pub/php-func-lib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: pub:644e03da9b150312e5547404fca82b9bb688e92f
Branches Tags
pub:master pub:issue-upgrade pub:troys_issues pub:productive pub:release/v1.5 pub:stable/1.4 pub:feature/webcron pub:stable/1.3 pub:stable/1.2 pub:feature/markdown pub:stable/1.1 pub:new-mysql
..
compare: pub:troys_issues
Branches Tags
pub:master pub:issue-upgrade pub:troys_issues pub:productive pub:release/v1.5 pub:stable/1.4 pub:feature/webcron pub:stable/1.3 pub:stable/1.2 pub:feature/markdown pub:stable/1.1 pub:new-mysql

2 Commits
644e03da9b ... troys_issu

Author SHA1 Message Date
Troy Grunt
61b52d8427 troys issues funktion 2025-02-15 21:02:11 +01:00
Troy Grunt
b475672eac erster versuch 2025-02-15 20:32:58 +01:00
15 changed files with 222 additions and 733 deletions
Expand all files Collapse all files

92
NEXT_STEPS.md
View File

@@ -1,92 +0,0 @@
# Next Steps
- #TODO Unified error strategy (Definition)
- Aufwand: `M`
- Labels: `quality`, `api`
- Ziel: Einheitliches Verhalten bei Fehlern.
- Akzeptanzkriterien:
- ADR/kurze Doku: wann `null/false`, wann Exception.
- `sql.php`, `link-meta.php`, `troy-api.php` folgen derselben Strategie.
- Mindestens 3 Beispiele in `README.md` dokumentiert.
- Festlegung:
- Exceptions fuer interne/unerwartete Fehler (Konfiguration fehlt, DB/HTTP/JSON-Fehler, Parsing-Fehler, invalide Argumente).
- `null` nur fuer "kein Ergebnis" als erwarteter Zustand (z. B. URL ohne OG-Metadaten).
- `false` nur fuer boolesche Checks/Operationen mit reinem Erfolg-Flag; keine Detailfehler ueber `false`.
- Keine Mischung pro Funktion: jede Funktion dokumentiert exakt einen Fehlerkanal in PHPDoc/README.
- Alle gecatchten Exceptions werden mit Kontext weitergeworfen (ohne Secrets), nicht still geschluckt.
- #TODO Complete `secret.php.example`
- Aufwand: `S`
- Labels: `docs`, `config`
- Ziel: Vollstaendige Vorlagedatei fuer lokale Setups.
- Akzeptanzkriterien:
- Alle erwarteten Variablen aus `sql.php`, `mail.php`, `troy-api.php` enthalten.
- Jede Variable hat kurzen Kommentar.
- Dateiformat entspricht direkt nutzbarer Vorlage.
- #TODO Remove `@` error suppression incrementally
- Aufwand: `M`
- Labels: `quality`, `safety`
- Ziel: Fehler sichtbar und kontrolliert behandeln.
- Akzeptanzkriterien:
- Alle `@`-Operatoren inventarisiert.
- Ersetzungen mit explizitem Error-Handling umgesetzt.
- Keine neue `@`-Verwendung in geaenderten Dateien.
- #TODO Sicherheit und Robustheit
- #TODO Harden URL fetching against SSRF
- Aufwand: `M`
- Labels: `security`, `network`
- Akzeptanzkriterien:
- Private/loopback ranges werden blockiert.
- Optionales Host-Allowlist-Feature vorhanden.
- Tests fuer geblockte und erlaubte Ziele vorhanden.
- #TODO Improve SQL error handling + logging
- Aufwand: `M`
- Labels: `sql`, `robustness`
- Akzeptanzkriterien:
- `prepare()`/`execute()`-Fehler werden explizit behandelt.
- Fehler enthalten Query-Kontext ohne Secrets.
- Verhalten entspricht der definierten Error-Strategie.
- Code-Qualitaet (aufgeteilt in Unter-Issues)
- Aufwand: `L`
- Labels: `quality`, `refactor`
- Unter-Issues:
- Define and enforce naming conventions for functions, files and constants.
- Refactor SQL binding helpers to one consistent, typed API surface.
- Mark legacy functions/modules (`@deprecated`) and document replacement path.
- Consolidate Markdown docs (README + API notes) into one canonical structure.
- Clarify module boundaries and ownership (I/O, SQL, parsing, formatting).
- Akzeptanzkriterien:
- Kurzer Styleguide in `README.md` vorhanden und auf bestehende Dateien angewendet.
- Keine neuen Legacy-Einstiege ohne Markierung und Migrationshinweis.
- SQL-Helper nutzen einheitliche Signaturen in geaenderten Modulen.
- Modulgrenzen sind in Doku und Dateistruktur konsistent nachvollziehbar.
- #TODO Tests und Tooling
- #TODO Bootstrap test/tooling baseline
- Aufwand: `M`
- Labels: `testing`, `ci`
- Akzeptanzkriterien:
- PHPUnit laeuft lokal mit ersten Smoke-Tests.
- PHPStan/Psalm auf niedriger Stufe integriert.
- CI fuehrt mindestens Lint + Tests bei Push aus.
- #TODO Prepare Composer + namespace migration path
- Aufwand: `L`
- Labels: `architecture`
- Akzeptanzkriterien:
- Vorschlag fuer Zielstruktur (`src/`, namespaces, autoload).
- Migrationsplan fuer prozedurale Helfer zu Klassen.
- Konfigurationsobjekt und HTTP-Adapter als Zielbild beschrieben.
## Empfohlene Reihenfolge
1. `#1` bis `#5` (kurzfristig, hoher Hebel)
2. `#6` bis `#10` (Sicherheit/Robustheit)
3. `#11` (Tests + CI als Guardrail)
4. `#12` und Sammel-Issue aus Abschnitt 3

201
README.md
View File

@@ -1,203 +1,2 @@
# php-func-lib
Kleine PHP-Utility-Bibliothek mit wiederverwendbaren Helfern fuer:
- Strings und einfache Sanitization
- Zahlenformatierung
- SQL-Zugriffe (mysqli + prepared statements)
- Mailversand
- Link/OpenGraph-Metadaten
- Debug-Helfer
- Troy-/Gitea-API-Aufrufe
## Installation
Als Git-Submodule in ein Projekt einbinden:
```bash
git submodule add https://git.seemsleg.it/pub/php-func-lib lib
```
Danach je nach Bedarf einzelne Dateien einbinden oder zentral ueber `_func.php` laden.
## Schnellstart
```php
<?php
include_once __DIR__ . '/_func.php';
echo shortener("Ein sehr langer Text", 10); // "Ein sehr..."
echo decade(12345); // "12.345 K" (je nach PHP-Konvertierung)
```
## Module
- `string.php`: String-Helfer (`shortener`, `onlyAlpha`, `startsWith`, `endsWith`, `linkify`, ...)
- `numbers.php`: Zahlen-Helfer (`decade`, `onlyNumeric`)
- `sql.php`: Klasse `SQL` fuer Datenbankzugriffe (`get`, `single`, `list`, `keyval`, `set`)
- `mail.php`: Mailfunktionen (`send_mail`, `send_html_mail`, `send_php_mail`)
- `http-limits.php`: Zentrale HTTP-Limits (`httpLimits`)
- `link-meta.php`: URL-Validierung, Fetching, Meta-Parsing, Bilddownload, Tag-Sanitization
- `og.php`: Einfacher OG-Scan (`scanOG`)
- `troy-api.php`: API-Helfer fuer Troy/Gitea (`sendToTroy`, `sendToGitea`)
- `debug.php`: Cookie-basierte Debug-Ausgabe
- `markdown.php`: einfache Markdown-nahe Formatierung (`md`)
## Konfiguration
Einige Module erwarten ein lokales `secret.php` (siehe `secret.php.example`).
Folgende Felder werden verwendet:
- `$_m['host']`, `$_m['user']`, `$_m['pass']`, `$_m['data']`, `$_m['pre']`, `$_m['salt']` fuer `sql.php`
- `$_sendermail`, optional `$_smtp['srv']`, `$_smtp['user']`, `$_smtp['pw']` fuer `mail.php`
- `$giteaUrl`, `$giteaOwner`, `$giteaRepo`, `$giteaToken` fuer `troy-api.php`
Beispiel:
```php
<?php
// secret.php im selben Verzeichnis wie die Bibliothek ablegen
if (!defined('SQL_LOG')) define('SQL_LOG', 0);
$giteaUrl = 'https://git.example.org';
$giteaOwner = 'org';
$giteaRepo = 'repo';
$giteaToken = 'token';
```
HTTP-Defaults fuer Netzwerkmodule (`link-meta.php`, `og.php`):
- `LIB_HTTP_TIMEOUT = 8` (Sekunden)
- `LIB_HTTP_MAX_REDIRECTS = 4`
- `LIB_HTTP_MAX_BYTES = 5242880` (5 MiB)
Optional vor dem Include ueberschreiben:
```php
<?php
define('LIB_HTTP_TIMEOUT', 10);
define('LIB_HTTP_MAX_REDIRECTS', 5);
define('LIB_HTTP_MAX_BYTES', 8 * 1024 * 1024);
```
## Runnable Examples
### `string.php`
```php
<?php
include_once __DIR__ . '/string.php';
echo shortener('Ein sehr langer Text', 12) . PHP_EOL;
echo onlyAlpha('Hi! #42?') . PHP_EOL;
echo linkify('Mehr Infos: https://example.org') . PHP_EOL;
```
### `numbers.php`
```php
<?php
include_once __DIR__ . '/numbers.php';
echo decade(15320) . PHP_EOL;
echo onlyNumeric('EUR -12.50') . PHP_EOL;
```
### `sql.php`
```php
<?php
if (!defined('SQL_LOG')) define('SQL_LOG', 0);
include_once __DIR__ . '/sql.php';
$sql = new SQL();
$row = $sql->single('SELECT 1 AS ok');
var_export($row);
```
### `mail.php`
```php
<?php
include_once __DIR__ . '/mail.php';
send_mail('user@example.org', 'Test', 'Hallo Welt', 'ok', 'error');
```
### `link-meta.php`
```php
<?php
include_once __DIR__ . '/string.php';
include_once __DIR__ . '/link-meta.php';
$info = getPageInfo('https://example.org');
if ($info['ok']) {
echo $info['title'] . PHP_EOL;
echo $info['description'] . PHP_EOL;
}
```
### `og.php`
```php
<?php
include_once __DIR__ . '/og.php';
$og = scanOG('https://example.org');
print_r($og);
```
### `troy-api.php`
```php
<?php
include_once __DIR__ . '/troy-api.php';
$res = sendToTroy(['msg' => 'hello']);
var_dump($res);
```
```php
<?php
include_once __DIR__ . '/troy-api.php';
try {
$issue = sendToGitea('Test issue', 'Automatisch erstellt.');
print_r($issue);
} catch (Exception $e) {
echo $e->getMessage();
}
```
### `debug.php`
```php
<?php
include_once __DIR__ . '/debug.php';
debugCookie(true);
debug(['foo' => 'bar']);
```
### `markdown.php`
```php
<?php
include_once __DIR__ . '/string.php';
include_once __DIR__ . '/markdown.php';
echo md("! Titel\n\n* Punkt A\n* Punkt B");
```
## Known Limitations
- Kein Composer/Autoload; Includes muessen manuell gesetzt werden.
- `sql.php` erwartet `secret.php` im Bibliotheksverzeichnis und nutzt `mysqli`.
- Netzwerkfunktionen (`link-meta.php`, `og.php`, `troy-api.php`) nutzen `file_get_contents` und haben keine SSRF-Allowlist.
- Mehrere Funktionen sind historisch gewachsen und nutzen teils inkonsistentes Error-Handling (`false`, `null`, Exceptions).
- `markdown.php` und `onlySimpleHTML()` sind einfache Parser/Sanitizer, nicht vollstaendige Markdown- oder HTML-Sicherheitsloesungen.
## Hinweise
- Die Bibliothek ist bewusst leichtgewichtig und ohne Composer-Setup gehalten.
- Fuer geplante Verbesserungen siehe `NEXT_STEPS.md`.

3
_func.php
View File

@@ -1,5 +1,4 @@
<?php
declare(strict_types=1);
// include ('config.php');
include_once ('sql.php');
$sql = new SQL ();
@@ -9,4 +8,4 @@ include_once ('mail.php');
include_once ('debug.php');
include_once ('troy-api.php');
// include_once ('markdown.php');
?>
?>

8
debug.php
View File

@@ -1,16 +1,14 @@
<?php
declare(strict_types=1);
function debug(mixed $s): void {
function debug($s) {
if(isset($_COOKIE['debug']))
print_r($s);
}
function debugCookie(bool $on = true): void {
function debugCookie($on=true) {
if($on) {
setcookie('debug','1',time()+(60*60*24*365),"/");
}else{
setcookie('debug',null,0,"/");
}
}
?>
?>

24
http-limits.php
View File

@@ -1,24 +0,0 @@
<?php
declare(strict_types=1);
if (!defined('LIB_HTTP_TIMEOUT')) {
define('LIB_HTTP_TIMEOUT', 8);
}
if (!defined('LIB_HTTP_MAX_REDIRECTS')) {
define('LIB_HTTP_MAX_REDIRECTS', 4);
}
if (!defined('LIB_HTTP_MAX_BYTES')) {
define('LIB_HTTP_MAX_BYTES', 5 * 1024 * 1024);
}
function httpLimits(): array {
return [
'timeout' => max(1, (int) LIB_HTTP_TIMEOUT),
'max_redirects' => max(0, (int) LIB_HTTP_MAX_REDIRECTS),
'max_bytes' => max(1, (int) LIB_HTTP_MAX_BYTES),
'user_agent' => 'star-citizen.de-linkbot/1.0'
];
}

6
ips/crawler.php
View File

@@ -1,6 +1,4 @@
<?php
declare(strict_types=1);
$_ips_crawler = array (
'34.79.234.76', // google
'40.77.167.', // bing bot
@@ -30,7 +28,7 @@ $_ips_crawler = array (
'2a01:4f8:190:4244::2', // mj12bot
'2a01:4f8:162:43c5::2', // mj12bot
);
function checkHuman(): bool {
function checkHuman() {
global $_ips_crawler;
if (stripos ( $_SERVER ['HTTP_USER_AGENT'], 'bot' ) !== false || stripos ( $_SERVER ['HTTP_USER_AGENT'], 'crawler' ) !== false) {
return false;
@@ -42,4 +40,4 @@ function checkHuman(): bool {
}
return true;
}
?>
?>

187
link-meta.php
View File

@@ -1,187 +0,0 @@
<?php
declare(strict_types=1);
require_once __DIR__ . '/http-limits.php';
function httpContext(?int $timeout = null) {
$limits = httpLimits();
$resolvedTimeout = $timeout === null ? $limits['timeout'] : max(1, $timeout);
return stream_context_create([
'http' => [
'timeout' => $resolvedTimeout,
'follow_location' => 1,
'max_redirects' => $limits['max_redirects'],
'user_agent' => $limits['user_agent'],
'ignore_errors' => true
],
'ssl' => [
'verify_peer' => true,
'verify_peer_name' => true
]
]);
}
function normalizeUrl(string $url): ?string {
$url = trim($url);
if (!filter_var($url, FILTER_VALIDATE_URL)) {
return null;
}
$parts = parse_url($url);
if (!$parts || !isset($parts['scheme'])) {
return null;
}
$scheme = strtolower($parts['scheme']);
if ($scheme !== 'http' && $scheme !== 'https') {
return null;
}
return $url;
}
function resolveUrl(string $url, string $baseUrl): ?string {
$url = trim($url);
if (filter_var($url, FILTER_VALIDATE_URL)) {
return $url;
}
$baseParts = parse_url($baseUrl);
if (!$baseParts || !isset($baseParts['scheme']) || !isset($baseParts['host'])) {
return null;
}
if (strpos($url, '//') === 0) {
return $baseParts['scheme'] . ':' . $url;
}
$path = '/';
if (!empty($baseParts['path'])) {
$path = preg_replace('#/[^/]*$#', '/', $baseParts['path']);
if ($path === null || $path === '') {
$path = '/';
}
}
if (strlen($url) && $url[0] === '/') {
return $baseParts['scheme'] . '://' . $baseParts['host'] . $url;
}
return $baseParts['scheme'] . '://' . $baseParts['host'] . $path . $url;
}
function safeFetch(string $url, ?int $timeout = null): ?string {
$limits = httpLimits();
$ctx = httpContext($timeout);
$content = @file_get_contents($url, false, $ctx);
if ($content === false || strlen($content) > $limits['max_bytes']) {
return null;
}
return $content;
}
function downloadImageFromUrl(string $url, string $baseUrl, string $destinationFolder = 'upl/'): ?string {
$resolved = resolveUrl($url, $baseUrl);
if ($resolved === null) {
return null;
}
if (!preg_match('/\.(jpg|jpeg|png|gif|bmp|webp)(?:\?|#|$)/i', $resolved)) {
return null;
}
$imageContent = safeFetch($resolved);
if ($imageContent === null || strlen($imageContent) === 0) {
return null;
}
$path = parse_url($resolved, PHP_URL_PATH) ?? '';
$ext = strtolower(pathinfo($path, PATHINFO_EXTENSION));
if ($ext === '' || !preg_match('/^(jpg|jpeg|png|gif|bmp|webp)$/', $ext)) {
$ext = 'png';
}
if (!is_dir($destinationFolder)) {
@mkdir($destinationFolder, 0775, true);
}
$md5Hash = md5($imageContent);
$filePath = rtrim($destinationFolder, '/\\') . '/' . $md5Hash . '.' . $ext;
$written = @file_put_contents($filePath, $imageContent);
if ($written === false) {
return null;
}
return $filePath;
}
function parseMetaContent(string $html, string $attr, string $name): ?string {
$pattern = '/<meta[^>]*' . $attr . '=["\']' . preg_quote($name, '/') . '["\'][^>]*content=["\']([^"\']+)["\'][^>]*>/i';
if (preg_match($pattern, $html, $matches) && isset($matches[1])) {
return trim(html_entity_decode($matches[1], ENT_QUOTES | ENT_HTML5, 'UTF-8'));
}
return null;
}
function getPageInfo(string $url): array {
$ret = [
'ok' => false,
'title' => '',
'description' => '',
'logo' => null,
'error' => null
];
$normalized = normalizeUrl($url);
if ($normalized === null) {
$ret['error'] = 'ungueltige_url';
return $ret;
}
$html = safeFetch($normalized);
if ($html === null) {
$ret['error'] = 'seite_nicht_erreichbar';
return $ret;
}
$title = parseMetaContent($html, 'property', 'og:title') ?? parseMetaContent($html, 'name', 'title');
$description = parseMetaContent($html, 'property', 'og:description') ?? parseMetaContent($html, 'name', 'description');
$image = parseMetaContent($html, 'property', 'og:image') ?? parseMetaContent($html, 'name', 'image');
if ($title === null && preg_match('/<title>\s*(.*?)\s*<\/title>/is', $html, $matchTitle)) {
$title = trim(html_entity_decode($matchTitle[1], ENT_QUOTES | ENT_HTML5, 'UTF-8'));
}
$logo = null;
if ($image !== null && $image !== '') {
$img = downloadImageFromUrl($image, $normalized);
if ($img !== null) {
$logo = '/' . ltrim($img, '/');
}
}
$ret['ok'] = true;
$ret['title'] = $title ?? '';
$ret['description'] = $description ?? '';
$ret['logo'] = $logo;
return $ret;
}
function sanitizeTags(array $input): array {
$ret = [];
foreach ($input as $tag) {
if (!is_string($tag)) {
continue;
}
$clean = onlyAlpha(trim($tag), '_\-');
if ($clean === '') {
continue;
}
$clean = ucfirst(substr($clean, 0, 35));
$ret[$clean] = true;
if (count($ret) >= 20) {
break;
}
}
return array_keys($ret);
}

33
mail.php
View File

@@ -1,18 +1,5 @@
<?php
declare(strict_types=1);
function mail_contains_header_injection(string $value): bool {
return strpbrk($value, "\r\n\0") !== false;
}
function mail_is_valid_email(string $value): bool {
if (mail_contains_header_injection($value)) {
return false;
}
return filter_var($value, FILTER_VALIDATE_EMAIL) !== false;
}
function send_mail(string $an, string $betreff, string $text, string $ok = '', string $error = ''): void {
function send_mail($an, $betreff, $text, $ok = '', $error = '') {
global $absender;
$sender = 'noreply@troy-grunt.de';
if(isset($absender) && $absender) {
@@ -23,10 +10,6 @@ function send_mail(string $an, string $betreff, string $text, string $ok = '', s
$sender = $_sendermail;
}
}
if (!mail_is_valid_email($an) || !mail_is_valid_email($sender) || mail_contains_header_injection($betreff)) {
echo $error;
return;
}
$header = 'From: ' . $sender . "\r\n";
$header .= 'To: ' . $an . "\r\n";
$header .= 'Content-Type:text/html' . "\r\n";
@@ -40,7 +23,7 @@ function send_mail(string $an, string $betreff, string $text, string $ok = '', s
}
}
function send_html_mail(string $an, string $betreff, string $text, string $ok = '', string $error = ''): void {
function send_html_mail($an, $betreff, $text, $ok = '', $error = '') {
global $absender;
$sender = 'noreply@troy-grunt.de';
if(isset($absender) && $absender) {
@@ -51,10 +34,6 @@ function send_html_mail(string $an, string $betreff, string $text, string $ok =
$sender = $_sendermail;
}
}
if (!mail_is_valid_email($an) || !mail_is_valid_email($sender) || mail_contains_header_injection($betreff)) {
echo $error;
return;
}
$boundary = md5($an.$betreff.$text.time());
$header = 'From: ' . $sender . "\n";
@@ -78,16 +57,12 @@ function send_html_mail(string $an, string $betreff, string $text, string $ok =
}
}
function send_php_mail(string $an, string $betreff, string $text, string $ok = '', string $error = ''): void {
function send_php_mail($an, $betreff, $text, $ok = '', $error = '') {
global $_sendermail;
$sender = 'noreply@troy-grunt.de';
if (isset ( $_sendermail )) {
$sender = $_sendermail;
}
if (!mail_is_valid_email($an) || !mail_is_valid_email($sender) || mail_contains_header_injection($betreff)) {
echo $error;
return;
}
include 'php-mailer/PHPMailer.php';
$mail = new PHPMailer();
@@ -103,4 +78,4 @@ function send_php_mail(string $an, string $betreff, string $text, string $ok = '
echo 'Message sent!';
}
}
?>
?>

7
markdown.php
View File

@@ -1,7 +1,6 @@
<?php
declare(strict_types=1);
// TODO markdown imple
function md(string $str): string {
function md($str) {
// return nl2br ( $str ); // TODO md problem
$text = '<p>';
$lv = 0;
@@ -76,10 +75,10 @@ function md(string $str): string {
$text .= '</p>';
return $text;
}
function _md_link_replacer(array $in): string {
function _md_link_replacer($in) {
// var_dump ( $in );
$in = explode ( '|', $in [1], 2 );
return '<a href="' . $in [0] . '" target="_blank">' . (isset ( $in [1] ) ? $in [1] : $in [0]) . '</a>';
}
?>
?>

8
numbers.php
View File

@@ -1,7 +1,5 @@
<?php
declare(strict_types=1);
function decade(int|float|string $zahl): int|float|string
function decade($zahl)
{
if (! is_numeric($zahl) || $zahl == 0)
return $zahl;
@@ -33,7 +31,7 @@ function decade(int|float|string $zahl): int|float|string
return $zahl . ' ' . $si[$e];
}
function onlyNumeric(string $num): string {
function onlyNumeric($num) {
return preg_replace("/[^0-9\.\-]+/", "", $num);
}
?>
?>

26
og.php
View File

@@ -1,27 +1,7 @@
<?php
declare(strict_types=1);
require_once __DIR__ . '/http-limits.php';
function scanOG(string $url): array {
function scanOG($url) {
$og = array();
$limits = httpLimits();
$ctx = stream_context_create([
'http' => [
'timeout' => $limits['timeout'],
'follow_location' => 1,
'max_redirects' => $limits['max_redirects'],
'user_agent' => $limits['user_agent'],
'ignore_errors' => true
],
'ssl' => [
'verify_peer' => true,
'verify_peer_name' => true
]
]);
$html = @file_get_contents($url, false, $ctx);
if ($html === false || strlen($html) > $limits['max_bytes']) {
return $og;
}
$html = file_get_contents($url);
$re = '/<meta (name|property)=("|\')(.*?)("|\').*?content=("|\')(.*?)("|\')/m';
preg_match_all($re, $html, $matches, PREG_SET_ORDER, 0);
@@ -32,4 +12,4 @@ function scanOG(string $url): array {
//print_r($og);
return $og;
}
?>
?>

34
secret.php.example
View File

@@ -1,17 +1,17 @@
<?php
declare(strict_types=1);
if (!defined('SQL_LOG')) define ( 'SQL_LOG', 1 ); // schreibt sql querys in eine log
$_m['host'] = 'localhost';
$_m['user'] = '';
$_m['pass'] = '';
$_m['data'] = '';
$_m['pre'] = '';
$_m['salt'] = '';
$_sendermail = 'noreply@.de';
$_smtp['srv'] = 'mail.seemsleg.it';
$_smtp['user'] = 'noreply@.de';
$_smtp['pw'] = '';
?>
<?php
if (!defined('SQL_LOG')) define ( 'SQL_LOG', 1 ); // schreibt sql querys in eine log
$_m['host'] = 'localhost';
$_m['user'] = '';
$_m['pass'] = '';
$_m['data'] = '';
$_m['pre'] = '';
$_m['salt'] = '';
$_m['issuedata'] = ['domain'=>'','secret'=>''];
$_sendermail = 'noreply@.de';
$_smtp['srv'] = 'mail.seemsleg.it';
$_smtp['user'] = 'noreply@.de';
$_smtp['pw'] = '';
?>

16
sql.php
View File

@@ -1,11 +1,10 @@
<?php
declare(strict_types=1);
class SQL {
private $h;
private $res = false;
private $m;
public $salt;
public $issuedata;
public $pre;
public $cnt_get = 0;
public $cnt_set = 0;
@@ -13,6 +12,7 @@ class SQL {
require_once ('secret.php');
$this->m = $_m;
$this->issuedata = $_m['issuedata'];
$this->pre = $_m ['pre'];
$this->salt = $_m ['salt'];
if (SQL_LOG)
@@ -24,7 +24,7 @@ class SQL {
}
return true;
}
public function get(string $que, string $t = '', mixed $p = array ()): array|false {
public function get($que, $t = '', $p = array ()) {
// echo $que;
$this->cnt_get ++;
if (SQL_LOG)
@@ -91,14 +91,14 @@ class SQL {
}
return $ret;
}
public function single(string $que, string $t = '', mixed $p = array ()): array|false {
public function single($que, $t = '', $p = array ()) {
$data = $this->get ( $que, $t, $p );
if ($data) {
return $data [0];
}
return false;
}
public function list(string $que, string $t = '', mixed $p = array ()): array|false {
public function list($que, $t = '', $p = array ()) {
$data = $this->get ( $que, $t, $p );
if ($data) {
$ret = array ();
@@ -111,7 +111,7 @@ class SQL {
}
return false;
}
public function keyval(string $que, string|int $k, string|int $v, string $t = '', mixed $p = array ()): array|false {
public function keyval($que, $k, $v, $t = '', $p = array ()) {
$data = $this->get ( $que, $t, $p );
if ($data) {
$ret = array ();
@@ -122,7 +122,7 @@ class SQL {
}
return false;
}
public function set(string $que, string $t = '', mixed $p = array (), bool $id = false): int|false {
public function set($que, $t = '', $p = array (), $id = false) {
// echo $que;
$this->cnt_set ++;
$statement = $this->h->prepare ( $que );
@@ -191,7 +191,7 @@ class SQL {
return $statement->affected_rows;
}
}
function __destruct(): void {
function __destruct() {
if (SQL_LOG)
$this->h->close ();
// echo 'DESTROY';

237
string.php
View File

@@ -1,7 +1,5 @@
<?php
declare(strict_types=1);
function umlaute(string $str): string {
function umlaute($str) {
return str_replace ( array (
'Ä',
'Ö',
@@ -22,10 +20,10 @@ function umlaute(string $str): string {
'&amp;'
), $str );
}
function chk(string $str): string {
function chk($str) {
return str_replace ( "'", '"', $str );
}
function noScript(string $str): string {
function noScript($str) {
return str_replace ( array (
'<',
'>'
@@ -34,7 +32,7 @@ function noScript(string $str): string {
'&gt;'
), $str );
}
function random(int $name_laenge): string {
function random($name_laenge) {
$zeichen = "abcedfghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRTSUVWXYZ0123456789";
$name_neu = "";
@@ -45,32 +43,32 @@ function random(int $name_laenge): string {
}
return $name_neu;
}
function startsWith(string $haystack, string $needle): bool {
function startsWith($haystack, $needle) {
$length = strlen ( $needle );
return (substr ( $haystack, 0, $length ) === $needle);
}
function endsWith(string $haystack, string $needle): bool {
function endsWith($haystack, $needle) {
$length = strlen ( $needle );
return $length === 0 || (substr ( $haystack, - $length ) === $needle);
}
function onlyAlpha(string $str, string $zus = ''): string {
function onlyAlpha($str, $zus = '') {
return preg_replace ( "/[^a-zA-Z0-9 \-\{$zus}_]+/", "", $str );
}
function shortener(string $str, int $len = 50, string $fill = '...'): string {
function shortener($str, $len = 50, $fill = '...') {
if (strlen ( $str ) > $len) {
$str = substr ( $str, 0, $len - strlen ( $fill ) ) . $fill;
}
return $str;
}
function isEmail(string $str): string|false {
function isEmail($str) {
$match = preg_match ( "/[a-zA-Z0-9\-\_\.]*\@[a-zA-Z0-9\-\_\.]*.[a-z]{2,10}/", $str );
if ($match) {
return $str;
}
return false;
}
function markUp(string $text): string {
function markUp($text) {
$r = '';
$lv = 0;
foreach ( explode ( "\n", $text ) as $t ) {
@@ -129,97 +127,146 @@ function markUp(string $text): string {
}
return $r;
}
function onlySimpleHTML(string $s, ?array $allowedTags = null): string {
if ($s === '') {
return '';
}
function onlySimpleHTML($s) {
$s = str_replace ( array (
'<',
'>'
), array (
'{{|-&lt;-|}}',
'{{|-&gt;-|}}'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}b{{|-&gt;-|}}',
'{{|-&lt;-|}}b/{{|-&gt;-|}}'
), array (
'<b>',
'<b/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}u{{|-&gt;-|}}',
'{{|-&lt;-|}}u/{{|-&gt;-|}}'
), array (
'<u>',
'<u/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}i{{|-&gt;-|}}',
'{{|-&lt;-|}}i/{{|-&gt;-|}}'
), array (
'<i>',
'<i/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}span{{|-&gt;-|}}',
'{{|-&lt;-|}}span/{{|-&gt;-|}}'
), array (
'<span>',
'<span/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}b{{|-&gt;-|}}',
'{{|-&lt;-|}}b/{{|-&gt;-|}}'
), array (
'<b>',
'<b/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}br{{|-&gt;-|}}',
'{{|-&lt;-|}}br/{{|-&gt;-|}}'
), array (
'<br>',
'<br/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}h1{{|-&gt;-|}}',
'{{|-&lt;-|}}h1/{{|-&gt;-|}}'
), array (
'<h1>',
'<h1/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}h2{{|-&gt;-|}}',
'{{|-&lt;-|}}h2/{{|-&gt;-|}}'
), array (
'<h2>',
'<h2/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}h3{{|-&gt;-|}}',
'{{|-&lt;-|}}h3/{{|-&gt;-|}}'
), array (
'<h3>',
'<h3/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}h4{{|-&gt;-|}}',
'{{|-&lt;-|}}h4/{{|-&gt;-|}}'
), array (
'<h4>',
'<h4/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}h5{{|-&gt;-|}}',
'{{|-&lt;-|}}h5/{{|-&gt;-|}}'
), array (
'<h5>',
'<h5/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}h6{{|-&gt;-|}}',
'{{|-&lt;-|}}h6/{{|-&gt;-|}}'
), array (
'<h6>',
'<h6/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}li{{|-&gt;-|}}',
'{{|-&lt;-|}}li/{{|-&gt;-|}}'
), array (
'<li>',
'<li/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}ul{{|-&gt;-|}}',
'{{|-&lt;-|}}ul/{{|-&gt;-|}}'
), array (
'<ul>',
'<ul/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}ol{{|-&gt;-|}}',
'{{|-&lt;-|}}ol/{{|-&gt;-|}}'
), array (
'<ol>',
'<ol/>'
), $s );
$s = str_replace ( array (
'{{|-&lt;-|}}pre{{|-&gt;-|}}',
'{{|-&lt;-|}}pre/{{|-&gt;-|}}'
), array (
'<pre>',
'<pre/>'
), $s );
if ($allowedTags === null) {
$allowedTags = array (
'b',
'u',
'i',
'span',
'br',
'h1',
'h2',
'h3',
'h4',
'h5',
'h6',
'li',
'ul',
'ol',
'pre'
);
}
// cleanup
$s = str_replace ( array (
'{{|-',
'-|}}'
), array (
'',
''
), $s );
$allow = array_fill_keys ( array_map ( 'strtolower', $allowedTags ), true );
$selfClosing = array (
'br' => true
);
$parts = preg_split ( '/(<[^>]*>)/', $s, - 1, PREG_SPLIT_DELIM_CAPTURE );
if ($parts === false) {
return htmlspecialchars ( $s, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8' );
}
$out = '';
foreach ( $parts as $part ) {
if ($part === '') {
continue;
}
if ($part[0] !== '<') {
$out .= $part;
continue;
}
if (preg_match ( '/^<\s*(\/?)\s*([a-z0-9]+)\s*(\/?)\s*>$/i', $part, $m ) !== 1) {
$out .= htmlspecialchars ( $part, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8' );
continue;
}
$isClose = ($m[1] === '/');
$tag = strtolower ( $m[2] );
$isSelfClose = ($m[3] === '/');
if (! isset ( $allow[$tag] )) {
$out .= htmlspecialchars ( $part, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8' );
continue;
}
if ($isClose) {
if (isset ( $selfClosing[$tag] )) {
continue;
}
$out .= "</{$tag}>";
continue;
}
if ($isSelfClose && ! isset ( $selfClosing[$tag] )) {
$out .= "</{$tag}>";
continue;
}
if (isset ( $selfClosing[$tag] )) {
$out .= "<{$tag}>";
continue;
}
$out .= "<{$tag}>";
}
return $out;
return $s;
}
function linkify(string $input): string {
function linkify($input) {
$pattern = '@(http(s)?://[a-zA-Z0-9/\.\#\-\_]*)@';
return $output = preg_replace ( $pattern, '<a href="$1">$1</a>', $input );
}
function inStr(string $needle, string $haystack): bool {
function inStr($needle, $haystack) {
if (strpos ( $haystack, $needle ) !== false) {
return true;
}
return false;
}
?>
?>

73
troy-api.php
View File

@@ -1,51 +1,50 @@
<?php
declare(strict_types=1);
function sendToTroy(array $data): string|false {
$url = 'https://troy-grunt.de/api.php';
$options = array (
'http' => array (
'method' => 'POST',
'header' => array (
'Content-Type: application/json'
),
'content' => json_encode ( $data )
)
);
$context = stream_context_create ( $options );
return file_get_contents ( $url, false, $context );
function sendToTroy($data) {
$url = 'https://troy-grunt.de/api.php';
$options = array (
'http' => array (
'method' => 'POST',
'header' => array (
'Content-Type: application/json'
),
'content' => json_encode ( $data )
)
);
$context = stream_context_create ( $options );
return file_get_contents ( $url, false, $context );
}
function sendToGitea(string $title, string $message): array|null {
// secret.php liegt in lib/
require 'secret.php';
function troysIssue($ident, $typ, $text = null, $data = [], $reaction = []) {
global $sql;
$url = "https://issues.troy-grunt.de/api/input";
$url = rtrim($giteaUrl, '/') . "/repos/$giteaOwner/$giteaRepo/issues";
$data = [
"title" => $title,
"body" => $message
$payload = [
"domain" => $sql->issuedata['domain'],
"secret" => $sql->issuedata['secret'],
"ident" => $ident,
"typ" => $typ,
"text" => $text,
"data" => $data,
"reaction" => $reaction
];
// Entferne null-Werte aus dem Array
$payload = array_filter($payload, function ($value) {
return $value !== null;
});
$options = [
'http' => [
'method' => 'POST',
'header' => [
"Content-Type: application/json",
"Authorization: token $giteaToken"
],
'content' => json_encode($data)
"http" => [
"header" => "Content-Type: application/json\r\n",
"method" => "POST",
"content" => json_encode($payload),
"ignore_errors" => true
]
];
$context = stream_context_create($options);
$context = stream_context_create($options);
$result = file_get_contents($url, false, $context);
if ($result === FALSE) {
throw new Exception("Fehler beim Erstellen der Anfrage");
}
return json_decode($result, true);
}
?>
?>