205 lines
6.0 KiB
PHP
205 lines
6.0 KiB
PHP
|
<?php
|
||
|
/**
|
||
|
* CUrlValidator class file.
|
||
|
*
|
||
|
* @author Qiang Xue <qiang.xue@gmail.com>
|
||
|
* @link http://www.yiiframework.com/
|
||
|
* @copyright 2008-2013 Yii Software LLC
|
||
|
* @license http://www.yiiframework.com/license/
|
||
|
*/
|
||
|
|
||
|
/**
|
||
|
* CUrlValidator validates that the attribute value is a valid http or https URL.
|
||
|
*
|
||
|
* @author Qiang Xue <qiang.xue@gmail.com>
|
||
|
* @package system.validators
|
||
|
* @since 1.0
|
||
|
*/
|
||
|
class CUrlValidator extends CValidator
|
||
|
{
|
||
|
/**
|
||
|
* @var string the regular expression used to validate the attribute value.
|
||
|
* Since version 1.1.7 the pattern may contain a {schemes} token that will be replaced
|
||
|
* by a regular expression which represents the {@see validSchemes}.
|
||
|
*/
|
||
|
public $pattern='/^{schemes}:\/\/(([A-Z0-9][A-Z0-9_-]*)(\.[A-Z0-9][A-Z0-9_-]*)+)/i';
|
||
|
/**
|
||
|
* @var array list of URI schemes which should be considered valid. By default, http and https
|
||
|
* are considered to be valid schemes.
|
||
|
* @since 1.1.7
|
||
|
**/
|
||
|
public $validSchemes=array('http','https');
|
||
|
/**
|
||
|
* @var string the default URI scheme. If the input doesn't contain the scheme part, the default
|
||
|
* scheme will be prepended to it (thus changing the input). Defaults to null, meaning a URL must
|
||
|
* contain the scheme part.
|
||
|
* @since 1.1.7
|
||
|
**/
|
||
|
public $defaultScheme;
|
||
|
/**
|
||
|
* @var boolean whether the attribute value can be null or empty. Defaults to true,
|
||
|
* meaning that if the attribute is empty, it is considered valid.
|
||
|
*/
|
||
|
public $allowEmpty=true;
|
||
|
/**
|
||
|
* @var boolean whether validation process should care about IDN (internationalized domain names). Default
|
||
|
* value is false which means that validation of URLs containing IDN will always fail.
|
||
|
* @since 1.1.13
|
||
|
*/
|
||
|
public $validateIDN=false;
|
||
|
|
||
|
/**
|
||
|
* Validates the attribute of the object.
|
||
|
* If there is any error, the error message is added to the object.
|
||
|
* @param CModel $object the object being validated
|
||
|
* @param string $attribute the attribute being validated
|
||
|
*/
|
||
|
protected function validateAttribute($object,$attribute)
|
||
|
{
|
||
|
$value=$object->$attribute;
|
||
|
if($this->allowEmpty && $this->isEmpty($value))
|
||
|
return;
|
||
|
if(($value=$this->validateValue($value))!==false)
|
||
|
$object->$attribute=$value;
|
||
|
else
|
||
|
{
|
||
|
$message=$this->message!==null?$this->message:Yii::t('yii','{attribute} is not a valid URL.');
|
||
|
$this->addError($object,$attribute,$message);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Validates a static value to see if it is a valid URL.
|
||
|
* Note that this method does not respect {@link allowEmpty} property.
|
||
|
* This method is provided so that you can call it directly without going through the model validation rule mechanism.
|
||
|
* @param string $value the value to be validated
|
||
|
* @return mixed false if the the value is not a valid URL, otherwise the possibly modified value ({@see defaultScheme})
|
||
|
* @since 1.1.1
|
||
|
*/
|
||
|
public function validateValue($value)
|
||
|
{
|
||
|
if(is_string($value) && strlen($value)<2000) // make sure the length is limited to avoid DOS attacks
|
||
|
{
|
||
|
if($this->defaultScheme!==null && strpos($value,'://')===false)
|
||
|
$value=$this->defaultScheme.'://'.$value;
|
||
|
|
||
|
if($this->validateIDN)
|
||
|
$value=$this->encodeIDN($value);
|
||
|
|
||
|
if(strpos($this->pattern,'{schemes}')!==false)
|
||
|
$pattern=str_replace('{schemes}','('.implode('|',$this->validSchemes).')',$this->pattern);
|
||
|
else
|
||
|
$pattern=$this->pattern;
|
||
|
|
||
|
if(preg_match($pattern,$value))
|
||
|
return $this->validateIDN ? $this->decodeIDN($value) : $value;
|
||
|
}
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Returns the JavaScript needed for performing client-side validation.
|
||
|
* @param CModel $object the data object being validated
|
||
|
* @param string $attribute the name of the attribute to be validated.
|
||
|
* @return string the client-side validation script.
|
||
|
* @see CActiveForm::enableClientValidation
|
||
|
* @since 1.1.7
|
||
|
*/
|
||
|
public function clientValidateAttribute($object,$attribute)
|
||
|
{
|
||
|
if($this->validateIDN)
|
||
|
{
|
||
|
Yii::app()->getClientScript()->registerCoreScript('punycode');
|
||
|
// punycode.js works only with the domains - so we have to extract it before punycoding
|
||
|
$validateIDN='
|
||
|
var info = value.match(/^(.+:\/\/|)([^/]+)/);
|
||
|
if (info)
|
||
|
value = info[1] + punycode.toASCII(info[2]);
|
||
|
';
|
||
|
}
|
||
|
else
|
||
|
$validateIDN='';
|
||
|
|
||
|
$message=$this->message!==null ? $this->message : Yii::t('yii','{attribute} is not a valid URL.');
|
||
|
$message=strtr($message, array(
|
||
|
'{attribute}'=>$object->getAttributeLabel($attribute),
|
||
|
));
|
||
|
|
||
|
if(strpos($this->pattern,'{schemes}')!==false)
|
||
|
$pattern=str_replace('{schemes}','('.implode('|',$this->validSchemes).')',$this->pattern);
|
||
|
else
|
||
|
$pattern=$this->pattern;
|
||
|
|
||
|
$js="
|
||
|
$validateIDN
|
||
|
if(!value.match($pattern)) {
|
||
|
messages.push(".CJSON::encode($message).");
|
||
|
}
|
||
|
";
|
||
|
if($this->defaultScheme!==null)
|
||
|
{
|
||
|
$js="
|
||
|
if(!value.match(/:\\/\\//)) {
|
||
|
value=".CJSON::encode($this->defaultScheme)."+'://'+value;
|
||
|
}
|
||
|
$js
|
||
|
";
|
||
|
}
|
||
|
|
||
|
if($this->allowEmpty)
|
||
|
{
|
||
|
$js="
|
||
|
if(jQuery.trim(value)!='') {
|
||
|
$js
|
||
|
}
|
||
|
";
|
||
|
}
|
||
|
|
||
|
return $js;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Converts given IDN to the punycode.
|
||
|
* @param string $value IDN to be converted.
|
||
|
* @return string resulting punycode.
|
||
|
* @since 1.1.13
|
||
|
*/
|
||
|
private function encodeIDN($value)
|
||
|
{
|
||
|
if(preg_match_all('/^(.*):\/\/([^\/]+)(.*)$/',$value,$matches))
|
||
|
{
|
||
|
if(function_exists('idn_to_ascii'))
|
||
|
$value=$matches[1][0].'://'.idn_to_ascii($matches[2][0]).$matches[3][0];
|
||
|
else
|
||
|
{
|
||
|
require_once(Yii::getPathOfAlias('system.vendors.Net_IDNA2.Net').DIRECTORY_SEPARATOR.'IDNA2.php');
|
||
|
$idna=new Net_IDNA2();
|
||
|
$value=$matches[1][0].'://'.@$idna->encode($matches[2][0]).$matches[3][0];
|
||
|
}
|
||
|
}
|
||
|
return $value;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Converts given punycode to the IDN.
|
||
|
* @param string $value punycode to be converted.
|
||
|
* @return string resulting IDN.
|
||
|
* @since 1.1.13
|
||
|
*/
|
||
|
private function decodeIDN($value)
|
||
|
{
|
||
|
if(preg_match_all('/^(.*):\/\/([^\/]+)(.*)$/',$value,$matches))
|
||
|
{
|
||
|
if(function_exists('idn_to_utf8'))
|
||
|
$value=$matches[1][0].'://'.idn_to_utf8($matches[2][0]).$matches[3][0];
|
||
|
else
|
||
|
{
|
||
|
require_once(Yii::getPathOfAlias('system.vendors.Net_IDNA2.Net').DIRECTORY_SEPARATOR.'IDNA2.php');
|
||
|
$idna=new Net_IDNA2();
|
||
|
$value=$matches[1][0].'://'.@$idna->decode($matches[2][0]).$matches[3][0];
|
||
|
}
|
||
|
}
|
||
|
return $value;
|
||
|
}
|
||
|
}
|