X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=application%2FUtils.php;h=925e1a22c909011a342b3dc3ced3c9f0f5d9a3da;hb=HEAD;hp=d6e066102b62a61baf96c4ad5cecd947725a11ac;hpb=e96be632f5a7e8a8d39d99526ddd028084653b2f;p=github%2Fshaarli%2FShaarli.git diff --git a/application/Utils.php b/application/Utils.php index d6e06610..c5cd884b 100644 --- a/application/Utils.php +++ b/application/Utils.php @@ -1,24 +1,27 @@ $value) { - $out[$key] = escape($value); + $out = []; + foreach ($input as $key => $value) { + $out[escape($key)] = escape($value); } return $out; } @@ -153,12 +164,12 @@ function checkDateFormat($format, $string) * * @return string $referer - final referer. */ -function generateLocation($referer, $host, $loopTerms = array()) +function generateLocation($referer, $host, $loopTerms = []) { - $finalReferer = '?'; + $finalReferer = './?'; // No referer if it contains any value in $loopCriteria. - foreach ($loopTerms as $value) { + foreach (array_filter($loopTerms) as $value) { if (strpos($referer, $value) !== false) { return $finalReferer; } @@ -177,36 +188,6 @@ function generateLocation($referer, $host, $loopTerms = array()) return $finalReferer; } -/** - * Validate session ID to prevent Full Path Disclosure. - * - * See #298. - * The session ID's format depends on the hash algorithm set in PHP settings - * - * @param string $sessionId Session ID - * - * @return true if valid, false otherwise. - * - * @see http://php.net/manual/en/function.hash-algos.php - * @see http://php.net/manual/en/session.configuration.php - */ -function is_session_id_valid($sessionId) -{ - if (empty($sessionId)) { - return false; - } - - if (!$sessionId) { - return false; - } - - if (!preg_match('/^[a-zA-Z0-9,-]{2,128}$/', $sessionId)) { - return false; - } - - return true; -} - /** * Sniff browser language to set the locale automatically. * Note that is may not work on your server if the corresponding locale is not installed. @@ -216,7 +197,7 @@ function is_session_id_valid($sessionId) function autoLocale($headerLocale) { // Default if browser does not send HTTP_ACCEPT_LANGUAGE - $locales = array('en_US', 'en_US.utf8', 'en_US.UTF-8'); + $locales = ['en_US', 'en_US.utf8', 'en_US.UTF-8']; if (! empty($headerLocale)) { if (preg_match_all('/([a-z]{2,3})[-_]?([a-z]{2})?,?/i', $headerLocale, $matches, PREG_SET_ORDER)) { $attempts = []; @@ -320,15 +301,15 @@ function normalize_spaces($string) * Requires php-intl to display international datetimes, * otherwise default format '%c' will be returned. * - * @param DateTime $date to format. - * @param bool $time Displays time if true. - * @param bool $intl Use international format if true. + * @param DateTimeInterface $date to format. + * @param bool $time Displays time if true. + * @param bool $intl Use international format if true. * * @return bool|string Formatted date, or false if the input is invalid. */ function format_date($date, $time = true, $intl = true) { - if (! $date instanceof DateTime) { + if (! $date instanceof DateTimeInterface) { return false; } @@ -342,6 +323,180 @@ function format_date($date, $time = true, $intl = true) IntlDateFormatter::LONG, $time ? IntlDateFormatter::LONG : IntlDateFormatter::NONE ); + $formatter->setTimeZone($date->getTimezone()); return $formatter->format($date); } + +/** + * Format the date month according to the locale. + * + * @param DateTimeInterface $date to format. + * + * @return bool|string Formatted date, or false if the input is invalid. + */ +function format_month(DateTimeInterface $date) +{ + if (! $date instanceof DateTimeInterface) { + return false; + } + + return strftime('%B', $date->getTimestamp()); +} + + +/** + * Check if the input is an integer, no matter its real type. + * + * PHP is a bit messy regarding this: + * - is_int returns false if the input is a string + * - ctype_digit returns false if the input is an integer or negative + * + * @param mixed $input value + * + * @return bool true if the input is an integer, false otherwise + */ +function is_integer_mixed($input) +{ + if (is_array($input) || is_bool($input) || is_object($input)) { + return false; + } + $input = strval($input); + return ctype_digit($input) || (startsWith($input, '-') && ctype_digit(substr($input, 1))); +} + +/** + * Convert post_max_size/upload_max_filesize (e.g. '16M') parameters to bytes. + * + * @param string $val Size expressed in string. + * + * @return int Size expressed in bytes. + */ +function return_bytes($val) +{ + if (is_integer_mixed($val) || $val === '0' || empty($val)) { + return $val; + } + $val = trim($val); + $last = strtolower($val[strlen($val) - 1]); + $val = intval(substr($val, 0, -1)); + switch ($last) { + case 'g': + $val *= 1024; + // do no break in order 1024^2 for each unit + case 'm': + $val *= 1024; + // do no break in order 1024^2 for each unit + case 'k': + $val *= 1024; + } + return $val; +} + +/** + * Return a human readable size from bytes. + * + * @param int $bytes value + * + * @return string Human readable size + */ +function human_bytes($bytes) +{ + if ($bytes === '') { + return t('Setting not set'); + } + if (! is_integer_mixed($bytes)) { + return $bytes; + } + $bytes = intval($bytes); + if ($bytes === 0) { + return t('Unlimited'); + } + + $units = [t('B'), t('kiB'), t('MiB'), t('GiB')]; + for ($i = 0; $i < count($units) && $bytes >= 1024; ++$i) { + $bytes /= 1024; + } + + return round($bytes) . $units[$i]; +} + +/** + * Try to determine max file size for uploads (POST). + * Returns an integer (in bytes) or formatted depending on $format. + * + * @param mixed $limitPost post_max_size PHP setting + * @param mixed $limitUpload upload_max_filesize PHP setting + * @param bool $format Format max upload size to human readable size + * + * @return int|string max upload file size + */ +function get_max_upload_size($limitPost, $limitUpload, $format = true) +{ + $size1 = return_bytes($limitPost); + $size2 = return_bytes($limitUpload); + // Return the smaller of two: + $maxsize = min($size1, $size2); + return $format ? human_bytes($maxsize) : $maxsize; +} + +/** + * Sort the given array alphabetically using php-intl if available. + * Case sensitive. + * + * Note: doesn't support multidimensional arrays + * + * @param array $data Input array, passed by reference + * @param bool $reverse Reverse sort if set to true + * @param bool $byKeys Sort the array by keys if set to true, by value otherwise. + */ +function alphabetical_sort(&$data, $reverse = false, $byKeys = false) +{ + $callback = function ($a, $b) use ($reverse) { + // Collator is part of PHP intl. + if (class_exists('Collator')) { + $collator = new Collator(setlocale(LC_COLLATE, 0)); + if (!intl_is_failure(intl_get_error_code())) { + return $collator->compare($a, $b) * ($reverse ? -1 : 1); + } + } + + return strcasecmp($a, $b) * ($reverse ? -1 : 1); + }; + + if ($byKeys) { + uksort($data, $callback); + } else { + usort($data, $callback); + } +} + +/** + * Wrapper function for translation which match the API + * of gettext()/_() and ngettext(). + * + * @param string $text Text to translate. + * @param string $nText The plural message ID. + * @param int $nb The number of items for plural forms. + * @param string $domain The domain where the translation is stored (default: shaarli). + * @param array $variables Associative array of variables to replace in translated text. + * @param bool $fixCase Apply `ucfirst` on the translated string, might be useful for strings with variables. + * + * @return string Text translated. + */ +function t($text, $nText = '', $nb = 1, $domain = 'shaarli', $variables = [], $fixCase = false) +{ + $postFunction = $fixCase ? 'ucfirst' : function ($input) { + return $input; + }; + + return $postFunction(dn__($domain, $text, $nText, $nb, $variables)); +} + +/** + * Converts an exception into a printable stack trace string. + */ +function exception2text(Throwable $e): string +{ + return $e->getMessage() . PHP_EOL . $e->getFile() . $e->getLine() . PHP_EOL . $e->getTraceAsString(); +}