From 1724dd3841d61442b065758049e4568598bcd752 Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <mrpetovan@gmail.com>
Date: Sat, 16 Dec 2017 19:23:22 -0500
Subject: [PATCH] Make validate_url more intuitive

- Remove the parameter passed by reference
- Add modified url in return value
---
 include/identity.php | 11 ++++++-----
 include/network.php  | 16 +++++++++-------
 mod/dfrn_request.php |  3 ++-
 mod/settings.php     |  5 ++---
 src/Model/User.php   |  6 ++----
 5 files changed, 21 insertions(+), 20 deletions(-)

diff --git a/include/identity.php b/include/identity.php
index 79bfe3830b..9c315efbde 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -932,11 +932,12 @@ function get_my_url()
 
 function zrl_init(App $a)
 {
-	$tmp_str = get_my_url();
-	if (validate_url($tmp_str)) {
+	$my_url = get_my_url();
+	$my_url = validate_url($my_url);
+	if ($my_url) {
 		// Is it a DDoS attempt?
 		// The check fetches the cached value from gprobe to reduce the load for this system
-		$urlparts = parse_url($tmp_str);
+		$urlparts = parse_url($my_url);
 
 		$result = Cache::get("gprobe:" . $urlparts["host"]);
 		if ((!is_null($result)) && (in_array($result["network"], array(NETWORK_FEED, NETWORK_PHANTOM)))) {
@@ -944,8 +945,8 @@ function zrl_init(App $a)
 			return;
 		}
 
-		Worker::add(PRIORITY_LOW, 'GProbe', $tmp_str);
-		$arr = array('zrl' => $tmp_str, 'url' => $a->cmd);
+		Worker::add(PRIORITY_LOW, 'GProbe', $my_url);
+		$arr = array('zrl' => $my_url, 'url' => $a->cmd);
 		call_hooks('zrl_init', $arr);
 	}
 }
diff --git a/include/network.php b/include/network.php
index 16c8185e1a..be5519d5c6 100644
--- a/include/network.php
+++ b/include/network.php
@@ -470,26 +470,28 @@ function http_status_exit($val, $description = array())
  * and check DNS to see if it's real (or check if is a valid IP address)
  *
  * @param string $url The URL to be validated
- * @return boolean True if it's a valid URL, fals if something wrong with it
+ * @return string|boolean The actual working URL, false else
  */
-function validate_url(&$url)
+function validate_url($url)
 {
 	if (Config::get('system', 'disable_url_validation')) {
-		return true;
+		return $url;
 	}
 
 	// no naked subdomains (allow localhost for tests)
-	if (strpos($url, '.') === false && strpos($url, '/localhost/') === false)
+	if (strpos($url, '.') === false && strpos($url, '/localhost/') === false) {
 		return false;
+	}
 
-	if (substr($url, 0, 4) != 'http')
+	if (substr($url, 0, 4) != 'http') {
 		$url = 'http://' . $url;
+	}
 
-	/// @TODO Really supress function outcomes? Why not find them + debug them?
+	/// @TODO Really suppress function outcomes? Why not find them + debug them?
 	$h = @parse_url($url);
 
 	if ((is_array($h)) && (dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) {
-		return true;
+		return $url;
 	}
 
 	return false;
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index ec67586561..04ed71a6b4 100644
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -377,7 +377,8 @@ function dfrn_request_post(App $a) {
 				);
 			}
 			else {
-				if (! validate_url($url)) {
+				$url = validate_url($url);
+				if (! $url) {
 					notice( t('Invalid profile URL.') . EOL);
 					goaway(System::baseUrl() . '/' . $a->cmd);
 					return; // NOTREACHED
diff --git a/mod/settings.php b/mod/settings.php
index e3d650e089..f9482289d7 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -537,10 +537,9 @@ function settings_post(App $a) {
 	// If openid has changed or if there's an openid but no openidserver, try and discover it.
 
 	if ($openid != $a->user['openid'] || (strlen($openid) && (!strlen($openidserver)))) {
-		$tmp_str = $openid;
-		if (strlen($tmp_str) && validate_url($tmp_str)) {
+		if (strlen($tmp_str) && validate_url($openid)) {
 			logger('updating openidserver');
-			require_once('library/openid.php');
+			require_once 'library/openid.php';
 			$open_id_obj = new LightOpenID;
 			$open_id_obj->identity = $openid;
 			$openidserver = $open_id_obj->discover($open_id_obj->identity);
diff --git a/src/Model/User.php b/src/Model/User.php
index f487de7661..99222f5229 100644
--- a/src/Model/User.php
+++ b/src/Model/User.php
@@ -198,8 +198,6 @@ class User
 			$password = $password1;
 		}
 
-		$tmp_str = $openid_url;
-
 		if ($using_invites) {
 			if (!$invite_id) {
 				throw new Exception(t('An invitation is required.'));
@@ -212,7 +210,7 @@ class User
 
 		if (!x($username) || !x($email) || !x($nickname)) {
 			if ($openid_url) {
-				if (!validate_url($tmp_str)) {
+				if (!validate_url($openid_url)) {
 					throw new Exception(t('Invalid OpenID url'));
 				}
 				$_SESSION['register'] = 1;
@@ -235,7 +233,7 @@ class User
 			throw new Exception(t('Please enter the required information.'));
 		}
 
-		if (!validate_url($tmp_str)) {
+		if (!validate_url($openid_url)) {
 			$openid_url = '';
 		}