From 3ff03dc4f0a72432b34c00da620272cf011e4ddd Mon Sep 17 00:00:00 2001 From: Yuchen Pei Date: Thu, 29 Jul 2021 14:17:20 +1000 Subject: Publishing h-node.org code. - this is the h-node.org code, except - removed a js file (3x copies at three different locations) without license / copyright headers - /Js/linkToForm.js - /Public/Js/linkToForm.js - /admin/Public/Js/linkToForm.js - removed config files containing credentials - /Application/Include/params.php - /Config/Config.php - /admin/Application/Include/params.php - /admin/Config/Config.php - added license and copyright header to one php file - /admin/Library/ErrorReporting.php (almost identical to /Library/ErrorReporting.php which has the headers) --- h-source/admin/Library/Functions.php | 279 +++++++++++++++++++++++++++++++++++ 1 file changed, 279 insertions(+) create mode 100755 h-source/admin/Library/Functions.php (limited to 'h-source/admin/Library/Functions.php') diff --git a/h-source/admin/Library/Functions.php b/h-source/admin/Library/Functions.php new file mode 100755 index 0000000..414770f --- /dev/null +++ b/h-source/admin/Library/Functions.php @@ -0,0 +1,279 @@ +getDb(); + $stringa = $db->real_escape_string($stringa); + return $stringa; + } + + return $stringa; +} + +function sanitizeAll($stringa) { + + $stringa=sanitizeHtml($stringa); + $stringa=sanitizeDb($stringa); + return $stringa; + +} + +function sanitizeHtml($stringa) { + + $charset = Params::$htmlentititiesCharset; + $stringa=htmlentities($stringa,ENT_QUOTES,$charset); + return $stringa; + +} + +//check if only alphabetic + optional characters are present in the string $string. Set $string to $altString if other characters are found +//$optChar: allowed characters divided by '|' Ex: '+|-|;' +function sanitizeCustom($string,$optChar,$altString = 'EasyGiant') +{ + + $optChar = html_entity_decode($optChar,ENT_QUOTES); + $optCharArray = explode('|',$optChar); + $temp = $string; + foreach($optCharArray as $char) + { + $temp = str_replace($char,null,$temp); + } + if (ctype_alnum($temp)) + { + return $string; + } + else + { + return $altString; + } +} + + + + +/* +SANITIZE DEEP +*/ + +function stripslashesDeep($value) { + if(get_magic_quotes_gpc()) {#if stripslashes + return array_map('stripslashes', $value); + } + return $value; +} + + +function sanitizeHtmlDeep($value) { + return array_map('sanitizeHtml', $value); +} + + +function sanitizeDbDeep($value) { + return array_map('sanitizeDb', $value); +} + + +function sanitizeCustomDeep($stringArray,$optChar,$altString = 'EasyGiant') +{ + $result = array(); + foreach ($stringArray as $key => $value) + { + $result[$key] = sanitizeCustom($value,$optChar,$altString); + } + return $result; +} + + +function sanitizeAllDeep($value) { + return array_map('sanitizeAll', $value); +} + + +function forceIntDeep($value) { + return array_map('forceInt', $value); +} + +function forceNatDeep($value) { + return array_map('forceNat', $value); +} + +function noneDeep($value) { + return array_map('none', $value); +} + + +function md5Deep($value) +{ + return array_map('md5', $value); +} + +function sha1Deep($value) +{ + return array_map('sha1', $value); +} + + + + + + + +function sanitizeAlnum($string) +{ + return ctype_alnum($string) ? sanitizeAll($string) : ''; +} + + +function sanitizeIp($ip) +{ + return preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/',$ip) ? sanitizeAll($ip) : ''; +} + + +/* + CHECK FUNCTIONS +*/ + +//check if a string has the mail format (abc.efg@hij.klm.on) +//modification of the rule found at http://www.sastgroup.com/tutorials/8-espressioni-regolari-per-validare-un-po-di-tutto +//original rule: /^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/ +function checkMail($string) +{ + if (preg_match('/^[a-zA-Z0-9_\-]+([.][a-zA-Z0-9_\-]+){0,2}[@][a-zA-Z0-9_\-]+([.][a-zA-Z0-9_\-]+){0,2}[.][a-zA-Z]{2,4}$/',$string)) + { + return true; + } + else + { + return false; + } +} + + + +function wrap($string,$tag_class) {#wrap the string with the tag and its class + #$tag_class has to be an associative array (tag1=>class1,$tag2=>class2,.. )!! + $str_front=null; + $str_rear=null; + if (is_array($tag_class)) { + foreach ($tag_class as $tag => $class) { + $tag = str_replace('+','',$tag); + $str_class=isset($class) ? " class=\"".$class."\"" : null; + $str_front.="<".$tag.$str_class.">\n"; + $str_rear.="\n"; + } + } + return $str_front.$string.$str_rear; +} + +//generate a random password +//$start: start number of mt_rand +//$end: end number of mt_rand +function randString($length,$start = 33, $end = 126) +{ + $random = ''; + for ($i = 0; $i < $length; $i++) + { + $random .= chr(mt_rand($start, $end)); + } + return $random; +} + +//generate a random string +//$charNumb:number of characters of the final string +//$allowedChars: allowed characters +function generateString($charNumb = 8,$allowedChars = '0123456789abcdefghijklmnopqrstuvwxyz') +{ + $str = null; + for ($i = 0; $i < $charNumb; $i++) + { + $str .= substr($allowedChars, mt_rand(0, strlen($allowedChars)-1), 1); + } + return $str; +} + + +function getIp() +{ + $ip = ""; + + if (isset($_SERVER)) + { + if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) + { + $ip = sanitizeIp($_SERVER["HTTP_X_FORWARDED_FOR"]); + } else if (!empty($_SERVER["HTTP_CLIENT_IP"])) { + $ip = sanitizeIp($_SERVER["HTTP_CLIENT_IP"]); + } else { + $ip = sanitizeIp($_SERVER["REMOTE_ADDR"]); + } + } else { + if ( getenv( 'HTTP_X_FORWARDED_FOR' ) !== false ) { + $ip = sanitizeIp(getenv( 'HTTP_X_FORWARDED_FOR' )); + } else if ( getenv( 'HTTP_CLIENT_IP' ) !== false ) { + $ip = sanitizeIp(getenv( 'HTTP_CLIENT_IP' )); + } else { + $ip = sanitizeIp(getenv( 'REMOTE_ADDR' )); + } + } + return $ip; +} + + + +function getUserAgent() { + if (isset($_SERVER['HTTP_USER_AGENT'])) + { + return md5($_SERVER['HTTP_USER_AGENT']); + } + else + { + return md5('firefox'); + } +} + + +function xml_encode($string) +{ + $trans = get_html_translation_table(HTML_ENTITIES, ENT_QUOTES); + foreach ($trans as $k=>$v) + { + $trans[$k]= "&#".ord($k).";"; + } + + return strtr($string, $trans); +} \ No newline at end of file -- cgit v1.2.3