public static function move($sourcePath, $destPath) { // Reject the directory if it has illegal characters if (!IsSanitized::filepath($sourcePath) or !IsSanitized::filepath($destPath)) { return false; } // Create the base destination path self::create($destPath); // Get all files (including recursively) in the folder $files = self::getFiles($sourcePath, true, true); $success = true; // Copy all of the files foreach ($files as $file) { if (is_dir($sourcePath . "/" . $file)) { if (!self::create($destPath . '/' . $file)) { $success = false; } continue; } if (!copy($sourcePath . '/' . $file, $destPath . '/' . $file)) { $success = false; } } // Delete the source folder if the move was successful return $success ? self::delete($sourcePath) : false; }
public static function exists($filepath) { // If the filepath is using illegal characters or entries, reject the function if (!IsSanitized::filepath($filepath)) { return false; } return is_file($filepath); }
public static function createDBUser($username, $password = "", $host = "localhost") { if (!IsSanitized::variable($username)) { return false; } if (!IsSanitized::variable($host, ".:")) { return false; } // Note: If you're getting an "access violation" error here, you can post this exact query to another system // (such as Navicat) and it will work fine. Not sure why it's failing here. Database::query('GRANT SELECT, INSERT, UPDATE, DELETE ON *.* TO "' . $username . '"@"' . $host . '" IDENTIFIED BY ? WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;', array($password)); $user = Database::selectValue("SELECT user FROM mysql.user WHERE user=?", array($username)); return $user !== false ? true : false; }
public static function package($source, $targetFile, $incParent = false) { // Make sure we're able to use the zip library if (!extension_loaded('zip')) { return false; } // Prepare the path $source = str_replace('\\', '/', realpath($source)); // Make sure the file exists and is safe if (!IsSanitized::filepath($source)) { return false; } if (!file_exists($source)) { return false; } // Make sure the directory exists $targetDir = dirname($targetFile); if (!is_dir($targetDir)) { Dir::create($targetDir); } // Prepare the Zip Functionality $zip = new ZipArchive(); if (!$zip->open($targetFile, ZIPARCHIVE::CREATE)) { return false; } // Run the Zip Processer if (is_dir($source) === true) { $baseDir = ''; if ($incParent) { $exp = explode("/", $source); $baseDir = $exp[count($exp) - 1] . '/'; $zip->addEmptyDir($baseDir); } $files = Dir::getFiles($source, true, true); foreach ($files as $file) { if (is_dir($source . '/' . $file) === true) { $zip->addEmptyDir($baseDir . $file); } else { if (is_file($source . '/' . $file) === true) { $zip->addFile($source . '/' . $file, $baseDir . $file); } } } } else { if (is_file($source) === true) { $zip->addFile($file); } } return $zip->close(); }
public static function copy($sourceTable, $destinationTable, $sqlWhere = "", $sqlArray = array(), $limit = 1000, $move = false) { // Protect Tables if (!IsSanitized::variable($destinationTable) or !IsSanitized::variable($sourceTable)) { return false; } // Make sure the backup table exists Database::exec("CREATE TABLE IF NOT EXISTS " . $destinationTable . " LIKE " . $sourceTable); // Begin the Database_Transfer Database::startTransaction(); // Insert Rows into Database_Transfer Table Database::query("INSERT INTO " . $destinationTable . " SELECT * FROM " . $sourceTable . ($sqlWhere != "" ? " WHERE " . Sanitize::variable($sqlWhere, " ,`!=<>?()") : "") . ($limit ? ' LIMIT ' . (int) $limit : ''), $sqlArray); $newCount = Database::$rowsAffected; if ($move === true) { // Delete Rows from Original Table (if applicable) Database::query("DELETE FROM " . $sourceTable . ($sqlWhere != "" ? " WHERE " . Sanitize::variable($sqlWhere, " ,`!=<>?()") : ""), $sqlArray); // If the number of inserts matches the number of deletions, commit the transaction return Database::endTransaction($newCount == Database::$rowsAffected); } return Database::endTransaction(); }
public function save($file, $quality = 90) { // Allow Transparency imagesavealpha($this->resource, true); // If the save file is valid if (!IsSanitized::filepath($file)) { Alert::error("Image Path", "The image path is invalid.", 7); return false; } $saveInfo = pathinfo($file); if (!isset($saveInfo['basename']) or !isset($saveInfo['dirname']) or !isset($saveInfo['extension'])) { Alert::error("Image Path", "The image path is not functioning properly.", 6); return false; } // Make sure the directory exists if (!Dir::create($saveInfo['dirname'])) { Alert::error("Image Directory", "The image directory cannot be created. Please check permissions.", 4); return false; } // Save the file switch ($saveInfo['extension']) { case "jpg": case "jpeg": return imagejpeg($this->resource, $file, $quality); case "png": return imagepng($this->resource, $file); case "gif": return imagegif($this->resource, $file); } return false; }
public static function email($email) { // Make sure the email doesn't contain illegal characters $illegalChars = Sanitize::email($email, "", true); if ($illegalChars != array()) { Alert::error("Validate Email", "The email does not allow: " . self::announceIllegalChars($illegalChars), 3); return false; } // Make sure the email has an "@" if (strpos($email, "@") === false) { Alert::error("Validate Email", "Email improperly formatted: doesn't include an @ character.", 3); return false; } // Prepare Values $emailData = array(); $exp = explode("@", $email); $emailData['full'] = $email; $emailData['username'] = $exp[0]; $emailData['domain'] = $exp[1]; $lenEmail = strlen($email); $lenUser = strlen($emailData['username']); $lenDomain = strlen($emailData['domain']); // Check if the email is too long if ($lenEmail > 72) { Alert::error("Validate Email", "Email is over 72 characters long.", 1); return false; } // Check if the username is too long if ($lenUser < 1 or $lenUser > 50) { Alert::error("Validate Email", "Email username must be between 1 and 50 characters.", 2); return false; } // Check if the domain is too long if ($lenDomain < 1 or $lenDomain > 50) { Alert::error("Validate Email", "Email domain must be between 1 and 50 characters.", 2); return false; } // Check for valid emails with the username if ($emailData['username'][0] == '.' or $emailData['username'][$lenUser - 1] == '.') { Alert::error("Validate Email", "Email username cannot start or end with a period.", 5); return false; } // Username cannot have two consecutive dots if (strpos($emailData['username'], "..") !== false) { Alert::error("Validate Email", "Email username cannot contain two consecutive periods.", 5); return false; } // Check the domain for valid characters if (!IsSanitized::variable($emailData['domain'], "-.")) { Alert::error("Validate Email", "Email domain was not properly sanitized.", 3); return false; } // The email was successfully validated return true; }
public function validatePath($savePath = "") { if ($this->valid == false) { return false; } // If the save path is valid $saveInfo = pathinfo($savePath); if (!isset($saveInfo['basename']) or !isset($saveInfo['dirname']) or !isset($saveInfo['extension'])) { $this->valid = false; return false; } // Set values $this->saveDirectory = $saveInfo['dirname']; $this->filename = $saveInfo['filename']; $this->toExtension = $saveInfo['extension']; // Make sure the characters are valid $this->saveDirectory = rtrim(str_replace("\\", "/", $this->saveDirectory), "/"); if (!IsSanitized::filepath($this->saveDirectory . '/' . $this->filename . '.' . $this->extension)) { Alert::error("Upload Filename", "The save destination is invalid - illegal extension or characters.", 9); $this->valid = false; return false; } // Confirm that the directory exists (otherwise create it) if (!Dir::create($this->saveDirectory)) { Alert::error("Upload Directory", "The upload directory cannot be created. Please check permissions.", 4); $this->valid = false; return false; } return true; }