[github/shaarli/Shaarli.git] / application / Utils.php

<?php
/**
 * Shaarli utilities
 */

/**
 *  Returns the small hash of a string, using RFC 4648 base64url format
 *
 *  Small hashes:
 *   - are unique (well, as unique as crc32, at last)
 *   - are always 6 characters long.
 *   - only use the following characters: a-z A-Z 0-9 - _ @
 *   - are NOT cryptographically secure (they CAN be forged)
 *
 *  In Shaarli, they are used as a tinyurl-like link to individual entries,
 *  e.g. smallHash('20111006_131924') --> yZH23w
 */
function smallHash($text)
{
    $t = rtrim(base64_encode(hash('crc32', $text, true)), '=');
    return strtr($t, '+/', '-_');
}

/**
 * Tells if a string start with a substring
 */
function startsWith($haystack, $needle, $case=true)
{
    if ($case) {
        return (strcmp(substr($haystack, 0, strlen($needle)), $needle) === 0);
    }
    return (strcasecmp(substr($haystack, 0, strlen($needle)), $needle) === 0);
}

/**
 * Tells if a string ends with a substring
 */
function endsWith($haystack, $needle, $case=true)
{
    if ($case) {
        return (strcmp(substr($haystack, strlen($haystack) - strlen($needle)), $needle) === 0);
    }
    return (strcasecmp(substr($haystack, strlen($haystack) - strlen($needle)), $needle) === 0);
}

/**
 * Same as nl2br(), but escapes < and >
 */
function nl2br_escaped($html)
{
    return str_replace('>', '&gt;', str_replace('<', '&lt;', nl2br($html)));
}

/**
 * htmlspecialchars wrapper
 */
function escape($str)
{
    return htmlspecialchars($str, ENT_COMPAT, 'UTF-8', false);
}

/**
 * Link sanitization before templating
 */
function sanitizeLink(&$link)
{
    $link['url'] = escape($link['url']); // useful?
    $link['title'] = escape($link['title']);
    $link['description'] = escape($link['description']);
    $link['tags'] = escape($link['tags']);
}

/**
 * Checks if a string represents a valid date
 *
 * @param string        a string-formatted date
 * @param format        the expected DateTime format of the string
 * @return              whether the string is a valid date
 * @see                 http://php.net/manual/en/class.datetime.php
 * @see                 http://php.net/manual/en/datetime.createfromformat.php
 */
function checkDateFormat($format, $string)
{
    $date = DateTime::createFromFormat($format, $string);
    return $date && $date->format($string) == $string;
}

/**
 * Generate a header location from HTTP_REFERER.
 * Make sure the referer is Shaarli itself and prevent redirection loop.
 *
 * @param string $referer - HTTP_REFERER.
 * @param string $host - Server HOST.
 * @param array $loopTerms - Contains list of term to prevent redirection loop.
 *
 * @return string $referer - final referer.
 */
function generateLocation($referer, $host, $loopTerms = array())
{
    $final_referer = '?';

    // No referer if it contains any value in $loopCriteria.
    foreach ($loopTerms as $value) {
        if (strpos($referer, $value) !== false) {
            return $final_referer;
        }
    }

    // Remove port from HTTP_HOST
    if ($pos = strpos($host, ':')) {
        $host = substr($host, 0, $pos);
    }

    if (!empty($referer) && strpos(parse_url($referer, PHP_URL_HOST), $host) !== false) {
        $final_referer = $referer;
    }

    return $final_referer;
}

/**
 * Checks the PHP version to ensure Shaarli can run
 *
 * @param string $minVersion minimum PHP required version
 * @param string $curVersion current PHP version (use PHP_VERSION)
 *
 * @throws Exception    the PHP version is not supported
 */
function checkPHPVersion($minVersion, $curVersion)
{
    if (version_compare($curVersion, $minVersion) < 0) {
        throw new Exception(
            'Your PHP version is obsolete!'
            .' Shaarli requires at least PHP '.$minVersion.', and thus cannot run.'
            .' Your PHP version has known security vulnerabilities and should be'
            .' updated as soon as possible.'
        );
    }
}
?>
Commit	Line	Data
ca74886f V	1	<?php
	2	/**
	3	* Shaarli utilities
	4	*/
	5
	6	/**
	7	* Returns the small hash of a string, using RFC 4648 base64url format
	8	*
	9	* Small hashes:
	10	* - are unique (well, as unique as crc32, at last)
	11	* - are always 6 characters long.
	12	* - only use the following characters: a-z A-Z 0-9 - _ @
	13	* - are NOT cryptographically secure (they CAN be forged)
	14	*
	15	* In Shaarli, they are used as a tinyurl-like link to individual entries,
	16	* e.g. smallHash('20111006_131924') --> yZH23w
	17	*/
	18	function smallHash($text)
	19	{
	20	$t = rtrim(base64_encode(hash('crc32', $text, true)), '=');
	21	return strtr($t, '+/', '-_');
	22	}
	23
	24	/**
	25	* Tells if a string start with a substring
	26	*/
	27	function startsWith($haystack, $needle, $case=true)
	28	{
	29	if ($case) {
	30	return (strcmp(substr($haystack, 0, strlen($needle)), $needle) === 0);
	31	}
	32	return (strcasecmp(substr($haystack, 0, strlen($needle)), $needle) === 0);
	33	}
	34
	35	/**
	36	* Tells if a string ends with a substring
	37	*/
	38	function endsWith($haystack, $needle, $case=true)
	39	{
	40	if ($case) {
	41	return (strcmp(substr($haystack, strlen($haystack) - strlen($needle)), $needle) === 0);
	42	}
	43	return (strcasecmp(substr($haystack, strlen($haystack) - strlen($needle)), $needle) === 0);
	44	}
64bc92e3	45
	46	/**
	47	* Same as nl2br(), but escapes < and >
	48	*/
	49	function nl2br_escaped($html)
	50	{
d1e2f8e5	51	return str_replace('>', '>', str_replace('<', '<', nl2br($html)));
64bc92e3	52	}
	53
	54	/**
	55	* htmlspecialchars wrapper
	56	*/
	57	function escape($str)
	58	{
	59	return htmlspecialchars($str, ENT_COMPAT, 'UTF-8', false);
	60	}
	61
	62	/**
	63	* Link sanitization before templating
	64	*/
	65	function sanitizeLink(&$link)
	66	{
	67	$link['url'] = escape($link['url']); // useful?
	68	$link['title'] = escape($link['title']);
	69	$link['description'] = escape($link['description']);
	70	$link['tags'] = escape($link['tags']);
	71	}
9186ab95 V	72
	73	/**
	74	* Checks if a string represents a valid date
	75	*
	76	* @param string a string-formatted date
	77	* @param format the expected DateTime format of the string
	78	* @return whether the string is a valid date
	79	* @see http://php.net/manual/en/class.datetime.php
	80	* @see http://php.net/manual/en/datetime.createfromformat.php
	81	*/
	82	function checkDateFormat($format, $string)
	83	{
	84	$date = DateTime::createFromFormat($format, $string);
	85	return $date && $date->format($string) == $string;
	86	}
775803a0 A	87
	88	/**
	89	* Generate a header location from HTTP_REFERER.
	90	* Make sure the referer is Shaarli itself and prevent redirection loop.
	91	*
	92	* @param string $referer - HTTP_REFERER.
	93	* @param string $host - Server HOST.
	94	* @param array $loopTerms - Contains list of term to prevent redirection loop.
	95	*
	96	* @return string $referer - final referer.
	97	*/
	98	function generateLocation($referer, $host, $loopTerms = array())
	99	{
	100	$final_referer = '?';
	101
	102	// No referer if it contains any value in $loopCriteria.
	103	foreach ($loopTerms as $value) {
	104	if (strpos($referer, $value) !== false) {
	105	return $final_referer;
	106	}
	107	}
	108
	109	// Remove port from HTTP_HOST
	110	if ($pos = strpos($host, ':')) {
	111	$host = substr($host, 0, $pos);
	112	}
	113
	114	if (!empty($referer) && strpos(parse_url($referer, PHP_URL_HOST), $host) !== false) {
	115	$final_referer = $referer;
	116	}
	117
	118	return $final_referer;
	119	}
d1e2f8e5 V	120
	121	/**
	122	* Checks the PHP version to ensure Shaarli can run
	123	*
	124	* @param string $minVersion minimum PHP required version
	125	* @param string $curVersion current PHP version (use PHP_VERSION)
	126	*
	127	* @throws Exception the PHP version is not supported
	128	*/
	129	function checkPHPVersion($minVersion, $curVersion)
	130	{
	131	if (version_compare($curVersion, $minVersion) < 0) {
	132	throw new Exception(
	133	'Your PHP version is obsolete!'
	134	.' Shaarli requires at least PHP '.$minVersion.', and thus cannot run.'
	135	.' Your PHP version has known security vulnerabilities and should be'
	136	.' updated as soon as possible.'
	137	);
	138	}
	139	}
	140	?>