| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * The Horde_Util:: class provides generally useful methods. 4 * 5 * Copyright 1999-2014 Horde LLC (http://www.horde.org/) 6 * 7 * See the enclosed file COPYING for license information (LGPL). If you 8 * did not receive this file, see http://www.horde.org/licenses/lgpl21. 9 * 10 * @author Chuck Hagenbuch <chuck@horde.org> 11 * @author Jon Parise <jon@horde.org> 12 * @category Horde 13 * @license http://www.horde.org/licenses/lgpl21 LGPL 2.1 14 * @package Util 15 */ 16 class Horde_Util 17 { 18 /** 19 * A list of random patterns to use for overwriting purposes. 20 * See http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html. 21 * We save the random overwrites for efficiency reasons. 22 * 23 * @var array 24 */ 25 static public $patterns = array( 26 "\x55", "\xaa", "\x92\x49\x24", "\x49\x24\x92", "\x24\x92\x49", 27 "\x00", "\x11", "\x22", "\x33", "\x44", "\x55", "\x66", "\x77", 28 "\x88", "\x99", "\xaa", "\xbb", "\xcc", "\xdd", "\xee", "\xff", 29 "\x92\x49\x24", "\x49\x24\x92", "\x24\x92\x49", "\x6d\xb6\xdb", 30 "\xb6\xdb\x6d", "\xdb\x6d\xb6" 31 ); 32 33 /** 34 * Are magic quotes in use? 35 * 36 * @var boolean 37 */ 38 static protected $_magicquotes = null; 39 40 /** 41 * TODO 42 * 43 * @var array 44 */ 45 static protected $_shutdowndata = array( 46 'dirs' => array(), 47 'files' => array(), 48 'secure' => array() 49 ); 50 51 /** 52 * Has the shutdown method been registered? 53 * 54 * @var boolean 55 */ 56 static protected $_shutdownreg = false; 57 58 /** 59 * Cache for extensionExists(). 60 * 61 * @var array 62 */ 63 static protected $_cache = array(); 64 65 /** 66 * Checks to see if a value has been set by the script and not by GET, 67 * POST, or cookie input. The value being checked MUST be in the global 68 * scope. 69 * 70 * @param string $varname The variable name to check. 71 * @param mixed $default Default value if the variable isn't present 72 * or was specified by the user. Defaults to null. 73 * 74 * @return mixed $default if the var is in user input or not present, 75 * the variable value otherwise. 76 */ 77 static public function nonInputVar($varname, $default = null) 78 { 79 return (isset($_GET[$varname]) || isset($_POST[$varname]) || isset($_COOKIE[$varname])) 80 ? $default 81 : (isset($GLOBALS[$varname]) ? $GLOBALS[$varname] : $default); 82 } 83 84 /** 85 * Returns a hidden form input containing the session name and id. 86 * 87 * @param boolean $append_session 0 = only if needed, 1 = always. 88 * 89 * @return string The hidden form input, if needed/requested. 90 */ 91 static public function formInput($append_session = 0) 92 { 93 return (($append_session == 1) || !isset($_COOKIE[session_name()])) 94 ? '<input type="hidden" name="' . htmlspecialchars(session_name()) . '" value="' . htmlspecialchars(session_id()) . "\" />\n" 95 : ''; 96 } 97 98 /** 99 * Prints a hidden form input containing the session name and id. 100 * 101 * @param boolean $append_session 0 = only if needed, 1 = always. 102 */ 103 static public function pformInput($append_session = 0) 104 { 105 echo self::formInput($append_session); 106 } 107 108 /** 109 * If magic_quotes_gpc is in use, run stripslashes() on $var. 110 * 111 * @param mixed $var The string, or an array of strings, to un-quote. 112 * 113 * @return mixed $var, minus any magic quotes. 114 */ 115 static public function dispelMagicQuotes($var) 116 { 117 if (is_null(self::$_magicquotes)) { 118 self::$_magicquotes = get_magic_quotes_gpc(); 119 } 120 121 if (self::$_magicquotes) { 122 $var = is_array($var) 123 ? array_map(array(__CLASS__, 'dispelMagicQuotes'), $var) 124 : stripslashes($var); 125 } 126 127 return $var; 128 } 129 130 /** 131 * Gets a form variable from GET or POST data, stripped of magic quotes if 132 * necessary. If the variable is somehow set in both the GET data and the 133 * POST data, the value from the POST data will be returned and the GET 134 * value will be ignored. 135 * 136 * @param string $var The name of the form variable to look for. 137 * @param string $default The value to return if the variable is not 138 * there. 139 * 140 * @return string The cleaned form variable, or $default. 141 */ 142 static public function getFormData($var, $default = null) 143 { 144 return (($val = self::getPost($var)) !== null) 145 ? $val 146 : self::getGet($var, $default); 147 } 148 149 /** 150 * Gets a form variable from GET data, stripped of magic quotes if 151 * necessary. This function will NOT return a POST variable. 152 * 153 * @param string $var The name of the form variable to look for. 154 * @param string $default The value to return if the variable is not 155 * there. 156 * 157 * @return string The cleaned form variable, or $default. 158 */ 159 static public function getGet($var, $default = null) 160 { 161 return (isset($_GET[$var])) 162 ? self::dispelMagicQuotes($_GET[$var]) 163 : $default; 164 } 165 166 /** 167 * Gets a form variable from POST data, stripped of magic quotes if 168 * necessary. This function will NOT return a GET variable. 169 * 170 * @param string $var The name of the form variable to look for. 171 * @param string $default The value to return if the variable is not 172 * there. 173 * 174 * @return string The cleaned form variable, or $default. 175 */ 176 static public function getPost($var, $default = null) 177 { 178 return (isset($_POST[$var])) 179 ? self::dispelMagicQuotes($_POST[$var]) 180 : $default; 181 } 182 183 /** 184 * Creates a temporary filename for the lifetime of the script, and 185 * (optionally) registers it to be deleted at request shutdown. 186 * 187 * @param string $prefix Prefix to make the temporary name more 188 * recognizable. 189 * @param boolean $delete Delete the file at the end of the request? 190 * @param string $dir Directory to create the temporary file in. 191 * @param boolean $secure If deleting the file, should we securely delete 192 * the file by overwriting it with random data? 193 * 194 * @return string Returns the full path-name to the temporary file. 195 * Returns false if a temp file could not be created. 196 */ 197 static public function getTempFile($prefix = '', $delete = true, $dir = '', 198 $secure = false) 199 { 200 $tempDir = (empty($dir) || !is_dir($dir)) 201 ? sys_get_temp_dir() 202 : $dir; 203 204 $tempFile = tempnam($tempDir, $prefix); 205 206 // If the file was created, then register it for deletion and return. 207 if (empty($tempFile)) { 208 return false; 209 } 210 211 if ($delete) { 212 self::deleteAtShutdown($tempFile, true, $secure); 213 } 214 215 return $tempFile; 216 } 217 218 /** 219 * Creates a temporary filename with a specific extension for the lifetime 220 * of the script, and (optionally) registers it to be deleted at request 221 * shutdown. 222 * 223 * @param string $extension The file extension to use. 224 * @param string $prefix Prefix to make the temporary name more 225 * recognizable. 226 * @param boolean $delete Delete the file at the end of the request? 227 * @param string $dir Directory to create the temporary file in. 228 * @param boolean $secure If deleting file, should we securely delete 229 * the file by overwriting it with random data? 230 * 231 * @return string Returns the full path-name to the temporary file. 232 * Returns false if a temporary file could not be created. 233 */ 234 static public function getTempFileWithExtension($extension = '.tmp', 235 $prefix = '', 236 $delete = true, $dir = '', 237 $secure = false) 238 { 239 $tempDir = (empty($dir) || !is_dir($dir)) 240 ? sys_get_temp_dir() 241 : $dir; 242 243 if (empty($tempDir)) { 244 return false; 245 } 246 247 $windows = substr(PHP_OS, 0, 3) == 'WIN'; 248 $tries = 1; 249 do { 250 // Get a known, unique temporary file name. 251 $sysFileName = tempnam($tempDir, $prefix); 252 if ($sysFileName === false) { 253 return false; 254 } 255 256 // tack on the extension 257 $tmpFileName = $sysFileName . $extension; 258 if ($sysFileName == $tmpFileName) { 259 return $sysFileName; 260 } 261 262 // Move or point the created temporary file to the full filename 263 // with extension. These calls fail if the new name already 264 // exists. 265 $fileCreated = ($windows ? @rename($sysFileName, $tmpFileName) : @link($sysFileName, $tmpFileName)); 266 if ($fileCreated) { 267 if (!$windows) { 268 unlink($sysFileName); 269 } 270 271 if ($delete) { 272 self::deleteAtShutdown($tmpFileName, true, $secure); 273 } 274 275 return $tmpFileName; 276 } 277 278 unlink($sysFileName); 279 } while (++$tries <= 5); 280 281 return false; 282 } 283 284 /** 285 * Creates a temporary directory in the system's temporary directory. 286 * 287 * @param boolean $delete Delete the temporary directory at the end of 288 * the request? 289 * @param string $temp_dir Use this temporary directory as the directory 290 * where the temporary directory will be created. 291 * 292 * @return string The pathname to the new temporary directory. 293 * Returns false if directory not created. 294 */ 295 static public function createTempDir($delete = true, $temp_dir = null) 296 { 297 if (is_null($temp_dir)) { 298 $temp_dir = sys_get_temp_dir(); 299 } 300 301 if (empty($temp_dir)) { 302 return false; 303 } 304 305 /* Get the first 8 characters of a random string to use as a temporary 306 directory name. */ 307 do { 308 $new_dir = $temp_dir . '/' . substr(base_convert(uniqid(mt_rand()), 10, 36), 0, 8); 309 } while (file_exists($new_dir)); 310 311 $old_umask = umask(0000); 312 if (!mkdir($new_dir, 0700)) { 313 $new_dir = false; 314 } elseif ($delete) { 315 self::deleteAtShutdown($new_dir); 316 } 317 umask($old_umask); 318 319 return $new_dir; 320 } 321 322 /** 323 * Returns the canonical path of the string. Like PHP's built-in 324 * realpath() except the directory need not exist on the local server. 325 * 326 * Algorithim loosely based on code from the Perl File::Spec::Unix module 327 * (version 1.5). 328 * 329 * @param string $path A file path. 330 * 331 * @return string The canonicalized file path. 332 */ 333 static public function realPath($path) 334 { 335 /* Standardize on UNIX directory separators. */ 336 if (!strncasecmp(PHP_OS, 'WIN', 3)) { 337 $path = str_replace('\\', '/', $path); 338 } 339 340 /* xx////xx -> xx/xx 341 * xx/././xx -> xx/xx */ 342 $path = preg_replace(array("|/+|", "@(/\.)+(/|\Z(?!\n))@"), array('/', '/'), $path); 343 344 /* ./xx -> xx */ 345 if ($path != './') { 346 $path = preg_replace("|^(\./)+|", '', $path); 347 } 348 349 /* /../../xx -> xx */ 350 $path = preg_replace("|^/(\.\./?)+|", '/', $path); 351 352 /* xx/ -> xx */ 353 if ($path != '/') { 354 $path = preg_replace("|/\Z(?!\n)|", '', $path); 355 } 356 357 /* /xx/.. -> / */ 358 while (strpos($path, '/..') !== false) { 359 $path = preg_replace("|/[^/]+/\.\.|", '', $path); 360 } 361 362 return empty($path) ? '/' : $path; 363 } 364 365 /** 366 * Removes given elements at request shutdown. 367 * 368 * If called with a filename will delete that file at request shutdown; if 369 * called with a directory will remove that directory and all files in that 370 * directory at request shutdown. 371 * 372 * If called with no arguments, return all elements to be deleted (this 373 * should only be done by Horde_Util::_deleteAtShutdown()). 374 * 375 * The first time it is called, it initializes the array and registers 376 * Horde_Util::_deleteAtShutdown() as a shutdown function - no need to do 377 * so manually. 378 * 379 * The second parameter allows the unregistering of previously registered 380 * elements. 381 * 382 * @param string $filename The filename to be deleted at the end of the 383 * request. 384 * @param boolean $register If true, then register the element for 385 * deletion, otherwise, unregister it. 386 * @param boolean $secure If deleting file, should we securely delete 387 * the file? 388 */ 389 static public function deleteAtShutdown($filename, $register = true, 390 $secure = false) 391 { 392 /* Initialization of variables and shutdown functions. */ 393 if (!self::$_shutdownreg) { 394 register_shutdown_function(array(__CLASS__, 'shutdown')); 395 self::$_shutdownreg = true; 396 } 397 398 $ptr = &self::$_shutdowndata; 399 if ($register) { 400 if (@is_dir($filename)) { 401 $ptr['dirs'][$filename] = true; 402 } else { 403 $ptr['files'][$filename] = true; 404 } 405 406 if ($secure) { 407 $ptr['secure'][$filename] = true; 408 } 409 } else { 410 unset($ptr['dirs'][$filename], $ptr['files'][$filename], $ptr['secure'][$filename]); 411 } 412 } 413 414 /** 415 * Deletes registered files at request shutdown. 416 * 417 * This function should never be called manually; it is registered as a 418 * shutdown function by Horde_Util::deleteAtShutdown() and called 419 * automatically at the end of the request. 420 * 421 * Contains code from gpg_functions.php. 422 * Copyright 2002-2003 Braverock Ventures 423 */ 424 static public function shutdown() 425 { 426 $ptr = &self::$_shutdowndata; 427 428 foreach ($ptr['files'] as $file => $val) { 429 /* Delete files */ 430 if ($val && file_exists($file)) { 431 /* Should we securely delete the file by overwriting the data 432 with a random string? */ 433 if (isset($ptr['secure'][$file])) { 434 $filesize = filesize($file); 435 $fp = fopen($file, 'r+'); 436 foreach (self::$patterns as $pattern) { 437 $pattern = substr(str_repeat($pattern, floor($filesize / strlen($pattern)) + 1), 0, $filesize); 438 fwrite($fp, $pattern); 439 fseek($fp, 0); 440 } 441 fclose($fp); 442 } 443 @unlink($file); 444 } 445 } 446 447 foreach ($ptr['dirs'] as $dir => $val) { 448 /* Delete directories */ 449 if ($val && file_exists($dir)) { 450 /* Make sure directory is empty. */ 451 $dir_class = dir($dir); 452 while (false !== ($entry = $dir_class->read())) { 453 if ($entry != '.' && $entry != '..') { 454 @unlink($dir . '/' . $entry); 455 } 456 } 457 $dir_class->close(); 458 @rmdir($dir); 459 } 460 } 461 } 462 463 /** 464 * Caches the result of extension_loaded() calls. 465 * 466 * @param string $ext The extension name. 467 * 468 * @return boolean Is the extension loaded? 469 */ 470 static public function extensionExists($ext) 471 { 472 if (!isset(self::$_cache[$ext])) { 473 self::$_cache[$ext] = extension_loaded($ext); 474 } 475 476 return self::$_cache[$ext]; 477 } 478 479 /** 480 * Tries to load a PHP extension, behaving correctly for all operating 481 * systems. 482 * 483 * @param string $ext The extension to load. 484 * 485 * @return boolean True if the extension is now loaded, false if not. 486 * True can mean that the extension was already loaded, 487 * OR was loaded dynamically. 488 */ 489 static public function loadExtension($ext) 490 { 491 /* If $ext is already loaded, our work is done. */ 492 if (self::extensionExists($ext)) { 493 return true; 494 } 495 496 /* See if we can call dl() at all, by the current ini settings. 497 * dl() has been removed in some PHP 5.3 SAPIs. */ 498 if ((ini_get('enable_dl') != 1) || 499 (ini_get('safe_mode') == 1) || 500 !function_exists('dl')) { 501 return false; 502 } 503 504 if (!strncasecmp(PHP_OS, 'WIN', 3)) { 505 $suffix = 'dll'; 506 } else { 507 switch (PHP_OS) { 508 case 'HP-UX': 509 $suffix = 'sl'; 510 break; 511 512 case 'AIX': 513 $suffix = 'a'; 514 break; 515 516 case 'OSX': 517 $suffix = 'bundle'; 518 break; 519 520 default: 521 $suffix = 'so'; 522 } 523 } 524 525 return dl($ext . '.' . $suffix) || dl('php_' . $ext . '.' . $suffix); 526 } 527 528 /** 529 * Utility function to obtain PATH_INFO information. 530 * 531 * @return string The PATH_INFO string. 532 */ 533 static public function getPathInfo() 534 { 535 if (isset($_SERVER['PATH_INFO']) && 536 (strpos($_SERVER['SERVER_SOFTWARE'], 'lighttpd') === false)) { 537 return $_SERVER['PATH_INFO']; 538 } elseif (isset($_SERVER['REQUEST_URI']) && 539 isset($_SERVER['SCRIPT_NAME'])) { 540 $search = Horde_String::common($_SERVER['SCRIPT_NAME'], $_SERVER['REQUEST_URI']); 541 if (substr($search, -1) == '/') { 542 $search = substr($search, 0, -1); 543 } 544 $search = array($search); 545 if (!empty($_SERVER['QUERY_STRING'])) { 546 // We can't use QUERY_STRING directly because URL rewriting 547 // might add more parameters to the query string than those 548 // from the request URI. 549 $url = parse_url($_SERVER['REQUEST_URI']); 550 if (!empty($url['query'])) { 551 $search[] = '?' . $url['query']; 552 } 553 } 554 $path = str_replace($search, '', $_SERVER['REQUEST_URI']); 555 if ($path == '/') { 556 $path = ''; 557 } 558 return $path; 559 } 560 561 return ''; 562 } 563 564 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Aug 11 10:00:09 2016 | Cross-referenced by PHPXref 0.7.1 |