public function cdup()
{
$retval = FALSE;
//easy way to go "up" a directory (just like doing "cd .." in linux)
if (strlen($this->cwd) > 1) {
$myCwd = preg_replace('/\\/$/', '', $this->cwd);
if (!preg_match('/^\\//', $myCwd)) {
$myCwd = '/' . $myCwd;
}
$myParts = explode('/', $myCwd);
array_pop($myParts);
$myCwd = ToolBox::string_from_array($myParts, NULL, '/');
$realCwd = ToolBox::create_list($this->root, $myCwd, '/');
if (file_exists($realCwd)) {
$retval = TRUE;
$this->realcwd = $realCwd;
$this->cwd = '/' . $myCwd;
}
}
return $retval;
}
/**
* TODO: this one needs a LOT more testing, or the underlying function needs to be
* refactored.
*/
public function test_stringFromArray()
{
$this->assertEquals('one, two, three', ToolBox::string_from_array(array('one', 'two', 'three')));
}
private function build_special_vars()
{
$appUrl = $_SERVER['SCRIPT_NAME'];
$bits = explode('/', $appUrl);
if (!strlen($bits[0])) {
array_shift($bits);
}
if (count($bits)) {
array_pop($bits);
}
if (!count($bits)) {
$appUrl = '/';
} else {
$appUrl = '/' . ToolBox::string_from_array($bits, null, '/');
}
$specialVars = array('_DIRNAMEOFFILE_' => $this->configDirname, '_CONFIGFILE_' => $this->configFile, '_THISFILE_' => $this->configFile, '_APPURL_' => $appUrl);
return $specialVars;
}
/**
* The super-magical method that includes files & finalizes things using
* the given templating engine.
* NOTE: the local variable "$page" is made so that the included scripts
* can make calls to the templating engine, just like they used to. It's
* AWESOME.
*/
function finish()
{
//Avoid problems when REGISTER_GLOBALS is on...
$badUrlVars = array('page', 'this');
foreach ($badUrlVars as $badVarName) {
unset($_GET[$badVarName], $_POST[$badVarName]);
}
unset($badUrlVars, $badVarName);
if (is_array($this->injectVars) && count($this->injectVars)) {
$definedVars = get_defined_vars();
foreach ($this->injectVars as $myVarName => $myVarVal) {
if (!isset($definedVars[$myVarName])) {
${$myVarName} = $myVarVal;
} else {
throw new exception(__METHOD__ . ": attempt to inject already defined var '" . $myVarName . "'");
}
}
}
unset($definedVars, $myVarName, $myVarVal);
if (isset($this->session) && is_object($this->session)) {
$this->templateObj->session = $this->session;
}
//if we loaded an index, but there is no "content", then move 'em around so we have content.
if (isset($this->templateObj->templateFiles['index']) && !isset($this->templateObj->templateFiles['content'])) {
$this->add_template('content', $this->templateObj->templateFiles['index']);
}
//make the "final section" available to scripts.
$finalSection = $this->finalSection;
$sectionArr = $this->sectionArr;
if (count($sectionArr) && $sectionArr[count($sectionArr) - 1] == "") {
array_pop($sectionArr);
}
$fullSectionArr = $this->fullSectionArr;
array_unshift($sectionArr, $this->baseDir);
$finalURL = ToolBox::string_from_array($sectionArr, NULL, '/');
$this->templateObj->add_template_var('PHP_SELF', '/' . ToolBox::string_from_array($sectionArr, NULL, '/'));
$page = $this->templateObj;
//now include the includes scripts, if there are any.
if (is_array($this->includesList) && count($this->includesList)) {
try {
foreach ($this->includesList as $myInternalIndex => $myInternalScriptName) {
$this->myLastInclude = $myInternalScriptName;
unset($myInternalScriptName, $myInternalIndex);
include_once $this->myLastInclude;
}
//now load the "after" includes.
if (is_array($this->afterIncludesList)) {
foreach ($this->afterIncludesList as $myInternalIndex => $myInternalScriptName) {
$this->myLastInclude = $myInternalScriptName;
unset($myInternalScriptName, $myInternalIndex);
include_once $this->myLastInclude;
}
}
} catch (exception $e) {
$myRoot = preg_replace('/\\//', '\\\\/', $this->incFs->root);
$displayableInclude = preg_replace('/^' . $myRoot . '/', '', $this->myLastInclude);
$page->set_message_wrapper(array('title' => "Fatal Error", 'message' => __METHOD__ . ": A fatal error occurred while processing <b>" . $displayableInclude . "</b>:<BR>\n<b>ERROR</b>: " . $e->getMessage(), 'type' => "fatal"));
//try to pass the error on to the user's exception handler, if there is one.
if (function_exists('exception_handler')) {
exception_handler($e);
}
}
unset($myInternalIndex);
unset($myInternalScriptName);
}
if (is_bool($page->allow_invalid_urls() === TRUE) && $this->isValid === FALSE) {
$this->isValid = $page->allow_invalid_urls();
}
if ($this->isValid === TRUE) {
if ($page->printOnFinish === true) {
$page->print_page();
}
} else {
$this->die_gracefully($this->reason);
}
}
/**
* Basically, just a wrapper for create_list(), which returns a list or
* an array of lists, depending upon what was requested.
*
* @param $array <array> list for the array...
* @param $style <str,optional> what "style" it should be returned
* as (select, update, etc).
* @param $separator <str,optional> what separattes key from value: see each
* style for more information.
* @param $cleanString <mixed,optional> clean the values in $array by sending it
* to cleanString(), with this as the second argument.
* @param $removeEmptyVals <bool,optional> If $cleanString is an ARRAY and this
* evaluates as TRUE, indexes of $array whose values have
* a length of 0 will be removed.
*/
public static function string_from_array($array, $style = NULL, $separator = NULL, $cleanString = NULL, $removeEmptyVals = FALSE)
{
$retval = NULL;
//precheck... if it's not an array, kill it.
if (!is_array($array)) {
return NULL;
}
//make sure $style is valid.
$style = strtolower($style);
if (is_array($array)) {
//if $cleanString is an array, assume it's arrayIndex => cleanStringArg
if (is_array($cleanString) && (!is_null($style) && strlen($style))) {
$cleanStringArr = array_intersect_key($cleanString, $array);
if (count($cleanStringArr) > 0 && is_array($cleanStringArr)) {
foreach ($cleanStringArr as $myIndex => $myCleanStringArg) {
if ($removeEmptyVals && strlen($array[$myIndex]) == 0) {
//remove the index.
unset($array[$myIndex]);
} else {
//now format it properly.
$myUseSqlQuotes = null;
if (in_array($myCleanStringArg, array('int', 'integer', 'numeric', 'number', 'decimal', 'float'))) {
$myUseSqlQuotes = false;
}
$array[$myIndex] = ToolBox::cleanString($array[$myIndex], $myCleanStringArg, $myUseSqlQuotes);
unset($myUseSqlQuotes);
}
}
}
}
switch ($style) {
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
case "insert":
if (!$separator) {
$separator = " VALUES ";
}
//build temporary data...
$tmp = array();
foreach ($array as $key => $value) {
@($tmp[0] = ToolBox::create_list($tmp[0], $key));
//clean the string, if required.
if (is_null($value)) {
$value = "NULL";
} elseif ($cleanString) {
//make sure it's not full of poo...
$value = ToolBox::cleanString($value, "sql");
#$value = "'". $value ."'";
}
@($tmp[1] = ToolBox::create_list($tmp[1], $value, ",", 1));
}
//make the final product.
$retval = "(" . $tmp[0] . ")" . $separator . "(" . $tmp[1] . ")";
break;
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
case "update":
if (!$separator) {
$separator = "=";
}
//build final product.
foreach ($array as $field => $value) {
$sqlQuotes = 1;
if ($value === "NULL" || $value === NULL) {
$sqlQuotes = 0;
}
if ($cleanString && !(preg_match('/^\'/', $value) && preg_match('/\'$/', $value))) {
//make sure it doesn't have crap in it...
$value = ToolBox::cleanString($value, "sql", $sqlQuotes);
}
if ($value == "'") {
//Fix possible SQL-injection.
$value = "'\\''";
} elseif (!strlen($value)) {
$value = "''";
}
$retval = ToolBox::create_list($retval, $field . $separator . $value);
}
break;
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
case "order":
case "limit":
//for creating the "limit 50 offset 35" part of a query... or at least using that "style".
$separator = " ";
//build final product.
foreach ($array as $field => $value) {
if ($cleanString) {
//make sure it doesn't have crap in it...
$value = ToolBox::cleanString($value, "sql");
$value = "'" . $value . "'";
}
$retval = ToolBox::create_list($retval, $value, ", ");
}
if ($style == "order" && !preg_match('/order by/', strtolower($retval))) {
$retval = "ORDER BY " . $retval;
}
break;
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
case "select":
//build final product.
$separator = "=";
foreach ($array as $field => $value) {
//allow for tricksie things...
/*
* Example:
* string_from_array(array("y"=>3, "x" => array(1,2,3)));
*
* would yield: "y=3 AND (x=1 OR x=2 OR x=3)"
*/
$delimiter = "AND";
if (is_array($value)) {
//doing tricksie things!!!
$retval = ToolBox::create_list($retval, $field . " IN (" . ToolBox::string_from_array($value) . ")", " {$delimiter} ");
} else {
//if there's already an operator ($separator), don't specify one.
if (preg_match('/^[\\(<=>]/', $value)) {
$separator = NULL;
}
if ($cleanString) {
//make sure it doesn't have crap in it...
$value = ToolBox::cleanString($value, "sql");
}
if (isset($separator)) {
$value = "'" . $value . "'";
}
$retval = ToolBox::create_list($retval, $field . $separator . $value, " {$delimiter} ");
}
}
break;
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
case "url":
//an array like "array('module'='todo','action'='view','ID'=164)" to "module=todo&action=view&ID=164"
if (!$separator) {
$separator = "&";
}
foreach ($array as $field => $value) {
if ($cleanString && !is_array($cleanString)) {
$value = ToolBox::cleanString($value, $cleanString);
}
$retval = ToolBox::create_list($retval, "{$field}={$value}", $separator);
}
break;
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
case "text_list":
if (is_null($separator)) {
$separator = '=';
}
foreach ($array as $field => $value) {
$retval = ToolBox::create_list($retval, $field . $separator . $value, "\n");
}
break;
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
case "html_list":
if (is_null($separator)) {
$separator = '=';
}
foreach ($array as $field => $value) {
$retval = ToolBox::create_list($retval, $field . $separator . $value, "<BR>\n");
}
break;
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
default:
if (!$separator) {
$separator = ", ";
}
foreach ($array as $field => $value) {
if ($cleanString) {
$value = ToolBox::cleanString($value, $cleanString);
}
$retval = ToolBox::create_list($retval, $value, $separator);
}
//++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
}
} else {
//not an array.
$retval = NULL;
}
return $retval;
}
/**
* Should just check to see if they've authenticated. In reality, this
* just performs blind redirection if $restrictedAccess is set (and if
* redirecting is allowed).
*
* TODO: should be a simple check, returning true/false
* TODO: ability to specify location of login (unambiguously)
* TODO: specify location to redirect to, instead of accessing $_GET
*/
public function check_login($restrictedAccess)
{
if ($restrictedAccess) {
$myUri = $_SERVER['SCRIPT_NAME'];
$doNotRedirectArr = array('/login.php', '/admin/login.php', '/index.php', '/admin.php', '/content', '/content/index.php');
$myUrlString = "";
$myGetArr = $_GET;
if (is_array($myGetArr) && count($myGetArr) > 0) {
unset($myGetArr['PHPSESSID']);
unset($myGetArr[CS - CONTENT_SESSION_NAME]);
$myUrlString = ToolBox::string_from_array($myGetArr, NULL, 'url');
}
//TODO: make the redirectHere variable dynamic--an argument, methinks.
$redirectHere = '/login.php?destination=' . $myUrlString;
//Not exitting after conditional_header() is... bad, m'kay?
ToolBox::conditional_header($redirectHere, TRUE);
exit;
}
}
