| blob | 3a6a86ed0d6e484720e54950c691ac85f3cd43ed |
1 <?php
3 /**
4 * Library of functions for handling input validation
5 * and some HTML generation
6 * This library is a combination of bits of lib/weblib.php
7 * and lib/moodlelib.php from moodle
8 * http://moodle.org || http://sourceforge.net/projects/moodle
9 * Copyright (C) 2001-2003 Martin Dougiamas http://dougiamas.com
10 * @author Martin Dougiamas and many others
11 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
12 */
15 /// PARAMETER HANDLING ////////////////////////////////////////////////////
17 /**
18 * Returns a particular value for the named variable, taken from
19 * POST or GET. If the parameter doesn't exist then an error is
20 * thrown because we require this variable.
21 *
22 * This function should be used to initialise all required values
23 * in a script that are based on parameters. Usually it will be
24 * used like this:
25 * $id = required_param('id');
26 *
27 * @param string $varname the name of the parameter variable we want
28 * @param int $options a bit field that specifies any cleaning needed
29 * @return mixed
30 */
33 // detect_unchecked_vars addition
38 }
46 }
49 }
51 /**
52 * Returns a particular value for the named variable, taken from
53 * POST or GET, otherwise returning a given default.
54 *
55 * This function should be used to initialise all optional values
56 * in a script that are based on parameters. Usually it will be
57 * used like this:
58 * $name = optional_param('name', 'Fred');
59 *
60 * @param string $varname the name of the parameter variable we want
61 * @param mixed $default the default value to return if nothing is found
62 * @param int $options a bit field that specifies any cleaning needed
63 * @return mixed
64 */
67 // detect_unchecked_vars addition
72 }
80 }
83 }
86 /**
87 * Used by {@link optional_param()} and {@link required_param()} to
88 * clean the variables and/or cast to specific types, based on
89 * an options field.
90 * <code>
91 * $course->format = clean_param($course->format, PARAM_ALPHA);
92 * $selectedgrade_item = clean_param($selectedgrade_item, PARAM_CLEAN);
93 * </code>
94 *
95 * @uses $CFG
96 * @uses PARAM_CLEAN
97 * @uses PARAM_INT
98 * @uses PARAM_INTEGER
99 * @uses PARAM_ALPHA
100 * @uses PARAM_ALPHANUM
101 * @uses PARAM_NOTAGS
102 * @uses PARAM_ALPHATEXT
103 * @uses PARAM_BOOL
104 * @uses PARAM_SAFEDIR
105 * @uses PARAM_CLEANFILE
106 * @uses PARAM_FILE
107 * @uses PARAM_PATH
108 * @uses PARAM_HOST
109 * @uses PARAM_URL
110 * @uses PARAM_LOCALURL
111 * @uses PARAM_CLEANHTML
112 * @param mixed $param the variable we are cleaning
113 * @param int $options a bit field that specifies the cleaning needed. This field is specified by combining PARAM_* definitions together with a logical or.
114 * @return mixed
115 */
124 }
126 }
130 }
132 //this corrupts data - Sven
133 //if ((string)$param == (string)(int)$param) { // It's just an integer
134 // return (int)$param;
135 //}
138 // this breaks backslashes in user input
139 // $param = stripslashes($param); // Needed by kses to work fine
141 // and this unnecessarily escapes quotes, etc in user input
142 // $param = addslashes($param); // Restore original request parameter slashes
143 }
147 }
151 }
155 }
159 }
169 }
170 }
174 }
178 }
182 }
189 }
190 }
200 }
204 // match ipv4 dotted quad
206 // confirm values are ok
211 // hmmm, what kind of dotted quad is this?
213 }
217 ) {
218 // all is ok - $param is respected
220 // all is not ok...
222 }
223 }
229 //
230 // Parameters to validateurlsyntax()
231 //
232 // s? scheme is optional
233 // H? http optional
234 // S? https optional
235 // F? ftp optional
236 // E? mailto optional
237 // u- user section not allowed
238 // P- password not allowed
239 // a? address optional
240 // I? Numeric IP address optional (can use IP or domain)
241 // p- port not allowed -- restrict to default port
242 // f? "file" path section optional
243 // q? query section optional
244 // r? fragment (anchor) optional
245 //
247 // all is ok, param is respected
250 }
251 $options ^= PARAM_URL; // Turn off the URL bit so that simple PARAM_URLs don't test true for PARAM_LOCALURL
252 }
255 // assume we passed the PARAM_URL test...
256 // allow http absolute, root relative and relative URLs within wwwroot
259 // root-relative, ok!
261 // absolute, and matches our wwwroot
263 // relative - let's make sure there are no tricks
265 // looks ok.
268 }
269 }
270 }
271 }
274 // $param = stripslashes($param); // Remove any slashes
276 // $param = trim($param); // Sweep for scripts, etc
277 }
280 }
282 /**
283 * Retrieves the list of plugins available in the $plugin
284 * directory. Defaults to 'mod'.
285 *
286 * NOTE: To get the list of enabled modules, do
287 * get_records('modules', 'enabled', true) instead.
288 *
289 * @return array
290 **/
306 }
309 }
311 }
314 }
316 }
318 }
320 // Adds a function to the variables used to cycle through plugin extensions
321 // to actions on objects
327 }
336 }
337 }
338 if (!empty($CFG->event_hooks[$object_type]['all']) && is_array($CFG->event_hooks[$object_type]['all'])) {
341 }
342 }
346 }
347 }
348 if (!empty($CFG->event_hooks[$object_type][$event]) && is_array($CFG->event_hooks[$object_type][$event])) {
351 }
352 }
356 }
361 //clear session cookies
364 //increment database error counters
365 //if (isset($CFG->session_error_counter)) {
366 // set_config('session_error_counter', 1 + $CFG->session_error_counter);
367 //} else {
368 // set_config('session_error_counter', 1);
369 //}
370 //called from setup.php, so gettext module hasn't been loaded yet
371 redirect($FULLME, 'A server error that affects your login session was detected. Please login again or restart your browser.', 5);
372 }
374 // never called
375 /**
376 * For security purposes, this function will check that the currently
377 * given sesskey (passed as a parameter to the script or this function)
378 * matches that of the current user.
379 *
380 * @param string $sesskey optionally provided sesskey
381 * @return bool
382 */
383 // function confirm_sesskey($sesskey=NULL) {
384 // global $USER;
386 // if (!empty($USER->ignoresesskey) || !empty($CFG->ignoresesskey)) {
387 // return true;
388 // }
390 // if (empty($sesskey)) {
391 // $sesskey = required_param('sesskey'); // Check script parameters
392 // }
394 // if (!isset($USER->sesskey)) {
395 // return false;
396 // }
398 // return ($USER->sesskey === $sesskey);
399 // }
402 /**
403 * Makes sure that $USER->sesskey exists, if $USER itself exists. It sets a new sesskey
404 * if one does not already exist, but does not overwrite existing sesskeys. Returns the
405 * sesskey string if $USER exists, or boolean false if not.
406 *
407 * @uses $USER
408 * @return string
409 */
415 }
419 }
422 }
425 /**
426 * Send an email to a specified user
427 *
428 * @uses $CFG
429 * @param user $user A {@link $USER} object
430 * @param user $from A {@link $USER} object
431 * @param string $subject plain text subject line of the email
432 * @param string $messagetext plain text version of the message
433 * @param string $messagehtml complete html version of the message (optional)
434 * @param string $attachment a file on the filesystem
435 * @param string $attachname the name of the file (extension indicates MIME)
436 * @param bool $usetrueaddress determines whether $from email address should
437 * be sent out. Will be overruled by user profile setting for maildisplay
438 * @return bool|string Returns "true" if mail was sent OK, "emailstop" if email
439 * was blocked by user and "false" if there was another sort of error.
440 */
441 function email_to_user($user, $from, $subject, $messagetext, $messagehtml='', $attachment='', $attachname='', $usetrueaddress=true, $repyto='', $replytoname='') {
450 }
452 /*
453 if (over_bounce_threshold($user)) {
454 error_log("User $user->id (".fullname($user).") is over bounce threshold! Not sending.");
455 return false;
456 }
461 $mail->Version = 'Elgg '; // mailer version (should have $CFG->version on here but we don't have it yet)
476 }
483 }
484 }
486 /* not here yet, leave it in just in case.
487 // make up an email address for handling bounces
488 if (!empty($CFG->handlebounces)) {
489 $modargs = 'B'.base64_encode(pack('V',$user->ident)).substr(md5($user->email),0,16);
490 $mail->Sender = generate_email_processing_address(0,$modargs);
491 }
492 else {
493 $mail->Sender = $CFG->sysadminemail;
494 }
495 */
498 // TODO add a preference for maildisplay
513 }
514 }
518 }
530 }
533 }
534 }
538 }
540 //TODO add a user preference for this. right now just send plaintext
542 if ($messagehtml && $user->mailformat == 1) { // Don't ever send HTML to users who don't want it
550 }
555 $mail->AddStringAttachment('Error in attachment. User attempted to attach a filename with a unsafe name.', 'error.txt', '8bit', 'text/plain');
560 }
561 }
564 // set_send_count($user); // later
569 }
570 }
572 /**
573 * Returns an array with all the filenames in
574 * all subdirectories, relative to the given rootdir.
575 * If excludefile is defined, then that file/directory is ignored
576 * If getdirs is true, then (sub)directories are included in the output
577 * If getfiles is true, then files are included in the output
578 * (at least one of these must be true!)
579 *
580 * @param string $rootdir ?
581 * @param string $excludefile If defined then the specified file/directory is ignored
582 * @param bool $descend ?
583 * @param bool $getdirs If true then (sub)directories are included in the output
584 * @param bool $getfiles If true then files are included in the output
585 * @return array An array with all the filenames in
586 * all subdirectories, relative to the given rootdir
587 * @todo Finish documenting this function. Add examples of $excludefile usage.
588 */
589 function get_directory_list($rootdir, $excludefile='', $descend=true, $getdirs=false, $getfiles=true) {
595 }
599 }
603 }
609 }
614 }
619 }
620 }
623 }
624 }
630 }
632 /**
633 * handy function to loop through an array of files and resolve any filename conflicts
634 * both in the array of filenames and for what is already on disk.
635 */
646 }
647 }
648 }
649 }
651 }
653 /**
654 * @used by resolve_filename_collisions
655 */
659 }
662 }
664 }
666 /**
667 * Adds up all the files in a directory and works out the size.
668 *
669 * @param string $rootdir ?
670 * @param string $excludefile ?
671 * @return array
672 * @todo Finish documenting this function
673 */
679 // do it this way if we can, it's much faster
685 }
686 }
692 }
696 }
702 }
708 }
709 }
713 }
715 /**
716 * Converts numbers like 10M into bytes.
717 *
718 * @param mixed $size The size to be converted
719 * @return mixed
720 */
724 }
742 }
743 }
745 }
747 /**
748 * Converts bytes into display form
749 *
750 * @param string $size ?
751 * @return string
752 * @staticvar string $gb Localized string for size in gigabytes
753 * @staticvar string $mb Localized string for size in megabytes
754 * @staticvar string $kb Localized string for size in kilobytes
755 * @staticvar string $b Localized string for size in bytes
756 * @todo Finish documenting this function. Verify return type.
757 */
767 }
777 }
779 }
781 /*
782 * Convert high ascii characters into low ascii
783 * This code is from http://kalsey.com/2004/07/dirify_in_php/
784 *
785 */
839 );
844 }
846 /*
847 * Cleans a given filename by removing suspicious or troublesome characters
848 * Only these are allowed:
849 * alphanumeric _ - .
850 *
851 * @param string $string ?
852 * @return string
853 */
860 }
864 /**
865 * Function to raise the memory limit to a new value.
866 * Will respect the memory limit if it is higher, thus allowing
867 * settings in php.ini, apache conf or command line switches
868 * to override it
869 *
870 * The memory limit should be expressed with a string (eg:'64M')
871 *
872 * @param string $newlimit the new memory limit
873 * @return bool
874 */
879 }
883 // if php is compiled without --enable-memory-limits
884 // apparently memory_limit is set to ''
889 }
891 }
897 }
899 }
901 /**
902 * Converts string to lowercase using most compatible function available.
903 *
904 * @param string $string The string to convert to all lowercase characters.
905 * @param string $encoding The encoding on the string.
906 * @return string
907 * @todo Add examples of calling this function with/without encoding types
908 */
912 }
916 /**
917 * Given a simple array, this shuffles it up just like shuffle()
918 * Unlike PHP's shuffle() ihis function works on any machine.
919 *
920 * @param array $array The array to be rearranged
921 * @return array
922 */
932 }
934 }
936 /**
937 * Like {@link swapshuffle()}, but works on associative arrays
938 *
939 * @param array $array The associative array to be rearranged
940 * @return array
941 */
943 ///
948 }
950 }
952 /**
953 * Given an arbitrary array, and a number of draws,
954 * this function returns an array with that amount
955 * of items. The indexes are retained.
956 *
957 * @param array $array ?
958 * @param ? $draws ?
959 * @return ?
960 * @todo Finish documenting this function
961 */
971 }
983 }
986 }
989 /**
990 * Function to check the passed address is within the passed subnet
991 *
992 * The parameter is a comma separated string of subnet definitions.
993 * Subnet strings can be in one of two formats:
994 * 1: xxx.xxx.xxx.xxx/xx
995 * 2: xxx.xxx
996 * Code for type 1 modified from user posted comments by mediator at
997 * {@link http://au.php.net/manual/en/function.ip2long.php}
998 *
999 * @param string $addr The address you are checking
1000 * @param string $subnetstr The string of subnet addresses
1001 * @return bool
1002 */
1019 }
1023 }
1024 }
1027 }
1029 /**
1030 * For outputting debugging info
1031 *
1032 * @uses STDOUT
1033 * @param string $string ?
1034 * @param string $eol ?
1035 * @todo Finish documenting this function
1036 */
1043 }
1047 //delay to keep message on user's screen in case of subsequent redirect
1050 }
1051 }
1053 //Replace 1 or more slashes or backslashes to 1 slash
1056 }
1060 /**
1061 * Returns most reliable client address
1062 *
1063 * @return string The remote IP address
1064 */
1068 }
1071 }
1074 }
1076 }
1078 /**
1079 * Cleans a remote address ready to put into the log table
1080 */
1084 // first get all things that look like IP addresses.
1087 }
1091 // print_r($match);
1092 // check to make sure it's not an internal address.
1093 // the following are reserved for private lans...
1094 // 10.0.0.0 - 10.255.255.255
1095 // 172.16.0.0 - 172.31.255.255
1096 // 192.168.0.0 - 192.168.255.255
1097 // 169.254.0.0 -169.254.255.255
1100 // weird, preg match shouldn't give us it.
1102 }
1109 }
1110 // finally, it's ok
1112 }
1114 // perhaps we have a lan match, it's probably better to return that.
1119 }
1120 }
1123 }
1124 error_log("NOTICE: cleanremoteaddr gives us something funny: $originaladdr had ".count($goodmatches)." matches");
1125 // we need to return something, so
1127 }
1129 /**
1130 * html_entity_decode is only supported by php 4.3.0 and higher
1131 * so if it is not predefined, define it here
1132 *
1133 * @param string $string ?
1134 * @return string
1135 * @todo Finish documenting this function
1136 */
1142 }
1143 }
1145 /**
1146 * The clone keyword is only supported from PHP 5 onwards.
1147 * The behaviour of $obj2 = $obj1 differs fundamentally
1148 * between PHP 4 and PHP 5. In PHP 4 a copy of $obj1 was
1149 * created, in PHP 5 $obj1 is referenced. To create a copy
1150 * in PHP 5 the clone keyword was introduced. This function
1151 * simulates this behaviour for PHP < 5.0.0.
1152 * See also: http://mjtsai.com/blog/2004/07/15/php-5-object-references/
1153 *
1154 * Modified 2005-09-29 by Eloy (from Julian Sedding proposal)
1155 * Found a better implementation (more checks and possibilities) from PEAR:
1156 * http://cvs.php.net/co.php/pear/PHP_Compat/Compat/Function/clone.php
1157 *
1158 * @param object $obj
1159 * @return object
1160 */
1162 // the eval is needed to prevent PHP 5 from getting a parse error!
1165 /// Sanity check
1168 return;
1169 }
1171 /// Use serialize/unserialize trick to deep copy the object
1174 /// If there is a __clone method call it on the "new" class
1177 }
1180 }
1182 }
1185 /**
1186 * microtime_diff
1187 *
1188 * @param string $a ?
1189 * @param string $b ?
1190 * @return string
1191 * @todo Finish documenting this function
1192 */
1197 }
1200 /**
1201 *** get_performance_info() pairs up with init_performance_info()
1202 *** loaded in setup.php. Returns an array with 'html' and 'txt'
1203 *** values ready for use, and each of the individual stats provided
1204 *** separately as well.
1205 ***
1206 **/
1222 $info['html'] .= '<span class="memoryused">RAM: '.display_size($info['memory_total']).'</span> ';
1223 $info['txt'] .= 'memory_total: '.$info['memory_total'].'B (' . display_size($info['memory_total']).') memory_growth: '.$info['memory_growth'].'B ('.display_size($info['memory_growth']).') ';
1224 }
1227 //error_log(print_r($inc,1));
1236 }
1242 }
1249 }
1250 $info['html'] .= "<span class=\"posixtimes\">ticks: $info[ticks] user: $info[utime] sys: $info[stime] cuser: $info[cutime] csys: $info[cstime]</span> ";
1251 $info['txt'] .= "ticks: $info[ticks] user: $info[utime] sys: $info[stime] cuser: $info[cutime] csys: $info[cstime] ";
1252 }
1253 }
1255 // Grab the load average for the last minute
1256 // /proc will only work under some linux configurations
1257 // while uptime is there under MacOSX/Darwin and other unices
1261 } else if ( function_exists('is_executable') && is_executable('/usr/bin/uptime') && $loadavg = `/usr/bin/uptime` ) {
1266 }
1267 }
1272 }
1277 }
1283 }
1284 }
1289 /**
1290 * Detect if an object or a class contains a given property
1291 * will take an actual object or the name of a class
1292 * @param mix $obj Name of class or real object to test
1293 * @param string $property name of property to find
1294 * @return bool true if property exists
1295 */
1299 }
1302 }
1304 }
1307 /**
1308 * Add quotes to HTML characters
1309 *
1310 * Returns $var with HTML characters (like "<", ">", etc.) properly quoted.
1311 * This function is very similar to {@link p()}
1312 *
1313 * @param string $var the string potentially containing HTML characters
1314 * @return string
1315 */
1319 }
1320 return preg_replace("/&(#\d+);/iu", '&$1;', htmlspecialchars(stripslashes_safe($var), ENT_COMPAT, 'utf-8'));
1321 }
1323 /**
1324 * Add quotes to HTML characters
1325 *
1326 * Prints $var with HTML characters (like "<", ">", etc.) properly quoted.
1327 * This function is very similar to {@link s()}
1328 *
1329 * @param string $var the string potentially containing HTML characters
1330 * @return string
1331 */
1334 }
1337 /**
1338 * Ensure that a variable is set
1339 *
1340 * Return $var if it is defined, otherwise return $default,
1341 * This function is very similar to {@link optional_variable()}
1342 *
1343 * @param mixed $var the variable which may be unset
1344 * @param mixed $default the value to return if $var is unset
1345 * @return mixed
1346 */
1350 }
1352 /**
1353 * Remove query string from url
1354 *
1355 * Takes in a URL and returns it without the querystring portion
1356 *
1357 * @param string $url the url which may have a query string attached
1358 * @return string
1359 */
1367 }
1368 }
1370 /**
1371 * Returns the URL of the HTTP_REFERER, less the querystring portion
1372 * @return string
1373 */
1377 }
1380 /**
1381 * Returns the name of the current script, WITH the querystring portion.
1382 * this function is necessary because PHP_SELF and REQUEST_URI and SCRIPT_NAME
1383 * return different things depending on a lot of things like your OS, Web
1384 * server, and the way PHP is compiled (ie. as a CGI, module, ISAPI, etc.)
1385 * <b>NOTE:</b> This function returns false if the global variables needed are not set.
1386 *
1387 * @return string
1388 */
1397 }
1403 }
1409 }
1413 notify('Warning: Could not find any of these web server variables: $REQUEST_URI, $PHP_SELF, $SCRIPT_NAME or $URL');
1415 }
1416 }
1418 /**
1419 * Like {@link me()} but returns a full URL
1420 * @see me()
1421 * @return string
1422 */
1429 }
1444 }
1451 }
1452 }
1460 }
1464 }
1466 /**
1467 * Determine if a web referer is valid
1468 *
1469 * Returns true if the referer is the same as the goodreferer. If
1470 * the referer to test is not specified, use {@link qualified_me()}.
1471 * If the admin has not set secure forms ($CFG->secureforms) then
1472 * this function returns true regardless of a match.
1473 *
1474 * @uses $CFG
1475 * @param string $goodreferer the url to compare to referer
1476 * @return boolean
1477 */
1483 }
1487 }
1491 }
1495 return (($referer == $goodreferer) or ($referer == $CFG->wwwroot) or ($referer == $CFG->wwwroot .'index.php'));
1496 }
1498 /**
1499 * Determine if there is data waiting to be processed from a form
1500 *
1501 * Used on most forms in Moodle to check for data
1502 * Returns the data as an object, if it's found.
1503 * This object can be used in foreach loops without
1504 * casting because it's cast to (array) automatically
1505 *
1506 * Checks that submitted POST data exists, and also
1507 * checks the referer against the given url (it uses
1508 * the current page if none was specified.
1509 *
1510 * @uses $CFG
1511 * @param string $url the url to compare to referer for secure forms
1512 * @return boolean
1513 */
1528 }
1530 }
1531 }
1532 }
1534 /**
1535 * Moodle replacement for php stripslashes() function
1536 *
1537 * The standard php stripslashes() removes ALL backslashes
1538 * even from strings - so C:\temp becomes C:temp - this isn't good.
1539 * This function should work as a fairly safe replacement
1540 * to be called on quoted AND unquoted strings (to be sure)
1541 *
1542 * @param string the string to remove unsafe slashes from
1543 * @return string
1544 */
1551 }
1553 /**
1554 * Recursive implementation of stripslashes()
1555 *
1556 * This function will allow you to strip the slashes from a variable.
1557 * If the variable is an array or object, slashes will be stripped
1558 * from the items (or properties) it contains, even if they are arrays
1559 * or objects themselves.
1560 *
1561 * @param mixed the variable to remove slashes from
1562 * @return mixed
1563 */
1569 }
1570 }
1574 }
1575 }
1578 }
1580 }
1582 /**
1583 * This does a search and replace, ignoring case
1584 * This function is only used for versions of PHP older than version 5
1585 * which do not have a native version of this function.
1586 * Taken from the PHP manual, by bradhuizenga @ softhome.net
1587 *
1588 * @param string $find the string to search for
1589 * @param string $replace the string to replace $find with
1590 * @param string $string the string to search through
1591 * return string
1592 */
1599 }
1605 // this will duplicate the string into an array the size of $find
1611 }
1612 }
1613 }
1621 }
1623 }
1625 }
1626 }
1628 /**
1629 * Locate the position of a string in another string
1630 *
1631 * This function is only used for versions of PHP older than version 5
1632 * which do not have a native version of this function.
1633 * Taken from the PHP manual, by dmarsh @ spscc.ctc.edu
1634 *
1635 * @param string $haystack The string to be searched
1636 * @param string $needle The string to search for
1637 * @param int $offset The position in $haystack where the search should begin.
1638 */
1643 return $textlib->strpos($textlib->strtoupper($haystack), $textlib->strtoupper($needle), $offset);
1644 }
1645 }
1648 /**
1649 * Returns true if the current version of PHP is greater that the specified one.
1650 *
1651 * @param string $version The version of php being tested.
1652 * @return boolean
1653 * @todo Finish documenting this function
1654 */
1657 }
1660 /**
1661 * Checks to see if is a browser matches the specified
1662 * brand and is equal or better version.
1663 *
1664 * @uses $_SERVER
1665 * @param string $brand The browser identifier being tested
1666 * @param int $version The version of the browser
1667 * @return boolean
1668 * @todo Finish documenting this function
1669 */
1675 }
1682 // MacOS X Camino support
1684 }
1686 // the proper string - Gecko/CCYYMMDD Vendor/Version
1687 // Faster version and work-a-round No IDN problem.
1691 }
1692 }
1700 }
1704 }
1708 }
1711 }
1714 }
1717 }
1720 /**
1721 * Set a variable's value depending on whether or not it already has a value.
1722 *
1723 * If variable is set, set it to the set_value otherwise set it to the
1724 * unset_value. used to handle checkboxes when you are expecting them from
1725 * a form
1726 *
1727 * @param mixed $var Passed in by reference. The variable to check.
1728 * @param mixed $set_value The value to set $var to if $var already has a value.
1729 * @param mixed $unset_value The value to set $var to if $var does not already have a value.
1730 */
1737 }
1738 }
1740 /**
1741 * Prints the word "checked" if a variable is true, otherwise prints nothing,
1742 * used for printing the word "checked" in a checkbox form element.
1743 *
1744 * @param boolean $var Variable to be checked for true value
1745 * @param string $true_value Value to be printed if $var is true
1746 * @param string $false_value Value to be printed if $var is false
1747 */
1754 }
1755 }
1757 /**
1758 * Prints a simple button to close a window
1759 */
1766 echo "document.write('<input type=\"button\" onclick=\"self.close();\" value=\"".__gettext("Close this window")."\" />');\n";
1774 }
1776 /*
1777 * Try and close the current window immediately using Javascript
1778 */
1784 }
1789 }
1792 /**
1793 * Given an array of value, creates a popup menu to be part of a form
1794 * $options["value"]["label"]
1795 *
1796 * @param type description
1797 * @todo Finish documenting this function
1798 */
1804 }
1809 }
1813 }
1820 }
1822 }
1828 }
1833 }
1834 }
1835 }
1842 }
1843 }
1845 /**
1846 * Just like choose_from_menu, but takes a nested array (2 levels) and makes a dropdown menu
1847 * including option headings with the first level.
1848 */
1854 }
1859 }
1863 }
1870 }
1872 }
1880 }
1885 }
1886 }
1888 }
1889 }
1896 }
1897 }
1900 /**
1901 * Given an array of values, creates a group of radio buttons to be part of a form
1902 *
1903 * @param array $options An array of value-label pairs for the radio group (values as keys)
1904 * @param string $name Name of the radiogroup (unique in the form)
1905 * @param string $checked The value that is already checked
1906 */
1913 }
1925 }
1930 }
1932 }
1933 }
1938 }
1940 /** Display an standard html checkbox with an optional label
1941 *
1942 * @param string $name The name of the checkbox
1943 * @param string $value The valus that the checkbox will pass when checked
1944 * @param boolean $checked The flag to tell the checkbox initial state
1945 * @param string $label The label to be showed near the checkbox
1946 * @param string $alt The info to be inserted in the alt tag
1947 */
1948 function print_checkbox ($name, $value, $checked = true, $label = '', $alt = '', $script='',$return=false) {
1954 }
1958 }
1962 }
1966 $output .= '<input name="'.$name.'" id="'.$htmlid.'" type="checkbox" value="'.$value.'" alt="'.$alt.'"'.$strchecked.' '.((!empty($script)) ? ' onclick="'.$script.'" ' : '').' />';
1969 }
1976 }
1978 }
1980 /** Display an standard html text field with an optional label
1981 *
1982 * @param string $name The name of the text field
1983 * @param string $value The value of the text field
1984 * @param string $label The label to be showed near the text field
1985 * @param string $alt The info to be inserted in the alt tag
1986 */
1993 }
1997 }
2001 }
2005 $output .= '<input name="'.$name.'" id="'.$htmlid.'" type="text" value="'.$value.'" size="'.$size.'" '.$maxlength.' alt="'.$alt.'" />';
2013 }
2015 }
2018 /**
2019 * Validates an email to make sure it makes sense and adheres
2020 * to the email filter if it's set.
2021 *
2022 * @param string $address The email address to validate.
2023 * @return boolean
2024 */
2039 }
2040 }
2046 }
2047 }
2049 /**
2050 * Check for bad characters ?
2051 *
2052 * @param string $string ?
2053 * @param int $allowdots ?
2054 * @todo Finish documenting this function - more detail needed in description as well as details on arguments
2055 */
2059 }
2062 }
2065 }
2068 }
2072 /**
2073 * Just returns an array of text formats suitable for a popup menu
2074 *
2075 * @uses FORMAT_MOODLE
2076 * @uses FORMAT_HTML
2077 * @uses FORMAT_PLAIN
2078 * @uses FORMAT_MARKDOWN
2079 * @return array
2080 */
2087 }
2089 /*
2090 * Given text in a variety of format codings, this function returns
2091 * the text as safe HTML.
2092 *
2093 * @uses $CFG
2094 * @uses FORMAT_MOODLE
2095 * @uses FORMAT_HTML
2096 * @uses FORMAT_PLAIN
2097 * @uses FORMAT_WIKI
2098 * @uses FORMAT_MARKDOWN
2099 * @param string $text The text to be formatted. This is raw text originally from user input.
2100 * @param int $format Identifier of the text format to be used
2101 * (FORMAT_MOODLE, FORMAT_HTML, FORMAT_PLAIN, FORMAT_WIKI, FORMAT_MARKDOWN)
2102 * @param array $options ?
2103 * @param int $courseid ?
2104 * @return string
2105 * @todo Finish documenting this function
2106 */
2113 }
2116 }
2119 }
2122 }
2125 }
2130 }
2131 }
2133 /*
2134 if (!empty($CFG->cachetext)) {
2135 $time = time() - $CFG->cachetext;
2136 $md5key = md5($text.'-'.$courseid.$options->noclean.$options->smiley.$options->filter.$options->para.$options->newlines);
2137 if ($cacheitem = get_record_select('cache_text', "md5key = '$md5key' AND timemodified > '$time'")) {
2138 return $cacheitem->formattedtext;
2139 }
2140 }
2150 }
2154 }
2158 }
2169 // this format is deprecated
2170 $text = '<p>NOTICE: Wiki-like formatting has been removed from Moodle. You should not be seeing
2171 this message as all texts should have been converted to Markdown format instead.
2172 Please post a bug report to http://moodle.org/bugs with information about where you
2180 }
2183 }
2186 }
2193 }
2196 }
2198 }
2205 }
2208 }
2210 /** Converts the text format from the value to the 'internal'
2211 * name or vice versa. $key can either be the value or the name
2212 * and you get the other back.
2213 *
2214 * @param mixed int 0-4 or string one of 'moodle','html','plain','markdown'
2215 * @return mixed as above but the other way around!
2216 */
2227 }
2231 }
2232 }
2234 }
2236 /** Given a simple string, this function returns the string
2237 * processed by enabled filters if $CFG->filterall is enabled
2238 *
2239 * @param string $string The string to be filtered.
2240 * @param boolean $striplinks To strip any link in the result text.
2241 * @param int $courseid Current course as filters can, potentially, use it
2242 * @return string
2243 */
2248 //We'll use a in-memory cache here to speed up repeated strings
2251 //Calculate md5
2254 //Fetch from cache if possible
2257 }
2262 }
2263 }
2267 }
2271 }
2273 //Store to cache
2277 }
2279 /**
2280 * Given text in a variety of format codings, this function returns
2281 * the text as plain text suitable for plain email.
2282 *
2283 * @uses FORMAT_MOODLE
2284 * @uses FORMAT_HTML
2285 * @uses FORMAT_PLAIN
2286 * @uses FORMAT_WIKI
2287 * @uses FORMAT_MARKDOWN
2288 * @param string $text The text to be formatted. This is raw text originally from user input.
2289 * @param int $format Identifier of the text format to be used
2290 * (FORMAT_MOODLE, FORMAT_HTML, FORMAT_PLAIN, FORMAT_WIKI, FORMAT_MARKDOWN)
2291 * @return string
2292 */
2303 /// This expression turns links into something nice in a text format. (Russell Jungwirth)
2304 /// From: http://php.net/manual/en/function.eregi-replace.php and simplified
2305 $text = eregi_replace('(<a [^<]*href=["|\']?([^ "\']*)["|\']?[^>]*>([^<]*)</a>)','\\3 [ \\2 ]', $text);
2316 $text = eregi_replace('(<a [^<]*href=["|\']?([^ "\']*)["|\']?[^>]*>([^<]*)</a>)','\\3 [ \\2 ]', $text);
2319 }
2320 }
2322 /**
2323 * This function takes a string and examines it for HTML tags.
2324 * If tags are detected it passes the string to a helper function {@link cleanAttributes2()}
2325 * which checks for attributes and filters them for malicious content
2326 * 17/08/2004 :: Eamon DOT Costello AT dcu DOT ie
2327 *
2328 * @param string $str The string to be examined for html tags
2329 * @return string
2330 */
2335 $str
2336 );
2338 }
2340 /**
2341 * This function takes a string with an html tag and strips out any unallowed
2342 * protocols e.g. javascript:
2343 * It calls ancillary functions in kses which are prefixed by kses
2344 * 17/08/2004 :: Eamon DOT Costello AT dcu DOT ie
2345 *
2346 * @param array $htmlArray An array from {@link cleanAttributes()}, containing in its 1st
2347 * element the html to be cleared
2348 * @return string
2349 */
2358 }
2361 }
2371 }
2373 // Remove last space from attribute list
2379 }
2381 }
2383 /**
2384 * Replaces all known smileys in the text with image equivalents
2385 *
2386 * @uses $CFG
2387 * @param string $text Passed by reference. The string to search for smily strings.
2388 * @return string
2389 */
2391 ///
2394 /// this builds the mapping array only once
2421 );
2428 $img[] = '<img alt="'. $alttext .'" width="15" height="15" src="'. $CFG->pixpath .'/s/'. $image .'.gif" />';
2429 }
2431 }
2433 // Exclude from transformations all the code inside <script> tags
2434 // Needed to solve Bug 1185. Thanks to jouse 2001 detecting it. :-)
2435 // Based on code from glossary fiter by Williams Castillo.
2436 // - Eloy
2438 // Detect all the <script> zones to take out
2442 // Take out all the <script> zones from text
2445 }
2448 }
2450 /// this is the meat of the code - this is run every time
2453 // Recover all the <script> zones to text
2456 }
2457 }
2459 /**
2460 * Given plain text, makes it into HTML as nicely as possible.
2461 * May contain HTML tags already
2462 *
2463 * @uses $CFG
2464 * @param string $text The string to convert.
2465 * @param boolean $smiley Convert any smiley characters to smiley images?
2466 * @param boolean $para If true then the returned string will be wrapped in paragraph tags
2467 * @param boolean $newlines If true then lines newline breaks will be converted to HTML newline breaks.
2468 * @return string
2469 */
2472 ///
2476 /// Remove any whitespace that may be between HTML tags
2479 /// Remove any returns that precede or follow HTML tags
2485 /// Make returns into HTML newlines.
2488 }
2490 /// Turn smileys into images.
2493 }
2495 /// Wrap the whole thing in a paragraph tag if required
2500 }
2501 }
2503 /**
2504 * Given Markdown formatted text, make it into XHTML using external function
2505 *
2506 * @uses $CFG
2507 * @param string $text The markdown formatted text to be converted.
2508 * @return string Converted text
2509 */
2516 }
2518 /**
2519 * Given HTML text, make it into plain text using external function
2520 *
2521 * @uses $CFG
2522 * @param string $html The text to be converted.
2523 * @return string
2524 */
2532 }
2534 /**
2535 * Given some text this function converts any URLs it finds into HTML links
2536 *
2537 * @param string $text Passed in by reference. The string to be searched for urls.
2538 */
2540 /// Make lone URLs into links. eg http://moodle.com/
2541 $text = eregi_replace("([[:space:]]|^|\(|\[)([[:alnum:]]+)://([^[:space:]]*)([[:alnum:]#?/&=])",
2544 /// eg www.moodle.com
2547 }
2551 /**
2552 * This function will highlight search words in a given string
2553 * It cares about HTML and will not ruin links. It's best to use
2554 * this function after performing any conversions to HTML.
2555 * Function found here: http://forums.devshed.com/t67822/scdaa2d1c3d4bacb4671d075ad41f0854.html
2556 *
2557 * @param string $needle The string to search for
2558 * @param string $haystack The string to search for $needle in
2559 * @param int $case ?
2560 * @return string
2561 * @todo Finish documenting this function
2562 */
2567 }
2569 //$list_of_words = eregi_replace("[^-a-zA-Z0-9&.']", " ", $needle); // bug 3101
2575 }
2576 }
2584 }
2591 }
2594 }
2603 $haystack = eregi_replace("$list_of_words_cp", "$left_string"."\\1"."$right_string", $haystack);
2605 $haystack = ereg_replace("$list_of_words_cp", "$left_string"."\\1"."$right_string", $haystack);
2606 }
2607 }
2611 }
2613 /**
2614 * This function will highlight instances of $needle in $haystack
2615 * It's faster that the above function and doesn't care about
2616 * HTML or anything.
2617 *
2618 * @param string $needle The string to search for
2619 * @param string $haystack The string to search for $needle in
2620 * @return string
2621 */
2633 $parts[$key] .= '<span class="highlight">'.$textlib->substr($haystack, $pos, $textlib->strlen($needle)).'</span>';
2635 }
2638 }
2640 /**
2641 * Print a link to continue on to another page.
2642 *
2643 * @uses $CFG
2644 * @param string $link The url to create a link to.
2645 */
2652 }
2657 }
2659 /**
2660 * Print a message in a standard themed box.
2661 *
2662 * @param string $message ?
2663 * @param string $align ?
2664 * @param string $width ?
2665 * @param string $color ?
2666 * @param int $padding ?
2667 * @param string $class ?
2668 * @todo Finish documenting this function
2669 */
2670 function print_simple_box($message, $align='', $width='', $color='', $padding=5, $class='generalbox', $id='') {
2674 }
2676 /**
2677 * Print the top portion of a standard themed box.
2678 *
2679 * @param string $align ?
2680 * @param string $width ?
2681 * @param string $color ?
2682 * @param int $padding ?
2683 * @param string $class ?
2684 * @todo Finish documenting this function
2685 */
2686 function print_simple_box_start($align='', $width='', $color='', $padding=5, $class='generalbox', $id='') {
2690 }
2693 }
2696 }
2699 }
2703 echo "<table $align $width $id class=\"$class\" border=\"0\" cellpadding=\"$padding\" cellspacing=\"0\">".
2705 }
2707 /**
2708 * Print the end portion of a standard themed box.
2709 */
2712 }
2714 /**
2715 * Print a self contained form with a single submit button.
2716 *
2717 * @param string $link ?
2718 * @param array $options ?
2719 * @param string $label ?
2720 * @param string $method ?
2721 * @todo Finish documenting this function
2722 */
2729 }
2730 }
2732 }
2734 /**
2735 * Print a png image.
2736 *
2737 * @param string $url ?
2738 * @param int $sizex ?
2739 * @param int $sizey ?
2740 * @param boolean $returnstring ?
2741 * @param string $parameters ?
2742 * @todo Finish documenting this function
2743 */
2750 }
2753 $output .= '<img src="'. $CFG->pixpath .'/spacer.gif" width="'. $sizex .'" height="'. $sizey .'"'.
2761 }
2767 }
2768 }
2770 /**
2771 * Print a nicely formatted table.
2772 *
2773 * @param array $table is an object with several properties.
2774 * <ul<li>$table->head - An array of heading names.
2775 * <li>$table->align - An array of column alignments
2776 * <li>$table->size - An array of column sizes
2777 * <li>$table->wrap - An array of "nowrap"s or nothing
2778 * <li>$table->data[] - An array of arrays containing the data.
2779 * <li>$table->width - A percentage of the page
2780 * <li>$table->cellpadding - Padding on each cell
2781 * <li>$table->cellspacing - Spacing between cells
2782 * </ul>
2783 * @return boolean
2784 * @todo Finish documenting this function
2785 */
2794 }
2795 }
2796 }
2803 }
2804 }
2805 }
2812 }
2813 }
2814 }
2818 }
2822 }
2826 }
2830 }
2836 echo " cellpadding=\"$table->cellpadding\" cellspacing=\"$table->cellspacing\" class=\"$table->class\" $tableid>\n";
2847 }
2850 }
2851 echo '<th valign="top" '. $align[$key].$size[$key] .' nowrap="nowrap" class="header c'.$key.'">'. $heading .'</th>';
2852 }
2854 }
2867 }
2870 }
2873 }
2875 }
2876 }
2878 }
2879 }
2884 }
2886 /**
2887 * Prints form items with the names $day, $month and $year
2888 *
2889 * @param int $day ?
2890 * @param int $month ?
2891 * @param int $year ?
2892 * @param int $currenttime A default timestamp in GMT
2893 * @todo Finish documenting this function
2894 */
2899 }
2904 }
2907 }
2910 }
2914 }
2916 /**
2917 *Prints form items with the names $hour and $minute
2918 *
2919 * @param ? $hour ?
2920 * @param ? $minute ?
2921 * @param $currenttime A default timestamp in GMT
2922 * @param int $step ?
2923 * @todo Finish documenting this function
2924 */
2929 }
2933 }
2936 }
2939 }
2943 }
2945 /**
2946 *Returns an A link tag
2947 *
2948 * @param $url
2949 * @param $str
2950 * @param $extrattr Extra attribs for the A tag
2951 * @return string
2952 */
2956 }
2958 /**
2959 *Returns an A link tag using __gettext()
2960 *
2961 * @param $url
2962 * @param $str for __gettext()
2963 * @param $extrattr Extra attribs for the A tag
2964 * @return string
2965 */
2969 }
2971 /**
2972 * Print an error page displaying an error message.
2973 * Old method, don't call directly in new code - use print_error instead.
2974 *
2975 *
2976 * @uses $SESSION
2977 * @uses $CFG
2978 * @param string $message The message to display to the user about the error.
2979 * @param string $link The url where the user will be prompted to continue. If no url is provided the user will be directed to the site index page.
2980 */
2999 }
3000 }
3005 }
3007 }
3009 /**
3010 * Print an error page displaying an error message. New method - use this for new code.
3011 *
3012 * @uses $SESSION
3013 * @uses $CFG
3014 * @param string $string The name of the string from error.php to print
3015 * @param string $link The url where the user will be prompted to continue. If no url is provided the user will be directed to the site index page.
3016 */
3021 }
3025 /**
3026 * Print a message and exit.
3027 *
3028 * @uses $CFG
3029 * @param string $message ?
3030 * @param string $link ?
3031 * @todo Finish documenting this function
3032 */
3044 }
3045 }
3052 }
3054 /**
3055 * Print a message along with "Yes" and "No" links for the user to continue.
3056 *
3057 * @param string $message The text to display
3058 * @param string $linkyes The link to take the user to if they choose "Yes"
3059 * @param string $linkno The link to take the user to if they choose "No"
3060 */
3077 }
3079 /**
3080 * Redirects the user to another page, after printing a notice
3081 *
3082 * @param string $url The url to take the user to
3083 * @param string $message The text message to display to the user about the redirect, if any
3084 * @param string $delay How long before refreshing to the new page at $url?
3085 * @todo '&' needs to be encoded into '&' for XHTML compliance,
3086 * however, this is not true for javascript. Therefore we
3087 * first decode all entities in $url (since we cannot rely on)
3088 * the correct input) and then encode for where it's needed
3089 * echo "<script type='text/javascript'>alert('Redirect $url');</script>";
3090 */
3096 $url = htmlspecialchars_decode($url, ENT_COMPAT); // for php < 5.1.0 this is defined in elgglib.php
3102 echo '<script type="text/javascript">'. "\n" .'<!--'. "\n". "location.replace('$url');". "\n". '//-->'. "\n". '</script>'; // To cope with Mozilla bug
3107 }
3108 print_header('', '', '', '', '<meta http-equiv="refresh" content="'. $delay .'; url='. $encodedurl .'" />');
3111 //called from setup.php, so gettext module hasn't been loaded yet
3116 }
3120 ?>
3122 <!--
3126 }
3128 -->
3130 <?php
3132 }
3134 }
3136 /**
3137 * Print a bold message in an optional color.
3138 *
3139 * @param string $message The message to print out
3140 * @param string $style Optional style to display message text in
3141 * @param string $align Alignment option
3142 */
3147 }
3152 }
3155 /**
3156 * This function is used to rebuild the <nolink> tag because some formats (PLAIN and WIKI)
3157 * will transform it to html entities
3158 *
3159 * @param string $text Text to search for nolink tag in
3160 * @return string
3161 */
3167 }
3170 /**
3171 * Adjust the list of allowed tags based on $CFG->allowobjectembed and user roles (admin)
3172 */
3179 }
3180 }
3183 /**
3184 * This function makes the return value of ini_get consistent if you are
3185 * setting server directives through the .htaccess file in apache.
3186 * Current behavior for value set from php.ini On = 1, Off = [blank]
3187 * Current behavior for value set from .htaccess On = On, Off = Off
3188 * Contributed by jdell @ unr.edu
3189 *
3190 * @param string $ini_get_arg ?
3191 * @return boolean
3192 * @todo Finish documenting this function
3193 */
3199 }
3201 }
3203 /**
3204 * Generate and return a random string of the specified length.
3205 *
3206 * @param int $length The length of the string to be created.
3207 * @return string
3208 */
3218 }
3220 }
3222 // Fills user information
3231 // backwards compatibility (TODO this will have to go eventually)
3235 }
3238 // Authentication Function
3239 // Returns true or false
3246 }
3249 }
3253 // Module authentication function
3256 // Does the function exist
3260 }
3264 }
3274 }
3276 // Set Persistent Cookie
3280 }
3285 }
3287 // Attempts to get login from a cookie
3294 /*** TODO: Create Proper Abstraction Interface - don't use file binding -- ugh ***/
3302 }
3303 }
3304 }
3305 }
3307 /**
3308 * elgg doesn't have a 'login' page yet, but it will so this can stay here for now
3309 */
3313 // Check to see if there's a persistent cookie
3316 // First check that the user is logged in to the site.
3321 }
3325 }
3327 // Make sure current IP matches the one for this session (if required)
3330 error(__gettext('Sorry, but your IP number seems to have changed from when you first logged in. This security feature prevents crackers stealing your identity while logged in to this site. Normal users should not be seeing this message - please ask the site administrator for help.'));
3331 }
3332 }
3334 // Make sure the USER has a sesskey set up. Used for checking script parameters.
3338 }
3346 // Double MD5
3349 }
3353 // Update MD5 of authticket
3360 $messages[] = __gettext("The system will remember you and automatically log you in next time.");
3363 }
3365 // Returns whether the user is logged in or not;
3366 // if not logged in, checks for persistent cookie
3371 }
3373 }
3377 }
3382 }
3387 }
3399 /// Remove tags that are not allowed
3402 /// Add some breaks into long strings of
3405 /// Clean up embedded scripts and , using kses
3408 /// Remove script events
3413 }
3414 }
3416 /**
3417 * Set a key in global configuration
3418 *
3419 * Set a key/value pair in both this session's {@link $CFG} global variable
3420 * and in the 'config' database table for future sessions.
3421 *
3422 * Can also be used to update keys for plugin-scoped configs in config_plugin table.
3423 * In that case it doesn't affect $CFG.
3424 *
3425 * @param string $name the key to set
3426 * @param string $value the value to set
3427 * @uses $CFG
3428 * @return bool
3429 */
3431 /// No need for get_config because they are usually always available in $CFG
3443 }
3444 }
3446 /**
3447 * Get configuration values from the global config table
3448 * or the config_plugins table.
3449 *
3450 * If called with no parameters it will do the right thing
3451 * generating $CFG safely from the database without overwriting
3452 * existing values.
3453 *
3454 * @param string $name
3455 * @uses $CFG
3456 * @return hash-like object or single value
3457 *
3458 */
3465 }
3467 // this was originally in setup.php
3475 // complain if the DB has a different
3476 // value than config.php does
3477 error_log("\$CFG->{$config->name} in config.php ({$localcfg[$config->name]}) overrides database setting ({$config->value})");
3478 }
3479 }
3480 }
3485 // preserve $CFG if DB returns nothing or error
3487 }
3489 }
3502 }
3508 }
3510 /// Fills up all legacy user session data
3511 /// This function provides backward compatibility
3522 }
3524 }
3526 /**
3527 * Replace function htmlspecialchars_decode()
3528 *
3529 * @category PHP
3530 * @package PHP_Compat
3531 * @link http://php.net/function.htmlspecialchars_decode
3532 * @author Aidan Lister <aidan@php.net>
3533 * @version $Revision: 1.3 $
3534 * @since PHP 5.1.0
3535 * @require PHP 4.0.0 (user_error)
3536 */
3539 {
3540 // Sanity check
3545 }
3551 }
3553 // Init
3557 // The function does not behave as documented
3558 // This matches the actual behaviour of the function
3565 }
3568 }
3569 }
3572 /**
3573 * Returns the maximum size for uploading files.
3574 *
3575 * There are five possible upload limits:
3576 * 1. in Apache using LimitRequestBody (no way of checking or changing this)
3577 * 2. in php.ini for 'upload_max_filesize' (can not be changed inside PHP)
3578 * 3. in .htaccess for 'upload_max_filesize' (can not be changed inside PHP)
3579 * 4. in php.ini for 'post_max_size' (can not be changed inside PHP)
3580 * 5. by the limitations on the current situation (eg file quota)
3581 *
3582 * The last one is passed to this function as an argument (in bytes).
3583 * Anything defined as 0 is ignored.
3584 * The smallest of all the non-zero numbers is returned.
3585 *
3586 * @param int $maxbytes Current maxbytes (in bytes)
3587 * @return int The maximum size for uploading files.
3588 * @todo Finish documenting this function
3589 */
3598 }
3599 }
3606 }
3607 }
3611 }
3614 }
3617 // if content_only=true then delete all but
3618 // the directory itself
3627 }
3628 }
3629 }
3633 }
3635 }
3637 //Function to check if a directory exists
3638 //and, optionally, create it
3650 }
3651 }
3653 }
3655 // ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
3656 // ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
3657 //This functions are used to copy any file or directory ($from_file)
3658 //to a new file or directory ($to_file). It works recursively and
3659 //mantains file perms.
3660 //I've copied it from: http://www.php.net/manual/en/function.copy.php
3661 //Little modifications done
3672 }
3674 }
3677 }
3680 }
3681 }
3690 }
3695 }
3697 }
3700 }
3704 //Zip an array of files/dirs to a destination zip file
3705 //Both parameters must be FULL paths to the files/dirs
3709 //Extract everything from destination
3715 //If no file, error
3718 }
3720 //If no extension, add it
3724 }
3726 //Check destination path exists
3729 }
3731 //Check destination path is writable. TODO!!
3733 //Clean destination filename
3736 //Now check and prepare every file
3741 //Check for every file
3743 //Calculate the base path for all files if it isn't set
3746 }
3747 //See if the file is readable
3750 }
3751 //See if the file/dir is in the same directory than the rest
3754 }
3755 //Add the file to the array
3757 }
3759 //Everything is ready:
3760 // -$origpath is the path where ALL the files to be compressed reside (dir).
3761 // -$destpath is the destination path where the zip file will go (dir).
3762 // -$files is an array of files/dirs to compress (fullpath)
3763 // -$destfilename is the name of the zip file (without path)
3765 //print_object($files); //Debug
3774 }
3782 }
3783 //Construct the command
3788 //All converted to backslashes in WIN
3791 }
3793 }
3795 }
3798 //Unzip one zip file to a destination dir
3799 //Both parameters must be FULL paths
3800 //If destination isn't specified, it will be the
3801 //SAME directory where the zip file resides.
3805 //Extract everything from zipfile
3811 //If no file, error
3814 }
3816 //If no extension, error
3819 }
3821 //Clear $zipfile
3824 //Check zipfile exists
3827 }
3829 //If no destination, passed let's go with the same directory
3832 }
3834 //Clear $destination
3837 //Check destination path exists
3840 }
3842 //Check destination path is writable. TODO!!
3844 //Everything is ready:
3845 // -$zippath is the path where the zip file resides (dir)
3846 // -$zipfilename is the name of the zip file (without path)
3847 // -$destpath is the destination path where the zip file will uncompressed (dir)
3857 }
3868 //All converted to backslashes in WIN
3871 }
3873 }
3875 //Display some info about the unzip execution
3878 }
3881 }
3884 //This function is used as callback in unzip_file() function
3885 //to clean illegal characters for given platform and to prevent directory traversal.
3886 //Produces the same result as info-zip unzip.
3887 $p_header['filename'] = ereg_replace('[[:cntrl:]]', '', $p_header['filename']); //strip control chars first!
3888 $p_header['filename'] = ereg_replace('\.\.+', '', $p_header['filename']); //directory traversal protection
3890 $p_header['filename'] = ereg_replace('[:*"?<>|]', '_', $p_header['filename']); //replace illegal chars
3891 $p_header['filename'] = ereg_replace('^([a-zA-Z])_', '\1:', $p_header['filename']); //repair drive letter
3893 //Add filtering for other systems here
3894 // BSD: none (tested)
3895 // Linux: ??
3896 // MacosX: ??
3897 }
3898 $p_header['filename'] = cleardoubleslashes($p_header['filename']); //normalize the slashes/backslashes
3900 }
3904 //This function shows the results of the unzip execution
3905 //depending of the value of the $CFG->zip, results will be
3906 //text or an array of files.
3928 }
3933 }
3941 }
3944 }
3945 }
3955 }
3962 }
3963 }
3975 }
3977 }
3987 }
3996 }
3998 // cli_die($str) - a perlish die()
3999 //
4000 // this function call will exit with a warning and an exit code
4001 // that clearly indicates that something went wrong.
4002 //
4003 // We shouldn't need this, but due to PHP's web-centric heritage,
4004 // die()/exit() cant print a warnign _and_ set a non-success exit
4005 // code. Silly thing -- disregarding POSIX and friends doesn't get
4006 // you very far ;-D
4011 }
4015 // Take a comma-separated string of keywords and create the relevant tag entries
4016 // in the database. Returns a cleaned comma-separated keyword string.
4038 }
4047 }
4048 }
4049 }
4050 }
4053 }
4056 // return the "this is restricted" text for a given access value
4057 // functionised to reduce code duplication
4067 }
4070 }
4073 }
4075 // Activate URLs - turns any URLs found into links
4078 // Function for URL autodiscovery
4083 // lift all links, images and image maps
4089 "'<[^>]+>'si"
4090 );
4093 {
4096 {
4100 }
4101 }
4105 // indicate where urls end if they have these trailing special chars
4117 // URL into links
4125 }
4128 ?>