diff options
Diffstat (limited to 'system/libraries')
36 files changed, 19945 insertions, 0 deletions
diff --git a/system/libraries/Benchmark.php b/system/libraries/Benchmark.php new file mode 100644 index 000000000..695029ed4 --- /dev/null +++ b/system/libraries/Benchmark.php @@ -0,0 +1,113 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * CodeIgniter Benchmark Class + * + * This class enables you to mark points and calculate the time difference + * between them. Memory consumption can also be displayed. + * + * @package CodeIgniter + * @subpackage Libraries + * @category Libraries + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/benchmark.html + */ +class CI_Benchmark { + + var $marker = array(); + + // -------------------------------------------------------------------- + + /** + * Set a benchmark marker + * + * Multiple calls to this function can be made so that several + * execution points can be timed + * + * @access public + * @param string $name name of the marker + * @return void + */ + function mark($name) + { + $this->marker[$name] = microtime(); + } + + // -------------------------------------------------------------------- + + /** + * Calculates the time difference between two marked points. + * + * If the first parameter is empty this function instead returns the + * {elapsed_time} pseudo-variable. This permits the full system + * execution time to be shown in a template. The output class will + * swap the real value for this variable. + * + * @access public + * @param string a particular marked point + * @param string a particular marked point + * @param integer the number of decimal places + * @return mixed + */ + function elapsed_time($point1 = '', $point2 = '', $decimals = 4) + { + if ($point1 == '') + { + return '{elapsed_time}'; + } + + if ( ! isset($this->marker[$point1])) + { + return ''; + } + + if ( ! isset($this->marker[$point2])) + { + $this->marker[$point2] = microtime(); + } + + list($sm, $ss) = explode(' ', $this->marker[$point1]); + list($em, $es) = explode(' ', $this->marker[$point2]); + + return number_format(($em + $es) - ($sm + $ss), $decimals); + } + + // -------------------------------------------------------------------- + + /** + * Memory Usage + * + * This function returns the {memory_usage} pseudo-variable. + * This permits it to be put it anywhere in a template + * without the memory being calculated until the end. + * The output class will swap the real value for this variable. + * + * @access public + * @return string + */ + function memory_usage() + { + return '{memory_usage}'; + } + +} + +// END CI_Benchmark class + +/* End of file Benchmark.php */ +/* Location: ./system/libraries/Benchmark.php */
\ No newline at end of file diff --git a/system/libraries/Calendar.php b/system/libraries/Calendar.php new file mode 100644 index 000000000..68d402254 --- /dev/null +++ b/system/libraries/Calendar.php @@ -0,0 +1,477 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * CodeIgniter Calendar Class + * + * This class enables the creation of calendars + * + * @package CodeIgniter + * @subpackage Libraries + * @category Libraries + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/calendar.html + */ +class CI_Calendar { + + var $CI; + var $lang; + var $local_time; + var $template = ''; + var $start_day = 'sunday'; + var $month_type = 'long'; + var $day_type = 'abr'; + var $show_next_prev = FALSE; + var $next_prev_url = ''; + + /** + * Constructor + * + * Loads the calendar language file and sets the default time reference + * + * @access public + */ + function CI_Calendar($config = array()) + { + $this->CI =& get_instance(); + + if ( ! in_array('calendar_lang'.EXT, $this->CI->lang->is_loaded, TRUE)) + { + $this->CI->lang->load('calendar'); + } + + $this->local_time = time(); + + if (count($config) > 0) + { + $this->initialize($config); + } + + log_message('debug', "Calendar Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Initialize the user preferences + * + * Accepts an associative array as input, containing display preferences + * + * @access public + * @param array config preferences + * @return void + */ + function initialize($config = array()) + { + foreach ($config as $key => $val) + { + if (isset($this->$key)) + { + $this->$key = $val; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Generate the calendar + * + * @access public + * @param integer the year + * @param integer the month + * @param array the data to be shown in the calendar cells + * @return string + */ + function generate($year = '', $month = '', $data = array()) + { + // Set and validate the supplied month/year + if ($year == '') + $year = date("Y", $this->local_time); + + if ($month == '') + $month = date("m", $this->local_time); + + if (strlen($year) == 1) + $year = '200'.$year; + + if (strlen($year) == 2) + $year = '20'.$year; + + if (strlen($month) == 1) + $month = '0'.$month; + + $adjusted_date = $this->adjust_date($month, $year); + + $month = $adjusted_date['month']; + $year = $adjusted_date['year']; + + // Determine the total days in the month + $total_days = $this->get_total_days($month, $year); + + // Set the starting day of the week + $start_days = array('sunday' => 0, 'monday' => 1, 'tuesday' => 2, 'wednesday' => 3, 'thursday' => 4, 'friday' => 5, 'saturday' => 6); + $start_day = ( ! isset($start_days[$this->start_day])) ? 0 : $start_days[$this->start_day]; + + // Set the starting day number + $local_date = mktime(12, 0, 0, $month, 1, $year); + $date = getdate($local_date); + $day = $start_day + 1 - $date["wday"]; + + while ($day > 1) + { + $day -= 7; + } + + // Set the current month/year/day + // We use this to determine the "today" date + $cur_year = date("Y", $this->local_time); + $cur_month = date("m", $this->local_time); + $cur_day = date("j", $this->local_time); + + $is_current_month = ($cur_year == $year AND $cur_month == $month) ? TRUE : FALSE; + + // Generate the template data array + $this->parse_template(); + + // Begin building the calendar output + $out = $this->temp['table_open']; + $out .= "\n"; + + $out .= "\n"; + $out .= $this->temp['heading_row_start']; + $out .= "\n"; + + // "previous" month link + if ($this->show_next_prev == TRUE) + { + // Add a trailing slash to the URL if needed + $this->next_prev_url = preg_replace("/(.+?)\/*$/", "\\1/", $this->next_prev_url); + + $adjusted_date = $this->adjust_date($month - 1, $year); + $out .= str_replace('{previous_url}', $this->next_prev_url.$adjusted_date['year'].'/'.$adjusted_date['month'], $this->temp['heading_previous_cell']); + $out .= "\n"; + } + + // Heading containing the month/year + $colspan = ($this->show_next_prev == TRUE) ? 5 : 7; + + $this->temp['heading_title_cell'] = str_replace('{colspan}', $colspan, $this->temp['heading_title_cell']); + $this->temp['heading_title_cell'] = str_replace('{heading}', $this->get_month_name($month)." ".$year, $this->temp['heading_title_cell']); + + $out .= $this->temp['heading_title_cell']; + $out .= "\n"; + + // "next" month link + if ($this->show_next_prev == TRUE) + { + $adjusted_date = $this->adjust_date($month + 1, $year); + $out .= str_replace('{next_url}', $this->next_prev_url.$adjusted_date['year'].'/'.$adjusted_date['month'], $this->temp['heading_next_cell']); + } + + $out .= "\n"; + $out .= $this->temp['heading_row_end']; + $out .= "\n"; + + // Write the cells containing the days of the week + $out .= "\n"; + $out .= $this->temp['week_row_start']; + $out .= "\n"; + + $day_names = $this->get_day_names(); + + for ($i = 0; $i < 7; $i ++) + { + $out .= str_replace('{week_day}', $day_names[($start_day + $i) %7], $this->temp['week_day_cell']); + } + + $out .= "\n"; + $out .= $this->temp['week_row_end']; + $out .= "\n"; + + // Build the main body of the calendar + while ($day <= $total_days) + { + $out .= "\n"; + $out .= $this->temp['cal_row_start']; + $out .= "\n"; + + for ($i = 0; $i < 7; $i++) + { + $out .= ($is_current_month == TRUE AND $day == $cur_day) ? $this->temp['cal_cell_start_today'] : $this->temp['cal_cell_start']; + + if ($day > 0 AND $day <= $total_days) + { + if (isset($data[$day])) + { + // Cells with content + $temp = ($is_current_month == TRUE AND $day == $cur_day) ? $this->temp['cal_cell_content_today'] : $this->temp['cal_cell_content']; + $out .= str_replace('{day}', $day, str_replace('{content}', $data[$day], $temp)); + } + else + { + // Cells with no content + $temp = ($is_current_month == TRUE AND $day == $cur_day) ? $this->temp['cal_cell_no_content_today'] : $this->temp['cal_cell_no_content']; + $out .= str_replace('{day}', $day, $temp); + } + } + else + { + // Blank cells + $out .= $this->temp['cal_cell_blank']; + } + + $out .= ($is_current_month == TRUE AND $day == $cur_day) ? $this->temp['cal_cell_end_today'] : $this->temp['cal_cell_end']; + $day++; + } + + $out .= "\n"; + $out .= $this->temp['cal_row_end']; + $out .= "\n"; + } + + $out .= "\n"; + $out .= $this->temp['table_close']; + + return $out; + } + + // -------------------------------------------------------------------- + + /** + * Get Month Name + * + * Generates a textual month name based on the numeric + * month provided. + * + * @access public + * @param integer the month + * @return string + */ + function get_month_name($month) + { + if ($this->month_type == 'short') + { + $month_names = array('01' => 'cal_jan', '02' => 'cal_feb', '03' => 'cal_mar', '04' => 'cal_apr', '05' => 'cal_may', '06' => 'cal_jun', '07' => 'cal_jul', '08' => 'cal_aug', '09' => 'cal_sep', '10' => 'cal_oct', '11' => 'cal_nov', '12' => 'cal_dec'); + } + else + { + $month_names = array('01' => 'cal_january', '02' => 'cal_february', '03' => 'cal_march', '04' => 'cal_april', '05' => 'cal_mayl', '06' => 'cal_june', '07' => 'cal_july', '08' => 'cal_august', '09' => 'cal_september', '10' => 'cal_october', '11' => 'cal_november', '12' => 'cal_december'); + } + + $month = $month_names[$month]; + + if ($this->CI->lang->line($month) === FALSE) + { + return ucfirst(str_replace('cal_', '', $month)); + } + + return $this->CI->lang->line($month); + } + + // -------------------------------------------------------------------- + + /** + * Get Day Names + * + * Returns an array of day names (Sunday, Monday, etc.) based + * on the type. Options: long, short, abrev + * + * @access public + * @param string + * @return array + */ + function get_day_names($day_type = '') + { + if ($day_type != '') + $this->day_type = $day_type; + + if ($this->day_type == 'long') + { + $day_names = array('sunday', 'monday', 'tuesday', 'wednesday', 'thursday', 'friday', 'saturday'); + } + elseif ($this->day_type == 'short') + { + $day_names = array('sun', 'mon', 'tue', 'wed', 'thu', 'fri', 'sat'); + } + else + { + $day_names = array('su', 'mo', 'tu', 'we', 'th', 'fr', 'sa'); + } + + $days = array(); + foreach ($day_names as $val) + { + $days[] = ($this->CI->lang->line('cal_'.$val) === FALSE) ? ucfirst($val) : $this->CI->lang->line('cal_'.$val); + } + + return $days; + } + + // -------------------------------------------------------------------- + + /** + * Adjust Date + * + * This function makes sure that we have a valid month/year. + * For example, if you submit 13 as the month, the year will + * increment and the month will become January. + * + * @access public + * @param integer the month + * @param integer the year + * @return array + */ + function adjust_date($month, $year) + { + $date = array(); + + $date['month'] = $month; + $date['year'] = $year; + + while ($date['month'] > 12) + { + $date['month'] -= 12; + $date['year']++; + } + + while ($date['month'] <= 0) + { + $date['month'] += 12; + $date['year']--; + } + + if (strlen($date['month']) == 1) + { + $date['month'] = '0'.$date['month']; + } + + return $date; + } + + // -------------------------------------------------------------------- + + /** + * Total days in a given month + * + * @access public + * @param integer the month + * @param integer the year + * @return integer + */ + function get_total_days($month, $year) + { + $days_in_month = array(31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31); + + if ($month < 1 OR $month > 12) + { + return 0; + } + + // Is the year a leap year? + if ($month == 2) + { + if ($year % 400 == 0 OR ($year % 4 == 0 AND $year % 100 != 0)) + { + return 29; + } + } + + return $days_in_month[$month - 1]; + } + + // -------------------------------------------------------------------- + + /** + * Set Default Template Data + * + * This is used in the event that the user has not created their own template + * + * @access public + * @return array + */ + function default_template() + { + return array ( + 'table_open' => '<table border="0" cellpadding="4" cellspacing="0">', + 'heading_row_start' => '<tr>', + 'heading_previous_cell' => '<th><a href="{previous_url}"><<</a></th>', + 'heading_title_cell' => '<th colspan="{colspan}">{heading}</th>', + 'heading_next_cell' => '<th><a href="{next_url}">>></a></th>', + 'heading_row_end' => '</tr>', + 'week_row_start' => '<tr>', + 'week_day_cell' => '<td>{week_day}</td>', + 'week_row_end' => '</tr>', + 'cal_row_start' => '<tr>', + 'cal_cell_start' => '<td>', + 'cal_cell_start_today' => '<td>', + 'cal_cell_content' => '<a href="{content}">{day}</a>', + 'cal_cell_content_today' => '<a href="{content}"><strong>{day}</strong></a>', + 'cal_cell_no_content' => '{day}', + 'cal_cell_no_content_today' => '<strong>{day}</strong>', + 'cal_cell_blank' => ' ', + 'cal_cell_end' => '</td>', + 'cal_cell_end_today' => '</td>', + 'cal_row_end' => '</tr>', + 'table_close' => '</table>' + ); + } + + // -------------------------------------------------------------------- + + /** + * Parse Template + * + * Harvests the data within the template {pseudo-variables} + * used to display the calendar + * + * @access public + * @return void + */ + function parse_template() + { + $this->temp = $this->default_template(); + + if ($this->template == '') + { + return; + } + + $today = array('cal_cell_start_today', 'cal_cell_content_today', 'cal_cell_no_content_today', 'cal_cell_end_today'); + + foreach (array('table_open', 'table_close', 'heading_row_start', 'heading_previous_cell', 'heading_title_cell', 'heading_next_cell', 'heading_row_end', 'week_row_start', 'week_day_cell', 'week_row_end', 'cal_row_start', 'cal_cell_start', 'cal_cell_content', 'cal_cell_no_content', 'cal_cell_blank', 'cal_cell_end', 'cal_row_end', 'cal_cell_start_today', 'cal_cell_content_today', 'cal_cell_no_content_today', 'cal_cell_end_today') as $val) + { + if (preg_match("/\{".$val."\}(.*?)\{\/".$val."\}/si", $this->template, $match)) + { + $this->temp[$val] = $match['1']; + } + else + { + if (in_array($val, $today, TRUE)) + { + $this->temp[$val] = $this->temp[str_replace('_today', '', $val)]; + } + } + } + } + +} + +// END CI_Calendar class + +/* End of file Calendar.php */ +/* Location: ./system/libraries/Calendar.php */
\ No newline at end of file diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php new file mode 100644 index 000000000..2eb8b75be --- /dev/null +++ b/system/libraries/Cart.php @@ -0,0 +1,550 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2006 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Shopping Cart Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Shopping Cart + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/cart.html + */ +class CI_Cart { + + // These are the regular expression rules that we use to validate the product ID and product name + var $product_id_rules = '\.a-z0-9_-'; // alpha-numeric, dashes, underscores, or periods + var $product_name_rules = '\.\:\-_ a-z0-9'; // alpha-numeric, dashes, underscores, colons or periods + + // Private variables. Do not change! + var $CI; + var $_cart_contents = array(); + + + /** + * Shopping Class Constructor + * + * The constructor loads the Session class, used to store the shopping cart contents. + */ + function CI_Cart($params = array()) + { + // Set the super object to a local variable for use later + $this->CI =& get_instance(); + + // Are any config settings being passed manually? If so, set them + $config = array(); + if (count($params) > 0) + { + foreach ($params as $key => $val) + { + $config[$key] = $val; + } + } + + // Load the Sessions class + $this->CI->load->library('session', $config); + + // Grab the shopping cart array from the session table, if it exists + if ($this->CI->session->userdata('cart_contents') !== FALSE) + { + $this->_cart_contents = $this->CI->session->userdata('cart_contents'); + } + else + { + // No cart exists so we'll set some base values + $this->_cart_contents['cart_total'] = 0; + $this->_cart_contents['total_items'] = 0; + } + + log_message('debug', "Cart Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Insert items into the cart and save it to the session table + * + * @access public + * @param array + * @return bool + */ + function insert($items = array()) + { + // Was any cart data passed? No? Bah... + if ( ! is_array($items) OR count($items) == 0) + { + log_message('error', 'The insert method must be passed an array containing data.'); + return FALSE; + } + + // You can either insert a single product using a one-dimensional array, + // or multiple products using a multi-dimensional one. The way we + // determine the array type is by looking for a required array key named "id" + // at the top level. If it's not found, we will assume it's a multi-dimensional array. + + $save_cart = FALSE; + if (isset($items['id'])) + { + if ($this->_insert($items) == TRUE) + { + $save_cart = TRUE; + } + } + else + { + foreach ($items as $val) + { + if (is_array($val) AND isset($val['id'])) + { + if ($this->_insert($val) == TRUE) + { + $save_cart = TRUE; + } + } + } + } + + // Save the cart data if the insert was successful + if ($save_cart == TRUE) + { + $this->_save_cart(); + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Insert + * + * @access private + * @param array + * @return bool + */ + function _insert($items = array()) + { + // Was any cart data passed? No? Bah... + if ( ! is_array($items) OR count($items) == 0) + { + log_message('error', 'The insert method must be passed an array containing data.'); + return FALSE; + } + + // -------------------------------------------------------------------- + + // Does the $items array contain an id, quantity, price, and name? These are required + if ( ! isset($items['id']) OR ! isset($items['qty']) OR ! isset($items['price']) OR ! isset($items['name'])) + { + log_message('error', 'The cart array must contain a product ID, quantity, price, and name.'); + return FALSE; + } + + // -------------------------------------------------------------------- + + // Prep the quantity. It can only be a number. Duh... + $items['qty'] = trim(preg_replace('/([^0-9])/i', '', $items['qty'])); + // Trim any leading zeros + $items['qty'] = trim(preg_replace('/(^[0]+)/i', '', $items['qty'])); + + // If the quantity is zero or blank there's nothing for us to do + if ( ! is_numeric($items['qty']) OR $items['qty'] == 0) + { + return FALSE; + } + + // -------------------------------------------------------------------- + + // Validate the product ID. It can only be alpha-numeric, dashes, underscores or periods + // Not totally sure we should impose this rule, but it seems prudent to standardize IDs. + // Note: These can be user-specified by setting the $this->product_id_rules variable. + if ( ! preg_match("/^[".$this->product_id_rules."]+$/i", $items['id'])) + { + log_message('error', 'Invalid product ID. The product ID can only contain alpha-numeric characters, dashes, and underscores'); + return FALSE; + } + + // -------------------------------------------------------------------- + + // Validate the product name. It can only be alpha-numeric, dashes, underscores, colons or periods. + // Note: These can be user-specified by setting the $this->product_name_rules variable. + if ( ! preg_match("/^[".$this->product_name_rules."]+$/i", $items['name'])) + { + log_message('error', 'An invalid name was submitted as the product name: '.$items['name'].' The name can only contain alpha-numeric characters, dashes, underscores, colons, and spaces'); + return FALSE; + } + + // -------------------------------------------------------------------- + + // Prep the price. Remove anything that isn't a number or decimal point. + $items['price'] = trim(preg_replace('/([^0-9\.])/i', '', $items['price'])); + // Trim any leading zeros + $items['price'] = trim(preg_replace('/(^[0]+)/i', '', $items['price'])); + + // Is the price a valid number? + if ( ! is_numeric($items['price'])) + { + log_message('error', 'An invalid price was submitted for product ID: '.$items['id']); + return FALSE; + } + + // -------------------------------------------------------------------- + + // We now need to create a unique identifier for the item being inserted into the cart. + // Every time something is added to the cart it is stored in the master cart array. + // Each row in the cart array, however, must have a unique index that identifies not only + // a particular product, but makes it possible to store identical products with different options. + // For example, what if someone buys two identical t-shirts (same product ID), but in + // different sizes? The product ID (and other attributes, like the name) will be identical for + // both sizes because it's the same shirt. The only difference will be the size. + // Internally, we need to treat identical submissions, but with different options, as a unique product. + // Our solution is to convert the options array to a string and MD5 it along with the product ID. + // This becomes the unique "row ID" + if (isset($items['options']) AND count($items['options']) > 0) + { + $rowid = md5($items['id'].implode('', $items['options'])); + } + else + { + // No options were submitted so we simply MD5 the product ID. + // Technically, we don't need to MD5 the ID in this case, but it makes + // sense to standardize the format of array indexes for both conditions + $rowid = md5($items['id']); + } + + // -------------------------------------------------------------------- + + // Now that we have our unique "row ID", we'll add our cart items to the master array + + // let's unset this first, just to make sure our index contains only the data from this submission + unset($this->_cart_contents[$rowid]); + + // Create a new index with our new row ID + $this->_cart_contents[$rowid]['rowid'] = $rowid; + + // And add the new items to the cart array + foreach ($items as $key => $val) + { + $this->_cart_contents[$rowid][$key] = $val; + } + + // Woot! + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Update the cart + * + * This function permits the quantity of a given item to be changed. + * Typically it is called from the "view cart" page if a user makes + * changes to the quantity before checkout. That array must contain the + * product ID and quantity for each item. + * + * @access public + * @param array + * @param string + * @return bool + */ + function update($items = array()) + { + // Was any cart data passed? + if ( ! is_array($items) OR count($items) == 0) + { + return FALSE; + } + + // You can either update a single product using a one-dimensional array, + // or multiple products using a multi-dimensional one. The way we + // determine the array type is by looking for a required array key named "id". + // If it's not found we assume it's a multi-dimensional array + $save_cart = FALSE; + if (isset($items['rowid']) AND isset($items['qty'])) + { + if ($this->_update($items) == TRUE) + { + $save_cart = TRUE; + } + } + else + { + foreach ($items as $val) + { + if (is_array($val) AND isset($val['rowid']) AND isset($val['qty'])) + { + if ($this->_update($val) == TRUE) + { + $save_cart = TRUE; + } + } + } + } + + // Save the cart data if the insert was successful + if ($save_cart == TRUE) + { + $this->_save_cart(); + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Update the cart + * + * This function permits the quantity of a given item to be changed. + * Typically it is called from the "view cart" page if a user makes + * changes to the quantity before checkout. That array must contain the + * product ID and quantity for each item. + * + * @access private + * @param array + * @return bool + */ + function _update($items = array()) + { + // Without these array indexes there is nothing we can do + if ( ! isset($items['qty']) OR ! isset($items['rowid']) OR ! isset($this->_cart_contents[$items['rowid']])) + { + return FALSE; + } + + // Prep the quantity + $items['qty'] = preg_replace('/([^0-9])/i', '', $items['qty']); + + // Is the quantity a number? + if ( ! is_numeric($items['qty'])) + { + return FALSE; + } + + // Is the new quantity different than what is already saved in the cart? + // If it's the same there's nothing to do + if ($this->_cart_contents[$items['rowid']]['qty'] == $items['qty']) + { + return FALSE; + } + + // Is the quantity zero? If so we will remove the item from the cart. + // If the quantity is greater than zero we are updating + if ($items['qty'] == 0) + { + unset($this->_cart_contents[$items['rowid']]); + } + else + { + $this->_cart_contents[$items['rowid']]['qty'] = $items['qty']; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Save the cart array to the session DB + * + * @access private + * @return bool + */ + function _save_cart() + { + // Unset these so our total can be calculated correctly below + unset($this->_cart_contents['total_items']); + unset($this->_cart_contents['cart_total']); + + // Lets add up the individual prices and set the cart sub-total + $total = 0; + foreach ($this->_cart_contents as $key => $val) + { + // We make sure the array contains the proper indexes + if ( ! is_array($val) OR ! isset($val['price']) OR ! isset($val['qty'])) + { + continue; + } + + $total += ($val['price'] * $val['qty']); + + // Set the subtotal + $this->_cart_contents[$key]['subtotal'] = ($this->_cart_contents[$key]['price'] * $this->_cart_contents[$key]['qty']); + } + + // Set the cart total and total items. + $this->_cart_contents['total_items'] = count($this->_cart_contents); + $this->_cart_contents['cart_total'] = $total; + + // Is our cart empty? If so we delete it from the session + if (count($this->_cart_contents) <= 2) + { + $this->CI->session->unset_userdata('cart_contents'); + + // Nothing more to do... coffee time! + return FALSE; + } + + // If we made it this far it means that our cart has data. + // Let's pass it to the Session class so it can be stored + $this->CI->session->set_userdata(array('cart_contents' => $this->_cart_contents)); + + // Woot! + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Cart Total + * + * @access public + * @return integer + */ + function total() + { + return $this->_cart_contents['cart_total']; + } + + // -------------------------------------------------------------------- + + /** + * Total Items + * + * Returns the total item count + * + * @access public + * @return integer + */ + function total_items() + { + return $this->_cart_contents['total_items']; + } + + // -------------------------------------------------------------------- + + /** + * Cart Contents + * + * Returns the entire cart array + * + * @access public + * @return array + */ + function contents() + { + $cart = $this->_cart_contents; + + // Remove these so they don't create a problem when showing the cart table + unset($cart['total_items']); + unset($cart['cart_total']); + + return $cart; + } + + // -------------------------------------------------------------------- + + /** + * Has options + * + * Returns TRUE if the rowid passed to this function correlates to an item + * that has options associated with it. + * + * @access public + * @return array + */ + function has_options($rowid = '') + { + if ( ! isset($this->_cart_contents[$rowid]['options']) OR count($this->_cart_contents[$rowid]['options']) === 0) + { + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Product options + * + * Returns the an array of options, for a particular product row ID + * + * @access public + * @return array + */ + function product_options($rowid = '') + { + if ( ! isset($this->_cart_contents[$rowid]['options'])) + { + return array(); + } + + return $this->_cart_contents[$rowid]['options']; + } + + // -------------------------------------------------------------------- + + /** + * Format Number + * + * Returns the supplied number with commas and a decimal point. + * + * @access public + * @return integer + */ + function format_number($n = '') + { + if ($n == '') + { + return ''; + } + + // Remove anything that isn't a number or decimal point. + $n = trim(preg_replace('/([^0-9\.])/i', '', $n)); + + return number_format($n, 2, '.', ','); + } + + // -------------------------------------------------------------------- + + /** + * Destroy the cart + * + * Empties the cart and kills the session + * + * @access public + * @return null + */ + function destroy() + { + unset($this->_cart_contents); + + $this->_cart_contents['cart_total'] = 0; + $this->_cart_contents['total_items'] = 0; + + $this->CI->session->unset_userdata('cart_contents'); + } + + +} +// END Cart Class + +/* End of file Cart.php */ +/* Location: ./system/libraries/Cart.php */
\ No newline at end of file diff --git a/system/libraries/Config.php b/system/libraries/Config.php new file mode 100644 index 000000000..4ef278635 --- /dev/null +++ b/system/libraries/Config.php @@ -0,0 +1,244 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * CodeIgniter Config Class + * + * This class contains functions that enable config files to be managed + * + * @package CodeIgniter + * @subpackage Libraries + * @category Libraries + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/config.html + */ +class CI_Config { + + var $config = array(); + var $is_loaded = array(); + + /** + * Constructor + * + * Sets the $config data from the primary config.php file as a class variable + * + * @access public + * @param string the config file name + * @param boolean if configuration values should be loaded into their own section + * @param boolean true if errors should just return false, false if an error message should be displayed + * @return boolean if the file was successfully loaded or not + */ + function CI_Config() + { + $this->config =& get_config(); + log_message('debug', "Config Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Load Config File + * + * @access public + * @param string the config file name + * @return boolean if the file was loaded correctly + */ + function load($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) + { + $file = ($file == '') ? 'config' : str_replace(EXT, '', $file); + + if (in_array($file, $this->is_loaded, TRUE)) + { + return TRUE; + } + + if ( ! file_exists(APPPATH.'config/'.$file.EXT)) + { + if ($fail_gracefully === TRUE) + { + return FALSE; + } + show_error('The configuration file '.$file.EXT.' does not exist.'); + } + + include(APPPATH.'config/'.$file.EXT); + + if ( ! isset($config) OR ! is_array($config)) + { + if ($fail_gracefully === TRUE) + { + return FALSE; + } + show_error('Your '.$file.EXT.' file does not appear to contain a valid configuration array.'); + } + + if ($use_sections === TRUE) + { + if (isset($this->config[$file])) + { + $this->config[$file] = array_merge($this->config[$file], $config); + } + else + { + $this->config[$file] = $config; + } + } + else + { + $this->config = array_merge($this->config, $config); + } + + $this->is_loaded[] = $file; + unset($config); + + log_message('debug', 'Config file loaded: config/'.$file.EXT); + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Fetch a config file item + * + * + * @access public + * @param string the config item name + * @param string the index name + * @param bool + * @return string + */ + function item($item, $index = '') + { + if ($index == '') + { + if ( ! isset($this->config[$item])) + { + return FALSE; + } + + $pref = $this->config[$item]; + } + else + { + if ( ! isset($this->config[$index])) + { + return FALSE; + } + + if ( ! isset($this->config[$index][$item])) + { + return FALSE; + } + + $pref = $this->config[$index][$item]; + } + + return $pref; + } + + // -------------------------------------------------------------------- + + /** + * Fetch a config file item - adds slash after item + * + * The second parameter allows a slash to be added to the end of + * the item, in the case of a path. + * + * @access public + * @param string the config item name + * @param bool + * @return string + */ + function slash_item($item) + { + if ( ! isset($this->config[$item])) + { + return FALSE; + } + + $pref = $this->config[$item]; + + if ($pref != '' && substr($pref, -1) != '/') + { + $pref .= '/'; + } + + return $pref; + } + + // -------------------------------------------------------------------- + + /** + * Site URL + * + * @access public + * @param string the URI string + * @return string + */ + function site_url($uri = '') + { + if (is_array($uri)) + { + $uri = implode('/', $uri); + } + + if ($uri == '') + { + return $this->slash_item('base_url').$this->item('index_page'); + } + else + { + $suffix = ($this->item('url_suffix') == FALSE) ? '' : $this->item('url_suffix'); + return $this->slash_item('base_url').$this->slash_item('index_page').trim($uri, '/').$suffix; + } + } + + // -------------------------------------------------------------------- + + /** + * System URL + * + * @access public + * @return string + */ + function system_url() + { + $x = explode("/", preg_replace("|/*(.+?)/*$|", "\\1", BASEPATH)); + return $this->slash_item('base_url').end($x).'/'; + } + + // -------------------------------------------------------------------- + + /** + * Set a config file item + * + * @access public + * @param string the config item key + * @param string the config item value + * @return void + */ + function set_item($item, $value) + { + $this->config[$item] = $value; + } + +} + +// END CI_Config class + +/* End of file Config.php */ +/* Location: ./system/libraries/Config.php */
\ No newline at end of file diff --git a/system/libraries/Controller.php b/system/libraries/Controller.php new file mode 100644 index 000000000..5e93de3bf --- /dev/null +++ b/system/libraries/Controller.php @@ -0,0 +1,127 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * CodeIgniter Application Controller Class + * + * This class object is the super class that every library in + * CodeIgniter will be assigned to. + * + * @package CodeIgniter + * @subpackage Libraries + * @category Libraries + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/general/controllers.html + */ +class Controller extends CI_Base { + + var $_ci_scaffolding = FALSE; + var $_ci_scaff_table = FALSE; + + /** + * Constructor + * + * Calls the initialize() function + */ + function Controller() + { + parent::CI_Base(); + $this->_ci_initialize(); + log_message('debug', "Controller Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Initialize + * + * Assigns all the bases classes loaded by the front controller to + * variables in this class. Also calls the autoload routine. + * + * @access private + * @return void + */ + function _ci_initialize() + { + // Assign all the class objects that were instantiated by the + // front controller to local class variables so that CI can be + // run as one big super object. + $classes = array( + 'config' => 'Config', + 'input' => 'Input', + 'benchmark' => 'Benchmark', + 'uri' => 'URI', + 'output' => 'Output', + 'lang' => 'Language', + 'router' => 'Router' + ); + + foreach ($classes as $var => $class) + { + $this->$var =& load_class($class); + } + + // In PHP 5 the Loader class is run as a discreet + // class. In PHP 4 it extends the Controller + if (floor(phpversion()) >= 5) + { + $this->load =& load_class('Loader'); + $this->load->_ci_autoloader(); + } + else + { + $this->_ci_autoloader(); + + // sync up the objects since PHP4 was working from a copy + foreach (array_keys(get_object_vars($this)) as $attribute) + { + if (is_object($this->$attribute)) + { + $this->load->$attribute =& $this->$attribute; + } + } + } + } + + // -------------------------------------------------------------------- + + /** + * Run Scaffolding + * + * @access private + * @return void + */ + function _ci_scaffolding() + { + if ($this->_ci_scaffolding === FALSE OR $this->_ci_scaff_table === FALSE) + { + show_404('Scaffolding unavailable'); + } + + $method = ( ! in_array($this->uri->segment(3), array('add', 'insert', 'edit', 'update', 'view', 'delete', 'do_delete'), TRUE)) ? 'view' : $this->uri->segment(3); + + require_once(BASEPATH.'scaffolding/Scaffolding'.EXT); + $scaff = new Scaffolding($this->_ci_scaff_table); + $scaff->$method(); + } + + +} +// END _Controller class + +/* End of file Controller.php */ +/* Location: ./system/libraries/Controller.php */
\ No newline at end of file diff --git a/system/libraries/Email.php b/system/libraries/Email.php new file mode 100644 index 000000000..585815934 --- /dev/null +++ b/system/libraries/Email.php @@ -0,0 +1,2041 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * CodeIgniter Email Class + * + * Permits email to be sent using Mail, Sendmail, or SMTP. + * + * @package CodeIgniter + * @subpackage Libraries + * @category Libraries + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/email.html + */ +class CI_Email { + + var $useragent = "CodeIgniter"; + var $mailpath = "/usr/sbin/sendmail"; // Sendmail path + var $protocol = "mail"; // mail/sendmail/smtp + var $smtp_host = ""; // SMTP Server. Example: mail.earthlink.net + var $smtp_user = ""; // SMTP Username + var $smtp_pass = ""; // SMTP Password + var $smtp_port = "25"; // SMTP Port + var $smtp_timeout = 5; // SMTP Timeout in seconds + var $wordwrap = TRUE; // TRUE/FALSE Turns word-wrap on/off + var $wrapchars = "76"; // Number of characters to wrap at. + var $mailtype = "text"; // text/html Defines email formatting + var $charset = "utf-8"; // Default char set: iso-8859-1 or us-ascii + var $multipart = "mixed"; // "mixed" (in the body) or "related" (separate) + var $alt_message = ''; // Alternative message for HTML emails + var $validate = FALSE; // TRUE/FALSE. Enables email validation + var $priority = "3"; // Default priority (1 - 5) + var $newline = "\n"; // Default newline. "\r\n" or "\n" (Use "\r\n" to comply with RFC 822) + var $crlf = "\n"; // The RFC 2045 compliant CRLF for quoted-printable is "\r\n". Apparently some servers, + // even on the receiving end think they need to muck with CRLFs, so using "\n", while + // distasteful, is the only thing that seems to work for all environments. + var $send_multipart = TRUE; // TRUE/FALSE - Yahoo does not like multipart alternative, so this is an override. Set to FALSE for Yahoo. + var $bcc_batch_mode = FALSE; // TRUE/FALSE Turns on/off Bcc batch feature + var $bcc_batch_size = 200; // If bcc_batch_mode = TRUE, sets max number of Bccs in each batch + var $_safe_mode = FALSE; + var $_subject = ""; + var $_body = ""; + var $_finalbody = ""; + var $_alt_boundary = ""; + var $_atc_boundary = ""; + var $_header_str = ""; + var $_smtp_connect = ""; + var $_encoding = "8bit"; + var $_IP = FALSE; + var $_smtp_auth = FALSE; + var $_replyto_flag = FALSE; + var $_debug_msg = array(); + var $_recipients = array(); + var $_cc_array = array(); + var $_bcc_array = array(); + var $_headers = array(); + var $_attach_name = array(); + var $_attach_type = array(); + var $_attach_disp = array(); + var $_protocols = array('mail', 'sendmail', 'smtp'); + var $_base_charsets = array('us-ascii', 'iso-2022-'); // 7-bit charsets (excluding language suffix) + var $_bit_depths = array('7bit', '8bit'); + var $_priorities = array('1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)'); + + + /** + * Constructor - Sets Email Preferences + * + * The constructor can be passed an array of config values + */ + function CI_Email($config = array()) + { + if (count($config) > 0) + { + $this->initialize($config); + } + else + { + $this->_smtp_auth = ($this->smtp_user == '' AND $this->smtp_pass == '') ? FALSE : TRUE; + $this->_safe_mode = ((boolean)@ini_get("safe_mode") === FALSE) ? FALSE : TRUE; + } + + log_message('debug', "Email Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Initialize preferences + * + * @access public + * @param array + * @return void + */ + function initialize($config = array()) + { + $this->clear(); + foreach ($config as $key => $val) + { + if (isset($this->$key)) + { + $method = 'set_'.$key; + + if (method_exists($this, $method)) + { + $this->$method($val); + } + else + { + $this->$key = $val; + } + } + } + + $this->_smtp_auth = ($this->smtp_user == '' AND $this->smtp_pass == '') ? FALSE : TRUE; + $this->_safe_mode = ((boolean)@ini_get("safe_mode") === FALSE) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Initialize the Email Data + * + * @access public + * @return void + */ + function clear($clear_attachments = FALSE) + { + $this->_subject = ""; + $this->_body = ""; + $this->_finalbody = ""; + $this->_header_str = ""; + $this->_replyto_flag = FALSE; + $this->_recipients = array(); + $this->_headers = array(); + $this->_debug_msg = array(); + + $this->_set_header('User-Agent', $this->useragent); + $this->_set_header('Date', $this->_set_date()); + + if ($clear_attachments !== FALSE) + { + $this->_attach_name = array(); + $this->_attach_type = array(); + $this->_attach_disp = array(); + } + } + + // -------------------------------------------------------------------- + + /** + * Set FROM + * + * @access public + * @param string + * @param string + * @return void + */ + function from($from, $name = '') + { + if (preg_match( '/\<(.*)\>/', $from, $match)) + { + $from = $match['1']; + } + + if ($this->validate) + { + $this->validate_email($this->_str_to_array($from)); + } + + // prepare the display name + if ($name != '') + { + // only use Q encoding if there are characters that would require it + if ( ! preg_match('/[\200-\377]/', $name)) + { + // add slashes for non-printing characters, slashes, and double quotes, and surround it in double quotes + $name = '"'.addcslashes($name, "\0..\37\177'\"\\").'"'; + } + else + { + $name = $this->_prep_q_encoding($name, TRUE); + } + } + + $this->_set_header('From', $name.' <'.$from.'>'); + $this->_set_header('Return-Path', '<'.$from.'>'); + } + + // -------------------------------------------------------------------- + + /** + * Set Reply-to + * + * @access public + * @param string + * @param string + * @return void + */ + function reply_to($replyto, $name = '') + { + if (preg_match( '/\<(.*)\>/', $replyto, $match)) + { + $replyto = $match['1']; + } + + if ($this->validate) + { + $this->validate_email($this->_str_to_array($replyto)); + } + + if ($name == '') + { + $name = $replyto; + } + + if (strncmp($name, '"', 1) != 0) + { + $name = '"'.$name.'"'; + } + + $this->_set_header('Reply-To', $name.' <'.$replyto.'>'); + $this->_replyto_flag = TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Set Recipients + * + * @access public + * @param string + * @return void + */ + function to($to) + { + $to = $this->_str_to_array($to); + $to = $this->clean_email($to); + + if ($this->validate) + { + $this->validate_email($to); + } + + if ($this->_get_protocol() != 'mail') + { + $this->_set_header('To', implode(", ", $to)); + } + + switch ($this->_get_protocol()) + { + case 'smtp' : $this->_recipients = $to; + break; + case 'sendmail' : $this->_recipients = implode(", ", $to); + break; + case 'mail' : $this->_recipients = implode(", ", $to); + break; + } + } + + // -------------------------------------------------------------------- + + /** + * Set CC + * + * @access public + * @param string + * @return void + */ + function cc($cc) + { + $cc = $this->_str_to_array($cc); + $cc = $this->clean_email($cc); + + if ($this->validate) + { + $this->validate_email($cc); + } + + $this->_set_header('Cc', implode(", ", $cc)); + + if ($this->_get_protocol() == "smtp") + { + $this->_cc_array = $cc; + } + } + + // -------------------------------------------------------------------- + + /** + * Set BCC + * + * @access public + * @param string + * @param string + * @return void + */ + function bcc($bcc, $limit = '') + { + if ($limit != '' && is_numeric($limit)) + { + $this->bcc_batch_mode = TRUE; + $this->bcc_batch_size = $limit; + } + + $bcc = $this->_str_to_array($bcc); + $bcc = $this->clean_email($bcc); + + if ($this->validate) + { + $this->validate_email($bcc); + } + + if (($this->_get_protocol() == "smtp") OR ($this->bcc_batch_mode && count($bcc) > $this->bcc_batch_size)) + { + $this->_bcc_array = $bcc; + } + else + { + $this->_set_header('Bcc', implode(", ", $bcc)); + } + } + + // -------------------------------------------------------------------- + + /** + * Set Email Subject + * + * @access public + * @param string + * @return void + */ + function subject($subject) + { + $subject = $this->_prep_q_encoding($subject); + $this->_set_header('Subject', $subject); + } + + // -------------------------------------------------------------------- + + /** + * Set Body + * + * @access public + * @param string + * @return void + */ + function message($body) + { + $this->_body = stripslashes(rtrim(str_replace("\r", "", $body))); + } + + // -------------------------------------------------------------------- + + /** + * Assign file attachments + * + * @access public + * @param string + * @return void + */ + function attach($filename, $disposition = 'attachment') + { + $this->_attach_name[] = $filename; + $this->_attach_type[] = $this->_mime_types(next(explode('.', basename($filename)))); + $this->_attach_disp[] = $disposition; // Can also be 'inline' Not sure if it matters + } + + // -------------------------------------------------------------------- + + /** + * Add a Header Item + * + * @access private + * @param string + * @param string + * @return void + */ + function _set_header($header, $value) + { + $this->_headers[$header] = $value; + } + + // -------------------------------------------------------------------- + + /** + * Convert a String to an Array + * + * @access private + * @param string + * @return array + */ + function _str_to_array($email) + { + if ( ! is_array($email)) + { + if (strpos($email, ',') !== FALSE) + { + $email = preg_split('/[\s,]/', $email, -1, PREG_SPLIT_NO_EMPTY); + } + else + { + $email = trim($email); + settype($email, "array"); + } + } + return $email; + } + + // -------------------------------------------------------------------- + + /** + * Set Multipart Value + * + * @access public + * @param string + * @return void + */ + function set_alt_message($str = '') + { + $this->alt_message = ($str == '') ? '' : $str; + } + + // -------------------------------------------------------------------- + + /** + * Set Mailtype + * + * @access public + * @param string + * @return void + */ + function set_mailtype($type = 'text') + { + $this->mailtype = ($type == 'html') ? 'html' : 'text'; + } + + // -------------------------------------------------------------------- + + /** + * Set Wordwrap + * + * @access public + * @param string + * @return void + */ + function set_wordwrap($wordwrap = TRUE) + { + $this->wordwrap = ($wordwrap === FALSE) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Set Protocol + * + * @access public + * @param string + * @return void + */ + function set_protocol($protocol = 'mail') + { + $this->protocol = ( ! in_array($protocol, $this->_protocols, TRUE)) ? 'mail' : strtolower($protocol); + } + + // -------------------------------------------------------------------- + + /** + * Set Priority + * + * @access public + * @param integer + * @return void + */ + function set_priority($n = 3) + { + if ( ! is_numeric($n)) + { + $this->priority = 3; + return; + } + + if ($n < 1 OR $n > 5) + { + $this->priority = 3; + return; + } + + $this->priority = $n; + } + + // -------------------------------------------------------------------- + + /** + * Set Newline Character + * + * @access public + * @param string + * @return void + */ + function set_newline($newline = "\n") + { + if ($newline != "\n" AND $newline != "\r\n" AND $newline != "\r") + { + $this->newline = "\n"; + return; + } + + $this->newline = $newline; + } + + // -------------------------------------------------------------------- + + /** + * Set CRLF + * + * @access public + * @param string + * @return void + */ + function set_crlf($crlf = "\n") + { + if ($crlf != "\n" AND $crlf != "\r\n" AND $crlf != "\r") + { + $this->crlf = "\n"; + return; + } + + $this->crlf = $crlf; + } + + // -------------------------------------------------------------------- + + /** + * Set Message Boundary + * + * @access private + * @return void + */ + function _set_boundaries() + { + $this->_alt_boundary = "B_ALT_".uniqid(''); // multipart/alternative + $this->_atc_boundary = "B_ATC_".uniqid(''); // attachment boundary + } + + // -------------------------------------------------------------------- + + /** + * Get the Message ID + * + * @access private + * @return string + */ + function _get_message_id() + { + $from = $this->_headers['Return-Path']; + $from = str_replace(">", "", $from); + $from = str_replace("<", "", $from); + + return "<".uniqid('').strstr($from, '@').">"; + } + + // -------------------------------------------------------------------- + + /** + * Get Mail Protocol + * + * @access private + * @param bool + * @return string + */ + function _get_protocol($return = TRUE) + { + $this->protocol = strtolower($this->protocol); + $this->protocol = ( ! in_array($this->protocol, $this->_protocols, TRUE)) ? 'mail' : $this->protocol; + + if ($return == TRUE) + { + return $this->protocol; + } + } + + // -------------------------------------------------------------------- + + /** + * Get Mail Encoding + * + * @access private + * @param bool + * @return string + */ + function _get_encoding($return = TRUE) + { + $this->_encoding = ( ! in_array($this->_encoding, $this->_bit_depths)) ? '8bit' : $this->_encoding; + + foreach ($this->_base_charsets as $charset) + { + if (strncmp($charset, $this->charset, strlen($charset)) == 0) + { + $this->_encoding = '7bit'; + } + } + + if ($return == TRUE) + { + return $this->_encoding; + } + } + + // -------------------------------------------------------------------- + + /** + * Get content type (text/html/attachment) + * + * @access private + * @return string + */ + function _get_content_type() + { + if ($this->mailtype == 'html' && count($this->_attach_name) == 0) + { + return 'html'; + } + elseif ($this->mailtype == 'html' && count($this->_attach_name) > 0) + { + return 'html-attach'; + } + elseif ($this->mailtype == 'text' && count($this->_attach_name) > 0) + { + return 'plain-attach'; + } + else + { + return 'plain'; + } + } + + // -------------------------------------------------------------------- + + /** + * Set RFC 822 Date + * + * @access private + * @return string + */ + function _set_date() + { + $timezone = date("Z"); + $operator = (strncmp($timezone, '-', 1) == 0) ? '-' : '+'; + $timezone = abs($timezone); + $timezone = floor($timezone/3600) * 100 + ($timezone % 3600 ) / 60; + + return sprintf("%s %s%04d", date("D, j M Y H:i:s"), $operator, $timezone); + } + + // -------------------------------------------------------------------- + + /** + * Mime message + * + * @access private + * @return string + */ + function _get_mime_message() + { + return "This is a multi-part message in MIME format.".$this->newline."Your email application may not support this format."; + } + + // -------------------------------------------------------------------- + + /** + * Validate Email Address + * + * @access public + * @param string + * @return bool + */ + function validate_email($email) + { + if ( ! is_array($email)) + { + $this->_set_error_message('email_must_be_array'); + return FALSE; + } + + foreach ($email as $val) + { + if ( ! $this->valid_email($val)) + { + $this->_set_error_message('email_invalid_address', $val); + return FALSE; + } + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Email Validation + * + * @access public + * @param string + * @return bool + */ + function valid_email($address) + { + return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $address)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Clean Extended Email Address: Joe Smith <joe@smith.com> + * + * @access public + * @param string + * @return string + */ + function clean_email($email) + { + if ( ! is_array($email)) + { + if (preg_match('/\<(.*)\>/', $email, $match)) + { + return $match['1']; + } + else + { + return $email; + } + } + + $clean_email = array(); + + foreach ($email as $addy) + { + if (preg_match( '/\<(.*)\>/', $addy, $match)) + { + $clean_email[] = $match['1']; + } + else + { + $clean_email[] = $addy; + } + } + + return $clean_email; + } + + // -------------------------------------------------------------------- + + /** + * Build alternative plain text message + * + * This function provides the raw message for use + * in plain-text headers of HTML-formatted emails. + * If the user hasn't specified his own alternative message + * it creates one by stripping the HTML + * + * @access private + * @return string + */ + function _get_alt_message() + { + if ($this->alt_message != "") + { + return $this->word_wrap($this->alt_message, '76'); + } + + if (preg_match('/\<body.*?\>(.*)\<\/body\>/si', $this->_body, $match)) + { + $body = $match['1']; + } + else + { + $body = $this->_body; + } + + $body = trim(strip_tags($body)); + $body = preg_replace( '#<!--(.*)--\>#', "", $body); + $body = str_replace("\t", "", $body); + + for ($i = 20; $i >= 3; $i--) + { + $n = ""; + + for ($x = 1; $x <= $i; $x ++) + { + $n .= "\n"; + } + + $body = str_replace($n, "\n\n", $body); + } + + return $this->word_wrap($body, '76'); + } + + // -------------------------------------------------------------------- + + /** + * Word Wrap + * + * @access public + * @param string + * @param integer + * @return string + */ + function word_wrap($str, $charlim = '') + { + // Se the character limit + if ($charlim == '') + { + $charlim = ($this->wrapchars == "") ? "76" : $this->wrapchars; + } + + // Reduce multiple spaces + $str = preg_replace("| +|", " ", $str); + + // Standardize newlines + if (strpos($str, "\r") !== FALSE) + { + $str = str_replace(array("\r\n", "\r"), "\n", $str); + } + + // If the current word is surrounded by {unwrap} tags we'll + // strip the entire chunk and replace it with a marker. + $unwrap = array(); + if (preg_match_all("|(\{unwrap\}.+?\{/unwrap\})|s", $str, $matches)) + { + for ($i = 0; $i < count($matches['0']); $i++) + { + $unwrap[] = $matches['1'][$i]; + $str = str_replace($matches['1'][$i], "{{unwrapped".$i."}}", $str); + } + } + + // Use PHP's native function to do the initial wordwrap. + // We set the cut flag to FALSE so that any individual words that are + // too long get left alone. In the next step we'll deal with them. + $str = wordwrap($str, $charlim, "\n", FALSE); + + // Split the string into individual lines of text and cycle through them + $output = ""; + foreach (explode("\n", $str) as $line) + { + // Is the line within the allowed character count? + // If so we'll join it to the output and continue + if (strlen($line) <= $charlim) + { + $output .= $line.$this->newline; + continue; + } + + $temp = ''; + while((strlen($line)) > $charlim) + { + // If the over-length word is a URL we won't wrap it + if (preg_match("!\[url.+\]|://|wwww.!", $line)) + { + break; + } + + // Trim the word down + $temp .= substr($line, 0, $charlim-1); + $line = substr($line, $charlim-1); + } + + // If $temp contains data it means we had to split up an over-length + // word into smaller chunks so we'll add it back to our current line + if ($temp != '') + { + $output .= $temp.$this->newline.$line; + } + else + { + $output .= $line; + } + + $output .= $this->newline; + } + + // Put our markers back + if (count($unwrap) > 0) + { + foreach ($unwrap as $key => $val) + { + $output = str_replace("{{unwrapped".$key."}}", $val, $output); + } + } + + return $output; + } + + // -------------------------------------------------------------------- + + /** + * Build final headers + * + * @access private + * @param string + * @return string + */ + function _build_headers() + { + $this->_set_header('X-Sender', $this->clean_email($this->_headers['From'])); + $this->_set_header('X-Mailer', $this->useragent); + $this->_set_header('X-Priority', $this->_priorities[$this->priority - 1]); + $this->_set_header('Message-ID', $this->_get_message_id()); + $this->_set_header('Mime-Version', '1.0'); + } + + // -------------------------------------------------------------------- + + /** + * Write Headers as a string + * + * @access private + * @return void + */ + function _write_headers() + { + if ($this->protocol == 'mail') + { + $this->_subject = $this->_headers['Subject']; + unset($this->_headers['Subject']); + } + + reset($this->_headers); + $this->_header_str = ""; + + foreach($this->_headers as $key => $val) + { + $val = trim($val); + + if ($val != "") + { + $this->_header_str .= $key.": ".$val.$this->newline; + } + } + + if ($this->_get_protocol() == 'mail') + { + $this->_header_str = rtrim($this->_header_str); + } + } + + // -------------------------------------------------------------------- + + /** + * Build Final Body and attachments + * + * @access private + * @return void + */ + function _build_message() + { + if ($this->wordwrap === TRUE AND $this->mailtype != 'html') + { + $this->_body = $this->word_wrap($this->_body); + } + + $this->_set_boundaries(); + $this->_write_headers(); + + $hdr = ($this->_get_protocol() == 'mail') ? $this->newline : ''; + + switch ($this->_get_content_type()) + { + case 'plain' : + + $hdr .= "Content-Type: text/plain; charset=" . $this->charset . $this->newline; + $hdr .= "Content-Transfer-Encoding: " . $this->_get_encoding(); + + if ($this->_get_protocol() == 'mail') + { + $this->_header_str .= $hdr; + $this->_finalbody = $this->_body; + + return; + } + + $hdr .= $this->newline . $this->newline . $this->_body; + + $this->_finalbody = $hdr; + return; + + break; + case 'html' : + + if ($this->send_multipart === FALSE) + { + $hdr .= "Content-Type: text/html; charset=" . $this->charset . $this->newline; + $hdr .= "Content-Transfer-Encoding: quoted-printable"; + } + else + { + $hdr .= "Content-Type: multipart/alternative; boundary=\"" . $this->_alt_boundary . "\"" . $this->newline . $this->newline; + $hdr .= $this->_get_mime_message() . $this->newline . $this->newline; + $hdr .= "--" . $this->_alt_boundary . $this->newline; + + $hdr .= "Content-Type: text/plain; charset=" . $this->charset . $this->newline; + $hdr .= "Content-Transfer-Encoding: " . $this->_get_encoding() . $this->newline . $this->newline; + $hdr .= $this->_get_alt_message() . $this->newline . $this->newline . "--" . $this->_alt_boundary . $this->newline; + + $hdr .= "Content-Type: text/html; charset=" . $this->charset . $this->newline; + $hdr .= "Content-Transfer-Encoding: quoted-printable"; + } + + $this->_body = $this->_prep_quoted_printable($this->_body); + + if ($this->_get_protocol() == 'mail') + { + $this->_header_str .= $hdr; + $this->_finalbody = $this->_body . $this->newline . $this->newline; + + if ($this->send_multipart !== FALSE) + { + $this->_finalbody .= "--" . $this->_alt_boundary . "--"; + } + + return; + } + + $hdr .= $this->newline . $this->newline; + $hdr .= $this->_body . $this->newline . $this->newline; + + if ($this->send_multipart !== FALSE) + { + $hdr .= "--" . $this->_alt_boundary . "--"; + } + + $this->_finalbody = $hdr; + return; + + break; + case 'plain-attach' : + + $hdr .= "Content-Type: multipart/".$this->multipart."; boundary=\"" . $this->_atc_boundary."\"" . $this->newline . $this->newline; + $hdr .= $this->_get_mime_message() . $this->newline . $this->newline; + $hdr .= "--" . $this->_atc_boundary . $this->newline; + + $hdr .= "Content-Type: text/plain; charset=" . $this->charset . $this->newline; + $hdr .= "Content-Transfer-Encoding: " . $this->_get_encoding(); + + if ($this->_get_protocol() == 'mail') + { + $this->_header_str .= $hdr; + + $body = $this->_body . $this->newline . $this->newline; + } + + $hdr .= $this->newline . $this->newline; + $hdr .= $this->_body . $this->newline . $this->newline; + + break; + case 'html-attach' : + + $hdr .= "Content-Type: multipart/".$this->multipart."; boundary=\"" . $this->_atc_boundary."\"" . $this->newline . $this->newline; + $hdr .= $this->_get_mime_message() . $this->newline . $this->newline; + $hdr .= "--" . $this->_atc_boundary . $this->newline; + + $hdr .= "Content-Type: multipart/alternative; boundary=\"" . $this->_alt_boundary . "\"" . $this->newline .$this->newline; + $hdr .= "--" . $this->_alt_boundary . $this->newline; + + $hdr .= "Content-Type: text/plain; charset=" . $this->charset . $this->newline; + $hdr .= "Content-Transfer-Encoding: " . $this->_get_encoding() . $this->newline . $this->newline; + $hdr .= $this->_get_alt_message() . $this->newline . $this->newline . "--" . $this->_alt_boundary . $this->newline; + + $hdr .= "Content-Type: text/html; charset=" . $this->charset . $this->newline; + $hdr .= "Content-Transfer-Encoding: quoted-printable"; + + $this->_body = $this->_prep_quoted_printable($this->_body); + + if ($this->_get_protocol() == 'mail') + { + $this->_header_str .= $hdr; + + $body = $this->_body . $this->newline . $this->newline; + $body .= "--" . $this->_alt_boundary . "--" . $this->newline . $this->newline; + } + + $hdr .= $this->newline . $this->newline; + $hdr .= $this->_body . $this->newline . $this->newline; + $hdr .= "--" . $this->_alt_boundary . "--" . $this->newline . $this->newline; + + break; + } + + $attachment = array(); + + $z = 0; + + for ($i=0; $i < count($this->_attach_name); $i++) + { + $filename = $this->_attach_name[$i]; + $basename = basename($filename); + $ctype = $this->_attach_type[$i]; + + if ( ! file_exists($filename)) + { + $this->_set_error_message('email_attachment_missing', $filename); + return FALSE; + } + + $h = "--".$this->_atc_boundary.$this->newline; + $h .= "Content-type: ".$ctype."; "; + $h .= "name=\"".$basename."\"".$this->newline; + $h .= "Content-Disposition: ".$this->_attach_disp[$i].";".$this->newline; + $h .= "Content-Transfer-Encoding: base64".$this->newline; + + $attachment[$z++] = $h; + $file = filesize($filename) +1; + + if ( ! $fp = fopen($filename, FOPEN_READ)) + { + $this->_set_error_message('email_attachment_unreadable', $filename); + return FALSE; + } + + $attachment[$z++] = chunk_split(base64_encode(fread($fp, $file))); + fclose($fp); + } + + if ($this->_get_protocol() == 'mail') + { + $this->_finalbody = $body . implode($this->newline, $attachment).$this->newline."--".$this->_atc_boundary."--"; + + return; + } + + $this->_finalbody = $hdr.implode($this->newline, $attachment).$this->newline."--".$this->_atc_boundary."--"; + + return; + } + + // -------------------------------------------------------------------- + + /** + * Prep Quoted Printable + * + * Prepares string for Quoted-Printable Content-Transfer-Encoding + * Refer to RFC 2045 http://www.ietf.org/rfc/rfc2045.txt + * + * @access private + * @param string + * @param integer + * @return string + */ + function _prep_quoted_printable($str, $charlim = '') + { + // Set the character limit + // Don't allow over 76, as that will make servers and MUAs barf + // all over quoted-printable data + if ($charlim == '' OR $charlim > '76') + { + $charlim = '76'; + } + + // Reduce multiple spaces + $str = preg_replace("| +|", " ", $str); + + // kill nulls + $str = preg_replace('/\x00+/', '', $str); + + // Standardize newlines + if (strpos($str, "\r") !== FALSE) + { + $str = str_replace(array("\r\n", "\r"), "\n", $str); + } + + // We are intentionally wrapping so mail servers will encode characters + // properly and MUAs will behave, so {unwrap} must go! + $str = str_replace(array('{unwrap}', '{/unwrap}'), '', $str); + + // Break into an array of lines + $lines = explode("\n", $str); + + $escape = '='; + $output = ''; + + foreach ($lines as $line) + { + $length = strlen($line); + $temp = ''; + + // Loop through each character in the line to add soft-wrap + // characters at the end of a line " =\r\n" and add the newly + // processed line(s) to the output (see comment on $crlf class property) + for ($i = 0; $i < $length; $i++) + { + // Grab the next character + $char = substr($line, $i, 1); + $ascii = ord($char); + + // Convert spaces and tabs but only if it's the end of the line + if ($i == ($length - 1)) + { + $char = ($ascii == '32' OR $ascii == '9') ? $escape.sprintf('%02s', dechex($ascii)) : $char; + } + + // encode = signs + if ($ascii == '61') + { + $char = $escape.strtoupper(sprintf('%02s', dechex($ascii))); // =3D + } + + // If we're at the character limit, add the line to the output, + // reset our temp variable, and keep on chuggin' + if ((strlen($temp) + strlen($char)) >= $charlim) + { + $output .= $temp.$escape.$this->crlf; + $temp = ''; + } + + // Add the character to our temporary line + $temp .= $char; + } + + // Add our completed line to the output + $output .= $temp.$this->crlf; + } + + // get rid of extra CRLF tacked onto the end + $output = substr($output, 0, strlen($this->crlf) * -1); + + return $output; + } + + // -------------------------------------------------------------------- + + /** + * Prep Q Encoding + * + * Performs "Q Encoding" on a string for use in email headers. It's related + * but not identical to quoted-printable, so it has its own method + * + * @access public + * @param str + * @param bool // set to TRUE for processing From: headers + * @return str + */ + function _prep_q_encoding($str, $from = FALSE) + { + $str = str_replace(array("\r", "\n"), array('', ''), $str); + + // Line length must not exceed 76 characters, so we adjust for + // a space, 7 extra characters =??Q??=, and the charset that we will add to each line + $limit = 75 - 7 - strlen($this->charset); + + // these special characters must be converted too + $convert = array('_', '=', '?'); + + if ($from === TRUE) + { + $convert[] = ','; + $convert[] = ';'; + } + + $output = ''; + $temp = ''; + + for ($i = 0, $length = strlen($str); $i < $length; $i++) + { + // Grab the next character + $char = substr($str, $i, 1); + $ascii = ord($char); + + // convert ALL non-printable ASCII characters and our specials + if ($ascii < 32 OR $ascii > 126 OR in_array($char, $convert)) + { + $char = '='.dechex($ascii); + } + + // handle regular spaces a bit more compactly than =20 + if ($ascii == 32) + { + $char = '_'; + } + + // If we're at the character limit, add the line to the output, + // reset our temp variable, and keep on chuggin' + if ((strlen($temp) + strlen($char)) >= $limit) + { + $output .= $temp.$this->crlf; + $temp = ''; + } + + // Add the character to our temporary line + $temp .= $char; + } + + $str = $output.$temp; + + // wrap each line with the shebang, charset, and transfer encoding + // the preceding space on successive lines is required for header "folding" + $str = trim(preg_replace('/^(.*)$/m', ' =?'.$this->charset.'?Q?$1?=', $str)); + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Send Email + * + * @access public + * @return bool + */ + function send() + { + if ($this->_replyto_flag == FALSE) + { + $this->reply_to($this->_headers['From']); + } + + if (( ! isset($this->_recipients) AND ! isset($this->_headers['To'])) AND + ( ! isset($this->_bcc_array) AND ! isset($this->_headers['Bcc'])) AND + ( ! isset($this->_headers['Cc']))) + { + $this->_set_error_message('email_no_recipients'); + return FALSE; + } + + $this->_build_headers(); + + if ($this->bcc_batch_mode AND count($this->_bcc_array) > 0) + { + if (count($this->_bcc_array) > $this->bcc_batch_size) + return $this->batch_bcc_send(); + } + + $this->_build_message(); + + if ( ! $this->_spool_email()) + { + return FALSE; + } + else + { + return TRUE; + } + } + + // -------------------------------------------------------------------- + + /** + * Batch Bcc Send. Sends groups of BCCs in batches + * + * @access public + * @return bool + */ + function batch_bcc_send() + { + $float = $this->bcc_batch_size -1; + + $set = ""; + + $chunk = array(); + + for ($i = 0; $i < count($this->_bcc_array); $i++) + { + if (isset($this->_bcc_array[$i])) + { + $set .= ", ".$this->_bcc_array[$i]; + } + + if ($i == $float) + { + $chunk[] = substr($set, 1); + $float = $float + $this->bcc_batch_size; + $set = ""; + } + + if ($i == count($this->_bcc_array)-1) + { + $chunk[] = substr($set, 1); + } + } + + for ($i = 0; $i < count($chunk); $i++) + { + unset($this->_headers['Bcc']); + unset($bcc); + + $bcc = $this->_str_to_array($chunk[$i]); + $bcc = $this->clean_email($bcc); + + if ($this->protocol != 'smtp') + { + $this->_set_header('Bcc', implode(", ", $bcc)); + } + else + { + $this->_bcc_array = $bcc; + } + + $this->_build_message(); + $this->_spool_email(); + } + } + + // -------------------------------------------------------------------- + + /** + * Unwrap special elements + * + * @access private + * @return void + */ + function _unwrap_specials() + { + $this->_finalbody = preg_replace_callback("/\{unwrap\}(.*?)\{\/unwrap\}/si", array($this, '_remove_nl_callback'), $this->_finalbody); + } + + // -------------------------------------------------------------------- + + /** + * Strip line-breaks via callback + * + * @access private + * @return string + */ + function _remove_nl_callback($matches) + { + if (strpos($matches[1], "\r") !== FALSE OR strpos($matches[1], "\n") !== FALSE) + { + $matches[1] = str_replace(array("\r\n", "\r", "\n"), '', $matches[1]); + } + + return $matches[1]; + } + + // -------------------------------------------------------------------- + + /** + * Spool mail to the mail server + * + * @access private + * @return bool + */ + function _spool_email() + { + $this->_unwrap_specials(); + + switch ($this->_get_protocol()) + { + case 'mail' : + + if ( ! $this->_send_with_mail()) + { + $this->_set_error_message('email_send_failure_phpmail'); + return FALSE; + } + break; + case 'sendmail' : + + if ( ! $this->_send_with_sendmail()) + { + $this->_set_error_message('email_send_failure_sendmail'); + return FALSE; + } + break; + case 'smtp' : + + if ( ! $this->_send_with_smtp()) + { + $this->_set_error_message('email_send_failure_smtp'); + return FALSE; + } + break; + + } + + $this->_set_error_message('email_sent', $this->_get_protocol()); + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Send using mail() + * + * @access private + * @return bool + */ + function _send_with_mail() + { + if ($this->_safe_mode == TRUE) + { + if ( ! mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str)) + { + return FALSE; + } + else + { + return TRUE; + } + } + else + { + // most documentation of sendmail using the "-f" flag lacks a space after it, however + // we've encountered servers that seem to require it to be in place. + if ( ! mail($this->_recipients, $this->_subject, $this->_finalbody, $this->_header_str, "-f ".$this->clean_email($this->_headers['From']))) + { + return FALSE; + } + else + { + return TRUE; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Send using Sendmail + * + * @access private + * @return bool + */ + function _send_with_sendmail() + { + $fp = @popen($this->mailpath . " -oi -f ".$this->clean_email($this->_headers['From'])." -t", 'w'); + + if ($fp === FALSE OR $fp === NULL) + { + // server probably has popen disabled, so nothing we can do to get a verbose error. + return FALSE; + } + + fputs($fp, $this->_header_str); + fputs($fp, $this->_finalbody); + + $status = pclose($fp); + + if (version_compare(PHP_VERSION, '4.2.3') == -1) + { + $status = $status >> 8 & 0xFF; + } + + if ($status != 0) + { + $this->_set_error_message('email_exit_status', $status); + $this->_set_error_message('email_no_socket'); + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Send using SMTP + * + * @access private + * @return bool + */ + function _send_with_smtp() + { + if ($this->smtp_host == '') + { + $this->_set_error_message('email_no_hostname'); + return FALSE; + } + + $this->_smtp_connect(); + $this->_smtp_authenticate(); + + $this->_send_command('from', $this->clean_email($this->_headers['From'])); + + foreach($this->_recipients as $val) + { + $this->_send_command('to', $val); + } + + if (count($this->_cc_array) > 0) + { + foreach($this->_cc_array as $val) + { + if ($val != "") + { + $this->_send_command('to', $val); + } + } + } + + if (count($this->_bcc_array) > 0) + { + foreach($this->_bcc_array as $val) + { + if ($val != "") + { + $this->_send_command('to', $val); + } + } + } + + $this->_send_command('data'); + + // perform dot transformation on any lines that begin with a dot + $this->_send_data($this->_header_str . preg_replace('/^\./m', '..$1', $this->_finalbody)); + + $this->_send_data('.'); + + $reply = $this->_get_smtp_data(); + + $this->_set_error_message($reply); + + if (strncmp($reply, '250', 3) != 0) + { + $this->_set_error_message('email_smtp_error', $reply); + return FALSE; + } + + $this->_send_command('quit'); + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * SMTP Connect + * + * @access private + * @param string + * @return string + */ + function _smtp_connect() + { + $this->_smtp_connect = fsockopen($this->smtp_host, + $this->smtp_port, + $errno, + $errstr, + $this->smtp_timeout); + + if( ! is_resource($this->_smtp_connect)) + { + $this->_set_error_message('email_smtp_error', $errno." ".$errstr); + return FALSE; + } + + $this->_set_error_message($this->_get_smtp_data()); + return $this->_send_command('hello'); + } + + // -------------------------------------------------------------------- + + /** + * Send SMTP command + * + * @access private + * @param string + * @param string + * @return string + */ + function _send_command($cmd, $data = '') + { + switch ($cmd) + { + case 'hello' : + + if ($this->_smtp_auth OR $this->_get_encoding() == '8bit') + $this->_send_data('EHLO '.$this->_get_hostname()); + else + $this->_send_data('HELO '.$this->_get_hostname()); + + $resp = 250; + break; + case 'from' : + + $this->_send_data('MAIL FROM:<'.$data.'>'); + + $resp = 250; + break; + case 'to' : + + $this->_send_data('RCPT TO:<'.$data.'>'); + + $resp = 250; + break; + case 'data' : + + $this->_send_data('DATA'); + + $resp = 354; + break; + case 'quit' : + + $this->_send_data('QUIT'); + + $resp = 221; + break; + } + + $reply = $this->_get_smtp_data(); + + $this->_debug_msg[] = "<pre>".$cmd.": ".$reply."</pre>"; + + if (substr($reply, 0, 3) != $resp) + { + $this->_set_error_message('email_smtp_error', $reply); + return FALSE; + } + + if ($cmd == 'quit') + { + fclose($this->_smtp_connect); + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * SMTP Authenticate + * + * @access private + * @return bool + */ + function _smtp_authenticate() + { + if ( ! $this->_smtp_auth) + { + return TRUE; + } + + if ($this->smtp_user == "" AND $this->smtp_pass == "") + { + $this->_set_error_message('email_no_smtp_unpw'); + return FALSE; + } + + $this->_send_data('AUTH LOGIN'); + + $reply = $this->_get_smtp_data(); + + if (strncmp($reply, '334', 3) != 0) + { + $this->_set_error_message('email_failed_smtp_login', $reply); + return FALSE; + } + + $this->_send_data(base64_encode($this->smtp_user)); + + $reply = $this->_get_smtp_data(); + + if (strncmp($reply, '334', 3) != 0) + { + $this->_set_error_message('email_smtp_auth_un', $reply); + return FALSE; + } + + $this->_send_data(base64_encode($this->smtp_pass)); + + $reply = $this->_get_smtp_data(); + + if (strncmp($reply, '235', 3) != 0) + { + $this->_set_error_message('email_smtp_auth_pw', $reply); + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Send SMTP data + * + * @access private + * @return bool + */ + function _send_data($data) + { + if ( ! fwrite($this->_smtp_connect, $data . $this->newline)) + { + $this->_set_error_message('email_smtp_data_failure', $data); + return FALSE; + } + else + { + return TRUE; + } + } + + // -------------------------------------------------------------------- + + /** + * Get SMTP data + * + * @access private + * @return string + */ + function _get_smtp_data() + { + $data = ""; + + while ($str = fgets($this->_smtp_connect, 512)) + { + $data .= $str; + + if (substr($str, 3, 1) == " ") + { + break; + } + } + + return $data; + } + + // -------------------------------------------------------------------- + + /** + * Get Hostname + * + * @access private + * @return string + */ + function _get_hostname() + { + return (isset($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : 'localhost.localdomain'; + } + + // -------------------------------------------------------------------- + + /** + * Get IP + * + * @access private + * @return string + */ + function _get_ip() + { + if ($this->_IP !== FALSE) + { + return $this->_IP; + } + + $cip = (isset($_SERVER['HTTP_CLIENT_IP']) AND $_SERVER['HTTP_CLIENT_IP'] != "") ? $_SERVER['HTTP_CLIENT_IP'] : FALSE; + $rip = (isset($_SERVER['REMOTE_ADDR']) AND $_SERVER['REMOTE_ADDR'] != "") ? $_SERVER['REMOTE_ADDR'] : FALSE; + $fip = (isset($_SERVER['HTTP_X_FORWARDED_FOR']) AND $_SERVER['HTTP_X_FORWARDED_FOR'] != "") ? $_SERVER['HTTP_X_FORWARDED_FOR'] : FALSE; + + if ($cip && $rip) $this->_IP = $cip; + elseif ($rip) $this->_IP = $rip; + elseif ($cip) $this->_IP = $cip; + elseif ($fip) $this->_IP = $fip; + + if (strstr($this->_IP, ',')) + { + $x = explode(',', $this->_IP); + $this->_IP = end($x); + } + + if ( ! preg_match( "/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", $this->_IP)) + { + $this->_IP = '0.0.0.0'; + } + + unset($cip); + unset($rip); + unset($fip); + + return $this->_IP; + } + + // -------------------------------------------------------------------- + + /** + * Get Debug Message + * + * @access public + * @return string + */ + function print_debugger() + { + $msg = ''; + + if (count($this->_debug_msg) > 0) + { + foreach ($this->_debug_msg as $val) + { + $msg .= $val; + } + } + + $msg .= "<pre>".$this->_header_str."\n".htmlspecialchars($this->_subject)."\n".htmlspecialchars($this->_finalbody).'</pre>'; + return $msg; + } + + // -------------------------------------------------------------------- + + /** + * Set Message + * + * @access private + * @param string + * @return string + */ + function _set_error_message($msg, $val = '') + { + $CI =& get_instance(); + $CI->lang->load('email'); + + if (FALSE === ($line = $CI->lang->line($msg))) + { + $this->_debug_msg[] = str_replace('%s', $val, $msg)."<br />"; + } + else + { + $this->_debug_msg[] = str_replace('%s', $val, $line)."<br />"; + } + } + + // -------------------------------------------------------------------- + + /** + * Mime Types + * + * @access private + * @param string + * @return string + */ + function _mime_types($ext = "") + { + $mimes = array( 'hqx' => 'application/mac-binhex40', + 'cpt' => 'application/mac-compactpro', + 'doc' => 'application/msword', + 'bin' => 'application/macbinary', + 'dms' => 'application/octet-stream', + 'lha' => 'application/octet-stream', + 'lzh' => 'application/octet-stream', + 'exe' => 'application/octet-stream', + 'class' => 'application/octet-stream', + 'psd' => 'application/octet-stream', + 'so' => 'application/octet-stream', + 'sea' => 'application/octet-stream', + 'dll' => 'application/octet-stream', + 'oda' => 'application/oda', + 'pdf' => 'application/pdf', + 'ai' => 'application/postscript', + 'eps' => 'application/postscript', + 'ps' => 'application/postscript', + 'smi' => 'application/smil', + 'smil' => 'application/smil', + 'mif' => 'application/vnd.mif', + 'xls' => 'application/vnd.ms-excel', + 'ppt' => 'application/vnd.ms-powerpoint', + 'wbxml' => 'application/vnd.wap.wbxml', + 'wmlc' => 'application/vnd.wap.wmlc', + 'dcr' => 'application/x-director', + 'dir' => 'application/x-director', + 'dxr' => 'application/x-director', + 'dvi' => 'application/x-dvi', + 'gtar' => 'application/x-gtar', + 'php' => 'application/x-httpd-php', + 'php4' => 'application/x-httpd-php', + 'php3' => 'application/x-httpd-php', + 'phtml' => 'application/x-httpd-php', + 'phps' => 'application/x-httpd-php-source', + 'js' => 'application/x-javascript', + 'swf' => 'application/x-shockwave-flash', + 'sit' => 'application/x-stuffit', + 'tar' => 'application/x-tar', + 'tgz' => 'application/x-tar', + 'xhtml' => 'application/xhtml+xml', + 'xht' => 'application/xhtml+xml', + 'zip' => 'application/zip', + 'mid' => 'audio/midi', + 'midi' => 'audio/midi', + 'mpga' => 'audio/mpeg', + 'mp2' => 'audio/mpeg', + 'mp3' => 'audio/mpeg', + 'aif' => 'audio/x-aiff', + 'aiff' => 'audio/x-aiff', + 'aifc' => 'audio/x-aiff', + 'ram' => 'audio/x-pn-realaudio', + 'rm' => 'audio/x-pn-realaudio', + 'rpm' => 'audio/x-pn-realaudio-plugin', + 'ra' => 'audio/x-realaudio', + 'rv' => 'video/vnd.rn-realvideo', + 'wav' => 'audio/x-wav', + 'bmp' => 'image/bmp', + 'gif' => 'image/gif', + 'jpeg' => 'image/jpeg', + 'jpg' => 'image/jpeg', + 'jpe' => 'image/jpeg', + 'png' => 'image/png', + 'tiff' => 'image/tiff', + 'tif' => 'image/tiff', + 'css' => 'text/css', + 'html' => 'text/html', + 'htm' => 'text/html', + 'shtml' => 'text/html', + 'txt' => 'text/plain', + 'text' => 'text/plain', + 'log' => 'text/plain', + 'rtx' => 'text/richtext', + 'rtf' => 'text/rtf', + 'xml' => 'text/xml', + 'xsl' => 'text/xml', + 'mpeg' => 'video/mpeg', + 'mpg' => 'video/mpeg', + 'mpe' => 'video/mpeg', + 'qt' => 'video/quicktime', + 'mov' => 'video/quicktime', + 'avi' => 'video/x-msvideo', + 'movie' => 'video/x-sgi-movie', + 'doc' => 'application/msword', + 'word' => 'application/msword', + 'xl' => 'application/excel', + 'eml' => 'message/rfc822' + ); + + return ( ! isset($mimes[strtolower($ext)])) ? "application/x-unknown-content-type" : $mimes[strtolower($ext)]; + } + +} +// END CI_Email class + +/* End of file Email.php */ +/* Location: ./system/libraries/Email.php */
\ No newline at end of file diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php new file mode 100644 index 000000000..95c758fb4 --- /dev/null +++ b/system/libraries/Encrypt.php @@ -0,0 +1,484 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * CodeIgniter Encryption Class + * + * Provides two-way keyed encoding using XOR Hashing and Mcrypt + * + * @package CodeIgniter + * @subpackage Libraries + * @category Libraries + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/encryption.html + */ +class CI_Encrypt { + + var $CI; + var $encryption_key = ''; + var $_hash_type = 'sha1'; + var $_mcrypt_exists = FALSE; + var $_mcrypt_cipher; + var $_mcrypt_mode; + + /** + * Constructor + * + * Simply determines whether the mcrypt library exists. + * + */ + function CI_Encrypt() + { + $this->CI =& get_instance(); + $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; + log_message('debug', "Encrypt Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Fetch the encryption key + * + * Returns it as MD5 in order to have an exact-length 128 bit key. + * Mcrypt is sensitive to keys that are not the correct length + * + * @access public + * @param string + * @return string + */ + function get_key($key = '') + { + if ($key == '') + { + if ($this->encryption_key != '') + { + return $this->encryption_key; + } + + $CI =& get_instance(); + $key = $CI->config->item('encryption_key'); + + if ($key === FALSE) + { + show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); + } + } + + return md5($key); + } + + // -------------------------------------------------------------------- + + /** + * Set the encryption key + * + * @access public + * @param string + * @return void + */ + function set_key($key = '') + { + $this->encryption_key = $key; + } + + // -------------------------------------------------------------------- + + /** + * Encode + * + * Encodes the message string using bitwise XOR encoding. + * The key is combined with a random hash, and then it + * too gets converted using XOR. The whole thing is then run + * through mcrypt (if supported) using the randomized key. + * The end result is a double-encrypted message string + * that is randomized with each call to this function, + * even if the supplied message and key are the same. + * + * @access public + * @param string the string to encode + * @param string the key + * @return string + */ + function encode($string, $key = '') + { + $key = $this->get_key($key); + $enc = $this->_xor_encode($string, $key); + + if ($this->_mcrypt_exists === TRUE) + { + $enc = $this->mcrypt_encode($enc, $key); + } + return base64_encode($enc); + } + + // -------------------------------------------------------------------- + + /** + * Decode + * + * Reverses the above process + * + * @access public + * @param string + * @param string + * @return string + */ + function decode($string, $key = '') + { + $key = $this->get_key($key); + + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + { + return FALSE; + } + + $dec = base64_decode($string); + + if ($this->_mcrypt_exists === TRUE) + { + if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) + { + return FALSE; + } + } + + return $this->_xor_decode($dec, $key); + } + + // -------------------------------------------------------------------- + + /** + * XOR Encode + * + * Takes a plain-text string and key as input and generates an + * encoded bit-string using XOR + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_encode($string, $key) + { + $rand = ''; + while (strlen($rand) < 32) + { + $rand .= mt_rand(0, mt_getrandmax()); + } + + $rand = $this->hash($rand); + + $enc = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); + } + + return $this->_xor_merge($enc, $key); + } + + // -------------------------------------------------------------------- + + /** + * XOR Decode + * + * Takes an encoded string and key as input and generates the + * plain-text original message + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_decode($string, $key) + { + $string = $this->_xor_merge($string, $key); + + $dec = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); + } + + return $dec; + } + + // -------------------------------------------------------------------- + + /** + * XOR key + string Combiner + * + * Takes a string and key as input and computes the difference using XOR + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_merge($string, $key) + { + $hash = $this->hash($key); + $str = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Encrypt using Mcrypt + * + * @access public + * @param string + * @param string + * @return string + */ + function mcrypt_encode($data, $key) + { + $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); + $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); + return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key); + } + + // -------------------------------------------------------------------- + + /** + * Decrypt using Mcrypt + * + * @access public + * @param string + * @param string + * @return string + */ + function mcrypt_decode($data, $key) + { + $data = $this->_remove_cipher_noise($data, $key); + $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); + + if ($init_size > strlen($data)) + { + return FALSE; + } + + $init_vect = substr($data, 0, $init_size); + $data = substr($data, $init_size); + return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); + } + + // -------------------------------------------------------------------- + + /** + * Adds permuted noise to the IV + encrypted data to protect + * against Man-in-the-middle attacks on CBC mode ciphers + * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV + * + * Function description + * + * @access private + * @param string + * @param string + * @return string + */ + function _add_cipher_noise($data, $key) + { + $keyhash = $this->hash($key); + $keylen = strlen($keyhash); + $str = ''; + + for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + { + if ($j >= $keylen) + { + $j = 0; + } + + $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Removes permuted noise from the IV + encrypted data, reversing + * _add_cipher_noise() + * + * Function description + * + * @access public + * @param type + * @return type + */ + function _remove_cipher_noise($data, $key) + { + $keyhash = $this->hash($key); + $keylen = strlen($keyhash); + $str = ''; + + for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + { + if ($j >= $keylen) + { + $j = 0; + } + + $temp = ord($data[$i]) - ord($keyhash[$j]); + + if ($temp < 0) + { + $temp = $temp + 256; + } + + $str .= chr($temp); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Set the Mcrypt Cipher + * + * @access public + * @param constant + * @return string + */ + function set_cipher($cipher) + { + $this->_mcrypt_cipher = $cipher; + } + + // -------------------------------------------------------------------- + + /** + * Set the Mcrypt Mode + * + * @access public + * @param constant + * @return string + */ + function set_mode($mode) + { + $this->_mcrypt_mode = $mode; + } + + // -------------------------------------------------------------------- + + /** + * Get Mcrypt cipher Value + * + * @access private + * @return string + */ + function _get_cipher() + { + if ($this->_mcrypt_cipher == '') + { + $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; + } + + return $this->_mcrypt_cipher; + } + + // -------------------------------------------------------------------- + + /** + * Get Mcrypt Mode Value + * + * @access private + * @return string + */ + function _get_mode() + { + if ($this->_mcrypt_mode == '') + { + $this->_mcrypt_mode = MCRYPT_MODE_ECB; + } + + return $this->_mcrypt_mode; + } + + // -------------------------------------------------------------------- + + /** + * Set the Hash type + * + * @access public + * @param string + * @return string + */ + function set_hash($type = 'sha1') + { + $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; + } + + // -------------------------------------------------------------------- + + /** + * Hash encode a string + * + * @access public + * @param string + * @return string + */ + function hash($str) + { + return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); + } + + // -------------------------------------------------------------------- + + /** + * Generate an SHA1 Hash + * + * @access public + * @param string + * @return string + */ + function sha1($str) + { + if ( ! function_exists('sha1')) + { + if ( ! function_exists('mhash')) + { + require_once(BASEPATH.'libraries/Sha1'.EXT); + $SH = new CI_SHA; + return $SH->generate($str); + } + else + { + return bin2hex(mhash(MHASH_SHA1, $str)); + } + } + else + { + return sha1($str); + } + } + +} + +// END CI_Encrypt class + +/* End of file Encrypt.php */ +/* Location: ./system/libraries/Encrypt.php */
\ No newline at end of file diff --git a/system/libraries/Exceptions.php b/system/libraries/Exceptions.php new file mode 100644 index 000000000..9c655a174 --- /dev/null +++ b/system/libraries/Exceptions.php @@ -0,0 +1,174 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Exceptions Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Exceptions + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/exceptions.html + */ +class CI_Exceptions { + var $action; + var $severity; + var $message; + var $filename; + var $line; + var $ob_level; + + var $levels = array( + E_ERROR => 'Error', + E_WARNING => 'Warning', + E_PARSE => 'Parsing Error', + E_NOTICE => 'Notice', + E_CORE_ERROR => 'Core Error', + E_CORE_WARNING => 'Core Warning', + E_COMPILE_ERROR => 'Compile Error', + E_COMPILE_WARNING => 'Compile Warning', + E_USER_ERROR => 'User Error', + E_USER_WARNING => 'User Warning', + E_USER_NOTICE => 'User Notice', + E_STRICT => 'Runtime Notice' + ); + + + /** + * Constructor + * + */ + function CI_Exceptions() + { + $this->ob_level = ob_get_level(); + // Note: Do not log messages from this constructor. + } + + // -------------------------------------------------------------------- + + /** + * Exception Logger + * + * This function logs PHP generated error messages + * + * @access private + * @param string the error severity + * @param string the error string + * @param string the error filepath + * @param string the error line number + * @return string + */ + function log_exception($severity, $message, $filepath, $line) + { + $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; + + log_message('error', 'Severity: '.$severity.' --> '.$message. ' '.$filepath.' '.$line, TRUE); + } + + // -------------------------------------------------------------------- + + /** + * 404 Page Not Found Handler + * + * @access private + * @param string + * @return string + */ + function show_404($page = '') + { + $heading = "404 Page Not Found"; + $message = "The page you requested was not found."; + + log_message('error', '404 Page Not Found --> '.$page); + echo $this->show_error($heading, $message, 'error_404', 404); + exit; + } + + // -------------------------------------------------------------------- + + /** + * General Error Page + * + * This function takes an error message as input + * (either as a string or an array) and displays + * it using the specified template. + * + * @access private + * @param string the heading + * @param string the message + * @param string the template name + * @return string + */ + function show_error($heading, $message, $template = 'error_general', $status_code = 500) + { + set_status_header($status_code); + + $message = '<p>'.implode('</p><p>', ( ! is_array($message)) ? array($message) : $message).'</p>'; + + if (ob_get_level() > $this->ob_level + 1) + { + ob_end_flush(); + } + ob_start(); + include(APPPATH.'errors/'.$template.EXT); + $buffer = ob_get_contents(); + ob_end_clean(); + return $buffer; + } + + // -------------------------------------------------------------------- + + /** + * Native PHP error handler + * + * @access private + * @param string the error severity + * @param string the error string + * @param string the error filepath + * @param string the error line number + * @return string + */ + function show_php_error($severity, $message, $filepath, $line) + { + $severity = ( ! isset($this->levels[$severity])) ? $severity : $this->levels[$severity]; + + $filepath = str_replace("\\", "/", $filepath); + + // For safety reasons we do not show the full file path + if (FALSE !== strpos($filepath, '/')) + { + $x = explode('/', $filepath); + $filepath = $x[count($x)-2].'/'.end($x); + } + + if (ob_get_level() > $this->ob_level + 1) + { + ob_end_flush(); + } + ob_start(); + include(APPPATH.'errors/error_php'.EXT); + $buffer = ob_get_contents(); + ob_end_clean(); + echo $buffer; + } + + +} +// END Exceptions Class + +/* End of file Exceptions.php */ +/* Location: ./system/libraries/Exceptions.php */
\ No newline at end of file diff --git a/system/libraries/Form_validation.php b/system/libraries/Form_validation.php new file mode 100644 index 000000000..1497d8517 --- /dev/null +++ b/system/libraries/Form_validation.php @@ -0,0 +1,1278 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Form Validation Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Validation + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/form_validation.html + */ +class CI_Form_validation { + + var $CI; + var $_field_data = array(); + var $_config_rules = array(); + var $_error_array = array(); + var $_error_messages = array(); + var $_error_prefix = '<p>'; + var $_error_suffix = '</p>'; + var $error_string = ''; + var $_safe_form_data = FALSE; + + + /** + * Constructor + * + */ + function CI_Form_validation($rules = array()) + { + $this->CI =& get_instance(); + + // Validation rules can be stored in a config file. + $this->_config_rules = $rules; + + // Automatically load the form helper + $this->CI->load->helper('form'); + + // Set the character encoding in MB. + if (function_exists('mb_internal_encoding')) + { + mb_internal_encoding($this->CI->config->item('charset')); + } + + log_message('debug', "Form Validation Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Set Rules + * + * This function takes an array of field names and validation + * rules as input, validates the info, and stores it + * + * @access public + * @param mixed + * @param string + * @return void + */ + function set_rules($field, $label = '', $rules = '') + { + // No reason to set rules if we have no POST data + if (count($_POST) == 0) + { + return; + } + + // If an array was passed via the first parameter instead of indidual string + // values we cycle through it and recursively call this function. + if (is_array($field)) + { + foreach ($field as $row) + { + // Houston, we have a problem... + if ( ! isset($row['field']) OR ! isset($row['rules'])) + { + continue; + } + + // If the field label wasn't passed we use the field name + $label = ( ! isset($row['label'])) ? $row['field'] : $row['label']; + + // Here we go! + $this->set_rules($row['field'], $label, $row['rules']); + } + return; + } + + // No fields? Nothing to do... + if ( ! is_string($field) OR ! is_string($rules) OR $field == '') + { + return; + } + + // If the field label wasn't passed we use the field name + $label = ($label == '') ? $field : $label; + + // Is the field name an array? We test for the existence of a bracket "[" in + // the field name to determine this. If it is an array, we break it apart + // into its components so that we can fetch the corresponding POST data later + if (strpos($field, '[') !== FALSE AND preg_match_all('/\[(.*?)\]/', $field, $matches)) + { + // Note: Due to a bug in current() that affects some versions + // of PHP we can not pass function call directly into it + $x = explode('[', $field); + $indexes[] = current($x); + + for ($i = 0; $i < count($matches['0']); $i++) + { + if ($matches['1'][$i] != '') + { + $indexes[] = $matches['1'][$i]; + } + } + + $is_array = TRUE; + } + else + { + $indexes = array(); + $is_array = FALSE; + } + + // Build our master array + $this->_field_data[$field] = array( + 'field' => $field, + 'label' => $label, + 'rules' => $rules, + 'is_array' => $is_array, + 'keys' => $indexes, + 'postdata' => NULL, + 'error' => '' + ); + } + + // -------------------------------------------------------------------- + + /** + * Set Error Message + * + * Lets users set their own error messages on the fly. Note: The key + * name has to match the function name that it corresponds to. + * + * @access public + * @param string + * @param string + * @return string + */ + function set_message($lang, $val = '') + { + if ( ! is_array($lang)) + { + $lang = array($lang => $val); + } + + $this->_error_messages = array_merge($this->_error_messages, $lang); + } + + // -------------------------------------------------------------------- + + /** + * Set The Error Delimiter + * + * Permits a prefix/suffix to be added to each error message + * + * @access public + * @param string + * @param string + * @return void + */ + function set_error_delimiters($prefix = '<p>', $suffix = '</p>') + { + $this->_error_prefix = $prefix; + $this->_error_suffix = $suffix; + } + + // -------------------------------------------------------------------- + + /** + * Get Error Message + * + * Gets the error message associated with a particular field + * + * @access public + * @param string the field name + * @return void + */ + function error($field = '', $prefix = '', $suffix = '') + { + if ( ! isset($this->_field_data[$field]['error']) OR $this->_field_data[$field]['error'] == '') + { + return ''; + } + + if ($prefix == '') + { + $prefix = $this->_error_prefix; + } + + if ($suffix == '') + { + $suffix = $this->_error_suffix; + } + + return $prefix.$this->_field_data[$field]['error'].$suffix; + } + + // -------------------------------------------------------------------- + + /** + * Error String + * + * Returns the error messages as a string, wrapped in the error delimiters + * + * @access public + * @param string + * @param string + * @return str + */ + function error_string($prefix = '', $suffix = '') + { + // No errrors, validation passes! + if (count($this->_error_array) === 0) + { + return ''; + } + + if ($prefix == '') + { + $prefix = $this->_error_prefix; + } + + if ($suffix == '') + { + $suffix = $this->_error_suffix; + } + + // Generate the error string + $str = ''; + foreach ($this->_error_array as $val) + { + if ($val != '') + { + $str .= $prefix.$val.$suffix."\n"; + } + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Run the Validator + * + * This function does all the work. + * + * @access public + * @return bool + */ + function run($group = '') + { + // Do we even have any data to process? Mm? + if (count($_POST) == 0) + { + return FALSE; + } + + // Does the _field_data array containing the validation rules exist? + // If not, we look to see if they were assigned via a config file + if (count($this->_field_data) == 0) + { + // No validation rules? We're done... + if (count($this->_config_rules) == 0) + { + return FALSE; + } + + // Is there a validation rule for the particular URI being accessed? + $uri = ($group == '') ? trim($this->CI->uri->ruri_string(), '/') : $group; + + if ($uri != '' AND isset($this->_config_rules[$uri])) + { + $this->set_rules($this->_config_rules[$uri]); + } + else + { + $this->set_rules($this->_config_rules); + } + + // We're we able to set the rules correctly? + if (count($this->_field_data) == 0) + { + log_message('debug', "Unable to find validation rules"); + return FALSE; + } + } + + // Load the language file containing error messages + $this->CI->lang->load('form_validation'); + + // Cycle through the rules for each field, match the + // corresponding $_POST item and test for errors + foreach ($this->_field_data as $field => $row) + { + // Fetch the data from the corresponding $_POST array and cache it in the _field_data array. + // Depending on whether the field name is an array or a string will determine where we get it from. + + if ($row['is_array'] == TRUE) + { + $this->_field_data[$field]['postdata'] = $this->_reduce_array($_POST, $row['keys']); + } + else + { + if (isset($_POST[$field]) AND $_POST[$field] != "") + { + $this->_field_data[$field]['postdata'] = $_POST[$field]; + } + } + + $this->_execute($row, explode('|', $row['rules']), $this->_field_data[$field]['postdata']); + } + + // Did we end up with any errors? + $total_errors = count($this->_error_array); + + if ($total_errors > 0) + { + $this->_safe_form_data = TRUE; + } + + // Now we need to re-set the POST data with the new, processed data + $this->_reset_post_array(); + + // No errors, validation passes! + if ($total_errors == 0) + { + return TRUE; + } + + // Validation fails + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Traverse a multidimensional $_POST array index until the data is found + * + * @access private + * @param array + * @param array + * @param integer + * @return mixed + */ + function _reduce_array($array, $keys, $i = 0) + { + if (is_array($array)) + { + if (isset($keys[$i])) + { + if (isset($array[$keys[$i]])) + { + $array = $this->_reduce_array($array[$keys[$i]], $keys, ($i+1)); + } + else + { + return NULL; + } + } + else + { + return $array; + } + } + + return $array; + } + + // -------------------------------------------------------------------- + + /** + * Re-populate the _POST array with our finalized and processed data + * + * @access private + * @return null + */ + function _reset_post_array() + { + foreach ($this->_field_data as $field => $row) + { + if ( ! is_null($row['postdata'])) + { + if ($row['is_array'] == FALSE) + { + if (isset($_POST[$row['field']])) + { + $_POST[$row['field']] = $this->prep_for_form($row['postdata']); + } + } + else + { + // start with a reference + $post_ref =& $_POST; + + // before we assign values, make a reference to the right POST key + if (count($row['keys']) == 1) + { + $post_ref =& $post_ref[current($row['keys'])]; + } + else + { + foreach ($row['keys'] as $val) + { + $post_ref =& $post_ref[$val]; + } + } + + if (is_array($row['postdata'])) + { + $array = array(); + foreach ($row['postdata'] as $k => $v) + { + $array[$k] = $this->prep_for_form($v); + } + + $post_ref = $array; + } + else + { + $post_ref = $this->prep_for_form($row['postdata']); + } + } + } + } + } + + // -------------------------------------------------------------------- + + /** + * Executes the Validation routines + * + * @access private + * @param array + * @param array + * @param mixed + * @param integer + * @return mixed + */ + function _execute($row, $rules, $postdata = NULL, $cycles = 0) + { + // If the $_POST data is an array we will run a recursive call + if (is_array($postdata)) + { + foreach ($postdata as $key => $val) + { + $this->_execute($row, $rules, $val, $cycles); + $cycles++; + } + + return; + } + + // -------------------------------------------------------------------- + + // If the field is blank, but NOT required, no further tests are necessary + $callback = FALSE; + if ( ! in_array('required', $rules) AND is_null($postdata)) + { + // Before we bail out, does the rule contain a callback? + if (preg_match("/(callback_\w+)/", implode(' ', $rules), $match)) + { + $callback = TRUE; + $rules = (array('1' => $match[1])); + } + else + { + return; + } + } + + // -------------------------------------------------------------------- + + // Isset Test. Typically this rule will only apply to checkboxes. + if (is_null($postdata) AND $callback == FALSE) + { + if (in_array('isset', $rules, TRUE) OR in_array('required', $rules)) + { + // Set the message type + $type = (in_array('required', $rules)) ? 'required' : 'isset'; + + if ( ! isset($this->_error_messages[$type])) + { + if (FALSE === ($line = $this->CI->lang->line($type))) + { + $line = 'The field was not set'; + } + } + else + { + $line = $this->_error_messages[$type]; + } + + // Build the error message + $message = sprintf($line, $this->_translate_fieldname($row['label'])); + + // Save the error message + $this->_field_data[$row['field']]['error'] = $message; + + if ( ! isset($this->_error_array[$row['field']])) + { + $this->_error_array[$row['field']] = $message; + } + } + + return; + } + + // -------------------------------------------------------------------- + + // Cycle through each rule and run it + foreach ($rules As $rule) + { + $_in_array = FALSE; + + // We set the $postdata variable with the current data in our master array so that + // each cycle of the loop is dealing with the processed data from the last cycle + if ($row['is_array'] == TRUE AND is_array($this->_field_data[$row['field']]['postdata'])) + { + // We shouldn't need this safety, but just in case there isn't an array index + // associated with this cycle we'll bail out + if ( ! isset($this->_field_data[$row['field']]['postdata'][$cycles])) + { + continue; + } + + $postdata = $this->_field_data[$row['field']]['postdata'][$cycles]; + $_in_array = TRUE; + } + else + { + $postdata = $this->_field_data[$row['field']]['postdata']; + } + + // -------------------------------------------------------------------- + + // Is the rule a callback? + $callback = FALSE; + if (substr($rule, 0, 9) == 'callback_') + { + $rule = substr($rule, 9); + $callback = TRUE; + } + + // Strip the parameter (if exists) from the rule + // Rules can contain a parameter: max_length[5] + $param = FALSE; + if (preg_match("/(.*?)\[(.*?)\]/", $rule, $match)) + { + $rule = $match[1]; + $param = $match[2]; + } + + // Call the function that corresponds to the rule + if ($callback === TRUE) + { + if ( ! method_exists($this->CI, $rule)) + { + continue; + } + + // Run the function and grab the result + $result = $this->CI->$rule($postdata, $param); + + // Re-assign the result to the master data array + if ($_in_array == TRUE) + { + $this->_field_data[$row['field']]['postdata'][$cycles] = (is_bool($result)) ? $postdata : $result; + } + else + { + $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result; + } + + // If the field isn't required and we just processed a callback we'll move on... + if ( ! in_array('required', $rules, TRUE) AND $result !== FALSE) + { + continue; + } + } + else + { + if ( ! method_exists($this, $rule)) + { + // If our own wrapper function doesn't exist we see if a native PHP function does. + // Users can use any native PHP function call that has one param. + if (function_exists($rule)) + { + $result = $rule($postdata); + + if ($_in_array == TRUE) + { + $this->_field_data[$row['field']]['postdata'][$cycles] = (is_bool($result)) ? $postdata : $result; + } + else + { + $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result; + } + } + + continue; + } + + $result = $this->$rule($postdata, $param); + + if ($_in_array == TRUE) + { + $this->_field_data[$row['field']]['postdata'][$cycles] = (is_bool($result)) ? $postdata : $result; + } + else + { + $this->_field_data[$row['field']]['postdata'] = (is_bool($result)) ? $postdata : $result; + } + } + + // Did the rule test negatively? If so, grab the error. + if ($result === FALSE) + { + if ( ! isset($this->_error_messages[$rule])) + { + if (FALSE === ($line = $this->CI->lang->line($rule))) + { + $line = 'Unable to access an error message corresponding to your field name.'; + } + } + else + { + $line = $this->_error_messages[$rule]; + } + + // Is the parameter we are inserting into the error message the name + // of another field? If so we need to grab its "field label" + if (isset($this->_field_data[$param]) AND isset($this->_field_data[$param]['label'])) + { + $param = $this->_field_data[$param]['label']; + } + + // Build the error message + $message = sprintf($line, $this->_translate_fieldname($row['label']), $param); + + // Save the error message + $this->_field_data[$row['field']]['error'] = $message; + + if ( ! isset($this->_error_array[$row['field']])) + { + $this->_error_array[$row['field']] = $message; + } + + return; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Translate a field name + * + * @access private + * @param string the field name + * @return string + */ + function _translate_fieldname($fieldname) + { + // Do we need to translate the field name? + // We look for the prefix lang: to determine this + if (substr($fieldname, 0, 5) == 'lang:') + { + // Grab the variable + $line = substr($fieldname, 5); + + // Were we able to translate the field name? If not we use $line + if (FALSE === ($fieldname = $this->CI->lang->line($line))) + { + return $line; + } + } + + return $fieldname; + } + + // -------------------------------------------------------------------- + + /** + * Get the value from a form + * + * Permits you to repopulate a form field with the value it was submitted + * with, or, if that value doesn't exist, with the default + * + * @access public + * @param string the field name + * @param string + * @return void + */ + function set_value($field = '', $default = '') + { + if ( ! isset($this->_field_data[$field])) + { + return $default; + } + + return $this->_field_data[$field]['postdata']; + } + + // -------------------------------------------------------------------- + + /** + * Set Select + * + * Enables pull-down lists to be set to the value the user + * selected in the event of an error + * + * @access public + * @param string + * @param string + * @return string + */ + function set_select($field = '', $value = '', $default = FALSE) + { + if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + { + if ($default === TRUE AND count($this->_field_data) === 0) + { + return ' selected="selected"'; + } + return ''; + } + + $field = $this->_field_data[$field]['postdata']; + + if (is_array($field)) + { + if ( ! in_array($value, $field)) + { + return ''; + } + } + else + { + if (($field == '' OR $value == '') OR ($field != $value)) + { + return ''; + } + } + + return ' selected="selected"'; + } + + // -------------------------------------------------------------------- + + /** + * Set Radio + * + * Enables radio buttons to be set to the value the user + * selected in the event of an error + * + * @access public + * @param string + * @param string + * @return string + */ + function set_radio($field = '', $value = '', $default = FALSE) + { + if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + { + if ($default === TRUE AND count($this->_field_data) === 0) + { + return ' checked="checked"'; + } + return ''; + } + + $field = $this->_field_data[$field]['postdata']; + + if (is_array($field)) + { + if ( ! in_array($value, $field)) + { + return ''; + } + } + else + { + if (($field == '' OR $value == '') OR ($field != $value)) + { + return ''; + } + } + + return ' checked="checked"'; + } + + // -------------------------------------------------------------------- + + /** + * Set Checkbox + * + * Enables checkboxes to be set to the value the user + * selected in the event of an error + * + * @access public + * @param string + * @param string + * @return string + */ + function set_checkbox($field = '', $value = '', $default = FALSE) + { + if ( ! isset($this->_field_data[$field]) OR ! isset($this->_field_data[$field]['postdata'])) + { + if ($default === TRUE AND count($this->_field_data) === 0) + { + return ' checked="checked"'; + } + return ''; + } + + $field = $this->_field_data[$field]['postdata']; + + if (is_array($field)) + { + if ( ! in_array($value, $field)) + { + return ''; + } + } + else + { + if (($field == '' OR $value == '') OR ($field != $value)) + { + return ''; + } + } + + return ' checked="checked"'; + } + + // -------------------------------------------------------------------- + + /** + * Required + * + * @access public + * @param string + * @return bool + */ + function required($str) + { + if ( ! is_array($str)) + { + return (trim($str) == '') ? FALSE : TRUE; + } + else + { + return ( ! empty($str)); + } + } + + // -------------------------------------------------------------------- + + /** + * Match one field to another + * + * @access public + * @param string + * @param field + * @return bool + */ + function matches($str, $field) + { + if ( ! isset($_POST[$field])) + { + return FALSE; + } + + $field = $_POST[$field]; + + return ($str !== $field) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Minimum Length + * + * @access public + * @param string + * @param value + * @return bool + */ + function min_length($str, $val) + { + if (preg_match("/[^0-9]/", $val)) + { + return FALSE; + } + + if (function_exists('mb_strlen')) + { + return (mb_strlen($str) < $val) ? FALSE : TRUE; + } + + return (strlen($str) < $val) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Max Length + * + * @access public + * @param string + * @param value + * @return bool + */ + function max_length($str, $val) + { + if (preg_match("/[^0-9]/", $val)) + { + return FALSE; + } + + if (function_exists('mb_strlen')) + { + return (mb_strlen($str) > $val) ? FALSE : TRUE; + } + + return (strlen($str) > $val) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Exact Length + * + * @access public + * @param string + * @param value + * @return bool + */ + function exact_length($str, $val) + { + if (preg_match("/[^0-9]/", $val)) + { + return FALSE; + } + + if (function_exists('mb_strlen')) + { + return (mb_strlen($str) != $val) ? FALSE : TRUE; + } + + return (strlen($str) != $val) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Valid Email + * + * @access public + * @param string + * @return bool + */ + function valid_email($str) + { + return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Valid Emails + * + * @access public + * @param string + * @return bool + */ + function valid_emails($str) + { + if (strpos($str, ',') === FALSE) + { + return $this->valid_email(trim($str)); + } + + foreach(explode(',', $str) as $email) + { + if (trim($email) != '' && $this->valid_email(trim($email)) === FALSE) + { + return FALSE; + } + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Validate IP Address + * + * @access public + * @param string + * @return string + */ + function valid_ip($ip) + { + return $this->CI->input->valid_ip($ip); + } + + // -------------------------------------------------------------------- + + /** + * Alpha + * + * @access public + * @param string + * @return bool + */ + function alpha($str) + { + return ( ! preg_match("/^([a-z])+$/i", $str)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Alpha-numeric + * + * @access public + * @param string + * @return bool + */ + function alpha_numeric($str) + { + return ( ! preg_match("/^([a-z0-9])+$/i", $str)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Alpha-numeric with underscores and dashes + * + * @access public + * @param string + * @return bool + */ + function alpha_dash($str) + { + return ( ! preg_match("/^([-a-z0-9_-])+$/i", $str)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Numeric + * + * @access public + * @param string + * @return bool + */ + function numeric($str) + { + return (bool)preg_match( '/^[\-+]?[0-9]*\.?[0-9]+$/', $str); + + } + + // -------------------------------------------------------------------- + + /** + * Is Numeric + * + * @access public + * @param string + * @return bool + */ + function is_numeric($str) + { + return ( ! is_numeric($str)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Integer + * + * @access public + * @param string + * @return bool + */ + function integer($str) + { + return (bool)preg_match( '/^[\-+]?[0-9]+$/', $str); + } + + // -------------------------------------------------------------------- + + /** + * Is a Natural number (0,1,2,3, etc.) + * + * @access public + * @param string + * @return bool + */ + function is_natural($str) + { + return (bool)preg_match( '/^[0-9]+$/', $str); + } + + // -------------------------------------------------------------------- + + /** + * Is a Natural number, but not a zero (1,2,3, etc.) + * + * @access public + * @param string + * @return bool + */ + function is_natural_no_zero($str) + { + if ( ! preg_match( '/^[0-9]+$/', $str)) + { + return FALSE; + } + + if ($str == 0) + { + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Valid Base64 + * + * Tests a string for characters outside of the Base64 alphabet + * as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045 + * + * @access public + * @param string + * @return bool + */ + function valid_base64($str) + { + return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str); + } + + // -------------------------------------------------------------------- + + /** + * Prep data for form + * + * This function allows HTML to be safely shown in a form. + * Special characters are converted. + * + * @access public + * @param string + * @return string + */ + function prep_for_form($data = '') + { + if (is_array($data)) + { + foreach ($data as $key => $val) + { + $data[$key] = $this->prep_for_form($val); + } + + return $data; + } + + if ($this->_safe_form_data == FALSE OR $data === '') + { + return $data; + } + + return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data)); + } + + // -------------------------------------------------------------------- + + /** + * Prep URL + * + * @access public + * @param string + * @return string + */ + function prep_url($str = '') + { + if ($str == 'http://' OR $str == '') + { + return ''; + } + + if (substr($str, 0, 7) != 'http://' && substr($str, 0, 8) != 'https://') + { + $str = 'http://'.$str; + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Strip Image Tags + * + * @access public + * @param string + * @return string + */ + function strip_image_tags($str) + { + return $this->CI->input->strip_image_tags($str); + } + + // -------------------------------------------------------------------- + + /** + * XSS Clean + * + * @access public + * @param string + * @return string + */ + function xss_clean($str) + { + return $this->CI->input->xss_clean($str); + } + + // -------------------------------------------------------------------- + + /** + * Convert PHP tags to entities + * + * @access public + * @param string + * @return string + */ + function encode_php_tags($str) + { + return str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); + } + +} +// END Form Validation Class + +/* End of file Form_validation.php */ +/* Location: ./system/libraries/Form_validation.php */
\ No newline at end of file diff --git a/system/libraries/Ftp.php b/system/libraries/Ftp.php new file mode 100644 index 000000000..6fb170496 --- /dev/null +++ b/system/libraries/Ftp.php @@ -0,0 +1,618 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * FTP Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Libraries + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/ftp.html + */ +class CI_FTP { + + var $hostname = ''; + var $username = ''; + var $password = ''; + var $port = 21; + var $passive = TRUE; + var $debug = FALSE; + var $conn_id = FALSE; + + + /** + * Constructor - Sets Preferences + * + * The constructor can be passed an array of config values + */ + function CI_FTP($config = array()) + { + if (count($config) > 0) + { + $this->initialize($config); + } + + log_message('debug', "FTP Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Initialize preferences + * + * @access public + * @param array + * @return void + */ + function initialize($config = array()) + { + foreach ($config as $key => $val) + { + if (isset($this->$key)) + { + $this->$key = $val; + } + } + + // Prep the hostname + $this->hostname = preg_replace('|.+?://|', '', $this->hostname); + } + + // -------------------------------------------------------------------- + + /** + * FTP Connect + * + * @access public + * @param array the connection values + * @return bool + */ + function connect($config = array()) + { + if (count($config) > 0) + { + $this->initialize($config); + } + + if (FALSE === ($this->conn_id = @ftp_connect($this->hostname, $this->port))) + { + if ($this->debug == TRUE) + { + $this->_error('ftp_unable_to_connect'); + } + return FALSE; + } + + if ( ! $this->_login()) + { + if ($this->debug == TRUE) + { + $this->_error('ftp_unable_to_login'); + } + return FALSE; + } + + // Set passive mode if needed + if ($this->passive == TRUE) + { + ftp_pasv($this->conn_id, TRUE); + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * FTP Login + * + * @access private + * @return bool + */ + function _login() + { + return @ftp_login($this->conn_id, $this->username, $this->password); + } + + // -------------------------------------------------------------------- + + /** + * Validates the connection ID + * + * @access private + * @return bool + */ + function _is_conn() + { + if ( ! is_resource($this->conn_id)) + { + if ($this->debug == TRUE) + { + $this->_error('ftp_no_connection'); + } + return FALSE; + } + return TRUE; + } + + // -------------------------------------------------------------------- + + + /** + * Change directory + * + * The second parameter lets us momentarily turn off debugging so that + * this function can be used to test for the existence of a folder + * without throwing an error. There's no FTP equivalent to is_dir() + * so we do it by trying to change to a particular directory. + * Internally, this parameter is only used by the "mirror" function below. + * + * @access public + * @param string + * @param bool + * @return bool + */ + function changedir($path = '', $supress_debug = FALSE) + { + if ($path == '' OR ! $this->_is_conn()) + { + return FALSE; + } + + $result = @ftp_chdir($this->conn_id, $path); + + if ($result === FALSE) + { + if ($this->debug == TRUE AND $supress_debug == FALSE) + { + $this->_error('ftp_unable_to_changedir'); + } + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Create a directory + * + * @access public + * @param string + * @return bool + */ + function mkdir($path = '', $permissions = NULL) + { + if ($path == '' OR ! $this->_is_conn()) + { + return FALSE; + } + + $result = @ftp_mkdir($this->conn_id, $path); + + if ($result === FALSE) + { + if ($this->debug == TRUE) + { + $this->_error('ftp_unable_to_makdir'); + } + return FALSE; + } + + // Set file permissions if needed + if ( ! is_null($permissions)) + { + $this->chmod($path, (int)$permissions); + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Upload a file to the server + * + * @access public + * @param string + * @param string + * @param string + * @return bool + */ + function upload($locpath, $rempath, $mode = 'auto', $permissions = NULL) + { + if ( ! $this->_is_conn()) + { + return FALSE; + } + + if ( ! file_exists($locpath)) + { + $this->_error('ftp_no_source_file'); + return FALSE; + } + + // Set the mode if not specified + if ($mode == 'auto') + { + // Get the file extension so we can set the upload type + $ext = $this->_getext($locpath); + $mode = $this->_settype($ext); + } + + $mode = ($mode == 'ascii') ? FTP_ASCII : FTP_BINARY; + + $result = @ftp_put($this->conn_id, $rempath, $locpath, $mode); + + if ($result === FALSE) + { + if ($this->debug == TRUE) + { + $this->_error('ftp_unable_to_upload'); + } + return FALSE; + } + + // Set file permissions if needed + if ( ! is_null($permissions)) + { + $this->chmod($rempath, (int)$permissions); + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Rename (or move) a file + * + * @access public + * @param string + * @param string + * @param bool + * @return bool + */ + function rename($old_file, $new_file, $move = FALSE) + { + if ( ! $this->_is_conn()) + { + return FALSE; + } + + $result = @ftp_rename($this->conn_id, $old_file, $new_file); + + if ($result === FALSE) + { + if ($this->debug == TRUE) + { + $msg = ($move == FALSE) ? 'ftp_unable_to_rename' : 'ftp_unable_to_move'; + + $this->_error($msg); + } + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Move a file + * + * @access public + * @param string + * @param string + * @return bool + */ + function move($old_file, $new_file) + { + return $this->rename($old_file, $new_file, TRUE); + } + + // -------------------------------------------------------------------- + + /** + * Rename (or move) a file + * + * @access public + * @param string + * @return bool + */ + function delete_file($filepath) + { + if ( ! $this->_is_conn()) + { + return FALSE; + } + + $result = @ftp_delete($this->conn_id, $filepath); + + if ($result === FALSE) + { + if ($this->debug == TRUE) + { + $this->_error('ftp_unable_to_delete'); + } + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Delete a folder and recursively delete everything (including sub-folders) + * containted within it. + * + * @access public + * @param string + * @return bool + */ + function delete_dir($filepath) + { + if ( ! $this->_is_conn()) + { + return FALSE; + } + + // Add a trailing slash to the file path if needed + $filepath = preg_replace("/(.+?)\/*$/", "\\1/", $filepath); + + $list = $this->list_files($filepath); + + if ($list !== FALSE AND count($list) > 0) + { + foreach ($list as $item) + { + // If we can't delete the item it's probaly a folder so + // we'll recursively call delete_dir() + if ( ! @ftp_delete($this->conn_id, $item)) + { + $this->delete_dir($item); + } + } + } + + $result = @ftp_rmdir($this->conn_id, $filepath); + + if ($result === FALSE) + { + if ($this->debug == TRUE) + { + $this->_error('ftp_unable_to_delete'); + } + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Set file permissions + * + * @access public + * @param string the file path + * @param string the permissions + * @return bool + */ + function chmod($path, $perm) + { + if ( ! $this->_is_conn()) + { + return FALSE; + } + + // Permissions can only be set when running PHP 5 + if ( ! function_exists('ftp_chmod')) + { + if ($this->debug == TRUE) + { + $this->_error('ftp_unable_to_chmod'); + } + return FALSE; + } + + $result = @ftp_chmod($this->conn_id, $perm, $path); + + if ($result === FALSE) + { + if ($this->debug == TRUE) + { + $this->_error('ftp_unable_to_chmod'); + } + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * FTP List files in the specified directory + * + * @access public + * @return array + */ + function list_files($path = '.') + { + if ( ! $this->_is_conn()) + { + return FALSE; + } + + return ftp_nlist($this->conn_id, $path); + } + + // ------------------------------------------------------------------------ + + /** + * Read a directory and recreate it remotely + * + * This function recursively reads a folder and everything it contains (including + * sub-folders) and creates a mirror via FTP based on it. Whatever the directory structure + * of the original file path will be recreated on the server. + * + * @access public + * @param string path to source with trailing slash + * @param string path to destination - include the base folder with trailing slash + * @return bool + */ + function mirror($locpath, $rempath) + { + if ( ! $this->_is_conn()) + { + return FALSE; + } + + // Open the local file path + if ($fp = @opendir($locpath)) + { + // Attempt to open the remote file path. + if ( ! $this->changedir($rempath, TRUE)) + { + // If it doesn't exist we'll attempt to create the direcotory + if ( ! $this->mkdir($rempath) OR ! $this->changedir($rempath)) + { + return FALSE; + } + } + + // Recursively read the local directory + while (FALSE !== ($file = readdir($fp))) + { + if (@is_dir($locpath.$file) && substr($file, 0, 1) != '.') + { + $this->mirror($locpath.$file."/", $rempath.$file."/"); + } + elseif (substr($file, 0, 1) != ".") + { + // Get the file extension so we can se the upload type + $ext = $this->_getext($file); + $mode = $this->_settype($ext); + + $this->upload($locpath.$file, $rempath.$file, $mode); + } + } + return TRUE; + } + + return FALSE; + } + + + // -------------------------------------------------------------------- + + /** + * Extract the file extension + * + * @access private + * @param string + * @return string + */ + function _getext($filename) + { + if (FALSE === strpos($filename, '.')) + { + return 'txt'; + } + + $x = explode('.', $filename); + return end($x); + } + + + // -------------------------------------------------------------------- + + /** + * Set the upload type + * + * @access private + * @param string + * @return string + */ + function _settype($ext) + { + $text_types = array( + 'txt', + 'text', + 'php', + 'phps', + 'php4', + 'js', + 'css', + 'htm', + 'html', + 'phtml', + 'shtml', + 'log', + 'xml' + ); + + + return (in_array($ext, $text_types)) ? 'ascii' : 'binary'; + } + + // ------------------------------------------------------------------------ + + /** + * Close the connection + * + * @access public + * @param string path to source + * @param string path to destination + * @return bool + */ + function close() + { + if ( ! $this->_is_conn()) + { + return FALSE; + } + + @ftp_close($this->conn_id); + } + + // ------------------------------------------------------------------------ + + /** + * Display error message + * + * @access private + * @param string + * @return bool + */ + function _error($line) + { + $CI =& get_instance(); + $CI->lang->load('ftp'); + show_error($CI->lang->line($line)); + } + + +} +// END FTP Class + +/* End of file Ftp.php */ +/* Location: ./system/libraries/Ftp.php */
\ No newline at end of file diff --git a/system/libraries/Hooks.php b/system/libraries/Hooks.php new file mode 100644 index 000000000..0b5d46809 --- /dev/null +++ b/system/libraries/Hooks.php @@ -0,0 +1,226 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * CodeIgniter Hooks Class + * + * Provides a mechanism to extend the base system without hacking. Most of + * this class is borrowed from Paul's Extension class in ExpressionEngine. + * + * @package CodeIgniter + * @subpackage Libraries + * @category Libraries + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/encryption.html + */ +class CI_Hooks { + + var $enabled = FALSE; + var $hooks = array(); + var $in_progress = FALSE; + + /** + * Constructor + * + */ + function CI_Hooks() + { + $this->_initialize(); + log_message('debug', "Hooks Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Initialize the Hooks Preferences + * + * @access private + * @return void + */ + function _initialize() + { + $CFG =& load_class('Config'); + + // If hooks are not enabled in the config file + // there is nothing else to do + + if ($CFG->item('enable_hooks') == FALSE) + { + return; + } + + // Grab the "hooks" definition file. + // If there are no hooks, we're done. + + @include(APPPATH.'config/hooks'.EXT); + + if ( ! isset($hook) OR ! is_array($hook)) + { + return; + } + + $this->hooks =& $hook; + $this->enabled = TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Call Hook + * + * Calls a particular hook + * + * @access private + * @param string the hook name + * @return mixed + */ + function _call_hook($which = '') + { + if ( ! $this->enabled OR ! isset($this->hooks[$which])) + { + return FALSE; + } + + if (isset($this->hooks[$which][0]) AND is_array($this->hooks[$which][0])) + { + foreach ($this->hooks[$which] as $val) + { + $this->_run_hook($val); + } + } + else + { + $this->_run_hook($this->hooks[$which]); + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Run Hook + * + * Runs a particular hook + * + * @access private + * @param array the hook details + * @return bool + */ + function _run_hook($data) + { + if ( ! is_array($data)) + { + return FALSE; + } + + // ----------------------------------- + // Safety - Prevents run-away loops + // ----------------------------------- + + // If the script being called happens to have the same + // hook call within it a loop can happen + + if ($this->in_progress == TRUE) + { + return; + } + + // ----------------------------------- + // Set file path + // ----------------------------------- + + if ( ! isset($data['filepath']) OR ! isset($data['filename'])) + { + return FALSE; + } + + $filepath = APPPATH.$data['filepath'].'/'.$data['filename']; + + if ( ! file_exists($filepath)) + { + return FALSE; + } + + // ----------------------------------- + // Set class/function name + // ----------------------------------- + + $class = FALSE; + $function = FALSE; + $params = ''; + + if (isset($data['class']) AND $data['class'] != '') + { + $class = $data['class']; + } + + if (isset($data['function'])) + { + $function = $data['function']; + } + + if (isset($data['params'])) + { + $params = $data['params']; + } + + if ($class === FALSE AND $function === FALSE) + { + return FALSE; + } + + // ----------------------------------- + // Set the in_progress flag + // ----------------------------------- + + $this->in_progress = TRUE; + + // ----------------------------------- + // Call the requested class and/or function + // ----------------------------------- + + if ($class !== FALSE) + { + if ( ! class_exists($class)) + { + require($filepath); + } + + $HOOK = new $class; + $HOOK->$function($params); + } + else + { + if ( ! function_exists($function)) + { + require($filepath); + } + + $function($params); + } + + $this->in_progress = FALSE; + return TRUE; + } + +} + +// END CI_Hooks class + +/* End of file Hooks.php */ +/* Location: ./system/libraries/Hooks.php */
\ No newline at end of file diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php new file mode 100644 index 000000000..169c6e489 --- /dev/null +++ b/system/libraries/Image_lib.php @@ -0,0 +1,1544 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Image Manipulation class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Image_lib + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/image_lib.html + */ +class CI_Image_lib { + + var $image_library = 'gd2'; // Can be: imagemagick, netpbm, gd, gd2 + var $library_path = ''; + var $dynamic_output = FALSE; // Whether to send to browser or write to disk + var $source_image = ''; + var $new_image = ''; + var $width = ''; + var $height = ''; + var $quality = '90'; + var $create_thumb = FALSE; + var $thumb_marker = '_thumb'; + var $maintain_ratio = TRUE; // Whether to maintain aspect ratio when resizing or use hard values + var $master_dim = 'auto'; // auto, height, or width. Determines what to use as the master dimension + var $rotation_angle = ''; + var $x_axis = ''; + var $y_axis = ''; + + // Watermark Vars + var $wm_text = ''; // Watermark text if graphic is not used + var $wm_type = 'text'; // Type of watermarking. Options: text/overlay + var $wm_x_transp = 4; + var $wm_y_transp = 4; + var $wm_overlay_path = ''; // Watermark image path + var $wm_font_path = ''; // TT font + var $wm_font_size = 17; // Font size (different versions of GD will either use points or pixels) + var $wm_vrt_alignment = 'B'; // Vertical alignment: T M B + var $wm_hor_alignment = 'C'; // Horizontal alignment: L R C + var $wm_padding = 0; // Padding around text + var $wm_hor_offset = 0; // Lets you push text to the right + var $wm_vrt_offset = 0; // Lets you push text down + var $wm_font_color = '#ffffff'; // Text color + var $wm_shadow_color = ''; // Dropshadow color + var $wm_shadow_distance = 2; // Dropshadow distance + var $wm_opacity = 50; // Image opacity: 1 - 100 Only works with image + + // Private Vars + var $source_folder = ''; + var $dest_folder = ''; + var $mime_type = ''; + var $orig_width = ''; + var $orig_height = ''; + var $image_type = ''; + var $size_str = ''; + var $full_src_path = ''; + var $full_dst_path = ''; + var $create_fnc = 'imagecreatetruecolor'; + var $copy_fnc = 'imagecopyresampled'; + var $error_msg = array(); + var $wm_use_drop_shadow = FALSE; + var $wm_use_truetype = FALSE; + + /** + * Constructor + * + * @access public + * @param string + * @return void + */ + function CI_Image_lib($props = array()) + { + if (count($props) > 0) + { + $this->initialize($props); + } + + log_message('debug', "Image Lib Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Initialize image properties + * + * Resets values in case this class is used in a loop + * + * @access public + * @return void + */ + function clear() + { + $props = array('source_folder', 'dest_folder', 'source_image', 'full_src_path', 'full_dst_path', 'new_image', 'image_type', 'size_str', 'quality', 'orig_width', 'orig_height', 'rotation_angle', 'x_axis', 'y_axis', 'create_fnc', 'copy_fnc', 'wm_overlay_path', 'wm_use_truetype', 'dynamic_output', 'wm_font_size', 'wm_text', 'wm_vrt_alignment', 'wm_hor_alignment', 'wm_padding', 'wm_hor_offset', 'wm_vrt_offset', 'wm_font_color', 'wm_use_drop_shadow', 'wm_shadow_color', 'wm_shadow_distance', 'wm_opacity'); + + foreach ($props as $val) + { + $this->$val = ''; + } + + // special consideration for master_dim + $this->master_dim = 'auto'; + } + + // -------------------------------------------------------------------- + + /** + * initialize image preferences + * + * @access public + * @param array + * @return bool + */ + function initialize($props = array()) + { + /* + * Convert array elements into class variables + */ + if (count($props) > 0) + { + foreach ($props as $key => $val) + { + $this->$key = $val; + } + } + + /* + * Is there a source image? + * + * If not, there's no reason to continue + * + */ + if ($this->source_image == '') + { + $this->set_error('imglib_source_image_required'); + return FALSE; + } + + /* + * Is getimagesize() Available? + * + * We use it to determine the image properties (width/height). + * Note: We need to figure out how to determine image + * properties using ImageMagick and NetPBM + * + */ + if ( ! function_exists('getimagesize')) + { + $this->set_error('imglib_gd_required_for_props'); + return FALSE; + } + + $this->image_library = strtolower($this->image_library); + + /* + * Set the full server path + * + * The source image may or may not contain a path. + * Either way, we'll try use realpath to generate the + * full server path in order to more reliably read it. + * + */ + if (function_exists('realpath') AND @realpath($this->source_image) !== FALSE) + { + $full_source_path = str_replace("\\", "/", realpath($this->source_image)); + } + else + { + $full_source_path = $this->source_image; + } + + $x = explode('/', $full_source_path); + $this->source_image = end($x); + $this->source_folder = str_replace($this->source_image, '', $full_source_path); + + // Set the Image Properties + if ( ! $this->get_image_properties($this->source_folder.$this->source_image)) + { + return FALSE; + } + + /* + * Assign the "new" image name/path + * + * If the user has set a "new_image" name it means + * we are making a copy of the source image. If not + * it means we are altering the original. We'll + * set the destination filename and path accordingly. + * + */ + if ($this->new_image == '') + { + $this->dest_image = $this->source_image; + $this->dest_folder = $this->source_folder; + } + else + { + if (strpos($this->new_image, '/') === FALSE) + { + $this->dest_folder = $this->source_folder; + $this->dest_image = $this->new_image; + } + else + { + if (function_exists('realpath') AND @realpath($this->new_image) !== FALSE) + { + $full_dest_path = str_replace("\\", "/", realpath($this->new_image)); + } + else + { + $full_dest_path = $this->new_image; + } + + // Is there a file name? + if ( ! preg_match("#\.(jpg|jpeg|gif|png)$#i", $full_dest_path)) + { + $this->dest_folder = $full_dest_path.'/'; + $this->dest_image = $this->source_image; + } + else + { + $x = explode('/', $full_dest_path); + $this->dest_image = end($x); + $this->dest_folder = str_replace($this->dest_image, '', $full_dest_path); + } + } + } + + /* + * Compile the finalized filenames/paths + * + * We'll create two master strings containing the + * full server path to the source image and the + * full server path to the destination image. + * We'll also split the destination image name + * so we can insert the thumbnail marker if needed. + * + */ + if ($this->create_thumb === FALSE OR $this->thumb_marker == '') + { + $this->thumb_marker = ''; + } + + $xp = $this->explode_name($this->dest_image); + + $filename = $xp['name']; + $file_ext = $xp['ext']; + + $this->full_src_path = $this->source_folder.$this->source_image; + $this->full_dst_path = $this->dest_folder.$filename.$this->thumb_marker.$file_ext; + + /* + * Should we maintain image proportions? + * + * When creating thumbs or copies, the target width/height + * might not be in correct proportion with the source + * image's width/height. We'll recalculate it here. + * + */ + if ($this->maintain_ratio === TRUE && ($this->width != '' AND $this->height != '')) + { + $this->image_reproportion(); + } + + /* + * Was a width and height specified? + * + * If the destination width/height was + * not submitted we will use the values + * from the actual file + * + */ + if ($this->width == '') + $this->width = $this->orig_width; + + if ($this->height == '') + $this->height = $this->orig_height; + + // Set the quality + $this->quality = trim(str_replace("%", "", $this->quality)); + + if ($this->quality == '' OR $this->quality == 0 OR ! is_numeric($this->quality)) + $this->quality = 90; + + // Set the x/y coordinates + $this->x_axis = ($this->x_axis == '' OR ! is_numeric($this->x_axis)) ? 0 : $this->x_axis; + $this->y_axis = ($this->y_axis == '' OR ! is_numeric($this->y_axis)) ? 0 : $this->y_axis; + + // Watermark-related Stuff... + if ($this->wm_font_color != '') + { + if (strlen($this->wm_font_color) == 6) + { + $this->wm_font_color = '#'.$this->wm_font_color; + } + } + + if ($this->wm_shadow_color != '') + { + if (strlen($this->wm_shadow_color) == 6) + { + $this->wm_shadow_color = '#'.$this->wm_shadow_color; + } + } + + if ($this->wm_overlay_path != '') + { + $this->wm_overlay_path = str_replace("\\", "/", realpath($this->wm_overlay_path)); + } + + if ($this->wm_shadow_color != '') + { + $this->wm_use_drop_shadow = TRUE; + } + + if ($this->wm_font_path != '') + { + $this->wm_use_truetype = TRUE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Image Resize + * + * This is a wrapper function that chooses the proper + * resize function based on the protocol specified + * + * @access public + * @return bool + */ + function resize() + { + $protocol = 'image_process_'.$this->image_library; + + if (preg_match('/gd2$/i', $protocol)) + { + $protocol = 'image_process_gd'; + } + + return $this->$protocol('resize'); + } + + // -------------------------------------------------------------------- + + /** + * Image Crop + * + * This is a wrapper function that chooses the proper + * cropping function based on the protocol specified + * + * @access public + * @return bool + */ + function crop() + { + $protocol = 'image_process_'.$this->image_library; + + if (preg_match('/gd2$/i', $protocol)) + { + $protocol = 'image_process_gd'; + } + + return $this->$protocol('crop'); + } + + // -------------------------------------------------------------------- + + /** + * Image Rotate + * + * This is a wrapper function that chooses the proper + * rotation function based on the protocol specified + * + * @access public + * @return bool + */ + function rotate() + { + // Allowed rotation values + $degs = array(90, 180, 270, 'vrt', 'hor'); + + if ($this->rotation_angle == '' OR ! in_array($this->rotation_angle, $degs)) + { + $this->set_error('imglib_rotation_angle_required'); + return FALSE; + } + + // Reassign the width and height + if ($this->rotation_angle == 90 OR $this->rotation_angle == 270) + { + $this->width = $this->orig_height; + $this->height = $this->orig_width; + } + else + { + $this->width = $this->orig_width; + $this->height = $this->orig_height; + } + + + // Choose resizing function + if ($this->image_library == 'imagemagick' OR $this->image_library == 'netpbm') + { + $protocol = 'image_process_'.$this->image_library; + + return $this->$protocol('rotate'); + } + + if ($this->rotation_angle == 'hor' OR $this->rotation_angle == 'vrt') + { + return $this->image_mirror_gd(); + } + else + { + return $this->image_rotate_gd(); + } + } + + // -------------------------------------------------------------------- + + /** + * Image Process Using GD/GD2 + * + * This function will resize or crop + * + * @access public + * @param string + * @return bool + */ + function image_process_gd($action = 'resize') + { + $v2_override = FALSE; + + // If the target width/height match the source, AND if the new file name is not equal to the old file name + // we'll simply make a copy of the original with the new name... assuming dynamic rendering is off. + if ($this->dynamic_output === FALSE) + { + if ($this->orig_width == $this->width AND $this->orig_height == $this->height) + { + if ($this->source_image != $this->new_image) + { + if (@copy($this->full_src_path, $this->full_dst_path)) + { + @chmod($this->full_dst_path, DIR_WRITE_MODE); + } + } + + return TRUE; + } + } + + // Let's set up our values based on the action + if ($action == 'crop') + { + // Reassign the source width/height if cropping + $this->orig_width = $this->width; + $this->orig_height = $this->height; + + // GD 2.0 has a cropping bug so we'll test for it + if ($this->gd_version() !== FALSE) + { + $gd_version = str_replace('0', '', $this->gd_version()); + $v2_override = ($gd_version == 2) ? TRUE : FALSE; + } + } + else + { + // If resizing the x/y axis must be zero + $this->x_axis = 0; + $this->y_axis = 0; + } + + // Create the image handle + if ( ! ($src_img = $this->image_create_gd())) + { + return FALSE; + } + + // Create The Image + // + // old conditional which users report cause problems with shared GD libs who report themselves as "2.0 or greater" + // it appears that this is no longer the issue that it was in 2004, so we've removed it, retaining it in the comment + // below should that ever prove inaccurate. + // + // if ($this->image_library == 'gd2' AND function_exists('imagecreatetruecolor') AND $v2_override == FALSE) + if ($this->image_library == 'gd2' AND function_exists('imagecreatetruecolor')) + { + $create = 'imagecreatetruecolor'; + $copy = 'imagecopyresampled'; + } + else + { + $create = 'imagecreate'; + $copy = 'imagecopyresized'; + } + + $dst_img = $create($this->width, $this->height); + $copy($dst_img, $src_img, 0, 0, $this->x_axis, $this->y_axis, $this->width, $this->height, $this->orig_width, $this->orig_height); + + // Show the image + if ($this->dynamic_output == TRUE) + { + $this->image_display_gd($dst_img); + } + else + { + // Or save it + if ( ! $this->image_save_gd($dst_img)) + { + return FALSE; + } + } + + // Kill the file handles + imagedestroy($dst_img); + imagedestroy($src_img); + + // Set the file to 777 + @chmod($this->full_dst_path, DIR_WRITE_MODE); + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Image Process Using ImageMagick + * + * This function will resize, crop or rotate + * + * @access public + * @param string + * @return bool + */ + function image_process_imagemagick($action = 'resize') + { + // Do we have a vaild library path? + if ($this->library_path == '') + { + $this->set_error('imglib_libpath_invalid'); + return FALSE; + } + + if ( ! preg_match("/convert$/i", $this->library_path)) + { + $this->library_path = rtrim($this->library_path, '/').'/'; + + $this->library_path .= 'convert'; + } + + // Execute the command + $cmd = $this->library_path." -quality ".$this->quality; + + if ($action == 'crop') + { + $cmd .= " -crop ".$this->width."x".$this->height."+".$this->x_axis."+".$this->y_axis." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; + } + elseif ($action == 'rotate') + { + switch ($this->rotation_angle) + { + case 'hor' : $angle = '-flop'; + break; + case 'vrt' : $angle = '-flip'; + break; + default : $angle = '-rotate '.$this->rotation_angle; + break; + } + + $cmd .= " ".$angle." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; + } + else // Resize + { + $cmd .= " -resize ".$this->width."x".$this->height." \"$this->full_src_path\" \"$this->full_dst_path\" 2>&1"; + } + + $retval = 1; + + @exec($cmd, $output, $retval); + + // Did it work? + if ($retval > 0) + { + $this->set_error('imglib_image_process_failed'); + return FALSE; + } + + // Set the file to 777 + @chmod($this->full_dst_path, DIR_WRITE_MODE); + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Image Process Using NetPBM + * + * This function will resize, crop or rotate + * + * @access public + * @param string + * @return bool + */ + function image_process_netpbm($action = 'resize') + { + if ($this->library_path == '') + { + $this->set_error('imglib_libpath_invalid'); + return FALSE; + } + + // Build the resizing command + switch ($this->image_type) + { + case 1 : + $cmd_in = 'giftopnm'; + $cmd_out = 'ppmtogif'; + break; + case 2 : + $cmd_in = 'jpegtopnm'; + $cmd_out = 'ppmtojpeg'; + break; + case 3 : + $cmd_in = 'pngtopnm'; + $cmd_out = 'ppmtopng'; + break; + } + + if ($action == 'crop') + { + $cmd_inner = 'pnmcut -left '.$this->x_axis.' -top '.$this->y_axis.' -width '.$this->width.' -height '.$this->height; + } + elseif ($action == 'rotate') + { + switch ($this->rotation_angle) + { + case 90 : $angle = 'r270'; + break; + case 180 : $angle = 'r180'; + break; + case 270 : $angle = 'r90'; + break; + case 'vrt' : $angle = 'tb'; + break; + case 'hor' : $angle = 'lr'; + break; + } + + $cmd_inner = 'pnmflip -'.$angle.' '; + } + else // Resize + { + $cmd_inner = 'pnmscale -xysize '.$this->width.' '.$this->height; + } + + $cmd = $this->library_path.$cmd_in.' '.$this->full_src_path.' | '.$cmd_inner.' | '.$cmd_out.' > '.$this->dest_folder.'netpbm.tmp'; + + $retval = 1; + + @exec($cmd, $output, $retval); + + // Did it work? + if ($retval > 0) + { + $this->set_error('imglib_image_process_failed'); + return FALSE; + } + + // With NetPBM we have to create a temporary image. + // If you try manipulating the original it fails so + // we have to rename the temp file. + copy ($this->dest_folder.'netpbm.tmp', $this->full_dst_path); + unlink ($this->dest_folder.'netpbm.tmp'); + @chmod($this->full_dst_path, DIR_WRITE_MODE); + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Image Rotate Using GD + * + * @access public + * @return bool + */ + function image_rotate_gd() + { + // Is Image Rotation Supported? + // this function is only supported as of PHP 4.3 + if ( ! function_exists('imagerotate')) + { + $this->set_error('imglib_rotate_unsupported'); + return FALSE; + } + + // Create the image handle + if ( ! ($src_img = $this->image_create_gd())) + { + return FALSE; + } + + // Set the background color + // This won't work with transparent PNG files so we are + // going to have to figure out how to determine the color + // of the alpha channel in a future release. + + $white = imagecolorallocate($src_img, 255, 255, 255); + + // Rotate it! + $dst_img = imagerotate($src_img, $this->rotation_angle, $white); + + // Save the Image + if ($this->dynamic_output == TRUE) + { + $this->image_display_gd($dst_img); + } + else + { + // Or save it + if ( ! $this->image_save_gd($dst_img)) + { + return FALSE; + } + } + + // Kill the file handles + imagedestroy($dst_img); + imagedestroy($src_img); + + // Set the file to 777 + + @chmod($this->full_dst_path, DIR_WRITE_MODE); + + return true; + } + + // -------------------------------------------------------------------- + + /** + * Create Mirror Image using GD + * + * This function will flip horizontal or vertical + * + * @access public + * @return bool + */ + function image_mirror_gd() + { + if ( ! $src_img = $this->image_create_gd()) + { + return FALSE; + } + + $width = $this->orig_width; + $height = $this->orig_height; + + if ($this->rotation_angle == 'hor') + { + for ($i = 0; $i < $height; $i++) + { + $left = 0; + $right = $width-1; + + while ($left < $right) + { + $cl = imagecolorat($src_img, $left, $i); + $cr = imagecolorat($src_img, $right, $i); + + imagesetpixel($src_img, $left, $i, $cr); + imagesetpixel($src_img, $right, $i, $cl); + + $left++; + $right--; + } + } + } + else + { + for ($i = 0; $i < $width; $i++) + { + $top = 0; + $bot = $height-1; + + while ($top < $bot) + { + $ct = imagecolorat($src_img, $i, $top); + $cb = imagecolorat($src_img, $i, $bot); + + imagesetpixel($src_img, $i, $top, $cb); + imagesetpixel($src_img, $i, $bot, $ct); + + $top++; + $bot--; + } + } + } + + // Show the image + if ($this->dynamic_output == TRUE) + { + $this->image_display_gd($src_img); + } + else + { + // Or save it + if ( ! $this->image_save_gd($src_img)) + { + return FALSE; + } + } + + // Kill the file handles + imagedestroy($src_img); + + // Set the file to 777 + @chmod($this->full_dst_path, DIR_WRITE_MODE); + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Image Watermark + * + * This is a wrapper function that chooses the type + * of watermarking based on the specified preference. + * + * @access public + * @param string + * @return bool + */ + function watermark() + { + if ($this->wm_type == 'overlay') + { + return $this->overlay_watermark(); + } + else + { + return $this->text_watermark(); + } + } + + // -------------------------------------------------------------------- + + /** + * Watermark - Graphic Version + * + * @access public + * @return bool + */ + function overlay_watermark() + { + if ( ! function_exists('imagecolortransparent')) + { + $this->set_error('imglib_gd_required'); + return FALSE; + } + + // Fetch source image properties + $this->get_image_properties(); + + // Fetch watermark image properties + $props = $this->get_image_properties($this->wm_overlay_path, TRUE); + $wm_img_type = $props['image_type']; + $wm_width = $props['width']; + $wm_height = $props['height']; + + // Create two image resources + $wm_img = $this->image_create_gd($this->wm_overlay_path, $wm_img_type); + $src_img = $this->image_create_gd($this->full_src_path); + + // Reverse the offset if necessary + // When the image is positioned at the bottom + // we don't want the vertical offset to push it + // further down. We want the reverse, so we'll + // invert the offset. Same with the horizontal + // offset when the image is at the right + + $this->wm_vrt_alignment = strtoupper(substr($this->wm_vrt_alignment, 0, 1)); + $this->wm_hor_alignment = strtoupper(substr($this->wm_hor_alignment, 0, 1)); + + if ($this->wm_vrt_alignment == 'B') + $this->wm_vrt_offset = $this->wm_vrt_offset * -1; + + if ($this->wm_hor_alignment == 'R') + $this->wm_hor_offset = $this->wm_hor_offset * -1; + + // Set the base x and y axis values + $x_axis = $this->wm_hor_offset + $this->wm_padding; + $y_axis = $this->wm_vrt_offset + $this->wm_padding; + + // Set the vertical position + switch ($this->wm_vrt_alignment) + { + case 'T': + break; + case 'M': $y_axis += ($this->orig_height / 2) - ($wm_height / 2); + break; + case 'B': $y_axis += $this->orig_height - $wm_height; + break; + } + + // Set the horizontal position + switch ($this->wm_hor_alignment) + { + case 'L': + break; + case 'C': $x_axis += ($this->orig_width / 2) - ($wm_width / 2); + break; + case 'R': $x_axis += $this->orig_width - $wm_width; + break; + } + + // Build the finalized image + if ($wm_img_type == 3 AND function_exists('imagealphablending')) + { + @imagealphablending($src_img, TRUE); + } + + // Set RGB values for text and shadow + $rgba = imagecolorat($wm_img, $this->wm_x_transp, $this->wm_y_transp); + $alpha = ($rgba & 0x7F000000) >> 24; + + // make a best guess as to whether we're dealing with an image with alpha transparency or no/binary transparency + if ($alpha > 0) + { + // copy the image directly, the image's alpha transparency being the sole determinant of blending + imagecopy($src_img, $wm_img, $x_axis, $y_axis, 0, 0, $wm_width, $wm_height); + } + else + { + // set our RGB value from above to be transparent and merge the images with the specified opacity + imagecolortransparent($wm_img, imagecolorat($wm_img, $this->wm_x_transp, $this->wm_y_transp)); + imagecopymerge($src_img, $wm_img, $x_axis, $y_axis, 0, 0, $wm_width, $wm_height, $this->wm_opacity); + } + + // Output the image + if ($this->dynamic_output == TRUE) + { + $this->image_display_gd($src_img); + } + else + { + if ( ! $this->image_save_gd($src_img)) + { + return FALSE; + } + } + + imagedestroy($src_img); + imagedestroy($wm_img); + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Watermark - Text Version + * + * @access public + * @return bool + */ + function text_watermark() + { + if ( ! ($src_img = $this->image_create_gd())) + { + return FALSE; + } + + if ($this->wm_use_truetype == TRUE AND ! file_exists($this->wm_font_path)) + { + $this->set_error('imglib_missing_font'); + return FALSE; + } + + // Fetch source image properties + $this->get_image_properties(); + + // Set RGB values for text and shadow + $this->wm_font_color = str_replace('#', '', $this->wm_font_color); + $this->wm_shadow_color = str_replace('#', '', $this->wm_shadow_color); + + $R1 = hexdec(substr($this->wm_font_color, 0, 2)); + $G1 = hexdec(substr($this->wm_font_color, 2, 2)); + $B1 = hexdec(substr($this->wm_font_color, 4, 2)); + + $R2 = hexdec(substr($this->wm_shadow_color, 0, 2)); + $G2 = hexdec(substr($this->wm_shadow_color, 2, 2)); + $B2 = hexdec(substr($this->wm_shadow_color, 4, 2)); + + $txt_color = imagecolorclosest($src_img, $R1, $G1, $B1); + $drp_color = imagecolorclosest($src_img, $R2, $G2, $B2); + + // Reverse the vertical offset + // When the image is positioned at the bottom + // we don't want the vertical offset to push it + // further down. We want the reverse, so we'll + // invert the offset. Note: The horizontal + // offset flips itself automatically + + if ($this->wm_vrt_alignment == 'B') + $this->wm_vrt_offset = $this->wm_vrt_offset * -1; + + if ($this->wm_hor_alignment == 'R') + $this->wm_hor_offset = $this->wm_hor_offset * -1; + + // Set font width and height + // These are calculated differently depending on + // whether we are using the true type font or not + if ($this->wm_use_truetype == TRUE) + { + if ($this->wm_font_size == '') + $this->wm_font_size = '17'; + + $fontwidth = $this->wm_font_size-($this->wm_font_size/4); + $fontheight = $this->wm_font_size; + $this->wm_vrt_offset += $this->wm_font_size; + } + else + { + $fontwidth = imagefontwidth($this->wm_font_size); + $fontheight = imagefontheight($this->wm_font_size); + } + + // Set base X and Y axis values + $x_axis = $this->wm_hor_offset + $this->wm_padding; + $y_axis = $this->wm_vrt_offset + $this->wm_padding; + + // Set verticle alignment + if ($this->wm_use_drop_shadow == FALSE) + $this->wm_shadow_distance = 0; + + $this->wm_vrt_alignment = strtoupper(substr($this->wm_vrt_alignment, 0, 1)); + $this->wm_hor_alignment = strtoupper(substr($this->wm_hor_alignment, 0, 1)); + + switch ($this->wm_vrt_alignment) + { + case "T" : + break; + case "M": $y_axis += ($this->orig_height/2)+($fontheight/2); + break; + case "B": $y_axis += ($this->orig_height - $fontheight - $this->wm_shadow_distance - ($fontheight/2)); + break; + } + + $x_shad = $x_axis + $this->wm_shadow_distance; + $y_shad = $y_axis + $this->wm_shadow_distance; + + // Set horizontal alignment + switch ($this->wm_hor_alignment) + { + case "L": + break; + case "R": + if ($this->wm_use_drop_shadow) + $x_shad += ($this->orig_width - $fontwidth*strlen($this->wm_text)); + $x_axis += ($this->orig_width - $fontwidth*strlen($this->wm_text)); + break; + case "C": + if ($this->wm_use_drop_shadow) + $x_shad += floor(($this->orig_width - $fontwidth*strlen($this->wm_text))/2); + $x_axis += floor(($this->orig_width -$fontwidth*strlen($this->wm_text))/2); + break; + } + + // Add the text to the source image + if ($this->wm_use_truetype) + { + if ($this->wm_use_drop_shadow) + imagettftext($src_img, $this->wm_font_size, 0, $x_shad, $y_shad, $drp_color, $this->wm_font_path, $this->wm_text); + imagettftext($src_img, $this->wm_font_size, 0, $x_axis, $y_axis, $txt_color, $this->wm_font_path, $this->wm_text); + } + else + { + if ($this->wm_use_drop_shadow) + imagestring($src_img, $this->wm_font_size, $x_shad, $y_shad, $this->wm_text, $drp_color); + imagestring($src_img, $this->wm_font_size, $x_axis, $y_axis, $this->wm_text, $txt_color); + } + + // Output the final image + if ($this->dynamic_output == TRUE) + { + $this->image_display_gd($src_img); + } + else + { + $this->image_save_gd($src_img); + } + + imagedestroy($src_img); + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Create Image - GD + * + * This simply creates an image resource handle + * based on the type of image being processed + * + * @access public + * @param string + * @return resource + */ + function image_create_gd($path = '', $image_type = '') + { + if ($path == '') + $path = $this->full_src_path; + + if ($image_type == '') + $image_type = $this->image_type; + + + switch ($image_type) + { + case 1 : + if ( ! function_exists('imagecreatefromgif')) + { + $this->set_error(array('imglib_unsupported_imagecreate', 'imglib_gif_not_supported')); + return FALSE; + } + + return imagecreatefromgif($path); + break; + case 2 : + if ( ! function_exists('imagecreatefromjpeg')) + { + $this->set_error(array('imglib_unsupported_imagecreate', 'imglib_jpg_not_supported')); + return FALSE; + } + + return imagecreatefromjpeg($path); + break; + case 3 : + if ( ! function_exists('imagecreatefrompng')) + { + $this->set_error(array('imglib_unsupported_imagecreate', 'imglib_png_not_supported')); + return FALSE; + } + + return imagecreatefrompng($path); + break; + + } + + $this->set_error(array('imglib_unsupported_imagecreate')); + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Write image file to disk - GD + * + * Takes an image resource as input and writes the file + * to the specified destination + * + * @access public + * @param resource + * @return bool + */ + function image_save_gd($resource) + { + switch ($this->image_type) + { + case 1 : + if ( ! function_exists('imagegif')) + { + $this->set_error(array('imglib_unsupported_imagecreate', 'imglib_gif_not_supported')); + return FALSE; + } + + if ( ! @imagegif($resource, $this->full_dst_path)) + { + $this->set_error('imglib_save_failed'); + return FALSE; + } + break; + case 2 : + if ( ! function_exists('imagejpeg')) + { + $this->set_error(array('imglib_unsupported_imagecreate', 'imglib_jpg_not_supported')); + return FALSE; + } + + if (phpversion() == '4.4.1') + { + @touch($this->full_dst_path); // PHP 4.4.1 bug #35060 - workaround + } + + if ( ! @imagejpeg($resource, $this->full_dst_path, $this->quality)) + { + $this->set_error('imglib_save_failed'); + return FALSE; + } + break; + case 3 : + if ( ! function_exists('imagepng')) + { + $this->set_error(array('imglib_unsupported_imagecreate', 'imglib_png_not_supported')); + return FALSE; + } + + if ( ! @imagepng($resource, $this->full_dst_path)) + { + $this->set_error('imglib_save_failed'); + return FALSE; + } + break; + default : + $this->set_error(array('imglib_unsupported_imagecreate')); + return FALSE; + break; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Dynamically outputs an image + * + * @access public + * @param resource + * @return void + */ + function image_display_gd($resource) + { + header("Content-Disposition: filename={$this->source_image};"); + header("Content-Type: {$this->mime_type}"); + header('Content-Transfer-Encoding: binary'); + header('Last-Modified: '.gmdate('D, d M Y H:i:s', time()).' GMT'); + + switch ($this->image_type) + { + case 1 : imagegif($resource); + break; + case 2 : imagejpeg($resource, '', $this->quality); + break; + case 3 : imagepng($resource); + break; + default : echo 'Unable to display the image'; + break; + } + } + + // -------------------------------------------------------------------- + + /** + * Re-proportion Image Width/Height + * + * When creating thumbs, the desired width/height + * can end up warping the image due to an incorrect + * ratio between the full-sized image and the thumb. + * + * This function lets us re-proportion the width/height + * if users choose to maintain the aspect ratio when resizing. + * + * @access public + * @return void + */ + function image_reproportion() + { + if ( ! is_numeric($this->width) OR ! is_numeric($this->height) OR $this->width == 0 OR $this->height == 0) + return; + + if ( ! is_numeric($this->orig_width) OR ! is_numeric($this->orig_height) OR $this->orig_width == 0 OR $this->orig_height == 0) + return; + + $new_width = ceil($this->orig_width*$this->height/$this->orig_height); + $new_height = ceil($this->width*$this->orig_height/$this->orig_width); + + $ratio = (($this->orig_height/$this->orig_width) - ($this->height/$this->width)); + + if ($this->master_dim != 'width' AND $this->master_dim != 'height') + { + $this->master_dim = ($ratio < 0) ? 'width' : 'height'; + } + + if (($this->width != $new_width) AND ($this->height != $new_height)) + { + if ($this->master_dim == 'height') + { + $this->width = $new_width; + } + else + { + $this->height = $new_height; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Get image properties + * + * A helper function that gets info about the file + * + * @access public + * @param string + * @return mixed + */ + function get_image_properties($path = '', $return = FALSE) + { + // For now we require GD but we should + // find a way to determine this using IM or NetPBM + + if ($path == '') + $path = $this->full_src_path; + + if ( ! file_exists($path)) + { + $this->set_error('imglib_invalid_path'); + return FALSE; + } + + $vals = @getimagesize($path); + + $types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png'); + + $mime = (isset($types[$vals['2']])) ? 'image/'.$types[$vals['2']] : 'image/jpg'; + + if ($return == TRUE) + { + $v['width'] = $vals['0']; + $v['height'] = $vals['1']; + $v['image_type'] = $vals['2']; + $v['size_str'] = $vals['3']; + $v['mime_type'] = $mime; + + return $v; + } + + $this->orig_width = $vals['0']; + $this->orig_height = $vals['1']; + $this->image_type = $vals['2']; + $this->size_str = $vals['3']; + $this->mime_type = $mime; + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Size calculator + * + * This function takes a known width x height and + * recalculates it to a new size. Only one + * new variable needs to be known + * + * $props = array( + * 'width' => $width, + * 'height' => $height, + * 'new_width' => 40, + * 'new_height' => '' + * ); + * + * @access public + * @param array + * @return array + */ + function size_calculator($vals) + { + if ( ! is_array($vals)) + { + return; + } + + $allowed = array('new_width', 'new_height', 'width', 'height'); + + foreach ($allowed as $item) + { + if ( ! isset($vals[$item]) OR $vals[$item] == '') + $vals[$item] = 0; + } + + if ($vals['width'] == 0 OR $vals['height'] == 0) + { + return $vals; + } + + if ($vals['new_width'] == 0) + { + $vals['new_width'] = ceil($vals['width']*$vals['new_height']/$vals['height']); + } + elseif ($vals['new_height'] == 0) + { + $vals['new_height'] = ceil($vals['new_width']*$vals['height']/$vals['width']); + } + + return $vals; + } + + // -------------------------------------------------------------------- + + /** + * Explode source_image + * + * This is a helper function that extracts the extension + * from the source_image. This function lets us deal with + * source_images with multiple periods, like: my.cool.jpg + * It returns an associative array with two elements: + * $array['ext'] = '.jpg'; + * $array['name'] = 'my.cool'; + * + * @access public + * @param array + * @return array + */ + function explode_name($source_image) + { + $ext = strrchr($source_image, '.'); + $name = ($ext === FALSE) ? $source_image : substr($source_image, 0, -strlen($ext)); + + return array('ext' => $ext, 'name' => $name); + } + + // -------------------------------------------------------------------- + + /** + * Is GD Installed? + * + * @access public + * @return bool + */ + function gd_loaded() + { + if ( ! extension_loaded('gd')) + { + if ( ! dl('gd.so')) + { + return FALSE; + } + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Get GD version + * + * @access public + * @return mixed + */ + function gd_version() + { + if (function_exists('gd_info')) + { + $gd_version = @gd_info(); + $gd_version = preg_replace("/\D/", "", $gd_version['GD Version']); + + return $gd_version; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Set error message + * + * @access public + * @param string + * @return void + */ + function set_error($msg) + { + $CI =& get_instance(); + $CI->lang->load('imglib'); + + if (is_array($msg)) + { + foreach ($msg as $val) + { + + $msg = ($CI->lang->line($val) == FALSE) ? $val : $CI->lang->line($val); + $this->error_msg[] = $msg; + log_message('error', $msg); + } + } + else + { + $msg = ($CI->lang->line($msg) == FALSE) ? $msg : $CI->lang->line($msg); + $this->error_msg[] = $msg; + log_message('error', $msg); + } + } + + // -------------------------------------------------------------------- + + /** + * Show error messages + * + * @access public + * @param string + * @return string + */ + function display_errors($open = '<p>', $close = '</p>') + { + $str = ''; + foreach ($this->error_msg as $val) + { + $str .= $open.$val.$close; + } + + return $str; + } + +} +// END Image_lib Class + +/* End of file Image_lib.php */ +/* Location: ./system/libraries/Image_lib.php */
\ No newline at end of file diff --git a/system/libraries/Input.php b/system/libraries/Input.php new file mode 100644 index 000000000..e7bf72779 --- /dev/null +++ b/system/libraries/Input.php @@ -0,0 +1,1067 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Input Class + * + * Pre-processes global input data for security + * + * @package CodeIgniter + * @subpackage Libraries + * @category Input + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/input.html + */ +class CI_Input { + var $use_xss_clean = FALSE; + var $xss_hash = ''; + var $ip_address = FALSE; + var $user_agent = FALSE; + var $allow_get_array = FALSE; + + /* never allowed, string replacement */ + var $never_allowed_str = array( + 'document.cookie' => '[removed]', + 'document.write' => '[removed]', + '.parentNode' => '[removed]', + '.innerHTML' => '[removed]', + 'window.location' => '[removed]', + '-moz-binding' => '[removed]', + '<!--' => '<!--', + '-->' => '-->', + '<![CDATA[' => '<![CDATA[' + ); + /* never allowed, regex replacement */ + var $never_allowed_regex = array( + "javascript\s*:" => '[removed]', + "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE + "vbscript\s*:" => '[removed]', // IE, surprise! + "Redirect\s+302" => '[removed]' + ); + + /** + * Constructor + * + * Sets whether to globally enable the XSS processing + * and whether to allow the $_GET array + * + * @access public + */ + function CI_Input() + { + log_message('debug', "Input Class Initialized"); + + $CFG =& load_class('Config'); + $this->use_xss_clean = ($CFG->item('global_xss_filtering') === TRUE) ? TRUE : FALSE; + $this->allow_get_array = ($CFG->item('enable_query_strings') === TRUE) ? TRUE : FALSE; + $this->_sanitize_globals(); + } + + // -------------------------------------------------------------------- + + /** + * Sanitize Globals + * + * This function does the following: + * + * Unsets $_GET data (if query strings are not enabled) + * + * Unsets all globals if register_globals is enabled + * + * Standardizes newline characters to \n + * + * @access private + * @return void + */ + function _sanitize_globals() + { + // Would kind of be "wrong" to unset any of these GLOBALS + $protected = array('_SERVER', '_GET', '_POST', '_FILES', '_REQUEST', '_SESSION', '_ENV', 'GLOBALS', 'HTTP_RAW_POST_DATA', + 'system_folder', 'application_folder', 'BM', 'EXT', 'CFG', 'URI', 'RTR', 'OUT', 'IN'); + + // Unset globals for security. + // This is effectively the same as register_globals = off + foreach (array($_GET, $_POST, $_COOKIE, $_SERVER, $_FILES, $_ENV, (isset($_SESSION) && is_array($_SESSION)) ? $_SESSION : array()) as $global) + { + if ( ! is_array($global)) + { + if ( ! in_array($global, $protected)) + { + unset($GLOBALS[$global]); + } + } + else + { + foreach ($global as $key => $val) + { + if ( ! in_array($key, $protected)) + { + unset($GLOBALS[$key]); + } + + if (is_array($val)) + { + foreach($val as $k => $v) + { + if ( ! in_array($k, $protected)) + { + unset($GLOBALS[$k]); + } + } + } + } + } + } + + // Is $_GET data allowed? If not we'll set the $_GET to an empty array + if ($this->allow_get_array == FALSE) + { + $_GET = array(); + } + else + { + $_GET = $this->_clean_input_data($_GET); + } + + // Clean $_POST Data + $_POST = $this->_clean_input_data($_POST); + + // Clean $_COOKIE Data + // Also get rid of specially treated cookies that might be set by a server + // or silly application, that are of no use to a CI application anyway + // but that when present will trip our 'Disallowed Key Characters' alarm + // http://www.ietf.org/rfc/rfc2109.txt + // note that the key names below are single quoted strings, and are not PHP variables + unset($_COOKIE['$Version']); + unset($_COOKIE['$Path']); + unset($_COOKIE['$Domain']); + $_COOKIE = $this->_clean_input_data($_COOKIE); + + log_message('debug', "Global POST and COOKIE data sanitized"); + } + + // -------------------------------------------------------------------- + + /** + * Clean Input Data + * + * This is a helper function. It escapes data and + * standardizes newline characters to \n + * + * @access private + * @param string + * @return string + */ + function _clean_input_data($str) + { + if (is_array($str)) + { + $new_array = array(); + foreach ($str as $key => $val) + { + $new_array[$this->_clean_input_keys($key)] = $this->_clean_input_data($val); + } + return $new_array; + } + + // We strip slashes if magic quotes is on to keep things consistent + if (get_magic_quotes_gpc()) + { + $str = stripslashes($str); + } + + // Should we filter the input data? + if ($this->use_xss_clean === TRUE) + { + $str = $this->xss_clean($str); + } + + // Standardize newlines + if (strpos($str, "\r") !== FALSE) + { + $str = str_replace(array("\r\n", "\r"), "\n", $str); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Clean Keys + * + * This is a helper function. To prevent malicious users + * from trying to exploit keys we make sure that keys are + * only named with alpha-numeric text and a few other items. + * + * @access private + * @param string + * @return string + */ + function _clean_input_keys($str) + { + if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str)) + { + exit('Disallowed Key Characters.'); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Fetch from array + * + * This is a helper function to retrieve values from global arrays + * + * @access private + * @param array + * @param string + * @param bool + * @return string + */ + function _fetch_from_array(&$array, $index = '', $xss_clean = FALSE) + { + if ( ! isset($array[$index])) + { + return FALSE; + } + + if ($xss_clean === TRUE) + { + return $this->xss_clean($array[$index]); + } + + return $array[$index]; + } + + // -------------------------------------------------------------------- + + /** + * Fetch an item from the GET array + * + * @access public + * @param string + * @param bool + * @return string + */ + function get($index = '', $xss_clean = FALSE) + { + return $this->_fetch_from_array($_GET, $index, $xss_clean); + } + + // -------------------------------------------------------------------- + + /** + * Fetch an item from the POST array + * + * @access public + * @param string + * @param bool + * @return string + */ + function post($index = '', $xss_clean = FALSE) + { + return $this->_fetch_from_array($_POST, $index, $xss_clean); + } + + // -------------------------------------------------------------------- + + /** + * Fetch an item from either the GET array or the POST + * + * @access public + * @param string The index key + * @param bool XSS cleaning + * @return string + */ + function get_post($index = '', $xss_clean = FALSE) + { + if ( ! isset($_POST[$index]) ) + { + return $this->get($index, $xss_clean); + } + else + { + return $this->post($index, $xss_clean); + } + } + + // -------------------------------------------------------------------- + + /** + * Fetch an item from the COOKIE array + * + * @access public + * @param string + * @param bool + * @return string + */ + function cookie($index = '', $xss_clean = FALSE) + { + return $this->_fetch_from_array($_COOKIE, $index, $xss_clean); + } + + // -------------------------------------------------------------------- + + /** + * Fetch an item from the SERVER array + * + * @access public + * @param string + * @param bool + * @return string + */ + function server($index = '', $xss_clean = FALSE) + { + return $this->_fetch_from_array($_SERVER, $index, $xss_clean); + } + + // -------------------------------------------------------------------- + + /** + * Fetch the IP Address + * + * @access public + * @return string + */ + function ip_address() + { + if ($this->ip_address !== FALSE) + { + return $this->ip_address; + } + + if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR')) + { + $proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY); + $proxies = is_array($proxies) ? $proxies : array($proxies); + + $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; + } + elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP')) + { + $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; + } + elseif ($this->server('REMOTE_ADDR')) + { + $this->ip_address = $_SERVER['REMOTE_ADDR']; + } + elseif ($this->server('HTTP_CLIENT_IP')) + { + $this->ip_address = $_SERVER['HTTP_CLIENT_IP']; + } + elseif ($this->server('HTTP_X_FORWARDED_FOR')) + { + $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; + } + + if ($this->ip_address === FALSE) + { + $this->ip_address = '0.0.0.0'; + return $this->ip_address; + } + + if (strstr($this->ip_address, ',')) + { + $x = explode(',', $this->ip_address); + $this->ip_address = trim(end($x)); + } + + if ( ! $this->valid_ip($this->ip_address)) + { + $this->ip_address = '0.0.0.0'; + } + + return $this->ip_address; + } + + // -------------------------------------------------------------------- + + /** + * Validate IP Address + * + * Updated version suggested by Geert De Deckere + * + * @access public + * @param string + * @return string + */ + function valid_ip($ip) + { + $ip_segments = explode('.', $ip); + + // Always 4 segments needed + if (count($ip_segments) != 4) + { + return FALSE; + } + // IP can not start with 0 + if ($ip_segments[0][0] == '0') + { + return FALSE; + } + // Check each segment + foreach ($ip_segments as $segment) + { + // IP segments must be digits and can not be + // longer than 3 digits or greater then 255 + if ($segment == '' OR preg_match("/[^0-9]/", $segment) OR $segment > 255 OR strlen($segment) > 3) + { + return FALSE; + } + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * User Agent + * + * @access public + * @return string + */ + function user_agent() + { + if ($this->user_agent !== FALSE) + { + return $this->user_agent; + } + + $this->user_agent = ( ! isset($_SERVER['HTTP_USER_AGENT'])) ? FALSE : $_SERVER['HTTP_USER_AGENT']; + + return $this->user_agent; + } + + // -------------------------------------------------------------------- + + /** + * Filename Security + * + * @access public + * @param string + * @return string + */ + function filename_security($str) + { + $bad = array( + "../", + "./", + "<!--", + "-->", + "<", + ">", + "'", + '"', + '&', + '$', + '#', + '{', + '}', + '[', + ']', + '=', + ';', + '?', + "%20", + "%22", + "%3c", // < + "%253c", // < + "%3e", // > + "%0e", // > + "%28", // ( + "%29", // ) + "%2528", // ( + "%26", // & + "%24", // $ + "%3f", // ? + "%3b", // ; + "%3d" // = + ); + + return stripslashes(str_replace($bad, '', $str)); + } + + // -------------------------------------------------------------------- + + /** + * XSS Clean + * + * Sanitizes data so that Cross Site Scripting Hacks can be + * prevented. This function does a fair amount of work but + * it is extremely thorough, designed to prevent even the + * most obscure XSS attempts. Nothing is ever 100% foolproof, + * of course, but I haven't been able to get anything passed + * the filter. + * + * Note: This function should only be used to deal with data + * upon submission. It's not something that should + * be used for general runtime processing. + * + * This function was based in part on some code and ideas I + * got from Bitflux: http://blog.bitflux.ch/wiki/XSS_Prevention + * + * To help develop this script I used this great list of + * vulnerabilities along with a few other hacks I've + * harvested from examining vulnerabilities in other programs: + * http://ha.ckers.org/xss.html + * + * @access public + * @param string + * @return string + */ + function xss_clean($str, $is_image = FALSE) + { + /* + * Is the string an array? + * + */ + if (is_array($str)) + { + while (list($key) = each($str)) + { + $str[$key] = $this->xss_clean($str[$key]); + } + + return $str; + } + + /* + * Remove Invisible Characters + */ + $str = $this->_remove_invisible_characters($str); + + /* + * Protect GET variables in URLs + */ + + // 901119URL5918AMP18930PROTECT8198 + + $str = preg_replace('|\&([a-z\_0-9]+)\=([a-z\_0-9]+)|i', $this->xss_hash()."\\1=\\2", $str); + + /* + * Validate standard character entities + * + * Add a semicolon if missing. We do this to enable + * the conversion of entities to ASCII later. + * + */ + $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str); + + /* + * Validate UTF16 two byte encoding (x00) + * + * Just as above, adds a semicolon if missing. + * + */ + $str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str); + + /* + * Un-Protect GET variables in URLs + */ + $str = str_replace($this->xss_hash(), '&', $str); + + /* + * URL Decode + * + * Just in case stuff like this is submitted: + * + * <a href="http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D">Google</a> + * + * Note: Use rawurldecode() so it does not remove plus signs + * + */ + $str = rawurldecode($str); + + /* + * Convert character entities to ASCII + * + * This permits our tests below to work reliably. + * We only convert entities that are within tags since + * these are the ones that will pose security problems. + * + */ + + $str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str); + + $str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_html_entity_decode_callback'), $str); + + /* + * Remove Invisible Characters Again! + */ + $str = $this->_remove_invisible_characters($str); + + /* + * Convert all tabs to spaces + * + * This prevents strings like this: ja vascript + * NOTE: we deal with spaces between characters later. + * NOTE: preg_replace was found to be amazingly slow here on large blocks of data, + * so we use str_replace. + * + */ + + if (strpos($str, "\t") !== FALSE) + { + $str = str_replace("\t", ' ', $str); + } + + /* + * Capture converted string for later comparison + */ + $converted_string = $str; + + /* + * Not Allowed Under Any Conditions + */ + + foreach ($this->never_allowed_str as $key => $val) + { + $str = str_replace($key, $val, $str); + } + + foreach ($this->never_allowed_regex as $key => $val) + { + $str = preg_replace("#".$key."#i", $val, $str); + } + + /* + * Makes PHP tags safe + * + * Note: XML tags are inadvertently replaced too: + * + * <?xml + * + * But it doesn't seem to pose a problem. + * + */ + if ($is_image === TRUE) + { + // Images have a tendency to have the PHP short opening and closing tags every so often + // so we skip those and only do the long opening tags. + $str = preg_replace('/<\?(php)/i', "<?\\1", $str); + } + else + { + $str = str_replace(array('<?', '?'.'>'), array('<?', '?>'), $str); + } + + /* + * Compact any exploded words + * + * This corrects words like: j a v a s c r i p t + * These words are compacted back to their correct state. + * + */ + $words = array('javascript', 'expression', 'vbscript', 'script', 'applet', 'alert', 'document', 'write', 'cookie', 'window'); + foreach ($words as $word) + { + $temp = ''; + + for ($i = 0, $wordlen = strlen($word); $i < $wordlen; $i++) + { + $temp .= substr($word, $i, 1)."\s*"; + } + + // We only want to do this when it is followed by a non-word character + // That way valid stuff like "dealer to" does not become "dealerto" + $str = preg_replace_callback('#('.substr($temp, 0, -3).')(\W)#is', array($this, '_compact_exploded_words'), $str); + } + + /* + * Remove disallowed Javascript in links or img tags + * We used to do some version comparisons and use of stripos for PHP5, but it is dog slow compared + * to these simplified non-capturing preg_match(), especially if the pattern exists in the string + */ + do + { + $original = $str; + + if (preg_match("/<a/i", $str)) + { + $str = preg_replace_callback("#<a\s+([^>]*?)(>|$)#si", array($this, '_js_link_removal'), $str); + } + + if (preg_match("/<img/i", $str)) + { + $str = preg_replace_callback("#<img\s+([^>]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str); + } + + if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str)) + { + $str = preg_replace("#<(/*)(script|xss)(.*?)\>#si", '[removed]', $str); + } + } + while($original != $str); + + unset($original); + + /* + * Remove JavaScript Event Handlers + * + * Note: This code is a little blunt. It removes + * the event handler and anything up to the closing >, + * but it's unlikely to be a problem. + * + */ + $event_handlers = array('[^a-z_\-]on\w*','xmlns'); + + if ($is_image === TRUE) + { + /* + * Adobe Photoshop puts XML metadata into JFIF images, including namespacing, + * so we have to allow this for images. -Paul + */ + unset($event_handlers[array_search('xmlns', $event_handlers)]); + } + + $str = preg_replace("#<([^><]+?)(".implode('|', $event_handlers).")(\s*=\s*[^><]*)([><]*)#i", "<\\1\\4", $str); + + /* + * Sanitize naughty HTML elements + * + * If a tag containing any of the words in the list + * below is found, the tag gets converted to entities. + * + * So this: <blink> + * Becomes: <blink> + * + */ + $naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss'; + $str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str); + + /* + * Sanitize naughty scripting elements + * + * Similar to above, only instead of looking for + * tags it looks for PHP and JavaScript commands + * that are disallowed. Rather than removing the + * code, it simply converts the parenthesis to entities + * rendering the code un-executable. + * + * For example: eval('some code') + * Becomes: eval('some code') + * + */ + $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', "\\1\\2(\\3)", $str); + + /* + * Final clean up + * + * This adds a bit of extra precaution in case + * something got through the above filters + * + */ + foreach ($this->never_allowed_str as $key => $val) + { + $str = str_replace($key, $val, $str); + } + + foreach ($this->never_allowed_regex as $key => $val) + { + $str = preg_replace("#".$key."#i", $val, $str); + } + + /* + * Images are Handled in a Special Way + * - Essentially, we want to know that after all of the character conversion is done whether + * any unwanted, likely XSS, code was found. If not, we return TRUE, as the image is clean. + * However, if the string post-conversion does not matched the string post-removal of XSS, + * then it fails, as there was unwanted XSS code found and removed/changed during processing. + */ + + if ($is_image === TRUE) + { + if ($str == $converted_string) + { + return TRUE; + } + else + { + return FALSE; + } + } + + log_message('debug', "XSS Filtering completed"); + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Random Hash for protecting URLs + * + * @access public + * @return string + */ + function xss_hash() + { + if ($this->xss_hash == '') + { + if (phpversion() >= 4.2) + mt_srand(); + else + mt_srand(hexdec(substr(md5(microtime()), -8)) & 0x7fffffff); + + $this->xss_hash = md5(time() + mt_rand(0, 1999999999)); + } + + return $this->xss_hash; + } + + // -------------------------------------------------------------------- + + /** + * Remove Invisible Characters + * + * This prevents sandwiching null characters + * between ascii characters, like Java\0script. + * + * @access public + * @param string + * @return string + */ + function _remove_invisible_characters($str) + { + static $non_displayables; + + if ( ! isset($non_displayables)) + { + // every control character except newline (dec 10), carriage return (dec 13), and horizontal tab (dec 09), + $non_displayables = array( + '/%0[0-8bcef]/', // url encoded 00-08, 11, 12, 14, 15 + '/%1[0-9a-f]/', // url encoded 16-31 + '/[\x00-\x08]/', // 00-08 + '/\x0b/', '/\x0c/', // 11, 12 + '/[\x0e-\x1f]/' // 14-31 + ); + } + + do + { + $cleaned = $str; + $str = preg_replace($non_displayables, '', $str); + } + while ($cleaned != $str); + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Compact Exploded Words + * + * Callback function for xss_clean() to remove whitespace from + * things like j a v a s c r i p t + * + * @access public + * @param type + * @return type + */ + function _compact_exploded_words($matches) + { + return preg_replace('/\s+/s', '', $matches[1]).$matches[2]; + } + + // -------------------------------------------------------------------- + + /** + * Sanitize Naughty HTML + * + * Callback function for xss_clean() to remove naughty HTML elements + * + * @access private + * @param array + * @return string + */ + function _sanitize_naughty_html($matches) + { + // encode opening brace + $str = '<'.$matches[1].$matches[2].$matches[3]; + + // encode captured opening or closing brace to prevent recursive vectors + $str .= str_replace(array('>', '<'), array('>', '<'), $matches[4]); + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * JS Link Removal + * + * Callback function for xss_clean() to sanitize links + * This limits the PCRE backtracks, making it more performance friendly + * and prevents PREG_BACKTRACK_LIMIT_ERROR from being triggered in + * PHP 5.2+ on link-heavy strings + * + * @access private + * @param array + * @return string + */ + function _js_link_removal($match) + { + $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); + return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|charset\=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si", "", $attributes), $match[0]); + } + + /** + * JS Image Removal + * + * Callback function for xss_clean() to sanitize image tags + * This limits the PCRE backtracks, making it more performance friendly + * and prevents PREG_BACKTRACK_LIMIT_ERROR from being triggered in + * PHP 5.2+ on image tag heavy strings + * + * @access private + * @param array + * @return string + */ + function _js_img_removal($match) + { + $attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])); + return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|charset\=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si", "", $attributes), $match[0]); + } + + // -------------------------------------------------------------------- + + /** + * Attribute Conversion + * + * Used as a callback for XSS Clean + * + * @access public + * @param array + * @return string + */ + function _convert_attribute($match) + { + return str_replace(array('>', '<', '\\'), array('>', '<', '\\\\'), $match[0]); + } + + // -------------------------------------------------------------------- + + /** + * HTML Entity Decode Callback + * + * Used as a callback for XSS Clean + * + * @access public + * @param array + * @return string + */ + function _html_entity_decode_callback($match) + { + $CFG =& load_class('Config'); + $charset = $CFG->item('charset'); + + return $this->_html_entity_decode($match[0], strtoupper($charset)); + } + + // -------------------------------------------------------------------- + + /** + * HTML Entities Decode + * + * This function is a replacement for html_entity_decode() + * + * In some versions of PHP the native function does not work + * when UTF-8 is the specified character set, so this gives us + * a work-around. More info here: + * http://bugs.php.net/bug.php?id=25670 + * + * @access private + * @param string + * @param string + * @return string + */ + /* ------------------------------------------------- + /* Replacement for html_entity_decode() + /* -------------------------------------------------*/ + + /* + NOTE: html_entity_decode() has a bug in some PHP versions when UTF-8 is the + character set, and the PHP developers said they were not back porting the + fix to versions other than PHP 5.x. + */ + function _html_entity_decode($str, $charset='UTF-8') + { + if (stristr($str, '&') === FALSE) return $str; + + // The reason we are not using html_entity_decode() by itself is because + // while it is not technically correct to leave out the semicolon + // at the end of an entity most browsers will still interpret the entity + // correctly. html_entity_decode() does not convert entities without + // semicolons, so we are left with our own little solution here. Bummer. + + if (function_exists('html_entity_decode') && (strtolower($charset) != 'utf-8' OR version_compare(phpversion(), '5.0.0', '>='))) + { + $str = html_entity_decode($str, ENT_COMPAT, $charset); + $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str); + return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str); + } + + // Numeric Entities + $str = preg_replace('~&#x(0*[0-9a-f]{2,5});{0,1}~ei', 'chr(hexdec("\\1"))', $str); + $str = preg_replace('~&#([0-9]{2,4});{0,1}~e', 'chr(\\1)', $str); + + // Literal Entities - Slightly slow so we do another check + if (stristr($str, '&') === FALSE) + { + $str = strtr($str, array_flip(get_html_translation_table(HTML_ENTITIES))); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Filter Attributes + * + * Filters tag attributes for consistency and safety + * + * @access public + * @param string + * @return string + */ + function _filter_attributes($str) + { + $out = ''; + + if (preg_match_all('#\s*[a-z\-]+\s*=\s*(\042|\047)([^\\1]*?)\\1#is', $str, $matches)) + { + foreach ($matches[0] as $match) + { + $out .= preg_replace("#/\*.*?\*/#s", '', $match); + } + } + + return $out; + } + + // -------------------------------------------------------------------- + +} +// END Input class + +/* End of file Input.php */ +/* Location: ./system/libraries/Input.php */
\ No newline at end of file diff --git a/system/libraries/Language.php b/system/libraries/Language.php new file mode 100644 index 000000000..b679c891f --- /dev/null +++ b/system/libraries/Language.php @@ -0,0 +1,123 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Language Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Language + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/language.html + */ +class CI_Language { + + var $language = array(); + var $is_loaded = array(); + + /** + * Constructor + * + * @access public + */ + function CI_Language() + { + log_message('debug', "Language Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Load a language file + * + * @access public + * @param mixed the name of the language file to be loaded. Can be an array + * @param string the language (english, etc.) + * @return mixed + */ + function load($langfile = '', $idiom = '', $return = FALSE) + { + $langfile = str_replace(EXT, '', str_replace('_lang.', '', $langfile)).'_lang'.EXT; + + if (in_array($langfile, $this->is_loaded, TRUE)) + { + return; + } + + if ($idiom == '') + { + $CI =& get_instance(); + $deft_lang = $CI->config->item('language'); + $idiom = ($deft_lang == '') ? 'english' : $deft_lang; + } + + // Determine where the language file is and load it + if (file_exists(APPPATH.'language/'.$idiom.'/'.$langfile)) + { + include(APPPATH.'language/'.$idiom.'/'.$langfile); + } + else + { + if (file_exists(BASEPATH.'language/'.$idiom.'/'.$langfile)) + { + include(BASEPATH.'language/'.$idiom.'/'.$langfile); + } + else + { + show_error('Unable to load the requested language file: language/'.$idiom.'/'.$langfile); + } + } + + if ( ! isset($lang)) + { + log_message('error', 'Language file contains no data: language/'.$idiom.'/'.$langfile); + return; + } + + if ($return == TRUE) + { + return $lang; + } + + $this->is_loaded[] = $langfile; + $this->language = array_merge($this->language, $lang); + unset($lang); + + log_message('debug', 'Language file loaded: language/'.$idiom.'/'.$langfile); + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Fetch a single line of text from the language array + * + * @access public + * @param string $line the language line + * @return string + */ + function line($line = '') + { + $line = ($line == '' OR ! isset($this->language[$line])) ? FALSE : $this->language[$line]; + return $line; + } + +} +// END Language Class + +/* End of file Language.php */ +/* Location: ./system/libraries/Language.php */
\ No newline at end of file diff --git a/system/libraries/Loader.php b/system/libraries/Loader.php new file mode 100644 index 000000000..781c83c65 --- /dev/null +++ b/system/libraries/Loader.php @@ -0,0 +1,1085 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Loader Class + * + * Loads views and files + * + * @package CodeIgniter + * @subpackage Libraries + * @author ExpressionEngine Dev Team + * @category Loader + * @link http://codeigniter.com/user_guide/libraries/loader.html + */ +class CI_Loader { + + // All these are set automatically. Don't mess with them. + var $_ci_ob_level; + var $_ci_view_path = ''; + var $_ci_is_php5 = FALSE; + var $_ci_is_instance = FALSE; // Whether we should use $this or $CI =& get_instance() + var $_ci_cached_vars = array(); + var $_ci_classes = array(); + var $_ci_loaded_files = array(); + var $_ci_models = array(); + var $_ci_helpers = array(); + var $_ci_plugins = array(); + var $_ci_varmap = array('unit_test' => 'unit', 'user_agent' => 'agent'); + + + /** + * Constructor + * + * Sets the path to the view files and gets the initial output buffering level + * + * @access public + */ + function CI_Loader() + { + $this->_ci_is_php5 = (floor(phpversion()) >= 5) ? TRUE : FALSE; + $this->_ci_view_path = APPPATH.'views/'; + $this->_ci_ob_level = ob_get_level(); + + log_message('debug', "Loader Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Class Loader + * + * This function lets users load and instantiate classes. + * It is designed to be called from a user's app controllers. + * + * @access public + * @param string the name of the class + * @param mixed the optional parameters + * @param string an optional object name + * @return void + */ + function library($library = '', $params = NULL, $object_name = NULL) + { + if ($library == '') + { + return FALSE; + } + + if ( ! is_null($params) AND ! is_array($params)) + { + $params = NULL; + } + + if (is_array($library)) + { + foreach ($library as $class) + { + $this->_ci_load_class($class, $params, $object_name); + } + } + else + { + $this->_ci_load_class($library, $params, $object_name); + } + + $this->_ci_assign_to_models(); + } + + // -------------------------------------------------------------------- + + /** + * Model Loader + * + * This function lets users load and instantiate models. + * + * @access public + * @param string the name of the class + * @param string name for the model + * @param bool database connection + * @return void + */ + function model($model, $name = '', $db_conn = FALSE) + { + if (is_array($model)) + { + foreach($model as $babe) + { + $this->model($babe); + } + return; + } + + if ($model == '') + { + return; + } + + // Is the model in a sub-folder? If so, parse out the filename and path. + if (strpos($model, '/') === FALSE) + { + $path = ''; + } + else + { + $x = explode('/', $model); + $model = end($x); + unset($x[count($x)-1]); + $path = implode('/', $x).'/'; + } + + if ($name == '') + { + $name = $model; + } + + if (in_array($name, $this->_ci_models, TRUE)) + { + return; + } + + $CI =& get_instance(); + if (isset($CI->$name)) + { + show_error('The model name you are loading is the name of a resource that is already being used: '.$name); + } + + $model = strtolower($model); + + if ( ! file_exists(APPPATH.'models/'.$path.$model.EXT)) + { + show_error('Unable to locate the model you have specified: '.$model); + } + + if ($db_conn !== FALSE AND ! class_exists('CI_DB')) + { + if ($db_conn === TRUE) + $db_conn = ''; + + $CI->load->database($db_conn, FALSE, TRUE); + } + + if ( ! class_exists('Model')) + { + load_class('Model', FALSE); + } + + require_once(APPPATH.'models/'.$path.$model.EXT); + + $model = ucfirst($model); + + $CI->$name = new $model(); + $CI->$name->_assign_libraries(); + + $this->_ci_models[] = $name; + } + + // -------------------------------------------------------------------- + + /** + * Database Loader + * + * @access public + * @param string the DB credentials + * @param bool whether to return the DB object + * @param bool whether to enable active record (this allows us to override the config setting) + * @return object + */ + function database($params = '', $return = FALSE, $active_record = FALSE) + { + // Grab the super object + $CI =& get_instance(); + + // Do we even need to load the database class? + if (class_exists('CI_DB') AND $return == FALSE AND $active_record == FALSE AND isset($CI->db) AND is_object($CI->db)) + { + return FALSE; + } + + require_once(BASEPATH.'database/DB'.EXT); + + if ($return === TRUE) + { + return DB($params, $active_record); + } + + // Initialize the db variable. Needed to prevent + // reference errors with some configurations + $CI->db = ''; + + // Load the DB class + $CI->db =& DB($params, $active_record); + + // Assign the DB object to any existing models + $this->_ci_assign_to_models(); + } + + // -------------------------------------------------------------------- + + /** + * Load the Utilities Class + * + * @access public + * @return string + */ + function dbutil() + { + if ( ! class_exists('CI_DB')) + { + $this->database(); + } + + $CI =& get_instance(); + + // for backwards compatibility, load dbforge so we can extend dbutils off it + // this use is deprecated and strongly discouraged + $CI->load->dbforge(); + + require_once(BASEPATH.'database/DB_utility'.EXT); + require_once(BASEPATH.'database/drivers/'.$CI->db->dbdriver.'/'.$CI->db->dbdriver.'_utility'.EXT); + $class = 'CI_DB_'.$CI->db->dbdriver.'_utility'; + + $CI->dbutil =& instantiate_class(new $class()); + + $CI->load->_ci_assign_to_models(); + } + + // -------------------------------------------------------------------- + + /** + * Load the Database Forge Class + * + * @access public + * @return string + */ + function dbforge() + { + if ( ! class_exists('CI_DB')) + { + $this->database(); + } + + $CI =& get_instance(); + + require_once(BASEPATH.'database/DB_forge'.EXT); + require_once(BASEPATH.'database/drivers/'.$CI->db->dbdriver.'/'.$CI->db->dbdriver.'_forge'.EXT); + $class = 'CI_DB_'.$CI->db->dbdriver.'_forge'; + + $CI->dbforge = new $class(); + + $CI->load->_ci_assign_to_models(); + } + + // -------------------------------------------------------------------- + + /** + * Load View + * + * This function is used to load a "view" file. It has three parameters: + * + * 1. The name of the "view" file to be included. + * 2. An associative array of data to be extracted for use in the view. + * 3. TRUE/FALSE - whether to return the data or load it. In + * some cases it's advantageous to be able to return data so that + * a developer can process it in some way. + * + * @access public + * @param string + * @param array + * @param bool + * @return void + */ + function view($view, $vars = array(), $return = FALSE) + { + return $this->_ci_load(array('_ci_view' => $view, '_ci_vars' => $this->_ci_object_to_array($vars), '_ci_return' => $return)); + } + + // -------------------------------------------------------------------- + + /** + * Load File + * + * This is a generic file loader + * + * @access public + * @param string + * @param bool + * @return string + */ + function file($path, $return = FALSE) + { + return $this->_ci_load(array('_ci_path' => $path, '_ci_return' => $return)); + } + + // -------------------------------------------------------------------- + + /** + * Set Variables + * + * Once variables are set they become available within + * the controller class and its "view" files. + * + * @access public + * @param array + * @return void + */ + function vars($vars = array(), $val = '') + { + if ($val != '' AND is_string($vars)) + { + $vars = array($vars => $val); + } + + $vars = $this->_ci_object_to_array($vars); + + if (is_array($vars) AND count($vars) > 0) + { + foreach ($vars as $key => $val) + { + $this->_ci_cached_vars[$key] = $val; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Load Helper + * + * This function loads the specified helper file. + * + * @access public + * @param mixed + * @return void + */ + function helper($helpers = array()) + { + if ( ! is_array($helpers)) + { + $helpers = array($helpers); + } + + foreach ($helpers as $helper) + { + $helper = strtolower(str_replace(EXT, '', str_replace('_helper', '', $helper)).'_helper'); + + if (isset($this->_ci_helpers[$helper])) + { + continue; + } + + $ext_helper = APPPATH.'helpers/'.config_item('subclass_prefix').$helper.EXT; + + // Is this a helper extension request? + if (file_exists($ext_helper)) + { + $base_helper = BASEPATH.'helpers/'.$helper.EXT; + + if ( ! file_exists($base_helper)) + { + show_error('Unable to load the requested file: helpers/'.$helper.EXT); + } + + include_once($ext_helper); + include_once($base_helper); + } + elseif (file_exists(APPPATH.'helpers/'.$helper.EXT)) + { + include_once(APPPATH.'helpers/'.$helper.EXT); + } + else + { + if (file_exists(BASEPATH.'helpers/'.$helper.EXT)) + { + include_once(BASEPATH.'helpers/'.$helper.EXT); + } + else + { + show_error('Unable to load the requested file: helpers/'.$helper.EXT); + } + } + + $this->_ci_helpers[$helper] = TRUE; + log_message('debug', 'Helper loaded: '.$helper); + } + } + + // -------------------------------------------------------------------- + + /** + * Load Helpers + * + * This is simply an alias to the above function in case the + * user has written the plural form of this function. + * + * @access public + * @param array + * @return void + */ + function helpers($helpers = array()) + { + $this->helper($helpers); + } + + // -------------------------------------------------------------------- + + /** + * Load Plugin + * + * This function loads the specified plugin. + * + * @access public + * @param array + * @return void + */ + function plugin($plugins = array()) + { + if ( ! is_array($plugins)) + { + $plugins = array($plugins); + } + + foreach ($plugins as $plugin) + { + $plugin = strtolower(str_replace(EXT, '', str_replace('_pi', '', $plugin)).'_pi'); + + if (isset($this->_ci_plugins[$plugin])) + { + continue; + } + + if (file_exists(APPPATH.'plugins/'.$plugin.EXT)) + { + include_once(APPPATH.'plugins/'.$plugin.EXT); + } + else + { + if (file_exists(BASEPATH.'plugins/'.$plugin.EXT)) + { + include_once(BASEPATH.'plugins/'.$plugin.EXT); + } + else + { + show_error('Unable to load the requested file: plugins/'.$plugin.EXT); + } + } + + $this->_ci_plugins[$plugin] = TRUE; + log_message('debug', 'Plugin loaded: '.$plugin); + } + } + + // -------------------------------------------------------------------- + + /** + * Load Plugins + * + * This is simply an alias to the above function in case the + * user has written the plural form of this function. + * + * @access public + * @param array + * @return void + */ + function plugins($plugins = array()) + { + $this->plugin($plugins); + } + + // -------------------------------------------------------------------- + + /** + * Loads a language file + * + * @access public + * @param array + * @param string + * @return void + */ + function language($file = array(), $lang = '') + { + $CI =& get_instance(); + + if ( ! is_array($file)) + { + $file = array($file); + } + + foreach ($file as $langfile) + { + $CI->lang->load($langfile, $lang); + } + } + + /** + * Loads language files for scaffolding + * + * @access public + * @param string + * @return arra + */ + function scaffold_language($file = '', $lang = '', $return = FALSE) + { + $CI =& get_instance(); + return $CI->lang->load($file, $lang, $return); + } + + // -------------------------------------------------------------------- + + /** + * Loads a config file + * + * @access public + * @param string + * @return void + */ + function config($file = '', $use_sections = FALSE, $fail_gracefully = FALSE) + { + $CI =& get_instance(); + $CI->config->load($file, $use_sections, $fail_gracefully); + } + + // -------------------------------------------------------------------- + + /** + * Scaffolding Loader + * + * This initializing function works a bit different than the + * others. It doesn't load the class. Instead, it simply + * sets a flag indicating that scaffolding is allowed to be + * used. The actual scaffolding function below is + * called by the front controller based on whether the + * second segment of the URL matches the "secret" scaffolding + * word stored in the application/config/routes.php + * + * @access public + * @param string + * @return void + */ + function scaffolding($table = '') + { + if ($table === FALSE) + { + show_error('You must include the name of the table you would like to access when you initialize scaffolding'); + } + + $CI =& get_instance(); + $CI->_ci_scaffolding = TRUE; + $CI->_ci_scaff_table = $table; + } + + // -------------------------------------------------------------------- + + /** + * Loader + * + * This function is used to load views and files. + * Variables are prefixed with _ci_ to avoid symbol collision with + * variables made available to view files + * + * @access private + * @param array + * @return void + */ + function _ci_load($_ci_data) + { + // Set the default data variables + foreach (array('_ci_view', '_ci_vars', '_ci_path', '_ci_return') as $_ci_val) + { + $$_ci_val = ( ! isset($_ci_data[$_ci_val])) ? FALSE : $_ci_data[$_ci_val]; + } + + // Set the path to the requested file + if ($_ci_path == '') + { + $_ci_ext = pathinfo($_ci_view, PATHINFO_EXTENSION); + $_ci_file = ($_ci_ext == '') ? $_ci_view.EXT : $_ci_view; + $_ci_path = $this->_ci_view_path.$_ci_file; + } + else + { + $_ci_x = explode('/', $_ci_path); + $_ci_file = end($_ci_x); + } + + if ( ! file_exists($_ci_path)) + { + show_error('Unable to load the requested file: '.$_ci_file); + } + + // This allows anything loaded using $this->load (views, files, etc.) + // to become accessible from within the Controller and Model functions. + // Only needed when running PHP 5 + + if ($this->_ci_is_instance()) + { + $_ci_CI =& get_instance(); + foreach (get_object_vars($_ci_CI) as $_ci_key => $_ci_var) + { + if ( ! isset($this->$_ci_key)) + { + $this->$_ci_key =& $_ci_CI->$_ci_key; + } + } + } + + /* + * Extract and cache variables + * + * You can either set variables using the dedicated $this->load_vars() + * function or via the second parameter of this function. We'll merge + * the two types and cache them so that views that are embedded within + * other views can have access to these variables. + */ + if (is_array($_ci_vars)) + { + $this->_ci_cached_vars = array_merge($this->_ci_cached_vars, $_ci_vars); + } + extract($this->_ci_cached_vars); + + /* + * Buffer the output + * + * We buffer the output for two reasons: + * 1. Speed. You get a significant speed boost. + * 2. So that the final rendered template can be + * post-processed by the output class. Why do we + * need post processing? For one thing, in order to + * show the elapsed page load time. Unless we + * can intercept the content right before it's sent to + * the browser and then stop the timer it won't be accurate. + */ + ob_start(); + + // If the PHP installation does not support short tags we'll + // do a little string replacement, changing the short tags + // to standard PHP echo statements. + + if ((bool) @ini_get('short_open_tag') === FALSE AND config_item('rewrite_short_tags') == TRUE) + { + echo eval('?>'.preg_replace("/;*\s*\?>/", "; ?>", str_replace('<?=', '<?php echo ', file_get_contents($_ci_path)))); + } + else + { + include($_ci_path); // include() vs include_once() allows for multiple views with the same name + } + + log_message('debug', 'File loaded: '.$_ci_path); + + // Return the file data if requested + if ($_ci_return === TRUE) + { + $buffer = ob_get_contents(); + @ob_end_clean(); + return $buffer; + } + + /* + * Flush the buffer... or buff the flusher? + * + * In order to permit views to be nested within + * other views, we need to flush the content back out whenever + * we are beyond the first level of output buffering so that + * it can be seen and included properly by the first included + * template and any subsequent ones. Oy! + * + */ + if (ob_get_level() > $this->_ci_ob_level + 1) + { + ob_end_flush(); + } + else + { + // PHP 4 requires that we use a global + global $OUT; + $OUT->append_output(ob_get_contents()); + @ob_end_clean(); + } + } + + // -------------------------------------------------------------------- + + /** + * Load class + * + * This function loads the requested class. + * + * @access private + * @param string the item that is being loaded + * @param mixed any additional parameters + * @param string an optional object name + * @return void + */ + function _ci_load_class($class, $params = NULL, $object_name = NULL) + { + // Get the class name, and while we're at it trim any slashes. + // The directory path can be included as part of the class name, + // but we don't want a leading slash + $class = str_replace(EXT, '', trim($class, '/')); + + // Was the path included with the class name? + // We look for a slash to determine this + $subdir = ''; + if (strpos($class, '/') !== FALSE) + { + // explode the path so we can separate the filename from the path + $x = explode('/', $class); + + // Reset the $class variable now that we know the actual filename + $class = end($x); + + // Kill the filename from the array + unset($x[count($x)-1]); + + // Glue the path back together, sans filename + $subdir = implode($x, '/').'/'; + } + + // We'll test for both lowercase and capitalized versions of the file name + foreach (array(ucfirst($class), strtolower($class)) as $class) + { + $subclass = APPPATH.'libraries/'.$subdir.config_item('subclass_prefix').$class.EXT; + + // Is this a class extension request? + if (file_exists($subclass)) + { + $baseclass = BASEPATH.'libraries/'.ucfirst($class).EXT; + + if ( ! file_exists($baseclass)) + { + log_message('error', "Unable to load the requested class: ".$class); + show_error("Unable to load the requested class: ".$class); + } + + // Safety: Was the class already loaded by a previous call? + if (in_array($subclass, $this->_ci_loaded_files)) + { + // Before we deem this to be a duplicate request, let's see + // if a custom object name is being supplied. If so, we'll + // return a new instance of the object + if ( ! is_null($object_name)) + { + $CI =& get_instance(); + if ( ! isset($CI->$object_name)) + { + return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); + } + } + + $is_duplicate = TRUE; + log_message('debug', $class." class already loaded. Second attempt ignored."); + return; + } + + include_once($baseclass); + include_once($subclass); + $this->_ci_loaded_files[] = $subclass; + + return $this->_ci_init_class($class, config_item('subclass_prefix'), $params, $object_name); + } + + // Lets search for the requested library file and load it. + $is_duplicate = FALSE; + for ($i = 1; $i < 3; $i++) + { + $path = ($i % 2) ? APPPATH : BASEPATH; + $filepath = $path.'libraries/'.$subdir.$class.EXT; + + // Does the file exist? No? Bummer... + if ( ! file_exists($filepath)) + { + continue; + } + + // Safety: Was the class already loaded by a previous call? + if (in_array($filepath, $this->_ci_loaded_files)) + { + // Before we deem this to be a duplicate request, let's see + // if a custom object name is being supplied. If so, we'll + // return a new instance of the object + if ( ! is_null($object_name)) + { + $CI =& get_instance(); + if ( ! isset($CI->$object_name)) + { + return $this->_ci_init_class($class, '', $params, $object_name); + } + } + + $is_duplicate = TRUE; + log_message('debug', $class." class already loaded. Second attempt ignored."); + return; + } + + include_once($filepath); + $this->_ci_loaded_files[] = $filepath; + return $this->_ci_init_class($class, '', $params, $object_name); + } + } // END FOREACH + + // One last attempt. Maybe the library is in a subdirectory, but it wasn't specified? + if ($subdir == '') + { + $path = strtolower($class).'/'.$class; + return $this->_ci_load_class($path, $params); + } + + // If we got this far we were unable to find the requested class. + // We do not issue errors if the load call failed due to a duplicate request + if ($is_duplicate == FALSE) + { + log_message('error', "Unable to load the requested class: ".$class); + show_error("Unable to load the requested class: ".$class); + } + } + + // -------------------------------------------------------------------- + + /** + * Instantiates a class + * + * @access private + * @param string + * @param string + * @param string an optional object name + * @return null + */ + function _ci_init_class($class, $prefix = '', $config = FALSE, $object_name = NULL) + { + // Is there an associated config file for this class? + if ($config === NULL) + { + // We test for both uppercase and lowercase, for servers that + // are case-sensitive with regard to file names + if (file_exists(APPPATH.'config/'.strtolower($class).EXT)) + { + include_once(APPPATH.'config/'.strtolower($class).EXT); + } + elseif (file_exists(APPPATH.'config/'.ucfirst(strtolower($class)).EXT)) + { + include_once(APPPATH.'config/'.ucfirst(strtolower($class)).EXT); + } + } + + if ($prefix == '') + { + if (class_exists('CI_'.$class)) + { + $name = 'CI_'.$class; + } + elseif (class_exists(config_item('subclass_prefix').$class)) + { + $name = config_item('subclass_prefix').$class; + } + else + { + $name = $class; + } + } + else + { + $name = $prefix.$class; + } + + // Is the class name valid? + if ( ! class_exists($name)) + { + log_message('error', "Non-existent class: ".$name); + show_error("Non-existent class: ".$class); + } + + // Set the variable name we will assign the class to + // Was a custom class name supplied? If so we'll use it + $class = strtolower($class); + + if (is_null($object_name)) + { + $classvar = ( ! isset($this->_ci_varmap[$class])) ? $class : $this->_ci_varmap[$class]; + } + else + { + $classvar = $object_name; + } + + // Save the class name and object name + $this->_ci_classes[$class] = $classvar; + + // Instantiate the class + $CI =& get_instance(); + if ($config !== NULL) + { + $CI->$classvar = new $name($config); + } + else + { + $CI->$classvar = new $name; + } + } + + // -------------------------------------------------------------------- + + /** + * Autoloader + * + * The config/autoload.php file contains an array that permits sub-systems, + * libraries, plugins, and helpers to be loaded automatically. + * + * @access private + * @param array + * @return void + */ + function _ci_autoloader() + { + include_once(APPPATH.'config/autoload'.EXT); + + if ( ! isset($autoload)) + { + return FALSE; + } + + // Load any custom config file + if (count($autoload['config']) > 0) + { + $CI =& get_instance(); + foreach ($autoload['config'] as $key => $val) + { + $CI->config->load($val); + } + } + + // Autoload plugins, helpers and languages + foreach (array('helper', 'plugin', 'language') as $type) + { + if (isset($autoload[$type]) AND count($autoload[$type]) > 0) + { + $this->$type($autoload[$type]); + } + } + + // A little tweak to remain backward compatible + // The $autoload['core'] item was deprecated + if ( ! isset($autoload['libraries'])) + { + $autoload['libraries'] = $autoload['core']; + } + + // Load libraries + if (isset($autoload['libraries']) AND count($autoload['libraries']) > 0) + { + // Load the database driver. + if (in_array('database', $autoload['libraries'])) + { + $this->database(); + $autoload['libraries'] = array_diff($autoload['libraries'], array('database')); + } + + // Load scaffolding + if (in_array('scaffolding', $autoload['libraries'])) + { + $this->scaffolding(); + $autoload['libraries'] = array_diff($autoload['libraries'], array('scaffolding')); + } + + // Load all other libraries + foreach ($autoload['libraries'] as $item) + { + $this->library($item); + } + } + + // Autoload models + if (isset($autoload['model'])) + { + $this->model($autoload['model']); + } + + } + + // -------------------------------------------------------------------- + + /** + * Assign to Models + * + * Makes sure that anything loaded by the loader class (libraries, plugins, etc.) + * will be available to models, if any exist. + * + * @access private + * @param object + * @return array + */ + function _ci_assign_to_models() + { + if (count($this->_ci_models) == 0) + { + return; + } + + if ($this->_ci_is_instance()) + { + $CI =& get_instance(); + foreach ($this->_ci_models as $model) + { + $CI->$model->_assign_libraries(); + } + } + else + { + foreach ($this->_ci_models as $model) + { + $this->$model->_assign_libraries(); + } + } + } + + // -------------------------------------------------------------------- + + /** + * Object to Array + * + * Takes an object as input and converts the class variables to array key/vals + * + * @access private + * @param object + * @return array + */ + function _ci_object_to_array($object) + { + return (is_object($object)) ? get_object_vars($object) : $object; + } + + // -------------------------------------------------------------------- + + /** + * Determines whether we should use the CI instance or $this + * + * @access private + * @return bool + */ + function _ci_is_instance() + { + if ($this->_ci_is_php5 == TRUE) + { + return TRUE; + } + + global $CI; + return (is_object($CI)) ? TRUE : FALSE; + } + +} + +/* End of file Loader.php */ +/* Location: ./system/libraries/Loader.php */
\ No newline at end of file diff --git a/system/libraries/Log.php b/system/libraries/Log.php new file mode 100644 index 000000000..d8a07a9dd --- /dev/null +++ b/system/libraries/Log.php @@ -0,0 +1,117 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Logging Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Logging + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/general/errors.html + */ +class CI_Log { + + var $log_path; + var $_threshold = 1; + var $_date_fmt = 'Y-m-d H:i:s'; + var $_enabled = TRUE; + var $_levels = array('ERROR' => '1', 'DEBUG' => '2', 'INFO' => '3', 'ALL' => '4'); + + /** + * Constructor + * + * @access public + */ + function CI_Log() + { + $config =& get_config(); + + $this->log_path = ($config['log_path'] != '') ? $config['log_path'] : BASEPATH.'logs/'; + + if ( ! is_dir($this->log_path) OR ! is_really_writable($this->log_path)) + { + $this->_enabled = FALSE; + } + + if (is_numeric($config['log_threshold'])) + { + $this->_threshold = $config['log_threshold']; + } + + if ($config['log_date_format'] != '') + { + $this->_date_fmt = $config['log_date_format']; + } + } + + // -------------------------------------------------------------------- + + /** + * Write Log File + * + * Generally this function will be called using the global log_message() function + * + * @access public + * @param string the error level + * @param string the error message + * @param bool whether the error is a native PHP error + * @return bool + */ + function write_log($level = 'error', $msg, $php_error = FALSE) + { + if ($this->_enabled === FALSE) + { + return FALSE; + } + + $level = strtoupper($level); + + if ( ! isset($this->_levels[$level]) OR ($this->_levels[$level] > $this->_threshold)) + { + return FALSE; + } + + $filepath = $this->log_path.'log-'.date('Y-m-d').EXT; + $message = ''; + + if ( ! file_exists($filepath)) + { + $message .= "<"."?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); ?".">\n\n"; + } + + if ( ! $fp = @fopen($filepath, FOPEN_WRITE_CREATE)) + { + return FALSE; + } + + $message .= $level.' '.(($level == 'INFO') ? ' -' : '-').' '.date($this->_date_fmt). ' --> '.$msg."\n"; + + flock($fp, LOCK_EX); + fwrite($fp, $message); + flock($fp, LOCK_UN); + fclose($fp); + + @chmod($filepath, FILE_WRITE_MODE); + return TRUE; + } + +} +// END Log Class + +/* End of file Log.php */ +/* Location: ./system/libraries/Log.php */
\ No newline at end of file diff --git a/system/libraries/Model.php b/system/libraries/Model.php new file mode 100644 index 000000000..f5e501b00 --- /dev/null +++ b/system/libraries/Model.php @@ -0,0 +1,83 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * CodeIgniter Model Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Libraries + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/config.html + */ +class Model { + + var $_parent_name = ''; + + /** + * Constructor + * + * @access public + */ + function Model() + { + // If the magic __get() or __set() methods are used in a Model references can't be used. + $this->_assign_libraries( (method_exists($this, '__get') OR method_exists($this, '__set')) ? FALSE : TRUE ); + + // We don't want to assign the model object to itself when using the + // assign_libraries function below so we'll grab the name of the model parent + $this->_parent_name = ucfirst(get_class($this)); + + log_message('debug', "Model Class Initialized"); + } + + /** + * Assign Libraries + * + * Creates local references to all currently instantiated objects + * so that any syntax that can be legally used in a controller + * can be used within models. + * + * @access private + */ + function _assign_libraries($use_reference = TRUE) + { + $CI =& get_instance(); + foreach (array_keys(get_object_vars($CI)) as $key) + { + if ( ! isset($this->$key) AND $key != $this->_parent_name) + { + // In some cases using references can cause + // problems so we'll conditionally use them + if ($use_reference == TRUE) + { + $this->$key = NULL; // Needed to prevent reference errors with some configurations + $this->$key =& $CI->$key; + } + else + { + $this->$key = $CI->$key; + } + } + } + } + +} +// END Model Class + +/* End of file Model.php */ +/* Location: ./system/libraries/Model.php */
\ No newline at end of file diff --git a/system/libraries/Output.php b/system/libraries/Output.php new file mode 100644 index 000000000..4423ac726 --- /dev/null +++ b/system/libraries/Output.php @@ -0,0 +1,409 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Output Class + * + * Responsible for sending final output to browser + * + * @package CodeIgniter + * @subpackage Libraries + * @category Output + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/output.html + */ +class CI_Output { + + var $final_output; + var $cache_expiration = 0; + var $headers = array(); + var $enable_profiler = FALSE; + + + function CI_Output() + { + log_message('debug', "Output Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Get Output + * + * Returns the current output string + * + * @access public + * @return string + */ + function get_output() + { + return $this->final_output; + } + + // -------------------------------------------------------------------- + + /** + * Set Output + * + * Sets the output string + * + * @access public + * @param string + * @return void + */ + function set_output($output) + { + $this->final_output = $output; + } + + // -------------------------------------------------------------------- + + /** + * Append Output + * + * Appends data onto the output string + * + * @access public + * @param string + * @return void + */ + function append_output($output) + { + if ($this->final_output == '') + { + $this->final_output = $output; + } + else + { + $this->final_output .= $output; + } + } + + // -------------------------------------------------------------------- + + /** + * Set Header + * + * Lets you set a server header which will be outputted with the final display. + * + * Note: If a file is cached, headers will not be sent. We need to figure out + * how to permit header data to be saved with the cache data... + * + * @access public + * @param string + * @return void + */ + function set_header($header, $replace = TRUE) + { + $this->headers[] = array($header, $replace); + } + + // -------------------------------------------------------------------- + + /** + * Set HTTP Status Header + * moved to Common procedural functions in 1.7.2 + * + * @access public + * @param int the status code + * @param string + * @return void + */ + function set_status_header($code = '200', $text = '') + { + set_status_header($code, $text); + } + + // -------------------------------------------------------------------- + + /** + * Enable/disable Profiler + * + * @access public + * @param bool + * @return void + */ + function enable_profiler($val = TRUE) + { + $this->enable_profiler = (is_bool($val)) ? $val : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Set Cache + * + * @access public + * @param integer + * @return void + */ + function cache($time) + { + $this->cache_expiration = ( ! is_numeric($time)) ? 0 : $time; + } + + // -------------------------------------------------------------------- + + /** + * Display Output + * + * All "view" data is automatically put into this variable by the controller class: + * + * $this->final_output + * + * This function sends the finalized output data to the browser along + * with any server headers and profile data. It also stops the + * benchmark timer so the page rendering speed and memory usage can be shown. + * + * @access public + * @return mixed + */ + function _display($output = '') + { + // Note: We use globals because we can't use $CI =& get_instance() + // since this function is sometimes called by the caching mechanism, + // which happens before the CI super object is available. + global $BM, $CFG; + + // -------------------------------------------------------------------- + + // Set the output data + if ($output == '') + { + $output =& $this->final_output; + } + + // -------------------------------------------------------------------- + + // Do we need to write a cache file? + if ($this->cache_expiration > 0) + { + $this->_write_cache($output); + } + + // -------------------------------------------------------------------- + + // Parse out the elapsed time and memory usage, + // then swap the pseudo-variables with the data + + $elapsed = $BM->elapsed_time('total_execution_time_start', 'total_execution_time_end'); + $output = str_replace('{elapsed_time}', $elapsed, $output); + + $memory = ( ! function_exists('memory_get_usage')) ? '0' : round(memory_get_usage()/1024/1024, 2).'MB'; + $output = str_replace('{memory_usage}', $memory, $output); + + // -------------------------------------------------------------------- + + // Is compression requested? + if ($CFG->item('compress_output') === TRUE) + { + if (extension_loaded('zlib')) + { + if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) AND strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) + { + ob_start('ob_gzhandler'); + } + } + } + + // -------------------------------------------------------------------- + + // Are there any server headers to send? + if (count($this->headers) > 0) + { + foreach ($this->headers as $header) + { + @header($header[0], $header[1]); + } + } + + // -------------------------------------------------------------------- + + // Does the get_instance() function exist? + // If not we know we are dealing with a cache file so we'll + // simply echo out the data and exit. + if ( ! function_exists('get_instance')) + { + echo $output; + log_message('debug', "Final output sent to browser"); + log_message('debug', "Total execution time: ".$elapsed); + return TRUE; + } + + // -------------------------------------------------------------------- + + // Grab the super object. We'll need it in a moment... + $CI =& get_instance(); + + // Do we need to generate profile data? + // If so, load the Profile class and run it. + if ($this->enable_profiler == TRUE) + { + $CI->load->library('profiler'); + + // If the output data contains closing </body> and </html> tags + // we will remove them and add them back after we insert the profile data + if (preg_match("|</body>.*?</html>|is", $output)) + { + $output = preg_replace("|</body>.*?</html>|is", '', $output); + $output .= $CI->profiler->run(); + $output .= '</body></html>'; + } + else + { + $output .= $CI->profiler->run(); + } + } + + // -------------------------------------------------------------------- + + // Does the controller contain a function named _output()? + // If so send the output there. Otherwise, echo it. + if (method_exists($CI, '_output')) + { + $CI->_output($output); + } + else + { + echo $output; // Send it to the browser! + } + + log_message('debug', "Final output sent to browser"); + log_message('debug', "Total execution time: ".$elapsed); + } + + // -------------------------------------------------------------------- + + /** + * Write a Cache File + * + * @access public + * @return void + */ + function _write_cache($output) + { + $CI =& get_instance(); + $path = $CI->config->item('cache_path'); + + $cache_path = ($path == '') ? BASEPATH.'cache/' : $path; + + if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) + { + return; + } + + $uri = $CI->config->item('base_url'). + $CI->config->item('index_page'). + $CI->uri->uri_string(); + + $cache_path .= md5($uri); + + if ( ! $fp = @fopen($cache_path, FOPEN_WRITE_CREATE_DESTRUCTIVE)) + { + log_message('error', "Unable to write cache file: ".$cache_path); + return; + } + + $expire = time() + ($this->cache_expiration * 60); + + if (flock($fp, LOCK_EX)) + { + fwrite($fp, $expire.'TS--->'.$output); + flock($fp, LOCK_UN); + } + else + { + log_message('error', "Unable to secure a file lock for file at: ".$cache_path); + return; + } + fclose($fp); + @chmod($cache_path, DIR_WRITE_MODE); + + log_message('debug', "Cache file written: ".$cache_path); + } + + // -------------------------------------------------------------------- + + /** + * Update/serve a cached file + * + * @access public + * @return void + */ + function _display_cache(&$CFG, &$URI) + { + $cache_path = ($CFG->item('cache_path') == '') ? BASEPATH.'cache/' : $CFG->item('cache_path'); + + if ( ! is_dir($cache_path) OR ! is_really_writable($cache_path)) + { + return FALSE; + } + + // Build the file path. The file name is an MD5 hash of the full URI + $uri = $CFG->item('base_url'). + $CFG->item('index_page'). + $URI->uri_string; + + $filepath = $cache_path.md5($uri); + + if ( ! @file_exists($filepath)) + { + return FALSE; + } + + if ( ! $fp = @fopen($filepath, FOPEN_READ)) + { + return FALSE; + } + + flock($fp, LOCK_SH); + + $cache = ''; + if (filesize($filepath) > 0) + { + $cache = fread($fp, filesize($filepath)); + } + + flock($fp, LOCK_UN); + fclose($fp); + + // Strip out the embedded timestamp + if ( ! preg_match("/(\d+TS--->)/", $cache, $match)) + { + return FALSE; + } + + // Has the file expired? If so we'll delete it. + if (time() >= trim(str_replace('TS--->', '', $match['1']))) + { + @unlink($filepath); + log_message('debug', "Cache file has expired. File deleted"); + return FALSE; + } + + // Display the cache + $this->_display(str_replace($match['0'], '', $cache)); + log_message('debug', "Cache file is current. Sending it to browser."); + return TRUE; + } + + +} +// END Output Class + +/* End of file Output.php */ +/* Location: ./system/libraries/Output.php */
\ No newline at end of file diff --git a/system/libraries/Pagination.php b/system/libraries/Pagination.php new file mode 100644 index 000000000..d73c58e08 --- /dev/null +++ b/system/libraries/Pagination.php @@ -0,0 +1,244 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Pagination Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Pagination + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/pagination.html + */ +class CI_Pagination { + + var $base_url = ''; // The page we are linking to + var $total_rows = ''; // Total number of items (database results) + var $per_page = 10; // Max number of items you want shown per page + var $num_links = 2; // Number of "digit" links to show before/after the currently viewed page + var $cur_page = 0; // The current page being viewed + var $first_link = '‹ First'; + var $next_link = '>'; + var $prev_link = '<'; + var $last_link = 'Last ›'; + var $uri_segment = 3; + var $full_tag_open = ''; + var $full_tag_close = ''; + var $first_tag_open = ''; + var $first_tag_close = ' '; + var $last_tag_open = ' '; + var $last_tag_close = ''; + var $cur_tag_open = ' <strong>'; + var $cur_tag_close = '</strong>'; + var $next_tag_open = ' '; + var $next_tag_close = ' '; + var $prev_tag_open = ' '; + var $prev_tag_close = ''; + var $num_tag_open = ' '; + var $num_tag_close = ''; + var $page_query_string = FALSE; + var $query_string_segment = 'per_page'; + + /** + * Constructor + * + * @access public + * @param array initialization parameters + */ + function CI_Pagination($params = array()) + { + if (count($params) > 0) + { + $this->initialize($params); + } + + log_message('debug', "Pagination Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Initialize Preferences + * + * @access public + * @param array initialization parameters + * @return void + */ + function initialize($params = array()) + { + if (count($params) > 0) + { + foreach ($params as $key => $val) + { + if (isset($this->$key)) + { + $this->$key = $val; + } + } + } + } + + // -------------------------------------------------------------------- + + /** + * Generate the pagination links + * + * @access public + * @return string + */ + function create_links() + { + // If our item count or per-page total is zero there is no need to continue. + if ($this->total_rows == 0 OR $this->per_page == 0) + { + return ''; + } + + // Calculate the total number of pages + $num_pages = ceil($this->total_rows / $this->per_page); + + // Is there only one page? Hm... nothing more to do here then. + if ($num_pages == 1) + { + return ''; + } + + // Determine the current page number. + $CI =& get_instance(); + + if ($CI->config->item('enable_query_strings') === TRUE OR $this->page_query_string === TRUE) + { + if ($CI->input->get($this->query_string_segment) != 0) + { + $this->cur_page = $CI->input->get($this->query_string_segment); + + // Prep the current page - no funny business! + $this->cur_page = (int) $this->cur_page; + } + } + else + { + if ($CI->uri->segment($this->uri_segment) != 0) + { + $this->cur_page = $CI->uri->segment($this->uri_segment); + + // Prep the current page - no funny business! + $this->cur_page = (int) $this->cur_page; + } + } + + $this->num_links = (int)$this->num_links; + + if ($this->num_links < 1) + { + show_error('Your number of links must be a positive number.'); + } + + if ( ! is_numeric($this->cur_page)) + { + $this->cur_page = 0; + } + + // Is the page number beyond the result range? + // If so we show the last page + if ($this->cur_page > $this->total_rows) + { + $this->cur_page = ($num_pages - 1) * $this->per_page; + } + + $uri_page_number = $this->cur_page; + $this->cur_page = floor(($this->cur_page/$this->per_page) + 1); + + // Calculate the start and end numbers. These determine + // which number to start and end the digit links with + $start = (($this->cur_page - $this->num_links) > 0) ? $this->cur_page - ($this->num_links - 1) : 1; + $end = (($this->cur_page + $this->num_links) < $num_pages) ? $this->cur_page + $this->num_links : $num_pages; + + // Is pagination being used over GET or POST? If get, add a per_page query + // string. If post, add a trailing slash to the base URL if needed + if ($CI->config->item('enable_query_strings') === TRUE OR $this->page_query_string === TRUE) + { + $this->base_url = rtrim($this->base_url).'&'.$this->query_string_segment.'='; + } + else + { + $this->base_url = rtrim($this->base_url, '/') .'/'; + } + + // And here we go... + $output = ''; + + // Render the "First" link + if ($this->cur_page > ($this->num_links + 1)) + { + $output .= $this->first_tag_open.'<a href="'.$this->base_url.'">'.$this->first_link.'</a>'.$this->first_tag_close; + } + + // Render the "previous" link + if ($this->cur_page != 1) + { + $i = $uri_page_number - $this->per_page; + if ($i == 0) $i = ''; + $output .= $this->prev_tag_open.'<a href="'.$this->base_url.$i.'">'.$this->prev_link.'</a>'.$this->prev_tag_close; + } + + // Write the digit links + for ($loop = $start -1; $loop <= $end; $loop++) + { + $i = ($loop * $this->per_page) - $this->per_page; + + if ($i >= 0) + { + if ($this->cur_page == $loop) + { + $output .= $this->cur_tag_open.$loop.$this->cur_tag_close; // Current page + } + else + { + $n = ($i == 0) ? '' : $i; + $output .= $this->num_tag_open.'<a href="'.$this->base_url.$n.'">'.$loop.'</a>'.$this->num_tag_close; + } + } + } + + // Render the "next" link + if ($this->cur_page < $num_pages) + { + $output .= $this->next_tag_open.'<a href="'.$this->base_url.($this->cur_page * $this->per_page).'">'.$this->next_link.'</a>'.$this->next_tag_close; + } + + // Render the "Last" link + if (($this->cur_page + $this->num_links) < $num_pages) + { + $i = (($num_pages * $this->per_page) - $this->per_page); + $output .= $this->last_tag_open.'<a href="'.$this->base_url.$i.'">'.$this->last_link.'</a>'.$this->last_tag_close; + } + + // Kill double slashes. Note: Sometimes we can end up with a double slash + // in the penultimate link so we'll kill all double slashes. + $output = preg_replace("#([^:])//+#", "\\1/", $output); + + // Add the wrapper HTML if exists + $output = $this->full_tag_open.$output.$this->full_tag_close; + + return $output; + } +} +// END Pagination Class + +/* End of file Pagination.php */ +/* Location: ./system/libraries/Pagination.php */
\ No newline at end of file diff --git a/system/libraries/Parser.php b/system/libraries/Parser.php new file mode 100644 index 000000000..da3243755 --- /dev/null +++ b/system/libraries/Parser.php @@ -0,0 +1,173 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Parser Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Parser + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/parser.html + */ +class CI_Parser { + + var $l_delim = '{'; + var $r_delim = '}'; + var $object; + + /** + * Parse a template + * + * Parses pseudo-variables contained in the specified template, + * replacing them with the data in the second param + * + * @access public + * @param string + * @param array + * @param bool + * @return string + */ + function parse($template, $data, $return = FALSE) + { + $CI =& get_instance(); + $template = $CI->load->view($template, $data, TRUE); + + if ($template == '') + { + return FALSE; + } + + foreach ($data as $key => $val) + { + if (is_array($val)) + { + $template = $this->_parse_pair($key, $val, $template); + } + else + { + $template = $this->_parse_single($key, (string)$val, $template); + } + } + + if ($return == FALSE) + { + $CI->output->append_output($template); + } + + return $template; + } + + // -------------------------------------------------------------------- + + /** + * Set the left/right variable delimiters + * + * @access public + * @param string + * @param string + * @return void + */ + function set_delimiters($l = '{', $r = '}') + { + $this->l_delim = $l; + $this->r_delim = $r; + } + + // -------------------------------------------------------------------- + + /** + * Parse a single key/value + * + * @access private + * @param string + * @param string + * @param string + * @return string + */ + function _parse_single($key, $val, $string) + { + return str_replace($this->l_delim.$key.$this->r_delim, $val, $string); + } + + // -------------------------------------------------------------------- + + /** + * Parse a tag pair + * + * Parses tag pairs: {some_tag} string... {/some_tag} + * + * @access private + * @param string + * @param array + * @param string + * @return string + */ + function _parse_pair($variable, $data, $string) + { + if (FALSE === ($match = $this->_match_pair($string, $variable))) + { + return $string; + } + + $str = ''; + foreach ($data as $row) + { + $temp = $match['1']; + foreach ($row as $key => $val) + { + if ( ! is_array($val)) + { + $temp = $this->_parse_single($key, $val, $temp); + } + else + { + $temp = $this->_parse_pair($key, $val, $temp); + } + } + + $str .= $temp; + } + + return str_replace($match['0'], $str, $string); + } + + // -------------------------------------------------------------------- + + /** + * Matches a variable pair + * + * @access private + * @param string + * @param string + * @return mixed + */ + function _match_pair($string, $variable) + { + if ( ! preg_match("|".$this->l_delim . $variable . $this->r_delim."(.+?)".$this->l_delim . '/' . $variable . $this->r_delim."|s", $string, $match)) + { + return FALSE; + } + + return $match; + } + +} +// END Parser Class + +/* End of file Parser.php */ +/* Location: ./system/libraries/Parser.php */
\ No newline at end of file diff --git a/system/libraries/Profiler.php b/system/libraries/Profiler.php new file mode 100644 index 000000000..ecd0e708d --- /dev/null +++ b/system/libraries/Profiler.php @@ -0,0 +1,392 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * CodeIgniter Profiler Class + * + * This class enables you to display benchmark, query, and other data + * in order to help with debugging and optimization. + * + * Note: At some point it would be good to move all the HTML in this class + * into a set of template files in order to allow customization. + * + * @package CodeIgniter + * @subpackage Libraries + * @category Libraries + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/general/profiling.html + */ +class CI_Profiler { + + var $CI; + + function CI_Profiler() + { + $this->CI =& get_instance(); + $this->CI->load->language('profiler'); + } + + // -------------------------------------------------------------------- + + /** + * Auto Profiler + * + * This function cycles through the entire array of mark points and + * matches any two points that are named identically (ending in "_start" + * and "_end" respectively). It then compiles the execution times for + * all points and returns it as an array + * + * @access private + * @return array + */ + function _compile_benchmarks() + { + $profile = array(); + foreach ($this->CI->benchmark->marker as $key => $val) + { + // We match the "end" marker so that the list ends + // up in the order that it was defined + if (preg_match("/(.+?)_end/i", $key, $match)) + { + if (isset($this->CI->benchmark->marker[$match[1].'_end']) AND isset($this->CI->benchmark->marker[$match[1].'_start'])) + { + $profile[$match[1]] = $this->CI->benchmark->elapsed_time($match[1].'_start', $key); + } + } + } + + // Build a table containing the profile data. + // Note: At some point we should turn this into a template that can + // be modified. We also might want to make this data available to be logged + + $output = "\n\n"; + $output .= '<fieldset style="border:1px solid #990000;padding:6px 10px 10px 10px;margin:0 0 20px 0;background-color:#eee">'; + $output .= "\n"; + $output .= '<legend style="color:#990000;"> '.$this->CI->lang->line('profiler_benchmarks').' </legend>'; + $output .= "\n"; + $output .= "\n\n<table cellpadding='4' cellspacing='1' border='0' width='100%'>\n"; + + foreach ($profile as $key => $val) + { + $key = ucwords(str_replace(array('_', '-'), ' ', $key)); + $output .= "<tr><td width='50%' style='color:#000;font-weight:bold;background-color:#ddd;'>".$key." </td><td width='50%' style='color:#990000;font-weight:normal;background-color:#ddd;'>".$val."</td></tr>\n"; + } + + $output .= "</table>\n"; + $output .= "</fieldset>"; + + return $output; + } + + // -------------------------------------------------------------------- + + /** + * Compile Queries + * + * @access private + * @return string + */ + function _compile_queries() + { + $dbs = array(); + + // Let's determine which databases are currently connected to + foreach (get_object_vars($this->CI) as $CI_object) + { + if (is_object($CI_object) && is_subclass_of(get_class($CI_object), 'CI_DB') ) + { + $dbs[] = $CI_object; + } + } + + if (count($dbs) == 0) + { + $output = "\n\n"; + $output .= '<fieldset style="border:1px solid #0000FF;padding:6px 10px 10px 10px;margin:20px 0 20px 0;background-color:#eee">'; + $output .= "\n"; + $output .= '<legend style="color:#0000FF;"> '.$this->CI->lang->line('profiler_queries').' </legend>'; + $output .= "\n"; + $output .= "\n\n<table cellpadding='4' cellspacing='1' border='0' width='100%'>\n"; + $output .="<tr><td width='100%' style='color:#0000FF;font-weight:normal;background-color:#eee;'>".$this->CI->lang->line('profiler_no_db')."</td></tr>\n"; + $output .= "</table>\n"; + $output .= "</fieldset>"; + + return $output; + } + + // Load the text helper so we can highlight the SQL + $this->CI->load->helper('text'); + + // Key words we want bolded + $highlight = array('SELECT', 'DISTINCT', 'FROM', 'WHERE', 'AND', 'LEFT JOIN', 'ORDER BY', 'GROUP BY', 'LIMIT', 'INSERT', 'INTO', 'VALUES', 'UPDATE', 'OR', 'HAVING', 'OFFSET', 'NOT IN', 'IN', 'LIKE', 'NOT LIKE', 'COUNT', 'MAX', 'MIN', 'ON', 'AS', 'AVG', 'SUM', '(', ')'); + + $output = "\n\n"; + + foreach ($dbs as $db) + { + $output .= '<fieldset style="border:1px solid #0000FF;padding:6px 10px 10px 10px;margin:20px 0 20px 0;background-color:#eee">'; + $output .= "\n"; + $output .= '<legend style="color:#0000FF;"> '.$this->CI->lang->line('profiler_database').': '.$db->database.' '.$this->CI->lang->line('profiler_queries').': '.count($this->CI->db->queries).' </legend>'; + $output .= "\n"; + $output .= "\n\n<table cellpadding='4' cellspacing='1' border='0' width='100%'>\n"; + + if (count($db->queries) == 0) + { + $output .= "<tr><td width='100%' style='color:#0000FF;font-weight:normal;background-color:#eee;'>".$this->CI->lang->line('profiler_no_queries')."</td></tr>\n"; + } + else + { + foreach ($db->queries as $key => $val) + { + $time = number_format($db->query_times[$key], 4); + + $val = highlight_code($val, ENT_QUOTES); + + foreach ($highlight as $bold) + { + $val = str_replace($bold, '<strong>'.$bold.'</strong>', $val); + } + + $output .= "<tr><td width='1%' valign='top' style='color:#990000;font-weight:normal;background-color:#ddd;'>".$time." </td><td style='color:#000;font-weight:normal;background-color:#ddd;'>".$val."</td></tr>\n"; + } + } + + $output .= "</table>\n"; + $output .= "</fieldset>"; + + } + + return $output; + } + + + // -------------------------------------------------------------------- + + /** + * Compile $_GET Data + * + * @access private + * @return string + */ + function _compile_get() + { + $output = "\n\n"; + $output .= '<fieldset style="border:1px solid #cd6e00;padding:6px 10px 10px 10px;margin:20px 0 20px 0;background-color:#eee">'; + $output .= "\n"; + $output .= '<legend style="color:#cd6e00;"> '.$this->CI->lang->line('profiler_get_data').' </legend>'; + $output .= "\n"; + + if (count($_GET) == 0) + { + $output .= "<div style='color:#cd6e00;font-weight:normal;padding:4px 0 4px 0'>".$this->CI->lang->line('profiler_no_get')."</div>"; + } + else + { + $output .= "\n\n<table cellpadding='4' cellspacing='1' border='0' width='100%'>\n"; + + foreach ($_GET as $key => $val) + { + if ( ! is_numeric($key)) + { + $key = "'".$key."'"; + } + + $output .= "<tr><td width='50%' style='color:#000;background-color:#ddd;'>$_GET[".$key."] </td><td width='50%' style='color:#cd6e00;font-weight:normal;background-color:#ddd;'>"; + if (is_array($val)) + { + $output .= "<pre>" . htmlspecialchars(stripslashes(print_r($val, true))) . "</pre>"; + } + else + { + $output .= htmlspecialchars(stripslashes($val)); + } + $output .= "</td></tr>\n"; + } + + $output .= "</table>\n"; + } + $output .= "</fieldset>"; + + return $output; + } + + // -------------------------------------------------------------------- + + /** + * Compile $_POST Data + * + * @access private + * @return string + */ + function _compile_post() + { + $output = "\n\n"; + $output .= '<fieldset style="border:1px solid #009900;padding:6px 10px 10px 10px;margin:20px 0 20px 0;background-color:#eee">'; + $output .= "\n"; + $output .= '<legend style="color:#009900;"> '.$this->CI->lang->line('profiler_post_data').' </legend>'; + $output .= "\n"; + + if (count($_POST) == 0) + { + $output .= "<div style='color:#009900;font-weight:normal;padding:4px 0 4px 0'>".$this->CI->lang->line('profiler_no_post')."</div>"; + } + else + { + $output .= "\n\n<table cellpadding='4' cellspacing='1' border='0' width='100%'>\n"; + + foreach ($_POST as $key => $val) + { + if ( ! is_numeric($key)) + { + $key = "'".$key."'"; + } + + $output .= "<tr><td width='50%' style='color:#000;background-color:#ddd;'>$_POST[".$key."] </td><td width='50%' style='color:#009900;font-weight:normal;background-color:#ddd;'>"; + if (is_array($val)) + { + $output .= "<pre>" . htmlspecialchars(stripslashes(print_r($val, true))) . "</pre>"; + } + else + { + $output .= htmlspecialchars(stripslashes($val)); + } + $output .= "</td></tr>\n"; + } + + $output .= "</table>\n"; + } + $output .= "</fieldset>"; + + return $output; + } + + // -------------------------------------------------------------------- + + /** + * Show query string + * + * @access private + * @return string + */ + function _compile_uri_string() + { + $output = "\n\n"; + $output .= '<fieldset style="border:1px solid #000;padding:6px 10px 10px 10px;margin:20px 0 20px 0;background-color:#eee">'; + $output .= "\n"; + $output .= '<legend style="color:#000;"> '.$this->CI->lang->line('profiler_uri_string').' </legend>'; + $output .= "\n"; + + if ($this->CI->uri->uri_string == '') + { + $output .= "<div style='color:#000;font-weight:normal;padding:4px 0 4px 0'>".$this->CI->lang->line('profiler_no_uri')."</div>"; + } + else + { + $output .= "<div style='color:#000;font-weight:normal;padding:4px 0 4px 0'>".$this->CI->uri->uri_string."</div>"; + } + + $output .= "</fieldset>"; + + return $output; + } + + // -------------------------------------------------------------------- + + /** + * Show the controller and function that were called + * + * @access private + * @return string + */ + function _compile_controller_info() + { + $output = "\n\n"; + $output .= '<fieldset style="border:1px solid #995300;padding:6px 10px 10px 10px;margin:20px 0 20px 0;background-color:#eee">'; + $output .= "\n"; + $output .= '<legend style="color:#995300;"> '.$this->CI->lang->line('profiler_controller_info').' </legend>'; + $output .= "\n"; + + $output .= "<div style='color:#995300;font-weight:normal;padding:4px 0 4px 0'>".$this->CI->router->fetch_class()."/".$this->CI->router->fetch_method()."</div>"; + + + $output .= "</fieldset>"; + + return $output; + } + // -------------------------------------------------------------------- + + /** + * Compile memory usage + * + * Display total used memory + * + * @access public + * @return string + */ + function _compile_memory_usage() + { + $output = "\n\n"; + $output .= '<fieldset style="border:1px solid #5a0099;padding:6px 10px 10px 10px;margin:20px 0 20px 0;background-color:#eee">'; + $output .= "\n"; + $output .= '<legend style="color:#5a0099;"> '.$this->CI->lang->line('profiler_memory_usage').' </legend>'; + $output .= "\n"; + + if (function_exists('memory_get_usage') && ($usage = memory_get_usage()) != '') + { + $output .= "<div style='color:#5a0099;font-weight:normal;padding:4px 0 4px 0'>".number_format($usage).' bytes</div>'; + } + else + { + $output .= "<div style='color:#5a0099;font-weight:normal;padding:4px 0 4px 0'>".$this->CI->lang->line('profiler_no_memory_usage')."</div>"; + } + + $output .= "</fieldset>"; + + return $output; + } + + // -------------------------------------------------------------------- + + /** + * Run the Profiler + * + * @access private + * @return string + */ + function run() + { + $output = "<div id='codeigniter_profiler' style='clear:both;background-color:#fff;padding:10px;'>"; + + $output .= $this->_compile_uri_string(); + $output .= $this->_compile_controller_info(); + $output .= $this->_compile_memory_usage(); + $output .= $this->_compile_benchmarks(); + $output .= $this->_compile_get(); + $output .= $this->_compile_post(); + $output .= $this->_compile_queries(); + + $output .= '</div>'; + + return $output; + } + +} + +// END CI_Profiler class + +/* End of file Profiler.php */ +/* Location: ./system/libraries/Profiler.php */
\ No newline at end of file diff --git a/system/libraries/Router.php b/system/libraries/Router.php new file mode 100644 index 000000000..50c7dd7cc --- /dev/null +++ b/system/libraries/Router.php @@ -0,0 +1,389 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Router Class + * + * Parses URIs and determines routing + * + * @package CodeIgniter + * @subpackage Libraries + * @author ExpressionEngine Dev Team + * @category Libraries + * @link http://codeigniter.com/user_guide/general/routing.html + */ +class CI_Router { + + var $config; + var $routes = array(); + var $error_routes = array(); + var $class = ''; + var $method = 'index'; + var $directory = ''; + var $uri_protocol = 'auto'; + var $default_controller; + var $scaffolding_request = FALSE; // Must be set to FALSE + + /** + * Constructor + * + * Runs the route mapping function. + */ + function CI_Router() + { + $this->config =& load_class('Config'); + $this->uri =& load_class('URI'); + $this->_set_routing(); + log_message('debug', "Router Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Set the route mapping + * + * This function determines what should be served based on the URI request, + * as well as any "routes" that have been set in the routing config file. + * + * @access private + * @return void + */ + function _set_routing() + { + // Are query strings enabled in the config file? + // If so, we're done since segment based URIs are not used with query strings. + if ($this->config->item('enable_query_strings') === TRUE AND isset($_GET[$this->config->item('controller_trigger')])) + { + $this->set_class(trim($this->uri->_filter_uri($_GET[$this->config->item('controller_trigger')]))); + + if (isset($_GET[$this->config->item('function_trigger')])) + { + $this->set_method(trim($this->uri->_filter_uri($_GET[$this->config->item('function_trigger')]))); + } + + return; + } + + // Load the routes.php file. + @include(APPPATH.'config/routes'.EXT); + $this->routes = ( ! isset($route) OR ! is_array($route)) ? array() : $route; + unset($route); + + // Set the default controller so we can display it in the event + // the URI doesn't correlated to a valid controller. + $this->default_controller = ( ! isset($this->routes['default_controller']) OR $this->routes['default_controller'] == '') ? FALSE : strtolower($this->routes['default_controller']); + + // Fetch the complete URI string + $this->uri->_fetch_uri_string(); + + // Is there a URI string? If not, the default controller specified in the "routes" file will be shown. + if ($this->uri->uri_string == '') + { + if ($this->default_controller === FALSE) + { + show_error("Unable to determine what should be displayed. A default route has not been specified in the routing file."); + } + + if (strpos($this->default_controller, '/') !== FALSE) + { + $x = explode('/', $this->default_controller); + + $this->set_class(end($x)); + $this->set_method('index'); + $this->_set_request($x); + } + else + { + $this->set_class($this->default_controller); + $this->set_method('index'); + $this->_set_request(array($this->default_controller, 'index')); + } + + // re-index the routed segments array so it starts with 1 rather than 0 + $this->uri->_reindex_segments(); + + log_message('debug', "No URI present. Default controller set."); + return; + } + unset($this->routes['default_controller']); + + // Do we need to remove the URL suffix? + $this->uri->_remove_url_suffix(); + + // Compile the segments into an array + $this->uri->_explode_segments(); + + // Parse any custom routing that may exist + $this->_parse_routes(); + + // Re-index the segment array so that it starts with 1 rather than 0 + $this->uri->_reindex_segments(); + } + + // -------------------------------------------------------------------- + + /** + * Set the Route + * + * This function takes an array of URI segments as + * input, and sets the current class/method + * + * @access private + * @param array + * @param bool + * @return void + */ + function _set_request($segments = array()) + { + $segments = $this->_validate_request($segments); + + if (count($segments) == 0) + { + return; + } + + $this->set_class($segments[0]); + + if (isset($segments[1])) + { + // A scaffolding request. No funny business with the URL + if ($this->routes['scaffolding_trigger'] == $segments[1] AND $segments[1] != '_ci_scaffolding') + { + $this->scaffolding_request = TRUE; + unset($this->routes['scaffolding_trigger']); + } + else + { + // A standard method request + $this->set_method($segments[1]); + } + } + else + { + // This lets the "routed" segment array identify that the default + // index method is being used. + $segments[1] = 'index'; + } + + // Update our "routed" segment array to contain the segments. + // Note: If there is no custom routing, this array will be + // identical to $this->uri->segments + $this->uri->rsegments = $segments; + } + + // -------------------------------------------------------------------- + + /** + * Validates the supplied segments. Attempts to determine the path to + * the controller. + * + * @access private + * @param array + * @return array + */ + function _validate_request($segments) + { + // Does the requested controller exist in the root folder? + if (file_exists(APPPATH.'controllers/'.$segments[0].EXT)) + { + return $segments; + } + + // Is the controller in a sub-folder? + if (is_dir(APPPATH.'controllers/'.$segments[0])) + { + // Set the directory and remove it from the segment array + $this->set_directory($segments[0]); + $segments = array_slice($segments, 1); + + if (count($segments) > 0) + { + // Does the requested controller exist in the sub-folder? + if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$segments[0].EXT)) + { + show_404($this->fetch_directory().$segments[0]); + } + } + else + { + $this->set_class($this->default_controller); + $this->set_method('index'); + + // Does the default controller exist in the sub-folder? + if ( ! file_exists(APPPATH.'controllers/'.$this->fetch_directory().$this->default_controller.EXT)) + { + $this->directory = ''; + return array(); + } + + } + + return $segments; + } + + // Can't find the requested controller... + show_404($segments[0]); + } + + // -------------------------------------------------------------------- + + /** + * Parse Routes + * + * This function matches any routes that may exist in + * the config/routes.php file against the URI to + * determine if the class/method need to be remapped. + * + * @access private + * @return void + */ + function _parse_routes() + { + // Do we even have any custom routing to deal with? + // There is a default scaffolding trigger, so we'll look just for 1 + if (count($this->routes) == 1) + { + $this->_set_request($this->uri->segments); + return; + } + + // Turn the segment array into a URI string + $uri = implode('/', $this->uri->segments); + + // Is there a literal match? If so we're done + if (isset($this->routes[$uri])) + { + $this->_set_request(explode('/', $this->routes[$uri])); + return; + } + + // Loop through the route array looking for wild-cards + foreach ($this->routes as $key => $val) + { + // Convert wild-cards to RegEx + $key = str_replace(':any', '.+', str_replace(':num', '[0-9]+', $key)); + + // Does the RegEx match? + if (preg_match('#^'.$key.'$#', $uri)) + { + // Do we have a back-reference? + if (strpos($val, '$') !== FALSE AND strpos($key, '(') !== FALSE) + { + $val = preg_replace('#^'.$key.'$#', $val, $uri); + } + + $this->_set_request(explode('/', $val)); + return; + } + } + + // If we got this far it means we didn't encounter a + // matching route so we'll set the site default route + $this->_set_request($this->uri->segments); + } + + // -------------------------------------------------------------------- + + /** + * Set the class name + * + * @access public + * @param string + * @return void + */ + function set_class($class) + { + $this->class = $class; + } + + // -------------------------------------------------------------------- + + /** + * Fetch the current class + * + * @access public + * @return string + */ + function fetch_class() + { + return $this->class; + } + + // -------------------------------------------------------------------- + + /** + * Set the method name + * + * @access public + * @param string + * @return void + */ + function set_method($method) + { + $this->method = $method; + } + + // -------------------------------------------------------------------- + + /** + * Fetch the current method + * + * @access public + * @return string + */ + function fetch_method() + { + if ($this->method == $this->fetch_class()) + { + return 'index'; + } + + return $this->method; + } + + // -------------------------------------------------------------------- + + /** + * Set the directory name + * + * @access public + * @param string + * @return void + */ + function set_directory($dir) + { + $this->directory = $dir.'/'; + } + + // -------------------------------------------------------------------- + + /** + * Fetch the sub-directory (if any) that contains the requested controller class + * + * @access public + * @return string + */ + function fetch_directory() + { + return $this->directory; + } + +} +// END Router Class + +/* End of file Router.php */ +/* Location: ./system/libraries/Router.php */
\ No newline at end of file diff --git a/system/libraries/Session.php b/system/libraries/Session.php new file mode 100644 index 000000000..5e0ce48e9 --- /dev/null +++ b/system/libraries/Session.php @@ -0,0 +1,758 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Session Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Sessions + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/sessions.html + */ +class CI_Session { + + var $sess_encrypt_cookie = FALSE; + var $sess_use_database = FALSE; + var $sess_table_name = ''; + var $sess_expiration = 7200; + var $sess_match_ip = FALSE; + var $sess_match_useragent = TRUE; + var $sess_cookie_name = 'ci_session'; + var $cookie_prefix = ''; + var $cookie_path = ''; + var $cookie_domain = ''; + var $sess_time_to_update = 300; + var $encryption_key = ''; + var $flashdata_key = 'flash'; + var $time_reference = 'time'; + var $gc_probability = 5; + var $userdata = array(); + var $CI; + var $now; + + /** + * Session Constructor + * + * The constructor runs the session routines automatically + * whenever the class is instantiated. + */ + function CI_Session($params = array()) + { + log_message('debug', "Session Class Initialized"); + + // Set the super object to a local variable for use throughout the class + $this->CI =& get_instance(); + + // Set all the session preferences, which can either be set + // manually via the $params array above or via the config file + foreach (array('sess_encrypt_cookie', 'sess_use_database', 'sess_table_name', 'sess_expiration', 'sess_match_ip', 'sess_match_useragent', 'sess_cookie_name', 'cookie_path', 'cookie_domain', 'sess_time_to_update', 'time_reference', 'cookie_prefix', 'encryption_key') as $key) + { + $this->$key = (isset($params[$key])) ? $params[$key] : $this->CI->config->item($key); + } + + // Load the string helper so we can use the strip_slashes() function + $this->CI->load->helper('string'); + + // Do we need encryption? If so, load the encryption class + if ($this->sess_encrypt_cookie == TRUE) + { + $this->CI->load->library('encrypt'); + } + + // Are we using a database? If so, load it + if ($this->sess_use_database === TRUE AND $this->sess_table_name != '') + { + $this->CI->load->database(); + } + + // Set the "now" time. Can either be GMT or server time, based on the + // config prefs. We use this to set the "last activity" time + $this->now = $this->_get_time(); + + // Set the session length. If the session expiration is + // set to zero we'll set the expiration two years from now. + if ($this->sess_expiration == 0) + { + $this->sess_expiration = (60*60*24*365*2); + } + + // Set the cookie name + $this->sess_cookie_name = $this->cookie_prefix.$this->sess_cookie_name; + + // Run the Session routine. If a session doesn't exist we'll + // create a new one. If it does, we'll update it. + if ( ! $this->sess_read()) + { + $this->sess_create(); + } + else + { + $this->sess_update(); + } + + // Delete 'old' flashdata (from last request) + $this->_flashdata_sweep(); + + // Mark all new flashdata as old (data will be deleted before next request) + $this->_flashdata_mark(); + + // Delete expired sessions if necessary + $this->_sess_gc(); + + log_message('debug', "Session routines successfully run"); + } + + // -------------------------------------------------------------------- + + /** + * Fetch the current session data if it exists + * + * @access public + * @return bool + */ + function sess_read() + { + // Fetch the cookie + $session = $this->CI->input->cookie($this->sess_cookie_name); + + // No cookie? Goodbye cruel world!... + if ($session === FALSE) + { + log_message('debug', 'A session cookie was not found.'); + return FALSE; + } + + // Decrypt the cookie data + if ($this->sess_encrypt_cookie == TRUE) + { + $session = $this->CI->encrypt->decode($session); + } + else + { + // encryption was not used, so we need to check the md5 hash + $hash = substr($session, strlen($session)-32); // get last 32 chars + $session = substr($session, 0, strlen($session)-32); + + // Does the md5 hash match? This is to prevent manipulation of session data in userspace + if ($hash !== md5($session.$this->encryption_key)) + { + log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.'); + $this->sess_destroy(); + return FALSE; + } + } + + // Unserialize the session array + $session = $this->_unserialize($session); + + // Is the session data we unserialized an array with the correct format? + if ( ! is_array($session) OR ! isset($session['session_id']) OR ! isset($session['ip_address']) OR ! isset($session['user_agent']) OR ! isset($session['last_activity'])) + { + $this->sess_destroy(); + return FALSE; + } + + // Is the session current? + if (($session['last_activity'] + $this->sess_expiration) < $this->now) + { + $this->sess_destroy(); + return FALSE; + } + + // Does the IP Match? + if ($this->sess_match_ip == TRUE AND $session['ip_address'] != $this->CI->input->ip_address()) + { + $this->sess_destroy(); + return FALSE; + } + + // Does the User Agent Match? + if ($this->sess_match_useragent == TRUE AND trim($session['user_agent']) != trim(substr($this->CI->input->user_agent(), 0, 50))) + { + $this->sess_destroy(); + return FALSE; + } + + // Is there a corresponding session in the DB? + if ($this->sess_use_database === TRUE) + { + $this->CI->db->where('session_id', $session['session_id']); + + if ($this->sess_match_ip == TRUE) + { + $this->CI->db->where('ip_address', $session['ip_address']); + } + + if ($this->sess_match_useragent == TRUE) + { + $this->CI->db->where('user_agent', $session['user_agent']); + } + + $query = $this->CI->db->get($this->sess_table_name); + + // No result? Kill it! + if ($query->num_rows() == 0) + { + $this->sess_destroy(); + return FALSE; + } + + // Is there custom data? If so, add it to the main session array + $row = $query->row(); + if (isset($row->user_data) AND $row->user_data != '') + { + $custom_data = $this->_unserialize($row->user_data); + + if (is_array($custom_data)) + { + foreach ($custom_data as $key => $val) + { + $session[$key] = $val; + } + } + } + } + + // Session is valid! + $this->userdata = $session; + unset($session); + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Write the session data + * + * @access public + * @return void + */ + function sess_write() + { + // Are we saving custom data to the DB? If not, all we do is update the cookie + if ($this->sess_use_database === FALSE) + { + $this->_set_cookie(); + return; + } + + // set the custom userdata, the session data we will set in a second + $custom_userdata = $this->userdata; + $cookie_userdata = array(); + + // Before continuing, we need to determine if there is any custom data to deal with. + // Let's determine this by removing the default indexes to see if there's anything left in the array + // and set the session data while we're at it + foreach (array('session_id','ip_address','user_agent','last_activity') as $val) + { + unset($custom_userdata[$val]); + $cookie_userdata[$val] = $this->userdata[$val]; + } + + // Did we find any custom data? If not, we turn the empty array into a string + // since there's no reason to serialize and store an empty array in the DB + if (count($custom_userdata) === 0) + { + $custom_userdata = ''; + } + else + { + // Serialize the custom data array so we can store it + $custom_userdata = $this->_serialize($custom_userdata); + } + + // Run the update query + $this->CI->db->where('session_id', $this->userdata['session_id']); + $this->CI->db->update($this->sess_table_name, array('last_activity' => $this->userdata['last_activity'], 'user_data' => $custom_userdata)); + + // Write the cookie. Notice that we manually pass the cookie data array to the + // _set_cookie() function. Normally that function will store $this->userdata, but + // in this case that array contains custom data, which we do not want in the cookie. + $this->_set_cookie($cookie_userdata); + } + + // -------------------------------------------------------------------- + + /** + * Create a new session + * + * @access public + * @return void + */ + function sess_create() + { + $sessid = ''; + while (strlen($sessid) < 32) + { + $sessid .= mt_rand(0, mt_getrandmax()); + } + + // To make the session ID even more secure we'll combine it with the user's IP + $sessid .= $this->CI->input->ip_address(); + + $this->userdata = array( + 'session_id' => md5(uniqid($sessid, TRUE)), + 'ip_address' => $this->CI->input->ip_address(), + 'user_agent' => substr($this->CI->input->user_agent(), 0, 50), + 'last_activity' => $this->now + ); + + + // Save the data to the DB if needed + if ($this->sess_use_database === TRUE) + { + $this->CI->db->query($this->CI->db->insert_string($this->sess_table_name, $this->userdata)); + } + + // Write the cookie + $this->_set_cookie(); + } + + // -------------------------------------------------------------------- + + /** + * Update an existing session + * + * @access public + * @return void + */ + function sess_update() + { + // We only update the session every five minutes by default + if (($this->userdata['last_activity'] + $this->sess_time_to_update) >= $this->now) + { + return; + } + + // Save the old session id so we know which record to + // update in the database if we need it + $old_sessid = $this->userdata['session_id']; + $new_sessid = ''; + while (strlen($new_sessid) < 32) + { + $new_sessid .= mt_rand(0, mt_getrandmax()); + } + + // To make the session ID even more secure we'll combine it with the user's IP + $new_sessid .= $this->CI->input->ip_address(); + + // Turn it into a hash + $new_sessid = md5(uniqid($new_sessid, TRUE)); + + // Update the session data in the session data array + $this->userdata['session_id'] = $new_sessid; + $this->userdata['last_activity'] = $this->now; + + // _set_cookie() will handle this for us if we aren't using database sessions + // by pushing all userdata to the cookie. + $cookie_data = NULL; + + // Update the session ID and last_activity field in the DB if needed + if ($this->sess_use_database === TRUE) + { + // set cookie explicitly to only have our session data + $cookie_data = array(); + foreach (array('session_id','ip_address','user_agent','last_activity') as $val) + { + $cookie_data[$val] = $this->userdata[$val]; + } + + $this->CI->db->query($this->CI->db->update_string($this->sess_table_name, array('last_activity' => $this->now, 'session_id' => $new_sessid), array('session_id' => $old_sessid))); + } + + // Write the cookie + $this->_set_cookie($cookie_data); + } + + // -------------------------------------------------------------------- + + /** + * Destroy the current session + * + * @access public + * @return void + */ + function sess_destroy() + { + // Kill the session DB row + if ($this->sess_use_database === TRUE AND isset($this->userdata['session_id'])) + { + $this->CI->db->where('session_id', $this->userdata['session_id']); + $this->CI->db->delete($this->sess_table_name); + } + + // Kill the cookie + setcookie( + $this->sess_cookie_name, + addslashes(serialize(array())), + ($this->now - 31500000), + $this->cookie_path, + $this->cookie_domain, + 0 + ); + } + + // -------------------------------------------------------------------- + + /** + * Fetch a specific item from the session array + * + * @access public + * @param string + * @return string + */ + function userdata($item) + { + return ( ! isset($this->userdata[$item])) ? FALSE : $this->userdata[$item]; + } + + // -------------------------------------------------------------------- + + /** + * Fetch all session data + * + * @access public + * @return mixed + */ + function all_userdata() + { + return ( ! isset($this->userdata)) ? FALSE : $this->userdata; + } + + // -------------------------------------------------------------------- + + /** + * Add or change data in the "userdata" array + * + * @access public + * @param mixed + * @param string + * @return void + */ + function set_userdata($newdata = array(), $newval = '') + { + if (is_string($newdata)) + { + $newdata = array($newdata => $newval); + } + + if (count($newdata) > 0) + { + foreach ($newdata as $key => $val) + { + $this->userdata[$key] = $val; + } + } + + $this->sess_write(); + } + + // -------------------------------------------------------------------- + + /** + * Delete a session variable from the "userdata" array + * + * @access array + * @return void + */ + function unset_userdata($newdata = array()) + { + if (is_string($newdata)) + { + $newdata = array($newdata => ''); + } + + if (count($newdata) > 0) + { + foreach ($newdata as $key => $val) + { + unset($this->userdata[$key]); + } + } + + $this->sess_write(); + } + + // ------------------------------------------------------------------------ + + /** + * Add or change flashdata, only available + * until the next request + * + * @access public + * @param mixed + * @param string + * @return void + */ + function set_flashdata($newdata = array(), $newval = '') + { + if (is_string($newdata)) + { + $newdata = array($newdata => $newval); + } + + if (count($newdata) > 0) + { + foreach ($newdata as $key => $val) + { + $flashdata_key = $this->flashdata_key.':new:'.$key; + $this->set_userdata($flashdata_key, $val); + } + } + } + + // ------------------------------------------------------------------------ + + /** + * Keeps existing flashdata available to next request. + * + * @access public + * @param string + * @return void + */ + function keep_flashdata($key) + { + // 'old' flashdata gets removed. Here we mark all + // flashdata as 'new' to preserve it from _flashdata_sweep() + // Note the function will return FALSE if the $key + // provided cannot be found + $old_flashdata_key = $this->flashdata_key.':old:'.$key; + $value = $this->userdata($old_flashdata_key); + + $new_flashdata_key = $this->flashdata_key.':new:'.$key; + $this->set_userdata($new_flashdata_key, $value); + } + + // ------------------------------------------------------------------------ + + /** + * Fetch a specific flashdata item from the session array + * + * @access public + * @param string + * @return string + */ + function flashdata($key) + { + $flashdata_key = $this->flashdata_key.':old:'.$key; + return $this->userdata($flashdata_key); + } + + // ------------------------------------------------------------------------ + + /** + * Identifies flashdata as 'old' for removal + * when _flashdata_sweep() runs. + * + * @access private + * @return void + */ + function _flashdata_mark() + { + $userdata = $this->all_userdata(); + foreach ($userdata as $name => $value) + { + $parts = explode(':new:', $name); + if (is_array($parts) && count($parts) === 2) + { + $new_name = $this->flashdata_key.':old:'.$parts[1]; + $this->set_userdata($new_name, $value); + $this->unset_userdata($name); + } + } + } + + // ------------------------------------------------------------------------ + + /** + * Removes all flashdata marked as 'old' + * + * @access private + * @return void + */ + + function _flashdata_sweep() + { + $userdata = $this->all_userdata(); + foreach ($userdata as $key => $value) + { + if (strpos($key, ':old:')) + { + $this->unset_userdata($key); + } + } + + } + + // -------------------------------------------------------------------- + + /** + * Get the "now" time + * + * @access private + * @return string + */ + function _get_time() + { + if (strtolower($this->time_reference) == 'gmt') + { + $now = time(); + $time = mktime(gmdate("H", $now), gmdate("i", $now), gmdate("s", $now), gmdate("m", $now), gmdate("d", $now), gmdate("Y", $now)); + } + else + { + $time = time(); + } + + return $time; + } + + // -------------------------------------------------------------------- + + /** + * Write the session cookie + * + * @access public + * @return void + */ + function _set_cookie($cookie_data = NULL) + { + if (is_null($cookie_data)) + { + $cookie_data = $this->userdata; + } + + // Serialize the userdata for the cookie + $cookie_data = $this->_serialize($cookie_data); + + if ($this->sess_encrypt_cookie == TRUE) + { + $cookie_data = $this->CI->encrypt->encode($cookie_data); + } + else + { + // if encryption is not used, we provide an md5 hash to prevent userside tampering + $cookie_data = $cookie_data.md5($cookie_data.$this->encryption_key); + } + + // Set the cookie + setcookie( + $this->sess_cookie_name, + $cookie_data, + $this->sess_expiration + time(), + $this->cookie_path, + $this->cookie_domain, + 0 + ); + } + + // -------------------------------------------------------------------- + + /** + * Serialize an array + * + * This function first converts any slashes found in the array to a temporary + * marker, so when it gets unserialized the slashes will be preserved + * + * @access private + * @param array + * @return string + */ + function _serialize($data) + { + if (is_array($data)) + { + foreach ($data as $key => $val) + { + $data[$key] = str_replace('\\', '{{slash}}', $val); + } + } + else + { + $data = str_replace('\\', '{{slash}}', $data); + } + + return serialize($data); + } + + // -------------------------------------------------------------------- + + /** + * Unserialize + * + * This function unserializes a data string, then converts any + * temporary slash markers back to actual slashes + * + * @access private + * @param array + * @return string + */ + function _unserialize($data) + { + $data = @unserialize(strip_slashes($data)); + + if (is_array($data)) + { + foreach ($data as $key => $val) + { + $data[$key] = str_replace('{{slash}}', '\\', $val); + } + + return $data; + } + + return str_replace('{{slash}}', '\\', $data); + } + + // -------------------------------------------------------------------- + + /** + * Garbage collection + * + * This deletes expired session rows from database + * if the probability percentage is met + * + * @access public + * @return void + */ + function _sess_gc() + { + if ($this->sess_use_database != TRUE) + { + return; + } + + srand(time()); + if ((rand() % 100) < $this->gc_probability) + { + $expire = $this->now - $this->sess_expiration; + + $this->CI->db->where("last_activity < {$expire}"); + $this->CI->db->delete($this->sess_table_name); + + log_message('debug', 'Session garbage collection performed.'); + } + } + + +} +// END Session Class + +/* End of file Session.php */ +/* Location: ./system/libraries/Session.php */
\ No newline at end of file diff --git a/system/libraries/Sha1.php b/system/libraries/Sha1.php new file mode 100644 index 000000000..6c39a5b11 --- /dev/null +++ b/system/libraries/Sha1.php @@ -0,0 +1,251 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * SHA1 Encoding Class + * + * Purpose: Provides 160 bit hashing using The Secure Hash Algorithm + * developed at the National Institute of Standards and Technology. The 40 + * character SHA1 message hash is computationally infeasible to crack. + * + * This class is a fallback for servers that are not running PHP greater than + * 4.3, or do not have the MHASH library. + * + * This class is based on two scripts: + * + * Marcus Campbell's PHP implementation (GNU license) + * http://www.tecknik.net/sha-1/ + * + * ...which is based on Paul Johnston's JavaScript version + * (BSD license). http://pajhome.org.uk/ + * + * I encapsulated the functions and wrote one additional method to fix + * a hex conversion bug. - Rick Ellis + * + * @package CodeIgniter + * @subpackage Libraries + * @category Encryption + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/general/encryption.html + */ +class CI_SHA { + + function CI_SHA() + { + log_message('debug', "SHA1 Class Initialized"); + } + + /** + * Generate the Hash + * + * @access public + * @param string + * @return string + */ + function generate($str) + { + $n = ((strlen($str) + 8) >> 6) + 1; + + for ($i = 0; $i < $n * 16; $i++) + { + $x[$i] = 0; + } + + for ($i = 0; $i < strlen($str); $i++) + { + $x[$i >> 2] |= ord(substr($str, $i, 1)) << (24 - ($i % 4) * 8); + } + + $x[$i >> 2] |= 0x80 << (24 - ($i % 4) * 8); + + $x[$n * 16 - 1] = strlen($str) * 8; + + $a = 1732584193; + $b = -271733879; + $c = -1732584194; + $d = 271733878; + $e = -1009589776; + + for ($i = 0; $i < count($x); $i += 16) + { + $olda = $a; + $oldb = $b; + $oldc = $c; + $oldd = $d; + $olde = $e; + + for($j = 0; $j < 80; $j++) + { + if ($j < 16) + { + $w[$j] = $x[$i + $j]; + } + else + { + $w[$j] = $this->_rol($w[$j - 3] ^ $w[$j - 8] ^ $w[$j - 14] ^ $w[$j - 16], 1); + } + + $t = $this->_safe_add($this->_safe_add($this->_rol($a, 5), $this->_ft($j, $b, $c, $d)), $this->_safe_add($this->_safe_add($e, $w[$j]), $this->_kt($j))); + + $e = $d; + $d = $c; + $c = $this->_rol($b, 30); + $b = $a; + $a = $t; + } + + $a = $this->_safe_add($a, $olda); + $b = $this->_safe_add($b, $oldb); + $c = $this->_safe_add($c, $oldc); + $d = $this->_safe_add($d, $oldd); + $e = $this->_safe_add($e, $olde); + } + + return $this->_hex($a).$this->_hex($b).$this->_hex($c).$this->_hex($d).$this->_hex($e); + } + + // -------------------------------------------------------------------- + + /** + * Convert a decimal to hex + * + * @access private + * @param string + * @return string + */ + function _hex($str) + { + $str = dechex($str); + + if (strlen($str) == 7) + { + $str = '0'.$str; + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Return result based on iteration + * + * @access private + * @return string + */ + function _ft($t, $b, $c, $d) + { + if ($t < 20) + return ($b & $c) | ((~$b) & $d); + if ($t < 40) + return $b ^ $c ^ $d; + if ($t < 60) + return ($b & $c) | ($b & $d) | ($c & $d); + + return $b ^ $c ^ $d; + } + + // -------------------------------------------------------------------- + + /** + * Determine the additive constant + * + * @access private + * @return string + */ + function _kt($t) + { + if ($t < 20) + { + return 1518500249; + } + else if ($t < 40) + { + return 1859775393; + } + else if ($t < 60) + { + return -1894007588; + } + else + { + return -899497514; + } + } + + // -------------------------------------------------------------------- + + /** + * Add integers, wrapping at 2^32 + * + * @access private + * @return string + */ + function _safe_add($x, $y) + { + $lsw = ($x & 0xFFFF) + ($y & 0xFFFF); + $msw = ($x >> 16) + ($y >> 16) + ($lsw >> 16); + + return ($msw << 16) | ($lsw & 0xFFFF); + } + + // -------------------------------------------------------------------- + + /** + * Bitwise rotate a 32-bit number + * + * @access private + * @return integer + */ + function _rol($num, $cnt) + { + return ($num << $cnt) | $this->_zero_fill($num, 32 - $cnt); + } + + // -------------------------------------------------------------------- + + /** + * Pad string with zero + * + * @access private + * @return string + */ + function _zero_fill($a, $b) + { + $bin = decbin($a); + + if (strlen($bin) < $b) + { + $bin = 0; + } + else + { + $bin = substr($bin, 0, strlen($bin) - $b); + } + + for ($i=0; $i < $b; $i++) + { + $bin = "0".$bin; + } + + return bindec($bin); + } +} +// END CI_SHA + +/* End of file Sha1.php */ +/* Location: ./system/libraries/Sha1.php */
\ No newline at end of file diff --git a/system/libraries/Table.php b/system/libraries/Table.php new file mode 100644 index 000000000..86d54217f --- /dev/null +++ b/system/libraries/Table.php @@ -0,0 +1,440 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.3.1 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * HTML Table Generating Class + * + * Lets you create tables manually or from database result objects, or arrays. + * + * @package CodeIgniter + * @subpackage Libraries + * @category HTML Tables + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/uri.html + */ +class CI_Table { + + var $rows = array(); + var $heading = array(); + var $auto_heading = TRUE; + var $caption = NULL; + var $template = NULL; + var $newline = "\n"; + var $empty_cells = ""; + + + function CI_Table() + { + log_message('debug', "Table Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Set the template + * + * @access public + * @param array + * @return void + */ + function set_template($template) + { + if ( ! is_array($template)) + { + return FALSE; + } + + $this->template = $template; + } + + // -------------------------------------------------------------------- + + /** + * Set the table heading + * + * Can be passed as an array or discreet params + * + * @access public + * @param mixed + * @return void + */ + function set_heading() + { + $args = func_get_args(); + $this->heading = (is_array($args[0])) ? $args[0] : $args; + } + + // -------------------------------------------------------------------- + + /** + * Set columns. Takes a one-dimensional array as input and creates + * a multi-dimensional array with a depth equal to the number of + * columns. This allows a single array with many elements to be + * displayed in a table that has a fixed column count. + * + * @access public + * @param array + * @param int + * @return void + */ + function make_columns($array = array(), $col_limit = 0) + { + if ( ! is_array($array) OR count($array) == 0) + { + return FALSE; + } + + // Turn off the auto-heading feature since it's doubtful we + // will want headings from a one-dimensional array + $this->auto_heading = FALSE; + + if ($col_limit == 0) + { + return $array; + } + + $new = array(); + while(count($array) > 0) + { + $temp = array_splice($array, 0, $col_limit); + + if (count($temp) < $col_limit) + { + for ($i = count($temp); $i < $col_limit; $i++) + { + $temp[] = ' '; + } + } + + $new[] = $temp; + } + + return $new; + } + + // -------------------------------------------------------------------- + + /** + * Set "empty" cells + * + * Can be passed as an array or discreet params + * + * @access public + * @param mixed + * @return void + */ + function set_empty($value) + { + $this->empty_cells = $value; + } + + // -------------------------------------------------------------------- + + /** + * Add a table row + * + * Can be passed as an array or discreet params + * + * @access public + * @param mixed + * @return void + */ + function add_row() + { + $args = func_get_args(); + $this->rows[] = (is_array($args[0])) ? $args[0] : $args; + } + + // -------------------------------------------------------------------- + + /** + * Add a table caption + * + * @access public + * @param string + * @return void + */ + function set_caption($caption) + { + $this->caption = $caption; + } + + // -------------------------------------------------------------------- + + /** + * Generate the table + * + * @access public + * @param mixed + * @return string + */ + function generate($table_data = NULL) + { + // The table data can optionally be passed to this function + // either as a database result object or an array + if ( ! is_null($table_data)) + { + if (is_object($table_data)) + { + $this->_set_from_object($table_data); + } + elseif (is_array($table_data)) + { + $set_heading = (count($this->heading) == 0 AND $this->auto_heading == FALSE) ? FALSE : TRUE; + $this->_set_from_array($table_data, $set_heading); + } + } + + // Is there anything to display? No? Smite them! + if (count($this->heading) == 0 AND count($this->rows) == 0) + { + return 'Undefined table data'; + } + + // Compile and validate the template date + $this->_compile_template(); + + + // Build the table! + + $out = $this->template['table_open']; + $out .= $this->newline; + + // Add any caption here + if ($this->caption) + { + $out .= $this->newline; + $out .= '<caption>' . $this->caption . '</caption>'; + $out .= $this->newline; + } + + // Is there a table heading to display? + if (count($this->heading) > 0) + { + $out .= $this->template['heading_row_start']; + $out .= $this->newline; + + foreach($this->heading as $heading) + { + $out .= $this->template['heading_cell_start']; + $out .= $heading; + $out .= $this->template['heading_cell_end']; + } + + $out .= $this->template['heading_row_end']; + $out .= $this->newline; + } + + // Build the table rows + if (count($this->rows) > 0) + { + $i = 1; + foreach($this->rows as $row) + { + if ( ! is_array($row)) + { + break; + } + + // We use modulus to alternate the row colors + $name = (fmod($i++, 2)) ? '' : 'alt_'; + + $out .= $this->template['row_'.$name.'start']; + $out .= $this->newline; + + foreach($row as $cell) + { + $out .= $this->template['cell_'.$name.'start']; + + if ($cell === "") + { + $out .= $this->empty_cells; + } + else + { + $out .= $cell; + } + + $out .= $this->template['cell_'.$name.'end']; + } + + $out .= $this->template['row_'.$name.'end']; + $out .= $this->newline; + } + } + + $out .= $this->template['table_close']; + + return $out; + } + + // -------------------------------------------------------------------- + + /** + * Clears the table arrays. Useful if multiple tables are being generated + * + * @access public + * @return void + */ + function clear() + { + $this->rows = array(); + $this->heading = array(); + $this->auto_heading = TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Set table data from a database result object + * + * @access public + * @param object + * @return void + */ + function _set_from_object($query) + { + if ( ! is_object($query)) + { + return FALSE; + } + + // First generate the headings from the table column names + if (count($this->heading) == 0) + { + if ( ! method_exists($query, 'list_fields')) + { + return FALSE; + } + + $this->heading = $query->list_fields(); + } + + // Next blast through the result array and build out the rows + + if ($query->num_rows() > 0) + { + foreach ($query->result_array() as $row) + { + $this->rows[] = $row; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Set table data from an array + * + * @access public + * @param array + * @return void + */ + function _set_from_array($data, $set_heading = TRUE) + { + if ( ! is_array($data) OR count($data) == 0) + { + return FALSE; + } + + $i = 0; + foreach ($data as $row) + { + if ( ! is_array($row)) + { + $this->rows[] = $data; + break; + } + + // If a heading hasn't already been set we'll use the first row of the array as the heading + if ($i == 0 AND count($data) > 1 AND count($this->heading) == 0 AND $set_heading == TRUE) + { + $this->heading = $row; + } + else + { + $this->rows[] = $row; + } + + $i++; + } + } + + // -------------------------------------------------------------------- + + /** + * Compile Template + * + * @access private + * @return void + */ + function _compile_template() + { + if ($this->template == NULL) + { + $this->template = $this->_default_template(); + return; + } + + $this->temp = $this->_default_template(); + foreach (array('table_open','heading_row_start', 'heading_row_end', 'heading_cell_start', 'heading_cell_end', 'row_start', 'row_end', 'cell_start', 'cell_end', 'row_alt_start', 'row_alt_end', 'cell_alt_start', 'cell_alt_end', 'table_close') as $val) + { + if ( ! isset($this->template[$val])) + { + $this->template[$val] = $this->temp[$val]; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Default Template + * + * @access private + * @return void + */ + function _default_template() + { + return array ( + 'table_open' => '<table border="0" cellpadding="4" cellspacing="0">', + + 'heading_row_start' => '<tr>', + 'heading_row_end' => '</tr>', + 'heading_cell_start' => '<th>', + 'heading_cell_end' => '</th>', + + 'row_start' => '<tr>', + 'row_end' => '</tr>', + 'cell_start' => '<td>', + 'cell_end' => '</td>', + + 'row_alt_start' => '<tr>', + 'row_alt_end' => '</tr>', + 'cell_alt_start' => '<td>', + 'cell_alt_end' => '</td>', + + 'table_close' => '</table>' + ); + } + + +} + + +/* End of file Table.php */ +/* Location: ./system/libraries/Table.php */
\ No newline at end of file diff --git a/system/libraries/Trackback.php b/system/libraries/Trackback.php new file mode 100644 index 000000000..ab8f46a69 --- /dev/null +++ b/system/libraries/Trackback.php @@ -0,0 +1,547 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Trackback Class + * + * Trackback Sending/Receiving Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Trackbacks + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/trackback.html + */ +class CI_Trackback { + + var $time_format = 'local'; + var $charset = 'UTF-8'; + var $data = array('url' => '', 'title' => '', 'excerpt' => '', 'blog_name' => '', 'charset' => ''); + var $convert_ascii = TRUE; + var $response = ''; + var $error_msg = array(); + + /** + * Constructor + * + * @access public + */ + function CI_Trackback() + { + log_message('debug', "Trackback Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Send Trackback + * + * @access public + * @param array + * @return bool + */ + function send($tb_data) + { + if ( ! is_array($tb_data)) + { + $this->set_error('The send() method must be passed an array'); + return FALSE; + } + + // Pre-process the Trackback Data + foreach (array('url', 'title', 'excerpt', 'blog_name', 'ping_url') as $item) + { + if ( ! isset($tb_data[$item])) + { + $this->set_error('Required item missing: '.$item); + return FALSE; + } + + switch ($item) + { + case 'ping_url' : $$item = $this->extract_urls($tb_data[$item]); + break; + case 'excerpt' : $$item = $this->limit_characters($this->convert_xml(strip_tags(stripslashes($tb_data[$item])))); + break; + case 'url' : $$item = str_replace('-', '-', $this->convert_xml(strip_tags(stripslashes($tb_data[$item])))); + break; + default : $$item = $this->convert_xml(strip_tags(stripslashes($tb_data[$item]))); + break; + } + + // Convert High ASCII Characters + if ($this->convert_ascii == TRUE) + { + if ($item == 'excerpt') + { + $$item = $this->convert_ascii($$item); + } + elseif ($item == 'title') + { + $$item = $this->convert_ascii($$item); + } + elseif($item == 'blog_name') + { + $$item = $this->convert_ascii($$item); + } + } + } + + // Build the Trackback data string + $charset = ( ! isset($tb_data['charset'])) ? $this->charset : $tb_data['charset']; + + $data = "url=".rawurlencode($url)."&title=".rawurlencode($title)."&blog_name=".rawurlencode($blog_name)."&excerpt=".rawurlencode($excerpt)."&charset=".rawurlencode($charset); + + // Send Trackback(s) + $return = TRUE; + if (count($ping_url) > 0) + { + foreach ($ping_url as $url) + { + if ($this->process($url, $data) == FALSE) + { + $return = FALSE; + } + } + } + + return $return; + } + + // -------------------------------------------------------------------- + + /** + * Receive Trackback Data + * + * This function simply validates the incoming TB data. + * It returns false on failure and true on success. + * If the data is valid it is set to the $this->data array + * so that it can be inserted into a database. + * + * @access public + * @return bool + */ + function receive() + { + foreach (array('url', 'title', 'blog_name', 'excerpt') as $val) + { + if ( ! isset($_POST[$val]) OR $_POST[$val] == '') + { + $this->set_error('The following required POST variable is missing: '.$val); + return FALSE; + } + + $this->data['charset'] = ( ! isset($_POST['charset'])) ? 'auto' : strtoupper(trim($_POST['charset'])); + + if ($val != 'url' && function_exists('mb_convert_encoding')) + { + $_POST[$val] = mb_convert_encoding($_POST[$val], $this->charset, $this->data['charset']); + } + + $_POST[$val] = ($val != 'url') ? $this->convert_xml(strip_tags($_POST[$val])) : strip_tags($_POST[$val]); + + if ($val == 'excerpt') + { + $_POST['excerpt'] = $this->limit_characters($_POST['excerpt']); + } + + $this->data[$val] = $_POST[$val]; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Send Trackback Error Message + * + * Allows custom errors to be set. By default it + * sends the "incomplete information" error, as that's + * the most common one. + * + * @access public + * @param string + * @return void + */ + function send_error($message = 'Incomplete Information') + { + echo "<?xml version=\"1.0\" encoding=\"utf-8\"?".">\n<response>\n<error>1</error>\n<message>".$message."</message>\n</response>"; + exit; + } + + // -------------------------------------------------------------------- + + /** + * Send Trackback Success Message + * + * This should be called when a trackback has been + * successfully received and inserted. + * + * @access public + * @return void + */ + function send_success() + { + echo "<?xml version=\"1.0\" encoding=\"utf-8\"?".">\n<response>\n<error>0</error>\n</response>"; + exit; + } + + // -------------------------------------------------------------------- + + /** + * Fetch a particular item + * + * @access public + * @param string + * @return string + */ + function data($item) + { + return ( ! isset($this->data[$item])) ? '' : $this->data[$item]; + } + + // -------------------------------------------------------------------- + + /** + * Process Trackback + * + * Opens a socket connection and passes the data to + * the server. Returns true on success, false on failure + * + * @access public + * @param string + * @param string + * @return bool + */ + function process($url, $data) + { + $target = parse_url($url); + + // Open the socket + if ( ! $fp = @fsockopen($target['host'], 80)) + { + $this->set_error('Invalid Connection: '.$url); + return FALSE; + } + + // Build the path + $ppath = ( ! isset($target['path'])) ? $url : $target['path']; + + $path = (isset($target['query']) && $target['query'] != "") ? $ppath.'?'.$target['query'] : $ppath; + + // Add the Trackback ID to the data string + if ($id = $this->get_id($url)) + { + $data = "tb_id=".$id."&".$data; + } + + // Transfer the data + fputs ($fp, "POST " . $path . " HTTP/1.0\r\n" ); + fputs ($fp, "Host: " . $target['host'] . "\r\n" ); + fputs ($fp, "Content-type: application/x-www-form-urlencoded\r\n" ); + fputs ($fp, "Content-length: " . strlen($data) . "\r\n" ); + fputs ($fp, "Connection: close\r\n\r\n" ); + fputs ($fp, $data); + + // Was it successful? + $this->response = ""; + + while( ! feof($fp)) + { + $this->response .= fgets($fp, 128); + } + @fclose($fp); + + if (stristr($this->response, '<error>0</error>') === FALSE) + { + $message = 'An unknown error was encountered'; + + if (preg_match("/<message>(.*?)<\/message>/is", $this->response, $match)) + { + $message = trim($match['1']); + } + + $this->set_error($message); + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Extract Trackback URLs + * + * This function lets multiple trackbacks be sent. + * It takes a string of URLs (separated by comma or + * space) and puts each URL into an array + * + * @access public + * @param string + * @return string + */ + function extract_urls($urls) + { + // Remove the pesky white space and replace with a comma. + $urls = preg_replace("/\s*(\S+)\s*/", "\\1,", $urls); + + // If they use commas get rid of the doubles. + $urls = str_replace(",,", ",", $urls); + + // Remove any comma that might be at the end + if (substr($urls, -1) == ",") + { + $urls = substr($urls, 0, -1); + } + + // Break into an array via commas + $urls = preg_split('/[,]/', $urls); + + // Removes duplicates + $urls = array_unique($urls); + + array_walk($urls, array($this, 'validate_url')); + + return $urls; + } + + // -------------------------------------------------------------------- + + /** + * Validate URL + * + * Simply adds "http://" if missing + * + * @access public + * @param string + * @return string + */ + function validate_url($url) + { + $url = trim($url); + + if (substr($url, 0, 4) != "http") + { + $url = "http://".$url; + } + } + + // -------------------------------------------------------------------- + + /** + * Find the Trackback URL's ID + * + * @access public + * @param string + * @return string + */ + function get_id($url) + { + $tb_id = ""; + + if (strstr($url, '?')) + { + $tb_array = explode('/', $url); + $tb_end = $tb_array[count($tb_array)-1]; + + if ( ! is_numeric($tb_end)) + { + $tb_end = $tb_array[count($tb_array)-2]; + } + + $tb_array = explode('=', $tb_end); + $tb_id = $tb_array[count($tb_array)-1]; + } + else + { + $url = rtrim($url, '/'); + + $tb_array = explode('/', $url); + $tb_id = $tb_array[count($tb_array)-1]; + + if ( ! is_numeric($tb_id)) + { + $tb_id = $tb_array[count($tb_array)-2]; + } + } + + if ( ! preg_match ("/^([0-9]+)$/", $tb_id)) + { + return false; + } + else + { + return $tb_id; + } + } + + // -------------------------------------------------------------------- + + /** + * Convert Reserved XML characters to Entities + * + * @access public + * @param string + * @return string + */ + function convert_xml($str) + { + $temp = '__TEMP_AMPERSANDS__'; + + $str = preg_replace("/&#(\d+);/", "$temp\\1;", $str); + $str = preg_replace("/&(\w+);/", "$temp\\1;", $str); + + $str = str_replace(array("&","<",">","\"", "'", "-"), + array("&", "<", ">", """, "'", "-"), + $str); + + $str = preg_replace("/$temp(\d+);/","&#\\1;",$str); + $str = preg_replace("/$temp(\w+);/","&\\1;", $str); + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Character limiter + * + * Limits the string based on the character count. Will preserve complete words. + * + * @access public + * @param string + * @param integer + * @param string + * @return string + */ + function limit_characters($str, $n = 500, $end_char = '…') + { + if (strlen($str) < $n) + { + return $str; + } + + $str = preg_replace("/\s+/", ' ', str_replace(array("\r\n", "\r", "\n"), ' ', $str)); + + if (strlen($str) <= $n) + { + return $str; + } + + $out = ""; + foreach (explode(' ', trim($str)) as $val) + { + $out .= $val.' '; + if (strlen($out) >= $n) + { + return trim($out).$end_char; + } + } + } + + // -------------------------------------------------------------------- + + /** + * High ASCII to Entities + * + * Converts Hight ascii text and MS Word special chars + * to character entities + * + * @access public + * @param string + * @return string + */ + function convert_ascii($str) + { + $count = 1; + $out = ''; + $temp = array(); + + for ($i = 0, $s = strlen($str); $i < $s; $i++) + { + $ordinal = ord($str[$i]); + + if ($ordinal < 128) + { + $out .= $str[$i]; + } + else + { + if (count($temp) == 0) + { + $count = ($ordinal < 224) ? 2 : 3; + } + + $temp[] = $ordinal; + + if (count($temp) == $count) + { + $number = ($count == 3) ? (($temp['0'] % 16) * 4096) + (($temp['1'] % 64) * 64) + ($temp['2'] % 64) : (($temp['0'] % 32) * 64) + ($temp['1'] % 64); + + $out .= '&#'.$number.';'; + $count = 1; + $temp = array(); + } + } + } + + return $out; + } + + // -------------------------------------------------------------------- + + /** + * Set error message + * + * @access public + * @param string + * @return void + */ + function set_error($msg) + { + log_message('error', $msg); + $this->error_msg[] = $msg; + } + + // -------------------------------------------------------------------- + + /** + * Show error messages + * + * @access public + * @param string + * @param string + * @return string + */ + function display_errors($open = '<p>', $close = '</p>') + { + $str = ''; + foreach ($this->error_msg as $val) + { + $str .= $open.$val.$close; + } + + return $str; + } + +} +// END Trackback Class + +/* End of file Trackback.php */ +/* Location: ./system/libraries/Trackback.php */
\ No newline at end of file diff --git a/system/libraries/Typography.php b/system/libraries/Typography.php new file mode 100644 index 000000000..242ca3cb6 --- /dev/null +++ b/system/libraries/Typography.php @@ -0,0 +1,406 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Typography Class + * + * + * @access private + * @category Helpers + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/helpers/ + */ +class CI_Typography { + + // Block level elements that should not be wrapped inside <p> tags + var $block_elements = 'address|blockquote|div|dl|fieldset|form|h\d|hr|noscript|object|ol|p|pre|script|table|ul'; + + // Elements that should not have <p> and <br /> tags within them. + var $skip_elements = 'p|pre|ol|ul|dl|object|table|h\d'; + + // Tags we want the parser to completely ignore when splitting the string. + var $inline_elements = 'a|abbr|acronym|b|bdo|big|br|button|cite|code|del|dfn|em|i|img|ins|input|label|map|kbd|q|samp|select|small|span|strong|sub|sup|textarea|tt|var'; + + // array of block level elements that require inner content to be within another block level element + var $inner_block_required = array('blockquote'); + + // the last block element parsed + var $last_block_element = ''; + + // whether or not to protect quotes within { curly braces } + var $protect_braced_quotes = FALSE; + + /** + * Nothing to do here... + * + */ + function CI_Typography() + { + } + + /** + * Auto Typography + * + * This function converts text, making it typographically correct: + * - Converts double spaces into paragraphs. + * - Converts single line breaks into <br /> tags + * - Converts single and double quotes into correctly facing curly quote entities. + * - Converts three dots into ellipsis. + * - Converts double dashes into em-dashes. + * - Converts two spaces into entities + * + * @access public + * @param string + * @param bool whether to reduce more then two consecutive newlines to two + * @return string + */ + function auto_typography($str, $reduce_linebreaks = FALSE) + { + if ($str == '') + { + return ''; + } + + // Standardize Newlines to make matching easier + if (strpos($str, "\r") !== FALSE) + { + $str = str_replace(array("\r\n", "\r"), "\n", $str); + } + + // Reduce line breaks. If there are more than two consecutive linebreaks + // we'll compress them down to a maximum of two since there's no benefit to more. + if ($reduce_linebreaks === TRUE) + { + $str = preg_replace("/\n\n+/", "\n\n", $str); + } + + // HTML comment tags don't conform to patterns of normal tags, so pull them out separately, only if needed + $html_comments = array(); + if (strpos($str, '<!--') !== FALSE) + { + if (preg_match_all("#(<!\-\-.*?\-\->)#s", $str, $matches)) + { + for ($i = 0, $total = count($matches[0]); $i < $total; $i++) + { + $html_comments[] = $matches[0][$i]; + $str = str_replace($matches[0][$i], '{@HC'.$i.'}', $str); + } + } + } + + // match and yank <pre> tags if they exist. It's cheaper to do this separately since most content will + // not contain <pre> tags, and it keeps the PCRE patterns below simpler and faster + if (strpos($str, '<pre') !== FALSE) + { + $str = preg_replace_callback("#<pre.*?>.*?</pre>#si", array($this, '_protect_characters'), $str); + } + + // Convert quotes within tags to temporary markers. + $str = preg_replace_callback("#<.+?>#si", array($this, '_protect_characters'), $str); + + // Do the same with braces if necessary + if ($this->protect_braced_quotes === TRUE) + { + $str = preg_replace_callback("#\{.+?\}#si", array($this, '_protect_characters'), $str); + } + + // Convert "ignore" tags to temporary marker. The parser splits out the string at every tag + // it encounters. Certain inline tags, like image tags, links, span tags, etc. will be + // adversely affected if they are split out so we'll convert the opening bracket < temporarily to: {@TAG} + $str = preg_replace("#<(/*)(".$this->inline_elements.")([ >])#i", "{@TAG}\\1\\2\\3", $str); + + // Split the string at every tag. This expression creates an array with this prototype: + // + // [array] + // { + // [0] = <opening tag> + // [1] = Content... + // [2] = <closing tag> + // Etc... + // } + $chunks = preg_split('/(<(?:[^<>]+(?:"[^"]*"|\'[^\']*\')?)+>)/', $str, -1, PREG_SPLIT_DELIM_CAPTURE|PREG_SPLIT_NO_EMPTY); + + // Build our finalized string. We cycle through the array, skipping tags, and processing the contained text + $str = ''; + $process = TRUE; + $paragraph = FALSE; + $current_chunk = 0; + $total_chunks = count($chunks); + + foreach ($chunks as $chunk) + { + $current_chunk++; + + // Are we dealing with a tag? If so, we'll skip the processing for this cycle. + // Well also set the "process" flag which allows us to skip <pre> tags and a few other things. + if (preg_match("#<(/*)(".$this->block_elements.").*?>#", $chunk, $match)) + { + if (preg_match("#".$this->skip_elements."#", $match[2])) + { + $process = ($match[1] == '/') ? TRUE : FALSE; + } + + if ($match[1] == '') + { + $this->last_block_element = $match[2]; + } + + $str .= $chunk; + continue; + } + + if ($process == FALSE) + { + $str .= $chunk; + continue; + } + + // Force a newline to make sure end tags get processed by _format_newlines() + if ($current_chunk == $total_chunks) + { + $chunk .= "\n"; + } + + // Convert Newlines into <p> and <br /> tags + $str .= $this->_format_newlines($chunk); + } + + // No opening block level tag? Add it if needed. + if ( ! preg_match("/^\s*<(?:".$this->block_elements.")/i", $str)) + { + $str = preg_replace("/^(.*?)<(".$this->block_elements.")/i", '<p>$1</p><$2', $str); + } + + // Convert quotes, elipsis, em-dashes, non-breaking spaces, and ampersands + $str = $this->format_characters($str); + + // restore HTML comments + for ($i = 0, $total = count($html_comments); $i < $total; $i++) + { + // remove surrounding paragraph tags, but only if there's an opening paragraph tag + // otherwise HTML comments at the ends of paragraphs will have the closing tag removed + // if '<p>{@HC1}' then replace <p>{@HC1}</p> with the comment, else replace only {@HC1} with the comment + $str = preg_replace('#(?(?=<p>\{@HC'.$i.'\})<p>\{@HC'.$i.'\}(\s*</p>)|\{@HC'.$i.'\})#s', $html_comments[$i], $str); + } + + // Final clean up + $table = array( + + // If the user submitted their own paragraph tags within the text + // we will retain them instead of using our tags. + '/(<p[^>*?]>)<p>/' => '$1', // <?php BBEdit syntax coloring bug fix + + // Reduce multiple instances of opening/closing paragraph tags to a single one + '#(</p>)+#' => '</p>', + '/(<p>\W*<p>)+/' => '<p>', + + // Clean up stray paragraph tags that appear before block level elements + '#<p></p><('.$this->block_elements.')#' => '<$1', + + // Clean up stray non-breaking spaces preceeding block elements + '#( \s*)+<('.$this->block_elements.')#' => ' <$2', + + // Replace the temporary markers we added earlier + '/\{@TAG\}/' => '<', + '/\{@DQ\}/' => '"', + '/\{@SQ\}/' => "'", + '/\{@DD\}/' => '--', + '/\{@NBS\}/' => ' ' + + ); + + // Do we need to reduce empty lines? + if ($reduce_linebreaks === TRUE) + { + $table['#<p>\n*</p>#'] = ''; + } + else + { + // If we have empty paragraph tags we add a non-breaking space + // otherwise most browsers won't treat them as true paragraphs + $table['#<p></p>#'] = '<p> </p>'; + } + + return preg_replace(array_keys($table), $table, $str); + + } + + // -------------------------------------------------------------------- + + /** + * Format Characters + * + * This function mainly converts double and single quotes + * to curly entities, but it also converts em-dashes, + * double spaces, and ampersands + * + * @access public + * @param string + * @return string + */ + function format_characters($str) + { + static $table; + + if ( ! isset($table)) + { + $table = array( + // nested smart quotes, opening and closing + // note that rules for grammar (English) allow only for two levels deep + // and that single quotes are _supposed_ to always be on the outside + // but we'll accommodate both + // Note that in all cases, whitespace is the primary determining factor + // on which direction to curl, with non-word characters like punctuation + // being a secondary factor only after whitespace is addressed. + '/\'"(\s|$)/' => '’”$1', + '/(^|\s|<p>)\'"/' => '$1‘“', + '/\'"(\W)/' => '’”$1', + '/(\W)\'"/' => '$1‘“', + '/"\'(\s|$)/' => '”’$1', + '/(^|\s|<p>)"\'/' => '$1“‘', + '/"\'(\W)/' => '”’$1', + '/(\W)"\'/' => '$1“‘', + + // single quote smart quotes + '/\'(\s|$)/' => '’$1', + '/(^|\s|<p>)\'/' => '$1‘', + '/\'(\W)/' => '’$1', + '/(\W)\'/' => '$1‘', + + // double quote smart quotes + '/"(\s|$)/' => '”$1', + '/(^|\s|<p>)"/' => '$1“', + '/"(\W)/' => '”$1', + '/(\W)"/' => '$1“', + + // apostrophes + "/(\w)'(\w)/" => '$1’$2', + + // Em dash and ellipses dots + '/\s?\-\-\s?/' => '—', + '/(\w)\.{3}/' => '$1…', + + // double space after sentences + '/(\W) /' => '$1 ', + + // ampersands, if not a character entity + '/&(?!#?[a-zA-Z0-9]{2,};)/' => '&' + ); + } + + return preg_replace(array_keys($table), $table, $str); + } + + // -------------------------------------------------------------------- + + /** + * Format Newlines + * + * Converts newline characters into either <p> tags or <br /> + * + * @access public + * @param string + * @return string + */ + function _format_newlines($str) + { + if ($str == '') + { + return $str; + } + + if (strpos($str, "\n") === FALSE && ! in_array($this->last_block_element, $this->inner_block_required)) + { + return $str; + } + + // Convert two consecutive newlines to paragraphs + $str = str_replace("\n\n", "</p>\n\n<p>", $str); + + // Convert single spaces to <br /> tags + $str = preg_replace("/([^\n])(\n)([^\n])/", "\\1<br />\\2\\3", $str); + + // Wrap the whole enchilada in enclosing paragraphs + if ($str != "\n") + { + $str = '<p>'.$str.'</p>'; + } + + // Remove empty paragraphs if they are on the first line, as this + // is a potential unintended consequence of the previous code + $str = preg_replace("/<p><\/p>(.*)/", "\\1", $str, 1); + + return $str; + } + + // ------------------------------------------------------------------------ + + /** + * Protect Characters + * + * Protects special characters from being formatted later + * We don't want quotes converted within tags so we'll temporarily convert them to {@DQ} and {@SQ} + * and we don't want double dashes converted to emdash entities, so they are marked with {@DD} + * likewise double spaces are converted to {@NBS} to prevent entity conversion + * + * @access public + * @param array + * @return string + */ + function _protect_characters($match) + { + return str_replace(array("'",'"','--',' '), array('{@SQ}', '{@DQ}', '{@DD}', '{@NBS}'), $match[0]); + } + + // -------------------------------------------------------------------- + + /** + * Convert newlines to HTML line breaks except within PRE tags + * + * @access public + * @param string + * @return string + */ + function nl2br_except_pre($str) + { + $ex = explode("pre>",$str); + $ct = count($ex); + + $newstr = ""; + for ($i = 0; $i < $ct; $i++) + { + if (($i % 2) == 0) + { + $newstr .= nl2br($ex[$i]); + } + else + { + $newstr .= $ex[$i]; + } + + if ($ct - 1 != $i) + $newstr .= "pre>"; + } + + return $newstr; + } + +} +// END Typography Class + +/* End of file Typography.php */ +/* Location: ./system/libraries/Typography.php */
\ No newline at end of file diff --git a/system/libraries/URI.php b/system/libraries/URI.php new file mode 100644 index 000000000..68b678053 --- /dev/null +++ b/system/libraries/URI.php @@ -0,0 +1,586 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * URI Class + * + * Parses URIs and determines routing + * + * @package CodeIgniter + * @subpackage Libraries + * @category URI + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/uri.html + */ +class CI_URI { + + var $keyval = array(); + var $uri_string; + var $segments = array(); + var $rsegments = array(); + + /** + * Constructor + * + * Simply globalizes the $RTR object. The front + * loads the Router class early on so it's not available + * normally as other classes are. + * + * @access public + */ + function CI_URI() + { + $this->config =& load_class('Config'); + log_message('debug', "URI Class Initialized"); + } + + + // -------------------------------------------------------------------- + + /** + * Get the URI String + * + * @access private + * @return string + */ + function _fetch_uri_string() + { + if (strtoupper($this->config->item('uri_protocol')) == 'AUTO') + { + // If the URL has a question mark then it's simplest to just + // build the URI string from the zero index of the $_GET array. + // This avoids having to deal with $_SERVER variables, which + // can be unreliable in some environments + if (is_array($_GET) && count($_GET) == 1 && trim(key($_GET), '/') != '') + { + $this->uri_string = key($_GET); + return; + } + + // Is there a PATH_INFO variable? + // Note: some servers seem to have trouble with getenv() so we'll test it two ways + $path = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO'); + if (trim($path, '/') != '' && $path != "/".SELF) + { + $this->uri_string = $path; + return; + } + + // No PATH_INFO?... What about QUERY_STRING? + $path = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING'); + if (trim($path, '/') != '') + { + $this->uri_string = $path; + return; + } + + // No QUERY_STRING?... Maybe the ORIG_PATH_INFO variable exists? + $path = str_replace($_SERVER['SCRIPT_NAME'], '', (isset($_SERVER['ORIG_PATH_INFO'])) ? $_SERVER['ORIG_PATH_INFO'] : @getenv('ORIG_PATH_INFO')); + if (trim($path, '/') != '' && $path != "/".SELF) + { + // remove path and script information so we have good URI data + $this->uri_string = $path; + return; + } + + // We've exhausted all our options... + $this->uri_string = ''; + } + else + { + $uri = strtoupper($this->config->item('uri_protocol')); + + if ($uri == 'REQUEST_URI') + { + $this->uri_string = $this->_parse_request_uri(); + return; + } + + $this->uri_string = (isset($_SERVER[$uri])) ? $_SERVER[$uri] : @getenv($uri); + } + + // If the URI contains only a slash we'll kill it + if ($this->uri_string == '/') + { + $this->uri_string = ''; + } + } + + // -------------------------------------------------------------------- + + /** + * Parse the REQUEST_URI + * + * Due to the way REQUEST_URI works it usually contains path info + * that makes it unusable as URI data. We'll trim off the unnecessary + * data, hopefully arriving at a valid URI that we can use. + * + * @access private + * @return string + */ + function _parse_request_uri() + { + if ( ! isset($_SERVER['REQUEST_URI']) OR $_SERVER['REQUEST_URI'] == '') + { + return ''; + } + + $request_uri = preg_replace("|/(.*)|", "\\1", str_replace("\\", "/", $_SERVER['REQUEST_URI'])); + + if ($request_uri == '' OR $request_uri == SELF) + { + return ''; + } + + $fc_path = FCPATH.SELF; + if (strpos($request_uri, '?') !== FALSE) + { + $fc_path .= '?'; + } + + $parsed_uri = explode("/", $request_uri); + + $i = 0; + foreach(explode("/", $fc_path) as $segment) + { + if (isset($parsed_uri[$i]) && $segment == $parsed_uri[$i]) + { + $i++; + } + } + + $parsed_uri = implode("/", array_slice($parsed_uri, $i)); + + if ($parsed_uri != '') + { + $parsed_uri = '/'.$parsed_uri; + } + + return $parsed_uri; + } + + // -------------------------------------------------------------------- + + /** + * Filter segments for malicious characters + * + * @access private + * @param string + * @return string + */ + function _filter_uri($str) + { + if ($str != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE) + { + // preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards + // compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern + if ( ! preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i", $str)) + { + show_error('The URI you submitted has disallowed characters.', 400); + } + } + + // Convert programatic characters to entities + $bad = array('$', '(', ')', '%28', '%29'); + $good = array('$', '(', ')', '(', ')'); + + return str_replace($bad, $good, $str); + } + + // -------------------------------------------------------------------- + + /** + * Remove the suffix from the URL if needed + * + * @access private + * @return void + */ + function _remove_url_suffix() + { + if ($this->config->item('url_suffix') != "") + { + $this->uri_string = preg_replace("|".preg_quote($this->config->item('url_suffix'))."$|", "", $this->uri_string); + } + } + + // -------------------------------------------------------------------- + + /** + * Explode the URI Segments. The individual segments will + * be stored in the $this->segments array. + * + * @access private + * @return void + */ + function _explode_segments() + { + foreach(explode("/", preg_replace("|/*(.+?)/*$|", "\\1", $this->uri_string)) as $val) + { + // Filter segments for security + $val = trim($this->_filter_uri($val)); + + if ($val != '') + { + $this->segments[] = $val; + } + } + } + + // -------------------------------------------------------------------- + /** + * Re-index Segments + * + * This function re-indexes the $this->segment array so that it + * starts at 1 rather than 0. Doing so makes it simpler to + * use functions like $this->uri->segment(n) since there is + * a 1:1 relationship between the segment array and the actual segments. + * + * @access private + * @return void + */ + function _reindex_segments() + { + array_unshift($this->segments, NULL); + array_unshift($this->rsegments, NULL); + unset($this->segments[0]); + unset($this->rsegments[0]); + } + + // -------------------------------------------------------------------- + + /** + * Fetch a URI Segment + * + * This function returns the URI segment based on the number provided. + * + * @access public + * @param integer + * @param bool + * @return string + */ + function segment($n, $no_result = FALSE) + { + return ( ! isset($this->segments[$n])) ? $no_result : $this->segments[$n]; + } + + // -------------------------------------------------------------------- + + /** + * Fetch a URI "routed" Segment + * + * This function returns the re-routed URI segment (assuming routing rules are used) + * based on the number provided. If there is no routing this function returns the + * same result as $this->segment() + * + * @access public + * @param integer + * @param bool + * @return string + */ + function rsegment($n, $no_result = FALSE) + { + return ( ! isset($this->rsegments[$n])) ? $no_result : $this->rsegments[$n]; + } + + // -------------------------------------------------------------------- + + /** + * Generate a key value pair from the URI string + * + * This function generates and associative array of URI data starting + * at the supplied segment. For example, if this is your URI: + * + * example.com/user/search/name/joe/location/UK/gender/male + * + * You can use this function to generate an array with this prototype: + * + * array ( + * name => joe + * location => UK + * gender => male + * ) + * + * @access public + * @param integer the starting segment number + * @param array an array of default values + * @return array + */ + function uri_to_assoc($n = 3, $default = array()) + { + return $this->_uri_to_assoc($n, $default, 'segment'); + } + /** + * Identical to above only it uses the re-routed segment array + * + */ + function ruri_to_assoc($n = 3, $default = array()) + { + return $this->_uri_to_assoc($n, $default, 'rsegment'); + } + + // -------------------------------------------------------------------- + + /** + * Generate a key value pair from the URI string or Re-routed URI string + * + * @access private + * @param integer the starting segment number + * @param array an array of default values + * @param string which array we should use + * @return array + */ + function _uri_to_assoc($n = 3, $default = array(), $which = 'segment') + { + if ($which == 'segment') + { + $total_segments = 'total_segments'; + $segment_array = 'segment_array'; + } + else + { + $total_segments = 'total_rsegments'; + $segment_array = 'rsegment_array'; + } + + if ( ! is_numeric($n)) + { + return $default; + } + + if (isset($this->keyval[$n])) + { + return $this->keyval[$n]; + } + + if ($this->$total_segments() < $n) + { + if (count($default) == 0) + { + return array(); + } + + $retval = array(); + foreach ($default as $val) + { + $retval[$val] = FALSE; + } + return $retval; + } + + $segments = array_slice($this->$segment_array(), ($n - 1)); + + $i = 0; + $lastval = ''; + $retval = array(); + foreach ($segments as $seg) + { + if ($i % 2) + { + $retval[$lastval] = $seg; + } + else + { + $retval[$seg] = FALSE; + $lastval = $seg; + } + + $i++; + } + + if (count($default) > 0) + { + foreach ($default as $val) + { + if ( ! array_key_exists($val, $retval)) + { + $retval[$val] = FALSE; + } + } + } + + // Cache the array for reuse + $this->keyval[$n] = $retval; + return $retval; + } + + // -------------------------------------------------------------------- + + /** + * Generate a URI string from an associative array + * + * + * @access public + * @param array an associative array of key/values + * @return array + */ + function assoc_to_uri($array) + { + $temp = array(); + foreach ((array)$array as $key => $val) + { + $temp[] = $key; + $temp[] = $val; + } + + return implode('/', $temp); + } + + // -------------------------------------------------------------------- + + /** + * Fetch a URI Segment and add a trailing slash + * + * @access public + * @param integer + * @param string + * @return string + */ + function slash_segment($n, $where = 'trailing') + { + return $this->_slash_segment($n, $where, 'segment'); + } + + // -------------------------------------------------------------------- + + /** + * Fetch a URI Segment and add a trailing slash + * + * @access public + * @param integer + * @param string + * @return string + */ + function slash_rsegment($n, $where = 'trailing') + { + return $this->_slash_segment($n, $where, 'rsegment'); + } + + // -------------------------------------------------------------------- + + /** + * Fetch a URI Segment and add a trailing slash - helper function + * + * @access private + * @param integer + * @param string + * @param string + * @return string + */ + function _slash_segment($n, $where = 'trailing', $which = 'segment') + { + if ($where == 'trailing') + { + $trailing = '/'; + $leading = ''; + } + elseif ($where == 'leading') + { + $leading = '/'; + $trailing = ''; + } + else + { + $leading = '/'; + $trailing = '/'; + } + return $leading.$this->$which($n).$trailing; + } + + // -------------------------------------------------------------------- + + /** + * Segment Array + * + * @access public + * @return array + */ + function segment_array() + { + return $this->segments; + } + + // -------------------------------------------------------------------- + + /** + * Routed Segment Array + * + * @access public + * @return array + */ + function rsegment_array() + { + return $this->rsegments; + } + + // -------------------------------------------------------------------- + + /** + * Total number of segments + * + * @access public + * @return integer + */ + function total_segments() + { + return count($this->segments); + } + + // -------------------------------------------------------------------- + + /** + * Total number of routed segments + * + * @access public + * @return integer + */ + function total_rsegments() + { + return count($this->rsegments); + } + + // -------------------------------------------------------------------- + + /** + * Fetch the entire URI string + * + * @access public + * @return string + */ + function uri_string() + { + return $this->uri_string; + } + + + // -------------------------------------------------------------------- + + /** + * Fetch the entire Re-routed URI string + * + * @access public + * @return string + */ + function ruri_string() + { + return '/'.implode('/', $this->rsegment_array()).'/'; + } + +} +// END URI Class + +/* End of file URI.php */ +/* Location: ./system/libraries/URI.php */
\ No newline at end of file diff --git a/system/libraries/Unit_test.php b/system/libraries/Unit_test.php new file mode 100644 index 000000000..d1db6297b --- /dev/null +++ b/system/libraries/Unit_test.php @@ -0,0 +1,347 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.3.1 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Unit Testing Class + * + * Simple testing class + * + * @package CodeIgniter + * @subpackage Libraries + * @category UnitTesting + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/uri.html + */ +class CI_Unit_test { + + var $active = TRUE; + var $results = array(); + var $strict = FALSE; + var $_template = NULL; + var $_template_rows = NULL; + + function CI_Unit_test() + { + log_message('debug', "Unit Testing Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Run the tests + * + * Runs the supplied tests + * + * @access public + * @param mixed + * @param mixed + * @param string + * @return string + */ + function run($test, $expected = TRUE, $test_name = 'undefined') + { + if ($this->active == FALSE) + { + return FALSE; + } + + if (in_array($expected, array('is_string', 'is_bool', 'is_true', 'is_false', 'is_int', 'is_numeric', 'is_float', 'is_double', 'is_array', 'is_null'), TRUE)) + { + $expected = str_replace('is_float', 'is_double', $expected); + $result = ($expected($test)) ? TRUE : FALSE; + $extype = str_replace(array('true', 'false'), 'bool', str_replace('is_', '', $expected)); + } + else + { + if ($this->strict == TRUE) + $result = ($test === $expected) ? TRUE : FALSE; + else + $result = ($test == $expected) ? TRUE : FALSE; + + $extype = gettype($expected); + } + + $back = $this->_backtrace(); + + $report[] = array ( + 'test_name' => $test_name, + 'test_datatype' => gettype($test), + 'res_datatype' => $extype, + 'result' => ($result === TRUE) ? 'passed' : 'failed', + 'file' => $back['file'], + 'line' => $back['line'] + ); + + $this->results[] = $report; + + return($this->report($this->result($report))); + } + + // -------------------------------------------------------------------- + + /** + * Generate a report + * + * Displays a table with the test data + * + * @access public + * @return string + */ + function report($result = array()) + { + if (count($result) == 0) + { + $result = $this->result(); + } + + $CI =& get_instance(); + $CI->load->language('unit_test'); + + $this->_parse_template(); + + $r = ''; + foreach ($result as $res) + { + $table = ''; + + foreach ($res as $key => $val) + { + + if ($key == $CI->lang->line('ut_result')) + { + if ($val == $CI->lang->line('ut_passed')) + { + $val = '<span style="color: #0C0;">'.$val.'</span>'; + } + elseif ($val == $CI->lang->line('ut_failed')) + { + $val = '<span style="color: #C00;">'.$val.'</span>'; + } + } + + $temp = $this->_template_rows; + $temp = str_replace('{item}', $key, $temp); + $temp = str_replace('{result}', $val, $temp); + $table .= $temp; + } + + $r .= str_replace('{rows}', $table, $this->_template); + } + + return $r; + } + + // -------------------------------------------------------------------- + + /** + * Use strict comparison + * + * Causes the evaluation to use === rather than == + * + * @access public + * @param bool + * @return null + */ + function use_strict($state = TRUE) + { + $this->strict = ($state == FALSE) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Make Unit testing active + * + * Enables/disables unit testing + * + * @access public + * @param bool + * @return null + */ + function active($state = TRUE) + { + $this->active = ($state == FALSE) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Result Array + * + * Returns the raw result data + * + * @access public + * @return array + */ + function result($results = array()) + { + $CI =& get_instance(); + $CI->load->language('unit_test'); + + if (count($results) == 0) + { + $results = $this->results; + } + + $retval = array(); + foreach ($results as $result) + { + $temp = array(); + foreach ($result as $key => $val) + { + if (is_array($val)) + { + foreach ($val as $k => $v) + { + if (FALSE !== ($line = $CI->lang->line(strtolower('ut_'.$v)))) + { + $v = $line; + } + $temp[$CI->lang->line('ut_'.$k)] = $v; + } + } + else + { + if (FALSE !== ($line = $CI->lang->line(strtolower('ut_'.$val)))) + { + $val = $line; + } + $temp[$CI->lang->line('ut_'.$key)] = $val; + } + } + + $retval[] = $temp; + } + + return $retval; + } + + // -------------------------------------------------------------------- + + /** + * Set the template + * + * This lets us set the template to be used to display results + * + * @access public + * @param string + * @return void + */ + function set_template($template) + { + $this->_template = $template; + } + + // -------------------------------------------------------------------- + + /** + * Generate a backtrace + * + * This lets us show file names and line numbers + * + * @access private + * @return array + */ + function _backtrace() + { + if (function_exists('debug_backtrace')) + { + $back = debug_backtrace(); + + $file = ( ! isset($back['1']['file'])) ? '' : $back['1']['file']; + $line = ( ! isset($back['1']['line'])) ? '' : $back['1']['line']; + + return array('file' => $file, 'line' => $line); + } + return array('file' => 'Unknown', 'line' => 'Unknown'); + } + + // -------------------------------------------------------------------- + + /** + * Get Default Template + * + * @access private + * @return string + */ + function _default_template() + { + $this->_template = "\n".'<table style="width:100%; font-size:small; margin:10px 0; border-collapse:collapse; border:1px solid #CCC;">'; + $this->_template .= '{rows}'; + $this->_template .= "\n".'</table>'; + + $this->_template_rows = "\n\t".'<tr>'; + $this->_template_rows .= "\n\t\t".'<th style="text-align: left; border-bottom:1px solid #CCC;">{item}</th>'; + $this->_template_rows .= "\n\t\t".'<td style="border-bottom:1px solid #CCC;">{result}</td>'; + $this->_template_rows .= "\n\t".'</tr>'; + } + + // -------------------------------------------------------------------- + + /** + * Parse Template + * + * Harvests the data within the template {pseudo-variables} + * + * @access private + * @return void + */ + function _parse_template() + { + if ( ! is_null($this->_template_rows)) + { + return; + } + + if (is_null($this->_template)) + { + $this->_default_template(); + return; + } + + if ( ! preg_match("/\{rows\}(.*?)\{\/rows\}/si", $this->_template, $match)) + { + $this->_default_template(); + return; + } + + $this->_template_rows = $match['1']; + $this->_template = str_replace($match['0'], '{rows}', $this->_template); + } + +} +// END Unit_test Class + +/** + * Helper functions to test boolean true/false + * + * + * @access private + * @return bool + */ +function is_true($test) +{ + return (is_bool($test) AND $test === TRUE) ? TRUE : FALSE; +} +function is_false($test) +{ + return (is_bool($test) AND $test === FALSE) ? TRUE : FALSE; +} + + +/* End of file Unit_test.php */ +/* Location: ./system/libraries/Unit_test.php */
\ No newline at end of file diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php new file mode 100644 index 000000000..618c49be0 --- /dev/null +++ b/system/libraries/Upload.php @@ -0,0 +1,949 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * File Uploading Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Uploads + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/file_uploading.html + */ +class CI_Upload { + + var $max_size = 0; + var $max_width = 0; + var $max_height = 0; + var $max_filename = 0; + var $allowed_types = ""; + var $file_temp = ""; + var $file_name = ""; + var $orig_name = ""; + var $file_type = ""; + var $file_size = ""; + var $file_ext = ""; + var $upload_path = ""; + var $overwrite = FALSE; + var $encrypt_name = FALSE; + var $is_image = FALSE; + var $image_width = ''; + var $image_height = ''; + var $image_type = ''; + var $image_size_str = ''; + var $error_msg = array(); + var $mimes = array(); + var $remove_spaces = TRUE; + var $xss_clean = FALSE; + var $temp_prefix = "temp_file_"; + + /** + * Constructor + * + * @access public + */ + function CI_Upload($props = array()) + { + if (count($props) > 0) + { + $this->initialize($props); + } + + log_message('debug', "Upload Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Initialize preferences + * + * @access public + * @param array + * @return void + */ + function initialize($config = array()) + { + $defaults = array( + 'max_size' => 0, + 'max_width' => 0, + 'max_height' => 0, + 'max_filename' => 0, + 'allowed_types' => "", + 'file_temp' => "", + 'file_name' => "", + 'orig_name' => "", + 'file_type' => "", + 'file_size' => "", + 'file_ext' => "", + 'upload_path' => "", + 'overwrite' => FALSE, + 'encrypt_name' => FALSE, + 'is_image' => FALSE, + 'image_width' => '', + 'image_height' => '', + 'image_type' => '', + 'image_size_str' => '', + 'error_msg' => array(), + 'mimes' => array(), + 'remove_spaces' => TRUE, + 'xss_clean' => FALSE, + 'temp_prefix' => "temp_file_" + ); + + + foreach ($defaults as $key => $val) + { + if (isset($config[$key])) + { + $method = 'set_'.$key; + if (method_exists($this, $method)) + { + $this->$method($config[$key]); + } + else + { + $this->$key = $config[$key]; + } + } + else + { + $this->$key = $val; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Perform the file upload + * + * @access public + * @return bool + */ + function do_upload($field = 'userfile') + { + // Is $_FILES[$field] set? If not, no reason to continue. + if ( ! isset($_FILES[$field])) + { + $this->set_error('upload_no_file_selected'); + return FALSE; + } + + // Is the upload path valid? + if ( ! $this->validate_upload_path()) + { + // errors will already be set by validate_upload_path() so just return FALSE + return FALSE; + } + + // Was the file able to be uploaded? If not, determine the reason why. + if ( ! is_uploaded_file($_FILES[$field]['tmp_name'])) + { + $error = ( ! isset($_FILES[$field]['error'])) ? 4 : $_FILES[$field]['error']; + + switch($error) + { + case 1: // UPLOAD_ERR_INI_SIZE + $this->set_error('upload_file_exceeds_limit'); + break; + case 2: // UPLOAD_ERR_FORM_SIZE + $this->set_error('upload_file_exceeds_form_limit'); + break; + case 3: // UPLOAD_ERR_PARTIAL + $this->set_error('upload_file_partial'); + break; + case 4: // UPLOAD_ERR_NO_FILE + $this->set_error('upload_no_file_selected'); + break; + case 6: // UPLOAD_ERR_NO_TMP_DIR + $this->set_error('upload_no_temp_directory'); + break; + case 7: // UPLOAD_ERR_CANT_WRITE + $this->set_error('upload_unable_to_write_file'); + break; + case 8: // UPLOAD_ERR_EXTENSION + $this->set_error('upload_stopped_by_extension'); + break; + default : $this->set_error('upload_no_file_selected'); + break; + } + + return FALSE; + } + + // Set the uploaded data as class variables + $this->file_temp = $_FILES[$field]['tmp_name']; + $this->file_name = $this->_prep_filename($_FILES[$field]['name']); + $this->file_size = $_FILES[$field]['size']; + $this->file_type = preg_replace("/^(.+?);.*$/", "\\1", $_FILES[$field]['type']); + $this->file_type = strtolower($this->file_type); + $this->file_ext = $this->get_extension($_FILES[$field]['name']); + + // Convert the file size to kilobytes + if ($this->file_size > 0) + { + $this->file_size = round($this->file_size/1024, 2); + } + + // Is the file type allowed to be uploaded? + if ( ! $this->is_allowed_filetype()) + { + $this->set_error('upload_invalid_filetype'); + return FALSE; + } + + // Is the file size within the allowed maximum? + if ( ! $this->is_allowed_filesize()) + { + $this->set_error('upload_invalid_filesize'); + return FALSE; + } + + // Are the image dimensions within the allowed size? + // Note: This can fail if the server has an open_basdir restriction. + if ( ! $this->is_allowed_dimensions()) + { + $this->set_error('upload_invalid_dimensions'); + return FALSE; + } + + // Sanitize the file name for security + $this->file_name = $this->clean_file_name($this->file_name); + + // Truncate the file name if it's too long + if ($this->max_filename > 0) + { + $this->file_name = $this->limit_filename_length($this->file_name, $this->max_filename); + } + + // Remove white spaces in the name + if ($this->remove_spaces == TRUE) + { + $this->file_name = preg_replace("/\s+/", "_", $this->file_name); + } + + /* + * Validate the file name + * This function appends an number onto the end of + * the file if one with the same name already exists. + * If it returns false there was a problem. + */ + $this->orig_name = $this->file_name; + + if ($this->overwrite == FALSE) + { + $this->file_name = $this->set_filename($this->upload_path, $this->file_name); + + if ($this->file_name === FALSE) + { + return FALSE; + } + } + + /* + * Move the file to the final destination + * To deal with different server configurations + * we'll attempt to use copy() first. If that fails + * we'll use move_uploaded_file(). One of the two should + * reliably work in most environments + */ + if ( ! @copy($this->file_temp, $this->upload_path.$this->file_name)) + { + if ( ! @move_uploaded_file($this->file_temp, $this->upload_path.$this->file_name)) + { + $this->set_error('upload_destination_error'); + return FALSE; + } + } + + /* + * Run the file through the XSS hacking filter + * This helps prevent malicious code from being + * embedded within a file. Scripts can easily + * be disguised as images or other file types. + */ + if ($this->xss_clean == TRUE) + { + $this->do_xss_clean(); + } + + /* + * Set the finalized image dimensions + * This sets the image width/height (assuming the + * file was an image). We use this information + * in the "data" function. + */ + $this->set_image_properties($this->upload_path.$this->file_name); + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Finalized Data Array + * + * Returns an associative array containing all of the information + * related to the upload, allowing the developer easy access in one array. + * + * @access public + * @return array + */ + function data() + { + return array ( + 'file_name' => $this->file_name, + 'file_type' => $this->file_type, + 'file_path' => $this->upload_path, + 'full_path' => $this->upload_path.$this->file_name, + 'raw_name' => str_replace($this->file_ext, '', $this->file_name), + 'orig_name' => $this->orig_name, + 'file_ext' => $this->file_ext, + 'file_size' => $this->file_size, + 'is_image' => $this->is_image(), + 'image_width' => $this->image_width, + 'image_height' => $this->image_height, + 'image_type' => $this->image_type, + 'image_size_str' => $this->image_size_str, + ); + } + + // -------------------------------------------------------------------- + + /** + * Set Upload Path + * + * @access public + * @param string + * @return void + */ + function set_upload_path($path) + { + // Make sure it has a trailing slash + $this->upload_path = rtrim($path, '/').'/'; + } + + // -------------------------------------------------------------------- + + /** + * Set the file name + * + * This function takes a filename/path as input and looks for the + * existence of a file with the same name. If found, it will append a + * number to the end of the filename to avoid overwriting a pre-existing file. + * + * @access public + * @param string + * @param string + * @return string + */ + function set_filename($path, $filename) + { + if ($this->encrypt_name == TRUE) + { + mt_srand(); + $filename = md5(uniqid(mt_rand())).$this->file_ext; + } + + if ( ! file_exists($path.$filename)) + { + return $filename; + } + + $filename = str_replace($this->file_ext, '', $filename); + + $new_filename = ''; + for ($i = 1; $i < 100; $i++) + { + if ( ! file_exists($path.$filename.$i.$this->file_ext)) + { + $new_filename = $filename.$i.$this->file_ext; + break; + } + } + + if ($new_filename == '') + { + $this->set_error('upload_bad_filename'); + return FALSE; + } + else + { + return $new_filename; + } + } + + // -------------------------------------------------------------------- + + /** + * Set Maximum File Size + * + * @access public + * @param integer + * @return void + */ + function set_max_filesize($n) + { + $this->max_size = ((int) $n < 0) ? 0: (int) $n; + } + + // -------------------------------------------------------------------- + + /** + * Set Maximum File Name Length + * + * @access public + * @param integer + * @return void + */ + function set_max_filename($n) + { + $this->max_filename = ((int) $n < 0) ? 0: (int) $n; + } + + // -------------------------------------------------------------------- + + /** + * Set Maximum Image Width + * + * @access public + * @param integer + * @return void + */ + function set_max_width($n) + { + $this->max_width = ((int) $n < 0) ? 0: (int) $n; + } + + // -------------------------------------------------------------------- + + /** + * Set Maximum Image Height + * + * @access public + * @param integer + * @return void + */ + function set_max_height($n) + { + $this->max_height = ((int) $n < 0) ? 0: (int) $n; + } + + // -------------------------------------------------------------------- + + /** + * Set Allowed File Types + * + * @access public + * @param string + * @return void + */ + function set_allowed_types($types) + { + $this->allowed_types = explode('|', $types); + } + + // -------------------------------------------------------------------- + + /** + * Set Image Properties + * + * Uses GD to determine the width/height/type of image + * + * @access public + * @param string + * @return void + */ + function set_image_properties($path = '') + { + if ( ! $this->is_image()) + { + return; + } + + if (function_exists('getimagesize')) + { + if (FALSE !== ($D = @getimagesize($path))) + { + $types = array(1 => 'gif', 2 => 'jpeg', 3 => 'png'); + + $this->image_width = $D['0']; + $this->image_height = $D['1']; + $this->image_type = ( ! isset($types[$D['2']])) ? 'unknown' : $types[$D['2']]; + $this->image_size_str = $D['3']; // string containing height and width + } + } + } + + // -------------------------------------------------------------------- + + /** + * Set XSS Clean + * + * Enables the XSS flag so that the file that was uploaded + * will be run through the XSS filter. + * + * @access public + * @param bool + * @return void + */ + function set_xss_clean($flag = FALSE) + { + $this->xss_clean = ($flag == TRUE) ? TRUE : FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Validate the image + * + * @access public + * @return bool + */ + function is_image() + { + // IE will sometimes return odd mime-types during upload, so here we just standardize all + // jpegs or pngs to the same file type. + + $png_mimes = array('image/x-png'); + $jpeg_mimes = array('image/jpg', 'image/jpe', 'image/jpeg', 'image/pjpeg'); + + if (in_array($this->file_type, $png_mimes)) + { + $this->file_type = 'image/png'; + } + + if (in_array($this->file_type, $jpeg_mimes)) + { + $this->file_type = 'image/jpeg'; + } + + $img_mimes = array( + 'image/gif', + 'image/jpeg', + 'image/png', + ); + + return (in_array($this->file_type, $img_mimes, TRUE)) ? TRUE : FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Verify that the filetype is allowed + * + * @access public + * @return bool + */ + function is_allowed_filetype() + { + if (count($this->allowed_types) == 0 OR ! is_array($this->allowed_types)) + { + $this->set_error('upload_no_file_types'); + return FALSE; + } + + $image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe'); + + foreach ($this->allowed_types as $val) + { + $mime = $this->mimes_types(strtolower($val)); + + // Images get some additional checks + if (in_array($val, $image_types)) + { + if (getimagesize($this->file_temp) === FALSE) + { + return FALSE; + } + } + + if (is_array($mime)) + { + if (in_array($this->file_type, $mime, TRUE)) + { + return TRUE; + } + } + else + { + if ($mime == $this->file_type) + { + return TRUE; + } + } + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Verify that the file is within the allowed size + * + * @access public + * @return bool + */ + function is_allowed_filesize() + { + if ($this->max_size != 0 AND $this->file_size > $this->max_size) + { + return FALSE; + } + else + { + return TRUE; + } + } + + // -------------------------------------------------------------------- + + /** + * Verify that the image is within the allowed width/height + * + * @access public + * @return bool + */ + function is_allowed_dimensions() + { + if ( ! $this->is_image()) + { + return TRUE; + } + + if (function_exists('getimagesize')) + { + $D = @getimagesize($this->file_temp); + + if ($this->max_width > 0 AND $D['0'] > $this->max_width) + { + return FALSE; + } + + if ($this->max_height > 0 AND $D['1'] > $this->max_height) + { + return FALSE; + } + + return TRUE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Validate Upload Path + * + * Verifies that it is a valid upload path with proper permissions. + * + * + * @access public + * @return bool + */ + function validate_upload_path() + { + if ($this->upload_path == '') + { + $this->set_error('upload_no_filepath'); + return FALSE; + } + + if (function_exists('realpath') AND @realpath($this->upload_path) !== FALSE) + { + $this->upload_path = str_replace("\\", "/", realpath($this->upload_path)); + } + + if ( ! @is_dir($this->upload_path)) + { + $this->set_error('upload_no_filepath'); + return FALSE; + } + + if ( ! is_really_writable($this->upload_path)) + { + $this->set_error('upload_not_writable'); + return FALSE; + } + + $this->upload_path = preg_replace("/(.+?)\/*$/", "\\1/", $this->upload_path); + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Extract the file extension + * + * @access public + * @param string + * @return string + */ + function get_extension($filename) + { + $x = explode('.', $filename); + return '.'.end($x); + } + + // -------------------------------------------------------------------- + + /** + * Clean the file name for security + * + * @access public + * @param string + * @return string + */ + function clean_file_name($filename) + { + $bad = array( + "<!--", + "-->", + "'", + "<", + ">", + '"', + '&', + '$', + '=', + ';', + '?', + '/', + "%20", + "%22", + "%3c", // < + "%253c", // < + "%3e", // > + "%0e", // > + "%28", // ( + "%29", // ) + "%2528", // ( + "%26", // & + "%24", // $ + "%3f", // ? + "%3b", // ; + "%3d" // = + ); + + $filename = str_replace($bad, '', $filename); + + return stripslashes($filename); + } + + // -------------------------------------------------------------------- + + /** + * Limit the File Name Length + * + * @access public + * @param string + * @return string + */ + function limit_filename_length($filename, $length) + { + if (strlen($filename) < $length) + { + return $filename; + } + + $ext = ''; + if (strpos($filename, '.') !== FALSE) + { + $parts = explode('.', $filename); + $ext = '.'.array_pop($parts); + $filename = implode('.', $parts); + } + + return substr($filename, 0, ($length - strlen($ext))).$ext; + } + + // -------------------------------------------------------------------- + + /** + * Runs the file through the XSS clean function + * + * This prevents people from embedding malicious code in their files. + * I'm not sure that it won't negatively affect certain files in unexpected ways, + * but so far I haven't found that it causes trouble. + * + * @access public + * @return void + */ + function do_xss_clean() + { + $file = $this->upload_path.$this->file_name; + + if (filesize($file) == 0) + { + return FALSE; + } + + if (($data = @file_get_contents($file)) === FALSE) + { + return FALSE; + } + + if ( ! $fp = @fopen($file, FOPEN_READ_WRITE)) + { + return FALSE; + } + + $CI =& get_instance(); + $data = $CI->input->xss_clean($data); + + flock($fp, LOCK_EX); + fwrite($fp, $data); + flock($fp, LOCK_UN); + fclose($fp); + } + + // -------------------------------------------------------------------- + + /** + * Set an error message + * + * @access public + * @param string + * @return void + */ + function set_error($msg) + { + $CI =& get_instance(); + $CI->lang->load('upload'); + + if (is_array($msg)) + { + foreach ($msg as $val) + { + $msg = ($CI->lang->line($val) == FALSE) ? $val : $CI->lang->line($val); + $this->error_msg[] = $msg; + log_message('error', $msg); + } + } + else + { + $msg = ($CI->lang->line($msg) == FALSE) ? $msg : $CI->lang->line($msg); + $this->error_msg[] = $msg; + log_message('error', $msg); + } + } + + // -------------------------------------------------------------------- + + /** + * Display the error message + * + * @access public + * @param string + * @param string + * @return string + */ + function display_errors($open = '<p>', $close = '</p>') + { + $str = ''; + foreach ($this->error_msg as $val) + { + $str .= $open.$val.$close; + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * List of Mime Types + * + * This is a list of mime types. We use it to validate + * the "allowed types" set by the developer + * + * @access public + * @param string + * @return string + */ + function mimes_types($mime) + { + global $mimes; + + if (count($this->mimes) == 0) + { + if (@require_once(APPPATH.'config/mimes'.EXT)) + { + $this->mimes = $mimes; + unset($mimes); + } + } + + return ( ! isset($this->mimes[$mime])) ? FALSE : $this->mimes[$mime]; + } + + // -------------------------------------------------------------------- + + /** + * Prep Filename + * + * Prevents possible script execution from Apache's handling of files multiple extensions + * http://httpd.apache.org/docs/1.3/mod/mod_mime.html#multipleext + * + * @access private + * @param string + * @return string + */ + function _prep_filename($filename) + { + if (strpos($filename, '.') === FALSE) + { + return $filename; + } + + $parts = explode('.', $filename); + $ext = array_pop($parts); + $filename = array_shift($parts); + + foreach ($parts as $part) + { + if ($this->mimes_types(strtolower($part)) === FALSE) + { + $filename .= '.'.$part.'_'; + } + else + { + $filename .= '.'.$part; + } + } + + // file name override, since the exact name is provided, no need to + // run it through a $this->mimes check. + if ($this->file_name != '') + { + $filename = $this->file_name; + } + + $filename .= '.'.$ext; + + return $filename; + } + + // -------------------------------------------------------------------- + +} +// END Upload Class + +/* End of file Upload.php */ +/* Location: ./system/libraries/Upload.php */
\ No newline at end of file diff --git a/system/libraries/User_agent.php b/system/libraries/User_agent.php new file mode 100644 index 000000000..180b93dea --- /dev/null +++ b/system/libraries/User_agent.php @@ -0,0 +1,502 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * User Agent Class + * + * Identifies the platform, browser, robot, or mobile devise of the browsing agent + * + * @package CodeIgniter + * @subpackage Libraries + * @category User Agent + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/user_agent.html + */ +class CI_User_agent { + + var $agent = NULL; + + var $is_browser = FALSE; + var $is_robot = FALSE; + var $is_mobile = FALSE; + + var $languages = array(); + var $charsets = array(); + + var $platforms = array(); + var $browsers = array(); + var $mobiles = array(); + var $robots = array(); + + var $platform = ''; + var $browser = ''; + var $version = ''; + var $mobile = ''; + var $robot = ''; + + /** + * Constructor + * + * Sets the User Agent and runs the compilation routine + * + * @access public + * @return void + */ + function CI_User_agent() + { + if (isset($_SERVER['HTTP_USER_AGENT'])) + { + $this->agent = trim($_SERVER['HTTP_USER_AGENT']); + } + + if ( ! is_null($this->agent)) + { + if ($this->_load_agent_file()) + { + $this->_compile_data(); + } + } + + log_message('debug', "User Agent Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Compile the User Agent Data + * + * @access private + * @return bool + */ + function _load_agent_file() + { + if ( ! @include(APPPATH.'config/user_agents'.EXT)) + { + return FALSE; + } + + $return = FALSE; + + if (isset($platforms)) + { + $this->platforms = $platforms; + unset($platforms); + $return = TRUE; + } + + if (isset($browsers)) + { + $this->browsers = $browsers; + unset($browsers); + $return = TRUE; + } + + if (isset($mobiles)) + { + $this->mobiles = $mobiles; + unset($mobiles); + $return = TRUE; + } + + if (isset($robots)) + { + $this->robots = $robots; + unset($robots); + $return = TRUE; + } + + return $return; + } + + // -------------------------------------------------------------------- + + /** + * Compile the User Agent Data + * + * @access private + * @return bool + */ + function _compile_data() + { + $this->_set_platform(); + + foreach (array('_set_browser', '_set_robot', '_set_mobile') as $function) + { + if ($this->$function() === TRUE) + { + break; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Set the Platform + * + * @access private + * @return mixed + */ + function _set_platform() + { + if (is_array($this->platforms) AND count($this->platforms) > 0) + { + foreach ($this->platforms as $key => $val) + { + if (preg_match("|".preg_quote($key)."|i", $this->agent)) + { + $this->platform = $val; + return TRUE; + } + } + } + $this->platform = 'Unknown Platform'; + } + + // -------------------------------------------------------------------- + + /** + * Set the Browser + * + * @access private + * @return bool + */ + function _set_browser() + { + if (is_array($this->browsers) AND count($this->browsers) > 0) + { + foreach ($this->browsers as $key => $val) + { + if (preg_match("|".preg_quote($key).".*?([0-9\.]+)|i", $this->agent, $match)) + { + $this->is_browser = TRUE; + $this->version = $match[1]; + $this->browser = $val; + $this->_set_mobile(); + return TRUE; + } + } + } + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Set the Robot + * + * @access private + * @return bool + */ + function _set_robot() + { + if (is_array($this->robots) AND count($this->robots) > 0) + { + foreach ($this->robots as $key => $val) + { + if (preg_match("|".preg_quote($key)."|i", $this->agent)) + { + $this->is_robot = TRUE; + $this->robot = $val; + return TRUE; + } + } + } + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Set the Mobile Device + * + * @access private + * @return bool + */ + function _set_mobile() + { + if (is_array($this->mobiles) AND count($this->mobiles) > 0) + { + foreach ($this->mobiles as $key => $val) + { + if (FALSE !== (strpos(strtolower($this->agent), $key))) + { + $this->is_mobile = TRUE; + $this->mobile = $val; + return TRUE; + } + } + } + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Set the accepted languages + * + * @access private + * @return void + */ + function _set_languages() + { + if ((count($this->languages) == 0) AND isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) AND $_SERVER['HTTP_ACCEPT_LANGUAGE'] != '') + { + $languages = preg_replace('/(;q=[0-9\.]+)/i', '', strtolower(trim($_SERVER['HTTP_ACCEPT_LANGUAGE']))); + + $this->languages = explode(',', $languages); + } + + if (count($this->languages) == 0) + { + $this->languages = array('Undefined'); + } + } + + // -------------------------------------------------------------------- + + /** + * Set the accepted character sets + * + * @access private + * @return void + */ + function _set_charsets() + { + if ((count($this->charsets) == 0) AND isset($_SERVER['HTTP_ACCEPT_CHARSET']) AND $_SERVER['HTTP_ACCEPT_CHARSET'] != '') + { + $charsets = preg_replace('/(;q=.+)/i', '', strtolower(trim($_SERVER['HTTP_ACCEPT_CHARSET']))); + + $this->charsets = explode(',', $charsets); + } + + if (count($this->charsets) == 0) + { + $this->charsets = array('Undefined'); + } + } + + // -------------------------------------------------------------------- + + /** + * Is Browser + * + * @access public + * @return bool + */ + function is_browser() + { + return $this->is_browser; + } + + // -------------------------------------------------------------------- + + /** + * Is Robot + * + * @access public + * @return bool + */ + function is_robot() + { + return $this->is_robot; + } + + // -------------------------------------------------------------------- + + /** + * Is Mobile + * + * @access public + * @return bool + */ + function is_mobile() + { + return $this->is_mobile; + } + + // -------------------------------------------------------------------- + + /** + * Is this a referral from another site? + * + * @access public + * @return bool + */ + function is_referral() + { + return ( ! isset($_SERVER['HTTP_REFERER']) OR $_SERVER['HTTP_REFERER'] == '') ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Agent String + * + * @access public + * @return string + */ + function agent_string() + { + return $this->agent; + } + + // -------------------------------------------------------------------- + + /** + * Get Platform + * + * @access public + * @return string + */ + function platform() + { + return $this->platform; + } + + // -------------------------------------------------------------------- + + /** + * Get Browser Name + * + * @access public + * @return string + */ + function browser() + { + return $this->browser; + } + + // -------------------------------------------------------------------- + + /** + * Get the Browser Version + * + * @access public + * @return string + */ + function version() + { + return $this->version; + } + + // -------------------------------------------------------------------- + + /** + * Get The Robot Name + * + * @access public + * @return string + */ + function robot() + { + return $this->robot; + } + // -------------------------------------------------------------------- + + /** + * Get the Mobile Device + * + * @access public + * @return string + */ + function mobile() + { + return $this->mobile; + } + + // -------------------------------------------------------------------- + + /** + * Get the referrer + * + * @access public + * @return bool + */ + function referrer() + { + return ( ! isset($_SERVER['HTTP_REFERER']) OR $_SERVER['HTTP_REFERER'] == '') ? '' : trim($_SERVER['HTTP_REFERER']); + } + + // -------------------------------------------------------------------- + + /** + * Get the accepted languages + * + * @access public + * @return array + */ + function languages() + { + if (count($this->languages) == 0) + { + $this->_set_languages(); + } + + return $this->languages; + } + + // -------------------------------------------------------------------- + + /** + * Get the accepted Character Sets + * + * @access public + * @return array + */ + function charsets() + { + if (count($this->charsets) == 0) + { + $this->_set_charsets(); + } + + return $this->charsets; + } + + // -------------------------------------------------------------------- + + /** + * Test for a particular language + * + * @access public + * @return bool + */ + function accept_lang($lang = 'en') + { + return (in_array(strtolower($lang), $this->languages(), TRUE)) ? TRUE : FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Test for a particular character set + * + * @access public + * @return bool + */ + function accept_charset($charset = 'utf-8') + { + return (in_array(strtolower($charset), $this->charsets(), TRUE)) ? TRUE : FALSE; + } + + +} + + +/* End of file User_agent.php */ +/* Location: ./system/libraries/User_agent.php */
\ No newline at end of file diff --git a/system/libraries/Validation.php b/system/libraries/Validation.php new file mode 100644 index 000000000..5e7759f14 --- /dev/null +++ b/system/libraries/Validation.php @@ -0,0 +1,875 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Validation Class + * + * @package CodeIgniter + * @subpackage Libraries + * @category Validation + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/validation.html + */ +class CI_Validation { + + var $CI; + var $error_string = ''; + var $_error_array = array(); + var $_rules = array(); + var $_fields = array(); + var $_error_messages = array(); + var $_current_field = ''; + var $_safe_form_data = FALSE; + var $_error_prefix = '<p>'; + var $_error_suffix = '</p>'; + + + + /** + * Constructor + * + */ + function CI_Validation() + { + $this->CI =& get_instance(); + + if (function_exists('mb_internal_encoding')) + { + mb_internal_encoding($this->CI->config->item('charset')); + } + + log_message('debug', "Validation Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Set Fields + * + * This function takes an array of field names as input + * and generates class variables with the same name, which will + * either be blank or contain the $_POST value corresponding to it + * + * @access public + * @param string + * @param string + * @return void + */ + function set_fields($data = '', $field = '') + { + if ($data == '') + { + if (count($this->_fields) == 0) + { + return FALSE; + } + } + else + { + if ( ! is_array($data)) + { + $data = array($data => $field); + } + + if (count($data) > 0) + { + $this->_fields = $data; + } + } + + foreach($this->_fields as $key => $val) + { + $this->$key = ( ! isset($_POST[$key])) ? '' : $this->prep_for_form($_POST[$key]); + + $error = $key.'_error'; + if ( ! isset($this->$error)) + { + $this->$error = ''; + } + } + } + + // -------------------------------------------------------------------- + + /** + * Set Rules + * + * This function takes an array of field names and validation + * rules as input ad simply stores is for use later. + * + * @access public + * @param mixed + * @param string + * @return void + */ + function set_rules($data, $rules = '') + { + if ( ! is_array($data)) + { + if ($rules == '') + return; + + $data = array($data => $rules); + } + + foreach ($data as $key => $val) + { + $this->_rules[$key] = $val; + } + } + + // -------------------------------------------------------------------- + + /** + * Set Error Message + * + * Lets users set their own error messages on the fly. Note: The key + * name has to match the function name that it corresponds to. + * + * @access public + * @param string + * @param string + * @return string + */ + function set_message($lang, $val = '') + { + if ( ! is_array($lang)) + { + $lang = array($lang => $val); + } + + $this->_error_messages = array_merge($this->_error_messages, $lang); + } + + // -------------------------------------------------------------------- + + /** + * Set The Error Delimiter + * + * Permits a prefix/suffix to be added to each error message + * + * @access public + * @param string + * @param string + * @return void + */ + function set_error_delimiters($prefix = '<p>', $suffix = '</p>') + { + $this->_error_prefix = $prefix; + $this->_error_suffix = $suffix; + } + + // -------------------------------------------------------------------- + + /** + * Run the Validator + * + * This function does all the work. + * + * @access public + * @return bool + */ + function run() + { + // Do we even have any data to process? Mm? + if (count($_POST) == 0 OR count($this->_rules) == 0) + { + return FALSE; + } + + // Load the language file containing error messages + $this->CI->lang->load('validation'); + + // Cycle through the rules and test for errors + foreach ($this->_rules as $field => $rules) + { + //Explode out the rules! + $ex = explode('|', $rules); + + // Is the field required? If not, if the field is blank we'll move on to the next test + if ( ! in_array('required', $ex, TRUE)) + { + if ( ! isset($_POST[$field]) OR $_POST[$field] == '') + { + continue; + } + } + + /* + * Are we dealing with an "isset" rule? + * + * Before going further, we'll see if one of the rules + * is to check whether the item is set (typically this + * applies only to checkboxes). If so, we'll + * test for it here since there's not reason to go + * further + */ + if ( ! isset($_POST[$field])) + { + if (in_array('isset', $ex, TRUE) OR in_array('required', $ex)) + { + if ( ! isset($this->_error_messages['isset'])) + { + if (FALSE === ($line = $this->CI->lang->line('isset'))) + { + $line = 'The field was not set'; + } + } + else + { + $line = $this->_error_messages['isset']; + } + + // Build the error message + $mfield = ( ! isset($this->_fields[$field])) ? $field : $this->_fields[$field]; + $message = sprintf($line, $mfield); + + // Set the error variable. Example: $this->username_error + $error = $field.'_error'; + $this->$error = $this->_error_prefix.$message.$this->_error_suffix; + $this->_error_array[] = $message; + } + + continue; + } + + /* + * Set the current field + * + * The various prepping functions need to know the + * current field name so they can do this: + * + * $_POST[$this->_current_field] == 'bla bla'; + */ + $this->_current_field = $field; + + // Cycle through the rules! + foreach ($ex As $rule) + { + // Is the rule a callback? + $callback = FALSE; + if (substr($rule, 0, 9) == 'callback_') + { + $rule = substr($rule, 9); + $callback = TRUE; + } + + // Strip the parameter (if exists) from the rule + // Rules can contain a parameter: max_length[5] + $param = FALSE; + if (preg_match("/(.*?)\[(.*?)\]/", $rule, $match)) + { + $rule = $match[1]; + $param = $match[2]; + } + + // Call the function that corresponds to the rule + if ($callback === TRUE) + { + if ( ! method_exists($this->CI, $rule)) + { + continue; + } + + $result = $this->CI->$rule($_POST[$field], $param); + + // If the field isn't required and we just processed a callback we'll move on... + if ( ! in_array('required', $ex, TRUE) AND $result !== FALSE) + { + continue 2; + } + + } + else + { + if ( ! method_exists($this, $rule)) + { + /* + * Run the native PHP function if called for + * + * If our own wrapper function doesn't exist we see + * if a native PHP function does. Users can use + * any native PHP function call that has one param. + */ + if (function_exists($rule)) + { + $_POST[$field] = $rule($_POST[$field]); + $this->$field = $_POST[$field]; + } + + continue; + } + + $result = $this->$rule($_POST[$field], $param); + } + + // Did the rule test negatively? If so, grab the error. + if ($result === FALSE) + { + if ( ! isset($this->_error_messages[$rule])) + { + if (FALSE === ($line = $this->CI->lang->line($rule))) + { + $line = 'Unable to access an error message corresponding to your field name.'; + } + } + else + { + $line = $this->_error_messages[$rule]; + } + + // Build the error message + $mfield = ( ! isset($this->_fields[$field])) ? $field : $this->_fields[$field]; + $mparam = ( ! isset($this->_fields[$param])) ? $param : $this->_fields[$param]; + $message = sprintf($line, $mfield, $mparam); + + // Set the error variable. Example: $this->username_error + $error = $field.'_error'; + $this->$error = $this->_error_prefix.$message.$this->_error_suffix; + + // Add the error to the error array + $this->_error_array[] = $message; + continue 2; + } + } + + } + + $total_errors = count($this->_error_array); + + /* + * Recompile the class variables + * + * If any prepping functions were called the $_POST data + * might now be different then the corresponding class + * variables so we'll set them anew. + */ + if ($total_errors > 0) + { + $this->_safe_form_data = TRUE; + } + + $this->set_fields(); + + // Did we end up with any errors? + if ($total_errors == 0) + { + return TRUE; + } + + // Generate the error string + foreach ($this->_error_array as $val) + { + $this->error_string .= $this->_error_prefix.$val.$this->_error_suffix."\n"; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Required + * + * @access public + * @param string + * @return bool + */ + function required($str) + { + if ( ! is_array($str)) + { + return (trim($str) == '') ? FALSE : TRUE; + } + else + { + return ( ! empty($str)); + } + } + + // -------------------------------------------------------------------- + + /** + * Match one field to another + * + * @access public + * @param string + * @param field + * @return bool + */ + function matches($str, $field) + { + if ( ! isset($_POST[$field])) + { + return FALSE; + } + + return ($str !== $_POST[$field]) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Minimum Length + * + * @access public + * @param string + * @param value + * @return bool + */ + function min_length($str, $val) + { + if (preg_match("/[^0-9]/", $val)) + { + return FALSE; + } + + if (function_exists('mb_strlen')) + { + return (mb_strlen($str) < $val) ? FALSE : TRUE; + } + + return (strlen($str) < $val) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Max Length + * + * @access public + * @param string + * @param value + * @return bool + */ + function max_length($str, $val) + { + if (preg_match("/[^0-9]/", $val)) + { + return FALSE; + } + + if (function_exists('mb_strlen')) + { + return (mb_strlen($str) > $val) ? FALSE : TRUE; + } + + return (strlen($str) > $val) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Exact Length + * + * @access public + * @param string + * @param value + * @return bool + */ + function exact_length($str, $val) + { + if (preg_match("/[^0-9]/", $val)) + { + return FALSE; + } + + if (function_exists('mb_strlen')) + { + return (mb_strlen($str) != $val) ? FALSE : TRUE; + } + + return (strlen($str) != $val) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Valid Email + * + * @access public + * @param string + * @return bool + */ + function valid_email($str) + { + return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Valid Emails + * + * @access public + * @param string + * @return bool + */ + function valid_emails($str) + { + if (strpos($str, ',') === FALSE) + { + return $this->valid_email(trim($str)); + } + + foreach(explode(',', $str) as $email) + { + if (trim($email) != '' && $this->valid_email(trim($email)) === FALSE) + { + return FALSE; + } + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Validate IP Address + * + * @access public + * @param string + * @return string + */ + function valid_ip($ip) + { + return $this->CI->input->valid_ip($ip); + } + + // -------------------------------------------------------------------- + + /** + * Alpha + * + * @access public + * @param string + * @return bool + */ + function alpha($str) + { + return ( ! preg_match("/^([a-z])+$/i", $str)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Alpha-numeric + * + * @access public + * @param string + * @return bool + */ + function alpha_numeric($str) + { + return ( ! preg_match("/^([a-z0-9])+$/i", $str)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Alpha-numeric with underscores and dashes + * + * @access public + * @param string + * @return bool + */ + function alpha_dash($str) + { + return ( ! preg_match("/^([-a-z0-9_-])+$/i", $str)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Numeric + * + * @access public + * @param string + * @return bool + */ + function numeric($str) + { + return (bool)preg_match( '/^[\-+]?[0-9]*\.?[0-9]+$/', $str); + + } + + // -------------------------------------------------------------------- + + /** + * Is Numeric + * + * @access public + * @param string + * @return bool + */ + function is_numeric($str) + { + return ( ! is_numeric($str)) ? FALSE : TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Integer + * + * @access public + * @param string + * @return bool + */ + function integer($str) + { + return (bool)preg_match( '/^[\-+]?[0-9]+$/', $str); + } + + // -------------------------------------------------------------------- + + /** + * Is a Natural number (0,1,2,3, etc.) + * + * @access public + * @param string + * @return bool + */ + function is_natural($str) + { + return (bool)preg_match( '/^[0-9]+$/', $str); + } + + // -------------------------------------------------------------------- + + /** + * Is a Natural number, but not a zero (1,2,3, etc.) + * + * @access public + * @param string + * @return bool + */ + function is_natural_no_zero($str) + { + if ( ! preg_match( '/^[0-9]+$/', $str)) + { + return FALSE; + } + + if ($str == 0) + { + return FALSE; + } + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Valid Base64 + * + * Tests a string for characters outside of the Base64 alphabet + * as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045 + * + * @access public + * @param string + * @return bool + */ + function valid_base64($str) + { + return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str); + } + + // -------------------------------------------------------------------- + + /** + * Set Select + * + * Enables pull-down lists to be set to the value the user + * selected in the event of an error + * + * @access public + * @param string + * @param string + * @return string + */ + function set_select($field = '', $value = '') + { + if ($field == '' OR $value == '' OR ! isset($_POST[$field])) + { + return ''; + } + + if ($_POST[$field] == $value) + { + return ' selected="selected"'; + } + } + + // -------------------------------------------------------------------- + + /** + * Set Radio + * + * Enables radio buttons to be set to the value the user + * selected in the event of an error + * + * @access public + * @param string + * @param string + * @return string + */ + function set_radio($field = '', $value = '') + { + if ($field == '' OR $value == '' OR ! isset($_POST[$field])) + { + return ''; + } + + if ($_POST[$field] == $value) + { + return ' checked="checked"'; + } + } + + // -------------------------------------------------------------------- + + /** + * Set Checkbox + * + * Enables checkboxes to be set to the value the user + * selected in the event of an error + * + * @access public + * @param string + * @param string + * @return string + */ + function set_checkbox($field = '', $value = '') + { + if ($field == '' OR $value == '' OR ! isset($_POST[$field])) + { + return ''; + } + + if ($_POST[$field] == $value) + { + return ' checked="checked"'; + } + } + + // -------------------------------------------------------------------- + + /** + * Prep data for form + * + * This function allows HTML to be safely shown in a form. + * Special characters are converted. + * + * @access public + * @param string + * @return string + */ + function prep_for_form($data = '') + { + if (is_array($data)) + { + foreach ($data as $key => $val) + { + $data[$key] = $this->prep_for_form($val); + } + + return $data; + } + + if ($this->_safe_form_data == FALSE OR $data == '') + { + return $data; + } + + return str_replace(array("'", '"', '<', '>'), array("'", """, '<', '>'), stripslashes($data)); + } + + // -------------------------------------------------------------------- + + /** + * Prep URL + * + * @access public + * @param string + * @return string + */ + function prep_url($str = '') + { + if ($str == 'http://' OR $str == '') + { + $_POST[$this->_current_field] = ''; + return; + } + + if (substr($str, 0, 7) != 'http://' && substr($str, 0, 8) != 'https://') + { + $str = 'http://'.$str; + } + + $_POST[$this->_current_field] = $str; + } + + // -------------------------------------------------------------------- + + /** + * Strip Image Tags + * + * @access public + * @param string + * @return string + */ + function strip_image_tags($str) + { + $_POST[$this->_current_field] = $this->CI->input->strip_image_tags($str); + } + + // -------------------------------------------------------------------- + + /** + * XSS Clean + * + * @access public + * @param string + * @return string + */ + function xss_clean($str) + { + $_POST[$this->_current_field] = $this->CI->input->xss_clean($str); + } + + // -------------------------------------------------------------------- + + /** + * Convert PHP tags to entities + * + * @access public + * @param string + * @return string + */ + function encode_php_tags($str) + { + $_POST[$this->_current_field] = str_replace(array('<?php', '<?PHP', '<?', '?>'), array('<?php', '<?PHP', '<?', '?>'), $str); + } + +} +// END Validation Class + +/* End of file Validation.php */ +/* Location: ./system/libraries/Validation.php */
\ No newline at end of file diff --git a/system/libraries/Xmlrpc.php b/system/libraries/Xmlrpc.php new file mode 100644 index 000000000..5460842b6 --- /dev/null +++ b/system/libraries/Xmlrpc.php @@ -0,0 +1,1421 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +if ( ! function_exists('xml_parser_create')) +{ + show_error('Your PHP installation does not support XML'); +} + + +// ------------------------------------------------------------------------ + +/** + * XML-RPC request handler class + * + * @package CodeIgniter + * @subpackage Libraries + * @category XML-RPC + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + */ +class CI_Xmlrpc { + + var $debug = FALSE; // Debugging on or off + var $xmlrpcI4 = 'i4'; + var $xmlrpcInt = 'int'; + var $xmlrpcBoolean = 'boolean'; + var $xmlrpcDouble = 'double'; + var $xmlrpcString = 'string'; + var $xmlrpcDateTime = 'dateTime.iso8601'; + var $xmlrpcBase64 = 'base64'; + var $xmlrpcArray = 'array'; + var $xmlrpcStruct = 'struct'; + + var $xmlrpcTypes = array(); + var $valid_parents = array(); + var $xmlrpcerr = array(); // Response numbers + var $xmlrpcstr = array(); // Response strings + + var $xmlrpc_defencoding = 'UTF-8'; + var $xmlrpcName = 'XML-RPC for CodeIgniter'; + var $xmlrpcVersion = '1.1'; + var $xmlrpcerruser = 800; // Start of user errors + var $xmlrpcerrxml = 100; // Start of XML Parse errors + var $xmlrpc_backslash = ''; // formulate backslashes for escaping regexp + + var $client; + var $method; + var $data; + var $message = ''; + var $error = ''; // Error string for request + var $result; + var $response = array(); // Response from remote server + + + //------------------------------------- + // VALUES THAT MULTIPLE CLASSES NEED + //------------------------------------- + + function CI_Xmlrpc ($config = array()) + { + $this->xmlrpcName = $this->xmlrpcName; + $this->xmlrpc_backslash = chr(92).chr(92); + + // Types for info sent back and forth + $this->xmlrpcTypes = array( + $this->xmlrpcI4 => '1', + $this->xmlrpcInt => '1', + $this->xmlrpcBoolean => '1', + $this->xmlrpcString => '1', + $this->xmlrpcDouble => '1', + $this->xmlrpcDateTime => '1', + $this->xmlrpcBase64 => '1', + $this->xmlrpcArray => '2', + $this->xmlrpcStruct => '3' + ); + + // Array of Valid Parents for Various XML-RPC elements + $this->valid_parents = array('BOOLEAN' => array('VALUE'), + 'I4' => array('VALUE'), + 'INT' => array('VALUE'), + 'STRING' => array('VALUE'), + 'DOUBLE' => array('VALUE'), + 'DATETIME.ISO8601' => array('VALUE'), + 'BASE64' => array('VALUE'), + 'ARRAY' => array('VALUE'), + 'STRUCT' => array('VALUE'), + 'PARAM' => array('PARAMS'), + 'METHODNAME' => array('METHODCALL'), + 'PARAMS' => array('METHODCALL', 'METHODRESPONSE'), + 'MEMBER' => array('STRUCT'), + 'NAME' => array('MEMBER'), + 'DATA' => array('ARRAY'), + 'FAULT' => array('METHODRESPONSE'), + 'VALUE' => array('MEMBER', 'DATA', 'PARAM', 'FAULT') + ); + + + // XML-RPC Responses + $this->xmlrpcerr['unknown_method'] = '1'; + $this->xmlrpcstr['unknown_method'] = 'This is not a known method for this XML-RPC Server'; + $this->xmlrpcerr['invalid_return'] = '2'; + $this->xmlrpcstr['invalid_return'] = 'The XML data receieved was either invalid or not in the correct form for XML-RPC. Turn on debugging to examine the XML data further.'; + $this->xmlrpcerr['incorrect_params'] = '3'; + $this->xmlrpcstr['incorrect_params'] = 'Incorrect parameters were passed to method'; + $this->xmlrpcerr['introspect_unknown'] = '4'; + $this->xmlrpcstr['introspect_unknown'] = "Cannot inspect signature for request: method unknown"; + $this->xmlrpcerr['http_error'] = '5'; + $this->xmlrpcstr['http_error'] = "Did not receive a '200 OK' response from remote server."; + $this->xmlrpcerr['no_data'] = '6'; + $this->xmlrpcstr['no_data'] ='No data received from server.'; + + $this->initialize($config); + + log_message('debug', "XML-RPC Class Initialized"); + } + + + //------------------------------------- + // Initialize Prefs + //------------------------------------- + + function initialize($config = array()) + { + if (count($config) > 0) + { + foreach ($config as $key => $val) + { + if (isset($this->$key)) + { + $this->$key = $val; + } + } + } + } + // END + + //------------------------------------- + // Take URL and parse it + //------------------------------------- + + function server($url, $port=80) + { + if (substr($url, 0, 4) != "http") + { + $url = "http://".$url; + } + + $parts = parse_url($url); + + $path = ( ! isset($parts['path'])) ? '/' : $parts['path']; + + if (isset($parts['query']) && $parts['query'] != '') + { + $path .= '?'.$parts['query']; + } + + $this->client = new XML_RPC_Client($path, $parts['host'], $port); + } + // END + + //------------------------------------- + // Set Timeout + //------------------------------------- + + function timeout($seconds=5) + { + if ( ! is_null($this->client) && is_int($seconds)) + { + $this->client->timeout = $seconds; + } + } + // END + + //------------------------------------- + // Set Methods + //------------------------------------- + + function method($function) + { + $this->method = $function; + } + // END + + //------------------------------------- + // Take Array of Data and Create Objects + //------------------------------------- + + function request($incoming) + { + if ( ! is_array($incoming)) + { + // Send Error + } + + $this->data = array(); + + foreach($incoming as $key => $value) + { + $this->data[$key] = $this->values_parsing($value); + } + } + // END + + + //------------------------------------- + // Set Debug + //------------------------------------- + + function set_debug($flag = TRUE) + { + $this->debug = ($flag == TRUE) ? TRUE : FALSE; + } + + //------------------------------------- + // Values Parsing + //------------------------------------- + + function values_parsing($value, $return = FALSE) + { + if (is_array($value) && isset($value['0'])) + { + if ( ! isset($value['1']) OR (! isset($this->xmlrpcTypes[$value['1']]))) + { + if (is_array($value[0])) + { + $temp = new XML_RPC_Values($value['0'], 'array'); + } + else + { + $temp = new XML_RPC_Values($value['0'], 'string'); + } + } + elseif(is_array($value['0']) && ($value['1'] == 'struct' OR $value['1'] == 'array')) + { + while (list($k) = each($value['0'])) + { + $value['0'][$k] = $this->values_parsing($value['0'][$k], TRUE); + } + + $temp = new XML_RPC_Values($value['0'], $value['1']); + } + else + { + $temp = new XML_RPC_Values($value['0'], $value['1']); + } + } + else + { + $temp = new XML_RPC_Values($value, 'string'); + } + + return $temp; + } + // END + + + //------------------------------------- + // Sends XML-RPC Request + //------------------------------------- + + function send_request() + { + $this->message = new XML_RPC_Message($this->method,$this->data); + $this->message->debug = $this->debug; + + if ( ! $this->result = $this->client->send($this->message)) + { + $this->error = $this->result->errstr; + return FALSE; + } + elseif( ! is_object($this->result->val)) + { + $this->error = $this->result->errstr; + return FALSE; + } + + $this->response = $this->result->decode(); + + return TRUE; + } + // END + + //------------------------------------- + // Returns Error + //------------------------------------- + + function display_error() + { + return $this->error; + } + // END + + //------------------------------------- + // Returns Remote Server Response + //------------------------------------- + + function display_response() + { + return $this->response; + } + // END + + //------------------------------------- + // Sends an Error Message for Server Request + //------------------------------------- + + function send_error_message($number, $message) + { + return new XML_RPC_Response('0',$number, $message); + } + // END + + + //------------------------------------- + // Send Response for Server Request + //------------------------------------- + + function send_response($response) + { + // $response should be array of values, which will be parsed + // based on their data and type into a valid group of XML-RPC values + + $response = $this->values_parsing($response); + + return new XML_RPC_Response($response); + } + // END + +} // END XML_RPC Class + + + +/** + * XML-RPC Client class + * + * @category XML-RPC + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + */ +class XML_RPC_Client extends CI_Xmlrpc +{ + var $path = ''; + var $server = ''; + var $port = 80; + var $errno = ''; + var $errstring = ''; + var $timeout = 5; + var $no_multicall = false; + + function XML_RPC_Client($path, $server, $port=80) + { + parent::CI_Xmlrpc(); + + $this->port = $port; + $this->server = $server; + $this->path = $path; + } + + function send($msg) + { + if (is_array($msg)) + { + // Multi-call disabled + $r = new XML_RPC_Response(0, $this->xmlrpcerr['multicall_recursion'],$this->xmlrpcstr['multicall_recursion']); + return $r; + } + + return $this->sendPayload($msg); + } + + function sendPayload($msg) + { + $fp = @fsockopen($this->server, $this->port,$this->errno, $this->errstr, $this->timeout); + + if ( ! is_resource($fp)) + { + error_log($this->xmlrpcstr['http_error']); + $r = new XML_RPC_Response(0, $this->xmlrpcerr['http_error'],$this->xmlrpcstr['http_error']); + return $r; + } + + if(empty($msg->payload)) + { + // $msg = XML_RPC_Messages + $msg->createPayload(); + } + + $r = "\r\n"; + $op = "POST {$this->path} HTTP/1.0$r"; + $op .= "Host: {$this->server}$r"; + $op .= "Content-Type: text/xml$r"; + $op .= "User-Agent: {$this->xmlrpcName}$r"; + $op .= "Content-Length: ".strlen($msg->payload). "$r$r"; + $op .= $msg->payload; + + + if ( ! fputs($fp, $op, strlen($op))) + { + error_log($this->xmlrpcstr['http_error']); + $r = new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error']); + return $r; + } + $resp = $msg->parseResponse($fp); + fclose($fp); + return $resp; + } + +} // end class XML_RPC_Client + + +/** + * XML-RPC Response class + * + * @category XML-RPC + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + */ +class XML_RPC_Response +{ + var $val = 0; + var $errno = 0; + var $errstr = ''; + var $headers = array(); + + function XML_RPC_Response($val, $code = 0, $fstr = '') + { + if ($code != 0) + { + // error + $this->errno = $code; + $this->errstr = htmlentities($fstr); + } + else if ( ! is_object($val)) + { + // programmer error, not an object + error_log("Invalid type '" . gettype($val) . "' (value: $val) passed to XML_RPC_Response. Defaulting to empty value."); + $this->val = new XML_RPC_Values(); + } + else + { + $this->val = $val; + } + } + + function faultCode() + { + return $this->errno; + } + + function faultString() + { + return $this->errstr; + } + + function value() + { + return $this->val; + } + + function prepare_response() + { + $result = "<methodResponse>\n"; + if ($this->errno) + { + $result .= '<fault> + <value> + <struct> + <member> + <name>faultCode</name> + <value><int>' . $this->errno . '</int></value> + </member> + <member> + <name>faultString</name> + <value><string>' . $this->errstr . '</string></value> + </member> + </struct> + </value> +</fault>'; + } + else + { + $result .= "<params>\n<param>\n" . + $this->val->serialize_class() . + "</param>\n</params>"; + } + $result .= "\n</methodResponse>"; + return $result; + } + + function decode($array=FALSE) + { + $CI =& get_instance(); + + if ($array !== FALSE && is_array($array)) + { + while (list($key) = each($array)) + { + if (is_array($array[$key])) + { + $array[$key] = $this->decode($array[$key]); + } + else + { + $array[$key] = $CI->input->xss_clean($array[$key]); + } + } + + $result = $array; + } + else + { + $result = $this->xmlrpc_decoder($this->val); + + if (is_array($result)) + { + $result = $this->decode($result); + } + else + { + $result = $CI->input->xss_clean($result); + } + } + + return $result; + } + + + + //------------------------------------- + // XML-RPC Object to PHP Types + //------------------------------------- + + function xmlrpc_decoder($xmlrpc_val) + { + $kind = $xmlrpc_val->kindOf(); + + if($kind == 'scalar') + { + return $xmlrpc_val->scalarval(); + } + elseif($kind == 'array') + { + reset($xmlrpc_val->me); + list($a,$b) = each($xmlrpc_val->me); + $size = count($b); + + $arr = array(); + + for($i = 0; $i < $size; $i++) + { + $arr[] = $this->xmlrpc_decoder($xmlrpc_val->me['array'][$i]); + } + return $arr; + } + elseif($kind == 'struct') + { + reset($xmlrpc_val->me['struct']); + $arr = array(); + + while(list($key,$value) = each($xmlrpc_val->me['struct'])) + { + $arr[$key] = $this->xmlrpc_decoder($value); + } + return $arr; + } + } + + + //------------------------------------- + // ISO-8601 time to server or UTC time + //------------------------------------- + + function iso8601_decode($time, $utc=0) + { + // return a timet in the localtime, or UTC + $t = 0; + if (preg_match('/([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})/', $time, $regs)) + { + if ($utc == 1) + $t = gmmktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); + else + $t = mktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); + } + return $t; + } + +} // End Response Class + + + +/** + * XML-RPC Message class + * + * @category XML-RPC + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + */ +class XML_RPC_Message extends CI_Xmlrpc +{ + var $payload; + var $method_name; + var $params = array(); + var $xh = array(); + + function XML_RPC_Message($method, $pars=0) + { + parent::CI_Xmlrpc(); + + $this->method_name = $method; + if (is_array($pars) && count($pars) > 0) + { + for($i=0; $i<count($pars); $i++) + { + // $pars[$i] = XML_RPC_Values + $this->params[] = $pars[$i]; + } + } + } + + //------------------------------------- + // Create Payload to Send + //------------------------------------- + + function createPayload() + { + $this->payload = "<?xml version=\"1.0\"?".">\r\n<methodCall>\r\n"; + $this->payload .= '<methodName>' . $this->method_name . "</methodName>\r\n"; + $this->payload .= "<params>\r\n"; + + for($i=0; $i<count($this->params); $i++) + { + // $p = XML_RPC_Values + $p = $this->params[$i]; + $this->payload .= "<param>\r\n".$p->serialize_class()."</param>\r\n"; + } + + $this->payload .= "</params>\r\n</methodCall>\r\n"; + } + + //------------------------------------- + // Parse External XML-RPC Server's Response + //------------------------------------- + + function parseResponse($fp) + { + $data = ''; + + while($datum = fread($fp, 4096)) + { + $data .= $datum; + } + + //------------------------------------- + // DISPLAY HTTP CONTENT for DEBUGGING + //------------------------------------- + + if ($this->debug === TRUE) + { + echo "<pre>"; + echo "---DATA---\n" . htmlspecialchars($data) . "\n---END DATA---\n\n"; + echo "</pre>"; + } + + //------------------------------------- + // Check for data + //------------------------------------- + + if($data == "") + { + error_log($this->xmlrpcstr['no_data']); + $r = new XML_RPC_Response(0, $this->xmlrpcerr['no_data'], $this->xmlrpcstr['no_data']); + return $r; + } + + + //------------------------------------- + // Check for HTTP 200 Response + //------------------------------------- + + if (strncmp($data, 'HTTP', 4) == 0 && ! preg_match('/^HTTP\/[0-9\.]+ 200 /', $data)) + { + $errstr= substr($data, 0, strpos($data, "\n")-1); + $r = new XML_RPC_Response(0, $this->xmlrpcerr['http_error'], $this->xmlrpcstr['http_error']. ' (' . $errstr . ')'); + return $r; + } + + //------------------------------------- + // Create and Set Up XML Parser + //------------------------------------- + + $parser = xml_parser_create($this->xmlrpc_defencoding); + + $this->xh[$parser] = array(); + $this->xh[$parser]['isf'] = 0; + $this->xh[$parser]['ac'] = ''; + $this->xh[$parser]['headers'] = array(); + $this->xh[$parser]['stack'] = array(); + $this->xh[$parser]['valuestack'] = array(); + $this->xh[$parser]['isf_reason'] = 0; + + xml_set_object($parser, $this); + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); + xml_set_element_handler($parser, 'open_tag', 'closing_tag'); + xml_set_character_data_handler($parser, 'character_data'); + //xml_set_default_handler($parser, 'default_handler'); + + + //------------------------------------- + // GET HEADERS + //------------------------------------- + + $lines = explode("\r\n", $data); + while (($line = array_shift($lines))) + { + if (strlen($line) < 1) + { + break; + } + $this->xh[$parser]['headers'][] = $line; + } + $data = implode("\r\n", $lines); + + + //------------------------------------- + // PARSE XML DATA + //------------------------------------- + + if ( ! xml_parse($parser, $data, count($data))) + { + $errstr = sprintf('XML error: %s at line %d', + xml_error_string(xml_get_error_code($parser)), + xml_get_current_line_number($parser)); + //error_log($errstr); + $r = new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'], $this->xmlrpcstr['invalid_return']); + xml_parser_free($parser); + return $r; + } + xml_parser_free($parser); + + // --------------------------------------- + // Got Ourselves Some Badness, It Seems + // --------------------------------------- + + if ($this->xh[$parser]['isf'] > 1) + { + if ($this->debug === TRUE) + { + echo "---Invalid Return---\n"; + echo $this->xh[$parser]['isf_reason']; + echo "---Invalid Return---\n\n"; + } + + $r = new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'],$this->xmlrpcstr['invalid_return'].' '.$this->xh[$parser]['isf_reason']); + return $r; + } + elseif ( ! is_object($this->xh[$parser]['value'])) + { + $r = new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'],$this->xmlrpcstr['invalid_return'].' '.$this->xh[$parser]['isf_reason']); + return $r; + } + + //------------------------------------- + // DISPLAY XML CONTENT for DEBUGGING + //------------------------------------- + + if ($this->debug === TRUE) + { + echo "<pre>"; + + if (count($this->xh[$parser]['headers'] > 0)) + { + echo "---HEADERS---\n"; + foreach ($this->xh[$parser]['headers'] as $header) + { + echo "$header\n"; + } + echo "---END HEADERS---\n\n"; + } + + echo "---DATA---\n" . htmlspecialchars($data) . "\n---END DATA---\n\n"; + + echo "---PARSED---\n" ; + var_dump($this->xh[$parser]['value']); + echo "\n---END PARSED---</pre>"; + } + + //------------------------------------- + // SEND RESPONSE + //------------------------------------- + + $v = $this->xh[$parser]['value']; + + if ($this->xh[$parser]['isf']) + { + $errno_v = $v->me['struct']['faultCode']; + $errstr_v = $v->me['struct']['faultString']; + $errno = $errno_v->scalarval(); + + if ($errno == 0) + { + // FAULT returned, errno needs to reflect that + $errno = -1; + } + + $r = new XML_RPC_Response($v, $errno, $errstr_v->scalarval()); + } + else + { + $r = new XML_RPC_Response($v); + } + + $r->headers = $this->xh[$parser]['headers']; + return $r; + } + + // ------------------------------------ + // Begin Return Message Parsing section + // ------------------------------------ + + // quick explanation of components: + // ac - used to accumulate values + // isf - used to indicate a fault + // lv - used to indicate "looking for a value": implements + // the logic to allow values with no types to be strings + // params - used to store parameters in method calls + // method - used to store method name + // stack - array with parent tree of the xml element, + // used to validate the nesting of elements + + //------------------------------------- + // Start Element Handler + //------------------------------------- + + function open_tag($the_parser, $name, $attrs) + { + // If invalid nesting, then return + if ($this->xh[$the_parser]['isf'] > 1) return; + + // Evaluate and check for correct nesting of XML elements + + if (count($this->xh[$the_parser]['stack']) == 0) + { + if ($name != 'METHODRESPONSE' && $name != 'METHODCALL') + { + $this->xh[$the_parser]['isf'] = 2; + $this->xh[$the_parser]['isf_reason'] = 'Top level XML-RPC element is missing'; + return; + } + } + else + { + // not top level element: see if parent is OK + if ( ! in_array($this->xh[$the_parser]['stack'][0], $this->valid_parents[$name], TRUE)) + { + $this->xh[$the_parser]['isf'] = 2; + $this->xh[$the_parser]['isf_reason'] = "XML-RPC element $name cannot be child of ".$this->xh[$the_parser]['stack'][0]; + return; + } + } + + switch($name) + { + case 'STRUCT': + case 'ARRAY': + // Creates array for child elements + + $cur_val = array('value' => array(), + 'type' => $name); + + array_unshift($this->xh[$the_parser]['valuestack'], $cur_val); + break; + case 'METHODNAME': + case 'NAME': + $this->xh[$the_parser]['ac'] = ''; + break; + case 'FAULT': + $this->xh[$the_parser]['isf'] = 1; + break; + case 'PARAM': + $this->xh[$the_parser]['value'] = null; + break; + case 'VALUE': + $this->xh[$the_parser]['vt'] = 'value'; + $this->xh[$the_parser]['ac'] = ''; + $this->xh[$the_parser]['lv'] = 1; + break; + case 'I4': + case 'INT': + case 'STRING': + case 'BOOLEAN': + case 'DOUBLE': + case 'DATETIME.ISO8601': + case 'BASE64': + if ($this->xh[$the_parser]['vt'] != 'value') + { + //two data elements inside a value: an error occurred! + $this->xh[$the_parser]['isf'] = 2; + $this->xh[$the_parser]['isf_reason'] = "'Twas a $name element following a ".$this->xh[$the_parser]['vt']." element inside a single value"; + return; + } + + $this->xh[$the_parser]['ac'] = ''; + break; + case 'MEMBER': + // Set name of <member> to nothing to prevent errors later if no <name> is found + $this->xh[$the_parser]['valuestack'][0]['name'] = ''; + + // Set NULL value to check to see if value passed for this param/member + $this->xh[$the_parser]['value'] = null; + break; + case 'DATA': + case 'METHODCALL': + case 'METHODRESPONSE': + case 'PARAMS': + // valid elements that add little to processing + break; + default: + /// An Invalid Element is Found, so we have trouble + $this->xh[$the_parser]['isf'] = 2; + $this->xh[$the_parser]['isf_reason'] = "Invalid XML-RPC element found: $name"; + break; + } + + // Add current element name to stack, to allow validation of nesting + array_unshift($this->xh[$the_parser]['stack'], $name); + + if ($name != 'VALUE') $this->xh[$the_parser]['lv'] = 0; + } + // END + + + //------------------------------------- + // End Element Handler + //------------------------------------- + + function closing_tag($the_parser, $name) + { + if ($this->xh[$the_parser]['isf'] > 1) return; + + // Remove current element from stack and set variable + // NOTE: If the XML validates, then we do not have to worry about + // the opening and closing of elements. Nesting is checked on the opening + // tag so we be safe there as well. + + $curr_elem = array_shift($this->xh[$the_parser]['stack']); + + switch($name) + { + case 'STRUCT': + case 'ARRAY': + $cur_val = array_shift($this->xh[$the_parser]['valuestack']); + $this->xh[$the_parser]['value'] = ( ! isset($cur_val['values'])) ? array() : $cur_val['values']; + $this->xh[$the_parser]['vt'] = strtolower($name); + break; + case 'NAME': + $this->xh[$the_parser]['valuestack'][0]['name'] = $this->xh[$the_parser]['ac']; + break; + case 'BOOLEAN': + case 'I4': + case 'INT': + case 'STRING': + case 'DOUBLE': + case 'DATETIME.ISO8601': + case 'BASE64': + $this->xh[$the_parser]['vt'] = strtolower($name); + + if ($name == 'STRING') + { + $this->xh[$the_parser]['value'] = $this->xh[$the_parser]['ac']; + } + elseif ($name=='DATETIME.ISO8601') + { + $this->xh[$the_parser]['vt'] = $this->xmlrpcDateTime; + $this->xh[$the_parser]['value'] = $this->xh[$the_parser]['ac']; + } + elseif ($name=='BASE64') + { + $this->xh[$the_parser]['value'] = base64_decode($this->xh[$the_parser]['ac']); + } + elseif ($name=='BOOLEAN') + { + // Translated BOOLEAN values to TRUE AND FALSE + if ($this->xh[$the_parser]['ac'] == '1') + { + $this->xh[$the_parser]['value'] = TRUE; + } + else + { + $this->xh[$the_parser]['value'] = FALSE; + } + } + elseif ($name=='DOUBLE') + { + // we have a DOUBLE + // we must check that only 0123456789-.<space> are characters here + if ( ! preg_match('/^[+-]?[eE0-9\t \.]+$/', $this->xh[$the_parser]['ac'])) + { + $this->xh[$the_parser]['value'] = 'ERROR_NON_NUMERIC_FOUND'; + } + else + { + $this->xh[$the_parser]['value'] = (double)$this->xh[$the_parser]['ac']; + } + } + else + { + // we have an I4/INT + // we must check that only 0123456789-<space> are characters here + if ( ! preg_match('/^[+-]?[0-9\t ]+$/', $this->xh[$the_parser]['ac'])) + { + $this->xh[$the_parser]['value'] = 'ERROR_NON_NUMERIC_FOUND'; + } + else + { + $this->xh[$the_parser]['value'] = (int)$this->xh[$the_parser]['ac']; + } + } + $this->xh[$the_parser]['ac'] = ''; + $this->xh[$the_parser]['lv'] = 3; // indicate we've found a value + break; + case 'VALUE': + // This if() detects if no scalar was inside <VALUE></VALUE> + if ($this->xh[$the_parser]['vt']=='value') + { + $this->xh[$the_parser]['value'] = $this->xh[$the_parser]['ac']; + $this->xh[$the_parser]['vt'] = $this->xmlrpcString; + } + + // build the XML-RPC value out of the data received, and substitute it + $temp = new XML_RPC_Values($this->xh[$the_parser]['value'], $this->xh[$the_parser]['vt']); + + if (count($this->xh[$the_parser]['valuestack']) && $this->xh[$the_parser]['valuestack'][0]['type'] == 'ARRAY') + { + // Array + $this->xh[$the_parser]['valuestack'][0]['values'][] = $temp; + } + else + { + // Struct + $this->xh[$the_parser]['value'] = $temp; + } + break; + case 'MEMBER': + $this->xh[$the_parser]['ac']=''; + + // If value add to array in the stack for the last element built + if ($this->xh[$the_parser]['value']) + { + $this->xh[$the_parser]['valuestack'][0]['values'][$this->xh[$the_parser]['valuestack'][0]['name']] = $this->xh[$the_parser]['value']; + } + break; + case 'DATA': + $this->xh[$the_parser]['ac']=''; + break; + case 'PARAM': + if ($this->xh[$the_parser]['value']) + { + $this->xh[$the_parser]['params'][] = $this->xh[$the_parser]['value']; + } + break; + case 'METHODNAME': + $this->xh[$the_parser]['method'] = ltrim($this->xh[$the_parser]['ac']); + break; + case 'PARAMS': + case 'FAULT': + case 'METHODCALL': + case 'METHORESPONSE': + // We're all good kids with nuthin' to do + break; + default: + // End of an Invalid Element. Taken care of during the opening tag though + break; + } + } + + //------------------------------------- + // Parses Character Data + //------------------------------------- + + function character_data($the_parser, $data) + { + if ($this->xh[$the_parser]['isf'] > 1) return; // XML Fault found already + + // If a value has not been found + if ($this->xh[$the_parser]['lv'] != 3) + { + if ($this->xh[$the_parser]['lv'] == 1) + { + $this->xh[$the_parser]['lv'] = 2; // Found a value + } + + if( ! @isset($this->xh[$the_parser]['ac'])) + { + $this->xh[$the_parser]['ac'] = ''; + } + + $this->xh[$the_parser]['ac'] .= $data; + } + } + + + function addParam($par) { $this->params[]=$par; } + + function output_parameters($array=FALSE) + { + $CI =& get_instance(); + + if ($array !== FALSE && is_array($array)) + { + while (list($key) = each($array)) + { + if (is_array($array[$key])) + { + $array[$key] = $this->output_parameters($array[$key]); + } + else + { + $array[$key] = $CI->input->xss_clean($array[$key]); + } + } + + $parameters = $array; + } + else + { + $parameters = array(); + + for ($i = 0; $i < count($this->params); $i++) + { + $a_param = $this->decode_message($this->params[$i]); + + if (is_array($a_param)) + { + $parameters[] = $this->output_parameters($a_param); + } + else + { + $parameters[] = $CI->input->xss_clean($a_param); + } + } + } + + return $parameters; + } + + + function decode_message($param) + { + $kind = $param->kindOf(); + + if($kind == 'scalar') + { + return $param->scalarval(); + } + elseif($kind == 'array') + { + reset($param->me); + list($a,$b) = each($param->me); + + $arr = array(); + + for($i = 0; $i < count($b); $i++) + { + $arr[] = $this->decode_message($param->me['array'][$i]); + } + + return $arr; + } + elseif($kind == 'struct') + { + reset($param->me['struct']); + + $arr = array(); + + while(list($key,$value) = each($param->me['struct'])) + { + $arr[$key] = $this->decode_message($value); + } + + return $arr; + } + } + +} // End XML_RPC_Messages class + + + +/** + * XML-RPC Values class + * + * @category XML-RPC + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + */ +class XML_RPC_Values extends CI_Xmlrpc +{ + var $me = array(); + var $mytype = 0; + + function XML_RPC_Values($val=-1, $type='') + { + parent::CI_Xmlrpc(); + + if ($val != -1 OR $type != '') + { + $type = $type == '' ? 'string' : $type; + + if ($this->xmlrpcTypes[$type] == 1) + { + $this->addScalar($val,$type); + } + elseif ($this->xmlrpcTypes[$type] == 2) + { + $this->addArray($val); + } + elseif ($this->xmlrpcTypes[$type] == 3) + { + $this->addStruct($val); + } + } + } + + function addScalar($val, $type='string') + { + $typeof = $this->xmlrpcTypes[$type]; + + if ($this->mytype==1) + { + echo '<strong>XML_RPC_Values</strong>: scalar can have only one value<br />'; + return 0; + } + + if ($typeof != 1) + { + echo '<strong>XML_RPC_Values</strong>: not a scalar type (${typeof})<br />'; + return 0; + } + + if ($type == $this->xmlrpcBoolean) + { + if (strcasecmp($val,'true')==0 OR $val==1 OR ($val==true && strcasecmp($val,'false'))) + { + $val = 1; + } + else + { + $val=0; + } + } + + if ($this->mytype == 2) + { + // adding to an array here + $ar = $this->me['array']; + $ar[] = new XML_RPC_Values($val, $type); + $this->me['array'] = $ar; + } + else + { + // a scalar, so set the value and remember we're scalar + $this->me[$type] = $val; + $this->mytype = $typeof; + } + return 1; + } + + function addArray($vals) + { + if ($this->mytype != 0) + { + echo '<strong>XML_RPC_Values</strong>: already initialized as a [' . $this->kindOf() . ']<br />'; + return 0; + } + + $this->mytype = $this->xmlrpcTypes['array']; + $this->me['array'] = $vals; + return 1; + } + + function addStruct($vals) + { + if ($this->mytype != 0) + { + echo '<strong>XML_RPC_Values</strong>: already initialized as a [' . $this->kindOf() . ']<br />'; + return 0; + } + $this->mytype = $this->xmlrpcTypes['struct']; + $this->me['struct'] = $vals; + return 1; + } + + function kindOf() + { + switch($this->mytype) + { + case 3: + return 'struct'; + break; + case 2: + return 'array'; + break; + case 1: + return 'scalar'; + break; + default: + return 'undef'; + } + } + + function serializedata($typ, $val) + { + $rs = ''; + + switch($this->xmlrpcTypes[$typ]) + { + case 3: + // struct + $rs .= "<struct>\n"; + reset($val); + while(list($key2, $val2) = each($val)) + { + $rs .= "<member>\n<name>{$key2}</name>\n"; + $rs .= $this->serializeval($val2); + $rs .= "</member>\n"; + } + $rs .= '</struct>'; + break; + case 2: + // array + $rs .= "<array>\n<data>\n"; + for($i=0; $i < count($val); $i++) + { + $rs .= $this->serializeval($val[$i]); + } + $rs.="</data>\n</array>\n"; + break; + case 1: + // others + switch ($typ) + { + case $this->xmlrpcBase64: + $rs .= "<{$typ}>" . base64_encode((string)$val) . "</{$typ}>\n"; + break; + case $this->xmlrpcBoolean: + $rs .= "<{$typ}>" . ((bool)$val ? '1' : '0') . "</{$typ}>\n"; + break; + case $this->xmlrpcString: + $rs .= "<{$typ}>" . htmlspecialchars((string)$val). "</{$typ}>\n"; + break; + default: + $rs .= "<{$typ}>{$val}</{$typ}>\n"; + break; + } + default: + break; + } + return $rs; + } + + function serialize_class() + { + return $this->serializeval($this); + } + + function serializeval($o) + { + $ar = $o->me; + reset($ar); + + list($typ, $val) = each($ar); + $rs = "<value>\n".$this->serializedata($typ, $val)."</value>\n"; + return $rs; + } + + function scalarval() + { + reset($this->me); + list($a,$b) = each($this->me); + return $b; + } + + + //------------------------------------- + // Encode time in ISO-8601 form. + //------------------------------------- + + // Useful for sending time in XML-RPC + + function iso8601_encode($time, $utc=0) + { + if ($utc == 1) + { + $t = strftime("%Y%m%dT%H:%M:%S", $time); + } + else + { + if (function_exists('gmstrftime')) + $t = gmstrftime("%Y%m%dT%H:%M:%S", $time); + else + $t = strftime("%Y%m%dT%H:%M:%S", $time - date('Z')); + } + return $t; + } + +} +// END XML_RPC_Values Class + +/* End of file Xmlrpc.php */ +/* Location: ./system/libraries/Xmlrpc.php */
\ No newline at end of file diff --git a/system/libraries/Xmlrpcs.php b/system/libraries/Xmlrpcs.php new file mode 100644 index 000000000..c7daa600f --- /dev/null +++ b/system/libraries/Xmlrpcs.php @@ -0,0 +1,536 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +if ( ! function_exists('xml_parser_create')) +{ + show_error('Your PHP installation does not support XML'); +} + +if ( ! class_exists('CI_Xmlrpc')) +{ + show_error('You must load the Xmlrpc class before loading the Xmlrpcs class in order to create a server.'); +} + +// ------------------------------------------------------------------------ + +/** + * XML-RPC server class + * + * @package CodeIgniter + * @subpackage Libraries + * @category XML-RPC + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/xmlrpc.html + */ +class CI_Xmlrpcs extends CI_Xmlrpc +{ + var $methods = array(); //array of methods mapped to function names and signatures + var $debug_msg = ''; // Debug Message + var $system_methods = array(); // XML RPC Server methods + var $controller_obj; + + var $object = FALSE; + + + //------------------------------------- + // Constructor, more or less + //------------------------------------- + + function CI_Xmlrpcs($config=array()) + { + parent::CI_Xmlrpc(); + $this->set_system_methods(); + + if (isset($config['functions']) && is_array($config['functions'])) + { + $this->methods = array_merge($this->methods, $config['functions']); + } + + log_message('debug', "XML-RPC Server Class Initialized"); + } + + //------------------------------------- + // Initialize Prefs and Serve + //------------------------------------- + + function initialize($config=array()) + { + if (isset($config['functions']) && is_array($config['functions'])) + { + $this->methods = array_merge($this->methods, $config['functions']); + } + + if (isset($config['debug'])) + { + $this->debug = $config['debug']; + } + + if (isset($config['object']) && is_object($config['object'])) + { + $this->object = $config['object']; + } + } + + //------------------------------------- + // Setting of System Methods + //------------------------------------- + + function set_system_methods () + { + $this->methods = array( + 'system.listMethods' => array( + 'function' => 'this.listMethods', + 'signature' => array(array($this->xmlrpcArray, $this->xmlrpcString), array($this->xmlrpcArray)), + 'docstring' => 'Returns an array of available methods on this server'), + 'system.methodHelp' => array( + 'function' => 'this.methodHelp', + 'signature' => array(array($this->xmlrpcString, $this->xmlrpcString)), + 'docstring' => 'Returns a documentation string for the specified method'), + 'system.methodSignature' => array( + 'function' => 'this.methodSignature', + 'signature' => array(array($this->xmlrpcArray, $this->xmlrpcString)), + 'docstring' => 'Returns an array describing the return type and required parameters of a method'), + 'system.multicall' => array( + 'function' => 'this.multicall', + 'signature' => array(array($this->xmlrpcArray, $this->xmlrpcArray)), + 'docstring' => 'Combine multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details') + ); + } + + + //------------------------------------- + // Main Server Function + //------------------------------------- + + function serve() + { + $r = $this->parseRequest(); + $payload = '<?xml version="1.0" encoding="'.$this->xmlrpc_defencoding.'"?'.'>'."\n"; + $payload .= $this->debug_msg; + $payload .= $r->prepare_response(); + + header("Content-Type: text/xml"); + header("Content-Length: ".strlen($payload)); + exit($payload); + } + + //------------------------------------- + // Add Method to Class + //------------------------------------- + + function add_to_map($methodname,$function,$sig,$doc) + { + $this->methods[$methodname] = array( + 'function' => $function, + 'signature' => $sig, + 'docstring' => $doc + ); + } + + + //------------------------------------- + // Parse Server Request + //------------------------------------- + + function parseRequest($data='') + { + global $HTTP_RAW_POST_DATA; + + //------------------------------------- + // Get Data + //------------------------------------- + + if ($data == '') + { + $data = $HTTP_RAW_POST_DATA; + } + + //------------------------------------- + // Set up XML Parser + //------------------------------------- + + $parser = xml_parser_create($this->xmlrpc_defencoding); + $parser_object = new XML_RPC_Message("filler"); + + $parser_object->xh[$parser] = array(); + $parser_object->xh[$parser]['isf'] = 0; + $parser_object->xh[$parser]['isf_reason'] = ''; + $parser_object->xh[$parser]['params'] = array(); + $parser_object->xh[$parser]['stack'] = array(); + $parser_object->xh[$parser]['valuestack'] = array(); + $parser_object->xh[$parser]['method'] = ''; + + xml_set_object($parser, $parser_object); + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); + xml_set_element_handler($parser, 'open_tag', 'closing_tag'); + xml_set_character_data_handler($parser, 'character_data'); + //xml_set_default_handler($parser, 'default_handler'); + + + //------------------------------------- + // PARSE + PROCESS XML DATA + //------------------------------------- + + if ( ! xml_parse($parser, $data, 1)) + { + // return XML error as a faultCode + $r = new XML_RPC_Response(0, + $this->xmlrpcerrxml + xml_get_error_code($parser), + sprintf('XML error: %s at line %d', + xml_error_string(xml_get_error_code($parser)), + xml_get_current_line_number($parser))); + xml_parser_free($parser); + } + elseif($parser_object->xh[$parser]['isf']) + { + return new XML_RPC_Response(0, $this->xmlrpcerr['invalid_return'], $this->xmlrpcstr['invalid_return']); + } + else + { + xml_parser_free($parser); + + $m = new XML_RPC_Message($parser_object->xh[$parser]['method']); + $plist=''; + + for($i=0; $i < count($parser_object->xh[$parser]['params']); $i++) + { + if ($this->debug === TRUE) + { + $plist .= "$i - " . print_r(get_object_vars($parser_object->xh[$parser]['params'][$i]), TRUE). ";\n"; + } + + $m->addParam($parser_object->xh[$parser]['params'][$i]); + } + + if ($this->debug === TRUE) + { + echo "<pre>"; + echo "---PLIST---\n" . $plist . "\n---PLIST END---\n\n"; + echo "</pre>"; + } + + $r = $this->_execute($m); + } + + //------------------------------------- + // SET DEBUGGING MESSAGE + //------------------------------------- + + if ($this->debug === TRUE) + { + $this->debug_msg = "<!-- DEBUG INFO:\n\n".$plist."\n END DEBUG-->\n"; + } + + return $r; + } + + //------------------------------------- + // Executes the Method + //------------------------------------- + + function _execute($m) + { + $methName = $m->method_name; + + // Check to see if it is a system call + $system_call = (strncmp($methName, 'system', 5) == 0) ? TRUE : FALSE; + + //------------------------------------- + // Valid Method + //------------------------------------- + + if ( ! isset($this->methods[$methName]['function'])) + { + return new XML_RPC_Response(0, $this->xmlrpcerr['unknown_method'], $this->xmlrpcstr['unknown_method']); + } + + //------------------------------------- + // Check for Method (and Object) + //------------------------------------- + + $method_parts = explode(".", $this->methods[$methName]['function']); + $objectCall = (isset($method_parts['1']) && $method_parts['1'] != "") ? TRUE : FALSE; + + if ($system_call === TRUE) + { + if ( ! is_callable(array($this,$method_parts['1']))) + { + return new XML_RPC_Response(0, $this->xmlrpcerr['unknown_method'], $this->xmlrpcstr['unknown_method']); + } + } + else + { + if ($objectCall && ! is_callable(array($method_parts['0'],$method_parts['1']))) + { + return new XML_RPC_Response(0, $this->xmlrpcerr['unknown_method'], $this->xmlrpcstr['unknown_method']); + } + elseif ( ! $objectCall && ! is_callable($this->methods[$methName]['function'])) + { + return new XML_RPC_Response(0, $this->xmlrpcerr['unknown_method'], $this->xmlrpcstr['unknown_method']); + } + } + + //------------------------------------- + // Checking Methods Signature + //------------------------------------- + + if (isset($this->methods[$methName]['signature'])) + { + $sig = $this->methods[$methName]['signature']; + for($i=0; $i<count($sig); $i++) + { + $current_sig = $sig[$i]; + + if (count($current_sig) == count($m->params)+1) + { + for($n=0; $n < count($m->params); $n++) + { + $p = $m->params[$n]; + $pt = ($p->kindOf() == 'scalar') ? $p->scalarval() : $p->kindOf(); + + if ($pt != $current_sig[$n+1]) + { + $pno = $n+1; + $wanted = $current_sig[$n+1]; + + return new XML_RPC_Response(0, + $this->xmlrpcerr['incorrect_params'], + $this->xmlrpcstr['incorrect_params'] . + ": Wanted {$wanted}, got {$pt} at param {$pno})"); + } + } + } + } + } + + //------------------------------------- + // Calls the Function + //------------------------------------- + + if ($objectCall === TRUE) + { + if ($method_parts[0] == "this" && $system_call == TRUE) + { + return call_user_func(array($this, $method_parts[1]), $m); + } + else + { + if ($this->object === FALSE) + { + $CI =& get_instance(); + return $CI->$method_parts['1']($m); + } + else + { + return $this->object->$method_parts['1']($m); + //return call_user_func(array(&$method_parts['0'],$method_parts['1']), $m); + } + } + } + else + { + return call_user_func($this->methods[$methName]['function'], $m); + } + } + + + //------------------------------------- + // Server Function: List Methods + //------------------------------------- + + function listMethods($m) + { + $v = new XML_RPC_Values(); + $output = array(); + + foreach($this->methods as $key => $value) + { + $output[] = new XML_RPC_Values($key, 'string'); + } + + foreach($this->system_methods as $key => $value) + { + $output[]= new XML_RPC_Values($key, 'string'); + } + + $v->addArray($output); + return new XML_RPC_Response($v); + } + + //------------------------------------- + // Server Function: Return Signature for Method + //------------------------------------- + + function methodSignature($m) + { + $parameters = $m->output_parameters(); + $method_name = $parameters[0]; + + if (isset($this->methods[$method_name])) + { + if ($this->methods[$method_name]['signature']) + { + $sigs = array(); + $signature = $this->methods[$method_name]['signature']; + + for($i=0; $i < count($signature); $i++) + { + $cursig = array(); + $inSig = $signature[$i]; + for($j=0; $j<count($inSig); $j++) + { + $cursig[]= new XML_RPC_Values($inSig[$j], 'string'); + } + $sigs[]= new XML_RPC_Values($cursig, 'array'); + } + $r = new XML_RPC_Response(new XML_RPC_Values($sigs, 'array')); + } + else + { + $r = new XML_RPC_Response(new XML_RPC_Values('undef', 'string')); + } + } + else + { + $r = new XML_RPC_Response(0,$this->xmlrpcerr['introspect_unknown'], $this->xmlrpcstr['introspect_unknown']); + } + return $r; + } + + //------------------------------------- + // Server Function: Doc String for Method + //------------------------------------- + + function methodHelp($m) + { + $parameters = $m->output_parameters(); + $method_name = $parameters[0]; + + if (isset($this->methods[$method_name])) + { + $docstring = isset($this->methods[$method_name]['docstring']) ? $this->methods[$method_name]['docstring'] : ''; + + return new XML_RPC_Response(new XML_RPC_Values($docstring, 'string')); + } + else + { + return new XML_RPC_Response(0, $this->xmlrpcerr['introspect_unknown'], $this->xmlrpcstr['introspect_unknown']); + } + } + + //------------------------------------- + // Server Function: Multi-call + //------------------------------------- + + function multicall($m) + { + // Disabled + return new XML_RPC_Response(0, $this->xmlrpcerr['unknown_method'], $this->xmlrpcstr['unknown_method']); + + $parameters = $m->output_parameters(); + $calls = $parameters[0]; + + $result = array(); + + foreach ($calls as $value) + { + //$attempt = $this->_execute(new XML_RPC_Message($value[0], $value[1])); + + $m = new XML_RPC_Message($value[0]); + $plist=''; + + for($i=0; $i < count($value[1]); $i++) + { + $m->addParam(new XML_RPC_Values($value[1][$i], 'string')); + } + + $attempt = $this->_execute($m); + + if ($attempt->faultCode() != 0) + { + return $attempt; + } + + $result[] = new XML_RPC_Values(array($attempt->value()), 'array'); + } + + return new XML_RPC_Response(new XML_RPC_Values($result, 'array')); + } + + + //------------------------------------- + // Multi-call Function: Error Handling + //------------------------------------- + + function multicall_error($err) + { + $str = is_string($err) ? $this->xmlrpcstr["multicall_${err}"] : $err->faultString(); + $code = is_string($err) ? $this->xmlrpcerr["multicall_${err}"] : $err->faultCode(); + + $struct['faultCode'] = new XML_RPC_Values($code, 'int'); + $struct['faultString'] = new XML_RPC_Values($str, 'string'); + + return new XML_RPC_Values($struct, 'struct'); + } + + + //------------------------------------- + // Multi-call Function: Processes method + //------------------------------------- + + function do_multicall($call) + { + if ($call->kindOf() != 'struct') + return $this->multicall_error('notstruct'); + elseif ( ! $methName = $call->me['struct']['methodName']) + return $this->multicall_error('nomethod'); + + list($scalar_type,$scalar_value)=each($methName->me); + $scalar_type = $scalar_type == $this->xmlrpcI4 ? $this->xmlrpcInt : $scalar_type; + + if ($methName->kindOf() != 'scalar' OR $scalar_type != 'string') + return $this->multicall_error('notstring'); + elseif ($scalar_value == 'system.multicall') + return $this->multicall_error('recursion'); + elseif ( ! $params = $call->me['struct']['params']) + return $this->multicall_error('noparams'); + elseif ($params->kindOf() != 'array') + return $this->multicall_error('notarray'); + + list($a,$b)=each($params->me); + $numParams = count($b); + + $msg = new XML_RPC_Message($scalar_value); + for ($i = 0; $i < $numParams; $i++) + { + $msg->params[] = $params->me['array'][$i]; + } + + $result = $this->_execute($msg); + + if ($result->faultCode() != 0) + { + return $this->multicall_error($result); + } + + return new XML_RPC_Values(array($result->value()), 'array'); + } + +} +// END XML_RPC_Server class + + +/* End of file Xmlrpcs.php */ +/* Location: ./system/libraries/Xmlrpcs.php */
\ No newline at end of file diff --git a/system/libraries/Zip.php b/system/libraries/Zip.php new file mode 100644 index 000000000..f81da856c --- /dev/null +++ b/system/libraries/Zip.php @@ -0,0 +1,359 @@ +<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +/** + * CodeIgniter + * + * An open source application development framework for PHP 4.3.2 or newer + * + * @package CodeIgniter + * @author ExpressionEngine Dev Team + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com + * @since Version 1.0 + * @filesource + */ + +// ------------------------------------------------------------------------ + +/** + * Zip Compression Class + * + * This class is based on a library I found at Zend: + * http://www.zend.com/codex.php?id=696&single=1 + * + * The original library is a little rough around the edges so I + * refactored it and added several additional methods -- Rick Ellis + * + * @package CodeIgniter + * @subpackage Libraries + * @category Encryption + * @author ExpressionEngine Dev Team + * @link http://codeigniter.com/user_guide/libraries/zip.html + */ +class CI_Zip { + + var $zipdata = ''; + var $directory = ''; + var $entries = 0; + var $file_num = 0; + var $offset = 0; + + function CI_Zip() + { + log_message('debug', "Zip Compression Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Add Directory + * + * Lets you add a virtual directory into which you can place files. + * + * @access public + * @param mixed the directory name. Can be string or array + * @return void + */ + function add_dir($directory) + { + foreach ((array)$directory as $dir) + { + if ( ! preg_match("|.+/$|", $dir)) + { + $dir .= '/'; + } + + $this->_add_dir($dir); + } + } + + // -------------------------------------------------------------------- + + /** + * Add Directory + * + * @access private + * @param string the directory name + * @return void + */ + function _add_dir($dir) + { + $dir = str_replace("\\", "/", $dir); + + $this->zipdata .= + "\x50\x4b\x03\x04\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00" + .pack('V', 0) // crc32 + .pack('V', 0) // compressed filesize + .pack('V', 0) // uncompressed filesize + .pack('v', strlen($dir)) // length of pathname + .pack('v', 0) // extra field length + .$dir + // below is "data descriptor" segment + .pack('V', 0) // crc32 + .pack('V', 0) // compressed filesize + .pack('V', 0); // uncompressed filesize + + $this->directory .= + "\x50\x4b\x01\x02\x00\x00\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00" + .pack('V',0) // crc32 + .pack('V',0) // compressed filesize + .pack('V',0) // uncompressed filesize + .pack('v', strlen($dir)) // length of pathname + .pack('v', 0) // extra field length + .pack('v', 0) // file comment length + .pack('v', 0) // disk number start + .pack('v', 0) // internal file attributes + .pack('V', 16) // external file attributes - 'directory' bit set + .pack('V', $this->offset) // relative offset of local header + .$dir; + + $this->offset = strlen($this->zipdata); + $this->entries++; + } + + // -------------------------------------------------------------------- + + /** + * Add Data to Zip + * + * Lets you add files to the archive. If the path is included + * in the filename it will be placed within a directory. Make + * sure you use add_dir() first to create the folder. + * + * @access public + * @param mixed + * @param string + * @return void + */ + function add_data($filepath, $data = NULL) + { + if (is_array($filepath)) + { + foreach ($filepath as $path => $data) + { + $this->_add_data($path, $data); + } + } + else + { + $this->_add_data($filepath, $data); + } + } + + // -------------------------------------------------------------------- + + /** + * Add Data to Zip + * + * @access private + * @param string the file name/path + * @param string the data to be encoded + * @return void + */ + function _add_data($filepath, $data) + { + $filepath = str_replace("\\", "/", $filepath); + + $uncompressed_size = strlen($data); + $crc32 = crc32($data); + + $gzdata = gzcompress($data); + $gzdata = substr($gzdata, 2, -4); + $compressed_size = strlen($gzdata); + + $this->zipdata .= + "\x50\x4b\x03\x04\x14\x00\x00\x00\x08\x00\x00\x00\x00\x00" + .pack('V', $crc32) + .pack('V', $compressed_size) + .pack('V', $uncompressed_size) + .pack('v', strlen($filepath)) // length of filename + .pack('v', 0) // extra field length + .$filepath + .$gzdata; // "file data" segment + + $this->directory .= + "\x50\x4b\x01\x02\x00\x00\x14\x00\x00\x00\x08\x00\x00\x00\x00\x00" + .pack('V', $crc32) + .pack('V', $compressed_size) + .pack('V', $uncompressed_size) + .pack('v', strlen($filepath)) // length of filename + .pack('v', 0) // extra field length + .pack('v', 0) // file comment length + .pack('v', 0) // disk number start + .pack('v', 0) // internal file attributes + .pack('V', 32) // external file attributes - 'archive' bit set + .pack('V', $this->offset) // relative offset of local header + .$filepath; + + $this->offset = strlen($this->zipdata); + $this->entries++; + $this->file_num++; + } + + // -------------------------------------------------------------------- + + /** + * Read the contents of a file and add it to the zip + * + * @access public + * @return bool + */ + function read_file($path, $preserve_filepath = FALSE) + { + if ( ! file_exists($path)) + { + return FALSE; + } + + if (FALSE !== ($data = file_get_contents($path))) + { + $name = str_replace("\\", "/", $path); + + if ($preserve_filepath === FALSE) + { + $name = preg_replace("|.*/(.+)|", "\\1", $name); + } + + $this->add_data($name, $data); + return TRUE; + } + return FALSE; + } + + // ------------------------------------------------------------------------ + + /** + * Read a directory and add it to the zip. + * + * This function recursively reads a folder and everything it contains (including + * sub-folders) and creates a zip based on it. Whatever directory structure + * is in the original file path will be recreated in the zip file. + * + * @access public + * @param string path to source + * @return bool + */ + function read_dir($path) + { + if ($fp = @opendir($path)) + { + while (FALSE !== ($file = readdir($fp))) + { + if (@is_dir($path.$file) && substr($file, 0, 1) != '.') + { + $this->read_dir($path.$file."/"); + } + elseif (substr($file, 0, 1) != ".") + { + if (FALSE !== ($data = file_get_contents($path.$file))) + { + $this->add_data(str_replace("\\", "/", $path).$file, $data); + } + } + } + return TRUE; + } + } + + // -------------------------------------------------------------------- + + /** + * Get the Zip file + * + * @access public + * @return binary string + */ + function get_zip() + { + // Is there any data to return? + if ($this->entries == 0) + { + return FALSE; + } + + $zip_data = $this->zipdata; + $zip_data .= $this->directory."\x50\x4b\x05\x06\x00\x00\x00\x00"; + $zip_data .= pack('v', $this->entries); // total # of entries "on this disk" + $zip_data .= pack('v', $this->entries); // total # of entries overall + $zip_data .= pack('V', strlen($this->directory)); // size of central dir + $zip_data .= pack('V', strlen($this->zipdata)); // offset to start of central dir + $zip_data .= "\x00\x00"; // .zip file comment length + + return $zip_data; + } + + // -------------------------------------------------------------------- + + /** + * Write File to the specified directory + * + * Lets you write a file + * + * @access public + * @param string the file name + * @return bool + */ + function archive($filepath) + { + if ( ! ($fp = @fopen($filepath, FOPEN_WRITE_CREATE_DESTRUCTIVE))) + { + return FALSE; + } + + flock($fp, LOCK_EX); + fwrite($fp, $this->get_zip()); + flock($fp, LOCK_UN); + fclose($fp); + + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Download + * + * @access public + * @param string the file name + * @param string the data to be encoded + * @return bool + */ + function download($filename = 'backup.zip') + { + if ( ! preg_match("|.+?\.zip$|", $filename)) + { + $filename .= '.zip'; + } + + $zip_content =& $this->get_zip(); + + $CI =& get_instance(); + $CI->load->helper('download'); + + force_download($filename, $zip_content); + } + + // -------------------------------------------------------------------- + + /** + * Initialize Data + * + * Lets you clear current zip data. Useful if you need to create + * multiple zips with different data. + * + * @access public + * @return void + */ + function clear_data() + { + $this->zipdata = ''; + $this->directory = ''; + $this->entries = 0; + $this->file_num = 0; + $this->offset = 0; + } + +} + +/* End of file Zip.php */ +/* Location: ./system/libraries/Zip.php */
\ No newline at end of file diff --git a/system/libraries/index.html b/system/libraries/index.html new file mode 100644 index 000000000..c942a79ce --- /dev/null +++ b/system/libraries/index.html @@ -0,0 +1,10 @@ +<html> +<head> + <title>403 Forbidden</title> +</head> +<body> + +<p>Directory access is forbidden.</p> + +</body> +</html>
\ No newline at end of file |