"...indexation/git@labs.maarch.org:maarch/MaarchCourrier.git" did not exist on "123b8fd7af16e7c2e97f79c50a8577ae0b0fa29a"
Newer
Older
<?php
/*
* Copyright Maarch since 2008 under licence GPLv3.
* See LICENCE.txt file at the root folder for more details.
* This file is part of Maarch software.
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
*/
/**
* @brief Contains all the various functions of this application.
*
* @file
* @author Claire Figueras <dev@maarch.org>
* @date $date$
* @version $Revision$
* @ingroup core
*/
/**
* @brief Contains all the various functions of this application.
*
* <ul>
* <li>The toolkit of the Maarch framework</li>
* <li>Management of variables format</li>
* <li>Management of date format</li>
* </ul>
* @ingroup core
*/
class functions
{
/**
*
* @deprecated
*/
private $f_page;
/**
* Adds en error to the errors log
*
* @param $msg string Message to add
* @param $var string Language dependant message
*/
{
$msg = trim($msg);
if (!empty($msg)) {
if (strlen(str_replace(array("<br />","<br />"), "", $_SESSION['error'])) < 6) {
$_SESSION['error'] = "";
}
}
}
/**
* Cleans a variable with multiple possibility
*
* @param $what string Variable to clean
* @param $mask string Mask, "no" by default
* @param $msg_error string Error message, empty by default
* @param $empty string "yes" by default
* @param $min_limit integer Empty by default
* @param $max_limit integer Empty by default
* @return string Cleaned variable or empty string
*/
public function wash($what, $mask = "no", $msg_error = "", $empty = "yes", $min_limit = "", $max_limit = "", $custom_pattern = '', $custom_error_msg = '')
{
//$w_var = addslashes(trim(strip_tags($what)));
$w_var = trim(strip_tags($what));
$test_empty = "ok";
if ($empty == "yes") {
// We use strlen instead of the php's empty function because for a var containing 0 return by a form (in string format)
// the empty function return that the var is empty but it contains à 0
if (strlen($w_var) == 0) {
$test_empty = "no";
$test_empty = "ok";
}
}
if ($test_empty == "no") {
$this->add_error($msg_error, _IS_EMPTY);
return "";
} else {
if ($msg_error <> '') {
if ($min_limit <> "") {
if (strlen($w_var) < $min_limit) {
if ($min_limit > 1) {
$this->add_error($msg_error, _MUST_MAKE_AT_LEAST." ".$min_limit." "._CHARACTERS);
} else {
$this->add_error($msg_error, _MUST_MAKE_AT_LEAST." ".$min_limit." "._CHARACTERS);
}
return "";
}
}
}
if ($max_limit <> "") {
if (strlen($w_var) > $max_limit) {
if ($min_limit > 1) {
$this->add_error($msg_error, MUST_BE_LESS_THAN." ".$max_limit." "._CHARACTERS);
} else {
$this->add_error($msg_error, MUST_BE_LESS_THAN." ".$max_limit." "._CHARACTERS);
}
return "";
}
}
case "no":
return $w_var;
case "num":
if (preg_match("/^[0-9]+$/", $w_var)) {
return $w_var;
$this->add_error($msg_error, _WRONG_FORMAT." :<br/>"._WAITING_INTEGER);
return "";
}
case "float":
if (preg_match("/^[0-9.,]+$/", $w_var)) {
return $w_var;
$this->add_error($msg_error, _WRONG_FORMAT." "._WAITING_FLOAT);
return "";
}
case "letter":
if (preg_match("/^[a-zA-Z]+$/", $w_var)) {
return $w_var;
$this->add_error($msg_error, _WRONG_FORMAT);
$this->add_error(_ONLY_ALPHABETIC, '');
return "";
}
case "alphanum":
if (preg_match("/^[a-zA-Z0-9]+$/", $w_var)) {
return $w_var;
} else {
$this->add_error($msg_error, _WRONG_FORMAT);
$this->add_error(_ONLY_ALPHANUM, '');
return "";
}
Florian Azizian
committed
case "alphanumunderscore":
if (preg_match("/^[a-zA-Z0-9_]+$/", $w_var)) {
Florian Azizian
committed
return $w_var;
} else {
$this->add_error($msg_error, _WRONG_FORMAT);
Florian Azizian
committed
return "";
Florian Azizian
committed
case "nick":
if (preg_match("/^[_a-zA-Z0-9.-]+$/", $w_var)) {
return $w_var;
} else {
$this->add_error($msg_error, _WRONG_FORMAT);
return "";
}
case "mail":
if (preg_match("/^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.[a-zA-Z]{2,10}$/", $w_var)) {
return $w_var;
$this->add_error($msg_error, _WRONG_FORMAT);
return "";
}
case "url":
if (preg_match("/^[www.]+[_a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/", $w_var)) {
return $w_var;
$this->add_error($msg_error, _WRONG_FORMAT);
return "";
}
case "file":
if (preg_match("/^[_a-zA-Z0-9.-? é&\/]+$/", $w_var)) {
return $w_var;
$this->add_error($msg_error, _WRONG_FORMAT);
return "";
}
case "name":
if (preg_match("/^[_a-zA-Z0-9.-? \'\/&éea]+$/", $w_var)) {
return $w_var;
$this->add_error($msg_error, _WRONG_FORMAT);
return "";
}
if (preg_match("/^[\+0-9\(\)\s\.]*$/", $w_var)) {
$this->add_error($msg_error, _WRONG_FORMAT);
return "";
}
case "date":
$date_pattern = "/^[0-3][0-9]-[0-1][0-9]-[1-2][0-9][0-9][0-9]$/";
if (preg_match($date_pattern, $w_var)) {
return $w_var;
$this->add_error($msg_error, _WRONG_FORMAT." "._WAITING_DATE);
return "";
}
case "custom":
if (preg_match($custom_pattern, $w_var) == 0) {
$this->add_error($msg_error, $custom_error_msg.' '.$custom_pattern.' '.$w_var);
return "";
return $w_var;
}
}
}
}
/**
* Returns a variable with personnal formating. It allows you to add formating action when you displays the variable the var
*
* @param $what string Variable to format
* @return string Formated variable
*/
public static function show_str($what)
{
return stripslashes($what);
}
/**
* Formats a datetime to a dd/mm/yyyy format (date)
*
* @param $date datetime The date to format
* @return datetime The formated date
*/
public function format_date($date)
{
$last_date = '';
if ($date <> "") {
if (strpos($date, " ")) {
$date_ex = explode(" ", $date);
$the_date = explode("-", $date_ex[0]);
$last_date = $the_date[2]."-".$the_date[1]."-".$the_date[0];
} else {
$the_date = explode("-", $date);
$last_date = $the_date[2]."-".$the_date[1]."-".$the_date[0];
}
}
return $last_date;
}
/**
* Returns a formated date for SQL queries
*
* @param $date date Date to format
* @param $insert bool If true format the date to insert in the database (true by default)
* @return Formated date or empty string if any error
*/
public static function format_date_db($date, $insert=true, $databasetype= '', $withTimeZone=false)
{
if (isset($_SESSION['config']['databasetype'])
&& ! empty($_SESSION['config']['databasetype'])) {
$databasetype = $_SESSION['config']['databasetype'];
}
if ($date <> "") {
$var = explode('-', $date) ;
if (preg_match('/\s/', $var[2])) {
$tmp = explode(' ', $var[2]);
$var[2] = $tmp[0];
$var[3] = substr($tmp[1], 0, 8);
if (preg_match('/^[0-3][0-9]$/', $var[0])) {
$day = $var[0];
$month = $var[1];
$year = $var[2];
$hours = $var[3];
} else {
$year = $var[0];
$month = $var[1];
$day = substr($var[2], 0, 2);
$hours = $var[3];
}
if ($year <= "1900") {
return '';
} else {
if ($databasetype == "SQLSERVER") {
return $day . "-" . $month . "-" . $year . " " . $hours;
return $day . "-" . $month . "-" . $year;
}
} elseif ($databasetype == "POSTGRESQL") {
if ($_SESSION['config']['lang'] == "fr") {
return $day . "-" . $month . "-" . $year . " " . $hours;
return $day . "-" . $month . "-" . $year;
}
} else {
return $year . "-" . $month . "-" . $day . " " . $hours;
return $year . "-" . $month . "-" . $day;
}
} elseif ($databasetype == "ORACLE") {
return $day . "-" . $month . "-" . $year;
} elseif ($databasetype == "MYSQL" && $insert) {
return $year . "-" . $month . "-" . $day;
} elseif ($databasetype == "MYSQL" && !$insert) {
return $day . "-" . $month . "-" . $year;
}
}
} else {
return '';
}
}
/**
* Protects string to insert in the database
*
* @param $string string String to format
* @return Formated date
*/
Florian Azizian
committed
public function protect_string_db($string, $databasetype = '', $full='yes')
if (isset($_SESSION['config']['databasetype']) && !empty($_SESSION['config']['databasetype'])) {
$databasetype = $_SESSION['config']['databasetype'];
}
if ($databasetype == "SQLSERVER") {
$string = str_replace("'", "''", $string);
$string = str_replace("\\", "", $string);
} elseif ($databasetype == "ORACLE") {
$string = str_replace("'", "''", $string);
$string = str_replace("\\", "", $string);
} elseif (($databasetype == "MYSQL")) {
$string = addslashes($string);
} elseif (($databasetype == "POSTGRESQL")) {
Florian Azizian
committed
$string = str_replace("'", "'", $string);
$string = pg_escape_string($string);
Florian Azizian
committed
if ($full == 'yes') {
$string=str_replace(';', ' ', $string);
$string=str_replace('--', '-', $string);
Florian Azizian
committed
}
return $string;
}
/**
* Returns a string without the escaping characters
*
* @param $string string String to format
public static function show_string($string, $replace_CR = false, $chars_to_escape = array(), $databasetype = '', $escape_quote = true)
if (isset($string) && !empty($string) && is_string($string)) {
if (isset($_SESSION['config']['databasetype']) && !empty($_SESSION['config']['databasetype'])) {
$databasetype = $_SESSION['config']['databasetype'];
}
if ($databasetype == "SQLSERVER") {
$string = str_replace("''", "'", $string);
$string = str_replace("\\", "", $string);
} elseif ($databasetype == "MYSQL" || $databasetype == "POSTGRESQL" && (ini_get('magic_quotes_gpc') <> true || phpversion() >= 6)) {
$string = stripslashes($string);
$string = str_replace("\\'", "'", $string);
$string = str_replace('\\"', '"', $string);
} elseif ($databasetype == "ORACLE") {
$string = str_replace("''", "'", $string);
$string = str_replace("\\", "", $string);
}
if ($replace_CR) {
$to_del = array("\t", "\n", "�A;", "�D;", "\r");
$string = str_replace($to_del, ' ', $string);
}
if (!empty($chars_to_escape) && is_array($chars_to_escape)) {
for ($i=0;$i<count($chars_to_escape);$i++) {
$string = str_replace($chars_to_escape[$i], '\\'.$chars_to_escape, $string);
}
if ($escape_quote) {
$string = str_replace('"', "'", $string);
}
$string = trim($string);
}
return $string;
}
/**
* Cleans html string, replacing entities by utf-8 code
*
* @param $var string String to clean
* @return Cleaned string
*/
public function wash_html($var, $mode="UNICODE")
{
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
if ($mode == "UNICODE") {
$var = str_replace("<br/>", "\\n", $var);
$var = str_replace("<br />", "\\n", $var);
$var = str_replace("<br/>", "\\n", $var);
$var = str_replace(" ", " ", $var);
$var = str_replace("é", "\u00e9", $var);
$var = str_replace("è", "\u00e8", $var);
$var = str_replace("ê", "\00ea", $var);
$var = str_replace("à", "\u00e0", $var);
$var = str_replace("â", "\u00e2", $var);
$var = str_replace("î", "\u00ee", $var);
$var = str_replace("ô", "\u00f4", $var);
$var = str_replace("û", "\u00fb", $var);
$var = str_replace("´", "\u0027", $var);
$var = str_replace("°", "\u00b0", $var);
$var = str_replace("’", "\u2019", $var);
} elseif ($mode == 'NO_ACCENT') {
$var = str_replace("<br/>", "\\n", $var);
$var = str_replace("<br />", "\\n", $var);
$var = str_replace("<br/>", "\\n", $var);
$var = str_replace(" ", " ", $var);
$var = str_replace("é", "e", $var);
$var = str_replace("è", "e", $var);
$var = str_replace("ê", "e", $var);
$var = str_replace("à", "a", $var);
$var = str_replace("â", "a", $var);
$var = str_replace("î", "i", $var);
$var = str_replace("ô", "o", $var);
$var = str_replace("û", "u", $var);
$var = str_replace("´", "", $var);
$var = str_replace("°", "o", $var);
$var = str_replace("’", "'", $var);
$var = str_replace("&", " et ", $var);
} else {
$var = str_replace("<br/>", "\\n", $var);
$var = str_replace("<br />", "\\n", $var);
$var = str_replace("<br/>", "\\n", $var);
$var = str_replace(" ", " ", $var);
$var = str_replace("é", "é", $var);
$var = str_replace("è", "è", $var);
$var = str_replace("ê", "ê", $var);
$var = str_replace("à", "à", $var);
$var = str_replace("â", "â", $var);
$var = str_replace("î", "î", $var);
$var = str_replace("ô", "ô", $var);
$var = str_replace("û", "û", $var);
$var = str_replace("´", "", $var);
$var = str_replace("°", "°", $var);
$var = str_replace("’", "'", $var);
return $var;
}
/**
* Compares to date
*
* @param $date1 date First date
* @param $date2 date Second date
* @return date1 if the first date is the greater, date2 if the second date or "equal" otherwise
*/
public function compare_date($date1, $date2)
{
$date1 = strtotime($date1);
$date2 = strtotime($date2);
if ($date1 > $date2) {
$result = "date1";
} elseif ($date1 < $date2) {
$result = "date2";
} elseif ($date1 = $date2) {
$result = "equal";
}
return $result;
}
/**
* Checks if a directory is empty
*
* @param $dir string The directory to check
* @return bool True if empty, False otherwise
*/
public function isDirEmpty($dir)
{
$dir = opendir($dir);
$isEmpty = true;
while (($entry = readdir($dir)) !== false) {
if ($entry !== '.' && $entry !== '..' && $entry !== '.svn') {
$isEmpty = false;
break;
}
}
closedir($dir);
return $isEmpty;
}
/**
* Convert an object to an array
* @param $object object to convert
*/
public function object2array($object)
{
$return = null;
if (is_array($object)) {
foreach ($object as $key => $value) {
$return[$key] = $this->object2array($value);
}
} else {
if (is_object($object)) {
$var = get_object_vars($object);
if ($var) {
foreach ($var as $key => $value) {
$return[$key] = ($key && !$value) ? null : $this->object2array($value);
} else {
return $object;
} else {
return $object;
}
}
return $return;
}
/**
* Function to encode an url in base64
*/
public function base64UrlEncode($data)
{
return strtr(base64_encode($data), '+/', '-_,');
}
/**
* Function to decode an url encoded in base64
*/
public function base64UrlDecode($base64)
{
return base64_decode(strtr($base64, '-_,', '+/'));
}
/**
* Encrypt a text
* @param $text string to encrypt
*/
public function encrypt($sensitiveData)
{
$publicKeyPath = $this->getPublicKeyPath();
if (file_exists($publicKeyPath)) {
$pubKey = openssl_pkey_get_public('file://'.$publicKeyPath);
return false;
} else {
$encryptedData = "";
openssl_public_encrypt($sensitiveData, $encryptedData, $pubKey);
//base 64 encode to use it in url
return $this->base64UrlEncode($encryptedData);
}
return false;
}
}
/**
* Decrypt a text
* @param $text string to decrypt
*/
public function decrypt($encryptedData)
{
$privateKeyPath = $this->getPrivateKeyPath();
if (file_exists($privateKeyPath)) {
$passphrase = "";
$privateKey = openssl_pkey_get_private('file://'.$privateKeyPath, $passphrase);
if (!$privateKey) {
return false;
} else {
$decryptedData = "";
openssl_private_decrypt($this->base64UrlDecode($encryptedData), $decryptedData, $privateKey);
return $decryptedData;
}
} else {
return false;
}
}
/**
* return the path of the private key path
*/
public function getPrivateKeyPath()
{
if (file_exists($_SESSION['config']['corepath'].'custom'.DIRECTORY_SEPARATOR.$_SESSION['custom_override_id'].DIRECTORY_SEPARATOR.'apps'.DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR.'xml'.DIRECTORY_SEPARATOR.'config.xml')) {
$path = $_SESSION['config']['corepath'].'custom'.DIRECTORY_SEPARATOR.$_SESSION['custom_override_id'].DIRECTORY_SEPARATOR.'apps'.DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR.'xml'.DIRECTORY_SEPARATOR.'config.xml';
} else {
$path = 'apps'.DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR.'xml'.DIRECTORY_SEPARATOR.'config.xml';
}
$xmlconfig = simplexml_load_file($path);
$CRYPT = $xmlconfig->CRYPT;
return (string) $CRYPT->pathtoprivatekey;
}
/**
* return the path of the public key path
*/
public function getPublicKeyPath()
if (file_exists($_SESSION['config']['corepath'].'custom'.DIRECTORY_SEPARATOR.$_SESSION['custom_override_id'].DIRECTORY_SEPARATOR.'apps'.DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR.'xml'.DIRECTORY_SEPARATOR.'config.xml')) {
$path = $_SESSION['config']['corepath'].'custom'.DIRECTORY_SEPARATOR.$_SESSION['custom_override_id'].DIRECTORY_SEPARATOR.'apps'.DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR.'xml'.DIRECTORY_SEPARATOR.'config.xml';
} else {
$path = 'apps'.DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR.'xml'.DIRECTORY_SEPARATOR.'config.xml';
}
$xmlconfig = simplexml_load_file($path);
$CRYPT = $xmlconfig->CRYPT;
return $CRYPT->pathtopublickey;
}
/**
* Return the file's extention of a file
* @param $sFullPath string path of the file
*/
public function extractFileExt($sFullPath)
{
$sName = $sFullPath;
if (strpos($sName, ".") == 0) {
$extractFileExt = "";
} else {
$extractFileExt = explode(".", $sName);
}
if ($extractFileExt <> '') {
return $extractFileExt[count($extractFileExt) - 1];
}
return '';
}
/**
* Browse each file and folder in the folder and return true if the folder is not empty
* @param $folder path string of the folder
*/
public function isDirNotEmpty($folder)
{
$foundDoc = false;
$classScan = dir($folder);
while (($fileScan = $classScan->read()) != false) {
if ($fileScan == '.' || $fileScan == '..' || $fileScan == '.svn') {
continue;
} else {
$foundDoc = true;
break;
}
}
return $foundDoc;
}
/**
* xss mitigation functions
* Return protected chars
* @param $data to encode
* @param $encoding ut8 by default
*/
public static function xssafe($data, $encoding='UTF-8')
Florian Azizian
committed
return htmlspecialchars($data, ENT_QUOTES | ENT_HTML401, $encoding);
}
}
/**
* xss mitigation functions
* Return protected chars
* @param $data to encode
*/
public static function xecho($data)
echo functions::xssafe($data);