| [ Index ] |
PHP Cross Reference of YOURLS |
[Source view] [Print] [Project Stats]
(no description)
| File Size: | 802 lines (28 kb) |
| Included or required: | 0 times |
| Referenced: | 0 times |
| Includes or requires: | 0 files |
| yourls_int2string($num, $chars = null) X-Ref |
| Convert an integer (1337) to a string (3jk). return: string Converted number param: int $num Number to convert param: string $chars Characters to use for conversion |
| yourls_string2int($string, $chars = null) X-Ref |
| Convert a string (3jk) to an integer (1337) return: string Number (as a string) param: string $string String to convert param: string $chars Characters to use for conversion |
| yourls_unique_element_id($prefix = 'yid', $initial_val = 1) X-Ref |
| Return a unique string to be used as a valid HTML id return: string The unique string param: string $prefix Optional prefix param: int $initial_val The initial counter value (defaults to one) since: 1.8.3 |
| yourls_sanitize_keyword( $keyword, $restrict_to_shorturl_charset = false ) X-Ref |
| Make sure a link keyword (ie "1fv" as in "http://sho.rt/1fv") is acceptable If we are ADDING or EDITING a short URL, the keyword must comply to the short URL charset: every character that doesn't belong to it will be removed. But otherwise we must have a more conservative approach: we could be checking for a keyword that was once valid but now the short URL charset has changed. In such a case, we are treating the keyword for what it is: just a part of a URL, hence sanitize it as a URL. return: string The sanitized keyword param: string $keyword short URL keyword param: bool $restrict_to_shorturl_charset Optional, default false. True if we want the keyword to comply to short URL charset |
| yourls_sanitize_title( $unsafe_title, $fallback = '' ) X-Ref |
| Sanitize a page title. No HTML per W3C http://www.w3.org/TR/html401/struct/global.html#h-7.4.2 return: string Safe title param: string $unsafe_title Title, potentially unsafe param: string $fallback Optional fallback if after sanitization nothing remains since: 1.5 |
| yourls_sanitize_url( $unsafe_url, $protocols = array() X-Ref |
| A few sanity checks on the URL. Used for redirection or DB. For redirection when you don't trust the URL ($_SERVER variable, query string), see yourls_sanitize_url_safe() For display purpose, see yourls_esc_url() return: string Safe URL param: string $unsafe_url unsafe URL param: array $protocols Optional allowed protocols, default to global $yourls_allowedprotocols |
| yourls_sanitize_url_safe( $unsafe_url, $protocols = array() X-Ref |
| A few sanity checks on the URL, including CRLF. Used for redirection when URL to be sanitized is critical and cannot be trusted. Use when critical URL comes from user input or environment variable. In such a case, this function will sanitize it like yourls_sanitize_url() but will also remove %0A and %0D to prevent CRLF injection. Still, some legit URLs contain %0A or %0D (see issue 2056, and for extra fun 1694, 1707, 2030, and maybe others) so we're not using this function unless it's used for internal redirection when the target location isn't hardcoded, to avoid XSS via CRLF return: string Safe URL param: string $unsafe_url unsafe URL param: array $protocols Optional allowed protocols, default to global $yourls_allowedprotocols since: 1.7.2 |
| yourls_deep_replace($search, $subject ) X-Ref |
| Perform a replacement while a string is found, eg $subject = '%0%0%0DDD', $search ='%0D' -> $result ='' Stolen from WP's _deep_replace return: string The string with the replaced values. param: string|array $search Needle, or array of needles. param: string $subject Haystack. |
| yourls_sanitize_int($int ) X-Ref |
| Make sure an integer is a valid integer (PHP's intval() limits to too small numbers) return: string Integer as a string param: int $int Integer to check |
| yourls_sanitize_ip($ip ) X-Ref |
| Sanitize an IP address No check on validity, just return a sanitized string return: string IP address param: string $ip IP address |
| yourls_sanitize_date($date ) X-Ref |
| Make sure a date is m(m)/d(d)/yyyy, return false otherwise return: false|mixed Date in format m(m)/d(d)/yyyy or false if invalid param: string $date Date to check |
| yourls_sanitize_date_for_sql($date) X-Ref |
| Sanitize a date for SQL search. Return false if malformed input. return: false|string String in Y-m-d format for SQL search or false if malformed input param: string $date Date |
| yourls_trim_long_string($string, $length = 60, $append = '[...]') X-Ref |
| Return trimmed string, optionally append '[...]' if string is too long return: string Trimmed string param: string $string String to trim param: int $length Maximum length of string param: string $append String to append if trimmed |
| yourls_sanitize_version( $version ) X-Ref |
| Sanitize a version number (1.4.1-whatever-RC1 -> 1.4.1) The regexp searches for the first digits, then a period, then more digits and periods, and discards all the rest. For instance, 'mysql-5.5-beta' and '5.5-RC1' return '5.5' return: string Sanitized version number param: string $version Version number since: 1.4.1 |
| yourls_sanitize_filename($file) X-Ref |
| Sanitize a filename (no Win32 stuff) return: string|null Sanitized file name (or null if it's just backslashes, ok...) param: string $file File name |
| yourls_seems_utf8($str) X-Ref |
| Check if a string seems to be UTF-8. Stolen from WP. return: bool Whether string seems valid UTF-8 param: string $str String to check |
| yourls_supports_pcre_u() X-Ref |
| Check for PCRE /u modifier support. Stolen from WP. Just in case "PCRE is not compiled with PCRE_UTF8" which seems to happen on some distros return: bool whether there's /u support or not since: 1.7.1 |
| yourls_check_invalid_utf8( $string, $strip = false ) X-Ref |
| Checks for invalid UTF8 in a string. Stolen from WP return: string The checked text. param: string $string The text which is to be checked. param: boolean $strip Optional. Whether to attempt to strip out invalid UTF8. Default is false. since: 1.6 |
| yourls_specialchars( $string, $quote_style = ENT_NOQUOTES, $double_encode = false ) X-Ref |
| Converts a number of special characters into their HTML entities. Stolen from WP. Specifically deals with: &, <, >, ", and '. $quote_style can be set to ENT_COMPAT to encode " to ", or ENT_QUOTES to do both. Default is ENT_NOQUOTES where no quotes are encoded. return: string The encoded text with HTML entities. param: string $string The text which is to be encoded. param: mixed $quote_style Optional. Converts double quotes if set to ENT_COMPAT, both single and double if set to ENT_QUOTES or none if set to ENT_NOQUOTES. Also compatible with old values; converting single quotes if set to 'single', double if set to 'double' or both if otherwise set. Default is ENT_NOQUOTES. param: boolean $double_encode Optional. Whether to encode existing html entities. Default is false. since: 1.6 |
| yourls_specialchars_decode( $string, $quote_style = ENT_NOQUOTES ) X-Ref |
| Converts a number of HTML entities into their special characters. Stolen from WP. Specifically deals with: &, <, >, ", and '. $quote_style can be set to ENT_COMPAT to decode " entities, or ENT_QUOTES to do both " and '. Default is ENT_NOQUOTES where no quotes are decoded. return: string The decoded text without HTML entities. param: string $string The text which is to be decoded. param: mixed $quote_style Optional. Converts double quotes if set to ENT_COMPAT, both single and double if set to ENT_QUOTES or none if set to ENT_NOQUOTES. Also compatible with old _wp_specialchars() values; converting single quotes if set to 'single', double if set to 'double' or both if otherwise set. Default is ENT_NOQUOTES. since: 1.6 |
| yourls_esc_html( $text ) X-Ref |
| Escaping for HTML blocks. Stolen from WP return: string param: string $text since: 1.6 |
| yourls_esc_attr( $text ) X-Ref |
| Escaping for HTML attributes. Stolen from WP return: string param: string $text since: 1.6 |
| yourls_esc_url( $url, $context = 'display', $protocols = array() X-Ref |
| Checks and cleans a URL before printing it. Stolen from WP. A number of characters are removed from the URL. If the URL is for displaying (the default behaviour) ampersands are also replaced. This function by default "escapes" URL for display purpose (param $context = 'display') but can take extra steps in URL sanitization. See yourls_sanitize_url() and yourls_sanitize_url_safe() return: string The cleaned $url param: string $url The URL to be cleaned. param: string $context 'display' or something else. Use yourls_sanitize_url() for database or redirection usage. param: array $protocols Optional. Array of allowed protocols, defaults to global $yourls_allowedprotocols since: 1.6 |
| yourls_normalize_uri( $url ) X-Ref |
| Normalize a URI : lowercase scheme and domain, convert IDN to UTF8 All in one example: 'HTTP://XN--mgbuq0c.Com/AbCd' -> 'http://طارق.com/AbCd' See issues 591, 1630, 1889, 2691 This function is trickier than what seems to be needed at first First, we need to handle several URI types: http://example.com, mailto:[email protected], facetime:[email protected], and so on, see yourls_kses_allowed_protocols() in functions-kses.php The general rule is that the scheme ("stuff://" or "stuff:") is case insensitive and should be lowercase. But then, depending on the scheme, parts of what follows the scheme may or may not be case sensitive. Second, simply using parse_url() and its opposite http_build_url() is a pretty unsafe process: - parse_url() can easily trip up on malformed or weird URLs - exploding a URL with parse_url(), lowercasing some stuff, and glueing things back with http_build_url() does not handle well "stuff:"-like URI [1] and can result in URLs ending modified [2][3]. We don't want to *validate* URI, we just want to lowercase what is supposed to be lowercased. So, to be conservative, this function: - lowercases the scheme - does not lowercase anything else on "stuff:" URI - tries to lowercase only scheme and domain of "stuff://" URI [1] http_build_url(parse_url("mailto:ozh")) == "mailto:///ozh" [2] http_build_url(parse_url("http://blah#omg")) == "http://blah/#omg" [3] http_build_url(parse_url("http://blah?#")) == "http://blah/" return: string URL with lowercase scheme and protocol param: string $url URL since: 1.7.1 |
| yourls_esc_js( $text ) X-Ref |
| Escape single quotes, htmlspecialchar " < > &, and fix line endings. Stolen from WP. Escapes text strings for echoing in JS. It is intended to be used for inline JS (in a tag attribute, for example onclick="..."). Note that the strings have to be in single quotes. The filter 'js_escape' is also applied here. return: string Escaped text. param: string $text The text to be escaped. since: 1.6 |
| yourls_esc_textarea( $text ) X-Ref |
| Escaping for textarea values. Stolen from WP. return: string param: string $text since: 1.6 |
| yourls_backslashit($string) X-Ref |
| Adds backslashes before letters and before a number at the start of a string. Stolen from WP. return: string String with backslashes inserted. param: string $string Value to which backslashes will be added. since: 1.6 |
| yourls_is_rawurlencoded( $string ) X-Ref |
| Check if a string seems to be urlencoded We use rawurlencode instead of urlencode to avoid messing with '+' return: bool param: string $string since: 1.7 |
| yourls_rawurldecode_while_encoded( $string ) X-Ref |
| rawurldecode a string till it's not encoded anymore Deals with multiple encoding (eg "%2521" => "%21" => "!"). See https://github.com/YOURLS/YOURLS/issues/1303 return: string param: string $string since: 1.7 |
| yourls_make_bookmarklet( $code ) X-Ref |
| Converts readable Javascript code into a valid bookmarklet link Uses https://github.com/ozh/bookmarkletgen return: string Bookmarklet link param: string $code Javascript code since: 1.7.1 |
| yourls_get_timestamp( $timestamp ) X-Ref |
| Return a timestamp, plus or minus the time offset if defined return: int a timestamp, plus or minus offset if defined param: string|int $timestamp a timestamp since: 1.7.10 |
| yourls_get_time_offset() X-Ref |
| Get time offset, as defined in config, filtered return: int Time offset since: 1.7.10 |
| yourls_get_datetime_format( $format ) X-Ref |
| Return a date() format for a full date + time, filtered return: string Date format string param: string $format Date format string since: 1.7.10 |
| yourls_get_date_format( $format ) X-Ref |
| Return a date() format for date (no time), filtered return: string Date format string param: string $format Date format string since: 1.7.10 |
| yourls_get_time_format( $format ) X-Ref |
| Return a date() format for a time (no date), filtered return: string Date format string param: string $format Date format string since: 1.7.10 |
| Generated: Sat Feb 22 05:10:06 2025 | Cross-referenced by PHPXref 0.7.1 |