| Server IP : 213.186.33.4 / Your IP : 216.73.216.193 Web Server : Apache System : Linux webm006.cluster103.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64 User : awebpaca ( 35430) PHP Version : 8.5.0 Disable Function : _dyuweyrj4,_dyuweyrj4r,dl MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/awebpaca/Dolibarr/htdocs/core/filemanagerdol/connectors/php/ |
Upload File : |
<?php
/*
* FCKeditor - The text editor for Internet - http://www.fckeditor.net
* Copyright (C) 2003-2010 Frederico Caldeira Knabben
*
* == BEGIN LICENSE ==
*
* Licensed under the terms of any of the following licenses at your
* choice:
*
* - GNU General Public License Version 2 or later (the "GPL")
* https://www.gnu.org/licenses/gpl.html
*
* - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
* https://www.gnu.org/licenses/lgpl.html
*
* - Mozilla Public License Version 1.1 or later (the "MPL")
* http://www.mozilla.org/MPL/MPL-1.1.html
*
* == END LICENSE ==
*
* Utility functions for the File Manager Connector for PHP.
*/
/**
* RemoveFromStart
*
* @param string $sourceString Source
* @param string $charToRemove Char to remove
* @return string Result
*/
function RemoveFromStart($sourceString, $charToRemove)
{
$sPattern = '|^'.$charToRemove.'+|';
return preg_replace($sPattern, '', $sourceString);
}
/**
* RemoveFromEnd
*
* @param string $sourceString Source
* @param string $charToRemove Rhar to remove
* @return string Result
*/
function RemoveFromEnd($sourceString, $charToRemove)
{
$sPattern = '|'.$charToRemove.'+$|';
return preg_replace($sPattern, '', $sourceString);
}
/**
* FindBadUtf8
*
* @param string $string String
* @return boolean
*/
function FindBadUtf8($string)
{
$regex = '([\x00-\x7F]|[\xC2-\xDF][\x80-\xBF]|\xE0[\xA0-\xBF][\x80-\xBF]|[\xE1-\xEC\xEE\xEF][\x80-\xBF]{2}|\xED[\x80-\x9F][\x80-\xBF]';
$regex .= '|\xF0[\x90-\xBF][\x80-\xBF]{2}|[\xF1-\xF3][\x80-\xBF]{3}|\xF4[\x80-\x8F][\x80-\xBF]{2}|(.{1}))';
$matches = array();
while (preg_match('/'.$regex.'/S', $string, $matches)) {
if (isset($matches[2])) {
return true;
}
$string = substr($string, strlen($matches[0]));
}
return false;
}
/**
* ConvertToXmlAttribute
*
* @param string $value Value
* @return string
*/
function ConvertToXmlAttribute($value)
{
if (defined('PHP_OS')) {
$os = PHP_OS;
} else {
$os = php_uname();
}
if (strtoupper(substr($os, 0, 3)) === 'WIN' || FindBadUtf8($value)) {
return (utf8_encode(htmlspecialchars($value)));
} else {
return (htmlspecialchars($value));
}
}
/**
* Check whether given extension is in html etensions list
*
* @param string $ext Extension
* @param array $formExtensions Array of extensions
* @return boolean
*/
function IsHtmlExtension($ext, $formExtensions)
{
if (!$formExtensions || !is_array($formExtensions)) {
return false;
}
$lcaseHtmlExtensions = array();
foreach ($formExtensions as $key => $val) {
$lcaseHtmlExtensions[$key] = strtolower($val);
}
return in_array($ext, $lcaseHtmlExtensions);
}
/**
* Detect HTML in the first KB to prevent against potential security issue with
* IE/Safari/Opera file type auto detection bug.
* Returns true if file contain insecure HTML code at the beginning.
*
* @param string $filePath absolute path to file
* @return boolean
*/
function DetectHtml($filePath)
{
$fp = @fopen($filePath, 'rb');
//open_basedir restriction, see #1906
if ($fp === false || !flock($fp, LOCK_SH)) {
return -1;
}
$chunk = fread($fp, 1024);
flock($fp, LOCK_UN);
fclose($fp);
$chunk = strtolower($chunk);
if (!$chunk) {
return false;
}
$chunk = trim($chunk);
if (preg_match("/<!DOCTYPE\W*X?HTML/sim", $chunk)) {
return true;
}
$tags = array('<body', '<head', '<html', '<img', '<pre', '<script', '<table', '<title');
foreach ($tags as $tag) {
if (false !== strpos($chunk, $tag)) {
return true;
}
}
//type = javascript
if (preg_match('!type\s*=\s*[\'"]?\s*(?:\w*/)?(?:ecma|java)!sim', $chunk)) {
return true;
}
//href = javascript
//src = javascript
//data = javascript
if (preg_match('!(?:href|src|data)\s*=\s*[\'"]?\s*(?:ecma|java)script:!sim', $chunk)) {
return true;
}
//url(javascript
if (preg_match('!url\s*\(\s*[\'"]?\s*(?:ecma|java)script:!sim', $chunk)) {
return true;
}
return false;
}
/**
* Check file content.
* Currently this function validates only image files.
* Returns false if file is invalid.
*
* @param string $filePath Absolute path to file
* @param string $extension File extension
* @return boolean True or false
*/
function IsImageValid($filePath, $extension)
{
if (!@is_readable($filePath)) {
return -1;
}
$imageCheckExtensions = array(
'gif',
'jpeg',
'jpg',
'png',
'swf',
'psd',
'bmp',
'iff',
'tiff',
'tif',
'swc',
'jpc',
'jp2',
'jpx',
'jb2',
'xbm',
'wbmp'
);
if (!in_array($extension, $imageCheckExtensions)) {
return true;
}
if (@getimagesize($filePath) === false) {
return false;
}
return true;
}