[github/wallabag/wallabag.git] / inc / poche / Tools.class.php

<?php
/**
 * wallabag, self hostable application allowing you to not miss any content anymore
 *
 * @category   wallabag
 * @author     Nicolas Lœuillet <nicolas@loeuillet.org>
 * @copyright  2013
 * @license    http://www.wtfpl.net/ see COPYING file
 */

class Tools
{
    public static function initPhp()
    {
        define('START_TIME', microtime(true));

        if (phpversion() < 5) {
            die(_('Oops, it seems you don\'t have PHP 5.'));
        }

        function stripslashesDeep($value) {
            return is_array($value)
                ? array_map('stripslashesDeep', $value)
                : stripslashes($value);
        }

        if (get_magic_quotes_gpc()) {
            $_POST = array_map('stripslashesDeep', $_POST);
            $_GET = array_map('stripslashesDeep', $_GET);
            $_COOKIE = array_map('stripslashesDeep', $_COOKIE);
        }

        ob_start();
        register_shutdown_function('ob_end_flush');
    }

    public static function getPocheUrl()
    {
        $https = (!empty($_SERVER['HTTPS'])
                    && (strtolower($_SERVER['HTTPS']) == 'on'))
            || (isset($_SERVER["SERVER_PORT"])
                    && $_SERVER["SERVER_PORT"] == '443') // HTTPS detection.
            || (isset($_SERVER["SERVER_PORT"]) //Custom HTTPS port detection
                    && $_SERVER["SERVER_PORT"] == SSL_PORT)
             || (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])
                    && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https');

        $serverport = (!isset($_SERVER["SERVER_PORT"])
            || $_SERVER["SERVER_PORT"] == '80'
            || ($https && $_SERVER["SERVER_PORT"] == '443')
            || ($https && $_SERVER["SERVER_PORT"]==SSL_PORT) //Custom HTTPS port detection
            ? '' : ':' . $_SERVER["SERVER_PORT"]);

        $scriptname = str_replace('/index.php', '/', $_SERVER["SCRIPT_NAME"]);

        if (!isset($_SERVER["HTTP_HOST"])) {
            return $scriptname;
        }

        $host = (isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']));

        if (strpos($host, ':') !== false) {
            $serverport = '';
        }

        return 'http' . ($https ? 's' : '') . '://'
            . $host . $serverport . $scriptname;
    }

    public static function redirect($url = '')
    {
        if ($url === '') {
            $url = (empty($_SERVER['HTTP_REFERER'])?'?':$_SERVER['HTTP_REFERER']);
            if (isset($_POST['returnurl'])) {
                $url = $_POST['returnurl'];
            }
        }

        # prevent loop
        if (empty($url) || parse_url($url, PHP_URL_QUERY) === $_SERVER['QUERY_STRING']) {
            $url = Tools::getPocheUrl();
        }

        if (substr($url, 0, 1) !== '?') {
            $ref = Tools::getPocheUrl();
            if (substr($url, 0, strlen($ref)) !== $ref) {
                $url = $ref;
            }
        }
        self::logm('redirect to ' . $url);
        header('Location: '.$url);
        exit();
    }

    public static function getTplFile($view)
    {
        $views = array(
            'install', 'import', 'export', 'config', 'tags',
            'edit-tags', 'view', 'login', 'error'
            );

        if (in_array($view, $views)) {
            return $view . '.twig';
        }

        return 'home.twig';
    }

    public static function getFile($url)
    {
        $timeout = 15;
        $useragent = "Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0";

        if (in_array ('curl', get_loaded_extensions())) {
            # Fetch feed from URL
            $curl = curl_init();
            curl_setopt($curl, CURLOPT_URL, $url);
            curl_setopt($curl, CURLOPT_TIMEOUT, $timeout);
            if (!ini_get('open_basedir') && !ini_get('safe_mode')) {
                curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
            }
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($curl, CURLOPT_HEADER, false);

            # for ssl, do not verified certificate
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
            curl_setopt($curl, CURLOPT_AUTOREFERER, TRUE );

            # FeedBurner requires a proper USER-AGENT...
            curl_setopt($curl, CURL_HTTP_VERSION_1_1, true);
            curl_setopt($curl, CURLOPT_ENCODING, "gzip, deflate");
            curl_setopt($curl, CURLOPT_USERAGENT, $useragent);

            $data = curl_exec($curl);
            $httpcode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
            $httpcodeOK = isset($httpcode) and ($httpcode == 200 or $httpcode == 301);
            curl_close($curl);
        } else {
            # create http context and add timeout and user-agent
            $context = stream_context_create(
                array(
                    'http' => array(
                        'timeout' => $timeout,
                        'header' => "User-Agent: " . $useragent,
                        'follow_location' => true
                    ),
                    'ssl' => array(
                        'verify_peer' => false,
                        'allow_self_signed' => true
                    )
                )
            );

            # only download page lesser than 4MB
            $data = @file_get_contents($url, false, $context, -1, 4000000);

            if (isset($http_response_header) and isset($http_response_header[0])) {
                $httpcodeOK = isset($http_response_header) and isset($http_response_header[0]) and ((strpos($http_response_header[0], '200 OK') !== FALSE) or (strpos($http_response_header[0], '301 Moved Permanently') !== FALSE));
            }
        }

        # if response is not empty and response is OK
        if (isset($data) and isset($httpcodeOK) and $httpcodeOK) {

            # take charset of page and get it
            preg_match('#<meta .*charset=.*>#Usi', $data, $meta);

            # if meta tag is found
            if (!empty($meta[0])) {
                preg_match('#charset="?(.*)"#si', $meta[0], $encoding);
                # if charset is found set it otherwise, set it to utf-8
                $html_charset = (!empty($encoding[1])) ? strtolower($encoding[1]) : 'utf-8';
                if (empty($encoding[1])) $encoding[1] = 'utf-8';
            } else {
                $html_charset = 'utf-8';
                $encoding[1] = '';
            }

            # replace charset of url to charset of page
            $data = str_replace('charset=' . $encoding[1], 'charset=' . $html_charset, $data);

            return $data;
        }
        else {
            return FALSE;
        }
    }

    public static function renderJson($data)
    {
        header('Cache-Control: no-cache, must-revalidate');
        header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
        header('Content-type: application/json; charset=UTF-8');
        echo json_encode($data);
        exit();
    }

    public static function logm($message)
    {
        if (DEBUG_POCHE && php_sapi_name() != 'cli') {
            $t = strval(date('Y/m/d_H:i:s')) . ' - ' . $_SERVER["REMOTE_ADDR"] . ' - ' . strval($message) . "\n";
            file_put_contents(CACHE . '/log.txt', $t, FILE_APPEND);
            error_log('DEBUG POCHE : ' . $message);
        }
    }

    public static function encodeString($string)
    {
        return sha1($string . SALT);
    }

    public static function checkVar($var, $default = '')
    {
        return ((isset ($_REQUEST["$var"])) ? htmlentities($_REQUEST["$var"]) : $default);
    }

    public static function getDocLanguage($userlanguage) {
        $lang = explode('.', $userlanguage);
        return str_replace('_', '-', $lang[0]);
    }

    public static function status($status_code)
    {
        if (strpos(php_sapi_name(), 'apache') !== false) {

            header('HTTP/1.0 '.$status_code);
        }
        else {

            header('Status: '.$status_code);
        }
    }

    public static function download_db() {
        header('Content-Disposition: attachment; filename="poche.sqlite.gz"');
        self::status(200);

        header('Content-Transfer-Encoding: binary');
        header('Content-Type: application/octet-stream');
        echo gzencode(file_get_contents(STORAGE_SQLITE));

        exit;
    }

    public static function getPageContent(Url $url)
    {
        // Saving and clearing context
        $REAL = array();
        foreach( $GLOBALS as $key => $value ) {
            if( $key != 'GLOBALS' && $key != '_SESSION' && $key != 'HTTP_SESSION_VARS' ) {
                $GLOBALS[$key] = array();
                $REAL[$key] = $value;
            }
        }
        // Saving and clearing session
        if ( isset($_SESSION) ) {
            $REAL_SESSION = array();
            foreach( $_SESSION as $key => $value ) {
                $REAL_SESSION[$key] = $value;
                unset($_SESSION[$key]);
            }
        }

        // Running code in different context
        $scope = function() {
            extract( func_get_arg(1) );
            $_GET = $_REQUEST = array(
                        "url" => $url->getUrl(),
                        "max" => 5,
                        "links" => "preserve",
                        "exc" => "",
                        "format" => "json",
                        "submit" => "Create Feed"
            );
            ob_start();
            require func_get_arg(0);
            $json = ob_get_contents();
            ob_end_clean();
            return $json;
        };
        $json = $scope( "inc/3rdparty/makefulltextfeed.php", array("url" => $url) );

        // Clearing and restoring context
        foreach( $GLOBALS as $key => $value ) {
            if( $key != "GLOBALS" && $key != "_SESSION" ) {
                unset($GLOBALS[$key]);
            }
        }
        foreach( $REAL as $key => $value ) {
            $GLOBALS[$key] = $value;
        }
        // Clearing and restoring session
        if ( isset($REAL_SESSION) ) {
            foreach( $_SESSION as $key => $value ) {
                unset($_SESSION[$key]);
            }
            foreach( $REAL_SESSION as $key => $value ) {
                $_SESSION[$key] = $value;
            }
        }

        return json_decode($json, true);
    }

    /**
     * Returns whether we handle an AJAX (XMLHttpRequest) request.
     * @return boolean whether we handle an AJAX (XMLHttpRequest) request.
     */
    public static function isAjaxRequest()
    {
      return isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH']==='XMLHttpRequest';
    }

}
Commit	Line	Data
eb1af592 NL	1	<?php
eb1af592 NL	2	/**
c95b78a8	3	* wallabag, self hostable application allowing you to not miss any content anymore
eb1af592	4	*
c95b78a8 NL	5	* @category wallabag
c95b78a8 NL	6	* @author Nicolas Lœuillet <nicolas@loeuillet.org>
eb1af592 NL	7	* @copyright 2013
	8	* @license http://www.wtfpl.net/ see COPYING file
	9	*/
182faf26	10
eb1af592 NL	11	class Tools
	12	{
	13	public static function initPhp()
	14	{
	15	define('START_TIME', microtime(true));
	16
	17	if (phpversion() < 5) {
	18	die(_('Oops, it seems you don\'t have PHP 5.'));
	19	}
	20
eb1af592 NL	21	function stripslashesDeep($value) {
	22	return is_array($value)
	23	? array_map('stripslashesDeep', $value)
	24	: stripslashes($value);
	25	}
	26
	27	if (get_magic_quotes_gpc()) {
	28	$_POST = array_map('stripslashesDeep', $_POST);
	29	$_GET = array_map('stripslashesDeep', $_GET);
	30	$_COOKIE = array_map('stripslashesDeep', $_COOKIE);
	31	}
	32
	33	ob_start();
	34	register_shutdown_function('ob_end_flush');
	35	}
	36
	37	public static function getPocheUrl()
	38	{
	39	$https = (!empty($_SERVER['HTTPS'])
	40	&& (strtolower($_SERVER['HTTPS']) == 'on'))
	41	\|\| (isset($_SERVER["SERVER_PORT"])
125f9ee8	42	&& $_SERVER["SERVER_PORT"] == '443') // HTTPS detection.
182faf26	43	\|\| (isset($_SERVER["SERVER_PORT"]) //Custom HTTPS port detection
445a1a1c NL	44	&& $_SERVER["SERVER_PORT"] == SSL_PORT)
	45	\|\| (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])
	46	&& $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https');
125f9ee8	47
eb1af592 NL	48	$serverport = (!isset($_SERVER["SERVER_PORT"])
	49	\|\| $_SERVER["SERVER_PORT"] == '80'
	50	\|\| ($https && $_SERVER["SERVER_PORT"] == '443')
2916d24b	51	\|\| ($https && $_SERVER["SERVER_PORT"]==SSL_PORT) //Custom HTTPS port detection
eb1af592 NL	52	? '' : ':' . $_SERVER["SERVER_PORT"]);
	53
	54	$scriptname = str_replace('/index.php', '/', $_SERVER["SCRIPT_NAME"]);
	55
45e9e0f5	56	if (!isset($_SERVER["HTTP_HOST"])) {
eb1af592 NL	57	return $scriptname;
	58	}
	59
69c57493	60	$host = (isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']));
79024eb0 NL	61
	62	if (strpos($host, ':') !== false) {
	63	$serverport = '';
	64	}
752cd4a8	65
eb1af592	66	return 'http' . ($https ? 's' : '') . '://'
69c57493	67	. $host . $serverport . $scriptname;
eb1af592 NL	68	}
	69
	70	public static function redirect($url = '')
	71	{
	72	if ($url === '') {
	73	$url = (empty($_SERVER['HTTP_REFERER'])?'?':$_SERVER['HTTP_REFERER']);
	74	if (isset($_POST['returnurl'])) {
	75	$url = $_POST['returnurl'];
	76	}
	77	}
	78
	79	# prevent loop
	80	if (empty($url) \|\| parse_url($url, PHP_URL_QUERY) === $_SERVER['QUERY_STRING']) {
	81	$url = Tools::getPocheUrl();
	82	}
	83
	84	if (substr($url, 0, 1) !== '?') {
	85	$ref = Tools::getPocheUrl();
	86	if (substr($url, 0, strlen($ref)) !== $ref) {
	87	$url = $ref;
	88	}
	89	}
bc1ee852	90	self::logm('redirect to ' . $url);
eb1af592 NL	91	header('Location: '.$url);
	92	exit();
	93	}
	94
	95	public static function getTplFile($view)
	96	{
74ec445a NL	97	$views = array(
74ec445a NL	98	'install', 'import', 'export', 'config', 'tags',
032e0ca1	99	'edit-tags', 'view', 'login', 'error'
74ec445a NL	100	);
	101
	102	if (in_array($view, $views)) {
	103	return $view . '.twig';
eb1af592	104	}
74ec445a NL	105
74ec445a NL	106	return 'home.twig';
eb1af592 NL	107	}
	108
	109	public static function getFile($url)
	110	{
	111	$timeout = 15;
	112	$useragent = "Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0";
	113
	114	if (in_array ('curl', get_loaded_extensions())) {
	115	# Fetch feed from URL
	116	$curl = curl_init();
	117	curl_setopt($curl, CURLOPT_URL, $url);
	118	curl_setopt($curl, CURLOPT_TIMEOUT, $timeout);
f2d3ee98 NL	119	if (!ini_get('open_basedir') && !ini_get('safe_mode')) {
	120	curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
	121	}
eb1af592 NL	122	curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
	123	curl_setopt($curl, CURLOPT_HEADER, false);
	124
	125	# for ssl, do not verified certificate
	126	curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
	127	curl_setopt($curl, CURLOPT_AUTOREFERER, TRUE );
	128
	129	# FeedBurner requires a proper USER-AGENT...
	130	curl_setopt($curl, CURL_HTTP_VERSION_1_1, true);
	131	curl_setopt($curl, CURLOPT_ENCODING, "gzip, deflate");
	132	curl_setopt($curl, CURLOPT_USERAGENT, $useragent);
	133
	134	$data = curl_exec($curl);
	135	$httpcode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
	136	$httpcodeOK = isset($httpcode) and ($httpcode == 200 or $httpcode == 301);
	137	curl_close($curl);
	138	} else {
	139	# create http context and add timeout and user-agent
	140	$context = stream_context_create(
	141	array(
	142	'http' => array(
	143	'timeout' => $timeout,
	144	'header' => "User-Agent: " . $useragent,
	145	'follow_location' => true
	146	),
	147	'ssl' => array(
	148	'verify_peer' => false,
	149	'allow_self_signed' => true
	150	)
	151	)
	152	);
	153
	154	# only download page lesser than 4MB
182faf26	155	$data = @file_get_contents($url, false, $context, -1, 4000000);
eb1af592 NL	156
	157	if (isset($http_response_header) and isset($http_response_header[0])) {
	158	$httpcodeOK = isset($http_response_header) and isset($http_response_header[0]) and ((strpos($http_response_header[0], '200 OK') !== FALSE) or (strpos($http_response_header[0], '301 Moved Permanently') !== FALSE));
	159	}
	160	}
	161
	162	# if response is not empty and response is OK
	163	if (isset($data) and isset($httpcodeOK) and $httpcodeOK) {
	164
	165	# take charset of page and get it
	166	preg_match('#<meta .charset=.>#Usi', $data, $meta);
	167
	168	# if meta tag is found
	169	if (!empty($meta[0])) {
	170	preg_match('#charset="?(.*)"#si', $meta[0], $encoding);
	171	# if charset is found set it otherwise, set it to utf-8
	172	$html_charset = (!empty($encoding[1])) ? strtolower($encoding[1]) : 'utf-8';
5f9bff0f	173	if (empty($encoding[1])) $encoding[1] = 'utf-8';
eb1af592 NL	174	} else {
	175	$html_charset = 'utf-8';
	176	$encoding[1] = '';
	177	}
	178
	179	# replace charset of url to charset of page
	180	$data = str_replace('charset=' . $encoding[1], 'charset=' . $html_charset, $data);
	181
	182	return $data;
	183	}
	184	else {
	185	return FALSE;
	186	}
	187	}
	188
	189	public static function renderJson($data)
	190	{
	191	header('Cache-Control: no-cache, must-revalidate');
	192	header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
	193	header('Content-type: application/json; charset=UTF-8');
	194	echo json_encode($data);
	195	exit();
	196	}
	197
	198	public static function logm($message)
	199	{
53e3158d	200	if (DEBUG_POCHE && php_sapi_name() != 'cli') {
eb1af592	201	$t = strval(date('Y/m/d_H:i:s')) . ' - ' . $_SERVER["REMOTE_ADDR"] . ' - ' . strval($message) . "\n";
6a361945	202	file_put_contents(CACHE . '/log.txt', $t, FILE_APPEND);
bc1ee852	203	error_log('DEBUG POCHE : ' . $message);
eb1af592 NL	204	}
	205	}
	206
182faf26	207	public static function encodeString($string)
eb1af592 NL	208	{
	209	return sha1($string . SALT);
	210	}
63c35580	211
7f959169	212	public static function checkVar($var, $default = '')
63c35580	213	{
7f959169	214	return ((isset ($_REQUEST["$var"])) ? htmlentities($_REQUEST["$var"]) : $default);
63c35580	215	}
55821e04	216
1b2abab6 N	217	public static function getDocLanguage($userlanguage) {
	218	$lang = explode('.', $userlanguage);
	219	return str_replace('_', '-', $lang[0]);
	220	}
d460914f NL	221
	222	public static function status($status_code)
	223	{
	224	if (strpos(php_sapi_name(), 'apache') !== false) {
	225
	226	header('HTTP/1.0 '.$status_code);
	227	}
	228	else {
	229
	230	header('Status: '.$status_code);
	231	}
	232	}
	233
d460914f NL	234	public static function download_db() {
	235	header('Content-Disposition: attachment; filename="poche.sqlite.gz"');
	236	self::status(200);
	237
	238	header('Content-Transfer-Encoding: binary');
	239	header('Content-Type: application/octet-stream');
	240	echo gzencode(file_get_contents(STORAGE_SQLITE));
	241
	242	exit;
	243	}
53e3158d NL	244
	245	public static function getPageContent(Url $url)
	246	{
	247	// Saving and clearing context
	248	$REAL = array();
	249	foreach( $GLOBALS as $key => $value ) {
	250	if( $key != 'GLOBALS' && $key != '_SESSION' && $key != 'HTTP_SESSION_VARS' ) {
	251	$GLOBALS[$key] = array();
	252	$REAL[$key] = $value;
	253	}
	254	}
	255	// Saving and clearing session
f98373cc MR	256	if ( isset($_SESSION) ) {
	257	$REAL_SESSION = array();
	258	foreach( $_SESSION as $key => $value ) {
	259	$REAL_SESSION[$key] = $value;
	260	unset($_SESSION[$key]);
	261	}
53e3158d NL	262	}
	263
	264	// Running code in different context
	265	$scope = function() {
	266	extract( func_get_arg(1) );
	267	$_GET = $_REQUEST = array(
	268	"url" => $url->getUrl(),
	269	"max" => 5,
	270	"links" => "preserve",
	271	"exc" => "",
	272	"format" => "json",
	273	"submit" => "Create Feed"
	274	);
	275	ob_start();
	276	require func_get_arg(0);
f98373cc MR	277	$json = ob_get_contents();
f98373cc MR	278	ob_end_clean();
53e3158d NL	279	return $json;
	280	};
	281	$json = $scope( "inc/3rdparty/makefulltextfeed.php", array("url" => $url) );
	282
	283	// Clearing and restoring context
	284	foreach( $GLOBALS as $key => $value ) {
	285	if( $key != "GLOBALS" && $key != "_SESSION" ) {
	286	unset($GLOBALS[$key]);
	287	}
	288	}
	289	foreach( $REAL as $key => $value ) {
	290	$GLOBALS[$key] = $value;
	291	}
	292	// Clearing and restoring session
f98373cc MR	293	if ( isset($REAL_SESSION) ) {
	294	foreach( $_SESSION as $key => $value ) {
	295	unset($_SESSION[$key]);
	296	}
	297	foreach( $REAL_SESSION as $key => $value ) {
	298	$_SESSION[$key] = $value;
	299	}
53e3158d	300	}
f98373cc	301
53e3158d NL	302	return json_decode($json, true);
53e3158d NL	303	}
fb26cc93 MR	304
	305	/**
	306	* Returns whether we handle an AJAX (XMLHttpRequest) request.
	307	* @return boolean whether we handle an AJAX (XMLHttpRequest) request.
	308	*/
	309	public static function isAjaxRequest()
	310	{
	311	return isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH']==='XMLHttpRequest';
	312	}
	313
125f9ee8	314	}