public static function escape_str($db, $y_string)
{
//--
self::check_connection($db);
//--
$y_string = (string) SmartUnicode::fix_charset((string) $y_string);
// Fix
//--
$y_string = (string) @$db->escapeString((string) $y_string);
//--
return (string) $y_string;
//--
}
/**
* Escape a string to be compliant and Safe (against SQL Injection) with MySQL standards.
* This function WILL NOT ADD the SINGLE QUOTES (') arround the string, but just will just escape it to be safe.
*
* @param STRING $y_string :: A String or a Number to be Escaped
* @param RESOURCE $y_connection :: the connection
* @return STRING :: The Escaped String / Number
*
*/
public static function escape_str($y_string, $y_connection = 'DEFAULT')
{
//==
$y_connection = self::check_connection($y_connection, 'ESCAPE-STR');
//==
//-- Fix
$y_string = (string) SmartUnicode::fix_charset((string) $y_string);
//--
//--
$y_string = (string) @mysqli_real_escape_string($y_connection, (string) $y_string);
//--
//--
return $y_string;
//--
}
/**
* Set a Key into the persistent Cache
*
* @param STRING $y_realm The Cache Realm
* @param STRING $y_key The Cache Key
* @param MIXED $y_value The value to be stored
* @param INTEGER+ $y_expiration Key Expiration in seconds (zero if key does not expire)
*
* @return BOOLEAN Returns True if the key was set or false if not
*/
public static function setKey($y_realm, $y_key, $y_value, $y_expiration = 0)
{
//--
if (!self::isActive()) {
return false;
}
//end if
//--
if (!self::validateRealm((string) $y_realm)) {
Smart::log_warning('Persistent Cache / Invalid Realm: ' . $y_realm);
return false;
}
//end if
if (!self::validateKey((string) $y_key)) {
Smart::log_warning('Persistent Cache / Invalid Key: ' . $y_key);
return false;
}
//end if
//--
self::initCacheManager();
//--
$y_value = (string) SmartUnicode::fix_charset((string) $y_value);
// fix
$y_expiration = Smart::format_number_int($y_expiration, '+');
//--
$resexp = 1;
if ((string) $y_realm == '') {
$result = self::$redis->set((string) $y_key, (string) $y_value);
if ($y_expiration > 0) {
$resexp = self::$redis->expire((string) $y_key, (int) $y_expiration);
}
//end if
} else {
$result = self::$redis->set((string) $y_realm . ':' . $y_key, (string) $y_value);
if ($y_expiration > 0) {
$resexp = self::$redis->expire((string) $y_realm . ':' . $y_key, (int) $y_expiration);
}
//end if
}
//end if else
//--
if (strtoupper(trim((string) $result)) == 'OK' and $resexp == 1) {
return true;
} else {
return false;
}
//end if else
//--
}
private function standardize_html()
{
//-- STANDARDIZE THE HTML CODE
// * protect against client-side scripting and html denied tags :: the < ? ? > or < % % > tag(s) will be detected and if present, will be replaced with dummy tags to prevent code injection
// * remove all weird / unsafe characters (ex: non-utf8)
// * replace multiple spaces with just one space
//--
//--
if ($this->is_std != false) {
return;
// avoid to re-parse
}
//end if
//--
$this->is_std = true;
//--
//-- remove all non utf8 characters
$this->html = (string) preg_replace((string) Smart::lower_unsafe_characters(), '', (string) $this->html);
//-- standardize new lines, tabs and line ends
$this->html = (string) str_replace(array("", "\r\n", "\r", ' />', '/>'), array('', "\n", "\n", '>', '>'), (string) $this->html);
//-- protect against server-side tags
$this->html = (string) str_replace(array('<' . '?', '?' . '>', '<' . '%', '%' . '>'), array('<tag-question:start', 'tag-question:end>', '<tag-percent:start', 'tag-percent:end>'), (string) $this->html);
//--
//-- standardize spaces and new lines
$arr_spaces_cleanup = array('/([\\t ])+/si' => ' ', '/^([\\t ])+/mi' => '', '/([\\t ])+$/mi' => '', '/[\\r\\n]+([\\t ]?[\\r\\n]+)+/si' => "\n");
//--
$this->html = (string) preg_replace((array) array_keys((array) $arr_spaces_cleanup), (array) array_values((array) $arr_spaces_cleanup), (string) $this->html);
$this->html = (string) SmartUnicode::fix_charset($this->html);
//--
}
/**
* Fix charset for param queries
* Used for: pg_query_params()
*
* @param ARRAY $arr_params :: A mixed variable
* @return STRING :: JSON string
*
*/
private static function escape_arr_params($arr_params)
{
//--
if (is_array($arr_params)) {
foreach ($arr_params as $k => $v) {
$arr_params[$k] = (string) SmartUnicode::fix_charset((string) $v);
// fix
}
//end foreach
}
//end if
//--
//--
return $arr_params;
// this should not be enforced to a type ... must remain as it is
//--
}
