+ /**
+ * Create a full URL with protocol and host name
+ *
+ * @param string $path Path to the file, with leading /
+ *
+ * @return string Full URL
+ */
+ public static function fullUrl($path = '')
+ {
+ if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']) {
+ $prot = 'https';
+ } else {
+ $prot = 'http';
+ }
+ return $prot . '://' . $_SERVER['HTTP_HOST'] . $GLOBALS['phorkie']['cfg']['baseurl'] . $path;
+ }
+
+ /**
+ * Get the full URL to a path, but remove the .phar file from
+ * the base URL if necessary
+ *
+ * @param string $path Path to the file
+ *
+ * @return string Full URL without .phar/
+ */
+ public static function fullUrlNoPhar($path = '')
+ {
+ $base = static::fullUrl();
+ if (substr($base, -6) == '.phar/') {
+ $base = dirname($base) . '/';
+ }
+ return $base . $path;
+ }
+
+ /**
+ * Removes malicious parts from a file name
+ *
+ * @param string $file File name from the user
+ *
+ * @return string Fixed and probably secure filename
+ */
+ public static function sanitizeFilename($file)
+ {
+ $file = trim($file);
+ $file = str_replace(array('\\', '//'), '/', $file);
+ $file = str_replace('/../', '/', $file);
+ if (substr($file, 0, 3) == '../') {
+ $file = substr($file, 3);
+ }
+ if (substr($file, 0, 1) == '../') {
+ $file = substr($file, 1);
+ }
+
+ return $file;
+ }
+