Make validate_url more intuitive
- Remove the parameter passed by reference - Add modified url in return value
This commit is contained in:
parent
e16852c2f5
commit
1724dd3841
5 changed files with 21 additions and 20 deletions
|
@ -932,11 +932,12 @@ function get_my_url()
|
||||||
|
|
||||||
function zrl_init(App $a)
|
function zrl_init(App $a)
|
||||||
{
|
{
|
||||||
$tmp_str = get_my_url();
|
$my_url = get_my_url();
|
||||||
if (validate_url($tmp_str)) {
|
$my_url = validate_url($my_url);
|
||||||
|
if ($my_url) {
|
||||||
// Is it a DDoS attempt?
|
// Is it a DDoS attempt?
|
||||||
// The check fetches the cached value from gprobe to reduce the load for this system
|
// The check fetches the cached value from gprobe to reduce the load for this system
|
||||||
$urlparts = parse_url($tmp_str);
|
$urlparts = parse_url($my_url);
|
||||||
|
|
||||||
$result = Cache::get("gprobe:" . $urlparts["host"]);
|
$result = Cache::get("gprobe:" . $urlparts["host"]);
|
||||||
if ((!is_null($result)) && (in_array($result["network"], array(NETWORK_FEED, NETWORK_PHANTOM)))) {
|
if ((!is_null($result)) && (in_array($result["network"], array(NETWORK_FEED, NETWORK_PHANTOM)))) {
|
||||||
|
@ -944,8 +945,8 @@ function zrl_init(App $a)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
Worker::add(PRIORITY_LOW, 'GProbe', $tmp_str);
|
Worker::add(PRIORITY_LOW, 'GProbe', $my_url);
|
||||||
$arr = array('zrl' => $tmp_str, 'url' => $a->cmd);
|
$arr = array('zrl' => $my_url, 'url' => $a->cmd);
|
||||||
call_hooks('zrl_init', $arr);
|
call_hooks('zrl_init', $arr);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -470,26 +470,28 @@ function http_status_exit($val, $description = array())
|
||||||
* and check DNS to see if it's real (or check if is a valid IP address)
|
* and check DNS to see if it's real (or check if is a valid IP address)
|
||||||
*
|
*
|
||||||
* @param string $url The URL to be validated
|
* @param string $url The URL to be validated
|
||||||
* @return boolean True if it's a valid URL, fals if something wrong with it
|
* @return string|boolean The actual working URL, false else
|
||||||
*/
|
*/
|
||||||
function validate_url(&$url)
|
function validate_url($url)
|
||||||
{
|
{
|
||||||
if (Config::get('system', 'disable_url_validation')) {
|
if (Config::get('system', 'disable_url_validation')) {
|
||||||
return true;
|
return $url;
|
||||||
}
|
}
|
||||||
|
|
||||||
// no naked subdomains (allow localhost for tests)
|
// no naked subdomains (allow localhost for tests)
|
||||||
if (strpos($url, '.') === false && strpos($url, '/localhost/') === false)
|
if (strpos($url, '.') === false && strpos($url, '/localhost/') === false) {
|
||||||
return false;
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
if (substr($url, 0, 4) != 'http')
|
if (substr($url, 0, 4) != 'http') {
|
||||||
$url = 'http://' . $url;
|
$url = 'http://' . $url;
|
||||||
|
}
|
||||||
|
|
||||||
/// @TODO Really supress function outcomes? Why not find them + debug them?
|
/// @TODO Really suppress function outcomes? Why not find them + debug them?
|
||||||
$h = @parse_url($url);
|
$h = @parse_url($url);
|
||||||
|
|
||||||
if ((is_array($h)) && (dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) {
|
if ((is_array($h)) && (dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) {
|
||||||
return true;
|
return $url;
|
||||||
}
|
}
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -377,7 +377,8 @@ function dfrn_request_post(App $a) {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if (! validate_url($url)) {
|
$url = validate_url($url);
|
||||||
|
if (! $url) {
|
||||||
notice( t('Invalid profile URL.') . EOL);
|
notice( t('Invalid profile URL.') . EOL);
|
||||||
goaway(System::baseUrl() . '/' . $a->cmd);
|
goaway(System::baseUrl() . '/' . $a->cmd);
|
||||||
return; // NOTREACHED
|
return; // NOTREACHED
|
||||||
|
|
|
@ -537,10 +537,9 @@ function settings_post(App $a) {
|
||||||
// If openid has changed or if there's an openid but no openidserver, try and discover it.
|
// If openid has changed or if there's an openid but no openidserver, try and discover it.
|
||||||
|
|
||||||
if ($openid != $a->user['openid'] || (strlen($openid) && (!strlen($openidserver)))) {
|
if ($openid != $a->user['openid'] || (strlen($openid) && (!strlen($openidserver)))) {
|
||||||
$tmp_str = $openid;
|
if (strlen($tmp_str) && validate_url($openid)) {
|
||||||
if (strlen($tmp_str) && validate_url($tmp_str)) {
|
|
||||||
logger('updating openidserver');
|
logger('updating openidserver');
|
||||||
require_once('library/openid.php');
|
require_once 'library/openid.php';
|
||||||
$open_id_obj = new LightOpenID;
|
$open_id_obj = new LightOpenID;
|
||||||
$open_id_obj->identity = $openid;
|
$open_id_obj->identity = $openid;
|
||||||
$openidserver = $open_id_obj->discover($open_id_obj->identity);
|
$openidserver = $open_id_obj->discover($open_id_obj->identity);
|
||||||
|
|
|
@ -198,8 +198,6 @@ class User
|
||||||
$password = $password1;
|
$password = $password1;
|
||||||
}
|
}
|
||||||
|
|
||||||
$tmp_str = $openid_url;
|
|
||||||
|
|
||||||
if ($using_invites) {
|
if ($using_invites) {
|
||||||
if (!$invite_id) {
|
if (!$invite_id) {
|
||||||
throw new Exception(t('An invitation is required.'));
|
throw new Exception(t('An invitation is required.'));
|
||||||
|
@ -212,7 +210,7 @@ class User
|
||||||
|
|
||||||
if (!x($username) || !x($email) || !x($nickname)) {
|
if (!x($username) || !x($email) || !x($nickname)) {
|
||||||
if ($openid_url) {
|
if ($openid_url) {
|
||||||
if (!validate_url($tmp_str)) {
|
if (!validate_url($openid_url)) {
|
||||||
throw new Exception(t('Invalid OpenID url'));
|
throw new Exception(t('Invalid OpenID url'));
|
||||||
}
|
}
|
||||||
$_SESSION['register'] = 1;
|
$_SESSION['register'] = 1;
|
||||||
|
@ -235,7 +233,7 @@ class User
|
||||||
throw new Exception(t('Please enter the required information.'));
|
throw new Exception(t('Please enter the required information.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!validate_url($tmp_str)) {
|
if (!validate_url($openid_url)) {
|
||||||
$openid_url = '';
|
$openid_url = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue