2018年6月13日 星期三

【PHP】HTML Purifier 可過濾HTML限定只能用那些HTML

碰到只能用某些HTML,自己過濾超麻煩,

























後來找到好用的套件 :HTML Purifier

裡面還有很多功能,也可阻擋XSS攻擊

require('class/htmlpurifier/HTMLPurifier.auto.php');

$config = HTMLPurifier_Config::createDefault();


$config->set('HTML', 'Allowed', 
 'a[accesskey|href|rel|tabindex}target|type]
 ,area[accesskey|alt, coords|href|name|shape|tabindex|target]
 ,img[alt|border|height|ismap|src|usemap|width]
 ,b,blockquote[cite],br,dd,div,dl,dt,em,h1,h2,h3,h4,h5,h6
 ,hr,i,li[value],map,ol[start|type]
 ,nav[accesskey|contenteditable|contextmenu|data-*|draggable|dropzone|hidden|spellcheck|tabindex|translate]
 ,ol[start|type],p,pre,rp,rt,ruby,s,small,source,span,strike,strong,style,sub,sup,
 ,table[border|cols|summary|cellpadding|cellspacing|align]
 ,tbody[valign],td[bordercolor|colspan|rowspan],tfoot[valign]
 ,th[colspan|rowspan|scope],thead[valign],tr[colspan|rowspan]
 ,tt,u,ul,video[autoplay|controls|height|loop|muted|poster|preload|src|width]
 '
 );
$purifier = new HTMLPurifier($config);
echo $cleanContent = $purifier->purify($content);

2018年6月7日 星期四

【Jquery UI】拖移(sortable)抓到值

$(".cat1 .type-sort").sortable({update: function (e, ui){
    $current_id = ui.item.attr('id');
    $change_id = ui.item.prev().attr('id');
    console.log(ui.item.attr('id')+'/'+ui.item.prev().attr('id'));

    console.log($("#"+$current_id).html());
  }});

【Jquery】動態產生也可綁定事件

利用Jquery產生出來的物件 (append、prepend),
在之前設定的$('.item').click()會失效,
要改成 $('body').on('click','.item',funciton (){});

2018年5月29日 星期二

【PHP】JSON 相關

1.編碼 JSON 時保留 key 值

$post_data = json_encode(array('aaa'), JSON_FORCE_OBJECT);
// 輸出  {"0":"aaa"}

2.解碼時用陣列

$array = json_decode($json, true);
echo $array['foo'] . PHP_EOL; //"bar"
echo $array['number'] . PHP_EOL; //42

3.陣列轉換成物件 {}

$obj = (object) array('1' => 'foo');
$a = new stdclass; $a->id = 11;

4.sublime prettify 的快捷鍵是 Ctrl + Alt + J (要先安裝)


【PHP】型態轉成object

有時要把型態轉成object可用

方法一: $obj = (object) array('1' => 'foo');

方法二:$a = new stdclass; $a->abc = 'abc';

目前有用到的時機

1.轉json時,為了符合別人定的API的JSON規則,需要轉成object

2.建立一個空的類只是為了傳遞或儲存參數時

2018年5月28日 星期一

【PHP】XML to array

/** 
 * xml2array() will convert the given XML text to an array in the XML structure. 
 * Link: http://www.bin-co.com/php/scripts/xml2array/ 
 * Arguments : $contents - The XML text 
 *                $get_attributes - 1 or 0. If this is 1 the function will get the attributes as well as the tag values - this results in a different array structure in the return value.
 *                $priority - Can be 'tag' or 'attribute'. This will change the way the resulting array sturcture. For 'tag', the tags are given more importance.
 * Return: The parsed XML in an array form. Use print_r() to see the resulting array structure.
 * Examples: $array =  xml2array(file_get_contents('feed.xml')); 
 *              $array =  xml2array(file_get_contents('feed.xml', 1, 'attribute')); 
 */ 
function xml2array($contents, $get_attributes=1, $priority = 'tag') { 
    if(!$contents) return array(); 

    if(!function_exists('xml_parser_create')) { 
        //print "'xml_parser_create()' function not found!"; 
        return array(); 
    } 

    //Get the XML parser of PHP - PHP must have this module for the parser to work 
    $parser = xml_parser_create(''); 
    xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8"); # http://minutillo.com/steve/weblog/2004/6/17/php-xml-and-character-encodings-a-tale-of-sadness-rage-and-data-loss 
    xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); 
    xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1); 
    xml_parse_into_struct($parser, trim($contents), $xml_values); 
    xml_parser_free($parser); 

    if(!$xml_values) return;//Hmm... 

    //Initializations 
    $xml_array = array(); 
    $parents = array(); 
    $opened_tags = array(); 
    $arr = array(); 

    $current = &$xml_array; //Refference 

    //Go through the tags. 
    $repeated_tag_index = array();//Multiple tags with same name will be turned into an array
    foreach($xml_values as $data) { 
        unset($attributes,$value);//Remove existing values, or there will be trouble 

        //This command will extract these variables into the foreach scope 
        // tag(string), type(string), level(int), attributes(array). 
        extract($data);//We could use the array by itself, but this cooler. 

        $result = array(); 
        $attributes_data = array(); 
         
        if(isset($value)) { 
            if($priority == 'tag') $result = $value; 
            else $result['value'] = $value; //Put the value in a assoc array if we are in the 'Attribute' mode
        } 

        //Set the attributes too. 
        if(isset($attributes) and $get_attributes) { 
            foreach($attributes as $attr => $val) { 
                if($priority == 'tag') $attributes_data[$attr] = $val; 
                else $result['attr'][$attr] = $val; //Set all the attributes in a array called 'attr' 
            } 
        } 

        //See tag status and do the needed. 
        if($type == "open") {//The starting of the tag '' 
            $parent[$level-1] = &$current; 
            if(!is_array($current) or (!in_array($tag, array_keys($current)))) { //Insert New tag
                $current[$tag] = $result; 
                if($attributes_data) $current[$tag. '_attr'] = $attributes_data; 
                $repeated_tag_index[$tag.'_'.$level] = 1; 

                $current = &$current[$tag]; 

            } else { //There was another element with the same tag name 

                if(isset($current[$tag][0])) {//If there is a 0th element it is already an array 
                    $current[$tag][$repeated_tag_index[$tag.'_'.$level]] = $result; 
                    $repeated_tag_index[$tag.'_'.$level]++; 
                } else {//This section will make the value an array if multiple tags with the same name appear together
                    $current[$tag] = array($current[$tag],$result);//This will combine the existing item and the new item together to make an array
                    $repeated_tag_index[$tag.'_'.$level] = 2; 
                     
                    if(isset($current[$tag.'_attr'])) { //The attribute of the last(0th) tag must be moved as well
                        $current[$tag]['0_attr'] = $current[$tag.'_attr']; 
                        unset($current[$tag.'_attr']); 
                    } 

                } 
                $last_item_index = $repeated_tag_index[$tag.'_'.$level]-1; 
                $current = &$current[$tag][$last_item_index]; 
            } 

        } elseif($type == "complete") { //Tags that ends in 1 line '' 
            //See if the key is already taken. 
            if(!isset($current[$tag])) { //New Key 
                $current[$tag] = $result; 
                $repeated_tag_index[$tag.'_'.$level] = 1; 
                if($priority == 'tag' and $attributes_data) $current[$tag. '_attr'] = $attributes_data;

            } else { //If taken, put all things inside a list(array) 
                if(isset($current[$tag][0]) and is_array($current[$tag])) {//If it is already an array... 

                    // ...push the new element into that array. 
                    $current[$tag][$repeated_tag_index[$tag.'_'.$level]] = $result; 
                     
                    if($priority == 'tag' and $get_attributes and $attributes_data) { 
                        $current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data; 
                    } 
                    $repeated_tag_index[$tag.'_'.$level]++; 

                } else { //If it is not an array... 
                    $current[$tag] = array($current[$tag],$result); //...Make it an array using using the existing value and the new value
                    $repeated_tag_index[$tag.'_'.$level] = 1; 
                    if($priority == 'tag' and $get_attributes) { 
                        if(isset($current[$tag.'_attr'])) { //The attribute of the last(0th) tag must be moved as well
                             
                            $current[$tag]['0_attr'] = $current[$tag.'_attr']; 
                            unset($current[$tag.'_attr']); 
                        } 
                         
                        if($attributes_data) { 
                            $current[$tag][$repeated_tag_index[$tag.'_'.$level] . '_attr'] = $attributes_data; 
                        } 
                    } 
                    $repeated_tag_index[$tag.'_'.$level]++; //0 and 1 index is already taken 
                } 
            } 

        } elseif($type == 'close') { //End of tag '' 
            $current = &$parent[$level-1]; 
        } 
    } 
     
    return($xml_array); 
}  

2018年5月25日 星期五

【PHP】UUID

串接API時常常會發現很多亂碼,

類似:570e8400-e29b-41d4-a716-44b6594400a0

以為是每個廠商為了辨別所創立的亂數,

原來它有一定的格式及名稱

通用唯一識別碼(英語:Universally Unique Identifier,簡稱UUID)

形式為8-4-4-4-12的32個字元,重複率超低,

所以每次產生都能當作此筆交易或是交換的唯一值


function create_uuid($prefix = ""){
    $str = md5(uniqid(mt_rand(), true));  
    $uuid  = substr($str,0,8) . '-';  
    $uuid .= substr($str,8,4) . '-';  
    $uuid .= substr($str,12,4) . '-';  
    $uuid .= substr($str,16,4) . '-';  
    $uuid .= substr($str,20,12);  
    return $prefix . $uuid;
} 

【PHP】php實現 AES/CBC/PKCS5Padding 加密解密

最近在做一個API串接,對方是用JAVA寫的,

中間有要編碼的片段,編碼方式是AES (CBC模式) 轉 Base64,

我上網找了用下面方法加解密,
$encrypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $app_cc_aes_key, $data, MCRYPT_MODE_CBC, $app_cc_aes_iv);

用此方法可以順利解密,但是編碼後對方怎麼樣都解不開,

來回溝通搞了好久,上網爬文好久終於才找到解決方法,

原來是補碼的方式不同PHP是用ZeroPadding,JAVA是用PKCS5Padding,

※ 在PHP官網寫說關於mcrypt的function,PHP7.1之後不能使用!!

class AES {
 public $iv;

 public $encryptKey;

 //加密
 public function encrypt($encryptStr) {
  $localIV = $this->iv;
  $encryptKey = $this->encryptKey;

  $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, $localIV);

  mcrypt_generic_init($module, $encryptKey, $localIV);

  $block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
  $pad = $block - (strlen($encryptStr) % $block); 
  $encryptStr .= str_repeat(chr($pad), $pad); 

  $encrypted = mcrypt_generic($module, $encryptStr);

  mcrypt_generic_deinit($module);
  mcrypt_module_close($module);

  return base64_encode($encrypted);
 }

 //解密
 public function decrypt($encryptStr) {
  $localIV = $this->iv;
  $encryptKey = $this->encryptKey;

  $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, $localIV);

  mcrypt_generic_init($module, $encryptKey, $localIV);

  $encryptedData = base64_decode($encryptStr);
  $encryptedData = mdecrypt_generic($module, $encryptedData);

  return $encryptedData;
 }
}

2017年11月21日 星期二

【PHP】用UTF8將文字一個一個放在陣列中

$a = '每天都要快樂 HAPPY';

$arr = utf8_str_split($a);

print_r($arr);

function utf8_str_split($str, $split_len = 1){
 if (!preg_match('/^[0-9]+$/', $split_len) || $split_len < 1)
  return FALSE;

 $len = mb_strlen($str, 'UTF-8');
 if ($len <= $split_len)
  return array($str);

 preg_match_all('/.{'.$split_len.'}|[^\x00]{1,'.$split_len.'}$/us', $str, $ar);

 return $ar[0];
}

// 結果 Array ( [0] => 每 [1] => 天 [2] => 都 [3] => 要 [4] => 快 [5] => 樂 [6] => [7] => H [8] => A [9] => P [10] => P [11] => Y )