WebSVN – oidplus – Blame – /trunk/includes/functions.inc.php

Rev	Author	Line No.	Line
2	daniel-mar	1	<?php
		2
		3	/*
		4	* OIDplus 2.0
		5	* Copyright 2019 Daniel Marschall, ViaThinkSoft
		6	*
		7	* Licensed under the Apache License, Version 2.0 (the "License");
		8	* you may not use this file except in compliance with the License.
		9	* You may obtain a copy of the License at
		10	*
		11	* http://www.apache.org/licenses/LICENSE-2.0
		12	*
		13	* Unless required by applicable law or agreed to in writing, software
		14	* distributed under the License is distributed on an "AS IS" BASIS,
		15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		16	* See the License for the specific language governing permissions and
		17	* limitations under the License.
		18	*/
		19
104	daniel-mar	20	function oidplus_valid_email($email) {
2	daniel-mar	21	return !empty(filter_var($email, FILTER_VALIDATE_EMAIL));
		22	}
		23
107	daniel-mar	24	function oidplus_link($goto) {
		25	return 'href="?goto='.urlencode($goto).'" onclick="openOidInPanel('.js_escape($goto).', true); return false;"';
		26	}
		27
2	daniel-mar	28	function secure_email($email, $linktext, $level=1) {
		29
		30	// see http://www.spamspan.de/
		31
		32	/* Level 1 */
		33	/*
		34	<span class="spamspan">
		35	<span class="u">user</span>
		36	@
		37	<span class="d">beispiel.de</span>
		38	(<span class="t">Spam Hasser</span>)
		39	</span>
		40	*/
		41
		42	if ($level == 1) {
104	daniel-mar	43	@list($user, $domain) = explode('@', $email);
2	daniel-mar	44	if (($linktext == $email) \|\| empty($linktext)) {
		45	return '<span class="spamspan"><span class="u">'.htmlentities($user).'</span>@<span class="d">'.htmlentities($domain).'</span></span>';
		46	} else {
		47	return '<span class="spamspan"><span class="u">'.htmlentities($user).'</span>@<span class="d">'.htmlentities($domain).'</span>(<span class="t">'.htmlentities($linktext).'</span>)</span>';
		48	}
		49	}
		50
		51	/* Level 2 */
		52	/*
		53	<span class="spamspan">
		54	<span class="u">user</span>
		55	<img alt="at" width="10" src="@.png">
		56	<span class="d">beispiel.de</span>
		57	</span>
		58	*/
		59
		60	if ($level == 2) {
		61	list($user, $domain) = explode('@', $email);
		62	return '<span class="spamspan"><span class="u">'.htmlentities($user).'</span><img alt="at" width="10" src="@.png"><span class="d">'.htmlentities($domain).'</span></span>';
		63	}
		64
		65	/* Level 3 */
		66	/*
		67	<span class="spamspan">
		68	<span class="u">user</span>
		69	[at]
		70	<span class="d">beispiel [dot] de</span>
		71	</span>
		72	*/
		73
		74	if ($level == 3) {
		75	list($user, $domain) = explode('@', $email);
		76	$domain = str_replace('.', ' [dot] ', $domain);
		77	return '<span class="spamspan"><span class="u">'.htmlentities($user).'</span> [at] <span class="d">'.htmlentities($domain).'</span></span>';
		78	}
		79
		80	return null;
		81
		82
		83	// --- Old code ---
		84
		85	// Attention: document.write() JavaScript will damage the browser cache, which leads to bugs if you navigate back&forth with the browser navigation
		86
		87	// No new lines to avoid a JavaScript error!
		88	$linktext = str_replace("\r", ' ', $linktext);
		89	$linktext = str_replace("\n", ' ', $linktext);
		90
		91	if (!function_exists('alas_js_crypt'))
		92	{
		93	function alas_js_crypt($text)
		94	{
		95	$tmp = '';
		96	for ($i=0; $i<strlen($text); $i++)
		97	{
		98	$tmp .= 'document.write("&#'.ord(substr($text, $i, 1)).';");';
		99	}
		100	return $tmp;
		101	}
		102	}
		103
		104	if (!function_exists('alas_js_write'))
		105	{
		106	function alas_js_write($text)
		107	{
		108	$text = str_replace('\\', '\\\\', $text);
		109	$text = str_replace('"', '\"', $text);
		110	$text = str_replace('/', '\/', $text); // W3C Validation </a> -> <\/a>
		111	return 'document.write("'.$text.'");';
		112	}
		113	}
		114
		115	$aus = '';
		116	if ($email != '')
		117	{
		118	$aus .= '<script><!--'."\n"; // type="text/javascript" is not necessary in HTML5
		119	$aus .= alas_js_write('<a href="');
		120	$aus .= alas_js_crypt('mailto:'.$email);
		121	$aus .= alas_js_write('">');
		122	$aus .= $crypt_linktext ? alas_js_crypt($linktext) : alas_js_write($linktext);
		123	$aus .= alas_js_write('</a>').'// --></script>';
		124	}
		125
		126	if ($crypt_linktext) $linktext = str_replace('@', '&', $linktext);
		127	$email = str_replace('@', '&', $email);
		128	return $aus.'<noscript>'.htmlentities($linktext).' ('.htmlentities($email).')</noscript>';
		129	}
		130
		131	function insertWhitespace($str, $index) {
		132	return substr($str, 0, $index) . ' ' . substr($str, $index);
		133	}
		134
		135	function js_escape($data) {
		136	// TODO.... json_encode??
		137	return "'" . str_replace('\\', '\\\\', $data) . "'";
		138	}
		139
104	daniel-mar	140	function oidplus_formatdate($date) {
2	daniel-mar	141	$date = explode(' ', $date)[0];
		142	if ($date == '0000-00-00') $date = '';
		143	return $date;
		144	}
		145
		146
		147	class MailException extends Exception {}
		148
		149	function my_mail($to, $title, $msg, $cc='', $bcc='') {
6	daniel-mar	150	$h = new SecureMailer();
2	daniel-mar	151
6	daniel-mar	152	$title = $title;
2	daniel-mar	153
76	daniel-mar	154	$h->addHeader('From', OIDplus::config()->getValue('admin_email'));
2	daniel-mar	155
		156	if (!empty($cc)) $h->addHeader('Cc', $cc);
		157	if (!empty($bcc)) $h->addHeader('Bcc', $bcc);
		158
6	daniel-mar	159	$h->addHeader('X-Mailer', 'PHP/'.phpversion());
		160	if (isset($_SERVER['REMOTE_ADDR'])) $h->addHeader('X-RemoteAddr', $_SERVER['REMOTE_ADDR']);
121	daniel-mar	161	$h->addHeader('MIME-Version', '1.0');
		162	$h->addHeader('Content-Type', 'text/plain; charset=ISO-8859-1');
2	daniel-mar	163
6	daniel-mar	164	$sent = $h->sendMail($to, $title, $msg);
		165	if (!$sent) {
		166	throw new MailException('Sending mail failed');
		167	}
11	daniel-mar	168	}
		169
		170	function trim_br($html) {
		171	do { $html = preg_replace('@^\s<\sbr\s/{0,1}\s>@isU', '', $html, -1, $count); } while ($count > 0); // left trim
		172	do { $html = preg_replace('@<\sbr\s/{0,1}\s>\s$@isU', '', $html, -1, $count); } while ($count > 0); // right trim
		173	return $html;
		174	}
74	daniel-mar	175
		176	function verify_private_public_key($privKey, $pubKey) {
		177	try {
		178	if (empty($privKey)) return false;
		179	if (empty($pubKey)) return false;
		180	$data = 'TEST';
		181	if (!@openssl_public_encrypt($data, $encrypted, $pubKey)) return false;
		182	if (!@openssl_private_decrypt($encrypted, $decrypted, $privKey)) return false;
		183	return $decrypted == $data;
		184	} catch (Exception $e) {
		185	return false;
		186	}
		187	}
		188
		189	function smallhash($data) { // get 31 bits from SHA1. Values 0..2147483647
		190	return (hexdec(substr(sha1($data),-4*2)) & 2147483647);
		191	}
180	daniel-mar	192
182	daniel-mar	193	function split_firstname_lastname($name) {
		194	$ary = explode(' ', $name);
		195	$last_name = array_pop($ary);
		196	$first_name = implode(' ', $ary);
		197	return array($first_name, $last_name);
		198	}
		199
180	daniel-mar	200	function originHeaders() {
		201	// CORS
		202	// Author: Till Wehowski
182	daniel-mar	203
180	daniel-mar	204	header("Access-Control-Allow-Credentials: true");
		205	header("Access-Control-Allow-Origin: ".strip_tags(((isset($_SERVER['HTTP_ORIGIN'])) ? $_SERVER['HTTP_ORIGIN'] : "*")));
		206
		207	header("Access-Control-Allow-Headers: If-None-Match, X-Requested-With, Origin, X-Frdlweb-Bugs, Etag, X-Forgery-Protection-Token, X-CSRF-Token");
		208
		209	if (isset($_SERVER['HTTP_ORIGIN'])) {
		210	header('X-Frame-Options: ALLOW-FROM '.$_SERVER['HTTP_ORIGIN']);
		211	} else {
		212	header_remove("X-Frame-Options");
		213	}
		214
		215	$expose = array('Etag', 'X-CSRF-Token');
		216	foreach (headers_list() as $num => $header) {
		217	$h = explode(':', $header);
		218	$expose[] = trim($h[0]);
		219	}
		220	header("Access-Control-Expose-Headers: ".implode(',',$expose));
		221
		222	header("Vary: Origin");
		223	}

Subversion Repositories oidplus

oidplus/trunk/includes/functions.inc.php @ 1295 – Rev 182