From 07f5140771388c9e0c8a99b0dd2e5d950bdb173b Mon Sep 17 00:00:00 2001 From: Yuchen Pei Date: Thu, 14 Oct 2021 15:16:42 +1100 Subject: moving h-source subdir out. --- Library/Functions.php | 304 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 304 insertions(+) create mode 100755 Library/Functions.php (limited to 'Library/Functions.php') diff --git a/Library/Functions.php b/Library/Functions.php new file mode 100755 index 0000000..e0e77bf --- /dev/null +++ b/Library/Functions.php @@ -0,0 +1,304 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + + +/* + SANITIZE FUNCTIONS +*/ + +function none($string) { + return $string; +} + +function forceInt($string) { + return (int)$string; +} + +function forceNat($string) +{ + $string = (int)$string; + if ($string <= 0) return 1; + return $string; +} + +function sanitizeDb($stringa) { + + if (DATABASE_TYPE === 'Mysql') + { + $stringa = mysql_real_escape_string($stringa); + return $stringa; + } + + if (DATABASE_TYPE === 'Mysqli') + { + $mysqli = Db_Mysqli::getInstance(); + $db = $mysqli->getDb(); + $stringa = $db->real_escape_string($stringa); + return $stringa; + } + + return $stringa; +} + +function sanitizeAll($stringa) { + + $stringa=sanitizeHtml($stringa); + $stringa=sanitizeDb($stringa); + return $stringa; + +} + +function sanitizeHtml($stringa) { + + $charset = Params::$htmlentititiesCharset; + $stringa=htmlentities($stringa,ENT_QUOTES,$charset); + return $stringa; + +} + +//check if only alphabetic + optional characters are present in the string $string. Set $string to $altString if other characters are found +//$optChar: allowed characters divided by '|' Ex: '+|-|;' +function sanitizeCustom($string,$optChar,$altString = 'EasyGiant') +{ + + $optChar = html_entity_decode($optChar,ENT_QUOTES); + $optCharArray = explode('|',$optChar); + $temp = $string; + foreach($optCharArray as $char) + { + $temp = str_replace($char,null,$temp); + } + if (ctype_alnum($temp)) + { + return $string; + } + else + { + return $altString; + } +} + + + + +/* +SANITIZE DEEP +*/ + +function stripslashesDeep($value) { + return $value; +} + + +function sanitizeHtmlDeep($value) { + return array_map('sanitizeHtml', $value); +} + + +function sanitizeDbDeep($value) { + return array_map('sanitizeDb', $value); +} + + +function sanitizeCustomDeep($stringArray,$optChar,$altString = 'EasyGiant') +{ + $result = array(); + foreach ($stringArray as $key => $value) + { + $result[$key] = sanitizeCustom($value,$optChar,$altString); + } + return $result; +} + + +function sanitizeAllDeep($value) { + return array_map('sanitizeAll', $value); +} + + +function forceIntDeep($value) { + return array_map('forceInt', $value); +} + +function forceNatDeep($value) { + return array_map('forceNat', $value); +} + +function noneDeep($value) { + return array_map('none', $value); +} + + +function md5Deep($value) +{ + return array_map('md5', $value); +} + +function sha1Deep($value) +{ + return array_map('sha1', $value); +} + + + + + + + +function sanitizeAlnum($string) +{ + return ctype_alnum($string) ? sanitizeAll($string) : ''; +} + + +function sanitizeIp($ip) +{ + return preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/',$ip) ? sanitizeAll($ip) : ''; +} + + +/* + CHECK FUNCTIONS +*/ + +//check if a string has the mail format (abc.efg@hij.klm.on) +//modification of the rule found at http://www.sastgroup.com/tutorials/8-espressioni-regolari-per-validare-un-po-di-tutto +//original rule: /^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/ +function checkMail($string) +{ + if (preg_match('/^[a-zA-Z0-9_\-]+([.][a-zA-Z0-9_\-]+){0,2}[@][a-zA-Z0-9_\-]+([.][a-zA-Z0-9_\-]+){0,2}[.][a-zA-Z]{2,4}$/',$string)) + { + return true; + } + else + { + return false; + } +} + + + +function wrap($string,$tag_class) {#wrap the string with the tag and its class + #$tag_class has to be an associative array (tag1=>class1,$tag2=>class2,.. )!! + $str_front=null; + $str_rear=null; + if (is_array($tag_class)) { + foreach ($tag_class as $tag => $class) { + $tag = str_replace('+','',$tag); + if (!is_array($class)) + { + $str_class=isset($class) ? " class=\"".$class."\"" : null; + } + else + { + $str_class = null; + foreach ($class as $attr => $val) + { + $str_class .= " ".$attr."='".$val."' "; + } + } + $str_front.="<".$tag.$str_class.">\n"; + $str_rear.="\n"; + } + } + return $str_front.$string.$str_rear; +} + +//generate a random password +//$start: start number of mt_rand +//$end: end number of mt_rand +function randString($length,$start = 33, $end = 126) +{ + $random = ''; + for ($i = 0; $i < $length; $i++) + { + $random .= chr(mt_rand($start, $end)); + } + return $random; +} + +//generate a random string +//$charNumb:number of characters of the final string +//$allowedChars: allowed characters +function generateString($charNumb = 8,$allowedChars = '0123456789abcdefghijklmnopqrstuvwxyz') +{ + $str = null; + for ($i = 0; $i < $charNumb; $i++) + { + $str .= substr($allowedChars, mt_rand(0, strlen($allowedChars)-1), 1); + } + return $str; +} + + +function getIp() +{ + $ip = ""; + + if (isset($_SERVER)) + { + if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) + { + $ip = sanitizeIp($_SERVER["HTTP_X_FORWARDED_FOR"]); + } else if (!empty($_SERVER["HTTP_CLIENT_IP"])) { + $ip = sanitizeIp($_SERVER["HTTP_CLIENT_IP"]); + } else { + $ip = sanitizeIp($_SERVER["REMOTE_ADDR"]); + } + } else { + if ( getenv( 'HTTP_X_FORWARDED_FOR' ) !== false ) { + $ip = sanitizeIp(getenv( 'HTTP_X_FORWARDED_FOR' )); + } else if ( getenv( 'HTTP_CLIENT_IP' ) !== false ) { + $ip = sanitizeIp(getenv( 'HTTP_CLIENT_IP' )); + } else { + $ip = sanitizeIp(getenv( 'REMOTE_ADDR' )); + } + } + return $ip; +} + + + +function getUserAgent() { + if (isset($_SERVER['HTTP_USER_AGENT'])) + { + return md5($_SERVER['HTTP_USER_AGENT']); + } + else + { + return md5('firefox'); + } +} + + +function xml_encode($string) +{ + $trans = get_html_translation_table(HTML_ENTITIES, ENT_QUOTES); + foreach ($trans as $k=>$v) + { + $trans[$k]= "&#".ord($k).";"; + } + + return strtr($string, $trans); +} -- cgit v1.2.3