1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
<?php
class Util
{
/**
* Displays an error message and stops script execution.
* If CONFIG_DEBUG is true, it will also dump a stack trace
* and all globally defined variables.
* (As this might reveal sensistive data you should never enable it in production)
*/
public static function traceError($message)
{
Header('Content-Type: text/plain; charset=utf-8');
echo "--------------------\nFlagrant system error:\n$message\n--------------------\n\n";
if (defined('CONFIG_DEBUG') && CONFIG_DEBUG) {
debug_print_backtrace();
echo "\n\n";
print_r($GLOBALS);
}
exit(0);
}
/**
* Redirects the user via a '302 Moved' header.
* An active session will be saved, any messages that haven't
* been displayed yet will be appended to the redirect.
*/
public static function redirect($location)
{
Session::save();
$messages = Message::toRequest();
if (!empty($messages)) {
if (strpos($location, '?') === false) {
$location .= '?' . $messages;
} else {
$location .= '&' . $messages;
}
}
Header('Location: ' . $location);
exit(0);
}
/**
* Verify the user's token that protects agains CSRF.
* If the user is logged in and there is no token variable set in
* the request, or the submitted token does not match the user's
* token, this function will return false and display an error.
* If the token matches, or the user is not logged in, it will return true.
*/
public static function verifyToken()
{
if (Session::get('token') === false) return true;
if (isset($_REQUEST['token']) && Session::get('token') === $_REQUEST['token']) return true;
Message::addError('token');
return false;
}
/**
* Simple markup "rendering":
* *word* is bold
* /word/ is italics
* _word_ is underlined
* \n is line break
*/
public static function markup($string)
{
$string = htmlspecialchars($string);
$string = preg_replace('#(^|[\n \-_/\.])\*(.+?)\*($|[ \-_/\.\!\?,])#is', '$1<b>$2</b>$3', $string);
$string = preg_replace('#(^|[\n \-\*/\.])_(.+?)_($|[ \-\*/\.\!\?,])#is', '$1<u>$2</u>$3', $string);
$string = preg_replace('#(^|[\n \-_\*\.])/(.+?)/($|[ \-_\*\.\!\?,])#is', '$1<i>$2</i>$3', $string);
return nl2br($string);
}
/**
* Download file, obey given timeout in seconds
* Return data on success, false on failure
*/
function download($url, $timeout, &$code) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, ceil($timeout / 2));
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$data = curl_exec($ch);
$data = explode("\r\n\r\n", $data, 2);
if (preg_match('#^HTTP/\d+\.\d+ (\d+) #', $data[0], $out)) {
$code = (int)$out[1];
} else {
$code = 999;
}
curl_close($ch);
if (count($data) < 2) return '';
return $data[1];
}
}
|
