From 7fe908c50c8dbc5cc05f571dbe11d66141caacd4 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 14 Nov 2013 09:01:22 -0500
Subject: [PATCH] Cleaning up code to match coding guidelines
---
interface/web/admin/language_import.php | 182 ++++++++++++++++++++++----------------------
1 files changed, 91 insertions(+), 91 deletions(-)
diff --git a/interface/web/admin/language_import.php b/interface/web/admin/language_import.php
index c25406a..1dfaa18 100644
--- a/interface/web/admin/language_import.php
+++ b/interface/web/admin/language_import.php
@@ -27,87 +27,87 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
function normalize_string($string, $quote, $allow_special = false) {
- $escaped = false;
- $in_string = true;
- $new_string = '';
-
- for($c = 0; $c < mb_strlen($string); $c++) {
- $char = $string{$c};
-
- if($in_string === true && $escaped === false && $char === $quote) {
- // this marks a string end (e.g. for concatenation)
- $in_string = false;
- continue;
- } elseif($in_string === false) {
- if($escaped === false && $char === $quote) {
- $in_string = true;
- continue;
- } else {
- continue; // we strip everything from outside the string!
- }
- }
-
- if($char === '"' && $escaped === true && $quote === '"') {
- // unescape this
- $new_string .= $char;
- $escaped = false;
- continue;
- } elseif($char === "'" && $escaped === false && $quote === '"') {
- // escape this
- $new_string .= '\\' . $char;
- continue;
- }
-
- if($escaped === true) {
- // the next character is the escaped one.
- if($allow_special === true && ($char === 'n' || $char === 'r' || $char === 't')) {
- $new_string .= '\' . "\\' . $char . '" . \'';
- } else {
- $new_string .= '\\' . $char;
- }
- $escaped = false;
- } else {
- if($char === '\\') {
- $escaped = true;
- } else {
- $new_string .= $char;
- }
- }
- }
- return $new_string;
+ $escaped = false;
+ $in_string = true;
+ $new_string = '';
+
+ for($c = 0; $c < mb_strlen($string); $c++) {
+ $char = $string{$c};
+
+ if($in_string === true && $escaped === false && $char === $quote) {
+ // this marks a string end (e.g. for concatenation)
+ $in_string = false;
+ continue;
+ } elseif($in_string === false) {
+ if($escaped === false && $char === $quote) {
+ $in_string = true;
+ continue;
+ } else {
+ continue; // we strip everything from outside the string!
+ }
+ }
+
+ if($char === '"' && $escaped === true && $quote === '"') {
+ // unescape this
+ $new_string .= $char;
+ $escaped = false;
+ continue;
+ } elseif($char === "'" && $escaped === false && $quote === '"') {
+ // escape this
+ $new_string .= '\\' . $char;
+ continue;
+ }
+
+ if($escaped === true) {
+ // the next character is the escaped one.
+ if($allow_special === true && ($char === 'n' || $char === 'r' || $char === 't')) {
+ $new_string .= '\' . "\\' . $char . '" . \'';
+ } else {
+ $new_string .= '\\' . $char;
+ }
+ $escaped = false;
+ } else {
+ if($char === '\\') {
+ $escaped = true;
+ } else {
+ $new_string .= $char;
+ }
+ }
+ }
+ return $new_string;
}
function validate_line($line) {
- $line = trim($line);
- if($line === '' || $line === '<?php' || $line === '?>') return $line; // don't treat empty lines as malicious
-
- $ok = preg_match('/^\s*\$wb\[(["\'])(.*?)\\1\]\s*=\s*(["\'])(.*?)\\3\s*;\s*$/', $line, $matches);
- if(!$ok) return false; // this line has invalid form and could lead to malfunction
-
- $keyquote = $matches[1]; // ' or "
- $key = $matches[2];
- if(strpos($key, '"') !== false || strpos($key, "'") !== false) return false;
-
- $textquote = $matches[3]; // ' or "
- $text = $matches[4];
+ $line = trim($line);
+ if($line === '' || $line === '<?php' || $line === '?>') return $line; // don't treat empty lines as malicious
- $new_line = '$wb[\'';
-
- // validate the language key
- $key = normalize_string($key, $keyquote);
-
- $new_line .= $key . '\'] = \'';
-
- // validate this text to avoid code injection
- $text = normalize_string($text, $textquote, true);
-
- $new_line .= $text . '\';';
-
- return $new_line;
+ $ok = preg_match('/^\s*\$wb\[(["\'])(.*?)\\1\]\s*=\s*(["\'])(.*?)\\3\s*;\s*$/', $line, $matches);
+ if(!$ok) return false; // this line has invalid form and could lead to malfunction
+
+ $keyquote = $matches[1]; // ' or "
+ $key = $matches[2];
+ if(strpos($key, '"') !== false || strpos($key, "'") !== false) return false;
+
+ $textquote = $matches[3]; // ' or "
+ $text = $matches[4];
+
+ $new_line = '$wb[\'';
+
+ // validate the language key
+ $key = normalize_string($key, $keyquote);
+
+ $new_line .= $key . '\'] = \'';
+
+ // validate this text to avoid code injection
+ $text = normalize_string($text, $textquote, true);
+
+ $new_line .= $text . '\';';
+
+ return $new_line;
}
//* Check permissions for module
@@ -130,20 +130,20 @@
if(isset($_FILES['file']['name']) && is_uploaded_file($_FILES['file']['tmp_name'])) {
$lines = file($_FILES['file']['tmp_name']);
// initial check
- $parts = explode('|',$lines[0]);
+ $parts = explode('|', $lines[0]);
if($parts[0] == '---' && $parts[1] == 'ISPConfig Language File') {
if($_POST['ignore_version'] != 1 && $parts[2] != $conf["app_version"]) {
$error .= 'Application version does not match. Appversion: '.$conf["app_version"].' Lanfile version: '.$parts[2];
} else {
unset($lines[0]);
-
+
$buffer = '';
$langfile_path = '';
// all other lines
- $ln = 1;
+ $ln = 1;
foreach($lines as $line) {
- $ln++;
- $parts = explode('|',$line);
+ $ln++;
+ $parts = explode('|', $line);
if(is_array($parts) && count($parts) > 0 && $parts[0] == '--') {
// Write language file, if its not the first file
if($buffer != '' && $langfile_path != '') {
@@ -151,7 +151,7 @@
$error .= "File exists, not written: $langfile_path<br />";
} else {
$msg .= "File written: $langfile_path<br />";
- file_put_contents($langfile_path,$buffer);
+ file_put_contents($langfile_path, $buffer);
}
}
// empty buffer and set variables
@@ -161,17 +161,17 @@
$file_name = trim($parts[3]);
if(!preg_match("/^[a-z]{2}$/i", $selected_language)) die("unallowed characters in selected language name: $selected_language");
if(!preg_match("/^[a-z_]+$/i", $module_name)) die('unallowed characters in module name.');
- if(!preg_match("/^[a-z\._\-]+$/i", $file_name) || stristr($file_name,'..')) die("unallowed characters in language file name: '$file_name'");
+ if(!preg_match("/^[a-z\._\-]+$/i", $file_name) || stristr($file_name, '..')) die("unallowed characters in language file name: '$file_name'");
if($module_name == 'global') {
$langfile_path = trim(ISPC_LIB_PATH."/lang/".$selected_language.".lng");
} else {
$langfile_path = trim(ISPC_WEB_PATH.'/'.$module_name.'/lib/lang/'.$file_name);
}
} elseif(is_array($parts) && count($parts) > 1 && $parts[0] == '---' && $parts[1] == 'EOF') {
- // EOF line, ignore it.
- } else {
- $line = validate_line($line);
- if($line === false) $error .= "Language file contains invalid language entry on line $ln.<br />";
+ // EOF line, ignore it.
+ } else {
+ $line = validate_line($line);
+ if($line === false) $error .= "Language file contains invalid language entry on line $ln.<br />";
else $buffer .= $line."\n";
}
}
@@ -179,16 +179,16 @@
}
}
-$app->tpl->setVar('msg',$msg);
-$app->tpl->setVar('error',$error);
+$app->tpl->setVar('msg', $msg);
+$app->tpl->setVar('error', $error);
-//* load language file
+//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_import.lng';
-include($lng_file);
+include $lng_file;
$app->tpl->setVar($wb);
$app->tpl_defaults();
$app->tpl->pparse();
-?>
\ No newline at end of file
+?>
--
Gitblit v1.9.1