mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-02-26 07:02:08 +01:00
Etemplate - add a URL regex to catch some invalids that were making it through
This commit is contained in:
nathangray
parent
12ae214b76
commit
cc1fff6c17
@ -44,6 +44,8 @@ class Url extends Etemplate\Widget
|
|||||||
*/
|
*/
|
||||||
const EMAIL_PREG = "/^(([^\042',<][^,<]+|\042[^\042]+\042|\'[^\']+\'|)\s?<)?[^\x01-\x20()<>@,;:\042\[\]]+@([a-z0-9ÄÖÜäöüß](|[a-z0-9ÄÖÜäöüß_-]*[a-z0-9ÄÖÜäöüß])\.)+[a-z]{2,}>?$/iu";
|
const EMAIL_PREG = "/^(([^\042',<][^,<]+|\042[^\042]+\042|\'[^\']+\'|)\s?<)?[^\x01-\x20()<>@,;:\042\[\]]+@([a-z0-9ÄÖÜäöüß](|[a-z0-9ÄÖÜäöüß_-]*[a-z0-9ÄÖÜäöüß])\.)+[a-z]{2,}>?$/iu";
|
||||||
|
|
||||||
|
const URL_PREG = '_^(?:(?:https?|ftp)://)?(?:\S+(?::\S*)?@)?(?:(?!10(?:\.\d{1,3}){3})(?!127(?:\.\d{1,3}){3})(?!169\.254(?:\.\d{1,3}){2})(?!192\.168(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]|2\d|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)*(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,})))(?::\d{2,5})?(?:/[^\s]*)?$_iuS';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Validate input
|
* Validate input
|
||||||
*
|
*
|
||||||
@ -96,6 +98,7 @@ class Url extends Etemplate\Widget
|
|||||||
self::set_validation_error($form_name,lang("'%1' has an invalid format !!!",$value),'');
|
self::set_validation_error($form_name,lang("'%1' has an invalid format !!!",$value),'');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
$this->attrs['preg'] = self::URL_PREG;
|
||||||
break;
|
break;
|
||||||
case 'url-email':
|
case 'url-email':
|
||||||
$this->attrs['preg'] = self::EMAIL_PREG;
|
$this->attrs['preg'] = self::EMAIL_PREG;
|
||||||
|
|||||||
@ -102,6 +102,7 @@ class UrlTest extends \EGroupware\Api\Etemplate\WidgetBaseTest
|
|||||||
array('http://userid:password@example.com/'),
|
array('http://userid:password@example.com/'),
|
||||||
array('http://142.42.1.1/'),
|
array('http://142.42.1.1/'),
|
||||||
array('http://142.42.1.1:8080/'),
|
array('http://142.42.1.1:8080/'),
|
||||||
|
array('foo.com'), // We prepend http in this case
|
||||||
|
|
||||||
// We use filter_var, and it can't handle these
|
// We use filter_var, and it can't handle these
|
||||||
/*
|
/*
|
||||||
@ -151,29 +152,20 @@ class UrlTest extends \EGroupware\Api\Etemplate\WidgetBaseTest
|
|||||||
array('///a'),
|
array('///a'),
|
||||||
array('///'),
|
array('///'),
|
||||||
array('http:///a'),
|
array('http:///a'),
|
||||||
array('foo.com'),
|
// We don't check protocol
|
||||||
array('rdar://1234'),
|
//array('rdar://1234'),
|
||||||
array('h://test'),
|
//array('h://test'),
|
||||||
|
//array('ftps://foo.bar/'),
|
||||||
array('http:// shouldfail.com'),
|
array('http:// shouldfail.com'),
|
||||||
array(':// should fail'),
|
array(':// should fail'),
|
||||||
array('http://foo.bar/foo(bar)baz quux'),
|
array('http://foo.bar/foo(bar)baz quux'),
|
||||||
array('ftps://foo.bar/'),
|
|
||||||
array('http://-error-.invalid/'),
|
array('http://-error-.invalid/'),
|
||||||
array('http://a.b--c.de/'),
|
|
||||||
array('http://-a.b.co'),
|
array('http://-a.b.co'),
|
||||||
array('http://a.b-.co'),
|
array('http://a.b-.co'),
|
||||||
array('http://0.0.0.0'),
|
|
||||||
array('http://10.1.1.0'),
|
|
||||||
array('http://10.1.1.255'),
|
|
||||||
array('http://224.1.1.1'),
|
|
||||||
array('http://1.1.1.1.1'),
|
|
||||||
array('http://123.123.123'),
|
|
||||||
array('http://3628126748'),
|
array('http://3628126748'),
|
||||||
array('http://.www.foo.bar/'),
|
array('http://.www.foo.bar/'),
|
||||||
array('http://www.foo.bar./'),
|
array('http://www.foo.bar./'),
|
||||||
array('http://.www.foo.bar./'),
|
array('http://.www.foo.bar./'),
|
||||||
array('http://10.1.1.1'),
|
|
||||||
array('http://10.1.1.254'),
|
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user