]>
git.immae.eu Git - github/shaarli/Shaarli.git/blob - application/Utils.php
7 * Logs a message to a text file
9 * The log format is compatible with fail2ban.
11 * @param string $logFile where to write the logs
12 * @param string $clientIp the client's remote IPv4/IPv6 address
13 * @param string $message the message to log
15 function logm($logFile, $clientIp, $message)
19 date('Y/m/d H:i:s').' - '.$clientIp.' - '.strval($message).PHP_EOL
,
25 * Returns the small hash of a string, using RFC 4648 base64url format
28 * - are unique (well, as unique as crc32, at last)
29 * - are always 6 characters long.
30 * - only use the following characters: a-z A-Z 0-9 - _ @
31 * - are NOT cryptographically secure (they CAN be forged)
33 * In Shaarli, they are used as a tinyurl-like link to individual entries,
34 * e.g. smallHash('20111006_131924') --> yZH23w
36 function smallHash($text)
38 $t = rtrim(base64_encode(hash('crc32', $text, true)), '=');
39 return strtr($t, '+/', '-_');
43 * Tells if a string start with a substring
45 function startsWith($haystack, $needle, $case=true)
48 return (strcmp(substr($haystack, 0, strlen($needle)), $needle) === 0);
50 return (strcasecmp(substr($haystack, 0, strlen($needle)), $needle) === 0);
54 * Tells if a string ends with a substring
56 function endsWith($haystack, $needle, $case=true)
59 return (strcmp(substr($haystack, strlen($haystack) - strlen($needle)), $needle) === 0);
61 return (strcasecmp(substr($haystack, strlen($haystack) - strlen($needle)), $needle) === 0);
65 * Same as nl2br(), but escapes < and >
67 function nl2br_escaped($html)
69 return str_replace('>', '>', str_replace('<', '<', nl2br($html)));
73 * htmlspecialchars wrapper
77 return htmlspecialchars($str, ENT_COMPAT
, 'UTF-8', false);
81 * Link sanitization before templating
83 function sanitizeLink(&$link)
85 $link['url'] = escape($link['url']); // useful?
86 $link['title'] = escape($link['title']);
87 $link['description'] = escape($link['description']);
88 $link['tags'] = escape($link['tags']);
92 * Checks if a string represents a valid date
94 * @param string $format The expected DateTime format of the string
95 * @param string $string A string-formatted date
97 * @return bool whether the string is a valid date
99 * @see http://php.net/manual/en/class.datetime.php
100 * @see http://php.net/manual/en/datetime.createfromformat.php
102 function checkDateFormat($format, $string)
104 $date = DateTime
::createFromFormat($format, $string);
105 return $date && $date->format($string) == $string;
109 * Generate a header location from HTTP_REFERER.
110 * Make sure the referer is Shaarli itself and prevent redirection loop.
112 * @param string $referer - HTTP_REFERER.
113 * @param string $host - Server HOST.
114 * @param array $loopTerms - Contains list of term to prevent redirection loop.
116 * @return string $referer - final referer.
118 function generateLocation($referer, $host, $loopTerms = array())
122 // No referer if it contains any value in $loopCriteria.
123 foreach ($loopTerms as $value) {
124 if (strpos($referer, $value) !== false) {
125 return $finalReferer;
129 // Remove port from HTTP_HOST
130 if ($pos = strpos($host, ':')) {
131 $host = substr($host, 0, $pos);
134 $refererHost = parse_url($referer, PHP_URL_HOST
);
135 if (!empty($referer) && (strpos($refererHost, $host) !== false || startsWith('?', $refererHost))) {
136 $finalReferer = $referer;
139 return $finalReferer;
143 * Validate session ID to prevent Full Path Disclosure.
146 * The session ID's format depends on the hash algorithm set in PHP settings
148 * @param string $sessionId Session ID
150 * @return true if valid, false otherwise.
152 * @see http://php.net/manual/en/function.hash-algos.php
153 * @see http://php.net/manual/en/session.configuration.php
155 function is_session_id_valid($sessionId)
157 if (empty($sessionId)) {
165 if (!preg_match('/^[a-zA-Z0-9,-]{2,128}$/', $sessionId)) {
173 * In a string, converts URLs to clickable links.
175 * @param string $text input string.
176 * @param string $redirector if a redirector is set, use it to gerenate links.
178 * @return string returns $text with all links converted to HTML links.
180 * @see Function inspired from http://www.php.net/manual/en/function.preg-replace.php#85722
182 function text2clickable($text, $redirector)
184 $regex = '!(((?:https?|ftp|file)://|apt:|magnet:)\S+[[:alnum:]]/?)!si';
186 if (empty($redirector)) {
187 return preg_replace($regex, '<a href="$1">$1</a>', $text);
189 // Redirector is set, urlencode the final URL.
190 return preg_replace_callback(
192 function ($matches) use ($redirector) {
193 return '<a href="' . $redirector . urlencode($matches[1]) .'">'. $matches[1] .'</a>';
200 * This function inserts where relevant so that multiple spaces are properly displayed in HTML
201 * even in the absence of <pre> (This is used in description to keep text formatting).
203 * @param string $text input text.
205 * @return string formatted text.
207 function space2nbsp($text)
209 return preg_replace('/(^| ) /m', '$1 ', $text);
213 * Format Shaarli's description
214 * TODO: Move me to ApplicationUtils when it's ready.
216 * @param string $description shaare's description.
217 * @param string $redirector if a redirector is set, use it to gerenate links.
219 * @return string formatted description.
221 function format_description($description, $redirector) {
222 return nl2br(space2nbsp(text2clickable($description, $redirector)));