[SECURITY] XML entity expansion
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Classes / Utility / GeneralUtility.php
1 <?php
2 namespace TYPO3\CMS\Core\Utility;
3
4 /**
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 /**
18 * The legendary "t3lib_div" class - Miscellaneous functions for general purpose.
19 * Most of the functions do not relate specifically to TYPO3
20 * However a section of functions requires certain TYPO3 features available
21 * See comments in the source.
22 * You are encouraged to use this library in your own scripts!
23 *
24 * USE:
25 * The class is intended to be used without creating an instance of it.
26 * So: Don't instantiate - call functions with "\TYPO3\CMS\Core\Utility\GeneralUtility::" prefixed the function name.
27 * So use \TYPO3\CMS\Core\Utility\GeneralUtility::[method-name] to refer to the functions, eg. '\TYPO3\CMS\Core\Utility\GeneralUtility::milliseconds()'
28 *
29 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
30 */
31 class GeneralUtility {
32
33 // Severity constants used by \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog()
34 const SYSLOG_SEVERITY_INFO = 0;
35 const SYSLOG_SEVERITY_NOTICE = 1;
36 const SYSLOG_SEVERITY_WARNING = 2;
37 const SYSLOG_SEVERITY_ERROR = 3;
38 const SYSLOG_SEVERITY_FATAL = 4;
39
40 const ENV_TRUSTED_HOSTS_PATTERN_ALLOW_ALL = '.*';
41 const ENV_TRUSTED_HOSTS_PATTERN_SERVER_NAME = 'SERVER_NAME';
42
43 /**
44 * State of host header value security check
45 * in order to avoid unnecessary multiple checks during one request
46 *
47 * @var bool
48 */
49 static protected $allowHostHeaderValue = FALSE;
50
51 /**
52 * Singleton instances returned by makeInstance, using the class names as
53 * array keys
54 *
55 * @var array<\TYPO3\CMS\Core\SingletonInterface>
56 */
57 static protected $singletonInstances = array();
58
59 /**
60 * Instances returned by makeInstance, using the class names as array keys
61 *
62 * @var array<array><object>
63 */
64 static protected $nonSingletonInstances = array();
65
66 /**
67 * Cache for makeInstance with given class name and final class names to reduce number of self::getClassName() calls
68 *
69 * @var array Given class name => final class name
70 */
71 static protected $finalClassNameCache = array();
72
73 /**
74 * The application context
75 *
76 * @var \TYPO3\CMS\Core\Core\ApplicationContext
77 */
78 static protected $applicationContext = NULL;
79
80 /**
81 * IDNA string cache
82 *
83 * @var array<string>
84 */
85 static protected $idnaStringCache = array();
86
87 /**
88 * IDNA converter
89 *
90 * @var \idna_convert
91 */
92 static protected $idnaConverter = NULL;
93
94 /**
95 * A list of supported CGI server APIs
96 * NOTICE: This is a duplicate of the SAME array in SystemEnvironmentBuilder
97 * @var array
98 */
99 static protected $supportedCgiServerApis = array(
100 'fpm-fcgi',
101 'cgi',
102 'isapi',
103 'cgi-fcgi',
104 'srv', // HHVM with fastcgi
105 );
106
107 /*************************
108 *
109 * GET/POST Variables
110 *
111 * Background:
112 * Input GET/POST variables in PHP may have their quotes escaped with "\" or not depending on configuration.
113 * TYPO3 has always converted quotes to BE escaped if the configuration told that they would not be so.
114 * But the clean solution is that quotes are never escaped and that is what the functions below offers.
115 * Eventually TYPO3 should provide this in the global space as well.
116 * In the transitional phase (or forever..?) we need to encourage EVERY to read and write GET/POST vars through the API functions below.
117 *
118 *************************/
119 /**
120 * Returns the 'GLOBAL' value of incoming data from POST or GET, with priority to POST (that is equalent to 'GP' order)
121 * Strips slashes from all output, both strings and arrays.
122 * To enhancement security in your scripts, please consider using \TYPO3\CMS\Core\Utility\GeneralUtility::_GET or \TYPO3\CMS\Core\Utility\GeneralUtility::_POST if you already
123 * know by which method your data is arriving to the scripts!
124 *
125 * @param string $var GET/POST var to return
126 * @return mixed POST var named $var and if not set, the GET var of the same name.
127 */
128 static public function _GP($var) {
129 if (empty($var)) {
130 return;
131 }
132 $value = isset($_POST[$var]) ? $_POST[$var] : $_GET[$var];
133 if (isset($value)) {
134 if (is_array($value)) {
135 self::stripSlashesOnArray($value);
136 } else {
137 $value = stripslashes($value);
138 }
139 }
140 return $value;
141 }
142
143 /**
144 * Returns the global arrays $_GET and $_POST merged with $_POST taking precedence.
145 *
146 * @param string $parameter Key (variable name) from GET or POST vars
147 * @return array Returns the GET vars merged recursively onto the POST vars.
148 */
149 static public function _GPmerged($parameter) {
150 $postParameter = isset($_POST[$parameter]) && is_array($_POST[$parameter]) ? $_POST[$parameter] : array();
151 $getParameter = isset($_GET[$parameter]) && is_array($_GET[$parameter]) ? $_GET[$parameter] : array();
152 $mergedParameters = $getParameter;
153 ArrayUtility::mergeRecursiveWithOverrule($mergedParameters, $postParameter);
154 self::stripSlashesOnArray($mergedParameters);
155 return $mergedParameters;
156 }
157
158 /**
159 * Returns the global $_GET array (or value from) normalized to contain un-escaped values.
160 * ALWAYS use this API function to acquire the GET variables!
161 *
162 * @param string $var Optional pointer to value in GET array (basically name of GET var)
163 * @return mixed If $var is set it returns the value of $_GET[$var]. If $var is NULL (default), returns $_GET itself. In any case *slashes are stipped from the output!*
164 * @see _POST(), _GP(), _GETset()
165 */
166 static public function _GET($var = NULL) {
167 $value = $var === NULL ? $_GET : (empty($var) ? NULL : $_GET[$var]);
168 // Removes slashes since TYPO3 has added them regardless of magic_quotes setting.
169 if (isset($value)) {
170 if (is_array($value)) {
171 self::stripSlashesOnArray($value);
172 } else {
173 $value = stripslashes($value);
174 }
175 }
176 return $value;
177 }
178
179 /**
180 * Returns the global $_POST array (or value from) normalized to contain un-escaped values.
181 * ALWAYS use this API function to acquire the $_POST variables!
182 *
183 * @param string $var Optional pointer to value in POST array (basically name of POST var)
184 * @return mixed If $var is set it returns the value of $_POST[$var]. If $var is NULL (default), returns $_POST itself. In any case *slashes are stipped from the output!*
185 * @see _GET(), _GP()
186 */
187 static public function _POST($var = NULL) {
188 $value = $var === NULL ? $_POST : (empty($var) ? NULL : $_POST[$var]);
189 // Removes slashes since TYPO3 has added them regardless of magic_quotes setting.
190 if (isset($value)) {
191 if (is_array($value)) {
192 self::stripSlashesOnArray($value);
193 } else {
194 $value = stripslashes($value);
195 }
196 }
197 return $value;
198 }
199
200 /**
201 * Writes input value to $_GET.
202 *
203 * @param mixed $inputGet
204 * @param string $key
205 * @return void
206 */
207 static public function _GETset($inputGet, $key = '') {
208 // Adds slashes since TYPO3 standard currently is that slashes
209 // must be applied (regardless of magic_quotes setting)
210 if (is_array($inputGet)) {
211 self::addSlashesOnArray($inputGet);
212 } else {
213 $inputGet = addslashes($inputGet);
214 }
215 if ($key != '') {
216 if (strpos($key, '|') !== FALSE) {
217 $pieces = explode('|', $key);
218 $newGet = array();
219 $pointer = &$newGet;
220 foreach ($pieces as $piece) {
221 $pointer = &$pointer[$piece];
222 }
223 $pointer = $inputGet;
224 $mergedGet = $_GET;
225 ArrayUtility::mergeRecursiveWithOverrule($mergedGet, $newGet);
226 $_GET = $mergedGet;
227 $GLOBALS['HTTP_GET_VARS'] = $mergedGet;
228 } else {
229 $_GET[$key] = $inputGet;
230 $GLOBALS['HTTP_GET_VARS'][$key] = $inputGet;
231 }
232 } elseif (is_array($inputGet)) {
233 $_GET = $inputGet;
234 $GLOBALS['HTTP_GET_VARS'] = $inputGet;
235 }
236 }
237
238 /**
239 * Wrapper for the RemoveXSS function.
240 * Removes potential XSS code from an input string.
241 *
242 * Using an external class by Travis Puderbaugh <kallahar@quickwired.com>
243 *
244 * @param string $string Input string
245 * @return string Input string with potential XSS code removed
246 */
247 static public function removeXSS($string) {
248 require_once PATH_typo3 . 'contrib/RemoveXSS/RemoveXSS.php';
249 $string = \RemoveXSS::process($string);
250 return $string;
251 }
252
253 /*************************
254 *
255 * IMAGE FUNCTIONS
256 *
257 *************************/
258 /**
259 * Compressing a GIF file if not already LZW compressed.
260 * This function is a workaround for the fact that ImageMagick and/or GD does not compress GIF-files to their minimun size (that is RLE or no compression used)
261 *
262 * The function takes a file-reference, $theFile, and saves it again through GD or ImageMagick in order to compress the file
263 * GIF:
264 * If $type is not set, the compression is done with ImageMagick (provided that $GLOBALS['TYPO3_CONF_VARS']['GFX']['im_path_lzw'] is pointing to the path of a lzw-enabled version of 'convert') else with GD (should be RLE-enabled!)
265 * If $type is set to either 'IM' or 'GD' the compression is done with ImageMagick and GD respectively
266 * PNG:
267 * No changes.
268 *
269 * $theFile is expected to be a valid GIF-file!
270 * The function returns a code for the operation.
271 *
272 * @param string $theFile Filepath
273 * @param string $type See description of function
274 * @return string Returns "GD" if GD was used, otherwise "IM" if ImageMagick was used. If nothing done at all, it returns empty string.
275 */
276 static public function gif_compress($theFile, $type) {
277 $gfxConf = $GLOBALS['TYPO3_CONF_VARS']['GFX'];
278 $returnCode = '';
279 // GIF...
280 if ($gfxConf['gif_compress'] && strtolower(substr($theFile, -4, 4)) == '.gif') {
281 // IM
282 if (($type == 'IM' || !$type) && $gfxConf['im'] && $gfxConf['im_path_lzw']) {
283 // Use temporary file to prevent problems with read and write lock on same file on network file systems
284 $temporaryName = dirname($theFile) . '/' . md5(uniqid('', TRUE)) . '.gif';
285 // Rename could fail, if a simultaneous thread is currently working on the same thing
286 if (@rename($theFile, $temporaryName)) {
287 $cmd = self::imageMagickCommand('convert', '"' . $temporaryName . '" "' . $theFile . '"', $gfxConf['im_path_lzw']);
288 \TYPO3\CMS\Core\Utility\CommandUtility::exec($cmd);
289 unlink($temporaryName);
290 }
291 $returnCode = 'IM';
292 if (@is_file($theFile)) {
293 self::fixPermissions($theFile);
294 }
295 } elseif (($type == 'GD' || !$type) && $gfxConf['gdlib'] && !$gfxConf['gdlib_png']) {
296 // GD
297 $tempImage = imageCreateFromGif($theFile);
298 imageGif($tempImage, $theFile);
299 imageDestroy($tempImage);
300 $returnCode = 'GD';
301 if (@is_file($theFile)) {
302 self::fixPermissions($theFile);
303 }
304 }
305 }
306 return $returnCode;
307 }
308
309 /**
310 * Converts a png file to gif.
311 * This converts a png file to gif IF the FLAG $GLOBALS['TYPO3_CONF_VARS']['FE']['png_to_gif'] is set TRUE.
312 *
313 * @param string $theFile The filename with path
314 * @return string New filename
315 */
316 static public function png_to_gif_by_imagemagick($theFile) {
317 if ($GLOBALS['TYPO3_CONF_VARS']['FE']['png_to_gif'] && $GLOBALS['TYPO3_CONF_VARS']['GFX']['im'] && $GLOBALS['TYPO3_CONF_VARS']['GFX']['im_path_lzw'] && strtolower(substr($theFile, -4, 4)) == '.png' && @is_file($theFile)) {
318 // IM
319 $newFile = substr($theFile, 0, -4) . '.gif';
320 $cmd = self::imageMagickCommand('convert', '"' . $theFile . '" "' . $newFile . '"', $GLOBALS['TYPO3_CONF_VARS']['GFX']['im_path_lzw']);
321 \TYPO3\CMS\Core\Utility\CommandUtility::exec($cmd);
322 $theFile = $newFile;
323 if (@is_file($newFile)) {
324 self::fixPermissions($newFile);
325 }
326 }
327 return $theFile;
328 }
329
330 /**
331 * Returns filename of the png/gif version of the input file (which can be png or gif).
332 * If input file type does not match the wanted output type a conversion is made and temp-filename returned.
333 *
334 * @param string $theFile Filepath of image file
335 * @param boolean $output_png If set, then input file is converted to PNG, otherwise to GIF
336 * @return string If the new image file exists, its filepath is returned
337 */
338 static public function read_png_gif($theFile, $output_png = FALSE) {
339 if ($GLOBALS['TYPO3_CONF_VARS']['GFX']['im'] && @is_file($theFile)) {
340 $ext = strtolower(substr($theFile, -4, 4));
341 if ((string) $ext == '.png' && $output_png || (string) $ext == '.gif' && !$output_png) {
342 return $theFile;
343 } else {
344 $newFile = PATH_site . 'typo3temp/readPG_' . md5(($theFile . '|' . filemtime($theFile))) . ($output_png ? '.png' : '.gif');
345 $cmd = self::imageMagickCommand('convert', '"' . $theFile . '" "' . $newFile . '"', $GLOBALS['TYPO3_CONF_VARS']['GFX']['im_path']);
346 \TYPO3\CMS\Core\Utility\CommandUtility::exec($cmd);
347 if (@is_file($newFile)) {
348 self::fixPermissions($newFile);
349 return $newFile;
350 }
351 }
352 }
353 }
354
355 /*************************
356 *
357 * STRING FUNCTIONS
358 *
359 *************************/
360 /**
361 * Truncates a string with appended/prepended "..." and takes current character set into consideration.
362 *
363 * @param string $string String to truncate
364 * @param integer $chars Must be an integer with an absolute value of at least 4. if negative the string is cropped from the right end.
365 * @param string $appendString Appendix to the truncated string
366 * @return string Cropped string
367 */
368 static public function fixed_lgd_cs($string, $chars, $appendString = '...') {
369 if (is_object($GLOBALS['LANG'])) {
370 return $GLOBALS['LANG']->csConvObj->crop($GLOBALS['LANG']->charSet, $string, $chars, $appendString);
371 } elseif (is_object($GLOBALS['TSFE']) && is_object($GLOBALS['TSFE']->csConvObj)) {
372 $charSet = $GLOBALS['TSFE']->renderCharset != '' ? $GLOBALS['TSFE']->renderCharset : $GLOBALS['TSFE']->defaultCharSet;
373 return $GLOBALS['TSFE']->csConvObj->crop($charSet, $string, $chars, $appendString);
374 } else {
375 // This case should not happen
376 $csConvObj = self::makeInstance('TYPO3\\CMS\\Core\\Charset\\CharsetConverter');
377 return $csConvObj->crop('utf-8', $string, $chars, $appendString);
378 }
379 }
380
381 /**
382 * Match IP number with list of numbers with wildcard
383 * Dispatcher method for switching into specialised IPv4 and IPv6 methods.
384 *
385 * @param string $baseIP Is the current remote IP address for instance, typ. REMOTE_ADDR
386 * @param string $list Is a comma-list of IP-addresses to match with. *-wildcard allowed instead of number, plus leaving out parts in the IP number is accepted as wildcard (eg. 192.168.*.* equals 192.168). If list is "*" no check is done and the function returns TRUE immediately. An empty list always returns FALSE.
387 * @return boolean TRUE if an IP-mask from $list matches $baseIP
388 */
389 static public function cmpIP($baseIP, $list) {
390 $list = trim($list);
391 if ($list === '') {
392 return FALSE;
393 } elseif ($list === '*') {
394 return TRUE;
395 }
396 if (strpos($baseIP, ':') !== FALSE && self::validIPv6($baseIP)) {
397 return self::cmpIPv6($baseIP, $list);
398 } else {
399 return self::cmpIPv4($baseIP, $list);
400 }
401 }
402
403 /**
404 * Match IPv4 number with list of numbers with wildcard
405 *
406 * @param string $baseIP Is the current remote IP address for instance, typ. REMOTE_ADDR
407 * @param string $list Is a comma-list of IP-addresses to match with. *-wildcard allowed instead of number, plus leaving out parts in the IP number is accepted as wildcard (eg. 192.168.*.* equals 192.168), could also contain IPv6 addresses
408 * @return boolean TRUE if an IP-mask from $list matches $baseIP
409 */
410 static public function cmpIPv4($baseIP, $list) {
411 $IPpartsReq = explode('.', $baseIP);
412 if (count($IPpartsReq) == 4) {
413 $values = self::trimExplode(',', $list, TRUE);
414 foreach ($values as $test) {
415 $testList = explode('/', $test);
416 if (count($testList) == 2) {
417 list($test, $mask) = $testList;
418 } else {
419 $mask = FALSE;
420 }
421 if ((int)$mask) {
422 // "192.168.3.0/24"
423 $lnet = ip2long($test);
424 $lip = ip2long($baseIP);
425 $binnet = str_pad(decbin($lnet), 32, '0', STR_PAD_LEFT);
426 $firstpart = substr($binnet, 0, $mask);
427 $binip = str_pad(decbin($lip), 32, '0', STR_PAD_LEFT);
428 $firstip = substr($binip, 0, $mask);
429 $yes = $firstpart === $firstip;
430 } else {
431 // "192.168.*.*"
432 $IPparts = explode('.', $test);
433 $yes = 1;
434 foreach ($IPparts as $index => $val) {
435 $val = trim($val);
436 if ($val !== '*' && $IPpartsReq[$index] !== $val) {
437 $yes = 0;
438 }
439 }
440 }
441 if ($yes) {
442 return TRUE;
443 }
444 }
445 }
446 return FALSE;
447 }
448
449 /**
450 * Match IPv6 address with a list of IPv6 prefixes
451 *
452 * @param string $baseIP Is the current remote IP address for instance
453 * @param string $list Is a comma-list of IPv6 prefixes, could also contain IPv4 addresses
454 * @return boolean TRUE If an baseIP matches any prefix
455 */
456 static public function cmpIPv6($baseIP, $list) {
457 // Policy default: Deny connection
458 $success = FALSE;
459 $baseIP = self::normalizeIPv6($baseIP);
460 $values = self::trimExplode(',', $list, TRUE);
461 foreach ($values as $test) {
462 $testList = explode('/', $test);
463 if (count($testList) == 2) {
464 list($test, $mask) = $testList;
465 } else {
466 $mask = FALSE;
467 }
468 if (self::validIPv6($test)) {
469 $test = self::normalizeIPv6($test);
470 $maskInt = (int)$mask ?: 128;
471 // Special case; /0 is an allowed mask - equals a wildcard
472 if ($mask === '0') {
473 $success = TRUE;
474 } elseif ($maskInt == 128) {
475 $success = $test === $baseIP;
476 } else {
477 $testBin = self::IPv6Hex2Bin($test);
478 $baseIPBin = self::IPv6Hex2Bin($baseIP);
479 $success = TRUE;
480 // Modulo is 0 if this is a 8-bit-boundary
481 $maskIntModulo = $maskInt % 8;
482 $numFullCharactersUntilBoundary = (int)($maskInt / 8);
483 if (substr($testBin, 0, $numFullCharactersUntilBoundary) !== substr($baseIPBin, 0, $numFullCharactersUntilBoundary)) {
484 $success = FALSE;
485 } elseif ($maskIntModulo > 0) {
486 // If not an 8-bit-boundary, check bits of last character
487 $testLastBits = str_pad(decbin(ord(substr($testBin, $numFullCharactersUntilBoundary, 1))), 8, '0', STR_PAD_LEFT);
488 $baseIPLastBits = str_pad(decbin(ord(substr($baseIPBin, $numFullCharactersUntilBoundary, 1))), 8, '0', STR_PAD_LEFT);
489 if (strncmp($testLastBits, $baseIPLastBits, $maskIntModulo) != 0) {
490 $success = FALSE;
491 }
492 }
493 }
494 }
495 if ($success) {
496 return TRUE;
497 }
498 }
499 return FALSE;
500 }
501
502 /**
503 * Transform a regular IPv6 address from hex-representation into binary
504 *
505 * @param string $hex IPv6 address in hex-presentation
506 * @return string Binary representation (16 characters, 128 characters)
507 * @see IPv6Bin2Hex()
508 */
509 static public function IPv6Hex2Bin($hex) {
510 return inet_pton($hex);
511 }
512
513 /**
514 * Transform an IPv6 address from binary to hex-representation
515 *
516 * @param string $bin IPv6 address in hex-presentation
517 * @return string Binary representation (16 characters, 128 characters)
518 * @see IPv6Hex2Bin()
519 */
520 static public function IPv6Bin2Hex($bin) {
521 return inet_ntop($bin);
522 }
523
524 /**
525 * Normalize an IPv6 address to full length
526 *
527 * @param string $address Given IPv6 address
528 * @return string Normalized address
529 * @see compressIPv6()
530 */
531 static public function normalizeIPv6($address) {
532 $normalizedAddress = '';
533 $stageOneAddress = '';
534 // According to RFC lowercase-representation is recommended
535 $address = strtolower($address);
536 // Normalized representation has 39 characters (0000:0000:0000:0000:0000:0000:0000:0000)
537 if (strlen($address) == 39) {
538 // Already in full expanded form
539 return $address;
540 }
541 // Count 2 if if address has hidden zero blocks
542 $chunks = explode('::', $address);
543 if (count($chunks) == 2) {
544 $chunksLeft = explode(':', $chunks[0]);
545 $chunksRight = explode(':', $chunks[1]);
546 $left = count($chunksLeft);
547 $right = count($chunksRight);
548 // Special case: leading zero-only blocks count to 1, should be 0
549 if ($left == 1 && strlen($chunksLeft[0]) == 0) {
550 $left = 0;
551 }
552 $hiddenBlocks = 8 - ($left + $right);
553 $hiddenPart = '';
554 $h = 0;
555 while ($h < $hiddenBlocks) {
556 $hiddenPart .= '0000:';
557 $h++;
558 }
559 if ($left == 0) {
560 $stageOneAddress = $hiddenPart . $chunks[1];
561 } else {
562 $stageOneAddress = $chunks[0] . ':' . $hiddenPart . $chunks[1];
563 }
564 } else {
565 $stageOneAddress = $address;
566 }
567 // Normalize the blocks:
568 $blocks = explode(':', $stageOneAddress);
569 $divCounter = 0;
570 foreach ($blocks as $block) {
571 $tmpBlock = '';
572 $i = 0;
573 $hiddenZeros = 4 - strlen($block);
574 while ($i < $hiddenZeros) {
575 $tmpBlock .= '0';
576 $i++;
577 }
578 $normalizedAddress .= $tmpBlock . $block;
579 if ($divCounter < 7) {
580 $normalizedAddress .= ':';
581 $divCounter++;
582 }
583 }
584 return $normalizedAddress;
585 }
586
587 /**
588 * Compress an IPv6 address to the shortest notation
589 *
590 * @param string $address Given IPv6 address
591 * @return string Compressed address
592 * @see normalizeIPv6()
593 */
594 static public function compressIPv6($address) {
595 return inet_ntop(inet_pton($address));
596 }
597
598 /**
599 * Validate a given IP address.
600 *
601 * Possible format are IPv4 and IPv6.
602 *
603 * @param string $ip IP address to be tested
604 * @return boolean TRUE if $ip is either of IPv4 or IPv6 format.
605 */
606 static public function validIP($ip) {
607 return filter_var($ip, FILTER_VALIDATE_IP) !== FALSE;
608 }
609
610 /**
611 * Validate a given IP address to the IPv4 address format.
612 *
613 * Example for possible format: 10.0.45.99
614 *
615 * @param string $ip IP address to be tested
616 * @return boolean TRUE if $ip is of IPv4 format.
617 */
618 static public function validIPv4($ip) {
619 return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== FALSE;
620 }
621
622 /**
623 * Validate a given IP address to the IPv6 address format.
624 *
625 * Example for possible format: 43FB::BB3F:A0A0:0 | ::1
626 *
627 * @param string $ip IP address to be tested
628 * @return boolean TRUE if $ip is of IPv6 format.
629 */
630 static public function validIPv6($ip) {
631 return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== FALSE;
632 }
633
634 /**
635 * Match fully qualified domain name with list of strings with wildcard
636 *
637 * @param string $baseHost A hostname or an IPv4/IPv6-address (will by reverse-resolved; typically REMOTE_ADDR)
638 * @param string $list A comma-list of domain names to match with. *-wildcard allowed but cannot be part of a string, so it must match the full host name (eg. myhost.*.com => correct, myhost.*domain.com => wrong)
639 * @return boolean TRUE if a domain name mask from $list matches $baseIP
640 */
641 static public function cmpFQDN($baseHost, $list) {
642 $baseHost = trim($baseHost);
643 if (empty($baseHost)) {
644 return FALSE;
645 }
646 if (self::validIPv4($baseHost) || self::validIPv6($baseHost)) {
647 // Resolve hostname
648 // Note: this is reverse-lookup and can be randomly set as soon as somebody is able to set
649 // the reverse-DNS for his IP (security when for example used with REMOTE_ADDR)
650 $baseHostName = gethostbyaddr($baseHost);
651 if ($baseHostName === $baseHost) {
652 // Unable to resolve hostname
653 return FALSE;
654 }
655 } else {
656 $baseHostName = $baseHost;
657 }
658 $baseHostNameParts = explode('.', $baseHostName);
659 $values = self::trimExplode(',', $list, TRUE);
660 foreach ($values as $test) {
661 $hostNameParts = explode('.', $test);
662 // To match hostNameParts can only be shorter (in case of wildcards) or equal
663 if (count($hostNameParts) > count($baseHostNameParts)) {
664 continue;
665 }
666 $yes = TRUE;
667 foreach ($hostNameParts as $index => $val) {
668 $val = trim($val);
669 if ($val === '*') {
670 // Wildcard valid for one or more hostname-parts
671 $wildcardStart = $index + 1;
672 // Wildcard as last/only part always matches, otherwise perform recursive checks
673 if ($wildcardStart < count($hostNameParts)) {
674 $wildcardMatched = FALSE;
675 $tempHostName = implode('.', array_slice($hostNameParts, $index + 1));
676 while ($wildcardStart < count($baseHostNameParts) && !$wildcardMatched) {
677 $tempBaseHostName = implode('.', array_slice($baseHostNameParts, $wildcardStart));
678 $wildcardMatched = self::cmpFQDN($tempBaseHostName, $tempHostName);
679 $wildcardStart++;
680 }
681 if ($wildcardMatched) {
682 // Match found by recursive compare
683 return TRUE;
684 } else {
685 $yes = FALSE;
686 }
687 }
688 } elseif ($baseHostNameParts[$index] !== $val) {
689 // In case of no match
690 $yes = FALSE;
691 }
692 }
693 if ($yes) {
694 return TRUE;
695 }
696 }
697 return FALSE;
698 }
699
700 /**
701 * Checks if a given URL matches the host that currently handles this HTTP request.
702 * Scheme, hostname and (optional) port of the given URL are compared.
703 *
704 * @param string $url URL to compare with the TYPO3 request host
705 * @return boolean Whether the URL matches the TYPO3 request host
706 */
707 static public function isOnCurrentHost($url) {
708 return stripos($url . '/', self::getIndpEnv('TYPO3_REQUEST_HOST') . '/') === 0;
709 }
710
711 /**
712 * Check for item in list
713 * Check if an item exists in a comma-separated list of items.
714 *
715 * @param string $list Comma-separated list of items (string)
716 * @param string $item Item to check for
717 * @return boolean TRUE if $item is in $list
718 */
719 static public function inList($list, $item) {
720 return strpos(',' . $list . ',', ',' . $item . ',') !== FALSE;
721 }
722
723 /**
724 * Removes an item from a comma-separated list of items.
725 *
726 * If $element contains a comma, the behaviour of this method is undefined.
727 * Empty elements in the list are preserved.
728 *
729 * @param string $element Element to remove
730 * @param string $list Comma-separated list of items (string)
731 * @return string New comma-separated list of items
732 */
733 static public function rmFromList($element, $list) {
734 $items = explode(',', $list);
735 foreach ($items as $k => $v) {
736 if ($v == $element) {
737 unset($items[$k]);
738 }
739 }
740 return implode(',', $items);
741 }
742
743 /**
744 * Expand a comma-separated list of integers with ranges (eg 1,3-5,7 becomes 1,3,4,5,7).
745 * Ranges are limited to 1000 values per range.
746 *
747 * @param string $list Comma-separated list of integers with ranges (string)
748 * @return string New comma-separated list of items
749 */
750 static public function expandList($list) {
751 $items = explode(',', $list);
752 $list = array();
753 foreach ($items as $item) {
754 $range = explode('-', $item);
755 if (isset($range[1])) {
756 $runAwayBrake = 1000;
757 for ($n = $range[0]; $n <= $range[1]; $n++) {
758 $list[] = $n;
759 $runAwayBrake--;
760 if ($runAwayBrake <= 0) {
761 break;
762 }
763 }
764 } else {
765 $list[] = $item;
766 }
767 }
768 return implode(',', $list);
769 }
770
771 /**
772 * Returns an integer from a three part version number, eg '4.12.3' -> 4012003
773 *
774 * @param string $verNumberStr Version number on format x.x.x
775 * @return integer Integer version of version number (where each part can count to 999)
776 * @deprecated Use VersionNumberUtility::convertVersionNumberToInteger instead, will be removed after 6.2
777 */
778 static public function int_from_ver($verNumberStr) {
779 self::logDeprecatedFunction();
780 return VersionNumberUtility::convertVersionNumberToInteger($verNumberStr);
781 }
782
783 /**
784 * Returns TRUE if the current TYPO3 version (or compatibility version) is compatible to the input version
785 * Notice that this function compares branches, not versions (4.0.1 would be > 4.0.0 although they use the same compat_version)
786 *
787 * @param string $verNumberStr Minimum branch number required (format x.y / e.g. "4.0" NOT "4.0.0"!)
788 * @return boolean Returns TRUE if this setup is compatible with the provided version number
789 * @todo Still needs a function to convert versions to branches
790 */
791 static public function compat_version($verNumberStr) {
792 $currVersionStr = $GLOBALS['TYPO3_CONF_VARS']['SYS']['compat_version'] ? $GLOBALS['TYPO3_CONF_VARS']['SYS']['compat_version'] : TYPO3_branch;
793 if (\TYPO3\CMS\Core\Utility\VersionNumberUtility::convertVersionNumberToInteger($currVersionStr) < \TYPO3\CMS\Core\Utility\VersionNumberUtility::convertVersionNumberToInteger($verNumberStr)) {
794 return FALSE;
795 } else {
796 return TRUE;
797 }
798 }
799
800 /**
801 * Makes a positive integer hash out of the first 7 chars from the md5 hash of the input
802 *
803 * @param string $str String to md5-hash
804 * @return integer Returns 28bit integer-hash
805 */
806 static public function md5int($str) {
807 return hexdec(substr(md5($str), 0, 7));
808 }
809
810 /**
811 * Returns the first 10 positions of the MD5-hash (changed from 6 to 10 recently)
812 *
813 * @param string $input Input string to be md5-hashed
814 * @param integer $len The string-length of the output
815 * @return string Substring of the resulting md5-hash, being $len chars long (from beginning)
816 */
817 static public function shortMD5($input, $len = 10) {
818 return substr(md5($input), 0, $len);
819 }
820
821 /**
822 * Returns a proper HMAC on a given input string and secret TYPO3 encryption key.
823 *
824 * @param string $input Input string to create HMAC from
825 * @param string $additionalSecret additionalSecret to prevent hmac beeing used in a different context
826 * @return string resulting (hexadecimal) HMAC currently with a length of 40 (HMAC-SHA-1)
827 */
828 static public function hmac($input, $additionalSecret = '') {
829 $hashAlgorithm = 'sha1';
830 $hashBlocksize = 64;
831 $hmac = '';
832 $secret = $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . $additionalSecret;
833 if (extension_loaded('hash') && function_exists('hash_hmac') && function_exists('hash_algos') && in_array($hashAlgorithm, hash_algos())) {
834 $hmac = hash_hmac($hashAlgorithm, $input, $secret);
835 } else {
836 // Outer padding
837 $opad = str_repeat(chr(92), $hashBlocksize);
838 // Inner padding
839 $ipad = str_repeat(chr(54), $hashBlocksize);
840 if (strlen($secret) > $hashBlocksize) {
841 // Keys longer than block size are shorten
842 $key = str_pad(pack('H*', call_user_func($hashAlgorithm, $secret)), $hashBlocksize, chr(0));
843 } else {
844 // Keys shorter than block size are zero-padded
845 $key = str_pad($secret, $hashBlocksize, chr(0));
846 }
847 $hmac = call_user_func($hashAlgorithm, ($key ^ $opad) . pack('H*', call_user_func($hashAlgorithm, (($key ^ $ipad) . $input))));
848 }
849 return $hmac;
850 }
851
852 /**
853 * Takes comma-separated lists and arrays and removes all duplicates
854 * If a value in the list is trim(empty), the value is ignored.
855 *
856 * @param string $in_list Accept multiple parameters which can be comma-separated lists of values and arrays.
857 * @param mixed $secondParameter Dummy field, which if set will show a warning!
858 * @return string Returns the list without any duplicates of values, space around values are trimmed
859 */
860 static public function uniqueList($in_list, $secondParameter = NULL) {
861 if (is_array($in_list)) {
862 throw new \InvalidArgumentException('TYPO3 Fatal Error: TYPO3\\CMS\\Core\\Utility\\GeneralUtility::uniqueList() does NOT support array arguments anymore! Only string comma lists!', 1270853885);
863 }
864 if (isset($secondParameter)) {
865 throw new \InvalidArgumentException('TYPO3 Fatal Error: TYPO3\\CMS\\Core\\Utility\\GeneralUtility::uniqueList() does NOT support more than a single argument value anymore. You have specified more than one!', 1270853886);
866 }
867 return implode(',', array_unique(self::trimExplode(',', $in_list, TRUE)));
868 }
869
870 /**
871 * Splits a reference to a file in 5 parts
872 *
873 * @param string $fileNameWithPath File name with path to be analysed (must exist if open_basedir is set)
874 * @return array Contains keys [path], [file], [filebody], [fileext], [realFileext]
875 */
876 static public function split_fileref($fileNameWithPath) {
877 $reg = array();
878 if (preg_match('/(.*\\/)(.*)$/', $fileNameWithPath, $reg)) {
879 $info['path'] = $reg[1];
880 $info['file'] = $reg[2];
881 } else {
882 $info['path'] = '';
883 $info['file'] = $fileNameWithPath;
884 }
885 $reg = '';
886 // If open_basedir is set and the fileName was supplied without a path the is_dir check fails
887 if (!is_dir($fileNameWithPath) && preg_match('/(.*)\\.([^\\.]*$)/', $info['file'], $reg)) {
888 $info['filebody'] = $reg[1];
889 $info['fileext'] = strtolower($reg[2]);
890 $info['realFileext'] = $reg[2];
891 } else {
892 $info['filebody'] = $info['file'];
893 $info['fileext'] = '';
894 }
895 reset($info);
896 return $info;
897 }
898
899 /**
900 * Returns the directory part of a path without trailing slash
901 * If there is no dir-part, then an empty string is returned.
902 * Behaviour:
903 *
904 * '/dir1/dir2/script.php' => '/dir1/dir2'
905 * '/dir1/' => '/dir1'
906 * 'dir1/script.php' => 'dir1'
907 * 'd/script.php' => 'd'
908 * '/script.php' => ''
909 * '' => ''
910 *
911 * @param string $path Directory name / path
912 * @return string Processed input value. See function description.
913 */
914 static public function dirname($path) {
915 $p = self::revExplode('/', $path, 2);
916 return count($p) == 2 ? $p[0] : '';
917 }
918
919 /**
920 * Modifies a HTML Hex color by adding/subtracting $R,$G and $B integers
921 *
922 * @param string $color A hexadecimal color code, #xxxxxx
923 * @param integer $R Offset value 0-255
924 * @param integer $G Offset value 0-255
925 * @param integer $B Offset value 0-255
926 * @return string A hexadecimal color code, #xxxxxx, modified according to input vars
927 * @see modifyHTMLColorAll()
928 */
929 static public function modifyHTMLColor($color, $R, $G, $B) {
930 // This takes a hex-color (# included!) and adds $R, $G and $B to the HTML-color (format: #xxxxxx) and returns the new color
931 $nR = \TYPO3\CMS\Core\Utility\MathUtility::forceIntegerInRange(hexdec(substr($color, 1, 2)) + $R, 0, 255);
932 $nG = \TYPO3\CMS\Core\Utility\MathUtility::forceIntegerInRange(hexdec(substr($color, 3, 2)) + $G, 0, 255);
933 $nB = \TYPO3\CMS\Core\Utility\MathUtility::forceIntegerInRange(hexdec(substr($color, 5, 2)) + $B, 0, 255);
934 return '#' . substr(('0' . dechex($nR)), -2) . substr(('0' . dechex($nG)), -2) . substr(('0' . dechex($nB)), -2);
935 }
936
937 /**
938 * Modifies a HTML Hex color by adding/subtracting $all integer from all R/G/B channels
939 *
940 * @param string $color A hexadecimal color code, #xxxxxx
941 * @param integer $all Offset value 0-255 for all three channels.
942 * @return string A hexadecimal color code, #xxxxxx, modified according to input vars
943 * @see modifyHTMLColor()
944 */
945 static public function modifyHTMLColorAll($color, $all) {
946 return self::modifyHTMLColor($color, $all, $all, $all);
947 }
948
949 /**
950 * Returns TRUE if the first part of $str matches the string $partStr
951 *
952 * @param string $str Full string to check
953 * @param string $partStr Reference string which must be found as the "first part" of the full string
954 * @return boolean TRUE if $partStr was found to be equal to the first part of $str
955 */
956 static public function isFirstPartOfStr($str, $partStr) {
957 return $partStr != '' && strpos((string) $str, (string) $partStr, 0) === 0;
958 }
959
960 /**
961 * Formats the input integer $sizeInBytes as bytes/kilobytes/megabytes (-/K/M)
962 *
963 * @param integer $sizeInBytes Number of bytes to format.
964 * @param string $labels Labels for bytes, kilo, mega and giga separated by vertical bar (|) and possibly encapsulated in "". Eg: " | K| M| G" (which is the default value)
965 * @return string Formatted representation of the byte number, for output.
966 */
967 static public function formatSize($sizeInBytes, $labels = '') {
968 // Set labels:
969 if (strlen($labels) == 0) {
970 $labels = ' | K| M| G';
971 } else {
972 $labels = str_replace('"', '', $labels);
973 }
974 $labelArr = explode('|', $labels);
975 // Find size:
976 if ($sizeInBytes > 900) {
977 // GB
978 if ($sizeInBytes > 900000000) {
979 $val = $sizeInBytes / (1024 * 1024 * 1024);
980 return number_format($val, ($val < 20 ? 1 : 0), '.', '') . $labelArr[3];
981 } elseif ($sizeInBytes > 900000) {
982 // MB
983 $val = $sizeInBytes / (1024 * 1024);
984 return number_format($val, ($val < 20 ? 1 : 0), '.', '') . $labelArr[2];
985 } else {
986 // KB
987 $val = $sizeInBytes / 1024;
988 return number_format($val, ($val < 20 ? 1 : 0), '.', '') . $labelArr[1];
989 }
990 } else {
991 // Bytes
992 return $sizeInBytes . $labelArr[0];
993 }
994 }
995
996 /**
997 * Returns microtime input to milliseconds
998 *
999 * @param string $microtime Microtime
1000 * @return integer Microtime input string converted to an integer (milliseconds)
1001 */
1002 static public function convertMicrotime($microtime) {
1003 $parts = explode(' ', $microtime);
1004 return round(($parts[0] + $parts[1]) * 1000);
1005 }
1006
1007 /**
1008 * This splits a string by the chars in $operators (typical /+-*) and returns an array with them in
1009 *
1010 * @param string $string Input string, eg "123 + 456 / 789 - 4
1011 * @param string $operators Operators to split by, typically "/+-*
1012 * @return array Array with operators and operands separated.
1013 * @see \TYPO3\CMS\Frontend\ContentObject\ContentObjectRenderer::calc(), \TYPO3\CMS\Frontend\Imaging\GifBuilder::calcOffset()
1014 */
1015 static public function splitCalc($string, $operators) {
1016 $res = array();
1017 $sign = '+';
1018 while ($string) {
1019 $valueLen = strcspn($string, $operators);
1020 $value = substr($string, 0, $valueLen);
1021 $res[] = array($sign, trim($value));
1022 $sign = substr($string, $valueLen, 1);
1023 $string = substr($string, $valueLen + 1);
1024 }
1025 reset($res);
1026 return $res;
1027 }
1028
1029 /**
1030 * Inverse version of htmlspecialchars()
1031 *
1032 * @deprecated since 6.2 replaced by php native htmlspecialchars_decode()
1033 *
1034 * @param string $value Value where &gt;, &lt;, &quot; and &amp; should be converted to regular chars.
1035 * @return string Converted result.
1036 */
1037 static public function htmlspecialchars_decode($value) {
1038 self::logDeprecatedFunction();
1039 return htmlspecialchars_decode($value);
1040 }
1041
1042 /**
1043 * Re-converts HTML entities if they have been converted by htmlspecialchars()
1044 * Note: Use htmlspecialchars($str, ENT_COMPAT, 'UTF-8', FALSE) to avoid double encoding.
1045 * This makes the call to this method obsolete.
1046 *
1047 * @param string $str String which contains eg. "&amp;amp;" which should stay "&amp;". Or "&amp;#1234;" to "&#1234;". Or "&amp;#x1b;" to "&#x1b;
1048 * @return string Converted result.
1049 *
1050 */
1051 static public function deHSCentities($str) {
1052 return preg_replace('/&amp;([#[:alnum:]]*;)/', '&\\1', $str);
1053 }
1054
1055 /**
1056 * This function is used to escape any ' -characters when transferring text to JavaScript!
1057 *
1058 * @param string $string String to escape
1059 * @param boolean $extended If set, also backslashes are escaped.
1060 * @param string $char The character to escape, default is ' (single-quote)
1061 * @return string Processed input string
1062 */
1063 static public function slashJS($string, $extended = FALSE, $char = '\'') {
1064 if ($extended) {
1065 $string = str_replace('\\', '\\\\', $string);
1066 }
1067 return str_replace($char, '\\' . $char, $string);
1068 }
1069
1070 /**
1071 * Version of rawurlencode() where all spaces (%20) are re-converted to space-characters.
1072 * Useful when passing text to JavaScript where you simply url-encode it to get around problems with syntax-errors, linebreaks etc.
1073 *
1074 * @param string $str String to raw-url-encode with spaces preserved
1075 * @return string Rawurlencoded result of input string, but with all %20 (space chars) converted to real spaces.
1076 */
1077 static public function rawUrlEncodeJS($str) {
1078 return str_replace('%20', ' ', rawurlencode($str));
1079 }
1080
1081 /**
1082 * rawurlencode which preserves "/" chars
1083 * Useful when file paths should keep the "/" chars, but have all other special chars encoded.
1084 *
1085 * @param string $str Input string
1086 * @return string Output string
1087 */
1088 static public function rawUrlEncodeFP($str) {
1089 return str_replace('%2F', '/', rawurlencode($str));
1090 }
1091
1092 /**
1093 * Checking syntax of input email address
1094 *
1095 * http://tools.ietf.org/html/rfc3696
1096 * International characters are allowed in email. So the whole address needs
1097 * to be converted to punicode before passing it to filter_var(). We convert
1098 * the user- and domain part separately to increase the chance of hitting an
1099 * entry in self::$idnaStringCache.
1100 *
1101 * Also the @ sign may appear multiple times in an address. If not used as
1102 * a boundary marker between the user- and domain part, it must be escaped
1103 * with a backslash: \@. This mean we can not just explode on the @ sign and
1104 * expect to get just two parts. So we pop off the domain and then glue the
1105 * rest together again.
1106 *
1107 * @param string $email Input string to evaluate
1108 * @return boolean Returns TRUE if the $email address (input string) is valid
1109 */
1110 static public function validEmail($email) {
1111 // Early return in case input is not a string
1112 if (!is_string($email)) {
1113 return FALSE;
1114 }
1115 $atPosition = strrpos($email, '@');
1116 if (!$atPosition || $atPosition + 1 === strlen($email)) {
1117 // Return if no @ found or it is placed at the very beginning or end of the email
1118 return FALSE;
1119 }
1120 $domain = substr($email, $atPosition + 1);
1121 $user = substr($email, 0, $atPosition);
1122 if (!preg_match('/^[a-z0-9.\\-]*$/i', $domain)) {
1123 $domain = self::idnaEncode($domain);
1124 }
1125 return filter_var($user . '@' . $domain, FILTER_VALIDATE_EMAIL) !== FALSE;
1126 }
1127
1128 /**
1129 * Checks if current e-mail sending method does not accept recipient/sender name
1130 * in a call to PHP mail() function. Windows version of mail() and mini_sendmail
1131 * program are known not to process such input correctly and they cause SMTP
1132 * errors. This function will return TRUE if current mail sending method has
1133 * problem with recipient name in recipient/sender argument for mail().
1134 *
1135 * TODO: 4.3 should have additional configuration variable, which is combined
1136 * by || with the rest in this function.
1137 *
1138 * @return boolean TRUE if mail() does not accept recipient name
1139 */
1140 static public function isBrokenEmailEnvironment() {
1141 return TYPO3_OS == 'WIN' || FALSE !== strpos(ini_get('sendmail_path'), 'mini_sendmail');
1142 }
1143
1144 /**
1145 * Changes from/to arguments for mail() function to work in any environment.
1146 *
1147 * @param string $address Address to adjust
1148 * @return string Adjusted address
1149 */
1150 static public function normalizeMailAddress($address) {
1151 if (self::isBrokenEmailEnvironment() && FALSE !== ($pos1 = strrpos($address, '<'))) {
1152 $pos2 = strpos($address, '>', $pos1);
1153 $address = substr($address, $pos1 + 1, ($pos2 ? $pos2 : strlen($address)) - $pos1 - 1);
1154 }
1155 return $address;
1156 }
1157
1158 /**
1159 * Formats a string for output between <textarea>-tags
1160 * All content outputted in a textarea form should be passed through this function
1161 * Not only is the content htmlspecialchar'ed on output but there is also a single newline added in the top. The newline is necessary because browsers will ignore the first newline after <textarea> if that is the first character. Therefore better set it!
1162 *
1163 * @param string $content Input string to be formatted.
1164 * @return string Formatted for <textarea>-tags
1165 */
1166 static public function formatForTextarea($content) {
1167 return LF . htmlspecialchars($content);
1168 }
1169
1170 /**
1171 * Converts string to uppercase
1172 * The function converts all Latin characters (a-z, but no accents, etc) to
1173 * uppercase. It is safe for all supported character sets (incl. utf-8).
1174 * Unlike strtoupper() it does not honour the locale.
1175 *
1176 * @param string $str Input string
1177 * @return string Uppercase String
1178 */
1179 static public function strtoupper($str) {
1180 return strtr((string) $str, 'abcdefghijklmnopqrstuvwxyz', 'ABCDEFGHIJKLMNOPQRSTUVWXYZ');
1181 }
1182
1183 /**
1184 * Converts string to lowercase
1185 * The function converts all Latin characters (A-Z, but no accents, etc) to
1186 * lowercase. It is safe for all supported character sets (incl. utf-8).
1187 * Unlike strtolower() it does not honour the locale.
1188 *
1189 * @param string $str Input string
1190 * @return string Lowercase String
1191 */
1192 static public function strtolower($str) {
1193 return strtr((string) $str, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
1194 }
1195
1196 /**
1197 * Returns a string of highly randomized bytes (over the full 8-bit range).
1198 *
1199 * Note: Returned values are not guaranteed to be crypto-safe,
1200 * most likely they are not, depending on the used retrieval method.
1201 *
1202 * @param integer $bytesToReturn Number of characters (bytes) to return
1203 * @return string Random Bytes
1204 * @see http://bugs.php.net/bug.php?id=52523
1205 * @see http://www.php-security.org/2010/05/09/mops-submission-04-generating-unpredictable-session-ids-and-hashes/index.html
1206 */
1207 static public function generateRandomBytes($bytesToReturn) {
1208 // Cache 4k of the generated bytestream.
1209 static $bytes = '';
1210 $bytesToGenerate = max(4096, $bytesToReturn);
1211 // if we have not enough random bytes cached, we generate new ones
1212 if (!isset($bytes[($bytesToReturn - 1)])) {
1213 if (TYPO3_OS === 'WIN') {
1214 // Openssl seems to be deadly slow on Windows, so try to use mcrypt
1215 $bytes .= self::generateRandomBytesMcrypt($bytesToGenerate);
1216 } else {
1217 // Try to use native PHP functions first, precedence has openssl
1218 $bytes .= self::generateRandomBytesOpenSsl($bytesToGenerate);
1219 if (!isset($bytes[($bytesToReturn - 1)])) {
1220 $bytes .= self::generateRandomBytesMcrypt($bytesToGenerate);
1221 }
1222 // If openssl and mcrypt failed, try /dev/urandom
1223 if (!isset($bytes[($bytesToReturn - 1)])) {
1224 $bytes .= self::generateRandomBytesUrandom($bytesToGenerate);
1225 }
1226 }
1227 // Fall back if other random byte generation failed until now
1228 if (!isset($bytes[($bytesToReturn - 1)])) {
1229 $bytes .= self::generateRandomBytesFallback($bytesToReturn);
1230 }
1231 }
1232 // get first $bytesToReturn and remove it from the byte cache
1233 $output = substr($bytes, 0, $bytesToReturn);
1234 $bytes = substr($bytes, $bytesToReturn);
1235 return $output;
1236 }
1237
1238 /**
1239 * Generate random bytes using openssl if available
1240 *
1241 * @param string $bytesToGenerate
1242 * @return string
1243 */
1244 static protected function generateRandomBytesOpenSsl($bytesToGenerate) {
1245 if (!function_exists('openssl_random_pseudo_bytes')) {
1246 return '';
1247 }
1248 $isStrong = NULL;
1249 return (string) openssl_random_pseudo_bytes($bytesToGenerate, $isStrong);
1250 }
1251
1252 /**
1253 * Generate random bytes using mcrypt if available
1254 *
1255 * @param $bytesToGenerate
1256 * @return string
1257 */
1258 static protected function generateRandomBytesMcrypt($bytesToGenerate) {
1259 if (!function_exists('mcrypt_create_iv')) {
1260 return '';
1261 }
1262 return (string)(@mcrypt_create_iv($bytesToGenerate, MCRYPT_DEV_URANDOM));
1263 }
1264
1265 /**
1266 * Read random bytes from /dev/urandom if it is accessible
1267 *
1268 * @param $bytesToGenerate
1269 * @return string
1270 */
1271 static protected function generateRandomBytesUrandom($bytesToGenerate) {
1272 $bytes = '';
1273 $fh = @fopen('/dev/urandom', 'rb');
1274 if ($fh) {
1275 // PHP only performs buffered reads, so in reality it will always read
1276 // at least 4096 bytes. Thus, it costs nothing extra to read and store
1277 // that much so as to speed any additional invocations.
1278 $bytes = fread($fh, $bytesToGenerate);
1279 fclose($fh);
1280 }
1281 return $bytes;
1282 }
1283
1284 /**
1285 * Generate pseudo random bytes as last resort
1286 *
1287 * @param $bytesToReturn
1288 * @return string
1289 */
1290 static protected function generateRandomBytesFallback($bytesToReturn) {
1291 $bytes = '';
1292 // We initialize with somewhat random.
1293 $randomState = $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . base_convert(memory_get_usage() % pow(10, 6), 10, 2) . microtime() . uniqid('', TRUE) . getmypid();
1294 while (!isset($bytes[($bytesToReturn - 1)])) {
1295 $randomState = sha1(microtime() . mt_rand() . $randomState);
1296 $bytes .= sha1(mt_rand() . $randomState, TRUE);
1297 }
1298 return $bytes;
1299 }
1300
1301 /**
1302 * Returns an ASCII string (punicode) representation of $value
1303 *
1304 * @param string $value
1305 * @return string An ASCII encoded (punicode) string
1306 */
1307 static public function idnaEncode($value) {
1308 if (isset(self::$idnaStringCache[$value])) {
1309 return self::$idnaStringCache[$value];
1310 } else {
1311 if (!self::$idnaConverter) {
1312 require_once PATH_typo3 . 'contrib/idna/idna_convert.class.php';
1313 self::$idnaConverter = new \idna_convert(array('idn_version' => 2008));
1314 }
1315 self::$idnaStringCache[$value] = self::$idnaConverter->encode($value);
1316 return self::$idnaStringCache[$value];
1317 }
1318 }
1319
1320 /**
1321 * Returns a hex representation of a random byte string.
1322 *
1323 * @param integer $count Number of hex characters to return
1324 * @return string Random Bytes
1325 */
1326 static public function getRandomHexString($count) {
1327 return substr(bin2hex(self::generateRandomBytes((int)(($count + 1) / 2))), 0, $count);
1328 }
1329
1330 /**
1331 * Returns a given string with underscores as UpperCamelCase.
1332 * Example: Converts blog_example to BlogExample
1333 *
1334 * @param string $string String to be converted to camel case
1335 * @return string UpperCamelCasedWord
1336 */
1337 static public function underscoredToUpperCamelCase($string) {
1338 $upperCamelCase = str_replace(' ', '', ucwords(str_replace('_', ' ', self::strtolower($string))));
1339 return $upperCamelCase;
1340 }
1341
1342 /**
1343 * Returns a given string with underscores as lowerCamelCase.
1344 * Example: Converts minimal_value to minimalValue
1345 *
1346 * @param string $string String to be converted to camel case
1347 * @return string lowerCamelCasedWord
1348 */
1349 static public function underscoredToLowerCamelCase($string) {
1350 $upperCamelCase = str_replace(' ', '', ucwords(str_replace('_', ' ', self::strtolower($string))));
1351 $lowerCamelCase = self::lcfirst($upperCamelCase);
1352 return $lowerCamelCase;
1353 }
1354
1355 /**
1356 * Returns a given CamelCasedString as an lowercase string with underscores.
1357 * Example: Converts BlogExample to blog_example, and minimalValue to minimal_value
1358 *
1359 * @param string $string String to be converted to lowercase underscore
1360 * @return string lowercase_and_underscored_string
1361 */
1362 static public function camelCaseToLowerCaseUnderscored($string) {
1363 return self::strtolower(preg_replace('/(?<=\\w)([A-Z])/', '_\\1', $string));
1364 }
1365
1366 /**
1367 * Converts the first char of a string to lowercase if it is a latin character (A-Z).
1368 * Example: Converts "Hello World" to "hello World"
1369 *
1370 * @param string $string The string to be used to lowercase the first character
1371 * @return string The string with the first character as lowercase
1372 */
1373 static public function lcfirst($string) {
1374 return self::strtolower($string[0]) . substr($string, 1);
1375 }
1376
1377 /**
1378 * Checks if a given string is a Uniform Resource Locator (URL).
1379 *
1380 * On seriously malformed URLs, parse_url may return FALSE and emit an
1381 * E_WARNING.
1382 *
1383 * filter_var() requires a scheme to be present.
1384 *
1385 * http://www.faqs.org/rfcs/rfc2396.html
1386 * Scheme names consist of a sequence of characters beginning with a
1387 * lower case letter and followed by any combination of lower case letters,
1388 * digits, plus ("+"), period ("."), or hyphen ("-"). For resiliency,
1389 * programs interpreting URI should treat upper case letters as equivalent to
1390 * lower case in scheme names (e.g., allow "HTTP" as well as "http").
1391 * scheme = alpha *( alpha | digit | "+" | "-" | "." )
1392 *
1393 * Convert the domain part to punicode if it does not look like a regular
1394 * domain name. Only the domain part because RFC3986 specifies the the rest of
1395 * the url may not contain special characters:
1396 * http://tools.ietf.org/html/rfc3986#appendix-A
1397 *
1398 * @param string $url The URL to be validated
1399 * @return boolean Whether the given URL is valid
1400 */
1401 static public function isValidUrl($url) {
1402 $parsedUrl = parse_url($url);
1403 if (!$parsedUrl || !isset($parsedUrl['scheme'])) {
1404 return FALSE;
1405 }
1406 // HttpUtility::buildUrl() will always build urls with <scheme>://
1407 // our original $url might only contain <scheme>: (e.g. mail:)
1408 // so we convert that to the double-slashed version to ensure
1409 // our check against the $recomposedUrl is proper
1410 if (!self::isFirstPartOfStr($url, $parsedUrl['scheme'] . '://')) {
1411 $url = str_replace($parsedUrl['scheme'] . ':', $parsedUrl['scheme'] . '://', $url);
1412 }
1413 $recomposedUrl = HttpUtility::buildUrl($parsedUrl);
1414 if ($recomposedUrl !== $url) {
1415 // The parse_url() had to modify characters, so the URL is invalid
1416 return FALSE;
1417 }
1418 if (isset($parsedUrl['host']) && !preg_match('/^[a-z0-9.\\-]*$/i', $parsedUrl['host'])) {
1419 $parsedUrl['host'] = self::idnaEncode($parsedUrl['host']);
1420 }
1421 return filter_var(HttpUtility::buildUrl($parsedUrl), FILTER_VALIDATE_URL) !== FALSE;
1422 }
1423
1424 /*************************
1425 *
1426 * ARRAY FUNCTIONS
1427 *
1428 *************************/
1429 /**
1430 * Check if an string item exists in an array.
1431 * Please note that the order of function parameters is reverse compared to the PHP function in_array()!!!
1432 *
1433 * Comparison to PHP in_array():
1434 * -> $array = array(0, 1, 2, 3);
1435 * -> variant_a := \TYPO3\CMS\Core\Utility\GeneralUtility::inArray($array, $needle)
1436 * -> variant_b := in_array($needle, $array)
1437 * -> variant_c := in_array($needle, $array, TRUE)
1438 * +---------+-----------+-----------+-----------+
1439 * | $needle | variant_a | variant_b | variant_c |
1440 * +---------+-----------+-----------+-----------+
1441 * | '1a' | FALSE | TRUE | FALSE |
1442 * | '' | FALSE | TRUE | FALSE |
1443 * | '0' | TRUE | TRUE | FALSE |
1444 * | 0 | TRUE | TRUE | TRUE |
1445 * +---------+-----------+-----------+-----------+
1446 *
1447 * @param array $in_array One-dimensional array of items
1448 * @param string $item Item to check for
1449 * @return boolean TRUE if $item is in the one-dimensional array $in_array
1450 */
1451 static public function inArray(array $in_array, $item) {
1452 foreach ($in_array as $val) {
1453 if (!is_array($val) && (string)$val === (string)$item) {
1454 return TRUE;
1455 }
1456 }
1457 return FALSE;
1458 }
1459
1460 /**
1461 * Explodes a $string delimited by $delim and casts each item in the array to (int).
1462 * Corresponds to \TYPO3\CMS\Core\Utility\GeneralUtility::trimExplode(), but with conversion to integers for all values.
1463 *
1464 * @param string $delimiter Delimiter string to explode with
1465 * @param string $string The string to explode
1466 * @param boolean $removeEmptyValues If set, all empty values (='') will NOT be set in output
1467 * @param integer $limit If positive, the result will contain a maximum of limit elements,
1468 * @return array Exploded values, all converted to integers
1469 */
1470 static public function intExplode($delimiter, $string, $removeEmptyValues = FALSE, $limit = 0) {
1471 $result = explode($delimiter, $string);
1472 foreach ($result as $key => &$value) {
1473 if ($removeEmptyValues && ($value === '' || trim($value) === '')) {
1474 unset($result[$key]);
1475 } else {
1476 $value = (int)$value;
1477 }
1478 }
1479 unset($value);
1480 if ($limit !== 0) {
1481 if ($limit < 0) {
1482 $result = array_slice($result, 0, $limit);
1483 } elseif (count($result) > $limit) {
1484 $lastElements = array_slice($result, $limit - 1);
1485 $result = array_slice($result, 0, $limit - 1);
1486 $result[] = implode($delimiter, $lastElements);
1487 }
1488 }
1489 return $result;
1490 }
1491
1492 /**
1493 * Reverse explode which explodes the string counting from behind.
1494 *
1495 * Note: The delimiter has to given in the reverse order as
1496 * it is occurring within the string.
1497 *
1498 * GeneralUtility::revExplode('[]', '[my][words][here]', 2)
1499 * ==> array('[my][words', 'here]')
1500 *
1501 * @param string $delimiter Delimiter string to explode with
1502 * @param string $string The string to explode
1503 * @param integer $count Number of array entries
1504 * @return array Exploded values
1505 */
1506 static public function revExplode($delimiter, $string, $count = 0) {
1507 // 2 is the (currently, as of 2014-02) most-used value for $count in the core, therefore we check it first
1508 if ($count === 2) {
1509 $position = strrpos($string, strrev($delimiter));
1510 if ($position !== FALSE) {
1511 return array(substr($string, 0, $position), substr($string, $position + strlen($delimiter)));
1512 } else {
1513 return array($string);
1514 }
1515 } elseif ($count <= 1) {
1516 return array($string);
1517 } else {
1518 $explodedValues = explode($delimiter, strrev($string), $count);
1519 $explodedValues = array_map('strrev', $explodedValues);
1520 return array_reverse($explodedValues);
1521 }
1522 }
1523
1524 /**
1525 * Explodes a string and trims all values for whitespace in the end.
1526 * If $onlyNonEmptyValues is set, then all blank ('') values are removed.
1527 *
1528 * @param string $delim Delimiter string to explode with
1529 * @param string $string The string to explode
1530 * @param bool $removeEmptyValues If set, all empty values will be removed in output
1531 * @param int $limit If limit is set and positive, the returned array will contain a maximum of limit elements with
1532 * the last element containing the rest of string. If the limit parameter is negative, all components
1533 * except the last -limit are returned.
1534 * @return array Exploded values
1535 */
1536 static public function trimExplode($delim, $string, $removeEmptyValues = FALSE, $limit = 0) {
1537 $result = explode($delim, $string);
1538 if ($removeEmptyValues) {
1539 $temp = array();
1540 foreach ($result as $value) {
1541 if (trim($value) !== '') {
1542 $temp[] = $value;
1543 }
1544 }
1545 $result = $temp;
1546 }
1547 if ($limit > 0 && count($result) > $limit) {
1548 $lastElements = array_slice($result, $limit - 1);
1549 $result = array_slice($result, 0, $limit - 1);
1550 $result[] = implode($delim, $lastElements);
1551 } elseif ($limit < 0) {
1552 $result = array_slice($result, 0, $limit);
1553 }
1554 $result = array_map('trim', $result);
1555 return $result;
1556 }
1557
1558 /**
1559 * Removes the value $cmpValue from the $array if found there. Returns the modified array
1560 *
1561 * @param array $array Array containing the values
1562 * @param string $cmpValue Value to search for and if found remove array entry where found.
1563 * @return array Output array with entries removed if search string is found
1564 */
1565 static public function removeArrayEntryByValue(array $array, $cmpValue) {
1566 foreach ($array as $k => $v) {
1567 if (is_array($v)) {
1568 $array[$k] = self::removeArrayEntryByValue($v, $cmpValue);
1569 } elseif ((string)$v === (string)$cmpValue) {
1570 unset($array[$k]);
1571 }
1572 }
1573 return $array;
1574 }
1575
1576 /**
1577 * Filters an array to reduce its elements to match the condition.
1578 * The values in $keepItems can be optionally evaluated by a custom callback function.
1579 *
1580 * Example (arguments used to call this function):
1581 * $array = array(
1582 * array('aa' => array('first', 'second'),
1583 * array('bb' => array('third', 'fourth'),
1584 * array('cc' => array('fifth', 'sixth'),
1585 * );
1586 * $keepItems = array('third');
1587 * $getValueFunc = create_function('$value', 'return $value[0];');
1588 *
1589 * Returns:
1590 * array(
1591 * array('bb' => array('third', 'fourth'),
1592 * )
1593 *
1594 * @param array $array The initial array to be filtered/reduced
1595 * @param mixed $keepItems The items which are allowed/kept in the array - accepts array or csv string
1596 * @param string $getValueFunc (optional) Callback function used to get the value to keep
1597 * @return array The filtered/reduced array with the kept items
1598 */
1599 static public function keepItemsInArray(array $array, $keepItems, $getValueFunc = NULL) {
1600 if ($array) {
1601 // Convert strings to arrays:
1602 if (is_string($keepItems)) {
1603 $keepItems = self::trimExplode(',', $keepItems);
1604 }
1605 // Check if valueFunc can be executed:
1606 if (!is_callable($getValueFunc)) {
1607 $getValueFunc = NULL;
1608 }
1609 // Do the filtering:
1610 if (is_array($keepItems) && count($keepItems)) {
1611 foreach ($array as $key => $value) {
1612 // Get the value to compare by using the callback function:
1613 $keepValue = isset($getValueFunc) ? call_user_func($getValueFunc, $value) : $value;
1614 if (!in_array($keepValue, $keepItems)) {
1615 unset($array[$key]);
1616 }
1617 }
1618 }
1619 }
1620 return $array;
1621 }
1622
1623 /**
1624 * Implodes a multidim-array into GET-parameters (eg. &param[key][key2]=value2&param[key][key3]=value3)
1625 *
1626 * @param string $name Name prefix for entries. Set to blank if you wish none.
1627 * @param array $theArray The (multidimensional) array to implode
1628 * @param string $str (keep blank)
1629 * @param boolean $skipBlank If set, parameters which were blank strings would be removed.
1630 * @param boolean $rawurlencodeParamName If set, the param name itself (for example "param[key][key2]") would be rawurlencoded as well.
1631 * @return string Imploded result, fx. &param[key][key2]=value2&param[key][key3]=value3
1632 * @see explodeUrl2Array()
1633 */
1634 static public function implodeArrayForUrl($name, array $theArray, $str = '', $skipBlank = FALSE, $rawurlencodeParamName = FALSE) {
1635 foreach ($theArray as $Akey => $AVal) {
1636 $thisKeyName = $name ? $name . '[' . $Akey . ']' : $Akey;
1637 if (is_array($AVal)) {
1638 $str = self::implodeArrayForUrl($thisKeyName, $AVal, $str, $skipBlank, $rawurlencodeParamName);
1639 } else {
1640 if (!$skipBlank || (string)$AVal !== '') {
1641 $str .= '&' . ($rawurlencodeParamName ? rawurlencode($thisKeyName) : $thisKeyName) . '=' . rawurlencode($AVal);
1642 }
1643 }
1644 }
1645 return $str;
1646 }
1647
1648 /**
1649 * Explodes a string with GETvars (eg. "&id=1&type=2&ext[mykey]=3") into an array
1650 *
1651 * @param string $string GETvars string
1652 * @param boolean $multidim If set, the string will be parsed into a multidimensional array if square brackets are used in variable names (using PHP function parse_str())
1653 * @return array Array of values. All values AND keys are rawurldecoded() as they properly should be. But this means that any implosion of the array again must rawurlencode it!
1654 * @see implodeArrayForUrl()
1655 */
1656 static public function explodeUrl2Array($string, $multidim = FALSE) {
1657 $output = array();
1658 if ($multidim) {
1659 parse_str($string, $output);
1660 } else {
1661 $p = explode('&', $string);
1662 foreach ($p as $v) {
1663 if (strlen($v)) {
1664 list($pK, $pV) = explode('=', $v, 2);
1665 $output[rawurldecode($pK)] = rawurldecode($pV);
1666 }
1667 }
1668 }
1669 return $output;
1670 }
1671
1672 /**
1673 * Returns an array with selected keys from incoming data.
1674 * (Better read source code if you want to find out...)
1675 *
1676 * @param string $varList List of variable/key names
1677 * @param array $getArray Array from where to get values based on the keys in $varList
1678 * @param boolean $GPvarAlt If set, then \TYPO3\CMS\Core\Utility\GeneralUtility::_GP() is used to fetch the value if not found (isset) in the $getArray
1679 * @return array Output array with selected variables.
1680 */
1681 static public function compileSelectedGetVarsFromArray($varList, array $getArray, $GPvarAlt = TRUE) {
1682 $keys = self::trimExplode(',', $varList, TRUE);
1683 $outArr = array();
1684 foreach ($keys as $v) {
1685 if (isset($getArray[$v])) {
1686 $outArr[$v] = $getArray[$v];
1687 } elseif ($GPvarAlt) {
1688 $outArr[$v] = self::_GP($v);
1689 }
1690 }
1691 return $outArr;
1692 }
1693
1694 /**
1695 * AddSlash array
1696 * This function traverses a multidimensional array and adds slashes to the values.
1697 * NOTE that the input array is and argument by reference.!!
1698 * Twin-function to stripSlashesOnArray
1699 *
1700 * @param array $theArray Multidimensional input array, (REFERENCE!)
1701 * @return array
1702 */
1703 static public function addSlashesOnArray(array &$theArray) {
1704 foreach ($theArray as &$value) {
1705 if (is_array($value)) {
1706 self::addSlashesOnArray($value);
1707 } else {
1708 $value = addslashes($value);
1709 }
1710 }
1711 unset($value);
1712 reset($theArray);
1713 }
1714
1715 /**
1716 * StripSlash array
1717 * This function traverses a multidimensional array and strips slashes to the values.
1718 * NOTE that the input array is and argument by reference.!!
1719 * Twin-function to addSlashesOnArray
1720 *
1721 * @param array $theArray Multidimensional input array, (REFERENCE!)
1722 * @return array
1723 */
1724 static public function stripSlashesOnArray(array &$theArray) {
1725 foreach ($theArray as &$value) {
1726 if (is_array($value)) {
1727 self::stripSlashesOnArray($value);
1728 } else {
1729 $value = stripslashes($value);
1730 }
1731 }
1732 unset($value);
1733 reset($theArray);
1734 }
1735
1736 /**
1737 * Either slashes ($cmd=add) or strips ($cmd=strip) array $arr depending on $cmd
1738 *
1739 * @param array $arr Multidimensional input array
1740 * @param string $cmd "add" or "strip", depending on usage you wish.
1741 * @return array
1742 */
1743 static public function slashArray(array $arr, $cmd) {
1744 if ($cmd == 'strip') {
1745 self::stripSlashesOnArray($arr);
1746 }
1747 if ($cmd == 'add') {
1748 self::addSlashesOnArray($arr);
1749 }
1750 return $arr;
1751 }
1752
1753 /**
1754 * Rename Array keys with a given mapping table
1755 *
1756 * @param array $array Array by reference which should be remapped
1757 * @param array $mappingTable Array with remap information, array/$oldKey => $newKey)
1758 */
1759 static public function remapArrayKeys(&$array, $mappingTable) {
1760 if (is_array($mappingTable)) {
1761 foreach ($mappingTable as $old => $new) {
1762 if ($new && isset($array[$old])) {
1763 $array[$new] = $array[$old];
1764 unset($array[$old]);
1765 }
1766 }
1767 }
1768 }
1769
1770 /**
1771 * Merges two arrays recursively and "binary safe" (integer keys are
1772 * overridden as well), overruling similar values in the first array
1773 * ($arr0) with the values of the second array ($arr1)
1774 * In case of identical keys, ie. keeping the values of the second.
1775 *
1776 * @param array $arr0 First array
1777 * @param array $arr1 Second array, overruling the first array
1778 * @param boolean $notAddKeys If set, keys that are NOT found in $arr0 (first array) will not be set. Thus only existing value can/will be overruled from second array.
1779 * @param boolean $includeEmptyValues If set, values from $arr1 will overrule if they are empty or zero. Default: TRUE
1780 * @param boolean $enableUnsetFeature If set, special values "__UNSET" can be used in the second array in order to unset array keys in the resulting array.
1781 * @return array Resulting array where $arr1 values has overruled $arr0 values
1782 * @deprecated [!!!] Since 6.2, use ArrayUtility::mergeRecursiveWithOverrule - WARNING: The new method changed its signature and does not return the first parameter anymore, but it is more performant.
1783 */
1784 static public function array_merge_recursive_overrule(array $arr0, array $arr1, $notAddKeys = FALSE, $includeEmptyValues = TRUE, $enableUnsetFeature = TRUE) {
1785 self::logDeprecatedFunction();
1786 ArrayUtility::mergeRecursiveWithOverrule($arr0, $arr1, !$notAddKeys, $includeEmptyValues, $enableUnsetFeature);
1787 // Our local $arr0 has been modified now, so return it as result
1788 return $arr0;
1789 }
1790
1791 /**
1792 * An array_merge function where the keys are NOT renumbered as they happen to be with the real php-array_merge function. It is "binary safe" in the sense that integer keys are overridden as well.
1793 *
1794 * @param array $arr1 First array
1795 * @param array $arr2 Second array
1796 * @return array Merged result.
1797 */
1798 static public function array_merge(array $arr1, array $arr2) {
1799 return $arr2 + $arr1;
1800 }
1801
1802 /**
1803 * Filters keys off from first array that also exist in second array. Comparison is done by keys.
1804 * This method is a recursive version of php array_diff_assoc()
1805 *
1806 * @param array $array1 Source array
1807 * @param array $array2 Reduce source array by this array
1808 * @return array Source array reduced by keys also present in second array
1809 */
1810 static public function arrayDiffAssocRecursive(array $array1, array $array2) {
1811 $differenceArray = array();
1812 foreach ($array1 as $key => $value) {
1813 if (!array_key_exists($key, $array2)) {
1814 $differenceArray[$key] = $value;
1815 } elseif (is_array($value)) {
1816 if (is_array($array2[$key])) {
1817 $differenceArray[$key] = self::arrayDiffAssocRecursive($value, $array2[$key]);
1818 }
1819 }
1820 }
1821 return $differenceArray;
1822 }
1823
1824 /**
1825 * Takes a row and returns a CSV string of the values with $delim (default is ,) and $quote (default is ") as separator chars.
1826 *
1827 * @param array $row Input array of values
1828 * @param string $delim Delimited, default is comma
1829 * @param string $quote Quote-character to wrap around the values.
1830 * @return string A single line of CSV
1831 */
1832 static public function csvValues(array $row, $delim = ',', $quote = '"') {
1833 $out = array();
1834 foreach ($row as $value) {
1835 $out[] = str_replace($quote, $quote . $quote, $value);
1836 }
1837 $str = $quote . implode(($quote . $delim . $quote), $out) . $quote;
1838 return $str;
1839 }
1840
1841 /**
1842 * Removes dots "." from end of a key identifier of TypoScript styled array.
1843 * array('key.' => array('property.' => 'value')) --> array('key' => array('property' => 'value'))
1844 *
1845 * @param array $ts TypoScript configuration array
1846 * @return array TypoScript configuration array without dots at the end of all keys
1847 */
1848 static public function removeDotsFromTS(array $ts) {
1849 $out = array();
1850 foreach ($ts as $key => $value) {
1851 if (is_array($value)) {
1852 $key = rtrim($key, '.');
1853 $out[$key] = self::removeDotsFromTS($value);
1854 } else {
1855 $out[$key] = $value;
1856 }
1857 }
1858 return $out;
1859 }
1860
1861 /**
1862 * Sorts an array by key recursive - uses natural sort order (aAbB-zZ)
1863 *
1864 * @param array $array array to be sorted recursively, passed by reference
1865 * @return boolean TRUE if param is an array
1866 */
1867 static public function naturalKeySortRecursive(&$array) {
1868 if (!is_array($array)) {
1869 return FALSE;
1870 }
1871 uksort($array, 'strnatcasecmp');
1872 foreach ($array as $key => $value) {
1873 self::naturalKeySortRecursive($array[$key]);
1874 }
1875 return TRUE;
1876 }
1877
1878 /*************************
1879 *
1880 * HTML/XML PROCESSING
1881 *
1882 *************************/
1883 /**
1884 * Returns an array with all attributes of the input HTML tag as key/value pairs. Attributes are only lowercase a-z
1885 * $tag is either a whole tag (eg '<TAG OPTION ATTRIB=VALUE>') or the parameter list (ex ' OPTION ATTRIB=VALUE>')
1886 * If an attribute is empty, then the value for the key is empty. You can check if it existed with isset()
1887 *
1888 * @param string $tag HTML-tag string (or attributes only)
1889 * @return array Array with the attribute values.
1890 */
1891 static public function get_tag_attributes($tag) {
1892 $components = self::split_tag_attributes($tag);
1893 // Attribute name is stored here
1894 $name = '';
1895 $valuemode = FALSE;
1896 $attributes = array();
1897 foreach ($components as $key => $val) {
1898 // Only if $name is set (if there is an attribute, that waits for a value), that valuemode is enabled. This ensures that the attribute is assigned it's value
1899 if ($val != '=') {
1900 if ($valuemode) {
1901 if ($name) {
1902 $attributes[$name] = $val;
1903 $name = '';
1904 }
1905 } else {
1906 if ($key = strtolower(preg_replace('/[^[:alnum:]_\\:\\-]/', '', $val))) {
1907 $attributes[$key] = '';
1908 $name = $key;
1909 }
1910 }
1911 $valuemode = FALSE;
1912 } else {
1913 $valuemode = TRUE;
1914 }
1915 }
1916 return $attributes;
1917 }
1918
1919 /**
1920 * Returns an array with the 'components' from an attribute list from an HTML tag. The result is normally analyzed by get_tag_attributes
1921 * Removes tag-name if found
1922 *
1923 * @param string $tag HTML-tag string (or attributes only)
1924 * @return array Array with the attribute values.
1925 */
1926 static public function split_tag_attributes($tag) {
1927 $tag_tmp = trim(preg_replace('/^<[^[:space:]]*/', '', trim($tag)));
1928 // Removes any > in the end of the string
1929 $tag_tmp = trim(rtrim($tag_tmp, '>'));
1930 $value = array();
1931 // Compared with empty string instead , 030102
1932 while ($tag_tmp !== '') {
1933 $firstChar = $tag_tmp[0];
1934 if ($firstChar === '"' || $firstChar === '\'') {
1935 $reg = explode($firstChar, $tag_tmp, 3);
1936 $value[] = $reg[1];
1937 $tag_tmp = trim($reg[2]);
1938 } elseif ($firstChar === '=') {
1939 $value[] = '=';
1940 // Removes = chars.
1941 $tag_tmp = trim(substr($tag_tmp, 1));
1942 } else {
1943 // There are '' around the value. We look for the next ' ' or '>'
1944 $reg = preg_split('/[[:space:]=]/', $tag_tmp, 2);
1945 $value[] = trim($reg[0]);
1946 $tag_tmp = trim(substr($tag_tmp, strlen($reg[0]), 1) . $reg[1]);
1947 }
1948 }
1949 reset($value);
1950 return $value;
1951 }
1952
1953 /**
1954 * Implodes attributes in the array $arr for an attribute list in eg. and HTML tag (with quotes)
1955 *
1956 * @param array $arr Array with attribute key/value pairs, eg. "bgcolor"=>"red", "border"=>0
1957 * @param boolean $xhtmlSafe If set the resulting attribute list will have a) all attributes in lowercase (and duplicates weeded out, first entry taking precedence) and b) all values htmlspecialchar()'ed. It is recommended to use this switch!
1958 * @param boolean $dontOmitBlankAttribs If TRUE, don't check if values are blank. Default is to omit attributes with blank values.
1959 * @return string Imploded attributes, eg. 'bgcolor="red" border="0"'
1960 */
1961 static public function implodeAttributes(array $arr, $xhtmlSafe = FALSE, $dontOmitBlankAttribs = FALSE) {
1962 if ($xhtmlSafe) {
1963 $newArr = array();
1964 foreach ($arr as $p => $v) {
1965 if (!isset($newArr[strtolower($p)])) {
1966 $newArr[strtolower($p)] = htmlspecialchars($v);
1967 }
1968 }
1969 $arr = $newArr;
1970 }
1971 $list = array();
1972 foreach ($arr as $p => $v) {
1973 if ((string)$v !== '' || $dontOmitBlankAttribs) {
1974 $list[] = $p . '="' . $v . '"';
1975 }
1976 }
1977 return implode(' ', $list);
1978 }
1979
1980 /**
1981 * Wraps JavaScript code XHTML ready with <script>-tags
1982 * Automatic re-indenting of the JS code is done by using the first line as indent reference.
1983 * This is nice for indenting JS code with PHP code on the same level.
1984 *
1985 * @param string $string JavaScript code
1986 * @param boolean $linebreak Wrap script element in line breaks? Default is TRUE.
1987 * @return string The wrapped JS code, ready to put into a XHTML page
1988 */
1989 static public function wrapJS($string, $linebreak = TRUE) {
1990 if (trim($string)) {
1991 // <script wrapped in nl?
1992 $cr = $linebreak ? LF : '';
1993 // remove nl from the beginning
1994 $string = preg_replace('/^\\n+/', '', $string);
1995 // re-ident to one tab using the first line as reference
1996 $match = array();
1997 if (preg_match('/^(\\t+)/', $string, $match)) {
1998 $string = str_replace($match[1], TAB, $string);
1999 }
2000 $string = $cr . '<script type="text/javascript">
2001 /*<![CDATA[*/
2002 ' . $string . '
2003 /*]]>*/
2004 </script>' . $cr;
2005 }
2006 return trim($string);
2007 }
2008
2009 /**
2010 * Parses XML input into a PHP array with associative keys
2011 *
2012 * @param string $string XML data input
2013 * @param integer $depth Number of element levels to resolve the XML into an array. Any further structure will be set as XML.
2014 * @return mixed The array with the parsed structure unless the XML parser returns with an error in which case the error message string is returned.
2015 * @author bisqwit at iki dot fi dot not dot for dot ads dot invalid / http://dk.php.net/xml_parse_into_struct + kasperYYYY@typo3.com
2016 */
2017 static public function xml2tree($string, $depth = 999) {
2018 // Disables the functionality to allow external entities to be loaded when parsing the XML, must be kept
2019 $previousValueOfEntityLoader = libxml_disable_entity_loader(TRUE);
2020 $parser = xml_parser_create();
2021 $vals = array();
2022 $index = array();
2023 xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
2024 xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 0);
2025 xml_parse_into_struct($parser, $string, $vals, $index);
2026 libxml_disable_entity_loader($previousValueOfEntityLoader);
2027 if (xml_get_error_code($parser)) {
2028 return 'Line ' . xml_get_current_line_number($parser) . ': ' . xml_error_string(xml_get_error_code($parser));
2029 }
2030 xml_parser_free($parser);
2031 $stack = array(array());
2032 $stacktop = 0;
2033 $startPoint = 0;
2034 $tagi = array();
2035 foreach ($vals as $key => $val) {
2036 $type = $val['type'];
2037 // open tag:
2038 if ($type == 'open' || $type == 'complete') {
2039 $stack[$stacktop++] = $tagi;
2040 if ($depth == $stacktop) {
2041 $startPoint = $key;
2042 }
2043 $tagi = array('tag' => $val['tag']);
2044 if (isset($val['attributes'])) {
2045 $tagi['attrs'] = $val['attributes'];
2046 }
2047 if (isset($val['value'])) {
2048 $tagi['values'][] = $val['value'];
2049 }
2050 }
2051 // finish tag:
2052 if ($type == 'complete' || $type == 'close') {
2053 $oldtagi = $tagi;
2054 $tagi = $stack[--$stacktop];
2055 $oldtag = $oldtagi['tag'];
2056 unset($oldtagi['tag']);
2057 if ($depth == $stacktop + 1) {
2058 if ($key - $startPoint > 0) {
2059 $partArray = array_slice($vals, $startPoint + 1, $key - $startPoint - 1);
2060 $oldtagi['XMLvalue'] = self::xmlRecompileFromStructValArray($partArray);
2061 } else {
2062 $oldtagi['XMLvalue'] = $oldtagi['values'][0];
2063 }
2064 }
2065 $tagi['ch'][$oldtag][] = $oldtagi;
2066 unset($oldtagi);
2067 }
2068 // cdata
2069 if ($type == 'cdata') {
2070 $tagi['values'][] = $val['value'];
2071 }
2072 }
2073 return $tagi['ch'];
2074 }
2075
2076 /**
2077 * Turns PHP array into XML. See array2xml()
2078 *
2079 * @param array $array The input PHP array with any kind of data; text, binary, integers. Not objects though.
2080 * @param string $docTag Alternative document tag. Default is "phparray".
2081 * @param array $options Options for the compilation. See array2xml() for description.
2082 * @param string $charset Forced charset to prologue
2083 * @return string An XML string made from the input content in the array.
2084 * @see xml2array(),array2xml()
2085 */
2086 static public function array2xml_cs(array $array, $docTag = 'phparray', array $options = array(), $charset = '') {
2087 // Set default charset unless explicitly specified
2088 $charset = $charset ?: 'utf-8';
2089 // Return XML:
2090 return '<?xml version="1.0" encoding="' . htmlspecialchars($charset) . '" standalone="yes" ?>' . LF . self::array2xml($array, '', 0, $docTag, 0, $options);
2091 }
2092
2093 /**
2094 * Deprecated to call directly (unless you are aware of using XML prologues)! Use "array2xml_cs" instead (which adds an XML-prologue)
2095 *
2096 * Converts a PHP array into an XML string.
2097 * The XML output is optimized for readability since associative keys are used as tag names.
2098 * This also means that only alphanumeric characters are allowed in the tag names AND only keys NOT starting with numbers (so watch your usage of keys!). However there are options you can set to avoid this problem.
2099 * Numeric keys are stored with the default tag name "numIndex" but can be overridden to other formats)
2100 * The function handles input values from the PHP array in a binary-safe way; All characters below 32 (except 9,10,13) will trigger the content to be converted to a base64-string
2101 * The PHP variable type of the data IS preserved as long as the types are strings, arrays, integers and booleans. Strings are the default type unless the "type" attribute is set.
2102 * The output XML has been tested with the PHP XML-parser and parses OK under all tested circumstances with 4.x versions. However, with PHP5 there seems to be the need to add an XML prologue a la <?xml version="1.0" encoding="[charset]" standalone="yes" ?> - otherwise UTF-8 is assumed! Unfortunately, many times the output from this function is used without adding that prologue meaning that non-ASCII characters will break the parsing!! This suchs of course! Effectively it means that the prologue should always be prepended setting the right characterset, alternatively the system should always run as utf-8!
2103 * However using MSIE to read the XML output didn't always go well: One reason could be that the character encoding is not observed in the PHP data. The other reason may be if the tag-names are invalid in the eyes of MSIE. Also using the namespace feature will make MSIE break parsing. There might be more reasons...
2104 *
2105 * @param array $array The input PHP array with any kind of data; text, binary, integers. Not objects though.
2106 * @param string $NSprefix tag-prefix, eg. a namespace prefix like "T3:"
2107 * @param integer $level Current recursion level. Don't change, stay at zero!
2108 * @param string $docTag Alternative document tag. Default is "phparray".
2109 * @param integer $spaceInd If greater than zero, then the number of spaces corresponding to this number is used for indenting, if less than zero - no indentation, if zero - a single TAB is used
2110 * @param array $options Options for the compilation. Key "useNindex" => 0/1 (boolean: whether to use "n0, n1, n2" for num. indexes); Key "useIndexTagForNum" => "[tag for numerical indexes]"; Key "useIndexTagForAssoc" => "[tag for associative indexes"; Key "parentTagMap" => array('parentTag' => 'thisLevelTag')
2111 * @param array $stackData Stack data. Don't touch.
2112 * @return string An XML string made from the input content in the array.
2113 * @see xml2array()
2114 */
2115 static public function array2xml(array $array, $NSprefix = '', $level = 0, $docTag = 'phparray', $spaceInd = 0, array $options = array(), array $stackData = array()) {
2116 // The list of byte values which will trigger binary-safe storage. If any value has one of these char values in it, it will be encoded in base64
2117 $binaryChars = chr(0) . chr(1) . chr(2) . chr(3) . chr(4) . chr(5) . chr(6) . chr(7) . chr(8) . chr(11) . chr(12) . chr(14) . chr(15) . chr(16) . chr(17) . chr(18) . chr(19) . chr(20) . chr(21) . chr(22) . chr(23) . chr(24) . chr(25) . chr(26) . chr(27) . chr(28) . chr(29) . chr(30) . chr(31);
2118 // Set indenting mode:
2119 $indentChar = $spaceInd ? ' ' : TAB;
2120 $indentN = $spaceInd > 0 ? $spaceInd : 1;
2121 $nl = $spaceInd >= 0 ? LF : '';
2122 // Init output variable:
2123 $output = '';
2124 // Traverse the input array
2125 foreach ($array as $k => $v) {
2126 $attr = '';
2127 $tagName = $k;
2128 // Construct the tag name.
2129 // Use tag based on grand-parent + parent tag name
2130 if (isset($options['grandParentTagMap'][$stackData['grandParentTagName'] . '/' . $stackData['parentTagName']])) {
2131 $attr .= ' index="' . htmlspecialchars($tagName) . '"';
2132 $tagName = (string) $options['grandParentTagMap'][($stackData['grandParentTagName'] . '/' . $stackData['parentTagName'])];
2133 } elseif (isset($options['parentTagMap'][$stackData['parentTagName'] . ':_IS_NUM']) && \TYPO3\CMS\Core\Utility\MathUtility::canBeInterpretedAsInteger($tagName)) {
2134 // Use tag based on parent tag name + if current tag is numeric
2135 $attr .= ' index="' . htmlspecialchars($tagName) . '"';
2136 $tagName = (string) $options['parentTagMap'][($stackData['parentTagName'] . ':_IS_NUM')];
2137 } elseif (isset($options['parentTagMap'][$stackData['parentTagName'] . ':' . $tagName])) {
2138 // Use tag based on parent tag name + current tag
2139 $attr .= ' index="' . htmlspecialchars($tagName) . '"';
2140 $tagName = (string) $options['parentTagMap'][($stackData['parentTagName'] . ':' . $tagName)];
2141 } elseif (isset($options['parentTagMap'][$stackData['parentTagName']])) {
2142 // Use tag based on parent tag name:
2143 $attr .= ' index="' . htmlspecialchars($tagName) . '"';
2144 $tagName = (string) $options['parentTagMap'][$stackData['parentTagName']];
2145 } elseif (MathUtility::canBeInterpretedAsInteger($tagName)) {
2146 // If integer...;
2147 if ($options['useNindex']) {
2148 // If numeric key, prefix "n"
2149 $tagName = 'n' . $tagName;
2150 } else {
2151 // Use special tag for num. keys:
2152 $attr .= ' index="' . $tagName . '"';
2153 $tagName = $options['useIndexTagForNum'] ?: 'numIndex';
2154 }
2155 } elseif ($options['useIndexTagForAssoc']) {
2156 // Use tag for all associative keys:
2157 $attr .= ' index="' . htmlspecialchars($tagName) . '"';
2158 $tagName = $options['useIndexTagForAssoc'];
2159 }
2160 // The tag name is cleaned up so only alphanumeric chars (plus - and _) are in there and not longer than 100 chars either.
2161 $tagName = substr(preg_replace('/[^[:alnum:]_-]/', '', $tagName), 0, 100);
2162 // If the value is an array then we will call this function recursively:
2163 if (is_array($v)) {
2164 // Sub elements:
2165 if ($options['alt_options'][$stackData['path'] . '/' . $tagName]) {
2166 $subOptions = $options['alt_options'][$stackData['path'] . '/' . $tagName];
2167 $clearStackPath = $subOptions['clearStackPath'];
2168 } else {
2169 $subOptions = $options;
2170 $clearStackPath = FALSE;
2171 }
2172 if (empty($v)) {
2173 $content = '';
2174 } else {
2175 $content = $nl . self::array2xml($v, $NSprefix, ($level + 1), '', $spaceInd, $subOptions, array(
2176 'parentTagName' => $tagName,
2177 'grandParentTagName' => $stackData['parentTagName'],
2178 'path' => ($clearStackPath ? '' : $stackData['path'] . '/' . $tagName)
2179 )) . ($spaceInd >= 0 ? str_pad('', ($level + 1) * $indentN, $indentChar) : '');
2180 }
2181 // Do not set "type = array". Makes prettier XML but means that empty arrays are not restored with xml2array
2182 if ((int)$options['disableTypeAttrib'] != 2) {
2183 $attr .= ' type="array"';
2184 }
2185 } else {
2186 // Just a value:
2187 // Look for binary chars:
2188 // Check for length, because PHP 5.2.0 may crash when first argument of strcspn is empty
2189 $vLen = strlen($v);
2190 // Go for base64 encoding if the initial segment NOT matching any binary char has the same length as the whole string!
2191 if ($vLen && strcspn($v, $binaryChars) != $vLen) {
2192 // If the value contained binary chars then we base64-encode it an set an attribute to notify this situation:
2193 $content = $nl . chunk_split(base64_encode($v));
2194 $attr .= ' base64="1"';
2195 } else {
2196 // Otherwise, just htmlspecialchar the stuff:
2197 $content = htmlspecialchars($v);
2198 $dType = gettype($v);
2199 if ($dType == 'string') {
2200 if ($options['useCDATA'] && $content != $v) {
2201 $content = '<![CDATA[' . $v . ']]>';
2202 }
2203 } elseif (!$options['disableTypeAttrib']) {
2204 $attr .= ' type="' . $dType . '"';
2205 }
2206 }
2207 }
2208 if ((string)$tagName !== '') {
2209 // Add the element to the output string:
2210 $output .= ($spaceInd >= 0 ? str_pad('', ($level + 1) * $indentN, $indentChar) : '')
2211 . '<' . $NSprefix . $tagName . $attr . '>' . $content . '</' . $NSprefix . $tagName . '>' . $nl;
2212 }
2213 }
2214 // If we are at the outer-most level, then we finally wrap it all in the document tags and return that as the value:
2215 if (!$level) {
2216 $output = '<' . $docTag . '>' . $nl . $output . '</' . $docTag . '>';
2217 }
2218 return $output;
2219 }
2220
2221 /**
2222 * Converts an XML string to a PHP array.
2223 * This is the reverse function of array2xml()
2224 * This is a wrapper for xml2arrayProcess that adds a two-level cache
2225 *
2226 * @param string $string XML content to convert into an array
2227 * @param string $NSprefix The tag-prefix resolve, eg. a namespace like "T3:"
2228 * @param boolean $reportDocTag If set, the document tag will be set in the key "_DOCUMENT_TAG" of the output array
2229 * @return mixed If the parsing had errors, a string with the error message is returned. Otherwise an array with the content.
2230 * @see array2xml(),xml2arrayProcess()
2231 */
2232 static public function xml2array($string, $NSprefix = '', $reportDocTag = FALSE) {
2233 static $firstLevelCache = array();
2234 $identifier = md5($string . $NSprefix . ($reportDocTag ? '1' : '0'));
2235 // Look up in first level cache
2236 if (!empty($firstLevelCache[$identifier])) {
2237 $array = $firstLevelCache[$identifier];
2238 } else {
2239 // Look up in second level cache
2240 $array = \TYPO3\CMS\Frontend\Page\PageRepository::getHash($identifier, 0);
2241 if (!is_array($array)) {
2242 $array = self::xml2arrayProcess($string, $NSprefix, $reportDocTag);
2243 \TYPO3\CMS\Frontend\Page\PageRepository::storeHash($identifier, $array, 'ident_xml2array');
2244 }
2245 // Store content in first level cache
2246 $firstLevelCache[$identifier] = $array;
2247 }
2248 return $array;
2249 }
2250
2251 /**
2252 * Converts an XML string to a PHP array.
2253 * This is the reverse function of array2xml()
2254 *
2255 * @param string $string XML content to convert into an array
2256 * @param string $NSprefix The tag-prefix resolve, eg. a namespace like "T3:"
2257 * @param boolean $reportDocTag If set, the document tag will be set in the key "_DOCUMENT_TAG" of the output array
2258 * @return mixed If the parsing had errors, a string with the error message is returned. Otherwise an array with the content.
2259 * @see array2xml()
2260 */
2261 static protected function xml2arrayProcess($string, $NSprefix = '', $reportDocTag = FALSE) {
2262 // Disables the functionality to allow external entities to be loaded when parsing the XML, must be kept
2263 $previousValueOfEntityLoader = libxml_disable_entity_loader(TRUE);
2264 // Create parser:
2265 $parser = xml_parser_create();
2266 $vals = array();
2267 $index = array();
2268 xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
2269 xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 0);
2270 // Default output charset is UTF-8, only ASCII, ISO-8859-1 and UTF-8 are supported!!!
2271 $match = array();
2272 preg_match('/^[[:space:]]*<\\?xml[^>]*encoding[[:space:]]*=[[:space:]]*"([^"]*)"/', substr($string, 0, 200), $match);
2273 $theCharset = $match[1] ?: 'utf-8';
2274 // us-ascii / utf-8 / iso-8859-1
2275 xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $theCharset);
2276 // Parse content:
2277 xml_parse_into_struct($parser, $string, $vals, $index);
2278 libxml_disable_entity_loader($previousValueOfEntityLoader);
2279 // If error, return error message:
2280 if (xml_get_error_code($parser)) {
2281 return 'Line ' . xml_get_current_line_number($parser) . ': ' . xml_error_string(xml_get_error_code($parser));
2282 }
2283 xml_parser_free($parser);
2284 // Init vars:
2285 $stack = array(array());
2286 $stacktop = 0;
2287 $current = array();
2288 $tagName = '';
2289 $documentTag = '';
2290 // Traverse the parsed XML structure:
2291 foreach ($vals as $key => $val) {
2292 // First, process the tag-name (which is used in both cases, whether "complete" or "close")
2293 $tagName = $val['tag'];
2294 if (!$documentTag) {
2295 $documentTag = $tagName;
2296 }
2297 // Test for name space:
2298 $tagName = $NSprefix && substr($tagName, 0, strlen($NSprefix)) == $NSprefix ? substr($tagName, strlen($NSprefix)) : $tagName;
2299 // Test for numeric tag, encoded on the form "nXXX":
2300 $testNtag = substr($tagName, 1);
2301 // Closing tag.
2302 $tagName = $tagName[0] === 'n' && MathUtility::canBeInterpretedAsInteger($testNtag) ? (int)$testNtag : $tagName;
2303 // Test for alternative index value:
2304 if (strlen($val['attributes']['index'])) {
2305 $tagName = $val['attributes']['index'];
2306 }
2307 // Setting tag-values, manage stack:
2308 switch ($val['type']) {
2309 case 'open':
2310 // If open tag it means there is an array stored in sub-elements. Therefore increase the stackpointer and reset the accumulation array:
2311 // Setting blank place holder
2312 $current[$tagName] = array();
2313 $stack[$stacktop++] = $current;
2314 $current = array();
2315 break;
2316 case 'close':
2317 // If the tag is "close" then it is an array which is closing and we decrease the stack pointer.
2318 $oldCurrent = $current;
2319 $current = $stack[--$stacktop];
2320 // Going to the end of array to get placeholder key, key($current), and fill in array next:
2321 end($current);
2322 $current[key($current)] = $oldCurrent;
2323 unset($oldCurrent);
2324 break;
2325 case 'complete':
2326 // If "complete", then it's a value. If the attribute "base64" is set, then decode the value, otherwise just set it.
2327 if ($val['attributes']['base64']) {
2328 $current[$tagName] = base64_decode($val['value']);
2329 } else {
2330 // Had to cast it as a string - otherwise it would be evaluate FALSE if tested with isset()!!
2331 $current[$tagName] = (string) $val['value'];
2332 // Cast type:
2333 switch ((string) $val['attributes']['type']) {
2334 case 'integer':
2335 $current[$tagName] = (int)$current[$tagName];
2336 break;
2337 case 'double':
2338 $current[$tagName] = (double) $current[$tagName];
2339 break;
2340 case 'boolean':
2341 $current[$tagName] = (bool) $current[$tagName];
2342 break;
2343 case 'NULL':
2344 $current[$tagName] = NULL;
2345 break;
2346 case 'array':
2347 // MUST be an empty array since it is processed as a value; Empty arrays would end up here because they would have no tags inside...
2348 $current[$tagName] = array();
2349 break;
2350 }
2351 }
2352 break;
2353 }
2354 }
2355 if ($reportDocTag) {
2356 $current[$tagName]['_DOCUMENT_TAG'] = $documentTag;
2357 }
2358 // Finally return the content of the document tag.
2359 return $current[$tagName];
2360 }
2361
2362 /**
2363 * This implodes an array of XML parts (made with xml_parse_into_struct()) into XML again.
2364 *
2365 * @param array $vals An array of XML parts, see xml2tree
2366 * @return string Re-compiled XML data.
2367 */
2368 static public function xmlRecompileFromStructValArray(array $vals) {
2369 $XMLcontent = '';
2370 foreach ($vals as $val) {
2371 $type = $val['type'];
2372 // Open tag:
2373 if ($type == 'open' || $type == 'complete') {
2374 $XMLcontent .= '<' . $val['tag'];
2375 if (isset($val['attributes'])) {
2376 foreach ($val['attributes'] as $k => $v) {
2377 $XMLcontent .= ' ' . $k . '="' . htmlspecialchars($v) . '"';
2378 }
2379 }
2380 if ($type == 'complete') {
2381 if (isset($val['value'])) {
2382 $XMLcontent .= '>' . htmlspecialchars($val['value']) . '</' . $val['tag'] . '>';
2383 } else {
2384 $XMLcontent .= '/>';
2385 }
2386 } else {
2387 $XMLcontent .= '>';
2388 }
2389 if ($type == 'open' && isset($val['value'])) {
2390 $XMLcontent .= htmlspecialchars($val['value']);
2391 }
2392 }
2393 // Finish tag:
2394 if ($type == 'close') {
2395 $XMLcontent .= '</' . $val['tag'] . '>';
2396 }
2397 // Cdata
2398 if ($type == 'cdata') {
2399 $XMLcontent .= htmlspecialchars($val['value']);
2400 }
2401 }
2402 return $XMLcontent;
2403 }
2404
2405 /**
2406 * Extracts the attributes (typically encoding and version) of an XML prologue (header).
2407 *
2408 * @param string $xmlData XML data
2409 * @return array Attributes of the xml prologue (header)
2410 */
2411 static public function xmlGetHeaderAttribs($xmlData) {
2412 $match = array();
2413 if (preg_match('/^\\s*<\\?xml([^>]*)\\?\\>/', $xmlData, $match)) {
2414 return self::get_tag_attributes($match[1]);
2415 }
2416 }
2417
2418 /**
2419 * Minifies JavaScript
2420 *
2421 * @param string $script Script to minify
2422 * @param string $error Error message (if any)
2423 * @return string Minified script or source string if error happened
2424 */
2425 static public function minifyJavaScript($script, &$error = '') {
2426 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_div.php']['minifyJavaScript'])) {
2427 $fakeThis = FALSE;
2428 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_div.php']['minifyJavaScript'] as $hookMethod) {
2429 try {
2430 $parameters = array('script' => $script);
2431 $script = static::callUserFunction($hookMethod, $parameters, $fakeThis);
2432 } catch (\Exception $e) {
2433 $errorMessage = 'Error minifying java script: ' . $e->getMessage();
2434 $error .= $errorMessage;
2435 static::devLog($errorMessage, 'TYPO3\\CMS\\Core\\Utility\\GeneralUtility', 2, array(
2436 'JavaScript' => $script,
2437 'Stack trace' => $e->getTrace(),
2438 'hook' => $hookMethod
2439 ));
2440 }
2441 }
2442 }
2443 return $script;
2444 }
2445
2446 /*************************
2447 *
2448 * FILES FUNCTIONS
2449 *
2450 *************************/
2451 /**
2452 * Reads the file or url $url and returns the content
2453 * If you are having trouble with proxys when reading URLs you can configure your way out of that with settings like $GLOBALS['TYPO3_CONF_VARS']['SYS']['curlUse'] etc.
2454 *
2455 * @param string $url File/URL to read
2456 * @param integer $includeHeader Whether the HTTP header should be fetched or not. 0=disable, 1=fetch header+content, 2=fetch header only
2457 * @param array $requestHeaders HTTP headers to be used in the request
2458 * @param array $report Error code/message and, if $includeHeader is 1, response meta data (HTTP status and content type)
2459 * @return mixed The content from the resource given as input. FALSE if an error has occurred.
2460 */
2461 static public function getUrl($url, $includeHeader = 0, $requestHeaders = FALSE, &$report = NULL) {
2462 $content = FALSE;
2463 if (isset($report)) {
2464 $report['error'] = 0;
2465 $report['message'] = '';
2466 }
2467 // Use cURL for: http, https, ftp, ftps, sftp and scp
2468 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlUse'] == '1' && preg_match('/^(?:http|ftp)s?|s(?:ftp|cp):/', $url)) {
2469 if (isset($report)) {
2470 $report['lib'] = 'cURL';
2471 }
2472 // External URL without error checking.
2473 if (!function_exists('curl_init') || !($ch = curl_init())) {
2474 if (isset($report)) {
2475 $report['error'] = -1;
2476 $report['message'] = 'Couldn\'t initialize cURL.';
2477 }
2478 return FALSE;
2479 }
2480
2481 $followLocationSucceeded = @curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
2482
2483 curl_setopt($ch, CURLOPT_URL, $url);
2484 curl_setopt($ch, CURLOPT_HEADER, !$followLocationSucceeded || $includeHeader ? 1 : 0);
2485 curl_setopt($ch, CURLOPT_NOBODY, $includeHeader == 2 ? 1 : 0);
2486 curl_setopt($ch, CURLOPT_HTTPGET, $includeHeader == 2 ? 'HEAD' : 'GET');
2487 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2488 curl_setopt($ch, CURLOPT_FAILONERROR, 1);
2489 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, max(0, (int)$GLOBALS['TYPO3_CONF_VARS']['SYS']['curlTimeout']));
2490
2491 if (is_array($requestHeaders)) {
2492 curl_setopt($ch, CURLOPT_HTTPHEADER, $requestHeaders);
2493 }
2494 // (Proxy support implemented by Arco <arco@appeltaart.mine.nu>)
2495 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyServer']) {
2496 curl_setopt($ch, CURLOPT_PROXY, $GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyServer']);
2497 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyNTLM']) {
2498 curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_NTLM);
2499 }
2500 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyTunnel']) {
2501 curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, $GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyTunnel']);
2502 }
2503 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyUserPass']) {
2504 curl_setopt($ch, CURLOPT_PROXYUSERPWD, $GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyUserPass']);
2505 }
2506 }
2507 $content = curl_exec($ch);
2508 $curlInfo = curl_getinfo($ch);
2509
2510 if (!$followLocationSucceeded) {
2511 // Check if we need to do redirects
2512 if ($curlInfo['http_code'] >= 300 && $curlInfo['http_code'] < 400) {
2513 $locationUrl = $curlInfo['redirect_url'];
2514 if (!$locationUrl) {
2515 // Some curllib versions do not return redirect_url. Examine headers.
2516 $locationUrl = self::getRedirectUrlFromHttpHeaders($content);
2517 }
2518 if ($locationUrl) {
2519 $content = self::getUrl($locationUrl, $includeHeader, $requestHeaders, $report);
2520 $followLocationSucceeded = TRUE;
2521 } else {
2522 // Failure: we got a redirection status code but not the URL to redirect to.
2523 $content = FALSE;
2524 }
2525 }
2526 if ($content && !$includeHeader) {
2527 $content = self::stripHttpHeaders($content);
2528 }
2529 }
2530
2531 if (isset($report)) {
2532 if (!$followLocationSucceeded && $curlInfo['http_code'] >= 300 && $curlInfo['http_code'] < 400) {
2533 $report['http_code'] = $curlInfo['http_code'];
2534 $report['content_type'] = $curlInfo['content_type'];
2535 $report['error'] = CURLE_GOT_NOTHING;
2536 $report['message'] = 'Expected "Location" header but got nothing.';
2537 } elseif ($content === FALSE) {
2538 $report['error'] = curl_errno($ch);
2539 $report['message'] = curl_error($ch);
2540 } elseif ($includeHeader) {
2541 // Set only for $includeHeader to work exactly like PHP variant
2542 $report['http_code'] = $curlInfo['http_code'];
2543 $report['content_type'] = $curlInfo['content_type'];
2544 }
2545 }
2546 curl_close($ch);
2547 } elseif ($includeHeader) {
2548 if (isset($report)) {
2549 $report['lib'] = 'socket';
2550 }
2551 $parsedURL = parse_url($url);
2552 if (!preg_match('/^https?/', $parsedURL['scheme'])) {
2553 if (isset($report)) {
2554 $report['error'] = -1;
2555 $report['message'] = 'Reading headers is not allowed for this protocol.';
2556 }
2557 return FALSE;
2558 }
2559 $port = (int)$parsedURL['port'];
2560 if ($port < 1) {
2561 if ($parsedURL['scheme'] == 'http') {
2562 $port = $port > 0 ? $port : 80;
2563 $scheme = '';
2564 } else {
2565 $port = $port > 0 ? $port : 443;
2566 $scheme = 'ssl://';
2567 }
2568 }
2569 $errno = 0;
2570 $fp = @fsockopen(($scheme . $parsedURL['host']), $port, $errno, $errstr, 2.0);
2571 if (!$fp || $errno > 0) {
2572 if (isset($report)) {
2573 $report['error'] = $errno ?: -1;
2574 $report['message'] = $errno ? ($errstr ?: 'Socket error.') : 'Socket initialization error.';
2575 }
2576 return FALSE;
2577 }
2578 $method = $includeHeader == 2 ? 'HEAD' : 'GET';
2579 $msg = $method . ' ' . (isset($parsedURL['path']) ? $parsedURL['path'] : '/') . ($parsedURL['query'] ? '?' . $parsedURL['query'] : '') . ' HTTP/1.0' . CRLF . 'Host: ' . $parsedURL['host'] . '
2580
2581 Connection: close
2582
2583 ';
2584 if (is_array($requestHeaders)) {
2585 $msg .= implode(CRLF, $requestHeaders) . CRLF;
2586 }
2587 $msg .= CRLF;
2588 fputs($fp, $msg);
2589 while (!feof($fp)) {
2590 $line = fgets($fp, 2048);
2591 if (isset($report)) {
2592 if (preg_match('|^HTTP/\\d\\.\\d +(\\d+)|', $line, $status)) {
2593 $report['http_code'] = $status[1];
2594 } elseif (preg_match('/^Content-Type: *(.*)/i', $line, $type)) {
2595 $report['content_type'] = $type[1];
2596 }
2597 }
2598 $content .= $line;
2599 if (!strlen(trim($line))) {
2600 // Stop at the first empty line (= end of header)
2601 break;
2602 }
2603 }
2604 if ($includeHeader != 2) {
2605 $content .= stream_get_contents($fp);
2606 }
2607 fclose($fp);
2608 } elseif (is_array($requestHeaders)) {
2609 if (isset($report)) {
2610 $report['lib'] = 'file/context';
2611 }
2612 $parsedURL = parse_url($url);
2613 if (!preg_match('/^https?/', $parsedURL['scheme'])) {
2614 if (isset($report)) {
2615 $report['error'] = -1;
2616 $report['message'] = 'Sending request headers is not allowed for this protocol.';
2617 }
2618 return FALSE;
2619 }
2620 $ctx = stream_context_create(array(
2621 'http' => array(
2622 'header' => implode(CRLF, $requestHeaders)
2623 )
2624 ));
2625 $content = @file_get_contents($url, FALSE, $ctx);
2626 if ($content === FALSE && isset($report)) {
2627 $report['error'] = -1;
2628 $report['message'] = 'Couldn\'t get URL: ' . (isset($http_response_header) ? implode(LF, $http_response_header) : $url);
2629 }
2630 } else {
2631 if (isset($report)) {
2632 $report['lib'] = 'file';
2633 }
2634 $content = @file_get_contents($url);
2635 if ($content === FALSE && isset($report)) {
2636 $report['error'] = -1;
2637 $report['message'] = 'Couldn\'t get URL: ' . (isset($http_response_header) ? implode(LF, $http_response_header) : $url);
2638 }
2639 }
2640 return $content;
2641 }
2642
2643 /**
2644 * Parses HTTP headers and returns the content of the "Location" header
2645 * or the empty string if no such header found.
2646 *
2647 * @param string $content
2648 * @return string
2649 */
2650 static protected function getRedirectUrlFromHttpHeaders($content) {
2651 $result = '';
2652 $headers = explode("\r\n", $content);
2653 foreach ($headers as $header) {
2654 if ($header == '') {
2655 break;
2656 }
2657 if (preg_match('/^\s*Location\s*:/i', $header)) {
2658 list(, $result) = self::trimExplode(':', $header, FALSE, 2);
2659 if ($result) {
2660 $result = self::locationHeaderUrl($result);
2661 }
2662 break;
2663 }
2664 }
2665 return $result;
2666 }
2667
2668 /**
2669 * Strips HTTP headers from the content.
2670 *
2671 * @param string $content
2672 * @return string
2673 */
2674 static protected function stripHttpHeaders($content) {
2675 $headersEndPos = strpos($content, "\r\n\r\n");
2676 if ($headersEndPos) {
2677 $content = substr($content, $headersEndPos + 4);
2678 }
2679 return $content;
2680 }
2681
2682 /**
2683 * Writes $content to the file $file
2684 *
2685 * @param string $file Filepath to write to
2686 * @param string $content Content to write
2687 * @param boolean $changePermissions If TRUE, permissions are forced to be set
2688 * @return boolean TRUE if the file was successfully opened and written to.
2689 */
2690 static public function writeFile($file, $content, $changePermissions = FALSE) {
2691 if (!@is_file($file)) {
2692 $changePermissions = TRUE;
2693 }
2694 if ($fd = fopen($file, 'wb')) {
2695 $res = fwrite($fd, $content);
2696 fclose($fd);
2697 if ($res === FALSE) {
2698 return FALSE;
2699 }
2700 // Change the permissions only if the file has just been created
2701 if ($changePermissions) {
2702 self::fixPermissions($file);
2703 }
2704 return TRUE;
2705 }
2706 return FALSE;
2707 }
2708
2709 /**
2710 * Sets the file system mode and group ownership of a file or a folder.
2711 *
2712 * @param string $path Path of file or folder, must not be escaped. Path can be absolute or relative
2713 * @param boolean $recursive If set, also fixes permissions of files and folders in the folder (if $path is a folder)
2714 * @return mixed TRUE on success, FALSE on error, always TRUE on Windows OS
2715 */
2716 static public function fixPermissions($path, $recursive = FALSE) {
2717 if (TYPO3_OS != 'WIN') {
2718 $result = FALSE;
2719 // Make path absolute
2720 if (!self::isAbsPath($path)) {
2721 $path = self::getFileAbsFileName($path, FALSE);
2722 }
2723 if (self::isAllowedAbsPath($path)) {
2724 if (@is_file($path)) {
2725 $targetFilePermissions = isset($GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'])
2726 ? octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'])
2727 : octdec('0644');
2728 // "@" is there because file is not necessarily OWNED by the user
2729 $result = @chmod($path, $targetFilePermissions);
2730 } elseif (@is_dir($path)) {
2731 $targetDirectoryPermissions = isset($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'])
2732 ? octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'])
2733 : octdec('0755');
2734 // "@" is there because file is not necessarily OWNED by the user
2735 $result = @chmod($path, $targetDirectoryPermissions);
2736 }
2737 // Set createGroup if not empty
2738 if (
2739 isset($GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'])
2740 && strlen($GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup']) > 0
2741 ) {
2742 // "@" is there because file is not necessarily OWNED by the user
2743 $changeGroupResult = @chgrp($path, $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup']);
2744 $result = $changeGroupResult ? $result : FALSE;
2745 }
2746 // Call recursive if recursive flag if set and $path is directory
2747 if ($recursive && @is_dir($path)) {
2748 $handle = opendir($path);
2749 while (($file = readdir($handle)) !== FALSE) {
2750 $recursionResult = NULL;
2751 if ($file !== '.' && $file !== '..') {
2752 if (@is_file(($path . '/' . $file))) {
2753 $recursionResult = self::fixPermissions($path . '/' . $file);
2754 } elseif (@is_dir(($path . '/' . $file))) {
2755 $recursionResult = self::fixPermissions($path . '/' . $file, TRUE);
2756 }
2757 if (isset($recursionResult) && !$recursionResult) {
2758 $result = FALSE;
2759 }
2760 }
2761 }
2762 closedir($handle);
2763 }
2764 }
2765 } else {
2766 $result = TRUE;
2767 }
2768 return $result;
2769 }
2770
2771 /**
2772 * Writes $content to a filename in the typo3temp/ folder (and possibly one or two subfolders...)
2773 * Accepts an additional subdirectory in the file path!
2774 *
2775 * @param string $filepath Absolute file path to write to inside "typo3temp/". First part of this string must match PATH_site."typo3temp/
2776 * @param string $content Content string to write
2777 * @return string Returns NULL on success, otherwise an error string telling about the problem.
2778 */
2779 static public function writeFileToTypo3tempDir($filepath, $content) {
2780 // Parse filepath into directory and basename:
2781 $fI = pathinfo($filepath);
2782 $fI['dirname'] .= '/';
2783 // Check parts:
2784 if (self::validPathStr($filepath) && $fI['basename'] && strlen($fI['basename']) < 60) {
2785 if (defined('PATH_site')) {
2786 // Setting main temporary directory name (standard)
2787 $dirName = PATH_site . 'typo3temp/';
2788 if (@is_dir($dirName)) {
2789 if (self::isFirstPartOfStr($fI['dirname'], $dirName)) {
2790 // Checking if the "subdir" is found:
2791 $subdir = substr($fI['dirname'], strlen($dirName));
2792 if ($subdir) {
2793 if (preg_match('/^[[:alnum:]_]+\\/$/', $subdir) || preg_match('/^[[:alnum:]_]+\\/[[:alnum:]_]+\\/$/', $subdir)) {
2794 $dirName .= $subdir;
2795 if (!@is_dir($dirName)) {
2796 self::mkdir_deep(PATH_site . 'typo3temp/', $subdir);
2797 }
2798 } else {
2799 return 'Subdir, "' . $subdir . '", was NOT on the form "[[:alnum:]_]/" or "[[:alnum:]_]/[[:alnum:]_]/"';
2800 }
2801 }
2802 // Checking dir-name again (sub-dir might have been created):
2803 if (@is_dir($dirName)) {
2804 if ($filepath == $dirName . $fI['basename']) {
2805 self::writeFile($filepath, $content);
2806 if (!@is_file($filepath)) {
2807 return 'The file was not written to the disk. Please, check that you have write permissions to the typo3temp/ directory.';
2808 }
2809 } else {
2810 return 'Calculated filelocation didn\'t match input $filepath!';
2811 }
2812 } else {
2813 return '"' . $dirName . '" is not a directory!';
2814 }
2815 } else {
2816 return '"' . $fI['dirname'] . '" was not within directory PATH_site + "typo3temp/"';
2817 }
2818 } else {
2819 return 'PATH_site + "typo3temp/" was not a directory!';
2820 }
2821 } else {
2822 return 'PATH_site constant was NOT defined!';
2823 }
2824 } else {
2825 return 'Input filepath "' . $filepath . '" was generally invalid!';
2826 }
2827 }
2828
2829 /**
2830 * Wrapper function for mkdir.
2831 * Sets folder permissions according to $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask']
2832 * and group ownership according to $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup']
2833 *
2834 * @param string $newFolder Absolute path to folder, see PHP mkdir() function. Removes trailing slash internally.
2835 * @return boolean TRUE if @mkdir went well!
2836 */
2837 static public function mkdir($newFolder) {
2838 $result = @mkdir($newFolder, octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask']));
2839 if ($result) {
2840 self::fixPermissions($newFolder);
2841 }
2842 return $result;
2843 }
2844
2845 /**
2846 * Creates a directory - including parent directories if necessary and
2847 * sets permissions on newly created directories.
2848 *
2849 * @param string $directory Target directory to create. Must a have trailing slash
2850 * @param string $deepDirectory Directory to create. This second parameter
2851 * @return void
2852 * @throws \InvalidArgumentException If $directory or $deepDirectory are not strings
2853 * @throws \RuntimeException If directory could not be created
2854 */
2855 static public function mkdir_deep($directory, $deepDirectory = '') {
2856 if (!is_string($directory)) {
2857 throw new \InvalidArgumentException('The specified directory is of type "' . gettype($directory) . '" but a string is expected.', 1303662955);
2858 }
2859 if (!is_string($deepDirectory)) {
2860 throw new \InvalidArgumentException('The specified directory is of type "' . gettype($deepDirectory) . '" but a string is expected.', 1303662956);
2861 }
2862 // Ensure there is only one slash
2863 $fullPath = rtrim($directory, '/') . '/' . ltrim($deepDirectory, '/');
2864 if (!is_dir($fullPath) && strlen($fullPath) > 0) {
2865 $firstCreatedPath = self::createDirectoryPath($fullPath);
2866 if ($firstCreatedPath !== '') {
2867 self::fixPermissions($firstCreatedPath, TRUE);
2868 }
2869 }
2870 }
2871
2872 /**
2873 * Creates directories for the specified paths if they do not exist. This
2874 * functions sets proper permission mask but does not set proper user and
2875 * group.
2876 *
2877 * @static
2878 * @param string $fullDirectoryPath
2879 * @return string Path to the the first created directory in the hierarchy
2880 * @see \TYPO3\CMS\Core\Utility\GeneralUtility::mkdir_deep
2881 * @throws \RuntimeException If directory could not be created
2882 */
2883 static protected function createDirectoryPath($fullDirectoryPath) {
2884 $currentPath = $fullDirectoryPath;
2885 $firstCreatedPath = '';
2886 $permissionMask = octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask']);
2887 if (!@is_dir($currentPath)) {
2888 do {
2889 $firstCreatedPath = $currentPath;
2890 $separatorPosition = strrpos($currentPath, DIRECTORY_SEPARATOR);
2891 $currentPath = substr($currentPath, 0, $separatorPosition);
2892 } while (!is_dir($currentPath) && $separatorPosition !== FALSE);
2893 $result = @mkdir($fullDirectoryPath, $permissionMask, TRUE);
2894 // Check existence of directory again to avoid race condition. Directory could have get created by another process between previous is_dir() and mkdir()
2895 if (!$result && !@is_dir($fullDirectoryPath)) {
2896 throw new \RuntimeException('Could not create directory "' . $fullDirectoryPath . '"!', 1170251401);
2897 }
2898 }
2899 return $firstCreatedPath;
2900 }
2901
2902 /**
2903 * Wrapper function for rmdir, allowing recursive deletion of folders and files
2904 *
2905 * @param string $path Absolute path to folder, see PHP rmdir() function. Removes trailing slash internally.
2906 * @param boolean $removeNonEmpty Allow deletion of non-empty directories
2907 * @return boolean TRUE if @rmdir went well!
2908 */
2909 static public function rmdir($path, $removeNonEmpty = FALSE) {
2910 $OK = FALSE;
2911 // Remove trailing slash
2912 $path = preg_replace('|/$|', '', $path);
2913 if (file_exists($path)) {
2914 $OK = TRUE;
2915 if (!is_link($path) && is_dir($path)) {
2916 if ($removeNonEmpty == TRUE && ($handle = @opendir($path))) {
2917 while ($OK && FALSE !== ($file = readdir($handle))) {
2918 if ($file == '.' || $file == '..') {
2919 continue;
2920 }
2921 $OK = self::rmdir($path . '/' . $file, $removeNonEmpty);
2922 }
2923 closedir($handle);
2924 }
2925 if ($OK) {
2926 $OK = @rmdir($path);
2927 }
2928 } elseif (is_link($path) && is_dir($path) && TYPO3_OS === 'WIN') {
2929 $OK = @rmdir($path