minimum of control on server side added

[github/wallabag/wallabag.git] / inc / poche / Tools.class.php

diff --git a/inc/poche/Tools.class.php b/inc/poche/Tools.class.php
old mode 100644 (file)
new mode 100755 (executable)
index eeb101b..cc01f40
--- a/inc/poche/Tools.class.php
+++ b/inc/poche/Tools.class.php
@@ -7,7 +7,7 @@
  * @copyright  2013
  * @license    http://www.wtfpl.net/ see COPYING file
  */
- 
+
 class Tools
 {
     public static function initPhp()
@@ -18,8 +18,6 @@ class Tools
             die(_('Oops, it seems you don\'t have PHP 5.'));
         }
 
-        error_reporting(E_ALL);
-
         function stripslashesDeep($value) {
             return is_array($value)
                 ? array_map('stripslashesDeep', $value)
@@ -42,7 +40,7 @@ class Tools
                     && (strtolower($_SERVER['HTTPS']) == 'on'))
             || (isset($_SERVER["SERVER_PORT"])
                     && $_SERVER["SERVER_PORT"] == '443') // HTTPS detection.
-            || (isset($_SERVER["SERVER_PORT"]) //Custom HTTPS port detection 
+            || (isset($_SERVER["SERVER_PORT"]) //Custom HTTPS port detection
                     && $_SERVER["SERVER_PORT"] == SSL_PORT)
              || (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])
                     && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https');
@@ -59,8 +57,14 @@ class Tools
             return $scriptname;
         }
 
+        $host = (isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']));
+
+        if (strpos($host, ':') !== false) {
+            $serverport = '';
+        }
+
         return 'http' . ($https ? 's' : '') . '://'
-            . $_SERVER["HTTP_HOST"] . $serverport . $scriptname;
+            . $host . $serverport . $scriptname;
     }
 
     public static function redirect($url = '')
@@ -148,7 +152,7 @@ class Tools
             );
 
             # only download page lesser than 4MB
-            $data = @file_get_contents($url, false, $context, -1, 4000000); 
+            $data = @file_get_contents($url, false, $context, -1, 4000000);
 
             if (isset($http_response_header) and isset($http_response_header[0])) {
                 $httpcodeOK = isset($http_response_header) and isset($http_response_header[0]) and ((strpos($http_response_header[0], '200 OK') !== FALSE) or (strpos($http_response_header[0], '301 Moved Permanently') !== FALSE));
@@ -200,7 +204,7 @@ class Tools
         }
     }
 
-    public static function encodeString($string) 
+    public static function encodeString($string)
     {
         return sha1($string . SALT);
     }
@@ -212,7 +216,7 @@ class Tools
 
     public static function getDomain($url)
     {
-      return parse_url($url, PHP_URL_HOST);
+        return parse_url($url, PHP_URL_HOST);
     }
 
     public static function getReadingTime($text) {
@@ -311,4 +315,14 @@ class Tools
 
         return json_decode($json, true);
     }
+
+    /**
+     * Returns whether we handle an AJAX (XMLHttpRequest) request.
+     * @return boolean whether we handle an AJAX (XMLHttpRequest) request.
+     */
+    public static function isAjaxRequest()
+    {
+      return isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH']==='XMLHttpRequest';
+    }
+
 }