if(empty($data)) {
return $data;
}
- $lines = explode("\n", $data);
+ $withPattern = 0;
+ for ($i = 0; $i < 5; $i++) {
+ $randPattern = rand(10000, 30000);
+ if (! preg_match("/$randPattern/", $data)) {
+ $withPattern = 1;
+ break;
+ }
+ }
+ if ($withPattern) {
+/*
+ while(preg_match('/<a [^>]*>[^<]*<\/a>/i', $data, $part)) {
+ $mem[] = $part[0];
+ $data = preg_replace('/<a [^>]*>[^<]*<\/a>/i', $randPattern, $data, 1);
+ }
+*/
+ $mem = array();
+ while(preg_match('/<a [^>]*>.*<\/a>/siU', $data, $part)) {
+ $mem[] = $part[0];
+ $data = preg_replace('/<a [^>]*>.*<\/a>/siU', $randPattern, $data, 1);
+ }
+ while(preg_match('/<img [^>]*\/>/siU', $data, $part)) {
+ $mem[] = $part[0];
+ $data = preg_replace('/<img [^>]*\/>/siU', $randPattern, $data, 1);
+ }
+ $data = str_replace('>', "\1", $data);
+ $data = preg_replace("#([ \t]|^)www\.#i"," http://www.",$data);
+ $data = preg_replace("#([[:alnum:]]+)://([^[:space:]<\1]*)([[:alnum:]\#?/&=])#i", "<a href=\"\\1://\\2\\3\" target=\"_new\">\\1://\\2\\3</a>", $data);
+ $data = preg_replace("#([[:space:]]|^)(([a-z0-9_]|\\-|\\.)+@([^[:space:]<\1]*)([[:alnum:]-]))#i", "\\1<a href=\"mailto:\\2\" target=\"_new\">\\2</a>", $data);
+ $data = str_replace("\1", '>', $data);
+ for ($i = 0; $i < count($mem); $i++) {
+ $data = preg_replace("/$randPattern/", $mem[$i], $data, 1);
+ }
+ return($data);
+ }
+
+ $lines = split("\n",$data);
$newText = "";
while ( list ($key, $line) = each ($lines)) {
+ // Do not scan lines if they already have hyperlinks.
+ // Avoid problem with text written with an WYSIWYG HTML editor.
+ if (eregi('<a ([^>]*)>.*</a>', $line, $linePart)) {
+ if (eregi('href="[^"]*"', $linePart[1])) {
+ $newText .= $line;
+ continue;
+ }
+ }
+
+ // Skip </img> tag also
+ if (eregi('<img ([^>]*)/>', $line, $linePart)) {
+ if (eregi('href="[^"]*"', $linePart[1])) {
+ $newText .= $line;
+ continue;
+ }
+ }
+
// When we come here, we usually have form input
// encoded in entities. Our aim is to NOT include
// angle brackets in the URL
}
}
+/* util_is_valid_repository_name() - Verifies whether a repository name is valid
+ *
+ * @param string The name to verify
+ * @returns true on success/false on error
+ *
+ */
+function util_is_valid_repository_name ($file) {
+ //bad char test
+ $invalidchars = preg_replace("/[-A-Z0-9+_\.]/i","",$file);
+
+ if (!empty($invalidchars)) {
+ return false;
+ }
+ if (strstr($file,'..')) {
+ return false;
+ }
+ return true;
+}
+
/**
* valid_hostname() - Validates a hostname string to make sure it doesn't contain invalid characters
*
/**
* Return URL prefix (http:// or https://)
*
+ * @param string $prefix (optional) : 'http' or 'https' to force it
* @return string URL prefix
*/
-function util_url_prefix() {
- if (forge_get_config('use_ssl')) {
- return "https://";
- } else {
- return "http://";
+function util_url_prefix($prefix = '') {
+ if ($prefix == 'http' || $prefix == 'https' ) {
+ return $prefix . '://';
+ }
+ else {
+ if (forge_get_config('use_ssl')) {
+ return "https://";
+ } else {
+ return "http://";
+ }
}
}
/**
* Construct the base URL http[s]://forge_name[:port]
*
+ * @param string $prefix (optional) : 'http' or 'https' to force it
* @return string base URL
*/
-function util_make_base_url() {
- $url = util_url_prefix();
+function util_make_base_url($prefix = '') {
+ $url = util_url_prefix($prefix);
$url .= forge_get_config('web_host') ;
if (forge_get_config('https_port') && (forge_get_config('https_port') != 443)) {
$url .= ":".forge_get_config('https_port') ;
/**
* Construct full URL from a relative path
*
- * @param string $path
+ * @param string $path (optional)
+ * @param string $prefix (optional) : 'http' or 'https' to force it
* @return string URL
*/
-function util_make_url($path = '') {
- $url = util_make_base_url().util_make_uri($path) ;
+function util_make_url($path = '', $prefix = '') {
+ $url = util_make_base_url($prefix).util_make_uri($path) ;
return $url;
}
}
/**
- * Adds the Javascript file to the lits to be used
- * @param unknown_type $js
+ * Adds the Javascript file to the list to be used
+ * @param string $js
*/
function use_javascript($js) {
return $GLOBALS['HTML']->addJavascript($js);
if ($x == '/') {
$rv = 0;
$ok = true;
- } else if ($ok == false) {
+ } elseif ($ok == false) {
; /* need reset using slash */
- } else if ((ord($x) >= 48) && (ord($x) <= 57)) {
+ } elseif ((ord($x) >= 48) && (ord($x) <= 57)) {
$rv = $rv * 10 + ord($x) - 48;
} else {
$ok = false;
implode("<br />", explode("\n",
$encoded_string))) . "</p>")));
}
-function util_ttwrap($encoded_string) {
- return str_replace("<p><tt></tt></p>", "",
- str_replace("<br /></tt></p>", "</tt></p>",
- str_replace("<p><tt><br />", "<p><tt>",
- "<p><tt>" . str_replace("<br /><br />", "</tt></p><p><tt>",
- implode("<br />", explode("\n",
- encoded_string))) . "</tt></p>")));
-}
/* takes a string and returns it HTML encoded, URIs made to hrefs */
function util_uri_grabber($unencoded_string, $tryaidtid=false) {
}
/**
- * TODO: Enter description here ...
- * @param unknown_type $script
- * @param unknown_type $default_content_type
- * @return Ambiguous
+ * util_negociate_alternate_content_types() - Manage content-type negociation based on 'script_accepted_types' hooks
+ * @param string $script
+ * @param string $default_content_type
+ * @param string $forced_content_type
+ * @return string
*/
-function util_negociate_alternate_content_types($script, $default_content_type) {
-
- // Invoke plugins' hooks 'script_accepted_types' to discover which alternate content types they would accept for /users/...
- $hook_params = array();
- $hook_params['script'] = $script;
- $hook_params['accepted_types'] = array();
- plugin_hook_by_reference('script_accepted_types', $hook_params);
- if (count($hook_params['accepted_types'])) {
- // By default, text/html is accepted
- $accepted_types = array($default_content_type);
- $new_accepted_types = $hook_params['accepted_types'];
- $accepted_types = array_merge($accepted_types, $new_accepted_types);
-
- // PEAR::HTTP (for negotiateMimeType())
- require_once('HTTP.php');
-
- // negociate accepted content-type depending on the preferred ones declared by client
- $http=new HTTP();
- $content_type = $http->negotiateMimeType($accepted_types, false);
- } else {
- $content_type = $default_content_type;
+function util_negociate_alternate_content_types($script, $default_content_type, $forced_content_type=false) {
+
+ $content_type = $default_content_type;
+
+ // we can force the content-type to be returned automaticall if necessary
+ if ($forced_content_type) {
+ // TODO ideally, in this case we could try and apply the negociation to see if it matches
+ // one provided by the hooks, but negotiateMimeType() doesn't allow this so for the moment,
+ // we just force it whatever the hooks support
+ $content_type = $forced_content_type;
+ }
+ else {
+ // Invoke plugins' hooks 'script_accepted_types' to discover which alternate content types they would accept for /users/...
+ $hook_params = array();
+ $hook_params['script'] = $script;
+ $hook_params['accepted_types'] = array();
+
+ plugin_hook_by_reference('script_accepted_types', $hook_params);
+
+ if (count($hook_params['accepted_types'])) {
+ // By default, text/html is accepted
+ $accepted_types = array($default_content_type);
+ $new_accepted_types = $hook_params['accepted_types'];
+ $accepted_types = array_merge($accepted_types, $new_accepted_types);
+
+ // PEAR::HTTP (for negotiateMimeType())
+ require_once 'HTTP.php';
+
+ // negociate accepted content-type depending on the preferred ones declared by client
+ $http=new HTTP();
+ $content_type = $http->negotiateMimeType($accepted_types, false);
+ }
}
return $content_type;
}
return $text;
}
+function util_is_html($string) {
+ return (strip_tags(util_unconvert_htmlspecialchars($string)) != $string);
+}
+
+function util_init_messages() {
+ global $feedback, $warning_msg, $error_msg;
+
+ if (PHP_SAPI == 'cli') {
+ $feedback = $warning_msg = $error_msg = '';
+ } else {
+ $feedback = getStringFromCookie('feedback', '');
+ if ($feedback) setcookie('feedback', '', time()-3600, '/');
+
+ $warning_msg = getStringFromCookie('warning_msg', '');
+ if ($warning_msg) setcookie('warning_msg', '', time()-3600, '/');
+
+ $error_msg = getStringFromCookie('error_msg', '');
+ if ($error_msg) setcookie('error_msg', '', time()-3600, '/');
+ }
+}
+
+function util_save_messages() {
+ global $feedback, $warning_msg, $error_msg;
+
+ setcookie('feedback', $feedback, time() + 10, '/');
+ setcookie('warning_msg', $warning_msg, time() + 10, '/');
+ setcookie('error_msg', $error_msg, time() + 10, '/');
+}
+
/**
* util_create_file_with_contents() — Securely create (or replace) a file with given contents
*
function util_mkdtemp($suffix = '', $prefix = 'tmp') {
$tempdir = sys_get_temp_dir();
for ($i=0; $i<5; $i++) {
- $id = strtr(base64_encode(openssl_random_pseudo_bytes(6)), '+/', '-_');
+ $id = strtr(base64_encode(util_randbytes(6)), '+/', '-_');
$path = "{$tempdir}/{$prefix}{$id}{$suffix}";
if (mkdir($path, 0700)) {
return $path;
if ($userinfo === False) {
return False;
}
- if (posix_setegid($userinfo['gid']) && posix_seteuid($userinfo['uid'])) {
+ if (posix_setegid($userinfo['gid']) &&
+ ($saved_euid != 0 || posix_initgroups($username, $userinfo['gid'])) &&
+ posix_seteuid($userinfo['uid'])) {
$function($params);
}
posix_setegid($saved_egid);
posix_seteuid($saved_euid);
+ if ($saved_euid == 0)
+ posix_initgroups("root", 0);
}
// Local Variables: