1
|
|
|
<?php |
2
|
|
|
/** |
3
|
|
|
* Copyright (c) 2013-2017 |
4
|
|
|
* |
5
|
|
|
* @category Library |
6
|
|
|
* @package Dwoo\Plugins\Functions |
7
|
|
|
* @author Jordi Boggiano <[email protected]> |
8
|
|
|
* @author David Sanchez <[email protected]> |
9
|
|
|
* @copyright 2008-2013 Jordi Boggiano |
10
|
|
|
* @copyright 2013-2017 David Sanchez |
11
|
|
|
* @license http://dwoo.org/LICENSE Modified BSD License |
12
|
|
|
* @version 1.3.2 |
13
|
|
|
* @date 2017-01-06 |
14
|
|
|
* @link http://dwoo.org/ |
15
|
|
|
*/ |
16
|
|
|
|
17
|
|
|
namespace Dwoo\Plugins\Functions; |
18
|
|
|
|
19
|
|
|
use Dwoo\Plugin; |
20
|
|
|
|
21
|
|
|
/** |
22
|
|
|
* Reads a file |
23
|
|
|
* <pre> |
24
|
|
|
* * file : path or URI of the file to read (however reading from another website is not recommended for performance |
25
|
|
|
* reasons) |
26
|
|
|
* * assign : if set, the file will be saved in this variable instead of being output |
27
|
|
|
* </pre> |
28
|
|
|
* This software is provided 'as-is', without any express or implied warranty. |
29
|
|
|
* In no event will the authors be held liable for any damages arising from the use of this software. |
30
|
|
|
*/ |
31
|
|
|
class PluginFetch extends Plugin |
32
|
|
|
{ |
33
|
|
|
/** |
34
|
|
|
* @param string $file |
35
|
|
|
* @param null $assign |
36
|
|
|
* |
37
|
|
|
* @return string |
38
|
|
|
*/ |
39
|
|
|
public function process($file, $assign = null) |
40
|
|
|
{ |
41
|
|
|
if ($file === '') { |
42
|
|
|
return ''; |
43
|
|
|
} |
44
|
|
|
|
45
|
|
|
if ($policy = $this->core->getSecurityPolicy()) { |
46
|
|
|
while (true) { |
47
|
|
|
if (preg_match('{^([a-z]+?)://}i', $file)) { |
48
|
|
|
$this->core->triggerError('The security policy prevents you to read files from external sources.', |
49
|
|
|
E_USER_WARNING); |
50
|
|
|
} |
51
|
|
|
|
52
|
|
|
$file = realpath($file); |
53
|
|
|
$dirs = $policy->getAllowedDirectories(); |
54
|
|
|
foreach ($dirs as $dir => $dummy) { |
55
|
|
|
if (strpos($file, $dir) === 0) { |
56
|
|
|
break 2; |
57
|
|
|
} |
58
|
|
|
} |
59
|
|
|
$this->core->triggerError('The security policy prevents you to read <em>' . $file . '</em>', |
60
|
|
|
E_USER_WARNING); |
61
|
|
|
} |
62
|
|
|
} |
63
|
|
|
$file = str_replace(array( |
64
|
|
|
"\t", |
65
|
|
|
"\n", |
66
|
|
|
"\r" |
67
|
|
|
), |
68
|
|
|
array( |
69
|
|
|
'\\t', |
70
|
|
|
'\\n', |
71
|
|
|
'\\r' |
72
|
|
|
), |
73
|
|
|
$file); |
74
|
|
|
|
75
|
|
|
$out = file_get_contents($file); |
76
|
|
|
|
77
|
|
|
if ($assign === null) { |
78
|
|
|
return $out; |
79
|
|
|
} |
80
|
|
|
$this->core->assignInScope($out, $assign); |
81
|
|
|
} |
82
|
|
|
} |