Menu
▾
▴
[phpBT-dev] CVS: phpbt/inc auth.php,NONE,1.1 session.php,NONE,1.1 template.php,NONE,1.1
|
From: Benjamin C. <bc...@us...> - 2001-11-13 03:48:44
|
Update of /cvsroot/phpbt/phpbt/inc
In directory usw-pr-cvs1:/tmp/cvs-serv21820
Added Files:
auth.php session.php template.php
Log Message:
Internalizing PHPlib stuff, and moving to PHP native sessions
--- NEW FILE: auth.php ---
<?php
// auth.php - Page control, authentication object, and permission object
// ------------------------------------------------------------------------
// Copyright (c) 2001 The phpBugTracker Group
// ------------------------------------------------------------------------
// This file is part of phpBugTracker
//
// phpBugTracker is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// phpBugTracker is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with phpBugTracker; if not, write to the Free Software Foundation,
// Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
// ------------------------------------------------------------------------
// Based on and/or directly from PHPlib, which is
// Copyright (c) 1998-2000 NetUSE AG -- Boris Erdmann, Kristian Koehntopp
class uauth {
var $lifetime = 0; // In minutes -- 0 for no expiration until browser closed
var $classname = 'uauth';
var $auth = array();
function start() {
global $sess;
if (!$sess->is_registered('auth')) {
$sess->register('auth');
}
if ($this->is_authenticated()) {
if ($this->auth['uid']) {
$this->auth['exp'] = time() + (60 * $this->lifetime);
}
}
}
function is_authenticated() {
if ($this->auth['uid'] &&
($this->lifetime <= 0 || time() < $this->auth['exp'])) {
return $this->auth['uid'];
} else {
return false;
}
}
function auth_validatelogin() {
global $username, $password, $q, $select, $emailpass, $emailsuccess, $STRING;
if (!$username) return 0;
$this->auth['uname'] = $username;
if (ENCRYPT_PASS) {
$password = md5($password);
}
$u = $q->grab("select * from ".TBL_AUTH_USER." where login = '$username' and password = '$password' and active > 0");
if (!$q->num_rows()) {
return 0;
} else {
$this->auth['db_fields'] = unserialize($u['bug_list_fields']);
// Grab group assignments and permissions based on groups
$q->query("select group_name, perm_name"
." from ".TBL_AUTH_PERM." ap, ".TBL_GROUP_PERM." gp, ".TBL_AUTH_GROUP." ag, ".TBL_USER_GROUP." ug"
." where ap.perm_id = gp.perm_id and gp.group_id = ag.group_id"
." and ag.group_id = ug.group_id and ug.user_id = {$u['user_id']}");
while (list($group, $perm) = $q->grab()) {
$this->auth['perm'][$perm] = true;
$this->auth['group'][$group] = true;
}
return $u['user_id'];
}
}
function unauth() {
$this->auth['uid'] = 0;
$this->auth['perm'] = '';
$this->auth['exp'] = 0;
$this->auth['group'] = '';
$this->auth['db_fields'] = '';
}
}
class uperm {
var $classname = 'uperm';
var $permissions = array ();
function check($p) {
global $auth;
if (! $this->have_perm($p)) {
if (! isset($auth->auth['perm']) ) {
$auth->auth['perm'] = '';
}
$this->perm_invalid($auth->auth['perm'], $p);
exit();
}
}
function check_auth($auth_var, $reqs) {
global $auth;
// Administrators always pass
if ($auth->auth[$auth_var]['Admin']) {
return true;
}
if (is_array($reqs)) {
foreach ($reqs as $req) {
if (!$auth->auth[$auth_var][$req]) {
return false;
}
}
} else {
if (!$auth->auth[$auth_var][$reqs]) {
return false;
}
}
// Didn't fail on any requirements? Then the user passes the check
return true;
}
function in_group($req_groups) {
return $this->check_auth('group', $req_groups);
}
function have_perm($req_perms) {
return $this->check_auth('perm', $req_perms);
}
function perm_invalid() {
global $t, $auth;
$t->set_file('content','badperm.html');
$t->pparse('main',array('content','wrap','main'));
}
function check_group($group) {
global $t;
if (!$this->check_auth('group', $group)) {
$t->set_file('content', 'badgroup.html');
$t->set_var('group', $group);
$t->pparse('main',array('content','wrap','main'));
exit();
}
}
}
function page_open($feature) {
# enable sess and all dependent features.
if (isset($feature["sess"])) {
global $sess;
$sess = new $feature["sess"];
$sess->start();
# the auth feature depends on sess
if (isset($feature["auth"])) {
global $auth;
if (!isset($auth)) {
$auth = new $feature["auth"];
}
$auth->start();
# the perm feature depends on auth and sess
if (isset($feature["perm"])) {
global $perm;
if (!isset($perm)) {
$perm = new $feature["perm"];
}
}
}
}
}
--- NEW FILE: session.php ---
<?php
/**
* PHPLib Sessions using PHP 4 built-in Session Support.
*
* @copyright 1998,1999 NetUSE AG, Boris Erdmann, Kristian Koehntopp
* 2000 Teodor Cimpoesu <te...@di...>
* @author Teodor Cimpoesu <te...@di...>, Ulf Wendel <uw...@ne...>, Maxim Derkachev <ko...@bo...
* @version session4.inc,v 1.14 2001/08/29 07:26:44 richardarcher
* @access public
* @package PHPLib
*/
class Session {
/**
* Session name
*
*/
var $classname = "Session";
/**
* Name of the autoinit-File, if any.
*
* @var string
*/
var $auto_init = "";
/**
* Depreciated! There's no need for page_close in PHP4 sessions.
* @deprec
* @var integer
*/
var $secure_auto_init = 1;
/**
* Don't work. Use something better than this class' property to set the marker.
* @deprec
* Marker: Did we already include the autoinit file?
*
* @var boolean
*/
var $in = false;
/**
* Current session id.
*
* @var string
* @see id(), Session()
*/
var $id = "";
/**
* [Current] Session name.
*
* @var string
* @see name(), Session()
*/
var $name = "";
/**
*
* @var string
*/
var $cookie_path = '/';
/**
*
* @var strings
*/
var $cookiename;
/**
*
* @var int
*/
var $lifetime = 0;
/**
* If set, the domain for which the session cookie is set.
*
* @var string
*/
var $cookie_domain = '';
/**
*
* @var string
* @deprec
*/
var $fallback_mode;
/**
* Was the PHP compiled using --enable-trans-sid?
*
* PHP 4 can automatically rewrite all URLs to append the session ID
* as a get parameter if you enable the feature. If you've done so,
* the old session3.inc method url() is no more needed, but as your
* application might still call it you can disable it by setting this
* flag to false.
*
* @var boolean
*/
var $trans_id_enabled = true;
/**
* See the session_cache_limit() options
*
* @var string
*/
var $allowcache = 'nocache';
/**
* Sets the session name before the session starts.
*
* Make sure that all derived classes call the constructor
*
* @see name()
*/
function Session() {
$this->name($this->name);
} // end constructor
/**
* Start a new session or recovers from an existing session
*
* @return boolean session_start() return value
* @access public
*/
function start() {
$this->set_tokenname();
$this->put_headers();
$ok = session_start();
$this->id = session_id();
return $ok;
} // end func start
/**
* Sets or returns the name of the current session
*
* @param string If given, sets the session name
* @return string session_name() return value
* @access public
*/
function name($name = '') {
if ($name = (string)$name) {
$this->name = $name;
$ok = session_name($name);
} else {
$ok = session_name();
}
return $ok;
} // end func name
/**
* Returns the session id for the current session.
*
* If id is specified, it will replace the current session id.
*
* @param string If given, sets the new session id
* @return string current session id
* @access public
*/
function id($sid = '') {
if (!$sid)
$sid = ("" == $this->cookiename) ? $this->classname : $this->cookiename;
if ($sid = (string)$sid) {
$this->id = $sid;
$ok = session_id($sid);
} else {
$ok = session_id();
}
return $ok;
} // end func id
/**
* @brother id()
* @deprec
* @access public
*/
function get_id($sid = '') {
return $this->id($sid);
} // end func get_id
/**
* Register the variable(s) that should become persistent.
*
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
* @return boolean false if registration failed, true on success.
* @access public
*/
function register ($var_names) {
if (!is_array($var_names)) {
// spaces spoil everything
$var_names = trim($var_names);
return session_register( preg_split('/\s*,\s*/', $var_names) );
}
return session_register($var_names);
} // end func register
/**
* see if a variable is registered in the current session
*
* @param $var_name a string with the variable name
* @return false if variable not registered true on success.
* @access public
*/
function is_registered ($var_name) {
$var_name = trim($var_name); // to be sure
return session_is_registered($var_name);
} // end func is_registered
/**
* Recall the session registration for named variable(s)
*
* @param mixed String with the name of one or more variables seperated by comma
* or a list of variables names: "foo"/"foo,bar,baz"/{"foo","bar","baz"}
* @return boolean false if any error, true on success.
* @access public
*/
function unregister ($var_names) {
$ok = true;
foreach (explode (',', $var_names) as $var_name) {
$ok = $ok && session_unregister ( trim($var_name) );
}
return $ok;
} // end func unregister
/**
* Delete the cookie holding the session id.
*
* RFC: is this really needed? can we prune this function?
* the only reason to keep it is if one wants to also
* unset the cookie when session_destroy()ing,which PHP
* doesn't seem to do (looking @ the session.c:940)
* uw: yes we should keep it to remain the same interface, but deprec.
*
* @deprec
* @access public
* @global $HTTP_COOKIE_VARS
*/
function put_id() {
global $HTTP_COOKIE_VARS;
if (get_cfg_var ('session.use_cookies') == 1) {
$cookie_params = session_get_cookie_params();
setCookie($this->name, '', 0, $cookie_params['path'], $cookie_params['domain']);
$HTTP_COOKIE_VARS[$this->name] = "";
}
} // end func put_id
/**
* Delete the current session destroying all registered data.
*
* Note that it does more but the PHP 4 session_destroy it also
* throws away a cookie is there's one.
*
* @return boolean session_destroy return value
* @access public
*/
function delete() {
$this->put_id();
return session_destroy();
} // end func delete
/**
* Helper function: returns $url concatenated with the current session id
*
* Don't use this function any more. Please use the PHP 4 build in
* URL rewriting feature. This function is here only for compatibility reasons.
*
* @param $url URL to which the session id will be appended
* @return string rewritten url with session id included
* @see $trans_id_enabled
* @global $HTTP_COOKIE_VARS
* @deprec
* @access public
*/
function url($url) {
global $HTTP_COOKIE_VARS;
if ($this->trans_id_enabled)
return $url;
// Remove existing session info from url
$url = ereg_replace(
"([&?])".quotemeta(urlencode($this->name))."=".$this->id."(&|$)",
"\\1", $url);
// Remove trailing ?/& if needed
$url = ereg_replace("[&?]+$", "", $url);
if (!$HTTP_COOKIE_VARS[$this->name]) {
$url .= ( strpos($url, "?") != false ? "&" : "?" ) . urlencode($this->name) . "=" . $this->id;
}
// Encode naughty characters in the URL
$url = str_replace(array("<", ">", " ", "\"", "'"),
array("%3C", "%3E", "+", "%22", "%27"), $url);
return $url;
} // end func url
/**
* @brother url()
*/
function purl($url) {
print $this->url($url);
} // end func purl
/**
* Get current request URL.
*
* WARNING: I'm not sure with the $this->url() call. Can someone check it?
* WARNING: Apache variable $REQUEST_URI used -
* this it the best you can get but there's warranty the it's set beside
* the Apache world.
*
* @return string
* @global $REQUEST_URI
* @access public
*/
function self_url() {
return $this->url(getenv('REQUEST_URI'));
} // end func self_url
/**
* Print the current URL
* @return void
*/
function pself_url() {
print $this->self_url();
} // end func pself_url
/**
* Stores session id in a hidden variable (part of a form).
*
* @return string
* @access public
*/
function get_hidden_session() {
if ($this->trans_id_enabled)
return "";
else
return sprintf('<input type="hidden" name="%s" value="%s">',
$this->name,
$this->id
);
} // end fun get_hidden_session
/**
* @brother get_hidden_session
* @return void
*/
function hidden_session() {
print $this->get_hidden_session();
} // end func hidden_session
/**
* @brother get_hidden_session
*/
function get_hidden_id() {
return $this->get_hidden_session();
} // end func get_hidden_id
/**
* @brother hidden_session
*/
function hidden_id() {
print $this->get_hidden_session();
} // end func hidden_id
/**
* Prepend variables passed into an array to a query string.
*
* @param array $qarray an array with var=>val pairs
* @param string $query_string probably getenv ('QUERY_STRING')
* @return string the resulting quetry string, of course :)
* @access public
*/
function add_query($qarray, $query_string = '') {
('' == $query_string) && ($query_string = getenv ('QUERY_STRING'));
$qstring = $query_string . (strrpos ($query_string, '?') == false ? '?' : '&');
foreach ($qarray as $var => $val) {
$qstring .= sprintf ( '%s=%s&', $var, urlencode ($val)) ;
}
return $qstring;
} // end func add_query
/**
* @brother add_query()
*/
function padd_query ($qarray, $query_string = '') {
print $this->add_query($qarray, $query_string);
} // end func padd_query
/**
* Get the serialized string of session variables
*
* Note that the serialization format is different from what it
* was in session3.inc. So clear all session data when switching
* to the PHP 4 code, it's not possible to load old session.
*
* @return string
*/
function serialize() {
return session_encode();
} // end func serialze
/**
* Import (session) variables from a string
*
* @param string
*
* @return boolean
*/
function deserialize (&$data_string) {
return session_decode($data_string);
} // end func deserialize
/**
* ?
*
*/
function set_tokenname(){
$this->name = ("" == $this->cookiename) ? $this->classname : $this->cookiename;
session_name ($this->name);
if (!$this->cookie_domain) {
$this->cookie_domain = get_cfg_var ("session.cookie_domain");
}
if (!$this->cookie_path && get_cfg_var('session.cookie_path')) {
$this->cookie_path = get_cfg_var('session.cookie_path');
} elseif (!$this->cookie_path) {
$this->cookie_path = "/";
}
if ($this->lifetime > 0) {
$lifetime = time()+$this->lifetime*60;
} else {
$lifetime = 0;
}
session_set_cookie_params($lifetime, $this->cookie_path, $this->cookie_domain);
} // end func set_tokenname
/**
* ?
*
*/
function put_headers() {
# set session.cache_limiter corresponding to $this->allowcache.
switch ($this->allowcache) {
case 'passive':
case 'public':
session_cache_limiter ('public');
break;
case 'private':
session_cache_limiter ('private');
break;
case 'nocache':
session_cache_limiter ('nocache');
break;
default :
session_cache_limiter ('');
break;
}
} // end func put_headers
/**
* Reimport HTTP_GET_VARS into the global namespace previously overriden by session variables.
* @see reimport_post_vars(), reimport_cookie_vars()
*/
function reimport_get_vars() {
$this->reimport_any_vars("HTTP_GET_VARS");
} // end func reimport_get_vars
/**
* Reimport HTTP_POST_VARS into the global namespace previously overriden by session variables.
* @see reimport_get_vars(), reimport_cookie_vars()
*/
function reimport_post_vars() {
$this->reimport_any_vars("HTTP_POST_VARS");
} // end func reimport_post_vars
/**
* Reimport HTTP_COOKIE_VARS into the global namespace previously overriden by session variables.
* @see reimport_post_vars(), reimport_fwr_vars()
*/
function reimport_cookie_vars() {
$this->reimport_any_vars("HTTP_COOKIE_VARS");
} // end func reimport_cookie_vars
/**
*
* @var array
*/
function reimport_any_vars($arrayname) {
global $$arrayname;
$GLOBALS = array_merge ($GLOBALS, $arrayname);
} // end func reimport_any_vars
} // end func session
?>
--- NEW FILE: template.php ---
<?php
/*
* Templates for PHP3
*
* (C) Copyright 1999-2000 NetUSE GmbH
* Kristian Koehntopp
*
* template.inc,v 1.5 2001/08/10 05:31:49 richardarcher
*
*/
/*
* Change log since version 7.2d
* Bug fixes to version 7.2c compiled by Richard Archer <rh...@ju...>:
* (credits given to first person to post a diff to phplib mailing list)
*
* Normalised all comments and whitespace
* replaced "$handle" with "$varname" and "$h" with "$v" throughout (from phplib-devel)
* added braces around all one-line if statements in: get_undefined, loadfile and halt (rha)
* set_var was missing two sets of braces (rha)
* added a couple of "return true" statements (rha)
* set_unknowns had "keep" as default instead of "remove" (from phplib-devel)
* set_file failed to check for empty strings if passed an array of filenames (phplib-devel)
* remove @ from call to preg_replace in subst -- report errors if there are any. (NickM)
* set_block unnecessarily required a newline in the template file (Marc Tardif)
* pparse now calls this->finish to replace undefined vars (Layne Weathers)
* get_var now checks for unset varnames (NickM & rha)
* get_var when passed an array used the array key instead of the value (rha)
* get_vars now uses a call to get_var rather than this->varvals to prevent undefined var warning (rha)
* in finish, the replacement string referenced an unset variable (rha)
* loadfile would try to load a file if the varval had been set to "" (rha)
* '$n' in variable values was being stripped by subst in PHP 4.0.4+ (John Mandeville)
* '\n' was also being stripped. Fix by replacing with &#(36|92); in set_var and unreplacing in finish (rha)
* in get_undefined, only match non-whitespace in variable tags as in finish. (Layne Weathers & rha)
*
*
* changed debug handling so set, get and internals can be tracked separately (rha)
* added debug statements throughout to track most function calls (rha)
* debug output contained raw HTML -- is now escaped with htmlentities (rha)
* Alter regex in set_block to remove more whitespace around BEGIN/END tags to improve HTML layout (rha)
* Add "append" option to set_var, works just like append in parse (dale at linuxwebpro.com, rha)
* Altered parse so that append is honored if passed an array (Brian)
* Converted comments and documentation to phpdoc style. (rha)
*
*/
/**
* The template class allows you to keep your HTML code in some external files
* which are completely free of PHP code, but contain replacement fields.
* The class provides you with functions which can fill in the replacement fields
* with arbitrary strings. These strings can become very large, e.g. entire tables.
*
* Note: If you think that this is like FastTemplates, read carefully. It isn't.
*
*/
class Template
{
/**
* Serialization helper, the name of this class.
*
* @var string
* @access public
*/
var $classname = "Template";
/**
* Determines how much debugging output Template will produce.
* This is a bitwise mask of available debug levels:
* 0 = no debugging
* 1 = debug variable assignments
* 2 = debug calls to get variable
* 4 = debug internals (outputs all function calls with parameters).
*
* Note: setting $this->debug = true will enable debugging of variable
* assignments only which is the same behaviour as versions up to release 7.2d.
*
* @var int
* @access public
*/
var $debug = false;
/**
* The base directory from which template files are loaded.
*
* @var string
* @access private
* @see set_root
*/
var $root = ".";
/**
* A hash of strings forming a translation table which translates variable names
* into names of files containing the variable content.
* $file[varname] = "filename";
*
* @var array
* @access private
* @see set_file
*/
var $file = array();
/**
* A hash of strings forming a translation table which translates variable names
* into regular expressions for themselves.
* $varkeys[varname] = "/varname/"
*
* @var array
* @access private
* @see set_var
*/
var $varkeys = array();
/**
* A hash of strings forming a translation table which translates variable names
* into values for their respective varkeys.
* $varvals[varname] = "value"
*
* @var array
* @access private
* @see set_var
*/
var $varvals = array();
/**
* Determines how to output variable tags with no assigned value in templates.
*
* @var string
* @access private
* @see set_unknowns
*/
var $unknowns = "remove";
/**
* Determines how Template handles error conditions.
* "yes" = the error is reported, then execution is halted
* "report" = the error is reported, then execution continues by returning "false"
* "no" = errors are silently ignored, and execution resumes reporting "false"
*
* @var string
* @access public
* @see halt
*/
var $halt_on_error = "yes";
/**
* The last error message is retained in this variable.
*
* @var string
* @access public
* @see halt
*/
var $last_error = "";
/******************************************************************************
* Class constructor. May be called with two optional parameters.
* The first parameter sets the template directory the second parameter
* sets the policy regarding handling of unknown variables.
*
* usage: Template([string $root = "."], [string $unknowns = "remove"])
*
* @param $root path to template directory
* @param $string what to do with undefined variables
* @see set_root
* @see set_unknowns
* @access public
* @return void
*/
function Template($root = ".", $unknowns = "remove") {
if ($this->debug & 4) {
echo "<p><b>Template:</b> root = $root, unknowns = $unknowns</p>\n";
}
$this->set_root($root);
$this->set_unknowns($unknowns);
}
/******************************************************************************
* Checks that $root is a valid directory and if so sets this directory as the
* base directory from which templates are loaded by storing the value in
* $this->root. Relative filenames are prepended with the path in $this->root.
*
* Returns true on success, false on error.
*
* usage: set_root(string $root)
*
* @param $root string containing new template directory
* @see root
* @access public
* @return boolean
*/
function set_root($root) {
if ($this->debug & 4) {
echo "<p><b>set_root:</b> root = $root</p>\n";
}
if (!is_dir($root)) {
$this->halt("set_root: $root is not a directory.");
return false;
}
$this->root = $root;
return true;
}
/******************************************************************************
* Sets the policy for dealing with unresolved variable names.
*
* unknowns defines what to do with undefined template variables
* "remove" = remove undefined variables
* "comment" = replace undefined variables with comments
* "keep" = keep undefined variables
*
* Note: "comment" can cause unexpected results when the variable tag is embedded
* inside an HTML tag, for example a tag which is expected to be replaced with a URL.
*
* usage: set_unknowns(string $unknowns)
*
* @param $unknowns new value for unknowns
* @see unknowns
* @access public
* @return void
*/
function set_unknowns($unknowns = "remove") {
if ($this->debug & 4) {
echo "<p><b>unknowns:</b> unknowns = $unknowns</p>\n";
}
$this->unknowns = $unknowns;
}
/******************************************************************************
* Defines a filename for the initial value of a variable.
*
* It may be passed either a varname and a file name as two strings or
* a hash of strings with the key being the varname and the value
* being the file name.
*
* The new mappings are stored in the array $this->file.
* The files are not loaded yet, but only when needed.
*
* Returns true on success, false on error.
*
* usage: set_file(array $filelist = (string $varname => string $filename))
* or
* usage: set_file(string $varname, string $filename)
*
* @param $varname either a string containing a varname or a hash of varname/file name pairs.
* @param $filename if varname is a string this is the filename otherwise filename is not required
* @access public
* @return boolean
*/
function set_file($varname, $filename = "") {
if (!is_array($varname)) {
if ($this->debug & 4) {
echo "<p><b>set_file:</b> (with scalar) varname = $varname, filename = $filename</p>\n";
}
if ($filename == "") {
$this->halt("set_file: For varname $varname filename is empty.");
return false;
}
$this->file[$varname] = $this->filename($filename);
} else {
reset($varname);
while(list($v, $f) = each($varname)) {
if ($this->debug & 4) {
echo "<p><b>set_file:</b> (with array) varname = $v, filename = $f</p>\n";
}
if ($f == "") {
$this->halt("set_file: For varname $v filename is empty.");
return false;
}
$this->file[$v] = $this->filename($f);
}
}
return true;
}
/******************************************************************************
* A variable $parent may contain a variable block defined by:
* <!-- BEGIN $varname --> content <!-- END $varname -->. This function removes
* that block from $parent and replaces it with a variable reference named $name.
* The block is inserted into the varkeys and varvals hashes. If $name is
* omitted, it is assumed to be the same as $varname.
*
* Blocks may be nested but care must be taken to extract the blocks in order
* from the innermost block to the outermost block.
*
* Returns true on success, false on error.
*
* usage: set_block(string $parent, string $varname, [string $name = ""])
*
* @param $parent a string containing the name of the parent variable
* @param $varname a string containing the name of the block to be extracted
* @param $name the name of the variable in which to store the block
* @access public
* @return boolean
*/
function set_block($parent, $varname, $name = "") {
if ($this->debug & 4) {
echo "<p><b>set_block:</b> parent = $parent, varname = $varname, name = $name</p>\n";
}
if (!$this->loadfile($parent)) {
$this->halt("set_block: unable to load $parent.");
return false;
}
if ($name == "") {
$name = $varname;
}
$str = $this->get_var($parent);
$reg = "/[ \t]*<!--\s+BEGIN $varname\s+-->\s*?\n?(\s*.*?\n?)\s*<!--\s+END $varname\s+-->\s*?\n?/sm";
preg_match_all($reg, $str, $m);
$str = preg_replace($reg, "{" . "$name}", $str);
$this->set_var($varname, $m[1][0]);
$this->set_var($parent, $str);
return true;
}
/******************************************************************************
* This functions sets the value of a variable.
*
* It may be called with either a varname and a value as two strings or an
* an associative array with the key being the varname and the value being
* the new variable value.
*
* The function inserts the new value of the variable into the $varkeys and
* $varvals hashes. It is not necessary for a variable to exist in these hashes
* before calling this function.
*
* An optional third parameter allows the value for each varname to be appended
* to the existing variable instead of replacing it. The default is to replace.
* This feature was introduced after the 7.2d release.
*
*
* usage: set_var(string $varname, [string $value = ""], [boolean $append = false])
* or
* usage: set_var(array $varname = (string $varname => string $value), [mixed $dummy_var], [boolean $append = false])
*
* @param $varname either a string containing a varname or a hash of varname/value pairs.
* @param $value if $varname is a string this contains the new value for the variable otherwise this parameter is ignored
* @param $append if true, the value is appended to the variable's existing value
* @access public
* @return void
*/
function set_var($varname, $value = "", $append = false) {
if (!is_array($varname)) {
if (!empty($varname)) {
if ($this->debug & 1) {
printf("<b>set_var:</b> (with scalar) <b>%s</b> = '%s'<br>\n", $varname, htmlentities($value));
}
$value = preg_replace(array('/\$([0-9])/', '/\\\\([0-9])/'), array('$\1', '\\1'), $value);
$this->varkeys[$varname] = "/".$this->varname($varname)."/";
if ($append && isset($this->varvals[$varname])) {
$this->varvals[$varname] .= $value;
} else {
$this->varvals[$varname] = $value;
}
}
} else {
reset($varname);
while(list($k, $v) = each($varname)) {
if (!empty($k)) {
if ($this->debug & 1) {
printf("<b>set_var:</b> (with array) <b>%s</b> = '%s'<br>\n", $k, htmlentities($v));
}
$v = preg_replace(array('/\$([0-9])/', '/\\\\([0-9])/'), array('$\1', '\\1'), $v);
$this->varkeys[$k] = "/".$this->varname($k)."/";
if ($append && isset($this->varvals[$k])) {
$this->varvals[$k] .= $v;
} else {
$this->varvals[$k] = $v;
}
}
}
}
}
/******************************************************************************
* This function fills in all the variables contained within the variable named
* $varname. The resulting value is returned as the function result and the
* original value of the variable varname is not changed. The resulting string
* is not "finished", that is, the unresolved variable name policy has not been
* applied yet.
*
* Returns: the value of the variable $varname with all variables substituted.
*
* usage: subst(string $varname)
*
* @param $varname the name of the variable within which variables are to be substituted
* @access public
* @return string
*/
function subst($varname) {
if ($this->debug & 4) {
echo "<p><b>subst:</b> varname = $varname</p>\n";
}
if (!$this->loadfile($varname)) {
$this->halt("subst: unable to load $varname.");
return false;
}
$str = $this->get_var($varname);
$str = preg_replace($this->varkeys, $this->varvals, $str);
return $str;
}
/******************************************************************************
* This is shorthand for print $this->subst($varname). See subst for further
* details.
*
* Returns: always returns false.
*
* usage: psubst(string $varname)
*
* @param $varname the name of the variable within which variables are to be substituted
* @access public
* @return false
* @see subst
*/
function psubst($varname) {
if ($this->debug & 4) {
echo "<p><b>psubst:</b> varname = $varname</p>\n";
}
print $this->subst($varname);
return false;
}
/******************************************************************************
* The function substitutes the values of all defined variables in the variable
* named $varname and stores or appends the result in the variable named $target.
*
* It may be called with either a target and a varname as two strings or a
* target as a string and an array of variable names in varname.
*
* The function inserts the new value of the variable into the $varkeys and
* $varvals hashes. It is not necessary for a variable to exist in these hashes
* before calling this function.
*
* An optional third parameter allows the value for each varname to be appended
* to the existing target variable instead of replacing it. The default is to
* replace.
*
* If $target and $varname are both strings, the substituted value of the
* variable $varname is inserted into or appended to $target.
*
* If $handle is an array of variable names the variables named by $handle are
* sequentially substituted and the result of each substitution step is
* inserted into or appended to in $target. The resulting substitution is
* available in the variable named by $target, as is each intermediate step
* for the next $varname in sequence. Note that while it is possible, it
* is only rarely desirable to call this function with an array of varnames
* and with $append = true. This append feature was introduced after the 7.2d
* release.
*
* Returns: the last value assigned to $target.
*
* usage: parse(string $target, string $varname, [boolean $append])
* or
* usage: parse(string $target, array $varname = (string $varname), [boolean $append])
*
* @param $target a string containing the name of the variable into which substituted $varnames are to be stored
* @param $varname if a string, the name the name of the variable to substitute or if an array a list of variables to be substituted
* @param $append if true, the substituted variables are appended to $target otherwise the existing value of $target is replaced
* @access public
* @return string
* @see subst
*/
function parse($target, $varname, $append = false) {
if (!is_array($varname)) {
if ($this->debug & 4) {
echo "<p><b>parse:</b> (with scalar) target = $target, varname = $varname, append = $append</p>\n";
}
$str = $this->subst($varname);
if ($append) {
$this->set_var($target, $this->get_var($target) . $str);
} else {
$this->set_var($target, $str);
}
} else {
reset($varname);
while(list($i, $v) = each($varname)) {
if ($this->debug & 4) {
echo "<p><b>parse:</b> (with array) target = $target, i = $i, varname = $v, append = $append</p>\n";
}
$str = $this->subst($v);
if ($append) {
$this->set_var($target, $this->get_var($target) . $str);
} else {
$this->set_var($target, $str);
}
}
}
if ($this->debug & 4) {
echo "<p><b>parse:</b> completed</p>\n";
}
return $str;
}
/******************************************************************************
* This is shorthand for print $this->parse(...) and is functionally identical.
* See parse for further details.
*
* Returns: always returns false.
*
* usage: pparse(string $target, string $varname, [boolean $append])
* or
* usage: pparse(string $target, array $varname = (string $varname), [boolean $append])
*
* @param $target a string containing the name of the variable into which substituted $varnames are to be stored
* @param $varname if a string, the name the name of the variable to substitute or if an array a list of variables to be substituted
* @param $append if true, the substituted variables are appended to $target otherwise the existing value of $target is replaced
* @access public
* @return false
* @see parse
*/
function pparse($target, $varname, $append = false) {
if ($this->debug & 4) {
echo "<p><b>pparse:</b> passing parameters to parse...</p>\n";
}
print $this->finish($this->parse($target, $varname, $append));
return false;
}
/******************************************************************************
* This function returns an associative array of all defined variables with the
* name as the key and the value of the variable as the value.
*
* This is mostly useful for debugging. Also note that $this->debug can be used
* to echo all variable assignments as they occur and to trace execution.
*
* Returns: a hash of all defined variable values keyed by their names.
*
* usage: get_vars()
*
* @access public
* @return array
* @see $debug
*/
function get_vars() {
if ($this->debug & 4) {
echo "<p><b>get_vars:</b> constructing array of vars...</p>\n";
}
reset($this->varkeys);
while(list($k, $v) = each($this->varkeys)) {
$result[$k] = $this->get_var($k);
}
return $result;
}
/******************************************************************************
* This function returns the value of the variable named by $varname.
* If $varname references a file and that file has not been loaded yet, the
* variable will be reported as empty.
*
* When called with an array of variable names this function will return a a
* hash of variable values keyed by their names.
*
* Returns: a string or an array containing the value of $varname.
*
* usage: get_var(string $varname)
* or
* usage: get_var(array $varname)
*
* @param $varname if a string, the name the name of the variable to get the value of, or if an array a list of variables to return the value of
* @access public
* @return string or array
*/
function get_var($varname) {
if (!is_array($varname)) {
if (isset($this->varvals[$varname])) {
$str = $this->varvals[$varname];
} else {
$str = "";
}
if ($this->debug & 2) {
printf ("<b>get_var</b> (with scalar) <b>%s</b> = '%s'<br>\n", $varname, htmlentities($str));
}
return $str;
} else {
reset($varname);
while(list($k, $v) = each($varname)) {
if (isset($this->varvals[$v])) {
$str = $this->varvals[$v];
} else {
$str = "";
}
if ($this->debug & 2) {
printf ("<b>get_var:</b> (with array) <b>%s</b> = '%s'<br>\n", $v, htmlentities($str));
}
$result[$v] = $str;
}
return $result;
}
}
/******************************************************************************
* This function returns a hash of unresolved variable names in $varname, keyed
* by their names (that is, the hash has the form $a[$name] = $name).
*
* Returns: a hash of varname/varname pairs or false on error.
*
* usage: get_undefined(string $varname)
*
* @param $varname a string containing the name the name of the variable to scan for unresolved variables
* @access public
* @return array
*/
function get_undefined($varname) {
if ($this->debug & 4) {
echo "<p><b>get_undefined:</b> varname = $varname</p>\n";
}
if (!$this->loadfile($varname)) {
$this->halt("get_undefined: unable to load $varname.");
return false;
}
preg_match_all("/{([^ \t\r\n}]+)}/", $this->get_var($varname), $m);
$m = $m[1];
if (!is_array($m)) {
return false;
}
reset($m);
while(list($k, $v) = each($m)) {
if (!isset($this->varkeys[$v])) {
if ($this->debug & 4) {
echo "<p><b>get_undefined:</b> undefined: $v</p>\n";
}
$result[$v] = $v;
}
}
if (count($result)) {
return $result;
} else {
return false;
}
}
/******************************************************************************
* This function returns the finished version of $str. That is, the policy
* regarding unresolved variable names will be applied to $str.
*
* Returns: a finished string derived from $str and $this->unknowns.
*
* usage: finish(string $str)
*
* @param $str a string to which to apply the unresolved variable policy
* @access public
* @return string
* @see set_unknowns
*/
function finish($str) {
switch ($this->unknowns) {
case "keep":
break;
case "remove":
$str = preg_replace('/{[^ \t\r\n}]+}/', "", $str);
break;
case "comment":
$str = preg_replace('/{([^ \t\r\n}]+)}/', "<!-- Template variable \\1 undefined -->", $str);
break;
}
$str = preg_replace(array('/$([0-9])/', '/\([0-9])/'), array('$\1', '\\\1'), $str);
return $str;
}
/******************************************************************************
* This function prints the finished version of the value of the variable named
* by $varname. That is, the policy regarding unresolved variable names will be
* applied to the variable $varname then it will be printed.
*
* usage: p(string $varname)
*
* @param $varname a string containing the name of the variable to finish and print
* @access public
* @return void
* @see set_unknowns
* @see finish
*/
function p($varname) {
print $this->finish($this->get_var($varname));
}
/******************************************************************************
* This function returns the finished version of the value of the variable named
* by $varname. That is, the policy regarding unresolved variable names will be
* applied to the variable $varname and the result returned.
*
* Returns: a finished string derived from the variable $varname.
*
* usage: get(string $varname)
*
* @param $varname a string containing the name of the variable to finish
* @access public
* @return void
* @see set_unknowns
* @see finish
*/
function get($varname) {
return $this->finish($this->get_var($varname));
}
/******************************************************************************
* When called with a relative pathname, this function will return the pathname
* with $this->root prepended. Absolute pathnames are returned unchanged.
*
* Returns: a string containing an absolute pathname.
*
* usage: filename(string $filename)
*
* @param $filename a string containing a filename
* @access private
* @return string
* @see set_root
*/
function filename($filename) {
if ($this->debug & 4) {
echo "<p><b>filename:</b> filename = $filename</p>\n";
}
if (substr($filename, 0, 1) != "/") {
$filename = $this->root."/".$filename;
}
if (!file_exists($filename)) {
$this->halt("filename: file $filename does not exist.");
}
return $filename;
}
/******************************************************************************
* This function will construct a regexp for a given variable name with any
* special chars quoted.
*
* Returns: a string containing an escaped variable name.
*
* usage: varname(string $varname)
*
* @param $varname a string containing a variable name
* @access private
* @return string
*/
function varname($varname) {
return preg_quote("{".$varname."}");
}
/******************************************************************************
* If a variable's value is undefined and the variable has a filename stored in
* $this->file[$varname] then the backing file will be loaded and the file's
* contents will be assigned as the variable's value.
*
* Note that the behaviour of this function changed slightly after the 7.2d
* release. Where previously a variable was reloaded from file if the value
* was empty, now this is not done. This allows a variable to be loaded then
* set to "", and also prevents attempts to load empty variables. Files are
* now only loaded if $this->varvals[$varname] is unset.
*
* Returns: true on success, false on error.
*
* usage: loadfile(string $varname)
*
* @param $varname a string containing the name of a variable to load
* @access private
* @return boolean
* @see set_file
*/
function loadfile($varname) {
if ($this->debug & 4) {
echo "<p><b>loadfile:</b> varname = $varname</p>\n";
}
if (!isset($this->file[$varname])) {
// $varname does not reference a file so return
if ($this->debug & 4) {
echo "<p><b>loadfile:</b> varname $varname does not reference a file</p>\n";
}
return true;
}
if (isset($this->varvals[$varname])) {
// will only be unset if varname was created with set_file and has never been loaded
// $varname has already been loaded so return
if ($this->debug & 4) {
echo "<p><b>loadfile:</b> varname $varname is already loaded</p>\n";
}
return true;
}
$filename = $this->file[$varname];
/* use @file here to avoid leaking filesystem information if there is an error */
$str = implode("", @file($filename));
if (empty($str)) {
$this->halt("loadfile: While loading $varname, $filename does not exist or is empty.");
return false;
}
if ($this->debug & 4) {
printf("<b>loadfile:</b> loaded $filename into $varname<br>\n");
}
$this->set_var($varname, $str);
return true;
}
/******************************************************************************
* This function is called whenever an error occurs and will handle the error
* according to the policy defined in $this->halt_on_error. Additionally the
* error message will be saved in $this->last_error.
*
* Returns: always returns false.
*
* usage: halt(string $msg)
*
* @param $msg a string containing an error message
* @access private
* @return void
* @see $halt_on_error
*/
function halt($msg) {
$this->last_error = $msg;
if ($this->halt_on_error != "no") {
$this->haltmsg($msg);
}
if ($this->halt_on_error == "yes") {
die("<b>Halted.</b>");
}
return false;
}
/******************************************************************************
* This function prints an error message.
* It can be overridden by your subclass of Template. It will be called with an
* error message to display.
*
* usage: haltmsg(string $msg)
*
* @param $msg a string containing the error message to display
* @access public
* @return void
* @see halt
*/
function haltmsg($msg) {
printf("<b>Template Error:</b> %s<br>\n", $msg);
}
}
?>
|
