]> git.immae.eu Git - github/shaarli/Shaarli.git/blame_incremental - application/Utils.php
Webpack / Documentation update
[github/shaarli/Shaarli.git] / application / Utils.php
... / ...
CommitLineData
1<?php
2/**
3 * Shaarli utilities
4 */
5
6/**
7 * Logs a message to a text file
8 *
9 * The log format is compatible with fail2ban.
10 *
11 * @param string $logFile where to write the logs
12 * @param string $clientIp the client's remote IPv4/IPv6 address
13 * @param string $message the message to log
14 */
15function logm($logFile, $clientIp, $message)
16{
17 file_put_contents(
18 $logFile,
19 date('Y/m/d H:i:s').' - '.$clientIp.' - '.strval($message).PHP_EOL,
20 FILE_APPEND
21 );
22}
23
24/**
25 * Returns the small hash of a string, using RFC 4648 base64url format
26 *
27 * Small hashes:
28 * - are unique (well, as unique as crc32, at last)
29 * - are always 6 characters long.
30 * - only use the following characters: a-z A-Z 0-9 - _ @
31 * - are NOT cryptographically secure (they CAN be forged)
32 *
33 * In Shaarli, they are used as a tinyurl-like link to individual entries,
34 * built once with the combination of the date and item ID.
35 * e.g. smallHash('20111006_131924' . 142) --> eaWxtQ
36 *
37 * @warning before v0.8.1, smallhashes were built only with the date,
38 * and their value has been preserved.
39 *
40 * @param string $text Create a hash from this text.
41 *
42 * @return string generated small hash.
43 */
44function smallHash($text)
45{
46 $t = rtrim(base64_encode(hash('crc32', $text, true)), '=');
47 return strtr($t, '+/', '-_');
48}
49
50/**
51 * Tells if a string start with a substring
52 *
53 * @param string $haystack Given string.
54 * @param string $needle String to search at the beginning of $haystack.
55 * @param bool $case Case sensitive.
56 *
57 * @return bool True if $haystack starts with $needle.
58 */
59function startsWith($haystack, $needle, $case = true)
60{
61 if ($case) {
62 return (strcmp(substr($haystack, 0, strlen($needle)), $needle) === 0);
63 }
64 return (strcasecmp(substr($haystack, 0, strlen($needle)), $needle) === 0);
65}
66
67/**
68 * Tells if a string ends with a substring
69 *
70 * @param string $haystack Given string.
71 * @param string $needle String to search at the end of $haystack.
72 * @param bool $case Case sensitive.
73 *
74 * @return bool True if $haystack ends with $needle.
75 */
76function endsWith($haystack, $needle, $case = true)
77{
78 if ($case) {
79 return (strcmp(substr($haystack, strlen($haystack) - strlen($needle)), $needle) === 0);
80 }
81 return (strcasecmp(substr($haystack, strlen($haystack) - strlen($needle)), $needle) === 0);
82}
83
84/**
85 * Htmlspecialchars wrapper
86 * Support multidimensional array of strings.
87 *
88 * @param mixed $input Data to escape: a single string or an array of strings.
89 *
90 * @return string escaped.
91 */
92function escape($input)
93{
94 if (is_bool($input)) {
95 return $input;
96 }
97
98 if (is_array($input)) {
99 $out = array();
100 foreach($input as $key => $value) {
101 $out[$key] = escape($value);
102 }
103 return $out;
104 }
105 return htmlspecialchars($input, ENT_COMPAT, 'UTF-8', false);
106}
107
108/**
109 * Reverse the escape function.
110 *
111 * @param string $str the string to unescape.
112 *
113 * @return string unescaped string.
114 */
115function unescape($str)
116{
117 return htmlspecialchars_decode($str);
118}
119
120/**
121 * Sanitize link before rendering.
122 *
123 * @param array $link Link to escape.
124 */
125function sanitizeLink(&$link)
126{
127 $link['url'] = escape($link['url']); // useful?
128 $link['title'] = escape($link['title']);
129 $link['description'] = escape($link['description']);
130 $link['tags'] = escape($link['tags']);
131}
132
133/**
134 * Checks if a string represents a valid date
135
136 * @param string $format The expected DateTime format of the string
137 * @param string $string A string-formatted date
138 *
139 * @return bool whether the string is a valid date
140 *
141 * @see http://php.net/manual/en/class.datetime.php
142 * @see http://php.net/manual/en/datetime.createfromformat.php
143 */
144function checkDateFormat($format, $string)
145{
146 $date = DateTime::createFromFormat($format, $string);
147 return $date && $date->format($string) == $string;
148}
149
150/**
151 * Generate a header location from HTTP_REFERER.
152 * Make sure the referer is Shaarli itself and prevent redirection loop.
153 *
154 * @param string $referer - HTTP_REFERER.
155 * @param string $host - Server HOST.
156 * @param array $loopTerms - Contains list of term to prevent redirection loop.
157 *
158 * @return string $referer - final referer.
159 */
160function generateLocation($referer, $host, $loopTerms = array())
161{
162 $finalReferer = '?';
163
164 // No referer if it contains any value in $loopCriteria.
165 foreach ($loopTerms as $value) {
166 if (strpos($referer, $value) !== false) {
167 return $finalReferer;
168 }
169 }
170
171 // Remove port from HTTP_HOST
172 if ($pos = strpos($host, ':')) {
173 $host = substr($host, 0, $pos);
174 }
175
176 $refererHost = parse_url($referer, PHP_URL_HOST);
177 if (!empty($referer) && (strpos($refererHost, $host) !== false || startsWith('?', $refererHost))) {
178 $finalReferer = $referer;
179 }
180
181 return $finalReferer;
182}
183
184/**
185 * Sniff browser language to set the locale automatically.
186 * Note that is may not work on your server if the corresponding locale is not installed.
187 *
188 * @param string $headerLocale Locale send in HTTP headers (e.g. "fr,fr-fr;q=0.8,en;q=0.5,en-us;q=0.3").
189 **/
190function autoLocale($headerLocale)
191{
192 // Default if browser does not send HTTP_ACCEPT_LANGUAGE
193 $locales = array('en_US', 'en_US.utf8', 'en_US.UTF-8');
194 if (! empty($headerLocale)) {
195 if (preg_match_all('/([a-z]{2,3})[-_]?([a-z]{2})?,?/i', $headerLocale, $matches, PREG_SET_ORDER)) {
196 $attempts = [];
197 foreach ($matches as $match) {
198 $first = [strtolower($match[1]), strtoupper($match[1])];
199 $separators = ['_', '-'];
200 $encodings = ['utf8', 'UTF-8'];
201 if (!empty($match[2])) {
202 $second = [strtoupper($match[2]), strtolower($match[2])];
203 $items = [$first, $separators, $second, ['.'], $encodings];
204 } else {
205 $items = [$first, $separators, $first, ['.'], $encodings];
206 }
207 $attempts = array_merge($attempts, iterator_to_array(cartesian_product_generator($items)));
208 }
209
210 if (! empty($attempts)) {
211 $locales = array_merge(array_map('implode', $attempts), $locales);
212 }
213 }
214 }
215
216 setlocale(LC_ALL, $locales);
217}
218
219/**
220 * Build a Generator object representing the cartesian product from given $items.
221 *
222 * Example:
223 * [['a'], ['b', 'c']]
224 * will generate:
225 * [
226 * ['a', 'b'],
227 * ['a', 'c'],
228 * ]
229 *
230 * @param array $items array of array of string
231 *
232 * @return Generator representing the cartesian product of given array.
233 *
234 * @see https://en.wikipedia.org/wiki/Cartesian_product
235 */
236function cartesian_product_generator($items)
237{
238 if (empty($items)) {
239 yield [];
240 }
241 $subArray = array_pop($items);
242 if (empty($subArray)) {
243 return;
244 }
245 foreach (cartesian_product_generator($items) as $item) {
246 foreach ($subArray as $value) {
247 yield $item + [count($item) => $value];
248 }
249 }
250}
251
252/**
253 * Generates a default API secret.
254 *
255 * Note that the random-ish methods used in this function are predictable,
256 * which makes them NOT suitable for crypto.
257 * BUT the random string is salted with the salt and hashed with the username.
258 * It makes the generated API secret secured enough for Shaarli.
259 *
260 * PHP 7 provides random_int(), designed for cryptography.
261 * More info: http://stackoverflow.com/questions/4356289/php-random-string-generator
262
263 * @param string $username Shaarli login username
264 * @param string $salt Shaarli password hash salt
265 *
266 * @return string|bool Generated API secret, 12 char length.
267 * Or false if invalid parameters are provided (which will make the API unusable).
268 */
269function generate_api_secret($username, $salt)
270{
271 if (empty($username) || empty($salt)) {
272 return false;
273 }
274
275 return str_shuffle(substr(hash_hmac('sha512', uniqid($salt), $username), 10, 12));
276}
277
278/**
279 * Trim string, replace sequences of whitespaces by a single space.
280 * PHP equivalent to `normalize-space` XSLT function.
281 *
282 * @param string $string Input string.
283 *
284 * @return mixed Normalized string.
285 */
286function normalize_spaces($string)
287{
288 return preg_replace('/\s{2,}/', ' ', trim($string));
289}
290
291/**
292 * Format the date according to the locale.
293 *
294 * Requires php-intl to display international datetimes,
295 * otherwise default format '%c' will be returned.
296 *
297 * @param DateTime $date to format.
298 * @param bool $time Displays time if true.
299 * @param bool $intl Use international format if true.
300 *
301 * @return bool|string Formatted date, or false if the input is invalid.
302 */
303function format_date($date, $time = true, $intl = true)
304{
305 if (! $date instanceof DateTime) {
306 return false;
307 }
308
309 if (! $intl || ! class_exists('IntlDateFormatter')) {
310 $format = $time ? '%c' : '%x';
311 return strftime($format, $date->getTimestamp());
312 }
313
314 $formatter = new IntlDateFormatter(
315 setlocale(LC_TIME, 0),
316 IntlDateFormatter::LONG,
317 $time ? IntlDateFormatter::LONG : IntlDateFormatter::NONE
318 );
319
320 return $formatter->format($date);
321}
322
323/**
324 * Check if the input is an integer, no matter its real type.
325 *
326 * PHP is a bit messy regarding this:
327 * - is_int returns false if the input is a string
328 * - ctype_digit returns false if the input is an integer or negative
329 *
330 * @param mixed $input value
331 *
332 * @return bool true if the input is an integer, false otherwise
333 */
334function is_integer_mixed($input)
335{
336 if (is_array($input) || is_bool($input) || is_object($input)) {
337 return false;
338 }
339 $input = strval($input);
340 return ctype_digit($input) || (startsWith($input, '-') && ctype_digit(substr($input, 1)));
341}
342
343/**
344 * Convert post_max_size/upload_max_filesize (e.g. '16M') parameters to bytes.
345 *
346 * @param string $val Size expressed in string.
347 *
348 * @return int Size expressed in bytes.
349 */
350function return_bytes($val)
351{
352 if (is_integer_mixed($val) || $val === '0' || empty($val)) {
353 return $val;
354 }
355 $val = trim($val);
356 $last = strtolower($val[strlen($val)-1]);
357 $val = intval(substr($val, 0, -1));
358 switch($last) {
359 case 'g': $val *= 1024;
360 case 'm': $val *= 1024;
361 case 'k': $val *= 1024;
362 }
363 return $val;
364}
365
366/**
367 * Return a human readable size from bytes.
368 *
369 * @param int $bytes value
370 *
371 * @return string Human readable size
372 */
373function human_bytes($bytes)
374{
375 if ($bytes === '') {
376 return t('Setting not set');
377 }
378 if (! is_integer_mixed($bytes)) {
379 return $bytes;
380 }
381 $bytes = intval($bytes);
382 if ($bytes === 0) {
383 return t('Unlimited');
384 }
385
386 $units = [t('B'), t('kiB'), t('MiB'), t('GiB')];
387 for ($i = 0; $i < count($units) && $bytes >= 1024; ++$i) {
388 $bytes /= 1024;
389 }
390
391 return round($bytes) . $units[$i];
392}
393
394/**
395 * Try to determine max file size for uploads (POST).
396 * Returns an integer (in bytes) or formatted depending on $format.
397 *
398 * @param mixed $limitPost post_max_size PHP setting
399 * @param mixed $limitUpload upload_max_filesize PHP setting
400 * @param bool $format Format max upload size to human readable size
401 *
402 * @return int|string max upload file size
403 */
404function get_max_upload_size($limitPost, $limitUpload, $format = true)
405{
406 $size1 = return_bytes($limitPost);
407 $size2 = return_bytes($limitUpload);
408 // Return the smaller of two:
409 $maxsize = min($size1, $size2);
410 return $format ? human_bytes($maxsize) : $maxsize;
411}
412
413/**
414 * Sort the given array alphabetically using php-intl if available.
415 * Case sensitive.
416 *
417 * Note: doesn't support multidimensional arrays
418 *
419 * @param array $data Input array, passed by reference
420 * @param bool $reverse Reverse sort if set to true
421 * @param bool $byKeys Sort the array by keys if set to true, by value otherwise.
422 */
423function alphabetical_sort(&$data, $reverse = false, $byKeys = false)
424{
425 $callback = function ($a, $b) use ($reverse) {
426 // Collator is part of PHP intl.
427 if (class_exists('Collator')) {
428 $collator = new Collator(setlocale(LC_COLLATE, 0));
429 if (!intl_is_failure(intl_get_error_code())) {
430 return $collator->compare($a, $b) * ($reverse ? -1 : 1);
431 }
432 }
433
434 return strcasecmp($a, $b) * ($reverse ? -1 : 1);
435 };
436
437 if ($byKeys) {
438 uksort($data, $callback);
439 } else {
440 usort($data, $callback);
441 }
442}
443
444/**
445 * Wrapper function for translation which match the API
446 * of gettext()/_() and ngettext().
447 *
448 * @param string $text Text to translate.
449 * @param string $nText The plural message ID.
450 * @param int $nb The number of items for plural forms.
451 * @param string $domain The domain where the translation is stored (default: shaarli).
452 *
453 * @return string Text translated.
454 */
455function t($text, $nText = '', $nb = 1, $domain = 'shaarli') {
456 return dn__($domain, $text, $nText, $nb);
457}