/**
* Encodes data to the target encoding.
*
* @param string UTF-8 string to reencode
* @return string The reencoded string
*/
function encode($data)
{
if ($this->encoding == $this->target_encoding) {
return $data;
}
// Escape HTML
if ($this->escape_html) {
$data = @htmlspecialchars($data, ENT_COMPAT, $this->encoding);
}
// NCR encode
if ($this->ncr_encode) {
$data = ncrencode($data, true);
}
// Convert to the target charset
return to_charset($data, $this->encoding, $this->target_encoding);
}
/**
* Makes GPC variables safe to use
*
* @param string Either, g, p, c, r or f (corresponding to get, post, cookie, request and files)
* @param array Array of variable names and types we want to extract from the source array
*
* @return array
*/
function clean_array_gpc($source, $variables)
{
$sg =& $GLOBALS[$this->superglobal_lookup["{$source}"]];
foreach ($variables as $varname => $vartype) {
// clean a variable only once unless its a different type
if (!isset($this->cleaned_vars["{$varname}"]) or $this->cleaned_vars["{$varname}"] != $vartype) {
$this->registry->GPC_exists["{$varname}"] = isset($sg["{$varname}"]);
$this->registry->GPC["{$varname}"] =& $this->registry->cleaner->clean($sg["{$varname}"], $vartype, isset($sg["{$varname}"]));
// All STR type passed from API client should be in UTF-8 encoding and we need to convert it back to vB's current encoding.
// We also need to do this this for the ajax requests for the mobile style.
// Checking the forcenoajax flag isn't ideal, but it works and limits the scope of the fix (and the risk).
if (defined('VB_API') and VB_API === true or !empty($GLOBALS[$this->superglobal_lookup['r']]['forcenoajax'])) {
switch ($vartype) {
case vB_Cleaner::TYPE_STR:
case vB_Cleaner::TYPE_NOTRIM:
case vB_Cleaner::TYPE_NOHTML:
case vB_Cleaner::TYPE_NOHTMLCOND:
if (!($charset = vB_Template_Runtime::fetchStyleVar('charset'))) {
$charset = $this->registry->userinfo['lang_charset'];
}
$lower_charset = strtolower($charset);
if ($lower_charset != 'utf-8') {
if ($lower_charset == 'iso-8859-1') {
$this->registry->GPC["{$varname}"] = to_charset(ncrencode($this->registry->GPC["{$varname}"], true, true), 'utf-8');
} else {
$this->registry->GPC["{$varname}"] = to_charset($this->registry->GPC["{$varname}"], 'utf-8');
}
}
}
}
$this->cleaned_vars["{$varname}"] = $vartype;
}
}
}
/**
* Makes GPC variables safe to use
*
* @param string Either, g, p, c, r or f (corresponding to get, post, cookie, request and files)
* @param array Array of variable names and types we want to extract from the source array
*
* @return array
*/
function clean_array_gpc($source, $variables)
{
$sg =& $GLOBALS[$this->superglobal_lookup["{$source}"]];
foreach ($variables as $varname => $vartype) {
// clean a variable only once unless its a different type
if (!isset($this->cleaned_vars["{$varname}"]) or $this->cleaned_vars["{$varname}"] != $vartype) {
$this->registry->GPC_exists["{$varname}"] = isset($sg["{$varname}"]);
$this->registry->GPC["{$varname}"] =& $this->clean($sg["{$varname}"], $vartype, isset($sg["{$varname}"]));
if (defined('NEED_DECODE') and NEED_DECODE === true) {
switch ($vartype) {
case TYPE_STR:
case TYPE_NOTRIM:
case TYPE_NOHTML:
case TYPE_NOHTMLCOND:
if (!($charset = vB_Template_Runtime::fetchStyleVar('charset'))) {
$charset = $this->registry->userinfo['lang_charset'];
}
$lower_charset = strtolower($charset);
if ($lower_charset != 'utf-8') {
if ($lower_charset == 'iso-8859-1') {
$this->registry->GPC["{$varname}"] = to_charset(ncrencode($this->registry->GPC["{$varname}"], true, true), 'utf-8');
} else {
$this->registry->GPC["{$varname}"] = to_charset($this->registry->GPC["{$varname}"], 'utf-8');
}
}
if (function_exists('html_entity_decode') and defined('VB_API') and VB_API == true) {
// this converts certain { entities to their actual character
// note: we don't want to convert >, etc as that undoes the effects of STR_NOHTML
$this->registry->GPC["{$varname}"] = preg_replace('#&([a-z]+);#i', '&$1;', $this->registry->GPC["{$varname}"]);
if ($lower_charset == 'windows-1251') {
// there's a bug in PHP5 html_entity_decode that decodes some entities that
// it shouldn't. So double encode them to ensure they don't get decoded.
$this->registry->GPC["{$varname}"] = preg_replace('/&#(128|129|1[3-9][0-9]|2[0-4][0-9]|25[0-5]);/', '&#$1;', $this->registry->GPC["{$varname}"]);
}
$this->registry->GPC["{$varname}"] = @html_entity_decode($this->registry->GPC["{$varname}"], ENT_COMPAT, $lower_charset);
}
}
}
$this->cleaned_vars["{$varname}"] = $vartype;
}
}
}
/**
* Cleans output to be parsed into the uri.
* Setting $canonical is useful for creating redirect url's that cannot be
* encoded for redirects.
*
* @param string $fragment
* @param bool $canonical - Whether to encode for output
* @return string
*/
public static function clean_fragment($fragment, $canonical = false)
{
global $vbulletin;
if (class_exists('vBulletinHook', false)) {
($hook = vBulletinHook::fetch_hook('friendlyurl_clean_fragment')) ? eval($hook) : false;
}
// Convert to UTF-8
if (self::UNI_CONVERT == $vbulletin->options['friendlyurl_unicode']) {
// convert to UTF-8
$fragment = to_utf8($fragment, $vbulletin->userinfo['lang_charset']);
// convert NCRs
$fragment = unhtmlspecialchars($fragment, true);
} else {
if (self::UNI_STRIP == $vbulletin->options['friendlyurl_unicode']) {
// strip NCRs
$fragment = stripncrs($fragment);
}
}
// Remove url entities
$fragment = self::clean_entities($fragment);
// Prepare the URL for output
if (!$canonical and self::UNI_CONVERT == $vbulletin->options['friendlyurl_unicode'] and 'UTF-8' != $vbulletin->userinfo['lang_charset']) {
if (is_browser('ie')) {
if ($vbulletin->options['friendlyurl_ncrencode']) {
$fragment = ncrencode($fragment, true);
}
} else {
$fragment = urlencode($fragment);
}
} else {
if ($canonical and self::UNI_IGNORE == $vbulletin->options['friendlyurl_unicode']) {
// ensure NCRs are converted
$fragment = unhtmlspecialchars($fragment, true);
}
}
return $fragment;
}
function clean_array_gpc($source, $variables)
{
$sg =& $GLOBALS[$this->superglobal_lookup["{$source}"]];
foreach ($variables as $varname => $vartype) {
// clean a variable only once unless its a different type
if (!isset($this->cleaned_vars["{$varname}"]) or $this->cleaned_vars["{$varname}"] != $vartype) {
$this->registry->GPC_exists["{$varname}"] = isset($sg["{$varname}"]);
$this->registry->GPC["{$varname}"] =& $this->clean($sg["{$varname}"], $vartype, isset($sg["{$varname}"]));
if (defined('NEED_DECODE') and NEED_DECODE === true) {
switch ($vartype) {
case TYPE_STR:
case TYPE_NOTRIM:
case TYPE_NOHTML:
case TYPE_NOHTMLCOND:
if (!($charset = vB_Template_Runtime::fetchStyleVar('charset'))) {
$charset = $this->registry->userinfo['lang_charset'];
}
$lower_charset = strtolower($charset);
if ($lower_charset != 'utf-8') {
if ($lower_charset == 'iso-8859-1') {
$this->registry->GPC["{$varname}"] = to_charset(ncrencode($this->registry->GPC["{$varname}"], true, true), 'utf-8');
} else {
$this->registry->GPC["{$varname}"] = to_charset($this->registry->GPC["{$varname}"], 'utf-8');
}
}
}
}
$this->cleaned_vars["{$varname}"] = $vartype;
}
}
}
/**
* Public
* NCR encodes a unicode filename
*
* @return string
*/
function ncrencode_filename($filename)
{
$extension = file_extension($filename);
$base = substr($filename, 0, (strpos($filename, $extension) - 1));
$base = ncrencode($base, true);
return $base . '.' . $extension;
}
