/**
* Parses search keywords.
*
* @param string $keywordString
*/
protected function parseKeywords($keywordString)
{
// convert encoding if necessary
if (!StringUtil::isUTF8($keywordString)) {
$keywordString = StringUtil::convertEncoding('ISO-8859-1', 'UTF-8', $keywordString);
}
// remove bad wildcards
$keywordString = preg_replace('/(?<!\\w)\\*/', '', $keywordString);
// remove search operators
$keywordString = preg_replace('/[\\+\\-><()~]+/', '', $keywordString);
if (mb_substr($keywordString, 0, 1) == '"' && mb_substr($keywordString, -1) == '"') {
// phrases search
$keywordString = StringUtil::trim(mb_substr($keywordString, 1, -1));
if (!empty($keywordString)) {
$this->keywords = array_merge($this->keywords, array(StringUtil::encodeHTML($keywordString)));
}
} else {
// replace word delimiters by space
$keywordString = str_replace(array('.', ','), ' ', $keywordString);
$keywords = ArrayUtil::encodeHTML(ArrayUtil::trim(explode(' ', $keywordString)));
if (!empty($keywords)) {
$this->keywords = array_merge($this->keywords, $keywords);
}
}
}
/**
* @see \wcf\page\IPage::show()
*/
public function show()
{
// check if active user is logged in
if ($this->loginRequired && !WCF::getUser()->userID) {
throw new PermissionDeniedException();
}
// check if current request URL matches the canonical URL
if ($this->canonicalURL && empty($_POST)) {
$canoncialURL = parse_url(preg_replace('~[?&]s=[a-f0-9]{40}~', '', $this->canonicalURL));
// use $_SERVER['REQUEST_URI'] because it represents the URL used to access the site and not the internally rewritten one
// IIS Rewrite-Module has a bug causing the REQUEST_URI to be ISO-encoded
$requestURI = !empty($_SERVER['UNENCODED_URL']) ? $_SERVER['UNENCODED_URL'] : $_SERVER['REQUEST_URI'];
$requestURI = preg_replace('~[?&]s=[a-f0-9]{40}~', '', $requestURI);
if (!StringUtil::isUTF8($requestURI)) {
$requestURI = StringUtil::convertEncoding('ISO-8859-1', 'UTF-8', $requestURI);
}
// some webservers output lower-case encoding (e.g. %c3 instead of %C3)
$requestURI = preg_replace_callback('~%(?P<encoded>[a-zA-Z0-9]{2})~', function ($matches) {
return '%' . strtoupper($matches['encoded']);
}, $requestURI);
$requestURL = parse_url($requestURI);
$redirect = false;
if ($canoncialURL['path'] != $requestURL['path']) {
$redirect = true;
} else {
if (isset($canoncialURL['query'])) {
if (!isset($requestURL['query'])) {
$redirect = true;
} else {
parse_str($canoncialURL['query'], $cQueryString);
parse_str($requestURL['query'], $rQueryString);
foreach ($cQueryString as $key => $value) {
if (!isset($rQueryString[$key]) || $rQueryString[$key] != $value) {
$redirect = true;
break;
}
}
}
}
}
if ($redirect) {
$redirectURL = $this->canonicalURL;
if (!empty($requestURL['query'])) {
$queryString = $requestURL['query'];
parse_str($requestURL['query'], $rQueryString);
if (!empty($canoncialURL['query'])) {
parse_str($canoncialURL['query'], $cQueryString);
// clean query string
foreach ($cQueryString as $key => $value) {
if (isset($rQueryString[$key])) {
unset($rQueryString[$key]);
}
}
}
// drop route data from query
if (!URL_LEGACY_MODE) {
foreach ($rQueryString as $key => $value) {
if ($value === '') {
unset($rQueryString[$key]);
}
}
}
if (!empty($rQueryString)) {
$redirectURL .= (mb_strpos($redirectURL, '?') === false ? '?' : '&') . http_build_query($rQueryString, '', '&');
}
}
// force a permanent redirect as recommended by Google
// https://support.google.com/webmasters/answer/6033086?hl=en#a_note_about_redirects
@header('HTTP/1.0 301 Moved Permanently');
HeaderUtil::redirect($redirectURL, false);
exit;
}
}
// sets the active menu item
$this->setActiveMenuItem();
// check modules
$this->checkModules();
// check permission
$this->checkPermissions();
// read data
$this->readData();
// assign variables
$this->assignVariables();
// call show event
EventHandler::getInstance()->fireAction($this, 'show');
// try to guess template name
$classParts = explode('\\', get_class($this));
if (empty($this->templateName)) {
$className = preg_replace('~(Form|Page)$~', '', array_pop($classParts));
// check if this an *Edit page and use the add-template instead
if (substr($className, -4) == 'Edit') {
$className = substr($className, 0, -4) . 'Add';
}
$this->templateName = lcfirst($className);
// assign guessed template name
WCF::getTPL()->assign('templateName', $this->templateName);
}
if (empty($this->templateNameApplication)) {
$this->templateNameApplication = array_shift($classParts);
// assign guessed template application
WCF::getTPL()->assign('templateNameApplication', $this->templateNameApplication);
}
if ($this->useTemplate) {
// show template
WCF::getTPL()->display($this->templateName, $this->templateNameApplication);
}
}
/**
* Converts a array of strings to requested character encoding.
* @see mb_convert_encoding()
*
* @param string $inCharset
* @param string $outCharset
* @param array $array
* @return string
*/
public static function convertEncoding($inCharset, $outCharset, $array)
{
if (!is_array($array)) {
return StringUtil::convertEncoding($inCharset, $outCharset, $array);
} else {
foreach ($array as $key => $val) {
$array[$key] = self::convertEncoding($inCharset, $outCharset, $val);
}
return $array;
}
}
/**
* Returns the URI of the current page.
*
* @return string
*/
public static function getRequestURI()
{
if (URL_LEGACY_MODE) {
// resolve path and query components
$scriptName = $_SERVER['SCRIPT_NAME'];
$pathInfo = RouteHandler::getPathInfo();
if (empty($pathInfo)) {
// bug fix if URL omits script name and path
$scriptName = substr($scriptName, 0, strrpos($scriptName, '/'));
}
$path = str_replace('/index.php', '', str_replace($scriptName, '', $_SERVER['REQUEST_URI']));
if (!StringUtil::isUTF8($path)) {
$path = StringUtil::convertEncoding('ISO-8859-1', 'UTF-8', $path);
}
$path = FileUtil::removeLeadingSlash($path);
$baseHref = self::getTPL()->get('baseHref');
if (!empty($path) && mb_strpos($path, '?') !== 0) {
$baseHref .= 'index.php/';
}
return $baseHref . $path;
} else {
$url = preg_replace('~^(https?://[^/]+)(?:/.*)?$~', '$1', self::getTPL()->get('baseHref'));
$url .= $_SERVER['REQUEST_URI'];
return $url;
}
}
/**
* Returns the request uri of the active request.
*
* @return string
*/
public static function getRequestURI() {
$REQUEST_URI = '';
$appendQueryString = true;
if (!empty($_SERVER['ORIG_PATH_INFO']) && strpos($_SERVER['ORIG_PATH_INFO'], '.php') !== false) {
$REQUEST_URI = $_SERVER['ORIG_PATH_INFO'];
}
else if (!empty($_SERVER['ORIG_SCRIPT_NAME'])) {
$REQUEST_URI = $_SERVER['ORIG_SCRIPT_NAME'];
}
else if (!empty($_SERVER['SCRIPT_NAME']) && (isset($_SERVER['PATH_INFO']) && !empty($_SERVER['PATH_INFO']))) {
$REQUEST_URI = $_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO'];
}
else if (isset($_SERVER['REQUEST_URI']) && !empty($_SERVER['REQUEST_URI'])) {
$REQUEST_URI = $_SERVER['REQUEST_URI'];
$appendQueryString = false;
}
else if (!empty($_SERVER['PHP_SELF'])) {
$REQUEST_URI = $_SERVER['PHP_SELF'];
}
else if (!empty($_SERVER['PATH_INFO'])) {
$REQUEST_URI = $_SERVER['PATH_INFO'];
}
if ($appendQueryString && !empty($_SERVER['QUERY_STRING'])) {
$REQUEST_URI .= '?'.$_SERVER['QUERY_STRING'];
}
// fix encoding
if (!StringUtil::isASCII($REQUEST_URI) && !StringUtil::isUTF8($REQUEST_URI)) {
$REQUEST_URI = StringUtil::convertEncoding('ISO-8859-1', 'UTF-8', $REQUEST_URI);
}
return StringUtil::substring(FileUtil::unifyDirSeperator($REQUEST_URI), 0, 255);
}
/**
* Creates a new PackageUpdateAuthForm object.
*
* @param PackageUpdateAuthorizationRequiredException $exception
*/
public function __construct(PackageUpdateAuthorizationRequiredException $exception = null)
{
$this->exception = $exception;
if ($this->exception !== null) {
$this->packageUpdateServerID = $this->exception->getPackageUpdateServerID();
$this->url = $this->exception->getURL();
$this->header = $this->exception->getResponseHeader();
// get message
$this->message = $this->exception->getResponseContent();
// find out response charset
if (preg_match('/charset=([a-z0-9\\-]+)/i', $this->header, $match)) {
$charset = strtoupper($match[1]);
if ($charset != 'UTF-8') {
$this->message = @StringUtil::convertEncoding($charset, 'UTF-8', $this->message);
}
}
// format message
$this->message = nl2br(preg_replace("/\n{3,}/", "\n\n", StringUtil::unifyNewlines(StringUtil::trim(strip_tags($this->message)))));
}
parent::__construct();
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
// check response
$processor = null;
try {
// post back to paypal to validate
$content = '';
try {
$url = 'https://www.paypal.com/cgi-bin/webscr';
if (!empty($_POST['test_ipn'])) {
// IPN simulator notification
$url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
}
$request = new HTTPRequest($url, array(), array_merge(array('cmd' => '_notify-validate'), $_POST));
$request->execute();
$reply = $request->getReply();
$content = $reply['body'];
} catch (SystemException $e) {
throw new SystemException('connection to paypal.com failed: ' . $e->getMessage());
}
if (strstr($content, "VERIFIED") === false) {
throw new SystemException('request not validated');
}
// fix encoding
if (!empty($_POST['charset']) && strtoupper($_POST['charset']) != 'UTF-8') {
foreach ($_POST as &$value) {
$value = StringUtil::convertEncoding(strtoupper($_POST['charset']), 'UTF-8', $value);
}
}
// Check that receiver_email is your Primary PayPal email
if (strtolower($_POST['business']) != strtolower(PAYPAL_EMAIL_ADDRESS) && strtolower($_POST['receiver_email']) != strtolower(PAYPAL_EMAIL_ADDRESS)) {
throw new SystemException('invalid business or receiver_email');
}
// get token
if (!isset($_POST['custom'])) {
throw new SystemException('invalid custom item');
}
$tokenParts = explode(':', $_POST['custom'], 2);
if (count($tokenParts) != 2) {
throw new SystemException('invalid custom item');
}
// get payment type object type
$objectType = ObjectTypeCache::getInstance()->getObjectType(intval($tokenParts[0]));
if ($objectType === null || !$objectType->getProcessor() instanceof IPaymentType) {
throw new SystemException('invalid payment type id');
}
$processor = $objectType->getProcessor();
// get status
$transactionType = !empty($_POST['txn_type']) ? $_POST['txn_type'] : '';
$paymentStatus = !empty($_POST['payment_status']) ? $_POST['payment_status'] : '';
$status = '';
if ($transactionType == 'web_accept' || $transactionType == 'subscr_payment') {
if ($paymentStatus == 'Completed') {
$status = 'completed';
}
}
if ($paymentStatus == 'Refunded' || $paymentStatus == 'Reversed') {
$status = 'reversed';
}
if ($paymentStatus == 'Canceled_Reversal') {
$status = 'canceled_reversal';
}
if ($status) {
$processor->processTransaction(ObjectTypeCache::getInstance()->getObjectTypeIDByName('com.woltlab.wcf.payment.method', 'com.woltlab.wcf.payment.method.paypal'), $tokenParts[1], $_POST['mc_gross'], $_POST['mc_currency'], $_POST['txn_id'], $status, $_POST);
}
} catch (SystemException $e) {
@header('HTTP/1.1 500 Internal Server Error');
echo $e->getMessage();
exit;
}
}
/**
* Exports this style.
*
* @param boolean $templates
* @param boolean $images
* @param boolean $icons
*/
public function export($templates = false, $images = false, $icons = false)
{
// create style tar
$styleTarName = FileUtil::getTemporaryFilename('style_', '.tgz');
$styleTar = new TarWriter($styleTarName, true);
// append style preview image
if ($this->image && @file_exists(WCF_DIR . $this->image)) {
$styleTar->add(WCF_DIR . $this->image, '', FileUtil::addTrailingSlash(dirname(WCF_DIR . $this->image)));
}
// create style info file
$string = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n<!DOCTYPE style SYSTEM \"http://www.woltlab.com/DTDs/SXF/style.dtd\">\n<style>\n";
// general block
$string .= "\t<general>\n";
$string .= "\t\t<stylename><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->styleName) : $this->styleName) . "]]></stylename>\n";
// style name
if ($this->styleDescription) {
$string .= "\t\t<description><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->styleDescription) : $this->styleDescription) . "]]></description>\n";
}
// style description
if ($this->styleVersion) {
$string .= "\t\t<version><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->styleVersion) : $this->styleVersion) . "]]></version>\n";
}
// style version
if ($this->styleDate) {
$string .= "\t\t<date><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->styleDate) : $this->styleDate) . "]]></date>\n";
}
// style date
if ($this->image) {
$string .= "\t\t<image><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', basename($this->image)) : basename($this->image)) . "]]></image>\n";
}
// style preview image
if ($this->copyright) {
$string .= "\t\t<copyright><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->copyright) : $this->copyright) . "]]></copyright>\n";
}
// copyright
if ($this->license) {
$string .= "\t\t<license><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->license) : $this->license) . "]]></license>\n";
}
// license
$string .= "\t</general>\n";
// author block
$string .= "\t<author>\n";
if ($this->authorName) {
$string .= "\t\t<authorname><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->authorName) : $this->authorName) . "]]></authorname>\n";
}
// author name
if ($this->authorURL) {
$string .= "\t\t<authorurl><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $this->authorURL) : $this->authorURL) . "]]></authorurl>\n";
}
// author URL
$string .= "\t</author>\n";
// files block
$string .= "\t<files>\n";
$string .= "\t\t<variables>variables.xml</variables>\n";
// variables
if ($templates && $this->templateGroupID) {
$string .= "\t\t<templates>templates.tar</templates>\n";
}
// templates
if ($images) {
$string .= "\t\t<images>images.tar</images>\n";
}
// images
if ($icons) {
$string .= "\t\t<icons>icons.tar</icons>\n";
}
// icons
$string .= "\t</files>\n";
$string .= "</style>";
// append style info file to style tar
$styleTar->addString(self::INFO_FILE, $string);
unset($string);
// create variable list
$string = "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n<!DOCTYPE variables SYSTEM \"http://www.woltlab.com/DTDs/SXF/variables.dtd\">\n<variables>\n";
// get variables
$variables = $this->getVariables();
$exportImages = array();
foreach ($variables as $name => $value) {
// search images
if ($images && $value) {
if (preg_match_all('~([^/\\s\\$]+\\.(?:gif|jpg|jpeg|png))~i', $value, $matches)) {
$exportImages = array_merge($exportImages, $matches[1]);
}
}
$string .= "\t<variable name=\"" . StringUtil::encodeHTML($name) . "\"><![CDATA[" . StringUtil::escapeCDATA(CHARSET != 'UTF-8' ? StringUtil::convertEncoding(CHARSET, 'UTF-8', $value) : $value) . "]]></variable>\n";
}
$string .= "</variables>";
// append variable list to style tar
$styleTar->addString('variables.xml', $string);
unset($string);
if ($templates && $this->templateGroupID) {
$templateGroup = new TemplateGroup($this->templateGroupID);
// create templates tar
$templatesTarName = FileUtil::getTemporaryFilename('templates', '.tar');
$templatesTar = new TarWriter($templatesTarName);
@chmod($templatesTarName, 0777);
// append templates to tar
// get templates
$sql = "SELECT\t\ttemplate.*, package.package, package.packageDir,\n\t\t\t\t\t\tparent_package.package AS parentPackage, parent_package.packageDir AS parentPackageDir\n\t\t\t\tFROM\t\twcf" . WCF_N . "_template template\n\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_package package\n\t\t\t\tON\t\t(package.packageID = template.packageID)\n\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_package parent_package\n\t\t\t\tON\t\t(parent_package.packageID = package.parentPackageID)\n\t\t\t\tWHERE\t\ttemplate.templateGroupID = ?";
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array($this->templateGroupID));
while ($row = $statement->fetchArray()) {
$packageDir = 'com.woltlab.wcf';
if (!empty($row['parentPackageDir'])) {
$packageDir = $row['parentPackage'];
} else {
if (!empty($row['packageDir'])) {
$packageDir = $row['package'];
}
}
$filename = FileUtil::addTrailingSlash(FileUtil::getRealPath(WCF_DIR . $row['packageDir'] . 'templates/' . $templateGroup->templateGroupFolderName)) . $row['templateName'] . '.tpl';
$templatesTar->add($filename, $packageDir, dirname($filename));
}
// append templates tar to style tar
$templatesTar->create();
$styleTar->add($templatesTarName, 'templates.tar', $templatesTarName);
@unlink($templatesTarName);
}
if ($images) {
// create images tar
$imagesTarName = FileUtil::getTemporaryFilename('images_', '.tar');
$imagesTar = new TarWriter($imagesTarName);
@chmod($imagesTarName, 0777);
// cache rtl versions
foreach ($exportImages as $exportImage) {
if (strpos($exportImage, '-ltr')) {
$exportImages[] = str_replace('-ltr', '-rtl', $exportImage);
}
}
// append images to tar
$path = WCF_DIR . $variables['global.images.location'];
if (file_exists($path) && is_dir($path)) {
$handle = opendir($path);
while (($file = readdir($handle)) !== false) {
if (is_file($path . $file) && in_array($file, $exportImages)) {
$imagesTar->add($path . $file, '', $path);
}
}
}
// append images tar to style tar
$imagesTar->create();
$styleTar->add($imagesTarName, 'images.tar', $imagesTarName);
@unlink($imagesTarName);
}
// export icons
$iconsLocation = FileUtil::addTrailingSlash($variables['global.icons.location']);
if ($icons && $iconsLocation != 'icon/') {
// create icons tar
$iconsTarName = FileUtil::getTemporaryFilename('icons_', '.tar');
$iconsTar = new TarWriter($iconsTarName);
@chmod($iconsTar, 0777);
// get package dirs
$sql = "SELECT\tpackage, packageDir\n\t\t\t\tFROM\twcf" . WCF_N . "_package\n\t\t\t\tWHERE\tisApplication = 1\n\t\t\t\t\tAND (packageDir <> '' OR package = 'com.woltlab.wcf')";
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute();
while ($row = $statement->fetchArray()) {
$iconsDir = FileUtil::getRealPath(WCF_DIR . $row['packageDir']) . $iconsLocation;
$packageIcons = array();
if (file_exists($iconsDir)) {
$icons = glob($iconsDir . '*.png');
if (is_array($icons)) {
foreach ($icons as $icon) {
$packageIcons[] = $icon;
}
}
}
if (count($packageIcons)) {
$iconsTar->add($packageIcons, $row['package'] . '/', $iconsDir);
}
}
$iconsTar->create();
$styleTar->add($iconsTarName, 'icons.tar', $iconsTarName);
@unlink($iconsTarName);
}
// output file content
$styleTar->create();
readfile($styleTarName);
@unlink($styleTarName);
}
/**
* Returns the URI of the current page.
*
* @return string
*/
public static function getRequestURI() {
// resolve path and query components
$scriptName = $_SERVER['SCRIPT_NAME'];
if (empty($_SERVER['PATH_INFO'])) {
// bug fix if URL omits script name and path
$scriptName = substr($scriptName, 0, strrpos($scriptName, '/'));
}
$path = str_replace('/index.php', '', str_replace($scriptName, '', $_SERVER['REQUEST_URI']));
if (!StringUtil::isASCII($path) && !StringUtil::isUTF8($path)) {
$path = StringUtil::convertEncoding('ISO-8859-1', 'UTF-8', $path);
}
$path = FileUtil::removeLeadingSlash($path);
$baseHref = self::getTPL()->get('baseHref');
if (!empty($path) && StringUtil::indexOf($path, '?') !== 0) {
$baseHref .= 'index.php/';
}
return $baseHref . $path;
}
