> 8) & 0xffffff)); } return ~$crc; } define('GZIP_MAGIC', "\037\213"); define('GZIP_DEFLATE', 010); function zip_deflate($content) { // Compress content, and suck information from gzip header. $z = gzip_compress($content); // Suck OS type byte from gzip header. FIXME: this smells bad. extract(unpack("a2magic/Ccomp_type/Cflags/@9/Cos_type", $z)); if ($magic != GZIP_MAGIC) { trigger_error(sprintf('Bad %s', 'gzip magic'), E_USER_ERROR); } if ($comp_type != GZIP_DEFLATE) { trigger_error(sprintf('Bad %s', 'gzip comp type'), E_USER_ERROR); } if (($flags & 0x3e) != 0) { trigger_error(sprintf('Bad %s', sprintf('flags (0x%02x)', $flags)), E_USER_ERROR); } $gz_header_len = 10; $gz_data_len = strlen($z) - $gz_header_len - 8; if ($gz_data_len < 0) { trigger_error('not enough gzip output?', E_USER_ERROR); } extract(unpack('Vcrc32', substr($z, $gz_header_len + $gz_data_len))); return [ substr($z, $gz_header_len, $gz_data_len), // gzipped data $crc32, // crc $os_type // OS type ]; } function zip_inflate($data, $crc32, $uncomp_size) { if (! function_exists('gzopen')) { global $request; $request->finish(_("Can't inflate data: zlib support not enabled in this PHP")); } // Reconstruct gzip header and ungzip the data. $mtime = time(); //(Bogus mtime) return gzip_uncompress(pack("a2CxV@10", GZIP_MAGIC, GZIP_DEFLATE, $mtime) . $data . pack('VV', $crc32, $uncomp_size)); } function unixtime2dostime($unix_time) { if ($unix_time % 1) { $unix_time++; // Round up to even seconds. } list($year, $month, $mday, $hour, $min, $sec) = explode(' ', TikiLib::date_format('%Y %m %e %H %M %S', $unix_time)); if ($year < 1980) { list($year, $month, $mday, $hour, $min, $sec) = [ 1980, 1, 1, 0, 0, 0 ]; } $dosdate = (($year - 1980) << 9) | ($month << 5) | $mday; $dostime = ($hour << 11) | ($min << 5) | ($sec >> 1); return [ $dosdate, $dostime ]; } function dostime2unixtime($dosdate, $dostime) { $mday = $dosdate & 0x1f; $month = ($dosdate >> 5) & 0x0f; $year = 1980 + (($dosdate >> 9) & 0x7f); $sec = ($dostime & 0x1f) * 2; $min = ($dostime >> 5) & 0x3f; $hour = ($dostime >> 11) & 0x1f; return TikiLib::make_time($hour, $min, $sec, $month, $mday, $year); } /** * Class for zipfile creation. */ define('ZIP_DEFLATE', GZIP_DEFLATE); define('ZIP_STORE', 0); define('ZIP_CENTHEAD_MAGIC', "PK\001\002"); define('ZIP_LOCHEAD_MAGIC', "PK\003\004"); define('ZIP_ENDDIR_MAGIC', "PK\005\006"); class ZipWriter { public function __construct($comment = '', $zipname = 'archive.zip') { $this->comment = $comment; $this->nfiles = 0; $this->dir = ''; // "Central directory block" $this->offset = 0; // Current file position. $zipname = addslashes($zipname); header("Content-Type: application/zip; name=\"$zipname\""); header("Content-Disposition: attachment; filename=\"$zipname\""); } public function addRegularFile($filename, $content, $attrib = false) { if (! $attrib) { $attrib = []; } $size = strlen($content); if (function_exists('gzopen')) { list($data, $crc32, $os_type) = zip_deflate($content); if (strlen($data) < $size) { $content = $data; // Use compressed data. $comp_type = ZIP_DEFLATE; } else { unset($crc32); // force plain store. } } if (! isset($crc32)) { $comp_type = ZIP_STORE; $crc32 = zip_crc32($content); } if (! empty($attrib['write_protected'])) { $atx = (0100444 << 16) | 1; // S_IFREG + read permissions to } // everybody. else { $atx = (0100644 << 16); // Add owner write perms. } $ati = $attrib['is_ascii'] ? 1 : 0; if (empty($attrib['mtime'])) { $attrib['mtime'] = time(); } list($mod_date, $mod_time) = unixtime2dostime($attrib['mtime']); // Construct parts common to "Local file header" and "Central // directory file header." if (! isset($attrib['extra_field'])) { $attrib['extra_field'] = ''; } if (! isset($attrib['file_comment'])) { $attrib['file_comment'] = ''; } $head = pack( "vvvvvVVVvv", 20, // Version needed to extract (FIXME: is this right?) 0, // Gen purp bit flag $comp_type, $mod_time, $mod_date, $crc32, strlen($content), $size, strlen($filename), strlen($attrib['extra_field']) ); // Construct the "Local file header" $lheader = ZIP_LOCHEAD_MAGIC . $head . $filename . $attrib['extra_field']; // Construct the "central directory file header" $this->dir .= pack("a4CC", ZIP_CENTHEAD_MAGIC, 23, $os_type); $this->dir .= $head; $this->dir .= pack( "vvvVV", strlen($attrib['file_comment']), 0, // Disk number start $ati, // Internal file attributes $atx, // External file attributes $this->offset // Relative offset of local header ); $this->dir .= $filename . $attrib['extra_field'] . $attrib['file_comment']; // Output the "Local file header" and file contents. echo $lheader; echo $content; $this->offset += strlen($lheader) + strlen($content); $this->nfiles++; } public function finish() { // Output the central directory echo $this->dir; // Construct the "End of central directory record" echo ZIP_ENDDIR_MAGIC; echo pack( "vvvvVVv", 0, // Number of this disk. 0, // Number of disk with start of c dir $this->nfiles, // Number entries on this disk $this->nfiles, // Number entries strlen($this->dir), // Size of central directory $this->offset, // Offset of central directory strlen($this->comment) ); echo $this->comment; } } /** * Class for reading zip files. * * BUGS: * * Many of the ExitWiki()'s should probably be warn()'s (eg. CRC mismatch). * * Only a subset of zip formats is recognized. (I think that * unsupported formats will be recognized as such rather than silently * munged.) * * We don't read the central directory. This means we don't see the * file attributes (text? read-only?), or file comments. * * Right now we ignore the file mod date and time, since we don't need it. */ class ZipReader { public function __construct($zipfile) { if (! is_string($zipfile)) { $this->fp = $zipfile; // File already open } elseif (! ($this->fp = fopen($zipfile, "rb"))) { trigger_error(sprintf(_("Can't open zip file '%s' for reading"), $zipfile), E_USER_ERROR); } } public function _read($nbytes) { $chunk = fread($this->fp, $nbytes); if (strlen($chunk) != $nbytes) { trigger_error(_("Unexpected EOF in zip file"), E_USER_ERROR); } return $chunk; } public function done() { fclose($this->fp); return false; } public function readFile() { $head = $this->_read(30); extract( unpack( 'a4magic/vreq_version/vflags/vcomp_type' . '/vmod_time/vmod_date' . '/Vcrc32/Vcomp_size/Vuncomp_size' . '/vfilename_len/vextrafld_len', $head ) ); //FIXME: we should probably check $req_version. $attrib['mtime'] = dostime2unixtime($mod_date, $mod_time); if ($magic != ZIP_LOCHEAD_MAGIC) { if ($magic != ZIP_CENTHEAD_MAGIC) { // FIXME: better message? ExitWiki(sprintf('Bad header type: %s', $magic)); } return $this->done(); } if (($flags & 0x21) != 0) { ExitWiki('Encryption and/or zip patches not supported.'); } if (($flags & 0x08) != 0) { // FIXME: better message? ExitWiki('Postponed CRC not yet supported.'); } $filename = $this->_read($filename_len); if ($extrafld_len != 0) { $attrib['extra_field'] = $this->_read($extrafld_len); } $data = $this->_read($comp_size); if ($comp_type == ZIP_DEFLATE) { $data = zip_inflate($data, $crc32, $uncomp_size); } elseif ($comp_type == ZIP_STORE) { $crc = zip_crc32($data); if ($crc32 != $crc) { ExitWiki(sprintf('CRC mismatch %x != %x', $crc, $crc32)); } } else { ExitWiki(sprintf('Compression method %s unsupported', $comp_method)); } if (strlen($data) != $uncomp_size) { ExitWiki(sprintf('Uncompressed size mismatch %d != %d', strlen($data), $uncomp_size)); } return [ $filename, $data, $attrib ]; } } /** * Routines for Mime mailification of pages. */ //FIXME: these should go elsewhere (libmime?). /** * Routines for quoted-printable en/decoding. */ function QuotedPrintableEncode($string) { // Quote special characters in line. $quoted = ''; while ($string) { // The complicated regexp is to force quoting of trailing spaces. preg_match('/^([ !-<>-~]*)(?:([!-<>-~]$)|(.))/s', $string, $match); $quoted .= $match[1] . $match[2]; if (! empty($match[3])) { $quoted .= sprintf('=%02X', ord($match[3])); } $string = substr($string, strlen($match[0])); } // Split line. // This splits the line (preferably after white-space) into lines // which are no longer than 76 chars (after adding trailing '=' for // soft line break, but before adding \r\n.) return preg_replace('/(?=.{77})(.{10,74}[ \t]|.{71,73}[^=][^=])/s', "\\1=\r\n", $quoted); } function QuotedPrintableDecode($string) { // Eliminate soft line-breaks. $string = preg_replace('/=[ \t\r]*\n/', '', $string); return quoted_printable_decode($string); } define('MIME_TOKEN_REGEXP', "[-!#-'*+.0-9A-Z^-~]+"); function MimeContentTypeHeader($type, $subtype, $params) { $header = "Content-Type: $type/$subtype"; reset($params); foreach ($params as $key => $val) { //FIXME: what about non-ascii printables in $val? if (! preg_match('/^' . MIME_TOKEN_REGEXP . '$/', $val)) { $val = '"' . addslashes($val) . '"'; } $header .= ";\r\n $key=$val"; } return "$header\r\n"; } function MimeMultipart($parts) { global $mime_multipart_count; // The string "=_" can not occur in quoted-printable encoded data. $boundary = "=_multipart_boundary_" . ++$mime_multipart_count; $head = MimeContentTypeHeader('multipart', 'mixed', ['boundary' => $boundary]); $sep = "\r\n--$boundary\r\n"; return $head . $sep . implode($sep, $parts) . "\r\n--${boundary}--\r\n"; } /** * For reference see: * http://www.nacs.uci.edu/indiv/ehood/MIME/2045/rfc2045.html * http://www.faqs.org/rfcs/rfc2045.html * (RFC 1521 has been superceeded by RFC 2045 & others). * * Also see http://www.faqs.org/rfcs/rfc2822.html * * * Notes on content-transfer-encoding. * * "7bit" means short lines of US-ASCII. * "8bit" means short lines of octets with (possibly) the high-order bit set. * "binary" means lines are not necessarily short enough for SMTP * transport, and non-ASCII characters may be present. * * Only "7bit", "quoted-printable", and "base64" are universally safe * for transport via e-mail. (Though many MTAs can/will be configured to * automatically convert encodings to a safe type if they receive * mail encoded in '8bit' and/or 'binary' encodings. */ function MimeifyPageRevision($page) { //$page = $revision->getPage(); // FIXME: add 'hits' to $params $params = [ 'pagename' => $page['pageName'], 'flags' => '', 'author' => $page['user'], 'version' => $page['version'], 'lastmodified' => $page['lastModif'] ]; $params['author_id'] = $page['ip']; $params['summary'] = $page['comment']; if (isset($page['hits'])) { $params['hits'] = $page['hits']; } $params['description'] = $page['description']; $params['charset'] = 'utf-8'; // Non-US-ASCII is not allowed in Mime headers (at least not without // special handling) --- so we urlencode all parameter values. foreach ($params as $key => $val) { $params[$key] = rawurlencode($val); } $out = MimeContentTypeHeader('application', 'x-tikiwiki', $params); $out .= sprintf("Content-Transfer-Encoding: %s\r\n", 'binary'); $out .= "\r\n"; $lines = explode("\n", $page["data"]); foreach ($lines as $line) { // This is a dirty hack to allow saving binary text files. See above. $line = rtrim($line); $out .= "$line\r\n"; } return $out; } /** * Routines for parsing Mime-ified phpwiki pages. */ function ParseRFC822Headers(&$string) { if (preg_match("/^From (.*)\r?\n/", $string, $match)) { $headers['from '] = preg_replace('/^\s+|\s+$/', '', $match[1]); $string = substr($string, strlen($match[0])); } while (preg_match('/^([!-9;-~]+) [ \t]* : [ \t]* ' . '( .* \r?\n (?: [ \t] .* \r?\n)* )/x', $string, $match)) { $headers[strtolower($match[1])] = preg_replace('/^\s+|\s+$/', '', $match[2]); $string = substr($string, strlen($match[0])); } if (empty($headers)) { return false; } if (! preg_match("/^\r?\n/", $string, $match)) { // No blank line after headers. return false; } $string = substr($string, strlen($match[0])); return $headers; } function ParseMimeContentType($string) { // FIXME: Remove (RFC822 style comments). // Get type/subtype if (! preg_match(':^\s*(' . MIME_TOKEN_REGEXP . ')\s*' . '/' . '\s*(' . MIME_TOKEN_REGEXP . ')\s*:x', $string, $match)) { ExitWiki(sprintf("Bad %s", 'MIME content-type')); } $type = strtolower($match[1]); $subtype = strtolower($match[2]); $string = substr($string, strlen($match[0])); $param = []; while (preg_match('/^;\s*(' . MIME_TOKEN_REGEXP . ')\s*=\s*' . '(?:(' . MIME_TOKEN_REGEXP . ')|"((?:[^"\\\\]|\\.)*)") \s*/sx', $string, $match)) { //" <--kludge for brain-dead syntax coloring if (strlen($match[2])) { $val = $match[2]; } else { $val = preg_replace('/[\\\\](.)/s', '\\1', $match[3]); } $param[strtolower($match[1])] = $val; $string = substr($string, strlen($match[0])); } return [$type, $subtype,$param]; } function ParseMimeMultipart($data, $boundary) { if (! $boundary) { ExitWiki('No boundary?'); } $boundary = preg_quote($boundary); while (preg_match("/^(|.*?\n)--$boundary((?:--)?)[^\n]*\n/s", $data, $match)) { $data = substr($data, strlen($match[0])); if (! isset($parts)) { $parts = []; // First time through: discard leading chaff } else { if ($content = ParseMimeifiedPages($match[1])) { foreach ($content as $p) { $parts[] = $p; } } } if ($match[2]) { return $parts; // End boundary found. } } ExitWiki('No end boundary?'); } function GenerateFootnotesFromRefs($params) { $footnotes = []; reset($params); foreach ($params as $p => $reference) { if (preg_match('/^ref([1-9][0-9]*)$/', $p, $m)) { $footnotes[$m[1]] = sprintf(_("[%d] See [%s]"), $m[1], rawurldecode($reference)); } } if (count($footnotes) > 0) { ksort($footnotes); return "-----\n" . "!" . _("References") . "\n" . join("\n%%%\n", $footnotes) . "\n"; } else { return ''; } } // Convert references in meta-data to footnotes. // Only zip archives generated by phpwiki 1.2.x or earlier should have // references. function ParseMimeifiedPages($data) { if (! ($headers = ParseRFC822Headers($data)) || empty($headers['content-type'])) { //trigger_error( sprintf(_("Can't find %s"),'content-type header'), // E_USER_WARNING ); return false; } $typeheader = $headers['content-type']; if (! (list($type, $subtype, $params) = ParseMimeContentType($typeheader))) { trigger_error(sprintf("Can't parse %s: (%s)", 'content-type', $typeheader), E_USER_WARNING); return false; } if ("$type/$subtype" == 'multipart/mixed') { return ParseMimeMultipart($data, $params['boundary']); } elseif ("$type/$subtype" != 'application/x-phpwiki') { trigger_error(sprintf("Bad %s", "content-type: $type/$subtype"), E_USER_WARNING); return false; } // FIXME: more sanity checking? $page = []; $pagedata = []; $versiondata = []; foreach ($params as $key => $value) { if (empty($value)) { continue; } $value = rawurldecode($value); switch ($key) { case 'pagename': case 'version': $page[$key] = $value; break; case 'flags': if (preg_match('/PAGE_LOCKED/', $value)) { $pagedata['locked'] = 'yes'; } break; case 'created': case 'hits': $pagedata[$key] = $value; break; case 'lastmodified': $versiondata['mtime'] = $value; break; case 'author': case 'author_id': case 'summary': case 'markup': $versiondata[$key] = $value; break; } } // FIXME: do we need to try harder to find a pagename if we // haven't got one yet? if (! isset($versiondata['author'])) { global $request; $user = $request->getUser(); $versiondata['author'] = $user->getId(); //FIXME:? } $encoding = strtolower($headers['content-transfer-encoding']); if ($encoding == 'quoted-printable') { $data = QuotedPrintableDecode($data); } elseif ($encoding && $encoding != 'binary') { ExitWiki(sprintf("Unknown %s", 'encoding type: $encoding')); } $data .= GenerateFootnotesFromRefs($params); $page['content'] = preg_replace('/[ \t\r]*\n/', "\n", chop($data)); $page['pagedata'] = $pagedata; $page['versiondata'] = $versiondata; return [$page]; } // Local Variables: // mode: php // tab-width: 8 // c-basic-offset: 4 // c-hanging-comment-ender-p: nil // indent-tabs-mode: nil // End: