mirror of
https://github.com/yiisoft/yii2.git
synced 2025-11-01 03:26:36 +08:00
cd0e0e71c1
Without the `IDNA_NONTRANSITIONAL_TO_ASCII` parameter, domain `faß.de` gets converted to `fass.de` that is not correct way of making IDN. Follows http://www.unicode.org/reports/tr46/
163 lines
5.2 KiB
PHP
163 lines
5.2 KiB
PHP
<?php
|
|
/**
|
|
* @link http://www.yiiframework.com/
|
|
* @copyright Copyright (c) 2008 Yii Software LLC
|
|
* @license http://www.yiiframework.com/license/
|
|
*/
|
|
|
|
namespace yii\validators;
|
|
|
|
use Yii;
|
|
use yii\base\InvalidConfigException;
|
|
use yii\helpers\Json;
|
|
use yii\web\JsExpression;
|
|
|
|
/**
|
|
* UrlValidator validates that the attribute value is a valid http or https URL.
|
|
*
|
|
* Note that this validator only checks if the URL scheme and host part are correct.
|
|
* It does not check the remaining parts of a URL.
|
|
*
|
|
* @author Qiang Xue <qiang.xue@gmail.com>
|
|
* @since 2.0
|
|
*/
|
|
class UrlValidator extends Validator
|
|
{
|
|
/**
|
|
* @var string the regular expression used to validate the attribute value.
|
|
* The pattern may contain a `{schemes}` token that will be replaced
|
|
* by a regular expression which represents the [[validSchemes]].
|
|
*/
|
|
public $pattern = '/^{schemes}:\/\/(([A-Z0-9][A-Z0-9_-]*)(\.[A-Z0-9][A-Z0-9_-]*)+)(?::\d{1,5})?(?:$|[?\/#])/i';
|
|
/**
|
|
* @var array list of URI schemes which should be considered valid. By default, http and https
|
|
* are considered to be valid schemes.
|
|
*/
|
|
public $validSchemes = ['http', 'https'];
|
|
/**
|
|
* @var string the default URI scheme. If the input doesn't contain the scheme part, the default
|
|
* scheme will be prepended to it (thus changing the input). Defaults to null, meaning a URL must
|
|
* contain the scheme part.
|
|
*/
|
|
public $defaultScheme;
|
|
/**
|
|
* @var bool whether validation process should take into account IDN (internationalized
|
|
* domain names). Defaults to false meaning that validation of URLs containing IDN will always
|
|
* fail. Note that in order to use IDN validation you have to install and enable `intl` PHP
|
|
* extension, otherwise an exception would be thrown.
|
|
*/
|
|
public $enableIDN = false;
|
|
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function init()
|
|
{
|
|
parent::init();
|
|
if ($this->enableIDN && !function_exists('idn_to_ascii')) {
|
|
throw new InvalidConfigException('In order to use IDN validation intl extension must be installed and enabled.');
|
|
}
|
|
if ($this->message === null) {
|
|
$this->message = Yii::t('yii', '{attribute} is not a valid URL.');
|
|
}
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function validateAttribute($model, $attribute)
|
|
{
|
|
$value = $model->$attribute;
|
|
$result = $this->validateValue($value);
|
|
if (!empty($result)) {
|
|
$this->addError($model, $attribute, $result[0], $result[1]);
|
|
} elseif ($this->defaultScheme !== null && strpos($value, '://') === false) {
|
|
$model->$attribute = $this->defaultScheme . '://' . $value;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
protected function validateValue($value)
|
|
{
|
|
// make sure the length is limited to avoid DOS attacks
|
|
if (is_string($value) && strlen($value) < 2000) {
|
|
if ($this->defaultScheme !== null && strpos($value, '://') === false) {
|
|
$value = $this->defaultScheme . '://' . $value;
|
|
}
|
|
|
|
if (strpos($this->pattern, '{schemes}') !== false) {
|
|
$pattern = str_replace('{schemes}', '(' . implode('|', $this->validSchemes) . ')', $this->pattern);
|
|
} else {
|
|
$pattern = $this->pattern;
|
|
}
|
|
|
|
if ($this->enableIDN) {
|
|
$value = preg_replace_callback('/:\/\/([^\/]+)/', function ($matches) {
|
|
return '://' . $this->idnToAscii($matches[1]);
|
|
}, $value);
|
|
}
|
|
|
|
if (preg_match($pattern, $value)) {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
return [$this->message, []];
|
|
}
|
|
|
|
private function idnToAscii($idn)
|
|
{
|
|
if (PHP_VERSION_ID < 50600) {
|
|
// TODO: drop old PHP versions support
|
|
return idn_to_ascii($idn);
|
|
}
|
|
|
|
return idn_to_ascii($idn, IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46);
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function clientValidateAttribute($model, $attribute, $view)
|
|
{
|
|
ValidationAsset::register($view);
|
|
if ($this->enableIDN) {
|
|
PunycodeAsset::register($view);
|
|
}
|
|
$options = $this->getClientOptions($model, $attribute);
|
|
|
|
return 'yii.validation.url(value, messages, ' . Json::htmlEncode($options) . ');';
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function getClientOptions($model, $attribute)
|
|
{
|
|
if (strpos($this->pattern, '{schemes}') !== false) {
|
|
$pattern = str_replace('{schemes}', '(' . implode('|', $this->validSchemes) . ')', $this->pattern);
|
|
} else {
|
|
$pattern = $this->pattern;
|
|
}
|
|
|
|
$options = [
|
|
'pattern' => new JsExpression($pattern),
|
|
'message' => $this->formatMessage($this->message, [
|
|
'attribute' => $model->getAttributeLabel($attribute),
|
|
]),
|
|
'enableIDN' => (bool) $this->enableIDN,
|
|
];
|
|
if ($this->skipOnEmpty) {
|
|
$options['skipOnEmpty'] = 1;
|
|
}
|
|
if ($this->defaultScheme !== null) {
|
|
$options['defaultScheme'] = $this->defaultScheme;
|
|
}
|
|
|
|
return $options;
|
|
}
|
|
}
|