maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

move validateUrl function to correct file

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2019-06-05 06:50:06 +02:00
parent 97703e7a0c
commit 13bfd62ac5
8 changed files with 70 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
customer_domains.php
View File

@@ -369,7 +369,7 @@ if ($page == 'overview') {
$domains .= \Froxlor\UI\HTML::makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['aliasdomain']);
}
if (preg_match('/^https?\:\/\//', $result['documentroot']) && \Froxlor\Validate\Form\Data::validateUrl($result['documentroot'])) {
if (preg_match('/^https?\:\/\//', $result['documentroot']) && \Froxlor\Validate\Validate::validateUrl($result['documentroot'])) {
if (Settings::Get('panel.pathedit') == 'Dropdown') {
$urlvalue = $result['documentroot'];
$pathSelect = \Froxlor\FileDir::makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);

2
lib/Froxlor/Api/Commands/DirOptions.php
View File

@@ -394,7 +394,7 @@ class DirOptions extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
{
if ($errdoc !== null && $errdoc != '') {
// not a URL
if ((strtoupper(substr($errdoc, 0, 5)) != 'HTTP:' && strtoupper(substr($errdoc, 0, 6)) != 'HTTPS:') || ! \Froxlor\Validate\Form\Data::validateUrl($errdoc)) {
if ((strtoupper(substr($errdoc, 0, 5)) != 'HTTP:' && strtoupper(substr($errdoc, 0, 6)) != 'HTTPS:') || ! \Froxlor\Validate\Validate::validateUrl($errdoc)) {
// a file
if (substr($errdoc, 0, 1) != '"') {
$errdoc = \Froxlor\FileDir::makeCorrectFile($errdoc);

4
lib/Froxlor/Api/Commands/SubDomains.php
View File

@@ -852,7 +852,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
{
// check whether an URL was specified
$_doredirect = false;
if (! empty($url) && \Froxlor\Validate\Form\Data::validateUrl($url)) {
if (! empty($url) && \Froxlor\Validate\Validate::validateUrl($url)) {
$path = $url;
$_doredirect = true;
} else {
@@ -860,7 +860,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
}
// check whether path is a real path
if (! preg_match('/^https?\:\/\//', $path) || ! \Froxlor\Validate\Form\Data::validateUrl($path)) {
if (! preg_match('/^https?\:\/\//', $path) || ! \Froxlor\Validate\Validate::validateUrl($path)) {
if (strstr($path, ":") !== false) {
\Froxlor\UI\Response::standard_error('pathmaynotcontaincolon', '', true);
}

4
lib/Froxlor/Cron/Http/Apache.php
View File

@@ -144,7 +144,7 @@ class Apache extends HttpConfigBase
foreach ($statusCodes as $statusCode) {
if (Settings::Get('defaultwebsrverrhandler.err' . $statusCode) != '') {
$defhandler = Settings::Get('defaultwebsrverrhandler.err' . $statusCode);
if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
if (substr($defhandler, 0, 1) != '"' && substr($defhandler, - 1, 1) != '"') {
$defhandler = '"' . \Froxlor\FileDir::makeCorrectFile($defhandler) . '"';
}
@@ -1209,7 +1209,7 @@ class Apache extends HttpConfigBase
foreach ($statusCodes as $statusCode) {
if (isset($row_diroptions['error' . $statusCode . 'path']) && $row_diroptions['error' . $statusCode . 'path'] != '') {
$defhandler = $row_diroptions['error' . $statusCode . 'path'];
if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
if (substr($defhandler, 0, 1) != '"' && substr($defhandler, - 1, 1) != '"') {
$defhandler = '"' . \Froxlor\FileDir::makeCorrectFile($defhandler) . '"';
}

4
lib/Froxlor/Cron/Http/Lighttpd.php
View File

@@ -316,7 +316,7 @@ class Lighttpd extends HttpConfigBase
}
$defhandler = Settings::Get('defaultwebsrverrhandler.err404');
if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
$defhandler = \Froxlor\FileDir::makeCorrectFile($defhandler);
}
$this->lighttpd_data[$vhost_filename] = 'server.error-handler-404 = "' . $defhandler . '"';
@@ -707,7 +707,7 @@ class Lighttpd extends HttpConfigBase
if (! empty($row['error404path'])) {
$defhandler = $row['error404path'];
if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
$defhandler = \Froxlor\FileDir::makeCorrectFile($domain['documentroot'] . '/' . $defhandler);
}
$error_string .= ' server.error-handler-404 = "' . $defhandler . '"' . "\n\n";

8
lib/Froxlor/Cron/Http/Nginx.php
View File

@@ -137,7 +137,7 @@ class Nginx extends HttpConfigBase
foreach ($statusCodes as $statusCode) {
if (Settings::Get('defaultwebsrverrhandler.err' . $statusCode) != '') {
$defhandler = Settings::Get('defaultwebsrverrhandler.err' . $statusCode);
if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
$defhandler = \Froxlor\FileDir::makeCorrectFile($defhandler);
}
$this->nginx_data[$vhosts_filename] .= 'error_page ' . $statusCode . ' ' . $defhandler . ';' . "\n";
@@ -757,7 +757,7 @@ class Nginx extends HttpConfigBase
while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
if (! empty($row['error404path'])) {
$defhandler = $row['error404path'];
if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
$defhandler = \Froxlor\FileDir::makeCorrectFile($defhandler);
}
$path_options .= "\t" . 'error_page 404 ' . $defhandler . ';' . "\n";
@@ -765,7 +765,7 @@ class Nginx extends HttpConfigBase
if (! empty($row['error403path'])) {
$defhandler = $row['error403path'];
if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
$defhandler = \Froxlor\FileDir::makeCorrectFile($defhandler);
}
$path_options .= "\t" . 'error_page 403 ' . $defhandler . ';' . "\n";
@@ -773,7 +773,7 @@ class Nginx extends HttpConfigBase
if (! empty($row['error500path'])) {
$defhandler = $row['error500path'];
if (! \Froxlor\Validate\Form\Data::validateUrl($defhandler)) {
if (! \Froxlor\Validate\Validate::validateUrl($defhandler)) {
$defhandler = \Froxlor\FileDir::makeCorrectFile($defhandler);
}
$path_options .= "\t" . 'error_page 500 502 503 504 ' . $defhandler . ';' . "\n";

60
lib/Froxlor/Validate/Form/Data.php
View File

@@ -33,7 +33,7 @@ class Data
if (isset($fielddata['string_type']) && $fielddata['string_type'] == 'mail') {
$returnvalue = (filter_var($newfieldvalue, FILTER_VALIDATE_EMAIL) == $newfieldvalue);
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'url') {
$returnvalue = self::validateUrl($newfieldvalue);
$returnvalue = \Froxlor\Validate\Validate::validateUrl($newfieldvalue);
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'dir') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
@@ -128,62 +128,6 @@ class Data
}
}
/**
* Returns whether a URL is in a correct format or not
*
* @param string $url
* URL to be tested
* @return bool
* @author Christian Hoffmann
* @author Froxlor team <team@froxlor.org> (2010-)
*
*/
public static function validateUrl($url)
{
if (strtolower(substr($url, 0, 7)) != "http://" && strtolower(substr($url, 0, 8)) != "https://") {
$url = 'http://' . $url;
}
// needs converting
try {
$idna_convert = new \Froxlor\Idna\IdnaWrapper();
$url = $idna_convert->encode($url);
} catch (\Exception $e) {
return false;
}
$pattern = '%^(?:(?:https?)://)(?:\S+(?::\S*)?@)?(?:(?!10(?:\.\d{1,3}){3})(?!127(?:\.\d{1,3}){3})(?!169\.254(?:\.\d{1,3}){2})(?!192\.168(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]|2\d|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)*(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,})))(?::\d{2,5})?(?:/[^\s]*)?$%iuS';
if (preg_match($pattern, $url)) {
return true;
}
// not an fqdn
if (strtolower(substr($url, 0, 7)) == "http://" || strtolower(substr($url, 0, 8)) == "https://") {
if (strtolower(substr($url, 0, 7)) == "http://") {
$ip = strtolower(substr($url, 7));
}
if (strtolower(substr($url, 0, 8)) == "https://") {
$ip = strtolower(substr($url, 8));
}
$ip = substr($ip, 0, strpos($ip, '/'));
// possible : in IP (when a port is given), #1173
// but only if there actually IS ONE
if (strpos($ip, ':') !== false) {
$ip = substr($ip, 0, strpos($ip, ':'));
}
if (\Froxlor\Validate\Validate::validate_ip2($ip, true) !== false) {
return true;
} else {
return false;
}
} else {
return false;
}
}
public static function validateFormFieldBool($fieldname, $fielddata, $newfieldvalue)
{
if ($newfieldvalue === '1' || $newfieldvalue === 1 || $newfieldvalue === true || strtolower($newfieldvalue) === 'yes' || strtolower($newfieldvalue) === 'ja' || $newfieldvalue === '0' || $newfieldvalue === 0 || $newfieldvalue === false || strtolower($newfieldvalue) === 'no' || strtolower($newfieldvalue) === 'nein' || strtolower($newfieldvalue) === '') {
@@ -252,7 +196,7 @@ class Data
if (isset($fielddata['string_type']) && $fielddata['string_type'] == 'mail') {
$returnvalue = (filter_var($newfieldvalue, FILTER_VALIDATE_EMAIL) == $newfieldvalue);
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'url') {
$returnvalue = \Froxlor\Validate\Form\Data::validateUrl($newfieldvalue);
$returnvalue = \Froxlor\Validate\Validate::validateUrl($newfieldvalue);
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'dir') {
// add trailing slash to validate path if needed
// refs #331

56
lib/Froxlor/Validate/Validate.php
View File

@@ -122,6 +122,62 @@ class Validate
}
}
/**
* Returns whether a URL is in a correct format or not
*
* @param string $url
* URL to be tested
* @return bool
* @author Christian Hoffmann
* @author Froxlor team <team@froxlor.org> (2010-)
*
*/
public static function validateUrl($url)
{
if (strtolower(substr($url, 0, 7)) != "http://" && strtolower(substr($url, 0, 8)) != "https://") {
$url = 'http://' . $url;
}
// needs converting
try {
$idna_convert = new \Froxlor\Idna\IdnaWrapper();
$url = $idna_convert->encode($url);
} catch (\Exception $e) {
return false;
}
$pattern = '%^(?:(?:https?)://)(?:\S+(?::\S*)?@)?(?:(?!10(?:\.\d{1,3}){3})(?!127(?:\.\d{1,3}){3})(?!169\.254(?:\.\d{1,3}){2})(?!192\.168(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]|2\d|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)*(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,})))(?::\d{2,5})?(?:/[^\s]*)?$%iuS';
if (preg_match($pattern, $url)) {
return true;
}
// not an fqdn
if (strtolower(substr($url, 0, 7)) == "http://" || strtolower(substr($url, 0, 8)) == "https://") {
if (strtolower(substr($url, 0, 7)) == "http://") {
$ip = strtolower(substr($url, 7));
}
if (strtolower(substr($url, 0, 8)) == "https://") {
$ip = strtolower(substr($url, 8));
}
$ip = substr($ip, 0, strpos($ip, '/'));
// possible : in IP (when a port is given), #1173
// but only if there actually IS ONE
if (strpos($ip, ':') !== false) {
$ip = substr($ip, 0, strpos($ip, ':'));
}
if (\Froxlor\Validate\Validate::validate_ip2($ip, true) !== false) {
return true;
} else {
return false;
}
} else {
return false;
}
}
/**
* Check if the submitted string is a valid domainname
*