Talenttic_survey/CATI_Tool
2
0
Fork 0
mirror of https://github.com/ACSPRI/queXS synced 2024-04-02 12:12:16 +00:00
Code Issues Releases Activity

Import from DCARF SVN

Browse Source
This commit is contained in:
azammitdcarf
2008-10-15 22:36:05 +00:00
parent 4f0b4f0bbb
commit 1445da495b
2237 changed files with 714445 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

310
include/limesurvey/classes/core/html_entity_decode_php4.php Normal file
View File

@@ -0,0 +1,310 @@
<?php
//============================================================+
// File name : html_entity_decode_php4.php
// Begin : 2006-06-22
// Last Update : 2006-06-22
// Author : Nicola Asuni
// Version : 1.0.000
// License : GNU LGPL (http://www.gnu.org/copyleft/lesser.html)
//
// Description : This is a PHP4 function that redefine the
// standard html_entity_decode function to support
// UTF-8 encoding.
//
//============================================================+
/**
* TCPDF Class.
* @package com.tecnick.tcpdf
*/
/**
* Returns the UTF-8 string corresponding to unicode value.
* @param $num unicode value to convert.
* @return string converted
*/
function code_to_utf8($num) {
if ($num <= 0x7F) {
return chr($num);
} elseif ($num <= 0x7FF) {
return chr(($num >> 0x06) + 0xC0).chr(($num & 0x3F) + 128);
} elseif ($num <= 0xFFFF) {
return chr(($num >> 0x0C) + 0xE0).chr((($num >> 0x06) & 0x3F) + 0x80).chr(($num & 0x3F) + 0x80);
} elseif ($num <= 0x1FFFFF) {
return chr(($num >> 0x12) + 0xF0).chr((($num >> 0x0C) & 0x3F) + 0x80).chr((($num >> 0x06) & 0x3F) + 0x80).chr(($num & 0x3F) + 0x80);
}
return ' '; // default value
}
/**
* Reverse function for htmlentities.
* Convert entities in UTF-8.
* @param $text_to_convert Text to convert.
* @return string converted
*/
function html_entity_decode_php4($text_to_convert) {
$htmlentities_table = array (
"&Aacute;" => "".chr(195).chr(129)."",
"&aacute;" => "".chr(195).chr(161)."",
"&Acirc;" => "".chr(195).chr(130)."",
"&acirc;" => "".chr(195).chr(162)."",
"&acute;" => "".chr(194).chr(180)."",
"&AElig;" => "".chr(195).chr(134)."",
"&aelig;" => "".chr(195).chr(166)."",
"&Agrave;" => "".chr(195).chr(128)."",
"&agrave;" => "".chr(195).chr(160)."",
"&alefsym;" => "".chr(226).chr(132).chr(181)."",
"&Alpha;" => "".chr(206).chr(145)."",
"&alpha;" => "".chr(206).chr(177)."",
"&amp;" => "".chr(38)."",
"&and;" => "".chr(226).chr(136).chr(167)."",
"&ang;" => "".chr(226).chr(136).chr(160)."",
"&Aring;" => "".chr(195).chr(133)."",
"&aring;" => "".chr(195).chr(165)."",
"&asymp;" => "".chr(226).chr(137).chr(136)."",
"&Atilde;" => "".chr(195).chr(131)."",
"&atilde;" => "".chr(195).chr(163)."",
"&Auml;" => "".chr(195).chr(132)."",
"&auml;" => "".chr(195).chr(164)."",
"&bdquo;" => "".chr(226).chr(128).chr(158)."",
"&Beta;" => "".chr(206).chr(146)."",
"&beta;" => "".chr(206).chr(178)."",
"&brvbar;" => "".chr(194).chr(166)."",
"&bull;" => "".chr(226).chr(128).chr(162)."",
"&cap;" => "".chr(226).chr(136).chr(169)."",
"&Ccedil;" => "".chr(195).chr(135)."",
"&ccedil;" => "".chr(195).chr(167)."",
"&cedil;" => "".chr(194).chr(184)."",
"&cent;" => "".chr(194).chr(162)."",
"&Chi;" => "".chr(206).chr(167)."",
"&chi;" => "".chr(207).chr(135)."",
"&circ;" => "".chr(203).chr(134)."",
"&clubs;" => "".chr(226).chr(153).chr(163)."",
"&cong;" => "".chr(226).chr(137).chr(133)."",
"&copy;" => "".chr(194).chr(169)."",
"&crarr;" => "".chr(226).chr(134).chr(181)."",
"&cup;" => "".chr(226).chr(136).chr(170)."",
"&curren;" => "".chr(194).chr(164)."",
"&dagger;" => "".chr(226).chr(128).chr(160)."",
"&Dagger;" => "".chr(226).chr(128).chr(161)."",
"&darr;" => "".chr(226).chr(134).chr(147)."",
"&dArr;" => "".chr(226).chr(135).chr(147)."",
"&deg;" => "".chr(194).chr(176)."",
"&Delta;" => "".chr(206).chr(148)."",
"&delta;" => "".chr(206).chr(180)."",
"&diams;" => "".chr(226).chr(153).chr(166)."",
"&divide;" => "".chr(195).chr(183)."",
"&Eacute;" => "".chr(195).chr(137)."",
"&eacute;" => "".chr(195).chr(169)."",
"&Ecirc;" => "".chr(195).chr(138)."",
"&ecirc;" => "".chr(195).chr(170)."",
"&Egrave;" => "".chr(195).chr(136)."",
"&egrave;" => "".chr(195).chr(168)."",
"&empty;" => "".chr(226).chr(136).chr(133)."",
"&emsp;" => "".chr(226).chr(128).chr(131)."",
"&ensp;" => "".chr(226).chr(128).chr(130)."",
"&Epsilon;" => "".chr(206).chr(149)."",
"&epsilon;" => "".chr(206).chr(181)."",
"&equiv;" => "".chr(226).chr(137).chr(161)."",
"&Eta;" => "".chr(206).chr(151)."",
"&eta;" => "".chr(206).chr(183)."",
"&ETH;" => "".chr(195).chr(144)."",
"&eth;" => "".chr(195).chr(176)."",
"&Euml;" => "".chr(195).chr(139)."",
"&euml;" => "".chr(195).chr(171)."",
"&euro;" => "".chr(226).chr(130).chr(172)."",
"&exist;" => "".chr(226).chr(136).chr(131)."",
"&fnof;" => "".chr(198).chr(146)."",
"&forall;" => "".chr(226).chr(136).chr(128)."",
"&frac12;" => "".chr(194).chr(189)."",
"&frac14;" => "".chr(194).chr(188)."",
"&frac34;" => "".chr(194).chr(190)."",
"&frasl;" => "".chr(226).chr(129).chr(132)."",
"&Gamma;" => "".chr(206).chr(147)."",
"&gamma;" => "".chr(206).chr(179)."",
"&ge;" => "".chr(226).chr(137).chr(165)."",
"&harr;" => "".chr(226).chr(134).chr(148)."",
"&hArr;" => "".chr(226).chr(135).chr(148)."",
"&hearts;" => "".chr(226).chr(153).chr(165)."",
"&hellip;" => "".chr(226).chr(128).chr(166)."",
"&Iacute;" => "".chr(195).chr(141)."",
"&iacute;" => "".chr(195).chr(173)."",
"&Icirc;" => "".chr(195).chr(142)."",
"&icirc;" => "".chr(195).chr(174)."",
"&iexcl;" => "".chr(194).chr(161)."",
"&Igrave;" => "".chr(195).chr(140)."",
"&igrave;" => "".chr(195).chr(172)."",
"&image;" => "".chr(226).chr(132).chr(145)."",
"&infin;" => "".chr(226).chr(136).chr(158)."",
"&int;" => "".chr(226).chr(136).chr(171)."",
"&Iota;" => "".chr(206).chr(153)."",
"&iota;" => "".chr(206).chr(185)."",
"&iquest;" => "".chr(194).chr(191)."",
"&isin;" => "".chr(226).chr(136).chr(136)."",
"&Iuml;" => "".chr(195).chr(143)."",
"&iuml;" => "".chr(195).chr(175)."",
"&Kappa;" => "".chr(206).chr(154)."",
"&kappa;" => "".chr(206).chr(186)."",
"&Lambda;" => "".chr(206).chr(155)."",
"&lambda;" => "".chr(206).chr(187)."",
"&lang;" => "".chr(226).chr(140).chr(169)."",
"&laquo;" => "".chr(194).chr(171)."",
"&larr;" => "".chr(226).chr(134).chr(144)."",
"&lArr;" => "".chr(226).chr(135).chr(144)."",
"&lceil;" => "".chr(226).chr(140).chr(136)."",
"&ldquo;" => "".chr(226).chr(128).chr(156)."",
"&le;" => "".chr(226).chr(137).chr(164)."",
"&lfloor;" => "".chr(226).chr(140).chr(138)."",
"&lowast;" => "".chr(226).chr(136).chr(151)."",
"&loz;" => "".chr(226).chr(151).chr(138)."",
"&lrm;" => "".chr(226).chr(128).chr(142)."",
"&lsaquo;" => "".chr(226).chr(128).chr(185)."",
"&lsquo;" => "".chr(226).chr(128).chr(152)."",
"&macr;" => "".chr(194).chr(175)."",
"&mdash;" => "".chr(226).chr(128).chr(148)."",
"&micro;" => "".chr(194).chr(181)."",
"&middot;" => "".chr(194).chr(183)."",
"&minus;" => "".chr(226).chr(136).chr(146)."",
"&Mu;" => "".chr(206).chr(156)."",
"&mu;" => "".chr(206).chr(188)."",
"&nabla;" => "".chr(226).chr(136).chr(135)."",
"&nbsp;" => "".chr(194).chr(160)."",
"&ndash;" => "".chr(226).chr(128).chr(147)."",
"&ne;" => "".chr(226).chr(137).chr(160)."",
"&ni;" => "".chr(226).chr(136).chr(139)."",
"&not;" => "".chr(194).chr(172)."",
"&notin;" => "".chr(226).chr(136).chr(137)."",
"&nsub;" => "".chr(226).chr(138).chr(132)."",
"&Ntilde;" => "".chr(195).chr(145)."",
"&ntilde;" => "".chr(195).chr(177)."",
"&Nu;" => "".chr(206).chr(157)."",
"&nu;" => "".chr(206).chr(189)."",
"&Oacute;" => "".chr(195).chr(147)."",
"&oacute;" => "".chr(195).chr(179)."",
"&Ocirc;" => "".chr(195).chr(148)."",
"&ocirc;" => "".chr(195).chr(180)."",
"&OElig;" => "".chr(197).chr(146)."",
"&oelig;" => "".chr(197).chr(147)."",
"&Ograve;" => "".chr(195).chr(146)."",
"&ograve;" => "".chr(195).chr(178)."",
"&oline;" => "".chr(226).chr(128).chr(190)."",
"&Omega;" => "".chr(206).chr(169)."",
"&omega;" => "".chr(207).chr(137)."",
"&Omicron;" => "".chr(206).chr(159)."",
"&omicron;" => "".chr(206).chr(191)."",
"&oplus;" => "".chr(226).chr(138).chr(149)."",
"&or;" => "".chr(226).chr(136).chr(168)."",
"&ordf;" => "".chr(194).chr(170)."",
"&ordm;" => "".chr(194).chr(186)."",
"&Oslash;" => "".chr(195).chr(152)."",
"&oslash;" => "".chr(195).chr(184)."",
"&Otilde;" => "".chr(195).chr(149)."",
"&otilde;" => "".chr(195).chr(181)."",
"&otimes;" => "".chr(226).chr(138).chr(151)."",
"&Ouml;" => "".chr(195).chr(150)."",
"&ouml;" => "".chr(195).chr(182)."",
"&para;" => "".chr(194).chr(182)."",
"&part;" => "".chr(226).chr(136).chr(130)."",
"&permil;" => "".chr(226).chr(128).chr(176)."",
"&perp;" => "".chr(226).chr(138).chr(165)."",
"&Phi;" => "".chr(206).chr(166)."",
"&phi;" => "".chr(207).chr(134)."",
"&Pi;" => "".chr(206).chr(160)."",
"&pi;" => "".chr(207).chr(128)."",
"&piv;" => "".chr(207).chr(150)."",
"&plusmn;" => "".chr(194).chr(177)."",
"&pound;" => "".chr(194).chr(163)."",
"&prime;" => "".chr(226).chr(128).chr(178)."",
"&Prime;" => "".chr(226).chr(128).chr(179)."",
"&prod;" => "".chr(226).chr(136).chr(143)."",
"&prop;" => "".chr(226).chr(136).chr(157)."",
"&Psi;" => "".chr(206).chr(168)."",
"&psi;" => "".chr(207).chr(136)."",
"&quot;" => chr(34),
"&radic;" => "".chr(226).chr(136).chr(154)."",
"&rang;" => "".chr(226).chr(140).chr(170)."",
"&raquo;" => "".chr(194).chr(187)."",
"&rarr;" => "".chr(226).chr(134).chr(146)."",
"&rArr;" => "".chr(226).chr(135).chr(146)."",
"&rceil;" => "".chr(226).chr(140).chr(137)."",
"&rdquo;" => "".chr(226).chr(128).chr(157)."",
"&real;" => "".chr(226).chr(132).chr(156)."",
"&reg;" => "".chr(194).chr(174)."",
"&rfloor;" => "".chr(226).chr(140).chr(139)."",
"&Rho;" => "".chr(206).chr(161)."",
"&rho;" => "".chr(207).chr(129)."",
"&rlm;" => "".chr(226).chr(128).chr(143)."",
"&rsaquo;" => "".chr(226).chr(128).chr(186)."",
"&rsquo;" => "".chr(226).chr(128).chr(153)."",
"&sbquo;" => "".chr(226).chr(128).chr(154)."",
"&Scaron;" => "".chr(197).chr(160)."",
"&scaron;" => "".chr(197).chr(161)."",
"&sdot;" => "".chr(226).chr(139).chr(133)."",
"&sect;" => "".chr(194).chr(167)."",
"&shy;" => "".chr(194).chr(173)."",
"&Sigma;" => "".chr(206).chr(163)."",
"&sigma;" => "".chr(207).chr(131)."",
"&sigmaf;" => "".chr(207).chr(130)."",
"&sim;" => "".chr(226).chr(136).chr(188)."",
"&spades;" => "".chr(226).chr(153).chr(160)."",
"&sub;" => "".chr(226).chr(138).chr(130)."",
"&sube;" => "".chr(226).chr(138).chr(134)."",
"&sum;" => "".chr(226).chr(136).chr(145)."",
"&sup1;" => "".chr(194).chr(185)."",
"&sup2;" => "".chr(194).chr(178)."",
"&sup3;" => "".chr(194).chr(179)."",
"&sup;" => "".chr(226).chr(138).chr(131)."",
"&supe;" => "".chr(226).chr(138).chr(135)."",
"&szlig;" => "".chr(195).chr(159)."",
"&Tau;" => "".chr(206).chr(164)."",
"&tau;" => "".chr(207).chr(132)."",
"&there4;" => "".chr(226).chr(136).chr(180)."",
"&Theta;" => "".chr(206).chr(152)."",
"&theta;" => "".chr(206).chr(184)."",
"&thetasym;" => "".chr(207).chr(145)."",
"&thinsp;" => "".chr(226).chr(128).chr(137)."",
"&THORN;" => "".chr(195).chr(158)."",
"&thorn;" => "".chr(195).chr(190)."",
"&tilde;" => "".chr(203).chr(156)."",
"&times;" => "".chr(195).chr(151)."",
"&trade;" => "".chr(226).chr(132).chr(162)."",
"&Uacute;" => "".chr(195).chr(154)."",
"&uacute;" => "".chr(195).chr(186)."",
"&uarr;" => "".chr(226).chr(134).chr(145)."",
"&uArr;" => "".chr(226).chr(135).chr(145)."",
"&Ucirc;" => "".chr(195).chr(155)."",
"&ucirc;" => "".chr(195).chr(187)."",
"&Ugrave;" => "".chr(195).chr(153)."",
"&ugrave;" => "".chr(195).chr(185)."",
"&uml;" => "".chr(194).chr(168)."",
"&upsih;" => "".chr(207).chr(146)."",
"&Upsilon;" => "".chr(206).chr(165)."",
"&upsilon;" => "".chr(207).chr(133)."",
"&Uuml;" => "".chr(195).chr(156)."",
"&uuml;" => "".chr(195).chr(188)."",
"&weierp;" => "".chr(226).chr(132).chr(152)."",
"&Xi;" => "".chr(206).chr(158)."",
"&xi;" => "".chr(206).chr(190)."",
"&Yacute;" => "".chr(195).chr(157)."",
"&yacute;" => "".chr(195).chr(189)."",
"&yen;" => "".chr(194).chr(165)."",
"&yuml;" => "".chr(195).chr(191)."",
"&Yuml;" => "".chr(197).chr(184)."",
"&Zeta;" => "".chr(206).chr(150)."",
"&zeta;" => "".chr(206).chr(182)."",
"&zwj;" => "".chr(226).chr(128).chr(141)."",
"&zwnj;" => "".chr(226).chr(128).chr(140)."",
"&gt;" => ">",
"&lt;" => "<"
);
$return_text = strtr($text_to_convert, $htmlentities_table);
$return_text = preg_replace('~&#x([0-9a-f]+);~ei', 'code_to_utf8(hexdec("\\1"))', $return_text);
$return_text = preg_replace('~&#([0-9]+);~e', 'code_to_utf8(\\1)', $return_text);
return $return_text;
}
//============================================================+
// END OF FILE
//============================================================+
?>

101
include/limesurvey/classes/core/language.php Normal file
View File

@@ -0,0 +1,101 @@
<?php
/*
* LimeSurvey
* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
* All rights reserved.
* License: http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* LimeSurvey is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*
* $Id: language.php 4524 2008-03-21 23:01:41Z lemeur $
*
Wrapper to use phpgettext as a class and omit having an english translation
USAGE:
require_once($rootdir.'classes/core/language.php');
$locale = new limesurvey_lang('en'); // Char code
print $locale->getTranslation("Hello World!");
*/
if (!isset($rootdir) || isset($_REQUEST['rootdir'])) {die("Cannot run this script directly");}
require_once($rootdir.'/classes/php-gettext/gettext.php');
require_once($rootdir.'/classes/php-gettext/streams.php');
class limesurvey_lang {
var $gettextclass;
var $langcode;
function limesurvey_lang($langcode){
global $rootdir;
$langcode=sanitize_languagecode($langcode);
$streamer = new FileReader($rootdir.'/locale/'.$langcode.'/LC_MESSAGES/'.$langcode.'.mo');
$this->gettextclass = new gettext_reader($streamer);
$this->langcode = $langcode;
}
function getlangcode()
{
return $this->langcode;
}
function gTview($string, $escapemode = 'html')
{
global $addTitleToLinks;
if ( $addTitleToLinks === true)
{
return $this->gT($string, $escapemode = 'html');
}
else
{
return '';
}
}
function gT($string, $escapemode = 'html')
{
if ($this->gettextclass)
{
$basestring=str_replace('&lsquo;','\'',$this->gettextclass->translate($string));
switch ($escapemode)
{
case 'html':
return html_escape($basestring);
break;
case 'js':
return javascript_escape($basestring);
break;
case 'unescaped':
return $basestring;
break;
default:
return "Unsupported EscapeMode in gT method";
break;
}
} else {
switch ($escapemode)
{
case 'html':
return html_escape($string);
break;
case 'js':
return javascript_escape($string);
break;
case 'unescaped':
return $string;
break;
default:
return "Unsupported EscapeMode in gT method";
break;
}
}
}
}
?>

326
include/limesurvey/classes/core/sanitize.php Normal file
View File

@@ -0,0 +1,326 @@
<?php
/*
* $Id: sanitize.php 4950 2008-05-30 07:42:49Z c_schmitz $
*
* Copyright (c) 2002,2003 Free Software Foundation
* developed under the custody of the
* Open Web Application Security Project
* (http://www.owasp.org)
*
* This file is part of the PHP Filters.
* PHP Filters is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* PHP Filters is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU General Public License for more details.
*
* If you are not able to view the LICENSE, which should
* always be possible within a valid and working PHP Filters release,
* please write to the Free Software Foundation, Inc.,
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* to get a copy of the GNU General Public License or to report a
* possible license violation.
*/
///////////////////////////////////////
// sanitize.inc.php
// Sanitization functions for PHP
// by: Gavin Zuchlinski, Jamie Pratt, Hokkaido
// webpage: http://libox.net
// Last modified: December 21, 2003
//
// Many thanks to those on the webappsec list for helping me improve these functions
///////////////////////////////////////
// Function list:
// sanitize_paranoid_string($string) -- input string, returns string stripped of all non
// alphanumeric
// sanitize_system_string($string) -- input string, returns string stripped of special
// characters
// sanitize_html_string($string) -- input string, returns string with html replacements
// for special characters
// sanitize_int($integer) -- input integer, returns ONLY the integer (no extraneous
// characters
// sanitize_float($float) -- input float, returns ONLY the float (no extraneous
// characters)
// sanitize($input, $flags) -- input any variable, performs sanitization
// functions specified in flags. flags can be bitwise
// combination of PARANOID, SQL, SYSTEM, HTML, INT, FLOAT, LDAP,
// UTF8
// sanitize_email($email) -- input any string, all non-email chars will be removed
// sanitize_user($string) -- total length check (and more ??)
// sanitize_userfullname($string) -- total length check (and more ??)
//
//
///////////////////////////////////////
//
// 20031121 jp - added defines for magic_quotes and register_globals, added ; to replacements
// in sanitize_sql_string() function, created rudimentary testing pages
// 20031221 gz - added nice_addslashes and changed sanitize_sql_string to use it
// 20070213 lemeur - marked sanitize_sql_string as obsolete, should use db_quote instead
// 20071025 c_schmitz - added sanitize_email
// 20071032 lemeur - added sanitize_user and sanitize_userfullname
//
/////////////////////////////////////////
define("PARANOID", 1);
//define("SQL", 2);
define("SYSTEM", 4);
define("HTML", 8);
define("INT", 16);
define("FLOAT", 32);
define("LDAP", 64);
define("UTF8", 128);
// get register_globals ini setting - jp
$register_globals = (bool) ini_get('register_globals');
if ($register_globals == TRUE) { define("REGISTER_GLOBALS", 1); } else { define("REGISTER_GLOBALS", 0); }
// get magic_quotes_gpc ini setting - jp
$magic_quotes = (bool) ini_get('magic_quotes_gpc');
if ($magic_quotes == TRUE) { define("MAGIC_QUOTES", 1); } else { define("MAGIC_QUOTES", 0); }
// addslashes wrapper to check for gpc_magic_quotes - gz
function nice_addslashes($string)
{
// if magic quotes is on the string is already quoted, just return it
if(MAGIC_QUOTES)
return $string;
else
return addslashes($string);
}
// paranoid sanitization -- only let the alphanumeric set through
function sanitize_paranoid_string($string, $min='', $max='')
{
if (isset($string))
{
$string = preg_replace("/[^_.a-zA-Z0-9]/", "", $string);
$len = strlen($string);
if((($min != '') && ($len < $min)) || (($max != '') && ($len > $max)))
return FALSE;
return $string;
}
}
function sanitize_email($email) {
// Handles now emails separated with a semikolon
$emailarray=explode(';',$email);
for ($i = 0; $i <= count($emailarray)-1; $i++)
{
$emailarray[$i]=preg_replace('/[^a-zA-Z0-9;+_.@-]/i', '', $emailarray[$i]);
}
return implode(';',$emailarray);
}
// sanitize a string in prep for passing a single argument to system() (or similar)
function sanitize_system_string($string, $min='', $max='')
{
if (isset($string))
{
$pattern = '/(;|\||`|>|<|&|^|"|'."\n|\r|'".'|{|}|[|]|\)|\()/i'; // no piping, passing possible environment variables ($),
// seperate commands, nested execution, file redirection,
// background processing, special commands (backspace, etc.), quotes
// newlines, or some other special characters
$string = preg_replace($pattern, '', $string);
$string = '"'.preg_replace('/\$/', '\\\$', $string).'"'; //make sure this is only interpretted as ONE argument
$len = strlen($string);
if((($min != '') && ($len < $min)) || (($max != '') && ($len > $max))) return FALSE;
return $string;
}
}
function sanitize_xss_string($string)
{
if (isset($string))
{
$bad = array ('*','^','&','\'','-',';','\"','(',')','%','$','?');
return str_replace($bad, '',$string);
}
}
// sanitize a string for SQL input (simple slash out quotes and slashes)
function sanitize_sql_db_tablename($string)
{
$bad = array ('*','^','&','\'','-',';','\"','(',')','%','$','?');
return str_replace($bad, "",$string);
}
// sanitize a string for SQL input (simple slash out quotes and slashes)
function sanitize_ldap_string($string, $min='', $max='')
{
$pattern = '/(\)|\(|\||&)/';
$len = strlen($string);
if((($min != '') && ($len < $min)) || (($max != '') && ($len > $max)))
return FALSE;
return preg_replace($pattern, '', $string);
}
// sanitize a string for HTML (make sure nothing gets interpretted!)
function sanitize_html_string($string)
{
$pattern[0] = '/\&/';
$pattern[1] = '/</';
$pattern[2] = "/>/";
$pattern[3] = '/\n/';
$pattern[4] = '/"/';
$pattern[5] = "/'/";
$pattern[6] = "/%/";
$pattern[7] = '/\(/';
$pattern[8] = '/\)/';
$pattern[9] = '/\+/';
$pattern[10] = '/-/';
$replacement[0] = '&amp;';
$replacement[1] = '&lt;';
$replacement[2] = '&gt;';
$replacement[3] = '<br />';
$replacement[4] = '&quot;';
$replacement[5] = '&#39;';
$replacement[6] = '&#37;';
$replacement[7] = '&#40;';
$replacement[8] = '&#41;';
$replacement[9] = '&#43;';
$replacement[10] = '&#45;';
return preg_replace($pattern, $replacement, $string);
}
// make int int!
function sanitize_int($integer, $min='', $max='')
{
$int = ereg_replace("[^0-9]", "", $integer);
if((($min != '') && ($int < $min)) || (($max != '') && ($int > $max)))
{
return FALSE;
}
if ($int=='')
{
return null;
}
return $int;
}
// sanitize a username
// TODO: define the exact format of the username
// allow for instance 0-9a-zA-Z@_-.
function sanitize_user($string)
{
$username_length=64;
$string=mb_substr($string,0,$username_length);
return $string;
}
// sanitize a username
// TODO: define the exact format of the username
// allow for instance 0-9a-zA-Z@_-.
function sanitize_userfullname($string)
{
$username_length=50;
$string=mb_substr($string,0,$username_length);
return $string;
}
function sanitize_labelname($string)
{
$username_length=100;
$string=mb_substr($string,0,$username_length);
return $string;
}
// make float float!
function sanitize_float($float, $min='', $max='')
{
$float = floatval($float);
if((($min != '') && ($float < $min)) || (($max != '') && ($float > $max)))
return FALSE;
return $float;
}
// glue together all the other functions
function sanitize($input, $flags, $min='', $max='')
{
if($flags & PARANOID) $input = sanitize_paranoid_string($input, $min, $max);
if($flags & INT) $input = sanitize_int($input, $min, $max);
if($flags & FLOAT) $input = sanitize_float($input, $min, $max);
if($flags & HTML) $input = sanitize_html_string($input, $min, $max);
if($flags & LDAP) $input = sanitize_ldap_string($input, $min, $max);
if($flags & SYSTEM) $input = sanitize_system_string($input, $min, $max);
return $input;
}
function check_paranoid_string($input, $min='', $max='')
{
if($input != sanitize_paranoid_string($input, $min, $max))
return FALSE;
return TRUE;
}
function check_int($input, $min='', $max='')
{
if($input != sanitize_int($input, $min, $max))
return FALSE;
return TRUE;
}
function check_float($input, $min='', $max='')
{
if($input != sanitize_float($input, $min, $max))
return FALSE;
return TRUE;
}
function check_html_string($input, $min='', $max='')
{
if($input != sanitize_html_string($input, $min, $max))
return FALSE;
return TRUE;
}
function check_ldap_string($input, $min='', $max='')
{
if($input != sanitize_string($input, $min, $max))
return FALSE;
return TRUE;
}
function check_system_string($input, $min='', $max='')
{
if($input != sanitize_system_string($input, $min, $max, TRUE))
return FALSE;
return TRUE;
}
// glue together all the other functions
function check($input, $flags, $min='', $max='')
{
$oldput = $input;
if($flags & UTF8) $input = my_utf8_decode($input);
if($flags & PARANOID) $input = sanitize_paranoid_string($input, $min, $max);
if($flags & INT) $input = sanitize_int($input, $min, $max);
if($flags & FLOAT) $input = sanitize_float($input, $min, $max);
if($flags & HTML) $input = sanitize_html_string($input, $min, $max);
if($flags & LDAP) $input = sanitize_ldap_string($input, $min, $max);
if($flags & SYSTEM) $input = sanitize_system_string($input, $min, $max, TRUE);
if($input != $oldput)
return FALSE;
return TRUE;
}
function sanitize_languagecode($codetosanitize) {
return preg_replace('/[^a-z0-9-]/i', '', $codetosanitize);
}
function sanitize_languagecodeS($codestringtosanitize) {
$codearray=explode(" ",trim($codestringtosanitize));
$codearray=array_map("sanitize_languagecode",$codearray);
return implode(" ",$codearray);
}
?>

65
include/limesurvey/classes/core/startup.php Normal file
View File

@@ -0,0 +1,65 @@
<?php
@ini_set("session.bug_compat_warn", 0); //Turn this off until first "Next" warning is worked out
if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
{
deregister_globals();
}
/*
* Remove variables created by register_globals from the global scope
* Thanks to Matt Kavanagh
*/
function deregister_globals()
{
$not_unset = array(
'GLOBALS' => true,
'_GET' => true,
'_POST' => true,
'_COOKIE' => true,
'_REQUEST' => true,
'_SERVER' => true,
'_SESSION' => true,
'_ENV' => true,
'_FILES' => true
);
// Not only will array_merge and array_keys give a warning if
// a parameter is not an array, array_merge will actually fail.
// So we check if _SESSION has been initialised.
if (!isset($_SESSION) || !is_array($_SESSION))
{
$_SESSION = array();
}
// Merge all into one extremely huge array; unset this later
$input = array_merge(
array_keys($_GET),
array_keys($_POST),
array_keys($_COOKIE),
array_keys($_SERVER),
array_keys($_SESSION),
array_keys($_ENV),
array_keys($_FILES)
);
foreach ($input as $varname)
{
if (isset($not_unset[$varname]))
{
// Hacking attempt. No point in continuing.
exit;
}
unset($GLOBALS[$varname]);
}
unset($input);
}
?>

359
include/limesurvey/classes/core/surveytranslator.php Normal file
View File

@@ -0,0 +1,359 @@
<?php
/*
* LimeSurvey
* Copyright (C) 2007 The LimeSurvey Project Team / Carsten Schmitz
* All rights reserved.
* License: http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* LimeSurvey is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*
* $Id: surveytranslator.php 5101 2008-06-18 10:13:03Z c_schmitz $
*/
/*
* Internationalization and Localization utilities
*
* @package Classes
* @subpackage Core
*/
function getLanguageCodefromLanguage($languagetosearch)
{
$detaillanguages = getLanguageData();
foreach ($detaillanguages as $key2=>$languagename)
{
if ($languagetosearch==$languagename['description'])
{
return $key2;
}
}
// else return default en code
return "en";
}
function getLanguageNameFromCode($codetosearch, $withnative=true)
{
$detaillanguages = getLanguageData();
if (isset($detaillanguages[$codetosearch]['description']))
{
if ($withnative) {
return $detaillanguages[$codetosearch]['description'].' - '.$detaillanguages[$codetosearch]['nativedescription'];
}
else { return $detaillanguages[$codetosearch]['description'];}
}
else
// else return default en code
return false;
}
function getLanguageRTL($codetosearch)
{
$detaillanguages = getLanguageData();
if (isset($detaillanguages[$codetosearch]['rtl']))
{
return $detaillanguages[$codetosearch]['rtl'];
}
else
{
return false;
}
}
function getLanguageData() {
global $clang;
unset($supportedLanguages);
// Albanian
$supportedLanguages['sq']['description'] = $clang->gT('Albanian');
$supportedLanguages['sq']['nativedescription'] = 'Shqipe';
$supportedLanguages['sq']['rtl'] = false;
// Basque
$supportedLanguages['eu']['description'] = $clang->gT('Basque');
$supportedLanguages['eu']['nativedescription'] = 'Euskara';
$supportedLanguages['eu']['rtl'] = false;
// Bosnian
$supportedLanguages['bs']['description'] = $clang->gT('Bosnian');
$supportedLanguages['bs']['nativedescription'] = '&#x0411;&#x044a;&#x043b;&#x0433;&#x0430;&#x0440;&#x0441;&#x043a;&#x0438;';
$supportedLanguages['bs']['rtl'] = false;
// Bulgarian
$supportedLanguages['bg']['description'] = $clang->gT('Bulgarian');
$supportedLanguages['bg']['nativedescription'] = '&#x0411;&#x044a;&#x043b;&#x0433;&#x0430;&#x0440;&#x0441;&#x043a;&#x0438;';
$supportedLanguages['bg']['rtl'] = false;
// Catalan
$supportedLanguages['ca']['description'] = $clang->gT('Catalan');
$supportedLanguages['ca']['nativedescription'] = 'Catal&#940;';
$supportedLanguages['ca']['rtl'] = false;
// Welsh
$supportedLanguages['cy']['description'] = $clang->gT('Welsh');
$supportedLanguages['cy']['nativedescription'] = 'Cymraeg';
$supportedLanguages['cy']['rtl'] = false;
// Chinese (Simplified)
$supportedLanguages['zh-Hans']['description'] = $clang->gT('Chinese (Simplified)');
$supportedLanguages['zh-Hans']['nativedescription'] = '&#31616;&#20307;&#20013;&#25991;';
$supportedLanguages['zh-Hans']['rtl'] = false;
// Chinese (Traditional - Hong Kong)
$supportedLanguages['zh-Hant-HK']['description'] = $clang->gT('Chinese (Traditional - Hong Kong)');
$supportedLanguages['zh-Hant-HK']['nativedescription'] = '&#32321;&#39636;&#20013;&#25991;&#35486;&#31995;';
$supportedLanguages['zh-Hant-HK']['rtl'] = false;
// Chinese (Traditional - Taiwan)
$supportedLanguages['zh-Hant-TW']['description'] = $clang->gT('Chinese (Traditional - Taiwan)');
$supportedLanguages['zh-Hant-TW']['nativedescription'] = 'Chinese (Traditional - Taiwan)';
$supportedLanguages['zh-Hant-TW']['rtl'] = false;
// Croatian
$supportedLanguages['hr']['description'] = $clang->gT('Croatian');
$supportedLanguages['hr']['nativedescription'] = 'Hrvatski';
$supportedLanguages['hr']['rtl'] = false;
// Czech
$supportedLanguages['cs']['description'] = $clang->gT('Czech');
$supportedLanguages['cs']['nativedescription'] = '&#x010c;esky';
$supportedLanguages['cs']['rtl'] = false;
// Danish
$supportedLanguages['da']['description'] = $clang->gT('Danish');
$supportedLanguages['da']['nativedescription'] = 'Dansk';
$supportedLanguages['da']['rtl'] = false;
// Dutch
$supportedLanguages['nl']['description'] = $clang->gT('Dutch');
$supportedLanguages['nl']['nativedescription'] = 'Nederlands';
$supportedLanguages['nl']['rtl'] = false;
// English
$supportedLanguages['en']['description'] = $clang->gT('English');
$supportedLanguages['en']['nativedescription'] = 'English';
$supportedLanguages['en']['rtl'] = false;
// Estonian
$supportedLanguages['et']['description'] = $clang->gT('Estonian');
$supportedLanguages['et']['nativedescription'] = 'Eesti';
$supportedLanguages['et']['rtl'] = false;
// Finnish
$supportedLanguages['fi']['description'] = $clang->gT('Finnish');
$supportedLanguages['fi']['nativedescription'] = 'Suomi';
$supportedLanguages['fi']['rtl'] = false;
// French
$supportedLanguages['fr']['description'] = $clang->gT('French');
$supportedLanguages['fr']['nativedescription'] = 'Fran&#231;ais';
$supportedLanguages['fr']['rtl'] = false;
// Galician
$supportedLanguages['gl']['description'] = $clang->gT('Galician');
$supportedLanguages['gl']['nativedescription'] = 'Galego';
$supportedLanguages['gl']['rtl'] = false;
// German
$supportedLanguages['de']['description'] = $clang->gT('German');
$supportedLanguages['de']['nativedescription'] = 'Deutsch (Sie)';
$supportedLanguages['de']['rtl'] = false;
// German informal
$supportedLanguages['de-informal']['description'] = $clang->gT('German informal');
$supportedLanguages['de-informal']['nativedescription'] = 'Deutsch (Du)';
$supportedLanguages['de-informal']['rtl'] = false;
// Greek
$supportedLanguages['el']['description'] = $clang->gT('Greek');
$supportedLanguages['el']['nativedescription'] = '&#949;&#955;&#955;&#951;&#957;&#953;&#954;&#940;';
$supportedLanguages['el']['rtl'] = false;
// Hebrew
$supportedLanguages['he']['description'] = $clang->gT('Hebrew');
$supportedLanguages['he']['nativedescription'] = ' &#1506;&#1489;&#1512;&#1497;&#1514;';
$supportedLanguages['he']['rtl'] = true;
// Hungarian
$supportedLanguages['hu']['description'] = $clang->gT('Hungarian');
$supportedLanguages['hu']['nativedescription'] = 'Magyar';
$supportedLanguages['hu']['rtl'] = false;
// Icelandic
$supportedLanguages['is']['description'] = $clang->gT('Icelandic');
$supportedLanguages['is']['nativedescription'] = '&#237;slenska';
$supportedLanguages['is']['rtl'] = false;
// Indonesian
$supportedLanguages['id']['description'] = $clang->gT('Indonesian');
$supportedLanguages['id']['nativedescription'] = 'Bahasa Indonesia';
$supportedLanguages['id']['rtl'] = false;
// Italian
$supportedLanguages['it']['description'] = $clang->gT('Italian');
$supportedLanguages['it']['nativedescription'] = 'Italiano';
$supportedLanguages['it']['rtl'] = false;
// Japanese
$supportedLanguages['ja']['description'] = $clang->gT('Japanese');
$supportedLanguages['ja']['nativedescription'] = '&#x65e5;&#x672c;&#x8a9e;';
$supportedLanguages['ja']['rtl'] = false;
// Korean
$supportedLanguages['ko']['description'] = $clang->gT('Korean');
$supportedLanguages['ko']['nativedescription'] = '&#54620;&#44397;&#50612;';
$supportedLanguages['ko']['rtl'] = false;
// Lithuanian
$supportedLanguages['lt']['description'] = $clang->gT('Lithuanian');
$supportedLanguages['lt']['nativedescription'] = 'Lietuvi&#371;';
$supportedLanguages['lt']['rtl'] = false;
// Latvian
$supportedLanguages['lv']['description'] = $clang->gT('Latvian');
$supportedLanguages['lv']['nativedescription'] = 'Latvie&#353;u';
$supportedLanguages['lv']['rtl'] = false;
// Macedonian
$supportedLanguages['mk']['description'] = $clang->gT('Macedonian');
$supportedLanguages['mk']['nativedescription'] = '&#1052;&#1072;&#1082;&#1077;&#1076;&#1086;&#1085;&#1089;&#1082;&#1080;';
$supportedLanguages['mk']['rtl'] = false;
// Norwegian Bokml
$supportedLanguages['nb']['description'] = $clang->gT('Norwegian (Bokmal)');
$supportedLanguages['nb']['nativedescription'] = 'Norsk Bokm&#229;l';
$supportedLanguages['nb']['rtl'] = false;
// Norwegian Nynorsk
$supportedLanguages['nn']['description'] = $clang->gT('Norwegian (Nynorsk)');
$supportedLanguages['nn']['nativedescription'] = 'Norsk Nynorsk';
$supportedLanguages['nn']['rtl'] = false;
// Persian
$supportedLanguages['fa']['description'] = $clang->gT('Persian');
$supportedLanguages['fa']['nativedescription'] = '&#1601;&#1575;&#1585;&#1587;&#1740;';
$supportedLanguages['fa']['rtl'] = true;
// Polish
$supportedLanguages['pl']['description'] = $clang->gT('Polish');
$supportedLanguages['pl']['nativedescription'] = 'Polski';
$supportedLanguages['pl']['rtl'] = false;
// Portuguese
$supportedLanguages['pt']['description'] = $clang->gT('Portuguese');
$supportedLanguages['pt']['nativedescription'] = 'Portugu&#234;s';
$supportedLanguages['pt']['rtl'] = false;
// Brazilian Portuguese
$supportedLanguages['pt-BR']['description'] = $clang->gT('Portuguese (Brazilian)');
$supportedLanguages['pt-BR']['nativedescription'] = 'Portugu&#234;s do Brasil';
$supportedLanguages['pt-BR']['rtl'] = false;
// Russian
$supportedLanguages['ru']['description'] = $clang->gT('Russian');
$supportedLanguages['ru']['nativedescription'] = '&#1056;&#1091;&#1089;&#1089;&#1082;&#1080;&#1081;';
$supportedLanguages['ru']['rtl'] = false;
// Romanian
$supportedLanguages['ro']['description'] = $clang->gT('Romanian');
$supportedLanguages['ro']['nativedescription'] = 'Rom&#226;nesc';
$supportedLanguages['ro']['rtl'] = false;
// Slovak
$supportedLanguages['sk']['description'] = $clang->gT('Slovak');
$supportedLanguages['sk']['nativedescription'] = 'Slov&aacute;k';
$supportedLanguages['sk']['rtl'] = false;
// Slovenian
$supportedLanguages['sl']['description'] = $clang->gT('Slovenian');
$supportedLanguages['sl']['nativedescription'] = 'Sloven&#353;&#269;ina';
$supportedLanguages['sl']['rtl'] = false;
// Serbian
$supportedLanguages['sr']['description'] = $clang->gT('Serbian');
$supportedLanguages['sr']['nativedescription'] = 'Srpski';
$supportedLanguages['sr']['rtl'] = false;
// Spanish
$supportedLanguages['es']['description'] = $clang->gT('Spanish');
$supportedLanguages['es']['nativedescription'] = 'Espa&#241;ol';
$supportedLanguages['es']['rtl'] = false;
// Spanish (Mexico)
$supportedLanguages['es-MX']['description'] = $clang->gT('Spanish (Mexico)');
$supportedLanguages['es-MX']['nativedescription'] = 'Espa&#241;ol Mejicano';
$supportedLanguages['es-MX']['rtl'] = false;
// Swedish
$supportedLanguages['sv']['description'] = $clang->gT('Swedish');
$supportedLanguages['sv']['nativedescription'] = 'Svenska';
$supportedLanguages['sv']['rtl'] = false;
// Turkish
$supportedLanguages['tr']['description'] = $clang->gT('Turkish');
$supportedLanguages['tr']['nativedescription'] = 'T&#252;rk&#231;e';
$supportedLanguages['tr']['rtl'] = false;
// Thai
$supportedLanguages['th']['description'] = $clang->gT('Thai');
$supportedLanguages['th']['nativedescription'] = '&#3616;&#3634;&#3625;&#3634;&#3652;&#3607;&#3618;';
$supportedLanguages['th']['rtl'] = false;
// Vietnamese
$supportedLanguages['vi']['description'] = $clang->gT('Vietnamese');
$supportedLanguages['vi']['nativedescription'] = 'Ti&#7871;ng Vi&#7879;t';
$supportedLanguages['vi']['rtl'] = false;
uasort($supportedLanguages,"user_sort");
Return $supportedLanguages;
}
function user_sort($a, $b) {
// smarts is all-important, so sort it first
if($a['description'] >$b['description']) {
return 1;
}
else {
return -1;
}
}
/* // future languages
// Afrikaans
$supportedLanguages['za']['nativedescription'] = 'Afrikaans';
// Irish
$supportedLanguages['ie']['nativedescription'] = 'Gaeilge';
// Icelandic
$supportedLanguages['is']['nativedescription'] = 'Icelandic';
// Latvian
$supportedLanguages['lv']['nativedescription'] = 'Latvie&#353;u';
// Serbian
$supportedLanguages['yu']['nativedescription'] = 'Srpski';
// Arabic
$supportedLanguages['sa']['nativedescription'] = '&#1575;&#1604;&#1593;&#1585;&#1576;&#1610;&#1577;';
$supportedLanguages['sa']['right-to-left'] = true;
$supportedLanguages['he']['right-to-left'] = true;
*/
?>