Back to index

moin  1.9.0~rc2
util.php
Go to the documentation of this file.
00001 <?php
00002 /*
00003  * FCKeditor - The text editor for Internet - http://www.fckeditor.net
00004  * Copyright (C) 2003-2009 Frederico Caldeira Knabben
00005  *
00006  * == BEGIN LICENSE ==
00007  *
00008  * Licensed under the terms of any of the following licenses at your
00009  * choice:
00010  *
00011  *  - GNU General Public License Version 2 or later (the "GPL")
00012  *    http://www.gnu.org/licenses/gpl.html
00013  *
00014  *  - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
00015  *    http://www.gnu.org/licenses/lgpl.html
00016  *
00017  *  - Mozilla Public License Version 1.1 or later (the "MPL")
00018  *    http://www.mozilla.org/MPL/MPL-1.1.html
00019  *
00020  * == END LICENSE ==
00021  *
00022  * Utility functions for the File Manager Connector for PHP.
00023  */
00024 
00025 function RemoveFromStart( $sourceString, $charToRemove )
00026 {
00027        $sPattern = '|^' . $charToRemove . '+|' ;
00028        return preg_replace( $sPattern, '', $sourceString ) ;
00029 }
00030 
00031 function RemoveFromEnd( $sourceString, $charToRemove )
00032 {
00033        $sPattern = '|' . $charToRemove . '+$|' ;
00034        return preg_replace( $sPattern, '', $sourceString ) ;
00035 }
00036 
00037 function FindBadUtf8( $string )
00038 {
00039        $regex =
00040        '([\x00-\x7F]'.
00041        '|[\xC2-\xDF][\x80-\xBF]'.
00042        '|\xE0[\xA0-\xBF][\x80-\xBF]'.
00043        '|[\xE1-\xEC\xEE\xEF][\x80-\xBF]{2}'.
00044        '|\xED[\x80-\x9F][\x80-\xBF]'.
00045        '|\xF0[\x90-\xBF][\x80-\xBF]{2}'.
00046        '|[\xF1-\xF3][\x80-\xBF]{3}'.
00047        '|\xF4[\x80-\x8F][\x80-\xBF]{2}'.
00048        '|(.{1}))';
00049 
00050        while (preg_match('/'.$regex.'/S', $string, $matches)) {
00051               if ( isset($matches[2])) {
00052                      return true;
00053               }
00054               $string = substr($string, strlen($matches[0]));
00055        }
00056 
00057        return false;
00058 }
00059 
00060 function ConvertToXmlAttribute( $value )
00061 {
00062        if ( defined( 'PHP_OS' ) )
00063        {
00064               $os = PHP_OS ;
00065        }
00066        else
00067        {
00068               $os = php_uname() ;
00069        }
00070 
00071        if ( strtoupper( substr( $os, 0, 3 ) ) === 'WIN' || FindBadUtf8( $value ) )
00072        {
00073               return ( utf8_encode( htmlspecialchars( $value ) ) ) ;
00074        }
00075        else
00076        {
00077               return ( htmlspecialchars( $value ) ) ;
00078        }
00079 }
00080 
00088 function IsHtmlExtension( $ext, $htmlExtensions )
00089 {
00090        if ( !$htmlExtensions || !is_array( $htmlExtensions ) )
00091        {
00092               return false ;
00093        }
00094        $lcaseHtmlExtensions = array() ;
00095        foreach ( $htmlExtensions as $key => $val )
00096        {
00097               $lcaseHtmlExtensions[$key] = strtolower( $val ) ;
00098        }
00099        return in_array( $ext, $lcaseHtmlExtensions ) ;
00100 }
00101 
00110 function DetectHtml( $filePath )
00111 {
00112        $fp = @fopen( $filePath, 'rb' ) ;
00113 
00114        //open_basedir restriction, see #1906
00115        if ( $fp === false || !flock( $fp, LOCK_SH ) )
00116        {
00117               return -1 ;
00118        }
00119 
00120        $chunk = fread( $fp, 1024 ) ;
00121        flock( $fp, LOCK_UN ) ;
00122        fclose( $fp ) ;
00123 
00124        $chunk = strtolower( $chunk ) ;
00125 
00126        if (!$chunk)
00127        {
00128               return false ;
00129        }
00130 
00131        $chunk = trim( $chunk ) ;
00132 
00133        if ( preg_match( "/<!DOCTYPE\W*X?HTML/sim", $chunk ) )
00134        {
00135               return true;
00136        }
00137 
00138        $tags = array( '<body', '<head', '<html', '<img', '<pre', '<script', '<table', '<title' ) ;
00139 
00140        foreach( $tags as $tag )
00141        {
00142               if( false !== strpos( $chunk, $tag ) )
00143               {
00144                      return true ;
00145               }
00146        }
00147 
00148        //type = javascript
00149        if ( preg_match( '!type\s*=\s*[\'"]?\s*(?:\w*/)?(?:ecma|java)!sim', $chunk ) )
00150        {
00151               return true ;
00152        }
00153 
00154        //href = javascript
00155        //src = javascript
00156        //data = javascript
00157        if ( preg_match( '!(?:href|src|data)\s*=\s*[\'"]?\s*(?:ecma|java)script:!sim', $chunk ) )
00158        {
00159               return true ;
00160        }
00161 
00162        //url(javascript
00163        if ( preg_match( '!url\s*\(\s*[\'"]?\s*(?:ecma|java)script:!sim', $chunk ) )
00164        {
00165               return true ;
00166        }
00167 
00168        return false ;
00169 }
00170 
00181 function IsImageValid( $filePath, $extension )
00182 {
00183        if (!@is_readable($filePath)) {
00184               return -1;
00185        }
00186 
00187        $imageCheckExtensions = array('gif', 'jpeg', 'jpg', 'png', 'swf', 'psd', 'bmp', 'iff');
00188 
00189        // version_compare is available since PHP4 >= 4.0.7
00190        if ( function_exists( 'version_compare' ) ) {
00191               $sCurrentVersion = phpversion();
00192               if ( version_compare( $sCurrentVersion, "4.2.0" ) >= 0 ) {
00193                      $imageCheckExtensions[] = "tiff";
00194                      $imageCheckExtensions[] = "tif";
00195               }
00196               if ( version_compare( $sCurrentVersion, "4.3.0" ) >= 0 ) {
00197                      $imageCheckExtensions[] = "swc";
00198               }
00199               if ( version_compare( $sCurrentVersion, "4.3.2" ) >= 0 ) {
00200                      $imageCheckExtensions[] = "jpc";
00201                      $imageCheckExtensions[] = "jp2";
00202                      $imageCheckExtensions[] = "jpx";
00203                      $imageCheckExtensions[] = "jb2";
00204                      $imageCheckExtensions[] = "xbm";
00205                      $imageCheckExtensions[] = "wbmp";
00206               }
00207        }
00208 
00209        if ( !in_array( $extension, $imageCheckExtensions ) ) {
00210               return true;
00211        }
00212 
00213        if ( @getimagesize( $filePath ) === false ) {
00214               return false ;
00215        }
00216 
00217        return true;
00218 }
00219 
00220 ?>