コード例 #1
0
ファイル: fetch.php プロジェクト: netfreak/pyrocms
/**
 * Reads a file
 * <pre>
 *  * file : path or URI of the file to read (however reading from another website is not recommended for performance reasons)
 *  * assign : if set, the file will be saved in this variable instead of being output
 * </pre>
 * This software is provided 'as-is', without any express or implied warranty.
 * In no event will the authors be held liable for any damages arising from the use of this software.
 *
 * @author     Jordi Boggiano <*****@*****.**>
 * @copyright  Copyright (c) 2008, Jordi Boggiano
 * @license    http://dwoo.org/LICENSE   Modified BSD License
 * @link       http://dwoo.org/
 * @version    1.1.0
 * @date       2009-07-18
 * @package    Dwoo
 */
function Dwoo_Plugin_fetch(Dwoo $dwoo, $file, $assign = null)
{
    if ($file === '') {
        return;
    }
    if ($policy = $dwoo->getSecurityPolicy()) {
        while (true) {
            if (preg_match('{^([a-z]+?)://}i', $file)) {
                return $dwoo->triggerError('The security policy prevents you to read files from external sources.', E_USER_WARNING);
            }
            $file = realpath($file);
            $dirs = $policy->getAllowedDirectories();
            foreach ($dirs as $dir => $dummy) {
                if (strpos($file, $dir) === 0) {
                    break 2;
                }
            }
            return $dwoo->triggerError('The security policy prevents you to read <em>' . $file . '</em>', E_USER_WARNING);
        }
    }
    $file = str_replace(array("\t", "\n", "\r"), array('\\t', '\\n', '\\r'), $file);
    $out = file_get_contents($file);
    if ($assign === null) {
        return $out;
    }
    $dwoo->assignInScope($out, $assign);
}
コード例 #2
0
/**
 * Inserts another template into the current one
 * <pre>
 *  * file : the resource name of the template
 *  * cache_time : cache length in seconds
 *  * cache_id : cache identifier for the included template
 *  * compile_id : compilation identifier for the included template
 *  * data : data to feed into the included template, it can be any array and will default to $_root (the current data)
 *  * assign : if set, the output of the included template will be saved in this variable instead of being output
 *  * rest : any additional parameter/value provided will be added to the data array
 * </pre>
 * This software is provided 'as-is', without any express or implied warranty.
 * In no event will the authors be held liable for any damages arising from the use of this software.
 *
 * @author     Jordi Boggiano <*****@*****.**>
 * @copyright  Copyright (c) 2008, Jordi Boggiano
 * @license    http://dwoo.org/LICENSE   Modified BSD License
 * @link       http://dwoo.org/
 * @version    1.1.0
 * @date       2009-07-18
 * @package    Dwoo
 */
function Dwoo_Plugin_include(Dwoo $dwoo, $file, $cache_time = null, $cache_id = null, $compile_id = null, $data = '_root', $assign = null, array $rest = array())
{
    if ($file === '') {
        return;
    }
    if (preg_match('#^([a-z]{2,}):(.*)$#i', $file, $m)) {
        // resource:identifier given, extract them
        $resource = $m[1];
        $identifier = $m[2];
    } else {
        // get the current template's resource
        $resource = $dwoo->getTemplate()->getResourceName();
        $identifier = $file;
    }
    try {
        if (!is_numeric($cache_time)) {
            $cache_time = null;
        }
        $include = $dwoo->templateFactory($resource, $identifier, $cache_time, $cache_id, $compile_id);
    } catch (Dwoo_Security_Exception $e) {
        return $dwoo->triggerError('Include : Security restriction : ' . $e->getMessage(), E_USER_WARNING);
    } catch (Dwoo_Exception $e) {
        return $dwoo->triggerError('Include : ' . $e->getMessage(), E_USER_WARNING);
    }
    if ($include === null) {
        return $dwoo->triggerError('Include : Resource "' . $resource . ':' . $identifier . '" not found.', E_USER_WARNING);
    } elseif ($include === false) {
        return $dwoo->triggerError('Include : Resource "' . $resource . '" does not support includes.', E_USER_WARNING);
    }
    if ($dwoo->isArray($data)) {
        $vars = $data;
    } elseif ($dwoo->isArray($cache_time)) {
        $vars = $cache_time;
    } else {
        $vars = $dwoo->readVar($data);
    }
    if (count($rest)) {
        $vars = $rest + $vars;
    }
    $out = $dwoo->get($include, $vars);
    if ($assign !== null) {
        $dwoo->assignInScope($out, $assign);
    } else {
        return $out;
    }
}
コード例 #3
0
/**
 * Applies various escaping schemes on the given string
 * <pre>
 *  * value : the string to process
 *  * format : escaping format to use, valid formats are : html, htmlall, url, urlpathinfo, quotes, hex, hexentity, javascript and mail
 *  * charset : character set to use for the conversion (applies to some formats only), defaults to the current Dwoo charset
 * </pre>
 * This software is provided 'as-is', without any express or implied warranty.
 * In no event will the authors be held liable for any damages arising from the use of this software.
 *
 * @author     Jordi Boggiano <*****@*****.**>
 * @copyright  Copyright (c) 2008, Jordi Boggiano
 * @license    http://dwoo.org/LICENSE   Modified BSD License
 * @link       http://dwoo.org/
 * @version    1.0.0
 * @date       2008-10-23
 * @package    Dwoo
 */
function Dwoo_Plugin_escape(Dwoo $dwoo, $value = '', $format = 'html', $charset = null)
{
    if ($charset === null) {
        $charset = $dwoo->getCharset();
    }
    switch ($format) {
        case 'html':
            return htmlspecialchars((string) $value, ENT_QUOTES, $charset);
        case 'htmlall':
            return htmlentities((string) $value, ENT_QUOTES, $charset);
        case 'url':
            return rawurlencode((string) $value);
        case 'urlpathinfo':
            return str_replace('%2F', '/', rawurlencode((string) $value));
        case 'quotes':
            return preg_replace("#(?<!\\\\)'#", "\\'", (string) $value);
        case 'hex':
            $out = '';
            $cnt = strlen((string) $value);
            for ($i = 0; $i < $cnt; $i++) {
                $out .= '%' . bin2hex((string) $value[$i]);
            }
            return $out;
        case 'hexentity':
            $out = '';
            $cnt = strlen((string) $value);
            for ($i = 0; $i < $cnt; $i++) {
                $out .= '&#x' . bin2hex((string) $value[$i]) . ';';
            }
            return $out;
        case 'javascript':
            return strtr((string) $value, array('\\' => '\\\\', "'" => "\\'", '"' => '\\"', "\r" => '\\r', "\n" => '\\n', '</' => '<\\/'));
        case 'mail':
            return str_replace(array('@', '.'), array('&nbsp;(AT)&nbsp;', '&nbsp;(DOT)&nbsp;'), (string) $value);
        default:
            return $dwoo->triggerError('Escape\'s format argument must be one of : html, htmlall, url, urlpathinfo, hex, hexentity, javascript or mail, "' . $format . '" given.', E_USER_WARNING);
    }
}
コード例 #4
0
ファイル: mailto.php プロジェクト: nan0desu/xyntach
/**
 * Outputs a mailto link with optional spam-proof (okay probably not) encoding
 * <pre>
 * * address : target email address
 * * text : display text to show for the link, defaults to the address if not provided
 * * subject : the email subject
 * * encode : one of the available encoding (none, js, jscharcode or hex)
 * * cc : address(es) to carbon copy, comma separated
 * * bcc : address(es) to blind carbon copy, comma separated
 * * newsgroups : newsgroup(s) to post to, comma separated
 * * followupto : address(es) to follow up, comma separated
 * * extra : additional attributes to add to the &lt;a&gt; tag
 * </pre>
 * This software is provided 'as-is', without any express or implied warranty.
 * In no event will the authors be held liable for any damages arising from the use of this software.
 *
 * @author	Jordi Boggiano <*****@*****.**>
 * @copyright Copyright (c) 2008, Jordi Boggiano
 * @license	http://dwoo.org/LICENSE Modified BSD License
 * @link	http://dwoo.org/
 * @version	1.0.0
 * @date	2008-10-23
 * @package	Dwoo
 */
function Dwoo_Plugin_mailto(Dwoo $dwoo, $address, $text = null, $subject = null, $encode = null, $cc = null, $bcc = null, $newsgroups = null, $followupto = null, $extra = null)
{
    if (empty($address)) {
        return '';
    }
    if (empty($text)) {
        $text = $address;
    }
    // build address string
    $address .= '?';
    if (!empty($subject)) {
        $address .= 'subject=' . rawurlencode($subject) . '&';
    }
    if (!empty($cc)) {
        $address .= 'cc=' . rawurlencode($cc) . '&';
    }
    if (!empty($bcc)) {
        $address .= 'bcc=' . rawurlencode($bcc) . '&';
    }
    if (!empty($newsgroup)) {
        $address .= 'newsgroups=' . rawurlencode($newsgroups) . '&';
    }
    if (!empty($followupto)) {
        $address .= 'followupto=' . rawurlencode($followupto) . '&';
    }
    $address = rtrim($address, '?&');
    // output
    switch ($encode) {
        case 'none':
        case null:
            return '<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>';
        case 'js':
        case 'javascript':
            $str = 'document.write(\'<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>\');';
            $len = strlen($str);
            $out = '';
            for ($i = 0; $i < $len; $i++) {
                $out .= '%' . bin2hex($str[$i]);
            }
            return '<script type="text/javascript">eval(unescape(\'' . $out . '\'));</script>';
            break;
        case 'javascript_charcode':
        case 'js_charcode':
        case 'jscharcode':
        case 'jschar':
            $str = '<a href="mailto:' . $address . '" ' . $extra . '>' . $text . '</a>';
            $len = strlen($str);
            $out = '<script type="text/javascript">' . "\n<!--\ndocument.write(String.fromCharCode(";
            for ($i = 0; $i < $len; $i++) {
                $out .= ord($str[$i]) . ',';
            }
            return rtrim($out, ',') . "));\n-->\n</script>\n";
            break;
        case 'hex':
            if (strpos($address, '?') !== false) {
                return $dwoo->triggerError('Mailto: Hex encoding is not possible with extra attributes, use one of : <em>js, jscharcode or none</em>.', E_USER_WARNING);
            }
            $out = '<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;';
            $len = strlen($address);
            for ($i = 0; $i < $len; $i++) {
                if (preg_match('#\\w#', $address[$i])) {
                    $out .= '%' . bin2hex($address[$i]);
                } else {
                    $out .= $address[$i];
                }
            }
            $out .= '" ' . $extra . '>';
            $len = strlen($text);
            for ($i = 0; $i < $len; $i++) {
                $out .= '&#x' . bin2hex($text[$i]);
            }
            return $out . '</a>';
        default:
            return $dwoo->triggerError('Mailto: <em>encode</em> argument is invalid, it must be one of : <em>none (= no value), js, js_charcode or hex</em>', E_USER_WARNING);
    }
}