1<?php 2/** 3 * Common DokuWiki functions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9use dokuwiki\Cache\CacheInstructions; 10use dokuwiki\Cache\CacheRenderer; 11use dokuwiki\ChangeLog\PageChangeLog; 12use dokuwiki\File\PageFile; 13use dokuwiki\Logger; 14use dokuwiki\Subscriptions\PageSubscriptionSender; 15use dokuwiki\Subscriptions\SubscriberManager; 16use dokuwiki\Extension\AuthPlugin; 17use dokuwiki\Extension\Event; 18 19/** 20 * Wrapper around htmlspecialchars() 21 * 22 * @author Andreas Gohr <andi@splitbrain.org> 23 * @see htmlspecialchars() 24 * 25 * @param string $string the string being converted 26 * @return string converted string 27 */ 28function hsc($string) { 29 return htmlspecialchars($string, ENT_QUOTES, 'UTF-8'); 30} 31 32/** 33 * Checks if the given input is blank 34 * 35 * This is similar to empty() but will return false for "0". 36 * 37 * Please note: when you pass uninitialized variables, they will implicitly be created 38 * with a NULL value without warning. 39 * 40 * To avoid this it's recommended to guard the call with isset like this: 41 * 42 * (isset($foo) && !blank($foo)) 43 * (!isset($foo) || blank($foo)) 44 * 45 * @param $in 46 * @param bool $trim Consider a string of whitespace to be blank 47 * @return bool 48 */ 49function blank(&$in, $trim = false) { 50 if(is_null($in)) return true; 51 if(is_array($in)) return empty($in); 52 if($in === "\0") return true; 53 if($trim && trim($in) === '') return true; 54 if(strlen($in) > 0) return false; 55 return empty($in); 56} 57 58/** 59 * print a newline terminated string 60 * 61 * You can give an indention as optional parameter 62 * 63 * @author Andreas Gohr <andi@splitbrain.org> 64 * 65 * @param string $string line of text 66 * @param int $indent number of spaces indention 67 */ 68function ptln($string, $indent = 0) { 69 echo str_repeat(' ', $indent)."$string\n"; 70} 71 72/** 73 * strips control characters (<32) from the given string 74 * 75 * @author Andreas Gohr <andi@splitbrain.org> 76 * 77 * @param string $string being stripped 78 * @return string 79 */ 80function stripctl($string) { 81 return preg_replace('/[\x00-\x1F]+/s', '', $string); 82} 83 84/** 85 * Return a secret token to be used for CSRF attack prevention 86 * 87 * @author Andreas Gohr <andi@splitbrain.org> 88 * @link http://en.wikipedia.org/wiki/Cross-site_request_forgery 89 * @link http://christ1an.blogspot.com/2007/04/preventing-csrf-efficiently.html 90 * 91 * @return string 92 */ 93function getSecurityToken() { 94 /** @var Input $INPUT */ 95 global $INPUT; 96 97 $user = $INPUT->server->str('REMOTE_USER'); 98 $session = session_id(); 99 100 // CSRF checks are only for logged in users - do not generate for anonymous 101 if(trim($user) == '' || trim($session) == '') return ''; 102 return \dokuwiki\PassHash::hmac('md5', $session.$user, auth_cookiesalt()); 103} 104 105/** 106 * Check the secret CSRF token 107 * 108 * @param null|string $token security token or null to read it from request variable 109 * @return bool success if the token matched 110 */ 111function checkSecurityToken($token = null) { 112 /** @var Input $INPUT */ 113 global $INPUT; 114 if(!$INPUT->server->str('REMOTE_USER')) return true; // no logged in user, no need for a check 115 116 if(is_null($token)) $token = $INPUT->str('sectok'); 117 if(getSecurityToken() != $token) { 118 msg('Security Token did not match. Possible CSRF attack.', -1); 119 return false; 120 } 121 return true; 122} 123 124/** 125 * Print a hidden form field with a secret CSRF token 126 * 127 * @author Andreas Gohr <andi@splitbrain.org> 128 * 129 * @param bool $print if true print the field, otherwise html of the field is returned 130 * @return string html of hidden form field 131 */ 132function formSecurityToken($print = true) { 133 $ret = '<div class="no"><input type="hidden" name="sectok" value="'.getSecurityToken().'" /></div>'."\n"; 134 if($print) echo $ret; 135 return $ret; 136} 137 138/** 139 * Determine basic information for a request of $id 140 * 141 * @author Andreas Gohr <andi@splitbrain.org> 142 * @author Chris Smith <chris@jalakai.co.uk> 143 * 144 * @param string $id pageid 145 * @param bool $htmlClient add info about whether is mobile browser 146 * @return array with info for a request of $id 147 * 148 */ 149function basicinfo($id, $htmlClient=true){ 150 global $USERINFO; 151 /* @var Input $INPUT */ 152 global $INPUT; 153 154 // set info about manager/admin status. 155 $info = array(); 156 $info['isadmin'] = false; 157 $info['ismanager'] = false; 158 if($INPUT->server->has('REMOTE_USER')) { 159 $info['userinfo'] = $USERINFO; 160 $info['perm'] = auth_quickaclcheck($id); 161 $info['client'] = $INPUT->server->str('REMOTE_USER'); 162 163 if($info['perm'] == AUTH_ADMIN) { 164 $info['isadmin'] = true; 165 $info['ismanager'] = true; 166 } elseif(auth_ismanager()) { 167 $info['ismanager'] = true; 168 } 169 170 // if some outside auth were used only REMOTE_USER is set 171 if(!$info['userinfo']['name']) { 172 $info['userinfo']['name'] = $INPUT->server->str('REMOTE_USER'); 173 } 174 175 } else { 176 $info['perm'] = auth_aclcheck($id, '', null); 177 $info['client'] = clientIP(true); 178 } 179 180 $info['namespace'] = getNS($id); 181 182 // mobile detection 183 if ($htmlClient) { 184 $info['ismobile'] = clientismobile(); 185 } 186 187 return $info; 188 } 189 190/** 191 * Return info about the current document as associative 192 * array. 193 * 194 * @author Andreas Gohr <andi@splitbrain.org> 195 * 196 * @return array with info about current document 197 */ 198function pageinfo() { 199 global $ID; 200 global $REV; 201 global $RANGE; 202 global $lang; 203 /* @var Input $INPUT */ 204 global $INPUT; 205 206 $info = basicinfo($ID); 207 208 // include ID & REV not redundant, as some parts of DokuWiki may temporarily change $ID, e.g. p_wiki_xhtml 209 // FIXME ... perhaps it would be better to ensure the temporary changes weren't necessary 210 $info['id'] = $ID; 211 $info['rev'] = $REV; 212 213 $subManager = new SubscriberManager(); 214 $info['subscribed'] = $subManager->userSubscription(); 215 216 $info['locked'] = checklock($ID); 217 $info['filepath'] = wikiFN($ID); 218 $info['exists'] = file_exists($info['filepath']); 219 $info['currentrev'] = @filemtime($info['filepath']); 220 221 if ($REV) { 222 //check if current revision was meant 223 if ($info['exists'] && ($info['currentrev'] == $REV)) { 224 $REV = ''; 225 } elseif ($RANGE) { 226 //section editing does not work with old revisions! 227 $REV = ''; 228 $RANGE = ''; 229 msg($lang['nosecedit'], 0); 230 } else { 231 //really use old revision 232 $info['filepath'] = wikiFN($ID, $REV); 233 $info['exists'] = file_exists($info['filepath']); 234 } 235 } 236 $info['rev'] = $REV; 237 if ($info['exists']) { 238 $info['writable'] = (is_writable($info['filepath']) && $info['perm'] >= AUTH_EDIT); 239 } else { 240 $info['writable'] = ($info['perm'] >= AUTH_CREATE); 241 } 242 $info['editable'] = ($info['writable'] && empty($info['locked'])); 243 $info['lastmod'] = @filemtime($info['filepath']); 244 245 //load page meta data 246 $info['meta'] = p_get_metadata($ID); 247 248 //who's the editor 249 $pagelog = new PageChangeLog($ID, 1024); 250 if ($REV) { 251 $revinfo = $pagelog->getRevisionInfo($REV); 252 } else { 253 if (!empty($info['meta']['last_change']) && is_array($info['meta']['last_change'])) { 254 $revinfo = $info['meta']['last_change']; 255 } else { 256 $revinfo = $pagelog->getRevisionInfo($info['lastmod']); 257 // cache most recent changelog line in metadata if missing and still valid 258 if ($revinfo !== false) { 259 $info['meta']['last_change'] = $revinfo; 260 p_set_metadata($ID, array('last_change' => $revinfo)); 261 } 262 } 263 } 264 //and check for an external edit 265 if ($revinfo !== false && $revinfo['date'] != $info['lastmod']) { 266 // cached changelog line no longer valid 267 $revinfo = false; 268 $info['meta']['last_change'] = $revinfo; 269 p_set_metadata($ID, array('last_change' => $revinfo)); 270 } 271 272 if ($revinfo !== false) { 273 $info['ip'] = $revinfo['ip']; 274 $info['user'] = $revinfo['user']; 275 $info['sum'] = $revinfo['sum']; 276 // See also $INFO['meta']['last_change'] which is the most recent log line for page $ID. 277 // Use $INFO['meta']['last_change']['type']===DOKU_CHANGE_TYPE_MINOR_EDIT in place of $info['minor']. 278 279 $info['editor'] = $revinfo['user'] ?: $revinfo['ip']; 280 } else { 281 $info['ip'] = null; 282 $info['user'] = null; 283 $info['sum'] = null; 284 $info['editor'] = null; 285 } 286 287 // draft 288 $draft = new \dokuwiki\Draft($ID, $info['client']); 289 if ($draft->isDraftAvailable()) { 290 $info['draft'] = $draft->getDraftFilename(); 291 } 292 293 return $info; 294} 295 296/** 297 * Initialize and/or fill global $JSINFO with some basic info to be given to javascript 298 */ 299function jsinfo() { 300 global $JSINFO, $ID, $INFO, $ACT; 301 302 if (!is_array($JSINFO)) { 303 $JSINFO = []; 304 } 305 //export minimal info to JS, plugins can add more 306 $JSINFO['id'] = $ID; 307 $JSINFO['namespace'] = isset($INFO) ? (string) $INFO['namespace'] : ''; 308 $JSINFO['ACT'] = act_clean($ACT); 309 $JSINFO['useHeadingNavigation'] = (int) useHeading('navigation'); 310 $JSINFO['useHeadingContent'] = (int) useHeading('content'); 311} 312 313/** 314 * Return information about the current media item as an associative array. 315 * 316 * @return array with info about current media item 317 */ 318function mediainfo() { 319 global $NS; 320 global $IMG; 321 322 $info = basicinfo("$NS:*"); 323 $info['image'] = $IMG; 324 325 return $info; 326} 327 328/** 329 * Build an string of URL parameters 330 * 331 * @author Andreas Gohr 332 * 333 * @param array $params array with key-value pairs 334 * @param string $sep series of pairs are separated by this character 335 * @return string query string 336 */ 337function buildURLparams($params, $sep = '&') { 338 $url = ''; 339 $amp = false; 340 foreach($params as $key => $val) { 341 if($amp) $url .= $sep; 342 343 $url .= rawurlencode($key).'='; 344 $url .= rawurlencode((string) $val); 345 $amp = true; 346 } 347 return $url; 348} 349 350/** 351 * Build an string of html tag attributes 352 * 353 * Skips keys starting with '_', values get HTML encoded 354 * 355 * @author Andreas Gohr 356 * 357 * @param array $params array with (attribute name-attribute value) pairs 358 * @param bool $skipEmptyStrings skip empty string values? 359 * @return string 360 */ 361function buildAttributes($params, $skipEmptyStrings = false) { 362 $url = ''; 363 $white = false; 364 foreach($params as $key => $val) { 365 if($key[0] == '_') continue; 366 if($val === '' && $skipEmptyStrings) continue; 367 if($white) $url .= ' '; 368 369 $url .= $key.'="'; 370 $url .= htmlspecialchars($val); 371 $url .= '"'; 372 $white = true; 373 } 374 return $url; 375} 376 377/** 378 * This builds the breadcrumb trail and returns it as array 379 * 380 * @author Andreas Gohr <andi@splitbrain.org> 381 * 382 * @return string[] with the data: array(pageid=>name, ... ) 383 */ 384function breadcrumbs() { 385 // we prepare the breadcrumbs early for quick session closing 386 static $crumbs = null; 387 if($crumbs != null) return $crumbs; 388 389 global $ID; 390 global $ACT; 391 global $conf; 392 global $INFO; 393 394 //first visit? 395 $crumbs = isset($_SESSION[DOKU_COOKIE]['bc']) ? $_SESSION[DOKU_COOKIE]['bc'] : array(); 396 //we only save on show and existing visible readable wiki documents 397 $file = wikiFN($ID); 398 if($ACT != 'show' || $INFO['perm'] < AUTH_READ || isHiddenPage($ID) || !file_exists($file)) { 399 $_SESSION[DOKU_COOKIE]['bc'] = $crumbs; 400 return $crumbs; 401 } 402 403 // page names 404 $name = noNSorNS($ID); 405 if(useHeading('navigation')) { 406 // get page title 407 $title = p_get_first_heading($ID, METADATA_RENDER_USING_SIMPLE_CACHE); 408 if($title) { 409 $name = $title; 410 } 411 } 412 413 //remove ID from array 414 if(isset($crumbs[$ID])) { 415 unset($crumbs[$ID]); 416 } 417 418 //add to array 419 $crumbs[$ID] = $name; 420 //reduce size 421 while(count($crumbs) > $conf['breadcrumbs']) { 422 array_shift($crumbs); 423 } 424 //save to session 425 $_SESSION[DOKU_COOKIE]['bc'] = $crumbs; 426 return $crumbs; 427} 428 429/** 430 * Filter for page IDs 431 * 432 * This is run on a ID before it is outputted somewhere 433 * currently used to replace the colon with something else 434 * on Windows (non-IIS) systems and to have proper URL encoding 435 * 436 * See discussions at https://github.com/splitbrain/dokuwiki/pull/84 and 437 * https://github.com/splitbrain/dokuwiki/pull/173 why we use a whitelist of 438 * unaffected servers instead of blacklisting affected servers here. 439 * 440 * Urlencoding is ommitted when the second parameter is false 441 * 442 * @author Andreas Gohr <andi@splitbrain.org> 443 * 444 * @param string $id pageid being filtered 445 * @param bool $ue apply urlencoding? 446 * @return string 447 */ 448function idfilter($id, $ue = true) { 449 global $conf; 450 /* @var Input $INPUT */ 451 global $INPUT; 452 453 if($conf['useslash'] && $conf['userewrite']) { 454 $id = strtr($id, ':', '/'); 455 } elseif(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' && 456 $conf['userewrite'] && 457 strpos($INPUT->server->str('SERVER_SOFTWARE'), 'Microsoft-IIS') === false 458 ) { 459 $id = strtr($id, ':', ';'); 460 } 461 if($ue) { 462 $id = rawurlencode($id); 463 $id = str_replace('%3A', ':', $id); //keep as colon 464 $id = str_replace('%3B', ';', $id); //keep as semicolon 465 $id = str_replace('%2F', '/', $id); //keep as slash 466 } 467 return $id; 468} 469 470/** 471 * This builds a link to a wikipage 472 * 473 * It handles URL rewriting and adds additional parameters 474 * 475 * @author Andreas Gohr <andi@splitbrain.org> 476 * 477 * @param string $id page id, defaults to start page 478 * @param string|array $urlParameters URL parameters, associative array recommended 479 * @param bool $absolute request an absolute URL instead of relative 480 * @param string $separator parameter separator 481 * @return string 482 */ 483function wl($id = '', $urlParameters = '', $absolute = false, $separator = '&') { 484 global $conf; 485 if(is_array($urlParameters)) { 486 if(isset($urlParameters['rev']) && !$urlParameters['rev']) unset($urlParameters['rev']); 487 if(isset($urlParameters['at']) && $conf['date_at_format']) { 488 $urlParameters['at'] = date($conf['date_at_format'], $urlParameters['at']); 489 } 490 $urlParameters = buildURLparams($urlParameters, $separator); 491 } else { 492 $urlParameters = str_replace(',', $separator, $urlParameters); 493 } 494 if($id === '') { 495 $id = $conf['start']; 496 } 497 $id = idfilter($id); 498 if($absolute) { 499 $xlink = DOKU_URL; 500 } else { 501 $xlink = DOKU_BASE; 502 } 503 504 if($conf['userewrite'] == 2) { 505 $xlink .= DOKU_SCRIPT.'/'.$id; 506 if($urlParameters) $xlink .= '?'.$urlParameters; 507 } elseif($conf['userewrite']) { 508 $xlink .= $id; 509 if($urlParameters) $xlink .= '?'.$urlParameters; 510 } elseif($id !== '') { 511 $xlink .= DOKU_SCRIPT.'?id='.$id; 512 if($urlParameters) $xlink .= $separator.$urlParameters; 513 } else { 514 $xlink .= DOKU_SCRIPT; 515 if($urlParameters) $xlink .= '?'.$urlParameters; 516 } 517 518 return $xlink; 519} 520 521/** 522 * This builds a link to an alternate page format 523 * 524 * Handles URL rewriting if enabled. Follows the style of wl(). 525 * 526 * @author Ben Coburn <btcoburn@silicodon.net> 527 * @param string $id page id, defaults to start page 528 * @param string $format the export renderer to use 529 * @param string|array $urlParameters URL parameters, associative array recommended 530 * @param bool $abs request an absolute URL instead of relative 531 * @param string $sep parameter separator 532 * @return string 533 */ 534function exportlink($id = '', $format = 'raw', $urlParameters = '', $abs = false, $sep = '&') { 535 global $conf; 536 if(is_array($urlParameters)) { 537 $urlParameters = buildURLparams($urlParameters, $sep); 538 } else { 539 $urlParameters = str_replace(',', $sep, $urlParameters); 540 } 541 542 $format = rawurlencode($format); 543 $id = idfilter($id); 544 if($abs) { 545 $xlink = DOKU_URL; 546 } else { 547 $xlink = DOKU_BASE; 548 } 549 550 if($conf['userewrite'] == 2) { 551 $xlink .= DOKU_SCRIPT.'/'.$id.'?do=export_'.$format; 552 if($urlParameters) $xlink .= $sep.$urlParameters; 553 } elseif($conf['userewrite'] == 1) { 554 $xlink .= '_export/'.$format.'/'.$id; 555 if($urlParameters) $xlink .= '?'.$urlParameters; 556 } else { 557 $xlink .= DOKU_SCRIPT.'?do=export_'.$format.$sep.'id='.$id; 558 if($urlParameters) $xlink .= $sep.$urlParameters; 559 } 560 561 return $xlink; 562} 563 564/** 565 * Build a link to a media file 566 * 567 * Will return a link to the detail page if $direct is false 568 * 569 * The $more parameter should always be given as array, the function then 570 * will strip default parameters to produce even cleaner URLs 571 * 572 * @param string $id the media file id or URL 573 * @param mixed $more string or array with additional parameters 574 * @param bool $direct link to detail page if false 575 * @param string $sep URL parameter separator 576 * @param bool $abs Create an absolute URL 577 * @return string 578 */ 579function ml($id = '', $more = '', $direct = true, $sep = '&', $abs = false) { 580 global $conf; 581 $isexternalimage = media_isexternal($id); 582 if(!$isexternalimage) { 583 $id = cleanID($id); 584 } 585 586 if(is_array($more)) { 587 // add token for resized images 588 $w = isset($more['w']) ? $more['w'] : null; 589 $h = isset($more['h']) ? $more['h'] : null; 590 if($w || $h || $isexternalimage){ 591 $more['tok'] = media_get_token($id, $w, $h); 592 } 593 // strip defaults for shorter URLs 594 if(isset($more['cache']) && $more['cache'] == 'cache') unset($more['cache']); 595 if(empty($more['w'])) unset($more['w']); 596 if(empty($more['h'])) unset($more['h']); 597 if(isset($more['id']) && $direct) unset($more['id']); 598 if(isset($more['rev']) && !$more['rev']) unset($more['rev']); 599 $more = buildURLparams($more, $sep); 600 } else { 601 $matches = array(); 602 if (preg_match_all('/\b(w|h)=(\d*)\b/',$more,$matches,PREG_SET_ORDER) || $isexternalimage){ 603 $resize = array('w'=>0, 'h'=>0); 604 foreach ($matches as $match){ 605 $resize[$match[1]] = $match[2]; 606 } 607 $more .= $more === '' ? '' : $sep; 608 $more .= 'tok='.media_get_token($id,$resize['w'],$resize['h']); 609 } 610 $more = str_replace('cache=cache', '', $more); //skip default 611 $more = str_replace(',,', ',', $more); 612 $more = str_replace(',', $sep, $more); 613 } 614 615 if($abs) { 616 $xlink = DOKU_URL; 617 } else { 618 $xlink = DOKU_BASE; 619 } 620 621 // external URLs are always direct without rewriting 622 if($isexternalimage) { 623 $xlink .= 'lib/exe/fetch.php'; 624 $xlink .= '?'.$more; 625 $xlink .= $sep.'media='.rawurlencode($id); 626 return $xlink; 627 } 628 629 $id = idfilter($id); 630 631 // decide on scriptname 632 if($direct) { 633 if($conf['userewrite'] == 1) { 634 $script = '_media'; 635 } else { 636 $script = 'lib/exe/fetch.php'; 637 } 638 } else { 639 if($conf['userewrite'] == 1) { 640 $script = '_detail'; 641 } else { 642 $script = 'lib/exe/detail.php'; 643 } 644 } 645 646 // build URL based on rewrite mode 647 if($conf['userewrite']) { 648 $xlink .= $script.'/'.$id; 649 if($more) $xlink .= '?'.$more; 650 } else { 651 if($more) { 652 $xlink .= $script.'?'.$more; 653 $xlink .= $sep.'media='.$id; 654 } else { 655 $xlink .= $script.'?media='.$id; 656 } 657 } 658 659 return $xlink; 660} 661 662/** 663 * Returns the URL to the DokuWiki base script 664 * 665 * Consider using wl() instead, unless you absoutely need the doku.php endpoint 666 * 667 * @author Andreas Gohr <andi@splitbrain.org> 668 * 669 * @return string 670 */ 671function script() { 672 return DOKU_BASE.DOKU_SCRIPT; 673} 674 675/** 676 * Spamcheck against wordlist 677 * 678 * Checks the wikitext against a list of blocked expressions 679 * returns true if the text contains any bad words 680 * 681 * Triggers COMMON_WORDBLOCK_BLOCKED 682 * 683 * Action Plugins can use this event to inspect the blocked data 684 * and gain information about the user who was blocked. 685 * 686 * Event data: 687 * data['matches'] - array of matches 688 * data['userinfo'] - information about the blocked user 689 * [ip] - ip address 690 * [user] - username (if logged in) 691 * [mail] - mail address (if logged in) 692 * [name] - real name (if logged in) 693 * 694 * @author Andreas Gohr <andi@splitbrain.org> 695 * @author Michael Klier <chi@chimeric.de> 696 * 697 * @param string $text - optional text to check, if not given the globals are used 698 * @return bool - true if a spam word was found 699 */ 700function checkwordblock($text = '') { 701 global $TEXT; 702 global $PRE; 703 global $SUF; 704 global $SUM; 705 global $conf; 706 global $INFO; 707 /* @var Input $INPUT */ 708 global $INPUT; 709 710 if(!$conf['usewordblock']) return false; 711 712 if(!$text) $text = "$PRE $TEXT $SUF $SUM"; 713 714 // we prepare the text a tiny bit to prevent spammers circumventing URL checks 715 // phpcs:disable Generic.Files.LineLength.TooLong 716 $text = preg_replace( 717 '!(\b)(www\.[\w.:?\-;,]+?\.[\w.:?\-;,]+?[\w/\#~:.?+=&%@\!\-.:?\-;,]+?)([.:?\-;,]*[^\w/\#~:.?+=&%@\!\-.:?\-;,])!i', 718 '\1http://\2 \2\3', 719 $text 720 ); 721 // phpcs:enable 722 723 $wordblocks = getWordblocks(); 724 // how many lines to read at once (to work around some PCRE limits) 725 if(version_compare(phpversion(), '4.3.0', '<')) { 726 // old versions of PCRE define a maximum of parenthesises even if no 727 // backreferences are used - the maximum is 99 728 // this is very bad performancewise and may even be too high still 729 $chunksize = 40; 730 } else { 731 // read file in chunks of 200 - this should work around the 732 // MAX_PATTERN_SIZE in modern PCRE 733 $chunksize = 200; 734 } 735 while($blocks = array_splice($wordblocks, 0, $chunksize)) { 736 $re = array(); 737 // build regexp from blocks 738 foreach($blocks as $block) { 739 $block = preg_replace('/#.*$/', '', $block); 740 $block = trim($block); 741 if(empty($block)) continue; 742 $re[] = $block; 743 } 744 if(count($re) && preg_match('#('.join('|', $re).')#si', $text, $matches)) { 745 // prepare event data 746 $data = array(); 747 $data['matches'] = $matches; 748 $data['userinfo']['ip'] = $INPUT->server->str('REMOTE_ADDR'); 749 if($INPUT->server->str('REMOTE_USER')) { 750 $data['userinfo']['user'] = $INPUT->server->str('REMOTE_USER'); 751 $data['userinfo']['name'] = $INFO['userinfo']['name']; 752 $data['userinfo']['mail'] = $INFO['userinfo']['mail']; 753 } 754 $callback = function () { 755 return true; 756 }; 757 return Event::createAndTrigger('COMMON_WORDBLOCK_BLOCKED', $data, $callback, true); 758 } 759 } 760 return false; 761} 762 763/** 764 * Return the IP of the client 765 * 766 * Honours X-Forwarded-For and X-Real-IP Proxy Headers 767 * 768 * It returns a comma separated list of IPs if the above mentioned 769 * headers are set. If the single parameter is set, it tries to return 770 * a routable public address, prefering the ones suplied in the X 771 * headers 772 * 773 * @author Andreas Gohr <andi@splitbrain.org> 774 * 775 * @param boolean $single If set only a single IP is returned 776 * @return string 777 */ 778function clientIP($single = false) { 779 /* @var Input $INPUT */ 780 global $INPUT, $conf; 781 782 $ip = array(); 783 $ip[] = $INPUT->server->str('REMOTE_ADDR'); 784 if($INPUT->server->str('HTTP_X_FORWARDED_FOR')) { 785 $ip = array_merge($ip, explode(',', str_replace(' ', '', $INPUT->server->str('HTTP_X_FORWARDED_FOR')))); 786 } 787 if($INPUT->server->str('HTTP_X_REAL_IP')) { 788 $ip = array_merge($ip, explode(',', str_replace(' ', '', $INPUT->server->str('HTTP_X_REAL_IP')))); 789 } 790 791 // some IPv4/v6 regexps borrowed from Feyd 792 // see: http://forums.devnetwork.net/viewtopic.php?f=38&t=53479 793 $dec_octet = '(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|[0-9])'; 794 $hex_digit = '[A-Fa-f0-9]'; 795 $h16 = "{$hex_digit}{1,4}"; 796 $IPv4Address = "$dec_octet\\.$dec_octet\\.$dec_octet\\.$dec_octet"; 797 $ls32 = "(?:$h16:$h16|$IPv4Address)"; 798 $IPv6Address = 799 "(?:(?:{$IPv4Address})|(?:". 800 "(?:$h16:){6}$ls32". 801 "|::(?:$h16:){5}$ls32". 802 "|(?:$h16)?::(?:$h16:){4}$ls32". 803 "|(?:(?:$h16:){0,1}$h16)?::(?:$h16:){3}$ls32". 804 "|(?:(?:$h16:){0,2}$h16)?::(?:$h16:){2}$ls32". 805 "|(?:(?:$h16:){0,3}$h16)?::(?:$h16:){1}$ls32". 806 "|(?:(?:$h16:){0,4}$h16)?::$ls32". 807 "|(?:(?:$h16:){0,5}$h16)?::$h16". 808 "|(?:(?:$h16:){0,6}$h16)?::". 809 ")(?:\\/(?:12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))?)"; 810 811 // remove any non-IP stuff 812 $cnt = count($ip); 813 $match = array(); 814 for($i = 0; $i < $cnt; $i++) { 815 if(preg_match("/^$IPv4Address$/", $ip[$i], $match) || preg_match("/^$IPv6Address$/", $ip[$i], $match)) { 816 $ip[$i] = $match[0]; 817 } else { 818 $ip[$i] = ''; 819 } 820 if(empty($ip[$i])) unset($ip[$i]); 821 } 822 $ip = array_values(array_unique($ip)); 823 if(empty($ip) || !$ip[0]) $ip[0] = '0.0.0.0'; // for some strange reason we don't have a IP 824 825 if(!$single) return join(',', $ip); 826 827 // skip trusted local addresses 828 foreach($ip as $i) { 829 if(!empty($conf['trustedproxy']) && preg_match('/'.$conf['trustedproxy'].'/', $i)) { 830 continue; 831 } else { 832 return $i; 833 } 834 } 835 836 // still here? just use the last address 837 // this case all ips in the list are trusted 838 return $ip[count($ip)-1]; 839} 840 841/** 842 * Check if the browser is on a mobile device 843 * 844 * Adapted from the example code at url below 845 * 846 * @link http://www.brainhandles.com/2007/10/15/detecting-mobile-browsers/#code 847 * 848 * @deprecated 2018-04-27 you probably want media queries instead anyway 849 * @return bool if true, client is mobile browser; otherwise false 850 */ 851function clientismobile() { 852 /* @var Input $INPUT */ 853 global $INPUT; 854 855 if($INPUT->server->has('HTTP_X_WAP_PROFILE')) return true; 856 857 if(preg_match('/wap\.|\.wap/i', $INPUT->server->str('HTTP_ACCEPT'))) return true; 858 859 if(!$INPUT->server->has('HTTP_USER_AGENT')) return false; 860 861 $uamatches = join( 862 '|', 863 [ 864 'midp', 'j2me', 'avantg', 'docomo', 'novarra', 'palmos', 'palmsource', '240x320', 'opwv', 865 'chtml', 'pda', 'windows ce', 'mmp\/', 'blackberry', 'mib\/', 'symbian', 'wireless', 'nokia', 866 'hand', 'mobi', 'phone', 'cdm', 'up\.b', 'audio', 'SIE\-', 'SEC\-', 'samsung', 'HTC', 'mot\-', 867 'mitsu', 'sagem', 'sony', 'alcatel', 'lg', 'erics', 'vx', 'NEC', 'philips', 'mmm', 'xx', 868 'panasonic', 'sharp', 'wap', 'sch', 'rover', 'pocket', 'benq', 'java', 'pt', 'pg', 'vox', 869 'amoi', 'bird', 'compal', 'kg', 'voda', 'sany', 'kdd', 'dbt', 'sendo', 'sgh', 'gradi', 'jb', 870 '\d\d\di', 'moto' 871 ] 872 ); 873 874 if(preg_match("/$uamatches/i", $INPUT->server->str('HTTP_USER_AGENT'))) return true; 875 876 return false; 877} 878 879/** 880 * check if a given link is interwiki link 881 * 882 * @param string $link the link, e.g. "wiki>page" 883 * @return bool 884 */ 885function link_isinterwiki($link){ 886 if (preg_match('/^[a-zA-Z0-9\.]+>/u',$link)) return true; 887 return false; 888} 889 890/** 891 * Convert one or more comma separated IPs to hostnames 892 * 893 * If $conf['dnslookups'] is disabled it simply returns the input string 894 * 895 * @author Glen Harris <astfgl@iamnota.org> 896 * 897 * @param string $ips comma separated list of IP addresses 898 * @return string a comma separated list of hostnames 899 */ 900function gethostsbyaddrs($ips) { 901 global $conf; 902 if(!$conf['dnslookups']) return $ips; 903 904 $hosts = array(); 905 $ips = explode(',', $ips); 906 907 if(is_array($ips)) { 908 foreach($ips as $ip) { 909 $hosts[] = gethostbyaddr(trim($ip)); 910 } 911 return join(',', $hosts); 912 } else { 913 return gethostbyaddr(trim($ips)); 914 } 915} 916 917/** 918 * Checks if a given page is currently locked. 919 * 920 * removes stale lockfiles 921 * 922 * @author Andreas Gohr <andi@splitbrain.org> 923 * 924 * @param string $id page id 925 * @return bool page is locked? 926 */ 927function checklock($id) { 928 global $conf; 929 /* @var Input $INPUT */ 930 global $INPUT; 931 932 $lock = wikiLockFN($id); 933 934 //no lockfile 935 if(!file_exists($lock)) return false; 936 937 //lockfile expired 938 if((time() - filemtime($lock)) > $conf['locktime']) { 939 @unlink($lock); 940 return false; 941 } 942 943 //my own lock 944 @list($ip, $session) = explode("\n", io_readFile($lock)); 945 if($ip == $INPUT->server->str('REMOTE_USER') || $ip == clientIP() || (session_id() && $session == session_id())) { 946 return false; 947 } 948 949 return $ip; 950} 951 952/** 953 * Lock a page for editing 954 * 955 * @author Andreas Gohr <andi@splitbrain.org> 956 * 957 * @param string $id page id to lock 958 */ 959function lock($id) { 960 global $conf; 961 /* @var Input $INPUT */ 962 global $INPUT; 963 964 if($conf['locktime'] == 0) { 965 return; 966 } 967 968 $lock = wikiLockFN($id); 969 if($INPUT->server->str('REMOTE_USER')) { 970 io_saveFile($lock, $INPUT->server->str('REMOTE_USER')); 971 } else { 972 io_saveFile($lock, clientIP()."\n".session_id()); 973 } 974} 975 976/** 977 * Unlock a page if it was locked by the user 978 * 979 * @author Andreas Gohr <andi@splitbrain.org> 980 * 981 * @param string $id page id to unlock 982 * @return bool true if a lock was removed 983 */ 984function unlock($id) { 985 /* @var Input $INPUT */ 986 global $INPUT; 987 988 $lock = wikiLockFN($id); 989 if(file_exists($lock)) { 990 @list($ip, $session) = explode("\n", io_readFile($lock)); 991 if($ip == $INPUT->server->str('REMOTE_USER') || $ip == clientIP() || $session == session_id()) { 992 @unlink($lock); 993 return true; 994 } 995 } 996 return false; 997} 998 999/** 1000 * convert line ending to unix format 1001 * 1002 * also makes sure the given text is valid UTF-8 1003 * 1004 * @see formText() for 2crlf conversion 1005 * @author Andreas Gohr <andi@splitbrain.org> 1006 * 1007 * @param string $text 1008 * @return string 1009 */ 1010function cleanText($text) { 1011 $text = preg_replace("/(\015\012)|(\015)/", "\012", $text); 1012 1013 // if the text is not valid UTF-8 we simply assume latin1 1014 // this won't break any worse than it breaks with the wrong encoding 1015 // but might actually fix the problem in many cases 1016 if(!\dokuwiki\Utf8\Clean::isUtf8($text)) $text = utf8_encode($text); 1017 1018 return $text; 1019} 1020 1021/** 1022 * Prepares text for print in Webforms by encoding special chars. 1023 * It also converts line endings to Windows format which is 1024 * pseudo standard for webforms. 1025 * 1026 * @see cleanText() for 2unix conversion 1027 * @author Andreas Gohr <andi@splitbrain.org> 1028 * 1029 * @param string $text 1030 * @return string 1031 */ 1032function formText($text) { 1033 $text = str_replace("\012", "\015\012", $text); 1034 return htmlspecialchars($text); 1035} 1036 1037/** 1038 * Returns the specified local text in raw format 1039 * 1040 * @author Andreas Gohr <andi@splitbrain.org> 1041 * 1042 * @param string $id page id 1043 * @param string $ext extension of file being read, default 'txt' 1044 * @return string 1045 */ 1046function rawLocale($id, $ext = 'txt') { 1047 return io_readFile(localeFN($id, $ext)); 1048} 1049 1050/** 1051 * Returns the raw WikiText 1052 * 1053 * @author Andreas Gohr <andi@splitbrain.org> 1054 * 1055 * @param string $id page id 1056 * @param string|int $rev timestamp when a revision of wikitext is desired 1057 * @return string 1058 */ 1059function rawWiki($id, $rev = '') { 1060 return io_readWikiPage(wikiFN($id, $rev), $id, $rev); 1061} 1062 1063/** 1064 * Returns the pagetemplate contents for the ID's namespace 1065 * 1066 * @triggers COMMON_PAGETPL_LOAD 1067 * @author Andreas Gohr <andi@splitbrain.org> 1068 * 1069 * @param string $id the id of the page to be created 1070 * @return string parsed pagetemplate content 1071 */ 1072function pageTemplate($id) { 1073 global $conf; 1074 1075 if(is_array($id)) $id = $id[0]; 1076 1077 // prepare initial event data 1078 $data = array( 1079 'id' => $id, // the id of the page to be created 1080 'tpl' => '', // the text used as template 1081 'tplfile' => '', // the file above text was/should be loaded from 1082 'doreplace' => true // should wildcard replacements be done on the text? 1083 ); 1084 1085 $evt = new Event('COMMON_PAGETPL_LOAD', $data); 1086 if($evt->advise_before(true)) { 1087 // the before event might have loaded the content already 1088 if(empty($data['tpl'])) { 1089 // if the before event did not set a template file, try to find one 1090 if(empty($data['tplfile'])) { 1091 $path = dirname(wikiFN($id)); 1092 if(file_exists($path.'/_template.txt')) { 1093 $data['tplfile'] = $path.'/_template.txt'; 1094 } else { 1095 // search upper namespaces for templates 1096 $len = strlen(rtrim($conf['datadir'], '/')); 1097 while(strlen($path) >= $len) { 1098 if(file_exists($path.'/__template.txt')) { 1099 $data['tplfile'] = $path.'/__template.txt'; 1100 break; 1101 } 1102 $path = substr($path, 0, strrpos($path, '/')); 1103 } 1104 } 1105 } 1106 // load the content 1107 $data['tpl'] = io_readFile($data['tplfile']); 1108 } 1109 if($data['doreplace']) parsePageTemplate($data); 1110 } 1111 $evt->advise_after(); 1112 unset($evt); 1113 1114 return $data['tpl']; 1115} 1116 1117/** 1118 * Performs common page template replacements 1119 * This works on data from COMMON_PAGETPL_LOAD 1120 * 1121 * @author Andreas Gohr <andi@splitbrain.org> 1122 * 1123 * @param array $data array with event data 1124 * @return string 1125 */ 1126function parsePageTemplate(&$data) { 1127 /** 1128 * @var string $id the id of the page to be created 1129 * @var string $tpl the text used as template 1130 * @var string $tplfile the file above text was/should be loaded from 1131 * @var bool $doreplace should wildcard replacements be done on the text? 1132 */ 1133 extract($data); 1134 1135 global $USERINFO; 1136 global $conf; 1137 /* @var Input $INPUT */ 1138 global $INPUT; 1139 1140 // replace placeholders 1141 $file = noNS($id); 1142 $page = strtr($file, $conf['sepchar'], ' '); 1143 1144 $tpl = str_replace( 1145 array( 1146 '@ID@', 1147 '@NS@', 1148 '@CURNS@', 1149 '@!CURNS@', 1150 '@!!CURNS@', 1151 '@!CURNS!@', 1152 '@FILE@', 1153 '@!FILE@', 1154 '@!FILE!@', 1155 '@PAGE@', 1156 '@!PAGE@', 1157 '@!!PAGE@', 1158 '@!PAGE!@', 1159 '@USER@', 1160 '@NAME@', 1161 '@MAIL@', 1162 '@DATE@', 1163 ), 1164 array( 1165 $id, 1166 getNS($id), 1167 curNS($id), 1168 \dokuwiki\Utf8\PhpString::ucfirst(curNS($id)), 1169 \dokuwiki\Utf8\PhpString::ucwords(curNS($id)), 1170 \dokuwiki\Utf8\PhpString::strtoupper(curNS($id)), 1171 $file, 1172 \dokuwiki\Utf8\PhpString::ucfirst($file), 1173 \dokuwiki\Utf8\PhpString::strtoupper($file), 1174 $page, 1175 \dokuwiki\Utf8\PhpString::ucfirst($page), 1176 \dokuwiki\Utf8\PhpString::ucwords($page), 1177 \dokuwiki\Utf8\PhpString::strtoupper($page), 1178 $INPUT->server->str('REMOTE_USER'), 1179 $USERINFO ? $USERINFO['name'] : '', 1180 $USERINFO ? $USERINFO['mail'] : '', 1181 $conf['dformat'], 1182 ), $tpl 1183 ); 1184 1185 // we need the callback to work around strftime's char limit 1186 $tpl = preg_replace_callback( 1187 '/%./', 1188 function ($m) { 1189 return strftime($m[0]); 1190 }, 1191 $tpl 1192 ); 1193 $data['tpl'] = $tpl; 1194 return $tpl; 1195} 1196 1197/** 1198 * Returns the raw Wiki Text in three slices. 1199 * 1200 * The range parameter needs to have the form "from-to" 1201 * and gives the range of the section in bytes - no 1202 * UTF-8 awareness is needed. 1203 * The returned order is prefix, section and suffix. 1204 * 1205 * @author Andreas Gohr <andi@splitbrain.org> 1206 * 1207 * @param string $range in form "from-to" 1208 * @param string $id page id 1209 * @param string $rev optional, the revision timestamp 1210 * @return string[] with three slices 1211 */ 1212function rawWikiSlices($range, $id, $rev = '') { 1213 $text = io_readWikiPage(wikiFN($id, $rev), $id, $rev); 1214 1215 // Parse range 1216 list($from, $to) = explode('-', $range, 2); 1217 // Make range zero-based, use defaults if marker is missing 1218 $from = !$from ? 0 : ($from - 1); 1219 $to = !$to ? strlen($text) : ($to - 1); 1220 1221 $slices = array(); 1222 $slices[0] = substr($text, 0, $from); 1223 $slices[1] = substr($text, $from, $to - $from); 1224 $slices[2] = substr($text, $to); 1225 return $slices; 1226} 1227 1228/** 1229 * Joins wiki text slices 1230 * 1231 * function to join the text slices. 1232 * When the pretty parameter is set to true it adds additional empty 1233 * lines between sections if needed (used on saving). 1234 * 1235 * @author Andreas Gohr <andi@splitbrain.org> 1236 * 1237 * @param string $pre prefix 1238 * @param string $text text in the middle 1239 * @param string $suf suffix 1240 * @param bool $pretty add additional empty lines between sections 1241 * @return string 1242 */ 1243function con($pre, $text, $suf, $pretty = false) { 1244 if($pretty) { 1245 if($pre !== '' && substr($pre, -1) !== "\n" && 1246 substr($text, 0, 1) !== "\n" 1247 ) { 1248 $pre .= "\n"; 1249 } 1250 if($suf !== '' && substr($text, -1) !== "\n" && 1251 substr($suf, 0, 1) !== "\n" 1252 ) { 1253 $text .= "\n"; 1254 } 1255 } 1256 1257 return $pre.$text.$suf; 1258} 1259 1260/** 1261 * Checks if the current page version is newer than the last entry in the page's 1262 * changelog. If so, we assume it has been an external edit and we create an 1263 * attic copy and add a proper changelog line. 1264 * 1265 * This check is only executed when the page is about to be saved again from the 1266 * wiki, triggered in @see saveWikiText() 1267 * 1268 * @param string $id the page ID 1269 * @deprecated YYYY-MM-DD 1270 */ 1271function detectExternalEdit($id) { 1272 //dbg_deprecated(\dokuwiki\File\PageFile::class .'::detectExternalEdit()'); 1273 (new PageFile($id))->detectExternalEdit(); 1274} 1275 1276/** 1277 * Saves a wikitext by calling io_writeWikiPage. 1278 * Also directs changelog and attic updates. 1279 * 1280 * @author Andreas Gohr <andi@splitbrain.org> 1281 * @author Ben Coburn <btcoburn@silicodon.net> 1282 * 1283 * @param string $id page id 1284 * @param string $text wikitext being saved 1285 * @param string $summary summary of text update 1286 * @param bool $minor mark this saved version as minor update 1287 */ 1288function saveWikiText($id, $text, $summary, $minor = false) { 1289 1290 // get COMMON_WIKIPAGE_SAVE event data 1291 $data = (new PageFile($id))->saveWikiText($text, $summary, $minor); 1292 1293 // send notify mails 1294 notify($id, 'admin', $data['oldRevision'], $data['summary'], $minor, $data['newRevision']); 1295 notify($id, 'subscribers', $data['oldRevision'], $data['summary'], $minor, $data['newRevision']); 1296 1297 // if useheading is enabled, purge the cache of all linking pages 1298 if (useHeading('content')) { 1299 $pages = ft_backlinks($id, true); 1300 foreach ($pages as $page) { 1301 $cache = new CacheRenderer($page, wikiFN($page), 'xhtml'); 1302 $cache->removeCache(); 1303 } 1304 } 1305} 1306 1307/** 1308 * moves the current version to the attic and returns its revision date 1309 * 1310 * @author Andreas Gohr <andi@splitbrain.org> 1311 * 1312 * @param string $id page id 1313 * @return int|string revision timestamp 1314 * @deprecated YYYY-MM-DD 1315 */ 1316function saveOldRevision($id) { 1317 //dbg_deprecated(\dokuwiki\File\PageFile::class .'::saveOldRevision()'); 1318 return (new PageFile($id))->saveOldRevision(); 1319} 1320 1321/** 1322 * Sends a notify mail on page change or registration 1323 * 1324 * @param string $id The changed page 1325 * @param string $who Who to notify (admin|subscribers|register) 1326 * @param int|string $rev Old page revision 1327 * @param string $summary What changed 1328 * @param boolean $minor Is this a minor edit? 1329 * @param string[] $replace Additional string substitutions, @KEY@ to be replaced by value 1330 * @param int|string $current_rev New page revision 1331 * @return bool 1332 * 1333 * @author Andreas Gohr <andi@splitbrain.org> 1334 */ 1335function notify($id, $who, $rev = '', $summary = '', $minor = false, $replace = array(), $current_rev = false) { 1336 global $conf; 1337 /* @var Input $INPUT */ 1338 global $INPUT; 1339 1340 // decide if there is something to do, eg. whom to mail 1341 if($who == 'admin') { 1342 if(empty($conf['notify'])) return false; //notify enabled? 1343 $tpl = 'mailtext'; 1344 $to = $conf['notify']; 1345 } elseif($who == 'subscribers') { 1346 if(!actionOK('subscribe')) return false; //subscribers enabled? 1347 if($conf['useacl'] && $INPUT->server->str('REMOTE_USER') && $minor) return false; //skip minors 1348 $data = array('id' => $id, 'addresslist' => '', 'self' => false, 'replacements' => $replace); 1349 Event::createAndTrigger( 1350 'COMMON_NOTIFY_ADDRESSLIST', $data, 1351 array(new SubscriberManager(), 'notifyAddresses') 1352 ); 1353 $to = $data['addresslist']; 1354 if(empty($to)) return false; 1355 $tpl = 'subscr_single'; 1356 } else { 1357 return false; //just to be safe 1358 } 1359 1360 // prepare content 1361 $subscription = new PageSubscriptionSender(); 1362 return $subscription->sendPageDiff($to, $tpl, $id, $rev, $summary, $current_rev); 1363} 1364 1365/** 1366 * extracts the query from a search engine referrer 1367 * 1368 * @author Andreas Gohr <andi@splitbrain.org> 1369 * @author Todd Augsburger <todd@rollerorgans.com> 1370 * 1371 * @return array|string 1372 */ 1373function getGoogleQuery() { 1374 /* @var Input $INPUT */ 1375 global $INPUT; 1376 1377 if(!$INPUT->server->has('HTTP_REFERER')) { 1378 return ''; 1379 } 1380 $url = parse_url($INPUT->server->str('HTTP_REFERER')); 1381 1382 // only handle common SEs 1383 if(!preg_match('/(google|bing|yahoo|ask|duckduckgo|babylon|aol|yandex)/',$url['host'])) return ''; 1384 1385 $query = array(); 1386 parse_str($url['query'], $query); 1387 1388 $q = ''; 1389 if(isset($query['q'])){ 1390 $q = $query['q']; 1391 }elseif(isset($query['p'])){ 1392 $q = $query['p']; 1393 }elseif(isset($query['query'])){ 1394 $q = $query['query']; 1395 } 1396 $q = trim($q); 1397 1398 if(!$q) return ''; 1399 // ignore if query includes a full URL 1400 if(strpos($q, '//') !== false) return ''; 1401 $q = preg_split('/[\s\'"\\\\`()\]\[?:!\.{};,#+*<>\\/]+/', $q, -1, PREG_SPLIT_NO_EMPTY); 1402 return $q; 1403} 1404 1405/** 1406 * Return the human readable size of a file 1407 * 1408 * @param int $size A file size 1409 * @param int $dec A number of decimal places 1410 * @return string human readable size 1411 * 1412 * @author Martin Benjamin <b.martin@cybernet.ch> 1413 * @author Aidan Lister <aidan@php.net> 1414 * @version 1.0.0 1415 */ 1416function filesize_h($size, $dec = 1) { 1417 $sizes = array('B', 'KB', 'MB', 'GB'); 1418 $count = count($sizes); 1419 $i = 0; 1420 1421 while($size >= 1024 && ($i < $count - 1)) { 1422 $size /= 1024; 1423 $i++; 1424 } 1425 1426 return round($size, $dec)."\xC2\xA0".$sizes[$i]; //non-breaking space 1427} 1428 1429/** 1430 * Return the given timestamp as human readable, fuzzy age 1431 * 1432 * @author Andreas Gohr <gohr@cosmocode.de> 1433 * 1434 * @param int $dt timestamp 1435 * @return string 1436 */ 1437function datetime_h($dt) { 1438 global $lang; 1439 1440 $ago = time() - $dt; 1441 if($ago > 24 * 60 * 60 * 30 * 12 * 2) { 1442 return sprintf($lang['years'], round($ago / (24 * 60 * 60 * 30 * 12))); 1443 } 1444 if($ago > 24 * 60 * 60 * 30 * 2) { 1445 return sprintf($lang['months'], round($ago / (24 * 60 * 60 * 30))); 1446 } 1447 if($ago > 24 * 60 * 60 * 7 * 2) { 1448 return sprintf($lang['weeks'], round($ago / (24 * 60 * 60 * 7))); 1449 } 1450 if($ago > 24 * 60 * 60 * 2) { 1451 return sprintf($lang['days'], round($ago / (24 * 60 * 60))); 1452 } 1453 if($ago > 60 * 60 * 2) { 1454 return sprintf($lang['hours'], round($ago / (60 * 60))); 1455 } 1456 if($ago > 60 * 2) { 1457 return sprintf($lang['minutes'], round($ago / (60))); 1458 } 1459 return sprintf($lang['seconds'], $ago); 1460} 1461 1462/** 1463 * Wraps around strftime but provides support for fuzzy dates 1464 * 1465 * The format default to $conf['dformat']. It is passed to 1466 * strftime - %f can be used to get the value from datetime_h() 1467 * 1468 * @see datetime_h 1469 * @author Andreas Gohr <gohr@cosmocode.de> 1470 * 1471 * @param int|null $dt timestamp when given, null will take current timestamp 1472 * @param string $format empty default to $conf['dformat'], or provide format as recognized by strftime() 1473 * @return string 1474 */ 1475function dformat($dt = null, $format = '') { 1476 global $conf; 1477 1478 if(is_null($dt)) $dt = time(); 1479 $dt = (int) $dt; 1480 if(!$format) $format = $conf['dformat']; 1481 1482 $format = str_replace('%f', datetime_h($dt), $format); 1483 return strftime($format, $dt); 1484} 1485 1486/** 1487 * Formats a timestamp as ISO 8601 date 1488 * 1489 * @author <ungu at terong dot com> 1490 * @link http://php.net/manual/en/function.date.php#54072 1491 * 1492 * @param int $int_date current date in UNIX timestamp 1493 * @return string 1494 */ 1495function date_iso8601($int_date) { 1496 $date_mod = date('Y-m-d\TH:i:s', $int_date); 1497 $pre_timezone = date('O', $int_date); 1498 $time_zone = substr($pre_timezone, 0, 3).":".substr($pre_timezone, 3, 2); 1499 $date_mod .= $time_zone; 1500 return $date_mod; 1501} 1502 1503/** 1504 * return an obfuscated email address in line with $conf['mailguard'] setting 1505 * 1506 * @author Harry Fuecks <hfuecks@gmail.com> 1507 * @author Christopher Smith <chris@jalakai.co.uk> 1508 * 1509 * @param string $email email address 1510 * @return string 1511 */ 1512function obfuscate($email) { 1513 global $conf; 1514 1515 switch($conf['mailguard']) { 1516 case 'visible' : 1517 $obfuscate = array('@' => ' [at] ', '.' => ' [dot] ', '-' => ' [dash] '); 1518 return strtr($email, $obfuscate); 1519 1520 case 'hex' : 1521 return \dokuwiki\Utf8\Conversion::toHtml($email, true); 1522 1523 case 'none' : 1524 default : 1525 return $email; 1526 } 1527} 1528 1529/** 1530 * Removes quoting backslashes 1531 * 1532 * @author Andreas Gohr <andi@splitbrain.org> 1533 * 1534 * @param string $string 1535 * @param string $char backslashed character 1536 * @return string 1537 */ 1538function unslash($string, $char = "'") { 1539 return str_replace('\\'.$char, $char, $string); 1540} 1541 1542/** 1543 * Convert php.ini shorthands to byte 1544 * 1545 * On 32 bit systems values >= 2GB will fail! 1546 * 1547 * -1 (infinite size) will be reported as -1 1548 * 1549 * @link https://www.php.net/manual/en/faq.using.php#faq.using.shorthandbytes 1550 * @param string $value PHP size shorthand 1551 * @return int 1552 */ 1553function php_to_byte($value) { 1554 switch (strtoupper(substr($value,-1))) { 1555 case 'G': 1556 $ret = intval(substr($value, 0, -1)) * 1024 * 1024 * 1024; 1557 break; 1558 case 'M': 1559 $ret = intval(substr($value, 0, -1)) * 1024 * 1024; 1560 break; 1561 case 'K': 1562 $ret = intval(substr($value, 0, -1)) * 1024; 1563 break; 1564 default: 1565 $ret = intval($value); 1566 break; 1567 } 1568 return $ret; 1569} 1570 1571/** 1572 * Wrapper around preg_quote adding the default delimiter 1573 * 1574 * @param string $string 1575 * @return string 1576 */ 1577function preg_quote_cb($string) { 1578 return preg_quote($string, '/'); 1579} 1580 1581/** 1582 * Shorten a given string by removing data from the middle 1583 * 1584 * You can give the string in two parts, the first part $keep 1585 * will never be shortened. The second part $short will be cut 1586 * in the middle to shorten but only if at least $min chars are 1587 * left to display it. Otherwise it will be left off. 1588 * 1589 * @param string $keep the part to keep 1590 * @param string $short the part to shorten 1591 * @param int $max maximum chars you want for the whole string 1592 * @param int $min minimum number of chars to have left for middle shortening 1593 * @param string $char the shortening character to use 1594 * @return string 1595 */ 1596function shorten($keep, $short, $max, $min = 9, $char = '…') { 1597 $max = $max - \dokuwiki\Utf8\PhpString::strlen($keep); 1598 if($max < $min) return $keep; 1599 $len = \dokuwiki\Utf8\PhpString::strlen($short); 1600 if($len <= $max) return $keep.$short; 1601 $half = floor($max / 2); 1602 return $keep . 1603 \dokuwiki\Utf8\PhpString::substr($short, 0, $half - 1) . 1604 $char . 1605 \dokuwiki\Utf8\PhpString::substr($short, $len - $half); 1606} 1607 1608/** 1609 * Return the users real name or e-mail address for use 1610 * in page footer and recent changes pages 1611 * 1612 * @param string|null $username or null when currently logged-in user should be used 1613 * @param bool $textonly true returns only plain text, true allows returning html 1614 * @return string html or plain text(not escaped) of formatted user name 1615 * 1616 * @author Andy Webber <dokuwiki AT andywebber DOT com> 1617 */ 1618function editorinfo($username, $textonly = false) { 1619 return userlink($username, $textonly); 1620} 1621 1622/** 1623 * Returns users realname w/o link 1624 * 1625 * @param string|null $username or null when currently logged-in user should be used 1626 * @param bool $textonly true returns only plain text, true allows returning html 1627 * @return string html or plain text(not escaped) of formatted user name 1628 * 1629 * @triggers COMMON_USER_LINK 1630 */ 1631function userlink($username = null, $textonly = false) { 1632 global $conf, $INFO; 1633 /** @var AuthPlugin $auth */ 1634 global $auth; 1635 /** @var Input $INPUT */ 1636 global $INPUT; 1637 1638 // prepare initial event data 1639 $data = array( 1640 'username' => $username, // the unique user name 1641 'name' => '', 1642 'link' => array( //setting 'link' to false disables linking 1643 'target' => '', 1644 'pre' => '', 1645 'suf' => '', 1646 'style' => '', 1647 'more' => '', 1648 'url' => '', 1649 'title' => '', 1650 'class' => '' 1651 ), 1652 'userlink' => '', // formatted user name as will be returned 1653 'textonly' => $textonly 1654 ); 1655 if($username === null) { 1656 $data['username'] = $username = $INPUT->server->str('REMOTE_USER'); 1657 if($textonly){ 1658 $data['name'] = $INFO['userinfo']['name']. ' (' . $INPUT->server->str('REMOTE_USER') . ')'; 1659 }else { 1660 $data['name'] = '<bdi>' . hsc($INFO['userinfo']['name']) . '</bdi> '. 1661 '(<bdi>' . hsc($INPUT->server->str('REMOTE_USER')) . '</bdi>)'; 1662 } 1663 } 1664 1665 $evt = new Event('COMMON_USER_LINK', $data); 1666 if($evt->advise_before(true)) { 1667 if(empty($data['name'])) { 1668 if($auth) $info = $auth->getUserData($username); 1669 if($conf['showuseras'] != 'loginname' && isset($info) && $info) { 1670 switch($conf['showuseras']) { 1671 case 'username': 1672 case 'username_link': 1673 $data['name'] = $textonly ? $info['name'] : hsc($info['name']); 1674 break; 1675 case 'email': 1676 case 'email_link': 1677 $data['name'] = obfuscate($info['mail']); 1678 break; 1679 } 1680 } else { 1681 $data['name'] = $textonly ? $data['username'] : hsc($data['username']); 1682 } 1683 } 1684 1685 /** @var Doku_Renderer_xhtml $xhtml_renderer */ 1686 static $xhtml_renderer = null; 1687 1688 if(!$data['textonly'] && empty($data['link']['url'])) { 1689 1690 if(in_array($conf['showuseras'], array('email_link', 'username_link'))) { 1691 if(!isset($info)) { 1692 if($auth) $info = $auth->getUserData($username); 1693 } 1694 if(isset($info) && $info) { 1695 if($conf['showuseras'] == 'email_link') { 1696 $data['link']['url'] = 'mailto:' . obfuscate($info['mail']); 1697 } else { 1698 if(is_null($xhtml_renderer)) { 1699 $xhtml_renderer = p_get_renderer('xhtml'); 1700 } 1701 if(empty($xhtml_renderer->interwiki)) { 1702 $xhtml_renderer->interwiki = getInterwiki(); 1703 } 1704 $shortcut = 'user'; 1705 $exists = null; 1706 $data['link']['url'] = $xhtml_renderer->_resolveInterWiki($shortcut, $username, $exists); 1707 $data['link']['class'] .= ' interwiki iw_user'; 1708 if($exists !== null) { 1709 if($exists) { 1710 $data['link']['class'] .= ' wikilink1'; 1711 } else { 1712 $data['link']['class'] .= ' wikilink2'; 1713 $data['link']['rel'] = 'nofollow'; 1714 } 1715 } 1716 } 1717 } else { 1718 $data['textonly'] = true; 1719 } 1720 1721 } else { 1722 $data['textonly'] = true; 1723 } 1724 } 1725 1726 if($data['textonly']) { 1727 $data['userlink'] = $data['name']; 1728 } else { 1729 $data['link']['name'] = $data['name']; 1730 if(is_null($xhtml_renderer)) { 1731 $xhtml_renderer = p_get_renderer('xhtml'); 1732 } 1733 $data['userlink'] = $xhtml_renderer->_formatLink($data['link']); 1734 } 1735 } 1736 $evt->advise_after(); 1737 unset($evt); 1738 1739 return $data['userlink']; 1740} 1741 1742/** 1743 * Returns the path to a image file for the currently chosen license. 1744 * When no image exists, returns an empty string 1745 * 1746 * @author Andreas Gohr <andi@splitbrain.org> 1747 * 1748 * @param string $type - type of image 'badge' or 'button' 1749 * @return string 1750 */ 1751function license_img($type) { 1752 global $license; 1753 global $conf; 1754 if(!$conf['license']) return ''; 1755 if(!is_array($license[$conf['license']])) return ''; 1756 $try = array(); 1757 $try[] = 'lib/images/license/'.$type.'/'.$conf['license'].'.png'; 1758 $try[] = 'lib/images/license/'.$type.'/'.$conf['license'].'.gif'; 1759 if(substr($conf['license'], 0, 3) == 'cc-') { 1760 $try[] = 'lib/images/license/'.$type.'/cc.png'; 1761 } 1762 foreach($try as $src) { 1763 if(file_exists(DOKU_INC.$src)) return $src; 1764 } 1765 return ''; 1766} 1767 1768/** 1769 * Checks if the given amount of memory is available 1770 * 1771 * If the memory_get_usage() function is not available the 1772 * function just assumes $bytes of already allocated memory 1773 * 1774 * @author Filip Oscadal <webmaster@illusionsoftworks.cz> 1775 * @author Andreas Gohr <andi@splitbrain.org> 1776 * 1777 * @param int $mem Size of memory you want to allocate in bytes 1778 * @param int $bytes already allocated memory (see above) 1779 * @return bool 1780 */ 1781function is_mem_available($mem, $bytes = 1048576) { 1782 $limit = trim(ini_get('memory_limit')); 1783 if(empty($limit)) return true; // no limit set! 1784 if($limit == -1) return true; // unlimited 1785 1786 // parse limit to bytes 1787 $limit = php_to_byte($limit); 1788 1789 // get used memory if possible 1790 if(function_exists('memory_get_usage')) { 1791 $used = memory_get_usage(); 1792 } else { 1793 $used = $bytes; 1794 } 1795 1796 if($used + $mem > $limit) { 1797 return false; 1798 } 1799 1800 return true; 1801} 1802 1803/** 1804 * Send a HTTP redirect to the browser 1805 * 1806 * Works arround Microsoft IIS cookie sending bug. Exits the script. 1807 * 1808 * @link http://support.microsoft.com/kb/q176113/ 1809 * @author Andreas Gohr <andi@splitbrain.org> 1810 * 1811 * @param string $url url being directed to 1812 */ 1813function send_redirect($url) { 1814 $url = stripctl($url); // defend against HTTP Response Splitting 1815 1816 /* @var Input $INPUT */ 1817 global $INPUT; 1818 1819 //are there any undisplayed messages? keep them in session for display 1820 global $MSG; 1821 if(isset($MSG) && count($MSG) && !defined('NOSESSION')) { 1822 //reopen session, store data and close session again 1823 @session_start(); 1824 $_SESSION[DOKU_COOKIE]['msg'] = $MSG; 1825 } 1826 1827 // always close the session 1828 session_write_close(); 1829 1830 // check if running on IIS < 6 with CGI-PHP 1831 if($INPUT->server->has('SERVER_SOFTWARE') && $INPUT->server->has('GATEWAY_INTERFACE') && 1832 (strpos($INPUT->server->str('GATEWAY_INTERFACE'), 'CGI') !== false) && 1833 (preg_match('|^Microsoft-IIS/(\d)\.\d$|', trim($INPUT->server->str('SERVER_SOFTWARE')), $matches)) && 1834 $matches[1] < 6 1835 ) { 1836 header('Refresh: 0;url='.$url); 1837 } else { 1838 header('Location: '.$url); 1839 } 1840 1841 // no exits during unit tests 1842 if(defined('DOKU_UNITTEST')) { 1843 // pass info about the redirect back to the test suite 1844 $testRequest = TestRequest::getRunning(); 1845 if($testRequest !== null) { 1846 $testRequest->addData('send_redirect', $url); 1847 } 1848 return; 1849 } 1850 1851 exit; 1852} 1853 1854/** 1855 * Validate a value using a set of valid values 1856 * 1857 * This function checks whether a specified value is set and in the array 1858 * $valid_values. If not, the function returns a default value or, if no 1859 * default is specified, throws an exception. 1860 * 1861 * @param string $param The name of the parameter 1862 * @param array $valid_values A set of valid values; Optionally a default may 1863 * be marked by the key “default”. 1864 * @param array $array The array containing the value (typically $_POST 1865 * or $_GET) 1866 * @param string $exc The text of the raised exception 1867 * 1868 * @throws Exception 1869 * @return mixed 1870 * @author Adrian Lang <lang@cosmocode.de> 1871 */ 1872function valid_input_set($param, $valid_values, $array, $exc = '') { 1873 if(isset($array[$param]) && in_array($array[$param], $valid_values)) { 1874 return $array[$param]; 1875 } elseif(isset($valid_values['default'])) { 1876 return $valid_values['default']; 1877 } else { 1878 throw new Exception($exc); 1879 } 1880} 1881 1882/** 1883 * Read a preference from the DokuWiki cookie 1884 * (remembering both keys & values are urlencoded) 1885 * 1886 * @param string $pref preference key 1887 * @param mixed $default value returned when preference not found 1888 * @return string preference value 1889 */ 1890function get_doku_pref($pref, $default) { 1891 $enc_pref = urlencode($pref); 1892 if(isset($_COOKIE['DOKU_PREFS']) && strpos($_COOKIE['DOKU_PREFS'], $enc_pref) !== false) { 1893 $parts = explode('#', $_COOKIE['DOKU_PREFS']); 1894 $cnt = count($parts); 1895 1896 // due to #2721 there might be duplicate entries, 1897 // so we read from the end 1898 for($i = $cnt-2; $i >= 0; $i -= 2) { 1899 if($parts[$i] == $enc_pref) { 1900 return urldecode($parts[$i + 1]); 1901 } 1902 } 1903 } 1904 return $default; 1905} 1906 1907/** 1908 * Add a preference to the DokuWiki cookie 1909 * (remembering $_COOKIE['DOKU_PREFS'] is urlencoded) 1910 * Remove it by setting $val to false 1911 * 1912 * @param string $pref preference key 1913 * @param string $val preference value 1914 */ 1915function set_doku_pref($pref, $val) { 1916 global $conf; 1917 $orig = get_doku_pref($pref, false); 1918 $cookieVal = ''; 1919 1920 if($orig !== false && ($orig !== $val)) { 1921 $parts = explode('#', $_COOKIE['DOKU_PREFS']); 1922 $cnt = count($parts); 1923 // urlencode $pref for the comparison 1924 $enc_pref = rawurlencode($pref); 1925 $seen = false; 1926 for ($i = 0; $i < $cnt; $i += 2) { 1927 if ($parts[$i] == $enc_pref) { 1928 if (!$seen){ 1929 if ($val !== false) { 1930 $parts[$i + 1] = rawurlencode($val); 1931 } else { 1932 unset($parts[$i]); 1933 unset($parts[$i + 1]); 1934 } 1935 $seen = true; 1936 } else { 1937 // no break because we want to remove duplicate entries 1938 unset($parts[$i]); 1939 unset($parts[$i + 1]); 1940 } 1941 } 1942 } 1943 $cookieVal = implode('#', $parts); 1944 } else if ($orig === false && $val !== false) { 1945 $cookieVal = (isset($_COOKIE['DOKU_PREFS']) ? $_COOKIE['DOKU_PREFS'] . '#' : '') . 1946 rawurlencode($pref) . '#' . rawurlencode($val); 1947 } 1948 1949 $cookieDir = empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir']; 1950 if(defined('DOKU_UNITTEST')) { 1951 $_COOKIE['DOKU_PREFS'] = $cookieVal; 1952 }else{ 1953 setcookie('DOKU_PREFS', $cookieVal, time()+365*24*3600, $cookieDir, '', ($conf['securecookie'] && is_ssl())); 1954 } 1955} 1956 1957/** 1958 * Strips source mapping declarations from given text #601 1959 * 1960 * @param string &$text reference to the CSS or JavaScript code to clean 1961 */ 1962function stripsourcemaps(&$text){ 1963 $text = preg_replace('/^(\/\/|\/\*)[@#]\s+sourceMappingURL=.*?(\*\/)?$/im', '\\1\\2', $text); 1964} 1965 1966/** 1967 * Returns the contents of a given SVG file for embedding 1968 * 1969 * Inlining SVGs saves on HTTP requests and more importantly allows for styling them through 1970 * CSS. However it should used with small SVGs only. The $maxsize setting ensures only small 1971 * files are embedded. 1972 * 1973 * This strips unneeded headers, comments and newline. The result is not a vaild standalone SVG! 1974 * 1975 * @param string $file full path to the SVG file 1976 * @param int $maxsize maximum allowed size for the SVG to be embedded 1977 * @return string|false the SVG content, false if the file couldn't be loaded 1978 */ 1979function inlineSVG($file, $maxsize = 2048) { 1980 $file = trim($file); 1981 if($file === '') return false; 1982 if(!file_exists($file)) return false; 1983 if(filesize($file) > $maxsize) return false; 1984 if(!is_readable($file)) return false; 1985 $content = file_get_contents($file); 1986 $content = preg_replace('/<!--.*?(-->)/s','', $content); // comments 1987 $content = preg_replace('/<\?xml .*?\?>/i', '', $content); // xml header 1988 $content = preg_replace('/<!DOCTYPE .*?>/i', '', $content); // doc type 1989 $content = preg_replace('/>\s+</s', '><', $content); // newlines between tags 1990 $content = trim($content); 1991 if(substr($content, 0, 5) !== '<svg ') return false; 1992 return $content; 1993} 1994 1995//Setup VIM: ex: et ts=2 : 1996