|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/* |
|
4
|
|
|
* This file is part of Respect/Validation. |
|
5
|
|
|
* |
|
6
|
|
|
* (c) Alexandre Gomes Gaigalas <[email protected]> |
|
7
|
|
|
* |
|
8
|
|
|
* For the full copyright and license information, please view the "LICENSE.md" |
|
9
|
|
|
* file that was distributed with this source code. |
|
10
|
|
|
*/ |
|
11
|
|
|
|
|
12
|
|
|
declare(strict_types=1); |
|
13
|
|
|
|
|
14
|
|
|
namespace Respect\Validation\Rules; |
|
15
|
|
|
|
|
16
|
|
|
use Respect\Validation\Exceptions\ComponentException; |
|
17
|
|
|
|
|
18
|
|
|
use function bccomp; |
|
19
|
|
|
use function explode; |
|
20
|
|
|
use function filter_var; |
|
21
|
|
|
use function ip2long; |
|
22
|
|
|
use function is_int; |
|
23
|
|
|
use function long2ip; |
|
24
|
|
|
use function mb_strpos; |
|
25
|
|
|
use function mb_substr_count; |
|
26
|
|
|
use function sprintf; |
|
27
|
|
|
use function str_replace; |
|
28
|
|
|
use function strtr; |
|
29
|
|
|
|
|
30
|
|
|
|
|
31
|
|
|
|
|
32
|
|
|
/** |
|
33
|
|
|
* Validates IP Addresses. This validator uses the native filter_var() PHP function. |
|
34
|
|
|
* |
|
35
|
|
|
* @author Alexandre Gomes Gaigalas <[email protected]> |
|
36
|
|
|
* @author Danilo Benevides <[email protected]> |
|
37
|
|
|
* @author Henrique Moody <[email protected]> |
|
38
|
|
|
* @author Luís Otávio Cobucci Oblonczyk <[email protected]> |
|
39
|
|
|
*/ |
|
40
|
|
|
final class Ip extends AbstractRule |
|
41
|
|
|
{ |
|
42
|
|
|
/** |
|
43
|
|
|
* @var int|string |
|
44
|
|
|
*/ |
|
45
|
|
|
private $ipOptions; |
|
46
|
|
|
|
|
47
|
|
|
/** |
|
48
|
|
|
* @var array |
|
49
|
|
|
*/ |
|
50
|
|
|
private $range; |
|
51
|
|
|
|
|
52
|
|
|
/** |
|
53
|
|
|
* @var string |
|
54
|
|
|
*/ |
|
55
|
|
|
private $networkRange; |
|
56
|
|
|
|
|
57
|
|
|
/** |
|
58
|
|
|
* @param int|string $ipOptions |
|
59
|
|
|
*/ |
|
60
|
1 |
|
public function __construct($ipOptions = null) |
|
61
|
|
|
{ |
|
62
|
1 |
|
if (is_int($ipOptions)) { |
|
63
|
|
|
$this->ipOptions = $ipOptions; |
|
64
|
|
|
|
|
65
|
|
|
return; |
|
66
|
|
|
} |
|
67
|
|
|
|
|
68
|
1 |
|
$this->networkRange = $this->parseRange($ipOptions); |
|
69
|
1 |
|
$this->range = $this->createRange(); |
|
|
|
|
|
|
70
|
1 |
|
} |
|
71
|
|
|
|
|
72
|
1 |
|
private function createRange(): ?string |
|
73
|
|
|
{ |
|
74
|
1 |
|
if (!$this->networkRange) { |
|
75
|
|
|
return null; |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
1 |
|
$range = $this->networkRange; |
|
79
|
1 |
|
$message = $range['min']; |
|
80
|
|
|
|
|
81
|
1 |
|
if (isset($range['max'])) { |
|
82
|
1 |
|
$message .= '-'.$range['max']; |
|
83
|
|
|
} else { |
|
84
|
|
|
$message .= '/'.long2ip((int) $range['mask']); |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
1 |
|
return $message; |
|
88
|
|
|
} |
|
89
|
|
|
|
|
90
|
1 |
|
private function parseRange($input) |
|
91
|
|
|
{ |
|
92
|
1 |
|
if (null === $input || '*' == $input || '*.*.*.*' == $input |
|
93
|
1 |
|
|| '0.0.0.0-255.255.255.255' == $input) { |
|
94
|
|
|
return; |
|
95
|
|
|
} |
|
96
|
|
|
|
|
97
|
1 |
|
$range = ['min' => null, 'max' => null, 'mask' => null]; |
|
98
|
|
|
|
|
99
|
1 |
|
if (false !== mb_strpos($input, '-')) { |
|
100
|
|
|
list($range['min'], $range['max']) = explode('-', $input); |
|
101
|
1 |
|
} elseif (false !== mb_strpos($input, '*')) { |
|
102
|
1 |
|
$this->parseRangeUsingWildcards($input, $range); |
|
103
|
1 |
|
} elseif (false !== mb_strpos($input, '/')) { |
|
104
|
1 |
|
$this->parseRangeUsingCidr($input, $range); |
|
105
|
|
|
} else { |
|
106
|
1 |
|
throw new ComponentException('Invalid network range'); |
|
107
|
|
|
} |
|
108
|
|
|
|
|
109
|
1 |
|
if (!$this->verifyAddress($range['min'])) { |
|
110
|
|
|
throw new ComponentException('Invalid network range'); |
|
111
|
|
|
} |
|
112
|
|
|
|
|
113
|
1 |
|
if (isset($range['max']) && !$this->verifyAddress($range['max'])) { |
|
114
|
|
|
throw new ComponentException('Invalid network range'); |
|
115
|
|
|
} |
|
116
|
|
|
|
|
117
|
1 |
|
return $range; |
|
118
|
|
|
} |
|
119
|
|
|
|
|
120
|
1 |
|
private function fillAddress(&$input, $char = '*'): void |
|
121
|
|
|
{ |
|
122
|
1 |
|
while (mb_substr_count($input, '.') < 3) { |
|
123
|
|
|
$input .= '.'.$char; |
|
124
|
|
|
} |
|
125
|
1 |
|
} |
|
126
|
|
|
|
|
127
|
1 |
|
private function parseRangeUsingWildcards($input, &$range): void |
|
128
|
|
|
{ |
|
129
|
1 |
|
$this->fillAddress($input); |
|
130
|
|
|
|
|
131
|
1 |
|
$range['min'] = strtr($input, '*', '0'); |
|
132
|
1 |
|
$range['max'] = str_replace('*', '255', $input); |
|
133
|
1 |
|
} |
|
134
|
|
|
|
|
135
|
1 |
|
private function parseRangeUsingCidr($input, &$range): void |
|
136
|
|
|
{ |
|
137
|
1 |
|
$input = explode('/', $input); |
|
138
|
1 |
|
$this->fillAddress($input[0], '0'); |
|
139
|
|
|
|
|
140
|
1 |
|
$range['min'] = $input[0]; |
|
141
|
1 |
|
$isAddressMask = false !== mb_strpos($input[1], '.'); |
|
142
|
|
|
|
|
143
|
1 |
|
if ($isAddressMask && $this->verifyAddress($input[1])) { |
|
144
|
|
|
$range['mask'] = sprintf('%032b', ip2long($input[1])); |
|
145
|
|
|
|
|
146
|
|
|
return; |
|
147
|
|
|
} |
|
148
|
|
|
|
|
149
|
1 |
|
if ($isAddressMask || $input[1] < 8 || $input[1] > 30) { |
|
150
|
1 |
|
throw new ComponentException('Invalid network mask'); |
|
151
|
|
|
} |
|
152
|
|
|
|
|
153
|
|
|
$range['mask'] = sprintf('%032b', ip2long(long2ip(~(2 ** (32 - $input[1]) - 1)))); |
|
154
|
|
|
} |
|
155
|
|
|
|
|
156
|
|
|
/** |
|
157
|
|
|
* {@inheritdoc} |
|
158
|
|
|
*/ |
|
159
|
34 |
|
public function validate($input): bool |
|
160
|
|
|
{ |
|
161
|
34 |
|
return $this->verifyAddress($input) && $this->verifyNetwork($input); |
|
162
|
|
|
} |
|
163
|
|
|
|
|
164
|
34 |
|
private function verifyAddress($address) |
|
165
|
|
|
{ |
|
166
|
34 |
|
return (bool) filter_var( |
|
167
|
34 |
|
$address, |
|
168
|
34 |
|
FILTER_VALIDATE_IP, |
|
169
|
|
|
[ |
|
170
|
34 |
|
'flags' => $this->ipOptions, |
|
171
|
|
|
] |
|
172
|
|
|
); |
|
173
|
|
|
} |
|
174
|
|
|
|
|
175
|
28 |
|
private function verifyNetwork($input) |
|
176
|
|
|
{ |
|
177
|
28 |
|
if (null === $this->networkRange) { |
|
178
|
3 |
|
return true; |
|
179
|
|
|
} |
|
180
|
|
|
|
|
181
|
25 |
|
if (isset($this->networkRange['mask'])) { |
|
182
|
6 |
|
return $this->belongsToSubnet($input); |
|
183
|
|
|
} |
|
184
|
|
|
|
|
185
|
19 |
|
$input = sprintf('%u', ip2long($input)); |
|
186
|
|
|
|
|
187
|
19 |
|
return bccomp($input, sprintf('%u', ip2long($this->networkRange['min']))) >= 0 |
|
188
|
19 |
|
&& bccomp($input, sprintf('%u', ip2long($this->networkRange['max']))) <= 0; |
|
189
|
|
|
} |
|
190
|
|
|
|
|
191
|
6 |
|
private function belongsToSubnet($input) |
|
192
|
|
|
{ |
|
193
|
6 |
|
$range = $this->networkRange; |
|
194
|
6 |
|
$min = sprintf('%032b', ip2long($range['min'])); |
|
195
|
6 |
|
$input = sprintf('%032b', ip2long($input)); |
|
196
|
|
|
|
|
197
|
6 |
|
return ($input & $range['mask']) === ($min & $range['mask']); |
|
198
|
|
|
} |
|
199
|
|
|
} |
|
200
|
|
|
|
Respect /
Validation
Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly.
For example, imagine you have a variable
$accountIdthat can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to theidproperty of an instance of theAccountclass. This class holds a proper account, so the id value must no longer be false.Either this assignment is in error or a type check should be added for that assignment.