=')) { if (ini_get('error_reporting') & E_NOTICE) { error_reporting(ini_get('error_reporting') - E_NOTICE); } if (ini_get('error_reporting') & E_USER_NOTICE) { error_reporting(ini_get('error_reporting') - E_USER_NOTICE); } } if (!(ini_get('error_reporting') & E_NOTICE) AND ini_get('error_reporting') & E_USER_NOTICE) { error_reporting(ini_get('error_reporting') - E_USER_NOTICE); } if (!(ini_get('error_reporting') & E_WARNING) AND ini_get('error_reporting') & E_USER_WARNING) { error_reporting(ini_get('error_reporting') - E_USER_WARNING); } if (!(ini_get('error_reporting') & E_ERROR) AND ini_get('error_reporting') & E_USER_ERROR) { error_reporting(ini_get('error_reporting') - E_USER_ERROR); } if ((bool)ini_get('register_globals') === true) { $superglobals = array('_GET', '_COOKIE', '_FILES', '_POST', '_SERVER', '_ENV'); foreach ($superglobals AS $global) { if (is_array(${$global})) { foreach (${$global} AS $_key => $_val) { if (isset(${$_key})) { unset(${$_key}); } } } } } /** * Iris Studios Shared Object Framework (ISSO) * * This framework allows a common backend to be used amongst all Iris * Studios applications and can is built to be abstract and flexible. * The base framework handles all loading and module management. * * @author Iris Studios, Inc. * @copyright Copyright ©2003 - [#]year[#], Iris Studios, Inc. * @version $Revision$ * */ class Shared_Object_Framework { /** * Global environment variables * * This is where we keep the global variables that are used within the shared framework * * @var version ISSO version * @var sourcepath The location of the framework sources * @var appath The path to the application's location * @var application The name of the application that is using the framework * @var appversion The version of the application * @var debug Variable for debug mode * @var debuginfo Listing of all debug notices * @var modules An array of loaded framework modules * @var input All input data for the system * @var i Short-hand reference to $isso::input * @var in Short-hand reference to $isso::input * @var magicquotes Status of Magic Quotes GPC * @var escapestrings Sets whether or not we escape strings automatically */ var $version = '[#]version[#]'; var $sourcepath = ''; var $apppath = ''; var $application = ''; var $appversion = ''; var $debug = false; var $debuginfo = array(); var $modules = array(); var $input = array(); var $i = array(); var $in = array(); var $magicquotes = 0; var $escapestrings = false; /** * Constructor */ function Shared_Object_Framework() { // error reporting set_error_handler(array(&$this, '_error_handler')); // magic quotes $this->magicquotes = get_magic_quotes_gpc(); set_magic_quotes_runtime(0); if (defined('ISSO_ESCAPE_STRINGS')) { $this->escapestrings = (bool)constant('ISSO_ESCAPE_STRINGS'); } // start input sanitize using variable_order GP if (!$this->escapestrings) { $this->exec_sanitize_data(); } $this->modules['kernel'] = 'Shared Object Framework Core'; } /** * Prepares a path for being set as the sourcepath * * @param str Source path or URL * * @return str Prepared source path */ function fetch_sourcepath($source) { if (substr($source, strlen($source) - 1) != '/') { $source .= '/'; } return $source; } /** * Loads a framework extension * * @param str Name of the framework */ function load($framework) { if (!$this->is_loaded($framework)) { $newobj = $this->locate($framework); $this->$newobj['OBJ'] = new $newobj['CLASS'](); $GLOBALS["$newobj[OBJ]"] =& $this->$newobj['OBJ']; $this->modules["$framework"] = $newobj['OBJECT']; } } /** * Includes a framework module. Module definitions need three variables: * class, object, and obj. Class is the name of the class, object is * the name human-readable name, and obj is the name that the module * should be initialized as; this is used in class extensions. * * @param str Name of the framework * * @return array List of initialization variables */ function locate($framework) { if ($this->sourcepath == '') { trigger_error('Invalid sourcepath specified', ERR_FATAL); } if (file_exists($this->sourcepath . $framework . '.php')) { require_once($this->sourcepath . $framework . '.php'); return array('CLASS' => $CLASS, 'OBJECT' => $OBJECT, 'OBJ' => $OBJ); } else { trigger_error('Could not find the framework ' . $this->sourcepath . $framework . '.php', ERR_FATAL); exit; } } /** * Prints a list of all currently loaded framework modules * * @param bool Return the data as an array? * * @return mixed HTML output or an array of loaded modules */ function show_modules($return = false) { if ($return) { return $this->modules; } else { $output = "\n\n\n\n"; $this->_message('Loaded Modules', $output, 1); } } /** * Verifies to see if a framework has been loaded * * @param str Framework name * * @return bool Whether or not the framework has been loaded */ function is_loaded($framework) { if (isset($this->modules["$framework"])) { return true; } else { return false; } } /** * Prints an ISSO message * * @param str The title of the message * @param str The content of the message * @param int Type of message to be printed * @param bool Return the output? * * @return mixed Output or null */ function _message($title, $message, $type, $return = false) { switch ($type) { // Message case 1: $prefix = 'Message'; $color = '#669900'; $font = '#000000'; break; // Warning case 2: $prefix = 'Warning'; $color = '#003399'; $font = '#FFFFFF'; break; case 3: $prefix = 'Error'; $color = '#990000'; $font = '#EFEFEF'; break; } $output = "\n
\n"; $output .= "\n\n\t\n"; $output .= "\n\n\t\n\n
$prefix: $title
$message
\n
\n"; if ($return) { return $output; } else { print($output); } } /** * Custom error handler for ISSO * * @param int Error number * @param str Error message string * @param str File that contains the error * @param str The line number of the error * @param str The active symbol table at which point the error occurred */ function _error_handler($errno, $errstr, $errfile, $errline) { switch ($errno) { // Fatal case ERR_FATAL: $title = 'Fatal'; if (!(ini_get('error_reporting') & ERR_FATAL)) { return; } break; // Error case ERR_ALERT: $title = 'Alert'; if (!(ini_get('error_reporting') & ERR_ALERT)) { return; } break; // Warning case ERR_WARNING: default: $title = 'Warning'; if (!(ini_get('error_reporting') & ERR_WARNING)) { return; } break; } $errstr .= " in $errfile on line $errline"; $this->_message($title, $errstr, 3); if ($errno == ERR_FATAL) { exit; } } /** * Logs a debug message for verbose output * * @param str Message */ function debug($message) { if ($this->debug) { $this->debuginfo[] = $message; } } /** * Recursive XSS cleaner * * @param mixed Unsanitized REQUEST data * * @return mixed Sanitized data */ function _sanitize_input_recursive($data) { foreach($data AS $key => $value) { if (is_array($value)) { $data["$key"] = $this->_sanitize_input_recursive($value); } else { if ($this->escapestrings) { $data["$key"] = $this->escape($this->sanitize($value)); } else { $data["$key"] = $this->sanitize($value); } } } return $data; } /** * Simple way to protect against HTML attacks with Unicode support * * @param str Unsanitzed text * * @return str Properly protected text that only encodes potential threats */ function sanitize($text) { if ($this->magicquotes) { return str_replace(array('<', '>', '\"', '"'), array('<', '>', '"', '"'), $text); } else { return str_replace(array('<', '>', '"'), array('<', '>', '"'), $text); } } /** * Takes text that has been processed for HTML and unsanitizes it * * @param str Text that needs to be turned back into HTML * @param bool Force magicquotes off * * @return str Unsanitized text */ function unsanitize($text, $force = false) { if ($this->magicquotes AND !$force) { return str_replace(array('<', '>', '"'), array('<', '>', '\"'), $text); } else { return str_replace(array('<', '>', '"'), array('<', '>', '"'), $text); } } /** * Smart addslashes() that only applies itself it the Magic Quotes GPC is off * * @param str Some string * * @return str String that has slashes added */ function escape($str) { global $_isso; if ($this->magicquotes) { if (isset($_isso->db)) { if (is_resource($_isso->db->link_id)) { return $_isso->db->escape_string(stripslashes($str)); } else { return $str; } } else { return $str; } } else { if (isset($_isso->db)) { if (is_resource($_isso->db->link_id)) { return $_isso->db->escape_string($str); } else { return addslashes($str); } } else { return addslashes($str); } } } /** * Runs through all of the input data and sanitizes it. */ function exec_sanitize_data() { $this->input = $this->_sanitize_input_recursive(array_merge($_GET, $_POST)); $this->i =& $this->input; $this->in =& $this->input; // we're now using magic quotes if ($this->escapestrings) { $this->magicquotes = 1; } } } /** * Global callback used for module calls back to the kernel */ $_isso = new Shared_Object_Framework(); /** * Wrapper for ternary operator that has to be in the global scope * * @param expr Expression * @param mixed If the expression is true * @param mixed If the expression is false * * @return mixed True or false data */ function iff($condition, $iftrue, $iffalse = null) { return ($condition) ? ($iftrue) : ($iffalse); } /*=====================================================================*\ || ################################################################### || # $HeadURL$ || # $Id$ || ################################################################### \*=====================================================================*/ ?>