/**
* This escapes data and forces all newline characters to "\n".
*
* @param unknown_type string to clean
* @return string
*/
function clean_input_data($str)
{
$ezphp_config = setting::getInstance();
$xss_filter = $ezphp_config->get['security']['xss_filter'];
if (is_array($str)) {
$new_array = array();
foreach ($str as $key => $val) {
// recursion!
$new_array[$this->clean_input_keys($key)] = $this->clean_input_data($val);
}
return $new_array;
}
if (get_magic_quotes_gpc()) {
// remove annoying magic quotes
$str = stripslashes($str);
}
/*
if ($xss_filter == '1')
{
$str = $this->clean_xss($str);
}
*/
if (strpos($str, "\r") !== false) {
// standardize newlines
$str = str_replace(array("\r\n", "\r"), "\n", $str);
}
return $str;
}
private function parseURL()
{
$ezphp_config = setting::getInstance();
$path = "";
$route_path = empty($_GET['route']) ? '' : $_GET['route'];
$route_path = trim($route_path, '/\\');
$route_path_len = strlen($route_path);
if ($route_path_len > 1 && substr($route_path, -1) == '/') {
$route_path = substr($route_path, 0, -1);
} elseif ($route_path_len == 0) {
$route_path = '/';
}
//print $route_path;exit;
// for routed urls start
$routes = $ezphp_config->get['routes'];
if (count($routes) > 0) {
if (!in_array('/', array_keys($routes))) {
$controller = $ezphp_config->get['application']['default_controller'] ? $ezphp_config->get['application']['default_controller'] : 'home';
$routes['/'] = $controller . '/index';
}
foreach ($routes as $route => $uri) {
if (strpos($route, ':') !== false) {
$wildcard = array(':any', ':alphanum', ':num', ':alpha');
$regex = array('(.+)', '([a-z0-9]+)', '([0-9]+)', '([a-z]+)');
$route = str_replace($wildcard, $regex, $route);
}
if (preg_match('#^' . $route . '$#u', $route_path)) {
if (strpos($uri, '$') !== false && strpos($route, '(') !== false) {
// for regex routing
$route_path = preg_replace('#^' . $route . '$#', $uri, $route_path);
} else {
// for normal routing
$route_path = $uri;
}
// we found a valid route
$lib_uri = ezphp::ez_get('uri');
$lib_uri->ruri = $route_path;
$lib_uri->rparts = explode('/', $route_path);
break;
}
}
}
// for routed urls end
// filter bad/malacious urls
// (not sure whether we really need this...)
// $route_path = $this->filter_url($route_path);
$parts = explode('/', str_replace('../', '', $route_path));
$path = __SITE_PATH . '/content/controllers/';
// Find right controller including sub-dirs
foreach ($parts as $part) {
$fullpath = $path . $part;
// do we have dir?
if (is_dir($fullpath)) {
$path .= $part . '/';
array_shift($parts);
continue;
}
// find the file
if (is_file($fullpath . '.php')) {
$this->__controller = $part;
array_shift($parts);
break;
}
}
if (empty($this->__controller)) {
if (@$parts[0]) {
$this->__controller = $parts[0];
}
}
if (empty($this->__controller)) {
# default controller
$def_controller = $ezphp_config->get['application']['default_controller'];
$this->__controller = $def_controller ? $def_controller : 'home';
}
$method = '';
if (!empty($parts)) {
$method = array_shift($parts);
}
$this->__action = !empty($method) ? $method : 'index';
$this->__args = $parts;
# do we have the same suffix in url and config file?
if (count($this->__args)) {
if ($this->match_suffix(end($this->__args)) === false) {
# show the 404 error page
$this->error404();
return;
}
}
if ($this->match_suffix($this->__action) === false || $this->match_suffix($this->__controller) === false) {
# show the 404 error page
$this->error404();
return;
}
#########################
# strip url suffix if any
if (count($this->__args)) {
foreach ($this->__args as $key => $value) {
$this->__args[$key] = $this->clean_suffix($value);
}
}
$this->__action = $this->clean_suffix($this->__action);
$this->__controller = $this->clean_suffix($this->__controller);
#################
# is this private action/function?
$private = substr($this->__action, 0, 8);
if (strtolower($private) === "private_") {
# show the 404 error page
$this->error404();
} else {
$this->__file = $path . $this->__controller . '.php';
$this->__file = str_replace('../', '', $this->__file);
}
}
}
# directory separator
define('DS', DIRECTORY_SEPARATOR);
# sets folder name application resides in.
$_SERVER['PHP_SELF'] = filter_var($_SERVER['PHP_SELF'], FILTER_SANITIZE_STRING);
define('__DIRNAME', dirname($_SERVER['PHP_SELF']));
# sets site path for inclusion of files
define('__SITE_PATH', $_SERVER['DOCUMENT_ROOT'] . __DIRNAME);
# sets absolute site path
define('__SITE_PATH_ABS', realpath(__SITE_PATH));
// save paths for global access
ezphp::ez_set('ez_dir', __DIRNAME);
ezphp::ez_set('ez_site_path', __SITE_PATH);
ezphp::ez_set('ez_site_path_abs', __SITE_PATH_ABS);
# get the site settings
$ezphp_config = setting::getInstance();
// set time zone
if (function_exists('date_default_timezone_set')) {
# default time zone
$timezone = $ezphp_config->get['application']['timezone'];
if (!$timezone) {
$timezone = 'Europe/London';
}
date_default_timezone_set(empty($timezone) ? date_default_timezone_get() : $timezone);
}
$possible_values = array('0', '1');
# security settings ##################################
$error_reporting = $ezphp_config->get['security']['error_reporting'];
error_reporting(strlen(trim($error_reporting)) ? $error_reporting : E_ALL);
$display_errors = $ezphp_config->get['security']['display_errors'];
$xss_filter = $ezphp_config->get['security']['xss_filter'];
