Andrew's Web Libraries (AWL)
AWLUtilities.php
1 <?php
13 if ( !function_exists('dbg_error_log') ) {
29  function dbg_error_log() {
30  global $c, $session;
31  $args = func_get_args();
32  $type = "DBG";
33  $component = array_shift($args);
34  if ( substr( $component, 0, 3) == "LOG" ) {
35  // Special escape case for stuff that always gets logged.
36  $type = 'LOG';
37  $component = substr($component,4);
38  }
39  else if ( $component == "ERROR" ) {
40  $type = "***";
41  }
42  else if ( isset($c->dbg["ALL"]) ) {
43  $type = "ALL";
44  }
45  else if ( !isset($c->dbg[strtolower($component)]) ) return;
46 
47  /* ignore noisy components by setting $c->dbg['foo'] = 0; */
48  if ( isset($c->dbg[strtolower($component)]) && $c->dbg[strtolower($component)] === 0 ) return;
49 
50  /* filter by remote IP or logged-in user */
51  if ( isset($c->dbg_filter["remoteIP"]) && !in_array($_SERVER['REMOTE_ADDR'], $c->dbg_filter["remoteIP"]) ) return;
52  if ( isset($c->dbg_filter["authenticatedUser"]) ) {
53  if ( !isset($session->username) ) return;
54  if ( !in_array($session->username, $c->dbg_filter["authenticatedUser"]) ) return;
55  }
56 
57  $argc = func_num_args();
58  if ( 2 <= $argc ) {
59  $format = array_shift($args);
60  }
61  else {
62  $format = "%s";
63  }
64  @error_log( $c->sysabbr.": $type: $component:". vsprintf( $format, $args ) );
65  }
66 }
67 
68 
69 if ( !function_exists('fatal') ) {
70  function fatal() {
71  global $c;
72  $args = func_get_args();
73  $argc = func_num_args();
74  if ( 2 <= $argc ) {
75  $format = array_shift($args);
76  }
77  else {
78  $format = "%s";
79  }
80  @error_log( $c->sysabbr.": FATAL: $component:". vsprintf( $format, $args ) );
81 
82  @error_log( "================= Stack Trace ===================" );
83 
84  $trace = array_reverse(debug_backtrace());
85  array_pop($trace);
86  foreach( $trace AS $k => $v ) {
87  @error_log( sprintf(" ===> %s[%d] calls %s%s%s()",
88  $v['file'],
89  $v['line'],
90  (isset($v['class'])?$v['class']:''),
91  (isset($v['type'])?$v['type']:''),
92  (isset($v['function'])?$v['function']:'')
93  ));
94  }
95  echo "Fatal Error";
96  exit();
97  }
98 }
99 
100 
101 if ( !function_exists('trace_bug') ) {
105  function trace_bug() {
106  global $c;
107  $args = func_get_args();
108  $argc = func_num_args();
109  if ( 2 <= $argc ) {
110  $format = array_shift($args);
111  }
112  else {
113  $format = "%s";
114  }
115  @error_log( $c->sysabbr.": BUG: $component:". vsprintf( $format, $args ) );
116 
117  @error_log( "================= Stack Trace ===================" );
118 
119  $trace = array_reverse(debug_backtrace());
120  array_pop($trace);
121  foreach( $trace AS $k => $v ) {
122  @error_log( sprintf(" ===> %s[%d] calls %s%s%s()",
123  $v['file'],
124  $v['line'],
125  (isset($v['class'])?$v['class']:''),
126  (isset($v['type'])?$v['type']:''),
127  (isset($v['function'])?$v['function']:'')
128  ));
129  }
130  }
131 }
132 
133 
134 if ( !function_exists('apache_request_headers') ) {
139  eval('
140  function apache_request_headers() {
141  foreach($_SERVER as $key=>$value) {
142  if (substr($key,0,5)=="HTTP_") {
143  $key=str_replace(" ","-",ucwords(strtolower(str_replace("_"," ",substr($key,5)))));
144  $out[$key]=$value;
145  }
146  }
147  return $out;
148  }
149  ');
150 }
151 
152 
153 
154 if ( !function_exists('dbg_log_array') ) {
163  function dbg_log_array( $component, $name, $arr, $recursive = false ) {
164  if ( !isset($arr) || (gettype($arr) != 'array' && gettype($arr) != 'object') ) {
165  dbg_error_log( $component, "%s: array is not set, or is not an array!", $name);
166  return;
167  }
168  foreach ($arr as $key => $value) {
169  dbg_error_log( $component, "%s: >>%s<< = >>%s<<", $name, $key,
170  (gettype($value) == 'array' || gettype($value) == 'object' ? gettype($value) : $value) );
171  if ( $recursive && (gettype($value) == 'array' || (gettype($value) == 'object' && "$key" != 'self' && "$key" != 'parent') ) ) {
172  dbg_log_array( $component, "$name"."[$key]", $value, $recursive );
173  }
174  }
175  }
176 }
177 
178 
179 
180 if ( !function_exists("session_simple_md5") ) {
187  function session_simple_md5( $instr ) {
188  global $c;
189  if ( isset($c->dbg['password']) ) dbg_error_log( "Login", "Making plain MD5: instr=$instr, md5($instr)=".md5($instr) );
190  return ( '*MD5*'. md5($instr) );
191  }
192 }
193 
194 
195 
196 if ( !function_exists("session_salted_md5") ) {
206  function session_salted_md5( $instr, $salt = "" ) {
207  if ( $salt == "" ) $salt = substr( md5(rand(100000,999999)), 2, 8);
208  global $c;
209  if ( isset($c->dbg['password']) ) dbg_error_log( "Login", "Making salted MD5: salt=$salt, instr=$instr, md5($salt$instr)=".md5($salt . $instr) );
210  return ( sprintf("*%s*%s", $salt, md5($salt . $instr) ) );
211  }
212 }
213 
214 
215 
216 if ( !function_exists("session_salted_sha1") ) {
230  function session_salted_sha1( $instr, $salt = "" ) {
231  if ( $salt == "" ) $salt = substr( str_replace('*','',base64_encode(sha1(rand(100000,9999999),true))), 2, 9);
232  global $c;
233  if ( isset($c->dbg['password']) ) dbg_error_log( "Login", "Making salted SHA1: salt=$salt, instr=$instr, encoded($instr$salt)=".base64_encode(sha1($instr . $salt, true).$salt) );
234  return ( sprintf("*%s*{SSHA}%s", $salt, base64_encode(sha1($instr.$salt, true) . $salt ) ) );
235  }
236 }
237 
238 
239 if ( !function_exists("session_validate_password") ) {
240 
247  function session_validate_password( $they_sent, $we_have ) {
248  global $c;
249  if ( preg_match('/^\*\*.+$/', $we_have ) ) {
250  // The "forced" style of "**plaintext" to allow easier admin setting
251  return ( "**$they_sent" == $we_have );
252  }
253 
254  if ( isset($c->wp_includes) && substring($we_have,0,1) == '$' ) {
255  // Include Wordpress password handling, if it's in the path.
256  @require_once($c->wp_includes .'/class-phpass.php');
257 
258  if ( class_exists('PasswordHash') ) {
259  $wp_hasher = new PasswordHash(8, true);
260  return $wp_hasher->CheckPassword($password, $hash);
261  }
262  }
263 
264  if ( preg_match('/^\*(.+)\*{[A-Z]+}.+$/', $we_have, $regs ) ) {
265  if ( function_exists("session_salted_sha1") ) {
266  // A nicely salted sha1sum like "*<salt>*{SSHA}<salted_sha1>"
267  $salt = $regs[1];
268  $sha1_sent = session_salted_sha1( $they_sent, $salt ) ;
269  return ( $sha1_sent == $we_have );
270  }
271  else {
272  dbg_error_log( "ERROR", "Password is salted SHA-1 but you are using PHP4!" );
273  echo <<<EOERRMSG
274 <html>
275 <head>
276 <title>Salted SHA1 Password format not supported with PHP4</title>
277 </head>
278 <body>
279 <h1>Salted SHA1 Password format not supported with PHP4</h1>
280 <p>At some point you have used PHP5 to set the password for this user and now you are
281  using PHP4. You will need to assign a new password to this user using PHP4, or ensure
282  you use PHP5 everywhere (recommended).</p>
283 <p>AWL has now switched to using salted SHA-1 passwords by preference in a format
284  compatible with OpenLDAP.</p>
285 </body>
286 </html>
287 EOERRMSG;
288  exit;
289  }
290  }
291 
292  if ( preg_match('/^\*MD5\*.+$/', $we_have, $regs ) ) {
293  // A crappy unsalted md5sum like "*MD5*<md5>"
294  $md5_sent = session_simple_md5( $they_sent ) ;
295  return ( $md5_sent == $we_have );
296  }
297  else if ( preg_match('/^\*(.+)\*.+$/', $we_have, $regs ) ) {
298  // A nicely salted md5sum like "*<salt>*<salted_md5>"
299  $salt = $regs[1];
300  $md5_sent = session_salted_md5( $they_sent, $salt ) ;
301  return ( $md5_sent == $we_have );
302  }
303 
304  // Anything else is bad
305  return false;
306 
307  }
308 }
309 
310 
311 
312 if ( !function_exists("replace_uri_params") ) {
320  function replace_uri_params( $uri, $replacements ) {
321  $replaced = $uri;
322  foreach( $replacements AS $param => $new_value ) {
323  $rxp = preg_replace( '/([\[\]])/', '\\\\$1', $param ); // Some parameters may be arrays.
324  $regex = "/([&?])($rxp)=([^&]+)/";
325  dbg_error_log("core", "Looking for [%s] to replace with [%s] regex is %s and searching [%s]", $param, $new_value, $regex, $replaced );
326  if ( preg_match( $regex, $replaced ) )
327  $replaced = preg_replace( $regex, "\$1$param=$new_value", $replaced);
328  else
329  $replaced .= "&$param=$new_value";
330  }
331  if ( ! preg_match( '/\?/', $replaced ) ) {
332  $replaced = preg_replace("/&(.+)$/", "?\$1", $replaced);
333  }
334  $replaced = str_replace("&amp;", "--AmPeRsAnD--", $replaced);
335  $replaced = str_replace("&", "&amp;", $replaced);
336  $replaced = str_replace("--AmPeRsAnD--", "&amp;", $replaced);
337  dbg_error_log("core", "URI <<$uri>> morphed to <<$replaced>>");
338  return $replaced;
339  }
340 }
341 
342 
343 if ( !function_exists("uuid") ) {
373  function uuid() {
374 
375  // The field names refer to RFC 4122 section 4.1.2
376 
377  return sprintf('%04x%04x-%04x-%03x4-%04x-%04x%04x%04x',
378  mt_rand(0, 65535), mt_rand(0, 65535), // 32 bits for "time_low"
379  mt_rand(0, 65535), // 16 bits for "time_mid"
380  mt_rand(0, 4095), // 12 bits before the 0100 of (version) 4 for "time_hi_and_version"
381  bindec(substr_replace(sprintf('%016b', mt_rand(0, 65535)), '01', 6, 2)),
382  // 8 bits, the last two of which (positions 6 and 7) are 01, for "clk_seq_hi_res"
383  // (hence, the 2nd hex digit after the 3rd hyphen can only be 1, 5, 9 or d)
384  // 8 bits for "clk_seq_low"
385  mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535) // 48 bits for "node"
386  );
387  }
388 }
389 
390 if ( !function_exists("translate") ) {
391  require("Translation.php");
392 }
393 
394  if ( !function_exists("clone") && version_compare(phpversion(), '5.0') < 0) {
400  eval( 'function clone($object) { return $object; }' );
401 }
402 
403 if ( !function_exists("quoted_printable_encode") ) {
409  function quoted_printable_encode($string) {
410  return preg_replace('/[^\r\n]{73}[^=\r\n]{2}/', "$0=\r\n", str_replace("%","=",str_replace("%20"," ",rawurlencode($string))));
411  }
412 }
413 
414 
415 if ( !function_exists("check_by_regex") ) {
421  function check_by_regex( $val, $regex ) {
422  if ( is_null($val) ) return null;
423  switch( $regex ) {
424  case 'int': $regex = '#^\d+$#'; break;
425  }
426  if ( is_array($val) ) {
427  foreach( $val AS $k => $v ) {
428  $val[$k] = check_by_regex($v,$regex);
429  }
430  }
431  else if ( ! is_object($val) ) {
432  if ( preg_match( $regex, $val, $matches) ) {
433  $val = $matches[0];
434  }
435  else {
436  $val = '';
437  }
438  }
439  return $val;
440  }
441 }
442 
443 
444 if ( !function_exists("param_to_global") ) {
455  function param_to_global( ) {
456  $args = func_get_args();
457 
458  $varname = array_shift($args);
459  $GLOBALS[$varname] = null;
460 
461  $match_regex = null;
462  $argc = func_num_args();
463  if ( $argc > 1 ) {
464  $match_regex = array_shift($args);
465  }
466 
467  $args[] = $varname;
468  foreach( $args AS $k => $name ) {
469  if ( isset($_POST[$name]) ) {
470  $result = $_POST[$name];
471  break;
472  }
473  else if ( isset($_GET[$name]) ) {
474  $result = $_GET[$name];
475  break;
476  }
477  }
478  if ( !isset($result) ) return null;
479 
480  if ( isset($match_regex) ) {
481  $result = check_by_regex( $result, $match_regex );
482  }
483 
484  $GLOBALS[$varname] = $result;
485  return $result;
486  }
487 }
488 
489 
490 if ( !function_exists("awl_get_fields") ) {
494  $_AWL_field_cache = array();
495 
501  function awl_get_fields( $tablename ) {
502  global $_AWL_field_cache;
503 
504  if ( !isset($_AWL_field_cache[$tablename]) ) {
505  dbg_error_log( "core", ":awl_get_fields: Loading fields for table '$tablename'" );
506  $qry = new AwlQuery();
507  $db = $qry->GetConnection();
508  $qry->SetSQL($db->GetFields($tablename));
509  $qry->Exec("core");
510  $fields = array();
511  while( $row = $qry->Fetch() ) {
512  $fields[$row->fieldname] = $row->typename . ($row->precision >= 0 ? sprintf('(%d)',$row->precision) : '');
513  }
514  $_AWL_field_cache[$tablename] = $fields;
515  }
516  return $_AWL_field_cache[$tablename];
517  }
518 }
519 
520 
521 if ( !function_exists("force_utf8") ) {
522  function define_byte_mappings() {
523  global $byte_map, $nibble_good_chars;
524 
525  # Needed for using Grant McLean's byte mappings code
526  $ascii_char = '[\x00-\x7F]';
527  $cont_byte = '[\x80-\xBF]';
528 
529  $utf8_2 = '[\xC0-\xDF]' . $cont_byte;
530  $utf8_3 = '[\xE0-\xEF]' . $cont_byte . '{2}';
531  $utf8_4 = '[\xF0-\xF7]' . $cont_byte . '{3}';
532  $utf8_5 = '[\xF8-\xFB]' . $cont_byte . '{4}';
533 
534  $nibble_good_chars = "/^($ascii_char+|$utf8_2|$utf8_3|$utf8_4|$utf8_5)(.*)$/s";
535 
536  # From http://unicode.org/Public/MAPPINGS/VENDORS/MICSFT/WINDOWS/CP1252.TXT
537  $byte_map = array(
538  "\x80" => "\xE2\x82\xAC", # EURO SIGN
539  "\x82" => "\xE2\x80\x9A", # SINGLE LOW-9 QUOTATION MARK
540  "\x83" => "\xC6\x92", # LATIN SMALL LETTER F WITH HOOK
541  "\x84" => "\xE2\x80\x9E", # DOUBLE LOW-9 QUOTATION MARK
542  "\x85" => "\xE2\x80\xA6", # HORIZONTAL ELLIPSIS
543  "\x86" => "\xE2\x80\xA0", # DAGGER
544  "\x87" => "\xE2\x80\xA1", # DOUBLE DAGGER
545  "\x88" => "\xCB\x86", # MODIFIER LETTER CIRCUMFLEX ACCENT
546  "\x89" => "\xE2\x80\xB0", # PER MILLE SIGN
547  "\x8A" => "\xC5\xA0", # LATIN CAPITAL LETTER S WITH CARON
548  "\x8B" => "\xE2\x80\xB9", # SINGLE LEFT-POINTING ANGLE QUOTATION MARK
549  "\x8C" => "\xC5\x92", # LATIN CAPITAL LIGATURE OE
550  "\x8E" => "\xC5\xBD", # LATIN CAPITAL LETTER Z WITH CARON
551  "\x91" => "\xE2\x80\x98", # LEFT SINGLE QUOTATION MARK
552  "\x92" => "\xE2\x80\x99", # RIGHT SINGLE QUOTATION MARK
553  "\x93" => "\xE2\x80\x9C", # LEFT DOUBLE QUOTATION MARK
554  "\x94" => "\xE2\x80\x9D", # RIGHT DOUBLE QUOTATION MARK
555  "\x95" => "\xE2\x80\xA2", # BULLET
556  "\x96" => "\xE2\x80\x93", # EN DASH
557  "\x97" => "\xE2\x80\x94", # EM DASH
558  "\x98" => "\xCB\x9C", # SMALL TILDE
559  "\x99" => "\xE2\x84\xA2", # TRADE MARK SIGN
560  "\x9A" => "\xC5\xA1", # LATIN SMALL LETTER S WITH CARON
561  "\x9B" => "\xE2\x80\xBA", # SINGLE RIGHT-POINTING ANGLE QUOTATION MARK
562  "\x9C" => "\xC5\x93", # LATIN SMALL LIGATURE OE
563  "\x9E" => "\xC5\xBE", # LATIN SMALL LETTER Z WITH CARON
564  "\x9F" => "\xC5\xB8", # LATIN CAPITAL LETTER Y WITH DIAERESIS
565  );
566 
567  for( $i=160; $i < 256; $i++ ) {
568  $ch = chr($i);
569  $byte_map[$ch] = iconv('ISO-8859-1', 'UTF-8', $ch);
570  }
571  }
572  define_byte_mappings();
573 
574  function force_utf8( $input ) {
575  global $byte_map, $nibble_good_chars;
576 
577  $output = '';
578  $char = '';
579  $rest = '';
580  while( $input != '' ) {
581  if ( preg_match( $nibble_good_chars, $input, $matches ) ) {
582  $output .= $matches[1];
583  $rest = $matches[2];
584  }
585  else {
586  preg_match( '/^(.)(.*)$/s', $input, $matches );
587  $char = $matches[1];
588  $rest = $matches[2];
589  if ( isset($byte_map[$char]) ) {
590  $output .= $byte_map[$char];
591  }
592  else {
593  # Must be valid UTF8 already
594  $output .= $char;
595  }
596  }
597  $input = $rest;
598  }
599  return $output;
600  }
601 
602 }
603 
604 
605 $timezone_identifiers_list_cache = timezone_identifiers_list();
606 
610 function olson_from_tzstring( $tzstring ) {
611  global $c, $timezone_identifiers_list_cache;
612 
613  if ( in_array($tzstring,$timezone_identifiers_list_cache) ) return $tzstring;
614  if ( preg_match( '{((Antarctica|America|Africa|Atlantic|Asia|Australia|Indian|Europe|Pacific)/(([^/]+)/)?[^/]+)$}', $tzstring, $matches ) ) {
615 // dbg_error_log( 'INFO', 'Found timezone "%s" from string "%s"', $matches[1], $tzstring );
616  return $matches[1];
617  }
618  switch( $tzstring ) {
619  case 'New Zealand Standard Time': case 'New Zealand Daylight Time':
620  return 'Pacific/Auckland';
621  break;
622  case 'Central Standard Time': case 'Central Daylight Time': case 'US/Central':
623  return 'America/Chicago';
624  break;
625  case 'Eastern Standard Time': case 'Eastern Daylight Time': case 'US/Eastern':
626  case '(UTC-05:00) Eastern Time (US & Canada)':
627  return 'America/New_York';
628  break;
629  case 'Pacific Standard Time': case 'Pacific Daylight Time': case 'US/Pacific':
630  return 'America/Los_Angeles';
631  break;
632  case 'Mountain Standard Time': case 'Mountain Daylight Time': case 'US/Mountain': case 'Mountain Time':
633  return 'America/Denver';
634  // The US 'Mountain Time' can in fact be America/(Denver|Boise|Phoenix|Shiprock) which
635  // all vary to some extent due to differing DST rules.
636  break;
637  case '(GMT-07.00) Arizona':
638  return 'America/Phoenix';
639  break;
640  default:
641  if ( isset($c->timezone_translations) && is_array($c->timezone_translations)
642  && !empty($c->timezone_translations[$tzstring]) )
643  return $c->timezone_translations[$tzstring];
644  }
645  return null;
646 }
647 
648 if ( !function_exists("deprecated") ) {
649  function deprecated( $method ) {
650  global $c;
651  if ( isset($c->dbg['ALL']) || isset($c->dbg['deprecated']) ) {
652  $stack = debug_backtrace();
653  array_shift($stack);
654  if ( preg_match( '{/inc/iCalendar.php$}', $stack[0]['file'] ) && $stack[0]['line'] > __LINE__ ) return;
655  @error_log( sprintf( $c->sysabbr.':DEPRECATED: Call to deprecated method "%s"', $method));
656  foreach( $stack AS $k => $v ) {
657  @error_log( sprintf( $c->sysabbr.': ==> called from line %4d of %s', $v['line'], $v['file']));
658  }
659  }
660  }
661 }
662 
663 
664 if ( !function_exists("gzdecode") ) {
665  function gzdecode( $instring ) {
666  global $c;
667  if ( !isset($c->use_pipe_gunzip) || $c->use_pipe_gunzip ) {
668  $descriptorspec = array(
669  0 => array("pipe", "r"), // stdin is a pipe that the child will read from
670  1 => array("pipe", "w"), // stdout is a pipe that the child will write to
671  2 => array("file", "/dev/null", "a") // stderr is discarded
672  );
673  $process = proc_open('gunzip',$descriptorspec, $pipes);
674  if ( is_resource($process) ) {
675  fwrite($pipes[0],$instring);
676  fclose($pipes[0]);
677 
678  $outstring = stream_get_contents($pipes[1]);
679  fclose($pipes[1]);
680 
681  proc_close($process);
682  return $outstring;
683  }
684  return '';
685  }
686  else {
687  $g=tempnam('./','gz');
688  file_put_contents($g,$instring);
689  ob_start();
690  readgzfile($g);
691  $d=ob_get_clean();
692  unlink($g);
693  return $d;
694  }
695  }
696 }
697 
701 function awl_version() {
702  global $c;
703 $c->awl_library_version = 0.62;
704  return $c->awl_library_version;
705 }