |
|
| 412 | - * @return array The list of allowed protocols. |
|
| 413 | - * @since PHP5 OOP 1.0.2 |
|
| 414 | - */ |
|
| 415 | - public function DumpProtocols() |
|
| 416 | - { |
|
| 417 | - return $this->allowed_protocols; |
|
| 418 | - } |
|
| 419 | - |
|
| 420 | - /** |
|
| 421 | - * Raw dump of allowed (X)HTML elements |
|
| 422 | - * |
|
| 423 | - * This returns an indexed array of allowed (X)HTML elements and attributes |
|
| 424 | - * for a particular KSES instantiation. |
|
| 425 | - * |
|
| 426 | - * @access public |
|
| 427 | - * @return array The list of allowed elements. |
|
| 428 | - * @since PHP5 OOP 1.0.2 |
|
| 429 | - */ |
|
| 430 | - public function DumpElements() |
|
| 431 | - { |
|
| 432 | - return $this->allowed_html; |
|
| 433 | - } |
|
| 434 | - |
|
| 435 | - |
|
| 436 | - /** |
|
| 437 | - * Adds valid (X)HTML with corresponding attributes that will be kept when stripping 'evil scripts'. |
|
| 438 | - * |
|
| 439 | - * This method accepts one argument that can be either a string |
|
| 440 | - * or an array of strings. Invalid data will be ignored. |
|
| 441 | - * |
|
| 442 | - * @access public |
|
| 443 | - * @param string $tag (X)HTML tag that will be allowed after stripping text. |
|
| 444 | - * @param array $attribs Associative array of allowed attributes - key => attribute name - value => attribute parameter |
|
| 445 | - * @return bool Status of Adding (X)HTML and attributes. |
|
| 446 | - * @since PHP4 OOP 0.0.1 |
|
| 447 | - */ |
|
| 448 | - public function AddHTML($tag = "", $attribs = array()) |
|
| 449 | - { |
|
| 450 | - if(!is_string($tag)) |
|
| 451 | - { |
|
| 452 | - trigger_error("kses5::AddHTML() requires the tag to be a string", E_USER_WARNING); |
|
| 453 | - return false; |
|
| 454 | - } |
|
| 455 | - |
|
| 456 | - $tag = strtolower(trim($tag)); |
|
| 457 | - if($tag == "") |
|
| 458 | - { |
|
| 459 | - trigger_error("kses5::AddHTML() tried to add an empty/NULL tag", E_USER_WARNING); |
|
| 460 | - return false; |
|
| 461 | - } |
|
| 462 | - |
|
| 463 | - if(!is_array($attribs)) |
|
| 464 | - { |
|
| 465 | - trigger_error("kses5::AddHTML() requires an array (even an empty one) of attributes for '$tag'", E_USER_WARNING); |
|
| 466 | - return false; |
|
| 467 | - } |
|
| 468 | - |
|
| 469 | - $new_attribs = array(); |
|
| 470 | - if(is_array($attribs) && count($attribs) > 0) |
|
| 471 | - { |
|
| 472 | - foreach($attribs as $idx1 => $val1) |
|
| 473 | - { |
|
| 474 | - $new_idx1 = strtolower($idx1); |
|
| 475 | - $new_val1 = $attribs[$idx1]; |
|
| 476 | - |
|
| 477 | - if(is_array($new_val1) && count($attribs) > 0) |
|
| 478 | - { |
|
| 479 | - $tmp_val = array(); |
|
| 480 | - foreach($new_val1 as $idx2 => $val2) |
|
| 481 | - { |
|
| 482 | - $new_idx2 = strtolower($idx2); |
|
| 483 | - $tmp_val[$new_idx2] = $val2; |
|
| 484 | - } |
|
| 485 | - $new_val1 = $tmp_val; |
|
| 486 | - } |
|
| 487 | - |
|
| 488 | - $new_attribs[$new_idx1] = $new_val1; |
|
| 489 | - } |
|
| 490 | - } |
|
| 491 | - |
|
| 492 | - $this->allowed_html[$tag] = $new_attribs; |
|
| 493 | - return true; |
|
| 494 | - } |
|
| 495 | - |
|
| 496 | - /** |
|
| 497 | - * This method removes any NULL characters in $string. |
|
| 498 | - * |
|
| 499 | - * @access private |
|
| 500 | - * @param string $string |
|
| 501 | - * @return string String without any NULL/chr(173) |
|
| 502 | - * @since PHP4 OOP 0.0.1 |
|
| 503 | - */ |
|
| 504 | - private function removeNulls($string) |
|
| 505 | - { |
|
| 506 | - $string = preg_replace('/\0+/', '', $string); |
|
| 507 | - $string = preg_replace('/(\\\\0)+/', '', $string); |
|
| 508 | - return $string; |
|
| 509 | - } |
|
| 510 | - |
|
| 511 | - /** |
|
| 512 | - * Normalizes HTML entities |
|
| 513 | - * |
|
| 514 | - * This function normalizes HTML entities. It will convert "AT&T" to the correct |
|
| 515 | - * "AT&T", ":" to ":", "&#XYZZY;" to "&#XYZZY;" and so on. |
|
| 516 | - * |
|
| 517 | - * @access private |
|
| 518 | - * @param string $string |
|
| 519 | - * @return string String with normalized entities |
|
| 520 | - * @since PHP4 OOP 0.0.1 |
|
| 521 | - */ |
|
| 522 | - private function normalizeEntities($string) |
|
| 523 | - { |
|
| 524 | - # Disarm all entities by converting & to & |
|
| 525 | - $string = str_replace('&', '&', $string); |
|
| 526 | - |
|
| 527 | - # TODO: Change back (Keep?) the allowed entities in our entity white list |
|
| 528 | - |
|
| 529 | - # Keeps entities that start with [A-Za-z] |
|
| 530 | - $string = preg_replace( |
|
| 531 | - '/&([A-Za-z][A-Za-z0-9]{0,19});/', |
|
| 532 | - '&\\1;', |
|
| 533 | - $string |
|
| 534 | - ); |
|
| 535 | - |
|
| 536 | - # Change numeric entities to valid 16 bit values |
|
| 537 | - |
|
| 538 | - $string = preg_replace( |
|
| 539 | - '/&#0*([0-9]{1,5});/e', |
|
| 540 | - '\$this->normalizeEntities16bit("\\1")', |
|
| 541 | - $string |
|
| 542 | - ); |
|
| 543 | - |
|
| 544 | - # Change &XHHHHHHH (Hex digits) to 16 bit hex values |
|
| 545 | - $string = preg_replace( |
|
| 546 | - '/&#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', |
|
| 547 | - '&#\\1\\2;', |
|
| 548 | - $string |
|
| 549 | - ); |
|
| 550 | - |
|
| 551 | - return $string; |
|
| 552 | - } |
|
| 553 | - |
|
| 554 | - /** |
|
| 555 | - * Helper method used by normalizeEntites() |
|
| 556 | - * |
|
| 557 | - * This method helps normalizeEntities() to only accept 16 bit values |
|
| 558 | - * and nothing more for &#number; entities. |
|
| 559 | - * |
|
| 560 | - * This method helps normalize_entities() during a preg_replace() |
|
| 561 | - * where a &#(0)*XXXXX; occurs. The '(0)*XXXXXX' value is converted to |
|
| 562 | - * a number and the result is returned as a numeric entity if the number |
|
| 563 | - * is less than 65536. Otherwise, the value is returned 'as is'. |
|
| 564 | - * |
|
| 565 | - * @access private |
|
| 566 | - * @param string $i |
|
| 567 | - * @return string Normalized numeric entity |
|
| 568 | - * @see normalizeEntities() |
|
| 569 | - * @since PHP4 OOP 0.0.1 |
|
| 570 | - */ |
|
| 571 | - private function normalizeEntities16bit($i) |
|
| 572 | - { |
|
| 573 | - return (($i > 65535) ? "&#$i;" : "&#$i;"); |
|
| 574 | - } |
|
| 575 | - |
|
| 576 | - /** |
|
| 577 | - * Allows for additional user defined modifications to text. |
|
| 578 | - * |
|
| 579 | - * This method allows for additional modifications to be performed on |
|
| 580 | - * a string that's being run through Parse(). Currently, it returns the |
|
| 581 | - * input string 'as is'. |
|
| 582 | - * |
|
| 583 | - * This method is provided for users to extend the kses class for their own |
|
| 584 | - * requirements. |
|
| 585 | - * |
|
| 586 | - * @access public |
|
| 587 | - * @param string $string String to perfrom additional modifications on. |
|
| 588 | - * @return string User modified string. |
|
| 589 | - * @see Parse() |
|
| 590 | - * @since PHP5 OOP 1.0.0 |
|
| 591 | - */ |
|
| 592 | - private function filterKsesTextHook($string) |
|
| 593 | - { |
|
| 594 | - return $string; |
|
| 595 | - } |
|
| 596 | - |
|
| 597 | - /** |
|
| 598 | - * Allows for additional user defined modifications to text. |
|
| 599 | - * |
|
| 600 | - * @deprecated use filterKsesTextHook() |
|
| 601 | - * @param string $string |
|
| 602 | - * @return string |
|
| 603 | - * @see filterKsesTextHook() |
|
| 604 | - * @since PHP4 OOP 0.0.1 |
|
| 605 | - */ |
|
| 606 | - private function _hook($string) |
|
| 607 | - { |
|
| 608 | - return $this->filterKsesTextHook($string); |
|
| 609 | - } |
|
| 610 | - |
|
| 611 | - /** |
|
| 612 | - * This method goes through an array, and changes the keys to all lower case. |
|
| 613 | - * |
|
| 614 | - * @access private |
|
| 615 | - * @param array $in_array Associative array |
|
| 616 | - * @return array Modified array |
|
| 617 | - * @since PHP4 OOP 0.0.1 |
|
| 618 | - */ |
|
| 619 | - private function makeArrayKeysLowerCase($in_array) |
|
| 620 | - { |
|
| 621 | - $out_array = array(); |
|
| 622 | - |
|
| 623 | - if(is_array($in_array) && count($in_array) > 0) |
|
| 624 | - { |
|
| 625 | - foreach ($in_array as $in_key => $in_val) |
|
| 626 | - { |
|
| 627 | - $out_key = strtolower($in_key); |
|
| 628 | - $out_array[$out_key] = array(); |
|
| 629 | - |
|
| 630 | - if(is_array($in_val) && count($in_val) > 0) |
|
| 631 | - { |
|
| 632 | - foreach ($in_val as $in_key2 => $in_val2) |
|
| 633 | - { |
|
| 634 | - $out_key2 = strtolower($in_key2); |
|
| 635 | - $out_array[$out_key][$out_key2] = $in_val2; |
|
| 636 | - } |
|
| 637 | - } |
|
| 638 | - } |
|
| 639 | - } |
|
| 640 | - |
|
| 641 | - return $out_array; |
|
| 642 | - } |
|
| 643 | - |
|
| 644 | - /** |
|
| 645 | - * This method strips out disallowed and/or mangled (X)HTML tags along with assigned attributes. |
|
| 646 | - * |
|
| 647 | - * This method does a lot of work. It rejects some very malformed things |
|
| 648 | - * like <:::>. It returns an empty string if the element isn't allowed (look |
|
| 649 | - * ma, no strip_tags()!). Otherwise it splits the tag into an element and an |
|
| 650 | - * allowed attribute list. |
|
| 651 | - * |
|
| 652 | - * @access private |
|
| 653 | - * @param string $string |
|
| 654 | - * @return string Modified string minus disallowed/mangled (X)HTML and attributes |
|
| 655 | - * @since PHP4 OOP 0.0.1 |
|
| 656 | - */ |
|
| 657 | - private function stripTags($string) |
|
| 658 | - { |
|
| 659 | - $string = preg_replace('%\\\\"%', '"', $string); |
|
| 660 | - |
|
| 661 | - if (substr($string, 0, 1) != '<') |
|
| 662 | - { |
|
| 663 | - # It matched a ">" character |
|
| 664 | - return '>'; |
|
| 665 | - } |
|
| 666 | - |
|
| 667 | - if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) |
|
| 668 | - { |
|
| 669 | - # It's seriously malformed |
|
| 670 | - return ''; |
|
| 671 | - } |
|
| 672 | - |
|
| 673 | - $slash = trim($matches[1]); |
|
| 674 | - $elem = $matches[2]; |
|
| 675 | - $attrlist = $matches[3]; |
|
| 676 | - |
|
| 677 | - if ( |
|
| 678 | - !isset($this->allowed_html[strtolower($elem)]) || |
|
| 679 | - !is_array($this->allowed_html[strtolower($elem)])) |
|
| 680 | - { |
|
| 681 | - # Found an HTML element not in the white list |
|
| 682 | - return ''; |
|
| 683 | - } |
|
| 684 | - |
|
| 685 | - if ($slash != '') |
|
| 686 | - { |
|
| 687 | - return "<$slash$elem>"; |
|
| 688 | - } |
|
| 689 | - # No attributes are allowed for closing elements |
|
| 690 | - |
|
| 691 | - return $this->stripAttributes("$slash$elem", $attrlist); |
|
| 692 | - } |
|
| 693 | - |
|
| 694 | - /** |
|
| 695 | - * This method strips out disallowed attributes for (X)HTML tags. |
|
| 696 | - * |
|
| 697 | - * This method removes all attributes if none are allowed for this element. |
|
| 698 | - * If some are allowed it calls combAttributes() to split them further, and then it |
|
| 699 | - * builds up new HTML code from the data that combAttributes() returns. It also |
|
| 700 | - * removes "<" and ">" characters, if there are any left. One more thing it |
|
| 701 | - * does is to check if the tag has a closing XHTML slash, and if it does, |
|
| 702 | - * it puts one in the returned code as well. |
|
| 703 | - * |
|
| 704 | - * @access private |
|
| 705 | - * @param string $element (X)HTML tag to check |
|
| 706 | - * @param string $attr Text containing attributes to check for validity. |
|
| 707 | - * @return string Resulting valid (X)HTML or '' |
|
| 708 | - * @see combAttributes() |
|
| 709 | - * @since PHP4 OOP 0.0.1 |
|
| 710 | - */ |
|
| 711 | - private function stripAttributes($element, $attr) |
|
| 712 | - { |
|
| 713 | - # Is there a closing XHTML slash at the end of the attributes? |
|
| 714 | - $xhtml_slash = ''; |
|
| 715 | - if (preg_match('%\s/\s*$%', $attr)) |
|
| 716 | - { |
|
| 717 | - $xhtml_slash = ' /'; |
|
| 718 | - } |
|
| 719 | - |
|
| 720 | - # Are any attributes allowed at all for this element? |
|
| 721 | - if ( |
|
| 722 | - !isset($this->allowed_html[strtolower($element)]) || |
|
| 723 | - count($this->allowed_html[strtolower($element)]) == 0 |
|
| 724 | - ) |
|
| 725 | - { |
|
| 726 | - return "<$element$xhtml_slash>"; |
|
| 727 | - } |
|
| 728 | - |
|
| 729 | - # Split it |
|
| 730 | - $attrarr = $this->combAttributes($attr); |
|
| 731 | - |
|
| 732 | - # Go through $attrarr, and save the allowed attributes for this element |
|
| 733 | - # in $attr2 |
|
| 734 | - $attr2 = ''; |
|
| 735 | - if(is_array($attrarr) && count($attrarr) > 0) |
|
| 736 | - { |
|
| 737 | - foreach ($attrarr as $arreach) |
|
| 738 | - { |
|
| 739 | - if(!isset($this->allowed_html[strtolower($element)][strtolower($arreach['name'])])) |
|
| 740 | - { |
|
| 741 | - continue; |
|
| 742 | - } |
|
| 743 | - |
|
| 744 | - $current = $this->allowed_html[strtolower($element)][strtolower($arreach['name'])]; |
|
| 745 | - |
|
| 746 | - if (!is_array($current)) |
|
| 747 | - { |
|
| 748 | - # there are no checks |
|
| 749 | - $attr2 .= ' '.$arreach['whole']; |
|
| 750 | - } |
|
| 751 | - else |
|
| 752 | - { |
|
| 753 | - # there are some checks |
|
| 754 | - $ok = true; |
|
| 755 | - if(is_array($current) && count($current) > 0) |
|
| 756 | - { |
|
| 757 | - foreach ($current as $currkey => $currval) |
|
| 758 | - { |
|
| 759 | - if (!$this->checkAttributeValue($arreach['value'], $arreach['vless'], $currkey, $currval)) |
|
| 760 | - { |
|
| 761 | - $ok = false; |
|
| 762 | - break; |
|
| 763 | - } |
|
| 764 | - } |
|
| 765 | - } |
|
| 766 | - |
|
| 767 | - if ($ok) |
|
| 768 | - { |
|
| 769 | - # it passed them |
|
| 770 | - $attr2 .= ' '.$arreach['whole']; |
|
| 771 | - } |
|
| 772 | - } |
|
| 773 | - } |
|
| 774 | - } |
|
| 775 | - |
|
| 776 | - # Remove any "<" or ">" characters |
|
| 777 | - $attr2 = preg_replace('/[<>]/', '', $attr2); |
|
| 778 | - return "<$element$attr2$xhtml_slash>"; |
|
| 779 | - } |
|
| 780 | - |
|
| 781 | - /** |
|
| 782 | - * This method combs through an attribute list string and returns an associative array of attributes and values. |
|
| 783 | - * |
|
| 784 | - * This method does a lot of work. It parses an attribute list into an array |
|
| 785 | - * with attribute data, and tries to do the right thing even if it gets weird |
|
| 786 | - * input. It will add quotes around attribute values that don't have any quotes |
|
| 787 | - * or apostrophes around them, to make it easier to produce HTML code that will |
|
| 788 | - * conform to W3C's HTML specification. It will also remove bad URL protocols |
|
| 789 | - * from attribute values. |
|
| 790 | - * |
|
| 791 | - * @access private |
|
| 792 | - * @param string $attr Text containing tag attributes for parsing |
|
| 793 | - * @return array Associative array containing data on attribute and value |
|
| 794 | - * @since PHP4 OOP 0.0.1 |
|
| 795 | - */ |
|
| 796 | - private function combAttributes($attr) |
|
| 797 | - { |
|
| 798 | - $attrarr = array(); |
|
| 799 | - $mode = 0; |
|
| 800 | - $attrname = ''; |
|
| 801 | - |
|
| 802 | - # Loop through the whole attribute list |
|
| 803 | - |
|
| 804 | - while (strlen($attr) != 0) |
|
| 805 | - { |
|
| 806 | - # Was the last operation successful? |
|
| 807 | - $working = 0; |
|
| 808 | - |
|
| 809 | - switch ($mode) |
|
| 810 | - { |
|
| 811 | - case 0: # attribute name, href for instance |
|
| 812 | - if (preg_match('/^([-a-zA-Z]+)/', $attr, $match)) |
|
| 813 | - { |
|
| 814 | - $attrname = $match[1]; |
|
| 815 | - $working = $mode = 1; |
|
| 816 | - $attr = preg_replace('/^[-a-zA-Z]+/', '', $attr); |
|
| 817 | - } |
|
| 818 | - break; |
|
| 819 | - case 1: # equals sign or valueless ("selected") |
|
| 820 | - if (preg_match('/^\s*=\s*/', $attr)) # equals sign |
|
| 821 | - { |
|
| 822 | - $working = 1; |
|
| 823 | - $mode = 2; |
|
| 824 | - $attr = preg_replace('/^\s*=\s*/', '', $attr); |
|
| 825 | - break; |
|
| 826 | - } |
|
| 827 | - if (preg_match('/^\s+/', $attr)) # valueless |
|
| 828 | - { |
|
| 829 | - $working = 1; |
|
| 830 | - $mode = 0; |
|
| 831 | - $attrarr[] = array( |
|
| 832 | - 'name' => $attrname, |
|
| 833 | - 'value' => '', |
|
| 834 | - 'whole' => $attrname, |
|
| 835 | - 'vless' => 'y' |
|
| 836 | - ); |
|
| 837 | - $attr = preg_replace('/^\s+/', '', $attr); |
|
| 838 | - } |
|
| 839 | - break; |
|
| 840 | - case 2: # attribute value, a URL after href= for instance |
|
| 841 | - if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value" |
|
| 842 | - { |
|
| 843 | - $thisval = $this->removeBadProtocols($match[1]); |
|
| 844 | - $attrarr[] = array( |
|
| 845 | - 'name' => $attrname, |
|
| 846 | - 'value' => $thisval, |
|
| 847 | - 'whole' => $attrname . '="' . $thisval . '"', |
|
| 848 | - 'vless' => 'n' |
|
| 849 | - ); |
|
| 850 | - $working = 1; |
|
| 851 | - $mode = 0; |
|
| 852 | - $attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr); |
|
| 853 | - break; |
|
| 854 | - } |
|
| 855 | - if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value' |
|
| 856 | - { |
|
| 857 | - $thisval = $this->removeBadProtocols($match[1]); |
|
| 858 | - $attrarr[] = array( |
|
| 859 | - 'name' => $attrname, |
|
| 860 | - 'value' => $thisval, |
|
| 861 | - 'whole' => "$attrname='$thisval'", |
|
| 862 | - 'vless' => 'n' |
|
| 863 | - ); |
|
| 864 | - $working = 1; |
|
| 865 | - $mode = 0; |
|
| 866 | - $attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr); |
|
| 867 | - break; |
|
| 868 | - } |
|
| 869 | - if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value |
|
| 870 | - { |
|
| 871 | - $thisval = $this->removeBadProtocols($match[1]); |
|
| 872 | - $attrarr[] = array( |
|
| 873 | - 'name' => $attrname, |
|
| 874 | - 'value' => $thisval, |
|
| 875 | - 'whole' => $attrname . '="' . $thisval . '"', |
|
| 876 | - 'vless' => 'n' |
|
| 877 | - ); |
|
| 878 | - # We add quotes to conform to W3C's HTML spec. |
|
| 879 | - $working = 1; |
|
| 880 | - $mode = 0; |
|
| 881 | - $attr = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr); |
|
| 882 | - } |
|
| 883 | - break; |
|
| 884 | - } |
|
| 885 | - |
|
| 886 | - if ($working == 0) # not well formed, remove and try again |
|
| 887 | - { |
|
| 888 | - $attr = preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $attr); |
|
| 889 | - $mode = 0; |
|
| 890 | - } |
|
| 891 | - } |
|
| 892 | - |
|
| 893 | - # special case, for when the attribute list ends with a valueless |
|
| 894 | - # attribute like "selected" |
|
| 895 | - if ($mode == 1) |
|
| 896 | - { |
|
| 897 | - $attrarr[] = array( |
|
| 898 | - 'name' => $attrname, |
|
| 899 | - 'value' => '', |
|
| 900 | - 'whole' => $attrname, |
|
| 901 | - 'vless' => 'y' |
|
| 902 | - ); |
|
| 903 | - } |
|
| 904 | - |
|
| 905 | - return $attrarr; |
|
| 906 | - } |
|
| 907 | - |
|
| 908 | - /** |
|
| 909 | - * This method removes disallowed protocols. |
|
| 910 | - * |
|
| 911 | - * This method removes all non-allowed protocols from the beginning of |
|
| 912 | - * $string. It ignores whitespace and the case of the letters, and it does |
|
| 913 | - * understand HTML entities. It does its work in a while loop, so it won't be |
|
| 914 | - * fooled by a string like "javascript:javascript:alert(57)". |
|
| 915 | - * |
|
| 916 | - * @access private |
|
| 917 | - * @param string $string String to check for protocols |
|
| 918 | - * @return string String with removed protocols |
|
| 919 | - * @since PHP4 OOP 0.0.1 |
|
| 920 | - */ |
|
| 921 | - private function removeBadProtocols($string) |
|
| 922 | - { |
|
| 923 | - $string = $this->RemoveNulls($string); |
|
| 924 | - $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature" |
|
| 925 | - $string2 = $string . 'a'; |
|
| 926 | - |
|
| 927 | - $string2 = preg_split('/:|:|:/i', $string, 2); |
|
| 928 | - if(isset($string2[1]) && !preg_match('%/\?%',$string2[0])) |
|
| 929 | - { |
|
| 930 | - $string = $this->filterProtocols($string2[0]).trim($string2[1]); |
|
| 931 | - } |
|
| 932 | - return $string; |
|
| 933 | - } |
|
| 934 | - |
|
| 935 | - /** |
|
| 936 | - * Helper method used by removeBadProtocols() |
|
| 937 | - * |
|
| 938 | - * This function processes URL protocols, checks to see if they're in the white- |
|
| 939 | - * list or not, and returns different data depending on the answer. |
|
| 940 | - * |
|
| 941 | - * @access private |
|
| 942 | - * @param string $string String to check for protocols |
|
| 943 | - * @return string String with removed protocols |
|
| 944 | - * @see removeBadProtocols() |
|
| 945 | - * @since PHP4 OOP 0.0.1 |
|
| 946 | - */ |
|
| 947 | - private function filterProtocols($string) |
|
| 948 | - { |
|
| 949 | - $string = $this->decodeEntities($string); |
|
| 950 | - $string = preg_replace('/\s/', '', $string); |
|
| 951 | - $string = $this->removeNulls($string); |
|
| 952 | - $string = preg_replace('/\xad+/', '', $string2); # deals with Opera "feature" |
|
| 953 | - $string = strtolower($string); |
|
| 954 | - |
|
| 955 | - if(is_array($this->allowed_protocols) && count($this->allowed_protocols) > 0) |
|
| 956 | - { |
|
| 957 | - foreach ($this->allowed_protocols as $one_protocol) |
|
| 958 | - { |
|
| 959 | - if (strtolower($one_protocol) == $string) |
|
| 960 | - { |
|
| 961 | - return "$string:"; |
|
| 962 | - } |
|
| 963 | - } |
|
| 964 | - } |
|
| 965 | - |
|
| 966 | - return ''; |
|
| 967 | - } |
|
| 968 | - |
|
| 969 | - /** |
|
| 970 | - * Controller method for performing checks on attribute values. |
|
| 971 | - * |
|
| 972 | - * This method calls the appropriate method as specified by $checkname with |
|
| 973 | - * the parameters $value, $vless, and $checkvalue, and returns the result |
|
| 974 | - * of the call. |
|
| 975 | - * |
|
| 976 | - * This method's functionality can be expanded by creating new methods |
|
| 977 | - * that would match checkAttributeValue[$checkname]. |
|
| 978 | - * |
|
| 979 | - * Current checks implemented are: "maxlen", "minlen", "maxval", "minval" and "valueless" |
|
| 980 | - * |
|
| 981 | - * @access private |
|
| 982 | - * @param string $value The value of the attribute to be checked. |
|
| 983 | - * @param string $vless Indicates whether the the value is supposed to be valueless |
|
| 984 | - * @param string $checkname The check to be performed |
|
| 985 | - * @param string $checkvalue The value that is to be checked against |
|
| 986 | - * @return bool Indicates whether the check passed or not |
|
| 987 | - * @since PHP5 OOP 1.0.0 |
|
| 988 | - */ |
|
| 989 | - private function checkAttributeValue($value, $vless, $checkname, $checkvalue) |
|
| 990 | - { |
|
| 991 | - $ok = true; |
|
| 992 | - $check_attribute_method_name = 'checkAttributeValue' . ucfirst(strtolower($checkname)); |
|
| 993 | - if(method_exists($this, $check_attribute_method_name)) |
|
| 994 | - { |
|
| 995 | - $ok = $this->$check_attribute_method_name($value, $checkvalue, $vless); |
|
| 996 | - } |
|
| 997 | - |
|
| 998 | - return $ok; |
|
| 999 | - } |
|
| 1000 | - |
|
| 1001 | - /** |
|
| 1002 | - * Helper method invoked by checkAttributeValue(). |
|
| 1003 | - * |
|
| 1004 | - * The maxlen check makes sure that the attribute value has a length not |
|
| 1005 | - * greater than the given value. This can be used to avoid Buffer Overflows |
|
| 1006 | - * in WWW clients and various Internet servers. |
|
| 1007 | - * |
|
| 1008 | - * @access private |
|
| 1009 | - * @param string $value The value of the attribute to be checked. |
|
| 1010 | - * @param int $checkvalue The maximum value allowed |
|
| 1011 | - * @return bool Indicates whether the check passed or not |
|
| 1012 | - * @see checkAttributeValue() |
|
| 1013 | - * @since PHP5 OOP 1.0.0 |
|
| 1014 | - */ |
|
| 1015 | - private function checkAttributeValueMaxlen($value, $checkvalue) |
|
| 1016 | - { |
|
| 1017 | - if (strlen($value) > intval($checkvalue)) |
|
| 1018 | - { |
|
| 1019 | - return false; |
|
| 1020 | - } |
|
| 1021 | - return true; |
|
| 1022 | - } |
|
| 1023 | - |
|
| 1024 | - /** |
|
| 1025 | - * Helper method invoked by checkAttributeValue(). |
|
| 1026 | - * |
|
| 1027 | - * The minlen check makes sure that the attribute value has a length not |
|
| 1028 | - * smaller than the given value. |
|
| 1029 | - * |
|
| 1030 | - * @access private |
|
| 1031 | - * @param string $value The value of the attribute to be checked. |
|
| 1032 | - * @param int $checkvalue The minimum value allowed |
|
| 1033 | - * @return bool Indicates whether the check passed or not |
|
| 1034 | - * @see checkAttributeValue() |
|
| 1035 | - * @since PHP5 OOP 1.0.0 |
|
| 1036 | - */ |
|
| 1037 | - private function checkAttributeValueMinlen($value, $checkvalue) |
|
| 1038 | - { |
|
| 1039 | - if (strlen($value) < intval($checkvalue)) |
|
| 1040 | - { |
|
| 1041 | - return false; |
|
| 1042 | - } |
|
| 1043 | - return true; |
|
| 1044 | - } |
|
| 1045 | - |
|
| 1046 | - /** |
|
| 1047 | - * Helper method invoked by checkAttributeValue(). |
|
| 1048 | - * |
|
| 1049 | - * The maxval check does two things: it checks that the attribute value is |
|
| 1050 | - * an integer from 0 and up, without an excessive amount of zeroes or |
|
| 1051 | - * whitespace (to avoid Buffer Overflows). It also checks that the attribute |
|
| 1052 | - * value is not greater than the given value. |
|
| 1053 | - * |
|
| 1054 | - * This check can be used to avoid Denial of Service attacks. |
|
| 1055 | - * |
|
| 1056 | - * @access private |
|
| 1057 | - * @param int $value The value of the attribute to be checked. |
|
| 1058 | - * @param int $checkvalue The maximum numeric value allowed |
|
| 1059 | - * @return bool Indicates whether the check passed or not |
|
| 1060 | - * @see checkAttributeValue() |
|
| 1061 | - * @since PHP5 OOP 1.0.0 |
|
| 1062 | - */ |
|
| 1063 | - private function checkAttributeValueMaxval($value, $checkvalue) |
|
| 1064 | - { |
|
| 1065 | - if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
|
| 1066 | - { |
|
| 1067 | - return false; |
|
| 1068 | - } |
|
| 1069 | - if (intval($value) > intval($checkvalue)) |
|
| 1070 | - { |
|
| 1071 | - return false; |
|
| 1072 | - } |
|
| 1073 | - return true; |
|
| 1074 | - } |
|
| 1075 | - |
|
| 1076 | - /** |
|
| 1077 | - * Helper method invoked by checkAttributeValue(). |
|
| 1078 | - * |
|
| 1079 | - * The minval check checks that the attribute value is a positive integer, |
|
| 1080 | - * and that it is not smaller than the given value. |
|
| 1081 | - * |
|
| 1082 | - * @access private |
|
| 1083 | - * @param int $value The value of the attribute to be checked. |
|
| 1084 | - * @param int $checkvalue The minimum numeric value allowed |
|
| 1085 | - * @return bool Indicates whether the check passed or not |
|
| 1086 | - * @see checkAttributeValue() |
|
| 1087 | - * @since PHP5 OOP 1.0.0 |
|
| 1088 | - */ |
|
| 1089 | - private function checkAttributeValueMinval($value, $checkvalue) |
|
| 1090 | - { |
|
| 1091 | - if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
|
| 1092 | - { |
|
| 1093 | - return false; |
|
| 1094 | - } |
|
| 1095 | - if (intval($value) < ($checkvalue)) |
|
| 1096 | - { |
|
| 1097 | - return false; |
|
| 1098 | - } |
|
| 1099 | - return true; |
|
| 1100 | - } |
|
| 1101 | - |
|
| 1102 | - /** |
|
| 1103 | - * Helper method invoked by checkAttributeValue(). |
|
| 1104 | - * |
|
| 1105 | - * The valueless check checks if the attribute has a value |
|
| 1106 | - * (like <a href="blah">) or not (<option selected>). If the given value |
|
| 1107 | - * is a "y" or a "Y", the attribute must not have a value. |
|
| 1108 | - * |
|
| 1109 | - * If the given value is an "n" or an "N", the attribute must have one. |
|
| 1110 | - * |
|
| 1111 | - * @access private |
|
| 1112 | - * @param int $value The value of the attribute to be checked. |
|
| 1113 | - * @param mixed $checkvalue This variable is ignored for this test |
|
| 1114 | - * @param string $vless Flag indicating if this attribute is not supposed to have an attribute |
|
| 1115 | - * @return bool Indicates whether the check passed or not |
|
| 1116 | - * @see checkAttributeValue() |
|
| 1117 | - * @since PHP5 OOP 1.0.0 |
|
| 1118 | - */ |
|
| 1119 | - private function checkAttributeValueValueless($value, $checkvalue, $vless) |
|
| 1120 | - { |
|
| 1121 | - if (strtolower($checkvalue) != $vless) |
|
| 1122 | - { |
|
| 1123 | - return false; |
|
| 1124 | - } |
|
| 1125 | - return true; |
|
| 1126 | - } |
|
| 1127 | - |
|
| 1128 | - /** |
|
| 1129 | - * Decodes numeric HTML entities |
|
| 1130 | - * |
|
| 1131 | - * This method decodes numeric HTML entities (A and A). It doesn't |
|
| 1132 | - * do anything with other entities like ä, but we don't need them in the |
|
| 1133 | - * URL protocol white listing system anyway. |
|
| 1134 | - * |
|
| 1135 | - * @access private |
|
| 1136 | - * @param string $value The entitiy to be decoded. |
|
| 1137 | - * @return string Decoded entity |
|
| 1138 | - * @since PHP4 OOP 0.0.1 |
|
| 1139 | - */ |
|
| 1140 | - private function decodeEntities($string) |
|
| 1141 | - { |
|
| 1142 | - $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string); |
|
| 1143 | - $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', $string); |
|
| 1144 | - return $string; |
|
| 1145 | - } |
|
| 1146 | - |
|
| 1147 | - /** |
|
| 1148 | - * Returns PHP5 OOP version # of kses. |
|
| 1149 | - * |
|
| 1150 | - * Since this class has been refactored and documented and proven to work, |
|
| 1151 | - * I'm fixing the version number at 1.0.0. |
|
| 1152 | - * |
|
| 1153 | - * This version is syntax compatible with the PHP4 OOP version 0.0.2. Future |
|
| 1154 | - * versions may not be syntax compatible. |
|
| 1155 | - * |
|
| 1156 | - * @access public |
|
| 1157 | - * @return string Version number |
|
| 1158 | - * @since PHP4 OOP 0.0.1 |
|
| 1159 | - */ |
|
| 1160 | - public function Version() |
|
| 1161 | - { |
|
| 1162 | - return 'PHP5 OOP 1.0.2'; |
|
| 1163 | - } |
|
| 1164 | - } |
|
| 1165 | - } |
|
| 113 | + private $allowed_protocols; |
|
| 114 | + private $allowed_html; |
|
| 115 | + /**#@-*/ |
|
| 116 | + |
|
| 117 | + /** |
|
| 118 | + * Constructor for kses. |
|
| 119 | + * |
|
| 120 | + * This sets a default collection of protocols allowed in links, and creates an |
|
| 121 | + * empty set of allowed HTML tags. |
|
| 122 | + * @since PHP5 OOP 1.0.0 |
|
| 123 | + */ |
|
| 124 | + public function __construct() |
|
| 125 | + { |
|
| 126 | + /** |
|
| 127 | + * You could add protocols such as ftp, new, gopher, mailto, irc, etc. |
|
| 128 | + * |
|
| 129 | + * The base values the original kses provided were: |
|
| 130 | + * 'http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto' |
|
| 131 | + */ |
|
| 132 | + $this->allowed_protocols = array('http', 'ftp', 'mailto'); |
|
| 133 | + $this->allowed_html = array(); |
|
| 134 | + } |
|
| 135 | + |
|
| 136 | + /** |
|
| 137 | + * Basic task of kses - parses $string and strips it as required. |
|
| 138 | + * |
|
| 139 | + * This method strips all the disallowed (X)HTML tags, attributes |
|
| 140 | + * and protocols from the input $string. |
|
| 141 | + * |
|
| 142 | + * @access public |
|
| 143 | + * @param string $string String to be stripped of 'evil scripts' |
|
| 144 | + * @return string The stripped string |
|
| 145 | + * @since PHP4 OOP 0.0.1 |
|
| 146 | + */ |
|
| 147 | + public function Parse($string = "") |
|
| 148 | + { |
|
| 149 | + if (get_magic_quotes_gpc()) |
|
| 150 | + { |
|
| 151 | + $string = stripslashes($string); |
|
| 152 | + } |
|
| 153 | + $string = $this->removeNulls($string); |
|
| 154 | + // Remove JavaScript entities from early Netscape 4 versions |
|
| 155 | + $string = preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string); |
|
| 156 | + $string = $this->normalizeEntities($string); |
|
| 157 | + $string = $this->filterKsesTextHook($string); |
|
| 158 | + $string = preg_replace('%(<' . '[^>]*' . '(>|$)' . '|>)%e', "\$this->stripTags('\\1')", $string); |
|
| 159 | + return $string; |
|
| 160 | + } |
|
| 161 | + |
|
| 162 | + /** |
|
| 163 | + * Allows for single/batch addition of protocols |
|
| 164 | + * |
|
| 165 | + * This method accepts one argument that can be either a string |
|
| 166 | + * or an array of strings. Invalid data will be ignored. |
|
| 167 | + * |
|
| 168 | + * The argument will be processed, and each string will be added |
|
| 169 | + * via AddProtocol(). |
|
| 170 | + * |
|
| 171 | + * @access public |
|
| 172 | + * @param mixed , A string or array of protocols that will be added to the internal list of allowed protocols. |
|
| 173 | + * @return bool Status of adding valid protocols. |
|
| 174 | + * @see AddProtocol() |
|
| 175 | + * @since PHP5 OOP 1.0.0 |
|
| 176 | + */ |
|
| 177 | + public function AddProtocols() |
|
| 178 | + { |
|
| 179 | + $c_args = func_num_args(); |
|
| 180 | + if($c_args != 1) |
|
| 181 | + { |
|
| 182 | + trigger_error("kses5::AddProtocols() did not receive an argument.", E_USER_WARNING); |
|
| 183 | + return false; |
|
| 184 | + } |
|
| 185 | + |
|
| 186 | + $protocol_data = func_get_arg(0); |
|
| 187 | + |
|
| 188 | + if(is_array($protocol_data) && count($protocol_data) > 0) |
|
| 189 | + { |
|
| 190 | + foreach($protocol_data as $protocol) |
|
| 191 | + { |
|
| 192 | + $this->AddProtocol($protocol); |
|
| 193 | + } |
|
| 194 | + return true; |
|
| 195 | + } |
|
| 196 | + elseif(is_string($protocol_data)) |
|
| 197 | + { |
|
| 198 | + $this->AddProtocol($protocol_data); |
|
| 199 | + return true; |
|
| 200 | + } |
|
| 201 | + else |
|
| 202 | + { |
|
| 203 | + trigger_error("kses5::AddProtocols() did not receive a string or an array.", E_USER_WARNING); |
|
| 204 | + return false; |
|
| 205 | + } |
|
| 206 | + } |
|
| 207 | + |
|
| 208 | + /** |
|
| 209 | + * Allows for single/batch addition of protocols |
|
| 210 | + * |
|
| 211 | + * @deprecated Use AddProtocols() |
|
| 212 | + * @see AddProtocols() |
|
| 213 | + * @return bool |
|
| 214 | + * @since PHP4 OOP 0.0.1 |
|
| 215 | + */ |
|
| 216 | + public function Protocols() |
|
| 217 | + { |
|
| 218 | + $c_args = func_num_args(); |
|
| 219 | + if($c_args != 1) |
|
| 220 | + { |
|
| 221 | + trigger_error("kses5::Protocols() did not receive an argument.", E_USER_WARNING); |
|
| 222 | + return false; |
|
| 223 | + } |
|
| 224 | + |
|
| 225 | + return $this->AddProtocols(func_get_arg(0)); |
|
| 226 | + } |
|
| 227 | + |
|
| 228 | + /** |
|
| 229 | + * Adds a single protocol to $this->allowed_protocols. |
|
| 230 | + * |
|
| 231 | + * This method accepts a string argument and adds it to |
|
| 232 | + * the list of allowed protocols to keep when performing |
|
| 233 | + * Parse(). |
|
| 234 | + * |
|
| 235 | + * @access public |
|
| 236 | + * @param string $protocol The name of the protocol to be added. |
|
| 237 | + * @return bool Status of adding valid protocol. |
|
| 238 | + * @since PHP4 OOP 0.0.1 |
|
| 239 | + */ |
|
| 240 | + public function AddProtocol($protocol = "") |
|
| 241 | + { |
|
| 242 | + if(!is_string($protocol)) |
|
| 243 | + { |
|
| 244 | + trigger_error("kses5::AddProtocol() requires a string.", E_USER_WARNING); |
|
| 245 | + return false; |
|
| 246 | + } |
|
| 247 | + |
|
| 248 | + // Remove any inadvertent ':' at the end of the protocol. |
|
| 249 | + if(substr($protocol, strlen($protocol) - 1, 1) == ":") |
|
| 250 | + { |
|
| 251 | + $protocol = substr($protocol, 0, strlen($protocol) - 1); |
|
| 252 | + } |
|
| 253 | + |
|
| 254 | + $protocol = strtolower(trim($protocol)); |
|
| 255 | + if($protocol == "") |
|
| 256 | + { |
|
| 257 | + trigger_error("kses5::AddProtocol() tried to add an empty/NULL protocol.", E_USER_WARNING); |
|
| 258 | + return false; |
|
| 259 | + } |
|
| 260 | + |
|
| 261 | + // prevent duplicate protocols from being added. |
|
| 262 | + if(!in_array($protocol, $this->allowed_protocols)) |
|
| 263 | + { |
|
| 264 | + array_push($this->allowed_protocols, $protocol); |
|
| 265 | + sort($this->allowed_protocols); |
|
| 266 | + } |
|
| 267 | + return true; |
|
| 268 | + } |
|
| 269 | + |
|
| 270 | + /** |
|
| 271 | + * Removes a single protocol from $this->allowed_protocols. |
|
| 272 | + * |
|
| 273 | + * This method accepts a string argument and removes it from |
|
| 274 | + * the list of allowed protocols to keep when performing |
|
| 275 | + * Parse(). |
|
| 276 | + * |
|
| 277 | + * @access public |
|
| 278 | + * @param string $protocol The name of the protocol to be removed. |
|
| 279 | + * @return bool Status of removing valid protocol. |
|
| 280 | + * @since PHP5 OOP 1.0.0 |
|
| 281 | + */ |
|
| 282 | + public function RemoveProtocol($protocol = "") |
|
| 283 | + { |
|
| 284 | + if(!is_string($protocol)) |
|
| 285 | + { |
|
| 286 | + trigger_error("kses5::RemoveProtocol() requires a string.", E_USER_WARNING); |
|
| 287 | + return false; |
|
| 288 | + } |
|
| 289 | + |
|
| 290 | + // Remove any inadvertent ':' at the end of the protocol. |
|
| 291 | + if(substr($protocol, strlen($protocol) - 1, 1) == ":") |
|
| 292 | + { |
|
| 293 | + $protocol = substr($protocol, 0, strlen($protocol) - 1); |
|
| 294 | + } |
|
| 295 | + |
|
| 296 | + $protocol = strtolower(trim($protocol)); |
|
| 297 | + if($protocol == "") |
|
| 298 | + { |
|
| 299 | + trigger_error("kses5::RemoveProtocol() tried to remove an empty/NULL protocol.", E_USER_WARNING); |
|
| 300 | + return false; |
|
| 301 | + } |
|
| 302 | + |
|
| 303 | + // Ensures that the protocol exists before removing it. |
|
| 304 | + if(in_array($protocol, $this->allowed_protocols)) |
|
| 305 | + { |
|
| 306 | + $this->allowed_protocols = array_diff($this->allowed_protocols, array($protocol)); |
|
| 307 | + sort($this->allowed_protocols); |
|
| 308 | + } |
|
| 309 | + |
|
| 310 | + return true; |
|
| 311 | + } |
|
| 312 | + |
|
| 313 | + /** |
|
| 314 | + * Allows for single/batch removal of protocols |
|
| 315 | + * |
|
| 316 | + * This method accepts one argument that can be either a string |
|
| 317 | + * or an array of strings. Invalid data will be ignored. |
|
| 318 | + * |
|
| 319 | + * The argument will be processed, and each string will be removed |
|
| 320 | + * via RemoveProtocol(). |
|
| 321 | + * |
|
| 322 | + * @access public |
|
| 323 | + * @param mixed , A string or array of protocols that will be removed from the internal list of allowed protocols. |
|
| 324 | + * @return bool Status of removing valid protocols. |
|
| 325 | + * @see RemoveProtocol() |
|
| 326 | + * @since PHP5 OOP 1.0.0 |
|
| 327 | + */ |
|
| 328 | + public function RemoveProtocols() |
|
| 329 | + { |
|
| 330 | + $c_args = func_num_args(); |
|
| 331 | + if($c_args != 1) |
|
| 332 | + { |
|
| 333 | + return false; |
|
| 334 | + } |
|
| 335 | + |
|
| 336 | + $protocol_data = func_get_arg(0); |
|
| 337 | + |
|
| 338 | + if(is_array($protocol_data) && count($protocol_data) > 0) |
|
| 339 | + { |
|
| 340 | + foreach($protocol_data as $protocol) |
|
| 341 | + { |
|
| 342 | + $this->RemoveProtocol($protocol); |
|
| 343 | + } |
|
| 344 | + } |
|
| 345 | + elseif(is_string($protocol_data)) |
|
| 346 | + { |
|
| 347 | + $this->RemoveProtocol($protocol_data); |
|
| 348 | + return true; |
|
| 349 | + } |
|
| 350 | + else |
|
| 351 | + { |
|
| 352 | + trigger_error("kses5::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING); |
|
| 353 | + return false; |
|
| 354 | + } |
|
| 355 | + } |
|
| 356 | + |
|
| 357 | + /** |
|
| 358 | + * Allows for single/batch replacement of protocols |
|
| 359 | + * |
|
| 360 | + * This method accepts one argument that can be either a string |
|
| 361 | + * or an array of strings. Invalid data will be ignored. |
|
| 362 | + * |
|
| 363 | + * Existing protocols will be removed, then the argument will be |
|
| 364 | + * processed, and each string will be added via AddProtocol(). |
|
| 365 | + * |
|
| 366 | + * @access public |
|
| 367 | + * @param mixed , A string or array of protocols that will be the new internal list of allowed protocols. |
|
| 368 | + * @return bool Status of replacing valid protocols. |
|
| 369 | + * @since PHP5 OOP 1.0.1 |
|
| 370 | + * @see AddProtocol() |
|
| 371 | + */ |
|
| 372 | + public function SetProtocols() |
|
| 373 | + { |
|
| 374 | + $c_args = func_num_args(); |
|
| 375 | + if($c_args != 1) |
|
| 376 | + { |
|
| 377 | + trigger_error("kses5::SetProtocols() did not receive an argument.", E_USER_WARNING); |
|
| 378 | + return false; |
|
| 379 | + } |
|
| 380 | + |
|
| 381 | + $protocol_data = func_get_arg(0); |
|
| 382 | + |
|
| 383 | + if(is_array($protocol_data) && count($protocol_data) > 0) |
|
| 384 | + { |
|
| 385 | + $this->allowed_protocols = array(); |
|
| 386 | + foreach($protocol_data as $protocol) |
|
| 387 | + { |
|
| 388 | + $this->AddProtocol($protocol); |
|
| 389 | + } |
|
| 390 | + return true; |
|
| 391 | + } |
|
| 392 | + elseif(is_string($protocol_data)) |
|
| 393 | + { |
|
| 394 | + $this->allowed_protocols = array(); |
|
| 395 | + $this->AddProtocol($protocol_data); |
|
| 396 | + return true; |
|
| 397 | + } |
|
| 398 | + else |
|
| 399 | + { |
|
| 400 | + trigger_error("kses5::SetProtocols() did not receive a string or an array.", E_USER_WARNING); |
|
| 401 | + return false; |
|
| 402 | + } |
|
| 403 | + } |
|
| 404 | + |
|
| 405 | + /** |
|
| 406 | + * Raw dump of allowed protocols |
|
| 407 | + * |
|
| 408 | + * This returns an indexed array of allowed protocols for a particular KSES |
|
| 409 | + * instantiation. |
|
| 410 | + * |
|
| 411 | + * @access public |
|
| 412 | + * @return array The list of allowed protocols. |
|
| 413 | + * @since PHP5 OOP 1.0.2 |
|
| 414 | + */ |
|
| 415 | + public function DumpProtocols() |
|
| 416 | + { |
|
| 417 | + return $this->allowed_protocols; |
|
| 418 | + } |
|
| 419 | + |
|
| 420 | + /** |
|
| 421 | + * Raw dump of allowed (X)HTML elements |
|
| 422 | + * |
|
| 423 | + * This returns an indexed array of allowed (X)HTML elements and attributes |
|
| 424 | + * for a particular KSES instantiation. |
|
| 425 | + * |
|
| 426 | + * @access public |
|
| 427 | + * @return array The list of allowed elements. |
|
| 428 | + * @since PHP5 OOP 1.0.2 |
|
| 429 | + */ |
|
| 430 | + public function DumpElements() |
|
| 431 | + { |
|
| 432 | + return $this->allowed_html; |
|
| 433 | + } |
|
| 434 | + |
|
| 435 | + |
|
| 436 | + /** |
|
| 437 | + * Adds valid (X)HTML with corresponding attributes that will be kept when stripping 'evil scripts'. |
|
| 438 | + * |
|
| 439 | + * This method accepts one argument that can be either a string |
|
| 440 | + * or an array of strings. Invalid data will be ignored. |
|
| 441 | + * |
|
| 442 | + * @access public |
|
| 443 | + * @param string $tag (X)HTML tag that will be allowed after stripping text. |
|
| 444 | + * @param array $attribs Associative array of allowed attributes - key => attribute name - value => attribute parameter |
|
| 445 | + * @return bool Status of Adding (X)HTML and attributes. |
|
| 446 | + * @since PHP4 OOP 0.0.1 |
|
| 447 | + */ |
|
| 448 | + public function AddHTML($tag = "", $attribs = array()) |
|
| 449 | + { |
|
| 450 | + if(!is_string($tag)) |
|
| 451 | + { |
|
| 452 | + trigger_error("kses5::AddHTML() requires the tag to be a string", E_USER_WARNING); |
|
| 453 | + return false; |
|
| 454 | + } |
|
| 455 | + |
|
| 456 | + $tag = strtolower(trim($tag)); |
|
| 457 | + if($tag == "") |
|
| 458 | + { |
|
| 459 | + trigger_error("kses5::AddHTML() tried to add an empty/NULL tag", E_USER_WARNING); |
|
| 460 | + return false; |
|
| 461 | + } |
|
| 462 | + |
|
| 463 | + if(!is_array($attribs)) |
|
| 464 | + { |
|
| 465 | + trigger_error("kses5::AddHTML() requires an array (even an empty one) of attributes for '$tag'", E_USER_WARNING); |
|
| 466 | + return false; |
|
| 467 | + } |
|
| 468 | + |
|
| 469 | + $new_attribs = array(); |
|
| 470 | + if(is_array($attribs) && count($attribs) > 0) |
|
| 471 | + { |
|
| 472 | + foreach($attribs as $idx1 => $val1) |
|
| 473 | + { |
|
| 474 | + $new_idx1 = strtolower($idx1); |
|
| 475 | + $new_val1 = $attribs[$idx1]; |
|
| 476 | + |
|
| 477 | + if(is_array($new_val1) && count($attribs) > 0) |
|
| 478 | + { |
|
| 479 | + $tmp_val = array(); |
|
| 480 | + foreach($new_val1 as $idx2 => $val2) |
|
| 481 | + { |
|
| 482 | + $new_idx2 = strtolower($idx2); |
|
| 483 | + $tmp_val[$new_idx2] = $val2; |
|
| 484 | + } |
|
| 485 | + $new_val1 = $tmp_val; |
|
| 486 | + } |
|
| 487 | + |
|
| 488 | + $new_attribs[$new_idx1] = $new_val1; |
|
| 489 | + } |
|
| 490 | + } |
|
| 491 | + |
|
| 492 | + $this->allowed_html[$tag] = $new_attribs; |
|
| 493 | + return true; |
|
| 494 | + } |
|
| 495 | + |
|
| 496 | + /** |
|
| 497 | + * This method removes any NULL characters in $string. |
|
| 498 | + * |
|
| 499 | + * @access private |
|
| 500 | + * @param string $string |
|
| 501 | + * @return string String without any NULL/chr(173) |
|
| 502 | + * @since PHP4 OOP 0.0.1 |
|
| 503 | + */ |
|
| 504 | + private function removeNulls($string) |
|
| 505 | + { |
|
| 506 | + $string = preg_replace('/\0+/', '', $string); |
|
| 507 | + $string = preg_replace('/(\\\\0)+/', '', $string); |
|
| 508 | + return $string; |
|
| 509 | + } |
|
| 510 | + |
|
| 511 | + /** |
|
| 512 | + * Normalizes HTML entities |
|
| 513 | + * |
|
| 514 | + * This function normalizes HTML entities. It will convert "AT&T" to the correct |
|
| 515 | + * "AT&T", ":" to ":", "&#XYZZY;" to "&#XYZZY;" and so on. |
|
| 516 | + * |
|
| 517 | + * @access private |
|
| 518 | + * @param string $string |
|
| 519 | + * @return string String with normalized entities |
|
| 520 | + * @since PHP4 OOP 0.0.1 |
|
| 521 | + */ |
|
| 522 | + private function normalizeEntities($string) |
|
| 523 | + { |
|
| 524 | + # Disarm all entities by converting & to & |
|
| 525 | + $string = str_replace('&', '&', $string); |
|
| 526 | + |
|
| 527 | + # TODO: Change back (Keep?) the allowed entities in our entity white list |
|
| 528 | + |
|
| 529 | + # Keeps entities that start with [A-Za-z] |
|
| 530 | + $string = preg_replace( |
|
| 531 | + '/&([A-Za-z][A-Za-z0-9]{0,19});/', |
|
| 532 | + '&\\1;', |
|
| 533 | + $string |
|
| 534 | + ); |
|
| 535 | + |
|
| 536 | + # Change numeric entities to valid 16 bit values |
|
| 537 | + |
|
| 538 | + $string = preg_replace( |
|
| 539 | + '/&#0*([0-9]{1,5});/e', |
|
| 540 | + '\$this->normalizeEntities16bit("\\1")', |
|
| 541 | + $string |
|
| 542 | + ); |
|
| 543 | + |
|
| 544 | + # Change &XHHHHHHH (Hex digits) to 16 bit hex values |
|
| 545 | + $string = preg_replace( |
|
| 546 | + '/&#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', |
|
| 547 | + '&#\\1\\2;', |
|
| 548 | + $string |
|
| 549 | + ); |
|
| 550 | + |
|
| 551 | + return $string; |
|
| 552 | + } |
|
| 553 | + |
|
| 554 | + /** |
|
| 555 | + * Helper method used by normalizeEntites() |
|
| 556 | + * |
|
| 557 | + * This method helps normalizeEntities() to only accept 16 bit values |
|
| 558 | + * and nothing more for &#number; entities. |
|
| 559 | + * |
|
| 560 | + * This method helps normalize_entities() during a preg_replace() |
|
| 561 | + * where a &#(0)*XXXXX; occurs. The '(0)*XXXXXX' value is converted to |
|
| 562 | + * a number and the result is returned as a numeric entity if the number |
|
| 563 | + * is less than 65536. Otherwise, the value is returned 'as is'. |
|
| 564 | + * |
|
| 565 | + * @access private |
|
| 566 | + * @param string $i |
|
| 567 | + * @return string Normalized numeric entity |
|
| 568 | + * @see normalizeEntities() |
|
| 569 | + * @since PHP4 OOP 0.0.1 |
|
| 570 | + */ |
|
| 571 | + private function normalizeEntities16bit($i) |
|
| 572 | + { |
|
| 573 | + return (($i > 65535) ? "&#$i;" : "&#$i;"); |
|
| 574 | + } |
|
| 575 | + |
|
| 576 | + /** |
|
| 577 | + * Allows for additional user defined modifications to text. |
|
| 578 | + * |
|
| 579 | + * This method allows for additional modifications to be performed on |
|
| 580 | + * a string that's being run through Parse(). Currently, it returns the |
|
| 581 | + * input string 'as is'. |
|
| 582 | + * |
|
| 583 | + * This method is provided for users to extend the kses class for their own |
|
| 584 | + * requirements. |
|
| 585 | + * |
|
| 586 | + * @access public |
|
| 587 | + * @param string $string String to perfrom additional modifications on. |
|
| 588 | + * @return string User modified string. |
|
| 589 | + * @see Parse() |
|
| 590 | + * @since PHP5 OOP 1.0.0 |
|
| 591 | + */ |
|
| 592 | + private function filterKsesTextHook($string) |
|
| 593 | + { |
|
| 594 | + return $string; |
|
| 595 | + } |
|
| 596 | + |
|
| 597 | + /** |
|
| 598 | + * Allows for additional user defined modifications to text. |
|
| 599 | + * |
|
| 600 | + * @deprecated use filterKsesTextHook() |
|
| 601 | + * @param string $string |
|
| 602 | + * @return string |
|
| 603 | + * @see filterKsesTextHook() |
|
| 604 | + * @since PHP4 OOP 0.0.1 |
|
| 605 | + */ |
|
| 606 | + private function _hook($string) |
|
| 607 | + { |
|
| 608 | + return $this->filterKsesTextHook($string); |
|
| 609 | + } |
|
| 610 | + |
|
| 611 | + /** |
|
| 612 | + * This method goes through an array, and changes the keys to all lower case. |
|
| 613 | + * |
|
| 614 | + * @access private |
|
| 615 | + * @param array $in_array Associative array |
|
| 616 | + * @return array Modified array |
|
| 617 | + * @since PHP4 OOP 0.0.1 |
|
| 618 | + */ |
|
| 619 | + private function makeArrayKeysLowerCase($in_array) |
|
| 620 | + { |
|
| 621 | + $out_array = array(); |
|
| 622 | + |
|
| 623 | + if(is_array($in_array) && count($in_array) > 0) |
|
| 624 | + { |
|
| 625 | + foreach ($in_array as $in_key => $in_val) |
|
| 626 | + { |
|
| 627 | + $out_key = strtolower($in_key); |
|
| 628 | + $out_array[$out_key] = array(); |
|
| 629 | + |
|
| 630 | + if(is_array($in_val) && count($in_val) > 0) |
|
| 631 | + { |
|
| 632 | + foreach ($in_val as $in_key2 => $in_val2) |
|
| 633 | + { |
|
| 634 | + $out_key2 = strtolower($in_key2); |
|
| 635 | + $out_array[$out_key][$out_key2] = $in_val2; |
|
| 636 | + } |
|
| 637 | + } |
|
| 638 | + } |
|
| 639 | + } |
|
| 640 | + |
|
| 641 | + return $out_array; |
|
| 642 | + } |
|
| 643 | + |
|
| 644 | + /** |
|
| 645 | + * This method strips out disallowed and/or mangled (X)HTML tags along with assigned attributes. |
|
| 646 | + * |
|
| 647 | + * This method does a lot of work. It rejects some very malformed things |
|
| 648 | + * like <:::>. It returns an empty string if the element isn't allowed (look |
|
| 649 | + * ma, no strip_tags()!). Otherwise it splits the tag into an element and an |
|
| 650 | + * allowed attribute list. |
|
| 651 | + * |
|
| 652 | + * @access private |
|
| 653 | + * @param string $string |
|
| 654 | + * @return string Modified string minus disallowed/mangled (X)HTML and attributes |
|
| 655 | + * @since PHP4 OOP 0.0.1 |
|
| 656 | + */ |
|
| 657 | + private function stripTags($string) |
|
| 658 | + { |
|
| 659 | + $string = preg_replace('%\\\\"%', '"', $string); |
|
| 660 | + |
|
| 661 | + if (substr($string, 0, 1) != '<') |
|
| 662 | + { |
|
| 663 | + # It matched a ">" character |
|
| 664 | + return '>'; |
|
| 665 | + } |
|
| 666 | + |
|
| 667 | + if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) |
|
| 668 | + { |
|
| 669 | + # It's seriously malformed |
|
| 670 | + return ''; |
|
| 671 | + } |
|
| 672 | + |
|
| 673 | + $slash = trim($matches[1]); |
|
| 674 | + $elem = $matches[2]; |
|
| 675 | + $attrlist = $matches[3]; |
|
| 676 | + |
|
| 677 | + if ( |
|
| 678 | + !isset($this->allowed_html[strtolower($elem)]) || |
|
| 679 | + !is_array($this->allowed_html[strtolower($elem)])) |
|
| 680 | + { |
|
| 681 | + # Found an HTML element not in the white list |
|
| 682 | + return ''; |
|
| 683 | + } |
|
| 684 | + |
|
| 685 | + if ($slash != '') |
|
| 686 | + { |
|
| 687 | + return "<$slash$elem>"; |
|
| 688 | + } |
|
| 689 | + # No attributes are allowed for closing elements |
|
| 690 | + |
|
| 691 | + return $this->stripAttributes("$slash$elem", $attrlist); |
|
| 692 | + } |
|
| 693 | + |
|
| 694 | + /** |
|
| 695 | + * This method strips out disallowed attributes for (X)HTML tags. |
|
| 696 | + * |
|
| 697 | + * This method removes all attributes if none are allowed for this element. |
|
| 698 | + * If some are allowed it calls combAttributes() to split them further, and then it |
|
| 699 | + * builds up new HTML code from the data that combAttributes() returns. It also |
|
| 700 | + * removes "<" and ">" characters, if there are any left. One more thing it |
|
| 701 | + * does is to check if the tag has a closing XHTML slash, and if it does, |
|
| 702 | + * it puts one in the returned code as well. |
|
| 703 | + * |
|
| 704 | + * @access private |
|
| 705 | + * @param string $element (X)HTML tag to check |
|
| 706 | + * @param string $attr Text containing attributes to check for validity. |
|
| 707 | + * @return string Resulting valid (X)HTML or '' |
|
| 708 | + * @see combAttributes() |
|
| 709 | + * @since PHP4 OOP 0.0.1 |
|
| 710 | + */ |
|
| 711 | + private function stripAttributes($element, $attr) |
|
| 712 | + { |
|
| 713 | + # Is there a closing XHTML slash at the end of the attributes? |
|
| 714 | + $xhtml_slash = ''; |
|
| 715 | + if (preg_match('%\s/\s*$%', $attr)) |
|
| 716 | + { |
|
| 717 | + $xhtml_slash = ' /'; |
|
| 718 | + } |
|
| 719 | + |
|
| 720 | + # Are any attributes allowed at all for this element? |
|
| 721 | + if ( |
|
| 722 | + !isset($this->allowed_html[strtolower($element)]) || |
|
| 723 | + count($this->allowed_html[strtolower($element)]) == 0 |
|
| 724 | + ) |
|
| 725 | + { |
|
| 726 | + return "<$element$xhtml_slash>"; |
|
| 727 | + } |
|
| 728 | + |
|
| 729 | + # Split it |
|
| 730 | + $attrarr = $this->combAttributes($attr); |
|
| 731 | + |
|
| 732 | + # Go through $attrarr, and save the allowed attributes for this element |
|
| 733 | + # in $attr2 |
|
| 734 | + $attr2 = ''; |
|
| 735 | + if(is_array($attrarr) && count($attrarr) > 0) |
|
| 736 | + { |
|
| 737 | + foreach ($attrarr as $arreach) |
|
| 738 | + { |
|
| 739 | + if(!isset($this->allowed_html[strtolower($element)][strtolower($arreach['name'])])) |
|
| 740 | + { |
|
| 741 | + continue; |
|
| 742 | + } |
|
| 743 | + |
|
| 744 | + $current = $this->allowed_html[strtolower($element)][strtolower($arreach['name'])]; |
|
| 745 | + |
|
| 746 | + if (!is_array($current)) |
|
| 747 | + { |
|
| 748 | + # there are no checks |
|
| 749 | + $attr2 .= ' '.$arreach['whole']; |
|
| 750 | + } |
|
| 751 | + else |
|
| 752 | + { |
|
| 753 | + # there are some checks |
|
| 754 | + $ok = true; |
|
| 755 | + if(is_array($current) && count($current) > 0) |
|
| 756 | + { |
|
| 757 | + foreach ($current as $currkey => $currval) |
|
| 758 | + { |
|
| 759 | + if (!$this->checkAttributeValue($arreach['value'], $arreach['vless'], $currkey, $currval)) |
|
| 760 | + { |
|
| 761 | + $ok = false; |
|
| 762 | + break; |
|
| 763 | + } |
|
| 764 | + } |
|
| 765 | + } |
|
| 766 | + |
|
| 767 | + if ($ok) |
|
| 768 | + { |
|
| 769 | + # it passed them |
|
| 770 | + $attr2 .= ' '.$arreach['whole']; |
|
| 771 | + } |
|
| 772 | + } |
|
| 773 | + } |
|
| 774 | + } |
|
| 775 | + |
|
| 776 | + # Remove any "<" or ">" characters |
|
| 777 | + $attr2 = preg_replace('/[<>]/', '', $attr2); |
|
| 778 | + return "<$element$attr2$xhtml_slash>"; |
|
| 779 | + } |
|
| 780 | + |
|
| 781 | + /** |
|
| 782 | + * This method combs through an attribute list string and returns an associative array of attributes and values. |
|
| 783 | + * |
|
| 784 | + * This method does a lot of work. It parses an attribute list into an array |
|
| 785 | + * with attribute data, and tries to do the right thing even if it gets weird |
|
| 786 | + * input. It will add quotes around attribute values that don't have any quotes |
|
| 787 | + * or apostrophes around them, to make it easier to produce HTML code that will |
|
| 788 | + * conform to W3C's HTML specification. It will also remove bad URL protocols |
|
| 789 | + * from attribute values. |
|
| 790 | + * |
|
| 791 | + * @access private |
|
| 792 | + * @param string $attr Text containing tag attributes for parsing |
|
| 793 | + * @return array Associative array containing data on attribute and value |
|
| 794 | + * @since PHP4 OOP 0.0.1 |
|
| 795 | + */ |
|
| 796 | + private function combAttributes($attr) |
|
| 797 | + { |
|
| 798 | + $attrarr = array(); |
|
| 799 | + $mode = 0; |
|
| 800 | + $attrname = ''; |
|
| 801 | + |
|
| 802 | + # Loop through the whole attribute list |
|
| 803 | + |
|
| 804 | + while (strlen($attr) != 0) |
|
| 805 | + { |
|
| 806 | + # Was the last operation successful? |
|
| 807 | + $working = 0; |
|
| 808 | + |
|
| 809 | + switch ($mode) |
|
| 810 | + { |
|
| 811 | + case 0: # attribute name, href for instance |
|
| 812 | + if (preg_match('/^([-a-zA-Z]+)/', $attr, $match)) |
|
| 813 | + { |
|
| 814 | + $attrname = $match[1]; |
|
| 815 | + $working = $mode = 1; |
|
| 816 | + $attr = preg_replace('/^[-a-zA-Z]+/', '', $attr); |
|
| 817 | + } |
|
| 818 | + break; |
|
| 819 | + case 1: # equals sign or valueless ("selected") |
|
| 820 | + if (preg_match('/^\s*=\s*/', $attr)) # equals sign |
|
| 821 | + { |
|
| 822 | + $working = 1; |
|
| 823 | + $mode = 2; |
|
| 824 | + $attr = preg_replace('/^\s*=\s*/', '', $attr); |
|
| 825 | + break; |
|
| 826 | + } |
|
| 827 | + if (preg_match('/^\s+/', $attr)) # valueless |
|
| 828 | + { |
|
| 829 | + $working = 1; |
|
| 830 | + $mode = 0; |
|
| 831 | + $attrarr[] = array( |
|
| 832 | + 'name' => $attrname, |
|
| 833 | + 'value' => '', |
|
| 834 | + 'whole' => $attrname, |
|
| 835 | + 'vless' => 'y' |
|
| 836 | + ); |
|
| 837 | + $attr = preg_replace('/^\s+/', '', $attr); |
|
| 838 | + } |
|
| 839 | + break; |
|
| 840 | + case 2: # attribute value, a URL after href= for instance |
|
| 841 | + if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value" |
|
| 842 | + { |
|
| 843 | + $thisval = $this->removeBadProtocols($match[1]); |
|
| 844 | + $attrarr[] = array( |
|
| 845 | + 'name' => $attrname, |
|
| 846 | + 'value' => $thisval, |
|
| 847 | + 'whole' => $attrname . '="' . $thisval . '"', |
|
| 848 | + 'vless' => 'n' |
|
| 849 | + ); |
|
| 850 | + $working = 1; |
|
| 851 | + $mode = 0; |
|
| 852 | + $attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr); |
|
| 853 | + break; |
|
| 854 | + } |
|
| 855 | + if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value' |
|
| 856 | + { |
|
| 857 | + $thisval = $this->removeBadProtocols($match[1]); |
|
| 858 | + $attrarr[] = array( |
|
| 859 | + 'name' => $attrname, |
|
| 860 | + 'value' => $thisval, |
|
| 861 | + 'whole' => "$attrname='$thisval'", |
|
| 862 | + 'vless' => 'n' |
|
| 863 | + ); |
|
| 864 | + $working = 1; |
|
| 865 | + $mode = 0; |
|
| 866 | + $attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr); |
|
| 867 | + break; |
|
| 868 | + } |
|
| 869 | + if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value |
|
| 870 | + { |
|
| 871 | + $thisval = $this->removeBadProtocols($match[1]); |
|
| 872 | + $attrarr[] = array( |
|
| 873 | + 'name' => $attrname, |
|
| 874 | + 'value' => $thisval, |
|
| 875 | + 'whole' => $attrname . '="' . $thisval . '"', |
|
| 876 | + 'vless' => 'n' |
|
| 877 | + ); |
|
| 878 | + # We add quotes to conform to W3C's HTML spec. |
|
| 879 | + $working = 1; |
|
| 880 | + $mode = 0; |
|
| 881 | + $attr = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr); |
|
| 882 | + } |
|
| 883 | + break; |
|
| 884 | + } |
|
| 885 | + |
|
| 886 | + if ($working == 0) # not well formed, remove and try again |
|
| 887 | + { |
|
| 888 | + $attr = preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $attr); |
|
| 889 | + $mode = 0; |
|
| 890 | + } |
|
| 891 | + } |
|
| 892 | + |
|
| 893 | + # special case, for when the attribute list ends with a valueless |
|
| 894 | + # attribute like "selected" |
|
| 895 | + if ($mode == 1) |
|
| 896 | + { |
|
| 897 | + $attrarr[] = array( |
|
| 898 | + 'name' => $attrname, |
|
| 899 | + 'value' => '', |
|
| 900 | + 'whole' => $attrname, |
|
| 901 | + 'vless' => 'y' |
|
| 902 | + ); |
|
| 903 | + } |
|
| 904 | + |
|
| 905 | + return $attrarr; |
|
| 906 | + } |
|
| 907 | + |
|
| 908 | + /** |
|
| 909 | + * This method removes disallowed protocols. |
|
| 910 | + * |
|
| 911 | + * This method removes all non-allowed protocols from the beginning of |
|
| 912 | + * $string. It ignores whitespace and the case of the letters, and it does |
|
| 913 | + * understand HTML entities. It does its work in a while loop, so it won't be |
|
| 914 | + * fooled by a string like "javascript:javascript:alert(57)". |
|
| 915 | + * |
|
| 916 | + * @access private |
|
| 917 | + * @param string $string String to check for protocols |
|
| 918 | + * @return string String with removed protocols |
|
| 919 | + * @since PHP4 OOP 0.0.1 |
|
| 920 | + */ |
|
| 921 | + private function removeBadProtocols($string) |
|
| 922 | + { |
|
| 923 | + $string = $this->RemoveNulls($string); |
|
| 924 | + $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature" |
|
| 925 | + $string2 = $string . 'a'; |
|
| 926 | + |
|
| 927 | + $string2 = preg_split('/:|:|:/i', $string, 2); |
|
| 928 | + if(isset($string2[1]) && !preg_match('%/\?%',$string2[0])) |
|
| 929 | + { |
|
| 930 | + $string = $this->filterProtocols($string2[0]).trim($string2[1]); |
|
| 931 | + } |
|
| 932 | + return $string; |
|
| 933 | + } |
|
| 934 | + |
|
| 935 | + /** |
|
| 936 | + * Helper method used by removeBadProtocols() |
|
| 937 | + * |
|
| 938 | + * This function processes URL protocols, checks to see if they're in the white- |
|
| 939 | + * list or not, and returns different data depending on the answer. |
|
| 940 | + * |
|
| 941 | + * @access private |
|
| 942 | + * @param string $string String to check for protocols |
|
| 943 | + * @return string String with removed protocols |
|
| 944 | + * @see removeBadProtocols() |
|
| 945 | + * @since PHP4 OOP 0.0.1 |
|
| 946 | + */ |
|
| 947 | + private function filterProtocols($string) |
|
| 948 | + { |
|
| 949 | + $string = $this->decodeEntities($string); |
|
| 950 | + $string = preg_replace('/\s/', '', $string); |
|
| 951 | + $string = $this->removeNulls($string); |
|
| 952 | + $string = preg_replace('/\xad+/', '', $string2); # deals with Opera "feature" |
|
| 953 | + $string = strtolower($string); |
|
| 954 | + |
|
| 955 | + if(is_array($this->allowed_protocols) && count($this->allowed_protocols) > 0) |
|
| 956 | + { |
|
| 957 | + foreach ($this->allowed_protocols as $one_protocol) |
|
| 958 | + { |
|
| 959 | + if (strtolower($one_protocol) == $string) |
|
| 960 | + { |
|
| 961 | + return "$string:"; |
|
| 962 | + } |
|
| 963 | + } |
|
| 964 | + } |
|
| 965 | + |
|
| 966 | + return ''; |
|
| 967 | + } |
|
| 968 | + |
|
| 969 | + /** |
|
| 970 | + * Controller method for performing checks on attribute values. |
|
| 971 | + * |
|
| 972 | + * This method calls the appropriate method as specified by $checkname with |
|
| 973 | + * the parameters $value, $vless, and $checkvalue, and returns the result |
|
| 974 | + * of the call. |
|
| 975 | + * |
|
| 976 | + * This method's functionality can be expanded by creating new methods |
|
| 977 | + * that would match checkAttributeValue[$checkname]. |
|
| 978 | + * |
|
| 979 | + * Current checks implemented are: "maxlen", "minlen", "maxval", "minval" and "valueless" |
|
| 980 | + * |
|
| 981 | + * @access private |
|
| 982 | + * @param string $value The value of the attribute to be checked. |
|
| 983 | + * @param string $vless Indicates whether the the value is supposed to be valueless |
|
| 984 | + * @param string $checkname The check to be performed |
|
| 985 | + * @param string $checkvalue The value that is to be checked against |
|
| 986 | + * @return bool Indicates whether the check passed or not |
|
| 987 | + * @since PHP5 OOP 1.0.0 |
|
| 988 | + */ |
|
| 989 | + private function checkAttributeValue($value, $vless, $checkname, $checkvalue) |
|
| 990 | + { |
|
| 991 | + $ok = true; |
|
| 992 | + $check_attribute_method_name = 'checkAttributeValue' . ucfirst(strtolower($checkname)); |
|
| 993 | + if(method_exists($this, $check_attribute_method_name)) |
|
| 994 | + { |
|
| 995 | + $ok = $this->$check_attribute_method_name($value, $checkvalue, $vless); |
|
| 996 | + } |
|
| 997 | + |
|
| 998 | + return $ok; |
|
| 999 | + } |
|
| 1000 | + |
|
| 1001 | + /** |
|
| 1002 | + * Helper method invoked by checkAttributeValue(). |
|
| 1003 | + * |
|
| 1004 | + * The maxlen check makes sure that the attribute value has a length not |
|
| 1005 | + * greater than the given value. This can be used to avoid Buffer Overflows |
|
| 1006 | + * in WWW clients and various Internet servers. |
|
| 1007 | + * |
|
| 1008 | + * @access private |
|
| 1009 | + * @param string $value The value of the attribute to be checked. |
|
| 1010 | + * @param int $checkvalue The maximum value allowed |
|
| 1011 | + * @return bool Indicates whether the check passed or not |
|
| 1012 | + * @see checkAttributeValue() |
|
| 1013 | + * @since PHP5 OOP 1.0.0 |
|
| 1014 | + */ |
|
| 1015 | + private function checkAttributeValueMaxlen($value, $checkvalue) |
|
| 1016 | + { |
|
| 1017 | + if (strlen($value) > intval($checkvalue)) |
|
| 1018 | + { |
|
| 1019 | + return false; |
|
| 1020 | + } |
|
| 1021 | + return true; |
|
| 1022 | + } |
|
| 1023 | + |
|
| 1024 | + /** |
|
| 1025 | + * Helper method invoked by checkAttributeValue(). |
|
| 1026 | + * |
|
| 1027 | + * The minlen check makes sure that the attribute value has a length not |
|
| 1028 | + * smaller than the given value. |
|
| 1029 | + * |
|
| 1030 | + * @access private |
|
| 1031 | + * @param string $value The value of the attribute to be checked. |
|
| 1032 | + * @param int $checkvalue The minimum value allowed |
|
| 1033 | + * @return bool Indicates whether the check passed or not |
|
| 1034 | + * @see checkAttributeValue() |
|
| 1035 | + * @since PHP5 OOP 1.0.0 |
|
| 1036 | + */ |
|
| 1037 | + private function checkAttributeValueMinlen($value, $checkvalue) |
|
| 1038 | + { |
|
| 1039 | + if (strlen($value) < intval($checkvalue)) |
|
| 1040 | + { |
|
| 1041 | + return false; |
|
| 1042 | + } |
|
| 1043 | + return true; |
|
| 1044 | + } |
|
| 1045 | + |
|
| 1046 | + /** |
|
| 1047 | + * Helper method invoked by checkAttributeValue(). |
|
| 1048 | + * |
|
| 1049 | + * The maxval check does two things: it checks that the attribute value is |
|
| 1050 | + * an integer from 0 and up, without an excessive amount of zeroes or |
|
| 1051 | + * whitespace (to avoid Buffer Overflows). It also checks that the attribute |
|
| 1052 | + * value is not greater than the given value. |
|
| 1053 | + * |
|
| 1054 | + * This check can be used to avoid Denial of Service attacks. |
|
| 1055 | + * |
|
| 1056 | + * @access private |
|
| 1057 | + * @param int $value The value of the attribute to be checked. |
|
| 1058 | + * @param int $checkvalue The maximum numeric value allowed |
|
| 1059 | + * @return bool Indicates whether the check passed or not |
|
| 1060 | + * @see checkAttributeValue() |
|
| 1061 | + * @since PHP5 OOP 1.0.0 |
|
| 1062 | + */ |
|
| 1063 | + private function checkAttributeValueMaxval($value, $checkvalue) |
|
| 1064 | + { |
|
| 1065 | + if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
|
| 1066 | + { |
|
| 1067 | + return false; |
|
| 1068 | + } |
|
| 1069 | + if (intval($value) > intval($checkvalue)) |
|
| 1070 | + { |
|
| 1071 | + return false; |
|
| 1072 | + } |
|
| 1073 | + return true; |
|
| 1074 | + } |
|
| 1075 | + |
|
| 1076 | + /** |
|
| 1077 | + * Helper method invoked by checkAttributeValue(). |
|
| 1078 | + * |
|
| 1079 | + * The minval check checks that the attribute value is a positive integer, |
|
| 1080 | + * and that it is not smaller than the given value. |
|
| 1081 | + * |
|
| 1082 | + * @access private |
|
| 1083 | + * @param int $value The value of the attribute to be checked. |
|
| 1084 | + * @param int $checkvalue The minimum numeric value allowed |
|
| 1085 | + * @return bool Indicates whether the check passed or not |
|
| 1086 | + * @see checkAttributeValue() |
|
| 1087 | + * @since PHP5 OOP 1.0.0 |
|
| 1088 | + */ |
|
| 1089 | + private function checkAttributeValueMinval($value, $checkvalue) |
|
| 1090 | + { |
|
| 1091 | + if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value)) |
|
| 1092 | + { |
|
| 1093 | + return false; |
|
| 1094 | + } |
|
| 1095 | + if (intval($value) < ($checkvalue)) |
|
| 1096 | + { |
|
| 1097 | + return false; |
|
| 1098 | + } |
|
| 1099 | + return true; |
|
| 1100 | + } |
|
| 1101 | + |
|
| 1102 | + /** |
|
| 1103 | + * Helper method invoked by checkAttributeValue(). |
|
| 1104 | + * |
|
| 1105 | + * The valueless check checks if the attribute has a value |
|
| 1106 | + * (like <a href="blah">) or not (<option selected>). If the given value |
|
| 1107 | + * is a "y" or a "Y", the attribute must not have a value. |
|
| 1108 | + * |
|
| 1109 | + * If the given value is an "n" or an "N", the attribute must have one. |
|
| 1110 | + * |
|
| 1111 | + * @access private |
|
| 1112 | + * @param int $value The value of the attribute to be checked. |
|
| 1113 | + * @param mixed $checkvalue This variable is ignored for this test |
|
| 1114 | + * @param string $vless Flag indicating if this attribute is not supposed to have an attribute |
|
| 1115 | + * @return bool Indicates whether the check passed or not |
|
| 1116 | + * @see checkAttributeValue() |
|
| 1117 | + * @since PHP5 OOP 1.0.0 |
|
| 1118 | + */ |
|
| 1119 | + private function checkAttributeValueValueless($value, $checkvalue, $vless) |
|
| 1120 | + { |
|
| 1121 | + if (strtolower($checkvalue) != $vless) |
|
| 1122 | + { |
|
| 1123 | + return false; |
|
| 1124 | + } |
|
| 1125 | + return true; |
|
| 1126 | + } |
|
| 1127 | + |
|
| 1128 | + /** |
|
| 1129 | + * Decodes numeric HTML entities |
|
| 1130 | + * |
|
| 1131 | + * This method decodes numeric HTML entities (A and A). It doesn't |
|
| 1132 | + * do anything with other entities like ä, but we don't need them in the |
|
| 1133 | + * URL protocol white listing system anyway. |
|
| 1134 | + * |
|
| 1135 | + * @access private |
|
| 1136 | + * @param string $value The entitiy to be decoded. |
|
| 1137 | + * @return string Decoded entity |
|
| 1138 | + * @since PHP4 OOP 0.0.1 |
|
| 1139 | + */ |
|
| 1140 | + private function decodeEntities($string) |
|
| 1141 | + { |
|
| 1142 | + $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string); |
|
| 1143 | + $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', $string); |
|
| 1144 | + return $string; |
|
| 1145 | + } |
|
| 1146 | + |
|
| 1147 | + /** |
|
| 1148 | + * Returns PHP5 OOP version # of kses. |
|
| 1149 | + * |
|
| 1150 | + * Since this class has been refactored and documented and proven to work, |
|
| 1151 | + * I'm fixing the version number at 1.0.0. |
|
| 1152 | + * |
|
| 1153 | + * This version is syntax compatible with the PHP4 OOP version 0.0.2. Future |
|
| 1154 | + * versions may not be syntax compatible. |
|
| 1155 | + * |
|
| 1156 | + * @access public |
|
| 1157 | + * @return string Version number |
|
| 1158 | + * @since PHP4 OOP 0.0.1 |
|
| 1159 | + */ |
|
| 1160 | + public function Version() |
|
| 1161 | + { |
|
| 1162 | + return 'PHP5 OOP 1.0.2'; |
|
| 1163 | + } |
|
| 1164 | + } |
|
| 1165 | + } |
|
| 1166 | 1166 | ?> |
| 1167 | 1167 | \ No newline at end of file |
