⌈⌋ branch:  freshcode


Check-in [a15e1407ae]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fixed license moniker typo "LPGL", and typo in csrf() array, versioned_urls regex to check for \b and underscore, lowercase p_key_value arrays, allow hyphens in keys, →
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: a15e1407ae0bd7c9d4a349b3e99be8dcc2f330f0
User & Date: mario 2014-07-08 09:20:49
Context
2014-07-08
09:22
./lib/ movement check-in: 54e8ce6502 user: mario tags: trunk
09:20
Fixed license moniker typo "LPGL", and typo in csrf() array, versioned_urls regex to check for \b and underscore, lowercase p_key_value arrays, allow hyphens in keys, → check-in: a15e1407ae user: mario tags: trunk
09:17
Switched to standard db()-foreach instead of pdo::fetchAll() check-in: fbad0c7cf9 user: mario tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Name change from layout_aux.php to aux.php.

22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
..
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
...
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
...
160
161
162
163
164
165
166

167


168
169
170
171


172
173
174
175


176
177
178
179
180
181
182
183
184
185
186
...
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
...
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
  "MITL" => "MIT license",
  "MPL" => "Mozilla Public License 2.0",
  "Public Domain" => "Public Domain (no copyright)",
  "Python" => "Python License",
  "PHPL" => "PHP License 3.0",
  "GNU GPL" => "GNU General Public License 2.0",
  "GNU GPLv3" => "GNU General Public License 3.0",
  "GNU LPGL" => "GNU Library/Lesser General Public License 2.1",
  "GNU LPGLv3" => "GNU Library/Lesser General Public License 3.0",
  "Affero GPL" => "Affero GNU Public License 2.0",
  "Affero GPLv3" => "GNU Affero General Public License v3",
  "AFL" => "Academic Free License 3.0",
  "APL" => "Adaptive Public License",
  "APSL" => "Apple Public Source License",
  "AAL" => "Attribution Assurance Licenses",
  "BSL" => "Boost Software License",
................................................................................


#-- Additional input filters


// Project names may be alphanumeric, and contain dashes
function proj_name($s) {
    return preg_replace("/[^a-z0-9-]+|^[^a-z]+|[^\w]+$|(?<=-)-+/", "", strtolower($s));
}


#-- Template helpers

// Wrap tag list into links
function wrap_tags($tags, $r="") {
................................................................................
    return strftime($lastyear ? "%d %b %Y" : "%d %b %H:%M", $time);
}



// Substitute `$version` placeholders in URLs
function versioned_url($url, $version) {
    return preg_replace("/([\$%])(version|Version|VERSION)\b\\1?/", $version, $url);
}


// Project listing output preparation;
// HTML context escapaing, versioned urls, formatted date string
function prepare_output(&$entry) {
    $entry["download"] = versioned_url($entry["download"], $entry["version"]);
................................................................................
         <a href="https://del.icio.us/post?url=$url" title=delicious> dl </a>
      </span>
HTML;
}


// CSRF token, only for logged-in users though

function csrf($probe=false) {


    $store = & $_SESSION["crsf"];
    foreach ($store as $id=>$time) {
        if ($time < time()) { unset($store[$id]); }
    }


    if ($probe) {
        return empty($_SESSION["openid"])
            or $id = $_REQUEST->id["_ct"] and !empty($_SESSION["crsf"][$id]);
    }


    else {
        // server ENV already contained Apache reqid etc.
        $id = sha1(serialize($_SERVER->__vars));
        $_SESSION["crsf"][$id] = time() + 3600;  // timeout
        return "<input type=hidden name=.ct value=$id>";
    }
}



#-- some string parsing
................................................................................
 *  Keys may be wrapped in $, % or []
 *  Values may not contain spaces
 *
 */
function p_key_value($str) {
    preg_match_all(
        "@
           [[%$]*  (\w+)  []%$]*
              \s*  [:=>]+  \s*
                   (\S+)
           (?<![,.;])
        @imsx",
        $str, $m
    );
    return array_combine($m[1], $m[2]);
}



/**
 *  Extracts key = /regex/ list.  Regex delimiters are always required,
 *  but keys may be in multiple formats (version=, [version]=>, $version:=..)
................................................................................
              \s*  [:=>]+  \s*
           (
              ([^\s\w])  (?> (?!\\3|\\\\). |  \\\\. )+  \\3 [umixUs]* [*]?
           )
        @msx",
        $str, $m
    );
    return array_combine($m[1], $m[2]);
}


#-- database check
function project_version_exists($name, $version) {
    return intval(
        db("SELECT 1 FROM release WHERE name=? AND version=?", $name, $version)->fetch()
    );
}



?>







|
|







 







|







 







|







 







>

>
>
|



>
>




>
>

|

|







 







|






|







 







|













22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
..
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
...
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
...
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
...
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
...
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
  "MITL" => "MIT license",
  "MPL" => "Mozilla Public License 2.0",
  "Public Domain" => "Public Domain (no copyright)",
  "Python" => "Python License",
  "PHPL" => "PHP License 3.0",
  "GNU GPL" => "GNU General Public License 2.0",
  "GNU GPLv3" => "GNU General Public License 3.0",
  "GNU LGPL" => "GNU Library/Lesser General Public License 2.1",
  "GNU LGPLv3" => "GNU Library/Lesser General Public License 3.0",
  "Affero GPL" => "Affero GNU Public License 2.0",
  "Affero GPLv3" => "GNU Affero General Public License v3",
  "AFL" => "Academic Free License 3.0",
  "APL" => "Adaptive Public License",
  "APSL" => "Apple Public Source License",
  "AAL" => "Attribution Assurance Licenses",
  "BSL" => "Boost Software License",
................................................................................


#-- Additional input filters


// Project names may be alphanumeric, and contain dashes
function proj_name($s) {
    return preg_replace("/[^a-z0-9-_]+|^[^a-z]+|[^\w]+$|(?<=[-_])[-_]+/", "", strtolower($s));
}


#-- Template helpers

// Wrap tag list into links
function wrap_tags($tags, $r="") {
................................................................................
    return strftime($lastyear ? "%d %b %Y" : "%d %b %H:%M", $time);
}



// Substitute `$version` placeholders in URLs
function versioned_url($url, $version) {
    return preg_replace("/([\$%])(version|Version|VERSION)(\\1?|\b|(?=_))/", $version, $url);
}


// Project listing output preparation;
// HTML context escapaing, versioned urls, formatted date string
function prepare_output(&$entry) {
    $entry["download"] = versioned_url($entry["download"], $entry["version"]);
................................................................................
         <a href="https://del.icio.us/post?url=$url" title=delicious> dl </a>
      </span>
HTML;
}


// CSRF token, only for logged-in users though
// Here they're mainly to prevent remotely initiated requests for other users here, not general form nonces
function csrf($probe=false) {

    // Tokens are stored in session, reusable, but only for an hour
    $store = & $_SESSION[__FUNCTION__];
    foreach ($store as $id=>$time) {
        if ($time < time()) { unset($store[$id]); }
    }
    
    // Test presence
    if ($probe) {
        return empty($_SESSION["openid"])
            or $id = $_REQUEST->id["_ct"] and !empty($_SESSION["crsf"][$id]);
    }
    
    // Create new entry, output form field for token
    else {
        // server ENV already contained Apache unique request id etc.
        $id = sha1(serialize($_SERVER->__vars));
        $_SESSION[__FUNCTION__][$id] = time() + 3600;  // timeout
        return "<input type=hidden name=.ct value=$id>";
    }
}



#-- some string parsing
................................................................................
 *  Keys may be wrapped in $, % or []
 *  Values may not contain spaces
 *
 */
function p_key_value($str) {
    preg_match_all(
        "@
           [[%$]*  ([-\w]+)  []%$]*
              \s*  [:=>]+  \s*
                   (\S+)
           (?<![,.;])
        @imsx",
        $str, $m
    );
    return array_change_key_case(array_combine($m[1], $m[2]), CASE_LOWER);
}



/**
 *  Extracts key = /regex/ list.  Regex delimiters are always required,
 *  but keys may be in multiple formats (version=, [version]=>, $version:=..)
................................................................................
              \s*  [:=>]+  \s*
           (
              ([^\s\w])  (?> (?!\\3|\\\\). |  \\\\. )+  \\3 [umixUs]* [*]?
           )
        @msx",
        $str, $m
    );
    return array_change_key_case(array_combine($m[1], $m[2]), CASE_LOWER);
}


#-- database check
function project_version_exists($name, $version) {
    return intval(
        db("SELECT 1 FROM release WHERE name=? AND version=?", $name, $version)->fetch()
    );
}



?>