Location: PHPKode > projects > Bugdar > upload/framework/kernel.php
<?php
/*=====================================================================*\
|| ###################################################################
|| # Blue Static ISSO Framework
|| # Copyright ©2002-[#]year[#] Blue Static
|| #
|| # This program is free software; you can redistribute it and/or modify
|| # it under the terms of the GNU General Public License as published by
|| # the Free Software Foundation; version [#]gpl[#] of the License.
|| #
|| # This program is distributed in the hope that it will be useful, but
|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|| # more details.
|| #
|| # You should have received a copy of the GNU General Public License along
|| # with this program; if not, write to the Free Software Foundation, Inc.,
|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|| ###################################################################
\*=====================================================================*/

/**
* Blue Static ISSO Framework Kernel
* kernel.php
*
* @package	ISSO
*/

if (!function_exists('version_compare'))
{
	trigger_error('You need PHP version 4.1.0 or newer to run ISSO', E_USER_ERROR);
	exit;
}

// when we are PHP5-nat instead of PHP5-compat, we can remove this
if (version_compare(PHP_VERSION, '5.0.0', '>='))
{
	if (ini_get('error_reporting') & E_NOTICE)
	{
		error_reporting(ini_get('error_reporting') - E_NOTICE);
	}
	if (ini_get('error_reporting') & E_USER_NOTICE)
	{
		error_reporting(ini_get('error_reporting') - E_USER_NOTICE);
	}
}

if ((bool)ini_get('register_globals') === true)
{
	$superglobals = array('_GET', '_COOKIE', '_FILES', '_POST', '_SERVER', '_ENV');
	foreach ($superglobals AS $global)
	{
		if (is_array(${$global}))
		{
			foreach (${$global} AS $_key => $_val)
			{
				if (isset(${$_key}))
				{
					unset(${$_key});
				}
			}
		}
	}
}

$oldlevel = ini_get('error_reporting');
$newlevel = $oldlevel;
$levels = array(E_ERROR => E_USER_ERROR, E_WARNING => E_USER_WARNING, E_NOTICE => E_USER_NOTICE);
foreach ($levels AS $php => $isso)
{
	if ($oldlevel & $php)
	{
		if (!($oldlevel & $isso))
		{
			$newlevel += $isso;
		}
	}
	else
	{
		if ($oldlevel & $isso)
		{
			$newlevel -= $isso;
		}
	}
}
error_reporting($newlevel);

/**#@+
* Input cleaning type constant
*/
/**
* Integer type
*/
define('TYPE_INT', 1);

/**
* Unsigned integer
*/
define('TYPE_UINT', 2);

/**
* Float type
*/
define('TYPE_FLOAT', 4);

/**
* Boolean type
*/
define('TYPE_BOOL', 8);

/**
* String - cleaned
*/
define('TYPE_STR', 16);

/**
* String - deliberate unclean
*/
define('TYPE_STRUN', 32);

/**
* No cleaning - here for use in API
*/
define('TYPE_NOCLEAN', 64);

/**
* Duplicate of TYPE_NOCLEAN, but shorter
*/
define('TYPE_NONE', TYPE_NOCLEAN);

/**
* Macro for using DB->escape_binary() without cleaning - used in API
*/
define('TYPE_BIN', 128);
/**#@-*/

/**
* Yes, required
*/
define('REQ_YES', 1);

/**
* No, not required
*/
define('REQ_NO', 0);

/**
* Blue Static ISSO Framework (ISSO)
*
* This framework allows a common backend to be used amongst all Blue
* Static applications and is built to be abstract and flexible.
* The base framework handles all loading and module management.
*
* Constants:
*		ISSO_NO_INPUT_SANITIZE - Disables the automatic input sanitizer
*		ISSO_CHECK_POST_REFERER - Will check to make sure that on POSTed
*									data, the referer matches the host
*		ISSO_MT_START - Define the microtime() value at the top of your
*						script and this will calculate the total execution
*						time
*		SVN - Place SVN keywords (like $Id) to display the information on output
*
* @author		Blue Static
* @copyright	Copyright ©2002 - [#]year[#], Blue Static
* @version		$Revision$
* @package		ISSO
* 
*/
class ISSO
{
	/**
	* Location of ISSO, used for internal linking
	* @var	string
	* @access	private
	*/
	var $sourcepath = '';
	
	/**
	* Path of the current application
	* @var	string
	* @access	private
	*/
	var $apppath = '';
	
	/**
	* Web path used to get the web location of the installation of ISSO; only used for Printer module
	* @var	string
	* @access	private
	*/
	var $webpath = '';
	
	/**
	* Name of the current application
	* @var	string
	* @access	private
	*/
	var $application = '';
	
	/**
	* Version of the current application
	* @var	string
	* @access	private
	*/
	var $appversion = '';
	
	/**
	* Whether debug mode is on or off
	* @var	bool
	* @access	private
	*/
	var $debug = false;
	
	/**
	* List of all active debug messages
	* @var	array
	* @access	private
	*/
	var $debuginfo = array();
	
	/**
	* List of loaded modules
	* @var	array
	* @access	private
	*/
	var $modules = array();
	
	/**
	* An array of sanitized variables that have been cleaned for HTML tag openers and double quotes
	* @var	array
	* @access	public
	*/
	var $in = array();
	
	/**
	* If we are running with magic_quotes_gpc on or off
	* @var	int
	* @access	private
	*/
	var $magicquotes = 0;
	
	// ###################################################################
	/**
	* Constructor
	*/
	function __construct()
	{
		$GLOBALS['isso:callback'] = null;
		
		// error reporting
		set_error_handler(array(&$this, '_error_handler'));
		
		// magic quotes
		$this->magicquotes = get_magic_quotes_gpc();
		set_magic_quotes_runtime(0);
		
		// some debug info that's always useful
		$this->debug('magic_quotes_gpc = ' . $this->magicquotes);
		$this->debug('register_globals = ' . ini_get('register_globals'));
		
		// attempt to set the sourcepath
		$path = call_user_func('debug_backtrace');
		$this->setSourcePath(str_replace('kernel.php', '', $path[0]['file']));
		
		// start input sanitize using variable_order GPC
		if (!defined('ISSO_NO_INPUT_SANITIZE'))
		{
			$this->exec_sanitize_data();
		}
		
		if (defined('ISSO_CHECK_POST_REFERER'))
		{
			$this->exec_referer_check();
		}
	}
	
	// ###################################################################
	/**
	* (PHP 4) Constructor
	*/
	function ISSO()
	{
		$this->__construct();
	}
	
	// ###################################################################
	/**
	* Sets the sourcepath
	*
	* @access	public
	*
	* @param	string	Source path
	*/
	function setSourcePath($path)
	{
		$this->sourcepath = $this->fetch_sourcepath($path);
	}
	
	// ###################################################################
	/**
	* Gets the sourcepath
	*
	* @access	public
	*
	* @return	string	Source path
	*/
	function getSourcePath()
	{
		return $this->sourcepath;
	}
	
	// ###################################################################
	/**
	* Sets the apppath
	*
	* @access	public
	*
	* @param	string	Application path
	*/
	function setAppPath($path)
	{
		$this->apppath = $this->fetch_sourcepath($path);
	}
	
	// ###################################################################
	/**
	* Gets the apppath
	*
	* @access	public
	*
	* @return	string	Source path
	*/
	function getAppPath()
	{
		return $this->apppath;
	}
	
	// ###################################################################
	/**
	* Sets the webpath
	*
	* @access	public
	*
	* @param	string	Web path
	*/
	function setWebPath($path)
	{
		$this->webpath = $this->fetch_sourcepath($path);
	}
	
	// ###################################################################
	/**
	* Gets the webpath
	*
	* @access	public
	*
	* @return	string	Web path
	*/
	function getWebPath()
	{
		return $this->webpath;
	}
	
	// ###################################################################
	/**
	* Sets the applicaiton
	*
	* @access	public
	*
	* @param	string	Applicaiton
	*/
	function setApplication($app)
	{
		$this->application = $app;
	}
	
	// ###################################################################
	/**
	* Gets the application
	*
	* @access	public
	*
	* @return	string	Application
	*/
	function getApplication()
	{
		return $this->application;
	}
	
	// ###################################################################
	/**
	* Sets the appverison
	*
	* @access	public
	*
	* @param	string	Applicaiton version
	*/
	function setAppVersion($version)
	{
		$this->appversion = $version;
	}
	
	// ###################################################################
	/**
	* Gets the appversion
	*
	* @access	public
	*
	* @return	string	Application version
	*/
	function getAppVersion()
	{
		return $this->appversion;
	}
	
	// ###################################################################
	/**
	* Sets debug mode
	*
	* @access	public
	*
	* @param	boolean	Debug?
	*/
	function setDebug($debug)
	{
		$this->debug = $debug;
	}
	
	// ###################################################################
	/**
	* Gets debug mode state
	*
	* @access	public
	*
	* @return	boolean	Debug?
	*/
	function getDebug()
	{
		return $this->debug;
	}
	
	// ###################################################################
	/**
	* Prepares a path for being set as the sourcepath
	*
	* @access	public
	*
	* @param	string	Source path or URL
	*
	* @return	string	Prepared source path
	*/
	function fetch_sourcepath($source)
	{
		if (substr($source, strlen($source) - 1) != DIRECTORY_SEPARATOR)
		{
			$source .= DIRECTORY_SEPARATOR;
		}
		return $source;
	}
	
	// ###################################################################
	/**
	* Loads a framework module
	*
	* @access	public
	*
	* @param	string	Name of the framework file to load
	* @param	string	Internal variable to initialize as; to not instantiate (just require) leave it as NULL
	* @param	bool	Globalize the internal variable?
	*
	* @return	object	Instantiated instance
	*/
	function &load($framework, $asobject, $globalize = false)
	{
		// set the object interlock
		if (!method_exists($GLOBALS['isso:callback'], 'load'))
		{
			$GLOBALS['isso:callback'] =& $this;
			$this->modules['isso'] =& $this;
		}
		
		if ($this->is_loaded($framework))
		{
			return $this->modules["$framework"];
		}
		
		if ($this->sourcepath == '')
		{
			trigger_error('Invalid sourcepath specified', E_USER_ERROR);
		}
		
		if (file_exists($this->sourcepath . $framework . '.php'))
		{
			require_once($this->sourcepath . $framework . '.php');
		}
		else
		{
			trigger_error('Could not find the framework ' . $this->sourcepath . $framework . '.php', E_USER_ERROR);
		}
		
		if ($asobject === null)
		{
			return;
		}
		
		if (isset($this->$asobject))
		{
			trigger_error('Cannot instantiate framework `' . $framework . '` into `' . $asobject . '`', E_USER_ERROR);
		}
		
		$this->$asobject = new $framework($this);
		
		$this->modules["$framework"] =& $this->$asobject;
		
		if ($globalize)
		{
			$GLOBALS["$asobject"] =& $this->$asobject;
		}
		
		// allow for init_as_package to link
		if (method_exists($this->modules["$framework"], 'init_as_package'))
		{
			$this->modules[ $this->modules["$framework"]->init_as_package() ] =& $this->modules["$framework"];
		}
		
		return $this->$asobject;
	}
	
	// ###################################################################
	/**
	* Prints a list of all currently loaded framework modules
	*
	* @access	public
	*
	* @param	bool	Return the data as an array?
	*
	* @return	mixed	HTML output or an array of loaded modules
	*/
	function show_modules($return = false)
	{
		$modules = array();
		foreach ($this->modules AS $object)
		{
			$module = get_class($object);
			if (method_exists($object, 'init_as_package') AND in_array($module, $modules))
			{
				$module = $object->init_as_package() . " - ($module)";
			}
			
			$modules[] = $module;
		}

		if ($return)
		{
			return $modules;
		}
		else
		{
			$output = "\n\n<ul>\n\t<li>";
			$output .= implode("</li>\n\t<li>", $modules);
			$output .= "</li>\n</ul>\n\n";
			$this->message('Loaded Modules', $output, 1);
		}
	}
	
	// ###################################################################
	/**
	* Verifies to see if a framework has been loaded
	*
	* @access	public
	*
	* @param	string	Framework name
	*
	* @return	bool	Whether or not the framework has been loaded
	*/
	function is_loaded($framework)
	{
		if (isset($this->modules["$framework"]))
		{
			return true;
		}
		else
		{
			return false;
		}
	}
	
	// ###################################################################
	/**
	* Prints an ISSO message
	*
	* @access	public
	*
	* @param	string	The title of the message
	* @param	string	The content of the message
	* @param	integer	Type of message to be printed
	* @param	bool	Return the output?
	* @param	bool	Show the debug stack?
	* @param	integer	Message width
	*
	* @return	mixed	Output or null
	*/
	function message($title, $message, $type, $return = false, $stack = true, $width = 500)
	{
		switch ($type)
		{
			// Message
			case 1:
				$prefix = 'Message';
				$color = '#669900';
				$font = '#000000';
			break;
			
			// Warning
			case 2:
				$prefix = 'Warning';
				$color = '#003399';
				$font = '#FFFFFF';
			break;
			
			case 3:
				$prefix = 'Error';
				$color = '#990000';
				$font = '#EFEFEF';
			break;
		}
		
		$backtrace = debug_backtrace();
		array_shift($backtrace);
		
		if (isset($backtrace[0]) AND $backtrace[0]['function'] == '_error_handler')
		{
			array_shift($backtrace);
		}
		
		$trace = $this->format_debug_trace($backtrace);
	
		$output = "\n<br />\n<table cellpadding=\"4\" cellspacing=\"1\" border=\"0\" width=\"$width\" style=\"background-color: $color; color: black; font-family: Verdana, sans-serif; font-size: 12px;\">";
		$output .= "\n<tr style=\"color: $font; text-align: left\">\n\t<td><strong>$prefix: $title</strong></td>\n</tr>";
		$output .= "\n<tr style=\"background-color: #FFFFFF; text-align: left\">\n\t<td>$message</td>\n</tr>";
		$output .= (($stack AND $GLOBALS['isso:callback']->debug) ? "\n<tr style=\"background-color: #FFFFFF; text-align: left\">\n\t<td><strong>Debug Stack:</strong> <pre>" . implode("\n", $trace) . "</pre></td>\n</tr>" : '');
		$output .= "\n</table>\n<br />\n";
		
		if ($return)
		{
			return $output;
		}
		else
		{
			print($output);
		}
	}
	
	// ###################################################################
	/**
	* Prepares a debug_backtrace() array for output to the browser by
	* compressing the array into visible text
	*
	* @access	public
	*
	* @param	array	debug_backtrace() array
	*
	* @return	array	Formatted trace output
	*/
	function format_debug_trace($backtrace)
	{
		$trace = array();
		foreach ($backtrace AS $i => $step)
		{
			$args = '';
			$file = $step['file'] . ':' . $step['line'];
			$funct = (isset($step['class']) ? $step['class'] . '::' . $step['function'] : $step['function']);
			
			if (isset($step['args']) AND is_array($step['args']))
			{
				// we need to do this so we don't get "Array to string conversion" notices
				foreach ($step['args'] AS $id => $arg)
				{
					if (is_array($arg))
					{
						$step['args']["$id"] = 'Array';
					}
				}
				$args = implode(', ', $step['args']);
			}
	
			$trace[] = "#$i  $funct($args) called at [$file]"; 
		}
		
		return $trace;
	}
	
	// ###################################################################
	/**
	* Custom error handler for ISSO; only handle E_WARNING, E_NOTICE,
	* E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE
	*
	* @access	private
	*
	* @param	integer	Error number
	* @param	string	Error message string
	* @param	string	File that contains the error
	* @param	string	The line number of the error
	* @param	string	The active symbol table at which point the error occurred
	*/
	function _error_handler($errno, $errstr, $errfile, $errline, $errcontext)
	{
		$level = ini_get('error_reporting');
		
		switch ($errno)
		{
			// Fatal
			case E_USER_ERROR:
				$title = 'Fatal';
				$mode = 3;
				if (!($level & E_USER_ERROR))
				{
					return;
				}
			break;
			
			// Error
			case E_USER_WARNING:
			case E_WARNING:
				$title = 'Warning';
				$mode = 2;
				if (! (($level & E_USER_WARNING) AND ($level & E_WARNING)) )
				{
					return;
				}
			break;
			
			// Warning
			case E_USER_NOTICE:
			case E_NOTICE:
			default:
				$title = 'Notice';
				$mode = 1;
				if (! (($level & E_USER_NOTICE) AND ($level & E_NOTICE)) )
				{
					return;
				}
			break;
		}
		
		$errstr .= " in <strong>$errfile</strong> on line <strong>$errline</strong>";

		$errstr = str_replace(array(getcwd(), dirname(getcwd())), '', $errstr);
		
		$this->message($title, $errstr, $mode);
		
		if ($errno == E_USER_ERROR)
		{
			exit;
		}
	}
	
	// ###################################################################
	/**
	* Creates a table that explains the error reporting levels and their
	* state
	*
	* @access	public
	*/
	function explain_error_reporting()
	{
		$levels = array(
			'E_ERROR'			=> E_ERROR,
			'E_WARNING'			=> E_WARNING,
			'E_PARSE'			=> E_PARSE,
			'E_NOTICE'			=> E_NOTICE,
			'E_CORE_ERROR'		=> E_CORE_ERROR,
			'E_CORE_WARNING'	=> E_CORE_WARNING,
			'E_COMPILE_ERROR'	=> 64,
			'E_COMPILE_WARNING'	=> 128,
			'E_USER_ERROR'		=> E_USER_ERROR,
			'E_USER_WARNING'	=> E_USER_WARNING,
			'E_USER_NOTICE'		=> E_USER_NOTICE,
			'E_ALL'				=> E_ALL,
			'E_STRICT'			=> 2048
		);
		
		$table = '<table cellspacing="0" cellpadding="2" border="0">';
		
		foreach ($levels AS $name => $value)
		{
			$table .= '
			<tr>
				<td>' . $name . '</td>
				<td>' . (ini_get('error_reporting') & $value) . '</td>
			</tr>';
		}
		
		$table .= '
		</table>';
		
		$this->message('Error Reporting', $table, 1);
	}
	
	// ###################################################################
	/**
	* Logs a debug message for verbose output
	*
	* @access	public
	*
	* @param	string	Message
	*/
	function debug($message)
	{
		$this->debuginfo[] = $message;
	}
	
	// ###################################################################
	/**
	* Recursive XSS cleaner
	*
	* @access	private
	*
	* @param	mixed	Unsanitized REQUEST data
	*
	* @return	mixed	Sanitized data
	*/
	function _sanitize_input_recursive($data)
	{
		foreach ($data AS $key => $value)
		{
			if (is_array($value))
			{
				$data["$key"] = $this->_sanitize_input_recursive($value);
			}
			else
			{
				if ($this->magicquotes)
				{
					$value = str_replace("\'", "'", $value);
				}
				$data["$key"] = $this->sanitize($value);
			}
		}
		return $data;
	}
	
	// ###################################################################
	/**
	* Simple way to protect against HTML attacks with Unicode support
	*
	* @access	public
	*
	* @param	string	Unsanitzed text
	*
	* @return	string	Properly protected text that only encodes potential threats
	*/
	function sanitize($text)
	{
		if ($this->magicquotes)
		{
			return str_replace(array('<', '>', '\"', '"'), array('&lt;', '&gt;', '&quot;', '&quot;'), $text);
		}
		else
		{
			return str_replace(array('<', '>', '"'), array('&lt;', '&gt;', '&quot;'), $text);
		}
	}
	
	// ###################################################################
	/**
	* Unicode-safe entity encoding system; similar to sanitize()
	*
	* @access	public
	*
	* @param	string	Unsanitized text
	*
	* @return	string	Unicode-safe sanitized text with entities preserved
	*/
	function entity_encode($text)
	{
		$text = str_replace('&', '&amp;', $text);
		$text = $this->sanitize($text);
		return $text;
	}
	
	// ###################################################################
	/**
	* Takes text that has been processed for HTML and unsanitizes it
	*
	* @access	public
	*
	* @param	string	Text that needs to be turned back into HTML
	*
	* @return	string	Unsanitized text
	*/
	function unsanitize($text)
	{
		return str_replace(array('&lt;', '&gt;', '&quot;'), array('<', '>', '"'), $text);
	}
	
	// ###################################################################
	/**
	* Smart addslashes() that only applies itself it the Magic Quotes GPC
	* is off. This should only be run on database query values that come
	* from ISSO->in[] input; data that needs sanitization should be run
	* through ISSO->DB->escape_string()
	*
	* @access	public
	*
	* @param	string	Some string
	* @param	bool	Force magic quotes to be off
	*
	* @return	string	String that has slashes added
	*/
	function escape($str, $force = true)
	{
		if ($this->magicquotes AND !$force)
		{
			if (isset($this->modules[ISSO_DB_LAYER]))
			{
				return $this->modules[ISSO_DB_LAYER]->escape_string(str_replace(array("\'", '\"'), array("'", '"'), $str));
			}
			return $str;
		}
		else
		{
			if (isset($this->modules[ISSO_DB_LAYER]))
			{
				return $this->modules[ISSO_DB_LAYER]->escape_string($str);
			}
			return addslashes($str);
		}
	}
	
	// ###################################################################
	/**
	* Runs through all of the input data and sanitizes it.
	*
	* @access	private
	*/
	function exec_sanitize_data()
	{
		$this->in = $this->_sanitize_input_recursive(array_merge($_GET, $_POST, $_COOKIE));
	}
	
	// ###################################################################
	/**
	* Sanitize function for something other than a string (which
	* everything is sanitized for if you use exec_sanitize_data(). Cleaned
	* data is placed back into $isso->in; this makes it so you don't have
	* to constantly intval() [etc.] data.
	*
	* @access	public
	*
	* @param	array	Array of elements to clean as varname => type
	*/
	function input_clean_array($vars)
	{
		foreach ($vars AS $varname => $type)
		{
			$this->input_clean($varname, $type);
		}
	}
	
	// ###################################################################
	/**
	* Sanitize function that does a single variable as oppoesd to an array
	* (see input_clean_array() for more details)
	*
	* @access	public
	*
	* @param	string	Variable name in $isso->in[]
	* @param	integer	Sanitization type constant
	*/
	function input_clean($varname, $type)
	{
		if (isset($this->in["$varname"]))
		{
			$this->in["$varname"] = $this->clean($this->in["$varname"], $type);
		}
		else
		{
			$this->in["$varname"] = $this->clean(null, $type);
		}
		
		return $this->in["$varname"];
	}
	
	// ###################################################################
	/**
	* Runs ISSO->escape() on a variable on ISSO->in[]. This is just a
	* short-hand wrapper so that queries can be shortened. When this is used,
	* the actual value in ISSO->in[] is not changed, only the return value
	* is escaped.
	*
	* @access	public
	*
	* @param	string	Input variable
	*
	* @return	string	Escaped input
	*/
	function input_escape($varname)
	{
		if (isset($this->in["$varname"]))
		{
			return $this->escape($this->in["$varname"]);
		}
		else
		{
			return $this->escape(null);
		}
	}
	
	// ###################################################################
	/**
	* Cleaning function that does the work for input_clean(); this is
	* moved here so it can be used to clean things that aren't in
	* $isso->in[]
	*
	* @access	public
	*
	* @param	mixed	Data
	* @param	integer	Sanitization type constant
	*
	* @return	mixed	Cleaned data
	*/
	function clean($value, $type)
	{
		if (is_array($value))
		{
			return $this->clean_array($value, $type);
		}
		
		if ($type == TYPE_INT)
		{
			$value = intval($value);
		}
		else if ($type == TYPE_UINT)
		{
			$value = (($val = intval($value)) < 0 ? 0 : $val);
		}
		else if ($type == TYPE_FLOAT)
		{
			$value = floatval($value);
		}
		else if ($type == TYPE_BOOL)
		{
			$value = (bool)$value;
		}
		else if ($type == TYPE_STR)
		{
			$value = $value;
		}
		else if ($type == TYPE_STRUN)
		{
			$value = $this->unsanitize($value);
		}
		else if ($type == TYPE_NOCLEAN)
		{
			if ($this->magicquotes)
			{
				$value = str_replace(array('\"', "\'"), array('"', "'"), $value);
			}
			else
			{
				$value = $value;
			}
		}
		else if ($type == TYPE_BIN)
		{
			$value = $value;
		}
		else
		{
			trigger_error('Invalid clean type `' . $type . '` specified', E_USER_ERROR);
		}
		
		return $value;
	}
	
	// ###################################################################
	/**
	* Recursion function for ISSO->clean()
	*
	* @access	private
	*
	* @param	array	Uncleaned array
	* @param	integer	Sanitization type constant
	*
	* @return	array	Cleaned array of data
	*/
	function clean_array($array, $type)
	{
		foreach ($array AS $key => $value)
		{
			$array["$key"] = $this->clean($value, $type);
		}
		
		return $array;
	}
	
	// ###################################################################
	/**
	* Checks to see if a POST refer is actually from us
	*
	* @access	public
	*/
	function exec_referer_check()
	{
		if ($_SERVER['REQUEST_METHOD'] == 'POST')
		{
			$host = ($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_ENV['HTTP_HOST'];
			
			if ($host AND $_SERVER['HTTP_REFERER'])
			{
				$parts = parse_url($_SERVER['HTTP_REFERER']);
				$ourhost = $parts['host'] . (isset($parts['port']) ? ":$parts[port]" : '');
				
				if ($ourhost != $host)
				{
					trigger_error('No external hosts are allowed to POST to this application', E_USER_ERROR);
				}
				$this->debug('remote post check = ok');
			}
			else
			{
				$this->debug('remote post check = FAILED');
			}
		}
	}
	
	// ###################################################################
	/**
	* Constructs a debug information box that contains various debugging
	* information points
	*
	* @access	public
	*
	* @param	bool	Show template information?
	*
	* @return	string	Debugging block
	*/
	function construct_debug_block($dotemplates)
	{
		$debug = '';
		
		if ($this->debug)
		{
			$debug = "\n<ul>";
			
			// templates
			if ($dotemplates)
			{
				$optlist = array();
				$usage = array();
				foreach ($this->modules['template']->usage AS $name => $count)
				{
					if (in_array($name, $this->modules['template']->uncached))
					{
						$optlist[] = $name . '[' . $count . ']';
					}
					$usage[] = $name . " ($count)";
				}
				
				$sizeof = sizeof($this->modules['template']->uncached);
				if ($sizeof > 0)
				{
					$debug .= "\n\t<li><strong style=\"color: red\">Uncached Template(s):</strong> $sizeof ( " . implode(' &nbsp; ', $optlist) . " )</li>";
				}
			}
			
			// source control
			$scinfo = 'Not Under Source Control';
			if (defined('SVN'))
			{
				$scinfo = constant('SVN');
				
				if (preg_match('#\$Id:?\s*\$#', $scinfo))
				{
					$scinfo = 'Not Under Source Control';
				}
				else
				{
					$scinfo = preg_replace('#\$' . '(Head)?URL: (.+?) \$#e', "end(explode('/', '\\2'))", $scinfo);
					$scinfo = preg_replace('#\$' . '(LastModified)?Revision: (.+?) \$#', 'SVN \\2', $scinfo);
					$scinfo = preg_replace('#\$' . 'Id: (.+?) ([0-9].+?) [0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}(.+?) (.+?) \$#', '\\1 - SVN \\2', $scinfo);
				}
			}
			
			$scinfo = trim($scinfo);			
			$debug .= "\n\t<li><strong>Source Control:</strong> $scinfo</li>";
			
			// query information
			if (is_object($this->modules[ISSO_DB_LAYER]))
			{
				$debug .= "\n\t<li><strong>Total Queries:</strong> " . sizeof($this->modules[ISSO_DB_LAYER]->history) . " (<a href=\"" . $this->sanitize($_SERVER['REQUEST_URI']) . ((strpos($_SERVER['REQUEST_URI'], '?') !== false) ? '&amp;query=1' : '?query=1') . "\">?</a>)</li>";
				
				$queries = $this->modules[ISSO_DB_LAYER]->history;
				$querydebug = "<br />\n" . '<table cellpadding="4" cellspacing="1" border="0" align="center" width="30%" style="background-color: rgb(60, 60, 60); color: white">' . "\n\t" . '<tr><td><strong>Query Debug</strong></td></tr>';
				foreach ($queries AS $query)
				{
					$querydebug .= "\n\t<tr style=\"background-color: rgb(230, 230, 230); color: black\">";
					$querydebug .= "\n\t\t<td>";
					$querydebug .= "\n\t\t\t$query[query]\n\n\t\t\t<div style=\"font-size: 9px;\">($query[time])</div>\n<!--\n" . implode("\n", $query[trace]) . "\n-->\n\t\t</td>\n\t</tr>";
				}
				
				$querydebug .= "\n</table>\n\n\n";
			}
			
			// total execution time
			if (defined('ISSO_MT_START'))
			{
				$this->load('functions', 'functions');
				$debug .= "\n\t<li><strong>Total Execution Time:</strong> " . round($this->modules['functions']->fetch_microtime_diff(ISSO_MT_START), 10) . "</li>";
			}
			
			// debug notices
			$debug .= "\n\t<li>\n\t\t<select>\n\t\t\t<option>Debug Notices (" . sizeof($this->debuginfo) . ")</option>";
			foreach ((array)$this->debuginfo AS $msg)
			{
				$debug .= "\n\t\t\t<option>--- $msg</option>";
			}
			$debug .= "\n\t\t</select>\n\t</li>";
			
			// loaded modules
			$modules = $this->show_modules(true);
			$debug .= "\n\t<li>\n\t\t<select>\n\t\t\t<option>Loaded Modules (" . sizeof($modules) . ")</option>";
			foreach ($modules AS $mod)
			{
				$debug .= "\n\t\t\t<option>--- $mod</option>";
			}
			$debug .= "\n\t\t</select>\n\t</li>";
			
			// template usage
			if ($dotemplates)
			{
				$debug .= "\n\t<li>\n\t\t<select>\n\t\t\t<option>Template Usage (" . array_sum($this->modules['template']->usage) . ")</option>";
				foreach ($usage AS $tpl)
				{
					$debug .= "\n\t\t\t<option>--- $tpl</option>";
				}
				$debug .= "\n\t\t</select>\n\t</li>";
			}
			
			$debug .= "\n</ul>";
						
			$debug = "\n\n<!-- dev debug -->\n<div align=\"center\">\n\n<hr />\n" . $this->message('Debug Information', $debug, 1, true, false) . "\n</div>$querydebug\n<!-- / dev debug -->\n\n";
		}
		
		return $debug;
	}
}

/*=====================================================================*\
|| ###################################################################
|| # $HeadURL$
|| # $Id$
|| ###################################################################
\*=====================================================================*/
?>
Return current item: Bugdar