function anti_sql_injection($string)
{
$string = preg_replace(mb_sql_regcase("/(\n|\r|%0a|%0d|Content-Type:|bcc:|to:|cc:|Autoreply:|from|select|insert|delete|where|drop table|show tables|#|\\*|--|\\\\)/"), "", $string);
$string = strip_tags($string);
# Remove tags HTML e PHP.
$string = addslashes($string);
# Adiciona barras invertidas é uma string.
return $string;
}
/**
* Finds pathnames matching a pattern.
* Note: This function does not return hidden files (.*) under *NIX with default pattern (*)
*
* @see glob() in PHP manual
* @param string $path
* @param mixed $pattern A simple string or an array of strings representing the patterns.
* @param int $flags
* GLOB_ONLY_DIR: Set it to retrieve directories only.<br />
* GLOB_DIR_IGNORE_PATTERN: Set it to apply given $pattern on files only, and retrieve all directories.<br />
* GLOB_DIR_FIRST: Set it to force placing directories first in the returned list.<br />
* GLOB_RETURN_SIMPLE_PATH: Set it to force returning a simple path (from the root) instead of a URL.<br />
* GLOB_CASEINSENSITIVE: Set it to apply given $pattern in a case insensitive way.<br />
* GLOB_FORCE_SCANDIR: Set it to force direct use of scandir() instead of glob().
* @return array(string)
*/
public static function glob($path, $pattern = self::WILDCARD_CHAR, $flags = self::GLOB_NORMAL)
{
if (!is_string($path)) {
throw new EyeInvalidArgumentException('$path must be a string (given: ' . gettype($pattern) . ').');
}
if (!is_string($pattern) && !is_array($pattern)) {
throw new EyeInvalidArgumentException('$pattern must be a string or an array (given: ' . gettype($pattern) . ').');
}
if (is_array($pattern)) {
if (count($pattern) === 0) {
$pattern = self::WILDCARD_CHAR;
} else {
if (count($pattern) === 1) {
$pattern = $pattern[0];
}
}
}
$globFlags = 0;
if (is_array($pattern)) {
// Clean original $pattern (common to glob & scandir)
foreach ($pattern as &$subPattern) {
$subPattern = str_replace('/', '', $subPattern);
if ($flags & self::GLOB_CASEINSENSITIVE) {
$subPattern = mb_sql_regcase($subPattern);
}
}
// Create a glob-compatible expression with multiple patterns using braces
$globPattern = '{' . implode(',', $pattern) . '}';
$globFlags |= GLOB_BRACE;
} else {
$globPattern =& $pattern;
$pattern = str_replace('/', '', $pattern);
if ($flags & self::GLOB_CASEINSENSITIVE) {
$pattern = mb_sql_regcase($pattern);
}
}
$return = array();
$globFlags |= $flags & self::GLOB_ONLY_DIR ? GLOB_ONLYDIR : 0;
$globPath = self::getPhpLocalHackPath(strtr($path, array('[' => '\\[', ']' => '\\]')), self::PARSE_URL_DONTRESOLVE);
//first of all, let's try with the normal glob() function (works only on localhost, but faster)
if (!($flags & self::GLOB_FORCE_SCANDIR) && ($allFiles = glob($globPath . '/' . $globPattern, $globFlags))) {
//_and_ glob() must succeed (an empty array may indicate that glob() failed)
$onlyDirs = array();
if ($flags & self::GLOB_DIR_IGNORE_PATTERN) {
$onlyDirs = glob($globPath . '/' . self::WILDCARD_CHAR, GLOB_ONLYDIR);
} else {
$onlyDirs = glob($globPath . '/' . $globPattern, GLOB_ONLYDIR);
}
//in some servers glob is returning false, documentation says it shoul
//return an empty array, however, this is not happening.
if (!$onlyDirs) {
$onlyDirs = array();
}
natcasesort($onlyDirs);
$onlyFiles = array_diff($allFiles, $onlyDirs);
$sortedFiles = array_merge($onlyDirs, $onlyFiles);
//dirs are placed first (alphab. sorted), then files (alphab. sorted)
if (!($flags & self::GLOB_DIR_FIRST)) {
natcasesort($sortedFiles);
}
$scheme = '';
if (!($flags & self::GLOB_RETURN_SIMPLE_PATH)) {
//retrieve the original scheme
$urlParts = self::parse_url($path, self::PARSE_URL_NO_AUTOSET_SCHEME);
if (isset($urlParts['scheme'])) {
$scheme = $urlParts['scheme'] . '://';
}
}
foreach ($sortedFiles as $filepath) {
if (utf8_basename($filepath) != '.' && utf8_basename($filepath) != '..') {
$return[] = $scheme . $filepath;
}
}
} else {
$files = @scandir($path);
if ($files === false) {
throw new EyeIOException('Unable to list files in directory "' . $path . '"');
}
$files_tmp = array();
$dirs_tmp = array();
foreach ($files as $filepath) {
if ($filepath != '.' && $filepath != '..') {
// Single pattern (string)
if (is_string($pattern)) {
$fileNameMatches = self::glob_fnmatch($pattern, $filepath);
} else {
$fileNameMatches = false;
foreach ($pattern as &$subPattern) {
if (self::glob_fnmatch($subPattern, $filepath)) {
$fileNameMatches = true;
break;
}
}
}
if (is_dir($path . '/' . $filepath)) {
if ($fileNameMatches || $flags & self::GLOB_DIR_IGNORE_PATTERN) {
$dirs_tmp[] = $path . '/' . $filepath;
}
} else {
if (!($flags & self::GLOB_ONLY_DIR) && $fileNameMatches) {
$files_tmp[] = $path . '/' . $filepath;
}
}
}
}
$return = array_merge($dirs_tmp, $files_tmp);
if (!($flags & self::GLOB_DIR_FIRST)) {
natcasesort($return);
$return = array_values($return);
}
}
return $return;
}
/**
* @param string $pattern Filter pattern (same as *NIX shell)
* @param int $flags GLOB_NORMAL | GLOB_ONLY_DIR | GLOB_DIR_IGNORE_PATTERN
* | GLOB_DIR_FIRST | GLOB_FORCE_SCANDIR | GLOB_CASEINSENSITIVE
* (@see class AdvancedPathLib)
* @return array(IFile) The list of the files contained in the "file" itself if $this
* is a directory, or the files contained in the parent directory if $this is a
* normal file
*/
public function listFiles($pattern = '*', $flags = AdvancedPathLib::GLOB_NORMAL)
{
if (is_array($pattern)) {
Logger::getLogger('system.services.FileSystem.FTPFile')->warn('FTPFile::listFiles() does not handle array as $pattern yet, using "*" instead.');
//FIXME --NOT IMPLEMENTED--
$pattern = '*';
}
if ($this->isDirectory()) {
$dir = $this;
} else {
$dir = $this->getParentFile();
}
if ($flags & AdvancedPathLib::GLOB_CASEINSENSITIVE) {
$pattern = mb_sql_regcase($pattern);
}
$res = $this->getConnection();
try {
//first let's try with -A option (LIST "ALL"), but some servers may fail
$rawList = @ftp_rawlist($res, '-a ' . $dir->getPathFromRoot());
if ($rawList === false) {
//then let's try with the classical LIST command alone
$rawList = @ftp_rawlist($res, $dir->getPathFromRoot());
if ($rawList === false) {
throw new EyeIOException('Unable to list files in directory ' . AdvancedPathLib::getURLForDisplay($this->path) . '.');
}
}
} catch (EyeErrorException $e) {
throw new EyeIOException('Unable to list files in directory ' . AdvancedPathLib::getURLForDisplay($this->path) . '.', 0, $e);
}
$parsedList = self::parseRawList($rawList, false);
$filesObjects = array();
foreach ($parsedList as $fileInfo) {
if ($flags & AdvancedPathLib::GLOB_ONLY_DIR && $fileInfo['type'] != 'd') {
continue;
}
if (AdvancedPathLib::fnmatch($pattern, $fileInfo['name']) !== false || $flags & AdvancedPathLib::GLOB_DIR_IGNORE_PATTERN && $fileInfo['type'] == 'd') {
$linkTarget = false;
if ($fileInfo['type'] == 'l') {
$parsedLinkName = self::parseLinkName($this, $fileInfo['name']);
if (is_array($parsedLinkName)) {
$fileInfo['name'] = $parsedLinkName[0];
$linkTarget = $parsedLinkName[1];
}
}
$fileParams = array('isDirectory' => $fileInfo['type'] == 'd' ? true : false, 'isFile' => $fileInfo['type'] == 'd' || $fileInfo['type'] == 'l' ? false : true, 'isLink' => $fileInfo['type'] == 'l' ? true : false, 'permissions' => $fileInfo['type'] . $fileInfo['perms'], 'size' => $fileInfo['size'], 'linkTarget' => $linkTarget);
$newFileUrlParts = $dir->getURLComponents();
$newFileUrlParts['path'] = AdvancedPathLib::unifyPath($newFileUrlParts['path'] . '/' . $fileInfo['name']);
$thisClass = get_class($this);
$newFile = new $thisClass(AdvancedPathLib::buildURL($newFileUrlParts), $fileParams);
$filesObjects[] = $newFile;
}
}
if ($flags & AdvancedPathLib::GLOB_DIR_FIRST) {
$filesObjectsOrdered = array();
//looking for directories
foreach ($filesObjects as $i => $fileObject) {
if ($fileObject->isDirectory()) {
$filesObjectsOrdered[] = $fileObject;
}
}
//looking for files and links
foreach ($filesObjects as $i => $fileObject) {
if ($fileObject->isFile() || $fileObject->isLink()) {
$filesObjectsOrdered[] = $fileObject;
}
}
$filesObjects = $filesObjectsOrdered;
}
return $filesObjects;
}
