| [ Index ] |
|
Code source de phpMyVisites 2.3 |
1 <?php 2 /* 3 * phpMyVisites : website statistics and audience measurements 4 * Copyright (C) 2002 - 2006 5 * http://www.phpmyvisites.net/ 6 * phpMyVisites is free software (license GNU/GPL) 7 * Authors : phpMyVisites team 8 */ 9 10 // $Id: common.functions.php 43 2006-08-21 05:55:50Z matthieu_ $ 11 12 function getFilenameExtension( $name ) 13 { 14 $posDot = strrpos( $name, "."); 15 if($posDot===false) 16 { 17 return $name; 18 } 19 20 return substr( $name, $posDot + 1); 21 } 22 23 function U2U($szstr) 24 { 25 $matches = array(); 26 preg_match_all("/%u([0-9,A-F][0-9,A-F][0-9,A-F][0-9,A-F])/i", $szstr, $matches); 27 28 $letters = 255; 29 30 $found = count($matches[0]); 31 32 while($found && $letters--) 33 { 34 $ustr = $matches[0][0]; 35 $ustrCode = str_replace("%u", "", $ustr); 36 37 $astrCode = hexdec($ustrCode); 38 $astr = sprintf("&#%d", $astrCode); 39 40 $szstr = str_replace($ustr, $astr, $szstr); 41 42 $matches = array(); 43 preg_match_all("/%u([0-9,A-F][0-9,A-F][0-9,A-F][0-9,A-F])/i", $szstr, 44 $matches); 45 46 $found = count($matches[0]); 47 } 48 49 return $szstr; 50 } 51 52 function databaseEscape($str) 53 { 54 return mysql_real_escape_string($str); 55 } 56 57 58 function uncompress( $data, $compressed ) 59 { 60 if($compressed == 1) 61 { 62 //var_dump($data); 63 64 // normal case 65 if( $return = gzuncompress($data) ) 66 { 67 return $return; 68 } 69 // case backward compatibility for cookie between 2.1 base64encode and between 2.2 70 else 71 { 72 return base64_decode($data); 73 } 74 } 75 return $data; 76 } 77 function compress( $data, $compressed ) 78 { 79 if($compressed == 1) 80 { 81 return gzcompress($data); 82 } 83 return $data; 84 } 85 /** 86 * returns the SQL-format date of the timestamp $ts 87 * 88 * @param timestamp $ts 89 * 90 * @return string date 91 */ 92 function getDateFromTimestamp($ts) 93 { 94 return date("Y-m-d", $ts); 95 } 96 97 98 /** 99 * get a variable from the $_REQUEST superglobal 100 * 101 * it tests the var type and exit if the variable doesn't have default value and 102 * if the type doesn't match 103 * 104 * @param string $varName name of the variable 105 * @param string $varDefault default value. If '', and if the type doesn't match, exit() ! 106 * @param string $varType variable type 107 */ 108 function getRequestVar($varName, $varDefault=null, $varType="string") 109 { 110 $varDefault = secureVar(stripslashesPmv($varDefault)); 111 112 if(!isset($_REQUEST[$varName]) || empty($_REQUEST[$varName])) 113 { 114 if($varDefault===null) 115 { 116 trigger_error("Error : \$varName '$varName' doesn't have value in \$_REQUEST and doesn't have a" . 117 " \$varDefault value", E_USER_ERROR); 118 exit(); 119 return; 120 } 121 else 122 { 123 if($varType=="numeric") 124 { 125 $varType="string"; 126 } 127 settype($varDefault, $varType); 128 return $varDefault; 129 } 130 } 131 else 132 { 133 $content = secureVar(stripslashesPmv($_REQUEST[$varName])); 134 135 if($varType == 'string') 136 { 137 if(is_string($content)) $ok = true; 138 } 139 elseif($varType == 'numeric' || $varType == 'int' || $varType == 'float') 140 { 141 if(is_numeric($content)) $ok = true; 142 } 143 elseif($varType == 'array') 144 { 145 if(is_array($content)) $ok = true; 146 } 147 else 148 { 149 $ok=true; 150 } 151 152 if(!isset($ok)) 153 { 154 if($varDefault===null) 155 { 156 trigger_error("Error : \$varName '$varName' doesn't have a correct type in \$_REQUEST and doesn't " . 157 "have a \$varDefault value", E_USER_ERROR); 158 exit(); 159 return; 160 } 161 else 162 { 163 if($varType=="numeric") 164 { 165 $varType="string"; 166 } 167 settype($varDefault, $varType); 168 return $varDefault; 169 } 170 } 171 else 172 { 173 return $content; 174 } 175 } 176 } 177 178 /** 179 * print message or array in debug mode 180 * 181 * @param string $message 182 */ 183 function printDebug ($message) { 184 if(DEBUG) 185 { 186 if(!is_scalar($message)) 187 { 188 print("<pre>"); 189 var_dump($message); 190 print("</pre>"); 191 } 192 else 193 { 194 print($message); 195 } 196 } 197 } 198 199 /** 200 * log page generation performances (queries number and time) 201 * 202 * @param int $idSite 203 * 204 * @param bool true 205 */ 206 function recordDbQueryCount($idSite) 207 { 208 // records query count and time to compute this page 209 $res = substr(getMicrotime()-$GLOBALS['time_start'], 0, 4); 210 $r = query("INSERT INTO ".T_QUERY_LOG." (idsite, query, time, date, daytime)" . 211 " VALUES ('$idSite', '".$GLOBALS['query_count']."', '$res', CURRENT_DATE(), CURRENT_TIME())"); 212 213 return true; 214 } 215 216 217 218 /** 219 * operation called by secureVar 220 * 221 * @param int|string $var 222 * 223 * @return int|string 224 */ 225 function secureVarOperation($var) 226 { 227 if(is_array( $var )) 228 { 229 foreach($var as $key => $value) 230 { 231 if(is_array($value)) 232 { 233 $var[$key] = secureVarOperation($value); 234 } 235 else 236 { 237 $var[$key] = htmlspecialchars(trim($value)); 238 } 239 } 240 } 241 else 242 { 243 $var = htmlspecialchars(trim($var)); 244 } 245 246 return databaseSecure($var); 247 } 248 249 function databaseSecure($var) 250 { 251 $db =& Db::getInstance(); 252 if($db->isReady()) 253 { 254 if(is_array($var)) 255 { 256 foreach($var as $key => $value) 257 { 258 if(is_array($value)) 259 { 260 $var[$key] = databaseSecure($value); 261 } 262 else 263 { 264 $var[$key] = databaseEscape($value); 265 } 266 } 267 } 268 else 269 { 270 $var = databaseEscape($var); 271 } 272 } 273 return $var; 274 } 275 /** 276 * secures the variable from SQL injection and from cross site scripting 277 * 278 * @param int|string|array $var 279 * @param int|string|array var secured 280 */ 281 function secureVar($var) 282 { 283 if(is_scalar($var)) 284 { 285 return secureVarOperation($var); 286 } 287 else if(is_array($var)) 288 { 289 foreach($var as $key => $value) 290 { 291 $var[$key] = secureVarOperation($value); 292 } 293 return $var; 294 } 295 else 296 { 297 return $var; 298 } 299 } 300 301 /** 302 * special stripslashes managing fucking magic_quotes 303 * 304 * @param string|array $str 305 * 306 * @return string|array stripslashed, or not 307 */ 308 function stripslashesPmv($str) 309 { 310 if (get_magic_quotes_gpc()) 311 { 312 if(is_array($str)) 313 { 314 foreach($str as $key => $value) 315 { 316 $str[$key] = stripslashes($value); 317 } 318 return $str; 319 } 320 else 321 { 322 return stripslashes($str); 323 } 324 } 325 else 326 { 327 return $str; 328 } 329 } 330 331 332 /** 333 * set an int or string to a precise length, completing on the left with zero (O) 334 * 335 * @param all $id 336 * @param int $length 337 * 338 * @return string string to length $length 339 */ 340 function setToLength($id, $length) 341 { 342 settype($id, 'string'); 343 $l = strlen($id); 344 for($i=0;$i<$length-$l;$i++) 345 { 346 $id='0'.$id; 347 } 348 return $id; 349 } 350 351 352 /** 353 * returns seconds since midnight today 354 * 355 * @return int seconds since midnight today 356 */ 357 function todayTime() 358 { 359 return date("H") * 3600 + date("i") * 60 + date("s"); 360 } 361 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 14:10:01 2007 | par Balluche grâce à PHPXref 0.7 |
|
|