[ Index ]

PHP Cross Reference of phpBB-3.2.11-deutsch

title

Body

[close]

/vendor/s9e/text-formatter/src/Parser/AttributeFilters/ -> UrlFilter.php (source)

   1  <?php
   2  
   3  /*
   4  * @package   s9e\TextFormatter
   5  * @copyright Copyright (c) 2010-2019 The s9e Authors
   6  * @license   http://www.opensource.org/licenses/mit-license.php The MIT License
   7  */
   8  namespace s9e\TextFormatter\Parser\AttributeFilters;
   9  use s9e\TextFormatter\Parser\Logger;
  10  class UrlFilter
  11  {
  12  	public static function filter($attrValue, array $urlConfig, Logger $logger = \null)
  13      {
  14          $p = self::parseUrl(\trim($attrValue));
  15          $error = self::validateUrl($urlConfig, $p);
  16          if (!empty($error))
  17          {
  18              if (isset($logger))
  19              {
  20                  $p['attrValue'] = $attrValue;
  21                  $logger->err($error, $p);
  22              }
  23              return \false;
  24          }
  25          return self::rebuildUrl($p);
  26      }
  27  	protected static function parseUrl($url)
  28      {
  29          $regexp = '(^(?:([a-z][-+.\\w]*):)?(?://(?:([^:/?#]*)(?::([^/?#]*)?)?@)?(?:(\\[[a-f\\d:]+\\]|[^:/?#]+)(?::(\\d*))?)?(?![^/?#]))?([^?#]*)(\\?[^#]*)?(#.*)?$)Di';
  30          \preg_match($regexp, $url, $m);
  31          $parts  = [];
  32          $tokens = ['scheme', 'user', 'pass', 'host', 'port', 'path', 'query', 'fragment'];
  33          foreach ($tokens as $i => $name)
  34              $parts[$name] = (isset($m[$i + 1])) ? $m[$i + 1] : '';
  35          $parts['scheme'] = \strtolower($parts['scheme']);
  36          $parts['host'] = \rtrim(\preg_replace("/\xE3\x80\x82|\xEF(?:\xBC\x8E|\xBD\xA1)/s", '.', $parts['host']), '.');
  37          if (\preg_match('#[^[:ascii:]]#', $parts['host']) && \function_exists('idn_to_ascii'))
  38          {
  39              $variant = (\defined('INTL_IDNA_VARIANT_UTS46')) ? \INTL_IDNA_VARIANT_UTS46 : 0;
  40              $parts['host'] = \idn_to_ascii($parts['host'], 0, $variant);
  41          }
  42          return $parts;
  43      }
  44  	protected static function rebuildUrl(array $p)
  45      {
  46          $url = '';
  47          if ($p['scheme'] !== '')
  48              $url .= $p['scheme'] . ':';
  49          if ($p['host'] === '')
  50          {
  51              if ($p['scheme'] === 'file')
  52                  $url .= '//';
  53          }
  54          else
  55          {
  56              $url .= '//';
  57              if ($p['user'] !== '')
  58              {
  59                  $url .= \rawurlencode(\urldecode($p['user']));
  60                  if ($p['pass'] !== '')
  61                      $url .= ':' . \rawurlencode(\urldecode($p['pass']));
  62                  $url .= '@';
  63              }
  64              $url .= $p['host'];
  65              if ($p['port'] !== '')
  66                  $url .= ':' . $p['port'];
  67          }
  68          $path = $p['path'] . $p['query'] . $p['fragment'];
  69          $path = \preg_replace_callback(
  70              '/%.?[a-f]/',
  71              function ($m)
  72              {
  73                  return \strtoupper($m[0]);
  74              },
  75              $path
  76          );
  77          $url .= self::sanitizeUrl($path);
  78          if (!$p['scheme'])
  79              $url = \preg_replace('#^([^/]*):#', '$1%3A', $url);
  80          return $url;
  81      }
  82  	public static function sanitizeUrl($url)
  83      {
  84          return \preg_replace_callback(
  85              '/%(?![0-9A-Fa-f]{2})|[^!#-&*-;=?-Z_a-z]/S',
  86              function ($m)
  87              {
  88                  return \rawurlencode($m[0]);
  89              },
  90              $url
  91          );
  92      }
  93  	protected static function validateUrl(array $urlConfig, array $p)
  94      {
  95          if ($p['scheme'] !== '' && !\preg_match($urlConfig['allowedSchemes'], $p['scheme']))
  96              return 'URL scheme is not allowed';
  97          if ($p['host'] === '')
  98          {
  99              if ($p['scheme'] !== 'file' && $p['scheme'] !== '')
 100                  return 'Missing host';
 101          }
 102          else
 103          {
 104              $regexp = '/^(?!-)[-a-z0-9]{0,62}[a-z0-9](?:\\.(?!-)[-a-z0-9]{0,62}[a-z0-9])*$/i';
 105              if (!\preg_match($regexp, $p['host']))
 106                  if (!NetworkFilter::filterIpv4($p['host'])
 107                   && !NetworkFilter::filterIpv6(\preg_replace('/^\\[(.*)\\]$/', '$1', $p['host'])))
 108                      return 'URL host is invalid';
 109              if ((isset($urlConfig['disallowedHosts']) && \preg_match($urlConfig['disallowedHosts'], $p['host']))
 110               || (isset($urlConfig['restrictedHosts']) && !\preg_match($urlConfig['restrictedHosts'], $p['host'])))
 111                  return 'URL host is not allowed';
 112          }
 113      }
 114  }


Generated: Wed Nov 11 20:33:01 2020 Cross-referenced by PHPXref 0.7.1