) * * @param String $input The string to change * @return String The updated string */ function removeHTMLnodes($input){ $output = str_replace("<", "<", $input); return str_replace(">", ">", $output); } /** * Check a string before inserting it * * @param String $string The string to check * @return Boolean True if the string is valid / false else */ function check_string_before_insert($string){ //First, empty string are invalid if($string == "") return false; //Remove HTML tags before continuing $string = str_replace(array("<", ">"), "", $string); //Check string size if(strlen($string)<3) return false; //Check if the string has at least three different characters if(strlen(count_chars($string,3)) < 3) return false; //Success return true; } /** * Make a string safe to be used to perform a query on a database * * @param string $input The string to process * @return string The result string */ function safe_for_sql(string $input) : string { //Perform safe adapation $input = str_ireplace("\\", "\\\\", $input); $input = str_ireplace("'", "\\'", $input); $input = str_ireplace('"', "\\\"", $input); return $input; } /** * Check a given user ID * * @param int $userID The user ID to check * @return bool True if userID is valid, false else */ function check_user_id(int $userID) : bool { if($userID < 1) return false; //Invalid return true; //Valid } /** * Get userID posted in a request and return it if there * isn't any error * * @param string $name Optionnal, the name of the post field * @return int User ID * @throws RestError in case of error */ function getPostUserID(string $name = "userID") : int { //Get userID post if(!isset($_POST[$name])) Rest_fatal_error(400, "Please specify a userID in '".$name."' !"); $userID = toInt($_POST[$name]); //Check userID validity if(!check_user_id($userID)) Rest_fatal_error(400, "Invalid userID in '".$name."' !"); //Check if user exits if(!CS::get()->components->user->exists($userID)) Rest_fatal_error(404, "Specified user in '".$name."' not found !"); return $userID; } /** * Get the ID of a conversation posted in a request and return * if it is a valid ID * * @param string $name Optionnal, the name of the post field * @return int $convID The ID of the conversation */ function getPostConversationID(string $name = "conversationID") : int { //Get conversationID if(!isset($_POST[$name])) Rest_fatal_error(400, "Excepted conversation ID in '".$name."' !"); $conversationID = toInt($_POST[$name]); //Check conversationID validity if($conversationID < 1) Rest_fatal_error(400, "Invalid conversation ID !"); //Check if conversation exists if(!CS::get()->components->conversations->exist($conversationID)) Rest_fatal_error(404, "Specified conversation not found!"); return $conversationID; } /** * Get the ID of a post in a rest request * * @param string $name Optionnal, the name of the post id field * @return int $postID The ID of the post */ function getPostPostID(string $name = "postID") : int { //Get postID if(!isset($_POST[$name])) Rest_fatal_error(400, "Excepted post ID in '".$name."' !"); $postID = toInt($_POST[$name]); //Check post ID validity if($postID < 1) Rest_fatal_error(400, "Invalid post ID!"); //Check if the post exists if(!CS::get()->components->posts->exist($postID)) Rest_fatal_error(404, "Specified post does not exists!"); return $postID; } /** * Get the ID of a movie in a rest request * * @param string $name Optionnal, the name of the post ID field * @return int $movieID The ID of the movie */ function getPostMovieId(string $name = "movieID") : int { //Get movieID if(!isset($_POST[$name])) Rest_fatal_error(400, "Excepted movie ID in '".$name."' !"); $movieID = toInt($_POST[$name]); //Check movie ID validity if($movieID < 1) Rest_fatal_error(400, "Invalid movie ID in '".$name."' !"); //Check if the movie exists if(!CS::get()->components->movies->exist($movieID)) Rest_fatal_error(404, "Specified movie does not exists!"); return $movieID; } /** * Check the validity of an file posted in a request * * @param string $name The name of the $_FILES entry * @return bool True if the file is valid / false else */ function check_post_file(string $name) : bool { //Check if image exists if(!isset($_FILES[$name])) return false; //Check for errors if($_FILES[$name]['error'] != 0) return false; //Check if the file is empty if($_FILES[$name]['size'] < 1) return false; return true; } /** * Check the validity of a URL specified in a request * * @param string $name The name of the $_POST field containing the URL * @return bool True if the url is valid / false else */ function check_post_url(string $name) : bool { //Check if image exists if(!isset($_POST[$name])) return false; $url = $_POST[$name]; //Check URL if(!filter_var($url, FILTER_VALIDATE_URL)) return false; //The URL seems to be valid return true; } /** * Check the validity of a Youtube video ID * * @param string $id The ID of the YouTube video * @return bool True if the ID is valid / false else */ function check_youtube_id(string $id) : bool { //Check length if(strlen($id) < 5) return FALSE; //Check for illegal characters if($id !== str_replace(array("/", "\\", "@", "&", "?", ".", "'", '"'), "", $id)) return FALSE; //The video is considered as valid return TRUE; }