fixed some known bugs

JeromeV21 · Jul 21, 2021 · b1fd92d · b1fd92d
1 parent ecd77cf
commit b1fd92d
Show file tree

Hide file tree

Showing 13 changed files with 96 additions and 64 deletions.
diff --git a/app/config/database.php b/app/config/database.php
@@ -55,12 +55,12 @@
 |				    to the table name when using the  Query Builder class
 */
 
-$database['driver']		= 'mysql';
-$database['hostname']	= 'localhost';
-$database['port']		= '3306';
-$database['username']	= 'root';
+$database['driver']		= '';
+$database['hostname']	= '';
+$database['port']		= '';
+$database['username']	= '';
 $database['password']	= '';
-$database['database']	= 'pinoywap';
-$database['charset']	= 'utf8';
+$database['database']	= '';
+$database['charset']	= '';
 $database['dbprefix']	= '';
 ?>
diff --git a/runtime/cache/.gitkeep b/runtime/cache/.gitkeep
diff --git a/scheme/helpers/directory_helper.php b/scheme/helpers/directory_helper.php
@@ -35,7 +35,52 @@
  * @license https://opensource.org/licenses/MIT MIT License
  */
 
-if ( ! function_exists('usable'))
+if ( ! function_exists('directory_map'))
+{
+	/**
+	 * Get Directory and Files Path
+	 *
+	 * @param string $source_dir
+	 * @param integer $directory_depth
+	 * @param boolean $hidden
+	 * @return array
+	 */
+	function directory_map($source_dir, $directory_depth = 0, $hidden = FALSE)
+	{
+		if ($fp = @opendir($source_dir))
+		{
+			$filedata	= array();
+			$new_depth	= $directory_depth - 1;
+			$source_dir	= rtrim($source_dir, DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR;
+
+			while (FALSE !== ($file = readdir($fp)))
+			{
+				if ($file === '.' OR $file === '..' OR ($hidden === FALSE && $file[0] === '.'))
+				{
+					continue;
+				}
+
+				is_dir($source_dir.$file) && $file .= DIRECTORY_SEPARATOR;
+
+				if (($directory_depth < 1 OR $new_depth > 0) && is_dir($source_dir.$file))
+				{
+					$filedata[$file] = directory_map($source_dir.$file, $new_depth, $hidden);
+				}
+				else
+				{
+					$filedata[] = $file;
+				}
+			}
+
+			closedir($fp);
+			return $filedata;
+		}
+
+		return FALSE;
+	}
+}
+
+if ( ! function_exists('is_dir_usable'))
 	{
 		/**
 		 * Check if directory is usable

diff --git a/scheme/helpers/file_helper.php b/scheme/helpers/file_helper.php
@@ -93,39 +93,6 @@ function delete_files($dir_path, $del_dir = FALSE, $htdocs = FALSE)
     }
 }
 
-if(! function_exists('find_subdirectories'))
-{
-    /**
-     * List all subdirectories of a given directory
-     *
-     * @param string $path
-     * @param boolean $include_path
-     * @return void
-     */
-    function find_subdirectories($path, $include_path = FALSE)
-    {
-        $directories = array();
-
-        $items = scandir($path);
-
-        foreach ($items as $item)
-        {
-            if($item == '..' || $item == '.')
-            {
-                continue;
-            }
-
-            if(is_dir($path . $item))
-            {
-                $directories[] = $include_path ? $path  . $item : $item; 
-            }
-
-        }
-
-        return $directories;
-    }
-}
-
 if(! function_exists('copy_file'))
 {
     /**

diff --git a/scheme/helpers/security_helper.php b/scheme/helpers/security_helper.php
@@ -48,6 +48,7 @@ function xss_clean($str)
 	{
 		return lava_instance()->security->xss_clean($str);
 	}
+}
 
 if( ! function_exists('filter_var'))
 {
@@ -84,5 +85,17 @@ function filter_var($type, $var)
 	}
 }
 
+if ( ! function_exists('sanitize_filename'))
+{
+	/**
+	 * Sanitize Filename
+	 *
+	 * @param	string
+	 * @return	string
+	 */
+	function sanitize_filename($filename)
+	{
+		return lava_instance()->security->sanitize_filename($filename);
+	}
 }
 ?>
diff --git a/scheme/kernel/Security.php b/scheme/kernel/Security.php
@@ -228,6 +228,24 @@ public function xss_clean($string)
 		$escaper =& load_class('Escaper', 'libraries');
 		return $escaper->filter($string);
 	}
+
+	/**
+	 * Sanitize for a file system
+	 * 
+	 * @param  string $name
+	 * @return string
+	 */
+	public function sanitize_filename($name) {
+	    // remove illegal file system characters https://en.wikipedia.org/wiki/Filename#Reserved_characters_and_words
+	    $name = str_replace(array_merge(
+	        array_map('chr', range(0, 31)),
+	        array('<', '>', ':', '"', '/', '\\', '|', '?', '*')
+	    ), '', $name);
+	    // maximise filename length to 255 bytes http://serverfault.com/a/9548/44086
+	    $ext = pathinfo($name, PATHINFO_EXTENSION);
+	    $name= mb_strcut(pathinfo($name, PATHINFO_FILENAME), 0, 255 - ($ext ? strlen($ext) + 1 : 0), mb_detect_encoding($name)) . ($ext ? '.' . $ext : '');
+	    return $name;
+	}
 }
 
 ?>
diff --git a/scheme/libraries/Cache.php b/scheme/libraries/Cache.php
@@ -35,13 +35,9 @@
  * @license https://opensource.org/licenses/MIT MIT License
  */
 
-/*
- * ------------------------------------------------------
- *  Cache Class
- * ------------------------------------------------------
+/**
+ * Cache Class
  */
-
-
 class Cache
 {
 	private $_lava;

diff --git a/scheme/libraries/Email.php b/scheme/libraries/Email.php
@@ -35,12 +35,9 @@
  * @license https://opensource.org/licenses/MIT MIT License
  */
 
-/*
- * ------------------------------------------------------
- *  Class Mail / For sending email
- * ------------------------------------------------------
+/**
+ * Class Email
  */
-
 class Email {
 
 	public $sender;
@@ -177,16 +174,12 @@ public function recreate_attachment($attachment)
     {
         if(file_exists($attachment) === true)
         {
-        	$LAVA =& lava_instance();
-        	$LAVA->call->helper('file');
-        	$fileinfo = get_file_info($attachment);
 			$fileType = mime_content_type($attachment);
-			$file_size = $fileinfo['size'];
+			$file_size = filesize($attachment);
 			$handle = fopen($attachment, 'rb');
 			$content = fread($handle, $file_size);
 			$content = chunk_split(base64_encode($content));
 			fclose($handle);
-
             $out = "\r\n";
             $contents = 'Content-Type: '.$fileType.'; name='.basename($attachment).$out;
             $contents .= 'Content-Transfer-Encoding: base64'.$out;

diff --git a/scheme/libraries/Escaper.php b/scheme/libraries/Escaper.php
@@ -35,12 +35,9 @@
  * @license https://opensource.org/licenses/MIT MIT License
  */
 
-/*
- * ------------------------------------------------------
- *  Escaper Class
- * ------------------------------------------------------
+/**
+ * Class Escaper / XSS Prevention
  */
-
 require_once('Escaper/HTMLPurifier.php');
 class Escaper extends HTMLPurifier {
 

diff --git a/scheme/libraries/Form_validation.php b/scheme/libraries/Form_validation.php
@@ -36,7 +36,7 @@
  */
 
 /**
- * Form Validation Class
+ * Class Form Validation
  */
 class Form_validation {
     /**

diff --git a/scheme/libraries/Pagination.php b/scheme/libraries/Pagination.php
@@ -35,6 +35,9 @@
  * @license https://opensource.org/licenses/MIT MIT License
  */
 
+ /**
+  * Class Pagination
+  */
 class Pagination
 {
     /**

diff --git a/scheme/libraries/Session.php b/scheme/libraries/Session.php
@@ -36,7 +36,7 @@
  */
 
 /**
- * Session Session
+ * Class Session
  */
 class Session {
 

diff --git a/scheme/libraries/Upload.php b/scheme/libraries/Upload.php
@@ -97,7 +97,7 @@ public function do_upload($file, $dir, $overwrite = FALSE, $size = FALSE)
 
 		// Make sure we can use the destination directory
 		$this->LAVA->call->helper('directory');
-		usable($dir);
+		is_dir_usable($dir);
 
 		// Create a unique name if we don't want files overwritten
 		$name = $overwrite ? "$filename.$ext" : $this->unique_filename($dir, $filename, $extension);
-Original file line number
+Diff line change
@@ Expand Up / @@ -36,7 +36,7 @@ @@
      */
     /**
-     * Form Validation Class
+     * Class Form Validation
      */
     class Form_validation {
         /**
@@ Expand Down @@