Merge pull request #7207 from nupplaphil/bug/6917-php_warnings
Add hexadecimal check (fix warnings)
This commit is contained in:
commit
ac294be746
4 changed files with 63 additions and 3 deletions
|
@ -9,12 +9,14 @@
|
|||
*
|
||||
* @see ParseUrl::getSiteinfo() for more information about scraping embeddable content
|
||||
*/
|
||||
|
||||
use Friendica\App;
|
||||
use Friendica\Core\Hook;
|
||||
use Friendica\Core\Logger;
|
||||
use Friendica\Core\System;
|
||||
use Friendica\Util\Network;
|
||||
use Friendica\Util\ParseUrl;
|
||||
use Friendica\Util\Strings;
|
||||
|
||||
function parse_url_content(App $a)
|
||||
{
|
||||
|
@ -25,10 +27,14 @@ function parse_url_content(App $a)
|
|||
|
||||
$br = "\n";
|
||||
|
||||
if (!empty($_GET['binurl'])) {
|
||||
if (!empty($_GET['binurl']) && Strings::isHex($_GET['binurl'])) {
|
||||
$url = trim(hex2bin($_GET['binurl']));
|
||||
} else {
|
||||
} elseif (!empty($_GET['url'])) {
|
||||
$url = trim($_GET['url']);
|
||||
// fallback in case no url is valid
|
||||
} else {
|
||||
Logger::info('No url given');
|
||||
exit();
|
||||
}
|
||||
|
||||
if (!empty($_GET['title'])) {
|
||||
|
|
|
@ -188,6 +188,9 @@ function photos_post(App $a)
|
|||
}
|
||||
|
||||
if ($a->argc > 3 && $a->argv[2] === 'album') {
|
||||
if (!Strings::isHex($a->argv[3])) {
|
||||
$a->internalRedirect('photos/' . $a->data['user']['nickname'] . '/album');
|
||||
}
|
||||
$album = hex2bin($a->argv[3]);
|
||||
|
||||
if ($album === L10n::t('Profile Photos') || $album === 'Contact Photos' || $album === L10n::t('Contact Photos')) {
|
||||
|
@ -960,7 +963,7 @@ function photos_content(App $a)
|
|||
return;
|
||||
}
|
||||
|
||||
$selname = $datum ? hex2bin($datum) : '';
|
||||
$selname = Strings::isHex($datum) ? hex2bin($datum) : '';
|
||||
|
||||
$albumselect = '';
|
||||
|
||||
|
@ -1027,6 +1030,10 @@ function photos_content(App $a)
|
|||
|
||||
// Display a single photo album
|
||||
if ($datatype === 'album') {
|
||||
// if $datum is not a valid hex, redirect to the default page
|
||||
if (!Strings::isHex($datum)) {
|
||||
$a->internalRedirect('photos/' . $a->data['user']['nickname']. '/album');
|
||||
}
|
||||
$album = hex2bin($datum);
|
||||
|
||||
$total = 0;
|
||||
|
|
|
@ -31,6 +31,18 @@ class Strings
|
|||
return $return;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks, if the given string is a valid hexadecimal code
|
||||
*
|
||||
* @param string $hexCode
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public static function isHex($hexCode)
|
||||
{
|
||||
return !empty($hexCode) ? @preg_match("/^[a-f0-9]{2,}$/i", $hexCode) && !(strlen($hexCode) & 1) : false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief This is our primary input filter.
|
||||
*
|
||||
|
|
|
@ -82,4 +82,39 @@ class StringsTest extends TestCase
|
|||
$escapedString
|
||||
);
|
||||
}
|
||||
|
||||
public function dataIsHex()
|
||||
{
|
||||
return [
|
||||
'validHex' => [
|
||||
'input' => '90913473615bf00c122ac78338492980',
|
||||
'valid' => true,
|
||||
],
|
||||
'invalidHex' => [
|
||||
'input' => '90913473615bf00c122ac7833849293',
|
||||
'valid' => false,
|
||||
],
|
||||
'emptyHex' => [
|
||||
'input' => '',
|
||||
'valid' => false,
|
||||
],
|
||||
'nullHex' => [
|
||||
'input' => null,
|
||||
'valid' => false,
|
||||
],
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests if the string is a valid hexadecimal value
|
||||
*
|
||||
* @param string $input
|
||||
* @param bool $valid
|
||||
*
|
||||
* @dataProvider dataIsHex
|
||||
*/
|
||||
public function testIsHex($input, $valid)
|
||||
{
|
||||
$this->assertEquals($valid, Strings::isHex($input));
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue