/** * Encodes data to the target encoding. * * @param string UTF-8 string to reencode * @return string The reencoded string */ function encode($data) { if ($this->encoding == $this->target_encoding) { return $data; } // Escape HTML if ($this->escape_html) { $data = @htmlspecialchars($data, ENT_COMPAT, $this->encoding); } // NCR encode if ($this->ncr_encode) { $data = ncrencode($data, true); } // Convert to the target charset return to_charset($data, $this->encoding, $this->target_encoding); }
/** * Makes GPC variables safe to use * * @param string Either, g, p, c, r or f (corresponding to get, post, cookie, request and files) * @param array Array of variable names and types we want to extract from the source array * * @return array */ function clean_array_gpc($source, $variables) { $sg =& $GLOBALS[$this->superglobal_lookup["{$source}"]]; foreach ($variables as $varname => $vartype) { // clean a variable only once unless its a different type if (!isset($this->cleaned_vars["{$varname}"]) or $this->cleaned_vars["{$varname}"] != $vartype) { $this->registry->GPC_exists["{$varname}"] = isset($sg["{$varname}"]); $this->registry->GPC["{$varname}"] =& $this->registry->cleaner->clean($sg["{$varname}"], $vartype, isset($sg["{$varname}"])); // All STR type passed from API client should be in UTF-8 encoding and we need to convert it back to vB's current encoding. // We also need to do this this for the ajax requests for the mobile style. // Checking the forcenoajax flag isn't ideal, but it works and limits the scope of the fix (and the risk). if (defined('VB_API') and VB_API === true or !empty($GLOBALS[$this->superglobal_lookup['r']]['forcenoajax'])) { switch ($vartype) { case vB_Cleaner::TYPE_STR: case vB_Cleaner::TYPE_NOTRIM: case vB_Cleaner::TYPE_NOHTML: case vB_Cleaner::TYPE_NOHTMLCOND: if (!($charset = vB_Template_Runtime::fetchStyleVar('charset'))) { $charset = $this->registry->userinfo['lang_charset']; } $lower_charset = strtolower($charset); if ($lower_charset != 'utf-8') { if ($lower_charset == 'iso-8859-1') { $this->registry->GPC["{$varname}"] = to_charset(ncrencode($this->registry->GPC["{$varname}"], true, true), 'utf-8'); } else { $this->registry->GPC["{$varname}"] = to_charset($this->registry->GPC["{$varname}"], 'utf-8'); } } } } $this->cleaned_vars["{$varname}"] = $vartype; } } }
/** * Makes GPC variables safe to use * * @param string Either, g, p, c, r or f (corresponding to get, post, cookie, request and files) * @param array Array of variable names and types we want to extract from the source array * * @return array */ function clean_array_gpc($source, $variables) { $sg =& $GLOBALS[$this->superglobal_lookup["{$source}"]]; foreach ($variables as $varname => $vartype) { // clean a variable only once unless its a different type if (!isset($this->cleaned_vars["{$varname}"]) or $this->cleaned_vars["{$varname}"] != $vartype) { $this->registry->GPC_exists["{$varname}"] = isset($sg["{$varname}"]); $this->registry->GPC["{$varname}"] =& $this->clean($sg["{$varname}"], $vartype, isset($sg["{$varname}"])); if (defined('NEED_DECODE') and NEED_DECODE === true) { switch ($vartype) { case TYPE_STR: case TYPE_NOTRIM: case TYPE_NOHTML: case TYPE_NOHTMLCOND: if (!($charset = vB_Template_Runtime::fetchStyleVar('charset'))) { $charset = $this->registry->userinfo['lang_charset']; } $lower_charset = strtolower($charset); if ($lower_charset != 'utf-8') { if ($lower_charset == 'iso-8859-1') { $this->registry->GPC["{$varname}"] = to_charset(ncrencode($this->registry->GPC["{$varname}"], true, true), 'utf-8'); } else { $this->registry->GPC["{$varname}"] = to_charset($this->registry->GPC["{$varname}"], 'utf-8'); } } if (function_exists('html_entity_decode') and defined('VB_API') and VB_API == true) { // this converts certain { entities to their actual character // note: we don't want to convert >, etc as that undoes the effects of STR_NOHTML $this->registry->GPC["{$varname}"] = preg_replace('#&([a-z]+);#i', '&$1;', $this->registry->GPC["{$varname}"]); if ($lower_charset == 'windows-1251') { // there's a bug in PHP5 html_entity_decode that decodes some entities that // it shouldn't. So double encode them to ensure they don't get decoded. $this->registry->GPC["{$varname}"] = preg_replace('/&#(128|129|1[3-9][0-9]|2[0-4][0-9]|25[0-5]);/', '&#$1;', $this->registry->GPC["{$varname}"]); } $this->registry->GPC["{$varname}"] = @html_entity_decode($this->registry->GPC["{$varname}"], ENT_COMPAT, $lower_charset); } } } $this->cleaned_vars["{$varname}"] = $vartype; } } }
/** * Echo a phrase after converting to console charset * * @var string Phrase to do charset conversion on for * */ private function echo_phrase($string) { if (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') { echo to_charset($string, 'ISO-8859-1', 'IBM850'); } else { echo $string; } }
function clean_array_gpc($source, $variables) { $sg =& $GLOBALS[$this->superglobal_lookup["{$source}"]]; foreach ($variables as $varname => $vartype) { // clean a variable only once unless its a different type if (!isset($this->cleaned_vars["{$varname}"]) or $this->cleaned_vars["{$varname}"] != $vartype) { $this->registry->GPC_exists["{$varname}"] = isset($sg["{$varname}"]); $this->registry->GPC["{$varname}"] =& $this->clean($sg["{$varname}"], $vartype, isset($sg["{$varname}"])); if (defined('NEED_DECODE') and NEED_DECODE === true) { switch ($vartype) { case TYPE_STR: case TYPE_NOTRIM: case TYPE_NOHTML: case TYPE_NOHTMLCOND: if (!($charset = vB_Template_Runtime::fetchStyleVar('charset'))) { $charset = $this->registry->userinfo['lang_charset']; } $lower_charset = strtolower($charset); if ($lower_charset != 'utf-8') { if ($lower_charset == 'iso-8859-1') { $this->registry->GPC["{$varname}"] = to_charset(ncrencode($this->registry->GPC["{$varname}"], true, true), 'utf-8'); } else { $this->registry->GPC["{$varname}"] = to_charset($this->registry->GPC["{$varname}"], 'utf-8'); } } } } $this->cleaned_vars["{$varname}"] = $vartype; } } }
/** * Grabs logged in user info from faceboook if user is logged in * * @param bool, forces a roundtrip to the facebook server, ie. dont use cached info * * @return array, fb userinfo array if logged in, false otherwise */ public function getFbUserInfo($force_reload = false) { // check for cached versions of this, and return it if so if (!empty($this->fb_userinfo) and !$force_reload) { return $this->fb_userinfo; } // make sure we have a fb user and fb session, otherwise we cant return any data if (!$this->isValidUser() or !$this->facebook->getAccessToken()) { return false; } // attempt to grab userinfo from fb graph api, using FQL try { $response = $this->facebook->api(array('access_token' => $this->facebook->getAccessToken(), 'method' => 'fql.query', 'query' => 'SELECT ' . implode(',', array_keys($this->fql_fields)) . ' FROM user WHERE uid=' . $this->fb_userid)); if (is_array($response) and !empty($response)) { $this->fb_userinfo = $response[0]; foreach ($this->fb_userinfo as $key => $value) { if ($this->fql_fields[$key]) { $this->fb_userinfo[$key] = to_charset($value, 'UTF-8'); } } } } catch (Exception $e) { exec_header_redirect($this->facebook->getLoginUrl()); } // now return the user info if we got any return $this->fb_userinfo; }