/** -----------------------------------------
/** Spell Check for Textareas
/** -----------------------------------------*/
function spellcheck()
{
if (!class_exists('Spellcheck')) {
require PATH_CORE . 'core.spellcheck' . EXT;
}
return Spellcheck::check();
}
/** --------------------------------
/** SpellCheck - JS
/** --------------------------------*/
function spellcheck_js()
{
if (!class_exists('Spellcheck')) {
require PATH_CORE . 'core.spellcheck' . EXT;
}
$SPELL = new Spellcheck();
$this->spellcheck_enabled = $SPELL->enabled;
return $SPELL->JavaScript($this->_create_path('spellcheck'), TRUE);
}
/**
* Checks the security of a password.
*
* The following aspects will be concidered. The password...
* <ul>
* <li>... is not a word in a dictionary (uses Spellcheck class if possible).
* <li>... reaches the minimum length (4 chars).
* <li>... consists of uppercase and lowercase chars, digits and special chars.
* <li>... does not contain identical char sequences. (min. 3 chars)
* <li>... does not contain general keyboard sequences. (min. 3 chars)
* <li>... does not contain increasing or decreasing numbers in a row. (min. 3 chars)
* <li>... does not contain char sequences that match sequences in the alphabet. (min. 3 chars)
* </ul>
*
* @param string Password to check
* @param array Array contains the values why the password is not secure (see class constants)
* @param int Optimal length of a password
* @param string Sprachkürtzel eines Wörterbuchs zum Prüfen
* @return int 0 = Very low security, 100 = Very high Security
* @see Spellcheck::check()
* @todo Consider special chars like umlauts (see below)
*/
public static function check($password, &$failureArray = array(), $language = null, $optimalPasswordLength = 10) {
//Rating initialisieren
$rating = 100;
$passwordLength = strlen($password);
$smallPassword = strtolower($password); //Zum Vergleich mit Reihen
// Check that pw is not shorter than 4 chars.
if ($passwordLength < 4) {
// Pw is too short, completely unsecure, return 0 now
return 0;
}
// Check that pw is not a word in a dictionary.
try {
$spellcheck = new Spellcheck($language);
if ($spellcheck->check($password) == false) {
$failureArray[] = self::LEXICON_WORD;
$rating -= 50;
}
}
catch (CoreException $e) {
// No other solution at the moment
}
// Remove 5 points for each char missing to the optimal pw length
$diff = $optimalPasswordLength - $passwordLength;
if ($diff > 0) {
$failureArray[] = self::TOO_SMALL;
$rating -= $diff * 5;
}
// Password consists of uppercase and lowercase chars, digits and special chars.
// Todo: This does not tests for special chars like umlauts
$smallChar = false;
$bigChar = false;
$numericChar = false;
$specialChar = false;
for($i = 0; $i < $passwordLength; $i++) {
$ascii = ord($password[$i]);
if ($ascii >= 48 && $ascii <= 57) {
$numericChar = true;
}
elseif ($ascii >= 65 && $ascii <= 90) {
$bigChar = true;
}
elseif ($ascii >= 97 && $ascii <= 122) {
$smallChar = true;
}
elseif ($ascii >= 32 && $ascii <= 126) {
$specialChar = true;
}
}
// Remove points and add reason to failrue array
if($smallChar == false) {
$failureArray[] = self::NO_LOWERCASE_CHAR;
$rating -= 15;
}
if($bigChar == false) {
$failureArray[] = self::NO_UPPERCASE_CHAR;
$rating -= 15;
}
if($numericChar == false) {
$failureArray[] = self::NO_NUMBERIC_CHAR;
$rating -= 20;
}
if($specialChar == false) {
$failureArray[] = self::NO_SPECIAL_CHAR;
$rating -= 10;
}
// Check for identical char sequences (min 3 chars)
for ($i = 0; $i <= $passwordLength-3; $i++) {
$excerpt = substr($smallPassword, $i, 3);
if ($excerpt[0] == $excerpt[1] && $excerpt[1] == $excerpt[2]) {
$failureArray[] = self::SAME_CHAR_SEQUENCE;
$rating -= 20;
break;
}
}
// Check for increasing or decreasing numbers in a row. (min. 3 chars)
foreach(self::$keyboardSequences as &$sequence) {
if (strpos($smallPassword, $sequence) !== false) {
$failureArray[] = self::KEYBOARD_SEQUENCE;
$rating -= 15;
break;
}
}
//ABC oder Zahlenreihen (ab 3 Buchstaben) => 20 Punkte abziehen
for ($i = 0; $i <= $passwordLength-3; $i++) {
$excerpt = substr($smallPassword, $i, 3);
if(strpos(self::$alphabet, $excerpt) !== false) {
$failureArray[] = self::ALPHABETICAL_SEQUENCE;
$rating -= 15;
break;
}
}
return ($rating > 0) ? $rating: 0;
}
$check = false;
break;
case Keyword:
// nothing needed
break;
default:
// assume keyword. do nothing
break;
}
/////////////////////////////////////////////////////
// Spellchecking
/////////////////////////////////////////////////////
// we can skip corrections if we're into the results or
// this is a corrected query
if ($spellcheck) {
$checker = new Spellcheck();
$corTerm = $HTTP_GET_VARS['term'];
$hiTerm = 'hello';
$corTerm = $checker->auto_correct($corTerm, $hiTerm);
$URL = "search.php?" . http_build_query(array('type' => $HTTP_GET_VARS['type'], 'term' => $corTerm, 'start' => $start, 'step' => $step, 'c' => '1'));
if ($corTerm !== $HTTP_GET_VARS['term']) {
$smarty->assign_by_ref('correctedTerm', $hiTerm);
$smarty->assign('correctedURL', $URL);
}
}
/////////////////////////////////////////////////////
// Search
/////////////////////////////////////////////////////
$cache = new Query_Cache();
$books = $cache->getSearchResults($term, $start, $step, $hits, $pid);
$smarty->assign_by_ref('hits', $hits);
/** -----------------------------------------
/** Spell Check for Textareas
/** -----------------------------------------*/
function check($lang = 'en')
{
global $IN, $REGX, $PREFS, $OUT;
/* -------------------------------------------
/* Hidden Configuration Variable
/*
/* - spellcheck_language_code => What is the two letter ISO 639 language
/* code for the spellcheck (ex: en, es, de)
/* -------------------------------------------*/
if ($PREFS->ini('spellcheck_language_code') !== FALSE && strlen($PREFS->ini('spellcheck_language_code')) == 2) {
$lang = $PREFS->ini('spellcheck_language_code');
}
// ----------------------------------
// These 100 words make up 1/2 of all written material
// and by not checking them we should be able to greatly
// speed up the spellchecker
// ----------------------------------
$common = array('the', 'of', 'and', 'a', 'to', 'in', 'is', 'you', 'that', 'it', 'he', 'was', 'for', 'on', 'are', 'as', 'with', 'his', 'they', 'I', 'at', 'be', 'this', 'have', 'from', 'or', 'one', 'had', 'by', 'word', 'but', 'not', 'what', 'all', 'were', 'we', 'when', 'your', 'can', 'said', 'there', 'use', 'an', 'each', 'which', 'she', 'do', 'how', 'their', 'if', 'will', 'up', 'other', 'about', 'out', 'many', 'then', 'them', 'these', 'so', 'some', 'her', 'would', 'make', 'like', 'him', 'into', 'time', 'has', 'look', 'two', 'more', 'write', 'go', 'see', 'number', 'no', 'way', 'could', 'people', 'my', 'than', 'first', 'water', 'been', 'call', 'who', 'oil', 'its', 'now', 'find', 'long', 'down', 'day', 'did', 'get', 'come', 'made', 'may', 'part');
// The contents of the field are encoded by javascript before
// they are sent to us so we have to decode them before processing.
// We are also removing any HTML code and HTML code entities so that we
// do not process them as misspelled words.
$content = preg_replace("|<.*?" . ">|", '', rawurldecode($REGX->xss_clean($IN->GBL('q'))));
$content = str_replace(array('&', '<', '>'), '', $content);
$str = '<?xml version="1.0" encoding="UTF-8"?' . ">\n<items>\n";
$items = array();
$prechecked = array();
if (!function_exists('pspell_new')) {
$content = str_replace('&', ' ', stripslashes($content));
// Google has silently changed the service internally, setting ignoredups="1" now causes results to
// always return as spelled correctly. -- changed 8/20/08 d.j.
$payload = '<spellrequest textalreadyclipped="0" ignoredups="0" ignoredigits="1" ignoreallcaps="0"><text>' . $content . '</text></spellrequest>';
$url = 'https://www.google.com/tbproxy/spell?lang=' . $lang . '&hl=' . $lang;
if (function_exists('curl_init')) {
$data = Spellcheck::curl_process($url, $payload);
} else {
$data = Spellcheck::fsockopen_process($url, $payload);
}
if ($data == '') {
$OUT->http_status_header(404);
@header("Date: " . gmdate("D, d M Y H:i:s") . " GMT");
exit('Unable to connect to spellcheck');
}
// suckz => <c o="10" l="5" s="0">sucks sicks suck sacks socks</c>
if ($data != '' && preg_match_all("|<c\\s+(.*?)>(.*?)</c>|is", $data, $matches)) {
for ($i = 0, $s = sizeof($matches['0']); $i < $s; ++$i) {
$x = explode('"', $matches['1'][$i]);
$word = substr($content, $x['1'], $x['3']);
if (!in_array($word, $prechecked)) {
$sug = preg_split("|\\s+|s", $matches['2'][$i]);
natcasesort($sug);
$items[] = $word . ':' . implode(',', $sug) . '';
$prechecked[] = $word;
}
}
}
} else {
// Split it up by non-words
preg_match_all("|[\\w\\']{2,20}|", stripslashes($content), $parts);
$pspell = pspell_new($lang);
for ($i = 0, $s = sizeof($parts['0']); $i < $s; $i++) {
if (!is_numeric($parts['0'][$i]) && !in_array(strtolower($parts['0'][$i]), $common) && !in_array($parts['0'][$i], $prechecked) && !pspell_check($pspell, $parts['0'][$i])) {
$sug = array();
if ($suggestions = pspell_suggest($pspell, $parts['0'][$i])) {
foreach ($suggestions as $suggest) {
$sug[] = $suggest;
if (sizeof($sug) > 8) {
break;
}
}
}
natcasesort($sug);
$items[] = $parts['0'][$i] . ':' . implode(',', $sug) . '';
$prechecked[] = $parts['0'][$i];
}
}
}
$str .= sizeof($items) == 0 ? '' : "<item>" . implode("</item>\n<item>", $items) . "</item>";
$str .= "\n</items>";
@header("Content-Type: text/xml");
exit($str);
}