[FOLLOWUP][BUGFIX] Use mb_* methods directly instead of CharsetConverter
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Classes / Utility / GeneralUtility.php
1 <?php
2 namespace TYPO3\CMS\Core\Utility;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use GuzzleHttp\Exception\RequestException;
18 use TYPO3\CMS\Core\Core\ApplicationContext;
19 use TYPO3\CMS\Core\Core\ClassLoadingInformation;
20 use TYPO3\CMS\Core\Crypto\Random;
21 use TYPO3\CMS\Core\Database\ConnectionPool;
22 use TYPO3\CMS\Core\Http\RequestFactory;
23 use TYPO3\CMS\Core\Service\OpcodeCacheService;
24 use TYPO3\CMS\Core\SingletonInterface;
25 use TYPO3Fluid\Fluid\Core\Rendering\RenderingContextInterface;
26
27 /**
28 * The legendary "t3lib_div" class - Miscellaneous functions for general purpose.
29 * Most of the functions do not relate specifically to TYPO3
30 * However a section of functions requires certain TYPO3 features available
31 * See comments in the source.
32 * You are encouraged to use this library in your own scripts!
33 *
34 * USE:
35 * The class is intended to be used without creating an instance of it.
36 * So: Don't instantiate - call functions with "\TYPO3\CMS\Core\Utility\GeneralUtility::" prefixed the function name.
37 * So use \TYPO3\CMS\Core\Utility\GeneralUtility::[method-name] to refer to the functions, eg. '\TYPO3\CMS\Core\Utility\GeneralUtility::milliseconds()'
38 */
39 class GeneralUtility
40 {
41 // Severity constants used by \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog()
42 const SYSLOG_SEVERITY_INFO = 0;
43 const SYSLOG_SEVERITY_NOTICE = 1;
44 const SYSLOG_SEVERITY_WARNING = 2;
45 const SYSLOG_SEVERITY_ERROR = 3;
46 const SYSLOG_SEVERITY_FATAL = 4;
47
48 const ENV_TRUSTED_HOSTS_PATTERN_ALLOW_ALL = '.*';
49 const ENV_TRUSTED_HOSTS_PATTERN_SERVER_NAME = 'SERVER_NAME';
50
51 /**
52 * State of host header value security check
53 * in order to avoid unnecessary multiple checks during one request
54 *
55 * @var bool
56 */
57 protected static $allowHostHeaderValue = false;
58
59 /**
60 * Singleton instances returned by makeInstance, using the class names as
61 * array keys
62 *
63 * @var array<\TYPO3\CMS\Core\SingletonInterface>
64 */
65 protected static $singletonInstances = [];
66
67 /**
68 * Instances returned by makeInstance, using the class names as array keys
69 *
70 * @var array<array><object>
71 */
72 protected static $nonSingletonInstances = [];
73
74 /**
75 * Cache for makeInstance with given class name and final class names to reduce number of self::getClassName() calls
76 *
77 * @var array Given class name => final class name
78 */
79 protected static $finalClassNameCache = [];
80
81 /**
82 * The application context
83 *
84 * @var \TYPO3\CMS\Core\Core\ApplicationContext
85 */
86 protected static $applicationContext = null;
87
88 /**
89 * IDNA string cache
90 *
91 * @var array<string>
92 */
93 protected static $idnaStringCache = [];
94
95 /**
96 * IDNA converter
97 *
98 * @var \Mso\IdnaConvert\IdnaConvert
99 */
100 protected static $idnaConverter = null;
101
102 /**
103 * A list of supported CGI server APIs
104 * NOTICE: This is a duplicate of the SAME array in SystemEnvironmentBuilder
105 * @var array
106 */
107 protected static $supportedCgiServerApis = [
108 'fpm-fcgi',
109 'cgi',
110 'isapi',
111 'cgi-fcgi',
112 'srv', // HHVM with fastcgi
113 ];
114
115 /**
116 * @var array
117 */
118 protected static $indpEnvCache = [];
119
120 /*************************
121 *
122 * GET/POST Variables
123 *
124 * Background:
125 * Input GET/POST variables in PHP may have their quotes escaped with "\" or not depending on configuration.
126 * TYPO3 has always converted quotes to BE escaped if the configuration told that they would not be so.
127 * But the clean solution is that quotes are never escaped and that is what the functions below offers.
128 * Eventually TYPO3 should provide this in the global space as well.
129 * In the transitional phase (or forever..?) we need to encourage EVERY to read and write GET/POST vars through the API functions below.
130 * This functionality was previously needed to normalize between magic quotes logic, which was removed from PHP 5.4,
131 * so these methods are still in use, but not tackle the slash problem anymore.
132 *
133 *************************/
134 /**
135 * Returns the 'GLOBAL' value of incoming data from POST or GET, with priority to POST (that is equalent to 'GP' order)
136 * To enhance security in your scripts, please consider using GeneralUtility::_GET or GeneralUtility::_POST if you already
137 * know by which method your data is arriving to the scripts!
138 *
139 * @param string $var GET/POST var to return
140 * @return mixed POST var named $var and if not set, the GET var of the same name.
141 */
142 public static function _GP($var)
143 {
144 if (empty($var)) {
145 return;
146 }
147 if (isset($_POST[$var])) {
148 $value = $_POST[$var];
149 } elseif (isset($_GET[$var])) {
150 $value = $_GET[$var];
151 } else {
152 $value = null;
153 }
154 // This is there for backwards-compatibility, in order to avoid NULL
155 if (isset($value) && !is_array($value)) {
156 $value = (string)$value;
157 }
158 return $value;
159 }
160
161 /**
162 * Returns the global arrays $_GET and $_POST merged with $_POST taking precedence.
163 *
164 * @param string $parameter Key (variable name) from GET or POST vars
165 * @return array Returns the GET vars merged recursively onto the POST vars.
166 */
167 public static function _GPmerged($parameter)
168 {
169 $postParameter = isset($_POST[$parameter]) && is_array($_POST[$parameter]) ? $_POST[$parameter] : [];
170 $getParameter = isset($_GET[$parameter]) && is_array($_GET[$parameter]) ? $_GET[$parameter] : [];
171 $mergedParameters = $getParameter;
172 ArrayUtility::mergeRecursiveWithOverrule($mergedParameters, $postParameter);
173 return $mergedParameters;
174 }
175
176 /**
177 * Returns the global $_GET array (or value from) normalized to contain un-escaped values.
178 * ALWAYS use this API function to acquire the GET variables!
179 * This function was previously used to normalize between magic quotes logic, which was removed from PHP 5.5
180 *
181 * @param string $var Optional pointer to value in GET array (basically name of GET var)
182 * @return mixed If $var is set it returns the value of $_GET[$var]. If $var is NULL (default), returns $_GET itself. In any case *slashes are stipped from the output!*
183 * @see _POST(), _GP(), _GETset()
184 */
185 public static function _GET($var = null)
186 {
187 $value = $var === null ? $_GET : (empty($var) ? null : $_GET[$var]);
188 // This is there for backwards-compatibility, in order to avoid NULL
189 if (isset($value) && !is_array($value)) {
190 $value = (string)$value;
191 }
192 return $value;
193 }
194
195 /**
196 * Returns the global $_POST array (or value from) normalized to contain un-escaped values.
197 * ALWAYS use this API function to acquire the $_POST variables!
198 *
199 * @param string $var Optional pointer to value in POST array (basically name of POST var)
200 * @return mixed If $var is set it returns the value of $_POST[$var]. If $var is NULL (default), returns $_POST itself. In any case *slashes are stipped from the output!*
201 * @see _GET(), _GP()
202 */
203 public static function _POST($var = null)
204 {
205 $value = $var === null ? $_POST : (empty($var) ? null : $_POST[$var]);
206 // This is there for backwards-compatibility, in order to avoid NULL
207 if (isset($value) && !is_array($value)) {
208 $value = (string)$value;
209 }
210 return $value;
211 }
212
213 /**
214 * Writes input value to $_GET.
215 *
216 * @param mixed $inputGet
217 * @param string $key
218 */
219 public static function _GETset($inputGet, $key = '')
220 {
221 if ($key != '') {
222 if (strpos($key, '|') !== false) {
223 $pieces = explode('|', $key);
224 $newGet = [];
225 $pointer = &$newGet;
226 foreach ($pieces as $piece) {
227 $pointer = &$pointer[$piece];
228 }
229 $pointer = $inputGet;
230 $mergedGet = $_GET;
231 ArrayUtility::mergeRecursiveWithOverrule($mergedGet, $newGet);
232 $_GET = $mergedGet;
233 $GLOBALS['HTTP_GET_VARS'] = $mergedGet;
234 } else {
235 $_GET[$key] = $inputGet;
236 $GLOBALS['HTTP_GET_VARS'][$key] = $inputGet;
237 }
238 } elseif (is_array($inputGet)) {
239 $_GET = $inputGet;
240 $GLOBALS['HTTP_GET_VARS'] = $inputGet;
241 }
242 }
243
244 /**
245 * Wrapper for the RemoveXSS function.
246 * Removes potential XSS code from an input string.
247 *
248 * Using an external class by Travis Puderbaugh <kallahar@quickwired.com>
249 *
250 * @param string $string Input string
251 * @return string Input string with potential XSS code removed
252 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9
253 */
254 public static function removeXSS($string)
255 {
256 static::logDeprecatedFunction();
257 return \RemoveXSS::process($string);
258 }
259
260 /*************************
261 *
262 * IMAGE FUNCTIONS
263 *
264 *************************/
265
266 /*************************
267 *
268 * STRING FUNCTIONS
269 *
270 *************************/
271 /**
272 * Truncates a string with appended/prepended "..." and takes current character set into consideration.
273 *
274 * @param string $string String to truncate
275 * @param int $chars Must be an integer with an absolute value of at least 4. if negative the string is cropped from the right end.
276 * @param string $appendString Appendix to the truncated string
277 * @return string Cropped string
278 */
279 public static function fixed_lgd_cs($string, $chars, $appendString = '...')
280 {
281 if ((int)$chars === 0 || mb_strlen($string, 'utf-8') <= abs($chars)) {
282 return $string;
283 }
284 if ($chars > 0) {
285 $string = mb_substr($string, 0, $chars, 'utf-8') . $appendString;
286 } else {
287 $string = $appendString . mb_substr($string, $chars, mb_strlen($string, 'utf-8'), 'utf-8');
288 }
289 return $string;
290 }
291
292 /**
293 * Match IP number with list of numbers with wildcard
294 * Dispatcher method for switching into specialised IPv4 and IPv6 methods.
295 *
296 * @param string $baseIP Is the current remote IP address for instance, typ. REMOTE_ADDR
297 * @param string $list Is a comma-list of IP-addresses to match with. *-wildcard allowed instead of number, plus leaving out parts in the IP number is accepted as wildcard (eg. 192.168.*.* equals 192.168). If list is "*" no check is done and the function returns TRUE immediately. An empty list always returns FALSE.
298 * @return bool TRUE if an IP-mask from $list matches $baseIP
299 */
300 public static function cmpIP($baseIP, $list)
301 {
302 $list = trim($list);
303 if ($list === '') {
304 return false;
305 } elseif ($list === '*') {
306 return true;
307 }
308 if (strpos($baseIP, ':') !== false && self::validIPv6($baseIP)) {
309 return self::cmpIPv6($baseIP, $list);
310 } else {
311 return self::cmpIPv4($baseIP, $list);
312 }
313 }
314
315 /**
316 * Match IPv4 number with list of numbers with wildcard
317 *
318 * @param string $baseIP Is the current remote IP address for instance, typ. REMOTE_ADDR
319 * @param string $list Is a comma-list of IP-addresses to match with. *-wildcard allowed instead of number, plus leaving out parts in the IP number is accepted as wildcard (eg. 192.168.*.* equals 192.168), could also contain IPv6 addresses
320 * @return bool TRUE if an IP-mask from $list matches $baseIP
321 */
322 public static function cmpIPv4($baseIP, $list)
323 {
324 $IPpartsReq = explode('.', $baseIP);
325 if (count($IPpartsReq) === 4) {
326 $values = self::trimExplode(',', $list, true);
327 foreach ($values as $test) {
328 $testList = explode('/', $test);
329 if (count($testList) === 2) {
330 list($test, $mask) = $testList;
331 } else {
332 $mask = false;
333 }
334 if ((int)$mask) {
335 // "192.168.3.0/24"
336 $lnet = ip2long($test);
337 $lip = ip2long($baseIP);
338 $binnet = str_pad(decbin($lnet), 32, '0', STR_PAD_LEFT);
339 $firstpart = substr($binnet, 0, $mask);
340 $binip = str_pad(decbin($lip), 32, '0', STR_PAD_LEFT);
341 $firstip = substr($binip, 0, $mask);
342 $yes = $firstpart === $firstip;
343 } else {
344 // "192.168.*.*"
345 $IPparts = explode('.', $test);
346 $yes = 1;
347 foreach ($IPparts as $index => $val) {
348 $val = trim($val);
349 if ($val !== '*' && $IPpartsReq[$index] !== $val) {
350 $yes = 0;
351 }
352 }
353 }
354 if ($yes) {
355 return true;
356 }
357 }
358 }
359 return false;
360 }
361
362 /**
363 * Match IPv6 address with a list of IPv6 prefixes
364 *
365 * @param string $baseIP Is the current remote IP address for instance
366 * @param string $list Is a comma-list of IPv6 prefixes, could also contain IPv4 addresses
367 * @return bool TRUE If an baseIP matches any prefix
368 */
369 public static function cmpIPv6($baseIP, $list)
370 {
371 // Policy default: Deny connection
372 $success = false;
373 $baseIP = self::normalizeIPv6($baseIP);
374 $values = self::trimExplode(',', $list, true);
375 foreach ($values as $test) {
376 $testList = explode('/', $test);
377 if (count($testList) === 2) {
378 list($test, $mask) = $testList;
379 } else {
380 $mask = false;
381 }
382 if (self::validIPv6($test)) {
383 $test = self::normalizeIPv6($test);
384 $maskInt = (int)$mask ?: 128;
385 // Special case; /0 is an allowed mask - equals a wildcard
386 if ($mask === '0') {
387 $success = true;
388 } elseif ($maskInt == 128) {
389 $success = $test === $baseIP;
390 } else {
391 $testBin = self::IPv6Hex2Bin($test);
392 $baseIPBin = self::IPv6Hex2Bin($baseIP);
393 $success = true;
394 // Modulo is 0 if this is a 8-bit-boundary
395 $maskIntModulo = $maskInt % 8;
396 $numFullCharactersUntilBoundary = (int)($maskInt / 8);
397 if (substr($testBin, 0, $numFullCharactersUntilBoundary) !== substr($baseIPBin, 0, $numFullCharactersUntilBoundary)) {
398 $success = false;
399 } elseif ($maskIntModulo > 0) {
400 // If not an 8-bit-boundary, check bits of last character
401 $testLastBits = str_pad(decbin(ord(substr($testBin, $numFullCharactersUntilBoundary, 1))), 8, '0', STR_PAD_LEFT);
402 $baseIPLastBits = str_pad(decbin(ord(substr($baseIPBin, $numFullCharactersUntilBoundary, 1))), 8, '0', STR_PAD_LEFT);
403 if (strncmp($testLastBits, $baseIPLastBits, $maskIntModulo) != 0) {
404 $success = false;
405 }
406 }
407 }
408 }
409 if ($success) {
410 return true;
411 }
412 }
413 return false;
414 }
415
416 /**
417 * Transform a regular IPv6 address from hex-representation into binary
418 *
419 * @param string $hex IPv6 address in hex-presentation
420 * @return string Binary representation (16 characters, 128 characters)
421 * @see IPv6Bin2Hex()
422 */
423 public static function IPv6Hex2Bin($hex)
424 {
425 return inet_pton($hex);
426 }
427
428 /**
429 * Transform an IPv6 address from binary to hex-representation
430 *
431 * @param string $bin IPv6 address in hex-presentation
432 * @return string Binary representation (16 characters, 128 characters)
433 * @see IPv6Hex2Bin()
434 */
435 public static function IPv6Bin2Hex($bin)
436 {
437 return inet_ntop($bin);
438 }
439
440 /**
441 * Normalize an IPv6 address to full length
442 *
443 * @param string $address Given IPv6 address
444 * @return string Normalized address
445 * @see compressIPv6()
446 */
447 public static function normalizeIPv6($address)
448 {
449 $normalizedAddress = '';
450 $stageOneAddress = '';
451 // According to RFC lowercase-representation is recommended
452 $address = strtolower($address);
453 // Normalized representation has 39 characters (0000:0000:0000:0000:0000:0000:0000:0000)
454 if (strlen($address) === 39) {
455 // Already in full expanded form
456 return $address;
457 }
458 // Count 2 if if address has hidden zero blocks
459 $chunks = explode('::', $address);
460 if (count($chunks) === 2) {
461 $chunksLeft = explode(':', $chunks[0]);
462 $chunksRight = explode(':', $chunks[1]);
463 $left = count($chunksLeft);
464 $right = count($chunksRight);
465 // Special case: leading zero-only blocks count to 1, should be 0
466 if ($left === 1 && strlen($chunksLeft[0]) === 0) {
467 $left = 0;
468 }
469 $hiddenBlocks = 8 - ($left + $right);
470 $hiddenPart = '';
471 $h = 0;
472 while ($h < $hiddenBlocks) {
473 $hiddenPart .= '0000:';
474 $h++;
475 }
476 if ($left === 0) {
477 $stageOneAddress = $hiddenPart . $chunks[1];
478 } else {
479 $stageOneAddress = $chunks[0] . ':' . $hiddenPart . $chunks[1];
480 }
481 } else {
482 $stageOneAddress = $address;
483 }
484 // Normalize the blocks:
485 $blocks = explode(':', $stageOneAddress);
486 $divCounter = 0;
487 foreach ($blocks as $block) {
488 $tmpBlock = '';
489 $i = 0;
490 $hiddenZeros = 4 - strlen($block);
491 while ($i < $hiddenZeros) {
492 $tmpBlock .= '0';
493 $i++;
494 }
495 $normalizedAddress .= $tmpBlock . $block;
496 if ($divCounter < 7) {
497 $normalizedAddress .= ':';
498 $divCounter++;
499 }
500 }
501 return $normalizedAddress;
502 }
503
504 /**
505 * Compress an IPv6 address to the shortest notation
506 *
507 * @param string $address Given IPv6 address
508 * @return string Compressed address
509 * @see normalizeIPv6()
510 */
511 public static function compressIPv6($address)
512 {
513 return inet_ntop(inet_pton($address));
514 }
515
516 /**
517 * Validate a given IP address.
518 *
519 * Possible format are IPv4 and IPv6.
520 *
521 * @param string $ip IP address to be tested
522 * @return bool TRUE if $ip is either of IPv4 or IPv6 format.
523 */
524 public static function validIP($ip)
525 {
526 return filter_var($ip, FILTER_VALIDATE_IP) !== false;
527 }
528
529 /**
530 * Validate a given IP address to the IPv4 address format.
531 *
532 * Example for possible format: 10.0.45.99
533 *
534 * @param string $ip IP address to be tested
535 * @return bool TRUE if $ip is of IPv4 format.
536 */
537 public static function validIPv4($ip)
538 {
539 return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false;
540 }
541
542 /**
543 * Validate a given IP address to the IPv6 address format.
544 *
545 * Example for possible format: 43FB::BB3F:A0A0:0 | ::1
546 *
547 * @param string $ip IP address to be tested
548 * @return bool TRUE if $ip is of IPv6 format.
549 */
550 public static function validIPv6($ip)
551 {
552 return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== false;
553 }
554
555 /**
556 * Match fully qualified domain name with list of strings with wildcard
557 *
558 * @param string $baseHost A hostname or an IPv4/IPv6-address (will by reverse-resolved; typically REMOTE_ADDR)
559 * @param string $list A comma-list of domain names to match with. *-wildcard allowed but cannot be part of a string, so it must match the full host name (eg. myhost.*.com => correct, myhost.*domain.com => wrong)
560 * @return bool TRUE if a domain name mask from $list matches $baseIP
561 */
562 public static function cmpFQDN($baseHost, $list)
563 {
564 $baseHost = trim($baseHost);
565 if (empty($baseHost)) {
566 return false;
567 }
568 if (self::validIPv4($baseHost) || self::validIPv6($baseHost)) {
569 // Resolve hostname
570 // Note: this is reverse-lookup and can be randomly set as soon as somebody is able to set
571 // the reverse-DNS for his IP (security when for example used with REMOTE_ADDR)
572 $baseHostName = gethostbyaddr($baseHost);
573 if ($baseHostName === $baseHost) {
574 // Unable to resolve hostname
575 return false;
576 }
577 } else {
578 $baseHostName = $baseHost;
579 }
580 $baseHostNameParts = explode('.', $baseHostName);
581 $values = self::trimExplode(',', $list, true);
582 foreach ($values as $test) {
583 $hostNameParts = explode('.', $test);
584 // To match hostNameParts can only be shorter (in case of wildcards) or equal
585 $hostNamePartsCount = count($hostNameParts);
586 $baseHostNamePartsCount = count($baseHostNameParts);
587 if ($hostNamePartsCount > $baseHostNamePartsCount) {
588 continue;
589 }
590 $yes = true;
591 foreach ($hostNameParts as $index => $val) {
592 $val = trim($val);
593 if ($val === '*') {
594 // Wildcard valid for one or more hostname-parts
595 $wildcardStart = $index + 1;
596 // Wildcard as last/only part always matches, otherwise perform recursive checks
597 if ($wildcardStart < $hostNamePartsCount) {
598 $wildcardMatched = false;
599 $tempHostName = implode('.', array_slice($hostNameParts, $index + 1));
600 while ($wildcardStart < $baseHostNamePartsCount && !$wildcardMatched) {
601 $tempBaseHostName = implode('.', array_slice($baseHostNameParts, $wildcardStart));
602 $wildcardMatched = self::cmpFQDN($tempBaseHostName, $tempHostName);
603 $wildcardStart++;
604 }
605 if ($wildcardMatched) {
606 // Match found by recursive compare
607 return true;
608 } else {
609 $yes = false;
610 }
611 }
612 } elseif ($baseHostNameParts[$index] !== $val) {
613 // In case of no match
614 $yes = false;
615 }
616 }
617 if ($yes) {
618 return true;
619 }
620 }
621 return false;
622 }
623
624 /**
625 * Checks if a given URL matches the host that currently handles this HTTP request.
626 * Scheme, hostname and (optional) port of the given URL are compared.
627 *
628 * @param string $url URL to compare with the TYPO3 request host
629 * @return bool Whether the URL matches the TYPO3 request host
630 */
631 public static function isOnCurrentHost($url)
632 {
633 return stripos($url . '/', self::getIndpEnv('TYPO3_REQUEST_HOST') . '/') === 0;
634 }
635
636 /**
637 * Check for item in list
638 * Check if an item exists in a comma-separated list of items.
639 *
640 * @param string $list Comma-separated list of items (string)
641 * @param string $item Item to check for
642 * @return bool TRUE if $item is in $list
643 */
644 public static function inList($list, $item)
645 {
646 return strpos(',' . $list . ',', ',' . $item . ',') !== false;
647 }
648
649 /**
650 * Removes an item from a comma-separated list of items.
651 *
652 * If $element contains a comma, the behaviour of this method is undefined.
653 * Empty elements in the list are preserved.
654 *
655 * @param string $element Element to remove
656 * @param string $list Comma-separated list of items (string)
657 * @return string New comma-separated list of items
658 */
659 public static function rmFromList($element, $list)
660 {
661 $items = explode(',', $list);
662 foreach ($items as $k => $v) {
663 if ($v == $element) {
664 unset($items[$k]);
665 }
666 }
667 return implode(',', $items);
668 }
669
670 /**
671 * Expand a comma-separated list of integers with ranges (eg 1,3-5,7 becomes 1,3,4,5,7).
672 * Ranges are limited to 1000 values per range.
673 *
674 * @param string $list Comma-separated list of integers with ranges (string)
675 * @return string New comma-separated list of items
676 */
677 public static function expandList($list)
678 {
679 $items = explode(',', $list);
680 $list = [];
681 foreach ($items as $item) {
682 $range = explode('-', $item);
683 if (isset($range[1])) {
684 $runAwayBrake = 1000;
685 for ($n = $range[0]; $n <= $range[1]; $n++) {
686 $list[] = $n;
687 $runAwayBrake--;
688 if ($runAwayBrake <= 0) {
689 break;
690 }
691 }
692 } else {
693 $list[] = $item;
694 }
695 }
696 return implode(',', $list);
697 }
698
699 /**
700 * Returns TRUE if the current TYPO3 version (or compatibility version) is compatible to the input version
701 * Notice that this function compares branches, not versions (4.0.1 would be > 4.0.0 although they use the same compat_version)
702 *
703 * @param string $verNumberStr Minimum branch number required (format x.y / e.g. "4.0" NOT "4.0.0"!)
704 * @return bool Returns TRUE if this setup is compatible with the provided version number
705 * @todo Still needs a function to convert versions to branches
706 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9
707 */
708 public static function compat_version($verNumberStr)
709 {
710 static::logDeprecatedFunction();
711 return VersionNumberUtility::convertVersionNumberToInteger(TYPO3_branch) >= VersionNumberUtility::convertVersionNumberToInteger($verNumberStr);
712 }
713
714 /**
715 * Makes a positive integer hash out of the first 7 chars from the md5 hash of the input
716 *
717 * @param string $str String to md5-hash
718 * @return int Returns 28bit integer-hash
719 */
720 public static function md5int($str)
721 {
722 return hexdec(substr(md5($str), 0, 7));
723 }
724
725 /**
726 * Returns the first 10 positions of the MD5-hash (changed from 6 to 10 recently)
727 *
728 * @param string $input Input string to be md5-hashed
729 * @param int $len The string-length of the output
730 * @return string Substring of the resulting md5-hash, being $len chars long (from beginning)
731 */
732 public static function shortMD5($input, $len = 10)
733 {
734 return substr(md5($input), 0, $len);
735 }
736
737 /**
738 * Returns a proper HMAC on a given input string and secret TYPO3 encryption key.
739 *
740 * @param string $input Input string to create HMAC from
741 * @param string $additionalSecret additionalSecret to prevent hmac being used in a different context
742 * @return string resulting (hexadecimal) HMAC currently with a length of 40 (HMAC-SHA-1)
743 */
744 public static function hmac($input, $additionalSecret = '')
745 {
746 $hashAlgorithm = 'sha1';
747 $hashBlocksize = 64;
748 $hmac = '';
749 $secret = $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] . $additionalSecret;
750 if (extension_loaded('hash') && function_exists('hash_hmac') && function_exists('hash_algos') && in_array($hashAlgorithm, hash_algos())) {
751 $hmac = hash_hmac($hashAlgorithm, $input, $secret);
752 } else {
753 // Outer padding
754 $opad = str_repeat(chr(92), $hashBlocksize);
755 // Inner padding
756 $ipad = str_repeat(chr(54), $hashBlocksize);
757 if (strlen($secret) > $hashBlocksize) {
758 // Keys longer than block size are shorten
759 $key = str_pad(pack('H*', call_user_func($hashAlgorithm, $secret)), $hashBlocksize, chr(0));
760 } else {
761 // Keys shorter than block size are zero-padded
762 $key = str_pad($secret, $hashBlocksize, chr(0));
763 }
764 $hmac = call_user_func($hashAlgorithm, ($key ^ $opad) . pack('H*', call_user_func($hashAlgorithm, (($key ^ $ipad) . $input))));
765 }
766 return $hmac;
767 }
768
769 /**
770 * Takes comma-separated lists and arrays and removes all duplicates
771 * If a value in the list is trim(empty), the value is ignored.
772 *
773 * @param string $in_list Accept multiple parameters which can be comma-separated lists of values and arrays.
774 * @param mixed $secondParameter Dummy field, which if set will show a warning!
775 * @return string Returns the list without any duplicates of values, space around values are trimmed
776 */
777 public static function uniqueList($in_list, $secondParameter = null)
778 {
779 if (is_array($in_list)) {
780 throw new \InvalidArgumentException('TYPO3 Fatal Error: TYPO3\\CMS\\Core\\Utility\\GeneralUtility::uniqueList() does NOT support array arguments anymore! Only string comma lists!', 1270853885);
781 }
782 if (isset($secondParameter)) {
783 throw new \InvalidArgumentException('TYPO3 Fatal Error: TYPO3\\CMS\\Core\\Utility\\GeneralUtility::uniqueList() does NOT support more than a single argument value anymore. You have specified more than one!', 1270853886);
784 }
785 return implode(',', array_unique(self::trimExplode(',', $in_list, true)));
786 }
787
788 /**
789 * Splits a reference to a file in 5 parts
790 *
791 * @param string $fileNameWithPath File name with path to be analysed (must exist if open_basedir is set)
792 * @return array Contains keys [path], [file], [filebody], [fileext], [realFileext]
793 */
794 public static function split_fileref($fileNameWithPath)
795 {
796 $reg = [];
797 if (preg_match('/(.*\\/)(.*)$/', $fileNameWithPath, $reg)) {
798 $info['path'] = $reg[1];
799 $info['file'] = $reg[2];
800 } else {
801 $info['path'] = '';
802 $info['file'] = $fileNameWithPath;
803 }
804 $reg = '';
805 // If open_basedir is set and the fileName was supplied without a path the is_dir check fails
806 if (!is_dir($fileNameWithPath) && preg_match('/(.*)\\.([^\\.]*$)/', $info['file'], $reg)) {
807 $info['filebody'] = $reg[1];
808 $info['fileext'] = strtolower($reg[2]);
809 $info['realFileext'] = $reg[2];
810 } else {
811 $info['filebody'] = $info['file'];
812 $info['fileext'] = '';
813 }
814 reset($info);
815 return $info;
816 }
817
818 /**
819 * Returns the directory part of a path without trailing slash
820 * If there is no dir-part, then an empty string is returned.
821 * Behaviour:
822 *
823 * '/dir1/dir2/script.php' => '/dir1/dir2'
824 * '/dir1/' => '/dir1'
825 * 'dir1/script.php' => 'dir1'
826 * 'd/script.php' => 'd'
827 * '/script.php' => ''
828 * '' => ''
829 *
830 * @param string $path Directory name / path
831 * @return string Processed input value. See function description.
832 */
833 public static function dirname($path)
834 {
835 $p = self::revExplode('/', $path, 2);
836 return count($p) === 2 ? $p[0] : '';
837 }
838
839 /**
840 * Returns TRUE if the first part of $str matches the string $partStr
841 *
842 * @param string $str Full string to check
843 * @param string $partStr Reference string which must be found as the "first part" of the full string
844 * @return bool TRUE if $partStr was found to be equal to the first part of $str
845 */
846 public static function isFirstPartOfStr($str, $partStr)
847 {
848 return $partStr != '' && strpos((string)$str, (string)$partStr, 0) === 0;
849 }
850
851 /**
852 * Formats the input integer $sizeInBytes as bytes/kilobytes/megabytes (-/K/M)
853 *
854 * @param int $sizeInBytes Number of bytes to format.
855 * @param string $labels Binary unit name "iec", decimal unit name "si" or labels for bytes, kilo, mega, giga, and so on separated by vertical bar (|) and possibly encapsulated in "". Eg: " | K| M| G". Defaults to "iec".
856 * @param int $base The unit base if not using a unit name. Defaults to 1024.
857 * @return string Formatted representation of the byte number, for output.
858 */
859 public static function formatSize($sizeInBytes, $labels = '', $base = 0)
860 {
861 $defaultFormats = [
862 'iec' => ['base' => 1024, 'labels' => [' ', ' Ki', ' Mi', ' Gi', ' Ti', ' Pi', ' Ei', ' Zi', ' Yi']],
863 'si' => ['base' => 1000, 'labels' => [' ', ' k', ' M', ' G', ' T', ' P', ' E', ' Z', ' Y']],
864 ];
865 // Set labels and base:
866 if (empty($labels)) {
867 $labels = 'iec';
868 }
869 if (isset($defaultFormats[$labels])) {
870 $base = $defaultFormats[$labels]['base'];
871 $labelArr = $defaultFormats[$labels]['labels'];
872 } else {
873 $base = (int)$base;
874 if ($base !== 1000 && $base !== 1024) {
875 $base = 1024;
876 }
877 $labelArr = explode('|', str_replace('"', '', $labels));
878 }
879 // @todo find out which locale is used for current BE user to cover the BE case as well
880 $oldLocale = setlocale(LC_NUMERIC, 0);
881 $newLocale = isset($GLOBALS['TSFE']) ? $GLOBALS['TSFE']->config['config']['locale_all'] : '';
882 if ($newLocale) {
883 setlocale(LC_NUMERIC, $newLocale);
884 }
885 $localeInfo = localeconv();
886 if ($newLocale) {
887 setlocale(LC_NUMERIC, $oldLocale);
888 }
889 $sizeInBytes = max($sizeInBytes, 0);
890 $multiplier = floor(($sizeInBytes ? log($sizeInBytes) : 0) / log($base));
891 $sizeInUnits = $sizeInBytes / pow($base, $multiplier);
892 if ($sizeInUnits > ($base * .9)) {
893 $multiplier++;
894 }
895 $multiplier = min($multiplier, count($labelArr) - 1);
896 $sizeInUnits = $sizeInBytes / pow($base, $multiplier);
897 return number_format($sizeInUnits, (($multiplier > 0) && ($sizeInUnits < 20)) ? 2 : 0, $localeInfo['decimal_point'], '') . $labelArr[$multiplier];
898 }
899
900 /**
901 * Returns microtime input to milliseconds
902 *
903 * @param string $microtime Microtime
904 * @return int Microtime input string converted to an integer (milliseconds)
905 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9
906 */
907 public static function convertMicrotime($microtime)
908 {
909 static::logDeprecatedFunction();
910 $parts = explode(' ', $microtime);
911 return round(($parts[0] + $parts[1]) * 1000);
912 }
913
914 /**
915 * This splits a string by the chars in $operators (typical /+-*) and returns an array with them in
916 *
917 * @param string $string Input string, eg "123 + 456 / 789 - 4
918 * @param string $operators Operators to split by, typically "/+-*
919 * @return array Array with operators and operands separated.
920 * @see \TYPO3\CMS\Frontend\ContentObject\ContentObjectRenderer::calc(), \TYPO3\CMS\Frontend\Imaging\GifBuilder::calcOffset()
921 */
922 public static function splitCalc($string, $operators)
923 {
924 $res = [];
925 $sign = '+';
926 while ($string) {
927 $valueLen = strcspn($string, $operators);
928 $value = substr($string, 0, $valueLen);
929 $res[] = [$sign, trim($value)];
930 $sign = substr($string, $valueLen, 1);
931 $string = substr($string, $valueLen + 1);
932 }
933 reset($res);
934 return $res;
935 }
936
937 /**
938 * Re-converts HTML entities if they have been converted by htmlspecialchars()
939 * Note: Use htmlspecialchars($str, ENT_COMPAT, 'UTF-8', FALSE) to avoid double encoding.
940 * This makes the call to this method obsolete.
941 *
942 * @param string $str String which contains eg. "&amp;amp;" which should stay "&amp;". Or "&amp;#1234;" to "&#1234;". Or "&amp;#x1b;" to "&#x1b;
943 * @return string Converted result.
944 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9
945 */
946 public static function deHSCentities($str)
947 {
948 static::logDeprecatedFunction();
949 return preg_replace('/&amp;([#[:alnum:]]*;)/', '&\\1', $str);
950 }
951
952 /**
953 * This function is used to escape any ' -characters when transferring text to JavaScript!
954 *
955 * @param string $string String to escape
956 * @param bool $extended If set, also backslashes are escaped.
957 * @param string $char The character to escape, default is ' (single-quote)
958 * @return string Processed input string
959 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9
960 */
961 public static function slashJS($string, $extended = false, $char = '\'')
962 {
963 static::logDeprecatedFunction();
964 if ($extended) {
965 $string = str_replace('\\', '\\\\', $string);
966 }
967 return str_replace($char, '\\' . $char, $string);
968 }
969
970 /**
971 * Version of rawurlencode() where all spaces (%20) are re-converted to space-characters.
972 * Useful when passing text to JavaScript where you simply url-encode it to get around problems with syntax-errors, linebreaks etc.
973 *
974 * @param string $str String to raw-url-encode with spaces preserved
975 * @return string Rawurlencoded result of input string, but with all %20 (space chars) converted to real spaces.
976 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9, implement directly via PHP instead
977 */
978 public static function rawUrlEncodeJS($str)
979 {
980 static::logDeprecatedFunction();
981 return str_replace('%20', ' ', rawurlencode($str));
982 }
983
984 /**
985 * rawurlencode which preserves "/" chars
986 * Useful when file paths should keep the "/" chars, but have all other special chars encoded.
987 *
988 * @param string $str Input string
989 * @return string Output string
990 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9, use the PHP methods directly instead
991 */
992 public static function rawUrlEncodeFP($str)
993 {
994 static::logDeprecatedFunction();
995 return str_replace('%2F', '/', rawurlencode($str));
996 }
997
998 /**
999 * Checking syntax of input email address
1000 *
1001 * http://tools.ietf.org/html/rfc3696
1002 * International characters are allowed in email. So the whole address needs
1003 * to be converted to punicode before passing it to filter_var(). We convert
1004 * the user- and domain part separately to increase the chance of hitting an
1005 * entry in self::$idnaStringCache.
1006 *
1007 * Also the @ sign may appear multiple times in an address. If not used as
1008 * a boundary marker between the user- and domain part, it must be escaped
1009 * with a backslash: \@. This mean we can not just explode on the @ sign and
1010 * expect to get just two parts. So we pop off the domain and then glue the
1011 * rest together again.
1012 *
1013 * @param string $email Input string to evaluate
1014 * @return bool Returns TRUE if the $email address (input string) is valid
1015 */
1016 public static function validEmail($email)
1017 {
1018 // Early return in case input is not a string
1019 if (!is_string($email)) {
1020 return false;
1021 }
1022 $atPosition = strrpos($email, '@');
1023 if (!$atPosition || $atPosition + 1 === strlen($email)) {
1024 // Return if no @ found or it is placed at the very beginning or end of the email
1025 return false;
1026 }
1027 $domain = substr($email, $atPosition + 1);
1028 $user = substr($email, 0, $atPosition);
1029 if (!preg_match('/^[a-z0-9.\\-]*$/i', $domain)) {
1030 $domain = self::idnaEncode($domain);
1031 }
1032 return filter_var($user . '@' . $domain, FILTER_VALIDATE_EMAIL) !== false;
1033 }
1034
1035 /**
1036 * Converts string to uppercase
1037 * The function converts all Latin characters (a-z, but no accents, etc) to
1038 * uppercase. It is safe for all supported character sets (incl. utf-8).
1039 * Unlike strtoupper() it does not honour the locale.
1040 *
1041 * @param string $str Input string
1042 * @return string Uppercase String
1043 * @deprecated since TYPO3 CMS v8, this method will be removed in TYPO3 CMS v9, use mb_strtoupper() instead
1044 */
1045 public static function strtoupper($str)
1046 {
1047 self::logDeprecatedFunction();
1048 return strtr((string)$str, 'abcdefghijklmnopqrstuvwxyz', 'ABCDEFGHIJKLMNOPQRSTUVWXYZ');
1049 }
1050
1051 /**
1052 * Converts string to lowercase
1053 * The function converts all Latin characters (A-Z, but no accents, etc) to
1054 * lowercase. It is safe for all supported character sets (incl. utf-8).
1055 * Unlike strtolower() it does not honour the locale.
1056 *
1057 * @param string $str Input string
1058 * @return string Lowercase String
1059 * @deprecated since TYPO3 CMS v8, this method will be removed in TYPO3 CMS v9, use mb_strtolower() instead
1060 */
1061 public static function strtolower($str)
1062 {
1063 self::logDeprecatedFunction();
1064 return strtr((string)$str, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
1065 }
1066
1067 /**
1068 * Returns a string of highly randomized bytes (over the full 8-bit range).
1069 *
1070 * @param int $bytesToReturn Number of bytes to return
1071 * @return string Random Bytes
1072 * @deprecated since TYPO3 CMS 8, this method will be removed in TYPO3 CMS 9. Use \TYPO3\CMS\Core\Crypto\Random->generateRandomBytes() instead
1073 */
1074 public static function generateRandomBytes($bytesToReturn)
1075 {
1076 self::logDeprecatedFunction();
1077 return self::makeInstance(Random::class)->generateRandomBytes($bytesToReturn);
1078 }
1079
1080 /**
1081 * Returns an ASCII string (punicode) representation of $value
1082 *
1083 * @param string $value
1084 * @return string An ASCII encoded (punicode) string
1085 */
1086 public static function idnaEncode($value)
1087 {
1088 if (isset(self::$idnaStringCache[$value])) {
1089 return self::$idnaStringCache[$value];
1090 } else {
1091 if (!self::$idnaConverter) {
1092 self::$idnaConverter = new \Mso\IdnaConvert\IdnaConvert(['idn_version' => 2008]);
1093 }
1094 self::$idnaStringCache[$value] = self::$idnaConverter->encode($value);
1095 return self::$idnaStringCache[$value];
1096 }
1097 }
1098
1099 /**
1100 * Returns a hex representation of a random byte string.
1101 *
1102 * @param int $count Number of hex characters to return
1103 * @return string Random Bytes
1104 * @deprecated since TYPO3 CMS 8, this method will be removed in TYPO3 CMS 9. Use \TYPO3\CMS\Core\Crypto\Random::generateRandomHexString() instead
1105 */
1106 public static function getRandomHexString($count)
1107 {
1108 self::logDeprecatedFunction();
1109 return self::makeInstance(Random::class)->generateRandomHexString($count);
1110 }
1111
1112 /**
1113 * Returns a given string with underscores as UpperCamelCase.
1114 * Example: Converts blog_example to BlogExample
1115 *
1116 * @param string $string String to be converted to camel case
1117 * @return string UpperCamelCasedWord
1118 */
1119 public static function underscoredToUpperCamelCase($string)
1120 {
1121 return str_replace(' ', '', ucwords(str_replace('_', ' ', strtolower($string))));
1122 }
1123
1124 /**
1125 * Returns a given string with underscores as lowerCamelCase.
1126 * Example: Converts minimal_value to minimalValue
1127 *
1128 * @param string $string String to be converted to camel case
1129 * @return string lowerCamelCasedWord
1130 */
1131 public static function underscoredToLowerCamelCase($string)
1132 {
1133 return lcfirst(str_replace(' ', '', ucwords(str_replace('_', ' ', strtolower($string)))));
1134 }
1135
1136 /**
1137 * Returns a given CamelCasedString as an lowercase string with underscores.
1138 * Example: Converts BlogExample to blog_example, and minimalValue to minimal_value
1139 *
1140 * @param string $string String to be converted to lowercase underscore
1141 * @return string lowercase_and_underscored_string
1142 */
1143 public static function camelCaseToLowerCaseUnderscored($string)
1144 {
1145 $value = preg_replace('/(?<=\\w)([A-Z])/', '_\\1', $string);
1146 return mb_strtolower($value, 'utf-8');
1147 }
1148
1149 /**
1150 * Converts the first char of a string to lowercase if it is a latin character (A-Z).
1151 * Example: Converts "Hello World" to "hello World"
1152 *
1153 * @param string $string The string to be used to lowercase the first character
1154 * @return string The string with the first character as lowercase
1155 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9
1156 */
1157 public static function lcfirst($string)
1158 {
1159 static::logDeprecatedFunction();
1160 return lcfirst($string);
1161 }
1162
1163 /**
1164 * Checks if a given string is a Uniform Resource Locator (URL).
1165 *
1166 * On seriously malformed URLs, parse_url may return FALSE and emit an
1167 * E_WARNING.
1168 *
1169 * filter_var() requires a scheme to be present.
1170 *
1171 * http://www.faqs.org/rfcs/rfc2396.html
1172 * Scheme names consist of a sequence of characters beginning with a
1173 * lower case letter and followed by any combination of lower case letters,
1174 * digits, plus ("+"), period ("."), or hyphen ("-"). For resiliency,
1175 * programs interpreting URI should treat upper case letters as equivalent to
1176 * lower case in scheme names (e.g., allow "HTTP" as well as "http").
1177 * scheme = alpha *( alpha | digit | "+" | "-" | "." )
1178 *
1179 * Convert the domain part to punicode if it does not look like a regular
1180 * domain name. Only the domain part because RFC3986 specifies the the rest of
1181 * the url may not contain special characters:
1182 * http://tools.ietf.org/html/rfc3986#appendix-A
1183 *
1184 * @param string $url The URL to be validated
1185 * @return bool Whether the given URL is valid
1186 */
1187 public static function isValidUrl($url)
1188 {
1189 $parsedUrl = parse_url($url);
1190 if (!$parsedUrl || !isset($parsedUrl['scheme'])) {
1191 return false;
1192 }
1193 // HttpUtility::buildUrl() will always build urls with <scheme>://
1194 // our original $url might only contain <scheme>: (e.g. mail:)
1195 // so we convert that to the double-slashed version to ensure
1196 // our check against the $recomposedUrl is proper
1197 if (!self::isFirstPartOfStr($url, $parsedUrl['scheme'] . '://')) {
1198 $url = str_replace($parsedUrl['scheme'] . ':', $parsedUrl['scheme'] . '://', $url);
1199 }
1200 $recomposedUrl = HttpUtility::buildUrl($parsedUrl);
1201 if ($recomposedUrl !== $url) {
1202 // The parse_url() had to modify characters, so the URL is invalid
1203 return false;
1204 }
1205 if (isset($parsedUrl['host']) && !preg_match('/^[a-z0-9.\\-]*$/i', $parsedUrl['host'])) {
1206 $parsedUrl['host'] = self::idnaEncode($parsedUrl['host']);
1207 }
1208 return filter_var(HttpUtility::buildUrl($parsedUrl), FILTER_VALIDATE_URL) !== false;
1209 }
1210
1211 /*************************
1212 *
1213 * ARRAY FUNCTIONS
1214 *
1215 *************************/
1216
1217 /**
1218 * Explodes a $string delimited by $delimiter and casts each item in the array to (int).
1219 * Corresponds to \TYPO3\CMS\Core\Utility\GeneralUtility::trimExplode(), but with conversion to integers for all values.
1220 *
1221 * @param string $delimiter Delimiter string to explode with
1222 * @param string $string The string to explode
1223 * @param bool $removeEmptyValues If set, all empty values (='') will NOT be set in output
1224 * @param int $limit If positive, the result will contain a maximum of limit elements,
1225 * @return array Exploded values, all converted to integers
1226 */
1227 public static function intExplode($delimiter, $string, $removeEmptyValues = false, $limit = 0)
1228 {
1229 $result = explode($delimiter, $string);
1230 foreach ($result as $key => &$value) {
1231 if ($removeEmptyValues && ($value === '' || trim($value) === '')) {
1232 unset($result[$key]);
1233 } else {
1234 $value = (int)$value;
1235 }
1236 }
1237 unset($value);
1238 if ($limit !== 0) {
1239 if ($limit < 0) {
1240 $result = array_slice($result, 0, $limit);
1241 } elseif (count($result) > $limit) {
1242 $lastElements = array_slice($result, $limit - 1);
1243 $result = array_slice($result, 0, $limit - 1);
1244 $result[] = implode($delimiter, $lastElements);
1245 }
1246 }
1247 return $result;
1248 }
1249
1250 /**
1251 * Reverse explode which explodes the string counting from behind.
1252 *
1253 * Note: The delimiter has to given in the reverse order as
1254 * it is occurring within the string.
1255 *
1256 * GeneralUtility::revExplode('[]', '[my][words][here]', 2)
1257 * ==> array('[my][words', 'here]')
1258 *
1259 * @param string $delimiter Delimiter string to explode with
1260 * @param string $string The string to explode
1261 * @param int $count Number of array entries
1262 * @return array Exploded values
1263 */
1264 public static function revExplode($delimiter, $string, $count = 0)
1265 {
1266 // 2 is the (currently, as of 2014-02) most-used value for $count in the core, therefore we check it first
1267 if ($count === 2) {
1268 $position = strrpos($string, strrev($delimiter));
1269 if ($position !== false) {
1270 return [substr($string, 0, $position), substr($string, $position + strlen($delimiter))];
1271 } else {
1272 return [$string];
1273 }
1274 } elseif ($count <= 1) {
1275 return [$string];
1276 } else {
1277 $explodedValues = explode($delimiter, strrev($string), $count);
1278 $explodedValues = array_map('strrev', $explodedValues);
1279 return array_reverse($explodedValues);
1280 }
1281 }
1282
1283 /**
1284 * Explodes a string and trims all values for whitespace in the end.
1285 * If $onlyNonEmptyValues is set, then all blank ('') values are removed.
1286 *
1287 * @param string $delim Delimiter string to explode with
1288 * @param string $string The string to explode
1289 * @param bool $removeEmptyValues If set, all empty values will be removed in output
1290 * @param int $limit If limit is set and positive, the returned array will contain a maximum of limit elements with
1291 * the last element containing the rest of string. If the limit parameter is negative, all components
1292 * except the last -limit are returned.
1293 * @return array Exploded values
1294 */
1295 public static function trimExplode($delim, $string, $removeEmptyValues = false, $limit = 0)
1296 {
1297 $result = explode($delim, $string);
1298 if ($removeEmptyValues) {
1299 $temp = [];
1300 foreach ($result as $value) {
1301 if (trim($value) !== '') {
1302 $temp[] = $value;
1303 }
1304 }
1305 $result = $temp;
1306 }
1307 if ($limit > 0 && count($result) > $limit) {
1308 $lastElements = array_splice($result, $limit - 1);
1309 $result[] = implode($delim, $lastElements);
1310 } elseif ($limit < 0) {
1311 $result = array_slice($result, 0, $limit);
1312 }
1313 $result = array_map('trim', $result);
1314 return $result;
1315 }
1316
1317 /**
1318 * Implodes a multidim-array into GET-parameters (eg. &param[key][key2]=value2&param[key][key3]=value3)
1319 *
1320 * @param string $name Name prefix for entries. Set to blank if you wish none.
1321 * @param array $theArray The (multidimensional) array to implode
1322 * @param string $str (keep blank)
1323 * @param bool $skipBlank If set, parameters which were blank strings would be removed.
1324 * @param bool $rawurlencodeParamName If set, the param name itself (for example "param[key][key2]") would be rawurlencoded as well.
1325 * @return string Imploded result, fx. &param[key][key2]=value2&param[key][key3]=value3
1326 * @see explodeUrl2Array()
1327 */
1328 public static function implodeArrayForUrl($name, array $theArray, $str = '', $skipBlank = false, $rawurlencodeParamName = false)
1329 {
1330 foreach ($theArray as $Akey => $AVal) {
1331 $thisKeyName = $name ? $name . '[' . $Akey . ']' : $Akey;
1332 if (is_array($AVal)) {
1333 $str = self::implodeArrayForUrl($thisKeyName, $AVal, $str, $skipBlank, $rawurlencodeParamName);
1334 } else {
1335 if (!$skipBlank || (string)$AVal !== '') {
1336 $str .= '&' . ($rawurlencodeParamName ? rawurlencode($thisKeyName) : $thisKeyName) . '=' . rawurlencode($AVal);
1337 }
1338 }
1339 }
1340 return $str;
1341 }
1342
1343 /**
1344 * Explodes a string with GETvars (eg. "&id=1&type=2&ext[mykey]=3") into an array
1345 *
1346 * @param string $string GETvars string
1347 * @param bool $multidim If set, the string will be parsed into a multidimensional array if square brackets are used in variable names (using PHP function parse_str())
1348 * @return array Array of values. All values AND keys are rawurldecoded() as they properly should be. But this means that any implosion of the array again must rawurlencode it!
1349 * @see implodeArrayForUrl()
1350 */
1351 public static function explodeUrl2Array($string, $multidim = false)
1352 {
1353 $output = [];
1354 if ($multidim) {
1355 parse_str($string, $output);
1356 } else {
1357 $p = explode('&', $string);
1358 foreach ($p as $v) {
1359 if ($v !== '') {
1360 list($pK, $pV) = explode('=', $v, 2);
1361 $output[rawurldecode($pK)] = rawurldecode($pV);
1362 }
1363 }
1364 }
1365 return $output;
1366 }
1367
1368 /**
1369 * Returns an array with selected keys from incoming data.
1370 * (Better read source code if you want to find out...)
1371 *
1372 * @param string $varList List of variable/key names
1373 * @param array $getArray Array from where to get values based on the keys in $varList
1374 * @param bool $GPvarAlt If set, then \TYPO3\CMS\Core\Utility\GeneralUtility::_GP() is used to fetch the value if not found (isset) in the $getArray
1375 * @return array Output array with selected variables.
1376 */
1377 public static function compileSelectedGetVarsFromArray($varList, array $getArray, $GPvarAlt = true)
1378 {
1379 $keys = self::trimExplode(',', $varList, true);
1380 $outArr = [];
1381 foreach ($keys as $v) {
1382 if (isset($getArray[$v])) {
1383 $outArr[$v] = $getArray[$v];
1384 } elseif ($GPvarAlt) {
1385 $outArr[$v] = self::_GP($v);
1386 }
1387 }
1388 return $outArr;
1389 }
1390
1391 /**
1392 * Takes a row and returns a CSV string of the values with $delim (default is ,) and $quote (default is ") as separator chars.
1393 *
1394 * @param array $row Input array of values
1395 * @param string $delim Delimited, default is comma
1396 * @param string $quote Quote-character to wrap around the values.
1397 * @return string A single line of CSV
1398 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9.
1399 */
1400 public static function csvValues(array $row, $delim = ',', $quote = '"')
1401 {
1402 self::logDeprecatedFunction();
1403 return CsvUtility::csvValues($row, $delim, $quote);
1404 }
1405
1406 /**
1407 * Removes dots "." from end of a key identifier of TypoScript styled array.
1408 * array('key.' => array('property.' => 'value')) --> array('key' => array('property' => 'value'))
1409 *
1410 * @param array $ts TypoScript configuration array
1411 * @return array TypoScript configuration array without dots at the end of all keys
1412 */
1413 public static function removeDotsFromTS(array $ts)
1414 {
1415 $out = [];
1416 foreach ($ts as $key => $value) {
1417 if (is_array($value)) {
1418 $key = rtrim($key, '.');
1419 $out[$key] = self::removeDotsFromTS($value);
1420 } else {
1421 $out[$key] = $value;
1422 }
1423 }
1424 return $out;
1425 }
1426
1427 /*************************
1428 *
1429 * HTML/XML PROCESSING
1430 *
1431 *************************/
1432 /**
1433 * Returns an array with all attributes of the input HTML tag as key/value pairs. Attributes are only lowercase a-z
1434 * $tag is either a whole tag (eg '<TAG OPTION ATTRIB=VALUE>') or the parameter list (ex ' OPTION ATTRIB=VALUE>')
1435 * If an attribute is empty, then the value for the key is empty. You can check if it existed with isset()
1436 *
1437 * @param string $tag HTML-tag string (or attributes only)
1438 * @return array Array with the attribute values.
1439 */
1440 public static function get_tag_attributes($tag)
1441 {
1442 $components = self::split_tag_attributes($tag);
1443 // Attribute name is stored here
1444 $name = '';
1445 $valuemode = false;
1446 $attributes = [];
1447 foreach ($components as $key => $val) {
1448 // Only if $name is set (if there is an attribute, that waits for a value), that valuemode is enabled. This ensures that the attribute is assigned it's value
1449 if ($val !== '=') {
1450 if ($valuemode) {
1451 if ($name) {
1452 $attributes[$name] = $val;
1453 $name = '';
1454 }
1455 } else {
1456 if ($key = strtolower(preg_replace('/[^[:alnum:]_\\:\\-]/', '', $val))) {
1457 $attributes[$key] = '';
1458 $name = $key;
1459 }
1460 }
1461 $valuemode = false;
1462 } else {
1463 $valuemode = true;
1464 }
1465 }
1466 return $attributes;
1467 }
1468
1469 /**
1470 * Returns an array with the 'components' from an attribute list from an HTML tag. The result is normally analyzed by get_tag_attributes
1471 * Removes tag-name if found
1472 *
1473 * @param string $tag HTML-tag string (or attributes only)
1474 * @return array Array with the attribute values.
1475 */
1476 public static function split_tag_attributes($tag)
1477 {
1478 $tag_tmp = trim(preg_replace('/^<[^[:space:]]*/', '', trim($tag)));
1479 // Removes any > in the end of the string
1480 $tag_tmp = trim(rtrim($tag_tmp, '>'));
1481 $value = [];
1482 // Compared with empty string instead , 030102
1483 while ($tag_tmp !== '') {
1484 $firstChar = $tag_tmp[0];
1485 if ($firstChar === '"' || $firstChar === '\'') {
1486 $reg = explode($firstChar, $tag_tmp, 3);
1487 $value[] = $reg[1];
1488 $tag_tmp = trim($reg[2]);
1489 } elseif ($firstChar === '=') {
1490 $value[] = '=';
1491 // Removes = chars.
1492 $tag_tmp = trim(substr($tag_tmp, 1));
1493 } else {
1494 // There are '' around the value. We look for the next ' ' or '>'
1495 $reg = preg_split('/[[:space:]=]/', $tag_tmp, 2);
1496 $value[] = trim($reg[0]);
1497 $tag_tmp = trim(substr($tag_tmp, strlen($reg[0]), 1) . $reg[1]);
1498 }
1499 }
1500 reset($value);
1501 return $value;
1502 }
1503
1504 /**
1505 * Implodes attributes in the array $arr for an attribute list in eg. and HTML tag (with quotes)
1506 *
1507 * @param array $arr Array with attribute key/value pairs, eg. "bgcolor"=>"red", "border"=>0
1508 * @param bool $xhtmlSafe If set the resulting attribute list will have a) all attributes in lowercase (and duplicates weeded out, first entry taking precedence) and b) all values htmlspecialchar()'ed. It is recommended to use this switch!
1509 * @param bool $dontOmitBlankAttribs If TRUE, don't check if values are blank. Default is to omit attributes with blank values.
1510 * @return string Imploded attributes, eg. 'bgcolor="red" border="0"'
1511 */
1512 public static function implodeAttributes(array $arr, $xhtmlSafe = false, $dontOmitBlankAttribs = false)
1513 {
1514 if ($xhtmlSafe) {
1515 $newArr = [];
1516 foreach ($arr as $p => $v) {
1517 if (!isset($newArr[strtolower($p)])) {
1518 $newArr[strtolower($p)] = htmlspecialchars($v);
1519 }
1520 }
1521 $arr = $newArr;
1522 }
1523 $list = [];
1524 foreach ($arr as $p => $v) {
1525 if ((string)$v !== '' || $dontOmitBlankAttribs) {
1526 $list[] = $p . '="' . $v . '"';
1527 }
1528 }
1529 return implode(' ', $list);
1530 }
1531
1532 /**
1533 * Wraps JavaScript code XHTML ready with <script>-tags
1534 * Automatic re-indenting of the JS code is done by using the first line as indent reference.
1535 * This is nice for indenting JS code with PHP code on the same level.
1536 *
1537 * @param string $string JavaScript code
1538 * @param null $_ unused, will be removed in TYPO3 CMS 9
1539 * @return string The wrapped JS code, ready to put into a XHTML page
1540 */
1541 public static function wrapJS($string, $_ = null)
1542 {
1543 if ($_ !== null) {
1544 self::deprecationLog('Parameter 2 of GeneralUtility::wrapJS is obsolete and can be omitted.');
1545 }
1546
1547 if (trim($string)) {
1548 // remove nl from the beginning
1549 $string = ltrim($string, LF);
1550 // re-ident to one tab using the first line as reference
1551 $match = [];
1552 if (preg_match('/^(\\t+)/', $string, $match)) {
1553 $string = str_replace($match[1], TAB, $string);
1554 }
1555 return '<script type="text/javascript">
1556 /*<![CDATA[*/
1557 ' . $string . '
1558 /*]]>*/
1559 </script>';
1560 }
1561 return '';
1562 }
1563
1564 /**
1565 * Parses XML input into a PHP array with associative keys
1566 *
1567 * @param string $string XML data input
1568 * @param int $depth Number of element levels to resolve the XML into an array. Any further structure will be set as XML.
1569 * @param array $parserOptions Options that will be passed to PHP's xml_parser_set_option()
1570 * @return mixed The array with the parsed structure unless the XML parser returns with an error in which case the error message string is returned.
1571 */
1572 public static function xml2tree($string, $depth = 999, $parserOptions = [])
1573 {
1574 // Disables the functionality to allow external entities to be loaded when parsing the XML, must be kept
1575 $previousValueOfEntityLoader = libxml_disable_entity_loader(true);
1576 $parser = xml_parser_create();
1577 $vals = [];
1578 $index = [];
1579 xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
1580 xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 0);
1581 foreach ($parserOptions as $option => $value) {
1582 xml_parser_set_option($parser, $option, $value);
1583 }
1584 xml_parse_into_struct($parser, $string, $vals, $index);
1585 libxml_disable_entity_loader($previousValueOfEntityLoader);
1586 if (xml_get_error_code($parser)) {
1587 return 'Line ' . xml_get_current_line_number($parser) . ': ' . xml_error_string(xml_get_error_code($parser));
1588 }
1589 xml_parser_free($parser);
1590 $stack = [[]];
1591 $stacktop = 0;
1592 $startPoint = 0;
1593 $tagi = [];
1594 foreach ($vals as $key => $val) {
1595 $type = $val['type'];
1596 // open tag:
1597 if ($type === 'open' || $type === 'complete') {
1598 $stack[$stacktop++] = $tagi;
1599 if ($depth == $stacktop) {
1600 $startPoint = $key;
1601 }
1602 $tagi = ['tag' => $val['tag']];
1603 if (isset($val['attributes'])) {
1604 $tagi['attrs'] = $val['attributes'];
1605 }
1606 if (isset($val['value'])) {
1607 $tagi['values'][] = $val['value'];
1608 }
1609 }
1610 // finish tag:
1611 if ($type === 'complete' || $type === 'close') {
1612 $oldtagi = $tagi;
1613 $tagi = $stack[--$stacktop];
1614 $oldtag = $oldtagi['tag'];
1615 unset($oldtagi['tag']);
1616 if ($depth == $stacktop + 1) {
1617 if ($key - $startPoint > 0) {
1618 $partArray = array_slice($vals, $startPoint + 1, $key - $startPoint - 1);
1619 $oldtagi['XMLvalue'] = self::xmlRecompileFromStructValArray($partArray);
1620 } else {
1621 $oldtagi['XMLvalue'] = $oldtagi['values'][0];
1622 }
1623 }
1624 $tagi['ch'][$oldtag][] = $oldtagi;
1625 unset($oldtagi);
1626 }
1627 // cdata
1628 if ($type === 'cdata') {
1629 $tagi['values'][] = $val['value'];
1630 }
1631 }
1632 return $tagi['ch'];
1633 }
1634
1635 /**
1636 * Turns PHP array into XML. See array2xml()
1637 *
1638 * @param array $array The input PHP array with any kind of data; text, binary, integers. Not objects though.
1639 * @param string $docTag Alternative document tag. Default is "phparray".
1640 * @param array $options Options for the compilation. See array2xml() for description.
1641 * @param string $charset Forced charset to prologue
1642 * @return string An XML string made from the input content in the array.
1643 * @see xml2array(),array2xml()
1644 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9.
1645 */
1646 public static function array2xml_cs(array $array, $docTag = 'phparray', array $options = [], $charset = '')
1647 {
1648 static::logDeprecatedFunction();
1649 // Set default charset unless explicitly specified
1650 $charset = $charset ?: 'utf-8';
1651 // Return XML:
1652 return '<?xml version="1.0" encoding="' . htmlspecialchars($charset) . '" standalone="yes" ?>' . LF . self::array2xml($array, '', 0, $docTag, 0, $options);
1653 }
1654
1655 /**
1656 * Converts a PHP array into an XML string.
1657 * The XML output is optimized for readability since associative keys are used as tag names.
1658 * This also means that only alphanumeric characters are allowed in the tag names AND only keys NOT starting with numbers (so watch your usage of keys!). However there are options you can set to avoid this problem.
1659 * Numeric keys are stored with the default tag name "numIndex" but can be overridden to other formats)
1660 * The function handles input values from the PHP array in a binary-safe way; All characters below 32 (except 9,10,13) will trigger the content to be converted to a base64-string
1661 * The PHP variable type of the data IS preserved as long as the types are strings, arrays, integers and booleans. Strings are the default type unless the "type" attribute is set.
1662 * The output XML has been tested with the PHP XML-parser and parses OK under all tested circumstances with 4.x versions. However, with PHP5 there seems to be the need to add an XML prologue a la <?xml version="1.0" encoding="[charset]" standalone="yes" ?> - otherwise UTF-8 is assumed! Unfortunately, many times the output from this function is used without adding that prologue meaning that non-ASCII characters will break the parsing!! This suchs of course! Effectively it means that the prologue should always be prepended setting the right characterset, alternatively the system should always run as utf-8!
1663 * However using MSIE to read the XML output didn't always go well: One reason could be that the character encoding is not observed in the PHP data. The other reason may be if the tag-names are invalid in the eyes of MSIE. Also using the namespace feature will make MSIE break parsing. There might be more reasons...
1664 *
1665 * @param array $array The input PHP array with any kind of data; text, binary, integers. Not objects though.
1666 * @param string $NSprefix tag-prefix, eg. a namespace prefix like "T3:"
1667 * @param int $level Current recursion level. Don't change, stay at zero!
1668 * @param string $docTag Alternative document tag. Default is "phparray".
1669 * @param int $spaceInd If greater than zero, then the number of spaces corresponding to this number is used for indenting, if less than zero - no indentation, if zero - a single TAB is used
1670 * @param array $options Options for the compilation. Key "useNindex" => 0/1 (boolean: whether to use "n0, n1, n2" for num. indexes); Key "useIndexTagForNum" => "[tag for numerical indexes]"; Key "useIndexTagForAssoc" => "[tag for associative indexes"; Key "parentTagMap" => array('parentTag' => 'thisLevelTag')
1671 * @param array $stackData Stack data. Don't touch.
1672 * @return string An XML string made from the input content in the array.
1673 * @see xml2array()
1674 */
1675 public static function array2xml(array $array, $NSprefix = '', $level = 0, $docTag = 'phparray', $spaceInd = 0, array $options = [], array $stackData = [])
1676 {
1677 // The list of byte values which will trigger binary-safe storage. If any value has one of these char values in it, it will be encoded in base64
1678 $binaryChars = chr(0) . chr(1) . chr(2) . chr(3) . chr(4) . chr(5) . chr(6) . chr(7) . chr(8) . chr(11) . chr(12) . chr(14) . chr(15) . chr(16) . chr(17) . chr(18) . chr(19) . chr(20) . chr(21) . chr(22) . chr(23) . chr(24) . chr(25) . chr(26) . chr(27) . chr(28) . chr(29) . chr(30) . chr(31);
1679 // Set indenting mode:
1680 $indentChar = $spaceInd ? ' ' : TAB;
1681 $indentN = $spaceInd > 0 ? $spaceInd : 1;
1682 $nl = $spaceInd >= 0 ? LF : '';
1683 // Init output variable:
1684 $output = '';
1685 // Traverse the input array
1686 foreach ($array as $k => $v) {
1687 $attr = '';
1688 $tagName = $k;
1689 // Construct the tag name.
1690 // Use tag based on grand-parent + parent tag name
1691 if (isset($options['grandParentTagMap'][$stackData['grandParentTagName'] . '/' . $stackData['parentTagName']])) {
1692 $attr .= ' index="' . htmlspecialchars($tagName) . '"';
1693 $tagName = (string)$options['grandParentTagMap'][$stackData['grandParentTagName'] . '/' . $stackData['parentTagName']];
1694 } elseif (isset($options['parentTagMap'][$stackData['parentTagName'] . ':_IS_NUM']) && MathUtility::canBeInterpretedAsInteger($tagName)) {
1695 // Use tag based on parent tag name + if current tag is numeric
1696 $attr .= ' index="' . htmlspecialchars($tagName) . '"';
1697 $tagName = (string)$options['parentTagMap'][$stackData['parentTagName'] . ':_IS_NUM'];
1698 } elseif (isset($options['parentTagMap'][$stackData['parentTagName'] . ':' . $tagName])) {
1699 // Use tag based on parent tag name + current tag
1700 $attr .= ' index="' . htmlspecialchars($tagName) . '"';
1701 $tagName = (string)$options['parentTagMap'][$stackData['parentTagName'] . ':' . $tagName];
1702 } elseif (isset($options['parentTagMap'][$stackData['parentTagName']])) {
1703 // Use tag based on parent tag name:
1704 $attr .= ' index="' . htmlspecialchars($tagName) . '"';
1705 $tagName = (string)$options['parentTagMap'][$stackData['parentTagName']];
1706 } elseif (MathUtility::canBeInterpretedAsInteger($tagName)) {
1707 // If integer...;
1708 if ($options['useNindex']) {
1709 // If numeric key, prefix "n"
1710 $tagName = 'n' . $tagName;
1711 } else {
1712 // Use special tag for num. keys:
1713 $attr .= ' index="' . $tagName . '"';
1714 $tagName = $options['useIndexTagForNum'] ?: 'numIndex';
1715 }
1716 } elseif ($options['useIndexTagForAssoc']) {
1717 // Use tag for all associative keys:
1718 $attr .= ' index="' . htmlspecialchars($tagName) . '"';
1719 $tagName = $options['useIndexTagForAssoc'];
1720 }
1721 // The tag name is cleaned up so only alphanumeric chars (plus - and _) are in there and not longer than 100 chars either.
1722 $tagName = substr(preg_replace('/[^[:alnum:]_-]/', '', $tagName), 0, 100);
1723 // If the value is an array then we will call this function recursively:
1724 if (is_array($v)) {
1725 // Sub elements:
1726 if ($options['alt_options'][$stackData['path'] . '/' . $tagName]) {
1727 $subOptions = $options['alt_options'][$stackData['path'] . '/' . $tagName];
1728 $clearStackPath = $subOptions['clearStackPath'];
1729 } else {
1730 $subOptions = $options;
1731 $clearStackPath = false;
1732 }
1733 if (empty($v)) {
1734 $content = '';
1735 } else {
1736 $content = $nl . self::array2xml($v, $NSprefix, ($level + 1), '', $spaceInd, $subOptions, [
1737 'parentTagName' => $tagName,
1738 'grandParentTagName' => $stackData['parentTagName'],
1739 'path' => ($clearStackPath ? '' : $stackData['path'] . '/' . $tagName)
1740 ]) . ($spaceInd >= 0 ? str_pad('', ($level + 1) * $indentN, $indentChar) : '');
1741 }
1742 // Do not set "type = array". Makes prettier XML but means that empty arrays are not restored with xml2array
1743 if ((int)$options['disableTypeAttrib'] != 2) {
1744 $attr .= ' type="array"';
1745 }
1746 } else {
1747 // Just a value:
1748 // Look for binary chars:
1749 $vLen = strlen($v);
1750 // Go for base64 encoding if the initial segment NOT matching any binary char has the same length as the whole string!
1751 if ($vLen && strcspn($v, $binaryChars) != $vLen) {
1752 // If the value contained binary chars then we base64-encode it an set an attribute to notify this situation:
1753 $content = $nl . chunk_split(base64_encode($v));
1754 $attr .= ' base64="1"';
1755 } else {
1756 // Otherwise, just htmlspecialchar the stuff:
1757 $content = htmlspecialchars($v);
1758 $dType = gettype($v);
1759 if ($dType === 'string') {
1760 if ($options['useCDATA'] && $content != $v) {
1761 $content = '<![CDATA[' . $v . ']]>';
1762 }
1763 } elseif (!$options['disableTypeAttrib']) {
1764 $attr .= ' type="' . $dType . '"';
1765 }
1766 }
1767 }
1768 if ((string)$tagName !== '') {
1769 // Add the element to the output string:
1770 $output .= ($spaceInd >= 0 ? str_pad('', ($level + 1) * $indentN, $indentChar) : '')
1771 . '<' . $NSprefix . $tagName . $attr . '>' . $content . '</' . $NSprefix . $tagName . '>' . $nl;
1772 }
1773 }
1774 // If we are at the outer-most level, then we finally wrap it all in the document tags and return that as the value:
1775 if (!$level) {
1776 $output = '<' . $docTag . '>' . $nl . $output . '</' . $docTag . '>';
1777 }
1778 return $output;
1779 }
1780
1781 /**
1782 * Converts an XML string to a PHP array.
1783 * This is the reverse function of array2xml()
1784 * This is a wrapper for xml2arrayProcess that adds a two-level cache
1785 *
1786 * @param string $string XML content to convert into an array
1787 * @param string $NSprefix The tag-prefix resolve, eg. a namespace like "T3:"
1788 * @param bool $reportDocTag If set, the document tag will be set in the key "_DOCUMENT_TAG" of the output array
1789 * @return mixed If the parsing had errors, a string with the error message is returned. Otherwise an array with the content.
1790 * @see array2xml(),xml2arrayProcess()
1791 */
1792 public static function xml2array($string, $NSprefix = '', $reportDocTag = false)
1793 {
1794 static $firstLevelCache = [];
1795 $identifier = md5($string . $NSprefix . ($reportDocTag ? '1' : '0'));
1796 // Look up in first level cache
1797 if (!empty($firstLevelCache[$identifier])) {
1798 $array = $firstLevelCache[$identifier];
1799 } else {
1800 $array = self::xml2arrayProcess(trim($string), $NSprefix, $reportDocTag);
1801 // Store content in first level cache
1802 $firstLevelCache[$identifier] = $array;
1803 }
1804 return $array;
1805 }
1806
1807 /**
1808 * Converts an XML string to a PHP array.
1809 * This is the reverse function of array2xml()
1810 *
1811 * @param string $string XML content to convert into an array
1812 * @param string $NSprefix The tag-prefix resolve, eg. a namespace like "T3:"
1813 * @param bool $reportDocTag If set, the document tag will be set in the key "_DOCUMENT_TAG" of the output array
1814 * @return mixed If the parsing had errors, a string with the error message is returned. Otherwise an array with the content.
1815 * @see array2xml()
1816 */
1817 protected static function xml2arrayProcess($string, $NSprefix = '', $reportDocTag = false)
1818 {
1819 // Disables the functionality to allow external entities to be loaded when parsing the XML, must be kept
1820 $previousValueOfEntityLoader = libxml_disable_entity_loader(true);
1821 // Create parser:
1822 $parser = xml_parser_create();
1823 $vals = [];
1824 $index = [];
1825 xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
1826 xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 0);
1827 // Default output charset is UTF-8, only ASCII, ISO-8859-1 and UTF-8 are supported!!!
1828 $match = [];
1829 preg_match('/^[[:space:]]*<\\?xml[^>]*encoding[[:space:]]*=[[:space:]]*"([^"]*)"/', substr($string, 0, 200), $match);
1830 $theCharset = $match[1] ?: 'utf-8';
1831 // us-ascii / utf-8 / iso-8859-1
1832 xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $theCharset);
1833 // Parse content:
1834 xml_parse_into_struct($parser, $string, $vals, $index);
1835 libxml_disable_entity_loader($previousValueOfEntityLoader);
1836 // If error, return error message:
1837 if (xml_get_error_code($parser)) {
1838 return 'Line ' . xml_get_current_line_number($parser) . ': ' . xml_error_string(xml_get_error_code($parser));
1839 }
1840 xml_parser_free($parser);
1841 // Init vars:
1842 $stack = [[]];
1843 $stacktop = 0;
1844 $current = [];
1845 $tagName = '';
1846 $documentTag = '';
1847 // Traverse the parsed XML structure:
1848 foreach ($vals as $key => $val) {
1849 // First, process the tag-name (which is used in both cases, whether "complete" or "close")
1850 $tagName = $val['tag'];
1851 if (!$documentTag) {
1852 $documentTag = $tagName;
1853 }
1854 // Test for name space:
1855 $tagName = $NSprefix && substr($tagName, 0, strlen($NSprefix)) == $NSprefix ? substr($tagName, strlen($NSprefix)) : $tagName;
1856 // Test for numeric tag, encoded on the form "nXXX":
1857 $testNtag = substr($tagName, 1);
1858 // Closing tag.
1859 $tagName = $tagName[0] === 'n' && MathUtility::canBeInterpretedAsInteger($testNtag) ? (int)$testNtag : $tagName;
1860 // Test for alternative index value:
1861 if ((string)$val['attributes']['index'] !== '') {
1862 $tagName = $val['attributes']['index'];
1863 }
1864 // Setting tag-values, manage stack:
1865 switch ($val['type']) {
1866 case 'open':
1867 // If open tag it means there is an array stored in sub-elements. Therefore increase the stackpointer and reset the accumulation array:
1868 // Setting blank place holder
1869 $current[$tagName] = [];
1870 $stack[$stacktop++] = $current;
1871 $current = [];
1872 break;
1873 case 'close':
1874 // If the tag is "close" then it is an array which is closing and we decrease the stack pointer.
1875 $oldCurrent = $current;
1876 $current = $stack[--$stacktop];
1877 // Going to the end of array to get placeholder key, key($current), and fill in array next:
1878 end($current);
1879 $current[key($current)] = $oldCurrent;
1880 unset($oldCurrent);
1881 break;
1882 case 'complete':
1883 // If "complete", then it's a value. If the attribute "base64" is set, then decode the value, otherwise just set it.
1884 if ($val['attributes']['base64']) {
1885 $current[$tagName] = base64_decode($val['value']);
1886 } else {
1887 // Had to cast it as a string - otherwise it would be evaluate FALSE if tested with isset()!!
1888 $current[$tagName] = (string)$val['value'];
1889 // Cast type:
1890 switch ((string)$val['attributes']['type']) {
1891 case 'integer':
1892 $current[$tagName] = (int)$current[$tagName];
1893 break;
1894 case 'double':
1895 $current[$tagName] = (double) $current[$tagName];
1896 break;
1897 case 'boolean':
1898 $current[$tagName] = (bool)$current[$tagName];
1899 break;
1900 case 'NULL':
1901 $current[$tagName] = null;
1902 break;
1903 case 'array':
1904 // MUST be an empty array since it is processed as a value; Empty arrays would end up here because they would have no tags inside...
1905 $current[$tagName] = [];
1906 break;
1907 }
1908 }
1909 break;
1910 }
1911 }
1912 if ($reportDocTag) {
1913 $current[$tagName]['_DOCUMENT_TAG'] = $documentTag;
1914 }
1915 // Finally return the content of the document tag.
1916 return $current[$tagName];
1917 }
1918
1919 /**
1920 * This implodes an array of XML parts (made with xml_parse_into_struct()) into XML again.
1921 *
1922 * @param array $vals An array of XML parts, see xml2tree
1923 * @return string Re-compiled XML data.
1924 */
1925 public static function xmlRecompileFromStructValArray(array $vals)
1926 {
1927 $XMLcontent = '';
1928 foreach ($vals as $val) {
1929 $type = $val['type'];
1930 // Open tag:
1931 if ($type === 'open' || $type === 'complete') {
1932 $XMLcontent .= '<' . $val['tag'];
1933 if (isset($val['attributes'])) {
1934 foreach ($val['attributes'] as $k => $v) {
1935 $XMLcontent .= ' ' . $k . '="' . htmlspecialchars($v) . '"';
1936 }
1937 }
1938 if ($type === 'complete') {
1939 if (isset($val['value'])) {
1940 $XMLcontent .= '>' . htmlspecialchars($val['value']) . '</' . $val['tag'] . '>';
1941 } else {
1942 $XMLcontent .= '/>';
1943 }
1944 } else {
1945 $XMLcontent .= '>';
1946 }
1947 if ($type === 'open' && isset($val['value'])) {
1948 $XMLcontent .= htmlspecialchars($val['value']);
1949 }
1950 }
1951 // Finish tag:
1952 if ($type === 'close') {
1953 $XMLcontent .= '</' . $val['tag'] . '>';
1954 }
1955 // Cdata
1956 if ($type === 'cdata') {
1957 $XMLcontent .= htmlspecialchars($val['value']);
1958 }
1959 }
1960 return $XMLcontent;
1961 }
1962
1963 /**
1964 * Extracts the attributes (typically encoding and version) of an XML prologue (header).
1965 *
1966 * @param string $xmlData XML data
1967 * @return array Attributes of the xml prologue (header)
1968 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9.
1969 */
1970 public static function xmlGetHeaderAttribs($xmlData)
1971 {
1972 self::logDeprecatedFunction();
1973 $match = [];
1974 if (preg_match('/^\\s*<\\?xml([^>]*)\\?\\>/', $xmlData, $match)) {
1975 return self::get_tag_attributes($match[1]);
1976 }
1977 }
1978
1979 /**
1980 * Minifies JavaScript
1981 *
1982 * @param string $script Script to minify
1983 * @param string $error Error message (if any)
1984 * @return string Minified script or source string if error happened
1985 */
1986 public static function minifyJavaScript($script, &$error = '')
1987 {
1988 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_div.php']['minifyJavaScript'])) {
1989 $fakeThis = false;
1990 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_div.php']['minifyJavaScript'] as $hookMethod) {
1991 try {
1992 $parameters = ['script' => $script];
1993 $script = static::callUserFunction($hookMethod, $parameters, $fakeThis);
1994 } catch (\Exception $e) {
1995 $errorMessage = 'Error minifying java script: ' . $e->getMessage();
1996 $error .= $errorMessage;
1997 static::devLog($errorMessage, \TYPO3\CMS\Core\Utility\GeneralUtility::class, 2, [
1998 'JavaScript' => $script,
1999 'Stack trace' => $e->getTrace(),
2000 'hook' => $hookMethod
2001 ]);
2002 }
2003 }
2004 }
2005 return $script;
2006 }
2007
2008 /*************************
2009 *
2010 * FILES FUNCTIONS
2011 *
2012 *************************/
2013 /**
2014 * Reads the file or url $url and returns the content
2015 * If you are having trouble with proxies when reading URLs you can configure your way out of that with settings within $GLOBALS['TYPO3_CONF_VARS']['HTTP'].
2016 *
2017 * @param string $url File/URL to read
2018 * @param int $includeHeader Whether the HTTP header should be fetched or not. 0=disable, 1=fetch header+content, 2=fetch header only
2019 * @param array $requestHeaders HTTP headers to be used in the request
2020 * @param array $report Error code/message and, if $includeHeader is 1, response meta data (HTTP status and content type)
2021 * @return mixed The content from the resource given as input. FALSE if an error has occurred.
2022 */
2023 public static function getUrl($url, $includeHeader = 0, $requestHeaders = null, &$report = null)
2024 {
2025 if (isset($report)) {
2026 $report['error'] = 0;
2027 $report['message'] = '';
2028 }
2029 // Looks like it's an external file, use Guzzle by default
2030 if (preg_match('/^(?:http|ftp)s?|s(?:ftp|cp):/', $url)) {
2031 /** @var RequestFactory $requestFactory */
2032 $requestFactory = static::makeInstance(RequestFactory::class);
2033 if (is_array($requestHeaders)) {
2034 $configuration = ['headers' => $requestHeaders];
2035 } else {
2036 $configuration = [];
2037 }
2038
2039 try {
2040 if (isset($report)) {
2041 $report['lib'] = 'GuzzleHttp';
2042 }
2043 $response = $requestFactory->request($url, 'GET', $configuration);
2044 } catch (RequestException $exception) {
2045 if (isset($report)) {
2046 $report['error'] = $exception->getHandlerContext()['errno'];
2047 $report['message'] = $exception->getMessage();
2048 $report['exception'] = $exception;
2049 }
2050 return false;
2051 }
2052
2053 $content = '';
2054
2055 // Add the headers to the output
2056 $includeHeader = (int)$includeHeader;
2057 if ($includeHeader) {
2058 $parsedURL = parse_url($url);
2059 $method = $includeHeader === 2 ? 'HEAD' : 'GET';
2060 $content = $method . ' ' . (isset($parsedURL['path']) ? $parsedURL['path'] : '/')
2061 . ($parsedURL['query'] ? '?' . $parsedURL['query'] : '') . ' HTTP/1.0' . CRLF
2062 . 'Host: ' . $parsedURL['host'] . CRLF
2063 . 'Connection: close' . CRLF;
2064 if (is_array($requestHeaders)) {
2065 $content .= implode(CRLF, $requestHeaders) . CRLF;
2066 }
2067 foreach ($response->getHeaders() as $headerName => $headerValues) {
2068 $content .= $headerName . ': ' . implode(', ', $headerValues) . CRLF;
2069 }
2070 // Headers are separated from the body with two CRLFs
2071 $content .= CRLF;
2072 }
2073 // If not just headers are requested, add the body
2074 if ($includeHeader !== 2) {
2075 $content .= $response->getBody()->getContents();
2076 }
2077 if (isset($report)) {
2078 $report['lib'] = 'http';
2079 if ($response->getStatusCode() >= 300 && $response->getStatusCode() < 400) {
2080 $report['http_code'] = $response->getStatusCode();
2081 $report['content_type'] = $response->getHeader('Content-Type');
2082 $report['error'] = $response->getStatusCode();
2083 $report['message'] = $response->getReasonPhrase();
2084 } elseif (!empty($content)) {
2085 $report['error'] = $response->getStatusCode();
2086 $report['message'] = $response->getReasonPhrase();
2087 } elseif ($includeHeader) {
2088 // Set only for $includeHeader to work exactly like PHP variant
2089 $report['http_code'] = $response->getStatusCode();
2090 $report['content_type'] = $response->getHeader('Content-Type');
2091 }
2092 }
2093 } else {
2094 if (isset($report)) {
2095 $report['lib'] = 'file';
2096 }
2097 $content = @file_get_contents($url);
2098 if ($content === false && isset($report)) {
2099 $report['error'] = -1;
2100 $report['message'] = 'Couldn\'t get URL: ' . $url;
2101 }
2102 }
2103 return $content;
2104 }
2105
2106 /**
2107 * Writes $content to the file $file
2108 *
2109 * @param string $file Filepath to write to
2110 * @param string $content Content to write
2111 * @param bool $changePermissions If TRUE, permissions are forced to be set
2112 * @return bool TRUE if the file was successfully opened and written to.
2113 */
2114 public static function writeFile($file, $content, $changePermissions = false)
2115 {
2116 if (!@is_file($file)) {
2117 $changePermissions = true;
2118 }
2119 if ($fd = fopen($file, 'wb')) {
2120 $res = fwrite($fd, $content);
2121 fclose($fd);
2122 if ($res === false) {
2123 return false;
2124 }
2125 // Change the permissions only if the file has just been created
2126 if ($changePermissions) {
2127 static::fixPermissions($file);
2128 }
2129 return true;
2130 }
2131 return false;
2132 }
2133
2134 /**
2135 * Sets the file system mode and group ownership of a file or a folder.
2136 *
2137 * @param string $path Path of file or folder, must not be escaped. Path can be absolute or relative
2138 * @param bool $recursive If set, also fixes permissions of files and folders in the folder (if $path is a folder)
2139 * @return mixed TRUE on success, FALSE on error, always TRUE on Windows OS
2140 */
2141 public static function fixPermissions($path, $recursive = false)
2142 {
2143 if (TYPO3_OS === 'WIN') {
2144 return true;
2145 }
2146 $result = false;
2147 // Make path absolute
2148 if (!static::isAbsPath($path)) {
2149 $path = static::getFileAbsFileName($path);
2150 }
2151 if (static::isAllowedAbsPath($path)) {
2152 if (@is_file($path)) {
2153 $targetPermissions = isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'])
2154 ? $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask']
2155 : '0644';
2156 } elseif (@is_dir($path)) {
2157 $targetPermissions = isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'])
2158 ? $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']
2159 : '0755';
2160 }
2161 if (!empty($targetPermissions)) {
2162 // make sure it's always 4 digits
2163 $targetPermissions = str_pad($targetPermissions, 4, 0, STR_PAD_LEFT);
2164 $targetPermissions = octdec($targetPermissions);
2165 // "@" is there because file is not necessarily OWNED by the user
2166 $result = @chmod($path, $targetPermissions);
2167 }
2168 // Set createGroup if not empty
2169 if (
2170 isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'])
2171 && $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'] !== ''
2172 ) {
2173 // "@" is there because file is not necessarily OWNED by the user
2174 $changeGroupResult = @chgrp($path, $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup']);
2175 $result = $changeGroupResult ? $result : false;
2176 }
2177 // Call recursive if recursive flag if set and $path is directory
2178 if ($recursive && @is_dir($path)) {
2179 $handle = opendir($path);
2180 if (is_resource($handle)) {
2181 while (($file = readdir($handle)) !== false) {
2182 $recursionResult = null;
2183 if ($file !== '.' && $file !== '..') {
2184 if (@is_file(($path . '/' . $file))) {
2185 $recursionResult = static::fixPermissions($path . '/' . $file);
2186 } elseif (@is_dir(($path . '/' . $file))) {
2187 $recursionResult = static::fixPermissions($path . '/' . $file, true);
2188 }
2189 if (isset($recursionResult) && !$recursionResult) {
2190 $result = false;
2191 }
2192 }
2193 }
2194 closedir($handle);
2195 }
2196 }
2197 }
2198 return $result;
2199 }
2200
2201 /**
2202 * Writes $content to a filename in the typo3temp/ folder (and possibly one or two subfolders...)
2203 * Accepts an additional subdirectory in the file path!
2204 *
2205 * @param string $filepath Absolute file path to write to inside "typo3temp/". First part of this string must match PATH_site."typo3temp/"
2206 * @param string $content Content string to write
2207 * @return string Returns NULL on success, otherwise an error string telling about the problem.
2208 */
2209 public static function writeFileToTypo3tempDir($filepath, $content)
2210 {
2211 // Parse filepath into directory and basename:
2212 $fI = pathinfo($filepath);
2213 $fI['dirname'] .= '/';
2214 // Check parts:
2215 if (!static::validPathStr($filepath) || !$fI['basename'] || strlen($fI['basename']) >= 60) {
2216 return 'Input filepath "' . $filepath . '" was generally invalid!';
2217 }
2218 // Setting main temporary directory name (standard)
2219 $dirName = PATH_site . 'typo3temp/';
2220 if (!@is_dir($dirName)) {
2221 return 'PATH_site + "typo3temp/" was not a directory!';
2222 }
2223 if (!static::isFirstPartOfStr($fI['dirname'], $dirName)) {
2224 return '"' . $fI['dirname'] . '" was not within directory PATH_site + "typo3temp/"';
2225 }
2226 // Checking if the "subdir" is found:
2227 $subdir = substr($fI['dirname'], strlen($dirName));
2228 if ($subdir) {
2229 if (preg_match('#^(?:[[:alnum:]_]+/)+$#', $subdir)) {
2230 $dirName .= $subdir;
2231 if (!@is_dir($dirName)) {
2232 static::mkdir_deep(PATH_site . 'typo3temp/', $subdir);
2233 }
2234 } else {
2235 return 'Subdir, "' . $subdir . '", was NOT on the form "[[:alnum:]_]/+"';
2236 }
2237 }
2238 // Checking dir-name again (sub-dir might have been created):
2239 if (@is_dir($dirName)) {
2240 if ($filepath === $dirName . $fI['basename']) {
2241 static::writeFile($filepath, $content);
2242 if (!@is_file($filepath)) {
2243 return 'The file was not written to the disk. Please, check that you have write permissions to the typo3temp/ directory.';
2244 }
2245 } else {
2246 return 'Calculated file location didn\'t match input "' . $filepath . '".';
2247 }
2248 } else {
2249 return '"' . $dirName . '" is not a directory!';
2250 }
2251 return null;
2252 }
2253
2254 /**
2255 * Wrapper function for mkdir.
2256 * Sets folder permissions according to $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']
2257 * and group ownership according to $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup']
2258 *
2259 * @param string $newFolder Absolute path to folder, see PHP mkdir() function. Removes trailing slash internally.
2260 * @return bool TRUE if @mkdir went well!
2261 */
2262 public static function mkdir($newFolder)
2263 {
2264 $result = @mkdir($newFolder, octdec($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']));
2265 if ($result) {
2266 static::fixPermissions($newFolder);
2267 }
2268 return $result;
2269 }
2270
2271 /**
2272 * Creates a directory - including parent directories if necessary and
2273 * sets permissions on newly created directories.
2274 *
2275 * @param string $directory Target directory to create. Must a have trailing slash
2276 * @param string $deepDirectory Directory to create. This second parameter
2277 * @throws \InvalidArgumentException If $directory or $deepDirectory are not strings
2278 * @throws \RuntimeException If directory could not be created
2279 */
2280 public static function mkdir_deep($directory, $deepDirectory = '')
2281 {
2282 if (!is_string($directory)) {
2283 throw new \InvalidArgumentException('The specified directory is of type "' . gettype($directory) . '" but a string is expected.', 1303662955);
2284 }
2285 if (!is_string($deepDirectory)) {
2286 throw new \InvalidArgumentException('The specified directory is of type "' . gettype($deepDirectory) . '" but a string is expected.', 1303662956);
2287 }
2288 // Ensure there is only one slash
2289 $fullPath = rtrim($directory, '/') . '/' . ltrim($deepDirectory, '/');
2290 if ($fullPath !== '' && !is_dir($fullPath)) {
2291 $firstCreatedPath = static::createDirectoryPath($fullPath);
2292 if ($firstCreatedPath !== '') {
2293 static::fixPermissions($firstCreatedPath, true);
2294 }
2295 }
2296 }
2297
2298 /**
2299 * Creates directories for the specified paths if they do not exist. This
2300 * functions sets proper permission mask but does not set proper user and
2301 * group.
2302 *
2303 * @static
2304 * @param string $fullDirectoryPath
2305 * @return string Path to the the first created directory in the hierarchy
2306 * @see \TYPO3\CMS\Core\Utility\GeneralUtility::mkdir_deep
2307 * @throws \RuntimeException If directory could not be created
2308 */
2309 protected static function createDirectoryPath($fullDirectoryPath)
2310 {
2311 $currentPath = $fullDirectoryPath;
2312 $firstCreatedPath = '';
2313 $permissionMask = octdec($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']);
2314 if (!@is_dir($currentPath)) {
2315 do {
2316 $firstCreatedPath = $currentPath;
2317 $separatorPosition = strrpos($currentPath, DIRECTORY_SEPARATOR);
2318 $currentPath = substr($currentPath, 0, $separatorPosition);
2319 } while (!is_dir($currentPath) && $separatorPosition !== false);
2320 $result = @mkdir($fullDirectoryPath, $permissionMask, true);
2321 // Check existence of directory again to avoid race condition. Directory could have get created by another process between previous is_dir() and mkdir()
2322 if (!$result && !@is_dir($fullDirectoryPath)) {
2323 throw new \RuntimeException('Could not create directory "' . $fullDirectoryPath . '"!', 1170251401);
2324 }
2325 }
2326 return $firstCreatedPath;
2327 }
2328
2329 /**
2330 * Wrapper function for rmdir, allowing recursive deletion of folders and files
2331 *
2332 * @param string $path Absolute path to folder, see PHP rmdir() function. Removes trailing slash internally.
2333 * @param bool $removeNonEmpty Allow deletion of non-empty directories
2334 * @return bool TRUE if @rmdir went well!
2335 */
2336 public static function rmdir($path, $removeNonEmpty = false)
2337 {
2338 $OK = false;
2339 // Remove trailing slash
2340 $path = preg_replace('|/$|', '', $path);
2341 if (file_exists($path)) {
2342 $OK = true;
2343 if (!is_link($path) && is_dir($path)) {
2344 if ($removeNonEmpty == true && ($handle = @opendir($path))) {
2345 while ($OK && false !== ($file = readdir($handle))) {
2346 if ($file === '.' || $file === '..') {
2347 continue;
2348 }
2349 $OK = static::rmdir($path . '/' . $file, $removeNonEmpty);
2350 }
2351 closedir($handle);
2352 }
2353 if ($OK) {
2354 $OK = @rmdir($path);
2355 }
2356 } elseif (is_link($path) && is_dir($path) && TYPO3_OS === 'WIN') {
2357 $OK = @rmdir($path);
2358 } else {
2359 // If $path is a file, simply remove it
2360 $OK = @unlink($path);
2361 }
2362 clearstatcache();
2363 } elseif (is_link($path)) {
2364 $OK = @unlink($path);
2365 if (!$OK && TYPO3_OS === 'WIN') {
2366 // Try to delete dead folder links on Windows systems
2367 $OK = @rmdir($path);
2368 }
2369 clearstatcache();
2370 }
2371 return $OK;
2372 }
2373
2374 /**
2375 * Flushes a directory by first moving to a temporary resource, and then
2376 * triggering the remove process. This way directories can be flushed faster
2377 * to prevent race conditions on concurrent processes accessing the same directory.
2378 *
2379 * @param string $directory The directory to be renamed and flushed
2380 * @param bool $keepOriginalDirectory Whether to only empty the directory and not remove it
2381 * @param bool $flushOpcodeCache Also flush the opcode cache right after renaming the directory.
2382 * @return bool Whether the action was successful
2383 */
2384 public static function flushDirectory($directory, $keepOriginalDirectory = false, $flushOpcodeCache = false)
2385 {
2386 $result = false;
2387
2388 if (is_dir($directory)) {
2389 $temporaryDirectory = rtrim($directory, '/') . '.' . StringUtility::getUniqueId('remove') . '/';
2390 if (rename($directory, $temporaryDirectory)) {
2391 if ($flushOpcodeCache) {
2392 self::makeInstance(OpcodeCacheService::class)->clearAllActive($directory);
2393 }
2394 if ($keepOriginalDirectory) {
2395 static::mkdir($directory);
2396 }
2397 clearstatcache();
2398 $result = static::rmdir($temporaryDirectory, true);
2399 }
2400 }
2401
2402 return $result;
2403 }
2404
2405 /**
2406 * Returns an array with the names of folders in a specific path
2407 * Will return 'error' (string) if there were an error with reading directory content.
2408 *
2409 * @param string $path Path to list directories from
2410 * @return array Returns an array with the directory entries as values. If no path, the return value is nothing.
2411 */
2412 public static function get_dirs($path)
2413 {
2414 $dirs = null;
2415 if ($path) {
2416 if (is_dir($path)) {
2417 $dir = scandir($path);
2418 $dirs = [];
2419 foreach ($dir as $entry) {
2420 if (is_dir($path . '/' . $entry) && $entry !== '..' && $entry !== '.') {
2421 $dirs[] = $entry;
2422 }
2423 }
2424 } else {
2425 $dirs = 'error';
2426 }
2427 }
2428 return $dirs;
2429 }
2430
2431 /**
2432 * Finds all files in a given path and returns them as an array. Each
2433 * array key is a md5 hash of the full path to the file. This is done because
2434 * 'some' extensions like the import/export extension depend on this.
2435 *
2436 * @param string $path The path to retrieve the files from.
2437 * @param string $extensionList A comma-separated list of file extensions. Only files of the specified types will be retrieved. When left blank, files of any type will be retrieved.
2438 * @param bool $prependPath If TRUE, the full path to the file is returned. If FALSE only the file name is returned.
2439 * @param string $order The sorting order. The default sorting order is alphabetical. Setting $order to 'mtime' will sort the files by modification time.
2440 * @param string $excludePattern A regular expression pattern of file names to exclude. For example: 'clear.gif' or '(clear.gif|.htaccess)'. The pattern will be wrapped with: '/^' and '$/'.
2441 * @return array|string Array of the files found, or an error message in case the path could not be opened.
2442 */
2443 public static function getFilesInDir($path, $extensionList = '', $prependPath = false, $order = '', $excludePattern = '')
2444 {
2445 $excludePattern = (string)$excludePattern;
2446 $path = rtrim($path, '/');
2447 if (!@is_dir($path)) {
2448 return [];
2449 }
2450
2451 $rawFileList = scandir($path);
2452 if ($rawFileList === false) {
2453 return 'error opening path: "' . $path . '"';
2454 }
2455
2456 $pathPrefix = $path . '/';
2457 $extensionList = ',' . $extensionList . ',';
2458 $files = [];
2459 foreach ($rawFileList as $entry) {
2460 $completePathToEntry = $pathPrefix . $entry;
2461 if (!@is_file($completePathToEntry)) {
2462 continue;
2463 }
2464
2465 if (
2466 ($extensionList === ',,' || stripos($extensionList, ',' . pathinfo($entry, PATHINFO_EXTENSION) . ',') !== false)
2467 && ($excludePattern === '' || !preg_match(('/^' . $excludePattern . '$/'), $entry))
2468 ) {
2469 if ($order !== 'mtime') {
2470 $files[] = $entry;
2471 } else {
2472 // Store the value in the key so we can do a fast asort later.
2473 $files[$entry] = filemtime($completePathToEntry);
2474 }
2475 }
2476 }
2477
2478 $valueName = 'value';
2479 if ($order === 'mtime') {
2480 asort($files);
2481 $valueName = 'key';
2482 }
2483
2484 $valuePathPrefix = $prependPath ? $pathPrefix : '';
2485 $foundFiles = [];
2486 foreach ($files as $key => $value) {
2487 // Don't change this ever - extensions may depend on the fact that the hash is an md5 of the path! (import/export extension)
2488 $foundFiles[md5($pathPrefix . ${$valueName})] = $valuePathPrefix . ${$valueName};
2489 }
2490
2491 return $foundFiles;
2492 }
2493
2494 /**
2495 * Recursively gather all files and folders of a path.
2496 *
2497 * @param array $fileArr Empty input array (will have files added to it)
2498 * @param string $path The path to read recursively from (absolute) (include trailing slash!)
2499 * @param string $extList Comma list of file extensions: Only files with extensions in this list (if applicable) will be selected.
2500 * @param bool $regDirs If set, directories are also included in output.
2501 * @param int $recursivityLevels The number of levels to dig down...
2502 * @param string $excludePattern regex pattern of files/directories to exclude
2503 * @return array An array with the found files/directories.
2504 */
2505 public static function getAllFilesAndFoldersInPath(array $fileArr, $path, $extList = '', $regDirs = false, $recursivityLevels = 99, $excludePattern = '')
2506 {
2507 if ($regDirs) {
2508 $fileArr[md5($path)] = $path;
2509 }
2510 $fileArr = array_merge($fileArr, self::getFilesInDir($path, $extList, 1, 1, $excludePattern));
2511 $dirs = self::get_dirs($path);
2512 if ($recursivityLevels > 0 && is_array($dirs)) {
2513 foreach ($dirs as $subdirs) {
2514 if ((string)$subdirs !== '' && ($excludePattern === '' || !preg_match(('/^' . $excludePattern . '$/'), $subdirs))) {
2515 $fileArr = self::getAllFilesAndFoldersInPath($fileArr, $path . $subdirs . '/', $extList, $regDirs, $recursivityLevels - 1, $excludePattern);
2516 }
2517 }
2518 }
2519 return $fileArr;
2520 }
2521
2522 /**
2523 * Removes the absolute part of all files/folders in fileArr
2524 *
2525 * @param array $fileArr The file array to remove the prefix from
2526 * @param string $prefixToRemove The prefix path to remove (if found as first part of string!)
2527 * @return array The input $fileArr processed.
2528 */
2529 public static function removePrefixPathFromList(array $fileArr, $prefixToRemove)
2530 {
2531 foreach ($fileArr as $k => &$absFileRef) {
2532 if (self::isFirstPartOfStr($absFileRef, $prefixToRemove)) {
2533 $absFileRef = substr($absFileRef, strlen($prefixToRemove));
2534 } else {
2535 return 'ERROR: One or more of the files was NOT prefixed with the prefix-path!';
2536 }
2537 }
2538 unset($absFileRef);
2539 return $fileArr;
2540 }
2541
2542 /**
2543 * Fixes a path for windows-backslashes and reduces double-slashes to single slashes
2544 *
2545 * @param string $theFile File path to process
2546 * @return string
2547 */
2548 public static function fixWindowsFilePath($theFile)
2549 {
2550 return str_replace(['\\', '//'], '/', $theFile);
2551 }
2552
2553 /**
2554 * Resolves "../" sections in the input path string.
2555 * For example "fileadmin/directory/../other_directory/" will be resolved to "fileadmin/other_directory/"
2556 *
2557 * @param string $pathStr File path in which "/../" is resolved
2558 * @return string
2559 */
2560 public static function resolveBackPath($pathStr)
2561 {
2562 if (strpos($pathStr, '..') === false) {
2563 return $pathStr;
2564 }
2565 $parts = explode('/', $pathStr);
2566 $output = [];
2567 $c = 0;
2568 foreach ($parts as $part) {
2569 if ($part === '..') {
2570 if ($c) {
2571 array_pop($output);
2572 --$c;
2573 } else {
2574 $output[] = $part;
2575 }
2576 } else {
2577 ++$c;
2578 $output[] = $part;
2579 }
2580 }
2581 return implode('/', $output);
2582 }
2583
2584 /**
2585 * Prefixes a URL used with 'header-location' with 'http://...' depending on whether it has it already.
2586 * - If already having a scheme, nothing is prepended
2587 * - If having REQUEST_URI slash '/', then prefixing 'http://[host]' (relative to host)
2588 * - Otherwise prefixed with TYPO3_REQUEST_DIR (relative to current dir / TYPO3_REQUEST_DIR)
2589 *
2590 * @param string $path URL / path to prepend full URL addressing to.
2591 * @return string
2592 */
2593 public static function locationHeaderUrl($path)
2594 {
2595 $uI = parse_url($path);
2596 // relative to HOST
2597 if ($path[0] === '/') {
2598 $path = self::getIndpEnv('TYPO3_REQUEST_HOST') . $path;
2599 } elseif (!$uI['scheme']) {
2600 // No scheme either
2601 $path = self::getIndpEnv('TYPO3_REQUEST_DIR') . $path;
2602 }
2603 return $path;
2604 }
2605
2606 /**
2607 * Returns the maximum upload size for a file that is allowed. Measured in KB.
2608 * This might be handy to find out the real upload limit that is possible for this
2609 * TYPO3 installation.
2610 *
2611 * @return int The maximum size of uploads that are allowed (measured in kilobytes)
2612 */
2613 public static function getMaxUploadFileSize()
2614 {
2615 // Check for PHP restrictions of the maximum size of one of the $_FILES
2616 $phpUploadLimit = self::getBytesFromSizeMeasurement(ini_get('upload_max_filesize'));
2617 // Check for PHP restrictions of the maximum $_POST size
2618 $phpPostLimit = self::getBytesFromSizeMeasurement(ini_get('post_max_size'));
2619 // If the total amount of post data is smaller (!) than the upload_max_filesize directive,
2620 // then this is the real limit in PHP
2621 $phpUploadLimit = $phpPostLimit > 0 && $phpPostLimit < $phpUploadLimit ? $phpPostLimit : $phpUploadLimit;
2622 return floor(($phpUploadLimit)) / 1024;
2623 }
2624
2625 /**
2626 * Gets the bytes value from a measurement string like "100k".
2627 *
2628 * @param string $measurement The measurement (e.g. "100k")
2629 * @return int The bytes value (e.g. 102400)
2630 */
2631 public static function getBytesFromSizeMeasurement($measurement)
2632 {
2633 $bytes = (float)$measurement;
2634 if (stripos($measurement, 'G')) {
2635 $bytes *= 1024 * 1024 * 1024;
2636 } elseif (stripos($measurement, 'M')) {
2637 $bytes *= 1024 * 1024;
2638 } elseif (stripos($measurement, 'K')) {
2639 $bytes *= 1024;
2640 }
2641 return $bytes;
2642 }
2643
2644 /**
2645 * Retrieves the maximum path length that is valid in the current environment.
2646 *
2647 * @return int The maximum available path length
2648 * @deprecated since TYPO3 v8, will be removed in TYPO3 v9
2649 */
2650 public static function getMaximumPathLength()
2651 {
2652 static::logDeprecatedFunction();
2653 return PHP_MAXPATHLEN;
2654 }
2655
2656 /**
2657 * Function for static version numbers on files, based on the filemtime
2658 *
2659 * This will make the filename automatically change when a file is
2660 * changed, and by that re-cached by the browser. If the file does not
2661 * exist physically the original file passed to the function is
2662 * returned without the timestamp.
2663 *
2664 * Behaviour is influenced by the setting
2665 * TYPO3_CONF_VARS[TYPO3_MODE][versionNumberInFilename]
2666 * = TRUE (BE) / "embed" (FE) : modify filename
2667 * = FALSE (BE) / "querystring" (FE) : add timestamp as parameter
2668 *
2669 * @param string $file Relative path to file including all potential query parameters (not htmlspecialchared yet)
2670 * @return string Relative path with version filename including the timestamp
2671 */
2672 public static function createVersionNumberedFilename($file)
2673 {
2674 $lookupFile = explode('?', $file);
2675 $path = self::resolveBackPath(self::dirname(PATH_thisScript) . '/' . $lookupFile[0]);
2676
2677 $doNothing = false;
2678 if (TYPO3_MODE === 'FE') {
2679 $mode = strtolower($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['versionNumberInFilename']);
2680 if ($mode === 'embed') {
2681 $mode = true;
2682 } else {
2683 if ($mode === 'querystring') {
2684 $mode = false;
2685 } else {
2686 $doNothing = true;
2687 }
2688 }
2689 } else {
2690 $mode = $GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['versionNumberInFilename'];
2691 }
2692 if (!file_exists($path) || $doNothing) {
2693 // File not found, return filename unaltered
2694 $fullName = $file;
2695 } else {
2696 if (!$mode) {
2697 // If use of .htaccess rule is not configured,
2698 // we use the default query-string method
2699 if ($lookupFile[1]) {
2700 $separator = '&';
2701 } else {
2702 $separator = '?';
2703 }
2704 $fullName = $file . $separator . filemtime($path);
2705 } else {
2706 // Change the filename
2707 $name = explode('.', $lookupFile[0]);
2708 $extension = array_pop($name);
2709 array_push($name, filemtime($path), $extension);
2710 $fullName = implode('.', $name);
2711 // Append potential query string
2712 $fullName .= $lookupFile[1] ? '?' . $lookupFile[1] : '';
2713 }
2714 }
2715 return $fullName;
2716 }
2717
2718 /*************************
2719 *
2720 * SYSTEM INFORMATION
2721 *
2722 *************************/
2723
2724 /**
2725 * Returns the link-url to the current script.
2726 * In $getParams you can set associative keys corresponding to the GET-vars you wish to add to the URL. If you set them empty, they will remove existing GET-vars from the current URL.
2727 * REMEMBER to always use htmlspecialchars() for content in href-properties to get ampersands converted to entities (XHTML requirement and XSS precaution)
2728 *
2729 * @param array $getParams Array of GET parameters to include
2730 * @return string
2731 */
2732 public static function linkThisScript(array $getParams = [])
2733 {
2734 $parts = self::getIndpEnv('SCRIPT_NAME');
2735 $params = self::_GET();
2736 foreach ($getParams as $key => $value) {
2737 if ($value !== '') {
2738 $params[$key] = $value;
2739 } else {
2740 unset($params[$key]);
2741 }
2742 }
2743 $pString = self::implodeArrayForUrl('', $params);
2744 return $pString ? $parts . '?' . ltrim($pString, '&') : $parts;
2745 }
2746
2747 /**
2748 * Takes a full URL, $url, possibly with a querystring and overlays the $getParams arrays values onto the quirystring, packs it all together and returns the URL again.
2749 * So basically it adds the parameters in $getParams to an existing URL, $url
2750 *
2751 * @param string $url URL string
2752 * @param array $getParams Array of key/value pairs for get parameters to add/overrule with. Can be multidimensional.
2753 * @return string Output URL with added getParams.
2754 */
2755 public static function linkThisUrl($url, array $getParams = [])
2756 {
2757 $parts = parse_url($url);
2758 $getP = [];
2759 if ($parts['query']) {
2760 parse_str($parts['query'], $getP);
2761 }
2762 ArrayUtility::mergeRecursiveWithOverrule($getP, $getParams);
2763 $uP = explode('?', $url);
2764 $params = self::implodeArrayForUrl('', $getP);
2765 $outurl = $uP[0] . ($params ? '?' . substr($params, 1) : '');
2766 return $outurl;
2767 }
2768
2769 /**
2770 * Abstraction method which returns System Environment Variables regardless of server OS, CGI/MODULE version etc. Basically this is SERVER variables for most of them.
2771 * This should be used instead of getEnv() and $_SERVER/ENV_VARS to get reliable values for all situations.
2772 *
2773 * @param string $getEnvName Name of the "environment variable"/"server variable" you wish to use. Valid values are SCRIPT_NAME, SCRIPT_FILENAME, REQUEST_URI, PATH_INFO, REMOTE_ADDR, REMOTE_HOST, HTTP_REFERER, HTTP_HOST, HTTP_USER_AGENT, HTTP_ACCEPT_LANGUAGE, QUERY_STRING, TYPO3_DOCUMENT_ROOT, TYPO3_HOST_ONLY, TYPO3_HOST_ONLY, TYPO3_REQUEST_HOST, TYPO3_REQUEST_URL, TYPO3_REQUEST_SCRIPT, TYPO3_REQUEST_DIR, TYPO3_SITE_URL, _ARRAY
2774 * @return string Value based on the input key, independent of server/os environment.
2775 * @throws \UnexpectedValueException
2776 */
2777 public static function getIndpEnv($getEnvName)
2778 {
2779 if (isset(self::$indpEnvCache[$getEnvName])) {
2780 return self::$indpEnvCache[$getEnvName];
2781 }
2782
2783 /*
2784 Conventions:
2785 output from parse_url():
2786 URL: http://username:password@192.168.1.4:8080/typo3/32/temp/phpcheck/index.php/arg1/arg2/arg3/?arg1,arg2,arg3&p1=parameter1&p2[key]=value#link1
2787 [scheme] => 'http'
2788 [user] => 'username'
2789 [pass] => 'password'
2790 [host] => '192.168.1.4'
2791 [port] => '8080'
2792 [path] => '/typo3/32/temp/phpcheck/index.php/arg1/arg2/arg3/'
2793 [query] => 'arg1,arg2,arg3&p1=parameter1&p2[key]=value'
2794 [fragment] => 'link1'Further definition: [path_script] = '/typo3/32/temp/phpcheck/index.php'
2795 [path_dir] = '/typo3/32/temp/phpcheck/'
2796 [path_info] = '/arg1/arg2/arg3/'
2797 [path] = [path_script/path_dir][path_info]Keys supported:URI______:
2798 REQUEST_URI = [path]?[query] = /typo3/32/temp/phpcheck/index.php/arg1/arg2/arg3/?arg1,arg2,arg3&p1=parameter1&p2[key]=value
2799 HTTP_HOST = [host][:[port]] = 192.168.1.4:8080
2800 SCRIPT_NAME = [path_script]++ = /typo3/32/temp/phpcheck/index.php // NOTICE THAT SCRIPT_NAME will return the php-script name ALSO. [path_script] may not do that (eg. '/somedir/' may result in SCRIPT_NAME '/somedir/index.php')!
2801 PATH_INFO = [path_info] = /arg1/arg2/arg3/
2802 QUERY_STRING = [query] = arg1,arg2,arg3&p1=parameter1&p2[key]=value
2803 HTTP_REFERER = [scheme]://[host][:[port]][path] = http://192.168.1.4:8080/typo3/32/temp/phpcheck/index.php/arg1/arg2/arg3/?arg1,arg2,arg3&p1=parameter1&p2[key]=value
2804 (Notice: NO username/password + NO fragment)CLIENT____:
2805 REMOTE_ADDR = (client IP)
2806 REMOTE_HOST = (client host)
2807 HTTP_USER_AGENT = (client user agent)
2808 HTTP_ACCEPT_LANGUAGE = (client accept language)SERVER____:
2809 SCRIPT_FILENAME = Absolute filename of script (Differs between windows/unix). On windows 'C:\\blabla\\blabl\\' will be converted to 'C:/blabla/blabl/'Special extras:
2810 TYPO3_HOST_ONLY = [host] = 192.168.1.4
2811 TYPO3_PORT = [port] = 8080 (blank if 80, taken from host value)
2812 TYPO3_REQUEST_HOST = [scheme]://[host][:[port]]
2813 TYPO3_REQUEST_URL = [scheme]://[host][:[port]][path]?[query] (scheme will by default be "http" until we can detect something different)
2814 TYPO3_REQUEST_SCRIPT = [scheme]://[host][:[port]][path_script]
2815 TYPO3_REQUEST_DIR = [scheme]://[host][:[port]][path_dir]
2816 TYPO3_SITE_URL = [scheme]://[host][:[port]][path_dir] of the TYPO3 website frontend
2817 TYPO3_SITE_PATH = [path_dir] of the TYPO3 website frontend
2818 TYPO3_SITE_SCRIPT = [script / Speaking URL] of the TYPO3 website
2819 TYPO3_DOCUMENT_ROOT = Absolute path of root of documents: TYPO3_DOCUMENT_ROOT.SCRIPT_NAME = SCRIPT_FILENAME (typically)
2820 TYPO3_SSL = Returns TRUE if this session uses SSL/TLS (https)
2821 TYPO3_PROXY = Returns TRUE if this session runs over a well known proxyNotice: [fragment] is apparently NEVER available to the script!Testing suggestions:
2822 - Output all the values.
2823 - In the script, make a link to the script it self, maybe add some parameters and click the link a few times so HTTP_REFERER is seen
2824 - ALSO TRY the script from the ROOT of a site (like 'http://www.mytest.com/' and not 'http://www.mytest.com/test/' !!)
2825 */
2826 $retVal = '';
2827 switch ((string)$getEnvName) {
2828 case 'SCRIPT_NAME':
2829 $retVal = self::isRunningOnCgiServerApi()
2830 && ($_SERVER['ORIG_PATH_INFO'] ?: $_SERVER['PATH_INFO'])
2831 ? ($_SERVER['ORIG_PATH_INFO'] ?: $_SERVER['PATH_INFO'])
2832 : ($_SERVER['ORIG_SCRIPT_NAME'] ?: $_SERVER['SCRIPT_NAME']);
2833 // Add a prefix if TYPO3 is behind a proxy: ext-domain.com => int-server.com/prefix
2834 if (self::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'])) {
2835 if (self::getIndpEnv('TYPO3_SSL') && $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefixSSL']) {
2836 $retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefixSSL'] . $retVal;
2837 } elseif ($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefix']) {
2838 $retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefix'] . $retVal;
2839 }
2840 }
2841 break;
2842 case 'SCRIPT_FILENAME':
2843 $retVal = PATH_thisScript;
2844 break;
2845 case 'REQUEST_URI':
2846 // Typical application of REQUEST_URI is return urls, forms submitting to itself etc. Example: returnUrl='.rawurlencode(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('REQUEST_URI'))
2847 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['requestURIvar']) {
2848 // This is for URL rewriters that store the original URI in a server variable (eg ISAPI_Rewriter for IIS: HTTP_X_REWRITE_URL)
2849 list($v, $n) = explode('|', $GLOBALS['TYPO3_CONF_VARS']['SYS']['requestURIvar']);
2850 $retVal = $GLOBALS[$v][$n];
2851 } elseif (!$_SERVER['REQUEST_URI']) {
2852 // This is for ISS/CGI which does not have the REQUEST_URI available.
2853 $retVal = '/' . ltrim(self::getIndpEnv('SCRIPT_NAME'), '/') . ($_SERVER['QUERY_STRING'] ? '?' . $_SERVER['QUERY_STRING'] : '');
2854 } else {
2855 $retVal = '/' . ltrim($_SERVER['REQUEST_URI'], '/');
2856 }
2857 // Add a prefix if TYPO3 is behind a proxy: ext-domain.com => int-server.com/prefix
2858 if (self::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'])) {
2859 if (self::getIndpEnv('TYPO3_SSL') && $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefixSSL']) {
2860 $retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefixSSL'] . $retVal;
2861 } elseif ($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefix']) {
2862 $retVal = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyPrefix'] . $retVal;
2863 }
2864 }
2865 break;
2866 case 'PATH_INFO':
2867 // $_SERVER['PATH_INFO'] != $_SERVER['SCRIPT_NAME'] is necessary because some servers (Windows/CGI)
2868 // are seen to set PATH_INFO equal to script_name
2869 // Further, there must be at least one '/' in the path - else the PATH_INFO value does not make sense.
2870 // IF 'PATH_INFO' never works for our purpose in TYPO3 with CGI-servers,
2871 // then 'PHP_SAPI=='cgi'' might be a better check.
2872 // Right now strcmp($_SERVER['PATH_INFO'], GeneralUtility::getIndpEnv('SCRIPT_NAME')) will always
2873 // return FALSE for CGI-versions, but that is only as long as SCRIPT_NAME is set equal to PATH_INFO
2874 // because of PHP_SAPI=='cgi' (see above)
2875 if (!self::isRunningOnCgiServerApi()) {
2876 $retVal = $_SERVER['PATH_INFO'];
2877 }
2878 break;
2879 case 'TYPO3_REV_PROXY':
2880 $retVal = self::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP']);
2881 break;
2882 case 'REMOTE_ADDR':
2883 $retVal = $_SERVER['REMOTE_ADDR'];
2884 if (self::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'])) {
2885 $ip = self::trimExplode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
2886 // Choose which IP in list to use
2887 if (!empty($ip)) {
2888 switch ($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue']) {
2889 case 'last':
2890 $ip = array_pop($ip);
2891 break;
2892 case 'first':
2893 $ip = array_shift($ip);
2894 break;
2895 case 'none':
2896
2897 default:
2898 $ip = '';
2899 }
2900 }
2901 if (self::validIP($ip)) {
2902 $retVal = $ip;
2903 }
2904 }
2905 break;
2906 case 'HTTP_HOST':
2907 // if it is not set we're most likely on the cli
2908 $retVal = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : null;
2909 if (isset($_SERVER['REMOTE_ADDR']) && static::cmpIP($_SERVER['REMOTE_ADDR'], $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'])) {
2910 $host = self::trimExplode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
2911 // Choose which host in list to use
2912 if (!empty($host)) {
2913 switch ($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue']) {
2914 case 'last':
2915 $host = array_pop($host);
2916 break;
2917 case 'first':
2918 $host = array_shift($host);
2919 break;
2920 case 'none':
2921
2922 default:
2923 $host = '';
2924 }
2925 }
2926 if ($host) {
2927 $retVal = $host;
2928 }
2929 }
2930 if (!static::isAllowedHostHeaderValue($retVal)) {
2931 throw new \UnexpectedValueException(
2932 'The current host header value does not match the configured trusted hosts pattern! Check the pattern defined in $GLOBALS[\'TYPO3_CONF_VARS\'][\'SYS\'][\'trustedHostsPattern\'] and adapt it, if you want to allow the current host header \'' . $retVal . '\' for your installation.',
2933 1396795884
2934 );
2935 }
2936 break;
2937 case 'HTTP_REFERER':
2938
2939 case 'HTTP_USER_AGENT':
2940
2941 case 'HTTP_ACCEPT_ENCODING':
2942
2943 case 'HTTP_ACCEPT_LANGUAGE':
2944
2945 case 'REMOTE_HOST':
2946
2947 case 'QUERY_STRING':
2948 if (isset($_SERVER[$getEnvName])) {
2949 $retVal = $_SERVER[$getEnvName];
2950 }
2951 break;
2952 case 'TYPO3_DOCUMENT_ROOT':
2953 // Get the web root (it is not the root of the TYPO3 installation)
2954 // The absolute path of the script can be calculated with TYPO3_DOCUMENT_ROOT + SCRIPT_FILENAME
2955 // Some CGI-versions (LA13CGI) and mod-rewrite rules on MODULE versions will deliver a 'wrong' DOCUMENT_ROOT (according to our description). Further various aliases/mod_rewrite rules can disturb this as well.
2956 // Therefore the DOCUMENT_ROOT is now always calculated as the SCRIPT_FILENAME minus the end part shared with SCRIPT_NAME.
2957 $SFN = self::getIndpEnv('SCRIPT_FILENAME');
2958 $SN_A = explode('/', strrev(self::getIndpEnv('SCRIPT_NAME')));
2959 $SFN_A = explode('/', strrev($SFN));
2960 $acc = [];
2961 foreach ($SN_A as $kk => $vv) {
2962 if ((string)$SFN_A[$kk] === (string)$vv) {
2963 $acc[] = $vv;
2964 } else {
2965 break;
2966 }
2967 }
2968 $commonEnd = strrev(implode('/', $acc));
2969 if ((string)$commonEnd !== '') {
2970 $retVal = substr($SFN, 0, -(strlen($commonEnd) + 1));
2971 }
2972 break;
2973 case 'TYPO3_HOST_ONLY':
2974 $httpHost = self::getIndpEnv('HTTP_HOST');
2975 $httpHostBracketPosition = strpos($httpHost, ']');
2976 $httpHostParts = explode(':', $httpHost);
2977 $retVal = $httpHostBracketPosition !== false ? substr($httpHost, 0, $httpHostBracketPosition + 1) : array_shift($httpHostParts);
2978 break;
2979 case 'TYPO3_PORT':
2980 $httpHost = self::getIndpEnv('HTTP_HOST');
2981 $httpHostOnly = self::getIndpEnv('TYPO3_HOST_ONLY');
2982 $retVal = strlen($httpHost) > strlen($httpHostOnly) ? substr($httpHost, strlen($httpHostOnly) + 1) : '';
2983 break;
2984 case 'TYPO3_REQUEST_HOST':
2985 $retVal = (self::getIndpEnv('TYPO3_SSL') ? 'https://' : 'http://') . self::getIndpEnv('HTTP_HOST');
2986 break;
2987 case 'TYPO3_REQUEST_URL':
2988 $retVal = self::getIndpEnv('TYPO3_REQUEST_HOST') . self::getIndpEnv('REQUEST_URI');
2989 break;
2990 case 'TYPO3_REQUEST_SCRIPT':
2991 $retVal = self::getIndpEnv('TYPO3_REQUEST_HOST') . self::getIndpEnv('SCRIPT_NAME');
2992 break;
2993 case 'TYPO3_REQUEST_DIR':
2994 $retVal = self::getIndpEnv('TYPO3_REQUEST_HOST') . self::dirname(self::getIndpEnv('SCRIPT_NAME')) . '/';
2995 break;
2996 case 'TYPO3_SITE_URL':
2997 $url = self::getIndpEnv('TYPO3_REQUEST_DIR');
2998 // This can only be set by external entry scripts
2999 if (defined('TYPO3_PATH_WEB')) {
3000 $retVal = $url;
3001 } elseif (defined('PATH_thisScript') && defined('PATH_site')) {
3002 $lPath = PathUtility::stripPathSitePrefix(dirname(PATH_thisScript)) . '/';
3003 $siteUrl = substr($url, 0, -strlen($lPath));
3004 if (substr($siteUrl, -1) !== '/') {
3005 $siteUrl .= '/';
3006 }
3007 $retVal = $siteUrl;
3008 }
3009 break;
3010 case 'TYPO3_SITE_PATH':
3011 $retVal = substr(self::getIndpEnv('TYPO3_SITE_URL'), strlen(self::getIndpEnv('TYPO3_REQUEST_HOST')));
3012 break;
3013 case 'TYPO3_SITE_SCRIPT':
3014 $retVal = substr(self::getIndpEnv('TYPO3_REQUEST_URL'), strlen(self::getIndpEnv('TYPO3_SITE_URL')));
3015 break;
3016 case 'TYPO3_SSL':
3017 $proxySSL = trim($GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxySSL']);
3018 if ($proxySSL === '*') {
3019 $proxySSL = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'];
3020 }
3021 if (self::cmpIP($_SERVER['REMOTE_ADDR'], $proxySSL)) {
3022 $retVal = true;
3023 } else {
3024 $retVal = $_SERVER['SSL_SESSION_ID'] || strtolower($_SERVER['HTTPS']) === 'on' || (string)$_SERVER['HTTPS'] === '1';
3025 }
3026 break;
3027 case '_ARRAY':
3028 $out = [];
3029 // Here, list ALL possible keys to this function for debug display.