initial commit
This commit is contained in:
commit
252dac3143
1516 changed files with 694271 additions and 0 deletions
185
FCKeditor/editor/filemanager/connectors/php/util.php
Normal file
185
FCKeditor/editor/filemanager/connectors/php/util.php
Normal file
|
|
@ -0,0 +1,185 @@
|
|||
<?php
|
||||
/*
|
||||
* FCKeditor - The text editor for Internet - http://www.fckeditor.net
|
||||
* Copyright (C) 2003-2007 Frederico Caldeira Knabben
|
||||
*
|
||||
* == BEGIN LICENSE ==
|
||||
*
|
||||
* Licensed under the terms of any of the following licenses at your
|
||||
* choice:
|
||||
*
|
||||
* - GNU General Public License Version 2 or later (the "GPL")
|
||||
* http://www.gnu.org/licenses/gpl.html
|
||||
*
|
||||
* - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
|
||||
* http://www.gnu.org/licenses/lgpl.html
|
||||
*
|
||||
* - Mozilla Public License Version 1.1 or later (the "MPL")
|
||||
* http://www.mozilla.org/MPL/MPL-1.1.html
|
||||
*
|
||||
* == END LICENSE ==
|
||||
*
|
||||
* Utility functions for the File Manager Connector for PHP.
|
||||
*/
|
||||
|
||||
function RemoveFromStart( $sourceString, $charToRemove )
|
||||
{
|
||||
$sPattern = '|^' . $charToRemove . '+|' ;
|
||||
return preg_replace( $sPattern, '', $sourceString ) ;
|
||||
}
|
||||
|
||||
function RemoveFromEnd( $sourceString, $charToRemove )
|
||||
{
|
||||
$sPattern = '|' . $charToRemove . '+$|' ;
|
||||
return preg_replace( $sPattern, '', $sourceString ) ;
|
||||
}
|
||||
|
||||
function ConvertToXmlAttribute( $value )
|
||||
{
|
||||
if ( defined( 'PHP_OS' ) )
|
||||
{
|
||||
$os = PHP_OS ;
|
||||
}
|
||||
else
|
||||
{
|
||||
$os = php_uname() ;
|
||||
}
|
||||
|
||||
if ( strtoupper( substr( $os, 0, 3 ) ) === 'WIN' )
|
||||
{
|
||||
return ( utf8_encode( htmlspecialchars( $value ) ) ) ;
|
||||
}
|
||||
else
|
||||
{
|
||||
return ( htmlspecialchars( $value ) ) ;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Check whether given extension is in html etensions list
|
||||
*
|
||||
* @param string $ext
|
||||
* @param array $htmlExtensions
|
||||
* @return boolean
|
||||
*/
|
||||
function IsHtmlExtension( $ext, $htmlExtensions )
|
||||
{
|
||||
if ( !$htmlExtensions || !is_array( $htmlExtensions ) )
|
||||
{
|
||||
return false ;
|
||||
}
|
||||
$lcaseHtmlExtensions = array() ;
|
||||
foreach ( $htmlExtensions as $key => $val )
|
||||
{
|
||||
$lcaseHtmlExtensions[$key] = strtolower( $val ) ;
|
||||
}
|
||||
return in_array( $ext, $lcaseHtmlExtensions ) ;
|
||||
}
|
||||
|
||||
/**
|
||||
* Detect HTML in the first KB to prevent against potential security issue with
|
||||
* IE/Safari/Opera file type auto detection bug.
|
||||
* Returns true if file contain insecure HTML code at the beginning.
|
||||
*
|
||||
* @param string $filePath absolute path to file
|
||||
* @return boolean
|
||||
*/
|
||||
function DetectHtml( $filePath )
|
||||
{
|
||||
$fp = fopen( $filePath, 'rb' ) ;
|
||||
$chunk = fread( $fp, 1024 ) ;
|
||||
fclose( $fp ) ;
|
||||
|
||||
$chunk = strtolower( $chunk ) ;
|
||||
|
||||
if (!$chunk)
|
||||
{
|
||||
return false ;
|
||||
}
|
||||
|
||||
$chunk = trim( $chunk ) ;
|
||||
|
||||
if ( preg_match( "/<!DOCTYPE\W*X?HTML/sim", $chunk ) )
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
$tags = array( '<body', '<head', '<html', '<img', '<pre', '<script', '<table', '<title' ) ;
|
||||
|
||||
foreach( $tags as $tag )
|
||||
{
|
||||
if( false !== strpos( $chunk, $tag ) )
|
||||
{
|
||||
return true ;
|
||||
}
|
||||
}
|
||||
|
||||
//type = javascript
|
||||
if ( preg_match( '!type\s*=\s*[\'"]?\s*(?:\w*/)?(?:ecma|java)!sim', $chunk ) )
|
||||
{
|
||||
return true ;
|
||||
}
|
||||
|
||||
//href = javascript
|
||||
//src = javascript
|
||||
//data = javascript
|
||||
if ( preg_match( '!(?:href|src|data)\s*=\s*[\'"]?\s*(?:ecma|java)script:!sim', $chunk ) )
|
||||
{
|
||||
return true ;
|
||||
}
|
||||
|
||||
//url(javascript
|
||||
if ( preg_match( '!url\s*\(\s*[\'"]?\s*(?:ecma|java)script:!sim', $chunk ) )
|
||||
{
|
||||
return true ;
|
||||
}
|
||||
|
||||
return false ;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check file content.
|
||||
* Currently this function validates only image files.
|
||||
* Returns false if file is invalid.
|
||||
*
|
||||
* @param string $filePath absolute path to file
|
||||
* @param string $extension file extension
|
||||
* @param integer $detectionLevel 0 = none, 1 = use getimagesize for images, 2 = use DetectHtml for images
|
||||
* @return boolean
|
||||
*/
|
||||
function IsImageValid( $filePath, $extension )
|
||||
{
|
||||
$imageCheckExtensions = array('gif', 'jpeg', 'jpg', 'png', 'swf', 'psd', 'bmp', 'iff');
|
||||
|
||||
// version_compare is available since PHP4 >= 4.0.7
|
||||
if ( function_exists( 'version_compare' ) ) {
|
||||
$sCurrentVersion = phpversion();
|
||||
if ( version_compare( $sCurrentVersion, "4.2.0" ) >= 0 ) {
|
||||
$imageCheckExtensions[] = "tiff";
|
||||
$imageCheckExtensions[] = "tif";
|
||||
}
|
||||
if ( version_compare( $sCurrentVersion, "4.3.0" ) >= 0 ) {
|
||||
$imageCheckExtensions[] = "swc";
|
||||
}
|
||||
if ( version_compare( $sCurrentVersion, "4.3.2" ) >= 0 ) {
|
||||
$imageCheckExtensions[] = "jpc";
|
||||
$imageCheckExtensions[] = "jp2";
|
||||
$imageCheckExtensions[] = "jpx";
|
||||
$imageCheckExtensions[] = "jb2";
|
||||
$imageCheckExtensions[] = "xbm";
|
||||
$imageCheckExtensions[] = "wbmp";
|
||||
}
|
||||
}
|
||||
|
||||
if ( !in_array( $extension, $imageCheckExtensions ) ) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if ( @getimagesize( $filePath ) === false ) {
|
||||
return false ;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
?>
|
||||
Loading…
Add table
Add a link
Reference in a new issue