Make validate_url more intuitive
- Remove the parameter passed by reference - Add modified url in return value
This commit is contained in:
		
					parent
					
						
							
								e16852c2f5
							
						
					
				
			
			
				commit
				
					
						1724dd3841
					
				
			
		
					 5 changed files with 21 additions and 20 deletions
				
			
		|  | @ -932,11 +932,12 @@ function get_my_url() | ||||||
| 
 | 
 | ||||||
| function zrl_init(App $a) | function zrl_init(App $a) | ||||||
| { | { | ||||||
| 	$tmp_str = get_my_url(); | 	$my_url = get_my_url(); | ||||||
| 	if (validate_url($tmp_str)) { | 	$my_url = validate_url($my_url); | ||||||
|  | 	if ($my_url) { | ||||||
| 		// Is it a DDoS attempt?
 | 		// Is it a DDoS attempt?
 | ||||||
| 		// The check fetches the cached value from gprobe to reduce the load for this system
 | 		// The check fetches the cached value from gprobe to reduce the load for this system
 | ||||||
| 		$urlparts = parse_url($tmp_str); | 		$urlparts = parse_url($my_url); | ||||||
| 
 | 
 | ||||||
| 		$result = Cache::get("gprobe:" . $urlparts["host"]); | 		$result = Cache::get("gprobe:" . $urlparts["host"]); | ||||||
| 		if ((!is_null($result)) && (in_array($result["network"], array(NETWORK_FEED, NETWORK_PHANTOM)))) { | 		if ((!is_null($result)) && (in_array($result["network"], array(NETWORK_FEED, NETWORK_PHANTOM)))) { | ||||||
|  | @ -944,8 +945,8 @@ function zrl_init(App $a) | ||||||
| 			return; | 			return; | ||||||
| 		} | 		} | ||||||
| 
 | 
 | ||||||
| 		Worker::add(PRIORITY_LOW, 'GProbe', $tmp_str); | 		Worker::add(PRIORITY_LOW, 'GProbe', $my_url); | ||||||
| 		$arr = array('zrl' => $tmp_str, 'url' => $a->cmd); | 		$arr = array('zrl' => $my_url, 'url' => $a->cmd); | ||||||
| 		call_hooks('zrl_init', $arr); | 		call_hooks('zrl_init', $arr); | ||||||
| 	} | 	} | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -470,26 +470,28 @@ function http_status_exit($val, $description = array()) | ||||||
|  * and check DNS to see if it's real (or check if is a valid IP address) |  * and check DNS to see if it's real (or check if is a valid IP address) | ||||||
|  * |  * | ||||||
|  * @param string $url The URL to be validated |  * @param string $url The URL to be validated | ||||||
|  * @return boolean True if it's a valid URL, fals if something wrong with it |  * @return string|boolean The actual working URL, false else | ||||||
|  */ |  */ | ||||||
| function validate_url(&$url) | function validate_url($url) | ||||||
| { | { | ||||||
| 	if (Config::get('system', 'disable_url_validation')) { | 	if (Config::get('system', 'disable_url_validation')) { | ||||||
| 		return true; | 		return $url; | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	// no naked subdomains (allow localhost for tests)
 | 	// no naked subdomains (allow localhost for tests)
 | ||||||
| 	if (strpos($url, '.') === false && strpos($url, '/localhost/') === false) | 	if (strpos($url, '.') === false && strpos($url, '/localhost/') === false) { | ||||||
| 		return false; | 		return false; | ||||||
|  | 	} | ||||||
| 
 | 
 | ||||||
| 	if (substr($url, 0, 4) != 'http') | 	if (substr($url, 0, 4) != 'http') { | ||||||
| 		$url = 'http://' . $url; | 		$url = 'http://' . $url; | ||||||
|  | 	} | ||||||
| 
 | 
 | ||||||
| 	/// @TODO Really supress function outcomes? Why not find them + debug them?
 | 	/// @TODO Really suppress function outcomes? Why not find them + debug them?
 | ||||||
| 	$h = @parse_url($url); | 	$h = @parse_url($url); | ||||||
| 
 | 
 | ||||||
| 	if ((is_array($h)) && (dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) { | 	if ((is_array($h)) && (dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) { | ||||||
| 		return true; | 		return $url; | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	return false; | 	return false; | ||||||
|  |  | ||||||
|  | @ -377,7 +377,8 @@ function dfrn_request_post(App $a) { | ||||||
| 				); | 				); | ||||||
| 			} | 			} | ||||||
| 			else { | 			else { | ||||||
| 				if (! validate_url($url)) { | 				$url = validate_url($url); | ||||||
|  | 				if (! $url) { | ||||||
| 					notice( t('Invalid profile URL.') . EOL); | 					notice( t('Invalid profile URL.') . EOL); | ||||||
| 					goaway(System::baseUrl() . '/' . $a->cmd); | 					goaway(System::baseUrl() . '/' . $a->cmd); | ||||||
| 					return; // NOTREACHED
 | 					return; // NOTREACHED
 | ||||||
|  |  | ||||||
|  | @ -537,10 +537,9 @@ function settings_post(App $a) { | ||||||
| 	// If openid has changed or if there's an openid but no openidserver, try and discover it.
 | 	// If openid has changed or if there's an openid but no openidserver, try and discover it.
 | ||||||
| 
 | 
 | ||||||
| 	if ($openid != $a->user['openid'] || (strlen($openid) && (!strlen($openidserver)))) { | 	if ($openid != $a->user['openid'] || (strlen($openid) && (!strlen($openidserver)))) { | ||||||
| 		$tmp_str = $openid; | 		if (strlen($tmp_str) && validate_url($openid)) { | ||||||
| 		if (strlen($tmp_str) && validate_url($tmp_str)) { |  | ||||||
| 			logger('updating openidserver'); | 			logger('updating openidserver'); | ||||||
| 			require_once('library/openid.php'); | 			require_once 'library/openid.php'; | ||||||
| 			$open_id_obj = new LightOpenID; | 			$open_id_obj = new LightOpenID; | ||||||
| 			$open_id_obj->identity = $openid; | 			$open_id_obj->identity = $openid; | ||||||
| 			$openidserver = $open_id_obj->discover($open_id_obj->identity); | 			$openidserver = $open_id_obj->discover($open_id_obj->identity); | ||||||
|  |  | ||||||
|  | @ -198,8 +198,6 @@ class User | ||||||
| 			$password = $password1; | 			$password = $password1; | ||||||
| 		} | 		} | ||||||
| 
 | 
 | ||||||
| 		$tmp_str = $openid_url; |  | ||||||
| 
 |  | ||||||
| 		if ($using_invites) { | 		if ($using_invites) { | ||||||
| 			if (!$invite_id) { | 			if (!$invite_id) { | ||||||
| 				throw new Exception(t('An invitation is required.')); | 				throw new Exception(t('An invitation is required.')); | ||||||
|  | @ -212,7 +210,7 @@ class User | ||||||
| 
 | 
 | ||||||
| 		if (!x($username) || !x($email) || !x($nickname)) { | 		if (!x($username) || !x($email) || !x($nickname)) { | ||||||
| 			if ($openid_url) { | 			if ($openid_url) { | ||||||
| 				if (!validate_url($tmp_str)) { | 				if (!validate_url($openid_url)) { | ||||||
| 					throw new Exception(t('Invalid OpenID url')); | 					throw new Exception(t('Invalid OpenID url')); | ||||||
| 				} | 				} | ||||||
| 				$_SESSION['register'] = 1; | 				$_SESSION['register'] = 1; | ||||||
|  | @ -235,7 +233,7 @@ class User | ||||||
| 			throw new Exception(t('Please enter the required information.')); | 			throw new Exception(t('Please enter the required information.')); | ||||||
| 		} | 		} | ||||||
| 
 | 
 | ||||||
| 		if (!validate_url($tmp_str)) { | 		if (!validate_url($openid_url)) { | ||||||
| 			$openid_url = ''; | 			$openid_url = ''; | ||||||
| 		} | 		} | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue