keith/friendica
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #7730 from annando/tabs

Browse source 
Strings.php: Spaces are transformed to Tabs
This commit is contained in:
Philipp 2019-10-12 20:26:16 +02:00 committed by GitHub
commit e176f010ec
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 343 additions and 345 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

686
src/Util/Strings.php
View file

@ -14,397 +14,395 @@ use Friendica\Core\Logger;
*/ */
class Strings class Strings
{ {
/** /**
* @brief Generates a pseudo-random string of hexadecimal characters * @brief Generates a pseudo-random string of hexadecimal characters
* *
* @param int $size * @param int $size
* @return string * @return string
* @throws \Exception * @throws \Exception
*/ */
public static function getRandomHex($size = 64) public static function getRandomHex($size = 64)
{ {
$byte_size = ceil($size / 2); $byte_size = ceil($size / 2);
$bytes = random_bytes($byte_size); $bytes = random_bytes($byte_size);
$return = substr(bin2hex($bytes), 0, $size); $return = substr(bin2hex($bytes), 0, $size);
return $return; return $return;
} }
/** /**
* Checks, if the given string is a valid hexadecimal code * Checks, if the given string is a valid hexadecimal code
* *
* @param string $hexCode * @param string $hexCode
* *
* @return bool * @return bool
*/ */
public static function isHex($hexCode) public static function isHex($hexCode)
{ {
return !empty($hexCode) ? @preg_match("/^[a-f0-9]{2,}$/i", $hexCode) && !(strlen($hexCode) & 1) : false; return !empty($hexCode) ? @preg_match("/^[a-f0-9]{2,}$/i", $hexCode) && !(strlen($hexCode) & 1) : false;
} }
/** /**
* @brief This is our primary input filter. * @brief This is our primary input filter.
* *
* Use this on any text input where angle chars are not valid or permitted * Use this on any text input where angle chars are not valid or permitted
* They will be replaced with safer brackets. This may be filtered further * They will be replaced with safer brackets. This may be filtered further
* if these are not allowed either. * if these are not allowed either.
* *
* @param string $string Input string * @param string $string Input string
* @return string Filtered string * @return string Filtered string
*/ */
public static function escapeTags($string) public static function escapeTags($string)
{ {
return str_replace(["<", ">"], ['[', ']'], $string); return str_replace(["<", ">"], ['[', ']'], $string);
} }
/** /**
* @brief Use this on "body" or "content" input where angle chars shouldn't be removed, * @brief Use this on "body" or "content" input where angle chars shouldn't be removed,
* and allow them to be safely displayed. * and allow them to be safely displayed.
* @param string $string * @param string $string
* *
* @return string * @return string
*/ */
public static function escapeHtml($string) public static function escapeHtml($string)
{ {
return htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false); return htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false);
} }
/** /**
* @brief Generate a string that's random, but usually pronounceable. Used to generate initial passwords * @brief Generate a string that's random, but usually pronounceable. Used to generate initial passwords
* *
* @param int $len length * @param int $len length
* *
* @return string * @return string
*/ */
public static function getRandomName($len) public static function getRandomName($len)
{ {
if ($len <= 0) { if ($len <= 0) {
return ''; return '';
} }
$vowels = ['a', 'a', 'ai', 'au', 'e', 'e', 'e', 'ee', 'ea', 'i', 'ie', 'o', 'ou', 'u']; $vowels = ['a', 'a', 'ai', 'au', 'e', 'e', 'e', 'ee', 'ea', 'i', 'ie', 'o', 'ou', 'u'];
if (mt_rand(0, 5) == 4) { if (mt_rand(0, 5) == 4) {
$vowels[] = 'y'; $vowels[] = 'y';
} }
$cons = [ $cons = [
'b', 'bl', 'br', 'b', 'bl', 'br',
'c', 'ch', 'cl', 'cr', 'c', 'ch', 'cl', 'cr',
'd', 'dr', 'd', 'dr',
'f', 'fl', 'fr', 'f', 'fl', 'fr',
'g', 'gh', 'gl', 'gr', 'g', 'gh', 'gl', 'gr',
'h', 'h',
'j', 'j',
'k', 'kh', 'kl', 'kr', 'k', 'kh', 'kl', 'kr',
'l', 'l',
'm', 'm',
'n', 'n',
'p', 'ph', 'pl', 'pr', 'p', 'ph', 'pl', 'pr',
'qu', 'qu',
'r', 'rh', 'r', 'rh',
's', 'sc', 'sh', 'sm', 'sp', 'st', 's', 'sc', 'sh', 'sm', 'sp', 'st',
't', 'th', 'tr', 't', 'th', 'tr',
'v', 'v',
'w', 'wh', 'w', 'wh',
'x', 'x',
'z', 'zh' 'z', 'zh'
]; ];
$midcons = [ $midcons = [
'ck', 'ct', 'gn', 'ld', 'lf', 'lm', 'lt', 'mb', 'mm', 'mn', 'mp', 'ck', 'ct', 'gn', 'ld', 'lf', 'lm', 'lt', 'mb', 'mm', 'mn', 'mp',
'nd', 'ng', 'nk', 'nt', 'rn', 'rp', 'rt' 'nd', 'ng', 'nk', 'nt', 'rn', 'rp', 'rt'
]; ];
$noend = [ $noend = [
'bl', 'br', 'cl', 'cr', 'dr', 'fl', 'fr', 'gl', 'gr', 'bl', 'br', 'cl', 'cr', 'dr', 'fl', 'fr', 'gl', 'gr',
'kh', 'kl', 'kr', 'mn', 'pl', 'pr', 'rh', 'tr', 'qu', 'wh', 'q' 'kh', 'kl', 'kr', 'mn', 'pl', 'pr', 'rh', 'tr', 'qu', 'wh', 'q'
]; ];
$start = mt_rand(0, 2); $start = mt_rand(0, 2);
if ($start == 0) { if ($start == 0) {
$table = $vowels; $table = $vowels;
} else { } else {
$table = $cons; $table = $cons;
} }
$word = ''; $word = '';
for ($x = 0; $x < $len; $x++) { for ($x = 0; $x < $len; $x++) {
$r = mt_rand(0, count($table) - 1); $r = mt_rand(0, count($table) - 1);
$word .= $table[$r]; $word .= $table[$r];
if ($table == $vowels) { if ($table == $vowels) {
$table = array_merge($cons, $midcons); $table = array_merge($cons, $midcons);
} else { } else {
$table = $vowels; $table = $vowels;
} }
} }
$word = substr($word, 0, $len); $word = substr($word, 0, $len);
foreach ($noend as $noe) { foreach ($noend as $noe) {
$noelen = strlen($noe); $noelen = strlen($noe);
if ((strlen($word) > $noelen) && (substr($word, -$noelen) == $noe)) { if ((strlen($word) > $noelen) && (substr($word, -$noelen) == $noe)) {
$word = self::getRandomName($len); $word = self::getRandomName($len);
break; break;
} }
} }
return $word; return $word;
} }
/** /**
* Translate and format the network name of a contact * Translate and format the network name of a contact
* *
* @param string $network Network name of the contact (e.g. dfrn, rss and so on) * @param string $network Network name of the contact (e.g. dfrn, rss and so on)
* @param string $url The contact url * @param string $url The contact url
* *
* @return string Formatted network name * @return string Formatted network name
* @throws \Friendica\Network\HTTPException\InternalServerErrorException * @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/ */
public static function formatNetworkName($network, $url = '') public static function formatNetworkName($network, $url = '')
{ {
if ($network != '') { if ($network != '') {
if ($url != '') { if ($url != '') {
$network_name = '<a href="' . $url . '">' . ContactSelector::networkToName($network, $url) . '</a>'; $network_name = '<a href="' . $url . '">' . ContactSelector::networkToName($network, $url) . '</a>';
} else { } else {
$network_name = ContactSelector::networkToName($network); $network_name = ContactSelector::networkToName($network);
} }
return $network_name; return $network_name;
} }
} }
/** /**
* @brief Remove indentation from a text * @brief Remove indentation from a text
* *
* @param string $text String to be transformed. * @param string $text String to be transformed.
* @param string $chr Optional. Indentation tag. Default tab (\t). * @param string $chr Optional. Indentation tag. Default tab (\t).
* @param int $count Optional. Default null. * @param int $count Optional. Default null.
* *
* @return string Transformed string. * @return string Transformed string.
*/ */
public static function deindent($text, $chr = "[\t ]", $count = NULL) public static function deindent($text, $chr = "[\t ]", $count = NULL)
{ {
$lines = explode("\n", $text); $lines = explode("\n", $text);
if (is_null($count)) { if (is_null($count)) {
$m = []; $m = [];
$k = 0; $k = 0;
while ($k < count($lines) && strlen($lines[$k]) == 0) { while ($k < count($lines) && strlen($lines[$k]) == 0) {
$k++; $k++;
} }
preg_match("|^" . $chr . "*|", $lines[$k], $m); preg_match("|^" . $chr . "*|", $lines[$k], $m);
$count = strlen($m[0]); $count = strlen($m[0]);
} }
for ($k = 0; $k < count($lines); $k++) { for ($k = 0; $k < count($lines); $k++) {
$lines[$k] = preg_replace("|^" . $chr . "{" . $count . "}|", "", $lines[$k]); $lines[$k] = preg_replace("|^" . $chr . "{" . $count . "}|", "", $lines[$k]);
} }
return implode("\n", $lines); return implode("\n", $lines);
} }
/** /**
* @brief Get byte size returned in a Data Measurement (KB, MB, GB) * @brief Get byte size returned in a Data Measurement (KB, MB, GB)
* *
* @param int $bytes The number of bytes to be measured * @param int $bytes The number of bytes to be measured
* @param int $precision Optional. Default 2. * @param int $precision Optional. Default 2.
* *
* @return string Size with measured units. * @return string Size with measured units.
*/ */
public static function formatBytes($bytes, $precision = 2) public static function formatBytes($bytes, $precision = 2)
{ {
$units = ['B', 'KB', 'MB', 'GB', 'TB']; $units = ['B', 'KB', 'MB', 'GB', 'TB'];
$bytes = max($bytes, 0); $bytes = max($bytes, 0);
$pow = floor(($bytes ? log($bytes) : 0) / log(1024)); $pow = floor(($bytes ? log($bytes) : 0) / log(1024));
$pow = min($pow, count($units) - 1); $pow = min($pow, count($units) - 1);
$bytes /= pow(1024, $pow); $bytes /= pow(1024, $pow);
return round($bytes, $precision) . ' ' . $units[$pow]; return round($bytes, $precision) . ' ' . $units[$pow];
} }
/** /**
* @brief Protect percent characters in sprintf calls * @brief Protect percent characters in sprintf calls
* *
* @param string $s String to transform. * @param string $s String to transform.
* *
* @return string Transformed string. * @return string Transformed string.
*/ */
public static function protectSprintf($s) public static function protectSprintf($s)
{ {
return str_replace('%', '%%', $s); return str_replace('%', '%%', $s);
} }
/** /**
* @brief Base64 Encode URL and translate +/ to -_ Optionally strip padding. * @brief Base64 Encode URL and translate +/ to -_ Optionally strip padding.
* *
* @param string $s URL to encode * @param string $s URL to encode
* @param boolean $strip_padding Optional. Default false * @param boolean $strip_padding Optional. Default false
* *
* @return string Encoded URL * @return string Encoded URL
*/ */
public static function base64UrlEncode($s, $strip_padding = false) public static function base64UrlEncode($s, $strip_padding = false)
{ {
$s = strtr(base64_encode($s), '+/', '-_'); $s = strtr(base64_encode($s), '+/', '-_');
if ($strip_padding) { if ($strip_padding) {
$s = str_replace('=', '', $s); $s = str_replace('=', '', $s);
} }
return $s; return $s;
} }
/** /**
* @brief Decode Base64 Encoded URL and translate -_ to +/ * @brief Decode Base64 Encoded URL and translate -_ to +/
* @param string $s URL to decode * @param string $s URL to decode
* *
* @return string Decoded URL * @return string Decoded URL
* @throws \Exception * @throws \Exception
*/ */
public static function base64UrlDecode($s) public static function base64UrlDecode($s)
{ {
if (is_array($s)) { if (is_array($s)) {
Logger::log('base64url_decode: illegal input: ' . print_r(debug_backtrace(), true)); Logger::log('base64url_decode: illegal input: ' . print_r(debug_backtrace(), true));
return $s; return $s;
} }
/* /*
* // Placeholder for new rev of salmon which strips base64 padding. * // Placeholder for new rev of salmon which strips base64 padding.
* // PHP base64_decode handles the un-padded input without requiring this step * // PHP base64_decode handles the un-padded input without requiring this step
* // Uncomment if you find you need it. * // Uncomment if you find you need it.
* *
* $l = strlen($s); * $l = strlen($s);
* if (!strpos($s,'=')) { * if (!strpos($s,'=')) {
* $m = $l % 4; * $m = $l % 4;
* if ($m == 2) * if ($m == 2)
* $s .= '=='; * $s .= '==';
* if ($m == 3) * if ($m == 3)
* $s .= '='; * $s .= '=';
* } * }
* *
*/ */
return base64_decode(strtr($s, '-_', '+/')); return base64_decode(strtr($s, '-_', '+/'));
} }
/** /**
* @brief Normalize url * @brief Normalize url
* *
* @param string $url URL to be normalized. * @param string $url URL to be normalized.
* *
* @return string Normalized URL. * @return string Normalized URL.
*/ */
public static function normaliseLink($url) public static function normaliseLink($url)
{ {
$ret = str_replace(['https:', '//www.'], ['http:', '//'], $url); $ret = str_replace(['https:', '//www.'], ['http:', '//'], $url);
return rtrim($ret, '/'); return rtrim($ret, '/');
} }
/** /**
* @brief Normalize OpenID identity * @brief Normalize OpenID identity
* *
* @param string $s OpenID Identity * @param string $s OpenID Identity
* *
* @return string normalized OpenId Identity * @return string normalized OpenId Identity
*/ */
public static function normaliseOpenID($s) public static function normaliseOpenID($s)
{ {
return trim(str_replace(['http://', 'https://'], ['', ''], $s), '/'); return trim(str_replace(['http://', 'https://'], ['', ''], $s), '/');
} }
/** /**
* @brief Compare two URLs to see if they are the same, but ignore * @brief Compare two URLs to see if they are the same, but ignore
* slight but hopefully insignificant differences such as if one * slight but hopefully insignificant differences such as if one
* is https and the other isn't, or if one is www.something and * is https and the other isn't, or if one is www.something and
* the other isn't - and also ignore case differences. * the other isn't - and also ignore case differences.
* *
* @param string $a first url * @param string $a first url
* @param string $b second url * @param string $b second url
* @return boolean True if the URLs match, otherwise False * @return boolean True if the URLs match, otherwise False
* *
*/ */
public static function compareLink($a, $b) public static function compareLink($a, $b)
{ {
return (strcasecmp(self::normaliseLink($a), self::normaliseLink($b)) === 0); return (strcasecmp(self::normaliseLink($a), self::normaliseLink($b)) === 0);
} }
/**
* Ensures the provided URI has its query string punctuation in order.
*
* @param string $uri
* @return string
*/
public static function ensureQueryParameter($uri)
{
if (strpos($uri, '?') === false && ($pos = strpos($uri, '&')) !== false) {
$uri = substr($uri, 0, $pos) . '?' . substr($uri, $pos + 1);
}
/** return $uri;
* Ensures the provided URI has its query string punctuation in order. }
*
* @param string $uri
* @return string
*/
public static function ensureQueryParameter($uri)
{
if (strpos($uri, '?') === false && ($pos = strpos($uri, '&')) !== false) {
$uri = substr($uri, 0, $pos) . '?' . substr($uri, $pos + 1);
}
return $uri; /**
} * Check if the trimmed provided string is starting with one of the provided characters
*
* @param string $string
* @param array $chars
* @return bool
*/
public static function startsWith($string, array $chars)
{
$return = in_array(substr(trim($string), 0, 1), $chars);
return $return;
}
/** /**
* Check if the trimmed provided string is starting with one of the provided characters * Returns the regular expression string to match URLs in a given text
* *
* @param string $string * @return string
* @param array $chars * @see https://daringfireball.net/2010/07/improved_regex_for_matching_urls
* @return bool */
*/ public static function autoLinkRegEx()
public static function startsWith($string, array $chars) {
{ return '@
$return = in_array(substr(trim($string), 0, 1), $chars); (?<![=\'\]"/]) # Not preceded by [, =, \', ], ", /
return $return;
}
/**
* Returns the regular expression string to match URLs in a given text
*
* @return string
* @see https://daringfireball.net/2010/07/improved_regex_for_matching_urls
*/
public static function autoLinkRegEx()
{
return '@
(?<![=\'\]"/]) # Not preceded by [, =, \', ], ", /
\b \b
( # Capture 1: entire matched URL ( # Capture 1: entire matched URL
https?:// # http or https protocol https?:// # http or https protocol
(?: (?:
[^/\s\xA0`!()\[\]{};:\'",<>?«»“”‘’.] # Domain can\'t start with a . [^/\s\xA0`!()\[\]{};:\'",<>?«»“”‘’.] # Domain can\'t start with a .
[^/\s\xA0`!()\[\]{};:\'",<>?«»“”‘’]+ # Domain can\'t end with a . [^/\s\xA0`!()\[\]{};:\'",<>?«»“”‘’]+ # Domain can\'t end with a .
\. \.
[^/\s\xA0`!()\[\]{};:\'".,<>?«»“”‘’]+/? # Followed by a slash [^/\s\xA0`!()\[\]{};:\'".,<>?«»“”‘’]+/? # Followed by a slash
) )
(?: # One or more: (?: # One or more:
[^\s\xA0()<>]+ # Run of non-space, non-()<> [^\s\xA0()<>]+ # Run of non-space, non-()<>
| # or | # or
\(([^\s\xA0()<>]+|(\([^\s()<>]+\)))*\) # balanced parens, up to 2 levels \(([^\s\xA0()<>]+|(\([^\s()<>]+\)))*\) # balanced parens, up to 2 levels
| # or | # or
[^\s\xA0`!()\[\]{};:\'".,<>?«»“”‘’] # not a space or one of these punct chars [^\s\xA0`!()\[\]{};:\'".,<>?«»“”‘’] # not a space or one of these punct chars
)* )*
)@xiu'; )@xiu';
} }
/** /**
* Ensures a single path item doesn't contain any path-traversing characters * Ensures a single path item doesn't contain any path-traversing characters
* *
* @see https://stackoverflow.com/a/46097713 * @see https://stackoverflow.com/a/46097713
* @param string $pathItem * @param string $pathItem
* @return string * @return string
*/ */
public static function sanitizeFilePathItem($pathItem) public static function sanitizeFilePathItem($pathItem)
{ {
$pathItem = str_replace('/', '_', $pathItem); $pathItem = str_replace('/', '_', $pathItem);
$pathItem = str_replace('\\', '_', $pathItem); $pathItem = str_replace('\\', '_', $pathItem);
$pathItem = str_replace(DIRECTORY_SEPARATOR, '_', $pathItem); // In case it does not equal the standard values $pathItem = str_replace(DIRECTORY_SEPARATOR, '_', $pathItem); // In case it does not equal the standard values
return $pathItem; return $pathItem;
} }
} }

2
tests/src/Util/StringsTest.php
View file

@ -78,7 +78,7 @@ class StringsTest extends TestCase
$this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring); $this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring);
$this->assertEquals( $this->assertEquals(
'&lt;submit type&equals;&quot;button&quot; onclick&equals;&quot;alert&lpar;&apos;failed&excl;&apos;&rpar;&semi;&quot; &sol;&gt;', "&lt;submit type=&quot;button&quot; onclick=&quot;alert('failed!');&quot; /&gt;",
$escapedString $escapedString
); );
} }