X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FGlobalFunctions.php;h=78fcb8b941779027a6a3a31afc9808ca3fa2b456;hb=97caae596d5493ea2f3e4ba505204a7e278d0590;hp=458ab548dfebc7488d9ecd07d44de4176043891b;hpb=b9bd1b9346f8109e383979c1ce4264d3b7cfdd0b;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php index 458ab548df..78fcb8b941 100644 --- a/includes/GlobalFunctions.php +++ b/includes/GlobalFunctions.php @@ -93,26 +93,6 @@ if ( !function_exists( 'mb_strrpos' ) ) { return Fallback::mb_strrpos( $haystack, $needle, $offset, $encoding ); } } - -// Support for Wietse Venema's taint feature -if ( !function_exists( 'istainted' ) ) { - /** - * @codeCoverageIgnore - * @return int - */ - function istainted( $var ) { - return 0; - } - /** @codeCoverageIgnore */ - function taint( $var, $level = 0 ) {} - /** @codeCoverageIgnore */ - function untaint( $var, $level = 0 ) {} - define( 'TC_HTML', 1 ); - define( 'TC_SHELL', 1 ); - define( 'TC_MYSQL', 1 ); - define( 'TC_PCRE', 1 ); - define( 'TC_SELF', 1 ); -} /// @endcond /** @@ -276,24 +256,6 @@ function wfObjectToArray( $objOrArray, $recursive = true ) { return $array; } -/** - * Wrapper around array_map() which also taints variables - * - * @param $function Callback - * @param $input Array - * @return Array - */ -function wfArrayMap( $function, $input ) { - $ret = array_map( $function, $input ); - foreach ( $ret as $key => $value ) { - $taint = istainted( $input[$key] ); - if ( $taint ) { - taint( $ret[$key], $taint ); - } - } - return $ret; -} - /** * Get a random decimal value between 0 and 1, in a way * not likely to give duplicate values for any realistic @@ -322,8 +284,8 @@ function wfRandom() { */ function wfRandomString( $length = 32 ) { $str = ''; - while ( strlen( $str ) < $length ) { - $str .= dechex( mt_rand() ); + for ( $n = 0; $n < $length; $n += 7 ) { + $str .= sprintf( '%07x', mt_rand() & 0xfffffff ); } return substr( $str, 0, $length ); } @@ -1712,7 +1674,7 @@ function wfMsgExt( $key, $options ) { /** * Since wfMsg() and co suck, they don't return false if the message key they - * looked up didn't exist but a XHTML string, this function checks for the + * looked up didn't exist but instead the key wrapped in <>'s, this function checks for the * nonexistence of messages by checking the MessageCache::get() result directly. * * @deprecated since 1.18. Use Message::isDisabled(). @@ -2418,7 +2380,7 @@ function wfTimestamp( $outputtype = TS_UNIX, $ts = 0 ) { try { $timestamp = new MWTimestamp( $ts ); return $timestamp->getTimestamp( $outputtype ); - } catch( TimestampException $e ) { + } catch ( TimestampException $e ) { wfDebug( "wfTimestamp() fed bogus time value: TYPE=$outputtype; VALUE=$ts\n" ); return false; } @@ -2736,22 +2698,12 @@ function wfEscapeShellArg() { } /** - * Execute a shell command, with time and memory limits mirrored from the PHP - * configuration if supported. - * @param string $cmd Command line, properly escaped for shell. - * @param &$retval null|Mixed optional, will receive the program's exit code. - * (non-zero is usually failure) - * @param array $environ optional environment variables which should be - * added to the executed command environment. - * @param array $limits optional array with limits(filesize, memory, time, walltime) - * this overwrites the global wgShellMax* limits. - * @return string collected stdout as a string (trailing newlines stripped) + * Check if wfShellExec() is effectively disabled via php.ini config + * @return bool|string False or one of (safemode,disabled) + * @since 1.22 */ -function wfShellExec( $cmd, &$retval = null, $environ = array(), $limits = array() ) { - global $IP, $wgMaxShellMemory, $wgMaxShellFileSize, $wgMaxShellTime, - $wgMaxShellWallClockTime, $wgShellCgroup; - - static $disabled; +function wfShellExecDisabled() { + static $disabled = null; if ( is_null( $disabled ) ) { $disabled = false; if ( wfIniGetBool( 'safe_mode' ) ) { @@ -2767,6 +2719,26 @@ function wfShellExec( $cmd, &$retval = null, $environ = array(), $limits = array } } } + return $disabled; +} + +/** + * Execute a shell command, with time and memory limits mirrored from the PHP + * configuration if supported. + * @param string $cmd Command line, properly escaped for shell. + * @param &$retval null|Mixed optional, will receive the program's exit code. + * (non-zero is usually failure) + * @param array $environ optional environment variables which should be + * added to the executed command environment. + * @param array $limits optional array with limits(filesize, memory, time, walltime) + * this overwrites the global wgShellMax* limits. + * @return string collected stdout as a string (trailing newlines stripped) + */ +function wfShellExec( $cmd, &$retval = null, $environ = array(), $limits = array() ) { + global $IP, $wgMaxShellMemory, $wgMaxShellFileSize, $wgMaxShellTime, + $wgMaxShellWallClockTime, $wgShellCgroup; + + $disabled = wfShellExecDisabled(); if ( $disabled ) { $retval = 1; return $disabled == 'safemode' ? @@ -3750,7 +3722,7 @@ function wfShorthandToInteger( $string = '' ) { } $last = $string[strlen( $string ) - 1]; $val = intval( $string ); - switch( $last ) { + switch ( $last ) { case 'g': case 'G': $val *= 1024; @@ -3858,7 +3830,7 @@ function wfGetLangConverterCacheStorage() { * @param array $args parameters passed to hook functions * @return Boolean True if no handler aborted the hook */ -function wfRunHooks( $event, $args = array() ) { +function wfRunHooks( $event, array $args = array() ) { return Hooks::run( $event, $args ); }