PageRenderTime 57ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 1ms

/var/Typecho/Common.php

https://github.com/wangqin4377/typecho
PHP | 1376 lines | 1101 code | 65 blank | 210 comment | 87 complexity | 01248e1a8a8b7032f9af34ec819a4c93 MD5 | raw file
Possible License(s): AGPL-1.0 
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * API方法,Typecho命名空间
    4. 

  4.  *
    5. 

  5.  * @category typecho
    6. 

  6.  * @package Common
    7. 

  7.  * @copyright Copyright (c) 2008 Typecho team (http://www.typecho.org)
    8. 

  8.  * @license GNU General Public License 2.0
    9. 

  9.  * @version $Id$
    10. 

  10.  */
    11. 

  11. 

  12. define('__TYPECHO_MB_SUPPORTED__', function_exists('mb_get_info'));
    13. 

  13. 

  14. /**
    15. 

  15.  * Typecho公用方法
    16. 

  16.  *
    17. 

  17.  * @category typecho
    18. 

  18.  * @package Common
    19. 

  19.  * @copyright Copyright (c) 2008 Typecho team (http://www.typecho.org)
    20. 

  20.  * @license GNU General Public License 2.0
    21. 

  21.  */
    22. 

  22. class Typecho_Common
    23. 

  23. {
    24. 

  24.     /** 程序版本 */
    25. 

  25.     const VERSION = '0.9/14.3.14';
    26. 

  26. 

  27.     /**
    28. 

  28.      * 锁定的代码块
    29. 

  29.      *
    30. 

  30.      * @access private
    31. 

  31.      * @var array
    32. 

  32.      */
    33. 

  33.     private static $_lockedBlocks = array('<p></p>' => '');
    34. 

  34.     
    35. 

  35.     /**
    36. 

  36.      * 允许的属性
    37. 

  37.      * 
    38. 

  38.      * @access private
    39. 

  39.      * @var array
    40. 

  40.      */
    41. 

  41.     private static $_allowableAttributes = array();
    42. 

  42. 

  43.     /**
    44. 

  44.      * 默认编码
    45. 

  45.      *
    46. 

  46.      * @access public
    47. 

  47.      * @var string
    48. 

  48.      */
    49. 

  49.     public static $charset = 'UTF-8';
    50. 

  50. 

  51.     /**
    52. 

  52.      * 异常处理类
    53. 

  53.      *
    54. 

  54.      * @access public
    55. 

  55.      * @var string
    56. 

  56.      */
    57. 

  57.     public static $exceptionHandle;
    58. 

  58. 

  59.     /**
    60. 

  60.      * 锁定标签回调函数
    61. 

  61.      *
    62. 

  62.      * @access private
    63. 

  63.      * @param array $matches 匹配的值
    64. 

  64.      * @return string
    65. 

  65.      */
    66. 

  66.     public static function __lockHTML(array $matches)
    67. 

  67.     {
    68. 

  68.         $guid = '<code>' . uniqid(time()) . '</code>';
    69. 

  69.         self::$_lockedBlocks[$guid] = $matches[0];
    70. 

  70.         return $guid;
    71. 

  71.     }
    72. 

  72. 

  73.     /**
    74. 

  74.      * 将url中的非法xss去掉时的数组回调过滤函数
    75. 

  75.      *
    76. 

  76.      * @access private
    77. 

  77.      * @param string $string 需要过滤的字符串
    78. 

  78.      * @return string
    79. 

  79.      */
    80. 

  80.     public static function __removeUrlXss($string)
    81. 

  81.     {
    82. 

  82.         $string = str_replace(array('%0d', '%0a'), '', strip_tags($string));
    83. 

  83.         return preg_replace(array(
    84. 

  84.             "/\(\s*(\"|')/i",           //函数开头
    85. 

  85.             "/(\"|')\s*\)/i",           //函数结尾
    86. 

  86.         ), '', $string);
    87. 

  87.     }
    88. 

  88. 

  89.     /**
    90. 

  90.      * 检查是否为安全路径
    91. 

  91.      *
    92. 

  92.      * @access public
    93. 

  93.      * @param string $path 检查是否为安全路径
    94. 

  94.      * @return boolean
    95. 

  95.      */
    96. 

  96.     public static function __safePath($path)
    97. 

  97.     {
    98. 

  98.         $safePath = rtrim(__TYPECHO_ROOT_DIR__, '/');
    99. 

  99.         return 0 === strpos($path, $safePath);
    100. 

  100.     }
    101. 

  101. 

  102.     /**
    103. 

  103.      * __filterAttrs  
    104. 

  104.      * 
    105. 

  105.      * @param mixed $matches 
    106. 

  106.      * @static
    107. 

  107.      * @access public
    108. 

  108.      * @return bool
    109. 

  109.      */
    110. 

  110.     public static function __filterAttrs($matches)
    111. 

  111.     {
    112. 

  112.         if (!isset($matches[2])) {
    113. 

  113.             return $matches[0];
    114. 

  114.         }
    115. 

  115. 

  116.         $str = trim($matches[2]);
    117. 

  117. 

  118.         if (empty($str)) {
    119. 

  119.             return $matches[0];
    120. 

  120.         }
    121. 

  121. 

  122.         $attrs = self::__parseAttrs($str);
    123. 

  123.         $parsedAttrs = array();
    124. 

  124.         $tag = strtolower($matches[1]);
    125. 

  125. 

  126.         foreach ($attrs as $key => $val) {
    127. 

  127.             if (in_array($key, self::$_allowableAttributes[$tag])) {
    128. 

  128.                 $parsedAttrs[] = " {$key}" . (empty($val) ? '' : "={$val}");
    129. 

  129.             }
    130. 

  130.         }
    131. 

  131. 

  132.         return '<' . $tag . implode('', $parsedAttrs) . '>';
    133. 

  133.     }
    134. 

  134.     
    135. 

  135.     /**
    136. 

  136.      * 解析属性
    137. 

  137.      * 
    138. 

  138.      * @access public
    139. 

  139.      * @param string $attrs 属性字符串
    140. 

  140.      * @return array
    141. 

  141.      */
    142. 

  142.     public static function __parseAttrs($attrs)
    143. 

  143.     {
    144. 

  144.         $attrs = trim($attrs);
    145. 

  145.         $len = strlen($attrs);
    146. 

  146.         $pos = -1;
    147. 

  147.         $result = array();
    148. 

  148.         $quote = '';
    149. 

  149.         $key = '';
    150. 

  150.         $value = '';
    151. 

  151.         
    152. 

  152.         for ($i = 0; $i < $len; $i ++) {
    153. 

  153.             if ('=' != $attrs[$i] && !ctype_space($attrs[$i]) && -1 == $pos) {
    154. 

  154.                 $key .= $attrs[$i];
    155. 

  155.                 
    156. 

  156.                 /** 最后一个 */
    157. 

  157.                 if ($i == $len - 1) {
    158. 

  158.                     if ('' != ($key = trim($key))) {
    159. 

  159.                         $result[$key] = '';
    160. 

  160.                         $key = '';
    161. 

  161.                         $value = '';
    162. 

  162.                     }
    163. 

  163.                 }
    164. 

  164.                 
    165. 

  165.             } else if (ctype_space($attrs[$i]) && -1 == $pos) {
    166. 

  166.                 $pos = -2;
    167. 

  167.             } else if ('=' == $attrs[$i] && 0 > $pos) {
    168. 

  168.                 $pos = 0;
    169. 

  169.             } else if (('"' == $attrs[$i] || "'" == $attrs[$i]) && 0 == $pos) {
    170. 

  170.                 $quote = $attrs[$i];
    171. 

  171.                 $value .= $attrs[$i];
    172. 

  172.                 $pos = 1;
    173. 

  173.             } else if ($quote != $attrs[$i] && 1 == $pos) {
    174. 

  174.                 $value .= $attrs[$i];
    175. 

  175.             } else if ($quote == $attrs[$i] && 1 == $pos) {
    176. 

  176.                 $pos = -1;
    177. 

  177.                 $value .= $attrs[$i];
    178. 

  178.                 $result[trim($key)] = $value;
    179. 

  179.                 $key = '';
    180. 

  180.                 $value = '';
    181. 

  181.             } else if ('=' != $attrs[$i] && !ctype_space($attrs[$i]) && -2 == $pos) {
    182. 

  182.                 if ('' != ($key = trim($key))) {
    183. 

  183.                     $result[$key] = '';
    184. 

  184.                 }
    185. 

  185.                 
    186. 

  186.                 $key = '';
    187. 

  187.                 $value = '';
    188. 

  188.                 $pos = -1;
    189. 

  189.                 $key .= $attrs[$i];
    190. 

  190.             }
    191. 

  191.         }
    192. 

  192.         
    193. 

  193.         return $result;
    194. 

  194.     }
    195. 

  195. 

  196.     /**
    197. 

  197.      * 自动载入类
    198. 

  198.      *
    199. 

  199.      * @param $className
    200. 

  200.      */
    201. 

  201.     public static function __autoLoad($className)
    202. 

  202.     {
    203. 

  203.         @include_once str_replace(array('\\', '_'), '/', $className) . '.php';
    204. 

  204.     }
    205. 

  205. 

  206.     /**
    207. 

  207.      * 程序初始化方法
    208. 

  208.      *
    209. 

  209.      * @access public
    210. 

  210.      * @return void
    211. 

  211.      */
    212. 

  212.     public static function init()
    213. 

  213.     {
    214. 

  214.         /** 设置自动载入函数 */
    215. 

  215.         if (function_exists('spl_autoload_register')) {
    216. 

  216.             spl_autoload_register(array('Typecho_Common', '__autoLoad'));
    217. 

  217.         } else {
    218. 

  218.             function __autoLoad($className) {
    219. 

  219.                 Typecho_Common::__autoLoad($className);
    220. 

  220.             }
    221. 

  221.         }
    222. 

  222. 

  223.         /** 兼容php6 */
    224. 

  224.         if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
    225. 

  225.             $_GET = self::stripslashesDeep($_GET);
    226. 

  226.             $_POST = self::stripslashesDeep($_POST);
    227. 

  227.             $_COOKIE = self::stripslashesDeep($_COOKIE);
    228. 

  228. 

  229.             reset($_GET);
    230. 

  230.             reset($_POST);
    231. 

  231.             reset($_COOKIE);
    232. 

  232.         }
    233. 

  233. 

  234.         /** 设置异常截获函数 */
    235. 

  235.         set_exception_handler(array('Typecho_Common', 'exceptionHandle'));
    236. 

  236.     }
    237. 

  237. 

  238.     /**
    239. 

  239.      * 异常截获函数
    240. 

  240.      *
    241. 

  241.      * @access public
    242. 

  242.      * @param Exception $exception 截获的异常
    243. 

  243.      * @return void
    244. 

  244.      */
    245. 

  245.     public static function exceptionHandle(Exception $exception)
    246. 

  246.     {
    247. 

  247.         @ob_end_clean();
    248. 

  248. 

  249.         if (defined('__TYPECHO_DEBUG__')) {
    250. 

  250.             echo nl2br($exception->__toString());
    251. 

  251.         } else {
    252. 

  252.             if (404 == $exception->getCode() && !empty(self::$exceptionHandle)) {
    253. 

  253.                 $handleClass = self::$exceptionHandle;
    254. 

  254.                 new $handleClass($exception);
    255. 

  255.             } else {
    256. 

  256.                 self::error($exception);
    257. 

  257.             }
    258. 

  258.         }
    259. 

  259. 

  260.         exit;
    261. 

  261.     }
    262. 

  262. 

  263.     /**
    264. 

  264.      * 输出错误页面
    265. 

  265.      *
    266. 

  266.      * @access public
    267. 

  267.      * @param mixed $exception 错误信息
    268. 

  268.      * @return void
    269. 

  269.      */
    270. 

  270.     public static function error($exception)
    271. 

  271.     {
    272. 

  272.         $isException = is_object($exception);
    273. 

  273.         $message = '';
    274. 

  274. 

  275.         if ($isException) {
    276. 

  276.             $code = $exception->getCode();
    277. 

  277.             $message = $exception->getMessage();
    278. 

  278.         } else {
    279. 

  279.             $code = $exception;
    280. 

  280.         }
    281. 

  281. 

  282.         $charset = self::$charset;
    283. 

  283. 

  284.         if ($isException && $exception instanceof Typecho_Db_Exception) {
    285. 

  285.             $code = 500;
    286. 

  286.             @error_log($message);
    287. 

  287. 

  288.             //覆盖原始错误信息
    289. 

  289.             $message = 'Database Server Error';
    290. 

  290. 

  291.             if ($exception instanceof Typecho_Db_Adapter_Exception) {
    292. 

  292.                 $code = 503;
    293. 

  293.                 $message = 'Error establishing a database connection';
    294. 

  294.             } else if ($exception instanceof Typecho_Db_Query_Exception) {
    295. 

  295.                 $message = 'Database Query Error';
    296. 

  296.             }
    297. 

  297.         } else {
    298. 

  298.             switch ($code) {
    299. 

  299.                 case 500:
    300. 

  300.                     $message = 'Server Error';
    301. 

  301.                     break;
    302. 

  302. 

  303.                 case 404:
    304. 

  304.                     $message = 'Page Not Found';
    305. 

  305.                     break;
    306. 

  306. 

  307.                 default:
    308. 

  308.                     $code = 'Error';
    309. 

  309.                     break;
    310. 

  310.             }
    311. 

  311.         }
    312. 

  312. 

  313. 

  314.         /** 设置http code */
    315. 

  315.         if (is_numeric($code) && $code > 200) {
    316. 

  316.             Typecho_Response::setStatus($code);
    317. 

  317.         }
    318. 

  318. 

  319.         $message = nl2br($message);
    320. 

  320. 

  321.         if (defined('__TYPECHO_EXCEPTION_FILE__')) {
    322. 

  322.             require_once __TYPECHO_EXCEPTION_FILE__;
    323. 

  323.         } else {
    324. 

  324.             echo
    325. 

  325. <<<EOF
    326. 

  326. <!DOCTYPE html>
    327. 

  327. <html lang="en">
    328. 

  328.     <head>
    329. 

  329.         <meta charset="{$charset}">
    330. 

  330.         <title>{$code}</title>
    331. 

  331.         <style>
    332. 

  332.             html {
    333. 

  333.                 padding: 50px 10px;
    334. 

  334.                 font-size: 20px;
    335. 

  335.                 line-height: 1.4;
    336. 

  336.                 color: #666;
    337. 

  337.                 background: #F6F6F3;
    338. 

  338.                 -webkit-text-size-adjust: 100%;
    339. 

  339.                 -ms-text-size-adjust: 100%;
    340. 

  340.             }
    341. 

  341. 

  342.             html,
    343. 

  343.             input { font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; }
    344. 

  344.             body {
    345. 

  345.                 max-width: 500px;
    346. 

  346.                 _width: 500px;
    347. 

  347.                 padding: 30px 20px 50px;
    348. 

  348.                 margin: 0 auto;
    349. 

  349.                 background: #FFF;
    350. 

  350.             }
    351. 

  351.             h1 {
    352. 

  352.                 font-size: 50px;
    353. 

  353.                 text-align: center;
    354. 

  354.             }
    355. 

  355.             h1 span { color: #bbb; }
    356. 

  356.             ul {
    357. 

  357.                 padding: 0 0 0 40px;
    358. 

  358.             }
    359. 

  359.             .container {
    360. 

  360.                 max-width: 380px;
    361. 

  361.                 _width: 380px;
    362. 

  362.                 margin: 0 auto;
    363. 

  363.             }
    364. 

  364.         </style>
    365. 

  365.     </head>
    366. 

  366.     <body>
    367. 

  367.         <div class="container">
    368. 

  368.             <h1>{$code}</h1>
    369. 

  369.             {$message}
    370. 

  370.         </div>
    371. 

  371.     </body>
    372. 

  372. </html>
    373. 

  373. EOF;
    374. 

  374.         }
    375. 

  375. 

  376.         exit;
    377. 

  377.     }
    378. 

  378. 

  379.     /**
    380. 

  380.      * 判断类是否能被加载
    381. 

  381.      * 此函数会遍历所有的include目录, 所以会有一定的性能消耗, 但是不会很大
    382. 

  382.      * 可是我们依然建议你在必须检测一个类能否被加载时使用它, 它通常表现为以下两种情况
    383. 

  383.      * 1. 当需要被加载的类不存在时, 系统不会停止运行 (如果你不判断, 系统会因抛出严重错误而停止)
    384. 

  384.      * 2. 你需要知道哪些类无法被加载, 以提示使用者
    385. 

  385.      * 除了以上情况, 你无需关注那些类无法被加载, 因为当它们不存在时系统会自动停止并报错
    386. 

  386.      *
    387. 

  387.      * @access public
    388. 

  388.      * @param string $className 类名
    389. 

  389.      * @param string $path 指定的路径名称
    390. 

  390.      * @return boolean
    391. 

  391.      */
    392. 

  392.     public static function isAvailableClass($className, $path = NULL)
    393. 

  393.     {
    394. 

  394.         /** 获取所有include目录 */
    395. 

  395.         //增加安全目录检测 fix issue 106
    396. 

  396.         $dirs = array_map('realpath', array_filter(explode(PATH_SEPARATOR, get_include_path()),
    397. 

  397.         array('Typecho_Common', '__safePath')));
    398. 

  398. 

  399.         $file = str_replace('_', '/', $className) . '.php';
    400. 

  400. 

  401.         if (!empty($path)) {
    402. 

  402.             $path = realpath($path);
    403. 

  403.             if (in_array($path, $dirs)) {
    404. 

  404.                 $dirs = array($path);
    405. 

  405.             } else {
    406. 

  406.                 return false;
    407. 

  407.             }
    408. 

  408.         }
    409. 

  409. 

  410.         foreach ($dirs as $dir) {
    411. 

  411.             if (!empty($dir)) {
    412. 

  412.                 if (file_exists($dir . '/' . $file)) {
    413. 

  413.                     return true;
    414. 

  414.                 }
    415. 

  415.             }
    416. 

  416.         }
    417. 

  417. 

  418.         return false;
    419. 

  419.     }
    420. 

  420. 

  421.     /**
    422. 

  422.      * 检测是否在app engine上运行,屏蔽某些功能 
    423. 

  423.      * 
    424. 

  424.      * @static
    425. 

  425.      * @access public
    426. 

  426.      * @return boolean
    427. 

  427.      */
    428. 

  428.     public static function isAppEngine()
    429. 

  429.     {
    430. 

  430.         return !empty($_SERVER['HTTP_APPNAME'])                     // SAE
    431. 

  431.             || !!getenv('HTTP_BAE_ENV_APPID')                       // BAE
    432. 

  432.             || !!getenv('HTTP_BAE_LOGID')                           // BAE 3.0
    433. 

  433.             || (ini_get('acl.app_id') && class_exists('Alibaba'))   // ACE
    434. 

  434.             || (isset($_SERVER['SERVER_SOFTWARE']) && strpos($_SERVER['SERVER_SOFTWARE'],'Google App Engine') !== false) // GAE
    435. 

  435.             ;
    436. 

  436.     }
    437. 

  437. 

  438.     /**
    439. 

  439.      * 递归去掉数组反斜线
    440. 

  440.      *
    441. 

  441.      * @access public
    442. 

  442.      * @param mixed $value
    443. 

  443.      * @return mixed
    444. 

  444.      */
    445. 

  445.     public static function stripslashesDeep($value)
    446. 

  446.     {
    447. 

  447.         return is_array($value) ? array_map(array('Typecho_Common', 'stripslashesDeep'), $value) : stripslashes($value);
    448. 

  448.     }
    449. 

  449. 

  450.     /**
    451. 

  451.      * 抽取多维数组的某个元素,组成一个新数组,使这个数组变成一个扁平数组
    452. 

  452.      * 使用方法:
    453. 

  453.      * <code>
    454. 

  454.      * <?php
    455. 

  455.      * $fruit = array(array('apple' => 2, 'banana' => 3), array('apple' => 10, 'banana' => 12));
    456. 

  456.      * $banana = Typecho_Common::arrayFlatten($fruit, 'banana');
    457. 

  457.      * print_r($banana);
    458. 

  458.      * //outputs: array(0 => 3, 1 => 12);
    459. 

  459.      * ?>
    460. 

  460.      * </code>
    461. 

  461.      *
    462. 

  462.      * @access public
    463. 

  463.      * @param array $value 被处理的数组
    464. 

  464.      * @param string $key 需要抽取的键值
    465. 

  465.      * @return array
    466. 

  466.      */
    467. 

  467.     public static function arrayFlatten(array $value, $key)
    468. 

  468.     {
    469. 

  469.         $result = array();
    470. 

  470. 

  471.         if ($value) {
    472. 

  472.             foreach ($value as $inval) {
    473. 

  473.                 if (is_array($inval) && isset($inval[$key])) {
    474. 

  474.                     $result[] = $inval[$key];
    475. 

  475.                 } else {
    476. 

  476.                     break;
    477. 

  477.                 }
    478. 

  478.             }
    479. 

  479.         }
    480. 

  480. 

  481.         return $result;
    482. 

  482.     }
    483. 

  483. 

  484.     /**
    485. 

  485.      * 根据parse_url的结果重新组合url
    486. 

  486.      *
    487. 

  487.      * @access public
    488. 

  488.      * @param array $params 解析后的参数
    489. 

  489.      * @return string
    490. 

  490.      */
    491. 

  491.     public static function buildUrl($params)
    492. 

  492.     {
    493. 

  493.         return (isset($params['scheme']) ? $params['scheme'] . '://' : NULL)
    494. 

  494.         . (isset($params['user']) ? $params['user'] . (isset($params['pass']) ? ':' . $params['pass'] : NULL) . '@' : NULL)
    495. 

  495.         . (isset($params['host']) ? $params['host'] : NULL)
    496. 

  496.         . (isset($params['port']) ? ':' . $params['port'] : NULL)
    497. 

  497.         . (isset($params['path']) ? $params['path'] : NULL)
    498. 

  498.         . (isset($params['query']) ? '?' . $params['query'] : NULL)
    499. 

  499.         . (isset($params['fragment']) ? '#' . $params['fragment'] : NULL);
    500. 

  500.     }
    501. 

  501. 

  502.     /**
    503. 

  503.      * 根据count数目来输出字符
    504. 

  504.      * <code>
    505. 

  505.      * echo splitByCount(20, 10, 20, 30, 40, 50);
    506. 

  506.      * </code>
    507. 

  507.      *
    508. 

  508.      * @access public
    509. 

  509.      * @param int $count
    510. 

  510.      * @return string
    511. 

  511.      */
    512. 

  512.     public static function splitByCount($count)
    513. 

  513.     {
    514. 

  514.         $sizes = func_get_args();
    515. 

  515.         array_shift($sizes);
    516. 

  516. 

  517.         foreach ($sizes as $size) {
    518. 

  518.             if ($count < $size) {
    519. 

  519.                 return $size;
    520. 

  520.             }
    521. 

  521.         }
    522. 

  522. 

  523.         return 0;
    524. 

  524.     }
    525. 

  525. 

  526.     /**
    527. 

  527.      * 自闭合html修复函数
    528. 

  528.      * 使用方法:
    529. 

  529.      * <code>
    530. 

  530.      * $input = '这是一段被截断的html文本<a href="#"';
    531. 

  531.      * echo Typecho_Common::fixHtml($input);
    532. 

  532.      * //output: 这是一段被截断的html文本
    533. 

  533.      * </code>
    534. 

  534.      *
    535. 

  535.      * @access public
    536. 

  536.      * @param string $string 需要修复处理的字符串
    537. 

  537.      * @return string
    538. 

  538.      */
    539. 

  539.     public static function fixHtml($string)
    540. 

  540.     {
    541. 

  541.         //关闭自闭合标签
    542. 

  542.         $startPos = strrpos($string, "<");
    543. 

  543. 

  544.         if (false == $startPos) {
    545. 

  545.             return $string;
    546. 

  546.         }
    547. 

  547. 

  548.         $trimString = substr($string, $startPos);
    549. 

  549. 

  550.         if (false === strpos($trimString, ">")) {
    551. 

  551.             $string = substr($string, 0, $startPos);
    552. 

  552.         }
    553. 

  553. 

  554.         //非自闭合html标签列表
    555. 

  555.         preg_match_all("/<([_0-9a-zA-Z-\:]+)\s*([^>]*)>/is", $string, $startTags);
    556. 

  556.         preg_match_all("/<\/([_0-9a-zA-Z-\:]+)>/is", $string, $closeTags);
    557. 

  557. 

  558.         if (!empty($startTags[1]) && is_array($startTags[1])) {
    559. 

  559.             krsort($startTags[1]);
    560. 

  560.             $closeTagsIsArray = is_array($closeTags[1]);
    561. 

  561.             foreach ($startTags[1] as $key => $tag) {
    562. 

  562.                 $attrLength = strlen($startTags[2][$key]);
    563. 

  563.                 if ($attrLength > 0 && "/" == trim($startTags[2][$key][$attrLength - 1])) {
    564. 

  564.                     continue;
    565. 

  565.                 }
    566. 

  566.                 if (!empty($closeTags[1]) && $closeTagsIsArray) {
    567. 

  567.                     if (false !== ($index = array_search($tag, $closeTags[1]))) {
    568. 

  568.                         unset($closeTags[1][$index]);
    569. 

  569.                         continue;
    570. 

  570.                     }
    571. 

  571.                 }
    572. 

  572.                 $string .= "</{$tag}>";
    573. 

  573.             }
    574. 

  574.         }
    575. 

  575. 

  576.         return preg_replace("/\<br\s*\/\>\s*\<\/p\>/is", '</p>', $string);
    577. 

  577.     }
    578. 

  578. 

  579.     /**
    580. 

  580.      * 去掉字符串中的html标签
    581. 

  581.      * 使用方法:
    582. 

  582.      * <code>
    583. 

  583.      * $input = '<a href="http://test/test.php" title="example">hello</a>';
    584. 

  584.      * $output = Typecho_Common::stripTags($input, <a href="">);
    585. 

  585.      * echo $output;
    586. 

  586.      * //display: '<a href="http://test/test.php">hello</a>'
    587. 

  587.      * </code>
    588. 

  588.      *
    589. 

  589.      * @access public
    590. 

  590.      * @param string $html 需要处理的字符串
    591. 

  591.      * @param string $allowableTags 需要忽略的html标签
    592. 

  592.      * @return string
    593. 

  593.      */
    594. 

  594.     public static function stripTags($html, $allowableTags = NULL)
    595. 

  595.     {
    596. 

  596.         $normalizeTags = '';
    597. 

  597.         $allowableAttributes = array();
    598. 

  598. 

  599.         if (!empty($allowableTags) && preg_match_all("/\<([_a-z0-9-]+)([^>]*)\>/is", $allowableTags, $tags)) {
    600. 

  600.             $normalizeTags = '<' . implode('><', array_map('strtolower', $tags[1])) . '>';
    601. 

  601.             $attributes = array_map('trim', $tags[2]);
    602. 

  602.             foreach ($attributes as $key => $val) {
    603. 

  603.                 $allowableAttributes[strtolower($tags[1][$key])] = 
    604. 

  604.                     array_map('strtolower', array_keys(self::__parseAttrs($val)));
    605. 

  605.             }
    606. 

  606.         }
    607. 

  607. 

  608.         self::$_allowableAttributes = $allowableAttributes;
    609. 

  609.         $html = strip_tags($html, $normalizeTags);
    610. 

  610.         $html = preg_replace_callback("/<([_a-z0-9-]+)(\s+[^>]+)?>/is",
    611. 

  611.             array('Typecho_Common', '__filterAttrs'), $html);
    612. 

  612. 

  613.         return $html;
    614. 

  614.     }
    615. 

  615. 

  616.     /**
    617. 

  617.      * 过滤用于搜索的字符串
    618. 

  618.      *
    619. 

  619.      * @access public
    620. 

  620.      * @param string $query 搜索字符串
    621. 

  621.      * @return string
    622. 

  622.      */
    623. 

  623.     public static function filterSearchQuery($query)
    624. 

  624.     {
    625. 

  625.         return str_replace('-', ' ', self::slugName($query));
    626. 

  626.     }
    627. 

  627. 

  628.     /**
    629. 

  629.      * 将url中的非法字符串
    630. 

  630.      *
    631. 

  631.      * @param string $url 需要过滤的url
    632. 

  632.      * @return string
    633. 

  633.      */
    634. 

  634.     public static function safeUrl($url)
    635. 

  635.     {
    636. 

  636.         //~ 针对location的xss过滤, 因为其特殊性无法使用removeXSS函数
    637. 

  637.         //~ fix issue 66
    638. 

  638.         $params = parse_url(str_replace(array("\r", "\n", "\t", ' '), '', $url));
    639. 

  639. 

  640.         /** 禁止非法的协议跳转 */
    641. 

  641.         if (isset($params['scheme'])) {
    642. 

  642.             if (!in_array($params['scheme'], array('http', 'https'))) {
    643. 

  643.                 return '/';
    644. 

  644.             }
    645. 

  645.         }
    646. 

  646. 

  647.         /** 过滤解析串 */
    648. 

  648.         $params = array_map(array('Typecho_Common', '__removeUrlXss'), $params);
    649. 

  649.         return self::buildUrl($params);
    650. 

  650.     }
    651. 

  651. 

  652.     /**
    653. 

  653.      * 处理XSS跨站攻击的过滤函数
    654. 

  654.      *
    655. 

  655.      * @author kallahar@kallahar.com
    656. 

  656.      * @link http://kallahar.com/smallprojects/php_xss_filter_function.php
    657. 

  657.      * @access public
    658. 

  658.      * @param string $val 需要处理的字符串
    659. 

  659.      * @return string
    660. 

  660.      */
    661. 

  661.     public static function removeXSS($val)
    662. 

  662.     {
    663. 

  663.        // remove all non-printable characters. CR(0a) and LF(0b) and TAB(9) are allowed
    664. 

  664.        // this prevents some character re-spacing such as <java\0script>
    665. 

  665.        // note that you have to handle splits with \n, \r, and \t later since they *are* allowed in some inputs
    666. 

  666.        $val = preg_replace('/([\x00-\x08]|[\x0b-\x0c]|[\x0e-\x19])/', '', $val);
    667. 

  667. 

  668.        // straight replacements, the user should never need these since they're normal characters
    669. 

  669.        // this prevents like <IMG SRC=&#X40&#X61&#X76&#X61&#X73&#X63&#X72&#X69&#X70&#X74&#X3A&#X61&#X6C&#X65&#X72&#X74&#X28&#X27&#X58&#X53&#X53&#X27&#X29>
    670. 

  670.        $search = 'abcdefghijklmnopqrstuvwxyz';
    671. 

  671.        $search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
    672. 

  672.        $search .= '1234567890!@#$%^&*()';
    673. 

  673.        $search .= '~`";:?+/={}[]-_|\'\\';
    674. 

  674. 

  675.        for ($i = 0; $i < strlen($search); $i++) {
    676. 

  676.           // ;? matches the ;, which is optional
    677. 

  677.           // 0{0,7} matches any padded zeros, which are optional and go up to 8 chars
    678. 

  678. 

  679.           // &#x0040 @ search for the hex values
    680. 

  680.           $val = preg_replace('/(&#[xX]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val); // with a ;
    681. 

  681.           // &#00064 @ 0{0,7} matches '0' zero to seven times
    682. 

  682.           $val = preg_replace('/(&#0{0,8}'.ord($search[$i]).';?)/', $search[$i], $val); // with a ;
    683. 

  683.        }
    684. 

  684. 

  685.        // now the only remaining whitespace attacks are \t, \n, and \r
    686. 

  686.        $ra1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base');
    687. 

  687.        $ra2 = Array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload');
    688. 

  688.        $ra = array_merge($ra1, $ra2);
    689. 

  689. 

  690.        $found = true; // keep replacing as long as the previous round replaced something
    691. 

  691.        while ($found == true) {
    692. 

  692.           $val_before = $val;
    693. 

  693.           for ($i = 0; $i < sizeof($ra); $i++) {
    694. 

  694.              $pattern = '/';
    695. 

  695.              for ($j = 0; $j < strlen($ra[$i]); $j++) {
    696. 

  696.                 if ($j > 0) {
    697. 

  697.                    $pattern .= '(';
    698. 

  698.                    $pattern .= '(&#[xX]0{0,8}([9ab]);)';
    699. 

  699.                    $pattern .= '|';
    700. 

  700.                    $pattern .= '|(&#0{0,8}([9|10|13]);)';
    701. 

  701.                    $pattern .= ')*';
    702. 

  702.                 }
    703. 

  703.                 $pattern .= $ra[$i][$j];
    704. 

  704.              }
    705. 

  705.              $pattern .= '/i';
    706. 

  706.              $replacement = substr($ra[$i], 0, 2).'<x>'.substr($ra[$i], 2); // add in <> to nerf the tag
    707. 

  707.              $val = preg_replace($pattern, $replacement, $val); // filter out the hex tags
    708. 

  708. 

  709.              if ($val_before == $val) {
    710. 

  710.                 // no replacements were made, so exit the loop
    711. 

  711.                 $found = false;
    712. 

  712.              }
    713. 

  713.           }
    714. 

  714.        }
    715. 

  715. 

  716.        return $val;
    717. 

  717.     }
    718. 

  718. 

  719.     /**
    720. 

  720.      * 宽字符串截字函数
    721. 

  721.      *
    722. 

  722.      * @access public
    723. 

  723.      * @param string $str 需要截取的字符串
    724. 

  724.      * @param integer $start 开始截取的位置
    725. 

  725.      * @param integer $length 需要截取的长度
    726. 

  726.      * @param string $trim 截取后的截断标示符
    727. 

  727.      * @return string
    728. 

  728.      */
    729. 

  729.     public static function subStr($str, $start, $length, $trim = "...")
    730. 

  730.     {
    731. 

  731.         if (!strlen($str)) {
    732. 

  732.             return '';
    733. 

  733.         }
    734. 

  734. 

  735.         $iLength = self::strLen($str) - $start;
    736. 

  736.         $tLength = $length < $iLength ? ($length - self::strLen($trim)) : $length;
    737. 

  737. 

  738.         if (__TYPECHO_MB_SUPPORTED__) {
    739. 

  739.             $str = mb_substr($str, $start, $tLength, self::$charset);
    740. 

  740.         } else {
    741. 

  741.             if ('UTF-8' == strtoupper(self::$charset)) {
    742. 

  742.                 if (preg_match_all("/./u", $str, $matches)) {
    743. 

  743.                     $str = implode('', array_slice($matches[0], $start, $tLength));
    744. 

  744.                 }
    745. 

  745.             } else {
    746. 

  746.                 $str = substr($str, $start, $tLength);
    747. 

  747.             }
    748. 

  748.         }
    749. 

  749.         
    750. 

  750.         return $length < $iLength ? ($str . $trim) : $str;
    751. 

  751.     }
    752. 

  752. 

  753.     /**
    754. 

  754.      * 获取宽字符串长度函数
    755. 

  755.      *
    756. 

  756.      * @access public
    757. 

  757.      * @param string $str 需要获取长度的字符串
    758. 

  758.      * @return integer
    759. 

  759.      */
    760. 

  760.     public static function strLen($str)
    761. 

  761.     {
    762. 

  762.         if (__TYPECHO_MB_SUPPORTED__) {
    763. 

  763.             return mb_strlen($str, self::$charset);
    764. 

  764.         } else {
    765. 

  765.             return 'UTF-8' == strtoupper(self::$charset) 
    766. 

  766.                 ? strlen(utf8_decode($str)) : strlen($str);
    767. 

  767.         }
    768. 

  768.     }
    769. 

  769. 

  770.     /**
    771. 

  771.      * 检查是否为合法的编码数据
    772. 

  772.      *
    773. 

  773.      * @param string|array $str
    774. 

  774.      * @return boolean
    775. 

  775.      */
    776. 

  776.     public static function checkStrEncoding($str)
    777. 

  777.     {
    778. 

  778.         if (is_array($str)) {
    779. 

  779.             return array_map(array('Typecho_Common', 'checkStrEncoding'), $str);
    780. 

  780.         }
    781. 

  781. 

  782.         if (__TYPECHO_MB_SUPPORTED__) {
    783. 

  783.             return mb_check_encoding($str, self::$charset);
    784. 

  784.         } else {
    785. 

  785.             // just support utf-8
    786. 

  786.             return preg_match('//u', $str);
    787. 

  787.         }
    788. 

  788.     }
    789. 

  789. 

  790.     /**
    791. 

  791.      * 生成缩略名
    792. 

  792.      *
    793. 

  793.      * @access public
    794. 

  794.      * @param string $str 需要生成缩略名的字符串
    795. 

  795.      * @param string $default 默认的缩略名
    796. 

  796.      * @param integer $maxLength 缩略名最大长度
    797. 

  797.      * @return string
    798. 

  798.      */
    799. 

  799.     public static function slugName($str, $default = NULL, $maxLength = 128)
    800. 

  800.     {
    801. 

  801.         $str = trim($str);
    802. 

  802. 

  803.         if (!strlen($str)) {
    804. 

  804.             return $default;
    805. 

  805.         }
    806. 

  806.         
    807. 

  807.         if (__TYPECHO_MB_SUPPORTED__) {
    808. 

  808.             mb_regex_encoding(self::$charset);
    809. 

  809.             mb_ereg_search_init($str, "[\w" . preg_quote('_-') . "]+");
    810. 

  810.             $result = mb_ereg_search();
    811. 

  811.             $return = '';
    812. 

  812. 

  813.             if ($result) {
    814. 

  814.                 $regs = mb_ereg_search_getregs();
    815. 

  815.                 $pos = 0;
    816. 

  816.                 do {
    817. 

  817.                     $return .= ($pos > 0 ? '-' : '') . $regs[0];
    818. 

  818.                     $pos ++;
    819. 

  819.                 } while ($regs = mb_ereg_search_regs());
    820. 

  820.             }
    821. 

  821. 

  822.             $str = $return;
    823. 

  823.         } else if ('UTF-8' == strtoupper(self::$charset)) {
    824. 

  824.             if (preg_match_all("/[\w" . preg_quote('_-') . "]+/u", $str, $matches)) {
    825. 

  825.                 $str = implode('-', $matches[0]);
    826. 

  826.             }
    827. 

  827.         } else {
    828. 

  828.             $str = str_replace(array("'", ":", "\\", "/", '"'), "", $str);
    829. 

  829.             $str = str_replace(array("+", ",", ' ', ',', ' ', ".", "?", "=", "&", "!", "<", ">", "(", ")", "[", "]", "{", "}"), "-", $str);
    830. 

  830.         }
    831. 

  831. 

  832.         $str = trim($str, '-_');
    833. 

  833.         $str = !strlen($str) ? $default : $str;
    834. 

  834.         return substr($str, 0, $maxLength);
    835. 

  835.     }
    836. 

  836. 

  837.     /**
    838. 

  838.      * 去掉html中的分段
    839. 

  839.      *
    840. 

  840.      * @access public
    841. 

  841.      * @param string $html 输入串
    842. 

  842.      * @return string
    843. 

  843.      */
    844. 

  844.     public static function removeParagraph($html)
    845. 

  845.     {
    846. 

  846.         /** 锁定标签 */
    847. 

  847.         $html = self::lockHTML($html);
    848. 

  848.         $html = str_replace(array("\r", "\n"), '', $html);
    849. 

  849.     
    850. 

  850.         $html = trim(preg_replace(
    851. 

  851.         array("/\s*<p>(.*?)<\/p>\s*/is", "/\s*<br\s*\/>\s*/is",
    852. 

  852.         "/\s*<(div|blockquote|pre|code|script|table|fieldset|ol|ul|dl|h[1-6])([^>]*)>/is",
    853. 

  853.         "/<\/(div|blockquote|pre|code|script|table|fieldset|ol|ul|dl|h[1-6])>\s*/is", "/\s*<\!--more-->\s*/is"),
    854. 

  854.         array("\n\\1\n", "\n", "\n\n<\\1\\2>", "</\\1>\n\n", "\n\n<!--more-->\n\n"),
    855. 

  855.         $html));
    856. 

  856.         
    857. 

  857.         return trim(self::releaseHTML($html));
    858. 

  858.     }
    859. 

  859.     
    860. 

  860.     /**
    861. 

  861.      * 锁定标签
    862. 

  862.      * 
    863. 

  863.      * @access public
    864. 

  864.      * @param string $html 输入串
    865. 

  865.      * @return string
    866. 

  866.      */
    867. 

  867.     public static function lockHTML($html)
    868. 

  868.     {
    869. 

  869.         return preg_replace_callback("/<(code|pre|script)[^>]*>.*?<\/\\1>/is", array('Typecho_Common', '__lockHTML'), $html);
    870. 

  870.     }
    871. 

  871.     
    872. 

  872.     /**
    873. 

  873.      * 释放标签
    874. 

  874.      * 
    875. 

  875.      * @access public
    876. 

  876.      * @param string $html 输入串
    877. 

  877.      * @return string
    878. 

  878.      */
    879. 

  879.     public static function releaseHTML($html)
    880. 

  880.     {
    881. 

  881.         $html = trim(str_replace(array_keys(self::$_lockedBlocks), array_values(self::$_lockedBlocks), $html));
    882. 

  882.         self::$_lockedBlocks = array('<p></p>' => '');
    883. 

  883.         return $html;
    884. 

  884.     }
    885. 

  885.     
    886. 

  886.     /**
    887. 

  887.      * 文本分段函数
    888. 

  888.      *
    889. 

  889.      * @param string $string 需要分段的字符串
    890. 

  890.      * @return string
    891. 

  891.      */
    892. 

  892.     public static function cutParagraph($string)
    893. 

  893.     {
    894. 

  894.         static $loaded;
    895. 

  895.         if (!$loaded) {
    896. 

  896.             $loaded = true;
    897. 

  897.         }
    898. 

  898.         
    899. 

  899.         return Typecho_Common_Paragraph::process($string);
    900. 

  900.     }
    901. 

  901. 

  902.     /**
    903. 

  903.      * 生成随机字符串
    904. 

  904.      *
    905. 

  905.      * @access public
    906. 

  906.      * @param integer $length 字符串长度
    907. 

  907.      * @param boolean $specialChars 是否有特殊字符
    908. 

  908.      * @return string
    909. 

  909.      */
    910. 

  910.     public static function randString($length, $specialChars = false)
    911. 

  911.     {
    912. 

  912.         $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
    913. 

  913.         if ($specialChars) {
    914. 

  914.             $chars .= '!@#$%^&*()';
    915. 

  915.         }
    916. 

  916. 

  917.         $result = '';
    918. 

  918.         $max = strlen($chars) - 1;
    919. 

  919.         for ($i = 0; $i < $length; $i++) {
    920. 

  920.             $result .= $chars[rand(0, $max)];
    921. 

  921.         }
    922. 

  922.         return $result;
    923. 

  923.     }
    924. 

  924. 

  925.     /**
    926. 

  926.      * 对字符串进行hash加密
    927. 

  927.      *
    928. 

  928.      * @access public
    929. 

  929.      * @param string $string 需要hash的字符串
    930. 

  930.      * @param string $salt 扰码
    931. 

  931.      * @return string
    932. 

  932.      */
    933. 

  933.     public static function hash($string, $salt = NULL)
    934. 

  934.     {
    935. 

  935.         /** 生成随机字符串 */
    936. 

  936.         $salt = empty($salt) ? self::randString(9) : $salt;
    937. 

  937.         $length = strlen($string);
    938. 

  938.         $hash = '';
    939. 

  939.         $last = ord($string[$length - 1]);
    940. 

  940.         $pos = 0;
    941. 

  941. 

  942.         /** 判断扰码长度 */
    943. 

  943.         if (strlen($salt) != 9) {
    944. 

  944.             /** 如果不是9直接返回 */
    945. 

  945.             return;
    946. 

  946.         }
    947. 

  947. 

  948.         while ($pos < $length) {
    949. 

  949.             $asc = ord($string[$pos]);
    950. 

  950.             $last = ($last * ord($salt[($last % $asc) % 9]) + $asc) % 95 + 32;
    951. 

  951.             $hash .= chr($last);
    952. 

  952.             $pos ++;
    953. 

  953.         }
    954. 

  954. 

  955.         return '$T$' . $salt . md5($hash);
    956. 

  956.     }
    957. 

  957. 

  958.     /**
    959. 

  959.      * 判断hash值是否相等
    960. 

  960.      *
    961. 

  961.      * @access public
    962. 

  962.      * @param string $from 源字符串
    963. 

  963.      * @param string $to 目标字符串
    964. 

  964.      * @return boolean
    965. 

  965.      */
    966. 

  966.     public static function hashValidate($from, $to)
    967. 

  967.     {
    968. 

  968.         if ('$T$' == substr($to, 0, 3)) {
    969. 

  969.             $salt = substr($to, 3, 9);
    970. 

  970.             return self::hash($from, $salt) === $to;
    971. 

  971.         } else {
    972. 

  972.             return md5($from) === $to;
    973. 

  973.         }
    974. 

  974.     }
    975. 

  975. 

  976.     /**
    977. 

  977.      * 将路径转化为链接
    978. 

  978.      *
    979. 

  979.      * @access public
    980. 

  980.      * @param string $path 路径
    981. 

  981.      * @param string $prefix 前缀
    982. 

  982.      * @return string
    983. 

  983.      */
    984. 

  984.     public static function url($path, $prefix)
    985. 

  985.     {
    986. 

  986.         $path = (0 === strpos($path, './')) ? substr($path, 2) : $path;
    987. 

  987.         return rtrim($prefix, '/') . '/' . str_replace('//', '/', ltrim($path, '/'));
    988. 

  988.     }
    989. 

  989. 

  990.     /**
    991. 

  991.      * 获取图片
    992. 

  992.      *
    993. 

  993.      * @access public
    994. 

  994.      * @param string $fileName 文件名
    995. 

  995.      * @return string
    996. 

  996.      */
    997. 

  997.     public static function mimeContentType($fileName)
    998. 

  998.     {
    999. 

  999.         //改为并列判断
    1000. 

  1000.         if (function_exists('mime_content_type')) {
    1001. 

  1001.             return mime_content_type($fileName);
    1002. 

  1002.         }
    1003. 

  1003. 

  1004.         if (function_exists('finfo_open')) {
    1005. 

  1005.             $fInfo = @finfo_open(FILEINFO_MIME);
    1006. 

  1006. 

  1007.             if (false !== $fInfo) {
    1008. 

  1008.                 $mimeType = finfo_file($fInfo, $fileName);
    1009. 

  1009.                 finfo_close($fInfo);
    1010. 

  1010.                 return $mimeType;
    1011. 

  1011.             }
    1012. 

  1012.         }
    1013. 

  1013. 

  1014.         $mimeTypes = array(
    1015. 

  1015.           'ez' => 'application/andrew-inset',
    1016. 

  1016.           'csm' => 'application/cu-seeme',
    1017. 

  1017.           'cu' => 'application/cu-seeme',
    1018. 

  1018.           'tsp' => 'application/dsptype',
    1019. 

  1019.           'spl' => 'application/x-futuresplash',
    1020. 

  1020.           'hta' => 'application/hta',
    1021. 

  1021.           'cpt' => 'image/x-corelphotopaint',
    1022. 

  1022.           'hqx' => 'application/mac-binhex40',
    1023. 

  1023.           'nb' => 'application/mathematica',
    1024. 

  1024.           'mdb' => 'application/msaccess',
    1025. 

  1025.           'doc' => 'application/msword',
    1026. 

  1026.           'dot' => 'application/msword',
    1027. 

  1027.           'bin' => 'application/octet-stream',
    1028. 

  1028.           'oda' => 'application/oda',
    1029. 

  1029.           'ogg' => 'application/ogg',
    1030. 

  1030.           'prf' => 'application/pics-rules',
    1031. 

  1031.           'key' => 'application/pgp-keys',
    1032. 

  1032.           'pdf' => 'application/pdf',
    1033. 

  1033.           'pgp' => 'application/pgp-signature',
    1034. 

  1034.           'ps' => 'application/postscript',
    1035. 

  1035.           'ai' => 'application/postscript',
    1036. 

  1036.           'eps' => 'application/postscript',
    1037. 

  1037.           'rss' => 'application/rss+xml',
    1038. 

  1038.           'rtf' => 'text/rtf',
    1039. 

  1039.           'smi' => 'application/smil',
    1040. 

  1040.           'smil' => 'application/smil',
    1041. 

  1041.           'wp5' => 'application/wordperfect5.1',
    1042. 

  1042.           'xht' => 'application/xhtml+xml',
    1043. 

  1043.           'xhtml' => 'application/xhtml+xml',
    1044. 

  1044.           'zip' => 'application/zip',
    1045. 

  1045.           'cdy' => 'application/vnd.cinderella',
    1046. 

  1046.           'mif' => 'application/x-mif',
    1047. 

  1047.           'xls' => 'application/vnd.ms-excel',
    1048. 

  1048.           'xlb' => 'application/vnd.ms-excel',
    1049. 

  1049.           'cat' => 'application/vnd.ms-pki.seccat',
    1050. 

  1050.           'stl' => 'application/vnd.ms-pki.stl',
    1051. 

  1051.           'ppt' => 'application/vnd.ms-powerpoint',
    1052. 

  1052.           'pps' => 'application/vnd.ms-powerpoint',
    1053. 

  1053.           'pot' => 'application/vnd.ms-powerpoint',
    1054. 

  1054.           'sdc' => 'application/vnd.stardivision.calc',
    1055. 

  1055.           'sda' => 'application/vnd.stardivision.draw',
    1056. 

  1056.           'sdd' => 'application/vnd.stardivision.impress',
    1057. 

  1057.           'sdp' => 'application/vnd.stardivision.impress',
    1058. 

  1058.           'smf' => 'application/vnd.stardivision.math',
    1059. 

  1059.           'sdw' => 'application/vnd.stardivision.writer',
    1060. 

  1060.           'vor' => 'application/vnd.stardivision.writer',
    1061. 

  1061.           'sgl' => 'application/vnd.stardivision.writer-global',
    1062. 

  1062.           'sxc' => 'application/vnd.sun.xml.calc',
    1063. 

  1063.           'stc' => 'application/vnd.sun.xml.calc.template',
    1064. 

  1064.           'sxd' => 'application/vnd.sun.xml.draw',
    1065. 

  1065.           'std' => 'application/vnd.sun.xml.draw.template',
    1066. 

  1066.           'sxi' => 'application/vnd.sun.xml.impress',
    1067. 

  1067.           'sti' => 'application/vnd.sun.xml.impress.template',
    1068. 

  1068.           'sxm' => 'application/vnd.sun.xml.math',
    1069. 

  1069.           'sxw' => 'application/vnd.sun.xml.writer',
    1070. 

  1070.           'sxg' => 'application/vnd.sun.xml.writer.global',
    1071. 

  1071.           'stw' => 'application/vnd.sun.xml.writer.template',
    1072. 

  1072.           'sis' => 'application/vnd.symbian.install',
    1073. 

  1073.           'wbxml' => 'application/vnd.wap.wbxml',
    1074. 

  1074.           'wmlc' => 'application/vnd.wap.wmlc',
    1075. 

  1075.           'wmlsc' => 'application/vnd.wap.wmlscriptc',
    1076. 

  1076.           'wk' => 'application/x-123',
    1077. 

  1077.           'dmg' => 'application/x-apple-diskimage',
    1078. 

  1078.           'bcpio' => 'application/x-bcpio',
    1079. 

  1079.           'torrent' => 'application/x-bittorrent',
    1080. 

  1080.           'cdf' => 'application/x-cdf',
    1081. 

  1081.           'vcd' => 'application/x-cdlink',
    1082. 

  1082.           'pgn' => 'application/x-chess-pgn',
    1083. 

  1083.           'cpio' => 'application/x-cpio',
    1084. 

  1084.           'csh' => 'text/x-csh',
    1085. 

  1085.           'deb' => 'application/x-debian-package',
    1086. 

  1086.           'dcr' => 'application/x-director',
    1087. 

  1087.           'dir' => 'application/x-director',
    1088. 

  1088.           'dxr' => 'application/x-director',
    1089. 

  1089.           'wad' => 'application/x-doom',
    1090. 

  1090.           'dms' => 'application/x-dms',
    1091. 

  1091.           'dvi' => 'application/x-dvi',
    1092. 

  1092.           'pfa' => 'application/x-font',
    1093. 

  1093.           'pfb' => 'application/x-font',
    1094. 

  1094.           'gsf' => 'application/x-font',
    1095. 

  1095.           'pcf' => 'application/x-font',
    1096. 

  1096.           'pcf.Z' => 'application/x-font',
    1097. 

  1097.           'gnumeric' => 'application/x-gnumeric',
    1098. 

  1098.           'sgf' => 'application/x-go-sgf',
    1099. 

  1099.           'gcf' => 'application/x-graphing-calculator',
    1100. 

  1100.           'gtar' => 'application/x-gtar',
    1101. 

  1101.           'tgz' => 'application/x-gtar',
    1102. 

  1102.           'taz' => 'application/x-gtar',
    1103. 

  1103.           'gz'  => 'application/x-gtar',
    1104. 

  1104.           'hdf' => 'application/x-hdf',
    1105. 

  1105.           'phtml' => 'application/x-httpd-php',
    1106. 

  1106.           'pht' => 'application/x-httpd-php',
    1107. 

  1107.           'php' => 'application/x-httpd-php',
    1108. 

  1108.           'phps' => 'application/x-httpd-php-source',
    1109. 

  1109.           'php3' => 'application/x-httpd-php3',
    1110. 

  1110.           'php3p' => 'application/x-httpd-php3-preprocessed',
    1111. 

  1111.           'php4' => 'application/x-httpd-php4',
    1112. 

  1112.           'ica' => 'application/x-ica',
    1113. 

  1113.           'ins' => 'application/x-internet-signup',
    1114. 

  1114.           'isp' => 'application/x-internet-signup',
    1115. 

  1115.           'iii' => 'application/x-iphone',
    1116. 

  1116.           'jar' => 'application/x-java-archive',
    1117. 

  1117.           'jnlp' => 'application/x-java-jnlp-file',
    1118. 

  1118.           'ser' => 'application/x-java-serialized-object',
    1119. 

  1119.           'class' => 'application/x-java-vm',
    1120. 

  1120.           'js' => 'application/x-javascript',
    1121. 

  1121.           'chrt' => 'application/x-kchart',
    1122. 

  1122.           'kil' => 'application/x-killustrator',
    1123. 

  1123.           'kpr' => 'application/x-kpresenter',
    1124. 

  1124.           'kpt' => 'application/x-kpresenter',
    1125. 

  1125.           'skp' => 'application/x-koan',
    1126. 

  1126.           'skd' => 'application/x-koan',
    1127. 

  1127.           'skt' => 'application/x-koan',
    1128. 

  1128.           'skm' => 'application/x-koan',
    1129. 

  1129.           'ksp' => 'application/x-kspread',
    1130. 

  1130.           'kwd' => 'application/x-kword',
    1131. 

  1131.           'kwt' => 'application/x-kword',
    1132. 

  1132.           'latex' => 'application/x-latex',
    1133. 

  1133.           'lha' => 'application/x-lha',
    1134. 

  1134.           'lzh' => 'application/x-lzh',
    1135. 

  1135.           'lzx' => 'application/x-lzx',
    1136. 

  1136.           'frm' => 'application/x-maker',
    1137. 

  1137.           'maker' => 'application/x-maker',
    1138. 

  1138.           'frame' => 'application/x-maker',
    1139. 

  1139.           'fm' => 'application/x-maker',
    1140. 

  1140.           'fb' => 'application/x-maker',
    1141. 

  1141.           'book' => 'application/x-maker',
    1142. 

  1142.           'fbdoc' => 'application/x-maker',
    1143. 

  1143.           'wmz' => 'application/x-ms-wmz',
    1144. 

  1144.           'wmd' => 'application/x-ms-wmd',
    1145. 

  1145.           'com' => 'application/x-msdos-program',
    1146. 

  1146.           'exe' => 'application/x-msdos-program',
    1147. 

  1147.           'bat' => 'application/x-msdos-program',
    1148. 

  1148.           'dll' => 'application/x-msdos-program',
    1149. 

  1149.           'msi' => 'application/x-msi',
    1150. 

  1150.           'nc' => 'application/x-netcdf',
    1151. 

  1151.           'pac' => 'application/x-ns-proxy-autoconfig',
    1152. 

  1152.           'nwc' => 'application/x-nwc',
    1153. 

  1153.           'o' => 'application/x-object',
    1154. 

  1154.           'oza' => 'application/x-oz-application',
    1155. 

  1155.           'pl' => 'application/x-perl',
    1156. 

  1156.           'pm' => 'application/x-perl',
    1157. 

  1157.           'p7r' => 'application/x-pkcs7-certreqresp',
    1158. 

  1158.           'crl' => 'application/x-pkcs7-crl',
    1159. 

  1159.           'qtl' => 'application/x-quicktimeplayer',
    1160. 

  1160.           'rpm' => 'audio/x-pn-realaudio-plugin',
    1161. 

  1161.           'shar' => 'application/x-shar',
    1162. 

  1162.           'swf' => 'application/x-shockwave-flash',
    1163. 

  1163.           'swfl' => 'application/x-shockwave-flash',
    1164. 

  1164.           'sh' => 'text/x-sh',
    1165. 

  1165.           'sit' => 'application/x-stuffit',
    1166. 

  1166.           'sv4cpio' => 'application/x-sv4cpio',
    1167. 

  1167.           'sv4crc' => 'application/x-sv4crc',
    1168. 

  1168.           'tar' => 'application/x-tar',
    1169. 

  1169.           'tcl' => 'text/x-tcl',
    1170. 

  1170.           'tex' => 'text/x-tex',
    1171. 

  1171.           'gf' => 'application/x-tex-gf',
    1172. 

  1172.           'pk' => 'application/x-tex-pk',
    1173. 

  1173.           'texinfo' => 'application/x-texinfo',
    1174. 

  1174.           'texi' => 'application/x-texinfo',
    1175. 

  1175.           '~' => 'application/x-trash',
    1176. 

  1176.           '%' => 'application/x-trash',
    1177. 

  1177.           'bak' => 'application/x-trash',
    1178. 

  1178.           'old' => 'application/x-trash',
    1179. 

  1179.           'sik' => 'application/x-trash',
    1180. 

  1180.           't' => 'application/x-troff',
    1181. 

  1181.           'tr' => 'application/x-troff',
    1182. 

  1182.           'roff' => 'application/x-troff',
    1183. 

  1183.           'man' => 'application/x-troff-man',
    1184. 

  1184.           'me' => 'application/x-troff-me',
    1185. 

  1185.           'ms' => 'application/x-troff-ms',
    1186. 

  1186.           'ustar' => 'application/x-ustar',
    1187. 

  1187.           'src' => 'application/x-wais-source',
    1188. 

  1188.           'wz' => 'application/x-wingz',
    1189. 

  1189.           'crt' => 'application/x-x509-ca-cert',
    1190. 

  1190.           'fig' => 'application/x-xfig',
    1191. 

  1191.           'au' => 'audio/basic',
    1192. 

  1192.           'snd' => 'audio/basic',
    1193. 

  1193.           'mid' => 'audio/midi',
    1194. 

  1194.           'midi' => 'audio/midi',
    1195. 

  1195.           'kar' => 'audio/midi',
    1196. 

  1196.           'mpga' => 'audio/mpeg',
    1197. 

  1197.           'mpega' => 'audio/mpeg',
    1198. 

  1198.           'mp2' => 'audio/mpeg',
    1199. 

  1199.           'mp3' => 'audio/mpeg',
    1200. 

  1200.           'm3u' => 'audio/x-mpegurl',
    1201. 

  1201.           'sid' => 'audio/prs.sid',
    1202. 

  1202.           'aif' => 'audio/x-aiff',
    1203. 

  1203.           'aiff' => 'audio/x-aiff',
    1204. 

  1204.           'aifc' => 'audio/x-aiff',
    1205. 

  1205.           'gsm' => 'audio/x-gsm',
    1206. 

  1206.           'wma' => 'audio/x-ms-wma',
    1207. 

  1207.           'wax' => 'audio/x-ms-wax',
    1208. 

  1208.           'ra' => 'audio/x-realaudio',
    1209. 

  1209.           'rm' => 'audio/x-pn-realaudio',
    1210. 

  1210.           'ram' => 'audio/x-pn-realaudio',
    1211. 

  1211.           'pls' => 'audio/x-scpls',
    1212. 

  1212.           'sd2' => 'audio/x-sd2',
    1213. 

  1213.           'wav' => 'audio/x-wav',
    1214. 

  1214.           'pdb' => 'chemical/x-pdb',
    1215. 

  1215.           'xyz' => 'chemical/x-xyz',
    1216. 

  1216.           'bmp' => 'image/x-ms-bmp',
    1217. 

  1217.           'gif' => 'image/gif',
    1218. 

  1218.           'ief' => 'image/ief',
    1219. 

  1219.           'jpeg' => 'image/jpeg',
    1220. 

  1220.           'jpg' => 'image/jpeg',
    1221. 

  1221.           'jpe' => 'image/jpeg',
    1222. 

  1222.           'pcx' => 'image/pcx',
    1223. 

  1223.           'png' => 'image/png',
    1224. 

  1224.           'svg' => 'image/svg+xml',
    1225. 

  1225.           'svgz' => 'image/svg+xml',
    1226. 

  1226.           'tiff' => 'image/tiff',
    1227. 

  1227.           'tif' => 'image/tiff',
    1228. 

  1228.           'wbmp' => 'image/vnd.wap.wbmp',
    1229. 

  1229.           'ras' => 'image/x-cmu-raster',
    1230. 

  1230.           'cdr' => 'image/x-coreldraw',
    1231. 

  1231.           'pat' => 'image/x-coreldrawpattern',
    1232. 

  1232.           'cdt' => 'image/x-coreldrawtemplate',
    1233. 

  1233.           'djvu' => 'image/x-djvu',
    1234. 

  1234.           'djv' => 'image/x-djvu',
    1235. 

  1235.           'ico' => 'image/x-icon',
    1236. 

  1236.           'art' => 'image/x-jg',
    1237. 

  1237.           'jng' => 'image/x-jng',
    1238. 

  1238.           'psd' => 'image/x-photoshop',
    1239. 

  1239.           'pnm' => 'image/x-portable-anymap',
    1240. 

  1240.           'pbm' => 'image/x-portable-bitmap',
    1241. 

  1241.           'pgm' => 'image/x-portable-graymap',
    1242. 

  1242.           'ppm' => 'image/x-portable-pixmap',
    1243. 

  1243.           'rgb' => 'image/x-rgb',
    1244. 

  1244.           'xbm' => 'image/x-xbitmap',
    1245. 

  1245.           'xpm' => 'image/x-xpixmap',
    1246. 

  1246.           'xwd' => 'image/x-xwindowdump',
    1247. 

  1247.           'igs' => 'model/iges',
    1248. 

  1248.           'iges' => 'model/iges',
    1249. 

  1249.           'msh' => 'model/mesh',
    1250. 

  1250.           'mesh' => 'model/mesh',
    1251. 

  1251.           'silo' => 'model/mesh',
    1252. 

  1252.           'wrl' => 'x-world/x-vrml',
    1253. 

  1253.           'vrml' => 'x-world/x-vrml',
    1254. 

  1254.           'csv' => 'text/comma-separated-values',
    1255. 

  1255.           'css' => 'text/css',
    1256. 

  1256.           '323' => 'text/h323',
    1257. 

  1257.           'htm' => 'text/html',
    1258. 

  1258.           'html' => 'text/html',
    1259. 

  1259.           'uls' => 'text/iuls',
    1260. 

  1260.           'mml' => 'text/mathml',
    1261. 

  1261.           'asc' => 'text/plain',
    1262. 

  1262.           'txt' => 'text/plain',
    1263. 

  1263.           'text' => 'text/plain',
    1264. 

  1264.           'diff' => 'text/plain',
    1265. 

  1265.           'rtx' => 'text/richtext',
    1266. 

  1266.           'sct' => 'text/scriptlet',
    1267. 

  1267.           'wsc' => 'text/scriptlet',
    1268. 

  1268.           'tm' => 'text/texmacs',
    1269. 

  1269.           'ts' => 'text/texmacs',
    1270. 

  1270.           'tsv' => 'text/tab-separated-values',
    1271. 

  1271.           'jad' => 'text/vnd.sun.j2me.app-descriptor',
    1272. 

  1272.           'wml' => 'text/vnd.wap.wml',
    1273. 

  1273.           'wmls' => 'text/vnd.wap.wmlscript',
    1274. 

  1274.           'xml' => 'text/xml',
    1275. 

  1275.           'xsl' => 'text/xml',
    1276. 

  1276.           'h++' => 'text/x-c++hdr',
    1277. 

  1277.           'hpp' => 'text/x-c++hdr',
    1278. 

  1278.           'hxx' => 'text/x-c++hdr',
    1279. 

  1279.           'hh' => 'text/x-c++hdr',
    1280. 

  1280.           'c++' => 'text/x-c++src',
    1281. 

  1281.           'cpp' => 'text/x-c++src',
    1282. 

  1282.           'cxx' => 'text/x-c++src',
    1283. 

  1283.           'cc' => 'text/x-c++src',
    1284. 

  1284.           'h' => 'text/x-chdr',
    1285. 

  1285.           'c' => 'text/x-csrc',
    1286. 

  1286.           'java' => 'text/x-java',
    1287. 

  1287.           'moc' => 'text/x-moc',
    1288. 

  1288.           'p' => 'text/x-pascal',
    1289. 

  1289.           'pas' => 'text/x-pascal',
    1290. 

  1290.           '***' => 'text/x-pcs-***',
    1291. 

  1291.           'shtml' => 'text/x-server-parsed-html',
    1292. 

  1292.           'etx' => 'text/x-setext',
    1293. 

  1293.           'tk' => 'text/x-tcl',
    1294. 

  1294.           'ltx' => 'text/x-tex',
    1295. 

  1295.           'sty' => 'text/x-tex',
    1296. 

  1296.           'cls' => 'text/x-tex',
    1297. 

  1297.           'vcs' => 'text/x-vcalendar',
    1298. 

  1298.           'vcf' => 'text/x-vcard',
    1299. 

  1299.           'dl' => 'video/dl',
    1300. 

  1300.           'fli' => 'video/fli',
    1301. 

  1301.           'gl' => 'video/gl',
    1302. 

  1302.           'mpeg' => 'video/mpeg',
    1303. 

  1303.           'mpg' => 'video/mpeg',
    1304. 

  1304.           'mpe' => 'video/mpeg',
    1305. 

  1305.           'qt' => 'video/quicktime',
    1306. 

  1306.           'mov' => 'video/quicktime',
    1307. 

  1307.           'mxu' => 'video/vnd.mpegurl',
    1308. 

  1308.           'dif' => 'video/x-dv',
    1309. 

  1309.           'dv' => 'video/x-dv',
    1310. 

  1310.           'lsf' => 'video/x-la-asf',
    1311. 

  1311.           'lsx' => 'video/x-la-asf',
    1312. 

  1312.           'mng' => 'video/x-mng',
    1313. 

  1313.           'asf' => 'video/x-ms-asf',
    1314. 

  1314.           'asx' => 'video/x-ms-asf',
    1315. 

  1315.           'wm' => 'video/x-ms-wm',
    1316. 

  1316.           'wmv' => 'video/x-ms-wmv',
    1317. 

  1317.           'wmx' => 'video/x-ms-wmx',
    1318. 

  1318.           'wvx' => 'video/x-ms-wvx',
    1319. 

  1319.           'avi' => 'video/x-msvideo',
    1320. 

  1320.           'movie' => 'video/x-sgi-movie',
    1321. 

  1321.           'ice' => 'x-conference/x-cooltalk',
    1322. 

  1322.           'vrm' => 'x-world/x-vrml',
    1323. 

  1323.           'rar' => 'application/x-rar-compressed',
    1324. 

  1324.           'cab' => 'application/vnd.ms-cab-compressed'
    1325. 

  1325.         );
    1326. 

  1326. 

  1327.         $part = explode('.', $fileName);
    1328. 

  1328.         $size = count($part);
    1329. 

  1329. 

  1330.         if ($size > 1) {
    1331. 

  1331.             $ext = $part[$size - 1];
    1332. 

  1332.             if (isset($mimeTypes[$ext])) {
    1333. 

  1333.                 return $mimeTypes[$ext];
    1334. 

  1334.             }
    1335. 

  1335.         }
    1336. 

  1336. 

  1337.         return 'application/octet-stream';
    1338. 

  1338.     }
    1339. 

  1339. 

  1340.     /**
    1341. 

  1341.      * 寻找匹配的mime图标
    1342. 

  1342.      *
    1343. 

  1343.      * @access public
    1344. 

  1344.      * @param string $mime mime类型
    1345. 

  1345.      * @return string
    1346. 

  1346.      */
    1347. 

  1347.     public static function mimeIconType($mime)
    1348. 

  1348.     {
    1349. 

  1349.         $parts = explode('/', $mime);
    1350. 

  1350. 

  1351.         if (count($parts) < 2) {
    1352. 

  1352.             return 'unknown';
    1353. 

  1353.         }
    1354. 

  1354. 

  1355.         list ($type, $stream) = $parts;
    1356. 

  1356. 

  1357.         if (in_array($type, array('image', 'video', 'audio', 'text', 'application'))) {
    1358. 

  1358.             switch (true) {
    1359. 

  1359.                 case in_array($stream, array('msword', 'msaccess', 'ms-powerpoint', 'ms-powerpoint')):
    1360. 

  1360.                 case 0 === strpos($stream, 'vnd.'):
    1361. 

  1361.                     return 'office';
    1362. 

  1362.                 case false !== strpos($stream, 'html') || false !== strpos($stream, 'xml') || false !== strpos($stream, 'wml'):
    1363. 

  1363.                     return 'html';
    1364. 

  1364.                 case false !== strpos($stream, 'compressed') || false !== strpos($stream, 'zip') ||
    1365. 

  1365.                 in_array($stream, array('application/x-gtar', 'application/x-tar')):
    1366. 

  1366.                     return 'archive';
    1367. 

  1367.                 case 'text' == $type && 0 === strpos($stream, 'x-'):
    1368. 

  1368.                     return 'script';
    1369. 

  1369.                 default:
    1370. 

  1370.                     return $type;
    1371. 

  1371.             }
    1372. 

  1372.         } else {
    1373. 

  1373.             return 'unknown';
    1374. 

  1374.         }
    1375. 

  1375.     }
    1376. 

  1376. }
    1377. 

  1377.