diff options
author | Urban Müller | 2018-06-19 18:18:27 +0200 |
---|---|---|
committer | Urban Müller | 2018-06-19 18:20:53 +0200 |
commit | 82ff67d50a245c09f9c7c49b2c50f17b7dc06679 (patch) | |
tree | 52a274d5b233c7f56d096cd3e43d53e136b5d6ef | |
parent | 3c94c414df60719fdcf8953531cc2eb7d417ed77 (diff) | |
download | itools-82ff67d50a245c09f9c7c49b2c50f17b7dc06679.tar.gz itools-82ff67d50a245c09f9c7c49b2c50f17b7dc06679.tar.bz2 itools-82ff67d50a245c09f9c7c49b2c50f17b7dc06679.zip |
safe variants of php file funcs
-rw-r--r-- | it.class | 37 | ||||
-rwxr-xr-x | tests/it.t | 8 |
2 files changed, 44 insertions, 1 deletions
@@ -1070,7 +1070,7 @@ static function add_dir($path) */ static function file_get($filename, $p = array()) { - if (($data = file_get_contents($filename == "-" ? "php://stdin" : $filename)) !== false) + if (($data = it::file_get_contents($filename == "-" ? "php://stdin" : $filename)) !== false) { if ($p['keyval']) { @@ -1099,6 +1099,8 @@ static function file_get($filename, $p = array()) */ static function file_put($filename, $data, $p = array()) { + $filename = it::safe_filename($filename); + if ($p['keyval']) $data = join("", it::map('"$k\t$v\n"', $data)); else if ($p['lines']) @@ -1168,4 +1170,37 @@ static function mod($a, $n) return (($a % $n) + $n) % $n; } +static function safe_filename($filename) +{ + if (it::match("\./", $filename)) + it::error(['to' => "mueller", 'title' => "fishy filename $filename"]); + + return $filename; +} + +static function file_get_contents($filename, $use_include_path = false, $context = null, $offset = 0) +{ + return file_get_contents(it::safe_filename($filename), $use_include_path, $context, $offset); +} + +static function file_put_contents($filename, $data, $flags = 0, $resource = null) +{ + return file_put_contents(it::safe_filename($filename), $data, $flags, $resource); +} + +static function fopen($filename, $mode, $use_include_path = false, $context = null) +{ + return fopen(it::safe_filename($filename), $mode, $use_include_path, $context); +} + +static function file($filename, $flags = 0, $context = null) +{ + return file(it::safe_filename($filename), $flags, $context); +} + +static function readfile($filename, $use_include_path = false, $context = null) +{ + return readfile(it::safe_filename($filename), $use_include_path, $context); +} + } @@ -465,3 +465,11 @@ is(it::split("b", "ababa", ['limit' => 2]), ["a", "aba"]); is(it::split("b", "abbba", ['no_empty' => true]), ["a", "a"]); is(it::split("(b)", "aba", ['delim_capture' => true]), ["a", "b", "a"]); is(it::split("b", "aabaa", ['offset_capture' => true]), [["aa", 0], ["aa", 3]]); + +it::file_put_contents("/tmp/it_test", "aa"); +is(($fh = fopen("/tmp/it_test", "r")) ? fgets($fh) : null, "aa"); +is(it::file_get_contents("/tmp/it_test"), "aa"); +is(it::file("/tmp/it_test"), ["aa"]); + +it::file_put("/tmp/it_test", "bb"); +is(it::file_get("/tmp/it_test"), "bb"); |