X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=application%2FUtils.php;h=bc1c9f5d6133b67eacc321b3d41da57f60b0f38d;hb=820cae27cfcc94af552818f3f1e5342e00478f6c;hp=9d0ebc5ea3a86c68ac7693c9f793855866658d0c;hpb=b2e2aa42e288e0becaa95bf9cc3be679743fc98e;p=github%2Fshaarli%2FShaarli.git diff --git a/application/Utils.php b/application/Utils.php index 9d0ebc5e..bc1c9f5d 100644 --- a/application/Utils.php +++ b/application/Utils.php @@ -4,21 +4,23 @@ */ /** - * Logs a message to a text file + * Format log using provided data. * - * The log format is compatible with fail2ban. + * @param string $message the message to log + * @param string|null $clientIp the client's remote IPv4/IPv6 address * - * @param string $logFile where to write the logs - * @param string $clientIp the client's remote IPv4/IPv6 address - * @param string $message the message to log + * @return string Formatted message to log */ -function logm($logFile, $clientIp, $message) +function format_log(string $message, string $clientIp = null): string { - file_put_contents( - $logFile, - date('Y/m/d H:i:s').' - '.$clientIp.' - '.strval($message).PHP_EOL, - FILE_APPEND - ); + $out = $message; + + if (!empty($clientIp)) { + // Note: we keep the first dash to avoid breaking fail2ban configs + $out = '- ' . $clientIp . ' - ' . $out; + } + + return $out; } /** @@ -87,14 +89,22 @@ function endsWith($haystack, $needle, $case = true) * * @param mixed $input Data to escape: a single string or an array of strings. * - * @return string escaped. + * @return string|array escaped. */ function escape($input) { + if (null === $input) { + return null; + } + + if (is_bool($input) || is_int($input) || is_float($input) || $input instanceof DateTimeInterface) { + return $input; + } + if (is_array($input)) { $out = array(); - foreach($input as $key => $value) { - $out[$key] = escape($value); + foreach ($input as $key => $value) { + $out[escape($key)] = escape($value); } return $out; } @@ -155,10 +165,10 @@ function checkDateFormat($format, $string) */ function generateLocation($referer, $host, $loopTerms = array()) { - $finalReferer = '?'; + $finalReferer = './?'; // No referer if it contains any value in $loopCriteria. - foreach ($loopTerms as $value) { + foreach (array_filter($loopTerms) as $value) { if (strpos($referer, $value) !== false) { return $finalReferer; } @@ -177,36 +187,6 @@ function generateLocation($referer, $host, $loopTerms = array()) return $finalReferer; } -/** - * Validate session ID to prevent Full Path Disclosure. - * - * See #298. - * The session ID's format depends on the hash algorithm set in PHP settings - * - * @param string $sessionId Session ID - * - * @return true if valid, false otherwise. - * - * @see http://php.net/manual/en/function.hash-algos.php - * @see http://php.net/manual/en/session.configuration.php - */ -function is_session_id_valid($sessionId) -{ - if (empty($sessionId)) { - return false; - } - - if (!$sessionId) { - return false; - } - - if (!preg_match('/^[a-zA-Z0-9,-]{2,128}$/', $sessionId)) { - return false; - } - - return true; -} - /** * Sniff browser language to set the locale automatically. * Note that is may not work on your server if the corresponding locale is not installed. @@ -320,15 +300,15 @@ function normalize_spaces($string) * Requires php-intl to display international datetimes, * otherwise default format '%c' will be returned. * - * @param DateTime $date to format. - * @param bool $time Displays time if true. - * @param bool $intl Use international format if true. + * @param DateTimeInterface $date to format. + * @param bool $time Displays time if true. + * @param bool $intl Use international format if true. * * @return bool|string Formatted date, or false if the input is invalid. */ function format_date($date, $time = true, $intl = true) { - if (! $date instanceof DateTime) { + if (! $date instanceof DateTimeInterface) { return false; } @@ -381,10 +361,13 @@ function return_bytes($val) $val = trim($val); $last = strtolower($val[strlen($val)-1]); $val = intval(substr($val, 0, -1)); - switch($last) { - case 'g': $val *= 1024; - case 'm': $val *= 1024; - case 'k': $val *= 1024; + switch ($last) { + case 'g': + $val *= 1024; + case 'm': + $val *= 1024; + case 'k': + $val *= 1024; } return $val; } @@ -448,7 +431,7 @@ function get_max_upload_size($limitPost, $limitUpload, $format = true) */ function alphabetical_sort(&$data, $reverse = false, $byKeys = false) { - $callback = function($a, $b) use ($reverse) { + $callback = function ($a, $b) use ($reverse) { // Collator is part of PHP intl. if (class_exists('Collator')) { $collator = new Collator(setlocale(LC_COLLATE, 0)); @@ -466,3 +449,28 @@ function alphabetical_sort(&$data, $reverse = false, $byKeys = false) usort($data, $callback); } } + +/** + * Wrapper function for translation which match the API + * of gettext()/_() and ngettext(). + * + * @param string $text Text to translate. + * @param string $nText The plural message ID. + * @param int $nb The number of items for plural forms. + * @param string $domain The domain where the translation is stored (default: shaarli). + * + * @return string Text translated. + */ +function t($text, $nText = '', $nb = 1, $domain = 'shaarli') +{ + return dn__($domain, $text, $nText, $nb); +} + +/** + * Converts an exception into a printable stack trace string. + */ +function exception2text(Throwable $e): string +{ + return $e->getMessage() . PHP_EOL . $e->getFile() . $e->getLine() . PHP_EOL . $e->getTraceAsString(); +} +