コード例 #1
0
 /**
  * Parses search keywords.
  * 
  * @param	string		$keywordString
  */
 protected function parseKeywords($keywordString)
 {
     // convert encoding if necessary
     if (!StringUtil::isUTF8($keywordString)) {
         $keywordString = StringUtil::convertEncoding('ISO-8859-1', 'UTF-8', $keywordString);
     }
     // remove bad wildcards
     $keywordString = preg_replace('/(?<!\\w)\\*/', '', $keywordString);
     // remove search operators
     $keywordString = preg_replace('/[\\+\\-><()~]+/', '', $keywordString);
     if (mb_substr($keywordString, 0, 1) == '"' && mb_substr($keywordString, -1) == '"') {
         // phrases search
         $keywordString = StringUtil::trim(mb_substr($keywordString, 1, -1));
         if (!empty($keywordString)) {
             $this->keywords = array_merge($this->keywords, array(StringUtil::encodeHTML($keywordString)));
         }
     } else {
         // replace word delimiters by space
         $keywordString = str_replace(array('.', ','), ' ', $keywordString);
         $keywords = ArrayUtil::encodeHTML(ArrayUtil::trim(explode(' ', $keywordString)));
         if (!empty($keywords)) {
             $this->keywords = array_merge($this->keywords, $keywords);
         }
     }
 }
コード例 #2
0
 /**
  * @see	\wcf\page\IPage::show()
  */
 public function show()
 {
     // check if active user is logged in
     if ($this->loginRequired && !WCF::getUser()->userID) {
         throw new PermissionDeniedException();
     }
     // check if current request URL matches the canonical URL
     if ($this->canonicalURL && empty($_POST)) {
         $canoncialURL = parse_url(preg_replace('~[?&]s=[a-f0-9]{40}~', '', $this->canonicalURL));
         // use $_SERVER['REQUEST_URI'] because it represents the URL used to access the site and not the internally rewritten one
         // IIS Rewrite-Module has a bug causing the REQUEST_URI to be ISO-encoded
         $requestURI = !empty($_SERVER['UNENCODED_URL']) ? $_SERVER['UNENCODED_URL'] : $_SERVER['REQUEST_URI'];
         $requestURI = preg_replace('~[?&]s=[a-f0-9]{40}~', '', $requestURI);
         if (!StringUtil::isUTF8($requestURI)) {
             $requestURI = StringUtil::convertEncoding('ISO-8859-1', 'UTF-8', $requestURI);
         }
         // some webservers output lower-case encoding (e.g. %c3 instead of %C3)
         $requestURI = preg_replace_callback('~%(?P<encoded>[a-zA-Z0-9]{2})~', function ($matches) {
             return '%' . strtoupper($matches['encoded']);
         }, $requestURI);
         $requestURL = parse_url($requestURI);
         $redirect = false;
         if ($canoncialURL['path'] != $requestURL['path']) {
             $redirect = true;
         } else {
             if (isset($canoncialURL['query'])) {
                 if (!isset($requestURL['query'])) {
                     $redirect = true;
                 } else {
                     parse_str($canoncialURL['query'], $cQueryString);
                     parse_str($requestURL['query'], $rQueryString);
                     foreach ($cQueryString as $key => $value) {
                         if (!isset($rQueryString[$key]) || $rQueryString[$key] != $value) {
                             $redirect = true;
                             break;
                         }
                     }
                 }
             }
         }
         if ($redirect) {
             $redirectURL = $this->canonicalURL;
             if (!empty($requestURL['query'])) {
                 $queryString = $requestURL['query'];
                 parse_str($requestURL['query'], $rQueryString);
                 if (!empty($canoncialURL['query'])) {
                     parse_str($canoncialURL['query'], $cQueryString);
                     // clean query string
                     foreach ($cQueryString as $key => $value) {
                         if (isset($rQueryString[$key])) {
                             unset($rQueryString[$key]);
                         }
                     }
                 }
                 // drop route data from query
                 if (!URL_LEGACY_MODE) {
                     foreach ($rQueryString as $key => $value) {
                         if ($value === '') {
                             unset($rQueryString[$key]);
                         }
                     }
                 }
                 if (!empty($rQueryString)) {
                     $redirectURL .= (mb_strpos($redirectURL, '?') === false ? '?' : '&') . http_build_query($rQueryString, '', '&');
                 }
             }
             // force a permanent redirect as recommended by Google
             // https://support.google.com/webmasters/answer/6033086?hl=en#a_note_about_redirects
             @header('HTTP/1.0 301 Moved Permanently');
             HeaderUtil::redirect($redirectURL, false);
             exit;
         }
     }
     // sets the active menu item
     $this->setActiveMenuItem();
     // check modules
     $this->checkModules();
     // check permission
     $this->checkPermissions();
     // read data
     $this->readData();
     // assign variables
     $this->assignVariables();
     // call show event
     EventHandler::getInstance()->fireAction($this, 'show');
     // try to guess template name
     $classParts = explode('\\', get_class($this));
     if (empty($this->templateName)) {
         $className = preg_replace('~(Form|Page)$~', '', array_pop($classParts));
         // check if this an *Edit page and use the add-template instead
         if (substr($className, -4) == 'Edit') {
             $className = substr($className, 0, -4) . 'Add';
         }
         $this->templateName = lcfirst($className);
         // assign guessed template name
         WCF::getTPL()->assign('templateName', $this->templateName);
     }
     if (empty($this->templateNameApplication)) {
         $this->templateNameApplication = array_shift($classParts);
         // assign guessed template application
         WCF::getTPL()->assign('templateNameApplication', $this->templateNameApplication);
     }
     if ($this->useTemplate) {
         // show template
         WCF::getTPL()->display($this->templateName, $this->templateNameApplication);
     }
 }
コード例 #3
0
ファイル: ArrayUtil.class.php プロジェクト: nick-strohm/WCF
 /**
  * Converts a array of strings to requested character encoding.
  * @see	mb_convert_encoding()
  * 
  * @param	string		$inCharset
  * @param	string		$outCharset
  * @param	array		$array
  * @return	string
  */
 public static function convertEncoding($inCharset, $outCharset, $array)
 {
     if (!is_array($array)) {
         return StringUtil::convertEncoding($inCharset, $outCharset, $array);
     } else {
         foreach ($array as $key => $val) {
             $array[$key] = self::convertEncoding($inCharset, $outCharset, $val);
         }
         return $array;
     }
 }
コード例 #4
0
ファイル: WCF.class.php プロジェクト: nick-strohm/WCF
 /**
  * Returns the URI of the current page.
  * 
  * @return	string
  */
 public static function getRequestURI()
 {
     if (URL_LEGACY_MODE) {
         // resolve path and query components
         $scriptName = $_SERVER['SCRIPT_NAME'];
         $pathInfo = RouteHandler::getPathInfo();
         if (empty($pathInfo)) {
             // bug fix if URL omits script name and path
             $scriptName = substr($scriptName, 0, strrpos($scriptName, '/'));
         }
         $path = str_replace('/index.php', '', str_replace($scriptName, '', $_SERVER['REQUEST_URI']));
         if (!StringUtil::isUTF8($path)) {
             $path = StringUtil::convertEncoding('ISO-8859-1', 'UTF-8', $path);
         }
         $path = FileUtil::removeLeadingSlash($path);
         $baseHref = self::getTPL()->get('baseHref');
         if (!empty($path) && mb_strpos($path, '?') !== 0) {
             $baseHref .= 'index.php/';
         }
         return $baseHref . $path;
     } else {
         $url = preg_replace('~^(https?://[^/]+)(?:/.*)?$~', '$1', self::getTPL()->get('baseHref'));
         $url .= $_SERVER['REQUEST_URI'];
         return $url;
     }
 }
コード例 #5
0
ファイル: UserUtil.class.php プロジェクト: 0xLeon/WCF
	/**
	 * Returns the request uri of the active request.
	 * 
	 * @return	string
	 */
	public static function getRequestURI() {
		$REQUEST_URI = '';
		
		$appendQueryString = true;
		if (!empty($_SERVER['ORIG_PATH_INFO']) && strpos($_SERVER['ORIG_PATH_INFO'], '.php') !== false) {
			$REQUEST_URI = $_SERVER['ORIG_PATH_INFO'];
		}
		else if (!empty($_SERVER['ORIG_SCRIPT_NAME'])) {
			$REQUEST_URI = $_SERVER['ORIG_SCRIPT_NAME'];
		}
		else if (!empty($_SERVER['SCRIPT_NAME']) && (isset($_SERVER['PATH_INFO']) && !empty($_SERVER['PATH_INFO']))) {
			$REQUEST_URI = $_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO'];
		}
		else if (isset($_SERVER['REQUEST_URI']) && !empty($_SERVER['REQUEST_URI'])) {
			$REQUEST_URI = $_SERVER['REQUEST_URI'];
			$appendQueryString = false;
		}
		else if (!empty($_SERVER['PHP_SELF'])) {
			$REQUEST_URI = $_SERVER['PHP_SELF'];
		}
		else if (!empty($_SERVER['PATH_INFO'])) {
			$REQUEST_URI = $_SERVER['PATH_INFO'];
		}
		if ($appendQueryString && !empty($_SERVER['QUERY_STRING'])) {
			$REQUEST_URI .= '?'.$_SERVER['QUERY_STRING'];
		}
		
		// fix encoding
		if (!StringUtil::isASCII($REQUEST_URI) && !StringUtil::isUTF8($REQUEST_URI)) {
			$REQUEST_URI = StringUtil::convertEncoding('ISO-8859-1', 'UTF-8', $REQUEST_URI);
		}
		
		return StringUtil::substring(FileUtil::unifyDirSeperator($REQUEST_URI), 0, 255);
	}
コード例 #6
0
 /**
  * Creates a new PackageUpdateAuthForm object.
  * 
  * @param	PackageUpdateAuthorizationRequiredException	$exception
  */
 public function __construct(PackageUpdateAuthorizationRequiredException $exception = null)
 {
     $this->exception = $exception;
     if ($this->exception !== null) {
         $this->packageUpdateServerID = $this->exception->getPackageUpdateServerID();
         $this->url = $this->exception->getURL();
         $this->header = $this->exception->getResponseHeader();
         // get message
         $this->message = $this->exception->getResponseContent();
         // find out response charset
         if (preg_match('/charset=([a-z0-9\\-]+)/i', $this->header, $match)) {
             $charset = strtoupper($match[1]);
             if ($charset != 'UTF-8') {
                 $this->message = @StringUtil::convertEncoding($charset, 'UTF-8', $this->message);
             }
         }
         // format message
         $this->message = nl2br(preg_replace("/\n{3,}/", "\n\n", StringUtil::unifyNewlines(StringUtil::trim(strip_tags($this->message)))));
     }
     parent::__construct();
 }
コード例 #7
0
 /**
  * @see	\wcf\action\IAction::execute()
  */
 public function execute()
 {
     parent::execute();
     // check response
     $processor = null;
     try {
         // post back to paypal to validate
         $content = '';
         try {
             $url = 'https://www.paypal.com/cgi-bin/webscr';
             if (!empty($_POST['test_ipn'])) {
                 // IPN simulator notification
                 $url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
             }
             $request = new HTTPRequest($url, array(), array_merge(array('cmd' => '_notify-validate'), $_POST));
             $request->execute();
             $reply = $request->getReply();
             $content = $reply['body'];
         } catch (SystemException $e) {
             throw new SystemException('connection to paypal.com failed: ' . $e->getMessage());
         }
         if (strstr($content, "VERIFIED") === false) {
             throw new SystemException('request not validated');
         }
         // fix encoding
         if (!empty($_POST['charset']) && strtoupper($_POST['charset']) != 'UTF-8') {
             foreach ($_POST as &$value) {
                 $value = StringUtil::convertEncoding(strtoupper($_POST['charset']), 'UTF-8', $value);
             }
         }
         // Check that receiver_email is your Primary PayPal email
         if (strtolower($_POST['business']) != strtolower(PAYPAL_EMAIL_ADDRESS) && strtolower($_POST['receiver_email']) != strtolower(PAYPAL_EMAIL_ADDRESS)) {
             throw new SystemException('invalid business or receiver_email');
         }
         // get token
         if (!isset($_POST['custom'])) {
             throw new SystemException('invalid custom item');
         }
         $tokenParts = explode(':', $_POST['custom'], 2);
         if (count($tokenParts) != 2) {
             throw new SystemException('invalid custom item');
         }
         // get payment type object type
         $objectType = ObjectTypeCache::getInstance()->getObjectType(intval($tokenParts[0]));
         if ($objectType === null || !$objectType->getProcessor() instanceof IPaymentType) {
             throw new SystemException('invalid payment type id');
         }
         $processor = $objectType->getProcessor();
         // get status
         $transactionType = !empty($_POST['txn_type']) ? $_POST['txn_type'] : '';
         $paymentStatus = !empty($_POST['payment_status']) ? $_POST['payment_status'] : '';
         $status = '';
         if ($transactionType == 'web_accept' || $transactionType == 'subscr_payment') {
             if ($paymentStatus == 'Completed') {
                 $status = 'completed';
             }
         }
         if ($paymentStatus == 'Refunded' || $paymentStatus == 'Reversed') {
             $status = 'reversed';
         }
         if ($paymentStatus == 'Canceled_Reversal') {
             $status = 'canceled_reversal';
         }
         if ($status) {
             $processor->processTransaction(ObjectTypeCache::getInstance()->getObjectTypeIDByName('com.woltlab.wcf.payment.method', 'com.woltlab.wcf.payment.method.paypal'), $tokenParts[1], $_POST['mc_gross'], $_POST['mc_currency'], $_POST['txn_id'], $status, $_POST);
         }
     } catch (SystemException $e) {
         @header('HTTP/1.1 500 Internal Server Error');
         echo $e->getMessage();
         exit;
     }
 }
コード例 #8
0
ファイル: StyleEditor.class.php プロジェクト: ZerGabriel/WCF
 /**
  * Exports this style.
  * 
  * @param	boolean 	$templates
  * @param	boolean		$images
  * @param	boolean		$icons
  */
 public function export($templates = false, $images = false, $icons = false)
 {
     // create style tar
     $styleTarName = FileUtil::getTemporaryFilename('style_', '.tgz');
     $styleTar = new TarWriter($styleTarName, true);
     // append style preview image
     if ($this->image && @file_exists(WCF_DIR . $this->image)) {
         $styleTar->add(WCF_DIR . $this->image, '', FileUtil::addTrailingSlash(dirname(WCF_DIR . $this->image)));
     }
     // create style info file
     $string = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n<!DOCTYPE style SYSTEM \"http://www.woltlab.com/DTDs/SXF/style.dtd\">\n<style>\n";
     // general block
     $string .= "\t<general>\n";
     $string .= "\t\t<stylename><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->styleName) : $this->styleName) . "]]></stylename>\n";
     // style name
     if ($this->styleDescription) {
         $string .= "\t\t<description><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->styleDescription) : $this->styleDescription) . "]]></description>\n";
     }
     // style description
     if ($this->styleVersion) {
         $string .= "\t\t<version><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->styleVersion) : $this->styleVersion) . "]]></version>\n";
     }
     // style version
     if ($this->styleDate) {
         $string .= "\t\t<date><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->styleDate) : $this->styleDate) . "]]></date>\n";
     }
     // style date
     if ($this->image) {
         $string .= "\t\t<image><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', basename($this->image)) : basename($this->image)) . "]]></image>\n";
     }
     // style preview image
     if ($this->copyright) {
         $string .= "\t\t<copyright><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->copyright) : $this->copyright) . "]]></copyright>\n";
     }
     // copyright
     if ($this->license) {
         $string .= "\t\t<license><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->license) : $this->license) . "]]></license>\n";
     }
     // license
     $string .= "\t</general>\n";
     // author block
     $string .= "\t<author>\n";
     if ($this->authorName) {
         $string .= "\t\t<authorname><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->authorName) : $this->authorName) . "]]></authorname>\n";
     }
     // author name
     if ($this->authorURL) {
         $string .= "\t\t<authorurl><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->authorURL) : $this->authorURL) . "]]></authorurl>\n";
     }
     // author URL
     $string .= "\t</author>\n";
     // files block
     $string .= "\t<files>\n";
     $string .= "\t\t<variables>variables.xml</variables>\n";
     // variables
     if ($templates && $this->templateGroupID) {
         $string .= "\t\t<templates>templates.tar</templates>\n";
     }
     // templates
     if ($images) {
         $string .= "\t\t<images>images.tar</images>\n";
     }
     // images
     if ($icons) {
         $string .= "\t\t<icons>icons.tar</icons>\n";
     }
     // icons
     $string .= "\t</files>\n";
     $string .= "</style>";
     // append style info file to style tar
     $styleTar->addString(self::INFO_FILE, $string);
     unset($string);
     // create variable list
     $string = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n<!DOCTYPE variables SYSTEM \"http://www.woltlab.com/DTDs/SXF/variables.dtd\">\n<variables>\n";
     // get variables
     $variables = $this->getVariables();
     $exportImages = array();
     foreach ($variables as $name => $value) {
         // search images
         if ($images && $value) {
             if (preg_match_all('~([^/\\s\\$]+\\.(?:gif|jpg|jpeg|png))~i', $value, $matches)) {
                 $exportImages = array_merge($exportImages, $matches[1]);
             }
         }
         $string .= "\t<variable name=\"" . StringUtil::encodeHTML($name) . "\"><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $value) : $value) . "]]></variable>\n";
     }
     $string .= "</variables>";
     // append variable list to style tar
     $styleTar->addString('variables.xml', $string);
     unset($string);
     if ($templates && $this->templateGroupID) {
         $templateGroup = new TemplateGroup($this->templateGroupID);
         // create templates tar
         $templatesTarName = FileUtil::getTemporaryFilename('templates', '.tar');
         $templatesTar = new TarWriter($templatesTarName);
         @chmod($templatesTarName, 0777);
         // append templates to tar
         // get templates
         $sql = "SELECT\t\ttemplate.*, package.package, package.packageDir,\n\t\t\t\t\t\tparent_package.package AS parentPackage, parent_package.packageDir AS parentPackageDir\n\t\t\t\tFROM\t\twcf" . WCF_N . "_template template\n\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_package package\n\t\t\t\tON\t\t(package.packageID = template.packageID)\n\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_package parent_package\n\t\t\t\tON\t\t(parent_package.packageID = package.parentPackageID)\n\t\t\t\tWHERE\t\ttemplate.templateGroupID = ?";
         $statement = WCF::getDB()->prepareStatement($sql);
         $statement->execute(array($this->templateGroupID));
         while ($row = $statement->fetchArray()) {
             $packageDir = 'com.woltlab.wcf';
             if (!empty($row['parentPackageDir'])) {
                 $packageDir = $row['parentPackage'];
             } else {
                 if (!empty($row['packageDir'])) {
                     $packageDir = $row['package'];
                 }
             }
             $filename = FileUtil::addTrailingSlash(FileUtil::getRealPath(WCF_DIR . $row['packageDir'] . 'templates/' . $templateGroup->templateGroupFolderName)) . $row['templateName'] . '.tpl';
             $templatesTar->add($filename, $packageDir, dirname($filename));
         }
         // append templates tar to style tar
         $templatesTar->create();
         $styleTar->add($templatesTarName, 'templates.tar', $templatesTarName);
         @unlink($templatesTarName);
     }
     if ($images) {
         // create images tar
         $imagesTarName = FileUtil::getTemporaryFilename('images_', '.tar');
         $imagesTar = new TarWriter($imagesTarName);
         @chmod($imagesTarName, 0777);
         // cache rtl versions
         foreach ($exportImages as $exportImage) {
             if (strpos($exportImage, '-ltr')) {
                 $exportImages[] = str_replace('-ltr', '-rtl', $exportImage);
             }
         }
         // append images to tar
         $path = WCF_DIR . $variables['global.images.location'];
         if (file_exists($path) && is_dir($path)) {
             $handle = opendir($path);
             while (($file = readdir($handle)) !== false) {
                 if (is_file($path . $file) && in_array($file, $exportImages)) {
                     $imagesTar->add($path . $file, '', $path);
                 }
             }
         }
         // append images tar to style tar
         $imagesTar->create();
         $styleTar->add($imagesTarName, 'images.tar', $imagesTarName);
         @unlink($imagesTarName);
     }
     // export icons
     $iconsLocation = FileUtil::addTrailingSlash($variables['global.icons.location']);
     if ($icons && $iconsLocation != 'icon/') {
         // create icons tar
         $iconsTarName = FileUtil::getTemporaryFilename('icons_', '.tar');
         $iconsTar = new TarWriter($iconsTarName);
         @chmod($iconsTar, 0777);
         // get package dirs
         $sql = "SELECT\tpackage, packageDir\n\t\t\t\tFROM\twcf" . WCF_N . "_package\n\t\t\t\tWHERE\tisApplication = 1\n\t\t\t\t\tAND (packageDir <> '' OR package = 'com.woltlab.wcf')";
         $statement = WCF::getDB()->prepareStatement($sql);
         $statement->execute();
         while ($row = $statement->fetchArray()) {
             $iconsDir = FileUtil::getRealPath(WCF_DIR . $row['packageDir']) . $iconsLocation;
             $packageIcons = array();
             if (file_exists($iconsDir)) {
                 $icons = glob($iconsDir . '*.png');
                 if (is_array($icons)) {
                     foreach ($icons as $icon) {
                         $packageIcons[] = $icon;
                     }
                 }
             }
             if (count($packageIcons)) {
                 $iconsTar->add($packageIcons, $row['package'] . '/', $iconsDir);
             }
         }
         $iconsTar->create();
         $styleTar->add($iconsTarName, 'icons.tar', $iconsTarName);
         @unlink($iconsTarName);
     }
     // output file content
     $styleTar->create();
     readfile($styleTarName);
     @unlink($styleTarName);
 }
コード例 #9
0
ファイル: WCF.class.php プロジェクト: 0xLeon/WCF
	/**
	 * Returns the URI of the current page.
	 *
	 * @return	string
	 */
	public static function getRequestURI() {
		// resolve path and query components
		$scriptName = $_SERVER['SCRIPT_NAME'];
		if (empty($_SERVER['PATH_INFO'])) {
			// bug fix if URL omits script name and path
			$scriptName = substr($scriptName, 0, strrpos($scriptName, '/'));
		}
		
		$path = str_replace('/index.php', '', str_replace($scriptName, '', $_SERVER['REQUEST_URI']));
		if (!StringUtil::isASCII($path) && !StringUtil::isUTF8($path)) {
			$path = StringUtil::convertEncoding('ISO-8859-1', 'UTF-8', $path);
		}
		$path = FileUtil::removeLeadingSlash($path);
		$baseHref = self::getTPL()->get('baseHref');
		
		if (!empty($path) && StringUtil::indexOf($path, '?') !== 0) {
			$baseHref .= 'index.php/';
		}
		
		return $baseHref . $path;
	}