function add_js($script, $type = 'import', $defer = FALSE) { $success = TRUE; $js = NULL; $this->CI->load->helper('url'); switch ($type) { case 'import': // $filepath = base_url() . $script; // echo 'a='.is_uri($script);exit; $filepath = is_uri($script) == true ? $script : base_url() . $script; $js = '<script type="text/javascript" src="' . $filepath . '"'; if ($defer) { $js .= ' defer="defer"'; } $js .= "></script>"; break; case 'embed': $js = '<script type="text/javascript"'; if ($defer) { $js .= ' defer="defer"'; } $js .= ">"; $js .= $script; $js .= '</script>'; break; default: $success = FALSE; break; } // Add to js array if it doesn't already exist // if ($js != NULL && !in_array($js, $this->js)){ // $this->js[] = $js; // $this->write('_scripts', $js); // } $this->write('_scripts', $script); return $success; }
/** * Do a sanity check on a whether a given path can be a valid URI path. * * we're looking for a URI path that directly maps to a filesystem path: * so all path components also need to be valid directory (or file) names on * the file system. * * We check whether a given path contains only characters valid in <b>both</b> * a URI path and a filesystem path and does not consist of only dots (not valid * for a filesystem path). */ function validUriPath($path) { if (is_uri($path)) { $result = FALSE; // $path was a URL: not allowed // @@@ we would need to allow this for different wikis sharing // the same server but running on a different domain: in that // case all filesystem paths would work, so a fully-qualified // URL should be possible. Options: // 1. do not check at all (just return input as $result) // (assume admin knows what (s)he's doing) // 2. check for valid URL syntax // 3. attempt to find out if they run on the same server - how?? // 4. translate URL to filesystem path and check for match with // other paths ??? } else { // 1. valid characters in a URI path are: // - a slash (component separator); and // - 0-9a-zA-Z_!~'().;@&=+$,%#- // 2. on Windows, these chars are forbidden in a file/dir name: *?: // @@@ move to regex library! $result = $path; // assume it's correct; then check $pattern_pathfragment = "(/?)([0-9a-zA-Z_!~'.;@&=+,%#-\$()]+)"; // escaped $, ( and ) $pattern_path = '^(/)|(' . $pattern_pathfragment . ')+$'; // either a single '/' or one or more path components // check if the path matches the pattern if (!preg_match(':' . $pattern_path . ':', $path)) { $result = FALSE; } elseif (preg_match('/^\\.*$/', $path)) { $result = FALSE; } else { // attempt to remove .. components from path } } return $result; }