function uri_port($http_host)
{
if (str_contains(':', $http_host)) {
list(, $port) = explode(':', $http_host, 2);
if (!preg_match('/^[0-9]+$/', $port)) {
die(trigger_error("Invalid or malicious port detected in HTTP_HOST: " . str_sanitize($http_host), E_USER_ERROR));
}
} else {
$port = '';
}
return $port;
}
function server_var($key, $sanitize = true)
{
$val = NULL;
if (isset($_SERVER[$key])) {
$val = $_SERVER[$key];
} elseif (isset($_ENV[$key])) {
$val = $_ENV[$key];
} elseif ($env_val = getenv($key)) {
$val = $env_val;
}
if (is_null($val)) {
return $val;
}
return $sanitize ? str_sanitize($val) : $val;
}
function request_path_($path)
{
return str_sanitize(rawurldecode('/' . ltrim($path, '/')));
}
function _default_request_path($get)
{
$path = isset($get[PATH_IN_QUERY_HACK]) ? $get[PATH_IN_QUERY_HACK] : '/';
return str_sanitize($path);
//TODO: if $_GET is sanitized we cud remove this!
}
