Issues in string.php (master) - Issues in master - fwolf/fwlib - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1752)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

func/string.php (4 issues)

Labels

Severity

Minor 4

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Functions about string
 *
 * @package     fwolflib
 * @subpackage	func
 * @copyright   Copyright 2004-2012, Fwolf
 * @author      Fwolf <[email protected]>
 * @since		Before 2008-04-07
 */


require_once(dirname(__FILE__) . '/../fwolflib.php');


/**
 * Addslashes for any data, recursive.
 *
 * @deprecated      Use Fwlib\Util\StringUtil::addSlashesRecursive()
 * @param	mixed	$srce
 * @return	mixed
 */
function AddslashesRecursive ($srce) {
	if (empty($srce))
		return $srce;

	elseif (is_string($srce))
		return addslashes($srce);

	elseif (is_array($srce)) {
		$ar_rs = array();
		foreach ($srce as $k => $v) {
			$ar_rs[addslashes($k)] = AddslashesRecursive($v);
		}
		return $ar_rs;
	}

	else
		// Other data type, return original
		return $srce;
} // end of func AddslashesRecursive


/**
 * 把一个字符串转换为可以用HTML输出的格式
 *
 * @deprecated      Use Fwlib\Util\StringUtil::encodeHtml()
 * @param	string	$str
 * @return	string
*/
function HtmlEncode ($str) {
	if (empty($str))
	    return('');

	$ar = array(
		'&'		=> '&amp;',
		'<'		=> '&lt;',
		'>'		=> '&gt;',
		chr(9)	=> '　　',
		chr(34)	=> '&quot;',
		'  '	=> '&nbsp; ',
		' '		=> '&nbsp;',
		'&nbsp;&nbsp;'	=> '&nbsp; ',
		chr(13)	=> '<br />',
	);
	$ar_search = array_keys($ar);
	$ar_replace = array_values($ar);

	$outstr = str_replace($ar_search, $ar_replace, $str);
	return $outstr;
} // end of func HtmlEncode


/**
 * 判断一个字符的某个位置的字符是否中文
 * 如果从一个中文的第二个字节开始检查，将返回FALSE
 * @param	string	$str
 * @param	int		$pos
 * @return	boolean
 */
function IsGbChar($str = '', $pos = 0) {
    if (empty($str)) {
        return(false);
    }
	else {
		//检查连续的两个字节
	    $s1 = ord(substr($str, $pos, 1));
	    $s2 = ord(substr($str, $pos + 1, 1));
		if ((160 < $s1) && (248 > $s1) && (160 < $s2) && (255 > $s2)) {
		    return(true);
		}
		else {
		    return(false);
		}
	}
} // end of func IsGbChar


/*
 * Json encode with JSON_HEX_(TAG|AMP|APOS|QUOT) options
 *
 * @deprecated      Use Fwlib\Util\Json::encodeHex()
 * @param	mixed	$val
 * @return	string
 */
function JsonEncodeHex ($val) {
	// Check json extension
	if (!extension_loaded('json')) {
		error_log('JsonEncodeHex(): json extension is not loaded.');
		return NULL;
	}

	$s_json = '';
	if (0 <= version_compare(PHP_VERSION, '5.3.0'))
		$s_json =  json_encode($val, JSON_HEX_TAG|JSON_HEX_APOS
			|JSON_HEX_QUOT|JSON_HEX_AMP);
	else {
		// Json treat list/array in different way([] vs {}).
		if (is_array($val) || is_object($val)) {
			$is_list = is_array($val) && (empty($val)
				|| array_keys($val) === range(0, count($val) - 1));

			if ($is_list ) {
				$s_json = '[' . implode(',',
					array_map('JsonEncodeHex', $val)) . ']';
			} else {
				$ar_t = array();
				foreach ($val as $k => $v) {
					$ar_t[] = JsonEncodeHex($k) . ':'
						. JsonEncodeHex($v);
				}
				$s_json = '{' . implode(',', $ar_t) . '}';
			}
		}
		elseif (is_string($val)) {
			// Manual replace chars
			$s_json = json_encode($val);
			$s_json = substr($s_json, 1);
			$s_json = substr($s_json, 0, strlen($s_json) - 1);
			$s_json = str_replace(array(
					'<', '>', "'", '\"', '&'
				), array(
					'\u003C', '\u003E', '\u0027', '\u0022', '\u0026'
				), $s_json);
			$s_json = '"' . $s_json . '"';
		}
		else {
			// Int, floats, bools, null
			$s_json = '"' . json_encode($val) . '"';
		}
	}
	return $s_json;
} // end of func JsonEncodeHex


/**
 * Json encode, simulate JSON_UNESCAPED_UNICODE option is on.
 *
 * @deprecated      Use Fwlib\Util\Json::encodeUnicode()
 * @param	mixed	$val
 * @param	int		$option			Other original json_encode option
 * @return	string
 */
function JsonEncodeUnicode ($val, $option = 0) {
	if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
		return json_encode($val, JSON_UNESCAPED_UNICODE | $option);
	}
	else {
		$val = json_encode($val, $option);
		$val = preg_replace('/\\\u([0-9a-f]{4})/ie'
			, "mb_convert_encoding(pack('H4', '\\1'), 'UTF-8', 'UCS-2BE')"
			, $val);
		return $val;

		/*
		 * Another way is use urlencode before json_encode,
		 * and use urldecode after it.
		 * But this way can't deal with array recursive,
		 * and array have chinese char in array key.
		 *
		 * 3rd way:
		 * mb_convert_encoding('&#37257;&#29233;', 'UTF-8', 'HTML-ENTITIES');
		 * Need convert \uxxxx to &#xxxxx first.
		 */
	}
} // end of func JsonEncodeUnicode


/**
 * Match a string with rule including wildcard.
 *
 * Eg: 'abcd' match rule '*c?'
 *
 * @deprecated      Use Fwlib\Util\StringUtil::matchWildcard()
 * @param	string	$str
 * @param	string	$rule
 * @return	boolean
 */
function MatchWildcard ($str, $rule) {
	// Convert wildcard rule to regex
	$rule = str_replace('*', '.+', $rule);
	$rule = str_replace('?', '.{1}', $rule);
	$rule = '/' . $rule . '/';

	if (1 == preg_match($rule, $str, $ar_match))
		// Must match whole string, same length
		if (strlen($ar_match[0]) == strlen($str))
			return true;

	return false;
} // end of func MatchWildcard


/**
 * Generate org code according to GB 11714-1997.
 *
 * @deprecated      Use Fwlib\Mis\OrgCode::gen()
 * @link	http://zh.wikisource.org/zh/GB_11714-1997_全国组织机构代码编制规则
 * @param	string	$code_base	8-digit base code
 * @return	string
 */
function OrgCodeGen ($code_base = '') {
	$code_base = strtoupper($code_base);
	// Gen random
	if (empty($code_base))
		$code_base = RandomString(8, '0A');
	// Length check
	else if (8 != strlen($code_base))
		return '';
	// Only 0-9 A-Z allowed
	else if ('' != preg_replace('/[0-9A-Z]/', '', $code_base))
		return '';


	// Prepare value table
	$ar_val = array();
	// 0-9 to 0-9
	for ($i = 48; $i < 58; $i ++)
		$ar_val[chr($i)] = $i - 48;
	// A-Z to 10-35
	for ($i = 65; $i < 91; $i ++)
		$ar_val[chr($i)] = $i - 55;

	// Weight table
	$ar_weight = array(3, 7, 9, 10, 5, 8, 4, 2);

	// Add each digit value after plus it's weight
	$j = 0;
	for ($i = 0; $i <8; $i ++)
		$j += $ar_val[$code_base{$i}] * $ar_weight[$i];

	// Mod by 11
	$j = $j % 11;

	// Minus by 11
	$j = 11 - $j;

	// Return result
	if (10 == $j)
		return $code_base . '-X';
	else if (11 == $j)
		return $code_base . '-0';
	else
		return $code_base . '-' . strval($j);
} // end of func OrgCodeGen


/**
 * Convert 15-digi pin to 18-digi
 *
 * @deprecated      Use Fwlib\Mis\CinCode::to18()
 * @param	string	$pin
 * @return	string
 */
function Pin15To18($pin) {
	if (15 != strlen($pin))
		// Error, which value should I return ?
		return $pin;

	$s = substr($pin, 0, 6) . '19' . substr($pin, 6);

	$n = 0;
	for ($i = 17; 0 < $i; $i --) {
		$n += (pow(2, $i) % 11) * intval($s{17 - $i});
	}
	$n = $n % 11;
	switch ($n) {
		case	0:
			$s_last = '1';
			break;
		case	1:
			$s_last = '0';
			break;
		case	2:
			$s_last = 'X';
			break;
		default:
			$s_last = strval(12 - $n);
			break;
	}

	return $s . $s_last;
} // end of func Pin15To18


/**
 * 生成随机字符串
 * a表示包含小写字符，A表示包含大写字符，0表示包含数字
 *
 * @deprecated      Use Fwlib\Util\StringUtil::random()
 * @param	int		$len	字符串长度
 * @param	string	$mode	模式
 * @return	string
 */
function RandomString ($len, $mode = 'a0') {
	$str = '';
	if (preg_match('/[a]/', $mode)) {
		$str .= 'abcdefghijklmnopqrstuvwxyz';
	}
	if (preg_match('/[A]/', $mode)) {
		$str .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
	}
	if (preg_match('/[0]/', $mode)) {
	    $str .= '0123456789';
	}
	$result = '';
	$str_len = strlen($str);
	$max = 1000;
	for($i = 0; $i < $len; $i ++) {
		$num = rand(0, $max);
		$num = $num % $str_len;
		$result .= $str[$num];
	}
	return $result;
} // end of func RandomString


/**
 * Decode a string which is MIME encoding
 *
 * @link	http://www.faqs.org/rfcs/rfc2047
 * @link	http://www.php.net/imap_utf8
 *
 * @deprecated      Use Fwlib\Util\Rfc2047::decode()
 * @param	string	$str
 * @param	string	$encoding	Encoding of output string.
 * @return	string
 */
function Rfc2047Decode($str, $encoding = 'utf-8')
{
	// Find string encoding
	$ar = array();
	//preg_match_all('/=\?(.{3,13})\?[B|Q]\?([\/\d\w\=]*)\?\=/i', $str, $ar);
	preg_match_all('/=\?(.{3,13})\?([B|Q])\?([^\?]*)\?\=/i', $str, $ar);
	// 0 is all-string pattern, 1 is encoding, 2 is string to base64_decode
	$i = count($ar[0]);
	//var_dump($ar);
	if (0 < $i)
	{
		// Got match, process
		for ($j = 0; $j < count($i); $j++)
for ($i=0; $i<count($array); $i++) { // calls count() on each iteration
}

// Better
for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once
}
		{
			$s = '';
			if ('B' == strtoupper($ar[2][$j])) {
				// Decode base64 first
				$s = base64_decode($ar[3][$j]);
			}
			elseif ('Q' == strtoupper($ar[2][$j])) {
				// quoted-printable encoding ? its format like '=0D=0A'
				$s = quoted_printable_decode($ar[3][$j]);
			}

			// Then convert string to charset ordered
			if ($encoding != strtolower($ar[1][$j]))
				$s = mb_convert_encoding($s, $encoding, $ar[1][$j]);

			// Then replace into original string
			if (!empty($s))
				$str = str_replace($ar[0][$j], $s, $str);
		}
		//echo "$str \n";
		return $str;
	}
	else
	{
		// No match, return original string
		return $str;
	}
}


/**
 * Encode a string using MIME encoding method
 *
 * Usually used in mail header, attachment name etc.
 *
 * No break in string(B encoding mode instead of Q, see
 * phpmailer::EncodeHeader, line 1156), because that possible
 * break chinese chars.
 *
 * @deprecated      Use Fwlib\Util\Rfc2047::encode()
 * @link	http://www.faqs.org/rfcs/rfc2047
 * @param	string	$str
 * @param	string	$encoding	Encoding of $str
 * @return	string
 */
function Rfc2047Encode($str, $encoding = 'utf-8')
{
	return "=?" . $encoding . "?B?" . base64_encode($str) . "?=";
} // end of func Rfc2047Encode


/**
 * 返回字符串的长度，一个中文字按一个单位算
 *
 * Check also: mb_strwidth()
 * @param	string	$str
 * @return	int
 */
function StrlenGb($str = '')
{
    $len = strlen($str);
	$j = 0;
	for ($i=0; $i<$len; $i++)
	{
	    if (true == IsGbChar($str, $i))
	    {
	        $i++;
	    }
		$j++;
	}
	return($j);
} // end of func StrlenGb


/**
 * 把一个用字符串2间隔的字符串，用字符串1进行连接
 *
 * :THINK: Useless ? Just replace connector with new char.
 *
 * @param	string	$str	源字符串
 * @param	string	$s1		用于连接的字符串
 * @param	string	$s2		源字符串本身是用什么连接的，如果为空，则使用$s1的值
 * @param	boolean	$embody	首尾是否加上字符串2
 * @param	boolean	$istrim	是否去除字符串中的特殊字符
 * @return	string
 */
function StrReForm( $str, $s1, $s2 = '', $embody = false, $istrim = true )
{
	$ss2 = empty($s2) ? $s1 : $s2;
	$ar = explode( $ss2, $str );
	if ( true == $istrim )
	{
		for ($i=0; $i<count($ar); $i++)
for ($i=0; $i<count($array); $i++) { // calls count() on each iteration
}

// Better
for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once
}
		{
			$ar[$i] = trim( $ar[$i], ' \t\0\x0B' );
		}
	}
	//去除空串
	$ar1 = array();
	for ($i=0; $i<count($ar); $i++)
for ($i=0; $i<count($array); $i++) { // calls count() on each iteration
}

// Better
for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once
}
	{
		if ( !empty( $ar[$i] ) )
		{
		    array_push( $ar1, $ar[$i] );
		}
	}
	$s = implode( $s1, $ar1 );
	if ( true == $embody )
	{
		$s = $s1 . $s . $s1;
	}
	return( $s );
} // end of func StrReForm


/**
 * Convert string to array by splitter
 *
 * @deprecated      Use Fwlib\Util\StringUtil::toArray()
 * @param	string	$s_srce
 * @param	string	$s_splitter
 * @param	boolean	$b_trim
 * @param	boolean	$b_remove_empty
 * @return	array
 */
function StrToArray ($s_srce, $s_splitter = ',', $b_trim = true
	, $b_remove_empty = true) {
	if (!is_string($s_srce))
		$s_srce = strval($s_srce);

	if (false === strpos($s_srce, $s_splitter)) {
		$ar_rs = array($s_srce);
	}
	else {
		$ar_rs = explode($s_splitter, $s_srce);
	}

	if ($b_trim) {
		foreach ($ar_rs as &$v)
			$v = trim($v);
		unset($v);
	}

	if ($b_remove_empty) {
		foreach ($ar_rs as $k => $v)
			if (empty($v))
				unset($ar_rs[$k]);
		// Re generate array index
		$ar_rs = array_merge($ar_rs, array());
	}

	return $ar_rs;
} // end of func StrToArray


/**
 * Convert ucfirst format to underline_connect format
 *
 * @deprecated      Use Fwlib\Util\StringUtil::toSnakeCase()
 * If convert fail, return original string.
 * @param	string	$str
 * @return	string
 */
function StrUcfirst2Underline($str)
{
	$s = preg_replace('/([A-Z])/', '_\1', $str);
	$ar = explode('_', $s);
	$s = '';
	if (empty($ar))
		$s = $str;
	else
	{
		foreach ($ar as $s1)
			if (!empty($s1))
				$s .= '_' . strtolower($s1);
		$s = substr($s, 1);
	}
	return $s;
} // end of func StrUcfirst2Underline


/**
 * Convert underline_connect format to ucfirst format
 *
 * If convert fail, return ucfirst($str)
 *
 * @deprecated      Use Fwlib\Util\StringUtil::toStudlyCaps()
 * @param	string	$str
 * @param	boolean	$minus	Treat minus sign as splitter also.
 * @return	string
 */
function StrUnderline2Ucfirst($str, $minus = false)
{
	if ($minus)
		$str = str_replace('-', '_', $str);
	$ar = explode('_', $str);
	$s = '';
	if (empty($ar))
		$s = ucfirst($str);
	else
		foreach ($ar as $s1) {
			if ('' != $s1)
				$s .= ucfirst($s1);
		}
	return $s;
} // end of func StrUnderline2Ucfirst


/**
 * 截取子字符串，中文按长度1计算
 * 在计算截取起始位置和截取长度时，中文也是按长度1计算的
 * 比如$str='大中小'，SubstrGb($str, 1, 1) = '中';
 *
 * Obsolete, see: http://www.fwolf.com/blog/post/133
 * @link http://www.fwolf.com/blog/post/133
 * @param   string  $str
 * @param   int     $start
 * @param   int     $len
 */
function SubstrGb($str = '', $start = 0, $len = 0)
{
    $tmp = '';
	if (empty($str) || $len == 0)
	{
		return false;
	}
    $l = strlen($str);
    $j = 0;
	for ($i = 0; $i < $l; $i++)
	{
		$tmpstr = (ord($str[$i]) >= 161 && ord($str[$i]) <= 247&& ord($str[$i+1]) >= 161 && ord($str[$i+1]) <= 254)?$str[$i].$str[++$i]:$tmpstr = $str[$i];
		if ($j >= $start && $j <= ($start + $len))
		{
			$tmp .= $tmpstr;
		}
        $j++;
        if ($j == ($start + $len))
        {
            break;
        }
	}
	return $tmp;
} // end of func SubstrGb


/**
 * Get substr by display width, and ignore html tag's length
 *
 * Using mb_strimwidth()
 *
 * Attention: No consider of html complement.
 *
 * @deprecated      Use Fwlib\Util\StringUtil::substrIgnHtml()
 * @param	string	$str	Source string
 * @param	int		$len	Length
 * @param	string	$marker	If str length exceed, cut & fill with this
 * @param	int		$start	Start position
 * @param	string	$encoding	Default is utf-8
 * @return	string
 * @link http://www.fwolf.com/blog/post/133
 */
function SubstrIgnHtml($str, $len, $marker = '...', $start = 0, $encoding = 'utf-8') {
	$i = preg_match_all('/<[^>]*>/i', $str, $ar);
	if (0 == $i) {
		// No html in $str
		$str = htmlspecialchars_decode($str);
		$str = mb_strimwidth($str, $start, $len, $marker, $encoding);
		$str = htmlspecialchars($str);
		return $str;
	} else {
		// Have html tags, need split str into parts by html
		$ar = $ar[0];
		$ar_s = array();
		for ($i = 0; $i < count($ar); $i ++) {
for ($i=0; $i<count($array); $i++) { // calls count() on each iteration
}

// Better
for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once
}
			// Find sub str
			$j = strpos($str, $ar[$i]);
			// Add to new ar: before, tag
			if (0 != $j)
				$ar_s[] = substr($str, 0, $j);
			$ar_s[] = $ar[$i];
			// Trim origin str, so we start from 0 again next loop
			$str = substr($str, $j + strlen($ar[$i]));
		}
		// Tail of $str, which after html tags
		$ar_s[] = $str;

		// Loop to cut needed length
		$s_result = '';
		$i_length = $len - mb_strwidth($marker, $encoding);
		$f_tag = 0;		// In html tag ?
		$i = 0;
		while ($i < count($ar_s)) {
			$s = $ar_s[$i];
			$i ++;

			// Is it self-end html tag ?
			if (0 < preg_match('/\/\s*>/', $s)) {
				$s_result .= $s;
			} elseif (0 < preg_match('/<\s*\//', $s)) {
				// End of html tag ?
				// When len exceed, only end tag allowed
				if (0 < $f_tag) {
					$s_result .= $s;
					$f_tag --;
				}
			} elseif (0 < strpos($s, '>')) {
				// Begin of html tag ?
				// When len exceed, no start tag allowed
				if (0 < $i_length) {
					$s_result .= $s;
					$f_tag ++;
				}
			} else {
				// Real string
				$s = htmlspecialchars_decode($s);
				if (0 == $i_length) {
					// Already got length
					continue;
				} elseif (mb_strwidth($s, $encoding) < $i_length) {
					// Can add to rs completely
					$i_length -= mb_strwidth($s, $encoding);
					$s_result .= htmlspecialchars($s);
				} else {
					// Need cut then add to rs
					$s_result .= htmlspecialchars(mb_strimwidth($s, 0, $i_length, '', $encoding)) . $marker;
					$i_length = 0;
				}
			}
		}

		return $s_result;
	}
	return '';
} // end of func SubstrIgnHtml


?>


1		<?php
2		/**
3		* Functions about string
4		*
5		* @package fwolflib
6		* @subpackage func
7		* @copyright Copyright 2004-2012, Fwolf
8		* @author Fwolf <[email protected]>
9		* @since Before 2008-04-07
10		*/
11
12
13		require_once(dirname(__FILE__) . '/../fwolflib.php');
14
15
16		/**
17		* Addslashes for any data, recursive.
18		*
19		* @deprecated Use Fwlib\Util\StringUtil::addSlashesRecursive()
20		* @param mixed $srce
21		* @return mixed
22		*/
23	View Code Duplication	function AddslashesRecursive ($srce) {
24		if (empty($srce))
25		return $srce;
26
27		elseif (is_string($srce))
28		return addslashes($srce);
29
30		elseif (is_array($srce)) {
31		$ar_rs = array();
32		foreach ($srce as $k => $v) {
33		$ar_rs[addslashes($k)] = AddslashesRecursive($v);
34		}
35		return $ar_rs;
36		}
37
38		else
39		// Other data type, return original
40		return $srce;
41		} // end of func AddslashesRecursive
42
43
44		/**
45		* 把一个字符串转换为可以用HTML输出的格式
46		*
47		* @deprecated Use Fwlib\Util\StringUtil::encodeHtml()
48		* @param string $str
49		* @return string
50		*/
51		function HtmlEncode ($str) {
52		if (empty($str))
53		return('');
54
55		$ar = array(
56		'&' => '&',
57		'<' => '<',
58		'>' => '>',
59		chr(9) => '　　',
60		chr(34) => '"',
61		' ' => '  ',
62		' ' => ' ',
63		'  ' => '  ',
64		chr(13) => '<br />',
65		);
66		$ar_search = array_keys($ar);
67		$ar_replace = array_values($ar);
68
69		$outstr = str_replace($ar_search, $ar_replace, $str);
70		return $outstr;
71		} // end of func HtmlEncode
72
73
74		/**
75		* 判断一个字符的某个位置的字符是否中文
76		* 如果从一个中文的第二个字节开始检查，将返回FALSE
77		* @param string $str
78		* @param int $pos
79		* @return boolean
80		*/
81		function IsGbChar($str = '', $pos = 0) {
82		if (empty($str)) {
83		return(false);
84		}
85		else {
86		//检查连续的两个字节
87		$s1 = ord(substr($str, $pos, 1));
88		$s2 = ord(substr($str, $pos + 1, 1));
89		if ((160 < $s1) && (248 > $s1) && (160 < $s2) && (255 > $s2)) {
90		return(true);
91		}
92		else {
93		return(false);
94		}
95		}
96		} // end of func IsGbChar
97
98
99		/*
100		* Json encode with JSON_HEX_(TAG\|AMP\|APOS\|QUOT) options
101		*
102		* @deprecated Use Fwlib\Util\Json::encodeHex()
103		* @param mixed $val
104		* @return string
105		*/
106		function JsonEncodeHex ($val) {
107		// Check json extension
108		if (!extension_loaded('json')) {
109		error_log('JsonEncodeHex(): json extension is not loaded.');
110		return NULL;
111		}
112
113		$s_json = '';
114		if (0 <= version_compare(PHP_VERSION, '5.3.0'))
115		$s_json = json_encode($val, JSON_HEX_TAG\|JSON_HEX_APOS
116		\|JSON_HEX_QUOT\|JSON_HEX_AMP);
117		else {
118		// Json treat list/array in different way([] vs {}).
119		if (is_array($val) \|\| is_object($val)) {
120		$is_list = is_array($val) && (empty($val)
121		\|\| array_keys($val) === range(0, count($val) - 1));
122
123		if ($is_list ) {
124		$s_json = '[' . implode(',',
125		array_map('JsonEncodeHex', $val)) . ']';
126		} else {
127		$ar_t = array();
128		foreach ($val as $k => $v) {
129		$ar_t[] = JsonEncodeHex($k) . ':'
130		. JsonEncodeHex($v);
131		}
132		$s_json = '{' . implode(',', $ar_t) . '}';
133		}
134		}
135		elseif (is_string($val)) {
136		// Manual replace chars
137		$s_json = json_encode($val);
138		$s_json = substr($s_json, 1);
139		$s_json = substr($s_json, 0, strlen($s_json) - 1);
140		$s_json = str_replace(array(
141		'<', '>', "'", '\"', '&'
142		), array(
143		'\u003C', '\u003E', '\u0027', '\u0022', '\u0026'
144		), $s_json);
145		$s_json = '"' . $s_json . '"';
146		}
147		else {
148		// Int, floats, bools, null
149		$s_json = '"' . json_encode($val) . '"';
150		}
151		}
152		return $s_json;
153		} // end of func JsonEncodeHex
154
155
156		/**
157		* Json encode, simulate JSON_UNESCAPED_UNICODE option is on.
158		*
159		* @deprecated Use Fwlib\Util\Json::encodeUnicode()
160		* @param mixed $val
161		* @param int $option Other original json_encode option
162		* @return string
163		*/
164		function JsonEncodeUnicode ($val, $option = 0) {
165		if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
166		return json_encode($val, JSON_UNESCAPED_UNICODE \| $option);
167		}
168		else {
169		$val = json_encode($val, $option);
170		$val = preg_replace('/\\\u([0-9a-f]{4})/ie'
171		, "mb_convert_encoding(pack('H4', '\\1'), 'UTF-8', 'UCS-2BE')"
172		, $val);
173		return $val;
174
175		/*
176		* Another way is use urlencode before json_encode,
177		* and use urldecode after it.
178		* But this way can't deal with array recursive,
179		* and array have chinese char in array key.
180		*
181		* 3rd way:
182		* mb_convert_encoding('醉爱', 'UTF-8', 'HTML-ENTITIES');
183		* Need convert \uxxxx to &#xxxxx first.
184		*/
185		}
186		} // end of func JsonEncodeUnicode
187
188
189		/**
190		* Match a string with rule including wildcard.
191		*
192		* Eg: 'abcd' match rule '*c?'
193		*
194		* @deprecated Use Fwlib\Util\StringUtil::matchWildcard()
195		* @param string $str
196		* @param string $rule
197		* @return boolean
198		*/
199	View Code Duplication	function MatchWildcard ($str, $rule) {
200		// Convert wildcard rule to regex
201		$rule = str_replace('*', '.+', $rule);
202		$rule = str_replace('?', '.{1}', $rule);
203		$rule = '/' . $rule . '/';
204
205		if (1 == preg_match($rule, $str, $ar_match))
206		// Must match whole string, same length
207		if (strlen($ar_match[0]) == strlen($str))
208		return true;
209
210		return false;
211		} // end of func MatchWildcard
212
213
214		/**
215		* Generate org code according to GB 11714-1997.
216		*
217		* @deprecated Use Fwlib\Mis\OrgCode::gen()
218		* @link http://zh.wikisource.org/zh/GB_11714-1997_全国组织机构代码编制规则
219		* @param string $code_base 8-digit base code
220		* @return string
221		*/
222		function OrgCodeGen ($code_base = '') {
223		$code_base = strtoupper($code_base);
224		// Gen random
225		if (empty($code_base))
226		$code_base = RandomString(8, '0A');
227		// Length check
228		else if (8 != strlen($code_base))
229		return '';
230		// Only 0-9 A-Z allowed
231		else if ('' != preg_replace('/[0-9A-Z]/', '', $code_base))
232		return '';
233
234
235		// Prepare value table
236		$ar_val = array();
237		// 0-9 to 0-9
238	View Code Duplication	for ($i = 48; $i < 58; $i ++)
239		$ar_val[chr($i)] = $i - 48;
240		// A-Z to 10-35
241	View Code Duplication	for ($i = 65; $i < 91; $i ++)
242		$ar_val[chr($i)] = $i - 55;
243
244		// Weight table
245		$ar_weight = array(3, 7, 9, 10, 5, 8, 4, 2);
246
247		// Add each digit value after plus it's weight
248		$j = 0;
249		for ($i = 0; $i <8; $i ++)
250		$j += $ar_val[$code_base{$i}] * $ar_weight[$i];
251
252		// Mod by 11
253		$j = $j % 11;
254
255		// Minus by 11
256		$j = 11 - $j;
257
258		// Return result
259	View Code Duplication	if (10 == $j)
260		return $code_base . '-X';
261		else if (11 == $j)
262		return $code_base . '-0';
263		else
264		return $code_base . '-' . strval($j);
265		} // end of func OrgCodeGen
266
267
268		/**
269		* Convert 15-digi pin to 18-digi
270		*
271		* @deprecated Use Fwlib\Mis\CinCode::to18()
272		* @param string $pin
273		* @return string
274		*/
275		function Pin15To18($pin) {
276		if (15 != strlen($pin))
277		// Error, which value should I return ?
278		return $pin;
279
280		$s = substr($pin, 0, 6) . '19' . substr($pin, 6);
281
282		$n = 0;
283		for ($i = 17; 0 < $i; $i --) {
284		$n += (pow(2, $i) % 11) * intval($s{17 - $i});
285		}
286		$n = $n % 11;
287		switch ($n) {
288		case 0:
289		$s_last = '1';
290		break;
291		case 1:
292		$s_last = '0';
293		break;
294		case 2:
295		$s_last = 'X';
296		break;
297		default:
298		$s_last = strval(12 - $n);
299		break;
300		}
301
302		return $s . $s_last;
303		} // end of func Pin15To18
304
305
306		/**
307		* 生成随机字符串
308		* a表示包含小写字符，A表示包含大写字符，0表示包含数字
309		*
310		* @deprecated Use Fwlib\Util\StringUtil::random()
311		* @param int $len 字符串长度
312		* @param string $mode 模式
313		* @return string
314		*/
315		function RandomString ($len, $mode = 'a0') {
316		$str = '';
317		if (preg_match('/[a]/', $mode)) {
318		$str .= 'abcdefghijklmnopqrstuvwxyz';
319		}
320		if (preg_match('/[A]/', $mode)) {
321		$str .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
322		}
323		if (preg_match('/[0]/', $mode)) {
324		$str .= '0123456789';
325		}
326		$result = '';
327		$str_len = strlen($str);
328		$max = 1000;
329		for($i = 0; $i < $len; $i ++) {
330		$num = rand(0, $max);
331		$num = $num % $str_len;
332		$result .= $str[$num];
333		}
334		return $result;
335		} // end of func RandomString
336
337
338		/**
339		* Decode a string which is MIME encoding
340		*
341		* @link http://www.faqs.org/rfcs/rfc2047
342		* @link http://www.php.net/imap_utf8
343		*
344		* @deprecated Use Fwlib\Util\Rfc2047::decode()
345		* @param string $str
346		* @param string $encoding Encoding of output string.
347		* @return string
348		*/
349	View Code Duplication	function Rfc2047Decode($str, $encoding = 'utf-8')
350		{
351		// Find string encoding
352		$ar = array();
353		//preg_match_all('/=\?(.{3,13})\?[B\|Q]\?([\/\d\w\=]*)\?\=/i', $str, $ar);
354		preg_match_all('/=\?(.{3,13})\?([B\|Q])\?([^\?]*)\?\=/i', $str, $ar);
355		// 0 is all-string pattern, 1 is encoding, 2 is string to base64_decode
356		$i = count($ar[0]);
357		//var_dump($ar);
358		if (0 < $i)
359		{
360		// Got match, process
361		for ($j = 0; $j < count($i); $j++)
		0 ignored issues – show Performance Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are calling the size function `count()` as part of the test condition. You might want to compute the size beforehand, and not on each iteration. If the size of the collection does not change during the iteration, it is generally a good practice to compute it beforehand, and not on each iteration: for ($i=0; $i<count($array); $i++) { // calls count() on each iteration } // Better for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once } Loading history...
362		{
363		$s = '';
364		if ('B' == strtoupper($ar[2][$j])) {
365		// Decode base64 first
366		$s = base64_decode($ar[3][$j]);
367		}
368		elseif ('Q' == strtoupper($ar[2][$j])) {
369		// quoted-printable encoding ? its format like '=0D=0A'
370		$s = quoted_printable_decode($ar[3][$j]);
371		}
372
373		// Then convert string to charset ordered
374		if ($encoding != strtolower($ar[1][$j]))
375		$s = mb_convert_encoding($s, $encoding, $ar[1][$j]);
376
377		// Then replace into original string
378		if (!empty($s))
379		$str = str_replace($ar[0][$j], $s, $str);
380		}
381		//echo "$str \n";
382		return $str;
383		}
384		else
385		{
386		// No match, return original string
387		return $str;
388		}
389		}
390
391
392		/**
393		* Encode a string using MIME encoding method
394		*
395		* Usually used in mail header, attachment name etc.
396		*
397		* No break in string(B encoding mode instead of Q, see
398		* phpmailer::EncodeHeader, line 1156), because that possible
399		* break chinese chars.
400		*
401		* @deprecated Use Fwlib\Util\Rfc2047::encode()
402		* @link http://www.faqs.org/rfcs/rfc2047
403		* @param string $str
404		* @param string $encoding Encoding of $str
405		* @return string
406		*/
407		function Rfc2047Encode($str, $encoding = 'utf-8')
408		{
409		return "=?" . $encoding . "?B?" . base64_encode($str) . "?=";
410		} // end of func Rfc2047Encode
411
412
413		/**
414		* 返回字符串的长度，一个中文字按一个单位算
415		*
416		* Check also: mb_strwidth()
417		* @param string $str
418		* @return int
419		*/
420		function StrlenGb($str = '')
421		{
422		$len = strlen($str);
423		$j = 0;
424		for ($i=0; $i<$len; $i++)
425		{
426		if (true == IsGbChar($str, $i))
427		{
428		$i++;
429		}
430		$j++;
431		}
432		return($j);
433		} // end of func StrlenGb
434
435
436		/**
437		* 把一个用字符串2间隔的字符串，用字符串1进行连接
438		*
439		* :THINK: Useless ? Just replace connector with new char.
440		*
441		* @param string $str 源字符串
442		* @param string $s1 用于连接的字符串
443		* @param string $s2 源字符串本身是用什么连接的，如果为空，则使用$s1的值
444		* @param boolean $embody 首尾是否加上字符串2
445		* @param boolean $istrim 是否去除字符串中的特殊字符
446		* @return string
447		*/
448		function StrReForm( $str, $s1, $s2 = '', $embody = false, $istrim = true )
449		{
450		$ss2 = empty($s2) ? $s1 : $s2;
451		$ar = explode( $ss2, $str );
452		if ( true == $istrim )
453		{
454	View Code Duplication	for ($i=0; $i<count($ar); $i++)
		0 ignored issues – show Performance Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are calling the size function `count()` as part of the test condition. You might want to compute the size beforehand, and not on each iteration. If the size of the collection does not change during the iteration, it is generally a good practice to compute it beforehand, and not on each iteration: for ($i=0; $i<count($array); $i++) { // calls count() on each iteration } // Better for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once } Loading history...
455		{
456		$ar[$i] = trim( $ar[$i], ' \t\0\x0B' );
457		}
458		}
459		//去除空串
460		$ar1 = array();
461	View Code Duplication	for ($i=0; $i<count($ar); $i++)
		0 ignored issues – show Performance Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are calling the size function `count()` as part of the test condition. You might want to compute the size beforehand, and not on each iteration. If the size of the collection does not change during the iteration, it is generally a good practice to compute it beforehand, and not on each iteration: for ($i=0; $i<count($array); $i++) { // calls count() on each iteration } // Better for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once } Loading history...
462		{
463		if ( !empty( $ar[$i] ) )
464		{
465		array_push( $ar1, $ar[$i] );
466		}
467		}
468		$s = implode( $s1, $ar1 );
469		if ( true == $embody )
470		{
471		$s = $s1 . $s . $s1;
472		}
473		return( $s );
474		} // end of func StrReForm
475
476
477		/**
478		* Convert string to array by splitter
479		*
480		* @deprecated Use Fwlib\Util\StringUtil::toArray()
481		* @param string $s_srce
482		* @param string $s_splitter
483		* @param boolean $b_trim
484		* @param boolean $b_remove_empty
485		* @return array
486		*/
487		function StrToArray ($s_srce, $s_splitter = ',', $b_trim = true
488		, $b_remove_empty = true) {
489		if (!is_string($s_srce))
490		$s_srce = strval($s_srce);
491
492		if (false === strpos($s_srce, $s_splitter)) {
493		$ar_rs = array($s_srce);
494		}
495		else {
496		$ar_rs = explode($s_splitter, $s_srce);
497		}
498
499		if ($b_trim) {
500		foreach ($ar_rs as &$v)
501		$v = trim($v);
502		unset($v);
503		}
504
505		if ($b_remove_empty) {
506		foreach ($ar_rs as $k => $v)
507		if (empty($v))
508		unset($ar_rs[$k]);
509		// Re generate array index
510		$ar_rs = array_merge($ar_rs, array());
511		}
512
513		return $ar_rs;
514		} // end of func StrToArray
515
516
517		/**
518		* Convert ucfirst format to underline_connect format
519		*
520		* @deprecated Use Fwlib\Util\StringUtil::toSnakeCase()
521		* If convert fail, return original string.
522		* @param string $str
523		* @return string
524		*/
525		function StrUcfirst2Underline($str)
526		{
527		$s = preg_replace('/([A-Z])/', '_\1', $str);
528		$ar = explode('_', $s);
529		$s = '';
530		if (empty($ar))
531		$s = $str;
532	View Code Duplication	else
533		{
534		foreach ($ar as $s1)
535		if (!empty($s1))
536		$s .= '_' . strtolower($s1);
537		$s = substr($s, 1);
538		}
539		return $s;
540		} // end of func StrUcfirst2Underline
541
542
543		/**
544		* Convert underline_connect format to ucfirst format
545		*
546		* If convert fail, return ucfirst($str)
547		*
548		* @deprecated Use Fwlib\Util\StringUtil::toStudlyCaps()
549		* @param string $str
550		* @param boolean $minus Treat minus sign as splitter also.
551		* @return string
552		*/
553		function StrUnderline2Ucfirst($str, $minus = false)
554		{
555		if ($minus)
556		$str = str_replace('-', '_', $str);
557		$ar = explode('_', $str);
558		$s = '';
559	View Code Duplication	if (empty($ar))
560		$s = ucfirst($str);
561		else
562		foreach ($ar as $s1) {
563		if ('' != $s1)
564		$s .= ucfirst($s1);
565		}
566		return $s;
567		} // end of func StrUnderline2Ucfirst
568
569
570		/**
571		* 截取子字符串，中文按长度1计算
572		* 在计算截取起始位置和截取长度时，中文也是按长度1计算的
573		* 比如$str='大中小'，SubstrGb($str, 1, 1) = '中';
574		*
575		* Obsolete, see: http://www.fwolf.com/blog/post/133
576		* @link http://www.fwolf.com/blog/post/133
577		* @param string $str
578		* @param int $start
579		* @param int $len
580		*/
581		function SubstrGb($str = '', $start = 0, $len = 0)
582		{
583		$tmp = '';
584		if (empty($str) \|\| $len == 0)
585		{
586		return false;
587		}
588		$l = strlen($str);
589		$j = 0;
590		for ($i = 0; $i < $l; $i++)
591		{
592		$tmpstr = (ord($str[$i]) >= 161 && ord($str[$i]) <= 247&& ord($str[$i+1]) >= 161 && ord($str[$i+1]) <= 254)?$str[$i].$str[++$i]:$tmpstr = $str[$i];
593		if ($j >= $start && $j <= ($start + $len))
594		{
595		$tmp .= $tmpstr;
596		}
597		$j++;
598		if ($j == ($start + $len))
599		{
600		break;
601		}
602		}
603		return $tmp;
604		} // end of func SubstrGb
605
606
607		/**
608		* Get substr by display width, and ignore html tag's length
609		*
610		* Using mb_strimwidth()
611		*
612		* Attention: No consider of html complement.
613		*
614		* @deprecated Use Fwlib\Util\StringUtil::substrIgnHtml()
615		* @param string $str Source string
616		* @param int $len Length
617		* @param string $marker If str length exceed, cut & fill with this
618		* @param int $start Start position
619		* @param string $encoding Default is utf-8
620		* @return string
621		* @link http://www.fwolf.com/blog/post/133
622		*/
623		function SubstrIgnHtml($str, $len, $marker = '...', $start = 0, $encoding = 'utf-8') {
624		$i = preg_match_all('/<[^>]*>/i', $str, $ar);
625		if (0 == $i) {
626		// No html in $str
627		$str = htmlspecialchars_decode($str);
628		$str = mb_strimwidth($str, $start, $len, $marker, $encoding);
629		$str = htmlspecialchars($str);
630		return $str;
631		} else {
632		// Have html tags, need split str into parts by html
633		$ar = $ar[0];
634		$ar_s = array();
635	View Code Duplication	for ($i = 0; $i < count($ar); $i ++) {
		0 ignored issues – show Performance Best Practice introduced 2016-06-01 06:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are calling the size function `count()` as part of the test condition. You might want to compute the size beforehand, and not on each iteration. If the size of the collection does not change during the iteration, it is generally a good practice to compute it beforehand, and not on each iteration: for ($i=0; $i<count($array); $i++) { // calls count() on each iteration } // Better for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once } Loading history...
636		// Find sub str
637		$j = strpos($str, $ar[$i]);
638		// Add to new ar: before, tag
639		if (0 != $j)
640		$ar_s[] = substr($str, 0, $j);
641		$ar_s[] = $ar[$i];
642		// Trim origin str, so we start from 0 again next loop
643		$str = substr($str, $j + strlen($ar[$i]));
644		}
645		// Tail of $str, which after html tags
646		$ar_s[] = $str;
647
648		// Loop to cut needed length
649		$s_result = '';
650		$i_length = $len - mb_strwidth($marker, $encoding);
651		$f_tag = 0; // In html tag ?
652		$i = 0;
653		while ($i < count($ar_s)) {
654		$s = $ar_s[$i];
655		$i ++;
656
657		// Is it self-end html tag ?
658		if (0 < preg_match('/\/\s*>/', $s)) {
659		$s_result .= $s;
660		} elseif (0 < preg_match('/<\s*\//', $s)) {
661		// End of html tag ?
662		// When len exceed, only end tag allowed
663		if (0 < $f_tag) {
664		$s_result .= $s;
665		$f_tag --;
666		}
667		} elseif (0 < strpos($s, '>')) {
668		// Begin of html tag ?
669		// When len exceed, no start tag allowed
670		if (0 < $i_length) {
671		$s_result .= $s;
672		$f_tag ++;
673		}
674		} else {
675		// Real string
676		$s = htmlspecialchars_decode($s);
677		if (0 == $i_length) {
678		// Already got length
679		continue;
680		} elseif (mb_strwidth($s, $encoding) < $i_length) {
681		// Can add to rs completely
682		$i_length -= mb_strwidth($s, $encoding);
683		$s_result .= htmlspecialchars($s);
684		} else {
685		// Need cut then add to rs
686		$s_result .= htmlspecialchars(mb_strimwidth($s, 0, $i_length, '', $encoding)) . $marker;
687		$i_length = 0;
688		}
689		}
690		}
691
692		return $s_result;
693		}
694		return '';
695		} // end of func SubstrIgnHtml
696
697
698		?>
699

fwolf / fwlib

Issues (1752)

Security Analysis not enabled

func/string.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like