X-Git-Url: https://git.cweiske.de/phorkie.git/blobdiff_plain/20ca4e9e509a111f8de0069feeac54e3b31098ee..2a665e0f4eeb45c9d57df7dc7f9d853465b5fea9:/src/phorkie/Tools.php diff --git a/src/phorkie/Tools.php b/src/phorkie/Tools.php index fc815cc..2febb29 100644 --- a/src/phorkie/Tools.php +++ b/src/phorkie/Tools.php @@ -48,6 +48,23 @@ class Tools return $prot . '://' . $_SERVER['HTTP_HOST'] . $GLOBALS['phorkie']['cfg']['baseurl'] . $path; } + /** + * Get the full URL to a path, but remove the .phar file from + * the base URL if necessary + * + * @param string $path Path to the file + * + * @return string Full URL without .phar/ + */ + public static function fullUrlNoPhar($path = '') + { + $base = static::fullUrl(); + if (substr($base, -6) == '.phar/') { + $base = dirname($base) . '/'; + } + return $base . $path; + } + /** * Removes malicious parts from a file name * @@ -70,6 +87,50 @@ class Tools return $file; } -} + public static function detectBaseUrl() + { + if (!isset($_SERVER['REQUEST_URI']) + || !isset($_SERVER['SCRIPT_NAME']) + ) { + return '/'; + } + + $scriptName = $_SERVER['SCRIPT_NAME']; + $requestUri = $_SERVER['REQUEST_URI']; + if (substr($scriptName, -4) != '.php') { + //a phar + return $scriptName . '/'; + } + + if (isset($_GET['id'])) { + $idp = strpos($requestUri, '/' . $_GET['id'] . '/'); + if ($idp !== false) { + return substr($requestUri, 0, $idp) . '/'; + } + } + + if (substr($requestUri, -4) != '.php') { + $requestUri .= '.php'; + } + $snl = strlen($scriptName); + if (substr($requestUri, -$snl) == $scriptName) { + return substr($requestUri, 0, -$snl) . '/'; + } + + return '/'; + } + + /** + * Resolves "/../" and "/./" in file paths without validating them. + */ + public static function foldPath($path) + { + $path = str_replace('/./', '/', $path); + $path = str_replace('/./', '/', $path); + $path = preg_replace('#/[^/]+/\.\./#', '/', $path); + $path = preg_replace('#/[^/]+/\.\./#', '/', $path); + return $path; + } +} ?>