コード例 #1
0
 private static function replace_marker($mtemplate, $key, $val)
 {
     //--
     if ((string) $key != '' and preg_match('/^[A-Z0-9_\\-\\.]+$/', (string) $key) and strpos((string) $mtemplate, '[####' . $key) !== false) {
         //--
         $regex = '/\\[####' . preg_quote((string) $key, '/') . '(\\|bool|\\|num|\\|htmid|\\|jsvar|\\|json)?(\\|url)?(\\|js)?(\\|html)?(\\|nl2br)?' . '####\\]/';
         //--
         if ((string) $val != '') {
             $val = (string) str_replace(array('[####', '####]', '[%%%%', '%%%%]', '[@@@@', '@@@@]'), array('(####+', '+####)', '(%%%%+', '+%%%%)', '(@@@@+', '+@@@@)'), (string) $val);
             // protect against cascade / recursion / undefined variables - for content injections of: variables / syntax / sub-templates
         }
         //end if
         //--
         $mtemplate = (string) preg_replace_callback((string) $regex, function ($matches) use($val) {
             //-- Format
             if ((string) $matches[1] == '|num') {
                 // Number
                 $val = (string) (double) $val;
             } elseif ((string) $matches[1] == '|bool') {
                 // Boolean
                 if ($val) {
                     $val = 'true';
                 } else {
                     $val = 'false';
                 }
                 //end if else
             } elseif ((string) $matches[1] == '|htmid') {
                 // HTML ID
                 $val = (string) trim((string) preg_replace('/[^a-zA-Z0-9_\\-]/', '', (string) $val));
             } elseif ((string) $matches[1] == '|jsvar') {
                 // JS Variable
                 $val = (string) trim((string) preg_replace('/[^a-zA-Z0-9_]/', '', (string) $val));
             } elseif ((string) $matches[1] == '|json') {
                 // Json Data (!!! DO NOT ENCLOSE IN ' or " as it can contain them as well as it can be [] or {} ... this is pure JSON !!!)
                 $val = (string) Smart::json_encode($val, false, false);
                 // no pretty print, escape unicode as it is served inline !
             }
             //end if
             //-- Escape
             if ((string) $matches[2] == '|url') {
                 $val = (string) Smart::escape_url((string) $val);
             }
             //end if
             if ((string) $matches[3] == '|js') {
                 $val = (string) Smart::escape_js((string) $val);
             }
             //end if
             if ((string) $matches[4] == '|html') {
                 $val = (string) Smart::escape_html((string) $val);
             }
             //end if
             //--
             if ((string) $matches[5] == '|nl2br') {
                 $val = (string) Smart::nl_2_br((string) $val);
             }
             //end if
             //--
             return (string) $val;
             //--
         }, (string) $mtemplate);
         //--
     }
     //end if
     //--
     return (string) $mtemplate;
     //--
 }
コード例 #2
0
 public static function create_download_link($y_file, $y_ctrl_key)
 {
     //--
     $y_file = (string) trim((string) $y_file);
     if ((string) $y_file == '') {
         Smart::log_warning('Utils / Create Download Link: Empty File Path has been provided. This means the download link will be unavaliable (empty) to assure security protection.');
         return '';
     }
     //end if
     if (!SmartFileSysUtils::check_file_or_dir_name($y_file)) {
         Smart::log_warning('Utils / Create Download Link: Invalid File Path has been provided. This means the download link will be unavaliable (empty) to assure security protection. File: ' . $y_file);
         return '';
     }
     //end if
     //--
     $y_ctrl_key = (string) trim((string) $y_ctrl_key);
     if ((string) $y_ctrl_key == '') {
         Smart::log_warning('Utils / Create Download Link: Empty Controller Key has been provided. This means the download link will be unavaliable (empty) to assure security protection.');
         return '';
     }
     //end if
     if (SMART_FRAMEWORK_ADMIN_AREA === true) {
         // {{{SYNC-DWN-CTRL-PREFIX}}}
         $y_ctrl_key = (string) 'AdminArea/' . $y_ctrl_key;
     } else {
         $y_ctrl_key = (string) 'IndexArea/' . $y_ctrl_key;
     }
     //end if
     //--
     $crrtime = (int) time();
     $access_key = SmartHashCrypto::sha1('DownloadLink:' . SMART_SOFTWARE_NAMESPACE . '-' . SMART_FRAMEWORK_SECURITY_KEY . '-' . SMART_APP_VISITOR_COOKIE . ':' . $y_file . '^' . $y_ctrl_key);
     $unique_key = SmartHashCrypto::sha1('Time=' . $crrtime . '#' . SMART_SOFTWARE_NAMESPACE . '-' . SMART_FRAMEWORK_SECURITY_KEY . '-' . $access_key . '-' . self::unique_auth_client_private_key() . ':' . $y_file . '+' . $y_ctrl_key);
     //-- {{{SYNC-DOWNLOAD-ENCRYPT-ARR}}}
     $safe_download_link = self::crypto_encrypt(trim((string) $crrtime) . "\n" . trim((string) $y_file) . "\n" . trim((string) $access_key) . "\n" . trim((string) $unique_key) . "\n" . '-' . "\n", 'SmartFramework//DownloadLink' . SMART_FRAMEWORK_SECURITY_KEY);
     //--
     return (string) Smart::escape_url(trim((string) $safe_download_link));
     //--
 }
コード例 #3
0
 private static function bttn_open_popup($forced, $winname = '')
 {
     if ((string) $winname == '') {
         $wname = 'test_interractions_pop_' . Smart::uuid_10_seq() . '_' . Smart::uuid_10_num() . '_' . Smart::uuid_10_str();
     } else {
         $wname = (string) $winname;
     }
     //end if else
     if ($forced) {
         $mode = 'pop';
         $set = '1';
         $btn = 'Open PopUp (strict)';
     } else {
         $mode = 'auto';
         $set = '0';
         $btn = 'Open PopUp or Modal (auto)';
     }
     //end if else
     return '<a class="ux-button ux-button-highlight" style="min-width:325px;" target="' . Smart::escape_html($wname) . '" href="' . SMART_FRAMEWORK_TESTUNIT_BASE_URL . 'testunit.interractions&mode=' . Smart::escape_url($mode) . '" onClick="SmartJS_BrowserUtils.PopUpLink(this.href, this.target, null, null, ' . Smart::escape_js($set) . '); return false;">' . Smart::escape_html($btn) . '</a>';
 }
コード例 #4
0
 private static function mime_link($y_ctrl_key, $y_msg_file, $y_part, $y_link, $y_rawmime, $y_rawdisp, $y_printable = '')
 {
     //--
     $y_msg_file = (string) $y_msg_file;
     $y_part = (string) $y_part;
     $y_link = (string) $y_link;
     $y_rawmime = (string) $y_rawmime;
     $y_rawdisp = (string) $y_rawdisp;
     $y_printable = (string) $y_printable;
     //--
     $the_url_param_msg = '';
     $the_url_param_raw = '';
     $the_url_param_mime = '';
     $the_url_param_disp = '';
     //--
     if ((string) $y_link != '' and (string) $y_msg_file != '') {
         //--
         $the_url_param_msg = (string) self::encode_mime_fileurl((string) $y_msg_file, (string) $y_ctrl_key);
         // {{{SYNC-MIME-ENCRYPT-ARR}}}
         if ((string) $y_part != '') {
             $the_url_param_msg .= '@' . SmartUtils::url_hex_encode((string) $y_part);
             // have part
         }
         //end if
         //--
         if ((string) $y_rawmime != '') {
             $the_url_param_raw = 'raw';
             $the_url_param_mime = (string) Smart::escape_url(SmartUtils::url_hex_encode((string) $y_rawmime));
         }
         //end if
         if ((string) $y_rawdisp != '') {
             $the_url_param_raw = 'raw';
             $the_url_param_disp = (string) Smart::escape_url(SmartUtils::url_hex_encode((string) $y_rawdisp));
         }
         //end if
         //--
         if ((string) $y_printable != '') {
             // printable display
             $y_link .= '&' . SMART_FRAMEWORK_URL_PARAM_PRINTABLE . '=' . Smart::escape_url((string) SMART_FRAMEWORK_URL_VALUE_ENABLED);
             // .'&'.SMART_FRAMEWORK_URL_PARAM_MODALPOPUP.'='. Smart::escape_url((string)SMART_FRAMEWORK_URL_VALUE_ENABLED).'&';
         }
         //end if else
         //--
         $y_link = str_replace(array('{{{MESSAGE}}}', '{{{RAWMODE}}}', '{{{MIME}}}', '{{{DISP}}}'), array((string) $the_url_param_msg, (string) $the_url_param_raw, (string) $the_url_param_mime, (string) $the_url_param_disp), (string) $y_link);
         //--
     }
     //end if
     //--
     return (string) $y_link;
     //--
 }