Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

2247 lines
58 KiB

9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
10 years ago
4 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
10 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
5 years ago
9 years ago
9 years ago
10 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
10 years ago
9 years ago
9 years ago
10 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
10 years ago
10 years ago
10 years ago
  1. <?php
  2. use Friendica\App;
  3. require_once "include/template_processor.php";
  4. require_once "include/friendica_smarty.php";
  5. require_once "include/Smilies.php";
  6. require_once "include/map.php";
  7. require_once "mod/proxy.php";
  8. if (! function_exists('replace_macros')) {
  9. /**
  10. * This is our template processor
  11. *
  12. * @param string|FriendicaSmarty $s the string requiring macro substitution,
  13. * or an instance of FriendicaSmarty
  14. * @param array $r key value pairs (search => replace)
  15. * @return string substituted string
  16. */
  17. function replace_macros($s, $r) {
  18. $stamp1 = microtime(true);
  19. $a = get_app();
  20. // pass $baseurl to all templates
  21. $r['$baseurl'] = App::get_baseurl();
  22. $t = $a->template_engine();
  23. try {
  24. $output = $t->replace_macros($s, $r);
  25. } catch (Exception $e) {
  26. echo "<pre><b>" . __FUNCTION__ . "</b>: " . $e->getMessage() . "</pre>";
  27. killme();
  28. }
  29. $a->save_timestamp($stamp1, "rendering");
  30. return $output;
  31. }}
  32. // random string, there are 86 characters max in text mode, 128 for hex
  33. // output is urlsafe
  34. define('RANDOM_STRING_HEX', 0x00 );
  35. define('RANDOM_STRING_TEXT', 0x01 );
  36. if (! function_exists('random_string')) {
  37. function random_string($size = 64, $type = RANDOM_STRING_HEX) {
  38. // generate a bit of entropy and run it through the whirlpool
  39. $s = hash('whirlpool', (string) rand() . uniqid(rand(),true) . (string) rand(), (($type == RANDOM_STRING_TEXT) ? true : false));
  40. $s = (($type == RANDOM_STRING_TEXT) ? str_replace("\n", "", base64url_encode($s,true)) : $s);
  41. return(substr($s,0,$size));
  42. }}
  43. if (! function_exists('notags')) {
  44. /**
  45. * This is our primary input filter.
  46. *
  47. * The high bit hack only involved some old IE browser, forget which (IE5/Mac?)
  48. * that had an XSS attack vector due to stripping the high-bit on an 8-bit character
  49. * after cleansing, and angle chars with the high bit set could get through as markup.
  50. *
  51. * This is now disabled because it was interfering with some legitimate unicode sequences
  52. * and hopefully there aren't a lot of those browsers left.
  53. *
  54. * Use this on any text input where angle chars are not valid or permitted
  55. * They will be replaced with safer brackets. This may be filtered further
  56. * if these are not allowed either.
  57. *
  58. * @param string $string Input string
  59. * @return string Filtered string
  60. */
  61. function notags($string) {
  62. return str_replace(array("<", ">"), array('[', ']'), $string);
  63. // High-bit filter no longer used
  64. // return(str_replace(array("<",">","\xBA","\xBC","\xBE"), array('[',']','','',''), $string));
  65. }}
  66. if (! function_exists('escape_tags')) {
  67. /**
  68. * use this on "body" or "content" input where angle chars shouldn't be removed,
  69. * and allow them to be safely displayed.
  70. * @param string $string
  71. * @return string
  72. */
  73. function escape_tags($string) {
  74. return htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false);
  75. }}
  76. // generate a string that's random, but usually pronounceable.
  77. // used to generate initial passwords
  78. if (! function_exists('autoname')) {
  79. /**
  80. * generate a string that's random, but usually pronounceable.
  81. * used to generate initial passwords
  82. * @param int $len
  83. * @return string
  84. */
  85. function autoname($len) {
  86. if ($len <= 0) {
  87. return '';
  88. }
  89. $vowels = array('a','a','ai','au','e','e','e','ee','ea','i','ie','o','ou','u');
  90. if (mt_rand(0, 5) == 4) {
  91. $vowels[] = 'y';
  92. }
  93. $cons = array(
  94. 'b','bl','br',
  95. 'c','ch','cl','cr',
  96. 'd','dr',
  97. 'f','fl','fr',
  98. 'g','gh','gl','gr',
  99. 'h',
  100. 'j',
  101. 'k','kh','kl','kr',
  102. 'l',
  103. 'm',
  104. 'n',
  105. 'p','ph','pl','pr',
  106. 'qu',
  107. 'r','rh',
  108. 's','sc','sh','sm','sp','st',
  109. 't','th','tr',
  110. 'v',
  111. 'w','wh',
  112. 'x',
  113. 'z','zh'
  114. );
  115. $midcons = array('ck','ct','gn','ld','lf','lm','lt','mb','mm', 'mn','mp',
  116. 'nd','ng','nk','nt','rn','rp','rt');
  117. $noend = array('bl', 'br', 'cl','cr','dr','fl','fr','gl','gr',
  118. 'kh', 'kl','kr','mn','pl','pr','rh','tr','qu','wh');
  119. $start = mt_rand(0,2);
  120. if ($start == 0) {
  121. $table = $vowels;
  122. } else {
  123. $table = $cons;
  124. }
  125. $word = '';
  126. for ($x = 0; $x < $len; $x ++) {
  127. $r = mt_rand(0,count($table) - 1);
  128. $word .= $table[$r];
  129. if ($table == $vowels) {
  130. $table = array_merge($cons,$midcons);
  131. } else {
  132. $table = $vowels;
  133. }
  134. }
  135. $word = substr($word,0,$len);
  136. foreach ($noend as $noe) {
  137. if ((strlen($word) > 2) && (substr($word, -2) == $noe)) {
  138. $word = substr($word, 0, -1);
  139. break;
  140. }
  141. }
  142. if (substr($word, -1) == 'q') {
  143. $word = substr($word, 0, -1);
  144. }
  145. return $word;
  146. }}
  147. // escape text ($str) for XML transport
  148. // returns escaped text.
  149. if (! function_exists('xmlify')) {
  150. /**
  151. * escape text ($str) for XML transport
  152. * @param string $str
  153. * @return string Escaped text.
  154. */
  155. function xmlify($str) {
  156. /// @TODO deprecated code found?
  157. /* $buffer = '';
  158. $len = mb_strlen($str);
  159. for ($x = 0; $x < $len; $x ++) {
  160. $char = mb_substr($str,$x,1);
  161. switch( $char ) {
  162. case "\r" :
  163. break;
  164. case "&" :
  165. $buffer .= '&amp;';
  166. break;
  167. case "'" :
  168. $buffer .= '&apos;'<