dolibarr  7.0.0-beta
util.php
1 <?php
2 /*
3  * FCKeditor - The text editor for Internet - http://www.fckeditor.net
4  * Copyright (C) 2003-2010 Frederico Caldeira Knabben
5  *
6  * == BEGIN LICENSE ==
7  *
8  * Licensed under the terms of any of the following licenses at your
9  * choice:
10  *
11  * - GNU General Public License Version 2 or later (the "GPL")
12  * http://www.gnu.org/licenses/gpl.html
13  *
14  * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
15  * http://www.gnu.org/licenses/lgpl.html
16  *
17  * - Mozilla Public License Version 1.1 or later (the "MPL")
18  * http://www.mozilla.org/MPL/MPL-1.1.html
19  *
20  * == END LICENSE ==
21  *
22  * Utility functions for the File Manager Connector for PHP.
23  */
24 
32 function RemoveFromStart($sourceString, $charToRemove)
33 {
34  $sPattern = '|^' . $charToRemove . '+|' ;
35  return preg_replace($sPattern, '', $sourceString);
36 }
37 
45 function RemoveFromEnd($sourceString, $charToRemove)
46 {
47  $sPattern = '|' . $charToRemove . '+$|' ;
48  return preg_replace($sPattern, '', $sourceString);
49 }
50 
57 function FindBadUtf8($string)
58 {
59  $regex = '([\x00-\x7F]'.
60  '|[\xC2-\xDF][\x80-\xBF]'.
61  '|\xE0[\xA0-\xBF][\x80-\xBF]'.
62  '|[\xE1-\xEC\xEE\xEF][\x80-\xBF]{2}'.
63  '|\xED[\x80-\x9F][\x80-\xBF]'.
64  '|\xF0[\x90-\xBF][\x80-\xBF]{2}'.
65  '|[\xF1-\xF3][\x80-\xBF]{3}'.
66  '|\xF4[\x80-\x8F][\x80-\xBF]{2}'.
67  '|(.{1}))';
68 
69  while (preg_match('/'.$regex.'/S', $string, $matches)) {
70  if ( isset($matches[2])) {
71  return true;
72  }
73  $string = substr($string, strlen($matches[0]));
74  }
75 
76  return false;
77 }
78 
85 function ConvertToXmlAttribute( $value )
86 {
87  if ( defined('PHP_OS') )
88  {
89  $os = PHP_OS ;
90  }
91  else
92  {
93  $os = php_uname();
94  }
95 
96  if (strtoupper(substr($os, 0, 3)) === 'WIN' || FindBadUtf8($value))
97  {
98  return (utf8_encode(htmlspecialchars($value)));
99  }
100  else
101  {
102  return (htmlspecialchars($value));
103  }
104 }
105 
113 function IsHtmlExtension( $ext, $formExtensions )
114 {
115  if (!$formExtensions || !is_array($formExtensions) )
116  {
117  return false ;
118  }
119  $lcaseHtmlExtensions = array();
120  foreach ( $formExtensions as $key => $val )
121  {
122  $lcaseHtmlExtensions[$key] = strtolower($val);
123  }
124  return in_array($ext, $lcaseHtmlExtensions);
125 }
126 
135 function DetectHtml( $filePath )
136 {
137  $fp = @fopen($filePath, 'rb');
138 
139  //open_basedir restriction, see #1906
140  if ( $fp === false || !flock($fp, LOCK_SH) )
141  {
142  return -1 ;
143  }
144 
145  $chunk = fread($fp, 1024);
146  flock($fp, LOCK_UN);
147  fclose($fp);
148 
149  $chunk = strtolower($chunk);
150 
151  if (!$chunk)
152  {
153  return false ;
154  }
155 
156  $chunk = trim($chunk);
157 
158  if ( preg_match("/<!DOCTYPE\W*X?HTML/sim", $chunk) )
159  {
160  return true;
161  }
162 
163  $tags = array( '<body', '<head', '<html', '<img', '<pre', '<script', '<table', '<title' );
164 
165  foreach( $tags as $tag )
166  {
167  if( false !== strpos($chunk, $tag) )
168  {
169  return true ;
170  }
171  }
172 
173  //type = javascript
174  if ( preg_match('!type\s*=\s*[\'"]?\s*(?:\w*/)?(?:ecma|java)!sim', $chunk) )
175  {
176  return true ;
177  }
178 
179  //href = javascript
180  //src = javascript
181  //data = javascript
182  if ( preg_match('!(?:href|src|data)\s*=\s*[\'"]?\s*(?:ecma|java)script:!sim', $chunk) )
183  {
184  return true ;
185  }
186 
187  //url(javascript
188  if ( preg_match('!url\s*\(\s*[\'"]?\s*(?:ecma|java)script:!sim', $chunk) )
189  {
190  return true ;
191  }
192 
193  return false ;
194 }
195 
205 function IsImageValid( $filePath, $extension )
206 {
207  if (!@is_readable($filePath)) {
208  return -1;
209  }
210 
211  $imageCheckExtensions = array(
212  'gif',
213  'jpeg',
214  'jpg',
215  'png',
216  'swf',
217  'psd',
218  'bmp',
219  'iff',
220  'tiff',
221  'tif',
222  'swc',
223  'jpc',
224  'jp2',
225  'jpx',
226  'jb2',
227  'xbm',
228  'wbmp'
229  );
230 
231  if (!in_array($extension, $imageCheckExtensions) ) {
232  return true;
233  }
234 
235  if (@getimagesize($filePath) === false) {
236  return false ;
237  }
238 
239  return true;
240 }
241