*/
class Utils
{
/**
* Verify a ReCaptcha
*
* @param string $response The user response.
*
* @return array The response from the ReCaptcha API.
*/
public static function verifyCaptcha($response)
{
// Attempt to get the response
$resp = @file_get_contents(
'https://www.google.com/recaptcha/api/siteverify?secret='
. Config::get('recaptcha_private')
. '&response='
. $response
);
// In the highly unlikely case that it failed to get anything forge a false
if (!$resp) {
return false;
}
// Decode the response JSON from the servers
$resp = json_decode($resp, true);
// Return shit
return $resp;
}
/**
* The error handler.
*
* @param int $errno The error ID.
* @param string $errstr Quick description of the event.
* @param string $errfile File the error occurred in.
* @param int $errline Line the error occurred on.
*/
public static function errorHandler($errno, $errstr, $errfile, $errline)
{
// Remove ROOT path from the error string and file location
$errstr = str_replace(ROOT, '', $errstr);
$errfile = str_replace(ROOT, '', $errfile);
// Attempt to log the error to the database
if (Database::$database !== null) {
// Encode backtrace data
$backtrace = base64_encode(json_encode(debug_backtrace()));
// Check if this error has already been logged in the past
$past = DB::prepare('SELECT * FROM `{prefix}error_log` WHERE `error_backtrace` = :bc OR (`error_string` = :str AND `error_line` = :li)');
$past->execute([
'bc' => $backtrace,
'str' => $errstr,
'li' => $errline,
]);
$past = $past->fetch();
if ($past) {
// If so assign the errid
$errid = $past->error_id;
} else {
// Create an error ID
$errid = substr(md5(microtime()), rand(0, 22), 10);
// Log the error
DB::prepare('INSERT INTO `{prefix}error_log` (`error_id`, `error_timestamp`, `error_revision`, `error_type`, `error_line`, `error_string`, `error_file`, `error_backtrace`) VALUES (:id, :time, :rev, :type, :line, :string, :file, :bc)')
->execute([
'id' => $errid,
'time' => date("r"),
'rev' => SAKURA_VERSION,
'type' => $errno,
'line' => $errline,
'string' => $errstr,
'file' => $errfile,
'bc' => $backtrace,
]);
}
}
switch ($errno) {
case E_ERROR:
case E_USER_ERROR:
$error = 'FATAL ERROR: ' . $errstr . ' on line ' . $errline . ' in ' . $errfile;
break;
case E_WARNING:
case E_USER_WARNING:
$error = 'WARNING: ' . $errstr . ' on line ' . $errline . ' in ' . $errfile;
break;
case E_NOTICE:
case E_USER_NOTICE:
$error = 'NOTICE: ' . $errstr . ' on line ' . $errline . ' in ' . $errfile;
break;
default:
$error = 'Unknown error type [' . $errno . ']: ' . $errstr . ' on line ' . $errline
. ' in ' . $errfile;
}
// Truncate all previous outputs
ob_clean();
ob_end_clean();
// Check if this request was made through the ajax thing
if (isset($_REQUEST['ajax'])) {
die('An error occurred while executing the script.|1|javascript:alert("' . (isset($errid) ? 'Error Log ID: '. $errid : 'Failed to log.') . '");');
}
// Check for dev mode
$detailed = Config::local('dev', 'show_errors');
// Build page
$errorPage = '
Sakura Internal Error
An error occurred while executing the script.
To prevent potential security risks or data loss Sakura has stopped execution of the script.
';
if (isset($errid)) {
$errorPage .= '
The error and surrounding data has been logged.
' . (!$detailed ? 'Report the following text to a staff member' : 'Logged as') . '
' . $errid . '
';
} else {
$errorPage .= '
Sakura was not able to log this error which could mean that there was an error
with the database connection. If you\'re the system administrator check the database credentials
and make sure the server is running and if you\'re not please let the system administrator
know about this error if it occurs again.
';
}
if ($detailed) {
$errorPage .= '
Summary
' . $error . '
Backtraces
';
foreach (debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS) as $num => $trace) {
$errorPage .= '
#' . $num . '
';
foreach ($trace as $key => $val) {
$errorPage .=
str_pad(
'[' . $key . ']',
12
) . '=> ' . (
is_array($val) || is_object($val) ?
json_encode($val) :
$val
) . "\r\n";
}
$errorPage .= '
';
}
}
$errorPage .= '
';
// Die and display error message
die($errorPage);
}
/**
* Send an e-mail.
*
* @param string $to Destination e-mail.
* @param string $subject E-mail subject.
* @param string $body Contents of the message.
* @return bool|string Return whatever PHPMailer returns.
*/
public static function sendMail($to, $subject, $body)
{
// Initialise PHPMailer
$mail = new PHPMailer();
// Set to SMTP
$mail->isSMTP();
// Set the SMTP server host
$mail->Host = Config::get('smtp_server');
// Do we require authentication?
$mail->SMTPAuth = Config::get('smtp_auth');
// Do we encrypt as well?
$mail->SMTPSecure = Config::get('smtp_secure');
// Set the port to the SMTP server
$mail->Port = Config::get('smtp_port');
// If authentication is required log in as well
if (Config::get('smtp_auth')) {
$mail->Username = Config::get('smtp_username');
$mail->Password = base64_decode(Config::get('smtp_password'));
}
// Add a reply-to header
$mail->addReplyTo(Config::get('smtp_replyto_mail'), Config::get('smtp_replyto_name'));
// Set a from address as well
$mail->setFrom(Config::get('smtp_from_email'), Config::get('smtp_from_name'));
// Set the addressee
foreach ($to as $email => $name) {
$mail->addBCC($email, $name);
}
// Subject line
$mail->Subject = $subject;
// Set body
$mail->Body = $body;
// Send the message
$send = $mail->send();
// Clear the addressee list
$mail->clearAddresses();
// If we got an error return the error
if (!$send) {
return $mail->ErrorInfo;
}
// Else just return whatever
return $send;
}
/**
* Clean a string
*
* @param string $string Dirty string.
* @param bool $lower Make the string lowercase.
* @param bool $noSpecial String all special characters.
* @param bool $replaceSpecial Thing to replace special characters with.
*
* @return string Clean string.
*/
public static function cleanString($string, $lower = false, $noSpecial = false, $replaceSpecial = '')
{
// Run common sanitisation function over string
$string = htmlentities($string, ENT_NOQUOTES | ENT_HTML401, Config::get('charset'));
$string = stripslashes($string);
$string = strip_tags($string);
// If set also make the string lowercase
if ($lower) {
$string = strtolower($string);
}
// If set remove all characters that aren't a-z or 0-9
if ($noSpecial) {
$string = preg_replace('/[^a-z0-9]/', $replaceSpecial, $string);
}
// Return clean string
return $string;
}
/**
* Validate MX records.
*
* @param string $email E-mail address.
*
* @return bool Success.
*/
public static function checkMXRecord($email)
{
// Get the domain from the e-mail address
$domain = substr(strstr($email, '@'), 1);
// Check the MX record
$record = checkdnsrr($domain, 'MX');
// Return the record data
return $record;
}
/**
* Get the country code of a visitor.
*
* @return string 2 character country code.
*/
public static function getCountryCode()
{
// Attempt to get country code using PHP's built in geo thing
if (function_exists("geoip_country_code_by_name")) {
$code = geoip_country_code_by_name(Net::IP());
// Check if $code is anything
if ($code) {
return $code;
}
}
// Check if the required header is set and return it
if (isset($_SERVER['HTTP_CF_IPCOUNTRY'])) {
return $_SERVER['HTTP_CF_IPCOUNTRY'];
}
// Return XX as a fallback
return 'XX';
}
/**
* Check the entropy of a password.
*
* @param string $pw Password.
*
* @return double|int Entropy.
*/
public static function pwdEntropy($pw)
{
// Decode utf-8 chars
$pw = utf8_decode($pw);
// Count the amount of unique characters in the password string and calculate the entropy
return count(count_chars($pw, 1)) * log(256, 2);
}
/**
* Get the country name from a 2 character code.
*
* @param string $code The country code.
*
* @return string The country name.
*/
public static function getCountryName($code)
{
// Parse JSON file
$iso3166 = json_decode(
utf8_encode(
file_get_contents(
ROOT . Config::local('data', 'iso3166')
)
),
true
);
// Check if key exists
if (array_key_exists($code, $iso3166)) {
return $iso3166[$code]; // If entry found return the full name
}
// Else return unknown
return 'Unknown';
}
/**
* Get the byte symbol for a unit from bytes.
*
* @param int $bytes The amount of bytes.
*
* @return string The converted amount with the symbol.
*/
public static function getByteSymbol($bytes)
{
// Return nothing if the input was 0
if (!$bytes) {
return;
}
// Array with byte symbols
$symbols = ['B', 'KiB', 'MiB', 'GiB', 'TiB', 'PiB', 'EiB', 'ZiB', 'YiB'];
// Calculate byte entity
$exp = floor(log($bytes) / log(1024));
// Format the things
$bytes = sprintf("%.2f " . $symbols[$exp], ($bytes / pow(1024, floor($exp))));
// Return the formatted string
return $bytes;
}
/**
* Get the premium tracker data.
*
* @return array The premium tracker data.
*/
public static function getPremiumTrackerData()
{
// Create data array
$data = [];
// Get database stuff
$table = DB::prepare('SELECT * FROM `{prefix}premium_log` ORDER BY `transaction_id` DESC');
$table->execute();
$table = $table->fetchAll(\PDO::FETCH_ASSOC);
// Add raw table data to data array
$data['table'] = $table;
// Create balance entry
$data['balance'] = 0.0;
// Create users entry
$data['users'] = [];
// Calculate the thing
foreach ($table as $row) {
// Calculate balance
$data['balance'] = $data['balance'] + $row['transaction_amount'];
// Add userdata to table
if (!array_key_exists($row['user_id'], $data['users'])) {
$data['users'][$row['user_id']] = User::construct($row['user_id']);
}
}
// Return the data
return $data;
}
/**
* Add a new entry to the tracker.
*
* @param int $id The user ID.
* @param float $amount The amount of money.
* @param string $comment A little information.
*/
public static function updatePremiumTracker($id, $amount, $comment)
{
DB::prepare('INSERT INTO `{prefix}premium_log` (`user_id`, `transaction_amount`, `transaction_date`, `transaction_comment`) VALUES (:user, :amount, :date, :comment)')
->execute([
'user' => $id,
'amount' => $amount,
'date' => time(),
'comment' => $comment,
]);
}
/**
* Clean up the contents of tags.
*
* @param string $text Dirty
*
* @return string Clean
*/
public static function fixCodeTags($text)
{
$parts = explode('', $text);
$newStr = '';
if (count($parts) > 1) {
foreach ($parts as $p) {
$parts2 = explode('
', $p);
if (count($parts2) > 1) {
$code = str_replace('
', '', $parts2[0]);
$code = str_replace('
', '', $code);
$code = str_replace('
', '', $code);
$code = str_replace('<', '<', $code);
$newStr .= ''.$code.'
';
$newStr .= $parts2[1];
} else {
$newStr .= $p;
}
}
} else {
$newStr = $text;
}
return $newStr;
}
}