/** * Generates a course code from a course title * @todo Such a function might be useful in other places too. It might be moved in the CourseManager class. * @todo the function might be upgraded for avoiding code duplications (currently, it might suggest a code that is already in use) * @param string A course title * @param string The course title encoding (defaults to type defined globally) * @return string A proposed course code * @assert (null,null) === false * @assert ('ABC_DEF', null) === 'ABCDEF' * @assert ('ABC09*^[%A', null) === 'ABC09A' */ function generate_course_code($course_title, $encoding = null) { if (empty($encoding)) { $encoding = api_get_system_encoding(); } return substr(preg_replace('/[^A-Z0-9]/', '', strtoupper(api_transliterate($course_title, 'X', $encoding))), 0, CourseManager::MAX_COURSE_LENGTH_CODE); }
/** * This function save a post into a file mp3 from pediaphon services * * @param $filepath * @param $dir * @author Juan Carlos Raña Trabado <*****@*****.**> * @version january 2011, chamilo 1.8.8 */ function downloadMP3_pediaphon($filepath, $dir) { $location = 'create_audio.php?' . api_get_cidreq() . '&id=' . Security::remove_XSS($_POST['document_id']) . '&dt2a=pediaphon'; //security if (!isset($_POST['lang']) && !isset($_POST['text']) && !isset($_POST['title']) && !isset($filepath) && !isset($dir)) { echo '<script>window.location.href="' . $location . '"</script>'; return; } global $_course, $_user; $clean_title = trim($_POST['title']); $clean_title = Database::escape_string($clean_title); $clean_text = trim($_POST['text']); $clean_voices = Security::remove_XSS($_POST['voices']); if (empty($clean_title) || empty($clean_text) || empty($clean_voices)) { echo '<script>window.location.href="' . $location . '"</script>'; return; } $clean_title = Security::remove_XSS($clean_title); $clean_title = Database::escape_string($clean_title); $clean_title = str_replace(' ', '_', $clean_title); //compound file names $clean_text = Security::remove_XSS($clean_text); $clean_lang = Security::remove_XSS($_POST['lang']); $clean_speed = Security::remove_XSS($_POST['speed']); $extension = 'mp3'; $audio_filename = $clean_title . '.' . $extension; $audio_title = str_replace('_', ' ', $clean_title); //prevent duplicates if (file_exists($filepath . '/' . $clean_title . '.' . $extension)) { $i = 1; while (file_exists($filepath . '/' . $clean_title . '_' . $i . '.' . $extension)) { $i++; } $audio_filename = $clean_title . '_' . $i . '.' . $extension; $audio_title = $clean_title . '_' . $i . '.' . $extension; $audio_title = str_replace('_', ' ', $audio_title); } $documentPath = $filepath . '/' . $audio_filename; //prev for a fine unicode, borrowed from main api TODO:clean // Safe replacements for some non-letter characters (whitout blank spaces) $search = array("", "\t", "\n", "\r", "\v", '/', "\\", '"', "'", '?', '*', '>', '<', '|', ':', '$', '(', ')', '^', '[', ']', '#', '+', '&', '%'); $replace = array('', '_', '_', '_', '_', '-', '-', '-', '_', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-'); $filename = $clean_text; // Encoding detection. $encoding = api_detect_encoding($filename); // Converting html-entities into encoded characters. $filename = api_html_entity_decode($filename, ENT_QUOTES, $encoding); // Transliteration to ASCII letters, they are not dangerous for filesystems. $filename = api_transliterate($filename, 'x', $encoding); // Replacing remaining dangerous non-letter characters. $clean_text = str_replace($search, $replace, $filename); //adding the file if ($clean_lang == 'de') { $url_pediaphon = 'http://www.pediaphon.org/~bischoff/radiopedia/sprich_multivoice.cgi'; $find_t2v = '/http\\:\\/\\/www\\.pediaphon\\.org\\/\\~bischoff\\/radiopedia\\/mp3\\/(.*)\\.mp3\\"/'; } else { $url_pediaphon = 'http://www.pediaphon.org/~bischoff/radiopedia/sprich_multivoice_' . $clean_lang . '.cgi'; //en, es, fr $find_t2v = '/http\\:\\/\\/www\\.pediaphon\\.org\\/\\~bischoff\\/radiopedia\\/mp3\\/' . $clean_lang . '\\/(.*)\\.mp3\\"/'; } $data = "stimme=" . $clean_voices . "&inputtext=" . $clean_text . "&speed=" . $clean_speed . "&go=speak"; $opts = array('http' => array('method' => 'POST', 'header' => "Content-Type: application/x-www-form-urlencoded\r\n", "Content-Length: " . strlen($data) . "\r\n", 'content' => $data)); $context = stream_context_create($opts); // Download the whole HTML page $previous_returntext2voice = file_get_contents($url_pediaphon, false, $context); //extract the audio file path $search_source = preg_match($find_t2v, $previous_returntext2voice, $hits); $souce_end = substr($hits[0], 0, -1); //download file $returntext2voice = file_get_contents($souce_end); //save file $f = @file_put_contents($documentPath, $returntext2voice); if ($f === false && !empty($php_errormsg)) { error_log($php_errormsg); } //add document to database $current_session_id = api_get_session_id(); $groupId = $_SESSION['_gid']; $file_size = filesize($documentPath); $relativeUrlPath = $dir; $doc_id = add_document($_course, $relativeUrlPath . $audio_filename, 'file', filesize($documentPath), $audio_title); api_item_property_update($_course, TOOL_DOCUMENT, $doc_id, 'DocumentAdded', $_user['user_id'], $groupId, null, null, null, $current_session_id); Display::display_confirmation_message(get_lang('DocumentCreated')); //return to location echo '<script>window.location.href="' . $location . '"</script>'; }
/** * Replaces "forbidden" characters in a filename string. * * @author Hugues Peeters <*****@*****.**> * @author René Haentjens, UGent (RH) * @author Ivan Tcholakov, JUN-2009. Transliteration functionality has been added. * @param string $filename The filename string. * @param string $strict (optional) When it is 'strict', all non-ASCII charaters will be replaced. Additional ASCII replacemets will be done too. * @return string The cleaned filename. */ function api_replace_dangerous_char($filename, $strict = 'loose') { // Safe replacements for some non-letter characters. static $search = array("", ' ', "\t", "\n", "\r", "\v", '/', "\\", '"', "'", '?', '*', '>', '<', '|', ':', '$', '(', ')', '^', '[', ']', '#', '+', '&', '%'); static $replace = array('', '_', '_', '_', '_', '_', '-', '-', '-', '_', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-', '-'); // Encoding detection. //$encoding = api_detect_encoding($filename); // Converting html-entities into encoded characters. ///$filename = api_html_entity_decode($filename, ENT_QUOTES, $encoding); // Transliteration to ASCII letters, they are not dangerous for filesystems. $filename = api_transliterate($filename, 'x'); // Trimming leading/trailing whitespace. $filename = trim($filename); // Trimming any leading/trailing dots. $filename = trim($filename, '.'); $filename = trim($filename); // Replacing remaining dangerous non-letter characters. $filename = str_replace($search, $replace, $filename); if ($strict == 'strict') { //$filename = str_replace('-', '_', $filename); // See task #1848. //$filename = preg_replace('/[^0-9A-Za-z_.\-]/', '', $filename); //Removing "_" character see BT#3628 $filename = preg_replace('/[^0-9A-Za-z.\\-_]/', '', $filename); } // Length is to be limited, so the file name to be acceptable by some operating systems. $extension = (string) strrchr($filename, '.'); $extension_len = strlen($extension); if ($extension_len > 0 && $extension_len < 250) { $filename = substr($filename, 0, -$extension_len); return substr($filename, 0, 250 - $extension_len) . $extension; } return substr($filename, 0, 250); }
/** * Modifies a given username accordingly to the specification for valid characters and length. * @param $username string The input username. * @param bool $strict (optional) When this flag is TRUE, the result is guaranteed for full compliance, otherwise compliance may be partial. The default value is FALSE. * @param string $encoding (optional) The character encoding for the input names. If it is omitted, the platform character set will be used by default. * @return string The resulting purified username. */ public static function purify_username($username, $strict = false, $encoding = null) { if ($strict) { // 1. Conversion of unacceptable letters (latinian letters with accents for example) into ASCII letters in order they not to be totally removed. // 2. Applying the strict purifier. // 3. Length limitation. $toreturn = api_get_setting('login_is_email') == 'true' ? substr(preg_replace(USERNAME_PURIFIER_MAIL, '', api_transliterate($username, '', $encoding)), 0, USERNAME_MAX_LENGTH) : substr(preg_replace(USERNAME_PURIFIER, '', api_transliterate($username, '', $encoding)), 0, USERNAME_MAX_LENGTH); return $toreturn; } // 1. Applying the shallow purifier. // 2. Length limitation. return substr(preg_replace(USERNAME_PURIFIER_SHALLOW, '', $username), 0, USERNAME_MAX_LENGTH); }