museum-digital/MD_STD
35
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

Extend tests for MD_STD_IN considerably, fix some edge cases

Browse Source
This commit is contained in:
Joshua Ramon Enslin
2023-11-08 21:24:23 +01:00
parent a03f072a69
commit 66e704de47
4 changed files with 430 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/MD_STD_IN.php
View File

@ -43,7 +43,7 @@ final class MD_STD_IN {
*/
public static function sanitize_id_or_zero(mixed $input):int {
if ($input === "") {
if ($input === "" || $input === 0) {
return 0;
}
@ -96,11 +96,14 @@ final class MD_STD_IN {
*/
public static function sanitize_rgb_color(mixed $input):string {
$output = \filter_var($input, FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH);
if (($output = \filter_var($input, FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH)) === false) {
throw new MDInvalidColorCode("Invalid color code provided: " . $output);
}
if ($output === false
|| !in_array(strlen($output), [3, 6], true)
|| (preg_match('/^[a-fA-F0-9]{3}$/', $output) === false && preg_match('/^[a-fA-F0-9]{6}$/', $output) === false)
$output = \strtoupper($output);
if (!in_array(strlen($output), [3, 6], true)
|| (MD_STD::preg_replace_str('/[A-F0-9]/', '', $output) !== '')
) {
throw new MDInvalidColorCode("Invalid color code provided: " . $output);
}
@ -214,19 +217,30 @@ final class MD_STD_IN {
$rewritten .= $parsed['host'];
if (!empty($parsed['port'])) $rewritten .= ':' . $parsed['port'];
$rewritten .= str_replace('%2F' , '/', urlencode($parsed['path']));
if (!empty($parsed['query'])) $rewritten .= '?' . urlencode($parsed['query']);
if (!empty($parsed['query'])) {
$rewritten .= '?' . str_replace('%3D', '=', urlencode($parsed['query']));
}
if (($output = \filter_var($rewritten, FILTER_VALIDATE_URL)) === false) {
throw new MDInvalidUrl("Invalid input URL" . \urlencode($input));
}
}
if (empty($output)) return '';
// As per the RFC, URLs should not exceed 2048. Enough real-world ones
// do. But they certainly should not exceed 10000 characters.
if (\strlen($output) > 10000) {
throw new MDInvalidUrl("The entered URL seems to be valid otherwise, but is overly long.");
}
// Check for valid schemes
if (MD_STD::startsWithAny($output, ['https://', 'http://', 'ftp://']) === false) {
throw new MDInvalidUrl("Invalid input URL");
}
if (\str_contains($output, '.') === false) {
throw new MDInvalidUrl("Invalid input URL");
}
return $output;
}
@ -245,7 +259,7 @@ final class MD_STD_IN {
}
if (($output = \filter_var($input, FILTER_VALIDATE_EMAIL)) === false) {
throw new MDInvalidEmail("Invalid input email address");
throw new MDInvalidEmail("Invalid input email address" . ' '. $input);
}
return $output;