/** * Get user page * * @param string $session_page User's session page * @return array Match array filled by preg_match() */ public function get_user_page($session_page) { $session_page = $this->filesystem->clean_path($session_page); if (strpos($session_page, './') === 0) { $session_page = substr($session_page, 2); } preg_match('#^((\\.\\./)*([a-z0-9/_-]+))#i', $session_page, $on_page); if (empty($on_page)) { $on_page[1] = ''; } return $on_page; }
/** * Eliminates useless . and .. components from specified URL * * @param string $url URL to clean * * @return string Cleaned URL */ public function clean_url($url) { $delimiter_position = strpos($url, '://'); // URL should contain :// but it shouldn't start with it. // Do not clean URLs that do not fit these constraints. if (empty($delimiter_position)) { return $url; } $scheme = substr($url, 0, $delimiter_position) . '://'; // Add length of URL delimiter to position $path = substr($url, $delimiter_position + 3); return $scheme . $this->filesystem->clean_path($path); }