Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / d60e51ba3bc542ead57d9d7b3b5f11e5c26a72e4 / . / system / core / Common.php
blob: 8b74db0a377ff2ae7946c95464c463001dfc63d5 [file] [log] [blame]
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]1<?php
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]2/**
3 * CodeIgniter
4 *
Andrey Andreevfe9309d2015-01-09 17:48:58 +0200[diff] [blame]5 * An open source application development framework for PHP
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]6 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]7 * This content is released under the MIT License (MIT)
Andrey Andreev188abaf2012-01-07 19:09:42 +0200[diff] [blame]8 *
Master Yodada60e9b2016-12-31 08:46:18 -0800[diff] [blame]9 * Copyright (c) 2014 - 2017, British Columbia Institute of Technology
Andrey Andreev188abaf2012-01-07 19:09:42 +0200[diff] [blame]10 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]11 * Permission is hereby granted, free of charge, to any person obtaining a copy
12 * of this software and associated documentation files (the "Software"), to deal
13 * in the Software without restriction, including without limitation the rights
14 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15 * copies of the Software, and to permit persons to whom the Software is
16 * furnished to do so, subject to the following conditions:
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]17 *
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]18 * The above copyright notice and this permission notice shall be included in
19 * all copies or substantial portions of the Software.
20 *
21 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 * THE SOFTWARE.
28 *
29 * @package CodeIgniter
30 * @author EllisLab Dev Team
Andrey Andreev1924e872016-01-11 12:55:34 +0200[diff] [blame]31 * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
Master Yodada60e9b2016-12-31 08:46:18 -0800[diff] [blame]32 * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/)
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]33 * @license http://opensource.org/licenses/MIT MIT License
Andrey Andreevbd202c92016-01-11 12:50:18 +0200[diff] [blame]34 * @link https://codeigniter.com
Andrey Andreevbdb96ca2014-10-28 00:13:31 +0200[diff] [blame]35 * @since Version 1.0.0
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]36 * @filesource
37 */
Andrey Andreevc5536aa2012-11-01 17:33:58 +0200[diff] [blame]38defined('BASEPATH') OR exit('No direct script access allowed');
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]39
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]40/**
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]41 * Common Functions
42 *
43 * Loads the base classes and executes the request.
44 *
45 * @package CodeIgniter
Andrey Andreev92ebfb62012-05-17 12:49:24 +0300[diff] [blame]46 * @subpackage CodeIgniter
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]47 * @category Common Functions
Derek Jonesf4a4bd82011-10-20 12:18:42 -0500[diff] [blame]48 * @author EllisLab Dev Team
Andrey Andreevbd202c92016-01-11 12:50:18 +0200[diff] [blame]49 * @link https://codeigniter.com/user_guide/
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]50 */
51
52// ------------------------------------------------------------------------
53
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]54if ( ! function_exists('is_php'))
55{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]56 /**
kakysha654e5c92015-01-27 20:51:50 +0300[diff] [blame]57 * Determines if the current version of PHP is equal to or greater than the supplied value
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]58 *
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]59 * @param string
60 * @return bool TRUE if the current version is $version or higher
61 */
vlakoff629d3752014-04-05 09:52:01 +0200[diff] [blame]62 function is_php($version)
Derek Jones086ee5a2009-07-28 14:42:12 +0000[diff] [blame]63 {
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]64 static $_is_php;
Andrey Andreevb7b43962012-02-27 22:45:48 +0200[diff] [blame]65 $version = (string) $version;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]66
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]67 if ( ! isset($_is_php[$version]))
68 {
vlakoff629d3752014-04-05 09:52:01 +0200[diff] [blame]69 $_is_php[$version] = version_compare(PHP_VERSION, $version, '>=');
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]70 }
Derek Jones086ee5a2009-07-28 14:42:12 +0000[diff] [blame]71
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]72 return $_is_php[$version];
73 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]74}
Derek Jones5bcfd2e2009-07-28 14:42:42 +0000[diff] [blame]75
Derek Jones086ee5a2009-07-28 14:42:12 +0000[diff] [blame]76// ------------------------------------------------------------------------
77
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]78if ( ! function_exists('is_really_writable'))
79{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]80 /**
81 * Tests for file writability
82 *
83 * is_writable() returns TRUE on Windows servers when you really can't write to
84 * the file, based on the read-only attribute. is_writable() is also unreliable
85 * on Unix servers if safe_mode is on.
86 *
Andrey Andreev2b284f92014-01-25 00:25:56 +0200[diff] [blame]87 * @link https://bugs.php.net/bug.php?id=54709
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]88 * @param string
Gabriel Potkány1fb50002015-02-04 01:45:59 +0100[diff] [blame]89 * @return bool
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]90 */
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]91 function is_really_writable($file)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]92 {
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]93 // If we're on a Unix server with safe_mode off we call is_writable
Andrey Andreevf6274742014-02-20 18:05:58 +0200[diff] [blame]94 if (DIRECTORY_SEPARATOR === '/' && (is_php('5.4') OR ! ini_get('safe_mode')))
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]95 {
96 return is_writable($file);
97 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]98
Andrey Andreev188abaf2012-01-07 19:09:42 +0200[diff] [blame]99 /* For Windows servers and safe_mode "on" installations we'll actually
100 * write a file then read it. Bah...
101 */
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]102 if (is_dir($file))
103 {
vlakoff06127562013-03-30 00:06:39 +0100[diff] [blame]104 $file = rtrim($file, '/').'/'.md5(mt_rand());
Andrey Andreev7cf682a2014-03-13 14:55:45 +0200[diff] [blame]105 if (($fp = @fopen($file, 'ab')) === FALSE)
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]106 {
107 return FALSE;
108 }
109
110 fclose($fp);
Andrey Andreev7cf682a2014-03-13 14:55:45 +0200[diff] [blame]111 @chmod($file, 0777);
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]112 @unlink($file);
113 return TRUE;
114 }
Andrey Andreev7cf682a2014-03-13 14:55:45 +0200[diff] [blame]115 elseif ( ! is_file($file) OR ($fp = @fopen($file, 'ab')) === FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]116 {
117 return FALSE;
118 }
119
120 fclose($fp);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]121 return TRUE;
122 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]123}
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]124
125// ------------------------------------------------------------------------
126
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]127if ( ! function_exists('load_class'))
128{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]129 /**
130 * Class registry
131 *
132 * This function acts as a singleton. If the requested class does not
133 * exist it is instantiated and set to a static variable. If it has
134 * previously been instantiated the variable is returned.
135 *
136 * @param string the class name being requested
137 * @param string the directory where the class should be found
vlakoff102105d2014-05-18 05:13:33 +0200[diff] [blame]138 * @param string an optional argument to pass to the class constructor
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]139 * @return object
140 */
Andrey Andreevc26b9eb2014-02-24 11:31:36 +0200[diff] [blame]141 function &load_class($class, $directory = 'libraries', $param = NULL)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]142 {
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]143 static $_classes = array();
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]144
Andrey Andreev188abaf2012-01-07 19:09:42 +0200[diff] [blame]145 // Does the class exist? If so, we're done...
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]146 if (isset($_classes[$class]))
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]147 {
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]148 return $_classes[$class];
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]149 }
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]150
151 $name = FALSE;
152
Shane Pearsonab57a352011-08-22 16:11:20 -0500[diff] [blame]153 // Look for the class first in the local application/libraries folder
154 // then in the native system/libraries folder
155 foreach (array(APPPATH, BASEPATH) as $path)
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]156 {
Andrey Andreev536b7712012-01-07 21:31:25 +0200[diff] [blame]157 if (file_exists($path.$directory.'/'.$class.'.php'))
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]158 {
Andrey Andreevc26b9eb2014-02-24 11:31:36 +0200[diff] [blame]159 $name = 'CI_'.$class;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]160
Andrey Andreev49e68de2013-02-21 16:30:55 +0200[diff] [blame]161 if (class_exists($name, FALSE) === FALSE)
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]162 {
Andrey Andreeva52c7752012-10-11 10:54:02 +0300[diff] [blame]163 require_once($path.$directory.'/'.$class.'.php');
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]164 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]165
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]166 break;
167 }
168 }
169
Andrey Andreev188abaf2012-01-07 19:09:42 +0200[diff] [blame]170 // Is the request a class extension? If so we load it too
Andrey Andreev536b7712012-01-07 21:31:25 +0200[diff] [blame]171 if (file_exists(APPPATH.$directory.'/'.config_item('subclass_prefix').$class.'.php'))
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]172 {
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]173 $name = config_item('subclass_prefix').$class;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]174
Andrey Andreev49e68de2013-02-21 16:30:55 +0200[diff] [blame]175 if (class_exists($name, FALSE) === FALSE)
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]176 {
Andrey Andreevc26b9eb2014-02-24 11:31:36 +0200[diff] [blame]177 require_once(APPPATH.$directory.'/'.$name.'.php');
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]178 }
179 }
180
181 // Did we find the class?
182 if ($name === FALSE)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]183 {
mult1mate5c58e672015-04-08 16:03:31 +0300[diff] [blame]184 // Note: We use exit() rather than show_error() in order to avoid a
vlakofffe8fe452012-07-11 19:56:50 +0200[diff] [blame]185 // self-referencing loop with the Exceptions class
Kevin Cuppd63e4012012-02-05 14:14:32 -0500[diff] [blame]186 set_status_header(503);
Daniel Hunsaker353f9832013-01-24 17:09:10 -0700[diff] [blame]187 echo 'Unable to locate the specified class: '.$class.'.php';
Andrey Andreev7cf682a2014-03-13 14:55:45 +0200[diff] [blame]188 exit(5); // EXIT_UNK_CLASS
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]189 }
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]190
191 // Keep track of what we just loaded
192 is_loaded($class);
193
Andrey Andreevde9ec102014-02-24 17:16:32 +0200[diff] [blame]194 $_classes[$class] = isset($param)
Andrey Andreevc26b9eb2014-02-24 11:31:36 +0200[diff] [blame]195 ? new $name($param)
196 : new $name();
Andrey Andreevde9ec102014-02-24 17:16:32 +0200[diff] [blame]197 return $_classes[$class];
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]198 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]199}
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]200
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]201// --------------------------------------------------------------------
202
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]203if ( ! function_exists('is_loaded'))
204{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]205 /**
206 * Keeps track of which libraries have been loaded. This function is
207 * called by the load_class() function above
208 *
209 * @param string
210 * @return array
211 */
Andrey Andreevd47baab2012-01-09 16:56:46 +0200[diff] [blame]212 function &is_loaded($class = '')
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]213 {
214 static $_is_loaded = array();
215
Alex Bilbieed944a32012-06-02 11:07:47 +0100[diff] [blame]216 if ($class !== '')
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]217 {
218 $_is_loaded[strtolower($class)] = $class;
219 }
220
221 return $_is_loaded;
222 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]223}
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]224
225// ------------------------------------------------------------------------
Derek Jonesf0a9b332009-07-29 14:19:18 +0000[diff] [blame]226
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]227if ( ! function_exists('get_config'))
228{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]229 /**
230 * Loads the main config.php file
231 *
232 * This function lets us grab the config file even if the Config class
233 * hasn't been instantiated yet
234 *
235 * @param array
236 * @return array
237 */
Andrey Andreev49890a92013-08-19 19:56:18 +0300[diff] [blame]238 function &get_config(Array $replace = array())
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]239 {
vlakoff5a346882014-05-17 07:17:41 +0200[diff] [blame]240 static $config;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]241
vlakoff5a346882014-05-17 07:17:41 +0200[diff] [blame]242 if (empty($config))
vlakoff8d70c0a2013-08-17 07:31:29 +0200[diff] [blame]243 {
244 $file_path = APPPATH.'config/config.php';
245 $found = FALSE;
246 if (file_exists($file_path))
247 {
248 $found = TRUE;
249 require($file_path);
250 }
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]251
vlakoff8d70c0a2013-08-17 07:31:29 +0200[diff] [blame]252 // Is the config file in the environment folder?
253 if (file_exists($file_path = APPPATH.'config/'.ENVIRONMENT.'/config.php'))
254 {
255 require($file_path);
256 }
257 elseif ( ! $found)
258 {
259 set_status_header(503);
260 echo 'The configuration file does not exist.';
Andrey Andreev7cf682a2014-03-13 14:55:45 +0200[diff] [blame]261 exit(3); // EXIT_CONFIG
vlakoff8d70c0a2013-08-17 07:31:29 +0200[diff] [blame]262 }
joelcox2035fd82011-01-16 16:50:36 +0100[diff] [blame]263
vlakoff8d70c0a2013-08-17 07:31:29 +0200[diff] [blame]264 // Does the $config array exist in the file?
265 if ( ! isset($config) OR ! is_array($config))
266 {
267 set_status_header(503);
268 echo 'Your config file does not appear to be formatted correctly.';
Andrey Andreev7cf682a2014-03-13 14:55:45 +0200[diff] [blame]269 exit(3); // EXIT_CONFIG
vlakoff8d70c0a2013-08-17 07:31:29 +0200[diff] [blame]270 }
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]271 }
272
vlakoff67e5ca62013-08-19 04:52:00 +0200[diff] [blame]273 // Are any values being dynamically added or replaced?
vlakoff2f7810a2013-08-19 04:46:26 +0200[diff] [blame]274 foreach ($replace as $key => $val)
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]275 {
vlakoff5a346882014-05-17 07:17:41 +0200[diff] [blame]276 $config[$key] = $val;
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]277 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]278
vlakoff5a346882014-05-17 07:17:41 +0200[diff] [blame]279 return $config;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]280 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]281}
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]282
283// ------------------------------------------------------------------------
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]284
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]285if ( ! function_exists('config_item'))
286{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]287 /**
288 * Returns the specified config item
289 *
290 * @param string
291 * @return mixed
292 */
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]293 function config_item($item)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]294 {
vlakoffaf431ce2013-07-19 02:06:41 +0200[diff] [blame]295 static $_config;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]296
vlakoffaf431ce2013-07-19 02:06:41 +0200[diff] [blame]297 if (empty($_config))
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]298 {
vlakoffaf431ce2013-07-19 02:06:41 +0200[diff] [blame]299 // references cannot be directly assigned to static variables, so we use an array
300 $_config[0] =& get_config();
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]301 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]302
Andrey Andreevd444d442014-10-06 00:00:08 +0300[diff] [blame]303 return isset($_config[0][$item]) ? $_config[0][$item] : NULL;
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]304 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]305}
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]306
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]307// ------------------------------------------------------------------------
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]308
Andrey Andreev6ef498b2012-06-05 22:01:58 +0300[diff] [blame]309if ( ! function_exists('get_mimes'))
310{
311 /**
312 * Returns the MIME types array from config/mimes.php
313 *
314 * @return array
315 */
316 function &get_mimes()
317 {
vlakoff69550c52014-05-19 13:45:02 +0200[diff] [blame]318 static $_mimes;
Andrey Andreev6ef498b2012-06-05 22:01:58 +0300[diff] [blame]319
vlakoff69550c52014-05-19 13:45:02 +0200[diff] [blame]320 if (empty($_mimes))
Andrey Andreev6ef498b2012-06-05 22:01:58 +0300[diff] [blame]321 {
Andrey Andreevd60e51b2017-02-06 10:28:36 +0200[diff] [blame^]322 $_mimes = array();
323
324 if (file_exists(APPPATH.'config/mimes.php'))
325 {
326 $_mimes = array_merge($_mimes, include(APPPATH.'config/mimes.php'));
327 }
328
vlakoff69550c52014-05-19 13:45:02 +0200[diff] [blame]329 if (file_exists(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'))
330 {
Andrey Andreevd60e51b2017-02-06 10:28:36 +0200[diff] [blame^]331 $_mimes = array_merge($_mimes, include(APPPATH.'config/'.ENVIRONMENT.'/mimes.php'));
vlakoff69550c52014-05-19 13:45:02 +0200[diff] [blame]332 }
Andrey Andreev6ef498b2012-06-05 22:01:58 +0300[diff] [blame]333 }
334
335 return $_mimes;
336 }
337}
338
339// ------------------------------------------------------------------------
340
Andrey Andreev3fb02672012-10-22 16:48:01 +0300[diff] [blame]341if ( ! function_exists('is_https'))
342{
343 /**
344 * Is HTTPS?
345 *
346 * Determines if the application is accessed via an encrypted
347 * (HTTPS) connection.
348 *
349 * @return bool
350 */
351 function is_https()
Richard Deurwaarder (Xeli)23dc0522013-06-24 14:52:47 +0200[diff] [blame]352 {
Andrey Andreev333b80e2013-07-01 16:21:54 +0300[diff] [blame]353 if ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off')
Richard Deurwaarder (Xeli)23dc0522013-06-24 14:52:47 +0200[diff] [blame]354 {
355 return TRUE;
356 }
Andrey Andreev85f3d1a2016-07-25 10:28:21 +0300[diff] [blame]357 elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https')
Richard Deurwaarder (Xeli)23dc0522013-06-24 14:52:47 +0200[diff] [blame]358 {
359 return TRUE;
360 }
Andrey Andreev333b80e2013-07-01 16:21:54 +0300[diff] [blame]361 elseif ( ! empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')
Richard Deurwaarder (Xeli)23dc0522013-06-24 14:52:47 +0200[diff] [blame]362 {
363 return TRUE;
364 }
Richard Deurwaarder (Xeli)98999972013-06-24 15:19:30 +0200[diff] [blame]365
Richard Deurwaarder (Xeli)7cc29452013-06-24 15:06:19 +0200[diff] [blame]366 return FALSE;
Richard Deurwaarder (Xeli)23dc0522013-06-24 14:52:47 +0200[diff] [blame]367 }
Andrey Andreev3fb02672012-10-22 16:48:01 +0300[diff] [blame]368}
369
370// ------------------------------------------------------------------------
371
Andrey Andreevf964b162013-11-12 17:04:55 +0200[diff] [blame]372if ( ! function_exists('is_cli'))
373{
374
375 /**
376 * Is CLI?
377 *
378 * Test to see if a request was made from the command line.
379 *
380 * @return bool
381 */
382 function is_cli()
383 {
384 return (PHP_SAPI === 'cli' OR defined('STDIN'));
385 }
386}
387
388// ------------------------------------------------------------------------
389
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]390if ( ! function_exists('show_error'))
391{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]392 /**
393 * Error Handler
394 *
395 * This function lets us invoke the exception class and
396 * display errors using the standard error template located
vlakoff52301c72013-03-29 14:23:34 +0100[diff] [blame]397 * in application/views/errors/error_general.php
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]398 * This function will send the error page directly to the
399 * browser and exit.
400 *
401 * @param string
402 * @param int
403 * @param string
404 * @return void
405 */
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]406 function show_error($message, $status_code = 500, $heading = 'An Error Was Encountered')
407 {
Daniel Hunsaker353f9832013-01-24 17:09:10 -0700[diff] [blame]408 $status_code = abs($status_code);
409 if ($status_code < 100)
410 {
Andrey Andreev7cf682a2014-03-13 14:55:45 +0200[diff] [blame]411 $exit_status = $status_code + 9; // 9 is EXIT__AUTO_MIN
Daniel Hunsaker353f9832013-01-24 17:09:10 -0700[diff] [blame]412 $status_code = 500;
413 }
414 else
415 {
Andrey Andreev7cf682a2014-03-13 14:55:45 +0200[diff] [blame]416 $exit_status = 1; // EXIT_ERROR
Daniel Hunsaker353f9832013-01-24 17:09:10 -0700[diff] [blame]417 }
Andrey Andreev5a6814e2013-03-04 15:44:12 +0200[diff] [blame]418
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]419 $_error =& load_class('Exceptions', 'core');
420 echo $_error->show_error($heading, $message, 'error_general', $status_code);
Daniel Hunsaker353f9832013-01-24 17:09:10 -0700[diff] [blame]421 exit($exit_status);
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]422 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]423}
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]424
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]425// ------------------------------------------------------------------------
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]426
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]427if ( ! function_exists('show_404'))
428{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]429 /**
430 * 404 Page Handler
431 *
432 * This function is similar to the show_error() function above
433 * However, instead of the standard error template it displays
434 * 404 errors.
435 *
436 * @param string
437 * @param bool
438 * @return void
439 */
Derek Allard2ddc9492010-08-05 10:08:33 -0400[diff] [blame]440 function show_404($page = '', $log_error = TRUE)
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]441 {
442 $_error =& load_class('Exceptions', 'core');
Derek Allard2ddc9492010-08-05 10:08:33 -0400[diff] [blame]443 $_error->show_404($page, $log_error);
Andrey Andreev7cf682a2014-03-13 14:55:45 +0200[diff] [blame]444 exit(4); // EXIT_UNKNOWN_FILE
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]445 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]446}
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]447
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]448// ------------------------------------------------------------------------
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]449
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]450if ( ! function_exists('log_message'))
451{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]452 /**
453 * Error Logging Interface
454 *
455 * We use this as a simple mechanism to access the logging
456 * class and send messages to be logged.
457 *
vlakoffd0c30ab2013-05-07 07:49:23 +0200[diff] [blame]458 * @param string the error level: 'error', 'debug' or 'info'
459 * @param string the error message
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]460 * @return void
461 */
Andrey Andreev838c9a92013-09-13 14:05:13 +0300[diff] [blame]462 function log_message($level, $message)
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]463 {
Andrey Andreev2f8d2d32013-08-07 15:54:47 +0300[diff] [blame]464 static $_log;
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]465
Andrey Andreev49890a92013-08-19 19:56:18 +0300[diff] [blame]466 if ($_log === NULL)
Ted Woodb19a2032013-01-05 16:02:43 -0800[diff] [blame]467 {
vlakoff61f1aa02013-08-07 11:29:17 +0200[diff] [blame]468 // references cannot be directly assigned to static variables, so we use an array
469 $_log[0] =& load_class('Log', 'core');
Ted Woodb19a2032013-01-05 16:02:43 -0800[diff] [blame]470 }
Andrey Andreeva107a0f2013-02-15 22:30:31 +0200[diff] [blame]471
Andrey Andreev838c9a92013-09-13 14:05:13 +0300[diff] [blame]472 $_log[0]->write_log($level, $message);
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]473 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]474}
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]475
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]476// ------------------------------------------------------------------------
Derek Jones817163a2009-07-11 17:05:58 +0000[diff] [blame]477
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]478if ( ! function_exists('set_status_header'))
479{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]480 /**
481 * Set HTTP Status Header
482 *
483 * @param int the status code
484 * @param string
485 * @return void
486 */
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]487 function set_status_header($code = 200, $text = '')
Derek Jones817163a2009-07-11 17:05:58 +0000[diff] [blame]488 {
Andrey Andreevc545c012015-02-19 11:36:10 +0200[diff] [blame]489 if (is_cli())
490 {
491 return;
492 }
493
Andrey Andreev51d6d842012-06-15 16:41:09 +0300[diff] [blame]494 if (empty($code) OR ! is_numeric($code))
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]495 {
496 show_error('Status codes must be numeric', 500);
497 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]498
Andrey Andreev51d6d842012-06-15 16:41:09 +0300[diff] [blame]499 if (empty($text))
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]500 {
Fieahb4ebb392015-02-22 23:55:15 +0800[diff] [blame]501 is_int($code) OR $code = (int) $code;
502 $stati = array(
ftwbzhao2b7a97c2015-04-14 11:19:38 +0800[diff] [blame]503 100 => 'Continue',
504 101 => 'Switching Protocols',
505
Fieahb4ebb392015-02-22 23:55:15 +0800[diff] [blame]506 200 => 'OK',
507 201 => 'Created',
508 202 => 'Accepted',
509 203 => 'Non-Authoritative Information',
510 204 => 'No Content',
511 205 => 'Reset Content',
512 206 => 'Partial Content',
513
514 300 => 'Multiple Choices',
515 301 => 'Moved Permanently',
516 302 => 'Found',
517 303 => 'See Other',
518 304 => 'Not Modified',
519 305 => 'Use Proxy',
520 307 => 'Temporary Redirect',
521
522 400 => 'Bad Request',
523 401 => 'Unauthorized',
ftwbzhao2b7a97c2015-04-14 11:19:38 +0800[diff] [blame]524 402 => 'Payment Required',
Fieahb4ebb392015-02-22 23:55:15 +0800[diff] [blame]525 403 => 'Forbidden',
526 404 => 'Not Found',
527 405 => 'Method Not Allowed',
528 406 => 'Not Acceptable',
529 407 => 'Proxy Authentication Required',
530 408 => 'Request Timeout',
531 409 => 'Conflict',
532 410 => 'Gone',
533 411 => 'Length Required',
534 412 => 'Precondition Failed',
535 413 => 'Request Entity Too Large',
536 414 => 'Request-URI Too Long',
537 415 => 'Unsupported Media Type',
538 416 => 'Requested Range Not Satisfiable',
539 417 => 'Expectation Failed',
540 422 => 'Unprocessable Entity',
Andrey Andreevf2f6d8a2016-10-11 16:00:57 +0300[diff] [blame]541 426 => 'Upgrade Required',
542 428 => 'Precondition Required',
543 429 => 'Too Many Requests',
544 431 => 'Request Header Fields Too Large',
Fieahb4ebb392015-02-22 23:55:15 +0800[diff] [blame]545
546 500 => 'Internal Server Error',
547 501 => 'Not Implemented',
548 502 => 'Bad Gateway',
549 503 => 'Service Unavailable',
550 504 => 'Gateway Timeout',
Andrey Andreevf2f6d8a2016-10-11 16:00:57 +0300[diff] [blame]551 505 => 'HTTP Version Not Supported',
552 511 => 'Network Authentication Required',
Fieahb4ebb392015-02-22 23:55:15 +0800[diff] [blame]553 );
554
Andrey Andreev51d6d842012-06-15 16:41:09 +0300[diff] [blame]555 if (isset($stati[$code]))
556 {
557 $text = $stati[$code];
558 }
559 else
560 {
561 show_error('No status text available. Please check your status code number or supply your own message text.', 500);
562 }
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]563 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]564
vlakoff40d12492013-08-06 14:46:00 +0200[diff] [blame]565 if (strpos(PHP_SAPI, 'cgi') === 0)
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]566 {
Daniel Hunsaker8626e932013-03-04 05:14:22 -0700[diff] [blame]567 header('Status: '.$code.' '.$text, TRUE);
568 }
569 else
570 {
bjjay01daaca2015-01-31 22:29:50 +0800[diff] [blame]571 $server_protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.1';
572 header($server_protocol.' '.$code.' '.$text, TRUE, $code);
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]573 }
Derek Jones817163a2009-07-11 17:05:58 +0000[diff] [blame]574 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]575}
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]576
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]577// --------------------------------------------------------------------
Derek Jones817163a2009-07-11 17:05:58 +0000[diff] [blame]578
Andrey Andreev4b838af2014-10-28 23:46:45 +0200[diff] [blame]579if ( ! function_exists('_error_handler'))
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]580{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]581 /**
Andrey Andreev4b838af2014-10-28 23:46:45 +0200[diff] [blame]582 * Error Handler
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]583 *
Andrey Andreev4b838af2014-10-28 23:46:45 +0200[diff] [blame]584 * This is the custom error handler that is declared at the (relative)
585 * top of CodeIgniter.php. The main reason we use this is to permit
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]586 * PHP errors to be logged in our own log files since the user may
Andrey Andreev4b838af2014-10-28 23:46:45 +0200[diff] [blame]587 * not have access to server logs. Since this function effectively
588 * intercepts PHP errors, however, we also need to display errors
589 * based on the current error_reporting level.
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]590 * We do that with the use of a PHP error template.
591 *
Andrey Andreev0850a282013-10-21 14:26:18 +0300[diff] [blame]592 * @param int $severity
593 * @param string $message
594 * @param string $filepath
595 * @param int $line
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]596 * @return void
597 */
Andrey Andreev4b838af2014-10-28 23:46:45 +0200[diff] [blame]598 function _error_handler($severity, $message, $filepath, $line)
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]599 {
Andrey Andreevc114deb2016-08-19 19:17:59 +0300[diff] [blame]600 $is_error = (((E_ERROR | E_PARSE | E_COMPILE_ERROR | E_CORE_ERROR | E_USER_ERROR) & $severity) === $severity);
Jesse van Assen7eb116a2013-07-06 10:42:14 +0200[diff] [blame]601
602 // When an error occurred, set the status header to '500 Internal Server Error'
603 // to indicate to the client something went wrong.
604 // This can't be done within the $_error->show_php_error method because
605 // it is only called when the display_errors flag is set (which isn't usually
606 // the case in a production environment) or when errors are ignored because
607 // they are above the error_reporting threshold.
608 if ($is_error)
609 {
610 set_status_header(500);
Andrey Andreev02545892014-02-19 23:49:31 +0200[diff] [blame]611 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]612
Francesco Negri0e0c37b2012-08-04 14:16:50 +0300[diff] [blame]613 // Should we ignore the error? We'll get the current error_reporting
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]614 // level and add its bits with the severity bits to find out.
Francesco Negri0e0c37b2012-08-04 14:16:50 +0300[diff] [blame]615 if (($severity & error_reporting()) !== $severity)
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]616 {
617 return;
618 }
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]619
Cristian Kocza2be27442014-02-19 21:52:38 +0200[diff] [blame]620 $_error =& load_class('Exceptions', 'core');
Andrey Andreev76160bc2014-01-30 22:26:14 +0200[diff] [blame]621 $_error->log_exception($severity, $message, $filepath, $line);
622
Francesco Negri312bdc52012-08-04 07:32:19 -0400[diff] [blame]623 // Should we display the error?
Andrey Andreev38666662015-01-13 15:53:25 +0200[diff] [blame]624 if (str_ireplace(array('off', 'none', 'no', 'false', 'null'), '', ini_get('display_errors')))
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]625 {
626 $_error->show_php_error($severity, $message, $filepath, $line);
627 }
628
Jesse van Assen7eb116a2013-07-06 10:42:14 +0200[diff] [blame]629 // If the error is fatal, the execution of the script should be stopped because
630 // errors can't be recovered from. Halting the script conforms with PHP's
631 // default error handling. See http://www.php.net/manual/en/errorfunc.constants.php
632 if ($is_error)
633 {
Andrey Andreev7cf682a2014-03-13 14:55:45 +0200[diff] [blame]634 exit(1); // EXIT_ERROR
Jesse van Assen7eb116a2013-07-06 10:42:14 +0200[diff] [blame]635 }
Derek Jonesdc8e9ea2010-03-02 13:17:19 -0600[diff] [blame]636 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]637}
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]638
Kaiwang Chen21fe9da2013-09-11 13:09:41 +0800[diff] [blame]639// ------------------------------------------------------------------------
640
Andrey Andreev4b838af2014-10-28 23:46:45 +0200[diff] [blame]641if ( ! function_exists('_exception_handler'))
642{
643 /**
644 * Exception Handler
645 *
646 * Sends uncaught exceptions to the logger and displays them
647 * only if display_errors is On so that they don't show up in
648 * production environments.
649 *
650 * @param Exception $exception
651 * @return void
652 */
653 function _exception_handler($exception)
654 {
655 $_error =& load_class('Exceptions', 'core');
656 $_error->log_exception('error', 'Exception: '.$exception->getMessage(), $exception->getFile(), $exception->getLine());
657
Andrey Andreev4ffe6342016-10-21 16:30:31 +0300[diff] [blame]658 is_cli() OR set_status_header(500);
Andrey Andreev4b838af2014-10-28 23:46:45 +0200[diff] [blame]659 // Should we display the error?
Andrey Andreev38666662015-01-13 15:53:25 +0200[diff] [blame]660 if (str_ireplace(array('off', 'none', 'no', 'false', 'null'), '', ini_get('display_errors')))
Andrey Andreev4b838af2014-10-28 23:46:45 +0200[diff] [blame]661 {
662 $_error->show_exception($exception);
663 }
664
665 exit(1); // EXIT_ERROR
666 }
667}
668
669// ------------------------------------------------------------------------
670
Kaiwang Chen21fe9da2013-09-11 13:09:41 +0800[diff] [blame]671if ( ! function_exists('_shutdown_handler'))
672{
673 /**
674 * Shutdown Handler
675 *
676 * This is the shutdown handler that is declared at the top
677 * of CodeIgniter.php. The main reason we use this is to simulate
678 * a complete custom exception handler.
679 *
Claudio Galdiolo62fe0112015-08-13 10:21:42 -0400[diff] [blame]680 * E_STRICT is purposively neglected because such events may have
Kaiwang Chen21fe9da2013-09-11 13:09:41 +0800[diff] [blame]681 * been caught. Duplication or none? None is preferred for now.
682 *
683 * @link http://insomanic.me.uk/post/229851073/php-trick-catching-fatal-errors-e-error-with-a
684 * @return void
685 */
686 function _shutdown_handler()
687 {
Andrey Andreevafca3522013-11-14 15:26:59 +0200[diff] [blame]688 $last_error = error_get_last();
Kaiwang Chen21fe9da2013-09-11 13:09:41 +0800[diff] [blame]689 if (isset($last_error) &&
690 ($last_error['type'] & (E_ERROR | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING)))
691 {
Andrey Andreeva0471dc2014-11-04 19:22:38 +0200[diff] [blame]692 _error_handler($last_error['type'], $last_error['message'], $last_error['file'], $last_error['line']);
Kaiwang Chen21fe9da2013-09-11 13:09:41 +0800[diff] [blame]693 }
694 }
695}
696
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]697// --------------------------------------------------------------------
Barry Mienydd671972010-10-04 16:33:58 +0200[diff] [blame]698
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]699if ( ! function_exists('remove_invisible_characters'))
700{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]701 /**
702 * Remove Invisible Characters
703 *
704 * This prevents sandwiching null characters
705 * between ascii characters, like Java\0script.
706 *
707 * @param string
708 * @param bool
709 * @return string
710 */
Pascal Kriete0ff50262011-04-05 14:52:03 -0400[diff] [blame]711 function remove_invisible_characters($str, $url_encoded = TRUE)
Greg Aker757dda62010-04-14 19:06:19 -0500[diff] [blame]712 {
Pascal Kriete0ff50262011-04-05 14:52:03 -0400[diff] [blame]713 $non_displayables = array();
Andrey Andreev188abaf2012-01-07 19:09:42 +0200[diff] [blame]714
715 // every control character except newline (dec 10),
716 // carriage return (dec 13) and horizontal tab (dec 09)
Pascal Kriete0ff50262011-04-05 14:52:03 -0400[diff] [blame]717 if ($url_encoded)
Greg Aker757dda62010-04-14 19:06:19 -0500[diff] [blame]718 {
Andrey Andreev384a4612016-07-25 10:30:04 +0300[diff] [blame]719 $non_displayables[] = '/%0[0-8bcef]/i'; // url encoded 00-08, 11, 12, 14, 15
720 $non_displayables[] = '/%1[0-9a-f]/i'; // url encoded 16-31
Andrey Andreevd60e51b2017-02-06 10:28:36 +0200[diff] [blame^]721 $non_displayables[] = '/%7f/i'; // url encoded 127
Greg Aker757dda62010-04-14 19:06:19 -0500[diff] [blame]722 }
Andrey Andreev188abaf2012-01-07 19:09:42 +0200[diff] [blame]723
Pascal Kriete0ff50262011-04-05 14:52:03 -0400[diff] [blame]724 $non_displayables[] = '/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]+/S'; // 00-08, 11, 12, 14-31, 127
Greg Aker757dda62010-04-14 19:06:19 -0500[diff] [blame]725
726 do
727 {
Pascal Kriete0ff50262011-04-05 14:52:03 -0400[diff] [blame]728 $str = preg_replace($non_displayables, '', $str, -1, $count);
Greg Aker757dda62010-04-14 19:06:19 -0500[diff] [blame]729 }
Pascal Kriete0ff50262011-04-05 14:52:03 -0400[diff] [blame]730 while ($count);
Greg Aker757dda62010-04-14 19:06:19 -0500[diff] [blame]731
732 return $str;
733 }
Dan Horrigan3ef65bd2011-05-08 11:06:44 -0400[diff] [blame]734}
Derek Allard2067d1a2008-11-13 22:59:24 +0000[diff] [blame]735
kenjisfbac8b42011-08-25 10:51:44 +0900[diff] [blame]736// ------------------------------------------------------------------------
737
kenjisfbac8b42011-08-25 10:51:44 +0900[diff] [blame]738if ( ! function_exists('html_escape'))
739{
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]740 /**
Ivan Tcholakov4f458582014-08-25 11:20:22 +0300[diff] [blame]741 * Returns HTML escaped variable.
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]742 *
Ivan Tcholakov993f98c2014-08-25 12:13:31 +0300[diff] [blame]743 * @param mixed $var The input string or array of strings to be escaped.
744 * @param bool $double_encode $double_encode set to FALSE prevents escaping twice.
745 * @return mixed The escaped string or array of strings as a result.
Timothy Warrenad475052012-04-19 13:21:06 -0400[diff] [blame]746 */
Ivan Tcholakov4f458582014-08-25 11:20:22 +0300[diff] [blame]747 function html_escape($var, $double_encode = TRUE)
kenjisfbac8b42011-08-25 10:51:44 +0900[diff] [blame]748 {
Joshua Logsdon993e3402015-03-25 12:03:43 -0400[diff] [blame]749 if (empty($var))
750 {
751 return $var;
752 }
Andrey Andreev6b620fb2015-04-20 12:46:46 +0300[diff] [blame]753
Ivan Tcholakov62224372014-08-25 15:48:33 +0300[diff] [blame]754 if (is_array($var))
755 {
Andrey Andreevd2ea4602015-10-30 11:47:35 +0200[diff] [blame]756 foreach (array_keys($var) as $key)
757 {
758 $var[$key] = html_escape($var[$key], $double_encode);
759 }
760
761 return $var;
Ivan Tcholakov62224372014-08-25 15:48:33 +0300[diff] [blame]762 }
763
764 return htmlspecialchars($var, ENT_QUOTES, config_item('charset'), $double_encode);
Greg Aker5c1aa632011-12-25 01:24:29 -0600[diff] [blame]765 }
Greg Akerd96f8822011-12-27 16:23:47 -0600[diff] [blame]766}
Greg Aker5c1aa632011-12-25 01:24:29 -0600[diff] [blame]767
Chad Furmana1abada2012-07-29 01:03:50 -0400[diff] [blame]768// ------------------------------------------------------------------------
769
770if ( ! function_exists('_stringify_attributes'))
771{
772 /**
Andrey Andreevbdb99992012-07-30 17:38:05 +0300[diff] [blame]773 * Stringify attributes for use in HTML tags.
Chad Furmana1abada2012-07-29 01:03:50 -0400[diff] [blame]774 *
Andrey Andreevbdb99992012-07-30 17:38:05 +0300[diff] [blame]775 * Helper function used to convert a string, array, or object
776 * of attributes to a string.
Chad Furmana1abada2012-07-29 01:03:50 -0400[diff] [blame]777 *
Andrey Andreevbdb99992012-07-30 17:38:05 +0300[diff] [blame]778 * @param mixed string, array, object
779 * @param bool
780 * @return string
Chad Furmana1abada2012-07-29 01:03:50 -0400[diff] [blame]781 */
782 function _stringify_attributes($attributes, $js = FALSE)
783 {
Andrey Andreevbdb99992012-07-30 17:38:05 +0300[diff] [blame]784 $atts = NULL;
Chad Furmana1abada2012-07-29 01:03:50 -0400[diff] [blame]785
786 if (empty($attributes))
787 {
788 return $atts;
789 }
790
791 if (is_string($attributes))
792 {
793 return ' '.$attributes;
794 }
795
796 $attributes = (array) $attributes;
797
798 foreach ($attributes as $key => $val)
799 {
800 $atts .= ($js) ? $key.'='.$val.',' : ' '.$key.'="'.$val.'"';
801 }
Andrey Andreevbdb99992012-07-30 17:38:05 +0300[diff] [blame]802
Chad Furmana1abada2012-07-29 01:03:50 -0400[diff] [blame]803 return rtrim($atts, ',');
804 }
805}
806
Andrey Andreeve9d2dc82012-11-07 14:23:29 +0200[diff] [blame]807// ------------------------------------------------------------------------
808
809if ( ! function_exists('function_usable'))
810{
811 /**
812 * Function usable
813 *
814 * Executes a function_exists() check, and if the Suhosin PHP
815 * extension is loaded - checks whether the function that is
816 * checked might be disabled in there as well.
817 *
818 * This is useful as function_exists() will return FALSE for
819 * functions disabled via the *disable_functions* php.ini
820 * setting, but not for *suhosin.executor.func.blacklist* and
821 * *suhosin.executor.disable_eval*. These settings will just
822 * terminate script execution if a disabled function is executed.
823 *
Andrey Andreevaaa8ddb2014-02-03 14:10:44 +0200[diff] [blame]824 * The above described behavior turned out to be a bug in Suhosin,
Andrey Andreev71d8f722017-01-17 12:01:00 +0200[diff] [blame]825 * but even though a fix was committed for 0.9.34 on 2012-02-12,
Andrey Andreevaaa8ddb2014-02-03 14:10:44 +0200[diff] [blame]826 * that version is yet to be released. This function will therefore
827 * be just temporary, but would probably be kept for a few years.
828 *
Andrey Andreeve9d2dc82012-11-07 14:23:29 +0200[diff] [blame]829 * @link http://www.hardened-php.net/suhosin/
830 * @param string $function_name Function to check for
831 * @return bool TRUE if the function exists and is safe to call,
832 * FALSE otherwise.
833 */
834 function function_usable($function_name)
835 {
836 static $_suhosin_func_blacklist;
837
838 if (function_exists($function_name))
839 {
840 if ( ! isset($_suhosin_func_blacklist))
841 {
Andrey Andreev9e25daf2015-07-22 13:50:30 +0300[diff] [blame]842 $_suhosin_func_blacklist = extension_loaded('suhosin')
843 ? explode(',', trim(ini_get('suhosin.executor.func.blacklist')))
844 : array();
Andrey Andreeve9d2dc82012-11-07 14:23:29 +0200[diff] [blame]845 }
846
Andrey Andreevae634622012-12-17 10:30:18 +0200[diff] [blame]847 return ! in_array($function_name, $_suhosin_func_blacklist, TRUE);
Andrey Andreeve9d2dc82012-11-07 14:23:29 +0200[diff] [blame]848 }
849
850 return FALSE;
851 }
852}